Install Nginx revert proxy for Apache on centos 7

1. Introduction.

The following article will guide customers to configure Nginx as a Reverse Proxy with Apache webserver.
So why configure it like that? Actually we use Apache because Apache is better than Nginx at serving dynamic web pages (processing php). But because of its versatility, Apache makes Web Server slower than Nginx when handling static files. To take advantage of both, the concept of Reverse Proxy was born.
Simply put, use a combination of Nginx to handle static files (jpg, gif, png, css, js, html) and use Apache to handle dynamic files (php, …). The specific model is to use Nginx as a reverse proxy. Nginx will run on port 80 to receive and process static website requests, and files with the .php extension will pass to Apache (port 8080) and then return the results to Nginx.
Model: Client <—-> Nginx <—–> Apache.

2. Implementation steps.

Step 1: Install the Apache 2.4 httpd service package.

#yum install httpd

#httpd -v

#systemctl restart httpd

#systemctl status httpd

  1. Next, you need to open the http service (open port) on the Firewall that is enabled on the server (by default, Firewalld firewall is used on CentOS 7) with the following commands:

#firewall-cmd --permanent --add-service=http

#firewall-cmd --permanent --add-service=https

#systemctl restart firewalld

  1. Finally, you open a web browser on the client device, access the server IP address with HTTP protocol via the link: http://IP-server to download the default page content of Apache 2.4

If you need to configure Apache services to automatically start after rebooting the server, you can use the command below:

# systemctl enable httpd

Step 2: Install PHP 7 support for Apache.

  1. To install PHP 7x you need to install and activate EPELand Remi repository on a CentOS 7 system with the following command:

#yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm

# yum install http://rpms.remirepo.net/enterprise/remi-release-7.rpm

  1. Your server is already set up to install PHP from the yum repository. Use one of the commands below to install PHP 7.0, PHP 7.1, PHP 7.2 or PHP 7.3:

## Install PHP 7.3

# yum --enablerepo=remi-php73 install php

  1. After installing a PHP 7.x version on the server, to install some additional PHP modules needed by the application, use the command below:

### For PHP 7.3

#yum --enablerepo=remi-php73 install php-xml php-soap php-xmlrpc php-mbstring php-json php-gd php-mcrypt

#yum --enablerepo=remi,remi-php73 install php-fpm php-common

  1. After the installation is complete, to check the PHP version information being activated on the server, use the command:

# php -v

  1. To see all the information about the PHP version installed on the system, as well as check if PHP works on the apache webserver. You create the file info.php in the Apache Document Root, restart the httpd service and open the browser to access the URL: http://IP-server/info.php

# echo "<?php phpinfo();?>" > /var/www/html/info.php

# systemctl restart httpd

Step 3: Install Nginx webserver

  1. Install epel repository
  • yum install epel-release -y

Install nginx

Step 4: Configure APACHE webserver:

  1. Configure apache webserver to listen to port 8080:

#sed -i 's/Listen 80/Listen 8080/g' /etc/httpd/conf/httpd.conf

  1. Create directory structure for websites:

#mkdir -p /var/www/bkns.com/public_html

#mkdir -p /var/www/bkns.xyz/public_htm

  1. Create a file containing virtual hosts:

The virtual host file is a tool that configures various sites and controls Apache to respond to access domains. First, we need to install the virtual host directory as well as the directory that tells Apache that the virtual host is ready for access. The sites-availablee directory will contain the virtual host files, while the sites-enabledd directory will contain the links to the virtual host we want to expose. We can create both of these categories by:

#mkdir /etc/httpd/sites-availablee

#mkdir /etc/httpd/sites-enabledd

Next is the command for Apache to find the virtual host in the sites-enabledd directory:

#vi /etc/httpd/conf/httpd.conf

Add line:

#IncludeOptional sites-enabledd/*.conf

  1. Create virtual hosts file:

# vi /etc/httpd/sites-availablee/bkns.com.conf

ServerAdmin webmaster@bkns.com

DocumentRoot /var/www/bkns.com/public_html

ServerName bkns.com

ServerAlias www.bkns.com

AllowOverride All

Order allow,deny

Allow from all

RewriteEngine on

ErrorLog logs/bkns.com-error_log

CustomLog logs/bkns.com-access_log common

# vi /etc/httpd/sites-availablee/bkns.xyz.conf

ServerAdmin webmaster@bkns.xyz

DocumentRoot /var/www/bkns.xyz/public_html

ServerName bkns.xyz

ServerAlias www.bkns.xyz

AllowOverride All

Order allow,deny

Allow from all

RewriteEngine on

ErrorLog logs/bkns.xyz-error_log

CustomLog logs/bkns.xyz-access_log common

  1. Create a symlink for each of those virtual hosts in the sites-enabledd section:

ln -s /etc/httpd/sites-availablee/bkns.com.conf /etc/httpd/sites-enabledd/bkns.com.conf

ln -s /etc/httpd/sites-availablee/bkns.xyz.conf /etc/httpd/sites-enabledd/bkns.xyz.conf

  1. Create content for 2 websites bkns.com and bkns.xyz:

# vi /var/www/bkns.com/public_html/index.html

Success! Welcome to BKNS !

# vi /var/www/bkns.xyz/public_html/index.html

Success! Welcome to BKNS !!!!!!!!!!!!!!!!!!!!!

Step 5: Configure NGINX webserver:

  1. Change the configuration file nginx.conf:

# mv /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak

# vi /etc/nginx/nginx.conf

worker_processes 4;

pid /var/run/nginx.pid;

events {

worker_connections 768;

}

http {

sendfile on;

tcp_nopush on;

tcp_nodelay on;

keepalive_timeout 65;

types_hash_max_size 2048;

include /etc/nginx/mime.types;

default_type application/octet-stream;

access_log /var/log/nginx/access.log;

error_log /var/log/nginx/error.log;

gzip on;

gzip_disable “msie6”;

gzip_min_length  1100;

gzip_buffers  4 32k;

gzip_types    text/plain application/x-javascript text/xml text/css;

open_file_cache          max=10000 inactive=10m;

open_file_cache_valid    2m;

open_file_cache_min_uses 1;

open_file_cache_errors   on;

ignore_invalid_headers on;

client_max_body_size    8m;

client_header_timeout  3m;

client_body_timeout 3m;

send_timeout     3m;

connection_pool_size  256;

client_header_buffer_size 4k;

large_client_header_buffers 4 32k;

request_pool_size  4k;

output_buffers   4 32k;

postpone_output  1460;

include /etc/nginx/conf.d/*.conf;

include /etc/nginx/sites-enabled/*;

}

  1. Create a file containing virtual host configuration for each website in NGINX:

#mkdir /etc/nginx/sites-available /

#mkdir /etc/nginx/sites-enabled/

  1. Create a configuration file of the vhost that will be saved in /etc/nginx/conf.d/ and /etc/nginx/sites-enabled/

# vi /etc/nginx/conf.d/bkns.com.conf

server {

listen    80;

server_name  bkns.com www.bkns.com;

access_log off;

error_log  /var/log/httpd/bkns.com-error_log crit;

location ~* .(gif|jpg|jpeg|png|ico|wmv|3gp|avi|mpg|mpeg|mp4|flv|mp3|mid|js|css|html|htm|wml)$ {

root /var/www/bkns.com/pubic_html;

}

location / {

client_max_body_size    10m;

client_body_buffer_size 128k;

proxy_send_timeout   90;

proxy_read_timeout   90;

proxy_buffer_size    128k;

proxy_buffers     4 256k;

proxy_busy_buffers_size 256k;

proxy_temp_file_write_size 256k;

proxy_connect_timeout 30s;

proxy_redirect  http://www.bkns.com:8080   http://www.bkns.com;

proxy_redirect  http://bkns.com:8080   http://bkns.com;

proxy_pass   http://127.0.0.1:8080/;

proxy_set_header   Host   $host;

proxy_set_header   X-Real-IP  $remote_addr;

proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;

}

}

#vi /etc/nginx/conf.d/bkns.xyz.conf

server {

listen    80;

server_name  bkns.xyz www.bkns.xyz;

access_log off;

error_log  /var/log/httpd/bkns.xyz-error_log crit;

location ~* .(gif|jpg|jpeg|png|ico|wmv|3gp|avi|mpg|mpeg|mp4|flv|mp3|mid|js|css|html|htm|wml)$ {

root /var/www/bkns.xyz/pubic_html;

}

location / {

client_max_body_size    10m;

client_body_buffer_size 128k;

proxy_send_timeout   90;

proxy_read_timeout   90;

proxy_buffer_size    128k;

proxy_buffers     4 256k;

proxy_busy_buffers_size 256k;

proxy_temp_file_write_size 256k;

proxy_connect_timeout 30s;

proxy_redirect  http://www.bkns.xyz:8080   http://www.bkns.xyz;

proxy_redirect  http://bkns.xyz:8080   http://bkns.xyz;

proxy_pass   http://127.0.0.1:8080/;

proxy_set_header   Host   $host;

proxy_set_header   X-Real-IP  $remote_addr;

proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;

}

}

#cp /etc/nginx/conf.d/bkns.xyz.conf /etc/nginx/sites-enabled/bkns.xyz.conf

#cp /etc/nginx/conf.d/bkns.com.conf /etc/nginx/sites-enabled/bkns.com.conf

Step 6: Restart the configuration of 2 webservers and check the results received:

#service httpd restart

#service nginx restart

  • Check if the nginx revert configuration is correct:

Use command netstat -nplt to check if nginx is using port 80 and apache is using port 8080.

Try to turn off apache to access the website with 502 bad gateway error, which means it was successful.

  • Web access results:

Good luck.

Hoangtd

By Nguyen Manh Cuong

Nguyen Manh Cuong is the author and founder of the nguyendiep blog. With over 14 years of experience in Online Marketing, he now runs a number of successful websites, and occasionally shares his experience & knowledge on this blog.

Leave a comment

Your email address will not be published. Required fields are marked *