nginx

protecting sensitive data in docker

How to run Filebeat in a Docker container

Reading Time: 4 minutes Introduction Hi everyone! Today in this blog we are going to learn how to run Filebeat in a container environment. For a quick understanding – Set-up In this setup, I have an ubuntu host machine running Elasticsearch and Kibana as docker containers. I will bind the Elasticsearch and Kibana ports to my host machine so that my Filebeat container can reach both Elasticsearch and Kibana. Continue Reading

NGINX – Understanding and Setting up a reverse proxy server

Reading Time: 3 minutes Let’s start by understanding what a reverse proxy server means and then I’ll lay down the steps for setting up such a server using our beloved NGINX. A reverse proxy server is one which helps in directing client requests to other (usually backend) servers or to multiple applications hosted on the same server on different ports. You can think of it as an abstraction layer Continue Reading

NGINX – Redirecting HTTP to HTTPS

Reading Time: < 1 minute Using HTTPS is highly recommended and I cannot stop when explaining the benefits of using it! Also something which is more important is to make sure when HTTPS is setup it is ensured that all traffic via HTTP is blocked in a way that it is redirected to HTTPS. This can be easily achieved by giving NGINX the following set of instructions in the virtual Continue Reading

NGINX – Load Balancing your application made easy

Reading Time: 3 minutes Often there are requirements to load balance your application in order to scale out and make your application more performant and NGINX can be used to do just that! It can distribute your traffic to several application servers. There are several load balancing methods available in NGINX which are round robin – wherein the requests are distributed in a round-robin fashion least connected – request Continue Reading

NGINX – Redirecting traffic between www and non-www domain

Reading Time: < 1 minute Just in case you ever wondered whether the re-routing from www to non-www or non-www to www domain is possible using NGINX then you bet it is! In fact it is very simple and can be done using the following steps 1. Redirecting from www to non-www Setup a initial virtual server block to point your domain to your content, a simple example would look something Continue Reading

NGINX – Restrict access to Geographical Locations using GeoIP module

Reading Time: 2 minutes In this post I’ll try to explain how NGINX GeoIP module can be used to restrict access to your web-portal/website only to a specific geographical region. Begin by verifying NGINX GeoIP module is installed on the server which can be done via nginx -V if you can see –with-http_geoip_module in the output you are ready to use the GeoIP database with NGINX but if not you Continue Reading

NGINX – Disable direct access (via http and https) to a website using IP address

Reading Time: < 1 minute For the requirements wherein direct access to a website using IP address has to be disabled/blocked, following steps can be followed To disable/block direct access to IP for port 80 create a new or add to an existing (as required) server configurations as follows server { listen 80 default_server; server_name _; return 404; } where _ catches all the domain names pointing to your server’s Continue Reading

NGINX – Easiest way to setup SSL using .pfx files

Reading Time: < 1 minute I’ll try to explain the easiest way to use a .pfx file that can be used to install SSL on NGINX. We’ll start by extracting the CRT file using openssl with the following command openssl pkcs12 -in ./YOUR-PFX-FILE.pfx -clcerts -nokeys -out domain.crt Followed by extracting the private key with the following command openssl pkcs12 -in ./YOUR-PFX-FILE.pfx -nocerts -nodes -out domain.rsa

Introduction to Nginx

Reading Time: < 1 minute Hi all, Knoldus organized a 30 min session on 3rd March 2017 at 4:50 PM. The topic was Introduction to Nginx. Session slides are shared in this blog post and you can post any questions related to the slides in the comment section below 🙂