shukivaknin/jabali-panel
Public Access
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Handle missing ModSecurity config

Browse Source
This commit is contained in:
root
2026-01-28 19:25:58 +02:00
parent 89f012daa7
commit 257fa20685
5 changed files with 50 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@@ -5,7 +5,7 @@
A modern web hosting control panel for WordPress and general PHP hosting. Built with Laravel 12, Filament v5, Livewire 4, and Tailwind CSS v4.
Version: 0.9-rc17 (release candidate)
Version: 0.9-rc19 (release candidate)
This is a release candidate. Expect rapid iteration and breaking changes until 1.0.

2
VERSION
View File

@@ -1 +1 @@
VERSION=0.9-rc17
VERSION=0.9-rc19

38
app/Filament/Admin/Pages/Waf.php
View File

@@ -56,7 +56,20 @@ class Waf extends Page implements HasForms
protected function detectWaf(): bool
{
return file_exists('/etc/nginx/modsec/main.conf') || file_exists('/etc/nginx/modsecurity.conf');
$paths = [
'/etc/nginx/modsec/main.conf',
'/etc/nginx/modsecurity.conf',
'/etc/modsecurity/modsecurity.conf',
'/etc/modsecurity/modsecurity.conf-recommended',
];
foreach ($paths as $path) {
if (file_exists($path)) {
return true;
}
}
return false;
}
protected function getForms(): array
@@ -72,7 +85,9 @@ class Waf extends Page implements HasForms
Section::make(__('WAF Settings'))
->schema([
Toggle::make('enabled')
->label(__('Enable ModSecurity')),
->label(__('Enable ModSecurity'))
->disabled(fn () => ! $this->wafInstalled)
->helperText(fn () => $this->wafInstalled ? null : __('ModSecurity is not installed. Install it to enable WAF.')),
Select::make('paranoia')
->label(__('Paranoia Level'))
->options([
@@ -92,18 +107,33 @@ class Waf extends Page implements HasForms
public function saveWafSettings(): void
{
$data = $this->wafForm->getState();
Setting::set('waf_enabled', ! empty($data['enabled']) ? '1' : '0');
$requestedEnabled = ! empty($data['enabled']);
if ($requestedEnabled && ! $this->wafInstalled) {
$requestedEnabled = false;
}
Setting::set('waf_enabled', $requestedEnabled ? '1' : '0');
Setting::set('waf_paranoia', (string) ($data['paranoia'] ?? '1'));
Setting::set('waf_audit_log', ! empty($data['audit_log']) ? '1' : '0');
try {
$agent = new AgentClient;
$agent->wafApplySettings(
! empty($data['enabled']),
$requestedEnabled,
(string) ($data['paranoia'] ?? '1'),
! empty($data['audit_log'])
);
if (! $this->wafInstalled && ! empty($data['enabled'])) {
Notification::make()
->title(__('ModSecurity is not installed'))
->body(__('WAF was disabled automatically. Install ModSecurity to enable it.'))
->warning()
->send();
return;
}
Notification::make()
->title(__('WAF settings applied'))
->success()

4
bin/jabali-agent
View File

@@ -4029,7 +4029,9 @@ function domainCreate(array $params): array
$userHome = $userInfo['dir'];
$uid = $userInfo['uid'];
$gid = $userInfo['gid'];
ensureJabaliNginxIncludeFiles();
// Create domain directories
$domainRoot = "{$userHome}/domains/{$domain}";
$publicHtml = "{$domainRoot}/public_html";

12
install.sh
View File

@@ -12,7 +12,7 @@
set -e
# Version - will be read from VERSION file after clone, this is fallback
JABALI_VERSION="0.9-rc17"
JABALI_VERSION="0.9-rc19"
# Colors
RED='\033[0;31m'
@@ -1001,6 +1001,16 @@ configure_nginx() {
chmod 600 "$ssl_dir/panel.key"
chmod 644 "$ssl_dir/panel.crt"
# Ensure Jabali Nginx include files exist for WAF/Geo includes
local jabali_includes="/etc/nginx/jabali/includes"
mkdir -p "$jabali_includes"
if [[ ! -f "$jabali_includes/waf.conf" ]]; then
echo "# Managed by Jabali" > "$jabali_includes/waf.conf"
fi
if [[ ! -f "$jabali_includes/geo.conf" ]]; then
echo "# Managed by Jabali" > "$jabali_includes/geo.conf"
fi
# Create Jabali site config with HTTPS and HTTP redirect
cat > /etc/nginx/sites-available/${SERVER_HOSTNAME} << NGINX
# Redirect HTTP to HTTPS