[security] Fix false positives on Caddy endpoint due to domain cache.

In commit bbdaae7280, a domain cache was introduced to deal with misbehaving crawlers that forge `Host:` header and may cause thousands of expensive S3 requests to be submitted. This domain cache is implemented using a Bloom filter (which can produce false positives but not false negatives) for S3 backend, and using a function always returning true (which will be a false positive in most cases) for the FS backend. Both of these behaviors are unacceptable for the Caddy endpoint, but the FS backend case much more so. If you use git-pages with Caddy you should upgrade to a build that includes this commit as soon as possible or Let's Encrypt may rate-limit or restrict your account when you get unlucky with a crawler.
2026-05-14 11:11:35 +00:00 · 2026-05-11 10:05:14 +00:00
parent a9fc5780b1
commit bb70bf04a0
1 changed files with 1 additions and 1 deletions
--- a/src/caddy.go
+++ b/src/caddy.go
@@ -32,7 +32,7 @@ func ServeCaddy(w http.ResponseWriter, r *http.Request) {
 	// Run a cheap check as to whether we might be serving the domain.
 	var found = domainCache.CheckDomain(r.Context(), domain)

-	if !found {
+	if found {
 		// Run an expensive check as to whether we are actually serving the domain.
 		found, err = backend.CheckDomain(r.Context(), domain)
 	}