Nginx anti-generation has been written, and there is no problem checking parameter passing:
server { listen 80; server_name www.mjj.com; location / { proxy_pass http://www.youjj.com; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } access_log off; }
The problem now is that my back-end php program relies on the variable $_SERVER['REMOTE_ADDR'] to obtain the IP, so it obtains the IP of the reverse generation server.
The backend is apache and it is a virtual host, so it is unlikely to change the backend.
The back-end PHP program is encrypted and cannot be changed.
Now I would like to ask: Is there any way to assign X-REAL-IP or HTTP_X_FORWARDED_FOR to REMOTE_ADDR without changing the program? For example, can this be achieved by changing php.ini?
Thank you, this question was posted on hostloc via: http://www.hostloc.com/thread-138304-...
I encountered the same problem, please give me some advice, thank you
This article talks about the method of obtaining the visitor’s real IP when building a website with nginx+apache front-end and back-end (this method of obtaining IP is more thoughtful), but it also requires you to modify the PHP program: http://www. ithr.org.cn/blogs/blog1.ph...
Haha, I found a way, read this article "mod_rpaf, let the Apache on the Nginx backend get the Internet IP": http://www.ithr.org.cn/blogs/blog1.ph...
This requirement is a bit harsh. If the ap can be changed, use mod_rpaf;
No, just make it simple, just create an index.php and assign the value $_SERVER['REMOTE_ADDR'], and then call the real php code;
Set up rewrite on apache. All php requests are rewritten to a certain php. What this PHP does is
Or try HAProxy, a software that forwards at a lower level. It does not involve the HTTP protocol, so there is no need to consider these HEADER issues.
Set directly
proxy_set_header REMOTE_ADDR $remote_addr;
Isn’t it possible?$_SERVER['REMOTE_ADDR'] cannot be changed. Where does the request come from? This is where the address is
It is a good method to add a shell on top of your encrypted code and assign a value as mentioned by the previous ones