This seems too straightforward, what’s the catch?
Like how secure is it? Should I be turning it off (and disabling the port forwarding) when not using it?
Do I need any additional security? Mainly just want to use it for Jellyfin
Thanks
1 point
Something I encountered last week.
- wanted to test running caddy without https and without being open to the world, to turn off automatic https.
- Googled and came up with auto_https off documentation that I read.
- It did not work, http still did not work
- Googled more and landed on forum page that explained why auto_https is not working and that it needs explicitly stated
http:\\or port:80in the address. Otherwise caddy will listen by default for only https.
It was no biggie, that forum post is literally the second google result for auto_https and does good job, but you asked and I have it fresh in memory…
1 point
Thanks, that’s helpful. Yeah the docs for auto_https should explain up-front that this only affects the feature called “Automatic HTTPS” and does not change the default port/procotol of Caddy, which is always HTTPS unless otherwise specified (i.e. by using http:// as a site address prefix, or :80 as a suffix).