REMOTE_ADDR IP from user instead of Nginx reverse proxy server

Question

I already read a lot of posts about this topic and tried several solutions but did not find a working slotion.

I have setup an Nginx reverse proxy in front of my Apache server. When my php application uses the REMOTE_ADDR function it gets the IP of the Nginx server instead off the user.

I'm using Apache 2.4.10, so module_remoteip.c should be installed. But it is not loaded.

Therefore I installed rpaf_module. It looks like this module is installed correctly, with phpinfo() mod_rpaf-2 is shown with the loaded modules. The I modified the /etc/apache2/mods-available/rpaf.conf file with the following content:

<IfModule rpaf_module>
    RPAFenable On
    RPAFsethostname On
    RPAFproxy_ips 172.19.0.5 # ip of Nginx server
    RPAFheader X-Forwarded-For
</IfModule>

My Nginx configuration look like this:

location / {
    proxy_set_header X-Real-Ip $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $host;
    proxy_pass 172.19.0.4;
}

Help is appreciated?

Answer 1

The IP address of your visitor should be accessible using

$_SERVER['HTTP_X_REAL_IP'];

instead of

$_SERVER['REMOTE_ADDR'];

If you want to replace the REMOTE_ADDR header, try this in your NGINX configuration: (And don't forget to reload/restart your NGINX-server)

location / {
    proxy_set_header X-Real-Ip $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $host;
    proxy_set_header REMOTE_ADDR $remote_addr;
    proxy_pass 172.19.0.4;
}

Answer 2

Add http config set_real_ip_from

http {
...
set_real_ip_from 172.19.0.5/16 # ip of Nginx server;