Series Article Directory
[Nginx 1]——Introduction to Nginx (forward proxy, reverse proxy, load balancing, dynamic and static separation)
[Nginx 2]——Nginx common command configuration file,
how Nginx processes requests
[Nginx three] - reverse proxy
foreword
This blog mainly introduces how Nginx implements reverse proxy, what is reverse proxy, and examples to implement reverse proxy.
1. What is a reverse proxy?
The proxy server receives the request on the network, then forwards the request to the server on the internal network, and returns the result obtained from the server to the client connected on the network.
Background: First, there is a user C, three servers S1, S2 and S3, but S1 is open to the external network, S2 and S3 are not open to the external network, and there is a resource D, which is placed on the servers S2 and S3.
User C does not know that resource D is on servers S2 and S3, he only knows that he can get resource D by visiting server S1, so he directly accesses server S1 every time, but the resources provided to user C are all from server S2 or S3.
For user C, the reverse proxy does not know where resource D is or who provides it.
For the server S1, it accepts the user's request every time, and then sends the request to the server S2 or S3 that provides the resource D according to the scheduling policy. For the servers S2 and S3, they also do not know the truth of accessing the resource D. Whoever the user is, just interacts with the server S1.
Two, Nginx implements reverse proxy
Schematic diagram of implementing a reverse proxy:
1. Tomcat environment preparation and access
Install tomcat on the Linux server and start it. The ip of the linux virtual machine is 192.168.60.123
to access the tomcat server through ip+port number 8080; the page successfully accessed:
2. Access tomcat through domain name
The mapping relationship between domain name and ip is performed in the hosts file under windows. C:\WINDOWS\system32\drivers\etc
The function of the host file configuration on Windows 10 is to establish an association "database" between some commonly used website domain names and their corresponding IP addresses. The main function of this file is to define the mapping relationship between IP addresses and host names, and it is a rule for mapping IP addresses and host names³. When we enter a URL in the browser, the browser will first search the local hosts file. If the corresponding IP address is found, it will directly access the server corresponding to the IP address, otherwise it will send a request to the DNS server to obtain the URL. corresponding IP address.
Example (as shown in the figure:)
The ip of the linux virtual machine is 192.168.60.123
This time, access through the domain name www.test.com + port number 8080.
Realize the screenshot of the effect:
3. Access through domain name without port number (realize reverse proxy)
Modify the configuration file of Nginx, edit the nginx.conf file, and modify the server module.
First, nginx will listen to requests on port 80, and then match requests with a service name of 192.168.60.123, and then match them according to the location matching rules. To pass the request to the HTTP proxy server, use the proxy_pass directive to read this blog to learn more about how Nginx handles requests
The code is as follows (example):
server {
listen 80;
server_name 192.168.60.123;
location / {
proxy_pass http://192.168.60.123:8080;
}
}
After configuration, access through the domain name www.test.com
Realize the screenshot of the effect:
Summarize
It is not difficult to see that the reverse proxy does not know the destination server for the client, and the client only knows that the requesting proxy server can obtain the required resources. The proxy server can be configured accordingly to intercept client requests to our backend servers, and by doing so, the proxy server can protect the identity of the destination server and serve as an additional defense against security attacks.