Configure reverse proxy for Nginx to access internal services, and configure reverse access for nginx

Configure reverse proxy for Nginx to access internal services, and configure reverse access for nginx

Nginx can provide a high-performance reverse proxy service to forward client requests to real servers hidden in the internal network, return the result data obtained from the server to the Client requesting the Internet. In the user's opinion, Nginx acts as a real server.

Many large websites now use reverse proxies. In addition to preventing Internet attacks and caching on Intranet servers to reduce server pressure and access security control, Server Load balancer can also distribute user requests to multiple servers. This article describes how to use Nginx to configure reverse proxy.

In actual development, many application services are deployed on the backend to provide specific port access. However, due to firewall blocking, users are generally unable to access applications on internal servers. For example, the Intranet access environment provided by nodejs and the internal services provided by swoole.

Preparation

In this article, we have prepared a CentOS Virtual Machine (IP: 192.168.11.34), installed Nginx (how to install Nginx ?), And configure two sites (how to configure the site ?) : Local IP: 8181 and local IP: 8282. The effect we want to achieve is: the user accesses the http://mytest.com domain name, equivalent to the access port number is 8181 site, the user accesses http://mytest.com/myaddress, equivalent to the login port number is 8282site.

Then modify the local host so that you can access the server through the domain name.

192.168.11.34 mytest.com

The hosts address in Windows is C: \ Windows \ System32 \ drivers \ etc.

Configure reverse proxy

Create the mytest.com. conf configuration file under/usr/local/nginx/conf/vhost/. The content is as follows:

server    {        listen 80;        server_name mytest.com;                location / {            proxy_pass   http://192.168.11.34:8181/;        }                location /my {            proxy_pass   http://192.168.11.34:8282/;        }                error_page   404   /404.html;    }

Save and reload Nginx Configuration:

/usr/local/nginx/sbin/nginx -s reload

Verify

Enable the firewall. Only port 80 is allowed for external access, and other ports are not allowed for external access. How can I set a firewall?

Open your browser and access: http://mytest.com/

Browser access: http://mytest.com/my

In this way, we have implemented the reverse proxy function of nginx. We can see that using a domain name to access port 80 can obtain the data returned from different ports of the internal backend server, without accessing the internal ports. In fact, these internal ports are not opened to the outside world, this gives users the feeling that they have accessed the server corresponding to the domain name.