public
/
knowledge
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Partial IP address logging in nginx

master
Chris Smith 4 years ago
parent
8bf17bb9e2
commit
f802dc271f
Signed by: Chris Smith <chris@chameth.com> GPG Key ID: 3A2D4BBDC4A3C9A9
1 changed files with 20 additions and 0 deletions
Split View Show Diff Stats
  1. 20
    0
      content/docs/software/nginx.adoc

+ 20
- 0
content/docs/software/nginx.adoc View File 

@@ -32,3 +32,23 @@ server {
32 32 
     return 301 $scheme://example.com$request_uri;
33 33 
 }
34 34 
 ----
35 
+
36 
+=== Logging only partial IP addresses
37 
+
38 
+This assumes nginx is behind a proxy that sends a trusted `X-Forwarded-For` header, but the
39 
+same can easily be done with the remote IP directly.
40 
+
41 
+[source]
42 
+----
43 
+server {
44 
+    map $http_x_forwarded_for $forwarded_anon {
45 
+        ~(?P<ip>\d+\.\d+\.\d+)\.    $ip.0;
46 
+        ~(?P<ip>[^:]+:[^:]+):       $ip::;
47 
+        default                     0.0.0.0;
48 
+    }
49 
+
50 
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
51 
+                      '$status $body_bytes_sent "$http_referer" '
52 
+                      '"$http_user_agent" "$forwarded_anon"';
53 
+}
54 
+----

Write Preview
Loading…
Cancel
Save