PHP-SHELL script to whitelist IP on CSF

I needed a fast way to whitelist my IP on a linux server to be able to login to secure administration page...

I set it up by using a php file + shell file + cronjob

Now I easily open a public website address "mydomain.com/whatis.php" and it automatically whitelist my IP.

"whatis.php" PHP file code :
<?php
echo file_put_contents("/tmp/iplog",$_SERVER["REMOTE_ADDR"]);
?>

"/script/ip" Shell file code :
#!/bin/bash
i=1
while [ $i -le 10 ]
do
        status=`cat /tmp/iplog`
        if [ "$status" != "0" ]; then
                echo $status >> /etc/csf/csf.allow
                echo $status >> /etc/csf/csf.ignore
#                echo "allow from $status" >> /home/DOMAIN/public_html/admin/.htaccess
                echo "0" > /tmp/iplog
                `/etc/csf/csf.pl -r > /tmp/csf.log`
        fi
        sleep 5
        (( i++ ))
done

"/script/ip" Cronjob :
* * * * * /script/ip

Note : I tried to run `csf -r` to reset CSF firewall in shell script but it didn't work ! I don't know why. I found here that we should use `/etc/csf/csf.pl -r` instead. Thanks to that guy !!

Running mini_sendmail with php-fpm chroot on Centos 6 , debian 6, ...

Chrooting a website is a good security improvement on a server with multiple websites hosted.
When you set the chroot  of php-fpm you'll not be able to send mails, I fixed this using mini_sendmail. Here's the procedure:

Download and extract your OS template on chroot directory from openvz.  (Don't forget to set the file owners correctly)
Enter chroot directory and run :
chmod 0666 dev/{tty,null,zero}
echo "8.8.8.8" > etc/resolv.conf

Now compile mini_sendmail:
cd /usr/src
wget http://acme.com/software/mini_sendmail/mini_sendmail-1.3.6.tar.gz
tar -zxf mini_sendmail-1.3.6.tar.gz
cd mini_sendmail-1.3.6

If you start compiling mini_sendmail now, you'll receive the following error and mini_sendmail will not work properly :
mini_sendmail.c:(.text+0x5df): warning: Using 'getpwuid' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking

To fix that edit mini_sendmail.c and in Line #148 replace :
username = getlogin();
with
username = "USERNAME";
where USERNAME is your php-fpm user .
Now compile it :
make

and copy it to usr/sbin/sendmail
/home/USERNAME/usr/sbin/sendmail
chmod 755 /home/USERNAME/usr/sbin/sendmail
chown USERNAME:USERNAME /home/USERNAME/usr/sbin/sendmail

Notes :
- I also tested mini_sendmail on chrooted ssh user, if you don't replace username with getlogin() according to above instructions, mini_sendmail will fail to work with the following error :
mini_sendmail: can't determine username

- The following error can be ignored safely :
mini_sendmail.c:(.text+0xa47): warning: Using 'getaddrinfo' in statically linked applications requires at runtime the shared libraries from the glibc version used for linking

- When I compiled mini_sendmail on debian 6 x64, It didn't work with the following error :
unexpected reloc type in static binarySegmentation fault
I tried to compile it on another OS ( centos 6, debian 6 i686 ) and copy the binary to the server, it worked...