mirrors/caddy-website
1
0
Fork 0
mirror of https://github.com/caddyserver/website.git synced 2025-04-23 21:46:16 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions
caddy-website/new/index.html
Francis Lavoie 5e93103dce
Re-add cache busting 
Fix docs
2023-12-08 18:49:07 -05:00

824 lines
33 KiB
HTML
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html>
<head>
<title>Caddy - The Ultimate Server with Automatic HTTPS</title>
{{import "/includes/head.html"}}
{{template "head"}}
<link rel="stylesheet" href="/resources/css/vendor/asciinema-player-3.6.1.css{{template "cacheBust"}}">
<script src="/resources/js/vendor/asciinema-player-3.6.1.min.js{{template "cacheBust"}}"></script>
<script src="/resources/js/home.js{{template "cacheBust"}}"></script>
<link rel="stylesheet" href="/resources/css/marketing.css{{template "cacheBust"}}">
<link rel="stylesheet" href="/resources/css/home.css{{template "cacheBust"}}">
<!-- <meta property="og:title" content="Caddy 2 - The Ultimate Server with Automatic HTTPS">
<meta name="twitter:title" value="Caddy 2 - The Ultimate Server with Automatic HTTPS"> -->
</head>
<body>
<div class="hero">
{{include "/includes/header.html" "dark-header"}}
<div class="wrapper">
<div class="hero-content">
<div class="asides">
<div>
<h1>
<div class="color-dodge">
<div class="the">The</div>
Ultimate Server
</div>
<div class="subheading">
makes your sites more <b>secure</b>, more <b>reliable</b>, and more <b>scalable</b> than any other solution.
</div>
</h1>
<div class="action-buttons">
<a href="/download" class="button primary">Download</a>
<a href="/docs/" class="button cool">Docs<sh></sh></a>
<iframe src="https://ghbtns.com/github-btn.html?user=caddyserver&amp;repo=caddy&amp;type=star&amp;count=true&amp;size=large" frameborder="0" scrolling="0" width="160px" height="30px" class="github-stars" style="margin: 0 auto; align-self: center;"></iframe>
</div>
</div>
<div>
<div class="display right">
<div class="caption">
<div id="video-demo"></div>
Play screencast to see Caddy serve HTTPS in &lt; 1 minute.
</div>
</div>
</div>
</div>
<div class="sponsors-leaders">
<!-- <h3>Trusted, used, and sponsored by <b>leaders</b></h3> -->
<h3>Sponsored by <b>leaders</b></h3>
<!--
Images are not in any particular order except the top row is featured (higher-tier) sponsors.
Images are individually adjusted to appear roughly equally sized and weighted along their row.
-->
<div class="sponsor-logos">
<a href="https://zerossl.com" target="_blank">
<img src="/resources/images/sponsors/zerossl.svg" alt="ZeroSSL" title="ZeroSSL" height="45">
</a>
<a href="https://stripe.com" target="_blank">
<img src="/resources/images/sponsors/stripe.svg" alt="Stripe" title="Stripe" class="featured" height="45">
</a>
</div>
<div class="sponsors-divider"></div>
<div class="sponsor-logos">
<a href="https://opensource.mercedes-benz.com/" target="_blank">
<img src="/resources/images/sponsors/mercedes-benz.svg" alt="Mercedes-Benz" title="Mercedes-Benz" height="38">
</a>
<a href="https://tailscale.com" target="_blank">
<img src="/resources/images/sponsors/tailscale.svg" alt="Tailscale" title="Tailscale" height="22">
</a>
<a href="https://les-tilleuls.coop/" target="_blank">
<img src="/resources/images/sponsors/les-tilleuls.svg" alt="Les-Tilleuls" title="Les-Tilleuls" height="25">
</a>
<a href="https://framer.com" target="_blank">
<img src="/resources/images/sponsors/framer.svg" alt="Framer" title="Framer" height="32">
</a>
<a href="https://sourcegraph.com/" target="_blank">
<img src="/resources/images/sponsors/sourcegraph.svg" alt="Sourcegraph" title="Sourcegraph" height="30">
</a>
<a href="https://fusionauth.com" target="_blank">
<img src="/resources/images/sponsors/fusionauth.svg" alt="FusionAuth" title="FusionAuth" height="35">
</a>
<a href="https://www.aryeo.com" target="_blank">
<img src="/resources/images/sponsors/aryeo.svg" alt="Aryeo" title="Aryeo" height="26">
</a>
<a href="https://checklyhq.com" target="_blank">
<img src="/resources/images/sponsors/checkly.svg" alt="Checkly" title="Checkly" height="24" style="position: relative; top: 3px;">
</a>
<a href="https://appcove.com/" target="_blank">
<img src="/resources/images/sponsors/appcove.png" alt="AppCove" title="AppCove" height="24">
</a>
<a href="https://www.transistor.fm" target="_blank">
<img src="/resources/images/sponsors/transistorfm.svg" alt="Transistor" title="Transistor" height="32">
</a>
<a href="https://photostructure.com/" target="_blank">
<img src="/resources/images/sponsors/photostructure.svg" alt="PhotoStructure" title="PhotoStructure" height="30">
</a>
<a href="https://gitea.com/" target="_blank">
<img src="/resources/images/sponsors/gitea.svg" alt="Gitea" title="Gitea" height="25">
</a>
<a href="https://aniftyco.com/" target="_blank">
<img src="/resources/images/sponsors/niftyco.svg" alt="Niftyco" title="Niftyco" height="25">
</a>
<a href="https://iqm.com/" target="_blank">
<img src="/resources/images/sponsors/iqm.svg" alt="IQM" title="IQM" height="24">
</a>
<a href="https://approximated.app/" target="_blank">
<img src="/resources/images/sponsors/approximated.svg" alt="Approximated" title="Approximated" height="20">
</a>
<a href="/sponsor" class="button purple">
<svg xmlns="http://www.w3.org/2000/svg" class="icon icon-tabler icon-tabler-new-section" width="24" height="24" viewBox="0 0 24 24" stroke-width="2" stroke="currentColor" fill="none" stroke-linecap="round" stroke-linejoin="round">
<path stroke="none" d="M0 0h24v24H0z" fill="none"></path>
<path d="M9 12l6 0"></path>
<path d="M12 9l0 6"></path>
<path d="M4 6v-1a1 1 0 0 1 1 -1h1m5 0h2m5 0h1a1 1 0 0 1 1 1v1m0 5v2m0 5v1a1 1 0 0 1 -1 1h-1m-5 0h-2m-5 0h-1a1 1 0 0 1 -1 -1v-1m0 -5v-2m0 -5"></path>
</svg>
Join the ranks
</a>
</div>
<!-- <a href="#">Why a sponsorship</a> -->
<!-- <a href="/sponsor" class="button purple">Sponsorship info</a> -->
</div>
</div>
</div>
</div>
<main>
<div class="wavy-top">
<div class="bgtext">
Every<br>
<span class="site-on">site on</span><br>
HTTPS
</div>
<h2>
<b>By default, </b>Caddy <b>automatically obtains</b> and <b>renews</b> TLS certificates for <b>all your sites.</b>
</h2>
<div class="wrapper feature cols">
<div class="col">
<h3 class="purple">HTTPS/TLS for custom domains</h3>
<p>
The secret sauce of almost every white-label SaaS is Caddy's original On-Demand TLS feature. Grow your SaaS business by orders of magnitude with ease!
</p>
</div>
<div class="col">
<h3 class="green">Dynamically provision certificates</h3>
<p>
With On-Demand TLS, only Caddy obtains, renews, and maintains certificates on-the-fly during TLS handshakes. Perfect for customer-owned domains.
</p>
</div>
<div class="col">
<h3 class="blue">Massively scale your TLS</h3>
<p>
Other web servers and scripted certificate tools fall over with hundreds of thousands of sites or thousands of instances. Caddy is designed to manage certificates reliably at this scale.
</p>
</div>
</div>
<div class="sponsorship-primer">
<h3>sponsored by <b>users like you</b></h3>
<p>
Caddy is free software and relies on sponsorships to survive. Not just donations: sponsorships ensure ongoing development and provide your business with tangible benefits.
</p>
<a href="/sponsor" class="button purple">See sponsorships</a>
</div>
</div>
<section class="light">
<div class="section-upset">
<div class="wrapper">
<h2>The <b>most advanced</b> HTTPS server <b>in the world</b></h2>
</div>
</div>
<div class="wrapper">
<div class="feature cols">
<div class="col">
<h3 class="green">All you need for TLS and PKI 🔐</h3>
<p>
Caddy securely serves all sites with TLS by default. It can also manage your internal PKI for you across a fleet of servers and clients.
</p>
</div>
<div class="col">
<h3 class="purple">On-line config API ⚡️</h3>
<p>
Caddy's native configuration is a JSON document that you can export and manipulate with a RESTful config API.
</p>
</div>
<div class="col">
<h3 class="blue">PCI, HIPAA, and NIST compliant ✅</h3>
<p>
Caddy's TLS defaults are secure and pass PCI, HIPAA, and NIST compliance requirements. Yes, defaults: no hassle required.
</p>
</div>
<div class="col">
<h3 class="purple">HTTPS for localhost 🏠</h3>
<p>
We mean it when we say Caddy serves every site on HTTPS. Even localhost and internal IPs are served with TLS using the intermediate of a fully-automated, self-managed CA that is automatically installed into most local trust stores.
</p>
</div>
<div class="col">
<h3 class="blue">Cluster coordination 🌐</h3>
<p>
Simply configure multiple Caddy instances with the same storage, and they will automatically coordinate certificate management as a fleet and share resources such as keys and OCSP staples!
</p>
</div>
<div class="col">
<h3 class="green">Fewer moving parts ⚙️</h3>
<p>
Simplify your infrastructure! Caddy saves money, increases developer productivity, and reduces problems in production.
</p>
</div>
</div>
<div class="demobox">
<h2>Experience it</h2>
<p>
<b>Discover Caddy's automagic HTTPS features.</b>
</p>
<p>
Point any subdomain named <b><code>caddydemo</code></b> to:
</p>
<p class="demo-ips">
<code>
<span class="record-type">A</span>
<span class="demo-ip">1.2.3.4</span>
</code>
<code>
<span class="record-type">AAAA</span>
<span class="demo-ip">::f00</span>
</code>
</p>
<p>
Then <b>visit it</b> in your browser.
</p>
<p>
You'll notice how Caddy <b>provisions a certificate</b> for your domain <b>automatically.</b>
</p>
<div class="demo-help">
<p>
<b>Not working?</b> Make sure to use a subdomain of a registered domain, not a "sub-subdomain."
Verify you have created the public DNS records shown above with the correct values.
You may have to allow time for propagation. Consult your DNS provider's documentation or support for more information.
</p>
<p>
<b>Example subdomains that could work:</b> <code>caddydemo.example.net</code>, <code>caddydemo.example.co.uk</code>
</p>
<p>
Caddy is capable of serving TLS for any domains and IPs. This demo is intentionally restricted.
</p>
</div>
</div>
</div>
</section>
<section class="diagonal up light gray feature">
<div class="wrapper">
<h2>Deploy your own PKI with Caddy</h2>
<p>
Not only is Caddy the industry leader in certificate automation, it also sports a fully-featured PKI suite for your own fully-automated internal PKI and private CAs.
</p>
<!-- <p>
Caddy will serve your localhost and internal sites over HTTPS using its own CA. And you can create your own CA to issue certs across your infrastructure. It has a built-in ACME server, powered by Smallstep, to automate your private PKI reliably at scale.
</p> -->
<p>
Powered by open source <a href="https://smallstep.com/certificates/">Smallstep libraries</a>, Caddy becomes a self-managing certificate authority.
</p>
<div class="asides">
<div>
<div class="display left">
<code class="light">localhost {
respond "Hello from HTTPS!"
}
192.168.1.10 {
respond "Also HTTPS!"
}
http://localhost {
respond "Plain HTTP"
}</code>
</div>
</div>
<div>
<h3 class="purple">Internal and localhost certificates</h3>
<p>
If you configure sites with local or internal addresses, Caddy will serve them over HTTPS using a locally-trusted certificate authority with short-lived, auto-renewing certificates. It even offers to install your unique root into your local trust stores for you.
</p>
<a href="https://smallstep.com" title="Powered by Smallstep"><img src="/resources/images/sponsors/smallstep.svg" alt="Smallstep" class="smallstep"></a>
</div>
</div>
<div class="asides">
<div>
<h3 class="blue">Make and use your own CAs</h3>
<p>
Caddy lets you define as many CAs as you need. Root and intermediate keys are generated automatically, and intermediates are renewed before they expire.
</p>
<p>
Deploy an instance to act as an ACME server. Then other Caddy instances can use it for their certificates.
</p>
</div>
<div>
<div class="display right">
<code class="light">{
pki {
ca corporate {
name "Our Corporation Authority"
}
}
}
internal.example.com {
<span class="comment"># ACME endpoint: /acme/corporate/directory</span>
acme_server {
ca corporate
}
}</code></div>
<!-- <div class="display right">
<code class="light">{
pki {
ca our_own {
name "Our Own Authority"
}
}
}
internal.example.com {
tls {
issuer internal {
ca our_own
}
}
}</code></div> -->
</div>
</div>
<div class="asides">
<div>
<div class="display left">
<code class="light">{
"apps": {
"tls": {
"certificates": {
"automate": [
"example.com",
"sub.example.com",
"example.net"
]
}
}
}
}</code></div>
</div>
<div>
<h3 class="green">Keep certificates renewed</h3>
<p>
Caddy is more than just a web server. For example, this config is all it takes to obtain and renew certificates for a set of domain names.
</p>
<p>
Additional config can be written to wire up certificate maintenance events, which can then be used to integrate with external scripts and tooling.
</p>
<!-- <p>
Caddy 2 is a <a href="/docs/extending-caddy">highly extensible</a>, self-hosted platform on which you can build, configure, and deploy long-running services ("apps").
</p>
<p>
Caddy ships with apps for an <a href="/docs/modules/http">HTTPS server</a> (static files, reverse proxying, load balancing, etc.), <a href="/docs/modules/tls">TLS certificate manager</a>, and <a href="/docs/modules/pki">fully-managed internal PKI</a>. Caddy apps collaborate to make complex infrastructure just work with fewer moving parts.
</p>
<p>
<b>For example, the config shown here keeps your TLS certificates renewed for other programs to use;</b> no external tools or HTTP daemon required!
</p>
<p>
Providing a unified configuration, on-line <a href="/docs/api">config API</a>, and <a href="/docs/json/">automatic documentation</a> for all apps, Caddy is nearly infinitely extensible. Thanks to its unique <a href="/docs/architecture">modular architecture</a>, we can offer unlimited features without bloating the code base.
</p> -->
</div>
</div>
</div>
</section>
<section class="diagonal down dark feature">
<div class="wrapper">
<h2>A forward-thinking reverse proxy</h2>
<p>
Caddy's proxy was designed to be as forward-compatible as possible and has major batteries included: load balancing, active and passive health checks, dynamic upstreams, retries, pluggable transports, and of course, best-in-class TLS security.
</p>
<div class="asides asides-40-60">
<div class="spacing">
<div class="rollover" data-rollover="rollover-php">
<h3 class="green">Proxy HTTP, FastCGI, WebSockets, and more</h3>
<p>
Capable of proxying HTTP and HTTPS, but also WebSockets, gRPC, FastCGI (usually PHP), and more! The underlying transport module is extensible for any custom way to generate an HTTP response.
</p>
</div>
<div class="rollover" data-rollover="rollover-dynamic-backends">
<h3 class="purple">Dynamic backends</h3>
<p>
Provide Caddy with a static list of backends or enable a module to retrieve backends dynamically during each request: ideal for rapidly changing environments. Caddy flows with your infrastructure!
</p>
</div>
<div class="rollover" data-rollover="rollover-ha">
<h3 class="blue">High availability</h3>
<p>
Caddy comes with a whole suite of high availability (HA) features: advanced health checking, graceful (hitless) config changes, circuit breaking, load limiting, on-line retries, and more. The best part? It's all free. No enterprise-level paywalls.
</p>
</div>
</div>
<div>
<div class="display right">
<code class="dark">example.com
<span class="comment"># Serve PHP sites</span>
handle /blog/* {
root * /var/www/wordpress
<span class="rollover-php rollover-green">php_fastcgi localhost:9000</span>
file_server
}
<span class="comment"># Proxy an autoscaling API with dynamic backends</span>
<span class="rollover-dynamic-backends rollover-purple">reverse_proxy /api/* {
dynamic srv _api._tcp.example.com
}</span>
<span class="comment"># Proxy a compute-heavy distributed service
# with load balancing and health checks</span>
<span class="rollover-ha rollover-blue">reverse_proxy /service/* {
to 10.0.1.1:80 10.0.1.2:80 10.0.1.3:80
lb_policy least_conn
lb_try_duration 10s
fail_duration 5s
}</span>
<span class="comment"># Proxy everything else to an HTTPS upstream</span>
reverse_proxy https://service.example.com {
header_up Host {upstream_hostport}
}<div class="blinking"></div></code>
</div>
</div>
</div>
<div class="cols">
<div class="col">
<div class="sponsorship-primer">
<h3>software <b>assurance</b></h3>
<p>
Without sponsorships, Caddy could stop being developed at any time.
With sponsorships, you gain peace of mind knowing that the project will continue to be developed, along with tangible benefits like private support and training.
</p>
<a href="/sponsor" class="button purple">See sponsorships</a>
</div>
</div>
<div class="col">
<div class="sponsor-experience stripe">
<img src="/resources/images/sponsors/stripe.svg" class="experience-logo">
<div class="experience-content">
<div class="experience-quote">
"With its extensible architecture and on-line config API, Caddy powers many of Stripe's internal systems."
</div>
<div class="experience-credit">
<img src="https://preview.tabler.io/static/avatars/002m.jpg" class="experience-picture">
<cite>
<b>Sean Lin</b>
Example product manager
</cite>
</div>
</div>
</div>
</div>
</div>
<h2>Production-grade static file server</h2>
<p>
Serving static files is a tried-and-true method of delivering sites to numerous clients efficiently. Caddy has a robust file server that can be combined with other middleware features for the ultimate effortless website.
</p>
<div class="asides asides-40-60">
<div class="spacing">
<div class="rollover" data-rollover="rollover-compress">
<h3 class="blue">Compression</h3>
<p>
Caddy can compress files on-the-fly or serve precompressed files for extra performance. Caddy is also the first web server to support Zstandard encoding.
</p>
</div>
<div class="rollover" data-rollover="rollover-vfs">
<h3 class="green">Virtual file systems</h3>
<p>
Serve your static site from anything: the local file system, remote cloud storage, a database, or even embedded in the server binary!
</p>
</div>
<div class="rollover" data-rollover="rollover-range">
<h3 class="yellow">Range requests, Etags, and more</h3>
<p>
Unlike many ad-hoc file servers intended for temporary local development, Caddy fully supports Range requests, Etags, and a full production feature set.
</p>
</div>
<div class="rollover" data-rollover="rollover-browse">
<h3 class="purple">Directory file browser</h3>
<p>
If a directory without an index file is requested, Caddy can show an elegant file browser with breadcrumb nav, file size visualizations, filetype icons, and a grid view.
</p>
</div>
</div>
<div>
<div class="display right">
<code class="light">example.com
root * /var/www
<span class="comment"># Serve precompressed files if present</span>
<span class="rollover-compress rollover-blue">file_server /downloads/* {
precompressed gzip zstd br
}</span>
<span class="comment"># Compress everything else that would benefit</span>
<span class="rollover-compress rollover-blue">encode zstd gzip</span>
<span class="comment"># Get files from a database</span>
<span class="rollover-vfs rollover-green">file_server /database/* {
fs sqlite data.sql
}</span>
<span class="comment"># Get files from within the Caddy binary</span>
<span class="rollover-vfs rollover-green">file_server /embedded/* {
fs embedded
}</span>
<span class="comment rollover-range rollover-yellow"># (Range/Etag/etc. all work without extra config)</span>
<span class="comment"># Serve static site with directory listings as needed</span>
<span class="rollover-browse rollover-purple">file_server browse</span></code>
</div>
</div>
</div>
<div class="cols rollover" data-rollover="rollover-browse">
<div class="col">
<img src="/resources/images/file-browser/browse-themes.png" class="gallery">
</div>
<div class="col">
<img src="/resources/images/file-browser/browse-gallery-light.png" class="gallery">
</div>
</div>
</div>
</section>
<section class="light feature">
<div class="wrapper">
<h2>Flexible configuration compatible with any workflow</h2>
<p>
Configure your server your way. Caddy's native configuration format is JSON, and with Caddy's config adapters, you can use any config format you prefer. All configuration is posted through a RESTful admin API, and Caddy's CLI helps you work with config files easily.
</p>
<div class="asides">
<div>
<div class="display left">
<code class="dark">$ caddy start --config caddy.json
$ curl localhost:2019/id/my_handler \
-X PATCH \
-H "Content-Type: application/json" \
-d '{
"handler": "static_response",
"body": "Work smarter, not harder."
}'
$ curl localhost:2019/config/ | jq<div class="blinking"></div></code>
</div>
</div>
<div>
<h3>JSON config API</h3>
<p>
Caddy's native config format is JSON, giving you incredible power and flexibility for automated, large-scale deployments.
<p>
Make dynamic config changes through an <a href="/docs/api">intuitive, programmable REST API</a> that offers ACID guarantees. It is also <b>safely scoped</b>, meaning that the URI path restricts changes, making it impossible to accidentally alter other parts of your config.
</p>
<!-- <ul>
<li><b>Atomic:</b> Multiple changes in a single request are treated as a single unit; any failed change aborts all the other changes.</li>
<li><b>Consistent:</b> No invalid configurations can be loaded; your server will never break if a problem is detected at config load.</li>
<li><b>Isolated:</b> No config changes rely on another. (It helps that HTTP is a stateless protocol!)</li>
<li><b>Durable:</b> Caddy automatically persists the current, valid configuration to disk and can safely resume it after a power cycle if the <code>--resume</code> flag is used.</li>
</ul> -->
<!-- <a href="/docs/api-tutorial" class="cyan button">API <b>tutorial</b></a>
&nbsp;
<a href="/docs/api" class="gray button">API <b>reference</b></a> -->
</div>
</div>
<div class="asides">
<div>
<h3>Caddyfile</h3>
<p>
Although JSON offers ultimate control, most people prefer to use a <a href="/docs/caddyfile">Caddyfile</a> because it lets you get a production-ready site up and running in just a few hand-written lines. It's not uncommon for Caddyfiles to be just <a href="https://twitter.com/yakczar/status/713712646147743744">~15% the size of a less-capable nginx config</a>.
</p>
</div>
<div>
<div class="display right">
<code class="light">caddyserver.com
root * src
file_server
templates
encode zstd gzip
redir /docs/json /docs/json/
rewrite /docs/json/* /docs/json/index.html
rewrite /docs/* /docs/index.html
reverse_proxy /api/* localhost:9002</code>
<div class="caption">Actual config used by this site.</div>
</div>
</div>
</div>
<div class="asides">
<div>
<div class="display left">
<code class="dark">$ caddy run \
--config nginx.conf \
--adapter nginx<div class="blinking"></div></code>
</div>
</div>
<div>
<h3>Config adapters</h3>
<p>
Power Caddy with anything, even NGINX config files!
</p>
<p>
With first-class support for <a href="/docs/config-adapters">config adaptation</a>, you can configure your web server with your favorite format: YAML, TOML, CUE, NGINX, HCL, Dhall, JSON with comments, or even a MySQL database... or anything else. The Caddyfile is a built-in config adapter.
</p>
<!-- <p>
Fewer moving parts means fewer failures, lower costs, and less sunk time.
</p> -->
<!-- <a href="/docs/config-adapters" class="gray button">Config adapters</a> -->
</div>
</div>
<!-- <div class="cols">
<div class="col">
<h3 class="green">Config adapters</h3>
<p>
Use whatever config format you like, such as NGINX config, YAML, TOML, CUE, HCL, Dhall, or even a MySQL database!
</p>
</div>
<div class="col">
<h3 class="purple">Human-friendly Caddyfile</h3>
<p>
The Caddyfile is most people's preferred format for hand-written configurations because it is simple to read and write.
</p>
</div>
<div class="col">
<h3 class="blue">Admin API</h3>
<p>
Caddy's config is managed through an administration API that is programmable and makes dynamic changes a breeze.
</p>
</div>
</div> -->
<div class="testimonials-container">
<div class="testimonials">
<div class="testimonial-col"></div>
<div class="testimonial-col"></div>
<div class="testimonial-col"></div>
</div>
</div>
</div>
</section>
<section class="diagonal up light gray feature">
<div class="wrapper">
<h2>Unparalleled extensibility</h2>
<p>
Caddy is the only server in the world with its novel, modular architecture. At its core, Caddy is a configuration manager that runs apps like an HTTP server, internal certificate authority, TLS certificate manager, process supervisor, and more.
</p>
<p>
And because of its unique design, we can offer unlimited features without bloating the code base. Only compile in what you need.
</p>
<div class="cols">
<div class="col">
<h3 class="green">Unlimited power</h3>
<p>
Nearly every part of the config that "does something" is pluggable. Caddy offers so much in such a lean package.
</p>
</div>
<div class="col">
<h3 class="purple">Native CPU performance</h3>
<p>
No RPC calls or flimsy dependency management. Plugins are compiled into the static binary, making successful deployments certain and runtimes blazing fast.
</p>
</div>
<div class="col">
<h3 class="blue">Easy to develop</h3>
<p>
Writing Caddy plugins is as easy as writing a Go package. It's a comfortable and familiar process for any Go programmer.
</p>
</div>
</div>
</div>
</section>
<section class="light feature">
<div class="wrapper">
<h2>The <span class="gold">gold standard</span> web server</h2>
<p>
Caddy has the most robust TLS stack on the market. With stronger memory safety guarantees than OpenSSL (Apache &amp; NGINX) and more advanced certificate automation logic than any other server or utility, Caddy keeps your sites online through problems when other servers... won't.
</p>
<p>
Caddy was the first server to fully automate public certificate management&mdash;so we've been doing this longer than anyone. With more than 50 million certificates under management, Caddy has set the gold standard for other servers to live up to.
</p>
<div class="cols">
<div class="col">
<h3 class="green">OCSP stapling saves the day</h3>
<p>
Caddy automatically staples OCSP responses and caches them to weather outages. In 2018, many popular sites went down for users of mainstream browsers because crucial OCSP infrastructure had an extended outage. Only Caddy staples and caches OCSP responses by default, so all Caddy sites were unaffected.
</p>
</div>
<div class="col">
<h3 class="purple">On guard against revocation</h3>
<p>
In 2020, a mass certificate revocation event left many sysadmins scrambling to renew their certificates ahead of schedule. Caddy automatically renews certificates that get revoked, and all Caddy sites were unaffected. (This was before ARI existed.)
</p>
</div>
<div class="col">
<h3 class="blue">Stands tall during audits</h3>
<p>
Companies have deployed Caddy in front of their site just hours before important audits&mdash;potentially saving their compliance status&mdash;because of Caddy's safe defaults and "batteries included" approach.
</p>
</div>
</div>
</div>
</section>
<section class="light gray feature">
<div class="wrapper">
<h2>Recommended by experts</h2>
<p>
Academic and industry experts recommend Caddy, which has been cited in peer-reviewed journals for its security defaults, best practices, and its uniquely advanced feature set.
</p>
<div class="cols">
<div class="col">
<a href="https://doi.org/10.1145/3319535.3363192"><img src="/resources/images/cites/aas.png" class="cite"></a>
<p>
"Servers running Caddy exhibit nearly ubiquitous HTTPS deployment and use modern TLS configurations. ... We hope to see other popular server software follow Caddy's lead."
</p>
<p class="cite">
&mdash;<b>Josh Aas, Richard Barnes, Benton Case, Zakir Durumeric, Peter Eckersley, Alan Flores-López, J. Alex Halderman, Jacob Hoffman-Andrews, James Kasten, Eric Rescorla, Seth Schoen, and Brad Warren.</b> 2019. <i>Let's Encrypt: An Automated Certificate Authority to Encrypt the Entire Web.</i> In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security (CCS '19). Association for Computing Machinery, New York, NY, USA, 24732487. <a href="https://doi.org/10.1145/3319535.3363192">https://doi.org/10.1145/3319535.3363192</a>
</p>
</div>
<div class="col">
<a href="https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/krombholz"><img src="/resources/images/cites/krombholz.png" class="cite"></a>
<p>
"TLS must be enabled by default ... and the Caddy web server is a good and usable example."
</p>
<p class="cite">
&mdash;<b>Katharina Krombholz, Wilfried Mayer, Martin Schmiedecker, and Edgar Weippl.</b> 2017. <i>"I Have No Idea What I'm Doing" - On the Usability of Deploying HTTPS.</i> In 26th USENIX Security Symposium (USENIX Security 17), USENIX Association, Vancouver, BC, 1339-1356. Retrieved from <a href="https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/krombholz">https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/krombholz</a>
</p>
</div>
<div class="col">
<a href="https://doi.org/10.1145/2987443.2987480"><img src="/resources/images/cites/springall.png" class="cite"></a>
<p>
"No popular server software does [session ticket key rotation], with the exception of Caddy."
</p>
<p class="cite">
&mdash;<b>Drew Springall, Zakir Durumeric, and J. Alex Halderman.</b> 2016. <i>Measuring the Security Harm of TLS Crypto Shortcuts.</i> In Proceedings of the 2016 Internet Measurement Conference (IMC '16), Association for Computing Machinery, Santa Monica, California, USA, 33-47. <a href="https://doi.org/10.1145/2987443.2987480">https://doi.org/10.1145/2987443.2987480</a>
</p>
</div>
</div>
</div>
</section>
</main>
{{include "/includes/footer.html"}}
<template id="tpl-testimonial">
<div class="testimonial">
<img class="testimonial-picture">
<div class="testimonial-content">
<div class="testimonial-quote">
</div>
<div class="testimonial-name">
</div>
<div class="testimonial-role">
</div>
</div>
</div>
</template>
<script>
AsciinemaPlayer.create('/resources/321140.cast', $('#video-demo'), {
preload: true,
autoPlay: true,
controls: true
});
</script>
</body>
</html>
Reference in a new issue View git blame Copy permalink