Restrict IP access using remote_ip with reverse_proxy

1. Caddy version (caddy version):

v2.3.0 h1:fnrqJLa3G5vfxcxmOH/+kJOcunPLhSBnjgIvjXV/QTA=

2. How I run Caddy:

a. System environment:

Win Server 2019

b. Command:

C:\caddy2> caddy run --watch

c. Service/unit/compose file:


d. My complete Caddyfile or JSON config:

(add_custom_ssl_certificate) {
	tls C:\caddy2\ssl\star_imperial_edu_2022-2023.crt C:\caddy2\ssl\star_imperial_edu_2022-2023.key

(add_logging_with_path) {
	log {
		output file "{args.0}" {
			roll_size 100mb
			roll_keep 5
			roll_keep_for 720h
		format json
		#format console
		#format single_field common_log
} {  
	# Imports:
	import add_custom_ssl_certificate
	import add_logging_with_path "C:\caddy2\logs\appnavt_imperial_edu_access.log"

3. The problem I’m having:

I want to restrict access to to certain set of public IP addresses using remote_ip.
Where and how does remote_ip get coded for reverse_proxy shown? How to debug IP’s that are being filtered or allowed?

That’s a pretty old version. Please upgrade to v2.5.1.

Define a named matcher, then apply it to a handler to do something with it.

Maybe something like this: {
	@allowed remote_ip
	handle @allowed {
		reverse_proxy myapp:8080

	# Fallback for otherwise not matched handles
	handle {

I don’t understand the question.

Check your logs.


The example you provided showing layout using remote_ip with reverse_proxy is what I was looking for. Thank you

1 Like

This topic was automatically closed after 30 days. New replies are no longer allowed.