This small guide shows how to setup a simple reverse proxy.
Install nginx first. Depending of your server OS, the command may change but for debian based distros, here are the steps :
Update
sudo apt-get update
sudo apt-get upgrade
Install nginx
sudo apt-get install nginx
Optional : Install stream module (for minecraft servers for example)
sudo apt-get install libnginx-mod-stream
Check if nginx is enabled and running as a service
sudo systemctl status nginx
If it's not enabled
sudo systemctl enable nginx
sudo systemctl start nginx
If you want to use your domain name, go to your cloudflare dashboard and create (in the DNS/TLS section) a new A record pointing to the IP of your reverse proxy (VPS). You can also activate cloudflare own proxy.
If you want to setup for a minecraft server, you must create a SRV record, which points to one of your subdomain or domain, and then listen on port 25565. Important! the target subdomain must NOT use cloudflare proxy, as it will make your reverse proxy not work. I advice to make a new subdomain, like play.yourminecraftserver.com and don't activate the cloudflare proxy (proxy status in cloudflare should be DNS only)
After you successfully installed nginx, we will now write some config.
Locate and navigate to your nginx conf.d folder. Most of the time, it will be like this
cd /etc/nginx/conf.d
Create a new file and write
touch yourconfigname.conf
nano yourconfigname.conf
Paste and change this config inside the file
# This bellow is for a simple reverse proxy for a website for example
server {
listen 80;
server_name yourdomain.com; # Change your domain name here, or comment this line if you don't need.
location / {
proxy_pass http://x.x.x.x; # Change with another domain or the IP of your (home?) server
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
}
}
Test your config
nginx -t
If you want to setup for a minecraft server
We will write directly in the nginx.conf for this example
cd /etc/nginx
nano nginx.conf
Under the http {...}, paste and change the following config
stream {
server {
listen 25565; # Change port if you want, but you'll also have to change in cloudflare SRV records
proxy_pass x.x.x.x:port; # Replace with the ip and the port of your minecraft server
}
}
Test your config again
nginx -t
Reload nginx
sudo systemctl reload nginx
Now you should be able to use your domain name or your VPS IP to access your local server, without the user being able to get your original local server IP.
This page is a simple straightforward "how to", which was meant for simple use case and to have the basics to setup a reverse proxy, as I personnally struggled making one at first.