Is it possible to make Nginx HttpGeoIPModule use the X_Forwarded IP that is sent via HAProxy? It is currently just using the incorrect server IP, but unsure how I can make Nginx use the X_Forwarded IP.
Any ideas?
Asked
Active
Viewed 3,010 times
3 Answers
1
Have you tried using the RealIPModule and setting the X-Real-IP to X-Forwarded-For
You have to pass --with-http_realip_module during compile time to build the module because it is not built by default.
Sameer
- 4,070
- 2
- 16
- 11
-
If you read my question, I am already doing this and I am asking whether I can make HttpGeoIPModule obey this. It does not at the moment. – James Feb 14 '11 at 00:21
-
James, is this working for you? I see the expected working behavior with my install of nginx (1.0.5) with RealIPModule and GeoIPModule. – spazm Sep 19 '12 at 20:22
-
James, you want to you the X-forwarded-for IP to do a Geo lookup right? When you get the X-Real-ip to X-forwarded-for IP geoIP will work. You can refer to this forum post. Similar question. http://forum.nginx.org/read.php?10,220550,220550 – Sameer Dec 07 '12 at 02:07
1
Sameer's answer is correct.
You'll need to configure and compile Nginx with the --with-http_realip_module option.
Then set the following option in the Nginx configuration:
set_real_ip_from 1.2.3.4;
real_ip_header X-Forwarded-For;
Where 1.2.3.4 is the IP Address of HAProxy
In HAProxy you'll need the following options:
option httpclose
option forwardfor
I found this website helpful: http://www.somerorbay.com/vps-and-dedicated/nginx-behind-haproxy-x-forwarded-for-getting-real-client-ip
dkam
- 149
- 3
-
If you read my question, I am already doing this and I am asking whether I can make HttpGeoIPModule obey this. It does not at the moment. – James Feb 14 '11 at 00:21
1
Another option is to run HA Proxy in transparent mode, then all IPs will display correctly. Usually a little IP Tables 'mangling' is needed to make it work, but well worth the effort.
GRD
- 11
- 1