Friday, 23 August 2013

Nginx reverse proxy shows my server internal ip address

Nginx reverse proxy shows my server internal ip address

i have setup reverse proxy in my server for all domains and then created
ip table to redirect all traffic from port 80(apache) to 81(nginx ip)
Now every time i see logs and also in geoip it shows my server's ip
instead of clients ip.
My nginx config is as below.
# /usr/local/etc/nginx/nginx.conf
user apache;
worker_processes 2; # how many processors or how many hard disks you have
error_log /usr/local/nginx/logs/error.log;
events {
worker_connections 8192;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] $request '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
tcp_nopush on;
keepalive_timeout 75 20;
gzip on;
server_names_hash_bucket_size 64;
reset_timedout_connection on;
client_max_body_size 100m;
#------------------
#fullproxy for all
server {
listen 81;
server_name $hostname |IP|; # "_" is for handle all hosts that
are not described by server_name
charset off;
index index.html index.htm index.php;
access_log off;
#access_log /var/log/nginx/access.log main;
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/local/www/nginx-dist;
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://myipaddress:80; # apache here
client_max_body_size 16m;
client_body_buffer_size 128k;
proxy_buffering off;
#proxy_buffering on;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 120;
#proxy_buffer_size 8k;
#proxy_buffers 32 32k;
#proxy_busy_buffers_size 64k;
#proxy_temp_file_write_size 64k;
error_page 502 503
/usr/local/www/nginx-dist/50x.html;
}
}
}
IP table rules that i added to redirect from apache to nginx.
iptables -t nat -A PREROUTING -p tcp -s ! myipaddress --dport 80 -j
REDIRECT --to-ports 81
iptables -t nat -A PREROUTING -p tcp -s ! myipaddress --dport 80 -j
REDIRECT --to-ports 81
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)