2021-05-27 18:17:50 +02:00
|
|
|
# To use this file simply install caddy and run the command below from the root of your Grav site
|
|
|
|
|
# Once running it will redirect http://localhost to https://localhost (new default for Caddy2)
|
|
|
|
|
# More infromation here: https://caddyserver.com/docs/
|
|
|
|
|
#
|
|
|
|
|
# $ caddy run --config webserver-configs/Caddyfile
|
|
|
|
|
|
|
|
|
|
localhost
|
|
|
|
|
encode gzip
|
|
|
|
|
root * .
|
|
|
|
|
file_server
|
|
|
|
|
|
|
|
|
|
php_fastcgi 127.0.0.1:9000
|
2019-03-28 17:57:56 +01:00
|
|
|
|
|
|
|
|
# Begin - Security
|
|
|
|
|
# deny all direct access for these folders
|
2021-05-27 18:17:50 +02:00
|
|
|
rewrite /(\.git|cache|bin|logs|backups|tests)/.* /403
|
|
|
|
|
|
2019-03-28 17:57:56 +01:00
|
|
|
# deny running scripts inside core system folders
|
2021-05-27 18:17:50 +02:00
|
|
|
rewrite /(system|vendor)/.*\.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ /403
|
|
|
|
|
|
2019-03-28 17:57:56 +01:00
|
|
|
# deny running scripts inside user folder
|
2021-05-27 18:17:50 +02:00
|
|
|
rewrite /user/.*\.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ /403
|
|
|
|
|
|
2019-03-28 17:57:56 +01:00
|
|
|
# deny access to specific files in the root folder
|
2021-05-27 18:17:50 +02:00
|
|
|
rewrite /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) /403
|
2019-03-28 17:57:56 +01:00
|
|
|
|
2021-05-27 18:17:50 +02:00
|
|
|
respond /403 403
|
2019-03-28 17:57:56 +01:00
|
|
|
## End - Security
|
|
|
|
|
|
|
|
|
|
# global rewrite should come last.
|
2021-05-27 18:17:50 +02:00
|
|
|
try_files {path} {path}/ /index.php?_url={uri}&{query}
|
