Welcome! Log In Create A New Profile

Advanced

Nginx reverse proxy

Posted by aminbaik 
Nginx reverse proxy
January 01, 2018 08:33PM
Hello,
I am tried to configure my nginx that is installed on Ubuntu 16.10
I have the following infrastructure

wan
|
nginx reverse proxy with domain ssl.example.com
|
web server http.example.com


the http.example.com is point to ssl.example.com ip address

when the client open http://http.example.com it should be redirect to https://http.example.com directly
the client will establish ssl with my reverse proxy ssl.example.com "I already have installed lets encrypt cert"
my reverse proxy should be request the http.example.com -with no ssl -

it's like a cloud flare.

so what the configuration I should be do it ?
also how I can load balance to too web server that is in back of reverse proxy.
thanks.
Re: Nginx reverse proxy
January 11, 2018 03:22AM
hi aminbaik ,

you can use the following example and fill the values in <>

server {
listen 80;
server_name example.com;
return 301 https://$server_name$request_uri;
}

server {
listen 443 ssl;

server_name example.com;
error_log /var/log/nginx/example.com.error.log warn;
access_log /var/log/nginx/example.com.access.log warn;
ssl on;
ssl_certificate /etc/nginx/ssl/<yourkeys>.crt;
ssl_certificate_key /etc/nginx/ssl/<yourkeys>.key;
ssl_session_timeout 5m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;

location / {
proxy_pass http://<actualwebserverip>;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_cache_key backend$request_uri;
proxy_cache_valid 200 301 302 20m;
proxy_cache_valid 404 1m;
proxy_cache_valid any 15m;
proxy_cache_use_stale error timeout invalid_header updating;

}
}


hope this helps ! best of luck
Re: Nginx reverse proxy
January 11, 2018 08:26AM
Hello,
it's not working because the nginx domain is example.com and the domain is point to this reverse proxy is reverdoamin.com
so I always get certificate error.
I want to have something like cloud flare service.
thanks.
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 138
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready