In this blog, we will Setup Nginx as a Reverse Proxy for Apache Tomcat running on different servers
Requirement:
- Two Ubuntu Server
- Apache installed on one ubuntu server
- Nginx installed on one ubuntu server
Install Apache2
sudo apt-get install apache2
sudo service apache2 start
By default, it is running on port 80, open your browser http://yourip
You will see the default page of apache ubuntu server.
Now to check this url is running on which server
- Right click on your page -> Inspect -> Click on Network -> make sure All is selected as shown below
2. Reload the page -> you will see your ip -> click on your ip ->Click Headers
You will see that is running on apache server
Edit Apache default configuration
- sudo vi /ect/apache2/ports.conf and make your configuration like this or you can use the port as per your requirement.
- If you <VirtualHOst 127.0.0.1:8080> — this will not work if your instance is in private subnet or private IP
- 127.0.0.1 points to the loopback device
- 0.0.0.0 is listen on all interfaces (`lo0`, `eth0`, `eth1`, etc)
# If you just change the port or add more ports here, you will likely also # have to change the VirtualHost statement in # /etc/apache2/sites-enabled/000-default.conf
<VirtualHost 0.0.0.0:8080>
ServerAdmin [email protected] DocumentRoot /var/www/html
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
2. sudo vi /etc/apache2/sites-enabled/000-default.conf
Change the VirtualHost to run on port 8080. All other setting remains same
<VirtualHost 0.0.0.0:8080>
3. Restart Apache Server
NGINX Configuration
- sudo apt-get install nginx
- sudo service nginx start
- Open your browser and you will see the default NGinx home page
- NGinx also runs on default port 80
Configure it to use as a proxy for apache server
- cd /etc/nginx/conf.d
- sudo vi proxy.conf
- Configure DNS for your EC2 instance where nginx server is running and put that domain name in tag “server_name”
upstream testname {
server ipofapacheserver:8080 fail_timeout=0;
}
server {
listen 80;
server_name domainname_of_nginxserver;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://testname;
proxy_read_timeout 90;
proxy_http_version 1.1;
proxy_request_buffering off;
}
}
Configure proxy.conf file if HTTPS is enabled
upstream testname {
server ipofapacheserver:8080 fail_timeout=0;
}
server {
#listen 80;
server_name domainname_of_nginxserver;
location / {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://testname;
proxy_read_timeout 90;
proxy_http_version 1.1;
proxy_request_buffering off;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/devopstest1.kpd-i.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/devopstest1.kpd-i.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.devopstest1.kpd-i.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = devopstest1.kpd-i.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name devopstest1.kpd-i.com www.devopstest1.kpd-i.com;
return 404; # managed by Certbot
}
3. sudo nginx -t
ubuntu@ip-11–0–11–165:/etc/nginx/conf.d$ sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
4. Restart or reload nginx
5. Now browse url — http://yourip — this will redirect to apache home page and do the above steps to check which server it is running on , you will see the nginx server
Below is my security group setting for this EC2 instance — Make sure port 80 is open
