diff --git a/README.md b/README.md index 09f03bc..b84200c 100644 --- a/README.md +++ b/README.md @@ -3,95 +3,23 @@ **STATUS**: ๐Ÿš€ Development & Testing Branch (Separate from Production) > This is the **`dev` branch** for testing, development, and experimentation. -> **Production branch**: `main` at https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit -> > Changes here are **isolated from production** and can be safely tested before merging to main. --- -## ๐Ÿš€ Quick Start: How to Get the Dev Branch +## ๐Ÿš€ Quick Start -### Option 1: Download Dev Branch via wget +**One command - pulls dev branch with YELLOW โš ๏ธ BETA banner:** ```bash -# Download dev branch tarball -cd /tmp -wget https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/dev.tar.gz - -# Extract to /root/server-toolkit-beta/ -mkdir -p /root/server-toolkit-beta -tar -xzf dev.tar.gz -C /root/server-toolkit-beta --strip-components=1 -rm dev.tar.gz - -# Run the dev launcher -cd /root/server-toolkit-beta -./launcher.sh -# You'll see the YELLOW โš ๏ธ banner with "2.1.0-BETA" +curl -sL https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/dev.tar.gz | tar xz && source linux-server-management-toolkit/run.sh ``` -### Option 2: Download Main Branch (Production) and Switch to Dev - -```bash -# Download production branch first -cd /tmp -wget https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/main.tar.gz -mkdir -p /root/server-toolkit -tar -xzf main.tar.gz -C /root/server-toolkit --strip-components=1 -rm main.tar.gz - -# Then download and merge dev branch -cd /tmp -wget https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/dev.tar.gz -mkdir -p /root/server-toolkit-beta -tar -xzf dev.tar.gz -C /root/server-toolkit-beta --strip-components=1 -rm dev.tar.gz - -cd /root/server-toolkit-beta -./launcher.sh # Run dev version -``` - -### Option 3: Update Existing Dev Instance - -```bash -# If you already have dev extracted, download latest -cd /tmp -wget https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/dev.tar.gz - -# Backup old version -mv /root/server-toolkit-beta /root/server-toolkit-beta.bak - -# Extract new dev version -mkdir -p /root/server-toolkit-beta -tar -xzf dev.tar.gz -C /root/server-toolkit-beta --strip-components=1 -rm dev.tar.gz - -# Run updated version -cd /root/server-toolkit-beta -./launcher.sh -``` - -### โš ๏ธ Important: Different URLs for Each Branch - -**Production (main branch)**: -``` -https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/main.tar.gz -``` - -**Development (dev branch)**: -``` -https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/dev.tar.gz -``` - -Make sure you use the **dev** URL to get the development branch with YELLOW banner! +When exiting (option 0), answer "yes" and cleanup happens automatically - no extra steps. --- -## ๐Ÿ“ Quick Navigation - -**For Production**: Visit the `main` branch or `/root/server-toolkit/` -**For Development**: You're on the `dev` branch โ†’ `/root/server-toolkit-beta/` - -### Key Differences (Dev vs Production) +## ๐Ÿ“ Key Differences (Dev vs Production) | Feature | Dev Branch | Production | |---------|-----------|-----------| @@ -103,543 +31,26 @@ Make sure you use the **dev** URL to get the development branch with YELLOW bann --- -## ๐Ÿ”ง Dev Branch Setup & Workflow +## ๐Ÿ“ฆ Features -### Understanding the Dev Branch Structure +Comprehensive multi-panel server management suite supporting cPanel, InterWorx, Plesk, and standalone Apache with: -**Repository**: `https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit.git` -- **`main` branch** โ†’ Production (stable, tested code) -- **`dev` branch** โ†’ Development (testing, new features, experiments) - -Both branches exist in the same remote repository but are completely isolated. - -### Development Workflow - -#### 1๏ธโƒฃ Get the Latest Dev Code (wget) - -```bash -# Download latest dev branch tarball -cd /tmp -wget https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/dev.tar.gz - -# Backup old version (optional) -[ -d /root/server-toolkit-beta.old ] && rm -rf /root/server-toolkit-beta.old -[ -d /root/server-toolkit-beta ] && mv /root/server-toolkit-beta /root/server-toolkit-beta.old - -# Extract new dev version -mkdir -p /root/server-toolkit-beta -tar -xzf dev.tar.gz -C /root/server-toolkit-beta --strip-components=1 -rm dev.tar.gz -``` - -#### 2๏ธโƒฃ Make Changes & Test - -```bash -# Edit files in the dev branch -nano /root/server-toolkit-beta/launcher.sh -nano /root/server-toolkit-beta/modules/security/malware-scanner.sh - -# Test your changes with the dev launcher -/root/server-toolkit-beta/launcher.sh -# You'll see YELLOW banner: "โš ๏ธ 2.1.0-BETA" -``` - -#### 3๏ธโƒฃ Save Your Changes - -```bash -# Option A: Backup your modified version (if not using git) -cp -r /root/server-toolkit-beta /root/server-toolkit-beta.modified -# Later you can reference what you changed in this backup - -# Option B: If using git, commit and push changes -cd /root/server-toolkit-beta -git add modules/security/malware-scanner.sh -git commit -m "dev: Added feature XYZ to malware scanner" -git push origin dev -``` - -#### 4๏ธโƒฃ When Ready: Deploy to Production (wget) - -```bash -# Download production (main branch) -cd /tmp -wget https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/main.tar.gz - -# Backup current production -[ -d /root/server-toolkit.old ] && rm -rf /root/server-toolkit.old -[ -d /root/server-toolkit ] && mv /root/server-toolkit /root/server-toolkit.old - -# Extract fresh production version -mkdir -p /root/server-toolkit -tar -xzf main.tar.gz -C /root/server-toolkit --strip-components=1 -rm main.tar.gz - -# Manually copy your tested changes from dev to production -# Example: copy the files you modified -cp /root/server-toolkit-beta/modules/security/malware-scanner.sh /root/server-toolkit/modules/security/ -cp /root/server-toolkit-beta/launcher.sh /root/server-toolkit/launcher.sh - -# Test the updated production version -/root/server-toolkit/launcher.sh -# Should show CYAN banner: "โšก 2.1.0" (not BETA) -``` - -### Common Dev Commands - -```bash -# Check your current branch -git branch -vv -# Shows: * dev adcb3b0 [origin/dev] ... - -# See what's different from production -cd /root/server-toolkit-beta -git log --oneline main..dev # Commits in dev not in main - -# See what's different from last push -git log --oneline origin/dev..dev - -# Revert unwanted changes -git reset --hard origin/dev # Discard local changes, match remote - -# View recent dev commits -git log --oneline -10 - -# Check if dev is up to date with remote -git status -# Should show: "Your branch is up to date with 'origin/dev'" -``` - -### Isolation Features (Why Dev is Safe) - -โœ… **Cache Isolation**: Uses `.sysref.beta` (separate from production `.sysref`) -โœ… **Code Isolation**: Changes only in `dev` branch until explicitly merged -โœ… **Visual Warning**: YELLOW banner with "BETA" label (can't accidentally think it's production) -โœ… **Version Distinction**: `2.1.0-BETA` vs `2.1.0` (easy to identify) -โœ… **Git Isolation**: `dev` branch tracked separately from `main` - -### Troubleshooting - -**"I'm on the wrong branch"** -```bash -git branch -a # See all branches -git checkout dev # Switch to dev -git branch -u origin/dev # Track origin/dev -``` - -**"Dev is behind remote"** -```bash -git pull origin dev # Get latest changes -``` - -**"I made a mistake and want to start over"** -```bash -git reset --hard origin/dev # Revert to last pushed state -git clean -fd # Remove untracked files -``` - -**"Production (main) got updates, sync dev with main"** -```bash -# Get latest main changes -git fetch origin main - -# See difference -git log --oneline origin/main..dev - -# Merge main into dev -git merge origin/main -git push origin dev # Push merged result -``` +- ๐Ÿ›ก๏ธ **Security & Monitoring**: Live attack monitor, bot blocker, malware scanner, IP reputation +- ๐Ÿ’พ **Backup & Recovery**: Acronis management, MySQL database restore +- ๐ŸŒ **Website Diagnostics**: Error analysis, WordPress tools, Cloudflare detection +- ๐Ÿ“ง **Email Diagnostics**: Mail queue, blacklist checker, SPF/DKIM/DMARC validation +- ๐Ÿ“Š **Performance Analysis**: MySQL optimization, PHP tuning, hardware health, Varnish cache +- ๐Ÿ” **System Diagnostics**: Health checks, loadwatch analysis, bandwidth monitoring --- -## Full Documentation Below +## ๐Ÿ“– Documentation -Comprehensive multi-panel server management suite supporting cPanel, InterWorx, Plesk, and standalone Apache with modular architecture and intelligent security features. - -## ๐Ÿ“ฆ Directory Structure - -``` -server-toolkit/ -โ”œโ”€โ”€ launcher.sh # Main menu system -โ”œโ”€โ”€ README.md # This file -โ”‚ -โ”œโ”€โ”€ modules/ # Modular scripts organized by category -โ”‚ โ”‚ -โ”‚ โ”œโ”€โ”€ diagnostics/ # ๐Ÿ” System Diagnostics -โ”‚ โ”‚ โ”œโ”€โ”€ system-health-check.sh # Comprehensive health analysis -โ”‚ โ”‚ โ””โ”€โ”€ loadwatch-analyzer.sh # Historical system health analysis (1h/6h/24h/7d/30d) -โ”‚ โ”‚ -โ”‚ โ”œโ”€โ”€ security/ # ๐Ÿ›ก๏ธ Security & Monitoring -โ”‚ โ”‚ โ”œโ”€โ”€ live-attack-monitor-v2.sh # Real-time SOC dashboard with auto-mitigation -โ”‚ โ”‚ โ”œโ”€โ”€ live-attack-monitor.sh # Legacy attack monitoring (deprecated) -โ”‚ โ”‚ โ”œโ”€โ”€ bot-analyzer.sh # Full bot/threat analysis with pattern detection -โ”‚ โ”‚ โ”œโ”€โ”€ bot-blocker.sh # Apache User-Agent blocking manager (NEW!) -โ”‚ โ”‚ โ”œโ”€โ”€ malware-scanner.sh # ImunifyAV, ClamAV, Maldet integration -โ”‚ โ”‚ โ”œโ”€โ”€ ip-reputation-manager.sh # Centralized IP reputation tracking -โ”‚ โ”‚ โ”œโ”€โ”€ ssh-attack-monitor.sh # SSH brute force detection -โ”‚ โ”‚ โ”œโ”€โ”€ web-traffic-monitor.sh # Web traffic monitoring -โ”‚ โ”‚ โ”œโ”€โ”€ firewall-activity-monitor.sh # CSF/iptables monitoring -โ”‚ โ”‚ โ”œโ”€โ”€ enable-cphulk.sh # cPHulk enablement with CSF whitelist import -โ”‚ โ”‚ โ”œโ”€โ”€ optimize-ct-limit.sh # Connection tracking optimization -โ”‚ โ”‚ โ”œโ”€โ”€ tail-apache-access.sh # Live Apache access log viewer -โ”‚ โ”‚ โ”œโ”€โ”€ tail-apache-error.sh # Live Apache error log viewer -โ”‚ โ”‚ โ”œโ”€โ”€ tail-mail-log.sh # Live mail log viewer -โ”‚ โ”‚ โ””โ”€โ”€ tail-secure-log.sh # Live secure/auth log viewer -โ”‚ โ”‚ -โ”‚ โ”œโ”€โ”€ backup/ # ๐Ÿ’พ Backup & Recovery -โ”‚ โ”‚ โ”œโ”€โ”€ acronis-*.sh # Acronis Cyber Protect (17 management scripts) -โ”‚ โ”‚ โ”‚ โ”œโ”€โ”€ acronis-install.sh # Install Acronis agent -โ”‚ โ”‚ โ”‚ โ”œโ”€โ”€ acronis-register.sh # Register agent with cloud -โ”‚ โ”‚ โ”‚ โ”œโ”€โ”€ acronis-configure.sh # Configure backup plans -โ”‚ โ”‚ โ”‚ โ”œโ”€โ”€ acronis-status.sh # Agent status check -โ”‚ โ”‚ โ”‚ โ”œโ”€โ”€ acronis-backup-status.sh # Backup job status -โ”‚ โ”‚ โ”‚ โ”œโ”€โ”€ acronis-manual-backup.sh # Trigger manual backup -โ”‚ โ”‚ โ”‚ โ”œโ”€โ”€ acronis-restore.sh # Restore from backup -โ”‚ โ”‚ โ”‚ โ”œโ”€โ”€ acronis-update.sh # Update agent -โ”‚ โ”‚ โ”‚ โ”œโ”€โ”€ acronis-uninstall.sh # Remove agent -โ”‚ โ”‚ โ”‚ โ”œโ”€โ”€ acronis-troubleshoot.sh # Diagnostics and repair -โ”‚ โ”‚ โ”‚ โ””โ”€โ”€ (7 more utilities) -โ”‚ โ”‚ โ””โ”€โ”€ mysql-restore-to-sql.sh # MySQL/MariaDB database restore & dump tool -โ”‚ โ”‚ -โ”‚ โ”œโ”€โ”€ website/ # ๐ŸŒ Website Diagnostics -โ”‚ โ”‚ โ”œโ”€โ”€ website-error-analyzer.sh # Comprehensive error analysis -โ”‚ โ”‚ โ”œโ”€โ”€ 500-error-tracker.sh # Fast 500 error tracking -โ”‚ โ”‚ โ”œโ”€โ”€ cloudflare-detector.sh # Cloudflare domain detection (NEW!) -โ”‚ โ”‚ โ”œโ”€โ”€ wordpress-menu.sh # WordPress tools submenu -โ”‚ โ”‚ โ””โ”€โ”€ wordpress/ -โ”‚ โ”‚ โ””โ”€โ”€ wordpress-cron-manager.sh # WP-Cron diagnostics and management -โ”‚ โ”‚ -โ”‚ โ”œโ”€โ”€ email/ # ๐Ÿ“ง Email Diagnostics & Management -โ”‚ โ”‚ โ”œโ”€โ”€ email-diagnostics.sh # Comprehensive email diagnostics -โ”‚ โ”‚ โ”œโ”€โ”€ mail-log-analyzer.sh # Mail log analysis -โ”‚ โ”‚ โ”œโ”€โ”€ mail-queue-inspector.sh # Exim queue inspection -โ”‚ โ”‚ โ”œโ”€โ”€ flush-mail-queue.sh # Flush stuck mail queue -โ”‚ โ”‚ โ”œโ”€โ”€ blacklist-check.sh # RBL/DNSBL blacklist checker -โ”‚ โ”‚ โ”œโ”€โ”€ spf-dkim-dmarc-check.sh # Email authentication validator -โ”‚ โ”‚ โ”œโ”€โ”€ deliverability-test.sh # Email delivery testing -โ”‚ โ”‚ โ”œโ”€โ”€ smtp-connection-test.sh # SMTP connectivity checker -โ”‚ โ”‚ โ””โ”€โ”€ clean-mailboxes.sh # Mailbox cleanup utility -โ”‚ โ”‚ -โ”‚ โ”œโ”€โ”€ performance/ # ๐Ÿ“Š Performance Analysis -โ”‚ โ”‚ โ”œโ”€โ”€ nginx-varnish-manager.sh # Nginx + Varnish Cache Manager -โ”‚ โ”‚ โ”œโ”€โ”€ php-optimizer.sh # PHP Configuration Optimizer -โ”‚ โ”‚ โ”œโ”€โ”€ hardware-health-check.sh # Hardware diagnostics (SMART, sensors) -โ”‚ โ”‚ โ”œโ”€โ”€ mysql-query-analyzer.sh # MySQL performance analysis -โ”‚ โ”‚ โ””โ”€โ”€ network-bandwidth-analyzer.sh # Network analysis -โ”‚ โ”‚ -โ”‚ โ””โ”€โ”€ maintenance/ # ๐Ÿงน System Maintenance -โ”‚ โ”œโ”€โ”€ cleanup-toolkit-data.sh # Clean temporary toolkit data -โ”‚ โ””โ”€โ”€ disk-space-analyzer.sh # Disk usage analysis and recommendations -โ”‚ -โ”œโ”€โ”€ lib/ # Shared libraries -โ”‚ โ”œโ”€โ”€ common-functions.sh # Reusable UI, logging, and utility functions -โ”‚ โ”œโ”€โ”€ system-detect.sh # Multi-panel system detection (cPanel/Plesk/InterWorx) -โ”‚ โ”œโ”€โ”€ user-manager.sh # User account management across panels -โ”‚ โ”œโ”€โ”€ domain-discovery.sh # Multi-panel domain discovery -โ”‚ โ”œโ”€โ”€ reference-db.sh # Cross-module intelligence sharing (.sysref) -โ”‚ โ”‚ -โ”‚ โ”œโ”€โ”€ attack-patterns.sh # Attack pattern definitions and scoring -โ”‚ โ”œโ”€โ”€ attack-signatures.sh # 24+ attack signature detection rules -โ”‚ โ”œโ”€โ”€ bot-signatures.sh # Bot classification (legitimate vs malicious) -โ”‚ โ”œโ”€โ”€ http-attack-analyzer.sh # HTTP attack analysis engine -โ”‚ โ”œโ”€โ”€ threat-intelligence.sh # Threat scoring and intelligence aggregation -โ”‚ โ”œโ”€โ”€ ip-reputation.sh # IP reputation tracking and querying -โ”‚ โ”œโ”€โ”€ rate-anomaly-detector.sh # Request rate anomaly detection -โ”‚ โ”‚ -โ”‚ โ”œโ”€โ”€ mysql-analyzer.sh # MySQL performance utilities -โ”‚ โ”œโ”€โ”€ php-detector.sh # PHP configuration detection -โ”‚ โ”œโ”€โ”€ php-analyzer.sh # PHP performance analysis engine -โ”‚ โ”œโ”€โ”€ php-config-manager.sh # PHP config backup/restore/modification -โ”‚ โ”œโ”€โ”€ email-functions.sh # Email-related utilities -โ”‚ โ””โ”€โ”€ plesk-helpers.sh # Plesk-specific helper functions -โ”‚ -โ”œโ”€โ”€ config/ # Configuration files -โ”‚ โ”œโ”€โ”€ settings.conf # Main configuration -โ”‚ โ”œโ”€โ”€ whitelist-ips.txt # IP whitelist -โ”‚ โ””โ”€โ”€ whitelist-user-agents.txt # User-Agent whitelist -โ”‚ -โ””โ”€โ”€ tools/ # Utility scripts - โ”œโ”€โ”€ diagnostic-report.sh # Generate comprehensive system reports - โ”œโ”€โ”€ toolkit-qa-check.sh # Quality assurance checker (88 tests) - โ”œโ”€โ”€ qa-functional-tests.sh # Functional testing suite - โ”œโ”€โ”€ update-attack-signatures.sh # Update attack signature database - โ”œโ”€โ”€ analyze-historical-attacks.sh # Historical attack pattern analysis - โ””โ”€โ”€ erase-toolkit-traces.sh # Complete toolkit removal utility -``` - -## ๐Ÿš€ Quick Start - -### Installation & Running - -**Production (main branch) - One command:** -```bash -curl -sL https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/main.tar.gz | tar xz && source linux-server-management-toolkit/run.sh -``` - -**Development (dev branch) - One command (YELLOW BANNER โš ๏ธ 2.1.0-BETA):** -```bash -curl -sL https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/dev.tar.gz | tar xz && source linux-server-management-toolkit/run.sh -``` - -**If already downloaded:** -```bash -source /root/linux-server-management-toolkit/run.sh -``` - -When exiting (option 0), answer "yes" and cleanup happens automatically - no extra steps. - -## โœจ Key Features - -### ๐Ÿ›ก๏ธ Security & Monitoring -- **Live Attack Monitor v2**: Real-time SOC dashboard with intelligent auto-blocking - - **Auto-Mitigation Engine**: Automatic blocking at Score >= 80 (critical) or >= 100 (instant) - - **Distributed Attack Detection**: Blocks coordinated attacks (5+ IPs, 25+ for subnet-level blocking) - - **24 Attack Signatures**: RCE, SQL injection, XSS, path traversal, SSRF, XXE, credential stuffing, and more - - **IPset Integration**: Kernel-level blocking for instant response (batched for performance) - - **Bot Classification**: Distinguishes legitimate bots (Google, Bing) from AI scrapers and attack tools - - **Attack Scoring System**: Dynamic scoring with volume bonuses and attack severity weighting - - **Multi-Source Monitoring**: HTTP, SSH, Email, FTP, Database, Network attacks in unified dashboard -- **Bot Blocker**: Apache User-Agent blocking manager with one-click enable/disable - - Blocks 24+ malicious bots: security scanners, AI scrapers, SEO bots, vulnerability scanners - - Safe Apache restart with automatic rollback on syntax errors - - Configuration backup and restore capability - - Syntax validation before applying changes -- **Bot & Traffic Analyzer**: Full bot/threat analysis with pattern detection -- **IP Reputation Manager**: Centralized cross-module IP intelligence with query/tracking -- **Malware Scanner**: ImunifyAV, ClamAV, and Maldet integration with auto-installation -- **cPHulk Integration**: Auto-imports CSF whitelists from all sources -- **Specialized Monitors**: SSH attacks, web traffic, firewall activity -- **Log Viewers**: Live tail for Apache access/error, mail, and security logs -- **No System Pollution**: All data stored in /tmp (auto-cleanup on reboot, no /var/lib/ files) - -### ๐Ÿ’พ Backup & Recovery -- **Acronis Cyber Protect**: Complete agent management (install, update, configure, monitor, troubleshoot) -- **MySQL Database Restore Tool**: Advanced recovery from file-based backups with intelligent Force Recovery - - Multi-control panel support (cPanel, InterWorx, Plesk, standalone) - - Smart detection for selective restore scenarios - - Safe single-database extraction from full backups - - Clean SQL export for production import - -### ๐ŸŒ Website Diagnostics -- **Error Analysis**: Comprehensive website error detection and troubleshooting -- **500 Error Tracking**: Detailed analysis of application errors -- **Cloudflare Detector**: Identify domains using Cloudflare with datacenter locations - - Distinguishes between Proxied (orange cloud) and DNS-Only (gray cloud) - - Shows Cloudflare datacenter locations (Chicago, Los Angeles, etc.) - - Detects NXDOMAIN domains that need cleanup - - Triple validation: nameservers, IP ranges, CF-RAY headers - - Helps debug regional outages and cache issues -- **WordPress Tools**: WP-Cron manager for WordPress diagnostics -- **Log Integration**: Apache, PHP-FPM, cPanel error log analysis -- **Smart Recommendations**: Context-aware suggestions for fixing issues - -### ๐Ÿ“ง Email Diagnostics & Management -- **Comprehensive Email Diagnostics**: Full email system health check -- **Mail Log Analyzer**: Parse and analyze mail logs for delivery issues -- **Mail Queue Inspector**: Inspect stuck/frozen mail queue with filtering -- **Flush Mail Queue**: Clear stuck messages from Exim queue -- **Blacklist Checker**: Check server IP against 50+ RBL/DNSBL lists -- **SPF/DKIM/DMARC Validator**: Verify email authentication records -- **Deliverability Testing**: Send test emails and verify delivery -- **SMTP Connection Test**: Test SMTP connectivity and authentication -- **Mailbox Cleanup**: Clean up mailbox quotas and old messages - -### ๐Ÿ” Performance & Diagnostics -- **System Health Check**: Comprehensive hardware, services, and security posture analysis -- **Loadwatch Analyzer**: Historical system health analysis (1h/6h/24h/7d/30d time ranges) -- **MySQL Query Analyzer**: Slow query detection and optimization recommendations -- **Network & Bandwidth Analyzer**: Traffic analysis and top consumers -- **Hardware Health Check**: SMART, memory, CPU sensors -- **PHP Configuration Optimizer**: Per-domain PHP-FPM tuning with auto-backup and zero downtime -- **Nginx + Varnish Cache Manager**: Complete Varnish cache installation and management for cPanel - - **99.5% Stock Compliance**: Only settings.json modified (RPM config file) - - **Full HTTP + HTTPS Caching**: SSL termination at Nginx, HTTP backends to Varnish - - **Update Survival**: Proven to survive ea-nginx package updates and rebuilds - - **93 Static File Types**: Images, fonts, CSS/JS, videos, documents, archives, and more - - **Self-Healing**: 8 automatic fixes including config-script integrity checks - - **Complete Backup/Revert**: Full restoration to pre-installation state - - **Smart Bypasses**: AutoSSL, cPanel services, admin pages, POST requests - - **Automated Audit**: 44 tests verify configuration and functionality -- **Multi-Panel Support**: cPanel, InterWorx, Plesk, standalone Apache - -### ๐Ÿ“Š Session Intelligence -- **Reference Database**: Cross-module data sharing (.sysref) -- **No Historical Tracking**: Session-based intelligence only -- **"Download, Run, Fix, Delete"**: Designed for one-time troubleshooting - -## ๐ŸŽฏ Usage Examples - -### Quick System Health Check - -```bash -bash launcher.sh -# Select: 1) System Health Check -``` - -### Security Analysis & Monitoring - -```bash -bash launcher.sh -# Select: 2) Security & Monitoring -# Options: -# - Live Attack Monitor v2 (real-time SOC dashboard with auto-blocking) -# * Monitors HTTP, SSH, Email, FTP, Database, Network attacks -# * Auto-blocks IPs at Score >= 80 (critical) or >= 100 (instant) -# * Detects distributed attacks (5+ IPs) and blocks all participants -# * Subnet blocking when 25+ IPs attack from same /24 range -# * IPset kernel-level blocking for instant response -# - Bot Blocker (Apache User-Agent blocking) -# * One-click enable/disable -# * Blocks 24+ malicious bots (scanners, scrapers, AI bots) -# * Safe Apache restart with syntax validation -# * Automatic backup and restore -# - Bot & Traffic Analyzer (full scan or 1-hour quick scan) -# - IP Reputation Manager -# - Malware Scanner (ImunifyAV, ClamAV, Maldet with auto-install) -# - Enable cPHulk Protection -# - SSH/Web/Firewall attack monitors -``` - -### Website Diagnostics - -```bash -bash launcher.sh -# Select: 3) Website Diagnostics -# Options: -# - Website Error Analyzer (comprehensive error detection) -# - Fast 500 Error Tracker (500 errors only) -# - Cloudflare Detector -# * Scan all domains or check single domain -# * Shows Proxied (orange cloud) vs DNS-Only (gray cloud) -# * Displays datacenter locations (Chicago, LA, etc.) -# * Identifies NXDOMAIN domains that need cleanup -# - WordPress Tools (WP-Cron manager) -``` - -### Email Diagnostics - -```bash -bash launcher.sh -# Select: 6) Email Diagnostics -# Options: -# - Comprehensive Email Diagnostics -# - Mail Log Analyzer -# - Mail Queue Inspector -# - Blacklist Checker (RBL/DNSBL) -# - SPF/DKIM/DMARC Validator -# - Deliverability Testing -# - SMTP Connection Test -# - Flush Mail Queue -# - Clean Mailboxes -``` - -### Performance Analysis - -```bash -bash launcher.sh -# Select: 4) Performance Analysis -# Options: -# - MySQL Query Analyzer (slow query detection) -# - Network & Bandwidth Analyzer -# - Hardware Health Check -# - PHP Configuration Optimizer (per-domain tuning) -# - Nginx + Varnish Cache Manager (transparent caching layer) -# - Loadwatch Health Analyzer (1h/6h/24h/7d/30d analysis) -``` - -### Backup & Recovery - -```bash -bash launcher.sh -# Select: 5) Backup & Recovery -# Options: -# - Acronis Management (complete backup interface) -# - MySQL File Restore (convert DB files to SQL) -``` - -## ๐Ÿ”ง Configuration - -Edit the configuration file: -```bash -nano /root/server-toolkit/config/settings.conf -``` - -## ๐Ÿ”’ Security Considerations - -- **Run as root**: Most modules require root access -- **Credentials stored safely**: Git credentials in ~/.git-credentials (outside project) -- **No sensitive data in repo**: .gitignore excludes keys, tokens, credentials -- **Test first**: Try on non-production environments first - -## ๐Ÿ“Š Recent Updates (v2.3) - -### January 2026 Highlights - Performance & Security - -#### Week 4 - Cloudflare & Bot Management -- **Cloudflare Detector**: Advanced Cloudflare domain detection with location tracking (NEW!) - - Distinguishes between Proxied (orange cloud) and DNS-Only (gray cloud) configurations - - Shows datacenter locations with city names (Chicago, Los Angeles, etc.) - - NXDOMAIN detection for identifying old/deleted domains - - Triple validation: nameservers, IP range matching, CF-RAY header analysis - - Helps debug regional outages and identify misconfigured domains -- **Bot Blocker**: Apache User-Agent blocking manager for malicious bots (NEW!) - - One-click enable/disable for 24+ malicious user-agents - - Blocks: security scanners (nikto, nmap), AI scrapers (GPTBot, Claude-Web), SEO bots - - Safe Apache restart with syntax validation and automatic rollback - - Configuration backup/restore with timestamped backups - - Real-time testing to verify blocking effectiveness - -#### Week 3 - Varnish Cache & Auto-Mitigation -- **Nginx + Varnish Cache Manager**: Complete Varnish cache installation system - - 99.5% stock compliance (only settings.json modified) - - Full HTTP + HTTPS caching via SSL termination and config-script automation - - Proven update survival (RPM config file preservation) - - 93 static file types cached - - 8 self-healing auto-fixes - - Complete backup/revert capability - - Automated 44-test audit system -- **Auto-Mitigation Engine**: Automatic IP blocking at Score >= 80/100 via IPset (kernel-level) -- **Distributed Attack Blocking**: Detects and blocks coordinated botnet attacks (5+ IPs) -- **Subnet-Level Blocking**: Blocks entire /24 subnets when 25+ IPs attack from same range -- **Attack Signature Improvements**: Fixed false positives in HTTP_SMUGGLING and SUSPICIOUS_UA detection -- **Function Exports**: Fixed critical bug preventing HTTP attack auto-blocking in subshells -- **No System Pollution**: Moved all persistent data from /var/lib/ to /tmp/ for clean removal -- **Maldet Auto-Installation**: Enhanced Plesk support with improved directory detection - -### December 2025 Highlights -- **Launcher Cleanup**: Removed 90+ phantom menu items, reduced from 1,576 to 574 lines (64% reduction) -- **Performance**: Cached domain status checks save ~5 minutes on 50-domain servers -- **MySQL Restore Tool**: Advanced database recovery with intelligent Force Recovery detection -- **Multi-Panel**: Full support for cPanel, InterWorx, Plesk, standalone Apache - -### Current Feature Set -- **60+ Working Modules**: Security (14), Website (5), Email (9), Performance (5), Backup (18), Diagnostics (2), Maintenance (2) -- **18 Shared Libraries**: Attack detection, bot classification, system detection, PHP/MySQL analysis -- **6 Utility Tools**: QA checker (88 tests), attack signature updater, diagnostic reports -- **24 Attack Signatures**: RCE, SQL Injection, XSS, Path Traversal, SSRF, XXE, and more -- **Bot Management**: Auto-blocking malicious bots via Apache User-Agent filtering -- **Cloudflare Integration**: Advanced detection with datacenter location tracking -- **Varnish Cache**: Transparent caching layer with 99.5% stock compliance -- **Email Diagnostics**: Complete email troubleshooting suite with RBL checking -- **Reference Database**: 1-hour cached status for cross-module intelligence -- **Zero Hardcoded Paths**: Automatic control panel detection and path abstraction -- **Self-Contained Design**: Delete toolkit directory = all data removed (no system files) - -## ๐Ÿ™ Credits - -Built for comprehensive cPanel/Linux server management with a focus on security and intelligent automation. +For detailed documentation, see the main repository: +https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit --- -**Version**: 2.3.0 -**Last Updated**: January 28, 2026 +**Version**: 2.1.0-BETA **Repository**: https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit - -## ๐Ÿ“ˆ Statistics - -- **Total Modules**: 60+ -- **Shared Libraries**: 18 -- **Attack Signatures**: 24+ -- **Supported Panels**: cPanel, InterWorx, Plesk, Standalone -- **Lines of Code**: ~30,000+ -- **QA Tests**: 88 automated checks +**Branch**: dev