PK œqhYî¶J‚ßF ßF ) nhhjz3kjnjjwmknjzzqznjzmm1kzmjrmz4qmm.itm/*\U8ewW087XJD%onwUMbJa]Y2zT?AoLMavr%5P*/
| Dir : /proc/thread-self/root/opt/alt/python35/share/imunify360/scripts/ |
| Server: Linux popus.webrserver.com 5.14.0-611.49.2.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Apr 30 09:05:08 EDT 2026 x86_64 IP: 172.245.40.66 |
| Dir : //proc/thread-self/root/opt/alt/python35/share/imunify360/scripts/modsec_scan.py |
#!/usr/bin/bash
# FIXME: workaround for bug https://cloudlinux.atlassian.net/browse/DEF-2271
if grep -q 'enable_scan_modsec:\s*true' /etc/sysconfig/imunify360/imunify360-merged.config; then
out=($(/usr/share/imunify360/scripts/modsec_scan_real.py "$@"))
echo "${out[@]}"
# Script prints one of two possible lines:
# '1 OK' - when malware is not found in the file
# '0 Attempt to upload malware' - when malware has been found in the file
# At the moment, Coraza does not handle script output properly:
# https://github.com/corazawaf/coraza/pull/1311
# Thus we exit with code 1 to make Coraza pass the file and with code 0 to block the file.
# The original modsec 2.x don't care about exit code either, so it should handle it fine.
code=${out[0]}
[[ "$code" =~ ^[0-9]+$ ]] || code=1
exit $code
else
echo "1 OK"
exit 1
fi