Reverse Proxy

Configure reverse proxies for application routing.

nginx

server { listen 80; server_name api.example.com; return 301 https://$server_name$request_uri; }

server { listen 443 ssl http2; server_name api.example.com;

ssl_certificate /etc/ssl/certs/api.crt;
ssl_certificate_key /etc/ssl/private/api.key;

location / {
    proxy_pass http://backend:8080;
    proxy_http_version 1.1;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
}

location /ws {
    proxy_pass http://backend:8080;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
}

}

Traefik

traefik.yml

entryPoints: web: address: ":80" websecure: address: ":443"

providers: docker: exposedByDefault: false

Best Practices

Implement SSL termination
Set proper headers
Configure timeouts
Enable gzip compression

reverse-proxy

Safety Notice

Copy this and send it to your AI assistant to learn

traefik.yml

Source Transparency

Related Skills

sops-encryption

linux-administration

linux-hardening