Alex-Devera/3x-ui
1
0
Fork 0
mirror of https://github.com/MHSanaei/3x-ui.git synced 2026-04-16 12:35:54 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add HoneyPot

Browse source
This commit is contained in:
delifer 2026-03-02 20:22:52 +07:00
parent 865a823660
commit 9c1d0756bf
1 changed files with 213 additions and 38 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

251
x-ui.sh
View file

@ -1671,6 +1671,208 @@ run_speedtest() {
speedtest
}
create_honeypot() {
local server_ip=$(curl -s --max-time 3 https://4.ident.me)
echo -e "${plain}Do you want to use: ${green}Apache ${plain}or ${green}Nginx"
read -p "Apache or Nginx: " nginx_or_apache
echo -e "${yellow}Downloading sources and Utilites..."
if [ "$nginx_or_apache" = "Apache" ]; then
case "${release}" in
ubuntu)
apt-get update
apt-get install apache2 -y
;;
debian)
apt-get update
apt-get install -y apache2
;;
armbian)
apt-get update && apt-get install apache2 -y
;;
fedora | amzn | virtuozzo | rhel | almalinux | rocky | ol)
dnf -y update && dnf -y install httpd
;;
centos)
yum -y install apache2
;;
arch | manjaro | parch)
pacman -Syu --noconfirm apache
;;
*)
echo -e "${red}Unsupported operating system. Please check the script and install the necessary packages manually.${plain}\n"
exit 1
;;
esac
# Start apache server for HoneyPot
case "${release}" in
ubuntu)
systemctl enable apache2
systemctl start apache2
;;
debian)
systemctl enable apache2
systemctl start apache2
;;
armbian)
systemctl enable apache2
systemctl start apache2
;;
fedora | amzn | virtuozzo | rhel | almalinux | rocky | ol)
systemctl enable httpd
systemctl start httpd
;;
centos)
systemctl enable httpd
systemctl start httpd
;;
arch | manjaro | parch)
systemctl enable apache
systemctl start apache
;;
*)
echo -e "${red}Cannot start apache service.${plain}\n"
exit 1
;;
esac
echo -e "${yellow}Installing HoneyPot..."
mv SpaceSaver/ /var/www/html/
# Config for apache2
echo """
<VirtualHost *:80>
ServerName SpaceSaver
DocumentRoot /var/www/html/SpaceSaver
<Directory /var/www/html/SpaceSaver>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>""" >> /etc/apache2/sites-available/spacesaver.conf
ln -sf /etc/apache2/sites-available/spacesaver.conf /etc/apache2/sites-enabled/
# Restarting apache server
case "${release}" in
ubuntu)
systemctl reload apache2
;;
debian)
systemctl reload apache2
;;
armbian)
systemctl reload apache2
;;
fedora | amzn | virtuozzo | rhel | almalinux | rocky | ol)
systemctl reload httpd
;;
centos)
systemctl reload httpd
;;
arch | manjaro | parch)
systemctl reload httpd
;;
*)
echo -e "${red}Cannot reload apache service.${plain}\n"
exit 1
;;
esac
# Access rights to HoneyPot's files
chown -R www-data:www-data /var/www/html/SpaceSaver
chmod -R 755 /var/www/html/SpaceSaver
chmod 644 /var/www/html/SpaceSaver/index.html
echo -e "${plain}Done!"
echo -e "${green}Available here -> http://$server_ip:80"
elif [ "$nginx_or_apache" = "Nginx" ]; then
case "${release}" in
ubuntu)
apt-get update
apt-get install nginx -y
;;
debian)
apt-get update
apt-get install -y nginx
;;
armbian)
apt-get update && apt-get install nginx -y
;;
fedora | amzn | virtuozzo | rhel | almalinux | rocky | ol)
dnf -y update && dnf -y install nginx
;;
centos)
yum -y install nginx
;;
arch | manjaro | parch)
pacman -Syu --noconfirm nginx
;;
*)
echo -e "${red}Unsupported operating system. Please check the script and install the necessary packages manually.${plain}\n"
exit 1
;;
esac
# Start nginx server for HoneyPot
systemctl enable nginx
systemctl start nginx
mv SpaceSaver/ /var/www/html/
# Config for nginx
tee /etc/nginx/sites-available/spacesaver.conf >/dev/null << 'EOF'
server {
listen 80 default_server; # ← важно для локального доступа
server_name 127.0.0.1 localhost SpaceSaver _;
root /var/www/html/SpaceSaver;
index index.html;
# Security Headers
add_header X-Content-Type-Options nosniff always;
add_header X-Frame-Options SAMEORIGIN always;
add_header X-XSS-Protection "1; mode=block" always;
add_header Referrer-Policy strict-origin-when-cross-origin always;
add_header Permissions-Policy "interest-cohort=()" always;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
server_tokens off;
location / {
try_files $uri $uri/ /index.html;
}
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
access_log /var/log/nginx/spacesaver.access.log;
error_log /var/log/nginx/spacesaver.error.log;
}
EOF
rm -f /etc/nginx/sites-enabled/default
ln -sf /etc/nginx/sites-available/spacesaver.conf /etc/nginx/sites-enabled/
systemctl reload nginx
echo -e "${plain}Done!"
echo -e "${green}Available here -> http://$server_ip:80"
fi
}
ip_validation() {
@ -1678,36 +1880,6 @@ ip_validation() {
ipv4_regex="^((25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]?|0)\.){3}(25[0-5]|2[0-4][0-9]|1[0-9][0-9]|[1-9][0-9]?|0)$"
}
change_dns() {
echo -e "${yellow}Changing DNS resolver"
echo -e "${plain}Enter resolver (default: quad9): "
read resolver
IPv6_on=$(cat /proc/sys/net/ipv6/conf/all/disable_ipv6)
echo $IPv6_on
if [ "$IPv6_on" = 0 ]; then
echo -e "${green}Your server using IPv6!"
echo -e "${plain}Enter server for IPv6"
read -p ": " resolver_ipv6
if [ -n "$resolver" ] && [ -n "$resolver_ipv6" ]; then
echo "nameserver $resolver" > /etc/resolv.conf
echo "nameserver $resolver_ipv6" > /etc/resolv.conf
else
echo "nameserver 9.9.9.9" > /etc/resolv.conf
echo "nameserver 2620:fe::fe" > /etc/resolv.conf
fi
else
echo -e "${green}IPv6 is disabled!"
if [ -n "$resolver" ]; then
echo "nameserver $resolver" > /etc/resolv.conf
else
echo "nameserver 9.9.9.9" > /etc/resolv.conf
fi
fi
echo -e "${green}${plain}Done!"
}
iplimit_main() {
echo -e "\n${green}\t1.${plain} Install Fail2ban and configure IP Limit"
echo -e "${green}\t2.${plain} Change Ban Duration"
@ -2242,15 +2414,15 @@ show_menu() {
${green}21.${plain} IP Limit Management │
${green}22.${plain} Firewall Management │
${green}23.${plain} SSH Port Forwarding Management │
${green}24.${plain} DNS Changer
${green}24.${plain} HoneyPot (Fakesite)
│────────────────────────────────────────────────│
${green}24.${plain} Enable BBR │
${green}25.${plain} Update Geo Files │
${green}26.${plain} Speedtest by Ookla │
${green}25.${plain} Enable BBR │
${green}26.${plain} Update Geo Files │
${green}27.${plain} Speedtest by Ookla │
╚────────────────────────────────────────────────╝
"
show_status
echo && read -rp "Please enter your selection [0-26]: " num
echo && read -rp "Please enter your selection [0-27]: " num
case "${num}" in
0)
@ -2326,16 +2498,19 @@ show_menu() {
SSH_port_forwarding
;;
24)
bbr_menu
create_honeypot
;;
25)
update_geo
bbr_menu
;;
26)
update_geo
;;
27)
run_speedtest
;;
*)
LOGE "Please enter the correct number [0-26]"
LOGE "Please enter the correct number [0-27]"
;;
esac
}