Custom log formats for X-Forwarded-For source IPs

by Dave Blakey on Tips and Tricks • September 30, 2018

Snapt Balancer (and other ADC solutions) is able to add an X-Forwarded-For header to requests that flow through it - this contains the clients original IP address for use on your server.

It's common for load balancers, ADCs, proxies, etc to add this header for your backends to be able to see the source IP.

However, by default your web server logs will display the Snapt IP address instead of that passed IP. You need to alter the log format of your webservers to allow for this.


LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog "logs/access_log" combined env=!forwarded
CustomLog "logs/access_log" proxy env=forwarded


log_format main '$http_x_forwarded_for - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent "$http_referer" '
'"$http_user_agent"' ;

access_log /var/log/nginx/access.log main;


There is a great post on this available here.

Snapt tip: Make sure that you have enabled X-Forwarded-For in the HTTP Options for your group as well.