From 00f8191fb32d7855e8b615a2aba7bd430a3d9876 Mon Sep 17 00:00:00 2001 From: Hassan Hashmi <75794688+hassanhashmey@users.noreply.github.com> Date: Sat, 27 Apr 2024 17:27:12 +0500 Subject: [PATCH] switchoff security DOne Frontend --- .../templates/baseTemplate/index.html | 33 ++-- .../static/serverStatus/serverStatus.js | 82 ++++++++- .../serverStatus/Switchoffsecurity.html | 170 ++++++++++++++++++ serverStatus/urls.py | 4 + serverStatus/views.py | 84 +++++++-- 5 files changed, 341 insertions(+), 32 deletions(-) create mode 100644 serverStatus/templates/serverStatus/Switchoffsecurity.html diff --git a/baseTemplate/templates/baseTemplate/index.html b/baseTemplate/templates/baseTemplate/index.html index 2f6456fe2..a8c0c7574 100755 --- a/baseTemplate/templates/baseTemplate/index.html +++ b/baseTemplate/templates/baseTemplate/index.html @@ -204,19 +204,19 @@
{% comment %} + title="{% trans 'CPU Load Average' %}" data-placement="bottom"> {$ one $} - - {$ two $} - + + {$ two $} + - - {$ three $} - {% endcomment %} + + {$ three $} + {% endcomment %} @@ -947,6 +947,9 @@
  • {% trans "Package Manager" %}
    • +
  • {% trans "Switch off security" %} +
    • @@ -1057,12 +1060,12 @@
  • {% trans "Mail Queue" %}
    • -{#
  • {% trans "Email Policy Server" %}#} -{#
    • #} -{#
  • {% trans "Email Limits" %}#} -{#
    • #} + {#
  • {% trans "Email Policy Server" %}#} + {#
    • #} + {#
  • {% trans "Email Limits" %}#} + {#
    • #}
  • {% trans "SpamAssassin" %}
    • diff --git a/serverStatus/static/serverStatus/serverStatus.js b/serverStatus/static/serverStatus/serverStatus.js index 3b9a8ac6f..e376c9fc2 100755 --- a/serverStatus/static/serverStatus/serverStatus.js +++ b/serverStatus/static/serverStatus/serverStatus.js @@ -3,7 +3,6 @@ */ - /* Java script code to start/stop litespeed */ app.controller('litespeedStatus', function ($scope, $http) { @@ -424,6 +423,87 @@ app.controller('readCyberCPLogFile', function ($scope, $http) { /* Services */ + +app.controller('securityrule', function ($scope, $http) { + + $scope.securityruleLoading = true; + + + $scope.ActivateTags = ['Agents', 'AppsInitialization', 'Backdoor', 'Bruteforce', 'CWAF', 'Domains', 'Drupal', 'FilterASP', + 'FilterGen', 'FilterInFarme', 'FilterOther', 'FilterPHP', 'FiltersEnd', 'FilterSQL', 'Generic', 'HTTP', 'HTTPDoS', + 'Incoming', 'Initialzation', 'JComponent', 'Joomla', 'Other', 'OtherApps', 'PHPGen', 'Protocol', 'Request', 'RoRGen', + 'SQLi', 'WHMCS', 'WordPress', 'WPPlugin', 'XSS'] + + $scope.DeactivatedTags = [] + + + $scope.toggleActivation = function (tag) { + var index = $scope.ActivateTags.indexOf(tag); + if (index > -1) { + $scope.ActivateTags.splice(index, 1); + $scope.DeactivatedTags.push(tag); + } else { + index = $scope.DeactivatedTags.indexOf(tag); + if (index > -1) { + $scope.DeactivatedTags.splice(index, 1); + $scope.ActivateTags.push(tag); + } + } + }; + + + $scope.applychanges = function () { + + $scope.securityruleLoading = false; + url = "/serverstatus/securityruleUpdate"; + + var data = { + ActivateTags: $scope.ActivateTags, + DeactivatedTags: $scope.DeactivatedTags, + RuleID: $scope.ruleID, + Regular_expressions: $scope.Regular_expressions + + }; + + var config = { + headers: { + 'X-CSRFToken': getCookie('csrftoken') + } + }; + + + $http.post(url, data, config).then(ListInitialDatas, cantLoadInitialDatas); + + + function ListInitialDatas(response) { + $scope.securityruleLoading = true; + if (response.data.status === 1) { + new PNotify({ + title: 'Done', + text: "Changes Applied", + type: 'success' + }); + } else { + new PNotify({ + title: 'Operation Failed!', + text: response.data.error_message, + type: 'error' + }); + } + + } + + function cantLoadInitialDatas(response) { + $scope.securityruleLoading = true; + new PNotify({ + title: 'Operation Failed!', + text: 'Could not connect to server, please refresh this page', + type: 'error' + }); + } + } +}); + app.controller('servicesManager', function ($scope, $http) { $scope.services = false; diff --git a/serverStatus/templates/serverStatus/Switchoffsecurity.html b/serverStatus/templates/serverStatus/Switchoffsecurity.html new file mode 100644 index 000000000..ef450b483 --- /dev/null +++ b/serverStatus/templates/serverStatus/Switchoffsecurity.html @@ -0,0 +1,170 @@ +{% extends "baseTemplate/index.html" %} +{% load i18n %} +{% block title %}{% trans "Switch off security - CyberPanel" %}{% endblock %} +{% block content %} + + {% load static %} + {% get_current_language as LANGUAGE_CODE %} + + + + + + +
    +
    +

    {% trans "Switch off security rules" %}

    +

    {% trans "Here you can switch off security rules. It is handy if you find out that a security rule is too restrictive for some websites. To deactivate security rules, specify their IDs (for example, 340003 or 340005-340007), tags (for example, CVE-2011-4898), or regular expressions used in rule messages (for example, XSS)." %}

    +
    + + +
    +
    +

    + {% trans "Security Rules" %} +

    +
    + +
    + +
    + +
    + +
    +
    + + +
    +
    +
    Activate Tags
    +
    + +
    + {$ tag $} + + + + +
    +
    +
    +
    +
    Deactivated Tags
    +
    + +
    + {$ tag $} + + + + +
    +
    +
    +
    + + +
    + +
    + +
    +
    + + +
    + +
    + + +
    +
    + + +
    + +
    +
    +
    +
    + +{% endblock %} diff --git a/serverStatus/urls.py b/serverStatus/urls.py index ca33c74b0..16dc14003 100755 --- a/serverStatus/urls.py +++ b/serverStatus/urls.py @@ -27,4 +27,8 @@ urlpatterns = [ url(r'^CyberPanelPort$', views.CyberPanelPort, name='CyberPanelPort'), url(r'^submitPortChange$', views.submitPortChange, name='submitPortChange'), + + url(r'^Switchoffsecurity$', views.Switchoffsecurity, name='Switchoffsecurity'), + url(r'^securityruleUpdate$', views.securityruleUpdate, name='securityruleUpdate'), + ] \ No newline at end of file diff --git a/serverStatus/views.py b/serverStatus/views.py index 5443b72c6..c63e74aa8 100755 --- a/serverStatus/views.py +++ b/serverStatus/views.py @@ -28,11 +28,19 @@ EXPIRE = 3 VERSION = '2.3' BUILD = 5 + def serverStatusHome(request): proc = httpProc(request, 'serverStatus/index.html', None, 'admin') return proc.render() + +def Switchoffsecurity(request): + proc = httpProc(request, 'serverStatus/Switchoffsecurity.html', + None, 'admin') + return proc.render() + + def litespeedStatus(request): try: userID = request.session['userID'] @@ -91,6 +99,7 @@ def litespeedStatus(request): logging.CyberCPLogFileWriter.writeToFile(str(msg) + "[litespeedStatus]") return redirect(loadLoginPage) + def stopOrRestartLitespeed(request): try: userID = request.session['userID'] @@ -124,10 +133,12 @@ def stopOrRestartLitespeed(request): logging.CyberCPLogFileWriter.writeToFile(str(msg) + "[stopOrRestartLitespeed]") return HttpResponse("Not Logged in as admin") + def cyberCPMainLogFile(request): proc = httpProc(request, 'serverStatus/cybercpmainlogfile.html', None, 'admin') return proc.render() + def getFurtherDataFromLogFile(request): try: userID = request.session['userID'] @@ -151,6 +162,7 @@ def getFurtherDataFromLogFile(request): logging.CyberCPLogFileWriter.writeToFile(str(msg) + "[getFurtherDataFromLogFile]") return HttpResponse("Not Logged in as admin") + def services(request): data = {} @@ -168,6 +180,7 @@ def services(request): proc = httpProc(request, 'serverStatus/services.html', data, 'admin') return proc.render() + def servicesStatus(request): try: userID = request.session['userID'] @@ -276,6 +289,7 @@ def servicesStatus(request): except KeyError: return redirect(loadLoginPage) + def servicesAction(request): try: userID = request.session['userID'] @@ -328,6 +342,7 @@ def servicesAction(request): final_json = json.dumps(final_dic) return HttpResponse(final_json) + def switchTOLSWS(request): try: userID = request.session['userID'] @@ -361,6 +376,35 @@ def switchTOLSWS(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) + +def securityruleUpdate(request): + try: + userID = request.session['userID'] + + currentACL = ACLManager.loadedACL(userID) + + if currentACL['admin'] == 1: + pass + else: + return ACLManager.loadErrorJson('status', 0) + + data = json.loads(request.body) + + ActivateTags = data['ActivateTags'] + DeactivatedTags = data['DeactivatedTags'] + RuleID = data['RuleID'] + Regular_expressions = data['Regular_expressions'] + + data_ret = {'status': 1, 'error_message': "None", } + json_data = json.dumps(data_ret) + return HttpResponse(json_data) + + except BaseException as msg: + data_ret = {'status': 0, 'error_message': str(msg)} + json_data = json.dumps(data_ret) + return HttpResponse(json_data) + + def switchTOLSWSStatus(request): try: @@ -387,10 +431,11 @@ def switchTOLSWSStatus(request): except BaseException as msg: command = "sudo rm -f " + serverStatusUtil.ServerStatusUtil.lswsInstallStatusPath ProcessUtilities.popenExecutioner(command) - data_ret = {'status': 0,'abort': 1, 'requestStatus': str(msg), 'installed': 0} + data_ret = {'status': 0, 'abort': 1, 'requestStatus': str(msg), 'installed': 0} json_data = json.dumps(data_ret) return HttpResponse(json_data) + def licenseStatus(request): try: userID = request.session['userID'] @@ -407,7 +452,8 @@ def licenseStatus(request): serial = ProcessUtilities.outputExecutioner(command) if serial.find('No such file or directory') > -1: - final_dic = {'status': 1, "erroMessage": 0, 'lsSerial': 'Trial License in use.', 'lsexpiration': 'Trial license expires 15 days after activation.'} + final_dic = {'status': 1, "erroMessage": 0, 'lsSerial': 'Trial License in use.', + 'lsexpiration': 'Trial license expires 15 days after activation.'} final_json = json.dumps(final_dic) return HttpResponse(final_json) @@ -427,6 +473,7 @@ def licenseStatus(request): final_json = json.dumps(final_dic) return HttpResponse(final_json) + def refreshLicense(request): try: userID = request.session['userID'] @@ -439,7 +486,6 @@ def refreshLicense(request): else: return ACLManager.loadErrorJson('status', 0) - command = 'sudo /usr/local/lsws/bin/lshttpd -V' ProcessUtilities.outputExecutioner(command) @@ -512,6 +558,7 @@ def topProcesses(request): proc = httpProc(request, "serverStatus/topProcesses.html", None, 'admin') return proc.render() + def topProcessesStatus(request): try: userID = request.session['userID'] @@ -586,7 +633,6 @@ def topProcessesStatus(request): memoryInf0[1] = list(filter(None, memoryInf0[1].split(' '))) memoryInf0[2] = list(filter(None, memoryInf0[2].split(' '))) - try: data['totalMemory'] = '%sMB' % (memoryInf0[1][1]) except: @@ -606,7 +652,6 @@ def topProcessesStatus(request): except: data['buffCache'] = '%sMB' % ('0') - ## Swap try: @@ -681,8 +726,8 @@ def topProcessesStatus(request): total, used, free = shutil.disk_usage("/") data['TotalDisk'] = '%s GB' % (total // (2 ** 30)) - data['TotalDiskUsed'] = '%s GB' % (used // (2 ** 30)) - data['TotalDiskFree'] =' %s GB' % (free // (2 ** 30)) + data['TotalDiskUsed'] = '%s GB' % (used // (2 ** 30)) + data['TotalDiskFree'] = ' %s GB' % (free // (2 ** 30)) final_json = json.dumps(data) return HttpResponse(final_json) @@ -692,6 +737,7 @@ def topProcessesStatus(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) + def killProcess(request): try: userID = request.session['userID'] @@ -721,10 +767,12 @@ def killProcess(request): final_json = json.dumps(final_dic) return HttpResponse(final_json) + def packageManager(request): proc = httpProc(request, "serverStatus/packageManager.html", None, 'admin') return proc.render() + def fetchPackages(request): try: @@ -842,8 +890,7 @@ def fetchPackages(request): ## make list of packages that need update - - #if os.path.exists(ProcessUtilities.debugPath): + # if os.path.exists(ProcessUtilities.debugPath): # logging.CyberCPLogFileWriter.writeToFile('All packages: %s' % (str(packages))) from s3Backups.s3Backups import S3Backups @@ -857,7 +904,7 @@ def fetchPackages(request): counter = 0 if os.path.exists(ProcessUtilities.debugPath): - logging.CyberCPLogFileWriter.writeToFile('Final packages: %s' % (str(finalPackages))) + logging.CyberCPLogFileWriter.writeToFile('Final packages: %s' % (str(finalPackages))) import re for items in finalPackages: @@ -896,7 +943,9 @@ def fetchPackages(request): else: lock = 0 - dic = {'package': nowSplitted[0].split('/')[0], 'version': '%s %s' % (nowSplitted[1].split(' ')[1], nowSplitted[1].split(' ')[2]), 'upgrade': upgrade, 'lock': lock} + dic = {'package': nowSplitted[0].split('/')[0], + 'version': '%s %s' % (nowSplitted[1].split(' ')[1], nowSplitted[1].split(' ')[2]), + 'upgrade': upgrade, 'lock': lock} counter = counter + 1 if checker == 0: @@ -923,7 +972,6 @@ def fetchPackages(request): else: upgrade = 'Upgrade available' - if details[0].split('.')[0] in locked: lock = 1 else: @@ -965,7 +1013,8 @@ def fetchPackages(request): json_data = json_data + ']' - data_ret = {'status': 1, 'packages': json_data, 'pagination': pagination, 'fetchedPackages': counter, 'totalPackages': len(packages)} + data_ret = {'status': 1, 'packages': json_data, 'pagination': pagination, 'fetchedPackages': counter, + 'totalPackages': len(packages)} json_data = json.dumps(data_ret) return HttpResponse(json_data) @@ -974,6 +1023,7 @@ def fetchPackages(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) + def fetchPackageDetails(request): try: @@ -1004,6 +1054,7 @@ def fetchPackageDetails(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) + def updatePackage(request): try: @@ -1027,7 +1078,7 @@ def updatePackage(request): extraArgs = {} extraArgs['package'] = package - from plogical.applicationInstaller import ApplicationInstaller + from plogical.applicationInstaller import ApplicationInstaller background = ApplicationInstaller('updatePackage', extraArgs) background.start() @@ -1043,6 +1094,7 @@ def updatePackage(request): json_data = json.dumps(data_ret) return HttpResponse(json_data) + def lockStatus(request): try: @@ -1179,11 +1231,11 @@ def submitPortChange(request): ProcessUtilities.executioner('systemctl restart lscpd') - data_ret = {'status': 1,} + data_ret = {'status': 1, } json_data = json.dumps(data_ret) return HttpResponse(json_data) except BaseException as msg: data_ret = {'status': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) - return HttpResponse(json_data) \ No newline at end of file + return HttpResponse(json_data)