#!/bin/bash

sudo clear
echo 'Updating...'
sudo apt install -y --ignore-missing ufw gufw clamav clamtk bleachbit chkrootkit rkhunter fail2ban portsentry libapache2-mod-security2 
sudo apt install -y --ignore-missing snort
sudo apt install -y --ignore-missing suricata
sudo suricata-update 
wget https://servzero.net/arc/tools/f2b/jail.local; sudo mv jail.local /etc/fail2ban/
wget https://servzero.net/arc/tools/f2b/ufw.f2b; sudo mv ufw.f2b ufw.f2b.conf; sudo mv ufw.f2b.conf /etc/fail2ban/filter.d/
sudo cp /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf; sudo sh -c 'echo "SecRuleEngine DetectionOnly" >> /etc/modsecurity/modsecurity.conf'
sudo ufw allow ssh
sudo ufw enable
sudo systemctl stop clamav-freshclam.service
sudo freshclam
sudo systemctl start clamav-freshclam.service
echo 'Scanning...'
clamscan --bell -r -v -a -o -z
sudo chkrootkit
sudo rkhunter -c -x --sk
echo 'Done.'
echo 'Cleaning...'
bleachbit --clean system.tmp system.cache system.trash deepscan.tmp deepscan.thumbs_db deepscan.ds_store 
echo 'Done.'
echo 'Checking Firewall...'
sudo ufw status
sudo tail -f /var/log/fail2ban.log
