Web Servers - Nginx - Setup Nginx Reverse Proxy

A Reverse Proxy sits between a client and a web server (or servers) and acts as a frontend by handling all incoming client requests and distributing them to the backend web, database, and/or other server(s).

Other benefits of a Reverse Proxy include:

• Load balancing: The reverse proxy distributes incoming connections to backend servers, and can even do so according to the current load that each server is under.
  • This ensures that none of the backend servers get overloaded with requests.
  • It also prevents downtime, since the reverse proxy can reroute traffic if a backend server happens to go offline.
• Central logging: Rather than having multiple servers generate log files, the reverse proxy can log all relevant information in a single location.
  • This makes the administrator’s job immensely easier, since problems can be isolated much more quickly and there is no need to parse log files from multiple locations when troubleshooting issues.
• Improved security: A reverse proxy will obfuscate information about the backend servers, as well as act as a first line of defense against incoming attacks.
  • Since the reverse proxy is filtering out traffic prior to forwarding it to the backend, only innocuous traffic is passed along to the other servers.
• Better performance: A reverse proxy server can make smart decisions about how to distribute the load across backend servers, which results in speedier response times.
  • Other common server tasks such as caching and compression can also be offloaded to the reverse proxy server, freeing up resources for the backend servers.

sudo apt install nginx

unlink /etc/nginx/sites-enabled/default

All of the settings for the reverse proxy will go inside of a configuration file, and this file needs be placed inside the sites-available directory.

cd /etc/nginx/sites-available

Create the configuration file: /etc/nginx/sites-available/reverse-proxy.conf

/etc/nginx/sites-available/reverse-proxy.conf

server {
    listen 80;
    location /some/path/ {
        proxy_pass http://example.com;
    }
}

Enable the new configuring by creating a symbolic link to the sites-enabled directory:

ln -s /etc/nginx/sites-available/reverse-proxy.conf /etc/nginx/sites-enabled/reverse-proxy.conf

Nginx can also act as a reverse proxy for FastCGI, uwsgi, SCGI, and memcached.

Rather than using the proxy_pass directive shown above, replace it with the appropriate type:

• proxy_pass: (HTTP server – as seen above)
• fastcgi_pass: FastCGI server.
• uwsgi_pass: uwsgi server.
• scgi_pass: SCGI server.
• memcached_pass: Mmemcached server.

To configure what headers the reverse proxy server passes to the other server(s), define them in the same /etc/nginx/sites-available/reverse-proxy.conf configuration file.

Use the proxy_set_header directive to adjust the headers.

• They can be configured in the server, location, or http block.

/etc/nginx/sites-available/reverse-proxy.conf

location /some/path/ {
        proxy_set_header HOST $host;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_pass http://example.com;
}