Hi Marcus,
I was following your howto step by step and wanted to thank you already to provide that much details.
I was trying to simplify it further to not reach out to extra files, adding the apt install steps and everything else.
It doesn't seem to matter if I do the curl from localhost, or the same curl from another system onto this `curl 10.253.194.202/foo -H "X-Forwarded-For: 1.1.1.1"`. In my cases I never got the original client IP, nor the Faked IP - I always got the one of the nginx server.
Do you spot a difference between my approach above and your setup that would explain?
Hi Marcus,
I was following your howto step by step and wanted to thank you already to provide that much details.
I was trying to simplify it further to not reach out to extra files, adding the apt install steps and everything else.
$ apt install apache2 libapache2-mod-php
define /etc/apache2/ sites-enabled/ 000-default. conf as:
DocumentRoot /var/www/html
<VirtualHost *:8080>
<IfModule mod_remoteip.c>
RemoteIPInter nalProxy 127.0.0.1
RemoteIPHeade r X-Forwarded-For
</IfModule>
<Directory /var/www/html>
RewriteEngine On
RewriteRule .* index.php [L,QSA]
</Directory>
</VirtualHost>
In File /etc/apache2/ ports.conf change
Listen 80
to
Listen 8080
$ sudo a2enmod rewrite
$ a2enmod php7.0
$ systemctl restart apache2
$ apt install nginx
define file /etc/nginx/ sites-enabled/ default as:
server {
listen 80 default_server;
root /var/www/html;
server_name _;
location / {
proxy_ pass http:// 127.0.0. 1:8080;
proxy_ set_header Host $host;
proxy_ set_header X-Forwarded-For $proxy_ add_x_forwarded _for;
}
}
$ systemctl restart nginx
define file /var/www/ html/index. php as: 'REMOTE_ ADDR'] . "\n";
<?php
echo $_SERVER[
?>
$ curl http:// localhost/ index.php localhost/ seo-friendly- url localhost/ seo-friendly- url -H "X-Forwarded-For: 1.1.1.1"
127.0.0.1
$ curl http://
127.0.0.1
$ curl http://
127.0.0.1
It doesn't seem to matter if I do the curl from localhost, or the same curl from another system onto this `curl 10.253.194.202/foo -H "X-Forwarded-For: 1.1.1.1"`. In my cases I never got the original client IP, nor the Faked IP - I always got the one of the nginx server.
Do you spot a difference between my approach above and your setup that would explain?