Configure Nginx as a Reverse Proxy with SSL on Ubuntu 24.04 for Multiple Domains
Configure Nginx as a Reverse Proxy with SSL on Ubuntu 24.04 for Multiple Domains
At ByteHosting, we understand the importance of secure and efficient web hosting. Setting up Nginx as a reverse proxy with SSL on Ubuntu 24.04 allows you to serve multiple websites securely through a single server. Whether you're hosting personal projects or managing client sites, this guide will walk you through the process step-by-step.
Prerequisites: Ubuntu 24.04 VPS with Nginx Installed
Before we begin, ensure you have a Ubuntu 24.04 VPS. Our servers in Frankfurt, Germany, are perfect for this setup, but any Ubuntu 24.04 server will do. Additionally, make sure Nginx is installed and running. If not, you can install it with:
sudo apt update
sudo apt install nginx
Verify Nginx is active with:
systemctl status nginxObtaining SSL Certificates with Let's Encrypt
Security is paramount, and Let's Encrypt offers free SSL certificates. We recommend using Certbot for automation. Install Certbot and the Nginx plugin:
sudo apt install certbot python3-certbot-nginxTo obtain SSL certificates for your domains, run:
sudo certbot --nginx -d example.com -d www.example.comReplace example.com with your actual domain names. Certbot will automatically configure SSL for your sites and set up redirects from HTTP to HTTPS.
Configuring Server Blocks for Multiple Domains
Next, create server blocks for each domain. These are the virtual host configurations that tell Nginx how to handle requests for each site. For example, create a file for site1.com:
sudo nano /etc/nginx/sites-available/site1.comInsert the following configuration:
server {
listen 80;
server_name site1.com www.site1.com;
location / {
proxy_pass http://localhost:8080; # Your backend service
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Repeat this process for each domain, changing the server_name and proxy_pass as needed. Enable these sites with:
sudo ln -s /etc/nginx/sites-available/site1.com /etc/nginx/sites-enabled/Setting Up Reverse Proxy Rules
Our goal is to have Nginx act as a reverse proxy, forwarding requests to backend services or applications running on different ports or servers. The proxy_pass directive handles this. For example, if your app runs on port 3000, your server block would include:
location / {
proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
This setup forwards incoming requests to your backend server, enabling multiple sites to be served securely through one Nginx instance.
Enabling SSL and Redirecting HTTP to HTTPS
After obtaining SSL certificates, Certbot automatically updates your server blocks to include SSL configurations. If you prefer to do it manually, add the following to your server block:
server {
listen 443 ssl;
server_name site1.com www.site1.com;
ssl_certificate /etc/letsencrypt/live/site1.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/site1.com/privkey.pem;
location / {
proxy_pass http://localhost:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
To redirect all HTTP traffic to HTTPS, add a redirect server block:
server {
listen 80;
server_name site1.com www.site1.com;
return 301 https://$host$request_uri;
}
Testing the Configuration with Multiple Domains
Once all configurations are in place, test Nginx for syntax errors:
sudo nginx -tIf the test passes, reload Nginx:
sudo systemctl reload nginxVisit your domains in a browser to verify that they load securely with HTTPS and that the reverse proxy forwards requests correctly. Use tools like SSL Labs to check your SSL setup.
Troubleshooting Common SSL and Proxy Issues
- SSL certificate errors: Ensure Certbot certificates are valid and paths are correct.
- Reverse proxy not working: Check proxy_pass URLs and ensure backend services are running.
- HTTP to HTTPS redirection issues: Confirm redirect server blocks are correctly configured and active.
Conclusion
Configuring Nginx as a reverse proxy with SSL on Ubuntu 24.04 for multiple domains enhances your web hosting security and flexibility. At ByteHosting, we provide reliable VPS hosting in Frankfurt, Germany, that can support such setups effortlessly. Whether you're hosting a few sites or managing complex applications, this setup ensures your traffic is secure and efficiently routed. If you need a dependable server to deploy your projects, explore our affordable VPS plans today and experience enterprise-grade infrastructure with instant delivery and excellent support.