Hello I was wondering if $remote_addr in a reverse proxy with Nginx is the ip from the TCP connection which is very hard to spoof or is it grabbing it from some header like X-Real-Ip?
Asked
Active
Viewed 1,513 times
2
-
If will be read from the local interface and it will be the IP address of the other side of the TCP/IP connection which is not necessarily the end-client. – Richard Smith Oct 08 '20 at 07:32
-
Do you think it would be easy to just fake any IP address like setting a random X-Forwarded-For header or does this means for example you would get the IP from a VPN connection if you are using one? – router360 Oct 24 '20 at 15:06
-
Nginx only sets the `$remote_addr` from the `X-Forwarded-For` header if you instruct it to and only if the header originates from a trusted source. See [this document](http://nginx.org/en/docs/http/ngx_http_realip_module.html) for details. – Richard Smith Oct 24 '20 at 15:19
-
1Sorry if my question was unclear, what I meant was if I could spoof a random ip address and make nginx think Im connecting through that IP. Which would be the one returned from $remote_addr. I'm currently setting an ip whitelist on my server (using nginx as a reverse proxy) for some requests and I need to make sure nobody can fake one of the ips as it was their own to gain unauthorized entry. – router360 Oct 25 '20 at 23:04