Add files via upload

This commit is contained in:
公明
2026-07-11 11:30:50 +08:00
committed by GitHub
parent 79d162ccb4
commit 1cf10981ef
14 changed files with 28 additions and 37 deletions
+2 -3
View File
@@ -21,7 +21,7 @@ server:
tls_enabled: true
tls_auto_self_sign: true
auth:
password: "dev-only-change-me"
session_duration_hours: 12
audit:
enabled: true
retention_days: 7
@@ -45,7 +45,7 @@ server:
port: 8080
tls_enabled: false
auth:
password: "<long-random-password>"
session_duration_hours: 12
audit:
enabled: true
retention_days: 30
@@ -90,7 +90,6 @@ Goal: long-running production red-team or security platform.
```yaml
auth:
password: "<managed-secret>"
session_duration_hours: 8
audit:
enabled: true
+1 -2
View File
@@ -12,7 +12,6 @@ server:
port: 8080
tls_enabled: true
auth:
password: "change-me"
session_duration_hours: 12
openai:
provider: openai
@@ -24,7 +23,7 @@ agent:
tool_timeout_minutes: 60
```
Change the default password immediately. Use HTTPS or a trusted reverse proxy in any shared environment.
Change the initial `admin` password from the Web UI after first login. Use HTTPS or a trusted reverse proxy in any shared environment.
## Hot-Apply Boundaries
+1 -1
View File
@@ -48,7 +48,7 @@ config.yaml
```yaml
auth:
password: "<long-random-password>"
session_duration_hours: 12
server:
host: 127.0.0.1
port: 8080
+1 -1
View File
@@ -6,7 +6,7 @@ This checklist covers pre-production and continuous hardening for CyberStrikeAI.
## Before Going Live
- Change `auth.password` to a long random secret.
- Change the initial `admin` password from the Web UI after first login.
- Use HTTPS or a trusted reverse proxy.
- Restrict access by IP, VPN, or bastion.
- Enable `audit.enabled`.
+1 -1
View File
@@ -37,7 +37,7 @@ Page inaccessible:
Login fails:
- wrong `auth.password`;
- wrong RBAC user password;
- config not applied/restarted;
- stale cookie;
- audit throttling repeated failures.