diff --git a/cookbooks/headersmore/README.md b/cookbooks/headersmore/README.md new file mode 100644 index 00000000..b632453a --- /dev/null +++ b/cookbooks/headersmore/README.md @@ -0,0 +1,33 @@ +ey-headersmore-fingerprinting +=================== + +https://github.com/agentzh/headers-more-nginx-module +Engine Yard upload/apply recipe steps +- +1. Install the latest Engine Yard CLI + * To upload an apply a new Chef recipe use the Engine Yard Command Line Interface (CLI). http://www.engineyard.com/products/cloud/features/cli +2. Login to EY from the EY CLI to connect the application the EY service + +Create a recipe tar package +> $ tar zcf recipes.tgz cookbooks/ + +Upload the recipe to the environment +> $ ey recipes upload -e [Environment name] -f recipes.tgz + +If you are unsure of the environment name run +> $ ey environments --all + +Apply the recipe to the environment +> $ ey recipes apply -e [Environment name] + + +Reference(s) +- +Windows EY CLI bug. Workaround is to tar the package before uploading + +https://github.com/engineyard/engineyard/issues/113 + +Engine Yard Command line interface installation guide can be found in the [ey-cloud-recipes] [1] repository. + +[1]: https://github.com/engineyard/ey-cloud-recipes "ey-cloud-recipes" + diff --git a/cookbooks/headersmore/recipes/default.rb b/cookbooks/headersmore/recipes/default.rb new file mode 100644 index 00000000..e4b6d1ca --- /dev/null +++ b/cookbooks/headersmore/recipes/default.rb @@ -0,0 +1,29 @@ +# +# Cookbook Name:: Headersmore Fingerprinting +# Recipe:: Headersmore nginx Fingerprinting script +# +if ['app_master', 'app', 'solo'].include?(node[:instance_role]) + execute "update http-custom.conf" do + command " + cat >> http-custom.conf << EOF + #******************************************************************** + # Headersmore Nginx Fingerprinting header removal + #******************************************************************** + # + # Clear Server Header + more_clear_headers 'Server'; + + # Clear X-Powered-By header + more_clear_headers 'X-Powered-By';" + cwd "/etc/nginx/" + not_if 'grep more_clear_headers /etc//http-custom.conf' + end + + execute "reload " do + command 'sudo /etc/init.d/nginx restart' + end +end + + + + diff --git a/cookbooks/main/recipes/default.rb b/cookbooks/main/recipes/default.rb index 0d7c6429..440bca29 100644 --- a/cookbooks/main/recipes/default.rb +++ b/cookbooks/main/recipes/default.rb @@ -4,6 +4,10 @@ # } #end +# uncomment to turn on Headersmore Fingerprinting nginx +# require_recipe 'headersmore' + + # uncomment to turn on thinking sphinx/ultra sphinx. Remember to edit cookbooks/sphinx/recipes/default.rb first! # require_recipe "sphinx"