Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/cybervarun/webserver-config
Web Server Config files
https://github.com/cybervarun/webserver-config
apache2 apache2-webserver modsecurity nginx nginx-conf nginx-configuration server server-security
Last synced: about 1 month ago
JSON representation
Web Server Config files
- Host: GitHub
- URL: https://github.com/cybervarun/webserver-config
- Owner: CyberVarun
- Created: 2022-02-11T13:06:14.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2022-08-14T13:14:16.000Z (over 2 years ago)
- Last Synced: 2023-03-10T06:43:55.080Z (almost 2 years ago)
- Topics: apache2, apache2-webserver, modsecurity, nginx, nginx-conf, nginx-configuration, server, server-security
- Language: Shell
- Homepage:
- Size: 44.9 KB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Disclaimer
These files are not created for production server. This are created for understanding basic server security. So don't use these files in production server and also don't test this files on main system as you may lock down your own system.
## Summary
These are web server config file to sercure web servers and understanding basics of web server security. These only provide basic level like firewall, cronjobs and secure ssh.
# Note
By default it will create backups of your default configuration files.
But it will still ask for overwrite permission. So if want you want create backup manually You will get a chance to do that.
## Installation
Scripts are only for Debian and Debian based distributions.
Directly download release from here
or
```bash
git clone https://github.com/CyberVarun/webserver-config
cd webserver-config
bash setup.sh
```
## Owasp coreruleset
Modsecurity default rule set will be replaced with owasp coreruleset for apache2 only. You can get more about owasp coreruleset here
## Apache2
By default script will install apache2 with modsecurity. And the default rule set of modsecurity will be replaced by owasp coreruleset to give more security.## Nginx
Nginx will have its default but modified configuration.
## Fail2ban
It's highly recommend to have a firewall so this will install fail2ban. And by default fail2ban is configured to block ssh connections. If anyone attempts to brute force ssh login or if anyone fails to authenticate more than 3 times it will ban its IP for 1 day.
## Virtual host
By default virtual files will not be installed. So if want install it just copy the following file into:Apache2
site.com.conf > /etc/apache2/sites-available/
And enable them with command:
`sudo a2ensite filename`make sure that you have disabled the default files(000-default.conf). If you haven't then use command:
`sudo a2dissite filename` do disableNginx
site.com > /etc/nginx/sites-available/
And enable them with command:```bash
cd /etc/nginx/site-enabled/
sudo ln -s /etc/nginx/sites-available/filename
```
make sure that you have disabled the default files(default). If you haven't then use command:```bash
cd /etc/nginx/site-enabled/
sudo rm default
```
do disable