Setup HTTP proxy in NGINX

Proxy:

Proxy as well as proxy server is a computer network which sits between user and internet. When user requests for a website, proxy server intercepts each request and return the request through proxy server. In that way, you are hiding your identity from the whole world because by using proxy, you are actually hiding your real IP address.

 

Using proxy in nginx web server:

Nginx is a powerful web server. You can use nginx web server as forward proxy.  Most importantly, you have your own proxy server!! We are going to use Debian 6 32 bit VPS for setting up proxy server because it can handle more request at a time.

Configuration:

1. Install "nginx" webserver in your VPS (if you didn't install it already).

sudo apt-get install nginx-full

2. Browser to the available site

cd /etc/nginx/sites-available

3. Create an empty file here

touch myproxy

Here, you can give any name instead of myproxy

4. Edit this file & add the following lines

server {
listen 8080;
          location / {
          resolver 8.8.8.8;
          proxy_pass http://$http_host$uri$is_args$args;
                      }
           }

You can use any port instead of 8080 as listen port (like: 1212, 2121, 3113, 1337 etc). Also, we are using 8.8.8.8 as Google DNS server. You can use other public DNS server if you want. Save this file and exit from editor.

5. Create a softlink for newly created file

ln -s /etc/nginx/sites-available/myproxy

6. Restart the nginx server to take effect

sudo service nginx restart

Server side configuration is done.

Protecting your proxy server from being abused:

You can protect your proxy server from being abused. There are two ways to do that.

Number one is specifying a definite IP address which is your IP address and the other way is to select a secret listen port.

If you want to setup a definite IP address, simply add the following two lines just below the "proxy_pass http://$http_host$uri$is_args$args;" line.

allow <your-ip-here>;
deny all;

So the complete code will be

server {
listen 8080;

location / {
resolver 8.8.8.8;
proxy_pass http://$http_host$uri$is_args$args;
allow <your-ip-here>; 
deny all; 
                 } 
}

These two lines will block the all incoming request to this proxy server except from your IP. What will happen if you wanted to use this server and you are outside from your network? You can not use this proxy server if you are beyond your IP. In this case, second way is way better.

Second way is quite simple. Just choose a secret listen port which is not easy to guess and do not share this port to anywhere. Now use this port to bypass all the request through network.

Client side configuration:

You can check this tutorial to know how to change proxy setting in your browser. http://www.wikihow.com/Change-Proxy-Settings

Extra notes:

* You can't browse SSL enabled sites (HTTPS) with this proxy server.

* If you are using single configuration file for all of your sites then you don't need to create a new file (step 3). Simply put server block code in your nginx.conf configuration file and restart your server. You are good to go.

* If you have already installed nginx along with webmin, then you can easily setup proxy server from webmin without following steps 1,2 and 3. I hope you'll figured it out how.