Replace log ip with CF-Connecting-IP or X-Forwarded-For

1. Caddy version:

v2.6.3 h1:QRVBNIqfpqZ1eJacY44I6eUC1OcxQ8D04EKImzpj7S8=

2. How I installed, and run Caddy:

Docker compose using a Dockerfile using xcaddy

a. System environment:

Ubuntu 22.04
Docker with the Compose plugin

b. Command:

docker compose up -d

d. My complete Caddy config:

(default) {
  log {
    format filter {
      wrap json
      fields {
        request>remote_ip replace `{{.Req.Header.Get "CF-Connecting-IP"}}`
      }
    }
    output file /srv/log/access.log
  }
}

ip.example.com {
  import default
  respond "ok"
}

3. The problem I’m having:

I’m trying to set the remote_ip in the log file to the forwarded IP from cloudflare, so goaccess and crowdsec can show the proper IPs.

4. Error messages and/or full log output:

{
  "level": "info",
  "ts": 1676381547.249779,
  "logger": "http.log.access.log30",
  "msg": "handled request",
  "request": {
    "remote_ip": "{{.Req.Header.Get \"CF-Connecting-IP\"}}",
    "host": "ip.example.com",
    "headers": {
      "X-Forwarded-For": [
        "123.456.789.10"
      ],
      "Cf-Connecting-Ip": [
        "123.456.789.10"
      ]
    }
  }
}

5. What I already tried:

Replacing `{{.Req.Header.Get “CF-Connecting-IP”}}` with request>headers>X-Forwarded-For

6. Links to relevant resources:

log (Caddyfile directive) — Caddy Documentation Shows a similar usage but for IP masking

That’s not possible, currently. Log writers can’t use placeholders or Go templates.

In a future version (probably v2.7.0) we’ll have first-class support for logging the real client IP:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.