Why is nginx not passing real ip?

A

Alexey Tutubalin2015-01-04 10:56:32

linux

Alexey Tutubalin, 2015-01-04 10:56:32

There is a server and 2 proxies for it, all sites are proxied through nginx

server {
    server_name site.ru www.site.ru;
    listen 111.111.111.111;		
    location / {
      proxy_pass http://222.222.222.222:81;
      proxy_redirect http://222.222.222.222:81/ /;
      proxy_set_header Host $host;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header X-Real-IP $remote_addr;
    }
    include /usr/local/ispmgr/etc/nginx.inc;
  }

111.111.111.111 - ip proxy №1
222.222.222.222 - ip of the main server

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

O

OnYourLips, 2015-01-04
@Kennius

Are you checking exactly $_SERVER['X_REAL_IP']? And then suddenly you are trying to take REMOTE_ADDR.

A

alexander sm1ly, 2015-01-08
@sm1ly

try to move from location to server
server {
listen 5280 ssl;
server_name example.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
location /http-bind/ {
proxy_pass 10.10.10.10:5280/http-bind/;
proxy_buffering off;
tcp_nodelay on;
}
ssl on;
ssl_certificate example.com.crt
ssl_certificate_key example.com.key;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
ssl_prefer_server_ciphers on;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES256 -SHA:DHE-RSA-AES256-SHA:RC4-SHA;
}