Caddy is a great web server. It is easier to configure than nginx and handles the SSL certificates requests and renewals so you don't need to mess with certbot/cron. At times, you might prefer to use Caddy instead of Nginx, Apache, Lighttpd, or other web servers
FreeBSD and Caddy play very well together for static websites/reverse proxies but we often need to serve dynamic websites. To add PHP, follow these steps.
First, install and enable Caddy by running these commands:
pkg install caddy
service caddy enable
Now let's install PHP - let's say PHP 8.3 - and enable php-fpm:
pkg install php83
service php-fpm enable
To use php-fpm, modify the configuration file at /usr/local/etc/php-fpm.d/www.conf by changing the listen address to the following:
Modify
listen = 127.0.0.1:9000
to
listen = /var/run/php83.sock
Then, change the socket owner. Just uncomment the following lines:
listen.owner = www
listen.group = www
listen.mode = 0660
Start php-fpm:
service php-fpm start
Now modify /usr/local/etc/caddy/Caddyfile. Append something like this:
my.website.com {
root * /usr/local/www/website
php_fastcgi unix//var/run/php83.sock
file_server
}
This will configure a virtualhost called my.website.com (and Caddy will try to obtain a certificate for it), with its root on /usr/local/www/website and will process any request to .php files via php socket. The file_server directive ensures that static files can be served from the root path.
Start Caddy:
service caddy start
That's all. While this is a basic configuration, it can be customized for more advanced usage. For example, you can add the following lines to restrict access to certain files:
@disallowed {
path /xmlrpc.php
path *.sql
path /wp-content/uploads/*.php
}
rewrite @disallowed '/index.php'
and you can have a working (and quite safe) Wordpress installation.