nginx的抓取客户端真实IP的判断脚本
root@nginx-01:/usr/local/nginx/conf/# cat proxyheader.conf if ( $proxy_add_x_forwarded_for ~ "^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})(.*)" ) { set $realip $1; } if ( $proxy_add_x_forwarded_for !~ "^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})(.*)" ) { set $realip $remote_addr; } if ( $http_ali_cdn_real_ip ~ "^([0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3})" ) { set $realip $http_ali_cdn_real_ip; }
nginx.conf中定义以下变量: proxy_set_header Host $host; proxy_set_header acc_token $http_acc_token; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr;