Redirection with revers proxy

1. Caddy version (caddy version):


2. How I run Caddy:

I currently use reverse proxy for two internal services.

a. System environment:

raspbian - pi 4

b. Command:

c. Service/unit/compose file:

#Security headers for caddyfile
header /* {
    Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
    X-Xss-Protection "1; mode=block"
    X-Content-Type-Options "nosniff"
    X-Frame-Options "DENY"
    Content-Security-Policy "upgrade-insecure-requests"
    Referrer-Policy "strict-origin-when-cross-origin"
    Cache-Control "public, max-age=15, must-revalidate"
    Feature-Policy "accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'self'; camera 'none'; encrypted-media 'none'; fullscreen 'self'; geolocation 'none'; gyroscope 'none';       magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture *; speaker 'none'; sync-xhr 'none'; usb 'none'; vr 'none'"
    Server "No."

d. My complete Caddyfile or JSON config: {
        tls /home/user/Caddy/server.pem /home/user/Caddy/key.pem
                reverse_proxy /plex*
        reverse_proxy /tautulli*
        import /home/user/Caddy/caddy_security.conf

3. The problem I’m having:

I want to be able to redirect guests from my root to my reverse proxy /plex. Can I do this along with keeping the reverse proxy? If so, how?

4. Error messages and/or full log output:

5. What I already tried:

Looked at reference material about redirection rule but was uncertain about how to apply it in this situation.

6. Links to relevant resources:

You mean if they hit the root /, you want to redirect them to Plex?

Then yeah, just add this line:

redir / /plex

I strongly suggest using a subdomain for each service though.


Currently, I have the two sub-directories for the site. I’m assuming you advise to keep it that way for the services this way someone or something doesn’t just hit it by scanning the domain?

I’m not sure I follow your line of thinking, but:

Relying on hiding domains/paths from users for security is a losing battle.

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.