DirectAdmin Plugin

Full-featured admin and user-level plugin for managing VistoShield directly from the DirectAdmin control panel.

Installation

The DirectAdmin plugin is automatically installed when the VistoShield installer detects DirectAdmin on the server. To install manually:

# Copy the plugin files
cp -r /usr/local/vistoshield/panel-plugins/directadmin /usr/local/directadmin/plugins/vistoshield

# Set correct ownership
chown -R diradmin:diradmin /usr/local/directadmin/plugins/vistoshield

# Install the exec wrapper
cp /usr/local/vistoshield/panel-plugins/directadmin/exec/vistoshield \
   /usr/local/directadmin/plugins/vistoshield/exec/

# Set exec permissions
chmod 755 /usr/local/directadmin/plugins/vistoshield/exec/vistoshield

# Restart DirectAdmin
systemctl restart directadmin

Tip: After installation, the VistoShield link appears under the Extra Features section in both admin and user panels.

Admin Pages

Server administrators have access to the full management interface:

Dashboard

Real-time overview with statistics cards showing blocked IPs, active features, recent detections, and top offending IPs. Includes a 24-hour activity chart.

Configuration

Edit all vistoshield.conf settings through a web form with validation. Changes are written to the config file and the daemon is restarted automatically.

Blocked IPs

View and manage all currently blocked IPs. For each block, see the reason, timestamp, expiration, and source. Unblock individual IPs or flush all temporary blocks.

Allow / Deny Lists

Manage allow.list and deny.list with a web interface. Add IPs or CIDR ranges with optional comments. Changes are applied immediately via reload-lists.

Bot Signatures

Browse, search, and edit the bot signature database. Change actions per signature (block/challenge/monitor/allow). Update signatures from the remote repository with a single click.

Logs

Color-coded log viewer with search, filtering by log level, and auto-refresh. View the last N lines or search for specific IPs or events.

User Pages

DirectAdmin users (non-admins) see a limited interface scoped to their domains:

Status — View whether VistoShield is protecting their domains
Blocked IPs — See IPs blocked for activity on their domains (read-only)
Per-domain overrides — Configure domain-specific settings (if allowed by admin)
Activity log — View recent security events for their domains

Exec Wrapper

The exec wrapper allows DirectAdmin to communicate with the VistoShield daemon securely. It runs as a setuid binary that validates requests from the DirectAdmin plugin before executing privileged commands.

Action	Description
`status`	Get daemon status and statistics
`restart`	Restart the daemon after config changes
`block`	Block an IP address
`unblock`	Remove an IP from the block list
`flush`	Clear all temporary blocks
`reload-lists`	Reload allow/deny lists
`update-signatures`	Pull latest bot signatures

DirectAdmin Hooks

The plugin integrates with DirectAdmin hooks for automatic actions:

domain_create — Automatically adds new domains to VistoShield monitoring
domain_destroy — Cleans up per-domain configuration when a domain is removed
user_create — Sets default VistoShield settings for new user accounts

File Structure

Path	Description
`plugin.conf`	Plugin metadata and version
`admin/`	Admin-level pages (HTML/PHP)
`user/`	User-level pages (HTML/PHP)
`exec/vistoshield`	Privileged exec wrapper binary
`hooks/`	DirectAdmin hook scripts
`images/`	Plugin icons and assets

Warning: Never modify the exec wrapper permissions. It must be owned by root with the setuid bit set (chmod 4755) to function correctly. Incorrect permissions will prevent the plugin from managing the daemon.