System: centos 5.x
1. Install ngx_http_realip_module
Just add the -- with-http_realip_module parameter when compiling nginx.
2. Configure the CloudFlare node ip address
The code is as follows: |
Copy code |
Vi/etc/nginx. conf // write it in the http region Ipv4: Set_real_ip_from 199.27.128.0/21; Set_real_ip_from 173.245.48.0/20; Set_real_ip_from 103.21.244.0/22; Set_real_ip_from 103.22.200.0/22; Set_real_ip_from 103.31.4.0/22; Set_real_ip_from 141.101.64.0/18; Set_real_ip_from 108.162.192.0/18; Set_real_ip_from 190.93.240.0/20; Set_real_ip_from 188.114.96.0/20; Set_real_ip_from 197.234.240.0/22; Set_real_ip_from 198.41.128.0/17; Set_real_ip_from 162.158.0.0/15; Ipv6: Set_real_ip_from 2400: cb00:/32; Set_real_ip_from 2606: 4700:/32; Set_real_ip_from 2803: f800:/32; Set_real_ip_from 2405: b500:/32; Set_real_ip_from 2405: 8100:/32; Real_ip_header CF-Connecting-IP; |
Check whether there is any error. If there is no error, restart nginx.
Ps:
If the ip address of the CloudFlare node changes, you can go to the following address to obtain the latest node ip address.
Https://www.cloudflare.com/ips
Now, you are not afraid to use CloudFlare's cdn and cannot obtain the real ip address of the client.
There is another way
1. Add http header when configuring nginx forwarding
2. Retrieve the newly added header from the node.
Nginx configuration
The code is as follows: |
Copy code |
Location/svc /{ Proxy_pass http: // 192.168.1.111: 8080; Proxy_set_header Host $ host; Proxy_set_header X-Real-IP $ remote_addr; Proxy_set_header X-Forwarded-For $ proxy_add_x_forwarded_for; }
|
The preceding three http headers are added. X-Real-IP represents the Real IP address.
Node code:
The code is as follows: |
Copy code |
Var real_ip = req. get ("X-Real-IP") | req. get ("X-Forwarded-For") | req. ip; |