Python 如何在nginx代理背后的金字塔服务器中获取客户机的真实IP
我有一个金字塔应用程序,在某些地方使用Python 如何在nginx代理背后的金字塔服务器中获取客户机的真实IP,python,deployment,nginx,pyramid,wsgi,Python,Deployment,Nginx,Pyramid,Wsgi,我有一个金字塔应用程序,在某些地方使用request.environ['REMOTE\u ADDR'] 该应用程序由端口6543上的Python Paste提供服务,在端口80上侦听的nginx服务器正在向Paste服务器转发请求 nginx配置的灵感来自金字塔食谱: server { listen 80; ## listen for ipv4 listen [::]:80 default ipv6only=on; ## listen for ipv6 ser
request.environ['REMOTE\u ADDR']server {
listen 80; ## listen for ipv4
listen [::]:80 default ipv6only=on; ## listen for ipv6
server_name localhost;
access_log /var/log/nginx/localhost.access.log;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://127.0.0.1:6543;
}
- 如有必要,添加一个新的request订阅服务器,以替换request.environ['REMOTE\u ADDR']:
如果event.request.environ中的“HTTP\u X\u REAL\u IP”: event.request.environ['REMOTE\u ADDR']=event.request.environ['HTTP\u X\u REAL\u IP'] - 在到达金字塔层之前,使用wsgi中间件修改request.environ
- 别的
location / {
proxy_pass http://yourapp;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
}
if($_SERVER["HTTP_X_FORWARDED_FOR"]){
$ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
}else{
$ip = $_SERVER["REMOTE_ADDR"];
}
也许在python中类似,$ip是您真正的ip如果您通过
use=egg:PasteDeploy#prefixpaste.deploy.config.PrefixMiddlewareX-Forwarded-ForREMOTE\u ADDRX-Forwarded-Protowsgi.url\u scheme我使用nginx后面的gevent服务器,并使用
request.client\u addr粘贴config.add_subscriber(reverseProxyProtocolCorrection,'pyramid.events.NewRequest')
def reverseProxyProtocolCorrection(event):
event.request.scheme = 'https' if event.request.headers['X-Forwarded-Proto']=='https' else 'http'
event.request.remote_addr=parseXForward(event.request.headers['X-Forwarded-For'],event.request.remote_addr)
并确保您的代理设置了标题我一定错过了什么,因为我第一次尝试使用PrefixMiddleware,正如烹饪书中建议的那样,但它不起作用。我显然需要再试一次。好吧,结果我忘记插入[pipeline:main]部分了。一切正常