35 lines
945 B
Python
35 lines
945 B
Python
#!/usr/bin/env python3
|
|
|
|
def apache_protocols() -> dict:
|
|
ssl = dict()
|
|
|
|
# Check if apaches has disabled the bad SSL/TLS version
|
|
ssl["description"] = "Disable deprecated SSL/TLS versions"
|
|
ssl["level"] = "high"
|
|
ssl["protocols"] = list()
|
|
# https://httpd.apache.org/docs/trunk/ssl/ssl_howto.html
|
|
ssl["protocols"].append("-TLSv1")
|
|
ssl["protocols"].append("-TLSv1.1")
|
|
ssl["protocols"].append("-SSLv3")
|
|
ssl["recommand_value"] = "SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1"
|
|
|
|
return ssl
|
|
|
|
def apache_signature() -> dict:
|
|
signature = dict()
|
|
|
|
signature["description"] = "Disable Apache signature"
|
|
signature["level"] = "high"
|
|
signature['value'] = 'ServerSignature On'
|
|
|
|
return signature
|
|
|
|
def apache_indexes() -> dict:
|
|
indexes = dict()
|
|
|
|
indexes['description'] = 'Disable files and directory indexes'
|
|
indexes['level'] = 'medium'
|
|
indexes['value'] = 'Options -Indexes'
|
|
|
|
return indexes
|