API tools faq
paste
Advertisement
deim

modsec switch

deim
May 24th, 2016
58
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 4.24 KB | None | 0 0
raw download clone embed print report
  1. #!/bin/bash
  2.  
  3. marker=false
  4. apache=stay
  5.  
  6. if [[ $1 = "" ]]; then
  7.         echo Please enter a user and desired modsecurity status
  8.         exit
  9. elif [[ $(id -u $1) = "" ]]; then
  10.         echo Please enter a valid user
  11.         exit
  12. elif [[ $2 = "" ]]; then
  13.         echo on or off\?
  14.         exit
  15. fi
  16.  
  17. if [[ $2 = "on" ]]; then
  18.         echo checking config...
  19. elif [[ $2 = "off" ]]; then
  20. echo checking config...
  21. else
  22.         echo on or off\?
  23.         exit
  24. fi
  25.  
  26. path=$(grep -i "userdata/.*/$1" "/etc/httpd/conf/httpd.conf" | sed "s/\/$1.*//g" | sed 's/.*Include \"//g' | sort | uniq)
  27. if [[ $(grep -i "userdata/.*/$1" "/etc/httpd/conf/httpd.conf" | sed "s/\/$1.*//g" | sed 's/.*Include \"//g' | sort | uniq | wc -l) = "1" ]]; then
  28.         marker=1
  29. elif [[ $(grep -i "userdata/.*/$1" "/etc/httpd/conf/httpd.conf" | sed "s/\/$1.*//g" | sed 's/.*Include \"//g' | sort | uniq | wc -l) = "2" ]]; then
  30.         marker=2
  31. fi
  32.  
  33. if [[ $2 = "off" ]]; then
  34.     if [[ $marker = "1" ]]; then
  35.         if [[ -f $path/$1/modsec.conf ]]; then
  36.             if [[ $(grep Off $path/$1/modsec.conf) != "" ]]; then
  37.                 echo Modsecurity control is already disabled for $1
  38.                 exit
  39.             else
  40.                 sed -i "s/.*<\/LocationMatch>/\tSecRuleEngine Off\n&/" $path/$1/modsec.conf
  41.                 apache=restart
  42.                 echo Modsecurity control has been disabled for $1
  43.             fi
  44.         else
  45.             mkdir -p $path/$1/
  46.             touch $path/$1/modsec.conf
  47.             echo -e "<LocationMatch .*>\n\tSecRuleEngine Off\n</LocationMatch>" >> $path/$1/modsec.conf
  48.             apache=restart
  49.             echo Modsecurity control has been disabled for $1
  50.         fi
  51.     elif [[ $marker = "2" ]]; then
  52.         ssl=$(grep -i "userdata/.*/$1" "/etc/httpd/conf/httpd.conf" | sed "s/\/$1.*//g" | sed 's/.*Include \"//g' | sort | uniq | head -1)
  53.         std=$(grep -i "userdata/.*/$1" "/etc/httpd/conf/httpd.conf" | sed "s/\/$1.*//g" | sed 's/.*Include \"//g' | sort | uniq | tail -1)
  54.         if [[ -f $std/$1/modsec.conf ]]; then
  55.             if [[ $(grep Off $std/$1/modsec.conf) != "" ]]; then
  56.                 echo Modsecurity control is already disabled for $1
  57.                 exit
  58.             else
  59.                 sed -i "s/.*<\/LocationMatch>/\tSecRuleEngine Off\n&/" $ssl/$1/modsec.conf
  60.                 sed -i "s/.*<\/LocationMatch>/\tSecRuleEngine Off\n&/" $std/$1/modsec.conf
  61.                 apache=restart
  62.                 echo Modsecurity control has been disabled for $1
  63.             fi
  64.         else
  65.             mkdir -p $ssl/$1/
  66.             mkdir -p $std/$1/
  67.             touch $ssl/$1/modsec.conf
  68.             touch $std/$1/modsec.conf
  69.             echo -e "<LocationMatch .*>\n\tSecRuleEngine Off\n</LocationMatch>" >> $ssl/$1/modsec.conf
  70.             echo -e "<LocationMatch .*>\n\tSecRuleEngine Off\n</LocationMatch>" >> $std/$1/modsec.conf
  71.             apache=restart
  72.             echo Modsecurity control has been disabled for $1
  73.         fi
  74.     fi
  75. fi
  76.  
  77. if [[ $2 = "on" ]]; then
  78.     if [[ $marker = "1" ]]; then
  79.         if [[ -f $path/$1/modsec.conf ]]; then
  80.             if [[ $(grep Off $path/$1/modsec.conf) = "" ]]; then
  81.                 echo Modsecurity is already enabled for $1
  82.                 exit
  83.             else
  84.                 sed -i "/SecRuleEngine Off/d" $path/$1/modsec.conf
  85.                 apache=restart
  86.                 echo Modsecurity control has been enabled for $1
  87.             fi
  88.         else
  89.             echo Modsecurity is already enabled for $1
  90.             exit
  91.         fi
  92.     elif [[ $marker = "2" ]]; then
  93.         ssl=$(grep -i "userdata/.*/$1" "/etc/httpd/conf/httpd.conf" | sed "s/\/$1.*//g" | sed 's/.*Include \"//g' | sort | uniq | head -1)
  94.         std=$(grep -i "userdata/.*/$1" "/etc/httpd/conf/httpd.conf" | sed "s/\/$1.*//g" | sed 's/.*Include \"//g' | sort | uniq | tail -1)
  95.         if [[ -f $std/$1/modsec.conf ]]; then
  96.             if [[ $(grep Off $std/$1/modsec.conf) = "" ]]; then
  97.                 echo Modsecurity is already enabled for $1
  98.                 exit
  99.             else
  100.                 sed -i "/SecRuleEngine Off/d" $ssl/$1/modsec.conf
  101.                 sed -i "/SecRuleEngine Off/d" $std/$1/modsec.conf
  102.                 apache=restart
  103.                 echo Modsecurity control has been enabled for $1
  104.             fi
  105.         else
  106.             echo Modsecurity is already enabled for $1
  107.             exit
  108.         fi
  109.     fi
  110. fi
  111.  
  112. if [[ $marker = "false" ]]; then
  113.         echo idk lol
  114. fi
  115. if [[ $apache = "restart" ]]; then
  116.         /scripts/rebuildhttpdconf
  117.         /scripts/restartsrv_httpd
  118.         echo
  119.         echo modsecurity status for $1\: $2
  120. fi
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!