mod_rpaf (X-Forwarded-For)

最後更新: 2017-04-21

目錄

  • 介紹
  • mod_rpaf
  • mod_extract_forwarded
  • 在 Centos 上安裝 mod_rpaf

 


mod_rpaf

 

介紹

module for Apache2 which takes the last IP from the 'X-Forwarded-For' header

Debian 安裝 :

apt-get install libapache2-mod-rpaf

設定:

/etc/apache2/mods-enabled/rpaf.conf

<IfModule mod_rpaf.c>
    RPAFenable On

    # let rpaf update vhost settings
    # allows to have the same hostnames as in the "real"
    # configuration for the forwarding Apache
    RPAFsethostname On

    # frontend proxies 的 IP, 只有那 IP 過來的 traffic 才看 "X-Forwarded-For" header
    RPAFproxy_ips 127.0.0.1

</IfModule>

 


nginx fontend setting

/etc/nginx/proxy.conf

..................
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
..................

 



mod_extract_forwarded

 

介紹

在 Centos 上沒有 libapache2-mod-rpaf, 所以可能會用 mod_extract_forwarded 取締

安裝

yum install mod_extract_forwarded

設定

/etc/httpd/conf.d/mod_extract_forwarded.conf

LoadModule extract_forwarded_module modules/mod_extract_forwarded.so

# 以下設定是 accept 了之後 refuse, 
# Default accept

MEForder refuse,accept

# Default: all
MEFrefuse all

# Default: empty
MEFaccept 1.2.3.4  1.2.3.5

可能遇到的問題:

Starting httpd: httpd: Syntax error on line 223 of /etc/httpd/conf/httpd.conf: Syntax error on line 1 of /etc/httpd/conf.d/mod_extract_forwarded.conf: Cannot load /etc/httpd/modules/mod_extract_forwarded.so into server: /etc/httpd/modules/mod_extract_forwarded.so: undefined symbol: proxy_hook_scheme_handler

原因是此 module 一定要 load 以下 modules:

  • mod_proxy
  • proxy_http

DOC:

  • /usr/share/doc/mod_extract_forwarded-2.0.2/README

 


在 Centos 上安裝 mod_rpaf

 

yum install httpd-devel

tar -zxf mod_rpaf-0.6.tar_.gz

cd mod_rpaf-0.6

apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c

 


Apache 2.4 - mod_remoteip

 

http://datahunter.org/apache24_module#mod_remoteip