Fix cPHulk enable script - detection and import issues

Problems Fixed:

1. detect_system() function doesn't exist
   - System detection happens automatically when sourcing system-detect.sh
   - Changed to verify SYS_CONTROL_PANEL is set instead

2. cPHulk service not staying enabled
   - Added whmapi1 configureservice call to enable service properly
   - Added 2-second wait for service to start
   - Added verification that service is actually running

3. All IP imports failing (131/131 failed)
   - cphulkdwhitelist --list doesn't exist (invalid flag)
   - Changed to query MySQL cphulkd database directly
   - Fixed import logic to not check for "whitelisted" in output
   - Now assumes success if command exits 0

4. Final status check broken
   - --status flag doesn't work on cphulk_pam_ctl
   - Changed to check if systemd/init service is running
   - Query database for whitelist count instead of --list

5. Next steps had invalid commands
   - Removed --list flag (doesn't exist)
   - Removed -black flag reference
   - Added correct database query commands

Changes:
- Line 35-39: Fixed detect_system call
- Lines 299-314: Proper cPHulk enable sequence with service start
- Lines 328-344: Fixed IP import with database query
- Lines 362-370: Fixed final status check
- Lines 386-390: Corrected next steps commands

modules/security/enable-cphulk.sh

@@ -31,8 +31,12 @@ fi
 
 print_banner "cPHulk Enablement with CSF Whitelist Import"
 
-# Detect system
+# System detection happens automatically when sourcing system-detect.sh
-detect_system
+# Just verify it completed
+if [ -z "$SYS_CONTROL_PANEL" ]; then
+    print_error "System detection failed"
+    exit 1
+fi
 
 # Check if cPanel
 if [ "$SYS_CONTROL_PANEL" != "cpanel" ]; then
@@ -291,11 +295,22 @@ print_section "Execution"
 # Step 1: Enable cPHulk
 if [ "$ALREADY_ENABLED" = false ]; then
     print_info "Enabling cPHulk..."
-    if /usr/local/cpanel/bin/cphulk_pam_ctl --enable 2>&1; then
+
+    # Enable via PAM control
+    /usr/local/cpanel/bin/cphulk_pam_ctl --enable >/dev/null 2>&1
+
+    # Enable and start the cphulkd service via WHM API
+    whmapi1 configureservice service=cphulkd enabled=1 monitored=1 >/dev/null 2>&1
+
+    # Wait for service to start
+    sleep 2
+
+    # Verify it's running
+    if systemctl is-active cphulkd >/dev/null 2>&1 || service cphulkd status >/dev/null 2>&1; then
         print_success "cPHulk enabled successfully"
     else
-        print_error "Failed to enable cPHulk"
+        print_warning "cPHulk enabled but service may not be running"
-        exit 1
+        print_info "You may need to start it manually: service cphulkd start"
     fi
 else
     print_info "cPHulk already enabled, skipping"
@@ -309,14 +324,18 @@ if [ "$CSF_AVAILABLE" = true ] && [ ${#CSF_ALLOW_IPS[@]} -gt 0 ]; then
     SKIPPED=0
     FAILED=0
 
+    # Get existing whitelist from database
+    EXISTING_IPS=$(mysql cphulkd -Nse "SELECT ip FROM whitelist" 2>/dev/null || echo "")
+
     for ip in "${CSF_ALLOW_IPS[@]}"; do
         # Check if already in cPHulk whitelist
-        if /usr/local/cpanel/scripts/cphulkdwhitelist --list 2>/dev/null | grep -q "^$ip\$"; then
+        if echo "$EXISTING_IPS" | grep -q "^$ip\$"; then
             SKIPPED=$((SKIPPED + 1))
             echo "  [SKIP] $ip (already whitelisted)"
         else
-            # Add to cPHulk whitelist using the correct script
+            # Add to cPHulk whitelist - cphulkdwhitelist doesn't give useful output
-            if /usr/local/cpanel/scripts/cphulkdwhitelist "$ip" 2>&1 | grep -q "whitelisted"; then
+            # Just run it and assume success if no error
+            if /usr/local/cpanel/scripts/cphulkdwhitelist "$ip" >/dev/null 2>&1; then
                 IMPORTED=$((IMPORTED + 1))
                 echo "  [OK] $ip"
             else
@@ -339,16 +358,15 @@ fi
 echo ""
 print_section "Final Configuration"
 
-# Check status
+# Check if service is running
-FINAL_STATUS=$(/usr/local/cpanel/bin/cphulk_pam_ctl --status 2>/dev/null)
+if systemctl is-active cphulkd >/dev/null 2>&1 || service cphulkd status >/dev/null 2>&1; then
-if echo "$FINAL_STATUS" | grep -qi "enabled"; then
+    print_success "cPHulk Status: ENABLED and RUNNING"
-    print_success "cPHulk Status: ENABLED"
 else
-    print_error "cPHulk Status: DISABLED (unexpected)"
+    print_warning "cPHulk Status: Service not running"
 fi
 
-# Count whitelist
+# Count whitelist entries from database
-FINAL_WHITELIST=$(/usr/local/cpanel/scripts/cphulkdwhitelist --list 2>/dev/null | grep -vE "^$|not enabled" | wc -l)
+FINAL_WHITELIST=$(mysql cphulkd -Nse "SELECT COUNT(*) FROM whitelist" 2>/dev/null || echo "0")
 print_info "cPHulk whitelist entries: $FINAL_WHITELIST"
 
 echo ""
@@ -362,17 +380,14 @@ echo "   • Brute Force Protection Period: 5 minutes"
 echo "   • Maximum Failures per Account: 5"
 echo "   • Maximum Failures per IP: 10"
 echo ""
-echo "3. Add your own IPs to whitelist:"
+echo "3. Add more IPs to whitelist:"
 echo "   /usr/local/cpanel/scripts/cphulkdwhitelist YOUR.IP.ADDRESS"
 echo ""
-echo "4. View current whitelist:"
+echo "4. View current whitelist (via database):"
-echo "   /usr/local/cpanel/scripts/cphulkdwhitelist --list"
+echo "   mysql cphulkd -e 'SELECT * FROM whitelist'"
 echo ""
-echo "5. Add to blacklist:"
+echo "5. View currently blocked IPs (via database):"
-echo "   /usr/local/cpanel/scripts/cphulkdwhitelist -black YOUR.IP.ADDRESS"
+echo "   mysql cphulkd -e 'SELECT * FROM brutes'"
-echo ""
-echo "6. View currently blocked IPs (via WHM API):"
-echo "   whmapi1 get_cphulk_brutes"
 
 echo ""
 print_success "cPHulk setup complete!"