http://198.51.100.20:25591 gets your site online, but you wouldn't put it on a business card — and it has no padlock. This guide is a tour of the server's Network page, which is where a web app graduates from a raw address to a real domain with automatic HTTPS.
| At a glance | |
|---|---|
| You need | A web app that already loads at its address:port — if not, fix that first with Your first web app |
| Plan | All plans |
| Time | Ten minutes, plus DNS wait time for a custom domain |
The tabs, at a glance
| Option | What you get | SSL? | URL looks like |
|---|---|---|---|
| Ports | Your raw public address | No | address:25591 |
| Falix subdomain | A free, friendly DNS name | No | yourname.falixsrv.me:25591 |
| Reverse Proxy | A real domain, no port | Yes, automatic | yourname.falix.org |
For an actual website you almost always want the Reverse Proxy — the other two are stepping stones. (There's also an Internal Network tab for private server-to-server connections between your own Falix servers — nothing to do with public visitors, but handy when one of your servers needs to talk to another without exposing it.)
Ports — instant, ugly, fine for testing
The Ports tab lists your server's allocation: the public address and port. Combined as http://address:port, it works the moment your app is listening, with zero setup. It's the right tool while you're still building — no DNS, no waiting. It's just not something you'd hand to visitors.
Falix subdomains — a friendlier name
The Falix subdomains section gives you a free DNS name that points at your server, so people type words instead of an IP. You pick a label (3–30 characters, lowercase letters, digits, and hyphens) and a suffix — falixsrv.me, falix.gg, falix.me, falix.dev, falix.app, or falix.pro — giving something like yourname.falixsrv.me.
⚠️ Heads up: A subdomain only points the name at your address, so for a web app the port still shows in the URL (
yourname.falixsrv.me:25591), and it brings no SSL on its own. It's a nicer address, not full hosting.
Reverse Proxy — the real answer for websites
The Reverse Proxy tab is what makes a site look professional: a clean domain, no port in the URL, and HTTPS set up for you automatically. It's available on all plans. A proxy has two choices to make:
- The domain. Either a Falix domain like
yourname.falix.org(instant, nothing to configure), or your own custom domain, which adds a DNS verification step (below). - The backend port. This is the port on your server that the proxy forwards traffic to — it must be one of your server's own ports (in the 1024–65535 range), i.e. the port your app is actually listening on.
🎯 Good to know: A new proxy's SSL status moves from pending to active on its own — no certificate files to manage. A custom domain stays pending until its DNS verification completes.
You can run several proxies per server (around five), so pointing both www.yoursite.com and a bare yoursite.com, or a Falix domain and your custom one, at the same app is fine — each is just another proxy on the list.
💡 Tip: The raw
address:portURL keeps working the whole time — if the proxied domain misbehaves, testing the port directly tells you whether the problem is your app or the proxy in front of it.
Using your own custom domain
Point a domain you own at your app by adding it as a custom domain on the Reverse Proxy tab and completing the DNS verification step it shows you — you add the record it gives you at your domain registrar to prove you control the name. Once DNS is verified, SSL is issued automatically and the status flips to active. (Exact records are shown in the panel at the time you add the domain; follow those.)
Managing a proxy
Each proxy on the list can be changed after you create it:
- Repoint it — change the backend port it forwards to (still one of your server's own ports, 1024–65535), for when your app moves to a different port.
- Disable / re-enable — switch a proxy off without deleting it, then flip it back on later.
- Retry SSL — if a custom domain's certificate didn't issue, retry it once DNS is verified. Falix subdomains use a shared wildcard certificate, so there's nothing to retry there.
- Delete — remove the proxy entirely; the domain stops resolving to your app, while your server and its raw
address:portare untouched.
Verify it works
After creating a proxy, wait for the SSL status to read active, then open your domain in a browser over https://. You should see your site and a padlock, with no port in the address bar. That's the finished, shareable version — the one to actually give to people. Bookmark the plain address:port for yourself, though; it stays useful for quick checks whenever you're changing the app.
Troubleshooting
- SSL stuck on "pending" — for a custom domain, DNS isn't verified yet; recheck the record you added at your registrar and give it time to propagate. A Falix domain should go active quickly; if it doesn't, the proxy can't reach your app (see below).
- Domain loads but shows a proxy/502-style error — the proxy reached Falix but your app isn't answering on the backend port. Confirm the app is running and listening on that exact port, bound to
0.0.0.0; then work through I can't reach my app. - Subdomain or proxy name rejected — it broke the naming rules. Use 3–30 characters, lowercase letters, digits, and hyphens only, and pick a label that isn't already taken.