An issue that often comes up for users of any full proxy-based product is that the original client IP address is often lost to the application or web server. This is because in a full proxy system there are two connections; one between the client and the proxy, and a second one between the proxy and the web server. Essentially, the web server sees the connection as coming from the proxy (Incapsula), not the client.
Needless to say, this can cause problems if you want to know the IP address of the real client for logging, for troubleshooting, for tracking or performing IP address specific tasks such as geocoding.
Incapsula has developed solutions for common applications and development frameworks that can be used to restore the original client IPs. Visit this section for the list of available extensions.
If you did not find an extension that matches your environment you can easily extract the original client IPs yourself. Incapsula inserts the original client IP address into two HTTP headers so it can be retrieved by the server for processing. The first is the standard HTTP header "X-Forwarded-For" and the second is an Incapsula header "Incap-Client-IP".
For example, configuring Apache to use the X-Forwarded-For instead of (or in conjunction with) the normal HTTP client header is pretty simple. Open your configuration file (usually in /etc/httpd/conf/) and find the section describing the log formats. Then add the following to the log format you want to modify, or create a new one that includes this to extract the X-Forwarded-For value:
That's it. If you don't care about the proxy IP address, you can simply replace the traditional %h in the common log format with the new value, or you can add it as an additional header. Restart or reload Apache, and you're ready to go.