Open Source Windows Reverse Proxy Servers
Sort By:
Reverse Proxy Servers for Windows
View 39 business solutionsBrowse free open source Reverse Proxy servers and projects for Windows below. Use the toggles on the left to filter open source Reverse Proxy servers by OS, license, language, programming language, and project status.
-
Over two-thirds of people reuse passwords across sites, resulting in an increasingly insecure e-commerce ecosystem. Learn how passwordless can not only mitigate these issues but make the authentication experience delightful. Implement Auth0 in any application in just five minutes
-
SKUDONET ADC, operates at the application layer, efficiently distributing network load and application load across multiple servers. This not only enhances the performance of your application but also ensures that your web servers can handle more traffic seamlessly.
-
1
Cloudflare Tunnel Client
Cloudflare Tunnel client (formerly Argo Tunnel)
Contains the command-line client for Cloudflare Tunnel, a tunneling daemon that proxies traffic from the Cloudflare network to your origins. This daemon sits between Cloudflare network and your origin (e.g. a webserver). Cloudflare attracts client requests and sends them to you via this daemon, without requiring you to poke holes on your firewall --- your origin can remain as closed as possible. Extensive documentation can be found in the Cloudflare Tunnel section of the Cloudflare Docs. All usages related with proxying to your origins are available under cloudflared tunnel help. You can also use cloudflared to access Tunnel origins (that are protected with cloudflared tunnel) for TCP traffic at Layer 4 (i.e., not HTTP/web socket), which is relevant for use cases such as SSH, RDP, etc. Such usages are available under cloudflared access help. -
2
frp
A Fast Reverse Proxy
frp stands for exactly what it is: a fast reverse proxy. It helps you expose a local server behind a NAT or firewall to the Internet. It is currently under development, but already supports TCP and UDP, as well as HTTP and HTTPS protocols where requests can be forwarded to internal services by domain name. It also has a P2P connect mode and many other nifty features. These include configuration files, environment variables, a dashboard that shows you frp's status and proxies' statistics information, an Admin UI that helps you check and manage frpc's configuration, and many others. -
3
Caddy
Powerful, enterprise-ready, open source web server w/ automatic HTTPS
Caddy is a powerful, extensible, enterprise-ready server platform that uses TLS by default. Everything you would require in your infrastructure, from TLS certificate renewals and OCSP stapling, to reverse proxying and ingress, Caddy simplifies it all. Its modular architecture lets you do more with just a single static binary that compiles for any platform. Caddy is the only web server that uses HTTPS automatically and by default. It automatically renews TLS certificates, staples OCSP responses and more. Though used mostly as an HTTPS server, Caddy can be used to run Go applications, offering automated documentation, graceful on-line config changes via API and more to these apps. Caddy is very extensible, with a powerful plugin system unlike any other web server. -
4
Project V
A platform for building proxies to bypass network restrictions
Project V is a set of network tools that helps you to build your own computer network. It secures your network connections and thus protects your privacy. Help you build an exclusive basic communication network. A V2Ray process can concurrently support multiple inbound and outbound protocols, and each protocol can work independently. Inbound traffic can be sent from different outlets according to the configuration. Easily implement distribution by region or domain name to achieve optimal network performance. V2Ray can open multiple protocol support at the same time, including Socks, HTTP, Shadowsoks and VMess. The transmission carrier can be set separately for each protocol, such as TCP, mKCP and WebSocket. Nodes of V2Ray can be disguised as a normal website (HTTPS) to confuse its traffic with normal web traffic to avoid third-party interference. Universal reverse proxy support can achieve intranet penetration. -
Manage your enterprise’s compensation lifecycle and accurately recognize top performers with a digitized, integrated system. Keep employees invested and your HR team in control while preventing compensation chaos.
-
5
GoProxy
High performance proxy server implemented by golang
The GoProxy is a high-performance http proxy, https proxy, socks5 proxy, ss proxy, websocket proxies, tcp proxies, udp proxies, game shield, game proxies. Supports forward proxies, reverse proxy, transparent proxy, internet nat proxies, https proxy load balancing, http proxy load balancing , socks5 proxies load balancing, socket proxy load balancing, ss proxy load balancing, TCP / UDP port mapping, SSH transit, TLS encrypted transmission, protocol conversion, anti-pollution DNS proxy, API authentication, speed limit, limit connection. Reverse proxy to help you expose a local server behind a NAT or firewall to the internet so that you or your visitors can access it directly and easily. Chained proxies, the program itself can be used as a proxy, and if it is set up, it can be used as a secondary proxy or even an N-level proxy. -
6
EdgeVPN
The immutable, decentralized, statically built p2p VPN
Fully Decentralized. Immutable. Portable. Easy to use Statically compiled VPN and a reverse proxy over p2p. EdgeVPN uses libp2p to build private decentralized networks that can be accessed via shared secrets. -
7
gost
GO Simple Tunnel, a simple tunnel written in golang
A simple security tunnel written in Golang. Listening on multiple ports, multi-level forward proxies - proxy chain, standard HTTP/HTTPS/HTTP2/SOCKS4(A)/SOCKS5 proxy protocols support. Probing resistance support for web proxy, TLS encryption via negotiation support for SOCKS5 proxy. Support multiple tunnel types, tunnel UDP over TCP. Local/remote TCP/UDP port forwarding, TCP/UDP Transparent proxy, Shadowsocks Protocol (TCP/UDP), and SNI Proxy. Permission control, load balancing, route control, DNS resolver and proxy, and TUN/TAP Device. In GOST, GOST and other proxy services are considered as proxy nodes, GOST can handle the requests itself, or forward the requests to any one or more proxy nodes. In addition to configuring services directly from the command line, parameters can also be set by specifying the external configuration file with the -C parameter. -
8
Lanproxy
Intranet penetration tool that proxies local area network computers
Lanproxy is an intranet penetration tool that proxies local area network personal computers and servers to the public network. It supports tcp traffic forwarding and any tcp upper layer protocol (access to intranet websites, local payment interface debugging, ssh access, remote desktop, http proxy) , https proxy, socks5 proxy...). Penetration basic functions, same as the open source version, high performance, can support tens of thousands of penetration connections at the same time. Support http/https/socks5 multiple modes Use the client network proxy to surf the Internet, and easily access the company network at home. Custom domain name ssl certificate, you can also enable automatic application and renewal of ssl certificate for your bound domain name without manual intervention. -
9
Pipy
Pipy is a programmable proxy for the cloud, edge and IoT
Pipy is a high performance programmable proxy for the cloud, edge and IoT. Its core is written in C++ with excellent cross-platform capability. It is both high performance and low resource. Pipy comes with a built-in JavaScript engine that allows easy custom logic implementation with the simple JS syntax, greatly reducing the complexity in high-performance network programming. It is suitable for a variety of hardware architectures including x86, ARM64, Loongson and RISC-V. It is also compatible with various other operating systems besides Linux. -
ChangeGear provides IT staff with the functions required to manage everything from ticketing to incident, change and asset management and more. ChangeGear includes a virtual agent, self-service portals and AI-based features to support analyst and end user productivity.
-
10
Tyk API Gateway
Open Source API Gateway written in Go
Tyk is an open source Enterprise API Gateway, supporting REST, GraphQL, TCP and gRPC protocols. Tyk Gateway is provided ‘Batteries-included’, with no feature lockout. Enabling your organization to control who accesses your APIs, when they access, and how they access it. Tyk Technologies uses the same API Gateway for all it’s applications. Protecting, securing, and processing APIs for thousands of organizations and businesses around the world. Ideal for Open Banking, building software in the clouds as well as exposing APIs to teams, partners & consumers. Built from the ground up to be the fastest API gateway on the planet. It does not depend on a legacy proxy underneath. It has no 3rd party dependencies aside from Redis for distributed rate-limiting and token storage. Tyk Gateway can also be deployed as part of a larger Full Lifecycle API Management platform Tyk Self-Managed which also includes Management Control Plane, Dashboard GUI and Developer Portal. -
11
Pomerium
Pomerium is an identity and context-aware access proxy
Secure, context-aware access that just works. Access internal resources securely. Implement zero trust. Achieve compliance. All without the headache of a VPN. For teams that prefer a hosted solution while keeping data governance. For organizations that need advanced scaling, access control, and governance capabilities. IT and developers need a scalable access control solution to keep users productive, happy, and secure. Pomerium uses identity and context to ensure secure access to internal applications, servers, and infrastructure even from untrusted networks. Pomerium adds authentication and authorization to any application or server, giving IT Management a centralized panel for organization-wide control. Assert compliance in your current architecture without giving up control over data tenancy. Pomerium supports your infrastructure and can be deployed in all environments: cloud, hybrid, or on-prem. From AWS to Kubernetes and more, your internal and 3rd-party apps are covered. -
12
Traefik
An open-source reverse proxy and load balancer
Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer that makes deploying microservices easy. Traefik integrates with your existing infrastructure components (Docker, Swarm mode, Kubernetes, Marathon, Consul, Etcd, Rancher, Amazon ECS, ...) and configures itself automatically and dynamically. Pointing Traefik at your orchestrator should be the only configuration step you need. -
13
ssl-proxy
Zero-config SSL reverse proxy with real autogenerated certificates
Simple single-command SSL reverse proxy with autogenerated certificates (LetsEncrypt, self-signed) A handy and simple way to add SSL to your thing running on a VM--be it your personal jupyter notebook or your team jenkins instance. ssl-proxy autogenerates SSL certs and proxies HTTPS traffic to an existing HTTP server in a single command. -
14
ModSecurity is a web application firewall that can work either embedded or as a reverse proxy. It provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
-
15
Fabio
Consul Load-Balancing made simple
Fabio is an HTTP and TCP reverse proxy that configures itself with data from Consul. Traditional load balancers and reverse proxies need to be configured with a config file. The configuration contains the hostnames and paths the proxy is forwarding to upstream services. This process can be automated with tools like consul-template that generate config files and trigger a reload. Fabio works differently since it updates its routing table directly from the data stored in Consul as soon as there is a change and without restart or reloading. When you register a service in Consul all you need to add is a tag that announces the paths the upstream service accepts, e.g. urlprefix-/user or urlprefix-/order and fabio will do the rest. Fabio was developed and maintained by Frank Schröder through January, 2020. Since that date primary maintenance has been the responsibility of ENA and the great community of users. -
16
FastTunnel
Expose a local server to the internet
FastTunnel is a high-performance cross-platform intranet penetration tool. With it, you can expose intranet services to the public network for yourself or anyone to access. Unlike other penetration tools, the FastTunnel project is committed to creating an easy-to-extensible and easy-to-maintain intranet penetration framework. You can build your own penetration application by referencing the nuget package of FastTunnel.Core, and target the business extension functions you need. -
17
NGINX Ingress Controller
NGINX Ingress Controller for Kubernetes
ingress-nginx is an Ingress controller for Kubernetes using NGINX as a reverse proxy and load balancer. It is built around the Kubernetes Ingress resource, using a ConfigMap to store the NGINX configuration. The goal of this Ingress controller is the assembly of a configuration file (nginx.conf). The main implication of this requirement is the need to reload NGINX after any change in the configuration file. Though it is important to note that we don't reload Nginx on changes that impact only an upstream configuration (i.e Endpoints change when you deploy your app). We use lua-nginx-module to achieve this. Check below to learn more about how it's done. Usually, a Kubernetes Controller utilizes the synchronization loop pattern to check if the desired state in the controller is updated or a change is required. To this purpose, we need to build a model using different objects from the cluster, in particular (in no special order) Ingresses, Services, Endpoints, Secrets, and Configmaps. -
18
OAuth2 Proxy
A reverse proxy that provides authentication with Google, Azure, etc.
A reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others) to validate accounts by email, domain or group. If you are running a version older than v6.0.0 we strongly recommend you please update to the current version. After returning from the authentication provider, the OAuth tokens are stored in the configured session store (cookie, redis, ...) and a cookie is set. The request is forwarded to the upstream server with added user info and authentication headers (depending on the configuration) oauth2-proxy can be configured via command line options, environment variables or config file (in decreasing order of precedence, i.e. command line options will overwrite environment variables and environment variables will overwrite configuration file settings). -
19
Vulcain
Fast and idiomatic client-driven REST APIs
Vulcain is a brand new protocol using HTTP/2 Server Push to create fast and idiomatic client-driven REST APIs. An open-source gateway server that you can put on top of any existing web API to instantly turn it into a Vulcain-compatible one is also provided! It supports hypermedia APIs but also any "legacy" API by documenting its relations using OpenAPI. The protocol has been published as an Internet-Draft that is maintained in this repository. A reference, production-grade, implementation gateway server is also available in this repository. It's free software (AGPL) written in Go. A Docker image is provided. Current solutions for these problems (GraphQL, JSON:API's embedded resources and sparse fieldsets, etc.) are smart network hacks for HTTP/1. But these hacks come with (too) many drawbacks when it comes to HTTP cache, logs and even security. Fortunately, thanks to the new features introduced in HTTP/2, it's now possible to create true REST APIs fixing these problems with ease. -
20
YARP
A toolkit for developing high-performance HTTP reverse proxy apps
YARP is a library to help create reverse proxy servers that are high-performance, production-ready, and highly customizable. We found a bunch of internal teams at Microsoft who were either building a reverse proxy for their service or had been asking about APIs and tech for building one, so we decided to get them all together to work on a common solution, this project. Each of these projects was doing something slightly off the beaten path which meant they were not well served by existing proxies, and customization of those proxies had a high cost and ongoing maintenance considerations. Many of the existing proxies were built to support HTTP/1.1, but with workloads changing to include gRPC traffic, they require HTTP/2 support which requires a significantly more complex implementation. By using YARP the projects get to customize the routing and handling behavior without having to implement the http protocol. -
21
rathole
A lightweight and high-performance reverse proxy for NAT traversal
A secure, stable and high-performance reverse proxy for NAT traversal, written in Rust. rathole, like frp and ngrok, can help to expose the service on the device behind the NAT to the Internet, via a server with a public IP. High Performance Much higher throughput can be achieved than frp, and more stable when handling a large volume of connections. Low Resource Consumption Consumes much fewer memory than similar tools. See Benchmark. The binary can be as small as ~500KiB to fit the constraints of devices, like embedded devices as routers. Security Tokens of services are mandatory and service-wise. The server and clients are responsible for their own configs. With the optional Noise Protocol, encryption can be configured at ease. No need to create a self-signed certificate! TLS is also supported. -
22
spp
A simple and powerful proxy
Supported protocol: TCP, UDP, RUDP (Reliable UDP), RICMP (Reliable ICMP), RHTTP (Reliable HTTP), KCP, Quic. Support type: forward proxy, reverse agent, SOCKS5 forward agent, SOCKS5 reverse agent. Agreement and type can be freely combined. External agent agreement and internal forwarding protocols can freely combine. Support Shadowsocks plug-in, spp-shadowsocks-plugin, spp-shadowsocks-plugin-android. -
23
xfrpc
The xfrpc project is an implementation of frp client written in C
The xfrpc project is an implementation of frp client written in C language for OpenWRT and IOT system. The main motivation of this project is to provide a lightweight solution for devices with limited resources such as OpenWRT devices which often have limited ROM and RAM space. The project aims to provide a frp client that uses less space and memory than other available options. -
24
sproxy
Reverse proxy
sproxy is a reverse proxy that acts as a proxy server in the edge section close to the user on behalf of various web servers. Github: https://github.com/SolboxOSS/sproxy Project page: https://sproxy.solbox.com/ -
25
Apache2::ModProxyPerlHtml
Reverse proxy with http header, html and javascript code rewritter
Apache2::ModProxyPerlHtml is the most advanced Apache output filter to rewrite HTTP headers and HTML links for reverse proxy usage. It is written in Perl and exceeds all mod_proxy_html.c limitations without performance lost. It is very simple and has far better parsing/replacement of URL than the original C code. It also support meta tag, CSS, and javascript URL rewriting and can be use with compressed HTTP. You can now replace any code by other, like changing images name or anything else. mod_proxy_html can't do all of that. Since release 3.0 ModProxyPerlHtml is also able to rewrite HTTP headers with refresh url redirection. One of the common used of ModProxyPerlHtml is as free replacement for ISA servers.