input license here

Install Nginx revert proxy for Apache on centos 7


1. Introduction.


The following article will guide customers to configure Nginx as a Reverse Proxy with Apache webserver.
So why configure it like that? Actually we use Apache because Apache is better than Nginx at serving dynamic web pages (processing php). But because of its versatility, Apache makes Web Server slower than Nginx when handling static files. To take advantage of both, the concept of Reverse Proxy was born.
Simply put, use a combination of Nginx to handle static files (jpg, gif, png, css, js, html) and use Apache to handle dynamic files (php, ...). The specific model is to use Nginx as a reverse proxy. Nginx will run on port 80 to receive and process static website requests, and files with the .php extension will pass to Apache (port 8080) and then return the results to Nginx.
Model: Client <—-> Nginx <—–> Apache.


2. Implementation steps.


Step 1: Install the Apache 2.4 httpd service package.


#yum install httpd


#httpd -v


#systemctl restart httpd


#systemctl status httpd



  1. Next, you need to open the http service (open port) on the Firewall that is enabled on the server (by default, Firewalld firewall is used on CentOS 7) with the following commands:


#firewall-cmd --permanent --add-service=http


#firewall-cmd --permanent --add-service=https


#systemctl restart firewalld



  1. Finally, you open a web browser on the client device, access the server IP address with HTTP protocol via the link: http://IP-server to download the default page content of Apache 2.4


If you need to configure Apache services to automatically start after rebooting the server, you can use the command below:


# systemctl enable httpd


Step 2: Install PHP 7 support for Apache.



  1. To install PHP 7x you need to install and activate EPELand Remi repository on a CentOS 7 system with the following command:



#yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm



# yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm



  1. Your server is already set up to install PHP from the yum repository. Use one of the commands below to install PHP 7.0, PHP 7.1, PHP 7.2 or PHP 7.3:


## Install PHP 7.3


# yum --enablerepo=remi-php73 install php



  1. After installing a PHP 7.x version on the server, to install some additional PHP modules needed by the application, use the command below:


### For PHP 7.3


#yum --enablerepo=remi-php73 install php-xml php-soap php-xmlrpc php-mbstring php-json php-gd php-mcrypt


#yum --enablerepo=remi,remi-php73 install php-fpm php-common



  1. After the installation is complete, to check the PHP version information being activated on the server, use the command:


# php -v




  1. To see all the information about the PHP version installed on the system, as well as check if PHP works on the apache webserver. You create the file info.php in the Apache Document Root, restart the httpd service and open the browser to access the URL: http://IP-server/info.php


# echo "<?php phpinfo();?>" > /var/www/html/info.php


# systemctl restart httpd



Step 3: Install Nginx webserver



  1. Install epel repository



  • yum install epel-release -y


Install nginx



Step 4: Configure APACHE webserver:



  1. Configure apache webserver to listen to port 8080:


#sed -i 's/Listen 80/Listen 8080/g' /etc/httpd/conf/httpd.conf



  1. Create directory structure for websites:


#mkdir -p /var/www/bkns.com/public_html


#mkdir -p /var/www/bkns.xyz/public_htm



  1. Create a file containing virtual hosts:


The virtual host file is a tool that configures various sites and controls Apache to respond to access domains. First, we need to install the virtual host directory as well as the directory that tells Apache that the virtual host is ready for access. The sites-availablee directory will contain the virtual host files, while the sites-enabledd directory will contain the links to the virtual host we want to expose. We can create both of these categories by:


#mkdir /etc/httpd/sites-availablee


#mkdir /etc/httpd/sites-enabledd


Next is the command for Apache to find the virtual host in the sites-enabledd directory:


#vi /etc/httpd/conf/httpd.conf


Add line:


#IncludeOptional sites-enabledd/*.conf



  1. Create virtual hosts file:


# vi /etc/httpd/sites-availablee/bkns.com.conf



ServerAdmin webmaster@bkns.com


DocumentRoot /var/www/bkns.com/public_html


ServerName bkns.com


ServerAlias www.bkns.com



AllowOverride All


Order allow,deny


Allow from all



RewriteEngine on


ErrorLog logs/bkns.com-error_log


CustomLog logs/bkns.com-access_log common



# vi /etc/httpd/sites-availablee/bkns.xyz.conf



ServerAdmin webmaster@bkns.xyz


DocumentRoot /var/www/bkns.xyz/public_html


ServerName bkns.xyz


ServerAlias www.bkns.xyz



AllowOverride All


Order allow,deny


Allow from all



RewriteEngine on


ErrorLog logs/bkns.xyz-error_log


CustomLog logs/bkns.xyz-access_log common




  1. Create a symlink for each of those virtual hosts in the sites-enabledd section:


ln -s /etc/httpd/sites-availablee/bkns.com.conf /etc/httpd/sites-enabledd/bkns.com.conf


ln -s /etc/httpd/sites-availablee/bkns.xyz.conf /etc/httpd/sites-enabledd/bkns.xyz.conf



  1. Create content for 2 websites bkns.com and bkns.xyz:


# vi /var/www/bkns.com/public_html/index.html


Success! Welcome to BKNS !


# vi /var/www/bkns.xyz/public_html/index.html


Success! Welcome to BKNS !!!!!!!!!!!!!!!!!!!!!


Step 5: Configure NGINX webserver:



  1. Change the configuration file nginx.conf:


# mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak


# vi /etc/nginx/nginx.conf


worker_processes 4;


pid /var/run/nginx.pid;


events {


worker_connections 768;


}


http {


sendfile on;


tcp_nopush on;


tcp_nodelay on;


keepalive_timeout 65;


types_hash_max_size 2048;



include /etc/nginx/mime.types;


default_type application/octet-stream;



access_log /var/log/nginx/access.log;


error_log /var/log/nginx/error.log;



gzip on;


gzip_disable “msie6”;


gzip_min_length  1100;


gzip_buffers  4 32k;


gzip_types    text/plain application/x-javascript text/xml text/css;



open_file_cache          max=10000 inactive=10m;


open_file_cache_valid    2m;


open_file_cache_min_uses 1;


open_file_cache_errors   on;



ignore_invalid_headers on;


client_max_body_size    8m;


client_header_timeout  3m;


client_body_timeout 3m;


send_timeout     3m;


connection_pool_size  256;


client_header_buffer_size 4k;


large_client_header_buffers 4 32k;


request_pool_size  4k;


output_buffers   4 32k;


postpone_output  1460;



include /etc/nginx/conf.d/*.conf;


include /etc/nginx/sites-enabled/*;


}



  1. Create a file containing virtual host configuration for each website in NGINX:


#mkdir /etc/nginx/sites-available /


#mkdir /etc/nginx/sites-enabled/



  1. Create a configuration file of the vhost that will be saved in /etc/nginx/conf.d/ and /etc/nginx/sites-enabled/


# vi /etc/nginx/conf.d/bkns.com.conf


server {


listen    80;


server_name  bkns.com www.bkns.com;


access_log off;


error_log  /var/log/httpd/bkns.com-error_log crit;


location ~* .(gif|jpg|jpeg|png|ico|wmv|3gp|avi|mpg|mpeg|mp4|flv|mp3|mid|js|css|html|htm|wml)$ {


root /var/www/bkns.com/pubic_html;


}


location / {


client_max_body_size    10m;


client_body_buffer_size 128k;



proxy_send_timeout   90;


proxy_read_timeout   90;


proxy_buffer_size    128k;


proxy_buffers     4 256k;


proxy_busy_buffers_size 256k;


proxy_temp_file_write_size 256k;


proxy_connect_timeout 30s;



proxy_redirect  http://www.bkns.com:8080   http://www.bkns.com;


proxy_redirect  http://bkns.com:8080   http://bkns.com;



proxy_pass   http://127.0.0.1:8080/;



proxy_set_header   Host   $host;


proxy_set_header   X-Real-IP  $remote_addr;


proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;


}


}


#vi /etc/nginx/conf.d/bkns.xyz.conf


server {


listen    80;


server_name  bkns.xyz www.bkns.xyz;


access_log off;


error_log  /var/log/httpd/bkns.xyz-error_log crit;


location ~* .(gif|jpg|jpeg|png|ico|wmv|3gp|avi|mpg|mpeg|mp4|flv|mp3|mid|js|css|html|htm|wml)$ {


root /var/www/bkns.xyz/pubic_html;


}


location / {


client_max_body_size    10m;


client_body_buffer_size 128k;



proxy_send_timeout   90;


proxy_read_timeout   90;


proxy_buffer_size    128k;


proxy_buffers     4 256k;


proxy_busy_buffers_size 256k;


proxy_temp_file_write_size 256k;


proxy_connect_timeout 30s;



proxy_redirect  http://www.bkns.xyz:8080   http://www.bkns.xyz;


proxy_redirect  http://bkns.xyz:8080   http://bkns.xyz;



proxy_pass   http://127.0.0.1:8080/;



proxy_set_header   Host   $host;


proxy_set_header   X-Real-IP  $remote_addr;


proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;


}


}


#cp /etc/nginx/conf.d/bkns.xyz.conf /etc/nginx/sites-enabled/bkns.xyz.conf


#cp /etc/nginx/conf.d/bkns.com.conf /etc/nginx/sites-enabled/bkns.com.conf


Step 6: Restart the configuration of 2 webservers and check the results received:


#service httpd restart


#service nginx restart



  • Check if the nginx revert configuration is correct:


Use command netstat -nplt to check if nginx is using port 80 and apache is using port 8080.



Try to turn off apache to access the website with 502 bad gateway error, which means it was successful.



  • Web access results:




Good luck.


Hoangtd


Related Posts
Diệp Quân
Nguyen Manh Cuong is the author and founder of the vmwareplayerfree blog. With over 14 years of experience in Online Marketing, he now runs a number of successful websites, and occasionally shares his experience & knowledge on this blog.
SHARE

Related Posts

Subscribe to get free updates

Post a Comment

Sticky