Log the original IP address when Bitbucket Server is behind a load balancer or reverse proxy
If Bitbucket Server is behind a load balancer or the reverse proxy, you may see the load balancer's or reverse proxy's IP address in the
atlassian-bitbucket-access.log instead of the IP address of the client making the request.
In Bitbucket Server 5.0+ if the load balancer is sending over the
x-forwarded-for header, this should be logged correctly in the access logs without any further configuration needed.
Bitbucket Server 5 and newer will do this for you without additional configuration for the "x-forwarded-for" header.
If you need to customize these settings in Bitbucket Server/Data Center 5.x - 7.7, you can apply the following settings in
server.tomcat.remote_ip_header=x-forwarded-for server.tomcat.protocol_header=x-forwarded-proto server.tomcat.internal_proxies=127\\.0\\.0\\.1
If you need to customize these settings in Bitbucket Server/Data Center 7.8 and newer, you can apply the following settings in
server.tomcat.remoteip.remote-ip-header=x-forwarded-for server.tomcat.remoteip.protocol-header=x-forwarded-proto server.tomcat.remoteip.internal-proxies=127\\.0\\.0\\.1
Please note that the values in the examples above are already configured by default. You need to adjust them only if you use different headers.
This guide is only applicable to HTTP(S). For SSH, please check the KB How to enable Client IP Forwarding For SSH Sessions by setting up Proxy protocol for Bitbucket Data Center.
Was this helpful?Yes Provide feedback about this article