A reverse proxy is a server that takes the requests (http/https) & then transfers or distributes them to backend server. Backend server can be an application server like Tomcat, wildfly or Jenkins etc or it can even be another web server like Apache.
But why do we even need a reverse proxy in front of app or web server at all, we need it cause,
- It hides point of origin, thus making our backend server more secure & less suseptable to attacks.
- Since reverse proxy is first point of contact for all requests, it can help encrypt/decrypt the request. This takes the load off from backend server.
- It can also be used for caching of content, which again reduces the load from other servers.
- it can also act as a load-balancer.
Pre-requisites
We will need a backend server, it can be any app server or even a webserver. But remember, if you are using a web server that is also on the same server as nginx reverse proxy, make sure that the other web server is not using same tcp port as nginx reverse proxy i.e. 80 & 443.
For the purpose of this tutorial, I will using a tomcat server hosted at a different server on IP 192.168.1.110 , working at port 8080 (refer to our tutorial here for detailed Apache Tomcat installation). As mentioned above, you can opt for different application server or web server.
Installation
We have created a detailed ARTICLE HERE for nginx installation on Ubuntu or CentOS/RHEL.
Configuration
Now that nginx is installed & working we will move ahead with the Nginx reverse proxy configuration part. But first we will remove the default configuration for the nginx, it can be done with the following command,
# rm /etc/nginx/conf.d/default.conf
Alternatively, we can also remove the content inside the above mentioned file & make the configuration for Nginx reverse proxy there, but I prefer to use separate file for each site configured. So let’s create a new conf file for our nginx reverse proxy,
# vi /etc/nginx/conf.d/test-proxy.conf
& make the following entries to the file,
upstream appserver {
server 192.168.1.110:8080;
}
server {
listen 80;
listen [::]:80;
server_name test-reverse-proxy.com;
location / {
proxy_pass http://appserver;
}
}
Now save file & exit. Here in the configuration, we are telling the about the server_name & than under ‘location’ section, we are providing the backend server i.e. our Apache tomcat server. Now to implement the changes made, we will restart the nginx service but before that we must check if the configuration made are correct or not,
# ngnix -t
or we can also provide the complete path for configuration file,
# nginx -t -c /etc/nginx/conf.d/test-proxy.conf
Once the check returns with zero errors, we can restart the nginx service,
# systemctl restart nginx
Note :- Also make sure that your backend server is working properly before moving onto next step.
Testing
Now the next & final step is to check if the nginx reverse proxy is working fine or not. So open a web browser & enter the nginx server address/URL. Now when the page finishes loading, we should be seeing the apache tomcat page & not the default nginx page.
