Using a reverse proxy like Nginx with SSL encryption is essential for routing traffic securely to backend services and applications. In this guide, we'll walk through configuring Nginx as a reverse proxy with HTTPS using a free SSL certificate from Let's Encrypt.
Prerequisites
- A domain name pointing to your server’s IP
- A Linux-based server (e.g., Ubuntu)
- Root or sudo access
Step 1: Install Nginx
sudo apt update
sudo apt install nginx -yEnsure Nginx is running:
sudo systemctl status nginxStep 2: Install Certbot and Get an SSL Certificate
sudo apt install certbot python3-certbot-nginx -y
sudo certbot --nginxCertbot will guide you through the prompts. Choose the domain to install the certificate for and allow it to redirect HTTP to HTTPS.
Step 3: Configure Nginx as a Reverse Proxy
Edit or create your site config file in /etc/nginx/sites-available/. Here's an example:
server {
listen 80;
server_name yourdomain.com;
location / {
proxy_pass http://localhost:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}After configuration, enable the site and reload Nginx:
sudo ln -s /etc/nginx/sites-available/yourdomain.com /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl reload nginxStep 4: Auto-Renewal of SSL Certificate
Certbot installs a cron job automatically, but you can test it:
sudo certbot renew --dry-runConclusion
You now have a secure Nginx reverse proxy set up with HTTPS enabled via Let’s Encrypt. This is a great starting point for running your apps securely in production behind Nginx.
If this article helped you, consider supporting me: buymeacoffee.com/hexshift
