Is reverse-proxy needed at the origin servers after setting up Cloudflare?

My setup at the origin is,

  1. NGINX reverse proxy
  2. NodeJS
  3. Other Java servers
  4. Databases

Now I have added Cloudflare reverse-proxy, is NGINX really required? Is it safe or okay to remove, nginx and connect to nodejs frontend servers directly?

At present, NGINX helps with,

  1. SSL termination - needed for Full (Strict) (Nodejs also does it.)
  2. Proxy pass and load balance to nginx servers (I could enable Cloudflare loadbalancing)
  3. Serve static content. (NodeJS still serves it, used during development. With Cloudflare caching, NGINX seems less relevant.)

What do others do? Do you still keep NGINX reverse proxy after setting up Cloudflare?

If each NodeJS instance has a public IP… it’s not strictly required I suppose. We certainly have customers running in that type of setup. If you’re not using nginx for anything other than simple proxy to the individual NodeJS instances it is probably a pretty simple change. Additional intelligence can be added using LB (for intelligent failover) or workers for fancier routing choices.

I also have a customer deploying tunnels with their application servers; dropping their current LB for Cloudflare’s. That is also an option. :smiley:

Thanks. For now, I’ll continue to use nginx.

This topic was automatically closed after 14 days. New replies are no longer allowed.