1. The problem I’m having:
I have added the security headers using header directive but it returns duplicate headers in the response
2. Error messages and/or full log output:
Sep 27 06:26:47 ip-172-31-29-58 caddy[27841]: {"level":"info","ts":1695796007.5262256,"logger":"admin.api","msg":"load complete"}Sep 27 06:26:47 ip-172-31-29-58 caddy[27841]: {"level":"info","ts":1695796007.5274124,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}Sep 27 06:26:47 ip-172-31-29-58 caddy[27841]: {"level":"info","ts":1695796007.5321293,"logger":"tls","msg":"finished cleaning storage units"}
Sep 27 06:43:52 ip-172-31-29-58 caddy[27841]: {"level":"info","ts":1695797032.481661,"logger":"admin.api","msg":"received request","method":"POST","host":"localhost:2019","uri":"/load","remote_ip":"127.0.0.1","remote_port":"60336","headers":{"Accept-Encoding":["gzip"],"Content-Length":["772"],"Content-Type":["application/json"],"Origin":["http://localhost:2019"],"User-Agent":["Go-http-client/1.1"]}}Sep 27 06:43:52 ip-172-31-29-58 caddy[27841]: {"level":"info","ts":1695797032.4826548,"logger":"admin","msg":"admin endpoint started","address":"localhost:2019","enforce_origin":false,"origins":["//localhost:2019","//[::1]:2019","//127.0.0.1:2019"]}
Sep 27 06:43:52 ip-172-31-29-58 caddy[27841]: {"level":"info","ts":1695797032.4828293,"logger":"http.auto_https","msg":"server is listening only on the HTTPS port but has no TLS connection policies; adding one to enable TLS","server_name":"srv1","https_port":443}
Sep 27 06:43:52 ip-172-31-29-58 caddy[27841]: {"level":"info","ts":1695797032.4828403,"logger":"http.auto_https","msg":"enabling automatic HTTP->HTTPS redirects","server_name":"srv1"}
Sep 27 06:43:52 ip-172-31-29-58 caddy[27841]: {"level":"info","ts":1695797032.4832327,"logger":"http.log","msg":"server running","name":"srv0","protocols":["h1","h2","h3"]}Sep 27 06:43:52 ip-172-31-29-58 caddy[27841]: {"level":"info","ts":1695797032.4832656,"logger":"http","msg":"enabling HTTP/3 listener","addr":":443"}
Sep 27 06:43:52 ip-172-31-29-58 caddy[27841]: {"level":"info","ts":1695797032.4832807,"logger":"http.log","msg":"server running","name":"srv1","protocols":["h1","h2","h3"]}
Sep 27 06:43:52 ip-172-31-29-58 caddy[27841]: {"level":"info","ts":1695797032.4833286,"logger":"http.log","msg":"server running","name":"remaining_auto_https_redirects","protocols":["h1","h2","h3"]}
Sep 27 06:43:52 ip-172-31-29-58 caddy[27841]: {"level":"info","ts":1695797032.4833393,"logger":"http","msg":"servers shutting down with eternal grace period"}
Sep 27 06:43:52 ip-172-31-29-58 caddy[27841]: {"level":"info","ts":1695797032.4835587,"msg":"autosaved config (load with --resume flag)","file":"/var/lib/caddy/.config/caddy/autosave.json"}
Sep 27 06:43:52 ip-172-31-29-58 caddy[27841]: {"level":"info","ts":1695797032.4838135,"logger":"admin.api","msg":"load complete"}
Sep 27 06:43:52 ip-172-31-29-58 caddy[27841]: {"level":"info","ts":1695797032.484844,"logger":"admin","msg":"stopped previous server","address":"localhost:2019"}
3. Caddy version:
v2.7.4 h1:J8nisjdOxnYHXlorUKXY75Gr6iBfudfoGhrJ8t7/flI=
4. How I installed and ran Caddy:
a. System environment: Ubuntu 22.04 (Linux)
b. Command:
caddy adapt
caddy reload
c. Service/unit/compose file:
PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.
d. My complete Caddy config:
{
email anuj.sharma@example.io
on_demand_tls {
ask https://webhook.site/69c70c2e-818d-4c9d-940e-43daaed3c0c9
}
}
http://:2020 {
handle {
metrics
}
}
:443 {
reverse_proxy {
to my-app-load-balancer-238723482.us-west-2.elb.amazonaws.com
}
tls {
on_demand
}
header {
# Response Headers
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-XSS-Protection "1; mode=block"
Referrer-Policy no-referrer-when-downgrade
}
}