Nginx Reverse Proxy Backend Web server records client IP address

Nginx in the reverse proxy, the back end of the Nginx Web server log in the address is the address of the reverse proxy server, unable to view the real IP access of the client.

Configured in the nginx.conf configuration file of the reverse proxy server.

Location/BBS {            proxy_pass http://192.168.214.131/bbs;             proxy_set_header Host $host;            Proxy_set_header x-real-ip $remote _addr;            Proxy_set_header x-forwarded-for$proxy _add_x_forwarded_for;}

On the back end of the Nginx Web server, to confirm that Nginx has not compiled the installation--with-http_realip_module module.

The function of the Realip module is to obtain the real User IP when the nginx of the machine is in the back end of a reverse proxy.

If there is no Realip module, the IP recorded in the Nginx Access_log will be the ip,php of the reverse proxy server and the value of $_server[' REMOTE_ADDR ' is also the IP of the reverse proxy.

The Realip module is installed, and the configuration is correct, so that the Nginx log and PHP remote_addr can become the real User IP.

If the back-end Nginx does not have the Realip module installed, the new module can be smoothly added online

Nginx Add Realip module, (here is the back-end Web server) to see the compiled modules first/usr/local/webserver/nginx/sbin/nginx-v

1. CD nginx-1.8.0
2,/configure--prefix=/usr/local/nginx--user=nginx--group=nginx--with-http_ssl_module--with-http_stub_status_ Module--with-pcre=/mnt/lnmp/pcre-8.31--with-http_realip_module 3, 3, make-do not install or overwrite the previous configuration file

4, Cp/usr/local/nginx/sbin/nginx/usr/local/nginx/sbin/nginx.bak

5, CP objs/nginx/usr/local/nginx/sbin/#如果出现 "Nginx is busy tips" first stop Nginx Run
6,/usr/local/nginx/sbin/nginx-v
7,/usr/local/nginx/sbin/nginx

　　

It is then modified in the nginx.conf configuration file of the back-end Nginx Web server.

          proxy_set_header Host $host;          Proxy_set_header X-real-IP $remote _addr;           192.168. 214.132 ;          #set_real_ip_from指令是告诉nginx, 10.10.10.10 is our anti-generational server, not the real User IP          real_ip_header X-real-IP;                  #Real_ip_header is to tell Nginx that the real User IP is present in the X-forwarded-for request header

          Proxy_set_header x-forwarded-for $proxy _add_x_forwarded_for;

Enable logging for the Web server at the same time, using the default.

HTTP {    include       mime.types;    Default_type  Application/octet-stream;    Log_format  main  ' $remote _addr-$remote _user [$time _local] "$request" "$status                      $body _bytes_sent" $http _referer "                      " "$http _user_agent" "$http _x_forwarded_for";    Access_log  logs/access.log  main;

　　

Ngx_http_realip_module use of the detailed

https://leo108.com/pid-2132/

Nginx Reverse Proxy Backend Web server records client IP address