Hi folks! I recently just decided to host my own personal website on a cloud virtual machine. I've experimented a lot of things from doing it and now I'm more than excited to share some of my experiences. This article shows how I configured a reverse proxy and SSL encryption using Nginx.
What is a reverse proxy?
It's literally another server that sits in front of our website server. That said, whenever a request comes from a client to our website server, it will be intercepted by the reverse proxy server.
Why do we even need one?
There are, of course, advantages of using a reverse proxy.
Load balancing
Protection from attacks
SSL Encryption
Caching
Setting up project
Key technologies used
- Virtual Machine - A running virtual machine instance. There are many virtual machines available for rent such as Amazon EC2, Google Compute Engine, Azure Virtual Machine, etc.
- Domain Name - A registered domain name. Domain registrars like Namecheap, Google Domains, and GoDaddy provide and let us manage domain names.
- Web Application - A server application. View code example on github here.
- Nginx - Open source software that's often used for web serving and reverse proxying.
How it works
Configuring Nginx as a reverse proxy
- Install Nginx and make sure it runs successfully.
$ sudo apt update$ sudo apt install nginx$ sudo service nginx status - Edit server configuration file in /etc/nginx/sites-available/.
$ sudo nano /etc/nginx/sites-available/wildanazz.com
- Make sure that there are no syntax errors in the server configuration file.
$ sudo nginx -t - Enable the server configuration file by creating a link from sites-available directory to sites-enabled directory.
$ sudo rm link /etc/nginx/sites-enabled/default$ sudo ln -s /etc/nginx/sites-available/wildanazz.com /etc/nginx/sites-enabled/wildanazz.com
Testing application
- Clone a demo server application.
$ git clone https://github.com/wildanazz/demo-web-application.git - Run it.
$ sudo apt install nodejs && sudo npm install yarn -g$ cd demo$ yarn --frozen-lockfile && yarn start - Copy and enter the ip address of the running virtual machine in a browser.
Installing SSL/TLS certificate
Before installing SSL/TLS certificate, the registered domain name needs to be pointing to the running virtual machine.
- Install Certbot to obtain a free SSL certificate.
$ sudo snap install --classic certbot - Run this code to let Certbot edit Nginx configuration automatically.
$ sudo certbot --nginx - Certbot can also renew the certificate automatically before it expires by running this code.
$ sudo certbot renew --dry-run
Summary
In this article, I discussed how I set up Nginx reverse proxy server and added a SSL certificate for my website from the ground up. If you decide to host your own website on a virtual machine, I highly recommend you to utilize a reverse proxy server. If you have found something I could improve or that you would have done differently? Let me know in the comments.
Top comments (0)