It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Web Application Firewall

How can I log the actual client IP address on my apache server when using a Barracuda Web Application Firewall?

  • Type: Knowledgebase
  • Date changed: 2 years ago

Solution #00004488


This solution applies to all Barracuda Web Application Firewalls.


By default, the Barracuda Web Application Firewall forwards it's own IP address in the header. In order for apache to grab these headers and log the actual client IP, you need to make the below changes on the apache server.

Log in to the apache server and modify the httpd.conf file (/etc/httpd/conf or /usr/local/apache2/conf).

Note: Depending on your Web Server deployment, your LogFormat options may be set in a different file. Consult with your system administrator if changing settings in the default file does not have an effect on the Apache access_log.

  1. Open the httpd.conf file and change the following line

    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

    LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

  2. Restart the httpd service. (i.e. service httpd restart, or /etc/init.d/apache2 restart)

Link to this page: