how to use nginx 1

How to Use NGINX Proxy Manager

Conventional websites hosted directly through the front-end without additional security protocols are often the target of unwanted DDOS and malware. On top of the security risks, scalability and load-balancing may also come into issue. But don’t fret, for we’re going to teach you how to use NGINX.

An application working as a reverse proxy server sits in front of back-end applications and forwards the client’s incoming traffic to the back-end application. Websites and applications sitting behind a reverse proxy server tend to be more secure, easily managed, and scalable.

This guide will cover the basics of installing and using NGINX Proxy Manager as a reverse proxy program to get you started. 

What is NGINX Proxy Manager

By default, NGINX is already a popular web application server that can manage reverse proxies, reroute traffic, redirect it to another server, and host your web applications in general.

The NGINX Proxy Manager is a GUI-based application developed by NGINX to handle proxy-related concerns and reverse proxy-related features such as encryption and basic firewall provisioning.

Prerequisites

Before anything else, running a reverse proxy program means you need to enable certain ports when your firewall is up and running. The required ports are port 80 for HTTP, port 443 for HTTPS, and port 81 for the NGINX Proxy Manager.

To enable ports 80, 81 and 443 in your Ubuntu Machine:

$ sudo ufw allow 80
$ sudo ufw allow 81
$ sudo ufw allow 443

To enable ports 80, 81 and 443 in your Centos/AlmaLinux/Rocky Linux Machine:

$ sudo firewall-cmd --permanent --add-service=http
$ sudo firewall-cmd --permanent --add-service=https
$ sudo firewall-cmd --permanent --add-port=81/tcp
$ sudo firewall-cmd --reload

Another equally important prerequisite is Docker. The NGINX Proxy Manager program was developed through Docker. Installation through Docker has become a go-to since it already has all the necessary dependencies configured through the YAML file. 

You can find out more on how to install Docker in this tutorial.

How to Install NGINX Proxy Manager

Installing the NGINX Proxy Manager should be a straightforward task. After installing Docker, we also need to prepare the directories and the YAML configuration file.

Installing through Docker

On your home directory, create the following folders by issuing the command:

$ mkdir -p nginx/{data,ssl}
mkdir nginx

This will create the folder NGINX, and inside, the folders data and ssl. 

Next, create the following YAML file inside the NGINX folder. This will serve as your main configuration script for the NGINX Proxy Manager. You can change certain variables but make sure to take note of your changes.

$ cd nginx
$ vim docker-compose.yml

Insert the following code. Make sure you edit the values associated with names or passwords to make it more secure and manageable.

version: "3"
services:
  npm-app:
    image: 'jc21/nginx-proxy-manager:latest'
    container_name: nginx-proxy
    restart: unless-stopped
    ports:
      - '80:80' # HTTP Port
      - '443:443' # HTTPS Port
      - '81:81' # NGINX admin port
  
    environment:
      DB_MYSQL_HOST: "npm-db"
      DB_MYSQL_PORT: 3306
      DB_MYSQL_USER: "distroid"
      DB_MYSQL_PASSWORD: "distroid"
      DB_MYSQL_NAME: "npm"
  
    volumes:
      - ./data:/data
      - ./ssl:/etc/letsencrypt
    depends_on:
      - npm-db
    networks:
      - npm-external
      - npm-internal

  npm-db:
    image: 'mariadb:latest'
    container_name: u-proxy-db
    restart: unless-stopped
    environment:
      MYSQL_ROOT_PASSWORD: 'distroid'
      MYSQL_DATABASE: 'npm'
      MYSQL_USER: 'distroid'
      MYSQL_PASSWORD: ‘distroid’
    volumes:
      - ./data/mysql:/var/lib/mysql
    networks:
      - npm-internal

networks:
  npm-internal:
  npm-external:
    external: true

Once you’re done making the YAML script, initiate the NGINX proxy network by issuing the command:

$ sudo docker network create npm-external

Then, launch the Docker container by executing:

$ sudo docker-compose up -d
docker-compose

Check for running Docker containers:

docker ps

Accessing the NGINX Proxy Manager web interface

After successfully installing NGINX proxy manager, open your web browser and type in the IP Address of your server plus port 81 as your admin port.

nginx login page

The default credentials used to sign in to the web interface are:

[email protected]” for the email address and “changeme” for the password

Update the following parameters:

how to change user
how to change pw

Once you’ve completed updating your credentials, you will be redirected to the homepage.

landing page

How to use NGINX Proxy Manager

To start things of, familiarize yourself with the NGINX Proxy Manager. Click the following button to see a list of options you can set with the app.

features

NGINX Proxy Manager Features

The official NGINX Proxy Manager site had listed down some of the features the app can deliver. Among these are:

  • A simple yet artistic admin interface based on Tabler
  • Capabilities inherent in NGINX such as port forwarding, domain redirects, and 404 applications.
  • Free SSL through Let’s Encrypt or the ability to integrate your own SSL certificate.
  • Access Lists control 
  • Advance user management systems and log audits

Using NGINX Proxy Manager as a Reverse Proxy server

In this example, we’ve created a sample webpage using Drupal. There are lots of tutorials on how to set up Drupal, and if you have a Digital Ocean server and want to start your own website, you can visit the tutorial page here.

After installing Drupal as a container through Docker, add the following details to enable a reverse proxy application. You can customize your domain name on how you would like it to appear as a domain. The port we’ve used to start Drupal is port 3000. 

nginx proxy host

In the same window, you can also add an SSL certificate through Lets Encrypt. However, you can also add certificates on NPM’s dedicated tab.

adding ssl cert

Once you’ve added all the necessary details, you will have something similar to this:

nginx verview

The status of your reverse proxy should be ‘Online’ meaning the NGINX Proxy Manager is able to access the site.

Open a new tab and type the domain name you’ve entered on the address bar. This should redirect you to the drupal landing page.

drupal

Adding SSL Certificates

You can also add SSL certificates by clicking the following icons on the NGINX Proxy Manager page.

nginx SSL Cert
SSL Let's Encrypt

Specify the domain name, and the email address and agree to use the Let’s Encrypt Terms of Service if you opt to use the Let’s Encrypt certificates.

Final Thoughts

The NGINX Proxy Manager is a neat and handy graphical tool that lets you organize reverse proxy setups while managing your website’s security. It has been developed as a free and open-source tool for a straightforward way of accomplishing reverse proxy of hosts with integrated SSL termination.

If you’ve enjoyed the simplicity of this app, feel free to buy the creator a coffee here.

If this guide helped you, please share it. ?

Leave a Reply
Related Posts