1. Output of caddy version
:
v2.6.1 h1:EDqo59TyYWhXQnfde93Mmv4FJfYe00dO60zMiEt+pzo=
2. How I run Caddy:
a. System environment:
Ubuntu 20.04, installed via apt
b. Command:
Caddy is run as systemd service
c. Service/unit/compose file:
I have not modified the provided systemd files
d. My complete Caddy config:
{
debug
}
(basic-auth) {
basicauth {
username password
}
}
deluge.example.com {
import basic-auth
reverse_proxy 192.168.1.200:8112
log {
output file /var/log/access.log
}
}
3. The problem I’m having:
Acessing deluge.example.com from (firefox/chrome) on my desktop and laptop is working fine as expected. The basic auth sign in form pops up and once the correct username and password are entered I can access the deluge webui.
If accessing from my mobile phone browser (firefox/chrome) I get the basic auth form again as expected. I enter the correct details, the form goes away and a few seconds later the form pops back up asking me to enter again. No matter how many times I enter the corect username and password I cannot access the deluge webui. This is the same result wether my phone is connected to the same network as the reverse proxy with WiFi or if its on its 4G mobile network.
I also tried connecting my desktop to my phones hotspot and basic auth works fine in both firefox & chrome. So it appears to be an issue with mobile phone browsers.
I also have other services that are reverse proxied and they all suffer from this issue.
4. Error messages and/or full log output:
Logs from desktop which authenticates and allows me access to the deluge webui
Oct 01 11:26:59 ubuntu caddy[1189]: {"level":"debug","ts":1664623619.0062397,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"192.168.1.200:8112","total_upstreams":1}
Oct 01 11:26:59 ubuntu caddy[1189]: {"level":"debug","ts":1664623619.0185022,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"192.168.1.200:8112","total_upstreams":1}
Oct 01 11:26:59 ubuntu caddy[1189]: {"level":"debug","ts":1664623619.0185022,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"192.168.1.200:8112","total_upstreams":1}
Oct 01 11:26:59 ubuntu caddy[1189]: {"level":"debug","ts":1664623619.044222,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"192.168.1.200:8112","total_upstreams":1}
Oct 01 11:26:59 ubuntu caddy[1189]: {"level":"debug","ts":1664623619.059607,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"192.168.1.200:8112","duration":0.053002472,"request":{"remote_ip":"195.99.37.194","remote_port":"54917","proto":"HTTP/3.0","method":"GET","host":"deluge.example.com","uri":"/render/tab_status.html","headers":{"Sec-Ch-Ua-Platform":["\"Windows\""],"Accept-Language":["en-GB,en-US;q=0.9,en;q=0.8"],"X-Forwarded-For":["195.99.37.194"],"X-Forwarded-Host":["deluge.example.com"],"X-Requested-With":["XMLHttpRequest"],"Accept":["*/*"],"Sec-Fetch-Mode":["cors"],"Authorization":[],"Referer":["https://deluge.example.com/"],"Sec-Ch-Ua-Mobile":["?0"],"X-Forwarded-Proto":["https"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"],"Sec-Fetch-Site":["same-origin"],"Accept-Encoding":["gzip, deflate, br"],"Sec-Ch-Ua":["\"Chromium\";v=\"106\", \"Google Chrome\";v=\"106\", \"Not;A=Brand\";v=\"99\""],"Sec-Fetch-Dest":["empty"]},"tls":{"resumed":false,"version":0,"cipher_suite":0,"proto":"","server_name":""}},"headers":{"Content-Type":["text/html"],"Server":["TwistedWeb"],"Date":["Sat, 01 Oct 2022 11:26:59 GMT"],"Content-Encoding":["gzip"]},"status":200}
Oct 01 11:26:59 ubuntu caddy[1189]: {"level":"debug","ts":1664623619.0597513,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"192.168.1.200:8112","duration":0.040893733,"request":{"remote_ip":"195.99.37.194","remote_port":"54917","proto":"HTTP/3.0","method":"POST","host":"deluge.example.com","uri":"/json","headers":{"Origin":["https://deluge.example.com"],"Content-Type":["application/json"],"Sec-Fetch-Dest":["empty"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"],"X-Forwarded-Proto":["https"],"Accept-Language":["en-GB,en-US;q=0.9,en;q=0.8"],"Authorization":[],"Accept":["*/*"],"Sec-Ch-Ua-Platform":["\"Windows\""],"Accept-Encoding":["gzip, deflate, br"],"Sec-Fetch-Mode":["cors"],"Sec-Ch-Ua":["\"Chromium\";v=\"106\", \"Google Chrome\";v=\"106\", \"Not;A=Brand\";v=\"99\""],"X-Forwarded-Host":["deluge.example.com"],"X-Forwarded-For":["195.99.37.194"],"Sec-Ch-Ua-Mobile":["?0"],"Referer":["https://deluge.example.com/"],"Sec-Fetch-Site":["same-origin"],"X-Requested-With":["XMLHttpRequest"]},"tls":{"resumed":false,"version":0,"cipher_suite":0,"proto":"","server_name":""}},"headers":{"Date":["Sat, 01 Oct 2022 11:26:59 GMT"],"Content-Type":["application/json"],"Server":["TwistedWeb"],"Content-Encoding":["gzip"]},"status":200}
Oct 01 11:26:59 ubuntu caddy[1189]: {"level":"debug","ts":1664623619.0667958,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"192.168.1.200:8112","duration":0.047645475,"request":{"remote_ip":"195.99.37.194","remote_port":"54917","proto":"HTTP/3.0","method":"POST","host":"deluge.example.com","uri":"/json","headers":{"Sec-Ch-Ua-Platform":["\"Windows\""],"Authorization":[],"X-Forwarded-Proto":["https"],"Accept-Language":["en-GB,en-US;q=0.9,en;q=0.8"],"Sec-Ch-Ua":["\"Chromium\";v=\"106\", \"Google Chrome\";v=\"106\", \"Not;A=Brand\";v=\"99\""],"Content-Type":["application/json"],"Sec-Fetch-Dest":["empty"],"Referer":["https://deluge.example.com/"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"],"X-Forwarded-Host":["deluge.example.com"],"Sec-Fetch-Mode":["cors"],"Sec-Fetch-Site":["same-origin"],"Sec-Ch-Ua-Mobile":["?0"],"Accept":["*/*"],"Accept-Encoding":["gzip, deflate, br"],"X-Requested-With":["XMLHttpRequest"],"Origin":["https://deluge.example.com"],"X-Forwarded-For":["195.99.37.194"]},"tls":{"resumed":false,"version":0,"cipher_suite":0,"proto":"","server_name":""}},"headers":{"Content-Encoding":["gzip"],"Date":["Sat, 01 Oct 2022 11:26:59 GMT"],"Server":["TwistedWeb"],"Content-Type":["application/json"]},"status":200}
Oct 01 11:26:59 ubuntu caddy[1189]: {"level":"debug","ts":1664623619.066871,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"192.168.1.200:8112","duration":0.022330076,"request":{"remote_ip":"195.99.37.194","remote_port":"54917","proto":"HTTP/3.0","method":"GET","host":"deluge.example.com","uri":"/images/s.gif","headers":{"Accept-Language":["en-GB,en-US;q=0.9,en;q=0.8"],"X-Forwarded-Proto":["https"],"Sec-Fetch-Mode":["no-cors"],"Referer":["https://deluge.example.com/"],"Authorization":[],"Sec-Ch-Ua-Mobile":["?0"],"Sec-Ch-Ua":["\"Chromium\";v=\"106\", \"Google Chrome\";v=\"106\", \"Not;A=Brand\";v=\"99\""],"X-Forwarded-For":["195.99.37.194"],"X-Forwarded-Host":["deluge.example.com"],"Sec-Fetch-Site":["same-origin"],"Accept-Encoding":["gzip, deflate, br"],"Sec-Ch-Ua-Platform":["\"Windows\""],"Sec-Fetch-Dest":["image"],"Accept":["image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"]},"tls":{"resumed":false,"version":0,"cipher_suite":0,"proto":"","server_name":""}},"headers":{"Server":["TwistedWeb"],"Date":["Sat, 01 Oct 2022 11:26:59 GMT"],"Content-Type":["image/gif"],"Content-Length":["43"]},"status":200}
Oct 01 11:26:59 ubuntu caddy[1189]: {"level":"debug","ts":1664623619.0981379,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"192.168.1.200:8112","total_upstreams":1}
Oct 01 11:26:59 ubuntu caddy[1189]: {"level":"debug","ts":1664623619.105707,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"192.168.1.200:8112","duration":0.007158045,"request":{"remote_ip":"195.99.37.194","remote_port":"54917","proto":"HTTP/3.0","method":"GET","host":"deluge.example.com","uri":"/icons/deluge-32.png","headers":{"Sec-Ch-Ua-Platform":["\"Windows\""],"Sec-Fetch-Dest":["image"],"Accept-Encoding":["gzip, deflate, br"],"X-Forwarded-Proto":["https"],"Sec-Ch-Ua-Mobile":["?0"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"],"Accept-Language":["en-GB,en-US;q=0.9,en;q=0.8"],"Accept":["image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8"],"Sec-Fetch-Site":["same-origin"],"Authorization":[],"Sec-Fetch-Mode":["no-cors"],"Referer":["https://deluge.example.com/"],"Sec-Ch-Ua":["\"Chromium\";v=\"106\", \"Google Chrome\";v=\"106\", \"Not;A=Brand\";v=\"99\""],"X-Forwarded-For":["195.99.37.194"],"X-Forwarded-Host":["deluge.example.com"]},"tls":{"resumed":false,"version":0,"cipher_suite":0,"proto":"","server_name":""}},"headers":{"Content-Length":["1126"],"Server":["TwistedWeb"],"Date":["Sat, 01 Oct 2022 11:26:59 GMT"],"Content-Type":["image/png"]},"status":200}
Oct 01 11:26:59 ubuntu caddy[1189]: {"level":"debug","ts":1664623619.122717,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"192.168.1.200:8112","total_upstreams":1}
Oct 01 11:26:59 ubuntu caddy[1189]: {"level":"debug","ts":1664623619.1306882,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"192.168.1.200:8112","duration":0.007557213,"request":{"remote_ip":"195.99.37.194","remote_port":"54917","proto":"HTTP/3.0","method":"POST","host":"deluge.example.com","uri":"/json","headers":{"Accept-Language":["en-GB,en-US;q=0.9,en;q=0.8"],"Authorization":[],"X-Forwarded-Host":["deluge.example.com"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"],"Referer":["https://deluge.example.com/"],"X-Requested-With":["XMLHttpRequest"],"Sec-Fetch-Site":["same-origin"],"Content-Type":["application/json"],"Sec-Ch-Ua":["\"Chromium\";v=\"106\", \"Google Chrome\";v=\"106\", \"Not;A=Brand\";v=\"99\""],"Origin":["https://deluge.example.com"],"Sec-Ch-Ua-Platform":["\"Windows\""],"Accept-Encoding":["gzip, deflate, br"],"Sec-Fetch-Mode":["cors"],"Accept":["*/*"],"Sec-Fetch-Dest":["empty"],"Sec-Ch-Ua-Mobile":["?0"],"X-Forwarded-For":["195.99.37.194"],"X-Forwarded-Proto":["https"]},"tls":{"resumed":false,"version":0,"cipher_suite":0,"proto":"","server_name":""}},"headers":{"Server":["TwistedWeb"],"Date":["Sat, 01 Oct 2022 11:26:59 GMT"],"Content-Type":["application/json"],"Content-Encoding":["gzip"]},"status":200}
Oct 01 11:26:59 ubuntu caddy[1189]: {"level":"debug","ts":1664623619.1770716,"logger":"http.handlers.reverse_proxy","msg":"selected upstream","dial":"192.168.1.200:8112","total_upstreams":1}
Oct 01 11:26:59 ubuntu caddy[1189]: {"level":"debug","ts":1664623619.1838822,"logger":"http.handlers.reverse_proxy","msg":"upstream roundtrip","upstream":"192.168.1.200:8112","duration":0.006200177,"request":{"remote_ip":"195.99.37.194","remote_port":"54917","proto":"HTTP/3.0","method":"GET","host":"deluge.example.com","uri":"/icons/login.png","headers":{"Sec-Ch-Ua-Platform":["\"Windows\""],"Accept-Language":["en-GB,en-US;q=0.9,en;q=0.8"],"X-Forwarded-Host":["deluge.example.com"],"Referer":["https://deluge.example.com/css/deluge.css"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36"],"Sec-Fetch-Mode":["no-cors"],"Sec-Fetch-Dest":["image"],"Sec-Ch-Ua-Mobile":["?0"],"Accept":["image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8"],"X-Forwarded-For":["195.99.37.194"],"X-Forwarded-Proto":["https"],"Accept-Encoding":["gzip, deflate, br"],"Sec-Fetch-Site":["same-origin"],"Authorization":[],"Sec-Ch-Ua":["\"Chromium\";v=\"106\", \"Google Chrome\";v=\"106\", \"Not;A=Brand\";v=\"99\""]},"tls":{"resumed":false,"version":0,"cipher_suite":0,"proto":"","server_name":""}},"headers":{"Content-Length":["469"],"Server":["TwistedWeb"],"Date":["Sat, 01 Oct 2022 11:26:59 GMT"],"Content-Type":["image/png"]},"status":200}
Logs from mobile which does not authenticate
Oct 01 11:42:43 ubuntu caddy[1189]: {"level":"debug","ts":1664624563.3588946,"logger":"http.log.error","msg":"not authenticated","request":{"remote_ip":"82.132.228.248","remote_port":"24234","proto":"HTTP/3.0","method":"GET","host":"deluge.example.com","uri":"/","headers":{"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"],"Sec-Ch-Ua":["\"Chromium\";v=\"106\", \"Google Chrome\";v=\"106\", \"Not;A=Brand\";v=\"99\""],"Sec-Ch-Ua-Platform":["\"Android\""],"Accept-Encoding":["gzip, deflate, br"],"Accept-Language":["en-GB,en-US;q=0.9,en;q=0.8"],"Upgrade-Insecure-Requests":["1"],"User-Agent":["Mozilla/5.0 (Linux; Android 11; ONEPLUS A6003) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Mobile Safari/537.36"],"Sec-Fetch-Site":["none"],"Sec-Fetch-Mode":["navigate"],"Sec-Fetch-User":["?1"],"Sec-Fetch-Dest":["document"],"Sec-Ch-Ua-Mobile":["?1"]},"tls":{"resumed":false,"version":0,"cipher_suite":0,"proto":"","server_name":""}},"duration":0.000146927,"status":401,"err_id":"d1si6nhgq","err_trace":"caddyauth.Authentication.ServeHTTP (caddyauth.go:88)"}
Oct 01 11:42:50 ubuntu caddy[1189]: {"level":"debug","ts":1664624570.0178053,"logger":"http.log.error","msg":"not authenticated","request":{"remote_ip":"82.132.228.248","remote_port":"24234","proto":"HTTP/3.0","method":"GET","host":"deluge.example.com","uri":"/","headers":{"Authorization":[],"Sec-Ch-Ua-Platform":["\"Android\""],"User-Agent":["Mozilla/5.0 (Linux; Android 11; ONEPLUS A6003) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Mobile Safari/537.36"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9"],"Sec-Fetch-User":["?1"],"Accept-Language":["en-GB,en-US;q=0.9,en;q=0.8"],"Sec-Fetch-Site":["none"],"Sec-Fetch-Mode":["navigate"],"Cache-Control":["max-age=0"],"Sec-Ch-Ua":["\"Chromium\";v=\"106\", \"Google Chrome\";v=\"106\", \"Not;A=Brand\";v=\"99\""],"Upgrade-Insecure-Requests":["1"],"Sec-Fetch-Dest":["document"],"Sec-Ch-Ua-Mobile":["?1"],"Accept-Encoding":["gzip, deflate, br"]},"tls":{"resumed":false,"version":0,"cipher_suite":0,"proto":"","server_name":""}},"duration":0.000245053,"status":401,"err_id":"9c7i0nkb2","err_trace":"caddyauth.Authentication.ServeHTTP (caddyauth.go:88)"}