1. Caddy version (2.3.0
):
2. How I run Caddy:
using Docker
a. System environment:
Debian GNU/Linux 10 (buster)
containerd.io/buster,now 1.4.3-1 amd64
docker-ce-cli/buster,now 5:20.10.2~3-0~debian-buster amd64
docker-ce-rootless-extras/buster,now 5:20.10.2~3-0~debian-buster amd64
docker-ce/buster,now 5:20.10.2~3-0~debian-buster amd64
docker-compose/stable,now 1.21.0-3 all
b. Command:
from Dockerfile:
"/bin/parent" "caddy" "--conf" "/etc/Caddyfile" "--log" "stdout" "--agree=$ACME_AGREE"
c. Service/unit/compose file:
docker-compose.yml:
version: '3.3'
services:
caddy:
image: caddy:2-alpine
network_mode: host
ports:
- "80:80"
- "443:443"
volumes:
- "./Caddyfile:/etc/caddy/Caddyfile"
- "./caddy_data:/data"
- "./caddy_config:/config"
- "./public:/public:ro"
restart: unless-stopped
d. My complete Caddyfile or JSON config:
dns.my_domain.de {
respond /*overTimeData* 403
reverse_proxy localhost:10501 {
header_down Referrer-Policy "strict-origin-when-cross-origin"
header_down Strict-Transport-Security "max-age=15768000"
header_down X-Frame-Options "sameorigin"
}
redir / /admin 301
}
3. The problem I’m having:
I would like to block all query/request, which include overTimeData
.
But it is still possible to open https://dns.my_domain.de/admin/api.php?overTimeData10mins
4. Error messages and/or full log output:
no error message
5. What I already tried:
I have already try:
respond /forbidden/* 403|
rewrite /*overTimeData* /forbidden
and
respond /admin/forbidden/* 403|
rewrite /*overTimeData* /forbidden
instead of respond /*overTimeData* 403
.