Securing HTTP traffic of your server


These instructions will enable you to secure HTTP traffic of your self-hosted infrastructure, using a reverse proxy with Nginx.


  • Your self-hosted infrastructure is running on our docker setup
  • You've installed nginx in your server.
  • You've configured a domain name (or subdomain) to point to your server's IP address.

Getting started

Setting up Nginx

  1. Disable the default virtual host:
unlink /etc/nginx/sites-enabled/default
  1. Create a new file named standardnotes.conf within /etc/nginx/sites-available:
server {
  listen 80;
  listen [::]:80;

  access_log /var/log/nginx/standardnotes-access.log;
  error_log /var/log/nginx/standardnotes-error.log;

  client_max_body_size 50M;

  location / {

Note Replace with your actual domain and 3000 with the port you have specified as {EXPOSED_PORT} if you have changed it.

  1. Enable your new site:
ln -s /etc/nginx/sites-available/standardnotes.conf /etc/nginx/sites-enabled/standardnotes.conf
  1. Restart Nginx to apply changes

There may be different ways to restart Nginx. If you installed Nginx from Ubuntu's default repository just type:

$ sudo service nginx restart
  1. Test your Nginx configuration with:
$ nginx -t
  1. Setting up Certbot for HTTPS configuration

Go to certbot to get and install your HTTPS certificate.

Certbot should automatically update your Nginx configuration and create SSL certificates for you.

After completing the above instructions, your Sync server should be HTTPS enabled!

Using your secured server

In the account menu, choose Advanced Options and enter the address of your new server in Sync Server Domain.

Then, register for a new account or log into an existing account and begin using your private new secure Standard Notes server!

Other ways to get help

Browse or post to the forum
Recommended for non-account related issues.
Join the Standard Notes Discord group
Recommended for small talk.
Send an email to
Recommended for account related issues.