0
0
Nginxdevops~10 mins

Proxy headers forwarding in Nginx - Step-by-Step Execution

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallTime
Process Flow - Proxy headers forwarding
Client sends request
Nginx receives request
Nginx adds/forwards headers
Nginx sends request to backend
Backend receives request with headers
Backend processes request
Backend sends response
Nginx forwards response to client
The client sends a request to Nginx, which adds or forwards headers before sending the request to the backend server. The backend receives these headers and processes the request accordingly.
Execution Sample
Nginx
location /api/ {
    proxy_pass http://backend;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
This Nginx config forwards the original Host, client IP, and X-Forwarded-For headers to the backend server.
Process Table
StepActionHeader Added/ForwardedValueEffect
1Client sends requestHostexample.comOriginal client Host header
2Nginx receives request--Nginx reads incoming headers
3Nginx sets Host headerHost$host (example.com)Backend sees original Host
4Nginx sets X-Real-IP headerX-Real-IP$remote_addr (192.168.1.10)Backend knows client IP
5Nginx sets X-Forwarded-For headerX-Forwarded-For$proxy_add_x_forwarded_for (192.168.1.10)Backend tracks proxy chain
6Nginx sends request to backendAll above headersForwardedBackend receives headers
7Backend processes request--Backend uses headers for logging/security
8Backend sends response--Response sent back to Nginx
9Nginx forwards response--Client receives backend response
💡 Request cycle completes after response is forwarded to client
Status Tracker
VariableStartAfter Step 3After Step 4After Step 5Final
Hostexample.comexample.comexample.comexample.comexample.com
X-Real-IP--192.168.1.10192.168.1.10192.168.1.10
X-Forwarded-For---192.168.1.10192.168.1.10
Key Moments - 3 Insights
Why do we set the Host header explicitly in proxy_set_header?
Because the backend server often needs the original Host to respond correctly. Without setting it, the backend might see the proxy's hostname instead. See execution_table step 3.
What is the difference between X-Real-IP and X-Forwarded-For headers?
X-Real-IP carries the immediate client's IP, while X-Forwarded-For tracks the full chain of client IPs through proxies. See execution_table steps 4 and 5.
What happens if we don't forward these headers?
The backend won't know the original client IP or Host, which can cause logging, security, or routing issues. See execution_table step 7.
Visual Quiz - 3 Questions
Test your understanding
Look at the execution table, what value does the X-Real-IP header have after step 4?
Aexample.com
B192.168.1.10
C-
Dproxy server IP
💡 Hint
Check the 'Header Added/Forwarded' and 'Value' columns at step 4 in execution_table.
At which step does Nginx add the X-Forwarded-For header?
AStep 3
BStep 4
CStep 5
DStep 6
💡 Hint
Look for the row where 'X-Forwarded-For' is set in the 'Header Added/Forwarded' column.
If we remove proxy_set_header Host, what will the backend likely see as Host?
ANginx server hostname or IP
BEmpty Host header
COriginal client Host header
DClient IP address
💡 Hint
Refer to key_moments about why Host header is set explicitly and execution_table step 3.
Concept Snapshot
Nginx proxy headers forwarding:
- Use proxy_set_header to forward headers like Host, X-Real-IP, X-Forwarded-For
- Host header tells backend the original domain requested
- X-Real-IP passes client IP to backend
- X-Forwarded-For tracks client IP chain through proxies
- Proper headers help backend logging, security, and routing
Full Transcript
When a client sends a request to Nginx, Nginx receives it and adds or forwards important headers before sending the request to the backend server. These headers include Host, which tells the backend the original domain the client requested; X-Real-IP, which carries the client's IP address; and X-Forwarded-For, which tracks the chain of IP addresses if multiple proxies are involved. Nginx sets these headers using proxy_set_header directives. The backend receives these headers and can use them for logging, security checks, or routing decisions. Finally, the backend sends a response back through Nginx to the client. Forwarding these headers correctly ensures the backend knows who the client is and what domain was requested, avoiding issues with incorrect logging or routing.