Setting Up Nginx as a Reverse Proxy

Learn how to configure Nginx as a reverse proxy to host multiple applications on a single Linux server with SSL/TLS support.

What is a Reverse Proxy?

A reverse proxy sits in front of your applications and forwards client requests to them. Benefits include:

• Host multiple apps on one server with different domains
• SSL/TLS termination in one place
• Load balancing across multiple servers
• Caching for better performance
• Additional security layer

Prerequisites

• Linux server with Ubuntu 20.04 or later
• Domain name(s) pointing to your Linux server
• Root or sudo access

Step 1: Install Nginx

sudo apt update
sudo apt install nginx

Start and enable Nginx:

sudo systemctl start nginx
sudo systemctl enable nginx

Verify installation:

curl localhost

Step 2: Configure Firewall

Allow HTTP and HTTPS:

sudo ufw allow 'Nginx Full'

Step 3: Configure Reverse Proxy

Create a configuration file for your app:

sudo nano /etc/nginx/sites-available/myapp.com

Basic reverse proxy configuration:

server {
    listen 80;
    server_name myapp.com www.myapp.com;

    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Enable the configuration:

sudo ln -s /etc/nginx/sites-available/myapp.com /etc/nginx/sites-enabled/

Test configuration:

sudo nginx -t

Reload Nginx:

sudo systemctl reload nginx

Step 4: Add SSL/TLS with Let's Encrypt

Install Certbot:

sudo apt install certbot python3-certbot-nginx

Obtain certificate:

sudo certbot --nginx -d myapp.com -d www.myapp.com

Certbot automatically:

• Obtains SSL certificate
• Configures Nginx for HTTPS
• Sets up auto-renewal

Step 5: Multiple Applications

Host multiple apps on different domains:

App 1 (myapp.com → port 3000)

server {
    listen 80;
    server_name myapp.com www.myapp.com;

    location / {
        proxy_pass http://localhost:3000;
        # proxy headers...
    }
}

App 2 (api.myapp.com → port 4000)

server {
    listen 80;
    server_name api.myapp.com;

    location / {
        proxy_pass http://localhost:4000;
        # proxy headers...
    }
}

Step 6: Advanced Configuration

Static File Caching

location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
    expires 1y;
    add_header Cache-Control "public, immutable";
}

Rate Limiting

limit_req_zone $binary_remote_addr zone=mylimit:10m rate=10r/s;

server {
    location /api/ {
        limit_req zone=mylimit burst=20;
        proxy_pass http://localhost:4000;
    }
}

Gzip Compression

gzip on;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml;
gzip_min_length 1000;

Troubleshooting

Check Nginx Error Logs

sudo tail -f /var/log/nginx/error.log

Test Configuration

sudo nginx -t

Verify Backend is Running

curl localhost:3000

Conclusion

Nginx reverse proxy lets you host multiple applications efficiently on a single Linux server. With Gumpbox, you can monitor your web server and manage configurations easily.

Next Steps

• Free SSL Certificates with Let's Encrypt and Certbot
• Deploying Applications with Docker on Your Linux server