有没有办法删除apaches反向代理请求标头?
[英]Is there a way to remove apaches Reverse Proxy Request Headers?
问题描述
When acting as a reverse proxy, apache adds x-forwarded headers as described here. 
当充当反向代理时,apache会添加x-forwarded标头,如此处所述。
http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#x-headers http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#x-headers
In my configuration I have configured server A as a forward proxy. 在我的配置中,我已将服务器A配置为转发代理。 There is a rule like this: 有一个这样的规则:
RewriteRule proxy:(.*example.com)/(.*) $1.mysecondserver.com/$2 [P]
This rule lets the server request the resource from one of my other servers. 此规则允许服务器从我的其他服务器请求资源。
On the second server (origin) I have a virtual host container for the resource and another rewrite rule like this: 在第二个服务器(原始)上,我有一个资源的虚拟主机容器和另一个重写规则,如下所示:
RewriteRule some-regex some-url [P]
It may not seem to make sense like this but there is a lot of other stuff going on that I left out as it is not part of the problem. 它似乎没有这样的意义,但是我遗漏了许多其他的东西,因为它不是问题的一部分。
However that final request has these headers: 但是,最终请求具有以下标头:
[X-Forwarded-For] => ip of 1st server
[X-Forwarded-Host] => example.myseconserver.com
[X-Forwarded-Server] => example.com
I want those headers gone. 我想要那些标题消失了。
I seem to be unable to unset them with mod_headers. 我似乎无法用mod_headers取消它们。 I can add more entries to them, but I can not remove them. 我可以添加更多条目,但我无法删除它们。
Any ideas? 有任何想法吗?
3 个解决方案
解决方案1
2 已采纳 2012-04-08 23:18:24
corrected answer: there is no way to do that since its hardcoded 纠正的答案:自硬编码以来没有办法做到这一点
to fix this in the source code of mod_proxy_http.c search for the following part: 要在mod_proxy_http.c的源代码中修复此问题,请搜索以下部分:
apr_table_mergen(r->headers_in, "X-Forwarded-Server",
r->server->server_hostname);
}
and immediately after that add this code: 然后立即添加此代码:
// remove any X-Forwarded headers
apr_table_unset(r->headers_in, "X-Forwarded-For");
apr_table_unset(r->headers_in, "X-Forwarded-Host");
apr_table_unset(r->headers_in, "X-Forwarded-Server");
then compile by running apxs2 -cia mod_proxy_http.c 然后通过运行apxs2 -cia mod_proxy_http.c进行编译
解决方案2
2 2018-04-19 16:19:43
Since Apache 2, as this pretty answer says, the 自Apache 2以来,正如这个漂亮的答案所说的那样
ProxyAddHeaders Off
theoretically disables it. 理论上禁用它。 In my experiences, it had no effect. 根据我的经验,它没有任何效果。 However, combined with 但是,加上
<Proxy *>
ProxyAddHeaders Off
</Proxy>
and, with 与
RequestHeader unset X-Forwarded-Host
RequestHeader unset X-Forwarded-For
RequestHeader unset X-Forwarded-Server
somewhere it started to work. 它开始工作的某个地方。
解决方案3
1 2016-04-12 12:05:06
I had the same problem on httpd 2.2 on CentOS 5. Installing httpd 2.4 wasn't possible. 我在CentOS 5上的httpd 2.2上遇到了同样的问题。安装httpd 2.4是不可能的。 But because of some reasons I couldn't switch to nginx completly. 但由于某些原因,我无法完全切换到nginx。 So I did it by inserting nginx proxy between httpd and the destination address. 所以我通过在httpd和目标地址之间插入nginx代理来实现它。 So I had: httpd( localhost:80/path ) -> nginx( localhost:81/path ) -> http://your.destination/path . 所以我有:httpd( localhost:80/path ) - > nginx( localhost:81/path ) - > http://your.destination/path 。 Installation steps are the following: 安装步骤如下:
- Install nginx according to these instructions 根据这些说明安装nginx
- Configure nginx to avoid security problems. 配置nginx以避免安全问题。
Add an location in nginx that will remove those httpd's reverse proxy request headers.
在nginx中添加一个位置,删除那些httpd的反向代理请求标头。 It can look like this: 它看起来像这样: location /path { proxy_set_header x-forwarded-for ""; proxy_set_header x-forwarded-host ""; proxy_set_header x-forwarded-server ""; proxy_pass http://your.destination/path; }
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.