Question

How to setup Ngnix as reverse proxy for Drupal served using Apache?

I am running a Drupal 7 website using Apache. But, now my requirement has changed. I need to run some other Django apps using Nginx. So, I want to use nginx as reverse proxy for apache. I will server Apache under 8080. Now, my site already has a SSL certificate using letsencrypt with apache plugin. So, will this configuration be enough ?

server {
 listen 80;

root /var/www/html/; 
 index index.php index.html index.htm;

server_name bringdomain.com www.bringdomain.com;

location / {
 root /var/www/html;
 index index.html index.htm;
 proxy_pass http://127.0.0.1:8080;
 proxy_redirect off;
 proxy_read_timeout 1200;
 proxy_send_timeout 1200;
 proxy_connect_timeout 75;
 proxy_set_header X-Real-IP $remote_addr;
 proxy_set_header Host $host;
 }
 location ~* ^.+\.(jpg|gif|jpeg|ico|avi|mpeg|mpg|wmv|png|css|js|xml)$ {
 root /var/www/html;
 }
 }

Submit an answer

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Want to learn more? Join the DigitalOcean Community!

Join our DigitalOcean community of over a million developers for free! Get help and share knowledge in Q&A, subscribe to topics of interest, and get courses and tools that will help you grow as a developer and scale your project or business.

Hi, Your nginx server block configuration seems to be OK but it does not include SSL configuration. So, let’s try to modify it a bit.

server {

  listen 443 ssl;
  root /var/www/html/; 
  index index.php index.html index.htm;
  server_name bringdomain.com www.bringdomain.com;

  location / {
    root /var/www/html;
    index index.html index.htm;
    proxy_pass http://127.0.0.1:8080;
    proxy_redirect off;
    proxy_read_timeout 1200;
    proxy_send_timeout 1200;
    proxy_connect_timeout 75;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header Host $host;
  }

  location ~* ^.+\.(jpg|gif|jpeg|ico|avi|mpeg|mpg|wmv|png|css|js|xml)$ {
    root /var/www/html;
  }

  ssl_certificate /etc/letsencrypt/live/bringdomain.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/bringdomain.com/privkey.pem;

}

server {

  listen 80;
  server_name bringdomain.com www.bringdomain.com;
  return 301 https://$host$request_uri;

}

The changes in your original server block are highlighted. It listens on port 443 now, and have SSL turned on:

listen 443 ssl

There is configuration of SSL certificate added as well. Check and correct the paths leading to your certificate files.

 ssl_certificate /etc/letsencrypt/live/bringdomain.com/fullchain.pem;
 ssl_certificate_key /etc/letsencrypt/live/bringdomain.com/privkey.pem;

There is another server block besides your original one. It listens on port 80 and rewrites HTTP requests to HTTPS.

I recommend creating a snapshot before deploying your new configuration. Just in case :) After deploying new configuration test if certbot can renew the certificate. Run the following command:

sudo certbot renew --dry-run

Let me know if it helps, pls.