Learn about Centmin Mod LEMP Stack today
Become a Member

Nginx / Railgun Ip issue

Discussion in 'Nginx, PHP-FPM & MariaDB MySQL' started by BamaStangGuy, Jan 30, 2017.

  1. BamaStangGuy

    BamaStangGuy Active Member

    668
    192
    43
    May 25, 2014
    Ratings:
    +272
    Local Time:
    3:13 PM
    Hi,

    We are having problems getting the real ip to pass through when using Railgun.


    We have proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; set and
    include /usr/local/nginx/conf/cloudflare.conf; uncommented.

    Yet XenForo is showing our servers IP address for all members. Not cloudflares ip address but our OVH servers ip address.
     
  2. eva2000

    eva2000 Administrator Staff Member

    53,142
    12,108
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,643
    Local Time:
    6:13 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  3. BamaStangGuy

    BamaStangGuy Active Member

    668
    192
    43
    May 25, 2014
    Ratings:
    +272
    Local Time:
    3:13 PM
    I figured it out. Needed to add our servers ip to set_real_ip_from
     
  4. BamaStangGuy

    BamaStangGuy Active Member

    668
    192
    43
    May 25, 2014
    Ratings:
    +272
    Local Time:
    3:13 PM
  5. eva2000

    eva2000 Administrator Staff Member

    53,142
    12,108
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,643
    Local Time:
    6:13 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    got links to documentation ? you may only need to use proxy_set_header and not need /usr/local/nginx/conf/cloudflare.conf include file
     
  6. BamaStangGuy

    BamaStangGuy Active Member

    668
    192
    43
    May 25, 2014
    Ratings:
    +272
    Local Time:
    3:13 PM
    This is what CloudFlare support said:

    Also: Installation — Railgun 5.3.0 documentation
     
  7. eva2000

    eva2000 Administrator Staff Member

    53,142
    12,108
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,643
    Local Time:
    6:13 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    tried just proxy_set_header X-Forwarded-For $remote_addr; as well ?
     
  8. BamaStangGuy

    BamaStangGuy Active Member

    668
    192
    43
    May 25, 2014
    Ratings:
    +272
    Local Time:
    3:13 PM
    Yea just that shows cloudflare ip address in logs and in xf.
     
  9. eva2000

    eva2000 Administrator Staff Member

    53,142
    12,108
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,643
    Local Time:
    6:13 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    with /usr/local/nginx/conf/cloudflare.conf include file enabled or disabled ? if disabled, try enabling the /usr/local/nginx/conf/cloudflare.conf include file
     
  10. eva2000

    eva2000 Administrator Staff Member

    53,142
    12,108
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,643
    Local Time:
    6:13 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    also try
    Code (Text):
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    
     
  11. eva2000

    eva2000 Administrator Staff Member

    53,142
    12,108
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,643
    Local Time:
    6:13 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    or
    Code (Text):
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
       proxy_set_header CF-Connecting-IP $http_CF_Connecting_IP;

    or
    Code (Text):
       proxy_set_header X-Real-IP $remote_addr;
       proxy_set_header CF-Connecting-IP $http_CF_Connecting_IP;
     
  12. BamaStangGuy

    BamaStangGuy Active Member

    668
    192
    43
    May 25, 2014
    Ratings:
    +272
    Local Time:
    3:13 PM
    Just an FYI, none of those worked. The only thing that works is adding the servers ip address to the cloudflare.conf.
     
  13. eva2000

    eva2000 Administrator Staff Member

    53,142
    12,108
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,643
    Local Time:
    6:13 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  14. eva2000

    eva2000 Administrator Staff Member

    53,142
    12,108
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,643
    Local Time:
    6:13 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    FYI, just about to updated 123.09beta01's tools/csfcf.sh auto routine to add an include file into cloudflare.conf called cloudflare_customips.conf so you can still run tools/csfcf.sh via cronjob and not overwrite your custom added ips in cloudflare_customips.conf

    Code (Text):
    cat /usr/local/nginx/conf/cloudflare.conf
    
    include /usr/local/nginx/conf/cloudflare_customips.conf;
    set_real_ip_from 103.21.244.0/22;
    set_real_ip_from 103.22.200.0/22;
    set_real_ip_from 103.31.4.0/22;
    set_real_ip_from 104.16.0.0/12;
    set_real_ip_from 108.162.192.0/18;
    set_real_ip_from 131.0.72.0/22;
    set_real_ip_from 141.101.64.0/18;
    set_real_ip_from 162.158.0.0/15;
    set_real_ip_from 172.64.0.0/13;
    set_real_ip_from 173.245.48.0/20;
    set_real_ip_from 188.114.96.0/20;
    set_real_ip_from 190.93.240.0/20;
    set_real_ip_from 197.234.240.0/22;
    set_real_ip_from 198.41.128.0/17;
    set_real_ip_from 199.27.128.0/21;
    set_real_ip_from 2400:cb00::/32;
    set_real_ip_from 2405:8100::/32;
    set_real_ip_from 2405:b500::/32;
    set_real_ip_from 2606:4700::/32;
    set_real_ip_from 2803:f800::/32;
    set_real_ip_from 2c0f:f248::/32;
    set_real_ip_from 2a06:98c0::/29;
    real_ip_header CF-Connecting-IP;


    so stick your custom ips etc into /usr/local/nginx/conf/cloudflare_customips.conf
    Code (Text):
    set_real_ip_from YOURCUSTOM_IPADDRESS;
    
     
    Last edited: Feb 7, 2017