I’m trying to move my website to caddy, but some paths on my site need to be accesible over http, not https
for example i want requests to Home - Ownwebsite were serverd over http and not automatically redirected to https://mywebsite.com/api
Are there any options to disable TLS not for whole site, but only for some paths on it?
You can describe the http:// version of the site in the Caddyfile, which will disable the auto redirects, and then set up only the redirects you want.
Thanks. Will give this aproach a try.
btw thank you for this whole project.
Is it worth exploring why you need some paths (particuarily api) to be http? There really should be no reason to use http rather than https.
Perhaps there is an alternative solution to your issue?
Long story short - Backward compatibility
I’m not sure if this is your issue, but I had to call an api from a webhost that didnt work with the latest TLS when calling file_get_contents or curl from php .
the following in my caddy file solved the issue.
protocols tls1.0 tls1.2
This tells caddy to offer earlier versions of TLS rather than just the latest. This is worth a try at least.
This is what I used when I set up a small website for temporary image sharing (a la imgur), I wanted to set it up to use with ShareX but the program does not like newer protocols.
I’m also facing the same issue as one of my instrumented application is using Prometheus. Prometheus can get the metrics using TLS, but it leaks file descriptors, making it unstable (like, it’s eating file descriptors like M&Ms). So I would like to have a single endpoint
/metrics to be served over HTTP and not HTTPS. Is that possible ? Or not ?
My need is not to disable HTTPS for said endpoint, but to disable auto-redirect, so Prometheus can fetch the data.
Thanks a bunch
(Related Prometheus issue : Too many open files (established connections to same nodes) · Issue #1873 · prometheus/prometheus · GitHub)
Including a separate configuration for
http://your.domain.com/metrics in your Caddyfile will cause Caddy to use the more specific configuration block over the generic
Requests to https:// will still go to the generic block, because it won’t match the http:// of the specific block.
# http-only config
Thanks a lot, I’ll give that a try
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.