How to Set Up Nginx Reverse Proxy for Apache

Nginx and Apache are two of the most popular web servers in the world, each with its strengths. Apache is known for its flexibility and robust module system, while Nginx is favored for its high performance and low resource consumption, especially for serving static content. In many scenarios, it’s beneficial to combine the two by using Nginx as a reverse proxy in front of Apache. This setup allows Nginx to handle incoming requests and serve static files, while Apache handles the dynamic content, such as PHP scripts or database-driven applications.

In this article, we’ll walk you through the process of setting up Nginx as a reverse proxy for Apache, ensuring a seamless and efficient web server configuration.

What is a Reverse Proxy?

A reverse proxy is a server that sits in front of one or more backend servers and forwards client requests to the appropriate server. In this case, Nginx will act as a reverse proxy, forwarding requests to Apache, which will serve dynamic content.

Using Nginx as a reverse proxy offers several benefits:

• Improved Performance: Nginx excels at serving static files (e.g., images, CSS, JavaScript) quickly, reducing the load on Apache.
• Load Balancing: Nginx can distribute traffic between multiple backend servers, improving availability and reliability.
• SSL Termination: Nginx can handle SSL encryption, offloading the computational load from Apache.
• Security: Nginx can provide additional security features, such as request filtering and rate limiting.

Step 1: Install Nginx and Apache

Before configuring Nginx as a reverse proxy, ensure that both Nginx and Apache are installed on your server. You can install them using your package manager, depending on your Linux distribution.

For Debian/Ubuntu:

For CentOS/RHEL:

Once both Nginx and Apache are installed, start and enable both services to ensure they run on boot:

Step 2: Configure Apache

Apache will act as the backend server, processing dynamic requests such as PHP scripts. Ensure that Apache is set up to listen on a specific port, usually port

(instead of the default), so Nginx can listen on port.

Configure Apache to Listen on Port 8080:

1. Open the Apache configuration file:
   sudo nano /etc/apache2/ports.conf # For Debian/Ubuntu
sudo nano /etc/httpd/conf/httpd.conf # For CentOS/RHEL

2. Find the line that specifies the port Apache listens to (usually
   Listen 80
   ) and change it to:
   Listen 8080

3. Save the changes and exit the editor.
4. Restart Apache to apply the changes:
   sudo systemctl restart apache2 # For Debian/Ubuntu
sudo systemctl restart httpd # For CentOS/RHEL


Now, Apache is configured to listen on port

, which will allow Nginx to listen on port (the default HTTP port) and forward requests to Apache.

Step 3: Configure Nginx as a Reverse Proxy

Next, we need to configure Nginx to act as a reverse proxy, forwarding requests to Apache. We’ll create a virtual host in Nginx that listens on port

and forwards requests to Apache on port.

Create Nginx Virtual Host Configuration:

1. Open or create a new virtual host configuration file in Nginx:
   sudo nano /etc/nginx/sites-available/example.com # For Debian/Ubuntu
sudo nano /etc/nginx/conf.d/example.com.conf # For CentOS/RHEL

2. Add the following configuration to the file:
   server {
   listen 80;
   server_name example.com www.example.com; # Replace with your domain or server IP

   location / {
   proxy_pass http://127.0.0.1:8080; # Forward requests to Apache
   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_set_header X-Forwarded-Proto $scheme;
   }

   # Serve static content directly via Nginx for better performance
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires 365d;
root /var/www/html; # Path to your static files
}
}


In this configuration:

• listen 80
  : Nginx listens on port
  80
  for incoming requests.
• server_name
  : The domain or IP address that Nginx will serve.
• proxy_pass
  : Forwards requests to Apache, which is listening on port
  8080
  .
• proxy_set_header
  : Passes various headers to Apache, including the client’s original IP and protocol.
• The
  location
  block for static content ensures that Nginx serves files like images, CSS, and JavaScript directly, reducing the load on Apache.

3. Save and close the configuration file.
4. If you’re using Debian/Ubuntu, enable the site by creating a symlink to
   sites-enabled
   :
   sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/

5. Test the Nginx configuration for syntax errors:
   sudo nginx -t

6. Restart Nginx to apply the new configuration:
   sudo systemctl restart nginx


Step 4: Testing the Reverse Proxy Setup

Now that Nginx and Apache are configured, it’s time to test the reverse proxy setup to ensure everything works correctly.

1. Visit Your Domain or IP Address: Open your browser and navigate to
   http://example.com
   (replace with your actual domain or server IP). If everything is set up correctly, you should see the content being served by Apache, but routed through Nginx.
2. Check Nginx and Apache Logs: If there are any issues, check the logs for Nginx and Apache to troubleshoot:
   • Nginx logs:
     /var/log/nginx/access.log
     and
     /var/log/nginx/error.log
   • Apache logs:
     /var/log/apache2/access.log
     and
     /var/log/apache2/error.log
     (or
     /var/log/httpd/
     for CentOS/RHEL)

Step 5: (Optional) Configure SSL for HTTPS

If you want to secure your website with HTTPS, Nginx can handle SSL termination. This means Nginx will manage the SSL certificates and encryption, while Apache will only handle the decrypted HTTP traffic.

Steps to Enable SSL:

1. Obtain an SSL Certificate: You can use Let’s Encrypt to obtain a free SSL certificate for your domain:
   sudo apt install certbot python3-certbot-nginx # For Debian/Ubuntu
   sudo yum install certbot python3-certbot-nginx # For CentOS/RHEL

   sudo certbot --nginx -d example.com -d www.example.com


2. Modify the Nginx Configuration: Update your Nginx configuration file to listen on port
   443
   for HTTPS:
   nginx

   Copy code

   server {
   listen 443 ssl;
   server_name example.com www.example.com;

   ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

   location / {
   proxy_pass http://127.0.0.1:8080;
   proxy_set_header Host $host;
   proxy_set_header X-Real-IP $remote_addr;
   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
   proxy_set_header X-Forwarded-Proto $scheme;
   }

   location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires 365d;
root /var/www/html;
}
}


3. Redirect HTTP to HTTPS: Add a redirection block in your configuration to ensure all HTTP requests are redirected to HTTPS:
   server {
listen 80;
server_name example.com www.example.com;
return 301 https://$server_name$request_uri;
}

4. Restart Nginx: Restart Nginx to apply the changes:
   sudo systemctl restart nginx


Conclusion

Using Nginx as a reverse proxy for Apache is a powerful setup that combines the strengths of both web servers. Nginx handles static content and incoming requests efficiently, while Apache manages the dynamic content and backend processing. This hybrid approach can greatly enhance the performance, security, and scalability of your web server infrastructure.

By following the steps outlined in this guide, you can set up Nginx as a reverse proxy in front of Apache and benefit from the best of both worlds. Additionally, implementing SSL with Nginx ensures your website is secure, providing peace of mind for you and your users.