NOTE: Templates for all the config files in this post & the video can be found at this GitHub repo. DNS CNAME records for subdomains Modifying the Configuration Below is an example in Google Domains, but it may vary depending on your DNS provider. You also need to make sure that all of your subdomains have DNS CNAME records that point to your domain name. I decided to have my I also decided to have two subdomains, and, proxied to 192.168.0.230 port 80 and 192.168.0.36 port 80, respectively, as you can see in the diagram below. This means that NginX is working properly Nginx welcome page Creating the Reverse Proxy Structureīefore we go and modify the config files, we have to decide on the structure for the reverse proxy (what backend servers will serve each subdomain). If you navigate to your server's ip address, you should now see the default NginX webpage. To install NginX, type the following commands as root or with "sudo": # apt updateĪfter installation, make sure ports 80 and 443 are allowed through the firewall by typing the following: # ufw allow 80/tcp There are many different options when it comes to reverse proxying software ( Apache, Caddy, Traefik, etc.), but I chose NginX because it's a fairly lightweight, easy to configure server that offers relatively high performance. These prerequisites include a web server accessible on the internet (with ports 80 and 443), a domain name, and some existing websites/services on your local network that we can proxy. There are a few things you need to have before setting up a reverse proxy. Another reason to use a reverse proxy is that it can perform all TLS encryption, reducing the load on the web servers. It does this by allowing you to route a second website to a subdomain and handling the requests using a backend server on your local network. Well, a reverse proxy solves these problems by allowing you to host multiple websites/services without opening any additional ports. Also, using a port other than 443 for https causes browsers to automatically reject the certificate, which can be very annoying to users. Opening up multiple ports on your network can provide attackers with a larger attack vector for your network, which can be very dangerous. On the surface, this doesn't seem like a bad idea, but it actually is. Have you ever wanted to host another website or service on the internet, but you've already used ports 80 and 443? If so, you'd probably forward another port (such as 8080) and host the service on that port. You'll learn how to reverse proxy to backend servers on the local network and how to set up multiple subdomains with SSL/TLS encryption. In this blog post, I'll show you how to install and configure the NginX web server and reverse proxy server on Ubuntu Server 20.04 LTS.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |