# How to configure NGINX Reverse Proxy with SSL? This guide walks through the steps to install and configure NGINX as a reverse proxy on an Ubuntu server, including setting up SSL using Certbot. This is useful for forwarding incoming requests to internal applications while securing communication with HTTPS. {% stepper %} {% step %} ### Install NGINX Install the NGINX web server using APT: ```bash apt install nginx ``` This installs NGINX, which will act as the reverse proxy. {% endstep %} {% step %} ### Check Network Information Run the following command to view the server's IP addresses: ```bash ip a ``` This helps you identify which IP address to use for accessing the server. {% endstep %} {% step %} ### Install Net-tools Install the net-tools package to get access to legacy tools like netstat: ```bash apt install net-tools ``` {% endstep %} {% step %} ### View Listening Ports Use netstat to view active listening ports and services. Make sure port numbers 80 and 443 are open in your security group to allow traffic. ```bash netstat-tulnp ``` {% endstep %} {% step %} ### Install Certbot Install Certbot using Snap to enable SSL certificate generation: ```bash snap install --classic certbot ``` Link Certbot to /usr/bin for ease of use: ```bash ln-s /snap/bin/certbot /usr/bin/certbot ``` {% endstep %} {% step %} ### Generate SSL Certificates Run Certbot to configure SSL for NGINX automatically: ```bash certbot--nginx ``` {% endstep %} {% step %} ### Configure NGINX Sites Navigate to the NGINX configuration directory: ```bash cd/etc/nginx/sites-available/ ``` Edit or create a reverse proxy configuration file: ``` nano reverse-proxy ``` For example: ```nginx server { listen 443; server_name nignx-poc-test.theacecloud.com; error_log /var/log/nginx/access.log; ssl on; ssl_certificate /etc/letsencrypt/live/nignx-poc-test.theacecloud.com/fullchain.pem; # managed by Certbot ssl_certificate_key /etc/letsencrypt/live/nignx-poc-test.theacecloud.com/privkey.pem; # managed by Certbot include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # don’t use SSLv3 ref: POODLE location / { proxy_pass https://www.google.com/; (Your webpage address) proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forward-For $proxy_add_x_forwarded_for; proxy_set_header X-Forward-Proto http; proxy_set_header X-Nginx-Proxy true; proxy_redirect off; } } ``` You can also modify the default configuration if necessary: ```bash nano default ``` {% endstep %} {% step %} ### Enable Reverse Proxy Configuration Enable the site by creating a symbolic link in the sites-enabled directory: ```bash ln -s /etc/nginx/sites-available/reverse-proxy /etc/nginx/sites-enabled/ ``` {% endstep %} {% step %} ### Remove Default Site (Optional) Navigate to the sites-enabled directory and remove the default config if desired: ```bash rm -r /etc/nginx/sites-enabled/default ``` {% endstep %} {% step %} ### Test NGINX Configuration Run the following command to verify the NGINX service: ```bash nginx -t ``` {% endstep %} {% step %} ### Restart NGINX Apply all changes by restarting the NGINX service: ```bash service nginx restart ``` {% endstep %} {% endstepper %} ### Conclusion You have successfully configured NGINX as a reverse proxy with SSL enabled via Certbot on your Ubuntu server. This setup secures your web traffic and forwards requests to backend applications efficiently. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.acecloud.ai/knowledge-base/tutorials/how-to-configure-nginx-reverse-proxy-with-ssl.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.