Added apache directives check agains regex blacklist in security settings.
| | |
| | | $filterSet = $this->storage->getFilterSet(); |
| | | |
| | | if ($tags = $this->tags) { |
| | | $filterSet = array_filter( |
| | | $filterSet = @array_filter( |
| | | $filterSet, |
| | | function (Filter $filter) use ($tags) { |
| | | return (bool) array_intersect($tags, $filter->getTags()); |
| | |
| | | } |
| | | |
| | | $scanKeys = $this->scanKeys; |
| | | $filterSet = array_filter( |
| | | $filterSet = @array_filter( |
| | | $filterSet, |
| | | function (Filter $filter) use ($key, $value, $scanKeys) { |
| | | return $filter->match($value) || $scanKeys && $filter->match($key); |
| | |
| | | $result = $this->_check_unique($field_value . '.' . $check_domain, true); |
| | | if(!$result) return $this->get_error('domain_error_autosub'); |
| | | } |
| | | |
| | | /* Check apache directives */ |
| | | function web_apache_directives($field_name, $field_value, $validator) { |
| | | global $app; |
| | | |
| | | if(trim($field_value) != '') { |
| | | $security_config = $app->getconf->get_security_config('ids'); |
| | | |
| | | if($security_config['apache_directives_scan_enabled'] == 'yes') { |
| | | |
| | | // Get blacklist |
| | | $blacklist_path = '/usr/local/ispconfig/security/apache_directives.blacklist'; |
| | | if(is_file('/usr/local/ispconfig/security/apache_directives.blacklist.custom')) $blacklist_path = '/usr/local/ispconfig/security/apache_directives.blacklist.custom'; |
| | | if(!is_file($blacklist_path)) $blacklist_path = realpath(ISPC_ROOT_PATH.'/../security/apache_directives.blacklist'); |
| | | |
| | | $directives = explode("\n",$field_value); |
| | | $regex = explode("\n",file_get_contents($blacklist_path)); |
| | | $blocked = false; |
| | | $blocked_line = ''; |
| | | |
| | | if(is_array($directives) && is_array($regex)) { |
| | | foreach($directives as $directive) { |
| | | $directive = trim($directive); |
| | | foreach($regex as $r) { |
| | | if(preg_match(trim($r),$directive)) { |
| | | $blocked = true; |
| | | $blocked_line = $directive; |
| | | }; |
| | | } |
| | | } |
| | | } |
| | | } |
| | | } |
| | | |
| | | if($blocked === true) { |
| | | return $this->get_error('apache_directive_blocked_error').' '.$blocked_line; |
| | | } |
| | | } |
| | | |
| | | |
| | | /* internal validator function to match regexp */ |
| | | function _regex_validate($domain_name, $allow_wildcard = false) { |
| | |
| | | } |
| | | return true; // admin may always add wildcard domain |
| | | } |
| | | |
| | | |
| | | } |
| | |
| | | 'apache_directives' => array ( |
| | | 'datatype' => 'TEXT', |
| | | 'formtype' => 'TEXT', |
| | | 'validators' => array ( 0 => array( |
| | | 'type' => 'CUSTOM', |
| | | 'class' => 'validate_domain', |
| | | 'function' => 'web_apache_directives', |
| | | 'errmsg' => 'apache_directive_blockd_error' |
| | | ), |
| | | ), |
| | | 'default' => '', |
| | | 'value' => '', |
| | | 'width' => '30', |
| | |
| | | 'apache_directives' => array ( |
| | | 'datatype' => 'TEXT', |
| | | 'formtype' => 'TEXT', |
| | | 'validators' => array ( 0 => array( |
| | | 'type' => 'CUSTOM', |
| | | 'class' => 'validate_domain', |
| | | 'function' => 'web_apache_directives', |
| | | 'errmsg' => 'apache_directive_blockd_error' |
| | | ), |
| | | ), |
| | | 'default' => '', |
| | | 'value' => '', |
| | | 'width' => '30', |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Invalid php.ini settings'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Invalid php.ini settings'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Invalid php.ini settings'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'Vyloučené adresáře obsahují neplatné znaky.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Neplatné nastavení php.ini'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'Die auszuschließenden Verzeichnisse enthalten ungültige Zeichen.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Unzulässige php.ini-Einstellungen'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Die Apache Direktive wurde durch die Sicherheitsrichtline blockiert:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Invalid php.ini settings'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Invalid php.ini settings'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Invalid php.ini settings'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Invalid php.ini settings'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Invalid php.ini settings'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Invalid php.ini settings'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Invalid php.ini settings'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Invalid php.ini settings'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Invalid php.ini settings'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Invalid php.ini settings'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Invalid php.ini settings'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Invalid php.ini settings'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Invalid php.ini settings'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Invalid php.ini settings'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Invalid php.ini settings'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Ogiltiga php.ini-inställningar'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Invalid php.ini settings'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |
| | |
| | | $wb['backup_excludes_error_regex'] = 'The excluded directories contain invalid characters.'; |
| | | $wb['invalid_custom_php_ini_settings_txt'] = 'Invalid php.ini settings'; |
| | | $wb['invalid_system_user_or_group_txt'] = 'Invalid system user or group'; |
| | | $wb['apache_directive_blocked_error'] = 'Apache directive blocked by security settings:'; |
| | | ?> |