Caddy is essentially a configuration management system that can run various apps like an HTTP server, TLS certificate manager, PKI facilities, and more. It can be extended with plugins known as config modules.
Caddy sports a flexible and powerful HTTP reverse proxy, on-line configuration API, and a robust, production-ready static file server, and serves all sites over HTTPS by default with automagic TLS certificates.
The language choice is crucial for a web server. Most servers (NGINX, Apache, HAProxy, etc.) and their dependencies are written in C, which are vulnerable to catastrophic memory safety bugs like Heartbleed. Go programs like Caddy are impervious to a whole class of security vulnerabilities.
Caddy is statically compiled. Dynamically-linked applications can easily break in production and may be less secure as shared executable resources are loaded from various places around the system. Generally, Caddy binaries do not necessarily require external libraries — not even libc.
</div>
<divclass="detail">
None
</div>
</div>
<divclass="feature-row">
<h4>Compile time</h4>
<divclass="benefits">
On consumer hardware, standard Caddy builds compile in just a few seconds. This is crucial for rapid iteration, plugin development, and low-cost deployments.
Caddy's regular expression language is <ahref="https://swtch.com/~rsc/regexp/regexp1.html">based on the Thompson NFA and has numerous performance improvements over PCRE</a> used by other web servers. It guarantees the runtime cost increases linearly instead of exponentially. This is ideal when evaluating untrusted input.
Go's runtime optimizes scheduled CPU time in smarter ways than the operating system can using lightweight user-space threads called goroutines. Caddy easily handles hundreds of thousands of requests per second.
</div>
<divclass="detail">
Goroutines (epoll + kqueue)
</div>
</div>
<divclass="feature-row">
<h4>Plugin model</h4>
<divclass="benefits">
Caddy can be extended by compile-time plugins, which compile as native code, in a way that cannot be broken during deployments or by system upgrades. With no IPC or RPC calls, Caddy extensions perform equally well with native code.
Top-level configuration structures are called app modules, or Caddy apps. They provide the bulk of Caddy's functionality. Anyone can write app modules, and Caddy comes with several standard apps built-in.
Caddy's logging can be configured as to format, verbosity, output, and more.
</div>
<ulclass="detail">
<li>Leveled</li>
<li>Structured</li>
<li>High efficiency, zero-allocation</li>
</ul>
</div>
<divclass="feature-row">
<h4>Storage</h4>
<divclass="benefits">
Assets and state are stored in configurable storage modules. Third-party plugins add databases like Postgres and Redis, or orchestrators like Consul and Vault.
</div>
<divclass="detail">
<li>File system</li>
<li>Embedded (in-memory)</li>
</div>
</div>
</div>
</div>
</section>
<sectionclass="diagonal down dark feature">
<divclass="wrapper">
<h2>
Command line interface
</h2>
<p>
Caddy's CLI is not only useful—it's <i>helpful</i>. While most server CLIs stop at running the process and reloading config, Caddy's CLI goes the extra lightyear to help make administering your web server a breeze.
</p>
<p>
Plugins can register their own subcommands to extend Caddy's CLI.
