Proxy Protocol for NginX -


setup:

  • my nginx server sitting behind reverse proxy , aws elb. im trying use fail2ban ban client ip accessing server.

research/trials (correct me if im wrong):

  • used x_forwarded_for client ip, able see in aws instance when tcpdump, it's saying source connection proxy (i've tried setting real_ip_header , still did not work)

  • x_forwarded_for vulnerable ip spoofing

  • i'm focusing on using https connections server

  • most proxy protocol configurations uses x_forwarded_for

question:

  • is there way implement proxy protocol without using x_forwarded_for?

  • when client ip, how terminate/ban connection (i'm thinking @ application layer if source ip going proxy)? maybe using fail2ban?

any guides or knowledge please send them way! appreciate it!


Comments

Post a Comment

Popular posts from this blog

Is there a better way to structure post methods in Class Based Views -

i'm using class based views in django , never specify url in ajax calls , omit action parameter in form because know these requests go through post method of class based view. notice view - profile page make many requests depending on user updating on page - post method become convoluted , if/else mess example: def post(self, request, *args, **kwargs): # handle user changing available date if request.post.get('availabledate') != none: self.updateavailabledate(request) return jsonresponse({'result':'success'}) if request.post.get('newprojectname') != none: creative_user = creativeuserprofile.objects.get(id = request.user.id) project = project.create_project(creative_user, request.post['newprojectname']) project.save() return jsonresponse({'projectid': project.id }) if request.post.get('projectimage') != none , request.files['file']: proj...
Read more

Python Tornado package error when running server -

we running tornado tcp server on windows server 2012 machine. machine handles both http-based dashboard , 21 tcp websocket connected clients. in logs see following error. seems @ low level of websocket13 protocol. networking standpoint mean? why write buffer not greater or equal 0? [error] [2017-08-17 11:54:14 am] [tornado.application] exception in callback <bound method websocketprotocol13.periodic_ping of <tornado.websocket.websocketprotocol13 object @ 0x01d7ad30>> traceback (most recent call last): file "c:\python27\lib\site-packages\tornado\ioloop.py", line 1026, in _run return self.callback() file "c:\python27\lib\site-packages\tornado\websocket.py", line 1030, in periodic_ping self.write_ping(b'') file "c:\python27\lib\site-packages\tornado\websocket.py", line 790, in write_ping self._write_frame(true, 0x9, data) file "c:\python27\lib\site-packages\tornado\websocket.py", line 768, in _writ...
Read more

Qt QGraphicsScene is not accessable from QGraphicsView (on Qt 5.6.1) -

i new qt. trying catch mouse press , release in qgraphicsview area , draw line. this, extended qgraphicsview , called myqgraphicsview . seems scene not attached since added " hello world " , never appears in view. here code extended class: class myqgraphicsview : public qgraphicsview { q_object public: myqgraphicsview(qgraphicsscene *scene, qwidget *parent = q_nullptr) : qgraphicsview(scene,parent){ // qgraphicsview::qgraphicsview(scene,parent); } qpoint *pointptr, *startpos,*endpos; qgraphicsview *cv;//maa qgraphicsscene *c; qgraphicsscene *sceneptr; // maa protected: void paintevent(qpaintevent *event) { show(); } void mousepressevent(qmouseevent *event) { // pos wrt widget. global wer global screen qdebug()<<" mouse pressed @ "<<qwidget::mapfromglobal(event->globalpos()); //globalx(); startpos = new qpoint; startpos->setx(qwidget::mapfromglobal(event->globalpos()).x()); startpos->sety(qw...
Read more