Christian WellsIn today’s digital landscape, having a reliable and efficient web server is crucial for businesses. NGINX, an open-source software, offers a wide range of functionalities, including web serving, reverse proxying, caching, load balancing, and media streaming. In addition to its HTTP server capabilities, NGINX can also function as a proxy server for email (IMAP, POP3, and SMTP) and a reverse proxy and load balancer for HTTP, TCP, and UDP servers [^1^]. This article will guide you on how to set up Nginx as a reverse proxy on AlmaLinux 8, empowering you to optimize your server performance and enhance your website’s user experience.
Prerequisites
Before diving into the configuration process, ensure that you have the following prerequisites in place:
- A system with AlmaLinux 8 installed and running.
- Root access to the system.
- LEMP Stack (Nginx, MariaDB, and PHP) installed and running [^1^].
If you haven’t fulfilled these prerequisites, you can refer to our detailed guides on installing the LEMP Stack to set up your environment efficiently.
Configuring Nginx as a Reverse Proxy
To begin the configuration process, open the nginx.conf file with the following command:
nano /etc/nginx/nginx.conf
This file contains the main configuration settings for NGINX. Replace the existing content with the following configuration:
# For more information on configuration, see: # * Official English Documentation: [nginx.org/en/docs/](http://nginx.org/en/docs/) # * Official Russian Documentation: [nginx.org/ru/docs/](http://nginx.org/ru/docs/) nginx; worker_processes auto; error_log /var/log/nginx/error.log; pid /run/nginx.pid; # Load dynamic modules include /usr/share/nginx/modules/*.conf; events { worker_connections 1024; } http { log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; include /etc/nginx/mime.types; default_type application/octet-stream; # Load modular configuration files from the /etc/nginx/conf.d directory. # See [nginx.org/en/docs/ngx_core_module.html#include](http://nginx.org/en/docs/ngx_core_module.html#include) for more information. include /etc/nginx/conf.d/*.conf; }
Save and exit the file by pressing Ctrl+O and then Ctrl+X. For SELinux enabled systems, run the following command to enable port forwarding:
setsebool -P httpd_can_network_connect1
Creating a Nginx Configuration File for the Domain
To create a new Nginx configuration file for your domain, use the following command:
vi /etc/nginx/conf.d/dev.conf
Replace dev.domainhere.info and 127.0.0.1 with your actual domain name and IP address. Adjust the SSL path accordingly. Add the following codes to the file:
upstream app { server 127.0.0.1:8080; } server { listen 80 default_server; server_name dev.domainhere.info; return 301 https://$server_name$request_uri; } server { listen 443 ssl; server_name dev.domainhere.info; ssl_certificate /etc/letsencrypt/live/dev.domainhere.info/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/dev.domainhere.info/privkey.pem; include /etc/letsencrypt/options-ssl-nginx.conf; ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; location / { proxy_pass http://app; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header Host $host; proxy_set_header X-Real-Port $server_port; proxy_set_header X-Real-Scheme $scheme; } }
Save and exit the file using Esc, :wq!, and Enter. For SELinux enabled systems, run the following command:
setsebool -P httpd_can_network_connect1
Basic .conf File for the Domain with SSL in AlmaLinux 8
To create a basic .conf file for the domain with SSL in AlmaLinux 8, use the following command:
vi /etc/nginx/conf.d/dev.conf
Replace dev.domainhere.info with your domain name and adjust the SSL path as needed. Also, replace the root path /var/www/html/ with the actual path where your website’s data is stored. Add the following codes to the file:
server { listen 80; server_name dev.domainhere.info; root /var/www/html/; index index.php index.html index.htm; location / { try_files $uri $uri/ /index.php?$args; } location = /favicon.ico { log_not_found off; access_log off; } location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ { expires max; log_not_found off; } location = /robots.txt { allow all; log_not_found off; access_log off; } location ~ \.php$ { include /etc/nginx/fastcgi_params; fastcgi_pass unix:/run/php-fpm/www.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } listen 443 http2 ssl; ssl_certificate /etc/letsencrypt/live/dev.domainhere.info/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/dev.domainhere.info/privkey.pem; include /etc/letsencrypt/options-ssl-nginx.conf; ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; }
Save and exit the file using Esc, :wq!, and Enter.
To ensure proper access, run the following commands:
chmod -R 755 /var/www/html/ chown -R nginx:nginx /var/www/html/
For SELinux enabled systems, run the following command:
setsebool -P httpd_can_network_connect1
Restarting and Checking Nginx
To apply the changes, restart Nginx using the following command:
systemctl restart nginx
You can check the status of Nginx to verify whether it’s running correctly:
systemctl status nginx
Enabling HTTP and HTTPS (Ports 80/443)
To enable HTTP and HTTPS connections through the firewall, execute the following commands:
firewall-cmd --permanent --zone=public --add-service=http firewall-cmd --permanent --zone=public --add-service=https firewall-cmd --reload
Congratulations! You have successfully set up Nginx as a reverse proxy on AlmaLinux 8. Your server is now equipped to handle incoming requests efficiently, ensuring optimal performance and scalability for your website.
Conclusion
In today’s competitive digital landscape, a reliable and high-performing web server is essential for businesses of all sizes. By setting up Nginx as a reverse proxy on AlmaLinux 8, you can enhance your server’s performance, improve load balancing, and optimize your website’s user experience. Now that you’ve successfully configured Nginx as a reverse proxy, you’re ready to take advantage of its powerful features and unlock the full potential of your web server.
If you’re looking for reliable and scalable hosting solutions, consider Shape.host’s Linux SSD VPS services. With Shape.host, you can enjoy top-notch support, industry-leading performance, and secure cloud hosting solutions tailored to your business needs. Visit Shape.host today to explore our range of hosting options and elevate your online presence.
