Enterprise-grade security for free. No BS.
A complete, security-hardened Docker container that gives you enterprise security for free.
Note this is still in progress, there is still work being done.
An autoconfig.sh is located in /usr/local/bin for your convenience.
Network: UFW, iptables, SPA, Fail2Ban WAF
Host: Kernel hardening, AppArmor
Files: AIDE, Tripwire, ClamAV
Audit: Lynis, LogWatch, AuditD Tenable
Total Cost: $0
Auto-whitelists Cloudflare & Google IPs
Permanent bans for actual attackers
GeoIP blocking for high-risk regions
Kernel hardening (ASLR, module blacklisting)
AppArmor profiles for container isolation
File integrity monitoring (AIDE/Tripwire)
Malware scanning (ClamAV)
Attack detection (Fail2Ban + custom filters)
No "AI-powered blockchain quantum" buzzwords
Just works
Open source, no lock-in
Community-driven improvements
Basic Web Server
# docker-compose.yml
version: '3.8'
services:
web:
image: ghcr.io/yourusername/auto-secure-server:latest
ports:
- "80:80"
- "443:443"
volumes:
- ./my-website:/var/www/html
With Database
yaml
version: '3.8'
services:
web:
image: ghcr.io/yourusername/auto-secure-server:latest
ports: ["80:80", "443:443"]
volumes:
- ./wordpress:/var/www/html
depends_on:
- mysql
mysql:
image: mysql:8.0
environment:
MYSQL_ROOT_PASSWORD: secure_passwordFound a bug? Have an improvement?
Fork the repo
Create a feature branch
Submit a PR
MIT - Do whatever you want, just don't blame me.
Like this project? Give it a star! ⭐
It helps more people discover it.
Docker Hub
GitHub Issues
Security Advisories
docker buildx build -t kvthweatt/auto-secure-server:latest -f docker/Dockerfile .
`