Skip to content
This repository has been archived by the owner on May 27, 2024. It is now read-only.
/ csp-server Public archive

CSP (Content Security Policy) reports server which forwards reports to Elasticsearch.

License

MIT license
57 stars 16 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

seek-oss/csp-server

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
bash
bash
 
 
elasticsearch
elasticsearch
 
 
example
example
 
 
infrastructure
infrastructure
 
 
nginx
nginx
 
 
nodejs
nodejs
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
README2.md
README2.md
 
 

Repository files navigation

CSP Server and Elasticsearch Feeder

CSP violation report endpoint using Elasticsearch as storage. Basically a https://report-uri.io/ alternative.

It is a Node.js application designed to receive CSP (Content Security Policy) reports and inject them in Elasticsearch for analysis.

  • Node application uses http://restify.com/ framework
  • The application has been tested in Ubuntu 14.04 LTS and 16.04 LTS (both 64-bit).

Components

  • bash : (optional) Scripts to rotate old indexes (indices) in Elasticsearch
  • example : (optional) Example of a CSP Report this server is meant to receive
  • infrastructure : (optional) Scripts to create the server and services using AWS PowerShell CLI
  • nginx : Configuration file for Nginx
  • nodejs : Node.js application that gets the CSP Reports and sends them to Elasticsearch

Infrastructure

This project was implemented and tested using Amazon AWS services in the following way:

AWS EC2 (Linux) running Nginx and Node.js -> AWS Elasticsearch Service

Install

TLDR;

  • Checkout this project in your server
git clone [email protected]:seek-oss/csp-server.git
  • Edit nodejs/config.js and set the Elasticsearch URL, port and version
  • Start nodejs application with nodejs/server.js
node ./nodejs/server.js

This way the Node.js appliation will listen in the configured port and process POST requests containing CSP reports. Each POST will be sent to Elasticsearch into indices named cspdata-YYYYMMDD

Endpoints:

For details on how to configure a server to support https (SSL) using Nginx, Node as service using PM2 manager, log rotation and setting up Elasticsearch in AWS continue reading:

1. Create infrastructure

In this project we create the AWS resources using AWS CLI.

2. Configure server

  • Install Nginx - Instructions here: nginx

  • Install Node - Instructions here: nodejs

  • Configure Elasticsearch - Instructions here: elasticsearch

  • Configure rotation scripts - Instructions here: bash

3. Get the CSP reports

Get your customers to start sending CSP reports to your server

README2.md

Sceenshots

About

CSP (Content Security Policy) reports server which forwards reports to Elasticsearch.

Topics

elasticsearch aws-cli csp-report

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

57 stars

Watchers

11 watching

Forks

16 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages