⚒️Reverse proxy with ssl and NGINX

Installation

  1. Install tools for using the Let's Encrypt certificates using Certbot

  sudo apt-get update \
  sudo apt-get install software-properties-common
  sudo add-apt-repository ppa:certbot/certbot
  sudo apt-get update
  sudo apt-get install python-certbot-nginx

  1. Configure your domain DNS to point to your droplet's IP

  2. Run Certbot to create the SSL certificate

sudo certbot --nginx certonly

Setup Nginx with SSL

  1. Install Nginx

sudo apt-get install nginx

  1. Configure the server to use SSL

# Open the following file
sudo vim /etc/nginx/sites-enabled/default

#paste the following below and set to your website
server {
    server_name example.com;
    listen 443 ssl;
    listen [::]:443 ssl;
   
    ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem ;
    ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem ;

    include snippets/ssl-params.conf;

   location / {
        proxy_buffers           32 4m;
	proxy_busy_buffers_size     25m;
	proxy_buffer_size 512k;
	proxy_ignore_headers "Cache-Control" "Expires";
	proxy_max_temp_file_size 0;
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	client_max_body_size        1024m;
	client_body_buffer_size     4m;
	proxy_intercept_errors off;
        proxy_pass http://localhost:36657;
	proxy_http_version 1.1;
    	proxy_set_header Upgrade $http_upgrade;
	
	##bypass timeout
		proxy_connect_timeout       300;
		proxy_send_timeout          300;
		proxy_read_timeout          300;
		send_timeout                300;
		proxy_set_header Connection "";

    }
}

  1. Test your conf

sudo nginx -t
> nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
> nginx: configuration file /etc/nginx/nginx.conf test is successful

  1. Start Nginx

sudo systemctl start nginx
PreviousTutorial

Last updated