Categories

Recent Article

Static Pages

GRAV with CADDY, Debian 12

 
Install, PHP, DB, Caddy first.

$ adduser caddy
$ adduser caddy sudo
$ su - caddy
$ exit

$ cd /usr/share/caddy
$ sudo wget https://getgrav.org/download/core/grav-admin/1.7.48
$ sudo unzip 1.7.48
$ sudo mv grav-admin grav
$ sudo chown -R $USER:$USER /usr/share/caddy/grav

$ nano /etc/caddy/Caddyfile

your_domain:80 {
    tls [email protected]
    root * /usr/share/caddy/grav
    file_server
    encode zstd gzip
    php_fastcgi unix//run/php/php8.2-fpm.sock 

    # Begin - Security
    # deny all direct access for these folders
    rewrite /(\.git|cache|bin|logs|backups|tests)/.* /403

    # deny running scripts inside core system folders
    rewrite /(system|vendor)/.*\.(txt|xml|md|html|htm|shtml|shtm|yaml|yml|php|php2|php3|php4|php5|phar|phtml|pl|py|cgi|twig|sh|bat)$ /403

    # deny running scripts inside user folder
    rewrite /user/.*\.(txt|md|yaml|yml|php|php2|php3|php4|php5|phar|phtml|pl|py|cgi|twig|sh|bat)$ /403

    # deny access to specific files in the root folder
    rewrite /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) /403

    respond /403 403
    ## End - Security

    # global rewrite should come last.
    try_files {path} {path}/ /index.php?_url={uri}&{query}

    log {
        output file /var/log/caddy/access.log
        format console
    }
}

$ sudo systemctl restart caddy