apache-2.2 – 如何禁用清漆X Forwarded For header

前端之家收集整理的这篇文章主要介绍了apache-2.2 – 如何禁用清漆X Forwarded For header前端之家小编觉得挺不错的,现在分享给大家,也给大家做个参考。

我正在使用Nginx< =>清漆< =>阿帕奇

我通过Nginx proxy_set_header X-Forwarded-For $remote_addr将客户端IP传递给varnish;

但是清漆也将X-Forwarded-For添加为127.0.0.1,因此apache显示基于2个IP的逗号.

我需要通过Nginx发送IP,我只想禁用添加127.0.0.1的清漆

清漆版本3.0.0
这是default.vcl

backend default {
.host = “204.29.58.4”;
.port = “80”; } sub vcl_recv {
if (req.http.Range) {
return(pipe);
} }

默认的vcl_recv函数(附加到您的函数)包含以下内容

 if (req.restarts == 0) {
   if (req.http.x-forwarded-for) {
       set req.http.X-Forwarded-For =
           req.http.X-Forwarded-For + "," + client.ip;
   } else {
       set req.http.X-Forwarded-For = client.ip;
   }
 }

..which正在修改标题.为了防止这种情况发生,您应该将vcl_recv实现为始终返回的完整函数,而不是依赖于包含您不需要的配置的默认行为的附加.像这样的东西:

sub vcl_recv {
    if (req.http.Range) {
      return(pipe);
    }
    if (req.request != "GET" &&
      req.request != "HEAD" &&
      req.request != "PUT" &&
      req.request != "POST" &&
      req.request != "TRACE" &&
      req.request != "OPTIONS" &&
      req.request != "DELETE") {
        /* Non-RFC2616 or CONNECT which is weird. */
        return (pipe);
    }
    if (req.request != "GET" && req.request != "HEAD") {
        /* We only deal with GET and HEAD by default */
        return (pass);
    }
    if (req.http.Authorization || req.http.Cookie) {
        /* Not cacheable by default */
        return (pass);
    }
    return (lookup);
}

猜你在找的Nginx相关文章