Hotlink prevention in Caddy 2.0

One of the fonts on my website requires me to do hotlink prevention as part of its license. This is how I implemented it using Caddy 2.0.

It wasn’t obvious to me where the @fontPirate block could go. On my third attempt, putting it inside the block worked*. {
} {
	root * /var/www
	@fontPirate {
		path /fonts/commercial/*
		not header Referer*
	respond @fontPirate "Access denied" 403 {

* It didn’t work at the end; I got an error complaining that @fontPirate hadn’t been defined yet. It also didn’t work as the first thing in the file; I got an error complaining that path was an unrecognized directive.