-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathCaddyfile
More file actions
40 lines (29 loc) · 742 Bytes
/
Caddyfile
File metadata and controls
40 lines (29 loc) · 742 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
:4173 {
bind 0.0.0.0
root * {$SITE_ROOT:./build}
# --- Server protection ---
# Block path traversal
@traversal path_regexp \.\.
respond @traversal 403
# Block encoded traversal (%2e = .)
@encoded_traversal path_regexp (?i)(%2e%2e|%252e%252e)
respond @encoded_traversal 403
# Block null bytes
@nullbyte path_regexp %00
respond @nullbyte 403
# Block dotfiles (.git, .env, etc.)
@hidden path_regexp /\.
respond @hidden 403
# SPA fallback
try_files {path} {path}.html {path}/index.html /404.html
# Static files (no directory listing)
file_server
# Hide server identity
header -Server
# Short cache for preview — 3 minutes
header Cache-Control "public, max-age=180"
log {
output stdout
format console
}
}