diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..8d416bf --- /dev/null +++ b/LICENSE @@ -0,0 +1,18 @@ +MIT License + +Copyright (c) 2025 cschantz + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and +associated documentation files (the "Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the +following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial +portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT +LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO +EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER +IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE +USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/README.md b/README.md index 3b52640..7b2c781 100644 --- a/README.md +++ b/README.md @@ -1,129 +1,107 @@ -# ⚡ Server Management Toolkit +# ⚡ Linux Server Management Toolkit -Comprehensive cPanel/Linux server management suite with modular architecture. +Comprehensive cPanel/Linux server management suite with modular architecture and intelligent security features. ## 📦 Directory Structure ``` server-toolkit/ ├── launcher.sh # Main menu system -├── install.sh # Quick installer ├── README.md # This file │ ├── modules/ # Modular scripts organized by category │ ├── security/ # 🛡️ Security & Threat Analysis -│ │ ├── bot-analyzer.sh # ✅ Full bot/threat analysis (INSTALLED) -│ │ ├── live-monitor.sh # Real-time log monitoring -│ │ ├── ip-lookup.sh # IP investigation tool -│ │ ├── threat-blocker.sh # Auto-apply blocklists -│ │ ├── whitelist-manager.sh # Manage false positives -│ │ ├── attack-pattern-analyzer.sh # Advanced threat detection -│ │ ├── ddos-detector.sh # DDoS pattern detection -│ │ ├── firewall-manager.sh # CSF/iptables management -│ │ └── ssl-security-audit.sh # SSL/TLS audit +│ │ ├── bot-analyzer.sh # Full bot/threat analysis +│ │ ├── live-attack-monitor.sh # Real-time attack monitoring dashboard +│ │ ├── ssh-attack-monitor.sh # SSH brute force detection +│ │ ├── web-traffic-monitor.sh # Web traffic monitoring +│ │ ├── firewall-activity-monitor.sh # CSF/iptables monitoring +│ │ ├── enable-cphulk.sh # cPHulk enablement with CSF whitelist import +│ │ └── tail-*.sh # Various log monitoring scripts │ │ -│ ├── wordpress/ # 🔧 WordPress Management -│ │ ├── wp-health-check.sh # Scan all WP installations -│ │ ├── wp-cron-status.sh # Check cron status -│ │ ├── wp-cron-mass-fix.sh # Fix/enable cron on all sites -│ │ ├── wp-cron-mass-create.sh # Setup proper system crons -│ │ ├── wp-plugin-audit.sh # Security scan of plugins -│ │ ├── wp-theme-audit.sh # Security scan of themes -│ │ ├── wp-db-optimizer.sh # Clean/optimize databases -│ │ ├── wp-cache-clear.sh # Clear all caches -│ │ ├── wp-mass-update-core.sh # Update WordPress core (all sites) -│ │ ├── wp-mass-update-plugins.sh # Update plugins (all sites) -│ │ ├── wp-login-security.sh # Check for weak passwords -│ │ ├── wp-malware-scanner.sh # Scan for infected files -│ │ ├── wp-permission-fixer.sh # Fix file permissions -│ │ └── wp-debug-log-analyzer.sh # Parse debug logs +│ ├── diagnostics/ # 🔍 System Diagnostics +│ │ └── system-health-check.sh # Comprehensive health analysis │ │ -│ ├── performance/ # 📊 System Performance & Diagnostics -│ │ ├── resource-monitor.sh # CPU/RAM/Disk dashboard -│ │ ├── top-processes.sh # Current resource hogs -│ │ ├── slow-query-analyzer.sh # MySQL performance -│ │ ├── bandwidth-analyzer.sh # Traffic analysis -│ │ ├── apache-performance.sh # Apache tuning -│ │ ├── php-fpm-monitor.sh # PHP-FPM pool status -│ │ ├── disk-io-analyzer.sh # Disk performance metrics -│ │ ├── disk-usage-report.sh # Per-account disk usage -│ │ ├── email-queue-monitor.sh # Mail queue analysis -│ │ ├── inode-usage-checker.sh # Find inode consumers -│ │ └── network-performance.sh # Network stats & latency -│ │ -│ ├── backup/ # 💾 Backup & Recovery -│ │ ├── auto-backup.sh # Create full backups -│ │ ├── selective-backup.sh # Backup specific accounts -│ │ ├── restore-helper.sh # Interactive restore -│ │ ├── database-backup.sh # Backup all databases -│ │ ├── config-backup.sh # Backup server configs -│ │ ├── log-archive.sh # Archive old logs -│ │ ├── backup-verification.sh # Test backup integrity -│ │ └── offsite-sync.sh # Sync to remote storage -│ │ -│ ├── monitoring/ # 🔍 Monitoring & Alerts -│ │ ├── service-status-monitor.sh # Apache/MySQL/PHP-FPM status -│ │ ├── uptime-tracker.sh # Server uptime history -│ │ ├── error-log-watcher.sh # Real-time error monitoring -│ │ ├── disk-space-alerts.sh # Low disk space warnings -│ │ ├── ssl-expiration-monitor.sh # Certificate expiry tracking -│ │ ├── security-alert-dashboard.sh # Recent security events -│ │ ├── email-delivery-monitor.sh # Email deliverability -│ │ └── dns-monitor.sh # DNS health checks -│ │ -│ ├── troubleshooting/ # 🚨 Troubleshooting & Diagnostics -│ │ ├── oom-killer-plotter.sh # Out-of-memory analysis -│ │ ├── hard-drive-error-tracker.sh # SMART status & errors -│ │ ├── kernel-log-analyzer.sh # Parse /var/log/messages -│ │ ├── mysql-error-analyzer.sh # MySQL crash investigation -│ │ ├── apache-error-deep-dive.sh # Apache error log analysis -│ │ ├── php-error-tracker.sh # PHP error aggregator -│ │ ├── connection-issues.sh # Network connectivity tests -│ │ ├── zombie-process-hunter.sh # Find stuck processes -│ │ ├── file-system-checker.sh # Check for corruption -│ │ ├── port-scanner.sh # Check listening ports -│ │ └── service-restart-helper.sh # Safe service restart -│ │ -│ └── reporting/ # 📈 Reporting & Analytics -│ ├── security-report-viewer.sh # Browse security reports -│ ├── performance-summary.sh # Historical performance -│ ├── traffic-analytics.sh # Bandwidth & visitor stats -│ ├── account-usage-report.sh # Per-account resources -│ ├── system-health-dashboard.sh # Overall server status -│ ├── custom-report-builder.sh # Create custom reports -│ └── export-to-pdf.sh # Generate PDF reports +│ └── performance/ # 📊 Performance Analysis +│ ├── hardware-health-check.sh # Hardware diagnostics +│ ├── mysql-query-analyzer.sh # MySQL performance analysis +│ └── network-bandwidth-analyzer.sh # Network analysis │ ├── lib/ # Shared libraries │ ├── common-functions.sh # Reusable functions -│ └── config.sh # Configuration loader +│ ├── system-detect.sh # System type detection +│ ├── user-manager.sh # User account management +│ ├── mysql-analyzer.sh # MySQL utilities +│ └── reference-db.sh # Cross-module intelligence sharing │ ├── config/ # Configuration files │ ├── settings.conf # Main configuration │ ├── whitelist-ips.txt # IP whitelist │ └── whitelist-user-agents.txt # User-Agent whitelist │ -└── logs/ # Toolkit logs - └── toolkit.log # Operation history +└── tools/ # Utility scripts + ├── diagnostic-report.sh # Generate system reports + └── test-*.sh # Testing utilities ``` ## 🚀 Quick Start -### Installation - -```bash -cd /root/server-toolkit -chmod +x install.sh -./install.sh -``` - ### Running ```bash # Direct method -/root/server-toolkit/launcher.sh +bash /root/server-toolkit/launcher.sh -# Or if symlink created during install -server-toolkit +# Or make executable and run +chmod +x /root/server-toolkit/launcher.sh +/root/server-toolkit/launcher.sh +``` + +## ✨ Key Features + +### 🛡️ Security & Threat Analysis +- **3-Mode Security Menu**: Analysis / Actions / Live Monitoring +- **Live Attack Monitor**: Real-time SOC dashboard with threat classification +- **Intelligent cPHulk Setup**: Auto-imports CSF whitelists from all sources +- **Multi-Source Monitoring**: SSH, Web, Firewall, cPHulk integration + +### 🔍 System Diagnostics +- **Comprehensive Health Checks**: Hardware, services, security posture +- **Smart Recommendations**: Context-aware suggestions based on findings +- **cPanel/WHM Integration**: Native support for cPanel environments + +### 📊 Session Intelligence +- **Reference Database**: Cross-module data sharing (.sysref) +- **No Historical Tracking**: Session-based intelligence only +- **"Download, Run, Fix, Delete"**: Designed for one-time troubleshooting + +## 🎯 Usage Examples + +### Security Analysis with Live Monitoring + +```bash +bash launcher.sh +# Select: Security & Threat Analysis +# Select: Live Monitoring & Alerts +# Select: Live Network Security Monitor +``` + +### Enable cPHulk with CSF Whitelist + +```bash +bash launcher.sh +# Select: Security & Threat Analysis +# Select: Security Actions & Fixes +# Select: Authentication Security +# Select: Enable cPHulk Protection +``` + +### System Health Check + +```bash +bash launcher.sh +# Select: System Diagnostics +# Select: System Health Check ``` ## 🔧 Configuration @@ -133,171 +111,27 @@ Edit the configuration file: nano /root/server-toolkit/config/settings.conf ``` -### Key Settings - -```bash -# Nextcloud integration for module downloads -NEXTCLOUD_BASE_URL="https://nextcloud.example.com/s/ShareToken/download?path=/" - -# System paths -LOG_DIR="/var/log/apache2/domlogs" -CPANEL_HOME="/home" - -# Alerts -ALERT_EMAIL="admin@example.com" -SLACK_WEBHOOK="https://hooks.slack.com/services/..." - -# Thresholds -CPU_ALERT_THRESHOLD=80 -MEM_ALERT_THRESHOLD=90 -DISK_ALERT_THRESHOLD=85 -``` - -## 📥 Nextcloud Integration - -### Setup - -1. Upload modules to Nextcloud -2. Share folder and get download link -3. Configure `NEXTCLOUD_BASE_URL` in settings.conf - -### Module Manifest - -Create `manifest.txt` in your Nextcloud folder: -``` -security:bot-analyzer.sh -security:live-monitor.sh -wordpress:wp-cron-status.sh -wordpress:wp-cron-mass-fix.sh -performance:resource-monitor.sh -troubleshooting:oom-killer-plotter.sh -``` - -### Updating Modules - -From the launcher, select: -**System > Update All Modules (option 8)** - -## 🎯 Usage Examples - -### Security Analysis - -```bash -server-toolkit -# Select: 1 (Security & Threat Analysis) -# Select: 1 (Full Bot Analysis) -``` - -### WordPress Mass Operations - -```bash -server-toolkit -# Select: 2 (WordPress Management) -# Select: 3 (WP-Cron Mass Fix) -``` - -### System Diagnostics - -```bash -server-toolkit -# Select: 6 (Troubleshooting & Diagnostics) -# Select: 1 (OOM Killer Plotter) -``` - -## 📝 Creating Custom Modules - -### Module Template - -```bash -#!/bin/bash - -# Load common functions -SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")/../.." && pwd)" -source "$SCRIPT_DIR/lib/common-functions.sh" 2>/dev/null || true - -# Load configuration -source "$SCRIPT_DIR/config/settings.conf" 2>/dev/null || true - -echo "===================================" -echo " Custom Module Name" -echo "===================================" -echo "" - -# Your code here - -echo "" -echo "✓ Completed" -``` - -### Adding to Launcher - -Edit `launcher.sh` and add your module to the appropriate menu. - ## 🔒 Security Considerations - **Run as root**: Most modules require root access -- **Whitelist carefully**: False positives can block legitimate users -- **Test first**: Try modules on non-production first -- **Backup before**: Always backup before mass operations +- **Credentials stored safely**: Git credentials in ~/.git-credentials (outside project) +- **No sensitive data in repo**: .gitignore excludes keys, tokens, credentials +- **Test first**: Try on non-production environments first -## 📊 Module Status +## 📊 Recent Updates (v2.0) -| Module | Status | Notes | -|--------|--------|-------| -| bot-analyzer.sh | ✅ Ready | Enhanced v3.0 with threat scoring | -| All other modules | 🟡 Pending | Download from Nextcloud or create | - -## 🎓 Best Practices - -1. **Regular Updates**: Update modules weekly -2. **Review Reports**: Check security reports daily -3. **Monitor Alerts**: Configure email/Slack notifications -4. **Backup First**: Always backup before mass operations -5. **Test New Modules**: Test on staging first - -## 🆘 Troubleshooting - -### Module Not Found - -```bash -# Download from Nextcloud -server-toolkit -# Select: 8 (Update All Modules) -``` - -### Permission Denied - -```bash -chmod +x /root/server-toolkit/launcher.sh -chmod +x /root/server-toolkit/modules/*/*.sh -``` - -### Configuration Not Loading - -```bash -# Check config file exists -ls -la /root/server-toolkit/config/settings.conf - -# Recreate if missing -server-toolkit -# Select: 9 (Configuration) -``` - -## 📞 Support - -- GitHub Issues: [Your repo URL] -- Email: [Your email] -- Documentation: [Your docs URL] - -## 📄 License - -[Your license here] +- ✅ Complete security menu restructure (3-mode hierarchy) +- ✅ Live network security monitoring dashboard +- ✅ Intelligent cPHulk enablement with multi-source CSF whitelist discovery +- ✅ Real-time threat detection and classification +- ✅ Reference database for cross-module intelligence +- ✅ Git repository integration ## 🙏 Credits -Built for comprehensive cPanel/Linux server management. +Built for comprehensive cPanel/Linux server management with a focus on security and intelligent automation. --- **Version**: 2.0.0 -**Last Updated**: 2025-10-30 +**Repository**: https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit