Hi – I’m an nginx newbie who is looking to maybe use nginx to provide
security for an HTTP service that previously ran in a trusted
environment,
but that now needs to run on the open web.
I was thinking of having nginx listen on an arbitrary port, authenticate
requests to the service on that port, then proxy them on to the service.
I guess my first question is – is this a correct use of nginx? My
research
so far suggests that it is.
And my second question is – what is the best way to achieve this?
I thought maybe encrypting a username and password as part of the
request
(in a cookie?) and using agentzh might be an approach, but I am rather
out
of my depth, and would really appreciate any tips or references to docs
that might help we work it all out.
Or if anyone’s read a good book that covers this, that would be a very
appreciated recommendation! 
Thanks very much,
Doug.