How to use Nginx as a HTTP/HTTPS proxy server?
Solution 1:
After some testings, I've found working for me the following configuration.
server {
server_name ~^(www\.)?(?<domain>.+)$;
access_log /var/log/nginx/proxy.access.log main;
error_log /var/log/nginx/proxy.error.log crit;
listen 10.255.1.13:8080;
resolver 8.8.8.8;
location / {
proxy_pass http://$domain;
proxy_redirect off;
proxy_set_header Host $host;
# Optional headers
# proxy_set_header X-Real-IP $remote_addr;
# proxy_set_header X-Forwarded-For
# $proxy_add_x_forwarded_for;
}
}
This configuration works only for HTTP, not for HTTPS.
Solution 2:
i think the short answer is no, it was not written for forward proxying
UPDATE
to clarify my statement above:
NGINX was never written with forward proxying in mind - while its remotely possible to somehow jerry rig the config to do what you want it to do you will have to understand the following limitations:
- Cache support almost non-existant (one of the main reasons for using a proxy)
- Cant use for anything other than port 80 traffic (ie no logging into cpanel boxes through it)
- No support for SSL based traffic
- No support for standard proxy headers and http cache headers (my understanding is that these just get passed through
- No support for other protocols that support proxy servers - eg VPN etc
Possible other considerations that are unknown at this time:
- Possible to DoS your proxy as no real ability to fine grained access control/authentication (nginx has support for differing methods of access control but its unclear how this might behave in the forward proxy context)
- Possible security risks to the machine that nginx is installed on because there might be possible security holes not considered because of using in an manner it wasnt designed to run
Solution 3:
If you want to use an HTTP/HTTPS proxy, you should use Squid. It was written to do exactly that. Nginx was written to act as a reverse proxy and load balancer, but not a forward proxy.