Other than Apache, Nginx is the most popular web server out there. In addition to being a web server, it also can be used as a load balancer or a reverse proxy. In this tutorial we will show you how you can make use of Nginx as a reverse proxy.
What is a reverse proxy?
A proxy server acts as an intermediary between the client and another server. It retrieves resources from the server that you want to connect to and sends it to you for viewing. A reverse proxy works the same way, except that the role is reversed. When you request information from a server, the reverse proxy will take hold of the request and send it to the appropriate backend server. This allows the system administrator to use a server for multiple applications, as well as to ensure a smoother flow of traffic between the client and the server.
Benefits of a reverse proxy
Depending on your application, you might have different use cases of reverse proxy.
- A reverse proxy allows you to run multiple applications on the same server – If you have multiple applications running on the same server, they can’t all be listening to port 80 or 433 at the same time. With a reverse proxy, you can configure the reverse proxy to redirect the traffic to individual apps as necessary.
- Load Balancing – If you have multiple servers running the same app, you can make use of a reverse proxy to distribute the traffic evenly to each server.
- Web Application Firewall – You can make use of a reverse proxy to hide your application from the public and also to filter out spam IP or protect from a DDOS attack.
- Easy Logging and Auditing – Since all the incoming traffic is managed by the reverse proxy, it is easier to log and monitor the flow of the traffic.
Configuring Nginx as a reverse proxy
To set up Nginx as a reverse proxy, we will use the
proxy_pass parameter in Nginx configuration files.
Note: This tutorial assumes that you have some knowledge of Nginx and have already installed and set up Nginx in your server.
In most use cases Nginx will be the front-end facing server, listening to port 80 (HTTP) or 443 (HTTPS) for incoming requests. As there can only be one service listening to port 80 or 443, your application will have to listen on another port, like port 8081. The simplest configuration will be something like this:
This means all incoming requests to myapp.com at port 80 will be redirected to port 8081.
In addition to the
proxy_pass directive, there are several other directives that you can use for a more advanced setup.
proxy_set_header – This allows you to set the header to send to the background app. For example, see the following configuration:
You can set the necessary proxy header to pass to the application so it knows the request IP and remote address, and output the correct content for the request site.
proxy timeout – This allows you to set the timeout value for sending and receiving proxy requests. For example:
proxy_buffers – This allows Nginx to temporarily hold the response of the proxied server and only send to the request server after the proxied server finishes responding. For example:
If your app is going to send a big chunk of a file, then you might want to disable proxy_buffers:
As you can see, Nginx is a capable reverse proxy server. The best thing about it is that its configuration is simple, easy to use and yet still allows you to scale up for more complicated scenarios. For more detail, you can check out the Nginx proxy module documentation or the configuration examples.