7111fa3a65
Prevent httpoxy vulnerability in PHP applications
2018-11-29 20:56:39 +01:00
9de11a9722
Dropped PHP7.1 support and install composer
2018-11-24 10:38:59 +01:00
e4e59782ca
Disabled RSA host key type (because small keys are generated by default), as well as ECDSA (due to suspicions of NSA-compromised P-curves). Enabled only strong key exchange, cipher, and MAC algorithms. See https://www.sshaudit.com/ and https://github.com/arthepsy/ssh-audit .
2018-11-19 15:01:11 -05:00
41b33f2c51
Drop PHP7.0 support
2018-11-18 20:50:35 +01:00
f4ca23336b
Add clamav virus scan to mails
2018-11-11 11:17:20 +01:00
5f3dfefa02
Drop now redundant config
2018-10-28 09:07:20 +01:00
9985ba4864
Add PHP7.3 support and let setup.php write initial config files
2018-10-24 19:59:02 +02:00
b80f30ac03
Ignore insecure 777 permissions set by users on logrotate
2018-10-21 10:44:23 +02:00
2cee59dc6f
Structure changes for future features
2018-10-20 18:20:27 +02:00
81c2364b7b
Better load distribution on multiple relays
2018-09-23 20:09:04 +02:00
382ea73efb
Update firewall rules
2018-09-10 19:20:11 +02:00
2c634b889c
Add dnsmasq DNS caching and performance tune tor instances
2018-09-10 19:11:02 +02:00
f43e699b91
chroot postfix
2018-06-18 20:24:00 +02:00
e6d798370f
secmail.pro dropped rewriting of .onion to .pro domain
2018-06-02 12:05:30 +02:00
943ca4b151
Enable fastcgi_cache
2018-05-15 20:45:49 +02:00
dda49153b3
Buffer access log writes to reduce IO
2018-05-13 09:04:12 +02:00
1a9ee646c6
Adapt firewall rule to new ftp ports
2018-05-06 09:57:24 +02:00
c6498ea1dc
Increase available ports for passive ftp
2018-05-05 14:10:01 +02:00
49a5b187b0
Increase buffer to get rid of errors on large response headers (e.g. cookies)
...
upstream sent too big header while reading response header
2018-04-22 15:07:00 +02:00
300cd647df
Increase limits and add putenv to disabled functions (vulerability)
...
Potential security vulnerability:
<?php
putenv("LD_PRELOAD=/home/site.onion/libtest.so");
mail("test@localhost","hacked","you");
2018-04-22 09:11:43 +02:00
c9487adb1a
MariaDB hit open_files_limit -> increase it
2018-03-12 06:47:18 +01:00
b2fab1ec53
Fix /var/run/nginx not being created on nginx start
2018-03-11 20:17:14 +01:00
7bd2e79f06
Separate nginx sockets for each site to make hoster identification harder
2018-03-08 20:57:42 +01:00
eca0c675cd
Added missing dovecot config to use home maildir
2018-02-11 19:53:10 +01:00
ea112b3389
Added missing authorized destinations for services also reachable via .onion
2018-02-11 17:36:50 +01:00
5163c7aa2b
Connect to unix socket for default site
2018-02-11 17:22:31 +01:00
fa24bb61ec
Added PHP 7.2 support + minor bugfixes and performance tweaks
...
Note when applying this update you will have to update existing nginx vhosts to match new listening addresses (IPv6). Preferably you should update them to unix socket though and apply the changes to the tor hidden service config as well
2018-02-10 22:10:07 +01:00
a9fd1b658c
Use X-Accel-Redirect in log.php output
2017-12-03 12:48:37 +01:00
99ccbdccfe
Updated tutorial for Ubuntu 16.04 LTS compatibility
2017-11-05 10:43:44 +01:00
8801d3ae0c
Increase PHP memory limit to 256M
2017-09-02 08:49:36 +02:00
e34ad9efd7
Allow browser caching of common ressources (js, css img, vid and audio)
2017-08-26 14:49:03 +02:00
2a95dfc748
Show hidden files in FTP
2017-08-06 13:19:51 +02:00
2cda288913
Increase upload limits
2017-08-06 10:57:56 +02:00
df22041c09
Added anonymail.tech rewrite rule
2017-08-03 17:47:27 +02:00
c85e5a9100
Added vfemail.net rewrite rule
2017-08-01 20:34:37 +02:00
d33b216a4f
Added secmail.pro rewrite rule
2017-08-01 20:20:07 +02:00
5c75d1b8b7
Added elude mail rewrite rule
2017-08-01 20:05:11 +02:00
8ff1ad5606
Log full request line
2017-07-25 10:20:30 +02:00
f162720cb6
Make log format compatible to combined format for analysis with tools
2017-07-23 14:27:38 +02:00
a328bbde2d
Added another torbox phishing clone
2017-07-11 22:21:43 +02:00
f8ef29ea2d
Easily switch between clearnet and non-clearnet postfix config
2017-06-24 14:46:30 +02:00
94ef1125e2
Remove deprecated option
2017-06-24 13:17:57 +02:00
eb2a96fbdc
Fix postfix setup instructions
2017-05-20 18:39:10 +02:00
65565b08f1
Remove non-required logrotate configurations
2017-05-20 17:55:26 +02:00
a568f49fce
Add torification of apt
2017-05-18 18:37:22 +02:00
c7d104a0da
Added another tor2web phishing clone
2017-05-10 18:56:40 +02:00
88f6fa2e88
Log tor to default syslog
2017-05-10 18:55:02 +02:00
3c8b8b8b56
Fix mail bouncing when rejected by clearnet relay
2017-05-09 21:14:50 +02:00
fa363efaec
Bugfixes
2017-05-06 18:29:19 +02:00
323db8e574
sender_login_map for anything@your.onion needs replacement (breaks receiving from other onions)
2017-05-01 18:28:22 +02:00
