Reverse proxies are frequently used to direct client traffic to a designated server. Unlike a forward proxy, a reverse proxy operates on the server-side, receiving client requests and forwarding them to the appropriate server. This guide outlines setting up a reverse proxy using Docker, along with port forwarding configuration, and demonstrates traffic forwarding to various servers on a network. Specifically, the example focuses on a WordPress setup, although the applications are vast.
The tutorial uses Nginx Reverse Proxy managed through its GUI frontend, Nginx Proxy Manager. While managing Nginx without a GUI is possible, this guide aims for a simpler approach. A dedicated device or VM to host the reverse proxy is recommended. The guide assumes docker-compose is installed on a Ubuntu system for demonstration, utilizing a bare-metal machine behind a Unifi Dream Machine Pro (UDMP). Users of different operating systems can adapt the commands accordingly. For those seeking guidance on self-hosted WordPress, a separate tutorial is linked for reference. It’s suggested to run the WordPress site and the reverse proxy on separate devices or VMs for clarity.
The installation process is simplified with a provided ‘docker-compose.yml’ file available for download from a GitHub repository. Building the containers is achieved by executing the ‘docker-compose up -d’ command. Upon successful execution, both Nginx Proxy Manager and MariaDB should be running.
Configuring Nginx Proxy Manager involves accessing its frontend through a web browser and changing the default login credentials for security. The guide provides a step-by-step example of configuring a proxy host for a WordPress site, including forwarding ports 80 and 443 to the reverse proxy host. Screenshots illustrating these configurations within the Unifi Controller interface are included.
Adding a new proxy host within Nginx Proxy Manager involves specifying domain names, selecting the appropriate scheme (https is recommended), entering the target server IP and port, and enabling caching, exploit blocking, and websocket support. Additional configurations, such as adding a custom location for ‘/wp-admin’ and obtaining an SSL certificate using Let’s Encrypt are also covered.
The guide concludes by highlighting the flexibility of this reverse proxy setup, using the example of adding SSL to a UDMP connection. The author encourages readers to reach out with questions and welcomes feedback on practical applications of the setup.