I'll let you in on a little secret, which is that you can get the real IP address through Nginx reverse proxy. Maybe you are thinking, why through reverse proxy? Hey, let me unravel this mystery for you.
1. The appeal of Nginx reverse proxy
First, let's understand what a reverse proxy is. Reverse proxy is an architectural model in which the client does not connect directly to the target server, but forwards requests through a middleman (Nginx server). This approach not only improves the security of the website, but also reduces the load on the target server.
Moreover, it is possible to hide the real server IP address through Nginx reverse proxy. Did you know that? This will also increase your network security! Imagine if attackers can't get your real IP address, then they can't attack your server directly, which can protect your website from harm in critical moments.
2. Configure Nginx reverse proxy
Well, I'm sure you can't wait to find out how to configure Nginx reverse proxy! Don't worry, I'll show you by hand.
First of all, you need to install Nginx first. the installation process will not be detailed, there are many tutorials online. After the installation is complete, we need to modify the Nginx configuration file.
Open the Nginx configuration file (typically nginx.conf) and add the following configuration to the http block:
server {
listen 80; server_name your_domain.com; server_name your_domain.com
server_name your_domain.com; server_name your_domain.com
server { listen 80; server_name your_domain.com; location / {
proxy_pass http://your_backend_server; proxy_set_header
proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header
proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_addr
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}Let's explain the configuration above. We first specified the port on which Nginx listens to be 80 and set the server's domain name to your_domain.com (remember to replace it with your own domain name).
Next, the location block is configured, which indicates that the matched request will be proxied to your_backend_server, a backend server. Of course, you also need to replace your_backend_server with your own server address.
There are three other important configuration items to be aware of, which are proxy_set_header Host, proxy_set_header X-Real-IP, and proxy_set_header X-Forwarded-For. These configuration items help us to get the real IP address, which is passed by setting the request header to the backend server.
Remember to save the configuration file and restart Nginx. now you can get the real IP address through Nginx reverse proxy!
3. Obtaining a real IP address
Okay, now let's test it! You just need to output the client's IP address on the backend server.
If you are developing a back-end application in PHP, you can use the following code:
$ip = $_SERVER['REMOTE_ADDR'];
echo "The client's IP address is:".$ip;After running the test code, you will find that the output IP address is the real IP address of the client. Isn't it amazing?
4. Preventing forged IP addresses
Of course, the smart you must have thought that the IP address obtained through Nginx reverse proxy could be spoofed, right? Yes, this is an issue that we need to be aware of.
It's a good thing we thought of this ahead of time and set proxy_set_header X-Real-IP and proxy_set_header X-Forwarded-For in the Nginx configuration. the content in these two request headers is auto-populated by Nginx so you don't have to worry about being spoofed.
Also, for added security, you can optimize your Nginx configuration to include restrictions such as only allowing requests from specific IP addresses to go through.
English 
简体中文 
Español 
Deutsch 
Français