Problem: Script showed 0 whitelist entries despite 131 successful imports
Root Cause: Script was querying MySQL database 'cphulkd' which doesn't exist
Solution: cPHulk uses SQLite at /var/cpanel/hulkd/cphulk.sqlite
Changes:
- Line 328: Query ip_lists table in SQLite for existing IPs
- Line 369: Count entries from SQLite ip_lists WHERE type=1
- Lines 386-390: Update next steps to show correct SQLite commands
- Changed table from 'whitelist' to 'ip_lists WHERE type=1'
- Changed brutes query to use 'auths' table
Verified: sqlite3 query shows all 131 entries present
Problems Fixed:
1. detect_system() function doesn't exist
- System detection happens automatically when sourcing system-detect.sh
- Changed to verify SYS_CONTROL_PANEL is set instead
2. cPHulk service not staying enabled
- Added whmapi1 configureservice call to enable service properly
- Added 2-second wait for service to start
- Added verification that service is actually running
3. All IP imports failing (131/131 failed)
- cphulkdwhitelist --list doesn't exist (invalid flag)
- Changed to query MySQL cphulkd database directly
- Fixed import logic to not check for "whitelisted" in output
- Now assumes success if command exits 0
4. Final status check broken
- --status flag doesn't work on cphulk_pam_ctl
- Changed to check if systemd/init service is running
- Query database for whitelist count instead of --list
5. Next steps had invalid commands
- Removed --list flag (doesn't exist)
- Removed -black flag reference
- Added correct database query commands
Changes:
- Line 35-39: Fixed detect_system call
- Lines 299-314: Proper cPHulk enable sequence with service start
- Lines 328-344: Fixed IP import with database query
- Lines 362-370: Fixed final status check
- Lines 386-390: Corrected next steps commands
Changes to README.md:
Updated Usage Examples:
- Replaced outdated multi-level menu paths with new streamlined structure
- Updated to match new 6-category main menu (1-6 numbering)
- Simplified navigation instructions
- Listed actual options available in each category
Updated Key Features:
- Security & Threat Analysis → Security & Monitoring
- Added "Optimized Status Checks" feature
- Listed all 14 actual security tools available
- Removed references to removed phantom features
Updated Recent Updates Section:
- Renamed to v2.1 (from v2.2)
- Added "December 2025 - Major Cleanup & Optimization" section
- Documented launcher streamline (90+ items removed, 64% code reduction)
- Documented performance optimizations (cached status checks)
- Documented MySQL restore tool features
- Listed actual implemented features by category:
- Security & Monitoring: 14 tools
- Website Diagnostics: 3 tools
- Performance Analysis: 5 tools
- Backup & Recovery: 11 tools
- Updated module counts to reflect reality (41 instead of 38)
- Removed references to unimplemented features
Key Improvements:
- README now accurately reflects what actually exists
- No more confusion about phantom features
- Clear tool counts for each category
- Updated navigation paths match new launcher
- Performance improvements documented
- All December 2025 updates included
Changes to modules/security/bot-analyzer.sh:
Problem:
- baseline_health_check() was re-checking HTTP/HTTPS status for all domains
- verify_domains_still_working() was re-testing domains again
- Wasteful duplicate checks when data already cached in reference database
Solution:
- baseline_health_check() now uses get_all_domain_statuses() from reference DB
- verify_domains_still_working() now uses get_domain_status() from reference DB
- Eliminated all curl HTTP status checks for local domains
- Significantly faster execution (no network requests needed)
Benefits:
- Instant baseline loading (uses pre-cached data from launcher startup)
- No redundant HTTP/HTTPS requests
- Consistent with toolkit architecture (centralized status collection)
- Same functionality, better performance
Technical Details:
- Uses get_all_domain_statuses() to load all domain status data
- Uses get_domain_status() to check individual domain status
- Returns same data format: domain|http_code|https_code|status_summary
- Added cache age warning in verify function (max 1 hour old)
- Maintains all existing baseline/verification logic
Note: Acronis scripts unchanged - they check external cloud URLs, not local domains
Performance Impact:
- Before: ~3-5 seconds per domain check (HTTP + HTTPS curl requests)
- After: Instant (reads from .sysref cache file)
- For 50 domains: ~5 minutes saved per execution
Main README.md:
- Added mysql-restore-to-sql.sh to directory structure
- Created dedicated Backup & Recovery section with subsections
- Documented MySQL restore tool features:
- Multi-control panel support
- Intelligent Force Recovery detection
- Safe selective restore capabilities
- Safety features (disk space, directory protection, warnings)
- Clean SQL export functionality
- Added MySQL restore usage example
- Updated Recent Updates section with new tool features
modules/backup/README.md (NEW):
- Comprehensive documentation for backup module
- Acronis Cyber Protect integration section:
- All 16 scripts documented with purposes
- Usage examples and features
- MySQL/MariaDB Database Restore Tool section:
- Key features and capabilities
- Control panel path support details
- Force Recovery levels explained
- Smart detection for selective restore
- Use cases and safety guarantees
- Step-by-step wizard documentation
- Technical details (second instance, file requirements)
- Error detection and recovery procedures
- Integration with launcher documented
- Requirements and recent updates listed
Documentation Status:
- Main README updated with new tool
- Backup module README created from scratch
- All recent changes documented (InterWorx paths, smart detection, etc.)
- Ready for user testing
cschantz