305d977713d66eb9edb587c95212ba4550788351
wiki/creating-ec2-image-from-scratch.md
| ... | ... | @@ -84,7 +84,17 @@ Added the following two lines to `/etc/security/limits.conf`: |
| 84 | 84 | |
| 85 | 85 | This increases the maximum number of open files allowed from the default 1024 to a more appropriate 65k. |
| 86 | 86 | |
| 87 | -Copied the httpd configuration files `/etc/httpd/conf/httpd.conf`, `/etc/httpd/conf.d/000-macros.conf` and the skeletal `/etc/httpd/conf.d/001-events.conf` from an existing server. |
|
| 87 | +Copied the httpd configuration files `/etc/httpd/conf/httpd.conf`, `/etc/httpd/conf.d/000-macros.conf` and the skeletal `/etc/httpd/conf.d/001-events.conf` from an existing server. Make sure the following lines are in httpd.conf: |
|
| 88 | + |
|
| 89 | +<pre> |
|
| 90 | + SetEnvIf X-Forwarded-For "^([0-9]*\.[0-9]*\.[0-9]*\.[0-9]*).*$" original_client_ip=$1 |
|
| 91 | + LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined |
|
| 92 | + LogFormat "%v %{original_client_ip}e %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" first_forwarded_for_ip |
|
| 93 | + CustomLog logs/access_log combined env=!original_client_ip |
|
| 94 | + CustomLog logs/access_log first_forwarded_for_ip env=original_client_ip |
|
| 95 | +</pre> |
|
| 96 | + |
|
| 97 | +They ensure that the original client IPs are logged also if the Apache server runs behind a reverse proxy or an ELB. See also [the section on log file analysis](/wiki/log-file-analysis#log-file-analysis_log-file-types_apache-log-files). |
|
| 88 | 98 | |
| 89 | 99 | Copied /etc/logrotate.conf from an existing SL instance so that `/var/log/logrotate-target` is used to rotate logs to. |
| 90 | 100 |