Bird
Raised Fist0
Nginxdevops~5 mins

Proxy headers in Nginx - Cheat Sheet & Quick Revision

Choose your learning style10 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime

Start learning this pattern below

Jump into concepts and practice - no test required

or
Recommended
Test this pattern10 questions across easy, medium, and hard to know if this pattern is strong
Recall & Review
beginner
What is the purpose of proxy headers in nginx?
Proxy headers in nginx pass important client information to the backend server, such as the original IP address and protocol, so the backend knows who made the request.
Click to reveal answer
beginner
Which nginx directive sets the original client IP address in proxy headers?
The directive proxy_set_header X-Real-IP $remote_addr; sets the original client IP address in the X-Real-IP header.
Click to reveal answer
intermediate
What does the X-Forwarded-For header represent?
The X-Forwarded-For header lists the IP addresses of the client and any proxies the request passed through, helping the backend identify the original client IP.
Click to reveal answer
intermediate
How do you pass the original protocol (HTTP or HTTPS) to the backend in nginx proxy headers?
Use proxy_set_header X-Forwarded-Proto $scheme; to send the original protocol (http or https) to the backend server.
Click to reveal answer
beginner
Why is it important to set proxy headers correctly in nginx?
Setting proxy headers correctly ensures the backend server receives accurate client info, which is vital for logging, security checks, and generating correct responses.
Click to reveal answer
Which nginx directive sets the client's original IP address in proxy headers?
Aproxy_set_header X-Real-IP $remote_addr;
Bproxy_pass http://backend;
Clisten 80;
Dserver_name example.com;
What does the X-Forwarded-Proto header tell the backend?
AThe client's IP address
BThe request method (GET, POST)
CThe backend server's IP
DThe original protocol used (HTTP or HTTPS)
Why is the X-Forwarded-For header useful?
AIt sets the backend server's IP
BIt lists all IPs the request passed through
CIt changes the request method
DIt sets the server name
Which of these is NOT a typical proxy header set by nginx?
AX-Server-Name
BX-Forwarded-For
CX-Real-IP
DX-Forwarded-Proto
What happens if proxy headers are not set correctly in nginx?
ABackend server crashes
BNginx stops working
CBackend gets wrong client info
DClient IP is hidden from nginx
Explain why proxy headers like X-Real-IP and X-Forwarded-For are important in nginx proxy setups.
Think about how the backend knows who made the request.
You got /3 concepts.
    Describe how to configure nginx to pass the original protocol and client IP to the backend server.
    Look for directives that set headers with $remote_addr and $scheme.
    You got /2 concepts.

      Practice

      (1/5)
      1. What is the main purpose of setting proxy headers like X-Real-IP in an nginx configuration?
      easy
      A. To encrypt the data between nginx and the client
      B. To cache the client's request on nginx
      C. To pass the original client's IP address to the backend server
      D. To block unwanted IP addresses from accessing the server

      Solution

      1. Step 1: Understand proxy headers role

        Proxy headers like X-Real-IP carry client info through nginx to backend servers.

      2. Step 2: Identify the purpose of X-Real-IP

        This header specifically passes the original client's IP address to the backend for logging or processing.

      3. Final Answer:

        To pass the original client's IP address to the backend server -> Option C

      4. Quick Check:

        Proxy headers pass client info = B [OK]
      Hint: Remember: X-Real-IP shows client's real IP to backend [OK]
      Common Mistakes:
      • Confusing proxy headers with encryption settings
      • Thinking proxy headers cache requests
      • Assuming proxy headers block IPs
      2. Which of the following is the correct nginx directive to set the X-Forwarded-Proto header to the client's protocol?
      easy
      A. proxy_set_header X-Forwarded-Proto $scheme;
      B. set_header X-Forwarded-Proto $protocol;
      C. proxy_header X-Forwarded-Proto $scheme;
      D. header_set X-Forwarded-Proto $protocol;

      Solution

      1. Step 1: Recall nginx syntax for proxy headers

        The correct directive to set headers in nginx proxy is proxy_set_header.

      2. Step 2: Match variable for client protocol

        The variable $scheme holds the client's protocol (http or https).

      3. Final Answer:

        proxy_set_header X-Forwarded-Proto $scheme; -> Option A

      4. Quick Check:

        proxy_set_header + $scheme = A [OK]
      Hint: Use proxy_set_header with $scheme for protocol header [OK]
      Common Mistakes:
      • Using incorrect directive names like set_header
      • Using wrong variable names like $protocol
      • Mixing directive order or syntax
      3. Given this nginx proxy configuration snippet:
      proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

      What will be the value of X-Forwarded-For if the client IP is 10.0.0.1 and the request passed through one proxy with IP 192.168.1.1?
      medium
      A. 10.0.0.1
      B. 192.168.1.1, 10.0.0.1
      C. 192.168.1.1
      D. 10.0.0.1, 192.168.1.1

      Solution

      1. Step 1: Understand $proxy_add_x_forwarded_for behavior

        This variable appends the $remote_addr (proxy IP seen by nginx) to the existing X-Forwarded-For header chain from previous proxies.

      2. Step 2: Order of IPs in X-Forwarded-For

        The chain lists the original client first, then proxy IPs appended. For client 10.0.0.1 via proxy 192.168.1.1, it becomes 10.0.0.1, 192.168.1.1.

      3. Final Answer:

        10.0.0.1, 192.168.1.1 -> Option D

      4. Quick Check:

        Client IP last in X-Forwarded-For = C [OK]
      Hint: X-Forwarded-For lists original client first, then proxies [OK]
      Common Mistakes:
      • Reversing IP order in X-Forwarded-For
      • Confusing X-Real-IP with X-Forwarded-For
      • Ignoring existing proxy IPs in header
      4. You have this nginx config snippet:
      proxy_set_header X-Real-IP $remote_addr
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

      When reloading nginx, it fails with a syntax error. What is the problem?
      medium
      A. Missing semicolon at the end of the first proxy_set_header line
      B. Incorrect variable name $proxy_add_x_forwarded_for
      C. proxy_set_header cannot be used twice in one block
      D. X-Real-IP header cannot be set manually

      Solution

      1. Step 1: Check nginx directive syntax

        Each directive line must end with a semicolon in nginx configuration.

      2. Step 2: Identify missing semicolon

        The first line lacks a semicolon after $remote_addr, causing syntax error.

      3. Final Answer:

        Missing semicolon at the end of the first proxy_set_header line -> Option A

      4. Quick Check:

        Every directive needs semicolon = D [OK]
      Hint: Always end nginx directives with semicolon [OK]
      Common Mistakes:
      • Ignoring semicolon syntax rules
      • Assuming variable names are wrong without checking
      • Thinking headers can't be set multiple times
      5. You want to ensure your backend server correctly logs the original client IP and protocol when nginx proxies requests. Which complete nginx proxy header configuration snippet achieves this?
      hard
      A. proxy_set_header X-Real-IP $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-Proto $protocol;
      B. proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme;
      C. proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Real-IP $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme;
      D. proxy_set_header X-Real-IP $remote_addr proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for proxy_set_header X-Forwarded-Proto $scheme

      Solution

      1. Step 1: Verify correct variables for headers

        X-Real-IP should be $remote_addr, X-Forwarded-For uses $proxy_add_x_forwarded_for, and X-Forwarded-Proto uses $scheme.

      2. Step 2: Check syntax correctness

        Each directive must end with a semicolon; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; has correct syntax and variables.

      3. Final Answer:

        proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; -> Option B

      4. Quick Check:

        Correct vars + semicolons = A [OK]
      Hint: Use $remote_addr, $proxy_add_x_forwarded_for, $scheme with semicolons [OK]
      Common Mistakes:
      • Swapping variables between headers
      • Omitting semicolons causing errors
      • Using undefined variables like $protocol