# Hiawatha main configuration file
#
# GENERAL SETTINGS
#
#ServerId = www-data
ServerId = www-data
#ConnectionsTotal = 150
#ConnectionsPerIP = 10
ConnectionsTotal = 1000
# This setting is proofed to be working for IE, firefox and chrome on Banshee 3.5, 3.7
# Other than the above mentioned, you may need to change the value
ConnectionsPerIP = 35
SystemLogfile = /var/log/hiawatha/system.log
GarbageLogfile = /var/log/hiawatha/garbage.log
ExploitLogfile = /var/log/hiawatha/exploit.log
LogFormat = extended
ServerString = SimpleHTTPserver
CGIwrapper = /usr/sbin/cgi-wrapper
# BINDING SETTINGS
# A binding is where a client can connect to.
#
Binding {
Port = 80
# Interface = 127.0.0.1
# MaxKeepAlive = 30
MaxKeepAlive = 50
# TimeForRequest = 5,30
# This settings is proofed to be working on IE, firefox and chrome on Banshee 3.5, 3.7
# for slower internet connection, such as 2.5G mobile network
# Other than the above mentioned, you may need to change the value
TimeForRequest = 12,50
}
#
#Binding {
# Port = 443
# Interface = ::1
# MaxKeepAlive = 30
# TimeForRequest = 3,20
# SSLcertFile = hiawatha.pem
#}
# BANNING SETTINGS
# Deny service to clients who misbehave.
#
#BanOnGarbage = 300
#BanOnMaxPerIP = 60
#BanOnMaxReqSize = 300
#KickOnBan = yes
#RebanDuringBan = yes
BanOnGarbage = 300
BanOnMaxPerIP = 300
BanOnMaxReqSize = 300
BanOnTimeout = 300
KickOnBan = yes
RebanDuringBan = yes
BanOnDeniedBody = 300
BanOnSQLi = 300
# This settings is proofed to be working on IE, firefox and chrome on Banshee 3.5, 3.7
# Other than the above mentioned, you may need to change the value
BanOnFlooding = 90/1:300
#BanlistMask = deny 192.168.20.0/24, deny 127.0.0.1
BanlistMask = deny 127.0.0.1
BanOnInvalidURL = 300
BanOnWrongPassword = 3:300
# COMMON GATEWAY INTERFACE (CGI) SETTINGS
# These settings can be used to run CGI applications. Use the 'php-fcgi'
# tool to start PHP as a FastCGI daemon.
#
#CGIhandler = /usr/bin/perl:pl
#CGIhandler = /usr/bin/php-cgi:php
#CGIhandler = /usr/bin/python:py
#CGIhandler = /usr/bin/ruby:rb
#CGIhandler = /usr/bin/ssi-cgi:shtml
#CGIextension = cgi
#
#FastCGIserver {
# FastCGIid = PHP5
# ConnectTo = 127.0.0.1
# Extension = php
#}
CGIhandler = /usr/bin/perl:pl
CGIhandler = /usr/bin/php5-cgi:php
CGIhandler = /usr/bin/python:py
CGIhandler = /usr/bin/ruby:rb
CGIhandler = /usr/bin/ssi-cgi:shtml
CGIextension = cgi
FastCGIserver {
FastCGIid = PHP5
# ConnectTo = 127.0.0.1:2005
# ConnectTo = /var/lib/hiawatha/php-fcgi.sock
ConnectTo = 127.0.0.1:9000
Extension = php
SessionTimeout = 600
}
# URL TOOLKIT
# This URL toolkit rule was made for the Banshee PHP framework, which
# can be downloaded from http://www.hiawatha-webserver.org/banshee
#
# The scannerblocker will ban some common scanners which with their default settings
UrlToolkit {
ToolkitID = scannerblocker
Header User-Agent ^w3af.sourceforge.net Return
Header User-Agent ^dirbuster Return
Header User-Agent ^nikto Return
Header User-Agent ^sqlmap Return
Header User-Agent ^fimap Return
Header User-Agent ^nessus Return
Header User-Agent ^whatweb Return
Header User-Agent ^Openvas Return
Header User-Agent ^jbrofuzz Return
Header User-Agent ^libwhisker Return
Header User-Agent ^webshag Return
Header User-Agent ^WVS Return
Header User-Agent ^Morfeus Return
Header User-Agent ^Fucking Return
Header User-Agent ^Scanner Return
Header User-Agent ^Aboundex Return
Header User-Agent ^AlphaServer Return
Header User-Agent ^Indy Return
Header User-Agent ^ZmEu Return
Header User-Agent ^social Return
Header User-Agent ^Zollard Return
Header User-Agent ^CLR Return
Header User-Agent ^Camino Return
Header User-Agent ^Nmap Return
Header HTTP:Acunetix-Product ^WVS Return
}
UrlToolkit {
ToolkitID = banshee
RequestURI isfile Return
Call scannerblocker
Match ^/(css|files|images|js|slimstat)($|/) Return
Match ^/(favicon.ico|robots.txt|sitemap.xml)$ Return
Match .*\?(.*) Rewrite /index.php?$1
Match .* Rewrite /index.php
}
UrlToolkit {
ToolkitID = monitor
RequestURI isfile Return
Match ^/(css|files|images|js|slimstat)($|/) Return
Match ^/(favicon.ico|robots.txt|sitemap.xml)$ Return
Match .*\?(.*) Rewrite /index.php?$1
Match .* Rewrite /index.php
}
# DEFAULT WEBSITE
# It is wise to use your IP address as the hostname of the default website
# and give it a blank webpage. By doing so, automated webscanners won't find
# your possible vulnerable website.
#
# Make sure to change the IP address of the Hostname below with your webserver IP address.
# This setting will cause anyone visit to your webserver with your IP address to be redirected to www.example.com.
# So that, your webserver is under some protection of the attacks.
Hostname = 98.139.183.24
WebsiteRoot = /var/www/hiawatha
#StartFile = index.html
StartFile = index.html
AccessLogfile = /var/log/hiawatha/access.log
ErrorLogfile = /var/log/hiawatha/error.log
#ErrorHandler = 404:/error.cgi
ReverseProxy ^/.* http://www.example.com:80/
Include /etc/hiawatha/enable-sites/
# VIRTUAL HOSTS
# Use a VirtualHost section to declare the websites you want to host.
#
#VirtualHost {
# Hostname = www.my-domain.com
# WebsiteRoot = /var/www/my-domain/public
# StartFile = index.php
# AccessLogfile = /var/www/my-domain/log/access.log
# ErrorLogfile = /var/www/my-domain/log/error.log
# TimeForCGI = 5
# UseFastCGI = PHP5
# UseToolkit = banshee
#}
# DIRECTORY SETTINGS
# You can specify some settings per directory.
#
#Directory {
# Path = /home/baduser
# ExecuteCGI = no
# UploadSpeed = 10,2
#}