site on
HTTPS
By default, Caddy automatically obtains and renews TLS certificates for all your sites.
HTTPS/TLS for custom domains
The secret sauce of almost every white-label SaaS is Caddy's original On-Demand TLS feature. Grow your SaaS business by orders of magnitude with ease!
Dynamically provision certificates
With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains.
Massively scale your TLS
Other web servers and scripted certificate tools fall over with hundreds of thousands of sites or thousands of instances. Caddy is designed to manage certificates reliably at this scale.
The most advanced HTTPS server in the world
All you need for TLS and PKI 🔐
Caddy securely serves all sites with TLS by default. It can also manage your internal PKI for you across a fleet of servers and clients.
On-line config API ⚡️
Caddy's native configuration is a JSON document that you can export and manipulate with a RESTful config API.
PCI, HIPAA, and NIST compliant ✅
Caddy's TLS defaults are secure and pass PCI, HIPAA, and NIST compliance requirements. Yes, defaults: no hassle required.
HTTPS for localhost 🏠
We mean it when we say Caddy serves every site on HTTPS. Even localhost and internal IPs are served with TLS using the intermediate of a fully-automated, self-managed CA that is automatically installed into most local trust stores.
Cluster coordination 🌐
Simply configure multiple Caddy instances with the same storage, and they will automatically coordinate certificate management and share resources such as keys and OCSP staples!
Experience it
Discover Caddy's automagic HTTPS features.
Point any subdomain named caddydemo to:
A
1.2.3.4
AAAA
::f00
Then visit it in your browser.
You'll notice how Caddy provisions a certificate for your domain automatically.
Caddy is capable of serving TLS for any domains and IPs. This demo is intentionally restricted.
Not working? Make sure to use a subdomain of a registered domain, not a "sub-subdomain." Verify you have created the public DNS records shown above with the correct values. You may have to allow time for propagation. Consult your DNS provider's documentation or support for more information.
Example subdomains that could work: caddydemo.example.net, caddydemo.example.co.uk
sponsored by users like you
Caddy is free software and relies on sponsorships to survive. They aren't just donations: they ensure ongoing development and provide your business with tangible benefits!
See sponsorshipsA truly forward-thinking reverse proxy
Caddy's proxy was designed to be as forward-compatible as possible and has major batteries included: load balancing, active and passive health checks, dynamic upstreams, retries, pluggable transports, and of course, best-in-class TLS security.
Proxy HTTP, FastCGI, WebSockets, and more
Capable of proxying HTTP and HTTPS, but also WebSockets, gRPC, FastCGI (usually PHP), and more! The underlying transport module is extensible for any custom way to generate an HTTP response.
Dynamic backends
Provide Caddy with a static list of backends or enable a module to retrieve backends dynamically during each request: ideal for rapidly changing environments. Caddy flows with your infrastructure!
High availability
Caddy comes with a whole suite of high availability (HA) features: advanced health checking, graceful (hitless) config changes, circuit breaking, load limiting, on-line retries, and more. The best part? It's all free. No enterprise-level paywalls.
software assurance
Without sponsorships, Caddy could stop being developed at any time. With sponsorships, you gain peace of mind knowing that the project will continue to be developed, along with tangible benefits like private support and training.
See sponsorships
Sean Lin
Example product manager
Production-grade static file server
Serving static files is a tried-and-true method of delivering sites to numerous clients efficiently. Caddy has a robust file server that can be combined with other middleware features for the ultimate effortless website.
Compression
Caddy can compress files on-the-fly or serve precompressed files for extra performance. Caddy is also the first web server to support Zstandard encoding.
Virtual file systems
Serve your static site from anything: the local file system, remote cloud storage, a database, or even embedded in the server binary!
Range requests, Etags, and more
Unlike many simpler file servers intended for temporary local development, Caddy fully supports Range requests, Etags, and a full production feature set.
Directory file browser
If a directory without an index file is requested, Caddy can show an elegant file browser with breadcrumb nav, file size visualizations, filetype icons, and a grid view.
Flexible configuration for all workflows
Configure your server your way. Caddy's native configuration format is JSON, but with Caddy's config adapters, you can use any config format you prefer. All configuration is posted through a RESTful admin API, and Caddy's CLI helps you work with config files easily.
Config adapters
Use whatever config format you like, such as NGINX config, YAML, TOML, CUE, HCL, Dhall, or even a MySQL database!
Human-friendly Caddyfile
The Caddyfile is most people's preferred format for hand-written configurations because it is simple to read and write.
Admin API
Caddy's config is managed through an administration API that is programmable and makes dynamic changes a breeze.
Unparalleled extensibility
Caddy is the only server in the world with such a novel modular architecture. At its core, Caddy is a configuration manager that runs apps like an HTTP server, internal certificate authority, TLS certificate manager, process supervisor, and more.
And because of its unique design, all these features are freely available without bloating the software: only compile in what you need.
Dynamically provision certificates
With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains.
Dynamically provision certificates
With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains.
Dynamically provision certificates
With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains.
The gold standard web server
Caddy keeps your sites up when other servers let you down.
Dynamically provision certificates
With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains.
Dynamically provision certificates
With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains.
Dynamically provision certificates
With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains.