Understanding Caddy Config


I’ve inherited some infrastructure and as part of this we have a Caddy server.

I’ve gone through the Caddy file and I’m happy with all of the config except for the :443, :80 start of the block.

I assume that :443 and :80 are telling Caddy to listen on port 443 and 80? Or is it that if traffic comes in on either of these ports to use the configuration in the block?

:443, :80 {
  root /opt/caddy/html

  proxy / PROXY_IP1 PROXY_IP2 {
    policy ip_hash
    except /proxy_health

  log / /var/log/caddy/access.log "[{when}] {hostname} {method} {host} {path} {query} {status} {latency} {size} {>X-Forwarded-For} {>X-Forwarded-Proto} {>X-Dest-Ip}"
  errors /var/log/caddy/errors.log

  tls letsencrypt@example.com
  tls {
    max_certs 100

  realip {

Is there any documentation over starting a block like this? I wasn’t able to find any.


Yep, it tells Caddy to respond with the site defined in that whole block for all requests to port 443 and port 80. If any other sites are defined with specific hostnames on those ports, they will have priority, but if that’s all there is, this is a catch-all. This is explained here in the docs: https://caddyserver.com/docs/http-caddyfile#addresses

Bit of a shame, this config doesn’t benefit from automatic HTTP->HTTPS redirects. Changing the first line to just :443 { would enable redirects, I believe. The tls lines can also be combined:

tls letsencrypt@example.com {
    max_certs 100

I fixed the formatting of your post, too, to use a code block instead of a quote.

Thanks very much.

I’m not sure how I missed that page!

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.