41 lines
1.2 KiB
Python
41 lines
1.2 KiB
Python
#!/usr/bin/env python3
|
|
|
|
def apache_protocols() -> dict:
|
|
ssl = dict()
|
|
|
|
# Check if apaches has disabled the bad SSL/TLS version
|
|
ssl["description"] = "Disable deprecated SSL/TLS versions"
|
|
ssl["level"] = "high"
|
|
ssl["protocols"] = list()
|
|
# https://httpd.apache.org/docs/trunk/ssl/ssl_howto.html
|
|
ssl["protocols"].append("TLSv1")
|
|
ssl["protocols"].append("TLSv1.1")
|
|
ssl["protocols"].append("SSLv3")
|
|
ssl["recommand_value"] = "SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1"
|
|
|
|
return ssl
|
|
|
|
def apache_signature() -> dict:
|
|
signature = dict()
|
|
|
|
signature["description"] = "Disable Apache signature"
|
|
signature["level"] = "high"
|
|
signature['signature'] = list()
|
|
signature['signature'].append('ServerSignature On')
|
|
signature['signature'].append('ServerTokens Prod')
|
|
|
|
return signature
|
|
|
|
def apache_indexes() -> dict:
|
|
indexes = dict()
|
|
|
|
indexes['description'] = 'Disable files and directory indexes'
|
|
indexes['level'] = 'medium'
|
|
indexes['flag'] = 'Options'
|
|
indexes['options'] = list()
|
|
indexes['options'].append('Indexes')
|
|
indexes['options'].append('FollowSymLinks')
|
|
indexes['recommand_value'] = 'Options -Indexes -FollowSymLinks'
|
|
|
|
return indexes
|