Skip to content

Self‐hosting

Jump to bottom
Nathan edited this page Dec 19, 2023 · 2 revisions

Setting a reverse proxy

Setting up a reverse proxy is mandatory to expose Zero-TOTP's frontend and API.

Important

For security reasons the reverse proxy must overwrites the X-Forwarded-For header with the real remote ip. Be careful to X-Forwarded-For that can be spoofed and must not be trusted (cf Eli's Notes). Zero-TOTP API is not meant to deals a list of forwarded IP. The reverse proxy must keep the right one.

Zero-TOTP documentation released under GPL-3.0 Licence.
Zero-TOTP is a project of Nathan Stchepinsky © 2023. All rights reserved.

Clone this wiki locally