mirror of
https://github.com/usmannasir/cyberpanel.git
synced 2025-11-03 03:45:52 +01:00
ModSec Integration.
This commit is contained in:
usmannasir
@@ -983,20 +983,40 @@ app.controller('modSec', function($scope, $http, $timeout, $window) {
|
||||
|
||||
}
|
||||
|
||||
///// ModSec configs
|
||||
|
||||
var modsecurity_status = false;
|
||||
var SecAuditEngine = false;
|
||||
var SecRuleEngine = false;
|
||||
|
||||
|
||||
function getSSHConfigs(){
|
||||
$('#modsecurity_status').change(function() {
|
||||
modsecurity_status = $(this).prop('checked');
|
||||
});
|
||||
|
||||
$scope.couldNotSave = true;
|
||||
$scope.detailsSaved = true;
|
||||
$scope.couldNotConnect = true;
|
||||
$scope.secureSSHLoading = false;
|
||||
$('#SecAuditEngine').change(function() {
|
||||
SecAuditEngine = $(this).prop('checked');
|
||||
});
|
||||
|
||||
url = "/firewall/getSSHConfigs";
|
||||
|
||||
var data = {
|
||||
type:"1",
|
||||
};
|
||||
$('#SecRuleEngine').change(function() {
|
||||
SecRuleEngine = $(this).prop('checked');
|
||||
});
|
||||
|
||||
fetchModSecSettings();
|
||||
function fetchModSecSettings(){
|
||||
|
||||
$scope.modsecLoading = false;
|
||||
|
||||
$('#modsecurity_status').bootstrapToggle('off');
|
||||
$('#SecAuditEngine').bootstrapToggle('off');
|
||||
$('#SecRuleEngine').bootstrapToggle('off');
|
||||
|
||||
url = "/firewall/fetchModSecSettings";
|
||||
|
||||
var phpSelection = $scope.phpSelection;
|
||||
|
||||
var data = {};
|
||||
|
||||
var config = {
|
||||
headers : {
|
||||
@@ -1011,218 +1031,46 @@ app.controller('modSec', function($scope, $http, $timeout, $window) {
|
||||
|
||||
function ListInitialDatas(response) {
|
||||
|
||||
$scope.sshPort = response.data.sshPort;
|
||||
$scope.modsecLoading = true;
|
||||
|
||||
if(response.data.permitRootLogin == 1){
|
||||
$('#rootLogin').bootstrapToggle('on');
|
||||
$scope.couldNotSave = true;
|
||||
$scope.detailsSaved = true;
|
||||
$scope.couldNotConnect = true;
|
||||
$scope.secureSSHLoading = true;
|
||||
if(response.data.fetchStatus === 1){
|
||||
|
||||
if(response.data.installed === 1) {
|
||||
|
||||
|
||||
if (response.data.modsecurity === 1) {
|
||||
$('#modsecurity_status').bootstrapToggle('on');
|
||||
}
|
||||
else{
|
||||
$scope.errorMessage = response.data.error_message;
|
||||
$scope.couldNotSave = true;
|
||||
$scope.detailsSaved = true;
|
||||
$scope.couldNotConnect = true;
|
||||
$scope.secureSSHLoading = true;
|
||||
if (response.data.SecAuditEngine === 1) {
|
||||
$('#SecAuditEngine').bootstrapToggle('on');
|
||||
}
|
||||
if (response.data.SecRuleEngine === 1) {
|
||||
$('#SecRuleEngine').bootstrapToggle('on');
|
||||
}
|
||||
|
||||
$scope.SecDebugLogLevel = response.data.SecDebugLogLevel;
|
||||
$scope.SecAuditLogParts = response.data.SecAuditLogParts;
|
||||
$scope.SecAuditLogRelevantStatus = response.data.SecAuditLogRelevantStatus;
|
||||
$scope.SecAuditLogType = response.data.SecAuditLogType;
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
function cantLoadInitialDatas(response) {
|
||||
$scope.couldNotConnect = false;
|
||||
|
||||
}
|
||||
|
||||
};
|
||||
|
||||
$scope.saveChanges = function () {
|
||||
|
||||
$scope.couldNotSave = true;
|
||||
$scope.detailsSaved = true;
|
||||
$scope.couldNotConnect = true;
|
||||
$scope.secureSSHLoading = false;
|
||||
|
||||
url = "/firewall/saveSSHConfigs";
|
||||
|
||||
var data = {
|
||||
type:"1",
|
||||
sshPort:$scope.sshPort,
|
||||
rootLogin:rootLogin,
|
||||
};
|
||||
|
||||
var config = {
|
||||
headers : {
|
||||
'X-CSRFToken': getCookie('csrftoken')
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
|
||||
$http.post(url, data,config).then(ListInitialDatas, cantLoadInitialDatas);
|
||||
|
||||
|
||||
function ListInitialDatas(response) {
|
||||
|
||||
if(response.data.saveStatus == 1){
|
||||
$scope.couldNotSave = true;
|
||||
$scope.detailsSaved = false;
|
||||
$scope.couldNotConnect = true;
|
||||
$scope.secureSSHLoading = true;
|
||||
}
|
||||
else{
|
||||
|
||||
$scope.couldNotSave = false;
|
||||
$scope.detailsSaved = true;
|
||||
$scope.couldNotConnect = true;
|
||||
$scope.secureSSHLoading = true;
|
||||
|
||||
$scope.errorMessage = response.data.error_message;
|
||||
$scope.modsecLoading = true;
|
||||
}
|
||||
|
||||
}
|
||||
function cantLoadInitialDatas(response) {
|
||||
$scope.couldNotSave = true;
|
||||
$scope.detailsSaved = true;
|
||||
$scope.couldNotConnect = false;
|
||||
$scope.secureSSHLoading = true;
|
||||
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
function populateCurrentKeys(){
|
||||
/////
|
||||
|
||||
url = "/firewall/getSSHConfigs";
|
||||
/// Save ModSec Changes
|
||||
|
||||
var data = {
|
||||
type:"2",
|
||||
};
|
||||
|
||||
var config = {
|
||||
headers : {
|
||||
'X-CSRFToken': getCookie('csrftoken')
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
|
||||
$http.post(url, data,config).then(ListInitialDatas, cantLoadInitialDatas);
|
||||
|
||||
|
||||
function ListInitialDatas(response) {
|
||||
|
||||
if(response.data.status == 1){
|
||||
$scope.records = JSON.parse(response.data.data);
|
||||
}
|
||||
|
||||
}
|
||||
function cantLoadInitialDatas(response) {
|
||||
$scope.couldNotConnect = false;
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
$scope.deleteKey = function(key){
|
||||
|
||||
$scope.secureSSHLoading = false;
|
||||
|
||||
url = "/firewall/deleteSSHKey";
|
||||
|
||||
var data = {
|
||||
key:key,
|
||||
};
|
||||
|
||||
var config = {
|
||||
headers : {
|
||||
'X-CSRFToken': getCookie('csrftoken')
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
|
||||
$http.post(url, data,config).then(ListInitialDatas, cantLoadInitialDatas);
|
||||
|
||||
|
||||
function ListInitialDatas(response) {
|
||||
|
||||
if(response.data.delete_status == 1){
|
||||
$scope.secureSSHLoading = true;
|
||||
$scope.keyDeleted = false;
|
||||
populateCurrentKeys();
|
||||
}
|
||||
else{
|
||||
$scope.couldNotConnect = false;
|
||||
$scope.secureSSHLoading = true;
|
||||
}
|
||||
|
||||
}
|
||||
function cantLoadInitialDatas(response) {
|
||||
$scope.couldNotConnect = false;
|
||||
$scope.secureSSHLoading = true;
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
$scope.saveKey = function(key){
|
||||
|
||||
$scope.secureSSHLoading = false;
|
||||
|
||||
url = "/firewall/addSSHKey";
|
||||
|
||||
var data = {
|
||||
key:$scope.keyData,
|
||||
};
|
||||
|
||||
var config = {
|
||||
headers : {
|
||||
'X-CSRFToken': getCookie('csrftoken')
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
|
||||
$http.post(url, data,config).then(ListInitialDatas, cantLoadInitialDatas);
|
||||
|
||||
|
||||
function ListInitialDatas(response) {
|
||||
|
||||
if(response.data.add_status == 1){
|
||||
$scope.secureSSHLoading = true;
|
||||
$scope.saveKeyBtn = true;
|
||||
$scope.showKeyBox = false;
|
||||
$scope.keyBox = true;
|
||||
|
||||
|
||||
populateCurrentKeys();
|
||||
}
|
||||
else{
|
||||
$scope.secureSSHLoading = true;
|
||||
$scope.saveKeyBtn = false;
|
||||
$scope.showKeyBox = true;
|
||||
$scope.keyBox = true;
|
||||
$scope.couldNotConnect = false;
|
||||
$scope.secureSSHLoading = true;
|
||||
}
|
||||
|
||||
}
|
||||
function cantLoadInitialDatas(response) {
|
||||
$scope.secureSSHLoading = true;
|
||||
$scope.saveKeyBtn = false;
|
||||
$scope.showKeyBox = true;
|
||||
$scope.keyBox = true;
|
||||
$scope.couldNotConnect = false;
|
||||
$scope.secureSSHLoading = true;
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
$scope.failedToSave = true;
|
||||
$scope.successfullySaved = true;
|
||||
|
||||
});
|
||||
|
||||
|
||||
@@ -74,6 +74,115 @@
|
||||
|
||||
<!----- ModeSec Install Log box ----------------->
|
||||
{% else %}
|
||||
|
||||
<div style="padding: 2%" class="col-md-12">
|
||||
<form action="/" id="createPackages" class="form-horizontal bordered-row">
|
||||
|
||||
<div ng-hide="phpDetailsBox" class="form-group">
|
||||
<label class="col-sm-4 control-label">ModSecurity Status</label>
|
||||
<div class="col-sm-6">
|
||||
<input type="checkbox" id="modsecurity_status" data-toggle="toggle">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div ng-hide="phpDetailsBox" class="form-group">
|
||||
<label class="col-sm-4 control-label">SecAuditEngine</label>
|
||||
<div class="col-sm-6">
|
||||
<input type="checkbox" id="SecAuditEngine" data-toggle="toggle">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div ng-hide="phpDetailsBox" class="form-group">
|
||||
<label class="col-sm-4 control-label">SecRuleEngine</label>
|
||||
<div class="col-sm-6">
|
||||
<input type="checkbox" id="SecRuleEngine" data-toggle="toggle">
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label class="col-sm-4 control-label">SecDebugLogLevel</label>
|
||||
<div class="col-sm-6">
|
||||
<div class="selector" style="width: 79px;"><span style="width: 57px; -moz-user-select: none;">{$ SecDebugLogLevel $}</span><select ng-model="SecDebugLogLevel" class="custom-select">
|
||||
<option>1</option>
|
||||
<option>2</option>
|
||||
<option>3</option>
|
||||
<option>4</option>
|
||||
<option>5</option>
|
||||
<option>6</option>
|
||||
<option>7</option>
|
||||
<option>8</option>
|
||||
<option>9</option>
|
||||
</select><i class="glyph-icon icon-caret-down"></i></div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label class="col-sm-4 control-label">SecAuditLogParts</label>
|
||||
<div class="col-sm-6">
|
||||
<div class="selector" style="width: 79px;"><span style="width: 57px; -moz-user-select: none;">{$ SecAuditLogParts $}</span><select ng-model="SecAuditLogParts" class="custom-select">
|
||||
<option>A</option>
|
||||
<option>AB</option>
|
||||
<option>ABI</option>
|
||||
<option>ABIJ</option>
|
||||
<option>ABIJD</option>
|
||||
<option>ABIJDE</option>
|
||||
<option>ABIJDEF</option>
|
||||
<option>ABIJDEFH</option>
|
||||
<option>ABIJDEFHZ</option>
|
||||
</select><i class="glyph-icon icon-caret-down"></i></div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
<div class="form-group">
|
||||
<label class="col-sm-4 control-label">SecAuditLogRelevantStatus</label>
|
||||
<div class="col-sm-6">
|
||||
<input type="text" class="form-control" ng-model="SecAuditLogRelevantStatus" required>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="form-group">
|
||||
<label class="col-sm-4 control-label">SecAuditLogType</label>
|
||||
<div class="col-sm-6">
|
||||
<input type="text" class="form-control" ng-model="SecAuditLogType" required>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
|
||||
<div class="form-group">
|
||||
<label class="col-sm-3 control-label"></label>
|
||||
<div class="col-sm-4">
|
||||
<button type="button" ng-click="saveModSecChanges()" class="btn btn-primary btn-lg btn-block">{% trans "Save changes." %}</button>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
|
||||
<div class="form-group">
|
||||
<label class="col-sm-3 control-label"></label>
|
||||
<div class="col-sm-4">
|
||||
|
||||
<div ng-hide="failedToSave" class="alert alert-danger">
|
||||
<p>{% trans "Failed to save ModSecurity configurations. Error message: " %} {$ errorMessage $}</p>
|
||||
</div>
|
||||
|
||||
<div ng-hide="successfullySaved" class="alert alert-success">
|
||||
<p>{% trans "ModSecurity configurations successfully saved." %}</p>
|
||||
</div>
|
||||
|
||||
<div ng-hide="couldNotConnect" class="alert alert-danger">
|
||||
<p>{% trans "Could not connect. Please refresh this page." %} </p>
|
||||
</div>
|
||||
|
||||
</div>
|
||||
</div>
|
||||
|
||||
|
||||
</form>
|
||||
</div>
|
||||
|
||||
{% endif %}
|
||||
|
||||
|
||||
|
||||
@@ -28,6 +28,7 @@ urlpatterns = [
|
||||
url(r'^modSecurity', views.loadModSecurityHome, name='modSecurity'),
|
||||
url(r'^installModSec', views.installModSec, name='installModSec'),
|
||||
url(r'^installStatusModSec', views.installStatusModSec, name='installStatusModSec'),
|
||||
url(r'^fetchModSecSettings', views.fetchModSecSettings, name='fetchModSecSettings'),
|
||||
|
||||
|
||||
]
|
||||
@@ -678,6 +678,25 @@ def installStatusModSec(request):
|
||||
|
||||
if installStatus.find("[200]")>-1:
|
||||
|
||||
execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/modSec.py"
|
||||
|
||||
execPath = execPath + " installModSecConfigs"
|
||||
|
||||
output = subprocess.check_output(shlex.split(execPath))
|
||||
|
||||
if output.find("1,None") > -1:
|
||||
pass
|
||||
else:
|
||||
final_json = json.dumps({
|
||||
'error_message': "Failed to install ModSecurity configurations.",
|
||||
'requestStatus': installStatus,
|
||||
'abort': 1,
|
||||
'installed': 0,
|
||||
})
|
||||
return HttpResponse(final_json)
|
||||
|
||||
installUtilities.reStartLiteSpeed()
|
||||
|
||||
final_json = json.dumps({
|
||||
'error_message': "None",
|
||||
'requestStatus': installStatus,
|
||||
@@ -712,3 +731,96 @@ def installStatusModSec(request):
|
||||
final_dic = {'abort':1,'installed':0, 'error_message': "Not Logged In, please refresh the page or login again."}
|
||||
final_json = json.dumps(final_dic)
|
||||
return HttpResponse(final_json)
|
||||
|
||||
|
||||
def fetchModSecSettings(request):
|
||||
try:
|
||||
val = request.session['userID']
|
||||
|
||||
try:
|
||||
if request.method == 'POST':
|
||||
|
||||
modsecurity = 0
|
||||
SecAuditEngine = 0
|
||||
SecRuleEngine = 0
|
||||
SecDebugLogLevel = "9"
|
||||
SecAuditLogRelevantStatus = '^(?:5|4(?!04))'
|
||||
SecAuditLogParts = 'ABIJDEFHZ'
|
||||
SecAuditLogType = 'Serial'
|
||||
|
||||
confPath = os.path.join(virtualHostUtilities.Server_root, 'conf/httpd_config.conf')
|
||||
modSecPath = os.path.join(virtualHostUtilities.Server_root, 'modules', 'mod_security.so')
|
||||
|
||||
if os.path.exists(modSecPath):
|
||||
|
||||
data = open(confPath, 'r').readlines()
|
||||
|
||||
for items in data:
|
||||
|
||||
if items.find('modsecurity ') > -1:
|
||||
if items.find('on') > -1 or items.find('On') > -1:
|
||||
modsecurity = 1
|
||||
continue
|
||||
if items.find('SecAuditEngine ') > -1:
|
||||
if items.find('on') > -1 or items.find('On') > -1:
|
||||
SecAuditEngine = 1
|
||||
continue
|
||||
|
||||
if items.find('SecRuleEngine ') > -1:
|
||||
if items.find('on') > -1 or items.find('On') > -1:
|
||||
SecRuleEngine = 1
|
||||
continue
|
||||
|
||||
if items.find('SecDebugLogLevel') > -1:
|
||||
result = items.split(' ')
|
||||
if result[0] == 'SecDebugLogLevel':
|
||||
SecDebugLogLevel = result[1]
|
||||
continue
|
||||
if items.find('SecAuditLogRelevantStatus') > -1:
|
||||
result = items.split(' ')
|
||||
if result[0] == 'SecAuditLogRelevantStatus':
|
||||
SecAuditLogRelevantStatus = result[1]
|
||||
continue
|
||||
if items.find('SecAuditLogParts') > -1:
|
||||
result = items.split(' ')
|
||||
if result[0] == 'SecAuditLogParts':
|
||||
SecAuditLogParts = result[1]
|
||||
continue
|
||||
if items.find('SecAuditLogType') > -1:
|
||||
result = items.split(' ')
|
||||
if result[0] == 'SecAuditLogType':
|
||||
SecAuditLogType = result[1]
|
||||
continue
|
||||
|
||||
|
||||
final_dic = {'fetchStatus': 1,
|
||||
'installed': 1,
|
||||
'SecRuleEngine': SecRuleEngine,
|
||||
'modsecurity': modsecurity,
|
||||
'SecAuditEngine': SecAuditEngine,
|
||||
'SecDebugLogLevel': SecDebugLogLevel,
|
||||
'SecAuditLogParts': SecAuditLogParts,
|
||||
'SecAuditLogRelevantStatus': SecAuditLogRelevantStatus,
|
||||
'SecAuditLogType': SecAuditLogType,
|
||||
}
|
||||
|
||||
else:
|
||||
final_dic = {'fetchStatus': 1,
|
||||
'installed': 0}
|
||||
|
||||
|
||||
|
||||
final_json = json.dumps(final_dic)
|
||||
return HttpResponse(final_json)
|
||||
|
||||
|
||||
except BaseException,msg:
|
||||
final_dic = {'fetchStatus': 0, 'error_message': str(msg)}
|
||||
final_json = json.dumps(final_dic)
|
||||
|
||||
return HttpResponse(final_json)
|
||||
|
||||
|
||||
return render(request,'managePHP/editPHPConfig.html')
|
||||
except KeyError:
|
||||
return redirect(loadLoginPage)
|
||||
|
||||
@@ -59,13 +59,12 @@ app.controller('installExtensions', function($scope,$http,$timeout) {
|
||||
function ListInitialDatas(response) {
|
||||
|
||||
|
||||
if(response.data.extensionRequestStatus == 1){
|
||||
if(response.data.extensionRequestStatus === 1){
|
||||
|
||||
getRequestStatus();
|
||||
$scope.canNotPerform = true;
|
||||
|
||||
|
||||
|
||||
}
|
||||
else{
|
||||
$scope.canNotPerform = false;
|
||||
@@ -170,7 +169,7 @@ app.controller('installExtensions', function($scope,$http,$timeout) {
|
||||
function ListInitialDatas(response) {
|
||||
|
||||
|
||||
if(response.data.fetchStatus == 1){
|
||||
if(response.data.fetchStatus === 1){
|
||||
|
||||
$scope.records = JSON.parse(response.data.data);
|
||||
|
||||
@@ -225,9 +224,9 @@ app.controller('installExtensions', function($scope,$http,$timeout) {
|
||||
function ListInitialDatas(response) {
|
||||
|
||||
|
||||
if(response.data.extensionRequestStatus == 1){
|
||||
if(response.data.extensionRequestStatus === 1){
|
||||
|
||||
if(response.data.finished==1){
|
||||
if(response.data.finished === 1){
|
||||
|
||||
$scope.loadingExtensions = true;
|
||||
$scope.phpSelectionDisabled = false;
|
||||
@@ -288,20 +287,20 @@ app.controller('editPHPConfig', function($scope,$http,$timeout) {
|
||||
|
||||
$('#allow_url_fopen').change(function() {
|
||||
allow_url_fopen = $(this).prop('checked');
|
||||
})
|
||||
});
|
||||
|
||||
$('#display_errors').change(function() {
|
||||
display_errors = $(this).prop('checked');
|
||||
})
|
||||
});
|
||||
|
||||
|
||||
$('#file_uploads').change(function() {
|
||||
file_uploads = $(this).prop('checked');
|
||||
})
|
||||
});
|
||||
|
||||
$('#allow_url_include').change(function() {
|
||||
allow_url_include = $(this).prop('checked');
|
||||
})
|
||||
});
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -1,6 +1,9 @@
|
||||
import CyberCPLogFileWriter as logging
|
||||
import subprocess
|
||||
import shlex
|
||||
import argparse
|
||||
from virtualHostUtilities import virtualHostUtilities
|
||||
import os
|
||||
|
||||
class modSec:
|
||||
installLogPath = "/home/cyberpanel/modSecInstallLog"
|
||||
@@ -30,3 +33,71 @@ class modSec:
|
||||
return 1
|
||||
except BaseException, msg:
|
||||
logging.CyberCPLogFileWriter.writeToFile(str(msg) + "[installModSec]")
|
||||
|
||||
@staticmethod
|
||||
def installModSecConfigs():
|
||||
try:
|
||||
## Try making a dir that will store ModSec configurations
|
||||
path = os.path.join(virtualHostUtilities.Server_root,"conf/modsec")
|
||||
try:
|
||||
os.mkdir(path)
|
||||
except:
|
||||
logging.CyberCPLogFileWriter.writeToFile(
|
||||
"ModSecurity rules directory already exists." + " [installModSecConfigs]")
|
||||
|
||||
initialConfigs = """
|
||||
module mod_security {
|
||||
modsecurity on
|
||||
modsecurity_rules `
|
||||
SecDebugLogLevel 9
|
||||
SecDebugLog /usr/local/lsws/logs/modsec.log
|
||||
SecAuditEngine on
|
||||
SecAuditLogRelevantStatus "^(?:5|4(?!04))"
|
||||
SecAuditLogParts ABIJDEFHZ
|
||||
SecAuditLogType Serial
|
||||
SecAuditLog /usr/local/lsws/logs/auditmodsec.log
|
||||
SecRuleEngine On
|
||||
`
|
||||
modsecurity_rules_file /usr/local/lsws/conf/modsec/rules.conf
|
||||
}
|
||||
"""
|
||||
|
||||
|
||||
confFile = os.path.join(virtualHostUtilities.Server_root,"conf/httpd_config.conf")
|
||||
|
||||
conf = open(confFile,'a+')
|
||||
conf.write(initialConfigs)
|
||||
conf.close()
|
||||
|
||||
rulesFilePath = os.path.join(virtualHostUtilities.Server_root,"conf/modsec/rules.conf")
|
||||
|
||||
if not os.path.exists(rulesFilePath):
|
||||
initialRules = """
|
||||
SecRule ARGS "\.\./" "t:normalisePathWin,id:99999,severity:4,msg:'Drive Access' ,log,auditlog,deny"
|
||||
"""
|
||||
rule = open(rulesFilePath,'a+')
|
||||
rule.write(initialRules)
|
||||
rule.close()
|
||||
|
||||
print "1,None"
|
||||
return
|
||||
|
||||
except BaseException, msg:
|
||||
logging.CyberCPLogFileWriter.writeToFile(
|
||||
str(msg) + " [installModSecConfigs]")
|
||||
print "0," + str(msg)
|
||||
|
||||
|
||||
|
||||
def main():
|
||||
|
||||
parser = argparse.ArgumentParser(description='CyberPanel Installer')
|
||||
parser.add_argument('function', help='Specific a function to call!')
|
||||
|
||||
args = parser.parse_args()
|
||||
|
||||
if args.function == "installModSecConfigs":
|
||||
modSec.installModSecConfigs()
|
||||
|
||||
if __name__ == "__main__":
|
||||
main()
|
||||
@@ -983,20 +983,40 @@ app.controller('modSec', function($scope, $http, $timeout, $window) {
|
||||
|
||||
}
|
||||
|
||||
///// ModSec configs
|
||||
|
||||
var modsecurity_status = false;
|
||||
var SecAuditEngine = false;
|
||||
var SecRuleEngine = false;
|
||||
|
||||
|
||||
function getSSHConfigs(){
|
||||
$('#modsecurity_status').change(function() {
|
||||
modsecurity_status = $(this).prop('checked');
|
||||
});
|
||||
|
||||
$scope.couldNotSave = true;
|
||||
$scope.detailsSaved = true;
|
||||
$scope.couldNotConnect = true;
|
||||
$scope.secureSSHLoading = false;
|
||||
$('#SecAuditEngine').change(function() {
|
||||
SecAuditEngine = $(this).prop('checked');
|
||||
});
|
||||
|
||||
url = "/firewall/getSSHConfigs";
|
||||
|
||||
var data = {
|
||||
type:"1",
|
||||
};
|
||||
$('#SecRuleEngine').change(function() {
|
||||
SecRuleEngine = $(this).prop('checked');
|
||||
});
|
||||
|
||||
fetchModSecSettings();
|
||||
function fetchModSecSettings(){
|
||||
|
||||
$scope.modsecLoading = false;
|
||||
|
||||
$('#modsecurity_status').bootstrapToggle('off');
|
||||
$('#SecAuditEngine').bootstrapToggle('off');
|
||||
$('#SecRuleEngine').bootstrapToggle('off');
|
||||
|
||||
url = "/firewall/fetchModSecSettings";
|
||||
|
||||
var phpSelection = $scope.phpSelection;
|
||||
|
||||
var data = {};
|
||||
|
||||
var config = {
|
||||
headers : {
|
||||
@@ -1011,218 +1031,46 @@ app.controller('modSec', function($scope, $http, $timeout, $window) {
|
||||
|
||||
function ListInitialDatas(response) {
|
||||
|
||||
$scope.sshPort = response.data.sshPort;
|
||||
$scope.modsecLoading = true;
|
||||
|
||||
if(response.data.permitRootLogin == 1){
|
||||
$('#rootLogin').bootstrapToggle('on');
|
||||
$scope.couldNotSave = true;
|
||||
$scope.detailsSaved = true;
|
||||
$scope.couldNotConnect = true;
|
||||
$scope.secureSSHLoading = true;
|
||||
if(response.data.fetchStatus === 1){
|
||||
|
||||
if(response.data.installed === 1) {
|
||||
|
||||
|
||||
if (response.data.modsecurity === 1) {
|
||||
$('#modsecurity_status').bootstrapToggle('on');
|
||||
}
|
||||
else{
|
||||
$scope.errorMessage = response.data.error_message;
|
||||
$scope.couldNotSave = true;
|
||||
$scope.detailsSaved = true;
|
||||
$scope.couldNotConnect = true;
|
||||
$scope.secureSSHLoading = true;
|
||||
if (response.data.SecAuditEngine === 1) {
|
||||
$('#SecAuditEngine').bootstrapToggle('on');
|
||||
}
|
||||
if (response.data.SecRuleEngine === 1) {
|
||||
$('#SecRuleEngine').bootstrapToggle('on');
|
||||
}
|
||||
|
||||
$scope.SecDebugLogLevel = response.data.SecDebugLogLevel;
|
||||
$scope.SecAuditLogParts = response.data.SecAuditLogParts;
|
||||
$scope.SecAuditLogRelevantStatus = response.data.SecAuditLogRelevantStatus;
|
||||
$scope.SecAuditLogType = response.data.SecAuditLogType;
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
function cantLoadInitialDatas(response) {
|
||||
$scope.couldNotConnect = false;
|
||||
|
||||
}
|
||||
|
||||
};
|
||||
|
||||
$scope.saveChanges = function () {
|
||||
|
||||
$scope.couldNotSave = true;
|
||||
$scope.detailsSaved = true;
|
||||
$scope.couldNotConnect = true;
|
||||
$scope.secureSSHLoading = false;
|
||||
|
||||
url = "/firewall/saveSSHConfigs";
|
||||
|
||||
var data = {
|
||||
type:"1",
|
||||
sshPort:$scope.sshPort,
|
||||
rootLogin:rootLogin,
|
||||
};
|
||||
|
||||
var config = {
|
||||
headers : {
|
||||
'X-CSRFToken': getCookie('csrftoken')
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
|
||||
$http.post(url, data,config).then(ListInitialDatas, cantLoadInitialDatas);
|
||||
|
||||
|
||||
function ListInitialDatas(response) {
|
||||
|
||||
if(response.data.saveStatus == 1){
|
||||
$scope.couldNotSave = true;
|
||||
$scope.detailsSaved = false;
|
||||
$scope.couldNotConnect = true;
|
||||
$scope.secureSSHLoading = true;
|
||||
}
|
||||
else{
|
||||
|
||||
$scope.couldNotSave = false;
|
||||
$scope.detailsSaved = true;
|
||||
$scope.couldNotConnect = true;
|
||||
$scope.secureSSHLoading = true;
|
||||
|
||||
$scope.errorMessage = response.data.error_message;
|
||||
$scope.modsecLoading = true;
|
||||
}
|
||||
|
||||
}
|
||||
function cantLoadInitialDatas(response) {
|
||||
$scope.couldNotSave = true;
|
||||
$scope.detailsSaved = true;
|
||||
$scope.couldNotConnect = false;
|
||||
$scope.secureSSHLoading = true;
|
||||
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
function populateCurrentKeys(){
|
||||
/////
|
||||
|
||||
url = "/firewall/getSSHConfigs";
|
||||
/// Save ModSec Changes
|
||||
|
||||
var data = {
|
||||
type:"2",
|
||||
};
|
||||
|
||||
var config = {
|
||||
headers : {
|
||||
'X-CSRFToken': getCookie('csrftoken')
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
|
||||
$http.post(url, data,config).then(ListInitialDatas, cantLoadInitialDatas);
|
||||
|
||||
|
||||
function ListInitialDatas(response) {
|
||||
|
||||
if(response.data.status == 1){
|
||||
$scope.records = JSON.parse(response.data.data);
|
||||
}
|
||||
|
||||
}
|
||||
function cantLoadInitialDatas(response) {
|
||||
$scope.couldNotConnect = false;
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
$scope.deleteKey = function(key){
|
||||
|
||||
$scope.secureSSHLoading = false;
|
||||
|
||||
url = "/firewall/deleteSSHKey";
|
||||
|
||||
var data = {
|
||||
key:key,
|
||||
};
|
||||
|
||||
var config = {
|
||||
headers : {
|
||||
'X-CSRFToken': getCookie('csrftoken')
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
|
||||
$http.post(url, data,config).then(ListInitialDatas, cantLoadInitialDatas);
|
||||
|
||||
|
||||
function ListInitialDatas(response) {
|
||||
|
||||
if(response.data.delete_status == 1){
|
||||
$scope.secureSSHLoading = true;
|
||||
$scope.keyDeleted = false;
|
||||
populateCurrentKeys();
|
||||
}
|
||||
else{
|
||||
$scope.couldNotConnect = false;
|
||||
$scope.secureSSHLoading = true;
|
||||
}
|
||||
|
||||
}
|
||||
function cantLoadInitialDatas(response) {
|
||||
$scope.couldNotConnect = false;
|
||||
$scope.secureSSHLoading = true;
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
$scope.saveKey = function(key){
|
||||
|
||||
$scope.secureSSHLoading = false;
|
||||
|
||||
url = "/firewall/addSSHKey";
|
||||
|
||||
var data = {
|
||||
key:$scope.keyData,
|
||||
};
|
||||
|
||||
var config = {
|
||||
headers : {
|
||||
'X-CSRFToken': getCookie('csrftoken')
|
||||
}
|
||||
};
|
||||
|
||||
|
||||
|
||||
$http.post(url, data,config).then(ListInitialDatas, cantLoadInitialDatas);
|
||||
|
||||
|
||||
function ListInitialDatas(response) {
|
||||
|
||||
if(response.data.add_status == 1){
|
||||
$scope.secureSSHLoading = true;
|
||||
$scope.saveKeyBtn = true;
|
||||
$scope.showKeyBox = false;
|
||||
$scope.keyBox = true;
|
||||
|
||||
|
||||
populateCurrentKeys();
|
||||
}
|
||||
else{
|
||||
$scope.secureSSHLoading = true;
|
||||
$scope.saveKeyBtn = false;
|
||||
$scope.showKeyBox = true;
|
||||
$scope.keyBox = true;
|
||||
$scope.couldNotConnect = false;
|
||||
$scope.secureSSHLoading = true;
|
||||
}
|
||||
|
||||
}
|
||||
function cantLoadInitialDatas(response) {
|
||||
$scope.secureSSHLoading = true;
|
||||
$scope.saveKeyBtn = false;
|
||||
$scope.showKeyBox = true;
|
||||
$scope.keyBox = true;
|
||||
$scope.couldNotConnect = false;
|
||||
$scope.secureSSHLoading = true;
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
$scope.failedToSave = true;
|
||||
$scope.successfullySaved = true;
|
||||
|
||||
});
|
||||
|
||||
|
||||
@@ -59,13 +59,12 @@ app.controller('installExtensions', function($scope,$http,$timeout) {
|
||||
function ListInitialDatas(response) {
|
||||
|
||||
|
||||
if(response.data.extensionRequestStatus == 1){
|
||||
if(response.data.extensionRequestStatus === 1){
|
||||
|
||||
getRequestStatus();
|
||||
$scope.canNotPerform = true;
|
||||
|
||||
|
||||
|
||||
}
|
||||
else{
|
||||
$scope.canNotPerform = false;
|
||||
@@ -170,7 +169,7 @@ app.controller('installExtensions', function($scope,$http,$timeout) {
|
||||
function ListInitialDatas(response) {
|
||||
|
||||
|
||||
if(response.data.fetchStatus == 1){
|
||||
if(response.data.fetchStatus === 1){
|
||||
|
||||
$scope.records = JSON.parse(response.data.data);
|
||||
|
||||
@@ -225,9 +224,9 @@ app.controller('installExtensions', function($scope,$http,$timeout) {
|
||||
function ListInitialDatas(response) {
|
||||
|
||||
|
||||
if(response.data.extensionRequestStatus == 1){
|
||||
if(response.data.extensionRequestStatus === 1){
|
||||
|
||||
if(response.data.finished==1){
|
||||
if(response.data.finished === 1){
|
||||
|
||||
$scope.loadingExtensions = true;
|
||||
$scope.phpSelectionDisabled = false;
|
||||
@@ -288,20 +287,20 @@ app.controller('editPHPConfig', function($scope,$http,$timeout) {
|
||||
|
||||
$('#allow_url_fopen').change(function() {
|
||||
allow_url_fopen = $(this).prop('checked');
|
||||
})
|
||||
});
|
||||
|
||||
$('#display_errors').change(function() {
|
||||
display_errors = $(this).prop('checked');
|
||||
})
|
||||
});
|
||||
|
||||
|
||||
$('#file_uploads').change(function() {
|
||||
file_uploads = $(this).prop('checked');
|
||||
})
|
||||
});
|
||||
|
||||
$('#allow_url_include').change(function() {
|
||||
allow_url_include = $(this).prop('checked');
|
||||
})
|
||||
});
|
||||
|
||||
|
||||
|
||||
|
||||
@@ -123,8 +123,6 @@
|
||||
|
||||
</form>
|
||||
|
||||
|
||||
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
Reference in New Issue
Block a user