Here is the content of the curl -v
yp@T450:~$ curl -v https://wp.thescrewball.co.uk
* Trying 123.123.123.241:443...
* TCP_NODELAY set
* Connected to wp.thescrewball.co.uk (123.123.123.241) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=wp.thescrewball.co.uk
* start date: Jul 24 18:35:57 2022 GMT
* expire date: Oct 22 18:35:56 2022 GMT
* subjectAltName: host "wp.thescrewball.co.uk" matched cert's "wp.thescrewball.co.uk"
* issuer: C=US; O=Let's Encrypt; CN=R3
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x56002b3112f0)
> GET / HTTP/2
> Host: wp.thescrewball.co.uk
> user-agent: curl/7.68.0
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* Connection state changed (MAX_CONCURRENT_STREAMS == 250)!
< HTTP/2 502
< server: Caddy
< content-length: 0
< date: Tue, 26 Jul 2022 05:48:00 GMT
<
* Connection #0 to host wp.thescrewball.co.uk left intact
And here is the content of the logs…
Jul 26 07:03:14 caddy caddy[253]: {"level":"debug","ts":1658815394.8902805,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"10.33.3.51:443","duration":3.000294223,"request":{"remote_ip":"10.33.3.1","remote_port":"37650","proto":"HTTP/2.0","method":"GET","host":"wp.thescrewball.co.uk","uri":"/favicon.ico","headers":{"Accept":["image/avif,image/webp,*/*"],"Sec-Fetch-Site":["same-origin"],"User-Agent":["Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0"],"Sec-Fetch-Mode":["no-cors"],"Te":["trailers"],"Referer":["https://wp.thescrewball.co.uk/"],"Sec-Gpc":["1"],"X-Forwarded-For":["10.33.3.1"],"Accept-Language":["en-GB,en;q=0.5"],"Cache-Control":["no-cache"],"Dnt":["1"],"Sec-Fetch-Dest":["image"],"Pragma":["no-cache"],"X-Forwarded-Proto":["https"],"Accept-Encoding":["gzip, deflate, br"],"Cookie":[],"X-Forwarded-Host":["wp.thescrewball.co.uk"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"wp.thescrewball.co.uk"}},"error":"dial tcp 10.33.3.51:443: i/o timeout"}
Jul 26 07:03:14 caddy caddy[253]: {"level":"error","ts":1658815394.8916583,"logger":"http.log.error.log9","msg":"dial tcp 10.33.3.51:443: i/o timeout","request":{"remote_ip":"10.33.3.1","remote_port":"37650","proto":"HTTP/2.0","method":"GET","host":"wp.thescrewball.co.uk","uri":"/favicon.ico","headers":{"Accept":["image/avif,image/webp,*/*"],"Accept-Language":["en-GB,en;q=0.5"],"Accept-Encoding":["gzip, deflate, br"],"Sec-Fetch-Site":["same-origin"],"User-Agent":["Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0"],"Referer":["https://wp.thescrewball.co.uk/"],"Cookie":[],"Sec-Gpc":["1"],"Cache-Control":["no-cache"],"Dnt":["1"],"Sec-Fetch-Dest":["image"],"Sec-Fetch-Mode":["no-cors"],"Pragma":["no-cache"],"Te":["trailers"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"wp.thescrewball.co.uk"}},"duration":3.002436888,"status":502,"err_id":"mzbkwhm2n","err_trace":"reverseproxy.statusError (reverseproxy.go:1196)"}
Thanks for taking the time to have a look at this.