NGINX Reverse Proxy to Legacy Website

NGINX reverse proxies can be a very powerful tool for many reasons and recently came to the rescue as I was at a loss as to how to provide access to a legacy website when launching the new one. The caveat in this case was that the legacy server is, well, old. It has many hard coded values throughout including URLs and only likes to listen on particular hostnames from time to time. Since I did not write this site and do not have access to the source code (it’s a DLL on a Windows box somewhere) I had to come up up with a solution to didn’t involve modifying the code.

Fake the DNS?

The first option I thought of was to just update the /etc/hosts file (or Windows equivalent) to point the domain name to the old server IP address when needed, but this is a bit cumbersome. Comparing data between the new and old systems – presumably the main reason you would want to see the old server – is pretty much out. Faking the DNS is a no go.

NGINX Reverse Proxy

An NGINX reverse proxy takes a request from a front-end NGINX server and passes it on to a back-end server in more traditional setup. In this situation the request is being made to the legacy server IP address and some special parameters are used to rewrite the domain information for redirects, cookies, and page content. We are also checking the port to determine if the request to the legacy server should be made via HTTP or HTTPS.

server {
        # listen on 80 and 443, ssl if the latter
        listen                          80;
        listen                          443 ssl;

        # this is the "new" url for the legacy site
        server_name           ;

        # ssl config
        ssl                             on;
        ssl_certificate                 /etc/nginx/ssl/;
        ssl_certificate_key             /etc/nginx/ssl/;

        # legacy server IP address
        set $legacy_ip;

        # proxy over which protocol?
        set $protocol http;
        if ( $server_port = 443 ){
                set $protocol https;

        # pass everything through the proxy
        location / {
                # proxy all requests to the legacy server
                proxy_pass                      $protocol://$legacy_ip;

                # set the Host header on the request
                proxy_set_header                Host "";

                # replace redirect strings
                proxy_redirect         /;
                proxy_redirect        ;

                # replace cookie domains
                proxy_cookie_domain             '' '';

                # replace page content
                sub_filter_once off;
                sub_filter                      '' '';

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *