How to: Pass NginX the correct client IP address when using Varnish reverse proxy

You may also like...

1 Response

  1. Tom Ford says:

    Thank you for this post. I have a question, I’m have a website in WordPress and use Wordfence plugin. It comes with ‘Live traffic’ that shows your visitors’ real IPs and I can easily block them if they look fishy. It also comes with additional rules I can set up so that if someone is trying to access a banned URL for example, or hits the limit of 404 pages per minute he gets blocked straight away and he cannot access the site anymore. I was told that with Varnish in place, if the requested page is cached, the request will never ‘hit’ the server, circumventing those checks and rules, and instead the page will be served from Varnish cache, making my solution non functioning in the process. Am I to understand your solution will allow the best of both worlds? Will I be able to continue to use Wordfence with all it’s blocking and live tracking features while still serving cached version of pages? So basically it will ‘ask’ on each visit by providing the real IP for permission to display the cached version?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: