100% Free Forever
AI-Powered Learning
Industry Expert Content
Certificates & Badges
Learn At Your Own Pace
DevOps

Caddy Server

BeginnerTool12.9K learners

Caddy is an open-source web server and reverse proxy written in Go, notable for automatically obtaining and renewing HTTPS certificates by default.

Definition

Caddy is an open-source web server and reverse proxy written in Go, notable for automatically obtaining and renewing HTTPS certificates by default.

Overview

Caddy, created by Matt Holt, was designed around the idea that secure-by-default should be the norm rather than an extra configuration step. When Caddy serves a site with a real domain name, it automatically requests and renews TLS certificates from Let's Encrypt (or another configured certificate authority) with zero manual setup, in contrast to servers like Nginx or HAProxy where HTTPS traditionally requires separate certificate management tooling. Configuration is done through the Caddyfile, a simple, human-readable format, or through a JSON API for programmatic and dynamic configuration changes without restarting the server. Caddy also functions as a reverse proxy and load balancer, making it usable as an edge layer in front of application servers or containers, and it supports HTTP/2 and HTTP/3 out of the box. Because Caddy is a single static binary with sensible defaults, it is popular for small to mid-sized deployments, personal projects, and internal tools where teams want automatic HTTPS without operating a separate certificate-management pipeline, though larger organizations often still choose Nginx or HAProxy for very high-traffic or highly specialized routing needs. It is often mentioned alongside Reverse Proxy Hosting in this space.

Key Features

  • Automatic HTTPS with zero-configuration certificate issuance and renewal
  • Simple, human-readable Caddyfile configuration format
  • Native HTTP/2 and HTTP/3 support
  • Built-in reverse proxy and load-balancing capabilities
  • JSON-based admin API for dynamic, no-restart configuration changes
  • Single self-contained binary with minimal external dependencies

Use Cases

Serving static sites and small web applications with automatic HTTPS
Acting as a reverse proxy in front of application servers or Docker containers
Internal tools and homelab services that need TLS without manual certificate handling
Rapid local development environments that need HTTPS to mirror production
Lightweight load balancing for smaller-scale deployments

Frequently Asked Questions

From the Blog