By robAx
I am running a Drupal 7 website using Apache. But, now my requirement has changed. I need to run some other Django apps using Nginx. So, I want to use nginx as reverse proxy for apache. I will server Apache under 8080. Now, my site already has a SSL certificate using letsencrypt with apache plugin. So, will this configuration be enough ?
server {
listen 80;
root /var/www/html/;
index index.php index.html index.htm;
server_name bringdomain.com www.bringdomain.com;
location / {
root /var/www/html;
index index.html index.htm;
proxy_pass http://127.0.0.1:8080;
proxy_redirect off;
proxy_read_timeout 1200;
proxy_send_timeout 1200;
proxy_connect_timeout 75;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
}
location ~* ^.+\.(jpg|gif|jpeg|ico|avi|mpeg|mpg|wmv|png|css|js|xml)$ {
root /var/www/html;
}
}
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hi, Your nginx server block configuration seems to be OK but it does not include SSL configuration. So, let’s try to modify it a bit.
server {
listen 443 ssl;
root /var/www/html/;
index index.php index.html index.htm;
server_name bringdomain.com www.bringdomain.com;
location / {
root /var/www/html;
index index.html index.htm;
proxy_pass http://127.0.0.1:8080;
proxy_redirect off;
proxy_read_timeout 1200;
proxy_send_timeout 1200;
proxy_connect_timeout 75;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
}
location ~* ^.+\.(jpg|gif|jpeg|ico|avi|mpeg|mpg|wmv|png|css|js|xml)$ {
root /var/www/html;
}
ssl_certificate /etc/letsencrypt/live/bringdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/bringdomain.com/privkey.pem;
}
server {
listen 80;
server_name bringdomain.com www.bringdomain.com;
return 301 https://$host$request_uri;
}
The changes in your original server block are highlighted. It listens on port 443 now, and have SSL turned on:
listen 443 ssl
There is configuration of SSL certificate added as well. Check and correct the paths leading to your certificate files.
ssl_certificate /etc/letsencrypt/live/bringdomain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/bringdomain.com/privkey.pem;
There is another server block besides your original one. It listens on port 80 and rewrites HTTP requests to HTTPS.
I recommend creating a snapshot before deploying your new configuration. Just in case :) After deploying new configuration test if certbot can renew the certificate. Run the following command:
sudo certbot renew --dry-run
Let me know if it helps, pls.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.