Network Security Internet Technology Development Database Servers Mobile Phone Android Software Apple Software Computer Software News IT Information

In addition to Weibo, there is also WeChat

Please pay attention

WeChat public account

Shulou

How to use the nginx proxy module

2025-04-09 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Internet Technology >

Share

Shulou(Shulou.com)05/31 Report--

This article mainly introduces the relevant knowledge of how to use the nginx proxy module, the content is detailed and easy to understand, the operation is simple and fast, and it has a certain reference value. I believe you will gain something after reading this article on how to use the nginx proxy module. Let's take a look at it.

Nginx proxy module

Note: there are many instructions of the agent module. I only talk about the important proxy_pass here. For more information about the agent instructions, please refer to the official Chinese documentation.

This module can forward requests to other servers. Http/1.0 cannot use keepalive (the back-end server will create and delete connections for each request). Nginx sends http/1.1 for the browser and http/1.0 for the back-end server so that the browser can process the keepalive for the browser.

Such as the following example:

Location / {proxy_pass http://localhost:8000; proxy_set_header x-real-ip $remote_addr;}

Note that when using the http proxy module (or even fastcgi), all connection requests are cached by nginx before they are sent to the back-end server, so its progress may not display correctly when measuring data transferred from the back-end.

Lab Topology:

7. Configure http reverse proxy

[root@nginx ~] # cd / etc/nginx/ [root@nginx nginx] # cp nginx.conf nginx.conf.bak # back up an original configuration file [root@nginx nginx] # vim nginx.conflocation / {proxy_pass http://192.168.18.201;}

Instruction description: proxy_pass

Syntax: proxy_pass url

Default value: no

Use field: location, if field in location

This directive sets the address of the proxy server and the mapped uri, which can be in the form of hostname or ip plus port number, for example: proxy_pass http://localhost:8000/uri/;

8. Reload the configuration file

[root@nginx ~] # service nginx reloadnginx: the configuration file / etc/nginx/nginx.conf syntax is oknginx: configuration file / etc/nginx/nginx.conf test is successful reload nginx: [OK]

9. Test it

Note, you can see that when we visited 192.168.18.208, we were redirected to web1 by the agent.

10. Check the web server log

[root@web1 ~] # tail / var/log/httpd/access_log192.168.18.208-- [04/sep/2013:00:14:20 + 0800] "get / favicon.ico http/1.0" 404289 "-" mozilla/5.0 (windows nt 6.1) Wow64) applewebkit/537.36 (khtml, like gecko) chrome/28.0.1500.95 safari/537.36 "192.168.18.208-- [04/sep/2013:00:14:20 + 0800]" get / http/1.0 "20023"-"mozilla/5.0 (windows nt Wow64) applewebkit/537.36 (khtml, like gecko) chrome/28.0.1500.95 safari/537.36 "192.168.18.208-- [04/sep/2013:00:14:20 + 0800]" get / favicon.ico http/1.0 "404289"-"mozilla/5.0 (windows nt 6.1) Wow64) applewebkit/537.36 (khtml, like gecko) chrome/28.0.1500.95 safari/537.36 "192.168.18.138-- [04/sep/2013:00:14:45 + 0800]" get / http/1.1 "20023"-"mozilla/5.0 (windows nt Wow64) applewebkit/537.36 (khtml, like gecko) chrome/28.0.1500.95 safari/537.36 "192.168.18.138-- [04/sep/2013:00:14:48 + 0800]" get / favicon.ico http/1.1 "404289"-"mozilla/5.0 (windows nt 6.1) Wow64) applewebkit/537.36 (khtml, like gecko) chrome/28.0.1500.95 safari/537.36 "192.168.18.208-- [04/sep/2013:00:14:55 + 0800]" get / favicon.ico http/1.0 "404289"-"mozilla/5.0 (windows nt 6.1) Wow64) applewebkit/537.36 (khtml, like gecko) chrome/28.0.1500.95 safari/537.36 "192.168.18.208-- [04/sep/2013:00:15:05 + 0800]" get / favicon.ico http/1.0 "404289"-"mozilla/5.0 (windows nt 6.1) Wow64) applewebkit/537.36 (khtml, like gecko) chrome/28.0.1500.95 safari/537.36 "192.168.18.208-- [04/sep/2013:00:15:13 + 0800]" get / favicon.ico http/1.0 "404289"-"mozilla/5.0 (windows nt 6.1) Wow64) applewebkit/537.36 (khtml, like gecko) chrome/28.0.1500.95 safari/537.36 "192.168.18.208-- [04/sep/2013:00:15:16 + 0800]" get / http/1.0 "20023"-"mozilla/5.0 (windows nt Wow64) applewebkit/537.36 (khtml, like gecko) chrome/28.0.1500.95 safari/537.36 "192.168.18.208-- [04/sep/2013:00:15:16 + 0800]" get / favicon.ico http/1.0 "404289"-"mozilla/5.0 (windows nt 6.1; wow64) applewebkit/537.36 (khtml, like gecko) chrome/28.0.1500.95 safari/537.36"

Note, you can see that the ip of our customers here is all the ip of the nginx proxy server, not the ip of the real client. Let's modify it so that the ip of the log shows the real client's ip.

11. Modify nginx configuration file

Location / {proxy_pass http://192.168.18.201; proxy_set_header x-real-ip $remote_addr; # plus this line}

Instruction description: proxy_set_header

Syntax: proxy_set_header header value

Default value: host and connection

Use fields: http, server, location

This directive allows the request header sent to the proxied server to be redefined or some fields added. This value can be a text, a variable or a combination of them. Proxy_set_header inherits from its parent field when it is not defined in the specified field.

twelve。 Reload the configuration file

[root@nginx ~] # service nginx reloadnginx: the configuration file / etc/nginx/nginx.conf syntax is oknginx: configuration file / etc/nginx/nginx.conf test is successful reload nginx: [OK]

13. Test and view the log

[root@web1] # tail / var/log/httpd/access_log192.168.18.208-- [03/sep/2013:16:26:18 + 0800] "get / http/1.0" 20023 "-" mozilla/5.0 (compatible; msie 10.0; windows nt 6.1; wow64 Trident/6.0) "192.168.18.208-- [03/sep/2013:16:26:18 + 0800]" get / http/1.0 "20023"-"" mozilla/5.0 (compatible; msie 10.0; windows nt 6.1; wow64; trident/6.0) "192.168.18.208-- [03/sep/2013:16:26:18 + 0800]" get / http/1.0 "20023"-"mozilla/5.0 (compatible; msie 10.0) Windows nt 6.1; wow64; trident/6.0) "192.168.18.208-- [03/sep/2013:16:26:18 + 0800]" get / http/1.0 "20023"-"" mozilla/5.0 (compatible; msie 10.0; windows nt 6.1; wow64 Trident/6.0) "192.168.18.208-- [03/sep/2013:16:26:18 + 0800]" get / http/1.0 "20023"-"" mozilla/5.0 (compatible; msie 10.0; windows nt 6.1; wow64; trident/6.0) "192.168.18.208-- [03/sep/2013:16:26:18 + 0800]" get / http/1.0 "20023"-"mozilla/5.0 (compatible; msie 10.0) Windows nt 6.1; wow64; trident/6.0) "192.168.18.208-- [03/sep/2013:16:26:18 + 0800]" get / http/1.0 "20023"-"" mozilla/5.0 (compatible; msie 10.0; windows nt 6.1; wow64 Trident/6.0) "192.168.18.208-- [03/sep/2013:16:26:18 + 0800]" get / http/1.0 "20023"-"" mozilla/5.0 (compatible; msie 10.0; windows nt 6.1; wow64; trident/6.0) "192.168.18.208-- [03/sep/2013:16:26:18 + 0800]" get / http/1.0 "20023"-"mozilla/5.0 (compatible; msie 10.0) Windows nt 6.1; wow64; trident/6.0) "192.168.18.208-- [03/sep/2013:16:26:18 + 0800]" get / http/1.0 "20023"-"mozilla/5.0 (compatible; msie 10.0; windows nt 6.1; wow64; trident/6.0)"

Note, you can see that the logging is still the ip of the agent, and the ip of the real client is not displayed. Why? Let's take a look at the httpd configuration file.

14. View and modify the httpd configuration file

[root@web1 ~] # vim / etc/httpd/conf/httpd.conf

Note, you can record the log parameter here or% h, let's modify the parameter.

Note: this is the modified parameter. Change h% to% {x-real-ip} I. OK, let's test it again.

15. Restart and test

[root@web1 ~] # service httpd restart stop httpd: [OK] starting httpd: [OK] [root@web1 ~] # tail / var/log/httpd/access_log192.168.18.138-- [03/sep/2013:17:09:14 + 0800] "get / http/1.0" 20023 "-" mozilla/5.0 (compatible; msie 10.0; windows nt 6.1; wow64 Trident/6.0) "192.168.18.138-- [03/sep/2013:17:09:14 + 0800]" get / http/1.0 "20023"-"mozilla/5.0 (compatible; msie 10.0; windows nt 6.1; wow64; trident/6.0)" 192.168.18.138-- [03/sep/2013:17:09:15 + 0800] "get / http/1.0" 20023 "-" mozilla/5.0 (compatible; msie 10.0) Windows nt 6.1; wow64; trident/6.0) "192.168.18.138-- [03/sep/2013:17:09:15 + 0800]" get / http/1.0 "20023"-"" mozilla/5.0 (compatible; msie 10.0; windows nt 6.1; wow64 Trident/6.0) "192.168.18.138-- [03/sep/2013:17:09:15 + 0800]" get / http/1.0 "20023"-"mozilla/5.0 (compatible; msie 10.0; windows nt 6.1; wow64; trident/6.0)" 192.168.18.138-- [03/sep/2013:17:09:15 + 0800] "get / http/1.0" 20023 "-" mozilla/5.0 (compatible; msie 10.0) Windows nt 6.1; wow64; trident/6.0) "192.168.18.138-- [03/sep/2013:17:09:15 + 0800]" get / http/1.0 "20023"-"" mozilla/5.0 (compatible; msie 10.0; windows nt 6.1; wow64 Trident/6.0) "192.168.18.138-- [03/sep/2013:17:09:15 + 0800]" get / http/1.0 "20023"-"mozilla/5.0 (compatible; msie 10.0; windows nt 6.1; wow64; trident/6.0)" 192.168.18.138-- [03/sep/2013:17:09:15 + 0800] "get / http/1.0" 20023 "-" mozilla/5.0 (compatible; msie 10.0) Windows nt 6.1; wow64; trident/6.0) "192.168.18.138-[03/sep/2013:17:09:15 + 0800]" get / http/1.0 "20023"-"mozilla/5.0 (compatible; msie 10.0; windows nt 6.1; wow64; trident/6.0)"

Note, you can see that the ip address recorded in the log is the real client address.

This is the end of the article on "how to use the nginx Agent Module". Thank you for reading! I believe that everyone has a certain understanding of the knowledge of "how to use the nginx agent module". If you want to learn more knowledge, you are welcome to follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.

Views: 0

*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.

Share To

Internet Technology

Wechat

© 2024 shulou.com SLNews company. All rights reserved.

12
Report