Get the most out of your Centmin Mod LEMP stack
Become a Member

Beta Branch prep for SSL/TLS JA3 fingerprint Nginx module support in 123.09beta01

Discussion in 'Centmin Mod Github Commits' started by eva2000, Dec 15, 2021.

  1. eva2000

    eva2000 Administrator Staff Member

    48,417
    11,099
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,274
    Local Time:
    5:08 PM
    Nginx 1.21.x
    MariaDB 10.x
    prep for SSL/TLS JA3 fingerprint Nginx module support in 123.09beta01

    - add optional support for SSL/TLS JA3 fingerprint Nginx module support GitHub - centminmod/nginx-ssl-fingerprint: high performance SSL/TLS ja3 fingerprint for nginx. and GitHub - salesforce/ja3: JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.
    - disabled by default for now for proper testing. Can be enabled setting NGINX_TLS_FINGERPRINT='y' in persistent config file /etc/centminmod/custom_config.inc prior to Nginx compile/recompile via centmin.sh menu option 4


    Continue reading...

    123.09beta01 branch
     
  2. eva2000

    eva2000 Administrator Staff Member

    48,417
    11,099
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +17,274
    Local Time:
    5:08 PM
    Nginx 1.21.x
    MariaDB 10.x
    As per GitHub - salesforce/ja3: JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way. for SSL/TLS fingerprint profiling of visitors :)

    Centmin Mod Nginx with optional Nginx fingerprint module installed
    Code (Text):
      add_header X-FP "$http_ssl_ja3";
      add_header X-FP-Hash "$http_ssl_ja3_hash";
    

    Code (Text):
    curl -4Ik https://log4j.domain.com
    HTTP/1.1 200 OK
    Date: Tue, 14 Dec 2021 15:05:49 GMT
    Content-Type: text/html; charset=utf-8
    Content-Length: 6592
    Last-Modified: Mon, 13 Dec 2021 04:21:48 GMT
    Connection: keep-alive
    Vary: Accept-Encoding
    ETag: "61b6ca5c-19c0"
    Server: nginx centminmod
    X-Powered-By: centminmod
    X-Xss-Protection: 1; mode=block
    X-Content-Type-Options: nosniff
    X-FP: 771,49196-49162-49195-52393-49161-49200-49172-49199-52392-49171-159-57-56-107-158-52394-51-50-103-22-19-157-53-61-156-47-60-10,0-23-65281-10-11-13-28,29-23-24-25,0
    X-FP-Hash: c8446f59cca2149cb5f56ced4b448c8d
    Accept-Ranges: bytes