How to Get A Real Client IP Directly From NGINX?

Best Tools to Buy for Accurate IP Tracking in NGINX in January 2026

1

REOLINK PTZ Security Camera System 4K, IP PoE 360 Camera with Dual-Lens, Auto 6X Hybrid Zoomed Tracking, 355 Pan & 90 Tilt, Outdoor Surveillance, AI Detection, TrackMix PoE

• DUAL VIEW CONVENIENCE: CAPTURE BOTH CLOSE-UPS AND WIDE ANGLES SIMULTANEOUSLY.

• AUTO TRACKING & ZOOM: SMARTLY FOLLOWS MOVEMENT WITH ADJUSTABLE ZOOM OPTIONS.

• INSTANT ALERTS FOR SAFETY: IMMEDIATE NOTIFICATIONS AND SIRENS KEEP YOU SECURE.

BUY & SAVE

$189.99

2

Tapo TP-Link 2K Pan/Tilt Indoor Security Camera for Baby Monitor, Pet Camera, Motion Detection & Tracking, 2-Way Audio, Cloud & SD Card Storage, Works w/Alexa & Google Home, Black, C211(2-Pack)

• CRYSTAL-CLEAR 2K HD VIDEO CAPTURES EVERY DETAIL, DAY OR NIGHT!

• 360° PAN/TILT VIEW ENSURES NO CORNER OF YOUR HOME IS OVERLOOKED.

• INSTANT ALERTS FOR MOTION OR BABY CRIES KEEP YOU INFORMED INSTANTLY!

BUY & SAVE

$36.98 $43.99

Save 16%

3

EVERSECU 7 Inch Touch Screen 5 in 1 CCTV Tester with Cable Tracer, Support Upt to 4K IP Camera & 8.0 Megapixel AHD, TVI, CVI & CVBS Analog Camera, with Keyboard/IP Discovery/POE Output/APP

• TEST UP TO 4K VIDEO FORMATS WITH A VIVID 7-INCH IPS TOUCHSCREEN.
• LOCATE CABLES AND PORTS EFFORTLESSLY WITH ADVANCED WIRE TRACKER FEATURE.
• ENJOY 10-HOUR BATTERY LIFE WITH VERSATILE CAMERA TESTING TOOLS INCLUDED.

BUY & SAVE

$395.99

4

Tapo 2K Pan/Tilt Indoor Security Camera for Baby Monitor, Pet Camera | Motion Detection & Tracking | 2-Way Audio | Cloud & SD Card Storage | Works w/Alexa & Google Assistant | Black C211

• CRYSTAL-CLEAR 2K VIDEO CAPTURES EVERY DETAIL, DAY OR NIGHT.

• 360° PAN/TILT VIEW ENSURES NO CORNER IS LEFT UNMONITORED.

• INSTANT ALERTS FOR MOTION AND CRYING-STAY INFORMED ALWAYS!

BUY & SAVE

$19.97 $23.99

Save 17%

5

TONGVEO 4K NDI PTZ Camera AI Auto-Tracking 20X Optical Zoom HDMI IP Live Streaming SDI USB3.0 PoE LAN Supports for Church Worship Event Video Conference YouTube OBS vMix Zoom Teams and More

• STUNNING 4K CLARITY: ELEVATE YOUR STREAMS WITH 4K/30FPS RESOLUTION.
• SEAMLESS NDI INTEGRATION: EFFORTLESSLY CONNECT WITH TOP LIVE STREAMING SOFTWARE.
• INTELLIGENT AI TRACKING: KEEP YOUR SUBJECT PERFECTLY FRAMED WITH SMART TRACKING.

BUY & SAVE

$459.00

6

REOLINK Smart 5MP 8CH Home Security Camera System, 4pcs Wired PoE IP Cameras Outdoor with Person/Pet/Vehicle Detection, 4K 8CH NVR with 2TB HDD for 24-7 Recording, RLK8-520D4-5MP

• CRYSTAL CLEAR 5MP HD VISION - NIGHT OR DAY PROTECTION!
• SMART DETECTION REDUCES UNWANTED ALERTS FOR TRUE SAFETY.
• EASY PLUG & PLAY SETUP - SECURE YOUR HOME INSTANTLY!

BUY & SAVE

$319.99 $439.99

Save 27%

7

Rsrteng IPC-9800MOVTADHS Pro Full Features CCTV Camera Tester 8K 32MP IP Camera Tester wtih POE++ Max 90W, CCTV Tester with 4K TVI CVI AHD SDI Support DMM OPM VFL TDR 1CH SFP HD VGA WIFI Network Tools

• SUPPORTS 8K/32MP TESTING: TEST MAX 8K IP CAMERAS FOR UNMATCHED CLARITY.
• ALL-IN-ONE TOOL: INCLUDES MULTIMETER, CABLE TRACER, AND CAMERA TESTS.
• FAST SETUP FOR HIK & DH: QUICKLY CONFIGURE MULTIPLE CAMERAS IN BATCHES.

BUY & SAVE

$649.99

8

Anpviz 6MP PoE PTZ Camera Outdoor, 5X Optical Zoom 2.7~13.5mm Lens, Pan Tilt Zoom IP Security Camera with Human Vehicle Detection, Spotlight&Sound Alarm, SD Card Slot, IP66, NDAA Compliant (U Series)

• 6MP HD VIDEO & EASY POE INSTALLATION FOR SMOOTH SURVEILLANCE
• WIDE COVERAGE: 280° PAN, 90° TILT, AND 5X OPTICAL ZOOM
• SMART ALERTS: DETECTS HUMANS/VEHICLES, REDUCES FALSE ALARMS

BUY & SAVE

$94.98 $99.98

Save 5%

9

ZOSI C290 4K 8MP UHD Wired WiFi Security Camera Outdoor Indoor, Plug-in Pan/Tilt IP Camera, AI Human Face Vehicle Detection, Auto Tracking, Night Vision, Siren Alarm, 2-Way Audio, 64GB Memory Card

• 4K ULTRA HD WITH 360° COVERAGE FOR UNMATCHED DETAIL AND MONITORING.
• SMART AI DETECTS AND TRACKS HUMANS, SENDING INSTANT ALERTS TO YOU.
• IP66 WEATHERPROOF DESIGN ENSURES RELIABILITY IN ANY OUTDOOR CONDITIONS.

BUY & SAVE

$69.99

+

ONE MORE?

To get the real client IP directly from NGINX, you can use the ngx_http_realip_module module. This module allows NGINX to replace the client IP address in the request headers with the address sent in the X-Forwarded-For or X-Real-IP headers.

Follow these steps to configure NGINX to obtain the real client IP:

1. Open the NGINX configuration file typically located at /etc/nginx/nginx.conf or /etc/nginx/conf.d/default.conf.
2. Inside the http block, add the following line to load the ngx_http_realip_module module: load_module /usr/lib/nginx/modules/ngx_http_realip_module.so;
3. Within the http block, add the following lines to set the real_ip_header variable to the appropriate header value: set_real_ip_from 10.0.0.0/8; real_ip_header X-Forwarded-For; Replace 10.0.0.0/8 with the appropriate CIDR notation for your trusted proxy IP address or subnet range.
4. Below the previous lines, add the following line to restore the original client IP address: real_ip_recursive on;
5. Save the configuration file and exit the text editor.
6. Test the NGINX configuration for syntax errors: nginx -t
7. If the test is successful, reload NGINX to apply the changes: systemctl reload nginx

Once NGINX is configured, it will use the value from the X-Forwarded-For or X-Real-IP header as the client IP address instead of the default value obtained by NGINX. This allows you to accurately trace the client IP in your NGINX logs or use it for any other purposes within your NGINX configuration.

How to configure NGINX to obtain the client IP address?

To configure NGINX to obtain the client IP address, you can follow these steps:

1. Open your NGINX configuration file. Depending on the operating system and NGINX installation method, the file could be located at /etc/nginx/nginx.conf or /etc/nginx/conf.d/default.conf or /etc/nginx/sites-available/default.
2. Inside the main http block, add or modify the http or server block to include the following line: set_real_ip_from 0.0.0.0/0; # Set the IP range from which NGINX should trust proxy requests real_ip_header X-Forwarded-For; # The header that contains the real IP address Alternatively, if you're behind a load balancer or reverse proxy, you can use the X-Real-IP header instead of X-Forwarded-For: real_ip_header X-Real-IP;
3. Save the configuration file and exit the editor.
4. Test the configuration syntax for any errors by running the command: nginx -t
5. If there are no syntax errors, reload the NGINX configuration to apply the changes by running the command: nginx -s reload

After configuring NGINX to obtain the client IP address, you can access it in your application or web server logs using the REMOTE_ADDR environment variable.

How to check if NGINX is running on a server?

You can use the following command to check if NGINX is running on a server:

sudo systemctl status nginx

This command will display the status of the NGINX service. If NGINX is running, you will see output similar to:

● nginx.service - The NGINX HTTP Server Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled) Active: active (running) since Tue 2021-04-13 10:00:00 PDT; 1h ago Docs: http://nginx.org/en/docs/ Main PID: 12345 (nginx) Tasks: 2 (limit: 4915) Memory: 4.0M CPU: 1.000s CGroup: /system.slice/nginx.service ├─12345 nginx: master process /usr/sbin/nginx -g daemon on; master_process on; └─12346 nginx: worker process

If NGINX is not running, you will see output indicating that the service is inactive or not found.

Note: The exact command may vary depending on the operating system and how NGINX is installed on the server.

What is an NGINX rewrite rule?

An NGINX rewrite rule is a configuration setting that allows rewriting or modifying URL paths or query strings sent by clients before processing the request. It enables the server to redirect or serve content from different locations based on certain conditions defined by regular expressions. NGINX rewrite rules are commonly used for URL redirection, modifying query strings, masking internal file paths, and implementing SEO-friendly URLs.

How to block specific IP addresses using NGINX?

To block specific IP addresses using NGINX, you can follow these steps:

1. Open the NGINX configuration file. This file is typically located in the /etc/nginx/ directory and is named nginx.conf.
2. Inside the http block, add a new server block to define the configurations for blocking the IP addresses: http { ... server { ... } }
3. Inside the server block, add a new location block to specify the path or URL where you want to block the IP addresses: http { ... server { ... location /block/path { ... } } }
4. Inside the location block, use the deny directive to specify the IP addresses you want to block: http { ... server { ... location /block/path { deny 192.168.1.1; deny 10.0.0.0/24; ... } } } You can use either the IP address or IP range format (CIDR notation) to specify the IP addresses you want to block.
5. Save the configuration file and exit the text editor.
6. Test the NGINX configuration to ensure it is valid: $ nginx -t
7. If the configuration test is successful, reload or restart NGINX for the changes to take effect: $ systemctl reload nginx or $ service nginx restart

With these steps, NGINX will deny access to the specified IP addresses for the specified path or URL. If any requests come from these IP addresses, NGINX will return a forbidden (403) error.