Skip to content

Setting up the proxy server

Jump to bottom
Marco Stellin edited this page Jan 4, 2017 · 1 revision

#Proxy Server Setup

nginx

NGINX (or nginx) is a lightweight web server that can be used as a proxy server or as a reverse proxy server. For the purpouse of our project, nginx is used as a proxy server in order to hide IP addresses of both the Main Server and the User.

Setup

On Debian-like system, nginx can be easily istalled using apt:

sudo apt-get install nginx

nginx is now running. We can check the status with the command:

systemctl status nginx

The output should be similar to this one:

nginx.service - A high performance web server and a reverse proxy server
        Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
        Active: active (running) since Mon 2016-04-18 16:14:00 EDT; 4min 2s ago
        Main PID: 12857 (nginx)
        CGroup: /system.slice/nginx.service
           ├─12857 nginx: master process /usr/sbin/nginx -g daemon on; master_process on
           └─12858 nginx: worker process

Depending on the installed firewall and its configuration, it's now necessary to open ports 80 (HTTP) and 443 (HTTPS). On Ubuntu, using the default firewall, we can simply give this command:

sudo ufw allow 'Nginx Full'

Hitting the browser to http://your_server_ip should give nginx welcome page, meaning that the server is working.

##Proxy configuration nginx can be easily configured as a proxy by editing /etc/nginx/nginx.conf The file should look like this (be sure to insert the correct address of the Main Server):

user www-data;
worker_processes auto;
pid /run/nginx.pid;

events {
	worker_connections 768;
	# multi_accept on;
}

stream {
    
    upstream mainserver
    {
          server main_server_address:443; 
    }

    server 
    {
        listen      443;

	proxy_pass mainserver;

    }
}

Every HTTPS request to the proxy server will now be forwarded to the main server and the the response forwarded back to the user. HTTPS packets are not decrypted before the forwarding, so the proxy can not have access to sensible information regarding the user or the main server.

  1. Problem and Solution Concept
  2. Introduction
  3. Usage Scenario
  4. What are groups?
  5. Architecture
  6. Goals and Principals
  7. Keeping Information Private
  8. User Authentication
  9. Non-Repudiation
  10. Protocol
  11. User Registration
  12. Group Server Registration
  13. Managing UOMes
  14. Other Requests
  15. Implementation
  16. Web Technologies
  17. SQL Injection
  18. Security Technologies
  19. TLS/HTTPS
  20. RSA
  21. Client application
  22. Request Formats
  23. Main/Group Server Setup
  24. Proxy Server Setup
Clone this wiki locally