npm
Sign UpSign In

web-installer-authenticator

1.0.45 • Public • Published

Web Installer Authenticator

NPM

Make sure you win the race

Motivation

I was recently testing out various software on my Lightsail server, and I am disappointed by the poor security of web installers. A lot of them treat the first user to connect as the administrator, which is unfortunately not guaranteed to be you.

Web Installer Authenticator will crate a cryptographically secure random key to make sure the person typing into the terminal is the same person connecting to the web installer.

Installation

You need the latest version of Node.js.

sudo npm install --global web-installer-authenticator

Usage

Usage: wiauth domain target

  domain - domain of this proxy server
  target - address to web installer
           a port, a domain, or both
           domain defaults to localhost

Make sure to secure your installer with firewall

It is up to you to secure your installer with a firewall!

A TLS certificate is highly recommended, you can get free ones from Let's Encrypt.

Contacts

Simply open an issue on GitHub.

If you are reporting a vulnerability or otherwise wish to communicate privately, you can open a confidential issue on GitLab.

Versions

Current Tags

  • Version
    Downloads (Last 7 Days)
    • Tag
  • 1.0.45
    0
    • latest

Version History

Package Sidebar

Install

npm i web-installer-authenticator

Repository

github.com/jspenguin2017/WebInstallerAuthenticator

Homepage

github.com/jspenguin2017/WebInstallerAuthenticator

Weekly Downloads

6

Version

1.0.45

License

MIT

Unpacked Size

13.7 kB

Total Files

5

Last publish

Collaborators

  • jspenguin2017
Try on RunKit
Report malware