1. What are forward and reverse proxy?
The proxy we often say refers to the forward proxy, the process of forward proxy, which hides the real requesting client, the server does not know who the real client is, and the services requested by the client are replaced by the proxy server.
The purpose of forward proxy:
* 可以到达远方,不可描述
* 可以做缓存,加速访问资源
* 对客户端访问授权,上网进行认证
* 代理可以记录用户访问记录(上网行为管理),对外隐藏用户信息
The reverse proxy hides the real server. When we request a website, there may be thousands of servers serving us behind it, but we don’t know which one it is, and we don’t need to know it. We just need to It is good to know who the reverse proxy server is, and the reverse proxy server will help us forward the request to the real server.
Purpose of reverse proxy:
* 保证内网的安全,阻止web攻击,大型网站,通常将反向代理作为公网访问地址,Web服务器是内网
* 负载均衡,通过反向代理服务器来优化网站的负载
Summarize
The forward proxy is the client proxy, the proxy client, and the server does not know the client that actually initiated the request.
A reverse proxy is a server-side proxy, a proxy server, and the client does not know the server that actually provides the service.
2. Two proxy nginx configuration methods
forward proxy
#代理服务器设置
server {
# 端口
listen 8080;
# 地址
server_name localhost;
# DNS解析地址
resolver 8.8.8.8;
# 代理参数
location / {
# $http_host就是我们要访问的主机名
# $request_uri就是我们后面所加的参数
proxy_pass http://$http_host$request_uri;
}
}
reverse proxy to a set of services
upstream backend{
server 172.16.0.10:8080;
server 172.16.0.20:8080;
server 172.16.0.30:8080;
}
server {
resolver 8.8.8.8;
resolver 114.114.114.114;
listen 8080;
access_log /home/lin/proxy.access.log;
error_log /home/lin/proxy.error.log;
location / {
proxy_pass http://backend;
proxy_set_header Host $http_host;
proxy_ssl_session_reuse off;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;#记录客户端地址,多级代理服务期地址
proxy_hide_header X-Forwarded-For;#不记录客户端地址
}
}