Infected-Domain-Trigger Script
Table of Contents
On Github: https://github.com/cumulodev/hoster-tools#infected-domains-trigger
This tool polls the nimbusec API in an specified interval for infected domains and performs certain actions on it. An example use case would be the automatic disabling of infected domains.
Installation
If you have Go installed, the infected-domain-trigger
can simply be installed by go get:
go get github.com/cumulodev/hoster-tools/infected-domain-trigger
Usage
As key
and secret
please use your assigned API key and secret (can be found at https://portal.nimbusec.com/einstellungen/serveragent).
infected-domain-trigger -key abc -secret abc -action 'echo "infected $DOMAIN"' -reload 'echo "reloading httpd"'
- action: The action command will be executed for each infected domain. The command will be executed in an shell, where the environment variable
DOMAIN
is set to the name of the infected domain. - reload: The reload command will be executed after each interval if nimbusec reported infected domains. This can be used to issue e.g. Apache to reload the configuration.
To disable for example all infected domains hosted by Apache, specify the following actions:
infected-domain-trigger -key abc -secret abc -action 'a2dissite $DOMAIN' -reload 'apachectl graceful'
If one of the actions is not required, just specify for example the shell builtin true
command:
infected-domain-trigger -key abc -secret abc -action 'disable.sh' -reload 'true'