apache 2.2.22 centos 5.8 apache server serves several VirtualHosts. traffic arrives to the apache server via a traffic manager, then is passed to a backend servers. some traffic is handled by mod_jk (ajp) and others by proxypass (http), via differing VirtualHosts sections. I need to log the CLIENT ip in my apache log. So I use LogFormat as so: LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i \"" combined LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\"\"%{User-Agent}i\"" proxy SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded and in the virtualhosts sections ErrorLog "logs/errors" CustomLog "logs/access" combined env=!forwarded CustomLog "logs/access" proxy env=forwarded Now - the mod_jk VHs wonderfully get exactly what I want 192.168.52.139 - - [28/May/2012:15:27:30 +0100] "GET /for.. BUT... with the proxypass VHs... 192.168.52.213, 192.168.61.63 - - [28/May/2012:15:38:44 +0100] "GET /ltr/i It appears a feature of ProxyPass is that6 it appends the proy chain to the XFF header so that the bacvkend server can have this information. Unfortunately it seems to have a mind of its own and does the same thing to LOCAL logs as a result. *sigh* I've looked at RequestHeader edit X-Forwarded-For but tests very quickly indicate that6 the proxy chain IPs (192.168.61.63 in the example above) are NOt affected by this -- whuich "proves" these proxy chain Ips are not IN the XFF header at this juncture to be edited - but they still get blinking written. Its doing me blinkin' 'ead in innit? How can I STOP proxypass from doing this? I might be able to edit the logs extrnally to apache but I would rather avoid that - its possible these logs need to be interrogated on the fly by other processes where this will not be realistic. any help muchly apprecited. ian. (who is quietly rocking in the corner now...)