Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #!/bin/bash
- marker=false
- apache=stay
- if [[ $1 = "" ]]; then
- echo Please enter a user and desired modsecurity status
- exit
- elif [[ $(id -u $1) = "" ]]; then
- echo Please enter a valid user
- exit
- elif [[ $2 = "" ]]; then
- echo on or off\?
- exit
- fi
- if [[ $2 = "on" ]]; then
- echo checking config...
- elif [[ $2 = "off" ]]; then
- echo checking config...
- else
- echo on or off\?
- exit
- fi
- path=$(grep -i "userdata/.*/$1" "/etc/httpd/conf/httpd.conf" | sed "s/\/$1.*//g" | sed 's/.*Include \"//g' | sort | uniq)
- if [[ $(grep -i "userdata/.*/$1" "/etc/httpd/conf/httpd.conf" | sed "s/\/$1.*//g" | sed 's/.*Include \"//g' | sort | uniq | wc -l) = "1" ]]; then
- marker=1
- elif [[ $(grep -i "userdata/.*/$1" "/etc/httpd/conf/httpd.conf" | sed "s/\/$1.*//g" | sed 's/.*Include \"//g' | sort | uniq | wc -l) = "2" ]]; then
- marker=2
- fi
- if [[ $2 = "off" ]]; then
- if [[ $marker = "1" ]]; then
- if [[ -f $path/$1/modsec.conf ]]; then
- if [[ $(grep Off $path/$1/modsec.conf) != "" ]]; then
- echo Modsecurity control is already disabled for $1
- exit
- else
- sed -i "s/.*<\/LocationMatch>/\tSecRuleEngine Off\n&/" $path/$1/modsec.conf
- apache=restart
- echo Modsecurity control has been disabled for $1
- fi
- else
- mkdir -p $path/$1/
- touch $path/$1/modsec.conf
- echo -e "<LocationMatch .*>\n\tSecRuleEngine Off\n</LocationMatch>" >> $path/$1/modsec.conf
- apache=restart
- echo Modsecurity control has been disabled for $1
- fi
- elif [[ $marker = "2" ]]; then
- ssl=$(grep -i "userdata/.*/$1" "/etc/httpd/conf/httpd.conf" | sed "s/\/$1.*//g" | sed 's/.*Include \"//g' | sort | uniq | head -1)
- std=$(grep -i "userdata/.*/$1" "/etc/httpd/conf/httpd.conf" | sed "s/\/$1.*//g" | sed 's/.*Include \"//g' | sort | uniq | tail -1)
- if [[ -f $std/$1/modsec.conf ]]; then
- if [[ $(grep Off $std/$1/modsec.conf) != "" ]]; then
- echo Modsecurity control is already disabled for $1
- exit
- else
- sed -i "s/.*<\/LocationMatch>/\tSecRuleEngine Off\n&/" $ssl/$1/modsec.conf
- sed -i "s/.*<\/LocationMatch>/\tSecRuleEngine Off\n&/" $std/$1/modsec.conf
- apache=restart
- echo Modsecurity control has been disabled for $1
- fi
- else
- mkdir -p $ssl/$1/
- mkdir -p $std/$1/
- touch $ssl/$1/modsec.conf
- touch $std/$1/modsec.conf
- echo -e "<LocationMatch .*>\n\tSecRuleEngine Off\n</LocationMatch>" >> $ssl/$1/modsec.conf
- echo -e "<LocationMatch .*>\n\tSecRuleEngine Off\n</LocationMatch>" >> $std/$1/modsec.conf
- apache=restart
- echo Modsecurity control has been disabled for $1
- fi
- fi
- fi
- if [[ $2 = "on" ]]; then
- if [[ $marker = "1" ]]; then
- if [[ -f $path/$1/modsec.conf ]]; then
- if [[ $(grep Off $path/$1/modsec.conf) = "" ]]; then
- echo Modsecurity is already enabled for $1
- exit
- else
- sed -i "/SecRuleEngine Off/d" $path/$1/modsec.conf
- apache=restart
- echo Modsecurity control has been enabled for $1
- fi
- else
- echo Modsecurity is already enabled for $1
- exit
- fi
- elif [[ $marker = "2" ]]; then
- ssl=$(grep -i "userdata/.*/$1" "/etc/httpd/conf/httpd.conf" | sed "s/\/$1.*//g" | sed 's/.*Include \"//g' | sort | uniq | head -1)
- std=$(grep -i "userdata/.*/$1" "/etc/httpd/conf/httpd.conf" | sed "s/\/$1.*//g" | sed 's/.*Include \"//g' | sort | uniq | tail -1)
- if [[ -f $std/$1/modsec.conf ]]; then
- if [[ $(grep Off $std/$1/modsec.conf) = "" ]]; then
- echo Modsecurity is already enabled for $1
- exit
- else
- sed -i "/SecRuleEngine Off/d" $ssl/$1/modsec.conf
- sed -i "/SecRuleEngine Off/d" $std/$1/modsec.conf
- apache=restart
- echo Modsecurity control has been enabled for $1
- fi
- else
- echo Modsecurity is already enabled for $1
- exit
- fi
- fi
- fi
- if [[ $marker = "false" ]]; then
- echo idk lol
- fi
- if [[ $apache = "restart" ]]; then
- /scripts/rebuildhttpdconf
- /scripts/restartsrv_httpd
- echo
- echo modsecurity status for $1\: $2
- fi
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement