Week 2 Day 3: Reverse Proxies - Protecting the Backend

23 September 2025 / 1 min read

Directly exposing your Node.js or Python app to 0.0.0.0 is risky and inefficient. Instead, we put a Reverse Proxy in front.

Forward Proxy vs Reverse Proxy

Forward Proxy: Protects the Client. (VPN, School/Office firewall). “I want to access Google anonymously.”
Reverse Proxy: Protects the Server. “I want to protect my backend from the internet.”

Why use a Reverse Proxy? (Nginx)

Security: Hide implementation details. The internet only sees Nginx.
SSL Termination: Nginx handles the heavy encryption/decryption (HTTPS). Your app speaks plain HTTP internally (faster).
Caching: Nginx can cache static files (CSS, Images) so your app doesn’t have to serve them.
Load Balancing: Yes, Nginx is also a load balancer!

Configuration Example (Nginx)

server {
    listen 80;
    server_name myapp.com;

    location / {
        proxy_pass http://localhost:3000; # Forward to Node App
        proxy_set_header Host $host;
    }
    
    location /static/ {
        root /var/www/html; # Serve files directly
    }
}

Tomorrow: CDNs - Making your site fast for users in Australia! 🦘

Next Step

Next: Cdns →