A self-hosted API proxy is just a relay on your own server: clients hit your domain, the server forwards to the upstream API. You get a single entry point, your own domain, and one place to add HTTPS and rate limiting. Below are working Nginx and Caddy configs.
Before you start: only proxy services you’re allowed to use, and respect the upstream API’s terms. This is for legitimate use, not for working around access controls.
Prerequisites
- A small VPS (1 GB RAM is enough — see Best VPS for Self-Hosting).
- A domain resolving to the server (point a domain to a VPS).
- Nginx or Caddy installed.
Option A: Nginx reverse proxy
Proxy api.example.com to the upstream upstream.example.com:
server {
listen 80;
server_name api.example.com;
location / {
proxy_pass https://upstream.example.com;
proxy_set_header Host upstream.example.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_ssl_server_name on;
}
}Then nginx -t && systemctl reload nginx.
Option B: Caddy (automatic HTTPS)
Caddy needs one block and handles certificates for you:
api.example.com {
reverse_proxy https://upstream.example.com {
header_up Host upstream.example.com
}
}Run caddy run (or systemctl restart caddy) and HTTPS is handled automatically.
Adding HTTPS (Nginx route)
On the Nginx route, the easiest way to add HTTPS is Nginx Proxy Manager — a GUI that issues and renews Let’s Encrypt certificates for you, no manual cert config: see Nginx Proxy Manager setup.
Tips
- Rate limiting: use
limit_reqin Nginx so the proxy can’t be hammered. - Caching: caching cacheable endpoints cuts latency and saves upstream quota.
- Route quality: if you’re calling from a China-facing context, the VPS route matters more than its specs — see Best VPS for China access.
Need to pick a box first? Start at Best VPS for Self-Hosting. Best value is Hetzner ; for China access look at BandwagonHost .
