Obtaining the connecting clients IP address (Real IP) with Lighttpd

Lighttpd is a light weight, high performance Open Source webserver designed as a replacement for Apache. Lighttpd is described as having a "small memory footprint compared to other web-servers, effective management of the cpu-load, and advanced feature set (FastCGI, SCGI, Auth, Output-Compression, URL-Rewriting and many more) lighttpd is the perfect solution for every server that is suffering load problems".

Lighttpd Method:

Lighttpd supports the X-Real-IP header through the mod_extforward module. This is usually distributed or compiled by default. To enable X-Real-IP IP forwarding for the retrieval of the connecting users IP address.

  1. Open your lighttpd.conf in your favorite text editor:

    nano /etc/lighttpd/lighttpd.conf

    In the server modules section of this file, insert mod_extforward. This should be inserted before mod_accesslog to ensure the access log shows the correct (real) IP address of visitors.

  2. At the end of the configuration file, add:

    extforward.headers = ("X-Real-IP")
    extforward.forwarder = ( "PROXY_IP" => "trust")

    This configures mod_extforward to look for the X-Real-IP header, and trusts your proxy IP address. Where PROXY_IP is, replace this with the filtered IP address of your proxy.

  3. Restart your webserver to activate the changes. If successful the IP of users connecting through the proxy service should be visible in the access log as well as available to any dynamic language utilized.

More Information

More information on the X-Real-IP header can be found here. More information on the Lighttpd web server can be found on the project website and documentation for the mod_extforward module.