[BlueOnyx:22017] Re: nginx issue (another one)
Michael Stauber
mstauber at blueonyx.it
Sun May 6 16:12:36 -05 2018
Hi Maurice,
> For apache, every incoming traffic now has set as source the own ip of
> the vsite.
I'm not seeing that, as each Vsite config file for Nginx has this in it:
location / {
add_header Strict-Transport-Security "max-age=25;" always;
include /etc/nginx/headers.d/security.conf;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://<VsiteName>:80/;
proxy_read_timeout 90;
}
So in the Apache logfiles we see the IP of the actual visitor.
> So, I have added the file /etc/http/conf.d/nginx-ssl-proxy.conf and
> added the following three lines
> RemoteIPHeader X-Forwarded-For
> RemoteIPInternalProxy 1.2.3.4
> RemoteIPTrustedProxy 1.2.3.4
That should not be neccessary, as it's redundant with what we already have?
--
With best regards
Michael Stauber
More information about the Blueonyx
mailing list