Expose BugSnag dashboard and other endpoints via HTTPS using Nginx.
This page refers to BugSnag On-premise legacy single machine version 3. For the latest information please see BugSnag On-premise.
To make your BugSnag services available over secured TLS/SSL connections, see the following example configuration using Nginx to set up a reverse proxy. The following example is for the BugSnag dashboard but can be applied to other endpoints. Ensure that security TLS/SSL best practices are followed when configuring this.
Install Nginx on the server where your BugSnag On-premise installation is located.
Locate the nginx.conf for your install, typically at /etc/nginx/nginx.conf.
If running your own Nginx in front of BugSnag you will likely need to update the default Nginx configuration to accomodate larger headers:
server {
# ...other config options
# Increase size of buffers for reading response from proxied server
proxy_buffers 4 256k;
proxy_buffer_size 128k;
proxy_busy_buffers_size 256k;
# Increase request header buffer sizes for large cookies
client_header_buffer_size 16k;
large_client_header_buffers 8 64k;
}
These can also be set in the http block of your Nginx configuration.
Create a server block in your Nginx configuration file to handle HTTPS traffic, and configure your SSL certificate:
server {
listen 443 default_server ssl;
ssl_certificate /path/to/your/cert.pem;
ssl_certificate_key /path/to/your/cert.key;
server_name bugsnag.your-domain.com;
location / {
proxy_pass http://127.0.0.1:49080;
proxy_set_header HOST $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
}
Restart Nginx to pick up config changes, for example by running /etc/init.d/nginx restart.