update

feat: support get_malicious_ip for bt_waf

app/command/CleanViteJs.php

@@ -107,13 +107,13 @@ class CleanViteJs extends Command
         $flag = false;
     
         if(strpos($file, 'window.location.protocol.indexOf("https")>=0')!==false){ //index
-            $file = str_replace('(window.location.protocol.indexOf("https")>=0)', '1', $file);
+            $file = str_replace('window.location.protocol.indexOf("https")>=0', '!0', $file);
             $code = $this->getExtendCode($file, 'isGetCoupon:', 2);
             if($code){
                 $file = str_replace($code, '{}', $file);
             }
             $file = preg_replace('!recommendShow:\w+,!', 'recommendShow:!1,', $file, 1);
-            $code = $this->getExtendCode($file, '"需求反馈"', 1, '[', ']');
+            $code = $this->getExtendCode($file, '"打开需求反馈"', 1, '[', ']');
             if($code){
                 $file = str_replace($code, '[]', $file);
             }

app/controller/Api.php

@@ -2,6 +2,7 @@
 namespace app\controller;
 
 use think\facade\Db;
+use think\facade\Cache;
 use app\BaseController;
 use app\lib\Plugins;
 
@@ -465,6 +466,40 @@ class Api extends BaseController
         $data = bin2hex('[]');
         return json(['status'=>true, 'msg'=>'', 'data'=>$data]);
     }
+    
+    //获取堡塔云WAF恶意IP库
+    public function get_malicious_ip_list()
+    {
+        $cacheKey = 'malicious_ip_list';
+    
+        // 尝试从缓存获取
+        if (Cache::has($cacheKey)) {
+            return json(json_decode(Cache::get($cacheKey), true));
+        }
+        $url = 'https://api.bt.cn/bt_waf/get_malicious_ip';
+        $postData = json_encode([
+            'x_bt_token' => 'MzI3YjAzOGQ3Yjk3NjUxYjVlMDkyMGFm'
+        ]);
+
+        $ch = curl_init();
+        curl_setopt($ch, CURLOPT_URL, $url);
+        curl_setopt($ch, CURLOPT_POST, 1);
+        curl_setopt($ch, CURLOPT_POSTFIELDS, $postData);
+        curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+        curl_setopt($ch, CURLOPT_HTTPHEADER, [
+            'Content-Type: application/json',
+            'Content-Length: ' . strlen($postData)
+        ]);
+
+        $response = curl_exec($ch);
+        if (curl_errno($ch)) {
+            return json(['status'=>true, 'msg'=>'', 'data'=>bin2hex('[]')]);
+        }
+        curl_close($ch);
+        Cache::set($cacheKey, $response, 86400); //缓存一天
+
+        return json(json_decode($response, true));
+    }
 
     public function return_success(){
         return json(['status'=>true, 'msg'=>1, 'data'=>(object)[]]);

app/middleware/LoadConfig.php

@@ -32,7 +32,7 @@ class LoadConfig
         $res = Db::name('config')->cache('configs',0)->column('value','key');
         Config::set($res, 'sys');
 
-        View::assign('cdnpublic', '//lf6-cdn-tos.bytecdntp.com/cdn/expire-1-M/');
+        View::assign('cdnpublic', 'https://s4.zstatic.net/ajax/libs/');
         return $next($request)->header([
             'Cache-Control' => 'no-store, no-cache, must-revalidate',
             'Pragma' => 'no-cache',

app/script/convert.sh

@@ -1,8 +1,8 @@
 #!/bin/bash
 
-Linux_Version="9.5.0"
+Linux_Version="11.0.0"
 Windows_Version="8.2.2"
-Aapanel_Version="7.0.16"
+Aapanel_Version="7.0.21"
 Btm_Version="2.3.0"
 
 FILES=(
@@ -23,6 +23,7 @@ public/install/update/LinuxPanel_EN-${Aapanel_Version}.zip
 public/install/install_7.0_en.sh
 public/install/update_7.x_en.sh
 )
+PL_FILE="public/install/update/LinuxPanel-${Linux_Version}.pl"
 
 DIR=$1
 SITEURL=$2
@@ -80,6 +81,10 @@ do
 	fi
 done
 
+HASH=$(sha256sum "${DIR}public/install/update/LinuxPanel-${Linux_Version}.zip" | awk '{print $1}')
+TIMESTAMP=$(date +%s)
+printf '{"hash": "%s", "update_time": "%s"}' "$HASH" "$TIMESTAMP" > "${DIR}${PL_FILE}"
+
 echo "=========================="
 echo "处理完成"
 echo "=========================="

app/view/admin/plugins.html

@@ -159,7 +159,7 @@ function download_item(){
         return;
     }
     var plugin = $.preDownload[0];
-    if(plugin.name == 'firewall'){
+    if(plugin.name == 'firewall' || plugin.name == 'php_filter' || plugin.name == 'enterprise_backup' || plugin.name == 'tamper_drive'){
         $.preDownload.shift();
 		download_item();
         return;

app/view/admin/set.html

@@ -104,17 +104,17 @@
 <div class="panel-body">
   <form onsubmit="return saveSetting(this)" method="post" class="form" role="form">
     <div class="form-group">
-      <label>宝塔Linux面板最新版本号：</label>
+      <label>aaPanel面板最新版本号：</label>
       <input type="text" name="new_version_en" value="{:config_get('new_version_en')}" class="form-control"/>
       <font color="green">用于一键更新脚本获取最新版本号，以及检测更新接口。并确保已在/public/install/update/放置对应版本更新包</font>
     </div>
 	<div class="form-group">
-      <label>宝塔Linux面板更新日志：</label>
+      <label>aaPanel面板更新日志：</label>
       <textarea class="form-control" name="update_msg_en" rows="5" placeholder="支持HTML代码">{:config_get('update_msg_en')}</textarea>
       <font color="green">用于检测更新接口返回</font>
     </div>
 	<div class="form-group">
-      <label>宝塔Linux面板更新日期：</label>
+      <label>aaPanel面板更新日期：</label>
       <input type="date" name="update_date_en" value="{:config_get('update_date_en')}" class="form-control"/>
 	  <font color="green">用于检测更新接口返回</font>
     </div>

install.sql

@@ -12,15 +12,15 @@ INSERT INTO `cloud_config` (`key`, `value`) VALUES
 ('bt_key', ''),
 ('whitelist', '0'),
 ('download_page', '1'),
-('new_version', '9.4.0'),
+('new_version', '11.0.0'),
 ('update_msg', '暂无更新日志'),
-('update_date', '2025-01-09'),
+('update_date', '2025-07-24'),
 ('new_version_win', '8.2.2'),
 ('update_msg_win', '暂无更新日志'),
 ('update_date_win', '2024-12-30'),
-('new_version_en', '7.0.13'),
+('new_version_en', '7.0.21'),
 ('update_msg_en', '暂无更新日志'),
-('update_date_en', '2024-11-17'),
+('update_date_en', '2025-07-22'),
 ('new_version_btm', '2.3.0'),
 ('update_msg_btm', '暂无更新日志'),
 ('update_date_btm', '2024-04-24'),

public/install/install_7.0_en.sh

@@ -421,8 +421,8 @@ Check_apt_status(){
     retries=0
 
     while [ $retries -lt $MAX_RETRIES ]; do
-        output=$(ps aux| grep -E '(apt|apt-get)\s' 2>&1)
-        check_output=$(echo "$output" | grep -E '(apt|apt-get)\s')
+        output=$(ps aux |grep -E '(apt|apt-get)\s' 2>&1)
+        check_output=$(echo "$output" | grep -v _apt | grep -E '(apt|apt-get)\s')
         
         #If check_output is empty, terminate the loop
         if [ -z "$check_output" ]; then
@@ -1862,19 +1862,40 @@ Set_Firewall() {
 Get_Ip_Address() {
     getIpAddress=""
     # 	getIpAddress=$(curl -sS --connect-timeout 10 -m 60 https://brandnew.aapanel.com/api/common/getClientIP)
-    getIpAddress=$(curl -sSk --connect-timeout 10 -m 60 https://www.aapanel.com/api/common/getClientIP)
-    # 	if [ -z "${getIpAddress}" ] || [ "${getIpAddress}" = "0.0.0.0" ]; then
-    # 		isHosts=$(cat /etc/hosts|grep 'www.bt.cn')
-    # 		if [ -z "${isHosts}" ];then
-    # 			echo "" >> /etc/hosts
-    # 			echo "103.224.251.67 www.bt.cn" >> /etc/hosts
-    # 			#getIpAddress=$(curl -sS --connect-timeout 10 -m 60 https://brandnew.aapanel.com/api/common/getClientIP)
-    # 			getIpAddress=$(curl -sS --connect-timeout 10 -m 60 https://www.bt.cn/Api/getIpAddress)
-    # 			if [ -z "${getIpAddress}" ];then
-    # 				sed -i "/bt.cn/d" /etc/hosts
-    # 			fi
-    # 		fi
-    # 	fi
+    # getIpAddress=$(curl -sSk --connect-timeout 10 -m 60 https://www.aapanel.com/api/common/getClientIP)
+
+
+    ipv4_address=""
+    ipv6_address=""
+    ipv4_address=$(curl -4 -sS --connect-timeout 10 -m 15 https://www.aapanel.com/api/common/getClientIP 2>&1)
+    if [ -z "${ipv4_address}" ];then
+            ipv4_address=$(curl -4 -sS --connect-timeout 10 -m 15 https://ifconfig.me 2>&1)
+            if [ -z "${ipv4_address}" ];then
+                ipv4_address=$(curl -4 -sS --connect-timeout 10 -m 15 https://www.bt.cn/Api/getIpAddress 2>&1)
+            fi
+    fi
+    IPV4_REGEX="^([0-9]{1,3}\.){3}[0-9]{1,3}$"
+    if ! [[ $ipv4_address =~ $IPV4_REGEX ]]; then
+            ipv4_address=""
+    fi
+    
+    ipv6_address=$(curl -6 -sS --connect-timeout 10 -m 15 https://www.aapanel.com/api/common/getClientIP 2>&1)
+    # IPV6_REGEX="^([0-9a-fA-F]{1,4}:){7}[0-9a-fA-F]{1,4}$"
+    IPV6_REGEX="^([0-9a-fA-F]{0,4}:){1,7}[0-9a-fA-F]{0,4}$"
+    if ! [[ $ipv6_address =~ $IPV6_REGEX ]]; then
+            ipv6_address=""
+    else
+        if [[ ! $ipv6_address =~ ^\[ ]]; then
+            ipv6_address="[$ipv6_address]"
+        fi
+    fi
+
+    if [ "${ipv4_address}" ];then
+        getIpAddress=$ipv4_address
+    elif [ "${ipv6_address}" ];then
+        getIpAddress=$ipv6_address
+    fi
+
 
     ipv4Check=$($python_bin -c "import re; print(re.match(r'^(?:[0-9]{1,3}\.){3}[0-9]{1,3}$','${getIpAddress}'))")
     if [ "${ipv4Check}" == "None" ]; then
@@ -1886,7 +1907,7 @@ Get_Ip_Address() {
             getIpAddress=$(echo "[$getIpAddress]")
             echo "True" >${setup_path}/server/panel/data/ipv6.pl
             sleep 1
-            /etc/init.d/bt restart
+            # /etc/init.d/bt restart
         fi
     fi
 

public/install/install_panel.sh

@@ -33,7 +33,7 @@ if [ "${UbuntuCheck}" ] && [ "${UbuntuCheck}" -lt "16" ];then
 fi
 HOSTNAME_CHECK=$(cat /etc/hostname)
 if [ -z "${HOSTNAME_CHECK}" ];then
-	echo "localhost" > /etc/hostname 
+	echo "localhost" > /etc/hostname
 	# echo "当前主机名hostname为空无法安装宝塔面板，请咨询服务器运营商设置好hostname后再重新安装"
 	# exit 1
 fi
@@ -239,7 +239,8 @@ Set_Repo_Url(){
 	if [ "${PM}"="apt-get" ];then
 		ALI_CLOUD_CHECK=$(grep Alibaba /etc/motd)
 		Tencent_Cloud=$(cat /etc/hostname |grep -E VM-[0-9]+-[0-9]+)
-		if [ "${ALI_CLOUD_CHECK}" ] || [ "${Tencent_Cloud}" ];then
+		VELINUX_CHECK=$(grep veLinux /etc/os-release)
+		if [ "${ALI_CLOUD_CHECK}" ] || [ "${Tencent_Cloud}" ] || [ "${VELINUX_CHECK}" ];then
 			return
 		fi
 
@@ -1057,7 +1058,7 @@ Install_Bt(){
 	echo "${panelPort}" > ${setup_path}/server/panel/data/port.pl
 	wget -O /etc/init.d/bt ${download_Url}/install/src/bt7.init -T 15
 	wget -O /www/server/panel/init.sh ${download_Url}/install/src/bt7.init -T 15
-	wget -O /www/server/panel/data/softList.conf ${download_Url}/install/conf/softList.conf
+	wget -O /www/server/panel/data/softList.conf ${download_Url}/install/conf/softListtls10.conf
 
 	rm -f /www/server/panel/class/*.so
 	if [ ! -f /www/server/panel/data/not_workorder.pl ]; then

public/install/update/LinuxPanel-9.6.0.pl

@@ -0,0 +1 @@
+{"hash": "d869ee4b8bdcfae324c4fdef9ec647db4a1529e7f6890b8cb4693f40b8a24626", "update_time": "1748242787"}

public/install/update6.sh

@@ -167,6 +167,7 @@ pip_list=$($mypip list 2>&1)
 request_v=$(btpip list 2>/dev/null|grep "requests "|awk '{print $2}'|cut -d '.' -f 2)
 if [ "$request_v" = "" ] || [ "${request_v}" -gt "28" ];then
 	$mypip install requests==2.27.1
+	$mypip install chardet==4.0.0
 fi
 
 NATSORT_C=$(echo $pip_list|grep natsort)

public/install/update_7.x_en.sh

@@ -947,11 +947,11 @@ version=$(curl -Ss --connect-timeout 12 -m 2 $Btapi_Url/api/panel/getLatestOffic
 check_version_num=$( echo "$version"|grep -Eo '^[0-9]+' )
 if [ "$check_version_num" = '' ];then
 	echo "Check version failed!"
-    version='7.0.13'
+    version='7.0.21'
 fi
 
 if [ "$version" = '' ];then
-	version='7.0.13'
+	version='7.0.21'
 fi
 
 # if [ "$1" ];then
@@ -970,6 +970,10 @@ fi
 unzip -o /tmp/panel.zip -d $setup_path/server/ > /dev/null
 rm -f /tmp/panel.zip
 
+if [ -f "/www/server/panel/data/is_beta.pl" ];then
+    rm -f /www/server/panel/data/is_beta.pl
+fi
+
 Update_Py_Lib
 
 cd $setup_path/server/panel/

route/app.php

@@ -18,7 +18,7 @@ Route::post('/Auth/GetBindCode', 'api/return_error');
 Route::post('/auth/GetUserGiveAway', 'api/get_user_give_away');
 Route::any('/bt_monitor/update_history', 'api/btm_update_history');
 Route::any('/bt_monitor/latest_version', 'api/btm_latest_version');
-Route::any('/bt_waf/get_malicious_ip', 'api/get_ssl_list');
+Route::any('/bt_waf/get_malicious_ip', 'api/get_malicious_ip_list');
 Route::any('/bt_waf/daily_count_v2', 'api/get_ssl_list');
 Route::any('/bt_waf/latest_version', 'api/btwaf_latest_version');
 
@@ -150,6 +150,7 @@ Route::group('api', function () {
     Route::post('/panel/submit_feature_invoked_bulk', 'api/return_success');
     Route::post('/panel/submit_expand_pack_used', 'api/return_success');
     Route::get('/panel/getLatestOfficialVersion', 'api/get_version_en');
+    Route::post('/cert/user/list', 'api/nps_questions');
 
     Route::miss('api/return_error');
 });

wiki/aapanel.md

@@ -74,17 +74,23 @@
 
   "update_software_list": update_software_list,
 
+  "malicious_file_scanning": malicious_file_scanning,
+
   "check_panel_msg": check_panel_msg,
 
   "check_panel_auth": check_panel_auth,
 
   "count_ssh_logs": count_ssh_logs,
 
+  "update_vulnerabilities": update_vulnerabilities,
+
+  "refresh_dockerapps": refresh_dockerapps,
+
   "submit_email_statistics": submit_email_statistics,
 
   "submit_module_call_statistics": submit_module_call_statistics,
 
-  "mailsys_domain_restrictions": mailsys_domain_restrictions,
+  "mailsys_domain_blecklisted_alarm": mailsys_domain_blecklisted_alarm,
 
 - [可选]去除各种计算题：将bt.js里面的内容复制到 BTPanel/static/vite/oldjs/public_backup.js 末尾
 

wiki/files/linux/PluginLoader.py

@@ -148,6 +148,27 @@ def module_run(module_name,def_name,args):
     result = run_object(args)
     return result
     
+def get_module(filename: str):
+    '''
+        @name 获取模块对象
+        @param filename<string> 模块文件名
+        @return object
+    '''
+    if not filename: return None
+    
+    if filename[0:2] == './':
+        return public.returnMsg(False,'不能是相对路径')
+    
+    if not public.path_safe_check(filename):
+        return public.returnMsg(False,'模块路径不合法')
+
+    if not os.path.exists(filename):
+        return public.returnMsg(False,'模块文件不存在' % filename)
+    
+    def_object = public.get_script_object(filename)
+    if not def_object: return public.returnMsg(False,'模块[%s]不存在' % filename)
+
+    return def_object.main()
 
 def get_plugin_list(upgrade_force = False):
     '''