Is Webflow blocking the proxied requests when using a reverse proxy in front of it?
TL;DR
- Webflow doesn't support reverse proxies and may block requests if headers like
HostorX-Forwarded-Forare missing or modified. - To avoid issues, ensure the proxy preserves all original headers, handles HTTPS termination correctly, disables improper caching, and avoids modifying request elements.
Webflow can show issues when you use a reverse proxy in front of it, especially if the proxy alters crucial request headers or improperly caches content. While Webflow doesn't officially support reverse proxies, understanding how its network handles requests can help determine the cause.
1. Webflow Doesn’t Officially Support Reverse Proxies
- Webflow's hosting stack is designed for direct traffic. Using a reverse proxy like NGINX or Cloudflare Workers to route traffic to Webflow is not supported.
- If a reverse proxy introduces any irregularities in headers, HTTPS termination, cookies, or caching, Webflow may reject or mishandle the request.
2. Key Headers Must Be Preserved
- Webflow expects certain headers, such as
HostandX-Forwarded-For, to be preserved accurately. - If the reverse proxy rewrites or strips these headers, Webflow may return 403 Forbidden or 404 Not Found errors.
3. Webflow Uses Cloudflare and AWS
- Webflow's infrastructure relies heavily on Cloudflare (for CDN and edge security) and AWS (for publishing and asset delivery).
- Requests that do not appear to originate through expected patterns or include incorrect headers can trigger security measures.
4. Common Issues with Reverse Proxies to Webflow
- HTTPS termination mismatch (e.g., reverse proxy terminates HTTPS and forwards HTTP requests).
- Incorrect caching policies where stale or invalid pages are served.
- Cookie stripping or rewriting that breaks Webflow-hosted site functionality.
5. Troubleshooting Recommendations
- Ensure the proxy preserves all original headers, especially
Host,X-Forwarded-For, andX-Forwarded-Proto. - Avoid modifying query strings, paths, or payloads for dynamic forms and CMS items.
- Confirm the proxy isn’t caching responses that should be dynamic (like CMS search or form states).
- Test with varying User-Agents—Webflow may interpret bots or altered headers differently.
Summary
Yes, Webflow may block or reject proxied requests when using a reverse proxy if headers are altered or requests deviate from normal patterns. To avoid issues, the proxy must transparently forward requests and preserve original headers without rewriting key request elements.