Skip to content

NGINX Reverse Proxy for Web UI

Francisco Pombal edited this page Mar 4, 2021 · 22 revisions

If you're using NGINX as a reverse proxy for Web UI, assuming your reverse proxy is local, your location /qbt/ should have the following settings:

location /qbt/ {
    proxy_pass              http://127.0.0.1:8080/;
    proxy_http_version      1.1;
    proxy_set_header        X-Forwarded-Host        $http_host;
    http2_push_preload on; # Enable http2 push

    # The following directives effectively nullify Cross-site request forgery (CSRF)
    # protection mechanism in qBittorrent, only use them when you encountered connection problems.
    # You should consider disable "Enable Cross-site request forgery (CSRF) protection"
    # setting in qBittorrent instead of using these directives to tamper the headers.
    # The setting is located under "Options -> WebUI tab" in qBittorrent since v4.1.2.
    #proxy_hide_header       Referer;
    #proxy_hide_header       Origin;
    #proxy_set_header        Referer                 '';
    #proxy_set_header        Origin                  '';

    # Not needed since qBittorrent v4.1.0
    add_header              X-Frame-Options         "SAMEORIGIN";
}

Note: qBittorrent currently doesn't read the X-Forwarded-For header, so if you find yourself seeing WebAPI login failure. Reason: IP has been banned, IP: 127.0.0.1 and needing to restart qBittorrent, you may want to set the ban after failure count to 0.

General

Troubleshooting

External programs

Search plugins

Themes

Translation


WebUI

WebUI API

State Version
Current qBittorrent >= 5.0
Previous qBittorrent v4.1.0 - v4.6.x
Previous qBittorrent v3.2.0 - v4.0.x
Obsolete qBittorrent < v3.2.0

Authentication

WebAPI clients

Alternate WebUI

Reverse proxy setup for WebUI access

WebUI HTTPS configuration


Linux


Development

Compilation

Common information for CMake

*BSD, Linux

macOS

Windows

Obsolete compilation guides

Clone this wiki locally