From the course: Complete Guide to Open Source Security
Setting up Nginx as a proxy server
From the course: Complete Guide to Open Source Security
Setting up Nginx as a proxy server
- [Instructor] We'll start the build of our lab by setting up an nginx server. This will provide us with a proxy service for web, a proxy service for streaming protocols such as SSH, and it enables us to provision internet facing web servers. Let's get into it. We'll first of all clone our Kali Purple server from the Kali Purple template, we'll right click and clone. Change the VM ID to 110 and we'll give this a name in Proxmox of web01. We'll make it a full clone and clone it. Okay, that's finished. So let's start it up. Open the console and log in with our credentials, Kali, Kali. We'll change this VM to have a static IP address. Right click, edit connections, wired connection tools IPv4, manual, and we'll add the address 192.168.1.110. And we can put in a shortcut of 24 for the netmask and 192.168.1.1 for the gateway. And 8.8.8.8 for the DNS server. Okay, we'll close that and we'll disconnect and reconnect to activate the address. Open a terminal window. We'll control + P just to get the short prompt. Nginx is loaded by default as part of the tools in the Kali Purple Workstation, but we want to put this on a server platform so we'll have to manually load it. We'll install the MariaDB SQL database and the services we need to support PHP. Sudo apt install nginx php mysql php fpm MariaDB client and MariaDB server. We'll enter our password and confirm. Okay, we're done. Let's just check our PHP version 'cause we'll need that in a moment. PHP 8.2 as the major and subversion. Let's now update the nginx configuration to accept PHP. To do that we edit the default website configuration. Sudo nano/etc/nginx /sites enabled default. And we'll scroll down. Change the location for PHP to uncomment it and comment the include, uncomment fastcgi pass and change PHP from 7.4 to 8.2 and uncomment the closing bracket. We'll also add another location so that we can call for the status of nginx and we'll do that by putting in location/nginx status stub status, and close it off. We can now save the changes and we can enable nginx and PHP. Sudo systemctl enable nginx. And if we use --now, it'll start up as well. And sudo systemctl enable php8.2-fpm --now. Let's now add an administrator account to our MariaDB MySQL service. We need to enable and start up MySQL and then send a command sequence to it. So again, sudo systemctl enable mariadb --now. and then sudo mysql -u root. So we'll do this as the root user and issue the command grant all privileges on *.* to and we'll use the name support @ localhost identified by a password of support as our administrative user for MySQL. Finally, we'll change the internal server name to web01. Sudo hostnamectl set hostname web01. And we'll reboot. When we come back up let's log in and make a change to our host file so that web01 resolves properly. We'll log in with Kali, Kali. We'll open a terminal and sudo nano /etc/hosts Kali, and we'll change the host file to web01. Okay, that's it.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.