NginX Proxy Manager: The Magic to self hosting

NginX Proxy Manager (https://nginxproxymanager.com/) is a GUI front end to very simply solving the problem of self-hosting more than one service like a website, a discourse server, and a jitsi server all behind a single Internet Service Provider granted IPv4 address. Network address Translation (NAT) works perfectly outbound, but not inbound.

NginX Proxy Manager is a reverse proxy web server packaged in a GUI which allows the definition of multiple services behind a firewall on a LAN. This is accomplished by creating “A” records or “CNAME” records at your Domain Name Provider and then using Nginx Proxy Manager (NPM) to redirect inbound requests to DNS names to a server on your LAN.

NPM also provides the additional functionality of managing “Let’s Encrypted” self signed SSL certificates for your services and also the auto-renewal of those certificates. In its simplest form, NPM installs as a Docker container and internally uses ports 4443, 8080, and 8181 which you offer on your own custom external ports. In my case, I use QNAP Container Station for my NPM and I use the Docker Container (https://hub.docker.com/r/jlesage/nginx-proxy-manager). The port number definitions look like this:

The other important thing is to set up external mounts for /data and /config for NginX to store its non-volitile settings data:

Last, create port forward rules for 80 and 443 on your router to forward to ports 35080 and 35443 pointing the address of your docker host instance.

Once you have the container up and running it is reachable at the address of your Docker host and port 35081 in my example.

A Proxy host entry looks like this.

The idea in this case is someone that contacts https://www.scottibyte.com/ (my website) is routed by NPM to my LAN server at 192.168.80.20. When you create the entry, you have the option of also creating and managing an SSL certificate from “Let’s Encrpyt” also which is why my website is SSL.

NPM is a create way to decrease your threat surface above and beyond solutions that just do port forwarding pinholes to every server.

This topic is dedicated to all things NginX Proxy Manager. Please feel free to ask your questions.

NginX Proxy Manager only deals with the http/https ports 80 and 443 which it can re-route through reverse proxy to any server on your LAN. If your program requires that other ports be exposed, you will need to use port forwards on your router.

Nginx Proxy Manager solves the age old problem of serving more than one web based program behind a single IPv4 address on your router. Prior to this, the old school method was to just open more and more ports on your firewall in order to host other services. This is not a good methodology, because it widens your threat surface otherwise known as providing more attack vectors for potential bad actors.

NginX Proxy Manager serves as a gatekeeper and also as a point of management for SSL certificates.

Thanks Scott for sharing detailed information on how to setup and manage proxy. I am using this Proxy web and is very easy to setup and faster.

Glad it helped and thanks for watching.