Guide: Set up a reverse proxy using nginx on Linux

Tom Delerue
May 11, 2018 · 3 min read

A reverse proxy is a server that handles incoming traffic and responds with data this proxy retrieves from one or more instances located in it’s own local network. Look at the reverse proxy as the bridge to the island that is your app environment.

Instance — an optimized computer generally running Linux that is available in your app environment’s local network.

Now why would you need this?

  • Load balancing — distribute incoming traffic across multiple server resources to improve performance.
  • Web acceleration — compress inbound and outbound data, as well as cache commonly requested content to speed up traffic flow.
  • Security — protect the identities of your back end machines. Set up SSL to serve your web app over HTTPS

We’ll be using nginx to set up our reverse proxy on an instance running Linux Debian 9 “stretch”.

This guide requires some basic knowledge of the following subjects: Creating and managing computing instances, SSH, Linux CLI commands, configuring your domain’s A-records.

What exactly are we setting up?

We will be configuring a very basic reverse proxy setup. Our fictional app environment has 2 significant instances: the reverse proxy instance and the target instance that’s running something (e.g. an app) on port 3000. We want to be able to access this app via the reverse proxy when we navigate to our fictional domain www.example.com. Let’s begin!

1. Install nginx

Make sure the instance you set up to act as reverse proxy is configured to allow HTTP traffic. SSH into your reverse proxy instance and run the following commands:

When you navigate to the reverse proxy instance’s public IP using your web browser, you should see a welcome message like this:

nginx welcome message

Congratulations, your instance is now a server.

Some Basic operating commands

2. Configure routes

Change the working directory to the nginx config files location for sites.

Files containing routing rules go in the sites-available/ folder. To activate those rules you need to create a symlink of those files to the sites-enabled/ folder. By default this has already been done for you with the file default. This file has some example configuration rules. We won’t need them so feel free to delete everything inside the file default. Add following lines to the file default:

You can add multiple config files, a config file can contain multiple server{} server blocks, a server block can contain multiple location{} blocks.

Replace the following parameters with your own:

  • example.com www.example.com add all domains that will need to be handled
  • 10.0.0.3 insert the local IP address of the machine that your chosen domains should to redirect to
  • 3000 insert the port where your app will be running

Test your nginx configuration and reload to enable the changes.

Important — Don’t forget to point your domain’s A-records to the configured reverse proxy’s public IP address. Depending on your DNS provider A-records can take some time to update.

Done! When you navigate to your domain now, the proxy will respond with the app running on the internal target instance.

SSL/HTTPS

Continue configuring your reverse proxy with our next guide to enable SSL/HTTPS for your domain.

Moving Cubes

www.moving-cubes.com - Researching and developing rich 3D applications built for the web

Tom Delerue

Written by

Founder & 3D web researcher at moving-cubes.com

Moving Cubes

www.moving-cubes.com - Researching and developing rich 3D applications built for the web

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade