Having the dreaded to many redirects error, when accessing website, via Cloudflare / Caddy

Help
1

1. The problem I’m having:

I’m trying to set up Caddy to act as a reverse proxy for my home lab. I have Cloudflare working as DNS etc and have configured a tunnel to my lab.

If I set the public host name to go directly to the IP of one of my home lab hosts. It works fine.
If I change the destination to be the IP listed in my Caddyfile, it fails with a too many redirects error.

2. Error messages and/or full log output:

'''
* Connection #1 to host 1.littlei.net left intact
* Issue another request to this URL: 'https://1.littlei.net/'
* Found bundle for host: 0x5aa1c8e49bc0 [can multiplex]
* Re-using existing connection #1 with host 1.littlei.net
* h2h3 [:method: GET]
* h2h3 [:path: /]
* h2h3 [:scheme: https]
* h2h3 [:authority: 1.littlei.net]
* h2h3 [user-agent: curl/7.88.1]
* h2h3 [accept: */*]
* Using Stream ID: 99 (easy handle 0x5aa1c8e507a0)
> GET / HTTP/2
> Host: 1.littlei.net
> user-agent: curl/7.88.1
> accept: */*
> 
< HTTP/2 308 
< date: Thu, 07 Aug 2025 15:28:29 GMT
< content-length: 0
< location: https://1.littlei.net/
< server: cloudflare
< cf-cache-status: DYNAMIC
< nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
< report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ScpN2bvVXVieDE%2FnaSgN9Wq3f4OZemNtJiOUwGDoN6R28ncp3BTYbCoVYxZYHl0tXHBiZp22NZwyk2%2BFv4naPYRTSBXrJwyaoADwY2dzbFaMY%2Fj1o7hj1Xk%3D"}]}
< cf-ray: 96b7cdd579d49445-LHR
< alt-svc: h3=":443"; ma=86400
< 
* Connection #1 to host 1.littlei.net left intact
* Maximum (50) redirects followed
curl: (47) Maximum (50) redirects followed
'''

3. Caddy version:

‘’’
v2.10.0 h1:fonubSaQKF1YANl8TXqGcn4IbIRUDdfAkpcsfI/vX5U=
‘’’

4. How I installed and ran Caddy:

‘’‘Proxmox LXC container, using this script: Proxmox VE Helper-Scripts
‘’’

a. System environment:

‘’’
Debian GNU/Linux 12 (bookworm)
‘’’

b. Command:

'''
systemctl start caddy
'''

c. Service/unit/compose file:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

d. My complete Caddy config:

‘’’
{

debug

}

:80 {

\# Set this path to your site's directory.

root \* /usr/share/caddy



\# Enable the static file server.

file_server



\# Another common task is to set up a reverse proxy:

\# reverse_proxy localhost:8080



\# Or serve a PHP site through php-fpm:

\# php_fastcgi localhost:9000

}

1.littlei.net {

    reverse_proxy 192.168.1.2:7575

}

(cloudflare) {

tls {

    dns cloudflare REDACTED

}

}
‘’’

2

I’m not sure I follow:

Right now 1.littlei.net points to Cloudflare. Can you share how your Cloudflare setup is configured? Specifically, where is Cloudflare forwarding the traffic?

It looks like Cloudflare is sending traffic to Caddy on port 80 (HTTP), and Caddy is replying with an HTTP 308 redirect to HTTPS, causing a redirect loop. But that’s just my guess.

If that’s not the case, can you run these commands and share the output? Replace CADDY_IP with the actual IP address of your Caddy server.

curl -v http://CADDY_IP -H 'Host: 1.littlei.net'

curl -kv --resolve 1.littlei.net:443:CADDY_IP https://1.littlei.net

curl -kv http://192.168.1.2:7575

curl -kv http://192.168.1.2:7575 -H 'Host: 1.littlei.net'
3

[quote=“timelordx, post:2, topic:31718”]
I’m not sure I follow:

Thank you for your quick reply.

I have a Cloudflare ZeroTrust - tunnel to my network, with the tunnel configured so 1,littlei.net sends to the service http://192.168.1.12
Where 192.168.1.12 is the Caddy server address.

Please see the outputs from the commands requested below…

curl -v http://CADDY_IP -H 'Host: 1.littlei.net'
*   Trying 192.168.1.12:80...
* Connected to 192.168.1.12 (192.168.1.12) port 80 (#0)
> GET / HTTP/1.1
> Host: 1.littlei.net
> User-Agent: curl/7.88.1
> Accept: */*
> 
< HTTP/1.1 308 Permanent Redirect
< Connection: close
< Location: https://1.littlei.net/
< Server: Caddy
< Date: Thu, 07 Aug 2025 17:52:41 GMT
< Content-Length: 0
< 
* Closing connection 0

curl -kv --resolve 1.littlei.net:443:CADDY_IP https://1.littlei.net

Appears to load page, so I truncated:
<!DOCTYPE html><html lang="en" dir="ltr" data-mantine-color-scheme="light" style="background-color:#fff"><head><meta charSet="utf-8"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="stylesheet" href="/_next/static/css/13abc5ec985de876.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/3859ea73788a225a.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/f39bbcca36ea4634.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/aced34c837d5fd68.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/95692cc64752492d.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/56b9c1f313681412.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/ae110469aab9e883.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/b6d4b690c76388c2.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/84fe0a4fea8e66ee.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/94a889515b37775a.css" data-precedence="next"/><link rel="preload" as="script" fetchPriority="low" href="/_next/static/chunks/webpack-43ad69805d1c7115.js"/><script src="/_next/static/chunks/87c73c54-095cf9a90cf9ee03.js" async=""></


curl -kv http://192.168.1.2:7575
Appears to load page, so I truncated;
<!DOCTYPE html><html lang="en" dir="ltr" data-mantine-color-scheme="light" style="background-color:#fff"><head><meta charSet="utf-8"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="stylesheet" href="/_next/static/css/13abc5ec985de876.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/3859ea73788a225a.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/f39bbcca36ea4634.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/aced34c837d5fd68.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/95692cc64752492d.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/56b9c1f313681412.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/ae110469aab9e883.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/b6d4b690c76388c2.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/84fe0a4fea8e66ee.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/94a889515b37775a.css" data-precedence="next"/><link rel="preload" as="script" fetchPriority="low" href="/_next/static/chunks/webpack-43ad69805d1c7115.js"/><script src="/_next/static/chunks/87c73c54-095cf9a90cf9ee03.js" async=""></script><script src="/_next/static/chunks/1902-f4f84d3466eb8d40.js" async=""></script><script src="/_next/static/chunks/main-app-99550efae82aa43d.js" async=""></script><script src="/_next/static/chunks/8bb4d8db-a7b494cfb70058a8.js" async=""></script><script src="/_next/static/chunks/26839335-b0857c926c72402c.js" async=""></script><script src="/_next/static/chunks/2849449d-4ae1115880821341.js" async=""></script><script src="/_next/static/chunks/


curl -kv http://192.168.1.2:7575 -H 'Host: 1.littlei.net'
Appears to load page, so I truncated:

<!DOCTYPE html><html lang="en" dir="ltr" data-mantine-color-scheme="light" style="background-color:#fff"><head><meta charSet="utf-8"/><meta name="viewport" content="width=device-width, initial-scale=1"/><link rel="stylesheet" href="/_next/static/css/13abc5ec985de876.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/3859ea73788a225a.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/f39bbcca36ea4634.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/aced34c837d5fd68.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/95692cc64752492d.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/56b9c1f313681412.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/ae110469aab9e883.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/b6d4b690c76388c2.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/84fe0a4fea8e66ee.css" data-precedence="next"/><link rel="stylesheet" href="/_next/static/css/94a889515b37775a.css" data-precedence="next"/><link rel="preload" as="script" fetchPriority="low" href="/_next/static/chunks/webpack-43ad69805d1c7115.js"/><script src="/_next/static/chunks/87c73c54-095cf9a90cf9ee03.js" async=""></script><script src="/_next/static/chunks/1902-f4f84d3466eb8d40.js" async=""></script><script src="/_next/static/chunks/main-app-99550efae82aa43d.js" async=""></script><script src="/_next/static/chunks/8bb4d8db-a7b494cfb70058a8.js" async=""></script><script src="/_next/static/chunks/26839335-b0857c926c72402c.js" async=""></script><script src="/_next/static/chunks/2849449d-4ae1115880821341.js" async=""></script><script src="/_next/static/chunks/891cff7f-52a743e230421788.js" async=""></script><script src="/_next/static/chunks/5685-120d7370f9d94910.js" async=""></script><script src="/_next/static/chunks/8997-e1077ccbed137855.js" async=""></script><script src="/_next/static/chunks/9376-d0873770c8e71727.js" async=""></script><script src="/_next/static/chunks/405-cabab200036fe9a8.js" async=""></script><script src="/_next/static/chunks/7099-cb39501987572f33.js" async=""></script><script src="/_next/static/chunks/7261-60db2bf16291c2ea.js" async=""></script><script src="/_next/static/chunks/8990-378ad71ef6f9402b.js" async=""></script><script src="/_next/static/chunks/8210-10643170285a595e.js" async=""></script><script src="/_next/static/chunks/3115-34535618e2e7b48f.js" async=""></script><script src="/_next/static/chunks/6813-d5cd4a576ebea220.js" async=""></script><script src="/_next/static/chunks/3624-1fd3513ac470b86d.js" async=""></script><script src="/_next/static/
1 Like
4

Thank you for the details. That confirms what I thought:

Cloudflare sends traffic to Caddy’s HTTP port, http://192.168.1.12, which Caddy then automatically redirects to HTTPS (Caddy’s default behaviour).

You can do one of the following:

1/ Either update your Caddy global options, and change it from this:

{
    debug
}

to this:

{
    debug
    auto_https disable_redirects
}

2/ Or change this:

1.littlei.net {
    reverse_proxy 192.168.1.2:7575
}

to this:

http://1.littlei.net {
    reverse_proxy 192.168.1.2:7575
}

For more details:

5

[quote=“timelordx, post:4, topic:31718, full:true”]

Thank you for your help, I did this:

http://1.littlei.net {
    reverse_proxy 192.168.1.2:7575
}

I note that even though http is specified the link between Cloudflare and my lab is secured by a corticate. Which is great :slight_smile:

1 Like