Programming

How to Set Up a Secure Reverse Proxy with Nginx and Let's Encrypt

Using a reverse proxy like Nginx with SSL encryption is essential for routing traffic securely to backend services and applications. In this guide, we'll walk through configuring Nginx as a reverse proxy with HTTPS using a free SSL certificate from Let's Encrypt. Prerequisites A domain name pointing to your server’s IP A Linux-based server (e.g., Ubuntu) Root or sudo access Step 1: Install Nginx sudo apt update sudo apt install nginx -y Ensure Nginx is running: sudo systemctl status nginx Step 2: Install Certbot and Get an SSL Certificate sudo apt install certbot python3-certbot-nginx -y sudo certbot --nginx Certbot will guide you through the prompts. Choose the domain to install the certificate for and allow it to redirect HTTP to HTTPS. Step 3: Configure Nginx as a Reverse Proxy Edit or create your site config file in /etc/nginx/sites-available/. Here's an example: server { listen 80; server_name yourdomain.com; location / { proxy_pass http://localhost:3000; proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_cache_bypass $http_upgrade; } } After configuration, enable the site and reload Nginx: sudo ln -s /etc/nginx/sites-available/yourdomain.com /etc/nginx/sites-enabled/ sudo nginx -t sudo systemctl reload nginx Step 4: Auto-Renewal of SSL Certificate Certbot installs a cron job automatically, but you can test it: sudo certbot renew --dry-run Conclusion You now have a secure Nginx reverse proxy set up with HTTPS enabled via Let’s Encrypt. This is a great starting point for running your apps securely in production behind Nginx. If this article helped you, consider supporting me: buymeacoffee.com/hexshift

Apr 17, 2025 - 02:33
 0
How to Set Up a Secure Reverse Proxy with Nginx and Let's Encrypt

Using a reverse proxy like Nginx with SSL encryption is essential for routing traffic securely to backend services and applications. In this guide, we'll walk through configuring Nginx as a reverse proxy with HTTPS using a free SSL certificate from Let's Encrypt.

Prerequisites

  • A domain name pointing to your server’s IP
  • A Linux-based server (e.g., Ubuntu)
  • Root or sudo access

Step 1: Install Nginx

sudo apt update
sudo apt install nginx -y

Ensure Nginx is running: 

sudo systemctl status nginx

Step 2: Install Certbot and Get an SSL Certificate

sudo apt install certbot python3-certbot-nginx -y
sudo certbot --nginx

Certbot will guide you through the prompts. Choose the domain to install the certificate for and allow it to redirect HTTP to HTTPS.

Step 3: Configure Nginx as a Reverse Proxy

Edit or create your site config file in /etc/nginx/sites-available/. Here's an example: 

server {
    listen 80;
    server_name yourdomain.com;

    location / {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
}

After configuration, enable the site and reload Nginx: 

sudo ln -s /etc/nginx/sites-available/yourdomain.com /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginx

Step 4: Auto-Renewal of SSL Certificate

Certbot installs a cron job automatically, but you can test it: 

sudo certbot renew --dry-run

Conclusion

You now have a secure Nginx reverse proxy set up with HTTPS enabled via Let’s Encrypt. This is a great starting point for running your apps securely in production behind Nginx.

If this article helped you, consider supporting me: buymeacoffee.com/hexshift

Read More

Tags:

Previous Article

Why I keep choosing Vike over Next.js for frontend apps

Next Article

Faceone is now merging with another programming language

Related Posts