Can real_ip_header's behavior be altered slightly?

Michael Shadle mike503 at
Wed Dec 30 00:32:48 MSK 2009

Currently there's a slight annoyance (not sure I'd call it a bug) -
we're behind a CDN and the wrong IP is being assigned from
real_ip_header, because we're getting multiple IP addresses. Can the
behavior be altered for this kind of case?

in PHP, when dumping $_SERVER:

string(127) "1.1, 1.1 (EdgePrism/, 1.1 (EdgePrism/"

string(31) ","

string(15) ""

It shows the right address first in the X-Forwarded-For, but the other
addresses second, but nginx is grabbing the LAST ip in the list.

Can we make the real_ip_header trust the FIRST ip only? something like
if the header supplied in "real_ip_header" includes "," to take only
the string up to the ","?

In PHP (pseudocode) it'd be something like:

if(strstr($_SERVER['HTTP_X_FORWARDED_FOR'], ',')) {
 $ip = substr($_SERVER['HTTP_X_FORWARDED_FOR'], 0,
strpos($_SERVER['HTTP_X_FORWARDED_FOR'], ','));

I think it can be almost mapped directly to C, since some of those
functions are in directly C, I think :)

More information about the nginx mailing list