OWASP juice shop - digitalocean server installation
I’ve needed an OWASP Juice Shop server for a webinar and couldn’t find any strait forward instructions fo DigitalOcean Droplets The installation process takes about 40 minutes because the npm install takes really long time.
- start ubuntu server on DigitalOcean (click the badge to get 200$ referral credit)
- ssh into the server
-
apt update && apt upgrade -y apt install nginx nodejs npm certbot python3-certbot-nginx -y git clone https://github.com/juice-shop/juice-shop.git --depth 1 cd juice-shop npm install --no-audit --progress=false vim /etc/nginx/sites-available/default- change line 51 from
try_files $uri $uri/ =404;to
# try_files $uri $uri/ =404; client_max_body_size 512M; proxy_pass http://localhost:3000; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; - restart nginx
nginx -t service nginx restart - get ssl cert
certbot --nginx --domain - Run Juice Shop
npm start
Errors and bugs
- Wrong Node.js version :
apt-get install -y ca-certificates curl gnupg NODE_MAJOR=20 echo "deb [signed-by=/etc/apt/keyrings/nodesource.gpg] https://deb.nodesource.com/node_$NODE_MAJOR.x nodistro main" | sudo tee /etc/apt/sources.list.d/nodesource.list curl -fsSL https://deb.nodesource.com/gpgkey/nodesource-repo.gpg.key | gpg --dearmor -o /etc/apt/keyrings/nodesource.gpg apt-get update apt-get install nodejs -y - No NPM installed
curl https://www.npmjs.com/install.sh | sudo sh - Error: Could not locate the bindings file. Tried:
npm i --package-lock-only npm audit fix --force npm ci