From 551e32444c140d0947e0b6f97a2cab98ab89e370 Mon Sep 17 00:00:00 2001 From: Developer Date: Thu, 19 Mar 2026 21:21:30 -0400 Subject: [PATCH] docs: Document critical standalone server support gaps CRITICAL ISSUES FOUND: 1. Domain discovery broken for standalone servers - get_user_domains() returns empty for standalone - No method to find domains on non-control-panel systems - Shows 'Domains: 0' in detection summary 2. Log discovery completely disabled - build_logs_section() is empty (commented out) - No log file locations cached - Log tailing tools cannot function IMPACT: - Tools fail on standalone: malware-scanner, bot-analyzer, website-diagnostics - Tools work on standalone: system-health-check, mysql-analyzer, hardware-check CAUSE: - No implementation for parsing Apache/Nginx configs on standalone - No safe log discovery mechanism (was disabled due to hangs) RECOMMENDATION: Implement standalone domain/log discovery (11-17 hours total effort) --- STANDALONE_CRITICAL_ISSUES.md | 253 ++++++++++++++++++++++++++++++++++ 1 file changed, 253 insertions(+) create mode 100644 STANDALONE_CRITICAL_ISSUES.md diff --git a/STANDALONE_CRITICAL_ISSUES.md b/STANDALONE_CRITICAL_ISSUES.md new file mode 100644 index 0000000..8d80154 --- /dev/null +++ b/STANDALONE_CRITICAL_ISSUES.md @@ -0,0 +1,253 @@ +# CRITICAL: Standalone Server Support Broken + +**Date**: March 19, 2026 +**Severity**: 🔴 CRITICAL - Toolkit cannot function on standalone servers +**Scope**: Domain discovery, Log discovery, Analysis tools +**Status**: IDENTIFIED - Needs implementation + +--- + +## The Problem + +The toolkit **detects standalone servers correctly** but then **FAILS to discover domains and logs**. This means: + +- ✅ Detection shows "Standalone (no control panel)" +- ✅ System info is displayed (OS, web server, database, PHP) +- ❌ **Domains: 0** (should show actual domains) +- ❌ **Logs: none** (should show log file locations) +- ❌ **Analysis tools cannot run** (they need domains/logs) + +--- + +## Issue #1: Domain Discovery Returns Empty + +**File**: `lib/user-manager.sh` (lines 239-256) +**Function**: `get_user_domains()` + +**Code**: +```bash +get_user_domains() { + [ -z "$1" ] && return 1 + local username="$1" + + case "$SYS_CONTROL_PANEL" in + cpanel) + get_cpanel_user_domains "$username" + ;; + plesk) + get_plesk_user_domains "$username" + ;; + interworx) + get_interworx_user_domains "$username" + ;; + *) + echo "" # ← RETURNS EMPTY FOR STANDALONE! + ;; + esac +} +``` + +**Impact**: +- When `SYS_CONTROL_PANEL="none"` (standalone), this function returns **nothing** +- The reference database building process in `lib/reference-db.sh` relies on this function +- Result: **0 domains found** for standalone servers + +**What Should Happen**: +For standalone servers, the function should: +1. Parse Apache VirtualHost configurations +2. Check Nginx server blocks +3. Query Apache httpd configs for domain information +4. Look in `/etc/apache2/sites-enabled/` or `/etc/httpd/conf.d/` + +**Current Status**: NOT IMPLEMENTED for standalone + +--- + +## Issue #2: Log Discovery Disabled + +**File**: `lib/reference-db.sh` (lines 549-557) +**Function**: `build_logs_section()` + +**Code**: +```bash +build_logs_section() { + echo "[LOGS]" >> "$SYSREF_DB" + + # Apache/Web server logs + # Temporarily disabled - causes hangs with large log directories + # TODO: Implement log scanning with progress indicator and limits + + echo "" >> "$SYSREF_DB" +} +``` + +**Impact**: +- The entire log discovery section is **disabled** +- No log file locations are cached +- Log tailing tools cannot find logs + +**Why It's Disabled**: +Comment says "causes hangs with large log directories" - needs safe filesystem scanning with: +- Progress indicator +- Depth limits +- File count limits +- Timeout protection + +**Current Status**: NOT IMPLEMENTED + +--- + +## Broken Call Chain for Standalone + +Here's what happens when building the reference database for a standalone server: + +``` +build_domains_section() + ↓ +For each user in $users array: + ↓ +get_user_domains("username") ← Returns EMPTY for standalone + ↓ +Loop processes 0 domains + ↓ +Result: Domain count = 0, No logs found +``` + +**In Detail** (reference-db.sh lines 325-481): + +1. **Lines 336-342**: Count total domains + - Tries to access `/var/cpanel/userdata/$user` (doesn't exist on standalone) + - Count returns 0 + +2. **Lines 345-414**: cPanel-specific parsing + - Skipped (userdata_dir doesn't exist) + +3. **Lines 416-441**: Fallback domain discovery + - Calls `get_user_domains()` + - **Gets empty result** ← CHAIN BROKEN HERE + - Loop never executes + - No domains processed + +--- + +## Impact on Tools + +**Tools that FAIL on standalone**: +- malware-scanner.sh (needs domains to scan) +- bot-analyzer.sh (needs logs to analyze) +- website-slowness-diagnostics.sh (needs domain mapping) +- website-error-analyzer.sh (needs logs) +- live-attack-monitor.sh (needs domain/log mapping) +- 500-error-tracker.sh (needs logs) +- tail-apache-access.sh (needs log paths) +- tail-apache-error.sh (needs log paths) +- tail-mail-log.sh (needs log paths) +- Any tool that queries cached domains/logs + +**Tools that WORK on standalone**: +- system-health-check.sh +- mysql-query-analyzer.sh +- hardware diagnostics + +--- + +## What Needs to Be Implemented + +### For Standalone Domain Discovery: +```bash +get_standalone_user_domains() { + local username="$1" + + # Method 1: Parse Apache VirtualHost configurations + grep -h "ServerName\|ServerAlias" /etc/apache2/sites-enabled/* 2>/dev/null | \ + grep -i "# $username\|# apache2\|# webmaster" + + # Method 2: Parse Nginx server blocks + grep -h "server_name" /etc/nginx/sites-enabled/* 2>/dev/null + + # Method 3: Check /home/$username/public_html for detected domains + find /home/"$username" -maxdepth 3 -name ".htaccess" -o -name "index.php" 2>/dev/null | \ + sed "s|/home/$username/||; s|/.*||" | sort -u +} +``` + +### For Standalone Log Discovery: +```bash +build_logs_section() { + echo "[LOGS]" >> "$SYSREF_DB" + + # Find Apache access logs with safety limits + find "$SYS_LOG_DIR" -name "*access*" -type f -mtime -30 2>/dev/null | \ + head -50 | while read -r log; do + echo "LOG|access|$log|" + done >> "$SYSREF_DB" + + # Find Apache error logs with safety limits + find "$SYS_LOG_DIR" -name "*error*" -type f -mtime -30 2>/dev/null | \ + head -50 | while read -r log; do + echo "LOG|error|$log|" + done >> "$SYSREF_DB" + + echo "" >> "$SYSREF_DB" +} +``` + +--- + +## The Discovery Status + +### Detection Phase: ✅ WORKING +``` +System: Standalone (no control panel) +OS: AlmaLinux 9.7 +Web Server: Apache 2.4.66 +Database: MariaDB 10.6.25 +``` + +### Discovery Phase: ❌ BROKEN +``` +Users: 5 (found via /etc/passwd) +Domains: 0 (NOT FOUND - broken function) +Databases: 12 (found via MySQL queries) +Logs: (NOT DISCOVERED - disabled) +WordPress: 0 (cannot search without domains/paths) +``` + +--- + +## Summary + +The standalone server support has a **critical gap** between detection and discovery: + +| Phase | Status | Notes | +|-------|--------|-------| +| **Detection** | ✅ Works | Correctly identifies as "none" | +| **Initialization** | ✅ Works | Sets correct paths and variables | +| **System Info** | ✅ Works | Gathers OS, web, database info | +| **Users** | ✅ Works | Enumerates /etc/passwd users | +| **Domains** | ❌ Broken | Function returns empty for standalone | +| **Logs** | ❌ Disabled | Entire section commented out | +| **WordPress** | ❌ Broken | Cannot detect without domain paths | +| **Tools** | ❌ Fail | No domains/logs = tools can't run | + +--- + +## Recommendation + +**PRIORITY 1: Implement standalone domain discovery** +- Parse Apache/Nginx configs +- Check user directories for web content +- Estimated effort: 4-6 hours + +**PRIORITY 2: Implement safe log discovery** +- Find logs with safety limits (depth, count, time range) +- Add progress indicator to prevent hangs +- Estimated effort: 5-8 hours + +**PRIORITY 3: Update WordPress detection** +- Use discovered domains to find WordPress installations +- Estimated effort: 2-3 hours + +**Total**: 11-17 hours to full standalone support + +Until these are implemented, standalone servers will detect correctly but fail at discovery and cannot run analysis tools.