Skip to main content
ubuntuask.com

Back to all posts

How to Get A Real Client IP Directly From NGINX?

Published on
5 min read
How to Get A Real Client IP Directly From NGINX? image

Best Tools to Buy for Accurate IP Tracking in NGINX in October 2025

1 NOYAFA NF-8506 Network Cable Tester with RJ45 Crimp Tool, CAT5 CAT6 Network Tester, IP Scan, PoE Ping Test, Network Rate Test, Port Flashing, RJ45 RJ11 Ethernet Cable Tester with Crimper Stripper

NOYAFA NF-8506 Network Cable Tester with RJ45 Crimp Tool, CAT5 CAT6 Network Tester, IP Scan, PoE Ping Test, Network Rate Test, Port Flashing, RJ45 RJ11 Ethernet Cable Tester with Crimper Stripper

  • ALL-IN-ONE FUNCTIONALITY: TEST, DIAGNOSE, AND MAINTAIN NETWORKS EASILY.
  • ADVANCED PING & IP SCANNING: VERIFY CONNECTIONS AND OPTIMIZE PERFORMANCE QUICKLY.
  • DURABLE CRIMPING TOOL INCLUDED: EFFICIENTLY CRIMP AND PREPARE CABLES FOR LONGEVITY.
BUY & SAVE
$139.99
NOYAFA NF-8506 Network Cable Tester with RJ45 Crimp Tool, CAT5 CAT6 Network Tester, IP Scan, PoE Ping Test, Network Rate Test, Port Flashing, RJ45 RJ11 Ethernet Cable Tester with Crimper Stripper
2 REOLINK PTZ Security Camera System 4K, IP PoE 360 Camera with Dual-Lens, Auto 6X Hybrid Zoomed Tracking, 355 Pan & 90 Tilt, Outdoor Surveillance, AI Detection, TrackMix PoE

REOLINK PTZ Security Camera System 4K, IP PoE 360 Camera with Dual-Lens, Auto 6X Hybrid Zoomed Tracking, 355 Pan & 90 Tilt, Outdoor Surveillance, AI Detection, TrackMix PoE

  • SEE EVERYTHING: DUAL LENSES OFFER CLOSE-UPS AND PANORAMIC VIEWS!

  • STAY ALERT: INSTANT NOTIFICATIONS FOR SUSPICIOUS ACTIVITIES!

  • EASY SETUP: POE TECH ENSURES QUICK AND STABLE INSTALLATION!

BUY & SAVE
$189.99
REOLINK PTZ Security Camera System 4K, IP PoE 360 Camera with Dual-Lens, Auto 6X Hybrid Zoomed Tracking, 355 Pan & 90 Tilt, Outdoor Surveillance, AI Detection, TrackMix PoE
3 FoMaKo HDMI PTZ Camera, 30x Optical Zoom AI Auto-Tracking Gen 3, PoE 3G-SDI IP, for Church Worship Education Events vMix OBS Wirecast (FMK30SDI Pro),Black Color

FoMaKo HDMI PTZ Camera, 30x Optical Zoom AI Auto-Tracking Gen 3, PoE 3G-SDI IP, for Church Worship Education Events vMix OBS Wirecast (FMK30SDI Pro),Black Color

  • AI AUTO-TRACKING FOR SEAMLESS EVENT CAPTURE AND DYNAMIC FOCUS.
  • 30X OPTICAL ZOOM DELIVERS STUNNING 1080P CLARITY IN ANY SETTING.
  • 3-YEAR WARRANTY & 24/7 SUPPORT ENSURES RISK-FREE, RELIABLE USE.
BUY & SAVE
$629.00
FoMaKo HDMI PTZ Camera, 30x Optical Zoom AI Auto-Tracking Gen 3, PoE 3G-SDI IP, for Church Worship Education Events vMix OBS Wirecast (FMK30SDI Pro),Black Color
4 ZOSI 16CH 4K 8MP PoE Security Camera System with AI Face Person Vehicle Detection, 16 x 5MP 3K Outdoor Auto Tracking PT PoE IP Camera with 5X Digital Zoom, 2-Way Audio, 4TB HDD for 24/7 Recording

ZOSI 16CH 4K 8MP PoE Security Camera System with AI Face Person Vehicle Detection, 16 x 5MP 3K Outdoor Auto Tracking PT PoE IP Camera with 5X Digital Zoom, 2-Way Audio, 4TB HDD for 24/7 Recording

  • SMART AI ALERTS REDUCE FALSE ALARMS - RECEIVE NOTIFICATIONS THAT MATTER.

  • WIDE COVERAGE WITH AUTO MOTION TRACKING - ELIMINATE BLIND SPOTS EFFORTLESSLY.

  • 5MP HD NIGHT VISION & TWO-WAY AUDIO - EXPERIENCE CLEAR VISUALS & COMMUNICATE DIRECTLY.

BUY & SAVE
$1,149.99
ZOSI 16CH 4K 8MP PoE Security Camera System with AI Face Person Vehicle Detection, 16 x 5MP 3K Outdoor Auto Tracking PT PoE IP Camera with 5X Digital Zoom, 2-Way Audio, 4TB HDD for 24/7 Recording
5 SV3C 36X Zoom PTZ POE Camera Outdoor, Auto Tracking 4K ONVIF IP Wired Camera, Person Vehicle Motion Detection, Floodlight Color Night Vision, Two Way Audio, Camhipro, Preset, BlueIris, 24/7 Recording

SV3C 36X Zoom PTZ POE Camera Outdoor, Auto Tracking 4K ONVIF IP Wired Camera, Person Vehicle Motion Detection, Floodlight Color Night Vision, Two Way Audio, Camhipro, Preset, BlueIris, 24/7 Recording

  • STUNNING 4K RESOLUTION & NIGHT VISION FOR ALL-DAY SECURITY!

  • RELIABLE POE COMPATIBILITY WITH ONVIF FOR HASSLE-FREE INTEGRATION!

  • 360° COVERAGE WITH 36X ZOOM & SMART MOTION ALERTS FOR SAFETY!

BUY & SAVE
$299.09
SV3C 36X Zoom PTZ POE Camera Outdoor, Auto Tracking 4K ONVIF IP Wired Camera, Person Vehicle Motion Detection, Floodlight Color Night Vision, Two Way Audio, Camhipro, Preset, BlueIris, 24/7 Recording
6 TP-Link Tapo 2K QHD Pan/Tilt Security Camera for Pet Camera, Baby Monitor, Motion Detection, Motion Tracking, 2-Way Audio, Night Vision, Cloud &SD Card Storage, Works w/Alexa & Google Home(Tapo C220)

TP-Link Tapo 2K QHD Pan/Tilt Security Camera for Pet Camera, Baby Monitor, Motion Detection, Motion Tracking, 2-Way Audio, Night Vision, Cloud &SD Card Storage, Works w/Alexa & Google Home(Tapo C220)

  • CRYSTAL-CLEAR 2K QHD VIDEO: SEE EVERY DETAIL AT HOME IN STUNNING CLARITY.

  • 360° PAN & TILT: MONITOR ENTIRE ROOMS EFFORTLESSLY WITH FULL RANGE COVERAGE.

  • INSTANT ALERTS & SMART INTEGRATION: GET REAL-TIME NOTIFICATIONS AND VOICE CONTROL.

BUY & SAVE
$24.99 $30.98
Save 19%
TP-Link Tapo 2K QHD Pan/Tilt Security Camera for Pet Camera, Baby Monitor, Motion Detection, Motion Tracking, 2-Way Audio, Night Vision, Cloud &SD Card Storage, Works w/Alexa & Google Home(Tapo C220)
7 HXVIEW PTZ Camera Outdoor, 30X Optical Zoom Security Camera, 5MP Wireless WiFi RTSP IP Camera, 1000FT Night Vision, Auto Tracking, Emergency Strobe Light Alarm, Human Detection, 2-Way Audio

HXVIEW PTZ Camera Outdoor, 30X Optical Zoom Security Camera, 5MP Wireless WiFi RTSP IP Camera, 1000FT Night Vision, Auto Tracking, Emergency Strobe Light Alarm, Human Detection, 2-Way Audio

  • 30X OPTICAL ZOOM: CAPTURE FINE DETAILS UP TO 1000FT AWAY!

  • AUTOMATIC TRACKING: STAY ALERTED WITH REAL-TIME MOTION DETECTION!

  • REMOTE ACCESS: WATCH LIVE VIDEO ANYTIME VIA THE CAMHIPRO APP!

BUY & SAVE
$187.99
HXVIEW PTZ Camera Outdoor, 30X Optical Zoom Security Camera, 5MP Wireless WiFi RTSP IP Camera, 1000FT Night Vision, Auto Tracking, Emergency Strobe Light Alarm, Human Detection, 2-Way Audio
8 ZOSI 4K Indoor Security Camera, C518 WiFi Pan/Tilt Pet/Dog/Baby Plug-in IP Camera, Auto Tracking, AI Human/Face/Pet Detection, 360° View, Night Vision, 2-Way Audio, 5GHz/2.4GHz WiFi, 64G Memory Card

ZOSI 4K Indoor Security Camera, C518 WiFi Pan/Tilt Pet/Dog/Baby Plug-in IP Camera, Auto Tracking, AI Human/Face/Pet Detection, 360° View, Night Vision, 2-Way Audio, 5GHz/2.4GHz WiFi, 64G Memory Card

  • STUNNING 4K ULTRA HD: SEE EVERY DETAIL WITH 4X THE RESOLUTION OF 1080P.

  • AI TRACKING: AUTOMATICALLY FOLLOWS MOTION FOR ENHANCED SECURITY ALERTS.

  • TWO-WAY AUDIO: CONNECT EASILY WITH FAMILY THROUGH BUILT-IN COMMUNICATION.

BUY & SAVE
$55.99
ZOSI 4K Indoor Security Camera, C518 WiFi Pan/Tilt Pet/Dog/Baby Plug-in IP Camera, Auto Tracking, AI Human/Face/Pet Detection, 360° View, Night Vision, 2-Way Audio, 5GHz/2.4GHz WiFi, 64G Memory Card
9 Ambient Weather WS-1553-IP Smart Wireless Weather Station with Remote Monitoring and Alerts

Ambient Weather WS-1553-IP Smart Wireless Weather Station with Remote Monitoring and Alerts

  • REAL-TIME UPDATES EVERY 16 SECONDS FOR ACCURATE WEATHER INSIGHTS.
  • SMART HOME INTEGRATION WITH IFTTT, GOOGLE HOME, AND ALEXA.
  • CONNECT WIRELESSLY OR VIA ETHERNET TO SHARE DATA GLOBALLY.
BUY & SAVE
$194.99
Ambient Weather WS-1553-IP Smart Wireless Weather Station with Remote Monitoring and Alerts
+
ONE MORE?

To get the real client IP directly from NGINX, you can use the ngx_http_realip_module module. This module allows NGINX to replace the client IP address in the request headers with the address sent in the X-Forwarded-For or X-Real-IP headers.

Follow these steps to configure NGINX to obtain the real client IP:

  1. Open the NGINX configuration file typically located at /etc/nginx/nginx.conf or /etc/nginx/conf.d/default.conf.
  2. Inside the http block, add the following line to load the ngx_http_realip_module module: load_module /usr/lib/nginx/modules/ngx_http_realip_module.so;
  3. Within the http block, add the following lines to set the real_ip_header variable to the appropriate header value: set_real_ip_from 10.0.0.0/8; real_ip_header X-Forwarded-For; Replace 10.0.0.0/8 with the appropriate CIDR notation for your trusted proxy IP address or subnet range.
  4. Below the previous lines, add the following line to restore the original client IP address: real_ip_recursive on;
  5. Save the configuration file and exit the text editor.
  6. Test the NGINX configuration for syntax errors: nginx -t
  7. If the test is successful, reload NGINX to apply the changes: systemctl reload nginx

Once NGINX is configured, it will use the value from the X-Forwarded-For or X-Real-IP header as the client IP address instead of the default value obtained by NGINX. This allows you to accurately trace the client IP in your NGINX logs or use it for any other purposes within your NGINX configuration.

How to configure NGINX to obtain the client IP address?

To configure NGINX to obtain the client IP address, you can follow these steps:

  1. Open your NGINX configuration file. Depending on the operating system and NGINX installation method, the file could be located at /etc/nginx/nginx.conf or /etc/nginx/conf.d/default.conf or /etc/nginx/sites-available/default.
  2. Inside the main http block, add or modify the http or server block to include the following line: set_real_ip_from 0.0.0.0/0; # Set the IP range from which NGINX should trust proxy requests real_ip_header X-Forwarded-For; # The header that contains the real IP address Alternatively, if you're behind a load balancer or reverse proxy, you can use the X-Real-IP header instead of X-Forwarded-For: real_ip_header X-Real-IP;
  3. Save the configuration file and exit the editor.
  4. Test the configuration syntax for any errors by running the command: nginx -t
  5. If there are no syntax errors, reload the NGINX configuration to apply the changes by running the command: nginx -s reload

After configuring NGINX to obtain the client IP address, you can access it in your application or web server logs using the REMOTE_ADDR environment variable.

How to check if NGINX is running on a server?

You can use the following command to check if NGINX is running on a server:

sudo systemctl status nginx

This command will display the status of the NGINX service. If NGINX is running, you will see output similar to:

● nginx.service - The NGINX HTTP Server Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2021-04-13 10:00:00 PDT; 1h ago Docs: http://nginx.org/en/docs/ Main PID: 12345 (nginx) Tasks: 2 (limit: 4915) Memory: 4.0M CPU: 1.000s CGroup: /system.slice/nginx.service ├─12345 nginx: master process /usr/sbin/nginx -g daemon on; master_process on; └─12346 nginx: worker process

If NGINX is not running, you will see output indicating that the service is inactive or not found.

Note: The exact command may vary depending on the operating system and how NGINX is installed on the server.

What is an NGINX rewrite rule?

An NGINX rewrite rule is a configuration setting that allows rewriting or modifying URL paths or query strings sent by clients before processing the request. It enables the server to redirect or serve content from different locations based on certain conditions defined by regular expressions. NGINX rewrite rules are commonly used for URL redirection, modifying query strings, masking internal file paths, and implementing SEO-friendly URLs.

How to block specific IP addresses using NGINX?

To block specific IP addresses using NGINX, you can follow these steps:

  1. Open the NGINX configuration file. This file is typically located in the /etc/nginx/ directory and is named nginx.conf.
  2. Inside the http block, add a new server block to define the configurations for blocking the IP addresses: http { ... server { ... } }
  3. Inside the server block, add a new location block to specify the path or URL where you want to block the IP addresses: http { ... server { ... location /block/path { ... } } }
  4. Inside the location block, use the deny directive to specify the IP addresses you want to block: http { ... server { ... location /block/path { deny 192.168.1.1; deny 10.0.0.0/24; ... } } } You can use either the IP address or IP range format (CIDR notation) to specify the IP addresses you want to block.
  5. Save the configuration file and exit the text editor.
  6. Test the NGINX configuration to ensure it is valid: $ nginx -t
  7. If the configuration test is successful, reload or restart NGINX for the changes to take effect: $ systemctl reload nginx or $ service nginx restart

With these steps, NGINX will deny access to the specified IP addresses for the specified path or URL. If any requests come from these IP addresses, NGINX will return a forbidden (403) error.