maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

- implemented 'Create vHost-Container' and 'Own vHost-Settings' for lighttpd

Browse Source 
- implemented Froxlor-directory protection (apache and lighttpd), fixes #72
- enable `vhostcontainer` and `vhostcontainer_servername_statement` by default
This commit is contained in:
Michael Kaufmann (d00p)
2010-03-19 17:29:31 +00:00
parent 1db572e010
commit 660bede9c5
4 changed files with 56 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
install/install.php
View File

@@ -602,8 +602,11 @@ if(isset($_POST['installstep'])
// and lets insert the default ip and port
$query = 'INSERT INTO `%s` SET `ip` = \'%s\', `port` = \'80\' ';
$query = sprintf($query, TABLE_PANEL_IPSANDPORTS, $db->escape($serverip));
$query = "INSERT INTO `".TABLE_PANEL_IPSANDPORTS."`
SET `ip`= '".$db->escape($serverip)."',
`port` = '80',
`vhostcontainer` = '1',
`vhostcontainer_servername_statement` = '1'";
$db->query($query);
$defaultip = $db->insert_id();

22
scripts/jobs/cron_tasks.inc.http.10.apache.php
View File

@@ -121,11 +121,33 @@ class apache
{
$this->virtualhosts_data[$vhosts_filename].= '<VirtualHost ' . $ipport . '>' . "\n";
/**
* add 'real'-vhost content here, like doc-root :)
*/
$mypath = makeCorrectDir(dirname(dirname(dirname(__FILE__))));
$this->virtualhosts_data[$vhosts_filename].= 'DocumentRoot "'.$mypath.'"'."\n";
if($row_ipsandports['vhostcontainer_servername_statement'] == '1')
{
$this->virtualhosts_data[$vhosts_filename].= ' ServerName ' . $this->settings['system']['hostname'] . "\n";
}
/**
* dirprotection, see #72
*/
$this->virtualhosts_data[$vhosts_filename].= "\t<Directory \"'.$mypath.'(images|packages|templates)\">\n";
$this->virtualhosts_data[$vhosts_filename].= "\t\tAllow from all\n";
$this->virtualhosts_data[$vhosts_filename].= "\t\tOptions -Indexes\n";
$this->virtualhosts_data[$vhosts_filename].= "\t</Directory>\n";
$this->virtualhosts_data[$vhosts_filename].= "\t<Directory \"'.$mypath.'*\">\n";
$this->virtualhosts_data[$vhosts_filename].= "\t\tOrder Deny,Allow\n";
$this->virtualhosts_data[$vhosts_filename].= "\t\tDeny from All\n";
$this->virtualhosts_data[$vhosts_filename].= "\t</Directory>\n";
/**
* end of dirprotection
*/
if($row_ipsandports['specialsettings'] != '')
{
$this->virtualhosts_data[$vhosts_filename].= $row_ipsandports['specialsettings'] . "\n";

28
scripts/jobs/cron_tasks.inc.http.20.lighttpd.php
View File

@@ -68,7 +68,7 @@ class lighttpd
public function createIpPort()
{
$query = "SELECT `id`, `ip`, `port`, `listen_statement`, `namevirtualhost_statement`, `vhostcontainer`, " . " `vhostcontainer_servername_statement`, `specialsettings`, `ssl`, `ssl_cert_file` " . " FROM `" . TABLE_PANEL_IPSANDPORTS . "` ORDER BY `ip` ASC, `port` ASC";
$query = "SELECT * FROM `" . TABLE_PANEL_IPSANDPORTS . "` ORDER BY `ip` ASC, `port` ASC";
$result_ipsandports = $this->db->query($query);
while($row_ipsandports = $this->db->fetch_array($result_ipsandports))
@@ -101,6 +101,30 @@ class lighttpd
$this->lighttpd_data[$vhost_filename].= 'server.bind = "' . $ip . '"' . "\n";
}
if($row_ipsandports['vhostcontainer'] == '1')
{
$myhost = str_replace('.', '\.', $this->settings['system']['hostname']);
$this->lighttpd_data[$vhost_filename].= '# Froxlor default vhost' . "\n";
$this->lighttpd_data[$vhost_filename].= '$HTTP["host"] =~ "^(?:www\.|)' . $myhost . '$" {' . "\n";
$mypath = makeCorrectDir(dirname(dirname(dirname(__FILE__))));
$this->lighttpd_data[$vhost_filename].= ' server.document-root = "'.$mypath.'"'."\n";
/**
* dirprotection, see #72
*/
$this->lighttpd_data[$vhost_filename].= ' $HTTP["url"] =~ "^/(actions|install|lib|lng|scripts|temp)" {' . "\n";
$this->lighttpd_data[$vhost_filename].= ' url.access-deny = ("")' . "\n";
$this->lighttpd_data[$vhost_filename].= ' }' . "\n";
if($row_ipsandports['specialsettings'] != '')
{
$this->lighttpd_data[$vhost_filename].= $row_ipsandports['specialsettings'] . "\n";
}
$this->lighttpd_data[$vhost_filename].= '}' . "\n";
}
if($row_ipsandports['ssl'] == '1')
{
$this->lighttpd_data[$vhost_filename].= 'ssl.engine = "enable"' . "\n";
@@ -116,7 +140,7 @@ class lighttpd
if($vhosts !== null && is_array($vhosts) && isset($vhosts[0]))
{
foreach($vhosts as $vhost) {
$this->lighttpd_data[$vhost_filename].= ' include "vhosts/'.basename($vhost).'"'."\n";
$this->lighttpd_data[$vhost_filename].= ' include "'.$vhost.'"'."\n";
}
}

8
templates/admin/ipsandports/ipsandports_edit.tpl
View File

@@ -43,15 +43,11 @@ $header
<td class="main_field_display" nowrap="nowrap">$namevirtualhost_statement</td>
</tr>
<tr>
<td class="main_field_name">{$lng['admin']['ipsandports']['create_vhostcontainer']}:
<if $settings['system']['webserver'] == 'lighttpd'><div style="color:red">{$lng['panel']['not_supported']}lighttpd</div></if>
</td>
<td class="main_field_name">{$lng['admin']['ipsandports']['create_vhostcontainer']}:</td>
<td class="main_field_display" nowrap="nowrap">$vhostcontainer</td>
</tr>
<tr>
<td class="main_field_name" valign="top">{$lng['admin']['ownvhostsettings']}:<br /><font size="1">{$lng['serversettings']['default_vhostconf']['description']}</font>
<if $settings['system']['webserver'] == 'lighttpd'><div style="color:red">{$lng['panel']['not_supported']}lighttpd</div></if>
</td>
<td class="main_field_name" valign="top">{$lng['admin']['ownvhostsettings']}:<br /><font size="1">{$lng['serversettings']['default_vhostconf']['description']}</font></td>
<td class="main_field_display" nowrap="nowrap"><textarea class="textarea_border" rows="12" cols="60" name="specialsettings">{$result['specialsettings']}</textarea></td>
</tr>
<tr>