New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
[FREE] XSLOVZ - WHMCS module to control OpenVZ node via ssh2 extension
Hi There,
this module was developed in 2013. I wanted to share it with you so we can all benefit from it. and may be extend it.
This is a server provisioning module made for WHMCS. it can help server administrators or VPS server providers to Create, Terminate, Suspend, Unsuspend containers on remote nodes using php ssh2 extension.
Features :
- Create, Terminate, Suspend, Unsuspend Containers remotely.
- Count bandwidth through external perl script (included in repo) and save bandwidth stats in database to count overusage bandwidth.
- Display basic stats like current HDD, Memory, Bandwidth for your clients.
- Clients have the ability to Reboot, Shutdown, Boot, their containers.
- Admins have the ability to Suspend, Unsuspend, Add extra IPs.
Tutorials and Installation
- XSLOVZ Overview
- Configure the module with your WHMCS and install ssh2_extension on your WHMCS server
- Notes on OpenVZ installation
- Configure Bandwidth Counter
I hope that community will report bugs/security issue and feedback to extend it's functionality.
Comments
What happens when I create a VM with the password
; rm -rf /
?Please explain:
Thank you for pointing that out. github repo updated. same effect will happen when existing user try to change password.
I must say I created this in 2013 and was my first project so I didn't take care of escaping user inputs.
keep them coming.
I can't explain without detailed report like which file is malicious, etc...
The whole website.
https://www.virustotal.com/en/url/9f2aa0c348f9ff582863c3f1dfa352502ea0a59902b13396e100998e721e01a7/analysis/1424892009/
btw I don't trust virustotal nor any antivirus. however on web I trust google malware reports only.
Highest Regards
Mohammed H
probably some random ip blacklist that contains ip ranges of providers that Avast holds a grudge against. it wouldnt be the first security software that uses cheap lists like this without truely scanning for exploitive executions.
no rebuild/reinstall via whmcs?
https://github.com/mohammedhs/XSLOVZ/blob/master/WHMCS Module/XSLOVZ/XSLOVZ.php#L63-L64
Only port 22 and no SSH keys?
Are you guys serious? He could have kept his work for himself, but he is sharing it with his competition free of charge.
I think that deserves a "thank you", at least.
I don't want to complicate the configurations of the module. (or may be I'm too lazy to do it)
if you are concerned about security (I doubt none is):
1 - use (non-root user) with sudo to limit the module functionality here is a howto
2 - nowdays its common sense to allow ssh logins from known IPs only through iptables. it does not make any sense to change ssh port and keep it open to public (scanners will find it in a few seconds anyway). actually changing ssh port will make things harder in case you forget/loss the port (that is my own opinion) .
yes I don't change ssh ports on my servers I lock them down to my IP only.
Highest regards
Mohammed H
What if someone has multiple servers in a NAT set up which requires different SSH ports?
github updated with new version.
this how to specify port (and if not specified it will use default 22 port)
detailed howto
Hi there,
just wanted to let people who use this module that v1.1 has been released and has some bugfixes and new features :
kindly check the announcement for info and notices about upgrade.
Highest Regards
Mohammed H
Module looks awesome, just about to install it and give it a go!