{"id":20738511,"url":"https://github.com/cybervarun/webserver-config","last_synced_at":"2025-06-12T00:37:15.356Z","repository":{"id":43885372,"uuid":"458190103","full_name":"CyberVarun/webserver-config","owner":"CyberVarun","description":"Web Server Config files","archived":false,"fork":false,"pushed_at":"2022-08-14T13:14:16.000Z","size":46,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-18T01:31:17.136Z","etag":null,"topics":["apache2","apache2-webserver","modsecurity","nginx","nginx-conf","nginx-configuration","server","server-security"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/CyberVarun.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2022-02-11T13:06:14.000Z","updated_at":"2024-11-16T11:45:10.000Z","dependencies_parsed_at":"2022-08-28T13:30:50.838Z","dependency_job_id":null,"html_url":"https://github.com/CyberVarun/webserver-config","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CyberVarun%2Fwebserver-config","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CyberVarun%2Fwebserver-config/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CyberVarun%2Fwebserver-config/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/CyberVarun%2Fwebserver-config/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/CyberVarun","download_url":"https://codeload.github.com/CyberVarun/webserver-config/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":243024830,"owners_count":20223681,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["apache2","apache2-webserver","modsecurity","nginx","nginx-conf","nginx-configuration","server","server-security"],"created_at":"2024-11-17T06:18:45.034Z","updated_at":"2025-03-11T11:29:38.252Z","avatar_url":"https://github.com/CyberVarun.png","language":"Shell","funding_links":[],"categories":[],"sub_categories":[],"readme":"# \u003cspan style=\"color: red;\"\u003eDisclaimer\u003c/span\u003e\n\nThese files are not created for production server. This are created for understanding basic server security. So don't use these files in production server and also don't test this files on main system as you may lock down your own system.\n\n\u003chr\u003e\n\n## Summary\n\nThese are web server config file to sercure web servers and understanding basics of web server security. These only provide basic level like firewall, cronjobs and secure ssh.\n\n\u003chr\u003e\n\n# Note \nBy default it will create backups of your default configuration files.\nBut it will still ask for overwrite permission. So if want you want create backup manually You will get a chance to do that. \n\u003chr\u003e\n\n## Installation\n\n\u003cstrong\u003eScripts are only for Debian and Debian based distributions.\u003c/strong\u003e\n\nDirectly download release from \u003ca href=\"https://github.com/CyberVarun/webserver-config/releases/download/v0.1/install.sh\"\u003ehere\u003c/a\u003e\n\nor \n```bash\ngit clone https://github.com/CyberVarun/webserver-config\ncd webserver-config\nbash setup.sh\n```\n\u003chr\u003e\n\n## Owasp coreruleset\nModsecurity default rule set will be replaced with owasp coreruleset for apache2 only. You can get more about owasp coreruleset \u003ca href=\"https://github.com/coreruleset/coreruleset\"\u003ehere\u003c/a\u003e \n\n\u003chr\u003e\n\n## Apache2\nBy default script will install apache2 with modsecurity. And the default rule set of modsecurity will be replaced by owasp coreruleset to give more security.\n\n## Nginx\nNginx will have its default but modified configuration.\n\n\u003chr\u003e\n\n## Fail2ban\nIt's highly recommend to have a firewall so this will install fail2ban. And by default fail2ban is configured to block ssh connections. If anyone attempts to brute force ssh login or if anyone fails to authenticate more than 3 times it will ban its IP for 1 day. \n\n\u003chr\u003e\n\n## Virtual host\nBy default virtual files will not be installed. So if want install it just copy the following file into:\n\n\u003cstrong\u003eApache2\u003c/strong\u003e \nsite.com.conf \u003e /etc/apache2/sites-available/ \u003cbr\u003e\nAnd enable them with command:\u003cbr\u003e\n`sudo a2ensite filename` \n\nmake sure that you have disabled the default files(000-default.conf). If you haven't then use command:\u003cbr\u003e\n`sudo a2dissite filename` do disable \n\n\u003cstrong\u003eNginx\u003c/strong\u003e\nsite.com \u003e /etc/nginx/sites-available/ \u003cbr\u003e\nAnd enable them with command:\u003cbr\u003e\n\n```bash\ncd /etc/nginx/site-enabled/\nsudo ln -s /etc/nginx/sites-available/filename\n```\nmake sure that you have disabled the default files(default). If you haven't then use command:\u003cbr\u003e\n\n```bash\ncd /etc/nginx/site-enabled/\nsudo rm default\n```  \ndo disable\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcybervarun%2Fwebserver-config","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcybervarun%2Fwebserver-config","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcybervarun%2Fwebserver-config/lists"}