Hello Phil,
On 5/12/2015 8:54 AM, Phil Daws wrote:
the issue is that if I go to the web site via HTTPS, which does not pass
through a CDN, then the correct client IP is being passed through but if I go
via HTTP its the CDN's IP which is being presented. When I was using
real_ip_header x-forward-for then it would work fine, but that broke the HTTPS
side of things. Some how need to get the x-forward-for IP, if its present,
into the proxy_protol one. Is that possible ?
Thanks, Phil
What you should be able to do is set differenet real_ip_header for each,
as you have two server{} blocks in nginx, one for HTTP and one for
HTTPS. Since real_ip_header is supported in server{} level, you can set
it to x-forwarded-for in case of HTTP and proxy_protocol in case of HTTPS.
http://nginx.org/en/docs/http/ngx_http_realip_module.html#real_ip_header
Regards,
Nenad