REMOTE_ADDR IP from user instead of Nginx reverse proxy server

Question

I already read a lot of posts about this topic and tried several solutions but did not find a working slotion.

I have setup an Nginx reverse proxy in front of my Apache server. When my php application uses the REMOTE_ADDR function it gets the IP of the Nginx server instead off the user.

I'm using Apache 2.4.10, so module_remoteip.c should be installed. But it is not loaded.

Therefore I installed rpaf_module. It looks like this module is installed correctly, with phpinfo() mod_rpaf-2 is shown with the loaded modules. The I modified the /etc/apache2/mods-available/rpaf.conf file with the following content:

<IfModule rpaf_module>
    RPAFenable On
    RPAFsethostname On
    RPAFproxy_ips 172.19.0.5 # ip of Nginx server
    RPAFheader X-Forwarded-For
</IfModule>

My Nginx configuration look like this:

location / {
    proxy_set_header X-Real-Ip $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $host;
    proxy_pass 172.19.0.4;
}

Help is appreciated?

Pieter De Clercq · Answer 1 · 2017-05-23T22:02:29.417

12

The IP address of your visitor should be accessible using

$_SERVER['HTTP_X_REAL_IP'];

instead of

$_SERVER['REMOTE_ADDR'];

If you want to replace the REMOTE_ADDR header, try this in your NGINX configuration: (And don't forget to reload/restart your NGINX-server)

location / {
    proxy_set_header X-Real-Ip $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $host;
    proxy_set_header REMOTE_ADDR $remote_addr;
    proxy_pass 172.19.0.4;
}

edited May 23 '17 at 22:02

answered May 23 '17 at 21:57

Pieter De Clercq

1,951
1
17
29

That is correct, only I don't want modify my Symfony2 source code and keep that code standard. – Tom May 23 '17 at 21:59
After changing to your example and reseting Nginx & Apache, I still getting the Nginx IP address. – Tom May 23 '17 at 22:07
Try following the steps described at: https://stackoverflow.com/a/8201447/3499277 – Pieter De Clercq May 23 '17 at 22:09
proxy_set_header Host $http_host; get origin port – Chandler's Sexyface Oct 15 '20 at 08:14

score 1 · Answer 2 · answered Apr 11 '21 at 09:40

1

Add http config set_real_ip_from

http {
...
set_real_ip_from 172.19.0.5/16 # ip of Nginx server;

answered Apr 11 '21 at 09:40

Ervin Juhász

21
3

Alexey Kolesaev · Answer 3 · 2023-04-19T13:10:34.450

0

To be able to get real-ip into the $remote_addr variable you need something like:

http {
...
  real_ip_header      proxy_protocol;
  real_ip_recursive   on;
  set_real_ip_from    0.0.0.0/0;
...
  server {
    ...
    listen 80   proxy_protocol;
    listen 443  ssl proxy_protocol;
    ...
  }
...
}

https://docs.nginx.com/nginx/admin-guide/load-balancer/using-proxy-protocol/

edited Apr 19 '23 at 13:10

answered Apr 19 '23 at 12:53

Alexey Kolesaev

46
3

REMOTE_ADDR IP from user instead of Nginx reverse proxy server

3 Answers3

Linked