Install rpaf module on centos or debian
Install rpaf module on centos or debian
What exactly is rpaf? This is acronym for “reverse proxy add forward”, meaning it is used together with a reverse proxy server so that the origin server can see correctly the visitors IP address. Now this is not limited to only reverse proxy, I’ve been using this with popular CDN’s like Cloudflare and Incapsula where they are kind enough to send the http header for the real IP address of the visitor. In this article I’m going to show you how you can install the rpaf module on centos or debian operating system and also how you can use it with CDN network.
First and foremost, we need to install the rpaf module, unfortunately there is no repo I know of that we can use for this, but its not that hard to manually compile the module either. In fact is really easy.
Install dependencies for compiling the apache module
You do need to know that for you to be able to compile apache modules, you are require to have installed httpd-devel for CentOS or apache2-dev for debian.
1 |
yum install httpd-devel |
1 |
apt-get install apache2-dev |
We need these so that we can use apxs to compile the code.
Downloading and compiling the rpaf module
Next we run the following commands to download the module from the original website and extract the tar.gz archive:
1 2 3 4 |
cd /usr/local/src/ wget http://www.stderr.net/apache/rpaf/download/mod_rpaf-0.6.tar.gz tar -xvf mod_rpaf-0.6.tar.gz cd mod_rpaf-0.6 |
And lastly we only need to compile it:
1 |
apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c |
Configuring the rpaf module
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
RPAFenable On # Enable reverse proxy add forward RPAFproxy_ips 127.0.0.1 10.0.0.1 # which ips are forwarding requests to us RPAFsethostname On # let rpaf update vhost settings # allows to have the same hostnames as in the "real" # configuration for the forwarding Apache RPAFheader X-Forwarded-For # Allows you to change which header mod_rpaf looks # for when trying to find the ip the that is forwarding # our requests RPAFheader Incap-Client-IP # Add other http headers to read the correct IP address, # eg. Incapsula CDN http header |
A bit of explanation, although I left comments, the RPAFproxy_ips directive will collect the RPAFheader specified later on from those IP addresses and use that information from the RPAFheader value as the original IP address of the visitor. In this case, the reverse proxy IP addresses are 127.0.0.1 10.0.0.1, normally you replace these with your reverse proxy IP address.
That’s it for now, if you have questions or something I forgot, please comment below.