Before going into details, you must have your server pointed to your domain.
1. Access the DNS settings of your domain provider.
2. Create an A Record.
3. Find your public IP address.
curlipinfo.io/ip
4. Insert a subdomain, for example; feedbacky.
5. Put your public IP address in the address field.
Port Forwarding
Your webserver also needs to be accessible over the internet.
1. Forward port 80.
sudoufwallow80/tcp
2. Forward port 443.
sudoufwallow443/tcp
Virtual Hosts
Creating
Virtual Hosts enables you to run multiple website on a single webserver, this is useful if you are also hosting other services such as a store front, documentation site, etc..
1. Access your webserver's Virtual Host directory.
cd/etc/apache2/sites-available
cd/etc/nginx/sites-available
2. Create a new file with the name being your domain, the file name must end with ".conf".
sudo nano {feedbacky.yourdomain}.conf
3. Paste the following content to your newly created Virtual Host file.
{feedbacky.yourdomain}.conf
<VirtualHost *:80>
ServerName {DOMAIN_NAME}
</VirtualHost>
# Comment out (Adding #) to the part below if you don't plan on using SSL!
<VirtualHost *:443>
ServerName {DOMAIN_NAME}
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/{DOMAIN_NAME}/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/{DOMAIN_NAME}/privkey.pem
</VirtualHost>
{feedbacky.yourdomain}.conf
server { listen 80; server_name {DOMAIN_NAME};return301 https://$host$request_uri;}# Comment out (Adding #) to the part below if you don't plan on using SSL!server { listen 443 ssl http2; server_name {DOMAIN_NAME}; ssl_certificate /etc/letsencrypt/live/{DOMAIN_NAME}/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/{DOMAIN_NAME}/privkey.pem; ssl_session_cache shared:SSL:10m; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES2>-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384";
ssl_prefer_server_ciphers on; http2_idle_timeout 5m; # up from 3m default client_max_body_size 0;location / { proxy_pass {SERVER_IP}:{CLIENT_APP_PORT}; }}
4. Save the file with CTRL + S and exit nano with CTRL + C.
Additional steps
5. By default proxy and ssl are disabled in Apache, enable them.
sudoa2enmodproxyssl
Breakdown
To understand what this command does, we can break it down like this,
a2 means apache2
en means enable
mod means module
We are asking Apache to enable the proxy module which is located in the/etc/apache2/available-modules directory.
5. A symbolic link (symlink) must be created for making your Virtual Host work.
If everything went well, you should now have your own self-signed certificate for your domain.
Let's Encrypt Alternative
Cloudflare
An alternative method that you can follow instead of manually generating a certificate and adding additional values to your Virtual Host file is by using Cloudflare.
In short by adding your website to Cloudflare, you will be able to forward your board with Cloudflare's own proxy.
