eggerco
diff --git a/‎.htaccess‎
Lines changed: 151 additions & 0 deletions b/‎.htaccess‎
Lines changed: 151 additions & 0 deletions
diff --git a/‎README.md‎
Lines changed: 53 additions & 6 deletions b/‎README.md‎
Lines changed: 53 additions & 6 deletions
@@ -0,0 +1,151 @@
+# PHP Terminal - Security Configuration
+# Apache .htaccess file for enhanced security
+
+# Disable server signature
+ServerSignature Off
+
+# Hide Apache version
+<IfModule mod_headers.c>
+    Header unset Server
+    Header always unset X-Powered-By
+    Header unset X-Powered-By
+    Header unset X-CF-Powered-By
+    Header unset X-Mod-Pagespeed
+    Header unset X-Pingback
+</IfModule>
+
+# Security Headers
+<IfModule mod_headers.c>
+    # Prevent MIME type sniffing
+    Header always set X-Content-Type-Options nosniff
+    
+    # Enable XSS filtering
+    Header always set X-XSS-Protection "1; mode=block"
+    
+    # Prevent clickjacking
+    Header always set X-Frame-Options DENY
+    
+    # Strict Transport Security (HTTPS only)
+    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
+    
+    # Content Security Policy
+    Header always set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; font-src 'self'; connect-src 'self'; frame-ancestors 'none';"
+    
+    # Referrer Policy
+    Header always set Referrer-Policy "strict-origin-when-cross-origin"
+    
+    # Permissions Policy
+    Header always set Permissions-Policy "geolocation=(), microphone=(), camera=()"
+</IfModule>
+
+# Disable directory browsing
+Options -Indexes
+
+# Follow symbolic links
+Options +FollowSymLinks
+
+# Disable server signature
+ServerTokens Prod
+
+# Prevent access to sensitive files
+<FilesMatch "\.(env|log|sql|bak|backup|old|orig|tmp)$">
+    Order allow,deny
+    Deny from all
+</FilesMatch>
+
+# Protect configuration files
+<FilesMatch "^(config|\.env|\.htaccess|\.htpasswd)">
+    Order allow,deny
+    Deny from all
+</FilesMatch>
+
+# Protect cache and logs directories
+<DirectoryMatch "^(cache|logs|uploads)/">
+    Order allow,deny
+    Deny from all
+</DirectoryMatch>
+
+# Prevent access to PHP files in media directory
+<Directory "media/">
+    <Files "*.php">
+        Order allow,deny
+        Deny from all
+    </Files>
+</Directory>
+
+# Limit file upload size
+php_value upload_max_filesize 10M
+php_value post_max_size 20M
+php_value max_execution_time 30
+php_value max_input_time 30
+php_value memory_limit 128M
+
+# Disable dangerous PHP functions
+php_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen,curl_exec,curl_multi_exec,parse_ini_file,show_source"
+
+# Enable error logging
+php_value log_errors On
+php_value error_log /var/log/phpterminal.log
+
+# Disable display of errors in production
+php_value display_errors Off
+php_value display_startup_errors Off
+
+# Enable session security
+php_value session.cookie_httponly 1
+php_value session.cookie_secure 1
+php_value session.use_only_cookies 1
+php_value session.cookie_samesite Strict
+
+# Prevent access to version control files
+<FilesMatch "\.(git|svn|hg)">
+    Order allow,deny
+    Deny from all
+</FilesMatch>
+
+# Rate limiting (if mod_evasive is available)
+<IfModule mod_evasive24.c>
+    DOSHashTableSize    2048
+    DOSPageCount        3
+    DOSPageInterval     1
+    DOSSiteCount        50
+    DOSSiteInterval     1
+    DOSBlockingPeriod   600
+</IfModule>
+
+# Compression for better performance
+<IfModule mod_deflate.c>
+    AddOutputFilterByType DEFLATE text/plain
+    AddOutputFilterByType DEFLATE text/html
+    AddOutputFilterByType DEFLATE text/xml
+    AddOutputFilterByType DEFLATE text/css
+    AddOutputFilterByType DEFLATE application/xml
+    AddOutputFilterByType DEFLATE application/xhtml+xml
+    AddOutputFilterByType DEFLATE application/rss+xml
+    AddOutputFilterByType DEFLATE application/javascript
+    AddOutputFilterByType DEFLATE application/x-javascript
+</IfModule>
+
+# Browser caching
+<IfModule mod_expires.c>
+    ExpiresActive On
+    ExpiresByType text/css "access plus 1 month"
+    ExpiresByType application/javascript "access plus 1 month"
+    ExpiresByType image/png "access plus 1 month"
+    ExpiresByType image/jpg "access plus 1 month"
+    ExpiresByType image/jpeg "access plus 1 month"
+    ExpiresByType image/gif "access plus 1 month"
+    ExpiresByType image/svg+xml "access plus 1 month"
+    ExpiresByType font/woff "access plus 1 month"
+    ExpiresByType font/woff2 "access plus 1 month"
+</IfModule>
+
+# Force HTTPS (uncomment in production)
+# RewriteEngine On
+# RewriteCond %{HTTPS} off
+# RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
+
+# Custom error pages
+ErrorDocument 404 /phpterminal.php
+ErrorDocument 403 /phpterminal.php
+ErrorDocument 500 /phpterminal.php
@@ -63,26 +63,73 @@ A **secure**, **modern**, and **feature-rich** web-based terminal emulator built
    php install.php
    ```
 
-3. **Follow the guided setup process**
+3. **Deploy to production:**
+   ```bash
+   php deploy.php
+   ```
+
+4. **Follow the guided setup process**
 
-4. **Configure your environment:**
+5. **Configure your environment:**
    ```bash
    # Edit .env file
    PHPTERM_USERNAME=your_username
    PHPTERM_PASSWORD=your_secure_password
    PHPTERM_SESSION_TIMEOUT=3600
    ```
 
-5. **Access the terminal:**
-   ```
-   http://your-domain/phpterminal.php
-   ```
+6. **Access the terminal:**
+   - Open your browser and navigate to `http://your-domain.com/phpterminal.php`
+   - Login with your credentials
+   - Start using the terminal!
+
+7. **Access admin dashboard:**
+   - Navigate to `http://your-domain.com/phpterminal/admin/dashboard.php`
+   - Monitor system health, security, and performance
 
 ### **Default Credentials**
 ```
 Username: admin
 Password: admin
 ```
+
+## 📡 **API Documentation**
+
+The PHP Terminal includes a comprehensive REST API for system management and monitoring.
+
+### **Available Endpoints**
+
+| Endpoint | Method | Description |
+|----------|--------|-------------|
+| `/api/health` | GET | System health check |
+| `/api/security` | GET | Security report |
+| `/api/performance` | GET | Performance metrics |
+| `/api/backups` | GET/POST | List/create backups |
+| `/api/backups/restore` | POST | Restore backup |
+| `/api/maintenance` | POST | Run maintenance |
+| `/api/status` | GET | System status |
+| `/api/logs` | GET | System logs |
+| `/api/config` | GET | Configuration |
+| `/api/commands` | GET | Available commands |
+| `/api/metrics` | GET | System metrics |
+
+### **Example API Usage**
+
+```bash
+# Get system health
+curl -X GET http://your-domain.com/phpterminal/api/health
+
+# Get security report
+curl -X GET http://your-domain.com/phpterminal/api/security?days=7
+
+# Create backup
+curl -X POST http://your-domain.com/phpterminal/api/backups \
+  -H "Content-Type: application/json" \
+  -d '{"description": "Manual backup"}'
+
+# Run maintenance
+curl -X POST http://your-domain.com/phpterminal/api/maintenance
+```
 ⚠️ **Change these immediately after installation!**
 
 ## 📁 Project Structure