Skip to main content
Self-Hosted

Same APIs. Your infrastructure.

Run Browserless inside your own VPC, on-prem, or air-gapped network. The same browsers, the same APIs, with your data never leaving your security boundary.

Talk to salesRead the docs

Open-source Docker image · Commercial & Enterprise licensing · GPU-ready

Why self-host

When the browser has to run on your side of the firewall

Some workloads can't send data to a third-party cloud. Self-hosted Browserless keeps every session inside infrastructure you own and operate.

Data never leaves your network
Every page, screenshot, and scraped payload stays inside infrastructure you control. Nothing transits a third-party cloud, so sensitive data never leaves your security boundary.
Air-gapped, VPC, and on-prem
Deploy into a private VPC, an isolated subnet, or a fully air-gapped environment. The image is built for network-isolated infrastructure with no dependency on our cloud.
Built for regulated industries
Healthcare, finance, and government teams keep automation in-region for GDPR, HIPAA, and data-residency requirements, with SOC 2-ready controls and a DPA on request.
Cloud, private, or self-hosted

Choosing the right deployment

The same Enterprise image runs three ways. The difference is who operates it and where your data lives.

Cloud (shared)Private DeploymentSelf-Hosted Docker
Who runs the infrastructureBrowserlessBrowserless, on dedicated VMsYou
Where your data livesBrowserless cloudBrowserless-managed cloudYour VPC, on-prem, or air-gapped
Managed residential proxiesIncludedIncludedBring your own
Hosted dashboard and fleet opsIncludedIncludedLocal metrics and OpenTelemetry
Best forFast start, prototyping, low opsProduction scale with no infra workData sovereignty, regulated industries, custom networking

Not sure? Talk to our team and we'll size a deployment to your workload and compliance posture.

One container

Pull the image. Point your code at it.

The open-source Docker image runs your Puppeteer and Playwright code over WebSocket, plus the REST APIs, inside your own environment. The licensed Enterprise image adds BrowserQL, stealth, and session recording for full parity with our cloud.

Your existing automation connects the same way it does in the cloud. Swap the endpoint, keep the code.

Read the Docker quickstartMigrating from our cloud?
# Open-source single-browser image
docker run --rm -p 3000:3000 \
  -e "TOKEN=YOUR_TOKEN" \
  ghcr.io/browserless/chromium

# Or the multi-browser image:
# ghcr.io/browserless/multi
# Chrome · Chromium · Firefox · WebKit · Edge
13,000+GitHub stars
100M+Docker pulls
8 yearsin production
Editions

Open source to enterprise

Start with the open-source image, license it for commercial use, or run a private Enterprise deployment with dedicated infrastructure and support.

Open Source

Free, open-source

Open-source projects, prototyping, and evaluation.

  • Public Docker image on GHCR
  • Puppeteer, Playwright & REST APIs
  • SSPL-1.0 license
  • Community support on GitHub
View on GitHub
Most popular

Commercial License

Talk to sales

Closed-source commercial products, SaaS, or CI that can't meet SSPL's open-source terms.

  • Use in closed-source commercial products
  • Run in commercial CI systems
  • Priority support and source access
  • Admin UI for tokens and workers
Talk to sales

Enterprise

Talk to sales

Private deployments with custom infrastructure and dedicated support.

  • BrowserQL, stealth & session recording
  • GPU-enabled instances
  • Custom datacenter locations & providers
  • SSO, user roles, and SLAs
  • Dedicated technical account manager
Contact sales

What the cloud handles for you

A few managed conveniences are cloud-only. If you need them on a self-hosted deployment, here's how each one maps.

Managed residential proxies
The cloud's proxy options use Browserless-managed vendors. Self-hosted brings your own proxy server, set per request via launch args or BQL. We also sell proxy access to self-hosted customers.
Hosted dashboard and metrics
The account dashboard isn't part of the self-hosted image. Track sessions through the local /metrics endpoint, or export to any OTLP-compatible backend with OpenTelemetry.
Regional load balancing
The cloud routes across San Francisco, London, and Amsterdam. Self-hosted runs on the hosts and regions you choose, with NGINX or your own load balancer in front.

Everything the cloud does, in your stack

The self-hosted container is the same runtime we operate in production, not a stripped-down build.

Every major browser
The multi-browser image ships Chrome, Chromium, Firefox, WebKit, and Edge. Pull a single-browser image when you only need one.
Observability built in
OpenTelemetry traces and metrics, structured logs, and a live debugger so you can see what every session is doing in your own stack.
Scale on your terms
Set concurrency limits, queueing behavior, and timeouts. Put NGINX or your own load balancer in front to scale horizontally.
GPU acceleration
Render WebGL, WebGPU, video, and animation-heavy pages fast. GPU-enabled infrastructure is available on Enterprise private deployments and licensed self-hosting.
Same APIs as the cloud
Puppeteer and Playwright over WebSocket and the REST APIs use the same paths as the cloud; the licensed Enterprise image adds BrowserQL. Move between cloud and self-hosted without rewrites.
Extendable codebase
Build on the base image to add custom fonts, packages, npm modules, and your own routes, or fork the open-source core under a commercial license.

How much hardware does it take?

Each container runs one or more Chromium processes. Scale out by adding containers behind a load balancer rather than pushing concurrency on a single host.

Light

5 to 10 concurrent sessions

2 CPU · 4 GB RAM

Medium

10 to 20 concurrent sessions

4 CPU · 8 GB RAM

Heavy

20 to 50 concurrent sessions

8+ CPU · 16+ GB RAM
Production best practices

You control the upgrade path

Pin to a specific image version for production stability and upgrade on your own schedule when a new version ships.

# Pin to a version for reproducible deploys
docker pull \
  registry.browserless.io/browserless/browserless/enterprise:2.3.0

Enterprise customers get email notice on new releases and a test environment to validate integrations before production rollout.

Security & compliance

Built to pass a security review

Self-hosting puts the controls in your hands. Here's what that means in practice.

Your data stays in your network

Self-hosted sessions run inside infrastructure you own. Browserless has no access to the pages, screenshots, or data your sessions produce.

Role-based access control

Issue per-team tokens with admin, developer, viewer, or public roles. Tokens persist to disk and survive container restarts.

Network isolation

Run behind a reverse proxy, disable unused features like ALLOW_GET, ALLOW_FILE_PROTOCOL, and ENABLE_CORS, and mount keys and tokens with Docker secrets.

Audit-ready compliance

SOC 2 Type II report, DPA, and HIPAA BAA available for enterprise deployments on request.

SOC 2 Type IIGDPRHIPAA BAADPA available
Visit the Trust Center

Self-hosting questions, answered

Is self-hosting Browserless free?

The open-source Docker image is free under SSPL-1.0 and a good fit for open-source projects, prototyping, and evaluation. Building a closed-source commercial product, or running it in a closed-source CI system, requires a commercial license.

What is the difference between the open-source and licensed builds?

The open-source image includes Puppeteer, Playwright, and the REST APIs. A commercial license adds the right to run in closed-source commercial and CI environments, priority support, source access to fork and modify, and an admin UI. The Enterprise image adds BrowserQL, stealth, and session recording, plus GPU support, custom infrastructure, SSO, SLAs, and a dedicated technical account manager.

What is the difference between self-hosted Docker and Private Deployment?

Both use the same Enterprise image and the same APIs. With self-hosted Docker, you manage infrastructure, scaling, and updates. With Private Deployment, Browserless runs dedicated VMs for you with a managed dashboard, fleet operations, and load balancing. Choose self-hosted for data-residency or air-gapped needs; choose Private Deployment for enterprise-grade infrastructure you don't operate.

Can I run Browserless behind a firewall or in an air-gapped network?

Yes. The Enterprise Docker image is built for data-sovereignty, network-isolated, and air-gapped environments, and the open-source image runs with no outbound dependency on our cloud. For a fully offline licensed deployment, confirm license-activation options with our team.

Do you see my data when I self-host?

No. Self-hosted containers run entirely in your network. The pages, screenshots, and scraped data your sessions produce never leave your infrastructure.

Do you support GPU-enabled deployments?

Yes. GPU-enabled infrastructure is available with Enterprise private deployments and licensed self-hosting, for faster rendering of WebGL, WebGPU, video, and animation-heavy pages.

Are the cloud and self-hosted APIs the same?

The open-source image covers Puppeteer, Playwright, and the REST APIs. The licensed Enterprise image adds BrowserQL and stealth, so its endpoints are identical to the cloud and you can move between them without rewriting your automation.

Run Browserless in your own environment.

Tell us about your infrastructure and compliance requirements, and we'll help you stand up a self-hosted deployment.

Read the docs