How to set up Caddy To Deny Serving Any Hostname?

Is there any way to set up Caddyfile to deny serving certain domain names such as the ask feature in on_demand_tls?

We’ll need more context here. Please fill out the help topic template.

Hello @francislavoie,
I am asking that if it’s possible to do any config for Caddy that will allow it to do a quick get request to check if it can serve this domain at the first level, while the handshake is ongoing for the first time, just like how on_demand_tls’ ask automation works.

It does a quick HTTP Get request to my endpoint, and if it’s 200 OK then it makes the cert and serves it, else any other status code will make it deny making the cert.

I don’t understand. How is that any different than on-demand? Isn’t on-demand exactly what you want?

Again, please fill out the help topic template (click New Topic for the “Help” category, then copy the template into this thread, and fill it out), it’ll help us better understand where you’re coming from. Without your config, version, etc, we have no context for your question.

1 Like

Ya, the on_demand_tls solves my problem a bit, but I am making a URL shortener service, so I need to turn off automatic HTTP redirects (as it adds some extra time to do the redirect) so, If I do that, any domain pointing to my server’s IP (in http://) would work and eat up some of my node JS resources if he does it many times. So how can block HTTP requests like on_demand_tls’ ask automation works

I guess it’s not related as I am asking a general question not related to my caddy instance, still, if you need it, I am giving that in the next reply

1. Caddy version (caddy version):

v2.3.0 h1:fnrqJLa3G5vfxcxmOH/+kJOcunPLhSBnjgIvjXV/QTA=

2. How I run Caddy:

a. System environment:

b. Command:

sudo systemctl start caddy

c. Service/unit/compose file:

d. My complete Caddyfile or JSON config:

# Caddyfile

:443 {
        tls {
        on_demand_tls {
                ask localhost:8888/askforcert
                interval 0
                burst 0

        reverse_proxy * localhost:8888

3. The problem I’m having:

I am having no problem, just asking if it is possible to set up caddy to deny serving any domain

4. Error messages and/or full log output:

No logs

5. What I already tried:

I tried to google it but didn’t find any results

6. Links to relevant resources:

These are global options, not site directives. They go in the global option block at the top of your config. Is that the piece you’re missing?


I will try that

This topic was automatically closed after 60 days. New replies are no longer allowed.