#### Reverse Proxy gRPC Port (support Cloudflare CDN)
Use Nginx or Caddy to reverse proxy gRPC

- Nginx configuration files

```nginx
server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name data.example.com; # The domain name where the Agent connects to Dashboard

    ssl_certificate          /data/letsencrypt/fullchain.pem; # Your domain certificate path
    ssl_certificate_key      /data/letsencrypt/key.pem;       # Your domain's private key path
    ssl_stapling on;
    ssl_session_timeout 1d;
    ssl_session_cache shared:SSL:10m; # This line may conflict with other configuration files. If a conflict occurs, please comment out this line
    ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;

    underscores_in_headers on;

    keepalive_time 24h;
    keepalive_requests 100000;
    keepalive_timeout 120s;

    location / {
        grpc_read_timeout 300s;
        grpc_send_timeout 300s;
        grpc_socket_keepalive on;
        grpc_pass grpc://grpcservers;
    }
}

upstream grpcservers {
    server localhost:5555;
    keepalive 512;
}
```

- Caddy configuration files

```
data.example.com:443 { # The domain name where the Agent connects to Dashboard
    reverse_proxy {
        to localhost:5555
        transport http {
            versions h2c 2
        }
    }
}
```

Dashboard  Configuration

- First login to the Dashboard and enter the admin panel, go to the settings page, fill in the `CDN Bypassed Domain/IP` with the domain name you configured in Nginx or Caddy, for example `data.example.com`, and save it.
- Then open the `/opt/nezha/dashboard/data/config.yaml` file in the panel server and change `proxygrpcport` to the port that Nginx or Caddy is listening on, such as `443` as set in the previous step. Since we have SSL/TLS enabled in Nginx or Caddy, we need to set `tls` to `true`, restart the panel when you are done.

Agent Configuration

- Log in to the admin panel, copy the one-click install command, and run the one-click install command on the corresponding server to reinstall the agent.

Enable Cloudflare CDN (optional)

According to Cloudflare gRPC requirements: gRPC services must listen on port 443 and must support TLS and HTTP/2.
So if you need to enable CDN, you must use port 443 when configuring Nginx or Caddy reverse proxy gRPC and configure the certificate (Caddy will automatically apply and configure the certificate).

-  Log in to Cloudflare and select the domain you are using. Go to the `Network` page and turn on the `gRPC` switch, then go to the `DNS` page, find the resolution record of the domain with gRPC configuration, and turn on the orange cloud icon to enable CDN.