Hi Discourse community!
Am I correct to assume that IP Lookup gets the last IP from the X-Forwarded-For header? Cloudfront seems to be attaching their IP at the end.
How would we modify nginx to remove the last IP in the X-Forwarded-For header? We were hoping to get the client IP to prevent spammers.
Could anyone please provide help / guidance?
Cheers
Just wanted to check if anyone else has a workaround for something like this?
Hi, did you check this?
Have a look at Running other websites on the same machine as Discourse
我在启用 Cloudflare 代理时遇到了这个问题。
我通过更改 Nginx 配置解决了这个问题。您需要找到所有的代理 IP 地址,并在 http 部分为每个 IP 地址添加:
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
...
然后,您可以设置 Cloudflare 传递的标头中的真实 IP 地址:
real_ip_header CF-Connecting-IP;
由于代理 IP 地址可能会更改,我需要自动化拉取和更新这些 IP 地址。
然后使用以下命令重新加载/重启 nginx:
sv nginx reload 或 sv nginx restart
唉。真希望我早点看到这篇帖子!我今天花了整整一个小时重新创建了一个已经存在的东西:X-Forwarded-For 代理标签未被 Discourse 识别?:
我建议您切换到内置解决方案,因为它会在您重建站点时自动从 Cloudflare 更新 IP 列表!
与依赖重新构建相比,最好设置一个 cron 作业来定期检查。
2年实际上比我预想的要频繁。
不过,检查非常简单,每天检查一次也没有问题。希望他们在新的 IP 地址范围生效前几天更新列表。