To extract and log the actual client IP address from the X-Forwarded-For header of a request using an Apache server, make the following changes to the server:

  1. Log into the Apache server.
  2. Go to /etc/httpd/conf or /usr/local/apache2/conf path and open the file httpd.conf.
  3. Search for the string: “LogFormat “%h %l %u %t “%r” %>s %b “%{Referer}i” “%{User-Agent}i”” combined
  4. Change the %h to %{X-Forwarded-For}i. The string now appears as “LogFormat “%{X-Forwarded-For}i %l %u %t “%r” %>s %b “%{Referer}i” “%{User-Agent}i”” combined
  5. Save the file and restart apache or httpd.