Setup NGINX Load Balancer with SSL on CentOS 6

Load balancing is a very common mechanism used to distribute traffic for systems. This tutorial goes through step by step from installation of NGINX on your CentOS web server and configuring your NGINX load balancer after it is installed successfully.

1. Add NGINX Repository

2. Install NGINX

3. Start NGINX

4. Configure NGINX config files

Locate NGINX configuration files at /etc/nginx/conf.d/ directory.

Ensure that you have SSL configured for your web server, if not you can follow the tutorial on Setting Up an SSL Secured Webserver with CentOS.

After you are done with the above steps, proceed to edit the following NGINX configuration file for SSL.

Editing NGINX config file

Add the following above your server {} module

Note that the servers will be served in round robin order. You can refer to NGINX documentation for more configurations.

The next few changes is to be done within the server {} module

Enable server to listen to port 443

Add server name

If you have followed my tutorial on Setting Up an SSL Secured Webserver with CentOS, then you can configure your SSL certificate and key as follows.

Next under location / {} module, add the following lines.

After which, save your NGINX configuration file.

Then restart NGINX.

That’s it you are done. If you have any other questions, do feel free to drop a comment below.

Install and Secure phpMyAdmin on CentOS 6.4

PhpMyAdmin is a popular web interface for web developers to manage MySQL databases. This tutorial will guide you through on how to install and secure PhpMyAdmin on your CentOS web server.

Pre-requisites

This guide assumes that you already have Apache and MySQL installed on your CentOS web server.
(Optional) Note that if you want to access PhpMyAdmin using SSL, then you will need to configure SSL certificate by referring to the following guide.

Setting up an SSL Secured Web Server with CentOS

1. Add EPEL Repositories

PhpMyAdmin is not included in CentOS packages, therefore you will need to add EPEL (Extra Packages for Enterprise Linux) to your web server.

(Optional) Run the following command to install wget if you haven’t install wget yet

Command to install EPEL packages to your web server

Check that EPEL has been added to your repository

You should see the following

Once done remove the respository configuration package

2. Download PhpMyAdmin

Command to download PhpMyAdmin

3. Configure PhpMyAdmin

Find your IP Address first
Then edit PhpMyAdmin config file

Modify the following 4 lines in the config file

Then save and close the config file

4. Open PhpMyAdmin in your Web Browser

Open the following url in your web browser

 

That’s it you are done!

Feel free to contact me at [email protected] if you have any questions.

Setting up an SSL secured Webserver with CentOS

This guide will teach you how to configure and setup your own SSL certification on your CentOS web server.

1. Install required software

Use yum to get the following software if its not yet installed on your web server.

yum install mod_ssl openssl

2. Generate a self-signed certificate

The following steps guides you on how to generate your own self-signed certificate.

Generate private key

openssl genrsa -out ca.key 2048

Generate CSR

openssl req -new -key ca.key -out ca.csr

Generate self-signed key

openssl x509 -req -days 365 -in ca.csr -signkey ca.key -out ca.crt

Copy the files to the respective locations

cp ca.crt /etc/pki/tls/certs

cp ca.key /etc/pki/tls/private/ca.key

cp ca.csr /etc/pki/tls/private/ca.csr

In cased you have moved the files and not copied them, use the following command to correct SELinux

restorecon -RvF /etc/pki

Update Apache SSL configuration file

sudo nano +/SSLCertificateFile /etc/httpd/conf.d/ssl.conf

Modified the paths to match where the new Key is stored

SSLCertificateFile /etc/pki/tls/certs/ca.crt

Then set the correct path for Certification Key file

SSLCertificateKeyFile /etc/pki/tls/private/ca.key

Finally quit and save the file then restart Apache

sudo service httpd restart

3. Configure firewall

The last step to setting up your own SSL certificate is to configure the firewall to accept requests from port 443, which is used for SSL connections.

Command to accept port 443 requests

iptables -A INPUT -p tcp --dport 443 -j ACCEPT

Save ip table

/sbin/service iptables save

iptables -L -v

 

That’s it! Your web server is now configured and ready for SSL connections.

Feel free to drop me any questions you have at [email protected]