Security.LogAuthFailures does not log the enduser's (X-Forwarded-For, reverse proxy) IP address

  • 69 Views
  • Last Post 26 August 2020
  • Topic Is Solved
AbhorrentJoel posted this 25 August 2020

OS Name/Version: Ubuntu 20.04.1 LTS

Product Name/Version: AMP v2.0.6

Problem Description: When enabling Security.LogAuthFailures on the ADS, it does not log the enduser's IP address to file. Rather, in my case, it logs 127.0.0.1 (which is where the Nginx proxy is).

Since AMP v2.0.5, the Audit Log for the ADS has been showing the correct forwarded address to my knowledge, so I do not believe it to be a configuration issue. Just to be explicit, the two key webserver options relating to reverse proxy are set as follows:

Webserver.UsingReverseProxy=True
Webserver.ReverseProxyHost=127.0.0.1

Steps to reproduce:

  • Stop the ADS instance
  • Set Security.LogAuthFailures to True in the AMPConfig.conf
  • Start the ADS instance
  • Attempt to login with the incorrect credentials

In my case, it will log something like "2020-08-25T17:44:46 127.0.0.1" in AuthFailures.log.

Actions taken to resolve so far:

None. Suggestions?

Mike posted this 26 August 2020

Fixed in next update.

Close