File: //opt/imunify360/venv/lib/python3.11/site-packages/im360/subsys/panels/cpanel/panel.py
import logging
from typing import List, Set, Sequence
from defence360agent.subsys.panels.cpanel import cPanel as Base
from defence360agent.utils.kwconfig import KWConfig
from im360.subsys import webshield
from im360.subsys.panels.base import PanelInterface
from defence360agent.subsys.panels.cpanel.panel import (
CPANEL_USERDATADOMAINS_PATH,
WWWACT_CONF,
)
from .mod_security import cPanelModSecurity
from .pure_ftp import cPanelPureFTPConfig
from .remoteip import RemoteIP
from im360.utils import change_system_password, generate_strong_password
logger = logging.getLogger(__name__)
CPANEL_CONFIG = "/var/cpanel/cpanel.config"
class cPanelConfig(KWConfig):
SEARCH_PATTERN = r"^\s*{}\s*=\s*(.*?)\s*$"
WRITE_PATTERN = "{}={}"
DEFAULT_FILENAME = CPANEL_CONFIG
class cPanel(Base, PanelInterface, cPanelModSecurity, RemoteIP):
pure_ftp_conf_cls = cPanelPureFTPConfig
async def _get_all_admin_emails(self) -> List[str]:
emails = [] # type: List[str]
with open(WWWACT_CONF) as f:
contact_line = next(
(
line
for line in f
if line.strip().startswith("CONTACTEMAIL")
),
None,
)
if contact_line is not None:
contacts = contact_line.strip().split()
if len(contacts) > 1:
return [
email.strip() for email in contacts[1].split(",") if email
]
return emails
def http_ports(self) -> Set[int]:
return {2082, 2095, 2086} # cPanel # cPpanel Webmail # WHM
def https_ports(self) -> Set[int]:
return {
2083, # cPanel SSL
2096, # cPpanel Webmail SSL
2087, # WHM SSL
}
def remoteip_supported(self) -> bool:
return True
def get_SMTP_conflict_status(self) -> bool:
"""
Return True if SMTP restriction feature is enabled
"""
return cPanelConfig("smtpmailgidonly").get() == "1"
def get_webshield_protected_ports(self):
return {
port: webshield.port_redirect_map()[port] for port in (2082, 2083)
}
@staticmethod
def force_reset_user_password(username, password=None):
change_system_password(
username, generate_strong_password() if not password else password
)