diff --git a/.etckeeper b/.etckeeper index 3507bb2..46603ab 100755 --- a/.etckeeper +++ b/.etckeeper @@ -13,7 +13,10 @@ mkdir -p './X11/xorg.conf.d' mkdir -p './ansible/roles' mkdir -p './authselect/custom' mkdir -p './binfmt.d' +mkdir -p './cagefs/conf.d' +mkdir -p './cagefs/exclude' mkdir -p './chkconfig.d' +mkdir -p './cl.selector/php.extensions.d' mkdir -p './cron.weekly' mkdir -p './crypto-policies/policies/modules' mkdir -p './cxs/newusers' @@ -37,10 +40,7 @@ mkdir -p './glances' mkdir -p './glvnd/egl_vendor.d' mkdir -p './gnupg' mkdir -p './groff/site-font' -mkdir -p './imunify360-webshield/webshield-backend.conf.d' -mkdir -p './imunify360-webshield/webshield-captcha.conf.d' -mkdir -p './imunify360-webshield/webshield-server.conf.d' -mkdir -p './imunify360-webshield/webshield-splashscreen.conf.d' +mkdir -p './imunify360-webshield/ssl_certs' mkdir -p './incron.d' mkdir -p './java/security/security.d' mkdir -p './jvm' @@ -107,6 +107,7 @@ mkdir -p './sssd/conf.d' mkdir -p './sssd/pki' mkdir -p './subversion' mkdir -p './sysconfig/console' +mkdir -p './sysconfig/imunify360/malware-filters-admin-conf' mkdir -p './sysconfig/modules' mkdir -p './sysconfig/rhn/allowed-actions/configfiles' mkdir -p './sysconfig/rhn/allowed-actions/script' @@ -116,6 +117,7 @@ mkdir -p './systemd/system/php-fpm.service.d' mkdir -p './terminfo' mkdir -p './tuned/recommend.d' mkdir -p './udev/hwdb.d' +mkdir -p './wafd_imunify' mkdir -p './xdg/QtProject' maybe chmod 0755 '.' maybe chmod 0700 '.etckeeper' @@ -267,11 +269,7 @@ maybe chmod 0644 'bindresvport.blacklist' maybe chmod 0755 'binfmt.d' maybe chmod 0755 'cagefs' maybe chmod 0755 'cagefs/conf.d' -maybe chmod 0600 'cagefs/conf.d/ai-bolit.cfg' -maybe chmod 0600 'cagefs/conf.d/pd-i360.cfg' -maybe chmod 0600 'cagefs/conf.d/phpi360.cfg' maybe chmod 0755 'cagefs/exclude' -maybe chmod 0600 'cagefs/exclude/imunify360' maybe chmod 0644 'cczerc' maybe chmod 0755 'chkconfig.d' maybe chmod 0644 'chrony.conf' @@ -280,9 +278,7 @@ maybe chgrp 'chrony' 'chrony.keys' maybe chmod 0640 'chrony.keys' maybe chmod 0755 'cifs-utils' maybe chmod 0755 'cl.selector' -maybe chmod 0644 'cl.selector/php.extensions.conflicts' maybe chmod 0755 'cl.selector/php.extensions.d' -maybe chmod 0644 'cl.selector/php.extensions.d/i360.cfg' maybe chmod 0644 'cl.selector/selector.conf' maybe chown 'amavis' 'clamav-unofficial-sigs' maybe chgrp 'amavis' 'clamav-unofficial-sigs' @@ -322,8 +318,6 @@ maybe chgrp 'amavis' 'clamd.d/scan.conf.rpmsave' maybe chmod 0644 'clamd.d/scan.conf.rpmsave' maybe chmod 0755 'cloud' maybe chmod 0644 'cloud/cloud.cfg.rpmsave' -maybe chmod 0755 'cloudlinux-backup' -maybe chmod 0644 'cloudlinux-backup/mysql_freeze.config' maybe chmod 0755 'cockpit' maybe chmod 0755 'cockpit/ws-certs.d' maybe chmod 0644 'cockpit/ws-certs.d/0-self-signed-ca.pem' @@ -337,24 +331,13 @@ maybe chmod 0644 'cron.d/0hourly' maybe chmod 0644 'cron.d/clamav-unofficial-sigs' maybe chmod 0644 'cron.d/csf-cron' maybe chmod 0600 'cron.d/csf_update' -maybe chmod 0644 'cron.d/imunify-antivirus' -maybe chmod 0644 'cron.d/imunify-notifier' -maybe chmod 0644 'cron.d/imunify360' -maybe chmod 0644 'cron.d/imunify360-webshield-check' -maybe chmod 0600 'cron.d/imunify_scan_schedule' maybe chmod 0644 'cron.d/lfd-cron' maybe chmod 0644 'cron.d/maldet_pub' -maybe chmod 0644 'cron.d/shrinker-cron' -maybe chmod 0600 'cron.d/waf_configurator' maybe chmod 0755 'cron.daily' -maybe chmod 0755 'cron.daily/cloudlinux-backup-utils' maybe chmod 0700 'cron.daily/csget' maybe chmod 0755 'cron.daily/etckeeper' -maybe chmod 0755 'cron.daily/imunify-antivirus.cron' -maybe chmod 0755 'cron.daily/imunify360.cron' maybe chmod 0755 'cron.daily/logrotate' maybe chmod 0755 'cron.daily/maldet' -maybe chmod 0755 'cron.daily/ossec_logs_cleaner' maybe chmod 0755 'cron.daily/rkhunter' maybe chmod 0644 'cron.deny' maybe chmod 0755 'cron.hourly' @@ -412,7 +395,6 @@ maybe chmod 0600 'csf/disabled' maybe chmod 0600 'csf/disabled/csfpost.sh' maybe chmod 0600 'csf/disabled/csfpre.sh' maybe chmod 0600 'csf/downloadservers' -maybe chmod 0644 'csf/imunify_allow.conf' maybe chmod 0600 'csf/install.txt' maybe chmod 0600 'csf/license.txt' maybe chmod 0600 'csf/messenger' @@ -1031,56 +1013,23 @@ maybe chmod 0644 'httpd/conf.modules.d/README' maybe chmod 0644 'httpd/conf/httpd.conf' maybe chmod 0644 'httpd/conf/magic' maybe chmod 0644 'idmapd.conf' -maybe chmod 0755 'imunify-auditd-log-reader' -maybe chmod 0644 'imunify-auditd-log-reader/config.yaml' -maybe chmod 0755 'imunify-realtime-av' -maybe chmod 0644 'imunify-realtime-av/config.yaml' maybe chmod 0755 'imunify360' maybe chmod 0755 'imunify360-webshield' -maybe chmod 0644 'imunify360-webshield/agent-proxies.conf' -maybe chmod 0644 'imunify360-webshield/blocked_country_codes.conf' maybe chmod 0755 'imunify360-webshield/captcha' -maybe chmod 0644 'imunify360-webshield/captcha.conf' maybe chmod 0644 'imunify360-webshield/captcha/lang.conf' -maybe chmod 0660 'imunify360-webshield/common-proxies.conf' -maybe chmod 0660 'imunify360-webshield/country_ips.conf' -maybe chmod 0644 'imunify360-webshield/custom-blacklisted.conf' -maybe chmod 0644 'imunify360-webshield/custom-whitelisted.conf' -maybe chmod 0644 'imunify360-webshield/fastcgi.conf' -maybe chmod 0644 'imunify360-webshield/fastcgi_params' -maybe chmod 0644 'imunify360-webshield/invisible-captcha.conf' -maybe chmod 0644 'imunify360-webshield/invisible-captcha.conf.tpl' -maybe chmod 0644 'imunify360-webshield/koi-utf' -maybe chmod 0644 'imunify360-webshield/koi-win' -maybe chmod 0644 'imunify360-webshield/mime.types' +maybe chmod 0660 'imunify360-webshield/common-proxies.conf.rpmsave' +maybe chmod 0660 'imunify360-webshield/country_ips.conf.rpmsave' maybe chmod 0644 'imunify360-webshield/ports.conf' -maybe chmod 0644 'imunify360-webshield/presets.cfg' -maybe chmod 0644 'imunify360-webshield/scgi_params' maybe chmod 0755 'imunify360-webshield/splashscreen' -maybe chmod 0644 'imunify360-webshield/splashscreen-antibot.conf' -maybe chmod 0644 'imunify360-webshield/splashscreen.conf' +maybe chmod 0644 'imunify360-webshield/splashscreen-antibot.conf.rpmsave' maybe chmod 0644 'imunify360-webshield/splashscreen/lang.conf' -maybe chmod 0644 'imunify360-webshield/ssl.conf' maybe chmod 0755 'imunify360-webshield/ssl_certs' -maybe chmod 0600 'imunify360-webshield/ssl_certs/dummy.pem' maybe chmod 0644 'imunify360-webshield/ssl_ports.conf' -maybe chmod 0644 'imunify360-webshield/unified_access_logger.conf' -maybe chmod 0644 'imunify360-webshield/uwsgi_params' -maybe chmod 0644 'imunify360-webshield/virtserver.conf' -maybe chmod 0755 'imunify360-webshield/webshield-backend.conf.d' -maybe chmod 0755 'imunify360-webshield/webshield-captcha.conf.d' maybe chmod 0755 'imunify360-webshield/webshield-http.conf.d' maybe chmod 0660 'imunify360-webshield/webshield-http.conf.d/captchakeys.conf' maybe chmod 0644 'imunify360-webshield/webshield-http.conf.d/resolver.conf' maybe chmod 0660 'imunify360-webshield/webshield-http.conf.d/static-whitelist.conf' maybe chmod 0644 'imunify360-webshield/webshield-http.conf.d/wscheckdata.conf' -maybe chmod 0755 'imunify360-webshield/webshield-server.conf.d' -maybe chmod 0755 'imunify360-webshield/webshield-splashscreen.conf.d' -maybe chmod 0644 'imunify360-webshield/webshield.conf' -maybe chmod 0644 'imunify360-webshield/whitelisted-domains.conf' -maybe chmod 0644 'imunify360-webshield/win-utf' -maybe chmod 0644 'imunify360-webshield/wscheck.conf' -maybe chmod 0600 'imunify360/unified-access-logger.conf' maybe chmod 0755 'imunify360/user_config' maybe chgrp '5yFVdI0o' 'imunify360/user_config/5yFVdI0o' maybe chmod 0750 'imunify360/user_config/5yFVdI0o' @@ -1228,7 +1177,6 @@ maybe chmod 0755 'krb5.conf.d' maybe chmod 0644 'krb5.conf.d/kcm_default_ccache' maybe chmod 0644 'ld.so.conf' maybe chmod 0755 'ld.so.conf.d' -maybe chmod 0644 'ld.so.conf.d/alt-hyperscan.conf' maybe chmod 0644 'ld.so.conf.d/bind-export-x86_64.conf' maybe chmod 0444 'ld.so.conf.d/kernel-4.18.0-193.6.3.el8_2.x86_64.conf' maybe chmod 0444 'ld.so.conf.d/kernel-4.18.0-372.13.1.el8_6.x86_64.conf' @@ -3226,17 +3174,11 @@ maybe chmod 0644 'logrotate.d/aide' maybe chmod 0644 'logrotate.d/btmp' maybe chmod 0644 'logrotate.d/chrony' maybe chmod 0644 'logrotate.d/clamav-unofficial-sigs' -maybe chmod 0644 'logrotate.d/cloudlinux-backup-utils' maybe chmod 0644 'logrotate.d/dnf' maybe chmod 0640 'logrotate.d/fail2ban' maybe chmod 0640 'logrotate.d/fail2ban.rpmsave' maybe chmod 0644 'logrotate.d/firewalld' maybe chmod 0644 'logrotate.d/httpd' -maybe chmod 0644 'logrotate.d/imunify360' -maybe chmod 0644 'logrotate.d/imunify360-pam' -maybe chmod 0644 'logrotate.d/imunify360-unified-access-logger' -maybe chmod 0644 'logrotate.d/imunify360-wafd' -maybe chmod 0644 'logrotate.d/imunify360-webshield' maybe chmod 0644 'logrotate.d/iptraf-ng' maybe chmod 0644 'logrotate.d/kvm_stat' maybe chmod 0644 'logrotate.d/lfd' @@ -3246,7 +3188,6 @@ maybe chgrp 'named' 'logrotate.d/named' maybe chmod 0640 'logrotate.d/named' maybe chmod 0644 'logrotate.d/netdata' maybe chmod 0644 'logrotate.d/nginx' -maybe chmod 0644 'logrotate.d/ossec-hids' maybe chmod 0644 'logrotate.d/php-fpm' maybe chmod 0644 'logrotate.d/ppp' maybe chmod 0644 'logrotate.d/privoxy' @@ -4806,8 +4747,6 @@ maybe chmod 0640 'nginx/uwsgi_params' maybe chmod 0644 'npmrc' maybe chmod 0755 'nrpe.d' maybe chmod 0644 'nsswitch.conf' -maybe chmod 0644 'odbc.ini' -maybe chmod 0644 'odbcinst.ini' maybe chmod 0755 'oddjob' maybe chmod 0644 'oddjobd.conf' maybe chmod 0755 'oddjobd.conf.d' @@ -4878,10 +4817,7 @@ maybe chmod 0755 'openldap' maybe chmod 0755 'openldap/certs' maybe chmod 0644 'openldap/ldap.conf' maybe chmod 0755 'opt' -maybe chmod 0600 'ossec-init.conf' maybe chmod 0755 'pam.d' -maybe chmod 0660 'pam.d/.password-auth.i360patch' -maybe chmod 0660 'pam.d/.system-auth.i360patch' maybe chmod 0644 'pam.d/atd' maybe chmod 0644 'pam.d/chfn' maybe chmod 0644 'pam.d/chsh' @@ -4889,8 +4825,6 @@ maybe chmod 0644 'pam.d/cockpit' maybe chmod 0644 'pam.d/config-util' maybe chmod 0644 'pam.d/crond' maybe chmod 0644 'pam.d/dovecot' -maybe chmod 0644 'pam.d/dovecot_imunify' -maybe chmod 0644 'pam.d/dovecot_imunify_domainowner' maybe chmod 0644 'pam.d/fingerprint-auth' maybe chmod 0644 'pam.d/login' maybe chmod 0644 'pam.d/mock' @@ -4901,7 +4835,6 @@ maybe chmod 0644 'pam.d/password-auth.i360bak' maybe chmod 0644 'pam.d/polkit-1' maybe chmod 0644 'pam.d/postlogin' maybe chmod 0644 'pam.d/ppp' -maybe chmod 0644 'pam.d/proftpd_imunify' maybe chmod 0644 'pam.d/remote' maybe chmod 0644 'pam.d/runuser' maybe chmod 0644 'pam.d/runuser-l' @@ -4923,8 +4856,6 @@ maybe chmod 0644 'pam.d/systemd-user' maybe chmod 0644 'pam.d/vlock' maybe chmod 0644 'pam.d/vmtoolsd' maybe chmod 0644 'pam.d/vsftpd' -maybe chmod 0750 'pam_imunify' -maybe chmod 0600 'pam_imunify/i360.ini' maybe chmod 0644 'papersize' maybe chmod 0644 'passwd' maybe chmod 0644 'passwd-' @@ -5900,7 +5831,6 @@ maybe chmod 0644 'sudoers.d/nrpe' maybe chmod 0640 'sudoers.d/smiti' maybe chmod 0640 'sudoers.d/vampi' maybe chmod 0755 'sysconfig' -maybe chmod 0640 'sysconfig/aibolit-resident' maybe chmod 0644 'sysconfig/anaconda' maybe chmod 0644 'sysconfig/arpwatch' maybe chmod 0644 'sysconfig/atd' @@ -5917,35 +5847,13 @@ maybe chmod 0644 'sysconfig/garb' maybe chmod 0644 'sysconfig/htcacheclean' maybe chmod 0750 'sysconfig/imunify360' maybe chmod 0660 'sysconfig/imunify360/.imunify360.backup_config' -maybe chmod 0600 'sysconfig/imunify360/auth.admin' -maybe chmod 0644 'sysconfig/imunify360/custom_billing.config' maybe chmod 0755 'sysconfig/imunify360/generic' -maybe chmod 0644 'sysconfig/imunify360/generic/global_disabled_rules.conf' -maybe chmod 0644 'sysconfig/imunify360/generic/imunify-plugin.zip' -maybe chmod 0644 'sysconfig/imunify360/generic/modsec.conf' -maybe chmod 0700 'sysconfig/imunify360/generic/modsec.conf.d' -maybe chmod 0644 'sysconfig/imunify360/generic/modsec.conf.d/empty.conf' -maybe chmod 0644 'sysconfig/imunify360/generic/modsec2.imunify.conf' -maybe chmod 0644 'sysconfig/imunify360/generic/nginx.modsec3.imunify.conf' -maybe chmod 0644 'sysconfig/imunify360/imunify360-merged.config' -maybe chmod 0600 'sysconfig/imunify360/imunify360.config' +maybe chmod 0660 'sysconfig/imunify360/generic/modsec.conf' maybe chmod 0700 'sysconfig/imunify360/imunify360.config.d' maybe chmod 0600 'sysconfig/imunify360/imunify360.config.d/10_on_first_install.config' -maybe chmod 0600 'sysconfig/imunify360/imunify360.config.defaults.example' +maybe chmod 0600 'sysconfig/imunify360/imunify360.config.rpmsave' maybe chmod 0640 'sysconfig/imunify360/integration.conf' maybe chmod 0755 'sysconfig/imunify360/malware-filters-admin-conf' -maybe chmod 0644 'sysconfig/imunify360/malware-filters-admin-conf/ignored.txt' -maybe chmod 0770 'sysconfig/imunify360/malware-filters-admin-conf/processed' -maybe chmod 0660 'sysconfig/imunify360/malware-filters-admin-conf/processed/basedirs-list.txt' -maybe chmod 0770 'sysconfig/imunify360/malware-filters-admin-conf/processed/ignored' -maybe chmod 0660 'sysconfig/imunify360/malware-filters-admin-conf/processed/ignored/av-admin-paths.txt' -maybe chmod 0660 'sysconfig/imunify360/malware-filters-admin-conf/processed/ignored/av-admin.txt' -maybe chmod 0660 'sysconfig/imunify360/malware-filters-admin-conf/processed/ignored/av-internal.txt' -maybe chmod 0660 'sysconfig/imunify360/malware-filters-admin-conf/processed/ignored/pd-combined.txt' -maybe chmod 0770 'sysconfig/imunify360/malware-filters-admin-conf/processed/watched' -maybe chmod 0660 'sysconfig/imunify360/malware-filters-admin-conf/processed/watched/av-admin.txt' -maybe chmod 0660 'sysconfig/imunify360/malware-filters-admin-conf/processed/watched/av-internal.txt' -maybe chmod 0644 'sysconfig/imunify360/malware-filters-admin-conf/watched.txt' maybe chmod 0660 'sysconfig/imunify360/panel-name.txt' maybe chmod 0600 'sysconfig/ip6tables-config' maybe chmod 0600 'sysconfig/iptables-config' @@ -6023,7 +5931,6 @@ maybe chmod 0644 'sysconfig/svnserve' maybe chmod 0644 'sysctl.conf' maybe chmod 0644 'sysctl.conf.old-2020-10-20-17_37_02' maybe chmod 0755 'sysctl.d' -maybe chmod 0644 'sysctl.d/90-webshield-ip-local-reserved.conf' maybe chmod 0644 'system-fips' maybe chmod 0644 'system-release-cpe' maybe chmod 0755 'systemd' @@ -6136,7 +6043,6 @@ maybe chmod 0744 'vsftpd/vsftpd_conf_migrate.sh' maybe chmod 0755 'w3m' maybe chmod 0644 'w3m/config' maybe chmod 0755 'wafd_imunify' -maybe chmod 0600 'wafd_imunify/i360.ini' maybe chmod 0644 'wgetrc' maybe chmod 0644 'whois.conf' maybe chmod 0700 'wireguard' @@ -6193,7 +6099,6 @@ maybe chmod 0644 'yum.repos.d/epel-testing.repo' maybe chmod 0644 'yum.repos.d/epel.repo' maybe chmod 0644 'yum.repos.d/hashicorp.repo' maybe chmod 0640 'yum.repos.d/immortal_immortal.repo' -maybe chmod 0644 'yum.repos.d/imunify-rollout.repo' maybe chmod 0644 'yum.repos.d/imunify360-testing.repo' maybe chmod 0644 'yum.repos.d/imunify360.repo' maybe chmod 0640 'yum.repos.d/kopia.repo' diff --git a/cagefs/conf.d/ai-bolit.cfg b/cagefs/conf.d/ai-bolit.cfg deleted file mode 100644 index 342b6d5..0000000 --- a/cagefs/conf.d/ai-bolit.cfg +++ /dev/null @@ -1,3 +0,0 @@ -[ai-bolit] -comment=AI-BOLIT -paths=/opt/ai-bolit/AIBOLIT-WHITELIST.db, /opt/ai-bolit/ai-bolit-hoster.php, /opt/ai-bolit/ai-bolit.php, /opt/ai-bolit/procu2.php diff --git a/cagefs/conf.d/pd-i360.cfg b/cagefs/conf.d/pd-i360.cfg deleted file mode 100644 index 0f868a4..0000000 --- a/cagefs/conf.d/pd-i360.cfg +++ /dev/null @@ -1,3 +0,0 @@ -[pd-i360] -comment=PD files -paths=/etc/ld.so.conf.d/alt-hyperscan.conf diff --git a/cagefs/conf.d/phpi360.cfg b/cagefs/conf.d/phpi360.cfg deleted file mode 100644 index e3b59ec..0000000 --- a/cagefs/conf.d/phpi360.cfg +++ /dev/null @@ -1,3 +0,0 @@ -[phpi360] -comment=PHP proactive defence -paths=/etc/sysconfig/imunify360/imunify360-merged.config \ No newline at end of file diff --git a/cagefs/exclude/imunify360 b/cagefs/exclude/imunify360 deleted file mode 100644 index 33d55a0..0000000 --- a/cagefs/exclude/imunify360 +++ /dev/null @@ -1,5 +0,0 @@ -imunify360-captcha -ossec -ossecr -ossecm -ossece diff --git a/cl.selector/php.extensions.conflicts b/cl.selector/php.extensions.conflicts deleted file mode 100644 index 03ddc57..0000000 --- a/cl.selector/php.extensions.conflicts +++ /dev/null @@ -1,16 +0,0 @@ -# This file contains php extensions mutual conflicts - -eaccelerator, apc, xcache, xcache_3, apcu -apc, opcache - -idn, intl - -mysql, nd_mysql -mysqli, nd_mysqli -pdo_mysql, nd_pdo_mysql -ioncube_loader, ioncube_loader_4 -ioncube_loader, ioncube_loader_5 -ioncube_loader_5, ioncube_loader_4 -imagick, gmagick -gmagick, magickwand -phalcon, phalcon3 diff --git a/cl.selector/php.extensions.d/i360.cfg b/cl.selector/php.extensions.d/i360.cfg deleted file mode 100644 index 5692270..0000000 --- a/cl.selector/php.extensions.d/i360.cfg +++ /dev/null @@ -1,2 +0,0 @@ -[extensions] -hide_extensions=i360 diff --git a/cloudlinux-backup/mysql_freeze.config b/cloudlinux-backup/mysql_freeze.config deleted file mode 100644 index c74b8e4..0000000 --- a/cloudlinux-backup/mysql_freeze.config +++ /dev/null @@ -1,4 +0,0 @@ -FREEZE_MYSQL_TIMEOUT=300 -FREEZE_SNAPSHOT_TIMEOUT=600 -FREEZE_LOCKFILE=/var/cloudlinux-backup-mysql-freeze.lock -FREEZE_LOGFILE=/var/log/cloudlinux-backup-mysql-freeze.log diff --git a/cron.d/imunify-antivirus b/cron.d/imunify-antivirus deleted file mode 100644 index 7cae077..0000000 --- a/cron.d/imunify-antivirus +++ /dev/null @@ -1,7 +0,0 @@ -PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin - -# Every Saturday at 1:25 -25 1 * * 6 root tmpwatch 168 /var/imunify360/tmp -# Every 5 minutes. Ignore "ERROR: imunify360 service is running." -*/5 * * * * root imunify360-agent malware on-demand check-detached > /dev/null 2>&1 || : -17 4 * * * root /opt/alt/python38/share/imunify360/scripts/report-command-error /opt/alt/python38/share/imunify360/scripts/update_components_versions.py > /dev/null 2>&1 diff --git a/cron.d/imunify-notifier b/cron.d/imunify-notifier deleted file mode 100644 index ab71f0a..0000000 --- a/cron.d/imunify-notifier +++ /dev/null @@ -1,4 +0,0 @@ -# CONTENT OF THIS FILE IS GENERATED AUTOMATICALLY, DO NOT EDIT -SHELL=/bin/bash -MAILTO="" -* * * * * root /usr/sbin/imunify-notifier -update-cron diff --git a/cron.d/imunify360 b/cron.d/imunify360 deleted file mode 100644 index cade345..0000000 --- a/cron.d/imunify360 +++ /dev/null @@ -1,8 +0,0 @@ -PATH=/usr/local/sbin:/usr/sbin:/sbin:/usr/local/bin:/usr/bin:/bin - -13 * * * * root /usr/sbin/imunify360-watchdog 1200 >/dev/null 2>&1 -0 * * * * root /usr/sbin/imunify-realtime-av -cleanup >/dev/null 2>&1 -# clean modsec tmp dir for the case when tmp files are stored permanently (see DEF-14411) -*/5 * * * * root /usr/libexec/imunify360-cgroup-process-wrapper --command tmpwatch --report-time --report-slice /Imunify.slice/Cron.slice/tmpreaper_tmp_modsec -- 5m /var/imunify360/tmp_modsec -# Every Saturday at 1:25 -25 1 * * 6 root /usr/libexec/imunify360-cgroup-process-wrapper --command tmpwatch --report-time --report-slice /Imunify.slice/Cron.slice/tmpreaper_tmp -- 168 /var/imunify360/tmp diff --git a/cron.d/imunify360-webshield-check b/cron.d/imunify360-webshield-check deleted file mode 100644 index 23126c5..0000000 --- a/cron.d/imunify360-webshield-check +++ /dev/null @@ -1,4 +0,0 @@ -SHELL=/bin/bash -PATH=/sbin:/bin:/usr/sbin:/usr/bin - -*/5 * * * * root /usr/share/imunify360-webshield/webshield-watchdog &>/dev/null diff --git a/cron.d/imunify_scan_schedule b/cron.d/imunify_scan_schedule deleted file mode 100644 index d2f34e0..0000000 --- a/cron.d/imunify_scan_schedule +++ /dev/null @@ -1,2 +0,0 @@ -# DO NOT EDIT. AUTOMATICALLY GENERATED. -0 3 * * 0 root /usr/bin/imunify360-agent malware user scan --background >/dev/null 2>&1 diff --git a/cron.d/shrinker-cron b/cron.d/shrinker-cron deleted file mode 100644 index 119ff97..0000000 --- a/cron.d/shrinker-cron +++ /dev/null @@ -1 +0,0 @@ -17 3 * * * root /usr/bin/flock -n /var/run/shrinker.lock /opt/alt/python38/bin/python3 /opt/alt/modsec-sdbm-util/bin/shrinker.py > /dev/null diff --git a/cron.d/waf_configurator b/cron.d/waf_configurator deleted file mode 100644 index 0385c12..0000000 --- a/cron.d/waf_configurator +++ /dev/null @@ -1,2 +0,0 @@ -# DO NOT EDIT. AUTOMATICALLY GENERATED BY IMUNIFY360. -51 4 * * * root /opt/alt/python38/share/imunify360/scripts/report-command-error /opt/alt/python38/share/imunify360/scripts/update_components_versions.py > /dev/null 2>&1 diff --git a/cron.daily/cloudlinux-backup-utils b/cron.daily/cloudlinux-backup-utils deleted file mode 100755 index 7b677c4..0000000 --- a/cron.daily/cloudlinux-backup-utils +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash - -LOG_FILE=${1:-/var/log/cloudlinux-backup-utils-cron.log} - -log() { - echo "$(date -u): ${*}" >>"${LOG_FILE}" -} - -refresh_token_if_present() { - backend=${1} - token_file=/var/restore_infected/${backend}_api_token.json - - if [ -f "${token_file}" ]; then - log "${backend}: refreshing auth token" - out=$(/usr/bin/restore_infected "${backend}" extra refresh_token 2>&1) - exit_code=$? - if [ "${exit_code}" != "0" ]; then - log "${out}" - log "Token refresh failed" - - echo "${out}" - echo "Token refresh failed" - return 1 - fi - log "Auth token refreshed" - else - log "${backend}: not initialized, skipping..." - fi -} - -refresh_token_if_present acronis -refresh_token_if_present r1soft - diff --git a/cron.daily/imunify-antivirus.cron b/cron.daily/imunify-antivirus.cron deleted file mode 100755 index 98a5afe..0000000 --- a/cron.daily/imunify-antivirus.cron +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash - -/usr/bin/imunify360-agent check-domains > /dev/null 2>&1 || true - -/opt/alt/python38/share/imunify360/scripts/report-command-error \ - /usr/bin/yum update \ - imunify-antivirus \ - ai-bolit \ - imunify-notifier \ - --assumeyes > /dev/null 2>&1 - -/usr/bin/imunify-antivirus version > /dev/null 2>&1 diff --git a/cron.daily/imunify360.cron b/cron.daily/imunify360.cron deleted file mode 100755 index 1d47f72..0000000 --- a/cron.daily/imunify360.cron +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash -/usr/bin/imunify360-agent check-domains > /dev/null 2>&1 -/opt/alt/python38/share/imunify360/scripts/report-command-error \ - /usr/bin/yum update \ - imunify360-firewall \ - cloudlinux-backup-utils \ - ai-bolit \ - imunify360-php-i360 \ - imunify-realtime-av \ - imunify-auditd-log-reader \ - imunify360-webshield-bundle \ - imunify360-pam \ - imunify-notifier \ - imunify360-unified-access-logger \ - --assumeyes > /dev/null 2>&1 diff --git a/cron.daily/ossec_logs_cleaner b/cron.daily/ossec_logs_cleaner deleted file mode 100755 index 23b7fa3..0000000 --- a/cron.daily/ossec_logs_cleaner +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash -# -delete option implicitly uses -depth, which traverse folders with DFS -# (beginning with folder's content, ending with folder itself) -# so, if old folder contains old files, "directory is not empty" error won't happen. -# Old folder may not be deleted only if contains recently modified files -find -H /var/ossec/logs/{alerts/*,archives/*,firewall/*} -mtime +2 -not -name alerts.json -delete >/dev/null 2>&1 -exit 0 \ No newline at end of file diff --git a/csf/csf.allow b/csf/csf.allow index 972d47a..3ea4ec2 100644 --- a/csf/csf.allow +++ b/csf/csf.allow @@ -163,7 +163,3 @@ tcp:in:d=5666:s=194.63.143.34 # file.rocks 82.76.35.228 # Manually allowed: 82.76.35.228 (RO/Romania/Bucuresti/Bucharest/static-82-76-35-228.rdsnet.ro) - Wed Jan 18 09:03:34 2023 86.127.21.14 # Manually allowed: 86.127.21.14 (RO/Romania/Dolj/Craiova/86-127-21-14.rdsnet.ro) - Mon Jan 23 16:40:32 2023 -# csf_tool: -148.251.142.83 # imunify360 server - Thu Feb 9 14:49:32 2023 -69.175.3.10 # files.imunify360.com server - Thu Feb 9 14:49:32 2023 -Include /var/imunify360/files/whitelist/v2/imunify360.txt diff --git a/csf/csf.conf b/csf/csf.conf index 9032fb1..bf76cdd 100644 --- a/csf/csf.conf +++ b/csf/csf.conf @@ -139,7 +139,7 @@ LF_SPI = "1" TCP_IN = "20,21,22,25,26,53,80,88,110,143,443,465,587,873,904,953,992,993,995,1723,1986,2082,2083,2086,2087,2095,2096,5080,5222,5269,5432,5665,5666,8000,8001,8080,8443,8800,8988,9080,9391,9443,9999,11898,52222,65534,1907:1909,40000:40100" # Allow outgoing TCP ports -TCP_OUT = "8443,44445,55556,1:65535,7770:7800" +TCP_OUT = ",1:65535" # Allow incoming UDP ports UDP_IN = "20,21,53,67,68,123,161,500,514,517,518,1027,1194,1514,1701,1981,4500,33434:33523" @@ -680,7 +680,7 @@ LF_ALERT_SMTP = "" # readme.txt for format details # # Leave this setting blank to disable -BLOCK_REPORT = "/opt/alt/python38/share/imunify360/scripts/lfd_block.py" +BLOCK_REPORT = "" # To also run an external script when a temporary block is unblocked. The # following setting can be the full path of the external script which must be diff --git a/csf/csf.pignore b/csf/csf.pignore index 0148414..d7cd663 100644 --- a/csf/csf.pignore +++ b/csf/csf.pignore @@ -165,9 +165,6 @@ user:ossecr user:ossecm user:wazuh exe:/var/ossec/bin/ossec-agentd -exe:/var/ossec/bin/ossec-analysisd -exe:/var/ossec/bin/ossec-monitord -exe:/var/ossec/bin/ossec-remoted exe:/var/ossec/bin/ossec-syscheckd exe:/var/ossec/bin/ossec-logcollector exe:/var/ossec/bin/wazuh-modulesd diff --git a/csf/imunify_allow.conf b/csf/imunify_allow.conf deleted file mode 100644 index 4bce8a0..0000000 --- a/csf/imunify_allow.conf +++ /dev/null @@ -1,2 +0,0 @@ -148.251.142.83;imunify360 server -69.175.3.10;files.imunify360.com server \ No newline at end of file diff --git a/imunify-auditd-log-reader/config.yaml b/imunify-auditd-log-reader/config.yaml deleted file mode 100644 index f209a67..0000000 --- a/imunify-auditd-log-reader/config.yaml +++ /dev/null @@ -1,4 +0,0 @@ -logging: - trace_logging: false -statistics: - report_period: 3h diff --git a/imunify-realtime-av/config.yaml b/imunify-realtime-av/config.yaml deleted file mode 100644 index 8aad898..0000000 --- a/imunify-realtime-av/config.yaml +++ /dev/null @@ -1,5 +0,0 @@ -cleanup: - frequency: 60 - age_cutoff: 600 -statistics: - report_period: 3 diff --git a/imunify360-webshield/agent-proxies.conf b/imunify360-webshield/agent-proxies.conf deleted file mode 100644 index 1c1f51c..0000000 --- a/imunify360-webshield/agent-proxies.conf +++ /dev/null @@ -1,3 +0,0 @@ -# This file initially empty and -# supposed to have ip addresses -# generated by im360 agent diff --git a/imunify360-webshield/blocked_country_codes.conf b/imunify360-webshield/blocked_country_codes.conf deleted file mode 100644 index a5f36bb..0000000 --- a/imunify360-webshield/blocked_country_codes.conf +++ /dev/null @@ -1,3 +0,0 @@ -# Place two-letter country codes here to block these countries at the -# webshield level. For instance, to block China, add -# CN 1; \ No newline at end of file diff --git a/imunify360-webshield/captcha.conf b/imunify360-webshield/captcha.conf deleted file mode 100644 index 49c548d..0000000 --- a/imunify360-webshield/captcha.conf +++ /dev/null @@ -1,4 +0,0 @@ -map $cookie_locale$http_accept_language $captcha_lang { - default en; - include captcha/lang.conf; -} diff --git a/imunify360-webshield/common-proxies.conf b/imunify360-webshield/common-proxies.conf.rpmsave similarity index 100% rename from imunify360-webshield/common-proxies.conf rename to imunify360-webshield/common-proxies.conf.rpmsave diff --git a/imunify360-webshield/country_ips.conf b/imunify360-webshield/country_ips.conf.rpmsave similarity index 100% rename from imunify360-webshield/country_ips.conf rename to imunify360-webshield/country_ips.conf.rpmsave diff --git a/imunify360-webshield/custom-blacklisted.conf b/imunify360-webshield/custom-blacklisted.conf deleted file mode 100644 index e69de29..0000000 diff --git a/imunify360-webshield/custom-whitelisted.conf b/imunify360-webshield/custom-whitelisted.conf deleted file mode 100644 index e69de29..0000000 diff --git a/imunify360-webshield/fastcgi.conf b/imunify360-webshield/fastcgi.conf deleted file mode 100644 index 091738c..0000000 --- a/imunify360-webshield/fastcgi.conf +++ /dev/null @@ -1,26 +0,0 @@ - -fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; -fastcgi_param QUERY_STRING $query_string; -fastcgi_param REQUEST_METHOD $request_method; -fastcgi_param CONTENT_TYPE $content_type; -fastcgi_param CONTENT_LENGTH $content_length; - -fastcgi_param SCRIPT_NAME $fastcgi_script_name; -fastcgi_param REQUEST_URI $request_uri; -fastcgi_param DOCUMENT_URI $document_uri; -fastcgi_param DOCUMENT_ROOT $document_root; -fastcgi_param SERVER_PROTOCOL $server_protocol; -fastcgi_param REQUEST_SCHEME $scheme; -fastcgi_param HTTPS $https if_not_empty; - -fastcgi_param GATEWAY_INTERFACE CGI/1.1; -fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; - -fastcgi_param REMOTE_ADDR $remote_addr; -fastcgi_param REMOTE_PORT $remote_port; -fastcgi_param SERVER_ADDR $server_addr; -fastcgi_param SERVER_PORT $server_port; -fastcgi_param SERVER_NAME $server_name; - -# PHP only, required if PHP was built with --enable-force-cgi-redirect -fastcgi_param REDIRECT_STATUS 200; diff --git a/imunify360-webshield/fastcgi_params b/imunify360-webshield/fastcgi_params deleted file mode 100644 index 28decb9..0000000 --- a/imunify360-webshield/fastcgi_params +++ /dev/null @@ -1,25 +0,0 @@ - -fastcgi_param QUERY_STRING $query_string; -fastcgi_param REQUEST_METHOD $request_method; -fastcgi_param CONTENT_TYPE $content_type; -fastcgi_param CONTENT_LENGTH $content_length; - -fastcgi_param SCRIPT_NAME $fastcgi_script_name; -fastcgi_param REQUEST_URI $request_uri; -fastcgi_param DOCUMENT_URI $document_uri; -fastcgi_param DOCUMENT_ROOT $document_root; -fastcgi_param SERVER_PROTOCOL $server_protocol; -fastcgi_param REQUEST_SCHEME $scheme; -fastcgi_param HTTPS $https if_not_empty; - -fastcgi_param GATEWAY_INTERFACE CGI/1.1; -fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; - -fastcgi_param REMOTE_ADDR $remote_addr; -fastcgi_param REMOTE_PORT $remote_port; -fastcgi_param SERVER_ADDR $server_addr; -fastcgi_param SERVER_PORT $server_port; -fastcgi_param SERVER_NAME $server_name; - -# PHP only, required if PHP was built with --enable-force-cgi-redirect -fastcgi_param REDIRECT_STATUS 200; diff --git a/imunify360-webshield/invisible-captcha.conf b/imunify360-webshield/invisible-captcha.conf deleted file mode 100644 index 1b4d9ba..0000000 --- a/imunify360-webshield/invisible-captcha.conf +++ /dev/null @@ -1,16 +0,0 @@ -# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # -# -# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -# DO NOT EDIT. AUTOMATICALLY GENERATED. -# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -# -# Direct modifications to this cfile WILL be lost upon subsequent -# regeneration of this configuration file. -# -# To have your modifications retained, you should use -# /etc/sysconfig/imunify360/imunify360.config.d -# via UI, CLI or manually. -# -# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # - -set $invisible_captcha off; diff --git a/imunify360-webshield/invisible-captcha.conf.tpl b/imunify360-webshield/invisible-captcha.conf.tpl deleted file mode 100644 index d53983c..0000000 --- a/imunify360-webshield/invisible-captcha.conf.tpl +++ /dev/null @@ -1,16 +0,0 @@ -# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # -# -# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -# DO NOT EDIT. AUTOMATICALLY GENERATED. -# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -# -# Direct modifications to this file WILL be lost upon subsequent -# regeneration of this configuration file. -# -# To have your modifications retained, you should use CLI command -# imunify360-agent features -# or activate/deactivate appropriate feature in UI. -# -# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # - -set $invisible_captcha {invisible_captcha_on_off}; diff --git a/imunify360-webshield/koi-utf b/imunify360-webshield/koi-utf deleted file mode 100644 index e7974ff..0000000 --- a/imunify360-webshield/koi-utf +++ /dev/null @@ -1,109 +0,0 @@ - -# This map is not a full koi8-r <> utf8 map: it does not contain -# box-drawing and some other characters. Besides this map contains -# several koi8-u and Byelorussian letters which are not in koi8-r. -# If you need a full and standard map, use contrib/unicode2nginx/koi-utf -# map instead. - -charset_map koi8-r utf-8 { - - 80 E282AC ; # euro - - 95 E280A2 ; # bullet - - 9A C2A0 ; #   - - 9E C2B7 ; # · - - A3 D191 ; # small yo - A4 D194 ; # small Ukrainian ye - - A6 D196 ; # small Ukrainian i - A7 D197 ; # small Ukrainian yi - - AD D291 ; # small Ukrainian soft g - AE D19E ; # small Byelorussian short u - - B0 C2B0 ; # ° - - B3 D081 ; # capital YO - B4 D084 ; # capital Ukrainian YE - - B6 D086 ; # capital Ukrainian I - B7 D087 ; # capital Ukrainian YI - - B9 E28496 ; # numero sign - - BD D290 ; # capital Ukrainian soft G - BE D18E ; # capital Byelorussian short U - - BF C2A9 ; # (C) - - C0 D18E ; # small yu - C1 D0B0 ; # small a - C2 D0B1 ; # small b - C3 D186 ; # small ts - C4 D0B4 ; # small d - C5 D0B5 ; # small ye - C6 D184 ; # small f - C7 D0B3 ; # small g - C8 D185 ; # small kh - C9 D0B8 ; # small i - CA D0B9 ; # small j - CB D0BA ; # small k - CC D0BB ; # small l - CD D0BC ; # small m - CE D0BD ; # small n - CF D0BE ; # small o - - D0 D0BF ; # small p - D1 D18F ; # small ya - D2 D180 ; # small r - D3 D181 ; # small s - D4 D182 ; # small t - D5 D183 ; # small u - D6 D0B6 ; # small zh - D7 D0B2 ; # small v - D8 D18C ; # small soft sign - D9 D18B ; # small y - DA D0B7 ; # small z - DB D188 ; # small sh - DC D18D ; # small e - DD D189 ; # small shch - DE D187 ; # small ch - DF D18A ; # small hard sign - - E0 D0AE ; # capital YU - E1 D090 ; # capital A - E2 D091 ; # capital B - E3 D0A6 ; # capital TS - E4 D094 ; # capital D - E5 D095 ; # capital YE - E6 D0A4 ; # capital F - E7 D093 ; # capital G - E8 D0A5 ; # capital KH - E9 D098 ; # capital I - EA D099 ; # capital J - EB D09A ; # capital K - EC D09B ; # capital L - ED D09C ; # capital M - EE D09D ; # capital N - EF D09E ; # capital O - - F0 D09F ; # capital P - F1 D0AF ; # capital YA - F2 D0A0 ; # capital R - F3 D0A1 ; # capital S - F4 D0A2 ; # capital T - F5 D0A3 ; # capital U - F6 D096 ; # capital ZH - F7 D092 ; # capital V - F8 D0AC ; # capital soft sign - F9 D0AB ; # capital Y - FA D097 ; # capital Z - FB D0A8 ; # capital SH - FC D0AD ; # capital E - FD D0A9 ; # capital SHCH - FE D0A7 ; # capital CH - FF D0AA ; # capital hard sign -} diff --git a/imunify360-webshield/koi-win b/imunify360-webshield/koi-win deleted file mode 100644 index 72afabe..0000000 --- a/imunify360-webshield/koi-win +++ /dev/null @@ -1,103 +0,0 @@ - -charset_map koi8-r windows-1251 { - - 80 88 ; # euro - - 95 95 ; # bullet - - 9A A0 ; #   - - 9E B7 ; # · - - A3 B8 ; # small yo - A4 BA ; # small Ukrainian ye - - A6 B3 ; # small Ukrainian i - A7 BF ; # small Ukrainian yi - - AD B4 ; # small Ukrainian soft g - AE A2 ; # small Byelorussian short u - - B0 B0 ; # ° - - B3 A8 ; # capital YO - B4 AA ; # capital Ukrainian YE - - B6 B2 ; # capital Ukrainian I - B7 AF ; # capital Ukrainian YI - - B9 B9 ; # numero sign - - BD A5 ; # capital Ukrainian soft G - BE A1 ; # capital Byelorussian short U - - BF A9 ; # (C) - - C0 FE ; # small yu - C1 E0 ; # small a - C2 E1 ; # small b - C3 F6 ; # small ts - C4 E4 ; # small d - C5 E5 ; # small ye - C6 F4 ; # small f - C7 E3 ; # small g - C8 F5 ; # small kh - C9 E8 ; # small i - CA E9 ; # small j - CB EA ; # small k - CC EB ; # small l - CD EC ; # small m - CE ED ; # small n - CF EE ; # small o - - D0 EF ; # small p - D1 FF ; # small ya - D2 F0 ; # small r - D3 F1 ; # small s - D4 F2 ; # small t - D5 F3 ; # small u - D6 E6 ; # small zh - D7 E2 ; # small v - D8 FC ; # small soft sign - D9 FB ; # small y - DA E7 ; # small z - DB F8 ; # small sh - DC FD ; # small e - DD F9 ; # small shch - DE F7 ; # small ch - DF FA ; # small hard sign - - E0 DE ; # capital YU - E1 C0 ; # capital A - E2 C1 ; # capital B - E3 D6 ; # capital TS - E4 C4 ; # capital D - E5 C5 ; # capital YE - E6 D4 ; # capital F - E7 C3 ; # capital G - E8 D5 ; # capital KH - E9 C8 ; # capital I - EA C9 ; # capital J - EB CA ; # capital K - EC CB ; # capital L - ED CC ; # capital M - EE CD ; # capital N - EF CE ; # capital O - - F0 CF ; # capital P - F1 DF ; # capital YA - F2 D0 ; # capital R - F3 D1 ; # capital S - F4 D2 ; # capital T - F5 D3 ; # capital U - F6 C6 ; # capital ZH - F7 C2 ; # capital V - F8 DC ; # capital soft sign - F9 DB ; # capital Y - FA C7 ; # capital Z - FB D8 ; # capital SH - FC DD ; # capital E - FD D9 ; # capital SHCH - FE D7 ; # capital CH - FF DA ; # capital hard sign -} diff --git a/imunify360-webshield/mime.types b/imunify360-webshield/mime.types deleted file mode 100644 index 2961256..0000000 --- a/imunify360-webshield/mime.types +++ /dev/null @@ -1,97 +0,0 @@ - -types { - text/html html htm shtml; - text/css css; - text/xml xml; - image/gif gif; - image/jpeg jpeg jpg; - application/javascript js; - application/atom+xml atom; - application/rss+xml rss; - - text/mathml mml; - text/plain txt; - text/vnd.sun.j2me.app-descriptor jad; - text/vnd.wap.wml wml; - text/x-component htc; - - image/png png; - image/svg+xml svg svgz; - image/tiff tif tiff; - image/vnd.wap.wbmp wbmp; - image/webp webp; - image/x-icon ico; - image/x-jng jng; - image/x-ms-bmp bmp; - - font/woff woff; - font/woff2 woff2; - - application/java-archive jar war ear; - application/json json; - application/mac-binhex40 hqx; - application/msword doc; - application/pdf pdf; - application/postscript ps eps ai; - application/rtf rtf; - application/vnd.apple.mpegurl m3u8; - application/vnd.google-earth.kml+xml kml; - application/vnd.google-earth.kmz kmz; - application/vnd.ms-excel xls; - application/vnd.ms-fontobject eot; - application/vnd.ms-powerpoint ppt; - application/vnd.oasis.opendocument.graphics odg; - application/vnd.oasis.opendocument.presentation odp; - application/vnd.oasis.opendocument.spreadsheet ods; - application/vnd.oasis.opendocument.text odt; - application/vnd.openxmlformats-officedocument.presentationml.presentation - pptx; - application/vnd.openxmlformats-officedocument.spreadsheetml.sheet - xlsx; - application/vnd.openxmlformats-officedocument.wordprocessingml.document - docx; - application/vnd.wap.wmlc wmlc; - application/x-7z-compressed 7z; - application/x-cocoa cco; - application/x-java-archive-diff jardiff; - application/x-java-jnlp-file jnlp; - application/x-makeself run; - application/x-perl pl pm; - application/x-pilot prc pdb; - application/x-rar-compressed rar; - application/x-redhat-package-manager rpm; - application/x-sea sea; - application/x-shockwave-flash swf; - application/x-stuffit sit; - application/x-tcl tcl tk; - application/x-x509-ca-cert der pem crt; - application/x-xpinstall xpi; - application/xhtml+xml xhtml; - application/xspf+xml xspf; - application/zip zip; - - application/octet-stream bin exe dll; - application/octet-stream deb; - application/octet-stream dmg; - application/octet-stream iso img; - application/octet-stream msi msp msm; - - audio/midi mid midi kar; - audio/mpeg mp3; - audio/ogg ogg; - audio/x-m4a m4a; - audio/x-realaudio ra; - - video/3gpp 3gpp 3gp; - video/mp2t ts; - video/mp4 mp4; - video/mpeg mpeg mpg; - video/quicktime mov; - video/webm webm; - video/x-flv flv; - video/x-m4v m4v; - video/x-mng mng; - video/x-ms-asf asx asf; - video/x-ms-wmv wmv; - video/x-msvideo avi; -} diff --git a/imunify360-webshield/presets.cfg b/imunify360-webshield/presets.cfg deleted file mode 100644 index 07d0646..0000000 --- a/imunify360-webshield/presets.cfg +++ /dev/null @@ -1,4 +0,0 @@ -# Global webshiled presets to be taken into account -# when config is being generated - -# proxy_protocol = no \ No newline at end of file diff --git a/imunify360-webshield/scgi_params b/imunify360-webshield/scgi_params deleted file mode 100644 index 6d4ce4f..0000000 --- a/imunify360-webshield/scgi_params +++ /dev/null @@ -1,17 +0,0 @@ - -scgi_param REQUEST_METHOD $request_method; -scgi_param REQUEST_URI $request_uri; -scgi_param QUERY_STRING $query_string; -scgi_param CONTENT_TYPE $content_type; - -scgi_param DOCUMENT_URI $document_uri; -scgi_param DOCUMENT_ROOT $document_root; -scgi_param SCGI 1; -scgi_param SERVER_PROTOCOL $server_protocol; -scgi_param REQUEST_SCHEME $scheme; -scgi_param HTTPS $https if_not_empty; - -scgi_param REMOTE_ADDR $remote_addr; -scgi_param REMOTE_PORT $remote_port; -scgi_param SERVER_PORT $server_port; -scgi_param SERVER_NAME $server_name; diff --git a/imunify360-webshield/splashscreen-antibot.conf b/imunify360-webshield/splashscreen-antibot.conf.rpmsave similarity index 100% rename from imunify360-webshield/splashscreen-antibot.conf rename to imunify360-webshield/splashscreen-antibot.conf.rpmsave diff --git a/imunify360-webshield/splashscreen.conf b/imunify360-webshield/splashscreen.conf deleted file mode 100644 index 35cf383..0000000 --- a/imunify360-webshield/splashscreen.conf +++ /dev/null @@ -1,4 +0,0 @@ -map $http_accept_language $splashscreen_lang { - default en; - include splashscreen/lang.conf; -} \ No newline at end of file diff --git a/imunify360-webshield/ssl.conf b/imunify360-webshield/ssl.conf deleted file mode 100644 index 68a80d5..0000000 --- a/imunify360-webshield/ssl.conf +++ /dev/null @@ -1,10 +0,0 @@ -# When enabled, WebShield will search for the first certificate -# in cache and return it for the requests without SNI. -# When disabled, default self-signed server certficate will be used. -lua_enable_ws_sslcache_search on; - -# Default server certificate that will be used for requests without SNI. -# It is self-signed and is generated on installation/upgrade for 365 days -# so please note that it will expire after a year since the installation/upgrade. -ssl_certificate ssl_certs/dummy.pem; -ssl_certificate_key ssl_certs/dummy.pem; \ No newline at end of file diff --git a/imunify360-webshield/ssl_certs/dummy.pem b/imunify360-webshield/ssl_certs/dummy.pem deleted file mode 100644 index a14506c..0000000 --- a/imunify360-webshield/ssl_certs/dummy.pem +++ /dev/null @@ -1,82 +0,0 @@ ------BEGIN PRIVATE KEY----- -MIIJQwIBADANBgkqhkiG9w0BAQEFAASCCS0wggkpAgEAAoICAQC0zUnzvkF4U8er -7CaOaKzT3owW2NOLeh6vsn/WmDDysgtixgZ5iPFT+H/NPna4PsbuVVA5CS9AbNxr -nvWtkGfMZJDjny/+6PYoZEYoSK9sUKpHAD2HlSACbOxfmBtDMZqcjzdZ8+Io4/qP -3S8ap1rx7LfVqxR6BY1Rkp0FRmVJBviS0GYRl8u5ZQcRfDeNiRlF0AFZlyGRKqfR -GozrwWMZq5FyrBP+dExYNcfj52WzZMG/GQByDdH6yD6BV1OrG3hl9lCdij7foUo2 -3YzbkFHFiESoPjdJyqlxjARcuFZpsGcdLDkrw7seGiLEmyyqeMDWjBVjTvmy2KwJ -A8hGSx4m85vzrJ5k1ST3nCQB/x/n3+wYyMu61mB5r/Z5sedYSQQm6lhm3+w0A8kh -iNhSrJLhCC1qQqHZINauRWXEA7XEFjpPt0kzUsic67u3SdwsgS8GrcY1Eet5h8gJ -zsEKe0MV7QZ2qVfdhwY2SISnodj2FJGobGAxMVNTMgV10eA7teU8Tn+oWKuR4pb6 -BFbzp45lYTjIaFGN6uLdlGHBHc2PocOrHl8f+hew2IJRasa9Ae3GQFgmhCZdQVEK -YJMP/pgiuiK6WDg7ZmjpyvWQnXotPzKlu8VtcxnDaBA2JQIbvCTrzikeyILHI3V4 -UF+icPaOUjz1CVHnuxbuWaB4efqI0QIDAQABAoICABniAaI5LFozdDQyfFqKtaMn -CtsCc1ZWRypT3WU1KFy2DFc5jhe7+QBSZMlXFdvOcOARqohfvjn026E0gms0bwed -pfhQA6j0ZLjnkfuWXDafXaEIccaFHK38NeKBffWilkWvYvcnqMq9yFLsESA5sRVN -FAwsj6PgQ5jX6k6lAz7vFoq99r6yAmIqClcAd1t1sv6Bho/yyMVlW9zddisR5kP4 -gbvu0nXs5DkEifcgWzjRRcM7qwqo29SQ8hHGFJ48MoI2PtguwE13Y45zLQUJpgsn -NNz4+yU/M/6jUsSLRyOeM0TD3fNb89+dUjjfFgfZfZG5QB6VYb2uswIfXn5hppEj -TUS4XsY862pn/J+QQaOQ0ullhuu0EUz1xEHRkodpq8/cTFjhCCWeBQsuO9tJO2HY -lOUF8p5ajAhbrLYKpXATktiM+Gc+4gwfQT1OBX+5QpmhiqaMJA02aJ3GLggmVh0Q -6lwcqGT42Wat82BKKjHm433NeJrEBim2K6AoJWHkv2Y+lkFVl2O5IMH8a8C9APoj -SziV/wNfozNNlsmE+f705KAoCjAIswEkJ2I1pmm0pq3Hx6hhk1viYUaYoyr2Lbm1 -QBr5U4xOv5uzT2Bi6ts9euua29MnQ1YA9G/SU+jLMyfEiqTvqpMi2upko2++SvsB -eITfoDrAqPNtHM+wAN25AoIBAQDf1rLCdbytO10FcHKT+5TSS70X9djn4fpZFqrm -HsSQf3G9GdZ7DAeROoeQNWt68uzRdh4JkiSBRRqarqngF14blaIiLM4x1kDDUa/g -xf+DFMur/JGYUfGXgXImxRaC0M7F6IY1qzfNrS5oKJSgSFPykghpcaHDrSVt2R0Z -Hj8vulrDEGFDqtof+DPnmP5VWRaO3K3kDddL2O0o5oKuTTVhE6l/ZlU6v+AyG0Qc -9Tfqk/rzaTp9ytY022baVNZ6O5AdvKmbnFYSXbmsWkvYScKydJDL1mQPrJkDZGYD -X1PgcEJ0Y2sKpVEnzBKZ9mPcG6MEUHwk0j3uOB9ebcDk1DJjAoIBAQDOx5l+7/5x -ilapgDg9+kD6IYaErXcbKWQGINCn+XJ7CUb93qXbpva+Vx95ug4TC8KNvTPOU7/V -Xd80C5aVCOeBvWVjUI9/Go10uVy6RMmmV0Xc8YdZOMqdHJ8Ac58nlwWHSh1yS9h/ -RbmVGkDOFv09TSdhOOG05UWa/S/aYxVn2C0uwb0uafPUnbTjxn6a6Bxxnr1v63yX -w9efUqqM3+k1ZwOfPD3fE3CgDsxVmvcCfliTkMelVaX/mnLZFzdaGor/q9uLQtfl -NYYnzMY1W0BbIbOj7f/c8jvLQW4LKMfF/Lm7EF8lSyE/VI61bvbTbh7c+K/l1TkH -b1B68jDEHyQ7AoIBAH8yyF6M/W0LwO6oWdQSMR3YAFqvUFVlKxiZMwCWF2ltorqt -Bh7iVSKIOiUO1kcF6OGW17bkn23+UQH5o3s+jDHstDfrcjkL4b2cm++FVI+ur5bK -bgo69qj73Fx/vy0Tb40zd6Dj7VApy6dQ+DSlJV9A8RrKgfxqVky4BjsR3yJGKfGT -S1JispVcPFKttEnX2GPSr9Zary/g09RcOYLHSUAjJjzJcEF0a/jNWcWC7AWXlhHg -iGaXb2aWDzqe30qSsnDTlyZgjuDc9fglT9hXAhba+rV63V2y3Tj6QqZD86wk3v64 -yElCbH3LD/8B7vlTky2Odx2Ng7ftmJXWlLj0hLUCggEBAJ5I7jfcEILraZFQpDzV -Lx4JwcYYXv88vONwBSk/6qFCJcS5xW6RrXlgiaiNgq6TpvcG6Pw84bC7rdtSL4+g -BE8tIspWZbHfKn86UUAI3e9mCQWrIXdr4LVJrnETELamhUXdtxLB+lTak8gOE6Nu -t6VQRR/IAgaOJq0QuKvMgxs9wMB075Ly6gJMQqbFUC7WFMfowoxEz9gAwzKjfghe -ck89rukanSYA5IqxKTsyZ3jSLI2xGxJ1sJ8rpFSH0Ag6H0K9VE6S+V7sjOg0eVlo -o6fe8Xs/+UcxahIZ4NnL+riUz7vhOWP70dR/rso1yd1pA1kVSNh/UqtdS1cBw9Ct -IfcCggEBAM9C185mVzmk69MnD76OjLcGaiy7OdyY0xK5odTaPa1s68bQPwpfL1IR -dbZ/WVMgNhduExvx7RONp+kvwFTxQH+OtFvceHCWc5SqQTp3aNWRoMN12gY9ZaDs -KG+1z8aTXfZyMPIgXIEYfatndjgXr25xcSYdNhGkU5x3NKw24Zzian+49KWw3zQb -bApd1bg48k8mehwUxxBWNMiTF2ie3lZj2IGEd45n19Da0s+maGWFGfj/ifFEVQ5x -C2zhMpkjvtJHtrkj6vk2NoPqyR6tL3N4iZyPmcywGFVCXsI8G2GIFEylAd+ZRATl -IrvSc7HIaJlEC4aimNEOx7DpS4Hta8A= ------END PRIVATE KEY----- ------BEGIN CERTIFICATE----- -MIIFDTCCAvWgAwIBAgIUHDCsyauLfsZpqTtczBwPUSsbQgswDQYJKoZIhvcNAQEL -BQAwFjEUMBIGA1UEAwwLemlyYS44OTgucm8wHhcNMjMwMjA5MTI0OTE5WhcNMjQw -MjA5MTI0OTE5WjAWMRQwEgYDVQQDDAt6aXJhLjg5OC5ybzCCAiIwDQYJKoZIhvcN -AQEBBQADggIPADCCAgoCggIBALTNSfO+QXhTx6vsJo5orNPejBbY04t6Hq+yf9aY -MPKyC2LGBnmI8VP4f80+drg+xu5VUDkJL0Bs3Gue9a2QZ8xkkOOfL/7o9ihkRihI -r2xQqkcAPYeVIAJs7F+YG0MxmpyPN1nz4ijj+o/dLxqnWvHst9WrFHoFjVGSnQVG -ZUkG+JLQZhGXy7llBxF8N42JGUXQAVmXIZEqp9EajOvBYxmrkXKsE/50TFg1x+Pn -ZbNkwb8ZAHIN0frIPoFXU6sbeGX2UJ2KPt+hSjbdjNuQUcWIRKg+N0nKqXGMBFy4 -VmmwZx0sOSvDux4aIsSbLKp4wNaMFWNO+bLYrAkDyEZLHibzm/OsnmTVJPecJAH/ -H+ff7BjIy7rWYHmv9nmx51hJBCbqWGbf7DQDySGI2FKskuEILWpCodkg1q5FZcQD -tcQWOk+3STNSyJzru7dJ3CyBLwatxjUR63mHyAnOwQp7QxXtBnapV92HBjZIhKeh -2PYUkahsYDExU1MyBXXR4Du15TxOf6hYq5HilvoEVvOnjmVhOMhoUY3q4t2UYcEd -zY+hw6seXx/6F7DYglFqxr0B7cZAWCaEJl1BUQpgkw/+mCK6IrpYODtmaOnK9ZCd -ei0/MqW7xW1zGcNoEDYlAhu8JOvOKR7IgscjdXhQX6Jw9o5SPPUJUee7Fu5ZoHh5 -+ojRAgMBAAGjUzBRMB0GA1UdDgQWBBRostY0giKZrdn0QZR/W2bUS22jgTAfBgNV -HSMEGDAWgBRostY0giKZrdn0QZR/W2bUS22jgTAPBgNVHRMBAf8EBTADAQH/MA0G -CSqGSIb3DQEBCwUAA4ICAQBYrYi3P9wOx769eHdavaFCzXg/g1qbcNI2GbNj96Qk -+LKm/4/NUCUEngcMg0RsCrBfj00uDVhhBN/QmwOjmj5ZkKAd829WFY5RFUDrsNXP -pjfAMsSSJ7KXq7DyxCZeKx6jhpqq9uOxCS9jee9UNFpVOCpZXlNxIQD+pDXEKKh2 -vrMF+xZi9Ao6rng/lMSRaaqqn3KOokn7FK7bPhqNbBrIZMpfEA11ZsS0moH4py3Q -emmKcNZv2d27CAm4X6K7tSmuH6wV/jjcQ6SxNUs6G6YXj1Eg5T9JcFpHDxtttfls -ftPzzVqt8rLm6/kAdQiNgFLq1dTKY30LhlYVGPOEst/1+ckAZxL6KOPSmsVWFPNG -4wuuE2IW/7HhmR9KQFjdVwnxg/p11/S9tw5/Ua0Or8BqwBZtzLWkRvXrcoLRotAW -SBLU1H3SGwdkLnDofzia2YFwH0k+IqSATAdmYt4kYqkmP+OeSw/YGVZPO1jurRVp -4/ncZ8ChUqz9qc5bpeAEiYU42jc2PeGhbQez67Mfo2VOj1rYXh7EfVdSoZdAGSr+ -4FUFBv/H09KCenXD0U+ADvLW2G9XPxMlvMni+uUETES/AU/ehDP/qrwO6m6IPwbG -w60iRxQzzLBghKuXBdfz8zlmcHNKc55CXGvQNkUVSsqwPnTQeQlZFb2PHY1GyzOq -WQ== ------END CERTIFICATE----- diff --git a/imunify360-webshield/unified_access_logger.conf b/imunify360-webshield/unified_access_logger.conf deleted file mode 100644 index 9e81b20..0000000 --- a/imunify360-webshield/unified_access_logger.conf +++ /dev/null @@ -1,2 +0,0 @@ -log_format ualog '$wsuserip|$webshield_verdict|$time_iso8601'; -access_log syslog:server=unix:/var/run/imunify360-webshield-unified_access_logger.socket,tag=ualog ualog; \ No newline at end of file diff --git a/imunify360-webshield/uwsgi_params b/imunify360-webshield/uwsgi_params deleted file mode 100644 index 09c732c..0000000 --- a/imunify360-webshield/uwsgi_params +++ /dev/null @@ -1,17 +0,0 @@ - -uwsgi_param QUERY_STRING $query_string; -uwsgi_param REQUEST_METHOD $request_method; -uwsgi_param CONTENT_TYPE $content_type; -uwsgi_param CONTENT_LENGTH $content_length; - -uwsgi_param REQUEST_URI $request_uri; -uwsgi_param PATH_INFO $document_uri; -uwsgi_param DOCUMENT_ROOT $document_root; -uwsgi_param SERVER_PROTOCOL $server_protocol; -uwsgi_param REQUEST_SCHEME $scheme; -uwsgi_param HTTPS $https if_not_empty; - -uwsgi_param REMOTE_ADDR $remote_addr; -uwsgi_param REMOTE_PORT $remote_port; -uwsgi_param SERVER_PORT $server_port; -uwsgi_param SERVER_NAME $server_name; diff --git a/imunify360-webshield/virtserver.conf b/imunify360-webshield/virtserver.conf deleted file mode 100644 index be8d212..0000000 --- a/imunify360-webshield/virtserver.conf +++ /dev/null @@ -1,110 +0,0 @@ -lua_ssl_verify_depth 2; -lua_ssl_trusted_certificate /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem; - -ssl_certificate_by_lua_file lua/ssl.lua; - -set $proxy_part ''; -if ($append_port) { - set $proxy_part :$proxy_port; -} - -set $trust_ezoic 0; - -rewrite_by_lua_file lua/accesscheck.lua; - -location = /selfcheck { - allow 127.0.0.1; - allow ::1; - deny all; - content_by_lua_block { - ngx.status = ngx.HTTP_OK - ngx.header.content_type = "text/html; charset=utf-8" - local message = os.time(os.date("!*t")) - ngx.say(message) - return ngx.exit(ngx.HTTP_OK) - } -} - -location = /captchacheck { - proxy_set_header Host $host$proxy_part; - proxy_set_header X-Real-IP $wsuserip; - proxy_bind $bind_target; - proxy_hide_header Upgrade; - proxy_http_version 1.1; - proxy_set_header Connection ""; - - if ($static_whitelisted) { - expires off; - proxy_pass $scheme://catchall; - } - - access_by_lua_file lua/captchacheck.lua; -} - -location = /ungraylistcheck { - content_by_lua_file lua/ungraylistcheck.lua; -} - -location @to_static { - root html/captcha; - try_files $uri /a9bc224bd710f56d27affffddc764239b58c3faa0/shield.png; -} - -location / { - access_by_lua_file lua/reqrouter.lua; -} - -location @to_backend { - access_by_lua_block { - local xff = ngx.var.http_x_forwarded_for - if not xff or ngx.var.remote_proxy == "0" then - ngx.req.set_header("X-Forwarded-For", ngx.var.wsuserip) - else - ngx.req.set_header("X-Forwarded-For", xff .. ", " .. ngx.var.remote_addr) - end - } - proxy_set_header Host $host$proxy_part; - proxy_set_header X-Real-IP $wsuserip; - proxy_set_header X-Remote-IP $remote_addr; - proxy_hide_header Upgrade; - expires off; - proxy_http_version 1.1; - proxy_set_header Connection ""; - include /etc/imunify360-webshield/webshield-backend.conf.d/*.conf; - proxy_bind $bind_target; - proxy_pass $scheme://catchall; -} - -location @to_captcha { - include /etc/imunify360-webshield/invisible-captcha.conf; - root html/captcha; - default_type text/html; - add_header Last-Modified $date_gmt; - add_header Cache-Control 'private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0'; - add_header cf-edge-cache no-cache; - add_header Expires 'Thu, 01 Jan 1970 00:00:01 GMT'; - if_modified_since off; - expires off; - etag off; - keepalive_timeout 0; - include /etc/imunify360-webshield/webshield-captcha.conf.d/*.conf; - content_by_lua_file lua/captcha.lua; -} - -location @to_splashscreen { - root html/splashscreen; - default_type text/html; - add_header Last-Modified $date_gmt; - add_header Cache-Control 'private, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0'; - add_header cf-edge-cache no-cache; - if_modified_since off; - expires off; - etag off; - keepalive_timeout 0; - include /etc/imunify360-webshield/webshield-splashscreen.conf.d/*.conf; - content_by_lua_file lua/splashscreen.lua; -} - -location = /z0f76a1d14fd21a8fb5fd0d03e0fdc3d3cedae52f { - content_by_lua_file lua/wsidchk.lua; -} diff --git a/imunify360-webshield/webshield.conf b/imunify360-webshield/webshield.conf deleted file mode 100644 index e591e37..0000000 --- a/imunify360-webshield/webshield.conf +++ /dev/null @@ -1,159 +0,0 @@ - -user imunify360-webshield; -worker_processes 1; - -error_log /var/log/imunify360-webshield/error.log warn; -pid /var/run/imunify360-webshield.pid; -worker_rlimit_nofile 65536; - -events { - worker_connections 65536; - multi_accept on; -} - - -http { - variables_hash_max_size 2048; - map_hash_max_size 4096; - map_hash_bucket_size 128; - - # Make sure all clients' headers are passed - ignore_invalid_headers off; - - # Allow upload of files of unlimited size - client_max_body_size 0; - - include /etc/imunify360-webshield/mime.types; - default_type application/octet-stream; - - # XFF:"ip" is to match nginx captcha access.log separately from - # other access logs - log_format main '$wsuserip - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent $host "$http_referer" ' - '"$http_user_agent" WL:"$domain_whitelisted" "$http_x_requested_with" ' - 'XFF:"$http_x_forwarded_for" CAPTCHA:"$wscaptcha" PEER:$remote_addr'; - - access_log /var/log/imunify360-webshield/access.log main; - - include /etc/imunify360-webshield/unified_access_logger.conf; - - sendfile on; - #tcp_nopush on; - - keepalive_timeout 0; - - #gzip on; - - proxy_read_timeout 180s; - proxy_send_timeout 180s; - proxy_buffering off; - proxy_buffers 8 128k; - proxy_buffer_size 128k; - client_body_buffer_size 128k; - - http2_max_field_size 8k; - - include webshield-http.conf.d/*.conf; - - include /etc/imunify360-webshield/wscheck.conf; - include /etc/imunify360-webshield/captcha.conf; - include /etc/imunify360-webshield/splashscreen.conf; - include /etc/imunify360-webshield/splashscreen-antibot.conf; - - geo $remote_proxy { - default 0; - include /etc/imunify360-webshield/agent-proxies.conf; - include /etc/imunify360-webshield/common-proxies.conf; - } - - map $host $domain_whitelisted { - default 0; - include /etc/imunify360-webshield/whitelisted-domains.conf; - } - - map $server_addr $bind_target { - default 127.0.0.1; - "~^[a-fA-F0-9:\[\]]+$" ::1; - } - - geo $wsuserip $remote_country_code { - default none; - include /etc/imunify360-webshield/country_ips.conf; - } - - map $remote_country_code $remote_blocked_by_country { - default 0; - include /etc/imunify360-webshield/blocked_country_codes.conf; - } - - geo $wsuserip $custom_whitelisted { - default 0; - include /etc/imunify360-webshield/custom-whitelisted.conf; - } - - geo $wsuserip $custom_blacklisted { - default 0; - include /etc/imunify360-webshield/custom-blacklisted.conf; - } - - lua_shared_dict domains_ips 1m; - lua_shared_dict splashscreen_sessions 1m; - lua_shared_dict captchapassed_clients 1m; - lua_shared_dict notfound_ssl_domains 1m; - lua_shared_dict ipset_check_cacher 1m; - init_by_lua_file lua/init.lua; - - map $server_port $proxy_port { - default 80; - 52223 443; - 52224 80; - 52227 2087; - 52228 2086; - 52229 2083; - 52230 2082; - 52231 2096; - 52232 2095; - 52233 8443; - 52234 8880; - 52235 2222; - } - - map $proxy_port $append_port { - default 1; - 80 0; - 443 0; - } - - upstream catchall { - server 127.0.0.1; - balancer_by_lua_block { - local balancer = require "ngx.balancer" - local host = ngx.var.server_addr - if host ~= nil and host:match(":") then - host = "[" .. host .. "]" - end - local port = ngx.var.proxy_port - local ok, err = balancer.set_current_peer(host, port) - if not ok then - ngx.log(ngx.ERR, "failed to set the current peer: ", err) - return ngx.exit(ngx.ERROR) - end - } - keepalive 32; - } - - server_tokens off; - more_set_headers "Server: imunify360-webshield/1.18"; - - server { - server_name _; - ssl_protocols TLSv1.2 TLSv1.3; - proxy_ssl_protocols TLSv1.2 TLSv1.3; - - include /etc/imunify360-webshield/ports.conf; - include /etc/imunify360-webshield/ssl_ports.conf; - include /etc/imunify360-webshield/ssl.conf; - include /etc/imunify360-webshield/webshield-server.conf.d/*.conf; - include /etc/imunify360-webshield/virtserver.conf; - } -} diff --git a/imunify360-webshield/whitelisted-domains.conf b/imunify360-webshield/whitelisted-domains.conf deleted file mode 100644 index 1e1e5a6..0000000 --- a/imunify360-webshield/whitelisted-domains.conf +++ /dev/null @@ -1,6 +0,0 @@ -# White list for domains to disable the captcha check -# See http://nginx.org/ru/docs/http/ngx_http_map_module.html for syntax -# Use 1 to enable whitelisting and 0 to disable - -# example.org 1; # enable whitelisting -# www.example.org 0; # temporary disable whitelisting diff --git a/imunify360-webshield/win-utf b/imunify360-webshield/win-utf deleted file mode 100644 index ed8bc00..0000000 --- a/imunify360-webshield/win-utf +++ /dev/null @@ -1,126 +0,0 @@ - -# This map is not a full windows-1251 <> utf8 map: it does not -# contain Serbian and Macedonian letters. If you need a full map, -# use contrib/unicode2nginx/win-utf map instead. - -charset_map windows-1251 utf-8 { - - 82 E2809A ; # single low-9 quotation mark - - 84 E2809E ; # double low-9 quotation mark - 85 E280A6 ; # ellipsis - 86 E280A0 ; # dagger - 87 E280A1 ; # double dagger - 88 E282AC ; # euro - 89 E280B0 ; # per mille - - 91 E28098 ; # left single quotation mark - 92 E28099 ; # right single quotation mark - 93 E2809C ; # left double quotation mark - 94 E2809D ; # right double quotation mark - 95 E280A2 ; # bullet - 96 E28093 ; # en dash - 97 E28094 ; # em dash - - 99 E284A2 ; # trade mark sign - - A0 C2A0 ; #   - A1 D18E ; # capital Byelorussian short U - A2 D19E ; # small Byelorussian short u - - A4 C2A4 ; # currency sign - A5 D290 ; # capital Ukrainian soft G - A6 C2A6 ; # borken bar - A7 C2A7 ; # section sign - A8 D081 ; # capital YO - A9 C2A9 ; # (C) - AA D084 ; # capital Ukrainian YE - AB C2AB ; # left-pointing double angle quotation mark - AC C2AC ; # not sign - AD C2AD ; # soft hypen - AE C2AE ; # (R) - AF D087 ; # capital Ukrainian YI - - B0 C2B0 ; # ° - B1 C2B1 ; # plus-minus sign - B2 D086 ; # capital Ukrainian I - B3 D196 ; # small Ukrainian i - B4 D291 ; # small Ukrainian soft g - B5 C2B5 ; # micro sign - B6 C2B6 ; # pilcrow sign - B7 C2B7 ; # · - B8 D191 ; # small yo - B9 E28496 ; # numero sign - BA D194 ; # small Ukrainian ye - BB C2BB ; # right-pointing double angle quotation mark - - BF D197 ; # small Ukrainian yi - - C0 D090 ; # capital A - C1 D091 ; # capital B - C2 D092 ; # capital V - C3 D093 ; # capital G - C4 D094 ; # capital D - C5 D095 ; # capital YE - C6 D096 ; # capital ZH - C7 D097 ; # capital Z - C8 D098 ; # capital I - C9 D099 ; # capital J - CA D09A ; # capital K - CB D09B ; # capital L - CC D09C ; # capital M - CD D09D ; # capital N - CE D09E ; # capital O - CF D09F ; # capital P - - D0 D0A0 ; # capital R - D1 D0A1 ; # capital S - D2 D0A2 ; # capital T - D3 D0A3 ; # capital U - D4 D0A4 ; # capital F - D5 D0A5 ; # capital KH - D6 D0A6 ; # capital TS - D7 D0A7 ; # capital CH - D8 D0A8 ; # capital SH - D9 D0A9 ; # capital SHCH - DA D0AA ; # capital hard sign - DB D0AB ; # capital Y - DC D0AC ; # capital soft sign - DD D0AD ; # capital E - DE D0AE ; # capital YU - DF D0AF ; # capital YA - - E0 D0B0 ; # small a - E1 D0B1 ; # small b - E2 D0B2 ; # small v - E3 D0B3 ; # small g - E4 D0B4 ; # small d - E5 D0B5 ; # small ye - E6 D0B6 ; # small zh - E7 D0B7 ; # small z - E8 D0B8 ; # small i - E9 D0B9 ; # small j - EA D0BA ; # small k - EB D0BB ; # small l - EC D0BC ; # small m - ED D0BD ; # small n - EE D0BE ; # small o - EF D0BF ; # small p - - F0 D180 ; # small r - F1 D181 ; # small s - F2 D182 ; # small t - F3 D183 ; # small u - F4 D184 ; # small f - F5 D185 ; # small kh - F6 D186 ; # small ts - F7 D187 ; # small ch - F8 D188 ; # small sh - F9 D189 ; # small shch - FA D18A ; # small hard sign - FB D18B ; # small y - FC D18C ; # small soft sign - FD D18D ; # small e - FE D18E ; # small yu - FF D18F ; # small ya -} diff --git a/imunify360-webshield/wscheck.conf b/imunify360-webshield/wscheck.conf deleted file mode 100644 index 3113a95..0000000 --- a/imunify360-webshield/wscheck.conf +++ /dev/null @@ -1,14 +0,0 @@ -# enable captcha check for CloudFlare (on|off, default is off) -cloudflare_captcha off; - -# Use splashscreen as captcha for Chinese customers -wscheck_splashscreen_as_captcha off; - -# Use these values for User ID hash -wscheck_session_key $remote_addr$http_user_agent; - -# Search client address in the following places -wscheck_ipsearch cloudflare|$http_cf_connecting_ip cloudflare|$http_true_client_ip !cloudflare|$http_x_forwarded_for; - -# Use this variable to check if client is a proxy -wscheck_proxy_var_name remote_proxy; diff --git a/imunify360/unified-access-logger.conf b/imunify360/unified-access-logger.conf deleted file mode 100644 index 2546394..0000000 --- a/imunify360/unified-access-logger.conf +++ /dev/null @@ -1,57 +0,0 @@ -# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # -# -# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -# DO NOT EDIT. INTERNAL USAGE ONLY. -# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -# -# Direct modifications to this file prohibited. -# -# # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # # -groups: - ipv4: 36005 - ipv6: 36005 -rules: -# im360-whitelist: -# id: 1 -# name: Accepted packets from whitelisted IP via iptables rules -# severity: 3 - im360-blacklist: - id: 2 - name: Dropped packets from blacklisted IP via iptables rules - severity: 6 - im360-graylist: - id: 3 - name: Dropped packets on non-web port from graylisted IP via iptables rules - severity: 6 - im360-blocked-by-port: - id: 4 - name: Dropped packets for blocked port via iptables rules - severity: 6 - im360-whitelisted-country: - id: 5 - name: Accepted packets from whitelisted country via iptables rules - severity: 3 - im360-blacklisted-country: - id: 6 - name: Dropped packets from blacklisted country via iptables rules - severity: 6 - webshield_blacklisted: - id: 7 - name: Dropped request from blacklisted IP via WebShield - severity: 6 - webshield_blacklisted_country: - id: 8 - severity: 6 - name: Dropped request from blacklisted country via WebShield - webshield_graylisted_blocked: - id: 9 - severity: 6 - name: Dropped non-text/html request from graylisted IP via WebShield - im360-outgoing-blocked: - id: 10 - severity: 6 - name: Outgoing connection blocked - webshield_splashscreen: - id: 11 - severity: 6 - name: Shown splashscreen as request response for graylisted IP via WebShield diff --git a/ld.so.conf.d/alt-hyperscan.conf b/ld.so.conf.d/alt-hyperscan.conf deleted file mode 100644 index 09532a3..0000000 --- a/ld.so.conf.d/alt-hyperscan.conf +++ /dev/null @@ -1 +0,0 @@ -/opt/alt/hyperscan54///lib64/ diff --git a/logrotate.d/cloudlinux-backup-utils b/logrotate.d/cloudlinux-backup-utils deleted file mode 100644 index 5964860..0000000 --- a/logrotate.d/cloudlinux-backup-utils +++ /dev/null @@ -1,11 +0,0 @@ -/var/log/cloudlinux-backup-mysql-freeze.log -/var/log/cloudlinux-backup-utils-cron.log -/var/log/cloudlinux-backup-utils.log -{ - rotate 3 - maxsize 50M - compress - delaycompress - create 640 root root - missingok -} diff --git a/logrotate.d/imunify360 b/logrotate.d/imunify360 deleted file mode 100644 index 6fe025e..0000000 --- a/logrotate.d/imunify360 +++ /dev/null @@ -1,17 +0,0 @@ -/var/log/imunify360/captcha.log { - # Keep 3 lotated files before removal - rotate 3 - maxsize 50M - hourly - compress - delaycompress - - nocreate - missingok - - postrotate - if systemctl status imunify360-captcha > /dev/null ; then \ - systemctl restart imunify360-captcha > /dev/null; \ - fi; - endscript -} diff --git a/logrotate.d/imunify360-pam b/logrotate.d/imunify360-pam deleted file mode 100644 index 0639b72..0000000 --- a/logrotate.d/imunify360-pam +++ /dev/null @@ -1,9 +0,0 @@ -/var/log/imunify360/pam.log { - missingok - notifempty - size 30k - create 0600 root root - postrotate - systemctl restart imunify360-pam > /dev/null - endscript -} diff --git a/logrotate.d/imunify360-unified-access-logger b/logrotate.d/imunify360-unified-access-logger deleted file mode 100644 index 8712453..0000000 --- a/logrotate.d/imunify360-unified-access-logger +++ /dev/null @@ -1,9 +0,0 @@ -/var/log/imunify360/imunify360-unified-access-logger/log.rotate { - missingok - notifempty - size 30k - create 0600 root root - postrotate - service imunify360-unified-access-logger restart - endscript -} diff --git a/logrotate.d/imunify360-wafd b/logrotate.d/imunify360-wafd deleted file mode 100644 index 57c48d1..0000000 --- a/logrotate.d/imunify360-wafd +++ /dev/null @@ -1,9 +0,0 @@ -/var/log/imunify360/wafd.log { - missingok - notifempty - size 30k - create 0600 root root - postrotate - service imunify360-wafd restart - endscript -} diff --git a/logrotate.d/imunify360-webshield b/logrotate.d/imunify360-webshield deleted file mode 100644 index 4f17c08..0000000 --- a/logrotate.d/imunify360-webshield +++ /dev/null @@ -1,15 +0,0 @@ -/var/log/imunify360-webshield/*.log { - daily - missingok - rotate 52 - compress - delaycompress - notifempty - create 640 imunify360-webshield adm - sharedscripts - postrotate - if [ -f /var/run/imunify360-webshield.pid ]; then - kill -USR1 `cat /var/run/imunify360-webshield.pid` - fi - endscript -} diff --git a/logrotate.d/ossec-hids b/logrotate.d/ossec-hids deleted file mode 100644 index 82b28c5..0000000 --- a/logrotate.d/ossec-hids +++ /dev/null @@ -1,22 +0,0 @@ -/var/ossec/logs/active-responses.log { - missingok - notifempty - copytruncate - maxsize 100M - rotate 7 - create 0664 ossec ossec - su ossec ossec -} - -/var/ossec/logs/ossec.log { - missingok - notifempty - copytruncate - maxsize 100M - rotate 7 - create 0664 ossec ossec - su ossec ossec - postrotate - /var/ossec/bin/ossec-control restart > /dev/null 2>/dev/null - endscript -} diff --git a/odbc.ini b/odbc.ini deleted file mode 100644 index e69de29..0000000 diff --git a/odbcinst.ini b/odbcinst.ini deleted file mode 100644 index a99515c..0000000 --- a/odbcinst.ini +++ /dev/null @@ -1,42 +0,0 @@ -# Example driver definitions - -# Driver from the postgresql-odbc package -# Setup from the unixODBC package -[PostgreSQL] -Description = ODBC for PostgreSQL -Driver = /usr/lib/psqlodbcw.so -Setup = /usr/lib/libodbcpsqlS.so -Driver64 = /usr/lib64/psqlodbcw.so -Setup64 = /usr/lib64/libodbcpsqlS.so -FileUsage = 1 - - -# Driver from the mysql-connector-odbc package -# Setup from the unixODBC package -[MySQL] -Description = ODBC for MySQL -Driver = /usr/lib/libmyodbc5.so -Setup = /usr/lib/libodbcmyS.so -Driver64 = /usr/lib64/libmyodbc5.so -Setup64 = /usr/lib64/libodbcmyS.so -FileUsage = 1 - - -# Driver from the freetds-libs package -# Setup from the unixODBC package -[FreeTDS] -Description = Free Sybase & MS SQL Driver -Driver = /usr/lib/libtdsodbc.so -Setup = /usr/lib/libtdsS.so -Driver64 = /usr/lib64/libtdsodbc.so -Setup64 = /usr/lib64/libtdsS.so -Port = 1433 - - -# Driver from the mariadb-connector-odbc package -# Setup from the unixODBC package -[MariaDB] -Description = ODBC for MariaDB -Driver = /usr/lib/libmaodbc.so -Driver64 = /usr/lib64/libmaodbc.so -FileUsage = 1 diff --git a/ossec-init.conf b/ossec-init.conf deleted file mode 100644 index 1a5d993..0000000 --- a/ossec-init.conf +++ /dev/null @@ -1,4 +0,0 @@ -DIRECTORY="/var/ossec" -VERSION="3.1.0" -DATE="Wed Dec 28 14:52:06 UTC 2022" -TYPE="server" diff --git a/pam.d/.password-auth.i360patch b/pam.d/.password-auth.i360patch deleted file mode 100644 index 903f559..0000000 --- a/pam.d/.password-auth.i360patch +++ /dev/null @@ -1,8 +0,0 @@ ---- /etc/pam.d/password-auth 2021-08-26 19:12:51.778023053 +0300 -+++ - 2023-02-09 14:51:46.796675536 +0200 -@@ -1,3 +1,5 @@ - auth required pam_env.so -+auth required pam_imunify.so check_only - auth sufficient pam_unix.so try_first_pass nullok -+auth required pam_imunify.so - auth required pam_deny.so diff --git a/pam.d/.system-auth.i360patch b/pam.d/.system-auth.i360patch deleted file mode 100644 index b15ac4f..0000000 --- a/pam.d/.system-auth.i360patch +++ /dev/null @@ -1,8 +0,0 @@ ---- /etc/pam.d/system-auth 2022-10-08 19:09:45.000000000 +0300 -+++ - 2023-02-09 14:51:46.801236173 +0200 -@@ -4,3 +4,5 @@ - auth required pam_env.so -+auth required pam_imunify.so check_only - auth sufficient pam_unix.so try_first_pass nullok -+auth required pam_imunify.so - auth required pam_deny.so diff --git a/pam.d/dovecot_imunify b/pam.d/dovecot_imunify deleted file mode 100644 index 2821cca..0000000 --- a/pam.d/dovecot_imunify +++ /dev/null @@ -1,7 +0,0 @@ -#%PAM-1.0 -auth required pam_nologin.so -auth required pam_imunify.so check_only -auth sufficient pam_imunify.so -auth required pam_deny.so - -account required pam_permit.so \ No newline at end of file diff --git a/pam.d/dovecot_imunify_domainowner b/pam.d/dovecot_imunify_domainowner deleted file mode 100644 index 1ef5912..0000000 --- a/pam.d/dovecot_imunify_domainowner +++ /dev/null @@ -1,7 +0,0 @@ -#%PAM-1.0 -auth required pam_nologin.so -auth required pam_imunify.so check_only -auth sufficient pam_imunify.so domain_owner_mail_pass -auth required pam_deny.so - -account required pam_permit.so \ No newline at end of file diff --git a/pam.d/password-auth b/pam.d/password-auth index 71af8a8..327093c 100644 --- a/pam.d/password-auth +++ b/pam.d/password-auth @@ -1,7 +1,5 @@ auth required pam_env.so -auth required pam_imunify.so check_only auth sufficient pam_unix.so try_first_pass nullok -auth required pam_imunify.so auth required pam_deny.so account required pam_unix.so diff --git a/pam.d/proftpd_imunify b/pam.d/proftpd_imunify deleted file mode 100644 index 93e87ee..0000000 --- a/pam.d/proftpd_imunify +++ /dev/null @@ -1,11 +0,0 @@ -#%PAM-1.0 -auth required pam_nologin.so -auth required pam_listfile.so item=user sense=deny file=/etc/proftpd/passwd.vhosts onerr=succeed -auth required pam_imunify.so check_only -auth optional pam_unix.so nullok try_first_pass -auth sufficient pam_imunify.so cpanel -auth required pam_deny.so - -account required pam_permit.so - -session required pam_permit.so diff --git a/pam.d/system-auth b/pam.d/system-auth index 7d464c3..5de6f4d 100644 --- a/pam.d/system-auth +++ b/pam.d/system-auth @@ -2,9 +2,7 @@ # This file is auto-generated. # User changes will be destroyed the next time authselect is run. auth required pam_env.so -auth required pam_imunify.so check_only auth sufficient pam_unix.so try_first_pass nullok -auth required pam_imunify.so auth required pam_deny.so account required pam_unix.so diff --git a/pam_imunify/i360.ini b/pam_imunify/i360.ini deleted file mode 100644 index 1a1ffa3..0000000 --- a/pam_imunify/i360.ini +++ /dev/null @@ -1,47 +0,0 @@ -# Path to database -mod_db_path=/opt/i360_pam_imunify/db - -# Path to UNIX socket -socket=/opt/i360_pam_imunify/pam_imunify360.sock -# Wait for service to start up to 120 seconds -socket_readycheck_timeout=120 - -# Log file path -# log=/var/log/imunify360/pam.log - -# Sentry error reporting (must be an url or "off") -sentry=https://sentry.cloudlinux.com/sentry/i360-pam-imunify/ - -# RBL domains (separated with comma) and timeout (in seconds) -rbl=net-brute.rbl.imunify.com. -RBL_timeout=5 -RBL_nameserver=ns1-rbl.imunify.com:53 - -USER_LOCK_TIMEOUT=5 -USER_LOCK_ATTEMPTS=10 -USER_LOCK_MINUTES=5 - -# for how long username / ip should timeout in minutes -USER_IP_LOCK_TIMEOUT=5 -# of attempts after which username / ip should be locked -USER_IP_LOCK_ATTEMPTS=10 -# period during which attempts should be accounted for -USER_IP_LOCK_MINUTES=5 -# for how long username / ip pair shall be kept in whitelist after succesful login -# (default 20160 is 14 days) -USER_IP_LOCK_AUTOWHITELIST_TIMEOUT=20160 - -# for how long IP should timeout in minutes -IP_LOCK_TIMEOUT=5 -# of attempts after which IP should be locked -IP_LOCK_ATTEMPTS=100 -# period during which attempts should be accounted for -IP_LOCK_MINUTES=5 - -whitelisted_ips_path=/var/i360_pam_imunify/wl/ips.txt - -# whitelisted_ips_include is comma separated path list -# where user ip list path goes the last -whitelisted_ips_include=/etc/apache2/conf.d/modsec_vendor_configs/imunify360_full_apache/rbl_whitelist,/etc/httpd/conf/modsecurity.d/rules/custom/rbl_whitelist,/etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-litespeed/rbl_whitelist - -whitelisted_users_path=/var/i360_pam_imunify/users/users.txt diff --git a/sysconfig/aibolit-resident b/sysconfig/aibolit-resident deleted file mode 100644 index a979001..0000000 --- a/sysconfig/aibolit-resident +++ /dev/null @@ -1 +0,0 @@ -ARCHIVE_SCAN="--scan-archive" diff --git a/sysconfig/imunify360/auth.admin b/sysconfig/imunify360/auth.admin deleted file mode 100644 index d8649da..0000000 --- a/sysconfig/imunify360/auth.admin +++ /dev/null @@ -1 +0,0 @@ -root diff --git a/sysconfig/imunify360/custom_billing.config b/sysconfig/imunify360/custom_billing.config deleted file mode 100644 index 2a747a0..0000000 --- a/sysconfig/imunify360/custom_billing.config +++ /dev/null @@ -1,4 +0,0 @@ -CUSTOM_BILLING: - upgrade_url: null - billing_notifications: true - ip_license: true diff --git a/sysconfig/imunify360/generic/global_disabled_rules.conf b/sysconfig/imunify360/generic/global_disabled_rules.conf deleted file mode 100644 index e69de29..0000000 diff --git a/sysconfig/imunify360/generic/imunify-plugin.zip b/sysconfig/imunify360/generic/imunify-plugin.zip deleted file mode 100644 index a861fc1..0000000 Binary files a/sysconfig/imunify360/generic/imunify-plugin.zip and /dev/null differ diff --git a/sysconfig/imunify360/generic/modsec.conf.d/empty.conf b/sysconfig/imunify360/generic/modsec.conf.d/empty.conf deleted file mode 100644 index e69de29..0000000 diff --git a/sysconfig/imunify360/generic/modsec2.imunify.conf b/sysconfig/imunify360/generic/modsec2.imunify.conf deleted file mode 100644 index 65fb82e..0000000 --- a/sysconfig/imunify360/generic/modsec2.imunify.conf +++ /dev/null @@ -1,10 +0,0 @@ -# Imunify360 mod_security config patch - - # The following two settings are needed for realtime scanning of uploaded files - SecRequestBodyAccess On - SecTmpSaveUploadedFiles On - SecResponseBodyLimitAction ProcessPartial - # Warning: custom SecTmpDir/SecUploadDir do not work with cPanel apache jailshell - SecTmpDir /var/imunify360/tmp_modsec - SecUploadDir /var/imunify360/tmp_modsec - diff --git a/sysconfig/imunify360/generic/nginx.modsec3.imunify.conf b/sysconfig/imunify360/generic/nginx.modsec3.imunify.conf deleted file mode 100644 index acde539..0000000 --- a/sysconfig/imunify360/generic/nginx.modsec3.imunify.conf +++ /dev/null @@ -1,10 +0,0 @@ -# Imunify360 mod_security config patch -# The following two settings are needed for realtime scanning of uploaded files -SecRequestBodyAccess On -SecTmpSaveUploadedFiles On -SecResponseBodyLimitAction ProcessPartial -# Warning: custom SecTmpDir/SecUploadDir do not work with cPanel apache jailshell -SecTmpDir /var/imunify360/tmp_modsec -SecUploadDir /var/imunify360/tmp_modsec -# used as work-around for DEF-14411 -SecUploadKeepFiles On diff --git a/sysconfig/imunify360/imunify360-merged.config b/sysconfig/imunify360/imunify360-merged.config deleted file mode 100644 index 400cf01..0000000 --- a/sysconfig/imunify360/imunify360-merged.config +++ /dev/null @@ -1,195 +0,0 @@ -############################################################################ -# DO NOT MODIFY THIS FILE!!! # -# USE /etc/sysconfig/imunify360/imunify360.config.d/ TO OVERRIDE DEFAULTS # -############################################################################ - -ADMIN_CONTACTS: - emails: - - bogdan@898.ro - enable_icontact_notifications: true -AUTO_WHITELIST: - after_unblock_timeout: 1440 - timeout: 1440 -BACKUP_RESTORE: - cl_backup_allowed: true - cl_on_premise_backup_allowed: false - max_days_in_backup: 90 -BLOCKED_PORTS: - default_mode: allowed -CAPTCHA: - cert_refresh_timeout: 3600 -CAPTCHA_DOS: - enabled: true - max_count: 100 - time_frame: 21600 - timeout: 864000 -CSF_INTEGRATION: - catch_lfd_events: true -DOS: - default_limit: 250 - enabled: true - interval: 30 - port_limits: {} -ERROR_REPORTING: - enable: true -FIREWALL: - TCP_IN_IPv4: - - '20' - - '21' - - '22' - - '25' - - '53' - - '80' - - '110' - - '443' - - '465' - - '587' - - '993' - - '995' - TCP_OUT_IPv4: - - '20' - - '21' - - '22' - - '25' - - '53' - - '80' - - '110' - - '113' - - '443' - - '587' - - '993' - - '995' - UDP_IN_IPv4: - - '20' - - '21' - - '53' - - '443' - UDP_OUT_IPv4: - - '20' - - '21' - - '53' - - '113' - - '123' - internal_use_remote_iplist: false - port_blocking_mode: ALLOW -INCIDENT_LOGGING: - limit: 100000 - min_log_level: 4 - num_days: 100 - ui_autorefresh_timeout: 10 -KERNELCARE: - edf: false -LOGGER: - backup_count: 5 - max_log_file_size: 62914560 - syscall_monitor: false -MALWARE_CLEANUP: - keep_original_files_days: 14 - trim_file_instead_of_removal: true -MALWARE_DATABASE_SCAN: - enable: true -MALWARE_SCANNING: - cloud_assisted_scan: true - crontabs: false - default_action: cleanup - detect_elf: true - enable_scan_cpanel: true - enable_scan_inotify: true - enable_scan_modsec: true - enable_scan_pure_ftpd: true - hyperscan: true - max_cloudscan_size_to_scan: 10485760 - max_mrs_upload_file: 10485760 - max_signature_size_to_scan: 1048576 - notify_on_detect: false - optimize_realtime_scan: true - rapid_scan: true - rapid_scan_rescan_unchanging_files_frequency: null - scan_modified_files: null - sends_file_for_analysis: true - try_restore_from_backup_first: false -MALWARE_SCAN_INTENSITY: - cpu: 2 - io: 1 - ram: 2048 - user_scan_cpu: 2 - user_scan_io: 2 - user_scan_ram: 1024 -MALWARE_SCAN_SCHEDULE: - day_of_month: 1 - day_of_week: 0 - hour: 3 - interval: week -MOD_SEC: - app_specific_ruleset: true - cms_account_compromise_prevention: true - prev_settings: '' - ruleset: MINIMAL -MOD_SEC_BLOCK_BY_CUSTOM_RULE: - 33332: - check_period: 120 - max_incidents: 10 - 33339: - check_period: 120 - max_incidents: 10 -MOD_SEC_BLOCK_BY_SEVERITY: - check_period: 120 - denied_num_limit: 2 - enable: true - max_incidents: 2 - severity_limit: 2 -NETWORK_INTERFACE: - eth6_device: null - eth_device: null - eth_device_skip: [] -OSSEC: - active_response: true -PAM: - enable: true - exim_dovecot_native: false - exim_dovecot_protection: true - ftp_protection: true -PERMISSIONS: - advisor: true - allow_malware_scan: false - support_form: true - upgrade_button: true - user_ignore_list: false - user_override_malware_actions: false - user_override_proactive_defense: false -PROACTIVE_DEFENCE: - blamer: true - mode: KILL - php_immunity: true -RESOURCE_MANAGEMENT: - cpu_limit: 2 - io_limit: 2 - ram_limit: 500 -SECURE_SITE: - enable: false - purchase_page_url: https://secure.site -SEND_ADDITIONAL_DATA: - enable: true -SMTP_BLOCKING: - allow_groups: - - mail - allow_local: false - allow_users: [] - enable: false - ports: - - 25 - - 587 - - 465 - redirect: false -STOP_MANAGING: - modsec_directives: false -WEBSHIELD: - captcha_secret_key: '' - captcha_site_key: '' - enable: false - invisible_captcha: false - known_proxies_support: true - splash_screen: true -WEB_SERVICES: - http_ports: [] - https_ports: [] diff --git a/sysconfig/imunify360/imunify360.config.d/90-local.config b/sysconfig/imunify360/imunify360.config.d/90-local.config deleted file mode 120000 index 244745a..0000000 --- a/sysconfig/imunify360/imunify360.config.d/90-local.config +++ /dev/null @@ -1 +0,0 @@ -../imunify360.config \ No newline at end of file diff --git a/sysconfig/imunify360/imunify360.config.defaults.example b/sysconfig/imunify360/imunify360.config.defaults.example deleted file mode 100644 index f5ec47b..0000000 --- a/sysconfig/imunify360/imunify360.config.defaults.example +++ /dev/null @@ -1,196 +0,0 @@ -############################################################################ -# DO NOT MODIFY THIS FILE!!! # -# USE /etc/sysconfig/imunify360/imunify360.config.d/ TO OVERRIDE DEFAULTS # -# This is an example of default values only # -# Changing this file will have no effect # -############################################################################ - -ADMIN_CONTACTS: - emails: [] - enable_icontact_notifications: true -AUTO_WHITELIST: - after_unblock_timeout: 1440 - timeout: 1440 -BACKUP_RESTORE: - cl_backup_allowed: true - cl_on_premise_backup_allowed: false - max_days_in_backup: 90 -BLOCKED_PORTS: - default_mode: allowed -CAPTCHA: - cert_refresh_timeout: 3600 -CAPTCHA_DOS: - enabled: true - max_count: 100 - time_frame: 21600 - timeout: 864000 -CSF_INTEGRATION: - catch_lfd_events: false -DOS: - default_limit: 250 - enabled: true - interval: 30 - port_limits: {} -ERROR_REPORTING: - enable: true -FIREWALL: - TCP_IN_IPv4: - - '20' - - '21' - - '22' - - '25' - - '53' - - '80' - - '110' - - '443' - - '465' - - '587' - - '993' - - '995' - TCP_OUT_IPv4: - - '20' - - '21' - - '22' - - '25' - - '53' - - '80' - - '110' - - '113' - - '443' - - '587' - - '993' - - '995' - UDP_IN_IPv4: - - '20' - - '21' - - '53' - - '443' - UDP_OUT_IPv4: - - '20' - - '21' - - '53' - - '113' - - '123' - internal_use_remote_iplist: false - port_blocking_mode: ALLOW -INCIDENT_LOGGING: - limit: 100000 - min_log_level: 4 - num_days: 100 - ui_autorefresh_timeout: 10 -KERNELCARE: - edf: false -LOGGER: - backup_count: 5 - max_log_file_size: 62914560 - syscall_monitor: false -MALWARE_CLEANUP: - keep_original_files_days: 14 - trim_file_instead_of_removal: true -MALWARE_DATABASE_SCAN: - enable: false -MALWARE_SCANNING: - cloud_assisted_scan: true - crontabs: false - default_action: cleanup - detect_elf: true - enable_scan_cpanel: true - enable_scan_inotify: true - enable_scan_modsec: true - enable_scan_pure_ftpd: true - hyperscan: false - max_cloudscan_size_to_scan: 10485760 - max_mrs_upload_file: 10485760 - max_signature_size_to_scan: 1048576 - notify_on_detect: false - optimize_realtime_scan: true - rapid_scan: true - rapid_scan_rescan_unchanging_files_frequency: null - scan_modified_files: null - sends_file_for_analysis: true - try_restore_from_backup_first: false -MALWARE_SCAN_INTENSITY: - cpu: 2 - io: 2 - ram: 2048 - user_scan_cpu: 2 - user_scan_io: 2 - user_scan_ram: 1024 -MALWARE_SCAN_SCHEDULE: - day_of_month: 1 - day_of_week: 0 - hour: 3 - interval: week -MOD_SEC: - app_specific_ruleset: true - cms_account_compromise_prevention: false - prev_settings: '' - ruleset: FULL -MOD_SEC_BLOCK_BY_CUSTOM_RULE: - 33332: - check_period: 120 - max_incidents: 10 - 33339: - check_period: 120 - max_incidents: 10 -MOD_SEC_BLOCK_BY_SEVERITY: - check_period: 120 - denied_num_limit: 2 - enable: true - max_incidents: 2 - severity_limit: 2 -NETWORK_INTERFACE: - eth6_device: null - eth_device: null - eth_device_skip: [] -OSSEC: - active_response: false -PAM: - enable: true - exim_dovecot_native: false - exim_dovecot_protection: true - ftp_protection: false -PERMISSIONS: - advisor: true - allow_malware_scan: false - support_form: true - upgrade_button: true - user_ignore_list: false - user_override_malware_actions: false - user_override_proactive_defense: false -PROACTIVE_DEFENCE: - blamer: true - mode: LOG - php_immunity: false -RESOURCE_MANAGEMENT: - cpu_limit: 2 - io_limit: 2 - ram_limit: 500 -SECURE_SITE: - enable: false - purchase_page_url: https://secure.site -SEND_ADDITIONAL_DATA: - enable: true -SMTP_BLOCKING: - allow_groups: - - mail - allow_local: false - allow_users: [] - enable: false - ports: - - 25 - - 587 - - 465 - redirect: false -STOP_MANAGING: - modsec_directives: false -WEBSHIELD: - captcha_secret_key: '' - captcha_site_key: '' - enable: true - invisible_captcha: false - known_proxies_support: true - splash_screen: true -WEB_SERVICES: - http_ports: [] - https_ports: [] diff --git a/sysconfig/imunify360/imunify360.config b/sysconfig/imunify360/imunify360.config.rpmsave similarity index 83% rename from sysconfig/imunify360/imunify360.config rename to sysconfig/imunify360/imunify360.config.rpmsave index 2fd3371..98a1600 100644 --- a/sysconfig/imunify360/imunify360.config +++ b/sysconfig/imunify360/imunify360.config.rpmsave @@ -10,6 +10,10 @@ MALWARE_DATABASE_SCAN: MALWARE_SCAN_INTENSITY: cpu: 2 io: 1 +MALWARE_SCAN_SCHEDULE: + day_of_month: 14 + hour: 3 + interval: month MOD_SEC: cms_account_compromise_prevention: true ruleset: MINIMAL diff --git a/sysconfig/imunify360/malware-filters-admin-conf/ignored.txt b/sysconfig/imunify360/malware-filters-admin-conf/ignored.txt deleted file mode 100644 index c73b537..0000000 --- a/sysconfig/imunify360/malware-filters-admin-conf/ignored.txt +++ /dev/null @@ -1,18 +0,0 @@ -# IMPORTANT: after making changes to this file, perform: -# -# imunify360-agent malware rebuild patterns -# -# This file contains additional regular expression patterns specifying what -# filesystem paths should not be monitored by inotify/ fanotify realtime -# scanner. -# Patterns can be absolute: -# /another/folder -# or relative to basedirs supplied by hosting control panels: -# +[^/]+/www/\.cache -# This relative pattern will expand to ^/home/[^/]+/www/\.cache for cPanel, for -# example. -# -# All patterns listed here have higher priority than stock watched and ignored -# lists supplied with Imunify360. -# -# Custom ignore patterns have higher priority than custom watched patterns. diff --git a/sysconfig/imunify360/malware-filters-admin-conf/pd-combined.txt b/sysconfig/imunify360/malware-filters-admin-conf/pd-combined.txt deleted file mode 120000 index 24c25fa..0000000 --- a/sysconfig/imunify360/malware-filters-admin-conf/pd-combined.txt +++ /dev/null @@ -1 +0,0 @@ -/etc/sysconfig/imunify360/malware-filters-admin-conf/processed/ignored/pd-combined.txt \ No newline at end of file diff --git a/sysconfig/imunify360/malware-filters-admin-conf/processed/basedirs-list.txt b/sysconfig/imunify360/malware-filters-admin-conf/processed/basedirs-list.txt deleted file mode 100644 index e69de29..0000000 diff --git a/sysconfig/imunify360/malware-filters-admin-conf/processed/ignored/av-admin-paths.txt b/sysconfig/imunify360/malware-filters-admin-conf/processed/ignored/av-admin-paths.txt deleted file mode 100644 index 19746ef..0000000 --- a/sysconfig/imunify360/malware-filters-admin-conf/processed/ignored/av-admin-paths.txt +++ /dev/null @@ -1,3 +0,0 @@ -L3Byb2M= -L3N5cw== -L3Vzci9zaGFyZS9jYWdlZnMtc2tlbGV0b24vcHJvYw== diff --git a/sysconfig/imunify360/malware-filters-admin-conf/processed/ignored/av-admin.txt b/sysconfig/imunify360/malware-filters-admin-conf/processed/ignored/av-admin.txt deleted file mode 100644 index 5d76205..0000000 --- a/sysconfig/imunify360/malware-filters-admin-conf/processed/ignored/av-admin.txt +++ /dev/null @@ -1 +0,0 @@ -^$ \ No newline at end of file diff --git a/sysconfig/imunify360/malware-filters-admin-conf/processed/ignored/av-internal.txt b/sysconfig/imunify360/malware-filters-admin-conf/processed/ignored/av-internal.txt deleted file mode 100644 index b133a64..0000000 --- a/sysconfig/imunify360/malware-filters-admin-conf/processed/ignored/av-internal.txt +++ /dev/null @@ -1 +0,0 @@ -\.log(?:[.-]\d)?(?:\.gz)?$|\.ini$|\.socket$|\.sock$|/error_log$|^/usr/share/cagefs-skeleton(?:$|/)|^/tmp/lshttpd/.+?\.sock$|^/tmp/lshttpd/.+?\.rtreport[.0-9]*$|^/usr/local/apache/domlogs(?:$|/)|^/var/log/(?:apache2?|httpd)/domlogs(?:$|/)|^/etc/(?:apache2?|httpd)/logs/domlogs(?:$|/)|^/var/ossec(?:$|/)|^/(home[1-9]?|var/www|var/imunify360/tmp)/\.restore-infected/.*(?:$|/)|/template_\w{32}.css$|/cache/object/\w{1,10}/\w{1,10}/\w{1,10}/\w{32}\.php$|/wp-content/cache/object/\w{1,5}/\w{1,5}/\w{32}\.php$|/system/cache/templates_c/\w{1,40}\.php$|/assets/cache/rss/\w{1,60}$|/cache/minify/minify_\w{32}$|/cache/page/\w{32}\.php$|/cache/wp-cache-\d{32}\.php$|/cache/page/\w{32}\.php_expire$|/cache/page/\w{32}-cache-page-\w{32}\.php$|\w{32}-cache-com_content-\w{32}\.php$|\w{32}-cache-mod_custom-\w{32}\.php$|\w{32}-cache-mod_templates-\w{32}\.php$|\w{32}-cache-_system-\w{32}\.php$|/autoptimize/js/autoptimize_\w{32}\.js$|/files/templates_c/.{1,150}\.html\.php$|/uploads/javascript_global/.{1,150}\.js$|сore/cache/resource/web/resources/\d+\.cache\.php$|/assets/cache/docid_\d+_\w{32}\.pageCache\.php$|/t3-assets/dev/t3/.{1,150}-cache-\w{1,20}-.{1,150}\.php$|/t3-assets/js/js-\w{1,30}\.js$|/temp/cache/SC/.{1,100}/\.cache\..{1,100}\.php$|/tmp/sess\_\w{32}$|/assets/cache/docid\_.{1,100}\.pageCache\.php$|/stat/usage\_\w{1,100}\.html$|/stat/usage_\d+\.html$|/stat/site\_\w{1,100}\.html$|/gallery/item/list/\w{1,100}\.cache\.php$|/core/cache/registry/.{1,100}/ext-.{1,100}\.php$|/core/cache/resource/shk\_/\w{1,50}\.cache\.php$|/cache/\w{1,40}/\w+-cache-\w+-\w{32,40}\.php$|/hyper-cache/[^/]{1,50}/[^/]{1,50}/[^/]{1,50}/index\.html$|/application/logs/\d+/\d+/\d+\.php$|/session/sess_\w{32}$|/litespeed/(?:[uc]?css|js)/(?:\d/)?[0-9a-f]{3,32}\.(?:css|js)(?:\.tmp)?$|/cache/(?:db/)?(?:\d+/)*options/[0-9a-f]{3}/[0-9a-f]{3}/[0-9a-f]{32}\.php$|/cache/wp-rocket/.+\.html_(?:gzip|temp|gzip_temp)$|/cache(?:-off)?/autoptimize/(?:\d/)?(?:js/|css/)?autoptimize_\w+\.(?:js|css|img|php)$|/(?:et-cache/|cache/et/)(?:[0-9a-f]+|notfound)/et-.+\.css$|/plugins/elementor/assets/(?:css|js|lib|[^/]*shapes|svg-paths|images)/.+\.(?:css|js|svg|gif|png)$|/cache/(?:prod|dev)/smarty/compile/.{1,150}\.tpl(?:\.cache)?\.php$|/smarty/(?:compile|cache)/.*[0-9a-f]{2}/[0-9a-f]{2}/[0-9a-f]{2}/wrt[0-9a-f]{14}_\d{8}$|/cache/(?:pro[d_]|dev)/(?:annotations|doctrine)/\w{2}/\w{16,150}\.doctrinecache\.data$|/sessions/sess_[0-9a-f]{32}$|/cache/cachestore_file/default_application/\w+/.+\.(?:cache|temp)$|/cache/models/(?:model/)?\w+_cake_model_\w+$|/var/(?:page_)?cache/mage-tags/mage---\w+$|/wflogs/config\.tmp\.\w{6}$|/api/user_(?:message|logs)\.db$|/#sql[\w.-]+\.M[YA][DI]$|^/(?:dev/shm(?:/lsws)?|(?:var/)?tmp/lshttpd/swap)/[0-9a-f]/[0-9a-f]/[0-9a-f]{30}\.ls[bz]l?$|/media/catalog/product/cache/.+\.(?:jpe?g|gif|png)$|/cache/zend_cache---[\w-]+$|/images/\d{4}/\d{2}/\d{2}/[^/]+\.(?:jpe?g|gif)$|^/dev/shm/|/cache/cache(?:\.\w+)+\.\d{10}$|/\.wp-toolkit/tmp\.\w{10}$|/media/videos/tmb/[0-9a-f]+/[^/]+\.jpg$ \ No newline at end of file diff --git a/sysconfig/imunify360/malware-filters-admin-conf/processed/ignored/pd-combined.txt b/sysconfig/imunify360/malware-filters-admin-conf/processed/ignored/pd-combined.txt deleted file mode 100644 index b133a64..0000000 --- a/sysconfig/imunify360/malware-filters-admin-conf/processed/ignored/pd-combined.txt +++ /dev/null @@ -1 +0,0 @@ -\.log(?:[.-]\d)?(?:\.gz)?$|\.ini$|\.socket$|\.sock$|/error_log$|^/usr/share/cagefs-skeleton(?:$|/)|^/tmp/lshttpd/.+?\.sock$|^/tmp/lshttpd/.+?\.rtreport[.0-9]*$|^/usr/local/apache/domlogs(?:$|/)|^/var/log/(?:apache2?|httpd)/domlogs(?:$|/)|^/etc/(?:apache2?|httpd)/logs/domlogs(?:$|/)|^/var/ossec(?:$|/)|^/(home[1-9]?|var/www|var/imunify360/tmp)/\.restore-infected/.*(?:$|/)|/template_\w{32}.css$|/cache/object/\w{1,10}/\w{1,10}/\w{1,10}/\w{32}\.php$|/wp-content/cache/object/\w{1,5}/\w{1,5}/\w{32}\.php$|/system/cache/templates_c/\w{1,40}\.php$|/assets/cache/rss/\w{1,60}$|/cache/minify/minify_\w{32}$|/cache/page/\w{32}\.php$|/cache/wp-cache-\d{32}\.php$|/cache/page/\w{32}\.php_expire$|/cache/page/\w{32}-cache-page-\w{32}\.php$|\w{32}-cache-com_content-\w{32}\.php$|\w{32}-cache-mod_custom-\w{32}\.php$|\w{32}-cache-mod_templates-\w{32}\.php$|\w{32}-cache-_system-\w{32}\.php$|/autoptimize/js/autoptimize_\w{32}\.js$|/files/templates_c/.{1,150}\.html\.php$|/uploads/javascript_global/.{1,150}\.js$|сore/cache/resource/web/resources/\d+\.cache\.php$|/assets/cache/docid_\d+_\w{32}\.pageCache\.php$|/t3-assets/dev/t3/.{1,150}-cache-\w{1,20}-.{1,150}\.php$|/t3-assets/js/js-\w{1,30}\.js$|/temp/cache/SC/.{1,100}/\.cache\..{1,100}\.php$|/tmp/sess\_\w{32}$|/assets/cache/docid\_.{1,100}\.pageCache\.php$|/stat/usage\_\w{1,100}\.html$|/stat/usage_\d+\.html$|/stat/site\_\w{1,100}\.html$|/gallery/item/list/\w{1,100}\.cache\.php$|/core/cache/registry/.{1,100}/ext-.{1,100}\.php$|/core/cache/resource/shk\_/\w{1,50}\.cache\.php$|/cache/\w{1,40}/\w+-cache-\w+-\w{32,40}\.php$|/hyper-cache/[^/]{1,50}/[^/]{1,50}/[^/]{1,50}/index\.html$|/application/logs/\d+/\d+/\d+\.php$|/session/sess_\w{32}$|/litespeed/(?:[uc]?css|js)/(?:\d/)?[0-9a-f]{3,32}\.(?:css|js)(?:\.tmp)?$|/cache/(?:db/)?(?:\d+/)*options/[0-9a-f]{3}/[0-9a-f]{3}/[0-9a-f]{32}\.php$|/cache/wp-rocket/.+\.html_(?:gzip|temp|gzip_temp)$|/cache(?:-off)?/autoptimize/(?:\d/)?(?:js/|css/)?autoptimize_\w+\.(?:js|css|img|php)$|/(?:et-cache/|cache/et/)(?:[0-9a-f]+|notfound)/et-.+\.css$|/plugins/elementor/assets/(?:css|js|lib|[^/]*shapes|svg-paths|images)/.+\.(?:css|js|svg|gif|png)$|/cache/(?:prod|dev)/smarty/compile/.{1,150}\.tpl(?:\.cache)?\.php$|/smarty/(?:compile|cache)/.*[0-9a-f]{2}/[0-9a-f]{2}/[0-9a-f]{2}/wrt[0-9a-f]{14}_\d{8}$|/cache/(?:pro[d_]|dev)/(?:annotations|doctrine)/\w{2}/\w{16,150}\.doctrinecache\.data$|/sessions/sess_[0-9a-f]{32}$|/cache/cachestore_file/default_application/\w+/.+\.(?:cache|temp)$|/cache/models/(?:model/)?\w+_cake_model_\w+$|/var/(?:page_)?cache/mage-tags/mage---\w+$|/wflogs/config\.tmp\.\w{6}$|/api/user_(?:message|logs)\.db$|/#sql[\w.-]+\.M[YA][DI]$|^/(?:dev/shm(?:/lsws)?|(?:var/)?tmp/lshttpd/swap)/[0-9a-f]/[0-9a-f]/[0-9a-f]{30}\.ls[bz]l?$|/media/catalog/product/cache/.+\.(?:jpe?g|gif|png)$|/cache/zend_cache---[\w-]+$|/images/\d{4}/\d{2}/\d{2}/[^/]+\.(?:jpe?g|gif)$|^/dev/shm/|/cache/cache(?:\.\w+)+\.\d{10}$|/\.wp-toolkit/tmp\.\w{10}$|/media/videos/tmb/[0-9a-f]+/[^/]+\.jpg$ \ No newline at end of file diff --git a/sysconfig/imunify360/malware-filters-admin-conf/processed/watched/av-admin.txt b/sysconfig/imunify360/malware-filters-admin-conf/processed/watched/av-admin.txt deleted file mode 100644 index e69de29..0000000 diff --git a/sysconfig/imunify360/malware-filters-admin-conf/processed/watched/av-internal.txt b/sysconfig/imunify360/malware-filters-admin-conf/processed/watched/av-internal.txt deleted file mode 100644 index c4eb641..0000000 --- a/sysconfig/imunify360/malware-filters-admin-conf/processed/watched/av-internal.txt +++ /dev/null @@ -1,5 +0,0 @@ -/tmp -/run/shm -/dev/shm -/dev/mqueue -/var/tmp \ No newline at end of file diff --git a/sysconfig/imunify360/malware-filters-admin-conf/watched.txt b/sysconfig/imunify360/malware-filters-admin-conf/watched.txt deleted file mode 100644 index 417e94c..0000000 --- a/sysconfig/imunify360/malware-filters-admin-conf/watched.txt +++ /dev/null @@ -1,14 +0,0 @@ -# IMPORTANT: after making changes to this file, perform: -# -# imunify360-agent malware rebuild patterns -# -# This file contains additional shell-like glob patterns specifying what file -# system directories should be monitored by inotify/ fanotify realtime scanner. -# Patterns can be absolute: -# /another/folder -# or relative to basedirs supplied by hosting control panels: -# +*/www -# This relative pattern will expand to /home/*/www for cPanel, for example. -# -# All patterns listed here have higher priority than stock watched and ignored -# lists supplied with Imunify360. diff --git a/sysctl.d/90-webshield-ip-local-reserved.conf b/sysctl.d/90-webshield-ip-local-reserved.conf deleted file mode 100644 index 7f306bc..0000000 --- a/sysctl.d/90-webshield-ip-local-reserved.conf +++ /dev/null @@ -1,2 +0,0 @@ -# Reserve ports for webshield services -net.ipv4.ip_local_reserved_ports = 52223,52224,52227-52235 diff --git a/systemd/system/imunify-antivirus.service b/systemd/system/imunify-antivirus.service deleted file mode 120000 index dc1dc0c..0000000 --- a/systemd/system/imunify-antivirus.service +++ /dev/null @@ -1 +0,0 @@ -/dev/null \ No newline at end of file diff --git a/systemd/system/multi-user.target.wants/aibolit-resident.service b/systemd/system/multi-user.target.wants/aibolit-resident.service deleted file mode 120000 index 1e7a746..0000000 --- a/systemd/system/multi-user.target.wants/aibolit-resident.service +++ /dev/null @@ -1 +0,0 @@ -/usr/lib/systemd/system/aibolit-resident.service \ No newline at end of file diff --git a/systemd/system/multi-user.target.wants/imunify-antivirus.service b/systemd/system/multi-user.target.wants/imunify-antivirus.service deleted file mode 120000 index 20bf47a..0000000 --- a/systemd/system/multi-user.target.wants/imunify-antivirus.service +++ /dev/null @@ -1 +0,0 @@ -/usr/lib/systemd/system/imunify-antivirus.service \ No newline at end of file diff --git a/systemd/system/multi-user.target.wants/imunify-notifier.service b/systemd/system/multi-user.target.wants/imunify-notifier.service deleted file mode 120000 index a7f2509..0000000 --- a/systemd/system/multi-user.target.wants/imunify-notifier.service +++ /dev/null @@ -1 +0,0 @@ -/usr/lib/systemd/system/imunify-notifier.service \ No newline at end of file diff --git a/systemd/system/multi-user.target.wants/imunify360-pam.service b/systemd/system/multi-user.target.wants/imunify360-pam.service deleted file mode 120000 index 91a3346..0000000 --- a/systemd/system/multi-user.target.wants/imunify360-pam.service +++ /dev/null @@ -1 +0,0 @@ -/usr/lib/systemd/system/imunify360-pam.service \ No newline at end of file diff --git a/systemd/system/multi-user.target.wants/imunify360-php-daemon.service b/systemd/system/multi-user.target.wants/imunify360-php-daemon.service deleted file mode 120000 index b50c5f4..0000000 --- a/systemd/system/multi-user.target.wants/imunify360-php-daemon.service +++ /dev/null @@ -1 +0,0 @@ -/usr/lib/systemd/system/imunify360-php-daemon.service \ No newline at end of file diff --git a/systemd/system/multi-user.target.wants/imunify360-wafd.service b/systemd/system/multi-user.target.wants/imunify360-wafd.service deleted file mode 120000 index 8b71805..0000000 --- a/systemd/system/multi-user.target.wants/imunify360-wafd.service +++ /dev/null @@ -1 +0,0 @@ -/usr/lib/systemd/system/imunify360-wafd.service \ No newline at end of file diff --git a/systemd/system/multi-user.target.wants/imunify360.service b/systemd/system/multi-user.target.wants/imunify360.service deleted file mode 120000 index 3e09591..0000000 --- a/systemd/system/multi-user.target.wants/imunify360.service +++ /dev/null @@ -1 +0,0 @@ -/usr/lib/systemd/system/imunify360.service \ No newline at end of file diff --git a/systemd/system/sockets.target.wants/aibolit-resident.socket b/systemd/system/sockets.target.wants/aibolit-resident.socket deleted file mode 120000 index 1158ff5..0000000 --- a/systemd/system/sockets.target.wants/aibolit-resident.socket +++ /dev/null @@ -1 +0,0 @@ -/usr/lib/systemd/system/aibolit-resident.socket \ No newline at end of file diff --git a/systemd/system/sockets.target.wants/imunify-antivirus-sensor.socket b/systemd/system/sockets.target.wants/imunify-antivirus-sensor.socket deleted file mode 120000 index bf98d30..0000000 --- a/systemd/system/sockets.target.wants/imunify-antivirus-sensor.socket +++ /dev/null @@ -1 +0,0 @@ -/usr/lib/systemd/system/imunify-antivirus-sensor.socket \ No newline at end of file diff --git a/systemd/system/sockets.target.wants/imunify-antivirus-user.socket b/systemd/system/sockets.target.wants/imunify-antivirus-user.socket deleted file mode 120000 index 3f16202..0000000 --- a/systemd/system/sockets.target.wants/imunify-antivirus-user.socket +++ /dev/null @@ -1 +0,0 @@ -/usr/lib/systemd/system/imunify-antivirus-user.socket \ No newline at end of file diff --git a/systemd/system/sockets.target.wants/imunify-antivirus.socket b/systemd/system/sockets.target.wants/imunify-antivirus.socket deleted file mode 120000 index 08686b9..0000000 --- a/systemd/system/sockets.target.wants/imunify-antivirus.socket +++ /dev/null @@ -1 +0,0 @@ -/usr/lib/systemd/system/imunify-antivirus.socket \ No newline at end of file diff --git a/systemd/system/sockets.target.wants/imunify-notifier.socket b/systemd/system/sockets.target.wants/imunify-notifier.socket deleted file mode 120000 index 468bb9a..0000000 --- a/systemd/system/sockets.target.wants/imunify-notifier.socket +++ /dev/null @@ -1 +0,0 @@ -/usr/lib/systemd/system/imunify-notifier.socket \ No newline at end of file diff --git a/systemd/system/sockets.target.wants/imunify360-php-daemon.socket b/systemd/system/sockets.target.wants/imunify360-php-daemon.socket deleted file mode 120000 index 0b0015f..0000000 --- a/systemd/system/sockets.target.wants/imunify360-php-daemon.socket +++ /dev/null @@ -1 +0,0 @@ -/usr/lib/systemd/system/imunify360-php-daemon.socket \ No newline at end of file diff --git a/wafd_imunify/i360.ini b/wafd_imunify/i360.ini deleted file mode 100644 index 7354c74..0000000 --- a/wafd_imunify/i360.ini +++ /dev/null @@ -1,18 +0,0 @@ -# Path to UNIX socket -#socket=/var/run/imunify360/libiplists-daemon.sock - -# Log file path -#log=/var/log/imunify360/pam.log - -# Sentry error reporting (must be an "on" or "off", default on) -#sentry=off - -#shared_key_file=/opt/i360_wafd_imunify/key -#request_timeout_ms=60000 -#response_timeout_ms=0 -#whitelist_ipset= -#remote_proxy_ipset= -#blacklist_ipset= -#graylist_ipset= -#splash_ipset= -#user_name=imunify360-webshield diff --git a/yum.repos.d/imunify-rollout.repo b/yum.repos.d/imunify-rollout.repo deleted file mode 100644 index dfe6e40..0000000 --- a/yum.repos.d/imunify-rollout.repo +++ /dev/null @@ -1,63 +0,0 @@ -[imunify360-rollout-1] -name=Imunify360 - Gradual Rollout Slot 1 -baseurl=https://download.imunify360.com/el/$releasever/slot-1/x86_64/ -enabled=1 -gpgcheck=1 -gpgkey=https://repo.imunify360.cloudlinux.com/defense360/RPM-GPG-KEY-CloudLinux -skip_if_unavailable=True - -[imunify360-rollout-1-bypass] -name=Imunify360 - Gradual Rollout Slot 1 Bypass -baseurl=https://download.imunify360.com/el/$releasever/slot-1-bypass/x86_64/ -enabled=0 -gpgcheck=1 -gpgkey=https://repo.imunify360.cloudlinux.com/defense360/RPM-GPG-KEY-CloudLinux -skip_if_unavailable=True - -[imunify360-rollout-2] -name=Imunify360 - Gradual Rollout Slot 2 -baseurl=https://download.imunify360.com/el/$releasever/slot-2/x86_64/ -enabled=1 -gpgcheck=1 -gpgkey=https://repo.imunify360.cloudlinux.com/defense360/RPM-GPG-KEY-CloudLinux -skip_if_unavailable=True - -[imunify360-rollout-2-bypass] -name=Imunify360 - Gradual Rollout Slot 2 Bypass -baseurl=https://download.imunify360.com/el/$releasever/slot-2-bypass/x86_64/ -enabled=0 -gpgcheck=1 -gpgkey=https://repo.imunify360.cloudlinux.com/defense360/RPM-GPG-KEY-CloudLinux -skip_if_unavailable=True - -[imunify360-rollout-3] -name=Imunify360 - Gradual Rollout Slot 3 -baseurl=https://download.imunify360.com/el/$releasever/slot-3/x86_64/ -enabled=1 -gpgcheck=1 -gpgkey=https://repo.imunify360.cloudlinux.com/defense360/RPM-GPG-KEY-CloudLinux -skip_if_unavailable=True - -[imunify360-rollout-3-bypass] -name=Imunify360 - Gradual Rollout Slot 3 Bypass -baseurl=https://download.imunify360.com/el/$releasever/slot-3-bypass/x86_64/ -enabled=0 -gpgcheck=1 -gpgkey=https://repo.imunify360.cloudlinux.com/defense360/RPM-GPG-KEY-CloudLinux -skip_if_unavailable=True - -[imunify360-rollout-4] -name=Imunify360 - Gradual Rollout Slot 4 -baseurl=https://download.imunify360.com/el/$releasever/slot-4/x86_64/ -enabled=1 -gpgcheck=1 -gpgkey=https://repo.imunify360.cloudlinux.com/defense360/RPM-GPG-KEY-CloudLinux -skip_if_unavailable=True - -[imunify360-rollout-4-bypass] -name=Imunify360 - Gradual Rollout Slot 4 Bypass -baseurl=https://download.imunify360.com/el/$releasever/slot-4-bypass/x86_64/ -enabled=0 -gpgcheck=1 -gpgkey=https://repo.imunify360.cloudlinux.com/defense360/RPM-GPG-KEY-CloudLinux -skip_if_unavailable=True \ No newline at end of file