我解决了 CF盾和Discoutse论坛的IP显示问题

我分析了官方的那个app.yml里面扩展
发现他启动的实话会修改Nginx所以我把里面的代码提取了出来

1panel使用这个教程


server {
    listen 80 ; 
    listen 443 ssl http2 ; 
    server_name www.justnainai.com; 
    index index.php index.html index.htm default.php default.htm default.html; 
    # Cloudflare 设置(仅在 Cloudflare 后端启用时)
    real_ip_header CF-Connecting-IP; # 获取真实客户端 IP
    set_real_ip_from 103.21.244.0/22; # Cloudflare IP 范围
    set_real_ip_from 103.22.200.0/22; 
    set_real_ip_from 103.31.4.0/22; 
    set_real_ip_from 104.16.0.0/12; 
    set_real_ip_from 108.162.192.0/18; 
    set_real_ip_from 131.0.72.0/22; 
    set_real_ip_from 141.101.64.0/22; 
    set_real_ip_from 162.158.0.0/15; 
    set_real_ip_from 172.64.0.0/13; 
    set_real_ip_from 173.245.48.0/20; 
    set_real_ip_from 188.114.96.0/20; 
    set_real_ip_from 190.93.240.0/20; 
    set_real_ip_from 197.234.240.0/22; 
    set_real_ip_from 198.41.128.0/17; 
    set_real_ip_from 2400:cb00::/32; 
    set_real_ip_from 2405:8100::/32; 
    set_real_ip_from 2405:9800::/32; 
    set_real_ip_from 2606:4700::/32; 
    set_real_ip_from 2803:f800::/32; 
    set_real_ip_from 2c0f:f248::/32; 
    set_real_ip_from 2a06:98c0::/29; 
    # 设置反向代理头部信息
    proxy_set_header Host $host; 
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 
    proxy_set_header X-Forwarded-Host $server_name; 
    proxy_set_header X-Real-IP $remote_addr; 
    proxy_http_version 1.1; 
    proxy_set_header Upgrade $http_upgrade; 
    proxy_set_header Connection $http_connection; 
    # 日志设置
    access_log /www/sites/www.justnainai.com/log/access.log main; 
    error_log /www/sites/www.justnainai.com/log/error.log; 
    # 用于 ACME 挑战的路径(用于 Let's Encrypt)
    location ^~ /.well-known/acme-challenge {
        allow all; 
        root /usr/share/nginx/html; 
    }
    # 根目录和错误页面设置
    root /www/sites/www.justnainai.com/index; 
    error_page 404 /404.html; 
    # HTTP 重定向到 HTTPS
    if ($scheme = http) {
        return 301 https://$host$request_uri; 
    }
    # SSL 证书配置
    ssl_certificate /www/sites/www.justnainai.com/ssl/fullchain.pem; 
    ssl_certificate_key /www/sites/www.justnainai.com/ssl/privkey.pem; 
    ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1; 
    ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:!aNULL:!eNULL:!EXPORT:!DSS:!DES:!RC4:!3DES:!MD5:!PSK:!KRB5:!SRP:!CAMELLIA:!SEED; 
    ssl_prefer_server_ciphers on; 
    ssl_session_cache shared:SSL:10m; 
    ssl_session_timeout 10m; 
    # 错误页面处理
    error_page 497 https://$host$request_uri; 
    # 设置 X-Forwarded-Proto 用于 HTTPS
    proxy_set_header X-Forwarded-Proto https; 
    # 设置 HSTS 头,启用 HTTP Strict Transport Security
    add_header Strict-Transport-Security "max-age=31536000"; 
    include /www/sites/www.justnainai.com/proxy/*.conf; 
}

不需要全抄只需要复制 # Cloudflare 设置 即可

1 Like

还得是大佬,牛逼。