Skip to main content

Setting Up Nginx as a Reverse Proxy

Introduction

In this guide, we will walk through the steps to set up Nginx as a reverse proxy. A reverse proxy allows Nginx to forward client requests to another server (e.g., Apache, Node.js, etc.) while acting as an intermediary. This can help balance load, improve security, and make services easier to manage.

Prerequisites

  • A Linux server with Nginx installed and running.
  • A backend application or service running on a different port or server (e.g., Node.js, Apache, etc.).
  • Basic knowledge of editing configuration files on the server.

Step 1: Install Nginx

If you don’t have Nginx installed, you can install it by running:

sudo apt update
sudo apt install nginx -y

Step 2: Basic Configuration of Reverse Proxy

Assume we want Nginx to forward requests to a backend application running on port 3000 (e.g., Node.js, or another web service).

  1. Open your Nginx configuration file:

    sudo nano /etc/nginx/sites-available/default

  2. Add the following configuration to set up the reverse proxy:

    server {
        listen 80;
        server_name yourdomain.com;

        location / {
            proxy_pass http://127.0.0.1:3000;   # Forward requests to the backend service on port 3000
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection 'upgrade';
            proxy_set_header Host $host;
            proxy_cache_bypass $http_upgrade;
        }
    }
    • The proxy_pass directive forwards incoming HTTP requests to the backend service at http://127.0.0.1:3000.
    • The proxy_set_header directives ensure that important HTTP headers, such as Host and Connection, are properly set.

  3. Save the file and exit the editor.

Step 3: Test and Apply the Configuration

  1. Test the Nginx configuration for syntax errors:

    sudo nginx -t

  2. If the test is successful, reload Nginx to apply the changes:

    sudo systemctl reload nginx

Step 4: Verifying the Reverse Proxy Setup

  1. Open your browser and navigate to http://yourdomain.com.
  2. Nginx should forward the request to the backend service running on localhost:3000, and you should see the application respond as if it's being served by Nginx.

Step 5: Enable SSL (Optional)

To add SSL (HTTPS) for secure connections, follow these steps:

  1. Install Certbot for automatic SSL certificate generation:

    sudo apt install certbot python3-certbot-nginx -y

  2. Run Certbot to obtain and configure the SSL certificate for your domain:

    sudo certbot --nginx
    • Certbot will automatically configure Nginx to use SSL for HTTPS connections.

  3. Verify that SSL is working by visiting https://yourdomain.com.

Step 6: Additional Configuration (Optional)

If your backend service requires additional configuration or headers, you can modify the location / block to handle things like WebSocket connections or specific API requests.

Example for WebSocket Support:

location / {
    proxy_pass http://127.0.0.1:3000;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
}

Troubleshooting

  • Service not responding: Ensure your backend service is running and accessible on the configured port (e.g., port 3000).
  • SSL not working: Double-check that the SSL certificate was correctly installed, and Nginx is properly reloaded with the updated configuration.
  • Nginx errors: Check Nginx’s error logs for any issues: 
    sudo tail -f /var/log/nginx/error.log