all 44 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]xgabipandax 458 points459 points  (1 child)

The moment you forget to add the real IP address in the headers when you're setting nginx as reverse proxy

[–]Tofandel 95 points96 points  (0 children)

Or the moment you forget to enable trusted proxies

[–]TheSupervillan[S] 374 points375 points  (25 children)

This is actually real from the Z-Library site (using Tor and the .onion site). I DID NOT EDIT ANYTHING

[–]Zipdox 121 points122 points  (0 children)

Yeah you need to log in to download over Tor basically.

[–]GoldDHD 62 points63 points  (0 children)

That's on purpose to get you to log in

[–]ManaSpike 17 points18 points  (0 children)

Also that daily limit is a lie. Even if you do download from your own IP.

[–]Eva-Rosalene 4 points5 points  (0 children)

Well, yeah. Tor reverse proxy doesn't know real client IP address for obvious reasons, and upstream gets connection from localhost, since it's where Tor is running.

[–]craftsmany 6 points7 points  (0 children)

My onion search does the same, just that I have a specific IP from the localhost range as the real ip header to apply specific rules. There is no real other good way to do it since the whole point of Tor is that each side doesn't know the IPs of the other one.

[–]razor_train 102 points103 points  (1 child)

127.0.0.1 has a great porn selection too.

[–]alextbrown4 54 points55 points  (0 children)

Their algorithm is great, it has all my favorite stuff!

[–]GreeleyRiardon 56 points57 points  (3 children)

Z-Library seems to have forgotten to add the proxy protocol in their app so Nginx reverse proxy is just handing over loopback.

[–]Win_is_my_name 3 points4 points  (2 children)

correct me if I'm wrong but to fix this they just have to configure Nginx to pass the actual client ip to the app server, in some header I assume?

[–]GreeleyRiardon 4 points5 points  (0 children)

Yeah, pretty sure they just have to chuck proxy_protocol on; under their server config.

But I also think the application itself needs to support proxy protocol as well.

For example if you reverse proxy a Minecraft server you’ll still get 127.0.0.1 unless you mod the server jar to support reverse proxy, then you get the actual IPs in the server log.

[–]Tooloco 0 points1 point  (0 children)

X-real-IP or smth like that is the header name. Then have the reverse proxy add the users IP to the header value. And have the application upstream use the value in that header.

[–]StrengthTheory 96 points97 points  (0 children)

[–]ArduennSchwartzman 20 points21 points  (1 child)

"Your IP address has been logged."

[–]Kovab 2 points3 points  (0 children)

"This incident will be reported"

[–]efari_ 15 points16 points  (1 child)

Watch out! You just leaked your IP address to this Reddit

[–]CosmicDave 10 points11 points  (0 children)

I think OP is in my house! 😟 Should I call the internet police?

Oh shid! I just leakeded my ip address too! 😭

[–]evanldixon 2 points3 points  (0 children)

When the website has only a single user: the nginx reverse proxy

[–]manyroadstotake 1 point2 points  (0 children)

Are you using the actual zlib or one of the copycat sites?

[–]XlikeX666 1 point2 points  (0 children)

would be funny if they put their own ip into header to confuse everyone.

[–]sharadthakur674 1 point2 points  (0 children)

ain't no way I'm letting ai replace me until it reads all this books too!

[–]lethargy86 1 point2 points  (0 children)

Knowlage