NGINX Configuration
You can use NGINX to proxy all requests for port 80 to 8080 or setup a Load Balancer across multiple EnterMediaDB instances.
Create a configuration file:
$ sudo vi /etc/nginx/conf.d/entermedia.conf
Put this content in the file replacing your own config:
server { listen 80; server_name *.domain.com domain.com; // X-Frame protection add_header X-Frame-Options "DENY"; add_header Content-Security-Policy "frame-ancestors 'none'"; location / { proxy_max_temp_file_size 2048m; proxy_read_timeout 1200s; proxy_send_timeout 1200s; proxy_connect_timeout 1200s; client_max_body_size 100G; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header Host $http_host; proxy_pass http://entermedianode01; } } upstream entermedianode01 { server 172.18.0.100:8080; }
Delete any default NGINX configuration files:
$ sudo rm /etc/nginx/conf.d/default.conf
Reload NGINX:
$ sudo nginx -s reload
Test it:
$ curl http://xyz.domain.com/
Block access to port 8080 for external clients:
$ sudo /sbin/iptables -A INPUT -p tcp -i eth0 --dport 8080 -j REJECT --reject-with tcp-reset
Make sure NGINX autostarts on server reboot:
$ chkconfig nginx on
On RHEL or CentOS systems with SELinux activated, you need to edit permissions to allow HTTPD scripts to access the network:
$ sudo setsebool -P httpd_can_network_connect 1