Skip to main content

Installing Caddy on Windows

Overview

Caddy is a powerful, enterprise-ready web server with automatic HTTPS that makes serving your sites easy. This comprehensive guide covers installation and configuration on Windows systems with proper security configurations, service management, and Cloudflare integration.

What is Caddy?

Caddy is a modern web server that provides:

  • Automatic HTTPS: SSL certificates managed automatically
  • Reverse Proxy: Route traffic to backend applications
  • Static File Serving: Serve websites and files efficiently
  • Plugin System: Extend functionality with plugins
  • Easy Configuration: Simple, readable configuration files

Key Features

  • Zero-Config HTTPS: Automatic SSL certificate provisioning and renewal
  • HTTP/2 and HTTP/3: Modern protocol support out of the box
  • Reverse Proxy: Load balancing and backend routing
  • Static Site Hosting: Perfect for modern web applications
  • Plugin Ecosystem: DNS providers, authentication, and more

Prerequisites

Before beginning the installation, ensure your system meets the following requirements:

System Requirements

  • Operating System: Windows 10/11 or Windows Server 2019/2022
  • Architecture: x86_64 (64-bit)
  • RAM: Minimum 512MB (1GB+ recommended)
  • Disk Space: At least 100MB free space
  • Network: Internet connection for downloading and certificates

Required Permissions

  • Administrator access for installation and service setup
  • Port access: Ability to bind to ports 80 and 443
  • Firewall configuration permissions

Installation

Step 1: Download Caddy

  1. Visit the Caddy Download Page: Caddy Download Builder

  2. Select Required Plugins (if needed):

    • For Cloudflare: github.com/caddy-dns/cloudflare
    • For DuckDNS: github.com/caddy-dns/duckdns
  3. Download for Windows:

    • Select Windows as the operating system
    • Select amd64 architecture
    • Download the binary

Step 2: Install Caddy

  1. Create Tools Directory: Create directory structure

    New-Item -ItemType Directory -Path "C:\Tools\Caddy" -Force
  2. Extract and Install: Move downloaded caddy.exe to Tools directory

    Move-Item "Downloads\caddy.exe" "C:\Tools\Caddy\caddy.exe"

    Add to system PATH

    [Environment]::SetEnvironmentVariable("PATH", $env:PATH, [EnvironmentVariableTarget]::Machine)
  3. Verify Installation: Check Caddy version

    caddy version

Configuration

Step 3: Basic Configuration

  1. Create Caddyfile: Navigate to Caddy directory

    cd C:\Tools\Caddy

    Create basic Caddyfile

    New-Item -ItemType File -Path "Caddyfile"
  2. Basic Caddyfile Example:

    # Replace with your domain
    app.example.com {
    reverse_proxy localhost:3000
    }

Step 4: Running Caddy

Manual Execution

Navigate to Caddy directory

cd C:\Tools\Caddy

Run Caddy with configuration

./caddy run --config Caddyfile
caution

Accept both permissions if Windows Firewall prompts appear upon first run.

For production use, install Caddy as a Windows service:

Install as Windows service

caddy run --config C:\Tools\Caddy\Caddyfile --service install

Start the service

caddy start --service

Check service status

caddy status --service

Cloudflare Integration

If you're using Cloudflare for DNS management:

Step 5: Setting up A Name Record

  1. Download Cloudflare DDNS: CloudFlare DDNS

  2. Extract to directory: C:\Tools\CloudflareDDNS

  3. Open Cloudflare Dashboard: https://dash.cloudflare.com/

  4. Click DNS on the sidebar:

image

  1. Click Add a Record:

image

  1. Get your external IP from https://ipchicken.com/:

image

  1. Click Save

Step 6: Getting an API Key

  1. Go to Overview in the right-hand menu:

image

  1. Scroll down and click "Get API Token":

image

  1. Click Create a Token:

image

  1. Select Custom Token:

image

  1. Configure Token Permissions:

image

  1. Copy your token:

image

Step 7: Running Cloudflare DDNS

  1. Navigate to directory:

    cd C:\Tools\CloudflareDDNS
  2. Run DDNS updater:

    ./cloudflare-ddns --token your-cloudflare-api-key --domain home.yourdomain.com
  3. Expected output:

    time="2023-01-28T17:54:39-06:00" level=info msg="updated record" content=123.123.123.123 name=home.yourdomain.com

Step 8: Auto-startup CloudflareDDNS

  1. Open Run dialog:

image

  1. Type shell:startup and press Enter

  2. Create batch file:

image

  1. Add content to CloudFlareDDNS.bat:

    C:\Tools\CloudFlareDDNS\cloudflare-ddns --token your-cloudflare-api-token --domain home.yourdomain.com
    pause
  2. Save and run

Service Management

Windows Service Commands

Start Caddy service

net start caddy

Stop Caddy service

net stop caddy

Restart Caddy service

net stop caddy && net start caddy

Check service status

sc query caddy

Configuration Management

Test configuration before applying

caddy validate --config C:\Tools\Caddy\Caddyfile

Format Caddyfile

caddy fmt --overwrite C:\Tools\Caddy\Caddyfile

Reload configuration

caddy reload --config C:\Tools\Caddy\Caddyfile

View current configuration

caddy config --config C:\Tools\Caddy\Caddyfile

Troubleshooting

Common Issues

Issue 1: Service Won't Start

Check Windows Event Logs

Get-EventLog -LogName Application -Source Caddy -Newest 10

Check service status

sc query caddy

Common causes:

- Configuration syntax errors

- Permission issues

- Port conflicts

Solution: Validate configuration

caddy validate --config C:\Tools\Caddy\Caddyfile

Check file permissions

Get-Acl C:\Tools\Caddy\Caddyfile

Test manual execution

Move to Caddy.exe Folder Directory

cd C:\Tools\Caddy

Run Caddy command inside Caddy folder

./caddy run --config Caddyfile

Issue 2: Firewall Blocking

Check Windows Firewall rules

Get-NetFirewallRule -DisplayName "*Caddy*"

Add firewall rules if needed

New-NetFirewallRule -DisplayName "Caddy HTTP" -Direction Inbound -Protocol TCP -LocalPort 80 -Action Allow
New-NetFirewallRule -DisplayName "Caddy HTTPS" -Direction Inbound -Protocol TCP -LocalPort 443 -Action Allow

Issue 3: Certificate Issues

Check certificate status

caddy list-certificates

Clear certificate cache if needed

Remove-Item -Recurse -Force "$env:APPDATA\Caddy\certificates"

Security Best Practices

File Permissions

Secure Caddy directory

$acl = Get-Acl "C:\Tools\Caddy"
$acl.SetAccessRuleProtection($true, $false)
$accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule("Administrators","FullControl","Allow")
$acl.SetAccessRule($accessRule)
Set-Acl "C:\Tools\Caddy" $acl

Firewall Configuration

Enable Windows Firewall

Set-NetFirewallProfile -Profile Domain,Public,Private -Enabled True

Configure specific rules

New-NetFirewallRule -DisplayName "Caddy HTTP" -Direction Inbound -Protocol TCP -LocalPort 80 -Action Allow
New-NetFirewallRule -DisplayName "Caddy HTTPS" -Direction Inbound -Protocol TCP -LocalPort 443 -Action Allow

Next Steps

Advanced Configuration

  1. Explore advanced directives: header, encode, rate_limit
  2. Set up monitoring: Windows Performance Counters, health checks
  3. Configure logging: Custom log formats and Windows Event Log integration
  4. Implement security headers: HSTS, CSP, X-Frame-Options

Integration Examples

  • IIS Integration: Run alongside IIS for specific applications
  • Docker Desktop: Reverse proxy to Windows containers
  • Load balancing: Distribute traffic across multiple Windows servers
  • API gateway: Route and transform API requests

Resources


Summary

You have successfully installed Caddy on Windows with:

Professional installation with proper directory structure
Windows service integration for automatic startup
Automatic HTTPS capability with zero configuration
Cloudflare integration for dynamic DNS management
Security best practices - Proper permissions and firewall rules
Production-ready configuration - Enterprise deployment ready

Your Caddy installation is now ready for production use with automatic HTTPS, robust security, and professional service management on Windows.

Buy me pc parts
💬Join Discord
Buy me a coffee