+## Foreword
+
+This guide assumes that:
+
+- Shaarli runs in a Docker container
+- The host's `10080` port is mapped to the container's `80` port
+- Shaarli's Fully Qualified Domain Name (FQDN) is `shaarli.domain.tld`
+- HTTP traffic is redirected to HTTPS
+
+## Apache
+
+- [Apache 2.4 documentation](https://httpd.apache.org/docs/2.4/)
+ - [mod_proxy](https://httpd.apache.org/docs/2.4/mod/mod_proxy.html)
+ - [Reverse Proxy Request Headers](https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#x-headers)
+
+The following HTTP headers are set when the `ProxyPass` directive is set:
+
+- `X-Forwarded-For`
+- `X-Forwarded-Host`
+- `X-Forwarded-Server`
+
+The original `SERVER_NAME` can be sent to the proxied host by setting the [`ProxyPreserveHost`](https://httpd.apache.org/docs/2.4/mod/mod_proxy.html#ProxyPreserveHost) directive to `On`.
+
+```apache
+<VirtualHost *:80>
+ ServerName shaarli.domain.tld
+ Redirect permanent / https://shaarli.domain.tld
+</VirtualHost>
+
+<VirtualHost *:443>
+ ServerName shaarli.domain.tld
+
+ SSLEngine on
+ SSLCertificateFile /path/to/cert
+ SSLCertificateKeyFile /path/to/certkey
+
+ LogLevel warn
+ ErrorLog /var/log/apache2/shaarli-error.log
+ CustomLog /var/log/apache2/shaarli-access.log combined
+
+ RequestHeader set X-Forwarded-Proto "https"
+ ProxyPreserveHost On
+
+ ProxyPass / http://127.0.0.1:10080/
+ ProxyPassReverse / http://127.0.0.1:10080/
+</VirtualHost>
+```