在 .htaccess 身份验证中使用 HTTP_X_REAL_IP
我的网络服务器前面有一个 nginx 负载平衡器,因此 REMOTE_ADDR 标头被负载平衡器的 IP 覆盖。
原始 IP 地址位于 HTTP_X_REAL_IP 标头中。我知道我可以通过重写规则获取标头,但是还有一种方法可以在 .htaccess Auth 方法的允许范围内使用 http 标头吗?
<Directory "/path/*">
AuthType Basic
AuthName "Authentication Required"
AuthUserFile "/path/authfiles/www-app"
Require valid-user
...
Allow from HTTP_X_REAL_IP
</Directory>
我尝试过谷歌搜索,但只遇到了 setifenv (尝试过)并重写了规则。
I have a nginx loadbalancer in front off my webservers thus the REMOTE_ADDR header is being overwritten by the ip of the loadbalancer.
the original ip address is in the HTTP_X_REAL_IP header. I know i can get the header with rewrite rules but is there also a way to use the http header within the allow of an .htaccess Auth method?
<Directory "/path/*">
AuthType Basic
AuthName "Authentication Required"
AuthUserFile "/path/authfiles/www-app"
Require valid-user
...
Allow from HTTP_X_REAL_IP
</Directory>
I've tried googling but only came across setifenv (tried it) and rewrite rules.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
Allow不允许您向其传递 HTTP 标头,但它接受环境变量。您应该能够看到环境。带有RewriteCond/RewriteRule的变量。我还没有测试过,但类似这样的东西可以工作:Allowdoesn't allow you to pass an HTTP header to it, but it does accept environment variables. You should be able to se the env. variable with aRewriteCond/RewriteRule. I haven't tested it, but something like this could work:使用:
其中 %IP1、%IP2、%IP3 - 您的 IP。
当然,您可以根据需要更改正则表达式,或者仅将其替换为一个 IP,或者在此处阅读更多信息:
http://httpd.apache.org/docs/trunk/mod/mod_access_compat.html
Use this:
where %IP1, %IP2, %IP3 - your IPs.
Sure, you can change the regular expression as you wish or just replace it with one IP, or read more here:
http://httpd.apache.org/docs/trunk/mod/mod_access_compat.html