New user - plex and jellyfin tips?

1. The problem I’m having:

New caddy user, recently migrated from nginx, looking for tips to improve my plex and jellyfin proxies (improve as in performance and security). Brief testing shows that both plex and jellyfin are accessible externally but not had the chance to thoroughly test yet. Can I improve security or turn off any buffering that caddy may do for example? Any other tips greatfully received :slight_smile:

A lot of other plex and jellyfin posts or 3rd party tutorials seem a few years old and related to caddy v1.

2. Error messages and/or full log output:

No errors

3. Caddy version:


4. How I installed and ran Caddy:

a. System environment:

Arch linux (LTS kernel), docker compose

c. compose file:

    image: caddy:latest
    container_name: caddy
    restart: always
    network_mode: host
    ports: #not needed as running in host mode, but here for completeness
      - "80:80"
      - "443:443"
      - "443:443/udp"
      - <redacted local path>/Caddyfile:/etc/caddy/Caddyfile
      - <redacted local path>:/data
      - <redacted local path>:/config

    external: true

d. My complete Caddy config:

Redacted Caddyfile:

	email <redacted>.com

px.<redacted>.com {
	encode gzip zstd
    header {
		Strict-Transport-Security max-age=31536000;
        X-Content-Type-Options nosniff
        X-Frame-Options DENY
        Referrer-Policy no-referrer-when-downgrade
        #X-XSS-Protection 1
		X-XSS-Protection "1; mode=block"
		Referrer-Policy "same-origin"
		Feature-Policy "self"
	reverse_proxy localhost:32400
	log {
		output file /config/px.log {
			roll_size 10MB
			roll_keep 5
			roll_keep_for 240h

jf.<redacted>.com {
	reverse_proxy localhost:8096

5. Links to relevant resources:


Caddy does not buffer by default.

Regarding security, just make sure you’re using strong passwords for your services. Your actual services are the most likely to be vulnerable.

Your config looks fine to me :+1:

1 Like

OK great, thank you :slight_smile:

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.