About

This is a brief description of yourself or your site, to change this text go to the admin panel, settings, plugins, and configure the plugin "about".

Categories

Recent Article

Static Pages

GRAV with CADDY, Debian 12

 
Install, PHP, DB, Caddy first.

$ adduser caddy
$ adduser caddy sudo
$ su - caddy
$ exit

$ cd /usr/share/caddy
$ sudo wget https://getgrav.org/download/core/grav-admin/1.7.48
$ sudo unzip 1.7.48
$ sudo mv grav-admin grav
$ sudo chown -R $USER:$USER /usr/share/caddy/grav

$ nano /etc/caddy/Caddyfile

your_domain:80 {
    tls xxx@xxx.com
    root * /usr/share/caddy/grav
    file_server
    encode zstd gzip
    php_fastcgi unix//run/php/php8.2-fpm.sock 

    # Begin - Security
    # deny all direct access for these folders
    rewrite /(\.git|cache|bin|logs|backups|tests)/.* /403

    # deny running scripts inside core system folders
    rewrite /(system|vendor)/.*\.(txt|xml|md|html|htm|shtml|shtm|yaml|yml|php|php2|php3|php4|php5|phar|phtml|pl|py|cgi|twig|sh|bat)$ /403

    # deny running scripts inside user folder
    rewrite /user/.*\.(txt|md|yaml|yml|php|php2|php3|php4|php5|phar|phtml|pl|py|cgi|twig|sh|bat)$ /403

    # deny access to specific files in the root folder
    rewrite /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess) /403

    respond /403 403
    ## End - Security

    # global rewrite should come last.
    try_files {path} {path}/ /index.php?_url={uri}&{query}

    log {
        output file /var/log/caddy/access.log
        format console
    }
}

$ sudo systemctl restart caddy