This guide covers securing a WordPress (or any application) site with a reverse proxy, enabling custom filters and supporting multiple sites based on routes.

The technical stack behind this:

• Docker | NGINX Image
• CloudFlare Universal Certificate
• Ubuntu 24.04 LTS
• GitHub CLI

Prerequisites

You already have the following:

• Ubuntu 24.04 LTS
• GitHub CLI – Likely already installed

Install & Configure Docker

Use the following guide to install Docker on Ubuntu (22 or 24 as of this writing).

https://docs.docker.com/engine/install/ubuntu/

Create CloudFlare Linux Location

In your home directory, create a

folder that will contain all your certificates.

Install CloudFlare Authenticated Origin Pull Certificate

Download and add the certificate in your CloudFlare folder on the server:

https://developers.cloudflare.com/ssl/origin-configuration/authenticated-origin-pull/set-up/zone-level/#1-upload-certificate-to-origin

Deploy Docker NGINX

We’ll be using Docker to manage our NGINX configurations.

Clone GitHub Repo

Clone the following GitHub repository:

https://github.com/duaneleem/template.nginx-proxy

Create Website Configuration

Create a new website configuration under the following project folder:

There will be example configurations already in that folder as well that could be used as a model.

Add Configuration to docker-compose.yaml

See the

on line 20.

When you create new

files, add another line that references that configuration

Run Docker Deployment Command

Run the following command to deploy the new server:

docker compose up -d

Contact Duane

For expert help securing your web applications with advanced cybersecurity techniques, feel free to contact me below.