Add Caddyfile for newer Caddy versions #1115

getgrav · Oct 25, 2016 · af53d79 · af53d79
1 parent c3aa11a
commit af53d79
Show file tree

Hide file tree

Showing 3 changed files with 40 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -4,6 +4,7 @@
 1. [](#improved)
     * Added `getTaxonomyItemKeys` to the Taxonomy object [#1124](https://github.com/getgrav/grav/issues/1124)
     * Added a `redirect_me` Twig function [#1124](https://github.com/getgrav/grav/issues/1124)
+    * Added a Caddyfile for newer Caddy versions [#1115](https://github.com/getgrav/grav/issues/1115)
 1. [](#bugfix)
     * Fixed an issue with site redirects/routes, not processing with extension (.html, .json, etc.)
     * Don't truncate HTML if content length is less than summary size [#1125](https://github.com/getgrav/grav/issues/1125)

diff --git a/webserver-configs/Caddyfile b/webserver-configs/Caddyfile
@@ -6,23 +6,25 @@ fastcgi / 127.0.0.1:9000 php
 # deny all direct access for these folders
 rewrite {
     r       /(.git|cache|bin|logs|backups|tests)/.*$
-    status  403
+    to  	/403
 }
 # deny running scripts inside core system folders
 rewrite {
     r       /(system|vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat)$
-    status  403
+    to  	/403
 }
 # deny running scripts inside user folder
 rewrite {
     r       /user/.*\.(txt|md|yaml|php|pl|py|cgi|twig|sh|bat)$
-    status  403
+    to  	/403
 }
 # deny access to specific files in the root folder
 rewrite {
     r       /(LICENSE.txt|composer.lock|composer.json|nginx.conf|web.config|htaccess.txt|\.htaccess)
-    status  403
+    to  	/403
 }
+
+status 403 /403
 ## End - Security
 
 # global rewrite should come last.

diff --git a/webserver-configs/Caddyfile-0.8.x b/webserver-configs/Caddyfile-0.8.x
@@ -0,0 +1,33 @@
+# Caddyfile for Caddy 0.8.x and below
+
+:8080
+gzip
+fastcgi / 127.0.0.1:9000 php
+
+# Begin - Security
+# deny all direct access for these folders
+rewrite {
+    r       /(.git|cache|bin|logs|backups|tests)/.*$
+    status  403
+}
+# deny running scripts inside core system folders
+rewrite {
+    r       /(system|vendor)/.*\.(txt|xml|md|html|yaml|php|pl|py|cgi|twig|sh|bat)$
+    status  403
+}
+# deny running scripts inside user folder
+rewrite {
+    r       /user/.*\.(txt|md|yaml|php|pl|py|cgi|twig|sh|bat)$
+    status  403
+}
+# deny access to specific files in the root folder
+rewrite {
+    r       /(LICENSE.txt|composer.lock|composer.json|nginx.conf|web.config|htaccess.txt|\.htaccess)
+    status  403
+}
+## End - Security
+
+# global rewrite should come last.
+rewrite {
+    to  {path} {path}/ /index.php?_url={uri}
+}