Securing Lighttpd (Pi-Hole) [Debian Linux]

Опубликовано: 23 Август 2021
на канале: OsbornePro TV

1,617

Securing Lighttpd (Pi-Hole) [Debian Linux]
I (tobor), demonstrate some extra measures that can be taken to harden a lighttpd server. I demonstrate settings I have configured for a Pi-Hole running on Lighttpd. If you like what you see please subscribe!

CONFIG TEMPLATE FOR /etc/lighttpd/external.conf
https://github.com/OsbornePro/ConfigT...
https://github.com/OsbornePro/ConfigT...

Lighttpd Doc for generating a rejections list
https://redmine.lighttpd.net/projects...

Enable the Secure flag on PiHole (PHPv7.3)
/etc/php/7.3/cgi/php.ini
/etc/php/7.3/cli/php.ini
Set the below value
session.cookie_secure = on

Command to load the evasive module
ln -sf /etc/lighttpd/conf-available/10-evasive.conf /etc/lighttpd/conf-enabled/10-evasive.conf

0:00 Intro Summary
1:04 lighttpd.conf according to Pi-Hole
1:48 Loading Lighttpd Modules
2:58 Enable the Evasive module
4:35 Index File Names and URL Access Deny
5:31 SSL Cipher Suite and Order
6:27 Include other conf files
7:18 externalconf in conjection with Pi-Hole
7:48 Evasive Module Configuration Options
8:34 Testing out Evasive Module
11:35 Adding Secure Headers (HSTS)
12:17 Server Side XSS Protection
12:31 Click Jacking Protection
13:19 Can you hide the lighttpd version info???
14:05 Protecting Cookies with HttpOnly and Secure
15:16 Set Secure cookie flag for Pi-Hole (PHPv7.3)
16:22 SSL Settings
16:43 OCSP Stapling (Not available for Pi-Hole with Lighttpd yet)
17:32 Disable Client Re-negotiation
17:55 Diffie Hellman Key Settings
18:56 Use Strong TLS
19:45 Verify Strong TLS Usage
20:36 rejections.conf for Lighttd
21:00 Test Unwanted User-Agent blocking
21:33 Test Unwanted Referer blocking
22:01 Thanks for watching!

View my Verified Certifications!
https://www.credly.com/users/robertho...

Follow us on GitHub!
https://github.com/tobor88
https://github.com/OsbornePro

Official Site
https://osbornepro.com/

Give Respect on HackTheBox!
https://www.hackthebox.eu/profile/52286

Like us on Facebook!
/ osborneprollc

View PS Gallery Modules!
https://www.powershellgallery.com/pro...

The B.T.P.S. Security Package
https://btpssecpack.osbornepro.com/

Смотрите видео Securing Lighttpd (Pi-Hole) [Debian Linux] онлайн, длительностью часов минут секунд в хорошем качестве, которое загружено на канал OsbornePro TV 23 Август 2021. Делитесь ссылкой на видео в социальных сетях, чтобы ваши подписчики и друзья так же посмотрели это видео. Данный видеоклип посмотрели 1,617 раз и оно понравилось 25 посетителям.

980