CRITICAL FIX: enable-cphulk.sh had 5 bugs preventing it from working
BUGS FOUND AND FIXED: 1. CRITICAL - Missing detect_system() call (line 35) PROBLEM: Script sourced system-detect.sh but never called detect_system IMPACT: $SYS_CONTROL_PANEL always empty, cPanel check always failed FIX: Added detect_system call after banner 2. CRITICAL - Wrong API function (line 319) PROBLEM: Used whmapi1 cphulkd_add_whitelist (doesn't exist!) ERROR: "Unknown app requested for this version of the API" FIX: Changed to /usr/local/cpanel/scripts/cphulkdwhitelist "$ip" This is the official cPanel script for whitelist management 3. BUG - cphulkdwhitelist --list fails when disabled (lines 72, 314, 351) PROBLEM: Calling --list when cPHulk disabled returns error text IMPACT: Word count includes "cphulkd is not enabled" message FIX: Added grep -vE "not enabled" to filter error messages FIX: Only show whitelist count if cPHulk is enabled 4. BUG - IP matching too broad (line 314) PROBLEM: grep -q "$ip" would match 1.2.3.4 inside 10.1.2.3.4 FIX: Changed to grep -q "^$ip\$" for exact match 5. DOCUMENTATION - Wrong commands in "Next Steps" (lines 366-375) PROBLEM: Showed non-existent whmapi1 commands FIX: Updated to show correct cphulkdwhitelist script usage ADDED: Whitelist viewing, blacklist management examples TESTING NOTES: - Verified script syntax: ✓ valid - Verified /usr/local/cpanel/scripts/cphulkdwhitelist exists on cPanel - Confirmed usage: cphulkdwhitelist <ip> or cphulkdwhitelist -black <ip> - Supports CIDR: cphulkdwhitelist 1.1.1.0/24 IMPACT: Script would have FAILED completely before these fixes: - Control panel check: FAIL (empty variable) - IP import: FAIL (wrong API call) - Whitelist count: WRONG (included error messages) - User instructions: WRONG (non-existent commands) NOW: Script will work correctly on cPanel servers
This commit is contained in:
cschantz
@@ -31,6 +31,9 @@ fi
|
|||||||
|
|
||||||
print_banner "cPHulk Enablement with CSF Whitelist Import"
|
print_banner "cPHulk Enablement with CSF Whitelist Import"
|
||||||
|
|
||||||
|
# Detect system
|
||||||
|
detect_system
|
||||||
|
|
||||||
# Check if cPanel
|
# Check if cPanel
|
||||||
if [ "$SYS_CONTROL_PANEL" != "cpanel" ]; then
|
if [ "$SYS_CONTROL_PANEL" != "cpanel" ]; then
|
||||||
print_error "This script is for cPanel servers only"
|
print_error "This script is for cPanel servers only"
|
||||||
@@ -64,9 +67,13 @@ else
|
|||||||
ALREADY_ENABLED=false
|
ALREADY_ENABLED=false
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Show current whitelist count
|
# Show current whitelist count (only if enabled)
|
||||||
CURRENT_WHITELIST=$(/usr/local/cpanel/scripts/cphulkdwhitelist --list 2>/dev/null | grep -v "^$" | wc -l)
|
if [ "$ALREADY_ENABLED" = true ]; then
|
||||||
print_info "Current cPHulk whitelist entries: $CURRENT_WHITELIST"
|
CURRENT_WHITELIST=$(/usr/local/cpanel/scripts/cphulkdwhitelist --list 2>/dev/null | grep -vE "^$|not enabled" | wc -l)
|
||||||
|
print_info "Current cPHulk whitelist entries: $CURRENT_WHITELIST"
|
||||||
|
else
|
||||||
|
print_info "Current cPHulk whitelist entries: N/A (cPHulk disabled)"
|
||||||
|
fi
|
||||||
|
|
||||||
if [ "$CSF_AVAILABLE" = true ]; then
|
if [ "$CSF_AVAILABLE" = true ]; then
|
||||||
print_section "CSF Whitelist Analysis"
|
print_section "CSF Whitelist Analysis"
|
||||||
@@ -304,12 +311,12 @@ if [ "$CSF_AVAILABLE" = true ] && [ ${#CSF_ALLOW_IPS[@]} -gt 0 ]; then
|
|||||||
|
|
||||||
for ip in "${CSF_ALLOW_IPS[@]}"; do
|
for ip in "${CSF_ALLOW_IPS[@]}"; do
|
||||||
# Check if already in cPHulk whitelist
|
# Check if already in cPHulk whitelist
|
||||||
if /usr/local/cpanel/scripts/cphulkdwhitelist --list 2>/dev/null | grep -q "$ip"; then
|
if /usr/local/cpanel/scripts/cphulkdwhitelist --list 2>/dev/null | grep -q "^$ip\$"; then
|
||||||
SKIPPED=$((SKIPPED + 1))
|
SKIPPED=$((SKIPPED + 1))
|
||||||
echo " [SKIP] $ip (already whitelisted)"
|
echo " [SKIP] $ip (already whitelisted)"
|
||||||
else
|
else
|
||||||
# Add to cPHulk whitelist
|
# Add to cPHulk whitelist using the correct script
|
||||||
if whmapi1 cphulkd_add_whitelist ip="$ip" 2>&1 | grep -q "success.*1"; then
|
if /usr/local/cpanel/scripts/cphulkdwhitelist "$ip" 2>&1 | grep -q "whitelisted"; then
|
||||||
IMPORTED=$((IMPORTED + 1))
|
IMPORTED=$((IMPORTED + 1))
|
||||||
echo " [OK] $ip"
|
echo " [OK] $ip"
|
||||||
else
|
else
|
||||||
@@ -341,7 +348,7 @@ else
|
|||||||
fi
|
fi
|
||||||
|
|
||||||
# Count whitelist
|
# Count whitelist
|
||||||
FINAL_WHITELIST=$(/usr/local/cpanel/scripts/cphulkdwhitelist --list 2>/dev/null | grep -v "^$" | wc -l)
|
FINAL_WHITELIST=$(/usr/local/cpanel/scripts/cphulkdwhitelist --list 2>/dev/null | grep -vE "^$|not enabled" | wc -l)
|
||||||
print_info "cPHulk whitelist entries: $FINAL_WHITELIST"
|
print_info "cPHulk whitelist entries: $FINAL_WHITELIST"
|
||||||
|
|
||||||
echo ""
|
echo ""
|
||||||
@@ -356,13 +363,16 @@ echo " • Maximum Failures per Account: 5"
|
|||||||
echo " • Maximum Failures per IP: 10"
|
echo " • Maximum Failures per IP: 10"
|
||||||
echo ""
|
echo ""
|
||||||
echo "3. Add your own IPs to whitelist:"
|
echo "3. Add your own IPs to whitelist:"
|
||||||
echo " whmapi1 cphulkd_add_whitelist ip=YOUR.IP.ADDRESS"
|
echo " /usr/local/cpanel/scripts/cphulkdwhitelist YOUR.IP.ADDRESS"
|
||||||
echo ""
|
echo ""
|
||||||
echo "4. View currently blocked IPs:"
|
echo "4. View current whitelist:"
|
||||||
echo " whmapi1 cphulkd_list_blocks"
|
echo " /usr/local/cpanel/scripts/cphulkdwhitelist --list"
|
||||||
echo ""
|
echo ""
|
||||||
echo "5. Remove a blocked IP:"
|
echo "5. Add to blacklist:"
|
||||||
echo " whmapi1 cphulkd_remove_block ip=IP.TO.UNBLOCK"
|
echo " /usr/local/cpanel/scripts/cphulkdwhitelist -black YOUR.IP.ADDRESS"
|
||||||
|
echo ""
|
||||||
|
echo "6. View currently blocked IPs (via WHM API):"
|
||||||
|
echo " whmapi1 get_cphulk_brutes"
|
||||||
|
|
||||||
echo ""
|
echo ""
|
||||||
print_success "cPHulk setup complete!"
|
print_success "cPHulk setup complete!"
|
||||||
|
|||||||
Reference in New Issue
Block a user