Issues with Basic authentication


First of all, thanks a lot for your project, I’m having a lot of fun setting it up and tinkering with it.

I’m trying to front a Jellyfin server with it and I would like to have boringproxy auth on it, even though Jellyfin has its own auth. The reason is quite simple, I don’t want anyone reaching that far into my LAN unauthenticated.

Now, it seems like the iOS/android apps have issues with basic auth so I’m trying to find an alternative. Would you be open adding maybe IP restriction? Or obfuscated URLs? Or do you have any other ideas?

Side wish : it’d be nice to have an option to completely disable port 80!


Hey @loginatnine, boringproxy is more targeted for running services you want to expose to the public internet, such as hosting a web site or sharing Jellyfin with your friends/family. Once you start looking at things like IP restrictions I suspect something like a proper WireGuard VPN may actually fit your needs better.

One thing you might try is running Jellyfin and the boringproxy client inside a Docker container or VM, which gives you added security if properly configured.

Also, in case you haven’t seen the list there are likely alternatives that offer the features you’re looking for:

Yes that’s actually how I found out about boringproxy!

Thanks for your answer, I might look at alternatives or fork boringproxy and add it myself. If I do, I’ll propose a PR and you can see if you want it in or not.

Thanks again!

1 Like

Sounds good. If the change isn’t too invasive, I’d be happy to consider merging it.

Just for closure in case someone gets here through a search engine, I’ve submitted a draft PR here Added IP restriction option by jebeaudet · Pull Request #204 · boringproxy/boringproxy · GitHub

1 Like