How to create NGINX reverse proxy
Creating an NGINX reverse proxy involves configuring NGINX to forward client requests to another server and then returning the server's response to the client. Here’s a step-by-step guide to setting up an NGINX reverse proxy:
Prerequisites:
- A server with NGINX installed: You can install NGINX on a variety of operating systems. On Ubuntu, you can install it with
sudo apt updatefollowed bysudo apt install nginx. - Root or sudo access to your server: You need administrative privileges to configure NGINX.
Step-by-Step Guide:
1. Install NGINX (if not already installed):
On Ubuntu/Debian:
bash
sudo apt update
sudo apt install nginxOn CentOS/RHEL:
bash
sudo yum install epel-release
sudo yum install nginx
Start and enable NGINX to run on boot:
bash
sudo systemctl start nginx
sudo systemctl enable nginx2. Configure NGINX as a Reverse Proxy:
Open the NGINX configuration file for editing. The default configuration file is usually located at /etc/nginx/nginx.conf, but for creating a reverse proxy, it’s better to create a new configuration file in the /etc/nginx/sites-available/ directory (or /etc/nginx/conf.d/ on some systems).
For instance, create a new configuration file:
bash
sudo nano /etc/nginx/sites-available/reverse-proxy.confAdd the following configuration to set up the reverse proxy:
nginx
server {
listen 80;
server_name your_domain.com;
location / {
proxy_pass http://backend_server_ip_or_domain:backend_port;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
- Replace
your_domain.comwith your actual domain name. - Replace
backend_server_ip_or_domainwith the IP address or domain name of the server you want to forward requests to. - Replace
backend_portwith the port number of your backend server (e.g., 80 for HTTP, 443 for HTTPS).
3. Enable the Configuration:
Create a symbolic link to enable the new configuration. On Ubuntu/Debian:
bash
sudo ln -s /etc/nginx/sites-available/reverse-proxy.conf /etc/nginx/sites-enabled/
On CentOS/RHEL, you might directly edit /etc/nginx/nginx.conf or add the configuration file to /etc/nginx/conf.d/.
4. Test the Configuration:
Before restarting NGINX, test the configuration for syntax errors:
bash
sudo nginx -t
If the test is successful, you should see:
vbnet
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
5. Restart NGINX:
Restart NGINX to apply the changes:
bash
sudo systemctl restart nginx
6. Verify the Reverse Proxy:
To verify the reverse proxy is working, open a web browser and navigate to http://your_domain.com. You should see the content served by the backend server.
Additional Configuration:
-
Handling SSL/TLS: If you want to use SSL/TLS, you need to configure NGINX to handle HTTPS requests. You can use Let’s Encrypt to obtain a free SSL certificate and configure it with NGINX.
-
Load Balancing: To distribute traffic among multiple backend servers, you can configure NGINX to act as a load balancer:
upstream backend {
server backend1.example.com;
server backend2.example.com;
}
server {
listen 80;
server_name your_domain.com;
location / {
proxy_pass http://backend;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
3. Advanced Proxy Settings: NGINX allows you to fine-tune various aspects of proxying, such as timeouts, buffers, and headers. Refer to the NGINX documentation for more details.
By following these steps, you can set up NGINX as a reverse proxy, enabling you to forward client requests to backend servers seamlessly.