From 8cb0acf8c026504a7188c97cd32c18e22a747fd7 Mon Sep 17 00:00:00 2001 From: cschantz Date: Thu, 11 Dec 2025 16:07:45 -0500 Subject: [PATCH] Major launcher cleanup - remove all non-existent menu items MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Problem: - Launcher had 100+ menu items for features that don't exist - Confusing nested menus with placeholder functions - Most security/monitoring/backup options pointed to unimplemented modules - 1576 lines with massive complexity Solution - Streamlined launcher with ONLY implemented features: Main Menu (6 options): 1. System Health Check 2. Security & Monitoring 3. Website Diagnostics 4. Performance Analysis 5. Backup & Recovery 6. Cleanup Toolkit Data Security & Monitoring (14 options): ✓ Bot & Traffic Analyzer (full + quick scan) ✓ IP Reputation Manager ✓ Malware Scanner ✓ Live Attack Monitor ✓ SSH Attack Monitor ✓ Web Traffic Monitor ✓ Firewall Activity Monitor ✓ 4x Log Tail viewers (Apache access/error, mail, secure) ✓ Enable cPHulk ✓ Optimize CT_LIMIT Website Diagnostics (3 options): ✓ Website Error Analyzer ✓ Fast 500 Error Tracker ✓ WordPress Tools (links to existing menu) Performance Analysis (5 options): ✓ MySQL Query Analyzer ✓ Network & Bandwidth ✓ Hardware Health Check ✓ PHP Configuration Optimizer ✓ Loadwatch Health Analyzer (with time ranges) Backup & Recovery (3 options): ✓ Acronis Management (9 sub-options) ✓ MySQL File Restore ✓ Cleanup Toolkit Data Removed (90+ phantom menu items): ✗ All placeholder security analysis functions ✗ All placeholder security action functions ✗ All placeholder monitoring functions ✗ All placeholder reporting functions ✗ All placeholder backup functions (except Acronis & MySQL restore) ✗ All placeholder WordPress management (except cron menu) ✗ Configuration editor (unused) ✗ "Erase traces" function Benefits: - Reduced from 1576 lines to 574 lines (64% reduction) - Every menu item points to a real, working script - Clear, focused organization - No more "module not found" errors - Much faster to navigate - Easier to maintain Backup: - Old launcher saved as launcher-old.sh - Can be restored if needed --- launcher-old.sh | 1575 +++++++++++++++++++++++++++++++++++++++++++++++ launcher.sh | 1502 ++++++-------------------------------------- 2 files changed, 1778 insertions(+), 1299 deletions(-) create mode 100755 launcher-old.sh diff --git a/launcher-old.sh b/launcher-old.sh new file mode 100755 index 0000000..a0776ca --- /dev/null +++ b/launcher-old.sh @@ -0,0 +1,1575 @@ +#!/bin/bash + +############################################################################# +# Server Management Toolkit - Main Launcher +# Version: 2.0 +# +# Comprehensive cPanel/Linux server management suite +# - Security & Bot Analysis +# - WordPress Management +# - System Performance & Diagnostics +# - Backup & Maintenance +# - Monitoring & Alerts +############################################################################# + +set -eo pipefail + +# Configuration +SUITE_VERSION="2.0.0" +BASE_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" +MODULES_DIR="$BASE_DIR/modules" +LIB_DIR="$BASE_DIR/lib" +CONFIG_DIR="$BASE_DIR/config" + +# Load core libraries +source "$LIB_DIR/common-functions.sh" +source "$LIB_DIR/system-detect.sh" +source "$LIB_DIR/user-manager.sh" +source "$LIB_DIR/reference-db.sh" + +# Color codes (already defined in common-functions.sh but keeping for backward compat) +RED='\033[0;31m' +YELLOW='\033[1;33m' +GREEN='\033[0;32m' +BLUE='\033[0;34m' +CYAN='\033[0;36m' +MAGENTA='\033[0;35m' +BOLD='\033[1m' +NC='\033[0m' + +# Banner +show_banner() { + clear + echo -e "${CYAN}═══════════════════════════════════════════════════════════════${NC}" + echo -e "${CYAN} ⚡ Server Management Toolkit v${SUITE_VERSION}${NC}" + echo -e "${CYAN} Complete cPanel/Linux Server Administration Suite${NC}" + echo -e "${CYAN}═══════════════════════════════════════════════════════════════${NC}" + echo "" +} + +# Check if module exists locally +module_exists() { + local category="$1" + local module="$2" + [ -f "$MODULES_DIR/$category/$module" ] && [ -x "$MODULES_DIR/$category/$module" ] +} + + +# Run a module +run_module() { + local category="$1" + local module="$2" + shift 2 # Remove category and module, pass remaining args + + if ! module_exists "$category" "$module"; then + echo "" + echo -e "${RED}✗ Module not found: $category/$module${NC}" + echo -e "${YELLOW}This module hasn't been created yet.${NC}" + echo "" + read -p "Press Enter to continue..." + return 1 + fi + + echo "" + echo -e "${CYAN}Launching: $category/$module${NC}" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + + # Clear SYS_* variables before launching module to force fresh detection + # This ensures modules always get correct system info even if launcher has stale data + ( + for var in $(compgen -e | grep "^SYS_"); do + unset "$var" + done + "$MODULES_DIR/$category/$module" "$@" + ) + local exit_code=$? + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + if [ "${exit_code:-0}" -eq 0 ]; then + echo -e "${GREEN}✓ Completed successfully${NC}" + else + echo -e "${RED}✗ Exited with code: $exit_code${NC}" + fi + echo "" + read -p "Press Enter to continue..." +} + +# Main menu +show_main_menu() { + show_banner + + echo -e "${BOLD}Quick Diagnostics:${NC}" + echo "" + echo -e " ${MAGENTA}${BOLD}1)${NC} 🏥 System Health Check - Quick diagnosis of server issues" + echo "" + echo -e "${BOLD}Main Categories:${NC}" + echo "" + echo -e " ${GREEN}2)${NC} 🛡️ Security & Threat Analysis" + echo -e " ${BLUE}3)${NC} 🌐 Website Management - WordPress, Joomla, Drupal, etc." + echo -e " ${MAGENTA}4)${NC} 🔧 Performance & Diagnostics - MySQL, Network, Hardware, Logs" + echo -e " ${YELLOW}5)${NC} 💾 Backup & Recovery" + echo -e " ${CYAN}6)${NC} 🔍 Monitoring & Alerts" + echo -e " ${GREEN}7)${NC} 📈 Reporting & Analytics" + echo "" + echo -e "${BOLD}System:${NC}" + echo "" + echo -e " ${YELLOW}8)${NC} 🗑️ Cleanup / Reset - Clear all learned data" + echo -e " ${YELLOW}9)${NC} ⚙️ Configuration" + echo -e " ${RED}10)${NC} 🔥 Erase All Traces - Remove toolkit from history/logs" + echo "" + echo -e " ${RED}0)${NC} Exit" + echo "" + echo -e "${CYAN}═══════════════════════════════════════════════════════════════${NC}" + echo -n "Select option: " +} + +# Security menu - Main split: Analysis / Actions / Live +show_security_menu() { + show_banner + echo -e "${GREEN}${BOLD}🛡️ Security & Threat Analysis${NC}" + echo "" + echo -e "${BOLD}Choose Mode:${NC}" + echo "" + echo -e " ${CYAN}1)${NC} 🔍 Analysis & Troubleshooting → Diagnose, investigate, detect threats" + echo -e " ${YELLOW}2)${NC} ⚡ Security Actions & Fixes → Enable protection, block threats, configure" + echo -e " ${MAGENTA}3)${NC} 📡 Live Monitoring & Alerts → Real-time threat tracking & dashboards" + echo "" + echo -e "${BOLD}Quick Views:${NC}" + echo "" + echo -e " ${GREEN}4)${NC} 🚨 Active Threats Dashboard - Current attacks summary" + echo -e " ${GREEN}5)${NC} 📊 Security Summary Report - Overall security posture" + echo "" + echo -e " ${RED}0)${NC} Back to Main Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# Live Monitoring submenu +show_live_monitoring_menu() { + show_banner + echo -e "${MAGENTA}${BOLD}📡 Live Monitoring & Alerts${NC}" + echo "" + echo -e "${BOLD}🛡️ Intelligent Monitoring:${NC}" + echo "" + echo -e " ${MAGENTA}1)${NC} ${BOLD}Live Attack Monitor${NC} - Unified threat intelligence" + echo -e " ${DIM}├─ Monitors: Web, SSH, Firewall, cPHulk, Network (SYN floods)${NC}" + echo -e " ${DIM}├─ Features: Threat scoring, bot detection, attack classification${NC}" + echo -e " ${DIM}└─ Quick Actions: IP blocking, ban management${NC}" + echo "" + echo -e "${BOLD}📋 Simple Log Viewers (No Intelligence):${NC}" + echo "" + echo -e " ${MAGENTA}2)${NC} SSH Log Tail - Raw SSH auth attempts (/var/log/secure)" + echo -e " ${MAGENTA}3)${NC} Web Traffic Tail - Raw Apache access logs" + echo -e " ${MAGENTA}4)${NC} Firewall Log Tail - Raw firewall events" + echo "" + echo -e "${BOLD}Log Tailing:${NC}" + echo "" + echo -e " ${MAGENTA}5)${NC} Tail Apache Access Log - Live web access (all domains)" + echo -e " ${MAGENTA}6)${NC} Tail Apache Error Log - Live web errors" + echo -e " ${MAGENTA}7)${NC} Tail Mail Log - Live email activity" + echo -e " ${MAGENTA}8)${NC} Tail Security Log - Live auth attempts (/var/log/secure)" + echo "" + echo -e "${BOLD}Advanced:${NC}" + echo "" + echo -e " ${MAGENTA}9)${NC} Custom Log Monitor - Tail custom log file" + echo "" + echo -e " ${RED}0)${NC} Back to Security Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# Security Analysis submenu +show_security_analysis_menu() { + show_banner + echo -e "${CYAN}${BOLD}🔍 Security Analysis & Troubleshooting${NC}" + echo "" + echo -e "${BOLD}Analysis Categories:${NC}" + echo "" + echo -e " ${CYAN}1)${NC} 🦠 Malware Scanner → Full malware detection (ImunifyAV, ClamAV, Maldet)" + echo -e " ${CYAN}2)${NC} 🤖 Bot & Traffic Analysis → Analyze attack patterns, bots, DDoS" + echo -e " ${CYAN}3)${NC} 🔐 Authentication Analysis → SSH, cPanel, FTP, Email login attempts" + echo -e " ${CYAN}4)${NC} 🌐 Web Application Analysis → Website security, vulnerabilities" + echo -e " ${CYAN}5)${NC} 🔥 Firewall & Network Review → CSF, ports, connections" + echo "" + echo -e " ${RED}0)${NC} Back to Security Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# Security Actions submenu +show_security_actions_menu() { + show_banner + echo -e "${YELLOW}${BOLD}⚡ Security Actions & Fixes${NC}" + echo "" + echo -e "${BOLD}Action Categories:${NC}" + echo "" + echo -e " ${YELLOW}1)${NC} 🔐 Authentication Protection → Enable cPHulk, configure login security" + echo -e " ${YELLOW}2)${NC} 🚫 Threat Blocking & Banning → Block IPs, auto-ban, whitelist management" + echo -e " ${YELLOW}3)${NC} 🔥 Firewall Management → CSF configuration, rules, ports" + echo -e " ${YELLOW}4)${NC} 🌐 Web Application Hardening → SSL, permissions, ModSecurity" + echo "" + echo -e " ${RED}0)${NC} Back to Security Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# Bot & Traffic Analysis submenu (ANALYSIS SIDE) +show_bot_analysis_menu() { + show_banner + echo -e "${CYAN}${BOLD}🤖 Bot & Traffic Analysis${NC}" + echo "" + echo -e "${BOLD}Detection & Investigation:${NC}" + echo "" + echo -e " ${CYAN}1)${NC} Full Bot Analysis - Complete scan (all logs)" + echo -e " ${CYAN}2)${NC} Quick Scan (1 hour) - Recent activity only" + echo -e " ${CYAN}3)${NC} Live Monitor - Real-time threat tracking" + echo -e " ${CYAN}4)${NC} IP Reputation Manager - Query/manage IP database (NEW!)" + echo -e " ${CYAN}5)${NC} IP Lookup & Investigation - Deep-dive on specific IP" + echo -e " ${CYAN}6)${NC} DDoS Pattern Detector - Identify DDoS attacks" + echo -e " ${CYAN}7)${NC} Traffic Pattern Analysis - Bandwidth & connection patterns" + echo -e " ${CYAN}8)${NC} User-Agent Analysis - Bot fingerprinting" + echo "" + echo -e " ${RED}0)${NC} Back to Analysis Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# Authentication Analysis submenu (ANALYSIS SIDE) +show_auth_analysis_menu() { + show_banner + echo -e "${CYAN}${BOLD}🔐 Authentication Analysis${NC}" + echo "" + echo -e "${BOLD}SSH Analysis:${NC}" + echo "" + echo -e " ${CYAN}1)${NC} SSH Brute Force Analysis - Analyze SSH attack attempts" + echo -e " ${CYAN}2)${NC} SSH Configuration Audit - Check SSH security hardening" + echo -e " ${CYAN}3)${NC} Root Login Analysis - Review root access attempts" + echo -e " ${CYAN}4)${NC} Failed Login Patterns - Identify attack patterns" + echo "" + echo -e "${BOLD}cPanel/WHM Analysis:${NC}" + echo "" + echo -e " ${CYAN}5)${NC} cPanel Login Analysis - Review cPanel access attempts" + echo -e " ${CYAN}6)${NC} WHM Login Analysis - Review WHM access attempts" + echo -e " ${CYAN}7)${NC} FTP Login Analysis - Review FTP access attempts" + echo "" + echo -e "${BOLD}Email Authentication:${NC}" + echo "" + echo -e " ${CYAN}8)${NC} Email Auth Failures - SMTP/IMAP/POP3 failed logins" + echo -e " ${CYAN}9)${NC} Dovecot Security Audit - Email service security review" + echo "" + echo -e " ${RED}0)${NC} Back to Analysis Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# Web Application Analysis submenu (ANALYSIS SIDE) +show_webapp_analysis_menu() { + show_banner + echo -e "${CYAN}${BOLD}🌐 Web Application Analysis${NC}" + echo "" + echo -e "${BOLD}Security Scanning:${NC}" + echo "" + echo -e " ${CYAN}1)${NC} WordPress Security Scan - WP-specific vulnerabilities" + echo -e " ${CYAN}2)${NC} SQL Injection Detector - Analyze for SQLi attempts" + echo -e " ${CYAN}3)${NC} XSS Attack Detector - Cross-site scripting analysis" + echo -e " ${CYAN}4)${NC} File Permission Audit - Insecure permissions scan" + echo "" + echo -e "${BOLD}Configuration Review:${NC}" + echo "" + echo -e " ${CYAN}5)${NC} SSL/TLS Security Audit - Certificate & config review" + echo -e " ${CYAN}6)${NC} ModSecurity Status - WAF configuration review" + echo -e " ${CYAN}7)${NC} Apache Security Audit - Web server security review" + echo "" + echo -e " ${RED}0)${NC} Back to Analysis Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# Firewall & Network Analysis submenu (ANALYSIS SIDE) +show_firewall_analysis_menu() { + show_banner + echo -e "${CYAN}${BOLD}🔥 Firewall & Network Review${NC}" + echo "" + echo -e "${BOLD}Firewall Status:${NC}" + echo "" + echo -e " ${CYAN}1)${NC} CSF Status & Configuration - View firewall status" + echo -e " ${CYAN}2)${NC} View Allowed IPs - Show whitelist" + echo -e " ${CYAN}3)${NC} View Blocked IPs - Show blocklist" + echo -e " ${CYAN}4)${NC} Recent CSF Activity - Firewall event log" + echo "" + echo -e "${BOLD}Network Analysis:${NC}" + echo "" + echo -e " ${CYAN}5)${NC} Open Port Scanner - Check listening ports" + echo -e " ${CYAN}6)${NC} Port Security Audit - Identify risky open ports" + echo -e " ${CYAN}7)${NC} Connection Analysis - Active connections review" + echo -e " ${CYAN}8)${NC} Network Interface Stats - Bandwidth & error analysis" + echo "" + echo -e " ${RED}0)${NC} Back to Analysis Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# Authentication Protection submenu (ACTIONS SIDE) +show_auth_protection_menu() { + show_banner + echo -e "${YELLOW}${BOLD}🔐 Authentication Protection${NC}" + echo "" + echo -e "${BOLD}cPHulk Brute Force Protection:${NC}" + echo "" + echo -e " ${YELLOW}1)${NC} Enable cPHulk Protection - Setup with CSF whitelist import" + echo -e " ${YELLOW}2)${NC} cPHulk Configuration - Adjust sensitivity & thresholds" + echo -e " ${YELLOW}3)${NC} View Blocked IPs - See currently blocked attackers" + echo -e " ${YELLOW}4)${NC} Unblock IP Address - Remove IP from blocklist" + echo -e " ${YELLOW}5)${NC} Add IP to Whitelist - Manually whitelist trusted IP" + echo "" + echo -e "${BOLD}SSH Hardening:${NC}" + echo "" + echo -e " ${YELLOW}6)${NC} Disable Root SSH Login - Enhance SSH security" + echo -e " ${YELLOW}7)${NC} Configure SSH Port - Change default SSH port" + echo -e " ${YELLOW}8)${NC} Setup SSH Key Auth - Disable password authentication" + echo "" + echo -e "${BOLD}Email Security:${NC}" + echo "" + echo -e " ${YELLOW}9)${NC} Enable SMTP Authentication - Require auth for outbound email" + echo "" + echo -e " ${RED}0)${NC} Back to Actions Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# Threat Blocking submenu (ACTIONS SIDE) +show_threat_blocking_menu() { + show_banner + echo -e "${YELLOW}${BOLD}🚫 Threat Blocking & Banning${NC}" + echo "" + echo -e "${BOLD}IP Management:${NC}" + echo "" + echo -e " ${YELLOW}1)${NC} Block IP Address - Manually block specific IP" + echo -e " ${YELLOW}2)${NC} Block IP Range (CIDR) - Block entire subnet" + echo -e " ${YELLOW}3)${NC} Block Country - Geo-block entire country" + echo -e " ${YELLOW}4)${NC} Unblock IP Address - Remove IP from blocklist" + echo "" + echo -e "${BOLD}Automated Blocking:${NC}" + echo "" + echo -e " ${YELLOW}5)${NC} Auto-Block Detected Threats - Block IPs from analysis" + echo -e " ${YELLOW}6)${NC} Enable LFD Auto-Blocking - CSF Login Failure Daemon" + echo -e " ${YELLOW}7)${NC} Configure Block Thresholds - Adjust auto-block sensitivity" + echo "" + echo -e "${BOLD}Whitelist Management:${NC}" + echo "" + echo -e " ${YELLOW}8)${NC} Add IP to Whitelist - Allow trusted IP" + echo -e " ${YELLOW}9)${NC} Manage Whitelist - View/edit whitelist" + echo "" + echo -e " ${RED}0)${NC} Back to Actions Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# Firewall Management submenu (ACTIONS SIDE) +show_firewall_management_menu() { + show_banner + echo -e "${YELLOW}${BOLD}🔥 Firewall Management${NC}" + echo "" + echo -e "${BOLD}CSF Configuration:${NC}" + echo "" + echo -e " ${YELLOW}1)${NC} Enable/Disable CSF - Start/stop firewall" + echo -e " ${YELLOW}2)${NC} Restart CSF - Apply configuration changes" + echo -e " ${YELLOW}3)${NC} Configure CSF Settings - Edit csf.conf" + echo -e " ${YELLOW}4)${NC} Test CSF Configuration - Validate config before restart" + echo "" + echo -e "${BOLD}Port Management:${NC}" + echo "" + echo -e " ${YELLOW}5)${NC} Open Port - Allow specific port" + echo -e " ${YELLOW}6)${NC} Close Port - Block specific port" + echo -e " ${YELLOW}7)${NC} Configure Port Ranges - Manage allowed port ranges" + echo "" + echo -e "${BOLD}Advanced:${NC}" + echo "" + echo -e " ${YELLOW}8)${NC} Configure Connection Tracking - CT_LIMIT settings" + echo -e " ${YELLOW}9)${NC} Configure SYN Flood Protection - SYNFLOOD settings" + echo "" + echo -e " ${RED}0)${NC} Back to Actions Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# Web Application Hardening submenu (ACTIONS SIDE) +show_webapp_hardening_menu() { + show_banner + echo -e "${YELLOW}${BOLD}🌐 Web Application Hardening${NC}" + echo "" + echo -e "${BOLD}SSL/TLS Configuration:${NC}" + echo "" + echo -e " ${YELLOW}1)${NC} Install SSL Certificate - Let's Encrypt or custom" + echo -e " ${YELLOW}2)${NC} Force HTTPS Redirect - Redirect HTTP to HTTPS" + echo -e " ${YELLOW}3)${NC} Configure SSL Ciphers - Harden SSL/TLS configuration" + echo "" + echo -e "${BOLD}ModSecurity (WAF):${NC}" + echo "" + echo -e " ${YELLOW}4)${NC} Enable ModSecurity - Activate Web Application Firewall" + echo -e " ${YELLOW}5)${NC} Install OWASP Rules - Deploy OWASP Core Rule Set" + echo -e " ${YELLOW}6)${NC} Configure ModSecurity - Adjust WAF sensitivity" + echo "" + echo -e "${BOLD}File Permissions:${NC}" + echo "" + echo -e " ${YELLOW}7)${NC} Fix File Permissions - Set secure permissions (644/755)" + echo -e " ${YELLOW}8)${NC} Fix Ownership - Set correct user:group ownership" + echo "" + echo -e " ${RED}0)${NC} Back to Actions Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# Website Management menu (WordPress, etc.) +show_wordpress_menu() { + show_banner + echo -e "${BLUE}${BOLD}🌐 Website Management${NC}" + echo "" + echo -e "${BOLD}General Website Tools:${NC}" + echo "" + echo -e " ${BLUE}1)${NC} 🔍 Website Error Analyzer - Find 500/config errors (filters bots)" + echo -e " ${RED}2)${NC} 🔥 Fast 500 Error Tracker - ONLY 500s + root cause diagnosis" + echo "" + echo -e "${BOLD}CMS-Specific Management:${NC}" + echo "" + echo -e " ${BLUE}3)${NC} 📦 WordPress Management → Cron, updates, security, health" + echo -e " ${DIM}4)${NC} ${DIM}📦 Joomla Management (Coming Soon)${NC}" + echo -e " ${DIM}5)${NC} ${DIM}📦 Drupal Management (Coming Soon)${NC}" + echo "" + echo -e " ${RED}0)${NC} Back to Main Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# WordPress Health & Maintenance submenu +show_wp_health_menu() { + show_banner + echo -e "${BLUE}${BOLD}🏥 WordPress Health & Maintenance${NC}" + echo "" + echo -e " ${BLUE}1)${NC} Health Check (All Sites) - Scan all WP installations" + echo -e " ${BLUE}2)${NC} Database Optimizer - Clean/optimize WP databases" + echo -e " ${BLUE}3)${NC} Cache Clear (All Sites) - Clear all WP caches" + echo -e " ${BLUE}4)${NC} Plugin Audit - Security scan of plugins" + echo -e " ${BLUE}5)${NC} Theme Audit - Security scan of themes" + echo "" + echo -e " ${RED}0)${NC} Back to Website Management" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# WP-Cron Management submenu +show_wp_cron_menu() { + show_banner + echo -e "${BLUE}${BOLD}⚙️ WP-Cron Management${NC}" + echo "" + echo -e " ${BLUE}1)${NC} WP-Cron Status - Check cron job status" + echo -e " ${BLUE}2)${NC} WP-Cron Mass Fix - Fix/enable cron on all sites" + echo -e " ${BLUE}3)${NC} WP-Cron Mass Create - Setup proper system crons" + echo "" + echo -e " ${RED}0)${NC} Back to Website Management" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# Mass Updates submenu +show_wp_updates_menu() { + show_banner + echo -e "${BLUE}${BOLD}🔄 WordPress Mass Updates${NC}" + echo "" + echo -e " ${BLUE}1)${NC} Mass Update Core - Update WordPress core (all)" + echo -e " ${BLUE}2)${NC} Mass Update Plugins - Update plugins (all sites)" + echo -e " ${BLUE}3)${NC} Mass Update Themes - Update themes (all sites)" + echo "" + echo -e " ${RED}0)${NC} Back to Website Management" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# Security & Compliance submenu +show_wp_security_menu() { + show_banner + echo -e "${BLUE}${BOLD}🔒 WordPress Security & Compliance${NC}" + echo "" + echo -e " ${BLUE}1)${NC} Malware Scanner - Scan for infected files" + echo -e " ${BLUE}2)${NC} Permission Fixer - Fix file permissions" + echo -e " ${BLUE}3)${NC} Login Security Audit - Check for weak passwords" + echo "" + echo -e " ${RED}0)${NC} Back to Website Management" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# Performance & Diagnostics menu +show_performance_menu() { + show_banner + echo -e "${MAGENTA}${BOLD}🔧 Performance & Diagnostics${NC}" + echo "" + echo -e "${BOLD}Database:${NC}" + echo -e " ${MAGENTA}1)${NC} MySQL Query Analyzer - Find slow queries and optimize" + echo "" + echo -e "${BOLD}Network & Bandwidth:${NC}" + echo -e " ${MAGENTA}2)${NC} Network & Bandwidth Analyzer - Traffic, bandwidth, top consumers" + echo -e " ${MAGENTA}3)${NC} Connection Monitor - Active connections and states" + echo "" + echo -e "${BOLD}Hardware & Resources:${NC}" + echo -e " ${MAGENTA}4)${NC} Hardware Health Check - SMART, memory, CPU sensors" + echo -e " ${MAGENTA}5)${NC} Disk I/O Analyzer - Disk performance metrics" + echo -e " ${MAGENTA}6)${NC} Resource Monitor - CPU/RAM/Disk usage dashboard" + echo "" + echo -e "${BOLD}Web Server & PHP:${NC}" + echo -e " ${MAGENTA}7)${NC} Apache Performance - Apache tuning recommendations" + echo -e " ${MAGENTA}8)${NC} PHP-FPM Monitor - PHP-FPM pool status" + echo -e " ${MAGENTA}9)${NC} PHP Configuration Optimizer - Analyze & optimize PHP settings per domain" + echo "" + echo -e "${BOLD}Logs & Diagnostics:${NC}" + echo -e " ${MAGENTA}10)${NC} Log Analyzer - Parse and analyze system logs" + echo -e " ${MAGENTA}11)${NC} Loadwatch Health Analyzer - System health from monitoring logs" + echo -e " ${MAGENTA}12)${NC} Email Queue Monitor - Mail queue analysis" + echo "" + echo -e " ${RED}0)${NC} Back to Main Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# Backup menu +show_backup_menu() { + show_banner + echo -e "${YELLOW}${BOLD}💾 Backup & Recovery${NC}" + echo "" + echo -e "${BOLD}cPanel Backups:${NC}" + echo "" + echo -e " ${YELLOW}1)${NC} Auto Backup (All Sites) - Create full backups" + echo -e " ${YELLOW}2)${NC} Selective Backup - Backup specific accounts" + echo -e " ${YELLOW}3)${NC} Restore Helper - Interactive restore tool" + echo -e " ${YELLOW}4)${NC} Database Backup (All) - Backup all databases" + echo -e " ${YELLOW}5)${NC} Config Backup - Backup server configs" + echo -e " ${YELLOW}6)${NC} Log Archive - Archive old logs" + echo -e " ${YELLOW}7)${NC} Backup Verification - Test backup integrity" + echo -e " ${YELLOW}8)${NC} Off-site Sync - Sync to remote storage" + echo "" + echo -e "${BOLD}Acronis Cyber Protect:${NC}" + echo "" + echo -e " ${YELLOW}9)${NC} 🔷 Acronis Management → Install, configure, manage backups" + echo "" + echo -e "${BOLD}Database Tools:${NC}" + echo "" + echo -e " ${CYAN}11)${NC} 🔄 MySQL File Restore - Convert restored DB files to .sql" + echo "" + echo -e "${BOLD}Data Management:${NC}" + echo "" + echo -e " ${RED}10)${NC} 🗑️ Cleanup Toolkit Data - Remove IP reputation & temp files" + echo "" + echo -e " ${RED}0)${NC} Back to Main Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# Acronis Management submenu +show_acronis_menu() { + show_banner + echo -e "${YELLOW}${BOLD}🔷 Acronis Cyber Protect${NC}" + echo "" + echo -e "${BOLD}Installation & Setup:${NC}" + echo "" + echo -e " ${YELLOW}1)${NC} Install Acronis Agent - Download and install Acronis" + echo -e " ${YELLOW}2)${NC} Register with Cloud - Connect to Acronis Cloud" + echo "" + echo -e "${BOLD}Backup Management:${NC}" + echo "" + echo -e " ${GREEN}3)${NC} 📊 Manage Backups - Complete backup management interface" + echo "" + echo -e "${BOLD}Quick Actions:${NC}" + echo "" + echo -e " ${YELLOW}4)${NC} Check Agent Status - Verify Acronis is running" + echo -e " ${YELLOW}5)${NC} Update Agent - Upgrade to latest version" + echo -e " ${YELLOW}6)${NC} View Logs - Check Acronis logs" + echo -e " ${YELLOW}7)${NC} Uninstall Acronis - Remove Acronis agent" + echo "" + echo -e "${BOLD}Troubleshooting:${NC}" + echo "" + echo -e " ${RED}8)${NC} 🔧 Troubleshoot Backups - Diagnose backup failures" + echo "" + echo -e " ${RED}0)${NC} Back to Backup & Recovery" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# Acronis submenu handler +handle_acronis_menu() { + while true; do + show_acronis_menu + read -r choice + + case $choice in + 1) run_module "backup" "acronis-install.sh" ;; + 2) run_module "backup" "acronis-register.sh" ;; + 3) run_module "backup" "acronis-backup-manager.sh" ;; + 4) run_module "backup" "acronis-agent-status.sh" ;; + 5) run_module "backup" "acronis-update.sh" ;; + 6) run_module "backup" "acronis-logs.sh" ;; + 7) run_module "backup" "acronis-uninstall.sh" ;; + 8) run_module "backup" "acronis-troubleshoot.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Monitoring menu +show_monitoring_menu() { + show_banner + echo -e "${CYAN}${BOLD}🔍 Monitoring & Alerts${NC}" + echo "" + echo -e " ${CYAN}1)${NC} Service Status Monitor - Apache, MySQL, PHP-FPM status" + echo -e " ${CYAN}2)${NC} Uptime Tracker - Server uptime history" + echo -e " ${CYAN}3)${NC} Error Log Watcher - Real-time error monitoring" + echo -e " ${CYAN}4)${NC} Disk Space Alerts - Low disk space warnings" + echo -e " ${CYAN}5)${NC} SSL Expiration Monitor - Certificate expiry tracking" + echo -e " ${CYAN}6)${NC} Security Alert Dashboard - Recent security events" + echo -e " ${CYAN}7)${NC} Email Delivery Monitor - Track email deliverability" + echo -e " ${CYAN}8)${NC} DNS Monitor - DNS health checks" + echo "" + echo -e " ${RED}0)${NC} Back to Main Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# Reporting menu +show_reporting_menu() { + show_banner + echo -e "${GREEN}${BOLD}📈 Reporting & Analytics${NC}" + echo "" + echo -e " ${GREEN}1)${NC} Security Report Viewer - Browse security reports" + echo -e " ${GREEN}2)${NC} Performance Summary - Historical performance data" + echo -e " ${GREEN}3)${NC} Traffic Analytics - Bandwidth & visitor stats" + echo -e " ${GREEN}4)${NC} Account Usage Report - Per-account resource usage" + echo -e " ${GREEN}5)${NC} System Health Dashboard - Overall server status" + echo -e " ${GREEN}6)${NC} Custom Report Builder - Create custom reports" + echo -e " ${GREEN}7)${NC} Export to PDF - Generate PDF reports" + echo "" + echo -e " ${RED}0)${NC} Back to Main Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +# Cleanup / Reset all learned data +cleanup_all_data() { + show_banner + echo -e "${BOLD}🗑️ Cleanup / Reset System${NC}" + echo "" + + print_warning "This will delete all learned/cached information:" + echo "" + echo " • System reference database (.sysref)" + echo " • Temporary session directories (/tmp/server-toolkit-*)" + echo " • Bot analyzer reports (/tmp/bot_analysis_*)" + echo " • MySQL analysis reports (/tmp/mysql_analysis_*)" + echo " • System health reports (/tmp/system_health_report_*)" + echo " • Network bandwidth reports (/tmp/network_bandwidth_report_*)" + echo " • Hardware health reports (/tmp/hardware_health_report_*)" + echo " • Any cached user/domain/database mappings" + echo "" + echo "This will NOT affect:" + echo " ✓ Configuration files (config/settings.conf)" + echo " ✓ Your actual server data" + echo " ✓ The toolkit scripts themselves" + echo "" + + read -p "Are you sure you want to reset to blank slate? (yes/no): " confirm + + if [ "$confirm" != "yes" ]; then + print_info "Cleanup cancelled" + sleep 2 + return 0 + fi + + echo "" + print_info "Starting cleanup..." + + # Remove reference database + if [ -f "$BASE_DIR/.sysref" ]; then + rm -f "$BASE_DIR/.sysref" + print_success "Removed system reference database" + fi + + if [ -f "$BASE_DIR/.sysref.timestamp" ]; then + rm -f "$BASE_DIR/.sysref.timestamp" + fi + + # Remove temp session directories + local temp_count=$(find /tmp -maxdepth 1 -name "server-toolkit-*" -type d 2>/dev/null | wc -l) + if [ "${temp_count:-0}" -gt 0 ]; then + find /tmp -maxdepth 1 -name "server-toolkit-*" -type d -exec rm -rf {} \; 2>/dev/null + print_success "Removed $temp_count temporary session directories" + fi + + # Remove bot analyzer reports + local bot_reports=$(find /tmp -maxdepth 1 -name "bot_analysis_*" 2>/dev/null | wc -l) + if [ "${bot_reports:-0}" -gt 0 ]; then + find /tmp -maxdepth 1 -name "bot_analysis_*" -exec rm -f {} \; 2>/dev/null + print_success "Removed $bot_reports bot analysis reports" + fi + + # Remove MySQL analysis reports + local mysql_reports=$(find /tmp -maxdepth 1 -name "mysql_analysis_*" 2>/dev/null | wc -l) + if [ "${mysql_reports:-0}" -gt 0 ]; then + find /tmp -maxdepth 1 -name "mysql_analysis_*" -exec rm -f {} \; 2>/dev/null + print_success "Removed $mysql_reports MySQL analysis reports" + fi + + # Remove system health reports + local health_reports=$(find /tmp -maxdepth 1 -name "system_health_report_*" 2>/dev/null | wc -l) + if [ "${health_reports:-0}" -gt 0 ]; then + find /tmp -maxdepth 1 -name "system_health_report_*" -exec rm -f {} \; 2>/dev/null + print_success "Removed $health_reports system health reports" + fi + + # Remove network bandwidth reports + local network_reports=$(find /tmp -maxdepth 1 -name "network_bandwidth_report_*" 2>/dev/null | wc -l) + if [ "${network_reports:-0}" -gt 0 ]; then + find /tmp -maxdepth 1 -name "network_bandwidth_report_*" -exec rm -f {} \; 2>/dev/null + print_success "Removed $network_reports network bandwidth reports" + fi + + # Remove hardware health reports + local hardware_reports=$(find /tmp -maxdepth 1 -name "hardware_health_report_*" 2>/dev/null | wc -l) + if [ "${hardware_reports:-0}" -gt 0 ]; then + find /tmp -maxdepth 1 -name "hardware_health_report_*" -exec rm -f {} \; 2>/dev/null + print_success "Removed $hardware_reports hardware health reports" + fi + + # Clear any other toolkit temp files + rm -f /tmp/toolkit_* 2>/dev/null + + # Clear ALL cache and temporary files + rm -f /tmp/*.cache /tmp/*_cache 2>/dev/null + rm -f /root/server-toolkit/*.cache /root/server-toolkit/*_cache 2>/dev/null + print_success "Removed all cache files" + + # Clear in-memory environment variables to force fresh detection + # Clear ALL SYS_* variables + for var in $(compgen -e | grep "^SYS_"); do + unset "$var" + done + print_success "Cleared all SYS_* environment variables" + + # Unset all functions from the libraries to force reload + unset -f initialize_system_detection 2>/dev/null + unset -f detect_control_panel 2>/dev/null + unset -f get_user_domains 2>/dev/null + unset -f select_user_interactive 2>/dev/null + unset -f list_all_users 2>/dev/null + print_success "Cleared all toolkit function definitions" + + echo "" + print_success "Cleanup complete! System reset to blank slate." + echo "" + print_info "Re-initializing system detection and reloading ALL libraries..." + + # Force re-source ALL libraries with fresh detection + source "$LIB_DIR/common-functions.sh" + source "$LIB_DIR/system-detect.sh" + source "$LIB_DIR/user-manager.sh" + source "$LIB_DIR/reference-db.sh" + + echo "" + echo "Fresh detection complete:" + echo " • Control Panel: $SYS_CONTROL_PANEL $SYS_CONTROL_PANEL_VERSION" + echo " • OS: $SYS_OS_TYPE $SYS_OS_VERSION" + echo " • Web Server: $SYS_WEB_SERVER $SYS_WEB_SERVER_VERSION" + echo " • Database: $SYS_DB_TYPE $SYS_DB_VERSION" + echo "" + + # Test that domain detection works + print_info "Testing domain detection..." + test_domains=$(get_user_domains "pickledperil" 2>/dev/null) + if [ -n "$test_domains" ]; then + echo " • Domain detection: WORKING (found: $test_domains)" + else + echo " • Domain detection: FAILED - still broken!" + fi + echo "" + + read -p "Press Enter to continue..." +} + +# Configuration editor +edit_config() { + show_banner + echo -e "${BOLD}⚙️ Configuration Editor${NC}" + echo "" + + local config_file="$CONFIG_DIR/settings.conf" + + if [ ! -f "$config_file" ]; then + echo "Creating default configuration..." + mkdir -p "$CONFIG_DIR" + cat > "$config_file" << 'EOF' +# Server Management Toolkit Configuration + +# ============================================================================ +# SYSTEM PATHS +# ============================================================================ +# Apache log directory +LOG_DIR="/var/log/apache2/domlogs" + +# cPanel home directory +CPANEL_HOME="/home" + +# WordPress installations base pattern +WP_BASE="/home/*/public_html" + +# ============================================================================ +# SECURITY DEFAULTS +# ============================================================================ +# Default time range for quick scans (hours) +QUICK_SCAN_HOURS=1 + +# Auto-apply blocklists (yes/no) +AUTO_BLOCK=no + +# Maximum threat score before auto-block (0-100) +AUTO_BLOCK_THRESHOLD=80 + +# ============================================================================ +# WORDPRESS DEFAULTS +# ============================================================================ +# Auto-backup before mass operations (yes/no) +WP_AUTO_BACKUP=yes + +# WP-CLI path +WPCLI_PATH="/usr/local/bin/wp" + +# Max sites to process in parallel +WP_MAX_PARALLEL=5 + +# ============================================================================ +# PERFORMANCE MONITORING +# ============================================================================ +# CPU usage alert threshold (%) +CPU_ALERT_THRESHOLD=80 + +# Memory usage alert threshold (%) +MEM_ALERT_THRESHOLD=90 + +# Disk usage alert threshold (%) +DISK_ALERT_THRESHOLD=85 + +# Load average alert threshold +LOAD_ALERT_THRESHOLD=5.0 + +# ============================================================================ +# NOTIFICATIONS +# ============================================================================ +# Email for critical alerts +ALERT_EMAIL="" + +# Slack webhook URL (optional) +SLACK_WEBHOOK="" + +# Pushover API token (optional) +PUSHOVER_TOKEN="" + +# ============================================================================ +# BACKUP SETTINGS +# ============================================================================ +# Backup retention days +BACKUP_RETENTION_DAYS=30 + +# Backup destination +BACKUP_DEST="/backup" + +# Compress backups (yes/no) +BACKUP_COMPRESS=yes + +# ============================================================================ +# WHITELISTS & EXCLUSIONS +# ============================================================================ +# Whitelist file for IPs +WHITELIST_IP_FILE="$CONFIG_DIR/whitelist-ips.txt" + +# Whitelist file for User-Agents +WHITELIST_UA_FILE="$CONFIG_DIR/whitelist-user-agents.txt" + +# Accounts to exclude from operations +EXCLUDE_ACCOUNTS="root cpanel" + +# ============================================================================ +# LOGGING +# ============================================================================ +# Log all toolkit operations (yes/no) +ENABLE_LOGGING=yes + +# Toolkit log file +TOOLKIT_LOG="$BASE_DIR/logs/toolkit.log" +EOF + fi + + if command -v nano >/dev/null 2>&1; then + nano "$config_file" + elif command -v vi >/dev/null 2>&1; then + vi "$config_file" + else + echo "No editor found. Configuration file:" + echo "$config_file" + fi + + # Reload config + [ -f "$config_file" ] && source "$config_file" + + read -p "Press Enter to continue..." +} + + +# Initialize +init_directories() { + # Create module category directories + mkdir -p "$MODULES_DIR"/{security,wordpress,performance,backup,monitoring,troubleshooting,reporting} + mkdir -p "$LIB_DIR" "$CONFIG_DIR" "$BASE_DIR/logs" + + # Create config if it doesn't exist + if [ ! -f "$CONFIG_DIR/settings.conf" ]; then + edit_config + fi + + # Load config + [ -f "$CONFIG_DIR/settings.conf" ] && source "$CONFIG_DIR/settings.conf" + + # Create default whitelists + touch "$CONFIG_DIR/whitelist-ips.txt" 2>/dev/null + touch "$CONFIG_DIR/whitelist-user-agents.txt" 2>/dev/null +} + +# Security submenu handler +# Security submenu handler - Main router +handle_security_menu() { + while true; do + show_security_menu + read -r choice + + case $choice in + 1) handle_security_analysis_menu ;; + 2) handle_security_actions_menu ;; + 3) handle_live_monitoring_menu ;; + 4) run_module "security" "active-threats-viewer.sh" ;; + 5) run_module "security" "security-summary.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Security Analysis Menu Handler +handle_security_analysis_menu() { + while true; do + show_security_analysis_menu + read -r choice + + case $choice in + 1) run_module "security" "malware-scanner.sh" ;; + 2) handle_bot_analysis_menu ;; + 3) handle_auth_analysis_menu ;; + 4) handle_webapp_analysis_menu ;; + 5) handle_firewall_analysis_menu ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Security Actions Menu Handler +handle_security_actions_menu() { + while true; do + show_security_actions_menu + read -r choice + + case $choice in + 1) handle_auth_protection_menu ;; + 2) handle_threat_blocking_menu ;; + 3) handle_firewall_management_menu ;; + 4) handle_webapp_hardening_menu ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Live Monitoring Menu Handler +handle_live_monitoring_menu() { + while true; do + show_live_monitoring_menu + read -r choice + + case $choice in + 1) run_module "security" "live-attack-monitor.sh" ;; + 2) run_module "security" "ssh-attack-monitor.sh" ;; + 3) run_module "security" "web-traffic-monitor.sh" ;; + 4) run_module "security" "firewall-activity-monitor.sh" ;; + 5) run_module "security" "tail-apache-access.sh" ;; + 6) run_module "security" "tail-apache-error.sh" ;; + 7) run_module "security" "tail-mail-log.sh" ;; + 8) run_module "security" "tail-secure-log.sh" ;; + 9) + show_banner + echo -e "${BOLD}Custom Log Monitor${NC}" + read -p "Enter log file path: " logpath + [ -n "$logpath" ] && run_module "security" "tail-custom-log.sh" "$logpath" + ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Bot & Traffic Analysis Handler (ANALYSIS) +handle_bot_analysis_menu() { + while true; do + show_bot_analysis_menu + read -r choice + + case $choice in + 1) run_module "security" "bot-analyzer.sh" ;; + 2) run_module "security" "bot-analyzer.sh" -H "${QUICK_SCAN_HOURS:-1}" ;; + 3) run_module "security" "live-monitor.sh" ;; + 4) run_module "security" "ip-reputation-manager.sh" ;; + 5) + show_banner + echo -e "${BOLD}IP Lookup & Investigation${NC}" + read -p "Enter IP address: " ip + [ -n "$ip" ] && run_module "security" "ip-lookup.sh" "$ip" + ;; + 6) run_module "security" "ddos-detector.sh" ;; + 7) run_module "security" "traffic-pattern-analysis.sh" ;; + 8) run_module "security" "user-agent-analysis.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Authentication Analysis Handler (ANALYSIS) +handle_auth_analysis_menu() { + while true; do + show_auth_analysis_menu + read -r choice + + case $choice in + 1) run_module "security" "ssh-brute-force-analyzer.sh" ;; + 2) run_module "security" "ssh-config-audit.sh" ;; + 3) run_module "security" "root-login-analyzer.sh" ;; + 4) run_module "security" "failed-login-patterns.sh" ;; + 5) run_module "security" "cpanel-login-analysis.sh" ;; + 6) run_module "security" "whm-login-analysis.sh" ;; + 7) run_module "security" "ftp-login-analysis.sh" ;; + 8) run_module "security" "email-auth-failures.sh" ;; + 9) run_module "security" "dovecot-security-audit.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Web Application Analysis Handler (ANALYSIS) +handle_webapp_analysis_menu() { + while true; do + show_webapp_analysis_menu + read -r choice + + case $choice in + 1) run_module "security" "wp-security-scan.sh" ;; + 2) run_module "security" "sqli-detector.sh" ;; + 3) run_module "security" "xss-detector.sh" ;; + 4) run_module "security" "permission-audit.sh" ;; + 5) run_module "security" "ssl-security-audit.sh" ;; + 6) run_module "security" "modsecurity-status.sh" ;; + 7) run_module "security" "apache-security-audit.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Firewall & Network Analysis Handler (ANALYSIS) +handle_firewall_analysis_menu() { + while true; do + show_firewall_analysis_menu + read -r choice + + case $choice in + 1) run_module "security" "csf-status.sh" ;; + 2) run_module "security" "csf-view-allowed.sh" ;; + 3) run_module "security" "csf-view-blocked.sh" ;; + 4) run_module "security" "csf-recent-activity.sh" ;; + 5) run_module "security" "port-scanner.sh" ;; + 6) run_module "security" "port-security-audit.sh" ;; + 7) run_module "security" "connection-analysis.sh" ;; + 8) run_module "security" "network-interface-stats.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Authentication Protection Handler (ACTIONS) +handle_auth_protection_menu() { + while true; do + show_auth_protection_menu + read -r choice + + case $choice in + 1) run_module "security" "enable-cphulk.sh" ;; + 2) run_module "security" "cphulk-configure.sh" ;; + 3) run_module "security" "cphulk-view-blocked.sh" ;; + 4) + show_banner + echo -e "${BOLD}Unblock IP Address${NC}" + read -p "Enter IP address to unblock: " ip + [ -n "$ip" ] && run_module "security" "cphulk-unblock.sh" "$ip" + ;; + 5) + show_banner + echo -e "${BOLD}Add IP to cPHulk Whitelist${NC}" + read -p "Enter IP address to whitelist: " ip + [ -n "$ip" ] && run_module "security" "cphulk-whitelist-add.sh" "$ip" + ;; + 6) run_module "security" "ssh-disable-root-login.sh" ;; + 7) run_module "security" "ssh-configure-port.sh" ;; + 8) run_module "security" "ssh-setup-key-auth.sh" ;; + 9) run_module "security" "smtp-enable-auth.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Threat Blocking Handler (ACTIONS) +handle_threat_blocking_menu() { + while true; do + show_threat_blocking_menu + read -r choice + + case $choice in + 1) + show_banner + echo -e "${BOLD}Block IP Address${NC}" + read -p "Enter IP address to block: " ip + [ -n "$ip" ] && run_module "security" "csf-block-ip.sh" "$ip" + ;; + 2) + show_banner + echo -e "${BOLD}Block IP Range (CIDR)${NC}" + read -p "Enter CIDR range (e.g., 192.168.1.0/24): " cidr + [ -n "$cidr" ] && run_module "security" "csf-block-cidr.sh" "$cidr" + ;; + 3) + show_banner + echo -e "${BOLD}Block Country${NC}" + read -p "Enter country code (e.g., CN, RU): " country + [ -n "$country" ] && run_module "security" "csf-block-country.sh" "$country" + ;; + 4) + show_banner + echo -e "${BOLD}Unblock IP Address${NC}" + read -p "Enter IP address to unblock: " ip + [ -n "$ip" ] && run_module "security" "csf-unblock-ip.sh" "$ip" + ;; + 5) run_module "security" "auto-block-threats.sh" ;; + 6) run_module "security" "enable-lfd.sh" ;; + 7) run_module "security" "configure-block-thresholds.sh" ;; + 8) + show_banner + echo -e "${BOLD}Add IP to Whitelist${NC}" + read -p "Enter IP address to whitelist: " ip + [ -n "$ip" ] && run_module "security" "csf-allow-ip.sh" "$ip" + ;; + 9) run_module "security" "manage-whitelist.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Firewall Management Handler (ACTIONS) +handle_firewall_management_menu() { + while true; do + show_firewall_management_menu + read -r choice + + case $choice in + 1) run_module "security" "csf-enable-disable.sh" ;; + 2) run_module "security" "csf-restart.sh" ;; + 3) run_module "security" "csf-configure.sh" ;; + 4) run_module "security" "csf-test-config.sh" ;; + 5) + show_banner + echo -e "${BOLD}Open Port${NC}" + read -p "Enter port number to open: " port + [ -n "$port" ] && run_module "security" "csf-open-port.sh" "$port" + ;; + 6) + show_banner + echo -e "${BOLD}Close Port${NC}" + read -p "Enter port number to close: " port + [ -n "$port" ] && run_module "security" "csf-close-port.sh" "$port" + ;; + 7) run_module "security" "csf-configure-port-ranges.sh" ;; + 8) run_module "security" "csf-configure-ct-limit.sh" ;; + 9) run_module "security" "csf-configure-synflood.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Web Application Hardening Handler (ACTIONS) +handle_webapp_hardening_menu() { + while true; do + show_webapp_hardening_menu + read -r choice + + case $choice in + 1) run_module "security" "ssl-install-cert.sh" ;; + 2) run_module "security" "ssl-force-https.sh" ;; + 3) run_module "security" "ssl-configure-ciphers.sh" ;; + 4) run_module "security" "modsecurity-enable.sh" ;; + 5) run_module "security" "modsecurity-install-owasp.sh" ;; + 6) run_module "security" "modsecurity-configure.sh" ;; + 7) run_module "security" "fix-file-permissions.sh" ;; + 8) run_module "security" "fix-file-ownership.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# WordPress submenu handler +handle_wordpress_menu() { + while true; do + show_wordpress_menu + read -r choice + + case $choice in + 1) run_module "website" "website-error-analyzer.sh" ;; + 2) run_module "website" "500-error-tracker.sh" ;; + 3) bash "$MODULES_DIR/website/wordpress-menu.sh" ;; + 4|5) + echo "" + print_warning "This CMS management feature is coming soon!" + echo "" + read -p "Press Enter to continue..." + ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# WP Health & Maintenance submenu handler +handle_wp_health_menu() { + while true; do + show_wp_health_menu + read -r choice + + case $choice in + 1) run_module "wordpress" "wp-health-check.sh" ;; + 2) run_module "wordpress" "wp-db-optimizer.sh" ;; + 3) run_module "wordpress" "wp-cache-clear.sh" ;; + 4) run_module "wordpress" "wp-plugin-audit.sh" ;; + 5) run_module "wordpress" "wp-theme-audit.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# WP-Cron Management submenu handler +handle_wp_cron_menu() { + while true; do + show_wp_cron_menu + read -r choice + + case $choice in + 1) run_module "wordpress" "wp-cron-status.sh" ;; + 2) run_module "wordpress" "wp-cron-mass-fix.sh" ;; + 3) run_module "wordpress" "wp-cron-mass-create.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Mass Updates submenu handler +handle_wp_updates_menu() { + while true; do + show_wp_updates_menu + read -r choice + + case $choice in + 1) run_module "wordpress" "wp-mass-update-core.sh" ;; + 2) run_module "wordpress" "wp-mass-update-plugins.sh" ;; + 3) run_module "wordpress" "wp-mass-update-themes.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Security & Compliance submenu handler +handle_wp_security_menu() { + while true; do + show_wp_security_menu + read -r choice + + case $choice in + 1) run_module "wordpress" "wp-malware-scanner.sh" ;; + 2) run_module "wordpress" "wp-permission-fixer.sh" ;; + 3) run_module "wordpress" "wp-login-security.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Loadwatch analyzer handler with time range selection +handle_loadwatch_analyzer() { + show_banner + echo -e "${MAGENTA}${BOLD}📊 Loadwatch Health Analyzer${NC}" + echo "" + echo -e "Select time range for analysis:" + echo "" + echo -e " ${CYAN}1)${NC} Last 1 Hour - Recent system activity" + echo -e " ${CYAN}2)${NC} Last 6 Hours - Mid-term trending" + echo -e " ${CYAN}3)${NC} Last 24 Hours - Full day analysis" + echo -e " ${CYAN}4)${NC} Last 7 Days - Weekly patterns" + echo -e " ${CYAN}5)${NC} Last 30 Days - Monthly overview" + echo "" + echo -e " ${RED}0)${NC} Back" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select time range: " + + read -r range_choice + + case $range_choice in + 1) run_module "diagnostics" "loadwatch-analyzer.sh" "-r" "1h" ;; + 2) run_module "diagnostics" "loadwatch-analyzer.sh" "-r" "6h" ;; + 3) run_module "diagnostics" "loadwatch-analyzer.sh" "-r" "24h" ;; + 4) run_module "diagnostics" "loadwatch-analyzer.sh" "-r" "7d" ;; + 5) run_module "diagnostics" "loadwatch-analyzer.sh" "-r" "30d" ;; + 0) return ;; + *) + echo -e "${RED}Invalid option${NC}" + sleep 1 + ;; + esac +} + +# Performance submenu handler +handle_performance_menu() { + while true; do + show_performance_menu + read -r choice + + case $choice in + 1) run_module "performance" "mysql-query-analyzer.sh" ;; + 2) run_module "performance" "network-bandwidth-analyzer.sh" ;; + 3) run_module "performance" "connection-monitor.sh" ;; + 4) run_module "performance" "hardware-health-check.sh" ;; + 5) run_module "performance" "disk-io-analyzer.sh" ;; + 6) run_module "performance" "resource-monitor.sh" ;; + 7) run_module "performance" "apache-performance.sh" ;; + 8) run_module "performance" "php-fpm-monitor.sh" ;; + 9) run_module "performance" "php-optimizer.sh" ;; + 10) run_module "performance" "log-analyzer.sh" ;; + 11) handle_loadwatch_analyzer ;; + 12) run_module "performance" "email-queue-monitor.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Backup submenu handler +handle_backup_menu() { + while true; do + show_backup_menu + read -r choice + + case $choice in + 1) run_module "backup" "auto-backup.sh" ;; + 2) run_module "backup" "selective-backup.sh" ;; + 3) run_module "backup" "restore-helper.sh" ;; + 4) run_module "backup" "database-backup.sh" ;; + 5) run_module "backup" "config-backup.sh" ;; + 6) run_module "backup" "log-archive.sh" ;; + 7) run_module "backup" "backup-verification.sh" ;; + 8) run_module "backup" "offsite-sync.sh" ;; + 9) handle_acronis_menu ;; + 10) run_module "maintenance" "cleanup-toolkit-data.sh" ;; + 11) run_module "backup" "mysql-restore-to-sql.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Monitoring submenu handler +handle_monitoring_menu() { + while true; do + show_monitoring_menu + read -r choice + + case $choice in + 1) run_module "monitoring" "service-status-monitor.sh" ;; + 2) run_module "monitoring" "uptime-tracker.sh" ;; + 3) run_module "monitoring" "error-log-watcher.sh" ;; + 4) run_module "monitoring" "disk-space-alerts.sh" ;; + 5) run_module "monitoring" "ssl-expiration-monitor.sh" ;; + 6) run_module "monitoring" "security-alert-dashboard.sh" ;; + 7) run_module "monitoring" "email-delivery-monitor.sh" ;; + 8) run_module "monitoring" "dns-monitor.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Reporting submenu handler +handle_reporting_menu() { + while true; do + show_reporting_menu + read -r choice + + case $choice in + 1) run_module "reporting" "security-report-viewer.sh" ;; + 2) run_module "reporting" "performance-summary.sh" ;; + 3) run_module "reporting" "traffic-analytics.sh" ;; + 4) run_module "reporting" "account-usage-report.sh" ;; + 5) run_module "reporting" "system-health-dashboard.sh" ;; + 6) run_module "reporting" "custom-report-builder.sh" ;; + 7) run_module "reporting" "export-to-pdf.sh" ;; + 0) return ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; + esac + done +} + +# Main loop +startup_detection() { + # Build/update reference database if needed + if ! db_is_fresh; then + clear + print_banner "Server Management Toolkit - Initializing" + echo "" + print_info "Detecting server configuration (first-time setup)..." + echo "" + + # Build reference database (this also runs system detection) + build_reference_database + + echo "" + print_section "Detection Summary" + echo "" + + # Show what was detected + echo -e "${BOLD}System:${NC}" + echo " Control Panel: $SYS_CONTROL_PANEL $SYS_CONTROL_PANEL_VERSION" + echo " OS: $SYS_OS_TYPE $SYS_OS_VERSION" + echo " Web Server: $SYS_WEB_SERVER $SYS_WEB_SERVER_VERSION" + echo " Database: $SYS_DB_TYPE $SYS_DB_VERSION" + echo "" + + # Count stats from reference database + local user_count=$(grep -c "^USER|" "$SYSREF_DB" 2>/dev/null || echo 0) + local domain_count=$(grep -c "^DOMAIN|" "$SYSREF_DB" 2>/dev/null || echo 0) + local local_domains=$(grep -c "|local$" "$SYSREF_DB" 2>/dev/null || echo 0) + local remote_domains=$(grep -c "|remote$" "$SYSREF_DB" 2>/dev/null || echo 0) + local db_count=$(grep -c "^DB|" "$SYSREF_DB" 2>/dev/null || echo 0) + local wp_count=$(grep -c "^WP|" "$SYSREF_DB" 2>/dev/null || echo 0) + + echo -e "${BOLD}Server Content:${NC}" + echo " Users: $user_count" + echo " Domains: $domain_count total" + echo " - Local domains: $local_domains" + echo " - Remote MX domains: $remote_domains" + echo " Databases: $db_count" + echo " WordPress Sites: $wp_count" + echo "" + + print_success "Server detection complete!" + echo "" + echo "This information is cached for 1 hour." + echo "Use 'Cleanup/Reset' (option 8) to force fresh detection." + echo "" + + read -p "Press Enter to continue..." + fi +} + +main() { + init_directories + startup_detection + + while true; do + show_main_menu + read -r choice + + case $choice in + 1) run_module "diagnostics" "system-health-check.sh" ;; + 2) handle_security_menu ;; + 3) handle_wordpress_menu ;; + 4) handle_performance_menu ;; + 5) handle_backup_menu ;; + 6) handle_monitoring_menu ;; + 7) handle_reporting_menu ;; + 8) cleanup_all_data ;; + 9) edit_config ;; + 10) bash "$BASE_DIR/tools/erase-toolkit-traces.sh" ;; + 0) + echo "" + read -p "Clean history and remove traces? (yes/no): " clean_hist + + if [ "$clean_hist" = "yes" ]; then + # Signal wrapper script to do cleanup + touch /tmp/.cleanup_requested + echo "" + echo "Cleanup will happen automatically..." + echo "" + else + echo "" + echo -e "${GREEN}Thanks for using Server Management Toolkit!${NC}" + echo "" + fi + exit 0 + ;; + *) + echo -e "${RED}Invalid option${NC}" + sleep 1 + ;; + esac + done +} + +main "$@" diff --git a/launcher.sh b/launcher.sh index a0776ca..396fb2c 100755 --- a/launcher.sh +++ b/launcher.sh @@ -2,20 +2,15 @@ ############################################################################# # Server Management Toolkit - Main Launcher -# Version: 2.0 +# Version: 2.1 # -# Comprehensive cPanel/Linux server management suite -# - Security & Bot Analysis -# - WordPress Management -# - System Performance & Diagnostics -# - Backup & Maintenance -# - Monitoring & Alerts +# Streamlined menu showing only implemented features ############################################################################# set -eo pipefail # Configuration -SUITE_VERSION="2.0.0" +SUITE_VERSION="2.1.0" BASE_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)" MODULES_DIR="$BASE_DIR/modules" LIB_DIR="$BASE_DIR/lib" @@ -27,7 +22,7 @@ source "$LIB_DIR/system-detect.sh" source "$LIB_DIR/user-manager.sh" source "$LIB_DIR/reference-db.sh" -# Color codes (already defined in common-functions.sh but keeping for backward compat) +# Color codes RED='\033[0;31m' YELLOW='\033[1;33m' GREEN='\033[0;32m' @@ -47,24 +42,15 @@ show_banner() { echo "" } -# Check if module exists locally -module_exists() { - local category="$1" - local module="$2" - [ -f "$MODULES_DIR/$category/$module" ] && [ -x "$MODULES_DIR/$category/$module" ] -} - - # Run a module run_module() { local category="$1" local module="$2" - shift 2 # Remove category and module, pass remaining args + shift 2 - if ! module_exists "$category" "$module"; then + if [ ! -f "$MODULES_DIR/$category/$module" ]; then echo "" echo -e "${RED}✗ Module not found: $category/$module${NC}" - echo -e "${YELLOW}This module hasn't been created yet.${NC}" echo "" read -p "Press Enter to continue..." return 1 @@ -74,8 +60,6 @@ run_module() { echo -e "${CYAN}Launching: $category/$module${NC}" echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - # Clear SYS_* variables before launching module to force fresh detection - # This ensures modules always get correct system info even if launcher has stale data ( for var in $(compgen -e | grep "^SYS_"); do unset "$var" @@ -83,6 +67,7 @@ run_module() { "$MODULES_DIR/$category/$module" "$@" ) local exit_code=$? + echo "" echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" if [ "${exit_code:-0}" -eq 0 ]; then @@ -94,28 +79,27 @@ run_module() { read -p "Press Enter to continue..." } -# Main menu +############################################################################# +# MAIN MENU +############################################################################# + show_main_menu() { show_banner echo -e "${BOLD}Quick Diagnostics:${NC}" echo "" - echo -e " ${MAGENTA}${BOLD}1)${NC} 🏥 System Health Check - Quick diagnosis of server issues" + echo -e " ${MAGENTA}1)${NC} 🏥 System Health Check - Full server diagnostics" echo "" echo -e "${BOLD}Main Categories:${NC}" echo "" - echo -e " ${GREEN}2)${NC} 🛡️ Security & Threat Analysis" - echo -e " ${BLUE}3)${NC} 🌐 Website Management - WordPress, Joomla, Drupal, etc." - echo -e " ${MAGENTA}4)${NC} 🔧 Performance & Diagnostics - MySQL, Network, Hardware, Logs" + echo -e " ${GREEN}2)${NC} 🛡️ Security & Monitoring" + echo -e " ${BLUE}3)${NC} 🌐 Website Diagnostics" + echo -e " ${MAGENTA}4)${NC} 🔧 Performance Analysis" echo -e " ${YELLOW}5)${NC} 💾 Backup & Recovery" - echo -e " ${CYAN}6)${NC} 🔍 Monitoring & Alerts" - echo -e " ${GREEN}7)${NC} 📈 Reporting & Analytics" echo "" echo -e "${BOLD}System:${NC}" echo "" - echo -e " ${YELLOW}8)${NC} 🗑️ Cleanup / Reset - Clear all learned data" - echo -e " ${YELLOW}9)${NC} ⚙️ Configuration" - echo -e " ${RED}10)${NC} 🔥 Erase All Traces - Remove toolkit from history/logs" + echo -e " ${YELLOW}6)${NC} 🗑️ Cleanup Toolkit Data - Clear cached data" echo "" echo -e " ${RED}0)${NC} Exit" echo "" @@ -123,21 +107,39 @@ show_main_menu() { echo -n "Select option: " } -# Security menu - Main split: Analysis / Actions / Live +############################################################################# +# SECURITY & MONITORING +############################################################################# + show_security_menu() { show_banner - echo -e "${GREEN}${BOLD}🛡️ Security & Threat Analysis${NC}" + echo -e "${GREEN}${BOLD}🛡️ Security & Monitoring${NC}" echo "" - echo -e "${BOLD}Choose Mode:${NC}" + echo -e "${BOLD}Threat Analysis:${NC}" echo "" - echo -e " ${CYAN}1)${NC} 🔍 Analysis & Troubleshooting → Diagnose, investigate, detect threats" - echo -e " ${YELLOW}2)${NC} ⚡ Security Actions & Fixes → Enable protection, block threats, configure" - echo -e " ${MAGENTA}3)${NC} 📡 Live Monitoring & Alerts → Real-time threat tracking & dashboards" + echo -e " ${CYAN}1)${NC} 🤖 Bot & Traffic Analyzer - Full analysis (all logs)" + echo -e " ${CYAN}2)${NC} 🤖 Quick Scan (1 hour) - Recent activity only" + echo -e " ${CYAN}3)${NC} 📊 IP Reputation Manager - Query/manage IP database" + echo -e " ${CYAN}4)${NC} 🦠 Malware Scanner - ImunifyAV, ClamAV, Maldet" echo "" - echo -e "${BOLD}Quick Views:${NC}" + echo -e "${BOLD}Live Monitoring:${NC}" echo "" - echo -e " ${GREEN}4)${NC} 🚨 Active Threats Dashboard - Current attacks summary" - echo -e " ${GREEN}5)${NC} 📊 Security Summary Report - Overall security posture" + echo -e " ${MAGENTA}5)${NC} 📡 Live Attack Monitor - Unified threat intelligence" + echo -e " ${MAGENTA}6)${NC} 🔐 SSH Attack Monitor - SSH brute force detection" + echo -e " ${MAGENTA}7)${NC} 🌐 Web Traffic Monitor - HTTP attack detection" + echo -e " ${MAGENTA}8)${NC} 🔥 Firewall Activity Monitor - CSF/iptables monitoring" + echo "" + echo -e "${BOLD}Log Viewers:${NC}" + echo "" + echo -e " ${CYAN}9)${NC} Tail Apache Access Log - Live web access" + echo -e " ${CYAN}10)${NC} Tail Apache Error Log - Live web errors" + echo -e " ${CYAN}11)${NC} Tail Mail Log - Live email activity" + echo -e " ${CYAN}12)${NC} Tail Security Log - Live auth attempts" + echo "" + echo -e "${BOLD}Security Actions:${NC}" + echo "" + echo -e " ${YELLOW}13)${NC} 🔒 Enable cPHulk Protection - Brute force protection" + echo -e " ${YELLOW}14)${NC} ⚙️ Optimize CT_LIMIT - Connection tracking tuning" echo "" echo -e " ${RED}0)${NC} Back to Main Menu" echo "" @@ -145,1221 +147,125 @@ show_security_menu() { echo -n "Select option: " } -# Live Monitoring submenu -show_live_monitoring_menu() { - show_banner - echo -e "${MAGENTA}${BOLD}📡 Live Monitoring & Alerts${NC}" - echo "" - echo -e "${BOLD}🛡️ Intelligent Monitoring:${NC}" - echo "" - echo -e " ${MAGENTA}1)${NC} ${BOLD}Live Attack Monitor${NC} - Unified threat intelligence" - echo -e " ${DIM}├─ Monitors: Web, SSH, Firewall, cPHulk, Network (SYN floods)${NC}" - echo -e " ${DIM}├─ Features: Threat scoring, bot detection, attack classification${NC}" - echo -e " ${DIM}└─ Quick Actions: IP blocking, ban management${NC}" - echo "" - echo -e "${BOLD}📋 Simple Log Viewers (No Intelligence):${NC}" - echo "" - echo -e " ${MAGENTA}2)${NC} SSH Log Tail - Raw SSH auth attempts (/var/log/secure)" - echo -e " ${MAGENTA}3)${NC} Web Traffic Tail - Raw Apache access logs" - echo -e " ${MAGENTA}4)${NC} Firewall Log Tail - Raw firewall events" - echo "" - echo -e "${BOLD}Log Tailing:${NC}" - echo "" - echo -e " ${MAGENTA}5)${NC} Tail Apache Access Log - Live web access (all domains)" - echo -e " ${MAGENTA}6)${NC} Tail Apache Error Log - Live web errors" - echo -e " ${MAGENTA}7)${NC} Tail Mail Log - Live email activity" - echo -e " ${MAGENTA}8)${NC} Tail Security Log - Live auth attempts (/var/log/secure)" - echo "" - echo -e "${BOLD}Advanced:${NC}" - echo "" - echo -e " ${MAGENTA}9)${NC} Custom Log Monitor - Tail custom log file" - echo "" - echo -e " ${RED}0)${NC} Back to Security Menu" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# Security Analysis submenu -show_security_analysis_menu() { - show_banner - echo -e "${CYAN}${BOLD}🔍 Security Analysis & Troubleshooting${NC}" - echo "" - echo -e "${BOLD}Analysis Categories:${NC}" - echo "" - echo -e " ${CYAN}1)${NC} 🦠 Malware Scanner → Full malware detection (ImunifyAV, ClamAV, Maldet)" - echo -e " ${CYAN}2)${NC} 🤖 Bot & Traffic Analysis → Analyze attack patterns, bots, DDoS" - echo -e " ${CYAN}3)${NC} 🔐 Authentication Analysis → SSH, cPanel, FTP, Email login attempts" - echo -e " ${CYAN}4)${NC} 🌐 Web Application Analysis → Website security, vulnerabilities" - echo -e " ${CYAN}5)${NC} 🔥 Firewall & Network Review → CSF, ports, connections" - echo "" - echo -e " ${RED}0)${NC} Back to Security Menu" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# Security Actions submenu -show_security_actions_menu() { - show_banner - echo -e "${YELLOW}${BOLD}⚡ Security Actions & Fixes${NC}" - echo "" - echo -e "${BOLD}Action Categories:${NC}" - echo "" - echo -e " ${YELLOW}1)${NC} 🔐 Authentication Protection → Enable cPHulk, configure login security" - echo -e " ${YELLOW}2)${NC} 🚫 Threat Blocking & Banning → Block IPs, auto-ban, whitelist management" - echo -e " ${YELLOW}3)${NC} 🔥 Firewall Management → CSF configuration, rules, ports" - echo -e " ${YELLOW}4)${NC} 🌐 Web Application Hardening → SSL, permissions, ModSecurity" - echo "" - echo -e " ${RED}0)${NC} Back to Security Menu" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# Bot & Traffic Analysis submenu (ANALYSIS SIDE) -show_bot_analysis_menu() { - show_banner - echo -e "${CYAN}${BOLD}🤖 Bot & Traffic Analysis${NC}" - echo "" - echo -e "${BOLD}Detection & Investigation:${NC}" - echo "" - echo -e " ${CYAN}1)${NC} Full Bot Analysis - Complete scan (all logs)" - echo -e " ${CYAN}2)${NC} Quick Scan (1 hour) - Recent activity only" - echo -e " ${CYAN}3)${NC} Live Monitor - Real-time threat tracking" - echo -e " ${CYAN}4)${NC} IP Reputation Manager - Query/manage IP database (NEW!)" - echo -e " ${CYAN}5)${NC} IP Lookup & Investigation - Deep-dive on specific IP" - echo -e " ${CYAN}6)${NC} DDoS Pattern Detector - Identify DDoS attacks" - echo -e " ${CYAN}7)${NC} Traffic Pattern Analysis - Bandwidth & connection patterns" - echo -e " ${CYAN}8)${NC} User-Agent Analysis - Bot fingerprinting" - echo "" - echo -e " ${RED}0)${NC} Back to Analysis Menu" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# Authentication Analysis submenu (ANALYSIS SIDE) -show_auth_analysis_menu() { - show_banner - echo -e "${CYAN}${BOLD}🔐 Authentication Analysis${NC}" - echo "" - echo -e "${BOLD}SSH Analysis:${NC}" - echo "" - echo -e " ${CYAN}1)${NC} SSH Brute Force Analysis - Analyze SSH attack attempts" - echo -e " ${CYAN}2)${NC} SSH Configuration Audit - Check SSH security hardening" - echo -e " ${CYAN}3)${NC} Root Login Analysis - Review root access attempts" - echo -e " ${CYAN}4)${NC} Failed Login Patterns - Identify attack patterns" - echo "" - echo -e "${BOLD}cPanel/WHM Analysis:${NC}" - echo "" - echo -e " ${CYAN}5)${NC} cPanel Login Analysis - Review cPanel access attempts" - echo -e " ${CYAN}6)${NC} WHM Login Analysis - Review WHM access attempts" - echo -e " ${CYAN}7)${NC} FTP Login Analysis - Review FTP access attempts" - echo "" - echo -e "${BOLD}Email Authentication:${NC}" - echo "" - echo -e " ${CYAN}8)${NC} Email Auth Failures - SMTP/IMAP/POP3 failed logins" - echo -e " ${CYAN}9)${NC} Dovecot Security Audit - Email service security review" - echo "" - echo -e " ${RED}0)${NC} Back to Analysis Menu" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# Web Application Analysis submenu (ANALYSIS SIDE) -show_webapp_analysis_menu() { - show_banner - echo -e "${CYAN}${BOLD}🌐 Web Application Analysis${NC}" - echo "" - echo -e "${BOLD}Security Scanning:${NC}" - echo "" - echo -e " ${CYAN}1)${NC} WordPress Security Scan - WP-specific vulnerabilities" - echo -e " ${CYAN}2)${NC} SQL Injection Detector - Analyze for SQLi attempts" - echo -e " ${CYAN}3)${NC} XSS Attack Detector - Cross-site scripting analysis" - echo -e " ${CYAN}4)${NC} File Permission Audit - Insecure permissions scan" - echo "" - echo -e "${BOLD}Configuration Review:${NC}" - echo "" - echo -e " ${CYAN}5)${NC} SSL/TLS Security Audit - Certificate & config review" - echo -e " ${CYAN}6)${NC} ModSecurity Status - WAF configuration review" - echo -e " ${CYAN}7)${NC} Apache Security Audit - Web server security review" - echo "" - echo -e " ${RED}0)${NC} Back to Analysis Menu" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# Firewall & Network Analysis submenu (ANALYSIS SIDE) -show_firewall_analysis_menu() { - show_banner - echo -e "${CYAN}${BOLD}🔥 Firewall & Network Review${NC}" - echo "" - echo -e "${BOLD}Firewall Status:${NC}" - echo "" - echo -e " ${CYAN}1)${NC} CSF Status & Configuration - View firewall status" - echo -e " ${CYAN}2)${NC} View Allowed IPs - Show whitelist" - echo -e " ${CYAN}3)${NC} View Blocked IPs - Show blocklist" - echo -e " ${CYAN}4)${NC} Recent CSF Activity - Firewall event log" - echo "" - echo -e "${BOLD}Network Analysis:${NC}" - echo "" - echo -e " ${CYAN}5)${NC} Open Port Scanner - Check listening ports" - echo -e " ${CYAN}6)${NC} Port Security Audit - Identify risky open ports" - echo -e " ${CYAN}7)${NC} Connection Analysis - Active connections review" - echo -e " ${CYAN}8)${NC} Network Interface Stats - Bandwidth & error analysis" - echo "" - echo -e " ${RED}0)${NC} Back to Analysis Menu" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# Authentication Protection submenu (ACTIONS SIDE) -show_auth_protection_menu() { - show_banner - echo -e "${YELLOW}${BOLD}🔐 Authentication Protection${NC}" - echo "" - echo -e "${BOLD}cPHulk Brute Force Protection:${NC}" - echo "" - echo -e " ${YELLOW}1)${NC} Enable cPHulk Protection - Setup with CSF whitelist import" - echo -e " ${YELLOW}2)${NC} cPHulk Configuration - Adjust sensitivity & thresholds" - echo -e " ${YELLOW}3)${NC} View Blocked IPs - See currently blocked attackers" - echo -e " ${YELLOW}4)${NC} Unblock IP Address - Remove IP from blocklist" - echo -e " ${YELLOW}5)${NC} Add IP to Whitelist - Manually whitelist trusted IP" - echo "" - echo -e "${BOLD}SSH Hardening:${NC}" - echo "" - echo -e " ${YELLOW}6)${NC} Disable Root SSH Login - Enhance SSH security" - echo -e " ${YELLOW}7)${NC} Configure SSH Port - Change default SSH port" - echo -e " ${YELLOW}8)${NC} Setup SSH Key Auth - Disable password authentication" - echo "" - echo -e "${BOLD}Email Security:${NC}" - echo "" - echo -e " ${YELLOW}9)${NC} Enable SMTP Authentication - Require auth for outbound email" - echo "" - echo -e " ${RED}0)${NC} Back to Actions Menu" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# Threat Blocking submenu (ACTIONS SIDE) -show_threat_blocking_menu() { - show_banner - echo -e "${YELLOW}${BOLD}🚫 Threat Blocking & Banning${NC}" - echo "" - echo -e "${BOLD}IP Management:${NC}" - echo "" - echo -e " ${YELLOW}1)${NC} Block IP Address - Manually block specific IP" - echo -e " ${YELLOW}2)${NC} Block IP Range (CIDR) - Block entire subnet" - echo -e " ${YELLOW}3)${NC} Block Country - Geo-block entire country" - echo -e " ${YELLOW}4)${NC} Unblock IP Address - Remove IP from blocklist" - echo "" - echo -e "${BOLD}Automated Blocking:${NC}" - echo "" - echo -e " ${YELLOW}5)${NC} Auto-Block Detected Threats - Block IPs from analysis" - echo -e " ${YELLOW}6)${NC} Enable LFD Auto-Blocking - CSF Login Failure Daemon" - echo -e " ${YELLOW}7)${NC} Configure Block Thresholds - Adjust auto-block sensitivity" - echo "" - echo -e "${BOLD}Whitelist Management:${NC}" - echo "" - echo -e " ${YELLOW}8)${NC} Add IP to Whitelist - Allow trusted IP" - echo -e " ${YELLOW}9)${NC} Manage Whitelist - View/edit whitelist" - echo "" - echo -e " ${RED}0)${NC} Back to Actions Menu" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# Firewall Management submenu (ACTIONS SIDE) -show_firewall_management_menu() { - show_banner - echo -e "${YELLOW}${BOLD}🔥 Firewall Management${NC}" - echo "" - echo -e "${BOLD}CSF Configuration:${NC}" - echo "" - echo -e " ${YELLOW}1)${NC} Enable/Disable CSF - Start/stop firewall" - echo -e " ${YELLOW}2)${NC} Restart CSF - Apply configuration changes" - echo -e " ${YELLOW}3)${NC} Configure CSF Settings - Edit csf.conf" - echo -e " ${YELLOW}4)${NC} Test CSF Configuration - Validate config before restart" - echo "" - echo -e "${BOLD}Port Management:${NC}" - echo "" - echo -e " ${YELLOW}5)${NC} Open Port - Allow specific port" - echo -e " ${YELLOW}6)${NC} Close Port - Block specific port" - echo -e " ${YELLOW}7)${NC} Configure Port Ranges - Manage allowed port ranges" - echo "" - echo -e "${BOLD}Advanced:${NC}" - echo "" - echo -e " ${YELLOW}8)${NC} Configure Connection Tracking - CT_LIMIT settings" - echo -e " ${YELLOW}9)${NC} Configure SYN Flood Protection - SYNFLOOD settings" - echo "" - echo -e " ${RED}0)${NC} Back to Actions Menu" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# Web Application Hardening submenu (ACTIONS SIDE) -show_webapp_hardening_menu() { - show_banner - echo -e "${YELLOW}${BOLD}🌐 Web Application Hardening${NC}" - echo "" - echo -e "${BOLD}SSL/TLS Configuration:${NC}" - echo "" - echo -e " ${YELLOW}1)${NC} Install SSL Certificate - Let's Encrypt or custom" - echo -e " ${YELLOW}2)${NC} Force HTTPS Redirect - Redirect HTTP to HTTPS" - echo -e " ${YELLOW}3)${NC} Configure SSL Ciphers - Harden SSL/TLS configuration" - echo "" - echo -e "${BOLD}ModSecurity (WAF):${NC}" - echo "" - echo -e " ${YELLOW}4)${NC} Enable ModSecurity - Activate Web Application Firewall" - echo -e " ${YELLOW}5)${NC} Install OWASP Rules - Deploy OWASP Core Rule Set" - echo -e " ${YELLOW}6)${NC} Configure ModSecurity - Adjust WAF sensitivity" - echo "" - echo -e "${BOLD}File Permissions:${NC}" - echo "" - echo -e " ${YELLOW}7)${NC} Fix File Permissions - Set secure permissions (644/755)" - echo -e " ${YELLOW}8)${NC} Fix Ownership - Set correct user:group ownership" - echo "" - echo -e " ${RED}0)${NC} Back to Actions Menu" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# Website Management menu (WordPress, etc.) -show_wordpress_menu() { - show_banner - echo -e "${BLUE}${BOLD}🌐 Website Management${NC}" - echo "" - echo -e "${BOLD}General Website Tools:${NC}" - echo "" - echo -e " ${BLUE}1)${NC} 🔍 Website Error Analyzer - Find 500/config errors (filters bots)" - echo -e " ${RED}2)${NC} 🔥 Fast 500 Error Tracker - ONLY 500s + root cause diagnosis" - echo "" - echo -e "${BOLD}CMS-Specific Management:${NC}" - echo "" - echo -e " ${BLUE}3)${NC} 📦 WordPress Management → Cron, updates, security, health" - echo -e " ${DIM}4)${NC} ${DIM}📦 Joomla Management (Coming Soon)${NC}" - echo -e " ${DIM}5)${NC} ${DIM}📦 Drupal Management (Coming Soon)${NC}" - echo "" - echo -e " ${RED}0)${NC} Back to Main Menu" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# WordPress Health & Maintenance submenu -show_wp_health_menu() { - show_banner - echo -e "${BLUE}${BOLD}🏥 WordPress Health & Maintenance${NC}" - echo "" - echo -e " ${BLUE}1)${NC} Health Check (All Sites) - Scan all WP installations" - echo -e " ${BLUE}2)${NC} Database Optimizer - Clean/optimize WP databases" - echo -e " ${BLUE}3)${NC} Cache Clear (All Sites) - Clear all WP caches" - echo -e " ${BLUE}4)${NC} Plugin Audit - Security scan of plugins" - echo -e " ${BLUE}5)${NC} Theme Audit - Security scan of themes" - echo "" - echo -e " ${RED}0)${NC} Back to Website Management" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# WP-Cron Management submenu -show_wp_cron_menu() { - show_banner - echo -e "${BLUE}${BOLD}⚙️ WP-Cron Management${NC}" - echo "" - echo -e " ${BLUE}1)${NC} WP-Cron Status - Check cron job status" - echo -e " ${BLUE}2)${NC} WP-Cron Mass Fix - Fix/enable cron on all sites" - echo -e " ${BLUE}3)${NC} WP-Cron Mass Create - Setup proper system crons" - echo "" - echo -e " ${RED}0)${NC} Back to Website Management" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# Mass Updates submenu -show_wp_updates_menu() { - show_banner - echo -e "${BLUE}${BOLD}🔄 WordPress Mass Updates${NC}" - echo "" - echo -e " ${BLUE}1)${NC} Mass Update Core - Update WordPress core (all)" - echo -e " ${BLUE}2)${NC} Mass Update Plugins - Update plugins (all sites)" - echo -e " ${BLUE}3)${NC} Mass Update Themes - Update themes (all sites)" - echo "" - echo -e " ${RED}0)${NC} Back to Website Management" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# Security & Compliance submenu -show_wp_security_menu() { - show_banner - echo -e "${BLUE}${BOLD}🔒 WordPress Security & Compliance${NC}" - echo "" - echo -e " ${BLUE}1)${NC} Malware Scanner - Scan for infected files" - echo -e " ${BLUE}2)${NC} Permission Fixer - Fix file permissions" - echo -e " ${BLUE}3)${NC} Login Security Audit - Check for weak passwords" - echo "" - echo -e " ${RED}0)${NC} Back to Website Management" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# Performance & Diagnostics menu -show_performance_menu() { - show_banner - echo -e "${MAGENTA}${BOLD}🔧 Performance & Diagnostics${NC}" - echo "" - echo -e "${BOLD}Database:${NC}" - echo -e " ${MAGENTA}1)${NC} MySQL Query Analyzer - Find slow queries and optimize" - echo "" - echo -e "${BOLD}Network & Bandwidth:${NC}" - echo -e " ${MAGENTA}2)${NC} Network & Bandwidth Analyzer - Traffic, bandwidth, top consumers" - echo -e " ${MAGENTA}3)${NC} Connection Monitor - Active connections and states" - echo "" - echo -e "${BOLD}Hardware & Resources:${NC}" - echo -e " ${MAGENTA}4)${NC} Hardware Health Check - SMART, memory, CPU sensors" - echo -e " ${MAGENTA}5)${NC} Disk I/O Analyzer - Disk performance metrics" - echo -e " ${MAGENTA}6)${NC} Resource Monitor - CPU/RAM/Disk usage dashboard" - echo "" - echo -e "${BOLD}Web Server & PHP:${NC}" - echo -e " ${MAGENTA}7)${NC} Apache Performance - Apache tuning recommendations" - echo -e " ${MAGENTA}8)${NC} PHP-FPM Monitor - PHP-FPM pool status" - echo -e " ${MAGENTA}9)${NC} PHP Configuration Optimizer - Analyze & optimize PHP settings per domain" - echo "" - echo -e "${BOLD}Logs & Diagnostics:${NC}" - echo -e " ${MAGENTA}10)${NC} Log Analyzer - Parse and analyze system logs" - echo -e " ${MAGENTA}11)${NC} Loadwatch Health Analyzer - System health from monitoring logs" - echo -e " ${MAGENTA}12)${NC} Email Queue Monitor - Mail queue analysis" - echo "" - echo -e " ${RED}0)${NC} Back to Main Menu" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# Backup menu -show_backup_menu() { - show_banner - echo -e "${YELLOW}${BOLD}💾 Backup & Recovery${NC}" - echo "" - echo -e "${BOLD}cPanel Backups:${NC}" - echo "" - echo -e " ${YELLOW}1)${NC} Auto Backup (All Sites) - Create full backups" - echo -e " ${YELLOW}2)${NC} Selective Backup - Backup specific accounts" - echo -e " ${YELLOW}3)${NC} Restore Helper - Interactive restore tool" - echo -e " ${YELLOW}4)${NC} Database Backup (All) - Backup all databases" - echo -e " ${YELLOW}5)${NC} Config Backup - Backup server configs" - echo -e " ${YELLOW}6)${NC} Log Archive - Archive old logs" - echo -e " ${YELLOW}7)${NC} Backup Verification - Test backup integrity" - echo -e " ${YELLOW}8)${NC} Off-site Sync - Sync to remote storage" - echo "" - echo -e "${BOLD}Acronis Cyber Protect:${NC}" - echo "" - echo -e " ${YELLOW}9)${NC} 🔷 Acronis Management → Install, configure, manage backups" - echo "" - echo -e "${BOLD}Database Tools:${NC}" - echo "" - echo -e " ${CYAN}11)${NC} 🔄 MySQL File Restore - Convert restored DB files to .sql" - echo "" - echo -e "${BOLD}Data Management:${NC}" - echo "" - echo -e " ${RED}10)${NC} 🗑️ Cleanup Toolkit Data - Remove IP reputation & temp files" - echo "" - echo -e " ${RED}0)${NC} Back to Main Menu" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# Acronis Management submenu -show_acronis_menu() { - show_banner - echo -e "${YELLOW}${BOLD}🔷 Acronis Cyber Protect${NC}" - echo "" - echo -e "${BOLD}Installation & Setup:${NC}" - echo "" - echo -e " ${YELLOW}1)${NC} Install Acronis Agent - Download and install Acronis" - echo -e " ${YELLOW}2)${NC} Register with Cloud - Connect to Acronis Cloud" - echo "" - echo -e "${BOLD}Backup Management:${NC}" - echo "" - echo -e " ${GREEN}3)${NC} 📊 Manage Backups - Complete backup management interface" - echo "" - echo -e "${BOLD}Quick Actions:${NC}" - echo "" - echo -e " ${YELLOW}4)${NC} Check Agent Status - Verify Acronis is running" - echo -e " ${YELLOW}5)${NC} Update Agent - Upgrade to latest version" - echo -e " ${YELLOW}6)${NC} View Logs - Check Acronis logs" - echo -e " ${YELLOW}7)${NC} Uninstall Acronis - Remove Acronis agent" - echo "" - echo -e "${BOLD}Troubleshooting:${NC}" - echo "" - echo -e " ${RED}8)${NC} 🔧 Troubleshoot Backups - Diagnose backup failures" - echo "" - echo -e " ${RED}0)${NC} Back to Backup & Recovery" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# Acronis submenu handler -handle_acronis_menu() { - while true; do - show_acronis_menu - read -r choice - - case $choice in - 1) run_module "backup" "acronis-install.sh" ;; - 2) run_module "backup" "acronis-register.sh" ;; - 3) run_module "backup" "acronis-backup-manager.sh" ;; - 4) run_module "backup" "acronis-agent-status.sh" ;; - 5) run_module "backup" "acronis-update.sh" ;; - 6) run_module "backup" "acronis-logs.sh" ;; - 7) run_module "backup" "acronis-uninstall.sh" ;; - 8) run_module "backup" "acronis-troubleshoot.sh" ;; - 0) return ;; - *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; - esac - done -} - -# Monitoring menu -show_monitoring_menu() { - show_banner - echo -e "${CYAN}${BOLD}🔍 Monitoring & Alerts${NC}" - echo "" - echo -e " ${CYAN}1)${NC} Service Status Monitor - Apache, MySQL, PHP-FPM status" - echo -e " ${CYAN}2)${NC} Uptime Tracker - Server uptime history" - echo -e " ${CYAN}3)${NC} Error Log Watcher - Real-time error monitoring" - echo -e " ${CYAN}4)${NC} Disk Space Alerts - Low disk space warnings" - echo -e " ${CYAN}5)${NC} SSL Expiration Monitor - Certificate expiry tracking" - echo -e " ${CYAN}6)${NC} Security Alert Dashboard - Recent security events" - echo -e " ${CYAN}7)${NC} Email Delivery Monitor - Track email deliverability" - echo -e " ${CYAN}8)${NC} DNS Monitor - DNS health checks" - echo "" - echo -e " ${RED}0)${NC} Back to Main Menu" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# Reporting menu -show_reporting_menu() { - show_banner - echo -e "${GREEN}${BOLD}📈 Reporting & Analytics${NC}" - echo "" - echo -e " ${GREEN}1)${NC} Security Report Viewer - Browse security reports" - echo -e " ${GREEN}2)${NC} Performance Summary - Historical performance data" - echo -e " ${GREEN}3)${NC} Traffic Analytics - Bandwidth & visitor stats" - echo -e " ${GREEN}4)${NC} Account Usage Report - Per-account resource usage" - echo -e " ${GREEN}5)${NC} System Health Dashboard - Overall server status" - echo -e " ${GREEN}6)${NC} Custom Report Builder - Create custom reports" - echo -e " ${GREEN}7)${NC} Export to PDF - Generate PDF reports" - echo "" - echo -e " ${RED}0)${NC} Back to Main Menu" - echo "" - echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" - echo -n "Select option: " -} - -# Cleanup / Reset all learned data -cleanup_all_data() { - show_banner - echo -e "${BOLD}🗑️ Cleanup / Reset System${NC}" - echo "" - - print_warning "This will delete all learned/cached information:" - echo "" - echo " • System reference database (.sysref)" - echo " • Temporary session directories (/tmp/server-toolkit-*)" - echo " • Bot analyzer reports (/tmp/bot_analysis_*)" - echo " • MySQL analysis reports (/tmp/mysql_analysis_*)" - echo " • System health reports (/tmp/system_health_report_*)" - echo " • Network bandwidth reports (/tmp/network_bandwidth_report_*)" - echo " • Hardware health reports (/tmp/hardware_health_report_*)" - echo " • Any cached user/domain/database mappings" - echo "" - echo "This will NOT affect:" - echo " ✓ Configuration files (config/settings.conf)" - echo " ✓ Your actual server data" - echo " ✓ The toolkit scripts themselves" - echo "" - - read -p "Are you sure you want to reset to blank slate? (yes/no): " confirm - - if [ "$confirm" != "yes" ]; then - print_info "Cleanup cancelled" - sleep 2 - return 0 - fi - - echo "" - print_info "Starting cleanup..." - - # Remove reference database - if [ -f "$BASE_DIR/.sysref" ]; then - rm -f "$BASE_DIR/.sysref" - print_success "Removed system reference database" - fi - - if [ -f "$BASE_DIR/.sysref.timestamp" ]; then - rm -f "$BASE_DIR/.sysref.timestamp" - fi - - # Remove temp session directories - local temp_count=$(find /tmp -maxdepth 1 -name "server-toolkit-*" -type d 2>/dev/null | wc -l) - if [ "${temp_count:-0}" -gt 0 ]; then - find /tmp -maxdepth 1 -name "server-toolkit-*" -type d -exec rm -rf {} \; 2>/dev/null - print_success "Removed $temp_count temporary session directories" - fi - - # Remove bot analyzer reports - local bot_reports=$(find /tmp -maxdepth 1 -name "bot_analysis_*" 2>/dev/null | wc -l) - if [ "${bot_reports:-0}" -gt 0 ]; then - find /tmp -maxdepth 1 -name "bot_analysis_*" -exec rm -f {} \; 2>/dev/null - print_success "Removed $bot_reports bot analysis reports" - fi - - # Remove MySQL analysis reports - local mysql_reports=$(find /tmp -maxdepth 1 -name "mysql_analysis_*" 2>/dev/null | wc -l) - if [ "${mysql_reports:-0}" -gt 0 ]; then - find /tmp -maxdepth 1 -name "mysql_analysis_*" -exec rm -f {} \; 2>/dev/null - print_success "Removed $mysql_reports MySQL analysis reports" - fi - - # Remove system health reports - local health_reports=$(find /tmp -maxdepth 1 -name "system_health_report_*" 2>/dev/null | wc -l) - if [ "${health_reports:-0}" -gt 0 ]; then - find /tmp -maxdepth 1 -name "system_health_report_*" -exec rm -f {} \; 2>/dev/null - print_success "Removed $health_reports system health reports" - fi - - # Remove network bandwidth reports - local network_reports=$(find /tmp -maxdepth 1 -name "network_bandwidth_report_*" 2>/dev/null | wc -l) - if [ "${network_reports:-0}" -gt 0 ]; then - find /tmp -maxdepth 1 -name "network_bandwidth_report_*" -exec rm -f {} \; 2>/dev/null - print_success "Removed $network_reports network bandwidth reports" - fi - - # Remove hardware health reports - local hardware_reports=$(find /tmp -maxdepth 1 -name "hardware_health_report_*" 2>/dev/null | wc -l) - if [ "${hardware_reports:-0}" -gt 0 ]; then - find /tmp -maxdepth 1 -name "hardware_health_report_*" -exec rm -f {} \; 2>/dev/null - print_success "Removed $hardware_reports hardware health reports" - fi - - # Clear any other toolkit temp files - rm -f /tmp/toolkit_* 2>/dev/null - - # Clear ALL cache and temporary files - rm -f /tmp/*.cache /tmp/*_cache 2>/dev/null - rm -f /root/server-toolkit/*.cache /root/server-toolkit/*_cache 2>/dev/null - print_success "Removed all cache files" - - # Clear in-memory environment variables to force fresh detection - # Clear ALL SYS_* variables - for var in $(compgen -e | grep "^SYS_"); do - unset "$var" - done - print_success "Cleared all SYS_* environment variables" - - # Unset all functions from the libraries to force reload - unset -f initialize_system_detection 2>/dev/null - unset -f detect_control_panel 2>/dev/null - unset -f get_user_domains 2>/dev/null - unset -f select_user_interactive 2>/dev/null - unset -f list_all_users 2>/dev/null - print_success "Cleared all toolkit function definitions" - - echo "" - print_success "Cleanup complete! System reset to blank slate." - echo "" - print_info "Re-initializing system detection and reloading ALL libraries..." - - # Force re-source ALL libraries with fresh detection - source "$LIB_DIR/common-functions.sh" - source "$LIB_DIR/system-detect.sh" - source "$LIB_DIR/user-manager.sh" - source "$LIB_DIR/reference-db.sh" - - echo "" - echo "Fresh detection complete:" - echo " • Control Panel: $SYS_CONTROL_PANEL $SYS_CONTROL_PANEL_VERSION" - echo " • OS: $SYS_OS_TYPE $SYS_OS_VERSION" - echo " • Web Server: $SYS_WEB_SERVER $SYS_WEB_SERVER_VERSION" - echo " • Database: $SYS_DB_TYPE $SYS_DB_VERSION" - echo "" - - # Test that domain detection works - print_info "Testing domain detection..." - test_domains=$(get_user_domains "pickledperil" 2>/dev/null) - if [ -n "$test_domains" ]; then - echo " • Domain detection: WORKING (found: $test_domains)" - else - echo " • Domain detection: FAILED - still broken!" - fi - echo "" - - read -p "Press Enter to continue..." -} - -# Configuration editor -edit_config() { - show_banner - echo -e "${BOLD}⚙️ Configuration Editor${NC}" - echo "" - - local config_file="$CONFIG_DIR/settings.conf" - - if [ ! -f "$config_file" ]; then - echo "Creating default configuration..." - mkdir -p "$CONFIG_DIR" - cat > "$config_file" << 'EOF' -# Server Management Toolkit Configuration - -# ============================================================================ -# SYSTEM PATHS -# ============================================================================ -# Apache log directory -LOG_DIR="/var/log/apache2/domlogs" - -# cPanel home directory -CPANEL_HOME="/home" - -# WordPress installations base pattern -WP_BASE="/home/*/public_html" - -# ============================================================================ -# SECURITY DEFAULTS -# ============================================================================ -# Default time range for quick scans (hours) -QUICK_SCAN_HOURS=1 - -# Auto-apply blocklists (yes/no) -AUTO_BLOCK=no - -# Maximum threat score before auto-block (0-100) -AUTO_BLOCK_THRESHOLD=80 - -# ============================================================================ -# WORDPRESS DEFAULTS -# ============================================================================ -# Auto-backup before mass operations (yes/no) -WP_AUTO_BACKUP=yes - -# WP-CLI path -WPCLI_PATH="/usr/local/bin/wp" - -# Max sites to process in parallel -WP_MAX_PARALLEL=5 - -# ============================================================================ -# PERFORMANCE MONITORING -# ============================================================================ -# CPU usage alert threshold (%) -CPU_ALERT_THRESHOLD=80 - -# Memory usage alert threshold (%) -MEM_ALERT_THRESHOLD=90 - -# Disk usage alert threshold (%) -DISK_ALERT_THRESHOLD=85 - -# Load average alert threshold -LOAD_ALERT_THRESHOLD=5.0 - -# ============================================================================ -# NOTIFICATIONS -# ============================================================================ -# Email for critical alerts -ALERT_EMAIL="" - -# Slack webhook URL (optional) -SLACK_WEBHOOK="" - -# Pushover API token (optional) -PUSHOVER_TOKEN="" - -# ============================================================================ -# BACKUP SETTINGS -# ============================================================================ -# Backup retention days -BACKUP_RETENTION_DAYS=30 - -# Backup destination -BACKUP_DEST="/backup" - -# Compress backups (yes/no) -BACKUP_COMPRESS=yes - -# ============================================================================ -# WHITELISTS & EXCLUSIONS -# ============================================================================ -# Whitelist file for IPs -WHITELIST_IP_FILE="$CONFIG_DIR/whitelist-ips.txt" - -# Whitelist file for User-Agents -WHITELIST_UA_FILE="$CONFIG_DIR/whitelist-user-agents.txt" - -# Accounts to exclude from operations -EXCLUDE_ACCOUNTS="root cpanel" - -# ============================================================================ -# LOGGING -# ============================================================================ -# Log all toolkit operations (yes/no) -ENABLE_LOGGING=yes - -# Toolkit log file -TOOLKIT_LOG="$BASE_DIR/logs/toolkit.log" -EOF - fi - - if command -v nano >/dev/null 2>&1; then - nano "$config_file" - elif command -v vi >/dev/null 2>&1; then - vi "$config_file" - else - echo "No editor found. Configuration file:" - echo "$config_file" - fi - - # Reload config - [ -f "$config_file" ] && source "$config_file" - - read -p "Press Enter to continue..." -} - - -# Initialize -init_directories() { - # Create module category directories - mkdir -p "$MODULES_DIR"/{security,wordpress,performance,backup,monitoring,troubleshooting,reporting} - mkdir -p "$LIB_DIR" "$CONFIG_DIR" "$BASE_DIR/logs" - - # Create config if it doesn't exist - if [ ! -f "$CONFIG_DIR/settings.conf" ]; then - edit_config - fi - - # Load config - [ -f "$CONFIG_DIR/settings.conf" ] && source "$CONFIG_DIR/settings.conf" - - # Create default whitelists - touch "$CONFIG_DIR/whitelist-ips.txt" 2>/dev/null - touch "$CONFIG_DIR/whitelist-user-agents.txt" 2>/dev/null -} - -# Security submenu handler -# Security submenu handler - Main router handle_security_menu() { while true; do show_security_menu read -r choice - case $choice in - 1) handle_security_analysis_menu ;; - 2) handle_security_actions_menu ;; - 3) handle_live_monitoring_menu ;; - 4) run_module "security" "active-threats-viewer.sh" ;; - 5) run_module "security" "security-summary.sh" ;; - 0) return ;; - *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; - esac - done -} - -# Security Analysis Menu Handler -handle_security_analysis_menu() { - while true; do - show_security_analysis_menu - read -r choice - - case $choice in - 1) run_module "security" "malware-scanner.sh" ;; - 2) handle_bot_analysis_menu ;; - 3) handle_auth_analysis_menu ;; - 4) handle_webapp_analysis_menu ;; - 5) handle_firewall_analysis_menu ;; - 0) return ;; - *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; - esac - done -} - -# Security Actions Menu Handler -handle_security_actions_menu() { - while true; do - show_security_actions_menu - read -r choice - - case $choice in - 1) handle_auth_protection_menu ;; - 2) handle_threat_blocking_menu ;; - 3) handle_firewall_management_menu ;; - 4) handle_webapp_hardening_menu ;; - 0) return ;; - *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; - esac - done -} - -# Live Monitoring Menu Handler -handle_live_monitoring_menu() { - while true; do - show_live_monitoring_menu - read -r choice - - case $choice in - 1) run_module "security" "live-attack-monitor.sh" ;; - 2) run_module "security" "ssh-attack-monitor.sh" ;; - 3) run_module "security" "web-traffic-monitor.sh" ;; - 4) run_module "security" "firewall-activity-monitor.sh" ;; - 5) run_module "security" "tail-apache-access.sh" ;; - 6) run_module "security" "tail-apache-error.sh" ;; - 7) run_module "security" "tail-mail-log.sh" ;; - 8) run_module "security" "tail-secure-log.sh" ;; - 9) - show_banner - echo -e "${BOLD}Custom Log Monitor${NC}" - read -p "Enter log file path: " logpath - [ -n "$logpath" ] && run_module "security" "tail-custom-log.sh" "$logpath" - ;; - 0) return ;; - *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; - esac - done -} - -# Bot & Traffic Analysis Handler (ANALYSIS) -handle_bot_analysis_menu() { - while true; do - show_bot_analysis_menu - read -r choice - case $choice in 1) run_module "security" "bot-analyzer.sh" ;; - 2) run_module "security" "bot-analyzer.sh" -H "${QUICK_SCAN_HOURS:-1}" ;; - 3) run_module "security" "live-monitor.sh" ;; - 4) run_module "security" "ip-reputation-manager.sh" ;; - 5) - show_banner - echo -e "${BOLD}IP Lookup & Investigation${NC}" - read -p "Enter IP address: " ip - [ -n "$ip" ] && run_module "security" "ip-lookup.sh" "$ip" - ;; - 6) run_module "security" "ddos-detector.sh" ;; - 7) run_module "security" "traffic-pattern-analysis.sh" ;; - 8) run_module "security" "user-agent-analysis.sh" ;; + 2) run_module "security" "bot-analyzer.sh" -H 1 ;; + 3) run_module "security" "ip-reputation-manager.sh" ;; + 4) run_module "security" "malware-scanner.sh" ;; + 5) run_module "security" "live-attack-monitor.sh" ;; + 6) run_module "security" "ssh-attack-monitor.sh" ;; + 7) run_module "security" "web-traffic-monitor.sh" ;; + 8) run_module "security" "firewall-activity-monitor.sh" ;; + 9) run_module "security" "tail-apache-access.sh" ;; + 10) run_module "security" "tail-apache-error.sh" ;; + 11) run_module "security" "tail-mail-log.sh" ;; + 12) run_module "security" "tail-secure-log.sh" ;; + 13) run_module "security" "enable-cphulk.sh" ;; + 14) run_module "security" "optimize-ct-limit.sh" ;; 0) return ;; *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; esac done } -# Authentication Analysis Handler (ANALYSIS) -handle_auth_analysis_menu() { - while true; do - show_auth_analysis_menu - read -r choice +############################################################################# +# WEBSITE DIAGNOSTICS +############################################################################# - case $choice in - 1) run_module "security" "ssh-brute-force-analyzer.sh" ;; - 2) run_module "security" "ssh-config-audit.sh" ;; - 3) run_module "security" "root-login-analyzer.sh" ;; - 4) run_module "security" "failed-login-patterns.sh" ;; - 5) run_module "security" "cpanel-login-analysis.sh" ;; - 6) run_module "security" "whm-login-analysis.sh" ;; - 7) run_module "security" "ftp-login-analysis.sh" ;; - 8) run_module "security" "email-auth-failures.sh" ;; - 9) run_module "security" "dovecot-security-audit.sh" ;; - 0) return ;; - *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; - esac - done +show_website_menu() { + show_banner + echo -e "${BLUE}${BOLD}🌐 Website Diagnostics${NC}" + echo "" + echo -e "${BOLD}Error Analysis:${NC}" + echo "" + echo -e " ${BLUE}1)${NC} 🔍 Website Error Analyzer - Find 500/config errors (filters bots)" + echo -e " ${RED}2)${NC} 🔥 Fast 500 Error Tracker - ONLY 500s + root cause diagnosis" + echo "" + echo -e "${BOLD}WordPress Management:${NC}" + echo "" + echo -e " ${BLUE}3)${NC} 📦 WordPress Tools → WP-Cron manager & diagnostics" + echo "" + echo -e " ${RED}0)${NC} Back to Main Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " } -# Web Application Analysis Handler (ANALYSIS) -handle_webapp_analysis_menu() { +handle_website_menu() { while true; do - show_webapp_analysis_menu - read -r choice - - case $choice in - 1) run_module "security" "wp-security-scan.sh" ;; - 2) run_module "security" "sqli-detector.sh" ;; - 3) run_module "security" "xss-detector.sh" ;; - 4) run_module "security" "permission-audit.sh" ;; - 5) run_module "security" "ssl-security-audit.sh" ;; - 6) run_module "security" "modsecurity-status.sh" ;; - 7) run_module "security" "apache-security-audit.sh" ;; - 0) return ;; - *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; - esac - done -} - -# Firewall & Network Analysis Handler (ANALYSIS) -handle_firewall_analysis_menu() { - while true; do - show_firewall_analysis_menu - read -r choice - - case $choice in - 1) run_module "security" "csf-status.sh" ;; - 2) run_module "security" "csf-view-allowed.sh" ;; - 3) run_module "security" "csf-view-blocked.sh" ;; - 4) run_module "security" "csf-recent-activity.sh" ;; - 5) run_module "security" "port-scanner.sh" ;; - 6) run_module "security" "port-security-audit.sh" ;; - 7) run_module "security" "connection-analysis.sh" ;; - 8) run_module "security" "network-interface-stats.sh" ;; - 0) return ;; - *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; - esac - done -} - -# Authentication Protection Handler (ACTIONS) -handle_auth_protection_menu() { - while true; do - show_auth_protection_menu - read -r choice - - case $choice in - 1) run_module "security" "enable-cphulk.sh" ;; - 2) run_module "security" "cphulk-configure.sh" ;; - 3) run_module "security" "cphulk-view-blocked.sh" ;; - 4) - show_banner - echo -e "${BOLD}Unblock IP Address${NC}" - read -p "Enter IP address to unblock: " ip - [ -n "$ip" ] && run_module "security" "cphulk-unblock.sh" "$ip" - ;; - 5) - show_banner - echo -e "${BOLD}Add IP to cPHulk Whitelist${NC}" - read -p "Enter IP address to whitelist: " ip - [ -n "$ip" ] && run_module "security" "cphulk-whitelist-add.sh" "$ip" - ;; - 6) run_module "security" "ssh-disable-root-login.sh" ;; - 7) run_module "security" "ssh-configure-port.sh" ;; - 8) run_module "security" "ssh-setup-key-auth.sh" ;; - 9) run_module "security" "smtp-enable-auth.sh" ;; - 0) return ;; - *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; - esac - done -} - -# Threat Blocking Handler (ACTIONS) -handle_threat_blocking_menu() { - while true; do - show_threat_blocking_menu - read -r choice - - case $choice in - 1) - show_banner - echo -e "${BOLD}Block IP Address${NC}" - read -p "Enter IP address to block: " ip - [ -n "$ip" ] && run_module "security" "csf-block-ip.sh" "$ip" - ;; - 2) - show_banner - echo -e "${BOLD}Block IP Range (CIDR)${NC}" - read -p "Enter CIDR range (e.g., 192.168.1.0/24): " cidr - [ -n "$cidr" ] && run_module "security" "csf-block-cidr.sh" "$cidr" - ;; - 3) - show_banner - echo -e "${BOLD}Block Country${NC}" - read -p "Enter country code (e.g., CN, RU): " country - [ -n "$country" ] && run_module "security" "csf-block-country.sh" "$country" - ;; - 4) - show_banner - echo -e "${BOLD}Unblock IP Address${NC}" - read -p "Enter IP address to unblock: " ip - [ -n "$ip" ] && run_module "security" "csf-unblock-ip.sh" "$ip" - ;; - 5) run_module "security" "auto-block-threats.sh" ;; - 6) run_module "security" "enable-lfd.sh" ;; - 7) run_module "security" "configure-block-thresholds.sh" ;; - 8) - show_banner - echo -e "${BOLD}Add IP to Whitelist${NC}" - read -p "Enter IP address to whitelist: " ip - [ -n "$ip" ] && run_module "security" "csf-allow-ip.sh" "$ip" - ;; - 9) run_module "security" "manage-whitelist.sh" ;; - 0) return ;; - *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; - esac - done -} - -# Firewall Management Handler (ACTIONS) -handle_firewall_management_menu() { - while true; do - show_firewall_management_menu - read -r choice - - case $choice in - 1) run_module "security" "csf-enable-disable.sh" ;; - 2) run_module "security" "csf-restart.sh" ;; - 3) run_module "security" "csf-configure.sh" ;; - 4) run_module "security" "csf-test-config.sh" ;; - 5) - show_banner - echo -e "${BOLD}Open Port${NC}" - read -p "Enter port number to open: " port - [ -n "$port" ] && run_module "security" "csf-open-port.sh" "$port" - ;; - 6) - show_banner - echo -e "${BOLD}Close Port${NC}" - read -p "Enter port number to close: " port - [ -n "$port" ] && run_module "security" "csf-close-port.sh" "$port" - ;; - 7) run_module "security" "csf-configure-port-ranges.sh" ;; - 8) run_module "security" "csf-configure-ct-limit.sh" ;; - 9) run_module "security" "csf-configure-synflood.sh" ;; - 0) return ;; - *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; - esac - done -} - -# Web Application Hardening Handler (ACTIONS) -handle_webapp_hardening_menu() { - while true; do - show_webapp_hardening_menu - read -r choice - - case $choice in - 1) run_module "security" "ssl-install-cert.sh" ;; - 2) run_module "security" "ssl-force-https.sh" ;; - 3) run_module "security" "ssl-configure-ciphers.sh" ;; - 4) run_module "security" "modsecurity-enable.sh" ;; - 5) run_module "security" "modsecurity-install-owasp.sh" ;; - 6) run_module "security" "modsecurity-configure.sh" ;; - 7) run_module "security" "fix-file-permissions.sh" ;; - 8) run_module "security" "fix-file-ownership.sh" ;; - 0) return ;; - *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; - esac - done -} - -# WordPress submenu handler -handle_wordpress_menu() { - while true; do - show_wordpress_menu + show_website_menu read -r choice case $choice in 1) run_module "website" "website-error-analyzer.sh" ;; 2) run_module "website" "500-error-tracker.sh" ;; 3) bash "$MODULES_DIR/website/wordpress-menu.sh" ;; - 4|5) - echo "" - print_warning "This CMS management feature is coming soon!" - echo "" - read -p "Press Enter to continue..." - ;; 0) return ;; *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; esac done } -# WP Health & Maintenance submenu handler -handle_wp_health_menu() { +############################################################################# +# PERFORMANCE ANALYSIS +############################################################################# + +show_performance_menu() { + show_banner + echo -e "${MAGENTA}${BOLD}🔧 Performance Analysis${NC}" + echo "" + echo -e "${BOLD}Database:${NC}" + echo "" + echo -e " ${MAGENTA}1)${NC} 🗄️ MySQL Query Analyzer - Find slow queries & optimize" + echo "" + echo -e "${BOLD}Network & Resources:${NC}" + echo "" + echo -e " ${MAGENTA}2)${NC} 🌐 Network & Bandwidth - Traffic & top consumers" + echo -e " ${MAGENTA}3)${NC} 💻 Hardware Health Check - SMART, memory, CPU sensors" + echo "" + echo -e "${BOLD}PHP Optimization:${NC}" + echo "" + echo -e " ${MAGENTA}4)${NC} ⚙️ PHP Configuration Optimizer - Per-domain PHP tuning" + echo "" + echo -e "${BOLD}System Health:${NC}" + echo "" + echo -e " ${MAGENTA}5)${NC} 📊 Loadwatch Health Analyzer - Historical system analysis" + echo "" + echo -e " ${RED}0)${NC} Back to Main Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +handle_performance_menu() { while true; do - show_wp_health_menu + show_performance_menu read -r choice case $choice in - 1) run_module "wordpress" "wp-health-check.sh" ;; - 2) run_module "wordpress" "wp-db-optimizer.sh" ;; - 3) run_module "wordpress" "wp-cache-clear.sh" ;; - 4) run_module "wordpress" "wp-plugin-audit.sh" ;; - 5) run_module "wordpress" "wp-theme-audit.sh" ;; + 1) run_module "performance" "mysql-query-analyzer.sh" ;; + 2) run_module "performance" "network-bandwidth-analyzer.sh" ;; + 3) run_module "performance" "hardware-health-check.sh" ;; + 4) run_module "performance" "php-optimizer.sh" ;; + 5) handle_loadwatch_analyzer ;; 0) return ;; *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; esac done } -# WP-Cron Management submenu handler -handle_wp_cron_menu() { - while true; do - show_wp_cron_menu - read -r choice - - case $choice in - 1) run_module "wordpress" "wp-cron-status.sh" ;; - 2) run_module "wordpress" "wp-cron-mass-fix.sh" ;; - 3) run_module "wordpress" "wp-cron-mass-create.sh" ;; - 0) return ;; - *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; - esac - done -} - -# Mass Updates submenu handler -handle_wp_updates_menu() { - while true; do - show_wp_updates_menu - read -r choice - - case $choice in - 1) run_module "wordpress" "wp-mass-update-core.sh" ;; - 2) run_module "wordpress" "wp-mass-update-plugins.sh" ;; - 3) run_module "wordpress" "wp-mass-update-themes.sh" ;; - 0) return ;; - *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; - esac - done -} - -# Security & Compliance submenu handler -handle_wp_security_menu() { - while true; do - show_wp_security_menu - read -r choice - - case $choice in - 1) run_module "wordpress" "wp-malware-scanner.sh" ;; - 2) run_module "wordpress" "wp-permission-fixer.sh" ;; - 3) run_module "wordpress" "wp-login-security.sh" ;; - 0) return ;; - *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; - esac - done -} - -# Loadwatch analyzer handler with time range selection handle_loadwatch_analyzer() { show_banner echo -e "${MAGENTA}${BOLD}📊 Loadwatch Health Analyzer${NC}" echo "" echo -e "Select time range for analysis:" echo "" - echo -e " ${CYAN}1)${NC} Last 1 Hour - Recent system activity" + echo -e " ${CYAN}1)${NC} Last 1 Hour - Recent activity" echo -e " ${CYAN}2)${NC} Last 6 Hours - Mid-term trending" echo -e " ${CYAN}3)${NC} Last 24 Hours - Full day analysis" echo -e " ${CYAN}4)${NC} Last 7 Days - Weekly patterns" @@ -1379,121 +285,128 @@ handle_loadwatch_analyzer() { 4) run_module "diagnostics" "loadwatch-analyzer.sh" "-r" "7d" ;; 5) run_module "diagnostics" "loadwatch-analyzer.sh" "-r" "30d" ;; 0) return ;; - *) - echo -e "${RED}Invalid option${NC}" - sleep 1 - ;; + *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; esac } -# Performance submenu handler -handle_performance_menu() { - while true; do - show_performance_menu - read -r choice +############################################################################# +# BACKUP & RECOVERY +############################################################################# - case $choice in - 1) run_module "performance" "mysql-query-analyzer.sh" ;; - 2) run_module "performance" "network-bandwidth-analyzer.sh" ;; - 3) run_module "performance" "connection-monitor.sh" ;; - 4) run_module "performance" "hardware-health-check.sh" ;; - 5) run_module "performance" "disk-io-analyzer.sh" ;; - 6) run_module "performance" "resource-monitor.sh" ;; - 7) run_module "performance" "apache-performance.sh" ;; - 8) run_module "performance" "php-fpm-monitor.sh" ;; - 9) run_module "performance" "php-optimizer.sh" ;; - 10) run_module "performance" "log-analyzer.sh" ;; - 11) handle_loadwatch_analyzer ;; - 12) run_module "performance" "email-queue-monitor.sh" ;; - 0) return ;; - *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; - esac - done +show_backup_menu() { + show_banner + echo -e "${YELLOW}${BOLD}💾 Backup & Recovery${NC}" + echo "" + echo -e "${BOLD}Acronis Cyber Protect:${NC}" + echo "" + echo -e " ${YELLOW}1)${NC} 🔷 Acronis Management → Complete backup management" + echo "" + echo -e "${BOLD}Database Tools:${NC}" + echo "" + echo -e " ${CYAN}2)${NC} 🔄 MySQL File Restore - Convert restored DB files to .sql" + echo "" + echo -e "${BOLD}Maintenance:${NC}" + echo "" + echo -e " ${RED}3)${NC} 🗑️ Cleanup Toolkit Data - Remove IP reputation & temp files" + echo "" + echo -e " ${RED}0)${NC} Back to Main Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " +} + +show_acronis_menu() { + show_banner + echo -e "${YELLOW}${BOLD}🔷 Acronis Cyber Protect${NC}" + echo "" + echo -e "${BOLD}Installation & Setup:${NC}" + echo "" + echo -e " ${YELLOW}1)${NC} Install Acronis Agent - Download and install" + echo -e " ${YELLOW}2)${NC} Register with Cloud - Connect to Acronis Cloud" + echo -e " ${YELLOW}3)${NC} Configure Agent - Adjust settings" + echo "" + echo -e "${BOLD}Backup Management:${NC}" + echo "" + echo -e " ${GREEN}4)${NC} 📊 Manage Backups - Complete backup interface" + echo "" + echo -e "${BOLD}Status & Monitoring:${NC}" + echo "" + echo -e " ${CYAN}5)${NC} Check Agent Status - Verify Acronis is running" + echo -e " ${CYAN}6)${NC} View Logs - Check Acronis logs" + echo -e " ${CYAN}7)${NC} Troubleshoot - Diagnose backup failures" + echo "" + echo -e "${BOLD}Maintenance:${NC}" + echo "" + echo -e " ${YELLOW}8)${NC} Update Agent - Upgrade to latest version" + echo -e " ${RED}9)${NC} Uninstall Acronis - Remove agent" + echo "" + echo -e " ${RED}0)${NC} Back to Backup Menu" + echo "" + echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}" + echo -n "Select option: " } -# Backup submenu handler handle_backup_menu() { while true; do show_backup_menu read -r choice case $choice in - 1) run_module "backup" "auto-backup.sh" ;; - 2) run_module "backup" "selective-backup.sh" ;; - 3) run_module "backup" "restore-helper.sh" ;; - 4) run_module "backup" "database-backup.sh" ;; - 5) run_module "backup" "config-backup.sh" ;; - 6) run_module "backup" "log-archive.sh" ;; - 7) run_module "backup" "backup-verification.sh" ;; - 8) run_module "backup" "offsite-sync.sh" ;; - 9) handle_acronis_menu ;; - 10) run_module "maintenance" "cleanup-toolkit-data.sh" ;; - 11) run_module "backup" "mysql-restore-to-sql.sh" ;; + 1) handle_acronis_menu ;; + 2) run_module "backup" "mysql-restore-to-sql.sh" ;; + 3) run_module "maintenance" "cleanup-toolkit-data.sh" ;; 0) return ;; *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; esac done } -# Monitoring submenu handler -handle_monitoring_menu() { +handle_acronis_menu() { while true; do - show_monitoring_menu + show_acronis_menu read -r choice case $choice in - 1) run_module "monitoring" "service-status-monitor.sh" ;; - 2) run_module "monitoring" "uptime-tracker.sh" ;; - 3) run_module "monitoring" "error-log-watcher.sh" ;; - 4) run_module "monitoring" "disk-space-alerts.sh" ;; - 5) run_module "monitoring" "ssl-expiration-monitor.sh" ;; - 6) run_module "monitoring" "security-alert-dashboard.sh" ;; - 7) run_module "monitoring" "email-delivery-monitor.sh" ;; - 8) run_module "monitoring" "dns-monitor.sh" ;; + 1) run_module "backup" "acronis-install.sh" ;; + 2) run_module "backup" "acronis-register.sh" ;; + 3) run_module "backup" "acronis-configure.sh" ;; + 4) run_module "backup" "acronis-backup-manager.sh" ;; + 5) run_module "backup" "acronis-agent-status.sh" ;; + 6) run_module "backup" "acronis-logs.sh" ;; + 7) run_module "backup" "acronis-troubleshoot.sh" ;; + 8) run_module "backup" "acronis-update.sh" ;; + 9) run_module "backup" "acronis-uninstall.sh" ;; 0) return ;; *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; esac done } -# Reporting submenu handler -handle_reporting_menu() { - while true; do - show_reporting_menu - read -r choice +############################################################################# +# INITIALIZATION +############################################################################# - case $choice in - 1) run_module "reporting" "security-report-viewer.sh" ;; - 2) run_module "reporting" "performance-summary.sh" ;; - 3) run_module "reporting" "traffic-analytics.sh" ;; - 4) run_module "reporting" "account-usage-report.sh" ;; - 5) run_module "reporting" "system-health-dashboard.sh" ;; - 6) run_module "reporting" "custom-report-builder.sh" ;; - 7) run_module "reporting" "export-to-pdf.sh" ;; - 0) return ;; - *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; - esac - done +init_directories() { + mkdir -p "$MODULES_DIR"/{security,website,performance,backup,diagnostics,maintenance} + mkdir -p "$LIB_DIR" "$CONFIG_DIR" "$BASE_DIR/logs" + touch "$CONFIG_DIR/whitelist-ips.txt" 2>/dev/null + touch "$CONFIG_DIR/whitelist-user-agents.txt" 2>/dev/null } -# Main loop startup_detection() { - # Build/update reference database if needed if ! db_is_fresh; then clear print_banner "Server Management Toolkit - Initializing" echo "" - print_info "Detecting server configuration (first-time setup)..." + print_info "Detecting server configuration..." echo "" - # Build reference database (this also runs system detection) build_reference_database echo "" print_section "Detection Summary" echo "" - # Show what was detected echo -e "${BOLD}System:${NC}" echo " Control Panel: $SYS_CONTROL_PANEL $SYS_CONTROL_PANEL_VERSION" echo " OS: $SYS_OS_TYPE $SYS_OS_VERSION" @@ -1501,33 +414,29 @@ startup_detection() { echo " Database: $SYS_DB_TYPE $SYS_DB_VERSION" echo "" - # Count stats from reference database local user_count=$(grep -c "^USER|" "$SYSREF_DB" 2>/dev/null || echo 0) local domain_count=$(grep -c "^DOMAIN|" "$SYSREF_DB" 2>/dev/null || echo 0) - local local_domains=$(grep -c "|local$" "$SYSREF_DB" 2>/dev/null || echo 0) - local remote_domains=$(grep -c "|remote$" "$SYSREF_DB" 2>/dev/null || echo 0) local db_count=$(grep -c "^DB|" "$SYSREF_DB" 2>/dev/null || echo 0) local wp_count=$(grep -c "^WP|" "$SYSREF_DB" 2>/dev/null || echo 0) echo -e "${BOLD}Server Content:${NC}" echo " Users: $user_count" - echo " Domains: $domain_count total" - echo " - Local domains: $local_domains" - echo " - Remote MX domains: $remote_domains" + echo " Domains: $domain_count" echo " Databases: $db_count" echo " WordPress Sites: $wp_count" echo "" - print_success "Server detection complete!" - echo "" - echo "This information is cached for 1 hour." - echo "Use 'Cleanup/Reset' (option 8) to force fresh detection." + print_success "Detection complete! Cached for 1 hour." echo "" read -p "Press Enter to continue..." fi } +############################################################################# +# MAIN LOOP +############################################################################# + main() { init_directories startup_detection @@ -1539,20 +448,15 @@ main() { case $choice in 1) run_module "diagnostics" "system-health-check.sh" ;; 2) handle_security_menu ;; - 3) handle_wordpress_menu ;; + 3) handle_website_menu ;; 4) handle_performance_menu ;; 5) handle_backup_menu ;; - 6) handle_monitoring_menu ;; - 7) handle_reporting_menu ;; - 8) cleanup_all_data ;; - 9) edit_config ;; - 10) bash "$BASE_DIR/tools/erase-toolkit-traces.sh" ;; + 6) run_module "maintenance" "cleanup-toolkit-data.sh" ;; 0) echo "" read -p "Clean history and remove traces? (yes/no): " clean_hist if [ "$clean_hist" = "yes" ]; then - # Signal wrapper script to do cleanup touch /tmp/.cleanup_requested echo "" echo "Cleanup will happen automatically..."