Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/lstep/2fanginx

2FA NGINX + Lua auth portal
https://github.com/lstep/2fanginx

authentication authorization go golang lua nginx passwordless proxy reverse-proxy secure security security-hardening

Last synced: 28 days ago
JSON representation

2FA NGINX + Lua auth portal

Awesome Lists containing this project

README 

        

[![Total Downloads](https://img.shields.io/github/downloads/2fangnx/latest/total.svg?style=flat-square)](https://github.com/lstep/2fanginx/releases) [![License](http://img.shields.io/badge/license-apache-blue.svg?style=flat-square)](https://raw.githubusercontent.com/lstep/2fanginx/master/LICENSE) [![Go Report Card](http://goreportcard.com/badge/Masterminds/glide)](http://goreportcard.com/report/lstep/2fanginx)  [![Build Status](https://travis-ci.org/lstep/2fanginx.svg?branch=master)](https://travis-ci.org/lstep/2fanginx)

Patreon donate button

PayPal donate button



*Documentation is being written right now*



## Purpose



2FANGINX is an auth module for 2FA (2 factors authentication) on NGINX (using "standard" Lua module from NGINX). It allows you to protect using 2FA a whole subdomain, without interfering with other security mesures below the domain hierarchy.



## Features



* Securely hashed (HMAC-SHA1) cookie (distributed only on HTTPS)

* [Throttling connexions](https://github.com/throttled/throttled) to prevent brute force password attempts and DDoS



## Requirements



* Always use the most accessible software, and do not need to recompile a full NGINX isntance. So using the default NGINX Ubuntu/Debian package and the default Lua module addon also available as a package (`libnginx-mod-http-lua`).



## References



* Initially based on ([gist](https://gist.github.com/jebjerg/d1c4a23057d5f35a8157) written by [jebjerg](http://github.com/jebjerg))