# CRITICAL: Standalone Server Support Broken **Date**: March 19, 2026 **Severity**: 🔴 CRITICAL - Toolkit cannot function on standalone servers **Scope**: Domain discovery, Log discovery, Analysis tools **Status**: IDENTIFIED - Needs implementation --- ## The Problem The toolkit **detects standalone servers correctly** but then **FAILS to discover domains and logs**. This means: - ✅ Detection shows "Standalone (no control panel)" - ✅ System info is displayed (OS, web server, database, PHP) - ❌ **Domains: 0** (should show actual domains) - ❌ **Logs: none** (should show log file locations) - ❌ **Analysis tools cannot run** (they need domains/logs) --- ## Issue #1: Domain Discovery Returns Empty **File**: `lib/user-manager.sh` (lines 239-256) **Function**: `get_user_domains()` **Code**: ```bash get_user_domains() { [ -z "$1" ] && return 1 local username="$1" case "$SYS_CONTROL_PANEL" in cpanel) get_cpanel_user_domains "$username" ;; plesk) get_plesk_user_domains "$username" ;; interworx) get_interworx_user_domains "$username" ;; *) echo "" # ← RETURNS EMPTY FOR STANDALONE! ;; esac } ``` **Impact**: - When `SYS_CONTROL_PANEL="none"` (standalone), this function returns **nothing** - The reference database building process in `lib/reference-db.sh` relies on this function - Result: **0 domains found** for standalone servers **What Should Happen**: For standalone servers, the function should: 1. Parse Apache VirtualHost configurations 2. Check Nginx server blocks 3. Query Apache httpd configs for domain information 4. Look in `/etc/apache2/sites-enabled/` or `/etc/httpd/conf.d/` **Current Status**: NOT IMPLEMENTED for standalone --- ## Issue #2: Log Discovery Disabled **File**: `lib/reference-db.sh` (lines 549-557) **Function**: `build_logs_section()` **Code**: ```bash build_logs_section() { echo "[LOGS]" >> "$SYSREF_DB" # Apache/Web server logs # Temporarily disabled - causes hangs with large log directories # TODO: Implement log scanning with progress indicator and limits echo "" >> "$SYSREF_DB" } ``` **Impact**: - The entire log discovery section is **disabled** - No log file locations are cached - Log tailing tools cannot find logs **Why It's Disabled**: Comment says "causes hangs with large log directories" - needs safe filesystem scanning with: - Progress indicator - Depth limits - File count limits - Timeout protection **Current Status**: NOT IMPLEMENTED --- ## Broken Call Chain for Standalone Here's what happens when building the reference database for a standalone server: ``` build_domains_section() ↓ For each user in $users array: ↓ get_user_domains("username") ← Returns EMPTY for standalone ↓ Loop processes 0 domains ↓ Result: Domain count = 0, No logs found ``` **In Detail** (reference-db.sh lines 325-481): 1. **Lines 336-342**: Count total domains - Tries to access `/var/cpanel/userdata/$user` (doesn't exist on standalone) - Count returns 0 2. **Lines 345-414**: cPanel-specific parsing - Skipped (userdata_dir doesn't exist) 3. **Lines 416-441**: Fallback domain discovery - Calls `get_user_domains()` - **Gets empty result** ← CHAIN BROKEN HERE - Loop never executes - No domains processed --- ## Impact on Tools **Tools that FAIL on standalone**: - malware-scanner.sh (needs domains to scan) - bot-analyzer.sh (needs logs to analyze) - website-slowness-diagnostics.sh (needs domain mapping) - website-error-analyzer.sh (needs logs) - live-attack-monitor.sh (needs domain/log mapping) - 500-error-tracker.sh (needs logs) - tail-apache-access.sh (needs log paths) - tail-apache-error.sh (needs log paths) - tail-mail-log.sh (needs log paths) - Any tool that queries cached domains/logs **Tools that WORK on standalone**: - system-health-check.sh - mysql-query-analyzer.sh - hardware diagnostics --- ## What Needs to Be Implemented ### For Standalone Domain Discovery: ```bash get_standalone_user_domains() { local username="$1" # Method 1: Parse Apache VirtualHost configurations grep -h "ServerName\|ServerAlias" /etc/apache2/sites-enabled/* 2>/dev/null | \ grep -i "# $username\|# apache2\|# webmaster" # Method 2: Parse Nginx server blocks grep -h "server_name" /etc/nginx/sites-enabled/* 2>/dev/null # Method 3: Check /home/$username/public_html for detected domains find /home/"$username" -maxdepth 3 -name ".htaccess" -o -name "index.php" 2>/dev/null | \ sed "s|/home/$username/||; s|/.*||" | sort -u } ``` ### For Standalone Log Discovery: ```bash build_logs_section() { echo "[LOGS]" >> "$SYSREF_DB" # Find Apache access logs with safety limits find "$SYS_LOG_DIR" -name "*access*" -type f -mtime -30 2>/dev/null | \ head -50 | while read -r log; do echo "LOG|access|$log|" done >> "$SYSREF_DB" # Find Apache error logs with safety limits find "$SYS_LOG_DIR" -name "*error*" -type f -mtime -30 2>/dev/null | \ head -50 | while read -r log; do echo "LOG|error|$log|" done >> "$SYSREF_DB" echo "" >> "$SYSREF_DB" } ``` --- ## The Discovery Status ### Detection Phase: ✅ WORKING ``` System: Standalone (no control panel) OS: AlmaLinux 9.7 Web Server: Apache 2.4.66 Database: MariaDB 10.6.25 ``` ### Discovery Phase: ❌ BROKEN ``` Users: 5 (found via /etc/passwd) Domains: 0 (NOT FOUND - broken function) Databases: 12 (found via MySQL queries) Logs: (NOT DISCOVERED - disabled) WordPress: 0 (cannot search without domains/paths) ``` --- ## Summary The standalone server support has a **critical gap** between detection and discovery: | Phase | Status | Notes | |-------|--------|-------| | **Detection** | ✅ Works | Correctly identifies as "none" | | **Initialization** | ✅ Works | Sets correct paths and variables | | **System Info** | ✅ Works | Gathers OS, web, database info | | **Users** | ✅ Works | Enumerates /etc/passwd users | | **Domains** | ❌ Broken | Function returns empty for standalone | | **Logs** | ❌ Disabled | Entire section commented out | | **WordPress** | ❌ Broken | Cannot detect without domain paths | | **Tools** | ❌ Fail | No domains/logs = tools can't run | --- ## Recommendation **PRIORITY 1: Implement standalone domain discovery** - Parse Apache/Nginx configs - Check user directories for web content - Estimated effort: 4-6 hours **PRIORITY 2: Implement safe log discovery** - Find logs with safety limits (depth, count, time range) - Add progress indicator to prevent hangs - Estimated effort: 5-8 hours **PRIORITY 3: Update WordPress detection** - Use discovered domains to find WordPress installations - Estimated effort: 2-3 hours **Total**: 11-17 hours to full standalone support Until these are implemented, standalone servers will detect correctly but fail at discovery and cannot run analysis tools.