Advertisement
black_eagle

set_real_ip_from.conf

Feb 27th, 2023 (edited)
2,220
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Nginx 2.40 KB | None | 0 0
  1. server {
  2.         listen 443 ssl;
  3.         listen [::]:443 ssl;
  4.  
  5.         server_name server-name.ru;
  6.  
  7.         include /etc/nginx/snippets/ssl.conf;
  8.  
  9.         location /test {
  10.             set_real_ip_from  uplink_ip;
  11.             real_ip_header    X-Forwarded-For;
  12.  
  13.             allow uplink_ip;
  14.             deny all;
  15.  
  16.             proxy_pass http://192.168.1.1;
  17.             include /etc/nginx/proxy_params;
  18.             include /etc/nginx/cors;
  19.             proxy_read_timeout 600;
  20.  
  21.      }
  22. }
  23. --- proxy_params
  24. proxy_set_header Host $http_host;
  25. proxy_set_header X-Real-IP $remote_addr;
  26. proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  27. proxy_set_header X-Forwarded-Proto $scheme;
  28. --- cors
  29.      if ($request_method = 'OPTIONS') {
  30.         add_header 'Access-Control-Allow-Origin' '*';
  31.         add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
  32.         #
  33.         # Custom headers and headers various browsers *should* be OK with but aren't
  34.         #
  35.         add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-redmine-api-key';
  36.         #
  37.         # Tell client that this pre-flight info is valid for 20 days
  38.         #
  39.         add_header 'Access-Control-Max-Age' 1728000;
  40.         add_header 'Content-Type' 'text/plain; charset=utf-8';
  41.         add_header 'Content-Length' 0;
  42.         return 204;
  43.      }
  44.      if ($request_method = 'POST') {
  45.         add_header 'Access-Control-Allow-Origin' '*';
  46.         add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
  47.         add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-redmine-api-key';
  48.         add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
  49.      }
  50.      if ($request_method = 'GET') {
  51.         add_header 'Access-Control-Allow-Origin' '*';
  52.         add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
  53.         add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,x-redmine-api-key';
  54.         add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
  55.      }
  56. --- access.log
  57. client_ip - - [27/Feb/2023:11:47:56 +0300] "GET /test HTTP/1.1" 403 180 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36"
  58.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement