1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
|
{
debug
admin off
on_demand_tls {
ask https://example.com
}
}
(blocking) {
@blocked {
path *.txt *.md *.mdown /site/*
}
redir @blocked /
}
example.com, fake.org, {$ENV_SITE} {
root * /srv
respond /get-env {$ENV_VAR}
tls off
route {
# Add trailing slash for directory requests
@canonicalPath {
file {
try_files {path}/index.php
}
not path */
}
redir @canonicalPath {path}/ 308
# If the requested file does not exist, try index files
@indexFiles {
file {
try_files {path} {path}/index.php index.php
split_path .php
}
}
rewrite @indexFiles {http.matchers.file.relative}
# Proxy PHP files to the FastCGI responder
@phpFiles {
path *.php
}
reverse_proxy @phpFiles unix//var/run/php7.4-fpm.sock {
transport fastcgi {
split .php
}
}
}
@encode_exts {
path / *.html *.js *.css *.svg
}
header {
X-Content-Type-Options nosniff
X-XSS-Protection "1; mode=block"
X-Robots-Tag none
Content-Security-Policy "frame-ancestors 'self'"
X-Frame-Options DENY
Referrer-Policy same-origin
}
@singleLine not path /matcher
respond @singleLine "Awesome."
import blocking
file_server
}
|
