Software update: Caddy 2.4.1

Caddy is an open source http/2 web server available for Android, BSD, Linux, macOS, Solaris, and Windows. It turns on https by default and uses the integration with Let’s Encrypt if your own certificates are not available. The own feature stack is already quite complete, but can be further expanded via modules. For example, it is possible to enable experimental support for http / 3 via these modules. The development team released version 2.4.1 a few days ago with the following brief changes:

Version 2.4.1

A small patch release that contains a few noncritical but pleasant fixes (unless you’re using / id / endpoints in the admin API; then you should definitely get this update).

Changelog

• admin: Reinstate internal redirect for / id / requests
• caddyfile: Add parse error on site address with trailing {(# 4163)
• cmd: upgrade: inherit the permissions of the original executable (# 4160)
• httpcaddyfile: Fix automation policy consolidation again (fix # 4161)
• logging: Implement dial timeout for net writer (fix # 4083) (# 4172)
• reverseproxy: Set the headers in the replacer before handle_response (# 4165)

Version 2.4.0

Caddy v2.4.0 is our first stable release of 2021, ushering in over 110 patches including new features and bug fixes. Thank you to the many contributors who helped make this possible!

Highlights:

• Secure remote management. You can now enable secure remote access to Caddy’s admin API! It uses TLS mutual authentication, and you can even define permissions for different users. PR # 3994
• Config pull at start. Caddy can be configured to load a different config at startup. This is useful if your config is federated through a separate system that doesn’t have the ability to push configs to Caddy. This feature is modular, so configurations can be loaded different ways! PR # 3994
• Server identity management. Caddy can automatically manage its own server identity certificate, which can be used when negotiating TLS connections with peers. This is required when enabling the secure admin API. PR # 3994
• Self-upgrade command. The new caddy upgrade command will replace the current Caddy binary with an upgraded one from our website, with all the same modules installed, including third-party plugins that are registered on our site! (We can use this code to add/remove modules later, too.)
• Configure other apps from the HTTP Caddyfile. The global options block of the Caddyfile now allows configuration of Caddy apps other than HTTP (for example, dynamic_dns to keep DNS records pointed at your server with a dynamic IP address).
• Caddyfile fmt ribbon check. When running with a Caddyfile, Caddy will emit a warning if the Caddyfile is not formatted with caddy fmt.
• New abort directive. The abort directive is a special case of the static_response HTTP handler that prevents an HTTP response by aborting the handler chain immediately and forcefully closing the connection.
• New error directive. The error directive returns internal error values ​​in the HTTP handler chain, as if an HTTP error had occurred, causing your error routes to be invoked.
• Configure response interception from Caddyfile. The reverse_proxy is capable of intercepting responses from the backend, and now this is exposed in the Caddyfile with handle_response.
• Better caddy list modules output. Now modules are organized by standard and non-standard modules, so you can easily see if a Caddy build has been customized.
• Configure logging from Caddyfile. The process logs can now be configured from the global options of the Caddyfile.
• Better content negotiation. The file server can now be configured to serve precompressed sidecar files, and content encoding preferences are better configured and honored.
• Dark mode in directory listings. The file server’s “browse” file listings now has a dark mode.
• ⚠️ Removed the logfmt log encoder. It was broken anyways, and its deprecation has been warned in previous releases.
• ⚠️ Deprecated common_log format. It will be removed in a future release. Issue #4148
• ⚠️ Deprecated health_path in reverse_proxy directive. It has been replaced with health_uri and will be removed in the future.
• Numerous bug fixes and improvements. Thanks for the detailed, helpful bug reports! We appreciate your collaboration in making Caddy better.

New content for sponsors
I’ve started writing high-quality, in-depth chat press about how to get the most out of Caddy in my new Expert Caddy series, exclusively for sponsors! If you or your company are sponsoring, you can have access to this content, which I’ll continue adding to over time. If you aren’t sponsoring yet, please do so! Sponsorships fund my full-time development of Caddy, and that’s especially vital if your business relies on Caddy.