Last active
May 18, 2019 14:42
-
-
Save olkitu/af2f8879a34b0644edce714d5945e72d to your computer and use it in GitHub Desktop.
Caddy WebServer configuration for Wordpress
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
example.org www.example.org { | |
tls username@example.org # Email for Let's Encrypt | |
root /var/www | |
gzip | |
fastcgi / /run/php/php7.2-fpm.sock php { | |
except /wp-content/upload | |
} | |
rewrite { | |
if {path} not_match ^\/wp-admin | |
if {path} not_match ^\/wp-includes | |
if {path} not_match ^\/wp-content | |
to {path} {path}/ /index.php?{query} | |
} | |
log / /var/log/caddy/example.org_access.log "{combined}" { | |
rotate_size 100 # rotate after 100 MB | |
rotate_age 14 # keep log files for 14 days | |
rotate_keep 10 # keep at most 10 log files | |
rotate_compress | |
} | |
errors /var/log/caddy/example.org_errors.log { | |
rotate_size 100 # rotate after 100 MB | |
rotate_age 14 # keep log files for 14 days | |
rotate_keep 10 # keep at most 10 log files | |
rotate_compress | |
} | |
ratelimit /wp-login.php 5 7 minute | |
header /wp-content Cache-Control "max-age=15768000, s-maxage=86400" | |
header /wp-includes Cache-Control "max-age=15768000, s-maxage=86400" | |
header / { | |
Strict-Transport-Security "max-age=31536000; preload" | |
X-XSS-Protection "1; mode=block" | |
X-Content-Type-Options "nosniff" | |
X-Frame-Options "SAMEORIGIN" | |
Referrer-Policy "no-referrer-when-downgrade" | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment