1、 caddy debug is enabled, and logs as this:
May 29 09:47:18 ecs-99f5 caddy[1610852]: {"level":"debug","ts":1685324838.323505,"logger":"http.handlers.rewrite","msg":"rewrote request","request":{"remote_ip":"120.46.167.42","remote_port":"58016","proto":"HTTP/2.0","method":"GET","host":"mapchang.com","uri":"/2d/api/User/Info","headers":{"User-Agent":["curl/7.68.0"],"Accept":["*/*"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"mapchang.com"}},"method":"GET","uri":"/User/Info"}
May 29 09:47:18 ecs-99f5 caddy[1610852]: {"level":"debug","ts":1685324838.323542,"logger":"http.handlers.rewrite","msg":"rewrote request","request":{"remote_ip":"120.46.167.42","remote_port":"58016","proto":"HTTP/2.0","method":"GET","host":"mapchang.com","uri":"/User/Info","headers":{"User-Agent":["curl/7.68.0"],"Accept":["*/*"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"mapchang.com"}},"method":"GET","uri":"/api/User/Info"}
May 29 09:47:18 ecs-99f5 caddy[1610852]: {"level":"debug","ts":1685324838.3235888,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"127.0.0.1:3030","total_upstreams":1}
May 29 09:47:18 ecs-99f5 caddy[1610852]: {"level":"debug","ts":1685324838.3253257,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"127.0.0.1:3030","duration":0.001705843,"request":{"remote_ip":"120.46.167.42","remote_port":"58016","proto":"HTTP/2.0","method":"GET","host":"mapchang.com","uri":"/api/User/Info","headers":{"User-Agent":["curl/7.68.0"],"Accept":["*/*"],"X-Forwarded-For":["120.46.167.42"],"X-Forwarded-Proto":["https"],"X-Forwarded-Host":["mapchang.com"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"h2","server_name":"mapchang.com"}},"headers":{"Expires":["Thu, 01 Jan 1970 00:00:00 GMT"],"X-Content-Type-Options":["nosniff"],"Content-Length":["48"],"Cache-Control":["no-cache, no-store, max-age=0, must-revalidate, value"],"Content-Type":["application/json; charset=utf-8"],"X-Frame-Options":["DENY"],"X-Request-Id":["403ec2cb-82fd-4994-b697-5d0cff0caed2"],"X-Xss-Protection":["1; mode=block"],"Date":["Mon, 29 May 2023 01:47:18 GMT"],"Access-Control-Allow-Origin":["*"],"Last-Modified":["Mon, 29 May 2023 01:47:18 GMT"]},"status":401}
May 29 09:47:21 ecs-99f5 caddy[1610852]: {"level":"debug","ts":1685324841.1521153,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"127.0.0.1:3030","total_upstreams":1}
May 29 09:47:23 ecs-99f5 caddy[1610852]: {"level":"debug","ts":1685324843.9803813,"logger":"http.handlers.rewrite","msg":"rewrote request","request":{"remote_ip":"120.46.167.42","remote_port":"41160","proto":"HTTP/1.1","method":"GET","host":"mapchang.com","uri":"/2d/api/User/Info","headers":{"User-Agent":["curl/7.68.0"],"Accept":["*/*"]}},"method":"GET","uri":"/api/User/Info"}
May 29 09:47:23 ecs-99f5 caddy[1610852]: {"level":"debug","ts":1685324843.9804761,"logger":"http.handlers.file_server","msg":"sanitized path join","site_root":"/dist","request_path":"/api/User/Info","result":"/dist/api/User/Info"}
May 29 09:47:23 ecs-99f5 caddy[1610852]: {"level":"debug","ts":1685324843.9805243,"logger":"http.log.error","msg":"{id=1zef63n3j} fileserver.(*FileServer).notFound (staticfiles.go:601): HTTP 404","request":{"remote_ip":"120.46.167.42","remote_port":"41160","proto":"HTTP/1.1","method":"GET","host":"mapchang.com","uri":"/2d/api/User/Info","headers":{"User-Agent":["curl/7.68.0"],"Accept":["*/*"]}},"duration":0.000218108,"status":404,"err_id":"1zef63n3j","err_trace":"fileserver.(*FileServer).notFound (staticfiles.go:601)"}
I request 2 times。 first use https, and second with http.
For the first request , it’s proxied to 127.0.0.1:3030, and it’s right.
For the second request, it’s matched to "handle_path /2d/* ", and respond with 404, for /dist has no resources with path /api/User/Info
And curl -v result as follows:
with https:
* Trying 121.36.14.85:443...
* TCP_NODELAY set
* Connected to mapchang.com (121.36.14.85) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN, server accepted to use h2
* Server certificate:
* subject: CN=mapchang.com
* start date: May 4 22:54:26 2023 GMT
* expire date: Aug 2 22:54:25 2023 GMT
* subjectAltName: host "mapchang.com" matched cert's "mapchang.com"
* issuer: C=US; O=Let's Encrypt; CN=R3
* SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Using Stream ID: 1 (easy handle 0x55d0e9775e30)
> GET /2d/api/User/Info HTTP/2
> Host: mapchang.com
> user-agent: curl/7.68.0
> accept: */*
>
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* Connection state changed (MAX_CONCURRENT_STREAMS == 250)!
< HTTP/2 401
< access-control-allow-credentials: true
< access-control-allow-headers: Auth-Token,Content-Type,Access-Token
< access-control-allow-origin: *
< alt-svc: h3=":443"; ma=2592000
< cache-control: no-cache, no-store, max-age=0, must-revalidate, value
< content-type: application/json; charset=utf-8
< date: Mon, 29 May 2023 01:47:18 GMT
< expires: Thu, 01 Jan 1970 00:00:00 GMT
< last-modified: Mon, 29 May 2023 01:47:18 GMT
< server: Caddy
< x-content-type-options: nosniff
< x-frame-options: DENY
< x-request-id: 403ec2cb-82fd-4994-b697-5d0cff0caed2
< x-xss-protection: 1; mode=block
< content-length: 48
<
* Connection #0 to host mapchang.com left intact
{"code":100202,"message":"Signature is invalid"}
and with http:
* Trying 121.36.14.85:80...
* TCP_NODELAY set
* Connected to mapchang.com (121.36.14.85) port 80 (#0)
> GET /2d/api/User/Info HTTP/1.1
> Host: mapchang.com
> User-Agent: curl/7.68.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 404 Not Found
< Access-Control-Allow-Credentials: true
< Access-Control-Allow-Origin: *
< Server: Caddy
< Date: Mon, 29 May 2023 01:47:23 GMT
< Content-Length: 0
<
* Connection #0 to host mapchang.com left intact