mirror of
https://github.com/usmannasir/cyberpanel.git
synced 2025-11-08 06:16:08 +01:00
added support for LiteSpeed Ent for OWASP and updated the rules, ref https://github.com/usmannasir/cyberpanel/issues/653?fbclid=IwAR12yOLL24w98NjLnkoi44hcJtLGzwpz-P6nW9qx-6irTOXpz18xqE5gnMM
This commit is contained in:
Usman Nasir
@@ -1048,6 +1048,14 @@ class FirewallManager:
|
||||
except subprocess.CalledProcessError:
|
||||
pass
|
||||
|
||||
try:
|
||||
command = 'cat /usr/local/lsws/conf/modsec.conf'
|
||||
output = ProcessUtilities.outputExecutioner(command)
|
||||
if output.find('modsec/owasp') > -1:
|
||||
owaspInstalled = 1
|
||||
except:
|
||||
pass
|
||||
|
||||
final_dic = {
|
||||
'modSecInstalled': 1,
|
||||
'owaspInstalled': owaspInstalled,
|
||||
@@ -1089,9 +1097,9 @@ class FirewallManager:
|
||||
json_data = json.dumps(data_ret)
|
||||
return HttpResponse(json_data)
|
||||
else:
|
||||
if packName == 'disableOWASP' or packName == 'installOWASP':
|
||||
final_json = json.dumps({'installStatus': 0, 'error_message': "OWASP will be available later.", })
|
||||
return HttpResponse(final_json)
|
||||
# if packName == 'disableOWASP' or packName == 'installOWASP':
|
||||
# final_json = json.dumps({'installStatus': 0, 'error_message': "OWASP will be available later.", })
|
||||
# return HttpResponse(final_json)
|
||||
|
||||
execPath = "/usr/local/CyberCP/bin/python " + virtualHostUtilities.cyberPanel + "/plogical/modSec.py"
|
||||
execPath = execPath + " " + packName
|
||||
@@ -1122,70 +1130,26 @@ class FirewallManager:
|
||||
|
||||
packName = data['packName']
|
||||
|
||||
if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
|
||||
confPath = os.path.join('/usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf')
|
||||
confPath = os.path.join('/usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf')
|
||||
|
||||
command = "sudo cat " + confPath
|
||||
httpdConfig = ProcessUtilities.outputExecutioner(command).splitlines()
|
||||
command = "sudo cat " + confPath
|
||||
httpdConfig = ProcessUtilities.outputExecutioner(command).splitlines()
|
||||
|
||||
json_data = "["
|
||||
checker = 0
|
||||
counter = 0
|
||||
json_data = "["
|
||||
checker = 0
|
||||
counter = 0
|
||||
|
||||
for items in httpdConfig:
|
||||
for items in httpdConfig:
|
||||
|
||||
if items.find('modsec/' + packName) > -1:
|
||||
counter = counter + 1
|
||||
if items[0] == '#':
|
||||
status = False
|
||||
else:
|
||||
status = True
|
||||
|
||||
fileName = items.lstrip('#')
|
||||
fileName = fileName.split('/')[-1]
|
||||
|
||||
dic = {
|
||||
'id': counter,
|
||||
'fileName': fileName,
|
||||
'packName': packName,
|
||||
'status': status,
|
||||
|
||||
}
|
||||
|
||||
if checker == 0:
|
||||
json_data = json_data + json.dumps(dic)
|
||||
checker = 1
|
||||
else:
|
||||
json_data = json_data + ',' + json.dumps(dic)
|
||||
|
||||
json_data = json_data + ']'
|
||||
final_json = json.dumps({'fetchStatus': 1, 'error_message': "None", "data": json_data})
|
||||
return HttpResponse(final_json)
|
||||
else:
|
||||
if packName == 'owasp':
|
||||
final_json = json.dumps({'fetchStatus': 0, 'error_message': "OWASP will be available later.", })
|
||||
return HttpResponse(final_json)
|
||||
|
||||
comodoPath = '/usr/local/lsws/conf/comodo_litespeed'
|
||||
command = 'sudo chown -R cyberpanel:cyberpanel /usr/local/lsws/conf'
|
||||
ProcessUtilities.executioner(command)
|
||||
|
||||
json_data = "["
|
||||
|
||||
counter = 0
|
||||
checker = 0
|
||||
for fileName in os.listdir(comodoPath):
|
||||
|
||||
if fileName == 'categories.conf':
|
||||
continue
|
||||
|
||||
if fileName.endswith('bak'):
|
||||
status = 0
|
||||
fileName = fileName.rstrip('.bak')
|
||||
elif fileName.endswith('conf'):
|
||||
status = 1
|
||||
if items.find('modsec/' + packName) > -1:
|
||||
counter = counter + 1
|
||||
if items[0] == '#':
|
||||
status = False
|
||||
else:
|
||||
continue
|
||||
status = True
|
||||
|
||||
fileName = items.lstrip('#')
|
||||
fileName = fileName.split('/')[-1]
|
||||
|
||||
dic = {
|
||||
'id': counter,
|
||||
@@ -1195,20 +1159,96 @@ class FirewallManager:
|
||||
|
||||
}
|
||||
|
||||
counter = counter + 1
|
||||
|
||||
if checker == 0:
|
||||
json_data = json_data + json.dumps(dic)
|
||||
checker = 1
|
||||
else:
|
||||
json_data = json_data + ',' + json.dumps(dic)
|
||||
|
||||
command = 'sudo chown -R lsadm:lsadm /usr/local/lsws/conf'
|
||||
ProcessUtilities.executioner(command)
|
||||
json_data = json_data + ']'
|
||||
final_json = json.dumps({'fetchStatus': 1, 'error_message': "None", "data": json_data})
|
||||
return HttpResponse(final_json)
|
||||
|
||||
json_data = json_data + ']'
|
||||
final_json = json.dumps({'fetchStatus': 1, 'error_message': "None", "data": json_data})
|
||||
return HttpResponse(final_json)
|
||||
# if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
|
||||
# confPath = os.path.join('/usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf')
|
||||
#
|
||||
# command = "sudo cat " + confPath
|
||||
# httpdConfig = ProcessUtilities.outputExecutioner(command).splitlines()
|
||||
#
|
||||
# json_data = "["
|
||||
# checker = 0
|
||||
# counter = 0
|
||||
#
|
||||
# for items in httpdConfig:
|
||||
#
|
||||
# if items.find('modsec/' + packName) > -1:
|
||||
# counter = counter + 1
|
||||
# if items[0] == '#':
|
||||
# status = False
|
||||
# else:
|
||||
# status = True
|
||||
#
|
||||
# fileName = items.lstrip('#')
|
||||
# fileName = fileName.split('/')[-1]
|
||||
#
|
||||
# dic = {
|
||||
# 'id': counter,
|
||||
# 'fileName': fileName,
|
||||
# 'packName': packName,
|
||||
# 'status': status,
|
||||
#
|
||||
# }
|
||||
#
|
||||
# if checker == 0:
|
||||
# json_data = json_data + json.dumps(dic)
|
||||
# checker = 1
|
||||
# else:
|
||||
# json_data = json_data + ',' + json.dumps(dic)
|
||||
#
|
||||
# json_data = json_data + ']'
|
||||
# final_json = json.dumps({'fetchStatus': 1, 'error_message': "None", "data": json_data})
|
||||
# return HttpResponse(final_json)
|
||||
# else:
|
||||
#
|
||||
# command = 'cat /usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf'
|
||||
# files = ProcessUtilities.outputExecutioner(command).splitlines()
|
||||
#
|
||||
# json_data = "["
|
||||
#
|
||||
# counter = 0
|
||||
# checker = 0
|
||||
# for fileName in files:
|
||||
#
|
||||
# if fileName == 'categories.conf':
|
||||
# continue
|
||||
#
|
||||
# if fileName.endswith('bak'):
|
||||
# status = 0
|
||||
# fileName = fileName.rstrip('.bak')
|
||||
# elif fileName.endswith('conf'):
|
||||
# status = 1
|
||||
# else:
|
||||
# continue
|
||||
#
|
||||
# dic = {
|
||||
# 'id': counter,
|
||||
# 'fileName': fileName,
|
||||
# 'packName': packName,
|
||||
# 'status': status,
|
||||
#
|
||||
# }
|
||||
#
|
||||
# counter = counter + 1
|
||||
#
|
||||
# if checker == 0:
|
||||
# json_data = json_data + json.dumps(dic)
|
||||
# checker = 1
|
||||
# else:
|
||||
# json_data = json_data + ',' + json.dumps(dic)
|
||||
#
|
||||
# json_data = json_data + ']'
|
||||
# final_json = json.dumps({'fetchStatus': 1, 'error_message': "None", "data": json_data})
|
||||
# return HttpResponse(final_json)
|
||||
|
||||
except BaseException as msg:
|
||||
final_dic = {'fetchStatus': 0, 'error_message': str(msg)}
|
||||
@@ -1235,7 +1275,7 @@ class FirewallManager:
|
||||
|
||||
execPath = "/usr/local/CyberCP/bin/python " + virtualHostUtilities.cyberPanel + "/plogical/modSec.py"
|
||||
|
||||
execPath = execPath + " " + functionName + ' --packName ' + packName + ' --fileName ' + fileName
|
||||
execPath = execPath + " " + functionName + ' --packName ' + packName + ' --fileName "%s"' % (fileName)
|
||||
|
||||
output = ProcessUtilities.outputExecutioner(execPath)
|
||||
|
||||
|
||||
@@ -493,25 +493,42 @@ include {pathToOWASFolderNew}/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf
|
||||
print('0, Unable to download OWASP Rules.')
|
||||
return
|
||||
|
||||
owaspRulesConf = """
|
||||
if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
|
||||
owaspRulesConf = """
|
||||
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf
|
||||
"""
|
||||
|
||||
confFile = os.path.join(virtualHostUtilities.Server_root, "conf/httpd_config.conf")
|
||||
confFile = os.path.join(virtualHostUtilities.Server_root, "conf/httpd_config.conf")
|
||||
|
||||
confData = open(confFile).readlines()
|
||||
confData = open(confFile).readlines()
|
||||
|
||||
conf = open(confFile, 'w')
|
||||
conf = open(confFile, 'w')
|
||||
|
||||
for items in confData:
|
||||
if items.find('/usr/local/lsws/conf/modsec/rules.conf') > -1:
|
||||
conf.writelines(items)
|
||||
conf.write(owaspRulesConf)
|
||||
continue
|
||||
else:
|
||||
conf.writelines(items)
|
||||
for items in confData:
|
||||
if items.find('/usr/local/lsws/conf/modsec/rules.conf') > -1:
|
||||
conf.writelines(items)
|
||||
conf.write(owaspRulesConf)
|
||||
continue
|
||||
else:
|
||||
conf.writelines(items)
|
||||
|
||||
conf.close()
|
||||
else:
|
||||
confFile = os.path.join('/usr/local/lsws/conf/modsec.conf')
|
||||
confData = open(confFile).readlines()
|
||||
|
||||
conf = open(confFile, 'w')
|
||||
|
||||
for items in confData:
|
||||
if items.find('/conf/comodo_litespeed/') > -1:
|
||||
conf.writelines(items)
|
||||
conf.write('Include /usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/*.conf\n')
|
||||
continue
|
||||
else:
|
||||
conf.writelines(items)
|
||||
|
||||
conf.close()
|
||||
|
||||
conf.close()
|
||||
installUtilities.reStartLiteSpeed()
|
||||
|
||||
print("1,None")
|
||||
@@ -549,26 +566,17 @@ modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-mas
|
||||
def disableRuleFile(fileName, packName):
|
||||
try:
|
||||
|
||||
if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
|
||||
confFile = os.path.join('/usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf')
|
||||
confData = open(confFile).readlines()
|
||||
conf = open(confFile, 'w')
|
||||
confFile = os.path.join('/usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf')
|
||||
confData = open(confFile).readlines()
|
||||
conf = open(confFile, 'w')
|
||||
|
||||
for items in confData:
|
||||
if items.find('modsec/'+packName) > -1 and items.find(fileName) > -1:
|
||||
conf.write("#" + items)
|
||||
else:
|
||||
conf.writelines(items)
|
||||
for items in confData:
|
||||
if items.find('modsec/' + packName) > -1 and items.find(fileName) > -1:
|
||||
conf.write("#" + items)
|
||||
else:
|
||||
conf.writelines(items)
|
||||
|
||||
conf.close()
|
||||
|
||||
else:
|
||||
path = '/usr/local/lsws/conf/comodo_litespeed/'
|
||||
completePath = path + fileName
|
||||
completePathBak = path + fileName + '.bak'
|
||||
|
||||
command = 'mv ' + completePath + ' ' + completePathBak
|
||||
ProcessUtilities.executioner(command)
|
||||
conf.close()
|
||||
|
||||
installUtilities.reStartLiteSpeed()
|
||||
|
||||
@@ -583,25 +591,37 @@ modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-mas
|
||||
def enableRuleFile(fileName, packName):
|
||||
try:
|
||||
|
||||
if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
|
||||
confFile = os.path.join('/usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf')
|
||||
confData = open(confFile).readlines()
|
||||
conf = open(confFile, 'w')
|
||||
confFile = os.path.join('/usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf')
|
||||
confData = open(confFile).readlines()
|
||||
conf = open(confFile, 'w')
|
||||
|
||||
for items in confData:
|
||||
if items.find('modsec/' + packName) > -1 and items.find(fileName) > -1:
|
||||
conf.write(items.lstrip('#'))
|
||||
else:
|
||||
conf.writelines(items)
|
||||
for items in confData:
|
||||
if items.find('modsec/' + packName) > -1 and items.find(fileName) > -1:
|
||||
conf.write(items.lstrip('#'))
|
||||
else:
|
||||
conf.writelines(items)
|
||||
|
||||
conf.close()
|
||||
else:
|
||||
path = '/usr/local/lsws/conf/comodo_litespeed/'
|
||||
completePath = path + fileName
|
||||
completePathBak = path + fileName + '.bak'
|
||||
conf.close()
|
||||
|
||||
command = 'mv ' + completePathBak + ' ' + completePath
|
||||
ProcessUtilities.executioner(command)
|
||||
# if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
|
||||
# confFile = os.path.join('/usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf')
|
||||
# confData = open(confFile).readlines()
|
||||
# conf = open(confFile, 'w')
|
||||
#
|
||||
# for items in confData:
|
||||
# if items.find('modsec/' + packName) > -1 and items.find(fileName) > -1:
|
||||
# conf.write(items.lstrip('#'))
|
||||
# else:
|
||||
# conf.writelines(items)
|
||||
#
|
||||
# conf.close()
|
||||
# else:
|
||||
# path = '/usr/local/lsws/conf/comodo_litespeed/'
|
||||
# completePath = path + fileName
|
||||
# completePathBak = path + fileName + '.bak'
|
||||
#
|
||||
# command = 'mv ' + completePathBak + ' ' + completePath
|
||||
# ProcessUtilities.executioner(command)
|
||||
|
||||
installUtilities.reStartLiteSpeed()
|
||||
|
||||
|
||||
Reference in New Issue
Block a user