def disableComodo(): try: if ProcessUtilities.decideServer() == ProcessUtilities.OLS: confFile = os.path.join(virtualHostUtilities.Server_root, "conf/httpd_config.conf") confData = open(confFile).readlines() conf = open(confFile, 'w') for items in confData: if items.find('modsec/comodo') > -1: continue else: conf.writelines(items) conf.close() installUtilities.reStartLiteSpeed() print "1,None" else: try: shutil.rmtree('/usr/local/lsws/conf/comodo_litespeed') except BaseException, msg: logging.CyberCPLogFileWriter.writeToFile( str(msg) + ' [disableComodo]') installUtilities.reStartLiteSpeed() print "1,None" except BaseException, msg: logging.CyberCPLogFileWriter.writeToFile( str(msg) + " [disableComodo]") print "0," + str(msg)
def saveModSecRules(): try: rulesFile = open(modSec.tempRulesFile, 'r') data = rulesFile.read() rulesFile.close() if ProcessUtilities.decideServer() == ProcessUtilities.OLS: rulesFilePath = os.path.join(virtualHostUtilities.Server_root, "conf/modsec/rules.conf") else: rulesFilePath = os.path.join(virtualHostUtilities.Server_root, "conf/rules.conf") rulesFile = open(rulesFilePath, 'w') rulesFile.write(data) rulesFile.close() installUtilities.reStartLiteSpeed() print "1,None" return except BaseException, msg: logging.CyberCPLogFileWriter.writeToFile( str(msg) + " [saveModSecRules]") print "0," + str(msg)
def enableRuleFile(fileName, packName): try: if ProcessUtilities.decideServer() == ProcessUtilities.OLS: confFile = os.path.join(virtualHostUtilities.Server_root, "conf/httpd_config.conf") confData = open(confFile).readlines() conf = open(confFile, 'w') for items in confData: if items.find('modsec/' + packName) > -1 and items.find(fileName) > -1: conf.write(items.lstrip('#')) else: conf.writelines(items) conf.close() else: path = '/usr/local/lsws/conf/comodo_litespeed/' completePath = path + fileName completePathBak = path + fileName + '.bak' command = 'mv ' + completePathBak + ' ' + completePath ProcessUtilities.executioner(command) installUtilities.reStartLiteSpeed() print "1,None" except BaseException, msg: logging.CyberCPLogFileWriter.writeToFile( str(msg) + " [enableRuleFile]") print "0," + str(msg)
def installOWASP(): try: if modSec.setupOWASPRules() == 0: print '0, Unable to download OWASP Rules.' return owaspRulesConf = """modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/modsecurity.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/crs-setup.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-901-INITIALIZATION.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-905-COMMON-EXCEPTIONS.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-910-IP-REPUTATION.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-911-METHOD-ENFORCEMENT.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-912-DOS-PROTECTION.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-913-SCANNER-DETECTION.conf #modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-921-PROTOCOL-ATTACK.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-931-APPLICATION-ATTACK-RFI.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-933-APPLICATION-ATTACK-PHP.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-941-APPLICATION-ATTACK-XSS.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-943-APPLICATION-ATTACK-SESSION-FIXATION.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/REQUEST-949-BLOCKING-EVALUATION.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/RESPONSE-950-DATA-LEAKAGES.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/RESPONSE-951-DATA-LEAKAGES-SQL.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/RESPONSE-952-DATA-LEAKAGES-JAVA.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/RESPONSE-953-DATA-LEAKAGES-PHP.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/RESPONSE-954-DATA-LEAKAGES-IIS.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/RESPONSE-959-BLOCKING-EVALUATION.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/RESPONSE-980-CORRELATION.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/RESPONSE-999-EXCLUSION-RULES-AFTER-CRS.conf """ confFile = os.path.join(virtualHostUtilities.Server_root, "conf/httpd_config.conf") confData = open(confFile).readlines() conf = open(confFile, 'w') for items in confData: if items.find('/usr/local/lsws/conf/modsec/rules.conf') > -1: conf.writelines(items) conf.write(owaspRulesConf) continue else: conf.writelines(items) conf.close() installUtilities.reStartLiteSpeed() print "1,None" except BaseException, msg: logging.CyberCPLogFileWriter.writeToFile( str(msg) + " [installOWASP]") print "0," + str(msg)
def saveModSecRules(request): try: val = request.session['userID'] admin = Administrator.objects.get(pk=val) try: if request.method == 'POST': if admin.type != 1: final_dic = {'saveStatus': 0, 'error_message': 'Not enough privileges.'} final_json = json.dumps(final_dic) return HttpResponse(final_json) data = json.loads(request.body) newModSecRules = data['modSecRules'] ## writing data temporary to file rulesPath = open(modSec.tempRulesFile, "w") rulesPath.write(newModSecRules) rulesPath.close() ## save configuration data execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/modSec.py" execPath = execPath + " saveModSecRules" output = subprocess.check_output(shlex.split(execPath)) if output.find("1,None") > -1: installUtilities.reStartLiteSpeed() data_ret = {'saveStatus': 1, 'error_message': "None"} json_data = json.dumps(data_ret) return HttpResponse(json_data) else: data_ret = {'saveStatus': 0, 'error_message': output} json_data = json.dumps(data_ret) return HttpResponse(json_data) except BaseException,msg: data_ret = {'saveStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data) except KeyError,msg: logging.CyberCPLogFileWriter.writeToFile(str(msg)) data_ret = {'saveStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data)
def enableDisableRuleFile(request): try: val = request.session['userID'] admin = Administrator.objects.get(pk = val) try: if request.method == 'POST': if admin.type != 1: final_dic = {'saveStatus': 0, 'error_message': 'Not enough privileges.'} final_json = json.dumps(final_dic) return HttpResponse(final_json) data = json.loads(request.body) packName = data['packName'] fileName = data['fileName'] currentStatus = data['status'] if currentStatus == True: functionName = 'disableRuleFile' else: functionName = 'enableRuleFile' execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/modSec.py" execPath = execPath + " " + functionName + ' --packName ' + packName + ' --fileName ' + fileName output = subprocess.check_output(shlex.split(execPath)) if output.find("1,None") > -1: installUtilities.reStartLiteSpeed() data_ret = {'saveStatus': 1, 'error_message': "None"} json_data = json.dumps(data_ret) return HttpResponse(json_data) else: data_ret = {'saveStatus': 0, 'error_message': output} json_data = json.dumps(data_ret) return HttpResponse(json_data) except BaseException,msg: data_ret = {'saveStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data) except BaseException, msg: data_ret = {'saveStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data)
def deleteWebsite(request): try: if request.method == 'POST': data = json.loads(request.body) websiteName = data['domainName'] adminUser = data['adminUser'] adminPass = data['adminPass'] admin = Administrator.objects.get(userName=adminUser) if hashPassword.check_password(admin.password, adminPass): pass else: data_ret = { "websiteDeleteStatus": 0, 'error_message': "Could not authorize access to API" } json_data = json.dumps(data_ret) return HttpResponse(json_data) numberOfWebsites = Websites.objects.count() virtualHostUtilities.deleteVirtualHostConfigurations( websiteName, numberOfWebsites) delWebsite = Websites.objects.get(domain=websiteName) databases = Databases.objects.filter(website=delWebsite) for items in databases: mysqlUtilities.deleteDatabase(items.dbName, items.dbUser) delWebsite.delete() installUtilities.reStartLiteSpeed() data_ret = {'websiteDeleteStatus': 1, 'error_message': "None"} json_data = json.dumps(data_ret) return HttpResponse(json_data) except BaseException, msg: data_ret = {'websiteDeleteStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data)
def installModSecRulesPack(request): try: val = request.session['userID'] admin = Administrator.objects.get(pk=val) try: if request.method == 'POST': if admin.type != 1: final_dic = {'installStatus': 0, 'error_message': 'Not enough privileges.'} final_json = json.dumps(final_dic) return HttpResponse(final_json) data = json.loads(request.body) packName = data['packName'] execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/modSec.py" execPath = execPath + " " + packName output = subprocess.check_output(shlex.split(execPath)) if output.find("1,None") > -1: installUtilities.reStartLiteSpeed() data_ret = {'installStatus': 1, 'error_message': "None"} json_data = json.dumps(data_ret) return HttpResponse(json_data) else: data_ret = {'installStatus': 0, 'error_message': output} json_data = json.dumps(data_ret) return HttpResponse(json_data) except BaseException, msg: data_ret = {'installStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data) except KeyError, msg: logging.CyberCPLogFileWriter.writeToFile(str(msg)) data_ret = {'installStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data)
def submitWebsiteStatus(request): try: if request.method == 'POST': data = json.loads(request.body) websiteName = data['websiteName'] state = data['state'] adminUser = data['adminUser'] adminPass = data['adminPass'] admin = Administrator.objects.get(userName=adminUser) if hashPassword.check_password(admin.password, adminPass): pass else: data_ret = { "websiteStatus": 0, 'error_message': "Could not authorize access to API" } json_data = json.dumps(data_ret) return HttpResponse(json_data) website = Websites.objects.get(domain=websiteName) if state == "Suspend": virtualHostUtilities.suspendVirtualHost(websiteName) installUtilities.reStartLiteSpeed() website.state = 0 else: virtualHostUtilities.UnsuspendVirtualHost(websiteName) installUtilities.reStartLiteSpeed() website.state = 1 website.save() data_ret = {'websiteStatus': 1, 'error_message': "None"} json_data = json.dumps(data_ret) return HttpResponse(json_data) except BaseException, msg: data_ret = {'websiteStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data)
def deleteWebsite(request): try: if request.method == 'POST': data = json.loads(request.body) websiteName = data['domainName'] adminUser = data['adminUser'] adminPass = data['adminPass'] admin = Administrator.objects.get(userName=adminUser) if hashPassword.check_password(admin.password, adminPass): pass else: data_ret = {"websiteDeleteStatus": 0, 'error_message': "Could not authorize access to API"} json_data = json.dumps(data_ret) return HttpResponse(json_data) numberOfWebsites = Websites.objects.count() virtualHostUtilities.deleteVirtualHostConfigurations(websiteName, numberOfWebsites) delWebsite = Websites.objects.get(domain=websiteName) databases = Databases.objects.filter(website=delWebsite) for items in databases: mysqlUtilities.deleteDatabase(items.dbName, items.dbUser) delWebsite.delete() installUtilities.reStartLiteSpeed() data_ret = {'websiteDeleteStatus': 1, 'error_message': "None"} json_data = json.dumps(data_ret) return HttpResponse(json_data) except BaseException, msg: data_ret = {'websiteDeleteStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data)
def submitWebsiteStatus(request): try: if request.method == 'POST': data = json.loads(request.body) websiteName = data['websiteName'] state = data['state'] adminUser = data['adminUser'] adminPass = data['adminPass'] admin = Administrator.objects.get(userName=adminUser) if hashPassword.check_password(admin.password, adminPass): pass else: data_ret = {"websiteStatus": 0, 'error_message': "Could not authorize access to API"} json_data = json.dumps(data_ret) return HttpResponse(json_data) website = Websites.objects.get(domain=websiteName) if state == "Suspend": virtualHostUtilities.suspendVirtualHost(websiteName) installUtilities.reStartLiteSpeed() website.state = 0 else: virtualHostUtilities.UnsuspendVirtualHost(websiteName) installUtilities.reStartLiteSpeed() website.state = 1 website.save() data_ret = {'websiteStatus': 1, 'error_message': "None"} json_data = json.dumps(data_ret) return HttpResponse(json_data) except BaseException, msg: data_ret = {'websiteStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data)
def disableOWASP(): try: confFile = os.path.join(virtualHostUtilities.Server_root, "conf/httpd_config.conf") confData = open(confFile).readlines() conf = open(confFile, 'w') for items in confData: if items.find('modsec/owasp') > -1: continue else: conf.writelines(items) conf.close() installUtilities.reStartLiteSpeed() print "1,None" except BaseException, msg: logging.CyberCPLogFileWriter.writeToFile( str(msg) + " [disableOWASP]") print "0," + str(msg)
def deleteWebsite(request): try: if request.method == 'POST': data = json.loads(request.body) websiteName = data['domainName'] adminUser = data['adminUser'] adminPass = data['adminPass'] admin = Administrator.objects.get(userName=adminUser) if hashPassword.check_password(admin.password, adminPass): pass else: data_ret = { "websiteDeleteStatus": 0, 'error_message': "Could not authorize access to API" } json_data = json.dumps(data_ret) return HttpResponse(json_data) numberOfWebsites = str(Websites.objects.count() + ChildDomains.objects.count()) ## Deleting master domain execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/virtualHostUtilities.py" execPath = execPath + " deleteVirtualHostConfigurations --virtualHostName " + websiteName + " --numberOfSites " + numberOfWebsites subprocess.check_output(shlex.split(execPath)) delWebsite = Websites.objects.get(domain=websiteName) databases = Databases.objects.filter(website=delWebsite) childDomains = delWebsite.childdomains_set.all() ## Deleting child domains for items in childDomains: numberOfWebsites = str(Websites.objects.count() + ChildDomains.objects.count()) execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/virtualHostUtilities.py" execPath = execPath + " deleteVirtualHostConfigurations --virtualHostName " + items.domain + " --numberOfSites " + numberOfWebsites subprocess.check_output(shlex.split(execPath)) for items in databases: mysqlUtilities.deleteDatabase(items.dbName, items.dbUser) delWebsite.delete() try: delZone = Domains.objects.get(name=websiteName) delZone.delete() except: pass installUtilities.reStartLiteSpeed() data_ret = {'websiteDeleteStatus': 1, 'error_message': "None"} json_data = json.dumps(data_ret) return HttpResponse(json_data) except BaseException, msg: data_ret = {'websiteDeleteStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data)
def issueSSL(request): try: val = request.session['userID'] try: if request.method == 'POST': data = json.loads(request.body) virtualHost = data['virtualHost'] try: website = ChildDomains.objects.get(domain=virtualHost) except: website = Websites.objects.get(domain=virtualHost) srcPrivKey = "/etc/letsencrypt/live/" + virtualHost + "/privkey.pem" srcFullChain = "/etc/letsencrypt/live/" + virtualHost + "/fullchain.pem" pathToStoreSSL = virtualHostUtilities.Server_root + "/conf/vhosts/" + "SSL-" + virtualHost pathToStoreSSLPrivKey = pathToStoreSSL + "/privkey.pem" pathToStoreSSLFullChain = pathToStoreSSL + "/fullchain.pem" if os.path.exists(pathToStoreSSLPrivKey): os.remove(pathToStoreSSLPrivKey) if os.path.exists(pathToStoreSSLFullChain): os.remove(pathToStoreSSLFullChain) adminEmail = "email@" + virtualHost if not (os.path.exists(srcPrivKey) and os.path.exists(srcFullChain)): path = '' try: path = data['path'] except: path = "/home/" + virtualHost + "/public_html" ssl_responce = sslUtilities.obtainSSLForADomain( virtualHost, adminEmail, path) if ssl_responce == 1: sslUtilities.installSSLForDomain(virtualHost) installUtilities.reStartLiteSpeed() website.ssl = 1 website.save() data_ret = {"SSL": 1, 'error_message': "None"} json_data = json.dumps(data_ret) return HttpResponse(json_data) else: data_ret = { "SSL": 0, 'error_message': str(ssl_responce) + ", for more information see CyberCP main log file." } json_data = json.dumps(data_ret) return HttpResponse(json_data) else: ###### Copy SSL To config location ###### try: os.mkdir(pathToStoreSSL) except BaseException, msg: logging.writeToFile( str(msg) + " [Directory for SSL already exists.. Continuing [obtainSSLForADomain]]" ) srcPrivKey = "/etc/letsencrypt/live/" + virtualHost + "/privkey.pem" srcFullChain = "/etc/letsencrypt/live/" + virtualHost + "/fullchain.pem" shutil.copy(srcPrivKey, pathToStoreSSLPrivKey) shutil.copy(srcFullChain, pathToStoreSSLFullChain) website.ssl = 1 website.save() sslUtilities.installSSLForDomain(virtualHost) installUtilities.reStartLiteSpeed() data_ret = {"SSL": 1, 'error_message': "None"} json_data = json.dumps(data_ret) return HttpResponse(json_data) except BaseException, msg: data_ret = {"SSL": 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data) except KeyError: data_ret = {"SSL": 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data)
def obtainHostNameSSL(request): try: val = request.session['userID'] try: if request.method == 'POST': data = json.loads(request.body) virtualHost = data['virtualHost'] website = Websites.objects.get(domain=virtualHost) srcPrivKey = "/etc/letsencrypt/live/" + virtualHost + "/privkey.pem" srcFullChain = "/etc/letsencrypt/live/" + virtualHost + "/fullchain.pem" pathToStoreSSL = virtualHostUtilities.Server_root + "/conf/vhosts/" + "SSL-" + virtualHost pathToStoreSSLPrivKey = pathToStoreSSL + "/privkey.pem" pathToStoreSSLFullChain = pathToStoreSSL + "/fullchain.pem" destPrivKey = "/usr/local/lscp/key.pem" destCert = "/usr/local/lscp/cert.pem" ## removing old certs if os.path.exists(pathToStoreSSLPrivKey): os.remove(pathToStoreSSLPrivKey) if os.path.exists(pathToStoreSSLFullChain): os.remove(pathToStoreSSLFullChain) ## removing old certs for lscpd if os.path.exists(destPrivKey): os.remove(destPrivKey) if os.path.exists(destCert): os.remove(destCert) adminEmail = "email@" + virtualHost if not (os.path.exists(srcPrivKey) and os.path.exists(srcFullChain)): path = "/home/" + virtualHost + "/public_html" ssl_responce = sslUtilities.obtainSSLForADomain( virtualHost, adminEmail, path) if ssl_responce == 1: sslUtilities.installSSLForDomain(virtualHost) installUtilities.reStartLiteSpeed() website.ssl = 1 website.save() ## lcpd specific functions shutil.copy(srcPrivKey, destPrivKey) shutil.copy(srcFullChain, destCert) command = 'sudo systemctl restart lscpd' cmd = shlex.split(command) res = subprocess.call(cmd) data_ret = {"SSL": 1, 'error_message': "None"} json_data = json.dumps(data_ret) return HttpResponse(json_data) else: data_ret = { "SSL": 0, 'error_message': str(ssl_responce) + ", for more information see CyberCP main log file." } json_data = json.dumps(data_ret) return HttpResponse(json_data) else: ###### Copy SSL To config location ###### try: os.mkdir(pathToStoreSSL) except BaseException, msg: logging.writeToFile( str(msg) + " [Directory for SSL already exists.. Continuing [obtainSSLForADomain]]" ) srcPrivKey = "/etc/letsencrypt/live/" + virtualHost + "/privkey.pem" srcFullChain = "/etc/letsencrypt/live/" + virtualHost + "/fullchain.pem" shutil.copy(srcPrivKey, pathToStoreSSLPrivKey) shutil.copy(srcFullChain, pathToStoreSSLFullChain) ## lcpd specific functions shutil.copy(srcPrivKey, destPrivKey) shutil.copy(srcFullChain, destCert) command = 'sudo systemctl restart lscpd' cmd = shlex.split(command) res = subprocess.call(cmd) website.ssl = 1 website.save() data_ret = {"SSL": 1, 'error_message': "None"} json_data = json.dumps(data_ret) return HttpResponse(json_data) except BaseException, msg: data_ret = {"SSL": 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data) except KeyError: data_ret = {"SSL": 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data)
def saveModSecConfigurations(request): try: val = request.session['userID'] try: if request.method == 'POST': data = json.loads(request.body) modsecurity = data['modsecurity_status'] SecAuditEngine = data['SecAuditEngine'] SecRuleEngine = data['SecRuleEngine'] SecDebugLogLevel = data['SecDebugLogLevel'] SecAuditLogParts = data['SecAuditLogParts'] SecAuditLogRelevantStatus = data['SecAuditLogRelevantStatus'] SecAuditLogType = data['SecAuditLogType'] if modsecurity == True: modsecurity = "modsecurity on" else: modsecurity = "modsecurity off" if SecAuditEngine == True: SecAuditEngine = "SecAuditEngine on" else: SecAuditEngine = "SecAuditEngine off" if SecRuleEngine == True: SecRuleEngine = "SecRuleEngine On" else: SecRuleEngine = "SecRuleEngine off" SecDebugLogLevel = "SecDebugLogLevel " + str(SecDebugLogLevel) SecAuditLogParts = "SecAuditLogParts " + str(SecAuditLogParts) SecAuditLogRelevantStatus = "SecAuditLogRelevantStatus " + SecAuditLogRelevantStatus SecAuditLogType = "SecAuditLogType " + SecAuditLogType ## writing data temporary to file tempConfigPath = "/home/cyberpanel/" + str(randint(1000, 9999)) confPath = open(tempConfigPath, "w") confPath.writelines(modsecurity + "\n") confPath.writelines(SecAuditEngine + "\n") confPath.writelines(SecRuleEngine + "\n") confPath.writelines(SecDebugLogLevel + "\n") confPath.writelines(SecAuditLogParts + "\n") confPath.writelines(SecAuditLogRelevantStatus + "\n") confPath.writelines(SecAuditLogType + "\n") confPath.close() ## save configuration data execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/modSec.py" execPath = execPath + " saveModSecConfigs --tempConfigPath " + tempConfigPath output = subprocess.check_output(shlex.split(execPath)) if output.find("1,None") > -1: installUtilities.reStartLiteSpeed() data_ret = {'saveStatus': 1, 'error_message': "None"} json_data = json.dumps(data_ret) return HttpResponse(json_data) else: data_ret = {'saveStatus': 0, 'error_message': output} json_data = json.dumps(data_ret) return HttpResponse(json_data) except BaseException, msg: data_ret = {'saveStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data) except KeyError, msg: logging.CyberCPLogFileWriter.writeToFile(str(msg)) data_ret = {'saveStatus': 0, 'error_message': str(msg)} json_data = json.dumps(data_ret) return HttpResponse(json_data)
def installStatusModSec(request): try: val = request.session['userID'] try: if request.method == 'POST': installStatus = unicode( open(modSec.installLogPath, "r").read()) if installStatus.find("[200]") > -1: execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/modSec.py" execPath = execPath + " installModSecConfigs" output = subprocess.check_output(shlex.split(execPath)) if output.find("1,None") > -1: pass else: final_json = json.dumps({ 'error_message': "Failed to install ModSecurity configurations.", 'requestStatus': installStatus, 'abort': 1, 'installed': 0, }) return HttpResponse(final_json) installUtilities.reStartLiteSpeed() final_json = json.dumps({ 'error_message': "None", 'requestStatus': installStatus, 'abort': 1, 'installed': 1, }) return HttpResponse(final_json) elif installStatus.find("[404]") > -1: final_json = json.dumps({ 'abort': 1, 'installed': 0, 'error_message': "None", 'requestStatus': installStatus, }) return HttpResponse(final_json) else: final_json = json.dumps({ 'abort': 0, 'error_message': "None", 'requestStatus': installStatus, }) return HttpResponse(final_json) except BaseException, msg: final_dic = {'abort': 1, 'installed': 0, 'error_message': str(msg)} final_json = json.dumps(final_dic) return HttpResponse(final_json) except KeyError: final_dic = { 'abort': 1, 'installed': 0, 'error_message': "Not Logged In, please refresh the page or login again." } final_json = json.dumps(final_dic) return HttpResponse(final_json)
def createWebsite(request): try: if request.method == 'POST': data = json.loads(request.body) adminUser = data['adminUser'] adminPass = data['adminPass'] domain = data['domainName'] adminEmail = data['ownerEmail'] packageName = data['packageName'] websiteOwner = data['websiteOwner'] ownerPassword = data['ownerPassword'] try: website = Websites.objects.get(domain=domain) data_ret = { "existsStatus": 0, 'createWebSiteStatus': 0, 'error_message': "Website Already Exists" } json_data = json.dumps(data_ret) return HttpResponse(json_data) except: pass phpSelection = "PHP 7.0" admin = Administrator.objects.get(userName=adminUser) if hashPassword.check_password(admin.password, adminPass): pass else: data_ret = { "existsStatus": 0, 'createWebSiteStatus': 0, 'error_message': "Could not authorize access to API" } json_data = json.dumps(data_ret) return HttpResponse(json_data) if adminEmail is None: adminEmail = "*****@*****.**" try: websiteOwn = Administrator( userName=websiteOwner, password=hashPassword.hash_password(ownerPassword), email=adminEmail, type=3, owner=admin.pk, initWebsitesLimit=1) websiteOwn.save() except BaseException, msg: pass if virtualHostUtilities.checkIfVirtualHostExists(domain) == 1: data_ret = { "existsStatus": 1, 'createWebSiteStatus': 0, 'error_message': "This domain already exists in Litespeed Configurations, first delete the domain to perform sweap." } json_data = json.dumps(data_ret) return HttpResponse(json_data) if virtualHostUtilities.createDirectoryForVirtualHost( domain, adminEmail, phpSelection) != 1: numberOfWebsites = Websites.objects.count( ) + ChildDomains.objects.count() virtualHostUtilities.deleteVirtualHostConfigurations( domain, numberOfWebsites) data_ret = { "existsStatus": 1, 'createWebSiteStatus': 0, 'error_message': "Can not create configurations, see CyberCP main log file." } json_data = json.dumps(data_ret) return HttpResponse(json_data) if virtualHostUtilities.createConfigInMainVirtualHostFile( domain) != 1: numberOfWebsites = Websites.objects.count( ) + ChildDomains.objects.count() virtualHostUtilities.deleteVirtualHostConfigurations( domain, numberOfWebsites) data_ret = { "existsStatus": 1, 'createWebSiteStatus': 0, 'error_message': "Can not create configurations, see CyberCP main log file." } json_data = json.dumps(data_ret) return HttpResponse(json_data) installUtilities.reStartLiteSpeed() selectedPackage = Package.objects.get(packageName=packageName) websiteOwn = Administrator.objects.get(userName=websiteOwner) website = Websites(admin=websiteOwn, package=selectedPackage, domain=domain, adminEmail=adminEmail, phpSelection=phpSelection, ssl=0) website.save() shutil.copy("/usr/local/CyberCP/index.html", "/home/" + domain + "/public_html/index.html") data_ret = { 'createWebSiteStatus': 1, 'error_message': "None", "existsStatus": 0 } json_data = json.dumps(data_ret) return HttpResponse(json_data) except BaseException, msg: numberOfWebsites = Websites.objects.count( ) + ChildDomains.objects.count() virtualHostUtilities.deleteVirtualHostConfigurations( domain, numberOfWebsites) data_ret = { 'createWebSiteStatus': 0, 'error_message': str(msg), "existsStatus": 0 } json_data = json.dumps(data_ret) return HttpResponse(json_data)
def installComodo(): try: if ProcessUtilities.decideServer() == ProcessUtilities.OLS: if modSec.setupComodoRules() == 0: print '0, Unable to download Comodo Rules.' return owaspRulesConf = """modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/modsecurity.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/00_Init_Initialization.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/01_Init_AppsInitialization.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/02_Global_Generic.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/03_Global_Agents.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/04_Global_Domains.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/05_Global_Backdoor.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/06_XSS_XSS.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/07_Global_Other.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/08_Bruteforce_Bruteforce.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/09_HTTP_HTTP.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/10_HTTP_HTTPDoS.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/11_HTTP_Protocol.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/12_HTTP_Request.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/13_Outgoing_FilterGen.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/14_Outgoing_FilterASP.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/15_Outgoing_FilterPHP.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/16_Outgoing_FilterSQL.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/17_Outgoing_FilterOther.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/18_Outgoing_FilterInFrame.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/19_Outgoing_FiltersEnd.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/20_PHP_PHPGen.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/21_SQL_SQLi.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/22_Apps_Joomla.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/23_Apps_JComponent.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/24_Apps_WordPress.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/25_Apps_WPPlugin.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/26_Apps_WHMCS.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/27_Apps_Drupal.conf modsecurity_rules_file /usr/local/lsws/conf/modsec/comodo/28_Apps_OtherApps.conf """ confFile = os.path.join(virtualHostUtilities.Server_root, "conf/httpd_config.conf") confData = open(confFile).readlines() conf = open(confFile, 'w') for items in confData: if items.find( '/usr/local/lsws/conf/modsec/rules.conf') > -1: conf.writelines(items) conf.write(owaspRulesConf) continue else: conf.writelines(items) conf.close() installUtilities.reStartLiteSpeed() print "1,None" return else: if os.path.exists('/usr/local/lsws/conf/comodo_litespeed'): shutil.rmtree('/usr/local/lsws/conf/comodo_litespeed') extractLocation = os.path.join( virtualHostUtilities.Server_root, "conf") if os.path.exists('cpanel_litespeed_vendor'): os.remove('cpanel_litespeed_vendor') command = "wget https://waf.comodo.com/api/cpanel_litespeed_vendor" result = subprocess.call(shlex.split(command)) if result == 1: return 0 command = "unzip cpanel_litespeed_vendor -d " + extractLocation result = subprocess.call(shlex.split(command)) command = 'sudo chown -R lsadm:lsadm /usr/local/lsws/conf' subprocess.call(shlex.split(command)) installUtilities.reStartLiteSpeed() print "1,None" return except BaseException, msg: logging.CyberCPLogFileWriter.writeToFile( str(msg) + " [installComodo]") print "0," + str(msg)
def saveModSecConfigs(tempConfigPath): try: data = open(tempConfigPath).readlines() os.remove(tempConfigPath) if ProcessUtilities.decideServer() == ProcessUtilities.OLS: confFile = os.path.join(virtualHostUtilities.Server_root, "conf/httpd_config.conf") confData = open(confFile).readlines() conf = open(confFile, 'w') for items in confData: if items.find('modsecurity ') > -1: conf.writelines(data[0]) continue elif items.find('SecAuditEngine ') > -1: conf.writelines(data[1]) continue elif items.find('SecRuleEngine ') > -1: conf.writelines(data[2]) continue elif items.find('SecDebugLogLevel') > -1: conf.writelines(data[3]) continue elif items.find('SecAuditLogRelevantStatus ') > -1: conf.writelines(data[5]) continue elif items.find('SecAuditLogParts ') > -1: conf.writelines(data[4]) continue elif items.find('SecAuditLogType ') > -1: conf.writelines(data[6]) continue else: conf.writelines(items) conf.close() installUtilities.reStartLiteSpeed() print "1,None" return else: confFile = os.path.join(virtualHostUtilities.Server_root, "conf/modsec.conf") confData = open(confFile).readlines() conf = open(confFile, 'w') for items in confData: if items.find('SecAuditEngine ') > -1: conf.writelines(data[0]) continue elif items.find('SecRuleEngine ') > -1: conf.writelines(data[1]) continue elif items.find('SecDebugLogLevel') > -1: conf.writelines(data[2]) continue elif items.find('SecAuditLogRelevantStatus ') > -1: conf.writelines(data[4]) continue elif items.find('SecAuditLogParts ') > -1: conf.writelines(data[3]) continue elif items.find('SecAuditLogType ') > -1: conf.writelines(data[5]) continue else: conf.writelines(items) conf.close() installUtilities.reStartLiteSpeed() print "1,None" return except BaseException, msg: logging.CyberCPLogFileWriter.writeToFile( str(msg) + " [saveModSecConfigs]") print "0," + str(msg)
def createWebsite(request): try: if request.method == 'POST': data = json.loads(request.body) adminUser = data['adminUser'] adminPass = data['adminPass'] domain = data['domainName'] adminEmail = data['ownerEmail'] packageName = data['packageName'] websiteOwner = data['websiteOwner'] ownerPassword = data['ownerPassword'] try: website = Websites.objects.get(domain=domain) data_ret = {"existsStatus": 0, 'createWebSiteStatus': 0, 'error_message': "Website Already Exists"} json_data = json.dumps(data_ret) return HttpResponse(json_data) except: pass phpSelection = "PHP 7.0" admin = Administrator.objects.get(userName=adminUser) if hashPassword.check_password(admin.password, adminPass): pass else: data_ret = {"existsStatus": 0, 'createWebSiteStatus': 0, 'error_message': "Could not authorize access to API"} json_data = json.dumps(data_ret) return HttpResponse(json_data) if adminEmail is None: adminEmail = "*****@*****.**" try: websiteOwn = Administrator(userName=websiteOwner, password=hashPassword.hash_password(ownerPassword), email=adminEmail, type=3, owner=admin.pk, initWebsitesLimit=1) websiteOwn.save() except BaseException,msg: pass if virtualHostUtilities.checkIfVirtualHostExists(domain) == 1: data_ret = {"existsStatus": 1, 'createWebSiteStatus': 0, 'error_message': "This domain already exists in Litespeed Configurations, first delete the domain to perform sweap."} json_data = json.dumps(data_ret) return HttpResponse(json_data) if virtualHostUtilities.createDirectoryForVirtualHost(domain, adminEmail, phpSelection) != 1: numberOfWebsites = Websites.objects.count()+ChildDomains.objects.count() virtualHostUtilities.deleteVirtualHostConfigurations(domain, numberOfWebsites) data_ret = {"existsStatus": 1, 'createWebSiteStatus': 0, 'error_message': "Can not create configurations, see CyberCP main log file."} json_data = json.dumps(data_ret) return HttpResponse(json_data) if virtualHostUtilities.createConfigInMainVirtualHostFile(domain) != 1: numberOfWebsites = Websites.objects.count()+ChildDomains.objects.count() virtualHostUtilities.deleteVirtualHostConfigurations(domain, numberOfWebsites) data_ret = {"existsStatus": 1, 'createWebSiteStatus': 0, 'error_message': "Can not create configurations, see CyberCP main log file."} json_data = json.dumps(data_ret) return HttpResponse(json_data) installUtilities.reStartLiteSpeed() selectedPackage = Package.objects.get(packageName=packageName) websiteOwn = Administrator.objects.get(userName=websiteOwner) website = Websites(admin=websiteOwn, package=selectedPackage, domain=domain, adminEmail=adminEmail, phpSelection=phpSelection, ssl=0) website.save() shutil.copy("/usr/local/CyberCP/index.html", "/home/" + domain + "/public_html/index.html") data_ret = {'createWebSiteStatus': 1, 'error_message': "None", "existsStatus": 0} json_data = json.dumps(data_ret) return HttpResponse(json_data) except BaseException, msg: numberOfWebsites = Websites.objects.count()+ChildDomains.objects.count() virtualHostUtilities.deleteVirtualHostConfigurations(domain, numberOfWebsites) data_ret = {'createWebSiteStatus': 0, 'error_message': str(msg), "existsStatus": 0} json_data = json.dumps(data_ret) return HttpResponse(json_data)