Introduction

Cloudflare is a service that sits between the visitor and the website owner’s server, acting as a reverse proxy for websites. Cloudflare provides a Content Delivery Network (CDN), as well as DDoS mitigation and distributed domain name server services.

Nginx is a popular web server responsible for hosting some of the largest and highest-traffic sites on the internet. It’s common for organizations to serve websites with Nginx and use Cloudflare as a CDN and DNS provider.

In this tutorial, you will secure your website served by Nginx with an Origin CA certificate from Cloudflare and then configure Nginx to use authenticated pull requests. The advantages of using this setup are that you benefit from Cloudflare’s CDN and fast DNS resolution while ensuring that all connections pass through Cloudflare. This prevents any malicious requests from reaching your server.

Prerequisites

To complete this tutorial, you’ll need the following:

• One Ubuntu 20.04 server set up by following the Ubuntu 20.04 initial server setup guide, including a sudo non-root user and a firewall.
• Nginx installed on your server. You can follow our guide on how to install Nginx on Ubuntu 20.04.
• A Cloudflare account.
• A registered domain added to your Cloudflare account that points to your Nginx server. Our guide on how to mitigate DDoS attacks against your website with Cloudflare can help you set this up. Our introduction to DNS terminology, components, and concepts can also provide assistance.
• An Nginx Server Block configured for your domain, which you can do by following Step 5 of How To Install Nginx on Ubuntu 20.04.

#security #nginx #dns #ubuntu 20.04 #web-service