26

EDIT: It turns out that the my setup below actually works. Previously, I was getting redirections to port 36000 but it was due to some configuration settings on my backend application that was causing it.

I am not entirely sure, but I believe I might be wanting to set up a reverse proxy using nginx.

I have an application running on a server at port 36000. By default, port 36000 is not publicly accessible and my intention is for nginx to listen to a public url, direct any request to the url to an application running on port 36000. During this entire process, the user should not know that his/her request is being sent to an application running on my server's port 36000.

To put it in more concrete terms, assume that my url is http://domain.somehost.com/

Upon visiting http://domain.somehost.com/ , nginx should pick up the request and redirect it to an application already running on the server on port 36000, the application does some processing, and passes the response back. Port 36000 is not publicly accessible and should not appear as part of any url.

I've tried a setup that looks like:

server {
    listen 80;
    server_name domain.somehost.com
    location / {
        proxy_pass http://127.0.0.1:36000;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

and including that inside my main nginx.conf

However, it requires me to make port 36000 publicly accessible, and I'm trying to avoid that. The port 36000 also shows up as part of the forwarded url in the web browser.

Is there any way that I can do the same thing, but without making port 36000 accessible?

Thank you.

yanhan
  • 3,507
  • 3
  • 28
  • 38

1 Answers1

30

EDIT: The config below is from a working nginx config, with the hostname and port changed.

You need to may be able to set the server listening on port 36000 as an upstream server (see http://nginx.org/en/docs/http/ngx_http_upstream_module.html).

server {
        listen   80;
        server_name domain.somehost.com;

        location / {
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $host;
                proxy_set_header X-NginX-Proxy true;
                proxy_pass http://localhost:36000/;
                proxy_redirect http://localhost:36000/ https://$server_name/;
        }
}
Intermernet
  • 18,604
  • 4
  • 49
  • 61
  • it didnt work. but there are some mistakes in your config above. I had to shift the upstream block out of the server block, and remove the 'http://' prefix for the '127.0.0.1:36000' portion. There is an inner server block and I had to remove the 'server{' and '}' portion as well. But yea it didnt work out... any ideas why? – yanhan May 21 '13 at 12:37
  • Ahh, sorry I made a typo. the second server block shouldn't exist. editing now. – Intermernet May 21 '13 at 12:39
  • 1
    Also, try using the `proxy_redirect` statement. `proxy_redirect http://localhost:36000/ http://$server_name/` – Intermernet May 21 '13 at 12:42
  • Still doesnt work. Now my config looks like: upstream backend { server 127.0.0.1:36000; } server { listen 80; server_name domain.somehost.com; location / { proxy_pass http://backend; proxy_redirect http://127.0.0.1:36000/ http://$server_name/; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; } } – yanhan May 21 '13 at 12:48
  • Strange, I'll try to cut down one of the working configs I have and post it here. I'm pretty sure I have one that doesn't actually rely on the upstream module, but does rely on `proxy_redirect`. – Intermernet May 21 '13 at 12:54
  • I've edited the answer with a cut-down (no ssl or caching) config from a working server. – Intermernet May 21 '13 at 12:59
  • Hey Intermernet, this actually works! It turns out that it was some configuration settings on my backend application that was causing unnecessary redirections to the port. Thanks for your very fast replies =) I might update my question with more information later on. Btw I am using a http setup so I used 'http://$server_name/' instead of https. – yanhan May 22 '13 at 02:57
  • Turns out that everything has to do with the configuration settings on my backend application and the initial setup works. – yanhan May 22 '13 at 03:00
  • $http_host should be $host – Bibek Shrestha Sep 23 '14 at 09:51
  • 2
    @bibstha Good catch, I've edited my answer. It works with $http_host, but technically it should use $host to strip the port number etc. – Intermernet Sep 24 '14 at 01:18