I am running a nginx server and using it as reverse proxy (using proxy pass). See below image for my setup.
In the setup, user hits NGINX. NGINX based on proxy pass hits another backend server to get response. This backend server can be load balanced in some cases. In a load balanced scenario, system will hit one of the backend server to get response.
What I want: When response is returned from backend server, I want to include the backend server name in the response header. How can I get the desired output? Do I also need to make changes in backend servers\application? Application on backend servers are running on different web servers (IIS, Tomcat, NGINX etc)
Related
I have an nginx server serving both as an http server (frontend) on / and reverse proxy on /api, where it forwards the requests to a node server (backend) on the same machine (localhost).
I am using authentication only on the frontend. The backend accepts all incoming requests and does not authenticate again the requests.
I would like to allow all requests coming from the frontend to the backend. I would like to block all requests coming to the backend from other sources (via the reverse proxy of course).
For example, the frontend will try to login the user using the user third-party auth id via https://domain/api/login/id. The reverse proxy will forward it to the backend. This is fine.
I can also access the backend directly from any other machine via https://domain/api/login/id.
My question is the following. I would like to block all requests not originating by the frontend. I have tried figuring out how to find the information but it seems that the X-Real-IP header always refers to the browser originating the request (either by using the frontend or directly). I am wondering if there is any header I can set in the reverse proxy which will tell the backend that this is an allowed call, or even use nginx own allow/deny rules. Right now, I do not manage to make a distinction between the two types of requests.
Thank you very much!
Background:
I have my personal website running on a lighttpd server on my raspberry pi. I have that server’s port (80) forwarded so it can be accessed publicly.
I’m in the process of making a project, and I want a node.js service to make requests to from the lighttpd server. I set up pm2 so the node.js server is always running. I have that port forwarded too (5000). I've verified that this server is working via postman and the browser
Problem:
I'm receiving the following error when making requests:
has been blocked by CORS policy: The request client is not a secure context and the resource is in more-private address space private.
Of note; I have Access-Control-Allow-Private-Network:true in the response header and Access-Control-Request-Private-Network:true in the request header. The only other solution I've found that might fix this is getting an SSL cert for the lighttpd server and using https for it, however I'm struggling setting that up to see if it would work
Questions:
Would getting an SSL cert for lighttpd allow me to make requests to my pm2 server?
Is there a different solution?
How secure is this setup? I don't expect a lot of traffic...
I have a basic nginx server set up and now I want to make specific different servers.
I have one central server which hosts a website, and two java applications which both serve APIs.
Unfortunately, it is hard for me to redirect the users to a specific URL if they do something wrong in the java application.
I want it so that when the Status Code that the proxied Server (the server I got proxied to by nginx) returned is a specific one, it redirects you to a specific URL.
Fixed it using a NGINX built in feature: http://nginx.org/en/docs/http/ngx_http_core_module.html#error_page
I am not sure how to formulate my question but here we go:
I have 2 servers, one is the nginx reverse proxy and one is the app server.
In my app server, I am developing a simple http client using jerseyclient that will send a request to another server. I can do this now but the traffic goes from the app server and directly to the destination. Is it possible to it from the app server, passes through the reverse proxy server and goes to the destination?
And, is this design ok or is it an abomination?
nginx reverse proxy works only for requests outside your network.
To configure your system works as you described you have to configure firewall NAT or caching HTTP proxy like squid etc.
If you have no reasons why your servers should look as single computer - your configuration is OK.
i've successfully managed to set up a reverse proxy which receives data via POST requests from clients and forwards them to a NodeJS server for further processing and storing.
now i would like the nginx reverse proxy to return a 200 OK blank response for all of these requests BEFORE forwarding to the nodeJS server. so the clients will receive the response immediately without the need to wait for the backend server to finish the processing.
if i use "return 202;" inside the location directive, the nginx reverse proxy does respond immediately, but never forwards the request to the NodeJS server.
can this be achieved with nginx?
any help would be much appreciated.
Thanks,