logseq_kauer/pages/nginx X-Real-IP und Access-...

24 lines
985 B
Markdown

tags:: [[Nginx]]
- Damit nginx zwischen Clients im internen Netz, oder aus dem Internet unterscheiden kann, darf der X-Real-IP Header NICHT auf $remote_addr gesetz werden
- ```
# real_ip_header X-Forwarded-For;
#proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
# proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_ssl_server_name on;
proxy_ssl_name $host;
proxy_intercept_errors on; # the most important directive, make it on;
add_header P3P 'CP=""'; # may not be required in all setups
```
- andernfalls Fehler 401
- ```
2023/05/10 18:50:43 [error] 29535#29535: *3965 access forbidden by rule, client: 91.63.227.179, server: dashy.straso.com, request: "GET /favicon.ico HTTP/2.0", host: "dashy.straso.com", referrer: "https://dashy.straso.com/"
```