Help with nginx http auth based on forwarded IP.

Alex Flex aflexzor at gmail.com
Tue Mar 17 02:11:03 UTC 2015


> Hello Nginx,
>
> I have these lines:
>
>     location / {
>         proxy_pass   http://172.4.1.2:8080;
>         proxy_set_header Host $host;
>         proxy_set_header X-Real-IP $remote_addr;
>         proxy_set_header X-Forwarded-For $our_x_forwarded_for;
>         satisfy any;
>         allow 116.2.200.1;
>         auth_basic           "protected";
>         auth_basic_user_file /var/www/html/.htpasswd;
>     }
>
> It works fine when the remote user is not going through a proxy
> ($remote_ip is the real ip).
>
> The problem is I need to allow the user based on the x_forwarded_ip (in
> this case 116.2.200.1) .
>
> How can I achieve this?  I know this isnt very secure because anybody
> can emuliate a x_forwarded_ip but this is just an additional layer of
> protection in place.
>
>
> Thanks
>
> Alex.
>
>
>



More information about the nginx mailing list