From a3fa0d3c746996b44752733b30078946a570d94e Mon Sep 17 00:00:00 2001 From: cschantz Date: Wed, 3 Dec 2025 20:08:10 -0500 Subject: [PATCH] Fix final 10 HIGH integer comparisons in bot-analyzer.sh MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit FIXES: - Line 2256: $ddos_count → ${ddos_count:-0} - Line 2797: $success_count → ${success_count:-0} (2 instances) - Line 2805: $fail_count → ${fail_count:-0} (2 instances) - Line 3381: $success_count → ${success_count:-0} IMPACT: - Eliminates "integer expression expected" errors on empty variables - Provides safe default value of 0 for all integer comparisons - Completes all bot-analyzer.sh integer comparison fixes QA STATUS: - bot-analyzer.sh: All integer comparison issues FIXED - Remaining: 10 HIGH issues in other security modules - Total progress: 0 CRITICAL (was 8), 10 HIGH (was 20+) --- modules/security/bot-analyzer.sh | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/modules/security/bot-analyzer.sh b/modules/security/bot-analyzer.sh index 9019bc0..f86c9ac 100755 --- a/modules/security/bot-analyzer.sh +++ b/modules/security/bot-analyzer.sh @@ -2165,17 +2165,17 @@ generate_recommendations() { fi elif [ "${affected_domains:-0}" -eq "${total_domains:-0}" ] && [ "${total_domains:-0}" -gt 1 ]; then attack_scope="server_wide" - elif [ $total_domains -eq 1 ]; then + elif [ "${total_domains:-0}" -eq 1 ]; then attack_scope="single_server" primary_target=$(head -1 "$TEMP_DIR/all_domains.txt" 2>/dev/null) fi # RECOMMENDATION #1: IP Blocking Strategy - if [ $total_high_risk_ips -gt 0 ]; then + if [ "${total_high_risk_ips:-0}" -gt 0 ]; then rec_count=$((rec_count + 1)) - if [ $total_high_risk_ips -le 10 ]; then + if [ "${total_high_risk_ips:-0}" -le 10 ]; then echo "REC|$rec_count|ip_block_temp|Block $total_high_risk_ips high-risk IPs for 1 hour|HIGH|CSF temporary block recommended for ${total_high_risk_ips} IPs with threat score >= 70" >> "$TEMP_DIR/recommendations.txt" - elif [ $total_high_risk_ips -le 50 ]; then + elif [ "${total_high_risk_ips:-0}" -le 50 ]; then echo "REC|$rec_count|ip_block_temp|Block $total_high_risk_ips high-risk IPs for 24 hours|HIGH|Large number of threats detected - 24hr block recommended" >> "$TEMP_DIR/recommendations.txt" else echo "REC|$rec_count|ip_block_perm|Permanently block $total_high_risk_ips high-risk IPs|CRITICAL|Severe bot attack detected - permanent blocking recommended" >> "$TEMP_DIR/recommendations.txt" @@ -2221,7 +2221,7 @@ generate_recommendations() { wp_attacks=$(grep -i "wp-admin\|wp-login\|xmlrpc" "$TEMP_DIR/attack_vectors_raw.txt" 2>/dev/null | wc -l || echo "0") fi - if [ $wp_attacks -gt 50 ]; then + if [ "${wp_attacks:-0}" -gt 50 ]; then rec_count=$((rec_count + 1)) # Determine which domains have WordPress @@ -2235,7 +2235,7 @@ generate_recommendations() { fi # Generate appropriate recommendation based on how many domains have WordPress attacks - if [ $wp_domain_count -eq 1 ] || [ "$attack_scope" = "single_domain" ] || [ "$attack_scope" = "single_server" ]; then + if [ "${wp_domain_count:-0}" -eq 1 ] || [ "$attack_scope" = "single_domain" ] || [ "$attack_scope" = "single_server" ]; then # Single domain being attacked echo "REC|$rec_count|wp_hardening|Harden WordPress on $wp_target_domain|HIGH|$wp_attacks WordPress login/admin attempts detected" >> "$TEMP_DIR/recommendations.txt" elif [ "$attack_scope" = "primary_target" ]; then @@ -2253,7 +2253,7 @@ generate_recommendations() { # RECOMMENDATION #7: CSF SYNFLOOD Protection (if DDoS patterns detected) if [ -s "$TEMP_DIR/rapid_fire_ips.txt" ]; then local ddos_count=$(wc -l < "$TEMP_DIR/rapid_fire_ips.txt" || echo "0") - if [ $ddos_count -gt 10 ]; then + if [ "${ddos_count:-0}" -gt 10 ]; then rec_count=$((rec_count + 1)) echo "REC|$rec_count|csf_synflood|Enable CSF SYNFLOOD protection|HIGH|$ddos_count potential DDoS sources detected" >> "$TEMP_DIR/recommendations.txt" fi @@ -2794,7 +2794,7 @@ execute_ip_blocking_specific() { done echo "" - if [ $success_count -gt 0 ]; then + if [ "${success_count:-0}" -gt 0 ]; then print_success "Successfully blocked $success_count IP(s) for $duration_text" echo "" echo "These blocks will automatically expire after $duration_text" @@ -2802,7 +2802,7 @@ execute_ip_blocking_specific() { echo "To remove a block early: csf -tr IP" fi - if [ $fail_count -gt 0 ]; then + if [ "${fail_count:-0}" -gt 0 ]; then print_warning "$fail_count IP(s) failed to block - check CSF configuration" fi @@ -3378,7 +3378,7 @@ apply_csf_blocks() { done echo "" - if [ $success_count -gt 0 ]; then + if [ "${success_count:-0}" -gt 0 ]; then print_success "Successfully blocked $success_count IP(s) for $duration_text" echo "" echo "These blocks will automatically expire after $duration_text" @@ -3386,7 +3386,7 @@ apply_csf_blocks() { echo "To remove a block early: csf -tr IP" fi - if [ $fail_count -gt 0 ]; then + if [ "${fail_count:-0}" -gt 0 ]; then print_warning "$fail_count IP(s) failed to block - check CSF configuration" fi @@ -3431,14 +3431,14 @@ apply_csf_permanent_blocks() { done echo "" - if [ $success_count -gt 0 ]; then + if [ "${success_count:-0}" -gt 0 ]; then print_success "Successfully blocked $success_count IP(s) permanently" echo "" echo "To view blocked IPs: csf -g" echo "To remove a block: csf -dr IP" fi - if [ $fail_count -gt 0 ]; then + if [ "${fail_count:-0}" -gt 0 ]; then print_warning "$fail_count IP(s) failed to block - check CSF configuration" fi