http.proxyprotocol Plugin

This feature does not come with Caddy by default. To get it, select the http.proxyprotocol plugin when you download Caddy.

This directive adds PROXY protocol (both v1 and v2) support to Caddy. The PROXY PROTOCOL allows the client IP to be passed through a load balancer like those used in AWS or Google Cloud.

Full documentation

Examples

Enable PROXY Protocol Support

proxyprotocol

Requires all connections (both IPv4 and IPv6) to specify a PROXY header. Both V1 (human readable) and V2 (binary) protocol versions are supported, and will be auto-detected.

Filter by Source Address

proxyprotocol 10.22.0.0/16 10.23.0.1/32 ::/0

Requires connections from the subnet 10.22.0.0/16, the IP 10.23.0.1, and any IPv6 address to specify a PROXY header. All connections from other sources will still operate normally, as if the proxyprotocol directive was not in use. Note It is important to filter to only trusted sources (e.g. proxies, LB), since it is trivial to spoof the source address otherwise.

Custom Timeout

proxyprotocol { timeout 3s }

Changes the timeout for reading the complete PROXY header to 3 seconds. The default is 5 seconds.

Related Links

Documentation

Access the full documentation for this plugin off-site:

Docs

Plugin Help

Get help from the maintainers of the http.proxyprotocol plugin:

Support

Plugin Website

Visit http.proxyprotocol’s website for more information:

Website

Plugin Author: Nathaniel Caza

Last Updated: 26 Jul 2019, 12:24 AM

This plugin is independent of the Caddy project and is not endorsed or maintained by Caddy developers. Use at your own risk. Do not file issues for this plugin on Caddy’s bug tracker.