File: //usr/local/cwaf/scripts/uninstall_cwaf.sh
#!/usr/bin/env bash
# Uninstall script
function do_remove_cpanel {
clear
CWAF_PATH=`get_cwaf_path`
uninstall_perl_wrapper
echo -ne "\nDelete cPanel directories\n\n"
rm -rf /usr/local/cpanel/whostmgr/docroot/cgi/cwaf
rm -rf /usr/local/cpanel/whostmgr/docroot/cgi/cwaf*
rm -f /usr/local/cpanel/whostmgr/docroot/cgi/addon_cwaf.cgi
echo -ne "Unregistring app: "
/usr/local/cpanel/bin/unregister_appconfig /var/cpanel/apps/addon_cwaf.conf
rm -f /var/cpanel/apps/addon_cwaf.conf
if [ ! -d "$CWAF_PATH/nginx" ]; then
echo -e "\nRemoving Easy Apache hooks\n"
remove_ea_hooks
echo -ne "Restoring ModSecurity configuration\n\n"
if [ -e "/etc/cpanel/ea4/is_ea4" ]; then
rm -f /etc/apache2/conf.d/zzzz_cwaf_security2.conf
rm -rf /etc/apache2/conf.d.cwaf-backup
else
mv -f "/usr/local/apache/conf/modsec2.conf.cwaf_orig" "/usr/local/apache/conf/modsec2.conf"
fi
else
echo -ne "Restoring Nginx configuration\n\n"
restore_nginx_conf
fi
echo "Removing CWAF $CWAF_PATH"
rm -rf "$CWAF_PATH"
echo -ne "Please don't forget to restart web server for the changes to take effect\n"
print_final_msg
}
function do_remove_plesk {
clear
get_plesk_params '/etc/psa/psa.conf' 'PRODUCT_ROOT_D HTTPD_INCLUDE_D HTTPD_CONF_D'
CWAF_PATH=`get_cwaf_path`
uninstall_perl_wrapper
echo -ne "\nDelete Plesk directories\n\n"
rm -rf $PLESK_HTTPD_INCLUDE_D.cwaf-backup
rm -f /etc/sudoers.d/cwaf
echo -ne "Unregistring app: "
$PLESK_PRODUCT_ROOT_D/bin/extension -u cwaf
if [ ! -d "$CWAF_PATH/nginx" ]; then
echo -ne "\nRestoring ModSecurity configuration\n\n"
# fix for apache 2 Debian
if [ -f "$PLESK_HTTPD_CONF_D/mods-enabled/security2.conf.cwaf_backup" ]; then
PLESK_SECURITY2_PATH="$PLESK_HTTPD_CONF_D/mods-enabled"
else
PLESK_SECURITY2_PATH=$PLESK_HTTPD_INCLUDE_D
fi
rm -f $PLESK_HTTPD_INCLUDE_D/zzzz_cwaf_security2.conf
mv -f $PLESK_SECURITY2_PATH/security2.conf.cwaf_backup $PLESK_SECURITY2_PATH/security2.conf
else
echo -ne "Restoring Nginx configuration\n\n"
restore_nginx_conf
fi
echo "Removing CWAF $CWAF_PATH"
rm -rf "$CWAF_PATH"
echo -ne "Please don't forget to restart web server for the changes to take effect\n"
print_final_msg
}
function do_remove_da {
clear
CWAF_PATH="/usr/local/cwaf"
PLUGIN_PATH="/usr/local/directadmin/plugins/comodo_waf"
CWAF_PLATFORM=`grep '^cwaf_platform=' $CWAF_PATH/etc/main.conf | sed -r 's/^cwaf_platform=\"(.*)\"/\1/'`
uninstall_perl_wrapper
echo -ne "\nCleaning up system\n\n"
rm -f /etc/sudoers.d/cwaf
rm -f /usr/local/etc/sudoers.d/cwaf
echo -ne "\nRestoring ModSecurity configuration\n\n"
# restore modsec config
rm -f "/etc/modsecurity.d/comodo_rules.conf.main"
rm -f "/etc/modsecurity.d/rules.dat"
echo "Removing CWAF $CWAF_PATH"
rm -rf "$CWAF_PATH"
#check if console uninstall
if [ x"$1" != x"--da-plugin" ]; then
echo "Removing plugin"
rm -rf "$PLUGIN_PATH"
fi
echo -ne "Please don't forget to restart web server for the changes to take effect\n"
print_final_msg
}
function do_remove_webmin {
clear
CWAF_PATH="/usr/local/cwaf"
PLUGIN_PATH="/usr/local/directadmin/plugins/comodo_waf"
CWAF_PLATFORM=`grep '^cwaf_platform=' $CWAF_PATH/etc/main.conf | sed -r 's/^cwaf_platform=\"(.*)\"/\1/'`
uninstall_perl_wrapper
echo -ne "\nCleaning up system\n\n"
rm -f /etc/sudoers.d/cwaf
rm -f /usr/local/etc/sudoers.d/cwaf
# apache backup dirs
rm -rf /etc/apache2/conf.d.cwaf-backup
rm -rf /etc/httpd/conf.d.cwaf-backup
if [ ! -d "$CWAF_PATH/nginx" ]; then
echo -ne "\nRestoring ModSecurity configuration\n\n"
# fix for apache 2 Debian
if [ -d "/etc/apache2/conf.d" ]; then
SECURITY2_PATH="/etc/apache2/conf.d"
# fix for apache 2 Ubuntu
elif [ -d "/etc/apache2/conf-enabled" ]; then
SECURITY2_PATH="/etc/apache2/conf-enabled"
else
SECURITY2_PATH="/etc/httpd/conf.d"
fi
rm -f $SECURITY2_PATH/zzzz_cwaf_security2.conf
# restore config for Apache2 Debian
if [ -f "/etc/apache2/mods-enabled/mod-security.conf.cwaf_backup" ]; then
mv -vf "/etc/apache2/mods-enabled/mod-security.conf.cwaf_backup" "/etc/apache2/mods-enabled/mod-security.conf"
fi
# restore config for Apache2 Ubuntu
if [ -f "/etc/apache2/mods-enabled/security2.conf.cwaf_backup" ]; then
mv -vf "/etc/apache2/mods-enabled/security2.conf.cwaf_backup" "/etc/apache2/mods-enabled/security2.conf"
fi
else
echo -ne "Restoring Nginx configuration\n\n"
restore_nginx_conf
fi
echo "Unregistering plugin"
$CWAF_PATH/web/webmin/cwaf/delete-module.pl cwaf
echo "Removing CWAF $CWAF_PATH"
rm -rf "$CWAF_PATH"
echo -ne "Please don't forget to restart web server for the changes to take effect\n"
print_final_msg
}
function do_remove_standalone {
clear
CWAF_PATH=`get_cwaf_path`
PLATFORM='unknown'
"$CWAF_PATH/scripts/cwaf-cli.pl" -gstop
uninstall_perl_wrapper
if [ -d "$CWAF_PATH/nginx" ]; then
PLATFORM='nginx'
echo -ne "Restoring Nginx configuration\n\n"
restore_nginx_conf
fi
echo "Removing CWAF $CWAF_PATH"
rm -rf "$CWAF_PATH"
if [ x"$PLATFORM" != x'nginx' ]; then
echo -ne "\nPlease don't forget to remove string 'Include \"$CWAF_PATH/etc/modsec2_standalone.conf\"' from config and reload web server"
fi
print_final_msg
}
function restore_nginx_conf {
NGINX_BIN="/usr/local/nginx/sbin/nginx"
TEST_NGINX=$(which nginx 2>&1)
if [ -x "$TEST_NGINX" ]; then
NGINX_BIN="$TEST_NGINX"
fi
if [ ! -x "$NGINX_BIN" ]; then
echo "Nginx binary $NGINX_BIN not found"
return 1
fi
CONF_STR=`$NGINX_BIN -t 2>&1 | grep 'syntax is ok'`
if [ -n "$CONF_STR" ]; then
CONF_STR=`echo "$CONF_STR" | sed -r -e 's/.*file (\/.*) syntax is ok/\1/'`
fi
# check found config path and default paths
if [ -r "$CONF_STR" ]; then
NGINX_CONF=$CONF_STR
elif [ -r '/usr/local/nginx/conf/nginx.conf' ]; then
NGINX_CONF='/usr/local/nginx/conf/nginx.conf'
elif [ -r '/etc/nginx/nginx.conf' ]; then
NGINX_CONF='/etc/nginx/nginx.conf'
elif [ -r '/usr/local/etc/nginx/nginx.conf' ]; then
NGINX_CONF='/usr/local/etc/nginx/nginx.conf'
else
echo 'Nginx configuration not found'
return 1
fi
echo "Restoring previous nginx config $NGINX_CONF.cwaf_orig"
mv -f $NGINX_CONF.cwaf_orig $NGINX_CONF
return 0
}
function print_final_msg {
echo -e "\n\n Comodo WAF uninstalled!\n"
}
function remove_ea_hooks {
if [ -f /scripts/posteasyapache ]; then
sed -i '/#CWAF_HOOK/d' /scripts/posteasyapache
fi
if [ -f /scripts/preeasyapache ]; then
sed -i '/#CWAF_HOOK/d' /scripts/preeasyapache
fi
}
function uninstall_perl_wrapper {
SCRIPTPATH=`get_cwaf_path`
$SCRIPTPATH/scripts/uninstall_perl_mods.pl --uninstall
}
function get_cwaf_path {
FILE='/etc/cwaf/main.conf'
PARM='cwaf_path'
CWAF_PATH=`grep $PARM $FILE | sed -r "s/$PARM=\"(.*)\"/\1/"`
echo $CWAF_PATH
}
# get Plesk conf params (file and list of params are the arguments)
function get_plesk_params() {
FILE=$1
shift
for PARM in ${*}; do
eval PLESK_${PARM}=`grep "$PARM " $FILE | sed -r "s/$PARM (.*)/\1/"`
done
return 1
}
if [ -d "/var/cpanel" ]; then
echo "Do you want to remove Comodo WAF application from cPanel?"
read -p "Enter answer [y/n]: " answer
case "$answer" in
[yY]) do_remove_cpanel
;;
[Nn]) exit
;;
*) echo "Unknown answer, exit"
exit;
;;
esac
elif [ -d "/etc/psa" ]; then
echo "Do you want to remove Comodo WAF application from Plesk?"
read -p "Enter answer [y/n]: " answer
case "$answer" in
[yY]) do_remove_plesk
;;
[Nn]) exit
;;
*) echo "Unknown answer, exit"
exit;
;;
esac
elif [ -d "/usr/local/directadmin" ]; then
echo "Do you want to remove Comodo WAF application from DirectAdmin?"
read -p "Enter answer [y/n]: " answer
case "$answer" in
[yY]) do_remove_da $1
;;
[Nn]) exit
;;
*) echo "Unknown answer, exit"
exit;
;;
esac
elif [ -f "/etc/webmin/miniserv.conf" ]; then
echo "Do you want to remove Comodo WAF application from Webmin?"
read -p "Enter answer [y/n]: " answer
case "$answer" in
[yY]) do_remove_webmin
;;
[Nn]) exit
;;
*) echo "Unknown answer, exit"
exit;
;;
esac
else
echo "Do you want to remove Comodo WAF application?"
read -p "Enter answer [y/n]: " answer
case "$answer" in
[yY]) do_remove_standalone
;;
[Nn]) exit
;;
*) echo "Unknown answer, exit"
exit;
;;
esac
fi