Let’s start by understanding what a reverse proxy server means and then I’ll lay down the steps for setting up such a server using our beloved NGINX.


A reverse proxy server is one which helps in directing client requests to other (usually backend) servers or to multiple applications hosted on the same server on different ports. You can think of it as an abstraction layer that re-routes traffic from the proxy server to your respective (aforementioned) setup.

But wait, why would one need such kind of a setup? A reverse proxy server helps in

  1. Loading balancing your application backend
  2. Establishing security by adding an additional (publicly accessible) abstraction layer hiding one or multiple (private) servers inside a local area network
  3. Hosting multiple applications on a single server using multi-port setup instead of resorting to IPv6
  4. Boosting performance by compressing traffic on the abstraction layer instead of your web servers

Other NGINX blogs you might find useful

  1. NGINX – Redirecting traffic between www and non-www domain
  2. NGINX – Restrict access to Geographical Locations using GeoIP module
  3. NGINX – Disable direct access (via http and https) to a website using IP address
  4. NGINX – Redirecting HTTP to HTTPS
  5. NGINX – Easiest way to setup SSL on using .pfx files

Moving onto the how part, let’s see how can such a reverse proxy server be setup easily for the use case wherein a single server has multiple web applications hosted on it (to understand the other use cases, i.e 1 and 2, you might want to refer to the following blog post – Loading balancing your application made easy). Let’s say two separate applications are running on your server at port 9000 and 9001. So the location of these applications from the perspective of your server would be http://localhost:9000 and http://localhost:9001.

(For this example the NGINX setup used is on Ubuntu 16.04 LTS using NGINX version 1.10.0)

Begin by adding a new virtual server configuration file at /etc/nginx/sites-available where /etc/nginx is usually the location where NGINX is setup. Let’s name this file as example.com and add the following instructions to it

server {
  listen 80;
  server_name example.com www.example.com;

  location / {
    proxy_pass http://localhost:9000;
    proxy_set_header Host $http_host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

From the instructions we can see that the domain names example.com and http://www.example.com are redirecting the traffic to your application running at http://localhost:9000 on the server.

Now, add another virtual server configurations file at the same location but name that file as example.org and add the following instructions to it

server {
 listen 80;
 server_name example.org www.example.org;

 location / {
   proxy_pass http://localhost:9001;
   proxy_set_header Host $http_host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

You’ll notice there’s a difference in the instructions of this virtual server wherein domain example.org and http://www.example.org are pointing to a separate application running at http://localhost:9001.

Now create the soft links of the two files added to /etc/nginx/sites-available inside /etc/nginx/sites-enabled and restart NGINX.

Soft links to virtual server configuration files can be created using

sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/example.com


sudo ln -s /etc/nginx/sites-available/example.org /etc/nginx/sites-enabled/example.org

With this setup all traffic from http://example.com and http://example.org will be proxied to http://localhost:9000 and http://localhost:9001 respectively using our NGINX virtual server configurations.




Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s