Nginx reverse proxy is a common server configuration used to forward client requests to other servers and return the responses from those servers back to the client. The applications of Nginx reverse proxy are extensive, and here are some common use cases:
- Load Balancing:
- Application: Distributes requests to multiple backend servers to balance the load, enhancing system reliability and scalability.
- Example Configuration:
http { upstream backend { server backend1.example.com; server backend2.example.com; server backend3.example.com; } server { listen 80; location / { proxy_pass http://backend; } } }
- Enhanced Security:
- Application: Hides the real IP addresses of backend servers to prevent direct access and increase security.
- Example Configuration:
server { listen 80; server_name example.com; location / { proxy_pass http://internal_server; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }
- Content Caching:
- Application: Caches static content from backend servers to improve response speed and reduce backend server load.
- Example Configuration:
proxy_cache_path /data/nginx/cache levels=1:2 keys_zone=my_cache:10m max_size=10g inactive=60m use_temp_path=off; server { listen 80; server_name example.com; location / { proxy_cache my_cache; proxy_pass http://backend; proxy_cache_bypass $http_cache_control; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }
- Protocol Conversion:
- Application: Converts HTTP requests to HTTPS requests, or vice versa, enabling protocol conversions.
- Example Configuration:
server { listen 80; server_name example.com; location / { proxy_pass https://backend; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }
- Web Application Firewall (WAF):
- Application: By using Nginx reverse proxy, a WAF can be set up on the front end to filter and protect backend servers from malicious attacks.
- Example Configuration:
server { listen 80; server_name example.com; location / { # Enable Web Application Firewall include /etc/nginx/modsecurity.conf; proxy_pass http://backend; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }
- Distributing Static Content:
- Application: Separates the handling of static content (such as images, CSS, JavaScript) from dynamic content to improve performance and efficiency.
- Example Configuration:
server { listen 80; server_name example.com; location /static/ { root /var/www/html; } location / { proxy_pass http://backend; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; } }
By utilizing Nginx reverse proxy, one can achieve an efficient, flexible, and secure web service architecture, enhancing system performance and reliability to meet various complex application needs.