Ubuntu 24.04 Nginx Reverse Proxy Tutorial – Comprehensive Guide

By Posted on

Ubuntu 24.04 Nginx Reverse Proxy Tutorial – Comprehensive Guide

This guide intends to provide an Ubuntu 24.04 Nginx Reverse Proxy Tutorial. Nginx is a powerful and lightweight web server, commonly used as a reverse proxy. A reverse proxy is a server that forwards client requests to one or more backend servers. Using Nginx as a reverse proxy can improve your web application’s performance, security, and scalability. This Ubuntu 24.04 Nginx Reverse Proxy Tutorial will walk you through the necessary steps.

You can now proceed to the following steps provided by the Orcacore team to complete this Ubuntu 24.04 Nginx Reverse Proxy Tutorial.

Steps To Configure Ubuntu 24.04 Nginx Reverse Proxy Tutorial

Before you start your Ubuntu 24.04 Nginx Reverse Proxy Tutorial, you need some requirements.

First, you must access your server as a non-root user with sudo privileges and set up a basic firewall. Then, you must have a domain name that is pointed to your server’s IP address.

Now you can start the Ubuntu 24.04 Nginx Reverse Proxy Tutorial.

Step 1 – Installing Nginx Web Server

First, you must run the system update and install Nginx on your server with the following commands:

# sudo apt update
# sudo apt install nginx -y

Then, you need to allow HTTP traffic through your UFW firewall. To do this, you can run the command below:

sudo ufw allow 'Nginx HTTP'

Tips: If you don’t have UFW installed and enabled, you can check this guide on Basic UFW Firewall Configuration on Ubuntu 24.04.

Verify your Nginx web server is active and running with the command below:

sudo systemctl status nginx

In your output, you will see:

Ubuntu 24.04 Nginx Reverse Proxy Tutorial - Nginx status

Note: If your Nginx is not started, you can run the commands below:

# sudo systemctl start nginx
# sudo systemctl enable nginx

At this point, you can start Configuring Ubuntu 24.04 Nginx Reverse Proxy Tutorial.

Step 2 – Nginx Config As a Reverse Proxy on Localhost

At this step, you can configure Nginx to forward requests to a backend service. For example, we assumed that the backend server is running on localhost at port 8080. To do this, follow the steps below:

First, you need to open the default Nginx configuration file. You can use the Vi Editor or Nano Editor:

sudo vi /etc/nginx/sites-available/default

Then, you need to add the following configuration to your file:

server {
    listen 80;

    server_name your_domain.com; # Replace with your domain name or server IP

    location / {
        proxy_pass http://localhost:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Once you are done, save and close the file.

Note: This configuration tells Nginx to forward all requests from port 80 (HTTP) to the backend server running on localhost:8080.

Now check for any syntax error:

sudo nginx -t

If everything is OK, restart Nginx to apply the changes:

sudo systemctl restart nginx

Step 3 – Configure Nginx Server Blocks

At this step of the Ubuntu 24.04 Nginx Reverse Proxy Tutorial, if you plan to host multiple websites or applications on the same Nginx server, you can use server blocks (virtual hosts). To do this, you can follow the steps below:

First, you need to create a new configuration file for your domain. To do this, you can run the command below:

sudo vi /etc/nginx/sites-available/your_domain.com

Then, add the following configuration to your file:

server {
    listen 80;
    server_name your_domain.com;

    location / {
        proxy_pass http://localhost:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
    }
}

Once you are done, save and close the file.

Next, use the following command to enable your config file:

sudo ln -s /etc/nginx/sites-available/your_domain.com /etc/nginx/sites-enabled/

Then, check for your syntax error and restart your Nginx web server:

# sudo nginx -t
# sudo systemctl restart nginx

Step 4 – Testing the Nginx Reverse Proxy

At this point, Nginx should be functioning as a reverse proxy. If you had an application as the backend you can verify it by using the following method:

  • Open your web browser and visit your domain name.

If everything is working correctly, you should see the backend application.

For more information, you can visit the Nginx Official Docs page.

Conclusion

At this point, you have learned to easily complete the Ubuntu 24.04 Nginx Reverse Proxy Tutorial. With Nginx, you can manage traffic to your backend services and improve application performance.

Hope you enjoy it. Also, you may like to read the following articles:

Nginx Proxy Manager on Ubuntu 22.04

Check Nginx Version Installed on Linux Terminal

Create Nginx Password Authentication on Ubuntu 22.04

Install and Secure RabbitMQ on Ubuntu 24.04

FAQs

### Why should We use Nginx as a reverse proxy on Ubuntu 24.04?

Using Nginx as a reverse proxy provides many benefits, including:
– Load balancing across multiple backend servers.
– Improved security by hiding the identity of backend servers.
– Caching to speed up responses for static or frequently requested content.

### Can We use Nginx to reverse proxy multiple applications on Ubuntu 24.04?

Yes, you can reverse proxy multiple applications using Nginx by setting up server blocks (also known as virtual hosts). The guide steps are mentioned in the Ubuntu 24.04 Nginx Reverse Proxy Tutorial.

### What is proxy_pass in Nginx?

The proxy_pass directive is used to forward requests from Nginx to a backend server. For example, if Nginx is set to listen on port 80 and the proxy_pass directive points to http://localhost:8080. Nginx will forward all incoming requests to the service running on port 8080.

Alternative Solutions for Reverse Proxying on Ubuntu 24.04

While Nginx is a popular and robust choice for reverse proxying, other solutions offer alternative approaches with their own strengths and weaknesses. Here are two different ways to achieve the same goal of reverse proxying on Ubuntu 24.04:

1. Using Apache as a Reverse Proxy

Apache, another widely used web server, can also be configured as a reverse proxy. While Nginx is generally considered more performant for static content and reverse proxying, Apache offers a more modular architecture and a wider range of available modules. This can be beneficial if you need very specific functionalities or integrations not readily available in Nginx.

Explanation:

To use Apache as a reverse proxy, you need to enable the necessary modules (proxy, proxy_http, and potentially proxy_https for secure backends). Then, you configure a virtual host to forward requests to your backend server. The configuration is similar to Nginx, but uses different directives.

Code Example:

First, enable the required Apache modules:

sudo a2enmod proxy proxy_http
sudo systemctl restart apache2

Next, create or modify an Apache virtual host configuration file (e.g., /etc/apache2/sites-available/your_domain.com.conf):

<VirtualHost *:80>
    ServerName your_domain.com

    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>

    ProxyPass / http://localhost:8080/
    ProxyPassReverse / http://localhost:8080/

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

Explanation of the directives:

  • <VirtualHost *:80>: Defines a virtual host listening on port 80.
  • ServerName your_domain.com: Specifies the domain name for this virtual host.
  • <Proxy *>: Encloses proxy directives. The Order and Allow directives grant access to the proxy.
  • ProxyPass / http://localhost:8080/: Forwards all requests to the root path (/) to the backend server running on http://localhost:8080/.
  • ProxyPassReverse / http://localhost:8080/: Modifies the HTTP response headers to ensure that redirects from the backend server work correctly through the proxy. This is crucial for proper functionality.
  • ErrorLog and CustomLog: Define the locations for Apache’s error and access logs.

After creating or modifying the configuration, enable the site and restart Apache:

sudo a2ensite your_domain.com.conf
sudo systemctl restart apache2

2. Using Traefik as a Reverse Proxy (Containerized Environment)

Traefik is a modern, cloud-native reverse proxy and load balancer designed to be easily integrated with container orchestration systems like Docker and Kubernetes. If your applications are containerized, Traefik can significantly simplify reverse proxy configuration and management.

Explanation:

Traefik automatically discovers and configures itself based on the labels assigned to your containers. You define rules for routing traffic to your services directly within the container definitions, eliminating the need for separate configuration files. This is particularly advantageous in dynamic environments where services are frequently deployed and scaled.

Code Example:

This example assumes you’re using Docker and Docker Compose. First, define your backend service in a docker-compose.yml file:

version: "3.9"
services:
  my-app:
    image: your-app-image:latest
    ports:
      - "8080:8080"
    labels:
      - "traefik.enable=true"
      - "traefik.http.routers.my-app.rule=Host(`your_domain.com`)"
      - "traefik.http.routers.my-app.entrypoints=web"
      - "traefik.http.services.my-app.loadbalancer.server.port=8080"

  traefik:
    image: "traefik:v2.10"
    ports:
      - "80:80"
      - "443:443" #optional, for https
      - "8080:8080" # Traefik dashboard
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
    command:
      - "--api.insecure=true" # Access to dashboard
      - "--providers.docker=true"
      - "--entrypoints.web.address=:80" # HTTP entrypoint
      - "--entrypoints.websecure.address=:443" # HTTPS entrypoint (optional)
    labels:
      - "traefik.enable=true"

Explanation:

  • my-app service:

    • image: Specifies the Docker image for your application.
    • ports: Maps port 8080 on the container to port 8080 on the host (if needed for direct access).
    • labels: These are the crucial labels that tell Traefik how to route traffic to this service:
      • traefik.enable=true: Enables Traefik for this service.
      • traefik.http.routers.my-app.rule=Host(your_domain.com`): Defines the routing rule: traffic toyour_domain.com` will be routed to this service.
      • traefik.http.routers.my-app.entrypoints=web: Specifies that this router uses the web entrypoint (defined in the Traefik service, listening on port 80).
      • traefik.http.services.my-app.loadbalancer.server.port=8080: Tells Traefik that the backend service is listening on port 8080 inside the container.

  • traefik service:

    • image: Uses the official Traefik Docker image.
    • ports: Maps ports 80 and 443 (optional, for HTTPS) to the host. Port 8080 is exposed for accessing the Traefik dashboard (for monitoring and debugging).
    • volumes: Mounts the Docker socket, allowing Traefik to monitor container events.
    • command: Configures Traefik:
      • --api.insecure=true: Enables the Traefik dashboard (for demonstration purposes; in production, use secure authentication).
      • --providers.docker=true: Enables the Docker provider, allowing Traefik to discover services based on labels.
      • --entrypoints.web.address=:80: Defines an entrypoint named web that listens on port 80.
      • --entrypoints.websecure.address=:443: Defines an entrypoint named websecure that listens on port 443 (for HTTPS).

To deploy this setup, run:

docker-compose up -d

Traefik will automatically detect the my-app service and configure itself to route traffic from your_domain.com to the application running in the container. No separate configuration file editing is required. For HTTPS, you’ll need to configure a certificate resolver in Traefik (using Let’s Encrypt is a common approach).

Related posts: