Caddyfile 801 B

123456789101112131415161718192021222324252627282930313233
  1. :8080
  2. gzip
  3. fastcgi / 127.0.0.1:9000 php
  4. # Begin - Security
  5. # deny all direct access for these folders
  6. rewrite {
  7. r /(\.git|cache|bin|logs|backups|tests)/.*$
  8. to /403
  9. }
  10. # deny running scripts inside core system folders
  11. rewrite {
  12. r /(system|vendor)/.*\.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$
  13. to /403
  14. }
  15. # deny running scripts inside user folder
  16. rewrite {
  17. r /user/.*\.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$
  18. to /403
  19. }
  20. # deny access to specific files in the root folder
  21. rewrite {
  22. r /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess)
  23. to /403
  24. }
  25. status 403 /403
  26. ## End - Security
  27. # global rewrite should come last.
  28. rewrite {
  29. to {path} {path}/ /index.php?_url={uri}&{query}
  30. }