Reverse Proxy concept:
The client accesses the server initially, but after using a proxy server to proxy server, when the client accesses the server, it does not directly access the server, but first accesses the proxy server, which is then accessed by the proxy server SEREVR. But the client did not know that he was accessing a proxy server. This proxy server is the reverse proxy.
The difference between a reverse proxy and a forward proxy:
The reverse proxy proxy server is being delegated to the proxy client.
Use Nginx to do reverse proxy:
Nginx can implement the forwarding of URLs, complete the function of reverse proxy.
An example is provided:
We want to proxy the server Ip:port for 2.2.2.2:80
Nginx the ip:port of this machine is a proxy for 1.1.1.1:8011.
This means that the user would have access to the server to access the 2.2.2.2:80, but after our agent, the user access to 1.1.1.1:8011 can access the server.
Let's start with the implementation.
How to use--Create a user:
Useradd-s/bin/false-r-m-d/nonexistent www.
How to use--compile the installation:
./configure \
--user=www \
--group=www \
--prefix=/usr/local/nginx \
--sbin-path=/usr/local/nginx/ Bin/nginx \
--conf-path=/usr/local/nginx/conf/nginx.conf \
--pid-path=/var/run/nginx.pid \--
Lock-path=/var/lock/nginx.lock \
--error-log-path=/dev/null \
--http-log-path=/dev/null \--
with-threads \
--with-file-aio \
--with-http_secure_link_module \
--with-http_realip_module
\ --with-http_sub_module \
--with-http_gunzip_module \
--with-http_slice_module \
--with-http_ssl_ module \
--with-http_stub_status_module \
--without-http_uwsgi_module \
--without-http_scgi_module \
--without-http_autoindex_module \
How to: Authorize folders
Chown-r Www:www/usr/local/nginx
How to: Modify a configuration file
Modify/usr/local/nginx/nginx.conf as follows
user nobody;
worker_processes;
Thread_pool default threads=32 max_queue=65536;
Worker_rlimit_nofile 65535;
Events {use
epoll;
Worker_connections 65535;
} HTTP {
include mime.types;
Default_type Application/octet-stream;
Log_format main ' $remote _addr-$remote _user [$time _local] "$request" " $status $body _bytes_sent" $ "Http_referer" " $http _user_agent" "$http _x_forwarded_for" "$gzip _ratio";
Sendfile on ;
#tcp_nopush on ;
#keepalive_timeout 0;
Proxy_cache_path/tmp/proxycache levels=1:2 keys_zone=cache_one:10m inactive=24h max_size=5g;
gzip on ;
Include test/server.conf;
}
Create/usr/local/nginx/conf/test/upteam.conf and write the following
upstream test{
server 2.2.2.2:80;
Create/usr/local/nginx/conf/test/server.conf and write to the following content
server {
listen 1.1.1.1:8011;
server_name localhost;
Location/{
proxy_pass http://test;
Index index.html index.htm;
}
}
In this way, Nginx's reverse proxy was built. Start. The next article will explain how to control the state of Nginx.
Finish.