Log in
creativeleaf
Updated on February 11, 2026

How do I secure n8n with SSL or HTTPS?

Introduction

When running n8n on a Virtual Private Server (VPS), securing your automation dashboard with SSL or HTTPS is crucial. SSL ensures that all data transmitted between your browser and n8n is encrypted, protecting sensitive workflow information and login credentials.

This guide explains how to secure n8n with SSL or HTTPS using a custom domain, NGINX, and free Let’s Encrypt certificates—making your automation instance safe and production-ready. To ensure stable performance and security, it’s recommended to run n8n on a reliable VPS such as one from BigCloudy.

Why Secure n8n with SSL/HTTPS?

Using HTTPS on your n8n instance provides critical security and operational benefits.

Key Benefits

1. Encrypts Data

All communication between your browser and VPS is encrypted, preventing unauthorized access to sensitive automation data.

2. Enables Secure Authentication

SSL protects login credentials, API keys, and tokens from interception during transmission.

3. Builds Trust

A secure HTTPS URL looks professional and builds trust with users, teams, and clients.

4. Required for Some Integrations

Many third-party applications and APIs require HTTPS endpoints, making SSL essential for compatibility.

Requirements Before Enabling SSL

Before securing n8n with HTTPS, ensure the following requirements are met:

  • Running n8n Instance: Installed via Node.js, Docker, or PM2
  • Custom Domain: DNS A record pointing to your VPS IP
  • NGINX Installed: Used as a reverse proxy for SSL termination
  • Root/Sudo Access: Required for installation and configuration

Step 1: Install NGINX on Your VPS

NGINX acts as a reverse proxy to forward requests to n8n and handle SSL encryption.

sudo apt update

sudo apt install nginx -y

Verify NGINX is running:

sudo systemctl status nginx

Step 2: Configure NGINX as a Reverse Proxy

Create a configuration file for your n8n domain:

sudo nano /etc/nginx/sites-available/n8n.conf

Add the following configuration (replace yourdomain.com with your actual domain):

server {

    listen 80;

    server_name yourdomain.com;

    location / {

        proxy_pass http://localhost:5678/;

        proxy_set_header Host $host;

        proxy_set_header X-Real-IP $remote_addr;

        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

        proxy_set_header X-Forwarded-Proto $scheme;

    }

}

Enable the configuration and restart NGINX:

sudo ln -s /etc/nginx/sites-available/n8n.conf /etc/nginx/sites-enabled/

sudo nginx -t

sudo systemctl restart nginx

At this stage, visiting http://yourdomain.com should load your n8n dashboard.

Step 3: Install Certbot for Let’s Encrypt

Certbot automates SSL certificate issuance and renewal.

sudo apt install certbot python3-certbot-nginx -y

Step 4: Obtain and Apply the SSL Certificate

Generate and apply the SSL certificate:

sudo certbot --nginx -d yourdomain.com

Certbot will automatically:

  • Verify domain ownership
  • Configure HTTPS in NGINX
  • Enable automatic certificate renewal

After completion, your site should load securely with a padlock icon.

Step 5: Enable Basic Authentication (Optional but Recommended)

If Running n8n via Node.js

export N8N_BASIC_AUTH_ACTIVE=true

export N8N_BASIC_AUTH_USER=admin

export N8N_BASIC_AUTH_PASSWORD=securepassword

If Running n8n via Docker

Add the following environment variables to your docker-compose.yml:

environment:

  – N8N_BASIC_AUTH_ACTIVE=true

  – N8N_BASIC_AUTH_USER=admin

  – N8N_BASIC_AUTH_PASSWORD=securepassword

Restart n8n to apply changes.

Step 6: Test Your Secure n8n Instance

Open your browser and visit:

https://yourdomain.com

You should confirm:

  • HTTPS is enabled
  • Padlock icon is visible
  • Login prompt appears if authentication is enabled

Your n8n instance is now secure and production-ready.

Troubleshooting SSL Issues

1. SSL Certificate Not Found

Ensure your DNS A record points to the correct VPS IP and the domain matches your NGINX configuration.

2. Firewall Blocking Ports

Allow HTTP and HTTPS traffic:

sudo ufw allow 80

sudo ufw allow 443

3. NGINX Configuration Errors

Test before restarting:

sudo nginx -t

4. SSL Renewal Issues

Test automatic renewal:

sudo certbot renew --dry-run

Conclusion

Securing n8n with SSL or HTTPS is essential for protecting workflows, API keys, and sensitive automation data. By using NGINX as a reverse proxy and Let’s Encrypt certificates, you can enable HTTPS quickly and safely.

Combined with basic authentication and a secure VPS environment from BigCloudy, SSL ensures your self-hosted n8n instance is professional, encrypted, and ready for production use.

Need Help?

If you face any issues updating your nameservers or need further assistance, our support team is always available:

FAQ

Is SSL mandatory for n8n?

SSL is not mandatory but highly recommended to protect data, credentials, and integrations.

Can I use HTTPS without a custom domain?

No. Let’s Encrypt requires a valid domain name to issue SSL certificates.

Does Let’s Encrypt SSL expire?

Yes. Certificates expire every 90 days but renew automatically via Certbot.

Will SSL slow down n8n performance?

No. HTTPS has minimal overhead and modern VPS providers like BigCloudy handle it efficiently.

Can I combine SSL with IP restrictions?

Yes. You can further secure n8n using firewalls, IP whitelisting, and authentication.

Powered By BigCloudy

Copyright Ⓒ 2026 BigCloudy Internt Services Pvt. Ltd. All Rights Reserved