A reverse proxy allows you to send events to PostHog Cloud using your own domain.
This means that events are sent from your own domain and are less likely to be intercepted by tracking blockers. You be able to capture more usage data without having to self-host PostHog.
Setting up a reverse proxy means setting up a service to redirect requests from a subdomain you choose (like
e.yourdomain.com) to PostHog. It is best practice to use a subdomain that does not include
tracking, or other similar words.
You then use this subdomain as your instance host in the initialization of PostHog instead of
Note: PostHog Cloud requires that the proxy sets the
eu.posthog.comfor requests sent to
app.posthog.comfor requests sent to
Deploying a reverse proxy
We like using Caddy because it makes setting up the reverse proxy and TLS a breeze.
docker run -p 80:80 -p 443:443 caddy caddy reverse-proxy --to app.posthog.com:443 --from <YOUR_TRACKING_DOMAIN> --change-host-header
You'll want to sub out
YOUR_TRACKING_DOMAIN for whatever domain you use for proxying to PostHog. We'd suggest something like
e.yourdomain.com or the like.
Make sure your DNS records point to your machine and that ports 80 and 443 are open to the public and directed toward Caddy.
Using AWS CloudFront
CloudFront can be used as a reverse proxy. Although there are multiple other options if you're using AWS
CloudFront doesn't forward headers, cookies, or query parameters received from the origin that PostHog uses by default. To set these up, you need an "origin request policy" as in the instructions below.
Create a distribution
- Create a CloudFront distribution
- Set the origin domain to your PostHog instance (
eu.posthog.comfor PostHog Cloud).
- Allow all HTTP methods
- Create and attach to the distribution, an "origin request policy" that forwards all query parameters
- In "Cache key settings" for the "Cache policy" set "Query strings" to "All".
- You also need to include the
- Set the
Origin request policyto
- Set the
Response headers policyto
- Once the distribution is deployed set its URL as the API host in your JS snippet or SDK config
You can find out about CloudFront pricing on the AWS website
CloudFront distribution setup video
In Cloudflare, create a new CNAME record for your domain. It should point to
eu.posthog.com depending on your region, and have proxy enabled (e.g.
CNAME, e, app.posthog.com, proxy enabled). Finally, use Page Rules to change the Host header.
Cloudflare does require your domain to be hosted with them, and using them does more than just proxying requests, such as blocking traffic from bots. Additionally, you must be on the Enterprise CloudFlare plan to customize the Host header.