I've a subdomain: api.example.com
And I've a caddyfile that use a reverse proxy to redirect to my api backend:
api.example.com {
basicauth {
user my_hashed_password
}
reverse_proxy localhost:8000
}
As you can see I protect the access of this api with a simple basicauth. It work as expected. But I can still access the api without authentication if use my_ip:8000 (for example 1.1.1.1:8000). How can I also apply the basic auth for the ip direct access ?
I've tried something like:
:8000 {
basicauth {
user my_hashed_password
}
handle api.example.com {
reverse_proxy localhost:8000
}
}
But caddy is angry because I use a reverse_proxy on the same port as the one declared above.
If port 8000 is not configured in Caddy, you cannot add basicauth in Caddy. You need to configure it in the application that is listening on port 8000.