hoo2/InformationSystemsSecurity
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Switch to https using Caddy proxy.

Browse Source
This commit is contained in:
Christos Choutouridis 2026-01-12 12:06:43 +02:00
parent 3f7a2d2d61
commit 803f9ead79
3 changed files with 43 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
passman-dev/Caddyfile Normal file
View File

@ -0,0 +1,19 @@
# HTTP site: redirect everything to HTTPS
http://localhost {
redir https://{host}{uri} permanent
}
# HTTPS site
https://localhost {
reverse_proxy web:80
tls internal
# Optional: security headers (defense-in-depth)
header {
X-Content-Type-Options "nosniff"
X-Frame-Options "DENY"
Referrer-Policy "no-referrer"
}
}

18
passman-dev/docker-compose.yml
View File

@ -2,8 +2,8 @@
services: services:
web: web:
build: . build: .
ports: # ports:
- "80:80" # - "80:80"
volumes: volumes:
- ./php:/var/www/html - ./php:/var/www/html
environment: environment:
@ -14,6 +14,18 @@ services:
depends_on: depends_on:
- db - db
proxy:
image: caddy:2
ports:
- "80:80"
- "443:443"
volumes:
- ./Caddyfile:/etc/caddy/Caddyfile:ro
- caddy_data:/data
- caddy_config:/config
depends_on:
- web
db: db:
image: mariadb:11 image: mariadb:11
container_name: passman_db container_name: passman_db
@ -30,4 +42,6 @@ services:
volumes: volumes:
dbdata: dbdata:
caddy_data:
caddy_config:

16
passman-dev/php/passman/index.html
View File

@ -15,23 +15,23 @@
<br /> <br />
<ul> <ul>
<li> <li>
<a href="http://localhost/passman/register.php">Registration Form</a> <a href="/passman/register.php">Registration Form</a>
</li> </li>
<br /> <br />
<li> <li>
<a href="http://localhost/passman/login.php">Login Page</a> <a href="/passman/login.php">Login Page</a>
</li> </li>
<br /> <br />
<li> <li>
<a href="http://localhost/passman/logout.php">Logout Page</a> <a href="/passman/logout.php">Logout Page</a>
</li> </li>
<br /> <br />
<li> <li>
<a href="http://localhost/passman/dashboard.php">Dashboard</a> (display passwords for websites) <a href="/passman/dashboard.php">Dashboard</a> (display passwords for websites)
</li> </li>
<br /> <br />
<li> <li>
<a href="http://localhost/passman/notes.php">Notes</a> (notes/comments/announcements) <a href="/passman/notes.php">Notes</a> (notes/comments/announcements)
</li> </li>
<br /> <br />
</ul> </ul>
@ -41,18 +41,18 @@
<br /> <br />
<ul> <ul>
<li> <li>
Test <a href="http://localhost/passman/test_hash.php">hashing</a> functions in PHP (server side) Test <a href="/passman/test_hash.php">hashing</a> functions in PHP (server side)
</li> </li>
<br /> <br />
<li> <li>
Test <a href="http://localhost/passman/test_encrypt.php">encrypting/decrypting</a> functions in PHP (server side) Test <a href="/passman/test_encrypt.php">encrypting/decrypting</a> functions in PHP (server side)
</li> </li>
<br /> <br />
</ul> </ul>
<br /> <br />
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Hacker's side (for using stealing cookies using XSS): &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;Hacker's side (for using stealing cookies using XSS):
<a href="http://localhost/passman/xss">http://localhost/passman/xss</a> <a href="/passman/xss">passman/xss</a>
<br /> <br />
</body> </body>