How to configure the CloudFlare node ip address in nginx

System: centos 5.x

1. Install ngx_http_realip_module

Just add the -- with-http_realip_module parameter when compiling nginx.

2. Configure the CloudFlare node ip address

The code is as follows:

Copy code

Vi/etc/nginx. conf // write it in the http region Ipv4: Set_real_ip_from 199.27.128.0/21; Set_real_ip_from 173.245.48.0/20; Set_real_ip_from 103.21.244.0/22; Set_real_ip_from 103.22.200.0/22; Set_real_ip_from 103.31.4.0/22; Set_real_ip_from 141.101.64.0/18; Set_real_ip_from 108.162.192.0/18; Set_real_ip_from 190.93.240.0/20; Set_real_ip_from 188.114.96.0/20; Set_real_ip_from 197.234.240.0/22; Set_real_ip_from 198.41.128.0/17; Set_real_ip_from 162.158.0.0/15; Ipv6: Set_real_ip_from 2400: cb00:/32; Set_real_ip_from 2606: 4700:/32; Set_real_ip_from 2803: f800:/32; Set_real_ip_from 2405: b500:/32; Set_real_ip_from 2405: 8100:/32; Real_ip_header CF-Connecting-IP;

Check whether there is any error. If there is no error, restart nginx.

Ps:
If the ip address of the CloudFlare node changes, you can go to the following address to obtain the latest node ip address.

Https://www.cloudflare.com/ips

Now, you are not afraid to use CloudFlare's cdn and cannot obtain the real ip address of the client.

There is another way

1. Add http header when configuring nginx forwarding

2. Retrieve the newly added header from the node.

Nginx configuration

The code is as follows:	Copy code
Location/svc /{ Proxy_pass http: // 192.168.1.111: 8080; Proxy_set_header Host $ host; Proxy_set_header X-Real-IP $ remote_addr; Proxy_set_header X-Forwarded-For $ proxy_add_x_forwarded_for; }

 
The preceding three http headers are added. X-Real-IP represents the Real IP address.

Node code:
 

The code is as follows:	Copy code
Var real_ip = req. get ("X-Real-IP") | req. get ("X-Forwarded-For") | req. ip;