1 files changed, 417 insertions, 0 deletions
diff --git a/doc/html/Server-security/index.html b/doc/html/Server-security/index.html
new file mode 100644
index 00000000..6d9f25c0
--- /dev/null
+++ b/doc/html/Server-security/index.html
@@ -0,0 +1,417 @@
+<!DOCTYPE html>
+<!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]-->
+<!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]-->
+<head>
+  <meta charset="utf-8">
+  <meta http-equiv="X-UA-Compatible" content="IE=edge">
+  <meta name="viewport" content="width=device-width, initial-scale=1.0">
+  
+  
+  <link rel="shortcut icon" href="../img/favicon.ico">
+  <title>Server security - Shaarli Documentation</title>
+  <link href='https://fonts.googleapis.com/css?family=Lato:400,700|Roboto+Slab:400,700|Inconsolata:400,700' rel='stylesheet' type='text/css'>
+  <link rel="stylesheet" href="../css/theme.css" type="text/css" />
+  <link rel="stylesheet" href="../css/theme_extra.css" type="text/css" />
+  <link rel="stylesheet" href="../css/highlight.css">
+  <link href="../github-markdown.css" rel="stylesheet">
+  
+  <script>
+    // Current page data
+    var mkdocs_page_name = "Server security";
+    var mkdocs_page_input_path = "Server-security.md";
+    var mkdocs_page_url = "/Server-security/";
+  </script>
+  
+  <script src="../js/jquery-2.1.1.min.js"></script>
+  <script src="../js/modernizr-2.8.3.min.js"></script>
+  <script type="text/javascript" src="../js/highlight.pack.js"></script> 
+  
+</head>
+<body class="wy-body-for-nav" role="document">
+  <div class="wy-grid-for-nav">
+    
+    <nav data-toggle="wy-nav-shift" class="wy-nav-side stickynav">
+      <div class="wy-side-nav-search">
+        <a href=".." class="icon icon-home"> Shaarli Documentation</a>
+        <div role="search">
+  <form id ="rtd-search-form" class="wy-form" action="../search.html" method="get">
+    <input type="text" name="q" placeholder="Search docs" />
+  </form>
+</div>
+      </div>
+      <div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
+        <ul class="current">
+          
+          
+            <li class="toctree-l1">
+                
+    <a class="" href="..">Home</a>
+            </li>
+          
+            <li class="toctree-l1">
+                
+    <span class="caption-text">Setup</span>
+    <ul class="subnav">
+                <li class="">
+                    
+    <a class="" href="../Download-and-Installation/">Download and Installation</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Upgrade-and-migration/">Upgrade and migration</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Server-requirements/">Server requirements</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Server-configuration/">Server configuration</a>
+                </li>
+                <li class=" current">
+                    
+    <a class="current" href="./">Server security</a>
+    <ul class="subnav">
+            
+    <li class="toctree-l3"><a href="#phpini">php.ini</a></li>
+    
+        <ul>
+        
+            <li><a class="toctree-l4" href="#locate-ini-files">Locate .ini files</a></li>
+        
+        </ul>
+    
+    <li class="toctree-l3"><a href="#fail2ban">fail2ban</a></li>
+    
+        <ul>
+        
+            <li><a class="toctree-l4" href="#read-shaarli-logs-to-ban-ips">Read Shaarli logs to ban IPs</a></li>
+        
+        </ul>
+    
+    <li class="toctree-l3"><a href="#robots-restricting-search-engines-and-web-crawler-traffic">Robots - Restricting search engines and web crawler traffic</a></li>
+    
+    </ul>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Shaarli-configuration/">Shaarli configuration</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Plugins/">Plugins</a>
+                </li>
+    </ul>
+            </li>
+          
+            <li class="toctree-l1">
+                
+    <span class="caption-text">Docker</span>
+    <ul class="subnav">
+                <li class="">
+                    
+    <a class="" href="../Docker-101/">Docker 101</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Shaarli-images/">Shaarli images</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Reverse-proxy-configuration/">Reverse proxy configuration</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Docker-resources/">Docker resources</a>
+                </li>
+    </ul>
+            </li>
+          
+            <li class="toctree-l1">
+                
+    <span class="caption-text">Usage</span>
+    <ul class="subnav">
+                <li class="">
+                    
+    <a class="" href="../Features/">Features</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Bookmarklet/">Bookmarklet</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Browsing-and-searching/">Browsing and searching</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Firefox-share/">Firefox share</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../RSS-feeds/">RSS feeds</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../REST-API/">REST API</a>
+                </li>
+    </ul>
+            </li>
+          
+            <li class="toctree-l1">
+                
+    <span class="caption-text">How To</span>
+    <ul class="subnav">
+                <li class="">
+                    
+    <a class="" href="../Backup,-restore,-import-and-export/">Backup, restore, import and export</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Various-hacks/">Various hacks</a>
+                </li>
+    </ul>
+            </li>
+          
+            <li class="toctree-l1">
+                
+    <a class="" href="../Troubleshooting/">Troubleshooting</a>
+            </li>
+          
+            <li class="toctree-l1">
+                
+    <span class="caption-text">Development</span>
+    <ul class="subnav">
+                <li class="">
+                    
+    <a class="" href="../Development-guidelines/">Development guidelines</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Continuous-integration-tools/">Continuous integration tools</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../GnuPG-signature/">GnuPG signature</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Coding-guidelines/">Coding guidelines</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Directory-structure/">Directory structure</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../3rd-party-libraries/">3rd party libraries</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Plugin-System/">Plugin System</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Release-Shaarli/">Release Shaarli</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Versioning-and-Branches/">Versioning and Branches</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Security/">Security</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Static-analysis/">Static analysis</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Theming/">Theming</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Unit-tests/">Unit tests</a>
+                </li>
+    </ul>
+            </li>
+          
+            <li class="toctree-l1">
+                
+    <span class="caption-text">About</span>
+    <ul class="subnav">
+                <li class="">
+                    
+    <a class="" href="../FAQ/">FAQ</a>
+                </li>
+                <li class="">
+                    
+    <a class="" href="../Community-&-Related-software/">Community & Related software</a>
+                </li>
+    </ul>
+            </li>
+          
+        </ul>
+      </div>
+      &nbsp;
+    </nav>
+    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">
+      
+      <nav class="wy-nav-top" role="navigation" aria-label="top navigation">
+        <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
+        <a href="..">Shaarli Documentation</a>
+      </nav>
+      
+      <div class="wy-nav-content">
+        <div class="rst-content">
+          <div role="navigation" aria-label="breadcrumbs navigation">
+  <ul class="wy-breadcrumbs">
+    <li><a href="..">Docs</a> &raquo;</li>
+    
+      
+        
+          <li>Setup &raquo;</li>
+        
+      
+    
+    <li>Server security</li>
+    <li class="wy-breadcrumbs-aside">
+      
+        <a href="https://github.com/shaarli/Shaarli/edit/master/docs/Server-security.md"
+          class="icon icon-github"> Edit on GitHub</a>
+      
+    </li>
+  </ul>
+  <hr/>
+</div>
+          <div role="main">
+            <div class="section">
+              
+                <h2 id="phpini">php.ini</h2>
+<p>PHP settings are defined in:
+- a main configuration file, usually found under <code>/etc/php5/php.ini</code>; some distributions provide different configuration environments, e.g.
+    - <code>/etc/php5/php.ini</code> - used when running console scripts
+    - <code>/etc/php5/apache2/php.ini</code> - used when a client requests PHP resources from Apache
+    - <code>/etc/php5/php-fpm.conf</code> - used when PHP requests are proxied to PHP-FPM
+- additional configuration files/entries, depending on the installed/enabled extensions:
+    - <code>/etc/php/conf.d/xdebug.ini</code></p>
+<h3 id="locate-ini-files">Locate .ini files</h3>
+<h4 id="console-environment">Console environment</h4>
+<pre><code class="bash">$ php --ini
+Configuration File (php.ini) Path: /etc/php
+Loaded Configuration File:         /etc/php/php.ini
+Scan for additional .ini files in: /etc/php/conf.d
+Additional .ini files parsed:      /etc/php/conf.d/xdebug.ini
+</code></pre>
+<h4 id="server-environment">Server environment</h4>
+<ul>
+<li>create a <code>phpinfo.php</code> script located in a path supported by the web server, e.g.<ul>
+<li>Apache (with user dirs enabled): <code>/home/myself/public_html/phpinfo.php</code></li>
+<li><code>/var/www/test/phpinfo.php</code></li>
+</ul>
+</li>
+<li>make sure the script is readable by the web server user/group (usually, <code>www</code>, <code>www-data</code> or <code>httpd</code>)</li>
+<li>access the script from a web browser</li>
+<li>look at the <em>Loaded Configuration File</em> and <em>Scan this dir for additional .ini files</em> entries</li>
+</ul>
+<pre><code class="php">&lt;?php phpinfo(); ?&gt;
+</code></pre>
+<h2 id="fail2ban">fail2ban</h2>
+<p><code>fail2ban</code> is an intrusion prevention framework that reads server (Apache, SSH, etc.) and uses <code>iptables</code> profiles to block brute-force attempts:
+- <a href="http://www.fail2ban.org/wiki/index.php/Main_Page">Official website</a>
+- <a href="https://github.com/fail2ban/fail2ban">Source code</a></p>
+<h3 id="read-shaarli-logs-to-ban-ips">Read Shaarli logs to ban IPs</h3>
+<p>Example configuration:
+- allow 3 login attempts per IP address
+- after 3 failures, permanently ban the corresponding IP adddress</p>
+<p><code>/etc/fail2ban/jail.local</code></p>
+<pre><code class="ini">[shaarli-auth]
+enabled  = true
+port     = https,http
+filter   = shaarli-auth
+logpath  = /var/www/path/to/shaarli/data/log.txt
+maxretry = 3
+bantime = -1
+</code></pre>
+<p><code>/etc/fail2ban/filter.d/shaarli-auth.conf</code></p>
+<pre><code class="ini">[INCLUDES]
+before = common.conf
+[Definition]
+failregex = \s-\s&lt;HOST&gt;\s-\sLogin failed for user.*$
+ignoreregex = 
+</code></pre>
+<h2 id="robots-restricting-search-engines-and-web-crawler-traffic">Robots - Restricting search engines and web crawler traffic</h2>
+<p>Creating a <code>robots.txt</code> with the following contents at the root of your Shaarli installation will prevent <em>honest</em> web crawlers from indexing each and every link and Daily page from a Shaarli instance, thus getting rid of a certain amount of unsollicited network traffic.</p>
+<pre><code>User-agent: *
+Disallow: /
+</code></pre>
+<p>See:
+- http://www.robotstxt.org/
+- http://www.robotstxt.org/robotstxt.html
+- http://www.robotstxt.org/meta.html</p>
+              
+            </div>
+          </div>
+          <footer>
+  
+    <div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
+      
+        <a href="../Shaarli-configuration/" class="btn btn-neutral float-right" title="Shaarli configuration">Next <span class="icon icon-circle-arrow-right"></span></a>
+      
+      
+        <a href="../Server-configuration/" class="btn btn-neutral" title="Server configuration"><span class="icon icon-circle-arrow-left"></span> Previous</a>
+      
+    </div>
+  
+  <hr/>
+  <div role="contentinfo">
+    <!-- Copyright etc -->
+    
+  </div>
+  Built with <a href="http://www.mkdocs.org">MkDocs</a> using a <a href="https://github.com/snide/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>.
+</footer>
+          
+        </div>
+      </div>
+    </section>
+    
+  </div>
+  <div class="rst-versions" role="note" style="cursor: pointer">
+    <span class="rst-current-version" data-toggle="rst-current-version">
+      
+          <a href="https://github.com/shaarli/Shaarli" class="fa fa-github" style="float: left; color: #fcfcfc"> GitHub</a>
+      
+      
+        <span><a href="../Server-configuration/" style="color: #fcfcfc;">&laquo; Previous</a></span>
+      
+      
+        <span style="margin-left: 15px"><a href="../Shaarli-configuration/" style="color: #fcfcfc">Next &raquo;</a></span>
+      
+    </span>
+</div>
+    <script src="../js/theme.js"></script>
+</body>
+</html>

diff --git a/doc/html/Server-security/index.html b/doc/html/Server-security/index.html new file mode 100644 index 00000000..6d9f25c0 --- /dev/null +++ b/doc/html/Server-security/index.html
@@ -0,0 +1,417 @@
	1	<!DOCTYPE html>
	2	<!--[if IE 8]><html class="no-js lt-ie9" lang="en" > <![endif]-->
	3	<!--[if gt IE 8]><!--> <html class="no-js" lang="en" > <!--<![endif]-->
	4	<head>
	5	<meta charset="utf-8">
	6	<meta http-equiv="X-UA-Compatible" content="IE=edge">
	7	<meta name="viewport" content="width=device-width, initial-scale=1.0">
	8
	9
	10	<link rel="shortcut icon" href="../img/favicon.ico">
	11	<title>Server security - Shaarli Documentation</title>
	12	<link href='https://fonts.googleapis.com/css?family=Lato:400,700\|Roboto+Slab:400,700\|Inconsolata:400,700' rel='stylesheet' type='text/css'>
	13
	14	<link rel="stylesheet" href="../css/theme.css" type="text/css" />
	15	<link rel="stylesheet" href="../css/theme_extra.css" type="text/css" />
	16	<link rel="stylesheet" href="../css/highlight.css">
	17	<link href="../github-markdown.css" rel="stylesheet">
	18
	19	<script>
	20	// Current page data
	21	var mkdocs_page_name = "Server security";
	22	var mkdocs_page_input_path = "Server-security.md";
	23	var mkdocs_page_url = "/Server-security/";
	24	</script>
	25
	26	<script src="../js/jquery-2.1.1.min.js"></script>
	27	<script src="../js/modernizr-2.8.3.min.js"></script>
	28	<script type="text/javascript" src="../js/highlight.pack.js"></script>
	29
	30	</head>
	31
	32	<body class="wy-body-for-nav" role="document">
	33
	34	<div class="wy-grid-for-nav">
	35
	36
	37	<nav data-toggle="wy-nav-shift" class="wy-nav-side stickynav">
	38	<div class="wy-side-nav-search">
	39	<a href=".." class="icon icon-home"> Shaarli Documentation</a>
	40	<div role="search">
	41	<form id ="rtd-search-form" class="wy-form" action="../search.html" method="get">
	42	<input type="text" name="q" placeholder="Search docs" />
	43	</form>
	44	</div>
	45	</div>
	46
	47	<div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
	48	<ul class="current">
	49
	50
	51	<li class="toctree-l1">
	52
	53	<a class="" href="..">Home</a>
	54	</li>
	55
	56	<li class="toctree-l1">
	57
	58	<span class="caption-text">Setup</span>
	59	<ul class="subnav">
	60	<li class="">
	61
	62	<a class="" href="../Download-and-Installation/">Download and Installation</a>
	63	</li>
	64	<li class="">
	65
	66	<a class="" href="../Upgrade-and-migration/">Upgrade and migration</a>
	67	</li>
	68	<li class="">
	69
	70	<a class="" href="../Server-requirements/">Server requirements</a>
	71	</li>
	72	<li class="">
	73
	74	<a class="" href="../Server-configuration/">Server configuration</a>
	75	</li>
	76	<li class=" current">
	77
	78	<a class="current" href="./">Server security</a>
	79	<ul class="subnav">
	80
	81	<li class="toctree-l3"><a href="#phpini">php.ini</a></li>
	82
	83	<ul>
	84
	85	<li><a class="toctree-l4" href="#locate-ini-files">Locate .ini files</a></li>
	86
	87	</ul>
	88
	89
	90	<li class="toctree-l3"><a href="#fail2ban">fail2ban</a></li>
	91
	92	<ul>
	93
	94	<li><a class="toctree-l4" href="#read-shaarli-logs-to-ban-ips">Read Shaarli logs to ban IPs</a></li>
	95
	96	</ul>
	97
	98
	99	<li class="toctree-l3"><a href="#robots-restricting-search-engines-and-web-crawler-traffic">Robots - Restricting search engines and web crawler traffic</a></li>
	100
	101
	102	</ul>
	103	</li>
	104	<li class="">
	105
	106	<a class="" href="../Shaarli-configuration/">Shaarli configuration</a>
	107	</li>
	108	<li class="">
	109
	110	<a class="" href="../Plugins/">Plugins</a>
	111	</li>
	112	</ul>
	113	</li>
	114
	115	<li class="toctree-l1">
	116
	117	<span class="caption-text">Docker</span>
	118	<ul class="subnav">
	119	<li class="">
	120
	121	<a class="" href="../Docker-101/">Docker 101</a>
	122	</li>
	123	<li class="">
	124
	125	<a class="" href="../Shaarli-images/">Shaarli images</a>
	126	</li>
	127	<li class="">
	128
	129	<a class="" href="../Reverse-proxy-configuration/">Reverse proxy configuration</a>
	130	</li>
	131	<li class="">
	132
	133	<a class="" href="../Docker-resources/">Docker resources</a>
	134	</li>
	135	</ul>
	136	</li>
	137
	138	<li class="toctree-l1">
	139
	140	<span class="caption-text">Usage</span>
	141	<ul class="subnav">
	142	<li class="">
	143
	144	<a class="" href="../Features/">Features</a>
	145	</li>
	146	<li class="">
	147
	148	<a class="" href="../Bookmarklet/">Bookmarklet</a>
	149	</li>
	150	<li class="">
	151
	152	<a class="" href="../Browsing-and-searching/">Browsing and searching</a>
	153	</li>
	154	<li class="">
	155
	156	<a class="" href="../Firefox-share/">Firefox share</a>
	157	</li>
	158	<li class="">
	159
	160	<a class="" href="../RSS-feeds/">RSS feeds</a>
	161	</li>
	162	<li class="">
	163
	164	<a class="" href="../REST-API/">REST API</a>
	165	</li>
	166	</ul>
	167	</li>
	168
	169	<li class="toctree-l1">
	170
	171	<span class="caption-text">How To</span>
	172	<ul class="subnav">
	173	<li class="">
	174
	175	<a class="" href="../Backup,-restore,-import-and-export/">Backup, restore, import and export</a>
	176	</li>
	177	<li class="">
	178
	179	<a class="" href="../Various-hacks/">Various hacks</a>
	180	</li>
	181	</ul>
	182	</li>
	183
	184	<li class="toctree-l1">
	185
	186	<a class="" href="../Troubleshooting/">Troubleshooting</a>
	187	</li>
	188
	189	<li class="toctree-l1">
	190
	191	<span class="caption-text">Development</span>
	192	<ul class="subnav">
	193	<li class="">
	194
	195	<a class="" href="../Development-guidelines/">Development guidelines</a>
	196	</li>
	197	<li class="">
	198
	199	<a class="" href="../Continuous-integration-tools/">Continuous integration tools</a>
	200	</li>
	201	<li class="">
	202
	203	<a class="" href="../GnuPG-signature/">GnuPG signature</a>
	204	</li>
	205	<li class="">
	206
	207	<a class="" href="../Coding-guidelines/">Coding guidelines</a>
	208	</li>
	209	<li class="">
	210
	211	<a class="" href="../Directory-structure/">Directory structure</a>
	212	</li>
	213	<li class="">
	214
	215	<a class="" href="../3rd-party-libraries/">3rd party libraries</a>
	216	</li>
	217	<li class="">
	218
	219	<a class="" href="../Plugin-System/">Plugin System</a>
	220	</li>
	221	<li class="">
	222
	223	<a class="" href="../Release-Shaarli/">Release Shaarli</a>
	224	</li>
	225	<li class="">
	226
	227	<a class="" href="../Versioning-and-Branches/">Versioning and Branches</a>
	228	</li>
	229	<li class="">
	230
	231	<a class="" href="../Security/">Security</a>
	232	</li>
	233	<li class="">
	234
	235	<a class="" href="../Static-analysis/">Static analysis</a>
	236	</li>
	237	<li class="">
	238
	239	<a class="" href="../Theming/">Theming</a>
	240	</li>
	241	<li class="">
	242
	243	<a class="" href="../Unit-tests/">Unit tests</a>
	244	</li>
	245	</ul>
	246	</li>
	247
	248	<li class="toctree-l1">
	249
	250	<span class="caption-text">About</span>
	251	<ul class="subnav">
	252	<li class="">
	253
	254	<a class="" href="../FAQ/">FAQ</a>
	255	</li>
	256	<li class="">
	257
	258	<a class="" href="../Community-&-Related-software/">Community & Related software</a>
	259	</li>
	260	</ul>
	261	</li>
	262
	263	</ul>
	264	</div>
	265
	266	</nav>
	267
	268	<section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">
	269
	270
	271	<nav class="wy-nav-top" role="navigation" aria-label="top navigation">
	272	<i data-toggle="wy-nav-top" class="fa fa-bars"></i>
	273	<a href="..">Shaarli Documentation</a>
	274	</nav>
	275
	276
	277	<div class="wy-nav-content">
	278	<div class="rst-content">
	279	<div role="navigation" aria-label="breadcrumbs navigation">
	280	<ul class="wy-breadcrumbs">
	281	<li><a href="..">Docs</a> »</li>
	282
	283
	284
	285	<li>Setup »</li>
	286
	287
	288
	289	<li>Server security</li>
	290	<li class="wy-breadcrumbs-aside">
	291
	292	<a href="https://github.com/shaarli/Shaarli/edit/master/docs/Server-security.md"
	293	class="icon icon-github"> Edit on GitHub</a>
	294
	295	</li>
	296	</ul>
	297	<hr/>
	298	</div>
	299	<div role="main">
	300	<div class="section">
	301
	302	<h2 id="phpini">php.ini</h2>
	303	<p>PHP settings are defined in:
	304	- a main configuration file, usually found under <code>/etc/php5/php.ini</code>; some distributions provide different configuration environments, e.g.
	305	- <code>/etc/php5/php.ini</code> - used when running console scripts
	306	- <code>/etc/php5/apache2/php.ini</code> - used when a client requests PHP resources from Apache
	307	- <code>/etc/php5/php-fpm.conf</code> - used when PHP requests are proxied to PHP-FPM
	308	- additional configuration files/entries, depending on the installed/enabled extensions:
	309	- <code>/etc/php/conf.d/xdebug.ini</code></p>
	310	<h3 id="locate-ini-files">Locate .ini files</h3>
	311	<h4 id="console-environment">Console environment</h4>
	312	<pre><code class="bash">$ php --ini
	313	Configuration File (php.ini) Path: /etc/php
	314	Loaded Configuration File: /etc/php/php.ini
	315	Scan for additional .ini files in: /etc/php/conf.d
	316	Additional .ini files parsed: /etc/php/conf.d/xdebug.ini
	317	</code></pre>
	318
	319	<h4 id="server-environment">Server environment</h4>
	320	<ul>
	321	<li>create a <code>phpinfo.php</code> script located in a path supported by the web server, e.g.<ul>
	322	<li>Apache (with user dirs enabled): <code>/home/myself/public_html/phpinfo.php</code></li>
	323	<li><code>/var/www/test/phpinfo.php</code></li>
	324	</ul>
	325	</li>
	326	<li>make sure the script is readable by the web server user/group (usually, <code>www</code>, <code>www-data</code> or <code>httpd</code>)</li>
	327	<li>access the script from a web browser</li>
	328	<li>look at the <em>Loaded Configuration File</em> and <em>Scan this dir for additional .ini files</em> entries</li>
	329	</ul>
	330	<pre><code class="php"><?php phpinfo(); ?>
	331	</code></pre>
	332
	333	<h2 id="fail2ban">fail2ban</h2>
	334	<p><code>fail2ban</code> is an intrusion prevention framework that reads server (Apache, SSH, etc.) and uses <code>iptables</code> profiles to block brute-force attempts:
	335	- <a href="http://www.fail2ban.org/wiki/index.php/Main_Page">Official website</a>
	336	- <a href="https://github.com/fail2ban/fail2ban">Source code</a></p>
	337	<h3 id="read-shaarli-logs-to-ban-ips">Read Shaarli logs to ban IPs</h3>
	338	<p>Example configuration:
	339	- allow 3 login attempts per IP address
	340	- after 3 failures, permanently ban the corresponding IP adddress</p>
	341	<p><code>/etc/fail2ban/jail.local</code></p>
	342	<pre><code class="ini">[shaarli-auth]
	343	enabled = true
	344	port = https,http
	345	filter = shaarli-auth
	346	logpath = /var/www/path/to/shaarli/data/log.txt
	347	maxretry = 3
	348	bantime = -1
	349	</code></pre>
	350
	351	<p><code>/etc/fail2ban/filter.d/shaarli-auth.conf</code></p>
	352	<pre><code class="ini">[INCLUDES]
	353	before = common.conf
	354	[Definition]
	355	failregex = \s-\s<HOST>\s-\sLogin failed for user.*$
	356	ignoreregex =
	357	</code></pre>
	358
	359	<h2 id="robots-restricting-search-engines-and-web-crawler-traffic">Robots - Restricting search engines and web crawler traffic</h2>
	360	<p>Creating a <code>robots.txt</code> with the following contents at the root of your Shaarli installation will prevent <em>honest</em> web crawlers from indexing each and every link and Daily page from a Shaarli instance, thus getting rid of a certain amount of unsollicited network traffic.</p>
	361	<pre><code>User-agent: *
	362	Disallow: /
	363	</code></pre>
	364
	365	<p>See:
	366	- http://www.robotstxt.org/
	367	- http://www.robotstxt.org/robotstxt.html
	368	- http://www.robotstxt.org/meta.html</p>
	369
	370	</div>
	371	</div>
	372	<footer>
	373
	374	<div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
	375
	376	<a href="../Shaarli-configuration/" class="btn btn-neutral float-right" title="Shaarli configuration">Next <span class="icon icon-circle-arrow-right"></span></a>
	377
	378
	379	<a href="../Server-configuration/" class="btn btn-neutral" title="Server configuration"><span class="icon icon-circle-arrow-left"></span> Previous</a>
	380
	381	</div>
	382
	383
	384	<hr/>
	385
	386	<div role="contentinfo">
	387	<!-- Copyright etc -->
	388
	389	</div>
	390
	391	Built with <a href="http://www.mkdocs.org">MkDocs</a> using a <a href="https://github.com/snide/sphinx_rtd_theme">theme</a> provided by <a href="https://readthedocs.org">Read the Docs</a>.
	392	</footer>
	393
	394	</div>
	395	</div>
	396
	397	</section>
	398
	399	</div>
	400
	401	<div class="rst-versions" role="note" style="cursor: pointer">
	402	<span class="rst-current-version" data-toggle="rst-current-version">
	403
	404	<a href="https://github.com/shaarli/Shaarli" class="fa fa-github" style="float: left; color: #fcfcfc"> GitHub</a>
	405
	406
	407	<span><a href="../Server-configuration/" style="color: #fcfcfc;">« Previous</a></span>
	408
	409
	410	<span style="margin-left: 15px"><a href="../Shaarli-configuration/" style="color: #fcfcfc">Next »</a></span>
	411
	412	</span>
	413	</div>
	414	<script src="../js/theme.js"></script>
	415
	416	</body>
	417	</html>