Gunicorn¶
Starting from v0.0.6, Burp-UI supports Gunicorn in order to handle multiple users simultaneously because some operations (like the online restoration) may take some time and thus may block any further requests. With Gunicorn, you have several workers that can proceed the requests so you can handle more users.
You need to install gunicorn and eventlet:
pip install eventlet
pip install gunicorn
You will then be able to launch Burp-UI this way:
gunicorn -k eventlet -w 4 'burpui:init(conf="/path/to/burpui.cfg")'
When using gunicorn, the command line options are not available. Instead,
run the Burp-UI init method directly. Here are the parameters you can
play with:
- conf: Path to the Burp-UI configuration file
- debug: Whether to run Burp-UI in debug mode or not to get some extra logging
- logfile: Path to a logfile in order to log Burp-UI internal messages
There is a sample configuration file available here.
Reverse Proxy¶
You may want to add a reverse proxy so Burp-UI can be accessed on port 80 (or 443) along with other applications.
Here is a sample configuration for nginx:
server {
listen 80;
server_name burpui.example.com;
access_log /var/log/nginx/burpui.access.log;
error_log /var/log/nginx/burpui.error.log;
location / {
# you need to change this to "https", if you set "ssl" directive to "on"
proxy_set_header X-FORWARDED_PROTO http;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_read_timeout 300;
proxy_connect_timeout 300;
proxy_pass http://localhost:5000;
}
}