0ct0pu5/EHCP-Force-Edition
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Compare commits

base: 0ct0pu5:master
Branches Tags
0ct0pu5:master
0ct0pu5:1.1.1.1
..
compare: 0ct0pu5:1.1.1.1
Branches Tags
0ct0pu5:master
0ct0pu5:1.1.1.1

No commits in common. "master" and "1.1.1.1" have entirely different histories.
master ... 1.1.1.1

1315 changed files with 24670 additions and 27796 deletions
Show stats Expand all files Collapse all files

23
README.md
View file

@ -1,26 +1,3 @@
# EHCP Force Edition
## http://ehcpforce.tk
### Easy Hosting Control Panel
#### Forked from http://ehcp.net
The Easy Hosting Control Panel (EHCP) is a fully functional, advanced, free, and open source website panel platform that provides a user interface for creating and managing multiple administrators, resellers, users, websites, FTP accounts, MySQL databases, email accounts, and more! EHCP works on most Debian based operating systems. EHCP Force Edition works best on and has been tested thoroughly on all supported versions of Ubuntu.
EHCP even installs and configures your web server software (by default, EHCP Force uses Apache2) for you while also providing additional security by slip streaming and including fail2ban and DDoS automatic banning (against Apache). EHCP Force now properly supports nginx (SSL and Non-SSL) integration should you wish to choose more efficient web server software.
Use custom SSL certificates, free Let's Encrypt certificates, wildcard SSL certificates, and more.
### Video
[![EHCP Force Edition Panel](https://img.youtube.com/vi/QQh6eqiWogI/0.jpg)](https://www.youtube.com/watch?v=QQh6eqiWogI)
### Screenshot of Picante Theme:
<a href="http://ehcpforce.tk/images/ehcp_picante.png" target="_blank"><img alt="EHCP Force Edition Easy Hosting Control Panel Main Theme Screenshot" src="http://ehcpforce.tk/images/ehcp_picante_s.jpg" class="greenBorder"></a>
### Home Page
http://ehcpforce.tk
### Forums for Support
http://ehcpforce.tk/forums

2
ehcp/adodb5/adodb-datadict.inc.php
View file

@ -520,7 +520,7 @@ class ADODB_DataDict {
list($lines,$pkey,$idxs) = $this->_GenFields($flds);
// genfields can return FALSE at times
if ($lines == null) $lines = array();
$first = reset($lines);
list(,$first) = each($lines);
list(,$column_def) = preg_split("/[\t ]+/",$first,2);
}
return array(sprintf($this->renameColumn,$tabname,$this->NameQuote($oldcolumn),$this->NameQuote($newcolumn),$column_def));

2
ehcp/adodb5/adodb-error.inc.php
View file

@ -111,7 +111,7 @@ function adodb_error_pg($errormsg)
'could not serialize access due to' => DB_ERROR_SERIALIZATION_FAILURE
);
reset($error_regexps);
foreach($error_regexps as $regexp => $code) {
while (list($regexp,$code) = each($error_regexps)) {
if (preg_match("/$regexp/mi", $errormsg)) {
return $code;
}

4
ehcp/adodb5/adodb-perf.inc.php
View file

@ -693,7 +693,7 @@ Committed_AS: 348732 kB
// magic quotes
if (isset($_GET['sql']) && function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
if (isset($_GET['sql']) && get_magic_quotes_gpc()) {
$_GET['sql'] = $_GET['sql'] = str_replace(array("\\'",'\"'),array("'",'"'),$_GET['sql']);
}
@ -999,7 +999,7 @@ Committed_AS: 348732 kB
function undomq($m)
{
if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
if (get_magic_quotes_gpc()) {
// undo the damage
$m = str_replace('\\\\','\\',$m);
$m = str_replace('\"','"',$m);

4
ehcp/adodb5/adodb.inc.php
View file

@ -834,7 +834,7 @@ if (!defined('_ADODB_LAYER')) {
* Requested by "Karsten Dambekalns" <k.dambekalns@fishfarm.de>
*/
function QMagic($s) {
return $this->qstr($s,function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc());
return $this->qstr($s,get_magic_quotes_gpc());
}
function q(&$s) {
@ -1149,7 +1149,7 @@ if (!defined('_ADODB_LAYER')) {
foreach($inputarr as $arr) {
$sql = ''; $i = 0;
//Use each() instead of foreach to reduce memory usage -mikefedyk
foreach($arr as $k => $v) {
while(list(, $v) = each($arr)) {
$sql .= $sqlarr[$i];
// from Ron Baldwin <ron.baldwin#sourceprose.com>
// Only quote string types

2
ehcp/adodb5/drivers/adodb-ado.inc.php
View file

@ -225,7 +225,7 @@ class ADODB_ado extends ADOConnection {
// Map by http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ado270/htm/mdmthcreateparam.asp
// Check issue http://bugs.php.net/bug.php?id=40664 !!!
foreach($inputarr as $key => $val) {
while(list(, $val) = each($inputarr)) {
$type = gettype($val);
$len=strlen($val);
if ($type == 'boolean')

4
ehcp/adodb5/drivers/adodb-ado5.inc.php
View file

@ -247,8 +247,8 @@ class ADODB_ado extends ADOConnection {
$oCmd->ActiveConnection = $dbc;
$oCmd->CommandText = $sql;
$oCmd->CommandType = 1;
foreach($inputarr as $key => $val) {
while(list(, $val) = each($inputarr)) {
$type = gettype($val);
$len=strlen($val);
if ($type == 'boolean')

4
ehcp/adodb5/drivers/adodb-mssql.inc.php
View file

@ -680,9 +680,7 @@ order by constraint_name, referenced_table_name, keyno";
$arr = $args;
}
array_walk($arr, function(&$v){
$v = "CAST(" . $v . " AS VARCHAR(255))";
});
array_walk($arr, create_function('&$v', '$v = "CAST(" . $v . " AS VARCHAR(255))";'));
$s = implode('+',$arr);
if (sizeof($arr) > 0) return "$s";

4
ehcp/adodb5/drivers/adodb-mssqlnative.inc.php
View file

@ -530,9 +530,7 @@ class ADODB_mssqlnative extends ADOConnection {
$arr = $args;
}
array_walk($arr, function(&$v){
$v = "CAST(" . $v . " AS VARCHAR(255))";
});
array_walk($arr, create_function('&$v', '$v = "CAST(" . $v . " AS VARCHAR(255))";'));
$s = implode('+',$arr);
if (sizeof($arr) > 0) return "$s";

2
ehcp/adodb5/server.php
View file

@ -54,7 +54,7 @@ function err($s)
// undo stupid magic quotes
function undomq(&$m)
{
if (function_exists('get_magic_quotes_gpc') && get_magic_quotes_gpc()) {
if (get_magic_quotes_gpc()) {
// undo the damage
$m = str_replace('\\\\','\\',$m);
$m = str_replace('\"','"',$m);

2
ehcp/adodb5/toexport.inc.php
View file

@ -77,7 +77,7 @@ function _adodb_export(&$rs,$sep,$sepreplace,$fp=false,$addtitles=true,$quote =
reset($fieldTypes);
$i = 0;
$elements = array();
foreach($fieldTypes as $k => $o) {
while(list(,$o) = each($fieldTypes)) {
$v = ($o) ? $o->name : 'Field'.($i++);
if ($escquote) $v = str_replace($quote,$escquotequote,$v);

23
ehcp/apache_default.conf Executable file
View file

@ -0,0 +1,23 @@
NameVirtualHost *
<VirtualHost *>
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ErrorLog /var/log/apache2/error.log
LogLevel warn
CustomLog /var/log/apache2/access.log combined
</VirtualHost>

13
ehcp/apache_subdomain_template
View file

@ -12,12 +12,13 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
<FilesMatch "access_log|error_log">
Deny from All
</FilesMatch>
php_admin_value open_basedir "{homedir}:/usr/share/php:/usr/share/pear"
php_admin_value upload_tmp_dir {homedir}/phptmpdir
php_admin_value session.save_path 0;660;{homedir}/phptmpdir
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
{customsubdomainhttp}

23
ehcp/apachetemplate
View file

@ -16,8 +16,9 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/webmail/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail:/tmp:/var/www/php_sessions:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
php_admin_value open_basedir "{ehcpdir}/webmail:/tmp:/var/www/php_sessions:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube"
php_admin_value upload_tmp_dir "/tmp"
php_admin_value session.save_path "/var/www/php_sessions"
</VirtualHost>
@ -34,8 +35,9 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/webmail2/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
php_admin_value open_basedir "{ehcpdir}/webmail2"
php_admin_value upload_tmp_dir "{ehcpdir}/webmail2/data"
php_admin_value session.save_path "{ehcpdir}/webmail2/data"
</VirtualHost>
@ -51,8 +53,7 @@
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/usr/share/php:/usr/share/pear"
php_admin_value open_basedir {ehcpdir}
<Files ~ "\.conf$">
Order allow,deny
@ -92,11 +93,17 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/httpdocs/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
# this is pear compatible:
php_admin_value open_basedir "{homedir}:/usr/share/php:/usr/share/pear"
php_admin_value upload_tmp_dir {homedir}/phptmpdir
php_admin_value session.save_path 0;660;{homedir}/phptmpdir
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
AccessFileName .htaccess
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
{customhttp}
{root_password_protected_dirs}
{password_protected_dirs}

19
ehcp/apachetemplate_ehcp_panel
View file

@ -9,8 +9,7 @@
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
php_admin_value open_basedir {ehcpdir}
<Files ~ "\.conf$">
Order allow,deny
@ -31,22 +30,6 @@
Order allow,deny
Deny from all
</Files>
<Location "/extplorer">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/var/www:/usr/share/php:/usr/share/pear; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail2">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
</Location>
<Location "/phpmyadmin">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
</VirtualHost>
# END OF CUSTOM GLOBAL PANEL URLS Template

23
ehcp/apachetemplate_ipbased
View file

@ -15,8 +15,9 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/webmail/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail:/tmp:/var/www/php_sessions:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
php_admin_value open_basedir "{ehcpdir}/webmail:/tmp:/var/www/php_sessions:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube"
php_admin_value upload_tmp_dir "/tmp"
php_admin_value session.save_path "/var/www/php_sessions"
</VirtualHost>
@ -33,8 +34,9 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/webmail2/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
php_admin_value open_basedir "{ehcpdir}/webmail2"
php_admin_value upload_tmp_dir "{ehcpdir}/webmail2/data"
php_admin_value session.save_path "{ehcpdir}/webmail2/data"
</VirtualHost>
<VirtualHost *>
@ -49,8 +51,7 @@
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/usr/share/php:/usr/share/pear"
php_admin_value open_basedir {ehcpdir}
<Files ~ "\.conf$">
Order allow,deny
@ -91,11 +92,17 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/httpdocs/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
# this is pear compatible:
php_admin_value open_basedir "{homedir}:/usr/share/php:/usr/share/pear"
php_admin_value upload_tmp_dir "{homedir}/phptmpdir"
php_admin_value session.save_path "{homedir}/phptmpdir"
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
AccessFileName .htaccess
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
{customhttp}
{root_password_protected_dirs}
{password_protected_dirs}

8
ehcp/apachetemplate_passivedomains
View file

@ -12,8 +12,12 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
php_admin_value open_basedir {homedir}
php_admin_value upload_tmp_dir {homedir}/phptmpdir
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
</VirtualHost>

28394
ehcp/classapp.php
View file

File diff suppressed because it is too large Load diff

68
ehcp/ehcp.sql
View file

@ -9,7 +9,7 @@ CREATE TABLE IF NOT EXISTS `scripts` (
`commandsaftercopy` text,
`customfileownerships` text,
PRIMARY KEY (`id`)
) DEFAULT CHARSET=utf8 COMMENT='ehcp db - stores scripts that can be installed in ehcp';
) DEFAULT CHARSET=latin1 COMMENT='ehcp db - stores scripts that can be installed in ehcp';
INSERT INTO `scripts` (`id`, `scriptname`, `homepage`, `description`, `filetype`, `fileinfo`, `scriptdirtocopy`, `commandsaftercopy`, `customfileownerships`) VALUES
(1, 'WordPress', NULL, NULL, 'directurl', 'https://wordpress.org/latest.zip', 'wordpress', '', NULL),
@ -72,8 +72,6 @@ CREATE TABLE IF NOT EXISTS subdomains (
password varchar(20) default NULL,
email varchar(50) default NULL,
webserverips varchar(200) default NULL,
apache2template text NULL,
nginxtemplate text NULL,
PRIMARY KEY (id)
) comment='ehcp db - subdomains';
@ -255,7 +253,7 @@ INSERT INTO misc (id, name, `value`, longvalue,comment) VALUES
(12, 'quotaupdateinterval', '6', NULL,'this is in hours, quota will be calculated in this interval'),
(13, 'webservertype', 'apache2', NULL,'apache2 or nginx, (or any other that is supported)'),
(14, 'webservermode', 'nonssl', NULL,'ssl or nonssl'),
(15, 'mysqlcharset', 'DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci', NULL,'Default charset/collation for newly added databases'),
(15, 'mysqlcharset', 'DEFAULT CHARACTER SET utf8 COLLATE utf8_turkish_ci', NULL,'Default charset/collation for newly added databases'),
(16, 'enablewebstats', 'on',null,'Webalizer web stats'),
(17, 'versionwarningcounter', '5',null,'')
;
@ -277,9 +275,9 @@ CREATE TABLE mysqlusers (
reseller varchar(30) default NULL,
panelusername varchar(30) default NULL,
domainname varchar(50) default NULL,
dbname varchar(64) default NULL,
dbname varchar(30) default NULL,
dbusername varchar(30) default NULL,
password varchar(32) default NULL,
password varchar(30) default NULL,
PRIMARY KEY (id)
) comment='ehcp db - list of mysql users related to ehcp';
@ -335,10 +333,10 @@ CREATE TABLE transport (
DROP TABLE IF EXISTS `hash`;
CREATE TABLE IF NOT EXISTS `hash` (
`email` varchar(100) COLLATE utf8_general_ci NOT NULL DEFAULT 'NULL',
`hash` varchar(100) COLLATE utf8_general_ci DEFAULT NULL,
`email` varchar(100) COLLATE utf8_turkish_ci NOT NULL DEFAULT 'NULL',
`hash` varchar(100) COLLATE utf8_turkish_ci DEFAULT NULL,
KEY `email_index` (`email`)
) DEFAULT CHARSET=utf8 COLLATE=utf8_general_ci COMMENT='to store password remind hash';
) DEFAULT CHARSET=utf8 COLLATE=utf8_turkish_ci COMMENT='to store password remind hash';
# these are net2ftp tables for logging etc...
DROP TABLE IF EXISTS net2ftp_logAccess;
@ -358,41 +356,41 @@ CREATE TABLE net2ftp_users (ftpserver varchar(255) NOT NULL default '0',username
CREATE TABLE IF NOT EXISTS `vps` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`reseller` varchar(30) CHARACTER SET utf8 COLLATE utf8_general_ci DEFAULT NULL,
`panelusername` varchar(30) CHARACTER SET utf8 COLLATE utf8_general_ci DEFAULT NULL,
`status` varchar(20) CHARACTER SET utf8 COLLATE utf8_general_ci DEFAULT NULL,
`vpsname` varchar(30) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
`description` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
`hostip` varchar(20) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
`ip` varchar(20) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
`ip2` varchar(20) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
`netmask` varchar(20) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
`broadcast` varchar(20) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
`gateway` varchar(20) CHARACTER SET utf8 COLLATE utf8_general_ci NOT NULL,
`image_template` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci DEFAULT NULL,
`cdimage` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci DEFAULT NULL,
`reseller` varchar(30) CHARACTER SET utf8 COLLATE utf8_turkish_ci DEFAULT NULL,
`panelusername` varchar(30) CHARACTER SET utf8 COLLATE utf8_turkish_ci DEFAULT NULL,
`status` varchar(20) CHARACTER SET utf8 COLLATE utf8_turkish_ci DEFAULT NULL,
`vpsname` varchar(30) CHARACTER SET utf8 COLLATE utf8_turkish_ci NOT NULL,
`description` varchar(100) CHARACTER SET utf8 COLLATE utf8_turkish_ci NOT NULL,
`hostip` varchar(20) CHARACTER SET utf8 COLLATE utf8_turkish_ci NOT NULL,
`ip` varchar(20) CHARACTER SET utf8 COLLATE utf8_turkish_ci NOT NULL,
`ip2` varchar(20) CHARACTER SET utf8 COLLATE utf8_turkish_ci NOT NULL,
`netmask` varchar(20) CHARACTER SET utf8 COLLATE utf8_turkish_ci NOT NULL,
`broadcast` varchar(20) CHARACTER SET utf8 COLLATE utf8_turkish_ci NOT NULL,
`gateway` varchar(20) CHARACTER SET utf8 COLLATE utf8_turkish_ci NOT NULL,
`image_template` varchar(100) CHARACTER SET utf8 COLLATE utf8_turkish_ci DEFAULT NULL,
`cdimage` varchar(100) CHARACTER SET utf8 COLLATE utf8_turkish_ci DEFAULT NULL,
`ram` int(11) DEFAULT NULL,
`cpu` int(11) DEFAULT NULL,
`state` varchar(20) CHARACTER SET utf8 COLLATE utf8_general_ci DEFAULT NULL,
`ping` varchar(10) CHARACTER SET utf8 COLLATE utf8_general_ci DEFAULT NULL,
`state` varchar(20) CHARACTER SET utf8 COLLATE utf8_turkish_ci DEFAULT NULL,
`ping` varchar(10) CHARACTER SET utf8 COLLATE utf8_turkish_ci DEFAULT NULL,
`hdimage` varchar(200) DEFAULT NULL,
`vncpassword` varchar(20) DEFAULT NULL,
`addvpscmd` text default null,
PRIMARY KEY (`id`)
) DEFAULT CHARSET=utf8 COMMENT='ehcp db - list of domains and their properties';
) DEFAULT CHARSET=latin1 COMMENT='ehcp db - list of domains and their properties';
CREATE TABLE IF NOT EXISTS `settings` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`group` varchar(20) CHARACTER SET utf8 COLLATE utf8_general_ci DEFAULT '',
`reseller` varchar(30) CHARACTER SET utf8 COLLATE utf8_general_ci DEFAULT '',
`panelusername` varchar(30) CHARACTER SET utf8 COLLATE utf8_general_ci DEFAULT '',
`name` varchar(40) CHARACTER SET utf8 COLLATE utf8_general_ci DEFAULT '',
`value` text CHARACTER SET utf8 COLLATE utf8_general_ci,
`longvalue` text CHARACTER SET utf8 COLLATE utf8_general_ci,
`comment` varchar(100) CHARACTER SET utf8 COLLATE utf8_general_ci DEFAULT '',
`group` varchar(20) CHARACTER SET utf8 COLLATE utf8_turkish_ci DEFAULT '',
`reseller` varchar(30) CHARACTER SET utf8 COLLATE utf8_turkish_ci DEFAULT '',
`panelusername` varchar(30) CHARACTER SET utf8 COLLATE utf8_turkish_ci DEFAULT '',
`name` varchar(40) CHARACTER SET utf8 COLLATE utf8_turkish_ci DEFAULT '',
`value` text CHARACTER SET utf8 COLLATE utf8_turkish_ci,
`longvalue` text CHARACTER SET utf8 COLLATE utf8_turkish_ci,
`comment` varchar(100) CHARACTER SET utf8 COLLATE utf8_turkish_ci DEFAULT '',
PRIMARY KEY (`id`)
) DEFAULT CHARSET=utf8 COMMENT='ehcp db - Table for misc configruation of ehcp';
) DEFAULT CHARSET=latin1 COMMENT='ehcp db - Table for misc configruation of ehcp';
CREATE TABLE IF NOT EXISTS `remote_backups` (
`id` tinyint(4) NOT NULL auto_increment,
@ -406,7 +404,7 @@ CREATE TABLE IF NOT EXISTS `remote_backups` (
`transfer_pass` varchar(50) default NULL,
`encryption_pass` varchar(50) default NULL,
PRIMARY KEY (`id`)
) DEFAULT CHARSET=utf8 COMMENT='Used to schedule cronjobs for remote backups';
) DEFAULT CHARSET=latin1 COMMENT='Used to schedule cronjobs for remote backups';
CREATE TABLE IF NOT EXISTS `cronjobs` (
`id` tinyint(4) NOT NULL auto_increment,
@ -414,7 +412,7 @@ CREATE TABLE IF NOT EXISTS `cronjobs` (
`dayofweek` tinyint(1) default NULL,
`time` varchar(2),
PRIMARY KEY (`id`)
) DEFAULT CHARSET=utf8 COMMENT='Used to run any cronjobs an admin may want to run';
) DEFAULT CHARSET=latin1 COMMENT='Used to run any cronjobs an admin may want to run';
CREATE TABLE IF NOT EXISTS `pwd_dirs` (
id int(11) NOT NULL auto_increment,

4
ehcp/ehcp_vsftpd.sh.txt
View file

@ -45,7 +45,7 @@ CREATE TABLE `ftpaccounts` (
`reseller` varchar(30) default NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `username` (`ftpusername`)
) ENGINE=MyISAM AUTO_INCREMENT=2 DEFAULT CHARSET=utf8 AUTO_INCREMENT=2 ;
) ENGINE=MyISAM AUTO_INCREMENT=2 DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;
--
-- Tablo d<>k<EFBFBD>m verisi `ftpaccounts`
@ -67,7 +67,7 @@ CREATE TABLE `ftpaccounts` (
`reseller` varchar(30) default NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `ftpusername` (`ftpusername`)
) ENGINE=MyISAM AUTO_INCREMENT=2 DEFAULT CHARSET=utf8 AUTO_INCREMENT=2 ;
) ENGINE=MyISAM AUTO_INCREMENT=2 DEFAULT CHARSET=latin1 AUTO_INCREMENT=2 ;
--
-- Tablo d<>k<EFBFBD>m verisi `ftpaccounts`

1273
ehcp/ehcpforceupdate.sh
View file

File diff suppressed because it is too large Load diff

13
ehcp/etc/apache2/apache_subdomain_template
View file

@ -11,12 +11,13 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
<FilesMatch "access_log|error_log">
Deny from All
</FilesMatch>
php_admin_value open_basedir "{homedir}:/usr/share/php:/usr/share/pear"
php_admin_value upload_tmp_dir "{homedir}/phptmpdir"
php_admin_value session.save_path "{homedir}/phptmpdir"
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
{customsubdomainhttp}

11
ehcp/etc/apache2/apache_subdomain_template_ipbased
View file

@ -12,12 +12,13 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
php_admin_value open_basedir "{homedir}:/usr/share/php:/usr/share/pear"
php_admin_value upload_tmp_dir "{homedir}/phptmpdir"
php_admin_value session.save_path "{homedir}/phptmpdir"
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
<FilesMatch "access_log|error_log">
Deny from All
</FilesMatch>
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
{customsubdomainhttp}

26
ehcp/etc/apache2/apachetemplate
View file

@ -16,8 +16,9 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/webmail/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail:/tmp:/var/www/php_sessions:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
php_admin_value open_basedir "{ehcpdir}/webmail:/tmp:/var/www/php_sessions:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube"
php_admin_value upload_tmp_dir "/tmp"
php_admin_value session.save_path "/var/www/php_sessions"
</VirtualHost>
@ -34,9 +35,9 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/webmail2/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
php_admin_value open_basedir "{ehcpdir}/webmail2"
php_admin_value upload_tmp_dir "{ehcpdir}/webmail2/data"
php_admin_value session.save_path "{ehcpdir}/webmail2/data"
</VirtualHost>
<VirtualHost *>
@ -70,9 +71,8 @@
Order allow,deny
Deny from all
</Files>
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/usr/share/php:/usr/share/pear"
php_admin_value open_basedir {ehcpdir}
</VirtualHost>
@ -94,11 +94,17 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/httpdocs/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
# this is pear compatible:
php_admin_value open_basedir "{homedir}:/usr/share/php:/usr/share/pear"
php_admin_value upload_tmp_dir "{homedir}/phptmpdir"
php_admin_value session.save_path "{homedir}/phptmpdir"
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
AccessFileName .htaccess
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
{customhttp}
{root_password_protected_dirs}
{password_protected_dirs}

19
ehcp/etc/apache2/apachetemplate_ehcp_panel
View file

@ -29,24 +29,7 @@
Deny from all
</Files>
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
<Location "/extplorer">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/var/www:/usr/share/php:/usr/share/pear; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail2">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
</Location>
<Location "/phpmyadmin">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
php_admin_value open_basedir {ehcpdir}
</VirtualHost>
# END OF CUSTOM GLOBAL PANEL URLS Template

25
ehcp/etc/apache2/apachetemplate_ipbased
View file

@ -15,8 +15,9 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/webmail/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail:/tmp:/var/www/php_sessions:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
php_admin_value open_basedir "{ehcpdir}/webmail:/tmp:/var/www/php_sessions:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube"
php_admin_value upload_tmp_dir "/tmp"
php_admin_value session.save_path "/var/www/php_sessions"
</VirtualHost>
@ -33,8 +34,9 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/webmail2/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
php_admin_value open_basedir "{ehcpdir}/webmail2"
php_admin_value upload_tmp_dir "{ehcpdir}/webmail2/data"
php_admin_value session.save_path "{ehcpdir}/webmail2/data"
</VirtualHost>
@ -50,8 +52,7 @@
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/usr/share/php:/usr/share/pear"
php_admin_value open_basedir {ehcpdir}
<Files ~ "\.conf$">
Order allow,deny
@ -92,10 +93,16 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/httpdocs/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
# this is pear compatible:
php_admin_value open_basedir "{homedir}:/usr/share/php:/usr/share/pear"
php_admin_value upload_tmp_dir "{homedir}/phptmpdir"
php_admin_value session.save_path "{homedir}/phptmpdir"
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
AccessFileName .htaccess
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
{customhttp}
{root_password_protected_dirs}

9
ehcp/etc/apache2/apachetemplate_passivedomains
View file

@ -12,8 +12,13 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
php_admin_value open_basedir "{homedir}"
php_admin_value upload_tmp_dir "{homedir}/phptmpdir"
php_admin_value session.save_path "{homedir}/phptmpdir"
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
</VirtualHost>

6
ehcp/etc/apache2/default
View file

@ -34,9 +34,9 @@
ErrorLog /var/log/apache2/default.error.log
CustomLog /var/log/apache2/default.access.log vhost_combined
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001/var/www/new/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/etc/phpmyadmin:/var/lib/phpmyadmin:/var/lib/roundcube:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
php_admin_value open_basedir "/var/www:/tmp:/usr/share:/etc/roundcube:/etc/phpmyadmin:/var/lib/phpmyadmin:/var/lib/roundcube:/var/log/roundcube"
php_admin_value upload_tmp_dir "/tmp"
php_admin_value session.save_path "/var/www/php_sessions"
</VirtualHost>

10
ehcp/etc/apache2/redirect
View file

@ -1,8 +1,8 @@
# this file used in Easy Hosting Control Panel (ehcp), www.ehcp.net
<VirtualHost *>
ServerName {domainname}
ServerAlias www.{domainname} *.{domainname}
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) {domainname_redirect}%{REQUEST_URI}
ServerName {domainname}
ServerAlias www.{domainname} *.{domainname}
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) {domainname_redirect}%{REQUEST_URI}
</VirtualHost>

24
ehcp/etc/apache2_ssl/fork/apache_subdomain_template
View file

@ -12,12 +12,13 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
php_admin_value open_basedir "{homedir}"
php_admin_value upload_tmp_dir "{homedir}/phptmpdir"
php_admin_value session.save_path "{homedir}/phptmpdir"
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
<FilesMatch "access_log|error_log">
Deny from All
</FilesMatch>
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
{customsubdomainhttp}
@ -41,14 +42,15 @@
SSLCertificateKeyFile {ssl_cert_key_path}
{ssl_cert_chain_setting_with_path}
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
<FilesMatch "access_log|error_log">
Deny from All
</FilesMatch>
php_admin_value open_basedir "{homedir}"
php_admin_value upload_tmp_dir "{homedir}/phptmpdir"
php_admin_value session.save_path "{homedir}/phptmpdir"
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
{customsubdomainhttp}
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
</VirtualHost>

54
ehcp/etc/apache2_ssl/fork/apachetemplate
View file

@ -16,8 +16,9 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/webmail/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail:/tmp:/var/www/php_sessions:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
php_admin_value open_basedir "{ehcpdir}/webmail:/tmp:/var/www/php_sessions:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube"
php_admin_value upload_tmp_dir "/tmp"
php_admin_value session.save_path "/var/www/php_sessions"
</VirtualHost>
@ -34,8 +35,9 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/webmail2/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
php_admin_value open_basedir "{ehcpdir}/webmail2"
php_admin_value upload_tmp_dir "{ehcpdir}/webmail2/data"
php_admin_value session.save_path "{ehcpdir}/webmail2/data"
</VirtualHost>
@ -51,8 +53,7 @@
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/usr/share/php:/usr/share/pear"
php_admin_value open_basedir {ehcpdir}
<Files ~ "\.conf$">
Order allow,deny
@ -85,19 +86,24 @@
UseCanonicalName Off
DocumentRoot {homedir}/httpdocs
# this combined log format is understandable by webalizer... some other formats are not recognised by webalizer.. thats why, specified here explicitly..
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%v:%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/httpdocs/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
php_admin_value open_basedir "{homedir}"
php_admin_value upload_tmp_dir "{homedir}/phptmpdir"
php_admin_value session.save_path "{homedir}/phptmpdir"
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
AccessFileName .htaccess
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
{customhttp}
{root_password_protected_dirs}
{password_protected_dirs}
@ -121,8 +127,9 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/webmail/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail:/tmp:/var/www/php_sessions:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
php_admin_value open_basedir "{ehcpdir}/webmail:/tmp:/var/www/php_sessions:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube"
php_admin_value upload_tmp_dir "/tmp"
php_admin_value session.save_path "/var/www/php_sessions"
SSLEngine on
SSLCertificateFile {ssl_cert_path}
@ -144,8 +151,9 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/webmail2/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
php_admin_value open_basedir "{ehcpdir}/webmail2"
php_admin_value upload_tmp_dir "{ehcpdir}/webmail2/data"
php_admin_value session.save_path "{ehcpdir}/webmail2/data"
SSLEngine on
SSLCertificateFile {ssl_cert_path}
@ -166,8 +174,7 @@
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/usr/share/php:/usr/share/pear"
php_admin_value open_basedir {ehcpdir}
<Files ~ "\.conf$">
Order allow,deny
@ -205,16 +212,18 @@
UseCanonicalName Off
DocumentRoot {homedir}/httpdocs
DirectoryIndex index.htm index.html index.php
# this combined log format is understandable by webalizer... some other formats are not recognised by webalizer.. thats why, specified here explicitly..
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%v:%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/httpdocs/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
php_admin_value open_basedir "{homedir}"
php_admin_value upload_tmp_dir "{homedir}/phptmpdir"
php_admin_value session.save_path "{homedir}/phptmpdir"
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
AccessFileName .htaccess
SSLEngine on
@ -222,6 +231,9 @@
SSLCertificateKeyFile {ssl_cert_key_path}
{ssl_cert_chain_setting_with_path}
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
{customhttp}
{root_password_protected_dirs}
{password_protected_dirs}

21
ehcp/etc/apache2_ssl/fork/apachetemplate_ehcp_panel
View file

@ -2,7 +2,7 @@
<VirtualHost *:80>
ServerName {domainname}
ServerAlias {domainname_alias}
RewriteEngine On
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
@ -17,8 +17,7 @@
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
php_admin_value open_basedir {ehcpdir}
<Files ~ "\.conf$">
Order allow,deny
@ -39,22 +38,6 @@
Order allow,deny
Deny from all
</Files>
<Location "/extplorer">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/var/www:/usr/share/php:/usr/share/pear; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail2">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
</Location>
<Location "/phpmyadmin">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
SSLEngine on
SSLCertificateFile {ssl_cert_path}

54
ehcp/etc/apache2_ssl/fork/apachetemplate_ipbased
View file

@ -16,8 +16,9 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/webmail/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail:/tmp:/var/www/php_sessions:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
php_admin_value open_basedir "{ehcpdir}/webmail:/tmp:/var/www/php_sessions:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube"
php_admin_value upload_tmp_dir "/tmp"
php_admin_value session.save_path "/var/www/php_sessions"
</VirtualHost>
@ -34,8 +35,9 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/webmail2/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
php_admin_value open_basedir "{ehcpdir}/webmail2"
php_admin_value upload_tmp_dir "{ehcpdir}/webmail2/data"
php_admin_value session.save_path "{ehcpdir}/webmail2/data"
</VirtualHost>
@ -51,8 +53,7 @@
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/usr/share/php:/usr/share/pear"
php_admin_value open_basedir {ehcpdir}
<Files ~ "\.conf$">
Order allow,deny
@ -86,18 +87,23 @@
UseCanonicalName Off
DocumentRoot {homedir}/httpdocs
DirectoryIndex index.htm index.html index.php
# this combined log format is understandable by webalizer... some other formats are not recognised by webalizer.. thats why, specified here explicitly..
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%v:%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/httpdocs/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
php_admin_value open_basedir "{homedir}"
php_admin_value upload_tmp_dir "{homedir}/phptmpdir"
php_admin_value session.save_path "{homedir}/phptmpdir"
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
AccessFileName .htaccess
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
{customhttp}
{root_password_protected_dirs}
@ -122,8 +128,9 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/webmail/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail:/tmp:/var/www/php_sessions:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
php_admin_value open_basedir "{ehcpdir}/webmail:/tmp:/var/www/php_sessions:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube"
php_admin_value upload_tmp_dir "/tmp"
php_admin_value session.save_path "/var/www/php_sessions"
SSLEngine on
SSLCertificateFile {ssl_cert_path}
@ -145,8 +152,9 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/webmail2/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
php_admin_value open_basedir "{ehcpdir}/webmail2"
php_admin_value upload_tmp_dir "{ehcpdir}/webmail2/data"
php_admin_value session.save_path "{ehcpdir}/webmail2/data"
SSLEngine on
SSLCertificateFile {ssl_cert_path}
@ -167,8 +175,7 @@
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/usr/share/php:/usr/share/pear"
php_admin_value open_basedir {ehcpdir}
<Files ~ "\.conf$">
Order allow,deny
@ -207,23 +214,28 @@
UseCanonicalName Off
DocumentRoot {homedir}/httpdocs
DirectoryIndex index.htm index.html index.php
# this combined log format is understandable by webalizer... some other formats are not recognised by webalizer.. thats why, specified here explicitly..
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%v:%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/httpdocs/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
php_admin_value open_basedir "{homedir}"
php_admin_value upload_tmp_dir "{homedir}/phptmpdir"
php_admin_value session.save_path "{homedir}/phptmpdir"
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
AccessFileName .htaccess
SSLEngine on
SSLCertificateFile {ssl_cert_path}
SSLCertificateKeyFile {ssl_cert_key_path}
{ssl_cert_chain_setting_with_path}
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
{customhttp}
{root_password_protected_dirs}
{password_protected_dirs}

18
ehcp/etc/apache2_ssl/fork/apachetemplate_passivedomains
View file

@ -12,9 +12,13 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
php_admin_value open_basedir "{homedir}"
php_admin_value upload_tmp_dir "{homedir}/phptmpdir"
php_admin_value session.save_path "{homedir}/phptmpdir"
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
</VirtualHost>
<VirtualHost *:443>
@ -27,13 +31,17 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
php_admin_value open_basedir "{homedir}"
php_admin_value upload_tmp_dir "{homedir}/phptmpdir"
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
SSLEngine on
SSLCertificateFile {ssl_cert_path}
SSLCertificateKeyFile {ssl_cert_key_path}
{ssl_cert_chain_setting_with_path}
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
</VirtualHost>

10
ehcp/etc/apache2_ssl/fork/default
View file

@ -32,8 +32,9 @@
ErrorLog /var/log/apache2/default.error.log
CustomLog /var/log/apache2/default.access.log vhost_combined
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001/var/www/new/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/etc/phpmyadmin:/var/lib/phpmyadmin:/var/lib/roundcube:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
php_admin_value open_basedir "/var/www:/tmp:/usr/share:/etc/roundcube:/etc/phpmyadmin:/var/lib/phpmyadmin:/var/lib/roundcube:/var/log/roundcube"
php_admin_value upload_tmp_dir "/tmp"
php_admin_value session.save_path "/var/www/php_sessions"
</VirtualHost>
@ -87,7 +88,8 @@
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001/var/www/new/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/etc/phpmyadmin:/var/lib/phpmyadmin:/var/lib/roundcube:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
php_admin_value open_basedir "/var/www:/tmp:/usr/share:/etc/roundcube:/etc/phpmyadmin:/var/lib/phpmyadmin:/var/lib/roundcube:/var/log/roundcube"
php_admin_value upload_tmp_dir "/tmp"
php_admin_value session.save_path "/var/www/php_sessions"
</VirtualHost>

26
ehcp/etc/apache2_ssl/fork/redirect
View file

@ -1,21 +1,21 @@
# this file used in Easy Hosting Control Panel (ehcp), www.ehcp.net
<VirtualHost *:80>
ServerName {domainname}
ServerAlias www.{domainname} *.{domainname}
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) {domainname_redirect}%{REQUEST_URI}
ServerName {domainname}
ServerAlias www.{domainname} *.{domainname}
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) {domainname_redirect}%{REQUEST_URI}
</VirtualHost>
# FOR SSL CONFIG
<VirtualHost *:443>
ServerName {domainname}
ServerAlias www.{domainname} *.{domainname}
SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) {domainname_redirect}%{REQUEST_URI}
ServerName {domainname}
ServerAlias www.{domainname} *.{domainname}
SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) {domainname_redirect}%{REQUEST_URI}
</VirtualHost>

13
ehcp/etc/apache2_sslonly/fork/apache_subdomain_template
View file

@ -12,17 +12,18 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
php_admin_value open_basedir "{homedir}:/usr/share/php:/usr/share/pear"
php_admin_value upload_tmp_dir "{homedir}/phptmpdir"
php_admin_value session.save_path "{homedir}/phptmpdir"
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
SSLEngine on
SSLCertificateFile {ssl_cert_path}
SSLCertificateKeyFile {ssl_cert_key_path}
{ssl_cert_chain_setting_with_path}
<FilesMatch "access_log|error_log">
Deny from All
</FilesMatch>
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
{customsubdomainhttp}

26
ehcp/etc/apache2_sslonly/fork/apachetemplate
View file

@ -16,8 +16,9 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/webmail/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail:/tmp:/var/www/php_sessions:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
php_admin_value open_basedir "{ehcpdir}/webmail:/tmp:/var/www/php_sessions:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube"
php_admin_value upload_tmp_dir "/tmp"
php_admin_value session.save_path "/var/www/php_sessions"
SSLEngine on
SSLCertificateFile {ssl_cert_path}
@ -39,8 +40,9 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/webmail2/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
php_admin_value open_basedir "{ehcpdir}/webmail2"
php_admin_value upload_tmp_dir "{ehcpdir}/webmail2/data"
php_admin_value session.save_path "{ehcpdir}/webmail2/data"
SSLEngine on
SSLCertificateFile {ssl_cert_path}
@ -61,8 +63,7 @@
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/usr/share/php:/usr/share/pear"
php_admin_value open_basedir {ehcpdir}
<Files ~ "\.conf$">
Order allow,deny
@ -99,16 +100,18 @@
UseCanonicalName Off
DocumentRoot {homedir}/httpdocs
DirectoryIndex index.htm index.html index.php
# this combined log format is understandable by webalizer... some other formats are not recognised by webalizer.. thats why, specified here explicitly..
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%v:%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/httpdocs/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
php_admin_value open_basedir "{homedir}:/usr/share/php:/usr/share/pear"
php_admin_value upload_tmp_dir "{homedir}/phptmpdir"
php_admin_value session.save_path "{homedir}/phptmpdir"
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
AccessFileName .htaccess
SSLEngine on
@ -116,6 +119,9 @@
SSLCertificateKeyFile {ssl_cert_key_path}
{ssl_cert_chain_setting_with_path}
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
{customhttp}
{root_password_protected_dirs}
{password_protected_dirs}

19
ehcp/etc/apache2_sslonly/fork/apachetemplate_ehcp_panel
View file

@ -9,8 +9,7 @@
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
php_admin_value open_basedir {ehcpdir}
<Files ~ "\.conf$">
Order allow,deny
@ -31,22 +30,6 @@
Order allow,deny
Deny from all
</Files>
<Location "/extplorer">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/var/www:/usr/share/php:/usr/share/pear; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
<Location "/webmail2">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
</Location>
<Location "/phpmyadmin">
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
</Location>
SSLEngine on
SSLCertificateFile {ssl_cert_path}

26
ehcp/etc/apache2_sslonly/fork/apachetemplate_ipbased
View file

@ -16,8 +16,9 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/webmail/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail:/tmp:/var/www/php_sessions:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
php_admin_value open_basedir "{ehcpdir}/webmail:/tmp:/var/www/php_sessions:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube"
php_admin_value upload_tmp_dir "/tmp"
php_admin_value session.save_path "/var/www/php_sessions"
SSLEngine on
SSLCertificateFile {ssl_cert_path}
@ -39,8 +40,9 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/webmail2/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2; \n upload_tmp_dir={ehcpdir}/webmail2/data; \n session.save_path={ehcpdir}/webmail2/data;"
php_admin_value open_basedir "{ehcpdir}/webmail2"
php_admin_value upload_tmp_dir "{ehcpdir}/webmail2/data"
php_admin_value session.save_path "{ehcpdir}/webmail2/data"
SSLEngine on
SSLCertificateFile {ssl_cert_path}
@ -61,8 +63,7 @@
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001{ehcpdir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/usr/share/php:/usr/share/pear"
php_admin_value open_basedir {ehcpdir}
<Files ~ "\.conf$">
Order allow,deny
@ -100,16 +101,18 @@
UseCanonicalName Off
DocumentRoot {homedir}/httpdocs
DirectoryIndex index.htm index.html index.php
# this combined log format is understandable by webalizer... some other formats are not recognised by webalizer.. thats why, specified here explicitly..
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%v:%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%v:%p %h %l %u %t \"%{Host}i\" \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined_host
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/httpdocs/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
php_admin_value open_basedir "{homedir}:/usr/share/php:/usr/share/pear"
php_admin_value upload_tmp_dir "{homedir}/phptmpdir"
php_admin_value session.save_path "{homedir}/phptmpdir"
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
AccessFileName .htaccess
SSLEngine on
@ -117,6 +120,9 @@
SSLCertificateKeyFile {ssl_cert_key_path}
{ssl_cert_chain_setting_with_path}
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
{customhttp}
{root_password_protected_dirs}
{password_protected_dirs}

9
ehcp/etc/apache2_sslonly/fork/apachetemplate_passivedomains
View file

@ -13,14 +13,19 @@
CustomLog {homedir}/logs/access_log combined
CustomLog /var/log/apache2/access_log_multi.log vhost_combined_host
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9000{homedir}/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear; \n upload_tmp_dir={homedir}/phptmpdir; \n session.save_path={homedir}/phptmpdir;"
php_admin_value open_basedir "{homedir}"
php_admin_value upload_tmp_dir "{homedir}/phptmpdir"
php_admin_value session.save_path "{homedir}/phptmpdir"
php_admin_value disable_functions "exec,passthru,shell_exec,system,proc_open,popen"
SSLEngine on
SSLCertificateFile {ssl_cert_path}
SSLCertificateKeyFile {ssl_cert_key_path}
{ssl_cert_chain_setting_with_path}
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
</VirtualHost>
#____________end of {domainname}__paneluser:{panelusername}_reseller:{reseller}_id:{id}____________

9
ehcp/etc/apache2_sslonly/fork/default
View file

@ -6,6 +6,10 @@
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
php_admin_value open_basedir "/var/www:/tmp:/usr/share:/etc/roundcube:/etc/phpmyadmin:/var/lib/phpmyadmin:/var/lib/roundcube:/var/log/roundcube"
php_admin_value upload_tmp_dir "/tmp"
php_admin_value session.save_path "/var/www/php_sessions"
</VirtualHost>
# this file used in Easy Hosting Control Panel (ehcp), www.ehcp.net
@ -58,7 +62,8 @@
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
ProxyPassMatch ^(.*\.php)$ fcgi://127.0.0.1:9001/var/www/new/$1
ProxyFCGISetEnvIf "true" PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/etc/phpmyadmin:/var/lib/phpmyadmin:/var/lib/roundcube:/var/log/roundcube; \n upload_tmp_dir=/tmp; \n session.save_path=/var/www/php_sessions;"
php_admin_value open_basedir "/var/www:/tmp:/usr/share:/etc/roundcube:/etc/phpmyadmin:/var/lib/phpmyadmin:/var/lib/roundcube:/var/log/roundcube"
php_admin_value upload_tmp_dir "/tmp"
php_admin_value session.save_path "/var/www/php_sessions"
</VirtualHost>

16
ehcp/etc/apache2_sslonly/fork/redirect
View file

@ -1,12 +1,12 @@
# this file used in Easy Hosting Control Panel (ehcp), www.ehcp.net
<VirtualHost *:443>
ServerName {domainname}
ServerAlias www.{domainname} *.{domainname}
SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) {domainname_redirect}%{REQUEST_URI}
ServerName {domainname}
ServerAlias www.{domainname} *.{domainname}
SSLEngine on
SSLCertificateFile /etc/ssl/certs/server.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
RewriteEngine On
RewriteCond %{HTTPS} on
RewriteRule (.*) {domainname_redirect}%{REQUEST_URI}
</VirtualHost>

1
ehcp/etc/generic_nginx_templates/password_protected_directory.conf
View file

@ -1,6 +1,5 @@
location ^~ /{protected_directory_path}/ {
root {homedir}/httpdocs;
try_files $uri $uri/ /{protected_directory_path}/index.php?$args;
auth_basic "Restricted Area";
auth_basic_user_file {protected_directory_credentials_file};
location ~ ^/{protected_directory_path}/(.+\.php)$ {

2
ehcp/etc/logrotate.d/ehcp
View file

@ -1,4 +1,4 @@
/var/log/ehcp.log /var/log/php_errors.log /var/log/apache_common_access_log {
/var/www/vhosts/bvidinli/deneme.com/logs/access_log /var/www/vhosts/bvidinli/deneme.com/logs/error_log /var/www/vhosts/bvidinli/ffff.com/logs/access_log /var/www/vhosts/bvidinli/ffff.com/logs/error_log /var/www/vhosts/bvidinli/ppppp.com/logs/access_log /var/www/vhosts/bvidinli/ppppp.com/logs/error_log /var/www/vhosts/bvidinli/ff/logs/access_log /var/www/vhosts/bvidinli/ff/logs/error_log /var/log/ehcp.log /var/log/apache_common_access_log {
daily
missingok
compress

29
ehcp/etc/nginx/apache_subdomain_template.nginx
View file

@ -12,29 +12,30 @@ server {
root {homedir};
index index.html index.htm index.php;
if ($bad_bot) { return 444; }
if ($bad_referer) { return 403; }
location / {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
try_files $uri $uri/ /index.php?$args;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
if (-f $document_root/error_page.html ) {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
}
}
location ~ \.php$ {
## Images and static content is treated different
location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|xml|swf)$ {
access_log off;
expires 30d;
root {homedir};
}
location ~ .php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME {homedir}$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear \n upload_tmp_dir={homedir}/phptmpdir \n session.save_path={homedir}/phptmpdir";
fastcgi_param PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear \n upload_tmp_dir={homedir}/phptmpdir \n session.save_path={homedir}/phptmpdir \n disable_functions=exec,passthru,shell_exec,system,proc_open,popen";
include fastcgi_params;
limit_req zone=one burst=5;
}
location /.well-known {
auth_basic off;
allow all; # Allow all to see content
}
location ~ (apache_subdomain_template|apachetemplate|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;

83
ehcp/etc/nginx/apachetemplate.nginx
View file

@ -13,38 +13,36 @@ server {
error_log {homedir}/logs/error_log;
index index.html index.htm index.php;
if ($bad_bot) { return 444; }
if ($bad_referer) { return 403; }
location / {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
if (-f $document_root/error_page.html ) {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
}
{root_password_protected_dirs}
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
root {homedir}/httpdocs;
include fastcgi_params;
root {homedir}/httpdocs;
include fastcgi_params;
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear \n upload_tmp_dir={homedir}/phptmpdir \n session.save_path={homedir}/phptmpdir";
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear \n upload_tmp_dir={homedir}/phptmpdir \n session.save_path={homedir}/phptmpdir \n disable_functions=exec,passthru,shell_exec,system,proc_open,popen";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
}
location /phpmyadmin/ {
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
@ -59,14 +57,18 @@ server {
}
}
location /webmail2/ {
location /phpMyAdmin {
rewrite ^/* /phpmyadmin last;
}
location /webmail2 {
root {ehcpdir}/;
index index.php index.html index.htm;
location ~ ^/webmail2/(.+\.php)$ {
try_files $uri =404;
root {ehcpdir}/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2 \n upload_tmp_dir={ehcpdir}/webmail2/data \n session.save_path={ehcpdir}/webmail2/data";
@ -78,15 +80,19 @@ server {
root {ehcpdir}/;
}
}
location /ehcp/ {
location /webmail {
rewrite ^/* /roundcube last;
}
location /ehcp {
root /var/www/new/;
index index.php index.html index.htm;
location ~ ^/ehcp/(.+\.php)$ {
try_files $uri =404;
root /var/www/new/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}/:/var/www/php_sessions:/tmp \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
@ -97,7 +103,7 @@ server {
location ~* ^/ehcp/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /var/www/new/;
}
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
@ -115,56 +121,25 @@ server {
}
}
location /roundcube/ {
location /roundcube {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/roundcube/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
}
location ~* ^/roundcube/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
location /.well-known {
auth_basic off;
allow all; # Allow all to see content
}
# Alias Section
location = /ehcp {
return 301 /ehcp/;
}
location = /webmail2 {
return 301 /webmail2/;
}
location = /webmail {
return 301 /roundcube/;
}
location = /roundcube {
return 301 /roundcube/;
}
location = /phpMyAdmin {
return 301 /phpmyadmin/;
}
location = /phpmyadmin {
return 301 /phpmyadmin/;
}
# any files that should be avoided, may be put here:
location ~ (apache_subdomain_template|apachetemplate|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {

164
ehcp/etc/nginx/apachetemplate_ehcp_panel.nginx
View file

@ -1,75 +1,79 @@
# START OF CUSTOM GLOBAL PANEL URLS Template
server {
listen 80;
server_name {domainname};
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root {ehcpdir};
index index.php;
listen 80;
server_name {domainname};
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root {ehcpdir};
index index.php;
location / {
location ~ ^/(.+\.conf)$ {
return 403;
}
location ~ ^/(.+\.txt)$ {
return 403;
}
location ~ ^/(.+\.log)$ {
return 403;
}
location ~ ^/(.+\.sh)$ {
return 403;
}
}
location ~ \.php$ {
root {ehcpdir};
include fastcgi_params;
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
}
location /phpmyadmin/ {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
location ~ \.php$ {
root {ehcpdir};
include fastcgi_params;
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location / {
location ~ ^/(.+\.conf)$ {
return 403;
}
location ~ ^/(.+\.txt)$ {
return 403;
}
location ~ ^/(.+\.log)$ {
return 403;
}
location ~ ^/(.+\.sh)$ {
return 403;
}
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
location /phpMyAdmin {
rewrite ^/* /phpmyadmin last;
}
location /webmail2/ {
location /webmail2 {
root {ehcpdir}/;
index index.php index.html index.htm;
location ~ ^/webmail2/(.+\.php)$ {
try_files $uri =404;
root {ehcpdir}/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2 \n upload_tmp_dir={ehcpdir}/webmail2/data \n session.save_path={ehcpdir}/webmail2/data";
@ -81,15 +85,19 @@ server {
root {ehcpdir}/;
}
}
location /webmail {
rewrite ^/* /roundcube last;
}
location /roundcube/ {
location /roundcube {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/roundcube/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
@ -101,46 +109,6 @@ server {
root /usr/share/;
}
}
location /extplorer/ {
root {ehcpdir}/;
index index.php index.html index.htm;
location ~ ^/extplorer/(.+\.php)$ {
try_files $uri =404;
root {ehcpdir}/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
}
}
location /webmail2 {
return 301 /webmail2/;
}
location /webmail {
return 301 /roundcube/;
}
location /roundcube {
return 301 /roundcube/;
}
location /phpMyAdmin {
return 301 /phpmyadmin/;
}
location = /phpmyadmin {
return 301 /phpmyadmin/;
}
location = /extplorer {
return 301 /extplorer/;
}
}
# END OF CUSTOM GLOBAL PANEL URLS Template

142
ehcp/etc/nginx/default.nginx
View file

@ -2,85 +2,85 @@
# nginx default server config file
server {
listen 80 default;
server_name _;
listen 80 default;
server_name _;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root /var/www/new;
index index.html index.htm index.php;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root /var/www/new;
index index.html index.htm index.php;
# Set this to off if you're hosting more than one site
server_name_in_redirect off;
# Set this to off if you're hosting more than one site
server_name_in_redirect off;
# SEO friendly URLs for Wordpress
#
#location /wordpress/ {
# if (!-e $request_filename) {
# rewrite ^(.*)$ /wordpress/index.php?q=$1 last;
# }
#}
# SEO friendly URLs for Wordpress
#
#location /wordpress/ {
# if (!-e $request_filename) {
# rewrite ^(.*)$ /wordpress/index.php?q=$1 last;
# }
#}
#error_page 404 /404.html;
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/new$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include fastcgi_params;
limit_req zone=one burst=5;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/new$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include fastcgi_params;
limit_req zone=one burst=5;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location /ehcp {
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location /ehcp {
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
location ~ ^/ehcp/(.+\.log)$ {
return 403;
}
location ~ ^/ehcp/(.+\.sh)$ {
return 403;
}
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
location ~ ^/ehcp/(.+\.log)$ {
return 403;
}
location ~ ^/ehcp/(.+\.sh)$ {
return 403;
}
}
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
location /phpmyadmin {
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
}

2
ehcp/etc/nginx/mime.types
View file

@ -23,7 +23,6 @@ types {
image/x-ms-bmp bmp;
image/svg+xml svg svgz;
application/csv csv;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
@ -68,7 +67,6 @@ types {
application/octet-stream iso img;
application/octet-stream msi msp msm;
application/ogg ogx;
application/so so;
audio/midi mid midi kar;
audio/mpeg mpga mpega mp2 mp3 m4a;

63
ehcp/etc/nginx/nginx.conf
View file

@ -4,57 +4,48 @@
user {wwwuser} {wwwgroup};
worker_processes 4;
error_log /var/log/nginx/default.error.log;
error_log /var/log/nginx/default.error.log;
pid /var/run/nginx.pid;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
worker_connections 1024;
}
http {
server_names_hash_bucket_size 4096;
variables_hash_max_size 4096;
variables_hash_bucket_size 4096;
types_hash_max_size 4096;
limit_req_zone $binary_remote_addr zone=one:20m rate=10r/s;
include /etc/nginx/mime.types;
#default_type application/octet-stream;
default_type text/html;
log_format combined_host '$remote_addr - $remote_user [$time_local] '
include /etc/nginx/mime.types;
#default_type application/octet-stream;
default_type text/html;
log_format combined_host '$remote_addr - $remote_user [$time_local] '
'"$host" "$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
access_log /var/log/nginx/default.access.log;
access_log /var/log/nginx/default.access.log;
sendfile on;
#tcp_nopush on;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 3;
tcp_nodelay on;
#keepalive_timeout 0;
keepalive_timeout 3;
tcp_nodelay on;
gzip on;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
gzip on;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
# Nginx default value was 1 MB and therefore all uploads exceeding 1 MB was
# getting "413 Request Entity Too Large" error.Script default is 64 MB.
# Remember to change the settings for upload size in php.ini as well.
client_max_body_size 1024m;
# Nginx default value was 1 MB and therefore all uploads exceeding 1 MB was
# getting "413 Request Entity Too Large" error.Script default is 64 MB.
# Remember to change the settings for upload size in php.ini as well.
client_max_body_size 64m;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
include /var/www/new/ehcp/apachehcp.conf;
include /var/www/new/ehcp/apachehcp_subdomains.conf;
include /var/www/new/ehcp/apachehcp_globalpanelurls.conf;
##########################
# Nginx Bad Bot Blocker #
##########################
include nginx-badbot-blocker/blacklist.conf;
include nginx-badbot-blocker/blockips.conf;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
include /var/www/new/ehcp/apachehcp.conf;
include /var/www/new/ehcp/apachehcp_subdomains.conf;
include /var/www/new/ehcp/apachehcp_globalpanelurls.conf;
}

29
ehcp/etc/nginx_nonssl/apache_subdomain_template.nginx
View file

@ -12,29 +12,30 @@ server {
root {homedir};
index index.html index.htm index.php;
if ($bad_bot) { return 444; }
if ($bad_referer) { return 403; }
location / {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
try_files $uri $uri/ /index.php?$args;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
if (-f $document_root/error_page.html ) {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
}
}
location ~ \.php$ {
## Images and static content is treated different
location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|xml|swf)$ {
access_log off;
expires 30d;
root {homedir};
}
location ~ .php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME {homedir}$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear \n upload_tmp_dir={homedir}/phptmpdir \n session.save_path={homedir}/phptmpdir";
fastcgi_param PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear \n upload_tmp_dir={homedir}/phptmpdir \n session.save_path={homedir}/phptmpdir \n disable_functions=exec,passthru,shell_exec,system,proc_open,popen";
include fastcgi_params;
limit_req zone=one burst=5;
}
location /.well-known {
auth_basic off;
allow all; # Allow all to see content
}
location ~ (apache_subdomain_template|apachetemplate|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;

75
ehcp/etc/nginx_nonssl/apachetemplate.nginx
View file

@ -13,18 +13,16 @@ server {
error_log {homedir}/logs/error_log;
index index.html index.htm index.php;
if ($bad_bot) { return 444; }
if ($bad_referer) { return 403; }
location / {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
if (-f $document_root/error_page.html ) {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
}
{root_password_protected_dirs}
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
root {homedir}/httpdocs;
include fastcgi_params;
@ -32,18 +30,18 @@ server {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear \n upload_tmp_dir={homedir}/phptmpdir \n session.save_path={homedir}/phptmpdir";
fastcgi_param PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear \n upload_tmp_dir={homedir}/phptmpdir \n session.save_path={homedir}/phptmpdir \n disable_functions=exec,passthru,shell_exec,system,proc_open,popen";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
}
location /phpmyadmin/ {
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
@ -57,13 +55,17 @@ server {
}
}
location /webmail2/ {
location /phpMyAdmin {
rewrite ^/* /phpmyadmin last;
}
location /webmail2 {
root {ehcpdir}/;
index index.php index.html index.htm;
location ~ ^/webmail2/(.+\.php)$ {
try_files $uri =404;
root {ehcpdir}/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2 \n upload_tmp_dir={ehcpdir}/webmail2/data \n session.save_path={ehcpdir}/webmail2/data";
@ -76,13 +78,17 @@ server {
}
}
location /ehcp/ {
location /webmail {
rewrite ^/* /roundcube last;
}
location /ehcp {
root /var/www/new/;
index index.php index.html index.htm;
location ~ ^/ehcp/(.+\.php)$ {
try_files $uri =404;
root /var/www/new/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}/:/var/www/php_sessions:/tmp \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
@ -93,11 +99,11 @@ server {
location ~* ^/ehcp/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /var/www/new/;
}
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
@ -111,13 +117,13 @@ server {
}
}
location /roundcube/ {
location /roundcube {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/roundcube/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
@ -128,37 +134,6 @@ server {
root /usr/share/;
}
}
location /.well-known {
auth_basic off;
allow all; # Allow all to see content
}
# Alias Section
location = /ehcp {
return 301 /ehcp/;
}
location = /webmail2 {
return 301 /webmail2/;
}
location = /webmail {
return 301 /roundcube/;
}
location = /roundcube {
return 301 /roundcube/;
}
location = /phpMyAdmin {
return 301 /phpmyadmin/;
}
location = /phpmyadmin {
return 301 /phpmyadmin/;
}
# any files that should be avoided, may be put here:
location ~ (apache_subdomain_template|apachetemplate|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {

168
ehcp/etc/nginx_nonssl/apachetemplate_ehcp_panel.nginx
View file

@ -1,75 +1,79 @@
# START OF CUSTOM GLOBAL PANEL URLS Template
server {
listen 80;
server_name {domainname};
listen 80;
server_name {domainname};
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root {ehcpdir};
index index.php;
root {ehcpdir};
index index.php;
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location / {
location ~ ^/(.+\.conf)$ {
return 403;
}
location ~ ^/(.+\.txt)$ {
return 403;
}
location ~ ^/(.+\.log)$ {
return 403;
}
location ~ ^/(.+\.sh)$ {
return 403;
}
}
location ~ \.php$ {
root {ehcpdir};
include fastcgi_params;
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
}
location /phpmyadmin/ {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
location ~ \.php$ {
root {ehcpdir};
include fastcgi_params;
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location / {
location ~ ^/(.+\.conf)$ {
return 403;
}
location ~ ^/(.+\.txt)$ {
return 403;
}
location ~ ^/(.+\.log)$ {
return 403;
}
location ~ ^/(.+\.sh)$ {
return 403;
}
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
location /phpMyAdmin {
rewrite ^/* /phpmyadmin last;
}
location /webmail2/ {
location /webmail2 {
root {ehcpdir}/;
index index.php index.html index.htm;
location ~ ^/webmail2/(.+\.php)$ {
try_files $uri =404;
root {ehcpdir}/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2 \n upload_tmp_dir={ehcpdir}/webmail2/data \n session.save_path={ehcpdir}/webmail2/data";
@ -81,15 +85,19 @@ server {
root {ehcpdir}/;
}
}
location /webmail {
rewrite ^/* /roundcube last;
}
location /roundcube/ {
location /roundcube {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/roundcube/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
@ -101,48 +109,6 @@ server {
root /usr/share/;
}
}
location /extplorer/ {
root {ehcpdir}/;
index index.php index.html index.htm;
location ~ ^/extplorer/(.+\.php)$ {
try_files $uri =404;
root {ehcpdir}/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
}
}
# Alias
location = /webmail2 {
return 301 /webmail2/;
}
location = /webmail {
return 301 /roundcube/;
}
location = /roundcube {
return 301 /roundcube/;
}
location = /phpMyAdmin {
return 301 /phpmyadmin/;
}
location = /phpmyadmin {
return 301 /phpmyadmin/;
}
location = /extplorer {
return 301 /extplorer/;
}
}
# END OF CUSTOM GLOBAL PANEL URLS Template

142
ehcp/etc/nginx_nonssl/default.nginx
View file

@ -2,85 +2,85 @@
# nginx default server config file
server {
listen 80 default;
server_name _;
listen 80 default;
server_name _;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root /var/www/new;
index index.html index.htm index.php;
root /var/www/new;
index index.html index.htm index.php;
# Set this to off if you're hosting more than one site
server_name_in_redirect off;
# Set this to off if you're hosting more than one site
server_name_in_redirect off;
# SEO friendly URLs for Wordpress
#
#location /wordpress/ {
# if (!-e $request_filename) {
# rewrite ^(.*)$ /wordpress/index.php?q=$1 last;
# }
#}
# SEO friendly URLs for Wordpress
#
#location /wordpress/ {
# if (!-e $request_filename) {
# rewrite ^(.*)$ /wordpress/index.php?q=$1 last;
# }
#}
#error_page 404 /404.html;
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/new$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include fastcgi_params;
limit_req zone=one burst=5;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/new$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include fastcgi_params;
limit_req zone=one burst=5;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location /ehcp {
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location /ehcp {
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
location ~ ^/ehcp/(.+\.log)$ {
return 403;
}
location ~ ^/ehcp/(.+\.sh)$ {
return 403;
}
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
location ~ ^/ehcp/(.+\.log)$ {
return 403;
}
location ~ ^/ehcp/(.+\.sh)$ {
return 403;
}
}
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
location /phpmyadmin {
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
}

2
ehcp/etc/nginx_nonssl/mime.types
View file

@ -23,7 +23,6 @@ types {
image/x-ms-bmp bmp;
image/svg+xml svg svgz;
application/csv csv;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
@ -68,7 +67,6 @@ types {
application/octet-stream iso img;
application/octet-stream msi msp msm;
application/ogg ogx;
application/so so;
audio/midi mid midi kar;
audio/mpeg mpga mpega mp2 mp3 m4a;

63
ehcp/etc/nginx_nonssl/nginx.conf
View file

@ -4,57 +4,48 @@
user {wwwuser} {wwwgroup};
worker_processes 4;
error_log /var/log/nginx/default.error.log;
error_log /var/log/nginx/default.error.log;
pid /var/run/nginx.pid;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
worker_connections 1024;
}
http {
server_names_hash_bucket_size 4096;
variables_hash_max_size 4096;
variables_hash_bucket_size 4096;
types_hash_max_size 4096;
limit_req_zone $binary_remote_addr zone=one:20m rate=10r/s;
include /etc/nginx/mime.types;
#default_type application/octet-stream;
default_type text/html;
log_format combined_host '$remote_addr - $remote_user [$time_local] '
include /etc/nginx/mime.types;
#default_type application/octet-stream;
default_type text/html;
log_format combined_host '$remote_addr - $remote_user [$time_local] '
'"$host" "$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
access_log /var/log/nginx/default.access.log;
access_log /var/log/nginx/default.access.log;
sendfile on;
#tcp_nopush on;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 3;
tcp_nodelay on;
#keepalive_timeout 0;
keepalive_timeout 3;
tcp_nodelay on;
gzip on;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
gzip on;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
# Nginx default value was 1 MB and therefore all uploads exceeding 1 MB was
# getting "413 Request Entity Too Large" error.Script default is 64 MB.
# Remember to change the settings for upload size in php.ini as well.
client_max_body_size 1024m;
# Nginx default value was 1 MB and therefore all uploads exceeding 1 MB was
# getting "413 Request Entity Too Large" error.Script default is 64 MB.
# Remember to change the settings for upload size in php.ini as well.
client_max_body_size 64m;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
include /var/www/new/ehcp/apachehcp.conf;
include /var/www/new/ehcp/apachehcp_subdomains.conf;
include /var/www/new/ehcp/apachehcp_globalpanelurls.conf;
##########################
# Nginx Bad Bot Blocker #
##########################
include nginx-badbot-blocker/blacklist.conf;
include nginx-badbot-blocker/blockips.conf;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
include /var/www/new/ehcp/apachehcp.conf;
include /var/www/new/ehcp/apachehcp_subdomains.conf;
include /var/www/new/ehcp/apachehcp_globalpanelurls.conf;
}

58
ehcp/etc/nginx_ssl/apache_subdomain_template.nginx
View file

@ -12,29 +12,30 @@ server {
root {homedir};
index index.html index.htm index.php;
if ($bad_bot) { return 444; }
if ($bad_referer) { return 403; }
location / {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
try_files $uri $uri/ /index.php?$args;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
if (-f $document_root/error_page.html ) {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
}
}
location ~ \.php$ {
## Images and static content is treated different
location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|xml|swf)$ {
access_log off;
expires 30d;
root {homedir};
}
location ~ .php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME {homedir}$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear \n upload_tmp_dir={homedir}/phptmpdir \n session.save_path={homedir}/phptmpdir";
fastcgi_param PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear \n upload_tmp_dir={homedir}/phptmpdir \n session.save_path={homedir}/phptmpdir \n disable_functions=exec,passthru,shell_exec,system,proc_open,popen";
include fastcgi_params;
limit_req zone=one burst=5;
}
location /.well-known {
auth_basic off;
allow all; # Allow all to see content
}
location ~ (apache_subdomain_template|apachetemplate|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
@ -57,29 +58,30 @@ server {
root {homedir};
index index.html index.htm index.php;
if ($bad_bot) { return 444; }
if ($bad_referer) { return 403; }
location / {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
try_files $uri $uri/ /index.php?$args;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
if (-f $document_root/error_page.html ) {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
}
}
location ~ \.php$ {
## Images and static content is treated different
location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|xml|swf)$ {
access_log off;
expires 30d;
root {homedir};
}
location ~ .php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME {homedir}$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear \n upload_tmp_dir={homedir}/phptmpdir \n session.save_path={homedir}/phptmpdir";
fastcgi_param PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear \n upload_tmp_dir={homedir}/phptmpdir \n session.save_path={homedir}/phptmpdir \n disable_functions=exec,passthru,shell_exec,system,proc_open,popen";
include fastcgi_params;
limit_req zone=one burst=5;
}
location /.well-known {
auth_basic off;
allow all; # Allow all to see content
}
location ~ (apache_subdomain_template|apachetemplate|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;

152
ehcp/etc/nginx_ssl/apachetemplate.nginx
View file

@ -13,18 +13,16 @@ server {
error_log {homedir}/logs/error_log;
index index.html index.htm index.php;
if ($bad_bot) { return 444; }
if ($bad_referer) { return 403; }
location / {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
if (-f $document_root/error_page.html ) {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
}
{root_password_protected_dirs}
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
root {homedir}/httpdocs;
include fastcgi_params;
@ -32,19 +30,19 @@ server {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear \n upload_tmp_dir={homedir}/phptmpdir \n session.save_path={homedir}/phptmpdir";
fastcgi_param PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear \n upload_tmp_dir={homedir}/phptmpdir \n session.save_path={homedir}/phptmpdir \n disable_functions=exec,passthru,shell_exec,system,proc_open,popen";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
}
}
location /phpmyadmin/ {
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
@ -59,14 +57,18 @@ server {
}
}
location /webmail2/ {
location /phpMyAdmin {
rewrite ^/* /phpmyadmin last;
}
location /webmail2 {
root {ehcpdir}/;
index index.php index.html index.htm;
location ~ ^/webmail2/(.+\.php)$ {
try_files $uri =404;
root {ehcpdir}/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2 \n upload_tmp_dir={ehcpdir}/webmail2/data \n session.save_path={ehcpdir}/webmail2/data";
@ -79,14 +81,18 @@ server {
}
}
location /ehcp/ {
location /webmail {
rewrite ^/* /roundcube last;
}
location /ehcp {
root /var/www/new/;
index index.php index.html index.htm;
location ~ ^/ehcp/(.+\.php)$ {
try_files $uri =404;
root /var/www/new/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}/:/var/www/php_sessions:/tmp \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
@ -97,11 +103,11 @@ server {
location ~* ^/ehcp/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /var/www/new/;
}
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
@ -115,14 +121,14 @@ server {
}
}
location /roundcube/ {
location /roundcube {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/roundcube/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
@ -134,37 +140,6 @@ server {
root /usr/share/;
}
}
location /.well-known {
auth_basic off;
allow all; # Allow all to see content
}
# Alias Section
location = /ehcp {
return 301 /ehcp/;
}
location = /webmail2 {
return 301 /webmail2/;
}
location = /webmail {
return 301 /roundcube/;
}
location = /roundcube {
return 301 /roundcube/;
}
location = /phpMyAdmin {
return 301 /phpmyadmin/;
}
location = /phpmyadmin {
return 301 /phpmyadmin/;
}
# any files that should be avoided, may be put here:
location ~ (apache_subdomain_template|apachetemplate|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
@ -194,18 +169,16 @@ server {
error_log {homedir}/logs/error_log;
index index.html index.htm index.php;
if ($bad_bot) { return 444; }
if ($bad_referer) { return 403; }
location / {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
if (-f $document_root/error_page.html ) {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
}
{root_password_protected_dirs}
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
root {homedir}/httpdocs;
include fastcgi_params;
@ -213,19 +186,19 @@ server {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear \n upload_tmp_dir={homedir}/phptmpdir \n session.save_path={homedir}/phptmpdir";
fastcgi_param PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear \n upload_tmp_dir={homedir}/phptmpdir \n session.save_path={homedir}/phptmpdir \n disable_functions=exec,passthru,shell_exec,system,proc_open,popen";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
}
location /phpmyadmin/ {
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
@ -240,14 +213,18 @@ server {
}
}
location /webmail2/ {
location /phpMyAdmin {
rewrite ^/* /phpmyadmin last;
}
location /webmail2 {
root {ehcpdir}/;
index index.php index.html index.htm;
location ~ ^/webmail2/(.+\.php)$ {
try_files $uri =404;
root {ehcpdir}/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2 \n upload_tmp_dir={ehcpdir}/webmail2/data \n session.save_path={ehcpdir}/webmail2/data";
@ -260,14 +237,18 @@ server {
}
}
location /ehcp/ {
location /webmail {
rewrite ^/* /roundcube last;
}
location /ehcp {
root /var/www/new/;
index index.php index.html index.htm;
location ~ ^/ehcp/(.+\.php)$ {
try_files $uri =404;
root /var/www/new/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}/:/var/www/php_sessions:/tmp \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
@ -278,11 +259,11 @@ server {
location ~* ^/ehcp/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /var/www/new/;
}
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
@ -296,14 +277,14 @@ server {
}
}
location /roundcube/ {
location /roundcube {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/roundcube/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
@ -316,37 +297,6 @@ server {
}
}
location /.well-known {
auth_basic off;
allow all; # Allow all to see content
}
# Alias Section
location = /ehcp {
return 301 /ehcp/;
}
location = /webmail2 {
return 301 /webmail2/;
}
location = /webmail {
return 301 /roundcube/;
}
location = /roundcube {
return 301 /roundcube/;
}
location = /phpMyAdmin {
return 301 /phpmyadmin/;
}
location = /phpmyadmin {
return 301 /phpmyadmin/;
}
# any files that should be avoided, may be put here:
location ~ (apache_subdomain_template|apachetemplate|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;

174
ehcp/etc/nginx_ssl/apachetemplate_ehcp_panel.nginx
View file

@ -10,81 +10,85 @@ server {
# FOR SSL CONFIG
server {
listen 443 ssl;
server_name {domainname};
listen 443 ssl;
server_name {domainname};
ssl_certificate {ssl_cert_path};
ssl_certificate_key {ssl_cert_key_path};
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_certificate {ssl_cert_path};
ssl_certificate_key {ssl_cert_key_path};
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root {ehcpdir};
index index.php;
root {ehcpdir};
index index.php;
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location / {
location ~ ^/(.+\.conf)$ {
return 403;
}
location ~ ^/(.+\.txt)$ {
return 403;
}
location ~ ^/(.+\.log)$ {
return 403;
}
location ~ ^/(.+\.sh)$ {
return 403;
}
}
location ~ \.php$ {
root {ehcpdir};
include fastcgi_params;
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
}
location /phpmyadmin/ {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
location ~ \.php$ {
root {ehcpdir};
include fastcgi_params;
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location / {
location ~ ^/(.+\.conf)$ {
return 403;
}
location ~ ^/(.+\.txt)$ {
return 403;
}
location ~ ^/(.+\.log)$ {
return 403;
}
location ~ ^/(.+\.sh)$ {
return 403;
}
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
location /phpMyAdmin {
rewrite ^/* /phpmyadmin last;
}
location /webmail2/ {
location /webmail2 {
root {ehcpdir}/;
index index.php index.html index.htm;
location ~ ^/webmail2/(.+\.php)$ {
try_files $uri =404;
root {ehcpdir}/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2 \n upload_tmp_dir={ehcpdir}/webmail2/data \n session.save_path={ehcpdir}/webmail2/data";
@ -96,15 +100,19 @@ server {
root {ehcpdir}/;
}
}
location /webmail {
rewrite ^/* /roundcube last;
}
location /roundcube/ {
location /roundcube {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/roundcube/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
@ -116,48 +124,6 @@ server {
root /usr/share/;
}
}
location /extplorer/ {
root {ehcpdir}/;
index index.php index.html index.htm;
location ~ ^/extplorer/(.+\.php)$ {
try_files $uri =404;
root {ehcpdir}/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
}
}
# Alias
location = /webmail2 {
return 301 /webmail2/;
}
location = /webmail {
return 301 /roundcube/;
}
location = /roundcube {
return 301 /roundcube/;
}
location = /phpMyAdmin {
return 301 /phpmyadmin/;
}
location = /phpmyadmin {
return 301 /phpmyadmin/;
}
location = /extplorer {
return 301 /extplorer/;
}
}
### END OF CUSTOM GLOBAL PANEL URLS Template ###

293
ehcp/etc/nginx_ssl/default.nginx
View file

@ -2,179 +2,176 @@
# nginx default server config file
server {
listen 80 default;
server_name _;
listen 80 default;
server_name _;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root /var/www/new;
index index.html index.htm index.php;
root /var/www/new;
index index.html index.htm index.php;
# Set this to off if you're hosting more than one site
server_name_in_redirect off;
# Set this to off if you're hosting more than one site
server_name_in_redirect off;
# SEO friendly URLs for Wordpress
#
#location /wordpress/ {
# if (!-e $request_filename) {
# rewrite ^(.*)$ /wordpress/index.php?q=$1 last;
# }
#}
# SEO friendly URLs for Wordpress
#
#location /wordpress/ {
# if (!-e $request_filename) {
# rewrite ^(.*)$ /wordpress/index.php?q=$1 last;
# }
#}
#error_page 404 /404.html;
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/new$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include fastcgi_params;
limit_req zone=one burst=5;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/new$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include fastcgi_params;
limit_req zone=one burst=5;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location /ehcp {
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location /ehcp {
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
location ~ ^/ehcp/(.+\.log)$ {
return 403;
}
location ~ ^/ehcp/(.+\.sh)$ {
return 403;
}
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
location ~ ^/ehcp/(.+\.log)$ {
return 403;
}
location ~ ^/ehcp/(.+\.sh)$ {
return 403;
}
}
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
location /phpmyadmin {
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
}
# For SSL CONFIG
server {
listen 443 ssl;
server_name _;
listen 443 ssl;
server_name _;
ssl_certificate /etc/ssl/certs/server.crt;
ssl_certificate_key /etc/ssl/private/server.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_certificate /etc/ssl/certs/server.crt;
ssl_certificate_key /etc/ssl/private/server.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root /var/www/new;
index index.html index.htm index.php;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
# Set this to off if you're hosting more than one site
server_name_in_redirect off;
root /var/www/new;
index index.html index.htm index.php;
# SEO friendly URLs for Wordpress
#
#location /wordpress/ {
# if (!-e $request_filename) {
# rewrite ^(.*)$ /wordpress/index.php?q=$1 last;
# }
#}
# Set this to off if you're hosting more than one site
server_name_in_redirect off;
#error_page 404 /404.html;
# SEO friendly URLs for Wordpress
#
#location /wordpress/ {
# if (!-e $request_filename) {
# rewrite ^(.*)$ /wordpress/index.php?q=$1 last;
# }
#}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
#error_page 404 /404.html;
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/new$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include fastcgi_params;
limit_req zone=one burst=5;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/new$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include fastcgi_params;
limit_req zone=one burst=5;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location /ehcp {
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
location /ehcp {
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
location ~ ^/ehcp/(.+\.log)$ {
return 403;
}
location ~ ^/ehcp/(.+\.sh)$ {
return 403;
}
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
location ~ ^/ehcp/(.+\.log)$ {
return 403;
}
location ~ ^/ehcp/(.+\.sh)$ {
return 403;
}
}
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
location /phpmyadmin {
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
}

2
ehcp/etc/nginx_ssl/mime.types
View file

@ -23,7 +23,6 @@ types {
image/x-ms-bmp bmp;
image/svg+xml svg svgz;
application/csv csv;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
@ -68,7 +67,6 @@ types {
application/octet-stream iso img;
application/octet-stream msi msp msm;
application/ogg ogx;
application/so so;
audio/midi mid midi kar;
audio/mpeg mpga mpega mp2 mp3 m4a;

61
ehcp/etc/nginx_ssl/nginx.conf
View file

@ -5,55 +5,46 @@ user {wwwuser} {wwwgroup};
worker_processes 4;
error_log /var/log/nginx/default.error.log;
pid /var/run/nginx.pid;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
worker_connections 1024;
}
http {
server_names_hash_bucket_size 4096;
variables_hash_max_size 4096;
variables_hash_bucket_size 4096;
types_hash_max_size 4096;
limit_req_zone $binary_remote_addr zone=one:20m rate=10r/s;
include /etc/nginx/mime.types;
#default_type application/octet-stream;
default_type text/html;
log_format combined_host '$remote_addr - $remote_user [$time_local] '
include /etc/nginx/mime.types;
#default_type application/octet-stream;
default_type text/html;
log_format combined_host '$remote_addr - $remote_user [$time_local] '
'"$host" "$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
access_log /var/log/nginx/default.access.log;
access_log /var/log/nginx/default.access.log;
sendfile on;
#tcp_nopush on;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 3;
tcp_nodelay on;
#keepalive_timeout 0;
keepalive_timeout 3;
tcp_nodelay on;
gzip on;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
gzip on;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
# Nginx default value was 1 MB and therefore all uploads exceeding 1 MB was
# getting "413 Request Entity Too Large" error.Script default is 64 MB.
# Remember to change the settings for upload size in php.ini as well.
client_max_body_size 1024m;
# Nginx default value was 1 MB and therefore all uploads exceeding 1 MB was
# getting "413 Request Entity Too Large" error.Script default is 64 MB.
# Remember to change the settings for upload size in php.ini as well.
client_max_body_size 64m;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
include /var/www/new/ehcp/apachehcp.conf;
include /var/www/new/ehcp/apachehcp_subdomains.conf;
include /var/www/new/ehcp/apachehcp_globalpanelurls.conf;
##########################
# Nginx Bad Bot Blocker #
##########################
include nginx-badbot-blocker/blacklist.conf;
include nginx-badbot-blocker/blockips.conf;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
include /var/www/new/ehcp/apachehcp.conf;
include /var/www/new/ehcp/apachehcp_subdomains.conf;
include /var/www/new/ehcp/apachehcp_globalpanelurls.conf;
}

31
ehcp/etc/nginx_sslonly/apache_subdomain_template.nginx
View file

@ -14,32 +14,33 @@ server {
access_log {homedir}/logs/access_log;
access_log /var/log/nginx/access_log_multi.log combined_host;
error_log {homedir}/logs/error_log;
root {homedir};
index index.html index.htm index.php;
if ($bad_bot) { return 444; }
if ($bad_referer) { return 403; }
location / {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
try_files $uri $uri/ /index.php?$args;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
if (-f $document_root/error_page.html ) {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
}
}
location ~ \.php$ {
## Images and static content is treated different
location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|xml|swf)$ {
access_log off;
expires 30d;
root {homedir};
}
location ~ .php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME {homedir}$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear \n upload_tmp_dir={homedir}/phptmpdir \n session.save_path={homedir}/phptmpdir";
fastcgi_param PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear \n upload_tmp_dir={homedir}/phptmpdir \n session.save_path={homedir}/phptmpdir \n disable_functions=exec,passthru,shell_exec,system,proc_open,popen";
include fastcgi_params;
limit_req zone=one burst=5;
}
location /.well-known {
auth_basic off;
allow all; # Allow all to see content
}
location ~ (apache_subdomain_template|apachetemplate|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;

75
ehcp/etc/nginx_sslonly/apachetemplate.nginx
View file

@ -19,18 +19,16 @@ server {
error_log {homedir}/logs/error_log;
index index.html index.htm index.php;
if ($bad_bot) { return 444; }
if ($bad_referer) { return 403; }
location / {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
if (-f $document_root/error_page.html ) {
error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497 500 501 502 503 504 505 506 507 /error_page.html;
}
{root_password_protected_dirs}
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
root {homedir}/httpdocs;
include fastcgi_params;
@ -38,19 +36,19 @@ server {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear \n upload_tmp_dir={homedir}/phptmpdir \n session.save_path={homedir}/phptmpdir";
fastcgi_param PHP_ADMIN_VALUE "open_basedir={homedir}:/usr/share/php:/usr/share/pear \n upload_tmp_dir={homedir}/phptmpdir \n session.save_path={homedir}/phptmpdir \n disable_functions=exec,passthru,shell_exec,system,proc_open,popen";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
}
location /phpmyadmin/ {
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
@ -65,14 +63,18 @@ server {
}
}
location /webmail2/ {
location /phpMyAdmin {
rewrite ^/* /phpmyadmin last;
}
location /webmail2 {
root {ehcpdir}/;
index index.php index.html index.htm;
location ~ ^/webmail2/(.+\.php)$ {
try_files $uri =404;
root {ehcpdir}/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2 \n upload_tmp_dir={ehcpdir}/webmail2/data \n session.save_path={ehcpdir}/webmail2/data";
@ -85,14 +87,18 @@ server {
}
}
location /ehcp/ {
location /webmail {
rewrite ^/* /roundcube last;
}
location /ehcp {
root /var/www/new/;
index index.php index.html index.htm;
location ~ ^/ehcp/(.+\.php)$ {
try_files $uri =404;
root /var/www/new/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}/:/var/www/php_sessions:/tmp \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
@ -103,11 +109,11 @@ server {
location ~* ^/ehcp/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /var/www/new/;
}
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
@ -121,14 +127,14 @@ server {
}
}
location /roundcube/ {
location /roundcube {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/roundcube/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
@ -141,37 +147,6 @@ server {
}
}
location /.well-known {
auth_basic off;
allow all; # Allow all to see content
}
# Alias Section
location = /ehcp {
return 301 /ehcp/;
}
location = /webmail2 {
return 301 /webmail2/;
}
location = /webmail {
return 301 /roundcube/;
}
location = /roundcube {
return 301 /roundcube/;
}
location = /phpMyAdmin {
return 301 /phpmyadmin/;
}
location = /phpmyadmin {
return 301 /phpmyadmin/;
}
# any files that should be avoided, may be put here:
location ~ (apache_subdomain_template|apachetemplate|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;

174
ehcp/etc/nginx_sslonly/apachetemplate_ehcp_panel.nginx
View file

@ -1,80 +1,84 @@
# START OF CUSTOM GLOBAL PANEL URLS Template
server {
listen 443 ssl;
server_name {domainname};
listen 443 ssl;
server_name {domainname};
ssl_certificate {ssl_cert_path};
ssl_certificate_key {ssl_cert_key_path};
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_certificate {ssl_cert_path};
ssl_certificate_key {ssl_cert_key_path};
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root {ehcpdir};
index index.php;
root {ehcpdir};
index index.php;
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location / {
location ~ ^/(.+\.conf)$ {
return 403;
}
location ~ ^/(.+\.txt)$ {
return 403;
}
location ~ ^/(.+\.log)$ {
return 403;
}
location ~ ^/(.+\.sh)$ {
return 403;
}
}
location ~ \.php$ {
root {ehcpdir};
include fastcgi_params;
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
}
location /phpmyadmin/ {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
location ~ \.php$ {
root {ehcpdir};
include fastcgi_params;
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
fastcgi_read_timeout 300;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location / {
location ~ ^/(.+\.conf)$ {
return 403;
}
location ~ ^/(.+\.txt)$ {
return 403;
}
location ~ ^/(.+\.log)$ {
return 403;
}
location ~ ^/(.+\.sh)$ {
return 403;
}
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
location /phpMyAdmin {
rewrite ^/* /phpmyadmin last;
}
location /webmail2/ {
location /webmail2 {
root {ehcpdir}/;
index index.php index.html index.htm;
location ~ ^/webmail2/(.+\.php)$ {
try_files $uri =404;
root {ehcpdir}/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir={ehcpdir}/webmail2 \n upload_tmp_dir={ehcpdir}/webmail2/data \n session.save_path={ehcpdir}/webmail2/data";
@ -86,15 +90,19 @@ server {
root {ehcpdir}/;
}
}
location /webmail {
rewrite ^/* /roundcube last;
}
location /roundcube/ {
location /roundcube {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/roundcube/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/lib/roundcube:/etc/roundcube:/usr/share:/tmp:/var/www/php_sessions:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
@ -106,48 +114,6 @@ server {
root /usr/share/;
}
}
location /extplorer/ {
root {ehcpdir}/;
index index.php index.html index.htm;
location ~ ^/extplorer/(.+\.php)$ {
try_files $uri =404;
root {ehcpdir}/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
}
}
# Alias
location = /webmail2 {
return 301 /webmail2/;
}
location = /webmail {
return 301 /roundcube/;
}
location = /roundcube {
return 301 /roundcube/;
}
location = /phpMyAdmin {
return 301 /phpmyadmin/;
}
location = /phpmyadmin {
return 301 /phpmyadmin/;
}
location = /extplorer {
return 301 /extplorer/;
}
}
# END OF CUSTOM GLOBAL PANEL URLS Template

155
ehcp/etc/nginx_sslonly/default.nginx
View file

@ -2,98 +2,97 @@
# nginx default server config file
server {
listen 80;
return 301 https://$host$request_uri;
listen 80;
return 301 https://$host$request_uri;
}
# For SSL CONFIG
server {
listen 443 ssl;
server_name _;
listen 443 ssl;
server_name _;
ssl_certificate /etc/ssl/certs/server.crt;
ssl_certificate_key /etc/ssl/private/server.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_certificate /etc/ssl/certs/server.crt;
ssl_certificate_key /etc/ssl/private/server.key;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
root /var/www/new;
index index.html index.htm index.php;
access_log /var/log/nginx/default.access.log;
error_log /var/log/nginx/default.error.log;
# Set this to off if you're hosting more than one site
server_name_in_redirect off;
root /var/www/new;
index index.html index.htm index.php;
# SEO friendly URLs for Wordpress
#
#location /wordpress/ {
# if (!-e $request_filename) {
# rewrite ^(.*)$ /wordpress/index.php?q=$1 last;
# }
#}
# Set this to off if you're hosting more than one site
server_name_in_redirect off;
#error_page 404 /404.html;
# SEO friendly URLs for Wordpress
#
#location /wordpress/ {
# if (!-e $request_filename) {
# rewrite ^(.*)$ /wordpress/index.php?q=$1 last;
# }
#}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
#error_page 404 /404.html;
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/new$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include fastcgi_params;
limit_req zone=one burst=5;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www/nginx-default;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
try_files $uri = 404;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /var/www/new$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/var/www:/tmp:/usr/share:/etc/roundcube:/var/lib/roundcube:/var/log/roundcube \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include fastcgi_params;
limit_req zone=one burst=5;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
#
location ~ (apache_subdomain_template|apachetemplate$|apachetemplate_ipbased|apachetemplate_passivedomains|/\.conf$|/\.ht|access_log|error_log|access\.log|error\.log) {
deny all;
}
location /ehcp {
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
location /ehcp {
location ~ ^/ehcp/(.+\.conf)$ {
return 403;
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
location ~ ^/ehcp/(.+\.log)$ {
return 403;
}
location ~ ^/ehcp/(.+\.sh)$ {
return 403;
}
}
location ~ ^/ehcp/(.+\.txt)$ {
return 403;
}
location ~ ^/ehcp/(.+\.log)$ {
return 403;
}
location ~ ^/ehcp/(.+\.sh)$ {
return 403;
}
}
location /phpmyadmin {
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
location /phpmyadmin {
root /usr/share/;
fastcgi_pass 127.0.0.1:9001;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=/usr/share/phpmyadmin:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share/php:/usr/share/pear:/usr/share:/var/www/php_sessions \n upload_tmp_dir=/tmp \n session.save_path=/var/www/php_sessions";
include /etc/nginx/fastcgi_params;
limit_req zone=one burst=5;
proxy_send_timeout 600;
proxy_read_timeout 600;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
}

2
ehcp/etc/nginx_sslonly/mime.types
View file

@ -23,7 +23,6 @@ types {
image/x-ms-bmp bmp;
image/svg+xml svg svgz;
application/csv csv;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
@ -68,7 +67,6 @@ types {
application/octet-stream iso img;
application/octet-stream msi msp msm;
application/ogg ogx;
application/so so;
audio/midi mid midi kar;
audio/mpeg mpga mpega mp2 mp3 m4a;

63
ehcp/etc/nginx_sslonly/nginx.conf
View file

@ -5,55 +5,46 @@ user {wwwuser} {wwwgroup};
worker_processes 4;
error_log /var/log/nginx/default.error.log;
pid /var/run/nginx.pid;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
worker_connections 1024;
}
http {
server_names_hash_bucket_size 4096;
variables_hash_max_size 4096;
variables_hash_bucket_size 4096;
types_hash_max_size 4096;
server_names_hash_bucket_size 4096;
limit_req_zone $binary_remote_addr zone=one:20m rate=10r/s;
include /etc/nginx/mime.types;
#default_type application/octet-stream;
default_type text/html;
log_format combined_host '$remote_addr - $remote_user [$time_local] '
include /etc/nginx/mime.types;
#default_type application/octet-stream;
default_type text/html;
log_format combined_host '$remote_addr - $remote_user [$time_local] '
'"$host" "$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
access_log /var/log/nginx/default.access.log;
access_log /var/log/nginx/default.access.log;
sendfile on;
#tcp_nopush on;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 3;
tcp_nodelay on;
#keepalive_timeout 0;
keepalive_timeout 3;
tcp_nodelay on;
gzip on;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
gzip on;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
# Nginx default value was 1 MB and therefore all uploads exceeding 1 MB was
# getting "413 Request Entity Too Large" error.Script default is 64 MB.
# Remember to change the settings for upload size in php.ini as well.
client_max_body_size 1024m;
# Nginx default value was 1 MB and therefore all uploads exceeding 1 MB was
# getting "413 Request Entity Too Large" error.Script default is 64 MB.
# Remember to change the settings for upload size in php.ini as well.
client_max_body_size 64m;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
include /var/www/new/ehcp/apachehcp.conf;
include /var/www/new/ehcp/apachehcp_subdomains.conf;
include /var/www/new/ehcp/apachehcp_globalpanelurls.conf;
##########################
# Nginx Bad Bot Blocker #
##########################
include nginx-badbot-blocker/blacklist.conf;
include nginx-badbot-blocker/blockips.conf;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
include /var/www/new/ehcp/apachehcp.conf;
include /var/www/new/ehcp/apachehcp_subdomains.conf;
include /var/www/new/ehcp/apachehcp_globalpanelurls.conf;
}

248
ehcp/etc/pam/pam_dbauth_smtp_python3.py
View file

@ -1,248 +0,0 @@
# vim: noai:ts=2:sw=2:set expandtab:
#
# pam_dbauth.py
# Performs salted-hash authentication from a database
#
"""
Author: Eric Windisch <eric@windisch.us>
Copyright: 2010, Eric Windisch <eric@grokthis.net>, VPS Village
License: EPL v1.0
Contributor: Eric Arnol-Martin <earnolmartin@gmail.com>
Added MySQL Password() Function Support
- Requires passlib (sudo pip install passlib)
- Fixed port integer bug MySQL
- Added logic to handle an already encrypted password being sent in
"""
"""
Add to PAM configuration with:
auth required pam_python.so pam_dbauth.py
Requires configuration file, /etc/security/pam_dbauth.conf,
Example:
[database]
host=localhost
user=myuser
password=mypass
db=myuser_db
port=XXXX
engine=mysqldb
; engine=psycopg2
; engine=redis
[query]
; SQL Example
select_statement=select password from users where username=%s
; Redis example:
; select_statement=users:%s:password
; ----------------------------------------------------------------
; Support forcing or defaulting hashtypes,
; ONLY effective if stored password does not start with {hashtype}.
; ----------------------------------------------------------------
; hashtype_force=sha1
;
; ----------------------------------------------------------------
; Default type to be used if all auto-detection fails (unlikely)
; ----------------------------------------------------------------
; hashtype_default=md5
;
"""
import os
import sys
import syslog
import hashlib
import base64
import string
import traceback
import configparser
from passlib.hash import mysql41
import crypt
config = configparser.ConfigParser()
config.read('/etc/security/pam_dbauth_smtp.conf')
dbengine=config.get('database','engine')
if dbengine == 'mysqldb':
import MySQLdb
dbengineClass=MySQLdb
elif dbengine == 'pyscopg2':
import psycopg2
dbengineClass=psycopg2
elif dbengine == 'redis':
import redis
dbengineClass=redis
else:
syslog.syslog ("pam_dbauth.py - Unknown or unspecified database engine")
sys.exit(1)
def pam_sm_authenticate(pamh, flags, argv):
resp=pamh.conversation(
pamh.Message(pamh.PAM_PROMPT_ECHO_OFF,"Password")
)
try:
user = pamh.get_user(None)
except pamh.exception as e:
return e.pam_result
if user == None:
return pamh.PAM_USER_UNKNOWN
try:
def safeConfigGet(sect,key):
if config.has_option(sect,key):
return config.get(sect,key)
else:
None
connargs={
# Each engine has its own connection string type.
# perhaps I might abstract this further into a class,
# but for now, this module is light enough, that I
# simply won't bother.
'mysqldb': {
'host': safeConfigGet('database','host'),
'user': safeConfigGet('database','user'),
'passwd': safeConfigGet('database','password'),
'port': int(safeConfigGet('database','port')),
'db': safeConfigGet('database','db')
},
'pyscopg2': {
'host': safeConfigGet('database','host'),
'user': safeConfigGet('database','user'),
'password': safeConfigGet('database','password'),
'port': safeConfigGet('database','port'),
'db': safeConfigGet('database','db')
},
'redis': {
'host': safeConfigGet('database','host'),
'password': safeConfigGet('database','password'),
'port': safeConfigGet('database','port'),
'db': safeConfigGet('database','db')
}
}[dbengine]
# Filter out None vars.
for k in connargs.keys():
if connargs[k] is None:
del connargs[k]
# Connect to database... finally!
db=dbengineClass.connect( **connargs )
# Query the DB.
# All but Redis (so-far) are SQL-based...
if dbengine != 'redis':
cursor=db.cursor()
query=str(config.get('query','select_statement')).format(user)
#syslog.syslog ("query is " + query)
cursor.execute(query)
pass_raw=cursor.fetchone()[0]
else:
pass_raw=db.get(config.get('query','select_statement' % (user)))
# Initalize pass_stored to pass_raw... we might change it
pass_stored=pass_raw
# We search for a {} section containing the hashtype
htindex=str.find(pass_raw,"}")
if htindex > 0:
# password contained a hashtype
hashtype=pass_raw[1:htindex]
# Remove the hashtype indicator
pass_stored=pass_raw[htindex:]
elif config.has_option('query','hashtype_force'):
# if a hashtype is forced on us
hashtype=config.get('query','hashtype_force')
elif len(pass_raw) == 16:
# assume 16-byte length is md5
hashtype='md5'
elif len(pass_raw) == 20:
# assume 20-byte length is sha-1
hashtype='ssha1'
elif config.has_option('query','hashtype_default'):
# attempt to fall back...
hashtype=config.get('query','hashtype_default')
elif len(pass_raw) == 41:
# MySQL Password() function hash
hashtype='mysql_password_function'
elif pass_stored == resp.resp: # Perhaps an already encrypted password is being sent in like in the case of SMTP sasl auth...
return pamh.PAM_SUCCESS
elif pass_stored == crypt.crypt(resp.resp, "ehcp"):
return pamh.PAM_SUCCESS
else:
#syslog.syslog ("Unable to determine hash type... the length is " + str(len(pass_raw)))
return pamh.PAM_SERVICE_ERR
if hashtype != 'mysql_password_function':
pass_decoded=base64.b64decode(pass_stored)
# Set the hashlib
hl={
'ssha1': hashlib.sha1(),
'sha1': hashlib.sha1(),
'md5': hashlib.md5(),
}[hashtype]
pass_base=pass_decoded[:hl.digest_size]
pass_salt=pass_decoded[hl.digest_size:]
hl.update(resp.resp)
hl.update(pass_salt)
hashedrep = base64.b64encode(hl.digest())
if hl.digest() == pass_base:
#syslog.syslog ("pam-dbauth.py hashes match")
return pamh.PAM_SUCCESS
else:
#syslog.syslog ("hashes do not match: " + hl.digest() + " not equal to " + pass_base)
pamh.PAM_AUTH_ERR
else:
if pass_stored == mysql41.encrypt(resp.resp):
#syslog.syslog ("pam-dbauth.py hashes match")
return pamh.PAM_SUCCESS
else:
#syslog.syslog ("hashes do not match: " + hl.digest() + " not equal to " + pass_base)
pamh.PAM_AUTH_ERR
except Exception as e:
#traceback.print_exc()
#syslog.syslog ("pam-dbauth.py exception triggered " + str(e))
return pamh.PAM_SERVICE_ERR
return pamh.PAM_SERVICE_ERR
def pam_sm_setcred(pamh, flags, argv):
return pamh.PAM_SUCCESS
def pam_sm_acct_mgmt(pamh, flags, argv):
return pamh.PAM_SUCCESS
def pam_sm_open_session(pamh, flags, argv):
return pamh.PAM_SUCCESS
def pam_sm_close_session(pamh, flags, argv):
return pamh.PAM_SUCCESS
def pam_sm_chauthtok(pamh, flags, argv):
return pamh.PAM_SUCCESS
#if __name__ == '__main__':
# pam_sm_authenticate(pamh, flags, argv):
"""
Author: Eric Windisch <eric@windisch.us>
Copyright: 2010, Eric Windisch <eric@grokthis.net>, VPS Village
License: EPL v1.0
"""

250
ehcp/etc/pam/pam_dbauth_smtp_ubuntu_20_plus.py
View file

@ -1,250 +0,0 @@
# vim: noai:ts=2:sw=2:set expandtab:
#
# pam_dbauth.py
# Performs salted-hash authentication from a database
#
"""
Author: Eric Windisch <eric@windisch.us>
Copyright: 2010, Eric Windisch <eric@grokthis.net>, VPS Village
License: EPL v1.0
Contributor: Eric Arnol-Martin <earnolmartin@gmail.com>
Added MySQL Password() Function Support
- Requires passlib (sudo pip install passlib)
- Fixed port integer bug MySQL
- Added logic to handle an already encrypted password being sent in
"""
"""
Add to PAM configuration with:
auth required pam_python.so pam_dbauth.py
Requires configuration file, /etc/security/pam_dbauth.conf,
Example:
[database]
host=localhost
user=myuser
password=mypass
db=myuser_db
port=XXXX
engine=mysqldb
; engine=psycopg2
; engine=redis
[query]
; SQL Example
select_statement=select password from users where username=%s
; Redis example:
; select_statement=users:%s:password
; ----------------------------------------------------------------
; Support forcing or defaulting hashtypes,
; ONLY effective if stored password does not start with {hashtype}.
; ----------------------------------------------------------------
; hashtype_force=sha1
;
; ----------------------------------------------------------------
; Default type to be used if all auto-detection fails (unlikely)
; ----------------------------------------------------------------
; hashtype_default=md5
;
"""
import os
import sys
sys.path.insert(0, '/usr/local/lib/python2.7/dist-packages')
sys.path.insert(0, '/usr/lib/python2.7/dist-packages')
import syslog
import hashlib
import base64
import string
import traceback
import ConfigParser
from passlib.hash import mysql41
import crypt
config = ConfigParser.ConfigParser()
config.read('/etc/security/pam_dbauth_smtp.conf')
dbengine=config.get('database','engine')
if dbengine == 'mysqldb':
import MySQLdb
dbengineClass=MySQLdb
elif dbengine == 'pyscopg2':
import psycopg2
dbengineClass=psycopg2
elif dbengine == 'redis':
import redis
dbengineClass=redis
else:
syslog.syslog ("pam_dbauth.py - Unknown or unspecified database engine")
sys.exit(1)
def pam_sm_authenticate(pamh, flags, argv):
resp=pamh.conversation(
pamh.Message(pamh.PAM_PROMPT_ECHO_OFF,"Password")
)
try:
user = pamh.get_user(None)
except pamh.exception, e:
return e.pam_result
if user == None:
return pamh.PAM_USER_UNKNOWN
try:
def safeConfigGet(sect,key):
if config.has_option(sect,key):
return config.get(sect,key)
else:
None
connargs={
# Each engine has its own connection string type.
# perhaps I might abstract this further into a class,
# but for now, this module is light enough, that I
# simply won't bother.
'mysqldb': {
'host': safeConfigGet('database','host'),
'user': safeConfigGet('database','user'),
'passwd': safeConfigGet('database','password'),
'port': int(safeConfigGet('database','port')),
'db': safeConfigGet('database','db')
},
'pyscopg2': {
'host': safeConfigGet('database','host'),
'user': safeConfigGet('database','user'),
'password': safeConfigGet('database','password'),
'port': safeConfigGet('database','port'),
'db': safeConfigGet('database','db')
},
'redis': {
'host': safeConfigGet('database','host'),
'password': safeConfigGet('database','password'),
'port': safeConfigGet('database','port'),
'db': safeConfigGet('database','db')
}
}[dbengine]
# Filter out None vars.
for k in connargs.keys():
if connargs[k] is None:
del connargs[k]
# Connect to database... finally!
db=dbengineClass.connect( **connargs )
# Query the DB.
# All but Redis (so-far) are SQL-based...
if dbengine != 'redis':
cursor=db.cursor()
query=str(config.get('query','select_statement')).format(user)
#syslog.syslog ("query is " + query)
cursor.execute(query)
pass_raw=cursor.fetchone()[0]
else:
pass_raw=db.get(config.get('query','select_statement' % (user)))
# Initalize pass_stored to pass_raw... we might change it
pass_stored=pass_raw
# We search for a {} section containing the hashtype
htindex=string.find(pass_raw,"}")
if htindex > 0:
# password contained a hashtype
hashtype=pass_raw[1:htindex]
# Remove the hashtype indicator
pass_stored=pass_raw[htindex:]
elif config.has_option('query','hashtype_force'):
# if a hashtype is forced on us
hashtype=config.get('query','hashtype_force')
elif len(pass_raw) == 16:
# assume 16-byte length is md5
hashtype='md5'
elif len(pass_raw) == 20:
# assume 20-byte length is sha-1
hashtype='ssha1'
elif config.has_option('query','hashtype_default'):
# attempt to fall back...
hashtype=config.get('query','hashtype_default')
elif len(pass_raw) == 41:
# MySQL Password() function hash
hashtype='mysql_password_function'
elif pass_stored == resp.resp: # Perhaps an already encrypted password is being sent in like in the case of SMTP sasl auth...
return pamh.PAM_SUCCESS
elif pass_stored == crypt.crypt(resp.resp, "ehcp"):
return pamh.PAM_SUCCESS
else:
#syslog.syslog ("Unable to determine hash type... the length is " + str(len(pass_raw)))
return pamh.PAM_SERVICE_ERR
if hashtype != 'mysql_password_function':
pass_decoded=base64.b64decode(pass_stored)
# Set the hashlib
hl={
'ssha1': hashlib.sha1(),
'sha1': hashlib.sha1(),
'md5': hashlib.md5(),
}[hashtype]
pass_base=pass_decoded[:hl.digest_size]
pass_salt=pass_decoded[hl.digest_size:]
hl.update(resp.resp)
hl.update(pass_salt)
hashedrep = base64.b64encode(hl.digest())
if hl.digest() == pass_base:
#syslog.syslog ("pam-dbauth.py hashes match")
return pamh.PAM_SUCCESS
else:
#syslog.syslog ("hashes do not match: " + hl.digest() + " not equal to " + pass_base)
pamh.PAM_AUTH_ERR
else:
if pass_stored == mysql41.encrypt(resp.resp):
#syslog.syslog ("pam-dbauth.py hashes match")
return pamh.PAM_SUCCESS
else:
#syslog.syslog ("hashes do not match: " + hl.digest() + " not equal to " + pass_base)
pamh.PAM_AUTH_ERR
except Exception,e:
#traceback.print_exc()
#syslog.syslog ("pam-dbauth.py exception triggered " + str(e))
return pamh.PAM_SERVICE_ERR
return pamh.PAM_SERVICE_ERR
def pam_sm_setcred(pamh, flags, argv):
return pamh.PAM_SUCCESS
def pam_sm_acct_mgmt(pamh, flags, argv):
return pamh.PAM_SUCCESS
def pam_sm_open_session(pamh, flags, argv):
return pamh.PAM_SUCCESS
def pam_sm_close_session(pamh, flags, argv):
return pamh.PAM_SUCCESS
def pam_sm_chauthtok(pamh, flags, argv):
return pamh.PAM_SUCCESS
#if __name__ == '__main__':
# pam_sm_authenticate(pamh, flags, argv):
"""
Author: Eric Windisch <eric@windisch.us>
Copyright: 2010, Eric Windisch <eric@grokthis.net>, VPS Village
License: EPL v1.0
"""

246
ehcp/etc/pam/pam_dbauth_vsftpd_python3.py
View file

@ -1,246 +0,0 @@
# vim: noai:ts=2:sw=2:set expandtab:
#
# pam_dbauth.py
# Performs salted-hash authentication from a database
#
"""
Author: Eric Windisch <eric@windisch.us>
Copyright: 2010, Eric Windisch <eric@grokthis.net>, VPS Village
License: EPL v1.0
Contributor: Eric Arnol-Martin <earnolmartin@gmail.com>
Added MySQL Password() Function Support
- Requires passlib (sudo pip install passlib)
- Fixed port integer bug MySQL
- Added logic to handle an already encrypted password being sent in
"""
"""
Add to PAM configuration with:
auth required pam_python.so pam_dbauth.py
Requires configuration file, /etc/security/pam_dbauth.conf,
Example:
[database]
host=localhost
user=myuser
password=mypass
db=myuser_db
port=XXXX
engine=mysqldb
; engine=psycopg2
; engine=redis
[query]
; SQL Example
select_statement=select password from users where username=%s
; Redis example:
; select_statement=users:%s:password
; ----------------------------------------------------------------
; Support forcing or defaulting hashtypes,
; ONLY effective if stored password does not start with {hashtype}.
; ----------------------------------------------------------------
; hashtype_force=sha1
;
; ----------------------------------------------------------------
; Default type to be used if all auto-detection fails (unlikely)
; ----------------------------------------------------------------
; hashtype_default=md5
;
"""
import os
import sys
import syslog
import hashlib
import base64
import string
import traceback
import configparser
from passlib.hash import mysql41
config = configparser.ConfigParser()
config.read('/etc/security/pam_dbauth_vsftpd.conf')
dbengine=config.get('database','engine')
if dbengine == 'mysqldb':
import MySQLdb
dbengineClass=MySQLdb
elif dbengine == 'pyscopg2':
import psycopg2
dbengineClass=psycopg2
elif dbengine == 'redis':
import redis
dbengineClass=redis
else:
syslog.syslog ("pam_dbauth.py - Unknown or unspecified database engine")
sys.exit(1)
def pam_sm_authenticate(pamh, flags, argv):
resp=pamh.conversation(
pamh.Message(pamh.PAM_PROMPT_ECHO_OFF,"Password")
)
try:
user = pamh.get_user(None)
except pamh.exception as e:
return e.pam_result
if user == None:
return pamh.PAM_USER_UNKNOWN
try:
def safeConfigGet(sect,key):
if config.has_option(sect,key):
return config.get(sect,key)
else:
None
connargs={
# Each engine has its own connection string type.
# perhaps I might abstract this further into a class,
# but for now, this module is light enough, that I
# simply won't bother.
'mysqldb': {
'host': safeConfigGet('database','host'),
'user': safeConfigGet('database','user'),
'passwd': safeConfigGet('database','password'),
'port': int(safeConfigGet('database','port')),
'db': safeConfigGet('database','db')
},
'pyscopg2': {
'host': safeConfigGet('database','host'),
'user': safeConfigGet('database','user'),
'password': safeConfigGet('database','password'),
'port': safeConfigGet('database','port'),
'db': safeConfigGet('database','db')
},
'redis': {
'host': safeConfigGet('database','host'),
'password': safeConfigGet('database','password'),
'port': safeConfigGet('database','port'),
'db': safeConfigGet('database','db')
}
}[dbengine]
# Filter out None vars.
for k in connargs.keys():
if connargs[k] is None:
del connargs[k]
# Connect to database... finally!
db=dbengineClass.connect( **connargs )
# Query the DB.
# All but Redis (so-far) are SQL-based...
if dbengine != 'redis':
cursor=db.cursor()
query=str(config.get('query','select_statement')).format(user)
#syslog.syslog ("query is " + query)
cursor.execute(query)
pass_raw=cursor.fetchone()[0]
else:
pass_raw=db.get(config.get('query','select_statement' % (user)))
# Initalize pass_stored to pass_raw... we might change it
pass_stored=pass_raw
# We search for a {} section containing the hashtype
htindex=str.find(pass_raw,"}")
if htindex > 0:
# password contained a hashtype
hashtype=pass_raw[1:htindex]
# Remove the hashtype indicator
pass_stored=pass_raw[htindex:]
elif config.has_option('query','hashtype_force'):
# if a hashtype is forced on us
hashtype=config.get('query','hashtype_force')
elif len(pass_raw) == 16:
# assume 16-byte length is md5
hashtype='md5'
elif len(pass_raw) == 20:
# assume 20-byte length is sha-1
hashtype='ssha1'
elif config.has_option('query','hashtype_default'):
# attempt to fall back...
hashtype=config.get('query','hashtype_default')
elif len(pass_raw) == 41:
# MySQL Password() function hash
hashtype='mysql_password_function'
elif pass_stored == resp.resp: # Perhaps an already encrypted password is being sent in like in the case of SMTP sasl auth...
return pamh.PAM_SUCCESS
else:
#syslog.syslog ("Unable to determine hash type... the length is " + str(len(pass_raw)))
return pamh.PAM_SERVICE_ERR
if hashtype != 'mysql_password_function':
pass_decoded=base64.b64decode(pass_stored)
# Set the hashlib
hl={
'ssha1': hashlib.sha1(),
'sha1': hashlib.sha1(),
'md5': hashlib.md5(),
}[hashtype]
pass_base=pass_decoded[:hl.digest_size]
pass_salt=pass_decoded[hl.digest_size:]
hl.update(resp.resp)
hl.update(pass_salt)
hashedrep = base64.b64encode(hl.digest())
if hl.digest() == pass_base:
#syslog.syslog ("pam-dbauth.py hashes match")
return pamh.PAM_SUCCESS
else:
#syslog.syslog ("hashes do not match: " + hl.digest() + " not equal to " + pass_base)
pamh.PAM_AUTH_ERR
else:
if pass_stored == mysql41.encrypt(resp.resp):
#syslog.syslog ("pam-dbauth.py hashes match")
return pamh.PAM_SUCCESS
else:
#syslog.syslog ("hashes do not match: " + hl.digest() + " not equal to " + pass_base)
pamh.PAM_AUTH_ERR
except Exception as e:
#traceback.print_exc()
#syslog.syslog ("pam-dbauth.py exception triggered " + str(e))
return pamh.PAM_SERVICE_ERR
return pamh.PAM_SERVICE_ERR
def pam_sm_setcred(pamh, flags, argv):
return pamh.PAM_SUCCESS
def pam_sm_acct_mgmt(pamh, flags, argv):
return pamh.PAM_SUCCESS
def pam_sm_open_session(pamh, flags, argv):
return pamh.PAM_SUCCESS
def pam_sm_close_session(pamh, flags, argv):
return pamh.PAM_SUCCESS
def pam_sm_chauthtok(pamh, flags, argv):
return pamh.PAM_SUCCESS
#if __name__ == '__main__':
# pam_sm_authenticate(pamh, flags, argv):
"""
Author: Eric Windisch <eric@windisch.us>
Copyright: 2010, Eric Windisch <eric@grokthis.net>, VPS Village
License: EPL v1.0
"""

247
ehcp/etc/pam/pam_dbauth_vsftpd_ubuntu_20_plus.py
View file

@ -1,247 +0,0 @@
# vim: noai:ts=2:sw=2:set expandtab:
#
# pam_dbauth.py
# Performs salted-hash authentication from a database
#
"""
Author: Eric Windisch <eric@windisch.us>
Copyright: 2010, Eric Windisch <eric@grokthis.net>, VPS Village
License: EPL v1.0
Contributor: Eric Arnol-Martin <earnolmartin@gmail.com>
Added MySQL Password() Function Support
- Requires passlib (sudo pip install passlib)
- Fixed port integer bug MySQL
- Added logic to handle an already encrypted password being sent in
"""
"""
Add to PAM configuration with:
auth required pam_python.so pam_dbauth.py
Requires configuration file, /etc/security/pam_dbauth.conf,
Example:
[database]
host=localhost
user=myuser
password=mypass
db=myuser_db
port=XXXX
engine=mysqldb
; engine=psycopg2
; engine=redis
[query]
; SQL Example
select_statement=select password from users where username=%s
; Redis example:
; select_statement=users:%s:password
; ----------------------------------------------------------------
; Support forcing or defaulting hashtypes,
; ONLY effective if stored password does not start with {hashtype}.
; ----------------------------------------------------------------
; hashtype_force=sha1
;
; ----------------------------------------------------------------
; Default type to be used if all auto-detection fails (unlikely)
; ----------------------------------------------------------------
; hashtype_default=md5
;
"""
import os
import sys
sys.path.insert(0, '/usr/local/lib/python2.7/dist-packages')
sys.path.insert(0, '/usr/lib/python2.7/dist-packages')
import syslog
import hashlib
import base64
import string
import traceback
import ConfigParser
from passlib.hash import mysql41
config = ConfigParser.ConfigParser()
config.read('/etc/security/pam_dbauth_vsftpd.conf')
dbengine=config.get('database','engine')
if dbengine == 'mysqldb':
import MySQLdb
dbengineClass=MySQLdb
elif dbengine == 'pyscopg2':
import psycopg2
dbengineClass=psycopg2
elif dbengine == 'redis':
import redis
dbengineClass=redis
else:
syslog.syslog ("pam_dbauth.py - Unknown or unspecified database engine")
sys.exit(1)
def pam_sm_authenticate(pamh, flags, argv):
resp=pamh.conversation(
pamh.Message(pamh.PAM_PROMPT_ECHO_OFF,"Password")
)
try:
user = pamh.get_user(None)
except pamh.exception, e:
return e.pam_result
if user == None:
return pamh.PAM_USER_UNKNOWN
try:
def safeConfigGet(sect,key):
if config.has_option(sect,key):
return config.get(sect,key)
else:
None
connargs={
# Each engine has its own connection string type.
# perhaps I might abstract this further into a class,
# but for now, this module is light enough, that I
# simply won't bother.
'mysqldb': {
'host': safeConfigGet('database','host'),
'user': safeConfigGet('database','user'),
'passwd': safeConfigGet('database','password'),
'port': int(safeConfigGet('database','port')),
'db': safeConfigGet('database','db')
},
'pyscopg2': {
'host': safeConfigGet('database','host'),
'user': safeConfigGet('database','user'),
'password': safeConfigGet('database','password'),
'port': safeConfigGet('database','port'),
'db': safeConfigGet('database','db')
},
'redis': {
'host': safeConfigGet('database','host'),
'password': safeConfigGet('database','password'),
'port': safeConfigGet('database','port'),
'db': safeConfigGet('database','db')
}
}[dbengine]
# Filter out None vars.
for k in connargs.keys():
if connargs[k] is None:
del connargs[k]
# Connect to database... finally!
db=dbengineClass.connect( **connargs )
# Query the DB.
# All but Redis (so-far) are SQL-based...
if dbengine != 'redis':
cursor=db.cursor()
query=str(config.get('query','select_statement')).format(user)
#syslog.syslog ("query is " + query)
cursor.execute(query)
pass_raw=cursor.fetchone()[0]
else:
pass_raw=db.get(config.get('query','select_statement' % (user)))
# Initalize pass_stored to pass_raw... we might change it
pass_stored=pass_raw
# We search for a {} section containing the hashtype
htindex=string.find(pass_raw,"}")
if htindex > 0:
# password contained a hashtype
hashtype=pass_raw[1:htindex]
# Remove the hashtype indicator
pass_stored=pass_raw[htindex:]
elif config.has_option('query','hashtype_force'):
# if a hashtype is forced on us
hashtype=config.get('query','hashtype_force')
elif len(pass_raw) == 16:
# assume 16-byte length is md5
hashtype='md5'
elif len(pass_raw) == 20:
# assume 20-byte length is sha-1
hashtype='ssha1'
elif config.has_option('query','hashtype_default'):
# attempt to fall back...
hashtype=config.get('query','hashtype_default')
elif len(pass_raw) == 41:
# MySQL Password() function hash
hashtype='mysql_password_function'
elif pass_stored == resp.resp: # Perhaps an already encrypted password is being sent in like in the case of SMTP sasl auth...
return pamh.PAM_SUCCESS
else:
#syslog.syslog ("Unable to determine hash type... the length is " + str(len(pass_raw)))
return pamh.PAM_SERVICE_ERR
if hashtype != 'mysql_password_function':
pass_decoded=base64.b64decode(pass_stored)
# Set the hashlib
hl={
'ssha1': hashlib.sha1(),
'sha1': hashlib.sha1(),
'md5': hashlib.md5(),
}[hashtype]
pass_base=pass_decoded[:hl.digest_size]
pass_salt=pass_decoded[hl.digest_size:]
hl.update(resp.resp)
hl.update(pass_salt)
hashedrep = base64.b64encode(hl.digest())
if hl.digest() == pass_base:
#syslog.syslog ("pam-dbauth.py hashes match")
return pamh.PAM_SUCCESS
else:
#syslog.syslog ("hashes do not match: " + hl.digest() + " not equal to " + pass_base)
pamh.PAM_AUTH_ERR
else:
if pass_stored == mysql41.encrypt(resp.resp):
#syslog.syslog ("pam-dbauth.py hashes match")
return pamh.PAM_SUCCESS
else:
#syslog.syslog ("hashes do not match: " + hl.digest() + " not equal to " + pass_base)
pamh.PAM_AUTH_ERR
except Exception,e:
#traceback.print_exc()
#syslog.syslog ("pam-dbauth.py exception triggered " + str(e))
return pamh.PAM_SERVICE_ERR
return pamh.PAM_SERVICE_ERR
def pam_sm_setcred(pamh, flags, argv):
return pamh.PAM_SUCCESS
def pam_sm_acct_mgmt(pamh, flags, argv):
return pamh.PAM_SUCCESS
def pam_sm_open_session(pamh, flags, argv):
return pamh.PAM_SUCCESS
def pam_sm_close_session(pamh, flags, argv):
return pamh.PAM_SUCCESS
def pam_sm_chauthtok(pamh, flags, argv):
return pamh.PAM_SUCCESS
#if __name__ == '__main__':
# pam_sm_authenticate(pamh, flags, argv):
"""
Author: Eric Windisch <eric@windisch.us>
Copyright: 2010, Eric Windisch <eric@grokthis.net>, VPS Village
License: EPL v1.0
"""

2
ehcp/etc/phpmyadmin/rootip_whitelist.php
View file

@ -7,7 +7,7 @@
$allow = 0;
// Get remote IP address
$clientIP = getIPAddress();
$clientIP = $_SERVER['REMOTE_ADDR'];
// Is the client's IP address a private IP?
// If so, allow root login

20
ehcp/etc/phpmyadmin/rootip_whitelist_functions.php
View file

@ -24,26 +24,6 @@
}
}
if (filter_var($IP, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4) && !filter_var($IP, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE )){
return true;
}
if (filter_var($IP, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6) && !filter_var($IP, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE )){
return true;
}
return false;
}
function getIPAddress(){
if(isset($_SERVER['HTTP_CF_CONNECTING_IP']) && !empty($_SERVER['HTTP_CF_CONNECTING_IP'])){
return $_SERVER['HTTP_CF_CONNECTING_IP'];
}else if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && !empty($_SERVER['HTTP_X_FORWARDED_FOR'])){
return $_SERVER['HTTP_X_FORWARDED_FOR'];
}else if(isset($_SERVER['HTTP_X_REAL_IP']) && !empty($_SERVER['HTTP_X_REAL_IP'])){
return $_SERVER['HTTP_X_REAL_IP'];
}else{
return $_SERVER['REMOTE_ADDR'];
}
}
?>

1
ehcp/etc/postfix/main.cf.sample
View file

@ -59,7 +59,6 @@ smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
virtual_create_maildirsize = yes
virtual_mailbox_extended = yes
virtual_maildir_extended = yes
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_limit_message = "The user you are trying to reach is over quota."

6
ehcp/extplorer/admin.extplorer.php
View file

@ -43,8 +43,10 @@ $GLOBALS['ext_version'] = '2.1.9';
$GLOBALS['ext_home'] = 'http://extplorer.net';
$dir = '';
error_reporting(0);
//------------------------------------------------------------------------------
if( defined( 'E_STRICT' ) ) { // Suppress Strict Standards Warnings
error_reporting(E_ALL & ~E_STRICT & ~E_NOTICE);
}
//------------------------------------------------------------------------------
umask(0002); // Added to make created files/dirs group writable
//------------------------------------------------------------------------------

2
ehcp/extplorer/application.php
View file

@ -41,7 +41,7 @@ class ext_Action {
* @param string $dir
* @param string $item
*/
public static function execAction( $dir, $item ) {
function execAction( $dir, $item ) {
// to be overridden by the child class
}

2
ehcp/extplorer/config/conf.php
View file

@ -5,7 +5,7 @@ if( !defined( '_JEXEC' ) && !defined( '_VALID_MOS' ) ) die( 'Restricted access'
//-------------Configuration Variables---------------------------------------------
// Send gzipped content if accepted by the browser?
$GLOBALS['use_gzip'] = 0;
$GLOBALS['use_gzip'] = 1;
// Name of the authentication module which is used by default
$GLOBALS['ext_conf']['authentication_method_default'] = 'ehcp';

5
ehcp/extplorer/eric.php Executable file
View file

@ -0,0 +1,5 @@
<?php
session_start();
echo $_SESSION['FTP_HOME_PATH'];
?>

6
ehcp/extplorer/extplorer.list.php
View file

@ -43,13 +43,13 @@ function make_list($_list1, $_list2) { // make list of files
}
if(is_array($list1)) {
foreach($list1 as $key => $val) {
while (list($key, $val) = each($list1)) {
$list[$key] = $val;
}
}
if(is_array($list2)) {
foreach($list2 as $key => $val) {
while (list($key, $val) = each($list2)) {
$list[$key] = $val;
}
}
@ -147,7 +147,7 @@ function print_table($dir, $list, $allow) { // print table of files
}
$i = 0;
foreach($list as $item => $val) {
while(list($item,) = each($list)){
if( $item == 'index.html') {
continue;
}

2
ehcp/extplorer/include/archive.php
View file

@ -38,7 +38,7 @@ if( !defined( '_JEXEC' ) && !defined( '_VALID_MOS' ) ) die( 'Restricted access'
*/
class ext_Archive extends ext_Action {
public static function execAction( $dir, $item="" ) {
function execAction( $dir, $item="" ) {
if(($GLOBALS["permissions"]&01)!=01) {
ext_Result::sendResult('archive', false, $GLOBALS["error_msg"]["accessfunc"]);

6
ehcp/extplorer/include/authentication/ehcp.php
View file

@ -56,11 +56,7 @@ class ext_ehcp_authentication {
}
function onShowLoginForm() {
if(!isset($_SESSION['FTP_HOME_PATH']) || empty($_SESSION['FTP_HOME_PATH'])){
echo "<p style='color: red; text-align: center;'>Please <a href='../index.php?op=addDomainToThisPaneluser'>add a domain to your EHCP account</a> before using extplorer.";
}else{
echo "<p style='color: red; text-align: center;'>Unauthorized.&nbsp; Please login to the <a href='../'>EHCP panel</a> and try again.</p>";
}
echo "<p style='color: red; text-align: center;'>Unauthorized.&nbsp; Please login to the <a href='../ehcp'>EHCP panel</a> and try again.</p>";
}
function onLogout() {

2
ehcp/extplorer/include/chmod.php
View file

@ -38,7 +38,7 @@ if( !defined( '_JEXEC' ) && !defined( '_VALID_MOS' ) ) die( 'Restricted access'
*
*/
class ext_Chmod extends ext_Action {
public static function execAction($dir, $item) { // change permissions
function execAction($dir, $item) { // change permissions
if(($GLOBALS["permissions"]&01)!=01) ext_Result::sendResult( 'chmod', false, $GLOBALS["error_msg"]["accessfunc"]);

2
ehcp/extplorer/include/delete.php
View file

@ -40,7 +40,7 @@ if( !defined( '_JEXEC' ) && !defined( '_VALID_MOS' ) ) die( 'Restricted access'
*/
class ext_Delete extends ext_Action {
public static function execAction($dir, $item="") {
function execAction($dir, $item="") {
// delete files/dirs
if(($GLOBALS["permissions"]&01)!=01)
ext_Result::sendResult('delete', false, $GLOBALS["error_msg"]["accessfunc"]);

10
ehcp/extplorer/include/diff.php
View file

@ -57,7 +57,7 @@ class ext_Diff extends ext_Action {
'slovenian' => 'sk'
);
public static function execAction($dir, $item) {
function execAction($dir, $item) {
if(($GLOBALS["permissions"]&01)!=01) {
ext_Result::sendResult('diff', false, ext_Lang::err('accessfunc' ));
@ -76,7 +76,7 @@ class ext_Diff extends ext_Action {
}
$item2 = extGetParam( $_POST, 'item2');
if ($item2 !== null) {
$fname2 = get_abs_item('', utf8_decode($item2), true);
$fname2 = get_abs_item('', utf8_decode($item2));
}
elseif( $cnt >= 2 ) {
$item2 = $GLOBALS['__POST']["selitems"][1];
@ -101,7 +101,7 @@ class ext_Diff extends ext_Action {
//$content = nl2br(str_replace("\t", "&nbsp;&nbsp;&nbsp;&nbsp;", htmlentities($content)));
//$content2 = nl2br(str_replace("\t", "&nbsp;&nbsp;&nbsp;&nbsp;", htmlentities($content2)));
$diff = ext_Diff::inline_diff($content, $content2);
$diff = $this->inline_diff($content, $content2);
if( empty( $diff )) {
ext_Result::sendResult('diff', true, 'Both Files are identical');
}
@ -170,7 +170,7 @@ class ext_Diff extends ext_Action {
* @param string $text2
* @return string
*/
public static function inline_diff($text1, $text2)
function inline_diff($text1, $text2)
{
$hlines1 = explode("\n", $text1);
$hlines2 = explode("\n", $text2);
@ -188,4 +188,4 @@ class ext_Diff extends ext_Action {
return $renderer->render($diff);
}
}
}

2
ehcp/extplorer/include/download.php
View file

@ -40,7 +40,7 @@ if (!defined('_JEXEC') && !defined('_VALID_MOS')) die('Restricted access');
class ext_Download extends ext_Action {
// download file
public static function execAction($dir, $item, $unlink=false) {
function execAction($dir, $item, $unlink=false) {
//die($dir);

23
ehcp/extplorer/include/edit.php
View file

@ -36,7 +36,7 @@ if( !defined( '_JEXEC' ) && !defined( '_VALID_MOS' ) ) die( 'Restricted access'
* File-Edit Functions
*/
class ext_Edit extends ext_Action {
public static $lang_tbl = Array(
var $lang_tbl = Array(
'czech' => 'cs',
'german' => 'de',
'danish' => 'dk',
@ -55,7 +55,7 @@ class ext_Edit extends ext_Action {
'slovenian' => 'sk'
);
public static function execAction($dir, $item) { // edit file
function execAction($dir, $item) { // edit file
global $mainframe, $mosConfig_live_site;
if(($GLOBALS["permissions"]&01)!=01) {
@ -86,7 +86,7 @@ class ext_Edit extends ext_Action {
ext_Result::sendResult('edit', false, $item.": ".ext_Lang::err('itemdoesexist' ));
}
ext_Edit::savefile($fname2);
$this->savefile($fname2);
$fname=$fname2;
ext_Result::sendResult('edit', true, ext_Lang::msg('savefile').': '.$item );
@ -96,7 +96,7 @@ class ext_Edit extends ext_Action {
// File Reopen
$extra = Array();
$content = $GLOBALS['ext_File']->file_get_contents( $fname );
if(function_exists("get_magic_quotes_runtime") && get_magic_quotes_runtime()) {
if( get_magic_quotes_runtime()) {
$content = stripslashes( $content );
}
@ -154,7 +154,7 @@ class ext_Edit extends ext_Action {
$cp_lang = '';
}
$content = $GLOBALS['ext_File']->file_get_contents( $fname );
if(function_exists("get_magic_quotes_runtime") && get_magic_quotes_runtime()) {
if( get_magic_quotes_runtime()) {
$content = stripslashes( $content );
}
$cw = 250;
@ -277,8 +277,8 @@ class ext_Edit extends ext_Action {
"start_highlight": true,
"display": "later",
"toolbar": "search, go_to_line, |, undo, redo, |, select_font,|, change_smooth_selection, highlight, reset_highlight, |, help"
<?php if (array_key_exists($langs, ext_Edit::$lang_tbl)){?>
,"language": "<?php echo ext_Edit::$lang_tbl[$langs] ?>"
<?php if (array_key_exists($langs, $this->lang_tbl)){?>
,"language": "<?php echo $this->lang_tbl[$langs] ?>"
<?php
} ?>
})
@ -322,8 +322,13 @@ class ext_Edit extends ext_Action {
<?php
}
public static function savefile($file_name) { // save edited file
$code = $GLOBALS['__POST']["code"];
function savefile($file_name) { // save edited file
if( get_magic_quotes_gpc() ) {
$code = stripslashes($GLOBALS['__POST']["code"]);
}
else {
$code = $GLOBALS['__POST']["code"];
}
$langs = $GLOBALS["language"];
if ($langs == "japanese"){
$_encoding = $GLOBALS['__POST']["file_encoding"];

2
ehcp/extplorer/include/extract.php
View file

@ -38,7 +38,7 @@ if( ! defined( '_JEXEC' ) && ! defined( '_VALID_MOS' ) )
*/
class ext_Extract extends ext_Action {
public static function execAction( $dir, $item ) {
function execAction( $dir, $item ) {
if( ! ext_isArchive( $item ) ) {
ext_Result::sendResult( 'archive', false, $item.': '.ext_Lang::err( 'extract_noarchive' ) ) ;

22
ehcp/extplorer/include/functions.php
View file

@ -84,18 +84,14 @@ function get_abs_dir($dir) { // get absolute path
return $realpath;
}
//------------------------------------------------------------------------------
function get_abs_item($dir, $item, $useFullPath = false) { // get absolute file+path
function get_abs_item($dir, $item) { // get absolute file+path
if( is_array( $item )) {
// FTP Mode
$abs_item = '/' . get_abs_dir($dir)."/".$item['name'];
if( get_is_dir($item)) $abs_item.='/';
return extPathName($abs_item);
}
if(empty($dir) && $useFullPath){
return extPathName(get_abs_dir($dir).$item);
}else{
return extPathName( get_abs_dir($dir)."/".basename($item) );
}
return extPathName( get_abs_dir($dir)."/".basename($item) );
}
/**
* Returns the LS info array from an ftp directory listing
@ -156,7 +152,7 @@ function get_file_perms( $item) { // file permissions
if( ext_isFTPMode() && isset($item['rights']) ) {
$perms = decoct( bindec( decode_ftp_rights($item['rights']) ) );
return $perms;
} elseif(is_array($item) && is_numeric($item['mode'])) { //SFTP
} elseif( is_numeric($item['mode'])) { //SFTP
return @decoct($item['mode'] & 0777);
}
return @decoct(@fileperms( $item ) & 0777);
@ -178,13 +174,13 @@ function parse_file_perms($mode) { // parsed file permisions
$parsed_mode="";
for($i=0;$i<3;$i++) {
// read
if(($mode[$i] & 04)) $parsed_mode .= "r";
if(($mode{$i} & 04)) $parsed_mode .= "r";
else $parsed_mode .= "-";
// write
if(($mode[$i] & 02)) $parsed_mode .= "w";
if(($mode{$i} & 02)) $parsed_mode .= "w";
else $parsed_mode .= "-";
// execute
if(($mode[$i] & 01)) $parsed_mode .= "x";
if(($mode{$i} & 01)) $parsed_mode .= "x";
else $parsed_mode .= "-";
}
return $parsed_mode;
@ -676,7 +672,7 @@ function ext_selectList($name, $value, $arr, $size=1, $multiple="", $extra="") {
if( !empty( $arr ) ) {
$html = "<select class=\"inputbox\" name=\"$name\" id=\"$name\" size=\"$size\" $multiple $extra>\n";
foreach($arr as $key => $val){
while (list($key, $val) = each($arr)) {
$selected = "";
if( is_array( $value )) {
if( in_array( $key, $value )) {
@ -1202,7 +1198,9 @@ function extGetParam( &$arr, $name, $def=null, $mask=0 ) {
}
// account for magic quotes setting
$return = stripslashes( $return );
if (!get_magic_quotes_gpc()) {
$return = stripslashes( $return );
}
}
return $return;

8
ehcp/extplorer/include/list.php
View file

@ -48,13 +48,13 @@ function make_list(&$_list1, &$_list2) {
}
if (is_array($list1)) {
foreach($list1 as $key => $val) {
while (list($key, $val) = each($list1)) {
$list[$key] = $val;
}
}
if (is_array($list2)) {
foreach($list2 as $key => $val) {
while (list($key, $val) = each($list2)) {
$list[$key] = $val;
}
}
@ -241,7 +241,7 @@ function send_dircontents($dir, $sendWhat = 'files') { // print table of files
$list = $output_array;
}
foreach($list as $item => $info) {
while(list($item,$info) = each($list)) {
// link to dir / file
if (is_array($info)) {
@ -376,7 +376,7 @@ function send_dircontents($dir, $sendWhat = 'files') { // print table of files
}
class ext_List extends ext_Action {
public static function execAction($dir, $item='') { // list directory contents
function execAction($dir, $item='') { // list directory contents
global $dir_up, $mosConfig_live_site, $_VERSION;
$allow = ($GLOBALS["permissions"]&01) == 01;

6
ehcp/extplorer/include/login.php
View file

@ -78,11 +78,7 @@ function login() {
exit();
}
if(!isset($_SESSION['FTP_HOME_PATH']) || empty($_SESSION['FTP_HOME_PATH'])){
echo "<p style='color: red; text-align: center;'>Please <a href='../index.php?op=addDomainToThisPaneluser'>add a domain to your EHCP account</a> before using extplorer.";
}else{
echo "<p style='color: red; text-align: center;'>Unauthorized.&nbsp; Please login to the <a href='../'>EHCP panel</a> and try again.</p>";
}
echo "<p style='color: red; text-align: center;'>Unauthorized.&nbsp; Please login to the <a href='../' style='color: black;'>EHCP panel</a> and try again.</p>";
define( '_LOGIN_REQUIRED', 1 );
}

2
ehcp/extplorer/include/mkitem.php
View file

@ -37,7 +37,7 @@ if( !defined( '_JEXEC' ) && !defined( '_VALID_MOS' ) ) die( 'Restricted access'
*/
class ext_Mkitem extends ext_Action {
public static function execAction($dir, $item="") { // make new directory or file
function execAction($dir, $item="") { // make new directory or file
if(($GLOBALS["permissions"]&01)!=01) ext_Result::sendResult( 'mkitem', false, $GLOBALS["error_msg"]["accessfunc"]);
if( extGetParam($_POST,'confirm') == 'true') {

2
ehcp/extplorer/include/rename.php
View file

@ -37,7 +37,7 @@ if( !defined( '_JEXEC' ) && !defined( '_VALID_MOS' ) ) die( 'Restricted access'
*/
class ext_Rename extends ext_Action {
public static function execAction($dir, $item) { // rename directory or file
function execAction($dir, $item) { // rename directory or file
if(($GLOBALS["permissions"]&01)!=01) {
ext_Result::sendResult('rename', false, $GLOBALS["error_msg"]["accessfunc"]);

9
ehcp/extplorer/include/transfer.php
View file

@ -35,13 +35,14 @@ if( !defined( '_JEXEC' ) && !defined( '_VALID_MOS' ) ) die( 'Restricted access'
*/
class ext_Transfer extends ext_Action {
var $_downloadMethods;
public static function execAction( $dir, $item="" ) {
function execAction( $dir, $item="" ) {
if(($GLOBALS["permissions"]&01)!=01) {
ext_Result::sendResult('upload', false, $GLOBALS["error_msg"]["accessfunc"]);
}
$downloadMethods = array(
$this->_downloadMethods = array(
new CurlDownloader(),
new WgetDownloader(),
new FopenDownloader(),
@ -56,7 +57,7 @@ class ext_Transfer extends ext_Action {
}
$cnt=count($GLOBALS['__POST']['userfile']);
$err=false;
foreach($downloadMethods as $method ) {
foreach($this->_downloadMethods as $method ) {
if( $method->isSupported()) {
$downloader =& $method;
break;
@ -426,4 +427,4 @@ function getBinaryPath($binaryName) {
return false;
}
?>
?>

2
ehcp/extplorer/include/upload.php
View file

@ -36,7 +36,7 @@ if( !defined( '_JEXEC' ) && !defined( '_VALID_MOS' ) ) die( 'Restricted access'
*/
class ext_Upload extends ext_Action {
public static function execAction($dir, $item="") {
function execAction($dir, $item="") {
if(($GLOBALS["permissions"]&01)!=01) {
ext_Result::sendResult('upload', false, ext_Lang::err('accessfunc'));

2
ehcp/extplorer/include/view.php
View file

@ -37,7 +37,7 @@ if( !defined( '_JEXEC' ) && !defined( '_VALID_MOS' ) ) die( 'Restricted access'
*/
class ext_View extends ext_Action {
public static function execAction($dir, $item) { // show file contents
function execAction($dir, $item) { // show file contents
global $action;
$item = basename($item);
if(in_array(".".strtolower(pathinfo($item,PATHINFO_EXTENSION )), $GLOBALS["images_ext"])) {

2
ehcp/extplorer/install.extplorer.php
View file

@ -14,7 +14,7 @@ if(function_exists ('jimport')){
}
if(!function_exists ('com_install')){
function com_install($mypath =''){
//error_reporting(0);
error_reporting( E_ALL ^ E_NOTICE );
global $database;
if( is_callable( array( 'JFactory', 'getDBO' ))) {

10
ehcp/extplorer/libraries/Auth/Auth.php
View file

@ -466,7 +466,7 @@ class Auth {
{
$storage_class = 'Auth_Container_' . $driver;
include_once 'Auth/Container/' . $driver . '.php';
$obj = new $storage_class($options);
$obj =& new $storage_class($options);
return $obj;
}
@ -492,11 +492,15 @@ class Auth {
if ( isset($this->post[$this->_postUsername])
&& $this->post[$this->_postUsername] != '') {
$this->username = $this->post[$this->_postUsername];
$this->username = (get_magic_quotes_gpc() == 1
? stripslashes($this->post[$this->_postUsername])
: $this->post[$this->_postUsername]);
}
if ( isset($this->post[$this->_postPassword])
&& $this->post[$this->_postPassword] != '') {
$this->password = $this->post[$this->_postPassword];
$this->password = (get_magic_quotes_gpc() == 1
? stripslashes($this->post[$this->_postPassword])
: $this->post[$this->_postPassword] );
}
}

8
ehcp/extplorer/libraries/Console/Getopt.php
View file

@ -132,7 +132,7 @@ class Console_Getopt
}
reset($args);
foreach($args as $i => $arg) {
while (list($i, $arg) = each($args)) {
/* The special element '--' means explicit end of
options. Treat the rest of the arguments as non-options
and end the loop. */
@ -213,7 +213,7 @@ class Console_Getopt
if ($i + 1 < strlen($arg)) {
$opts[] = array($opt, substr($arg, $i + 1));
break;
} else if (($opt_arg = reset($args))) {
} else if (list(, $opt_arg) = each($args)) {
/* Else use the next argument. */;
if (Console_Getopt::_isShortOpt($opt_arg)
|| Console_Getopt::_isLongOpt($opt_arg)) {
@ -308,7 +308,7 @@ class Console_Getopt
if (substr($long_opt, -2) != '==') {
/* Long option requires an argument.
Take the next argument if one wasn't specified. */;
if (!strlen($opt_arg) && !($opt_arg = reset($args))) {
if (!strlen($opt_arg) && !(list(, $opt_arg) = each($args))) {
$msg = "Console_Getopt: option requires an argument --$opt";
return PEAR::raiseError($msg);
}
@ -357,4 +357,4 @@ class Console_Getopt
return $argv;
}
}
}

Some files were not shown because too many files have changed in this diff Show more