In this section, we will delve into the configuration of NGINX as a reverse proxy. A reverse proxy is a server that sits between client devices and backend servers, forwarding client requests to the appropriate backend server. This setup can improve load distribution, security, and performance.

1. Reverse Proxy: A server that forwards client requests to backend servers.
2. Backend Server: The server that processes the client requests forwarded by the reverse proxy.
3. Proxy Pass: The directive used in NGINX to forward requests to a backend server.

To configure NGINX as a reverse proxy, you need to modify the NGINX configuration file, typically located at /etc/nginx/nginx.conf or /etc/nginx/conf.d/default.conf.

Example Configuration

Explanation

• listen 80;: NGINX listens on port 80 for incoming HTTP requests.
• server_name example.com;: The domain name for which NGINX will act as a reverse proxy.
• location / { ... }: The location block defines how requests to the root URL (/) should be handled.
  • proxy_pass http://backend_server;: Forwards requests to the backend server. Replace backend_server with the actual backend server's address (e.g., http://localhost:8080).
  • proxy_set_header Host $host;: Sets the Host header to the value of the $host variable.
  • proxy_set_header X-Real-IP $remote_addr;: Sets the X-Real-IP header to the client's IP address.
  • proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;: Adds the client's IP address to the X-Forwarded-For header.
  • proxy_set_header X-Forwarded-Proto $scheme;: Sets the X-Forwarded-Proto header to the scheme (HTTP or HTTPS) used by the client.

You can configure NGINX to distribute requests among multiple backend servers using an upstream block.

Example Configuration

Explanation

• upstream backend_servers { ... }: Defines a group of backend servers.
  • server backend1.example.com;: The first backend server.
  • server backend2.example.com;: The second backend server.
• proxy_pass http://backend_servers;: Forwards requests to the group of backend servers defined in the upstream block.

You can fine-tune the reverse proxy settings to optimize performance and security.

Example Configuration

Explanation

• proxy_connect_timeout 60s;: Sets the timeout for establishing a connection with the backend server.
• proxy_send_timeout 60s;: Sets the timeout for sending a request to the backend server.
• proxy_read_timeout 60s;: Sets the timeout for reading a response from the backend server.
• proxy_buffer_size 128k;: Sets the size of the buffer used for reading the first part of the response from the backend server.
• proxy_buffers 4 256k;: Sets the number and size of the buffers used for reading the response from the backend server.
• proxy_busy_buffers_size 256k;: Sets the size of the buffers used for busy connections.
• proxy_temp_file_write_size 256k;: Sets the size of the temporary file used for buffering large responses.

Task: Configure NGINX to act as a reverse proxy for a backend server running on http://localhost:8080.

Solution:

1. Open the NGINX configuration file:

   sudo nano /etc/nginx/conf.d/default.conf
   

2. Add the following configuration:

   server {
       listen 80;
       server_name localhost;
   
       location / {
           proxy_pass http://localhost:8080;
           proxy_set_header Host $host;
           proxy_set_header X-Real-IP $remote_addr;
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_set_header X-Forwarded-Proto $scheme;
       }
   }
   

3. Save the file and exit the editor.

4. Test the NGINX configuration:

   sudo nginx -t
   

5. Reload NGINX to apply the changes:

   sudo systemctl reload nginx
   

Task: Configure NGINX to distribute requests among two backend servers: http://backend1.example.com and http://backend2.example.com.

Solution:

1. Open the NGINX configuration file:

   sudo nano /etc/nginx/conf.d/default.conf
   

2. Add the following configuration:

   upstream backend_servers {
       server backend1.example.com;
       server backend2.example.com;
   }
   
   server {
       listen 80;
       server_name example.com;
   
       location / {
           proxy_pass http://backend_servers;
           proxy_set_header Host $host;
           proxy_set_header X-Real-IP $remote_addr;
           proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
           proxy_set_header X-Forwarded-Proto $scheme;
       }
   }
   

3. Save the file and exit the editor.

4. Test the NGINX configuration:

   sudo nginx -t
   

5. Reload NGINX to apply the changes:

   sudo systemctl reload nginx
   

• Incorrect proxy_pass URL: Ensure the URL specified in proxy_pass is correct and accessible.
• Missing Headers: Always set the necessary headers (Host, X-Real-IP, X-Forwarded-For, X-Forwarded-Proto) to ensure proper request forwarding.
• Timeouts: Adjust timeout settings based on your backend server's response time to avoid unnecessary timeouts.

In this section, you learned how to configure NGINX as a reverse proxy, including basic setup, handling multiple backend servers, and advanced proxy settings. You also practiced configuring a reverse proxy through practical exercises. This knowledge is essential for optimizing load distribution, security, and performance in your web applications. In the next section, we will explore load balancing in more detail.