Reverse Proxy: block web interface and API
Hi everyone! 
I have Immich running in Docker on my home server and exposed to the internet through Caddy. Everything—photo uploads, face recognition, web UI, and mobile app—works great. But the docs warn that using a reverse proxy exposes the API (see https://immich.app/docs/guides/remote-access#cons-2). I’d like to block the public API endpoint while keeping the web UI accessible.
What I tried (Caddyfile):
This returns 403 for /api, but the web interface also stops loading.
Does anyone have a working Caddy configuration or tips on how to block only the API without breaking the UI?
I have Immich running in Docker on my home server and exposed to the internet through Caddy. Everything—photo uploads, face recognition, web UI, and mobile app—works great. But the docs warn that using a reverse proxy exposes the API (see https://immich.app/docs/guides/remote-access#cons-2). I’d like to block the public API endpoint while keeping the web UI accessible.
What I tried (Caddyfile):
This returns 403 for /api, but the web interface also stops loading.
Does anyone have a working Caddy configuration or tips on how to block only the API without breaking the UI?
