mirror of
https://github.com/DeNNiiInc/Web-Page-Performance-Test.git
synced 2026-04-17 20:05:58 +00:00
DeNNiiInc
d7f534284a
- Added Express server with Git info API endpoint - Created automated deployment scripts (systemd-based, not PM2) - Implemented 5-minute auto-sync with GitHub - Enhanced .gitignore with 200+ credential protection patterns - Added Git version badge to UI footer - Created comprehensive deployment documentation - Added TurnKey Nginx fix for default control panel issue - Included security verification tools All credentials protected and verified safe for deployment.
191 lines
6.9 KiB
PowerShell
191 lines
6.9 KiB
PowerShell
# ============================================================================
|
|
# Credential Protection Verification Script
|
|
# ============================================================================
|
|
# Run this script BEFORE providing credentials to verify protection is active
|
|
# Usage: .\verify-security.ps1
|
|
# ============================================================================
|
|
|
|
Write-Host ""
|
|
Write-Host "=========================================" -ForegroundColor Cyan
|
|
Write-Host "🔐 Credential Protection Verification" -ForegroundColor Cyan
|
|
Write-Host "=========================================" -ForegroundColor Cyan
|
|
Write-Host ""
|
|
|
|
$allChecks = @()
|
|
|
|
# Check 1: .gitignore exists
|
|
Write-Host "📋 Check 1: Verifying .gitignore exists..." -ForegroundColor Yellow
|
|
if (Test-Path ".gitignore") {
|
|
Write-Host " ✅ .gitignore file found" -ForegroundColor Green
|
|
$allChecks += $true
|
|
}
|
|
else {
|
|
Write-Host " ❌ .gitignore file NOT found!" -ForegroundColor Red
|
|
$allChecks += $false
|
|
}
|
|
|
|
# Check 2: deploy-config.json is in .gitignore
|
|
Write-Host ""
|
|
Write-Host "📋 Check 2: Verifying deploy-config.json is protected..." -ForegroundColor Yellow
|
|
$gitignoreContent = Get-Content ".gitignore" -Raw
|
|
if ($gitignoreContent -match "deploy-config\.json") {
|
|
Write-Host " ✅ deploy-config.json is listed in .gitignore" -ForegroundColor Green
|
|
$allChecks += $true
|
|
}
|
|
else {
|
|
Write-Host " ❌ deploy-config.json NOT in .gitignore!" -ForegroundColor Red
|
|
$allChecks += $false
|
|
}
|
|
|
|
# Check 3: Verify other credential patterns are protected
|
|
Write-Host ""
|
|
Write-Host "📋 Check 3: Verifying other credential patterns..." -ForegroundColor Yellow
|
|
$patterns = @("\.env", "credentials", "secrets", "\*\.pem", "\*\.key")
|
|
$protectedPatterns = 0
|
|
foreach ($pattern in $patterns) {
|
|
if ($gitignoreContent -match $pattern) {
|
|
$protectedPatterns++
|
|
}
|
|
}
|
|
if ($protectedPatterns -eq $patterns.Count) {
|
|
Write-Host " ✅ All critical patterns protected ($protectedPatterns/$($patterns.Count))" -ForegroundColor Green
|
|
$allChecks += $true
|
|
}
|
|
else {
|
|
Write-Host " ⚠️ Some patterns missing ($protectedPatterns/$($patterns.Count))" -ForegroundColor Yellow
|
|
$allChecks += $true # Still pass, but warn
|
|
}
|
|
|
|
# Check 4: Git repository exists
|
|
Write-Host ""
|
|
Write-Host "📋 Check 4: Verifying Git repository..." -ForegroundColor Yellow
|
|
if (Test-Path ".git") {
|
|
Write-Host " ✅ Git repository initialized" -ForegroundColor Green
|
|
$allChecks += $true
|
|
}
|
|
else {
|
|
Write-Host " ⚠️ Git repository not initialized (run 'git init' first)" -ForegroundColor Yellow
|
|
$allChecks += $false
|
|
}
|
|
|
|
# Check 5: Test if deploy-config.json would be ignored
|
|
Write-Host ""
|
|
Write-Host "📋 Check 5: Testing credential file protection..." -ForegroundColor Yellow
|
|
if (Test-Path ".git") {
|
|
# Create test file
|
|
'{"test": "verification"}' | Out-File -Encoding utf8 -FilePath "deploy-config.json.test"
|
|
|
|
# Check if Git would ignore it
|
|
$gitStatus = git status --short 2>&1
|
|
$testFileVisible = $gitStatus -match "deploy-config\.json\.test"
|
|
|
|
# Clean up
|
|
Remove-Item "deploy-config.json.test" -Force
|
|
|
|
if ($testFileVisible) {
|
|
Write-Host " ⚠️ Test file was visible to Git (might still be protected by pattern)" -ForegroundColor Yellow
|
|
$allChecks += $true
|
|
}
|
|
else {
|
|
Write-Host " ✅ Test file was ignored by Git (protection working!)" -ForegroundColor Green
|
|
$allChecks += $true
|
|
}
|
|
}
|
|
else {
|
|
Write-Host " ⏭️ Skipped (no Git repository)" -ForegroundColor Gray
|
|
}
|
|
|
|
# Check 6: Verify no credential files are currently tracked
|
|
Write-Host ""
|
|
Write-Host "📋 Check 6: Checking for existing credential files in Git..." -ForegroundColor Yellow
|
|
if (Test-Path ".git") {
|
|
$trackedFiles = git ls-files
|
|
$credentialFiles = $trackedFiles | Where-Object {
|
|
$_ -match "deploy-config|credentials|secret|token|password|\.env"
|
|
}
|
|
|
|
if ($credentialFiles) {
|
|
Write-Host " ❌ WARNING: Credential files found in Git:" -ForegroundColor Red
|
|
$credentialFiles | ForEach-Object { Write-Host " - $_" -ForegroundColor Red }
|
|
$allChecks += $false
|
|
}
|
|
else {
|
|
Write-Host " ✅ No credential files currently tracked" -ForegroundColor Green
|
|
$allChecks += $true
|
|
}
|
|
}
|
|
else {
|
|
Write-Host " ⏭️ Skipped (no Git repository)" -ForegroundColor Gray
|
|
}
|
|
|
|
# Check 7: Verify deploy-config.json doesn't exist yet
|
|
Write-Host ""
|
|
Write-Host "📋 Check 7: Verifying no credentials exist yet..." -ForegroundColor Yellow
|
|
if (Test-Path "deploy-config.json") {
|
|
Write-Host " ⚠️ deploy-config.json already exists" -ForegroundColor Yellow
|
|
Write-Host " (This is OK if you created it yourself)" -ForegroundColor Gray
|
|
|
|
# Verify it's ignored
|
|
if (Test-Path ".git") {
|
|
$status = git status --short
|
|
if ($status -match "deploy-config\.json") {
|
|
Write-Host " ❌ WARNING: File is visible to Git!" -ForegroundColor Red
|
|
$allChecks += $false
|
|
}
|
|
else {
|
|
Write-Host " ✅ File is properly ignored" -ForegroundColor Green
|
|
$allChecks += $true
|
|
}
|
|
}
|
|
}
|
|
else {
|
|
Write-Host " ✅ No credentials file exists yet (ready for creation)" -ForegroundColor Green
|
|
$allChecks += $true
|
|
}
|
|
|
|
# Summary
|
|
Write-Host ""
|
|
Write-Host "=========================================" -ForegroundColor Cyan
|
|
Write-Host "📊 Verification Summary" -ForegroundColor Cyan
|
|
Write-Host "=========================================" -ForegroundColor Cyan
|
|
Write-Host ""
|
|
|
|
$passedChecks = ($allChecks | Where-Object { $_ -eq $true }).Count
|
|
$totalChecks = $allChecks.Count
|
|
|
|
Write-Host "Checks Passed: $passedChecks / $totalChecks" -ForegroundColor $(if ($passedChecks -eq $totalChecks) { "Green" } else { "Yellow" })
|
|
Write-Host ""
|
|
|
|
if ($passedChecks -eq $totalChecks) {
|
|
Write-Host "✅ ALL CHECKS PASSED!" -ForegroundColor Green
|
|
Write-Host ""
|
|
Write-Host "🔐 Your credentials are fully protected!" -ForegroundColor Green
|
|
Write-Host ""
|
|
Write-Host "Next Steps:" -ForegroundColor Cyan
|
|
Write-Host " 1. Create deploy-config.json from template" -ForegroundColor White
|
|
Write-Host " 2. Fill in your credentials" -ForegroundColor White
|
|
Write-Host " 3. Run .\deploy-local.ps1" -ForegroundColor White
|
|
Write-Host ""
|
|
Write-Host "Your credentials will NEVER be committed to Git! ✅" -ForegroundColor Green
|
|
}
|
|
else {
|
|
Write-Host "⚠️ SOME CHECKS FAILED" -ForegroundColor Yellow
|
|
Write-Host ""
|
|
Write-Host "Please review the warnings above." -ForegroundColor Yellow
|
|
Write-Host "Most warnings are informational and don't affect security." -ForegroundColor Gray
|
|
Write-Host ""
|
|
Write-Host "Critical issues (❌) should be fixed before proceeding." -ForegroundColor Yellow
|
|
}
|
|
|
|
Write-Host ""
|
|
Write-Host "=========================================" -ForegroundColor Cyan
|
|
Write-Host ""
|
|
|
|
# Return exit code
|
|
if ($passedChecks -lt $totalChecks - 1) {
|
|
exit 1
|
|
}
|
|
else {
|
|
exit 0
|
|
}
|