gixy
vaultwarden
| gixy | vaultwarden | |
|---|---|---|
| 9 | 489 | |
| 8,153 | 33,195 | |
| 0.2% | - | |
| 4.3 | 8.8 | |
| 4 months ago | 1 day ago | |
| Python | Rust | |
| GNU General Public License v3.0 or later | GNU Affero General Public License v3.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
gixy
- If is Evil when used in location context
- Gixy is a tool to prevent Nginx security misconfiguration
- GitHub - yandex/gixy: Nginx configuration static analyzer
- Gixy: Nginx Configuration Static Analyzer
-
Leaking Bitwarden's Vault with a Nginx vulnerability
https://github.com/yandex/gixy/blob/master/docs/en/plugins/a...
(and nixos automatically runs gixy on a configuration generated through it, so the system refuses to build <3)
-
Avoiding the Top Nginx Configuration Mistakes
* [alias_traversal] Path traversal via misconfigured alias
The alias traversal gotcha is one of the most pernicious I've seen. A single, seemingly innocuous '/' is the difference between a path traversal vulnerability or not.
[0]: https://github.com/yandex/gixy#what-it-can-do
-
2 of my servers got hacked last night around the same time.
not sure what is the exact reason but, nginx has vulnerability of of misconfigured ngnix.conf, I recommend using https://github.com/yandex/gixy and check if your nginx config files any sort of misconfig or not.
- GIXY – Nginx configuration static analyzer
- Common Nginx misconfigurations that leave your web server open to attack
vaultwarden
-
Bitwarden
To people who want to self-host this, look at Vaultwarden which is a fully compatible alternate server with even more features:
https://github.com/dani-garcia/vaultwarden
Been running it for a year with 0 issues.
- Vaultwarden issue on sysnology
-
What program(s) do you use to remember passwords, including crypto?
For passwords and 2FA I use Bitwarden in combination with a self-hosted Vaultwarden service (for imcreased security and use of pro features for free).
- Comment gérez-vous vos mots de passe ?
-
List of your reverse proxied services
Vaultwarden as Password-Safe
-
Open Source: An Antidote to Closed Source Vulnerability
I have a lot of software that I host myself on my home server, partly to save money but also because I want to control my own data. For example, I host VaultWarden which is the open source server for BitWarden. This gives me all the premium features for free with the added bonus of keeping my passwords out of the cloud.
- Vaultwarden 1.30.0 released with passkey support
- Vaultwarden: Unofficial Bitwarden Compatible Server
-
Bitwarden: Free, open-source password manager
Self hosting is incredibly easy with vaultwarden (https://github.com/dani-garcia/vaultwarden)
-
Your privacy is optional
I have now switched to using the BitWarden app with the self-hosted VaultWarden server. I have set it up, so my passwords are only accessible when connected to my home network either physically or with a VPN (I am using tailscale for this).
What are some alternatives?
Caddy - Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
Bitwarden - The core infrastructure backend (API, database, Docker, etc).
dist - Resources for packaging and distributing Caddy
Passbolt - Passbolt Community Edition (CE) API. The JSON API for the open source password manager for teams!
caddy-ratelimit
Nginx Proxy Manager - Docker container for managing Nginx proxy hosts with a simple, powerful interface
materialize - Materialize, a web framework based on Material Design
keepassxc - KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
manix - A fast CLI documentation searcher for Nix.
authelia - The Single Sign-On Multi-Factor portal for web apps
static-web-server - A cross-platform, high-performance and asynchronous web server for static files-serving. ⚡
Nextcloud - ☁️ Nextcloud server, a safe home for all your data