Universite/tp
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Wordpress

Browse Source
This commit is contained in:
Emmanuel Medina
2025-12-02 12:03:33 +01:00
parent ad2526467e
commit fbf80bc0ba
5 changed files with 82 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@@ -2,10 +2,10 @@
### Linux ### Linux
- [Installer Debian 13](debian13.md) - [Installer Debian 13](debian13/debian13.md)
- [Installer Raspberry Pi OS](debian13.md#raspberry) - [Installer Raspberry Pi OS](debian13/debian13.md#raspberry)
- [Configurer l'accès à distance](ssh.md) - [Configurer l'accès à distance](ssh.md)
- [Administrer les paquets logiciels](package.md) - [Administrer les paquets logiciels](debian13/package.md)
#### [Reverse Proxy](reverse_proxy.md) #### [Reverse Proxy](reverse_proxy.md)

4
debian13.md → debian13/debian13.md
View File

@@ -8,7 +8,7 @@ Advanced options ...
... Expert install ... Expert install
![Debian GNU/Linux UEFI Installer menu](debian13/installer_menu.webp) ![Debian GNU/Linux UEFI Installer menu](installer_menu.webp)
### Debian installer main menu ### Debian installer main menu
@@ -22,7 +22,7 @@ Advanced options ...
- Paramètres régionaux supplémentaires : - Paramètres régionaux supplémentaires :
- Ne rien sélectionner (Continuer) - Ne rien sélectionner (Continuer)
![Choose language](debian13/choose_language.webp) ![Choose language](choose_language.webp)
### Menu princinpal du programme d'installation Debian ### Menu princinpal du programme d'installation Debian

0
package.md → debian13/package.md
View File

101
security/reaction.md
View File

@@ -1,6 +1,6 @@
# Reaction # Reaction
Reaction est un service qui scan les sorties des fichiers et effectue des actions dand un usage est détecté. Reaction est un service qui scan les sorties des fichiers et effectue des actions quand un certain usage est détecté.
```shell ```shell
@@ -13,12 +13,39 @@ reaction show
``` ```
``` ```
local bots = [
"ChatGPT-User",
"DuckAssistBot",
"Meta-ExternalFetcher",
"AI2Bot",
"Applebot-Extended",
"Bytespider",
"CCBot",
"ClaudeBot",
"Diffbot",
"FacebookBot",
"Google-Extended",
"GPTBot",
"Kangaroo Bot",
"Meta-ExternalAgent",
"omgili",
"Timpibot",
"Webzio-Extended",
"Amazonbot",
"Applebot",
"OAI-SearchBot",
"PerplexityBot",
"YouBot",
"Yandexbot",
"Baiduspider"
];
local banFor(time) = { local banFor(time) = {
ban: { ban: {
cmd: ['nft', 'add', 'element', 'inet', 'reaction', 'banned_ips', '{ <ip> }'], cmd: ['nft', 'add element inet reaction banned_ips { <ip> }'],
}, },
unban: { unban: {
cmd: ['nft', 'delete', 'element', 'inet', 'reaction', 'banned_ips', '{ <ip> }'], cmd: ['nft', 'delete element inet reaction banned_ips { <ip> }'],
after: time, after: time,
}, },
}; };
@@ -31,41 +58,31 @@ local banFor(time) = {
}, },
start: [ start: [
// Table ['nft', |||
['nft', 'add', 'table', 'inet', 'reaction'], table inet reaction {
set whitelist_ips {
type ipv4_addr
flags interval
elements = { 192.168.137.0/24 }
}
// Set pour IP bannies set banned_ips {
[ type ipv4_addr
'nft', 'add', 'set', 'inet', 'reaction', 'banned_ips', flags interval
'{', 'type', 'ipv4_addr', ';', 'flags', 'interval', ';', '}' auto-merge
], }
// Chaîne INPUT chain input {
[ type filter hook input priority 0
'nft', 'add', 'chain', 'inet', 'reaction', 'input_filter', ip saddr @whitelist_ips accept
'{', 'type', 'filter', 'hook', 'input', 'priority', '0', ';', '}' ip saddr @banned_ips drop
], }
}
// Chaîne FORWARD ||| ],
[
'nft', 'add', 'chain', 'inet', 'reaction', 'forward_filter',
'{', 'type', 'filter', 'hook', 'forward', 'priority', '0', ';', '}'
],
// Règles d'utilisation du set
[
'nft', 'add', 'rule', 'inet', 'reaction', 'input_filter',
'ip', 'saddr', '@banned_ips', 'drop'
],
[
'nft', 'add', 'rule', 'inet', 'reaction', 'forward_filter',
'ip', 'saddr', '@banned_ips', 'drop'
],
], ],
stop: [ stop: [
// Une seule commande supprime tout proprement ['nft', 'delete table inet reaction'],
['nft', 'delete', 'table', 'inet', 'reaction'],
], ],
streams: { streams: {
@@ -76,14 +93,30 @@ local banFor(time) = {
regex: [ regex: [
@'authentication failure;.*rhost=<ip>', @'authentication failure;.*rhost=<ip>',
@'Failed password for .* from <ip>', @'Failed password for .* from <ip>',
@'banner exchange: Connection from <ip> port [0-9]*: invalid format', @'Connection from <ip> port [0-9]*: invalid format',
@'Invalid user .* from <ip>', @'Invalid user .* from <ip>',
@'Timeout before authentication for <ip>',
], ],
retry: 3, retry: 3,
retryperiod: '6h', retryperiod: '6h',
actions: banFor('96h'), actions: banFor('96h'),
}, },
}, },
},
apache: {
cmd: ['tail', '-n0', '-f', '/var/log/nginx/access.log'],
filters: {
aiBots: {
regex: [
// User-Agent is the last field
// Bot's name can be anywhere in the User-Agent
// (hence the leading and trailing [^"]*
@'^<ip> .* "[^"]*(%s)[^"]*"$' % std.join('|', bots)
],
actions: banFor('30d'),
},
},
} }
}, },
} }

10
wordpress.md Normal file
View File

@@ -0,0 +1,10 @@
curl -O https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar
php wp-cli.phar --info
chmod +x wp-cli.phar
mv wp-cli.phar /usr/local/bin/wp
crontab -u eureka -e
5 * * * * /usr/local/bin/wp --path=/home/eureka/wp6 cron event run --due-now >> /home/eureka/wp-cron.log 2>&1