Elgato_dark/bunkerweb
1
0
Fork 0
mirror of https://github.com/bunkerity/bunkerweb synced 2026-05-24 09:28:37 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Soft merge branch "ui" into branch "dev"

Browse source
This commit is contained in:
Théophile Diot 2023-12-13 09:52:21 +01:00
commit b08c533654
No known key found for this signature in database
GPG key ID: 248FEA4BAE400D06
8 changed files with 155 additions and 37 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

48
README.md
View file

@ -20,12 +20,12 @@
<p align="center">
🌐 <a href="https://www.bunkerweb.io/?utm_campaign=self&utm_source=github">Website</a>
&#124;
🤝 <a href="https://panel.bunkerweb.io/?utm_campaign=self&utm_source=github">Panel</a>
&#124;
📓 <a href="https://docs.bunkerweb.io/?utm_campaign=self&utm_source=github">Documentation</a>
&#124;
👨‍💻 <a href="https://demo.bunkerweb.io/?utm_campaign=self&utm_source=github">Demo</a>
&#124;
🤝 <a href="https://panel.bunkerweb.io/?utm_campaign=self&utm_source=github">Panel</a>
&#124;
🛡️ <a href="https://github.com/bunkerity/bunkerweb/raw/v1.5.4/examples">Examples</a>
&#124;
💬 <a href="https://discord.com/invite/fTf46FmtyD">Chat</a>
@ -63,16 +63,16 @@ BunkerWeb contains primary [security features](https://docs.bunkerweb.io/1.5.4/s
## Security features
Explore the impressive array of security features offered by BunkerWeb. While not exhaustive, here are some notable highlights:
A non-exhaustive list of security features :
- **HTTPS** support with transparent **Let's Encrypt** automation : Easily secure your web services with automated Let's Encrypt integration, ensuring encrypted communication between clients and your server.
- **State-of-the-art web security** : Benefit from cutting-edge web security measures, including comprehensive HTTP security headers, prevention of data leaks, and TLS hardening techniques.
- Integrated **ModSecurity WAF** with the **OWASP Core Rule Set** : Enjoy enhanced protection against web application attacks with the integration of ModSecurity, fortified by the renowned OWASP Core Rule Set.
- **Automatic ban** of strange behaviors based on HTTP status code : BunkerWeb intelligently identifies and blocks suspicious activities by automatically banning behaviors that trigger abnormal HTTP status codes.
- Apply **connections and requests limit** for clients : Set limits on the number of connections and requests from clients, preventing resource exhaustion and ensuring fair usage of server resources.
- **Block bots** with **challenge-based verification** : Keep malicious bots at bay by challenging them to solve puzzles such as cookies, JavaScript tests, captcha, hCaptcha, reCAPTCHA or Turnstile, effectively blocking unauthorized access.
- **Block known bad IPs** with external blacklists and DNSBL : Utilize external blacklists and DNS-based blackhole lists (DNSBL) to proactively block known malicious IP addresses, bolstering your defense against potential threats.
- **And much more...** : BunkerWeb is packed with a plethora of additional security features that go beyond this list, providing you with comprehensive protection and peace of mind.
- **HTTPS** support with transparent **Let's Encrypt** automation
- **State-of-the-art web security** : HTTP security headers, prevent leaks, TLS hardening, ...
- Integrated **ModSecurity WAF** with the **OWASP Core Rule Set**
- **Automatic ban** of strange behaviors based on HTTP status code
- Apply **connections and requests limit** for clients
- **Block bots** by asking them to solve a **challenge** (e.g. : cookie, javascript, captcha, hCaptcha or reCAPTCHA)
- **Block known bad IPs** with external blacklists and DNSBL
- And much more ...
Learn more about the core security features in the [security tuning](https://docs.bunkerweb.io/1.5.4/security-tuning/?utm_campaign=self&utm_source=github) section of the documentation.
@ -86,7 +86,7 @@ A demo website protected with BunkerWeb is available at [demo.bunkerweb.io](http
## Professional services
Get the most of BunkerWeb by getting professional services directly from the maintainers of the project. From technical support to tailored consulting and development, we are here to assist you in the security of your web services.
Maximize your BunkerWeb experience by getting professional services directly from the maintainers of the project. Whether you require technical support, personalized consulting, or development services, we stand ready to assist you in fortifying the security of your web services.
You will find more information by visiting the [BunkerWeb Panel](https://panel.bunkerweb.io/?utm_campaign=self&utm_source=github), our dedicated platform for professional services.
@ -233,10 +233,10 @@ You will find more information in the [Kubernetes section](https://docs.bunkerwe
List of supported Linux distros :
- Debian 12 "Bookworm"
- Debian 11 "Bullseye"
- Ubuntu 22.04 "Jammy"
- Fedora 39
- RHEL 8.9
- Fedora 38
- RHEL 8.7
Repositories of Linux packages for BunkerWeb are available on [PackageCloud](https://packagecloud.io/bunkerity/bunkerweb), they provide a bash script to automatically add and trust the repository (but you can also follow the [manual installation](https://packagecloud.io/bunkerity/bunkerweb/install) instructions if you prefer).
@ -250,10 +250,10 @@ You will find more information in the [Linux section](https://docs.bunkerweb.io/
List of supported Linux distros :
- Debian 12 "Bookworm"
- Debian 11 "Bullseye"
- Ubuntu 22.04 "Jammy"
- Fedora 39
- RHEL 8.9
- Fedora 38
- RHEL 8.7
[Ansible](https://www.ansible.com/) is an IT automation tool. It can configure systems, deploy software, and orchestrate more advanced IT tasks such as continuous deployments or zero downtime rolling updates.
@ -321,7 +321,7 @@ You will find more information in the [Web UI section](https://docs.bunkerweb.io
BunkerWeb comes with a plugin system to make it possible to easily add new features. Once a plugin is installed, you can manage it using additional settings defined by the plugin.
Here is the list of "official" plugins that we maintain (see the [bunkerweb-plugins](https://github.com/bunkerity/bunkerweb-plugins) repository for more information) :
Here is the list of "official" plugins that we maintain (see the [bunkerweb-plugins](https://github.com/bunkerity/bunkerweb-plugins/?utm_campaign=self&utm_source=github) repository for more information) :
| Name | Version | Description | Link |
| :------------: | :-----: | :------------------------------------------------------------------------------------------------------------------------------- | :-------------------------------------------------------------------------------------------------: |
@ -331,7 +331,7 @@ Here is the list of "official" plugins that we maintain (see the [bunkerweb-plug
| **Discord** | 1.2 | Send security notifications to a Discord channel using a Webhook. | [bunkerweb-plugins/discord](https://github.com/bunkerity/bunkerweb-plugins/tree/main/discord) |
| **Slack** | 1.2 | Send security notifications to a Slack channel using a Webhook. | [bunkerweb-plugins/slack](https://github.com/bunkerity/bunkerweb-plugins/tree/main/slack) |
| **VirusTotal** | 1.2 | Automatically scans uploaded files with the VirusTotal API and denies the request when a file is detected as malicious. | [bunkerweb-plugins/virustotal](https://github.com/bunkerity/bunkerweb-plugins/tree/main/virustotal) |
| **WebHook** | 1.2 | Send security notifications to a custom HTTP endpoint using a Webhook. | [bunkerweb-plugins/slack](https://github.com/bunkerity/bunkerweb-plugins/tree/main/webhook) |
| **WebHook** | 1.2 | Send security notifications to a custom HTTP endpoint using a Webhook. | [bunkerweb-plugins/slack](https://github.com/bunkerity/bunkerweb-plugins/tree/main/webhook) |
You will find more information in the [plugins section](https://docs.bunkerweb.io/1.5.4/plugins/?utm_campaign=self&utm_source=github) of the documentation.
@ -347,10 +347,10 @@ Don't hesitate to [contact us](https://panel.bunkerweb.io/contact.php?utm_campai
To get free community support you can use the following media :
* The #help channel of BunkerWeb in the [Discord server](https://discord.com/invite/fTf46FmtyD)
* The help category of [GitHub discussions](https://github.com/bunkerity/bunkerweb/discussions)
* The [/r/BunkerWeb](https://www.reddit.com/r/BunkerWeb) subreddit
* The [Server Fault](https://serverfault.com/) and [Super User](https://superuser.com/) forums
- The #help channel of BunkerWeb in the [Discord server](https://discord.com/invite/fTf46FmtyD)
- The help category of [GitHub discussions](https://github.com/bunkerity/bunkerweb/discussions)
- The [/r/BunkerWeb](https://www.reddit.com/r/BunkerWeb) subreddit
- The [Server Fault](https://serverfault.com/) and [Super User](https://superuser.com/) forums
Please don't use [GitHub issues](https://github.com/bunkerity/bunkerweb/issues) to ask for help, use it only for bug reports and feature requests.

64
src/ui/static/js/global.js
View file

@ -72,7 +72,7 @@ class News {
excerpt,
tags,
date,
lastUpdate,
lastUpdate
);
let cleanHTML = DOMPurify.sanitize(cardHTML);
//add to DOM
@ -191,7 +191,7 @@ class darkMode {
};
const send = await fetch(
`${location.href.split("/").slice(0, -1).join("/")}/darkmode`,
data,
data
);
}
}
@ -231,7 +231,7 @@ class FlashMsg {
flashEl.remove();
//update count
this.flashCount.textContent = document.querySelectorAll(
"[data-flash-message]",
"[data-flash-message]"
).length;
}
} catch (err) {}
@ -295,12 +295,64 @@ class Loader {
}
}
class Banner {
constructor() {
this.bannerEl = document.getElementById("banner");
this.bannerItems = this.bannerEl.querySelectorAll('[role="listitem"]');
this.nextDelay = 9000;
this.transDuration = 700;
this.init();
}
init() {
setInterval(() => {
// Get current visible
let visibleEl;
this.bannerItems.forEach((item) => {
if (item.getAttribute("aria-hidden") === "false") {
visibleEl = item;
}
});
// Get next one to show (next index or first one)
let nextEl =
this.bannerEl.querySelector(
`[role="listitem"][data-id="${
+visibleEl.getAttribute("data-id") + 1
}"]`
) || this.bannerEl.querySelector(`[role="listitem"][data-id="0"]`);
// Hide current one
visibleEl.classList.add("-left-full");
visibleEl.classList.remove("left-0");
visibleEl.setAttribute("aria-hidden", "true");
setTimeout(() => {
visibleEl.classList.remove("transition-all");
}, this.transDuration + 10);
setTimeout(() => {
visibleEl.classList.add("opacity-0");
}, this.transDuration + 20);
setTimeout(() => {
visibleEl.classList.remove("-left-full");
visibleEl.classList.add("left-full");
}, this.transDuration * 2);
// Show next one
nextEl.classList.remove("opacity-0");
nextEl.classList.add("transition-all");
nextEl.classList.add("left-0");
nextEl.classList.remove("left-full");
nextEl.setAttribute("aria-hidden", "false");
}, this.nextDelay);
}
}
const setLoader = new Loader();
const setMenu = new Menu();
const setNewsSidebar = new Sidebar(
"[data-sidebar-info]",
"[data-sidebar-info-open]",
"[data-sidebar-info-close]",
"[data-sidebar-info-close]"
);
const setCheckbox = new Checkbox();
@ -311,8 +363,10 @@ const setDisabledPop = new DisabledPop();
const setFlashSidebar = new Sidebar(
"[data-flash-sidebar]",
"[data-flash-sidebar-open]",
"[data-flash-sidebar-close]",
"[data-flash-sidebar-close]"
);
const setNews = new News();
const setDarkM = new darkMode();
const setFlash = new FlashMsg();
const setBanner = new Banner();

64
src/ui/templates/banner.html vendored Normal file
View file

@ -0,0 +1,64 @@
<div
id="banner"
tabindex="-1"
role="list"
class="relative flex justify-center z-50 gap-8 px-4 w-full"
>
<div
role="listitem"
aria-hidden="false"
data-id="0"
class="flex justify-center w-full left-0 transition-all duration-700 absolute dark:border-gray-700 md:px-4 py-6 dark:bg-gray-800 bg-gray-50 border border-b border-gray-200"
>
<p class="text-sm font-light text-gray-500 dark:text-gray-400">
Lorem ipsum dolor sit amet, consectetur adipisicing elit.
<a
class="font-medium underline text-primary-600 dark:text-primary-500 hover:no-underline"
href="#"
>
link
</a>
Illo beatae dicta voluptate aperiam facilis ducimus culpa ad repudiandae
error, autem molestiae quisquam aliquam rem sunt dolorum qui rerum maxime
corporis.
</p>
</div>
<div
role="listitem"
aria-hidden="true"
data-id="1"
class="left-full flex justify-center w-full transition-all duration-700 absolute dark:border-gray-700 md:px-4 py-6 dark:bg-gray-800 bg-gray-50 border border-b border-gray-200"
>
<p class="text-sm font-light text-gray-500 dark:text-gray-400">
Lorem ipsum dolor sit amet, consectetur adipisicing elit.
<a
class="font-medium underline text-primary-600 dark:text-primary-500 hover:no-underline"
href="#"
>
link
</a>
Illo beatae dicta voluptate aperiam facilis ducimus culpa ad repudiandae
error, autem molestiae quisquam aliquam rem sunt dolorum qui rerum maxime
corporis.
</p>
</div>
<div
role="listitem"
aria-hidden="true"
data-id="2"
class="left-full flex justify-center w-full transition-all duration-700 absolute dark:border-gray-700 md:px-4 py-6 dark:bg-gray-800 bg-gray-50 border border-b border-gray-200"
>
<p class="text-sm font-light text-gray-500 dark:text-gray-400">
Lorem ipsum dolor sit amet, consectetur adipisicing elit.
<a
class="font-medium underline text-primary-600 dark:text-primary-500 hover:no-underline"
href="#"
>
link
</a>
Illo beatae dicta voluptate aperiam facilis ducimus culpa ad repudiandae
error, autem molestiae quisquam aliquam rem sunt dolorum qui rerum maxime
corporis.
</p>
</div>
</div>

4
src/ui/templates/base.html vendored
View file

@ -16,13 +16,13 @@
<img
data-loader-img
src="images/logo-menu-2.png"
class="-translate-x-1.5 lg:-transalte-x-3 duration-300 w-50 h-14 md:w-60 md:h-16 lg:w-80 lg:h-24 inline transition-all"
class="-translate-x-1.5 duration-300 w-50 h-14 md:w-60 md:h-16 lg:w-80 lg:h-24 inline transition-all"
alt="main logo"
/>
</div>
{% include "menu.html" %} {% include "news.html" %} {% include "flashs.html"
%}
%} {% include "banner.html" %}
<div
class="w-full relative h-full max-h-screen transition-all duration-200 ease-in-out xl:ml-68 rounded-xl"
>

6
src/ui/templates/footer.html vendored
View file

@ -21,7 +21,7 @@
>
<li class="nav-item">
<a
href="https://www.bunkerweb.io"
href="https://www.bunkerweb.io/?utm_campaign=self&utm_source=ui"
class="hover:italic hover:brightness-90 block sm:px-4 pt-1 pb-0 lg:pb-1 text-sm tracking-wide font-normal transition duration-300 ease-in-out text-white dark:text-white"
target="_blank"
>Bunkerweb</a
@ -29,7 +29,7 @@
</li>
<li class="nav-item">
<a
href="https://docs.bunkerweb.io"
href="https://docs.bunkerweb.io/?utm_campaign=self&utm_source=ui"
class="hover:italic hover:brightness-90 block sm:px-4 pt-1 pb-0 lg:pb-1 text-sm tracking-wide font-normal transition duration-300 ease-in-out text-white dark:text-white"
target="_blank"
>Docs</a
@ -45,7 +45,7 @@
</li>
<li class="nav-item">
<a
href="https://www.bunkerity.com/fr/blog/"
href="https://www.bunkerity.com/fr/blog/?utm_campaign=self&utm_source=ui"
class="hover:italic hover:brightness-90 block sm:px-4 pt-1 pb-0 lg:pb-1 text-sm tracking-wide font-normal transition duration-300 ease-in-out text-white dark:text-white"
target="_blank"
>Blog</a

2
src/ui/templates/menu.html vendored
View file

@ -384,7 +384,7 @@
<a
class="leading-8 font-bold hover:brightness-75"
target="_blank"
href="https://docs.bunkerweb.io/1.4/plugins/#writing-a-plugin"
href="https://docs.bunkerweb.io/1.5.4/plugins/#writing-a-plugin?utm_campaign=self&utm_source=ui"
>check doc</a
>
</h6>

2
src/ui/templates/navbar.html vendored
View file

@ -8,7 +8,7 @@
<nav class="navbar navbar-expand-xl navbar-light">
<a
class="navbar-brand"
href="https://www.bunkerweb.io"
href="https://www.bunkerweb.io/?utm_campaign=self&utm_source=ui"
target="_blank"
><img
src="images/BUNKERWEB-print-hd-blanc.png"

2
src/ui/templates/news.html vendored
View file

@ -117,7 +117,7 @@
I've read and agree to the
<a
class="italic"
href="https://www.bunkerity.com/privacy-policy/"
href="https://www.bunkerity.com/privacy-policy/?utm_campaign=self&utm_source=ui"
target="_blank"
>privacy policy</a
>