IP Lookup to respect X-Forwarded-IP from AWS Load Balancer?

Product Support Docker support
1

Trying my best to give all the details for any kind-hearted person to help me here:

I’m using Mautic 6.0.6 with Apache, pulled the docker setup from the official github repo.

My setup is:

  1. Running Mautic docker containers in a VM on AWS
  2. AWS ELB sends the traffic to Mautic
  3. Correctly installed the GeoLite2 database

The problem is:

  1. After a campaign is sent, the World map shows nothing
  2. I further discovered that the tracked IP on the campaign is 127.0.0.1

When I opened an email, I see from the mautic-web container's log:

mautic_web-1     | 172.38.0.28 - - [31/Oct/2025:05:42:28 +0000] "GET /media/images/enable-executive-insights.jpeg HTTP/1.1" 200 127688 "-" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0 (via ggpht.com GoogleImageProxy)"
mautic_web-1     | 172.38.0.28 - - [31/Oct/2025:05:42:28 +0000] "GET /media/images/executive-insights-example.jpeg HTTP/1.1" 200 215023 "-" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0 (via ggpht.com GoogleImageProxy)"
mautic_web-1     | 172.35.0.25 - - [31/Oct/2025:05:42:28 +0000] "GET /email/69044704056ac477007023.gif HTTP/1.1" 200 414 "-" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko Firefox/11.0 (via ggpht.com GoogleImageProxy)"
mautic_web-1     | 127.0.0.1 - - [31/Oct/2025:05:42:35 +0000] "GET / HTTP/1.1" 301 623 "-" "curl/7.88.1"

LLM gave me these analysis:

   1. 172.38.0.28 and 172.35.0.25 are internal Docker network IPs - these are requests coming from your
      ELB/other Docker containers
   2. When the email tracking pixel is loaded (/email/69044704056ac477007023.gif), it's coming from
      172.35.0.25 (another internal Docker network IP)
   3. Most importantly: 127.0.0.1 - this last request shows that Mautic is seeing the tracking pixel
      request as coming from localhost/its own server

I’ve configured the ELB to append the client IP to the X-Forwarded-For header. I have reverse_proxy=true too

In this scenario, can I still get Mautic to recognize the correct client IP and location? Thank you.

2

Hi @xuchen , did you work out a solution for this?

3

Unfortunately I never got to work it out.. I’m not sure whether this topic is too small that most people have not worked on

4

The 127.0.0.1 bit is local. Totally normal and expected. It’s noise in your investigation. Simply ignore it.

Visitor IPs are in the 172.0.0.0/8 cidr

The problem is most likely coming from a missing module on your webserver. On an apache or LSWS server, that would be the mod_remoteip

Further configuration may also be required (i.e. the log format)

With that said, I’m not using the docker version. So I’m unaware what is the web server used in it. Still, the same logic should apply.

5

Are you using Cloudflare in front of your domain? If so, you might need to set the forwarding there, too. Once it comes back online, that is, given the current outage!

6

Not sure about it. We put it behind an AWS ELB, I don’t see anything mentioning Cloudflare.