What is a Reverse Proxy?
A reverse proxy is a server that is placed in front of one or more web servers, intercepting requests from clients. When the clients try to connect to the origin server of a website, those requests are intercepted by the reverse proxy server. The proxy server forwards these requests to the proxied server and receives responses from it to send them to the clients.
Benefits of Reverse Proxy:
- Enhances Security
- Load Balancing
- Caching
- SSL Encryption and more
Installation Guide
Pre-Requisites
- Nginx web server installed on Ubuntu Server 20.04 LTS
- Website configured on Ubuntu Server 20.04 LTS
- SSH connection to remote machines (Nginx and Website)
In this guide, I will show you how you can configure the NGINX web server as a reverse proxy with the help of a few simple steps. For this purpose, I have used a website deployed on an ubuntu server 20.04 LTS. This will act as the main server or you can say proxied server. Nginx web server is deployed on another ubuntu server 20.04 LTS which I will configure as a reverse proxy in this tutorial. On my local machine, I have Linux Mint 20.02 installed from where I will form remote connections with:
- Nginx Web Server’s Virtual Machine’s IP address: 10.11.120.2
- Deployed Website’s Virtual Machine’s IP address: 10.11.120.3
Let’s get started!
Step 1: SSH to Nginx machine
The first step is to connect to the remote machine where Nginx is installed. We will configure Nginx as a reverse proxy on this machine. To do that, run the command below by adding the username and the IP of the machine where you have your Nginx deployed. In my case, it is nginx and 10.11.120.2.
ssh [email protected]
Step 2: Disable pre-configured Nginx Virtual host:
Next, unlink the default configuration of the Nginx Virtual host by running the command below:
unlink /etc/nginx/sites-enabled/default
Step 3: Create a Reverse Proxy configuration file
Then, we will create a reverse proxy configuration file.
To do that, go to the sites-available directory following the path as shown in the command below:
cd /etc/nginx/sites-available
Now, create a reverse proxy configuration file and open it with nano editor like this:
sudo nano example.conf
Copy the following lines and paste them into the file you just created.
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://10.11.120.3:80;
}
}
This configuration tells that the Nginx reverse proxy is listening on port 80 and redirecting all incoming connection requests for example.com towards port 80 of 10.11.12.3 server.
Step 4: Activate the file by creating symlink
Here, we will save the file and activate it by creating a symlink like this:
sudo ln -s /etc/nginx/sites-available/example.conf /etc/nginx/sites-enabled/
Step 5: Test configuration file
It is time to test our reverse proxy configuration file for errors. To do that, run the following command:
sudo nginx -t
If you get the “syntax is ok” message as shown below, it means you are good to go.
Step 6: Restart Nginx
The final step is to restart the Nginx web server so that the new reverse proxy configuration file that we just added, gets configured with the Nginx web server. Do this by running the following command:
sudo systemctl restart nginx
Now you can test it by opening the web browser on your machine and running the website. You will be proxied through Nginx to the 10.11.120.3 machine.
If the website runs fine, this means you have successfully configured Nginx Reverse Proxy. Congratulations! You did a great job!
In this tutorial, you saw how you can easily configure the Nginx Web server as a reverse proxy by adding a configuration file. By doing this, you can protect your main server against different cyberattacks or you can utilize it to balance the load of incoming heavy traffic. All up to you.
To see how you can configure Nginx Server Block and Secure Nginx with Let’s Encrypt SSL on Rocky Linux 8 / CentOS 8, visit:
Karim Buzdar holds a degree in telecommunication engineering and holds several sysadmin certifications including CCNA RS, SCP, and ACE. As an IT engineer and technical author, he writes for various websites.
