20 lines
876 B
Plaintext
20 lines
876 B
Plaintext
# /etc/nginx/conf.d/real-ip.conf -- see http://nginx.org/en/docs/http/ngx_http_realip_module.html
|
|
|
|
# Defines trusted addresses that are known to send correct replacement
|
|
# addresses. Here we trust all RFC1918 hosts (proxies).
|
|
set_real_ip_from 10.0.0.0/8;
|
|
set_real_ip_from 172.16.0.0/12;
|
|
set_real_ip_from 192.168.0.0/16;
|
|
|
|
# Defines the request header field whose value will be used to replace the
|
|
# client address.
|
|
real_ip_header X-Forwarded-For;
|
|
|
|
# If recursive search is disabled, the original client address that matches one
|
|
# of the trusted addresses is replaced by the last address sent in the request
|
|
# header field defined by the real_ip_header directive. If recursive search is
|
|
# enabled, the original client address that matches one of the trusted
|
|
# addresses is replaced by the last non-trusted address sent in the request
|
|
# header field.
|
|
real_ip_recursive on;
|