Mirrors/ProxMenux
1
0
Fork 0
mirror of https://github.com/MacRimi/ProxMenux.git synced 2025-06-28 04:06:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update page.tsx

Browse Source
This commit is contained in:
MacRimi 2025-05-13 21:40:01 +02:00
parent ab8a952061
commit 20695a7c31
1 changed files with 93 additions and 63 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
web/app/docs/post-install/security/page.tsx
View File

@ -71,13 +71,13 @@ systemctl stop rpcbind
`} `}
/> />
<h3 className="text-xl font-semibold mt-16 mb-4 flex items-center"> <h3 className="text-xl font-semibold mt-16 mb-4 flex items-center">
<StepNumber number={2} /> <StepNumber number={2} />
Install Lynis Security Tool Install Lynis Security Tool
</h3> </h3>
<p className="mb-4"> <p className="mb-4">
Lynis is a comprehensive security auditing tool that analyzes your system, detects vulnerabilities, and provides recommendations for improving security. Lynis is a comprehensive security auditing tool that analyzes your system, detects vulnerabilities, and provides
recommendations for improving security.
</p> </p>
<p className="mb-4"> <p className="mb-4">
<strong>How it works:</strong> Lynis scans the system and evaluates various security parameters, including: <strong>How it works:</strong> Lynis scans the system and evaluates various security parameters, including:
@ -89,11 +89,26 @@ systemctl stop rpcbind
<li>File permissions and system integrity</li> <li>File permissions and system integrity</li>
<li>Malware detection and system hardening suggestions</li> <li>Malware detection and system hardening suggestions</li>
</ul> </ul>
<p className="text-lg mb-2">This adjustment automates the following command:</p> <p className="mb-4">
<strong>Installation method:</strong> ProxMenux now installs the latest version of Lynis directly from the
official GitHub repository to ensure you have the most up-to-date security scanning capabilities.
</p>
<p className="text-lg mb-2">This adjustment automates the following process:</p>
<CopyableCode <CopyableCode
code={` code={`
# Install Lynis # Install Git (if not already installed)
apt-get -y install lynis apt-get update -qq
apt-get install -y git
# Clone Lynis from GitHub
git clone https://github.com/CISOfy/lynis.git /opt/lynis
# Create wrapper script for easy execution
cat << 'EOF' > /usr/local/bin/lynis
#!/bin/bash
cd /opt/lynis && ./lynis "$@"
EOF
chmod +x /usr/local/bin/lynis
`} `}
/> />
<p className="text-lg mt-4">To run a system security audit, execute:</p> <p className="text-lg mt-4">To run a system security audit, execute:</p>
@ -103,17 +118,25 @@ apt-get -y install lynis
lynis audit system lynis audit system
`} `}
/> />
<p className="text-lg mt-4">To check the installed Lynis version:</p>
<CopyableCode
code={`
# Display Lynis version
lynis show version
`}
/>
<h3 className="text-xl font-semibold mt-16 mb-4 flex items-center"> <h3 className="text-xl font-semibold mt-16 mb-4 flex items-center">
<StepNumber number={3} /> <StepNumber number={3} />
Protect Web Interface with Fail2Ban Protect Web Interface with Fail2Ban
</h3> </h3>
<p className="mb-4"> <p className="mb-4">
Fail2Ban enhances security by monitoring login attempts and banning malicious IPs that attempt unauthorized access. Fail2Ban enhances security by monitoring login attempts and banning malicious IPs that attempt unauthorized
access.
</p> </p>
<p className="mb-4"> <p className="mb-4">
<strong>How it works:</strong> Fail2Ban analyzes logs, detects repeated authentication failures, and automatically bans the source IP address to prevent further attacks. <strong>How it works:</strong> Fail2Ban analyzes logs, detects repeated authentication failures, and
automatically bans the source IP address to prevent further attacks.
</p> </p>
<ul className="list-disc pl-5 mb-4"> <ul className="list-disc pl-5 mb-4">
<li>Protects the Proxmox VE web interface from brute-force attacks</li> <li>Protects the Proxmox VE web interface from brute-force attacks</li>
@ -122,14 +145,21 @@ lynis audit system
</ul> </ul>
<h4 className="text-lg font-semibold mt-4">Fail2Ban Configuration Overview</h4> <h4 className="text-lg font-semibold mt-4">Fail2Ban Configuration Overview</h4>
<p className="mb-4"> <p className="mb-4">Fail2Ban is configured with the following security policies:</p>
Fail2Ban is configured with the following security policies:
</p>
<ul className="list-disc pl-5 mb-4"> <ul className="list-disc pl-5 mb-4">
<li><strong>Ban Duration:</strong> 24 hours for SSH and 1 hour for Proxmox</li> <li>
<li><strong>Max Retries:</strong> 2 failed attempts for SSH, 3 for Proxmox</li> <strong>Ban Duration:</strong> 24 hours for SSH and 1 hour for Proxmox
<li><strong>Find Time:</strong> 30 minutes for SSH, 10 minutes for Proxmox</li> </li>
<li><strong>Log Monitoring:</strong> <code>/var/log/auth.log</code> for SSH and <code>/var/log/daemon.log</code> for Proxmox</li> <li>
<strong>Max Retries:</strong> 2 failed attempts for SSH, 3 for Proxmox
</li>
<li>
<strong>Find Time:</strong> 30 minutes for SSH, 10 minutes for Proxmox
</li>
<li>
<strong>Log Monitoring:</strong> <code>/var/log/auth.log</code> for SSH and <code>/var/log/daemon.log</code>{" "}
for Proxmox
</li>
</ul> </ul>
<p className="text-lg mb-2">This adjustment automates the following command:</p> <p className="text-lg mb-2">This adjustment automates the following command:</p>
@ -227,8 +257,9 @@ lynis audit system
`} `}
/> />
<p className="mt-4">Fail2Ban automatically protect your Proxmox VE and SSH access, reducing the risk of brute-force attacks.</p> <p className="mt-4">
Fail2Ban automatically protect your Proxmox VE and SSH access, reducing the risk of brute-force attacks.
</p>
<section className="mt-12 p-4 bg-blue-100 rounded-md"> <section className="mt-12 p-4 bg-blue-100 rounded-md">
<h2 className="text-xl font-semibold mb-2">Automatic Application</h2> <h2 className="text-xl font-semibold mb-2">Automatic Application</h2>
@ -241,4 +272,3 @@ lynis audit system
</div> </div>
) )
} }