XMPlusAppearance
HestiaCP Reverse proxy website
Add a new domian (website) you want to use for website or subscription address.
Edit the domain and Enable SSL for the domain
Select Use Let's Encrypt to obtain SSL certificate
Click on Advance option and Backend Template PHP-FPM select PHP-8_1
Click On SAVE to get certificate
Add a reverse proxy
Now login VPS with any FTP software like WinSCP
Edit your domain nginx ssl conf
/home/user/conf/web/domain.com/nginx.ssl.confAdd this to your config. Replace www.xmplus.dev with your main website you install XMPlus on address
location ^~ / {
proxy_ssl_server_name on;
#proxy_ssl_protocols TLSv1.3;
proxy_pass https://www.xmplus.dev; #Authorize domain website
proxy_set_header Host www.xmplus.dev; #Authorize domain
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_http_version 1.1;
proxy_hide_header Upgrade;
#add_header X-Cache $upstream_cache_status;
}Delete below lines
location / {
proxy_pass https://172.26.7.119:8443;
location ~* ^.+\.(css|htm|html|js|json|xml|apng|avif|bmp|cur|gif|ico|jfif|jpg|jpeg|pjp|pjpeg|png|svg|tif|tiff|webp|aac|caf|flac|m4a|midi|mp3|ogg|opus|wav|3gp|av1|avi|m4v|mkv|mov|mpg|mpeg|mp4|mp4v|webm|otf|ttf|woff|woff2|doc|docx|odf|odp|ods|odt|pdf|ppt|pptx|rtf|txt|xls|xlsx|7z|bz2|gz|rar|tar|tgz|zip|apk|appx|bin|dmg|exe|img|iso|jar|msi)$ {
try_files $uri @fallback;
root /home/user/web/domain.com/public_html;
access_log /var/log/apache2/domains/domain.com.log combined;
access_log /var/log/apache2/domains/domain.com.bytes bytes;
expires max;
}
}
location @fallback {
proxy_pass https://172.26.7.119:8443;
}Full reverse proxy config
/home/user/conf/web/sub.xmplus.dev/nginx.ssl.conf
server {
listen 8.8.8.8:443 ssl;
server_name sub.xmplus.dev ;
error_log /var/log/apache2/domains/tld.com.error.log error;
ssl_certificate /home/user/conf/web/sub.xmplus.dev/ssl/sub.xmplus.dev.pem;
ssl_certificate_key /home/user/conf/web/sub.xmplus.dev/ssl/sub.xmplus.dev.key;
ssl_stapling on;
ssl_stapling_verify on;
# TLS 1.3 0-RTT anti-replay
if ($anti_replay = 307) { return 307 https://$host$request_uri; }
if ($anti_replay = 425) { return 425; }
include /home/user/conf/web/sub.xmplus.dev/nginx.hsts.conf*;
location ~ /\.(?!well-known\/|file) {
deny all;
return 404;
}
location ^~ / {
proxy_ssl_server_name on;
#proxy_ssl_protocols TLSv1.3;
proxy_pass https://www.xmplus.dev; #Authorize domain website
proxy_set_header Host www.xmplus.dev; #Authorize domain
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header REMOTE-HOST $remote_addr;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header Upgrade $http_upgrade;
proxy_http_version 1.1;
proxy_hide_header Upgrade;
#add_header X-Cache $upstream_cache_status;
}
location /error/ {
alias /home/user/web/tld.com/document_errors/;
}
proxy_hide_header Upgrade;
include /home/user/conf/web/tld.com/nginx.ssl.conf_*;
}Save and restart nginx
systemctl restart nginxTo set it as SubUrl address, edit your XMPlus config in /home/user/web/domain.com/public_html/config/config.php
# Subscription address; without http:// or https://
$_ENV['SubUrl'] = "sub.xmplus.dev";