def SaveProtocols(): import changeconfig a = stuffs.Filtro() b = a.CheckStr(request.vars['id']) if b != 'YES': return query = db(db.production.id_rand == request.vars['id']).select( db.production.nginx_conf_data, db.production.app_name) text = "" array = ['unchecked', 'unchecked', 'unchecked'] if request.vars['1'] == "true": text = text + " TLSv1" array[0] = 'checked' if request.vars['2'] == "true": text = text + " TLSv1.1" array[1] = 'checked' if request.vars['3'] == "true": text = text + " TLSv1.2" array[2] = 'checked' if text == "": response.flash = "Error" return #print array text = text + ";" try: change = changeconfig.Change() r = change.Text(query[0]['nginx_conf_data'], 'ssl_protocols', " ssl_protocols%s" % (text)) DataNginx = '\n'.join(r['new_list']) AppName = query[0]['app_name'] UpdateFiles = stuffs.CreateFiles() UpdateFiles.CreateNginxFiles(ProdNginxAvail, AppName, DataNginx) u = stuffs.Nginx() u.Reload() db.certificate.update_or_insert( db.certificate.id_rand == request.vars['id'], protocol=array) db(db.production.id_rand == request.vars['id']).update( nginx_conf_data='\n'.join(r['new_list'])) except Exception as e: response.flash = e return response.flash = "Changed Protocol SSL" return
def CipherPrefer(): import changeconfig a = stuffs.Filtro() b = a.CheckStr(request.vars['id']) if b != 'YES': return query = db(db.production.id_rand == request.vars['id']).select( db.production.nginx_conf_data, db.production.app_name) text = "" if request.vars['status'] == "On": text = text + " on" db.certificate.update_or_insert( db.certificate.id_rand == request.vars['id'], prefer_cipher="checked") elif request.vars['status'] == "Off": text = text + " off" db.certificate.update_or_insert( db.certificate.id_rand == request.vars['id'], prefer_cipher="unchecked") else: response.flash = "Error" return text = text + ";" try: change = changeconfig.Change() r = change.Text(query[0]['nginx_conf_data'], 'ssl_prefer_server_ciphers', " ssl_prefer_server_ciphers%s" % (text)) DataNginx = '\n'.join(r['new_list']) AppName = query[0]['app_name'] UpdateFiles = stuffs.CreateFiles() UpdateFiles.CreateNginxFiles(ProdNginxAvail, AppName, DataNginx) u = stuffs.Nginx() u.Reload() db(db.production.id_rand == request.vars['id']).update( nginx_conf_data='\n'.join(r['new_list'])) except Exception as e: response.flash = e return response.flash = "Changed SSL prefer server ciphers SSL" return
def SavedCipher(): import changeconfig a = stuffs.Filtro() b = a.CheckStr(request.vars['id']) if b != 'YES': response.flash = "Error" return if any(c in str(request.vars['ciphers']) for c in "\"/',%#$=*()[]{}?¿|&<>¨~°^ ."): response.flash = "Error" return query = db(db.production.id_rand == request.vars['id']).select( db.production.nginx_conf_data, db.production.app_name) text = request.vars['ciphers'] text2 = "'" + text + "';" try: change = changeconfig.Change() r = change.Text(query[0]['nginx_conf_data'], 'ssl_ciphers', " ssl_ciphers %s" % (text2)) DataNginx = '\n'.join(r['new_list']) AppName = query[0]['app_name'] UpdateFiles = stuffs.CreateFiles() UpdateFiles.CreateNginxFiles(ProdNginxAvail, AppName, DataNginx) u = stuffs.Nginx() u.Reload() db.certificate.update_or_insert( db.certificate.id_rand == request.vars['id'], ciphers=text) db(db.production.id_rand == request.vars['id']).update( nginx_conf_data='\n'.join(r['new_list'])) except Exception as e: response.flash = e return response.flash = "Changed SSL Cipher" return
def DeleteRule(): import changeconfig a = stuffs.Filtro() #print request.vars['type'] try: b = a.CheckStr(request.vars['id_rand']) c = a.CheckRule(request.vars['ruleid']) d = int(request.vars['type']) except: b = 'NO' if b == 'YES' and c == 'YES' and request.vars['type'] == '0': #remove rule from exclusions table db((db.exclusions.id_rand == request.vars['id_rand']) & (db.exclusions.rules_id == request.vars['ruleid']) & (db.exclusions.type == 0)).delete() modsec = db(db.production.id_rand == request.vars['id_rand']).select( db.production.modsec_conf_data, db.production.app_name, db.production.mode) #change configuration #Change return a dictionary with status message and the new list whith changed configuration ex: {'newconf_list': 'data', 'message':'success or error'} change = changeconfig.Change() alter = change.Text(modsec[0]['modsec_conf_data'], 'SecRuleRemoveById ' + request.vars['ruleid'], '') db(db.production.id_rand == request.vars['id_rand']).update( modsec_conf_data='\n'.join(alter['new_list'])) #get new modsec conf new_modsec = db( db.production.id_rand == request.vars['id_rand']).select( db.production.modsec_conf_data) UpdateFiles = stuffs.CreateFiles() try: UpdateFiles.CreateModsecConf('prod', modsec[0]['app_name'], new_modsec[0]['modsec_conf_data']) stuffs.Nginx().Reload() #NewLogApp(db2, auth.user.username, "Mode: prod " + data[0]['app_name']) except Exception as e: #NewLogError(db2, auth.user.username, "Mode: " + str(e)) session.flash = e response.flash = 'Rule deleted succesfully' r = 'Rule deleted succesfully' elif b == 'YES' and c == 'YES' and request.vars['type'] == '1': db((db.exclusions.id_rand == request.vars['id_rand']) & (db.exclusions.rules_id == request.vars['ruleid']) & (db.exclusions.type == 1)).delete() modsec = db(db.production.id_rand == request.vars['id_rand']).select( db.production.modsec_conf_data, db.production.app_name, db.production.mode) #change configuration #Change return a dictionary with status message and the new list whith changed configuration ex: {'newconf_list': 'data', 'message':'success or error'} change = changeconfig.Change() alter = change.Text(modsec[0]['modsec_conf_data'], 'ctl:ruleRemoveById=' + request.vars['ruleid'], '') db(db.production.id_rand == request.vars['id_rand']).update( modsec_conf_data='\n'.join(alter['new_list'])) #get new modsec conf new_modsec = db( db.production.id_rand == request.vars['id_rand']).select( db.production.modsec_conf_data) UpdateFiles = stuffs.CreateFiles() try: UpdateFiles.CreateModsecConf('prod', modsec[0]['app_name'], new_modsec[0]['modsec_conf_data']) stuffs.Nginx().Reload() #NewLogApp(db2, auth.user.username, "Mode: prod " + data[0]['app_name']) except Exception as e: #NewLogError(db2, auth.user.username, "Mode: " + str(e)) session.flash = e response.flash = 'Rule deleted succesfully' r = 'Rule deleted succesfully' else: r = 'Error in data supplied' return response.json(r)