1. Output of caddy version
:
v2.5.2 h1:eCJdLyEyAGzuQTa5Mh3gETnYWDClo1LjtQm2q9RNZrs=
2. How I run Caddy:
caddy run
a. System environment:
Windows 11
d. My complete Caddy config:
domain {
header X-Real-IP {http.request.header.CF-Connecting-IP}
header X-Forwarded-For {http.request.header.CF-Connecting-IP}
header X-Forwarded-Host {http.request.hostport}
encode gzip
#SSL Settings
tls mail@mail.com {
dns cloudflare key
resolvers 1.1.1.1
}
@blocked {
#Only allow user-agents specified below and block everything else
not header_regexp User-Agent (?i)(TestName1*|TestName2*|cdn*)
remote_ip private_ranges
}
handle @blocked {
abort
}
handle {
@public {
#Allow lan ip's to skip basicAuth
not remote_ip private_ranges
}
basicauth @public {
USERNAME PASSWORD
}
handle_path /test {
root * C:\test.txt
file_server browse
}
}
}
3. The problem I’m having:
My last topic was about how to block any user agent in incoming request but allow specific named User-Agent to allow getting respond
I want to mix up cloudflare with this script that @francislavoie helped me with. again thanks
The new problem is where I will get 520 responds since its now effective blocking all User-Agent but the one stated in my caddy file.
It seems it also takes out the cloudflare own user agent internally because I’m being met by 520 respond now.
If I however add cdn*
to the caddyfile which I think is what cloudflare it self uses, then it works in the way that it actually ignores everything and makes all the other User-Agent and the script be obsolete, like the script was never there…
Is the script wasted when you use cloudflare as tunnel for that or can it be altered to in a way to make it work like its supposed to do when cloudflare is not added into the mix.
Maybe its the wrong way to handle this, maybe blocking all User-Agent via the cloudflare own panel system is the right way to do it, if it’s even possible?