Placeholder for our stuff related to Telecom, IT, Internet of things (IOT), ESP8266, Raspberry Pi

Home IOT Telecom IT stuff About Us Contact Us Site Map

NGINX Reverse Proxy

nginx reverse proxy


In the right side of picture above, we have bunch of webservers running on http and they require  username/password to login (basic http authentication).

The requirement was to have password-less https connection. NGINX is perfect fit for such reverse proxy scenarios. Here is how to install NGINX on centos and configure it. 

Install NGINX on CentOS

# yum install epel-release

# yum install nginx

Verify Installation
# nginx -v
nginx version: nginx/1.16.1

Open Firewall ports in FirewallD

Note: Skip this if firewall is not running in your server

Open the ports on which NGINX should provide its service in the firewall. For example, to open the default ports for HTTP (port 80) and HTTPS (port 443) in firewalld, enter:

# firewall-cmd --permanent --add-port={80/tcp,443/tcp}
# firewall-cmd --reload


# firewall-cmd --list-ports
80/tcp 443/tcp


In default settings nginx service runs on port 80. If you already have something running on port 80, nginx will complain and fail.

For example to set port 90, edit nginx.conf server section :

start the nginx service
# systemctl start nginx

Enable the nginx service to start automatically when the system boots
# systemctl enable nginx

Set Reverse Proxy

Create /etc/nginx/conf.d/reverse-proxy.conf
Edit file and add entry for each webserver redirection as follows: (ex: port 1053)

and restart nginx
# systemctl restart nginx

At this stage http reverse proxy is configured and should open webpage from

Configure https

Make directory for storing certificate
# sudo mkdir /etc/ssl/private
# sudo chmod 700 /etc/ssl/private

Generate certificate (Note:Use hostname in common Name field)

Add ssl certificate in config

Following line in config redirects http request from client to https
error_page 497 https://$host:6443$request_uri;

Restart nginx
# sudo nginx -t

# systemctl restart nginx

Configure Auto webserver Authentication by NGINX

So far we see that client is sending https request to NGINX, who then forwards this request to webserver on http. As my server needs authentication, it presents a webpage to client asking username/password.

If we add "proxy_set_header Authorization" in config, nginx will include username:password in all requests to webserver. The username:password should be base64 encoded. You can use online services like https://www.base64encode.org/ to encode in base64.


Go to  https://www.base64encode.org/  and encode myuser:mypassword
we get "bXl1c2VyOm15cGFzc3dvcmQ="

Add following line in reverse-proxy.conf
proxy_set_header Authorization "Basic bXl1c2VyOm15cGFzc3dvcmQ=";

Restart nginx
# sudo nginx -t

# systemctl restart nginx

Now our NGINX reverse proxy setup is ready to handle traffic.




Suresh Hariramani

I am an IOT enthusiast with more than 20 years of experience in the IT sector. Specializing in telecom service's; follow me for some very innovative and best in class IOT products as I unfold my knowledge and passion for the subject.


Vatsal Hariramani

Just me, myself and I, exploring the universe of uknownment. I have a heart of love and interests in technology, IOT and travel . And I want to share my world with you .