added usage of X-Real-IP http header

to identify request IPs which came through NGINX reverse proxy configurations
8 years ago · 30d71c6359
parent f45378c11c
commit 30d71c6359
2 changed files with 16 additions and 2 deletions
--- a/source/net/yacy/cora/protocol/RequestHeader.java
+++ b/source/net/yacy/cora/protocol/RequestHeader.java
@ -76,6 +76,7 @@ public class RequestHeader extends HeaderFramework implements HttpServletRequest

    public static final String X_CACHE = "X-Cache";
    public static final String X_CACHE_LOOKUP = "X-Cache-Lookup";
+    public static final String X_Real_IP = "X-Real-IP";

    public static final String COOKIE = "Cookie";

@ -147,7 +148,7 @@ public class RequestHeader extends HeaderFramework implements HttpServletRequest
        if (refererHost == null || refererHost.isEmpty() || Domains.isLocalhost(refererHost)) return true;
        return false;
    }
-
+    
    /**
     * Gets the header entry "Cookie" as on string containing all cookies
     *
@ -706,12 +707,21 @@ public class RequestHeader extends HeaderFramework implements HttpServletRequest
    @Override
    public String getRemoteAddr() {
        if (this._request != null) {
-            return _request.getRemoteAddr();
+        	return client(_request);
        } else {
            return super.get(HeaderFramework.CONNECTION_PROP_CLIENTIP);
        }
    }

+    public static String client(final ServletRequest request) {
+        String clientHost = request.getRemoteAddr();
+        if (request instanceof HttpServletRequest) {
+        	String XRealIP = ((HttpServletRequest) request).getHeader(X_Real_IP);
+        	if (XRealIP != null && XRealIP.length() > 0) clientHost = XRealIP; // get IP through nginx config "proxy_set_header X-Real-IP $remote_addr;"
+        }
+		return clientHost;
+    }
+    
    @Override
    public String getRemoteHost() {
        if (_request != null) {
--- a/source/net/yacy/http/servlets/SolrSelectServlet.java
+++ b/source/net/yacy/http/servlets/SolrSelectServlet.java
@ -47,6 +47,8 @@ import net.yacy.cora.federate.solr.responsewriter.HTMLResponseWriter;
 import net.yacy.cora.federate.solr.responsewriter.OpensearchResponseWriter;
 import net.yacy.cora.federate.solr.responsewriter.SnapshotImagesReponseWriter;
 import net.yacy.cora.federate.solr.responsewriter.YJsonResponseWriter;
+import net.yacy.cora.protocol.RequestHeader;
+import net.yacy.cora.util.ConcurrentLog;
 import net.yacy.data.UserDB;
 import net.yacy.search.Switchboard;
 import net.yacy.search.SwitchboardConstants;
@ -162,6 +164,8 @@ public class SolrSelectServlet extends HttpServlet {
                */
            }
            String q = mmsp.get(CommonParams.Q, "");
+            ConcurrentLog.info("SolrSelect", "client=" + RequestHeader.client(request) + " q=" + q); // to detect bots and dos
+
            if (querystring.length() == 0) querystring = q;
            if (!mmsp.getMap().containsKey(CommonParams.START)) {
                int startRecord = mmsp.getFieldInt("startRecord", null, CommonParams.START_DEFAULT);