Linux-Server-Management-Toolkit/INTERWORX_COMPATIBILITY_AUDIT.md

# InterWorx Compatibility Audit Report
**Generated:** 2025-11-19
**Toolkit Version:** Latest from git

## Executive Summary

Out of **38 total modules**, **16 modules** have cPanel-specific dependencies that will break on InterWorx servers.

### Compatibility Status:

- ✅ **3 modules** - Already InterWorx compatible (using SYS_LOG_DIR)
- ⚠️ **16 modules** - Need InterWorx fixes (hardcoded paths + API calls)
- ✓ **19 modules** - Control panel agnostic (no paths)

### CRITICAL NEW FINDINGS (Deep Audit):

**whmapi1/uapi API Dependencies Found:**
- These cPanel APIs will FAIL silently on InterWorx!
- Found in: live-attack-monitor.sh, enable-cphulk.sh, system-health-check.sh

**WordPress Module Crisis:**
- wordpress-cron-manager.sh: 33 userdata references, 9 public_html references
- Completely broken on InterWorx without major refactor

---

## Critical Path Differences: cPanel vs InterWorx

| Resource | cPanel Location | InterWorx Location |
|----------|----------------|-------------------|
| **Access Logs** | `/var/log/apache2/domlogs/domain.com` | `/home/user/var/domain.com/logs/access_log` |
| **Error Logs** | `/var/log/apache2/domlogs/domain-error_log` | `/home/user/var/domain.com/logs/error_log` |
| **Document Root** | `/home/user/public_html` | `/home/user/domain.com/html` |
| **User Config** | `/var/cpanel/users/username` | NodeWorx DB or listaccounts.pex |
| **Domain Config** | `/var/cpanel/userdata/user/domain` | `/etc/httpd/conf.d/vhost_domain.conf` |
| **Main IP** | `/var/cpanel/mainip` | `/usr/local/interworx/iworx.ini` |
| **PHP Error Logs** | `/home/user/public_html/error_log` | `/home/user/domain.com/html/error_log` |

---

## Modules Requiring Fixes

### PRIORITY 1: Critical Security Modules

#### 1. **live-attack-monitor.sh** ⚠️ CRITICAL PRIORITY
**Issues:**
- Line 1256: `LOG_DIR="${SYS_LOG_DIR:-/var/log/apache2/domlogs}"`
- Line 1261-1262: Hardcoded `/var/log/httpd/access_log`
- Line 1267: Comment mentions "cPanel domlogs"
- Line 1537: CPHulk detection (cPanel-only feature)
- **NEW:** Uses `whmapi1 cphulkd_list_blocks` - cPanel API call!
- **NEW:** Uses `whmapi1 cphulkd_add_whitelist` - cPanel API call!

**Fix Required:**
- Already uses `SYS_LOG_DIR` (GOOD!)
- But fallback is wrong - should use system-detect.sh
- Add InterWorx log discovery like bot-analyzer
- Wrap ALL whmapi1 calls in `if [ "$SYS_CONTROL_PANEL" = "cpanel" ]`
- CPHulk features should be cPanel-only conditional

**Impact:** Real-time attack monitoring won't see attacks on InterWorx + API calls will fail

---

#### 2. **malware-scanner.sh** ⚠️ HIGH PRIORITY
**Issues:**
- Line 31: `/usr/local/cpanel/3rdparty/bin/clamscan` check
- Line 182: cPanel detection check
- Line 353: PATH with cPanel 3rdparty
- Line 429: `get_user_docroots()` function
- Line 878-880: Hardcoded `/var/log/apache2/domlogs` search

**Fix Required:**
- Use system-detect.sh for ClamAV path detection
- Fix `get_user_docroots()` to use user-manager.sh functions
- Support InterWorx document roots: `/home/user/domain.com/html`
- Fix log file discovery for malware analysis

**Impact:** Malware scanner won't find infected files in InterWorx sites

---

#### 3. **optimize-ct-limit.sh** ⚠️ MEDIUM PRIORITY
**Issues:**
- Line 292: `log_dir="${SYS_LOG_DIR:-/var/log/apache2/domlogs}"`

**Fix Required:**
- Already uses `SYS_LOG_DIR` (GOOD!)
- Fallback should be removed (rely on system-detect.sh)

**Impact:** Can't analyze connection limits on InterWorx

---

### PRIORITY 2: Website Diagnostic Modules

#### 4. **website-error-analyzer.sh** ⚠️ HIGH PRIORITY
**Issues:**
- Line 19: `DOMLOGS_DIR="/var/log/apache2/domlogs"`
- Line 140: Hardcoded Apache error log paths
- Line 153: `/var/cpanel/users/*` for user lookup
- Line 161: `find /home/*/public_html -name "error_log"`
- Line 176-177: Reads `/var/cpanel/users/$FILTER_USER`
- Line 339: User lookup via `/var/cpanel/users/*`
- Line 341: `.user.ini` in `public_html`
- Line 815: Error log path in `public_html`

**Fix Required:**
- Use `SYS_LOG_DIR` from system-detect.sh
- Use `get_user_info()` and `get_user_domains()` from user-manager.sh
- Support InterWorx document roots: `/home/user/domain.com/html`
- Support InterWorx error logs: `/home/user/var/domain.com/logs/error_log`

**Impact:** Can't diagnose website errors on InterWorx

---

#### 5. **500-error-tracker.sh** ⚠️ HIGH PRIORITY
**Issues:**
- Line 60: `DOMLOGS_DIR="/var/log/apache2/domlogs"`
- Line 83: `/var/cpanel/users/*` for domain→user lookup
- Line 233: `docroot="/home/$user/public_html"`
- Line 261: Error log in `public_html`
- Line 264-265: Hardcoded domlog paths
- Line 454: `/var/cpanel/userdata/$user/$domain`
- Line 679: Fix suggestion mentions `public_html`

**Fix Required:**
- Use `SYS_LOG_DIR` from system-detect.sh
- Use `get_user_info()` for user lookups
- Support InterWorx document roots: `/home/user/domain.com/html`
- Support InterWorx error logs in `/home/user/var/domain.com/logs/`

**Impact:** Can't track 500 errors on InterWorx

---

#### 6. **wordpress-cron-manager.sh** ⚠️ CRITICAL PRIORITY
**Issues:**
- **33 references to `/var/cpanel/userdata`** - HEAVY dependency!
- **9 references to `public_html`** - Wrong document root
- Domain→user lookup completely relies on userdata files
- Checks userdata for servername, main_domain, etc.
- WordPress detection searches in `/home/*/public_html`

**Fix Required:**
- Complete refactor required!
- Replace ALL userdata reads with `get_user_info()` and `get_user_domains()`
- Support InterWorx document roots: `/home/user/domain.com/html`
- WordPress detection must search both public_html AND domain.com/html
- Domain→user mapping must use user-manager.sh functions

**Impact:** WordPress cron management completely broken on InterWorx

---

### PRIORITY 3: Live Monitoring Tools

#### 7. **web-traffic-monitor.sh** ⚠️ MEDIUM PRIORITY
**Issues:**
- Line 12-13: Hardcoded `/var/log/apache2/domlogs`
- Line 32: Error message mentions "domlogs"

**Fix Required:**
- Use `SYS_LOG_DIR` from system-detect.sh
- Add InterWorx log discovery

**Impact:** Can't monitor live web traffic on InterWorx

---

#### 7. **tail-apache-access.sh** ⚠️ LOW PRIORITY
**Issues:**
- Line 8: Hardcoded `/var/log/apache2/domlogs/*`

**Fix Required:**
- Use `SYS_LOG_DIR` from system-detect.sh
- Support InterWorx: `tail -f /home/*/var/*/logs/access_log`

**Impact:** Simple log tailing won't work

---

#### 8. **tail-apache-error.sh** ⚠️ LOW PRIORITY
**Issues:**
- Line 8: Hardcoded `/var/log/httpd/error_log`

**Fix Required:**
- Use system-detect.sh to find Apache error log location
- InterWorx: Per-domain error logs at `/home/user/var/domain.com/logs/error_log`

**Impact:** Can't tail error logs on InterWorx

---

### PRIORITY 4: Performance Analysis

#### 9. **network-bandwidth-analyzer.sh** ⚠️ MEDIUM PRIORITY
**Issues:**
- Line 187-192: Hardcoded log directory detection

**Fix Required:**
- Use `SYS_LOG_DIR` from system-detect.sh
- Add InterWorx log discovery

**Impact:** Can't analyze bandwidth usage on InterWorx

---

### PRIORITY 5: cPanel-Specific Modules (Expected)

#### 10. **enable-cphulk.sh** ℹ️ N/A - cPanel Only
**Issues:**
- Line 42: `/usr/local/cpanel/bin/cphulk_pam_ctl` check
- Line 58, 68, 287: cPanel-specific commands
- Line 131, 133: `/var/cpanel/` and `/usr/local/cpanel/` paths

**Fix Required:**
- None - this is cPanel-specific
- Should check `SYS_CONTROL_PANEL=cpanel` before running
- Add warning for non-cPanel systems

---

### PRIORITY 6: Diagnostic Tools

#### 11. **system-health-check.sh** ⚠️ LOW PRIORITY
**Issues:**
- Line 492-493: Hardcoded `/var/log/httpd/error_log`
- Line 606-608: cPanel CPHulk checks
- Line 941-942: cPanel version detection
- Line 1205: Error log path in suggestion

**Fix Required:**
- Use system-detect.sh for log paths
- Make CPHulk checks conditional on `SYS_CONTROL_PANEL=cpanel`
- Control panel version already detected in system-detect.sh

**Impact:** Health checks may miss issues on InterWorx

---

### PRIORITY 7: Backup Tools

#### 12. **acronis-configure.sh** ℹ️ DOCUMENTATION ONLY
**Issues:**
- Line 52: Echo message mentions `public_html`

**Fix Required:**
- Update documentation to mention both cPanel and InterWorx paths
- No functional impact (just display text)

---

## Modules Already Compatible ✅

These modules already use `SYS_LOG_DIR` or user-manager.sh functions:

1. **bot-analyzer.sh** ✅ - FIXED in Phase 1 & 2
2. **optimize-ct-limit.sh** ✅ - Uses SYS_LOG_DIR (just needs fallback removed)
3. **mysql-query-analyzer.sh** ✅ - Uses get_user_* functions

---

## Modules That Are Control Panel Agnostic ✅

These modules don't use control panel-specific paths (21 total):
- All Acronis backup modules (13 modules)
- Hardware health check
- SSH attack monitor
- Firewall activity monitor
- Tail secure log
- Tail mail log
- IP reputation manager
- Cleanup toolkit data
- WordPress modules

---

## Recommended Implementation Plan

### Phase 3: Critical Security Modules (NEXT)
1. **malware-scanner.sh** - Fix document root discovery + cPanel path assumptions
2. **live-attack-monitor.sh** - Fix log discovery + wrap whmapi1 calls
3. **optimize-ct-limit.sh** - Remove hardcoded fallback

### Phase 4: Critical Website Modules
1. **wordpress-cron-manager.sh** - MAJOR REFACTOR (33 userdata refs, 9 public_html refs)
2. **website-error-analyzer.sh** - Full InterWorx support
3. **500-error-tracker.sh** - Full InterWorx support + PHP handler detection

### Phase 5: Monitoring Tools
1. **web-traffic-monitor.sh**
2. **network-bandwidth-analyzer.sh**
3. **tail-apache-access.sh**
4. **tail-apache-error.sh**

### Phase 6: System Tools
1. **system-health-check.sh** - Make cPanel checks conditional + wrap whmapi1 references

---

## cPanel API Compatibility Issue

### The Problem:
Several modules use cPanel's whmapi1/uapi commands that **do not exist on InterWorx**.

### Affected Modules:
1. **live-attack-monitor.sh** - `whmapi1 cphulkd_list_blocks`, `whmapi1 cphulkd_add_whitelist`
2. **enable-cphulk.sh** - Multiple whmapi1 calls (cPanel-only module, expected)
3. **system-health-check.sh** - whmapi1 references in help messages

### Solution:
Wrap ALL API calls in control panel detection:
```bash
if [ "$SYS_CONTROL_PANEL" = "cpanel" ]; then
    whmapi1 cphulkd_list_blocks
fi
```

### InterWorx Alternatives:
- CPHulk equivalent: InterWorx has ModSecurity + fail2ban (different approach)
- No direct API equivalent for CPHulk features
- Should detect and skip gracefully with warning

---

## Standard Fix Pattern

For all modules, follow this pattern:

### 1. Replace hardcoded paths with system-detect.sh:
```bash
# OLD (BAD):
LOG_DIR="/var/log/apache2/domlogs"

# NEW (GOOD):
LOG_DIR="${SYS_LOG_DIR}"  # Auto-detected in system-detect.sh
```

### 2. Use user-manager.sh functions:
```bash
# OLD (BAD):
user=$(grep -l "DNS.*$domain" /var/cpanel/users/* 2>/dev/null | ...)

# NEW (GOOD):
eval $(get_user_info "$username")
# Now you have: $USER_EXISTS, $PRIMARY_DOMAIN, $ALL_DOMAINS, $HOME_DIR
```

### 3. Support both document root patterns:
```bash
# OLD (BAD):
docroot="/home/$user/public_html"

# NEW (GOOD):
if [ "$SYS_CONTROL_PANEL" = "interworx" ]; then
    docroot="/home/$user/$domain/html"
else
    docroot="/home/$user/public_html"
fi
```

### 4. Add InterWorx log discovery:
```bash
if [ "$SYS_CONTROL_PANEL" = "interworx" ]; then
    find /home/*/var/*/logs -name "access_log" ...
else
    find "$LOG_DIR" -type f ! -name "*-bytes_log" ...
fi
```

---

## Testing Checklist

For each fixed module, test on:
- [ ] cPanel server (regression test)
- [ ] InterWorx server (new functionality)
- [ ] Standalone server (no control panel)

---

## Estimated Effort

- **Phase 3:** 2-3 hours (3 critical security modules)
- **Phase 4:** 2-3 hours (2 website diagnostic modules)
- **Phase 5:** 1-2 hours (4 simple monitoring tools)
- **Phase 6:** 1 hour (system health check)

**Total:** ~8 hours to achieve full InterWorx parity

---

## Current Progress

- ✅ Phase 1: user-manager.sh InterWorx support (COMPLETE)
- ✅ Phase 2: bot-analyzer.sh + system-detect.sh improvements (COMPLETE)
- ⏳ Phase 3: Critical security modules (PENDING)