๐ END-TO-END: NGINX REVERSE PROXY TUTORIAL¶
โ 1. What is a Reverse Proxy (Easy Explanation)¶
A reverse proxy sits in front of your backend app and forwards requests.
Flow:
NGINX handles:
-
Routing
-
SSL/TLS
-
Load balancing
-
Caching
-
Security
-
Rate limiting
Your backend only handles business logic.
โ 2. Example Setup¶
We assume:
-
Backend running at: http://localhost:3000
-
NGINX receives requests at: http://your-domain
๐ 3. Install NGINX¶
Ubuntu / Debian:
๐ 4. Create Reverse Proxy Config¶
Create a new NGINX server block:
Paste this:
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Replace
example.comwith your domain or IP.
๐ 5. Enable the Reverse Proxy¶
Enable config:
Remove default:
Test config:
Reload:
๐ฅ Now your backend is live!¶
Visit:
๐ http://your-domain
NGINX โ Forwards โ Backend server
โก 6. Add SSL (HTTPS) Automatically¶
Install Certbot:
Run:
Certbot will:
โ Install SSL
โ Configure HTTPS
โ Redirect HTTP โ HTTPS
๐ 7. Optional: Proxy for Specific Paths¶
Example:
location /api/ {
proxy_pass http://127.0.0.1:3000/;
}
location /auth/ {
proxy_pass http://127.0.0.1:4000/;
}
๐งช 8. Optional: Reverse Proxy for WebSocket (Real-Time apps)¶
Use this if your backend uses WebSocket:
location /ws/ {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
๐ 9. Logs for Debugging¶
Access logs:¶
Error logs:¶
๐ก 10. Bonus: Improve Reverse Proxy Performance¶
Add to nginx.conf โ inside http {}:
proxy_read_timeout 60s;
proxy_connect_timeout 60s;
proxy_send_timeout 60s;
client_max_body_size 20M;
๐ Reverse Proxy Setup Completed!¶
You now have:
โ NGINX reverse proxy
โ Backend linked
โ SSL enabled
โ Path-based routing
โ WebSocket support
โ Optimized configuration