Flask, a popular Python web framework, is often deployed behind a reverse proxy like Nginx for better performance, security, and scalability. This article guides you through configuring Nginx to work with Flask, ensuring your application is well-protected and can handle increased traffic.
Why Use Nginx with Flask?
Nginx is a high-performance, reliable, and secure web server that can handle thousands of simultaneous connections. When used as a reverse proxy for Flask, it provides several benefits:
- Improved performance: Nginx can serve static files and handle SSL/TLS, offloading these tasks from Flask.
- Security: Nginx can act as a firewall, protecting your Flask application from common web attacks.
- Scalability: Nginx can distribute traffic across multiple Flask instances, ensuring your application can handle increased load.
Setting Up Nginx with Flask
Before configuring Nginx, ensure you have both Nginx and Flask installed on your server. If not, install them using the following commands:

sudo apt-get update
sudo apt-get install nginx python3-pip
pip3 install flask
Once installed, create a new Flask application (app.py) and a new Nginx server block (flask.conf) as described below.
Creating a Simple Flask Application
Create a new Python file (app.py) and add the following code to create a simple Flask application:
from flask import Flask
app = Flask(__name__)
@app.route('/')
def home():
return "Hello, World!"
if __name__ == '__main__':
app.run(debug=True)
Configuring Nginx for Flask
Create a new server block (flask.conf) in the Nginx configuration directory (usually /etc/nginx/sites-available/). Add the following content to the file:

server {
listen 80;
server_name your_domain_or_IP;
location / {
proxy_pass http://127.0.0.1:5000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
Replace your_domain_or_IP with your domain name or IP address. This configuration sets up a reverse proxy, forwarding requests to your Flask application running on http://127.0.0.1:5000.
Enabling and Testing the New Nginx Server Block
Enable the new server block by creating a symbolic link from the sites-available directory to the sites-enabled directory:
sudo ln -s /etc/nginx/sites-available/flask.conf /etc/nginx/sites-enabled/
Test the Nginx configuration for any syntax errors:

sudo nginx -t
If the test is successful, reload Nginx to apply the changes:
sudo systemctl reload nginx
Securing Your Flask Application with Nginx
To enhance the security of your Flask application, you can configure Nginx to handle SSL/TLS, protect against common web attacks, and limit request rates. Here's an example of how to achieve this:
| Configuration Directive | Description |
|---|---|
| listen 443 ssl; | Listen on port 443 for SSL/TLS connections. |
| ssl_certificate /path/to/your/certificate.crt; | Path to your SSL/TLS certificate. |
| ssl_certificate_key /path/to/your/private.key; | Path to your private key. |
| add_header X-Frame-Options "SAMEORIGIN"; | Prevent clickjacking attacks by restricting framing of your site. |
| add_header X-Content-Type-Options "nosniff"; | Prevent MIME-sniffing, ensuring clients respect the Content-Type header. |
| add_header X-XSS-Protection "1; mode=block"; | Enable cross-site scripting (XSS) filter in most modern web browsers. |
| limit_req_zone $binary_remote_addr zone=oneip:10m rate=1r/s; | Limit the request rate to one request per second per IP address. |
Add these directives to your flask.conf file, and reload Nginx to apply the changes. Make sure to replace /path/to/your/certificate.crt and /path/to/your/private.key with the actual paths to your SSL/TLS certificate and private key.
Monitoring and Troubleshooting
To monitor your Flask application and Nginx server, you can use tools like top, htop, or nginx-status. To access the Nginx status page, add the following directives to your flask.conf file:
| Configuration Directive | Description |
|---|---|
| location /nginx_status { stub_status on; allow 127.0.0.1; } | Enable the Nginx status page and restrict access to the local IP address. |
After adding these directives, access the Nginx status page at http://your_domain_or_IP/nginx_status (replace your_domain_or_IP with your domain name or IP address). This page provides valuable information about the Nginx server, including the number of active connections, accepted connections, and handled requests.
In case of any issues, consult the official Nginx documentation (https://nginx.org/en/docs/) and the Flask documentation (https://flask.palletsprojects.com/en/2.0.x/) for further assistance.






















