{"id":31079258,"url":"https://github.com/adam-sizzler/xui-reverse-proxy","last_synced_at":"2026-04-16T07:01:14.439Z","repository":{"id":255057580,"uuid":"848413052","full_name":"Adam-Sizzler/xui-reverse-proxy","owner":"Adam-Sizzler","description":"The repository is intended for educational purposes and for learning about reverse proxies and network security. The script demonstrates the setup of a reverse proxy using NGINX.","archived":false,"fork":false,"pushed_at":"2026-01-12T18:56:02.000Z","size":3013,"stargazers_count":165,"open_issues_count":0,"forks_count":29,"subscribers_count":7,"default_branch":"main","last_synced_at":"2026-01-16T21:29:33.078Z","etag":null,"topics":["dns","network","nginx","reverse-proxy"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Adam-Sizzler.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2024-08-27T18:00:33.000Z","updated_at":"2026-01-16T04:10:54.000Z","dependencies_parsed_at":"2024-11-09T11:20:06.252Z","dependency_job_id":"e3e8a28a-a20e-4b32-9eff-439092697c0b","html_url":"https://github.com/Adam-Sizzler/xui-reverse-proxy","commit_stats":null,"previous_names":["cortez24rus/3x-ui-nginx-doh","cortez24rus/3x-ui-auto-deployment","cortez24rus/xui-reverse-proxy","adam-sizzler/xui-reverse-proxy"],"tags_count":11,"template":false,"template_full_name":null,"purl":"pkg:github/Adam-Sizzler/xui-reverse-proxy","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Adam-Sizzler%2Fxui-reverse-proxy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Adam-Sizzler%2Fxui-reverse-proxy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Adam-Sizzler%2Fxui-reverse-proxy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Adam-Sizzler%2Fxui-reverse-proxy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Adam-Sizzler","download_url":"https://codeload.github.com/Adam-Sizzler/xui-reverse-proxy/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Adam-Sizzler%2Fxui-reverse-proxy/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31875183,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-15T15:24:51.572Z","status":"online","status_checked_at":"2026-04-16T02:00:06.042Z","response_time":69,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dns","network","nginx","reverse-proxy"],"created_at":"2025-09-16T10:02:21.116Z","updated_at":"2026-04-16T07:01:14.430Z","avatar_url":"https://github.com/Adam-Sizzler.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# REVERSE_PROXY ([Russian](/README_RU.md)) \u003cimg src=\"https://img.shields.io/github/stars/cortez24rus/xui-reverse-proxy?style=social\" /\u003e \n\u003cp align=\"center\"\u003e\u003ca href=\"#\"\u003e\u003cimg src=\"./media/xui.png\" alt=\"Image\" \u003e\u003c/a\u003e\u003c/p\u003e\n\n-----\n\n### Server using NGINX reverse proxy\nThis script is designed for quick and easy setup of a reverse proxy server using NGINX. In this setup, all incoming requests are processed by NGINX, and the server functions as a reverse proxy server only if the request contains the correct path (URI). This enhances security and improves access control management.\n\n\u003e [!IMPORTANT]\n\u003e  This script has been tested in a KVM virtualization environment. You will need your own domain, which needs to be bound to Cloudflare for it to work correctly. It is recommended to run the script as root on a freshly installed system.\n\n\u003e [!NOTE]\n\u003e The script is configured according to routing rules for users in Russia.\n\n### Supported Operating Systems:\n\n| **Ubuntu**       | **Debian**      | **CentOS**      |\n|------------------|-----------------|-----------------|\n| 24.04 LTS        | 12 bookworm     | Stream 9        |\n| 22.04 LTS        | 11 bullseye     | Stream 8        |\n| 20.04 LTS        | 10 buster       | 7               |\n\n-----\n\n### Setting up cloudflare\n1. Upgrade the system and reboot the server.\n2. Configure Cloudflare:\n   - Bind your domain to Cloudflare.\n   - Add the following DNS records:\n\nSERVER 1\n| Type  | Name             | Content          | Proxy status  |\n| ----- | ---------------- | ---------------- | ------------- |\n| A     | example.com      | your_server_ip   | DNS only      |\n| CNAME | www              | example.com      | DNS only      |\n\nSERVER 2\n| Type  | Name             | Content          | Proxy status  |\n| ----- | ---------------- | ---------------- | ------------- |\n| A     | nl.example.com   | your_server_ip   | DNS only      |\n| CNAME | www.nl           | nl.example.com   | DNS only      |\n   \n3. SSL/TLS settings in Cloudflare:\n   - Go to SSL/TLS \u003e Overview and select Full for the Configure option.\n   - Set the Minimum TLS Version to TLS 1.3.\n   - Enable TLS 1.3 (true) under Edge Certificates.\n\n-----\n\n### Includes:\n  \n1. Proxy server configuration:\n   - Support for automatic configuration updates through subscription and JSON subscription with the ability to convert to formats for popular applications.\n   - You must enable MUX (multiplexing TCP connections) in each client application\n     - gRPC-TLS\n     - XHTTP-TLS\n     - HTTPUpgrade-TLS\n     - Websocket-TLS\n   - The user “flow”: “xtls-rprx-vision” must be enabled\n     - TCP-REALITY (Steal oneself) (disconnection will result in loss of access)\n     - TCP-TLS\n   - Important: it is recommended to choose one suitable connection type and use it for optimal performance. You can disable all incoming connections except the one marked as STEAL. Disabling STEAL will result in losing access to the web interface, as this connection type is used for proxy management access.\n2. Configuring NGINX reverse proxy on port 443.\n3. Providing security:\n   - Automatic system updates via unattended-upgrades.\n   - Configuring Cloudflare SSL certificates with automatic updates to secure connections.\n   - Configuring WARP to protect traffic.\n   - Configuring UFW (Uncomplicated Firewall) for access control.\n   - Configuring SSH, to provide the minimum required security.\n   - Disabling IPv6 to prevent possible vulnerabilities.\n   - Encrypting DNS queries using systemd-resolved (DoT) or AdGuard Home (Dot, DoH).\n   - Selecting a random website template from an array.\n4. Enabling BBR - improving the performance of TCP connections.\n5. Optional extras:\n   - Installing and configuring Node Exporter for system performance monitoring and integrating with Prometheus and Grafana for real-time metrics visualization.\n   - Setting up Shell In A Box for secure, web-based SSH access to the server.\n   - Updated SSH welcome message (motd) with useful system information, service status, and available updates.\n   - VNStat integration for traffic monitoring, with the ability to get statistics by time.\n\n-----\n\n### REVERSE_PROXY_MANAGER:\n\n\u003cp align=\"center\"\u003e\u003ca href=\"#\"\u003e\u003cimg src=\"./media/reverse_proxy_manager.png\" alt=\"Image\"\u003e\u003c/a\u003e\u003c/p\u003e\n\n-----\n\n### Help message of the script:\n```\nUsage: reverse-proxy [-u|--utils \u003ctrue|false\u003e] [-d|--dns \u003ctrue|false\u003e] [-a|--addu \u003ctrue|false\u003e]\n         [-r|--autoupd \u003ctrue|false\u003e] [-b|--bbr \u003ctrue|false\u003e] [-i|--ipv6 \u003ctrue|false\u003e] [-w|--warp \u003ctrue|false\u003e]\n         [-c|--cert \u003ctrue|false\u003e] [-m|--mon \u003ctrue|false\u003e] [-l|--shell \u003ctrue|false\u003e] [-n|--nginx \u003ctrue|false\u003e]\n         [-p|--panel \u003ctrue|false\u003e] [--custom \u003ctrue|false\u003e] [-f|--firewall \u003ctrue|false\u003e] [-s|--ssh \u003ctrue|false\u003e]\n         [-t|--tgbot \u003ctrue|false\u003e] [-g|--generate \u003ctrue|false\u003e] [-x|--skip-check \u003ctrue|false\u003e] [-o|--subdomain \u003ctrue|false\u003e]\n         [--update] [-h|--help]\"\n\n  -u, --utils \u003ctrue|false\u003e       Additional utilities                           (default: true)\n  -d, --dns \u003ctrue|false\u003e         DNS encryption                                 (default: true)\n  -a, --addu \u003ctrue|false\u003e        User addition                                  (default: true)\n  -r, --autoupd \u003ctrue|false\u003e     Automatic updates                              (default: true)\n  -b, --bbr \u003ctrue|false\u003e         BBR (TCP Congestion Control)                   (default: true)\n  -i, --ipv6 \u003ctrue|false\u003e        Disable IPv6 support                           (default: true)\n  -w, --warp \u003ctrue|false\u003e        Warp                                           (default: false)\n  -c, --cert \u003ctrue|false\u003e        Certificate issuance for domain                (default: true)\n  -m, --mon \u003ctrue|false\u003e         Monitoring services (node_exporter)            (default: false)\n  -l, --shell \u003ctrue|false\u003e       Shell In A Box installation                    (default: false)\n  -n, --nginx \u003ctrue|false\u003e       NGINX installation                             (default: true)\n  -p, --panel \u003ctrue|false\u003e       Panel installation for user management         (default: true)\n      --custom \u003ctrue|false\u003e      Custom JSON subscription                       (default: true)\n  -f, --firewall \u003ctrue|false\u003e    Firewall configuration                         (default: true)\n  -s, --ssh \u003ctrue|false\u003e         SSH access                                     (default: true)\n  -t, --tgbot \u003ctrue|false\u003e       Telegram bot integration                       (default: false)\n  -g, --generate \u003ctrue|false\u003e    Generate a random string for configuration     (default: true)\n  -x, --skip-check \u003ctrue|false\u003e  Disable the check functionality                (default: false)\n  -o, --subdomain \u003ctrue|false\u003e   Support for subdomains                         (default: false)\n      --update                   Update version of Reverse-proxy manager\n  -h, --help                     Display this help message\n```\n\n### Installation of REVERSE_PROXY:\n\nTo begin configuring the server, simply run the following command in a terminal:\n```sh\nbash \u003c(curl -Ls https://raw.githubusercontent.com/cortez24rus/xui-reverse-proxy/refs/heads/main/reverse_proxy.sh)\n```\n\n### Installing a random template for the website:\n```sh\nbash \u003c(curl -Ls https://raw.githubusercontent.com/cortez24rus/xui-reverse-proxy/refs/heads/main/reverse_proxy_random_site.sh)\n```\n\nThe script will then prompt you for the necessary configuration information:\n\n\u003cp align=\"center\"\u003e\u003ca href=\"#\"\u003e\u003cimg src=\"./media/xui_rp_install.png\" alt=\"Image\"\u003e\u003c/a\u003e\u003c/p\u003e\n\n### Note: \n- Once the configuration is complete, the script will display all the necessary links and login information for the administration panel.\n- All configurations can be modified as needed due to the flexibility of the settings.\n\n-----\n\n\u003e [!IMPORTANT]\n\u003e This repository is intended solely for educational purposes and for studying the principles of reverse proxy servers and network security. The script demonstrates the setup of a proxy server using NGINX for reverse proxy, traffic management, and attack protection.\n\u003e\n\u003eWe strongly remind you that using this tool to bypass network restrictions or censorship is illegal in certain countries that have laws regulating the use of technologies to circumvent internet restrictions.\n\u003e\n\u003eThis project is not intended for use in ways that violate information protection laws or interfere with censorship mechanisms. We take no responsibility for any legal consequences arising from the use of this script.\n\u003e\n\u003eUse this tool/script only for demonstration purposes, as an example of reverse proxy operation and data protection. We strongly recommend removing the script after reviewing it. Further use is at your own risk.\n\u003e\n\u003eIf you are unsure whether the use of this tool or its components violates the laws of your country, refrain from interacting with this tool.\n\n-----\n\n## Stargazers over time\n[![Stargazers over time](https://starchart.cc/cortez24rus/xui-reverse-proxy.svg?variant=adaptive)](https://starchart.cc/cortez24rus/xui-reverse-proxy)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadam-sizzler%2Fxui-reverse-proxy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fadam-sizzler%2Fxui-reverse-proxy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fadam-sizzler%2Fxui-reverse-proxy/lists"}