Files
server-manager/views/admin/security.php

106 lines
4.5 KiB
PHP
Executable File

<div class="page-header">
<h1 class="page-title">Security Settings</h1>
<p class="page-subtitle">Configure security parameters and view status</p>
</div>
<div class="dashboard-grid">
<div class="dashboard-card">
<div class="card-header">
<h2><i class="fas fa-lock"></i> Encryption Status</h2>
</div>
<div class="card-body">
<div class="security-status">
<div class="security-item">
<span>Master Encryption Key</span>
<?php
$config = \ServerManager\Core\App::getConfig();
$keyConfigured = !empty($config['encryption']['master_key']) ||
(isset($config['encryption']['master_key_file']) && file_exists($config['encryption']['master_key_file']));
?>
<span class="badge badge-<?= $keyConfigured ? 'success' : 'danger' ?>">
<?= $keyConfigured ? 'Configured' : 'Not Configured' ?>
</span>
</div>
<div class="security-item">
<span>Password Hashing</span>
<span class="badge badge-success">Argon2id</span>
</div>
<div class="security-item">
<span>AES-256-CBC Encryption</span>
<span class="badge badge-success">Active</span>
</div>
<div class="security-item">
<span>Session Configuration</span>
<span class="badge badge-<?= $config['session']['secure'] ? 'success' : 'warning' ?>">
<?= $config['session']['secure'] ? 'Secure' : 'HTTP' ?>
</span>
</div>
</div>
</div>
</div>
<div class="dashboard-card">
<div class="card-header">
<h2><i class="fas fa-shield-alt"></i> Security Features</h2>
</div>
<div class="card-body">
<div class="security-status">
<div class="security-item">
<span>CSRF Protection</span>
<span class="badge badge-success">Enabled</span>
</div>
<div class="security-item">
<span>XSS Prevention</span>
<span class="badge badge-success">Enabled</span>
</div>
<div class="security-item">
<span>Rate Limiting</span>
<span class="badge badge-success">Enabled (<?= $config['rate_limit']['max_attempts'] ?> attempts/<?= $config['rate_limit']['decay_minutes'] ?>min)</span>
</div>
<div class="security-item">
<span>Input Validation</span>
<span class="badge badge-success">Enabled</span>
</div>
<div class="security-item">
<span>Audit Logging</span>
<span class="badge badge-success">Enabled</span>
</div>
<div class="security-item">
<span>Session Security</span>
<span class="badge badge-success">HTTP Only + SameSite</span>
</div>
<div class="security-item">
<span>API Authentication</span>
<span class="badge badge-success">Bearer Token</span>
</div>
</div>
</div>
</div>
<div class="dashboard-card">
<div class="card-header">
<h2><i class="fas fa-key"></i> Master Key Management</h2>
</div>
<div class="card-body">
<div class="alert alert-warning">
<i class="fas fa-exclamation-triangle"></i>
<strong>Important:</strong> The master encryption key is stored outside the database.
If lost, ALL encrypted SSH credentials will be unrecoverable.
</div>
<div class="form-group">
<label>Key File Location</label>
<code><?= htmlspecialchars($config['encryption']['master_key_file'] ?? '/etc/servermanager/master.key') ?></code>
</div>
<div class="form-actions" style="margin-top: 1rem;">
<button class="btn btn-warning" onclick="generateKey()">
<i class="fas fa-key"></i> Generate New Master Key
</button>
</div>
</div>
</div>
</div>
<script src="/assets/js/admin-security.js?v=<?= asset_version() ?>"></script>