Virtualmin Nginx behind Reverse Proxy - Best Practice?

Dear All,

I am running a virtualmin server using nginx instead of apache behind another server operating as a reverse proxy again using nginx. My aim was to log the correct IP of clients accessing websites hosted on the virtualmin server via https.

This aim can be achieved by applying the usual reverse proxy header options at the reverse proxy server and making the following changes at the virtualmin server running nginx:

  • in /etc/nginx/nginx.conf add:

log_format rproxy '$http_x_real_ip - $remote_user [$time_local] ’
'"$request" $status $body_bytes_sent ’
“$http_referer” “$http_user_agent” ';

  • in /etc/nginx/sites-available in each file corresponding to a site locate access_log /var/log/virtualmin/…_access log; and add “rproxy” without quotes prior to the ;

What I would like to discuss is if there are better methods of doing this. The downside of my approach is that - as far as I know - the default log format is hard coded in nginx and cannot be modified. Therefore, one must define an additional format (here named rproxy) and add that reference manually to each site. Modifying the default format and/or adding the format automatically to each site would make the process more reliable.