merecat
gixy
merecat | gixy | |
---|---|---|
2 | 9 | |
138 | 8,153 | |
- | 0.2% | |
0.0 | 4.3 | |
over 1 year ago | 4 months ago | |
C | Python | |
BSD 2-clause "Simplified" License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
merecat
gixy
- If is Evil when used in location context
- Gixy is a tool to prevent Nginx security misconfiguration
- GitHub - yandex/gixy: Nginx configuration static analyzer
- Gixy: Nginx Configuration Static Analyzer
-
Leaking Bitwarden's Vault with a Nginx vulnerability
https://github.com/yandex/gixy/blob/master/docs/en/plugins/a...
(and nixos automatically runs gixy on a configuration generated through it, so the system refuses to build <3)
-
Avoiding the Top Nginx Configuration Mistakes
* [alias_traversal] Path traversal via misconfigured alias
The alias traversal gotcha is one of the most pernicious I've seen. A single, seemingly innocuous '/' is the difference between a path traversal vulnerability or not.
[0]: https://github.com/yandex/gixy#what-it-can-do
-
2 of my servers got hacked last night around the same time.
not sure what is the exact reason but, nginx has vulnerability of of misconfigured ngnix.conf, I recommend using https://github.com/yandex/gixy and check if your nginx config files any sort of misconfig or not.
- GIXY – Nginx configuration static analyzer
- Common Nginx misconfigurations that leave your web server open to attack
What are some alternatives?
wolfssl - The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3!
Caddy - Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
ecapture - Capture SSL/TLS text content without a CA certificate using eBPF. This tool is compatible with Linux/Android x86_64/aarch64.
dist - Resources for packaging and distributing Caddy
caddy-ratelimit
phorklift - Phorklift is an HTTP server and proxy daemon, with clear, powerful and dynamic configuration.
materialize - Materialize, a web framework based on Material Design
tinypage - A tiny single-page http server.
manix - A fast CLI documentation searcher for Nix.
static-web-server - A cross-platform, high-performance and asynchronous web server for static files-serving. ⚡