1024programmer Nginx Apache server uses mod_rpaf to obtain front-end NginxIP

Apache server uses mod_rpaf to obtain front-end NginxIP

author: admin Post: September 1, 2023 29read 0Comment

Since the emergence of Nginx, we all like to let Nginx run ahead to process static files, and then filter dynamic requests to
apache.

So there is a problem, the IP obtained by the application running on the rear apache is the IP of the server where Nginx is located, or the local machine 127.0.0.1
.
The most obvious is to look at the apache access log. You will see that coming and going are all intranet IPs.

If your application has security rules for IP discrimination such as “single IP cannot log in repeatedly”, “single IP registrations are separated by n minutes”… and so on.
So troublesome…

But fortunately, you can modify the parameters of nginx proxy to make the backend application obtain the request message sent by Nginx to obtain the IP of the external network.

proxy_set_header Host
$host;
proxy_set_header
X-Real-IP $remote_addr;
proxy_set_header
X-Forwarded-For $proxy_add_x_forwarded_for;

But the problem solved by this is only on the application, the ip obtained on the apache log is still local.

In particular, ill-conceived applications such as Tattertools (a blogging program) make mistakes.
The access log in the background shows that the number of visitors is 1, and the ip is from 127.0.0.1

After searching, I found that apache, a third-party mod, is used with Nginx proxy.

Description: http://stderr.net/apache/rpaf/

Download: http://stderr.net/apache/rpaf/download/

The latest version is mod_rpaf-0.6.tar.gz

Installation is also fairly simple.

# tar zxvf mod_rpaf-0.6.tar.gz Unzip after downloading

# cd mod_rpaf-0.6

Modify the Apache directory according to your own environment, and choose the corresponding installation method:

#/usr/local/apache/bin/apxs -i -a -c
mod_rpaf.c How to install Apache 1.3.x
#/usr/local/apache/bin/apxs -i -c -n mod_rpaf-2.0.so
mod_rpaf-2.0.c How to install Apache 2.x

When finished, an extra line will be added for you in the LoadModule section of http.conf.

LoadModule mod_rpaf-2.0.so_module modules/mod_rpaf-2.0.so

Through the experiment of apache 2.2.6, when using this line to start apache, an error will be reported.

So instead:
LoadModule rpaf_module
modules/mod_rpaf-2.0.so
and add below

RPAF Enable On
RPAF set hostname On
RPAFproxy_ips 127.0.0.1 192.168.10.2 #
Fill in the intranet IP where Nginx is located.
RPAF header X-Forwarded-For

Restart apache after saving and exiting

Look at the log content of apache? Oh, it’s no longer those IPs that come and go.

This article is from the internet and does not represent1024programmerPosition, please indicate the source when reprinting:https://www.1024programmer.com/apache-server-uses-mod_rpaf-to-obtain-front-end-nginxip/
Reward
tag:

author: admin

Previous article
Next article

Related recommendations

Leave a Reply

Your email address will not be published. Required fields are marked *

Contact Us

Contact us

181-3619-1160

Online consultation: QQ交谈

E-mail: [email protected]

Working hours: Monday to Friday, 9:00-17:30, holidays off

Follow wechat
Scan wechat and follow us

Scan wechat and follow us

Follow Weibo
Back to top
首页
微信
电话
搜索