mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-07-02 01:27:27 -04:00
continue working on installer
remove portainer remove wetty remove netdata add cockpit tweak fail2ban for cockpit, sshd, nginx update logo to 18.10 remove configs with regard to portainer, wetty, netdata adjust packages for install.sh, preseed
This commit is contained in:
41
docker/nginx/dist/conf/tpotweb.conf
vendored
41
docker/nginx/dist/conf/tpotweb.conf
vendored
@ -2,11 +2,6 @@
|
||||
### NGINX T-Pot configuration file by mo ###
|
||||
############################################
|
||||
|
||||
###################################
|
||||
### Allow for 60 reloads per minute
|
||||
###################################
|
||||
limit_req_zone $binary_remote_addr zone=base:1m rate=1r/s;
|
||||
|
||||
server {
|
||||
|
||||
#########################
|
||||
@ -39,16 +34,16 @@ server {
|
||||
ssl_prefer_server_ciphers on;
|
||||
ssl_session_cache shared:SSL:10m;
|
||||
|
||||
|
||||
|
||||
####################################
|
||||
### OWASP recommendations / settings
|
||||
####################################
|
||||
|
||||
### Size Limits & Buffer Overflows
|
||||
### the size may be configured based on the needs.
|
||||
client_body_buffer_size 100K;
|
||||
client_body_buffer_size 128k;
|
||||
client_header_buffer_size 1k;
|
||||
client_max_body_size 100k;
|
||||
client_max_body_size 256k;
|
||||
large_client_header_buffers 2 1k;
|
||||
|
||||
### Mitigate Slow HHTP DoS Attack
|
||||
@ -89,14 +84,6 @@ server {
|
||||
auth_basic_user_file /etc/nginx/nginxpasswd;
|
||||
|
||||
|
||||
##############################
|
||||
### Limit brute-force attempts
|
||||
##############################
|
||||
location = / {
|
||||
limit_req zone=base burst=1 nodelay;
|
||||
}
|
||||
|
||||
|
||||
#################
|
||||
### Proxied sites
|
||||
#################
|
||||
@ -119,27 +106,6 @@ server {
|
||||
rewrite /myhead/(.*)$ /$1 break;
|
||||
}
|
||||
|
||||
### portainer
|
||||
location /ui {
|
||||
proxy_pass http://127.0.0.1:64299;
|
||||
proxy_http_version 1.1;
|
||||
proxy_set_header Upgrade $http_upgrade;
|
||||
proxy_set_header Connection $http_connection;
|
||||
proxy_set_header Host $host;
|
||||
proxy_redirect off;
|
||||
rewrite /ui/(.*)$ /$1 break;
|
||||
}
|
||||
### web tty
|
||||
location /wetty {
|
||||
proxy_pass http://127.0.0.1:64300/wetty;
|
||||
}
|
||||
|
||||
### netdata
|
||||
location /netdata/ {
|
||||
proxy_pass http://localhost:64301;
|
||||
rewrite /netdata/(.*)$ /$1 break;
|
||||
}
|
||||
|
||||
### spiderfoot
|
||||
location /spiderfoot {
|
||||
proxy_pass http://127.0.0.1:64303;
|
||||
@ -156,4 +122,5 @@ server {
|
||||
location /scandelete {
|
||||
proxy_pass http://127.0.0.1:64303/spiderfoot/scandelete;
|
||||
}
|
||||
|
||||
}
|
||||
|
9
docker/nginx/dist/html/navbar.html
vendored
9
docker/nginx/dist/html/navbar.html
vendored
@ -10,12 +10,13 @@
|
||||
<body bgcolor="#E20074">
|
||||
<center>
|
||||
<a href="/tpotweb.html" target="_top" class="btn">Home</a>
|
||||
<a href="/kibana" target="main" class="btn">Kibana</a>
|
||||
<script language="JavaScript">
|
||||
document.write('<a href="' + window.location.protocol + '//' + window.location.hostname + ':64294' + '" target="_blank" class="btn">Cockpit</a> ' );
|
||||
</script>
|
||||
<a href="/myhead/" target="main" class="btn">ES Head</a>
|
||||
<a href="/netdata/" target="_blank" class="btn">Netdata</a>
|
||||
<a href="/kibana" target="main" class="btn">Kibana</a>
|
||||
<a href="/spiderfoot/" target="main" class="btn">Spiderfoot</a>
|
||||
<a href="/ui/" target="main" class="btn">Portainer</a>
|
||||
<a href="/wetty/" target="main" class="btn">WebTTY</a>
|
||||
</center>
|
||||
</body>
|
||||
</html>
|
||||
|
||||
|
Reference in New Issue
Block a user