search

Home  >  Q&A  >  body text

Reverse proxy - nginx front-end reverse proxy, how does back-end apache obtain the real IP of the visitor?

Nginx anti-generation has been written, and there is no problem checking parameter passing:

server
      {
              listen  80;
              server_name  www.mjj.com;
              location / {
                       proxy_pass  http://www.youjj.com;
                       proxy_redirect off;
                       proxy_set_header   Host             $host;
                       proxy_set_header   X-Real-IP        $remote_addr;
                       proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
              }
              access_log  off;
      }

The problem now is that my back-end php program relies on the variable $_SERVER['REMOTE_ADDR'] to obtain the IP, so it obtains the IP of the reverse generation server.
The backend is apache and it is a virtual host, so it is unlikely to change the backend.
The back-end PHP program is encrypted and cannot be changed.
Now I would like to ask: Is there any way to assign X-REAL-IP or HTTP_X_FORWARDED_FOR to REMOTE_ADDR without changing the program? For example, can this be achieved by changing php.ini?
Thank you, this question was posted on hostloc via: http://www.hostloc.com/thread-138304-...
I encountered the same problem, please give me some advice, thank you

阿神阿神2750 days ago574

reply all(5)I'll reply

  • 给我你的怀抱

    给我你的怀抱2017-05-16 17:06:55

    This article talks about the method of obtaining the visitor’s real IP when building a website with nginx+apache front-end and back-end (this method of obtaining IP is more thoughtful), but it also requires you to modify the PHP program: http://www. ithr.org.cn/blogs/blog1.ph...

    Haha, I found a way, read this article "mod_rpaf, let the Apache on the Nginx backend get the Internet IP": http://www.ithr.org.cn/blogs/blog1.ph...

    reply
    0
  • 淡淡烟草味

    淡淡烟草味2017-05-16 17:06:55

    This requirement is a bit harsh. If the ap can be changed, use mod_rpaf;

    No, just make it simple, just create an index.php and assign the value $_SERVER['REMOTE_ADDR'], and then call the real php code;

    reply
    0
  • 我想大声告诉你

    我想大声告诉你2017-05-16 17:06:55

    Set up rewrite on apache. All php requests are rewritten to a certain php. What this PHP does is

    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
    require(ORIGINAL_REQUESTED_PHP.php);

    Or try HAProxy, a software that forwards at a lower level. It does not involve the HTTP protocol, so there is no need to consider these HEADER issues.

    reply
    0
  • phpcn_u1582

    phpcn_u15822017-05-16 17:06:55

    Set directly proxy_set_header REMOTE_ADDR $remote_addr;Isn’t it possible?

    reply
    0
  • 怪我咯

    怪我咯2017-05-16 17:06:55

    $_SERVER['REMOTE_ADDR'] cannot be changed. Where does the request come from? This is where the address is
    It is a good method to add a shell on top of your encrypted code and assign a value as mentioned by the previous ones

    reply
    0
  • Cancelreply