danwin1210/hosting
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
288 Commits 1 Branch 0 Tags
26c4c3c75d8b5ba2c5eae4bf9df4c56730c55999
Commit Graph

288 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Daniel Winzen
8e155012a7 Suppress chatty dovecot messages 2018-12-07 21:48:22 +01:00
Daniel Winzen
4b25310396 Simplified sshd_config 2018-12-07 13:25:30 +01:00
Daniel Winzen
756e16b533 Fixed potential race condition pointed out in issue #31 2018-12-06 16:54:35 +01:00
Daniel Winzen
5cd13e9269 Introduced selection between v2, v3 and custom hidden service 2018-12-06 16:24:35 +01:00
Daniel Winzen
305c8bc0c3 Fix mariadb 10.3 compatibility by adding default values 2018-12-05 22:19:46 +01:00
Daniel Winzen
be005c3137 Renamed config file 2018-12-05 17:18:46 +01:00
Daniel Winzen
aedd8a1e6a Update to latest mariadb version 2018-12-05 17:18:11 +01:00
Daniel Winzen
64163823a8 dnsmasq should only listen on lo interface 2018-12-05 07:59:46 +01:00
Daniel Winzen
fd95a4e2e3 v3 hidden service export to disk + hostname file is auto generated by tor 2018-12-04 21:48:45 +01:00
Daniel Winzen
c9cddc9f86 Username should be a prepared variable 2018-12-04 21:27:35 +01:00
Daniel Winzen
d0710d3d20 Merge pull request #37 from DanWin/revert-35-patch-1 
Revert " Disabling emulated parameters"
 2018-12-04 21:13:51 +01:00
Daniel Winzen
0fc4412404 Revert " Disabling emulated parameters" 2018-12-04 21:10:36 +01:00
Daniel Winzen
ba71455ca5 Introduce DEFAULT_PHP_VERSION 2018-12-04 20:48:08 +01:00
Daniel Winzen
4e163a7e2d Fixed syntax error 2018-12-04 15:26:24 +01:00
Daniel Winzen
c174251826 exim4 might interfere with postfix 2018-12-04 13:36:16 +01:00
Daniel Winzen
4f059e66f7 Droped php7.2 systemd.service files 2018-12-04 13:29:17 +01:00
Daniel Winzen
c651bb65c7 Add jounald.conf 2018-12-03 17:22:23 +01:00
Daniel Winzen
6ee51f3d7e removed stray mention of php7.2 2018-12-02 21:44:07 +01:00
Daniel Winzen
22066309d5 Add login.defs file 2018-12-02 21:41:31 +01:00
Daniel Winzen
363d1b31ad Debian sid dropped php7.2 support - move to 7.3 only 2018-12-02 21:17:11 +01:00
Daniel Winzen
2e0e69d605 We don't need apt repository translations 2018-12-02 19:31:26 +01:00
Daniel Winzen
2149bc9fd8 update paragonie/sodium_compat dependency 2018-12-02 10:45:51 +01:00
Daniel Winzen
7111fa3a65 Prevent httpoxy vulnerability in PHP applications 2018-11-29 20:56:39 +01:00
Daniel Winzen
921c43122c Merge pull request #35 from teikakki/patch-1 
Disabling emulated parameters
 2018-11-28 21:05:56 +01:00
teikakki
cf8a6cde80 emulated params 2018-11-28 14:30:36 +00:00
teikakki
1fc180752f emulated params 2018-11-28 14:30:22 +00:00
teikakki
4475e3b277 emulated params 2018-11-28 14:30:05 +00:00
teikakki
6ffd291f12 emulated params 2018-11-28 14:29:46 +00:00
teikakki
79774b5a1d emualted params 2018-11-28 14:29:27 +00:00
teikakki
b46d0c7ab0 emulated params 2018-11-28 14:29:13 +00:00
teikakki
01af3c367d emulated params 2018-11-28 14:28:49 +00:00
teikakki
7ab640ea4b emulated params 2018-11-28 14:28:36 +00:00
teikakki
5753ca2cee Disabling emulated parameters 
Emulated parameters can be vulnerable to SQL injection.
Take also a look here: https://stackoverflow.com/questions/134099/are-pdo-prepared-statements-sufficient-to-prevent-sql-injection
 2018-11-28 14:26:55 +00:00
Daniel Winzen
36fc7103cb Add hidden service v3 keygen and parser for base64 encoded secret keys 2018-11-25 14:36:28 +01:00
Daniel Winzen
f0afbe14c9 Add sodium_compat composer dependency for v3 hidden_services 2018-11-24 14:56:24 +01:00
Daniel Winzen
9de11a9722 Dropped PHP7.1 support and install composer 2018-11-24 10:38:59 +01:00
Daniel Winzen
910381fee2 Removed php7.0 setup instructions 2018-11-19 21:23:34 +01:00
Daniel Winzen
7d032f4955 Merge pull request #28 from jtesta/sshd_hardening 
Hardened SSH Service
 2018-11-19 21:20:43 +01:00
Joe Testa
e4e59782ca Disabled RSA host key type (because small keys are generated by default), as well as ECDSA (due to suspicions of NSA-compromised P-curves). Enabled only strong key exchange, cipher, and MAC algorithms. See https://www.sshaudit.com/ and https://github.com/arthepsy/ssh-audit. 2018-11-19 15:01:11 -05:00
Daniel Winzen
41b33f2c51 Drop PHP7.0 support 2018-11-18 20:50:35 +01:00
Daniel Winzen
db626a54a4 disable imap_open because of https://github.com/Bo0oM/PHP_imap_open_exploit 2018-11-17 10:15:15 +01:00
Daniel Winzen
f4ca23336b Add clamav virus scan to mails 2018-11-11 11:17:20 +01:00
Daniel Winzen
bb21f9f10b Reload disabled php versions since accounts can still be deleted 2018-10-28 09:31:00 +01:00
Daniel Winzen
5f3dfefa02 Drop now redundant config 2018-10-28 09:07:20 +01:00
Daniel Winzen
b69293ab6d Dynamic supported versions on frontpage 2018-10-28 09:01:31 +01:00
Daniel Winzen
58b5efb96c Added suspend hidden service feature + disabled php7.0 for new accounts 2018-10-28 08:48:30 +01:00
Daniel Winzen
1884f4b08b php is .ini not .conf 2018-10-26 19:14:29 +02:00
Daniel Winzen
9985ba4864 Add PHP7.3 support and let setup.php write initial config files 2018-10-24 19:59:02 +02:00
Daniel Winzen
d5d7078776 Allow editing hidden service options 2018-10-22 21:45:08 +02:00
Daniel Winzen
b80f30ac03 Ignore insecure 777 permissions set by users on logrotate 2018-10-21 10:44:23 +02:00