在有代理的情況下，因為要代替客戶端去訪問服務器，所以，當請求包經過反向代理後，在代理服務器這裏這個IP數據包的IP包頭做了修改，最終後端WEB服務器得到的數據包的頭部源IP地址是代理服務器的IP地址。這樣一來，後端服務器的程序就無法獲取用戶的真實ip。

nginx有代理的情況:

在nginx中配置中加入

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Real-Port $remote_port;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

Apache有代理的情況：

vi /usr/local/apache/conf/httpd.conf

Include conf/extra/httpd-remoteip.conf

vi /usr/local/apache/conf/extra/httpd-remoteip.conf

LoadModule remoteip_module modules/mod_remoteip.so

RemoteIPHeader X-Forwarded-For

RemoteIPInternalProxy 127.0.0.1

代碼 示例

string GetClientIp(CgiInput* poInput)

{

string client_ip = "";

string strClientIPList;

GetHttpHeader("X-Forwarded-For", strClientIPList);

if (strClientIPList.empty())

{

GetHttpHeader("X-Real-IP", strClientIPList);

}

if (!strClientIPList.empty())

{

size_t iPos = strClientIPList.find( "," );

if( iPos != std::string::npos )

{

client_ip = strClientIPList.substr( iPos );

}

else

{

client_ip = strClientIPList;

}

}

if (client_ip.empty())

{

GetHttpHeader("PROXY_FORWARDED_FOR", strClientIPList);

// 做下兼容

if(strClientIPList.empty())

{

client_ip = getRemoteAddr();

}

else

{

size_t iPos = strClientIPList.find( "," );

if( iPos != std::string::npos )

{

client_ip = strClientIPList.substr( iPos );

}

else

{

client_ip = strClientIPList;

}

}

}

if(!MMPayCommFunc::IsIp(client_ip))

client_ip = getRemoteAddr();

return client_ip;

}

服務器 獲取用戶 真實ip