如何阻止Cloudflare / Docker / NGINX / LAMP站点中的客户端IP地址丢失?
问题是PHP字段$_SERVER['HTTP_CLIENT_IP']
没有在我的以下站点结构中设置,我应该如何解决这个问题?
Docker桥接networking上的静态IP容器(在cloudflare后面的主机上)名为“back”:
- 运行在容器中的NGINX(172.24.02)
- 容器中的Apache + PHP(172.24.0.3)
nginx.conf:
location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_set_header X-NginX-Proxy true; proxy_pass http://172.24.0.3; }
test.php的
<?php echo('HTTP_CLIENT_IP: '.$_SERVER['HTTP_CLIENT_IP']); echo('<br>HTTP_X_FORWARDED_FOR'.$_SERVER['HTTP_X_FORWARDED_FOR']); echo('<br>REMOTE_ADDR'.$_SERVER['REMOTE_ADDR']); echo('<br>HTTP_X_FORWARDED'.$_SERVER['HTTP_X_FORWARDED']); echo('<br>HTTP_FORWARDED'.$_SERVER['HTTP_FORWARDED']); echo('<br>HTTP_FORWARDED_FOR'.$_SERVER['HTTP_FORWARDED_FOR']); ?>
运行以上产量:
HTTP_CLIENT_IP: HTTP_X_FORWARDED_FOR: REMOTE_ADDR: 172.24.0.2 HTTP_X_FORWARDED: HTTP_FORWARDED: HTTP_FORWARDED_FOR:
感谢@Devon提出了打印出$ _SERVERvariables的build议,结果发现以下字段中包含客户端IP:
$_SERVER['HTTP_CF_CONNECTING_IP'] $_SERVER['HTTP_X_FORWARDED_FOR']
第一个给client IP
,第二个给client IP, cloudflare IP