Caddy Server

Caddy server is a high performance web server and reverse proxy.

Caddy with Coraza supports autotls (with let´s encrypt), FastCGI, content rendering and reverse proxy.


Building dependencies

Install golang 1.16 or 1.17.

Using go install

go install

Downloading pre-compiled version from Caddy

Go to, select your platform, select Coraza-Waf and select Download.

Using the package installer



Building from source

git clone
cd coraza-caddy
go get ./...
go build -o caddy caddy/main.go

Building with XCaddy

go install
xcaddy build --with

Configuration directives

    # order coraza first is required, otherwise Coraza won't work
    order coraza_waf first

:8080 {
	coraza_waf {
    # you can write directives in Caddyfile
		directives `
			SecAction "id:1,pass,log"
			SecRule REQUEST_URI "/test5" "id:2, deny, log, phase:1"
			SecRule REQUEST_URI "/test6" "id:4, deny, log, phase:3"
		# or include some files with wildcards
		include /coraza/crs/*.conf
	respond "test123"

Edit this page on GitHub