arrow_upward

Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Nginx as a reverse proxy/caching server for Apache
#1
Hello fellow members of post4vps.com or non-member if you have found my tutorial by using a search engine (thanks for your interest in reverse proxies by the way),

I am going to explain you how to configure nginx as a reverse proxy for Apache. Of course you could use any webserver or even a Node.JS server instead of Apache. The same idea although I don't explain you how to configure that server. Apart from that nginx functions as a reverse proxy it also caches static files to make your website even faster!

Requirements:
- Linux-based server (Ubuntu, Debian, CentOS, FreeBSD, Fedora, etc. most will fit.)
- Sudo-privileges. As you are going to install a software package into Linux's filesystem you will need to have sudo-privileges (login as root does also qualify).
- Actually there isn't really a minimum amount of RAM you need, since most of the VPS'ses provided by VPS providers are backed with enough memory. But I'm sure you are good to go with about 512MB RAM.

Some things I have to mention:
- We use nginx listening on port 80. SSL listens on 443 by default, I don't tell you how to configure SSL here.
- Our backend webserver (Apache) listens on port 8080.
- I based this tutorial on how I did this on Ubuntu. You might need to change some thing to make it work on the OS of your choice. The config files are pretty much the same.

!!!!IMPORTANT!!!! PLEASE READ THIS BEFORE TRYING OUT MY TUTORIAL!!!!
Unfortunaly I was unable to test this out, it should work, but I am not sure. The code used here is based on the code I use on my production server. Apart from my production server I have no servers so I were unable to test out as I just said. Using this tutorial is fully on your own responsibility / your own risk.  I am not responsible for any damage caused by following my tutorial.

Let's begin!

Step 1: Install Apache, our frontend webserver.
This step is basically one of the most easy one I am going to give. 

Ubuntu/Debian:
sudo apt-get install nginx

CentOS, Fedora, SuSE linux, Red Hat, Red Hat Enterprise, other RHEL based:
sudo yum install nginx

FreeBSD:
sudo pkg install nginx
sudo sysrc nginx_enable=yes
sudo service nginx start

I hope I don't have to explain any of these commands any further. I think you will understand what they will do.

Step 2: Configure nginx.
Create a new nginx site configuration file.
sudo nano /etc/nginx/sites-available/reverseproxy
Of course you can use any editor you like like, vi, nano, vim, etc.

First, open up your nginx site's configuration file.
We start by making the file look like this:
server {
    listen      80;
    server_name post4vps.com www.post4vps.com;
}

Of course, you should change post4vps.com to your own domainname Smile

In that file you will make the following changes:

- Add "location /" to catch every request. In this block we are going to determine whether the request is for an static file or an dynamic file. When it's not an static file, we pass the request to the proxy server (Apache).
In the following scenario, static files are files with the following extensions:
Images: jpeg, jpg, png, gif, bmp, ico, svg, tif, tiff
Web assets: css, js
HTML documents: htm, html
The others: ttf, otf, webp, woff, txt, csv, rtf, doc, docx, xls, xlsx, ppt, pptx, odf, odp, ods, odt, pdf
location / {
    proxy_pass      http://127.0.0.1:8080;
    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|tif|tiff|css|js|htm|html|ttf|otf|webp|woff|txt|csv|rtf|doc|docx|xls|xlsx|ppt|pptx|odf|odp|ods|odt|pdf$
        root           /usr/share/nginx/html/;
        expires        max;
        try_files      $uri @fallback;
    }
}

- Change root to the correct directory. Since the Apache webserver - which we will be going to use for our backend webserver - uses /var/www/html/ we're going to change the root directory to that location.
location / {
    proxy_pass      http://127.0.0.1:8080;
    location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|tif|tiff|css|js|htm|html|ttf|otf|webp|woff|txt|csv|rtf|doc|docx|xls|xlsx|ppt|pptx|odf|odp|ods|odt|pdf$
        root           /var/www/html/;
        expires        max;
        try_files      $uri @fallback;
    }
}

- You've might already have seen it, in above blocks, we have a @fallback, let's create that "location".
What this block is, every file nginx couldn't provide you will "fallback" on this block, and so it will be proxied to our Apache webserver, which on it's turn will try to solve your request.
location @fallback {
    proxy_pass      http://127.0.0.1:8080;
}

- Last but not least, we will add some blocks to deny access to some folders.
location ~ /\.ht    {return 404;}
location ~ /\.svn/  {return 404;}
location ~ /\.git/  {return 404;}
location ~ /\.hg/   {return 404;}
location ~ /\.bzr/  {return 404;}

After making all these changes, your site's configuration will look like this.

server {
    listen      80;
    server_name post4vps.com www.post4vps.com;

    location / {
        proxy_pass      http://127.0.0.1:8080;
        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|tif|tiff|css|js|htm|html|ttf|otf|webp|woff|txt|csv|rtf|doc|docx|xls|xlsx|ppt|pptx|odf|odp|ods|odt|pdf$
            root           /usr/share/nginx/html/;
            expires        max;
            try_files      $uri @fallback;
        }
    }

    location @fallback {
        proxy_pass      http://127.0.0.1:8080;
    }

    location ~ /\.ht    {return 404;}
    location ~ /\.svn/  {return 404;}
    location ~ /\.git/  {return 404;}
    location ~ /\.hg/   {return 404;}
    location ~ /\.bzr/  {return 404;}

}

Save this file and quit the editor. 
Using nano:
Ctrl+O to save, Ctrl+X to quit.

Using vi / vim:
:wq (write, quit) to save the file and then quit the editor.

Step 3: Activate the virtual host file.

We activate the virtual host file using the following command:

sudo ln -s /etc/nginx/sites-available/reverseproxy /etc/nginx/sites-enabled/reverseproxy

When you've changed the file name in the previous step, also change it here.

Remove the default nginx server block to avoid conflicts.

sudo rm /etc/nginx/sites-enabled/default

Restart nginx to make the new server block work.

sudo service nginx restart

Step 4: Install Apache, our backend webserver.
This step is one of the most easy one I am going to give. 

Ubuntu/Debian:
sudo apt-get install apache2

CentOS, Fedora, SuSE linux, Red Hat, Red Hat Enterprise, other RHEL based:
sudo yum install httpd

FreeBSD:
sudo pkg install apache24
sudo sysrc apache24_enable=yes
sudo service apache24 start

As I've also said at the first step of this tutorial, I hope I don't have to explain any of these commands any further. I think you will understand what they will do.

Step 5: Let Apache listen on 8080 instead of the default port 80.
Open up /etc/apache2/ports.conf or /etc/httpd/ports.conf (according to your OS) in your favorite editor.

Change Listen 80 to Listen 8080.

Then we are going to make a copy of the default VirtualHost.

sudo cp /etc/apache2/sites-available/000-default /etc/apache2/sites-available/reverseproxy
You might need to replace "apache2" with "httpd", according to your OS. Make it fit your needs eitherway, I based this tutorial on Ubuntu.

Enable the virtualhost
sudo a2ensite reverseproxy

Restart Apache to make your virtual host take effect.

sudo /etc/init.d/apache2 restart
You might need to replace "apache2" with "httpd", according to your OS. 

In that file change port 80 to 8080.

For example:
<VirtualHost *:80>
will become
<VirtualHost *:8080>

Then you might want to install PHP to Apache. There are plenty of tutorials to do that, so don't be lazy and just look it up by yourself.

To test whether your reverse proxy works just well, put the following into /var/www/html/info.php

<?php phpinfo(); ?>

Then go to http://DOMAIN/info.php or http://IP/info.php

If you get a page that looks like this, you are good to go!

[Image: phpinfo-page.png]

Thanks for reading my tutorial on how to configure nginx as a reverse / caching proxy for Apache.

REGARDING REPRODUCEMENT
Reproducing my tutorial without my permission is not permitted!! I and only I am allowed to reproduce my own tutorial unless I have permitted you to do and you can show me you have permission.
If you want to post this tutorial on your own website, please send me a PM. Most of the time I will give you permission under the condition that you won't claim it as it's your own Smile.
This tutorial is available on the next websites/forums, with permission:
- freedomain.club
- post4vps.com
#2
First, you can't blame anyone if they make a tutorial like this. This information is everywhere. So "reproducing it without permission" is technically invalid. Same commands and almost the same configurations are used to do it.

Second, it's recommended to put root outside location according to some posts on the internet.
http://FreeVPS.club - Free VPSs!
#3
(11-17-2015, 04:55 AM)Conan Wrote: First, you can't blame anyone if they make a tutorial like this. This information is everywhere. So "reproducing it without permission" is technically invalid. Same commands and almost the same configurations are used to do it.

Second, it's recommended to put root outside location according to some posts on the internet.

I guess you understand what I mean? I don't mind when someone likes to write his own tutorial based on my tutorial, no problem! The only thing I DON'T want is people who just simply copy+paste my tutorial. That would make my tutorial less findable (Is that correct English?) when using Google. Now the tutorial is more unique.

What do you mean by "put root outside location"?

Obviously you don't want to run nginx, php, or whatever application that is available publicly available. As you mentioned, that's insecure.
#4
First, you said "reproducing" not copying
Reporoducing includes making work based on your work.

Second, this is what i meant
root /var/www;
location / {
#settings here
}
it's more convenient In my opinion because you don't need to type root in every location block
http://FreeVPS.club - Free VPSs!
#5
(11-17-2015, 11:06 PM)Conan Wrote: First, you said "reproducing" not copying
Reporoducing includes making work based on your work.

Second, this is what i meant
root /var/www;
location / {
#settings here
}
it's more convenient In my opinion because you don't need to type root in every location block

Both will work. Just do what you like most Smile
#6
(11-18-2015, 05:08 PM)RickB Wrote:
(11-17-2015, 11:06 PM)Conan Wrote: First, you said "reproducing" not copying
Reporoducing includes making work based on your work.

Second, this is what i meant
root /var/www;
location / {
#settings here
}
it's more convenient In my opinion because you don't need to type root in every location block

Both will work. Just do what you like most Smile

I know both will work.
Some sites say it's faster than putting it in the location block.
Also it's more convenient as I said. No need to put it in every location block. Also it helps make a smaller config.
http://FreeVPS.club - Free VPSs!
#7
(11-22-2015, 10:45 AM)Conan Wrote:
(11-18-2015, 05:08 PM)RickB Wrote:
(11-17-2015, 11:06 PM)Conan Wrote: First, you said "reproducing" not copying
Reporoducing includes making work based on your work.

Second, this is what i meant
root /var/www;
location / {
#settings here
}
it's more convenient In my opinion because you don't need to type root in every location block

Both will work. Just do what you like most Smile

I know both will work.
Some sites say it's faster than putting it in the location block.
Also it's more convenient as I said. No need to put it in every location block. Also it helps make a smaller config.

It might be a little faster, since the file is smaller. I don't really know how nginx reads the config. I don't think the impact of putting "root" outside the location { } will be noticable...
#8
Nginx is very good reverse proxy. It is light and blazing fast. This tutorial could be way shorter. It is pretty easy to setup nginx as a reverse proxy for apache. Not this many details are actually required.



person_pin_circle Users browsing this thread: 3 Guest(s)
Sponsors: VirMach - Host4Fun - CubeData - Evolution-Host - HostDare - Hyper Expert - Shadow Hosting - Bladenode - Hostlease - RackNerd - ReadyDedis - Limitless Hosting