Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/cybervarun/webserver-config

Web Server Config files
https://github.com/cybervarun/webserver-config

apache2 apache2-webserver modsecurity nginx nginx-conf nginx-configuration server server-security

Last synced: 2 days ago
JSON representation

Web Server Config files

Awesome Lists containing this project

README

        

# Disclaimer

These files are not created for production server. This are created for understanding basic server security. So don't use these files in production server and also don't test this files on main system as you may lock down your own system.


## Summary

These are web server config file to sercure web servers and understanding basics of web server security. These only provide basic level like firewall, cronjobs and secure ssh.


# Note
By default it will create backups of your default configuration files.
But it will still ask for overwrite permission. So if want you want create backup manually You will get a chance to do that.


## Installation

Scripts are only for Debian and Debian based distributions.

Directly download release from here

or
```bash
git clone https://github.com/CyberVarun/webserver-config
cd webserver-config
bash setup.sh
```


## Owasp coreruleset
Modsecurity default rule set will be replaced with owasp coreruleset for apache2 only. You can get more about owasp coreruleset here


## Apache2
By default script will install apache2 with modsecurity. And the default rule set of modsecurity will be replaced by owasp coreruleset to give more security.

## Nginx
Nginx will have its default but modified configuration.


## Fail2ban
It's highly recommend to have a firewall so this will install fail2ban. And by default fail2ban is configured to block ssh connections. If anyone attempts to brute force ssh login or if anyone fails to authenticate more than 3 times it will ban its IP for 1 day.


## Virtual host
By default virtual files will not be installed. So if want install it just copy the following file into:

Apache2
site.com.conf > /etc/apache2/sites-available/

And enable them with command:

`sudo a2ensite filename`

make sure that you have disabled the default files(000-default.conf). If you haven't then use command:

`sudo a2dissite filename` do disable

Nginx
site.com > /etc/nginx/sites-available/

And enable them with command:

```bash
cd /etc/nginx/site-enabled/
sudo ln -s /etc/nginx/sites-available/filename
```
make sure that you have disabled the default files(default). If you haven't then use command:

```bash
cd /etc/nginx/site-enabled/
sudo rm default
```
do disable