bunkerity
b1d03cd11c
performance - move bad user-agents and referrers checks from nginx to LUA with caching
2021-05-11 15:30:16 +02:00
bunkerity
42c3fb8740
add sandbox allow-downloads to the default value of CONTENT_SECURITY_POLICY
2021-05-11 08:57:23 +02:00
bunkerity
f1c043604a
add missing backslash in the quickstart guide and update autoconf examples with the depends_on directive
2021-05-11 08:54:34 +02:00
bunkerity
fd61df205f
performance - move external blacklists checks from nginx to LUA
2021-05-10 17:51:07 +02:00
bunkerity
009d6fb5ae
choose connection and nofile numbers, increase error_log level to get modsecurity rules, add MODSECURITY_SEC_AUDIT_ENGINE var
2021-05-05 17:38:22 +02:00
bunkerity
ba4185a42e
jobs - fix automatic reload
2021-05-03 14:18:10 +02:00
bunkerity
70976d0fbc
fix user-agent not blocking and add documentation on bundle when USE_CUSTOM_HTTPS=yes
2021-05-03 13:59:55 +02:00
bunkerity
062a39c63a
integrate AquaeAtrae work - add ROOT_SITE_SUBFOLDER
2021-05-03 10:31:37 +02:00
bunkerity
83841b290a
jobs - edit adren work on external blacklists
2021-05-02 16:14:13 +02:00
Bunkerity
10dc58cb6d
Merge pull request #126 from adren/patch-6
...
deduplicate list of user-agents
2021-05-02 15:14:10 +02:00
Bunkerity
668754686c
Merge pull request #125 from adren/patch-5
...
more optimized way to generate map referrer file
2021-05-02 15:13:17 +02:00
Bunkerity
84b1933f63
Merge pull request #124 from adren/patch-4
...
improve the generation of blocking file (abusers)
2021-05-02 15:12:19 +02:00
Bunkerity
15f6d0a32a
Merge pull request #123 from adren/patch-3
...
improve generation of block file (Tor exit nodes)
2021-05-02 15:11:27 +02:00
Bunkerity
e628361a89
Merge pull request #122 from adren/patch-1
...
huge improvement to generate blocking file
2021-05-02 15:10:52 +02:00
Cyril Chaboisseau
f8d71e067e
improved way to generate user-agent file
2021-05-01 19:04:18 +02:00
Cyril Chaboisseau
02ae3b6bd3
change IFS before subshell
...
There needs to be a change in IFS before the 2 curl commands in order to keep line by line formatting
2021-05-01 15:48:33 +02:00
Cyril Chaboisseau
2fb0e7c473
deduplicate list of user-agents
2021-05-01 15:08:52 +02:00
Cyril Chaboisseau
9adcc2f1a7
more optimized way to generate map referrer file
2021-05-01 14:51:28 +02:00
Cyril Chaboisseau
7b98db4d14
improve the generation of blocking file (abusers)
2021-05-01 12:29:15 +02:00
Cyril Chaboisseau
ddb2b85916
improve generation of block file (Tor exit nodes)
2021-05-01 12:25:43 +02:00
Cyril Chaboisseau
da1a460a64
huge improvement to generate blocking file
...
process the file in 2 commands (grep + sed) instead of a loop running on each line
the time to generate the file takes 0.235 seconds instead of one hour, making it roughly 15,000 times quicker
the output file is exactly the same as with the former method
2021-05-01 11:42:07 +02:00
bunkerity
07be626842
hotfix - fix API in autoconf swarm mode
2021-04-28 17:40:54 +02:00
bunkerity
3bb164395e
hotfix - move API_WHITELIST_IP edit to lua.sh
2021-04-28 17:00:50 +02:00
bunkerity
bc2568a172
v1.2.4 - nginx 1.20.0 support
2021-04-27 17:43:38 +02:00
Bunkerity
5ec74880d8
update README for v1.2.4
2021-04-27 17:40:33 +02:00
bunkerity
f84fd7c9a2
fix permissions issues for autoconf and fix volume for ghost example
2021-04-27 16:49:45 +02:00
bunkerity
6521d7a27a
fix client cache so it works in combination with reverse proxy and examples update
2021-04-27 15:31:56 +02:00
bunkerity
813607fbc3
improve crowdsec example and disable modsec logging when not necessary
2021-04-27 11:21:30 +02:00
bunkerity
843644f806
log - replace some WARN tags from LUA logs with NOTICE to avoid confusion
2021-04-27 09:57:07 +02:00
bunkerity
19fa0eb25f
log - print modsec_audit.log to make debugging easier
2021-04-27 09:46:40 +02:00
bunkerity
b4df287228
log - send logs to remote syslog server
2021-04-27 09:30:10 +02:00
florian
5ce41edc03
api - whitelist IP/network for API
2021-04-26 22:22:34 +02:00
florian
a3cfb50b4d
example - fix certbot wildcard
2021-04-26 21:34:18 +02:00
bunkerity
25494acace
example - wildcard certificate with certbot
2021-04-26 17:44:48 +02:00
bunkerity
a98dae1fb6
fix CVE-2021-20205 and examples update
2021-04-26 17:00:23 +02:00
bunkerity
1a7abab570
nginx 1.20.0 support
2021-04-26 14:59:12 +02:00
florian
42b7a57f01
fix autoconf bug when removing config with multiple server name and increase default LIMIT_CONN_MAX for average website with HTTP2
2021-04-26 11:39:12 +02:00
bunkerity
02f9fbe5fc
autoconf - fix certbot bug when multiple server_name for one service
2021-04-20 11:46:53 +02:00
bunkerity
69fe066777
autoconf - fix bug when multiple server_name for one service
2021-04-20 10:00:25 +02:00
bunkerity
74417abc9c
fixing bugs - run as GID 101 instead of 0, different permissions checks in swarm mode and disable including server confs in swarm mode
2021-04-16 16:56:45 +02:00
bunkerity
ba7524a419
fixed LUA bug
2021-04-13 17:27:52 +02:00
bunkerity
b55aafb997
finding the LUA bug
2021-04-13 17:01:27 +02:00
Bunkerity
deeb7a76a2
Merge pull request #117 from thelittlefireman/patch-9
...
Fix lua mistake
2021-04-13 16:49:45 +02:00
thelittlefireman
ee8aaa4e7e
fix lua crash 2
2021-04-11 15:45:46 +02:00
thelittlefireman
605d59a45c
Fix lua mistake
...
#116
2021-04-11 15:33:31 +02:00
bunkerity
b85c991b6e
bug fixes - /usr/local/lib/lua rights and syntax error in site-config
2021-04-09 17:40:19 +02:00
bunkerity
0d3658adf0
REVERSE_PROXY_HEADERS - use proxy_set_header instead of more_set_headers
2021-04-09 17:27:22 +02:00
bunkerity
0b22209c96
documentation - userns remap feature
2021-04-09 16:22:31 +02:00
bunkerity
e44a1f3e14
added the uri to limit_req_zone key to limit bruteforce attack on a specific resource instead of the whole service
2021-04-09 15:54:26 +02:00
bunkerity
aa614f82f9
print error when permissions are wrong on common volumes
2021-04-09 14:54:15 +02:00