How To Install Nginx And Use It As A Reverse Proxy On CentOS

How To Install and Use Nginx As Reverse Proxy Server

Nginx is one of the most popular web servers out there. Nginx can also double as a reverse proxy server. It can be used to mitigate ddos attacks, be a proxy solution for your services and countless other possibilities.

First, we are going to install Apache.

1. yum install httpd httpd-devel -y

Now we are going to edit the listen directive for our httpd

1. nano -w /etc/httpd/conf/httpd.conf

Now we must find "Listen 80" and edit it to: "Listen 81"

After, we must scroll to the bottom of our configuration file and paste:

NameVirtualHost 127.0.0.1:81

# Define Server document root
DocumentRoot /var/www/html/

# Define the virtual host
<VirtualHost 127.0.0.1:81>
ServerName www.yourwebsite.com
ServerAlias yourwebsite.com
DocumentRoot /var/www/yourwebsite.com
<Directory "/var/www/yourwebsite.com">
Options FollowSymLinks -Includes
AllowOverride All
Order allow,deny
Allow from all
</Directory>
RewriteEngine on
</VirtualHost>

Edit what accords to your set up. Replace the "yourwebsite.com" with your real domain name and "/var/www/yourwebsite.com" with your correct root directory.

After that has been altered and saved, we must restart httpd to make sure the changes are applied

1. service httpd restart

Now we must install Nginx to complete our tutorial

1. mkdir /root/temp

2. cd /root/temp

3. wget http://nginx.org/packages/centos/6/noarch/RPMS/nginx-release-centos-6-0.el6.ngx.noarch.rpm

4. rpm -i nginx-release-centos-6-0.el6.ngx.noarch.rpm

5. yum install nginx -y

With Nginx successfully installed, we must now edit the configuration file it uses

1. nano -w /etc/nginx/nginx.conf

Now we must paste the following text inside it

1. user nobody;
worker_processes 4;
error_log logs/error.log crit;

worker_rlimit_nofile 8192;

events {
worker_connections 1024; # you might need to increase this setting for busy servers
use epoll; # Linux kernels 2.6.x change to epoll
}

http {
server_names_hash_max_size 2048;
server_names_hash_bucket_size 512;

server_tokens off;

include mime.types;
default_type application/octet-stream;

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 10;

# Gzip on
gzip on;
gzip_min_length 1100;
gzip_buffers 4 32k;
gzip_types text/plain application/x-javascript text/xml text/css;

# Other configurations
ignore_invalid_headers on;
client_max_body_size 8m;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 4k;
large_client_header_buffers 4 32k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;

# Cache most accessed static files
open_file_cache max=10000 inactive=10m;
open_file_cache_valid 2m;
open_file_cache_min_uses 1;
open_file_cache_errors on;

# virtual hosts includes
include "/etc/nginx/conf.d/*.conf";

}

Now save and exit.

Next, we are going to create a new file. Edit the directory to what suits you.

1. nano -w /etc/nginx/conf.d/yourwebsite.com.conf

Now paste the following inside and correct it as you see fit.

1. server {
listen 80;
server_name yourwebsite.com yourwebsite.com;
access_log off;
error_log logs/yourwebsite.com-error_log crit;

location ~* .(gif|jpg|jpeg|png|ico|wmv|3gp|avi|mpg|mpeg|mp4|flv|mp3|mid|js|css|html|htm|wml)$ {
root /var/www/yourwebsite.com;
expires 365d;
}

location / {
client_max_body_size 10m;
client_body_buffer_size 128k;

proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_connect_timeout 30s;

proxy_redirect http://www.yourwebsite.com:81 http://www.yourwebsite.com;
proxy_redirect http://yourwebsite.com:81 http://yourwebsite.com;

proxy_pass http://127.0.0.1:81/;

proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}

Replace the yourwebsite.com with your domain and the /var/www/yourwebsite.com with the correct root directory.

If you wish to be able to continue to gather IP addresses that are not from localhost, you must install mod_rpaf.

1. mkdir /root/temp

2. cd /root/temp

3. wget https://github.com/y-ken/mod_rpaf/archive/master.zip

4. unzip master.zip

5. cd mod_rpaf-master/

6. apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c

Now that it is installed, we must create a configuration for it to run correctly

1. nano -w /etc/httpd/conf.d/rpaf.conf

Fill that file with the following text and edit for your server IP.

1. LoadModule rpaf_module modules/mod_rpaf-2.0.so

RPAFenable On
RPAFsethostname On
RPAFproxy_ips 127.0.0.1 YOUR.SERVER.IP


We must restart httpd in order for the changes to take effect.

1. service httpd restart

Now we must know if our proxy is working, to check it do:

1. curl -I http://www.yoursite.com/

Your response should be similar to:

HTTP/1.1 200 OK
Server: nginx

 

  • 1 Users Found This Useful
Was this answer helpful?

Related Articles

How To Install a LAMP Stack On CentOS 6

How To Install a LAMP Stack on CentOS 6 LAMP stands for Linux Apache MySQL and PHP. It is the...

How To Install OpenSSL On CentOS

How To Install OpenSSL on a CentOS Server First, we want to install OpenSSL 1. yum install...

How To Install OpenVPN on CentOS 6.x

How To Install OpenVPN On CentOS 6.x 32/64 bit OpenVPN is the most commonly used and updated VPN...

How To Prevent Bruteforce And DoS Attacks On CentOS

How To Prevent Bruteforce And DoS Attacks On CentOSThis is part one of the three part tutorial on...

How To Setup A Basic IPTables Firewall On CentOS - Section 2

How To Setup A Basic IPTables Firewall On CentOSThis is part two of the three part tutorial on...