Caddyfile 752 B

123456789101112131415161718192021222324
  1. :8080
  2. encode gzip
  3. root * /path/to/grav/root
  4. php_fastcgi unix//run/php/php7.3-fpm.sock
  5. file_server
  6. # Begin - Security
  7. # deny all direct access for these folders
  8. rewrite /(\.git|cache|bin|logs|backups|tests)/.* /403
  9. # deny running scripts inside core system folders
  10. rewrite /(system|vendor)/.*\.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ /403
  11. # deny running scripts inside user folder
  12. rewrite /user/.*\.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$ /403
  13. # deny access to specific files in the root folder
  14. rewrite /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) /403
  15. respond /403 403
  16. ## End - Security
  17. # global rewrite should come last.
  18. try_files {path} {path}/ /index.php?_url={uri}&{query}