Permalink
Browse files

security fix / thanks to Christopher Tarquini

  • Loading branch information...
Serghey Rodin
Serghey Rodin committed Nov 21, 2017
1 parent ba14a64 commit 757e06560266b99a7b09fe0b385a79fc544d6f16
Showing 636 changed files with 680 additions and 637 deletions.
@@ -1,6 +1,6 @@
#!/bin/bash
# info: add password protection to web domain statistics
# options: USER DOMAIN STATS_USER STATS_PASSWORD
# options: USER DOMAIN STATS_USER STATS_PASSWORD [RESTART]
#
# The call is used for securing the web statistics page.
@@ -14,6 +14,7 @@ user=$1
domain=$2
stats_user=$3
password=$4; HIDE=4
restart=$5
# Includes
source $VESTA/func/main.sh
@@ -25,7 +26,7 @@ source $VESTA/conf/vesta.conf
# Verifications #
#----------------------------------------------------------#
check_args '4' "$#" 'USER DOMAIN STATS_USER STATS_PASS'
check_args '4' "$#" 'USER DOMAIN STATS_USER STATS_PASS [RESTART]'
is_format_valid 'user' 'domain' 'stats_user'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_object_valid 'user' 'USER' "$user"
@@ -41,11 +42,12 @@ is_password_valid
# Defining statistic dir
stats_dir="$HOMEDIR/$user/web/$domain/stats"
conf_dir="$HOMEDIR/$user/conf/web"
# Adding htaccess file
if [ "$WEB_SYSTEM" = 'nginx' ]; then
echo "auth_basic \"Web Statistics\";" > $stats_dir/auth.conf
echo "auth_basic_user_file $stats_dir/.htpasswd;" >> $stats_dir/auth.conf
echo "auth_basic \"Web Statistics\";" > $conf_dir/$domain.auth
echo "auth_basic_user_file $stats_dir/.htpasswd;" >> $conf_dir/$domain.auth
else
echo "AuthUserFile $stats_dir/.htpasswd" > $stats_dir/.htaccess
echo "AuthName \"Web Statistics\"" >> $stats_dir/.htaccess
@@ -67,6 +69,12 @@ echo "$stats_user:$stats_pass" > $stats_dir/.htpasswd
update_object_value 'web' 'DOMAIN' "$domain" '$STATS_USER' "$stats_user"
update_object_value 'web' 'DOMAIN' "$domain" '$STATS_CRYPT' "$stats_pass"
# Restarting web server
if [ "$WEB_SYSTEM" = 'nginx' ]; then
$BIN/v-restart-web $restart
check_result $? "Web restart failed" >/dev/null
fi
# Logging
log_history "added password protection for web stats on $domain"
log_event "$OK" "$ARGUMENTS"
@@ -1,6 +1,6 @@
#!/bin/bash
# info: disable webdomain stats authentication support
# options: USER DOMAIN
# options: USER DOMAIN [RESTART]
#
# The function removes authentication of statistics system. If the script is
# called without naming a certain user, all users will be removed. After
@@ -15,6 +15,7 @@
# Argument definition
user=$1
domain=$(idn -t --quiet -u "$2" )
restart=$3
# Includes
source $VESTA/func/main.sh
@@ -26,7 +27,7 @@ source $VESTA/conf/vesta.conf
# Verifications #
#----------------------------------------------------------#
check_args '2' "$#" 'USER DOMAIN'
check_args '2' "$#" 'USER DOMAIN [RESTART]'
is_format_valid 'user' 'domain'
is_system_enabled "$WEB_SYSTEM" 'WEB_SYSTEM'
is_object_valid 'user' 'USER' "$user"
@@ -44,6 +45,14 @@ is_object_value_exist 'web' 'DOMAIN' "$domain" '$STATS_USER'
rm -f $HOMEDIR/$user/web/$domain/stats/.htpasswd
rm -f $HOMEDIR/$user/web/$domain/stats/.htaccess
# Deleting nginx auth config
if [ "$WEB_SYSTEM" = 'nginx' ]; then
conf_dir="$HOMEDIR/$user/conf/web"
rm -f $conf_dir/$domain.auth 2>/dev/null
$BIN/v-restart-web $restart
check_result $? "Web restart failed" >/dev/null
fi
#----------------------------------------------------------#
# Vesta #
@@ -61,7 +61,7 @@ fi
for domain in $($BIN/v-list-web-domains $user plain |cut -f 1); do
if [ ! -z "$WEB_BACKEND" ]; then
template=$(get_object_value 'web' 'DOMAIN' "$domain" '$BACKEND')
$BIN/v-add-web-domain-backend $user $domain $template
$BIN/v-add-web-domain-backend $user $domain $template $restart
fi
rebuild_web_domain_conf
done
@@ -45,7 +45,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -41,7 +41,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -50,7 +50,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -46,7 +46,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -45,7 +45,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -41,7 +41,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -116,7 +116,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -112,7 +112,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -44,7 +44,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -40,7 +40,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -61,7 +61,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -56,7 +56,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -90,7 +90,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -87,7 +87,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -90,7 +90,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -87,7 +87,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -91,7 +91,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -88,7 +88,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -52,7 +52,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -48,7 +48,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -45,7 +45,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -39,7 +39,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -187,7 +187,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -183,7 +183,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -58,7 +58,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -54,7 +54,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -79,7 +79,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -76,7 +76,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -36,7 +36,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -32,7 +32,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -59,7 +59,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -55,7 +55,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
@@ -74,7 +74,7 @@ server {
location /vstats/ {
alias %home%/%user%/web/%domain%/stats/;
include %home%/%user%/web/%domain%/stats/auth.conf*;
include %home%/%user%/conf/web/%domain%.auth
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
Oops, something went wrong.

0 comments on commit 757e065

Please sign in to comment.