Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
How to remove the SSL configured URL domain temporarily Question Question
Why is my Node.js app trying to retrieve random resources? Question Question

Question

NGINX shows the actual IP of the server when forwarding requests, How to prevent this?

Posted May 15, 2017 10.2k views
NginxNode.jsUbuntu 16.04

my /etc/nginx/sites-available/default FILE ->

location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
proxyredirect off;
proxypass http://localhost:7000;
proxyhttpversion 1.1;
proxysetheader Upgrade $httpupgrade;
proxysetheader Connection ‘upgrade’;
proxysetheader Host $host;
proxycachebypass $httpupgrade;
proxy_redirect off;
}

Add a comment
pravandanchand
By:
pravandanchand

Related

Join the DigitalOcean Community Community

Join 1M+ other developers and:

  • Get help and share knowledge in Q&A
  • Subscribe to topics of interest
  • Get courses & tools that help you grow as a developer or small business owner
 Join Now
How to remove the SSL configured URL domain temporarily Question Question
Why is my Node.js app trying to retrieve random resources? Question Question

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
Submit an Answer
1 answer
jtittle1 May 15, 2017

@pravandanchand

From what you’ve posted, it looks like you’ve defined proxy_redirect twice, so I’d remove one.

That said, in /etc/nginx/nginx.conf, make sure server_name_in_redirect is set to off if it’s defined. If it’s not defined, it defaults to off, so you don’t need to specifically add it.

For your proxy configuration, I’d recommend using this:

proxy_buffers 16 32k;
proxy_buffer_size 64k;
proxy_busy_buffers_size 128k;
proxy_cache_bypass $http_pragma $http_authorization;
proxy_connect_timeout 59s;
proxy_hide_header X-Powered-By;
proxy_http_version 1.1;
proxy_ignore_headers Cache-Control Expires;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 http_404;
proxy_no_cache $http_pragma $http_authorization;
proxy_pass_header Set-Cookie;
proxy_read_timeout 600;
proxy_redirect off;
proxy_send_timeout 600;
proxy_temp_file_write_size 64k;
proxy_set_header Accept-Encoding '';
proxy_set_header Cookie $http_cookie;
proxy_set_header Host $host;
proxy_set_header Proxy '';
proxy_set_header Referer $http_referer;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Original-Request $request_uri;

So your location block would actually look like:

location / {
    proxy_buffers 16 32k;
    proxy_buffer_size 64k;
    proxy_busy_buffers_size 128k;
    proxy_cache_bypass $http_pragma $http_authorization;
    proxy_connect_timeout 59s;
    proxy_hide_header X-Powered-By;
    proxy_http_version 1.1;
    proxy_ignore_headers Cache-Control Expires;
    proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504 http_404;
    proxy_no_cache $http_pragma $http_authorization;
    proxy_pass_header Set-Cookie;
    proxy_read_timeout 600;
    proxy_redirect off;
    proxy_send_timeout 600;
    proxy_temp_file_write_size 64k;
    proxy_set_header Accept-Encoding '';
    proxy_set_header Cookie $http_cookie;
    proxy_set_header Host $host;
    proxy_set_header Proxy '';
    proxy_set_header Referer $http_referer;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Host $host;
    proxy_set_header X-Forwarded-Server $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Original-Request $request_uri;
    proxy_pass http://localhost:7000;
}
Reply Report

Related

Looking for something else?

Ask a new question Search for more help