Nginx Proxy GuardNginx Proxy Guard

API Reference

Use the Nginx Proxy Guard API to control the system programmatically.

Authentication

All API endpoints (except /api/v1/auth/login and /api/v1/challenge/*) require authentication via the following header.

# JWT Bearer token
Authorization: Bearer <jwt_token>

# API token
Authorization: Bearer ng_<api_token>

Authentication

Public Endpoints (No Authentication Required)

MethodEndpointDescription
POST/api/v1/auth/loginLog in
POST/api/v1/auth/logoutLog out
GET/api/v1/auth/statusCheck authentication status
POST/api/v1/auth/verify-2faVerify 2FA code

Authentication Management

MethodEndpointDescription
GET/api/v1/auth/meCurrent user information
GET/api/v1/auth/accountAccount details
POST/api/v1/auth/change-credentialsChange username/email
POST/api/v1/auth/change-passwordChange password
POST/api/v1/auth/2fa/setupStart 2FA setup
POST/api/v1/auth/2fa/enableEnable 2FA
POST/api/v1/auth/2fa/disableDisable 2FA
GET/api/v1/auth/languageGet language setting
PUT/api/v1/auth/languageChange language setting
GET/api/v1/auth/fontGet font setting
PUT/api/v1/auth/fontChange font setting

API Token Management

MethodEndpointDescription
GET/api/v1/api-tokensList tokens
POST/api/v1/api-tokensCreate a new token
GET/api/v1/api-tokens/permissionsList available permissions
GET/api/v1/api-tokens/:idToken details
PUT/api/v1/api-tokens/:idUpdate token
POST/api/v1/api-tokens/:id/revokeRevoke token
DELETE/api/v1/api-tokens/:idDelete token
GET/api/v1/api-tokens/:id/usageToken usage statistics

Proxy Host Management

MethodEndpointDescription
GET/api/v1/proxy-hostsList hosts
POST/api/v1/proxy-hostsCreate a new host
GET/api/v1/proxy-hosts/by-domain/:domainLook up by domain
POST/api/v1/proxy-hosts/syncSync all configurations
GET/api/v1/proxy-hosts/:idGet details
PUT/api/v1/proxy-hosts/:idUpdate host
DELETE/api/v1/proxy-hosts/:idDelete host
POST/api/v1/proxy-hosts/:id/testConnection test

SSL Certificate Management

MethodEndpointDescription
GET/api/v1/certificatesList certificates
POST/api/v1/certificatesIssue Let's Encrypt certificate
POST/api/v1/certificates/uploadUpload custom certificate
GET/api/v1/certificates/expiringList expiring certificates
GET/api/v1/certificates/:idCertificate details
DELETE/api/v1/certificates/:idDelete certificate
POST/api/v1/certificates/:id/renewRenew certificate

DNS Provider Management

MethodEndpointDescription
GET/api/v1/dns-providersList providers
POST/api/v1/dns-providersCreate provider
POST/api/v1/dns-providers/testTest credentials
GET/api/v1/dns-providers/defaultGet default provider
GET/api/v1/dns-providers/:idProvider details
PUT/api/v1/dns-providers/:idUpdate provider
DELETE/api/v1/dns-providers/:idDelete provider

DDNS Records

MethodEndpointDescription
GET/api/v1/ddns-recordsList DDNS records
POST/api/v1/ddns-recordsCreate DDNS record
POST/api/v1/ddns-records/syncSync all records
POST/api/v1/ddns-records/import-from-hostsBulk-enable DDNS from proxy hosts
GET/api/v1/ddns-records/:idRecord details
PUT/api/v1/ddns-records/:idUpdate record
DELETE/api/v1/ddns-records/:idDelete record
POST/api/v1/ddns-records/:id/syncSync a single record

Security Settings (Per Host)

Rate Limiting

MethodEndpointDescription
GET/api/v1/proxy-hosts/:id/rate-limitGet rate limit
PUT/api/v1/proxy-hosts/:id/rate-limitConfigure rate limit
DELETE/api/v1/proxy-hosts/:id/rate-limitDelete rate limit

Fail2ban

MethodEndpointDescription
GET/api/v1/proxy-hosts/:id/fail2banGet Fail2ban
PUT/api/v1/proxy-hosts/:id/fail2banConfigure Fail2ban
DELETE/api/v1/proxy-hosts/:id/fail2banDelete Fail2ban

Bot Filter

MethodEndpointDescription
GET/api/v1/proxy-hosts/:id/bot-filterGet bot filter
PUT/api/v1/proxy-hosts/:id/bot-filterConfigure bot filter
DELETE/api/v1/proxy-hosts/:id/bot-filterDelete bot filter
GET/api/v1/bots/knownList known bots

GeoIP Restrictions

MethodEndpointDescription
GET/api/v1/proxy-hosts/:id/geoGet geo restrictions
POST/api/v1/proxy-hosts/:id/geoCreate geo restrictions
PUT/api/v1/proxy-hosts/:id/geoUpdate geo restrictions
DELETE/api/v1/proxy-hosts/:id/geoDelete geo restrictions
GET/api/v1/geo/countriesList country codes

URI Blocking

MethodEndpointDescription
GET/api/v1/uri-blocksList all URI blocks
POST/api/v1/uri-blocks/bulk-add-ruleBulk add rules
GET/api/v1/proxy-hosts/:id/uri-blockGet per-host URI block
PUT/api/v1/proxy-hosts/:id/uri-blockConfigure per-host URI block
DELETE/api/v1/proxy-hosts/:id/uri-blockDelete per-host URI block
POST/api/v1/proxy-hosts/:id/uri-block/rulesAdd rule
DELETE/api/v1/proxy-hosts/:id/uri-block/rules/:ruleIdDelete rule
GET/api/v1/global-uri-blockGet global URI block
PUT/api/v1/global-uri-blockConfigure global URI block
POST/api/v1/global-uri-block/rulesAdd global rule
DELETE/api/v1/global-uri-block/rules/:ruleIdDelete global rule

Security Headers

MethodEndpointDescription
GET/api/v1/proxy-hosts/:id/security-headersGet security headers
PUT/api/v1/proxy-hosts/:id/security-headersConfigure security headers
DELETE/api/v1/proxy-hosts/:id/security-headersDelete security headers
GET/api/v1/security-headers/presetsList header presets
POST/api/v1/proxy-hosts/:id/security-headers/preset/:presetApply preset

Challenge (CAPTCHA)

MethodEndpointDescription
GET/api/v1/challenge-configGlobal challenge settings
PUT/api/v1/challenge-configChange global challenge settings
GET/api/v1/challenge-config/statsChallenge statistics
GET/api/v1/proxy-hosts/:id/challengePer-host challenge settings
PUT/api/v1/proxy-hosts/:id/challengeChange per-host challenge settings
DELETE/api/v1/proxy-hosts/:id/challengeDelete per-host challenge

Cloud Provider Blocking

MethodEndpointDescription
GET/api/v1/cloud-providersList cloud providers
GET/api/v1/cloud-providers/by-regionProviders by region
GET/api/v1/cloud-providers/:slugProvider details
GET/api/v1/proxy-hosts/:id/blocked-cloud-providersGet blocked providers
PUT/api/v1/proxy-hosts/:id/blocked-cloud-providersConfigure blocked providers

Upstream (Load Balancing)

MethodEndpointDescription
GET/api/v1/proxy-hosts/:id/upstreamGet upstream (load-balanced backend pool)
PUT/api/v1/proxy-hosts/:id/upstreamConfigure upstream
DELETE/api/v1/proxy-hosts/:id/upstreamDelete upstream
GET/api/v1/upstreams/:id/healthUpstream server health

WAF Management

WAF Testing

MethodEndpointDescription
GET/api/v1/waf-test/patternsList test patterns
POST/api/v1/waf-test/testTest a single pattern
POST/api/v1/waf-test/test-allTest all patterns

WAF Rule Management

MethodEndpointDescription
GET/api/v1/waf/rulesAll OWASP CRS rules
GET/api/v1/waf/hostsWAF settings for all hosts
GET/api/v1/waf/hosts/:id/configPer-host WAF settings
GET/api/v1/waf/hosts/:id/historyPolicy change history
POST/api/v1/waf/hosts/:id/rules/:ruleId/disableDisable host rule
POST/api/v1/waf/rules/disable-by-hostDisable rule by domain
DELETE/api/v1/waf/hosts/:id/rules/:ruleId/disableEnable host rule
GET/api/v1/waf/global/rulesGlobal rule status
GET/api/v1/waf/global/exclusionsList global exclusions
GET/api/v1/waf/global/historyGlobal policy history
POST/api/v1/waf/global/rules/:ruleId/disableDisable global rule
DELETE/api/v1/waf/global/rules/:ruleId/disableEnable global rule

IP Block Management

MethodEndpointDescription
GET/api/v1/banned-ipsList banned IPs
POST/api/v1/banned-ipsManually ban an IP
DELETE/api/v1/banned-ips/:idUnban IP by ID
DELETE/api/v1/banned-ipsUnban by IP address
GET/api/v1/banned-ips/historyGet ban history
GET/api/v1/banned-ips/history/statsBan statistics
GET/api/v1/banned-ips/history/ip/:ipHistory for a specific IP

Filter Subscriptions

MethodEndpointDescription
GET/api/v1/filter-subscriptionsList subscriptions
POST/api/v1/filter-subscriptionsCreate subscription
GET/api/v1/filter-subscriptions/catalogPreset blocklist catalog
POST/api/v1/filter-subscriptions/catalog/subscribeSubscribe to a catalog list
GET/api/v1/filter-subscriptions/:idSubscription details
PUT/api/v1/filter-subscriptions/:idUpdate subscription
DELETE/api/v1/filter-subscriptions/:idDelete subscription
POST/api/v1/filter-subscriptions/:id/refreshRefresh entries now
GET/api/v1/filter-subscriptions/:id/exclusionsList per-host exclusions
POST/api/v1/filter-subscriptions/:id/exclusions/:hostIdAdd per-host exclusion
DELETE/api/v1/filter-subscriptions/:id/exclusions/:hostIdRemove per-host exclusion
GET/api/v1/filter-subscriptions/:id/entry-exclusionsList entry exclusions
POST/api/v1/filter-subscriptions/:id/entry-exclusionsAdd entry exclusion
DELETE/api/v1/filter-subscriptions/:id/entry-exclusionsRemove entry exclusion

Redirect Hosts

MethodEndpointDescription
GET/api/v1/redirect-hostsList redirects
POST/api/v1/redirect-hostsCreate redirect
GET/api/v1/redirect-hosts/:idRedirect details
PUT/api/v1/redirect-hosts/:idUpdate redirect
DELETE/api/v1/redirect-hosts/:idDelete redirect

Access Lists (ACL)

MethodEndpointDescription
GET/api/v1/access-listsList access lists
POST/api/v1/access-listsCreate access list
GET/api/v1/access-lists/:idAccess list details
PUT/api/v1/access-lists/:idUpdate access list
DELETE/api/v1/access-lists/:idDelete access list

Logs & Monitoring

Dashboard

MethodEndpointDescription
GET/api/v1/dashboardDashboard summary data
GET/api/v1/dashboard/healthSystem health status
GET/api/v1/dashboard/health/historyHealth status history
GET/api/v1/dashboard/stats/hourlyHourly statistics
GET/api/v1/dashboard/containersDocker container status
GET/api/v1/dashboard/geoip-statsGeoIP statistics data

Unified Logs

MethodEndpointDescription
GET/api/v1/logsQuery logs (with filtering)
POST/api/v1/logsAdd log
GET/api/v1/logs/statsLog statistics
GET/api/v1/logs/settingsGet log settings
PUT/api/v1/logs/settingsChange log settings
POST/api/v1/logs/cleanupClean up old logs
GET/api/v1/logs/autocomplete/hostsHost autocomplete
GET/api/v1/logs/autocomplete/ipsIP autocomplete
GET/api/v1/logs/autocomplete/user-agentsUser-Agent autocomplete
GET/api/v1/logs/autocomplete/countriesCountry autocomplete
GET/api/v1/logs/autocomplete/urisURI autocomplete
GET/api/v1/logs/autocomplete/methodsHTTP method autocomplete

Audit Logs

MethodEndpointDescription
GET/api/v1/audit-logsQuery audit logs
GET/api/v1/audit-logs/actionsList action types
GET/api/v1/audit-logs/resource-typesList resource types
GET/api/v1/audit-logs/api-tokensAPI token usage history

System Logs

MethodEndpointDescription
GET/api/v1/system-logsQuery system logs
GET/api/v1/system-logs/statsSystem log statistics
POST/api/v1/system-logs/cleanupClean up system logs
GET/api/v1/system-logs/sourcesList log sources
GET/api/v1/system-logs/levelsList log levels

Settings Management

Global Nginx Settings

MethodEndpointDescription
GET/api/v1/settingsGet global settings
PUT/api/v1/settingsChange global settings
POST/api/v1/settings/resetReset to defaults
GET/api/v1/settings/presetsList settings presets
POST/api/v1/settings/preset/:presetApply preset

System Settings

MethodEndpointDescription
GET/api/v1/system-settingsGet system settings
PUT/api/v1/system-settingsChange system settings
GET/api/v1/system-settings/geoip/statusCheck GeoIP status
POST/api/v1/system-settings/geoip/updateUpdate GeoIP database
GET/api/v1/system-settings/geoip/historyGeoIP update history
POST/api/v1/system-settings/acme/testTest ACME configuration
GET/api/v1/system-settings/log-filesList log files
GET/api/v1/system-settings/log-files/:filename/downloadDownload log file
GET/api/v1/system-settings/log-files/:filename/viewView log file
DELETE/api/v1/system-settings/log-files/:filenameDelete log file
POST/api/v1/system-settings/log-files/rotateRotate logs
GET/api/v1/system-settings/logsLog retention settings
PUT/api/v1/system-settings/logsChange log retention settings

Backup & Restore

MethodEndpointDescription
GET/api/v1/backupsList backups
POST/api/v1/backupsCreate backup
POST/api/v1/backups/upload-restoreUpload and restore backup
GET/api/v1/backups/statsBackup statistics
GET/api/v1/backups/:idBackup information
GET/api/v1/backups/:id/downloadDownload backup
DELETE/api/v1/backups/:idDelete backup
POST/api/v1/backups/:id/restoreRestore backup

Testing & Validation

MethodEndpointDescription
POST/api/v1/test/nginx-configNginx config syntax check
POST/api/v1/test/proxy-host/:idProxy connection test
GET/api/v1/test/system/self-checkSystem self-diagnosis
GET/api/v1/test/backup-restoreBackup/restore test

System Status

MethodEndpointDescription
GET/api/v1/statusAPI status
GET/api/v1/healthHealth check
GET/api/docsSwagger UI
GET/api/docs/swagger.yamlSwagger spec