Restricting Files & Paths in Caddy

I received an email today from an independent security researcher which detailed a vulnerability in pdemro.com. I am using a pretty old version of the Ghost docker image which apparently serves a directory which is a Git repository (including a .git folder). The vulnerability exploited my permissive Caddy configuration to access the git HEAD. To reproduce, the researcher built a robot to hit websites at /.git/HEAD. Read all [Read More]