Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


How do I setup a backup nginx reverse proxy if the main one fails?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

How do I setup a backup nginx reverse proxy if the main one fails?

xaitmixaitmi Member
edited May 2015 in Help

Hi, right now what I am doing is

Cloudflare --> NGINX Reverse Proxy (MyCustomHosting VPS) --> Webserver

Note: The reverse proxy tutorial i followed was http://lowendtalk.com/discussion/comment/1041774/

Earlier today someone was attacking my site making the MCH VPS choke (high packet loss, etc), causing my site to be offline, because if the proxy vps chokes then no one can access the site.

I want to setup another Reverse Proxy VPS, at a different provider (Probably Ramnode or BuyVM), so that when the MCH ReverseProxy chokes, the alternate reverse proxy will kick in.

Can someone point me in the right direction please.

Thanks

Comments

  • Use a DDoS protected VPS for the proxy, and send legitimate traffic to your back end servers where the actual content is.

  • xaitmixaitmi Member

    @FlamesRunner said:
    Use a DDoS protected VPS for the proxy, and send legitimate traffic to your back end servers where the actual content is.

    My current proxy vps is a MyCustomHosting VPS which is hosted at OVH.

    That is ddos protected

  • nexmarknexmark Member

    You'll need something a tad bit more complicated such as Round Robin/Load balancer combo.

    I'll release a tutorial for that also whilst revamping the nginx one currently (When I've got time)

    Thanked by 1vpsGOD
  • see nginx doc .
    upstream proxy models.
    http://nginx.org/en/docs/http/load_balancing.html

  • OVH DDoS protection sucks - some of my traffic which was legitimate got blocked on their network, and I cancelled.

    Thanked by 1rokok
  • xaitmixaitmi Member

    @FlamesRunner said:
    OVH DDoS protection sucks - some of my traffic which was legitimate got blocked on their network, and I cancelled.

    what do u recommend

  • @xaitmi did you check your server for malware? DDoS normally won't follow domain, attack on IP, unless there's a bug in your system.

  • I recommend load balancing as an alternative. Using NGINX, we can suppress the load on a server if it is being DDoSed. Here's a link to the NGINX tutorial: http://nginx.org/en/docs/http/load_balancing.html
    Try using DDoS protected VPS servers, but I'm not sure if I can recommend a provider to you.

    Good luck!

  • cloudflare -> haproxy -> X nginx -> application servers.

    And if possible.

    cloudflare -> haproxy -> X nginx -> varnishcache -> application servers.

  • xaitmixaitmi Member
    edited May 2015

    @century1stop said:
    xaitmi did you check your server for malware? DDoS normally won't follow domain, attack on IP, unless there's a bug in your system.

    no i dont have any malware installed. There are layer 7 attacks that follow domain. some attackers have systems where their attack servers check the domain for the latest ip address every few hours or so and change the attack ip as required.

  • @xaitmi my guess is, your server has been compromised. ;)

  • xaitmixaitmi Member

    @century1stop said:
    xaitmi my guess is, your server has been compromised. ;)

    No it has not been compromised.

    Even MCH Phil confirmed it was a DDOS attack to my OVH VPS.

    After the attack stopped it has been smooth sailing.

    My site gets ddos attacked a few times a month.

  • century1stopcentury1stop Member
    edited May 2015

    @xaitmi ah okay, good for you then. :)

    edit: albeit ddos :)

Sign In or Register to comment.