Lädt...


🔧 How to accessible multiple services via different domain or subdomain in DO droplet by Nginx


Nachrichtenbereich: 🔧 Programmierung
🔗 Quelle: dev.to

First, ensure that Nginx is installed on droplet. If it’s not installed, then install it using:

sudo apt update
sudo apt install nginx

Before configuring Nginx, the firewall needs to be adjusted to allow access to the service. Nginx registers itself as a service with ufw upon installation, making it straightforward to allow Nginx access.

You can show ufw app list by typing:

sudo ufw app list

Then enable Nginx by typing:

sudo ufw allow 'Nginx Full'

Now, you can verify the change by typing:

sudo ufw status

To avoid a possible hash bucket memory problem that can arise from adding additional server names, it is necessary to adjust a single value in the /etc/nginx/nginx.conf file. Open the file using:

sudo nano /etc/nginx/nginx.conf

And, find the server_names_hash_bucket_size directive and remove the # symbol to uncomment the line.

Here you will need to SSL/TLS Certificate also, so you need for that Let’s Encrypt using:

sudo apt update
sudo apt install certbot python3-certbot-nginx
sudo certbot --nginx -d example.com -d www.example.com

To automatically renew SSL/TLS certificates obtained with Let’s Encrypt using Certbot, you can set up a cron job.

sudo crontab -e

Then add this line at the bottom: 0 0,12 * * * certbot renew --quiet

Now, you need to create an Nginx configuration file for each service after successful all steps. Each configuration file will handle requests for a specific domain or subdomain and proxy them to the appropriate Docker container.

Assuming you have a Next.js project running on port 3000, and you want to serve it on example.com, then you can create a configuration file like -

sudo nano /etc/nginx/sites-available/example.com

And add below blocks on this file :

server {
  listen 80;
  listen [::]:80;
  server_name example.com www.example.com;

  return 301 https://$host$request_uri;
}

server {
  listen 443 ssl;
  listen [::]:443 ssl;
  server_name example.com www.example.com;

  ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
  ssl_protocols TLSv1.2 TLSv1.3;
  ssl_ciphers 'TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-CCM:ECDHE-RSA-AES256-CCM:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384';
  ssl_prefer_server_ciphers on;

  location / {
    proxy_pass http://localhost:3000;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
  }

  add_header X-Frame-Options "SAMEORIGIN";
  add_header X-Content-Type-Options "nosniff";
  add_header X-XSS-Protection "1; mode=block";
  add_header Referrer-Policy "no-referrer-when-downgrade";
}

If you have multiple service, you can create additional configuration files, for example:
/etc/nginx/sites-available/service1.example.com
/etc/nginx/sites-available/service2.example.com

Each file will have a similar structure, just make sure to replace the server_name and proxy_pass with appropriate values.

Also must be linked your configuration files with /etc/nginx/sites-enabled/ to enable them:

sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
sudo ln -s /etc/nginx/sites-available/service1.example.com /etc/nginx/sites-enabled/
sudo ln -s /etc/nginx/sites-available/service2.example.com /etc/nginx/sites-enabled/

Note: Always test your Nginx configuration before restarting:

sudo nginx -t

If the test is successful, restart Nginx to apply the changes:

sudo systemctl restart nginx
...

🔧 How to accessible multiple services via different domain or subdomain in DO droplet by Nginx


📈 97.35 Punkte
🔧 Programmierung

🔧 How to Host Multiple Node.js Applications on a Single DigitalOcean Droplet with PM2 and Nginx


📈 39.45 Punkte
🔧 Programmierung

🕵️ Mozilla Core Services: Subdomain takeover on one of the subdomain under mozgcp.net


📈 36.7 Punkte
🕵️ Sicherheitslücken

🕵️ Mozilla Core Services: Subdomain takeover on one of the subdomain under mozgcp.net


📈 36.7 Punkte
🕵️ Sicherheitslücken

🕵️ Mozilla Core Services: Subdomain takeover on one of the subdomain under mozaws.net


📈 36.7 Punkte
🕵️ Sicherheitslücken

🕵️ Mozilla Core Services: Subdomain takeover on one of the subdomain under mozaws.net


📈 36.7 Punkte
🕵️ Sicherheitslücken

🕵️ Mozilla Core Services: Subdomain takeover on one of the subdomain under mozaws.net


📈 36.7 Punkte
🕵️ Sicherheitslücken

🕵️ Mozilla Core Services: Subdomain takeover on one of the subdomain under mozaws.net


📈 36.7 Punkte
🕵️ Sicherheitslücken

🕵️ Mozilla Core Services: Subdomain takeover on one of the subdomain under mozaws.net


📈 36.7 Punkte
🕵️ Sicherheitslücken

🕵️ Mozilla Core Services: Subdomain takeover on one of the subdomain under mozaws.net


📈 36.7 Punkte
🕵️ Sicherheitslücken

🕵️ Mozilla Core Services: Subdomain takeover on one of the subdomain under mozgcp.net


📈 36.7 Punkte
🕵️ Sicherheitslücken

📰 Domain-Protect - OWASP Domain Protect - Prevent Subdomain Takeover


📈 32.51 Punkte
📰 IT Security Nachrichten

📰 Domain-Protect - OWASP Domain Protect - Prevent Subdomain Takeover


📈 32.51 Punkte
📰 IT Security Nachrichten

🔧 Implementing Wildcard Subdomain (Part 2) - Creating subdomain programmatically


📈 31.19 Punkte
🔧 Programmierung

🕵️ SubScraper – Subdomain Enum Tool For Takeover Subdomain


📈 31.19 Punkte
🕵️ Hacking

📰 Subdomain Takeover: Sicherheitsfirmen übernehmen Subdomain von EA


📈 31.19 Punkte
📰 IT Nachrichten

📰 Subdomain Takeover: Sicherheitsfirmen übernehmen Subdomain von EA


📈 31.19 Punkte
📰 IT Security Nachrichten

🍏 Blogspot.stack 1.3.9 - Application that can display any public accessible Google Blogspot-subdomain.


📈 28.04 Punkte
🍏 iOS / Mac OS

🔧 Configuring Multiple Ports With Nginx Reverse Proxies on the Same Domain


📈 24.75 Punkte
🔧 Programmierung

🕵️ Sifchain: Subdomain Takeover At the Main Domain Of Your Site


📈 24.05 Punkte
🕵️ Sicherheitslücken

🕵️ Surge Domain/Subdomain Takeover


📈 24.05 Punkte
🕵️ Sicherheitslücken

🎥 Premium CPU Optimized 96 vCPU Droplet Demo


📈 23.16 Punkte
🎥 Video | Youtube

🔧 Deploy a Medusa Server on DigitalOcean Droplet with Easypanel: A Step-by-Step Guide


📈 23.16 Punkte
🔧 Programmierung

🔧 Safely Updating Your Deployed Next.js App on a DigitalOcean Droplet.


📈 23.16 Punkte
🔧 Programmierung

🔧 Generate a SSL with certbot on digitalocean droplet


📈 23.16 Punkte
🔧 Programmierung

🔧 PostgreSQL Migration From Digital Ocean DBaaS to Digital Ocean Droplet


📈 23.16 Punkte
🔧 Programmierung

🕵️ Mattermost Packages up to 5.16.2 Droplet exposure of resource


📈 23.16 Punkte
🕵️ Sicherheitslücken

🔧 New DigitalOcean Droplet Setup


📈 23.16 Punkte
🔧 Programmierung

matomo