From e5f5693aa51a629700d6ebea5979f3dff8561a13 Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Fri, 20 Nov 2020 10:57:12 +0500 Subject: [PATCH 1/9] enable cache look for ssl port --- plogical/sslUtilities.py | 1 + 1 file changed, 1 insertion(+) diff --git a/plogical/sslUtilities.py b/plogical/sslUtilities.py index ec3578657..961afa096 100755 --- a/plogical/sslUtilities.py +++ b/plogical/sslUtilities.py @@ -222,6 +222,7 @@ class sslUtilities: cacheRoot = """ CacheRoot lscache + CacheLookup on """ From 85e1415335d7bc2c4a4a68eec52ba3cef44c3040 Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Fri, 20 Nov 2020 11:01:17 +0500 Subject: [PATCH 2/9] remove default modsec rules in lsws config --- install/litespeed/httpd_config.xml | 14 +------------ serverStatus/litespeed/httpd_config.xml | 26 +------------------------ 2 files changed, 2 insertions(+), 38 deletions(-) diff --git a/install/litespeed/httpd_config.xml b/install/litespeed/httpd_config.xml index 1eaf7b811..026bf6572 100755 --- a/install/litespeed/httpd_config.xml +++ b/install/litespeed/httpd_config.xml @@ -125,19 +125,7 @@ XSS attack log,deny,status:403,msg:'XSS attack' 1 - SecFilterSelective ARGS "(alert|expression|eval|url)[[:space:]]*\(" -SecFilterSelective ARGS "(&\{.+\}|(&#[[0-9a-fA-F]]|\x5cx[0-9a-fA-F]){2})" - -SecFilterSelective ARGS "((javascript|vbscript):|style[[:space:]]*=)" -SecFilterSelective ARGS "(fromCharCode|http-equiv|<.+>|innerHTML|dynsrc|-->)" -SecFilterSelective ARGS "document\.(body|cookie|location|write)" - -SecFilterSelective ARGS_VALUES "jsessionid|phpsessid|onReadyStateChange|xmlHttp" - -SecFilterSelective ARGS "<(applet|div|embed|iframe|img|meta|object|script|textarea)" - -# JavaScript event handlers -SecFilterSelective ARGS "on(Abort|Blur|Click|DblClick|DragDrop|Error|Focus|KeyUp|KeyDown|KeyPrerss|Load|Mouse(Down|Out|Over|Up)|Move|Reset|Resize|Select|Submit|Unload)" + SQL injection diff --git a/serverStatus/litespeed/httpd_config.xml b/serverStatus/litespeed/httpd_config.xml index 1eaf7b811..acc6069cf 100755 --- a/serverStatus/litespeed/httpd_config.xml +++ b/serverStatus/litespeed/httpd_config.xml @@ -125,31 +125,7 @@ XSS attack log,deny,status:403,msg:'XSS attack' 1 - SecFilterSelective ARGS "(alert|expression|eval|url)[[:space:]]*\(" -SecFilterSelective ARGS "(&\{.+\}|(&#[[0-9a-fA-F]]|\x5cx[0-9a-fA-F]){2})" - -SecFilterSelective ARGS "((javascript|vbscript):|style[[:space:]]*=)" -SecFilterSelective ARGS "(fromCharCode|http-equiv|<.+>|innerHTML|dynsrc|-->)" -SecFilterSelective ARGS "document\.(body|cookie|location|write)" - -SecFilterSelective ARGS_VALUES "jsessionid|phpsessid|onReadyStateChange|xmlHttp" - -SecFilterSelective ARGS "<(applet|div|embed|iframe|img|meta|object|script|textarea)" - -# JavaScript event handlers -SecFilterSelective ARGS "on(Abort|Blur|Click|DblClick|DragDrop|Error|Focus|KeyUp|KeyDown|KeyPrerss|Load|Mouse(Down|Out|Over|Up)|Move|Reset|Resize|Select|Submit|Unload)" - - - SQL injection - log,pass,msg:'SQL Injection attack' - 1 - #SQL generic -SecFilterSelective ARGS "drop[[:space:]]+(database|table|column|procedure)" -SecFilterSelective ARGS "delete[[:space:]]+from|create[[:space:]]+table|update.+set.+=|insert[[:space:]]+into.+values" -SecFilterSelective ARGS "select.+from|bulk[[:space:]]+insert|union.+select|alter[[:space:]]+table" -SecFilterSelective ARGS "or.+1[[:space:]]*=[[:space:]]1|or 1=1--'|'.+--" - -SecFilterSelective ARGS "into[[:space:]]+outfile|load[[:space:]]+data|/\*.+\*/" + / From 4a90f7a287aa5fa98130964abe2e54dc09319486 Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Tue, 1 Dec 2020 12:33:02 +0500 Subject: [PATCH 3/9] bug fix: cloudlinux --- CLManager/CageFS.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CLManager/CageFS.py b/CLManager/CageFS.py index 9127e4bc5..e42de14a8 100644 --- a/CLManager/CageFS.py +++ b/CLManager/CageFS.py @@ -93,10 +93,10 @@ class CageFS: logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath, "Reinstalling important components ..\n", 1) - command = 'yum install -y lvemanager' + command = 'yum install -y lvemanager alt-python37-devel' ServerStatusUtil.executioner(command, statusFile) - command = 'yum reinstall -y lvemanager lve-utils cagefs alt-python27-cllib' + command = 'yum reinstall -y lvemanager lve-utils cagefs' ServerStatusUtil.executioner(command, statusFile) logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath, From 693c38e6c5481b90c5734ce4155e31239e654197 Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Tue, 1 Dec 2020 15:52:27 +0500 Subject: [PATCH 4/9] bug fix: cloudlinux --- CLManager/CageFS.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CLManager/CageFS.py b/CLManager/CageFS.py index e42de14a8..17713a6b8 100644 --- a/CLManager/CageFS.py +++ b/CLManager/CageFS.py @@ -93,7 +93,7 @@ class CageFS: logging.CyberCPLogFileWriter.statusWriter(ServerStatusUtil.lswsInstallStatusPath, "Reinstalling important components ..\n", 1) - command = 'yum install -y lvemanager alt-python37-devel' + command = 'yum install -y alt-python37-devel' ServerStatusUtil.executioner(command, statusFile) command = 'yum reinstall -y lvemanager lve-utils cagefs' From 4fb826861ef7ec5de03bb35a9bad2bf2f1183ae6 Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Wed, 2 Dec 2020 19:21:57 +0500 Subject: [PATCH 5/9] feature: add php8 --- install/installCyberPanel.py | 14 +++++++++++++- managePHP/phpManager.py | 10 ++++++---- plogical/upgrade.py | 11 +++++++++++ 3 files changed, 30 insertions(+), 5 deletions(-) diff --git a/install/installCyberPanel.py b/install/installCyberPanel.py index 8e43a5aec..c16a1af1c 100755 --- a/install/installCyberPanel.py +++ b/install/installCyberPanel.py @@ -192,6 +192,15 @@ class InstallCyberPanel: if res != 0: InstallCyberPanel.stdOut("Failed to install PHP on Ubuntu.", 1, 1) + command = 'DEBIAN_FRONTEND=noninteractive apt-get -y install ' \ + 'lsphp8? lsphp8?-common lsphp8?-curl lsphp8?-dev lsphp8?-imap lsphp8?-intl lsphp8?-json ' \ + 'lsphp8?-ldap lsphp8?-mysql lsphp8?-opcache lsphp8?-pspell lsphp8?-recode ' \ + 'lsphp8?-sqlite8 lsphp8?-tidy' + + res = os.system(command) + if res != 0: + InstallCyberPanel.stdOut("Failed to install PHP on Ubuntu.", 1, 1) + elif self.distro == centos: command = 'yum -y groupinstall lsphp-all' install.preFlightsChecks.call(command, self.distro, command, command, 1, 1, os.EX_OSERR) @@ -232,8 +241,11 @@ class InstallCyberPanel: install.preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR) + command = 'yum install lsphp80*' + subprocess.call(command, shell=True) + if self.distro == cent8: - command = 'dnf install lsphp71* lsphp72* lsphp73* lsphp74* --exclude lsphp73-pecl-zip -y' + command = 'dnf install lsphp71* lsphp72* lsphp73* lsphp74* lsphp80* --exclude lsphp73-pecl-zip -y' subprocess.call(command, shell=True) def installMySQL(self, mysql): diff --git a/managePHP/phpManager.py b/managePHP/phpManager.py index 4a9fed7e2..c4f1ecae3 100755 --- a/managePHP/phpManager.py +++ b/managePHP/phpManager.py @@ -13,13 +13,13 @@ class PHPManager: def findPHPVersions(): distro = ProcessUtilities.decideDistro() if distro == ProcessUtilities.centos: - return ['PHP 5.3', 'PHP 5.4', 'PHP 5.5', 'PHP 5.6', 'PHP 7.0', 'PHP 7.1', 'PHP 7.2', 'PHP 7.3', 'PHP 7.4'] + return ['PHP 5.3', 'PHP 5.4', 'PHP 5.5', 'PHP 5.6', 'PHP 7.0', 'PHP 7.1', 'PHP 7.2', 'PHP 7.3', 'PHP 7.4', 'PHP 8.0'] elif distro == ProcessUtilities.cent8: - return ['PHP 7.1','PHP 7.2', 'PHP 7.3', 'PHP 7.4'] + return ['PHP 7.1','PHP 7.2', 'PHP 7.3', 'PHP 7.4', 'PHP 8.0'] elif distro == ProcessUtilities.ubuntu20: - return ['PHP 7.2', 'PHP 7.3', 'PHP 7.4'] + return ['PHP 7.2', 'PHP 7.3', 'PHP 7.4', 'PHP 8.0'] else: - return ['PHP 7.0', 'PHP 7.1', 'PHP 7.2', 'PHP 7.3', 'PHP 7.4'] + return ['PHP 7.0', 'PHP 7.1', 'PHP 7.2', 'PHP 7.3', 'PHP 7.4', 'PHP 8.0'] @staticmethod def getPHPString(phpVersion): @@ -42,6 +42,8 @@ class PHPManager: php = "73" elif phpVersion == "PHP 7.4": php = "74" + elif phpVersion == "PHP 8.0": + php = "80" return php diff --git a/plogical/upgrade.py b/plogical/upgrade.py index c329f5438..58a2f2d17 100755 --- a/plogical/upgrade.py +++ b/plogical/upgrade.py @@ -1939,6 +1939,10 @@ echo $oConfig->Save() ? 'Done' : 'Error'; Upgrade.executioner(command, 'Install PHP 74, 0') + if Upgrade.installedOutput.find('lsphp80') == -1: + command = 'yum install lsphp80*' + subprocess.call(command, shell=True) + except: command = 'DEBIAN_FRONTEND=noninteractive apt-get -y install ' \ 'lsphp7? lsphp7?-common lsphp7?-curl lsphp7?-dev lsphp7?-imap lsphp7?-intl lsphp7?-json ' \ @@ -1946,6 +1950,13 @@ echo $oConfig->Save() ? 'Done' : 'Error'; 'lsphp7?-sqlite3 lsphp7?-tidy' Upgrade.executioner(command, 'Install PHP 73, 0') + command = 'DEBIAN_FRONTEND=noninteractive apt-get -y install ' \ + 'lsphp8? lsphp8?-common lsphp8?-curl lsphp8?-dev lsphp8?-imap lsphp8?-intl lsphp8?-json ' \ + 'lsphp8?-ldap lsphp8?-mysql lsphp8?-opcache lsphp8?-pspell lsphp8?-recode ' \ + 'lsphp8?-sqlite8 lsphp8?-tidy' + + Upgrade.executioner(command, 'Install PHP 80, 0') + CentOSPath = '/etc/redhat-release' if not os.path.exists(CentOSPath): From 8a5f28f70a29636a40e9b4dacd50965a771fd865 Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Thu, 3 Dec 2020 10:58:19 +0500 Subject: [PATCH 6/9] temp: bypass php8.0 fail on ubuntu --- install/installCyberPanel.py | 2 +- plogical/upgrade.py | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/install/installCyberPanel.py b/install/installCyberPanel.py index c16a1af1c..7bf6d1bf8 100755 --- a/install/installCyberPanel.py +++ b/install/installCyberPanel.py @@ -199,7 +199,7 @@ class InstallCyberPanel: res = os.system(command) if res != 0: - InstallCyberPanel.stdOut("Failed to install PHP on Ubuntu.", 1, 1) + InstallCyberPanel.stdOut("Failed to install PHP on Ubuntu.", 1, 0) elif self.distro == centos: command = 'yum -y groupinstall lsphp-all' diff --git a/plogical/upgrade.py b/plogical/upgrade.py index 58a2f2d17..ff30343f3 100755 --- a/plogical/upgrade.py +++ b/plogical/upgrade.py @@ -1923,7 +1923,6 @@ echo $oConfig->Save() ? 'Done' : 'Error'; @staticmethod def installPHP73(): try: - if Upgrade.installedOutput.find('lsphp73') == -1: command = 'yum install -y lsphp73 lsphp73-json lsphp73-xmlrpc lsphp73-xml lsphp73-tidy lsphp73-soap lsphp73-snmp ' \ 'lsphp73-recode lsphp73-pspell lsphp73-process lsphp73-pgsql lsphp73-pear lsphp73-pdo lsphp73-opcache ' \ From 78842d28a76312080956b91eb12def5515abefa0 Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Thu, 3 Dec 2020 10:58:34 +0500 Subject: [PATCH 7/9] temp: bypass php8.0 fail on ubuntu --- install/installCyberPanel.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/install/installCyberPanel.py b/install/installCyberPanel.py index 7bf6d1bf8..8a67dec79 100755 --- a/install/installCyberPanel.py +++ b/install/installCyberPanel.py @@ -199,7 +199,7 @@ class InstallCyberPanel: res = os.system(command) if res != 0: - InstallCyberPanel.stdOut("Failed to install PHP on Ubuntu.", 1, 0) + InstallCyberPanel.stdOut("Failed to install PHP on Ubuntu.", 0, 1) elif self.distro == centos: command = 'yum -y groupinstall lsphp-all' From 5e983996d301603b635878da8736d56acfadef04 Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Thu, 3 Dec 2020 11:04:06 +0500 Subject: [PATCH 8/9] temp: bypass php8.0 fail on ubuntu --- install/installCyberPanel.py | 2 +- plogical/upgrade.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/install/installCyberPanel.py b/install/installCyberPanel.py index 8a67dec79..e689ea660 100755 --- a/install/installCyberPanel.py +++ b/install/installCyberPanel.py @@ -241,7 +241,7 @@ class InstallCyberPanel: install.preFlightsChecks.call(command, self.distro, command, command, 1, 0, os.EX_OSERR) - command = 'yum install lsphp80*' + command = 'yum install lsphp80* -y' subprocess.call(command, shell=True) if self.distro == cent8: diff --git a/plogical/upgrade.py b/plogical/upgrade.py index ff30343f3..6fb7526e6 100755 --- a/plogical/upgrade.py +++ b/plogical/upgrade.py @@ -1939,7 +1939,7 @@ echo $oConfig->Save() ? 'Done' : 'Error'; Upgrade.executioner(command, 'Install PHP 74, 0') if Upgrade.installedOutput.find('lsphp80') == -1: - command = 'yum install lsphp80*' + command = 'yum install lsphp80* -y' subprocess.call(command, shell=True) except: From be9126505cb3e5a17a517d5f7084b2fd2d8313dc Mon Sep 17 00:00:00 2001 From: Usman Nasir Date: Thu, 3 Dec 2020 11:40:45 +0500 Subject: [PATCH 9/9] temp: bypass php8.0 fail on ubuntu --- install/installCyberPanel.py | 13 +++---------- plogical/upgrade.py | 8 ++------ 2 files changed, 5 insertions(+), 16 deletions(-) diff --git a/install/installCyberPanel.py b/install/installCyberPanel.py index e689ea660..e4fae3f19 100755 --- a/install/installCyberPanel.py +++ b/install/installCyberPanel.py @@ -188,18 +188,11 @@ class InstallCyberPanel: 'lsphp7?-ldap lsphp7?-mysql lsphp7?-opcache lsphp7?-pspell lsphp7?-recode ' \ 'lsphp7?-sqlite3 lsphp7?-tidy' - res = os.system(command) - if res != 0: - InstallCyberPanel.stdOut("Failed to install PHP on Ubuntu.", 1, 1) + os.system(command) - command = 'DEBIAN_FRONTEND=noninteractive apt-get -y install ' \ - 'lsphp8? lsphp8?-common lsphp8?-curl lsphp8?-dev lsphp8?-imap lsphp8?-intl lsphp8?-json ' \ - 'lsphp8?-ldap lsphp8?-mysql lsphp8?-opcache lsphp8?-pspell lsphp8?-recode ' \ - 'lsphp8?-sqlite8 lsphp8?-tidy' + command = 'DEBIAN_FRONTEND=noninteractive apt-get -y install lsphp80*' + os.system(command) - res = os.system(command) - if res != 0: - InstallCyberPanel.stdOut("Failed to install PHP on Ubuntu.", 0, 1) elif self.distro == centos: command = 'yum -y groupinstall lsphp-all' diff --git a/plogical/upgrade.py b/plogical/upgrade.py index 6fb7526e6..9ff26da23 100755 --- a/plogical/upgrade.py +++ b/plogical/upgrade.py @@ -1949,12 +1949,8 @@ echo $oConfig->Save() ? 'Done' : 'Error'; 'lsphp7?-sqlite3 lsphp7?-tidy' Upgrade.executioner(command, 'Install PHP 73, 0') - command = 'DEBIAN_FRONTEND=noninteractive apt-get -y install ' \ - 'lsphp8? lsphp8?-common lsphp8?-curl lsphp8?-dev lsphp8?-imap lsphp8?-intl lsphp8?-json ' \ - 'lsphp8?-ldap lsphp8?-mysql lsphp8?-opcache lsphp8?-pspell lsphp8?-recode ' \ - 'lsphp8?-sqlite8 lsphp8?-tidy' - - Upgrade.executioner(command, 'Install PHP 80, 0') + command = 'DEBIAN_FRONTEND=noninteractive apt-get -y install lsphp80*' + os.system(command) CentOSPath = '/etc/redhat-release'