librewolf/bunkerized-nginx
4
0
Fork 1
mirror of https://github.com/bunkerity/bunkerized-nginx synced 2023-12-13 21:30:18 +01:00
Code Issues Projects Releases Wiki Activity
339 commits 11 branches 32 tags 322 MiB
Commit graph

339 commits

This branch
This branch
All branches
Author SHA1 Message Date
bunkerity b1d03cd11c
performance - move bad user-agents and referrers checks from nginx to LUA with caching 2021-05-11 15:30:16 +02:00
bunkerity 42c3fb8740
add sandbox allow-downloads to the default value of CONTENT_SECURITY_POLICY 2021-05-11 08:57:23 +02:00
bunkerity f1c043604a
add missing backslash in the quickstart guide and update autoconf examples with the depends_on directive 2021-05-11 08:54:34 +02:00
bunkerity fd61df205f
performance - move external blacklists checks from nginx to LUA 2021-05-10 17:51:07 +02:00
bunkerity 009d6fb5ae
choose connection and nofile numbers, increase error_log level to get modsecurity rules, add MODSECURITY_SEC_AUDIT_ENGINE var 2021-05-05 17:38:22 +02:00
bunkerity ba4185a42e
jobs - fix automatic reload 2021-05-03 14:18:10 +02:00
bunkerity 70976d0fbc
fix user-agent not blocking and add documentation on bundle when USE_CUSTOM_HTTPS=yes 2021-05-03 13:59:55 +02:00
bunkerity 062a39c63a
integrate AquaeAtrae work - add ROOT_SITE_SUBFOLDER 2021-05-03 10:31:37 +02:00
bunkerity 83841b290a
jobs - edit adren work on external blacklists 2021-05-02 16:14:13 +02:00
Bunkerity 10dc58cb6d
Merge pull request #126 from adren/patch-6 
deduplicate list of user-agents
 2021-05-02 15:14:10 +02:00
Bunkerity 668754686c
Merge pull request #125 from adren/patch-5 
more optimized way to generate map referrer file
 2021-05-02 15:13:17 +02:00
Bunkerity 84b1933f63
Merge pull request #124 from adren/patch-4 
improve the generation of blocking file (abusers)
 2021-05-02 15:12:19 +02:00
Bunkerity 15f6d0a32a
Merge pull request #123 from adren/patch-3 
improve generation of block file (Tor exit nodes)
 2021-05-02 15:11:27 +02:00
Bunkerity e628361a89
Merge pull request #122 from adren/patch-1 
huge improvement to generate blocking file
 2021-05-02 15:10:52 +02:00
Cyril Chaboisseau f8d71e067e
improved way to generate user-agent file 2021-05-01 19:04:18 +02:00
Cyril Chaboisseau 02ae3b6bd3
change IFS before subshell 
There needs to be a change in IFS before the 2 curl commands in order to keep line by line formatting
 2021-05-01 15:48:33 +02:00
Cyril Chaboisseau 2fb0e7c473
deduplicate list of user-agents 2021-05-01 15:08:52 +02:00
Cyril Chaboisseau 9adcc2f1a7
more optimized way to generate map referrer file 2021-05-01 14:51:28 +02:00
Cyril Chaboisseau 7b98db4d14
improve the generation of blocking file (abusers) 2021-05-01 12:29:15 +02:00
Cyril Chaboisseau ddb2b85916
improve generation of block file (Tor exit nodes) 2021-05-01 12:25:43 +02:00
Cyril Chaboisseau da1a460a64
huge improvement to generate blocking file 
process the file in 2 commands (grep + sed) instead of a loop running on each line
the time to generate the file takes 0.235 seconds instead of one hour, making it roughly 15,000 times quicker
the output file is exactly the same as with the former method
 2021-05-01 11:42:07 +02:00
bunkerity 07be626842
hotfix - fix API in autoconf swarm mode 2021-04-28 17:40:54 +02:00
bunkerity 3bb164395e
hotfix - move API_WHITELIST_IP edit to lua.sh 2021-04-28 17:00:50 +02:00
bunkerity bc2568a172
v1.2.4 - nginx 1.20.0 support 2021-04-27 17:43:38 +02:00
Bunkerity 5ec74880d8
update README for v1.2.4 2021-04-27 17:40:33 +02:00
bunkerity f84fd7c9a2
fix permissions issues for autoconf and fix volume for ghost example 2021-04-27 16:49:45 +02:00
bunkerity 6521d7a27a
fix client cache so it works in combination with reverse proxy and examples update 2021-04-27 15:31:56 +02:00
bunkerity 813607fbc3
improve crowdsec example and disable modsec logging when not necessary 2021-04-27 11:21:30 +02:00
bunkerity 843644f806
log - replace some WARN tags from LUA logs with NOTICE to avoid confusion 2021-04-27 09:57:07 +02:00
bunkerity 19fa0eb25f
log - print modsec_audit.log to make debugging easier 2021-04-27 09:46:40 +02:00
bunkerity b4df287228
log - send logs to remote syslog server 2021-04-27 09:30:10 +02:00
florian 5ce41edc03
api - whitelist IP/network for API 2021-04-26 22:22:34 +02:00
florian a3cfb50b4d
example - fix certbot wildcard 2021-04-26 21:34:18 +02:00
bunkerity 25494acace
example - wildcard certificate with certbot 2021-04-26 17:44:48 +02:00
bunkerity a98dae1fb6
fix CVE-2021-20205 and examples update 2021-04-26 17:00:23 +02:00
bunkerity 1a7abab570
nginx 1.20.0 support 2021-04-26 14:59:12 +02:00
florian 42b7a57f01
fix autoconf bug when removing config with multiple server name and increase default LIMIT_CONN_MAX for average website with HTTP2 2021-04-26 11:39:12 +02:00
bunkerity 02f9fbe5fc autoconf - fix certbot bug when multiple server_name for one service 2021-04-20 11:46:53 +02:00
bunkerity 69fe066777 autoconf - fix bug when multiple server_name for one service 2021-04-20 10:00:25 +02:00
bunkerity 74417abc9c fixing bugs - run as GID 101 instead of 0, different permissions checks in swarm mode and disable including server confs in swarm mode 2021-04-16 16:56:45 +02:00
bunkerity ba7524a419 fixed LUA bug 2021-04-13 17:27:52 +02:00
bunkerity b55aafb997 finding the LUA bug 2021-04-13 17:01:27 +02:00
Bunkerity deeb7a76a2
Merge pull request #117 from thelittlefireman/patch-9 
Fix lua mistake
 2021-04-13 16:49:45 +02:00
thelittlefireman ee8aaa4e7e
fix lua crash 2 2021-04-11 15:45:46 +02:00
thelittlefireman 605d59a45c
Fix lua mistake 
#116
 2021-04-11 15:33:31 +02:00
bunkerity b85c991b6e bug fixes - /usr/local/lib/lua rights and syntax error in site-config 2021-04-09 17:40:19 +02:00
bunkerity 0d3658adf0 REVERSE_PROXY_HEADERS - use proxy_set_header instead of more_set_headers 2021-04-09 17:27:22 +02:00
bunkerity 0b22209c96 documentation - userns remap feature 2021-04-09 16:22:31 +02:00
bunkerity e44a1f3e14 added the uri to limit_req_zone key to limit bruteforce attack on a specific resource instead of the whole service 2021-04-09 15:54:26 +02:00
bunkerity aa614f82f9 print error when permissions are wrong on common volumes 2021-04-09 14:54:15 +02:00