-
Notifications
You must be signed in to change notification settings - Fork 780
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Logging original client behind reverse proxy #334
Comments
How does Apache log such things? The log format is based on Apache's format, so it would be best if we continue to follow that. |
As far as I'm aware, there's no standard way of doing this on Apache. Since this is a special case consisting in running Apache behind a reverse proxy, it has been probably left to users to configure the log as they see fit by using the log formatting capability. I think it would be nice get this info in the logs in websockify, but only in a way that doesn't add code for this special case where it doesn't belong (which is why I don't really like my change to get the info in I found a few suggestions on how to configure the log format to get this info in, but as I said, none of them is in the Apache official docs. For example, here's what's suggested on the AWS support site. Basically, they just added the whole Here instead, the host field is replaced with Note that the Also, this header is not standard, although it is widely used (by the mod_proxy Apache module, too). A standard header was proposed in RFC 7239 but it doesn't seem to be very widespread yet (for example, it hasn't been implemented in the Apache proxy module yet). |
We don't have the flexibility of Apache, so I'm a bit cautious about changing the log output. Maybe as a startup argument that replaces the host with the forwarded information. |
Sorry for the late reply. I followed your suggestion and added a startup option to enable this extra logging. I opened this pull request to discuss further. |
Hi,
I'm running websockify behind Apache configured as reverse proxy. websockify listens on the loopback interface and connects to the VNC servers using a custom token plugin.
Everything works nicely but I'd like to get info regarding the original client in the logs of websockify for each relevant entry.
I made some changes to the request handler and to
WebSockifyServer
to accomodate this. I'm sharing them in case anybody is interested (using websockify behind a reverse proxy seems to be quite common), and I would greatly appreciate some feedback.The change to the request handler is quite straightforward (just get the info from the
X-Forwarded-For
header, if present).I also wanted to show this in the logs produced by
WebSockifyServer
, for example when no token is found. When this happens an exception gets raised from the request handler, so I added the information to the exception forWebSockifyServer
to read. It works but I don't particularly like it, can anybody think of a better way to do it?Thanks!
The log messages are like the following, when communication is proxied:
And here's the diff:
The text was updated successfully, but these errors were encountered: