I have a few questions about the real ip module (tried on nginx/1.22.0):
1. is there no way to reset the list of `set_real_ip_from` for a specific
subsection? For example to have a completely different set of trusted addresses
for a specific server
2. does setting `real_ip_header '';` in a section effectively disable the
module for the section?
3. documentation says `real_ip_header` is allowed in location block but it
doesn't seem to do anything?
This still uses address from X-Real-Ip instead of X-Other for allow check and
log:
http {
real_ip_header X-Real-Ip;
...
server {
location /data/ {
real_ip_header X-Other;
allow 10.0.0.1; # <- checks against value from X-Real-Ip
deny all;
access_log /var/log/nginx/data.log; # <- logs address from X-Real-Ip
}
}
}
Similarly I tried this version as well and it behaves the same:
location /da {
real_ip_header X-Other;
location /data/ {
allow 10.0.0.1;
deny all;
access_log /var/log/nginx/data.log;
}
}
_______________________________________________
nginx mailing list -- nginx@nginx.org
To unsubscribe send an email to nginx-le...@nginx.org
