Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Protect Pages #11

Open
lbussy opened this issue Apr 16, 2019 · 2 comments
Open

Protect Pages #11

lbussy opened this issue Apr 16, 2019 · 2 comments
Assignees
@lbussy
Labels
enhancement New feature or request Security Security related issues

Comments

@lbussy
Copy link
Member

lbussy commented Apr 16, 2019

People are gonna do what people do - need a way to try to protect the BrewPi pages in the case someone makes them available on a less than private network or (heavens forbid) on the Internet.
@lbussy lbussy added enhancement New feature or request Security Security related issues labels Apr 16, 2019
@lbussy
Copy link
Member Author

lbussy commented Apr 16, 2019

Some information on this page under the "BrewPi Advanced Setup Options" heading.

This was referenced Apr 16, 2019
Open
Open
@lbussy lbussy self-assigned this Jul 5, 2019
@lbussy
Copy link
Member Author

lbussy commented Jul 7, 2019

Along with .htaccess, we probably need to address:

  • Limit server tokens to ProductOnly
  • Restrict access by IP (local network) to sensitive pages
  • Protect against DoS with RequestReadTimeout header=10-20,MinRate=500 body=20,MinRate=500 in /etc/apache2/apache2.conf (defend against Slowloris)
  • Set up SSL/TLS with Let's Encrypt
  • Consider Mod Security
  • Consider fail2ban

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@lbussy lbussy

Labels
enhancement New feature or request Security Security related issues
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@lbussy