lighttp+nginx前端获取真实IP方法

在使用nginx做反向代理时,lighttpd在后端默认是无法获得客户端真实IP,如果要做到后端获取真实IP,首先nginx需要重新编译,加入-with-http_realip_module作为参数,大概如下:
./configure -with-http_realip_module
nginx.conf的proxy_pass后加入如下指令:
Location ~ / {
proxy_pass   127.0.0.1:8080;
proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
}
注:Lighttpd只能通过X-Forwarded-For头获取realip,设置X-Real-IP是无效的。
Nginx配置好后,lighttpd仍然无法获得真实ip,必须在lighttpd中添加模块mod_extforward,并进行相应配置,步骤如下:
1、在server.modules中增加mod_extforward
2、指定forwarder ip:
extforward.forwarder = ("10.0.0.232" => "trust")
通过以上配置即可实现后端lighttpd获取真实客户端地址。

nginx反向攻略指南

nginx严格定义上来说是一个不折不扣的反向代理服务器,用来做前端非常不错!

 

aptitude install gcc g++ vim libncurses5-dev make libxml2-dev
 apt-get -y install subversion
 apt-get install libpcre3 libpcre3-dev libcurl4-openssl-dev
 wget -c  http://nginx.org/download/nginx-1.0.5.tar.gz 
tar -zxf nginx-1.0.5.tar.gz
 wget -c http://wiki.nginx.org/images/5/51/Nginx-accesskey-2.0.3.tar.gz
 tar -zxf Nginx-accesskey-2.0.3.tar.gz
 svn checkout http://substitutions4nginx.googlecode.com/svn/trunk/ substitutions4nginx-read-only
 curdir=$(pwd)
 cd nginx-1.0.5 
./configure --user=nobody --group=nobody  --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --pid-path=/var/run/nginx.pid  --conf-path=/etc/nginx/nginx.conf   --with-http_stub_status_module --with-http_ssl_module --with-http_gzip_static_module --with-ipv6 --with-pcre --with-http_sub_module --add-module=$curdir/substitutions4nginx-read-only --add-module=$curdir/nginx-accesskey-2.0.3   
 make 
make install 

 nginx安装过程就这样了,如果已经安装过nginx的可以搜索下nginx升级的方法来完成!

编译参数里面的--with-http_sub_module --add-module=$curdir/substitutions4nginx-read-only --add-module=$curdir/nginx-accesskey-2.0.3 保留其他自行斟酌更改,这里就不罗嗦了!

substitutions4ngin是用来做替换,支持正则式!

nginx-accesskey和本文关系不大,主要作用是用于封IP访问和防盗链之用!

然后是nginx.conf的配置,基本配置就不阐述了,下面贴一个反向hostloc论坛的实例

        server{
        listen 80;
        server_name bbs.kvm.la;  #绑定的域名
        root /var/www/html;  #网站目录(搭配lnamp的时候有用处!)
        access_log off;		#off 关闭日志
location / {
subs_filter 'www.hostloc.com' 'bbs.kvm.la' gi;  #substitutions4nginx替换 (使用方法参照官方)
subs_filter '全球主机交流论坛' '全球主机网' gi;  #substitutions4nginx替换 (使用方法参照官方)
proxy_set_header   X-Real-IP  $remote_addr;
proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header   Referer http://www.hostloc.com;		#强制定义Referer,程序验证判断会用到
proxy_set_header   Host www.hostloc.com;  				#定义主机头,如果目标站点绑定的域名个server_name项的吻合则使用$host
proxy_pass http://174.127.189.179;						#指定目标,建议使用IP或者nginx自定义池
proxy_set_header Accept-Encoding "";					#清除编码
        }
}

更多详细Proxy设置参考nginx官方wiki说明:http://wiki.nginx.org/HttpProxyModule

反向实例http://bbs.kvm.la

 

 

 

Centos LAMP(二)

mkdir -p /tmp/src
cd /tmp/src
yum -y install patch make gcc gcc-c++ gcc-g77 flex bison file
yum -y install libtool libtool-libs autoconf kernel-devel
yum -y install libjpeg libjpeg-devel libpng libpng-devel libpng10 libpng10-devel gd gd-devel
yum -y install freetype freetype-devel libxml2 libxml2-devel zlib zlib-devel
yum -y install glib2 glib2-devel bzip2 bzip2-devel libevent libevent-devel
yum -y install ncurses ncurses-devel curl curl-devel e2fsprogs
yum -y install e2fsprogs-devel krb5 krb5-devel libidn libidn-devel
yum -y install openssl openssl-devel vim-minimal nano sendmail
yum -y install fonts-chinese gettext gettext-devel
yum -y install ncurses-devel
yum -y install gmp-devel pspell-devel
yum -y install unzip
yum install gcc gcc-c++ flex autoconf automake make m4 patch libtool openssl-devel file time mlocate sudo bind-utils -y
yum update -y
http://monkey.org/~provos/libevent-2.0.9-rc.tar.gz
tar -xzf libevent-2.0.9-rc.tar.gz
cd libevent-2.0.9-rc
./configure
make && make install
cd /tmp/src
wget http://memcached.googlecode.com/files/memcached-1.4.5.tar.gz
tar -xzf memcached-1.4.5.tar.gz
cd memcached-1.4.5
./configure
make && make install
cd /tmp/src
wget http://launchpad.net/libmemcached/1.0/0.44/+download/libmemcached-0.44.tar.gz
tar -xzf libmemcached-0.44.tar.gz
cd libmemcached-0.44
./configure
make && make install
cd /tmp/src
yum install mysql-server -y
rpm -ivh http://repo.webtatic.com/yum/centos/5/`uname -i`/webtatic-release-5-1.noarch.rpm
yum --enablerepo=webtatic install php-devel php php-mysql php-sockets php-process php-pecl-memcache php-pecl-gearman httpd php-mcrypt php-mbstring -y
cd /var/www/html
wget http://sourceforge.net/projects/phpmyadmin/files%2FphpMyAdmin%2F3.3.8.1%2FphpMyAdmin-3.3.8.1-all-languages.tar.gz/download
tar -xzf phpMyAdmin-3.3.8.1-all-languages.tar.gz
mv phpMyAdmin-3.3.8.1-all-languages phpmyadmin
cd /root

CentOS yum安装LAMP环境

本文适用于所有的vps,测试环境为NordicVPS 256M XEN
非LNMP,非一键安装包

yum -y update
yum -y install gcc gcc-c++ autoconf make automake libtool libevent libevent-devel
yum -y install ncurses ncurses-devel gd gd-devel freetype freetype-devel fontconfig
fontconfig-devel libjpeg libjpeg-devel zlib zlib-devel pcre pcre-devel
yum -y install libmcrypt mhash gmp gmp-devel
yum -y install mysql mysql-server mysql-devel
yum -y install httpd httpd-devel
yum -y install php*
rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY*
yum install -y php-eaccelerator
#启动apache
/etc/init.d/httpd restart
#启动mysql
/etc/init.d/mysqld restart
chkconfig httpd on
chkconfig mysqld on
#生成phpinfo文件
cat>>/var/www/html/info.php< phpinfo();
?>
EOF

现在可以通过http://ip/info.php查看LAMP信息了
附1:mysql配置文件所在位置:/etc/my.cnf
附2:apache配置文件目录所在位置:/etc/httpd/
附3:php配置文件所在位置:/etc/php.ini

原文出自tony1999之手