Exclude direct access to files

apremalal · December 20, 2016, 12:53pm

Hello Community,

I need to exclude direct access to some file extensions (.html). I tried to use the following configuration and it doesn’t block direct access.

localhost:{$CAPTIVE_CADDY_PORT}/portal {
ext !.html
root webapps/portals/
gzip
log logs/caddyaccess.log
fastcgi / 127.0.0.1:9000 php
}

Is this achievable with caddy?

Whitestrake · December 20, 2016, 2:18pm

There’s two ways to achieve what you’re after.

Use the internal directive to mark paths unavailable to outside requests (see docs for internal)
Rewrite requests that end in .html to some forbidden path

Option 2 looks something like this:

example.com {
    status 403 /forbidden
    rewrite {
        if {path} ends_with .html
        to /forbidden
    }
}

You can stack extensions to deny like so:

rewrite {
    if {path} ends_with .html
    if {path} ends_with .php
    if_op or
    to /forbidden
}

apremalal · December 22, 2016, 8:46am

This is helpful. Thanks for the infromation.

system · March 22, 2017, 8:47am

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.