Categories
Linux NAS Networking Synology Webserver

How to log a WebDAV clients real ip when using a Synology DiskStation behind a reverse proxy

I am using a Synology DiskStation NAS behind a reverse proxy. One of the services I use is WebDAV. Connecting, transferring files etc. was and is working fine . The logs, however, always showed the ip address of my reverse proxy — even though my reverse proxy passes the real ip. After digging through the internet and then digging through many, many folders on the DS (DiskStation), I finally found the config file I needed to change.

The WebDAV config is located at:

/volume1/@appstore/WebDAVServer/etc/httpd/conf/httpd.conf-webdav

It actually needs only a very minor change. Towards the bottom of the file is a IfModule-statement for the “rpaf_module”.

I simply changed “RPAF_ProxyIPs” from “127.0.0.1” to the internal ip of my reverse proxy (you could also add it, seperated by a whitespace). After saving the edited config, restarting the WebDAV Server via DSM the WebDAV logs finally showed the clients real ip!


Update Jan. 2019

I recently noticed that you can (now) add a trusted proxy via DSM. Simply “go to Control Panel > Security, and click the Trusted Proxies button to add the trusted proxy server to the list”.

Source: https://www.synology.com/en-us/releaseNote/DS218j