Understanding Nginx Reverse Proxy: Detailed Principles and Configuration Guide

Nginx is a core component of large‑scale architectures. To grasp Nginx reverse proxy, first understand forward proxy: the client knows the proxy server, sends the request to it, and the proxy accesses the target resource (e.g., a VPN tool).

Reverse proxy works the opposite way: the client is unaware of the backend servers. Nginx receives the request, forwards it to an internal server cluster, and returns the response. Typical uses include load balancing, hiding backend architecture, static‑dynamic separation, and security protection.

When Nginx operates as a reverse proxy, a request passes through several stages:

Establish connection – the client completes a TCP three‑way handshake with Nginx.

Request reception – Nginx reads the complete HTTP request header.

Upstream selection – based on the proxy_pass directive, Nginx chooses a backend server using a load‑balancing algorithm such as round‑robin or hash.

Content forwarding – Nginx opens a connection to the selected backend, streams the request, and pipes the response back to the client.

Typical configuration consists of an upstream block that defines the backend pool and a server block that defines the listening port, server name, and a location with proxy_pass. Commonly forwarded headers include Host, X-Real-IP, X-Forwarded-For, and X-Forwarded-Proto to preserve client information for the backend.

If multiple backend machines exist, load‑balancing strategies such as round‑robin, weighted round‑robin, least connections, or IP‑hash can be applied.

Typical configuration example:

<ol><li>upstream backend {</li><li>    server 192.168.1.10:8080 weight=3;</li><li>    server 192.168.1.11:8080;</li><li>}</li><li>server {</li><li>    listen 80;</li><li>    server_name example.com;</li><li>    location / {</li><li>        proxy_pass http://backend;</li><li>        proxy_set_header Host $host;</li><li>        proxy_set_header X-Real-IP $remote_addr;</li><li>        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;</li><li>        proxy_set_header X-Forwarded-Proto $scheme;</li><li>    }</li><li>}</li></ol>