jerome724
(Jerome Peters)
May 7, 2017, 6:19am
1
I’m having some trouble with Cloudflare and Caddy, i want to use Caddy as my reverse proxy, but i still want to use Cloudflare (protection etc).
My config:
mydomain.com {
log ./logs/access.log
proxy / 127.0.0.1:8443
}
When i try to visit the website, i’m getting an 502 error from Cloudflare, and Caddy logs the following: 07/May/2017:09:01:23 +0200 [ERROR 502 /] EOF
.
The backend is a node.js app, and the app is working fine. Any idea what i’m doing wrong here?
Looks like CloudFlare is passing on the 502 from Caddy, it might be having some problem connecting to your app. Try grey-cloud the site and re-test it first to rule out a CloudFlare issue, then do a manual request from the Caddy host to 127.0.0.1:8443
and see what you get (header-wise too).
jerome724
(Jerome Peters)
May 8, 2017, 12:43pm
3
I disabled Cloudflare, so no HTTP proxy, DNS only, then it is working fine, page loads, views are rendered etc.
When i enable the CF HTTP Proxy again i get again the 502.
What’s your CloudFlare SSL level set to in the Crypto settings? It should be Full or Full (Strict).
jerome724
(Jerome Peters)
May 8, 2017, 1:13pm
5
Okay never mind, i’m just stupid (╯°□°)╯︵ ┻━┻
I had HSTS enabled, and forgot to delete the HSTS entry for my domain in chrome. Now everything is working fine!
Config for Cloudflare:
SSL: Full (strict)
Authenticated Origin Pulls: On
Opportunistic Encryption: On
HTTP Strict Transport Security (HSTS):
Status: On
Max-Age: 1 month
Include subdomains: On
Preload: On
No-sniff: On
Caddy Config:
preview.jerome724.com {
# Access Logs
log ./logs/access.log
# Error Logs
errors ./logs/error.log
# Enable gzip
gzip {
level 5
}
# Set security headers / custom headers
header / {
Server "Caddy Server"
}
# Minify content except /api
minify / {
if {path} not_match ^(\/api).*
}
# TLS
tls {
dns cloudflare
}
# Set max requestbody size
maxrequestbody {
/ 500KB
}
# Rate Limit all requests
# 5 requests/second, burst 10 requests/second
ratelimit / 5 10 second
# Reverse Proxy
proxy / 127.0.0.1:8443 {
header_upstream Host {host}
header_upstream X-Real-IP {remote}
header_upstream X-Forwarded-For {remote}
header_upstream X-Forwarded-Proto {scheme}
}
}
My node.js app (HapiJS) has no SSL!
const server = new Hapi.Server({
debug: {
request: ['error']
}
});
server.connection({
host: Config.web.server.host,
port: Config.web.server.port,
});
In case someone has the same problem.
Thanks for your help @Whitestrake
Can be closed
1 Like
system
(system)
Closed
August 6, 2017, 1:25pm
6
This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.