Table of Contents
- Introduction
- Requirements
- Getting Started
- Installing and Configuring Nginx
- Installing and Configuring Apache
- Test Your Nginx Reverse Proxy
- Configure Logging
- Summary
Introduction
Nginx is an open source HTTP server, reverse proxy server and mail proxy server for IMAP/POP3. It is high performance web server with rich of features, simple configuration and low memory usage. Using Nginx as a reverse proxy is great for a few reasons. Firstly it handles static content very well. It is able to handle the requests and serve static content much faster in our tests and this has cut our page load time in about half.
Both Nginx and Apache are powerful and effective web servers. Apache is known for its power and Nginx is known for its speed.
In this tutorial, we will learn how to install and configure the Nginx web server as a reverse proxy for Apache on Ubuntu 16.04. Apache will listen on port 8080. We will configure Nginx to listen on port 80 for incoming user requests. The request will then be forwarded to the Apache server that is listening on port 8080.
Requirements
- A server running Ubuntu 16.04.
- A static IP Address for your server.
- A non-root user account with
sudoprivileges set up on your server.
Getting Started
First let's make sure that your Ubuntu server is fully up to date.
You can update your server by running the following commands:
sudo apt-get update
sudo apt-get upgrade
Installing and Configuring Nginx
Next, you will need to install and configure Nginx which will serve as the front end of your site.
You can easily install Nginx by running the following command:
sudo apt-get install nginx
Once Nginx has been installed, you will need to setup Nginx as reverse proxy.
You can do this by creating new virtual host file:
sudo nano /etc/nginx/sites-available/webproxy
Add the following content:
server {
listen 80;
root /var/www/;
index index.php index.html index.htm;
server_name example.com;
location / {
try_files $uri $uri/ /index.php;
}
location ~ \.php$ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8080;
}
location ~ /\.ht {
deny all;
}
}
Save and close the file.
- The
rootdirective specifies the path of default document root directory. - The
try_filesdirective attempts to serve whatever page the visitor requests. If Nginx is unable to fulfill the request, then the file request is passed to the proxy. - The
proxy_passdirective defines the address of the proxied server. - The
locationdirective block denies access to .htaccess file.
Next, you can verify your Nginx configuration syntax by running the following command:
sudo nginx -t
If everything is ok, you should see the following output:
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
Now you can activate the virtual host by running the following command:
sudo ln -s /etc/nginx/sites-available/proxyhost /etc/nginx/sites-enabled/webproxy
Additionally, you will need to delete the default nginx server block.
sudo rm /etc/nginx/sites-enabled/default
Next, start the Nginx service by running the following command:
sudo /etc/init.d/nginx start
Then configure the Nginx service to start at boot time by running the following command:
sudo update-rc.d nginx defaults
Installing and Configuring Apache
Once Nginx configuration has been completed, you will need to install Apache to handle proxied requests.
You can install Apache by running the following command:
sudo apt-get install apache2
Next you will need to configure apache to take over the backend. Since Nginx is listening to 80 and we told it to pass the proxy to 8080 which should be where Apache is listening to receive a request. Let’s tell Apache to listen to 8080 and leave 80 for Nginx.
Now open the Apache ports file to set Apache to listen on the correct port:
sudo nano /etc/apache2/ports.conf
Add/Edit the file as shown below:
NameVirtualHost 127.0.0.1:8080
Listen 127.0.0.1:8080
Save and close the file and restart the Apache service.
sudo /etc/init.d/apache2 restart
Then configure the Apache service to start at boot time by running:
sudo update-rc.d apache2 defaults
Next you will need to edit Apache's default virtualhost file:
sudo nano /etc/apache2/sites-enabled/000-default.conf
Make sure your configuration is same as below:
<VirtualHost 127.0.0.1:8080>
ServerAdmin webmaster@localhost
DocumentRoot /var/www/
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
Save and close the file and restart both the Apache and Nginx services to make the changes take effect:
sudo /etc/init.d/apache2 restart
sudo /etc/init.d/nginx restart
Test Your Nginx Reverse Proxy
Once everything is configured properly, it's time to test the Nginx reverse proxy functionality.
You can do this by running the following curl command:
curl -I localhost
You should see the following output:
HTTP/1.1 200 OK
Server: nginx/1.6.2 (ubuntu)
Date: Wed, 28 July 2016 08:34:02 IST
Content-Type: text/html
Content-Length: 11321
Last-Modified: Tue, 31 June 2016 10:25:08 IST
Connection: keep-alive
Vary: Accept-Encoding
ETag: "564f1a7a-2c39"
Expires: Wed, 28 July 2016 08:34:31 IST
Cache-Control: no-cache
Accept-Ranges: bytes
Configure Logging
If you want to configure Apache to log the real IP address of the visitor instead of the local IP address, then you will need to install the apache module "libapache2-mod-rpaf".
You can install it by running the following command:
sudo apt-get install libapache2-mod-rpaf
Next you will need to edit the module configuration file:
sudo nano /etc/apache2/mods-available/rpaf.conf
Add the server IP address, in this example we use 192.168.1.100 as the server IP.
RPAFproxy_ips 127.0.0.1 192.168.1.100 ::1
Save and close the file and restart Apache server.
sudo /etc/init.d/apache2 restart
You can test rpaf by viewing the Apache access log:
tail -f /var/log/apache2/access.log
You should see the following output:
#Before:
127.0.0.1 - - [31/Jun/2016:08:34:07 +0000] "GET /index.html HTTP/1.1"
127.0.0.1 - - [31/Jun/2016:08:34:10 +0000] "GET /index.html HTTP/1.1"
#After
192.168.1.100 - - [31/Jun/2016:08:34:30 +0000] "GET /index.html HTTP/1.1"
192.168.1.100 - - [31/Jun/2016:08:34:34 +0000] "GET /index.html HTTP/1.1"
Summary
We have successfully configured Nginx to function as a reverse proxy which will pass traffic to Apache. Please feel free to add any comments you may have about this tutorial or let us know if you run into any issues getting it to work.
curl -I localhost outputs this:
HTTP/1.1 400 Bad Request Server: nginx/1.10.0 (Ubuntu) Date: Thu, 15 Sep 2016 20:06:15 GMT Content-Type: text/html Content-Length: 280 Connection: close
Can someone please help a newbie?
Thanks...
Are you sure, that this is right?
sudo ln -s /etc/nginx/sites-available/proxyhost /etc/nginx/sites-enabled/webproxy
maybe it must be
sudo ln -s /etc/nginx/sites-available/webproxy /etc/nginx/sites-enabled/webproxy
cp /var/www/html/index.html /var/www/
curl -I localhost outputs this:
HTTP/1.1 400 Bad Request Server: nginx/1.10.0 (Ubuntu) Date: Thu, 15 Sep 2016 20:06:15 GMT Content-Type: text/html Content-Length: 280 Connection: close
Can someone please help a newbie?
Thanks...
Results in
Man, there is an error here: sudo ln -s /etc/nginx/sites-available/proxyhost /etc/nginx/sites-enabled/webproxy
You should have written: sudo ln -s /etc/nginx/sites-available/webproxy /etc/nginx/sites-enabled/webproxy
If not, you'll get a "connection refused" error!