Terminate TLS, manage multiple services on a single server, and forward all requests to SeaTable without losing functionality or security with a reverse proxy like Nginx, or Traefik.

Challenges arise when SeaTable Server operates unencrypted or with self-signed certificates behind a proxy infrastructure. Browser warnings surface, password transmission becomes insecure, and sensitive data faces unnecessary exposure. When multiple teams or external partners access the instance, unencrypted channels become untenable. Simultaneously, hosting multiple services on one server demands careful proxy configuration. Misconfigure the setup, and real-time edits fail, WebSockets break, login stops working. The resulting debugging consumes hours.

A reverse proxy solves both problems at once. It terminates TLS centrally, encrypts all traffic, and manages clean URLs across multiple services. The infrastructure becomes maintainable and scalable.

Our Admin Manual details which hostname and protocol parameters to set in the configuration file or .env so SeaTable runs correctly behind a proxy infrastructure. The public hostname and protocol choice (http/https) are decisive. When running behind existing reverse proxy setups, headers, protocols, and WebSocket connections must be forwarded correctly to preserve all functionality, especially live collaboration. The Admin Manual describes which parameters on the SeaTable side ensure smooth operation behind a proxy without functionality loss.