1. agent ：

        An agent can be understood as a server , It generally acts as an intermediary between the client and the server . Without an agent, the request of the client goes directly to the server , When there is an agent, the information between the client and the server interacts through the agent . Just like rent agents in big cities , Tenants and landlords exchange information through intermediaries .

2. Forward agency ：

        The agent often said in life ( Such as vpn) Generally refers to forward agency , The purpose of forward proxy is to hide clients . When using forward proxy, all the requests of the client are sent by the server . We all know that under normal circumstances, our computers cannot access Google , But if there is a proxy server that can access google And we can also access the proxy server , Then we can use it as a medium to access Google . At this time, Google can only see the proxy server , Our reality ip Hidden .

        The process is as follows ：

          A proxy server can serve multiple servers .

3. Reverse proxy ：

        As opposed to forward agents , The purpose of reverse proxy is to hide the server . Generally, when we visit the official website of a certain degree or a certain treasure , above url Not a real server ip Address . It will send the request to the real server , Then the real server also interacts with the client through it .

        The reverse proxy process is as follows ：

        The client sends the message to the proxy server , The proxy server sends the message to the real server .

        Forward proxy and reverse proxy can be used together , When we use a forward proxy to access Google , Google is also conducting reverse proxy . At this point, the process is as follows ：

          In this way, the real addresses of the client and server are hidden at the same time .

4. Get real ip Address :

        When we actually use the network, we may go through multi-layer agents , And some http The head can record the middle ip Or real source ip.

4.1 remote_addr and X-Real-IP：

        remote_addr Stands for... Directly connected to the server ip, If the message from the client is not sent to the server through any proxy , Then the server will put remote_addr Set to client IP, If a proxy is used, the server's remote_addr Will be set as a proxy directly connected to the server ip.

        remote_addr It can hardly be forged , Because it is directly from tcp The connection information is obtained , If it is forged, then this tcp Will not be able to establish ( If you forge from the middle router ip It is still possible to establish tcp Of , However, this does not belong to the application layer ).

        x-real-ip It's a custom http head , It is usually set to emote_addr. It's a custom http head . It is usually used to record the truth ip. therefore x-real-ip It also records the direct connection ip, Therefore, when passing through multi-level proxy, only the penultimate one will be recorded to the proxy server ip, Such as proxy1-3 Corresponding ip by ip1-3, Then it will be recorded when it is finally transferred to the real server ip2, because ip It is already the last proxy server , No proxy server will fill it ip, Therefore, when multi-layer agents x-real-ip Only the penultimate one will be recorded x-real-ip. But if only proxy1 Turn on x-real-ip, So the final http Messages will only be recorded proxy1 The former is the client ip.

        commonly x-real-ip Nor can it be forged .

4.2 x-forwarded-for:

        x-forwarded-for abbreviation XFF, yes http An extended header of the Protocol , Generally, this head needs to be opened manually .

        XFF The format of is generally as follows ：

X-Forwarded-For: client_IP, proxy1_IP, proxy2_IP

        When the proxy server proxy1 Received from client Will be added to this entry client Of ip,proxy2 Received from proxy1 Will be added to this entry proxy1 Of ip, Empathy proxy3 Will add proxy2 Of ip, If at this time proxy3 Is the last agent , Send it directly to the real server , Then the entry will not contain proxy3 Of ip. That is to say, in general XFF It will not record the direct connection with the real server ip, Only all indirectly connected ip.

        If ip by ip0 Your client needs to go through proxy1-3 Three proxy servers , And their ip by ip1-3, Then their opening relationship corresponds to XFF The contents are as follows ：

#1.proxy1-3 All on XFF
X-Forwarded-For: ip0,ip1,ip2
#2. only proxy1 Turn on XFF
X-Forwarded-For: ip0
#3. only proxy2 Turn on XFF
X-Forwarded-For: ip1
#4. only proxy3 Turn on XFF
X-Forwarded-For: ip2
#5. only proxy1-2 Turn on XFF
X-Forwarded-For: ip0,ip1
#6. only proxy1,proxy3 Turn on XFF:
X-Forwarded-For: ip0,ip2
#7. only proxy2-3 Turn on XFF:
X-Forwarded-For: ip1,ip2

        It can be seen that XFF After opening, the proxy server only adds messages to itself in this entry ip.

4.3 XFF forge ：

        Under normal circumstances, there are XFF You can easily find each intermediate address , And then find the end address , But the message can be forged .

        Suppose the client ip by ip0, The server needs two layers of reverse proxy , The corresponding address is ip1,ip2. Then the normal situation should be as follows ：

X-Forwarded-For: ip0,ip1

        But suppose the client forges a request header , as follows ：

X-Forwarded-For:  false ip1, false ip2

        Then after the agency, it's like this ：

X-Forwarded-For:  false ip1, false ip2,ip0,ip1

          In this way, the server will get the error ip. At this time, the reverse proxy server and the real server are the same , Therefore, you can find it from the back to the front by determining the number of reverse proxy servers ip0. It can also be in proxy1 For processing remote_addr To cover the received XFF head .

4.4 XFF Inject ：

        xff Injection is also sql An infusion of .XFF The principle of injection is to modify XFF head , Make it with SQL sentence , Then the system of the server is sql Inject , Make the server execute custom SQL command , Thus, you can query the information of the website database or tamper with and delete the website database .

        xff Prevention and sql The prevention of injection is similar , It is mainly sensitive through filtering sql Characters .