英文:
How to protect direct ip access in caddy
问题
I have a subdomain: api.example.com
And I have a Caddyfile that uses a reverse proxy to redirect to my API backend:
api.example.com {
basicauth {
user my_hashed_password
}
reverse_proxy localhost:8000
}
如您所见,我使用了简单的 basicauth 来保护对此 API 的访问。它按预期工作。但是,如果使用 my_ip:8000(例如 1.1.1.1:8000),我仍然可以访问 API 而无需身份验证。如何也对 IP 直接访问应用基本身份验证?
我尝试过以下方式:
:8000 {
basicauth {
user my_hashed_password
}
handle api.example.com {
reverse_proxy localhost:8000
}
}
但是 Caddy 报错,因为我在与上面声明的端口相同的端口上使用了反向代理。
英文:
I've a subdomain: api.example.com
And I've a caddyfile that use a reverse proxy to redirect to my api backend:
api.example.com {
basicauth {
user my_hashed_password
}
reverse_proxy localhost:8000
}
As you can see I protect the access of this api with a simple basicauth. It work as expected. But I can still access the api without authentication if use my_ip:8000 (for example 1.1.1.1:8000). How can I also apply the basic auth for the ip direct access ?
I've tried something like:
:8000 {
basicauth {
user my_hashed_password
}
handle api.example.com {
reverse_proxy localhost:8000
}
}
But caddy is angry because I use a reverse_proxy on the same port as the one declared above.
答案1
得分: 1
If port 8000 is not configured in Caddy, you cannot add basicauth in Caddy. You need to configure it in the application that is listening on port 8000.
英文:
If port 8000 is not configured in Caddy, you cannot add basicauth in Caddy. You need to configure it in the application that is listening on port 8000.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论