Skip to content
/ ConfigMe Public

These python scripts aim to make Apache and Nginx Web Servers more secure by changing insecure default settings in your server's configuration files.

1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

imays11/ConfigMe

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits
ConfigMe-logo.png
ConfigMe-logo.png
 
 
README.md
README.md
 
 
apachme.py
apachme.py
 
 
ngfixme.py
ngfixme.py
 
 

Repository files navigation

ConfigMe - Web Server Configuration File Hardener

plot

These command line tools aim to harden Apache and Nginx Web Servers by replacing insecure default configurations with more secure settings.

Right now this suite supports Ubuntu/Debian users but as the project grows we intend to support more operating systems and other open-source web servers.

Best practices were based on the Center for Internet Security's Benchmark Configuration Guidelines found here: [https://www.cisecurity.org/cis-benchmarks/]

While these scripts are a good first step in hardening your server, we suggest you refer to the Benchmark Configuration Guides to further secure your system.

ApachMe

ApachMe is a user-friendly Python script that will harden the configuration settings of your default Apache web server.

Requirements:

- Sudo/Root permissions to write to configuration files
- Python3 and the following modules: os, colorama, time. 
- Apache Headers module which will need to be enabled after running the script.

Usage

ApachMe takes in your path to the directory hosting your configuration files as an argument. It is important that you do not include a specific configuration file in the path, instead you provide the directory that holds the configuration files as we will need to collect more than one file for your system. Your configuration files will likely be in /etc/apache2.

$ sudo python3 apachme.py --help            #display help menu

$ sudo python3 apachme.py /etc/apache2      #script will run and show output along the way

$ sudo a2enmod headers                      #enable Apache headers module

$ sudo systemctl restart apache2            #restart your Apache server

NgFixMe

NgFixMe is a user-friendly Python script that will harden the configuration settings of your default Nginx web server.

Requirements:

- Sudo/Root permissions to write to configuration files
- Python3 and the following modules: os, colorama, time.

Usage

NgFixMe takes in your path to the directory hosting your configuration files as an argument. It is important that you do not include a specific configuration file in the path, instead you provide the directory that holds the configuration file. Your configuration file will likely be in /etc/nginx.

$ sudo python3 ngfixme.py --help          #display help menu

$ sudo python3 ngfixme.py /etc/nginx      #script will run and show output along the way
 
$ sudo systemctl restart nginx            #restart your Nginx server

Authors

Isai Mays and Kathy Collins authored these scripts.

A demonstration of this project by its creators can be found here: https://youtu.be/UnFOf-56yTI

About

These python scripts aim to make Apache and Nginx Web Servers more secure by changing insecure default settings in your server's configuration files.

Topics

webserver configurations python-scripts hardener

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Languages