1. The problem I’m having:
I have a site block that looks like this:
example.com:443 {
@accept client_ip 10.10.0.0/16
@denied not client_ip 192.168.54.0/24
handle @accept {
reverse_proxy 192.168.54.7:80
}
handle @denied {
abort
}
handle {
reverse_proxy 192.168.54.7:80
}
}
I want to make sure I understood the documentation correctly. From what I’ve read, I understand this site block to mean:
- Any requests from the 10.10.0.0/16 network should be accepted and reverse_proxied to 192.168.54.7:80.
- Any requests NOT from the 192.168.54.0/24 network should abort (unless already accepted by the @accept matcher in step #1).
- All other requests not rejected by #2 or already accepted by #1 should now be accepted.
Is this the correct interpretation? Basically: accept requests from 10.10.0.0/16 and 192.168.54.0/24, and abort all others? Is there an easier way to do this? I was thinking this would do the same thing and would be simpler:
example.com:443 {
@accept client_ip 10.10.0.0/16 192.168.54.0/24
handle @accept {
reverse_proxy 192.168.54.7:80
}
handle {
abort
}
}
2. Error messages and/or full log output:
no error messages. both seem to work fine i believe.....
3. Caddy version: v2.9.1
4. How I installed and ran Caddy:
using docker.
a. System environment:
ubuntu 24.04
b. Command:
docker compose up
c. Service/unit/compose file:
services:
caddy:
container_name: caddy
image: caddy:latest
restart: unless-stopped
ports:
- "80:80"
- "443:443"
- "443:443/udp"
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile
- ./site:/srv
- caddy_data:/data
- caddy_config:/config
networks:
- reverse_proxy
volumes:
caddy_data:
caddy_config:
networks:
reverse_proxy:
external: true
d. My complete Caddy config:
example.com:443 {
@accept client_ip 10.10.0.0/16
@denied not client_ip 192.168.54.0/24
handle @accept {
reverse_proxy 192.168.54.7:80
}
handle @denied {
abort
}
handle {
reverse_proxy 192.168.54.7:80
}
}