In the plethora of the technologies, why is Nginx a must-know for developers!?
Lets say you create and deploy an application. You would typically mention ports from where your application is going to listen to requests. Like
for Node/Express backend
const port = 8000; //or process.env.PORT
server.listen(port, () => {
console.log(`Server is running on port ${port}`);
});
for dotnet backend
options.Listen(IPAddress.Any, APIConstants.WEB_PORT); // inside Program.cs while creating builder
But there would be problems if you deploy your application as it is.
Basic Overview of Nginx
Nginx is a web server software which is typically used as a Reverse Proxy. A Reverse Proxy is just another server that sits between client and your application server and forwards requests from client to your server.
(Image Credits - CloudFlare)
Unlike the above image a reverse proxy can also be on the same machine on which our code is deployed such that both the application server and Nginx server share the same hardware and OS (both being softwares). The configuration depends on design and requirements
But why use it?
1. Your Users/Clients are not going to send requests on your custom port
Web browsers send requests to port 80 (for http sites) or port 443 (for https sites) by default. So your application server should be listening to these ports.
a. Although you can run your application on the default port 80, you will require access to privileged port(ports below 1024) on a Unix like system which requires root user access. You will then need to start your Node js application as a root user which is not recommended due to security risks.
b. You can also use Port forwarding to forward requests from port 80 to the port your application is listening to. But this is not viable solution as you will see in point 2.
Solution
Nginx by default listens to port 80 and port 443. So let it accept requests from those ports and forward those requests to your custom port. This solves the problem for both you and your users.
2. Multiple Application servers or Multiple Microservices on same machine
As in the above picture, enterprise applications do not have one application instance. they have multiple: either on the same or different machines. Similarly microservices applications have more than one independent services, all running on different ports or different machines. So Which server would the user connect to??
Solution
The user only talks with the reverse proxy. Nginx then in turn chooses the server to get information from.
For Microservices it can choose from services based upon their individual domains and URL patterns.
For Multiple same application instances, Nginx acts as a Load Balancer. It can choose the server to send request to using multiple options like Round robin, lesser number of connections or IP hash.
Additionally, if one of your instances go down due to any reason, your application will still be reachable with this setup.
3. Browsers are complaining. Warning message shows the connection ain't secure!
To make the plain text http requests encrypted, we use https for requests and responses.
- Port 80 is the default port a computer or server listens to for "http" requests.
- Port 443 is the default port a server listens to for "https" requests.
For making an application use "https", we use SSL/TLS certificates. These certificates are provided to the client by the server to prove its identity.
Although your node/express or dotnet frameworks could do that, why use them for certificate validation when we can use Nginx server for it. This saves application server resources and allows its computation power for actual business functions.
Additionally it can redirect "http" requests to "https" site. so your application always communicates securely on the web.
4. Decreasing stress on the Application server
Nginx decreases the requests to an application server by reducing the amount of requests that reaches it. It does this by two ways:-
a. It has the capability to cache repeated requests. This means that the second request with same parameters can be served from Nginx in opposition to going to the application server to process and fetch information again.
b. Serving static content through Nginx is beneficial as it can do it faster than the application server. So now the website's Homepage or Landing page can be served faster. Hence reducing the wait time for clients.
5. SECURITY ALERT!! You would not want to expose your application server directly to the web
Some configurations with Nginx also allows rate limiting. You can also configure your Nginx in such a way that it acts as an API Gateway. You can also setup your application server such that it can only be accessed via the reverse proxy's IP providing additional security against unwanted hacks.
Conclusion
Nginx acting as a reverse proxy gives us a lot of flexibility, performance and security benefits.
These points reflect show how we can leverage Nginx to deploy enterprise grade applications...
Feel free to comment any doubts or questions or have a discussion regarding it. Thank you!!
Top comments (0)