# Deploy a Clerk app behind a proxy

When deploying a Clerk app behind a proxy, you must forward two headers:

- `X-Forwarded-Host` - The host of the request.
- `X-Forwarded-Proto` - The protocol of the request.

Here are some common platforms and servers that require header proxying:

- [nginx](https://nginx.org/en/)
- [Caddy](https://caddyserver.com/)
- [Docker](https://www.docker.com/)
- [AWS Amplify](https://amplify.com/)

## `nginx` configuration example

The following can be added to your `nginx` configuration to forward the headers to your application.

```nginx
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Proto https;
```

## Test header forwarding

To test if the headers are forwarded correctly, you can console log them to check what their values are. They are available on the `request` object.

> If you're using Next.js ≤15, name your file `middleware.ts` instead of `proxy.ts`. The code itself remains the same; only the filename changes.

filename: proxy.ts
```ts
export default clerkMiddleware(
  (auth, req) => {
    console.log('=========================')
    console.log('Request Headers')
    console.log('x-forwarded-host', req.headers.get('x-forwarded-host'))
    console.log('x-forwarded-proto', req.headers.get('x-forwarded-proto'))
    console.log('=========================')
  },
  { debug: debugStatus },
)
```

The `X-Forwarded-Host` header should return the same domain as the one you configured on the [**Domains**](https://dashboard.clerk.com/~/domains) page in the Clerk Dashboard. The `X-Forwarded-Proto` header should return `https` as Clerk requires this value to be `https` for production instances.

Here is an example result:

```log
=========================
Request Headers
x-forwarded-host example.com
x-forwarded-proto https
=========================
```

---

## Sitemap

[Overview of all docs pages](https://clerk.com/docs/llms.txt)