Skip to content

CyberVarun/webserver-config

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

34 Commits
apache2
apache2
 
 
fail2ban
fail2ban
 
 
nginx
nginx
 
 
README.md
README.md
 
 
setup.sh
setup.sh
 
 

Repository files navigation

Disclaimer

These files are not created for production server. This are created for understanding basic server security. So don't use these files in production server and also don't test this files on main system as you may lock down your own system.

Summary

These are web server config file to sercure web servers and understanding basics of web server security. These only provide basic level like firewall, cronjobs and secure ssh.

Note

By default it will create backups of your default configuration files. But it will still ask for overwrite permission. So if want you want create backup manually You will get a chance to do that.

Installation

Scripts are only for Debian and Debian based distributions.

Directly download release from here

or

git clone https://github.com/CyberVarun/webserver-config
cd webserver-config
bash setup.sh

Owasp coreruleset

Modsecurity default rule set will be replaced with owasp coreruleset for apache2 only. You can get more about owasp coreruleset here

Apache2

By default script will install apache2 with modsecurity. And the default rule set of modsecurity will be replaced by owasp coreruleset to give more security.

Nginx

Nginx will have its default but modified configuration.

Fail2ban

It's highly recommend to have a firewall so this will install fail2ban. And by default fail2ban is configured to block ssh connections. If anyone attempts to brute force ssh login or if anyone fails to authenticate more than 3 times it will ban its IP for 1 day.

Virtual host

By default virtual files will not be installed. So if want install it just copy the following file into:

Apache2 site.com.conf > /etc/apache2/sites-available/
And enable them with command:
sudo a2ensite filename

make sure that you have disabled the default files(000-default.conf). If you haven't then use command:
sudo a2dissite filename do disable

Nginx site.com > /etc/nginx/sites-available/
And enable them with command:

cd /etc/nginx/site-enabled/
sudo ln -s /etc/nginx/sites-available/filename

make sure that you have disabled the default files(default). If you haven't then use command:

cd /etc/nginx/site-enabled/
sudo rm default

do disable

About

Web Server Config files

Topics

nginx server apache2 modsecurity nginx-configuration nginx-conf server-security apache2-webserver

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

v0.1 Latest
Feb 14, 2022

Packages

No packages published

Languages