Web Check: Self Hosted Web Security Check

This is another example of hosting an OCI container in Incus. Web-check is an open source tool to analyze the security of web based application instances. The web-check Gitbub project is here.

Web-check gives you insight into the inner-workings of a given website and lets you uncover potential attack vectors, analyze server architecture, view security configurations, and learn what technologies a site is using.

The web-check dashboard will show IP info, SSL chain, DNS records, cookies, headers, domain info, search crawl rules, page map, server location, redirect ledger, open ports, traceroute, DNS security extensions, site performance, trackers, associated hostnames, and carbon footprint. The project seems to be under active development.

We are going to install a self-hosted instance of web-check as an incus OCI container bridged to your main LAN. Incus supports docker OCI containers beginning in Incus 6.3.

You will want to make sure you have added the docker hub as one of your Incus repositories. This only needs to be done once.

incus remote add docker https://docker.io --protocol=oci 

I am assuming you have watched my video Incus Containers Step by Step. We leverage the incus bridgproefile created in that video to have our web-check instance on its own LAN address.

Launch the web-check container:

incus launch docker:lissy93/web-check web-check -c boot.autostart=true -p default -p bridgeprofile

This will deploy the web-check application in a container bridged to an address on my main LAN granted by router’s DHCP server.

Web-check runs on port 3000 and so I can go to the interface with the address of the container at port 3000.