How to get Evilginx to log X-Real-IP when used behind nginx?

kgretzky / evilginx

PLEASE USE NEW VERSION: https://github.com/kgretzky/evilginx2

MIT License

1.06k stars 260 forks source link

How to get Evilginx to log X-Real-IP when used behind nginx? #99

Closed thirdbyte closed 2 years ago

thirdbyte commented 2 years ago

I've set up Evilginx behind Nginx and when I do 'sessions', it always shows the private IP of Nginx. Is there a way I can get Evilginx to log the IP from X-Real-IP header from Nginx?

thirdbyte commented 2 years ago

I've found and tested the solution for this.

Traffic Flow: Cloudflare --> Nginx --> Evilginx

To get actual client IP from cloudflare to nginx, refer: https://danielmiessler.com/blog/getting-real-ip-addresses-using-cloudflare-nginx-and-varnish/

To get actual client IP from nginx to evilginx, refer: https://github.com/thirdbyte/phish_infra/commit/d0a758acf31f340bfda0f1f00bfd3cd2f5dc2411