Nginx Proxy Manager Deployment Guide

Prerequisites

Before starting, ensure you have:

Server Requirements

• RamNode VPS (1GB+ RAM)
• Ubuntu 22.04 LTS or Debian 12
• Root/sudo access
• Ports 80, 443, 81 available

→ View Recommended VPS Plans

Domain Requirements

• Domain pointed to server IP
• DNS propagation complete
• Basic command line knowledge
• SSH client installed

Initial Server Setup

Connect to your RamNode VPS and prepare the system:

Connect via SSH

ssh root@your-server-ip

Update System Packages

apt update && apt upgrade -y

Create Non-Root User

adduser npmadmin
usermod -aG sudo npmadmin

Configure Firewall

sudo apt install ufw -y
sudo ufw allow OpenSSH
sudo ufw allow 80/tcp
sudo ufw allow 443/tcp
sudo ufw allow 81/tcp
sudo ufw enable

⚠️ Note: Port 81 is the default admin interface port. After setup, consider restricting this port or placing it behind the proxy itself.

Installing Docker

Nginx Proxy Manager runs as a Docker container for easy deployment:

Install Docker

sudo apt install ca-certificates curl gnupg -y
sudo install -m 0755 -d /etc/apt/keyrings
curl -fsSL https://download.docker.com/linux/ubuntu/gpg -o /etc/apt/keyrings/docker.gpg
sudo chmod a+r /etc/apt/keyrings/docker.gpg

echo "deb [arch=$(dpkg --print-architecture) \
  signed-by=/etc/apt/keyrings/docker.gpg] \
  https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" | \
  sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

sudo apt update
sudo apt install docker-ce docker-ce-cli containerd.io docker-compose-plugin -y

Configure Docker Permissions

sudo usermod -aG docker $USER
newgrp docker

Verify Installation

docker run hello-world

✅ Docker is now installed and ready for use.

Deploying Nginx Proxy Manager

Create the project directory and Docker Compose configuration:

Create Project Directory

mkdir -p ~/nginx-proxy-manager
cd ~/nginx-proxy-manager

docker-compose.yml

version: '3.8'
services:
  npm:
    image: 'jc21/nginx-proxy-manager:latest'
    container_name: nginx-proxy-manager
    restart: unless-stopped
    ports:
      - '80:80'
      - '443:443'
      - '81:81'
    volumes:
      - ./data:/data
      - ./letsencrypt:/etc/letsencrypt
    environment:
      - TZ=America/New_York

Start the Container

docker compose up -d

💡 Wait approximately 30-60 seconds for the container to initialize the database and start all services.

Initial Configuration

Access the admin interface and configure your installation:

Admin Panel URL:

http://your-server-ip:81

Field	Default Value
Email	admin@example.com
Password	changeme

🔐 Important: You will be prompted to change these credentials immediately upon first login. Use a strong, unique password.

SSL Certificates

Configure free SSL certificates with Let's Encrypt:

Request a New SSL Certificate:

Navigate to SSL Certificates in the admin panel
Click Add SSL Certificate → Let's Encrypt
Enter your domain name(s)
Provide a valid email address
Agree to the Terms of Service
Click Save

💡 Tip: For wildcard certificates (*.yourdomain.com), use DNS challenge instead of HTTP challenge with your DNS provider's API.

Setting Up Proxy Hosts

Route incoming requests to your backend services:

Create a Proxy Host:

Go to Hosts → Proxy Hosts
Click Add Proxy Host
Enter the domain name (e.g., app.yourdomain.com)
Set the Forward Hostname/IP
Enter the Forward Port (e.g., 3000, 8080)
Enable Block Common Exploits
Under SSL tab, select your certificate

Option	Description
Cache Assets	Enable caching for static files
Websockets	Enable for WebSocket connections
Block Exploits	Block common attack patterns
Access List	Restrict access by IP or auth

Security Hardening

Secure your Nginx Proxy Manager installation:

Secure the Admin Interface:

Create a subdomain for admin (e.g., npm.yourdomain.com)
Add a proxy host pointing to localhost:81
Enable SSL and create an Access List
Block direct access to port 81:

Block Port 81

sudo ufw delete allow 81/tcp

Enable Fail2Ban:

Install Fail2Ban

sudo apt install fail2ban -y
sudo systemctl enable fail2ban
sudo systemctl start fail2ban

Custom Security Headers:

Advanced Tab Configuration

add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy "strict-origin-when-cross-origin" always;

Maintenance & Updates

Keep your installation up to date:

Update Nginx Proxy Manager:

Pull Latest Version

cd ~/nginx-proxy-manager
docker compose pull
docker compose up -d

Backup Configuration:

Create Backup

tar -czvf npm-backup-$(date +%Y%m%d).tar.gz \
  ~/nginx-proxy-manager/data ~/nginx-proxy-manager/letsencrypt

View Logs:

Container Logs

docker logs nginx-proxy-manager
docker logs -f nginx-proxy-manager  # Follow logs

Troubleshooting

Cannot access admin panel on port 81

Verify the container is running: docker ps
Check firewall rules: sudo ufw status
Review container logs for errors

SSL certificate request fails

Ensure DNS records point to your server's IP
Verify ports 80 and 443 are accessible externally
Check Let's Encrypt rate limits

502 Bad Gateway errors

Verify the backend service is running
Check if forward hostname and port are correct
For Docker services, use container name or host.docker.internal

🎉 Deployment Complete!

You now have a fully functional Nginx Proxy Manager installation on your RamNode VPS. This setup provides a solid foundation for managing reverse proxies, SSL certificates, and access controls for your web services.

Official Documentation →More Deployment Guides View Cloud VPS Plans

Deploy Nginx Proxy Manager on RamNode VPS

📋 Guide Contents