Fix OWASP CRS UI toggle state issues and improve installation reliability

This commit resolves issues where the OWASP CRS toggle in ModSecurity settings would appear to flip back to OFF even when installation succeeded, and improves detection of manually installed OWASP CRS rules. Issues Fixed: 1. Toggle not updating immediately after installation/uninstallation 2. Manual OWASP installations to rules.conf not detected by toggle 3. Silent installation failures without detailed error logging Changes: firewall/static/firewall/firewall.js: - Update toggle state immediately after successful installation (getOWASPAndComodoStatus(true)) - Update toggle state after failed installation to show correct OFF state - Provides instant visual feedback instead of requiring page refresh firewall/firewallManager.py (getOWASPAndComodoStatus): - Expand detection logic to check both httpd_config.conf AND rules.conf - Detect manual OWASP installations (Include/modsecurity_rules_file with owasp/crs-setup) - Case-insensitive pattern matching for better compatibility plogical/modSec.py (setupOWASPRules): - Add specific error logging for each installation step failure - Log detailed messages: directory creation, download, extraction, configuration - Helps diagnose: network issues, missing tools (wget/unzip), permission problems Impact: - Toggle correctly reflects OWASP CRS state after enable/disable operations - Manual installations following external tutorials now detected correctly - Installation failures are logged with specific error messages for debugging - Improves UX by eliminating perception that "toggle keeps flipping back" Fixes: OWASP CRS toggle UI bug Related: Community thread https://community.cyberpanel.net/t/4-mod-security-rules-packages/133/8 Related: Ticket #GTPDPO7EV
2025-12-16 21:39:42 +01:00 · 2025-11-24 01:53:36 +05:00
parent 836a6e26a7
commit ae020ece7b
3 changed files with 28 additions and 1 deletions
--- a/firewall/firewallManager.py
+++ b/firewall/firewallManager.py
@@ -1020,6 +1020,22 @@ class FirewallManager:
                        if owaspInstalled == 1 and comodoInstalled == 1:
                            break

+                    # Also check rules.conf for manual OWASP installations
+                    if owaspInstalled == 0:
+                        rulesConfPath = os.path.join(virtualHostUtilities.Server_root, "conf/modsec/rules.conf")
+                        if os.path.exists(rulesConfPath):
+                            try:
+                                command = "sudo cat " + rulesConfPath
+                                rulesConfig = ProcessUtilities.outputExecutioner(command).splitlines()
+                                for items in rulesConfig:
+                                    # Check for OWASP includes in rules.conf (case-insensitive)
+                                    if ('owasp' in items.lower() or 'crs-setup' in items.lower()) and \
+                                       ('include' in items.lower() or 'modsecurity_rules_file' in items.lower()):
+                                        owaspInstalled = 1
+                                        break
+                            except:
+                                pass
+
                    final_dic = {
                        'modSecInstalled': 1,
                        'owaspInstalled': owaspInstalled,