Skip to content

Reverse Proxy

This tutorial covers how to proxy your Dynmap server behind Nginx with a free SSL certificate from Let’s Encrypt installed


  • A Minecraft server with Dynmap configured
  • A VPS with atleast Ubuntu 22.04 deployed
  • A ZeroSSL account (Optional)
  • Root access to the aforementioned VPS

If you haven’t got access to the above, you should consult your service providers.

Caddy Deployment


First off, we need to install Caddy and add allow rules for both HTTP and HTTPS traffic to the UFW firewall.

sudo apt install -y debian-keyring debian-archive-keyring apt-transport-https
curl -1sLf '' | sudo gpg --dearmor -o /usr/share/keyrings/caddy-stable-archive-keyring.gpg
curl -1sLf '' | sudo tee /etc/apt/sources.list.d/caddy-stable.list
sudo apt update && sudo apt install caddy
sudo ufw allow http
sudo ufw allow https

Generate ZeroSSL API Keys (Optional)

This step is optiona if you don’t want to use ZeroSSL as you’re provider. If you chose not to use ZeroSSL your certs will be deployed via LetsEncrypt however support for Google Trust Services can also be configured.

You can go to the ZeroSSL developer console and select ‘Generate’ under ‘EAB Credentials’.

Caddyfile Config

Below is an example configuration file. Edit it and save it as /etc/caddy/Caddyfile

# Define ACME credentials (Optional but required for ZeroSSL)
acme_eab {
key_id <yourAPIkey>
mac_key <yourMACkey>
# Required for all deployments {
reverse_proxy http://<dynmapIP>:<dynmapPort>

To enable the site run the following command

Terminal window
caddy reload

If you get an error with formatting you should run the following command and then re-run the reload command.

Terminal window
sudo caddy fmt --overwrite

Testing Configuration

If you’re using ZeroSSL you should check you see a provisioned SSL certificate under you account dashboard, when you select ‘Certificates’ > ‘Issued’ it will be marked as a ‘Certificate’ and not ‘90-Day SSL’.

All users should be able to use, if you’re not using the ACME setup within