Table of Contents
This tool polls the nimbusec API in an specified interval for infected domains and performs certain actions on it. An example use case would be the automatic disabling of infected domains.
If you have Go installed, the
infected-domain-trigger can simply be installed by go get:
go get github.com/cumulodev/hoster-tools/infected-domain-trigger
secret please use your assigned API key and secret (can be found at https://portal.nimbusec.com/einstellungen/serveragent).
infected-domain-trigger -key abc -secret abc -action 'echo "infected $DOMAIN"' -reload 'echo "reloading httpd"'
- action: The action command will be executed for each infected domain. The command will be executed in an shell, where the environment variable
DOMAINis set to the name of the infected domain.
- reload: The reload command will be executed after each interval if nimbusec reported infected domains. This can be used to issue e.g. Apache to reload the configuration.
To disable for example all infected domains hosted by Apache, specify the following actions:
infected-domain-trigger -key abc -secret abc -action 'a2dissite $DOMAIN' -reload 'apachectl graceful'
If one of the actions is not required, just specify for example the shell builtin
infected-domain-trigger -key abc -secret abc -action 'disable.sh' -reload 'true'