Guides and tutorials

Hundreds of tutorials and step by step guides carefully written by our support team.

How to setup a reverse proxy with Nginx

In this tutorial we will show you how and for what reasons to create a so-called "reverse proxy" with the popular Nginx web server, today the most popular option for this type of task.

What is a reverse proxy?

A reverse proxy refers to a server responsible for displaying content from one or more servers which, in turn, remain hidden from the client or user.

For example, if you put a reverse proxy in front of a web application, your users will never interact directly with the application but rather the reverse proxy will be in charge of acting as an intermediary between your users and the application.

Reverse proxies can be an option to increase security. For example, they allow us to hide the real server where your applications are hosted or they also allow us to implement additional security layers such as, for example, a TLS connection that is applied by the proxy but that would not have been natively supported by your application.

Also, a reverse proxy is useful for serving multiple web applications from the same machine. The application will generally run on localhost on infrequent ports such as 4000 or 5000. Then the reverse proxy will listen on ports 80/443 and serve the content of one web application or another depending on the SNI or host of the request.

Create a reverse proxy with Nginx, step by step

First of all, you must meet the following requirements:

  1. Have root access to a linux server.
  2. Have Nginx installed and activated. Make sure you don't have ports 80 and 443 occupied by another process such as Apache.
  3. Have a web application running on localhost through an arbitrary port that is available (for example port 4000). This can be easily accomplished with NodeJs or .NET Core.

1. Create a new virtual host file You can achieve this by using the nano text editor. A good path to do this is "sites-available" inside the nginx configuration directory.

nano /etc/nginx/sites-available/midominio.com.conf

2. Edit the file and add the settings for the reverse proxy.

server {
  #Listen in the harbor 80, ipv4.
  listen 80; 
  
  #Here you must enter the name of your domain.
  server_name midominio.com;

  access_log            /var/log/nginx/midominio.com.access.log;

  location / {
      #The proxy settings.
      proxy_pass http://localhost:4000/;
  }
}

3. Restart Nginx For Debian-based operating systems: systemctl reload nginx

4. Launch your web application At this point you should run your web application if it is not running yet. In the long run you will want to run it as a service / daemon, but for testing it will be enough to run it manually.

For example, if you have a NodeJS application, the syntax is as follows: node /ruta/applicacion.js

5. Access your web application from the browser If you followed the steps in this tutorial correctly and if your machine does not have other security settings that hinder you, you should now be able to access your application from "mydomain.com" (or whatever your domain is).

6. Serve your application securely with a TLS certificate (highly recommended) Thanks to Nginx as a reverse proxy, you can easily serve your applications securely through a TLS connection. To achieve this we will only have to modify the configuration file of the "virtual host" of Nginx:

server {
    listen 80;
    #Redirect to a secure connection.
    return 301 https://$host$request_uri;
}

server {

    listen 443;
    #Here you must enter the name of your domain.
    server_name midominio.com;

    #Here you must specify the path of your SSL certificate
    ssl_certificate           /etc/ruta/al/certificado/cert.crt;
    ssl_certificate_key       /etc/ruta/al/certificado/cert.key;

    ssl on;
    ssl_session_cache  shared:SSL:10m;
    ssl_protocols  TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    ssl_ciphers EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH;

    ssl_prefer_server_ciphers on;
    ssl_session_timeout  10m;

    access_log            /var/log/nginx/midominio.com.access.log;

    location / {
    
      proxy_pass          http://localhost:4000;
    }
  }

Finally, save the changes, restart nginx with systemctl reload nginx and finally run the application again if you don't already have it as a service or daemon.

It is done!

If you have followed the steps correctly, you will now have a web application served through a reverse proxy by nginx.

More than 2000 m² of own facilities and Data Centers in Spain
Your privacy is important for us
We use our own cookies for the proper functioning of the site. In addition, third-party cookies are used for analytical purposes only. This information is not associated with any person so that personal identifying data is not stored, but is only information that is collected to identify the session, with the aim of facilitating the analysis of the website. You can change your preferences at any time by entering this website again. For more information about our cookie policy you can visit our Cookies. You can press the "Accept and close" button to give us your consent or you can access more detailed information and manage cookies.
More than 2000 m² of own facilities and Data Centers in Spain
Your privacy is important for us
We use our own cookies for the proper functioning of the site. In addition, third-party cookies are used for analytical purposes only. This information is not associated with any person so that personal identifying data is not stored, but is only information that is collected to identify the session, with the aim of facilitating the analysis of the website. You can change your preferences at any time by entering this website again. For more information about our cookie policy you can visit our Cookies. You can press the "Accept and close" button to give us your consent or you can access more detailed information and manage cookies.