Allow Connections Via Hostname Only


Using Caddy V2 as a reverse proxy, but I am noticing connections directly to the Public IP’s.

Is it possible to catch all connections to the IPs of the web servers and only allow the hostname (ie instead of serving/redirecting?

Hi @the_brains, welcome to the Caddy community!

Caddy won’t respond for a request to any hostname you haven’t configured, except to say it’s not serving that website.

Specifically, those requests to IP addresses will be answered with Status 404, with body content: 404 Site <IP ADDRESS> is not served on this interface. They don’t get redirected, or served anything else… Unless you configure Caddy with that IP address as an actual site label!

Test it for yourself - here I curl (which runs on Caddy v2) and ask firstly for it’s IP address, then no hostname in particular:

➜ curl -iH "Host:"
HTTP/1.1 404 Not Found
Content-Type: text/plain; charset=utf-8
Server: Caddy
X-Content-Type-Options: nosniff
Date: Wed, 29 Apr 2020 11:21:18 GMT
Content-Length: 56

404 Site is not served on this interface

➜ curl -iH "Host:"
HTTP/1.1 400 Bad Request: missing required Host header
Content-Type: text/plain; charset=utf-8
Connection: close

400 Bad Request: missing required Host header⏎

So we can see Caddy refusing to serve anything at all without a Host header, and essentially rejecting a request for the IP address.

Caddy will only serve your site configuration when the client requests the hostname you’ve specified for the site.


Thanks Matt, this makes sense. I have made changes to the Caddyfile and its working as required now. Appreciate your detailed response

1 Like

This topic was automatically closed after 180 days. New replies are no longer allowed.