search

NginxProxyManager / nginx-proxy-manager

Docker container for managing Nginx proxy hosts with a simple, powerful interface
https://nginxproxymanager.com
MIT License
22.99k stars 2.66k forks source link

Preserve Real Public IP adresse between NPM Frontend and Apache Backend #2484

Open bartounet16 opened 1 year ago

bartounet16 commented 1 year ago

Hello I've tried everything, but I can't get the public IP to show on my website.

I have NPM in Reverseproxy Docker (ip server docker 172.30.0.1 / ip container 172.25.0.2)

I have behind an Apache web server. I try everything I always have the ip 172.30.0.1 which is displayed in the Apache access logs and not the real public IP address of my visitors.

NPM Options: add_header Content-Security-Policy "upgrade-insecure-requests"; add_header X-Frame-Options "SAMEORIGIN"; add_header X-XSS-Protection "1; mode=block" always; add_header X-Content-Type-Options "nosniff" always; add_header Referrer-Policy no-referrer always; add_header X-Robots-Tag none; proxy_hide_header Upgrade; proxy_hide_header X-Powered-By; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection keep-alive; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme;

Apache backend Option Vhost RemoteIPHeader X-Forwarded-For RemoteIPInternalProxy 172.30.0.1

could you help me please ?? i had try everithing.

mcn18 commented 1 year ago

This needs to be done only on Apache's side. The following is what I have in my configuration and it works fine. I don't have anything extra set in NginxProxyManager.

<VirtualHost *:80> ServerName example.com RemoteIPHeader X-Forwarded-For

bartounet16 commented 1 year ago

thanks for answer. In my case it does not work.

No extra set in NPM and my vhost conf in apache side

<VirtualHost 172.30.0.2:80>
        ErrorLog syslog
        LogLevel warn
ServerName blog.XXXX.fr
DocumentRoot /var/www/html/PluXml/
RemoteIPHeader X-Forwarded-For
</VirtualHost>

My log ... blog.XXX.fr:80 172.30.0.1 - - [22/Dec/2022:14:12:21 +0000] "GET / HTTP/1.1" 200 9467 "-" "Mozilla/5.0 (Linux; Android 11; Redmi Note 9 Pro) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Mobile Safari/537.36"

Elanoran commented 1 year ago

For anyone still having this issue: As said in this post, apache needs to have mod_remoteip enabled:

// Enable the RemoteIP Module sudo a2enmod remoteip // Restart sudo service apache2 restart // edit virtual host config sudo nano /etc/apache2/sites-available/domain name.conf // add this line RemoteIPHeader X-Forwarded-For // Restart Apache systemctl restart apache2

github-actions[bot] commented 9 months ago

Issue is now considered stale. If you want to keep it open, please comment :+1: