Beginner's Guide to Setting Up Nginx Reverse Proxy with Free SSL

If you’re looking to host a website or application and want to secure it with HTTPS, this guide is for you. We’ll walk you through setting up Nginx as a reverse proxy and installing a free SSL certificate using Certbot (Let’s Encrypt). This guide is written in simple terms, so even if you’re a beginner, you can follow along!

Step 1: Install Nginx

Nginx is a popular web server that can also act as a reverse proxy to forward requests to other servers.

Install Nginx in you machine
Open your terminal and run the following command:
```
 sudo apt install nginx -y
```
Start Nginx and Enable it to Start on Boot
Run these commands to start Nginx and make sure it automatically starts every time your server boots:
```
 sudo systemctl start nginx
 sudo systemctl enable nginx
```
Check if Nginx is Running
Use this command to verify that Nginx is up and running:
```
 sudo systemctl status nginx
```
You should see a message indicating Nginx is active (running).

Step 2: Install Certbot (Let’s Encrypt Client)

Certbot is a tool that helps you generate and manage free SSL certificates from Let’s Encrypt.

Install Certbot and the Nginx Plugin
Run the following command:
```
 sudo apt install certbot python3-certbot-nginx -y
```

Step 3: Configure Nginx as a Reverse Proxy

Now that Nginx is installed, let’s configure it as a reverse proxy.

Create a New Nginx Configuration File
Replace <your-domain> with your domain name (e.g., xyz.online):

 sudo nano /etc/nginx/sites-available/<your-domain.conf>

Add the following configuration inside the file:

 server {
     listen 80;
     server_name <your-domain> #backend.xyx.com;

     location / {
         proxy_pass http://localhost:5000; # Change this to the port your app is running on
         proxy_set_header Host $host;
         proxy_set_header X-Real-IP $remote_addr;
         proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
     }
 }

Save the File and Exit
Press CTRL+O to save and CTRL+X to exit.

Enable the Configuration
Create a symbolic link to enable your configuration:

 sudo ln -s /etc/nginx/sites-available/<your-domain.conf> /etc/nginx/sites-enabled/

Test the Nginx Configuration
Run this command to ensure there are no errors:

 sudo nginx -t

If everything is okay, you’ll see:

 nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
 nginx: configuration file /etc/nginx/nginx.conf test is successful

Reload Nginx
Apply your changes by reloading Nginx:
```
 sudo systemctl reload nginx
```

Step 4: Allow Traffic Through the Firewall

Allow Nginx Full Traffic
Update your firewall to allow Nginx traffic:
```
 sudo ufw allow 'Nginx Full'
```

Step 5: Obtain a Free SSL Certificate with Let’s Encrypt

Run Certbot
Use Certbot to automatically configure SSL for your domain:
```
 sudo certbot --nginx -d <your-domain>
```
Replace <your-domain> with your actual domain name (e.g., xyz.online).
Follow the Prompts
Certbot will guide you through a few steps. Once it’s done, your SSL certificate will be installed and configured!

Step 6: Verify Everything is Working

Test Your Website
Open your browser and go to https://<your-domain>. You should see your site running securely with HTTPS.
Automatic Renewal
Let’s Encrypt certificates expire in 90 days, but Certbot sets up automatic renewal for you. To test it, run:
```
 sudo certbot renew --dry-run
```

Step 7: Update Your DNS Records (Optional)

Make sure your domain points to your server’s IP address by updating the DNS records. For example:

Add an A record for your domain (backend.xy.online) pointing to your server’s public IP.

Final Thoughts

Congratulations! 🎉 You’ve successfully set up Nginx as a reverse proxy with Let’s Encrypt SSL. Your website or application is now secure and accessible over HTTPS.

If you encounter any issues, feel free to drop a comment below, and I’ll be happy to help. Happy hosting!

How to Set Up Nginx as a Reverse Proxy with Free SSL (Let’s Encrypt)