Using Caddyserver in a Server together with Apache (Cpanel / WHMCS)

luisalvarado · February 20, 2024, 3:20pm

1. The problem I’m having:

I will be brief here with the explanation because it has been 2 years on this and now I have an opportunity to show caddyserver. I have a client that has about 50 domains all inside a server. He has several developers that are very reluctant to use caddyserver on the server, to the point that they only use Apache because it comes by default with Cpanel / WHMCS.

Currently they changed from CentOS to Ubuntu with the Cpanel server. I am trying to run Caddy on the server, but every time the domain is access, cpanel is the one that grabs it first before caddyserver even sees the traffic. How can I do something along the lines of:

Hey Cpanel, do not handle THIS specific sub domain or domain and let caddyserver handle it.

Can Caddyserver work together in a server that apache is also in?

The Caddyserver configuration is like this:

{
http_port 8080
https_port 8443
}
api.testsite.com {
        # Set this path to your site's directory.
        root * /var/www/api
        tls luisalvaradox@gmail.com
        # Enable the static file server.
        header Access-Control-Allow-Origin "*"
        header Access-Control-Allow-Methods "POST, GET, OPTIONS, PUT, DELETE"
        header Access-Control-Allow-Headers "*"
        header Server "CaddyServer 1.0"
        file_server
        encode gzip zstd
        # Another common task is to set up a reverse proxy:
        # reverse_proxy localhost:8080
        # Or serve a PHP site through php-fpm:
        try_files {path} {path}/index.php
        php_fastcgi unix//opt/cpanel/ea-php81/root/usr/var/run/23450a7cf9fcb8aeaf115a274c59fb54f0db770d.sock

        # Refer to the Caddy docs for more information:
        # https://caddyserver.com/docs/caddyfile
        @cachedFiles {
          path *.ico *.css *.js *.gif *.jpg *.jpeg *.png *.webp *.svg *.woff *.woff2
        }
        header @cachedFiles Cache-Control max-age=31536000
}

2. Error messages and/or full log output:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

3. Caddy version:

Caddy version is 2.7.6

4. How I installed and ran Caddy:

a. System environment:

from the PPA it was installed.

b. Command:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

c. Service/unit/compose file:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

d. My complete Caddy config:

PASTE OVER THIS, BETWEEN THE ``` LINES.
Please use the preview pane to ensure it looks nice.

5. Links to relevant resources:

francislavoie · February 20, 2024, 6:50pm

You’d need to configure Cpanel to listen on a different port (e.g. 8080) and then let Caddy use ports 80 and 443.

Default port for HTTP = 80, HTTPS = 443. So if in your browser you don’t specify a port, it uses those. So for Caddy to be in front and to successfully perform ACME issuance, you need to let it use those ports.

Please mind your post’s formatting. Use code blocks (i.e. the </> button). Your config lost formatting so it’s difficult to read.

Please completely fill out the help topic template as per the forum rules.

luisalvarado · February 21, 2024, 5:14pm

Thank you Francis, although I highly doubt they will let me change ANYTHING on cpanel. How can I tell caddy to use a different port which would also include the SSL certificate automation to work without the Apache developers not involved yet since they do not want Caddy. For the formatting let me fix that in a sec.

francislavoie · February 21, 2024, 5:30pm

It’s impossible. Using port 80 and 443 is a requirement of the ACME protocol for the ACME HTTP and TLS-ALPN challenges respectively.

(By the way, SSL is a deprecated term, it’s been called TLS since 1999.)

If you can’t change Cpanel, then you’ll either need to run Caddy on a separate server, or isolate Cpanel and Caddy from eachother using VMs or Docker containers.

(You could configure your firewall/router to route ports 80/443 to your server’s 8080/8443 which would let you run both in the same context, but that’s awkward and not a good solution, it’s a fundamentally flawed idea.)

luisalvarado · February 21, 2024, 5:55pm

Thank you again buddy. Yeah I think I will need to talk to the owner and show him this conversation. Basically he is tied with Apache with the current developers and they all use cpanel only.

in any case, thank you for the fast reply and guidance, it was super valuable trust me.

system · March 22, 2024, 5:55pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.