cd1a164114
Major infrastructure upgrade implementing: 1. Architecture - Containerized NGINX with custom Alpine build (Brotli + Headers More) - ModSecurity WAF (OWASP CRS) as a sidecar/frontend service - Fail2ban service monitoring logs for bot/attack mitigation 2. SSL Automation - Integrated Certbot with custom daily validation scripts - Automatic 3-day expiry detection and renewal - Smart ACME challenge injection for all sites 3. Configuration - Migrated 28 site configs to modular structure (conf.d/) - Created reusable snippets (Rate Limiting, Security Maps, Caching) - Fixed deprecated HTTP/2 syntax and ModSecurity directives 4. Documentation - Added GEMINI.md with full architectural overview - Cleanup of legacy files |
||
|---|---|---|
| .. | ||
| applications.d | ||
| after.init | ||
| after.rules | ||
| after6.rules | ||
| before.init | ||
| before.rules | ||
| before6.rules | ||
| sysctl.conf | ||
| ufw.conf | ||
| user.rules | ||
| user6.rules | ||