cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs: Simplify dev README to single copy-paste command (dev branch only)

Browse Source
This commit is contained in:
Developer
2026-03-19 19:50:46 -04:00
parent cd38f9248f
commit d36e668b0e
1 changed files with 18 additions and 607 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+18 -607
View File
@@ -3,95 +3,23 @@
**STATUS**: 🚀 Development & Testing Branch (Separate from Production)
> This is the **`dev` branch** for testing, development, and experimentation.
> **Production branch**: `main` at https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit
>
> Changes here are **isolated from production** and can be safely tested before merging to main.
---
## 🚀 Quick Start: How to Get the Dev Branch
## 🚀 Quick Start
### Option 1: Download Dev Branch via wget
**One command - pulls dev branch with YELLOW ⚠️ BETA banner:**
```bash
# Download dev branch tarball
cd /tmp
wget https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/dev.tar.gz
# Extract to /root/server-toolkit-beta/
mkdir -p /root/server-toolkit-beta
tar -xzf dev.tar.gz -C /root/server-toolkit-beta --strip-components=1
rm dev.tar.gz
# Run the dev launcher
cd /root/server-toolkit-beta
./launcher.sh
# You'll see the YELLOW ⚠️ banner with "2.1.0-BETA"
curl -sL https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/dev.tar.gz | tar xz && source linux-server-management-toolkit/run.sh
```
### Option 2: Download Main Branch (Production) and Switch to Dev
```bash
# Download production branch first
cd /tmp
wget https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/main.tar.gz
mkdir -p /root/server-toolkit
tar -xzf main.tar.gz -C /root/server-toolkit --strip-components=1
rm main.tar.gz
# Then download and merge dev branch
cd /tmp
wget https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/dev.tar.gz
mkdir -p /root/server-toolkit-beta
tar -xzf dev.tar.gz -C /root/server-toolkit-beta --strip-components=1
rm dev.tar.gz
cd /root/server-toolkit-beta
./launcher.sh # Run dev version
```
### Option 3: Update Existing Dev Instance
```bash
# If you already have dev extracted, download latest
cd /tmp
wget https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/dev.tar.gz
# Backup old version
mv /root/server-toolkit-beta /root/server-toolkit-beta.bak
# Extract new dev version
mkdir -p /root/server-toolkit-beta
tar -xzf dev.tar.gz -C /root/server-toolkit-beta --strip-components=1
rm dev.tar.gz
# Run updated version
cd /root/server-toolkit-beta
./launcher.sh
```
### ⚠️ Important: Different URLs for Each Branch
**Production (main branch)**:
```
https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/main.tar.gz
```
**Development (dev branch)**:
```
https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/dev.tar.gz
```
Make sure you use the **dev** URL to get the development branch with YELLOW banner!
When exiting (option 0), answer "yes" and cleanup happens automatically - no extra steps.
---
## 📍 Quick Navigation
**For Production**: Visit the `main` branch or `/root/server-toolkit/`
**For Development**: You're on the `dev` branch → `/root/server-toolkit-beta/`
### Key Differences (Dev vs Production)
## 📍 Key Differences (Dev vs Production)
| Feature | Dev Branch | Production |
|---------|-----------|-----------|
@@ -103,543 +31,26 @@ Make sure you use the **dev** URL to get the development branch with YELLOW bann
---
## 🔧 Dev Branch Setup & Workflow
## 📦 Features
### Understanding the Dev Branch Structure
Comprehensive multi-panel server management suite supporting cPanel, InterWorx, Plesk, and standalone Apache with:
**Repository**: `https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit.git`
- **`main` branch** → Production (stable, tested code)
- **`dev` branch** → Development (testing, new features, experiments)
Both branches exist in the same remote repository but are completely isolated.
### Development Workflow
#### 1️⃣ Get the Latest Dev Code (wget)
```bash
# Download latest dev branch tarball
cd /tmp
wget https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/dev.tar.gz
# Backup old version (optional)
[ -d /root/server-toolkit-beta.old ] && rm -rf /root/server-toolkit-beta.old
[ -d /root/server-toolkit-beta ] && mv /root/server-toolkit-beta /root/server-toolkit-beta.old
# Extract new dev version
mkdir -p /root/server-toolkit-beta
tar -xzf dev.tar.gz -C /root/server-toolkit-beta --strip-components=1
rm dev.tar.gz
```
#### 2️⃣ Make Changes & Test
```bash
# Edit files in the dev branch
nano /root/server-toolkit-beta/launcher.sh
nano /root/server-toolkit-beta/modules/security/malware-scanner.sh
# Test your changes with the dev launcher
/root/server-toolkit-beta/launcher.sh
# You'll see YELLOW banner: "⚠️ 2.1.0-BETA"
```
#### 3️⃣ Save Your Changes
```bash
# Option A: Backup your modified version (if not using git)
cp -r /root/server-toolkit-beta /root/server-toolkit-beta.modified
# Later you can reference what you changed in this backup
# Option B: If using git, commit and push changes
cd /root/server-toolkit-beta
git add modules/security/malware-scanner.sh
git commit -m "dev: Added feature XYZ to malware scanner"
git push origin dev
```
#### 4️⃣ When Ready: Deploy to Production (wget)
```bash
# Download production (main branch)
cd /tmp
wget https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/main.tar.gz
# Backup current production
[ -d /root/server-toolkit.old ] && rm -rf /root/server-toolkit.old
[ -d /root/server-toolkit ] && mv /root/server-toolkit /root/server-toolkit.old
# Extract fresh production version
mkdir -p /root/server-toolkit
tar -xzf main.tar.gz -C /root/server-toolkit --strip-components=1
rm main.tar.gz
# Manually copy your tested changes from dev to production
# Example: copy the files you modified
cp /root/server-toolkit-beta/modules/security/malware-scanner.sh /root/server-toolkit/modules/security/
cp /root/server-toolkit-beta/launcher.sh /root/server-toolkit/launcher.sh
# Test the updated production version
/root/server-toolkit/launcher.sh
# Should show CYAN banner: "⚡ 2.1.0" (not BETA)
```
### Common Dev Commands
```bash
# Check your current branch
git branch -vv
# Shows: * dev adcb3b0 [origin/dev] ...
# See what's different from production
cd /root/server-toolkit-beta
git log --oneline main..dev # Commits in dev not in main
# See what's different from last push
git log --oneline origin/dev..dev
# Revert unwanted changes
git reset --hard origin/dev # Discard local changes, match remote
# View recent dev commits
git log --oneline -10
# Check if dev is up to date with remote
git status
# Should show: "Your branch is up to date with 'origin/dev'"
```
### Isolation Features (Why Dev is Safe)
**Cache Isolation**: Uses `.sysref.beta` (separate from production `.sysref`)
**Code Isolation**: Changes only in `dev` branch until explicitly merged
**Visual Warning**: YELLOW banner with "BETA" label (can't accidentally think it's production)
**Version Distinction**: `2.1.0-BETA` vs `2.1.0` (easy to identify)
**Git Isolation**: `dev` branch tracked separately from `main`
### Troubleshooting
**"I'm on the wrong branch"**
```bash
git branch -a # See all branches
git checkout dev # Switch to dev
git branch -u origin/dev # Track origin/dev
```
**"Dev is behind remote"**
```bash
git pull origin dev # Get latest changes
```
**"I made a mistake and want to start over"**
```bash
git reset --hard origin/dev # Revert to last pushed state
git clean -fd # Remove untracked files
```
**"Production (main) got updates, sync dev with main"**
```bash
# Get latest main changes
git fetch origin main
# See difference
git log --oneline origin/main..dev
# Merge main into dev
git merge origin/main
git push origin dev # Push merged result
```
- 🛡️ **Security & Monitoring**: Live attack monitor, bot blocker, malware scanner, IP reputation
- 💾 **Backup & Recovery**: Acronis management, MySQL database restore
- 🌐 **Website Diagnostics**: Error analysis, WordPress tools, Cloudflare detection
- 📧 **Email Diagnostics**: Mail queue, blacklist checker, SPF/DKIM/DMARC validation
- 📊 **Performance Analysis**: MySQL optimization, PHP tuning, hardware health, Varnish cache
- 🔍 **System Diagnostics**: Health checks, loadwatch analysis, bandwidth monitoring
---
## Full Documentation Below
## 📖 Documentation
Comprehensive multi-panel server management suite supporting cPanel, InterWorx, Plesk, and standalone Apache with modular architecture and intelligent security features.
## 📦 Directory Structure
```
server-toolkit/
├── launcher.sh # Main menu system
├── README.md # This file
├── modules/ # Modular scripts organized by category
│ │
│ ├── diagnostics/ # 🔍 System Diagnostics
│ │ ├── system-health-check.sh # Comprehensive health analysis
│ │ └── loadwatch-analyzer.sh # Historical system health analysis (1h/6h/24h/7d/30d)
│ │
│ ├── security/ # 🛡️ Security & Monitoring
│ │ ├── live-attack-monitor-v2.sh # Real-time SOC dashboard with auto-mitigation
│ │ ├── live-attack-monitor.sh # Legacy attack monitoring (deprecated)
│ │ ├── bot-analyzer.sh # Full bot/threat analysis with pattern detection
│ │ ├── bot-blocker.sh # Apache User-Agent blocking manager (NEW!)
│ │ ├── malware-scanner.sh # ImunifyAV, ClamAV, Maldet integration
│ │ ├── ip-reputation-manager.sh # Centralized IP reputation tracking
│ │ ├── ssh-attack-monitor.sh # SSH brute force detection
│ │ ├── web-traffic-monitor.sh # Web traffic monitoring
│ │ ├── firewall-activity-monitor.sh # CSF/iptables monitoring
│ │ ├── enable-cphulk.sh # cPHulk enablement with CSF whitelist import
│ │ ├── optimize-ct-limit.sh # Connection tracking optimization
│ │ ├── tail-apache-access.sh # Live Apache access log viewer
│ │ ├── tail-apache-error.sh # Live Apache error log viewer
│ │ ├── tail-mail-log.sh # Live mail log viewer
│ │ └── tail-secure-log.sh # Live secure/auth log viewer
│ │
│ ├── backup/ # 💾 Backup & Recovery
│ │ ├── acronis-*.sh # Acronis Cyber Protect (17 management scripts)
│ │ │ ├── acronis-install.sh # Install Acronis agent
│ │ │ ├── acronis-register.sh # Register agent with cloud
│ │ │ ├── acronis-configure.sh # Configure backup plans
│ │ │ ├── acronis-status.sh # Agent status check
│ │ │ ├── acronis-backup-status.sh # Backup job status
│ │ │ ├── acronis-manual-backup.sh # Trigger manual backup
│ │ │ ├── acronis-restore.sh # Restore from backup
│ │ │ ├── acronis-update.sh # Update agent
│ │ │ ├── acronis-uninstall.sh # Remove agent
│ │ │ ├── acronis-troubleshoot.sh # Diagnostics and repair
│ │ │ └── (7 more utilities)
│ │ └── mysql-restore-to-sql.sh # MySQL/MariaDB database restore & dump tool
│ │
│ ├── website/ # 🌐 Website Diagnostics
│ │ ├── website-error-analyzer.sh # Comprehensive error analysis
│ │ ├── 500-error-tracker.sh # Fast 500 error tracking
│ │ ├── cloudflare-detector.sh # Cloudflare domain detection (NEW!)
│ │ ├── wordpress-menu.sh # WordPress tools submenu
│ │ └── wordpress/
│ │ └── wordpress-cron-manager.sh # WP-Cron diagnostics and management
│ │
│ ├── email/ # 📧 Email Diagnostics & Management
│ │ ├── email-diagnostics.sh # Comprehensive email diagnostics
│ │ ├── mail-log-analyzer.sh # Mail log analysis
│ │ ├── mail-queue-inspector.sh # Exim queue inspection
│ │ ├── flush-mail-queue.sh # Flush stuck mail queue
│ │ ├── blacklist-check.sh # RBL/DNSBL blacklist checker
│ │ ├── spf-dkim-dmarc-check.sh # Email authentication validator
│ │ ├── deliverability-test.sh # Email delivery testing
│ │ ├── smtp-connection-test.sh # SMTP connectivity checker
│ │ └── clean-mailboxes.sh # Mailbox cleanup utility
│ │
│ ├── performance/ # 📊 Performance Analysis
│ │ ├── nginx-varnish-manager.sh # Nginx + Varnish Cache Manager
│ │ ├── php-optimizer.sh # PHP Configuration Optimizer
│ │ ├── hardware-health-check.sh # Hardware diagnostics (SMART, sensors)
│ │ ├── mysql-query-analyzer.sh # MySQL performance analysis
│ │ └── network-bandwidth-analyzer.sh # Network analysis
│ │
│ └── maintenance/ # 🧹 System Maintenance
│ ├── cleanup-toolkit-data.sh # Clean temporary toolkit data
│ └── disk-space-analyzer.sh # Disk usage analysis and recommendations
├── lib/ # Shared libraries
│ ├── common-functions.sh # Reusable UI, logging, and utility functions
│ ├── system-detect.sh # Multi-panel system detection (cPanel/Plesk/InterWorx)
│ ├── user-manager.sh # User account management across panels
│ ├── domain-discovery.sh # Multi-panel domain discovery
│ ├── reference-db.sh # Cross-module intelligence sharing (.sysref)
│ │
│ ├── attack-patterns.sh # Attack pattern definitions and scoring
│ ├── attack-signatures.sh # 24+ attack signature detection rules
│ ├── bot-signatures.sh # Bot classification (legitimate vs malicious)
│ ├── http-attack-analyzer.sh # HTTP attack analysis engine
│ ├── threat-intelligence.sh # Threat scoring and intelligence aggregation
│ ├── ip-reputation.sh # IP reputation tracking and querying
│ ├── rate-anomaly-detector.sh # Request rate anomaly detection
│ │
│ ├── mysql-analyzer.sh # MySQL performance utilities
│ ├── php-detector.sh # PHP configuration detection
│ ├── php-analyzer.sh # PHP performance analysis engine
│ ├── php-config-manager.sh # PHP config backup/restore/modification
│ ├── email-functions.sh # Email-related utilities
│ └── plesk-helpers.sh # Plesk-specific helper functions
├── config/ # Configuration files
│ ├── settings.conf # Main configuration
│ ├── whitelist-ips.txt # IP whitelist
│ └── whitelist-user-agents.txt # User-Agent whitelist
└── tools/ # Utility scripts
├── diagnostic-report.sh # Generate comprehensive system reports
├── toolkit-qa-check.sh # Quality assurance checker (88 tests)
├── qa-functional-tests.sh # Functional testing suite
├── update-attack-signatures.sh # Update attack signature database
├── analyze-historical-attacks.sh # Historical attack pattern analysis
└── erase-toolkit-traces.sh # Complete toolkit removal utility
```
## 🚀 Quick Start
### Installation & Running
**Production (main branch) - One command:**
```bash
curl -sL https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/main.tar.gz | tar xz && source linux-server-management-toolkit/run.sh
```
**Development (dev branch) - One command (YELLOW BANNER ⚠️ 2.1.0-BETA):**
```bash
curl -sL https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/dev.tar.gz | tar xz && source linux-server-management-toolkit/run.sh
```
**If already downloaded:**
```bash
source /root/linux-server-management-toolkit/run.sh
```
When exiting (option 0), answer "yes" and cleanup happens automatically - no extra steps.
## ✨ Key Features
### 🛡️ Security & Monitoring
- **Live Attack Monitor v2**: Real-time SOC dashboard with intelligent auto-blocking
- **Auto-Mitigation Engine**: Automatic blocking at Score >= 80 (critical) or >= 100 (instant)
- **Distributed Attack Detection**: Blocks coordinated attacks (5+ IPs, 25+ for subnet-level blocking)
- **24 Attack Signatures**: RCE, SQL injection, XSS, path traversal, SSRF, XXE, credential stuffing, and more
- **IPset Integration**: Kernel-level blocking for instant response (batched for performance)
- **Bot Classification**: Distinguishes legitimate bots (Google, Bing) from AI scrapers and attack tools
- **Attack Scoring System**: Dynamic scoring with volume bonuses and attack severity weighting
- **Multi-Source Monitoring**: HTTP, SSH, Email, FTP, Database, Network attacks in unified dashboard
- **Bot Blocker**: Apache User-Agent blocking manager with one-click enable/disable
- Blocks 24+ malicious bots: security scanners, AI scrapers, SEO bots, vulnerability scanners
- Safe Apache restart with automatic rollback on syntax errors
- Configuration backup and restore capability
- Syntax validation before applying changes
- **Bot & Traffic Analyzer**: Full bot/threat analysis with pattern detection
- **IP Reputation Manager**: Centralized cross-module IP intelligence with query/tracking
- **Malware Scanner**: ImunifyAV, ClamAV, and Maldet integration with auto-installation
- **cPHulk Integration**: Auto-imports CSF whitelists from all sources
- **Specialized Monitors**: SSH attacks, web traffic, firewall activity
- **Log Viewers**: Live tail for Apache access/error, mail, and security logs
- **No System Pollution**: All data stored in /tmp (auto-cleanup on reboot, no /var/lib/ files)
### 💾 Backup & Recovery
- **Acronis Cyber Protect**: Complete agent management (install, update, configure, monitor, troubleshoot)
- **MySQL Database Restore Tool**: Advanced recovery from file-based backups with intelligent Force Recovery
- Multi-control panel support (cPanel, InterWorx, Plesk, standalone)
- Smart detection for selective restore scenarios
- Safe single-database extraction from full backups
- Clean SQL export for production import
### 🌐 Website Diagnostics
- **Error Analysis**: Comprehensive website error detection and troubleshooting
- **500 Error Tracking**: Detailed analysis of application errors
- **Cloudflare Detector**: Identify domains using Cloudflare with datacenter locations
- Distinguishes between Proxied (orange cloud) and DNS-Only (gray cloud)
- Shows Cloudflare datacenter locations (Chicago, Los Angeles, etc.)
- Detects NXDOMAIN domains that need cleanup
- Triple validation: nameservers, IP ranges, CF-RAY headers
- Helps debug regional outages and cache issues
- **WordPress Tools**: WP-Cron manager for WordPress diagnostics
- **Log Integration**: Apache, PHP-FPM, cPanel error log analysis
- **Smart Recommendations**: Context-aware suggestions for fixing issues
### 📧 Email Diagnostics & Management
- **Comprehensive Email Diagnostics**: Full email system health check
- **Mail Log Analyzer**: Parse and analyze mail logs for delivery issues
- **Mail Queue Inspector**: Inspect stuck/frozen mail queue with filtering
- **Flush Mail Queue**: Clear stuck messages from Exim queue
- **Blacklist Checker**: Check server IP against 50+ RBL/DNSBL lists
- **SPF/DKIM/DMARC Validator**: Verify email authentication records
- **Deliverability Testing**: Send test emails and verify delivery
- **SMTP Connection Test**: Test SMTP connectivity and authentication
- **Mailbox Cleanup**: Clean up mailbox quotas and old messages
### 🔍 Performance & Diagnostics
- **System Health Check**: Comprehensive hardware, services, and security posture analysis
- **Loadwatch Analyzer**: Historical system health analysis (1h/6h/24h/7d/30d time ranges)
- **MySQL Query Analyzer**: Slow query detection and optimization recommendations
- **Network & Bandwidth Analyzer**: Traffic analysis and top consumers
- **Hardware Health Check**: SMART, memory, CPU sensors
- **PHP Configuration Optimizer**: Per-domain PHP-FPM tuning with auto-backup and zero downtime
- **Nginx + Varnish Cache Manager**: Complete Varnish cache installation and management for cPanel
- **99.5% Stock Compliance**: Only settings.json modified (RPM config file)
- **Full HTTP + HTTPS Caching**: SSL termination at Nginx, HTTP backends to Varnish
- **Update Survival**: Proven to survive ea-nginx package updates and rebuilds
- **93 Static File Types**: Images, fonts, CSS/JS, videos, documents, archives, and more
- **Self-Healing**: 8 automatic fixes including config-script integrity checks
- **Complete Backup/Revert**: Full restoration to pre-installation state
- **Smart Bypasses**: AutoSSL, cPanel services, admin pages, POST requests
- **Automated Audit**: 44 tests verify configuration and functionality
- **Multi-Panel Support**: cPanel, InterWorx, Plesk, standalone Apache
### 📊 Session Intelligence
- **Reference Database**: Cross-module data sharing (.sysref)
- **No Historical Tracking**: Session-based intelligence only
- **"Download, Run, Fix, Delete"**: Designed for one-time troubleshooting
## 🎯 Usage Examples
### Quick System Health Check
```bash
bash launcher.sh
# Select: 1) System Health Check
```
### Security Analysis & Monitoring
```bash
bash launcher.sh
# Select: 2) Security & Monitoring
# Options:
# - Live Attack Monitor v2 (real-time SOC dashboard with auto-blocking)
# * Monitors HTTP, SSH, Email, FTP, Database, Network attacks
# * Auto-blocks IPs at Score >= 80 (critical) or >= 100 (instant)
# * Detects distributed attacks (5+ IPs) and blocks all participants
# * Subnet blocking when 25+ IPs attack from same /24 range
# * IPset kernel-level blocking for instant response
# - Bot Blocker (Apache User-Agent blocking)
# * One-click enable/disable
# * Blocks 24+ malicious bots (scanners, scrapers, AI bots)
# * Safe Apache restart with syntax validation
# * Automatic backup and restore
# - Bot & Traffic Analyzer (full scan or 1-hour quick scan)
# - IP Reputation Manager
# - Malware Scanner (ImunifyAV, ClamAV, Maldet with auto-install)
# - Enable cPHulk Protection
# - SSH/Web/Firewall attack monitors
```
### Website Diagnostics
```bash
bash launcher.sh
# Select: 3) Website Diagnostics
# Options:
# - Website Error Analyzer (comprehensive error detection)
# - Fast 500 Error Tracker (500 errors only)
# - Cloudflare Detector
# * Scan all domains or check single domain
# * Shows Proxied (orange cloud) vs DNS-Only (gray cloud)
# * Displays datacenter locations (Chicago, LA, etc.)
# * Identifies NXDOMAIN domains that need cleanup
# - WordPress Tools (WP-Cron manager)
```
### Email Diagnostics
```bash
bash launcher.sh
# Select: 6) Email Diagnostics
# Options:
# - Comprehensive Email Diagnostics
# - Mail Log Analyzer
# - Mail Queue Inspector
# - Blacklist Checker (RBL/DNSBL)
# - SPF/DKIM/DMARC Validator
# - Deliverability Testing
# - SMTP Connection Test
# - Flush Mail Queue
# - Clean Mailboxes
```
### Performance Analysis
```bash
bash launcher.sh
# Select: 4) Performance Analysis
# Options:
# - MySQL Query Analyzer (slow query detection)
# - Network & Bandwidth Analyzer
# - Hardware Health Check
# - PHP Configuration Optimizer (per-domain tuning)
# - Nginx + Varnish Cache Manager (transparent caching layer)
# - Loadwatch Health Analyzer (1h/6h/24h/7d/30d analysis)
```
### Backup & Recovery
```bash
bash launcher.sh
# Select: 5) Backup & Recovery
# Options:
# - Acronis Management (complete backup interface)
# - MySQL File Restore (convert DB files to SQL)
```
## 🔧 Configuration
Edit the configuration file:
```bash
nano /root/server-toolkit/config/settings.conf
```
## 🔒 Security Considerations
- **Run as root**: Most modules require root access
- **Credentials stored safely**: Git credentials in ~/.git-credentials (outside project)
- **No sensitive data in repo**: .gitignore excludes keys, tokens, credentials
- **Test first**: Try on non-production environments first
## 📊 Recent Updates (v2.3)
### January 2026 Highlights - Performance & Security
#### Week 4 - Cloudflare & Bot Management
- **Cloudflare Detector**: Advanced Cloudflare domain detection with location tracking (NEW!)
- Distinguishes between Proxied (orange cloud) and DNS-Only (gray cloud) configurations
- Shows datacenter locations with city names (Chicago, Los Angeles, etc.)
- NXDOMAIN detection for identifying old/deleted domains
- Triple validation: nameservers, IP range matching, CF-RAY header analysis
- Helps debug regional outages and identify misconfigured domains
- **Bot Blocker**: Apache User-Agent blocking manager for malicious bots (NEW!)
- One-click enable/disable for 24+ malicious user-agents
- Blocks: security scanners (nikto, nmap), AI scrapers (GPTBot, Claude-Web), SEO bots
- Safe Apache restart with syntax validation and automatic rollback
- Configuration backup/restore with timestamped backups
- Real-time testing to verify blocking effectiveness
#### Week 3 - Varnish Cache & Auto-Mitigation
- **Nginx + Varnish Cache Manager**: Complete Varnish cache installation system
- 99.5% stock compliance (only settings.json modified)
- Full HTTP + HTTPS caching via SSL termination and config-script automation
- Proven update survival (RPM config file preservation)
- 93 static file types cached
- 8 self-healing auto-fixes
- Complete backup/revert capability
- Automated 44-test audit system
- **Auto-Mitigation Engine**: Automatic IP blocking at Score >= 80/100 via IPset (kernel-level)
- **Distributed Attack Blocking**: Detects and blocks coordinated botnet attacks (5+ IPs)
- **Subnet-Level Blocking**: Blocks entire /24 subnets when 25+ IPs attack from same range
- **Attack Signature Improvements**: Fixed false positives in HTTP_SMUGGLING and SUSPICIOUS_UA detection
- **Function Exports**: Fixed critical bug preventing HTTP attack auto-blocking in subshells
- **No System Pollution**: Moved all persistent data from /var/lib/ to /tmp/ for clean removal
- **Maldet Auto-Installation**: Enhanced Plesk support with improved directory detection
### December 2025 Highlights
- **Launcher Cleanup**: Removed 90+ phantom menu items, reduced from 1,576 to 574 lines (64% reduction)
- **Performance**: Cached domain status checks save ~5 minutes on 50-domain servers
- **MySQL Restore Tool**: Advanced database recovery with intelligent Force Recovery detection
- **Multi-Panel**: Full support for cPanel, InterWorx, Plesk, standalone Apache
### Current Feature Set
- **60+ Working Modules**: Security (14), Website (5), Email (9), Performance (5), Backup (18), Diagnostics (2), Maintenance (2)
- **18 Shared Libraries**: Attack detection, bot classification, system detection, PHP/MySQL analysis
- **6 Utility Tools**: QA checker (88 tests), attack signature updater, diagnostic reports
- **24 Attack Signatures**: RCE, SQL Injection, XSS, Path Traversal, SSRF, XXE, and more
- **Bot Management**: Auto-blocking malicious bots via Apache User-Agent filtering
- **Cloudflare Integration**: Advanced detection with datacenter location tracking
- **Varnish Cache**: Transparent caching layer with 99.5% stock compliance
- **Email Diagnostics**: Complete email troubleshooting suite with RBL checking
- **Reference Database**: 1-hour cached status for cross-module intelligence
- **Zero Hardcoded Paths**: Automatic control panel detection and path abstraction
- **Self-Contained Design**: Delete toolkit directory = all data removed (no system files)
## 🙏 Credits
Built for comprehensive cPanel/Linux server management with a focus on security and intelligent automation.
For detailed documentation, see the main repository:
https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit
---
**Version**: 2.3.0
**Last Updated**: January 28, 2026
**Version**: 2.1.0-BETA
**Repository**: https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit
## 📈 Statistics
- **Total Modules**: 60+
- **Shared Libraries**: 18
- **Attack Signatures**: 24+
- **Supported Panels**: cPanel, InterWorx, Plesk, Standalone
- **Lines of Code**: ~30,000+
- **QA Tests**: 88 automated checks
**Branch**: dev