Tutorials

Configure Nginx as a Reverse Proxy for Apache on Ubuntu 16.04

Table of Contents

Introduction

Nginx is an open source HTTP server, reverse proxy server and mail proxy server for IMAP/POP3. It is high performance web server with rich of features, simple configuration and low memory usage. Using Nginx as a reverse proxy is great for a few reasons. Firstly it handles static content very well. It is able to handle the requests and serve static content much faster in our tests and this has cut our page load time in about half.

Both Nginx and Apache are powerful and effective web servers. Apache is known for its power and Nginx is known for its speed.

In this tutorial, we will learn how to install and configure the Nginx web server as a reverse proxy for Apache on Ubuntu 16.04. Apache will listen on port 8080. We will configure Nginx to listen on port 80 for incoming user requests. The request will then be forwarded to the Apache server that is listening on port 8080.

Requirements

  • A server running Ubuntu 16.04.
  • A static IP Address for your server.
  • A non-root user account with sudo privileges set up on your server.

Getting Started

First let's make sure that your Ubuntu server is fully up to date.

You can update your server by running the following commands:

sudo apt-get update
sudo apt-get upgrade

Installing and Configuring Nginx

Next, you will need to install and configure Nginx which will serve as the front end of your site.

You can easily install Nginx by running the following command:

sudo apt-get install nginx

Once Nginx has been installed, you will need to setup Nginx as reverse proxy.

You can do this by creating new virtual host file:

sudo nano /etc/nginx/sites-available/webproxy

Add the following content:

server {
    listen   80;

    root /var/www/;
    index index.php index.html index.htm;

    server_name example.com;

    location / {
    try_files $uri $uri/ /index.php;
    }

    location ~ \.php$ {

    proxy_set_header X-Real-IP  $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header Host $host;
    proxy_pass http://127.0.0.1:8080;

     }

     location ~ /\.ht {
            deny all;
    }
}

Save and close the file.

  • The root directive specifies the path of default document root directory.
  • The try_files directive attempts to serve whatever page the visitor requests. If Nginx is unable to fulfill the request, then the file request is passed to the proxy.
  • The proxy_pass directive defines the address of the proxied server.
  • The location directive block denies access to .htaccess file.

Next, you can verify your Nginx configuration syntax by running the following command:

sudo nginx -t

If everything is ok, you should see the following output:

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Now you can activate the virtual host by running the following command:

sudo ln -s /etc/nginx/sites-available/proxyhost /etc/nginx/sites-enabled/webproxy

Additionally, you will need to delete the default nginx server block.

sudo rm /etc/nginx/sites-enabled/default

Next, start the Nginx service by running the following command:

sudo /etc/init.d/nginx start

Then configure the Nginx service to start at boot time by running the following command:

sudo update-rc.d nginx defaults

Installing and Configuring Apache

Once Nginx configuration has been completed, you will need to install Apache to handle proxied requests.

You can install Apache by running the following command:

sudo apt-get install apache2

Next you will need to configure apache to take over the backend. Since Nginx is listening to 80 and we told it to pass the proxy to 8080 which should be where Apache is listening to receive a request. Let’s tell Apache to listen to 8080 and leave 80 for Nginx.

Now open the Apache ports file to set Apache to listen on the correct port:

sudo nano /etc/apache2/ports.conf

Add/Edit the file as shown below:

NameVirtualHost 127.0.0.1:8080
Listen 127.0.0.1:8080

Save and close the file and restart the Apache service.

sudo /etc/init.d/apache2 restart

Then configure the Apache service to start at boot time by running:

sudo update-rc.d apache2 defaults

Next you will need to edit Apache's default virtualhost file:

sudo nano /etc/apache2/sites-enabled/000-default.conf

Make sure your configuration is same as below:

<VirtualHost 127.0.0.1:8080>
        ServerAdmin webmaster@localhost
        DocumentRoot /var/www/
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Save and close the file and restart both the Apache and Nginx services to make the changes take effect:

sudo /etc/init.d/apache2 restart
sudo /etc/init.d/nginx restart

Test Your Nginx Reverse Proxy

Once everything is configured properly, it's time to test the Nginx reverse proxy functionality.

You can do this by running the following curl command:

curl -I localhost

You should see the following output:

HTTP/1.1 200 OK
Server: nginx/1.6.2 (ubuntu)
Date: Wed, 28 July 2016 08:34:02 IST
Content-Type: text/html
Content-Length: 11321
Last-Modified: Tue, 31 June 2016 10:25:08 IST
Connection: keep-alive
Vary: Accept-Encoding
ETag: "564f1a7a-2c39"
Expires: Wed, 28 July 2016 08:34:31 IST
Cache-Control: no-cache
Accept-Ranges: bytes

Configure Logging

If you want to configure Apache to log the real IP address of the visitor instead of the local IP address, then you will need to install the apache module "libapache2-mod-rpaf".

You can install it by running the following command:

sudo apt-get install libapache2-mod-rpaf

Next you will need to edit the module configuration file:

sudo nano /etc/apache2/mods-available/rpaf.conf

Add the server IP address, in this example we use 192.168.1.100 as the server IP.

RPAFproxy_ips 127.0.0.1 192.168.1.100 ::1

Save and close the file and restart Apache server.

sudo /etc/init.d/apache2 restart

You can test rpaf by viewing the Apache access log:

tail -f /var/log/apache2/access.log

You should see the following output:

#Before:
127.0.0.1 - - [31/Jun/2016:08:34:07 +0000] "GET /index.html HTTP/1.1"
127.0.0.1 - - [31/Jun/2016:08:34:10 +0000] "GET /index.html HTTP/1.1"

#After
192.168.1.100 - - [31/Jun/2016:08:34:30 +0000] "GET /index.html HTTP/1.1"
192.168.1.100 - - [31/Jun/2016:08:34:34 +0000] "GET /index.html HTTP/1.1"

Summary

We have successfully configured Nginx to function as a reverse proxy which will pass traffic to Apache. Please feel free to add any comments you may have about this tutorial or let us know if you run into any issues getting it to work.

 
  • curl -I localhost outputs this:

    HTTP/1.1 400 Bad Request Server: nginx/1.10.0 (Ubuntu) Date: Thu, 15 Sep 2016 20:06:15 GMT Content-Type: text/html Content-Length: 280 Connection: close

    Can someone please help a newbie?

    Thanks...

  • Are you sure, that this is right?

    sudo ln -s /etc/nginx/sites-available/proxyhost /etc/nginx/sites-enabled/webproxy

    maybe it must be

    sudo ln -s /etc/nginx/sites-available/webproxy /etc/nginx/sites-enabled/webproxy

  • cp /var/www/html/index.html /var/www/


    curl -I localhost outputs this:

    HTTP/1.1 400 Bad Request Server: nginx/1.10.0 (Ubuntu) Date: Thu, 15 Sep 2016 20:06:15 GMT Content-Type: text/html Content-Length: 280 Connection: close

    Can someone please help a newbie?

    Thanks...

  • curl -I localhost
    

    Results in

    Failed to connect to localhost port 80: Connection refused
    
  • Man, there is an error here: sudo ln -s /etc/nginx/sites-available/proxyhost /etc/nginx/sites-enabled/webproxy

    You should have written: sudo ln -s /etc/nginx/sites-available/webproxy /etc/nginx/sites-enabled/webproxy

    If not, you'll get a "connection refused" error!

Log In, Add a Comment