mirror of
https://github.com/usmannasir/cyberpanel.git
synced 2026-01-20 14:32:06 +01:00
Merge branch 'v2.0.3' into stable
This commit is contained in:
Usman Nasir
@@ -93,10 +93,10 @@ class CageFS:
|
||||
logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath,
|
||||
"Reinstalling important components ..\n", 1)
|
||||
|
||||
command = 'yum install -y lvemanager'
|
||||
command = 'yum install -y alt-python37-devel'
|
||||
ServerStatusUtil.executioner(command, statusFile)
|
||||
|
||||
command = 'yum reinstall -y lvemanager lve-utils cagefs alt-python27-cllib'
|
||||
command = 'yum reinstall -y lvemanager lve-utils cagefs'
|
||||
ServerStatusUtil.executioner(command, statusFile)
|
||||
|
||||
logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath,
|
||||
|
||||
@@ -188,9 +188,11 @@ class InstallCyberPanel:
|
||||
'lsphp7?-ldap lsphp7?-mysql lsphp7?-opcache lsphp7?-pspell lsphp7?-recode ' \
|
||||
'lsphp7?-sqlite3 lsphp7?-tidy'
|
||||
|
||||
res = os.system(command)
|
||||
if res != 0:
|
||||
InstallCyberPanel.stdOut("Failed to install PHP on Ubuntu.", 1, 1)
|
||||
os.system(command)
|
||||
|
||||
command = 'DEBIAN_FRONTEND=noninteractive apt-get -y install lsphp80*'
|
||||
os.system(command)
|
||||
|
||||
|
||||
elif self.distro == centos:
|
||||
command = 'yum -y groupinstall lsphp-all'
|
||||
@@ -232,8 +234,11 @@ class InstallCyberPanel:
|
||||
|
||||
install.preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR)
|
||||
|
||||
command = 'yum install lsphp80* -y'
|
||||
subprocess.call(command, shell=True)
|
||||
|
||||
if self.distro == cent8:
|
||||
command = 'dnf install lsphp71* lsphp72* lsphp73* lsphp74* --exclude lsphp73-pecl-zip -y'
|
||||
command = 'dnf install lsphp71* lsphp72* lsphp73* lsphp74* lsphp80* --exclude lsphp73-pecl-zip -y'
|
||||
subprocess.call(command, shell=True)
|
||||
|
||||
def installMySQL(self, mysql):
|
||||
|
||||
@@ -125,19 +125,7 @@
|
||||
<name>XSS attack</name>
|
||||
<ruleSetAction>log,deny,status:403,msg:'XSS attack'</ruleSetAction>
|
||||
<enabled>1</enabled>
|
||||
<ruleSet>SecFilterSelective ARGS "(alert|expression|eval|url)[[:space:]]*\("
|
||||
SecFilterSelective ARGS "(&\{.+\}|(&#[[0-9a-fA-F]]|\x5cx[0-9a-fA-F]){2})"
|
||||
|
||||
SecFilterSelective ARGS "((javascript|vbscript):|style[[:space:]]*=)"
|
||||
SecFilterSelective ARGS "(fromCharCode|http-equiv|<.+>|innerHTML|dynsrc|-->)"
|
||||
SecFilterSelective ARGS "document\.(body|cookie|location|write)"
|
||||
|
||||
SecFilterSelective ARGS_VALUES "jsessionid|phpsessid|onReadyStateChange|xmlHttp"
|
||||
|
||||
SecFilterSelective ARGS "<(applet|div|embed|iframe|img|meta|object|script|textarea)"
|
||||
|
||||
# JavaScript event handlers
|
||||
SecFilterSelective ARGS "on(Abort|Blur|Click|DblClick|DragDrop|Error|Focus|KeyUp|KeyDown|KeyPrerss|Load|Mouse(Down|Out|Over|Up)|Move|Reset|Resize|Select|Submit|Unload)"</ruleSet>
|
||||
<ruleSet></ruleSet>
|
||||
</censorshipRuleSet>
|
||||
<censorshipRuleSet>
|
||||
<name>SQL injection</name>
|
||||
|
||||
@@ -13,13 +13,13 @@ class PHPManager:
|
||||
def findPHPVersions():
|
||||
distro = ProcessUtilities.decideDistro()
|
||||
if distro == ProcessUtilities.centos:
|
||||
return ['PHP 5.3', 'PHP 5.4', 'PHP 5.5', 'PHP 5.6', 'PHP 7.0', 'PHP 7.1', 'PHP 7.2', 'PHP 7.3', 'PHP 7.4']
|
||||
return ['PHP 5.3', 'PHP 5.4', 'PHP 5.5', 'PHP 5.6', 'PHP 7.0', 'PHP 7.1', 'PHP 7.2', 'PHP 7.3', 'PHP 7.4', 'PHP 8.0']
|
||||
elif distro == ProcessUtilities.cent8:
|
||||
return ['PHP 7.1','PHP 7.2', 'PHP 7.3', 'PHP 7.4']
|
||||
return ['PHP 7.1','PHP 7.2', 'PHP 7.3', 'PHP 7.4', 'PHP 8.0']
|
||||
elif distro == ProcessUtilities.ubuntu20:
|
||||
return ['PHP 7.2', 'PHP 7.3', 'PHP 7.4']
|
||||
return ['PHP 7.2', 'PHP 7.3', 'PHP 7.4', 'PHP 8.0']
|
||||
else:
|
||||
return ['PHP 7.0', 'PHP 7.1', 'PHP 7.2', 'PHP 7.3', 'PHP 7.4']
|
||||
return ['PHP 7.0', 'PHP 7.1', 'PHP 7.2', 'PHP 7.3', 'PHP 7.4', 'PHP 8.0']
|
||||
|
||||
@staticmethod
|
||||
def getPHPString(phpVersion):
|
||||
@@ -42,6 +42,8 @@ class PHPManager:
|
||||
php = "73"
|
||||
elif phpVersion == "PHP 7.4":
|
||||
php = "74"
|
||||
elif phpVersion == "PHP 8.0":
|
||||
php = "80"
|
||||
|
||||
return php
|
||||
|
||||
|
||||
@@ -222,6 +222,7 @@ class sslUtilities:
|
||||
|
||||
cacheRoot = """ <IfModule LiteSpeed>
|
||||
CacheRoot lscache
|
||||
CacheLookup on
|
||||
</IfModule>
|
||||
"""
|
||||
|
||||
|
||||
@@ -1923,7 +1923,6 @@ echo $oConfig->Save() ? 'Done' : 'Error';
|
||||
@staticmethod
|
||||
def installPHP73():
|
||||
try:
|
||||
|
||||
if Upgrade.installedOutput.find('lsphp73') == -1:
|
||||
command = 'yum install -y lsphp73 lsphp73-json lsphp73-xmlrpc lsphp73-xml lsphp73-tidy lsphp73-soap lsphp73-snmp ' \
|
||||
'lsphp73-recode lsphp73-pspell lsphp73-process lsphp73-pgsql lsphp73-pear lsphp73-pdo lsphp73-opcache ' \
|
||||
@@ -1939,6 +1938,10 @@ echo $oConfig->Save() ? 'Done' : 'Error';
|
||||
|
||||
Upgrade.executioner(command, 'Install PHP 74, 0')
|
||||
|
||||
if Upgrade.installedOutput.find('lsphp80') == -1:
|
||||
command = 'yum install lsphp80* -y'
|
||||
subprocess.call(command, shell=True)
|
||||
|
||||
except:
|
||||
command = 'DEBIAN_FRONTEND=noninteractive apt-get -y install ' \
|
||||
'lsphp7? lsphp7?-common lsphp7?-curl lsphp7?-dev lsphp7?-imap lsphp7?-intl lsphp7?-json ' \
|
||||
@@ -1946,6 +1949,9 @@ echo $oConfig->Save() ? 'Done' : 'Error';
|
||||
'lsphp7?-sqlite3 lsphp7?-tidy'
|
||||
Upgrade.executioner(command, 'Install PHP 73, 0')
|
||||
|
||||
command = 'DEBIAN_FRONTEND=noninteractive apt-get -y install lsphp80*'
|
||||
os.system(command)
|
||||
|
||||
CentOSPath = '/etc/redhat-release'
|
||||
|
||||
if not os.path.exists(CentOSPath):
|
||||
|
||||
@@ -125,31 +125,7 @@
|
||||
<name>XSS attack</name>
|
||||
<ruleSetAction>log,deny,status:403,msg:'XSS attack'</ruleSetAction>
|
||||
<enabled>1</enabled>
|
||||
<ruleSet>SecFilterSelective ARGS "(alert|expression|eval|url)[[:space:]]*\("
|
||||
SecFilterSelective ARGS "(&\{.+\}|(&#[[0-9a-fA-F]]|\x5cx[0-9a-fA-F]){2})"
|
||||
|
||||
SecFilterSelective ARGS "((javascript|vbscript):|style[[:space:]]*=)"
|
||||
SecFilterSelective ARGS "(fromCharCode|http-equiv|<.+>|innerHTML|dynsrc|-->)"
|
||||
SecFilterSelective ARGS "document\.(body|cookie|location|write)"
|
||||
|
||||
SecFilterSelective ARGS_VALUES "jsessionid|phpsessid|onReadyStateChange|xmlHttp"
|
||||
|
||||
SecFilterSelective ARGS "<(applet|div|embed|iframe|img|meta|object|script|textarea)"
|
||||
|
||||
# JavaScript event handlers
|
||||
SecFilterSelective ARGS "on(Abort|Blur|Click|DblClick|DragDrop|Error|Focus|KeyUp|KeyDown|KeyPrerss|Load|Mouse(Down|Out|Over|Up)|Move|Reset|Resize|Select|Submit|Unload)"</ruleSet>
|
||||
</censorshipRuleSet>
|
||||
<censorshipRuleSet>
|
||||
<name>SQL injection</name>
|
||||
<ruleSetAction>log,pass,msg:'SQL Injection attack'</ruleSetAction>
|
||||
<enabled>1</enabled>
|
||||
<ruleSet>#SQL generic
|
||||
SecFilterSelective ARGS "drop[[:space:]]+(database|table|column|procedure)"
|
||||
SecFilterSelective ARGS "delete[[:space:]]+from|create[[:space:]]+table|update.+set.+=|insert[[:space:]]+into.+values"
|
||||
SecFilterSelective ARGS "select.+from|bulk[[:space:]]+insert|union.+select|alter[[:space:]]+table"
|
||||
SecFilterSelective ARGS "or.+1[[:space:]]*=[[:space:]]1|or 1=1--'|'.+--"
|
||||
|
||||
SecFilterSelective ARGS "into[[:space:]]+outfile|load[[:space:]]+data|/\*.+\*/"</ruleSet>
|
||||
<ruleSet></ruleSet>
|
||||
</censorshipRuleSet>
|
||||
<accessDenyDir>
|
||||
<dir>/</dir>
|
||||
|
||||
Reference in New Issue
Block a user