-
-
+
-
+
-
-
{% trans "Operation successful." %}
-
+
+
{% trans "Operation successful." %}
+
-
-
{% trans "Could not connect. Please refresh this page." %}
-
+
+
{% trans "Could not connect. Please refresh this page." %}
+
-
-
{% trans "Installation failed." %} {$ errorMessage $}
-
+
+
{% trans "Operation failed, Error message: " %} {$ errorMessage $}
+
-
-
{% trans "Operation successful, refreshing page in 3 seconds.." %}
-
-
+
+
{% trans "Operation successful." %}
+
+
+
+
+
+
+
+
diff --git a/firewall/urls.py b/firewall/urls.py
index 2518da113..d580b7632 100644
--- a/firewall/urls.py
+++ b/firewall/urls.py
@@ -36,6 +36,8 @@ urlpatterns = [
url(r'^modSecRulesPacks', views.modSecRulesPacks, name='modSecRulesPacks'),
url(r'^getOWASPAndComodoStatus', views.getOWASPAndComodoStatus, name='getOWASPAndComodoStatus'),
url(r'^installModSecRulesPack', views.installModSecRulesPack, name='installModSecRulesPack'),
+ url(r'^getRulesFiles', views.getRulesFiles, name='getRulesFiles'),
+ url(r'^enableDisableRuleFile', views.enableDisableRuleFile, name='enableDisableRuleFile'),
diff --git a/firewall/views.py b/firewall/views.py
index 0bf63eece..056520cac 100644
--- a/firewall/views.py
+++ b/firewall/views.py
@@ -1121,3 +1121,107 @@ def installModSecRulesPack(request):
json_data = json.dumps(data_ret)
return HttpResponse(json_data)
+def getRulesFiles(request):
+ try:
+ val = request.session['userID']
+ try:
+ if request.method == 'POST':
+
+
+ data = json.loads(request.body)
+ packName = data['packName']
+
+ confPath = os.path.join(virtualHostUtilities.Server_root, 'conf/httpd_config.conf')
+
+ command = "sudo cat " + confPath
+ httpdConfig = subprocess.check_output(shlex.split(command)).splitlines()
+
+ json_data = "["
+ checker = 0
+ counter = 0
+
+ for items in httpdConfig:
+
+ if items.find('modsec/'+packName) > -1:
+ counter = counter + 1
+ if items[0] == '#':
+ status = False
+ else:
+ status = True
+
+ fileName = items.lstrip('#')
+ fileName = fileName.split('/')[-1]
+
+ dic = {
+ 'id': counter,
+ 'fileName': fileName,
+ 'packName':packName,
+ 'status': status,
+
+ }
+
+ if checker == 0:
+ json_data = json_data + json.dumps(dic)
+ checker = 1
+ else:
+ json_data = json_data + ',' + json.dumps(dic)
+
+
+ json_data = json_data + ']'
+ final_json = json.dumps({'fetchStatus': 1, 'error_message': "None","data":json_data})
+ return HttpResponse(final_json)
+
+ except BaseException,msg:
+ final_dic = {'fetchStatus': 0, 'error_message': str(msg)}
+ final_json = json.dumps(final_dic)
+
+ return HttpResponse(final_json)
+ except KeyError:
+ final_dic = {'fetchStatus': 0, 'error_message': "Not Logged In, please refresh the page or login again."}
+ final_json = json.dumps(final_dic)
+ return HttpResponse(final_json)
+
+def enableDisableRuleFile(request):
+ try:
+ val = request.session['userID']
+ try:
+ if request.method == 'POST':
+
+ data = json.loads(request.body)
+
+ packName = data['packName']
+ fileName = data['fileName']
+ currentStatus = data['status']
+
+ if currentStatus == True:
+ functionName = 'disableRuleFile'
+ else:
+ functionName = 'enableRuleFile'
+
+
+ execPath = "sudo python " + virtualHostUtilities.cyberPanel + "/plogical/modSec.py"
+
+ execPath = execPath + " " + functionName + ' --packName ' + packName + ' --fileName ' + fileName
+
+ output = subprocess.check_output(shlex.split(execPath))
+
+ if output.find("1,None") > -1:
+ installUtilities.reStartLiteSpeed()
+ data_ret = {'saveStatus': 1, 'error_message': "None"}
+ json_data = json.dumps(data_ret)
+ return HttpResponse(json_data)
+ else:
+ data_ret = {'saveStatus': 0, 'error_message': output}
+ json_data = json.dumps(data_ret)
+ return HttpResponse(json_data)
+
+
+ except BaseException,msg:
+ data_ret = {'saveStatus': 0, 'error_message': str(msg)}
+ json_data = json.dumps(data_ret)
+ return HttpResponse(json_data)
+ except BaseException, msg:
+ data_ret = {'saveStatus': 0, 'error_message': str(msg)}
+ json_data = json.dumps(data_ret)
+ return HttpResponse(json_data)
+
diff --git a/plogical/modSec.py b/plogical/modSec.py
index 0849c98aa..ac037404f 100644
--- a/plogical/modSec.py
+++ b/plogical/modSec.py
@@ -389,6 +389,53 @@ modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp/rules/RESPONSE-999-EXCL
str(msg) + " [disableOWASP]")
print "0," + str(msg)
+ @staticmethod
+ def disableRuleFile(fileName, packName):
+ try:
+
+ confFile = os.path.join(virtualHostUtilities.Server_root, "conf/httpd_config.conf")
+ confData = open(confFile).readlines()
+ conf = open(confFile, 'w')
+
+ for items in confData:
+ if items.find('modsec/'+packName) > -1 and items.find(fileName) > -1:
+ conf.write("#" + items)
+ else:
+ conf.writelines(items)
+
+ conf.close()
+
+ print "1,None"
+
+ except BaseException, msg:
+ logging.CyberCPLogFileWriter.writeToFile(
+ str(msg) + " [disableRuleFile]")
+ print "0," + str(msg)
+
+ @staticmethod
+ def enableRuleFile(fileName, packName):
+ try:
+
+ confFile = os.path.join(virtualHostUtilities.Server_root, "conf/httpd_config.conf")
+ confData = open(confFile).readlines()
+ conf = open(confFile, 'w')
+
+ for items in confData:
+ if items.find('modsec/' + packName) > -1 and items.find(fileName) > -1:
+ conf.write(items.lstrip('#'))
+ else:
+ conf.writelines(items)
+
+ conf.close()
+
+ print "1,None"
+
+ except BaseException, msg:
+ logging.CyberCPLogFileWriter.writeToFile(
+ str(msg) + " [enableRuleFile]")
+ print "0," + str(msg)
+
+
@@ -399,6 +446,8 @@ def main():
parser.add_argument('function', help='Specific a function to call!')
parser.add_argument('--tempConfigPath', help='Temporary path to configurations data!')
+ parser.add_argument('--packName', help='ModSecurity supplier name!')
+ parser.add_argument('--fileName', help='Filename to enable or disable!')
args = parser.parse_args()
@@ -420,6 +469,10 @@ def main():
modSec.installComodo()
elif args.function == "disableComodo":
modSec.disableComodo()
+ elif args.function == "disableRuleFile":
+ modSec.disableRuleFile(args.fileName, args.packName)
+ elif args.function == "enableRuleFile":
+ modSec.enableRuleFile(args.fileName, args.packName)
if __name__ == "__main__":
main()
\ No newline at end of file
diff --git a/static/firewall/firewall.js b/static/firewall/firewall.js
index 271af3a44..c0a25cf7d 100644
--- a/static/firewall/firewall.js
+++ b/static/firewall/firewall.js
@@ -1252,8 +1252,9 @@ app.controller('modSecRulesPack', function($scope, $http, $timeout, $window) {
$scope.couldNotConnect = true;
$scope.installationFailed = true;
$scope.installationSuccess = true;
+ $scope.ruleFiles = true;
- ///// ModSec configs
+ /////
var owaspInstalled = false;
var comodoInstalled = false;
@@ -1262,25 +1263,27 @@ app.controller('modSecRulesPack', function($scope, $http, $timeout, $window) {
$('#owaspInstalled').change(function() {
- counterOWASP = counterOWASP + 1;
+
owaspInstalled = $(this).prop('checked');
+ $scope.ruleFiles = true;
-
- if(counterOWASP > 2) {
+ if(counterOWASP !== 0) {
if (owaspInstalled === true) {
installModSecRulesPack('installOWASP');
} else {
installModSecRulesPack('disableOWASP')
}
}
+
+ counterOWASP = counterOWASP + 1;
});
$('#comodoInstalled').change(function() {
- counterComodo = counterComodo + 1;
+ $scope.ruleFiles = true;
comodoInstalled = $(this).prop('checked');
- if(counterComodo > 2) {
+ if(counterComodo !== 0) {
if (comodoInstalled === true) {
installModSecRulesPack('installComodo');
@@ -1289,16 +1292,16 @@ app.controller('modSecRulesPack', function($scope, $http, $timeout, $window) {
}
}
+ counterComodo = counterComodo + 1;
+
});
- getOWASPAndComodoStatus();
- function getOWASPAndComodoStatus(){
+ getOWASPAndComodoStatus(true);
+ function getOWASPAndComodoStatus(updateToggle){
$scope.modsecLoading = false;
- $('#owaspInstalled').bootstrapToggle('off');
- $('#comodoInstalled').bootstrapToggle('off');
url = "/firewall/getOWASPAndComodoStatus";
@@ -1321,20 +1324,35 @@ app.controller('modSecRulesPack', function($scope, $http, $timeout, $window) {
if(response.data.modSecInstalled === 1){
+ if (updateToggle === true){
+
if (response.data.owaspInstalled === 1) {
$('#owaspInstalled').bootstrapToggle('on');
$scope.owaspDisable = false;
- }else{
+ } else {
$('#owaspInstalled').bootstrapToggle('off');
$scope.owaspDisable = true;
}
if (response.data.comodoInstalled === 1) {
$('#comodoInstalled').bootstrapToggle('on');
$scope.comodoDisable = false;
- }else{
+ } else {
$('#comodoInstalled').bootstrapToggle('off');
$scope.comodoDisable = true;
}
+ }else{
+
+ if (response.data.owaspInstalled === 1) {
+ $scope.owaspDisable = false;
+ } else {
+ $scope.owaspDisable = true;
+ }
+ if (response.data.comodoInstalled === 1) {
+ $scope.comodoDisable = false;
+ } else {
+ $scope.comodoDisable = true;
+ }
+ }
}
@@ -1351,8 +1369,6 @@ app.controller('modSecRulesPack', function($scope, $http, $timeout, $window) {
$scope.modsecLoading = false;
-
-
url = "/firewall/installModSecRulesPack";
var data = {
@@ -1384,7 +1400,7 @@ app.controller('modSecRulesPack', function($scope, $http, $timeout, $window) {
$scope.installationFailed = true;
$scope.installationSuccess = false;
- $timeout(function() { $window.location.reload(); }, 3000);
+ getOWASPAndComodoStatus(false);
}else{
$scope.modsecLoading = true;
@@ -1414,6 +1430,136 @@ app.controller('modSecRulesPack', function($scope, $http, $timeout, $window) {
}
+ /////
+
+ $scope.fetchRulesFile = function (packName) {
+
+ $scope.modsecLoading = false;
+ $scope.ruleFiles = false;
+ $scope.installationQuote = true;
+ $scope.couldNotConnect = true;
+ $scope.installationFailed = true;
+ $scope.installationSuccess = true;
+
+ url = "/firewall/getRulesFiles";
+
+ var data = {
+ packName:packName
+ };
+
+ var config = {
+ headers : {
+ 'X-CSRFToken': getCookie('csrftoken')
+ }
+ };
+
+
+
+ $http.post(url, data,config).then(ListInitialDatas, cantLoadInitialDatas);
+
+
+ function ListInitialDatas(response) {
+
+ $scope.modsecLoading = true;
+
+ if(response.data.fetchStatus === 1){
+ $scope.records = JSON.parse(response.data.data);
+ $scope.installationQuote = true;
+ $scope.couldNotConnect = true;
+ $scope.installationFailed = true;
+ $scope.installationSuccess = false;
+
+ }
+ else{
+ $scope.installationQuote = true;
+ $scope.couldNotConnect = true;
+ $scope.installationFailed = false;
+ $scope.installationSuccess = true;
+ $scope.errorMessage = response.data.error_message;
+ }
+
+ }
+ function cantLoadInitialDatas(response) {
+ $scope.modsecLoading = true;
+ $scope.installationQuote = true;
+ $scope.couldNotConnect = false;
+ $scope.installationFailed = true;
+ $scope.installationSuccess = true;
+ }
+
+ };
+
+
+ $scope.removeRuleFile = function (fileName, packName, status) {
+
+ $scope.modsecLoading = false;
+
+
+
+ url = "/firewall/enableDisableRuleFile";
+
+ var data = {
+ packName:packName,
+ fileName:fileName,
+ status:status
+ };
+
+ var config = {
+ headers : {
+ 'X-CSRFToken': getCookie('csrftoken')
+ }
+ };
+
+
+ $http.post(url, data,config).then(ListInitialDatas, cantLoadInitialDatas);
+
+
+ function ListInitialDatas(response) {
+
+ $scope.modsecLoading = true;
+
+ if(response.data.saveStatus === 1){
+
+ $scope.modsecLoading = true;
+
+ //
+
+ $scope.installationQuote = true;
+ $scope.couldNotConnect = true;
+ $scope.installationFailed = true;
+ $scope.installationSuccess = false;
+
+ $scope.fetchRulesFile(packName);
+
+ }else{
+ $scope.modsecLoading = true;
+
+ //
+
+ $scope.installationQuote = true;
+ $scope.couldNotConnect = true;
+ $scope.installationFailed = false;
+ $scope.installationSuccess = true;
+
+ $scope.errorMessage = response.data.error_message;
+ }
+
+ }
+ function cantLoadInitialDatas(response) {
+ $scope.modsecLoading = true;
+
+ //
+
+ $scope.installationQuote = true;
+ $scope.couldNotConnect = false;
+ $scope.installationFailed = true;
+ $scope.installationSuccess = true;
+ }
+
+ }
+
+
+
});