Conventional websites hosted directly through the front-end without additional security protocols are often the target of unwanted DDOS and malware. On top of the security risks, scalability and load-balancing may also come into issue. But don’t fret, for we’re going to teach you how to use NGINX.
An application working as a reverse proxy server sits in front of back-end applications and forwards the client’s incoming traffic to the back-end application. Websites and applications sitting behind a reverse proxy server tend to be more secure, easily managed, and scalable.
This guide will cover the basics of installing and using NGINX Proxy Manager as a reverse proxy program to get you started.
What is NGINX Proxy Manager
By default, NGINX is already a popular web application server that can manage reverse proxies, reroute traffic, redirect it to another server, and host your web applications in general.
The NGINX Proxy Manager is a GUI-based application developed by NGINX to handle proxy-related concerns and reverse proxy-related features such as encryption and basic firewall provisioning.
Prerequisites
Before anything else, running a reverse proxy program means you need to enable certain ports when your firewall is up and running. The required ports are port 80 for HTTP, port 443 for HTTPS, and port 81 for the NGINX Proxy Manager.
To enable ports 80, 81 and 443 in your Ubuntu Machine:
$ sudo ufw allow 80
$ sudo ufw allow 81
$ sudo ufw allow 443To enable ports 80, 81 and 443 in your Centos/AlmaLinux/Rocky Linux Machine:
$ sudo firewall-cmd --permanent --add-service=http
$ sudo firewall-cmd --permanent --add-service=https
$ sudo firewall-cmd --permanent --add-port=81/tcp
$ sudo firewall-cmd --reloadAnother equally important prerequisite is Docker. The NGINX Proxy Manager program was developed through Docker. Installation through Docker has become a go-to since it already has all the necessary dependencies configured through the YAML file.
You can find out more on how to install Docker in this tutorial.
How to Install NGINX Proxy Manager
Installing the NGINX Proxy Manager should be a straightforward task. After installing Docker, we also need to prepare the directories and the YAML configuration file.
Installing through Docker
On your home directory, create the following folders by issuing the command:
$ mkdir -p nginx/{data,ssl}
This will create the folder NGINX, and inside, the folders data and ssl.
Next, create the following YAML file inside the NGINX folder. This will serve as your main configuration script for the NGINX Proxy Manager. You can change certain variables but make sure to take note of your changes.
$ cd nginx$ vim docker-compose.ymlInsert the following code. Make sure you edit the values associated with names or passwords to make it more secure and manageable.
version: "3"
services:
npm-app:
image: 'jc21/nginx-proxy-manager:latest'
container_name: nginx-proxy
restart: unless-stopped
ports:
- '80:80' # HTTP Port
- '443:443' # HTTPS Port
- '81:81' # NGINX admin port
environment:
DB_MYSQL_HOST: "npm-db"
DB_MYSQL_PORT: 3306
DB_MYSQL_USER: "distroid"
DB_MYSQL_PASSWORD: "distroid"
DB_MYSQL_NAME: "npm"
volumes:
- ./data:/data
- ./ssl:/etc/letsencrypt
depends_on:
- npm-db
networks:
- npm-external
- npm-internal
npm-db:
image: 'mariadb:latest'
container_name: u-proxy-db
restart: unless-stopped
environment:
MYSQL_ROOT_PASSWORD: 'distroid'
MYSQL_DATABASE: 'npm'
MYSQL_USER: 'distroid'
MYSQL_PASSWORD: ‘distroid’
volumes:
- ./data/mysql:/var/lib/mysql
networks:
- npm-internal
networks:
npm-internal:
npm-external:
external: true
Once you’re done making the YAML script, initiate the NGINX proxy network by issuing the command:
$ sudo docker network create npm-externalThen, launch the Docker container by executing:
$ sudo docker-compose up -d
Check for running Docker containers:
Accessing the NGINX Proxy Manager web interface
After successfully installing NGINX proxy manager, open your web browser and type in the IP Address of your server plus port 81 as your admin port.
The default credentials used to sign in to the web interface are:
“[email protected]” for the email address and “changeme” for the password
Update the following parameters:
Once you’ve completed updating your credentials, you will be redirected to the homepage.
How to use NGINX Proxy Manager
To start things of, familiarize yourself with the NGINX Proxy Manager. Click the following button to see a list of options you can set with the app.
NGINX Proxy Manager Features
The official NGINX Proxy Manager site had listed down some of the features the app can deliver. Among these are:
- A simple yet artistic admin interface based on Tabler
- Capabilities inherent in NGINX such as port forwarding, domain redirects, and 404 applications.
- Free SSL through Let’s Encrypt or the ability to integrate your own SSL certificate.
- Access Lists control
- Advance user management systems and log audits
Using NGINX Proxy Manager as a Reverse Proxy server
In this example, we’ve created a sample webpage using Drupal. There are lots of tutorials on how to set up Drupal, and if you have a Digital Ocean server and want to start your own website, you can visit the tutorial page here.
After installing Drupal as a container through Docker, add the following details to enable a reverse proxy application. You can customize your domain name on how you would like it to appear as a domain. The port we’ve used to start Drupal is port 3000.
In the same window, you can also add an SSL certificate through Lets Encrypt. However, you can also add certificates on NPM’s dedicated tab.
Once you’ve added all the necessary details, you will have something similar to this:
The status of your reverse proxy should be ‘Online’ meaning the NGINX Proxy Manager is able to access the site.
Open a new tab and type the domain name you’ve entered on the address bar. This should redirect you to the drupal landing page.
Adding SSL Certificates
You can also add SSL certificates by clicking the following icons on the NGINX Proxy Manager page.
Specify the domain name, and the email address and agree to use the Let’s Encrypt Terms of Service if you opt to use the Let’s Encrypt certificates.
Final Thoughts
The NGINX Proxy Manager is a neat and handy graphical tool that lets you organize reverse proxy setups while managing your website’s security. It has been developed as a free and open-source tool for a straightforward way of accomplishing reverse proxy of hosts with integrated SSL termination.
If you’ve enjoyed the simplicity of this app, feel free to buy the creator a coffee here.
If this guide helped you, please share it. ?
