A glance into the reverse proxy setup with nginx

Post Written by
Ivan Dabić
Last modified on July 1st, 2020 at 11:07 am

Reverse proxy

Hey all! I wanted to give a short (really short) intro to reverse proxy and how common use case is configured with nginx as a reverse proxy. Tried to keep it short as much as possible.

Difference between proxy and reverse proxy

Proxy is used to route requests to a well-known endpoint even though you as a browser don’t have to know anything about the proxy server itself. It can be set on the network level, browser level, or ISP level and as such, you don’t necessarily have to know anything about this server. With reverse proxy things are slightly different. You as a browser have knowledge only of proxy server that will go and fetch the content you requested from an unknown backend server and then deliver the requested asset back to you.

To summarize, you don’t have to know anything about the proxy server but, you do need to know everything about the reverse proxy server.

  1. Local connection with firewall on the premise
  2. Routing through internet to proxy server that is configured on your network (globally or locally)
  3. Connection with proxy server
  4. Proxy server routes your request to end target server and it's response takes same steps

NOTE: Route itself doesn't have to go same WAY but it takes, more or less, same steps from server back to end user!

  1. Local connection with firewall on the premise
  2. Routing through internet to proxy server that is configured on your network (globally or locally)
  3. Connection with proxy server
  4. Proxy server passes the request to end server by opening a SEPARATE connection to it and asks for content from it in the name of end user.

NOTE: Route itself doesn't have to go same WAY but it takes, more or less, same steps from server back to end user!

Nginx as a reverse proxy

As well known by being traffic server we use it as a reverse proxy to create pull service where we go to origin server and then cache content on our servers. This process takes few steps outlined below: 1. Create caching space on disk

~$ mkdir /var/cache/test

2. Define caching space in nginx.conf

proxy_cache_path /var/cache/test keys_zone=my_zone:10m inactive=10h;
  • Proxy_cache_path defines path where the cache for this vhost is
  • Keys_zone defines a caching zone name for this vhost
  • Inactive defines the inactivity time after which nginx will expire the content that wasn’t requested during this time at all

3. Load caching space in vhost or nginx server block (if no vhost is used - all configs are in nginx.conf)

proxy_cache my_zone;
  • Define status codes to be cached and for what period of time
proxy_cache_valid 200 1d;
  • Add response header to show whether request was served from cache or through it (from origin)
add_header Cached $upstream_cache_status;
  • Define number of unique requests before nginx tries to cache the requested asset
proxy_cache_min_uses 2;

Example of nginx.conf

#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid       logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include      mime.types;
default_type application/octet-stream;
proxy_cache_path /var/cache/test keys_zone=blah:10m inactive=10;
sendfile       on;
keepalive_timeout 65;
#gzip on;
server {
listen      80;
server_name localhost;
#access_log logs/host.access.log main;
location / {
proxy_cache blah;
proxy_pass http://ocsource.xyz;
add_header Cached $upstream_cache_status;
proxy_cache_min_uses 2;
proxy_cache_valid 200 1d;
}
location ~ ^\/one(\/.*)$ {
proxy_cache blah;
proxy_pass https://ivandabic.com;
add_header Cached $upstream_cache_status;
proxy_cache_min_uses 2;
proxy_cache_valid 200 1d;
add_header Debug "true";
if ( $args ~ (debug=true)$ ){
rewrite ^ /fix/one$1 last;
}
}
location ~ \/fix(.*) {
proxy_cache blah;
proxy_set_header Host www.maxcdn.com;
proxy_pass https://108.161.187.249$1;
add_header Cached $upstream_cache_status;
proxy_cache_min_uses 2;
proxy_cache_valid 200 1d;
}
proxy_cache_key $http_host$uri$args$is_args;
}
}

proxy_cache_key

Is a directive that will define parameters based on which nginx will cache items in it’s cache. To bring this closer to you, let’s say that if following is a one of possible combinations of a cache key:

proxy_cache_key $http_host$uri$args$is_args;

It means that nginx will identify unique cache entries by:

  1. Host header in request
  2. Requested uri (without query string)
  3. Query string

And now imagine that caching space is a room where you put your personal things into. Now the cache key, imagine it to be the actual key where each of the above parameters is one of the key’s teeth. For everything you want to place into the room, you are using this key, with only one pattern defined by the above parameters as teeth of the key, to unlock the room and put the stuff into it. If you want to change the parameter based on which you are caching it means you need a new key with a different set of teeth (as parameters). This leads to a new room because the new key can’t open the old room anymore and you need a new, empty, room so you can use your new key. This is how cache works, cache key defines parameters based on which Nginx will cache your files and if you change the cache key, it will automatically change the “room” thus, it’ll show any of new requests for this host (even if they were cached before) as cache MISS because we are now caching in the different “room”. Feel free to let me know if you should need any kind of consultation on this topic, I'd be glad to help!

Contact Us

Fill out the enquiry form and we'll get back to you as soon as possible.