Setting remote addr to contents of header

Paul Dlug paul.dlug at gmail.com
Thu Apr 16 08:52:01 MSD 2009


The realip module only sets the X-Forwarded-For header based on an
upstream header. It doesn't set the value of the client IP in the
nginx request object which is what is needed to get directives like
allow/deny to work.

On 4/15/09, Maxim Dounin <mdounin at mdounin.ru> wrote:
> Hello!
>
> On Wed, Apr 15, 2009 at 06:37:36PM -0400, Paul Dlug wrote:
>
>> I'm running nginx beyind a L7 proxy (haproxy), I have haproxy setting
>> the X-Forwarded-For header and I'm using this to log the real IP of
>> the client and pass it to other processes that I'm proxying with nginx
>> (mongrels, apache, etc.). This works just great but I would like to be
>> able to use nginx directives to control access (allow, deny, etc.).
>> These don't work since nginx itself sees the remote_addr as the IP of
>> the haproxy server.
>>
>> Any suggestions? I would think a solution like mod_rpaf for apache
>> would be ideal.
>
> http://wiki.nginx.org/NginxHttpRealIpModule
>
> Maxim Dounin
>
>

-- 
Sent from my mobile device





More information about the nginx mailing list