Getting started Guide

What is ARC2 Proxy?

A blazing-fast global reverse proxy: edge caching, automatic TLS, load balancing and a built-in WAF.

ARC2 Proxy sits in front of your origin servers and accepts every HTTP/HTTPS request on your behalf. For each request it can serve a cached copy from the edge, terminate TLS with an automatically-issued certificate, screen the request through the WAF, compress and optimise the response, and load-balance across multiple backends — all before your origin ever sees the traffic.

The two layers of configuration

Everything is controlled at two levels. Global settings apply to the whole proxy process (ports, buffers, TLS floor, global toggles). Per-domain settings — the proxy_rules entries — apply to one hostname and override the global defaults for that domain.

Global — listening ports, socket tuning, the TLS version floor, and master on/off switches for caching, logging, rate limiting and SQL-injection protection.
Per-domain — where to forward, how long to cache, which compression and image transforms to run, routing/health-checks across backends, and per-domain security rules.

ℹ️Where settings live

In a self-hosted deployment these come from proxy_config.toml. In the managed portal each domain's rule is stored in your account and pushed to the edge — the field names and meanings are identical, which is why every setting article below lists its exact config key.

A minimal config

listening_port_http = 80
listing_port_https = 443
add_caching = true
proxy_min_tls_version = "TLS_1_3"

[[proxy_rules]]
domain = "example.com"
forward_ipv4 = "10.0.0.5"
forward_port_https = 443
max_age_seconds = 300
rule_type = "Whitelist"
redirect_to_https = true

That forwards example.com to a backend at 10.0.0.5, caches responses for 5 minutes at the edge, and upgrades any plain-HTTP visitor to HTTPS.

← Back to all documentation