Help

How does reverse proxy work?
Get the real user IP with Lighttpd?
Get the real user IP with Nginx?
Get the real user IP with Apache (httpd)?
How to setup correctly your DNS?

How does reverse proxy work?

When a browser makes a request, it normally sends that request directly to the origin server. When Traffic Server is in reverse proxy mode, it intercepts the request before it reaches the origin server. Typically, this is done by setting up the DNS entry for the origin server (i.e., the origin server’s advertised hostname) so it resolves to the Traffic Server IP address. When Traffic Server is configured as the origin server, the browser connects to Traffic Server rather than the origin server.

Get the real user IP on Apache (HTTPD)

Installation of mod_rpaf on Debian
Install the libapache2-mod-rpaf package using your favorite package manager:

apt-get install libapache2-mod-rpaf
Enable mod_rpaf by executing:

a2enmod rpaf
Restart Apache to activate these changes:

/etc/init.d/apache2 restart
Edit the RPAF configuration file at /etc/apache2/mods-available/rpaf.conf with your favorite text editor.

nano /etc/apache2/mods-available/rpaf.conf
Your configuration should be similar to:

RPAFenable On
RPAFsethostname On
RPAFproxy_ips 127.0.0.1 A.B.C.D
RPAFheader X-Real-IP
Where "A.B.C.D" is, add your proxy server IP address(es), multiple addresses can be space separated. This will tell mod_rpaf which hosts to get X-Real-IP headers from.

Installation of mod_rpaf on CentOS from Source
The below instructions can be used to install mod_rpaf on CentOS 5 and CentOS 6. It can also be used to install mod_rpaf on RHEL and Fedora Core.

Note: You must make sure that the Apache2 Development Package (CentOS httpd-devel) is installed on your server before you start installing mod_rpaf using the below instructions.

Ensure that the package httpd-devel is installed. To install this package run:

yum install httpd-devel
Download and Extract the mod_rpaf package:

cd /usr/local/src
wget http://stderr.net/apache/rpaf/download/mod_rpaf-0.6.tar.gz
tar xzvf mod_rpaf-0.6.tar.gz
cd mod_rpaf-0.6
Build and install mod_rpaf:

apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c
Add mod_rpaf to Apache configuration:

nano /etc/httpd/conf/httpd.conf
Find the 'LoadModule' list (near the top) and add the following lines at the bottom of the 'LoadModule' list:

LoadModule rpaf_module modules/mod_rpaf-2.0.so
RPAFenable On
RPAFsethostname On
RPAFproxy_ips 127.0.0.1 A.B.C.D
RPAFheader X-Real-IP
Important Note: Where "A.B.C.D" is, add your proxy server IP address(es), multiple addresses can be space separated. This will tell mod_rpaf which hosts to get X-Real-IP headers from.

You are now finished. Restart Apache using below commands for the changes to take place:

/etc/init.d/httpd restart

Get the real user IP on Nginx

Installation
There are multiple ways to install a version of nginx compiled with support for ngx_http_realip_module. For many distributions third party or official repositories may include a package with support.

Installation from the Dotdeb repository on Debian and Ubuntu

The easiest way would be to install Nginx with this module is via the Dotdeb repository on Debian. To do this you'll need to add the Dotdeb repository, to your package manager. Instructions for installing the repository can be found on the official Dotdeb website. After installation of the Dotdeb Repository you can begin the installation of their Nginx package.

Steps to perform (as root):

First uninstall any existing nginx package you may have installed.
apt-get remove nginx*
Perform an update on the local cache of packages if you have not already.
apt-get update
Install nginx from the Dotdeb repository
apt-get install nginx -y
Installation from source

The ngx_http_realip_module module is not built by default, it should be enabled with the --with-http_realip_module configuration parameter.

Steps to perform (as root):

Download the latest version of nginx from the Nginx project home page.
wget http://nginx.org/download/nginx-1.7.4.tar.gz
Extract the source files from the compressed archive
tar -zxvf nginx-1.7.4.tar.gz
After extracting the source, run these commands to compile nginx:
./configure --with-http_realip_module
make
sudo make install
Configuration
First verify that Nginx has been installed installed with the ngx_realip module enabled. You can confirm that this module is enabled by checking the output of nginx -V
configure arguments: [...] --with-http_realip_module [...]
In your nginx.conf file (which can usually be found in /etc/nginx/nginx.conf) in the http block, or in the server block for your website add:
set_real_ip_from x.x.x.x; #x.x.x.x is your proxy IP
real_ip_header X-Real-IP;
You can verify the syntax of your configuration at any time by executing nginx -t

Get the real user IP on Lighttpd

Lighttpd supports the X-Real-IP header through the mod_extforward module. This is usually distributed or compiled by default. To enable X-Real-IP IP forwarding for the retrieval of the connecting users IP address.
Open your lighttpd.conf in your favorite text editor:

nano /etc/lighttpd/lighttpd.conf

In the server modules section of this file, insert mod_extforward. This should be inserted before mod_accesslog to ensure the access log shows the correct (real) IP address of visitors.
At the end of the configuration file, add:

extforward.headers = ("X-Real-IP")
extforward.forwarder = ( "PROXY_IP" => "trust")

This configures mod_extforward to look for the X-Real-IP header, and trusts your proxy IP address. Where PROXY_IP is, replace this with the filtered IP address of your proxy.
Restart your webserver to activate the changes. If successful the IP of users connecting through the proxy service should be visible in the access log as well as available to any dynamic language utilized.

How to setup correctly your DNS

You will have to modify the @ of your domain name to pointed to the proxy ip.