Open Source Reverse Proxy Servers
Sort By:
Reverse Proxy Servers
View 172 business solutionsBrowse free open source Reverse Proxy servers and projects below. Use the toggles on the left to filter open source Reverse Proxy servers by OS, license, language, programming language, and project status.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Build Securely on Azure with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
1
Cloudflare Tunnel Client
Cloudflare Tunnel client (formerly Argo Tunnel)
Contains the command-line client for Cloudflare Tunnel, a tunneling daemon that proxies traffic from the Cloudflare network to your origins. This daemon sits between Cloudflare network and your origin (e.g. a webserver). Cloudflare attracts client requests and sends them to you via this daemon, without requiring you to poke holes on your firewall --- your origin can remain as closed as possible. Extensive documentation can be found in the Cloudflare Tunnel section of the Cloudflare Docs. All usages related with proxying to your origins are available under cloudflared tunnel help. You can also use cloudflared to access Tunnel origins (that are protected with cloudflared tunnel) for TCP traffic at Layer 4 (i.e., not HTTP/web socket), which is relevant for use cases such as SSH, RDP, etc. Such usages are available under cloudflared access help. -
2
frp
A Fast Reverse Proxy
frp stands for exactly what it is: a fast reverse proxy. It helps you expose a local server behind a NAT or firewall to the Internet. It is currently under development, but already supports TCP and UDP, as well as HTTP and HTTPS protocols where requests can be forwarded to internal services by domain name. It also has a P2P connect mode and many other nifty features. These include configuration files, environment variables, a dashboard that shows you frp's status and proxies' statistics information, an Admin UI that helps you check and manage frpc's configuration, and many others. -
3
ngrok
Unified ingress for developers
ngrok is a globally distributed, secure reverse proxy and tunneling service that exposes applications running on local machines behind NATs or firewalls to the public internet. It simplifies remote debugging, webhooks integration, and secure ingress by wrapping reverse proxy, firewall traversal, API gateway, and load-balancing functionality into a single tool. ngrok is a globally distributed reverse proxy that secures, protects and accelerates your applications and network services, no matter where you run them. You can think of ngrok as the front door to your applications. ngrok combines your reverse proxy, firewall, API gateway, and global load balancing into one. ngrok can capture and analyze all traffic to your web service for later inspection and replay. -
4
SKUDONET
SKUDONET Open Source Load Balancer and Web Application Firewall
SKUDONET Community Edition is an Open Source Load Balancer and Web Application Firewall (WAF) designed for Linux server environments. Formerly known as Zevenet, it is based on Debian 12.8, providing a stable and secure foundation for reliable application delivery and cybersecurity. This edition is suitable for Linux and Windows server deployments (not for mobile platforms), offering advanced Layer 4 and Layer 7 traffic management with support for up to 250,000 TCP requests per second (L4) and 70,000 HTTPS requests per second (L7). SKUDONET Community Edition includes a full REST JSON API for integration into on-premises or hybrid cloud infrastructures, and it is used in thousands of deployments worldwide. Documentation, administration guides, and API references are available at: https://www.skudonet.com/knowledge-base/ -
Build Securely on AWS with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
5
RELIANOID
Network Load Balancer and Application Security
RELIANOID is an open core (Debian GNU/Linux based) Application Delivery Controller (ADC) with advanced load balancing features such as Network Load Balancer, Application Load Balancer with SSL offloading, Advance Network Configuration including Virtual Interfaces, VLANs, Bonding with link aggregation, IPv4/IPv6, advanced routing, stateless cluster, web GUI, JSON API and much more! Enterprise Edition Load Balancer is available with extra features such as global service load balancing (gslb), application security including web application firewall (WAF), blacklists, Realtime Blackhole Lists (DNSBL), DDoS protection, stateful clustering, SNMP monitoring, email and SNMP notifications, RBAC, VPN support, and the best Support directly from an expert Team. -
6
EdgeVPN
The immutable, decentralized, statically built p2p VPN
Fully Decentralized. Immutable. Portable. Easy to use Statically compiled VPN and a reverse proxy over p2p. EdgeVPN uses libp2p to build private decentralized networks that can be accessed via shared secrets. -
7
Project V
A platform for building proxies to bypass network restrictions
Project V is a set of network tools that helps you to build your own computer network. It secures your network connections and thus protects your privacy. Help you build an exclusive basic communication network. A V2Ray process can concurrently support multiple inbound and outbound protocols, and each protocol can work independently. Inbound traffic can be sent from different outlets according to the configuration. Easily implement distribution by region or domain name to achieve optimal network performance. V2Ray can open multiple protocol support at the same time, including Socks, HTTP, Shadowsoks and VMess. The transmission carrier can be set separately for each protocol, such as TCP, mKCP and WebSocket. Nodes of V2Ray can be disguised as a normal website (HTTPS) to confuse its traffic with normal web traffic to avoid third-party interference. Universal reverse proxy support can achieve intranet penetration. -
8
Caddy
Powerful, enterprise-ready, open source web server w/ automatic HTTPS
Caddy is a powerful, extensible, enterprise-ready server platform that uses TLS by default. Everything you would require in your infrastructure, from TLS certificate renewals and OCSP stapling, to reverse proxying and ingress, Caddy simplifies it all. Its modular architecture lets you do more with just a single static binary that compiles for any platform. Caddy is the only web server that uses HTTPS automatically and by default. It automatically renews TLS certificates, staples OCSP responses and more. Though used mostly as an HTTPS server, Caddy can be used to run Go applications, offering automated documentation, graceful on-line config changes via API and more to these apps. Caddy is very extensible, with a powerful plugin system unlike any other web server. -
9
gost
GO Simple Tunnel, a simple tunnel written in golang
A simple security tunnel written in Golang. Listening on multiple ports, multi-level forward proxies - proxy chain, standard HTTP/HTTPS/HTTP2/SOCKS4(A)/SOCKS5 proxy protocols support. Probing resistance support for web proxy, TLS encryption via negotiation support for SOCKS5 proxy. Support multiple tunnel types, tunnel UDP over TCP. Local/remote TCP/UDP port forwarding, TCP/UDP Transparent proxy, Shadowsocks Protocol (TCP/UDP), and SNI Proxy. Permission control, load balancing, route control, DNS resolver and proxy, and TUN/TAP Device. In GOST, GOST and other proxy services are considered as proxy nodes, GOST can handle the requests itself, or forward the requests to any one or more proxy nodes. In addition to configuring services directly from the command line, parameters can also be set by specifying the external configuration file with the -C parameter. -
Photo and Video Editing APIs and SDKsUnlock Picsart's full editing suite by embedding our Editor SDK directly into your platform. Offer your users the power of a full design suite without leaving your site.
-
10
docker-gen
Generate files from docker container meta-data
docker-gen is a file generator that renders templates using docker container meta-data. Centralized logging - fluentd, logstash or other centralized logging tools that tail the containers JSON log file or files within the container. Log Rotation - logrotate files to rotate container JSON log files. Reverse Proxy Configs - nginx, haproxy, etc. reverse proxy configs to route requests from the host to containers. Service Discovery - Scripts (python, bash, etc..) to register containers within etcd, hipache, etc. Docker-gen can be bundled inside of a container along-side applications. nginx-proxy/nginx-proxy trusted build is an example of running docker-gen within a container along-side nginx. jwilder/docker-register is an example of running docker-gen within a container to do service registration with etcd. -
11
OAuth2 Proxy
A reverse proxy that provides authentication with Google, Azure, etc.
A reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others) to validate accounts by email, domain or group. If you are running a version older than v6.0.0 we strongly recommend you please update to the current version. After returning from the authentication provider, the OAuth tokens are stored in the configured session store (cookie, redis, ...) and a cookie is set. The request is forwarded to the upstream server with added user info and authentication headers (depending on the configuration) oauth2-proxy can be configured via command line options, environment variables or config file (in decreasing order of precedence, i.e. command line options will overwrite environment variables and environment variables will overwrite configuration file settings). -
12
Traefik
An open-source reverse proxy and load balancer
Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer that makes deploying microservices easy. Traefik integrates with your existing infrastructure components (Docker, Swarm mode, Kubernetes, Marathon, Consul, Etcd, Rancher, Amazon ECS, ...) and configures itself automatically and dynamically. Pointing Traefik at your orchestrator should be the only configuration step you need. -
13
Pipy
Pipy is a programmable proxy for the cloud, edge and IoT
Pipy is a high performance programmable proxy for the cloud, edge and IoT. Its core is written in C++ with excellent cross-platform capability. It is both high performance and low resource. Pipy comes with a built-in JavaScript engine that allows easy custom logic implementation with the simple JS syntax, greatly reducing the complexity in high-performance network programming. It is suitable for a variety of hardware architectures including x86, ARM64, Loongson and RISC-V. It is also compatible with various other operating systems besides Linux. -
14
gRPC-Gateway
gRPC to JSON proxy generator following the gRPC HTTP spec
gRPC-Gateway is a plugin of protoc. It reads a gRPC service definition and generates a reverse-proxy server which translates a RESTful JSON API into gRPC. This server is generated according to custom options in your gRPC definition. gRPC-Gateway helps you to provide your APIs in both gRPC and RESTful style at the same time. gRPC is great -- it generates API clients and server stubs in many programming languages, it is fast, easy to use, and bandwidth-efficient and its design is combat-proven by Google. However, you might still want to provide a traditional RESTful JSON API as well. Reasons can range from maintaining backward compatibility, supporting languages or clients that are not well supported by gRPC, to simply maintaining the aesthetics and tooling involved with a RESTful JSON architecture. This project aims to provide that HTTP+JSON interface to your gRPC service. -
15
sshpiper
The missing reverse proxy for ssh scp
sshpiper is the reverse proxy for sshd. all protocols, including ssh, scp, port forwarding, running on top of ssh are supported. -
16
Fabio
Consul Load-Balancing made simple
Fabio is an HTTP and TCP reverse proxy that configures itself with data from Consul. Traditional load balancers and reverse proxies need to be configured with a config file. The configuration contains the hostnames and paths the proxy is forwarding to upstream services. This process can be automated with tools like consul-template that generate config files and trigger a reload. Fabio works differently since it updates its routing table directly from the data stored in Consul as soon as there is a change and without restart or reloading. When you register a service in Consul all you need to add is a tag that announces the paths the upstream service accepts, e.g. urlprefix-/user or urlprefix-/order and fabio will do the rest. Fabio was developed and maintained by Frank Schröder through January, 2020. Since that date primary maintenance has been the responsibility of ENA and the great community of users. -
17
Tyk API Gateway
Open Source API Gateway written in Go
Tyk is an open source Enterprise API Gateway, supporting REST, GraphQL, TCP and gRPC protocols. Tyk Gateway is provided ‘Batteries-included’, with no feature lockout. Enabling your organization to control who accesses your APIs, when they access, and how they access it. Tyk Technologies uses the same API Gateway for all it’s applications. Protecting, securing, and processing APIs for thousands of organizations and businesses around the world. Ideal for Open Banking, building software in the clouds as well as exposing APIs to teams, partners & consumers. Built from the ground up to be the fastest API gateway on the planet. It does not depend on a legacy proxy underneath. It has no 3rd party dependencies aside from Redis for distributed rate-limiting and token storage. Tyk Gateway can also be deployed as part of a larger Full Lifecycle API Management platform Tyk Self-Managed which also includes Management Control Plane, Dashboard GUI and Developer Portal. -
18
Vulcain
Fast and idiomatic client-driven REST APIs
Vulcain is a brand new protocol using HTTP/2 Server Push to create fast and idiomatic client-driven REST APIs. An open-source gateway server that you can put on top of any existing web API to instantly turn it into a Vulcain-compatible one is also provided! It supports hypermedia APIs but also any "legacy" API by documenting its relations using OpenAPI. The protocol has been published as an Internet-Draft that is maintained in this repository. A reference, production-grade, implementation gateway server is also available in this repository. It's free software (AGPL) written in Go. A Docker image is provided. Current solutions for these problems (GraphQL, JSON:API's embedded resources and sparse fieldsets, etc.) are smart network hacks for HTTP/1. But these hacks come with (too) many drawbacks when it comes to HTTP cache, logs and even security. Fortunately, thanks to the new features introduced in HTTP/2, it's now possible to create true REST APIs fixing these problems with ease. -
19
GoProxy
High performance proxy server implemented by golang
The GoProxy is a high-performance http proxy, https proxy, socks5 proxy, ss proxy, websocket proxies, tcp proxies, udp proxies, game shield, game proxies. Supports forward proxies, reverse proxy, transparent proxy, internet nat proxies, https proxy load balancing, http proxy load balancing , socks5 proxies load balancing, socket proxy load balancing, ss proxy load balancing, TCP / UDP port mapping, SSH transit, TLS encrypted transmission, protocol conversion, anti-pollution DNS proxy, API authentication, speed limit, limit connection. Reverse proxy to help you expose a local server behind a NAT or firewall to the internet so that you or your visitors can access it directly and easily. Chained proxies, the program itself can be used as a proxy, and if it is set up, it can be used as a secondary proxy or even an N-level proxy. -
20
NGINX Ingress Controller
NGINX Ingress Controller for Kubernetes
ingress-nginx is an Ingress controller for Kubernetes using NGINX as a reverse proxy and load balancer. It is built around the Kubernetes Ingress resource, using a ConfigMap to store the NGINX configuration. The goal of this Ingress controller is the assembly of a configuration file (nginx.conf). The main implication of this requirement is the need to reload NGINX after any change in the configuration file. Though it is important to note that we don't reload Nginx on changes that impact only an upstream configuration (i.e Endpoints change when you deploy your app). We use lua-nginx-module to achieve this. Check below to learn more about how it's done. Usually, a Kubernetes Controller utilizes the synchronization loop pattern to check if the desired state in the controller is updated or a change is required. To this purpose, we need to build a model using different objects from the cluster, in particular (in no special order) Ingresses, Services, Endpoints, Secrets, and Configmaps. -
21
rathole
A lightweight and high-performance reverse proxy for NAT traversal
A secure, stable and high-performance reverse proxy for NAT traversal, written in Rust. rathole, like frp and ngrok, can help to expose the service on the device behind the NAT to the Internet, via a server with a public IP. High Performance Much higher throughput can be achieved than frp, and more stable when handling a large volume of connections. Low Resource Consumption Consumes much fewer memory than similar tools. See Benchmark. The binary can be as small as ~500KiB to fit the constraints of devices, like embedded devices as routers. Security Tokens of services are mandatory and service-wise. The server and clients are responsible for their own configs. With the optional Noise Protocol, encryption can be configured at ease. No need to create a self-signed certificate! TLS is also supported. -
22
spp
A simple and powerful proxy
Supported protocol: TCP, UDP, RUDP (Reliable UDP), RICMP (Reliable ICMP), RHTTP (Reliable HTTP), KCP, Quic. Support type: forward proxy, reverse agent, SOCKS5 forward agent, SOCKS5 reverse agent. Agreement and type can be freely combined. External agent agreement and internal forwarding protocols can freely combine. Support Shadowsocks plug-in, spp-shadowsocks-plugin, spp-shadowsocks-plugin-android. -
23
ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
-
24
FastTunnel
Expose a local server to the internet
FastTunnel is a high-performance cross-platform intranet penetration tool. With it, you can expose intranet services to the public network for yourself or anyone to access. Unlike other penetration tools, the FastTunnel project is committed to creating an easy-to-extensible and easy-to-maintain intranet penetration framework. You can build your own penetration application by referencing the nuget package of FastTunnel.Core, and target the business extension functions you need. -
25
Infrared
An ultra lightweight minecraft reverse proxy and idle placeholder
An ultra lightweight Minecraft reverse proxy and idle placeholder: Ever wanted to have only one exposed port on your server for multiple Minecraft servers? Then Infrared is the tool you need! Infrared works as a reverse proxy using a subdomain to connect clients to a specific Minecraft server. It works similar to Nginx for those of you who are familiar.
