Remote access

Front claudex with Cloudflare Tunnel, frpc, Tailscale, or a Caddy reverse proxy — never bind 0.0.0.0.

claudex is the moment-of-truth product: it controls a process that has full access to your filesystem, your git repos, and your Anthropic credentials. Public exposure is intentionally your responsibility, not the server's. The server itself refuses to bind anything other than 127.0.0.1 / ::1 / localhost — there is no flag to override that.

To reach claudex from your phone, put a tunnel in front. Pick whichever fits your threat model.

Compare

Tunnel	Identity	Public DNS?	Cost
Tailscale Funnel	Tailscale account	Yes — `*.ts.net`	Free for personal use
Cloudflare Tunnel	Cloudflare account	Yes — your own domain	Free
frpc	Self-hosted frps	Yes — your own VPS / domain	VPS cost
Caddy reverse proxy	Static (LAN / VPN only)	No — LAN / Tailscale	Free

Tailscale Funnel

The fastest path to a phone-reachable URL with TLS that doesn't expose anything to the public internet beyond your tailnet's MagicDNS pinning.

tailscale funnel --bg http://127.0.0.1:5179

Open the printed https://<machine>.<tailnet>.ts.net URL on your phone. Tailscale handles TLS; claudex stays bound to localhost.

Cloudflare Tunnel

cloudflared tunnel --url http://127.0.0.1:5179

For a quick test, this prints an ephemeral trycloudflare.com URL — fine for a one-off, but it changes on every restart. For a stable URL, create a named tunnel and bind it to a hostname on a domain you own. Cloudflare handles TLS on the way in; claudex still listens on 127.0.0.1.

HTTP, not HTTPS If your tunnel terminates TLS but forwards plain HTTP to claudex, the page is technically loaded over HTTPS by your browser. Some setups (frpc without TLS, plain LAN) deliver claudex over plain HTTP, which puts the site outside the secure-context whitelist. Built-in features (the copy buttons on the install page, web push, the navigator.clipboard API) all degrade gracefully — but custom MCP-server frontends you write yourself might not.

frpc

If you already run frps on a VPS, drop a section like this into frpc.toml:

[[proxies]]
name = "claudex"
type = "tcp"
localIP = "127.0.0.1"
localPort = 5179
remotePort = 53179

Then put nginx / Caddy in front of :53179 on your VPS to terminate TLS and forward to the tunnel.

Caddy on a LAN-only domain

If you only need access from devices on your home network or your tailnet, run Caddy on the same machine as claudex with a self-signed cert or a Let's Encrypt cert against an internal hostname.

claudex.local {
  reverse_proxy 127.0.0.1:5179
}

Authentication still applies

No matter how you front claudex, the password + TOTP + recovery-code flow still applies. claudex doesn't trust the tunnel — it issues its own JWT, signed with the secret in ~/.claudex/jwt-secret, and verifies that secret on every request and every WebSocket handshake.

For an extra layer, most tunnels support pre-authentication (Cloudflare Access, Tailscale ACLs). Stack them with claudex's built-in auth if you like. The server is happy either way.

What's next

Troubleshooting — common tunnel and HTTPS gotchas.