In the previous tutorials, you learned how to combine Nginx Proxy Manager with Cloudflare, hide your HTTP/HTTPS port using Cloudflare tunnel, and create a load balancer using Nginx Proxy Manager. This article will use WordPress inside a cPanel server as an example to teach you how to create a temporary failover server using Nginx Proxy Manager.
To clarify, your local machine WordPress docker container will be your production site, and your WordPress site on cPanel will act as a backup/failover server. They will have the SAME domain name. In this tutorial, I will use test.silicon.blog as the domain name for both servers.
Step 1: Log in to your cPanel dashboard and create a WordPress failover site under the Scripts section.
Step 2: Remember to add an SSL certificate to your domain. Check out my previous article if you need to get familiar with getting Origin SSL Certificate from Cloudflare.
Step 3: Log in to the WordPress admin dashboard on your local machine. Click the Add New button under the Plugins section.
Search for a plugin called Migrate Guru. Install and activate it. You can migrate your website 5 times a month for free using it.
Step 4: Enter your Emai and then press the Migrage Site button.
Step 5: Select cPanel.
Step 6: Click the Manually Input Host Details.
Step 7: Input your cPanel login information. You may use the image below as a reference. Press the Migrate button when everything is ready.
Step 8: Wait until the migration is complete.
Step 9: Step 12 comes from my previous article about enabling load balance on Nginx Proxy Manager. You may skip these steps if you set it up before.
Step 10: Modify the proxy_host.conf of the Nginx Proxy Manager docker container.
sudo nano ./templates/proxy_host.conf
At the top {% if enabled %}, add the following lines
# Custom%
upstream lbtest{{ id }}{
include /data/nginx/custom/load_balancer{{ id }}.conf;
keepalive 200;
keepalive_timeout 120s;
}
Ctrl + X to save the file.
Step 11: Edit proxy.conf and comment out everything. Those headers will be added manually later.
sudo nano ./conf.d/include/proxy.conf
Ctrl + X to save the file.
Step 12: Since you will enable load balancing in Nginx Proxy Manager in a hacky way, the load balancer configuration file will not be generated automatically when you click save.
You have to add and edit the load balancer configuration manually. It may crash if Nginx Proxy Manager cannot find the related load_balancerX.conf or the load_balancerX.conf is empty at the start. Therefore, you need to create 10 load balancer configuration files and fill contents to them for later use by
sudo touch ./data/nginx/custom/load_balancer{1..10}.conf
echo "server 127.0.0.1 weight=1;" | sudo tee ./data/nginx/custom/load_balancer{1..10}.conf 1>/dev/null
You can generate as many load balancer configuration files as you want, but the Nginx Proxy Manager will take a long time to load if you create more than 100 load balancer configuration files.
Step 13: Find out the number of your Proxy host on the Nginx Proxy Manager dashboard.
In my case, it is proxy host 3.
Step 14: Edit the load balancer configuration file matching the proxy host number. Replace X with your proxy host number. In my case, it is load_balancer3.conf.
sudo mkdir ./data/nginx/custom/
sudo nano ./data/nginx/custom/load_balancerX.conf
Add the cPanel server to the failover server. Replace the hostname of your WordPress container if it is not called wordpress-1. You may check your container name by sudo docker ps.
server wordpress-1 fail_timeout=300s max_fails=1;
server your_cpanel_wordpress_ip:port backup;
In my case, it is
server wordpress-1:443 fail_timeout=300s max_fails=1;
server xxx.xxx.xxx.xxx:443 backup;
Ctrl + X to save the file.
Step 15: Edit your proxy host. Change the Forward Hostname / IP to loadbalancer. The Forward Port does not matter. Scheme will be HTTP in this article, and you will be able to change it to HTTPS later.
Step 16: Remember to add an SSL certificate to your site in the SSL section.
Step 17: Go to the Advanced page, and add the following script. Replace lbtestX with your proxy host number. In my case, it is lbtest3.
If required, you should return to step 10 and manually create more load balancer files. Your Nginx Proxy Manager may crash at the start if it cannot find the corresponding load balancer file.
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $server_name;
proxy_connect_timeout 6s;
proxy_read_timeout 6s;
proxy_next_upstream error timeout http_500 http_502 http_503 http_504 non_idempotent;
proxy_set_header Connection "";
if ($server != "loadbalancer"){
proxy_pass $forward_scheme://$server:$port$request_uri;
}
if ($server = "loadbalancer"){
proxy_pass $forward_scheme://lbtest1$request_uri;
}
}
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $server_name;
proxy_connect_timeout 6s;
proxy_read_timeout 6s;
proxy_next_upstream error timeout http_500 http_502 http_503 http_504 non_idempotent;
proxy_set_header Connection "";
if ($server != "loadbalancer"){
proxy_pass $forward_scheme://$server:$port$request_uri;
}
if ($server = "loadbalancer"){
proxy_pass $forward_scheme://lbtest3$request_uri;
}
}
Step 18: Only allow your IP to access the WordPress login page on your cPanel WordPress site by changing .htaccess.
Replace your_ip with your real IP, such as 123.123.123.123.
order deny,allow
deny from all
allow from your_ip/32
# set up rule order
order deny,allow
# default deny
deny from all
# set up rule order
order deny,allow
# default deny
deny from all
Step 19: Try to stop your local WordPress container by
sudo docker stop wordpress-1
You may verify it by changing your cPanel WordPress (failover) site title. Start the local WordPress container again by
sudo docker start wordpress-1
If it shows a different site title, congratulation, you have already set up a failover WordPress website.
Remember there is a monthly limit on the Migrate Guru plugin? If you want to exceed the monthly limit, follow my other article to use an alternative plugin.
Have you noticed something weird? Yes, the connection to your failover site is using HTTP protocol. It implies that someone can steal your data by means of sniffing.
The following article will teach you how to enable SSL on your WordPress container.