What is a Reverse Proxy? Practical Explanation with nginx


In simplified terms, a reverse proxy is a web server that accepts requests from clients and then further delegates these requests to other servers within a given network. A reverse proxy is also responsible for returning any responses from the servers back to the client. In simplified terms, it is a server that communicates directly with the client on the behalf of one or many other servers.

Motivation for using a Reverse Proxy

Using a reverse proxy has the key benefit of allowing the user to host several different servers running on different ports over the same network, whilst only requiring the client to make requests to the port that the reverse proxy web server is listening to. Whilst this will be the main focus of this tutorial, using a reverse proxy has many other benefits related to things such as network security, performance and load distribution.

What is nginx?

As aforementioned, we need a web server – a piece of software able to receive requests and send out responses – that is able to act as a reverse proxy. Nginx is a very versatile web server which is known for its ease of use in comparison to other alternatives.

Installing Nginx on Ubuntu

Note: There are many tutorials for how to install nginx on the various operating systems and platforms available – please use those as a reference if you are not using Ubuntu.

sudo apt-get update
sudo apt-get install nginx

You can confirm the installation by checking 127.0.0.1:80 in your browser – you should see a page indicating that nginx has been installed!

Obviously, this is not what we want our users to see every time they access our server – the next step is to write our own configuration, that will allow us to control what the user sees when accessing port 80 (standard port for HTTP) or port 443 (standard port for HTTPS) on our server/local machine.

Setting up a basic Reverse Proxy for a single Server

For this part of the tutorial, you will want to have another application server running on a port of your local machine – ideally, it will allow you to see a website or something similar when it is accessed, so that we can ensure that the reverse proxy has redirected our request to the desired server. Make sure this server does NOT run on port 80 or 443.

Once we have another server running, we will want to clear the default nginx configuration and replace it with our own. Nginx will always create two folders, “sites-enabled” and “sites-available”, as well as a “conf.d” folder with the initial configuration. To clear them on Ubuntu, run the following commands – of course you will not want to do this if you already have your own configurations in there. You will also need administrator privileges.

sudo rm -r /etc/nginx/sites-enabled/
sudo rm -r /etc/nginx/sites-available/
sudo mv /etc/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf.disabled

Next, you can open a text editor of your choice and add a new file to your conf.d directory with the following content:

server {
  listen 80;
  server_name jdit.eu;
  location / {
      proxy_pass http://localhost:9000/;
      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  }
}

Finally, you can call the command sudo nginx -s reload which will restart nginx and apply the new configuration. Now, if you enter 127.0.0.1:80 as your browser url (127.0.0.1 is a universal IP for your local machine), you will see that you are being redirected to http://localhost:9000/ – this means that it has worked and the reverse proxy has redirected our request!

A detailed explanation of the Code

On the first line, we are declaring a new server block, which is used to configure how nginx handles user requests. By setting the listen parameter to 80, we are telling nginx to listen for requests on port 80 of our machine. The server_name parameter is used to define the domains for which the server configurations are applied – requests coming from a different domain are simply ignored! This is also where you should set your own domain if you have one.

The location block is used to define any rules that nginx should apply to specific locations that the user is trying to access – in this case, a url’s location is essentially what comes after the “/” (e.g. for “jdit.eu/archive”, the location would be “/archive”). By setting the location block to “/”, we are saying that we want to apply the following settings to all requests coming from the url “jdit.eu”, regardless of the location. If I changed the location block to something like “/archive”, then a user would only get redirected if they typed “jdit.eu/archive” as the url (or sublocations, like “jdit.eu/archive/helloworld”).

Inside the location block, we are defining the actual proxy pass – in this case, we are redirecting to http://localhost:9000/ since that is where I am running my server. The other parameters are optional – the proxy_set_header parameter is used to customize how nginx passes on the headers of our request to the other server. The dollar signs used in the parameter definitions are variables that nginx provides.

I hope you enjoyed this tutorial on how to setup a reverse proxy with nginx – if you want some more information on how you can customize this setup, I highly recommend checking out the nginx documentation.

Newsletter
Please enter a valid email!
Please agree to the terms!