by Nginx (pronounced “Engine-X”) is an open source Web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage. In this example we are going to use Nginx as a Reverse Proxy.
What are the benefits of a reverse proxy like Nginx?
- Distribute the load to several servers
- Reduce load with caching, or by compressing the content
- It can hide the existence and characteristics of the origin server(s)
- Protection against common web-based attacks
- A/B testing
- Single public IP address to access to multiple web servers
How to install Nginx?
First edit the file /etc/apt/sources.list and add the following lines:
deb http://nginx.org/packages/debian/ squeeze nginx
deb-src http://nginx.org/packages/debian/ squeeze nginx
Now you can install it:
apt-get update
apt-get install nginx
Edit you nginx config file /etc/nginx/nginx.conf:
user www-data;
worker_processes 6;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
keepalive_timeout 10;
#Compression Settings
gzip on;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_proxied any;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
gzip_vary on;
include /etc/nginx/conf.d/*.conf;
}
A worker process is a single-threaded process.
If Nginx is doing CPU-intensive work such as SSL or gzipping and you have 2 or more CPUs/cores, then you may set worker_processes to be equal to the number of CPUs or cores.
If you are serving a lot of static files and the total size of the files is bigger than the available memory, then you may increase worker_processes to fully utilize disk bandwidth.
The worker_connections and worker_processes from the main section allows you to calculate max clients you can handle:
max clients = worker_processes * worker_connections
Then you must edit your /etc/nginx/conf.d/proxy.conf, in this file we define our server.
server {
listen 80;
access_log off;
error_log off;
location / {
proxy_pass http://127.0.0.1:8080;
proxy_redirect off;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_max_temp_file_size 0;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
}
# This block will catch static file requests, such as images, css, js
# The ?: prefix is a 'non-capturing' mark, meaning we do not require
# the pattern to be captured into $1 which should help improve performance
location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
# Some basic cache-control for static files to be sent to the browser
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
# this prevents hidden files (beginning with a period) from being served
location ~ /\. { access_log off; log_not_found off; deny all; }
}
As you can see Nginx will listen on port 80.
The directive proxy_pass sets the address of the proxied server and the URI to which location will be mapped. Here it’s our local Apache server and it must be listening on port 8080. Edit your /etc/apache2/ports.conf and other vhosts to listen on the right port.
NameVirtualHost *:8080
Listen 8080
Now check your configuration with:
service nginx configtest
service apache configtest
Finally restart Apache and start Nginx:
service apache2 restart
service nginx start