Nginx 反向代理Tomcat服务器获取真实IP问题
1.nginx.conf 配置
修改 Server location配置
增加
proxy_set_header X-Real-IP $remote_addr; #保留代理之前的真实客户端ip
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;#记录代理过程
server { listen 7777; server_name 192.168.10.8:7777; location / { root /usr/local/web/dist; index index.html index.htm; } location /unstructured/ { proxy_pass http://192.168.10.8:8080/unstructured/; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } }
2 修改 tomcat conf目录下server.xml配置
增加 Valve className="org.apache.catalina.valves.RemoteIpValve" 配置
修改 Valve className="org.apache.catalina.valves.AccessLogValve" pattern中的配置%h --->%{X-Real-IP}i 即可
<Valve className="org.apache.catalina.valves.RemoteIpValve" remoteIpHeader="x-forwarded-for" remoteIpProxiesHeader="x-forwarded-by" /> <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log" suffix=".txt" pattern="%{X-Real-IP}i %l %u %t "%r" %s %b" />
通过以上两步的设置,我们在tomcat的日志文件 localhost_access_log.2019-07-02 可以看到记录了真实的ip地址,而非原先的nginx服务的ip。