Welcome! Log In Create A New Profile

Advanced

NginX SSL reverse mode, client ip address problem

December 06, 2015 01:14AM
In NginX reverse mode,

There is a problem that can't get real client's Ip address.

If I use Http protocol, I can simply handle this problem with below http configuration.

http {
server {
listen 80;
location / {
proxy_set_header X-forwarded-for;
proxy_pass http://destAddress;
}
}
}

The problem is in SSL.

I don't want to use http ssl listen becase of SSL handshaking burden on NginX.

I decided to use stream codec like below.

stream {
upstream aa34 {
zone first_row 64k;
server google.com fail_timeout=5s;
}
server {
listen 127.0.0.1:8081;
location / {
proxy_pass https://aa34;
}
}
In this case, I think I can't specify any http related parameters like 'X-forwarded-for'.
Is there any way to change source ip address of TCP/IP Protocol header(Ip Header) to client's real Ip ?

Thanks.
Subject Author Posted

NginX SSL reverse mode, client ip address problem

WANJUNE December 06, 2015 01:14AM

Re: NginX SSL reverse mode, client ip address problem

Aleksandar Lazic December 06, 2015 05:20AM

Re: NginX SSL reverse mode, client ip address problem

WANJUNE December 06, 2015 06:04AM



Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 92
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready