Veiote
Veiote
/ gist:51a59fb8d9dccc0162afae0e3354baec
Last active
November 16, 2024 09:59
NextCloud directive on ISPConfig with nGinx
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Custom php.ini settings | |
| memory_limit = 8G | |
| upload_max_filesize=15G | |
| post_max_size=15G | |
| max_execution_time = 3600 | |
| max_input_time = 3600 | |
| opcache.enable_cli=1 | |
| opcache.save_comments=1 | |
| opcache.revalidate_freq=60 |
Veiote
/ Brute Force Prevention
Created
January 28, 2019 11:06
Regras para bruteforce no Mikrotik (SSH, FTP, Telnet, Winbox)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /ip firewall filter add chain=input protocol=tcp dst-port=21 src-address-list=ftp_blacklist action=drop comment="Drop FTP brute forcers" disabled=no | |
| /ip firewall filter add chain=input protocol=tcp connection-state=established action=accept comment="Allow packets belonging to existing connections" disabled=no | |
| /ip firewall filter add chain=input connection-state=related action=accept comment="Allow packets related to existing connections" disabled=no | |
| /ip firewall filter add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=safe action=accept comment="Allow SSH safe hosts" disabled=no | |
| /ip firewall filter add chain=input protocol=tcp dst-port=22 src-address-list=ssh_blacklist action=drop comment="Drop SSH brute forcers" disabled=no | |
| /ip firewall filter add chain=input protocol=tcp dst-port=22 connection-state=new src-address-list=ssh_stage3 action=add-src-to-address-list address-list=ssh_blacklist address-list-timeout=10d comment="SSH brute forcers blacklisting" disabled=no | |
| /ip firewall |
Veiote
/ nginx.conf
Last active
August 29, 2015 14:27
— forked from plentz/nginx.conf
Best nginx configuration for improved security(and performance). Complete blog post here http://tautt.com/best-nginx-configuration-for-security/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # to generate your dhparam.pem file, run in the terminal | |
| openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048 |