1

I'm using CDN for my website and wants to get the real ip of clients. My configurations are as following:

set_real_ip_from 173.245.48.0/20;
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 104.16.0.0/12;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 131.0.72.0/22;
real_ip_header    X-Forwarded-For;

log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    '$status $body_bytes_sent "$http_referer" '
    '"$http_user_agent"';

In the past the configuration worked well, but since my CDN support IPV6, then I got below issues.

I tied to use IPV6 to access my website, then for my request:

remote_addr: 117.34.13.18
http_x_forwarded_for: 2409:890c:530:a849:84b5:3a3b:d0ce:4e5b
realip_remote_addr: 117.34.13.18
proxy_add_x_forwarded_for: 2409:890c:530:a849:84b5:3a3b:d0ce:4e5b, 117.34.13.18

It seems nginx used CDN IP as remote_addr when nginx get IPV6 address.

Then I can't get user's RealIp if they are on IPV6.

I checked nginx document, it's said realip support IPV6. Is there any way to get client's IPV6 realIP?

I know I can use $http_x_forwarded_for as client's IP, but if clients connect to my server directly, then there will be no $http_x_forwarded_for.

4

1 回答 1

1

我今天也发生了同样的事情(在你提问后 16 个月)。每当 IPV6 用户通过 Cloudflare 访问我时,它只会记录 Cloudflare 的 IP 地址。我运行的nginx版本比较老,所以我尝试了一个新的Debian服务器运行nginx 1.14.2,问题解决了!因此,如果其他人有同样的问题,请尝试升级 nginx。

于 2021-02-11T21:41:50.357 回答