Problem with VPN IP address and Nginx

wolfy nginx-forum at
Wed Jul 10 07:16:07 UTC 2013

Hi all !

When i use OpenVPN, my remote ip address detected by Nginx (not used on
reverse proxy) is different than Apache (standalone, just for test), or, the ip detected by Nginx is my real ip
address, not the IP address of my VPN, so i cannot use allow/deny function

Could you please help me ? 

My nginx.conf :

user  www-data www-data;
worker_processes 2;
events {
    worker_connections  1000;
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    gzip  on;
    gzip_http_version 1.0;
    gzip_comp_level 2;
    gzip_proxied any;
    gzip_min_length  1100;
    gzip_buffers 16 8k;
    gzip_types text/plain text/css application/x-javascript text/xml
application/xml application/xml+rss text/javascript image/gif image/jpeg
    gzip_disable "MSIE [1-6].(?!.*SV1)";
    gzip_vary on;
server_tokens off;
        include /etc/nginx/conf.d/*.conf;
        include /etc/nginx/sites-enabled/*;

My vhost's :

server {
        server_name XXX.tld;
        root /var/www/selfoss;
 listen 443;
        ssl on;
        ssl_certificate     /etc/nginx/mycert.crt;
        ssl_certificate_key /etc/nginx/mykey.key;
        index index.php;
        access_log /var/log/nginx/selfoss-access.log;
        error_log /var/log/nginx/selfoss-error.log;

location / {
allow XX.XX.XX.XX;
deny all;
try_files $uri /public/$uri /index.php$is_args$args;
    location ~* \ (gif|jpg|png) {
        expires 30d;

    location ~ ^/favicons/.*$ {
        try_files $uri /data/$uri;

    location ~* ^/(data\/logs|data\/sqlite|config\.ini|\.ht) {
        deny all;

    location ~ \.php$ {
        client_body_timeout 360;
        send_timeout 360;
        include /etc/nginx/fastcgi_params;
        fastcgi_intercept_errors on;


Posted at Nginx Forum:,240709,240709#msg-240709

More information about the nginx mailing list