def SaveProtocols():
import changeconfig
a = stuffs.Filtro()
b = a.CheckStr(request.vars['id'])
if b != 'YES':
return
query = db(db.production.id_rand == request.vars['id']).select(
db.production.nginx_conf_data, db.production.app_name)
text = ""
array = ['unchecked', 'unchecked', 'unchecked']
if request.vars['1'] == "true":
text = text + " TLSv1"
array[0] = 'checked'
if request.vars['2'] == "true":
text = text + " TLSv1.1"
array[1] = 'checked'
if request.vars['3'] == "true":
text = text + " TLSv1.2"
array[2] = 'checked'
if text == "":
response.flash = "Error"
return
#print array
text = text + ";"
try:
change = changeconfig.Change()
r = change.Text(query[0]['nginx_conf_data'], 'ssl_protocols',
" ssl_protocols%s" % (text))
DataNginx = '\n'.join(r['new_list'])
AppName = query[0]['app_name']
UpdateFiles = stuffs.CreateFiles()
UpdateFiles.CreateNginxFiles(ProdNginxAvail, AppName, DataNginx)
u = stuffs.Nginx()
u.Reload()
db.certificate.update_or_insert(
db.certificate.id_rand == request.vars['id'], protocol=array)
db(db.production.id_rand == request.vars['id']).update(
nginx_conf_data='\n'.join(r['new_list']))
except Exception as e:
response.flash = e
return
response.flash = "Changed Protocol SSL"
return
def CipherPrefer():
import changeconfig
a = stuffs.Filtro()
b = a.CheckStr(request.vars['id'])
if b != 'YES':
return
query = db(db.production.id_rand == request.vars['id']).select(
db.production.nginx_conf_data, db.production.app_name)
text = ""
if request.vars['status'] == "On":
text = text + " on"
db.certificate.update_or_insert(
db.certificate.id_rand == request.vars['id'],
prefer_cipher="checked")
elif request.vars['status'] == "Off":
text = text + " off"
db.certificate.update_or_insert(
db.certificate.id_rand == request.vars['id'],
prefer_cipher="unchecked")
else:
response.flash = "Error"
return
text = text + ";"
try:
change = changeconfig.Change()
r = change.Text(query[0]['nginx_conf_data'],
'ssl_prefer_server_ciphers',
" ssl_prefer_server_ciphers%s" % (text))
DataNginx = '\n'.join(r['new_list'])
AppName = query[0]['app_name']
UpdateFiles = stuffs.CreateFiles()
UpdateFiles.CreateNginxFiles(ProdNginxAvail, AppName, DataNginx)
u = stuffs.Nginx()
u.Reload()
db(db.production.id_rand == request.vars['id']).update(
nginx_conf_data='\n'.join(r['new_list']))
except Exception as e:
response.flash = e
return
response.flash = "Changed SSL prefer server ciphers SSL"
return
def SavedCipher():
import changeconfig
a = stuffs.Filtro()
b = a.CheckStr(request.vars['id'])
if b != 'YES':
response.flash = "Error"
return
if any(c in str(request.vars['ciphers'])
for c in "\"/',%#$=*()[]{}?¿|&<>¨~°^ ."):
response.flash = "Error"
return
query = db(db.production.id_rand == request.vars['id']).select(
db.production.nginx_conf_data, db.production.app_name)
text = request.vars['ciphers']
text2 = "'" + text + "';"
try:
change = changeconfig.Change()
r = change.Text(query[0]['nginx_conf_data'], 'ssl_ciphers',
" ssl_ciphers %s" % (text2))
DataNginx = '\n'.join(r['new_list'])
AppName = query[0]['app_name']
UpdateFiles = stuffs.CreateFiles()
UpdateFiles.CreateNginxFiles(ProdNginxAvail, AppName, DataNginx)
u = stuffs.Nginx()
u.Reload()
db.certificate.update_or_insert(
db.certificate.id_rand == request.vars['id'], ciphers=text)
db(db.production.id_rand == request.vars['id']).update(
nginx_conf_data='\n'.join(r['new_list']))
except Exception as e:
response.flash = e
return
response.flash = "Changed SSL Cipher"
return
def DeleteRule():
import changeconfig
a = stuffs.Filtro()
#print request.vars['type']
try:
b = a.CheckStr(request.vars['id_rand'])
c = a.CheckRule(request.vars['ruleid'])
d = int(request.vars['type'])
except:
b = 'NO'
if b == 'YES' and c == 'YES' and request.vars['type'] == '0':
#remove rule from exclusions table
db((db.exclusions.id_rand == request.vars['id_rand'])
& (db.exclusions.rules_id == request.vars['ruleid'])
& (db.exclusions.type == 0)).delete()
modsec = db(db.production.id_rand == request.vars['id_rand']).select(
db.production.modsec_conf_data, db.production.app_name,
db.production.mode)
#change configuration
#Change return a dictionary with status message and the new list whith changed configuration ex: {'newconf_list': 'data', 'message':'success or error'}
change = changeconfig.Change()
alter = change.Text(modsec[0]['modsec_conf_data'],
'SecRuleRemoveById ' + request.vars['ruleid'], '')
db(db.production.id_rand == request.vars['id_rand']).update(
modsec_conf_data='\n'.join(alter['new_list']))
#get new modsec conf
new_modsec = db(
db.production.id_rand == request.vars['id_rand']).select(
db.production.modsec_conf_data)
UpdateFiles = stuffs.CreateFiles()
try:
UpdateFiles.CreateModsecConf('prod', modsec[0]['app_name'],
new_modsec[0]['modsec_conf_data'])
stuffs.Nginx().Reload()
#NewLogApp(db2, auth.user.username, "Mode: prod " + data[0]['app_name'])
except Exception as e:
#NewLogError(db2, auth.user.username, "Mode: " + str(e))
session.flash = e
response.flash = 'Rule deleted succesfully'
r = 'Rule deleted succesfully'
elif b == 'YES' and c == 'YES' and request.vars['type'] == '1':
db((db.exclusions.id_rand == request.vars['id_rand'])
& (db.exclusions.rules_id == request.vars['ruleid'])
& (db.exclusions.type == 1)).delete()
modsec = db(db.production.id_rand == request.vars['id_rand']).select(
db.production.modsec_conf_data, db.production.app_name,
db.production.mode)
#change configuration
#Change return a dictionary with status message and the new list whith changed configuration ex: {'newconf_list': 'data', 'message':'success or error'}
change = changeconfig.Change()
alter = change.Text(modsec[0]['modsec_conf_data'],
'ctl:ruleRemoveById=' + request.vars['ruleid'], '')
db(db.production.id_rand == request.vars['id_rand']).update(
modsec_conf_data='\n'.join(alter['new_list']))
#get new modsec conf
new_modsec = db(
db.production.id_rand == request.vars['id_rand']).select(
db.production.modsec_conf_data)
UpdateFiles = stuffs.CreateFiles()
try:
UpdateFiles.CreateModsecConf('prod', modsec[0]['app_name'],
new_modsec[0]['modsec_conf_data'])
stuffs.Nginx().Reload()
#NewLogApp(db2, auth.user.username, "Mode: prod " + data[0]['app_name'])
except Exception as e:
#NewLogError(db2, auth.user.username, "Mode: " + str(e))
session.flash = e
response.flash = 'Rule deleted succesfully'
r = 'Rule deleted succesfully'
else:
r = 'Error in data supplied'
return response.json(r)
