From 710d8a438a5b16593ce0536f855161f04e61fe32 Mon Sep 17 00:00:00 2001
From: alteredCoder <kevin@crowdsec.net>
Date: Wed, 22 Nov 2023 16:27:22 +0100
Subject: [PATCH] oups

---
 pkg/acquisition/modules/waap/waap.go | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/pkg/acquisition/modules/waap/waap.go b/pkg/acquisition/modules/waap/waap.go
index de9e8f29f..982b54713 100644
--- a/pkg/acquisition/modules/waap/waap.go
+++ b/pkg/acquisition/modules/waap/waap.go
@@ -322,7 +322,10 @@ func (w *WaapSource) IsAuth(apiKey string) bool {
 // should this be in the runner ?
 func (w *WaapSource) waapHandler(rw http.ResponseWriter, r *http.Request) {
 	apiKey := r.Header.Get(waf.APIKeyHeaderName)
+	clientIP := r.Header.Get(waf.IPHeaderName)
+	remoteIP := r.RemoteAddr
 	if apiKey == "" {
+		w.logger.Errorf("Unauthorized request from '%s' (real IP = %s)", remoteIP, clientIP)
 		rw.WriteHeader(http.StatusUnauthorized)
 		return
 	}
@@ -331,8 +334,6 @@ func (w *WaapSource) waapHandler(rw http.ResponseWriter, r *http.Request) {
 	if !exists || time.Now().After(expiration) {
 		if !w.IsAuth(apiKey) {
 			rw.WriteHeader(http.StatusUnauthorized)
-			clientIP := r.Header.Get(waf.IPHeaderName)
-			remoteIP := r.RemoteAddr
 			w.logger.Errorf("Unauthorized request from '%s' (real IP = %s)", remoteIP, clientIP)
 			return
 		}