From 900a38d86eff01c16e4f96ef968ae1dbc080601b Mon Sep 17 00:00:00 2001
From: ftimme <ft@falkotimme.com>
Date: Mon, 10 Oct 2011 17:03:45 -0400
Subject: [PATCH] - Implemented folder protection for nginx.

---
 server/plugins-available/apache2_plugin.inc.php |   55 +++++++++++++++++++++++++++++--------------------------
 1 files changed, 29 insertions(+), 26 deletions(-)

diff --git a/server/plugins-available/apache2_plugin.inc.php b/server/plugins-available/apache2_plugin.inc.php
index 51c6a66..11028ef 100644
--- a/server/plugins-available/apache2_plugin.inc.php
+++ b/server/plugins-available/apache2_plugin.inc.php
@@ -289,6 +289,23 @@
 			$app->log('Websites cannot be owned by the root user or group.',LOGLEVEL_WARN);
 			return 0;
 		}
+		
+		// Create group and user, if not exist
+		$app->uses('system');
+
+		$groupname = escapeshellcmd($data['new']['system_group']);
+		if($data['new']['system_group'] != '' && !$app->system->is_group($data['new']['system_group'])) {
+			exec('groupadd '.$groupname);
+			if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' groupadd '.$groupname);
+			$app->log('Adding the group: '.$groupname,LOGLEVEL_DEBUG);
+		}
+
+		$username = escapeshellcmd($data['new']['system_user']);
+		if($data['new']['system_user'] != '' && !$app->system->is_user($data['new']['system_user'])) {
+			exec('useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname -G sshusers $username -s /bin/false");
+			if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname -G sshusers $username -s /bin/false");
+			$app->log('Adding the user: '.$username,LOGLEVEL_DEBUG);
+		}
 
 		//* If the client of the site has been changed, we have a change of the document root
 		if($this->action == 'update' && $data['new']['document_root'] != $data['old']['document_root']) {
@@ -510,23 +527,6 @@
 			exec('chmod -R a+r '.$error_page_path);
 			exec('chown -R '.$data['new']['system_user'].':'.$data['new']['system_group'].' '.$error_page_path);
 		}  // end copy error docs
-
-		// Create group and user, if not exist
-		$app->uses('system');
-
-		$groupname = escapeshellcmd($data['new']['system_group']);
-		if($data['new']['system_group'] != '' && !$app->system->is_group($data['new']['system_group'])) {
-			exec('groupadd '.$groupname);
-			if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' groupadd '.$groupname);
-			$app->log('Adding the group: '.$groupname,LOGLEVEL_DEBUG);
-		}
-
-		$username = escapeshellcmd($data['new']['system_user']);
-		if($data['new']['system_user'] != '' && !$app->system->is_user($data['new']['system_user'])) {
-			exec('useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname -G sshusers $username -s /bin/false");
-			if($apache_chrooted) $this->_exec('chroot '.escapeshellcmd($web_config['website_basedir']).' useradd -d '.escapeshellcmd($data['new']['document_root'])." -g $groupname -G sshusers $username -s /bin/false");
-			$app->log('Adding the user: '.$username,LOGLEVEL_DEBUG);
-		}
 
 		// Set the quota for the user
 		if($username != '' && $app->system->is_user($username)) {
@@ -1282,7 +1282,7 @@
 		if(!is_file($folder_path.'.htpasswd')) {
 			touch($folder_path.'.htpasswd');
 			chmod($folder_path.'.htpasswd',0755);
-			$app->log('Created file'.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);
+			$app->log('Created file '.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);
 		}
 		
 		if($data['new']['username'] != $data['old']['username'] || $data['new']['active'] == 'n') {
@@ -1306,7 +1306,7 @@
 			$ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$folder_path.".htpasswd\nrequire valid-user";
 			file_put_contents($folder_path.'.htaccess',$ht_file);
 			chmod($folder_path.'.htpasswd',0755);
-			$app->log('Created file'.$folder_path.'.htaccess',LOGLEVEL_DEBUG);
+			$app->log('Created file '.$folder_path.'.htaccess',LOGLEVEL_DEBUG);
 		}
 		
 	}
@@ -1338,13 +1338,13 @@
 		//* Remove .htpasswd file
 		if(is_file($folder_path.'.htpasswd')) {
 			unlink($folder_path.'.htpasswd');
-			$app->log('Removed file'.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);
+			$app->log('Removed file '.$folder_path.'.htpasswd',LOGLEVEL_DEBUG);
 		}
 		
 		//* Remove .htaccess file
 		if(is_file($folder_path.'.htaccess')) {
 			unlink($folder_path.'.htaccess');
-			$app->log('Removed file'.$folder_path.'.htaccess',LOGLEVEL_DEBUG);
+			$app->log('Removed file '.$folder_path.'.htaccess',LOGLEVEL_DEBUG);
 		}
 	}
 	
@@ -1395,13 +1395,13 @@
 			//* move .htpasswd file
 			if(is_file($old_folder_path.'.htpasswd')) {
 				rename($old_folder_path.'.htpasswd',$new_folder_path.'.htpasswd');
-				$app->log('Moved file'.$new_folder_path.'.htpasswd',LOGLEVEL_DEBUG);
+				$app->log('Moved file '.$new_folder_path.'.htpasswd',LOGLEVEL_DEBUG);
 			}
 			
-			//* move .htpasswd file
+			//* move .htaccess file
 			if(is_file($old_folder_path.'.htaccess')) {
 				rename($old_folder_path.'.htaccess',$new_folder_path.'.htaccess');
-				$app->log('Moved file'.$new_folder_path.'.htaccess',LOGLEVEL_DEBUG);
+				$app->log('Moved file '.$new_folder_path.'.htaccess',LOGLEVEL_DEBUG);
 			}
 		
 		}
@@ -1411,13 +1411,13 @@
 			$ht_file = "AuthType Basic\nAuthName \"Members Only\"\nAuthUserFile ".$folder_path.".htpasswd\nrequire valid-user";
 			file_put_contents($new_folder_path.'.htaccess',$ht_file);
 			chmod($new_folder_path.'.htpasswd',0755);
-			$app->log('Created file'.$new_folder_path.'.htaccess',LOGLEVEL_DEBUG);
+			$app->log('Created file '.$new_folder_path.'.htaccess',LOGLEVEL_DEBUG);
 		}
 		
 		//* Remove .htaccess file
 		if($data['new']['active'] == 'n' && is_file($new_folder_path.'.htaccess')) {
 			unlink($new_folder_path.'.htaccess');
-			$app->log('Removed file'.$new_folder_path.'.htaccess',LOGLEVEL_DEBUG);
+			$app->log('Removed file '.$new_folder_path.'.htaccess',LOGLEVEL_DEBUG);
 		}
 		
 		
@@ -1698,6 +1698,9 @@
 			file_put_contents($awstats_conf_dir.'/awstats.'.$data['new']['domain'].'.conf',$content);
 			$app->log('Created AWStats config file: '.$awstats_conf_dir.'/awstats.'.$data['new']['domain'].'.conf',LOGLEVEL_DEBUG);
 		}
+		
+		unlink($data['new']['document_root']."/web/stats/index.html");
+		copy("/usr/local/ispconfig/server/conf/awstats_index.php.master",$data['new']['document_root']."/web/stats/index.php");
 	}
 	
 	//* Delete the awstats configuration file

--
Gitblit v1.9.1