How does caddy2 restrict ip access to specific anti-generation projects

How does caddy2 restrict ip access to specific anti-generation projects
I used caddy2 to reverse a project, the code is as follows
a.abc.com {
reverse_proxy localhost:12345
}
My current requirement is to allow only specific ip (eg: 160.125.0.25) to be able to access “a.abc.com” and port “12345”

Use the remote_ip matcher. You can pair it with the not matcher to invert the match, so like “match all requests except ones to this IP”.

Then use the matcher on a request handler, like abort, error or respond; up to you.

1 Like

thank you very much!
I tried the following code and got an error:
a.abc.com {
remote_ip ...
reverse_proxy localhost:12345
}
sorry! I’m not a professional programmer
Could you please give me an intuitive case:
URL: a.abc.com Reverse to port 12345
Only allow ip address 123.123.123.123 to access a.abc.com
Thanks!

Job for caddy.service failed because the control process exited with error code.
See “systemctl status caddy.service” and “journalctl -xe” for details.

Look at the syntax for request matching:

Make sure to review the Caddyfile concepts:

I think I know how to write
I need to customize an adapter
Adapt to the allowed ip, which may be like this:
a.abc.com {
@allow_ip {
remote_ip…
}
reverse_proxy @allow_ip localhost:12345
}
This will achieve my purpose
Although I don’t know how to write return error page
But it can be used
thanks

I have used the json format to configure caddy and there is it quite easy to configure a handler when the remote ip does not match.

You can see a example in this question.

You can configure caddy via api with the json file or add the -adapter jsonc to caddy and use the json as -config caddy.json

Here is the command for xcaddy to add the adapter

xcaddy build --with github.com/caddyserver/jsonc-adapter
# run caddy with json config
caddy run -adapter jsonc -config caddy.json