共计 687 个字符,预计需要花费 2 分钟才能阅读完成。
Nginx设置只允许Cloudflare IP访问后获取真实访客IP,跟普通套Cloudflare获取真实访客IP的方法不一样。
要使用map
指令将客户端的 IP 存储到变量(ie$real_client_ip
)中,并在日志中使用该变量:
# 这些放在配置文件头部--- | |
map $http_x_forwarded_for $real_client_ip { | |
~^(\d+\.\d+\.\d+\.\d+) $1; | |
default $http_cf_connecting_ip; | |
} | |
# replace the default '$remote_addr' with the '$real_client_ip' | |
log_format custom_log_format '$real_client_ip - $remote_user [$time_local] ' | |
'"$request" $status $body_bytes_sent ' | |
'"$http_host" "$upstream_response_time"' | |
'"$http_referer" "$http_user_agent"'; | |
# 这些放在配置文件头部--- | |
server { | |
listen 80; | |
listen [::]:80; | |
server_name example.com; | |
include /etc/nginx/allow-cloudflare-only.conf; | |
#在生成日志文件后面加上custom_log_format | |
access_log /var/log/nginx/access.log custom_log_format; | |
#...the rest of your configs here... | |
} |
正文完