Nginx Reverse Proxy

Published by jamie on

Reverse Proxy

The difference between a reverse proxy and a forward proxy is that the forward proxy proxies the client; the reverse proxy proxies the server.

In reverse proxy, the client is unaware of the proxy because the client does not need any configuration to access, we only need to send the request to the reverse proxy server, and the reverse proxy server selects the target server to obtain data, and returns it to the client. At this time, the reverse proxy server and the target server are the same. The proxy server address is exposed and the real server IP address is hidden.

To configure the reverse proxy, add the following configuration to the nginx.conf configuration file:

server {
    listen       80;
    server_name  www.123.com;

    location / {
        proxy_pass http://127.0.0.1:8080;
        index  index.html index.htm index.jsp;
    }
}

Introduction to Nginx Reverse Proxy Related Directives

1. Listen

This directive is used to configure network listening. There are three main configuration syntax structures as follows:

# 1. Configure the IP address to listen to
listen address[:port] [default_server] [setfib=number] [backlog=number] [rcvbuf=size] 
    [sndbuf=size] [deferred] [accept_filter=filter] [bind] [ssl];

# 2. configure the listening port
Listening port [default_server] [setfib=number] [backlog=number] [rcvbuf=size] [sndbuf=size] 
    [accept_filter=filter] [deferred] [bind] [ipv6only=on|off] [ssl];

# 3. Configuring UNIX domain name sockets
listen unix:path [default_server] [backlog=number] [rcvbuf=size] [sndbuf=size] 
    [accept_filter=filter] [deferred] [bind] [binding] [ipv6onoff=ON||off filter]
    [deferred] [bind] [ssl];

The above configuration may seem complicated, but it is actually quite simple to use.

listen *:80 | *:8080  # Listen on all ports 80 and 8080.
listen IP_address:port  # Listen on the specified address and port number
listen IP_address #Listen on all ports with the specified IP address.
listen port  # Listen to all IP connections on that port.

The following is an explanation of the specific meaning of each option:

  1. address: IP address, if it is an IPV6 address, you need to use the middle bracket [] to enclose it, such as [fe80::1] and so on.
  2. port: port number, if only the IP address is defined, not the port number, then use port 80.
  3. path: socket file path, such as var/run/nginx.sock and so on.
  4. default_server: identifier, set this virtual host as the default host for address: port. (The default directive was used before nginx-0.8.21)
  5. setfib=number: Nginx-0.8.44 uses this variable to listen to the socket association routing table, which currently only works for FreeBSD and is not commonly used.
  6. backlog=number: set the listen function listen() allows up to how many network connections at the same time in the pending state, in FreeBSD the default is -1, while other platforms default to 511.
  7. rcvbuf=size: set the size of the listen socket to receive buffer.
  8. sndbuf=size: Sets the size of the socket transmit buffer.
  9. deferred: identifier, set accept() to deferred mode.
  10. accept_filter=filter: set the listening port to filter all requests, the filtered content can not be received and processed, this command is only valid in FreeBSD and NetBSD 5.0+ platforms. the filter can be set to dataready or httpready.
  11. bind: identifier, use separate bind() to handle this address:port. In general, for multiple connections with the same port but different IP addresses, the Nginx server will use only one listening directive and use bind() to handle all connections with the same port.
  12. ssl: identifier, sets the session connection to be made using SSL mode. This identifier is related to the HTTPS service provided by the Nginx server.
2. server_name

This directive is used for virtual host configuration. It is usually divided into the following two types:

(1). Name-based virtual host configuration

The syntax format is as follows:

    server_name name … ;

For name, there can be only one name or multiple names separated by spaces. Each name consists of two or three segments separated by “.” between each segment.

    server_name 123.com www.123.com

You can use the wildcard character “*”, but the wildcard character can only be used in the first or last segment composed of three characters, or composed of two characters at the end of the end.

   server_name *.123.com www.123.*

You can also use regular expressions, using “~” as the start tag of the regular expression string.

    server_name ~^www\d+\.123\.com$;

The expression “~” means match a regular expression that starts with www (“^” means start), followed by a number between 0 and 9, followed by “.123.co “, and finally followed by “m” ($ means the end)

The order of priority of the above matches is as follows:

1, exact match server_name
2, wildcard at the beginning of the match server_name successful
3, wildcard at the end of the match server_name successful
4, regular expression match server_name successful

(2). IP address-based virtual host configuration

The syntax structure is the same as matching based on domain name, and you don’t need to consider the problem of wildcards and regular expressions.

    server_name 192.168.1.1

3.location

This command is used to match the URL.

The syntax is as follows:

    location [ = | ~ | ~* | ^~] uri {

    }
  1、=:Used before the uri without regular expression, request string and uri strict match, if the match is successful, stop searching down and process the request immediately.

  2、~:Used to indicate that the uri contains regular expression and is case sensitive.

  3、~*:Used to indicate that the uri contains regular expressions and is not case sensitive.

  4、^~:Used in front of a uri that does not contain a regular expression, it requires the Nginx server to find the location with the highest match between the uri and the request string, and then process the request immediately using this location, instead of using the regular uri in the location block to match the request string.

  Note: If the uri contains a regular expression, it must be marked with a ~ or ~*.

4. proxy_pass

This directive is used to set the address of the proxy server. It can be in the form of host name, IP address plus port number.

The syntax is as follows:

    proxy_pass URL;

URL is the address of the proxy server, which can contain transport protocol, host name or IP address plus port number, URI and so on.

    proxy_pass http://www.123.com/uri;

5. index

This directive is used to set the default homepage of the website.

The syntax is:

    index filename … ;

There can be more than one file name, separated by spaces.

    index index.html index.jsp;

Usually this directive has two functions: the first is that when the user requests access to the site, the request address can not write the name of the home page; the second is that you can set a different home page for a request, according to the request content.

Categories: Nginx
Tags:

0 Comments

Leave a Reply

Avatar placeholder

Your email address will not be published. Required fields are marked *

Table of Contents

Catalogue