Saturday, October 1, 2016

How to install Nginx as Reverse Proxy in front of Apache on Ubuntu 15.10

1.0 Introduction

Nginx or “engine-x” is a high-performance web server with low memory usage, created by Igor Sysoev in 2002. Nginx is not just a web server, it can be used as a reverse proxy for many protocols like HTTP, HTTPS, POP3, SMTP, and IMAP and as a load balancer and HTTP cache as well.
In this tutorial, I will install and configure Nginx as a caching reverse proxy for an Apache web server on Ubuntu 15.10, Nginx is used as the front end and Apache as the back end. Nginx will run on port 80 to respond to requests from a user/browser, the request will then be forwarded to the apache server that is running on port 8080.

2.0 Install Apache and PHP

Log in to your ubuntu server as a root user.
Before install the package you have to update the apt cache using “apt-get”
#apt-get update
Then install apache with the apt-get command.
# apt-get install apache2
Once apache is installed, we must install PHP.
# apt-get install php5 php5-mysql libapache2-mod-php5

3.0 Configure Apache and PHP

By default, apache listens on port 80. We have to configure apache to run on port 8080 for our proxy setup as port 80 will be used by nginx later. We have to edit the apache configuration file “/etc/apache2/ports.conf”. And then proceed with the virtual host configuration in the “/etc/apache2/sites-available/” directory.
First change the port for apache to 8080 by editing the file “ports.conf” with the vim editor.
#vim /etc/apache2/ports.conf
On line 5, change port 80 to 8080 as follows.
Listen 8080
Now go to the virtualhost directory and edit the file “000-default.conf”.
   #cd sites-available/
   #vim 000-default.conf
Make sure your configuration is same as below
  


    ServerName www.reverse.com
    ServerAlias reverse.com

    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/html

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined


Test the configuration and restart apache
  #apachectl configtest
  #systemctl restart apache2
Create a new file with the name “info.php” in the directory “/var/www/html/” with the following content
  #cd /var/www/html/
  #echo "" > info.php
Visit your site in browser
    http://ip:8080
    http://ip:8080/info.php

4.0 Install Nginx

Install Nginx with the following apt-get command
#apt-get install nginx

5.0 Configure Nginx

Once Nginx is installed, configure Nginx to act as reverse proxy for the apache web server that running on port 8080.
Go to the nginx configuration directory and edit the file “nginx.conf”.
  #cd /etc/nginx/
  #vim nginx.conf
Enable Gzip compression for Nginx by uncomment the gzip lines.
        # Gzip Settings
        ##
       gzip on;
        gzip_disable "msie6";
        gzip_vary on;
        gzip_proxied any;
        gzip_comp_level 6;
        gzip_buffers 16 8k;
        gzip_http_version 1.1;
        gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

The most important is :
  • gzip on : to turn gzip compression.
  • gzip_types : is list of MIME-types which you want to turn the compression.
  • gzip_proxied any : is enable compression for proxied request.
Right under gzip settings, add these proxy cache settings:
 # Proxy Cache Settings
 proxy_cache_path /var/cache levels=1:2 keys_zone=reverse_cache:60m inactive=90m max_size=1000m;
Now we will configure a virtualhost in the directory “/etc/nginx/sites-available”
New virtualhost configuration file named “reverse.conf”.
   #cd /etc/nginx/sites-available
   #vim reverse.conf
Paste the configuration below:
   server {
    listen 80;

    # Site Directory same in the apache virtualhost configuration
    root /var/www/html; 
    index index.php index.html index.htm;

    # Domain
    server_name www.reverse.com reverse.com;

    location / {
        try_files $uri $uri/ /index.php;
    }


    # Reverse Proxy and Proxy Cache Configuration
    location ~ \.php$ {
 
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $host;
        proxy_pass http://127.0.0.1:8080;

        # Cache configuration
        proxy_cache reverse_cache;
        proxy_cache_valid 3s;
        proxy_no_cache $cookie_PHPSESSID;
        proxy_cache_bypass $cookie_PHPSESSID;
        proxy_cache_key "$scheme$host$request_uri";
        add_header X-Cache $upstream_cache_status;
    }

    # Enable Cache the file 30 days
    location ~* .(jpg|png|gif|jpeg|css|mp3|wav|swf|mov|doc|pdf|xls|ppt|docx|pptx|xlsx)$ {
        proxy_cache_valid 200 120m;
        expires 30d;
        proxy_cache reverse_cache;
        access_log off;
    }

    # Disable Cache for the file type html, json
    location ~* .(?:manifest|appcache|html?|xml|json)$ {
        expires -1;
    }

    location ~ /\.ht {
        deny all;
    }
}


Take backup the “default” configuration file from “/etc/nginx/sites-available” directory.
  #mv default default.bak
Then activate the new virtualhost configuration.
#ln -s /etc/nginx/sites-available/reverse.conf /etc/nginx/sites-enabled/
Test the nginx configuration and restart nginx.
  #nginx -t
  #systemctl restart nginx

6.0 Configure Logging

In this step, I will configure apache to log the real ip of the visitor instead of the local IP. Install the apache module “libapache2-mod-rpaf” and edit the module configuration file.
   #apt-get install libapache2-mod-rpaf
   #cd /etc/apache2/mods-available/
   #vim rpaf.conf
Add the server IP to the line 10.
  RPAFproxy_ips 127.0.0.1 192.168.1.108 ::1

Restart apache
   #systemctl restart apache2
Test rpaf by viewing the apache access log with the tail command

#tail -f /var/log/apache2/access.log

No comments:

Post a Comment