Apache配置CF顯示真實IP真難

httpd 发表于 2025-1-11 00:34:29

不像Nginx直接引用外部IP列表文件就好了

httpd 发表于 2025-1-11 07:00:31

abysscong 发表于 2025-1-11 01:50:00

https://developers.cloudflare.com/support/troubleshooting/restoring-visitor-ips/restoring-original-visitor-ips/#apache-24

httpd 发表于 2025-1-11 01:50:17

<div class="quote"><blockquote><a href="https://hostloc.com/forum.php?mod=redirect&goto=findpost&pid=16182678&ptid=1381865" target="_blank">abysscong 发表于 2025-1-11 01:50</a> 
https://developers.cloudflare.com/support/troubleshooting/restoring-visitor-ips/restoring-original-v ...</blockquote></div><div class="blockcode"><div id="code_tY2"><ol><li>root@3-us:~# cat /etc/apache2/apache2.conf <li># This is the main Apache server configuration file.It contains the <li># configuration directives that give the server its instructions. <li># See http://httpd.apache.org/docs/2.4/ for detailed information about <li># the directives and /usr/share/doc/apache2/README.Debian about Debian specific <li># hints. <li># <li># <li># Summary of how the Apache 2 configuration works in Debian: <li># The Apache 2 web server configuration in Debian is quite different to <li># upstream's suggested way to configure the web server. This is because Debian's <li># default Apache2 installation attempts to make adding and removing modules, <li># virtual hosts, and extra configuration directives as flexible as possible, in <li># order to make automating the changes and administering the server as easy as <li># possible. <li> <li># It is split into several files forming the configuration hierarchy outlined <li># below, all located in the /etc/apache2/ directory: <li># <li># /etc/apache2/ <li># |-- apache2.conf <li># | `--ports.conf <li># |-- mods-enabled <li># | |-- *.load <li># | `-- *.conf <li># |-- conf-enabled <li># | `-- *.conf <li># `-- sites-enabled <li># `-- *.conf <li># <li># <li># * apache2.conf is the main configuration file (this file). It puts the pieces <li># together by including all remaining configuration files when starting up the <li># web server. <li># <li># * ports.conf is always included from the main configuration file. It is <li># supposed to determine listening ports for incoming connections which can be <li># customized anytime. <li># <li># * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/ <li># directories contain particular configuration snippets which manage modules, <li># global configuration fragments, or virtual host configurations, <li># respectively. <li># <li># They are activated by symlinking available configuration files from their <li># respective *-available/ counterparts. These should be managed by using our <li># helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See <li># their respective man pages for detailed information. <li># <li># * The binary is called apache2. Due to the use of environment variables, in <li># the default configuration, apache2 needs to be started/stopped with <li># /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not <li># work with the default configuration. <li> <li> <li># Global configuration <li># <li> <li># <li># ServerRoot: The top of the directory tree under which the server's <li># configuration, error, and log files are kept. <li># <li># NOTE!If you intend to place this on an NFS (or otherwise network) <li># mounted filesystem then please read the Mutex documentation (available <li># at <URL:http://httpd.apache.org/docs/2.4/mod/core.html#mutex>); <li># you will save yourself a lot of trouble. <li># <li># Do NOT add a slash at the end of the directory path. <li># <li>#ServerRoot "/etc/apache2" <li> <li># <li># The accept serialization lock file MUST BE STORED ON A LOCAL DISK. <li># <li>#Mutex file:${APACHE_LOCK_DIR} default <li> <li># <li># The directory where shm and other runtime files will be stored. <li># <li> <li>DefaultRuntimeDir ${APACHE_RUN_DIR} <li> <li># <li># PidFile: The file in which the server should record its process <li># identification number when it starts. <li># This needs to be set in /etc/apache2/envvars <li># <li>PidFile ${APACHE_PID_FILE} <li> <li># <li># Timeout: The number of seconds before receives and sends time out. <li># <li>Timeout 300 <li> <li># <li># KeepAlive: Whether or not to allow persistent connections (more than <li># one request per connection). Set to "Off" to deactivate. <li># <li>KeepAlive On <li> <li># <li># MaxKeepAliveRequests: The maximum number of requests to allow <li># during a persistent connection. Set to 0 to allow an unlimited amount. <li># We recommend you leave this number high, for maximum performance. <li># <li>MaxKeepAliveRequests 100 <li> <li># <li># KeepAliveTimeout: Number of seconds to wait for the next request from the <li># same client on the same connection. <li># <li>KeepAliveTimeout 5 <li> <li> <li># These need to be set in /etc/apache2/envvars <li>User ${APACHE_RUN_USER} <li>Group ${APACHE_RUN_GROUP} <li> <li># <li># HostnameLookups: Log the names of clients or just their IP addresses <li># e.g., www.apache.org (on) or 204.62.129.132 (off). <li># The default is off because it'd be overall better for the net if people <li># had to knowingly turn this feature on, since enabling it means that <li># each client request will result in AT LEAST one lookup request to the <li># nameserver. <li># <li>HostnameLookups Off <li> <li># ErrorLog: The location of the error log file. <li># If you do not specify an ErrorLog directive within a <VirtualHost> <li># container, error messages relating to that virtual host will be <li># logged here.If you *do* define an error logfile for a <VirtualHost> <li># container, that host's errors will be logged there and not here. <li># <li>ErrorLog ${APACHE_LOG_DIR}/error.log <li> <li># <li># LogLevel: Control the severity of messages logged to the error_log. <li># Available values: trace8, ..., trace1, debug, info, notice, warn, <li># error, crit, alert, emerg. <li># It is also possible to configure the log level for particular modules, e.g. <li># "LogLevel info ssl:warn" <li># <li>LogLevel warn <li> <li># Include module configuration: <li>IncludeOptional mods-enabled/*.load <li>IncludeOptional mods-enabled/*.conf <li> <li># Include list of ports to listen on <li>Include ports.conf <li> <li> <li># Sets the default security model of the Apache2 HTTPD server. It does <li># not allow access to the root filesystem outside of /usr/share and /var/www. <li># The former is used by web applications packaged in Debian, <li># the latter may be used for local directories served by the web server. If <li># your system is serving content from a sub-directory in /srv you must allow <li># access here, or in any related virtual host. <li><Directory /> <li>Options FollowSymLinks <li>AllowOverride None <li>Require all denied <li></Directory> <li> <li><Directory /usr/share> <li>AllowOverride None <li>Require all granted <li></Directory> <li> <li><Directory /var/www/> <li>Options Indexes FollowSymLinks <li>AllowOverride None <li>Require all granted <li></Directory> <li> <li>#<Directory /srv/> <li># Options Indexes FollowSymLinks <li># AllowOverride None <li># Require all granted <li>#</Directory> <li> <li> <li> <li> <li># AccessFileName: The name of the file to look for in each directory <li># for additional configuration directives.See also the AllowOverride <li># directive. <li># <li>AccessFileName .htaccess <li> <li># <li># The following lines prevent .htaccess and .htpasswd files from being <li># viewed by Web clients. <li># <li><FilesMatch "^\.ht"> <li>Require all denied <li></FilesMatch> <li> <li> <li># <li># The following directives define some format nicknames for use with <li># a CustomLog directive. <li># <li># These deviate from the Common Log Format definitions in that they use %O <li># (the actual bytes sent including headers) instead of %b (the size of the <li># requested file), because the latter makes it impossible to detect partial <li># requests. <li># <li># Note that the use of %{X-Forwarded-For}i instead of %h is not recommended. <li># Use mod_remoteip instead. <li># <li>#LogFormat "%v:%p %a %l %u %t "%r" %>s %O "%{Referer}i" "%{User-Agent}i"" vhost_combined <li>LogFormat "%h %l %u %t "%r" %>s %O "%{Referer}i" "%{User-Agent}i"" vhost_combined <li>#LogFormat "%a %l %u %t "%r" %>s %O "%{Referer}i" "%{User-Agent}i"" combined <li>LogFormat "%a %l %u %t "%r" %>s %O "%{Referer}i" "%{User-Agent}i"" combined <li>LogFormat "%a %l %u %t "%r" %>s %O" common <li>LogFormat "%{Referer}i -> %U" referer <li>LogFormat "%{User-agent}i" agent <li>#设置访问日志的记录路径和格式 <li>CustomLog ${APACHE_LOG_DIR}/access.log combined <li> <li># Include of directories ignores editors' and dpkg's backup files, <li># see README.Debian for details. <li> <li># Include generic snippets of statements <li>IncludeOptional conf-enabled/*.conf <li> <li># Include the virtual host configurations: <li>IncludeOptional sites-enabled/*.conf <li>GracefulShutDownTimeout 3 <li>AddOutputFilter INCLUDES .shtml <li>AddType text/html .shtml <li>AddType application/x-httpd-php .php <li>AddType application/x-httpd-php-source .phps <li> <li># 加載 mod_remoteip 模組 <li>LoadModule remoteip_module modules/mod_remoteip.so <li> <li># 加載 CloudFlare IP列表文件 <li>Include conf-available/mod_remoteip.conf</ol></div>复制代码</div> 
 
不知道這樣對不對

页: [1]

全球主机交流论坛备用站's Archiver

Apache配置CF顯示真實IP真難