cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
723 Commits 2 Branches 0 Tags
8fc31b6c3aa6c75b47ebdb74246f4c7e32014813
T
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Developer 8fc31b6c3a CRITICAL SECURITY FIXES: Address comprehensive audit findings 
SECURITY FIXES:
1. Remove unsafe eval() function (launcher.sh:88-99)
   - eval() function removed entirely (was a code injection risk)
   - Function was unused but posed security liability

2. Fix SQL injection in database queries (reference-db.sh:225-229)
   - Properly escape single quotes in database names
   - Changed from incorrect backtick escaping to proper SQL escaping
   - Database names now safely used in WHERE clauses

3. Fix credential exposure (reference-db.sh:199-235)
   - MYSQL_PWD no longer exported (visible to child processes)
   - Password kept in local variable only
   - Set MYSQL_PWD only for individual mysql commands
   - Credentials immediately unset after use
   - Password never visible in 'ps aux' or /proc/environ

4. Refactored database queries
   - Each mysql command gets password set independently
   - Uses here-string (<<<) instead of process substitution for safety
   - Proper error handling per query

All critical vulnerabilities addressed
Syntax validation: PASS
2026-03-19 21:04:28 -04:00
config
Initial commit: Server Management Toolkit v2.0
2025-11-03 18:21:40 -05:00
data/suspicious-login-monitor
Fix critical logic errors in email diagnostics scripts
2026-02-07 00:39:07 -05:00
docs
Add final exit path audit documentation
2026-02-27 19:20:21 -05:00
lib
CRITICAL SECURITY FIXES: Address comprehensive audit findings
2026-03-19 21:04:28 -04:00
modules
feat: Add OS Compatibility Check module with package and version verification
2026-03-19 19:57:08 -04:00
tests
Fix critical bugs and add domain-by-domain batch analyzer
2026-02-17 22:43:49 -05:00
tools
Add menu uniformity checks to QA script (CHECK 104-107)
2026-02-17 18:52:10 -05:00
.gitignore
Use toolkit downloads folder instead of /tmp or /root
2025-11-06 16:06:35 -05:00
.sysref.beta
CRITICAL FIXES: Security vulnerabilities in reference-db.sh and common-functions.sh
2026-03-19 20:44:58 -04:00
.sysref.beta.timestamp
CRITICAL FIXES: Security vulnerabilities in reference-db.sh and common-functions.sh
2026-03-19 20:44:58 -04:00
COMPREHENSIVE_REVIEW_FINDINGS.md
docs: Add comprehensive production vs beta launcher comparison
2026-03-19 20:48:39 -04:00
DEV_PLATFORM_ROADMAP.md
refine: Update roadmap to focus on automatic data collection, not menus
2026-03-19 19:58:49 -04:00
diagnose-plesk.sh
Add Plesk diagnostic script to troubleshoot 0 users/domains issue
2025-12-24 16:20:53 -05:00
FINAL_REVIEW_SUMMARY.md
docs: Add final comprehensive review summary - all issues resolved
2026-03-19 20:50:55 -04:00
launcher.sh
CRITICAL SECURITY FIXES: Address comprehensive audit findings
2026-03-19 21:04:28 -04:00
LICENSE
Initial commit
2025-11-03 18:14:51 -05:00
README.md
docs: Simplify dev README to single copy-paste command (dev branch only)
2026-03-19 19:50:46 -04:00
REFDB_FORMAT.txt
Document new menu uniformity QA checks (104-107) in REFDB
2026-02-17 18:53:57 -05:00
REMAINING_IMPROVEMENTS.md
docs: Add improvement roadmap for Phase 2-4 development
2026-03-19 20:46:11 -04:00
run.sh
fix: Source launcher in current shell instead of subshell - keeps menu interactive
2026-03-19 20:22:01 -04:00
SECURITY_FIXES.md
docs: Add security fixes documentation for critical vulnerabilities
2026-03-19 20:45:42 -04:00
SESSION_SUMMARY.md
docs: Add comprehensive session summary and work progress report
2026-03-19 20:46:55 -04:00
VERIFICATION_REPORT.md
docs: Add verification report - all fixes confirmed working
2026-03-19 21:00:09 -04:00

README.md

🧪 Linux Server Toolkit - DEV Branch

STATUS: 🚀 Development & Testing Branch (Separate from Production)

This is the dev branch for testing, development, and experimentation. Changes here are isolated from production and can be safely tested before merging to main.

🚀 Quick Start

One command - pulls dev branch with YELLOW ⚠️ BETA banner:

curl -sL https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit/archive/dev.tar.gz | tar xz && source linux-server-management-toolkit/run.sh

When exiting (option 0), answer "yes" and cleanup happens automatically - no extra steps.

📍 Key Differences (Dev vs Production)

Feature Dev Branch Production
Cache .sysref.beta .sysref
Version 2.1.0-BETA 2.1.0
Banner 🟨 Yellow (⚠️) 🔵 Cyan
Git Branch dev main
Purpose Testing & Development Stable/Production

📦 Features

Comprehensive multi-panel server management suite supporting cPanel, InterWorx, Plesk, and standalone Apache with:

  • 🛡️ Security & Monitoring: Live attack monitor, bot blocker, malware scanner, IP reputation
  • 💾 Backup & Recovery: Acronis management, MySQL database restore
  • 🌐 Website Diagnostics: Error analysis, WordPress tools, Cloudflare detection
  • 📧 Email Diagnostics: Mail queue, blacklist checker, SPF/DKIM/DMARC validation
  • 📊 Performance Analysis: MySQL optimization, PHP tuning, hardware health, Varnish cache
  • 🔍 System Diagnostics: Health checks, loadwatch analysis, bandwidth monitoring

📖 Documentation

For detailed documentation, see the main repository: https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit

Version: 2.1.0-BETA Repository: https://git.mull.lol/cschantz/Linux-Server-Management-Toolkit Branch: dev

Reference in New Issue View Git Blame Copy Permalink
S
Description
No description provided
Readme MIT 18 MiB
Languages
Shell 100%