使用nginx代理後以及配置https後,如何獲取真實的ip地址
使用nginx代理後以及配置https後,如何獲取真實的ip地址
Date:2018-8-27 14:15:51html
使用nginx, apache等反向代理後,若是想獲取請求的真實ip,要在nginx中配置,把當前請求的ip等信息攜帶去請求應用服務。java
1.配置nginx的https servler
- nginx.conf配置
server {
listen 80;
server_name edudemo.XXX.com;
# 若是配置了下面的rewrite,下面的location就沒用了,會直接轉發到下面的https去請求
rewrite ^(.*)$ https://$host$1 permanent;
location / {
proxy_pass https://edudemo.XXX.com;
proxy_set_header Host $host;
proxy_set_header X-real-ip $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 443;
server_name edudemo.XXX.com;
ssl on;
root html;
index index.html index.htm;
ssl_certificate cert/214421564860931.pem;
ssl_certificate_key cert/214421564860931.key;
ssl_session_timeout 5m;
ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
location / {
proxy_pass http://127.0.0.1:8083;
# 獲取請求的host
proxy_set_header Host $host;
# 獲取請求的ip地址
proxy_set_header X-real-ip $remote_addr;
# 獲取請求的多級ip地址,當請求通過多個反向代理時,會獲取多個ip,英文逗號隔開
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
2.代碼中獲取真實的ip地址
/**
* 獲取請求主機IP地址,若是經過代理進來,則透過防火牆獲取真實IP地址;
*
* @param request
* @return
* @throws IOException
*/
public final static String getIpAddress(HttpServletRequest request) throws IOException {
// 獲取nginx代理前的ip地址
String ip = request.getHeader("X-real-ip");
if (logger.isInfoEnabled()) {
logger.info("getIpAddress(X-real-ip) - X-real-ip - String ip=" + ip);
}
// 獲取全部代理記錄的ip地址
String refererIps = request.getHeader("x-forwarded-for");
String[] split = refererIps.trim().split(",");
if (split != null && split.length >= 2) {
// 獲取請求最開始的ip
ip = split[0];
logger.info("getIpAddress(x-forwarded-for) - x-forwarded-for - String ip=" + refererIps);
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
if (logger.isInfoEnabled()) {
logger.info("getIpAddress(HttpServletRequest) - Proxy-Client-IP - String ip=" + ip);
}
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
if (logger.isInfoEnabled()) {
logger.info("getIpAddress(HttpServletRequest) - WL-Proxy-Client-IP - String ip=" + ip);
}
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_CLIENT_IP");
if (logger.isInfoEnabled()) {
logger.info("getIpAddress(HttpServletRequest) - HTTP_CLIENT_IP - String ip=" + ip);
}
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_X_FORWARDED_FOR");
if (logger.isInfoEnabled()) {
logger.info("getIpAddress(HttpServletRequest) - HTTP_X_FORWARDED_FOR - String ip=" + ip);
}
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
if (logger.isInfoEnabled()) {
logger.info("getIpAddress(HttpServletRequest) - getRemoteAddr - String ip=" + ip);
}
}
} else if (ip.length() > 15) {
String[] ips = ip.split(",");
for (int index = 0; index < ips.length; index++) {
String strIp = (String) ips[index];
if (!("unknown".equalsIgnoreCase(strIp))) {
ip = strIp;
break;
}
}
}
logger.info("final request ip : {}", ip);
return ip;
}
獲取到真實的ip後就能夠去對用戶進行限制了,ip訪問次數限制,ip黑名單過濾。。。nginx
參考:https://www.cnblogs.com/zhanghaoh/p/5293158.htmlapache
相關文章
- 1. nginx獲取用戶真實ip地址
- 2. 使用nginx代理後,獲取用戶真實ip
- 3. 前端Nginx,後端Apache獲取用戶真實IP地址
- 4. 後端Apache獲取前端Nginx反向代理的真實IP地址
- 5. nginx反向代理後獲取不到客戶端的真實ip地址
- 6. Nginx 反向代理獲取設備真實的IP地址
- 7. PHP獲取用戶的真實IP地址,非代理IP
- 8. nginx反向代理後應用程序如何獲取客戶端真實IP
- 9. nginx反向代理後應用程序如何獲取客戶端真實IP?
- 10. 獲取真實ip地址
- 更多相關文章...
- • XSD 如何使用? - XML Schema 教程
- • IP地址分配(靜態分配+動態分配+零配置) - TCP/IP教程
- • IntelliJ IDEA 代碼格式化配置和快捷鍵
- • Java Agent入門實戰(三)-JVM Attach原理與使用
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
