Chapter 5. Reverse Proxy Advanced Topics
As we saw in the previous chapter, a reverse proxy makes connections to the upstream servers on behalf of clients. These upstream servers, therefore, have no direct connection to the client. This is for several different reasons, such as security, scalability, and performance.
Security is enhanced via the dual-layer nature of such a setup. If an attacker were to try to get onto the upstream server directly, he would first have to find a way to get onto the reverse proxy. Connections to the client can be encrypted by running them over HTTPS. These SSL connections may be terminated on the reverse proxy, when the upstream server cannot or should not provide this functionality itself. NGINX can act as an SSL ...
Get Mastering NGINX - Second Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.