How to Create a Reverse Proxy with NGINX on Ubuntu 18.04 Pointing to cPanel WordPress Website
How to Create a Reverse Proxy with NGINX on Ubuntu 18.04 Pointing to a cPanel WordPress Website over HTTPS with LetsEncrypt SSL.
This quick guide will show you how to hide your real server IP by using a NGINX Reverse Proxy that refers all traffic to the original website, thus hiding your real server IP.
Using CloudFlare as a reverse proxy is the normal way these days, however, some scripts and services are yet compatible with CloudFlare and you will also, in some cases, notice a huge drop in Adsense earnings due to CloudFlare’s cache. A way around this is to build a revers proxy using NGINX. There are many guides out there, trust me, it took me about 10 days to work out what was going wrong, why I was getting “too many redirects” and “page cannot load” errors.
What I did was follow the guides and realised that when you use a reverse proxy for a WordPress website you need to pass the scheme header in the proxy config file. A simple one line of code fixed everything!
Below I show you how to create a reverse proxy on NGINX to a WordPress website on cPanel running on SSL.
5, Check NGINX is installed and running by visiting the server IP in a browser, you should get the following:
6, Next is to create the reverse proxy config file that will redirect all traffic from the proxy on standard port 80 to https port 8080 on cPanel target server. We can do this with multiple websites by creating a proxy config file for each domain. Use the code below to create your first proxy config file, substituting DOMAINNAME.COM for your actual website domain name.
8, Next we test your config file by running the command below:
sudo nginx -t
If successful you will see something like:
nginx: the configuration file /etc/nginx/sites-available/NginxProxy syntax is ok nginx: configuration file /etc/nginx/sites-available/NginxProxy test is successful
9, We now add the config file to the sites enabled directory and restart NGINX (replace DOMAINNAME.COM with your website domain name which is the same name as your config file you created) using the command below:
10, Now make sure you have your domain name A record pointing to your NGINX Reverse Proxy server IP and not the cPanel IP. Set the TLS to 2 minutes so you know it should be around 2 minutes to propagate. If your website is running on NON SSL then you should be good to go and when you load your domain name in a browser it will load your website in http. If you are using an SSL certificate, continue to step 11 below.
11, We now install LetsEncrypt SSL so we can reverse proxy to our website in HTTPS. Please make sure you have SSL installed on your website running on cPanel already to avoid connection errors. Use the commands below to install LetsEncrypt SSL onto your reverse proxy:
Enter everything the install asks for and make sure to use option 2 at the end to redirect all traffic via https.
12, Restart NGINX using the command below:
sudo systemctl restart nginx
13, Now load up your website in a browser using https and check it loads. If you see it working, you have successfully installed a reverse NGINX proxy to your WordPress site running on a cPanel server. Your original IP is now hidden behind the reverse proxy IP.