diff --git a/contrib/README.md b/contrib/README.md
index d7645f76..5ea04b38 100644
--- a/contrib/README.md
+++ b/contrib/README.md
@@ -13,3 +13,7 @@
 init-scripts to start copyparty as a service
 * [`systemd/copyparty.service`](systemd/copyparty.service)
 * [`openrc/copyparty`](openrc/copyparty)
+
+# Reverse-proxy
+copyparty has basic support for running behind another webserver
+* [`nginx/copyparty.conf`](nginx/copyparty.conf)
diff --git a/contrib/nginx/copyparty.conf b/contrib/nginx/copyparty.conf
new file mode 100644
index 00000000..b8c3f454
--- /dev/null
+++ b/contrib/nginx/copyparty.conf
@@ -0,0 +1,26 @@
+upstream cpp {
+	server 127.0.0.1:3923;
+	keepalive 120;
+}
+server {
+	listen 443 ssl;
+	listen [::]:443 ssl;
+
+	server_name fs.example.com;
+	
+	location / {
+		proxy_pass http://cpp;
+		proxy_redirect off;
+		# disable buffering (next 4 lines)
+		proxy_http_version 1.1;
+		client_max_body_size 0;
+		proxy_buffering off;
+		proxy_request_buffering off;
+
+		proxy_set_header   Host              $host;
+		proxy_set_header   X-Real-IP         $remote_addr;
+		proxy_set_header   X-Forwarded-For   $proxy_add_x_forwarded_for;
+		proxy_set_header   X-Forwarded-Proto $scheme;
+		proxy_set_header   Connection        "Keep-Alive";
+	}
+}
diff --git a/copyparty/httpcli.py b/copyparty/httpcli.py
index 7d6841e7..925c9738 100644
--- a/copyparty/httpcli.py
+++ b/copyparty/httpcli.py
@@ -83,6 +83,10 @@ class HttpCli(object):
         v = self.headers.get("connection", "").lower()
         self.keepalive = not v.startswith("close")
 
+        v = self.headers.get("x-forwarded-for", None)
+        if v is not None and self.conn.addr[0] in ["127.0.0.1", "::1"]:
+            self.log_src = self.conn.set_rproxy(v.split(",")[0])
+
         self.uname = "*"
         if "cookie" in self.headers:
             cookies = self.headers["cookie"].split(";")
@@ -462,7 +466,7 @@ class HttpCli(object):
 
         spd = self._spd(post_sz)
         self.log("{} thank".format(spd))
-        self.reply("thank")
+        self.reply(b"thank")
         return True
 
     def handle_login(self):
diff --git a/copyparty/httpconn.py b/copyparty/httpconn.py
index 79be834e..d9509bbe 100644
--- a/copyparty/httpconn.py
+++ b/copyparty/httpconn.py
@@ -46,7 +46,7 @@ class HttpConn(object):
         self.nbyte = 0
         self.workload = 0
         self.log_func = hsrv.log
-        self.log_src = "{} \033[36m{}".format(addr[0], addr[1]).ljust(26)
+        self.set_rproxy()
 
         env = jinja2.Environment()
         env.loader = jinja2.FileSystemLoader(os.path.join(E.mod, "web"))
@@ -56,6 +56,18 @@ class HttpConn(object):
         self.tpl_md = env.get_template("md.html")
         self.tpl_mde = env.get_template("mde.html")
 
+    def set_rproxy(self, ip=None):
+        if ip is None:
+            color = 36
+            ip = self.addr[0]
+            self.rproxy = None
+        else:
+            color = 34
+            self.rproxy = ip
+
+        self.log_src = "{} \033[{}m{}".format(ip, color, self.addr[1]).ljust(26)
+        return self.log_src
+
     def respath(self, res_name):
         return os.path.join(E.mod, "web", res_name)