Installation:
- Install VM with Nginx
- Configure firewall for IP binding.
- Point DNS records of all sites to the public IP of NGINX, internal and external (LDAP & Cloudflare).
- Configure /etc/hosts file
- Configure & enable Sites in NGINX.
- Place wildcard SSL at /etc/ssl/
- Restart NGINX services.
- Backup all site files from /etc/nginx/sites-available/ & /etc/hosts file as well.
*****************************************************************************************************************************
Site conf file Sample: /etc/nginx/sites-available/ lmsqc4.conf
server {
listen 80;
listen [::]:80;
server_name lmsqc4.gc-solutions.net;
return 301 https://lmsqc4.gc-solutions.net$request_uri;
}
server {
server_name lmsqc4.gc-solutions.net;
listen [::]:443 ssl;
listen 443 ssl;
ssl_certificate /etc/ssl/gc_chained_2022.crt;
ssl_certificate_key /etc/ssl/gc_private_2022.key;
server_tokens off;
location / {
client_max_body_size 1500m;
proxy_pass http://lmsqc4.gc-solutions.net;
proxy_set_header X-Real-IP $remote_addr;
proxy_read_timeout 3000s;
proxy_connect_timeout 75s;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection keep-alive;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
*****************************************************************************************************************************
Restoration Steps:
S.N. | Incident scenario | Restoration Step1 | Restoration Step2 | Restoration Step3 | Restoration Step4 |
1 | NGINX Server down | Install VM | Install NGINX application | Copy configuration file from Backup | Change IP of the VM to NGINX server & restart VM |
2 | Lease line Down | Change Public IP on firewall address object | Change DNS records on Cloudflare for all sites | Change DNS records on internal server for all sites | Restart NGINX and bind services |