Nginx as a Reverse Proxy: Configuration and Best Practices
Nginx is one of the most widely used reverse proxies in the world. It sits in front of backend services, forwards client requests, and adds performance, security, and reliability to web applications.
What does Nginx do as a reverse proxy?
As a reverse proxy, Nginx receives incoming requests and forwards them to one or more backend servers. It can also modify requests, cache responses, terminate SSL, and balance traffic.
Basic reverse proxy configuration
The simplest Nginx reverse proxy uses the proxy_pass directive.
server {
listen 80;
server_name example.com;
location / {
proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
This configuration forwards all incoming traffic to an application
running on port 3000.
SSL termination with Nginx
Nginx commonly handles HTTPS encryption, allowing backend services to run over plain HTTP.
server {
listen 443 ssl;
server_name example.com;
ssl_certificate /etc/ssl/cert.pem;
ssl_certificate_key /etc/ssl/key.pem;
location / {
proxy_pass http://localhost:3000;
}
}Centralizing TLS configuration simplifies certificate management and improves performance.
Load balancing with Nginx
Nginx can distribute traffic across multiple backend servers
using the upstream directive.
upstream backend {
server app1:3000;
server app2:3000;
server app3:3000;
}
server {
listen 80;
location / {
proxy_pass http://backend;
}
}This improves availability and allows horizontal scaling.
Common reverse proxy patterns
- SSL termination
- Load balancing
- Caching and compression
- Rate limiting and security headers
Best practices
- Always forward correct headers (
X-Forwarded-For) - Use timeouts to avoid hanging connections
- Enable gzip or Brotli compression
- Monitor logs and error rates
- Reload configuration safely with
nginx -s reload
When Nginx is the right choice
Nginx is ideal for traditional servers, high-traffic applications, and teams that prefer explicit, predictable infrastructure.
