real_ip_header
The real_ip_header directive specifies the name of the HTTP header to use for obtaining the real IP address of the client.
Description
The real_ip_header directive is used to define which HTTP header should contain the real IP address of the client when the NGINX server is positioned behind a reverse proxy or load balancer. This directive is essential for accurately logging and processing client requests, as it allows NGINX to extract the original client IP rather than the IP of the proxy that forwarded the request.
When configured, NGINX inspects the specified header in incoming requests and utilizes the value contained within it to replace the value derived from the socket. This is particularly useful in scenarios where multiple proxies are involved, ensuring that the application correctly identifies the originating client IP.
The directive accepts a single argument, which is typically a header like X-Forwarded-For, X-Real-IP, or a custom header that your infrastructure uses. The directive can be placed in the http, server, or location contexts, giving you flexibility based on your architecture.
Config Example
http {
real_ip_header X-Forwarded-For;
}Ensure that the proxy or load balancer is configured to send the correct header for the real client IP.
Incorrect configuration may lead to spoofing where untrusted clients can set the header to any arbitrary value.
Using multiple reverse proxies may require additional configuration for handoffs of headers.