CGI.remote_addr issue in Lucee on Apache

When running Lucee on Apache, the user request is processed first by Apache and proxied to Tomcat which is handling the Lucee code execution. Rather a long and complicated path. In a default installation, the value of the CGI.remote_addr variable defaults to 127.0.0.1 because Tomcat is called by Apache locally.

Fortunately, there is a way to change this. In order to adjust this value, we need to change the configuration of the Tomcat server. Typically it is located here:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
/opt/lucee/tomcat/conf/server.xml
/opt/lucee/tomcat/conf/server.xml
/opt/lucee/tomcat/conf/server.xml

Using your favorite editor, find such a line:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
<Engine name="Catalina" defaultHost="127.0.0.1">
<Engine name="Catalina" defaultHost="127.0.0.1">
<Engine name="Catalina" defaultHost="127.0.0.1">

And just after this line add:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
<Valve className="org.apache.catalina.valves.RemoteIpValve" />
<Valve className="org.apache.catalina.valves.RemoteIpValve" />
<Valve className="org.apache.catalina.valves.RemoteIpValve" />

Once the adjustment is made, the Lucee service should be restarted:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
sudo service lucee_ctl restart
sudo service lucee_ctl restart
sudo service lucee_ctl restart

Or, if you are using Linux with systemd:

Plain text
Copy to clipboard
Open code in new window
EnlighterJS 3 Syntax Highlighter
sudo systemctl restart lucee_ctl
sudo systemctl restart lucee_ctl
sudo systemctl restart lucee_ctl

In most cases, the server should start and provide proper values in the CGI.remote_addr variable. Sometimes it requires also the Java engine to be restarted. One out of several Lucee restarts ends up with hanged up Java which requires a restart.

Thinking of IIS with Lucee? In such a configuration, the above issue is not present. The client IP address is passed to Lucee properly out of the box.