Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
V
V
Vitali2012-06-26 12:31:17
Nginx
Vitali, 2012-06-26 12:31:17

Nginx incorrectly proxying x-real-ip?

There is an nginx config that looks something like this.

The problem is that for some reason nginx does not proxy real-ip to the backend. Or rather, it proxies, but instead of real ip - ip of the server.

server {<br>
<br>
  listen       80;<br>
<br>
  proxy_set_header X-Real-IP $remote_addr;<br>
  proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;<br>
  proxy_set_header X-NginX-Proxy true;<br>
  proxy_redirect off;<br>
<br>
  location / {<br>
<br>
    if ($request_uri ~* "/([a-zA-Z0-9]+)/([a-zA-Z0-9]+)" ) {<br>
      set  $shard  $1;<br>
      set  $hash   $2;<br>
    }<br>
<br>
    if ($shard = '5a5dc35b') {<br>
      proxy_pass        http://176.9.22.27/code/$2;<br>
    }<br>
  }<br>
}<br>


Here is what eventually comes to the backend (Node.JS)

{ 'x-real-ip': '188.40.116.158',<br>
  'x-forwarded-for': '80.235.55.211, 188.40.116.158',<br>
  host: '176.9.22.27',<br>
  'x-nginx-proxy': 'true',<br>
  connection: 'close',<br>
  'cache-control': 'max-age=0',<br>
  'user-agent': 'Mozilla/5.0 (X11; Linux i686) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.79 Safari/535.11',<br>
  accept: '*/*',<br>
  'accept-encoding': 'gzip,deflate,sdch',<br>
  'accept-language': 'en-US,en;q=0.8',<br>
  'accept-charset': 'ISO-8859-1,utf-8;q=0.7,*;q=0.3' }<br>


So, let me explain a little.
80.235.55.211 is my real ip, it is what needs to be proxyed to the backend
188.40.116.158 is the server ip, this is the ip that is substituted for the ip above.
176.9.22.27 - ip where the request is proxied.

Please tell me what I'm doing wrong and where should I dig?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

5 answer(s)
Report
S
Sergey Venediktov, 2012-06-26
@Screatch

Variable description:
$proxy_add_x_forwarded_for
client request header field “X-Forwarded-For” and $remote_addr variable added to it separated by commas. If there is no “X-Forwarded-For” field in the client request header, then the $proxy_add_x_forwarded_for variable is equal to the $remote_addr variable.
There is a double proxy here. Show the full nginx config.

Report
Z
zubovd, 2017-12-07
@zubovd

nginx.org/ru/docs/http/ngx_http_realip_module.html
I added to help on the backend:
set_real_ip_from 10.0.3.1; // address of the proxying host
real_ip_header X-Real-IP;
real_ip_recursive on;

Report
C
charliez, 2012-06-26
@charliez

and try to write the proxy_set_header directives directly next to the proxy_pass

Report
S
script88, 2012-06-26
@script88

Did you accidentally miss mod_rpaf on the backend?!

Report
A
Alexey Kalinin, 2012-09-02
@Kaliha

Please help (not enough karma for a new question).
There is nginx + apache + rpaf. When accessing nginx, it writes ip local. When accessing apache directly on port 8080, the user's ip is written. Typical config.

Similar questions
B
bituke2021-05-26 10:08:52
How to quickly deploy someone else's django project? 4Reply
M
mr_drinkens892014-10-09 12:04:27
How to properly redirect nginx? 2Reply
L
letchikdima2016-10-12 21:58:25
What user and group to set for Wordpress? 1Reply
V
ViieeS2014-10-15 01:17:06
How to organize access from the site to the home server? 2Reply
A
Aklaim2014-10-15 17:29:03
How to add authorized user data to cached page? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question