Reverse Proxy and Nginx

Today we will discuss what reverse proxy is, the benefits of using it and how to use nginx to achieve this.

What is a Reverse Proxy?

In short, a reverse proxy is a gateway that handles client requests and forwards them to backend servers. It abstracts the internal workings of the system so that, when a client makes a request, it appears as though they are communicating directly with a server. However, the reverse proxy operates in the background, and its functionality is not visible to the client.

What Problems Does a Reverse Proxy Solve?

Here are some key benefits of using a reverse proxy:

Security: A reverse proxy can act as a firewall, blocking direct attacks on backend servers.

SSL Offloading: It handles SSL/TLS encryption and decryption, offloading this task from backend servers, thereby improving performance.

Load Balancing: By distributing traffic across multiple servers, a reverse proxy prevents overloading a single server, improving infrastructure performance.

Other important uses for a reverse proxy include centralized management, geolocation routing, API gateway services, and more.

Understanding NGINX

Now that we've briefly described what a reverse proxy is, let's talk about NGINX.

NGINX is an open-source web server and reverse proxy server. It allows us to set up infrastructure to handle requests from different users and forward them to appropriate servers, all with high performance, scalability, and low resource consumption.

Installing NGINX

Let's install NGINX on different systems:

Debian/Ubuntu:

$ sudo apt update
$ sudo apt install nginx

Arch:

$ sudo pacman -S nginx-mainline

Fedora:

sudo dnf install nginx

After installing NGINX, the server will start automatically. You can check the server status by typing:

sudo systemctl status nginx

Now, let's set up the NGINX configuration so that each service can be easily enabled or disabled. Although it's possible to use a single configuration file (usually located at /etc/nginx/nginx.conf), it's often better to create separate files for each service.

For example, let's assume we have an application called webservice01 running on port 4200.

Create the configuration file for this service:

$ sudo nano /etc/nginx/webservices-available/webservice01

Inside this file, add the following configuration:

nginx


server {
  listen 80;
  server_name webservice01.com;


  location / {
      proxy_pass http://localhost:4200;
      proxy_set_header Host $host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
  }
}

In short this configuration tells NGINX to listen on port 80 (the default HTTP port) and forward any requests to webservice01.com to localhost:4200.

Enabling the Configuration

To enable this configuration, create a symbolic link:

$ sudo ln -s /etc/nginx/webservices-available/webservice01 /etc/nginx/webservices-enabled/

Finally, apply the configuration by restarting NGINX:

$ sudo systemctl restart nginx

And that's it! We've successfully set up NGINX as a reverse proxy.