From ea0185db2cb88946d8c7896e3651ed6b5a35d9f0 Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Tue, 29 Jun 2021 22:06:58 +0500 Subject: [PATCH] in an effort to resolve https://github.com/usmannasir/cyberpanel/issues/653 --- plogical/modSec.py | 26 +++++++++++++++++--------- 1 file changed, 17 insertions(+), 9 deletions(-) diff --git a/plogical/modSec.py b/plogical/modSec.py index 5fc7ca1d3..bf141aef0 100755 --- a/plogical/modSec.py +++ b/plogical/modSec.py @@ -402,7 +402,12 @@ modsecurity_rules_file /usr/local/lsws/conf/modsec/rules.conf pathTOOWASPFolder = os.path.join(virtualHostUtilities.Server_root, "conf/modsec/owasp") pathToOWASFolderNew = '%s/modsec/owasp-modsecurity-crs-3.0-master' % (virtualHostUtilities.vhostConfPath) - if os.path.join(pathToOWASFolderNew): + command = 'mkdir -p /usr/local/lsws/conf/modsec' + result = subprocess.call(shlex.split(command)) + if result != 0: + return 0 + + if os.path.exists(pathToOWASFolderNew): shutil.rmtree(pathToOWASFolderNew) if os.path.exists(pathTOOWASPFolder): @@ -414,32 +419,32 @@ modsecurity_rules_file /usr/local/lsws/conf/modsec/rules.conf command = "wget https://github.com/SpiderLabs/owasp-modsecurity-crs/archive/v3.0/master.zip -O /usr/local/lsws/conf/modsec/owasp.zip" result = subprocess.call(shlex.split(command)) - if result == 1: + if result != 0: return 0 - command = "unzip /usr/local/lsws/conf/modsec/owasp.zip /usr/local/lsws/conf/modsec/" + command = "unzip /usr/local/lsws/conf/modsec/owasp.zip -d /usr/local/lsws/conf/modsec/" result = subprocess.call(shlex.split(command)) - if result == 1: + if result != 0: return 0 command = 'mv %s/crs-setup.conf.example %s/crs-setup.conf' % (pathToOWASFolderNew, pathToOWASFolderNew) result = subprocess.call(shlex.split(command)) - if result == 1: + if result != 0: return 0 command = 'mv %s/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.example %s/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf' % (pathToOWASFolderNew, pathToOWASFolderNew) result = subprocess.call(shlex.split(command)) - if result == 1: + if result != 0: return 0 command = 'mv %s/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf.example %s/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf' % ( pathToOWASFolderNew, pathToOWASFolderNew) result = subprocess.call(shlex.split(command)) - if result == 1: + if result != 0: return 0 content = """include {pathToOWASFolderNew}/crs-setup.conf @@ -469,13 +474,14 @@ include {pathToOWASFolderNew}/rules/RESPONSE-959-BLOCKING-EVALUATION.conf include {pathToOWASFolderNew}/rules/RESPONSE-980-CORRELATION.conf include {pathToOWASFolderNew}/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf """ - writeToFile = open('%s/owasp-master.conf', 'w') + writeToFile = open('%s/owasp-master.conf' % (pathToOWASFolderNew), 'w') writeToFile.write(content.replace('{pathToOWASFolderNew}', pathToOWASFolderNew)) writeToFile.close() return 1 except BaseException as msg: + print(str(msg)) logging.CyberCPLogFileWriter.writeToFile( str(msg) + " [setupOWASPRules]") return 0 @@ -487,7 +493,9 @@ include {pathToOWASFolderNew}/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf print('0, Unable to download OWASP Rules.') return - owaspRulesConf = """modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf""" + owaspRulesConf = """ +modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf +""" confFile = os.path.join(virtualHostUtilities.Server_root, "conf/httpd_config.conf")