1 files changed, 0 insertions, 76 deletions
diff --git a/doc/md/Server-security.md b/doc/md/Server-security.md
deleted file mode 100644
index 700084e2..00000000
--- a/doc/md/Server-security.md
+++ /dev/null
@@ -1,76 +0,0 @@
-## php.ini
-PHP settings are defined in:
- a main configuration file, usually found under `/etc/php5/php.ini`; some distributions provide different configuration environments, e.g.
-    - `/etc/php5/php.ini` - used when running console scripts
-    - `/etc/php5/apache2/php.ini` - used when a client requests PHP resources from Apache
-    - `/etc/php5/php-fpm.conf` - used when PHP requests are proxied to PHP-FPM
- additional configuration files/entries, depending on the installed/enabled extensions:
-    - `/etc/php/conf.d/xdebug.ini`
-### Locate .ini files
-#### Console environment
-```bash
-$ php --ini
-Configuration File (php.ini) Path: /etc/php
-Loaded Configuration File:         /etc/php/php.ini
-Scan for additional .ini files in: /etc/php/conf.d
-Additional .ini files parsed:      /etc/php/conf.d/xdebug.ini
-```
-#### Server environment
- create a `phpinfo.php` script located in a path supported by the web server, e.g.
-    - Apache (with user dirs enabled): `/home/myself/public_html/phpinfo.php`
-    - `/var/www/test/phpinfo.php`
- make sure the script is readable by the web server user/group (usually, `www`, `www-data` or `httpd`)
- access the script from a web browser
- look at the _Loaded Configuration File_ and _Scan this dir for additional .ini files_ entries
-```php
-<?php phpinfo(); ?>
-```
-## fail2ban
-`fail2ban` is an intrusion prevention framework that reads server (Apache, SSH, etc.) and uses `iptables` profiles to block brute-force attempts:
- [Official website](http://www.fail2ban.org/wiki/index.php/Main_Page)
- [Source code](https://github.com/fail2ban/fail2ban)
-### Read Shaarli logs to ban IPs
-Example configuration:
- allow 3 login attempts per IP address
- after 3 failures, permanently ban the corresponding IP adddress
-`/etc/fail2ban/jail.local`
-```ini
-[shaarli-auth]
-enabled  = true
-port     = https,http
-filter   = shaarli-auth
-logpath  = /var/www/path/to/shaarli/data/log.txt
-maxretry = 3
-bantime = -1
-```
-`/etc/fail2ban/filter.d/shaarli-auth.conf`
-```ini
-[INCLUDES]
-before = common.conf
-[Definition]
-failregex = \s-\s<HOST>\s-\sLogin failed for user.*$
-ignoreregex = 
-```
-## Robots - Restricting search engines and web crawler traffic
-Creating a `robots.txt` with the following contents at the root of your Shaarli installation will prevent _honest_ web crawlers from indexing each and every link and Daily page from a Shaarli instance, thus getting rid of a certain amount of unsollicited network traffic.
-```
-User-agent: *
-Disallow: /
-```
-See:
- http://www.robotstxt.org
- http://www.robotstxt.org/robotstxt.html
- http://www.robotstxt.org/meta.html

diff --git a/doc/md/Server-security.md b/doc/md/Server-security.md deleted file mode 100644 index 700084e2..00000000 --- a/doc/md/Server-security.md +++ /dev/null
@@ -1,76 +0,0 @@
1	## php.ini
2	PHP settings are defined in:
3
4	- a main configuration file, usually found under `/etc/php5/php.ini`; some distributions provide different configuration environments, e.g.
5	- `/etc/php5/php.ini` - used when running console scripts
6	- `/etc/php5/apache2/php.ini` - used when a client requests PHP resources from Apache
7	- `/etc/php5/php-fpm.conf` - used when PHP requests are proxied to PHP-FPM
8	- additional configuration files/entries, depending on the installed/enabled extensions:
9	- `/etc/php/conf.d/xdebug.ini`
10
11	### Locate .ini files
12	#### Console environment
13	```bash
14	$ php --ini
15	Configuration File (php.ini) Path: /etc/php
16	Loaded Configuration File: /etc/php/php.ini
17	Scan for additional .ini files in: /etc/php/conf.d
18	Additional .ini files parsed: /etc/php/conf.d/xdebug.ini
19	```
20
21	#### Server environment
22	- create a `phpinfo.php` script located in a path supported by the web server, e.g.
23	- Apache (with user dirs enabled): `/home/myself/public_html/phpinfo.php`
24	- `/var/www/test/phpinfo.php`
25	- make sure the script is readable by the web server user/group (usually, `www`, `www-data` or `httpd`)
26	- access the script from a web browser
27	- look at the _Loaded Configuration File_ and _Scan this dir for additional .ini files_ entries
28	```php
29	<?php phpinfo(); ?>
30	```
31
32	## fail2ban
33	`fail2ban` is an intrusion prevention framework that reads server (Apache, SSH, etc.) and uses `iptables` profiles to block brute-force attempts:
34
35	- [Official website](http://www.fail2ban.org/wiki/index.php/Main_Page)
36	- [Source code](https://github.com/fail2ban/fail2ban)
37
38	### Read Shaarli logs to ban IPs
39	Example configuration:
40	- allow 3 login attempts per IP address
41	- after 3 failures, permanently ban the corresponding IP adddress
42
43	`/etc/fail2ban/jail.local`
44	```ini
45	[shaarli-auth]
46	enabled = true
47	port = https,http
48	filter = shaarli-auth
49	logpath = /var/www/path/to/shaarli/data/log.txt
50	maxretry = 3
51	bantime = -1
52	```
53
54	`/etc/fail2ban/filter.d/shaarli-auth.conf`
55	```ini
56	[INCLUDES]
57	before = common.conf
58	[Definition]
59	failregex = \s-\s<HOST>\s-\sLogin failed for user.*$
60	ignoreregex =
61	```
62
63	## Robots - Restricting search engines and web crawler traffic
64
65	Creating a `robots.txt` with the following contents at the root of your Shaarli installation will prevent _honest_ web crawlers from indexing each and every link and Daily page from a Shaarli instance, thus getting rid of a certain amount of unsollicited network traffic.
66
67	```
68	User-agent: *
69	Disallow: /
70	```
71
72	See:
73
74	- http://www.robotstxt.org
75	- http://www.robotstxt.org/robotstxt.html
76	- http://www.robotstxt.org/meta.html