How to Configure Nginx as a Reverse Proxy in CentOS
To Configure Nginx as a Reverse Proxy in CentOS
Nginx is a webserver or reverse proxy that helps the users to deploy and deliver the sites with high performance, security, etc. It can also create a load balance between multiple back end web servers. This article explains the configuration of Nginx as a Reverse Proxy in CentOS.
Testing Environment
Reverse Proxy:
IP address &ndash 192.168.5.237
Hostname &ndash node1.example.com
Webserver:
IP address &ndash 192.168.5.238
Hostname &ndash node2.example.com
Pre-requisites
Before going to set reverse proxy, setup basic apache web server on the webserver node with any content. And hostname resolution between these machines is must. Inorder to do that configure DNS server or create entry in /etc/hosts file, for example shown below.
Sample Hosts file entry:
192.168.5.237 node1.example.com node1
192.168.5.238 node2.example.com node2
Installation of Nginx
Inorder to install Nginx, we need to add epel repository.
[root@node1 ~]# yum install epel-release -y
Loaded plugins: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
* base: mirror.fibergrid.in
* extras: mirror.fibergrid.in
* updates: mirror.fibergrid.in
Resolving Dependencies
--> Running transaction check
---> Package epel-release.noarch 0:7-6 will be installed
--> Finished Dependency Resolution
.
.
.
Running transaction
Installing : epel-release-7-6.noarch 1/1
Verifying : epel-release-7-6.noarch 1/1
Installed:
epel-release.noarch 0:7-6
Complete!
Now its time to install Nginx with following command.
[root@node1 ~]# yum install nginx &ndash y
Loading mirror speeds from cached hostfile
* base: mirror.fibergrid.in
* epel: kartolo.sby.datautama.net.id
* extras: mirror.fibergrid.in
* updates: mirror.fibergrid.in
Resolving Dependencies
--> Running transaction check
---> Package nginx.x86_64 1:1.10.2-1.el7 will be installed
.
.
.
Dependency Installed:
GeoIP.x86_64 0:1.5.0-9.el7 gperftools-libs.x86_64 0:2.4-7.el7 libunwind.x86_64 2:1.1-5.el7_2.2
nginx-all-modules.noarch 1:1.10.2-1.el7 nginx-filesystem.noarch 1:1.10.2-1.el7 nginx-mod-http-geoip.x86_64 1:1.10.2-1.el7
nginx-mod-http-image-filter.x86_64 1:1.10.2-1.el7 nginx-mod-http-perl.x86_64 1:1.10.2-1.el7 nginx-mod-http-xslt-filter.x86_64 1:1.10.2-1.el7
nginx-mod-mail.x86_64 1:1.10.2-1.el7 nginx-mod-stream.x86_64 1:1.10.2-1.el7
Complete!
To Configure Nginx as Reverse Proxy
Let' s open the Nginx configuration file to configure the Nginx as a reverse proxy.
[root@node1 ~]# vim /etc/nginx/nginx.conf
Disable the Nginx as a webserver in configuration file by commenting the following lines.
# server { # listen 80 default_server # listen [::]:80 default_server # server_name _ # root /usr/share/nginx/html # Load configuration files for the default server block. # include /etc/nginx/default.d/*.conf # location / { # } # error_page 404 /404.html # location = /40x.html { # } # error_page 500 502 503 504 /50x.html # location = /50x.html { # } # }
Then add the following configuration to enable Nginx as a reverse proxy.
server { listen 80 server_name node2.example.com access_log off error_log off location / { proxy_pass http://192.168.5.238/ proxy_redirect off proxy_set_header Host $host proxy_set_header X-Real-IP $remote_addr proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for proxy_max_temp_file_size 0 client_max_body_size 10m client_body_buffer_size 128k proxy_connect_timeout 90 proxy_send_timeout 90 proxy_read_timeout 90 proxy_buffer_size 4k proxy_buffers 4 32k proxy_busy_buffers_size 64k proxy_temp_file_write_size 64k } }
Mention the IP address and Hostname for the backend webserver
Restart and enable the nginx service to take effect. Then allow HTTP port on the firewall.
[root@node1 ~]# systemctl start nginx [root@node1 ~]# systemctl enable nginx ln -s ' /usr/lib/systemd/system/nginx.service' ' /etc/systemd/system/multi-user.target.wants/nginx.service' [root@node1 ~]# firewall-cmd --permanent --add-service=http success [root@node1 ~]# firewall-cmd --reload
Once the above process is completed, call reverse proxy server' s IP address to view the output.
Comments ( 4 )
server {
listen 80;
server_name node2.example.com;
access_log off;
error_log off;
location /nginx {
proxy_pass your_backend_ip;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_max_temp_file_size 0;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
}
}