问题
What happens when you don't have a list of proxy IPs? When using site acceleration services like Akamai, Google, Edgecast or CloudFront; it would always be hard to get IPs for sessions from them.
When testing our codeigniter application on a CDN, we noticed that IPs were being passed as CDN IPs and not the client IPs in the session database.
How can you get around to this?
/*
|--------------------------------------------------------------------------
| Reverse Proxy IPs
|--------------------------------------------------------------------------
|
| If your server is behind a reverse proxy, you must whitelist the proxy IP
| addresses from which CodeIgniter should trust the HTTP_X_FORWARDED_FOR
| header in order to properly identify the visitor's IP address.
| Comma-delimited, e.g. '10.0.1.200,10.0.1.201'
|
*/
$config['proxy_ips'] = '';
Thanks!
回答1:
Depending on the web server you use there are modules that will give you the true client IP address from the HTTP_X_FORWARDED_FOR header, or the equivalent for your proxy.
I use Nginx on my web server behind CloudFlare so I use this: http://wiki.nginx.org/HttpRealipModule
You'll need to configure the module for your web server that gets the real client IP from the correct header from your CDN.
回答2:
If you want to handle IP in Codeigniter 3 but not in the web server, you can add CDN IP into this config:
$config['proxy_ips'] = ['10.0.1.2'];
or giving a CDN network mask:
$config['proxy_ips'] = '10.0.1.0/24';
If your server is always behind CDN:
$config['proxy_ips'] = isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : '';
Get IP method:
$this->input->ip_address(); //$this=>CI
It will return forward IP if matched proxy IP, otherwise it will return $_SERVER["REMOTE_ADDR"], which could get the real client IP.
Referring to Codeigniter 3
来源:https://stackoverflow.com/questions/11963641/codeigniter-session-behind-proxy