All visitor have same IP (my server IP)

dubstep · April 11, 2012, 6:51am

i’m using nginx as proxy fro apache .

my users ask why 90% of thier vistors has the same IP of the servers .

and some php application block the server IP adresse as flood ip .

[root@server4 ]# netstat -lanp | grep :8081 | awk ‘{print $5}’ | cut -d:
-f1 | sort | uniq -c | sort -n
1 0.0.0.0
3 127.0.0.1
1588 xxx.xxx.xxx.xxx (this is server ip)

[root@server4 ]# netstat -lanp | grep :80 | awk ‘{print $5}’ | cut -d:
-f1 | sort | uniq -c | sort -n
1 94.111.122.97
2 150.70.172.203
2 197.162.58.71
2 41.141.1.104
2 41.250.191.48
2 41.250.200.157
3 0.0.0.0
3 196.217.214.235
3 41.137.75.212
3 41.248.144.207
3 41.92.15.186
4 41.250.91.158
5 196.12.254.12
6 37.105.108.27
6 41.143.100.215
7 41.141.169.127
9 197.194.27.175
9 67.167.101.181
1679 xxx.xxx.xxx.xxx (this is server ip)

the RPAF configurations well done (include the ip servers) .

nginx 1.1.18 config

user nobody;

no need for more workers in the proxy mode

worker_processes 2;
error_log /var/log/nginx/error.log info;
worker_rlimit_nofile 20480;
events {
worker_connections 5120; # increase for busier servers
use epoll; # you should use epoll here for Linux kernels 2.6.x
}
http {
server_name_in_redirect off;
server_names_hash_max_size 10240;
server_names_hash_bucket_size 1024;
include mime.types;
default_type application/octet-stream;
server_tokens off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 5;
gzip on;
gzip_vary on;
gzip_disable “MSIE [1-6].”;
gzip_proxied any;
gzip_http_version 1.1;
gzip_min_length 1000;
gzip_comp_level 6;
gzip_buffers 16 8k;

You can remove image/png image/x-icon image/gif image/jpeg if you have

slow CPU
gzip_types text/plain text/xml text/css application/x-javascript
application/xml image/png image/x-icon image/gif image/jpeg
application/xml+rss text/javascript application/atom+xml;
ignore_invalid_headers on;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
reset_timedout_connection on;
connection_pool_size 256;
client_header_buffer_size 256k;
large_client_header_buffers 4 256k;
client_max_body_size 200M;
client_body_buffer_size 128k;
request_pool_size 32k;
output_buffers 4 32k;
postpone_output 1460;
proxy_temp_path /tmp/nginx_proxy/;
client_body_in_file_only on;
disable_symlinks if_not_owner;
log_format bytes_log “$msec $bytes_sent .”;
include “/etc/nginx/vhosts/*”;
}

is this have relation to mod realip ?

any solution to make nginx forward the proccess with the visitor ip not
with the server ip ?

Posted at Nginx Forum:

activa · April 11, 2012, 7:24am

On Wed, Apr 11, 2012 at 12:50:59AM -0400, activa wrote:

1588 xxx.xxx.xxx.xxx (this is server ip)
3 0.0.0.0
9 67.167.101.181
worker_rlimit_nofile 20480;
server_tokens off;
gzip_comp_level 6;
reset_timedout_connection on;
disable_symlinks if_not_owner;
log_format bytes_log “$msec $bytes_sent .”;
include “/etc/nginx/vhosts/*”;
}

is this have relation to mod realip ?

any solution to make nginx forward the proccess with the visitor ip not
with the server ip ?

proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_set_header
http://nginx.org/en/docs/http/ngx_http_proxy_module.html#variables

activa · April 12, 2012, 5:22am

i have added the setting to the nginx.conf .

but still i show more than 1500 connexion from the server ip .

Posted at Nginx Forum:

activa · December 16, 2014, 3:13pm

activa Wrote:

i have added the setting to the nginx.conf .

but still i show more than 1500 connexion from the server ip .

Do you solve the problem? I ask because I am having the same problem.

After installing Nginx, all visitors are marked with the same server IP
instead of your real IP in scripts as phpBB and MyBB for example.

I tried adding the lines reported by our friend Ruslan, in Nginx config
file, but unfortunately it did not work.

Posted at Nginx Forum:

activa · December 16, 2014, 3:37pm

Are you seeing the same IP in apache?.

If yes then you need the following module in apache
GitHub - gnif/mod_rpaf: reverse proxy add forward module for Apache or
mod_remoteip - Apache HTTP Server Version 2.5

activa · December 16, 2014, 6:54pm

On 2014-12-16, 9:32 AM, umarizal wrote:

nginx mailing list
[email protected]
nginx Info Page
There are multiple areas/ways of getting the non-proxied ip address.
One of Anoop recommendation was that you utilize the remoteip method.
This isn’t a but, its simply the fact that you are proxying the
connection so the connections will in fact look to come from the address
of your nginx server.

What the remoteip (realip) allows nginx to capture the src-Ip address of
the connection and then pass it to apache, then you configure apache to
look for say “remote_addr” and utilize the value for whatever you are
doing.

this isn’t perfect but it works for my testing, allows me to see how the
data is being passed.

<?php echo "Remote addr: " . $_SERVER['REMOTE_ADDR']."
"; echo "X Forward: " . $_SERVER['HTTP_X_FORWARDED_FOR']."
"; echo "X Forward single: " . $_SERVER['HTTP_X_FORWARDED']."
"; echo "HTTP_X_CLUSTER_CLIENT_IP: " . $_SERVER['HTTP_X_CLUSTER_CLIENT_IP']."
"; echo "HTTP_FORWARDED_FOR " . $_SERVER['HTTP_FORWARDED_FOR']."
"; echo "HTTP_FORWARDED " . $_SERVER['HTTP_FORWARDED']."
"; echo "Clien IP: " . $_SERVER['HTTP_CLIENT_IP']."
"; ?>

hope this helps

activa · December 16, 2014, 6:32pm

Anoop A. Wrote:

[email protected]
nginx Info Page

Sorry, but I don´t understand your question. How do I see it?

Thank you very much!

Posted at Nginx Forum: