id summary reporter owner description type status priority milestone component version resolution keywords cc uname nginx_version 1978 Logging real client IP on invalid request miika.kankare.ocllo.fi@… "We run nginx behind a proxy, which sets the X-Forwarded-For header containing the client's address. The real IP module in nginx then logs the client address correctly. This works well for any well formed request. We also have a tester that sends all manner of broken things at the service, which leads to some errors. In the case of invalid requests, the headers don't seem to be parsed so the real IP is missing from the log. Sending something like this: {{{ $ curl https://server.example.com/broken/%00 }}} Leads to a log message: {{{ - - [16/May/2020:09:43:51 +0300] ""GET /broken/%00 HTTP/1.1"" 400 166 ""-"" ""-"" }}} I'd like to see the real IP address in the logs for these invalid requests as well. " enhancement closed minor nginx-core 1.14.x wontfix Linux server 4.15.0-70-generic #79-Ubuntu SMP Tue Nov 12 10:36:11 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux "nginx version: nginx/1.14.0 (Ubuntu) built with OpenSSL 1.1.1 11 Sep 2018 TLS SNI support enabled configure arguments: --with-cc-opt='-g -O2 -fdebug-prefix-map=/build/nginx-GkiujU/nginx-1.14.0=. -fstack-protector-strong -Wformat -Werror=format-security -fPIC -Wdate-time -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-Bsymbolic-functions -Wl,-z,relro -Wl,-z,now -fPIC' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock-path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --modules-path=/usr/lib/nginx/modules --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-debug --with-pcre-jit --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module --with-http_v2_module --with-http_dav_module --with-http_slice_module --with-threads --with-http_addition_module --with-http_geoip_module=dynamic --with-http_gunzip_module --with-http_gzip_static_module --with-http_image_filter_module=dynamic --with-http_sub_module --with-http_xslt_module=dynamic --with-stream=dynamic --with-stream_ssl_module --with-mail=dynamic --with-mail_ssl_module"