发表更新Nginx2 分钟读完 (大约241个字)

Nginx获取用户真实IP

首先强调的是,这里需要两层nginx,用户访问nginx1,转发到nginx2(192.168.1.111),nginx2到真实后端。

nginx1 配置

1
2
3
4
5
6
7
8
9
10
server{
    ...
    listen 8888;
    location /test {
        proxy_set_header Host $http_host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forward-For $remote_addr;
        proxy_pass http://nginx2:8888/test2;
    }
}

nginx2 配置

1
2
3
4
5
6
7
8
9
server{
    ...
    listen 8888;
    location /test2 {
        proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header  X-real-ip $remote_addr;
        default_type text/html;
        return 200 'This is text!';
    }

测试

用户访问

1
curl -i -H "X-Forwarded-For: 110.110.110.110" -H "X-real-ip: 110.110.110.110" -s nginx1:8888/test -v

nginx1 日志:

1
192.168.1.110 0.000 - [12/Sep/2018:11:01:51 +0800] "GET /test HTTP/1.1" 200 13 - "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.19.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2" 110.110.110.110 110.110.110.110

nginx2 日志:

1
192.168.1.111 0.000 - [12/Sep/2018:11:01:51 +0800] "GET /test2 HTTP/1.1" 200 13 - "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.19.1 Basic ECC zlib/1.2.3 libidn/1.18 libssh2/1.4.2" 192.168.1.110 110.110.110.110

其中192.168.1.111为nginx1的ip

可以看到,在nginx2中可以拿X-real-ip获取用户的真实ip,在后端中可以拿这个头信息。

注意!必须要规定好nginx是在架构的哪一层级,根据所处的层级配置,否则该方法无效。

关注我

分类

最新文章

广告

归档

标签

9t1
Java4
Python1
Terminating1
Tomcat1
android1
apt1
cas2
coinhive1
crt1
davinci1
debian1
docker6
drbd1
frp2
gitlab1
hadk3
https2
httpservletrequest1
hybris-15.11
hybris-16.01
ios1
ip1
iphone1
irc1
java1
jolla1
js1
json1
k201
k8s3
kubernetes4
lineage-15.11
lineage-16.01
linux1
lua1
migrate1
nginx2
okcaros1
openresty3
opensips1
pastebin1
python3
python21
rdp1
redmi3
redmi5plus2
remix1
rk35882
sailfish3
sailfishos3
signal1
sip1
socks51
subprocess1
tomcat2
trustcacerts1
ubuntu1
unix1
vince2
vmvare1
voip1
windows1
x861
xiaomi1
yavijava1
参数2
改写1
跳过1
迁移1
随笔1

订阅更新

×