API tools faq
paste
Advertisement
black_eagle

set_real_ip_from.conf

black_eagle
Feb 27th, 2023 (edited)
2,088
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Nginx 2.40 KB | None | 0 0
raw download clone embed print report
  1. server {
  2.         listen 443 ssl;
  3.         listen [::]:443 ssl;
  4.  
  5.         server_name server-name.ru;
  6.  
  7.         include /etc/nginx/snippets/ssl.conf;
  8.  
  9.         location /test {
  10.             set_real_ip_from  uplink_ip;
  11.             real_ip_header    X-Forwarded-For;
  12.  
  13.             allow uplink_ip;
  14.             deny all;
  15.  
  16.             proxy_pass http://192.168.1.1;
  17.             include /etc/nginx/proxy_params;
  18.             include /etc/nginx/cors;
  19.             proxy_read_timeout 600;
  20.  
  21.      }
  22. }
  23. --- proxy_params
  24. proxy_set_header Host $http_host;
  25. proxy_set_header X-Real-IP $remote_addr;
  26. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  27. proxy_set_header X-Forwarded-Proto $scheme;
  28. --- cors
  29.      if ($request_method = 'OPTIONS') {
  30.         add_header 'Access-Control-Allow-Origin' '*';
  31.         add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
  32.         #
  33.         # Custom headers and headers various browsers *should* be OK with but aren't
  34.         #
  35.         add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-redmine-api-key';
  36.         #
  37.         # Tell client that this pre-flight info is valid for 20 days
  38.         #
  39.         add_header 'Access-Control-Max-Age' 1728000;
  40.         add_header 'Content-Type' 'text/plain; charset=utf-8';
  41.         add_header 'Content-Length' 0;
  42.         return 204;
  43.      }
  44.      if ($request_method = 'POST') {
  45.         add_header 'Access-Control-Allow-Origin' '*';
  46.         add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
  47.         add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-redmine-api-key';
  48.         add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
  49.      }
  50.      if ($request_method = 'GET') {
  51.         add_header 'Access-Control-Allow-Origin' '*';
  52.         add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
  53.         add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-redmine-api-key';
  54.         add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
  55.      }
  56. --- access.log
  57. client_ip - - [27/Feb/2023:11:47:56 +0300] "GET /test HTTP/1.1" 403 180 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36"
  58.  
Tags: nginx set_real_ip_from
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!