Skip to content

Installation Instructions

Michael Hardy edited this page May 13, 2017 · 6 revisions

Installing the Required Packages

Debian and Ubuntu

Simply run setup.sh

bash setup.sh

Other Linux Distributions

  1. Install python-virtualenv, mongodb, and nginx with your package manager (e.g. pacman or yum)
  2. Setup virtualenv:
virtualenv venv -p python3
source venv/bin/activate
pip install --upgrade pip
pip install -r requirements.txt

Configuring

Nginx

  1. Copy static/ from the project to /var/www
  2. Modify /etc/nginx/nginx.conf to serve the static files from /static and proxy to a Tornado server for other pages.
    An example nginx.conf is supplied below for those who do not need to customize the installation.
# Modified Nginx config file for Tornado applications
# Based on: http://www.tornadoweb.org/en/stable/guide/running.html
user www-data;
worker_processes auto;
pid /run/nginx.pid;

events {
	worker_connections 768;
	# multi_accept on;
}

http {
	# Enumerate all the Tornado servers here
	upstream frontends {
		server 127.0.0.1:8080;
	}
	

	server {
		listen 80;
		# Allow file uploads
		client_max_body_size 50M;

		location ^~ /static/ {
			root /var/www;
			if ($query_string) {
				expires max;
			}
		}
		location = /favicon.ico {
			rewrite (.*) /static/favicon.ico;
		}
		location = /robots.txt {
			rewrite (.*) /static/robots.txt;
		}

		location / {
			proxy_pass_header Server;
			proxy_set_header Host $http_host;
			proxy_redirect off;
			proxy_set_header X-Real-IP $remote_addr;
			proxy_set_header X-Scheme $scheme;
			proxy_pass http://localhost:8080;
		}
	}

	##
	# Basic Settings
	##

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 65;
	types_hash_max_size 2048;
	# server_tokens off;

	# server_names_hash_bucket_size 64;
	# server_name_in_redirect off;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	##
	# SSL Settings
	##

	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
	ssl_prefer_server_ciphers on;

	##
	# Logging Settings
	##

	access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log;

	##
	# Gzip Settings
	##

	gzip on;
	gzip_disable "msie6";

	gzip_vary on;
	gzip_proxied any;
	gzip_comp_level 6;
	gzip_buffers 16 8k;
	gzip_http_version 1.1;
	gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

	##
	# Virtual Host Configs
	##

#	include /etc/nginx/conf.d/*.conf;
#	include /etc/nginx/sites-enabled/*;
}

Mongo DB

To setup the database run the two commands provided bellow and follow the onscreen instructions.

source venv/bin/activate
python setup.py

Integration with Your Site:

In order for this system to help secure your site you will have to add my verification system to the software running your site. This can be done by embedding the data collection scripts on your site and setting your server software up to make a set of API calls to verify the data. The API documentation can be found here.

When adding the API calls please make sure of the following:

  1. Your site registration page has the data collection scripts embedded and when a user is registered /api/reg_usr is called.
  2. Your server calls /api/get_trust before sensitive pages are loaded and the pages preceding them have the collection script embedded.
  3. You have a device registration page that calls /api/val_usr.
You can’t perform that action at this time.