Sichere Webserver(konfiguration): Difference between revisions
No edit summary |
|||
Line 72: | Line 72: | ||
== Verwendung der API == |
== Verwendung der API == |
||
* Aufruf zum Scannen einer neuene Seite starten |
|||
lala |
|||
** POST-Request <br /> |
|||
** http://localhost:57001/api/v1/analyze?host=www.testseite.de <br /> |
|||
*** hidden=true&rescan=true <br /> |
|||
* Status eines Scans anzeigen |
|||
** GET-Request <br /> |
|||
** http://localhost:57001/api/v1/analyze?host=www.testseite.de <br /> |
|||
* Resultate eines bestimmten Scans anzeigen (Scan-Nr.) <br /> |
|||
** GET-Request <br /> |
|||
** http://localhost:57001/api/v1/getScanResults?scan=1 <br /> |
|||
* Liste Letzter Scans anzeigen- <br /> |
|||
** GET-Request <br /> |
|||
** http://localhost:57001/api/v1/getRecentScans?max=20 <br /> |
|||
*** mit Option von bestimmten "Noten" in diesem Fall alle F, also 20 Punkte und darunte <br /> |
Revision as of 11:59, 17 October 2016
Lokale Installation
- how to install observatory (tested on Ubuntu 16.04 LTS)
sudo apt-get install -y git libpq-dev postgresql redis-server python3 python3-pip
cd /opt/
sudo git clone https://github.com/mozilla/http-observatory.git
sudo su - postgres
createdb http_observatory
psql http_observatory < /opt/http-observatory/httpobs/database/schema.sql
psql http_observatory
\password httpobsapi #passwort festlegen z.B. its
\password httpobsscanner #passwort festlegen z.B. its
- exit db (\q)
- exit psql user (exit)
sudo vi /etc/postgresql/9.5/main/postgresql.conf #set max_connections = 512, shared_buffers = 256MB
sudo service postgresql restart
sudo useradd -m httpobs
sudo su - httpobs
cd /opt/http-observatory
pip3 install .
pip3 install -r requirements.txt --upgrade
exit
- everything from here has to be done for every start - Starting from normal user
- start scanner
sudo install -m 750 -o httpobs -g httpobs -d /var/run/httpobs /var/log/httpobs
sudo su - httpobs
echo export HTTPOBS_API_URL="http://localhost:57001/api/v1" >> ~/.profile
cd /opt/http-observatory/
HTTPOBS_DATABASE_USER="httpobsscanner" HTTPOBS_DATABASE_PASS="its" /opt/http-observatory/httpobs/scripts/httpobs-scan-worker
- open new Terminal to start api
sudo su - httpobs
cd /opt/http-observatory/
HTTPOBS_DATABASE_USER="httpobsapi" HTTPOBS_DATABASE_PASS="its" uwsgi --http :57001 --wsgi-file /opt/http-observatory/httpobs/website/main.py --processes 8
--callable app --master
Verwendung der API
- Aufruf zum Scannen einer neuene Seite starten
- POST-Request
- http://localhost:57001/api/v1/analyze?host=www.testseite.de
- hidden=true&rescan=true
- hidden=true&rescan=true
- POST-Request
- Status eines Scans anzeigen
- Resultate eines bestimmten Scans anzeigen (Scan-Nr.)
- Liste Letzter Scans anzeigen-
- GET-Request
- http://localhost:57001/api/v1/getRecentScans?max=20
- mit Option von bestimmten "Noten" in diesem Fall alle F, also 20 Punkte und darunte
- mit Option von bestimmten "Noten" in diesem Fall alle F, also 20 Punkte und darunte
- GET-Request