first commit

webserver-configs/Caddyfile

@@ -0,0 +1,33 @@
+:8080
+gzip
+fastcgi / 127.0.0.1:9000 php
+
+# Begin - Security
+# deny all direct access for these folders
+rewrite {
+    r       /(\.git|cache|bin|logs|backups|tests)/.*$
+    to  	/403
+}
+# deny running scripts inside core system folders
+rewrite {
+    r       /(system|vendor)/.*\.(txt|xml|md|html|yaml|yml|php|pl|py|cgi|twig|sh|bat)$
+    to  	/403
+}
+# deny running scripts inside user folder
+rewrite {
+    r       /user/.*\.(txt|md|yaml|yml|php|pl|py|cgi|twig|sh|bat)$
+    to  	/403
+}
+# deny access to specific files in the root folder
+rewrite {
+    r       /(LICENSE\.txt|composer\.lock|composer\.json|nginx\.conf|web\.config|htaccess\.txt|\.htaccess)
+    to  	/403
+}
+
+status 403 /403
+## End - Security
+
+# global rewrite should come last.
+rewrite {
+    to  {path} {path}/ /index.php?_url={uri}&{query}
+}