How To Set Up Nginx Virtual Host "sites-available" On CentOS 7 ~ Bug bounty

Di artikel ini saya membahas nginx sebagai Loadbalancer / lb pada OS Centos 7. langsung saja ikuti cara-cara sebagai berikut.

Step 1. But terlebih dahulu direktori " sites-available" dan "sites-enabled"

[root@nginx ~]# sudo mkdir /etc/nginx/sites-available
[root@nginx ~]# sudo mkdir /etc/nginx/sites-enabled

Step 2. buka file "nginx.conf" dan Selalu backup file yang asli agar ketika terjadi kesalahan lebih mudah dalam mengembalikan nya

[root@nginx ~]# cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.backup
[root@nginx ~]# vi /etc/nginx/nginx.conf

Step 3. Cari file berikut ini " /etc/nginx/conf.d/*.conf; " dan Tambahkan file berikut ini dibawah nya

include /etc/nginx/sites-enabled/*.conf
server_names_hash_bucket_size 64;

Step 4. Kemudian save the file dan exit, lalu cek hasil configurasi diatas dengan cara

[root@nginx ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Step 5. jika tidak ada error maka hasil konfigurasi tersebut dikatakan berhasil

Step 6. Membuat file server block

[root@nginx ~]# sudo vi /etc/nginx/sites-available/loadbalancer.conf

Step 7. Buat script untuk memanggil webserver yang sudah di siapkan, sebagai contoh.

upstream nginx {
ip_hash;
server 127.0.0.1:80 max_fails=3 fail_timeout=10s;
server 127.0.0.2:80 max_fails=3 fail_timeout=10s;

}

server {

listen 80;

server_name name_domain.com;

return 301 https://$server_name$request_uri;

location / {

proxy_pass http://nginx;

}

server {

listen 443 ssl;

server_name name_domain.com;

ssl_certificate /etc/nginx/ssl/certificate.crt;

ssl_certificate_key /etc/nginx/ssl/certificate_key.key;

ssl_dhparam /etc/nginx/ssl/dhparam.pem;

ssl_session_cache shared:SSL:50m;

ssl_session_timeout 1d;

ssl_session_tickets off;

ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS;

error_log /var/log/nginx/name_domain-error.log;

access_log /var/log/nginx/name_domain-access.log;

location / {

proxy_pass http://nginx;

proxy_set_header Host $host;

proxy_set_header X-Real-IP $remote_addr;

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_set_header X-Forwarded-Proto $scheme;

client_max_body_size 64M;

}

Step 8. Save the file and exit

Step 9. Cek hasil configurasi dengan cara

[root@nginx ~]# nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

Step 10. Enable Server Block Files

[root@nginx ~]# sudo ln -s /etc/nginx/sites-available/name_domain.conf /etc/nginx/sites-enabled/name_domain.conf

Step 11. Restart services nginx server

[root@nginx ~]# sudo systemctl restart nginx

Step 12. Aktifkan "name_domain.com" yang sudah di buat diatas di ns temen-temen, tetapi jika ingin mengecek di local agar lebih aman temen-temen harus udah di bagian "name_domain.com" menjadi ip masing-masing webserver.

"Selamat mencoba dan semoga artikel ini bermanfaat"

Bug bounty

Saturday, July 11, 2020

How To Set Up Nginx Virtual Host "sites-available" On CentOS 7

Counter

Labels

Blog Archive

FOLLOW

Blogroll

About