Reverse Proxy

[MartinIAm]

Hello. I have only access to one public ip address and want to setup two websites. I have a server that runs Ubuntu Server 18.4.3 that has 6gb of ram with I think a 2 core cpu, that I want to run the reverse proxy on. I want to use ssl for this (I'm ready to buy ssl certificate for 2 domains). Also my internal ip for my domain.com is 192.168.7.7 and my internal ip for my mail.domain.com is 192.168.7.9. I have tried of looking at guides online but nothing helped. Also I run my domain.com on Wordpress and I'm not sure exactly how to configure that to respond to my reverse proxy.

[AbsoluteFool]

3 hours ago, MartinIAm said:

Hello. I have only access to one public ip address and want to setup two websites. I have a server that runs Ubuntu Server 18.4.3 that has 6gb of ram with I think a 2 core cpu, that I want to run the reverse proxy on. I want to use ssl for this (I'm ready to buy ssl certificate for 2 domains). Also my internal ip for my domain.com is 192.168.7.7 and my internal ip for my mail.domain.com is 192.168.7.9. I have tried of looking at guides online but nothing helped. Also I run my domain.com on Wordpress and I'm not sure exactly how to configure that to respond to my reverse proxy.

Why don't add both websites to one server? change the server to "example.com" "example2.com" you're web server will serve the correct website.

 

In apache this would be something like

<VirtualHost *:80>

ServerName example.com

documentroot /var/www/example

</VirtualHost>

 

<VirtualHost *:80>

ServerName example2.com

documentroot /var/www/example2

</VirtualHost>

 

You can also install Let's Encrypt instead of buying SSL certificates which is completely pointless unless you're gonna get an EV certificate. 

 

[MartinIAm]

7 hours ago, AbsoluteFool said:

Why don't add both websites to one server? change the server to "example.com" "example2.com" you're web server will serve the correct website.

 

In apache this would be something like

<VirtualHost *:80>

ServerName example.com

documentroot /var/www/example

</VirtualHost>

 

<VirtualHost *:80>

ServerName example2.com

documentroot /var/www/example2

</VirtualHost>

 

You can also install Let's Encrypt instead of buying SSL certificates which is completely pointless unless you're gonna get an EV certificate. 

 

How would I transfer the websites? Especially for Wordpress. Would I have to reinstall it and install it back from a backup? And I’m also running iredmail. I think it would be a bit more complicated to transfer everything to one server, but if you could help me guide me through transferring it that would be a very big help. In the other case, setting a reverse proxy on one dedicated server would make it so there are more recourses like cpu cores and ram available to each dependent server. I hope that you can help me. Thank you

[AbsoluteFool]

59 minutes ago, MartinIAm said:

How would I transfer the websites? Especially for Wordpress. Would I have to reinstall it and install it back from a backup? And I’m also running iredmail. I think it would be a bit more complicated to transfer everything to one server, but if you could help me guide me through transferring it that would be a very big help. In the other case, setting a reverse proxy on one dedicated server would make it so there are more recourses like cpu cores and ram available to each dependent server. I hope that you can help me. Thank you

Reverse proxy is quite simple if you read the guide for the web server you use.

 

However multiple websites on a single IP is not a reason to use reverse proxy, if you had a few houndred websites that spaned across serval servers it would be a reason. But with 2-50 websites it's completely pointless. Unless you are serving terabytes of data that simply don't fit on a single server.

 

A raspberry Pi can run all basic web services quite easily, this includes www data, email servers etc. There are abselutely no reason to seperate these services. Anyways...

 

Wordpress or other CMS doesen't affect the SSL certificate, an SSL certificate just confirms that the website is indeed served from the server it say it is from. It's kinda like having a personal identification.

 

Each web server works quite alike. By default apache or nginx even IIS, will service the first folder defined in the configuration file first as default. To have other websites served by the same server you need to define what domain they are going to respond to in you're example i used example.com and example2.com for this. When you then point an A record to 0.0.0.0 -> in example.com this will send a request to the web server you use to get the content for the curresponding website.

 

This is even true if you have your own DNS servers, where A WWW IN 0.0.0.0 equals to example.com.

 

I know this is alot of jibberish. But as you don't give any information about what web server you use, or if you actually have an DNS server or just point back the A records there is very little help in any response other than giving you the logic behind the services you are trying to run.

[MartinIAm]

6 hours ago, AbsoluteFool said:

Reverse proxy is quite simple if you read the guide for the web server you use.

 

However multiple websites on a single IP is not a reason to use reverse proxy, if you had a few houndred websites that spaned across serval servers it would be a reason. But with 2-50 websites it's completely pointless. Unless you are serving terabytes of data that simply don't fit on a single server.

 

A raspberry Pi can run all basic web services quite easily, this includes www data, email servers etc. There are abselutely no reason to seperate these services. Anyways...

 

Wordpress or other CMS doesen't affect the SSL certificate, an SSL certificate just confirms that the website is indeed served from the server it say it is from. It's kinda like having a personal identification.

 

Each web server works quite alike. By default apache or nginx even IIS, will service the first folder defined in the configuration file first as default. To have other websites served by the same server you need to define what domain they are going to respond to in you're example i used example.com and example2.com for this. When you then point an A record to 0.0.0.0 -> in example.com this will send a request to the web server you use to get the content for the curresponding website.

 

This is even true if you have your own DNS servers, where A WWW IN 0.0.0.0 equals to example.com.

 

I know this is alot of jibberish. But as you don't give any information about what web server you use, or if you actually have an DNS server or just point back the A records there is very little help in any response other than giving you the logic behind the services you are trying to run.

I’ll try and do this today. Hope it works

[MartinIAm]

6 hours ago, AbsoluteFool said:

Reverse proxy is quite simple if you read the guide for the web server you use.

 

However multiple websites on a single IP is not a reason to use reverse proxy, if you had a few houndred websites that spaned across serval servers it would be a reason. But with 2-50 websites it's completely pointless. Unless you are serving terabytes of data that simply don't fit on a single server.

 

A raspberry Pi can run all basic web services quite easily, this includes www data, email servers etc. There are abselutely no reason to seperate these services. Anyways...

 

Wordpress or other CMS doesen't affect the SSL certificate, an SSL certificate just confirms that the website is indeed served from the server it say it is from. It's kinda like having a personal identification.

 

Each web server works quite alike. By default apache or nginx even IIS, will service the first folder defined in the configuration file first as default. To have other websites served by the same server you need to define what domain they are going to respond to in you're example i used example.com and example2.com for this. When you then point an A record to 0.0.0.0 -> in example.com this will send a request to the web server you use to get the content for the curresponding website.

 

This is even true if you have your own DNS servers, where A WWW IN 0.0.0.0 equals to example.com.

 

I know this is alot of jibberish. But as you don't give any information about what web server you use, or if you actually have an DNS server or just point back the A records there is very little help in any response other than giving you the logic behind the services you are trying to run.

Would 4gb of ram and dual core 64 bit cpu work?

[MartinIAm]

13 hours ago, AbsoluteFool said:

Reverse proxy is quite simple if you read the guide for the web server you use.

 

However multiple websites on a single IP is not a reason to use reverse proxy, if you had a few houndred websites that spaned across serval servers it would be a reason. But with 2-50 websites it's completely pointless. Unless you are serving terabytes of data that simply don't fit on a single server.

 

A raspberry Pi can run all basic web services quite easily, this includes www data, email servers etc. There are abselutely no reason to seperate these services. Anyways...

 

Wordpress or other CMS doesen't affect the SSL certificate, an SSL certificate just confirms that the website is indeed served from the server it say it is from. It's kinda like having a personal identification.

 

Each web server works quite alike. By default apache or nginx even IIS, will service the first folder defined in the configuration file first as default. To have other websites served by the same server you need to define what domain they are going to respond to in you're example i used example.com and example2.com for this. When you then point an A record to 0.0.0.0 -> in example.com this will send a request to the web server you use to get the content for the curresponding website.

 

This is even true if you have your own DNS servers, where A WWW IN 0.0.0.0 equals to example.com.

 

I know this is alot of jibberish. But as you don't give any information about what web server you use, or if you actually have an DNS server or just point back the A records there is very little help in any response other than giving you the logic behind the services you are trying to run.

The problem is that my mail server runs on Nginx while my wordpress site runs on apache2 and php

[AbsoluteFool]

1 hour ago, MartinIAm said:

The problem is that my mail server runs on Nginx while my wordpress site runs on apache2 and php

You can get php along NGINX, the same concept applies to both web servers. 

 

Personally i prefer apache2 as the configuration is more straight forwards. NGINX is powerful but i find the configuration messy.

[MartinIAm]

On 9/25/2019 at 9:41 PM, AbsoluteFool said:

You can get php along NGINX, the same concept applies to both web servers. 

 

Personally i prefer apache2 as the configuration is more straight forwards. NGINX is powerful but i find the configuration messy.

Setting up NGINX was a mess for me. Do you know the way on how to setup it up so it communicates with internal ip addresses?

[AbsoluteFool]

3 hours ago, MartinIAm said:

Setting up NGINX was a mess for me. Do you know the way on how to setup it up so it communicates with internal ip addresses?

I got no idea what you mean "communicate with internal IP addresses".

 

NGINX itself can't communicate with other machines on the network. It's just a web server. If you want it to "communicate" atleast to a degree to other machines you need to use shell scripting. or php scripting as you are running php. Or atleast have a DNS server running. 

 

You really should be more spesific with you're questions what you are trying to achieve.

[MartinIAm]

6 hours ago, AbsoluteFool said:

I got no idea what you mean "communicate with internal IP addresses".

 

NGINX itself can't communicate with other machines on the network. It's just a web server. If you want it to "communicate" atleast to a degree to other machines you need to use shell scripting. or php scripting as you are running php. Or atleast have a DNS server running. 

 

You really should be more spesific with you're questions what you are trying to achieve.

Sorry, English isn’t my best. So can you have a dns server running on that network that would direct different sub domains to different servers on that same network?

[MartinIAm]

if this helps this is what I’m trying to do 

[AbsoluteFool]

Ok, let me just get a confirmation if i understand this correctly..

 

You have one external IP, where users can connect externally to domain.com and mail.domain.com. 

 

So Wordpress is hosted on 192.168.7.7?

Mail server is hosted at 192.168.17.9

 

And both of these should go through reverse proxy at 192.168.7.8?

 

If that is the case. That is completely pointless and more struggle and effort to configure than doing for example.

Wordpress + mail server at same machine. Then point the domain.com to: A record  (external ip), and MX records to mail.domain.com.

Install a SSL certificate from let's encrypt and call it a day.

 

The reverse proxy will simpley have no benifit in here.

The  A record for mail.domain.com will come from 192.168.7.7 anyways and you will manually have to configure the reverse proxy, or leave the mail server out of the reverse proxy entierly. working with reverse proxy is a second level over normal web serving, and nothing that i nor anyone else here on the forum probably have time to teach you.

 

You're best bet here if you abselutely want the reverse proxy is to look up the manual for the web server you're using for this.

 

[MartinIAm]

3 minutes ago, AbsoluteFool said:

Ok, let me just get a confirmation if i understand this correctly..

 

You have one external IP, where users can connect externally to domain.com and mail.domain.com. 

 

So Wordpress is hosted on 192.168.7.7?

Mail server is hosted at 192.168.17.9

 

And both of these should go through reverse proxy at 192.168.7.8?

 

If that is the case. That is completely pointless and more struggle and effort to configure than doing for example.

Wordpress + mail server at same machine. Then point the domain.com to: A record  (external ip), and MX records to mail.domain.com.

Install a SSL certificate from let's encrypt and call it a day.

 

The reverse proxy will simpley have no benifit in here.

The  A record for mail.domain.com will come from 192.168.7.7 anyways and you will manually have to configure the reverse proxy, or leave the mail server out of the reverse proxy entierly. working with reverse proxy is a second level over normal web serving, and nothing that i nor anyone else here on the forum probably have time to teach you.

 

You're best bet here if you abselutely want the reverse proxy is to look up the manual for the web server you're using for this.

 

Thanks for the help anyway.