-
-
Notifications
You must be signed in to change notification settings - Fork 15
Configuration Guide
Jaeseok Song edited this page Jan 13, 2026
·
2 revisions
This guide provides detailed instructions on how to configure the various components of Pingora Proxy Manager.
A Proxy Host is the primary way to route incoming HTTP/HTTPS traffic.
-
Domain: The public domain name (e.g.,
www.example.com). -
Scheme: Choose
httporhttpsfor the connection to your upstream server. - Forward Host: The IP address or hostname of your internal service.
- Forward Port: The port your service is listening on.
- SSL Forced: Redirect all HTTP traffic to HTTPS automatically.
You can add multiple locations to a single Proxy Host to route different paths to different services.
| Feature | Description |
|---|---|
| Path | The URL path to match (e.g., /api). |
| Target | The upstream address for this specific path. |
| Rewrite | If enabled, the matched path is removed from the URL before forwarding (e.g., /api/users -> /users). |
We support two types of Let's Encrypt challenges:
- Requires port 80 to be open and reachable from the internet.
- Does not support wildcard domains.
- Required for wildcard certificates (e.g.,
*.example.com). - Requires a DNS Provider configuration (e.g., Cloudflare API Token).
- Validation happens via DNS TXT records.
Used for non-HTTP traffic.
- Listen Port: The port on the proxy server.
-
Protocol:
TCPorUDP. - Forward Host: The internal destination IP.
- Forward Port: The internal destination port.
Create an ACL to restrict access to your Proxy Hosts.
-
IP Restrictions: Add IPs to the list and set the action to
allowordeny. - Basic Auth: Create users with usernames and passwords. Only authorized users can access the host.
Note: If both IP restrictions and Basic Auth are used, the user must satisfy both conditions (depending on implementation, usually Basic Auth is prompt after IP whitelist check).
Next: Deployment