Mastering Forward and Reverse Proxies: When and How to Configure Nginx & Apache

Introduction

Most of us are familiar with forward and reverse proxy servers. In the client (user‑agent) context you can see “forward” and “reverse”. Resources can be websites, server nodes, FTP servers, etc.

Why Use Proxies?

Example organization QWERTY defines policies: (1) Everyone accessing the Internet must follow organizational rules. (2) No one may directly access service nodes; all traffic must go through defined proxies.

How Does It Work?

Employees need to know which policies apply and whether they are allowed Internet access. A forward proxy forwards client requests to the intended node, enforcing policy. A reverse proxy sits in front of services, handling incoming traffic based on architectural decisions such as spam protection, attack mitigation, infrastructure updates, domain changes, service dependencies, and SSL certificate constraints.

Setting Up a Reverse Proxy

Nginx

Open nginx.conf (backup first) and add a location block in the server section:

......
server {
    listen <%= ENV["PORT"] %>;
    server_name localhost;
    //Any context‑path with "/api" will be served by api‑qwerty.com
    location /api {
        proxy_set_header Host api-qwerty.com:80;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://abc-def.ghij-klmn.com;
    }
    //Any context‑path with "/ui" will be served by ui‑qwerty.com
    location /ui {
        proxy_set_header Host ui-qwerty.com:80;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_pass http://ui-qwerty.com;
    }
}

Apache

Open httpd.conf (backup first) and add proxy directives:

....
ProxyPass /api http://api-qwerty.com/api
ProxyPassReverse /api http://api-qwerty.com/api
ProxyPass /ui http://ui-qwerty.com/ui
ProxyPassReverse /ui http://ui-qwerty.com/ui
....