danwin1210/hosting
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
184 Commits 1 Branch 0 Tags
b1bf9eb42bedc14f6e20268433198ae4af5bf75d
Commit Graph

66 Commits

Author SHA1 Message Date
Daniel Winzen
b1bf9eb42b Merge pull request #43 from NoahvdAa/patch-4 
Made link clickable.
 2019-02-03 14:14:49 +01:00
Noah van der Aa
d53279a5f6 Fixed a typo, made a few sentences a bit nicer. 
I fixed a typo (corruptibly -> corruptible), and added a few words to the sentences.
 2019-01-29 18:46:26 +01:00
Noah van der Aa
86bb057688 Made link clickable. 
This PR will make the link to PHPMailer open in a new tab, so you don't have to copy+paste the link into your url bar.
(Just to save time)
 2019-01-29 18:41:33 +01:00
Daniel Winzen
c637c98510 Fixed typo in csrf token hidden input field 2019-01-28 05:48:41 +01:00
Daniel Winzen
4aa51f4371 Set default file manager path to /www/ 2019-01-27 17:41:24 +01:00
Daniel Winzen
9c5294e64e Add csrf tokens to all sensitive forms 2019-01-27 17:41:02 +01:00
Daniel Winzen
cf83b9901a Merge pull request #42 from NoahvdAa/patch-3 
Added CSRF protection to file manager.
 2019-01-27 16:22:20 +01:00
Daniel Winzen
7da6b8feed Install PHPMyAdmin locally as distributions ship outdated version 2019-01-26 16:48:38 +01:00
Noah van der Aa
6fc7ba7dae Merge pull request #1 from NoahvdAa/patch-4 
Added CSRF protection to file manager.
 2019-01-23 17:50:12 +01:00
Noah van der Aa
769a05b682 Added CSRF protection to file manager. 2019-01-23 17:48:54 +01:00
Noah van der Aa
bc4a8a4d7c Adding CSRF to file manager 2019-01-23 17:44:04 +01:00
Noah van der Aa
7f7b228df6 Fixed a small typo 
"Here a list of 588 public hosted sites (172 sites hidden):" -> "Here is a list of 588 public hosted sites (172 sites hidden):"
 2019-01-18 18:54:46 +01:00
Daniel Winzen
5eab397200 Randomise DB (user)names to reduce attack surface + allow multiple DBs per user 2019-01-07 22:26:33 +01:00
Daniel Winzen
c46a2584fa Add shell access and scp support 2019-01-06 18:20:02 +01:00
NoahvdAa
c306ea2518 Check-All checkmark fix 
Check-All checkmark now only appears when javascript is enabled.
 2019-01-04 14:19:04 +01:00
NoahvdAa
cdd2b5b9be Added the "select all" option to the file manager. 
#13
 2019-01-04 14:16:51 +01:00
NoahvdAa
ae2aa16f76 Fixed a typo 2019-01-04 09:57:00 +01:00
Daniel Winzen
6b6efc2fc6 Logs are stored outside chroot - don't check existence and let nginx handle it 2019-01-01 13:54:36 +01:00
Daniel Winzen
55bc8cd757 Introduce mysqld socket stream forwarding with nginx for chroot jails 2019-01-01 13:47:30 +01:00
Daniel Winzen
0f38bd2449 Improved privilege separation 2019-01-01 02:24:22 +01:00
Daniel Winzen
5cd13e9269 Introduced selection between v2, v3 and custom hidden service 2018-12-06 16:24:35 +01:00
Daniel Winzen
305c8bc0c3 Fix mariadb 10.3 compatibility by adding default values 2018-12-05 22:19:46 +01:00
Daniel Winzen
c9cddc9f86 Username should be a prepared variable 2018-12-04 21:27:35 +01:00
Daniel Winzen
0fc4412404 Revert " Disabling emulated parameters" 2018-12-04 21:10:36 +01:00
Daniel Winzen
ba71455ca5 Introduce DEFAULT_PHP_VERSION 2018-12-04 20:48:08 +01:00
teikakki
cf8a6cde80 emulated params 2018-11-28 14:30:36 +00:00
teikakki
1fc180752f emulated params 2018-11-28 14:30:22 +00:00
teikakki
4475e3b277 emulated params 2018-11-28 14:30:05 +00:00
teikakki
6ffd291f12 emulated params 2018-11-28 14:29:46 +00:00
teikakki
79774b5a1d emualted params 2018-11-28 14:29:27 +00:00
teikakki
b46d0c7ab0 emulated params 2018-11-28 14:29:13 +00:00
teikakki
01af3c367d emulated params 2018-11-28 14:28:49 +00:00
teikakki
7ab640ea4b emulated params 2018-11-28 14:28:36 +00:00
teikakki
5753ca2cee Disabling emulated parameters 
Emulated parameters can be vulnerable to SQL injection.
Take also a look here: https://stackoverflow.com/questions/134099/are-pdo-prepared-statements-sufficient-to-prevent-sql-injection
 2018-11-28 14:26:55 +00:00
Daniel Winzen
36fc7103cb Add hidden service v3 keygen and parser for base64 encoded secret keys 2018-11-25 14:36:28 +01:00
Daniel Winzen
b69293ab6d Dynamic supported versions on frontpage 2018-10-28 09:01:31 +01:00
Daniel Winzen
58b5efb96c Added suspend hidden service feature + disabled php7.0 for new accounts 2018-10-28 08:48:30 +01:00
Daniel Winzen
9985ba4864 Add PHP7.3 support and let setup.php write initial config files 2018-10-24 19:59:02 +02:00
Daniel Winzen
d5d7078776 Allow editing hidden service options 2018-10-22 21:45:08 +02:00
Daniel Winzen
d9e496930d Add HiddenServiceMaxStreams option and service_instances table 2018-10-20 20:44:10 +02:00
Daniel Winzen
2cee59dc6f Structure changes for future features 2018-10-20 18:20:27 +02:00
Daniel Winzen
1f2ff2176b Save DB information in separate table 2018-10-17 21:50:20 +02:00
Daniel Winzen
6eb068222c Refactor DB foreign keys to auto_incrementing id instead of onion 
Allows moving domains into separate table at a later stage
 2018-10-16 21:09:16 +02:00
Daniel Winzen
81c2364b7b Better load distribution on multiple relays 2018-09-23 20:09:04 +02:00
Daniel Winzen
acc8782043 Add privacy policy checkbox (required by GDPR) 2018-09-10 19:30:12 +02:00
Daniel Winzen
9eb5c2ae3c Show error message on login when account has not yet been created 2018-03-03 19:22:57 +01:00
Daniel Winzen
47b9b6e3a6 Fixed db query 2018-02-26 16:37:35 +01:00
Daniel Winzen
e8f8f42a24 Fix db query 2018-02-25 21:53:00 +01:00
Daniel Winzen
6b0759be73 Added admin panel + optional manual approval for new sites 2018-02-25 21:25:05 +01:00
Daniel Winzen
fa24bb61ec Added PHP 7.2 support + minor bugfixes and performance tweaks 
Note when applying this update you will have to update existing nginx vhosts to match new listening addresses (IPv6). Preferably you should update them to unix socket though and apply the changes to the tor hidden service config as well
 2018-02-10 22:10:07 +01:00