Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Subscribe to our newsletter

Advertise on LowEndTalk.com

In this Discussion

Latest LowEndBox Offers

    Best configuration for DDoS protected frontend webserver
    New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

    Best configuration for DDoS protected frontend webserver

    SadySady Member

    Hope you all are in good condition :)
    I'm going to release my blog but I do have fears in my mind of getting DDoS & something so what I want to have is some kind of DDoS protection with a Nexhost's egg. I already have webserver configured with Nginx, php-fpm (Centminmod) on another server which has 1GB of RAM. Since Nexhost's egg has only 256 MB RAM so can't host anything more than a frontend. I'm unable to understand how can I achieve this:
    Nexhost's DDoS protected VPS serving as a Nginx front-end
    Another 1GB VPS serving as a complete web server

    Can you please guide me about how can I do this or what configuration I need? Keep it noted that I also need SSL to be configured.

    Thank you!

    I don't have any relation/affiliation with any LET Host, All of my comments are my own
    Simple bash script to clean compromised wordpress site [cPanel/WHM specified]

    Comments

    • JonchunJonchun Member, Provider
      edited August 2015

      https://www.nginx.com/resources/admin-guide/reverse-proxy/

      Just setup a reverse proxy within a location / {} block .

      Edit:

      Here's a sample config

      server {
              listen   80;     
              listen   443 ssl spdy;
              ssl_certificate_key     ssl.key;
              ssl_certificate            ssl.combined_crt;
      
              server_name example.com; 
      
              location / {
                   proxy_set_header    Host              $host;
                   proxy_set_header    X-Real-IP         $remote_addr;
                   proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
                   proxy_set_header    X-Forwarded-SSL   on;
                   proxy_set_header    X-Forwarded-Proto $scheme;
                   proxy_pass http://unprotected.ip.here;
              }
      }
      
      Thanked by 1ehab
    Sign In or Register to comment.