logseq_kauer/pages/nginx X-Real-IP und Access-...

985 B

tags:: Nginx

  • Damit nginx zwischen Clients im internen Netz, oder aus dem Internet unterscheiden kann, darf der X-Real-IP Header NICHT auf $remote_addr gesetz werden
  • # real_ip_header X-Forwarded-For;
    
    #proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    
    proxy_set_header Host $host;
    # proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Host $server_name;
    proxy_ssl_server_name on;
    proxy_ssl_name $host;
    
    proxy_intercept_errors on;  # the most important directive, make it on;
    add_header P3P 'CP=""'; # may not be required in all setups
    
  • andernfalls Fehler 401
    • 2023/05/10 18:50:43 [error] 29535#29535: *3965 access forbidden by rule, client: 91.63.227.179, server: dashy.straso.com, request: "GET /favicon.ico HTTP/2.0", host: "dashy.straso.com", referrer: "https://dashy.straso.com/"