<button id="qvlbh"><button id="qvlbh"></button></button>
<xmp id="qvlbh"><xmp id="qvlbh"><xmp id="qvlbh"><address id="qvlbh"><output id="qvlbh"></output></address>
<xmp id="qvlbh"><legend id="qvlbh"></legend>
<xmp id="qvlbh"> <address id="qvlbh"><output id="qvlbh"></output></address>
<address id="qvlbh"><button id="qvlbh"></button></address>
<button id="qvlbh"><samp id="qvlbh"></samp></button>
<address id="qvlbh"><button id="qvlbh"></button></address><address id="qvlbh"></address>
<address id="qvlbh"><legend id="qvlbh"></legend></address>
<samp id="qvlbh"><xmp id="qvlbh"><legend id="qvlbh"></legend>
中國站
幫助中心 > 安全 > 高防IP > 常見(jiàn)問(wèn)題 > 高防IP HTTP/TCP協(xié)議如何獲取用戶(hù)真實(shí)IP

高防IP HTTP/TCP協(xié)議如何獲取用戶(hù)真實(shí)IP

純TCP協(xié)議

  1. 億速云高防產(chǎn)品使用proxy protocol(簡(jiǎn)稱(chēng)PP協(xié)議)來(lái)傳遞用戶(hù)真實(shí)IP。當前高防IP使用的為proxy_protocol 的V1版本。

  2. 設置proxy protocol 開(kāi)啟。

  3. HTTP協(xié)議如何通過(guò)非網(wǎng)站防護 獲取客戶(hù)端真實(shí)IP?
    以Nginx為例:

    1. // 如果您的源服務(wù)器nginx為直接的源,不再反向代理到其他的上游,則$proxy_protocol_addr變量即為真實(shí)用戶(hù)的IP??赏ㄟ^(guò)修改Nginx日志格式,在access.log日志查看。也可直接打印請求頭。參考下圖1
    2. server {
    3. listen 8443 proxy_protocol("**請在您的源服務(wù)器的端口處添加 'proxy_protocol' ");
    4. ....(其他配置省略)
    5. }
    6. //如您的源服務(wù)器Nginx轉發(fā)請求到其他上游
    7. server {
    8. listen 8443 proxy_protocol("請在您的源服務(wù)器的端口處添加 'proxy_protocol' ");
    9. proxy_set_header X-PP-RealIp $proxy_protocol_addr;//您可通過(guò)該語(yǔ)法,將用戶(hù)真實(shí)IP,定義為任意字段(本例為X-PP-RealIp),轉發(fā)給上游,結果請見(jiàn)圖2
    10. location / {
    11. proxy_pass http://backend.example2.com:8088;
    12. ......(省略配置)
    13. }
    14. }

    圖1


    圖2

  4. TCP服務(wù)如何獲取用戶(hù)的真實(shí)IP

    1. 在三次握手后,數據接收階段獲取的報文中.會(huì )首先收到一個(gè)字符串,如(“PROXY TCP4 119.188.212.127 123.129.229.123 41774 8082”)。
      其中以空格為分隔符,119.188.212.127 為客戶(hù)端的真實(shí)IP,123.129.229.123 為高防IP,8082 為端口。
    2. 實(shí)現代碼
      • PHP swoole版本:
        1. <?php
        2. //創(chuàng )建Server對象,監聽(tīng) 127.0.0.1:9501 端口
        3. $server = new Swoole\Server("0.0.0.0", 8082);
        4. //監聽(tīng)連接進(jìn)入事件
        5. $server->on("Connect", function ($server, $fd) {
        6. echo "Client: Connect.\n";
        7. });
        8. //監聽(tīng)數據接收事件
        9. $server->on("Receive", function ($server, $fd, $from_id, $data) {
        10. $fd_info = $server->getClientInfo($fd);
        11. //var_dump($fd_info);
        12. var_dump($data);
        13. $is_proxy = substr($data,0,5);
        14. if($is_proxy == "PROXY"){
        15. $proxy_arr = explode(" ",$data);
        16. echo "真實(shí)ip:".$proxy_arr[2]."\n";
        17. echo "高防ip:".$proxy_arr[3]."\n";
        18. }
        19. $server->send($fd, "Server: " . $data);
        20. });
        21. //監聽(tīng)連接關(guān)閉事件
        22. $server->on("Close", function ($server, $fd) {
        23. echo "Client: Close.\n";
        24. });
        25. //啟動(dòng)服務(wù)器
        26. $server->start();
        27. ?>
      • Node.js版本:
        1. 到Github下載對應的庫 https://github.com/moznion/proxy-protocol-js ,也可以npm proxy-protocol-js。
        2. 服務(wù)器解析(高防IP使用V1版本的 代理協(xié)議)
          1. var net = require('net');
          2. const proxyProtocol = require('proxy-protocol-js');
          3. const PORT = 18001;
          4. const HOST = '0.0.0.0'
          5. var clientHandler = function(socket){
          6. //客戶(hù)端發(fā)送數據的時(shí)候觸發(fā)data事件
          7. socket.on('data', function dataHandler(data) {//data是客戶(hù)端發(fā)送給服務(wù)器的數據
          8. var is_proxy = data.toString().substring(0,5);
          9. if(is_proxy == "PROXY"){
          10. const proto = proxyProtocol.V1ProxyProtocol.parse(data.toString());
          11. console.log(proto);
          12. }else{
          13. console.log(socket.remoteAddress, socket.remotePort, 'send', data.toString());
          14. }
          15. //服務(wù)器向客戶(hù)端發(fā)送消息
          16. socket.write('server received\n');
          17. });
          18. //當對方的連接斷開(kāi)以后的事件
          19. socket.on('close', function(){
          20. console.log(socket.remoteAddress, socket.remotePort, 'disconnected');
          21. })
          22. };
          23. //創(chuàng )建TCP服務(wù)器的實(shí)例
          24. //傳入的參數是:監聽(tīng)函數clientHandler
          25. var app = net.createServer(clientHandler);
          26. app.listen(PORT, HOST);
          27. console.log('tcp server running on tcp://', HOST, ':', PORT);
    3. 測試結果
      使用telnet 高防IP 填寫(xiě)的轉發(fā)端口

參考文檔
https://www.cnblogs.com/zhangmingda/p/12672588.html

HTTP協(xié)議族

1. 可以從請求頭中的HTTP_X-FORWARDED-FOR字段獲取。

2. 如果您的環(huán)境是寶塔搭建的,可在nginx.conf的http模塊增加以下的設置即可

  1. http{
  2. ...
  3. set_real_ip_from 0.0.0.0/0;
  4. real_ip_header X-Forwarded-For;
  5. }

3.如您的環(huán)境是Apache,可以使用兩個(gè)模塊

  • mod_rpaf
  1. 安裝wget http://stderr.net/apache/rpaf/download/mod_rpaf-0.6.tar.gz
  2. tar -xzvf mod_rpaf-0.6.tar.gz
  3. cd mod_rpaf-0.6/
  4. /usr/local/apache/bin/apxs -i -c -n mod_rpaf-2.0.slo mod_rpaf-2.0.c
  5. vi /usr/local/apache/conf/httpd.conf
  6. Include conf/extra/httpd-rpaf.conf
  7. vi /usr/local/apache/conf/extra/httpd-rpaf.conf
  8. LoadModule rpaf_module modules/mod_rpaf-2.0.so
  9. RPAFenable On
  10. RPAFsethostname On
  11. RPAFproxy_ips 127.0.0.1 10.8.0.110 # 代理服務(wù)器的ip地址(記得做相應修改)
  12. RPAFheader X-Forwarded-For
  • mod_remoteip
  1. wget https://github.com/ttkzw/mod_remoteip-httpd22/raw/master/mod_remoteip.c
  2. /usr/local/apache/bin/apxs -i -c -n mod_remoteip.so mod_remoteip.c
  3. vi /usr/local/apache/conf/httpd.conf
  4. Include conf/extra/httpd-remoteip.conf
  5. vi /usr/local/apache/conf/extra/httpd-remoteip.conf
  6. LoadModule remoteip_module modules/mod_remoteip.so
  7. RemoteIPHeader X-Forwarded-For
  8. RemoteIPInternalProxy 127.0.0.1
国产精品香港三级|日韩精品无码免费专区网站|熟女一区二区三区|一本伊大人香蕉久久网|jzzijzzij亚洲乱熟无码
<button id="qvlbh"><button id="qvlbh"></button></button>
<xmp id="qvlbh"><xmp id="qvlbh"><xmp id="qvlbh"><address id="qvlbh"><output id="qvlbh"></output></address>
<xmp id="qvlbh"><legend id="qvlbh"></legend>
<xmp id="qvlbh"> <address id="qvlbh"><output id="qvlbh"></output></address>
<address id="qvlbh"><button id="qvlbh"></button></address>
<button id="qvlbh"><samp id="qvlbh"></samp></button>
<address id="qvlbh"><button id="qvlbh"></button></address><address id="qvlbh"></address>
<address id="qvlbh"><legend id="qvlbh"></legend></address>
<samp id="qvlbh"><xmp id="qvlbh"><legend id="qvlbh"></legend>