Welcome! Log In Create A New Profile

Advanced

Re: Nginx removes X-Client-IP header added by loadbalancer

December 09, 2012 08:30PM
Hello Maxim,

Thanks for the suggestion. I checked my Haproxy config again, and this is what I use for adding the 'X-Client-IP' header:

option forwardfor header X-Client-IP

In addition, if Haproxy is passing header things like 'X-Client_IP', then why is that the requests routed directly to Tornado (not via Nginx) contain the correct header 'X-Client-IP'? It seem like something happens when the requests go through nginx and the header is dropped.

Below is part of my nginx config, and the last location block is the relevant one here.

worker_processes 2;
pid /var/run/nginx.pid;
daemon off;

events {
worker_connections 1024;
}

http {
include /etc/nginx/mime.types;
default_type application/octet-stream;

sendfile on;
tcp_nodelay on;
tcp_nopush on;
client_body_timeout 10;
client_header_timeout 10;
keepalive_timeout 15;
send_timeout 15;
server_tokens off;
gzip on;
gzip_http_version 1.1;
gzip_comp_level 3;
gzip_types text/plain text/css
application/x-javascript
application/xml application/xml+rss
text/javascript;
log_format mylog '$remote_addr - $remote_user [$time_local] "$request" $status $sent_http_content_type $body_bytes_sent "$http_referer" "$http_user_agent"';

server {
listen 8484;
server_name www.mysite.com mysite.com;
access_log /home/www-data/logs/nginx_www_access.log;
error_log /home/www-data/logs/nginx_www_error.log debug;
error_page 404 /404.html;
error_page 502 503 504 /50x.html;
error_page 403 /forbidden.html;

root /home/www-data/tornado/mysite/static;

if ( $http_referer ~* (babes|click|diamond|forsale|girl|jewelry|love|nudit|organic|poker|porn|sex|teen|video|webcam) ) {
return 405;
}

location ~* (\.jpg|\.png|\.css|\.js|\.html)$ {
valid_referers none blocked www.mysite.com static.mysite.com mysite.com;
if ($invalid_referer) { return 405; }
}

location ^~ /doc/read/ {
if ($uri ~* (\.jpg|\.png|\.css|\.js|\.html)$) { return 404; }
if ($uri !~* /doc/read/[a-zA-Z0-9_-]+/[0-9]+$) { return 404; }
#if ($http_cookie !~* "subject=[.]+") { return 404; }
proxy_pass http://127.0.0.1:8080;
proxy_redirect off;
}
}
}
SubjectAuthorPosted

Nginx removes X-Client-IP header added by loadbalancer

mrtnDecember 08, 2012 01:20PM

Re: Nginx removes X-Client-IP header added by loadbalancer

Francis DalyDecember 08, 2012 02:16PM

Re: Nginx removes X-Client-IP header added by loadbalancer

Maxim DouninDecember 09, 2012 07:48PM

Re: Nginx removes X-Client-IP header added by loadbalancer

mrtnDecember 09, 2012 08:30PM

Re: Nginx removes X-Client-IP header added by loadbalancer

Maxim DouninDecember 09, 2012 10:00PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 104
Record Number of Users: 7 on March 06, 2014
Record Number of Guests: 184 on July 08, 2014
Powered by nginx    Powered by FreeBSD    PHP Powered    Powered by Percona     ipv6 ready