IP Address in Caddy on_demand_tls

1. The problem I’m having:

I have a Caddy server that hosts various domains. The host information is stored in the database and verified by the API within the on_demand_tls request of the Caddyfile. However, I’ve noticed that my site receives a lot of invalid requests, and I want to ban the IPs. The challenge is that I’m unable to retrieve the IP addresses. How can I achieve this?

2. Error messages and/or full log output:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

3. Caddy version:

4. How I installed and ran Caddy:

a. System environment:

b. Command:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

c. Service/unit/compose file:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

d. My complete Caddy config:

{	
	log default {
		output file /var/log/caddy/access.log {
			roll_size 1gb
			roll_keep 10
			roll_keep_for 720h
		}
	}
	on_demand_tls {
			ask http://localhost:3000/check-domain 
			interval 2m
			burst 5
	}
}

https:// {
	root * /var/[mysite]
	file_server
	try_files {path} /
   	tls [myemail] {
      		on_demand
      }
	log
	header {
		X-Real-IP {remote}
		X-Forwarded-For {remote}
	}
}

5. Links to relevant resources:

See this issue:

You can get it from debug logs:

	logger.Debug("response from ask endpoint",
		zap.String("client_ip", clientIP),
1 Like

Thanks, it’s work!

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.