Nginxdevops~5 mins

Why reverse proxying serves backend applications in Nginx - Why It Works

Choose your learning style9 modes available

Learn Why Deep Visual Try Challenge Project Recall Time

Introduction

Sometimes backend applications cannot be accessed directly by users because they run on private servers or use ports that are blocked. A reverse proxy acts like a friendly middleman that takes user requests and forwards them to the backend safely and efficiently.

When you want to hide the real address and port of your backend app from users for security.

When you need to distribute user requests to multiple backend servers to balance the load.

When you want to add SSL encryption to a backend app that does not support it.

When you want to cache responses to speed up repeated requests.

When you want to serve multiple backend apps under one public web address.

Config File - nginx.conf

nginx.conf

events {}
http {
    server {
        listen 80;
        server_name example.com;

        location / {
            proxy_pass http://localhost:5000;
            proxy_set_header Host $host;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header X-Forwarded-Proto $scheme;
        }
    }
}

This configuration tells Nginx to listen on port 80 for requests to example.com. It forwards all requests to the backend app running on localhost port 5000 using proxy_pass. The proxy_set_header lines pass important client information to the backend app so it knows who made the request.

Commands

Check if the Nginx configuration file syntax is correct before applying it.

Terminal

sudo nginx -t

Expected OutputExpected

nginx: the configuration file /etc/nginx/nginx.conf syntax is ok nginx: configuration file /etc/nginx/nginx.conf test is successful

Reload Nginx to apply the new reverse proxy configuration without stopping the server.

Terminal

sudo systemctl reload nginx

Expected OutputExpected

No output (command runs silently)

Send a simple HTTP request to the public address to verify the reverse proxy forwards requests to the backend.

Terminal

curl -I http://example.com

Expected OutputExpected

HTTP/1.1 200 OK Server: nginx Date: Wed, 01 Jan 2025 12:00:00 GMT Content-Type: text/html; charset=utf-8 Connection: keep-alive

Key Concept

If you remember nothing else from this pattern, remember: a reverse proxy safely forwards user requests to backend apps hiding their details and adding useful features like security and load balancing.

Common Mistakes

Not setting the proxy_set_header directives in the Nginx config.

The backend app may not receive correct client information, causing issues with logging, security, or redirects.

Always include proxy_set_header lines to pass client headers like Host and X-Real-IP.

Reloading Nginx without testing the config first.

If the config has errors, Nginx will fail to reload and the service may stop working.

Run 'sudo nginx -t' to test config syntax before reloading.

Trying to access the backend app directly without using the reverse proxy.

The backend may be unreachable or insecure without the proxy in place.

Access the app only through the reverse proxy URL.

Summary

Configure Nginx as a reverse proxy to forward requests from a public address to a backend app.

Test the Nginx configuration syntax before applying changes to avoid downtime.

Reload Nginx to apply the reverse proxy settings without stopping the server.

Verify the proxy works by sending a request to the public URL and checking the response.