WingNews logo WingNews
top | item 37479356

(no title)

Freaky | 2 years ago

Caddy also supports Unix sockets, which should be rather more difficult to smuggle requests to, and can be protected by file permissions:

    admin listen unix//var/run/caddy/admin.sock

discuss

order

rekoil|2 years ago

This (if they definitely must leave the functionality enabled by default) is what should be the default honestly. I still can't fathom why that isn't the case!

francislavoie|2 years ago

Caddy maintainer here: we're looking to move to unix socket by default for Linux distributions. See https://github.com/caddyserver/caddy/issues/5317, the plan is to set this env var in the default service config but I'm trying to be careful about backwards compatibility so I haven't pushed the change for our deb package yet. Will likely do it soon.

Freaky|2 years ago

I'll see about getting it made the default for the FreeBSD port at least.

oarmstrong|2 years ago

I would imagine so the default behaviour could be identical across platforms.

robertlagrant|2 years ago

I imagine it's for Windows users. But yes, it could very sensibly be the default in Unix.