In order to receive the real visitor IPs in your backend's access logs when using our remote DDoS protection for websites,  your web server must be able to parse X-Forwarded-For headers. Some web  servers, such as LiteSpeed, NGINX and IIS support this by default.

With Apache, the most popular web server however, you need to use a  module, such as mod_rpaf or mod_remoteip in order to get the real  visitor IPs. The first part of this tutorial will show you how to  install and configure Apache with mod_remoteip. We're not going to use mod_rpaf in this example, because it's outdated, doesn't support CIDRs and only works with Apache 2.2.

We will use 1.2.3.4 as a fictional IP address in this tutorial. When  applying the configuration on your backend server, you need to replace  1.2.3.4 with your actual remote DDoS protection IP that you received via email and that you can view in GuardPanel and point your domain to.

CentOS/RHEL & Apache

1.) Install required packages

# yum install gcc wget httpd-devel

2.) Download and compile sources (ONLY if you run Apache 2.2! If you run Apache 2.4 just skip this step)

# wget -O /usr/local/src/mod_remoteip.c https://raw.githubusercontent.com/infinitnet/mod_remoteip-httpd22/master/mod_remoteip.c
# cd /usr/local/src/
# apxs -i -c -n mod_remoteip.so mod_remoteip.c

3.) Configure mod_remote IP for your JavaPipe reverse proxy

Create the file /etc/httpd/conf.d/mod_remoteip.conf and paste the following:

LoadModule remoteip_module modules/mod_remoteip.so
RemoteIPHeader X-Forwarded-For
RemoteIPTrustedProxy 1.2.3.4

4.) Save it and restart httpd.

If the real IP is not seen in the apache logs, then you will need to add a custom log format:

LogFormat "%a %l %u %t \"%r\" %>s %b" foo

%a - is the client IP of the request.

cPanel/WHM Servers

On WHM/cPanel servers the process is different, because it doesn't  use CentOS repositories for Apache, but instead a tool called EasyApache  to compile a custom Apache version from source.

If you use EasyApache 3, do

# cd /var/cpanel/easy/apache/custom_opt_mods # wget https://documentation.cpanel.net/download/attachments/1775755/custom_opt_mod-remoteip.tgz # tar xf custom_opt_mod-remoteip.tgz # rm -f custom_opt_mod-remoteip.tgz

Now recompile Apache from WHM using EasyApache 3 and make sure to enable mod_remoteip in the Exhaustive Options List! Proceed with pasting the config that's mentioned below the instructions for EasyApache 4.

If you use EasyApache 4, do

# yum -y install ea-apache24-mod_remoteip

Now paste below config to /usr/local/apache/conf/mod_remoteip.conf

LoadModule remoteip_module modules/mod_remoteip.so
RemoteIPHeader X-Forwarded-For
RemoteIPTrustedProxy 1.2.3.4

Save it and restart httpd.

Ubuntu/Debian & Apache

1.) Install required packages with

# apt-get install gcc wget apache2-prefork-dev

2.) Download and compile sources (ONLY if you run Apache 2.2! If you run Apache 2.4 just skip step 2 and 3 and proceed to step 4)

# wget -O /usr/local/src/mod_remoteip.c https://raw.githubusercontent.com/infinitnet/mod_remoteip-httpd22/master/mod_remoteip.c
# cd /usr/local/src/
# apxs2 -i -c -n mod_remoteip.so mod_remoteip.c

Note: If apxs2 doesn't work, try apxs

3.) Copy the compiled module to the correct location

# mkdir -p /etc/apache2/modules
# cp /usr/lib/apache2/modules/mod_remoteip.so /etc/apache2/modules/

4.) Configure mod_remote IP for your JavaPipe reverse proxy

Create the file /etc/apache2/conf.d/mod_remoteip.conf and paste

LoadModule remoteip_module modules/mod_remoteip.so
RemoteIPHeader X-Forwarded-For
RemoteIPTrustedProxy 1.2.3.4

Save it and restart apache2.