Welcome! Log In Create A New Profile

Advanced

Apache Reverse Proxy to Nginx

Previous Message Next Message
Forum List Message List New Topic Print View
phreek
December 28, 2011 09:16PM
Hello guys,

I'm having a bit of trouble with getting the proper REMOTE_ADDR client address on my server.

The current configuration is Apache ReverseProxy (mod_security) ---> Ngninx ---> PHP-FPM.

Apache is listening on a public IP, nginx listens on 127.0.0.1, so does PHP-FPM. My PHP app returns 127.0.0.1 for REMOTE_ADDR where it should be returning the real client's IP address.

Apache VirtualHost config:


<VirtualHost XX.XX.XX.XX:80> #public IP
ServerAdmin admin@domain.com
DocumentRoot /home/domain/public_html
ServerName www.domain.com

RewriteEngine on

ProxyPreserveHost On
ProxyRequests Off
ProxyPass / http://127.0.0.1:8080/ # nginx
ProxyPassReverse / http://127.0.0.1:8080/ # nginx

ErrorLog logs/error_log
CustomLog logs/access_log common
</VirtualHost>

-------------

Nginx config:

http {
include mime.types;
default_type application/octet-stream;
client_max_body_size 10M;
log_format main '$remote_addr - [$time_local] "$request"'
'"$http_user_agent" "$http_x_forwarded_for"';

# large_client_header_buffers 16k;

sendfile on;
keepalive_timeout 0;
server_tokens off;
tcp_nopush off;

ssl_certificate cert.crt;
ssl_certificate_key cert.key;
ssl_ciphers ECDHE-RSA-AES256-SHA:AES256-SHA:CAMELLIA256-SHA:DES-CBC3-SHA;
# compression
gzip off;

open_file_cache max=1000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors off;

upstream php_backend {
ip_hash;
server 127.0.0.1:9000 max_fails=3 fail_timeout=40s;
server XX.XX.XX.XX:9000 max_fails=3 fail_timeout=40s;
}

server {
listen 127.0.0.1:8080;
listen 127.0.0.1:8443 ssl;
server_name www.domain.com domain.com;

# Disable access log to save I/O
access_log off;

root /home/domain/public_html;
error_page 403 /404.html;
error_page 404 /404.html;

fastcgi_param SERVER_PORT $server_port;

if ($server_port = 443){
set $https on;
}

if ($server_port = 80){
set $https off;
}

location / {
index index.php;
}

location ~* \.(jpg|png|gif|jpeg|css|js|mp3|wav|swf|mov|doc|pdf|xls|ppt|docx|pptx|xlsx)$ {
root /home/domain/public_html;
expires 30d;
}

location ~ \.php$ {
fastcgi_pass php_backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param HTTPS $https;
set_real_ip_from 127.0.0.1;
real_ip_header X-Forwarded-For;
include fastcgi_params;
}
}

My question is: How would I make NGINX set REMOTE_ADDR to the IP in X-Forwarded-For so when the PHP script tries to read $_SERVER['REMOTE_ADDR'] it will return the IP address in X-Forwarded-For

Right now it returns 127.0.0.1. Am i missing something?

Thanks in advance for any help you can provide.

-J
Reply Quote
RSS
Subject Author Posted

Apache Reverse Proxy to Nginx

phreek December 28, 2011 09:16PM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 300
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready