Guides and tutorials

Hundreds of tutorials and step by step guides carefully written by our support team.

How to create a reverse proxy with Nginx

In this tutorial we will show you how and for what reasons to create a so called "reverse proxy" with the popular web server Nginx, nowadays, the most popular choice for this kind of tasks.

What is a reverse proxy?

A reverse proxy refers to a server that displays content from one or more servers that remain hidden from the client or user.

For example, if you put a reverse proxy in front of a web application, your users will never interact directly with the application, but the reverse proxy will act as an intermediary between your users and the application.

Reverse proxies can be an option to increase security. For example, they allow us to hide the real server where your applications are hosted or also, they allow us to implement additional security layers, such as a TLS connection that is applied by the proxy, but that would not have been natively supported by your application.

Also, a reverse proxy is handy for serving multiple web applications from the same machine. The application will generally run on localhost on infrequent ports such as 4000 or 5000. The reverse proxy will then listen on ports 80/443 and serve the content of one web application or another depending on the SNI or host of the request.

Create a reverse proxy with Nginx, step by step

First of all, you must meet the following requirements:

  1. Have root access to a linux server.
  2. Have Nginx installed and activated. Make sure you do not have ports 80 and 443 occupied by another process, such as Apache.
  3. Have a web application running on localhost through an arbitrary port that is available (e.g. port 4000). This can be easily accomplished with NodeJs or .NET Core.

1. Create a new virtual host file You can accomplish this using the nano text editor. A good path to do this is "sites-available" inside the nginx configuration directory.

nano /etc/nginx/sites-available/midominio.com.conf

**2. Edit the file and add the configuration for the reverse proxy **.

server {
  #Listen in the harbor 80, ipv4.
  listen 80; 
  
  #Here you must enter the name of your domain.
  server_name midominio.com;

  access_log            /var/log/nginx/midominio.com.access.log;

  location / {
      #The proxy settings.
      proxy_pass http://localhost:4000/;
  }
}

3. Restart Nginx For Debian based operating systems: systemctl reload nginx.

4. Launch your web application At this point you will need to run your web application, if it is not already running. In the long run you will want to run it as a service / daemon, but for testing purposes it will be sufficient to run it manually.

For example, if you have a NodeJS application, the syntax is as follows: node /path/path/application.js.

5. Access to your web application from the browser **5. If you followed the steps in this tutorial correctly and if your machine has no other security settings that would hinder you, you should now be able to access your application from "mydomain.com " (or whatever your domain is).

6. Serve your application securely with a TLS certificate (strongly recommended). Thanks to Nginx as a reverse proxy, you can easily serve your applications securely over a TLS connection. To achieve this, we only need to modify the configuration file of the Nginx virtual host:

server {
    listen 80;
    #Redirect to a secure connection.
    return 301 https://$host$request_uri;
}

server {

    listen 443;
    #Here you must enter the name of your domain.
    server_name midominio.com;

    #Here you must specify the path of your SSL certificate
    ssl_certificate           /etc/ruta/al/certificado/cert.crt;
    ssl_certificate_key       /etc/ruta/al/certificado/cert.key;

    ssl on;
    ssl_session_cache  shared:SSL:10m;
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;

    ssl_prefer_server_ciphers on;
    ssl_session_timeout  10m;

    access_log            /var/log/nginx/midominio.com.access.log;

    location / {
    
      proxy_pass          http://localhost:4000;
    }
  }

Finally, save the changes, restart nginx with systemctl reload nginx and run the application again, if you don't already have it as a service or daemon.

That's it!

If you have followed the steps correctly, you will now have a web application served through a reverse proxy by nginx.

More than 2000 m² of own facilities and Data Centers in Spain
Your privacy is important for us
We use our own cookies for the proper functioning of the site. In addition, third-party cookies are used for analytical purposes only. This information is not associated with any person so that personal identifying data is not stored, but is only information that is collected to identify the session, with the aim of facilitating the analysis of the website. You can change your preferences at any time by entering this website again. For more information about our cookie policy you can visit our Cookies. You can press the "Accept and close" button to give us your consent or you can access more detailed information and manage cookies.
More than 2000 m² of own facilities and Data Centers in Spain
Your privacy is important for us
We use our own cookies for the proper functioning of the site. In addition, third-party cookies are used for analytical purposes only. This information is not associated with any person so that personal identifying data is not stored, but is only information that is collected to identify the session, with the aim of facilitating the analysis of the website. You can change your preferences at any time by entering this website again. For more information about our cookie policy you can visit our Cookies. You can press the "Accept and close" button to give us your consent or you can access more detailed information and manage cookies.