ghproxy
GHProxy is a Go-based reverse proxy designed to accelerate GitHub resource downloads (repos, files, Docker images) and bypass regional access restrictions. It supports caching, rate limiting, authentication, and Docker image proxying with a web UI.
Key facts
Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.
| Field | Value |
|---|---|
| Repository | WJQSERVER-STUDIO/ghproxy |
| Owner | WJQSERVER-STUDIO |
| Primary language | Go |
| License | MPL-2.0 — OSI-approved |
| Stars | 698 |
| Forks | 113 |
| Open issues | 13 |
| Latest release | 4.3.4 (2025-09-13) |
| Last updated | 2026-06-01 |
| Source | https://github.com/WJQSERVER-STUDIO/ghproxy |
What ghproxy is
A high-concurrency reverse proxy written in Go using the Touka HTTP framework, proxying GitHub raw files, Git clones, releases, and Docker/GHCR registries. Features include bandwidth throttling, custom allowlist/blocklist, shell script nesting, and optional Git clone caching integration via Smart-Git.
Get the ghproxy source
Clone the repository and explore it locally.
git clone https://github.com/WJQSERVER-STUDIO/ghproxy.gitcd ghproxy# follow the project's README for install & configurationNeed it deployed, integrated, or customized instead? DEV.co ships production installs.
Best use cases
Implementation considerations
- Dual-license model (WJQserver Studio License 2.1 + MPL-2.0) requires legal review; commercial use permissibility is unclear.
- Project is ~18 months old with active commits; stability and long-term maintenance commitment unknown.
- Front-end components are in a separate repository with independent licenses; review each theme's terms before deployment.
- Bandwidth and rate-limiting features should be tested under production load; no published benchmarks provided.
- Deployment via Docker Compose recommended; binary deployment is explicitly discouraged by maintainers.
When to avoid it — and what to weigh
- Strict Compliance Requirements for License — The dual-license model (WJQserver Studio License 2.1 + MPL-2.0) introduces non-standard licensing terms. Requires legal review before use in regulated environments or commercial closed-source products.
- Need for Enterprise Support Contract — No indication of commercial support offerings, SLAs, or vendor backing. Use only if internal support capability exists or downtime is acceptable.
- Multi-Tenancy with Hard Security Isolation — Project documentation does not describe multi-tenant isolation or defense against cross-tenant cache-poisoning; avoid for untrusted user scenarios.
- Seamless Drop-In for Standard Proxies — Requires custom configuration and frontend theme setup; not a zero-config replacement for standard HTTP proxies or Docker registry mirrors.
License & commercial use
Dual-licensed under WJQserver Studio License 2.1 (non-standard) and Mozilla Public License 2.0 (permissive OSI license). Licensee can choose one. WJQserver Studio License 2.1 terms are not published in the repository; refer to https://wjqserver-studio.github.io/LICENSE/LICENSE.html. Front-end components have separate, independent licenses.
Requires careful review. MPL-2.0 is permissive for commercial use, but WJQserver Studio License 2.1 is non-standard and its terms for commercial use are unclear. Before using in a commercial product or service, confirm compatibility with WJQserver Studio License 2.1 via legal counsel. No commercial support tier identified.
DEV.co evaluation signals
Editorial assessment — not user reviews. Directional, with an explicit confidence level.
| Signal | Assessment |
|---|---|
| Maintenance | Active |
| Documentation | Adequate |
| License clarity | Needs review |
| Deployment complexity | Moderate |
| DEV.co fit | Good |
| Assessment confidence | Medium |
Project does not publish a security policy or vulnerability disclosure process. Considerations: (1) Proxy handles sensitive GitHub tokens in requests; cache layer may inadvertently store credential information. (2) Custom blacklist/whitelist logic must be correctly configured to prevent unwanted proxying. (3) User authentication feature exists but implementation details and cryptographic practices not documented. (4) No published security audit or penetration test results. (5) Recommend testing in isolated environment before exposing to untrusted networks.
Alternatives to consider
ghproxy (node-based, github.com/hunshcn/gh-proxy)
Older, more established Python/Node alternative; simpler deployment but potentially lower performance under high concurrency.
Docker Registry (official mirror or nexus)
Standard Docker image caching solution with enterprise support and multi-registry support; does not proxy raw GitHub files or clones.
Cloudflare Workers / Fastly VCL custom proxy
Cloud-native reverse proxy with global edge caching; eliminates on-premises infrastructure but less control over business logic.
Build on ghproxy with DEV.co software developers
GHProxy is an active, Go-based solution for accelerating GitHub downloads and caching Docker images. Requires legal review of dual-license terms before commercial use. Contact us to evaluate for your DevOps infrastructure.
Talk to DEV.coRelated open-source tools
Surfaced by semantic similarity across the DEV.co open-source index.
Related on DEV.co
Explore the category and the services that help you build with it.
ghproxy FAQ
Can I use this in a commercial closed-source SaaS?
Does this project have a long-term maintenance guarantee?
Can I run this as a managed service or resell it?
What are the performance limits?
Software developers & web developers for hire
Need help beyond evaluating ghproxy? DEV.co is a software development agency offering software development services and web development for teams of every size. Our software developers and web developers build custom software, web applications, APIs, and open-source devops integrations — and maintain them long-term.
Need a High-Performance GitHub Proxy?
GHProxy is an active, Go-based solution for accelerating GitHub downloads and caching Docker images. Requires legal review of dual-license terms before commercial use. Contact us to evaluate for your DevOps infrastructure.