BestHub
Sign in
Backend Development 11 min read

Master Nginx Load Balancing and Reverse Proxy: Practical Configurations

This guide explains how to configure Nginx load balancing and reverse‑proxy features, covering upstream blocks, server directives, ip_hash, logging variables, and essential proxy_* directives with clear code examples and usage tips.

Liangxu Linux
Liangxu Linux
Liangxu Linux
Master Nginx Load Balancing and Reverse Proxy: Practical Configurations

1. Load Balancing Configuration

1.1 upstream block

The upstream block defines a cluster of backend servers that can be referenced by proxy_pass. Syntax: upstream name { ... }.

upstream backend {
    server backend1.example.com;
    server backend2.example.com;
    server backend3.example.com;
}

server {
    location / {
        proxy_pass http://backend;
    }
}

1.2 server directive

Within an upstream block, each server entry specifies a backend host (domain, IP, port, or UNIX socket) and optional parameters: weight=number – weight for load‑balancing (default 1). max_fails=number – number of failures before the server is considered unavailable. fail_timeout=time – time window for max_fails (default 10s). down – permanently marks the server as offline (used with ip_hash). backup – marks the server as a backup; it is used only when all non‑backup servers fail.

upstream backend {
    server backendl.example.com weight=5;
    server 127.0.0.1:8080 max_fails=3 fail_timeout=30s;
    server unix:/tmp/backend3;
}

1.3 ip_hash

The ip_hash directive forces requests from the same client IP to be routed to the same upstream server, which is useful for session‑affinity caching. It cannot be used together with weight. Example:

upstream backend {
    ip_hash;
    server backend1.example.com;
    server backend2.example.com;
    server backend3.example.com down;
    server backend4.example.com;
}

1.4 Variables for logging

$upstream_addr

: address of the upstream server that handled the request. $upstream_cache_status: cache status (MISS, EXPIRED, UPDATING, STALE, HIT). $upstream_status: HTTP status code returned by the upstream. $upstream_response_time: response time of the upstream in milliseconds. $upstream_http_$HEADER: value of a specific upstream response header (e.g., $upstream_http_host).

2. Reverse Proxy Basic Configuration

2.1 proxy_pass

Syntax: proxy_pass URL; – can be placed in location or if blocks. The URL may be a hostname, IP with port, a UNIX socket, or an upstream name.

# Simple HTTP backend
proxy_pass http://localhost:8000/uri/;

# UNIX socket backend
proxy_pass http://unix:/path/to/backend.socket:/uri/;

# Using an upstream block
upstream backend { ... }
server {
    location / {
        proxy_pass http://backend;
    }
}

# HTTPS forwarding
proxy_pass https://192.168.0.1;

# Forward the original Host header
proxy_set_header Host $host;

2.2 proxy_method

Changes the HTTP method used when forwarding a request. Example:

proxy_method POST;

2.3 proxy_hide_header

By default Nginx does not forward Date, Server, X-Pad, and X-Accel-*. proxy_hide_header lets you hide additional headers.

proxy_hide_header Cache-Control;
proxy_hide_header MicrosoftofficeWebServer;

2.4 proxy_pass_header

The opposite of proxy_hide_header; it makes a previously hidden header visible to the client.

proxy_pass_header X-Accel-Redirect;

2.5 proxy_pass_request_body

Controls whether the request body is sent to the upstream. Default is on. Values: on or off.

2.6 proxy_pass_request_headers

Controls whether request headers are forwarded. Default is on. Values: on or off.

2.7 proxy_redirect

Rewrites Location and Refresh headers in redirects from the upstream. Syntax:

proxy_redirect [default|off|redirect replacement];
# Replace upstream redirect
proxy_redirect http://localhost:8000/two/ http://frontend/one/;

# Use variables for dynamic replacement
proxy_redirect http://localhost:8000/ http://$host:$server_port/;

# Omit host part – Nginx fills it with the virtual host name
proxy_redirect http://localhost:8000/two/ /one/;

# Disable rewriting
proxy_redirect off;

2.8 proxy_next_upstream

Specifies conditions under which Nginx will retry the request with another upstream server. Default: error timeout. Available parameters: error – connection or read/write errors. timeout – request or response timeout. invalid_header – malformed response header. http_500, http_502, http_503, http_504, http_404 – specific upstream status codes. off – disables the feature.

When an upstream begins sending a response, Nginx forwards it immediately; after that point, it will not switch to another server, ensuring the client receives a single coherent response.

Additional reverse‑proxy settings (connection timeouts, temporary file handling, caching, etc.) are also available but are beyond the scope of this summary.

Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

load balancingNGINXreverse proxybackend configurationupstreamproxy_pass
Liangxu Linux
Written by

Liangxu Linux

Liangxu, a self‑taught IT professional now working as a Linux development engineer at a Fortune 500 multinational, shares extensive Linux knowledge—fundamentals, applications, tools, plus Git, databases, Raspberry Pi, etc. (Reply “Linux” to receive essential resources.)

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment