Update .gitignore, README.md, and server configuration handling

- Added 'log/*' and 'server' to .gitignore to exclude log files and server binary. - Enhanced README.md with improved structure and additional features. - Updated server configuration to provide a warning for default server_name and changed default to '127.0.0.1'.
2025-10-01 20:53:58 +00:00
parent eaf6e27154
commit b4fd544185
5 changed files with 244 additions and 87 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -50,3 +50,5 @@ modules.order
 Module.symvers
 Mkfile.old
 dkms.conf
+log/*
+server
--- a/README.md
+++ b/README.md
@@ -1,44 +1,74 @@
-# Carbon HTTP Server
+<div align="center">

-A high-performance HTTP/HTTPS server written in C for Linux systems, featuring advanced security, caching, and async I/O.
+# 🔥 Carbon HTTP Server

-## Core Features
+[![License: MIT](https://img.shields.io/badge/License-MIT-blue.svg)](LICENSE)
+[![Platform](https://img.shields.io/badge/Platform-Linux-green.svg)](https://www.linux.org/)
+[![Language](https://img.shields.io/badge/Language-C-orange.svg)](https://en.wikipedia.org/wiki/C_(programming_language))
+[![PRs Welcome](https://img.shields.io/badge/PRs-welcome-brightgreen.svg)](http://makeapullrequest.com)

- ✅ Multi-threaded HTTP/HTTPS server with epoll-based async I/O
- ✅ SSL/TLS support with automatic HTTP to HTTPS redirection
- ✅ Advanced rate limiting and DDoS protection
- ✅ File caching system for improved performance
- ✅ Thread pooling for efficient connection handling
- ✅ Comprehensive security headers and MIME type detection
- ✅ JSON-based configuration
- ✅ Detailed logging system with rotation
+**A high-performance HTTP/HTTPS server written in C for Linux systems**

-## Security Features
+*Features advanced security, caching, and asynchronous I/O capabilities*

- ✅ Buffer overflow prevention
- ✅ Path traversal protection
- ✅ Input sanitization
- ✅ SSL/TLS with modern cipher suites
- ✅ Security headers (CSP, HSTS, X-Frame-Options, etc.)
- ✅ Rate limiting per IP
- ✅ Automatic HTTPS redirection
+[Features](#-features) • [Installation](#-installation) • [Configuration](#-configuration) • [Usage](#-usage) • [Contributing](#-contributing) • [License](#-license)

-## Performance Features
+</div>

- ✅ Epoll-based asynchronous I/O
- ✅ Thread pool for connection handling
- ✅ File caching system
- ✅ SendFile() optimization for file transfers
- ✅ Keep-alive connection support
- ✅ TCP optimization (NODELAY, buffer sizes)
+---

-## Build Instructions
+## 📋 Table of Contents

-### Prerequisites
+- [Overview](#-overview)
+- [Features](#-features)
+- [Prerequisites](#-prerequisites)
+- [Installation](#-installation)
+- [Configuration](#-configuration)
+- [Usage](#-usage)
+- [Project Structure](#-project-structure)
+- [Roadmap](#-roadmap)
+- [Contributing](#-contributing)
+- [Security](#-security)
+- [License](#-license)
+- [Acknowledgments](#-acknowledgments)
+
+## 🌟 Overview
+
+Carbon is a production-ready HTTP/HTTPS server implementation in C, designed for high performance and security. Built with modern Linux systems in mind, it leverages epoll-based I/O, thread pooling, and comprehensive security measures to deliver a robust web serving solution.
+
+## ✨ Features
+
+### 🚀 Performance
+- **Asynchronous I/O**: Epoll-based event handling for maximum efficiency
+- **Thread Pool**: Efficient connection handling with configurable worker threads
+- **Smart Caching**: File caching system to reduce disk I/O
+- **SendFile Optimization**: Zero-copy file transfers for better throughput
+- **Keep-Alive Support**: Persistent connections to reduce overhead
+- **TCP Optimization**: Fine-tuned NODELAY and buffer configurations
+
+### 🔒 Security
+- **SSL/TLS Support**: Full HTTPS support with modern cipher suites
+- **Auto HTTPS Redirect**: Automatic HTTP to HTTPS redirection
+- **Rate Limiting**: Per-IP rate limiting and DDoS protection
+- **Security Headers**: CSP, HSTS, X-Frame-Options, and more
+- **Input Sanitization**: Protection against path traversal and injection attacks
+- **Buffer Overflow Prevention**: Memory-safe operations throughout
+
+### 🛠️ Developer Features
+- **JSON Configuration**: Easy-to-edit configuration files
+- **Comprehensive Logging**: Detailed logs with rotation support
+- **MIME Type Detection**: Automatic content-type detection via libmagic
+- **Debug Mode**: Built-in debugging support for development
+
+## 📦 Prerequisites
+
+Before building Carbon, ensure you have the following dependencies installed:

 ```bash
-# Install required dependencies
+# Update package lists
 sudo apt-get update
+
+# Install required dependencies
 sudo apt-get install -y \
    build-essential \
    libssl-dev \
@@ -47,104 +77,226 @@ sudo apt-get install -y \
    pkg-config
 ```

-### Compilation
+## 🚀 Installation
+
+### Quick Start

 ```bash
-# Using Make (recommended)
-make        # Normal build
-make debug  # Debug build
-make release # Optimized release build
+# Clone the repository
+git clone https://github.com/Azreyo/Carbon.git
+cd Carbon

-# Manual compilation
+# Build the server
+make
+
+# Run the server
+./server
+```
+
+### Build Options
+
+Carbon provides multiple build configurations:
+
+```bash
+make              # Standard build
+make debug        # Debug build with symbols
+make release      # Optimized release build
+make clean        # Clean build artifacts
+```
+
+### Manual Compilation
+
+If you prefer manual compilation:
+
+```bash
 gcc server.c config_parser.c server_config.c -o server \
    -D_GNU_SOURCE \
    -Wall -Wextra -O2 \
    -lssl -lcrypto -lpthread -lmagic -lcjson
 ```

-### SSL Certificate Setup
+## ⚙️ Configuration
+
+### SSL/TLS Setup
+
+> **⚠️ Important**: Self-signed certificates should only be used for testing purposes. For production, use certificates from a trusted Certificate Authority like [Let's Encrypt](https://letsencrypt.org/).

 ```bash
 # Create certificates directory
 mkdir -p certs

-# Generate self-signed certificate
+# Generate self-signed certificate (for testing only)
 openssl req -x509 -newkey rsa:2048 \
    -keyout certs/key.pem \
    -out certs/cert.pem \
-    -days 365 -nodes
+    -days 365 -nodes \
+    -subj "/C=US/ST=State/L=City/O=Organization/CN=localhost"
 ```

-### Configuration
+### Server Configuration

-Create `server.json`:
+Create or edit `server.json` in the project root:

 ```json
 {
    "port": 8080,
    "use_https": false,
-	"server_path": "bin/server",
-	"config_path": "sever.json",
+    "server_path": "bin/server",
+    "config_path": "server.json",
    "log_file": "log/server.log",
    "max_threads": 4,
    "running": true,
-	"server_name": "Your_domain/IP",
-	"verbose": true
-  }
+    "server_name": "localhost",
+    "verbose": true
+}
 ```

+**Configuration Options:**
+- `port`: HTTP port (default: 8080)
+- `use_https`: Enable HTTPS (requires SSL certificates)
+- `log_file`: Path to log file
+- `max_threads`: Number of worker threads
+- `server_name`: Your domain or IP address
+- `verbose`: Enable detailed logging
+
 ### Directory Structure

+Set up the required directory structure:
+
 ```bash
+# Create web root and subdirectories
 mkdir -p www/{css,js,images}
+
+# Create logs directory
+mkdir -p log
+
+# Place your web files in www/
+# Example: www/index.html, www/css/style.css, etc.
 ```

-## Running the Server
+## 🎯 Usage
+
+### Starting the Server

 ```bash
-# Allow ports
-sudo ufw allow 8080/tcp  # HTTP
-sudo ufw allow 443/tcp   # HTTPS
-
 # Run the server
 ./server
+
+# The server will start on the configured port (default: 8080)
+# Access it at http://localhost:8080
 ```

-## Planned Features
+### Firewall Configuration
+
+If you're using UFW, allow the necessary ports:
+
+```bash
+# Allow HTTP port
+sudo ufw allow 8080/tcp
+
+# Allow HTTPS port (if using SSL)
+sudo ufw allow 443/tcp
+
+# Reload firewall
+sudo ufw reload
+```
+
+### Testing
+
+```bash
+# Test HTTP endpoint
+curl http://localhost:8080
+
+# Test HTTPS endpoint (if enabled)
+curl -k https://localhost:443
+```
+
+## 📁 Project Structure
+
+```
+Carbon/
+├── server.c              # Main server implementation
+├── server_config.c       # Configuration management
+├── server_config.h       # Configuration headers
+├── config_parser.c       # JSON configuration parser
+├── Makefile              # Build configuration
+├── server.json           # Server configuration file
+├── README.md             # This file
+├── LICENSE               # MIT License
+├── certs/                # SSL certificates (create this)
+│   ├── cert.pem
+│   └── key.pem
+├── www/                  # Web root directory
+│   ├── index.html
+│   ├── css/
+│   ├── js/
+│   └── images/
+└── log/                  # Log files
+    └── server.log
+```
+
+## 🗺️ Roadmap

 | Feature | Priority | Status |
 |---------|----------|--------|
-| WebSocket Support | Medium | ❌ |
-| User Authentication | High | ❌ |
-| API Documentation | Medium | ❌ |
-| Load Balancing | Low | ❌ |
-| Security Audits | Medium | ❌ |
+| HTTP/2 Support | High | 📋 Planned |
+| WebSocket Support | Medium | 📋 Planned |
+| User Authentication | High | 📋 Planned |
+| API Rate Limiting | High | ✅ Implemented |
+| Reverse Proxy Mode | Medium | 📋 Planned |
+| Load Balancing | Low | 📋 Planned |
+| Docker Support | Medium | 📋 Planned |
+| Comprehensive API Docs | Medium | 📋 Planned |

-## Contributing
+## 🤝 Contributing

-1. Fork the repository
-2. Create your feature branch
-3. Commit your changes
-4. Push to the branch
-5. Create a Pull Request
+Contributions are welcome! Here's how you can help:

-## License
+1. **Fork** the repository
+2. **Create** a feature branch (`git checkout -b feature/AmazingFeature`)
+3. **Commit** your changes (`git commit -m 'Add some AmazingFeature'`)
+4. **Push** to the branch (`git push origin feature/AmazingFeature`)
+5. **Open** a Pull Request

-This project is licensed under the MIT License - see the [License](LICENSE) View our license terms
- file for details.
+Please ensure your code:
+- Follows the existing code style
+- Includes appropriate comments
+- Passes all tests
+- Updates documentation as needed

-## Security
+## 🔐 Security

-While this server implements various security measures, it's recommended to:
- Use a reverse proxy (like Nginx) in production
- Obtain proper SSL certificates (Let's Encrypt)
- Regularly update dependencies
- Monitor server logs
- Conduct security audits
+Carbon implements multiple security layers, but for production deployments:

-## Acknowledgments
+- ✅ **Use a reverse proxy** (Nginx, Apache) for additional security
+- ✅ **Obtain proper SSL certificates** from Let's Encrypt or another CA
+- ✅ **Keep dependencies updated** regularly
+- ✅ **Monitor server logs** for suspicious activity
+- ✅ **Conduct regular security audits**
+- ✅ **Implement firewall rules** to restrict access
+- ✅ **Use strong passwords** and authentication mechanisms

- OpenSSL for SSL/TLS support
- cJSON for configuration parsing
- libmagic for MIME type detection
+**Reporting Security Issues**: Please report security vulnerabilities to the maintainers privately before public disclosure.
+
+## 📄 License
+
+This project is licensed under the MIT License - see the [LICENSE](LICENSE) file for details.
+
+## 🙏 Acknowledgments
+
+Carbon is built with these excellent open-source libraries:
+
+- [OpenSSL](https://www.openssl.org/) - SSL/TLS cryptography
+- [cJSON](https://github.com/DaveGamble/cJSON) - Lightweight JSON parser
+- [libmagic](https://www.darwinsys.com/file/) - MIME type detection
+
+---
+
+<div align="center">
+
+**Made with ❤️ by [Azreyo](https://github.com/Azreyo)**
+
+⭐ Star this repository if you find it helpful!
+
+</div>

--- a/config_parser.c
+++ b/config_parser.c
@@ -91,16 +91,18 @@ int load_config(const char *filename, ServerConfig *config) {
        config->running = true; 
 	}

-	cJSON *server_name = cJSON_GetObjectItemCaseSensitive(root, "server_name");
-	if (cJSON_IsString(server_name) && (server_name->valuestring != NULL)) {
-    	strncpy(config->server_name, server_name->valuestring, sizeof(config->server_name) - 1);
-    	config->server_name[sizeof(config->server_name) - 1] = '\0';
-    	printf("load_config: server_name = %s\n", config->server_name);
-	} else {
-    	fprintf(stderr, "load_config: server_name not found or not a string. Using default.\n");
-    	strcpy(config->server_name, "192.168.1.1");  // Default IP address
-	}
-
+    cJSON *server_name = cJSON_GetObjectItemCaseSensitive(root, "server_name");
+    if (cJSON_IsString(server_name) && (server_name->valuestring != NULL)) {
+        strncpy(config->server_name, server_name->valuestring, sizeof(config->server_name) - 1);
+        config->server_name[sizeof(config->server_name) - 1] = '\0';
+        printf("load_config: server_name = %s\n", config->server_name);
+        if (strcmp(config->server_name, "Your_domain/IP") == 0) {
+            fprintf(stderr, "WARNING: server_name is set to 127.0.0.1\nPlease set server_name in server.json to the server's IP address or domain name for proper operation.\n");
+        }
+    } else {
+        fprintf(stderr, "load_config: server_name not found or not a string. Using default.\n");
+        strcpy(config->server_name, "127.0.0.1");
+    }
    cJSON_Delete(root);
    return 0;
 }
--- a/server_config.c
+++ b/server_config.c
@@ -10,4 +10,5 @@ void init_config(ServerConfig *config) {
    config->running = true;
 	config->automatic_startup = false;
    config->verbose = 0;
+    strcpy(config->server_name, "127.0.0.1");
 }
--- a/server_config.h
+++ b/server_config.h
@@ -11,7 +11,7 @@ typedef struct {
    bool running;
    bool automatic_startup;
    char server_name[256];   
-    int verbose;  
+    int verbose;
 } ServerConfig;

 int load_config(const char *filename, ServerConfig *config);