CyberPanel

Nemcio/CyberPanel

Fork 0

mirror of https://github.com/usmannasir/cyberpanel.git synced 2026-02-14 18:46:47 +01:00

Commit Graph

Author	SHA1	Message	Date
usmannasir	3fc1aba229	fix: update custom OLS binaries and add ModSecurity compatibility - Update SHA256 checksums for December 2025 OLS build (v1.8.4.1) - Add RHEL8 module support (cyberpanel_ols_x86_64_rhel8.so) - Add compatible ModSecurity binaries to prevent ABI crashes - Auto-detect and replace ModSecurity when custom OLS is installed - Add auto-rollback feature if new binary fails to start - Fix OWASP CRS UI toggle detection with multi-location checks Features included in new binaries: - PHPConfig support (.htaccess php_value/php_flag) - Origin header forwarding (CORS/WebSocket support) - Header unset fix (uses remove_resp_header API) - Static linking for cross-platform compatibility Platforms supported: - Ubuntu 22.04+/Debian 12+ (ubuntu-static) - AlmaLinux/Rocky/RHEL 9.x (rhel9-static) - AlmaLinux/Rocky/RHEL 8.x (rhel8-static)	2025-12-27 21:07:16 +05:00
usmannasir	ae020ece7b	Fix OWASP CRS UI toggle state issues and improve installation reliability This commit resolves issues where the OWASP CRS toggle in ModSecurity settings would appear to flip back to OFF even when installation succeeded, and improves detection of manually installed OWASP CRS rules. Issues Fixed: 1. Toggle not updating immediately after installation/uninstallation 2. Manual OWASP installations to rules.conf not detected by toggle 3. Silent installation failures without detailed error logging Changes: firewall/static/firewall/firewall.js: - Update toggle state immediately after successful installation (getOWASPAndComodoStatus(true)) - Update toggle state after failed installation to show correct OFF state - Provides instant visual feedback instead of requiring page refresh firewall/firewallManager.py (getOWASPAndComodoStatus): - Expand detection logic to check both httpd_config.conf AND rules.conf - Detect manual OWASP installations (Include/modsecurity_rules_file with owasp/crs-setup) - Case-insensitive pattern matching for better compatibility plogical/modSec.py (setupOWASPRules): - Add specific error logging for each installation step failure - Log detailed messages: directory creation, download, extraction, configuration - Helps diagnose: network issues, missing tools (wget/unzip), permission problems Impact: - Toggle correctly reflects OWASP CRS state after enable/disable operations - Manual installations following external tutorials now detected correctly - Installation failures are logged with specific error messages for debugging - Improves UX by eliminating perception that "toggle keeps flipping back" Fixes: OWASP CRS toggle UI bug Related: Community thread https://community.cyberpanel.net/t/4-mod-security-rules-packages/133/8 Related: Ticket #GTPDPO7EV	2025-11-24 01:53:36 +05:00
usmannasir	6dd7114f6d	Initial commit for v2.4.3	2025-08-01 14:56:30 +05:00

Author

SHA1

Message

Date

usmannasir

3fc1aba229

fix: update custom OLS binaries and add ModSecurity compatibility

- Update SHA256 checksums for December 2025 OLS build (v1.8.4.1)
- Add RHEL8 module support (cyberpanel_ols_x86_64_rhel8.so)
- Add compatible ModSecurity binaries to prevent ABI crashes
- Auto-detect and replace ModSecurity when custom OLS is installed
- Add auto-rollback feature if new binary fails to start
- Fix OWASP CRS UI toggle detection with multi-location checks

Features included in new binaries:
- PHPConfig support (.htaccess php_value/php_flag)
- Origin header forwarding (CORS/WebSocket support)
- Header unset fix (uses remove_resp_header API)
- Static linking for cross-platform compatibility

Platforms supported:
- Ubuntu 22.04+/Debian 12+ (ubuntu-static)
- AlmaLinux/Rocky/RHEL 9.x (rhel9-static)
- AlmaLinux/Rocky/RHEL 8.x (rhel8-static)

2025-12-27 21:07:16 +05:00

usmannasir

ae020ece7b

Fix OWASP CRS UI toggle state issues and improve installation reliability

This commit resolves issues where the OWASP CRS toggle in ModSecurity settings
would appear to flip back to OFF even when installation succeeded, and improves
detection of manually installed OWASP CRS rules.

Issues Fixed:
1. Toggle not updating immediately after installation/uninstallation
2. Manual OWASP installations to rules.conf not detected by toggle
3. Silent installation failures without detailed error logging

Changes:

firewall/static/firewall/firewall.js:
- Update toggle state immediately after successful installation (getOWASPAndComodoStatus(true))
- Update toggle state after failed installation to show correct OFF state
- Provides instant visual feedback instead of requiring page refresh

firewall/firewallManager.py (getOWASPAndComodoStatus):
- Expand detection logic to check both httpd_config.conf AND rules.conf
- Detect manual OWASP installations (Include/modsecurity_rules_file with owasp/crs-setup)
- Case-insensitive pattern matching for better compatibility

plogical/modSec.py (setupOWASPRules):
- Add specific error logging for each installation step failure
- Log detailed messages: directory creation, download, extraction, configuration
- Helps diagnose: network issues, missing tools (wget/unzip), permission problems

Impact:
- Toggle correctly reflects OWASP CRS state after enable/disable operations
- Manual installations following external tutorials now detected correctly
- Installation failures are logged with specific error messages for debugging
- Improves UX by eliminating perception that "toggle keeps flipping back"

Fixes: OWASP CRS toggle UI bug
Related: Community thread https://community.cyberpanel.net/t/4-mod-security-rules-packages/133/8
Related: Ticket #GTPDPO7EV

2025-11-24 01:53:36 +05:00

usmannasir

6dd7114f6d

Initial commit for v2.4.3

2025-08-01 14:56:30 +05:00

3 Commits