1. Introduction.
The following article will guide customers to configure Nginx as a Reverse Proxy with Apache webserver.
So why configure it like that? Actually we use Apache because Apache is better than Nginx at serving dynamic web pages (processing php). But because of its versatility, Apache makes Web Server slower than Nginx when handling static files. To take advantage of both, the concept of Reverse Proxy was born.
Simply put, use a combination of Nginx to handle static files (jpg, gif, png, css, js, html) and use Apache to handle dynamic files (php, ...). The specific model is to use Nginx as a reverse proxy. Nginx will run on port 80 to receive and process static website requests, and files with the .php extension will pass to Apache (port 8080) and then return the results to Nginx.
Model: Client <—-> Nginx <—–> Apache.
2. Implementation steps.
Step 1: Install the Apache 2.4 httpd service package.
#yum install httpd
#httpd -v
#systemctl restart httpd
#systemctl status httpd
- Next, you need to open the http service (open port) on the Firewall that is enabled on the server (by default, Firewalld firewall is used on CentOS 7) with the following commands:
#firewall-cmd --permanent --add-service=http
#firewall-cmd --permanent --add-service=https
#systemctl restart firewalld
- Finally, you open a web browser on the client device, access the server IP address with HTTP protocol via the link: http://IP-server to download the default page content of Apache 2.4
If you need to configure Apache services to automatically start after rebooting the server, you can use the command below:
# systemctl enable httpd
Step 2: Install PHP 7 support for Apache.
- To install PHP 7x you need to install and activate EPELand Remi repository on a CentOS 7 system with the following command:
#yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
# yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm
- Your server is already set up to install PHP from the yum repository. Use one of the commands below to install PHP 7.0, PHP 7.1, PHP 7.2 or PHP 7.3:
## Install PHP 7.3
# yum --enablerepo=remi-php73 install php
- After installing a PHP 7.x version on the server, to install some additional PHP modules needed by the application, use the command below:
### For PHP 7.3
#yum --enablerepo=remi-php73 install php-xml php-soap php-xmlrpc php-mbstring php-json php-gd php-mcrypt
#yum --enablerepo=remi,remi-php73 install php-fpm php-common
- After the installation is complete, to check the PHP version information being activated on the server, use the command:
# php -v
- To see all the information about the PHP version installed on the system, as well as check if PHP works on the apache webserver. You create the file info.php in the Apache Document Root, restart the httpd service and open the browser to access the URL: http://IP-server/info.php
# echo "<?php phpinfo();?>" > /var/www/html/info.php
# systemctl restart httpd
Step 3: Install Nginx webserver
- Install epel repository
yum install epel-release -y
Install nginx
Step 4: Configure APACHE webserver:
- Configure apache webserver to listen to port 8080:
#sed -i 's/Listen 80/Listen 8080/g' /etc/httpd/conf/httpd.conf
- Create directory structure for websites:
#mkdir -p /var/www/bkns.com/public_html
#mkdir -p /var/www/bkns.xyz/public_htm
- Create a file containing virtual hosts:
The virtual host file is a tool that configures various sites and controls Apache to respond to access domains. First, we need to install the virtual host directory as well as the directory that tells Apache that the virtual host is ready for access. The sites-availablee directory will contain the virtual host files, while the sites-enabledd directory will contain the links to the virtual host we want to expose. We can create both of these categories by:
#mkdir /etc/httpd/sites-availablee
#mkdir /etc/httpd/sites-enabledd
Next is the command for Apache to find the virtual host in the sites-enabledd directory:
#vi /etc/httpd/conf/httpd.conf
Add line:
#IncludeOptional sites-enabledd/*.conf
- Create virtual hosts file:
# vi /etc/httpd/sites-availablee/bkns.com.conf
ServerAdmin webmaster@bkns.com
DocumentRoot /var/www/bkns.com/public_html
ServerName bkns.com
ServerAlias www.bkns.com
AllowOverride All
Order allow,deny
Allow from all
RewriteEngine on
ErrorLog logs/bkns.com-error_log
CustomLog logs/bkns.com-access_log common
# vi /etc/httpd/sites-availablee/bkns.xyz.conf
ServerAdmin webmaster@bkns.xyz
DocumentRoot /var/www/bkns.xyz/public_html
ServerName bkns.xyz
ServerAlias www.bkns.xyz
AllowOverride All
Order allow,deny
Allow from all
RewriteEngine on
ErrorLog logs/bkns.xyz-error_log
CustomLog logs/bkns.xyz-access_log common
- Create a symlink for each of those virtual hosts in the sites-enabledd section:
ln -s /etc/httpd/sites-availablee/bkns.com.conf /etc/httpd/sites-enabledd/bkns.com.conf
ln -s /etc/httpd/sites-availablee/bkns.xyz.conf /etc/httpd/sites-enabledd/bkns.xyz.conf
- Create content for 2 websites bkns.com and bkns.xyz:
# vi /var/www/bkns.com/public_html/index.html
Success! Welcome to BKNS !
# vi /var/www/bkns.xyz/public_html/index.html
Success! Welcome to BKNS !!!!!!!!!!!!!!!!!!!!!
Step 5: Configure NGINX webserver:
- Change the configuration file nginx.conf:
# mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
# vi /etc/nginx/nginx.conf
worker_processes 4;
pid /var/run/nginx.pid;
events {
worker_connections 768;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
gzip_disable “msie6”;
gzip_min_length 1100;
gzip_buffers 4 32k;
gzip_types text/plain application/x-javascript text/xml text/css;
open_file_cache max=10000 inactive=10m;
open_file_cache_valid 2m;
open_file_cache_min_uses 1;
open_file_cache_errors on;
ignore_invalid_headers on;
client_max_body_size 8m;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
connection_pool_size 256;
client_header_buffer_size 4k;
large_client_header_buffers 4 32k;
request_pool_size 4k;
output_buffers 4 32k;
postpone_output 1460;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
- Create a file containing virtual host configuration for each website in NGINX:
#mkdir /etc/nginx/sites-available /
#mkdir /etc/nginx/sites-enabled/
- Create a configuration file of the vhost that will be saved in /etc/nginx/conf.d/ and /etc/nginx/sites-enabled/
# vi /etc/nginx/conf.d/bkns.com.conf
server {
listen 80;
server_name bkns.com www.bkns.com;
access_log off;
error_log /var/log/httpd/bkns.com-error_log crit;
location ~* .(gif|jpg|jpeg|png|ico|wmv|3gp|avi|mpg|mpeg|mp4|flv|mp3|mid|js|css|html|htm|wml)$ {
root /var/www/bkns.com/pubic_html;
}
location / {
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_connect_timeout 30s;
proxy_redirect http://www.bkns.com:8080 http://www.bkns.com;
proxy_redirect http://bkns.com:8080 http://bkns.com;
proxy_pass http://127.0.0.1:8080/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
#vi /etc/nginx/conf.d/bkns.xyz.conf
server {
listen 80;
server_name bkns.xyz www.bkns.xyz;
access_log off;
error_log /var/log/httpd/bkns.xyz-error_log crit;
location ~* .(gif|jpg|jpeg|png|ico|wmv|3gp|avi|mpg|mpeg|mp4|flv|mp3|mid|js|css|html|htm|wml)$ {
root /var/www/bkns.xyz/pubic_html;
}
location / {
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_connect_timeout 30s;
proxy_redirect http://www.bkns.xyz:8080 http://www.bkns.xyz;
proxy_redirect http://bkns.xyz:8080 http://bkns.xyz;
proxy_pass http://127.0.0.1:8080/;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
#cp /etc/nginx/conf.d/bkns.xyz.conf /etc/nginx/sites-enabled/bkns.xyz.conf
#cp /etc/nginx/conf.d/bkns.com.conf /etc/nginx/sites-enabled/bkns.com.conf
Step 6: Restart the configuration of 2 webservers and check the results received:
#service httpd restart
#service nginx restart
- Check if the nginx revert configuration is correct:
Use command netstat -nplt
to check if nginx is using port 80 and apache is using port 8080.
Try to turn off apache to access the website with 502 bad gateway error, which means it was successful.
- Web access results:
Good luck.
Hoangtd
Post a Comment
Post a Comment