|
|
7ab640ea4b
|
emulated params
|
2018-11-28 14:28:36 +00:00 |
|
|
|
5753ca2cee
|
Disabling emulated parameters
Emulated parameters can be vulnerable to SQL injection.
Take also a look here: https://stackoverflow.com/questions/134099/are-pdo-prepared-statements-sufficient-to-prevent-sql-injection
|
2018-11-28 14:26:55 +00:00 |
|
|
|
36fc7103cb
|
Add hidden service v3 keygen and parser for base64 encoded secret keys
|
2018-11-25 14:36:28 +01:00 |
|
|
|
f0afbe14c9
|
Add sodium_compat composer dependency for v3 hidden_services
|
2018-11-24 14:56:24 +01:00 |
|
|
|
9de11a9722
|
Dropped PHP7.1 support and install composer
|
2018-11-24 10:38:59 +01:00 |
|
|
|
910381fee2
|
Removed php7.0 setup instructions
|
2018-11-19 21:23:34 +01:00 |
|
|
|
7d032f4955
|
Merge pull request #28 from jtesta/sshd_hardening
Hardened SSH Service
|
2018-11-19 21:20:43 +01:00 |
|
|
|
e4e59782ca
|
Disabled RSA host key type (because small keys are generated by default), as well as ECDSA (due to suspicions of NSA-compromised P-curves). Enabled only strong key exchange, cipher, and MAC algorithms. See https://www.sshaudit.com/ and https://github.com/arthepsy/ssh-audit.
|
2018-11-19 15:01:11 -05:00 |
|
|
|
41b33f2c51
|
Drop PHP7.0 support
|
2018-11-18 20:50:35 +01:00 |
|
|
|
db626a54a4
|
disable imap_open because of https://github.com/Bo0oM/PHP_imap_open_exploit
|
2018-11-17 10:15:15 +01:00 |
|
|
|
f4ca23336b
|
Add clamav virus scan to mails
|
2018-11-11 11:17:20 +01:00 |
|
|
|
bb21f9f10b
|
Reload disabled php versions since accounts can still be deleted
|
2018-10-28 09:31:00 +01:00 |
|
|
|
5f3dfefa02
|
Drop now redundant config
|
2018-10-28 09:07:20 +01:00 |
|
|
|
b69293ab6d
|
Dynamic supported versions on frontpage
|
2018-10-28 09:01:31 +01:00 |
|
|
|
58b5efb96c
|
Added suspend hidden service feature + disabled php7.0 for new accounts
|
2018-10-28 08:48:30 +01:00 |
|
|
|
1884f4b08b
|
php is .ini not .conf
|
2018-10-26 19:14:29 +02:00 |
|
|
|
9985ba4864
|
Add PHP7.3 support and let setup.php write initial config files
|
2018-10-24 19:59:02 +02:00 |
|
|
|
d5d7078776
|
Allow editing hidden service options
|
2018-10-22 21:45:08 +02:00 |
|
|
|
b80f30ac03
|
Ignore insecure 777 permissions set by users on logrotate
|
2018-10-21 10:44:23 +02:00 |
|
|
|
cfb19915b5
|
Optimized find query to only search within each users tmp directory
|
2018-10-20 21:08:44 +02:00 |
|
|
|
d9e496930d
|
Add HiddenServiceMaxStreams option and service_instances table
|
2018-10-20 20:44:10 +02:00 |
|
|
|
2cee59dc6f
|
Structure changes for future features
|
2018-10-20 18:20:27 +02:00 |
|
|
|
96efd92ab1
|
bump dbversion
|
2018-10-17 21:51:20 +02:00 |
|
|
|
1f2ff2176b
|
Save DB information in separate table
|
2018-10-17 21:50:20 +02:00 |
|
|
|
6eb068222c
|
Refactor DB foreign keys to auto_incrementing id instead of onion
Allows moving domains into separate table at a later stage
|
2018-10-16 21:09:16 +02:00 |
|
|
|
81c2364b7b
|
Better load distribution on multiple relays
|
2018-09-23 20:09:04 +02:00 |
|
|
|
acc8782043
|
Add privacy policy checkbox (required by GDPR)
|
2018-09-10 19:30:12 +02:00 |
|
|
|
382ea73efb
|
Update firewall rules
|
2018-09-10 19:20:11 +02:00 |
|
|
|
2c634b889c
|
Add dnsmasq DNS caching and performance tune tor instances
|
2018-09-10 19:11:02 +02:00 |
|
|
|
156a66a3ff
|
Added missing php7.0-intl package
|
2018-09-10 19:06:51 +02:00 |
|
|
|
1d157473e6
|
Move account folder creation into cron.php
|
2018-07-14 10:41:44 +02:00 |
|
|
|
f43e699b91
|
chroot postfix
|
2018-06-18 20:24:00 +02:00 |
|
|
|
e6d798370f
|
secmail.pro dropped rewriting of .onion to .pro domain
|
2018-06-02 12:05:30 +02:00 |
|
|
|
943ca4b151
|
Enable fastcgi_cache
|
2018-05-15 20:45:49 +02:00 |
|
|
|
dda49153b3
|
Buffer access log writes to reduce IO
|
2018-05-13 09:04:12 +02:00 |
|
|
|
1a9ee646c6
|
Adapt firewall rule to new ftp ports
|
2018-05-06 09:57:24 +02:00 |
|
|
|
c6498ea1dc
|
Increase available ports for passive ftp
|
2018-05-05 14:10:01 +02:00 |
|
|
|
49a5b187b0
|
Increase buffer to get rid of errors on large response headers (e.g. cookies)
upstream sent too big header while reading response header
|
2018-04-22 15:07:00 +02:00 |
|
|
|
300cd647df
|
Increase limits and add putenv to disabled functions (vulerability)
Potential security vulnerability:
<?php
putenv("LD_PRELOAD=/home/site.onion/libtest.so");
mail("test@localhost","hacked","you");
|
2018-04-22 09:11:43 +02:00 |
|
|
|
c9487adb1a
|
MariaDB hit open_files_limit -> increase it
|
2018-03-12 06:47:18 +01:00 |
|
|
|
e6ac79457f
|
We have proper firewalling, fsockopen no longer needs to be disabled
|
2018-03-11 20:26:19 +01:00 |
|
|
|
b2fab1ec53
|
Fix /var/run/nginx not being created on nginx start
|
2018-03-11 20:17:14 +01:00 |
|
|
|
7bd2e79f06
|
Separate nginx sockets for each site to make hoster identification harder
|
2018-03-08 20:57:42 +01:00 |
|
|
|
9eb5c2ae3c
|
Show error message on login when account has not yet been created
|
2018-03-03 19:22:57 +01:00 |
|
|
|
47b9b6e3a6
|
Fixed db query
|
2018-02-26 16:37:35 +01:00 |
|
|
|
e8f8f42a24
|
Fix db query
|
2018-02-25 21:53:00 +01:00 |
|
|
|
463be89b09
|
bumped database layout version
|
2018-02-25 21:47:29 +01:00 |
|
|
|
6b0759be73
|
Added admin panel + optional manual approval for new sites
|
2018-02-25 21:25:05 +01:00 |
|
|
|
eca0c675cd
|
Added missing dovecot config to use home maildir
|
2018-02-11 19:53:10 +01:00 |
|
|
|
ea112b3389
|
Added missing authorized destinations for services also reachable via .onion
|
2018-02-11 17:36:50 +01:00 |
|
