Varnish IP forwarding to apache and nginx

When you install varnish-cache on your server, you will notice that the IP your backend receives is always your localhost (IPv4, IPv6 ::1).

That’s a problem for different cases:

  1. The log doesn’t contain IP information (e.g. if you use an analytic tool like webalizer that scans the log for unique users)
  2. Local statistic tools (like piwik) gets confused
  3. You can’t use the PHP variable $_SERVER[‚REMOTE_ADDR‘] because it always returns

To fix this here’s the solution for apache and nginx webservers:


There is a mod for Apache that rewrites the header information: mod_rpaf
If you use Debian you can install it via

apt-get install libapache2-mod-rpaf

There is no more work, just active mod and reload apache (if it isn’t done by your packetmanager)


To get the right IP in nginx add the following lines to the config (e.g. Debian default installation)

http {
  #varnish ip passthrough;
  real_ip_header X-Forwarded-For;

reload nginx, and you should have the right user ip in nginx.