Reverse Proxy With QBittorrent Web UI

I’m trying to setup a reverse proxy to access the QBittorrent web UI. I found this post on the forums: qBittorrent Web UI -- Reverse Proxy Help - #2 by Whitestrake but I still can’t get it to work.

This is what I have in my Caddyfile:

localhost:4488, 192.168.1.205:4488 {
	proxy / 127.0.0.1:9292 {
		header_upstream X-Forwarded-Host {host}:9292
		header_upstream Origin ''
		header_upstream Referer ''
	}
}

It returns an 502 Bad Gateway error when I attempt to go to localhost:4488

The following is a working configuration for Nginx:

http {
    server {
	listen 9988;
	server_name localhost;

	location / {
	    proxy_pass http://127.0.0.1:9292;
	    proxy_set_header   X-Forwarded-Host  $host:$server_port;
	    proxy_hide_header  Referer;
	    proxy_hide_header  Origin;
	    proxy_set_header   Referer           '';
	    proxy_set_header   Origin            '';
	}

    }
}

Does anyone know how I can get this working in Caddy?

To look into this for myself, I configured Caddy (abiosoft/caddy:latest) and qBittorrent (wernight/qbittorrent:latest) in Docker containers.

I found that with no header_upstream subdirectives at all, the page loaded, but static assets (CSS, JS, an SVG) returned a 401.

Some issues from the qBittorrent Github page turned up in a quick search, they appear to be related to this problem:

• NGINX as reverse proxy is receiving 401 Unauthorized error from qBittorrent
• Remote Access Web UI not working on any Client after 3.3.11

Some different configurations were attempted as well. Notably, sending header_upstream Origin '' or header_upstream Referer '' resulted in 401s for the index document!

Given that the discussions on their Github indicated the Origin and Referer headers needed to be surpressed, and that the X-Forwarded-Host needed to match what was seen in the browser, the configuration I ended up with fully working was this:

qbt.whitestrake.net {
  proxy / qbittorrent:8080 {
    header_upstream X-Forwarded-Host {host}:443
    header_upstream -Origin
    header_upstream -Referer
  }
}

The port (443 above, as I used standard HTTPS during these tests) needs to match the port shown in the browser, so a working config for you will likely be:

localhost:4488, 192.168.1.205:4488 {
	proxy / 127.0.0.1:9292 {
		header_upstream X-Forwarded-Host {host}:4488
		header_upstream -Origin
		header_upstream -Referer
	}
}

Thank you so much! It seems to work perfectly now.

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.