nginx 反向代理
来源:互联网 发布:php 获取ip 编辑:程序博客网 时间:2024/06/02 03:50
操作环境
nginx 服务器
[root@nginx ~]# cat /etc/redhat-releaseCentOS release 6.5 (Final)
web 服务器
[root@web ~]# cat /etc/redhat-releaseCentOS release 6.5 (Final)
web 服务器配置
安装 httpd yum install -y httpd
html文件 /var/www/html/index.html
<h1>hello nginx</h1><h2>web service 123.59.74.187 here</h2>
关闭防火墙,启动httpd
[root@web html]# service iptables stop[root@web html]# service httpd startStarting httpd:
访问web服务器ip:
nginx 服务器配置
修改nginx 配置vi /etc/nginx/nginx.conf
http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; #gzip on; # Load config files from the /etc/nginx/conf.d directory # The default server is in conf.d/default.conf include /etc/nginx/conf.d/*.conf; # 反向代理测试 server { listen 2000; location / { proxy_pass http://123.59.74.187; } }}
重新加载nginx配置[root@nginx nginx]# nginx -s reload
访问nginx服务器地址,已经被反向代理至另一台web服务器
查看web服务器httpd log,可见访问IP都是nginx代理服务器IP
[root@web ~]# tail /var/log/httpd/access_log185.25.151.159 - - [29/Jul/2015:15:07:58 +0800] "GET http://testp3.pospr.waw.pl/testproxy.php HTTP/1.1" 404 296 "-" "Mozilla/5.0 (Windows NT 5.1; rv:32.0) Gecko/20100101 Firefox/31.0"203.195.173.139 - - [29/Jul/2015:15:10:00 +0800] "GET /manager/html HTTP/1.1" 404 289 "-" "Mozilla/3.0 (compatible; Indy Library)"101.231.119.202 - - [29/Jul/2015:15:33:11 +0800] "GET / HTTP/1.1" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"123.59.65.162 - - [29/Jul/2015:15:54:32 +0800] "GET / HTTP/1.0" 200 61 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"123.59.65.162 - - [29/Jul/2015:15:54:32 +0800] "GET /favicon.ico HTTP/1.0" 404 288 "http://123.59.65.162:2000/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"123.59.65.162 - - [29/Jul/2015:15:55:39 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"123.59.65.162 - - [29/Jul/2015:16:00:09 +0800] "GET / HTTP/1.0" 200 61 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"123.59.65.162 - - [29/Jul/2015:16:02:39 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"123.59.65.162 - - [29/Jul/2015:16:02:39 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"123.59.65.162 - - [29/Jul/2015:16:02:40 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"
如果要改成真实的客户端的IP,修改nginx配置:
server { listen 2000; location / { proxy_pass http://123.59.74.187; proxy_set_header X-Real-IP $remote_addr; # 使客户端IP }}
重新加载nginx配置 [root@nginx nginx]# nginx -s reload
测试,看web服务器httpd log,并不是真实客户端IP:
[root@web ~]# tail /var/log/httpd/access_log123.59.65.162 - - [29/Jul/2015:15:54:32 +0800] "GET /favicon.ico HTTP/1.0" 404 288 "http://123.59.65.162:2000/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"123.59.65.162 - - [29/Jul/2015:15:55:39 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"123.59.65.162 - - [29/Jul/2015:16:00:09 +0800] "GET / HTTP/1.0" 200 61 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)"123.59.65.162 - - [29/Jul/2015:16:02:39 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"123.59.65.162 - - [29/Jul/2015:16:02:39 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"123.59.65.162 - - [29/Jul/2015:16:02:40 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"169.54.233.120 - - [29/Jul/2015:16:05:37 +0800] "GET / HTTP/1.0" 200 61 "-" "Mozilla/5.0 (Windows NT 6.1; rv:31.0) Gecko/20100101 Firefox/31.0"123.59.65.162 - - [29/Jul/2015:16:06:45 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"123.59.65.162 - - [29/Jul/2015:16:06:46 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"123.59.65.162 - - [29/Jul/2015:16:06:46 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"
修改web服务器httpd log配置vim /etc/httpd/conf/httpd.conf
将
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combinedLogFormat "%h %l %u %t \"%r\" %>s %b" common
改为
LogFormat "%{X-Real-IP}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combinedLogFormat "%h %l %u %t \"%r\" %>s %b" common
重启httpd
[root@web ~]# service httpd restartStopping httpd: [ OK ]Starting httpd: httpd: apr_sockaddr_info_get() failed for webhttpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1 for ServerName [ OK ]
测试一下,终于是真实的客户端IP了
[root@web ~]# tail /var/log/httpd/access_log123.59.65.162 - - [29/Jul/2015:16:13:55 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"123.59.65.162 - - [29/Jul/2015:16:13:55 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"123.59.65.162 - - [29/Jul/2015:16:13:55 +0800] "GET / HTTP/1.0" 200 61 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"123.59.65.162 - - [29/Jul/2015:16:14:51 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"123.59.65.162 - - [29/Jul/2015:16:14:51 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"101.231.119.202 - - [29/Jul/2015:16:22:40 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"101.231.119.202 - - [29/Jul/2015:16:22:40 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"101.231.119.202 - - [29/Jul/2015:16:22:41 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"101.231.119.202 - - [29/Jul/2015:16:22:41 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"101.231.119.202 - - [29/Jul/2015:16:22:41 +0800] "GET / HTTP/1.0" 304 - "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.134 Safari/537.36"
0 0
- Nginx反向代理Nginx
- Nginx反向代理Nginx
- nginx 反向代理
- nginx 反向代理
- Nginx 反向代理https
- Nginx 反向代理设置
- nginx反向代理
- nginx 反向代理上网
- Nginx 反向代理设置
- NGINX实现反向代理
- nginx TCP 反向代理
- nginx 反向代理
- nginx反向代理配置
- nginx反向代理原理
- nginx反向代理配置
- Nginx反向代理设置
- Nginx 反向代理
- nginx 反向代理设置
- ARX字符管理函数
- Java中super的两种用法
- JVM工作原理和特点
- 安装mingw+msys问题之二——GCC is unable to create an exe
- 邮票分你一半 456 NYOJ
- nginx 反向代理
- 捕获input 文本框内容改变的事件(onchange,onblur,onPropertyChange比较)
- JAVA DAO(Data Access Object)的个人总结
- muduo::BlockingQueue、BoundedBlockingQueue分析
- 常用的git命令
- 构造死循环
- CALayer层次分析
- VS2010单步调试OCX控件
- MIT-6.00.1x-L11-P6