Skip to main content

Reverse proxy

When to use a reverse proxy

There are multiple reasons to use a reverse proxy and if you have a specific reason you will most likely know why you're using a reverse proxy. In general though the most common reason is simply because MistServer is running next to a webserver that already uses the common HTTP and HTTPS ports.

Using a reverse proxy allows MistServer to piggyback on the webserver configurations and gives you a single point to update/change whenever you want your HTTP or HTTPS settings to change. So it is convenient, however it does come at a very slight efficiency loss. Instead of once, output data needs to be moved four times and any reuse connection attempts of MistServer will most likely fail.

Once configured MistServer will be running on your standard HTTP and HTTPS ports, but with specific location like http://example.com/mistserver/.

Things to keep in mind

  • If you are using a different HTTP port for MistServer replace any 8080 with the port number you use for HTTP within MistServer

  • If you would like to change the url pathing to something else than /mistserver/ http://example/mistserver/ change the /mistserver/ part to whatever you want.

  • If you see example.com you are supposed to fill in your server address

  • If your webserver is using non-default ports for HTTP (80) and HTTPS (443) then MistServer will be available on those non-default ports.

Configure your web server

You will need to add the proxy forward within your web server configurations. We'll provide examples below, if your preferred web server isn't covered you will want to look up how it's done yourself. Of course you can always try and contact us for help.

While there is no particular advantage to setting up multiple forwards to MistServer there is no limitation either.

Add the following to your configuration's server block, or nested into your website's location block:


location /mistserver/ {
proxy_pass http://localhost:8080/;
proxy_set_header X-Real-IP $remote_addr;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_read_timeout 600s;
proxy_set_header Host $host;
proxy_set_header X-Mst-Path "$scheme://$host/mistserver";
}


Configure MistServer

MistServer also outputs information about its streams, including the various urls under which the stream can be accessed. However, if reverse proxying is being used, these urls cannot be accessed externally. That can be fixed by configuring the "Public address"-setting of the HTTP protocol through the MistServer Management Interface.

While this step could be skipped if you're using Apache or Nginx we would still recommend setting it up. The MistServer interface has no way of knowing it is also available over any address within the reverse proxy. The public address is meant to be used so the interface does know and can properly use them in both the preview and embed panels.

image of public address being set up

You should now also be able to watch your stream at http://example.com/mistserver/STREAMNAME.html.

Enabling SSL within your web server

For Apache and Nginx all you need to do is enable SSL support within Nginx or Apache and you are done. Requests over HTTPS are automatically forwarded over HTTPS thanks to X-Mst-Path.

For Lighttpd You will need to enable SSL and you will also need to include the HTTPS address in the public url like in the example above.

Edit your web pages

Lastly, the urls with which streams are embedded on your webpage will need to be updated. If you are using MistServer's embed code, update any urls. There are only two places that need changing, it's the bits with STREAMNAME.html and player.js. If you have set a public address the embed code will use this address as well. Though only the first filled in public address will be used by the embed code MistServer will assume it is available on all filled in addresses.

    <div class="mistvideo" id="nVyzrqZSm7PJ">
<noscript>
<a href="//example.com/mistserver/STREAMNAME.html" target="_blank">
Click here to play this video
</a>
</noscript>
<script>
var a = function(){
mistPlay("STREAMNAME",{
target: document.getElementById("nVyzrqZSm7PJ")
});
};
if (!window.mistplayers) {
var p = document.createElement("script");
p.src = "//example.com/mistserver/player.js"
document.head.appendChild(p);
p.onload = a;
}
else { a(); }
</script>
</div>

We're using //example.com/mistserver/ here as for both HTTP and HTTPS the default ports are used. This setup allows us to use this embed code for both HTTP and HTTPS pages as it will adapt to the scheme used by the viewer. Note that we're talking about the ports the proxy forward is using, not the HTTP or HTTPS ports setup within MistServer.

If the proxy is using non-default HTTP or HTTPS ports you would have to use the full addres + port in the url, for example if HTTPS was running on 4433: https://example.com:4433/mistserver/.

Your website should now access MistServer through the reversed proxy. For both HTTP and HTTPS.

API over HTTPS

Currently there is no native support for the API over HTTPS. In order to achieve this you will need to use a reverse proxy. Examples on how to do this are added below. Since you can only point to a location once we'll be using /mistinterface/

Add the following to your configuration's server block, or nested into your website's location block:


location /mistinterface/ {
proxy_pass http://localhost:4242/;
proxy_set_header X-Real-IP $remote_addr;
proxy_buffering off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_read_timeout 600s;
proxy_set_header Host $host;
}