Sling Academy
Home/DevOps/NGINX Reverse Proxy: A Practical Guide

NGINX Reverse Proxy: A Practical Guide

Last updated: January 22, 2024

Table of Contents

  1. Overview
    1. Introduction to NGINX Reverse Proxy
    2. Benefits of Using NGINX as Reverse Proxy
    3. Prerequisites
  2. Installing NGINX
  3. Configuring NGINX as a Reverse Proxy
  4. Load Balancing Configuration
  5. SSL Termination
  6. Testing Your Configuration
  7. Conclusion

Overview

Introduction to NGINX Reverse Proxy

A reverse proxy is a server that sits in front of web servers and forwards client (e.g., web browser) requests to those web servers. NGINX is a high-performance HTTP server that can also serve as a reverse proxy. By using NGINX as a reverse proxy, you can improve the security, reliability, and performance of your web application.

Benefits of Using NGINX as Reverse Proxy

  • Load Balancing: Distribute traffic across multiple servers to ensure no single server becomes overburdened.
  • Improved Security: By positioning NGINX as a gatekeeper, you protect your application from exposure to the public internet.
  • Caching: NGINX can cache content, reducing the load on your application servers and improving response times.
  • SSL Termination: Handle SSL/TLS encryption at the proxy level, offloading the performance overhead from the application servers.
  • Compression: Compress files to reduce bandwidth and speed up transfer times.

Prerequisites

To get the most out of this article, you should have the following:

  • Access to a Linux server
  • Basic understanding of Linux command line
  • An existing website or web application

Installing NGINX

Before setting up your reverse proxy, you need to install NGINX. You can install it using your package manager:

sudo apt update 
sudo apt install nginx

On CentOS, use:

sudo yum install epel-release 
sudo yum install nginx

Configuring NGINX as a Reverse Proxy

Edit the NGINX configuration file typically located at /etc/nginx/nginx.conf or under /etc/nginx/sites-available/ for more granular configuration. Below is a basic example of a reverse proxy setup:

server {
    listen 80;

    server_name example.com;
    location / {
        proxy_pass http://backend-server-ip:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

This configuration instructs NGINX to listen on port 80 and forward all requests to the specified backend server.

Load Balancing Configuration

You can improve the availability and performance of your application by distributing traffic across multiple servers. Here’s a simple round-robin load balancing configuration:

http {
    upstream backend {
        server backend1.example.com;
        server backend2.example.com;
        server backend3.example.com;
        # ... add as many servers as you need
    }

    server {
        listen 80;

        location / {
            proxy_pass http://backend;
            # ... other proxy parameters
        }
    }
}

SSL Termination

NGINX can handle SSL transactions on behalf of the backend servers. Here’s how you would configure SSL termination:

server {
    listen 443 ssl;
    server_name example.com;

    ssl_certificate /etc/ssl/example.com.crt;
    ssl_certificate_key /etc/ssl/example.com.key;

    location / {
        proxy_pass http://backend-server-ip:8080;
        # ... other proxy parameters
    }
}

Testing Your Configuration

After making changes to your NGINX configuration, you should test the configuration for syntax errors:

sudo nginx -t

If the test is successful, reload NGINX to apply the changes:

sudo systemctl reload nginx

Conclusion

Setting up an NGINX reverse proxy does more than just improve your web application’s performance and security. It provides a scalable and flexible solution to manage your web traffic effectively. Remember, the configurations above are starting points; fine-tune them according to your specific needs and environment.

Next Article: NGINX X-REAL-IP and X-FORWARDED-FOR: How to get the real IP address of a client

Previous Article: NGINX: Is it Safe to Delete default.conf File?

Series: NGINX Tutorials

DevOps

You May Also Like

  • How to reset Ubuntu to factory settings (4 approaches)
  • Making GET requests with cURL: A practical guide (with examples)
  • Git: What is .DS_Store and should you ignore it?
  • NGINX underscores_in_headers: Explained with examples
  • How to use Jenkins CI with private GitHub repositories
  • Terraform: Understanding State and State Files (with Examples)
  • SHA1, SHA256, and SHA512 in Terraform: A Practical Guide
  • CSRF Protection in Jenkins: An In-depth Guide (with examples)
  • Terraform: How to Merge 2 Maps
  • Terraform: How to extract filename/extension from a path
  • JSON encoding/decoding in Terraform: Explained with examples
  • Sorting Lists in Terraform: A Practical Guide
  • Terraform: How to trigger a Lambda function on resource creation
  • How to use Terraform templates
  • Understanding terraform_remote_state data source: Explained with examples
  • Jenkins Authorization: A Practical Guide (with examples)
  • Solving Jenkins Pipeline NotSerializableException: groovy.json.internal.LazyMap
  • Understanding Artifacts in Jenkins: A Practical Guide (with examples)
  • Using Jenkins with AWS EC2 and S3: A Practical Guide