Need help with secureserver?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

Xeoncross
133 Stars 7 Forks MIT License 9 Commits 2 Opened issues

Description

A Simple, Secured Default HTTP(S) Server for Golang

Services available

!
?

Need anything else?

Contributors list

# 117,737
PHP
Shell
Rust
osx
7 commits
# 37,177
Go
golang
tinder-...
kafka
1 commit

Go secureserver

Out-of-the-box, Go is a fully capable HTTP/HTTPS server. However, it is not configured correctly to avoid malicious clients, timeouts, or even simple SSL auto setup with LetsEncrypt.org.

This repository exists to help go developers launch a secure, simple HTTPS server.

This configuration blocks major attacks like:

  • BEAST attack
  • POODLE (SSLv3)
  • POODLE (TLS)
  • Heartbleed
  • CRIME
  • FUBAR
  • OpenSSL CCS vulnerability (CVE-2014-0224)
  • OpenSSL Padding Oracle vulnerability

Achieving forward secrecy and low server load are a focus.

Reading

  • https://blog.bracebin.com/achieving-perfect-ssl-labs-score-with-go
  • https://blog.gopheracademy.com/advent-2016/exposing-go-on-the-internet/
  • https://blog.cloudflare.com/the-complete-guide-to-golang-net-http-timeouts/
  • https://cipherli.st/
  • https://wiki.mozilla.org/Security/ServerSideTLS

Install

go get github.com/xeoncross/secureserver

Demo Server

You can quickly run a test HTTP/HTTPS server like so:

package main

import ( "github.com/xeoncross/secureserver" )

func main() { domain := "example.com" HSTS := false // enable/disable HSTS secureserver.RunHTTPRedirectServer() secureserver.RunDemoHTTPSServer(domain, HSTS) // blocks }

Usage

package main

import ( "github.com/xeoncross/secureserver" )

func main() { domain := "example.com" secureserver.RunHTTPRedirectServer() s := secureserver.GetHTTPSServer(domain)

mux := http.NewServeMux() mux.HandleFunc("/", func(w http.ResponseWriter, req *http.Request) { w.Header().Add("Strict-Transport-Security", "max-age=63072000; includeSubDomains") w.Write([]byte("This is an example server on " + domain + ".\n")) })

s.Handler = mux

log.Fatal(s.ListenAndServeTLS("", "")) }

Todo

Contributions Required

To serve a source of information about current Go best-practices; pull requests, issues, and documentation are welcome.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.