Scroll to navigation

Caddy(8) Caddy(8)

NAME

caddy-reverse-proxy - A quick and production-ready reverse proxy

SYNOPSIS

caddy reverse-proxy [--from ] [--to ] [--change-host-header] [--insecure] [--internal-certs] [--disable-redirects] [--header-up "Field: value"] [--header-down "Field: value"] [--access-log] [--debug] [flags]

DESCRIPTION

A simple but production-ready reverse proxy. Useful for quick deployments, demos, and development.

Simply shuttles HTTP(S) traffic from the --from address to the --to address. Multiple --to addresses may be specified by repeating the flag.

Unless otherwise specified in the addresses, the --from address will be assumed to be HTTPS if a hostname is given, and the --to address will be assumed to be HTTP.

If the --from address has a host or IP, Caddy will attempt to serve the proxy over HTTPS with a certificate (unless overridden by the HTTP scheme or port).

If serving HTTPS:
--disable-redirects can be used to avoid binding to the HTTP port.
--internal-certs can be used to force issuance certs using the internal
CA instead of attempting to issue a public certificate.

For proxying:
--header-up can be used to set a request header to send to the upstream.
--header-down can be used to set a response header to send back to the client.
--change-host-header sets the Host header on the request to the address
of the upstream, instead of defaulting to the incoming Host header. This is a shortcut for --header-up "Host: {http.reverse_proxy.upstream.hostport}".
--insecure disables TLS verification with the upstream. WARNING: THIS
DISABLES SECURITY BY NOT VERIFYING THE UPSTREAM'S CERTIFICATE.

OPTIONS

--access-log[=false] Enable the access log

-c, --change-host-header[=false] Set upstream Host header to address of upstream

-v, --debug[=false] Enable verbose debug logs

-r, --disable-redirects[=false] Disable HTTP->HTTPS redirects

-f, --from="localhost" Address on which to receive traffic

-d, --header-down=[] Set a response header to send back to the client (format: "Field: value")

-H, --header-up=[] Set a request header to send to the upstream (format: "Field: value")

-h, --help[=false] help for reverse-proxy

--insecure[=false] Disable TLS verification (WARNING: DISABLES SECURITY BY NOT VERIFYING TLS CERTIFICATES!)

-i, --internal-certs[=false] Use internal CA for issuing certs

-t, --to=[] Upstream address(es) to which traffic should be sent

SEE ALSO

caddy(8)

HISTORY

19-Jun-2024 Auto generated by spf13/cobra

Jun 2024 Auto generated by spf13/cobra