Skip to main content

Try free on Pangolin Cloud

Fastest way to get started with Pangolin using the hosted control plane. No credit card required.
HTTP and HTTPS public resources are the most common public resource type. They expose a web application or API on a fully qualified domain name with a valid TLS certificate, fronted by Pangolin’s authenticated reverse proxy. Users open the resource URL in any web browser. No Pangolin client is required.

How It Works

  1. You assign a FQDN on a domain managed in Pangolin.
  2. Pangolin terminates TLS and applies authentication and access rules.
  3. Authenticated requests are proxied through a site connector to your backend target.
Pangolin acts as a front-door barrier: unauthenticated visitors are redirected to a Pangolin login page before traffic reaches your application.

Target Configuration

HTTP/HTTPS resources use targets to define where traffic is sent on your remote network.
  • Add one or more targets, each with an upstream address and port.
  • Assign each target to a site. Targets on different sites enable round-robin load balancing and automatic failover.
  • Optionally configure path-based routing, path rewriting, custom host headers, and other proxy settings.
This multi-target model differs from SSH, RDP, and VNC public resources, which use site selection and a single host/port instead of discrete targets.

Authentication and Access Rules

HTTP/HTTPS resources are protocol-aware and fully support Pangolin’s identity and context policies:
  • Platform SSO and external identity providers
  • User, role, and machine access assignments
  • PIN, passcode, shareable links, and email OTP
  • Ranked allow/deny rules for IP, geolocation, URL paths, and more
See Authentication for the full list of options. To share the same settings across multiple resources, use a resource policy.