When working with Nginx reverse proxy configurations, a common requirement is routing different subdomains to various backend servers with different IP addresses and ports. Here's a typical setup:
- Main domain: domain.com (IP: y.y.y.y, Port: 80)
- Subdomains needing proxy:
- admin.domain.com → x.x.x.x:3434
- user.domain.com → x.x.x.x:3435
- vendor.domain.com → x.x.x.x:3436
Here's the core configuration you'll need in your nginx.conf or a separate config file under /etc/nginx/sites-available/:
server {
listen 80;
server_name admin.domain.com;
location / {
proxy_pass http://x.x.x.x:3434;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 80;
server_name user.domain.com;
location / {
proxy_pass http://x.x.x.x:3435;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 80;
server_name vendor.domain.com;
location / {
proxy_pass http://x.x.x.x:3436;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}For production environments, consider these additional parameters:
server {
# ... previous configuration ...
location / {
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_read_timeout 3600s;
# Buffer and timeout settings
proxy_buffering on;
proxy_buffer_size 16k;
proxy_buffers 4 32k;
proxy_connect_timeout 600;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
}For secure connections, add SSL configuration:
server {
listen 443 ssl;
server_name admin.domain.com;
ssl_certificate /path/to/cert.pem;
ssl_certificate_key /path/to/key.pem;
location / {
proxy_pass http://x.x.x.x:3434;
# ... other proxy settings ...
}
}After making changes, always:
- Test configuration:
sudo nginx -t - Reload Nginx:
sudo systemctl reload nginx - Check logs:
tail -f /var/log/nginx/error.log
Common issues to check:
- DNS records for subdomains pointing to correct IP
- Firewall rules allowing traffic to backend ports
- Backend services listening on expected ports
For high-traffic scenarios, consider:
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=my_cache:10m inactive=60m;
server {
# ... previous configuration ...
location / {
proxy_cache my_cache;
proxy_cache_valid 200 302 10m;
proxy_cache_valid 404 1m;
proxy_cache_use_stale error timeout updating;
}
}When setting up Nginx as a reverse proxy, a common requirement is routing different subdomains to distinct backend services. Here's the typical configuration pattern:server { listen 80; server_name admin.domain.com; location / { proxy_pass http://x.x.x.x:3434; } }For your specific case with three subdomains, here's the complete configuration:# /etc/nginx/sites-available/domain.com # Admin Dashboard Service server { listen 80; server_name admin.domain.com; location / { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_pass http://x.x.x.x:3434; } } # User Portal Service server { listen 80; server_name user.domain.com; location / { proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_pass http://x.x.x.x:3435; } } # Vendor API Service server { listen 80; server_name vendor.domain.com; location / { proxy_set_header Host $host; proxy_set_header X-Forwarded-Proto $scheme; proxy_pass http://x.x.x.x:3436; } }Don't forget these critical proxy headers that maintain original request information:
- Host: Preserves the original hostname
- X-Real-IP: Passes client's real IP
- X-Forwarded-For: Tracks request path
sudo nginx -t # Test configuration
sudo systemctl reload nginx # Apply changes
For HTTPS support, add SSL configuration:
server {
listen 443 ssl;
server_name admin.domain.com;
ssl_certificate /path/to/cert.pem;
ssl_certificate_key /path/to/key.pem;
location / {
proxy_pass http://x.x.x.x:3434;
}
}
- DNS records not properly configured for subdomains
- Firewall blocking traffic between servers
- Missing proxy headers causing backend issues