1. Caddy version (caddy version
):
2.2.1
2. How I run Caddy:
a. System environment:
Ubuntu 20
b. Command:
systemctl
c. Service/unit/compose file:
d. My complete Caddyfile or JSON config:
*.mydomain.com:443 {
reverse_proxy 127.0.0.1:4567 {
header_up Host {http.reverse_proxy.upstream.hostport}
header_up X-Real-IP {http.reverse-proxy.upstream.address}
header_up X-Forwarded-Port {http.request.port}
header_up X-Forwarded-Host {http.request.host}
}
tls me@mydomain.com {
on_demand
}
log {
output file /var/log/caddy/access.log
}
}
3. The problem I’m having:
Caddy is working and reverse proxying the way I want it. However, I am seeing bots hit my server making requests for multi-level subdomains such as blog.store.something.mydomain.com
. This is causing Caddy to provision certificates each time one of these requests hits my server, and I’m starting to hit LetsEncrypt rate limits
Is it possible to somehow configure Caddy to reject anything other than single subdomains (i.e. blog.mydomain.com) or the root domain so that all these requests hit my wildcard cert?
Thanks.