Nginx reverse proxy HTTPS configuration, encrypted website transmission

Nginx reverse proxy HTTPS configuration, encrypted website transmission

With the rapid development of the Internet, security during data transmission has become more and more important. In order to protect users' privacy and data security, encrypting website transmissions has become a necessary means. Using the HTTPS protocol can encrypt data transmission and ensure the security of the website. As a high-performance web server, Nginx can configure HTTPS websites through reverse proxy.

Let’s introduce the configuration method and code examples of Nginx reverse proxy HTTPS in detail.

Step 1: Prepare SSL certificate

Before configuring HTTPS, we need to prepare an SSL certificate. You can obtain an SSL certificate by purchasing a commercial certificate, or using a free certificate authority such as Let's Encrypt.

Step 2: Install and configure Nginx

First, make sure Nginx is installed. It can be installed through the following command:

# Ubuntu
sudo apt-get install nginx

# CentOS
sudo yum install nginx

After the installation is completed, we need to open the Nginx configuration file, usually located at /etc/nginx/nginx.conf. Add the following content under the http module:

http {
    ...
    
    # 代理服务器的最大连接数
    proxy_connect_timeout 600;
    
    # 反向代理缓存的时间
    proxy_cache_valid 200 302 1h;
    
    # 反向代理缓存的最大字节数
    proxy_cache_max_size 5m;
    
    # 反向代理缓存的路径
    proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=my_cache:10m max_size=10g inactive=60m use_temp_path=off;
    
    ...
}

Step 3: Configure the reverse proxy

In the configuration file, we need to configure a location block for the reverse proxy. In this block, we will specify the proxy server’s address, port, and path to the SSL certificate.

server {
    listen 80;
    server_name yourdomain.com;
    
    # 重定向HTTP请求到HTTPS
    return 301 https://$server_name$request_uri;
}

# HTTPS配置
server {
    listen 443 ssl;
    server_name yourdomain.com;
    
    # SSL证书的路径和密钥
    ssl_certificate /path/to/ssl_certificate.crt;
    ssl_certificate_key /path/to/ssl_certificate.key;
    
    # 反向代理配置
    location / {
        proxy_pass https://backend_server;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    }
}

Step 4: Reload the configuration file

After completing the above configuration, we need to reload the Nginx configuration file.

sudo nginx -s reload

At this point, the configuration of Nginx reverse proxy HTTPS is completed.

Summary

Through the configuration of Nginx reverse proxy HTTPS, we can achieve encryption of website transmission and ensure data security. At the same time, Nginx’s high-performance features can also ensure website access speed.

I hope the above code examples and configuration instructions can be helpful to you. If you have any questions, please feel free to ask us. Good luck with the configuration process of Nginx reverse proxy HTTPS!

The above is the detailed content of Nginx reverse proxy HTTPS configuration, encrypted website transmission. For more information, please follow other related articles on the PHP Chinese website!