Hello Mamie,
Thank you very much for your reply, effort, and time!, i appreciate it!
i am a php developer who developed a special login page with SQL injection protection, build-in SSL script, that can can be installed on any web page, it can lock a website without login or CRUD, or it can be implemented to an existed CRUD or login page, by a very simple line in php which is “include”
the concept behind what i am trying to do is, i did installed my yunohost on vmware with bridge, cause when i did use NAT i had many issues which i tried to solve with no luck, so i did go back to use bridge connection, the reason i wanted to use NAT is my OS firewall’s can protect the vmware nat in that case, so yunohost will be protected by the windows firewall, and also comodo firewall, but with bridge is not the case, only yunohost firewall in action that way, so lets say i compromised about it and now its working on bridged connection,
but the problem is, anyone whos trying to reach any of my domains what what is refer to my home router will find out yunohost is there, and they can immediately understand that is yunophost cause there is a huge logo shouting “yunohost” at the home page,
so several things can comes to the attacker mind, first of all the stupid gov can know that self hosting is installed on that IP, the ISP can know that self hosting is installed on that IP, which we people who do that dont want right?, its not a good idea it need to be a secrete to my opinion,
secondly, if its an bored kid or a professional hacker who is kali linux for penetration testing/hacking purposes, can immediately understand that he/she did reach a page what installed on debian,
which just makes he attacker life much easier, i am cyber security expert myself so i can think as an hacker, the first thing we need to know is what OS we are going to attack and build a working plan for it, next to that he/she knows that is “yunohost” which makes it even much easier to know what exactly is going on inside that OS, what kind of firewall exist, what kind ports are already open cause they have to be opened such as XMPP and so on and so forth,
so think, to my opinion that we dont need to show the logo “yunohost” to strangers,
they will have to reach a page which is not clear what kind of server is it, what kind of website is it,
just a blank white page without any information and two html fields, username and password, as my login script i created especially for this with DDOS protection as well, thats it, now the atacker have no idea where and what kind of server is it,
so for that, i think yunohost need to make an option to remove the logo from the landing/login page through the admin panel, and also an option for masking the website redirection address, which i already manually success to change it, and it was instead to be redirected to https://domain/yunohost, the “yunohost” been hidden for the user,
but it will be much fun if it will be through the admin panel,
the reason i am trying to contact yunohost developers with no luck through the IRC to tell them about this idea and many more ideas that i have but so far no luck if you have more luck than me or you probably knows better than me how to contact them please tell them if you can, please tell them about these important things that need to be done,
mamie i am not sure what exactly you mean by customize, but i hope i understand you right by navigate to root/yunoshost/sso?
thank you
