Add Caddyfile for newer Caddy versions #1115

2025-02-20 19:56:53 +01:00 · 2016-10-25 18:58:52 +02:00 · 2016-10-25 18:58:52 +02:00 · af53d79e5e
commit af53d79e5e
parent c3aa11abeb
3 changed files with 40 additions and 4 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -4,6 +4,7 @@
 1. [](#improved)
    * Added `getTaxonomyItemKeys` to the Taxonomy object [#1124](https://github.com/getgrav/grav/issues/1124)
    * Added a `redirect_me` Twig function [#1124](https://github.com/getgrav/grav/issues/1124)
+    * Added a Caddyfile for newer Caddy versions [#1115](https://github.com/getgrav/grav/issues/1115)
 1. [](#bugfix)
    * Fixed an issue with site redirects/routes, not processing with extension (.html, .json, etc.)
    * Don't truncate HTML if content length is less than summary size [#1125](https://github.com/getgrav/grav/issues/1125)
--- a/webserver-configs/Caddyfile
+++ b/webserver-configs/Caddyfile
@ -6,23 +6,25 @@ fastcgi / 127.0.0.1:9000 php
 # deny all direct access for these folders
 rewrite {
    r       /(.git|cache|bin|logs|backups|tests)/.*$
-    status  403
+    to  	/403
 }
 # deny running scripts inside core system folders
 rewrite {
    r       /(system|vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat)$
-    status  403
+    to  	/403
 }
 # deny running scripts inside user folder
 rewrite {
    r       /user/.*\.(txt|md|yaml|php|pl|py|cgi|twig|sh|bat)$
-    status  403
+    to  	/403
 }
 # deny access to specific files in the root folder
 rewrite {
    r       /(LICENSE.txt|composer.lock|composer.json|nginx.conf|web.config|htaccess.txt|\.htaccess)
-    status  403
+    to  	/403
 }
+
+status 403 /403
 ## End - Security

 # global rewrite should come last.
--- a/webserver-configs/Caddyfile-0.8.x
+++ b/webserver-configs/Caddyfile-0.8.x
@ -0,0 +1,33 @@
+# Caddyfile for Caddy 0.8.x and below
+
+:8080
+gzip
+fastcgi / 127.0.0.1:9000 php
+
+# Begin - Security
+# deny all direct access for these folders
+rewrite {
+    r       /(.git|cache|bin|logs|backups|tests)/.*$
+    status  403
+}
+# deny running scripts inside core system folders
+rewrite {
+    r       /(system|vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat)$
+    status  403
+}
+# deny running scripts inside user folder
+rewrite {
+    r       /user/.*\.(txt|md|yaml|php|pl|py|cgi|twig|sh|bat)$
+    status  403
+}
+# deny access to specific files in the root folder
+rewrite {
+    r       /(LICENSE.txt|composer.lock|composer.json|nginx.conf|web.config|htaccess.txt|\.htaccess)
+    status  403
+}
+## End - Security
+
+# global rewrite should come last.
+rewrite {
+    to  {path} {path}/ /index.php?_url={uri}
+}