我正在使用vhostwithexpress来管理两个子域。一切正常,但我想通过 ip 过滤对子域之一的请求。你知道是否可以这样做吗?
我试图在我的子域站点的 app.js 中管理它,但是req.connection.remoteAddress并req.ip给了我服务器的 ip。
当我只有一个子域并且不使用 vhost 时,我得到了正确的 ip,但是由于我使用了 vhost,所以我得到了服务器的 ip ...
这是我之前的文件夹结构:
-- subdomain1/
-- app.js
-- views/
这是我的新结构:
-- subdomain1/
-- app.js
-- views/
-- subdomain2/
-- app.js
-- views/
-- manageSubdomain/
-- app.js
这是我在使用 vhost 之前和仅用于一个子域之前工作的代码:
subdomain1/app.js :
var express = require('express');
var path = require('path');
var logger = require('morgan');
var cookieParser = require('cookie-parser');
var bodyParser = require('body-parser');
require('body-parser-xml')(bodyParser);
var routes = require('./routes/index');
var app = express();
// view engine setup
app.set('views', path.join(__dirname, 'views'));
app.set('view engine', 'jade');
// uncomment after placing your favicon in /public
app.use(logger('dev'));
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: false }));
app.use(cookieParser());
app.use(express.static(path.join(__dirname, 'public')));
// Example middleware to get ip
app.use(function (req, res) {
console.log(req.ip); // it give me the correct IP
});
app.use('/', routes);
module.exports = app;
以及之前管理服务器的文件:
#!/usr/bin/env node
/**
* Module dependencies.
*/
var app = require('../app');
var debug = require('debug')('webservicePrestashop:server');
var https = require('https');
var fs = require('fs');
/**
* Get port from environment and store in Express.
*/
var port = normalizePort(process.env.PORT || '443');
app.set('port', port);
/**
* Create HTTP server.
*/
//var server = http.createServer(app);
var options = {
key: fs.readFileSync('/path/to/privkey.pem'),
cert: fs.readFileSync('/path/to/fullchain.pem'),
ca: fs.readFileSync('/path/to/chain.pem')
}
var server = https.createServer(options, app);
// Redirect from http port 80 to https
var http = require('http');
http.createServer(function (req, res) {
res.writeHead(301, { "Location": "https://" + req.headers['host'] + req.url });
res.end();
}).listen(80);
/**
* Listen on provided port, on all network interfaces.
*/
server.listen(port);
/**
* Event listener for HTTP server "listening" event.
*/
function onListening() {
var addr = server.address();
var bind = typeof addr === 'string'
? 'pipe ' + addr
: 'port ' + addr.port;
debug('Listening on ' + bind);
}
这是我管理子域的代码:
管理子域/app.js :
var express = require('express');
var vhost = require('vhost');
var http = require('http');
var https = require('https');
var fs = require('fs');
var tls = require('tls');
// Gestions des sites
const subdomain1 = {
app: require('../subdomain1/app'),
context: tls.createSecureContext({
key: fs.readFileSync('path/to/privkey.pem').toString(),
cert: fs.readFileSync('path/to/privkey.pem/fullchain.pem').toString(),
ca: fs.readFileSync('path/to/privkey.pem/chain.pem').toString()
}).context
};
const subdomain2 = {
app: require('../subdomain2/app'),
context: tls.createSecureContext({
key: fs.readFileSync('path/to/privkey.pem/privkey.pem').toString(),
cert: fs.readFileSync('path/to/privkey.pem/fullchain.pem').toString(),
ca: fs.readFileSync('path/to/privkey.pem/chain.pem').toString()
}).context
};
var sites = {
"my.subdomain1.com": subdomain1,
"my.subdomain2.com": subdomain2
};
var exp = express();
for (let s in sites) {
exp.use(vhost(s, sites[s].app));
}
// Redirect du http to https
http.createServer(function (req, res) {
res.writeHead(301, { "Location": "https://" + req.headers['host'] + req.url });
res.end();
}).listen(80);
var secureOpts = {
SNICallback: function (domain, cb) {
if (typeof sites[domain] === "undefined") {
cb(new Error("domain not found"), null);
console.log("Error: domain not found: " + domain);
} else {
cb(null, sites[domain].context);
}
},
key: fs.readFileSync('path/to/privkey.pem/privkey.pem').toString(),
cert: fs.readFileSync('path/to/privkey.pem/fullchain.pem').toString()
};
// Création du serveur https
var httpsServer = https.createServer(secureOpts, exp);
httpsServer.listen(443);
现在我的 subdomain1/app.js 和以前一样