CodeIgniter session behind proxy

2019-04-08 07:32发布

站内问答 / PHP
710 2 4

What happens when you don't have a list of proxy IPs? When using site acceleration services like Akamai, Google, Edgecast or CloudFront; it would always be hard to get IPs for sessions from them.

When testing our codeigniter application on a CDN, we noticed that IPs were being passed as CDN IPs and not the client IPs in the session database.

How can you get around to this?

    /*
|--------------------------------------------------------------------------
| Reverse Proxy IPs
|--------------------------------------------------------------------------
|
| If your server is behind a reverse proxy, you must whitelist the proxy IP
| addresses from which CodeIgniter should trust the HTTP_X_FORWARDED_FOR
| header in order to properly identify the visitor's IP address.
| Comma-delimited, e.g. '10.0.1.200,10.0.1.201'
|
*/
$config['proxy_ips'] = '';

Thanks!

2条回答
成全新的幸福
2楼-- · 2019-04-08 07:43

Depending on the web server you use there are modules that will give you the true client IP address from the HTTP_X_FORWARDED_FOR header, or the equivalent for your proxy.

I use Nginx on my web server behind CloudFlare so I use this: http://wiki.nginx.org/HttpRealipModule

You'll need to configure the module for your web server that gets the real client IP from the correct header from your CDN.

查看更多
0人赞 添加讨论(0) 举报
对你真心纯属浪费
3楼-- · 2019-04-08 07:58

If you want to handle IP in Codeigniter 3 but not in the web server, you can add CDN IP into this config:

$config['proxy_ips'] = ['10.0.1.2'];

or giving a CDN network mask:

$config['proxy_ips'] = '10.0.1.0/24';

If your server is always behind CDN:

$config['proxy_ips'] = isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : '';

Get IP method:

$this->input->ip_address(); //$this=>CI

It will return forward IP if matched proxy IP, otherwise it will return $_SERVER["REMOTE_ADDR"], which could get the real client IP.

Referring to Codeigniter 3

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)