Skip to content

Instantly share code, notes, and snippets.

View andybeak's full-sized avatar

Andy andybeak

10 followers · 0 following
View GitHub Profile
@andybeak
andybeak / iptables.sh
Last active April 2, 2020 22:57
Set up firewall for webserver behind a reverse proxy #book #course
#!/bin/bash
logger Configuring iptables
# Flush existing rules
sudo iptables -F
# Allow SSH from bastion server
sudo iptables -A INPUT -p tcp -s 172.31.23.163/32 --dport 22 -m conntrack --ctstate NEW,ESTABLISHED -j ACCEPT
sudo iptables -A OUTPUT -p tcp --sport 22 -m conntrack --ctstate ESTABLISHED -j ACCEPT
@andybeak
andybeak / go.sh
Last active April 27, 2020 09:49
Get AWS Ubuntu Linux VM ready for remote development #book #course
#!/bin/bash
sudo apt update && sudo apt upgrade -y
if ! lsb_release -r -s | grep -q '18.04'; then
echo "Please use Ubuntu 18.04 LTS";
exit;
fi
echo "---- Installing dependencies"
sudo apt-get install -y \
@andybeak
andybeak / index.php
Created November 12, 2019 09:57
Blog article on monolog to ELK #blog
<?php
require('../vendor/autoload.php');
use Monolog\Logger;
use Monolog\Handler\SocketHandler;
// create a log channel
$log = new Logger('elk');
@andybeak
andybeak / logout.php
Last active October 21, 2019 12:16
Log out a user using server-side sessions
<?php
// can't log out if the session isn't started
session_start();
// emptying the session data is useful if your script continues running after logging out
$_SESSION = [];
// set the cookie to expire immediately
if (ini_get("session.use_cookies")) {
$params = session_get_cookie_params();
setcookie(session_name(), '', time() - 42000,
$params["path"], $params["domain"],
@andybeak
andybeak / nginx_tls.conf
Last active December 3, 2020 17:26
Nginx TLS config #book
server {
listen 443 ssl;
server_name example.com;
ssl on;
# enable HSTS
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains;";
# prevent clickjacking
add_header X-Frame-Options "SAMEORIGIN";
@andybeak
andybeak / nginx.conf
Last active August 22, 2019 20:53
nginx cors allow origins #course #book
// See https://nginx.org/en/docs/http/ngx_http_map_module.html
// This sets the value of $cors_header depending on the value of $http_origin
map $http_origin $cors_header{
default "";
"~^(https:\/\/safedomain\.com)$" "$http_origin";
"~^(https:\/\/anotherdomain\.com)$" "$http_origin";
}
server {
listen 80;
@andybeak
andybeak / clamscan_upload.php
Last active March 22, 2022 09:09
Clamscan PHP uploads
<?php
// Answer from https://stackoverflow.com/questions/7648623/dynamically-running-clamavs-clamscan-on-file-uploads-with-php
$safe_path = escapeshellarg($_FILES['uploadedfile']['tmp_name']);
$command = 'clamscan ' . $safe_path;
$out = '';
$int = -1;
exec($command, $out, $int);
@andybeak
andybeak / docker-compose.yml
Created March 21, 2019 15:28
NomadPHP php speed comparison demo
version: '3'
services:
nginx:
image: nginx:1.13.1
container_name: nginx-proxy
ports:
- "80:80"
- "443:443"
volumes:
- conf:/etc/nginx/conf.d
@andybeak
andybeak / docker-compose.yml
Created March 14, 2019 08:31
Sonarqube in docker-compose with mysql
version: '3'
services:
sonarqube:
image: 'sonarqube:6.7.6-community'
restart: always
networks:
- sonarnet
ports:
- "10000:9000"
volumes:
@andybeak
andybeak / docker-compose.yml
Created March 13, 2019 16:53
Sonarqube in docker
version: '3'
services:
sonarqube:
image: 'sonarqube:6.7.6-community'
restart: always
networks:
- sonarnet
ports:
- "10000:9000"
volumes: