verifydomain

package module

v1.0.0 Latest Latest Go to latest Published: Oct 25, 2023 License: MIT Imports: 15 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

README ¶

Verify Domain module for Caddy v2

This module provides a simple domain validation mechanism that can be used in conjunction with on-demand-tls. It's primary goal is implementing basic security mechanisms to prevents abuse of Caddy's Automatic HTTPS functionality when accepting / upgrading all incoming requests to HTTPS.

A simple configuration example:

{
    auto_https disable_redirects
    on_demand_tls {
        ask http://localhost/ask
    }
    order verify_domain last
}

http:// {
    verify_domain {
        listen_url http://localhost/ask
    }
}

https:// {
	tls {
		on_demand
	}
}

When Caddy makes a request to the defined on_demand_tls.listen_url URL, this module intercepts and verifies value of query string parameter domain ensuring:

it is not an IP address,
it is DNS resolvable,
it does not resolve to a loopback or private IP address,
it resolves to the current Caddy server address (by making a simple HTTP challenge request)

Documentation ¶

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type Config ¶

type Config struct {
	Listen string `json:"listen_url,omitempty"`
	Port   string `json:"challenge_port,omitempty"`
	Salt   string `json:"challenge_salt,omitempty"`
}

type VerifyDomain ¶

type VerifyDomain struct {
	Config
	Listen string `json:"listen_url,omitempty"`
	Port   string `json:"challenge_port,omitempty"`
	Salt   string `json:"challenge_salt,omitempty"`
	// contains filtered or unexported fields
}

func (VerifyDomain) CaddyModule ¶

func (VerifyDomain) CaddyModule() caddy.ModuleInfo

CaddyModule returns the Caddy module information

func (*VerifyDomain) Provision ¶

func (vd *VerifyDomain) Provision(ctx caddy.Context) error

Provision VerifyDomain configuration

func (VerifyDomain) ServeHTTP ¶

func (vd VerifyDomain) ServeHTTP(w http.ResponseWriter, r *http.Request, next caddyhttp.Handler) error

func (*VerifyDomain) UnmarshalCaddyfile ¶

func (v *VerifyDomain) UnmarshalCaddyfile(d *caddyfile.Dispenser) error

UnmarshalCaddyfile implements caddyfile.Unmarshaler

func (*VerifyDomain) Validate ¶

func (vd *VerifyDomain) Validate() error

Validate implements caddy.Validator

Source Files ¶

View all Source files

verifydomain.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL