Apache Reverse Proxy to Nginx

phreek nginx-forum at nginx.us
Thu Dec 29 02:16:53 UTC 2011

Hello guys,

I'm having a bit of trouble with getting the proper REMOTE_ADDR client
address on my server.

The current configuration is Apache ReverseProxy (mod_security) --->
Ngninx ---> PHP-FPM.

Apache is listening on a public IP, nginx listens on, so does
PHP-FPM. My PHP app returns for REMOTE_ADDR where it should be
returning the real client's IP address.

Apache VirtualHost config:

<VirtualHost XX.XX.XX.XX:80> #public IP
    ServerAdmin admin at domain.com
    DocumentRoot /home/domain/public_html
    ServerName www.domain.com

    RewriteEngine on

    ProxyPreserveHost On
    ProxyRequests Off
    ProxyPass / # nginx
    ProxyPassReverse / # nginx

    ErrorLog logs/error_log
    CustomLog logs/access_log common


Nginx config:

http {
        include       mime.types;
        default_type  application/octet-stream;
        client_max_body_size 10M;
        log_format  main  '$remote_addr - [$time_local] "$request"'
                      '"$http_user_agent" "$http_x_forwarded_for"';

#       large_client_header_buffers 16k;

        sendfile on;
        keepalive_timeout  0;
        server_tokens off;
        tcp_nopush off;

        ssl_certificate      cert.crt;
        ssl_certificate_key cert.key;
        # compression
        gzip  off;

        open_file_cache max=1000 inactive=20s;
        open_file_cache_valid    30s;
        open_file_cache_min_uses 2;
        open_file_cache_errors   off;

        upstream php_backend {
               server max_fails=3 fail_timeout=40s;
               server XX.XX.XX.XX:9000 max_fails=3 fail_timeout=40s;

        server {
                listen ssl;
                server_name www.domain.com domain.com;

                # Disable access log to save I/O
               access_log off;

                root /home/domain/public_html;
                error_page 403 /404.html;
                error_page 404 /404.html;

                fastcgi_param  SERVER_PORT        $server_port;

                if ($server_port = 443){
                        set $https on;

                if ($server_port = 80){
                        set $https off;

                location / {
                        index index.php;

                location ~*
                        root /home/domain/public_html;
                        expires 30d;

                location ~ \.php$ {
                        fastcgi_pass    php_backend;
                        fastcgi_index  index.php;
                        fastcgi_param  SCRIPT_FILENAME
                        fastcgi_param  SERVER_PORT        $server_port;
                        fastcgi_param HTTPS $https;
                        real_ip_header X-Forwarded-For;
                        include        fastcgi_params;

My question is: How would I make NGINX set REMOTE_ADDR to the IP in
X-Forwarded-For so when the PHP script tries to read
$_SERVER['REMOTE_ADDR'] it will return the IP address in

Right now it returns Am i missing something?

Thanks in advance for any help you can provide.


Posted at Nginx Forum: http://forum.nginx.org/read.php?2,220642,220642#msg-220642

More information about the nginx mailing list