First I want to say thanks to all the folks that make Caddy possible! Before running into Caddy I tried several other solutions but I always ended in frustration and fruitless results. I am still amazed on how fast and easy it was to setup Caddy!
Now that setting up a reverse proxy doesn’t take up all my time and brain cells any more, I started to have some specific questions about reverse proxy in general.
When reading about reverse proxy and how to set them up, half of the time the endpoints behind the proxy (internal) are using TLS and the other half they don’t (http vs https). What are the pros and cons of both approaches? I guess if my LAN would be compromised, normal http traffic could be at risk? But since the config for https is not much more work, why not always use https internally?
Are there any other good practices to enhance security with Caddy besides using it as reverse proxy with https?
I though that I had to open and redirect port 80 in my firewall to Caddy. Due to an error I didn’t but everything seems to be working. Can that be?
I’ve noticed some setups on the internet that are cascading (Caddy) reverse proxy. What is the advantage of this?