Skip to content

Instantly share code, notes, and snippets.

@sutlxwhx

sutlxwhx/README.md

Last active August 22, 2018 12:11
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save sutlxwhx/3dc0a507f5452ebed0f8344003397816 to your computer and use it in GitHub Desktop.
Save sutlxwhx/3dc0a507f5452ebed0f8344003397816 to your computer and use it in GitHub Desktop.
Download ZIP
Use Nginx as a Reverse Proxy to another Nginx
Raw
README.md

Instroduction

This tutorial will show how you can setup Nginx as a Reverse Proxy to another Nginx server with a least amount of code.

Installation

Point your A DNS record to the first server that will accept the initial request and then redirect it to second server On that first server use the following setup fo default enabled site:

server {
	listen 80;
	server_name $host;
	# IP - IP address of the second server
	# PORT - Nginx port of the second server
	location / {
		proxy_pass http://IP:PORT;
		proxy_redirect off;
		proxy_set_header Host $host;
		proxy_set_header X-Forwarded-Proto $scheme;
		proxy_set_header X-Forwarded-For $remote_addr;
	}
}

If you are using Cloudflare as DNS provider and you are proxying the requests to your first server through it then you need to enable ngx_http_realip_module and state the IP range from the official Cloudflare list:

set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 104.16.0.0/12;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 131.0.72.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 2400:cb00::/32;
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2c0f:f248::/32;
set_real_ip_from 2a06:98c0::/29;
real_ip_header CF-Connecting-IP;

server {
	listen 80;
	server_name $host;
	# IP - IP address of the second server
	# PORT - Nginx port of the second server
	location / {
		proxy_pass http://IP:PORT;
		proxy_redirect off;
		proxy_set_header Host $host;
		proxy_set_header X-Real-IP $http_cf_connecting_ip;
		proxy_set_header X-Forwarded-Proto $scheme;
		proxy_set_header X-Forwarded-For $remote_addr;
	}
}

On the second server you can use your usual Nginx configuration such as:

server {
	listen 80;
	server_name $host;
	root /var/www/$host;
	index index.php index.html;

	location ~ \.php$ {
		include fastcgi-php.conf;
		include fastcgi_params;
		fastcgi_pass unix:/run/php/php7.0-fpm.sock;
	}
	
	location / {
		try_files $uri $uri/ /index.php?$args;
	}	
	
}

Future Reading

If you are interested on how you can maximize the perfomance of your Nginx server you can study my highload oriented Nginx installer. Also this installer includes the availability of the ngx_http_realip_module from the start.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment