{ "Misc":{ "id":"misc", "params":[ { "type":"text", "label":"Server name", "env":"SERVER_NAME", "regex":"^([a-z\\-0-9]+\\.?)+$", "id":"server-name", "default":"www.bunkerity.com" }, { "type":"text", "label":"Max client size", "env":"MAX_CLIENT_SIZE", "regex":"^[0-9]+(k|K|m|M|g|G)?$", "id":"max-client-size", "default":"10m" }, { "type":"text", "label":"Allowed methods", "env":"ALLOWED_METHODS", "regex":"^((GET|POST|HEAD|PUT|DELETE|CONNECT|OPTIONS|TRACE)\\|?)+$", "id":"allowed-methods", "default":"GET|POST|HEAD" }, { "type":"checkbox", "label":"Serve files", "env":"SERVE_FILES", "regex":"^(yes|no)$", "id":"serve-files", "default":"yes" } ] }, "Info leak":{ "id":"info-leak", "params":[ { "type":"text", "label":"Remove headers", "env":"REMOVE_HEADERS", "regex":"^([A-Za-z0-9\\-] ?)*$", "id":"remove-headers", "default":"Server X-Powered-By X-AspNet-Version X-AspNetMvc-Version" } ] }, "Basic auth":{ "id":"auth-basic", "params":[ { "type":"checkbox", "label":"Use auth basic", "env":"USE_AUTH_BASIC", "regex":"^(yes|no)$", "id":"use-auth-basic", "default":"no" }, { "type":"text", "label":"Auth basic location", "env":"AUTH_BASIC_LOCATION", "regex":"^(sitewide|/[A-Za-z0-9/]*)$", "id":"auth-basic-location", "default":"sitewide" }, { "type":"text", "label":"Auth basic user", "env":"AUTH_BASIC_USER", "regex":"^([A-Za-z0-9\\-_]+)$", "id":"auth-basic-user", "default":"changeme" }, { "type":"text", "label":"Auth basic password", "env":"AUTH_BASIC_PASSWORD", "regex":"^([\\S]+)$", "id":"auth-basic-password", "default":"changeme" }, { "type":"text", "label":"Auth basic text", "regex":"^([\\S ]+)$", "env":"AUTH_BASIC_TEXT", "id":"auth-basic-text", "default":"Restricted area" } ] }, "Reverse proxy":{ "id":"reverse-proxy", "params":[ { "type":"checkbox", "label":"Use reverse proxy", "env":"USE_REVERSE_PROXY", "regex":"^(yes|no)$", "id":"use-reverse-proxy", "default":"no" }, { "type":"multiple", "label":"Reverse proxy", "id":"reverse-proxy-params", "params":[ { "type":"text", "label":"Reverse proxy url", "env":"REVERSE_PROXY_URL", "regex":".*", "id":"reverse-proxy-url", "multiple":"Reverse proxy", "default":"" }, { "type":"text", "label":"Reverse proxy host", "env":"REVERSE_PROXY_HOST", "regex":".*", "id":"reverse-proxy-host", "multiple":"Reverse proxy", "default":"" }, { "type":"checkbox", "label":"Reverse proxy ws", "env":"REVERSE_PROXY_WS", "regex":"^(yes|no)$", "id":"reverse-proxy-ws", "multiple":"Reverse proxy", "default":"" }, { "type":"text", "label":"Reverse proxy custom headers", "env":"REVERSE_PROXY_HEADERS", "regex":".*", "id":"reverse-proxy-headers", "multiple":"Reverse proxy", "default":"" } ] }, { "type":"checkbox", "label":"Proxy real ip", "env":"PROXY_REAL_IP", "regex":"^(yes|no)$", "id":"proxy-real-ip", "default":"no" }, { "type":"text", "label":"Proxy real ip from", "env":"PROXY_REAL_IP_FROM", "regex":"^(\\d+.\\d+.\\d+.\\d+(/\\d+)? ?)*$", "id":"proxy-real-ip-from", "default":"192.168.0.0/16 172.16.0.0/12 10.0.0.0/8" }, { "type":"text", "label":"Proxy real ip header", "env":"PROXY_REAL_IP_HEADER", "regex":"^([A-Za-z0-9\\-])+$", "id":"proxy-real-ip-header", "default":"X-Forwarded-For" }, { "type":"text", "label":"Proxy real ip recursive", "env":"PROXY_REAL_IP_RECURSIVE", "regex":"^(on|off)$", "id":"proxy-real-ip-recursive", "default":"on" } ] }, "Compression":{ "id":"compression", "params":[ { "type":"checkbox", "label":"Use gzip", "env":"USE_GZIP", "regex":"^(yes|no)$", "id":"use-gzip", "default":"no" }, { "type":"text", "label":"Gzip comp level", "env":"GZIP_COMP_LEVEL", "regex":"^[1-9]$", "id":"gzip-comp-level", "default":"5" }, { "type":"text", "label":"Gzip min length", "env":"GZIP_MIN_LENGTH", "regex":"^[0-9]+$", "id":"gzip-min-length", "default":"1000" }, { "type":"text", "label":"Gzip types", "env":"GZIP_TYPES", "regex":"^([a-z/\\+\\-\\.] ?)*$", "id":"gzip-types", "default":"application/atom+xml application/javascript application/json application/rss+xml application/vnd.ms-fontobject application/x-font-opentype application/x-font-truetype application/x-font-ttf application/x-javascript application/xhtml+xml application/xml font/eot font/opentype font/otf font/truetype image/svg+xml image/vnd.microsoft.icon image/x-icon image/x-win-bitmap text/css text/javascript text/plain text/xml" }, { "type":"checkbox", "label":"Use brotli", "env":"USE_BROTLI", "regex":"^(yes|no)$", "id":"use-brotli", "default":"no" }, { "type":"text", "label":"Brotli comp level", "env":"BROTLI_COMP_LEVEL", "regex":"^[1-9]$", "id":"brotli-comp-level", "default":"6" }, { "type":"text", "label":"Brotli min length", "env":"BROTLI_MIN_LENGTH", "regex":"^[0-9]+$", "id":"brotli-min-length", "default":"1000" }, { "type":"text", "label":"Brotli types", "env":"BROTLI_TYPES", "regex":"^([a-z/\\+\\-\\.] ?)*$", "id":"brotli-types", "default":"application/atom+xml application/javascript application/json application/rss+xml application/vnd.ms-fontobject application/x-font-opentype application/x-font-truetype application/x-font-ttf application/x-javascript application/xhtml+xml application/xml font/eot font/opentype font/otf font/truetype image/svg+xml image/vnd.microsoft.icon image/x-icon image/x-win-bitmap text/css text/javascript text/plain text/xml" } ] }, "Cache":{ "id":"cache", "params":[ { "type":"checkbox", "label":"Use client cache", "env":"USE_CLIENT_CACHE", "regex":"^(yes|no)$", "id":"use-client-cache", "default":"no" }, { "type":"text", "label":"Client cache extensions", "env":"CLIENT_CACHE_EXTENSIONS", "regex":"^([a-z0-9]\\|?)*$", "id":"client-cache-extensions", "default":"jpg|jpeg|png|bmp|ico|svg|tif|css|js|otf|ttf|eot|woff|woff2" }, { "type":"text", "label":"Client cache control", "env":"CLIENT_CACHE_CONTROL", "regex":"^([\\S ]*)$", "id":"client-cache-control", "default":"public, max-age=15552000" }, { "type":"text", "label":"Client cache etag", "env":"CLIENT_CACHE_ETAG", "regex":"^(on|off)$", "id":"client-cache-etag", "default":"on" }, { "type":"checkbox", "label":"Use open file cache", "env":"USE_OPEN_FILE_CACHE", "regex":"^(yes|no)$", "id":"use-open-file-cache", "default":"no" }, { "type":"text", "label":"Open file cache", "env":"OPEN_FILE_CACHE", "regex":"^([\\S ]*)$", "id":"open-file-cache", "default":"max=1000 inactive=20s" }, { "type":"text", "label":"Open file cache errors", "env":"OPEN_FILE_CACHE_ERRORS", "regex":"^(on|off)$", "id":"open-file-cache-errors", "default":"on" }, { "type":"text", "label":"Open file cache min uses", "env":"OPEN_FILE_CACHE_MIN_USES", "regex":"^([1-9]+)$", "id":"open-file-cache-min-uses", "default":"2" }, { "type":"text", "label":"Open file cache valid", "env":"OPEN_FILE_CACHE_VALID", "regex":"^\\d+(ms|s|m|h|d|w|M|y)$", "id":"open-file-cache-valid", "default":"30s" }, { "type":"checkbox", "label":"Use proxy cache", "env":"USE_PROXY_CACHE", "regex":"^(yes|no)$", "id":"use-proxy-cache", "default":"no" }, { "type":"text", "label":"Proxy cache path zone size", "env":"PROXY_CACHE_PATH_ZONE_SIZE", "regex":"^[0-9]+(k|K|m|M|g|G)?$", "id":"proxy-cache-path-zone-size", "default":"10m" }, { "type":"text", "label":"Proxy cache path params", "env":"PROXY_CACHE_PATH_PARAMS", "regex":"^([\\S ]*)$", "id":"proxy-cache-path-params", "default":"max_size=100m" }, { "type":"text", "label":"Proxy cache methods", "env":"PROXY_CACHE_METHODS", "regex":"^((GET|POST|HEAD|PUT|DELETE|CONNECT|OPTIONS|TRACE) ?)+$", "id":"proxy-cache-methods", "default":"GET HEAD" }, { "type":"text", "label":"Proxy cache min uses", "env":"PROXY_CACHE_MIN_USES", "regex":"^([1-9]+)$", "id":"proxy-cache-min-uses", "default":"2" }, { "type":"text", "label":"Proxy cache key", "env":"PROXY_CACHE_KEY", "regex":"^([\\S ]*)$", "id":"proxy-cache-key", "default":"\\$scheme\\$host\\$request_uri" }, { "type":"text", "label":"Proxy cache valid", "env":"PROXY_CACHE_VALID", "regex":"^(\\d{3}=\\d+(ms|s|m|h|d|w|M|y) ?)+$", "id":"proxy-cache-valid", "default":"200=10m 301=10m 302=1h" }, { "type":"text", "label":"Proxy no cache", "env":"PROXY_NO_CACHE", "regex":"^([\\S ]*)$", "id":"proxy-no-cache", "default":"\\$http_authorization" }, { "type":"text", "label":"Proxy cache bypass", "env":"PROXY_CACHE_BYPASS", "regex":"^([\\S ]*)$", "id":"proxy-cache-bypass", "default":"\\$http_authorization" } ] }, "HTTPS":{ "id":"https", "params":[ { "type":"checkbox", "label":"Auto lets encrypt", "env":"AUTO_LETS_ENCRYPT", "regex":"^(yes|no)$", "id":"auto-lets-encrypt", "default":"no" }, { "type":"text", "label":"Email lets encrypt", "env":"EMAIL_LETS_ENCRYPT", "regex":"^([a-z0-9\\-\\.]+@([a-z\\-0-9]+\\.?)|.{0})$", "id":"email-lets-encrypt", "default":"" }, { "type":"checkbox", "label":"Redirect http to https", "env":"REDIRECT_HTTP_TO_HTTPS", "regex":"^(yes|no)$", "id":"redirect-http-to-https", "default":"no" }, { "type":"checkbox", "label":"HTTP2", "env":"HTTP2", "regex":"^(yes|no)$", "id":"http2", "default":"yes" }, { "type":"text", "label":"HTTPS protocols", "env":"HTTPS_PROTOCOLS", "regex":"^([\\S ]*)$", "id":"https-protocols", "default":"TLSv1.2 TLSv1.3" }, { "type":"checkbox", "label":"Listen http", "env":"LISTEN_HTTP", "regex":"^(yes|no)$", "id":"listen-http", "default":"yes" } ] }, "ModSecurity":{ "id":"modsecurity", "params":[ { "type":"checkbox", "label":"Use modsecurity", "env":"USE_MODSECURITY", "regex":"^(yes|no)$", "id":"use-modsecurity", "default":"yes" }, { "type":"checkbox", "label":"Use modsecurity crs", "env":"USE_MODSECURITY_CRS", "regex":"^(yes|no)$", "id":"use-modsecurity-crs", "default":"yes" } ] }, "Headers":{ "id":"headers", "params":[ { "type":"text", "label":"X frame options", "env":"X_FRAME_OPTIONS", "regex":"^([\\S ]*)$", "id":"x-frame-options", "default":"DENY" }, { "type":"text", "label":"X xss protection", "env":"X_XSS_PROTECTION", "regex":"^([\\S ]*)$", "id":"x-xss-protection", "default":"1; mode=block" }, { "type":"text", "label":"X content type options", "env":"X_CONTENT_TYPE_OPTIONS", "regex":"^([\\S ]*)$", "id":"x-content-type-options", "default":"nosniff" }, { "type":"text", "label":"Referrer policy", "env":"REFERRER_POLICY", "regex":"^([\\S ]*)$", "id":"referrer-policy", "default":"no-referrer" }, { "type":"text", "label":"Feature policy", "env":"FEATURE_POLICY", "regex":"^([\\S ]*)$", "id":"feature-policy", "default":"accelerometer 'none'; ambient-light-sensor 'none'; autoplay 'none'; camera 'none'; display-capture 'none'; document-domain 'none'; encrypted-media 'none'; fullscreen 'none'; geolocation 'none'; gyroscope 'none'; magnetometer 'none'; microphone 'none'; midi 'none'; payment 'none'; picture-in-picture 'none'; speaker 'none'; sync-xhr 'none'; usb 'none'; vibrate 'none'; vr 'none'" }, { "type":"text", "label":"Permissions policy", "env":"PERMISSIONS_POLICY", "regex":"^([\\S ]*)$", "id":"permissions-policy", "default":"accelerometer=(), ambient-light-sensor=(), autoplay=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), speaker=(), sync-xhr=(), usb=(), vibrate=(), vr=()" }, { "type":"text", "label":"Cookie flags", "env":"COOKIE_FLAGS", "regex":"^([\\S ]*)$", "id":"cookie-flags", "default":"* HttpOnly SameSite=Lax" }, { "type":"checkbox", "label":"Cookie auto secure flag", "env":"COOKIE_AUTO_SECURE_FLAG", "regex":"^(yes|no)$", "id":"cookie-auto-secure-flag", "default":"yes" }, { "type":"text", "label":"Strict transport security", "env":"STRICT_TRANSPORT_SECURITY", "regex":"^([\\S ]*)$", "id":"strict-transport-security", "default":"max-age=31536000" }, { "type":"text", "label":"Content security policy", "env":"CONTENT_SECURITY_POLICY", "regex":"^([\\S ]*)$", "id":"content-security-policy", "default":"object-src 'none'; frame-ancestors 'self'; form-action 'self'; block-all-mixed-content; sandbox allow-forms allow-same-origin allow-scripts allow-popups; base-uri 'self';" } ] }, "Antibot":{ "id":"Antibot", "params":[ { "type":"text", "label":"Use antibot", "env":"USE_ANTIBOT", "regex":"^(no|cookie|javascript|captcha|recaptcha)$", "id":"use-antibot", "default":"no" }, { "type":"text", "label":"Antibot uri", "env":"ANTIBOT_URI", "regex":"^/([A-Za-z0-9\\-]/?)*$", "id":"antibot-uri", "default":"/challenge" }, { "type":"text", "label":"Antibot session secret", "env":"ANTIBOT_SESSION_SECRET", "regex":"^([\\S]+)$", "id":"antibot-session-secret", "default":"random" }, { "type":"text", "label":"Antibot recaptcha score", "env":"ANTIBOT_RECAPTCHA_SCORE", "regex":"^0\\.\\d$", "id":"antibot-recaptcha-score", "default":"0.7" } ] }, "Block":{ "id":"block", "params":[ { "type":"checkbox", "label":"Block user agent", "env":"BLOCK_USER_AGENT", "regex":"^(yes|no)$", "id":"block-user-agent", "default":"yes" }, { "type":"checkbox", "label":"Block tor exit node", "env":"BLOCK_TOR_EXIT_NODE", "regex":"^(yes|no)$", "id":"block-tor-exit-node", "default":"yes" }, { "type":"checkbox", "label":"Block proxies", "env":"BLOCK_PROXIES", "regex":"^(yes|no)$", "id":"block-proxies", "default":"yes" }, { "type":"checkbox", "label":"Block abusers", "env":"BLOCK_ABUSERS", "regex":"^(yes|no)$", "id":"block-abusers", "default":"yes" }, { "type":"checkbox", "label":"Block referrer", "env":"BLOCK_REFERRER", "regex":"^(yes|no)$", "id":"block-referrer", "default":"yes" } ] }, "DNSBL":{ "id":"dnsbl", "params":[ { "type":"checkbox", "label":"Use dnsbl", "env":"USE_DNSBL", "regex":"^(yes|no)$", "id":"use-dnsbl", "default":"yes" } ] }, "CrowdSec":{ "id":"use-crowdsec", "params":[ { "type":"checkbox", "label":"Use crowdsec", "env":"USE_CROWDSEC", "regex":"^(yes|no)$", "id":"use-crowdsec", "default":"no" } ] }, "Whitelist":{ "id":"whitelist", "params":[ { "type":"checkbox", "label":"Use whitelist ip", "env":"USE_WHITELIST_IP", "regex":"^(yes|no)$", "id":"use-whitelist-ip", "default":"yes" }, { "type":"checkbox", "label":"Use whitelist reverse", "env":"USE_WHITELIST_REVERSE", "regex":"^(yes|no)$", "id":"use-whitelist-reverse", "default":"yes" }, { "type":"text", "label":"Whitelist country", "env":"WHITELIST_COUNTRY", "regex":"^([A-Z]{2} ?)*$", "id":"whitelist-country", "default":"" }, { "type":"text", "label":"Whitelist user agent", "env":"WHITELIST_USER_AGENT", "regex":".*", "id":"whitelist-user-agent", "default":"" } ] }, "Blacklist":{ "id":"blacklist", "params":[ { "type":"checkbox", "label":"Use blacklist ip", "env":"USE_BLACKLIST_IP", "regex":"^(yes|no)$", "id":"use-blacklist-ip", "default":"yes" }, { "type":"checkbox", "label":"Use blacklist reverse", "env":"USE_BLACKLIST_REVERSE", "regex":"^(yes|no)$", "id":"use-blacklist-reverse", "default":"yes" }, { "type":"text", "label":"Blacklist country", "env":"BLACKLIST_COUNTRY", "regex":"^([A-Z]{2} ?)*$", "id":"blacklist-country", "default":"" } ] }, "Limit conn":{ "id":"limit-conn", "params":[ { "type":"checkbox", "label":"Use limit conn", "env":"USE_LIMIT_CONN", "regex":"^(yes|no)$", "id":"use-limit-conn", "default":"yes" }, { "type":"text", "label":"Limit conn max", "env":"LIMIT_CONN_MAX", "regex":"^\\d+$", "id":"limit-conn-max", "default":"40" } ] }, "Limit req":{ "id":"limit-req", "params":[ { "type":"checkbox", "label":"Use limit req", "env":"USE_LIMIT_REQ", "regex":"^(yes|no)$", "id":"use-limit-req", "default":"yes" }, { "type":"text", "label":"Limit req rate", "env":"LIMIT_REQ_RATE", "regex":"^\\d+r/(ms|s|m|h|d)$", "id":"limit-req-rate", "default":"20r/s" }, { "type":"text", "label":"Limit req burst", "env":"LIMIT_REQ_BURST", "regex":"^\\d+$", "id":"limit-req-burst", "default":"40" } ] }, "PHP":{ "id":"php", "params":[ { "type":"text", "label":"Remote php", "env":"REMOTE_PHP", "regex":"^([a-z\\-0-9]+\\.?)*$", "id":"remote-php", "default":"" }, { "type":"text", "label":"Remote php path", "env":"REMOTE_PHP_PATH", "regex":"^/([A-Za-z0-9\\-]/?)*$", "id":"remote-php-path", "default":"/app" } ] }, "ClamAV":{ "id":"clamav", "params":[ { "type":"checkbox", "label":"Use clamav upload", "env":"USE_CLAMAV_UPLOAD", "regex":"^(yes|no)$", "id":"use-clamav-upload", "default":"yes" } ] } }