Nginx只允许Cloudflare IP访问获取真实IP
设置只允许cloudflare IP访问后获取真实访客IP,跟普通套Cloudflare获取真实访客IP的方法不一样。
要使用map指令将客户端的 IP 存储到变量(ie$real_client_ip)中,并在日志中使用该变量:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
# 这些放在配置文件头部--- map $http_x_forwarded_for $real_client_ip { ~^(\d+\.\d+\.\d+\.\d+) $1 ; default $http_cf_connecting_ip ; } # replace the default '$remote_addr' with the '$real_client_ip' log_format custom_log_format '$real_client_ip - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent ' '"$http_host" "$upstream_response_time"' '"$http_referer" "$http_user_agent"' ; # 这些放在配置文件头部--- server { listen 80; listen [::]:80; server_name example.com; include /etc/nginx/allow-cloudflare-only.conf; #在生成日志文件后面加上custom_log_format access_log / var /log/nginx/access.log custom_log_format; #...the rest of your configs here... } |