nginx and thttpd + cgi, remote_addr = 127.0.0.1

Igor Sysoev igor at sysoev.ru
Wed Oct 26 14:26:53 UTC 2011


On Wed, Oct 26, 2011 at 01:11:40AM +0400, Кирюшкин Владимир wrote:
> Hello,
> 
> i have an issue with getting users' real IP. I am using nginx as frontend with thttpd as backend. I've added such options to my default server in nginx config:
> 
>   location ~ \.cgi|pl$ {                                                           
>     proxy_pass   http://127.0.0.1:8000;                                            
>     include /etc/nginx/proxy.conf;                                                 
>   }   
> 
> /etc/nginx/proxy.conf has such options among others:
> 
> proxy_set_header        X-Real-IP       $remote_addr; 
> proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
> 
> and I have patched latest thttpd (http://www.acme.com/software/thttpd/thttpd-2.25b.tar.gz) with this patch: http://wiki.nginx.org/ThttpdRealIP
> also i had to rename "getline" to "mygetline" in thttpd-2.25b/extras/htpasswd.c because i was getting an error "htpasswd.c:52: error: conflicting types for 'getline'" during compilation.
> 
> the whole thttpd config is:
> 
> host=127.0.0.1                                                                     
> port=8000                                                                          
> dir=/var/www/default  
> user=www-data                                                                      
> cgipat=**.cgi|**.pl                                                                
> vhost                                                                              
> charset=utf-8                                                                      
> logfile=/var/log/thttpd.log                                                        
> pidfile=/var/run/thttpd.pid
> 
> 
> after installing and starting both webservers I saved this script as index.cgi and opened it in browser(i'm using Opera):
> 
> #!/bin/sh
> echo "Content-type: text/html; charset=UTF-8";
> echo;
> echo "i am cgi script<br><br>";
> echo "env: <br><br>";
> env
> 
> when I opened it with Opera Turbo enabled (thus using Opera's proxy server), I see output like this:
> 
>  . .
> GATEWAY_INTERFACE=CGI/1.1 REMOTE_ADDR=127.0.0.1 HTTP_USER_AGENT=Opera/9.80 (X11; Linux i686; U; ru) Presto/2.9.168 Version/11.51 . . .
> 
> and when I open it without Opera Turbo (with my real IP), I'm getting my real IP in the output (a part was hidden):
> 
>  . .
> GATEWAY_INTERFACE=CGI/1.1 REMOTE_ADDR=178.177.***.*** HTTP_USER_AGENT=Opera/9.80 (X11; Linux i686; U; ru) Presto/2.9.168 Version/11.51 . . .
> 
> what could I have done wrong with configuration?
> 
> //Jef, sorry for CC, but I don't know the cause of this issue, and it still could be thttpd. though i hope it's just my hands :)

You may want to use mini_httpd instead of thttpd.
There is patch to support "X-Real-IP" header in mini_httpd:
http://mailman.nginx.org/pipermail/nginx/2010-October/023292.html


-- 
Igor Sysoev



More information about the nginx mailing list