====== Apache - Get the originating host ip ======

By default logs contain the IP of the proxy if the client use a proxy.  This is a problem:

For instance, with statistics (like with awstats) some proxy use multiple IPs (For example AOL) in the same visit.  Multiples visits could be seen as a unique one.

**WARNING**:  There is a solution which replaces the client IP used everywhere in Apache with the **X-Forwarded-For** value if it exists.  But this solution is to use just with trusted proxy, else it would be a security hole.  **X-Forwarded-For** is a header field and then can be forged, don't use it for legal or security reason.

Define two logformat, one with the host IP (%h), one with the value of X-Forwarded-For:

<file>
LogFormat "%h %l %u %t \"%r\" %s %b \"%{Referer}i\" \"%{User-agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %s %b \"%{Referer}i\" \"%{User-agent}i\"" combined_forwarded
</file>

Define an environment variable if a proxy is used:

<file>
# Log the originating ip if use a proxy
SetEnvIfNoCase X-Forwarded-For "." from_proxy=1
</file>

Use different log depending on "from_proxy"

<file>
CustomLog /var/log/apache2/somesite.org-access.log combined env=!from_proxy
CustomLog /var/log/apache2/somesite.org-access.log combined_forwarded env=from_proxy
</file>

Reload Apache.