Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Advertise on LowEndTalk.com

In this Discussion

Best configuration for DDoS protected frontend webserver
New on LowEndTalk? Please read our 'Community Rules' by clicking on it in the right menu!

Best configuration for DDoS protected frontend webserver

SadySady Member

Hope you all are in good condition :)
I'm going to release my blog but I do have fears in my mind of getting DDoS & something so what I want to have is some kind of DDoS protection with a Nexhost's egg. I already have webserver configured with Nginx, php-fpm (Centminmod) on another server which has 1GB of RAM. Since Nexhost's egg has only 256 MB RAM so can't host anything more than a frontend. I'm unable to understand how can I achieve this:
Nexhost's DDoS protected VPS serving as a Nginx front-end
Another 1GB VPS serving as a complete web server

Can you please guide me about how can I do this or what configuration I need? Keep it noted that I also need SSL to be configured.

Thank you!

I don't have any relation/affiliation with any LET Host, All of my comments are my own
Simple bash script to clean compromised wordpress site [cPanel/WHM specified]

Comments

  • JonchunJonchun Member, Provider
    edited August 2015

    https://www.nginx.com/resources/admin-guide/reverse-proxy/

    Just setup a reverse proxy within a location / {} block .

    Edit:

    Here's a sample config

    server {
            listen   80;     
            listen   443 ssl spdy;
            ssl_certificate_key     ssl.key;
            ssl_certificate            ssl.combined_crt;
    
            server_name example.com; 
    
            location / {
                 proxy_set_header    Host              $host;
                 proxy_set_header    X-Real-IP         $remote_addr;
                 proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
                 proxy_set_header    X-Forwarded-SSL   on;
                 proxy_set_header    X-Forwarded-Proto $scheme;
                 proxy_pass http://unprotected.ip.here;
            }
    }
    
    Thanked by 1ehab
Sign In or Register to comment.