ET_IpSecurity - Version 2.1.0

Version Notes

stable release

Download this release

Release Info

Developer Magento Core Team
Extension ET_IpSecurity
Version 2.1.0
Comparing to
See all releases


Code changes from version 2.0.1 to 2.1.0

Files changed (12) hide show
  1. app/code/community/ET/IpSecurity/Block/Adminhtml/GetIpInfo.php +42 -0
  2. app/code/community/ET/IpSecurity/Helper/Data.php +39 -21
  3. app/code/community/ET/IpSecurity/Model/IpVariable.php +59 -0
  4. app/code/community/ET/IpSecurity/Model/Observer.php +585 -591
  5. app/code/community/ET/IpSecurity/etc/config.xml +305 -302
  6. app/code/community/ET/IpSecurity/etc/system.xml +297 -270
  7. app/locale/en_US/template/email/et_ipsecurity.html +6 -6
  8. app/locale/en_US/template/email/et_ipsecurity_admin.html +6 -6
  9. app/locale/ru_RU/ET_IpSecurity.csv +55 -47
  10. app/locale/ru_RU/template/email/et_ipsecurity.html +6 -6
  11. app/locale/ru_RU/template/email/et_ipsecurity_admin.html +6 -6
  12. package.xml +4 -4
app/code/community/ET/IpSecurity/Block/Adminhtml/GetIpInfo.php ADDED
@@ -0,0 +1,42 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2014 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ class ET_IpSecurity_Block_Adminhtml_GetIpInfo extends Mage_Adminhtml_Block_System_Config_Form_Field
21
+ {
22
+ /**
23
+ * @param Varien_Data_Form_Element_Abstract $element
24
+ * @return string
25
+ * shows in admin panel which ip address returns each method
26
+ */
27
+ protected function _getElementHtml(Varien_Data_Form_Element_Abstract $element)
28
+ {
29
+ $helper = Mage::helper('etipsecurity');
30
+ $result = $helper->__('Below is a list of standard variables where the server can '
31
+ . 'store the IP address of the visitor, and what each of these variables contains on your server:<br><br>');
32
+ $ip = '';
33
+ $getIpMethodArray = Mage::getModel('etipsecurity/ipVariable')->getOptionArray();
34
+ foreach ($getIpMethodArray as $key=>$value) {
35
+ $ip = (isset($_SERVER[$value])) ? $_SERVER[$value] : $helper->__('Nothing');
36
+ $result .= ' <b>' . $key . '</b> ' .
37
+ $helper->__('returns') .
38
+ '<b> ' . $ip . '</b><br>';
39
+ }
40
+ return $result;
41
+ }
42
+ }
app/code/community/ET/IpSecurity/Helper/Data.php CHANGED
@@ -1,22 +1,40 @@
1
- <?php
2
- /**
3
- * NOTICE OF LICENSE
4
- *
5
- * You may not sell, sub-license, rent or lease
6
- * any portion of the Software or Documentation to anyone.
7
- *
8
- * DISCLAIMER
9
- *
10
- * Do not edit or add to this file if you wish to upgrade to newer
11
- * versions in the future.
12
- *
13
- * @category ET
14
- * @package ET_IpSecurity
15
- * @copyright Copyright (c) 2012 ET Web Solutions (http://etwebsolutions.com)
16
- * @contacts support@etwebsolutions.com
17
- * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
- */
19
-
20
- class ET_IpSecurity_Helper_Data extends Mage_Core_Helper_Abstract
21
- {
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
22
  }
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2012 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ class ET_IpSecurity_Helper_Data extends Mage_Core_Helper_Abstract
21
+ {
22
+ /**
23
+ * @return mixed
24
+ * returns ip method which is selected in admin settings
25
+ */
26
+ public function getIpVariable()
27
+ {
28
+ /** @var $model ET_IpSecurity_Model_IpVariable */
29
+ $model = Mage::getModel('etipsecurity/ipVariable');
30
+ $ipsArray = $model->getOptionArray();
31
+
32
+ $configVariable = Mage::getStoreConfig('etipsecurity/global_settings/get_ip_method');
33
+
34
+ if (!in_array($configVariable, $ipsArray)) {
35
+ $configVariable = 'REMOTE_ADDR';
36
+ }
37
+
38
+ return $configVariable;
39
+ }
40
  }
app/code/community/ET/IpSecurity/Model/IpVariable.php ADDED
@@ -0,0 +1,59 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * NOTICE OF LICENSE
5
+ *
6
+ * You may not sell, sub-license, rent or lease
7
+ * any portion of the Software or Documentation to anyone.
8
+ *
9
+ * DISCLAIMER
10
+ *
11
+ * Do not edit or add to this file if you wish to upgrade to newer
12
+ * versions in the future.
13
+ *
14
+ * @category ET
15
+ * @package ET_IpSecurity
16
+ * @copyright Copyright (c) 2014 ET Web Solutions (http://etwebsolutions.com)
17
+ * @contacts support@etwebsolutions.com
18
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
19
+ */
20
+ class ET_IpSecurity_Model_IpVariable extends Mage_Eav_Model_Entity_Attribute_Source_Abstract
21
+ {
22
+ public function getAllOptions()
23
+ {
24
+ if (is_null($this->_options)) {
25
+ $this->_options = array(
26
+ array(
27
+ 'label' => 'REMOTE_ADDR',
28
+ 'value' => 'REMOTE_ADDR'
29
+ ),
30
+ array(
31
+ 'label' => 'HTTP_X_REAL_IP',
32
+ 'value' => 'HTTP_X_REAL_IP'
33
+ ),
34
+ array(
35
+ 'label' => 'HTTP_CLIENT_IP',
36
+ 'value' => 'HTTP_CLIENT_IP'
37
+ ),
38
+ array(
39
+ 'label' => 'HTTP_X_FORWARDED_FOR',
40
+ 'value' => 'HTTP_X_FORWARDED_FOR'
41
+ ),
42
+ array(
43
+ 'label' => 'HTTP_X_CLUSTER_CLIENT_IP',
44
+ 'value' => 'HTTP_X_CLUSTER_CLIENT_IP'
45
+ ),
46
+ );
47
+ }
48
+ return $this->_options;
49
+ }
50
+
51
+ public function getOptionArray()
52
+ {
53
+ $_options = array();
54
+ foreach ($this->getAllOptions() as $option) {
55
+ $_options[$option['value']] = $option['label'];
56
+ }
57
+ return $_options;
58
+ }
59
+ }
app/code/community/ET/IpSecurity/Model/Observer.php CHANGED
@@ -1,592 +1,586 @@
1
- <?php
2
- /**
3
- * NOTICE OF LICENSE
4
- *
5
- * You may not sell, sub-license, rent or lease
6
- * any portion of the Software or Documentation to anyone.
7
- *
8
- * DISCLAIMER
9
- *
10
- * Do not edit or add to this file if you wish to upgrade to newer
11
- * versions in the future.
12
- *
13
- * @category ET
14
- * @package ET_IpSecurity
15
- * @copyright Copyright (c) 2012 ET Web Solutions (http://etwebsolutions.com)
16
- * @contacts support@etwebsolutions.com
17
- * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
- */
19
-
20
- class ET_IpSecurity_Model_Observer
21
- {
22
- protected $_redirectPage = null;
23
- protected $_redirectBlank = null;
24
- protected $_rawAllowIpData = null;
25
- protected $_rawBlockIpData = null;
26
- protected $_rawExceptIpData = null;
27
- protected $_eventEmail = "";
28
- protected $_emailTemplate = 0;
29
- protected $_emailIdentity = null;
30
- protected $_storeType = null;
31
- protected $_lastFoundIp = null;
32
- protected $_isFrontend = false;
33
- protected $_isDownloader = false;
34
- protected $_alwaysNotify = false;
35
-
36
- /**
37
- * If loading Frontend
38
- *
39
- * @param $observer
40
- */
41
- public function onLoadingFrontend($observer)
42
- {
43
- $this->_readFrontendConfig();
44
- $this->_processIpCheck($observer);
45
- }
46
-
47
- /**
48
- * If loading Admin
49
- *
50
- * @param $observer
51
- */
52
- public function onLoadingAdmin($observer)
53
- {
54
- $this->_readAdminConfig();
55
- $this->_processIpCheck($observer);
56
- }
57
-
58
- /**
59
- * On failed login to Admin
60
- *
61
- * @param $observer
62
- */
63
- public function onAdminLoginFailed($observer)
64
- {
65
- // TODO: for http://support.etwebsolutions.com/issues/371
66
- }
67
-
68
- /**
69
- * On loading Downloader
70
- *
71
- * @param $observer
72
- */
73
- public function onLoadingDownloader($observer)
74
- {
75
- //only in downloader exists Maged_Controller class
76
- if (class_exists("Maged_Controller", false)) {
77
- $this->_readDownloaderConfig();
78
- $this->_processIpCheck($observer);
79
- }
80
- }
81
-
82
- /**
83
- * Reading configuration for Frontend
84
- */
85
- protected function _readFrontendConfig()
86
- {
87
- $this->_redirectPage = $this->trimTrailingSlashes(
88
- Mage::getStoreConfig('etipsecurity/ipsecurityfront/redirect_page'));
89
- $this->_redirectBlank = Mage::getStoreConfig('etipsecurity/ipsecurityfront/redirect_blank');
90
- $this->_rawAllowIpData = Mage::getStoreConfig('etipsecurity/ipsecurityfront/allow');
91
- $this->_rawBlockIpData = Mage::getStoreConfig('etipsecurity/ipsecurityfront/block');
92
- $this->_eventEmail = Mage::getStoreConfig('etipsecurity/ipsecurityfront/email_event');
93
- $this->_emailTemplate = Mage::getStoreConfig('etipsecurity/ipsecurityfront/email_template');
94
- $this->_emailIdentity = Mage::getStoreConfig('etipsecurity/ipsecurityfront/email_identity');
95
- $this->_alwaysNotify = Mage::getStoreConfig('etipsecurity/ipsecurityfront/email_always');
96
- $this->_rawExceptIpData = Mage::getStoreConfig('etipsecurity/ipsecuritymaintetance/except');
97
-
98
- $this->_storeType = Mage::helper("catalog")->__("Frontend");
99
- $this->_isFrontend = true;
100
- }
101
-
102
- /**
103
- * Reading configuration for Admin
104
- */
105
- protected function _readAdminConfig()
106
- {
107
- $this->_redirectPage = $this->trimTrailingSlashes(
108
- Mage::getStoreConfig('etipsecurity/ipsecurityadmin/redirect_page'));
109
- $this->_redirectBlank = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/redirect_blank');
110
- $this->_rawAllowIpData = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/allow');
111
- $this->_rawBlockIpData = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/block');
112
- $this->_eventEmail = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/email_event');
113
- $this->_emailTemplate = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/email_template');
114
- $this->_emailIdentity = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/email_identity');
115
- $this->_alwaysNotify = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/alwaysnotify');
116
-
117
- $this->_storeType = Mage::helper("core")->__("Admin");
118
- $this->_isFrontend = false;
119
- }
120
-
121
- /**
122
- * Read configuration for Downloader (used Admin config)
123
- */
124
- protected function _readDownloaderConfig()
125
- {
126
- $this->_readAdminConfig();
127
- $this->_storeType = Mage::helper("etipsecurity")->__("Downloader");
128
- $this->_isDownloader = true;
129
-
130
- // TODO: заглушка. Если страницы для перехода не существует,
131
- // то поиск ссылки на no-rout вызывет ошибку.
132
- //$this->_redirectBlank = true;
133
- }
134
-
135
- /**
136
- * Get current Scope (frontend, admin, downloader)
137
- *
138
- * @return string
139
- */
140
- protected function _getScopeName()
141
- {
142
- if ($this->_isFrontend) {
143
- $scope = 'frontend';
144
- } elseif ($this->_isDownloader) {
145
- $scope = 'downloader';
146
- } else {
147
- $scope = 'admin';
148
- }
149
-
150
- return $scope;
151
- }
152
-
153
- /**
154
- * Checking current ip for rules
155
- *
156
- * @param $observer
157
- * @return ET_IpSecurity_Model_Observer
158
- */
159
- protected function _processIpCheck($observer)
160
- {
161
- $currentIp = $this->getCurrentIp();
162
- $allowIps = $this->_ipTextToArray($this->_rawAllowIpData);
163
- $blockIps = $this->_ipTextToArray($this->_rawBlockIpData);
164
-
165
- $allow = $this->isIpAllowed($currentIp, $allowIps, $blockIps);
166
- $this->_processAllowDeny($allow, $currentIp);
167
-
168
- return $this;
169
- }
170
-
171
- /**
172
- * Check IP for allow/deny rules
173
- *
174
- * @param $currentIp string
175
- * @param $allowIps array
176
- * @param $blockIps array
177
- * @return bool
178
- */
179
- public function isIpAllowed($currentIp, $allowIps, $blockIps)
180
- {
181
- $allow = true;
182
-
183
- # look for allowed
184
- if ($allowIps) {
185
- # block all except allowed
186
- $allow = false;
187
-
188
- # are there any allowed ips
189
- if ($this->isIpInList($currentIp, $allowIps)) {
190
- $allow = true;
191
- }
192
- }
193
-
194
- # look for blocked
195
- if ($blockIps) {
196
- # are there any blocked ips
197
- if ($this->isIpInList($currentIp, $blockIps)) {
198
- $allow = false;
199
- }
200
- }
201
- return $allow;
202
- }
203
-
204
- /**
205
- * Redirect denied users to block page or show maintenance page to visitor
206
- *
207
- * @param $allow boolean
208
- * @param $currentIp string
209
- */
210
- protected function _processAllowDeny($allow, $currentIp)
211
- {
212
- //TODO: Refactoring?
213
- $currentPage = $this->trimTrailingSlashes(Mage::helper('core/url')->getCurrentUrl());
214
- // searching for CMS page storeId
215
- // if we don't do it - we have loop in redirect with setting Add Store Code to Urls = Yes
216
- // (block access to admin redirects to admin)
217
- $pageStoreId = $this->getPageStoreId();
218
- $this->_redirectPage = $this->trimTrailingSlashes(Mage::app()->getStore($pageStoreId)->getBaseUrl())
219
- . "/" . $this->_redirectPage;
220
- $scope = $this->_getScopeName();
221
-
222
- if (!strlen($this->_redirectPage) && !$this->_isDownloader) {
223
- $this->_redirectPage = $this->trimTrailingSlashes(Mage::getUrl('no-route'));
224
- }
225
-
226
- if ($this->_redirectBlank == 1 && !$allow) {
227
- header("HTTP/1.1 403 Forbidden");
228
- header("Status: 403 Forbidden");
229
- header("Content-type: text/html");
230
- $needToNotify = $this->saveToLog(array('blocked_from' => $scope, 'blocked_ip' => $currentIp));
231
- if (($this->_alwaysNotify) || $needToNotify) {
232
- $this->_send();
233
- }
234
- exit("Access denied for IP:<b> " . $currentIp . "</b>");
235
- }
236
-
237
- if ($this->trimTrailingSlashes($currentPage) != $this->trimTrailingSlashes($this->_redirectPage) && !$allow) {
238
- header('Location: ' . $this->_redirectPage);
239
- $needToNotify = $this->saveToLog(array('blocked_from' => $scope, 'blocked_ip' => $currentIp));
240
- if (($this->_alwaysNotify) || $needToNotify) {
241
- $this->_send();
242
- }
243
- exit();
244
- }
245
-
246
- $exceptIps = $this->_ipTextToArray($this->_rawExceptIpData);
247
- $isMaintenanceMode = Mage::getStoreConfig('etipsecurity/ipsecuritymaintetance/enabled');
248
- if (($isMaintenanceMode) && ($this->_isFrontend)) {
249
- $doNotLoadSite = true;
250
- # look for except
251
- if ($exceptIps) {
252
- # are there any except ips
253
- if ($this->isIpInList($currentIp, $exceptIps)) {
254
- Mage::app()->getResponse()->appendBody(
255
- html_entity_decode(
256
- Mage::getStoreConfig('etipsecurity/ipsecuritymaintetance/remindermessage'),
257
- ENT_QUOTES,
258
- "utf-8"
259
- )
260
- );
261
- $doNotLoadSite = false;
262
- }
263
- }
264
-
265
- if ($doNotLoadSite) {
266
- header('HTTP/1.1 503 Service Temporarily Unavailable');
267
- header('Status: 503 Service Temporarily Unavailable');
268
- header('Retry-After: 7200'); // in seconds
269
- print html_entity_decode(
270
- Mage::getStoreConfig('etipsecurity/ipsecuritymaintetance/message'),
271
- ENT_QUOTES,
272
- "utf-8"
273
- );
274
- exit();
275
- }
276
-
277
- }
278
- }
279
-
280
-
281
- /**
282
- * Get store id of target redirect cms page
283
- *
284
- * @return int
285
- */
286
- public function getPageStoreId()
287
- {
288
- $stores = array();
289
- $pageStoreIds = array();
290
-
291
- foreach (Mage::app()->getStores() as $store) {
292
- /* @var $store Mage_Core_Model_Store */
293
- $stores[] = $store->getId();
294
- $pageId = Mage::getModel('cms/page')->checkIdentifier($this->_redirectPage, $store->getId());
295
- if ($pageId === false) {
296
- continue;
297
- }
298
- $pageStoreIds = Mage::getResourceModel('cms/page')->lookupStoreIds($pageId);
299
- if (count($pageStoreIds)) { // found page
300
- break;
301
- }
302
- }
303
-
304
- if (!count($pageStoreIds)) { // no found in any store
305
- $pageStoreIds[] = 0;
306
- }
307
- //default
308
- $pageStoreId = 0;
309
- foreach ($pageStoreIds as $pageStoreId) {
310
- if ($pageStoreId > 0) {
311
- break;
312
- }
313
- }
314
-
315
- if ($pageStoreId == 0) {
316
- $pageStoreId = $stores[0];
317
- return $pageStoreId; // first available store
318
- }
319
- return $pageStoreId;
320
- }
321
-
322
-
323
- /**
324
- * Convert IP range as string to array with first and last IP of range
325
- *
326
- * @param $ipRange string
327
- * @return array[first,last]
328
- */
329
- protected function _convertIpStringToIpRange($ipRange)
330
- {
331
- $ip = explode("|", $ipRange);
332
- $ip = trim($ip[0]);
333
- $simpleRange = explode("-", $ip);
334
- //for xx.xx.xx.xx-yy.yy.yy.yy
335
- if (count($simpleRange) == 2) {
336
- $comparableIpRange = array(
337
- "first" => $this->_convertIpToComparableString($simpleRange[0]),
338
- "last" => $this->_convertIpToComparableString($simpleRange[1]));
339
- return $comparableIpRange;
340
- }
341
- //for xx.xx.xx.*
342
- if (strpos($ip, "*") !== false) {
343
- $fromIp = str_replace("*", "0", $ip);
344
- $toIp = str_replace("*", "255", $ip);
345
- $comparableIpRange = array(
346
- "first" => $this->_convertIpToComparableString($fromIp),
347
- "last" => $this->_convertIpToComparableString($toIp));
348
- return $comparableIpRange;
349
- }
350
- //for xx.xx.xx.xx/yy
351
- $maskRange = explode("/", $ip);
352
- if (count($maskRange) == 2) {
353
- $maskMoves = 32 - $maskRange[1];
354
- $mask = (0xFFFFFFFF >> $maskMoves) << $maskMoves;
355
- $subMask = 0;
356
- for ($maskDigits = 0; $maskDigits < $maskMoves; $maskDigits++) {
357
- $subMask = ($subMask << 1) | 1;
358
- }
359
- $fromIp = ip2long($maskRange[0]) & $mask;
360
- $toIp = long2ip($fromIp | $subMask);
361
- $fromIp = long2ip($fromIp);
362
- $comparableIpRange = array(
363
- "first" => $this->_convertIpToComparableString($fromIp),
364
- "last" => $this->_convertIpToComparableString($toIp));
365
- return $comparableIpRange;
366
- }
367
-
368
- $comparableIpRange = array(
369
- "first" => $this->_convertIpToComparableString($ip),
370
- "last" => $this->_convertIpToComparableString($ip)
371
- );
372
-
373
- return $comparableIpRange;
374
-
375
- }
376
-
377
- /**
378
- * Convert IP address (x.xx.xxx.xx) to easy comparable string (xxx.xxx.xxx.xxx)
379
- *
380
- * @param $ip string
381
- * @return string
382
- * @throws Exception
383
- */
384
- protected function _convertIpToComparableString($ip)
385
- {
386
- $partsOfIp = explode(".", trim($ip));
387
- if (count($partsOfIp) != 4) {
388
- throw new Exception("Incorrect IP format: " . $ip);
389
- }
390
- $comparableIpString = sprintf(
391
- "%03d%03d%03d%03d",
392
- $partsOfIp[0],
393
- $partsOfIp[1],
394
- $partsOfIp[2],
395
- $partsOfIp[3]
396
- );
397
- return $comparableIpString;
398
-
399
- }
400
-
401
- /**
402
- * Is ip in list of IP rules
403
- *
404
- * @param $searchIp string
405
- * @param $ipRulesList array
406
- * @return bool
407
- */
408
- public function isIpInList($searchIp, $ipRulesList)
409
- {
410
- $searchIpComparable = $this->_convertIpToComparableString($searchIp);
411
- if (count($ipRulesList) > 0) {
412
- foreach ($ipRulesList as $ipRule) {
413
- $ip = explode("|", $ipRule);
414
- $ip = trim($ip[0]);
415
- try {
416
- $ipRange = $this->_convertIpStringToIpRange($ip);
417
- //var_dump($ipRange);
418
- if (count($ipRange) == 2) {
419
- $ipFrom = $ipRange["first"];
420
- $ipTo = $ipRange["last"];
421
- if ((strcmp($ipFrom, $searchIpComparable) <= 0) &&
422
- (strcmp($searchIpComparable, $ipTo) <= 0)
423
- ) {
424
- $this->_lastFoundIp = $ipRule;
425
- return true;
426
- }
427
- }
428
- } catch (Exception $e) {
429
- Mage::log($e->getMessage());
430
- }
431
- //}
432
- }
433
- }
434
- return false;
435
- }
436
-
437
- /**
438
- * Trim trailing slashes, except single "/"
439
- *
440
- * @param $str string
441
- * @return string
442
- */
443
- protected function trimTrailingSlashes($str)
444
- {
445
- $str = trim($str);
446
- return $str == '/' ? $str : rtrim($str, '/');
447
- }
448
-
449
- /**
450
- * Send to admin information about IP blocking
451
- */
452
- protected function _send()
453
- {
454
- $sendResult = false;
455
- if (!$this->_eventEmail) {
456
- return $sendResult;
457
- }
458
- $currentIp = $this->getCurrentIp();
459
- //$storeId = 0; //admin
460
-
461
- $recipients = explode(",", $this->_eventEmail);
462
-
463
- /* @var $emailTemplate Mage_Core_Model_Email_Template */
464
- $emailTemplate = Mage::getModel('core/email_template');
465
- foreach ($recipients as $recipient) {
466
- $sendResult = $emailTemplate->setDesignConfig(array('area' => 'backend'))
467
- ->sendTransactional(
468
- $this->_emailTemplate,
469
- $this->_emailIdentity,
470
- trim($recipient),
471
- trim($recipient),
472
- array(
473
- 'ip' => $currentIp,
474
- 'ip_rule' => Mage::helper('etipsecurity')->__($this->getLastBlockRule()), // TODO: translation
475
- 'date' => Mage::app()->getLocale()->date(date("Y-m-d H:i:s"), Mage::app()->getLocale()
476
- ->getDateTimeFormat(Mage_Core_Model_Locale::FORMAT_TYPE_MEDIUM), null, true),
477
- 'storetype' => $this->_storeType,
478
- 'info' => base64_encode(serialize(array($this->_rawAllowIpData, $this->_rawBlockIpData))),
479
- )
480
- );
481
- }
482
- return $sendResult;
483
- }
484
-
485
- /**
486
- * Return block rule
487
- *
488
- * @return string
489
- */
490
- public function getLastBlockRule()
491
- {
492
- $lastBlockRule = 'Not in allowed list';
493
- if (!is_null($this->_lastFoundIp)) {
494
- $lastBlockRule = $this->_lastFoundIp;
495
- }
496
- return $lastBlockRule;
497
- }
498
-
499
- /**
500
- * Get IP of current client
501
- *
502
- * @return string
503
- */
504
- public function getCurrentIp()
505
- {
506
- // http://support.etwebsolutions.com/issues/373
507
- /*
508
- if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
509
- $currentIp = $_SERVER['HTTP_X_FORWARDED_FOR'];
510
- } else {
511
- $currentIp = $_SERVER['REMOTE_ADDR'];
512
- }
513
- */
514
- $currentIp = $_SERVER['REMOTE_ADDR'];
515
- return $currentIp;
516
- }
517
-
518
- /**
519
- * Convert string with IP to IP array
520
- *
521
- * @param $text string
522
- * @return array
523
- */
524
- protected function _ipTextToArray($text)
525
- {
526
- $ips = preg_split("/[\n\r]+/", $text);
527
- foreach ($ips as $ipsk => $ipsv) {
528
- if (trim($ipsv) == "") {
529
- unset($ips[$ipsk]);
530
- }
531
- }
532
- return $ips;
533
- }
534
-
535
- /**
536
- * Save Blocked IP to log
537
- *
538
- * @param array $params
539
- * @return bool
540
- */
541
- protected function saveToLog($params = array())
542
- {
543
- $neednotify = true;
544
-
545
- if (!((isset($params['blocked_ip'])) && (strlen(trim($params['blocked_ip'])) > 0))) {
546
- $params['blocked_ip'] = $this->getCurrentIp();
547
- }
548
-
549
- if (!((isset($params['blocked_from'])) && (strlen(trim($params['blocked_from'])) > 0))) {
550
- $params['blocked_from'] = 'undefined';
551
- }
552
-
553
- $now = now();
554
-
555
- /* @var $logtable ET_IpSecurity_Model_Mysql4_Ipsecuritylog_Collection */
556
- $logtable = Mage::getModel('etipsecurity/ipsecuritylog')->getCollection();
557
- $logtable->getSelect()->where('blocked_from=?', $params['blocked_from'])
558
- ->where('blocked_ip=?', $params['blocked_ip']);
559
-
560
- if (count($logtable) > 0) {
561
- foreach ($logtable as $row) {
562
- /* @var $row ET_IpSecurity_Model_Ipsecuritylog */
563
- $timesBlocked = $row->getData('qty') + 1;
564
- $row->setData('qty', $timesBlocked);
565
- $row->setData('last_block_rule', $this->getLastBlockRule());
566
- $row->setData('update_time', $now);
567
- $row->save();
568
- if (($timesBlocked % 10) == 0) {
569
- $neednotify = true;
570
- } else {
571
- $neednotify = false;
572
- }
573
- }
574
- } else {
575
- $log = Mage::getModel('etipsecurity/ipsecuritylog');
576
-
577
- $log->setData('blocked_from', $params['blocked_from']);
578
- $log->setData('blocked_ip', $params['blocked_ip']);
579
- $log->setData('qty', '1');
580
- $log->setData('last_block_rule', $this->getLastBlockRule());
581
- $log->setData('create_time', $now);
582
- $log->setData('update_time', $now);
583
-
584
- $log->save();
585
- $neednotify = true;
586
- }
587
-
588
- // if returns true - IP blocked for first time or timesBloked is 10, 20, 30 etc.
589
- return $neednotify;
590
- }
591
-
592
  }
1
+ <?php
2
+ /**
3
+ * NOTICE OF LICENSE
4
+ *
5
+ * You may not sell, sub-license, rent or lease
6
+ * any portion of the Software or Documentation to anyone.
7
+ *
8
+ * DISCLAIMER
9
+ *
10
+ * Do not edit or add to this file if you wish to upgrade to newer
11
+ * versions in the future.
12
+ *
13
+ * @category ET
14
+ * @package ET_IpSecurity
15
+ * @copyright Copyright (c) 2012 ET Web Solutions (http://etwebsolutions.com)
16
+ * @contacts support@etwebsolutions.com
17
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
18
+ */
19
+
20
+ class ET_IpSecurity_Model_Observer
21
+ {
22
+ protected $_redirectPage = null;
23
+ protected $_redirectBlank = null;
24
+ protected $_rawAllowIpData = null;
25
+ protected $_rawBlockIpData = null;
26
+ protected $_rawExceptIpData = null;
27
+ protected $_eventEmail = "";
28
+ protected $_emailTemplate = 0;
29
+ protected $_emailIdentity = null;
30
+ protected $_storeType = null;
31
+ protected $_lastFoundIp = null;
32
+ protected $_isFrontend = false;
33
+ protected $_isDownloader = false;
34
+ protected $_alwaysNotify = false;
35
+
36
+ /**
37
+ * If loading Frontend
38
+ *
39
+ * @param $observer
40
+ */
41
+ public function onLoadingFrontend($observer)
42
+ {
43
+ $this->_readFrontendConfig();
44
+ $this->_processIpCheck($observer);
45
+ }
46
+
47
+ /**
48
+ * If loading Admin
49
+ *
50
+ * @param $observer
51
+ */
52
+ public function onLoadingAdmin($observer)
53
+ {
54
+ $this->_readAdminConfig();
55
+ $this->_processIpCheck($observer);
56
+ }
57
+
58
+ /**
59
+ * On failed login to Admin
60
+ *
61
+ * @param $observer
62
+ */
63
+ public function onAdminLoginFailed($observer)
64
+ {
65
+ // TODO: for http://support.etwebsolutions.com/issues/371
66
+ }
67
+
68
+ /**
69
+ * On loading Downloader
70
+ *
71
+ * @param $observer
72
+ */
73
+ public function onLoadingDownloader($observer)
74
+ {
75
+ //only in downloader exists Maged_Controller class
76
+ if (class_exists("Maged_Controller", false)) {
77
+ $this->_readDownloaderConfig();
78
+ $this->_processIpCheck($observer);
79
+ }
80
+ }
81
+
82
+ /**
83
+ * Reading configuration for Frontend
84
+ */
85
+ protected function _readFrontendConfig()
86
+ {
87
+ $this->_redirectPage = $this->trimTrailingSlashes(
88
+ Mage::getStoreConfig('etipsecurity/ipsecurityfront/redirect_page'));
89
+ $this->_redirectBlank = Mage::getStoreConfig('etipsecurity/ipsecurityfront/redirect_blank');
90
+ $this->_rawAllowIpData = Mage::getStoreConfig('etipsecurity/ipsecurityfront/allow');
91
+ $this->_rawBlockIpData = Mage::getStoreConfig('etipsecurity/ipsecurityfront/block');
92
+ $this->_eventEmail = Mage::getStoreConfig('etipsecurity/ipsecurityfront/email_event');
93
+ $this->_emailTemplate = Mage::getStoreConfig('etipsecurity/ipsecurityfront/email_template');
94
+ $this->_emailIdentity = Mage::getStoreConfig('etipsecurity/ipsecurityfront/email_identity');
95
+ $this->_alwaysNotify = Mage::getStoreConfig('etipsecurity/ipsecurityfront/email_always');
96
+ $this->_rawExceptIpData = Mage::getStoreConfig('etipsecurity/ipsecuritymaintetance/except');
97
+
98
+ $this->_storeType = Mage::helper("catalog")->__("Frontend");
99
+ $this->_isFrontend = true;
100
+ }
101
+
102
+ /**
103
+ * Reading configuration for Admin
104
+ */
105
+ protected function _readAdminConfig()
106
+ {
107
+ $this->_redirectPage = $this->trimTrailingSlashes(
108
+ Mage::getStoreConfig('etipsecurity/ipsecurityadmin/redirect_page'));
109
+ $this->_redirectBlank = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/redirect_blank');
110
+ $this->_rawAllowIpData = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/allow');
111
+ $this->_rawBlockIpData = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/block');
112
+ $this->_eventEmail = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/email_event');
113
+ $this->_emailTemplate = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/email_template');
114
+ $this->_emailIdentity = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/email_identity');
115
+ $this->_alwaysNotify = Mage::getStoreConfig('etipsecurity/ipsecurityadmin/email_always');
116
+
117
+ $this->_storeType = Mage::helper("core")->__("Admin");
118
+ $this->_isFrontend = false;
119
+ }
120
+
121
+ /**
122
+ * Read configuration for Downloader (used Admin config)
123
+ */
124
+ protected function _readDownloaderConfig()
125
+ {
126
+ $this->_readAdminConfig();
127
+ $this->_storeType = Mage::helper("etipsecurity")->__("Downloader");
128
+ $this->_isDownloader = true;
129
+
130
+ // TODO: заглушка. Если страницы для перехода не существует,
131
+ // то поиск ссылки на no-rout вызывет ошибку.
132
+ //$this->_redirectBlank = true;
133
+ }
134
+
135
+ /**
136
+ * Get current Scope (frontend, admin, downloader)
137
+ *
138
+ * @return string
139
+ */
140
+ protected function _getScopeName()
141
+ {
142
+ if ($this->_isFrontend) {
143
+ $scope = 'frontend';
144
+ } elseif ($this->_isDownloader) {
145
+ $scope = 'downloader';
146
+ } else {
147
+ $scope = 'admin';
148
+ }
149
+
150
+ return $scope;
151
+ }
152
+
153
+ /**
154
+ * Checking current ip for rules
155
+ *
156
+ * @param $observer
157
+ * @return ET_IpSecurity_Model_Observer
158
+ */
159
+ protected function _processIpCheck($observer)
160
+ {
161
+ $currentIp = $this->getCurrentIp();
162
+ $allowIps = $this->_ipTextToArray($this->_rawAllowIpData);
163
+ $blockIps = $this->_ipTextToArray($this->_rawBlockIpData);
164
+
165
+ $allow = $this->isIpAllowed($currentIp, $allowIps, $blockIps);
166
+ $this->_processAllowDeny($allow, $currentIp);
167
+
168
+ return $this;
169
+ }
170
+
171
+ /**
172
+ * Check IP for allow/deny rules
173
+ *
174
+ * @param $currentIp string
175
+ * @param $allowIps array
176
+ * @param $blockIps array
177
+ * @return bool
178
+ */
179
+ public function isIpAllowed($currentIp, $allowIps, $blockIps)
180
+ {
181
+ $allow = true;
182
+
183
+ # look for allowed
184
+ if ($allowIps) {
185
+ # block all except allowed
186
+ $allow = false;
187
+
188
+ # are there any allowed ips
189
+ if ($this->isIpInList($currentIp, $allowIps)) {
190
+ $allow = true;
191
+ }
192
+ }
193
+
194
+ # look for blocked
195
+ if ($blockIps) {
196
+ # are there any blocked ips
197
+ if ($this->isIpInList($currentIp, $blockIps)) {
198
+ $allow = false;
199
+ }
200
+ }
201
+ return $allow;
202
+ }
203
+
204
+ /**
205
+ * Redirect denied users to block page or show maintenance page to visitor
206
+ *
207
+ * @param $allow boolean
208
+ * @param $currentIp string
209
+ */
210
+ protected function _processAllowDeny($allow, $currentIp)
211
+ {
212
+ //TODO: Refactoring?
213
+ $currentPage = $this->trimTrailingSlashes(Mage::helper('core/url')->getCurrentUrl());
214
+ // searching for CMS page storeId
215
+ // if we don't do it - we have loop in redirect with setting Add Store Code to Urls = Yes
216
+ // (block access to admin redirects to admin)
217
+ $pageStoreId = $this->getPageStoreId();
218
+ $this->_redirectPage = $this->trimTrailingSlashes(Mage::app()->getStore($pageStoreId)->getBaseUrl())
219
+ . "/" . $this->_redirectPage;
220
+ $scope = $this->_getScopeName();
221
+
222
+ if (!strlen($this->_redirectPage) && !$this->_isDownloader) {
223
+ $this->_redirectPage = $this->trimTrailingSlashes(Mage::getUrl('no-route'));
224
+ }
225
+
226
+ if ($this->_redirectBlank == 1 && !$allow) {
227
+ header("HTTP/1.1 403 Forbidden");
228
+ header("Status: 403 Forbidden");
229
+ header("Content-type: text/html");
230
+ $needToNotify = $this->saveToLog(array('blocked_from' => $scope, 'blocked_ip' => $currentIp));
231
+ if (($this->_alwaysNotify) || $needToNotify) {
232
+ $this->_send();
233
+ }
234
+ exit("Access denied for IP:<b> " . $currentIp . "</b>");
235
+ }
236
+
237
+ if ($this->trimTrailingSlashes($currentPage) != $this->trimTrailingSlashes($this->_redirectPage) && !$allow) {
238
+ header('Location: ' . $this->_redirectPage);
239
+ $needToNotify = $this->saveToLog(array('blocked_from' => $scope, 'blocked_ip' => $currentIp));
240
+ if (($this->_alwaysNotify) || $needToNotify) {
241
+ $this->_send();
242
+ }
243
+ exit();
244
+ }
245
+
246
+ $exceptIps = $this->_ipTextToArray($this->_rawExceptIpData);
247
+ $isMaintenanceMode = Mage::getStoreConfig('etipsecurity/ipsecuritymaintetance/enabled');
248
+ if (($isMaintenanceMode) && ($this->_isFrontend)) {
249
+ $doNotLoadSite = true;
250
+ # look for except
251
+ if ($exceptIps) {
252
+ # are there any except ips
253
+ if ($this->isIpInList($currentIp, $exceptIps)) {
254
+ Mage::app()->getResponse()->appendBody(
255
+ html_entity_decode(
256
+ Mage::getStoreConfig('etipsecurity/ipsecuritymaintetance/remindermessage'),
257
+ ENT_QUOTES,
258
+ "utf-8"
259
+ )
260
+ );
261
+ $doNotLoadSite = false;
262
+ }
263
+ }
264
+
265
+ if ($doNotLoadSite) {
266
+ header('HTTP/1.1 503 Service Temporarily Unavailable');
267
+ header('Status: 503 Service Temporarily Unavailable');
268
+ header('Retry-After: 7200'); // in seconds
269
+ print html_entity_decode(
270
+ Mage::getStoreConfig('etipsecurity/ipsecuritymaintetance/message'),
271
+ ENT_QUOTES,
272
+ "utf-8"
273
+ );
274
+ exit();
275
+ }
276
+
277
+ }
278
+ }
279
+
280
+
281
+ /**
282
+ * Get store id of target redirect cms page
283
+ *
284
+ * @return int
285
+ */
286
+ public function getPageStoreId()
287
+ {
288
+ $stores = array();
289
+ $pageStoreIds = array();
290
+
291
+ foreach (Mage::app()->getStores() as $store) {
292
+ /* @var $store Mage_Core_Model_Store */
293
+ $stores[] = $store->getId();
294
+ $pageId = Mage::getModel('cms/page')->checkIdentifier($this->_redirectPage, $store->getId());
295
+ if ($pageId === false) {
296
+ continue;
297
+ }
298
+ $pageStoreIds = Mage::getResourceModel('cms/page')->lookupStoreIds($pageId);
299
+ if (count($pageStoreIds)) { // found page
300
+ break;
301
+ }
302
+ }
303
+
304
+ if (!count($pageStoreIds)) { // no found in any store
305
+ $pageStoreIds[] = 0;
306
+ }
307
+ //default
308
+ $pageStoreId = 0;
309
+ foreach ($pageStoreIds as $pageStoreId) {
310
+ if ($pageStoreId > 0) {
311
+ break;
312
+ }
313
+ }
314
+
315
+ if ($pageStoreId == 0) {
316
+ $pageStoreId = $stores[0];
317
+ return $pageStoreId; // first available store
318
+ }
319
+ return $pageStoreId;
320
+ }
321
+
322
+
323
+ /**
324
+ * Convert IP range as string to array with first and last IP of range
325
+ *
326
+ * @param $ipRange string
327
+ * @return array[first,last]
328
+ */
329
+ protected function _convertIpStringToIpRange($ipRange)
330
+ {
331
+ $ip = explode("|", $ipRange);
332
+ $ip = trim($ip[0]);
333
+ $simpleRange = explode("-", $ip);
334
+ //for xx.xx.xx.xx-yy.yy.yy.yy
335
+ if (count($simpleRange) == 2) {
336
+ $comparableIpRange = array(
337
+ "first" => $this->_convertIpToComparableString($simpleRange[0]),
338
+ "last" => $this->_convertIpToComparableString($simpleRange[1]));
339
+ return $comparableIpRange;
340
+ }
341
+ //for xx.xx.xx.*
342
+ if (strpos($ip, "*") !== false) {
343
+ $fromIp = str_replace("*", "0", $ip);
344
+ $toIp = str_replace("*", "255", $ip);
345
+ $comparableIpRange = array(
346
+ "first" => $this->_convertIpToComparableString($fromIp),
347
+ "last" => $this->_convertIpToComparableString($toIp));
348
+ return $comparableIpRange;
349
+ }
350
+ //for xx.xx.xx.xx/yy
351
+ $maskRange = explode("/", $ip);
352
+ if (count($maskRange) == 2) {
353
+ $maskMoves = 32 - $maskRange[1];
354
+ $mask = (0xFFFFFFFF >> $maskMoves) << $maskMoves;
355
+ $subMask = 0;
356
+ for ($maskDigits = 0; $maskDigits < $maskMoves; $maskDigits++) {
357
+ $subMask = ($subMask << 1) | 1;
358
+ }
359
+ $fromIp = ip2long($maskRange[0]) & $mask;
360
+ $toIp = long2ip($fromIp | $subMask);
361
+ $fromIp = long2ip($fromIp);
362
+ $comparableIpRange = array(
363
+ "first" => $this->_convertIpToComparableString($fromIp),
364
+ "last" => $this->_convertIpToComparableString($toIp));
365
+ return $comparableIpRange;
366
+ }
367
+
368
+ $comparableIpRange = array(
369
+ "first" => $this->_convertIpToComparableString($ip),
370
+ "last" => $this->_convertIpToComparableString($ip)
371
+ );
372
+
373
+ return $comparableIpRange;
374
+
375
+ }
376
+
377
+ /**
378
+ * Convert IP address (x.xx.xxx.xx) to easy comparable string (xxx.xxx.xxx.xxx)
379
+ *
380
+ * @param $ip string
381
+ * @return string
382
+ * @throws Exception
383
+ */
384
+ protected function _convertIpToComparableString($ip)
385
+ {
386
+ $partsOfIp = explode(".", trim($ip));
387
+ if (count($partsOfIp) != 4) {
388
+ throw new Exception("Incorrect IP format: " . $ip);
389
+ }
390
+ $comparableIpString = sprintf(
391
+ "%03d%03d%03d%03d",
392
+ $partsOfIp[0],
393
+ $partsOfIp[1],
394
+ $partsOfIp[2],
395
+ $partsOfIp[3]
396
+ );
397
+ return $comparableIpString;
398
+
399
+ }
400
+
401
+ /**
402
+ * Is ip in list of IP rules
403
+ *
404
+ * @param $searchIp string
405
+ * @param $ipRulesList array
406
+ * @return bool
407
+ */
408
+ public function isIpInList($searchIp, $ipRulesList)
409
+ {
410
+ $searchIpComparable = $this->_convertIpToComparableString($searchIp);
411
+ if (count($ipRulesList) > 0) {
412
+ foreach ($ipRulesList as $ipRule) {
413
+ $ip = explode("|", $ipRule);
414
+ $ip = trim($ip[0]);
415
+ try {
416
+ $ipRange = $this->_convertIpStringToIpRange($ip);
417
+ //var_dump($ipRange);
418
+ if (count($ipRange) == 2) {
419
+ $ipFrom = $ipRange["first"];
420
+ $ipTo = $ipRange["last"];
421
+ if ((strcmp($ipFrom, $searchIpComparable) <= 0) &&
422
+ (strcmp($searchIpComparable, $ipTo) <= 0)
423
+ ) {
424
+ $this->_lastFoundIp = $ipRule;
425
+ return true;
426
+ }
427
+ }
428
+ } catch (Exception $e) {
429
+ Mage::log($e->getMessage());
430
+ }
431
+ //}
432
+ }
433
+ }
434
+ return false;
435
+ }
436
+
437
+ /**
438
+ * Trim trailing slashes, except single "/"
439
+ *
440
+ * @param $str string
441
+ * @return string
442
+ */
443
+ protected function trimTrailingSlashes($str)
444
+ {
445
+ $str = trim($str);
446
+ return $str == '/' ? $str : rtrim($str, '/');
447
+ }
448
+
449
+ /**
450
+ * Send to admin information about IP blocking
451
+ */
452
+ protected function _send()
453
+ {
454
+ $sendResult = false;
455
+ if (!$this->_eventEmail) {
456
+ return $sendResult;
457
+ }
458
+ $currentIp = $this->getCurrentIp();
459
+ //$storeId = 0; //admin
460
+
461
+ $recipients = explode(",", $this->_eventEmail);
462
+
463
+ /* @var $emailTemplate Mage_Core_Model_Email_Template */
464
+ $emailTemplate = Mage::getModel('core/email_template');
465
+ foreach ($recipients as $recipient) {
466
+ $sendResult = $emailTemplate->setDesignConfig(array('area' => 'backend'))
467
+ ->sendTransactional(
468
+ $this->_emailTemplate,
469
+ $this->_emailIdentity,
470
+ trim($recipient),
471
+ trim($recipient),
472
+ array(
473
+ 'ip' => $currentIp,
474
+ 'ip_rule' => Mage::helper('etipsecurity')->__($this->getLastBlockRule()), // TODO: translation
475
+ 'date' => Mage::helper('core')->formatDate(null, Mage_Core_Model_Locale::FORMAT_TYPE_FULL, true),
476
+ 'storetype' => $this->_storeType,
477
+ 'url' => Mage::helper('core/url')->getCurrentUrl(),
478
+ 'info' => base64_encode(serialize(array($this->_rawAllowIpData, $this->_rawBlockIpData))),
479
+ )
480
+ );
481
+ }
482
+ return $sendResult;
483
+ }
484
+
485
+ /**
486
+ * Return block rule
487
+ *
488
+ * @return string
489
+ */
490
+ public function getLastBlockRule()
491
+ {
492
+ $lastBlockRule = 'Not in allowed list';
493
+ if (!is_null($this->_lastFoundIp)) {
494
+ $lastBlockRule = $this->_lastFoundIp;
495
+ }
496
+ return $lastBlockRule;
497
+ }
498
+
499
+ /**
500
+ * Get IP of current client
501
+ *
502
+ * @return string
503
+ */
504
+ public function getCurrentIp()
505
+ {
506
+ $helper = Mage::helper('etipsecurity');
507
+ $selectedIpVariable = $helper->getIpVariable();
508
+ $currentIp = $_SERVER[$selectedIpVariable];
509
+ return $currentIp;
510
+ }
511
+
512
+ /**
513
+ * Convert string with IP to IP array
514
+ *
515
+ * @param $text string
516
+ * @return array
517
+ */
518
+ protected function _ipTextToArray($text)
519
+ {
520
+ $ips = preg_split("/[\n\r]+/", $text);
521
+ foreach ($ips as $ipsk => $ipsv) {
522
+ if (trim($ipsv) == "") {
523
+ unset($ips[$ipsk]);
524
+ }
525
+ }
526
+ return $ips;
527
+ }
528
+
529
+ /**
530
+ * Save Blocked IP to log
531
+ *
532
+ * @param array $params
533
+ * @return bool
534
+ */
535
+ protected function saveToLog($params = array())
536
+ {
537
+ $neednotify = true;
538
+
539
+ if (!((isset($params['blocked_ip'])) && (strlen(trim($params['blocked_ip'])) > 0))) {
540
+ $params['blocked_ip'] = $this->getCurrentIp();
541
+ }
542
+
543
+ if (!((isset($params['blocked_from'])) && (strlen(trim($params['blocked_from'])) > 0))) {
544
+ $params['blocked_from'] = 'undefined';
545
+ }
546
+
547
+ $now = now();
548
+
549
+ /* @var $logtable ET_IpSecurity_Model_Mysql4_Ipsecuritylog_Collection */
550
+ $logtable = Mage::getModel('etipsecurity/ipsecuritylog')->getCollection();
551
+ $logtable->getSelect()->where('blocked_from=?', $params['blocked_from'])
552
+ ->where('blocked_ip=?', $params['blocked_ip']);
553
+
554
+ if (count($logtable) > 0) {
555
+ foreach ($logtable as $row) {
556
+ /* @var $row ET_IpSecurity_Model_Ipsecuritylog */
557
+ $timesBlocked = $row->getData('qty') + 1;
558
+ $row->setData('qty', $timesBlocked);
559
+ $row->setData('last_block_rule', $this->getLastBlockRule());
560
+ $row->setData('update_time', $now);
561
+ $row->save();
562
+ if (($timesBlocked % 10) == 0) {
563
+ $neednotify = true;
564
+ } else {
565
+ $neednotify = false;
566
+ }
567
+ }
568
+ } else {
569
+ $log = Mage::getModel('etipsecurity/ipsecuritylog');
570
+
571
+ $log->setData('blocked_from', $params['blocked_from']);
572
+ $log->setData('blocked_ip', $params['blocked_ip']);
573
+ $log->setData('qty', '1');
574
+ $log->setData('last_block_rule', $this->getLastBlockRule());
575
+ $log->setData('create_time', $now);
576
+ $log->setData('update_time', $now);
577
+
578
+ $log->save();
579
+ $neednotify = true;
580
+ }
581
+
582
+ // if returns true - IP blocked for first time or timesBloked is 10, 20, 30 etc.
583
+ return $neednotify;
584
+ }
585
+
 
 
 
 
 
 
586
  }
app/code/community/ET/IpSecurity/etc/config.xml CHANGED
@@ -1,302 +1,305 @@
1
- <?xml version="1.0"?>
2
- <!--
3
- /**
4
- * NOTICE OF LICENSE
5
- *
6
- * You may not sell, sub-license, rent or lease
7
- * any portion of the Software or Documentation to anyone.
8
- *
9
- * DISCLAIMER
10
- *
11
- * Do not edit or add to this file if you wish to upgrade to newer
12
- * versions in the future.
13
- *
14
- * @category ET
15
- * @package ET_IpSecurity
16
- * @copyright Copyright (c) 2012 ET Web Solutions (http://etwebsolutions.com)
17
- * @contacts support@etwebsolutions.com
18
- * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
19
- */
20
- -->
21
-
22
- <config>
23
- <modules>
24
- <ET_IpSecurity>
25
- <name>ET Ip Security</name>
26
- <version>2.0.1</version>
27
- <descr>
28
- <ru_RU><![CDATA[Модуль позволяет ограничивать доступ к сайту посетителям по IP, IP маскам или диапозону IP.
29
- <br>При срабатывании правила перенаправляет посетителя на указанную CMS страницу или просто на пустую страницу.
30
- Также может оповестить владельца сайта о сработавшем правиле по е-майл.
31
- <br><br>
32
- Доступна функция отключения сайта на техническое обслуживание.]]>
33
- </ru_RU>
34
- <en_US><![CDATA[Extension allows to restrict access to website for visitors by IP, IP mask or IP range.
35
- <br>When blocking rule is triggered user will be redirected to selected CMS page or blank page.
36
- Extension can also notify website owner about blocked visitor by email.
37
- <br><br>
38
- Secondary feature: Allows to turn off frontend during maintenance operations.]]>
39
- </en_US>
40
- </descr>
41
- <permanentlink>
42
- <ru_RU>http://shop.etwebsolutions.com/rus/et-ip-security.html</ru_RU>
43
- <en_US>http://shop.etwebsolutions.com/eng/et-ip-security.html</en_US>
44
- </permanentlink>
45
- <license>
46
- <ru_RU><![CDATA[ETWS Свободная лицензия (EFL1)]]></ru_RU>
47
- <en_US><![CDATA[ETWS Free License (EFL1)]]></en_US>
48
- </license>
49
- <licenselink>
50
- <ru_RU>http://shop.etwebsolutions.com/rus/etws-license-free-v1</ru_RU>
51
- <en_US>http://shop.etwebsolutions.com/eng/etws-license-free-v1</en_US>
52
- </licenselink>
53
- <redminelink>http://support.etwebsolutions.com/projects/et-ipsecurity/roadmap</redminelink>
54
- <ourserviceslink>
55
- <ru_RU>http://shop.etwebsolutions.com/rus/our-services</ru_RU>
56
- <en_US>http://shop.etwebsolutions.com/eng/our-services</en_US>
57
- </ourserviceslink>
58
- </ET_IpSecurity>
59
- </modules>
60
- <global>
61
- <models>
62
- <etipsecurity>
63
- <class>ET_IpSecurity_Model</class>
64
- <resourceModel>etipsecurity_mysql4</resourceModel>
65
- </etipsecurity>
66
- <etipsecurity_mysql4>
67
- <class>ET_IpSecurity_Model_Mysql4</class>
68
- <entities>
69
- <ipsecuritylog>
70
- <table>ipsecurity_log</table>
71
- </ipsecuritylog>
72
- </entities>
73
- </etipsecurity_mysql4>
74
- </models>
75
- <helpers>
76
- <etipsecurity>
77
- <class>ET_IpSecurity_Helper</class>
78
- </etipsecurity>
79
- </helpers>
80
- <blocks>
81
- <etipsecurity>
82
- <class>ET_IpSecurity_Block</class>
83
- </etipsecurity>
84
- </blocks>
85
- <resources>
86
- <ipsecurity_setup>
87
- <setup>
88
- <module>ET_IpSecurity</module>
89
- </setup>
90
- <connection>
91
- <use>core_setup</use>
92
- </connection>
93
- </ipsecurity_setup>
94
- <etipsecurity_write>
95
- <connection>
96
- <use>core_write</use>
97
- </connection>
98
- </etipsecurity_write>
99
- <etipsecurity_read>
100
- <connection>
101
- <use>core_read</use>
102
- </connection>
103
- </etipsecurity_read>
104
- </resources>
105
-
106
-
107
- <template>
108
- <email>
109
- <etipsecurity_ipsecurityfront_email_template translate="label" module="etipsecurity">
110
- <label>Security Violence to Frontend</label>
111
- <file>et_ipsecurity.html</file>
112
- <type>text</type>
113
- </etipsecurity_ipsecurityfront_email_template>
114
- <etipsecurity_ipsecurityadmin_email_template translate="label" module="etipsecurity">
115
- <label>Security Violence to Admin</label>
116
- <file>et_ipsecurity_admin.html</file>
117
- <type>text</type>
118
- </etipsecurity_ipsecurityadmin_email_template>
119
- </email>
120
- </template>
121
-
122
-
123
- <events>
124
- <!--
125
- <admin_session_user_login_failed>
126
- <observers>
127
- <ET_IpSecurity_observer>
128
- <type>singleton</type>
129
- <class>etipsecurity/observer</class>
130
- <method>onAdminLoginFailed</method>
131
- </ET_IpSecurity_observer>
132
- </observers>
133
- </admin_session_user_login_failed>
134
- -->
135
- <controller_front_init_routers>
136
- <observers>
137
- <ET_IpSecurity_observer>
138
- <type>singleton</type>
139
- <class>etipsecurity/observer</class>
140
- <method>onLoadingDownloader</method>
141
- </ET_IpSecurity_observer>
142
- </observers>
143
- </controller_front_init_routers>
144
- </events>
145
- </global>
146
-
147
- <default>
148
- <etipsecurity>
149
- <ipsecurityfront>
150
- <email_always>0</email_always>
151
- </ipsecurityfront>
152
- <ipsecurityadmin>
153
- <email_always>0</email_always>
154
- </ipsecurityadmin>
155
- <ipsecuritymaintetance>
156
- <enabled>0</enabled>
157
- <message><![CDATA[
158
- <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
159
- <head>
160
- <title>We're sorry, but our website is under maintenance.</title>
161
- <style>
162
- body {
163
- background:#FFF none repeat scroll 0 0;
164
- color:#000;
165
- font-family:Helvetica,Arial,Verdana,sans-serif;
166
- font-size:12px;
167
-
168
- margin:0;
169
- padding:0;
170
- text-align:center;
171
- }
172
- h1
173
- {
174
- margin:0px;
175
- padding:0px;
176
- margin-top:30%;
177
- font-size: 25pt;
178
- display:block;
179
- }
180
- h2
181
- {
182
- padding:0px;
183
- margin-top: 5px;
184
- font-size: 18pt;
185
- }
186
-
187
- </style>
188
- </head>
189
-
190
- <body>
191
- <h1>We're sorry, but our website is under maintenance.</h1>
192
- <h2>Please try refreshing this page later.</h2>
193
- </body>
194
- ]]>
195
- </message>
196
- <remindermessage>
197
- <![CDATA[<p style="margin:0; padding:6px 10px; background:#d75f07; font-size:12px; line-height:1.15; text-align:center; color:#fff;">This store is under maintenance. Yo can see this page because your IP is in exception list.</p>]]></remindermessage>
198
- </ipsecuritymaintetance>
199
- </etipsecurity>
200
- </default>
201
-
202
-
203
- <frontend>
204
- <events>
205
- <controller_action_predispatch>
206
- <observers>
207
- <ET_IpSecurity_observer>
208
- <type>singleton</type>
209
- <class>etipsecurity/observer</class>
210
- <method>onLoadingFrontend</method>
211
- </ET_IpSecurity_observer>
212
- </observers>
213
- </controller_action_predispatch>
214
- </events>
215
- </frontend>
216
- <admin>
217
- <routers>
218
- <etipsecurity>
219
- <use>admin</use>
220
- <args>
221
- <module>ET_IpSecurity</module>
222
- <frontName>etipsecurity</frontName>
223
- </args>
224
- </etipsecurity>
225
- </routers>
226
- </admin>
227
- <adminhtml>
228
- <events>
229
- <controller_action_predispatch>
230
- <observers>
231
- <ET_IpSecurity_observer>
232
- <type>singleton</type>
233
- <class>etipsecurity/observer</class>
234
- <method>onLoadingAdmin</method>
235
- </ET_IpSecurity_observer>
236
- </observers>
237
- </controller_action_predispatch>
238
- </events>
239
- <menu>
240
- <customer>
241
- <children>
242
- <etipsecurity translate="title" module="etipsecurity">
243
- <title>ET IP Security log</title>
244
- <action>etipsecurity/adminhtml_log</action>
245
- <sort_order>300</sort_order>
246
- </etipsecurity>
247
- </children>
248
- </customer>
249
- </menu>
250
- <acl>
251
- <resources>
252
- <admin>
253
- <children>
254
- <system>
255
- <children>
256
- <config>
257
- <children>
258
- <etipsecurity translate="title" module="etipsecurity">
259
- <title>ET IP Security Section</title>
260
- <sort_order>300</sort_order>
261
- </etipsecurity>
262
- </children>
263
- </config>
264
- </children>
265
- </system>
266
- <customer>
267
- <children>
268
- <etipsecurity translate="title" module="etipsecurity">
269
- <title>ET IP Security log</title>
270
- <sort_order>300</sort_order>
271
- </etipsecurity>
272
- </children>
273
- </customer>
274
- </children>
275
- </admin>
276
- </resources>
277
- </acl>
278
- <translate>
279
- <modules>
280
- <ET_IpSecurity>
281
- <files>
282
- <default>ET_IpSecurity.csv</default>
283
- </files>
284
- </ET_IpSecurity>
285
- </modules>
286
- </translate>
287
- <layout>
288
- <updates>
289
- <etipsecurity>
290
- <file>et_ipsecurity.xml</file>
291
- </etipsecurity>
292
- </updates>
293
- </layout>
294
- </adminhtml>
295
- <phpunit>
296
- <suite>
297
- <modules>
298
- <ET_IpSecurity />
299
- </modules>
300
- </suite>
301
- </phpunit>
302
- </config>
 
 
 
1
+ <?xml version="1.0"?>
2
+ <!--
3
+ /**
4
+ * NOTICE OF LICENSE
5
+ *
6
+ * You may not sell, sub-license, rent or lease
7
+ * any portion of the Software or Documentation to anyone.
8
+ *
9
+ * DISCLAIMER
10
+ *
11
+ * Do not edit or add to this file if you wish to upgrade to newer
12
+ * versions in the future.
13
+ *
14
+ * @category ET
15
+ * @package ET_IpSecurity
16
+ * @copyright Copyright (c) 2012 ET Web Solutions (http://etwebsolutions.com)
17
+ * @contacts support@etwebsolutions.com
18
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
19
+ */
20
+ -->
21
+
22
+ <config>
23
+ <modules>
24
+ <ET_IpSecurity>
25
+ <name>ET Ip Security</name>
26
+ <version>2.1.0</version>
27
+ <descr>
28
+ <ru_RU><![CDATA[Модуль позволяет ограничивать доступ к сайту посетителям по IP, IP маскам или диапозону IP.
29
+ <br>При срабатывании правила перенаправляет посетителя на указанную CMS страницу или просто на пустую страницу.
30
+ Также может оповестить владельца сайта о сработавшем правиле по е-майл.
31
+ <br><br>
32
+ Доступна функция отключения сайта на техническое обслуживание.]]>
33
+ </ru_RU>
34
+ <en_US><![CDATA[Extension allows to restrict access to website for visitors by IP, IP mask or IP range.
35
+ <br>When blocking rule is triggered user will be redirected to selected CMS page or blank page.
36
+ Extension can also notify website owner about blocked visitor by email.
37
+ <br><br>
38
+ Secondary feature: Allows to turn off frontend during maintenance operations.]]>
39
+ </en_US>
40
+ </descr>
41
+ <permanentlink>
42
+ <ru_RU>http://shop.etwebsolutions.com/rus/et-ip-security.html</ru_RU>
43
+ <en_US>http://shop.etwebsolutions.com/eng/et-ip-security.html</en_US>
44
+ </permanentlink>
45
+ <license>
46
+ <ru_RU><![CDATA[ETWS Свободная лицензия (EFL1)]]></ru_RU>
47
+ <en_US><![CDATA[ETWS Free License (EFL1)]]></en_US>
48
+ </license>
49
+ <licenselink>
50
+ <ru_RU>http://shop.etwebsolutions.com/rus/etws-license-free-v1</ru_RU>
51
+ <en_US>http://shop.etwebsolutions.com/eng/etws-license-free-v1</en_US>
52
+ </licenselink>
53
+ <redminelink>http://support.etwebsolutions.com/projects/et-ipsecurity/roadmap</redminelink>
54
+ <ourserviceslink>
55
+ <ru_RU>http://shop.etwebsolutions.com/rus/our-services</ru_RU>
56
+ <en_US>http://shop.etwebsolutions.com/eng/our-services</en_US>
57
+ </ourserviceslink>
58
+ </ET_IpSecurity>
59
+ </modules>
60
+ <global>
61
+ <models>
62
+ <etipsecurity>
63
+ <class>ET_IpSecurity_Model</class>
64
+ <resourceModel>etipsecurity_mysql4</resourceModel>
65
+ </etipsecurity>
66
+ <etipsecurity_mysql4>
67
+ <class>ET_IpSecurity_Model_Mysql4</class>
68
+ <entities>
69
+ <ipsecuritylog>
70
+ <table>ipsecurity_log</table>
71
+ </ipsecuritylog>
72
+ </entities>
73
+ </etipsecurity_mysql4>
74
+ </models>
75
+ <helpers>
76
+ <etipsecurity>
77
+ <class>ET_IpSecurity_Helper</class>
78
+ </etipsecurity>
79
+ </helpers>
80
+ <blocks>
81
+ <etipsecurity>
82
+ <class>ET_IpSecurity_Block</class>
83
+ </etipsecurity>
84
+ </blocks>
85
+ <resources>
86
+ <ipsecurity_setup>
87
+ <setup>
88
+ <module>ET_IpSecurity</module>
89
+ </setup>
90
+ <connection>
91
+ <use>core_setup</use>
92
+ </connection>
93
+ </ipsecurity_setup>
94
+ <etipsecurity_write>
95
+ <connection>
96
+ <use>core_write</use>
97
+ </connection>
98
+ </etipsecurity_write>
99
+ <etipsecurity_read>
100
+ <connection>
101
+ <use>core_read</use>
102
+ </connection>
103
+ </etipsecurity_read>
104
+ </resources>
105
+
106
+
107
+ <template>
108
+ <email>
109
+ <etipsecurity_ipsecurityfront_email_template translate="label" module="etipsecurity">
110
+ <label>Security Violence to Frontend</label>
111
+ <file>et_ipsecurity.html</file>
112
+ <type>text</type>
113
+ </etipsecurity_ipsecurityfront_email_template>
114
+ <etipsecurity_ipsecurityadmin_email_template translate="label" module="etipsecurity">
115
+ <label>Security Violence to Admin</label>
116
+ <file>et_ipsecurity_admin.html</file>
117
+ <type>text</type>
118
+ </etipsecurity_ipsecurityadmin_email_template>
119
+ </email>
120
+ </template>
121
+
122
+
123
+ <events>
124
+ <!--
125
+ <admin_session_user_login_failed>
126
+ <observers>
127
+ <ET_IpSecurity_observer>
128
+ <type>singleton</type>
129
+ <class>etipsecurity/observer</class>
130
+ <method>onAdminLoginFailed</method>
131
+ </ET_IpSecurity_observer>
132
+ </observers>
133
+ </admin_session_user_login_failed>
134
+ -->
135
+ <controller_front_init_routers>
136
+ <observers>
137
+ <ET_IpSecurity_observer>
138
+ <type>singleton</type>
139
+ <class>etipsecurity/observer</class>
140
+ <method>onLoadingDownloader</method>
141
+ </ET_IpSecurity_observer>
142
+ </observers>
143
+ </controller_front_init_routers>
144
+ </events>
145
+ </global>
146
+
147
+ <default>
148
+ <etipsecurity>
149
+ <global_settings>
150
+ <get_ip_method>REMOTE_ADDR</get_ip_method>
151
+ </global_settings>
152
+ <ipsecurityfront>
153
+ <email_always>0</email_always>
154
+ </ipsecurityfront>
155
+ <ipsecurityadmin>
156
+ <email_always>0</email_always>
157
+ </ipsecurityadmin>
158
+ <ipsecuritymaintetance>
159
+ <enabled>0</enabled>
160
+ <message><![CDATA[
161
+ <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
162
+ <head>
163
+ <title>We're sorry, but our website is under maintenance.</title>
164
+ <style>
165
+ body {
166
+ background:#FFF none repeat scroll 0 0;
167
+ color:#000;
168
+ font-family:Helvetica,Arial,Verdana,sans-serif;
169
+ font-size:12px;
170
+
171
+ margin:0;
172
+ padding:0;
173
+ text-align:center;
174
+ }
175
+ h1
176
+ {
177
+ margin:0px;
178
+ padding:0px;
179
+ margin-top:30%;
180
+ font-size: 25pt;
181
+ display:block;
182
+ }
183
+ h2
184
+ {
185
+ padding:0px;
186
+ margin-top: 5px;
187
+ font-size: 18pt;
188
+ }
189
+
190
+ </style>
191
+ </head>
192
+
193
+ <body>
194
+ <h1>We're sorry, but our website is under maintenance.</h1>
195
+ <h2>Please try refreshing this page later.</h2>
196
+ </body>
197
+ ]]>
198
+ </message>
199
+ <remindermessage>
200
+ <![CDATA[<p style="margin:0; padding:6px 10px; background:#d75f07; font-size:12px; line-height:1.15; text-align:center; color:#fff;">This store is under maintenance. Yo can see this page because your IP is in exception list.</p>]]></remindermessage>
201
+ </ipsecuritymaintetance>
202
+ </etipsecurity>
203
+ </default>
204
+
205
+
206
+ <frontend>
207
+ <events>
208
+ <controller_action_predispatch>
209
+ <observers>
210
+ <ET_IpSecurity_observer>
211
+ <type>singleton</type>
212
+ <class>etipsecurity/observer</class>
213
+ <method>onLoadingFrontend</method>
214
+ </ET_IpSecurity_observer>
215
+ </observers>
216
+ </controller_action_predispatch>
217
+ </events>
218
+ </frontend>
219
+ <admin>
220
+ <routers>
221
+ <etipsecurity>
222
+ <use>admin</use>
223
+ <args>
224
+ <module>ET_IpSecurity</module>
225
+ <frontName>etipsecurity</frontName>
226
+ </args>
227
+ </etipsecurity>
228
+ </routers>
229
+ </admin>
230
+ <adminhtml>
231
+ <events>
232
+ <controller_action_predispatch>
233
+ <observers>
234
+ <ET_IpSecurity_observer>
235
+ <type>singleton</type>
236
+ <class>etipsecurity/observer</class>
237
+ <method>onLoadingAdmin</method>
238
+ </ET_IpSecurity_observer>
239
+ </observers>
240
+ </controller_action_predispatch>
241
+ </events>
242
+ <menu>
243
+ <customer>
244
+ <children>
245
+ <etipsecurity translate="title" module="etipsecurity">
246
+ <title>ET IP Security log</title>
247
+ <action>etipsecurity/adminhtml_log</action>
248
+ <sort_order>300</sort_order>
249
+ </etipsecurity>
250
+ </children>
251
+ </customer>
252
+ </menu>
253
+ <acl>
254
+ <resources>
255
+ <admin>
256
+ <children>
257
+ <system>
258
+ <children>
259
+ <config>
260
+ <children>
261
+ <etipsecurity translate="title" module="etipsecurity">
262
+ <title>ET IP Security Section</title>
263
+ <sort_order>300</sort_order>
264
+ </etipsecurity>
265
+ </children>
266
+ </config>
267
+ </children>
268
+ </system>
269
+ <customer>
270
+ <children>
271
+ <etipsecurity translate="title" module="etipsecurity">
272
+ <title>ET IP Security log</title>
273
+ <sort_order>300</sort_order>
274
+ </etipsecurity>
275
+ </children>
276
+ </customer>
277
+ </children>
278
+ </admin>
279
+ </resources>
280
+ </acl>
281
+ <translate>
282
+ <modules>
283
+ <ET_IpSecurity>
284
+ <files>
285
+ <default>ET_IpSecurity.csv</default>
286
+ </files>
287
+ </ET_IpSecurity>
288
+ </modules>
289
+ </translate>
290
+ <layout>
291
+ <updates>
292
+ <etipsecurity>
293
+ <file>et_ipsecurity.xml</file>
294
+ </etipsecurity>
295
+ </updates>
296
+ </layout>
297
+ </adminhtml>
298
+ <phpunit>
299
+ <suite>
300
+ <modules>
301
+ <ET_IpSecurity />
302
+ </modules>
303
+ </suite>
304
+ </phpunit>
305
+ </config>
app/code/community/ET/IpSecurity/etc/system.xml CHANGED
@@ -1,270 +1,297 @@
1
- <?xml version="1.0"?>
2
- <!--
3
- /**
4
- * NOTICE OF LICENSE
5
- *
6
- * You may not sell, sub-license, rent or lease
7
- * any portion of the Software or Documentation to anyone.
8
- *
9
- * DISCLAIMER
10
- *
11
- * Do not edit or add to this file if you wish to upgrade to newer
12
- * versions in the future.
13
- *
14
- * @category ET
15
- * @package ET_IpSecurity
16
- * @copyright Copyright (c) 2012 ET Web Solutions (http://etwebsolutions.com)
17
- * @contacts support@etwebsolutions.com
18
- * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
19
- */
20
- -->
21
-
22
- <config>
23
- <tabs>
24
- <etall translate="label">
25
- <label>ET Extensions</label>
26
- <sort_order>400</sort_order>
27
- </etall>
28
- </tabs>
29
-
30
- <sections>
31
- <etipsecurity translate="label" module="etipsecurity">
32
- <label>IP Security</label>
33
- <tab>etall</tab>
34
- <frontend_type>text</frontend_type>
35
- <sort_order>300</sort_order>
36
- <show_in_default>1</show_in_default>
37
- <show_in_website>1</show_in_website>
38
- <show_in_store>1</show_in_store>
39
- <groups>
40
- <info translate="label">
41
- <label>IP Security information</label>
42
- <sort_order>1</sort_order>
43
- <show_in_default>1</show_in_default>
44
- <show_in_website>1</show_in_website>
45
- <show_in_store>1</show_in_store>
46
- <fields>
47
- <support_information>
48
- <frontend_model>etipsecurity/adminhtml_support</frontend_model>
49
- <sort_order>100</sort_order>
50
- <show_in_default>1</show_in_default>
51
- <show_in_website>1</show_in_website>
52
- <show_in_store>1</show_in_store>
53
- </support_information>
54
- </fields>
55
- </info>
56
- <ipsecurityfront translate="label comment">
57
- <label>IP Security - Frontend</label>
58
- <sort_order>10</sort_order>
59
- <show_in_default>1</show_in_default>
60
- <show_in_website>1</show_in_website>
61
- <show_in_store>1</show_in_store>
62
- <fields>
63
- <allow translate="label comment">
64
- <label>Allow these IPs</label>
65
- <comment>Visitors with other IPs will be blocked.</comment>
66
- <frontend_type>textarea</frontend_type>
67
- <sort_order>10</sort_order>
68
- <show_in_default>1</show_in_default>
69
- <show_in_website>1</show_in_website>
70
- <show_in_store>1</show_in_store>
71
- </allow>
72
- <block translate="label">
73
- <label>Block these IPs</label>
74
- <frontend_type>textarea</frontend_type>
75
- <sort_order>20</sort_order>
76
- <show_in_default>1</show_in_default>
77
- <show_in_website>1</show_in_website>
78
- <show_in_store>1</show_in_store>
79
- </block>
80
- <redirect_blank translate="label comment">
81
- <label>Redirect to blank page</label>
82
- <comment><![CDATA[When blocking rule is triggered visitor will be redirected to a blank page with blocking rule description.]]></comment>
83
- <frontend_type>select</frontend_type>
84
- <source_model>adminhtml/system_config_source_yesno</source_model>
85
- <sort_order>30</sort_order>
86
- <show_in_default>1</show_in_default>
87
- <show_in_website>1</show_in_website>
88
- <show_in_store>1</show_in_store>
89
- </redirect_blank>
90
- <redirect_page translate="label comment">
91
- <label>Redirect to CMS page</label>
92
- <comment>Visitor will not be notified about blocking rule redirection.</comment>
93
- <frontend_type>select</frontend_type>
94
- <source_model>adminhtml/system_config_source_cms_page</source_model>
95
- <sort_order>40</sort_order>
96
- <show_in_default>1</show_in_default>
97
- <show_in_website>1</show_in_website>
98
- <show_in_store>1</show_in_store>
99
- </redirect_page>
100
- <email_event translate="label comment">
101
- <label>Mail block events to</label>
102
- <comment><![CDATA[You can specify multiple recipients. Comma separated. For example: admin1@example.com, admin2@example.com]]></comment>
103
- <frontend_type>text</frontend_type>
104
- <sort_order>50</sort_order>
105
- <show_in_default>1</show_in_default>
106
- <show_in_website>1</show_in_website>
107
- <show_in_store>1</show_in_store>
108
- </email_event>
109
- <email_template translate="label">
110
- <label>Email Template</label>
111
- <frontend_type>select</frontend_type>
112
- <source_model>adminhtml/system_config_source_email_template</source_model>
113
- <sort_order>60</sort_order>
114
- <show_in_default>1</show_in_default>
115
- <show_in_website>1</show_in_website>
116
- <show_in_store>1</show_in_store>
117
- </email_template>
118
- <email_identity translate="label">
119
- <label>Store email</label>
120
- <frontend_type>select</frontend_type>
121
- <source_model>adminhtml/system_config_source_email_identity</source_model>
122
- <sort_order>70</sort_order>
123
- <show_in_default>1</show_in_default>
124
- <show_in_website>1</show_in_website>
125
- <show_in_store>1</show_in_store>
126
- </email_identity>
127
- <email_always translate="label comment">
128
- <label>Email always</label>
129
- <comment><![CDATA[Yes - mail notification will be sent every time when blocking rule applies. No - mail notification will be sent when IP is blocked for first time and each 10th time blocking occurs.]]></comment>
130
- <frontend_type>select</frontend_type>
131
- <source_model>adminhtml/system_config_source_yesno</source_model>
132
- <sort_order>80</sort_order>
133
- <show_in_default>1</show_in_default>
134
- <show_in_website>1</show_in_website>
135
- <show_in_store>1</show_in_store>
136
- </email_always>
137
- </fields>
138
- </ipsecurityfront>
139
- <ipsecurityadmin translate="label comment">
140
- <label>IP Security - Admin</label>
141
- <sort_order>20</sort_order>
142
- <show_in_default>1</show_in_default>
143
- <show_in_website>1</show_in_website>
144
- <show_in_store>1</show_in_store>
145
- <fields>
146
- <allow translate="label comment">
147
- <label>Allow these IPs</label>
148
- <frontend_type>textarea</frontend_type>
149
- <comment>Be careful not to lock yourself out!</comment>
150
- <sort_order>10</sort_order>
151
- <show_in_default>1</show_in_default>
152
- <show_in_website>1</show_in_website>
153
- <show_in_store>1</show_in_store>
154
- </allow>
155
- <block translate="label">
156
- <label>Block these IPs</label>
157
- <frontend_type>textarea</frontend_type>
158
- <sort_order>20</sort_order>
159
- <show_in_default>1</show_in_default>
160
- <show_in_website>1</show_in_website>
161
- <show_in_store>1</show_in_store>
162
- </block>
163
- <redirect_blank translate="label comment">
164
- <label>Redirect to blank page</label>
165
- <comment><![CDATA[When blocking rule is triggered visitor will be redirected to a blank page with blocking rule description.]]></comment>
166
- <frontend_type>select</frontend_type>
167
- <source_model>adminhtml/system_config_source_yesno</source_model>
168
- <sort_order>30</sort_order>
169
- <show_in_default>1</show_in_default>
170
- <show_in_website>1</show_in_website>
171
- <show_in_store>1</show_in_store>
172
- </redirect_blank>
173
- <redirect_page translate="label">
174
- <label>Redirect to CMS page</label>
175
- <frontend_type>select</frontend_type>
176
- <source_model>adminhtml/system_config_source_cms_page</source_model>
177
- <sort_order>40</sort_order>
178
- <show_in_default>1</show_in_default>
179
- <show_in_website>1</show_in_website>
180
- <show_in_store>1</show_in_store>
181
- </redirect_page>
182
- <email_event translate="label comment">
183
- <label>Mail block events to</label>
184
- <comment><![CDATA[You can specify multiple recipients. Comma separated. For example: admin1@example.com, admin2@example.com]]></comment>
185
- <frontend_type>text</frontend_type>
186
- <sort_order>50</sort_order>
187
- <show_in_default>1</show_in_default>
188
- <show_in_website>1</show_in_website>
189
- <show_in_store>1</show_in_store>
190
- </email_event>
191
- <email_template translate="label">
192
- <label>Email Template</label>
193
- <frontend_type>select</frontend_type>
194
- <source_model>adminhtml/system_config_source_email_template</source_model>
195
- <sort_order>60</sort_order>
196
- <show_in_default>1</show_in_default>
197
- <show_in_website>1</show_in_website>
198
- <show_in_store>1</show_in_store>
199
- </email_template>
200
- <email_identity translate="label">
201
- <label>Store email</label>
202
- <frontend_type>select</frontend_type>
203
- <source_model>adminhtml/system_config_source_email_identity</source_model>
204
- <sort_order>70</sort_order>
205
- <show_in_default>1</show_in_default>
206
- <show_in_website>1</show_in_website>
207
- <show_in_store>1</show_in_store>
208
- </email_identity>
209
- <email_always translate="label comment">
210
- <label>Email always</label>
211
- <comment><![CDATA[Yes - mail notification will be sent every time when blocking rule applies. No - mail notification will be sent when IP is blocked for first time and each 10th time blocking occurs.]]></comment>
212
- <frontend_type>select</frontend_type>
213
- <source_model>adminhtml/system_config_source_yesno</source_model>
214
- <sort_order>80</sort_order>
215
- <show_in_default>1</show_in_default>
216
- <show_in_website>1</show_in_website>
217
- <show_in_store>1</show_in_store>
218
- </email_always>
219
- </fields>
220
- </ipsecurityadmin>
221
-
222
- <ipsecuritymaintetance translate="label comment">
223
- <label>IP Security - Maintenance page</label>
224
- <sort_order>30</sort_order>
225
- <show_in_default>1</show_in_default>
226
- <show_in_website>1</show_in_website>
227
- <show_in_store>1</show_in_store>
228
- <fields>
229
- <enabled translate="label comment">
230
- <label>Store Offline</label>
231
- <comment>For frontend only.</comment>
232
- <frontend_type>select</frontend_type>
233
- <source_model>adminhtml/system_config_source_yesno</source_model>
234
- <sort_order>10</sort_order>
235
- <show_in_default>1</show_in_default>
236
- <show_in_website>1</show_in_website>
237
- <show_in_store>1</show_in_store>
238
- </enabled>
239
- <except translate="label comment">
240
- <label>Except these IPs</label>
241
- <frontend_type>textarea</frontend_type>
242
- <comment>Visitors with these IPs will not be redirected to maintenance page.</comment>
243
- <sort_order>20</sort_order>
244
- <show_in_default>1</show_in_default>
245
- <show_in_website>1</show_in_website>
246
- <show_in_store>1</show_in_store>
247
- </except>
248
- <message translate="label">
249
- <label>Message</label>
250
- <frontend_type>textarea</frontend_type>
251
- <sort_order>30</sort_order>
252
- <show_in_default>1</show_in_default>
253
- <show_in_website>1</show_in_website>
254
- <show_in_store>1</show_in_store>
255
- </message>
256
- <remindermessage translate="label">
257
- <label>Reminder message</label>
258
- <comment><![CDATA[This message will be shown on frontend for visitors with IP adresses from exception list while maintenance mode is on.]]></comment>
259
- <frontend_type>textarea</frontend_type>
260
- <sort_order>40</sort_order>
261
- <show_in_default>1</show_in_default>
262
- <show_in_website>1</show_in_website>
263
- <show_in_store>1</show_in_store>
264
- </remindermessage>
265
- </fields>
266
- </ipsecuritymaintetance>
267
- </groups>
268
- </etipsecurity>
269
- </sections>
270
- </config>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?xml version="1.0"?>
2
+ <!--
3
+ /**
4
+ * NOTICE OF LICENSE
5
+ *
6
+ * You may not sell, sub-license, rent or lease
7
+ * any portion of the Software or Documentation to anyone.
8
+ *
9
+ * DISCLAIMER
10
+ *
11
+ * Do not edit or add to this file if you wish to upgrade to newer
12
+ * versions in the future.
13
+ *
14
+ * @category ET
15
+ * @package ET_IpSecurity
16
+ * @copyright Copyright (c) 2012 ET Web Solutions (http://etwebsolutions.com)
17
+ * @contacts support@etwebsolutions.com
18
+ * @license http://shop.etwebsolutions.com/etws-license-free-v1/ ETWS Free License (EFL1)
19
+ */
20
+ -->
21
+
22
+ <config>
23
+ <tabs>
24
+ <etall translate="label">
25
+ <label>ET Extensions</label>
26
+ <sort_order>400</sort_order>
27
+ </etall>
28
+ </tabs>
29
+
30
+ <sections>
31
+ <etipsecurity translate="label" module="etipsecurity">
32
+ <label>IP Security</label>
33
+ <tab>etall</tab>
34
+ <frontend_type>text</frontend_type>
35
+ <sort_order>300</sort_order>
36
+ <show_in_default>1</show_in_default>
37
+ <show_in_website>1</show_in_website>
38
+ <show_in_store>1</show_in_store>
39
+ <groups>
40
+ <info translate="label">
41
+ <label>IP Security information</label>
42
+ <sort_order>1</sort_order>
43
+ <show_in_default>1</show_in_default>
44
+ <show_in_website>1</show_in_website>
45
+ <show_in_store>1</show_in_store>
46
+ <fields>
47
+ <support_information>
48
+ <frontend_model>etipsecurity/adminhtml_support</frontend_model>
49
+ <sort_order>100</sort_order>
50
+ <show_in_default>1</show_in_default>
51
+ <show_in_website>1</show_in_website>
52
+ <show_in_store>1</show_in_store>
53
+ </support_information>
54
+ </fields>
55
+ </info>
56
+ <global_settings translate="label">
57
+ <label>Global Settings</label>
58
+ <sort_order>2</sort_order>
59
+ <show_in_default>1</show_in_default>
60
+ <show_in_website>1</show_in_website>
61
+ <show_in_store>1</show_in_store>
62
+ <fields>
63
+ <get_ip_method translate="label comment">
64
+ <label>Method to get IP</label>
65
+ <comment><![CDATA[Extension receives customer IP from server. Servers can store this information in different variables. Usually variable REMOTE_ADDR is used. But if your server is configured differently, you can select neccessary IP address get method.]]></comment>
66
+ <frontend_type>select</frontend_type>
67
+ <source_model>etipsecurity/ipVariable::getOptionArray</source_model>
68
+ <sort_order>100</sort_order>
69
+ <show_in_default>1</show_in_default>
70
+ <show_in_website>1</show_in_website>
71
+ <show_in_store>1</show_in_store>
72
+ </get_ip_method>
73
+ <methods_information translate="label">
74
+ <frontend_model>etipsecurity/adminhtml_getIpInfo</frontend_model>
75
+ <label>Current server values</label>
76
+ <sort_order>200</sort_order>
77
+ <show_in_default>1</show_in_default>
78
+ <show_in_website>1</show_in_website>
79
+ <show_in_store>1</show_in_store>
80
+ </methods_information>
81
+ </fields>
82
+ </global_settings>
83
+ <ipsecurityfront translate="label comment">
84
+ <label>IP Security - Frontend</label>
85
+ <sort_order>10</sort_order>
86
+ <show_in_default>1</show_in_default>
87
+ <show_in_website>1</show_in_website>
88
+ <show_in_store>1</show_in_store>
89
+ <fields>
90
+ <allow translate="label comment">
91
+ <label>Allow these IPs</label>
92
+ <comment><![CDATA[Visitors with other IPs will be blocked.]]></comment>
93
+ <frontend_type>textarea</frontend_type>
94
+ <sort_order>10</sort_order>
95
+ <show_in_default>1</show_in_default>
96
+ <show_in_website>1</show_in_website>
97
+ <show_in_store>1</show_in_store>
98
+ </allow>
99
+ <block translate="label">
100
+ <label>Block these IPs</label>
101
+ <frontend_type>textarea</frontend_type>
102
+ <sort_order>20</sort_order>
103
+ <show_in_default>1</show_in_default>
104
+ <show_in_website>1</show_in_website>
105
+ <show_in_store>1</show_in_store>
106
+ </block>
107
+ <redirect_blank translate="label comment">
108
+ <label>Redirect to blank page</label>
109
+ <comment><![CDATA[When blocking rule is triggered visitor will be redirected to a blank page with blocking rule description.]]></comment>
110
+ <frontend_type>select</frontend_type>
111
+ <source_model>adminhtml/system_config_source_yesno</source_model>
112
+ <sort_order>30</sort_order>
113
+ <show_in_default>1</show_in_default>
114
+ <show_in_website>1</show_in_website>
115
+ <show_in_store>1</show_in_store>
116
+ </redirect_blank>
117
+ <redirect_page translate="label comment">
118
+ <label>Redirect to CMS page</label>
119
+ <comment><![CDATA[Visitor will not be notified about blocking rule redirection.]]></comment>
120
+ <frontend_type>select</frontend_type>
121
+ <source_model>adminhtml/system_config_source_cms_page</source_model>
122
+ <sort_order>40</sort_order>
123
+ <show_in_default>1</show_in_default>
124
+ <show_in_website>1</show_in_website>
125
+ <show_in_store>1</show_in_store>
126
+ </redirect_page>
127
+ <email_event translate="label comment">
128
+ <label>Mail block events to</label>
129
+ <comment><![CDATA[You can specify multiple recipients. Comma separated. For example: admin1@example.com, admin2@example.com]]></comment>
130
+ <frontend_type>text</frontend_type>
131
+ <sort_order>50</sort_order>
132
+ <show_in_default>1</show_in_default>
133
+ <show_in_website>1</show_in_website>
134
+ <show_in_store>1</show_in_store>
135
+ </email_event>
136
+ <email_template translate="label">
137
+ <label>Email Template</label>
138
+ <frontend_type>select</frontend_type>
139
+ <source_model>adminhtml/system_config_source_email_template</source_model>
140
+ <sort_order>60</sort_order>
141
+ <show_in_default>1</show_in_default>
142
+ <show_in_website>1</show_in_website>
143
+ <show_in_store>1</show_in_store>
144
+ </email_template>
145
+ <email_identity translate="label">
146
+ <label>Store email</label>
147
+ <frontend_type>select</frontend_type>
148
+ <source_model>adminhtml/system_config_source_email_identity</source_model>
149
+ <sort_order>70</sort_order>
150
+ <show_in_default>1</show_in_default>
151
+ <show_in_website>1</show_in_website>
152
+ <show_in_store>1</show_in_store>
153
+ </email_identity>
154
+ <email_always translate="label comment">
155
+ <label>Email always</label>
156
+ <comment><![CDATA[Yes - mail notification will be sent every time when blocking rule applies. No - mail notification will be sent when IP is blocked for first time and each 10th time blocking occurs.]]></comment>
157
+ <frontend_type>select</frontend_type>
158
+ <source_model>adminhtml/system_config_source_yesno</source_model>
159
+ <sort_order>80</sort_order>
160
+ <show_in_default>1</show_in_default>
161
+ <show_in_website>1</show_in_website>
162
+ <show_in_store>1</show_in_store>
163
+ </email_always>
164
+ </fields>
165
+ </ipsecurityfront>
166
+ <ipsecurityadmin translate="label comment">
167
+ <label>IP Security - Admin</label>
168
+ <sort_order>20</sort_order>
169
+ <show_in_default>1</show_in_default>
170
+ <show_in_website>1</show_in_website>
171
+ <show_in_store>1</show_in_store>
172
+ <fields>
173
+ <allow translate="label comment">
174
+ <label>Allow these IPs</label>
175
+ <frontend_type>textarea</frontend_type>
176
+ <comment>Be careful not to lock yourself out!</comment>
177
+ <sort_order>10</sort_order>
178
+ <show_in_default>1</show_in_default>
179
+ <show_in_website>1</show_in_website>
180
+ <show_in_store>1</show_in_store>
181
+ </allow>
182
+ <block translate="label">
183
+ <label>Block these IPs</label>
184
+ <frontend_type>textarea</frontend_type>
185
+ <sort_order>20</sort_order>
186
+ <show_in_default>1</show_in_default>
187
+ <show_in_website>1</show_in_website>
188
+ <show_in_store>1</show_in_store>
189
+ </block>
190
+ <redirect_blank translate="label comment">
191
+ <label>Redirect to blank page</label>
192
+ <comment><![CDATA[When blocking rule is triggered visitor will be redirected to a blank page with blocking rule description.]]></comment>
193
+ <frontend_type>select</frontend_type>
194
+ <source_model>adminhtml/system_config_source_yesno</source_model>
195
+ <sort_order>30</sort_order>
196
+ <show_in_default>1</show_in_default>
197
+ <show_in_website>1</show_in_website>
198
+ <show_in_store>1</show_in_store>
199
+ </redirect_blank>
200
+ <redirect_page translate="label">
201
+ <label>Redirect to CMS page</label>
202
+ <frontend_type>select</frontend_type>
203
+ <source_model>adminhtml/system_config_source_cms_page</source_model>
204
+ <sort_order>40</sort_order>
205
+ <show_in_default>1</show_in_default>
206
+ <show_in_website>1</show_in_website>
207
+ <show_in_store>1</show_in_store>
208
+ </redirect_page>
209
+ <email_event translate="label comment">
210
+ <label>Mail block events to</label>
211
+ <comment><![CDATA[You can specify multiple recipients. Comma separated. For example: admin1@example.com, admin2@example.com]]></comment>
212
+ <frontend_type>text</frontend_type>
213
+ <sort_order>50</sort_order>
214
+ <show_in_default>1</show_in_default>
215
+ <show_in_website>1</show_in_website>
216
+ <show_in_store>1</show_in_store>
217
+ </email_event>
218
+ <email_template translate="label">
219
+ <label>Email Template</label>
220
+ <frontend_type>select</frontend_type>
221
+ <source_model>adminhtml/system_config_source_email_template</source_model>
222
+ <sort_order>60</sort_order>
223
+ <show_in_default>1</show_in_default>
224
+ <show_in_website>1</show_in_website>
225
+ <show_in_store>1</show_in_store>
226
+ </email_template>
227
+ <email_identity translate="label">
228
+ <label>Store email</label>
229
+ <frontend_type>select</frontend_type>
230
+ <source_model>adminhtml/system_config_source_email_identity</source_model>
231
+ <sort_order>70</sort_order>
232
+ <show_in_default>1</show_in_default>
233
+ <show_in_website>1</show_in_website>
234
+ <show_in_store>1</show_in_store>
235
+ </email_identity>
236
+ <email_always translate="label comment">
237
+ <label>Email always</label>
238
+ <comment><![CDATA[Yes - mail notification will be sent every time when blocking rule applies. No - mail notification will be sent when IP is blocked for first time and each 10th time blocking occurs.]]></comment>
239
+ <frontend_type>select</frontend_type>
240
+ <source_model>adminhtml/system_config_source_yesno</source_model>
241
+ <sort_order>80</sort_order>
242
+ <show_in_default>1</show_in_default>
243
+ <show_in_website>1</show_in_website>
244
+ <show_in_store>1</show_in_store>
245
+ </email_always>
246
+ </fields>
247
+ </ipsecurityadmin>
248
+
249
+ <ipsecuritymaintetance translate="label comment">
250
+ <label>IP Security - Maintenance page</label>
251
+ <sort_order>30</sort_order>
252
+ <show_in_default>1</show_in_default>
253
+ <show_in_website>1</show_in_website>
254
+ <show_in_store>1</show_in_store>
255
+ <fields>
256
+ <enabled translate="label comment">
257
+ <label>Store Offline</label>
258
+ <comment>For frontend only.</comment>
259
+ <frontend_type>select</frontend_type>
260
+ <source_model>adminhtml/system_config_source_yesno</source_model>
261
+ <sort_order>10</sort_order>
262
+ <show_in_default>1</show_in_default>
263
+ <show_in_website>1</show_in_website>
264
+ <show_in_store>1</show_in_store>
265
+ </enabled>
266
+ <except translate="label comment">
267
+ <label>Except these IPs</label>
268
+ <frontend_type>textarea</frontend_type>
269
+ <comment><![CDATA[Visitors with these IPs will not be redirected to maintenance page.]]></comment>
270
+ <sort_order>20</sort_order>
271
+ <show_in_default>1</show_in_default>
272
+ <show_in_website>1</show_in_website>
273
+ <show_in_store>1</show_in_store>
274
+ </except>
275
+ <message translate="label">
276
+ <label>Message</label>
277
+ <frontend_type>textarea</frontend_type>
278
+ <sort_order>30</sort_order>
279
+ <show_in_default>1</show_in_default>
280
+ <show_in_website>1</show_in_website>
281
+ <show_in_store>1</show_in_store>
282
+ </message>
283
+ <remindermessage translate="label">
284
+ <label>Reminder message</label>
285
+ <comment><![CDATA[This message will be shown on frontend for visitors with IP adresses from exception list while maintenance mode is on.]]></comment>
286
+ <frontend_type>textarea</frontend_type>
287
+ <sort_order>40</sort_order>
288
+ <show_in_default>1</show_in_default>
289
+ <show_in_website>1</show_in_website>
290
+ <show_in_store>1</show_in_store>
291
+ </remindermessage>
292
+ </fields>
293
+ </ipsecuritymaintetance>
294
+ </groups>
295
+ </etipsecurity>
296
+ </sections>
297
+ </config>
app/locale/en_US/template/email/et_ipsecurity.html CHANGED
@@ -1,7 +1,7 @@
1
- <!--@subject IP Security - Security Violence @-->
2
- Rejected access to {{var storetype}} from
3
-
4
- ip: {{var ip}}
5
- ip rules: {{var ip_rule}}
6
-
7
  time: {{var date}}
1
+ <!--@subject IP Security - Security Violence @-->
2
+ Rejected access to {{var storetype}} ({{var url}}) from
3
+
4
+ ip: {{var ip}}
5
+ ip rules: {{var ip_rule}}
6
+
7
  time: {{var date}}
app/locale/en_US/template/email/et_ipsecurity_admin.html CHANGED
@@ -1,7 +1,7 @@
1
- <!--@subject IP Security - Security Violence @-->
2
- Rejected access to {{var storetype}} from
3
-
4
- ip: {{var ip}}
5
- ip rules: {{var ip_rule}}
6
-
7
  time: {{var date}}
1
+ <!--@subject IP Security - Security Violence @-->
2
+ Rejected access to {{var storetype}} ({{var url}}) from
3
+
4
+ ip: {{var ip}}
5
+ ip rules: {{var ip_rule}}
6
+
7
  time: {{var date}}
app/locale/ru_RU/ET_IpSecurity.csv CHANGED
@@ -1,47 +1,55 @@
1
- "IP Security information","Информация о модуле IP Security"
2
- "Security Violence to Frontend","Правило блокировки. Пользовательская часть"
3
- "Security Violence to Admin","Правило блокировки. Панель администрирования"
4
- "IP Security - Frontend","IP Security - Пользовательская часть"
5
- "IP Security - Admin","IP Security - Панель администрирования"
6
- "Allow these IPs","Разрешённые IP"
7
- "Visitors with other IPs will be blocked.","Посетители с другими IP адресами будут заблокированы."
8
- "Block these IPs","Заблокированные IP"
9
- "Redirect to blank page","Перенаправить на пустую страницу"
10
- "When blocking rule is triggered visitor will be redirected to a blank page with blocking rule description.","При сработавшем правиле блокировки посетитель будет перенаправлен на пустую страницу с указанием причины блокировки."
11
- "Redirect to CMS page","Перенаправить на CMS страницу"
12
- "Mail block events to","Оповестить при блокировке"
13
- "You can specify multiple recipients. Comma separated. For example: admin1@example.com, admin2@example.com","Можно указывать несколько получателей. Разделитель запятая. Например: admin1@example.com,admin2@example.com"
14
- "Email Template","Email. Шаблон"
15
- "Store email","Email. Отправитель"
16
- "Be careful not to lock yourself out!","Будьте осторожны: не заблокируйте себя!"
17
- "Visitor will not be notified about blocking rule redirection.","Посетитель не будет предупреждён о срабатывании правила блокировки."
18
- "IP Security - Maintenance page","IP Security - Техническое обслуживание"
19
- "Store Offline","Технические работы"
20
- "Except these IPs","IP - исключения"
21
- "Visitors with these IPs will not be redirected to maintenance page.","Посетители с этими IP адресами не будут перенаправлены на страницу с сообщением о техническом обслуживании."
22
- "Message","Сообщение о тех. обслуживании"
23
- "Reminder message","Напоминание"
24
- "This message will be shown on frontend for visitors with IP adresses from exception list while maintenance mode is on.","Это сообщение будет показываться в пользовательской части для посетителей с IP адресами из списка исключений во время технического обслуживания."
25
- "For frontend only.","Только для пользовательской части."
26
- "Email always","Оповещать всегда"
27
- "Yes - mail notification will be sent every time when blocking rule applies. No - mail notification will be sent when IP is blocked for first time and each 10th time blocking occurs.","Да - оповещение будет отсылаться при каждой блокировке. Нет - оповещение будет отослано, если IP заблокирован первый раз или количество блокировок кратно 10."
28
- "ET IP Security log","ET IP Security журнал"
29
- "ET IP Security log table","ET IP Security журнал блокировок"
30
- "Blocked IP","Блокированный IP"
31
- "Qty blocked","Блокировано раз"
32
- "First block","Первая блокировка"
33
- "Last block","Последняя блокировка"
34
- "Blocked from","Заблокировано в"
35
- "Last block rule","Последнее сработашее правило"
36
- "Not in allowed list","Нет в разрешённых"
37
-
38
- "Extension:","Модуль:"
39
- "<strong>%s</strong> (version %s)","<strong>%s</strong> (версия %s)"
40
- "License:","Лицензия:"
41
- "Short Description:","Краткое описание:"
42
- "Documentation:","Документация:"
43
- "Support:","Поддержка:"
44
- "Advertisement:","Реклама:"
45
- "You can see description of extension features and answers to the frequently asked questions on <a href=""%s"" target=""_blank"">our website</a>.","Описание позможностей модуля и ответы на часто задаваемые вопросы смотрите на <a href=""%s"" target=""_blank"">нашем сайте</a>."
46
- "You can hire our team to customize the extension. E-mail us on sales@etwebsolutions.com.<br><br>You can see a list of provided services on <a href=""%s"" target=""_blank"">our website</a>.","Вы можете нанять нашу команду для любых работ по модификации модуля. Пишите на адрес sales@etwebsolutions.com.<br><br>Со списком предоставляемых нами услуг вы можете ознакомиться <a href=""%s"" target=""_blank"">на нашем сайте</a>."
47
- "Extension support is available through <a href=""%s"" target=""_blank"">issue tracking system</a>.<br>You can see information freely, but you will have to sign up to open a ticket.<br><br>Please, report all bugs and feature requests that are related to this extension.<br><br>If by some reason you can not submit a question, bug report or feature request to our ticket system, you can write us an email - support@etwebsolutions.com.","Поддержка модуля осуществляется через <a href=""%s"" target=""_blank"">систему отслеживания заданий</a>.<br>Для создания задачи будет необходимо зарегистрироваться. Для просмотра информации регистрация не требуется.<br><br>Пожалуйста, сообщайте нам о найденных ошибках и о своих пожеланиях в рамках этого модуля.<br><br>Если по каким-либо причинам вы не можете размеситить вопрос/сообщение об ошибке/пожелание в списке задач, то можете написать нам по адресу support@etwebsolutions.com."
 
 
 
 
 
 
 
 
1
+ "IP Security information","Информация о модуле IP Security"
2
+ "Security Violence to Frontend","Правило блокировки. Пользовательская часть"
3
+ "Security Violence to Admin","Правило блокировки. Панель администрирования"
4
+ "IP Security - Frontend","IP Security - Пользовательская часть"
5
+ "IP Security - Admin","IP Security - Панель администрирования"
6
+ "Allow these IPs","Разрешённые IP"
7
+ "Visitors with other IPs will be blocked.","Посетители с другими IP адресами будут заблокированы."
8
+ "Block these IPs","Заблокированные IP"
9
+ "Redirect to blank page","Перенаправить на пустую страницу"
10
+ "When blocking rule is triggered visitor will be redirected to a blank page with blocking rule description.","При сработавшем правиле блокировки посетитель будет перенаправлен на пустую страницу с указанием причины блокировки."
11
+ "Redirect to CMS page","Перенаправить на CMS страницу"
12
+ "Mail block events to","Оповестить при блокировке"
13
+ "You can specify multiple recipients. Comma separated. For example: admin1@example.com, admin2@example.com","Можно указывать несколько получателей. Разделитель запятая. Например: admin1@example.com,admin2@example.com"
14
+ "Email Template","Email. Шаблон"
15
+ "Store email","Email. Отправитель"
16
+ "Be careful not to lock yourself out!","Будьте осторожны: не заблокируйте себя!"
17
+ "Visitor will not be notified about blocking rule redirection.","Посетитель не будет предупреждён о срабатывании правила блокировки."
18
+ "IP Security - Maintenance page","IP Security - Техническое обслуживание"
19
+ "Store Offline","Технические работы"
20
+ "Except these IPs","IP - исключения"
21
+ "Visitors with these IPs will not be redirected to maintenance page.","Посетители с этими IP адресами не будут перенаправлены на страницу с сообщением о техническом обслуживании."
22
+ "Message","Сообщение о тех. обслуживании"
23
+ "Reminder message","Напоминание"
24
+ "This message will be shown on frontend for visitors with IP adresses from exception list while maintenance mode is on.","Это сообщение будет показываться в пользовательской части для посетителей с IP адресами из списка исключений во время технического обслуживания."
25
+ "For frontend only.","Только для пользовательской части."
26
+ "Email always","Оповещать всегда"
27
+ "Yes - mail notification will be sent every time when blocking rule applies. No - mail notification will be sent when IP is blocked for first time and each 10th time blocking occurs.","Да - оповещение будет отсылаться при каждой блокировке. Нет - оповещение будет отослано, если IP заблокирован первый раз или количество блокировок кратно 10."
28
+ "ET IP Security log","ET IP Security журнал"
29
+ "ET IP Security log table","ET IP Security журнал блокировок"
30
+ "Blocked IP","Блокированный IP"
31
+ "Qty blocked","Блокировано раз"
32
+ "First block","Первая блокировка"
33
+ "Last block","Последняя блокировка"
34
+ "Blocked from","Заблокировано в"
35
+ "Last block rule","Последнее сработашее правило"
36
+ "Not in allowed list","Нет в разрешённых"
37
+ "this method:","Этот метод:"
38
+ "returns","возвращает"
39
+ "Nothing","Ничего"
40
+ "Method to get IP","Метод получения IP"
41
+ "Current server values","Значения на этом сервере"
42
+ "Extension receives customer IP from server. Servers can store this information in different variables. Usually variable REMOTE_ADDR is used. But if your server is configured differently, you can select neccessary IP address get method.","Модуль получает IP адрес посетителя от сервера. Сервера могут хранить эту информацию в разных переменных. Обычно это переменная REMOTE_ADDR. Но если ваш сервер настроен по другому, то вы можете указать нужный метод получения IP адреса."
43
+ "Below is a list of standard variables where the server can store the IP address of the visitor, and what each of these variables contains on your server:<br><br>","Ниже представлен список стандартных переменных, в которых сервера могут хранить IP адрес посетителя, и что находится в каждой из этих переменных на вашем сервере:<br><br>"
44
+ "Global Settings","Глобальные настройки"
45
+
46
+ "Extension:","Модуль:"
47
+ "<strong>%s</strong> (version %s)","<strong>%s</strong> (версия %s)"
48
+ "License:","Лицензия:"
49
+ "Short Description:","Краткое описание:"
50
+ "Documentation:","Документация:"
51
+ "Support:","Поддержка:"
52
+ "Advertisement:","Реклама:"
53
+ "You can see description of extension features and answers to the frequently asked questions on <a href=""%s"" target=""_blank"">our website</a>.","Описание позможностей модуля и ответы на часто задаваемые вопросы смотрите на <a href=""%s"" target=""_blank"">нашем сайте</a>."
54
+ "You can hire our team to customize the extension. E-mail us on sales@etwebsolutions.com.<br><br>You can see a list of provided services on <a href=""%s"" target=""_blank"">our website</a>.","Вы можете нанять нашу команду для любых работ по модификации модуля. Пишите на адрес sales@etwebsolutions.com.<br><br>Со списком предоставляемых нами услуг вы можете ознакомиться <a href=""%s"" target=""_blank"">на нашем сайте</a>."
55
+ "Extension support is available through <a href=""%s"" target=""_blank"">issue tracking system</a>.<br>You can see information freely, but you will have to sign up to open a ticket.<br><br>Please, report all bugs and feature requests that are related to this extension.<br><br>If by some reason you can not submit a question, bug report or feature request to our ticket system, you can write us an email - support@etwebsolutions.com.","Поддержка модуля осуществляется через <a href=""%s"" target=""_blank"">систему отслеживания заданий</a>.<br>Для создания задачи будет необходимо зарегистрироваться. Для просмотра информации регистрация не требуется.<br><br>Пожалуйста, сообщайте нам о найденных ошибках и о своих пожеланиях в рамках этого модуля.<br><br>Если по каким-либо причинам вы не можете размеситить вопрос/сообщение об ошибке/пожелание в списке задач, то можете написать нам по адресу support@etwebsolutions.com."
app/locale/ru_RU/template/email/et_ipsecurity.html CHANGED
@@ -1,7 +1,7 @@
1
- <!--@subject IP Security - сработало правило блокировки @-->
2
- Запрещён доступ к {{var storetype}} с
3
-
4
- ip: {{var ip}}
5
- ip маски: {{var ip_rule}}
6
-
7
  время: {{var date}}
1
+ <!--@subject IP Security - сработало правило блокировки @-->
2
+ Запрещён доступ к {{var storetype}} ({{var url}}) с
3
+
4
+ ip: {{var ip}}
5
+ ip маски: {{var ip_rule}}
6
+
7
  время: {{var date}}
app/locale/ru_RU/template/email/et_ipsecurity_admin.html CHANGED
@@ -1,7 +1,7 @@
1
- <!--@subject IP Security - сработало правило блокировки @-->
2
- Запрещён доступ к {{var storetype}} c
3
-
4
- ip: {{var ip}}
5
- ip маски: {{var ip_rule}}
6
-
7
  время: {{var date}}
1
+ <!--@subject IP Security - сработало правило блокировки @-->
2
+ Запрещён доступ к {{var storetype}} ({{var url}}) c
3
+
4
+ ip: {{var ip}}
5
+ ip маски: {{var ip_rule}}
6
+
7
  время: {{var date}}
package.xml CHANGED
@@ -1,7 +1,7 @@
1
  <?xml version="1.0"?>
2
  <package>
3
  <name>ET_IpSecurity</name>
4
- <version>2.0.1</version>
5
  <stability>stable</stability>
6
  <license uri="http://shop.etwebsolutions.com/eng/etws-license-free-v1">ETWS Free License (EFL1)</license>
7
  <channel>community</channel>
@@ -10,9 +10,9 @@
10
  <description>IP Security can restrict access to website by IP address or IP masks. When restrict rule is triggered, customer gets redirected to CMS page specified in settings or just blank page. You can get notifications about triggered rules by email. There is also opportunity to switch your website off for maintenance.</description>
11
  <notes>stable release</notes>
12
  <authors><author><name>Jurij</name><user>auto-converted</user><email>support@etwebsolutions.com</email></author><author><name>Andrej</name><user>auto-converted</user><email>support@etwebsolutions.com</email></author></authors>
13
- <date>2013-12-02</date>
14
- <time>11:39:30</time>
15
- <contents><target name="magecommunity"><dir name="ET"><dir name="IpSecurity"><dir name="Block"><dir name="Adminhtml"><dir name="Log"><dir name="Renderer"><file name="Translaterule.php" hash="ca65f7951033aa9012d28e2d57aef2a5"/></dir><file name="Grid.php" hash="2fb7a3f5f89954ed59c6fba4547d6633"/></dir><file name="Log.php" hash="71e986aa8d17ca38fbbebf293aaadb7c"/><file name="Support.php" hash="77efaf8ff27650fb652a42e4173734ba"/></dir></dir><dir name="Helper"><file name="Data.php" hash="c8f5c392b7723725fe78ca9d4b7e20a0"/></dir><dir name="Model"><dir name="Mysql4"><dir name="Ipsecuritylog"><file name="Collection.php" hash="d052dd9e02c801d4343dcc847e48a7b2"/></dir><file name="Ipsecuritylog.php" hash="bbefc57c3bea478057e6038f6882843c"/></dir><file name="Ipsecuritylog.php" hash="73e41e474f5bde2b994f097de68a2d3b"/><file name="Observer.php" hash="19fddc22bf759957b678a0ee9a8a39e3"/></dir><dir name="Test"><dir name="Model"><dir name="Observer"><dir name="providers"><file name="testIsIpAllowed.yaml" hash="404d102cf95f0ccce2169ff28bdbb74f"/><file name="testIsIpInList.yaml" hash="ba21c5f51a0b20d1e0e04ca3e1a9db11"/></dir></dir><file name="Observer.php" hash="173a1298271aeaa8811f8b7759975b0e"/></dir></dir><dir name="controllers"><dir name="Adminhtml"><file name="LogController.php" hash="3dc568a8b73ac5698041ecf1485c2e54"/></dir></dir><dir name="etc"><file name="config.xml" hash="a7acfc9aed90e8e2d3fb3f4d8e33c521"/><file name="system.xml" hash="1ba8b1ee4f1dde8b70d8618863bff7c4"/></dir><dir name="sql"><dir name="ipsecurity_setup"><file name="mysql4-install-1.5.php" hash="8ab37ac7b1e54c6f3c1a41aad932b5c6"/><file name="mysql4-upgrade-1.5.3-2.0.0.php" hash="1b6f0580e385634cd93c688adae5d19d"/></dir></dir></dir></dir></target><target name="magelocale"><dir name="ru_RU"><dir name="template"><dir name="email"><file name="et_ipsecurity.html" hash="a6f731a6903375bfc06edc6a31d67865"/><file name="et_ipsecurity_admin.html" hash="5961f9ae7d71f843d96d70c18c223222"/></dir></dir><file name="ET_IpSecurity.csv" hash="a322679e155c1c903cb4f8aa7c2d5b00"/></dir><dir name="en_US"><dir name="template"><dir name="email"><file name="et_ipsecurity.html" hash="2b67f7f1bc21e003da6246fe76462af4"/><file name="et_ipsecurity_admin.html" hash="2b67f7f1bc21e003da6246fe76462af4"/></dir></dir><file name="ET_IpSecurity.csv" hash="7f9caec31be429a5851a67357eb44848"/></dir></target><target name="mageetc"><dir name="modules"><file name="ET_IpSecurity.xml" hash="3405c1babf6948a8af04228c60894fcf"/></dir></target><target name="magedesign"><dir name="adminhtml"><dir name="default"><dir name="default"><dir name="layout"><file name="et_ipsecurity.xml" hash="4b41ce53fd6ad2a29a4fd5f95119230d"/></dir></dir></dir></dir></target></contents>
16
  <compatible/>
17
  <dependencies/>
18
  </package>
1
  <?xml version="1.0"?>
2
  <package>
3
  <name>ET_IpSecurity</name>
4
+ <version>2.1.0</version>
5
  <stability>stable</stability>
6
  <license uri="http://shop.etwebsolutions.com/eng/etws-license-free-v1">ETWS Free License (EFL1)</license>
7
  <channel>community</channel>
10
  <description>IP Security can restrict access to website by IP address or IP masks. When restrict rule is triggered, customer gets redirected to CMS page specified in settings or just blank page. You can get notifications about triggered rules by email. There is also opportunity to switch your website off for maintenance.</description>
11
  <notes>stable release</notes>
12
  <authors><author><name>Jurij</name><user>auto-converted</user><email>support@etwebsolutions.com</email></author><author><name>Andrej</name><user>auto-converted</user><email>support@etwebsolutions.com</email></author></authors>
13
+ <date>2014-10-13</date>
14
+ <time>11:41:03</time>
15
+ <contents><target name="magecommunity"><dir name="ET"><dir name="IpSecurity"><dir name="Block"><dir name="Adminhtml"><dir name="Log"><dir name="Renderer"><file name="Translaterule.php" hash="ca65f7951033aa9012d28e2d57aef2a5"/></dir><file name="Grid.php" hash="2fb7a3f5f89954ed59c6fba4547d6633"/></dir><file name="GetIpInfo.php" hash="2ebe7ee7e4eedbf51b0d783c0e2a5a8e"/><file name="Log.php" hash="71e986aa8d17ca38fbbebf293aaadb7c"/><file name="Support.php" hash="77efaf8ff27650fb652a42e4173734ba"/></dir></dir><dir name="Helper"><file name="Data.php" hash="bb998ef9431d76e3a03e9d0b3c55e5f8"/></dir><dir name="Model"><dir name="Mysql4"><dir name="Ipsecuritylog"><file name="Collection.php" hash="d052dd9e02c801d4343dcc847e48a7b2"/></dir><file name="Ipsecuritylog.php" hash="bbefc57c3bea478057e6038f6882843c"/></dir><file name="IpVariable.php" hash="0308a6b2b1a0b4491b3b3af8700338d5"/><file name="Ipsecuritylog.php" hash="73e41e474f5bde2b994f097de68a2d3b"/><file name="Observer.php" hash="5868ff8ed26638ba4f9b290e2c6e4167"/></dir><dir name="Test"><dir name="Model"><dir name="Observer"><dir name="providers"><file name="testIsIpAllowed.yaml" hash="404d102cf95f0ccce2169ff28bdbb74f"/><file name="testIsIpInList.yaml" hash="ba21c5f51a0b20d1e0e04ca3e1a9db11"/></dir></dir><file name="Observer.php" hash="173a1298271aeaa8811f8b7759975b0e"/></dir></dir><dir name="controllers"><dir name="Adminhtml"><file name="LogController.php" hash="3dc568a8b73ac5698041ecf1485c2e54"/></dir></dir><dir name="etc"><file name="config.xml" hash="698c0c264df319c91a08dd4cf3eee76d"/><file name="system.xml" hash="61098dd58209e0d3c2ab8bc002a44d81"/></dir><dir name="sql"><dir name="ipsecurity_setup"><file name="mysql4-install-1.5.php" hash="8ab37ac7b1e54c6f3c1a41aad932b5c6"/><file name="mysql4-upgrade-1.5.3-2.0.0.php" hash="1b6f0580e385634cd93c688adae5d19d"/></dir></dir></dir></dir></target><target name="magelocale"><dir name="ru_RU"><dir name="template"><dir name="email"><file name="et_ipsecurity.html" hash="b25448f879024a4f9694136cb45258b3"/><file name="et_ipsecurity_admin.html" hash="33efea1ec67fbcb5946fbb34429470f2"/></dir></dir><file name="ET_IpSecurity.csv" hash="2b710e0955c9a4611d7b4899960fb93b"/></dir><dir name="en_US"><dir name="template"><dir name="email"><file name="et_ipsecurity.html" hash="ffb1da1a35a7f598a8d2edfe4cba3ef3"/><file name="et_ipsecurity_admin.html" hash="ffb1da1a35a7f598a8d2edfe4cba3ef3"/></dir></dir><file name="ET_IpSecurity.csv" hash="7f9caec31be429a5851a67357eb44848"/></dir></target><target name="mageetc"><dir name="modules"><file name="ET_IpSecurity.xml" hash="3405c1babf6948a8af04228c60894fcf"/></dir></target><target name="magedesign"><dir name="adminhtml"><dir name="default"><dir name="default"><dir name="layout"><file name="et_ipsecurity.xml" hash="4b41ce53fd6ad2a29a4fd5f95119230d"/></dir></dir></dir></dir></target></contents>
16
  <compatible/>
17
  <dependencies/>
18
  </package>