Developer
7937fd923a
CRITICAL SECURITY FIX: - Issue 1 (Lines 1358, 1376, 1395): Fixed regex injection vulnerability in grep patterns When parsing infected file paths from malware scanner logs, the filepath variable was being used unsafely in regex patterns. Special characters (., *, +, ?, etc.) were being interpreted as regex operators instead of literal characters, causing false positive matches and potential incorrect IP flagging in the reputation database. Fixed by: Using grep -hF for safe literal matching instead of regex interpretation. Impact: Prevents false positives in IP reputation flagging when files contain special chars. MEDIUM QUALITY/CONSISTENCY FIXES: - Issue 2 (Line 1269): Added -F flag to rootkit detection grep Was using 'grep "Rootkit"' without -F flag for consistency with other patterns. Fixed by: Changed to 'grep -F "Rootkit"' and 'grep -iF "found"' for explicit literal matching. - Issue 3 (Line 1732): Added -F flag to screen session detection Changed 'grep -q "$session_id"' to 'grep -qF "$session_id"' for consistency. Note: $session_id format (malware-YYYYMMDD-HHMMSS) is already safe but -F is best practice. - Issue 5 (Lines 1943-1946, 1971): Fixed unanchored bash pattern matching for user/domain selection Patterns like *"/$SELECTED_USER/"* would match unintended paths (e.g., 'test' matches '/home/username_test/public_html'). Improved to use anchored patterns: - User matching: */home/$user/* OR */vhosts/$user/* OR */chroot/home/$user/* - Domain matching: Use second condition for more specific matching. Impact: Correct user/domain docroot selection without false positives. All fixes verified with: - bash -n syntax check ✓ - Manual code review ✓ - Audit documentation generated ✓ Files modified: modules/security/malware-scanner.sh Lines changed: 5 locations across 3 core issues Total fixes: 5 (1 critical, 4 medium)
🧪 Linux Server Toolkit - DEV Branch
STATUS: 🚀 Development & Testing Branch (Separate from Production)
This is the
devbranch for testing, development, and experimentation. Changes here are isolated from production and can be safely tested before merging to main.
🚀 Quick Start
One command - pulls dev branch with YELLOW ⚠️ BETA banner:
curl -sL https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/dev.tar.gz | tar xz && source linux-server-management-toolkit/run.sh
When exiting (option 0), answer "yes" and cleanup happens automatically - no extra steps.
📍 Key Differences (Dev vs Production)
| Feature | Dev Branch | Production |
|---|---|---|
| Cache | .sysref.beta |
.sysref |
| Version | 2.1.0-BETA |
2.1.0 |
| Banner | 🟨 Yellow (⚠️) | 🔵 Cyan |
| Git Branch | dev |
main |
| Purpose | Testing & Development | Stable/Production |
📦 Features
Comprehensive multi-panel server management suite supporting cPanel, InterWorx, Plesk, and standalone Apache with:
- 🛡️ Security & Monitoring: Live attack monitor, bot blocker, malware scanner, IP reputation
- 💾 Backup & Recovery: Acronis management, MySQL database restore
- 🌐 Website Diagnostics: Error analysis, WordPress tools, Cloudflare detection
- 📧 Email Diagnostics: Mail queue, blacklist checker, SPF/DKIM/DMARC validation
- 📊 Performance Analysis: MySQL optimization, PHP tuning, hardware health, Varnish cache
- 🔍 System Diagnostics: Health checks, loadwatch analysis, bandwidth monitoring
📖 Documentation
For detailed documentation, see the main repository: https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit
Version: 2.1.0-BETA Repository: https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit Branch: dev