HTTPS redirects with openvpn on port 443

I am hosting an openvpn server on port 443 to bypass strict firewalls, so I had to move all my caddy sites to port :444, then use openvpns traffic pass through to pass all non-vpn traffic from port 443 to port 444 on local host. This works perfectly fine, except when somebody tries to access a http site, it redirects them to port :444 instead of :443, resulting in an ugly URL. What is the simplest way to make this redirect to the right port with minimal config changes? (My config is already 400 lines long…)

If you are using Automatic HTTPS, you’ll need to override its default behaviour for the :80 site by defining an explicit vhost. I haven’t tested it but you might be able to get away with a single catch-all:

:80 {
    redir https://{host}{uri} # :443 should be implicit

Otherwise you’ll need to write one for each site (i.e.,, etc).

If you run Caddy in a container you might instead be able to write all it’s configuration to target :443 as normal, but wire it up to :444 on the host, with Caddy none the wiser. This would be the solution with the absolute minimum (zero) extra configuration.


Thanks for your reply. Unfortunately the catch-all did not work. Since writing one for each site would probably get annnoying (as well as explicitly defining :444 a lot), I’ll look into running Caddy in a container. That sounds like a much more managable solution altogether. Thanks!

No worries. I run Caddy almost exclusively in Docker, so if you go that route and have any questions, I’ll probably be able to help.

It seems I can’t install Docker on my server since it’s running OpenVZ 6, thus it’s running kernel 2.6 - are there any alternative ways I can do this? The only thing I have in mind right now is an LD_PRELOAD hack which overrides the port bind() uses, which is generally my solution for this kind of problem.

I’m not familiar with OpenVZ, but isn’t that a container host anyway? If it doesn’t have internal networking features like Docker does, is adding a VM with a newer version of Linux possible?

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.