Menu
I'm writing a web app in Go. Currently I have a layout that looks like this:
[CloudFlare] --> [Nginx] --> [Program]
Nginx does the following:
www.domain.tld --> domain.tld)X-Frame-Options.access.log.In the past I would use Nginx as it performed SSL termination and some other tasks. Since that's now handled by CloudFlare, all it does, essentially, is static images. Given that Go has a built in HTTP FileServer and CloudFlare could take over handling static images for me, I started to wonder why Nginx is in-front in the first place.
Is it considered a bad idea to put nothing in-front?
322
Reverse proxies help to keep web traffic flowing – seamlessly. Along with improving server efficiency and ease of maintenance, they also provide an important layer of additional cybersecurity. Using a reverse proxy is also a great way for businesses to consolidate their internet presence.
Drawbacks of reverse proxy systemsIt can be frustrating to troubleshoot setups and ensure that everything is working as it should. Reverse proxy servers aren't immune to hackers either. Some hackers exploit vulnerabilities in the systems, and they take over a company's servers.
A reverse proxy is a server that sits in front of web servers and forwards client (e.g. web browser) requests to those web servers. Reverse proxies are typically implemented to help increase security, performance, and reliability.
The Most Popular Reverse Proxies. 1 Nginx. Nginx is an open source web server that can also serve as a reverse proxy. Apart from being used to host websites, it’s also one of the most ... 2 Varnish. 3 Apache Traffic Server. 4 HAProxy.
Thus, if any malicious party can compromise your reverse proxy, they can log passwords and inject malware into your websites. If you or your users can’t access your main server directly, then using a reverse proxy can lead to a single point of failure.
We’ll install and configure Nginx as a reverse proxy on the main server. To begin, access your server’s terminal via SSH. Then use the apt-get command to update your distribution’s packages list and install Nginx on your web server. Next, you need to configure Nginx to proxy requests for domains hosted on Apache.
The ProxyPass directive will create a reverse proxy for the paths specified, while the ProxyPassReverse directive will intercept the HTTP response headers sent through this reverse proxy and rewrite them to match the Apache server.
In your case, you can possibly get away with not running nginx, but I wouldn't recommend it.
However, as I touched on in this answer there's still a lot it can do that you'll need to "reinvent" in Go.
Running Go standalone makes sense if you are running an internal web service or something lightweight, or genuinely don't need the extra features of nginx. If you're building web applications then nginx is going to help abstract "web server" tasks from the application itself.
160
I wouldn't use nginx at all to be honest, some nice dude tested fast cgi go + nginx and just go standalone library. The results he came up with were quite interesting, the standalone hosting seemed to be much better in handling requests than using it behind nginx, and the final recommendation was that if you don't need specific features of nginx don't use it. full article
You could run it as standalone and if you're using partial/full ssl on your site you could use another go http server to redirect to safe https routes.
32
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
