程序人生网站首页 程序人生

https在反向代理環境下获取真实ip（基於workerman實現）

发布时间：2022-01-14 23:01:50编辑：雪饮阅读（）

上篇講到了ws也可以在反向代理環境下獲取真實訪問者的ip，那麽https自然也是不在話下了

nginx：

listen 443 ssl;

ssl_certificate /www/wwwroot/workerman/ssl.crt;

ssl_certificate_key /www/wwwroot/workerman/ssl.key;

ssl_session_timeout 5m;

ssl_session_cache shared:SSL:50m;

ssl_protocols SSLv3 SSLv2 TLSv1 TLSv1.1 TLSv1.2;

ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;

location /https

{

proxy_pass http://127.0.0.1:8282;

proxy_http_version 1.1;

proxy_set_header Upgrade $http_upgrade;

proxy_set_header Connection "Upgrade";

# 这部分是利用http头透传真实客户端ip

proxy_set_header X-Real-IP $remote_addr;

}

实现脚本：

<?php

use Workerman\Protocols\Http\Request;

use Workerman\Worker;

use Workerman\Connection\TcpConnection;

require_once __DIR__ . '/vendor/autoload.php';

$worker = new Worker('http://0.0.0.0:8282');

// 客户端连上来时，即完成TCP三次握手后的回调

$worker->onConnect = function(TcpConnection $connection) {

var_dump("sd:".$_SERVER['HTTP_X_REAL_IP']);

$connection->onMessage=function(TcpConnection $connection,Request $request){

$headers = $request->header();

$connection->send($headers["x-real-ip"]);

};

Worker::runAll();

访问如：

https://www.cece220807.com/https

关键字词：workerman,https,反向代理,ip