diff -rN -u old-smederee/README.md new-smederee/README.md
--- old-smederee/README.md	2025-01-16 00:15:38.986223475 +0000
+++ new-smederee/README.md	2025-01-16 00:15:38.986223475 +0000
@@ -142,6 +142,29 @@
 GRANT CONNECT, CREATE ON DATABASE <database name> TO <role name>;
 ```
 
+### Reverse proxy setup ###
+
+It is advised to run the service behind a reverse proxy like nginx[^6]. The
+configuration is pretty straight forward and should not require any tweaking:
+
+```
+server {
+  # Your server configuration (servername, ssl, etc.)
+  # ...
+  # The actual reverse proxy configuration:
+  location / {
+    proxy_pass http://localhost:8080;
+    proxy_set_header X-Forwarded-Host $http_host;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header X-Forwarded-Proto $scheme;
+    proxy_http_version 1.1;
+  }
+}
+```
+
+Please note that you will have to adjust the `proxy_pass` part (hostname and
+port) if you're running the service on another interface or port.
+
 ### Coloured diffs ###
 
 1. Install `colordiff`
@@ -150,9 +173,10 @@
    diff diff-command colordiff -rN -u %1 %2
    ```
 
-[1]: https://owasp.org/Top10/
-[2]: https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html
-[3]: https://cheatsheetseries.owasp.org/cheatsheets/JSON_Web_Token_for_Java_Cheat_Sheet.html
-[4]: https://cheatsheetseries.owasp.org/cheatsheets/Forgot_Password_Cheat_Sheet.html
-[5]: https://cheatsheetseries.owasp.org/cheatsheets/REST_Security_Cheat_Sheet.html
+[^1]: https://owasp.org/Top10/
+[^2]: https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html
+[^3]: https://cheatsheetseries.owasp.org/cheatsheets/JSON_Web_Token_for_Java_Cheat_Sheet.html
+[^4]: https://cheatsheetseries.owasp.org/cheatsheets/Forgot_Password_Cheat_Sheet.html
+[^5]: https://cheatsheetseries.owasp.org/cheatsheets/REST_Security_Cheat_Sheet.html
+[^6]: https://nginx.org/en/