Skip to content

Commit 888aec2

Browse files
usmannasirusmannasir
committed
added support for LiteSpeed Ent for OWASP and updated the rules, ref #653 
1 parent 89ab69a commit 888aec2

File tree

2 files changed

+176
-116
lines changed

2 files changed

+176
-116
lines changed

firewall/firewallManager.py

Lines changed: 110 additions & 70 deletions
Original file line numberDiff line numberDiff line change
@@ -1048,6 +1048,14 @@ def getOWASPAndComodoStatus(self, userID = None, data = None):
10481048
except subprocess.CalledProcessError:
10491049
pass
10501050

1051+
try:
1052+
command = 'cat /usr/local/lsws/conf/modsec.conf'
1053+
output = ProcessUtilities.outputExecutioner(command)
1054+
if output.find('modsec/owasp') > -1:
1055+
owaspInstalled = 1
1056+
except:
1057+
pass
1058+
10511059
final_dic = {
10521060
'modSecInstalled': 1,
10531061
'owaspInstalled': owaspInstalled,
@@ -1089,9 +1097,9 @@ def installModSecRulesPack(self, userID = None, data = None):
10891097
json_data = json.dumps(data_ret)
10901098
return HttpResponse(json_data)
10911099
else:
1092-
if packName == 'disableOWASP' or packName == 'installOWASP':
1093-
final_json = json.dumps({'installStatus': 0, 'error_message': "OWASP will be available later.", })
1094-
return HttpResponse(final_json)
1100+
# if packName == 'disableOWASP' or packName == 'installOWASP':
1101+
# final_json = json.dumps({'installStatus': 0, 'error_message': "OWASP will be available later.", })
1102+
# return HttpResponse(final_json)
10951103

10961104
execPath = "/usr/local/CyberCP/bin/python " + virtualHostUtilities.cyberPanel + "/plogical/modSec.py"
10971105
execPath = execPath + " " + packName
@@ -1122,70 +1130,26 @@ def getRulesFiles(self, userID = None, data = None):
11221130

11231131
packName = data['packName']
11241132

1125-
if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
1126-
confPath = os.path.join('/usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf')
1133+
confPath = os.path.join('/usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf')
11271134

1128-
command = "sudo cat " + confPath
1129-
httpdConfig = ProcessUtilities.outputExecutioner(command).splitlines()
1130-
1131-
json_data = "["
1132-
checker = 0
1133-
counter = 0
1134-
1135-
for items in httpdConfig:
1136-
1137-
if items.find('modsec/' + packName) > -1:
1138-
counter = counter + 1
1139-
if items[0] == '#':
1140-
status = False
1141-
else:
1142-
status = True
1143-
1144-
fileName = items.lstrip('#')
1145-
fileName = fileName.split('/')[-1]
1146-
1147-
dic = {
1148-
'id': counter,
1149-
'fileName': fileName,
1150-
'packName': packName,
1151-
'status': status,
1152-
1153-
}
1154-
1155-
if checker == 0:
1156-
json_data = json_data + json.dumps(dic)
1157-
checker = 1
1158-
else:
1159-
json_data = json_data + ',' + json.dumps(dic)
1160-
1161-
json_data = json_data + ']'
1162-
final_json = json.dumps({'fetchStatus': 1, 'error_message': "None", "data": json_data})
1163-
return HttpResponse(final_json)
1164-
else:
1165-
if packName == 'owasp':
1166-
final_json = json.dumps({'fetchStatus': 0, 'error_message': "OWASP will be available later.", })
1167-
return HttpResponse(final_json)
1168-
1169-
comodoPath = '/usr/local/lsws/conf/comodo_litespeed'
1170-
command = 'sudo chown -R cyberpanel:cyberpanel /usr/local/lsws/conf'
1171-
ProcessUtilities.executioner(command)
1172-
1173-
json_data = "["
1135+
command = "sudo cat " + confPath
1136+
httpdConfig = ProcessUtilities.outputExecutioner(command).splitlines()
11741137

1175-
counter = 0
1176-
checker = 0
1177-
for fileName in os.listdir(comodoPath):
1138+
json_data = "["
1139+
checker = 0
1140+
counter = 0
11781141

1179-
if fileName == 'categories.conf':
1180-
continue
1142+
for items in httpdConfig:
11811143

1182-
if fileName.endswith('bak'):
1183-
status = 0
1184-
fileName = fileName.rstrip('.bak')
1185-
elif fileName.endswith('conf'):
1186-
status = 1
1144+
if items.find('modsec/' + packName) > -1:
1145+
counter = counter + 1
1146+
if items[0] == '#':
1147+
status = False
11871148
else:
1188-
continue
1149+
status = True
1150+
1151+
fileName = items.lstrip('#')
1152+
fileName = fileName.split('/')[-1]
11891153

11901154
dic = {
11911155
'id': counter,
@@ -1195,20 +1159,96 @@ def getRulesFiles(self, userID = None, data = None):
11951159

11961160
}
11971161

1198-
counter = counter + 1
1199-
12001162
if checker == 0:
12011163
json_data = json_data + json.dumps(dic)
12021164
checker = 1
12031165
else:
12041166
json_data = json_data + ',' + json.dumps(dic)
12051167

1206-
command = 'sudo chown -R lsadm:lsadm /usr/local/lsws/conf'
1207-
ProcessUtilities.executioner(command)
1168+
json_data = json_data + ']'
1169+
final_json = json.dumps({'fetchStatus': 1, 'error_message': "None", "data": json_data})
1170+
return HttpResponse(final_json)
12081171

1209-
json_data = json_data + ']'
1210-
final_json = json.dumps({'fetchStatus': 1, 'error_message': "None", "data": json_data})
1211-
return HttpResponse(final_json)
1172+
# if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
1173+
# confPath = os.path.join('/usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf')
1174+
#
1175+
# command = "sudo cat " + confPath
1176+
# httpdConfig = ProcessUtilities.outputExecutioner(command).splitlines()
1177+
#
1178+
# json_data = "["
1179+
# checker = 0
1180+
# counter = 0
1181+
#
1182+
# for items in httpdConfig:
1183+
#
1184+
# if items.find('modsec/' + packName) > -1:
1185+
# counter = counter + 1
1186+
# if items[0] == '#':
1187+
# status = False
1188+
# else:
1189+
# status = True
1190+
#
1191+
# fileName = items.lstrip('#')
1192+
# fileName = fileName.split('/')[-1]
1193+
#
1194+
# dic = {
1195+
# 'id': counter,
1196+
# 'fileName': fileName,
1197+
# 'packName': packName,
1198+
# 'status': status,
1199+
#
1200+
# }
1201+
#
1202+
# if checker == 0:
1203+
# json_data = json_data + json.dumps(dic)
1204+
# checker = 1
1205+
# else:
1206+
# json_data = json_data + ',' + json.dumps(dic)
1207+
#
1208+
# json_data = json_data + ']'
1209+
# final_json = json.dumps({'fetchStatus': 1, 'error_message': "None", "data": json_data})
1210+
# return HttpResponse(final_json)
1211+
# else:
1212+
#
1213+
# command = 'cat /usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf'
1214+
# files = ProcessUtilities.outputExecutioner(command).splitlines()
1215+
#
1216+
# json_data = "["
1217+
#
1218+
# counter = 0
1219+
# checker = 0
1220+
# for fileName in files:
1221+
#
1222+
# if fileName == 'categories.conf':
1223+
# continue
1224+
#
1225+
# if fileName.endswith('bak'):
1226+
# status = 0
1227+
# fileName = fileName.rstrip('.bak')
1228+
# elif fileName.endswith('conf'):
1229+
# status = 1
1230+
# else:
1231+
# continue
1232+
#
1233+
# dic = {
1234+
# 'id': counter,
1235+
# 'fileName': fileName,
1236+
# 'packName': packName,
1237+
# 'status': status,
1238+
#
1239+
# }
1240+
#
1241+
# counter = counter + 1
1242+
#
1243+
# if checker == 0:
1244+
# json_data = json_data + json.dumps(dic)
1245+
# checker = 1
1246+
# else:
1247+
# json_data = json_data + ',' + json.dumps(dic)
1248+
#
1249+
# json_data = json_data + ']'
1250+
# final_json = json.dumps({'fetchStatus': 1, 'error_message': "None", "data": json_data})
1251+
# return HttpResponse(final_json)
12121252

12131253
except BaseException as msg:
12141254
final_dic = {'fetchStatus': 0, 'error_message': str(msg)}
@@ -1235,7 +1275,7 @@ def enableDisableRuleFile(self, userID = None, data = None):
12351275

12361276
execPath = "/usr/local/CyberCP/bin/python " + virtualHostUtilities.cyberPanel + "/plogical/modSec.py"
12371277

1238-
execPath = execPath + " " + functionName + ' --packName ' + packName + ' --fileName ' + fileName
1278+
execPath = execPath + " " + functionName + ' --packName ' + packName + ' --fileName "%s"' % (fileName)
12391279

12401280
output = ProcessUtilities.outputExecutioner(execPath)
12411281

plogical/modSec.py

Lines changed: 66 additions & 46 deletions
Original file line numberDiff line numberDiff line change
@@ -493,25 +493,42 @@ def installOWASP():
493493
print('0, Unable to download OWASP Rules.')
494494
return
495495

496-
owaspRulesConf = """
496+
if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
497+
owaspRulesConf = """
497498
modsecurity_rules_file /usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf
498499
"""
499500

500-
confFile = os.path.join(virtualHostUtilities.Server_root, "conf/httpd_config.conf")
501+
confFile = os.path.join(virtualHostUtilities.Server_root, "conf/httpd_config.conf")
501502

502-
confData = open(confFile).readlines()
503+
confData = open(confFile).readlines()
503504

504-
conf = open(confFile, 'w')
505+
conf = open(confFile, 'w')
505506

506-
for items in confData:
507-
if items.find('/usr/local/lsws/conf/modsec/rules.conf') > -1:
508-
conf.writelines(items)
509-
conf.write(owaspRulesConf)
510-
continue
511-
else:
512-
conf.writelines(items)
507+
for items in confData:
508+
if items.find('/usr/local/lsws/conf/modsec/rules.conf') > -1:
509+
conf.writelines(items)
510+
conf.write(owaspRulesConf)
511+
continue
512+
else:
513+
conf.writelines(items)
514+
515+
conf.close()
516+
else:
517+
confFile = os.path.join('/usr/local/lsws/conf/modsec.conf')
518+
confData = open(confFile).readlines()
519+
520+
conf = open(confFile, 'w')
521+
522+
for items in confData:
523+
if items.find('/conf/comodo_litespeed/') > -1:
524+
conf.writelines(items)
525+
conf.write('Include /usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/*.conf\n')
526+
continue
527+
else:
528+
conf.writelines(items)
529+
530+
conf.close()
513531

514-
conf.close()
515532
installUtilities.reStartLiteSpeed()
516533

517534
print("1,None")
@@ -549,26 +566,17 @@ def disableOWASP():
549566
def disableRuleFile(fileName, packName):
550567
try:
551568

552-
if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
553-
confFile = os.path.join('/usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf')
554-
confData = open(confFile).readlines()
555-
conf = open(confFile, 'w')
556-
557-
for items in confData:
558-
if items.find('modsec/'+packName) > -1 and items.find(fileName) > -1:
559-
conf.write("#" + items)
560-
else:
561-
conf.writelines(items)
562-
563-
conf.close()
569+
confFile = os.path.join('/usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf')
570+
confData = open(confFile).readlines()
571+
conf = open(confFile, 'w')
564572

565-
else:
566-
path = '/usr/local/lsws/conf/comodo_litespeed/'
567-
completePath = path + fileName
568-
completePathBak = path + fileName + '.bak'
573+
for items in confData:
574+
if items.find('modsec/' + packName) > -1 and items.find(fileName) > -1:
575+
conf.write("#" + items)
576+
else:
577+
conf.writelines(items)
569578

570-
command = 'mv ' + completePath + ' ' + completePathBak
571-
ProcessUtilities.executioner(command)
579+
conf.close()
572580

573581
installUtilities.reStartLiteSpeed()
574582

@@ -583,25 +591,37 @@ def disableRuleFile(fileName, packName):
583591
def enableRuleFile(fileName, packName):
584592
try:
585593

586-
if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
587-
confFile = os.path.join('/usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf')
588-
confData = open(confFile).readlines()
589-
conf = open(confFile, 'w')
594+
confFile = os.path.join('/usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf')
595+
confData = open(confFile).readlines()
596+
conf = open(confFile, 'w')
590597

591-
for items in confData:
592-
if items.find('modsec/' + packName) > -1 and items.find(fileName) > -1:
593-
conf.write(items.lstrip('#'))
594-
else:
595-
conf.writelines(items)
598+
for items in confData:
599+
if items.find('modsec/' + packName) > -1 and items.find(fileName) > -1:
600+
conf.write(items.lstrip('#'))
601+
else:
602+
conf.writelines(items)
596603

597-
conf.close()
598-
else:
599-
path = '/usr/local/lsws/conf/comodo_litespeed/'
600-
completePath = path + fileName
601-
completePathBak = path + fileName + '.bak'
604+
conf.close()
602605

603-
command = 'mv ' + completePathBak + ' ' + completePath
604-
ProcessUtilities.executioner(command)
606+
# if ProcessUtilities.decideServer() == ProcessUtilities.OLS:
607+
# confFile = os.path.join('/usr/local/lsws/conf/modsec/owasp-modsecurity-crs-3.0-master/owasp-master.conf')
608+
# confData = open(confFile).readlines()
609+
# conf = open(confFile, 'w')
610+
#
611+
# for items in confData:
612+
# if items.find('modsec/' + packName) > -1 and items.find(fileName) > -1:
613+
# conf.write(items.lstrip('#'))
614+
# else:
615+
# conf.writelines(items)
616+
#
617+
# conf.close()
618+
# else:
619+
# path = '/usr/local/lsws/conf/comodo_litespeed/'
620+
# completePath = path + fileName
621+
# completePathBak = path + fileName + '.bak'
622+
#
623+
# command = 'mv ' + completePathBak + ' ' + completePath
624+
# ProcessUtilities.executioner(command)
605625

606626
installUtilities.reStartLiteSpeed()
607627

0 commit comments

Comments
 (0)