How to Use Nginx as a Reverse Proxy for a Server

How to Use Nginx as a Reverse Proxy for a Server

Daily short news for you
  • A software that converts text to speech created by a Vietnamese programmer - J2TEAM - Text to Speech (Free). You can convert dozens of languages into dozens of different natural voices. The special thing is that it is free.

    In preliminary evaluation, the conversion of long texts or texts in pure Vietnamese is very good. However, when it includes English words, it sounds a bit funny 😅

    » Read more
  • How terrifying, Codeium - known as a competitor to Github Copilot, as it allows users to use it for free without limits. Recently, they introduced the Windsurf Editor - no longer just a VSCode Extension but a full Editor now - directly competing with Cursor. And the main point is that it... is completely free 🫣.

    » Read more
  • There is a rather interesting study that I came across: "Users never bother to read things they don't want to." (That's a bold statement, but it's more true than not. 😅)

    Don't believe it? I bet you've encountered situations where you've clicked on a button repeatedly and it doesn't respond, but in reality, it has displayed an error message somewhere. Or you've filled out everything and then when you hit the submit button, it doesn't go through. Frustrated, you scroll up or down to read and find out... oh, it turns out there's an extra step or two you need to take, right?

    It’s not far from the blog here. I thought that anyone who cares about the blog would click on the "Allow notifications" button just below the post. But the truth is, no one bothers to click it. Is it because they don't want to receive notifications? Probably not! I think it's because they just didn’t read that line.

    The evidence is that only when a notification pops up and takes up half the screen, or suddenly appears to grab attention, do they actually read it—and of course, it attracts a few more subscribers—something that was never achieved before.

    » Read more

What is Nginx?

Nginx là gì

There's no need to say much, I'm sure many of you already know. Nginx is an HTTP server and reverse proxy server. It can also be used as a TCP/UDP server.

Nginx is commonly used for HTTP servers, and it is often used as a reverse proxy. This means that it is a server capable of directing and hiding other services inside the server.

To make it easier to understand, let's take a look at the illustration of the reverse proxy position in a web server system. We can see that all user queries (requests) go through the reverse proxy before being routed to the servers or services inside the server. This also means that users only know and interact with the proxy server without knowing the internal components.

What does a Reverse Proxy do?

Let's imagine a server with 2 services: Frontend (FE) and Backend (BE). The FE is set to run on port 8081, and the BE runs on port 8080. The FE communicates with the BE through a REST API.

Assuming the server's IP address is x.x.x.x, I can access the FE by accessing the address x.x.x.x:8081, and the BE by accessing x.x.x.x:8080. Now, with the domain name 2coffee.dev pointing to the IP, I can access them more easily as 2coffee.dev:8081 and 2coffee.dev:8080.

As you can see, my 2 services are accessed via the domain name (or IP address) along with the port. This means that users know which port my services are running on, which can be exploited for information gathering.

Furthermore, for easy management and professional appearance, I want the FE to be accessed directly from the address 2coffee.dev, while the API is accessed through the subdomain api.2coffee.dev. So, how can this be done? The simple answer is using Nginx as a reverse proxy.

How to Set Up a Reverse Proxy Server with Nginx?

The goal is to see the FE page when accessing 2coffee.dev and to be able to call the API when accessing api.2coffee.dev.

In this section, we will explore the basic reverse proxy configurations. First, make sure that both services on your server can be accessed locally through the addresses localhost:8081 and localhost:8080.

You can use the curl command to check that:

$ curl localhost:8081
# <response>
$ curl localhost:8080
# <response>

If you receive a response, everything is fine. If you receive any error messages indicating that the connection cannot be established, you need to check if the services are started correctly.

Nginx is installed on the server, you can either install Nginx directly on the server or use Docker to install it. If you use Docker, make sure you know how to set up the Docker network to allow it to access the above 2 services. One more note is that you need to map the container's ports 80 and 443 to the server's ports 80 and 443, or you can simply run the container in host network mode.

Open the file /etc/nginx/nginx.conf and check if it includes the following line:

...  
  ...  
  include /etc/nginx/conf.d/*.conf;
...  

This is the configuration for Nginx to automatically load the config files in the /etc/nginx/conf.d directory.

Create a file named my-app.conf in the /etc/nginx/conf.d directory. Here, I'll be using the vi editor.

$ vi /etc/nginx/conf.d/my-app.conf

The contents of the file will look like this:

server {
    listen 80;
    server_name 2coffee.dev;

    location / {
      proxy_pass http://localhost:8081;
      proxy_set_header X-Real-Ip $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header Host $host;
      proxy_set_header REMOTE_ADDR $remote_addr;
      proxy_set_header X-Forwarded-Proto $scheme;
    }
}

server {
    listen 80;
    server_name api.2coffee.dev;

    location / {
      proxy_pass http://localhost:8080;
      proxy_set_header X-Real-Ip $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header Host $host;
      proxy_set_header REMOTE_ADDR $remote_addr;
      proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Save and restart Nginx:

$ sudo nginx -s reload

For those using Docker, restart the Nginx container. One thing to note is that you need to mount the Nginx config files from the container to the outside to avoid losing the configuration when restarting the container.

To explain lines 7 to 11 in the my-app.conf file, you can understand them as follows: Since Nginx acts as a forwarder for user queries to the services, the headers need to be configured so that Nginx knows how to forward them to the services. Otherwise, the header information may be incorrect.

Conclusion

Nginx is a very popular server nowadays due to its powerful features.

Reverse proxy is a great feature provided by Nginx. It helps to direct and hide services inside the server, and using it also makes it easy to set up subdomains.

Premium
Hello

Me & the desire to "play with words"

Have you tried writing? And then failed or not satisfied? At 2coffee.dev we have had a hard time with writing. Don't be discouraged, because now we have a way to help you. Click to become a member now!

Have you tried writing? And then failed or not satisfied? At 2coffee.dev we have had a hard time with writing. Don't be discouraged, because now we have a way to help you. Click to become a member now!

View all

Subscribe to receive new article notifications

or
* The summary newsletter is sent every 1-2 weeks, cancel anytime.
Author

Hello, my name is Hoai - a developer who tells stories through writing ✍️ and creating products 🚀. With many years of programming experience, I have contributed to various products that bring value to users at my workplace as well as to myself. My hobbies include reading, writing, and researching... I created this blog with the mission of delivering quality articles to the readers of 2coffee.dev.Follow me through these channels LinkedIn, Facebook, Instagram, Telegram.

Did you find this article helpful?
NoYes

Comments (2)

Leave a comment...
Avatar
Trần Cường2 years ago
Mình làm theo mà đang bị lỗi không khởi động lại được nginx ko biết sai ở đâu ko :(
Reply
Avatar
Xuân Hoài Tống2 years ago
Lỗi như thế nào thế bạn
Avatar
Linh Trịnh Mạnh2 years ago
Cho mình hỏi cái reverse proxy này có phải giống như là park domain vào host không nhỉ?
Reply
Avatar
Xuân Hoài Tống2 years ago
Không giống đâu bạn, nó giúp cấu hình subdomain trỏ đến sẻvice trên máy chủ thôi