Php-fpm getting host IP, not requesting source IP

skippy · February 10, 2017, 6:10pm

I’m running Caddy on a Digital Ocean droplet, proxying to php-fpm running inside a Docker container on that droplet. Here’s my Caddyfile:

* {
  root /var/www/html
  gzip
  tls
  rewrite {
    if {path} not_match ^\/wp-admin
    to {path} {path}/ /index.php?_url={uri}
  }
  rewrite {
    r ^([_0-9a-zA-Z-]+/)?(wp-(content|admin|includes).*)
    to ${2}
  }
  rewrite {
    if {path} not_match ^\/wp-admin
    r ^([_0-9a-zA-Z-]+/)?(.*\.php)$
    to ${2}
  }
  fastcgi / 127.0.0.1:9000 php
  log /var/log/caddy/default.log {
    rotate {
      size 100 # Rotate after 100 MB
      age 7 # Keep rotated log files for 7 days
      keep 10 # Keep at most 10 log files
    }
  }
  errors {
    log /var/log/caddy/default-e.log {
      size 50 # Rotate after 50 MB
      age 7 # Keep rotated files for 7 days
      keep 5 # Keep at most 5 log files
    }
  }
}

I have the WordPress source code installed on the droplet at /var/www/html, and I volume mount that into the Docker container at the same location (/var/www/html). This allows Caddy to serve static assets without sending them through PHP, but still allows PHP to work as expected.

However the php-fpm container is logging the IP address of the Docker host, not the source IP of the actual request:

[10-Feb-2017 14:33:42] NOTICE: fpm is running, pid 1
[10-Feb-2017 14:33:42] NOTICE: ready to handle connections
172.18.0.1 -  10/Feb/2017:14:37:04 +0000 "GET /index.php" 200
172.18.0.1 -  10/Feb/2017:15:50:04 +0000 "GET /index.php" 200
172.18.0.1 -  10/Feb/2017:15:50:07 +0000 "GET /wp-admin/my-sites.php" 200
172.18.0.1 -  10/Feb/2017:15:50:13 +0000 "GET /wp-admin/network/sites.php" 200
172.18.0.1 -  10/Feb/2017:15:50:14 +0000 "GET /wp-admin/network/site-new.php" 200
172.18.0.1 -  10/Feb/2017:15:50:24 +0000 "GET /wp-admin/admin-ajax.php" 200
172.18.0.1 -  10/Feb/2017:15:50:25 +0000 "POST /wp-admin/network/site-new.php" 302
172.18.0.1 -  10/Feb/2017:15:50:25 +0000 "GET /wp-admin/network/site-new.php" 200
172.18.0.1 -  10/Feb/2017:15:50:27 +0000 "GET /wp-admin/network/site-info.php" 200
172.18.0.1 -  10/Feb/2017:15:50:39 +0000 "GET /wp-admin/network/site-settings.php" 200
172.18.0.1 -  10/Feb/2017:15:50:41 +0000 "GET /wp-admin/network/site-info.php" 200
172.18.0.1 -  10/Feb/2017:15:50:55 +0000 "GET /index.php" 302
172.18.0.1 -  10/Feb/2017:15:50:55 +0000 "GET /index.php" 302

I would expect the php fastcgi preset to send the IP address of the originating connection to php-fpm. Am I mistaken on this?

Whitestrake · February 10, 2017, 11:33pm

The php preset (from the fastcgi docs) simply specifies default ext, split, and index subdirectives.

You’ll probably have to rely on Caddy’s logging instead, which should be accurate (and should show php requests regardless).

system · May 11, 2017, 11:40pm

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.