# CLAUDE.md — ossicor

## Git Workflow
- **Always commit and push directly to `main`.** No feature branches, no `claude/*` branches, no PRs, no review gates. Shak is the sole maintainer.
- This applies even if the repo is dead/legacy/dormant — if there's any reason to touch it at all, push to `main`.

## Status: COMPROMISED / do not run

This repo/site was **compromised via SQL injection in 2023** on a Joomla install. The decision per `deploy-manifest` is "rebuild from scratch" — not revive the existing code.

## Quick Facts
- **Domain:** ossicorp.com
- **Stack (historical):** Joomla (compromised — do not re-deploy)
- **cPanel account:** `ossicor` (may be suspended)
- **Repo:** github.com/shakibkhou/ossicor
- **Status in manifest:** `dead_sites.ossicor.status = compromised-needs-rebuild`

## Do Not
- **Do not deploy this repo.** Whatever is in here is pre-compromise code and/or archival files. Running it on any live server is a security risk.
- **Do not restore the old database.** If a 2023-era DB dump exists anywhere (`/home/ossicor/sql-archive/`, `/root/backups/`, etc.), treat it as compromised PII and leave it archived at mode 700.
- **Do not reuse the old admin path or credentials.**

## If Shak asks to rebuild
Fresh session, fresh repo decision. Path is:
1. **New repo**, not this one — start `shakibkhou/ossicor-v2` or similar. Archive this repo.
2. **New cPanel account** — don't reuse `ossicor`. Suspicious filesystem state.
3. **Fresh stack** — vanilla PHP, or static-first. No Joomla.
4. **New DB** — never import the old one. Export content manually if anything is salvageable.
5. **Fresh DNS** — rebuild the zone from scratch if needed; check for any rogue subdomains from the compromise period.
6. **Security baseline before launch** — `run_scan`, mod_security review, Cloudflare WAF rules in place.

## Related
- **Deploy manifest entry:** `/root/deploy-manifest/manifest.yml` under `dead_sites.ossicor`
- **Skill:** none — would need one created on rebuild