Reverse proxy - nginx front-end reverse proxy, how does back-end apache obtain the real IP of the visitor?

Question

Nginx anti-generation has been written, and there is no problem checking parameter passing:

server
      {
              listen  80;
              server_name  www.mjj.com;
              location / {
                       proxy_pass  http://www.youjj.com;
                       proxy_redirect off;
                       proxy_set_header   Host             $host;
                       proxy_set_header   X-Real-IP        $remote_addr;
                       proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
              }
              access_log  off;
      }

The problem now is that my back-end php program relies on the variable $_SERVER['REMOTE_ADDR'] to obtain the IP, so it obtains the IP of the reverse generation server.
The backend is apache and it is a virtual host, so it is unlikely to change the backend.
The back-end PHP program is encrypted and cannot be changed.
Now I would like to ask: Is there any way to assign X-REAL-IP or HTTP_X_FORWARDED_FOR to REMOTE_ADDR without changing the program? For example, can this be achieved by changing php.ini?
Thank you, this question was posted on hostloc via: http://www.hostloc.com/thread-138304-...
I encountered the same problem, please give me some advice, thank you

Answer 1

This article talks about the method of obtaining the visitor’s real IP when building a website with nginx+apache front-end and back-end (this method of obtaining IP is more thoughtful), but it also requires you to modify the PHP program: http://www. ithr.org.cn/blogs/blog1.ph...

Haha, I found a way, read this article "mod_rpaf, let the Apache on the Nginx backend get the Internet IP": http://www.ithr.org.cn/blogs/blog1.ph...

Answer 2

This requirement is a bit harsh. If the ap can be changed, use mod_rpaf;

No, just make it simple, just create an index.php and assign the value $_SERVER['REMOTE_ADDR'], and then call the real php code;

Answer 3

Set up rewrite on apache. All php requests are rewritten to a certain php. What this PHP does is

$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
require(ORIGINAL_REQUESTED_PHP.php);

Or try HAProxy, a software that forwards at a lower level. It does not involve the HTTP protocol, so there is no need to consider these HEADER issues.

Answer 4

Set directly proxy_set_header REMOTE_ADDR $remote_addr;Isn’t it possible?

Answer 5

$_SERVER['REMOTE_ADDR'] cannot be changed. Where does the request come from? This is where the address is
It is a good method to add a shell on top of your encrypted code and assign a value as mentioned by the previous ones