mirror of
https://github.com/getgrav/grav.git
synced 2026-03-06 04:21:34 +01:00
1408477827
* Updating Caddyfile Now /sitemap.xml or blog.rss or /info.php and so on are working also the evil regex is removed * Updating Caddyfile adding suggestion by @abiosoft
32 lines
769 B
Caddyfile
32 lines
769 B
Caddyfile
:8080
|
|
gzip
|
|
fastcgi / 127.0.0.1:9000 php
|
|
|
|
# Begin - Security
|
|
# deny all direct access for these folders
|
|
rewrite {
|
|
r /(.git|cache|bin|logs|backups|tests)/.*$
|
|
status 403
|
|
}
|
|
# deny running scripts inside core system folders
|
|
rewrite {
|
|
r /(system|vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat)$
|
|
status 403
|
|
}
|
|
# deny running scripts inside user folder
|
|
rewrite {
|
|
r /user/.*\.(txt|md|yaml|php|pl|py|cgi|twig|sh|bat)$
|
|
status 403
|
|
}
|
|
# deny access to specific files in the root folder
|
|
rewrite {
|
|
r /(LICENSE.txt|composer.lock|composer.json|nginx.conf|web.config|htaccess.txt|\.htaccess)
|
|
status 403
|
|
}
|
|
## End - Security
|
|
|
|
# global rewrite should come last.
|
|
rewrite {
|
|
to {path} {path}/ /index.php?_url={uri}
|
|
}
|