Skip to content

shedowe19/ShieldPM

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

4,609 Commits
.github
.github
Β 
Β 
.tscanner
.tscanner
Β 
Β 
backend
backend
Β 
Β 
caddy
caddy
Β 
Β 
docs
docs
Β 
Β 
frontend
frontend
Β 
Β 
rootfs
rootfs
Β 
Β 
scripts
scripts
Β 
Β 
.cursorrules
.cursorrules
Β 
Β 
.gitattributes
.gitattributes
Β 
Β 
.gitignore
.gitignore
Β 
Β 
.imgbotconfig
.imgbotconfig
Β 
Β 
.version
.version
Β 
Β 
.yarnrc.yml
.yarnrc.yml
Β 
Β 
AGENTS.md
AGENTS.md
Β 
Β 
Dockerfile
Dockerfile
Β 
Β 
GEMINI.md
GEMINI.md
Β 
Β 
LICENSE
LICENSE
Β 
Β 
README.md
README.md
Β 
Β 
THIRD-PARTY-NOTICES.md
THIRD-PARTY-NOTICES.md
Β 
Β 
agent.md
agent.md
Β 
Β 
biome.json
biome.json
Β 
Β 
compose.easy.yaml
compose.easy.yaml
Β 
Β 
compose.yaml
compose.yaml
Β 
Β 
docker-compose.demo.yaml
docker-compose.demo.yaml
Β 
Β 
pentest_crowdsec.py
pentest_crowdsec.py
Β 
Β 
renovate.json
renovate.json
Β 
Β 

Repository files navigation

ShieldPM

CI Status Version License

A modern, security-focused reverse proxy manager built on top of Nginx β€” with a clean web UI, advanced TLS management, and built-in protection features.

Caution

Migration from NPMplus required.

  • Update your compose.yaml to use ghcr.io/shedowe19/shieldpm:latest
  • Data now lives at /data/shieldpm (auto-migrated from /data/npmplus on first start)
  • Switched from Alpine to Debian Trixie β€” use Debian package names (e.g. php8.2-curl instead of php82-curl)
  • Downgrading is not possible β€” back up your data before upgrading

πŸš€ Quick Start

# 1. Download config
curl -o compose.yaml https://raw.githubusercontent.com/shedowe19/ShieldPM/refs/heads/develop/compose.yaml

# 2. Set your timezone and ACME email in compose.yaml, then start
docker compose up -d

Open the admin UI at https://<your-ip>:81

Default credentials:

  • Email: admin@example.org
  • Password: Check the container logs β†’ docker logs shieldpm

πŸ› οΈ Tech Stack

Docker Nginx Node.js Express React TypeScript Vite Vitest SQLite MySQL MariaDB PostgreSQL Tailwind CSS Radix UI TanStack Query Framer Motion Lucide Knex.js Objection.js Caddy PHP GoAccess ModSecurity OpenAppSec CrowdSec MaxMind Cloudflare

✨ Features

  • Reverse Proxy β€” Manage Nginx hosts, redirects, and streams from a clean UI
  • SSL/TLS β€” Automatic Let's Encrypt certificates with HTTP/2 and HTTP/3 (QUIC) support
  • WAF β€” ModSecurity with OWASP CoreRuleSet + OpenAppSec integration
  • CrowdSec IPS β€” Community-powered intrusion prevention
  • Cloudflare Tunnels β€” Create and manage Zero Trust tunnels directly from the UI
  • PHP-FPM β€” Optional PHP 8.2 / 8.3 / 8.4 integration
  • Analytics β€” Built-in GoAccess dashboard on port :91
  • Auth Requests β€” SSO support via Authentik and similar providers
  • Multi-DB β€” SQLite (default), MySQL/MariaDB, or PostgreSQL
  • i18n β€” UI available in English, German, Spanish, French, and more

πŸ“š Documentation

Full setup guides, configuration options, and advanced usage are in the Wiki.

Projekt-Wiki (Intern)

Die interne Entwicklerdokumentation fΓΌr Entwickler und AI-Agenten befindet sich unter:

πŸ”¨ Development

# Frontend
cd frontend && yarn install && yarn dev

# Backend
cd backend && npm install && npm run dev

# Tests
npm test

πŸ™ Acknowledgments

Special thanks to @ZoeyVid for the foundational work on NPMplus, and to all contributors who help make ShieldPM better.

Questions or ideas? Head over to GitHub Discussions β€” we'd love to hear from you.

Maintained with ❀️ by the ShieldPM Contributors.

About

ShieldPM is an advanced, security-focused of Nginx Proxy Manager (NPM).

Resources

Readme

License

View license
Activity

Stars

1 star

Watchers

0 watching

Forks

2 forks
Report repository

Releases 6

ShieldPM v4.3.2 (develop-761cedc) Latest
Apr 9, 2026
+ 5 releases

Packages

 
 
 

Contributors

Languages