vhost ip filter express节点
我用express来pipe理两个子域名。 一切工作正常,但我想通过IP过滤一个子域的请求。 你知道可以做吗?
我试图在我的子域名站点的app.js中进行pipe理,但req.connection.remoteAddress和req.ip给了我的服务器IP地址。
当我只有一个子域,不使用虚拟主机我有正确的IP,但因为我使用虚拟主机我有我的服务器的IP地址…
以下是我的文件夹结构:
-- subdomain1/ -- app.js -- views/
这是我的新结构:
-- subdomain1/ -- app.js -- views/ -- subdomain2/ -- app.js -- views/ -- manageSubdomain/ -- app.js
这是我的代码,当它使用虚拟主机之前,只有一个子域:
subdomain1 / app.js:
var express = require('express'); var path = require('path'); var logger = require('morgan'); var cookieParser = require('cookie-parser'); var bodyParser = require('body-parser'); require('body-parser-xml')(bodyParser); var routes = require('./routes/index'); var app = express(); // view engine setup app.set('views', path.join(__dirname, 'views')); app.set('view engine', 'jade'); // uncomment after placing your favicon in /public app.use(logger('dev')); app.use(bodyParser.json()); app.use(bodyParser.urlencoded({ extended: false })); app.use(cookieParser()); app.use(express.static(path.join(__dirname, 'public'))); // Example middleware to get ip app.use(function (req, res) { console.log(req.ip); // it give me the correct IP }); app.use('/', routes); module.exports = app;
以及之前pipe理服务器的文件:
#!/usr/bin/env node /** * Module dependencies. */ var app = require('../app'); var debug = require('debug')('webservicePrestashop:server'); var https = require('https'); var fs = require('fs'); /** * Get port from environment and store in Express. */ var port = normalizePort(process.env.PORT || '443'); app.set('port', port); /** * Create HTTP server. */ //var server = http.createServer(app); var options = { key: fs.readFileSync('/path/to/privkey.pem'), cert: fs.readFileSync('/path/to/fullchain.pem'), ca: fs.readFileSync('/path/to/chain.pem') } var server = https.createServer(options, app); // Redirect from http port 80 to https var http = require('http'); http.createServer(function (req, res) { res.writeHead(301, { "Location": "https://" + req.headers['host'] + req.url }); res.end(); }).listen(80); /** * Listen on provided port, on all network interfaces. */ server.listen(port); /** * Event listener for HTTP server "listening" event. */ function onListening() { var addr = server.address(); var bind = typeof addr === 'string' ? 'pipe ' + addr : 'port ' + addr.port; debug('Listening on ' + bind); }
这里是我的代码来pipe理子域:
manageSubdomain / app.js:
var express = require('express'); var vhost = require('vhost'); var http = require('http'); var https = require('https'); var fs = require('fs'); var tls = require('tls'); // Gestions des sites const subdomain1 = { app: require('../subdomain1/app'), context: tls.createSecureContext({ key: fs.readFileSync('path/to/privkey.pem').toString(), cert: fs.readFileSync('path/to/privkey.pem/fullchain.pem').toString(), ca: fs.readFileSync('path/to/privkey.pem/chain.pem').toString() }).context }; const subdomain2 = { app: require('../subdomain2/app'), context: tls.createSecureContext({ key: fs.readFileSync('path/to/privkey.pem/privkey.pem').toString(), cert: fs.readFileSync('path/to/privkey.pem/fullchain.pem').toString(), ca: fs.readFileSync('path/to/privkey.pem/chain.pem').toString() }).context }; var sites = { "my.subdomain1.com": subdomain1, "my.subdomain2.com": subdomain2 }; var exp = express(); for (let s in sites) { exp.use(vhost(s, sites[s].app)); } // Redirect du http to https http.createServer(function (req, res) { res.writeHead(301, { "Location": "https://" + req.headers['host'] + req.url }); res.end(); }).listen(80); var secureOpts = { SNICallback: function (domain, cb) { if (typeof sites[domain] === "undefined") { cb(new Error("domain not found"), null); console.log("Error: domain not found: " + domain); } else { cb(null, sites[domain].context); } }, key: fs.readFileSync('path/to/privkey.pem/privkey.pem').toString(), cert: fs.readFileSync('path/to/privkey.pem/fullchain.pem').toString() }; // Création du serveur https var httpsServer = https.createServer(secureOpts, exp); httpsServer.listen(443);
现在我的subdomain1 / app.js与以前相同
你有没有尝试与req.ip属性?
Express文档说:
包含请求的远程IP地址。
当信任代理设置不计算为false时,此属性的值将从X-Forwarded-For头中最左边的条目派生。 这个头可以由客户端或代理来设置。
要debugging你的代码,添加一个日志logging中间件, 然后将任何应用程序添加到快速对象:
var exp = express(); // ip logging middleware app.use(function (req, res, next) { console.log(req.ip); next(); }); for (let s in sites) { exp.use(vhost(s, sites[s].app)); }
然后,添加与您的子应用程序的第一个中间件相同的中间件。 这样可以确定问题是由vhost模块引起的。