Viewing File: /usr/local/cpanel/whostmgr/docroot/cgi/cwaf/js/cwaf_cwatch.js
/* REQUIRE:
* jquery.js
* plugins:
* jquery-ui
*/
// CAM MSSP signup pages
var cam_url = 'https://accounts.comodo.com';
var cam_mssp_url1 = cam_url+'/capt/management/signup?identifier=capt.clws.se.v1';
var cam_mssp_url2 = cam_url+'/capt/management/signup?identifier=capt.web.security.be.1server.v1';
// handler URL
var cwatch_handler_url = "cwaf_cwatch.cgi";
// page header
var cwatch_header_div = '#cwaf_cwatch_header';
// content container
var cwatch_content_div = '#cwaf_cwatch_content';
// result container
var cwatch_navigation_div = '#cwaf_cwatch_navbuttons';
// CWAF cwatch functions
// show first screen
function cwatch_show() {
var data = mssp_data('get_mssp_info');
if ( typeof data.token !== 'undefined' ) {
show_config(data.token, data.modsec_log);
} else {
show_greets();
}
}
function clear() {
$(cwatch_header_div).html('');
$(cwatch_content_div).html('');
$(cwatch_navigation_div).html('');
}
function show_greets() {
clear();
$(cwatch_header_div).html('<div><h1>cWatch Web Security</h1></div><h3>cWatch Web Security is a high quality managed Web Application Firewall and Web Application Security Monitoring service offered by Comodo. </h3>');
$(cwatch_content_div).html(' \
<div class="cwatch_buy_table"> \
<div class="cwatch_buy_row"> \
<span class="cwatch_buy_left"> \
<div class="cwatch_benefits"> \
<h1>Web Security Gold</h1> \
<ul> \
<li>7x24 Active Application Security Monitoring and WAF Management with Comodo SoC</li> \
<li>Cloud, hosting or on premise deployment options</li> \
<li>On-time Blacklist updates form Comodo Threat Center</li> \
<li>Customized Rule Set for each application</li> \
<li>Compliance (PCI-DSS &HIPAA)</li> \
<li>Incident Responce and Remediation</li> \
</ul> \
<div class="cwatch_price_div"> \
<div><span class="cwatch_price">$189.99</span><span>/month</span></div> \
<div class="cwatch_ad_div">Amazing value per server for a monitoring solution!</div> \
</div> \
<div class="cwatch_buy_block" id="cwatch_buy_std" /> \
</div> \
</span> \
\
<span class="cwatch_buy_right"> \
<div class="cwatch_benefits"> \
<h1>Web Security Platinum</h1> \
<ul> \
<li>All Standard features plus</li> \
<li>Full WAF management</li> \
<li>Access to Engineers to Fix Vulnerabilities</li> \
</ul> \
<div class="cwatch_price_div"> \
<div><span class="cwatch_price">$349.99</span><span>/month</span></div> \
<div class="cwatch_ad_div">Best Value for Money!</div> \
</div> \
<div class="cwatch_buy_block" id="cwatch_buy_buz" /> \
</div> \
</span> \
\
</div> \
</div> \
<h5>You will be forwarded to Comodo Accounts Manager site for purchase </h5> \
');
$('#cwatch_buy_std').append(
$('<input>').prop({type:'button', class:'cwatch_buy', id:'cwatch_buy', value:'Buy'}).unbind('click').bind('click', function(e) {
window.open(cam_mssp_url1, 'Comodo NxSIEM Cloud Security Standard');
return false;
})
);
$('#cwatch_buy_buz').append(
$('<input>').prop({type:'button', class:'cwatch_buy', id:'cwatch_buy', value:'Buy'}).unbind('click').bind('click', function(e) {
window.open(cam_mssp_url2, 'Comodo NxSIEM Cloud Security Business');
return false;
})
);
// NEXT button
$(cwatch_navigation_div).append(
$('<input>').prop({type:'button', class:'cwatch_button left', id:'wiz_next', value:'Next'}).unbind('click').bind('click', function(e) {
show_account();
})
);
}
function show_account() {
var host = mssp_data('get_hostname');
clear();
$(cwatch_header_div).html('<h1>cWATCH Account Creation</h1><h3>Please Fill in below to create your cWATCH Account for this server</h3>');
$(cwatch_content_div).html(' \
<div class="cwatch_account"> \
<div class="cwatch_account_row"> \
<span class="cwatch_acc_col1">License Key</span> \
<span class="cwatch_acc_col2"><input type="text" id="license_key" /></span> \
<span class="cwatch_acc_col3">* License Key in the Order Acknowledgement mail</span> \
</div> \
\
<div class="cwatch_account_row"> \
<span class="cwatch_acc_col1">Server Name</span> \
<span class="cwatch_acc_col2"><input type="text" id="name" value="'+host+'"/></span> \
<span class="cwatch_acc_col3"></span> \
</div> \
\
<div class="cwatch_account_row"> \
<span class="cwatch_acc_col1">Contact Mail</span> \
<span class="cwatch_acc_col2"><input type="text" id="mail" /></span> \
<span class="cwatch_acc_col3"></span> \
</div> \
</div> \
');
// PREV button
$(cwatch_navigation_div).append(
$('<input>').prop({type:'button', class:'cwatch_button left', id:'wiz_back', value:'Back'}).unbind('click').bind('click', function(e) {
show_greets();
})
);
// NEXT button
$(cwatch_navigation_div).append(
$('<input>').prop({type:'button', class:'cwatch_button right', id:'wiz_next', value:'Next'}).unbind('click').bind('click', function(e) {
if ( !$('#license_key').val() ) {
show_error_msg("License key cant be empty!");
return false;
}
if( ! emailValid( $('#mail').val() ) ) {
show_error_msg("Email "+$('#mail').val()+" is invalid!");
return false;
}
nxsiem_registration($('#license_key').val(), $('#name').val(), $('#mail').val());
})
);
}
function show_config(NetworkID, modsec_audit) {
var msec_audit = (typeof modsec_audit !== 'undefined' ) ? modsec_audit : '/usr/local/apache/logs/modsec_audit.log';
clear();
$(cwatch_header_div).html('<h1>LOG CONFIGURATION</h1><div class="cwatch_config_header"><h3>Your cWatch Web Security account has been set up.</h3><h4>Please proceed by log forwarding</h4><div>');
$(cwatch_content_div).html(' \
<div class="cwatch_config"> \
<div><b>IMPORTANT!</b> Rsyslog will be installed and cnfigured on this server to forward logs to cWatch. Logs will be forwarded encyrpted with a self signed certificate. \
If you have log forwarder already installed, please e-mail to cwatchsupport@comodo.com for help on configuration. You will be contacted within 24 hours.</div> \
<div class="cwatch_config_nid"> \
<span class="cwatch_network_label">Your customer network ID</span> \
<span class="cwatch_network_id" id="cwatch_network_id">'+NetworkID+'</span> \
</div> \
\
<div class="cwatch_logs_label">Log File Paths</div> \
\
<div class="cwatch_logs"> \
<div class="cwatch_logs_row"> \
\
<span class="cwatch_logs_left"> \
<div class="cwatch_logs_block"> \
<div class="cwatch_logs_header">Application and Server Logs</div> \
<div class="cwatch_logs_block_row"> \
<span class="cwatch_logs_c1">Apache http logs</span> \
<span class="cwatch_logs_c2"><input type="text" value="/usr/local/apache/logs/access_log" id="apache_logs" /></span> \
<span class="cwatch_logs_c3"><label class="cwatch_logs_button" for="apache_logs">...</label></span> \
</div> \
\
<div class="cwatch_logs_block_row"> \
<span class="cwatch_logs_c1">Apache error logs</span> \
<span class="cwatch_logs_c2"><input type="text" value="/usr/local/apache/logs/error_log" id="apache_error" /></span> \
<span class="cwatch_logs_c3"><label class="cwatch_logs_button" for="apache_error">...</label></span> \
</div> \
\
<div class="cwatch_logs_block_row"> \
<span class="cwatch_logs_c1">Mod Security logs</span> \
<span class="cwatch_logs_c2"><input type="text" value="'+ msec_audit +'" id="modsec_logs" /></span> \
<span class="cwatch_logs_c3"><label class="cwatch_logs_button" for="modsec_logs">...</label></span> \
</div> \
\
<div class="cwatch_logs_block_row"> \
<span class="cwatch_logs_c1">Linux Logs</span> \
<span class="cwatch_logs_c2"><input type="text" value="/var/log/audit/audit.log" id="linux_logs" /></span> \
<span class="cwatch_logs_c3"><label class="cwatch_logs_button" for="linux_logs">...</label></span> \
</div> \
\
<div class="cwatch_logs_block_row"> \
<span class="cwatch_logs_c1">Database logs (mysql)</span> \
<span class="cwatch_logs_c2"><input type="text" value="/var/lib/mysql/*.err" id="mysql_logs" /></span> \
<span class="cwatch_logs_c3"><label class="cwatch_logs_button" for="mysql_logs">...</label></span> \
</div> \
\
<div class="cwatch_logs_block_row"> \
<span class="cwatch_logs_c1">Linux PAM logs</span> \
<span class="cwatch_logs_c2"><input type="text" value="/var/log/secure" id="pam_logs" /></span> \
<span class="cwatch_logs_c3"><label class="cwatch_logs_button" for="pam_logs">...</label></span> \
</div> \
</div> \
</span> \
\
<span class="cwatch_logs_right"> \
<div class="cwatch_logs_block"> \
<div class="cwatch_logs_header">cPanel Logs</div> \
\
<div class="cwatch_logs_block_row"> \
<span class="cwatch_logs_c1">Acess log</span> \
<span class="cwatch_logs_c2"><input type="text" value="/usr/local/cpanel/logs/access_log" id="cpanel_access_logs" /></span> \
<span class="cwatch_logs_c3"><label class="cwatch_logs_button" for="cpanel_access_logs">...</label></span> \
</div> \
\
<div class="cwatch_logs_block_row"> \
<span class="cwatch_logs_c1">Error log</span> \
<span class="cwatch_logs_c2"><input type="text" value="/usr/local/cpanel/logs/error_log" id="cpanel_error_logs" /></span> \
<span class="cwatch_logs_c3"><label class="cwatch_logs_button" for="cpanel_error_logs">...</label></span> \
</div> \
\
<div class="cwatch_logs_block_row"> \
<span class="cwatch_logs_c1">Login log</span> \
<span class="cwatch_logs_c2"><input type="text" value="/usr/local/cpanel/logs/login_log" id="cpanel_login_logs" /></span> \
<span class="cwatch_logs_c3"><label class="cwatch_logs_button" for="cpanel_login_logs">...</label></span> \
</div> \
\
<div class="cwatch_logs_block_row"> \
<span class="cwatch_logs_c1">Panic Log</span> \
<span class="cwatch_logs_c2"><input type="text" value="/usr/local/cpanel/logs/panic_log" id="cpanel_panic_logs" /></span> \
<span class="cwatch_logs_c3"><label class="cwatch_logs_button" for="cpanel_panic_logs">...</label></span> \
</div> \
\
<div class="cwatch_logs_block_row"> \
<span class="cwatch_logs_c1">Service check Logs (chkservd.log)</span> \
<span class="cwatch_logs_c2"><input type="text" value="/var/log/chkservd.log" id="cpanel_chkservd_logs" /></span> \
<span class="cwatch_logs_c3"><label class="cwatch_logs_button" for="cpanel_chkservd_logs">...</label></span> \
</div> \
\
</div> \
</span> \
</div> \
</div> \
</div>');
// PREV button
$(cwatch_navigation_div).append(
$('<input>').prop({type:'button', class:'cwatch_button left', id:'wiz_back', value:'Back'}).unbind('click').bind('click', function(e) {
show_account();
})
);
// NEXT button
$(cwatch_navigation_div).append(
$('<input>').prop({type:'button', class:'cwatch_button right', id:'wiz_next', value:'Finish'}).unbind('click').bind('click', function(e) {
var data = {
apache_logs:$('#apache_logs').val(),
apache_error:$('#apache_error').val(),
modsec_logs:$('#modsec_logs').val(),
linux_logs:$('#linux_logs').val(),
mysql_logs:$('#mysql_logs').val(),
pam_logs:$('#pam_logs').val(),
cpanel_access_logs:$('#cpanel_access_logs').val(),
cpanel_error_logs:$('#cpanel_error_logs').val(),
cpanel_login_logs:$('#cpanel_login_logs').val(),
cpanel_panic_logs:$('#cpanel_panic_logs').val(),
cpanel_chkservd_logs:$('#cpanel_chkservd_logs').val()
};
if ( mssp_data('append_mssp_info', data) ) {
show_congrats();
}
})
);
}
function show_congrats() {
clear();
$(cwatch_header_div).html('<h1>Congraturations!</h1>');
$(cwatch_content_div).html('All Configurations has been made and setup is complete. You should recieve an e-mail from Comodo shortly, \
confirming that your logs are recieved by our servers. If you do not recieve the e-mail in 15 minutes, please check your spam folder first and contact cwatchsupport@comodo.com for help.');
// PREV button
$(cwatch_navigation_div).append(
$('<input>').prop({type:'button', class:'cwatch_button left', id:'wiz_back', value:'Back'}).unbind('click').bind('click', function(e) {
show_config();
})
);
// NEXT button
$(cwatch_navigation_div).append(
$('<input>').prop({type:'button', class:'cwatch_button right', id:'wiz_back', value:'Done'}).unbind('click').bind('click', function(e) {
$("#tabs").tabs('select', 0);
})
);
}
function nxsiem_registration(license_key, name, email) {
// error message
var nxsiem_err_msg = "Register request to NxSIEM server failed!";
// set overlay
create_overlay();
var udata = {licenseKey: license_key, name: name, contactEmail: email};
// ajax request
$.ajax({
url: cwatch_handler_url,
data: { reginfo: JSON.stringify(udata), action: 'mssp_info' },
type: 'POST',
statusCode: {
412: function() { show_error_msg(nxsiem_err_msg + "\nAction is undefined"); },
400: function() { show_error_msg(nxsiem_err_msg + "\nUnknown action"); }
}
})
.done(function(msg) {
// check plugin error
if(msg.status == 0) {
show_error_msg(nxsiem_err_msg + "\n" + msg.errmsg);
return false;
}
// check nxsiem error
if(msg.data.status == false) {
switch (msg.data.message) {
case "ERROR_MESSAGE_LICENSE_ALREADY_EXISTS":
show_error_msg(nxsiem_err_msg + "\nLicense already exists!");
break;
case "ERROR_MESSAGE_INVALID_LICENSE":
show_error_msg(nxsiem_err_msg + "\nLicense invalid!");
break;
case "ERROR_MESSAGE_CAM_CONNECTION":
show_error_msg(nxsiem_err_msg + "\nCan't connect to Accouns Server!");
break;
default:
show_error_msg(nxsiem_err_msg + "\n" + msg.data.message);
}
} else {
remove_overlay();
var data = {token:msg.data.networkCollectionToken};
mssp_data('save_mssp_info', data);
show_config(msg.data.networkCollectionToken);
}
});
return true;
}
function mssp_data(action, mssp_data) {
var ajax_data = { action: action };
if (typeof mssp_data !== 'undefined' ) {
ajax_data = { data: JSON.stringify(mssp_data), action: action };
}
var was_error = false;
// set overlay
create_overlay();
response = $.ajax({
url: cwatch_handler_url,
data: ajax_data,
type: 'POST',
async: false,
statusCode: {
412: function() { show_error_msg("Action is undefined"); was_error = true;},
400: function() { show_error_msg("Unknown action"); was_error = true;}
},
}).responseText;
if (! was_error) {
msg = JSON.parse(response);
if(msg.status === 0) {
show_error_msg(msg.errmsg);
return false;
}
if(msg.status === 2) {
remove_overlay();
show_info_msg(msg.warning);
return true;
}
// sucess
remove_overlay();
if(msg.data) {
return msg.data;
} else {
return true;
}
}
}
function emailValid(email) {
var pattern = /^([a-zA-Z0-9_.+-])+\@(([a-zA-Z0-9-])+\.)+([a-zA-Z0-9]{2,4})+$/;
return pattern.test(email);
}
Back to Directory
File Manager