How to write real client IP address in error Log with Varnish 4 and Apache 2.4 in Ubuntu 16.04


In order to have Varnish 4 pass on the real client IP to your Apache 2.4 error log in Ubuntu 16.04 , you'll need to edit your Varnish configuration (/etc/varnish/default.vcl on Ubuntu) to add an X-Forwarded-For header. Find the vcl_recv section and added the following:

sub vcl_recv {
  unset req.http.X-Forwarded-For;
  set req.http.X-Forwarded-For = client.ip;

(Note: If you are using Varnish < 4.0 change unset to remove as the syntax is different.)

Then, open your Apache Virtual Host,

sudo nano /etc/apache2/apache2.conf

and set a CustomLog format:

ErrorLogFormat "[%{u}t] [%-m:%l] [pid %P] %7F: %E: [client\ %{X-Forwarded-For}i %a] %M% ,\ referer\ %{Referer}i"

Finally, restart both Apache and Varnish for the changes to take effect:

systemctl restart varnish.service
systemctl restart apache2.service

tags: varnish apache ubuntu log

We use our own cookies and third-party cookies to improve our services, show products based on your preferences, analyse the browsing habits of our users, and enable interaction with social networks. Continuing to browse our sites implies full acceptance of their use. You can change your cookie setting or get more information here: Cookies policy .