apache-2.2 – 如何禁用清漆X Forwarded For header

发布时间：2020-12-13 21:16:07 所属栏目：Nginx 来源：网络整理

导读：我正在使用nginx 清漆阿帕奇我通过nginx proxy_set_header X-Forwarded-For $remote_addr将客户端IP传递给varnish; 但是清漆也将X-Forwarded-For添加为127.0.0.1,因此apache显示基于2个IP的逗号. 我需要通过nginx发送IP,我只想禁用添加127.0.0.1的清漆清

我正在使用nginx< =>清漆< =>阿帕奇

我通过nginx proxy_set_header X-Forwarded-For $remote_addr将客户端IP传递给varnish;

但是清漆也将X-Forwarded-For添加为127.0.0.1,因此apache显示基于2个IP的逗号.

我需要通过nginx发送IP,我只想禁用添加127.0.0.1的清漆

清漆版本3.0.0
这是default.vcl

backend default {
.host = “204.29.58.4”;
.port = “80”; } sub vcl_recv {
if (req.http.Range) {
return(pipe);
} }

默认的vcl_recv函数(附加到您的函数)包含以下内容：

 if (req.restarts == 0) {
   if (req.http.x-forwarded-for) {
       set req.http.X-Forwarded-For =
           req.http.X-Forwarded-For + "," + client.ip;
   } else {
       set req.http.X-Forwarded-For = client.ip;
   }
 }

..which正在修改标题.为了防止这种情况发生,您应该将vcl_recv实现为始终返回的完整函数,而不是依赖于包含您不需要的配置的默认行为的附加.像这样的东西：

sub vcl_recv {
    if (req.http.Range) {
      return(pipe);
    }
    if (req.request != "GET" &&
      req.request != "HEAD" &&
      req.request != "PUT" &&
      req.request != "POST" &&
      req.request != "TRACE" &&
      req.request != "OPTIONS" &&
      req.request != "DELETE") {
        /* Non-RFC2616 or CONNECT which is weird. */
        return (pipe);
    }
    if (req.request != "GET" && req.request != "HEAD") {
        /* We only deal with GET and HEAD by default */
        return (pass);
    }
    if (req.http.Authorization || req.http.Cookie) {
        /* Not cacheable by default */
        return (pass);
    }
    return (lookup);
}

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!