Methods of payment Abuse

What is the real IP address of visitors in OpenLiteSpeed?

03.12.2024, 23:30

OpenLiteSpeed is a high-performance open source web server developed by LiteSpeed Technologies. It is designed to provide fast and efficient web request processing and can be used for hosting dynamic and static web applications. In this article, let's look at why it is important to display the real IP address of visitors in OpenLiteSpeed and how to do it.

Why it's important.

OpenLiteSpeed

Displaying the real IP address of visitors in OpenLiteSpeed is important for several reasons:

  1. Security. By knowing the real IP address, administrators can better track suspicious activity and prevent attacks such as DDoS or hacking attempts.
  2. Analytics. You can more accurately analyze site traffic, determine the geographic location of users, and understand where traffic is coming from.
  3. Logs. Real IP addresses are stored in server logs, making it easier to diagnose problems and analyze performance
  4. Access customization. Administrators can customize access rules to site resources based on IP addresses, blocking or allowing access to specific users.
  5. Caching. Some caching mechanisms can work better if the server knows the client's real IP address, which can improve performance.

It is also important for access control information for specific IP addresses and for analyzing traffic when using a proxy server such as Cloudflare or DDoS-GUARD. To correctly display the real IP address, proxy servers and load balancers, if they are used in the infrastructure, must be properly configured.

Configuration instructions

The web interface of the OpenLiteSpeed web server is not available when using ispmanager 6, you can change the value of the "Use Client IP in Header" option only manually in the configuration file "/usr/local/lsws/conf/httpd-config.conf".The "Use Client IP in Header" option corresponds to the "useIpInProxyHeader" directive and by default it is absent in the standard configuration when working with ispmanager 6.

mime    conf/mime.properties
showVersionNumber    0
useIpInProxyHeader    1
adminEmails    root@localhost

Values of the "useIpInProxyHeader" directive:

  • 0 - do not pass source (real) IP addresses in the header;
  • 1 - pass source IP addresses in the header;
  • 2 - transmit source IP addresses in the header only from trusted IP addresses;
  • 3 - pass the header from trusted IP addresses.

To ensure that the source IP addresses of visitors are correctly displayed in the site logs, it is sufficient to set the value to "1". However, this may not be safe, as it is possible to spoof IP addresses using the "X-Forwarded-For" header that is transmitted through the proxy server. Instead, it is recommended to set the value to "2" and add the trusted IP addresses through which proxying is done to the "allow" rule in the "accessControl" section.

The addresses should be added after the "ALL" value, separated by commas, specifying the subnet mask and adding the suffix "T", for example:

accessControl {
 allow ALL, 125.67.22.0/24T, 19.76.213.2/32T
}

This completes the instructions.