nginx directives geo and map behind proxy
gogan
nginx-forum at forum.nginx.org
Fri Mar 15 14:34:40 UTC 2019
Hi,
thanks for the response.
I try it with a short view.
Situation 1)
Proxy (external, myracloud) <--- Connect official way
|
LB/Proxy (internal)
|
w-1 w-2 w-3 .. w10
Situation 2)
LB/Proxy (internal) <--- directly connect
|
w-1 w-2 w-3 .. w10
In both situations I see real client IP addresses in server log on
webservers and proxy/loadbalancer.
In situation 1 traffic is general limited without exceptions.
In situation 2 traffic is limited as expected, all is fine.
====== server.conf=====
limit_req_zone $botlimit zone=req_limit_per_login:10m rate=4r/s;
...
location ~ ^(/userzentrum/login).*$ {
limit_req zone=req_limit_per_login;
proxy_pass xxx_application;
include /etc/nginx/proxy_params;
}
====nginx conf====
geo $limited {
default 0;
x.x.x.x 1;
}
map $limited $botlimit {
1 '';
0 $remote_addr;
}
...
# get x-real-ip from myracloud
set_real_ip_from x.x.x.x;
real_ip_header CF-Connecting-IP;
real_ip_recursive on;
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,283352,283396#msg-283396
More information about the nginx
mailing list