# To use this file simply install caddy and run the command below from the root of your Grav site # Once running it will redirect http://localhost to https://localhost (new default for Caddy2) # More infromation here: https://caddyserver.com/docs/ # # $ caddy run --config webserver-configs/Caddyfile localhost encode gzip root * . file_server php_fastcgi 127.0.0.1:9000 # Begin - Security # deny all direct access for these folders rewrite /(\.git|cache|bin|logs|backups|tests)/.* /403 # deny running scripts inside core system folders rewrite /(system|vendor)/.*\.(txt|xml|md|html|htm|shtml|shtm|yaml|yml|php|php2|php3|php4|php5|phar|phtml|pl|py|cgi|twig|sh|bat)$ /403 # deny running scripts inside user folder rewrite /user/.*\.(txt|md|yaml|yml|php|php2|php3|php4|php5|phar|phtml|pl|py|cgi|twig|sh|bat)$ /403 # deny access to specific files in the root folder rewrite /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) /403 respond /403 403 ## End - Security # global rewrite should come last. try_files {path} {path}/ /index.php?_url={uri}&{query}