Restricting Files & Paths in Caddy

I received an email today from an independent security researcher which detailed a vulnerability in I am using a pretty old version of the Ghost docker image which apparently serves a directory which is a Git repository (including a .git folder). The vulnerability exploited my permissive Caddy configuration to access the git HEAD. To reproduce, the researcher built a robot to hit websites at /.git/HEAD. Read all [Read More]

Caddy Won't Generate a Certificate/Doesn't Load

I have spent the last few months getting familiar with Caddy and Let's Encrypt. During implementations I have learned a couple gotchas which might be helpful when Caddy doesn't work. Domain Black List If you're hosted on Azure, Amazon or other popular cloud providers, you might be issued a subdomain for your virtual host (i.e. Let's Encrypt and Caddy may not issue a [Read More]

GOGS: How to set up an SSH key when using Docker

Connecting to Git via SSH improves development quality-of-life via username & password prompt liberation. The gist is to replace the standard username and password prompt in git with public-key-encryption. There are a number of security benefits to moving credentials to SSH in Git in addition to the QoL improvements. I don't plan to go into how to set up Gogs with Docker as it is fairly straightforward, but I can [Read More]

Piwik Analytics for Ghost using Docker and Caddy

If you want to see how many people are visiting your site you will need some kind of analytics. Piwik is great because it is open source and works well with Docker. Read on for documented steps to install Piwik with Docker and Caddy. Piwik depends on MySQL so I'm going to be installing that too. Swap Space This whole process would have been pretty straightforward if I had listened [Read More]

SSL reverse proxy with Caddy, Docker and Let's Encrypt

After building my Ghost Docker container I wanted to make sure that everything is served encrypted over the internet at the insistence & coercion of my peers. Setting up SSL using Caddy, Docker and Let's Encrypt is simple. Read on for steps on how to accomplish this configuration. Introducing Let's Encrypt Let's Encrypt is an organization dedicated to providing free, secure and trusted SSL certificates to anyone who can prove [Read More]