How to install lets encrypt ssl for multiple domains – nginx proxy way step 1 – installation

You have multiple domains/sites, doesn’t matter it’s on same server or different servers/webhost. You can setup one proxy server using Nginx and use it to proxy both http and https requests for all your sites.

First, you can create a Virtual Machine(VM) from one of the popular VPS provider: Digital Ocean, Linode, etc

In this example, I will chose CentOS 7 and a 1GB RAM VM. Nginx proxy server does not need much resources, the smallest VPS plan will be sufficient for most sites.

Nginx Proxy server:

Hostname: pxsrv.cloudtech.org
Public IP: 10.0.0.1

OS: CentOS 7
Software: Nginx 1.15.8

Install Server Tools

yum -y install dstat iotop screen wget gcc net-tools zip ntpdate sysstat

Replace firewalld with iptables(Optional). I prefer using CSF software to manage server firewall.

Disable firewalld service:

systemctl stop firewalld
systemctl disable firewalld
systemctl mask firewalld

Install iptables service:

yum -y install iptables-services
touch /etc/sysconfig/iptables
systemctl start iptables
systemctl enable iptables

vi /etc/sysconfig/iptables
systemctl restart iptables

Install CSF firewall:

wget https://download.configserver.com/csf.tgz

yum install perl bind-utils unzip -y

./install.sh

/etc/csf/csftest.pl

Custom settings in csf.conf to protect the server:

TESTING = "0"
RESTRICT_SYSLOG = "3"

TCP_IN = "80,443"
TCP_OUT = "22,25,53,80,443,587"

CONNLIMIT = "80;100,443;100"

CT_LIMIT = "50"
CT_BLOCK_TIME = "300"
CT_SKIP_TIME_WAIT = "1"
CT_STATES = "SYN_RECV"
CT_PORTS = "80,443"

Install Nginx

Install nginx rpm from official Nginx repo
Source: https://docs.nginx.com/nginx/admin-guide/installing-nginx/installing-nginx-open-source/

vi /etc/yum.repos.d/nginx.repo

[nginx]
name=nginx repo
baseurl=https://nginx.org/packages/mainline/centos/7/$basearch/
gpgcheck=0
enabled=1

yum update
yum install nginx

systemctl enable nginx
systemctl start nginx
systemctl restart nginx
systemctl status nginx