I have an AWS TCP load balancer on an autoscaling pool, There are multiple domains behind it so I can't do SSL termination on the load balancer, hence TCP.
I've updating my logging format to log the X-Forwarded-For and this works well for HTTP however not for HTTPS.
Forums don't indicate that this can't be done as it talks about HTTP(S) however I can't get it to work. Can it work?
Here is my logging details:
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog "logs/access_log" combined env=!forwarded
CustomLog "logs/access_log" proxy env=forwarded
Dumping all attributes in PHP I can see the header for HTTP requests but not HTTPS, so I don't think it's a config issue.
Best Answer
ELB has no way of adding that header, as this header is a function of HTTP, and this is a TCP load balancer. All it knows is that it's passing some TCP flow and no more. If you need the ELB to add this header, you'll need to terminate HTTPS at the load balancer. From there it can communicate with your backend instances via HTTP or HTTPS as required.