Caddy Header Verification

Caddy Header Verification is a Caddy addon designed to detect bots and potentially malicious clients by inspecting and validating incoming HTTP headers. It helps identify unusual, malformed, or manipulated headers commonly associated with automated or abusive traffic.

⚠️ This project is licensed under GPL-3.0.

✨ Features

Detects malformed or suspicious HTTP headers
Helps identify bot or automated traffic
Integrates as a Caddy middleware
Includes unit tests for header verification logic

🚀 Installation

This module must be compiled into a custom Caddy binary.

Install `xcaddy`

go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest

Build Caddy with this module

xcaddy build --with github.com/IgnifexLabs/CaddyHeaderVerification

This produces a custom Caddy binary that includes the header verification middleware.

⚙️ Usage

Enable the middleware in your Caddyfile for the sites or routes you want to protect It is important to change the order in the caddy File. for chromium based applications the client hints are a valuable item and should be integrated.

{
    order headerchecker before respond
}

:8080 {
    header {
        Accept-CH "Sec-CH-Device-Memory, Sec-CH-DPR, Sec-CH-Prefers-Color-Scheme, Sec-CH-Prefers-Reduced-Motion, Sec-CH-Prefers-Reduced-Transparency, Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Form-Factors, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-Viewport-Height, Sec-CH-Viewport-Width, Sec-CH-Width"
        Critical-CH "Sec-CH-Device-Memory, Sec-CH-DPR,Sec-CH-UA, Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64, Sec-CH-Viewport-Height, Sec-CH-Viewport-Width, Sec-CH-Width"    
    }
    headerchecker
    respond "OK"
}

🧪 Running Tests

Unit tests are included for validating header detection logic.

🤝 Contributing

Contributions are welcome!

Fork the repository

Create a feature or bugfix branch

Submit a pull request with a clear description

Please include tests for new functionality where possible.

📝 License

This project is licensed under the GNU General Public License v3.0. See the LICENSE

Name		Name	Last commit message	Last commit date
Latest commit History 19 Commits
UserAgent		UserAgent
.gitignore		.gitignore
Botheaderchecker.go		Botheaderchecker.go
Caddyfile		Caddyfile
LICENSE		LICENSE
README.md		README.md
accept_encoding_test.go		accept_encoding_test.go
acceptlanguague_test.go		acceptlanguague_test.go
go.mod		go.mod
go.sum		go.sum
secfetch_test.go		secfetch_test.go
validateClientHintWindowsPlatformVersion_test.go		validateClientHintWindowsPlatformVersion_test.go

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Caddy Header Verification

✨ Features

🚀 Installation

Install `xcaddy`

Build Caddy with this module

⚙️ Usage

🧪 Running Tests

🤝 Contributing

📝 License

About

Uh oh!

Releases

Packages

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

Caddy Header Verification

✨ Features

🚀 Installation

Install xcaddy

Build Caddy with this module

⚙️ Usage

🧪 Running Tests

🤝 Contributing

📝 License

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

Install `xcaddy`

Packages