Installing Caddy on Windows
Overview
Caddy is a powerful, enterprise-ready web server with automatic HTTPS that makes serving your sites easy. This comprehensive guide covers installation and configuration on Windows systems with proper security configurations, service management, and Cloudflare integration.
What is Caddy?
Caddy is a modern web server that provides:
- Automatic HTTPS: SSL certificates managed automatically
- Reverse Proxy: Route traffic to backend applications
- Static File Serving: Serve websites and files efficiently
- Plugin System: Extend functionality with plugins
- Easy Configuration: Simple, readable configuration files
Key Features
- Zero-Config HTTPS: Automatic SSL certificate provisioning and renewal
- HTTP/2 and HTTP/3: Modern protocol support out of the box
- Reverse Proxy: Load balancing and backend routing
- Static Site Hosting: Perfect for modern web applications
- Plugin Ecosystem: DNS providers, authentication, and more
Prerequisites
Before beginning the installation, ensure your system meets the following requirements:
System Requirements
- Operating System: Windows 10/11 or Windows Server 2019/2022
- Architecture: x86_64 (64-bit)
- RAM: Minimum 512MB (1GB+ recommended)
- Disk Space: At least 100MB free space
- Network: Internet connection for downloading and certificates
Required Permissions
- Administrator access for installation and service setup
- Port access: Ability to bind to ports 80 and 443
- Firewall configuration permissions
Installation
Step 1: Download Caddy
-
Visit the Caddy Download Page: Caddy Download Builder
-
Select Required Plugins (if needed):
- For Cloudflare:
github.com/caddy-dns/cloudflare - For DuckDNS:
github.com/caddy-dns/duckdns
- For Cloudflare:
-
Download for Windows:
- Select Windows as the operating system
- Select amd64 architecture
- Download the binary
Step 2: Install Caddy
-
Create Tools Directory: Create directory structure
New-Item -ItemType Directory -Path "C:\Tools\Caddy" -Force -
Extract and Install: Move downloaded caddy.exe to Tools directory
Move-Item "Downloads\caddy.exe" "C:\Tools\Caddy\caddy.exe"Add to system PATH
[Environment]::SetEnvironmentVariable("PATH", $env:PATH, [EnvironmentVariableTarget]::Machine) -
Verify Installation: Check Caddy version
caddy version
Configuration
Step 3: Basic Configuration
-
Create Caddyfile: Navigate to Caddy directory
cd C:\Tools\CaddyCreate basic Caddyfile
New-Item -ItemType File -Path "Caddyfile" -
Basic Caddyfile Example:
# Replace with your domain
app.example.com {
reverse_proxy localhost:3000
}
Step 4: Running Caddy
Manual Execution
Navigate to Caddy directory
cd C:\Tools\Caddy
Run Caddy with configuration
./caddy run --config Caddyfile
Accept both permissions if Windows Firewall prompts appear upon first run.
Service Installation (Recommended)
For production use, install Caddy as a Windows service:
Install as Windows service
caddy run --config C:\Tools\Caddy\Caddyfile --service install
Start the service
caddy start --service
Check service status
caddy status --service
Cloudflare Integration
If you're using Cloudflare for DNS management:
Step 5: Setting up A Name Record
-
Download Cloudflare DDNS: CloudFlare DDNS
-
Extract to directory:
C:\Tools\CloudflareDDNS -
Open Cloudflare Dashboard: https://dash.cloudflare.com/
-
Click DNS on the sidebar:
- Click Add a Record:
- Get your external IP from https://ipchicken.com/:
- Click Save
Step 6: Getting an API Key
- Go to Overview in the right-hand menu:
- Scroll down and click "Get API Token":
- Click Create a Token:
- Select Custom Token:
- Configure Token Permissions:
- Copy your token:
Step 7: Running Cloudflare DDNS
-
Navigate to directory:
cd C:\Tools\CloudflareDDNS -
Run DDNS updater:
./cloudflare-ddns --token your-cloudflare-api-key --domain home.yourdomain.com -
Expected output:
time="2023-01-28T17:54:39-06:00" level=info msg="updated record" content=123.123.123.123 name=home.yourdomain.com
Step 8: Auto-startup CloudflareDDNS
- Open Run dialog:
-
Type
shell:startupand press Enter -
Create batch file:
-
Add content to CloudFlareDDNS.bat:
C:\Tools\CloudFlareDDNS\cloudflare-ddns --token your-cloudflare-api-token --domain home.yourdomain.com
pause -
Save and run
Service Management
Windows Service Commands
Start Caddy service
net start caddy
Stop Caddy service
net stop caddy
Restart Caddy service
net stop caddy && net start caddy
Check service status
sc query caddy
Configuration Management
Test configuration before applying
caddy validate --config C:\Tools\Caddy\Caddyfile
Format Caddyfile
caddy fmt --overwrite C:\Tools\Caddy\Caddyfile
Reload configuration
caddy reload --config C:\Tools\Caddy\Caddyfile
View current configuration
caddy config --config C:\Tools\Caddy\Caddyfile
Troubleshooting
Common Issues
Issue 1: Service Won't Start
Check Windows Event Logs
Get-EventLog -LogName Application -Source Caddy -Newest 10
Check service status
sc query caddy
Common causes:
- Configuration syntax errors
- Permission issues
- Port conflicts
Solution: Validate configuration
caddy validate --config C:\Tools\Caddy\Caddyfile
Check file permissions
Get-Acl C:\Tools\Caddy\Caddyfile
Test manual execution
Move to Caddy.exe Folder Directory
cd C:\Tools\Caddy
Run Caddy command inside Caddy folder
./caddy run --config Caddyfile
Issue 2: Firewall Blocking
Check Windows Firewall rules
Get-NetFirewallRule -DisplayName "*Caddy*"
Add firewall rules if needed
New-NetFirewallRule -DisplayName "Caddy HTTP" -Direction Inbound -Protocol TCP -LocalPort 80 -Action Allow
New-NetFirewallRule -DisplayName "Caddy HTTPS" -Direction Inbound -Protocol TCP -LocalPort 443 -Action Allow
Issue 3: Certificate Issues
Check certificate status
caddy list-certificates
Clear certificate cache if needed
Remove-Item -Recurse -Force "$env:APPDATA\Caddy\certificates"
Security Best Practices
File Permissions
Secure Caddy directory
$acl = Get-Acl "C:\Tools\Caddy"
$acl.SetAccessRuleProtection($true, $false)
$accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("Administrators","FullControl","Allow")
$acl.SetAccessRule($accessRule)
Set-Acl "C:\Tools\Caddy" $acl
Firewall Configuration
Enable Windows Firewall
Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled True
Configure specific rules
New-NetFirewallRule -DisplayName "Caddy HTTP" -Direction Inbound -Protocol TCP -LocalPort 80 -Action Allow
New-NetFirewallRule -DisplayName "Caddy HTTPS" -Direction Inbound -Protocol TCP -LocalPort 443 -Action Allow
Next Steps
Advanced Configuration
- Explore advanced directives:
header,encode,rate_limit - Set up monitoring: Windows Performance Counters, health checks
- Configure logging: Custom log formats and Windows Event Log integration
- Implement security headers: HSTS, CSP, X-Frame-Options
Integration Examples
- IIS Integration: Run alongside IIS for specific applications
- Docker Desktop: Reverse proxy to Windows containers
- Load balancing: Distribute traffic across multiple Windows servers
- API gateway: Route and transform API requests
Resources
- Official Documentation: caddyserver.com/docs
- Community Forum: caddy.community
- Configuration Examples: Caddy Examples
Summary
You have successfully installed Caddy on Windows with:
✅ Professional installation with proper directory structure
✅ Windows service integration for automatic startup
✅ Automatic HTTPS capability with zero configuration
✅ Cloudflare integration for dynamic DNS management
✅ Security best practices - Proper permissions and firewall rules
✅ Production-ready configuration - Enterprise deployment ready
Your Caddy installation is now ready for production use with automatic HTTPS, robust security, and professional service management on Windows.
