Version Description
Download this release
Release Info
Developer | nintechnet |
Plugin | NinjaFirewall (WP Edition) |
Version | 3.6 |
Comparing to | |
See all releases |
Version 3.6
- .htaccess +12 -0
- .htninja.sample +90 -0
- LICENSE.TXT +674 -0
- images/bar-critical.png +0 -0
- images/bar-high.png +0 -0
- images/bar-medium.png +0 -0
- images/facebook.png +0 -0
- images/google.png +0 -0
- images/icon_error_16.png +0 -0
- images/icon_ok_16.png +0 -0
- images/icon_warn_16.png +0 -0
- images/index.html +1 -0
- images/logo_nm_80.png +0 -0
- images/logo_nr_80.png +0 -0
- images/logo_ns_80.png +0 -0
- images/logo_pro_80.png +0 -0
- images/nf_icon.png +0 -0
- images/ninjafirewall_100.png +0 -0
- images/ninjafirewall_20.png +0 -0
- images/ninjafirewall_32.png +0 -0
- images/ninjafirewall_50.png +0 -0
- images/ninjafirewall_75.png +0 -0
- images/ninjascanner.png +0 -0
- images/nintechnet.png +0 -0
- images/nintechnet_50.png +0 -0
- images/ns_integration.png +0 -0
- images/rate.png +0 -0
- images/scan_progress.gif +0 -0
- images/screenshots/01_ac_main.png +0 -0
- images/screenshots/02_ac_geoip.png +0 -0
- images/screenshots/03_ac_ip.png +0 -0
- images/screenshots/04_ac_limit.png +0 -0
- images/screenshots/05_ac_url.png +0 -0
- images/screenshots/06_ac_bots.png +0 -0
- images/screenshots/07_webfilter.png +0 -0
- images/screenshots/08_antispam.png +0 -0
- images/screenshots/09_uploads.png +0 -0
- images/screenshots/10_log.png +0 -0
- images/screenshots/11_shmop.png +0 -0
- images/screenshots/12_centlog.png +0 -0
- images/screenshots/index.html +1 -0
- images/twitter.png +0 -0
- images/twitter_ntn.png +0 -0
- index.html +1 -0
- install.php +606 -0
- languages/.htaccess +20 -0
- languages/README.TXT +3 -0
- languages/index.html +1 -0
- languages/ninjafirewall-fr_FR.mo +0 -0
- languages/ninjafirewall-fr_FR.po +5695 -0
- languages/ninjafirewall.pot +4731 -0
- lib/.htaccess +20 -0
- lib/dashboard_widget.php +93 -0
- lib/firewall.php +1573 -0
- lib/fw_centlog.php +75 -0
- lib/fw_fileguard.php +71 -0
- lib/fw_livelog.php +135 -0
- lib/help.php +549 -0
- lib/index.html +1 -0
- lib/install_fullwaf.php +648 -0
- lib/install_wpwaf.php +247 -0
- lib/login_protection.php +653 -0
- lib/nf_sub_about.php +199 -0
- lib/nf_sub_event.php +456 -0
- lib/nf_sub_filecheck.php +863 -0
- lib/nf_sub_livelog.php +352 -0
- lib/nf_sub_log.php +289 -0
- lib/nf_sub_malwarescan.php +40 -0
- lib/nf_sub_options.php +488 -0
- lib/nf_sub_statistics.php +198 -0
- lib/nf_sub_updates.php +556 -0
- lib/nf_sub_wplus.php +142 -0
- lib/nfw_misc.php +536 -0
- lib/share/.htaccess +21 -0
- lib/share/font.ttf +0 -0
- lib/share/index.html +1 -0
- lib/wp_ajax.php +58 -0
- ninjafirewall.php +3525 -0
- readme.txt +203 -0
- uninstall.php +149 -0
.htaccess
ADDED
@@ -0,0 +1,12 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<IfModule mod_rewrite.c>
|
2 |
+
<IfModule mod_version.c>
|
3 |
+
<IfVersion < 2.2>
|
4 |
+
RewriteEngine On
|
5 |
+
RewriteRule !\.(png|gif)$ - [F,L]
|
6 |
+
</IfVersion>
|
7 |
+
<IfVersion >= 2.2>
|
8 |
+
RewriteEngine On
|
9 |
+
RewriteRule !\.(png|gif)$ - [L,R=404]
|
10 |
+
</IfVersion>
|
11 |
+
</IfModule>
|
12 |
+
</IfModule>
|
.htninja.sample
ADDED
@@ -0,0 +1,90 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+=====================================================================+
|
4 |
+
| NinjaFirewall optional configuration file |
|
5 |
+
| |
|
6 |
+
| See: http://nintechnet.com/ninjafirewall/wp-edition/help/?htninja |
|
7 |
+
| |
|
8 |
+
+=====================================================================+
|
9 |
+
*/
|
10 |
+
|
11 |
+
// To tell NinjaFirewall where you moved your WP config file,
|
12 |
+
// use the '$wp_config' variable :
|
13 |
+
// ** NOTE: Deprecated since NinjaFirewall 3.0.1 **
|
14 |
+
# $wp_config = '/foo/bar/wp-config.php';
|
15 |
+
|
16 |
+
|
17 |
+
|
18 |
+
// Users of Cloudflare CDN:
|
19 |
+
# if (! empty($_SERVER["HTTP_CF_CONNECTING_IP"]) &&
|
20 |
+
# filter_var($_SERVER["HTTP_CF_CONNECTING_IP"], FILTER_VALIDATE_IP) ) {
|
21 |
+
# $_SERVER["REMOTE_ADDR"] = $_SERVER["HTTP_CF_CONNECTING_IP"];
|
22 |
+
# }
|
23 |
+
|
24 |
+
|
25 |
+
// Users of Incapsula CDN:
|
26 |
+
# if (! empty($_SERVER["HTTP_INCAP_CLIENT_IP"]) &&
|
27 |
+
# filter_var($_SERVER["HTTP_INCAP_CLIENT_IP"], FILTER_VALIDATE_IP) ) {
|
28 |
+
# $_SERVER["REMOTE_ADDR"] = $_SERVER["HTTP_INCAP_CLIENT_IP"];
|
29 |
+
# }
|
30 |
+
|
31 |
+
|
32 |
+
// Whitelist/blacklist whatever you want:
|
33 |
+
//
|
34 |
+
// Return codes:
|
35 |
+
// 'ALLOW' == Allow and stop filtering (whitelist).
|
36 |
+
// 'BLOCK' == Reject immediately (blacklist).
|
37 |
+
//
|
38 |
+
// Any other return code will be ignored
|
39 |
+
//
|
40 |
+
// Note that if you use 'ALLOW'/'BLOCK', nothing will be written
|
41 |
+
// to the firewall log.
|
42 |
+
|
43 |
+
// Whitelist single IP 1.2.3.4:
|
44 |
+
# if ( $_SERVER["REMOTE_ADDR"] == '1.2.3.4' ) {
|
45 |
+
# return 'ALLOW'; // whitelist
|
46 |
+
# }
|
47 |
+
|
48 |
+
// Whitelist IPs 1.1.1.1, 2.2.2.2 and 3.3.3.3:
|
49 |
+
# $ip_array = array( '1.1.1.1' , '2.2.2.2' , '3.3.3.3' );
|
50 |
+
# if ( in_array( $_SERVER["REMOTE_ADDR"], $ip_array ) ) {
|
51 |
+
# return 'ALLOW'; // whitelist
|
52 |
+
# }
|
53 |
+
|
54 |
+
// Whitelist all IPs from 1.1.1.1 to 1.1.1.255:
|
55 |
+
# if ( preg_match( '/^1\.1\.1\.\d+$/', $_SERVER["REMOTE_ADDR"] ) ) {
|
56 |
+
# return 'ALLOW'; // whitelist
|
57 |
+
# }
|
58 |
+
|
59 |
+
// Blacklist single IP 1.2.3.4:
|
60 |
+
# if ( $_SERVER["REMOTE_ADDR"] == '1.2.3.4' ) {
|
61 |
+
# return 'BLOCK'; // blacklist
|
62 |
+
# }
|
63 |
+
|
64 |
+
// Blacklist IPs 1.1.1.1, 2.2.2.2 and 3.3.3.3:
|
65 |
+
# $ip_array = array( '1.1.1.1' , '2.2.2.2' , '3.3.3.3' );
|
66 |
+
# if ( in_array( $_SERVER["REMOTE_ADDR"], $ip_array ) ) {
|
67 |
+
# return 'BLOCK'; // blacklist
|
68 |
+
# }
|
69 |
+
|
70 |
+
// Blacklist all IPs from 1.1.1.1 to 1.1.1.255:
|
71 |
+
# if ( preg_match( '/^1\.1\.1\.\d+$/', $_SERVER["REMOTE_ADDR"] ) ) {
|
72 |
+
# return 'BLOCK'; // blacklist
|
73 |
+
# }
|
74 |
+
|
75 |
+
|
76 |
+
// Do not filter any HTTP request sent to a script located inside the /myfolder/ directory:
|
77 |
+
# if (strpos($_SERVER['SCRIPT_FILENAME'], '/myfolder/') !== FALSE) {
|
78 |
+
# return 'ALLOW';
|
79 |
+
# }
|
80 |
+
|
81 |
+
// Advanced filtering :
|
82 |
+
// Block immediately a POST request if it contains a 'whatever' variable
|
83 |
+
// sent to a script named 'script.php' :
|
84 |
+
# if ( isset($_POST['whatever']) && strpos($_SERVER['SCRIPT_NAME'], 'script.php') !== FALSE ) {
|
85 |
+
# return 'BLOCK';
|
86 |
+
# }
|
87 |
+
|
88 |
+
|
89 |
+
|
90 |
+
// do not add anything below this line.
|
LICENSE.TXT
ADDED
@@ -0,0 +1,674 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
GNU GENERAL PUBLIC LICENSE
|
2 |
+
Version 3, 29 June 2007
|
3 |
+
|
4 |
+
Copyright (C) 2007 Free Software Foundation, Inc. <http://fsf.org/>
|
5 |
+
Everyone is permitted to copy and distribute verbatim copies
|
6 |
+
of this license document, but changing it is not allowed.
|
7 |
+
|
8 |
+
Preamble
|
9 |
+
|
10 |
+
The GNU General Public License is a free, copyleft license for
|
11 |
+
software and other kinds of works.
|
12 |
+
|
13 |
+
The licenses for most software and other practical works are designed
|
14 |
+
to take away your freedom to share and change the works. By contrast,
|
15 |
+
the GNU General Public License is intended to guarantee your freedom to
|
16 |
+
share and change all versions of a program--to make sure it remains free
|
17 |
+
software for all its users. We, the Free Software Foundation, use the
|
18 |
+
GNU General Public License for most of our software; it applies also to
|
19 |
+
any other work released this way by its authors. You can apply it to
|
20 |
+
your programs, too.
|
21 |
+
|
22 |
+
When we speak of free software, we are referring to freedom, not
|
23 |
+
price. Our General Public Licenses are designed to make sure that you
|
24 |
+
have the freedom to distribute copies of free software (and charge for
|
25 |
+
them if you wish), that you receive source code or can get it if you
|
26 |
+
want it, that you can change the software or use pieces of it in new
|
27 |
+
free programs, and that you know you can do these things.
|
28 |
+
|
29 |
+
To protect your rights, we need to prevent others from denying you
|
30 |
+
these rights or asking you to surrender the rights. Therefore, you have
|
31 |
+
certain responsibilities if you distribute copies of the software, or if
|
32 |
+
you modify it: responsibilities to respect the freedom of others.
|
33 |
+
|
34 |
+
For example, if you distribute copies of such a program, whether
|
35 |
+
gratis or for a fee, you must pass on to the recipients the same
|
36 |
+
freedoms that you received. You must make sure that they, too, receive
|
37 |
+
or can get the source code. And you must show them these terms so they
|
38 |
+
know their rights.
|
39 |
+
|
40 |
+
Developers that use the GNU GPL protect your rights with two steps:
|
41 |
+
(1) assert copyright on the software, and (2) offer you this License
|
42 |
+
giving you legal permission to copy, distribute and/or modify it.
|
43 |
+
|
44 |
+
For the developers' and authors' protection, the GPL clearly explains
|
45 |
+
that there is no warranty for this free software. For both users' and
|
46 |
+
authors' sake, the GPL requires that modified versions be marked as
|
47 |
+
changed, so that their problems will not be attributed erroneously to
|
48 |
+
authors of previous versions.
|
49 |
+
|
50 |
+
Some devices are designed to deny users access to install or run
|
51 |
+
modified versions of the software inside them, although the manufacturer
|
52 |
+
can do so. This is fundamentally incompatible with the aim of
|
53 |
+
protecting users' freedom to change the software. The systematic
|
54 |
+
pattern of such abuse occurs in the area of products for individuals to
|
55 |
+
use, which is precisely where it is most unacceptable. Therefore, we
|
56 |
+
have designed this version of the GPL to prohibit the practice for those
|
57 |
+
products. If such problems arise substantially in other domains, we
|
58 |
+
stand ready to extend this provision to those domains in future versions
|
59 |
+
of the GPL, as needed to protect the freedom of users.
|
60 |
+
|
61 |
+
Finally, every program is threatened constantly by software patents.
|
62 |
+
States should not allow patents to restrict development and use of
|
63 |
+
software on general-purpose computers, but in those that do, we wish to
|
64 |
+
avoid the special danger that patents applied to a free program could
|
65 |
+
make it effectively proprietary. To prevent this, the GPL assures that
|
66 |
+
patents cannot be used to render the program non-free.
|
67 |
+
|
68 |
+
The precise terms and conditions for copying, distribution and
|
69 |
+
modification follow.
|
70 |
+
|
71 |
+
TERMS AND CONDITIONS
|
72 |
+
|
73 |
+
0. Definitions.
|
74 |
+
|
75 |
+
"This License" refers to version 3 of the GNU General Public License.
|
76 |
+
|
77 |
+
"Copyright" also means copyright-like laws that apply to other kinds of
|
78 |
+
works, such as semiconductor masks.
|
79 |
+
|
80 |
+
"The Program" refers to any copyrightable work licensed under this
|
81 |
+
License. Each licensee is addressed as "you". "Licensees" and
|
82 |
+
"recipients" may be individuals or organizations.
|
83 |
+
|
84 |
+
To "modify" a work means to copy from or adapt all or part of the work
|
85 |
+
in a fashion requiring copyright permission, other than the making of an
|
86 |
+
exact copy. The resulting work is called a "modified version" of the
|
87 |
+
earlier work or a work "based on" the earlier work.
|
88 |
+
|
89 |
+
A "covered work" means either the unmodified Program or a work based
|
90 |
+
on the Program.
|
91 |
+
|
92 |
+
To "propagate" a work means to do anything with it that, without
|
93 |
+
permission, would make you directly or secondarily liable for
|
94 |
+
infringement under applicable copyright law, except executing it on a
|
95 |
+
computer or modifying a private copy. Propagation includes copying,
|
96 |
+
distribution (with or without modification), making available to the
|
97 |
+
public, and in some countries other activities as well.
|
98 |
+
|
99 |
+
To "convey" a work means any kind of propagation that enables other
|
100 |
+
parties to make or receive copies. Mere interaction with a user through
|
101 |
+
a computer network, with no transfer of a copy, is not conveying.
|
102 |
+
|
103 |
+
An interactive user interface displays "Appropriate Legal Notices"
|
104 |
+
to the extent that it includes a convenient and prominently visible
|
105 |
+
feature that (1) displays an appropriate copyright notice, and (2)
|
106 |
+
tells the user that there is no warranty for the work (except to the
|
107 |
+
extent that warranties are provided), that licensees may convey the
|
108 |
+
work under this License, and how to view a copy of this License. If
|
109 |
+
the interface presents a list of user commands or options, such as a
|
110 |
+
menu, a prominent item in the list meets this criterion.
|
111 |
+
|
112 |
+
1. Source Code.
|
113 |
+
|
114 |
+
The "source code" for a work means the preferred form of the work
|
115 |
+
for making modifications to it. "Object code" means any non-source
|
116 |
+
form of a work.
|
117 |
+
|
118 |
+
A "Standard Interface" means an interface that either is an official
|
119 |
+
standard defined by a recognized standards body, or, in the case of
|
120 |
+
interfaces specified for a particular programming language, one that
|
121 |
+
is widely used among developers working in that language.
|
122 |
+
|
123 |
+
The "System Libraries" of an executable work include anything, other
|
124 |
+
than the work as a whole, that (a) is included in the normal form of
|
125 |
+
packaging a Major Component, but which is not part of that Major
|
126 |
+
Component, and (b) serves only to enable use of the work with that
|
127 |
+
Major Component, or to implement a Standard Interface for which an
|
128 |
+
implementation is available to the public in source code form. A
|
129 |
+
"Major Component", in this context, means a major essential component
|
130 |
+
(kernel, window system, and so on) of the specific operating system
|
131 |
+
(if any) on which the executable work runs, or a compiler used to
|
132 |
+
produce the work, or an object code interpreter used to run it.
|
133 |
+
|
134 |
+
The "Corresponding Source" for a work in object code form means all
|
135 |
+
the source code needed to generate, install, and (for an executable
|
136 |
+
work) run the object code and to modify the work, including scripts to
|
137 |
+
control those activities. However, it does not include the work's
|
138 |
+
System Libraries, or general-purpose tools or generally available free
|
139 |
+
programs which are used unmodified in performing those activities but
|
140 |
+
which are not part of the work. For example, Corresponding Source
|
141 |
+
includes interface definition files associated with source files for
|
142 |
+
the work, and the source code for shared libraries and dynamically
|
143 |
+
linked subprograms that the work is specifically designed to require,
|
144 |
+
such as by intimate data communication or control flow between those
|
145 |
+
subprograms and other parts of the work.
|
146 |
+
|
147 |
+
The Corresponding Source need not include anything that users
|
148 |
+
can regenerate automatically from other parts of the Corresponding
|
149 |
+
Source.
|
150 |
+
|
151 |
+
The Corresponding Source for a work in source code form is that
|
152 |
+
same work.
|
153 |
+
|
154 |
+
2. Basic Permissions.
|
155 |
+
|
156 |
+
All rights granted under this License are granted for the term of
|
157 |
+
copyright on the Program, and are irrevocable provided the stated
|
158 |
+
conditions are met. This License explicitly affirms your unlimited
|
159 |
+
permission to run the unmodified Program. The output from running a
|
160 |
+
covered work is covered by this License only if the output, given its
|
161 |
+
content, constitutes a covered work. This License acknowledges your
|
162 |
+
rights of fair use or other equivalent, as provided by copyright law.
|
163 |
+
|
164 |
+
You may make, run and propagate covered works that you do not
|
165 |
+
convey, without conditions so long as your license otherwise remains
|
166 |
+
in force. You may convey covered works to others for the sole purpose
|
167 |
+
of having them make modifications exclusively for you, or provide you
|
168 |
+
with facilities for running those works, provided that you comply with
|
169 |
+
the terms of this License in conveying all material for which you do
|
170 |
+
not control copyright. Those thus making or running the covered works
|
171 |
+
for you must do so exclusively on your behalf, under your direction
|
172 |
+
and control, on terms that prohibit them from making any copies of
|
173 |
+
your copyrighted material outside their relationship with you.
|
174 |
+
|
175 |
+
Conveying under any other circumstances is permitted solely under
|
176 |
+
the conditions stated below. Sublicensing is not allowed; section 10
|
177 |
+
makes it unnecessary.
|
178 |
+
|
179 |
+
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
|
180 |
+
|
181 |
+
No covered work shall be deemed part of an effective technological
|
182 |
+
measure under any applicable law fulfilling obligations under article
|
183 |
+
11 of the WIPO copyright treaty adopted on 20 December 1996, or
|
184 |
+
similar laws prohibiting or restricting circumvention of such
|
185 |
+
measures.
|
186 |
+
|
187 |
+
When you convey a covered work, you waive any legal power to forbid
|
188 |
+
circumvention of technological measures to the extent such circumvention
|
189 |
+
is effected by exercising rights under this License with respect to
|
190 |
+
the covered work, and you disclaim any intention to limit operation or
|
191 |
+
modification of the work as a means of enforcing, against the work's
|
192 |
+
users, your or third parties' legal rights to forbid circumvention of
|
193 |
+
technological measures.
|
194 |
+
|
195 |
+
4. Conveying Verbatim Copies.
|
196 |
+
|
197 |
+
You may convey verbatim copies of the Program's source code as you
|
198 |
+
receive it, in any medium, provided that you conspicuously and
|
199 |
+
appropriately publish on each copy an appropriate copyright notice;
|
200 |
+
keep intact all notices stating that this License and any
|
201 |
+
non-permissive terms added in accord with section 7 apply to the code;
|
202 |
+
keep intact all notices of the absence of any warranty; and give all
|
203 |
+
recipients a copy of this License along with the Program.
|
204 |
+
|
205 |
+
You may charge any price or no price for each copy that you convey,
|
206 |
+
and you may offer support or warranty protection for a fee.
|
207 |
+
|
208 |
+
5. Conveying Modified Source Versions.
|
209 |
+
|
210 |
+
You may convey a work based on the Program, or the modifications to
|
211 |
+
produce it from the Program, in the form of source code under the
|
212 |
+
terms of section 4, provided that you also meet all of these conditions:
|
213 |
+
|
214 |
+
a) The work must carry prominent notices stating that you modified
|
215 |
+
it, and giving a relevant date.
|
216 |
+
|
217 |
+
b) The work must carry prominent notices stating that it is
|
218 |
+
released under this License and any conditions added under section
|
219 |
+
7. This requirement modifies the requirement in section 4 to
|
220 |
+
"keep intact all notices".
|
221 |
+
|
222 |
+
c) You must license the entire work, as a whole, under this
|
223 |
+
License to anyone who comes into possession of a copy. This
|
224 |
+
License will therefore apply, along with any applicable section 7
|
225 |
+
additional terms, to the whole of the work, and all its parts,
|
226 |
+
regardless of how they are packaged. This License gives no
|
227 |
+
permission to license the work in any other way, but it does not
|
228 |
+
invalidate such permission if you have separately received it.
|
229 |
+
|
230 |
+
d) If the work has interactive user interfaces, each must display
|
231 |
+
Appropriate Legal Notices; however, if the Program has interactive
|
232 |
+
interfaces that do not display Appropriate Legal Notices, your
|
233 |
+
work need not make them do so.
|
234 |
+
|
235 |
+
A compilation of a covered work with other separate and independent
|
236 |
+
works, which are not by their nature extensions of the covered work,
|
237 |
+
and which are not combined with it such as to form a larger program,
|
238 |
+
in or on a volume of a storage or distribution medium, is called an
|
239 |
+
"aggregate" if the compilation and its resulting copyright are not
|
240 |
+
used to limit the access or legal rights of the compilation's users
|
241 |
+
beyond what the individual works permit. Inclusion of a covered work
|
242 |
+
in an aggregate does not cause this License to apply to the other
|
243 |
+
parts of the aggregate.
|
244 |
+
|
245 |
+
6. Conveying Non-Source Forms.
|
246 |
+
|
247 |
+
You may convey a covered work in object code form under the terms
|
248 |
+
of sections 4 and 5, provided that you also convey the
|
249 |
+
machine-readable Corresponding Source under the terms of this License,
|
250 |
+
in one of these ways:
|
251 |
+
|
252 |
+
a) Convey the object code in, or embodied in, a physical product
|
253 |
+
(including a physical distribution medium), accompanied by the
|
254 |
+
Corresponding Source fixed on a durable physical medium
|
255 |
+
customarily used for software interchange.
|
256 |
+
|
257 |
+
b) Convey the object code in, or embodied in, a physical product
|
258 |
+
(including a physical distribution medium), accompanied by a
|
259 |
+
written offer, valid for at least three years and valid for as
|
260 |
+
long as you offer spare parts or customer support for that product
|
261 |
+
model, to give anyone who possesses the object code either (1) a
|
262 |
+
copy of the Corresponding Source for all the software in the
|
263 |
+
product that is covered by this License, on a durable physical
|
264 |
+
medium customarily used for software interchange, for a price no
|
265 |
+
more than your reasonable cost of physically performing this
|
266 |
+
conveying of source, or (2) access to copy the
|
267 |
+
Corresponding Source from a network server at no charge.
|
268 |
+
|
269 |
+
c) Convey individual copies of the object code with a copy of the
|
270 |
+
written offer to provide the Corresponding Source. This
|
271 |
+
alternative is allowed only occasionally and noncommercially, and
|
272 |
+
only if you received the object code with such an offer, in accord
|
273 |
+
with subsection 6b.
|
274 |
+
|
275 |
+
d) Convey the object code by offering access from a designated
|
276 |
+
place (gratis or for a charge), and offer equivalent access to the
|
277 |
+
Corresponding Source in the same way through the same place at no
|
278 |
+
further charge. You need not require recipients to copy the
|
279 |
+
Corresponding Source along with the object code. If the place to
|
280 |
+
copy the object code is a network server, the Corresponding Source
|
281 |
+
may be on a different server (operated by you or a third party)
|
282 |
+
that supports equivalent copying facilities, provided you maintain
|
283 |
+
clear directions next to the object code saying where to find the
|
284 |
+
Corresponding Source. Regardless of what server hosts the
|
285 |
+
Corresponding Source, you remain obligated to ensure that it is
|
286 |
+
available for as long as needed to satisfy these requirements.
|
287 |
+
|
288 |
+
e) Convey the object code using peer-to-peer transmission, provided
|
289 |
+
you inform other peers where the object code and Corresponding
|
290 |
+
Source of the work are being offered to the general public at no
|
291 |
+
charge under subsection 6d.
|
292 |
+
|
293 |
+
A separable portion of the object code, whose source code is excluded
|
294 |
+
from the Corresponding Source as a System Library, need not be
|
295 |
+
included in conveying the object code work.
|
296 |
+
|
297 |
+
A "User Product" is either (1) a "consumer product", which means any
|
298 |
+
tangible personal property which is normally used for personal, family,
|
299 |
+
or household purposes, or (2) anything designed or sold for incorporation
|
300 |
+
into a dwelling. In determining whether a product is a consumer product,
|
301 |
+
doubtful cases shall be resolved in favor of coverage. For a particular
|
302 |
+
product received by a particular user, "normally used" refers to a
|
303 |
+
typical or common use of that class of product, regardless of the status
|
304 |
+
of the particular user or of the way in which the particular user
|
305 |
+
actually uses, or expects or is expected to use, the product. A product
|
306 |
+
is a consumer product regardless of whether the product has substantial
|
307 |
+
commercial, industrial or non-consumer uses, unless such uses represent
|
308 |
+
the only significant mode of use of the product.
|
309 |
+
|
310 |
+
"Installation Information" for a User Product means any methods,
|
311 |
+
procedures, authorization keys, or other information required to install
|
312 |
+
and execute modified versions of a covered work in that User Product from
|
313 |
+
a modified version of its Corresponding Source. The information must
|
314 |
+
suffice to ensure that the continued functioning of the modified object
|
315 |
+
code is in no case prevented or interfered with solely because
|
316 |
+
modification has been made.
|
317 |
+
|
318 |
+
If you convey an object code work under this section in, or with, or
|
319 |
+
specifically for use in, a User Product, and the conveying occurs as
|
320 |
+
part of a transaction in which the right of possession and use of the
|
321 |
+
User Product is transferred to the recipient in perpetuity or for a
|
322 |
+
fixed term (regardless of how the transaction is characterized), the
|
323 |
+
Corresponding Source conveyed under this section must be accompanied
|
324 |
+
by the Installation Information. But this requirement does not apply
|
325 |
+
if neither you nor any third party retains the ability to install
|
326 |
+
modified object code on the User Product (for example, the work has
|
327 |
+
been installed in ROM).
|
328 |
+
|
329 |
+
The requirement to provide Installation Information does not include a
|
330 |
+
requirement to continue to provide support service, warranty, or updates
|
331 |
+
for a work that has been modified or installed by the recipient, or for
|
332 |
+
the User Product in which it has been modified or installed. Access to a
|
333 |
+
network may be denied when the modification itself materially and
|
334 |
+
adversely affects the operation of the network or violates the rules and
|
335 |
+
protocols for communication across the network.
|
336 |
+
|
337 |
+
Corresponding Source conveyed, and Installation Information provided,
|
338 |
+
in accord with this section must be in a format that is publicly
|
339 |
+
documented (and with an implementation available to the public in
|
340 |
+
source code form), and must require no special password or key for
|
341 |
+
unpacking, reading or copying.
|
342 |
+
|
343 |
+
7. Additional Terms.
|
344 |
+
|
345 |
+
"Additional permissions" are terms that supplement the terms of this
|
346 |
+
License by making exceptions from one or more of its conditions.
|
347 |
+
Additional permissions that are applicable to the entire Program shall
|
348 |
+
be treated as though they were included in this License, to the extent
|
349 |
+
that they are valid under applicable law. If additional permissions
|
350 |
+
apply only to part of the Program, that part may be used separately
|
351 |
+
under those permissions, but the entire Program remains governed by
|
352 |
+
this License without regard to the additional permissions.
|
353 |
+
|
354 |
+
When you convey a copy of a covered work, you may at your option
|
355 |
+
remove any additional permissions from that copy, or from any part of
|
356 |
+
it. (Additional permissions may be written to require their own
|
357 |
+
removal in certain cases when you modify the work.) You may place
|
358 |
+
additional permissions on material, added by you to a covered work,
|
359 |
+
for which you have or can give appropriate copyright permission.
|
360 |
+
|
361 |
+
Notwithstanding any other provision of this License, for material you
|
362 |
+
add to a covered work, you may (if authorized by the copyright holders of
|
363 |
+
that material) supplement the terms of this License with terms:
|
364 |
+
|
365 |
+
a) Disclaiming warranty or limiting liability differently from the
|
366 |
+
terms of sections 15 and 16 of this License; or
|
367 |
+
|
368 |
+
b) Requiring preservation of specified reasonable legal notices or
|
369 |
+
author attributions in that material or in the Appropriate Legal
|
370 |
+
Notices displayed by works containing it; or
|
371 |
+
|
372 |
+
c) Prohibiting misrepresentation of the origin of that material, or
|
373 |
+
requiring that modified versions of such material be marked in
|
374 |
+
reasonable ways as different from the original version; or
|
375 |
+
|
376 |
+
d) Limiting the use for publicity purposes of names of licensors or
|
377 |
+
authors of the material; or
|
378 |
+
|
379 |
+
e) Declining to grant rights under trademark law for use of some
|
380 |
+
trade names, trademarks, or service marks; or
|
381 |
+
|
382 |
+
f) Requiring indemnification of licensors and authors of that
|
383 |
+
material by anyone who conveys the material (or modified versions of
|
384 |
+
it) with contractual assumptions of liability to the recipient, for
|
385 |
+
any liability that these contractual assumptions directly impose on
|
386 |
+
those licensors and authors.
|
387 |
+
|
388 |
+
All other non-permissive additional terms are considered "further
|
389 |
+
restrictions" within the meaning of section 10. If the Program as you
|
390 |
+
received it, or any part of it, contains a notice stating that it is
|
391 |
+
governed by this License along with a term that is a further
|
392 |
+
restriction, you may remove that term. If a license document contains
|
393 |
+
a further restriction but permits relicensing or conveying under this
|
394 |
+
License, you may add to a covered work material governed by the terms
|
395 |
+
of that license document, provided that the further restriction does
|
396 |
+
not survive such relicensing or conveying.
|
397 |
+
|
398 |
+
If you add terms to a covered work in accord with this section, you
|
399 |
+
must place, in the relevant source files, a statement of the
|
400 |
+
additional terms that apply to those files, or a notice indicating
|
401 |
+
where to find the applicable terms.
|
402 |
+
|
403 |
+
Additional terms, permissive or non-permissive, may be stated in the
|
404 |
+
form of a separately written license, or stated as exceptions;
|
405 |
+
the above requirements apply either way.
|
406 |
+
|
407 |
+
8. Termination.
|
408 |
+
|
409 |
+
You may not propagate or modify a covered work except as expressly
|
410 |
+
provided under this License. Any attempt otherwise to propagate or
|
411 |
+
modify it is void, and will automatically terminate your rights under
|
412 |
+
this License (including any patent licenses granted under the third
|
413 |
+
paragraph of section 11).
|
414 |
+
|
415 |
+
However, if you cease all violation of this License, then your
|
416 |
+
license from a particular copyright holder is reinstated (a)
|
417 |
+
provisionally, unless and until the copyright holder explicitly and
|
418 |
+
finally terminates your license, and (b) permanently, if the copyright
|
419 |
+
holder fails to notify you of the violation by some reasonable means
|
420 |
+
prior to 60 days after the cessation.
|
421 |
+
|
422 |
+
Moreover, your license from a particular copyright holder is
|
423 |
+
reinstated permanently if the copyright holder notifies you of the
|
424 |
+
violation by some reasonable means, this is the first time you have
|
425 |
+
received notice of violation of this License (for any work) from that
|
426 |
+
copyright holder, and you cure the violation prior to 30 days after
|
427 |
+
your receipt of the notice.
|
428 |
+
|
429 |
+
Termination of your rights under this section does not terminate the
|
430 |
+
licenses of parties who have received copies or rights from you under
|
431 |
+
this License. If your rights have been terminated and not permanently
|
432 |
+
reinstated, you do not qualify to receive new licenses for the same
|
433 |
+
material under section 10.
|
434 |
+
|
435 |
+
9. Acceptance Not Required for Having Copies.
|
436 |
+
|
437 |
+
You are not required to accept this License in order to receive or
|
438 |
+
run a copy of the Program. Ancillary propagation of a covered work
|
439 |
+
occurring solely as a consequence of using peer-to-peer transmission
|
440 |
+
to receive a copy likewise does not require acceptance. However,
|
441 |
+
nothing other than this License grants you permission to propagate or
|
442 |
+
modify any covered work. These actions infringe copyright if you do
|
443 |
+
not accept this License. Therefore, by modifying or propagating a
|
444 |
+
covered work, you indicate your acceptance of this License to do so.
|
445 |
+
|
446 |
+
10. Automatic Licensing of Downstream Recipients.
|
447 |
+
|
448 |
+
Each time you convey a covered work, the recipient automatically
|
449 |
+
receives a license from the original licensors, to run, modify and
|
450 |
+
propagate that work, subject to this License. You are not responsible
|
451 |
+
for enforcing compliance by third parties with this License.
|
452 |
+
|
453 |
+
An "entity transaction" is a transaction transferring control of an
|
454 |
+
organization, or substantially all assets of one, or subdividing an
|
455 |
+
organization, or merging organizations. If propagation of a covered
|
456 |
+
work results from an entity transaction, each party to that
|
457 |
+
transaction who receives a copy of the work also receives whatever
|
458 |
+
licenses to the work the party's predecessor in interest had or could
|
459 |
+
give under the previous paragraph, plus a right to possession of the
|
460 |
+
Corresponding Source of the work from the predecessor in interest, if
|
461 |
+
the predecessor has it or can get it with reasonable efforts.
|
462 |
+
|
463 |
+
You may not impose any further restrictions on the exercise of the
|
464 |
+
rights granted or affirmed under this License. For example, you may
|
465 |
+
not impose a license fee, royalty, or other charge for exercise of
|
466 |
+
rights granted under this License, and you may not initiate litigation
|
467 |
+
(including a cross-claim or counterclaim in a lawsuit) alleging that
|
468 |
+
any patent claim is infringed by making, using, selling, offering for
|
469 |
+
sale, or importing the Program or any portion of it.
|
470 |
+
|
471 |
+
11. Patents.
|
472 |
+
|
473 |
+
A "contributor" is a copyright holder who authorizes use under this
|
474 |
+
License of the Program or a work on which the Program is based. The
|
475 |
+
work thus licensed is called the contributor's "contributor version".
|
476 |
+
|
477 |
+
A contributor's "essential patent claims" are all patent claims
|
478 |
+
owned or controlled by the contributor, whether already acquired or
|
479 |
+
hereafter acquired, that would be infringed by some manner, permitted
|
480 |
+
by this License, of making, using, or selling its contributor version,
|
481 |
+
but do not include claims that would be infringed only as a
|
482 |
+
consequence of further modification of the contributor version. For
|
483 |
+
purposes of this definition, "control" includes the right to grant
|
484 |
+
patent sublicenses in a manner consistent with the requirements of
|
485 |
+
this License.
|
486 |
+
|
487 |
+
Each contributor grants you a non-exclusive, worldwide, royalty-free
|
488 |
+
patent license under the contributor's essential patent claims, to
|
489 |
+
make, use, sell, offer for sale, import and otherwise run, modify and
|
490 |
+
propagate the contents of its contributor version.
|
491 |
+
|
492 |
+
In the following three paragraphs, a "patent license" is any express
|
493 |
+
agreement or commitment, however denominated, not to enforce a patent
|
494 |
+
(such as an express permission to practice a patent or covenant not to
|
495 |
+
sue for patent infringement). To "grant" such a patent license to a
|
496 |
+
party means to make such an agreement or commitment not to enforce a
|
497 |
+
patent against the party.
|
498 |
+
|
499 |
+
If you convey a covered work, knowingly relying on a patent license,
|
500 |
+
and the Corresponding Source of the work is not available for anyone
|
501 |
+
to copy, free of charge and under the terms of this License, through a
|
502 |
+
publicly available network server or other readily accessible means,
|
503 |
+
then you must either (1) cause the Corresponding Source to be so
|
504 |
+
available, or (2) arrange to deprive yourself of the benefit of the
|
505 |
+
patent license for this particular work, or (3) arrange, in a manner
|
506 |
+
consistent with the requirements of this License, to extend the patent
|
507 |
+
license to downstream recipients. "Knowingly relying" means you have
|
508 |
+
actual knowledge that, but for the patent license, your conveying the
|
509 |
+
covered work in a country, or your recipient's use of the covered work
|
510 |
+
in a country, would infringe one or more identifiable patents in that
|
511 |
+
country that you have reason to believe are valid.
|
512 |
+
|
513 |
+
If, pursuant to or in connection with a single transaction or
|
514 |
+
arrangement, you convey, or propagate by procuring conveyance of, a
|
515 |
+
covered work, and grant a patent license to some of the parties
|
516 |
+
receiving the covered work authorizing them to use, propagate, modify
|
517 |
+
or convey a specific copy of the covered work, then the patent license
|
518 |
+
you grant is automatically extended to all recipients of the covered
|
519 |
+
work and works based on it.
|
520 |
+
|
521 |
+
A patent license is "discriminatory" if it does not include within
|
522 |
+
the scope of its coverage, prohibits the exercise of, or is
|
523 |
+
conditioned on the non-exercise of one or more of the rights that are
|
524 |
+
specifically granted under this License. You may not convey a covered
|
525 |
+
work if you are a party to an arrangement with a third party that is
|
526 |
+
in the business of distributing software, under which you make payment
|
527 |
+
to the third party based on the extent of your activity of conveying
|
528 |
+
the work, and under which the third party grants, to any of the
|
529 |
+
parties who would receive the covered work from you, a discriminatory
|
530 |
+
patent license (a) in connection with copies of the covered work
|
531 |
+
conveyed by you (or copies made from those copies), or (b) primarily
|
532 |
+
for and in connection with specific products or compilations that
|
533 |
+
contain the covered work, unless you entered into that arrangement,
|
534 |
+
or that patent license was granted, prior to 28 March 2007.
|
535 |
+
|
536 |
+
Nothing in this License shall be construed as excluding or limiting
|
537 |
+
any implied license or other defenses to infringement that may
|
538 |
+
otherwise be available to you under applicable patent law.
|
539 |
+
|
540 |
+
12. No Surrender of Others' Freedom.
|
541 |
+
|
542 |
+
If conditions are imposed on you (whether by court order, agreement or
|
543 |
+
otherwise) that contradict the conditions of this License, they do not
|
544 |
+
excuse you from the conditions of this License. If you cannot convey a
|
545 |
+
covered work so as to satisfy simultaneously your obligations under this
|
546 |
+
License and any other pertinent obligations, then as a consequence you may
|
547 |
+
not convey it at all. For example, if you agree to terms that obligate you
|
548 |
+
to collect a royalty for further conveying from those to whom you convey
|
549 |
+
the Program, the only way you could satisfy both those terms and this
|
550 |
+
License would be to refrain entirely from conveying the Program.
|
551 |
+
|
552 |
+
13. Use with the GNU Affero General Public License.
|
553 |
+
|
554 |
+
Notwithstanding any other provision of this License, you have
|
555 |
+
permission to link or combine any covered work with a work licensed
|
556 |
+
under version 3 of the GNU Affero General Public License into a single
|
557 |
+
combined work, and to convey the resulting work. The terms of this
|
558 |
+
License will continue to apply to the part which is the covered work,
|
559 |
+
but the special requirements of the GNU Affero General Public License,
|
560 |
+
section 13, concerning interaction through a network will apply to the
|
561 |
+
combination as such.
|
562 |
+
|
563 |
+
14. Revised Versions of this License.
|
564 |
+
|
565 |
+
The Free Software Foundation may publish revised and/or new versions of
|
566 |
+
the GNU General Public License from time to time. Such new versions will
|
567 |
+
be similar in spirit to the present version, but may differ in detail to
|
568 |
+
address new problems or concerns.
|
569 |
+
|
570 |
+
Each version is given a distinguishing version number. If the
|
571 |
+
Program specifies that a certain numbered version of the GNU General
|
572 |
+
Public License "or any later version" applies to it, you have the
|
573 |
+
option of following the terms and conditions either of that numbered
|
574 |
+
version or of any later version published by the Free Software
|
575 |
+
Foundation. If the Program does not specify a version number of the
|
576 |
+
GNU General Public License, you may choose any version ever published
|
577 |
+
by the Free Software Foundation.
|
578 |
+
|
579 |
+
If the Program specifies that a proxy can decide which future
|
580 |
+
versions of the GNU General Public License can be used, that proxy's
|
581 |
+
public statement of acceptance of a version permanently authorizes you
|
582 |
+
to choose that version for the Program.
|
583 |
+
|
584 |
+
Later license versions may give you additional or different
|
585 |
+
permissions. However, no additional obligations are imposed on any
|
586 |
+
author or copyright holder as a result of your choosing to follow a
|
587 |
+
later version.
|
588 |
+
|
589 |
+
15. Disclaimer of Warranty.
|
590 |
+
|
591 |
+
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
|
592 |
+
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
|
593 |
+
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
|
594 |
+
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
|
595 |
+
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
|
596 |
+
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
|
597 |
+
IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
|
598 |
+
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
|
599 |
+
|
600 |
+
16. Limitation of Liability.
|
601 |
+
|
602 |
+
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
|
603 |
+
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
|
604 |
+
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
|
605 |
+
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
|
606 |
+
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
|
607 |
+
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
|
608 |
+
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
|
609 |
+
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
|
610 |
+
SUCH DAMAGES.
|
611 |
+
|
612 |
+
17. Interpretation of Sections 15 and 16.
|
613 |
+
|
614 |
+
If the disclaimer of warranty and limitation of liability provided
|
615 |
+
above cannot be given local legal effect according to their terms,
|
616 |
+
reviewing courts shall apply local law that most closely approximates
|
617 |
+
an absolute waiver of all civil liability in connection with the
|
618 |
+
Program, unless a warranty or assumption of liability accompanies a
|
619 |
+
copy of the Program in return for a fee.
|
620 |
+
|
621 |
+
END OF TERMS AND CONDITIONS
|
622 |
+
|
623 |
+
How to Apply These Terms to Your New Programs
|
624 |
+
|
625 |
+
If you develop a new program, and you want it to be of the greatest
|
626 |
+
possible use to the public, the best way to achieve this is to make it
|
627 |
+
free software which everyone can redistribute and change under these terms.
|
628 |
+
|
629 |
+
To do so, attach the following notices to the program. It is safest
|
630 |
+
to attach them to the start of each source file to most effectively
|
631 |
+
state the exclusion of warranty; and each file should have at least
|
632 |
+
the "copyright" line and a pointer to where the full notice is found.
|
633 |
+
|
634 |
+
<one line to give the program's name and a brief idea of what it does.>
|
635 |
+
Copyright (C) <year> <name of author>
|
636 |
+
|
637 |
+
This program is free software: you can redistribute it and/or modify
|
638 |
+
it under the terms of the GNU General Public License as published by
|
639 |
+
the Free Software Foundation, either version 3 of the License, or
|
640 |
+
(at your option) any later version.
|
641 |
+
|
642 |
+
This program is distributed in the hope that it will be useful,
|
643 |
+
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
644 |
+
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
645 |
+
GNU General Public License for more details.
|
646 |
+
|
647 |
+
You should have received a copy of the GNU General Public License
|
648 |
+
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
649 |
+
|
650 |
+
Also add information on how to contact you by electronic and paper mail.
|
651 |
+
|
652 |
+
If the program does terminal interaction, make it output a short
|
653 |
+
notice like this when it starts in an interactive mode:
|
654 |
+
|
655 |
+
<program> Copyright (C) <year> <name of author>
|
656 |
+
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
|
657 |
+
This is free software, and you are welcome to redistribute it
|
658 |
+
under certain conditions; type `show c' for details.
|
659 |
+
|
660 |
+
The hypothetical commands `show w' and `show c' should show the appropriate
|
661 |
+
parts of the General Public License. Of course, your program's commands
|
662 |
+
might be different; for a GUI interface, you would use an "about box".
|
663 |
+
|
664 |
+
You should also get your employer (if you work as a programmer) or school,
|
665 |
+
if any, to sign a "copyright disclaimer" for the program, if necessary.
|
666 |
+
For more information on this, and how to apply and follow the GNU GPL, see
|
667 |
+
<http://www.gnu.org/licenses/>.
|
668 |
+
|
669 |
+
The GNU General Public License does not permit incorporating your program
|
670 |
+
into proprietary programs. If your program is a subroutine library, you
|
671 |
+
may consider it more useful to permit linking proprietary applications with
|
672 |
+
the library. If this is what you want to do, use the GNU Lesser General
|
673 |
+
Public License instead of this License. But first, please read
|
674 |
+
<http://www.gnu.org/philosophy/why-not-lgpl.html>.
|
images/bar-critical.png
ADDED
Binary file
|
images/bar-high.png
ADDED
Binary file
|
images/bar-medium.png
ADDED
Binary file
|
images/facebook.png
ADDED
Binary file
|
images/google.png
ADDED
Binary file
|
images/icon_error_16.png
ADDED
Binary file
|
images/icon_ok_16.png
ADDED
Binary file
|
images/icon_warn_16.png
ADDED
Binary file
|
images/index.html
ADDED
@@ -0,0 +1 @@
|
|
|
1 |
+
<html><head><meta http-equiv="refresh" content="0;URL=../../../../"></head></html>
|
images/logo_nm_80.png
ADDED
Binary file
|
images/logo_nr_80.png
ADDED
Binary file
|
images/logo_ns_80.png
ADDED
Binary file
|
images/logo_pro_80.png
ADDED
Binary file
|
images/nf_icon.png
ADDED
Binary file
|
images/ninjafirewall_100.png
ADDED
Binary file
|
images/ninjafirewall_20.png
ADDED
Binary file
|
images/ninjafirewall_32.png
ADDED
Binary file
|
images/ninjafirewall_50.png
ADDED
Binary file
|
images/ninjafirewall_75.png
ADDED
Binary file
|
images/ninjascanner.png
ADDED
Binary file
|
images/nintechnet.png
ADDED
Binary file
|
images/nintechnet_50.png
ADDED
Binary file
|
images/ns_integration.png
ADDED
Binary file
|
images/rate.png
ADDED
Binary file
|
images/scan_progress.gif
ADDED
Binary file
|
images/screenshots/01_ac_main.png
ADDED
Binary file
|
images/screenshots/02_ac_geoip.png
ADDED
Binary file
|
images/screenshots/03_ac_ip.png
ADDED
Binary file
|
images/screenshots/04_ac_limit.png
ADDED
Binary file
|
images/screenshots/05_ac_url.png
ADDED
Binary file
|
images/screenshots/06_ac_bots.png
ADDED
Binary file
|
images/screenshots/07_webfilter.png
ADDED
Binary file
|
images/screenshots/08_antispam.png
ADDED
Binary file
|
images/screenshots/09_uploads.png
ADDED
Binary file
|
images/screenshots/10_log.png
ADDED
Binary file
|
images/screenshots/11_shmop.png
ADDED
Binary file
|
images/screenshots/12_centlog.png
ADDED
Binary file
|
images/screenshots/index.html
ADDED
@@ -0,0 +1 @@
|
|
|
1 |
+
<html><head><meta http-equiv="refresh" content="0;URL=../../../../../"></head></html>
|
images/twitter.png
ADDED
Binary file
|
images/twitter_ntn.png
ADDED
Binary file
|
index.html
ADDED
@@ -0,0 +1 @@
|
|
|
1 |
+
<html><head><meta http-equiv="refresh" content="0;URL=http://en.wikipedia.org/wiki/Script_kiddie"></head></html>
|
install.php
ADDED
@@ -0,0 +1,606 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+---------------------------------------------------------------------+
|
4 |
+
| NinjaFirewall (WP Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+---------------------------------------------------------------------+
|
8 |
+
| This program is free software: you can redistribute it and/or |
|
9 |
+
| modify it under the terms of the GNU General Public License as |
|
10 |
+
| published by the Free Software Foundation, either version 3 of |
|
11 |
+
| the License, or (at your option) any later version. |
|
12 |
+
| |
|
13 |
+
| This program is distributed in the hope that it will be useful, |
|
14 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
+
| GNU General Public License for more details. |
|
17 |
+
+---------------------------------------------------------------------+ i18n+ / sa
|
18 |
+
*/
|
19 |
+
|
20 |
+
if (! defined( 'NFW_ENGINE_VERSION' ) ) { die( 'Forbidden' ); }
|
21 |
+
|
22 |
+
if ( ( is_multisite() ) && (! current_user_can( 'manage_network' ) ) ) {
|
23 |
+
return;
|
24 |
+
}
|
25 |
+
|
26 |
+
// Set this to 1 if you don't want to receive a welcome email:
|
27 |
+
if (! defined('DONOTEMAIL') ) {
|
28 |
+
define('DONOTEMAIL', 0);
|
29 |
+
}
|
30 |
+
|
31 |
+
@error_reporting(-1);
|
32 |
+
@ini_set('display_errors', '1');
|
33 |
+
|
34 |
+
|
35 |
+
if ( isset( $_POST["select_mode"] ) ) {
|
36 |
+
if ( $_POST["select_mode"] == "wpwaf" ) {
|
37 |
+
$_SESSION['waf_mode'] = "wpwaf";
|
38 |
+
} elseif ( $_POST["select_mode"] == "fullwaf" ) {
|
39 |
+
$_SESSION['waf_mode'] = "fullwaf";
|
40 |
+
}
|
41 |
+
}
|
42 |
+
require( __DIR__ . '/lib/install_wpwaf.php' );
|
43 |
+
require( __DIR__ . '/lib/install_fullwaf.php' );
|
44 |
+
|
45 |
+
|
46 |
+
if ( empty( $_REQUEST['nfw_act'] ) ) {
|
47 |
+
nfw_welcome();
|
48 |
+
return;
|
49 |
+
}
|
50 |
+
|
51 |
+
if ( $_REQUEST['nfw_act'] == 'create_log_dir' ) {
|
52 |
+
if ( empty($_POST['nfwnonce']) || ! wp_verify_nonce($_POST['nfwnonce'], 'create_log_dir') ) {
|
53 |
+
wp_nonce_ays('create_log_dir');
|
54 |
+
}
|
55 |
+
nfw_create_log_dir();
|
56 |
+
return;
|
57 |
+
}
|
58 |
+
|
59 |
+
/* ------------------------------------------------------------------ */
|
60 |
+
// WordPress WAF mode:
|
61 |
+
|
62 |
+
if ( $_REQUEST['nfw_act'] == 'save_changes_wpwaf' ) {
|
63 |
+
if ( empty($_POST['nfwnonce']) || ! wp_verify_nonce($_POST['nfwnonce'], 'save_changes_wpwaf') ) {
|
64 |
+
wp_nonce_ays('save_changes_wpwaf');
|
65 |
+
}
|
66 |
+
nfw_save_changes_wpwaf();
|
67 |
+
return;
|
68 |
+
}
|
69 |
+
|
70 |
+
/* ------------------------------------------------------------------ */
|
71 |
+
// Full WAF mode:
|
72 |
+
|
73 |
+
if ( $_REQUEST['nfw_act'] == 'presave' ) {
|
74 |
+
if ( empty($_POST['nfwnonce']) || ! wp_verify_nonce($_POST['nfwnonce'], 'presave') ) {
|
75 |
+
wp_nonce_ays('presave');
|
76 |
+
}
|
77 |
+
nfw_presave();
|
78 |
+
|
79 |
+
} elseif ( $_REQUEST['nfw_act'] == 'integration' ) {
|
80 |
+
if ( empty($_POST['nfwnonce']) || ! wp_verify_nonce($_POST['nfwnonce'], 'integration') ) {
|
81 |
+
wp_nonce_ays('integration');
|
82 |
+
}
|
83 |
+
nfw_integration();
|
84 |
+
|
85 |
+
} elseif ( $_REQUEST['nfw_act'] == 'postsave' ) {
|
86 |
+
if ( empty($_POST['nfwnonce']) || ! wp_verify_nonce($_POST['nfwnonce'], 'postsave') ) {
|
87 |
+
wp_nonce_ays('postsave');
|
88 |
+
}
|
89 |
+
nfw_postsave();
|
90 |
+
|
91 |
+
}
|
92 |
+
|
93 |
+
return;
|
94 |
+
|
95 |
+
/* ------------------------------------------------------------------ */
|
96 |
+
|
97 |
+
function nfw_welcome() {
|
98 |
+
|
99 |
+
if ( isset($_SESSION['abspath']) ) {
|
100 |
+
unset($_SESSION['abspath']);
|
101 |
+
}
|
102 |
+
if ( isset($_SESSION['http_server']) ) {
|
103 |
+
unset($_SESSION['http_server']);
|
104 |
+
}
|
105 |
+
if ( isset($_SESSION['php_ini_type']) ) {
|
106 |
+
unset($_SESSION['php_ini_type']);
|
107 |
+
}
|
108 |
+
if (isset($_SESSION['email_install']) ) {
|
109 |
+
unset($_SESSION['email_install']);
|
110 |
+
}
|
111 |
+
if (isset($_SESSION['default_conf']) ) {
|
112 |
+
unset($_SESSION['default_conf']);
|
113 |
+
}
|
114 |
+
if (isset($_SESSION['waf_mode']) ) {
|
115 |
+
unset($_SESSION['waf_mode']);
|
116 |
+
}
|
117 |
+
if (isset($_SESSION['wp_config']) ) {
|
118 |
+
unset($_SESSION['wp_config']);
|
119 |
+
}
|
120 |
+
|
121 |
+
$_SESSION['nfw_goodguy'] = true;
|
122 |
+
|
123 |
+
?>
|
124 |
+
<div class="wrap">
|
125 |
+
<div style="width:33px;height:33px;background-image:url(<?php echo plugins_url() ?>/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
126 |
+
<h1>NinjaFirewall (WP Edition)</h1>
|
127 |
+
<?php
|
128 |
+
if (file_exists( dirname(plugin_dir_path(__FILE__)) . '/nfwplus') ) {
|
129 |
+
echo '<br /><div class="error settings-error"><p>' . sprintf( __('Error: You have a copy of NinjaFirewall (%s) installed.<br />Please uninstall it completely before attempting to install NinjaFirewall (WP Edition).', 'ninjafirewall'), '<font color=#21759B>WP+</font> Edition' ) . '</p></div></div></div></div></div></div></body></html>';
|
130 |
+
exit;
|
131 |
+
}
|
132 |
+
?>
|
133 |
+
<p><?php _e('Thank you for using NinjaFirewall', 'ninjafirewall') ?> (WP Edition). <?php _e('This installer will help you to make the setup process as quick and easy as possible.', 'ninjafirewall') ?></p>
|
134 |
+
|
135 |
+
<p><?php _e('Although NinjaFirewall looks like a regular security plugin, it is not. It can be installed and configured from the WordPress admin console, but it is a stand-alone Web Application Firewall that sits in front of WordPress.', 'ninjafirewall') ?> <?php _e('It can run in two different modes: <b>Full WAF</b> or <b>WordPress WAF</b> modes.', 'ninjafirewall') ?></p>
|
136 |
+
|
137 |
+
<h3><?php _e('Full WAF mode', 'ninjafirewall') ?></h3>
|
138 |
+
|
139 |
+
<p><?php _e('In <b>Full WAF</b> mode, NinjaFirewall will hook, scan, reject or sanitise any HTTP and HTTPS request sent to a PHP script before it reaches WordPress, its plugins or even the database. All scripts located inside the blog installation directories and sub-directories will be protected, including those that aren\'t part of the WordPress package. Even encoded PHP scripts (e.g., ionCube), potential backdoors and shell scripts (e.g., c99, r57) will be filtered by NinjaFirewall.', 'ninjafirewall') ?>
|
140 |
+
<br />
|
141 |
+
<?php printf( __('That makes it a true firewall and gives you the highest possible level of protection: <a href="%s" title="%s">security without compromise</a>.', 'ninjafirewall'), 'https://blog.nintechnet.com/introduction-to-ninjafirewall-filtering-engine/', 'An introduction to NinjaFirewall filtering engine.') ?>
|
142 |
+
<br />
|
143 |
+
<?php printf( __('To run NinjaFirewall in <b>Full WAF</b> mode, your server must allow the use of the <code>auto_prepend_file</code> PHP directive. It is required to instruct the PHP interpreter to load the firewall before WordPress or any other script. Most of the time it works right out of the box, or may require <a href="%s" title="%s">some very little tweaks</a>. But in a few cases, mostly because of some shared hosting plans restrictions, it may simply not work at all.','ninjafirewall'), 'https://blog.nintechnet.com/troubleshoot-ninjafirewall-installation-problems/', 'Troubleshoot NinjaFirewall installation problems.') ?></p>
|
144 |
+
|
145 |
+
<h3><?php _e('WordPress WAF mode', 'ninjafirewall') ?></h3>
|
146 |
+
|
147 |
+
<p><?php _e('The <b>WordPress WAF</b> mode requires to load NinjaFirewall via the WordPress wp-config.php script. This process makes it easy to setup and the installation will always be successful, regardless of your hosting plan restrictions.', 'ninjafirewall') ?> <?php _e('NinjaFirewall will still load before WordPress, its plugins and the database and will run as fast as the <b>Full WAF</b> mode.', 'ninjafirewall') ?>
|
148 |
+
<br />
|
149 |
+
<?php _e('However, the downside of this mode is that NinjaFirewall will be able to hook and filter HTTP requests sent to WordPress only. A few features such as File Guard, the URL Access Control and Web Filter (WP+ Edition only) will be limited.', 'ninjafirewall') ?>
|
150 |
+
<br />
|
151 |
+
<?php _e('Despite being less powerful than the <b>Full WAF</b> mode, it still offers a level of protection and performance higher than any other security plugin.', 'ninjafirewall') ?></p>
|
152 |
+
|
153 |
+
|
154 |
+
<h3><?php _e('Installation', 'ninjafirewall') ?></h3>
|
155 |
+
|
156 |
+
<p><?php _e('We recommend to select the <b>Full WAF</b> mode option first. If it fails, this installer will let you switch to the <b>WordPress WAF</b> mode easily.', 'ninjafirewall' ) ?></p>
|
157 |
+
|
158 |
+
<form method="post">
|
159 |
+
|
160 |
+
<p><label><input type="radio" name="select_mode" value="fullwaf" checked="checked" /><strong><?php _e('Full WAF mode (recommended)', 'ninjafirewall') ?></strong></label></p>
|
161 |
+
|
162 |
+
<p><label><input type="radio" name="select_mode" value="wpwaf" /><strong><?php _e('WordPress WAF mode', 'ninjafirewall') ?></strong></label></p>
|
163 |
+
|
164 |
+
<p><input class="button-primary" type="submit" name="nextstep" value="<?php _e('Next Step', 'ninjafirewall') ?> »" /></p>
|
165 |
+
|
166 |
+
<input type="hidden" name="nfw_act" value="create_log_dir" />
|
167 |
+
<?php wp_nonce_field('create_log_dir', 'nfwnonce', 0); ?>
|
168 |
+
|
169 |
+
</form>
|
170 |
+
</div>
|
171 |
+
<?php
|
172 |
+
|
173 |
+
}
|
174 |
+
|
175 |
+
/* ------------------------------------------------------------------ */
|
176 |
+
|
177 |
+
function nfw_create_log_dir() {
|
178 |
+
|
179 |
+
if (! is_writable(NFW_LOG_DIR) ) {
|
180 |
+
$err = sprintf( __('NinjaFirewall cannot create its <code>nfwlog/</code>log and cache folder; please make sure that the <code>%s</code> directory is writable', 'ninjafirewall'), htmlspecialchars(NFW_LOG_DIR) );
|
181 |
+
} else {
|
182 |
+
if (! file_exists(NFW_LOG_DIR . '/nfwlog') ) {
|
183 |
+
mkdir( NFW_LOG_DIR . '/nfwlog', 0755);
|
184 |
+
}
|
185 |
+
if (! file_exists(NFW_LOG_DIR . '/nfwlog/cache') ) {
|
186 |
+
mkdir( NFW_LOG_DIR . '/nfwlog/cache', 0755);
|
187 |
+
}
|
188 |
+
|
189 |
+
$deny_rules = "<Files \"*\">
|
190 |
+
<IfModule mod_version.c>
|
191 |
+
<IfVersion < 2.4>
|
192 |
+
Order Deny,Allow
|
193 |
+
Deny from All
|
194 |
+
</IfVersion>
|
195 |
+
<IfVersion >= 2.4>
|
196 |
+
Require all denied
|
197 |
+
</IfVersion>
|
198 |
+
</IfModule>
|
199 |
+
<IfModule !mod_version.c>
|
200 |
+
<IfModule !mod_authz_core.c>
|
201 |
+
Order Deny,Allow
|
202 |
+
Deny from All
|
203 |
+
</IfModule>
|
204 |
+
<IfModule mod_authz_core.c>
|
205 |
+
Require all denied
|
206 |
+
</IfModule>
|
207 |
+
</IfModule>
|
208 |
+
</Files>";
|
209 |
+
|
210 |
+
touch( NFW_LOG_DIR . '/nfwlog/index.html' );
|
211 |
+
touch( NFW_LOG_DIR . '/nfwlog/cache/index.html' );
|
212 |
+
@file_put_contents(NFW_LOG_DIR . '/nfwlog/.htaccess', $deny_rules, LOCK_EX);
|
213 |
+
@file_put_contents(NFW_LOG_DIR . '/nfwlog/cache/.htaccess', $deny_rules, LOCK_EX);
|
214 |
+
@file_put_contents(NFW_LOG_DIR . '/nfwlog/readme.txt', __("This is NinjaFirewall's logs, loader and cache directory. DO NOT alter or remove it as long as NinjaFirewall is running!", 'ninjafirewall'), LOCK_EX);
|
215 |
+
|
216 |
+
// Return if we are going to run in "WordPress WAF" mode:
|
217 |
+
if ( $_SESSION['waf_mode'] == "wpwaf" ) {
|
218 |
+
nfw_integration_wpwaf();
|
219 |
+
return;
|
220 |
+
}
|
221 |
+
|
222 |
+
$loader = "<?php
|
223 |
+
// ===============================================================//
|
224 |
+
// NinjaFirewall's loader. //
|
225 |
+
// DO NOT alter or remove it as long as NinjaFirewall is running! //
|
226 |
+
// ===============================================================//
|
227 |
+
if ( file_exists('" . plugin_dir_path(__FILE__) . 'lib/firewall.php' . "') ) {
|
228 |
+
@include('" . plugin_dir_path(__FILE__) . 'lib/firewall.php' . "');
|
229 |
+
}
|
230 |
+
// EOF
|
231 |
+
";
|
232 |
+
file_put_contents(NFW_LOG_DIR . '/nfwlog/ninjafirewall.php', $loader, LOCK_EX);
|
233 |
+
}
|
234 |
+
if ( empty($err) ) {
|
235 |
+
nfw_get_abspath();
|
236 |
+
return;
|
237 |
+
}
|
238 |
+
echo '
|
239 |
+
<div class="wrap">
|
240 |
+
<div style="width:33px;height:33px;background-image:url(' . plugins_url() . '/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
241 |
+
<h1>' . __('NinjaFirewall (WP Edition)', 'ninjafirewall') . '</h1>
|
242 |
+
<br />
|
243 |
+
<div class="error settings-error"><p>' . $err . '</p></div>
|
244 |
+
|
245 |
+
<br />
|
246 |
+
<br />
|
247 |
+
<form method="post">
|
248 |
+
<p><input class="button-primary" type="submit" name="Save" value="' . __('Try again', 'ninjafirewall') . ' »" /></p>
|
249 |
+
<input type="hidden" name="nfw_act" value="create_log_dir" />' . wp_nonce_field('create_log_dir', 'nfwnonce', 0) . '
|
250 |
+
</form>
|
251 |
+
</div>';
|
252 |
+
|
253 |
+
}
|
254 |
+
|
255 |
+
/* ------------------------------------------------------------------ */
|
256 |
+
|
257 |
+
function welcome_email() {
|
258 |
+
|
259 |
+
if ( empty($_SESSION['email_install']) ) {
|
260 |
+
if ( $recipient = get_option('admin_email') ) {
|
261 |
+
$subject = '[NinjaFirewall] ' . __('Quick Start, FAQ & Troubleshooting Guide', 'ninjafirewall');
|
262 |
+
$message = __('Hi,', 'ninjafirewall') . "\n\n";
|
263 |
+
|
264 |
+
$message.= __('This is NinjaFirewall\'s installer. Below are some helpful info and links you may consider reading before using NinjaFirewall.', 'ninjafirewall') . "\n\n";
|
265 |
+
|
266 |
+
$message.= '1) ' . __('Troubleshooting:', 'ninjafirewall') . "\n";
|
267 |
+
$message.= 'https://nintechnet.com/ninjafirewall/wp-edition/help/?troubleshooting ' . "\n\n";
|
268 |
+
|
269 |
+
$message.= __('-Locked out of your site / Fatal error / WordPress crash?', 'ninjafirewall') . "\n";
|
270 |
+
$message.= __('-Failed installation ("Error: The firewall is not loaded")?', 'ninjafirewall') . "\n";
|
271 |
+
$message.= __('-Blank page after INSTALLING NinjaFirewall?', 'ninjafirewall') . "\n";
|
272 |
+
$message.= __('-Blank page after UNINSTALLING NinjaFirewall?', 'ninjafirewall') . "\n";
|
273 |
+
$message.= __('-500 Internal Server Error?', 'ninjafirewall') . "\n";
|
274 |
+
$message.= __('-"Cannot connect to WordPress database" error message?', 'ninjafirewall') . "\n";
|
275 |
+
$message.= __('-How to disable NinjaFirewall?', 'ninjafirewall') . "\n";
|
276 |
+
$message.= __('-Lost password (brute-force protection)?', 'ninjafirewall') . "\n";
|
277 |
+
$message.= __('-Blocked visitors (see below)?', 'ninjafirewall') . "\n";
|
278 |
+
$message.= __('-Exporting NinjaFirewall\'s configuration', 'ninjafirewall') . "\n\n";
|
279 |
+
|
280 |
+
$message.= '2) ' . __('-NinjaFirewall (WP Edition) troubleshooter script', 'ninjafirewall') . "\n";
|
281 |
+
$message.= 'https://nintechnet.com/share/wp-check.txt ' . "\n\n";
|
282 |
+
$message.= __('-Rename this file to "wp-check.php".', 'ninjafirewall') . "\n";
|
283 |
+
$message.= __('-Upload it into your WordPress root folder.', 'ninjafirewall') . "\n";
|
284 |
+
$message.= __('-Goto http://YOUR WEBSITE/wp-check.php.', 'ninjafirewall') . "\n";
|
285 |
+
$message.= __('-Delete it afterwards.', 'ninjafirewall') . "\n\n";
|
286 |
+
|
287 |
+
$message.= '3) '. __('FAQ:', 'ninjafirewall') . "\n";
|
288 |
+
$message.= 'https://nintechnet.com/ninjafirewall/wp-edition/help/?faq ' . "\n\n";
|
289 |
+
|
290 |
+
$message.= __('-Why is NinjaFirewall different from other security plugins for WordPress?', 'ninjafirewall') . "\n";
|
291 |
+
$message.= __('-Do I need root privileges to install NinjaFirewall?', 'ninjafirewall') . "\n";
|
292 |
+
$message.= __('-Does it work with Nginx?', 'ninjafirewall') . "\n";
|
293 |
+
$message.= __('-Do I need to alter my PHP scripts?', 'ninjafirewall') . "\n";
|
294 |
+
$message.= __('-Will NinjaFirewall detect the correct IP of my visitors if I am behind a CDN service like Cloudflare or Incapsula?', 'ninjafirewall') . "\n";
|
295 |
+
$message.= __('-I moved my wp-config.php file to another directory. Will it work with NinjaFirewall?', 'ninjafirewall') . "\n";
|
296 |
+
$message.= __('-Will it slow down my site?', 'ninjafirewall') . "\n";
|
297 |
+
$message.= __('-Is there a Microsoft Windows version?', 'ninjafirewall') . "\n";
|
298 |
+
$message.= __('-Can I add/write my own security rules?', 'ninjafirewall') . "\n";
|
299 |
+
$message.= __('-Can I migrate my site(s) with NinjaFirewall installed?', 'ninjafirewall') . "\n\n";
|
300 |
+
|
301 |
+
$message.= '4) '. __('Must Read:', 'ninjafirewall') . "\n\n";
|
302 |
+
|
303 |
+
$message.= __('-An introduction to NinjaFirewall filtering engine:', 'ninjafirewall') . "\n";
|
304 |
+
$message.= 'https://blog.nintechnet.com/introduction-to-ninjafirewall-filtering-engine/ ' . "\n\n";
|
305 |
+
|
306 |
+
$message.= __('-Testing NinjaFirewall without blocking your visitors:', 'ninjafirewall') . "\n";
|
307 |
+
$message.= 'https://blog.nintechnet.com/testing-ninjafirewall-without-blocking-your-visitors/ ' . "\n\n";
|
308 |
+
|
309 |
+
$message.= __('-Add your own code to the firewall: the ".htninja" file:', 'ninjafirewall') . "\n";
|
310 |
+
$message.= 'https://nintechnet.com/ninjafirewall/wp-edition/help/?htninja ' . "\n\n";
|
311 |
+
|
312 |
+
$message.= __('-Restricting access to NinjaFirewall settings:', 'ninjafirewall') . "\n";
|
313 |
+
$message.= 'https://blog.nintechnet.com/restricting-access-to-ninjafirewall-wp-edition-settings/ ' . "\n\n";
|
314 |
+
|
315 |
+
$message.= __('-Upgrading to PHP 7 with NinjaFirewall installed:', 'ninjafirewall') . "\n";
|
316 |
+
$message.= 'https://blog.nintechnet.com/upgrading-to-php-7-with-ninjafirewall-installed/ ' . "\n\n";
|
317 |
+
|
318 |
+
$message.= __('-Keep your blog protected against the latest vulnerabilities:', 'ninjafirewall') . "\n";
|
319 |
+
$message.= 'https://blog.nintechnet.com/ninjafirewall-wpwp-introduces-automatic-updates-for-security-rules ' . "\n\n";
|
320 |
+
|
321 |
+
$message.= __('-NinjaFirewall Referral Program:', 'ninjafirewall') . "\n";
|
322 |
+
$message.= 'https://nintechnet.com/referral/ ' . "\n\n";
|
323 |
+
|
324 |
+
$message.= '5) '. __('Help & Support Links:', 'ninjafirewall') . "\n\n";
|
325 |
+
|
326 |
+
$message.= __('-Each page of NinjaFirewall includes a contextual help: click on the "Help" menu tab located in the upper right corner of the corresponding page.', 'ninjafirewall') . "\n";
|
327 |
+
$message.= __('-Online documentation is also available here:', 'ninjafirewall'). ' https://nintechnet.com/ninjafirewall/wp-edition/doc/ ' . "\n";
|
328 |
+
$message.= __('-The WordPress support forum:', 'ninjafirewall') .' http://wordpress.org/support/plugin/ninjafirewall ' . "\n";
|
329 |
+
$message.= __('-Updates info are available via Twitter:', 'ninjafirewall') .' https://twitter.com/nintechnet ' . "\n\n";
|
330 |
+
|
331 |
+
$message.= 'NinjaFirewall (WP Edition) - https://nintechnet.com/ ' . "\n\n";
|
332 |
+
|
333 |
+
if (! DONOTEMAIL ) {
|
334 |
+
wp_mail( $recipient, $subject, $message );
|
335 |
+
$_SESSION['email_install'] = $recipient;
|
336 |
+
}
|
337 |
+
}
|
338 |
+
}
|
339 |
+
}
|
340 |
+
|
341 |
+
/* ------------------------------------------------------------------ */
|
342 |
+
|
343 |
+
function nfw_firewalltest() {
|
344 |
+
?>
|
345 |
+
<div class="wrap">
|
346 |
+
<div style="width:33px;height:33px;background-image:url(<?php echo plugins_url() ?>/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
347 |
+
<h1>NinjaFirewall (WP Edition)</h1>
|
348 |
+
|
349 |
+
<?php
|
350 |
+
if (! defined('NFW_STATUS') || NFW_STATUS != 20 ) {
|
351 |
+
|
352 |
+
echo '<div class="error settings-error"><p>'. __('Error: The firewall is not loaded.', 'ninjafirewall'). '</p></div>
|
353 |
+
<h3>'. __('Suggestions:', 'ninjafirewall'). '</h3>
|
354 |
+
<ul>';
|
355 |
+
if ($_SESSION['http_server'] == 1) {
|
356 |
+
|
357 |
+
echo '<li>∙ '. __('You selected <code>Apache + PHP module</code> as your HTTP server and PHP SAPI. Maybe your HTTP server is <code>Apache + CGI/FastCGI</code>?', 'ninjafirewall'). '
|
358 |
+
<br />
|
359 |
+
'. __('You can click the "Go Back" button and try to select another HTTP server type.', 'ninjafirewall'). '</li><br /><br />';
|
360 |
+
|
361 |
+
|
362 |
+
} elseif( $_SESSION['http_server'] == 4 ) {
|
363 |
+
echo '<li>∙ '. __('You have selected LiteSpeed as your HTTP server. Did you enable the "AllowOverride" directive from its admin panel? Make sure it is enabled, restart LiteSpeed and then, click the "Test Again" button below.', 'ninjafirewall'). '</li>
|
364 |
+
<form method="POST">
|
365 |
+
<input type="submit" class="button-secondary" value="'. __('Test Again', 'ninjafirewall'). '" />
|
366 |
+
<input type="hidden" name="nfw_act" value="postsave" />
|
367 |
+
<input type="hidden" name="makechange" value="usr" />
|
368 |
+
<input type="hidden" name="nfw_firstrun" value="1" />'. wp_nonce_field('postsave', 'nfwnonce', 0) .'
|
369 |
+
</form><br />';
|
370 |
+
|
371 |
+
} else {
|
372 |
+
|
373 |
+
if ($_SESSION['php_ini_type'] == 2) {
|
374 |
+
echo '<li>∙ '. __('You have selected <code>.user.ini</code> as your PHP initialization file. Unlike <code>php.ini</code>, <code>.user.ini</code> files are not reloaded immediately by PHP, but every five minutes. If this is your own server, restart Apache (or PHP-FPM if applicable) to force PHP to reload it, otherwise please <strong>wait up to five minutes</strong> and then, click the "Test Again" button below.', 'ninjafirewall'). '</li>
|
375 |
+
<form method="POST">
|
376 |
+
<input type="submit" class="button-secondary" value="'. __('Test Again', 'ninjafirewall'). '" />
|
377 |
+
<input type="hidden" name="nfw_act" value="postsave" />
|
378 |
+
<input type="hidden" name="makechange" value="usr" />
|
379 |
+
<input type="hidden" name="nfw_firstrun" value="1" />'. wp_nonce_field('postsave', 'nfwnonce', 0) .'
|
380 |
+
</form><br /><br />';
|
381 |
+
}
|
382 |
+
if ($_SESSION['http_server'] == 2) {
|
383 |
+
if ( preg_match('/apache/i', PHP_SAPI) ) {
|
384 |
+
|
385 |
+
echo '<li>∙ '. __('You selected <code>Apache + CGI/FastCGI</code> as your HTTP server and PHP SAPI. Maybe your HTTP server is <code>Apache + PHP module</code>?', 'ninjafirewall'). '
|
386 |
+
<br />
|
387 |
+
'. __('You can click the "Go Back" button and try to select another HTTP server type.', 'ninjafirewall'). '</li><br />';
|
388 |
+
}
|
389 |
+
}
|
390 |
+
echo '<li>∙ '. __('Maybe you did not select the correct PHP INI ?', 'ninjafirewall'). '
|
391 |
+
<br />
|
392 |
+
'. __('You can click the "Go Back" button and try to select another one.', 'ninjafirewall'). '</li>';
|
393 |
+
}
|
394 |
+
|
395 |
+
echo '<form method="POST">
|
396 |
+
<p><input type="submit" class="button-secondary" value="« '. __('Go Back', 'ninjafirewall'). '" /></p>
|
397 |
+
<input type="hidden" name="abspath" value="' . $_SESSION['abspath'] . '" />
|
398 |
+
<input type="hidden" name="nfw_act" value="presave" />
|
399 |
+
<input type="hidden" name="nfw_firstrun" value="1" />'. wp_nonce_field('presave', 'nfwnonce', 0) .'
|
400 |
+
</form>
|
401 |
+
<br />
|
402 |
+
<li>∙ '. sprintf( __('If none of the above suggestions work, you can still install NinjaFirewall in %s mode by clicking the button below. Setup is easy and will always work.', 'ninjafirewall'), '<a href="https://blog.nintechnet.com/full_waf-vs-wordpress_waf/">WordPress WAF</a>' ) . '</li>
|
403 |
+
<form method="post">
|
404 |
+
<input type="hidden" name="select_mode" value="wpwaf" />
|
405 |
+
<input type="hidden" name="nfw_act" value="create_log_dir" />
|
406 |
+
' . wp_nonce_field('create_log_dir', 'nfwnonce', 0) . '
|
407 |
+
<p><input class="button-secondary" type="submit" name="nextstep" value="' . __('Switch to the WordPress WAF mode installer »', 'ninjafirewall') . '" /></p>
|
408 |
+
</form>
|
409 |
+
</ul>
|
410 |
+
<br />
|
411 |
+
<h3>'. __('Need help? Check our blog:', 'ninjafirewall'). ' <a href="https://blog.nintechnet.com/troubleshoot-ninjafirewall-installation-problems/" target="_blank">Troubleshoot NinjaFirewall installation problems</a>.</h3>
|
412 |
+
</div>';
|
413 |
+
}
|
414 |
+
}
|
415 |
+
|
416 |
+
/* ------------------------------------------------------------------ */
|
417 |
+
|
418 |
+
function nfw_ini_data() {
|
419 |
+
|
420 |
+
if (! defined('HTACCESS_BEGIN') ) {
|
421 |
+
define( 'HTACCESS_BEGIN', '# BEGIN NinjaFirewall' );
|
422 |
+
define( 'HTACCESS_DATA', '<IfModule mod_php' . PHP_MAJOR_VERSION . '.c>' . "\n" .
|
423 |
+
' php_value auto_prepend_file ' . NFW_LOG_DIR . '/nfwlog/ninjafirewall.php' . "\n" .
|
424 |
+
'</IfModule>');
|
425 |
+
define( 'LITESPEED_DATA', 'php_value auto_prepend_file ' . NFW_LOG_DIR . '/nfwlog/ninjafirewall.php');
|
426 |
+
define( 'SUPHP_DATA', '<IfModule mod_suphp.c>' . "\n" .
|
427 |
+
' suPHP_ConfigPath ' . rtrim($_SESSION['abspath'], '/') . "\n" .
|
428 |
+
'</IfModule>');
|
429 |
+
define( 'HTACCESS_END', '# END NinjaFirewall' );
|
430 |
+
define( 'PHPINI_BEGIN', '; BEGIN NinjaFirewall' );
|
431 |
+
define( 'PHPINI_DATA', 'auto_prepend_file = ' . NFW_LOG_DIR . '/nfwlog/ninjafirewall.php' );
|
432 |
+
define( 'PHPINI_END', '; END NinjaFirewall' );
|
433 |
+
}
|
434 |
+
}
|
435 |
+
|
436 |
+
/* ------------------------------------------------------------------ */
|
437 |
+
|
438 |
+
function nfw_wpconfig_data() {
|
439 |
+
|
440 |
+
if (! defined('WP_CONFIG_BEGIN') ) {
|
441 |
+
define( 'WP_CONFIG_BEGIN', '// BEGIN NinjaFirewall' );
|
442 |
+
define( 'WP_CONFIG_DATA',
|
443 |
+
'if ( file_exists("' . plugin_dir_path( __FILE__ ) . 'lib/firewall.php' . '") && ! defined("NFW_STATUS") ) {' . "\n" .
|
444 |
+
' @include_once("' . plugin_dir_path( __FILE__ ) . 'lib/firewall.php' . '");' . "\n" .
|
445 |
+
' define("NFW_WPWAF", 1);' . "\n" .
|
446 |
+
'}' );
|
447 |
+
define( 'WP_CONFIG_END', '// END NinjaFirewall' );
|
448 |
+
}
|
449 |
+
|
450 |
+
}
|
451 |
+
|
452 |
+
/* ------------------------------------------------------------------ */
|
453 |
+
|
454 |
+
function nfw_default_conf() {
|
455 |
+
|
456 |
+
$nfw_rules = array();
|
457 |
+
|
458 |
+
$nfw_options = array(
|
459 |
+
'logo' => plugins_url() . '/ninjafirewall/images/ninjafirewall_75.png',
|
460 |
+
'enabled' => 1,
|
461 |
+
'ret_code' => 403,
|
462 |
+
'blocked_msg' => base64_encode(NFW_DEFAULT_MSG),
|
463 |
+
'debug' => 0,
|
464 |
+
'scan_protocol' => 3,
|
465 |
+
'uploads' => 0,
|
466 |
+
'sanitise_fn' => 0,
|
467 |
+
'get_scan' => 1,
|
468 |
+
'get_sanitise' => 0,
|
469 |
+
'post_scan' => 1,
|
470 |
+
'post_sanitise' => 0,
|
471 |
+
'cookies_scan' => 1,
|
472 |
+
'cookies_sanitise'=> 0,
|
473 |
+
'ua_scan' => 1,
|
474 |
+
'ua_sanitise' => 1,
|
475 |
+
'referer_scan' => 0,
|
476 |
+
'referer_sanitise'=> 1,
|
477 |
+
'referer_post' => 0,
|
478 |
+
'no_host_ip' => 0,
|
479 |
+
'allow_local_ip' => 0,
|
480 |
+
'php_errors' => 1,
|
481 |
+
'php_self' => 1,
|
482 |
+
'php_path_t' => 1,
|
483 |
+
'php_path_i' => 1,
|
484 |
+
'wp_dir' => '/wp-admin/(?:css|images|includes|js)/|' .
|
485 |
+
'/wp-includes/(?:(?:css|images|js(?!/tinymce/wp-tinymce\.php)|theme-compat)/|[^/]+\.php)|' .
|
486 |
+
'/'. basename(WP_CONTENT_DIR) .'/(?:uploads|blogs\.dir)/',
|
487 |
+
'no_post_themes' => 0,
|
488 |
+
'force_ssl' => 0,
|
489 |
+
'disallow_edit' => 0,
|
490 |
+
'disallow_mods' => 0,
|
491 |
+
'wl_admin' => 1,
|
492 |
+
// v1.0.4
|
493 |
+
'a_0' => 1,
|
494 |
+
'a_11' => 1,
|
495 |
+
'a_12' => 1,
|
496 |
+
'a_13' => 0,
|
497 |
+
'a_14' => 0,
|
498 |
+
'a_15' => 1,
|
499 |
+
'a_16' => 0,
|
500 |
+
'a_21' => 1,
|
501 |
+
'a_22' => 1,
|
502 |
+
'a_23' => 0,
|
503 |
+
'a_24' => 0,
|
504 |
+
'a_31' => 1,
|
505 |
+
// v1.3.3 :
|
506 |
+
'a_41' => 1,
|
507 |
+
// v1.3.4 :
|
508 |
+
'a_51' => 1,
|
509 |
+
'sched_scan' => 0,
|
510 |
+
'report_scan' => 0,
|
511 |
+
// v1.7 (daily report cronjob) :
|
512 |
+
'a_52' => 1,
|
513 |
+
// v3.4:
|
514 |
+
'a_53' => 1,
|
515 |
+
|
516 |
+
'alert_email' => get_option('admin_email'),
|
517 |
+
// v1.1.0 :
|
518 |
+
'alert_sa_only' => 1,
|
519 |
+
'nt_show_status' => 1,
|
520 |
+
'post_b64' => 1,
|
521 |
+
// v1.1.2 :
|
522 |
+
'no_xmlrpc' => 0,
|
523 |
+
// v1.7 :
|
524 |
+
'no_xmlrpc_multi' => 0,
|
525 |
+
// v3.3.2
|
526 |
+
'no_xmlrpc_pingback'=> 0,
|
527 |
+
|
528 |
+
// v1.1.3 :
|
529 |
+
'enum_archives' => 0,
|
530 |
+
'enum_login' => 0,
|
531 |
+
// v1.1.6 :
|
532 |
+
'request_sanitise'=> 0,
|
533 |
+
// v1.2.1 :
|
534 |
+
'fg_enable' => 0,
|
535 |
+
'fg_mtime' => 10,
|
536 |
+
'fg_exclude' => '',
|
537 |
+
// v3.2 :
|
538 |
+
'malware_dir' => htmlspecialchars( rtrim( ABSPATH, '/\\ ' ) ),
|
539 |
+
'malware_symlink' => 1,
|
540 |
+
'malware_timestamp' => 7,
|
541 |
+
'malware_size' => 2048,
|
542 |
+
// Updates :
|
543 |
+
'enable_updates' => 1,
|
544 |
+
'sched_updates' => 1,
|
545 |
+
'notify_updates' => 1,
|
546 |
+
// Centralized Logging:
|
547 |
+
'clogs_enable' => 0,
|
548 |
+
'clogs_pubkey' => '',
|
549 |
+
);
|
550 |
+
// v1.3.1 :
|
551 |
+
// Some compatibility checks:
|
552 |
+
// 1. header_register_callback(): requires PHP >=5.4
|
553 |
+
// 2. headers_list() and header_remove(): some hosts may disable them.
|
554 |
+
if ( function_exists('header_register_callback') && function_exists('headers_list') && function_exists('header_remove') ) {
|
555 |
+
$nfw_options['response_headers'] = '00010000';
|
556 |
+
}
|
557 |
+
|
558 |
+
define('NFUPDATESDO', 2);
|
559 |
+
@nf_sub_updates();
|
560 |
+
|
561 |
+
if (! $nfw_rules = @unserialize(NFW_RULES) ) {
|
562 |
+
$err_msg = '<p><strong>'. __('Error: The installer cannot download the security rules from wordpress.org website.', 'ninjafirewall') . '</strong></p>';
|
563 |
+
$err_msg.= '<ol><li>'. __('The server may be temporarily down or you may have network connectivity problems? Please try again in a few minutes.', 'ninjafirewall') . '</li>';
|
564 |
+
$err_msg.= '<li>'. __('NinjaFirewall downloads its rules over an HTTPS secure connection. Maybe your server does not support SSL? You can force NinjaFirewall to use a non-secure HTTP connection by adding the following directive to your <strong>wp-config.php</strong> file:', 'ninjafirewall') . '<p><code>define("NFW_DONT_USE_SSL", 1);</code></p></li></ol>';
|
565 |
+
exit("<br /><div class='error notice is-dismissible'>{$err_msg}</div></div></div></div></div></body></html>");
|
566 |
+
}
|
567 |
+
|
568 |
+
$nfw_options['engine_version'] = NFW_ENGINE_VERSION;
|
569 |
+
$nfw_options['rules_version'] = NFW_NEWRULES_VERSION; // downloaded rules
|
570 |
+
|
571 |
+
if ( strlen( $_SERVER['DOCUMENT_ROOT'] ) > 5 ) {
|
572 |
+
$nfw_rules[NFW_DOC_ROOT]['cha'][1]['wha'] = str_replace( '/', '/[./]*', $_SERVER['DOCUMENT_ROOT'] );
|
573 |
+
} elseif ( strlen( getenv( 'DOCUMENT_ROOT' ) ) > 5 ) {
|
574 |
+
$nfw_rules[NFW_DOC_ROOT]['cha'][1]['wha'] = str_replace( '/', '/[./]*', getenv( 'DOCUMENT_ROOT' ) );
|
575 |
+
} else {
|
576 |
+
$nfw_rules[NFW_DOC_ROOT]['ena'] = 0;
|
577 |
+
}
|
578 |
+
|
579 |
+
// Enable PHP object injection rules (since v3.5.3):
|
580 |
+
$nfw_rules[NFW_OBJECTS]['ena'] = 1;
|
581 |
+
|
582 |
+
nfw_update_option( 'nfw_options', $nfw_options);
|
583 |
+
nfw_update_option( 'nfw_rules', $nfw_rules);
|
584 |
+
|
585 |
+
if ( wp_next_scheduled( 'nfwgccron' ) ) {
|
586 |
+
wp_clear_scheduled_hook( 'nfwgccron' );
|
587 |
+
}
|
588 |
+
if ( wp_next_scheduled('nfscanevent') ) {
|
589 |
+
wp_clear_scheduled_hook('nfscanevent');
|
590 |
+
}
|
591 |
+
if ( wp_next_scheduled('nfsecupdates') ) {
|
592 |
+
wp_clear_scheduled_hook('nfsecupdates');
|
593 |
+
}
|
594 |
+
if ( wp_next_scheduled('nfdailyreport') ) {
|
595 |
+
wp_clear_scheduled_hook('nfdailyreport');
|
596 |
+
}
|
597 |
+
nfw_get_blogtimezone();
|
598 |
+
wp_schedule_event( strtotime( date('Y-m-d 00:00:05', strtotime("+1 day")) ), 'daily', 'nfdailyreport');
|
599 |
+
wp_schedule_event( time() + 3600, 'hourly', 'nfsecupdates');
|
600 |
+
wp_schedule_event( time() + 1800, 'hourly', 'nfwgccron' );
|
601 |
+
|
602 |
+
$_SESSION['default_conf'] = 1;
|
603 |
+
}
|
604 |
+
|
605 |
+
/* ------------------------------------------------------------------ */
|
606 |
+
// EOF //
|
languages/.htaccess
ADDED
@@ -0,0 +1,20 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<Files "*">
|
2 |
+
<IfModule mod_version.c>
|
3 |
+
<IfVersion < 2.4>
|
4 |
+
Order Deny,Allow
|
5 |
+
Deny from All
|
6 |
+
</IfVersion>
|
7 |
+
<IfVersion >= 2.4>
|
8 |
+
Require all denied
|
9 |
+
</IfVersion>
|
10 |
+
</IfModule>
|
11 |
+
<IfModule !mod_version.c>
|
12 |
+
<IfModule !mod_authz_core.c>
|
13 |
+
Order Deny,Allow
|
14 |
+
Deny from All
|
15 |
+
</IfModule>
|
16 |
+
<IfModule mod_authz_core.c>
|
17 |
+
Require all denied
|
18 |
+
</IfModule>
|
19 |
+
</IfModule>
|
20 |
+
</Files>
|
languages/README.TXT
ADDED
@@ -0,0 +1,3 @@
|
|
|
|
|
|
|
1 |
+
The firewall's rules cannot be translated because
|
2 |
+
they are executed before WordPress is loaded.
|
3 |
+
The same applies to File Guard email alerts.
|
languages/index.html
ADDED
@@ -0,0 +1 @@
|
|
|
1 |
+
<html><head><meta http-equiv="refresh" content="0;URL=../../../../"></head></html>
|
languages/ninjafirewall-fr_FR.mo
ADDED
Binary file
|
languages/ninjafirewall-fr_FR.po
ADDED
@@ -0,0 +1,5695 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
# Copyright (C) 2015 NinjaFirewall (WP edition)
|
2 |
+
# This file is distributed under the same license as the NinjaFirewall (WP edition) package.
|
3 |
+
msgid ""
|
4 |
+
msgstr ""
|
5 |
+
"Project-Id-Version: Stable (latest release)\n"
|
6 |
+
"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/ninjafirewall\n"
|
7 |
+
"POT-Creation-Date: 2017-12-08 15:16+0700\n"
|
8 |
+
"PO-Revision-Date: 2017-12-08 15:16+0700\n"
|
9 |
+
"Last-Translator: NinTechNet <contact@nintechnet.com>\n"
|
10 |
+
"Language-Team: NinTechNet <nintechnet.com>\n"
|
11 |
+
"Language: fr_FR\n"
|
12 |
+
"MIME-Version: 1.0\n"
|
13 |
+
"Content-Type: text/plain; charset=UTF-8\n"
|
14 |
+
"Content-Transfer-Encoding: 8bit\n"
|
15 |
+
"X-Generator: Poedit 1.6.10\n"
|
16 |
+
"X-Poedit-SourceCharset: UTF-8\n"
|
17 |
+
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
|
18 |
+
|
19 |
+
#: install.php:129
|
20 |
+
#, php-format
|
21 |
+
msgid ""
|
22 |
+
"Error: You have a copy of NinjaFirewall (%s) installed.<br />Please "
|
23 |
+
"uninstall it completely before attempting to install NinjaFirewall (WP "
|
24 |
+
"Edition)."
|
25 |
+
msgstr ""
|
26 |
+
"Erreur : Vous avez déjà une copie de NinjaFirewall (%s) installée<br /"
|
27 |
+
">Veuillez la désinstaller complètement avant d'installer NinjaFirewall (WP "
|
28 |
+
"Edition)."
|
29 |
+
|
30 |
+
#: install.php:133
|
31 |
+
msgid "Thank you for using NinjaFirewall"
|
32 |
+
msgstr "Merci d'utiliser NinjaFirewall"
|
33 |
+
|
34 |
+
#: install.php:133
|
35 |
+
msgid ""
|
36 |
+
"This installer will help you to make the setup process as quick and easy as "
|
37 |
+
"possible."
|
38 |
+
msgstr ""
|
39 |
+
"Cet installateur va vous aider afin de rendre le processus d'installation "
|
40 |
+
"aussi rapide et facile que possible."
|
41 |
+
|
42 |
+
#: install.php:135
|
43 |
+
msgid ""
|
44 |
+
"Although NinjaFirewall looks like a regular security plugin, it is not. It "
|
45 |
+
"can be installed and configured from the WordPress admin console, but it is "
|
46 |
+
"a stand-alone Web Application Firewall that sits in front of WordPress."
|
47 |
+
msgstr ""
|
48 |
+
"Bien que NinjaFirewall ressemble à toute autre extension pour WordPress, il "
|
49 |
+
"est très différent. Il peut certes être installé et configuré à partir de "
|
50 |
+
"votre Tableau de Bord, mais c'est un pare-feu applicatif autonome qui agit "
|
51 |
+
"en amont de WordPress."
|
52 |
+
|
53 |
+
#: install.php:135
|
54 |
+
msgid ""
|
55 |
+
"It can run in two different modes: <b>Full WAF</b> or <b>WordPress WAF</b> "
|
56 |
+
"modes."
|
57 |
+
msgstr ""
|
58 |
+
"Il peut fonctionner en deux modes différents : <b>Full WAF</b> ou "
|
59 |
+
"<b>WordPress WAF</b>."
|
60 |
+
|
61 |
+
#: install.php:137
|
62 |
+
msgid "Full WAF mode"
|
63 |
+
msgstr "Mode Full WAF"
|
64 |
+
|
65 |
+
#: install.php:139
|
66 |
+
msgid ""
|
67 |
+
"In <b>Full WAF</b> mode, NinjaFirewall will hook, scan, reject or sanitise "
|
68 |
+
"any HTTP and HTTPS request sent to a PHP script before it reaches WordPress, "
|
69 |
+
"its plugins or even the database. All scripts located inside the blog "
|
70 |
+
"installation directories and sub-directories will be protected, including "
|
71 |
+
"those that aren't part of the WordPress package. Even encoded PHP scripts (e."
|
72 |
+
"g., ionCube), potential backdoors and shell scripts (e.g., c99, r57) will be "
|
73 |
+
"filtered by NinjaFirewall."
|
74 |
+
msgstr ""
|
75 |
+
"En mode <b>Full WAF</b>, NinjaFirewall peut intercepter, analyser, nettoyer "
|
76 |
+
"ou rejeter toute requête HTTP ou HTTPS envoyée à un script PHP avant même "
|
77 |
+
"que celle-ci n'atteigne WordPress ou l'une de ses extensions. Tous les "
|
78 |
+
"scripts situés dans le répertoire et sous-répertoires d'installation de "
|
79 |
+
"votre blog seront protégés, y compris ceux qui ne font pas partie de "
|
80 |
+
"WordPress. Même un script PHP encodé (par ex. ionCube), une éventuelle porte "
|
81 |
+
"dérobée ou un script shell (par ex. c99, r57 ) installés par un pirate "
|
82 |
+
"seront filtrés par NinjaFirewall."
|
83 |
+
|
84 |
+
#: install.php:141
|
85 |
+
#, php-format
|
86 |
+
msgid ""
|
87 |
+
"That makes it a true firewall and gives you the highest possible level of "
|
88 |
+
"protection: <a href=\"%s\" title=\"%s\">security without compromise</a>."
|
89 |
+
msgstr ""
|
90 |
+
"Cela fait de lui un véritable pare-feu applicatif et vous offre le niveau de "
|
91 |
+
"protection le plus élevé possible : <a href=\"%s\" title=\"%s\">La sécurité "
|
92 |
+
"sans aucun compromis</a>."
|
93 |
+
|
94 |
+
#: install.php:143
|
95 |
+
#, php-format
|
96 |
+
msgid ""
|
97 |
+
"To run NinjaFirewall in <b>Full WAF</b> mode, your server must allow the use "
|
98 |
+
"of the <code>auto_prepend_file</code> PHP directive. It is required to "
|
99 |
+
"instruct the PHP interpreter to load the firewall before WordPress or any "
|
100 |
+
"other script. Most of the time it works right out of the box, or may require "
|
101 |
+
"<a href=\"%s\" title=\"%s\">some very little tweaks</a>. But in a few cases, "
|
102 |
+
"mostly because of some shared hosting plans restrictions, it may simply not "
|
103 |
+
"work at all."
|
104 |
+
msgstr ""
|
105 |
+
"Pour installer NinjaFirewall en mode <b>Full WAF</b>, votre serveur doit "
|
106 |
+
"autoriser l'utilisation de la directive PHP <code>auto_prepend_file</code>. "
|
107 |
+
"Celle-ci est nécessaire pour forcer l'interpréteur PHP à charger le pare-feu "
|
108 |
+
"avant WordPress ou tout autre script. La plupart du temps, l'installation "
|
109 |
+
"fonctionne sans aucun problème ou, peut nécessiter <a href=\"%s\" title=\"%s"
|
110 |
+
"\">quelques petits ajustements</a>. Mais dans quelques cas, principalement "
|
111 |
+
"en raison de certaines restrictions d'hébergement partagé, il se peut que "
|
112 |
+
"l'installation ne puisse pas fonctionner du tout."
|
113 |
+
|
114 |
+
#: install.php:145 install.php:162
|
115 |
+
msgid "WordPress WAF mode"
|
116 |
+
msgstr "Mode WordPress WAF"
|
117 |
+
|
118 |
+
#: install.php:147
|
119 |
+
msgid ""
|
120 |
+
"The <b>WordPress WAF</b> mode requires to load NinjaFirewall via the "
|
121 |
+
"WordPress wp-config.php script. This process makes it easy to setup and the "
|
122 |
+
"installation will always be successful, regardless of your hosting plan "
|
123 |
+
"restrictions."
|
124 |
+
msgstr ""
|
125 |
+
"Le mode <b>WordPress WAF</b> nécessite de charger NinjaFirewall via le "
|
126 |
+
"script wp-config.php de WordPress. L'installation est très simple et "
|
127 |
+
"toujours couronnée de succès et ce, quelles que soient les restrictions de "
|
128 |
+
"votre plan hébergement."
|
129 |
+
|
130 |
+
#: install.php:147
|
131 |
+
msgid ""
|
132 |
+
"NinjaFirewall will still load before WordPress, its plugins and the database "
|
133 |
+
"and will run as fast as the <b>Full WAF</b> mode."
|
134 |
+
msgstr ""
|
135 |
+
"NinjaFirewall se chargera là encore avant WordPress, ses extensions et la "
|
136 |
+
"base de données, et ses performances seront identiques à celles du mode "
|
137 |
+
"<b>Full WAF</b>."
|
138 |
+
|
139 |
+
#: install.php:149
|
140 |
+
msgid ""
|
141 |
+
"However, the downside of this mode is that NinjaFirewall will be able to "
|
142 |
+
"hook and filter HTTP requests sent to WordPress only. A few features such as "
|
143 |
+
"File Guard, the URL Access Control and Web Filter (WP+ Edition only) will be "
|
144 |
+
"limited."
|
145 |
+
msgstr ""
|
146 |
+
"Toutefois, l'inconvénient de ce mode est que NinjaFirewall ne pourra "
|
147 |
+
"intercepter, analyser, nettoyer ou rejeter que les requêtes HTTP ou HTTPS "
|
148 |
+
"directement adressées à WordPress uniquement, et non plus à tout autre "
|
149 |
+
"script PHP ou application tierce. Certaines fonctionnalités telles que File "
|
150 |
+
"Guard, le contrôle d'accès par URL et Web Filter (WP+ Edition uniquement) "
|
151 |
+
"seront limitées."
|
152 |
+
|
153 |
+
#: install.php:151
|
154 |
+
msgid ""
|
155 |
+
"Despite being less powerful than the <b>Full WAF</b> mode, it still offers a "
|
156 |
+
"level of protection and performance higher than any other security plugin."
|
157 |
+
msgstr ""
|
158 |
+
"Bien que moins puissant que <b>Full WAF</b>, le mode <b>WordPress WAF</b> "
|
159 |
+
"offre tout de même des performances et un niveau de protection supérieurs "
|
160 |
+
"aux autres extensions de sécurité pour WordPress disponibles sur le marché."
|
161 |
+
|
162 |
+
#: install.php:154 ninjafirewall.php:786
|
163 |
+
msgid "Installation"
|
164 |
+
msgstr "Installation"
|
165 |
+
|
166 |
+
#: install.php:156
|
167 |
+
msgid ""
|
168 |
+
"We recommend to select the <b>Full WAF</b> mode option first. If it fails, "
|
169 |
+
"this installer will let you switch to the <b>WordPress WAF</b> mode easily."
|
170 |
+
msgstr ""
|
171 |
+
"Nous vous recommandons de sélectionner d'abord l'option <b>Full WAF</b>. Si "
|
172 |
+
"elle échoue, ce programme d'installation vous proposera de passer facilement "
|
173 |
+
"au mode <b>WordPress WAF</b>."
|
174 |
+
|
175 |
+
#: install.php:160
|
176 |
+
msgid "Full WAF mode (recommended)"
|
177 |
+
msgstr "Mode Full WAF (recommandé)"
|
178 |
+
|
179 |
+
#: install.php:164 lib/install_fullwaf.php:46 lib/install_fullwaf.php:237
|
180 |
+
#: lib/install_fullwaf.php:492 lib/install_wpwaf.php:141
|
181 |
+
msgid "Next Step"
|
182 |
+
msgstr "Étape suivante"
|
183 |
+
|
184 |
+
#: install.php:180
|
185 |
+
#, php-format
|
186 |
+
msgid ""
|
187 |
+
"NinjaFirewall cannot create its <code>nfwlog/</code>log and cache folder; "
|
188 |
+
"please make sure that the <code>%s</code> directory is writable"
|
189 |
+
msgstr ""
|
190 |
+
"NinjaFirewall ne peut pas créer le répertoire <code>nfwlog/</code>; veuillez "
|
191 |
+
"vous assurer que le répertoire <code>%s</code> est accessible en écriture"
|
192 |
+
|
193 |
+
#: install.php:214
|
194 |
+
msgid ""
|
195 |
+
"This is NinjaFirewall's logs, loader and cache directory. DO NOT alter or "
|
196 |
+
"remove it as long as NinjaFirewall is running!"
|
197 |
+
msgstr ""
|
198 |
+
"Ce répertoire est utilisé par NinjaFirewall. Veuillez NE PAS le supprimer "
|
199 |
+
"tant que NinjaFirewall est installé !"
|
200 |
+
|
201 |
+
#: install.php:241 ninjafirewall.php:947
|
202 |
+
msgid "NinjaFirewall (WP Edition)"
|
203 |
+
msgstr "NinjaFirewall (WP Edition)"
|
204 |
+
|
205 |
+
#: install.php:248
|
206 |
+
msgid "Try again"
|
207 |
+
msgstr "Essayer à nouveau"
|
208 |
+
|
209 |
+
#: install.php:261
|
210 |
+
msgid "Quick Start, FAQ & Troubleshooting Guide"
|
211 |
+
msgstr "Guide d'Utilisation, d'Installation et de Dépannage"
|
212 |
+
|
213 |
+
#: install.php:262
|
214 |
+
msgid "Hi,"
|
215 |
+
msgstr "Bonjour,"
|
216 |
+
|
217 |
+
#: install.php:264
|
218 |
+
msgid ""
|
219 |
+
"This is NinjaFirewall's installer. Below are some helpful info and links you "
|
220 |
+
"may consider reading before using NinjaFirewall."
|
221 |
+
msgstr ""
|
222 |
+
"Je suis l'installateur de NinjaFirewall. Voici quelques informations et "
|
223 |
+
"liens qui pourraient vous être utiles (en langue anglaise) :"
|
224 |
+
|
225 |
+
#: install.php:266
|
226 |
+
msgid "Troubleshooting:"
|
227 |
+
msgstr "Dépannage :"
|
228 |
+
|
229 |
+
#: install.php:269
|
230 |
+
msgid "-Locked out of your site / Fatal error / WordPress crash?"
|
231 |
+
msgstr ""
|
232 |
+
"-Votre site n'est plus accessible / Erreur fatale / WordPress a planté ?"
|
233 |
+
|
234 |
+
#: install.php:270
|
235 |
+
msgid "-Failed installation (\"Error: The firewall is not loaded\")?"
|
236 |
+
msgstr ""
|
237 |
+
"-Échec de l'installation (\"Erreur : Le pare-feu n'est pas activé.\") ?"
|
238 |
+
|
239 |
+
#: install.php:271
|
240 |
+
msgid "-Blank page after INSTALLING NinjaFirewall?"
|
241 |
+
msgstr "-Page blanche après l'INSTALLATION de NinjaFirewall ?"
|
242 |
+
|
243 |
+
#: install.php:272
|
244 |
+
msgid "-Blank page after UNINSTALLING NinjaFirewall?"
|
245 |
+
msgstr "-Page blanche après la DÉSINSTALLATION de NinjaFirewall ?"
|
246 |
+
|
247 |
+
#: install.php:273
|
248 |
+
msgid "-500 Internal Server Error?"
|
249 |
+
msgstr "-500 Internal Server Error ?"
|
250 |
+
|
251 |
+
#: install.php:274
|
252 |
+
msgid "-\"Cannot connect to WordPress database\" error message?"
|
253 |
+
msgstr "-Impossible de se connecter à la base de données WordPress ?"
|
254 |
+
|
255 |
+
#: install.php:275
|
256 |
+
msgid "-How to disable NinjaFirewall?"
|
257 |
+
msgstr "-Comment désactiver NinjaFirewall ?"
|
258 |
+
|
259 |
+
#: install.php:276
|
260 |
+
msgid "-Lost password (brute-force protection)?"
|
261 |
+
msgstr ""
|
262 |
+
"-Vous avez perdu le mot de passe de la protection contre les attaques par "
|
263 |
+
"force brute ?"
|
264 |
+
|
265 |
+
#: install.php:277
|
266 |
+
msgid "-Blocked visitors (see below)?"
|
267 |
+
msgstr "-Vos visiteurs sont bloqués par erreur (voir ci-dessous) ?"
|
268 |
+
|
269 |
+
#: install.php:278
|
270 |
+
msgid "-Exporting NinjaFirewall's configuration"
|
271 |
+
msgstr "-Exporter la configuration de NinjaFirewall"
|
272 |
+
|
273 |
+
#: install.php:280
|
274 |
+
msgid "-NinjaFirewall (WP Edition) troubleshooter script"
|
275 |
+
msgstr "-Script de dépannage NinjaFirewall (WP Edition)"
|
276 |
+
|
277 |
+
#: install.php:282
|
278 |
+
msgid "-Rename this file to \"wp-check.php\"."
|
279 |
+
msgstr "-Renommez ce fichier en \"wp-check.php\"."
|
280 |
+
|
281 |
+
#: install.php:283
|
282 |
+
msgid "-Upload it into your WordPress root folder."
|
283 |
+
msgstr "-Téléchargez-le dans le repertoire racine de WordPress."
|
284 |
+
|
285 |
+
#: install.php:284
|
286 |
+
msgid "-Goto http://YOUR WEBSITE/wp-check.php."
|
287 |
+
msgstr "-Rendez-vous sur http://VOTRE_SITE/wp-check.php."
|
288 |
+
|
289 |
+
#: install.php:285
|
290 |
+
msgid "-Delete it afterwards."
|
291 |
+
msgstr "-Supprimez-le lorsque vous avez fini."
|
292 |
+
|
293 |
+
#: install.php:287
|
294 |
+
msgid "FAQ:"
|
295 |
+
msgstr "FAQ :"
|
296 |
+
|
297 |
+
#: install.php:290
|
298 |
+
msgid ""
|
299 |
+
"-Why is NinjaFirewall different from other security plugins for WordPress?"
|
300 |
+
msgstr ""
|
301 |
+
"-En quoi NinjaFirewall est-il différent des autres extensions de sécurité "
|
302 |
+
"pour WordPress ?"
|
303 |
+
|
304 |
+
#: install.php:291
|
305 |
+
msgid "-Do I need root privileges to install NinjaFirewall?"
|
306 |
+
msgstr ""
|
307 |
+
"-Ai-je besoin d'avoir les privilèges root pour installer NinjaFirewall ?"
|
308 |
+
|
309 |
+
#: install.php:292
|
310 |
+
msgid "-Does it work with Nginx?"
|
311 |
+
msgstr "-Est-ce qu'il fonctionne avec Nginx ?"
|
312 |
+
|
313 |
+
#: install.php:293
|
314 |
+
msgid "-Do I need to alter my PHP scripts?"
|
315 |
+
msgstr "-Dois-je modifier mes script PHP ?"
|
316 |
+
|
317 |
+
#: install.php:294
|
318 |
+
msgid ""
|
319 |
+
"-Will NinjaFirewall detect the correct IP of my visitors if I am behind a "
|
320 |
+
"CDN service like Cloudflare or Incapsula?"
|
321 |
+
msgstr ""
|
322 |
+
"-Est-ce que NinjaFirewall détectera la bonne adresse IP de mes visiteurs si "
|
323 |
+
"j'utilise un service CDN comme Cloudflare ou Incapsula ?"
|
324 |
+
|
325 |
+
#: install.php:295
|
326 |
+
msgid ""
|
327 |
+
"-I moved my wp-config.php file to another directory. Will it work with "
|
328 |
+
"NinjaFirewall?"
|
329 |
+
msgstr ""
|
330 |
+
"-J'ai déplacé mon fichier wp-config.php dans un autre répertoire. "
|
331 |
+
"NinjaFirewall va-t-il fonctionner ?"
|
332 |
+
|
333 |
+
#: install.php:296
|
334 |
+
msgid "-Will it slow down my site?"
|
335 |
+
msgstr "-Est-ce qu'il va ralentir mon site ?"
|
336 |
+
|
337 |
+
#: install.php:297
|
338 |
+
msgid "-Is there a Microsoft Windows version?"
|
339 |
+
msgstr "-Existe-t-il une version pour Microsoft Windows ?"
|
340 |
+
|
341 |
+
#: install.php:298
|
342 |
+
msgid "-Can I add/write my own security rules?"
|
343 |
+
msgstr "-Puis-je ajouter / écrire mes propres règles de sécurité ?"
|
344 |
+
|
345 |
+
#: install.php:299
|
346 |
+
msgid "-Can I migrate my site(s) with NinjaFirewall installed?"
|
347 |
+
msgstr ""
|
348 |
+
"-Est-ce que je peux migrer mon site lorsque NinjaFirewall est installé ?"
|
349 |
+
|
350 |
+
#: install.php:301
|
351 |
+
msgid "Must Read:"
|
352 |
+
msgstr "A lire aussi :"
|
353 |
+
|
354 |
+
#: install.php:303
|
355 |
+
msgid "-An introduction to NinjaFirewall filtering engine:"
|
356 |
+
msgstr "-Présentation du moteur de filtrage de NinjaFirewall :"
|
357 |
+
|
358 |
+
#: install.php:306
|
359 |
+
msgid "-Testing NinjaFirewall without blocking your visitors:"
|
360 |
+
msgstr "-Tester NinjaFirewall sans bloquer vos visiteurs :"
|
361 |
+
|
362 |
+
#: install.php:309
|
363 |
+
msgid "-Add your own code to the firewall: the \".htninja\" file:"
|
364 |
+
msgstr "-Ajoutez votre code au pare-feu: le fichier \".htninja\" :"
|
365 |
+
|
366 |
+
#: install.php:312
|
367 |
+
msgid "-Restricting access to NinjaFirewall settings:"
|
368 |
+
msgstr "-Restreindre l'accès à la configuration de NinjaFirewall :"
|
369 |
+
|
370 |
+
#: install.php:315
|
371 |
+
msgid "-Upgrading to PHP 7 with NinjaFirewall installed:"
|
372 |
+
msgstr "-Mise à niveau de PHP 5 vers PHP 7 avec NinjaFirewall installé :"
|
373 |
+
|
374 |
+
#: install.php:318
|
375 |
+
msgid "-Keep your blog protected against the latest vulnerabilities:"
|
376 |
+
msgstr "-Gardez votre blog protégé contre les dernières vulnérabilités :"
|
377 |
+
|
378 |
+
#: install.php:321
|
379 |
+
msgid "-NinjaFirewall Referral Program:"
|
380 |
+
msgstr "-Programme de parrainage de NinjaFirewall :"
|
381 |
+
|
382 |
+
#: install.php:324
|
383 |
+
msgid "Help & Support Links:"
|
384 |
+
msgstr "Aide & Support :"
|
385 |
+
|
386 |
+
#: install.php:326
|
387 |
+
msgid ""
|
388 |
+
"-Each page of NinjaFirewall includes a contextual help: click on the \"Help"
|
389 |
+
"\" menu tab located in the upper right corner of the corresponding page."
|
390 |
+
msgstr ""
|
391 |
+
"-Si vous avez besoin d'aide, cliquez sur l'onglet \"Aide\" situé dans le "
|
392 |
+
"coin supérieur droit de chaque page."
|
393 |
+
|
394 |
+
#: install.php:327
|
395 |
+
msgid "-Online documentation is also available here:"
|
396 |
+
msgstr "-Une documentation est aussi disponible en ligne :"
|
397 |
+
|
398 |
+
#: install.php:328
|
399 |
+
msgid "-The WordPress support forum:"
|
400 |
+
msgstr "-Le forum de WordPress :"
|
401 |
+
|
402 |
+
#: install.php:329
|
403 |
+
msgid "-Updates info are available via Twitter:"
|
404 |
+
msgstr "-Info sur les mises à jour via Twitter :"
|
405 |
+
|
406 |
+
#: install.php:352
|
407 |
+
msgid "Error: The firewall is not loaded."
|
408 |
+
msgstr "Erreur : Le pare-feu n'est pas activé."
|
409 |
+
|
410 |
+
#: install.php:353
|
411 |
+
msgid "Suggestions:"
|
412 |
+
msgstr "Suggestions :"
|
413 |
+
|
414 |
+
#: install.php:357
|
415 |
+
msgid ""
|
416 |
+
"You selected <code>Apache + PHP module</code> as your HTTP server and PHP "
|
417 |
+
"SAPI. Maybe your HTTP server is <code>Apache + CGI/FastCGI</code>?"
|
418 |
+
msgstr ""
|
419 |
+
"Vous avez sélectionné <code>Apache + PHP module</code> comme serveur HTTP et "
|
420 |
+
"PHP SAPI. Peut-être que votre serveur utilise <code>Apache + CGI/FastCGI</"
|
421 |
+
"code> ?"
|
422 |
+
|
423 |
+
#: install.php:359 install.php:387
|
424 |
+
msgid ""
|
425 |
+
"You can click the \"Go Back\" button and try to select another HTTP server "
|
426 |
+
"type."
|
427 |
+
msgstr ""
|
428 |
+
"Vous pouvez cliquer sur le bouton \"Retour\" et essayer de sélectionner un "
|
429 |
+
"autre type de serveur HTTP."
|
430 |
+
|
431 |
+
#: install.php:363
|
432 |
+
msgid ""
|
433 |
+
"You have selected LiteSpeed as your HTTP server. Did you enable the "
|
434 |
+
"\"AllowOverride\" directive from its admin panel? Make sure it is enabled, "
|
435 |
+
"restart LiteSpeed and then, click the \"Test Again\" button below."
|
436 |
+
msgstr ""
|
437 |
+
"Vous avez sélectionné LiteSpeed comme serveur HTTP. Avez-vous activé la "
|
438 |
+
"directive \"AllowOverride\" à partir de son panneau d'administration ? "
|
439 |
+
"Assurez-vous qu'elle est activée, redémarrez LiteSpeed, puis cliquez sur le "
|
440 |
+
"bouton \"Tester à nouveau\" ci-dessous."
|
441 |
+
|
442 |
+
#: install.php:365 install.php:376
|
443 |
+
msgid "Test Again"
|
444 |
+
msgstr "Tester à nouveau"
|
445 |
+
|
446 |
+
#: install.php:374
|
447 |
+
msgid ""
|
448 |
+
"You have selected <code>.user.ini</code> as your PHP initialization file. "
|
449 |
+
"Unlike <code>php.ini</code>, <code>.user.ini</code> files are not reloaded "
|
450 |
+
"immediately by PHP, but every five minutes. If this is your own server, "
|
451 |
+
"restart Apache (or PHP-FPM if applicable) to force PHP to reload it, "
|
452 |
+
"otherwise please <strong>wait up to five minutes</strong> and then, click "
|
453 |
+
"the \"Test Again\" button below."
|
454 |
+
msgstr ""
|
455 |
+
"Vous avez sélectionné <code>.user.ini</code> comme fichier d'initialisation "
|
456 |
+
"de PHP. Contrairement aux fichiers <code>php.ini</code>, après leur "
|
457 |
+
"modification les fichiers <code>.user.ini</code> ne sont pas rechargés "
|
458 |
+
"immédiatement par PHP, mais environ toutes les cinq minutes. Si ceci est "
|
459 |
+
"votre serveur, redémarrez Apache (ou PHP-FPM le cas échéant) afin de forcer "
|
460 |
+
"PHP à le recharger, sinon veuillez <strong>patienter jusqu'à cinq minutes</"
|
461 |
+
"strong> avant de cliquer sur le bouton \"Tester à nouveau\" ci-dessous."
|
462 |
+
|
463 |
+
#: install.php:385
|
464 |
+
msgid ""
|
465 |
+
"You selected <code>Apache + CGI/FastCGI</code> as your HTTP server and PHP "
|
466 |
+
"SAPI. Maybe your HTTP server is <code>Apache + PHP module</code>?"
|
467 |
+
msgstr ""
|
468 |
+
"Vous avez sélectionné <code>Apache + CGI/FastCGI</code> comme serveur HTTP "
|
469 |
+
"et PHP SAPI. Peut-être que votre serveur utilise <code>Apache + PHP module</"
|
470 |
+
"code> ?"
|
471 |
+
|
472 |
+
#: install.php:390
|
473 |
+
msgid "Maybe you did not select the correct PHP INI ?"
|
474 |
+
msgstr ""
|
475 |
+
"Peut-être que vous n'avez pas sélectionné le bon fichier PHP INI ?"
|
476 |
+
|
477 |
+
#: install.php:392
|
478 |
+
msgid "You can click the \"Go Back\" button and try to select another one."
|
479 |
+
msgstr ""
|
480 |
+
"Vous pouvez cliquer sur le bouton \"Retour\" et essayer d'en sélectionner un "
|
481 |
+
"autre."
|
482 |
+
|
483 |
+
#: install.php:396
|
484 |
+
msgid "Go Back"
|
485 |
+
msgstr "Retour"
|
486 |
+
|
487 |
+
#: install.php:402
|
488 |
+
#, php-format
|
489 |
+
msgid ""
|
490 |
+
"If none of the above suggestions work, you can still install NinjaFirewall "
|
491 |
+
"in %s mode by clicking the button below. Setup is easy and will always work."
|
492 |
+
msgstr ""
|
493 |
+
"Si aucune des suggestions ci-dessus ne fonctionnent, vous pouvez installer "
|
494 |
+
"NinjaFirewall en mode %s en cliquant sur le bouton ci-dessous. "
|
495 |
+
"L'installation est facile et toujours couronnée de succès."
|
496 |
+
|
497 |
+
#: install.php:407
|
498 |
+
msgid "Switch to the WordPress WAF mode installer »"
|
499 |
+
msgstr "Passer à l'installateur WordPress WAF »"
|
500 |
+
|
501 |
+
#: install.php:411
|
502 |
+
msgid "Need help? Check our blog:"
|
503 |
+
msgstr "Besoin d'aide ? Consultez notre blog :"
|
504 |
+
|
505 |
+
#: install.php:562
|
506 |
+
msgid ""
|
507 |
+
"Error: The installer cannot download the security rules from wordpress.org "
|
508 |
+
"website."
|
509 |
+
msgstr ""
|
510 |
+
"Erreur : Impossible de télécharger les règles de sécurité depuis le site de "
|
511 |
+
"wordpress.org."
|
512 |
+
|
513 |
+
#: install.php:563
|
514 |
+
msgid ""
|
515 |
+
"The server may be temporarily down or you may have network connectivity "
|
516 |
+
"problems? Please try again in a few minutes."
|
517 |
+
msgstr ""
|
518 |
+
"Le serveur est peut être temporairement en panne ou bien vous avez des "
|
519 |
+
"problèmes de connectivité réseau ? Veuillez ré-essayer d'ici quelques "
|
520 |
+
"minutes."
|
521 |
+
|
522 |
+
#: install.php:564
|
523 |
+
msgid ""
|
524 |
+
"NinjaFirewall downloads its rules over an HTTPS secure connection. Maybe "
|
525 |
+
"your server does not support SSL? You can force NinjaFirewall to use a non-"
|
526 |
+
"secure HTTP connection by adding the following directive to your <strong>wp-"
|
527 |
+
"config.php</strong> file:"
|
528 |
+
msgstr ""
|
529 |
+
"NinjaFirewall télécharge ses règles de sécurité en utilisant une connexion "
|
530 |
+
"sécurisée (HTTPS). Peut-être que votre serveur ne prend pas en charge "
|
531 |
+
"HTTPS ? Dans ce cas, vous pouvez demander à NinjaFirewall d'utiliser une "
|
532 |
+
"connexion non-sécurisée (HTTP) en ajoutant la ligne suivante dans votre "
|
533 |
+
"fichier <strong>wp-config.php</strong> :"
|
534 |
+
|
535 |
+
#: lib/dashboard_widget.php:30
|
536 |
+
msgid "NinjaFirewall Statistics"
|
537 |
+
msgstr "Statistiques de NinjaFirewall"
|
538 |
+
|
539 |
+
#: lib/dashboard_widget.php:52 lib/nf_sub_statistics.php:116
|
540 |
+
msgid "Blocked hacking attempts"
|
541 |
+
msgstr "Tentatives de piratage bloquées"
|
542 |
+
|
543 |
+
#: lib/dashboard_widget.php:56 lib/nf_sub_statistics.php:120
|
544 |
+
msgid "Hacking attempts severity"
|
545 |
+
msgstr "Sévérité des attaques"
|
546 |
+
|
547 |
+
#: lib/dashboard_widget.php:58
|
548 |
+
msgid "Critical:"
|
549 |
+
msgstr "Critique :"
|
550 |
+
|
551 |
+
#: lib/dashboard_widget.php:66
|
552 |
+
msgid "High:"
|
553 |
+
msgstr "Élevé :"
|
554 |
+
|
555 |
+
#: lib/dashboard_widget.php:74
|
556 |
+
msgid "Medium:"
|
557 |
+
msgstr "Moyen :"
|
558 |
+
|
559 |
+
#: lib/dashboard_widget.php:84 lib/nf_sub_statistics.php:143
|
560 |
+
msgid "Uploaded files"
|
561 |
+
msgstr "Fichiers téléchargés (upload)"
|
562 |
+
|
563 |
+
#: lib/dashboard_widget.php:90
|
564 |
+
msgid "View firewall log"
|
565 |
+
msgstr "Voir le journal du pare-feu"
|
566 |
+
|
567 |
+
#: lib/help.php:37 ninjafirewall.php:799
|
568 |
+
msgid "Overview"
|
569 |
+
msgstr "Aperçu"
|
570 |
+
|
571 |
+
#: lib/help.php:38
|
572 |
+
msgid ""
|
573 |
+
"This is the Overview page; it shows information about the firewall status. "
|
574 |
+
"We recommend you keep an eye on it because, in case of problems, all "
|
575 |
+
"possible errors and warnings will be displayed here."
|
576 |
+
msgstr ""
|
577 |
+
"La page Aperçu affiche toutes les informations relatives au bon "
|
578 |
+
"fonctionnement du pare-feu ainsi que les mises à jour; il vous est conseillé "
|
579 |
+
"de la consulter fréquemment car, en cas de problèmes, ceux-ci seront "
|
580 |
+
"indiqués ici."
|
581 |
+
|
582 |
+
#: lib/help.php:41
|
583 |
+
msgid "For more information:"
|
584 |
+
msgstr "Pour plus d'information :"
|
585 |
+
|
586 |
+
#: lib/help.php:42
|
587 |
+
msgid "Installation, help and troubleshooting"
|
588 |
+
msgstr "Installation, aide et problèmes"
|
589 |
+
|
590 |
+
#: lib/help.php:43
|
591 |
+
msgid "Support Forum"
|
592 |
+
msgstr "Forum"
|
593 |
+
|
594 |
+
#: lib/help.php:44
|
595 |
+
msgid "Updates via Twitter"
|
596 |
+
msgstr "Mises à jour via Twitter"
|
597 |
+
|
598 |
+
#: lib/help.php:57 lib/nf_sub_statistics.php:112
|
599 |
+
msgid "Monthly stats"
|
600 |
+
msgstr "Statistiques mensuelles"
|
601 |
+
|
602 |
+
#: lib/help.php:59
|
603 |
+
msgid ""
|
604 |
+
"Statistics are taken from the current log. It is rotated on the first day of "
|
605 |
+
"each month."
|
606 |
+
msgstr ""
|
607 |
+
"Les statistiques sont tirées du journal du pare-feu qui est, par défaut, "
|
608 |
+
"réinitialisé le 1er jour de chaque mois."
|
609 |
+
|
610 |
+
#: lib/help.php:61
|
611 |
+
#, php-format
|
612 |
+
msgid ""
|
613 |
+
"You can view the log by clicking on the <a href=\"%s\">Firewall Log</a> menu."
|
614 |
+
msgstr ""
|
615 |
+
"Vous pouvez consuler ce journal en cliquant sur le menu <a href=\"%s"
|
616 |
+
"\">Journal du Pare-feu</a>."
|
617 |
+
|
618 |
+
#: lib/help.php:65 lib/nf_sub_statistics.php:146
|
619 |
+
msgid "Benchmarks"
|
620 |
+
msgstr "Performances"
|
621 |
+
|
622 |
+
#: lib/help.php:67
|
623 |
+
msgid ""
|
624 |
+
"Benchmarks show the time NinjaFirewall took, in seconds, to proceed each "
|
625 |
+
"request it has blocked."
|
626 |
+
msgstr ""
|
627 |
+
"Indique le temps qu'il a fallu à NinjaFirewall pour intercepter, analyser et "
|
628 |
+
"bloquer les requêtes dangereuses."
|
629 |
+
|
630 |
+
#: lib/help.php:78 lib/nf_sub_options.php:76
|
631 |
+
msgid "Firewall protection"
|
632 |
+
msgstr "Pare-feu"
|
633 |
+
|
634 |
+
#: lib/help.php:80
|
635 |
+
#, php-format
|
636 |
+
msgid ""
|
637 |
+
"This option allows you to disable NinjaFirewall. It has basically the same "
|
638 |
+
"effect as deactivating it from the <a href=\"%s\">Plugins</a> menu page."
|
639 |
+
msgstr ""
|
640 |
+
"Cette option vous permet de rapidement désactiver le pare-feu. Elle a "
|
641 |
+
"essentiellement le même effet que la désactivation effectuée depuis la page "
|
642 |
+
"<a href=\"%s\">Extensions</a> du Tableau de bord."
|
643 |
+
|
644 |
+
#: lib/help.php:82
|
645 |
+
msgid "Your site will remain unprotected until you enable it again."
|
646 |
+
msgstr ""
|
647 |
+
"Votre site ne sera plus protégé par NinjaFirewall durant cette période."
|
648 |
+
|
649 |
+
#: lib/help.php:86 lib/nf_sub_options.php:101 ninjafirewall.php:1010
|
650 |
+
msgid "Debugging mode"
|
651 |
+
msgstr "Mode débogage"
|
652 |
+
|
653 |
+
#: lib/help.php:88
|
654 |
+
#, php-format
|
655 |
+
msgid ""
|
656 |
+
"In Debugging mode, NinjaFirewall will not block or sanitise suspicious "
|
657 |
+
"requests but will only log them. The <a href=\"%s\">Firewall Log</a> will "
|
658 |
+
"display <code>DEBUG_ON</code> in the LEVEL column."
|
659 |
+
msgstr ""
|
660 |
+
"Lorsque ce mode est activé, NinjaFirewall ne bloque pas les requêtes mais "
|
661 |
+
"les enregistre uniquement dans le <a href=\"%s\">Journal du Pare-feu</a>. "
|
662 |
+
"Les lignes correspondantes seront indiquée par la mention <code>DEBUG_ON</"
|
663 |
+
"code> dans la colonne LEVEL du journal. "
|
664 |
+
|
665 |
+
#: lib/help.php:89
|
666 |
+
msgid ""
|
667 |
+
"We recommend to run it in Debugging Mode for at least 24 hours after "
|
668 |
+
"installing it on a new site and then to keep an eye on the firewall log "
|
669 |
+
"during that time. If you notice a false positive in the log, you can simply "
|
670 |
+
"use NinjaFirewall's Rules Editor to disable the security rule that was "
|
671 |
+
"wrongly triggered."
|
672 |
+
msgstr ""
|
673 |
+
"Nous vous conseillons de laisser NinjaFirewall en Mode débogage pendant 24 "
|
674 |
+
"heures après son installation sur un nouveau site afin de vous assurer que "
|
675 |
+
"tout fonctionne bien. Vous pourrez pendant cette période consulter le "
|
676 |
+
"journal du pare-feu pour y voir les éventuels problèmes et, le cas échéant, "
|
677 |
+
"désactiver les options ou règles pouvant créer des faux-positifs."
|
678 |
+
|
679 |
+
#: lib/help.php:93
|
680 |
+
msgid "Error code and message to return"
|
681 |
+
msgstr "Code HTTP et Message à retourner"
|
682 |
+
|
683 |
+
#: lib/help.php:95
|
684 |
+
msgid ""
|
685 |
+
"Lets you customize the HTTP error code returned by NinjaFirewall when "
|
686 |
+
"blocking a dangerous request and the message to display to the user."
|
687 |
+
msgstr ""
|
688 |
+
"Vous permet de choisir le code HTTP que vous souhaitez que NinjaFirewall "
|
689 |
+
"retourne lorsqu'il bloque une requête dangereuse ansi que le message à "
|
690 |
+
"afficher à l'utilisateur bloqué."
|
691 |
+
|
692 |
+
#: lib/help.php:96
|
693 |
+
msgid "You can use any HTML tags and 3 built-in variables:"
|
694 |
+
msgstr ""
|
695 |
+
"Vous pouvez utiliser le language HTML ainsi que les 3 variables suivantes :"
|
696 |
+
|
697 |
+
#: lib/help.php:97
|
698 |
+
msgid "the blocked user IP."
|
699 |
+
msgstr "l'adresse IP de l'utilisateur."
|
700 |
+
|
701 |
+
#: lib/help.php:98
|
702 |
+
msgid ""
|
703 |
+
"the unique incident number as it will appear in the firewall log \"INCIDENT"
|
704 |
+
"\" column."
|
705 |
+
msgstr ""
|
706 |
+
"le numéro d'incident, tel qu'il apparaîtra dans la colonne \"INCIDENT\" du "
|
707 |
+
"journal du pare-feu."
|
708 |
+
|
709 |
+
#: lib/help.php:99
|
710 |
+
msgid "NinjaFirewall logo."
|
711 |
+
msgstr "le logo de NinjaFirewall."
|
712 |
+
|
713 |
+
#: lib/help.php:103
|
714 |
+
msgid "Export/import configuration"
|
715 |
+
msgstr "Configuration de l'exportation / importation"
|
716 |
+
|
717 |
+
#: lib/help.php:105
|
718 |
+
msgid ""
|
719 |
+
"This options lets you export you current configuration or import it from "
|
720 |
+
"another NinjaFirewall (WP Edition) installation. The imported file must "
|
721 |
+
"match your current version otherwise it will be rejected. Note that "
|
722 |
+
"importing will override all firewall rules and options."
|
723 |
+
msgstr ""
|
724 |
+
"Cette option vous permet d'importer ou exporter votre configuration. Le "
|
725 |
+
"fichier importé doit provenir de la même version de NinjaFirewall, sinon il "
|
726 |
+
"sera rejeté. Notez que l'importation effacera toute votre configuration "
|
727 |
+
"actuelle (options et règles du pare-feu)."
|
728 |
+
|
729 |
+
#: lib/help.php:107
|
730 |
+
msgid "\"File Check\" configuration will not be exported/imported."
|
731 |
+
msgstr ""
|
732 |
+
"La configuration de \"File Check\" ne peut pas être importée ou exportée."
|
733 |
+
|
734 |
+
#: lib/help.php:120
|
735 |
+
#, php-format
|
736 |
+
msgid ""
|
737 |
+
"Keep in mind, however, that the Firewall Policies apply to any PHP scripts "
|
738 |
+
"located inside the %s directory and its sub-directories, and not only to "
|
739 |
+
"your WordPress index page."
|
740 |
+
msgstr ""
|
741 |
+
"Gardez à l'esprit que les politiques de pare-feu appliquent à <b>tous les "
|
742 |
+
"scripts PHP</b> situés à l'intérieur du répertoire %s ainsi que ses sous-"
|
743 |
+
"répertoires, et non pas seulement à la page d'index de WordPress."
|
744 |
+
|
745 |
+
#: lib/help.php:125
|
746 |
+
msgid "Policies overview"
|
747 |
+
msgstr "Politiques du pare-feu"
|
748 |
+
|
749 |
+
#: lib/help.php:127
|
750 |
+
#, php-format
|
751 |
+
msgid ""
|
752 |
+
"Because NinjaFirewall sits in front of WordPress, it can hook, scan and "
|
753 |
+
"sanitise all PHP requests, HTTP variables, headers and IPs before they reach "
|
754 |
+
"your blog: <code><a href=\"%s\">$_GET</a></code>, <code><a href=\"%s\">"
|
755 |
+
"$_POST</a></code>, <code><a href=\"%s\">$_COOKIES</a></code>, <code><a href="
|
756 |
+
"\"%s\">$_REQUEST</a></code>, <code><a href=\"%s\">$_FILES</a></code>, "
|
757 |
+
"<code><a href=\"%s\">$_SERVER</a></code> in HTTP and/or HTTPS mode."
|
758 |
+
msgstr ""
|
759 |
+
"Parcequ'il agit en amont de votre application, NinjaFirewall peut "
|
760 |
+
"intercepter, scanner, nettoyer et bloquer les requêtes HTTP envoyées à un "
|
761 |
+
"script PHP, ainsi que les variables (<code><a href=\"%s\">$_GET</a></code>, "
|
762 |
+
"<code><a href=\"%s\">$_POST</a></code>, <code><a href=\"%s\">$_COOKIES</a></"
|
763 |
+
"code>, <code><a href=\"%s\">$_REQUEST</a></code>, <code><a href=\"%s\">"
|
764 |
+
"$_FILES</a></code>, <code><a href=\"%s\">$_SERVER</a></code>), en-têtes et "
|
765 |
+
"adresses IP, avant que celles-ci n'atteignent votre application, que ce soit "
|
766 |
+
"en mode HTTP ou HTTPS."
|
767 |
+
|
768 |
+
#: lib/help.php:129
|
769 |
+
msgid ""
|
770 |
+
"Use the options below to enable, disable or to tweak these rules according "
|
771 |
+
"to your needs."
|
772 |
+
msgstr ""
|
773 |
+
"Utilisez les options ci-dessous pour configurer NinjaFirewall suivant vos "
|
774 |
+
"besoins."
|
775 |
+
|
776 |
+
#: lib/help.php:136
|
777 |
+
msgid "Scan and Sanitise"
|
778 |
+
msgstr "Filtrer et Nettoyer"
|
779 |
+
|
780 |
+
#: lib/help.php:138
|
781 |
+
msgid ""
|
782 |
+
"You can choose to scan and reject dangerous content but also to sanitise "
|
783 |
+
"requests and variables. Those two actions are different and can be combined "
|
784 |
+
"together for better security."
|
785 |
+
msgstr ""
|
786 |
+
"Vous pouvez choisir de filtrer et rejeter les requêtes HTTP dangereuses, "
|
787 |
+
"mais aussi de les nettoyer. Ces deux actions sont différentes et peuvent "
|
788 |
+
"être combinées pour plus de sécurité."
|
789 |
+
|
790 |
+
#: lib/help.php:139
|
791 |
+
msgid ""
|
792 |
+
"Scan : if anything suspicious is detected, NinjaFirewall will block the "
|
793 |
+
"request and return an HTTP error code and message (defined in the \"Firewall "
|
794 |
+
"Options\" page). The user request will fail and the connection will be "
|
795 |
+
"closed immediately."
|
796 |
+
msgstr ""
|
797 |
+
"Filtrer : lorsqu'il détecte une requête dangereuse, NinjaFirewall la bloque "
|
798 |
+
"et retourne un message et code d'erreur HTTP (définis dans la page \"Options "
|
799 |
+
"du Pare-feu\"). La requête ne pourra pas aboutir et la connexion sera fermée "
|
800 |
+
"immédiatement."
|
801 |
+
|
802 |
+
#: lib/help.php:140
|
803 |
+
#, php-format
|
804 |
+
msgid ""
|
805 |
+
"Sanitise : this option will not block but sanitise the user request by "
|
806 |
+
"escaping characters that can be used to exploit vulnerabilities (%s) and "
|
807 |
+
"replacing <code><</code> and <code>></code> with their corresponding "
|
808 |
+
"HTML entities (<code>&lt;</code>, <code>&gt;</code>). If it is a "
|
809 |
+
"variable, i.e. <code>?name=value</code>, both its name and value will be "
|
810 |
+
"sanitised."
|
811 |
+
msgstr ""
|
812 |
+
"Nettoyer : cette action ne bloque pas la requête mais l'analyse afin d'y "
|
813 |
+
"trouver des caractères pouvant être dangereux, par exemple pour injecter du "
|
814 |
+
"code dans la base de données (%s) et, le cas échéant, nettoie cette requête "
|
815 |
+
"en y insérant des caractères d'échappement ou, dans le cas des caractères "
|
816 |
+
"<code><</code> et <code>></code>, en les remplaçant par leurs entités "
|
817 |
+
"HTML correspondantes. S'il s'agit d'une variable et de sa valeur (<code>?"
|
818 |
+
"variable=valeur</code>), les deux éléments seront nettoyés."
|
819 |
+
|
820 |
+
#: lib/help.php:142
|
821 |
+
msgid ""
|
822 |
+
"This action will be performed when the filtering process is over, right "
|
823 |
+
"before NinjaFirewall forwards the request to your PHP script."
|
824 |
+
msgstr ""
|
825 |
+
"Veuillez noter que cette action est effectuée en dernier, après le filtrage, "
|
826 |
+
"juste avant que NinjaFirewall fasse suivre la requête à votre application "
|
827 |
+
"PHP."
|
828 |
+
|
829 |
+
#: lib/help.php:145
|
830 |
+
msgid ""
|
831 |
+
"If you enabled <code>POST</code> requests sanitising, articles and messages "
|
832 |
+
"posted by your visitors could be corrupted with excessive backslashes or "
|
833 |
+
"substitution characters."
|
834 |
+
msgstr ""
|
835 |
+
"Si vous activé le nettoyage de la variable <code>POST</code>, les articles, "
|
836 |
+
"commentaires et messages de vos visiteurs pourraient être endommagés par "
|
837 |
+
"cette option."
|
838 |
+
|
839 |
+
#: lib/help.php:149 ninjafirewall.php:811 ninjafirewall.php:1307
|
840 |
+
msgid "Firewall Policies"
|
841 |
+
msgstr "Politiques du Pare-feu"
|
842 |
+
|
843 |
+
#: lib/help.php:154 ninjafirewall.php:1329
|
844 |
+
msgid "Basic Policies"
|
845 |
+
msgstr "Politiques de base"
|
846 |
+
|
847 |
+
#: lib/help.php:157
|
848 |
+
msgid "Whether to filter HTTP and/or HTTPS traffic"
|
849 |
+
msgstr ""
|
850 |
+
"Sélectionnez le type de trafic filtré par le pare-feu (HTTP et/ou HTTPS)."
|
851 |
+
|
852 |
+
#: lib/help.php:159 ninjafirewall.php:1384
|
853 |
+
msgid "Uploads"
|
854 |
+
msgstr "Téléchargements"
|
855 |
+
|
856 |
+
#: lib/help.php:160
|
857 |
+
msgid "File Uploads:"
|
858 |
+
msgstr "Autoriser les téléchargements :"
|
859 |
+
|
860 |
+
#: lib/help.php:160
|
861 |
+
msgid "whether to allow/disallow file uploads."
|
862 |
+
msgstr ""
|
863 |
+
"vous pouvez autoriser ou interdire tout téléchargement de fichiers vers "
|
864 |
+
"votre site."
|
865 |
+
|
866 |
+
#: lib/help.php:161
|
867 |
+
msgid "Sanitise filenames:"
|
868 |
+
msgstr "Nettoyer le nom des fichiers :"
|
869 |
+
|
870 |
+
#: lib/help.php:161
|
871 |
+
msgid ""
|
872 |
+
"any character that is not a letter <code>a-zA-Z</code>, a digit <code>0-9</"
|
873 |
+
"code>, a dot <code>.</code>, a hyphen <code>-</code> or an underscore "
|
874 |
+
"<code>_</code> will be removed from the filename and replaced with the "
|
875 |
+
"substitution character."
|
876 |
+
msgstr ""
|
877 |
+
"si le nom du fichier contient un caractère qui n'est pas une lettre <code>a-"
|
878 |
+
"zA-Z</code>, un chiffre <code>0-9</code>, un point <code>.</code>, un trait "
|
879 |
+
"d'union <code>-</code> ou un caractère de soulignement <code>_</code>, celui-"
|
880 |
+
"si sera remplacé par le caractère de substitution."
|
881 |
+
|
882 |
+
#: lib/help.php:164
|
883 |
+
msgid ""
|
884 |
+
"Whether to block direct access to PHP files located in specific WordPress "
|
885 |
+
"directories."
|
886 |
+
msgstr ""
|
887 |
+
"S'il faut bloquer l’accès direct à tout fichier PHP se trouvant dans l'un de "
|
888 |
+
"ces répertoires."
|
889 |
+
|
890 |
+
#: lib/help.php:165
|
891 |
+
msgid "Protect against username enumeration:"
|
892 |
+
msgstr "Protéger contre l'énumération des comptes utilisateurs :"
|
893 |
+
|
894 |
+
#: lib/help.php:165
|
895 |
+
msgid ""
|
896 |
+
"it is possible to enumerate usernames either through the WordPress author "
|
897 |
+
"archives, the REST API or the login page. Although this is not a "
|
898 |
+
"vulnerability but a WordPress feature, some hackers use it to retrieve "
|
899 |
+
"usernames in order to launch more accurate brute-force attacks. If it is a "
|
900 |
+
"failed login attempt, NinjaFirewall will sanitise the error message returned "
|
901 |
+
"by WordPress. If it is an author archives scan, it will invalidate it and "
|
902 |
+
"redirect the user to the blog index page. Regarding the WP REST API, it will "
|
903 |
+
"block the request immediately."
|
904 |
+
msgstr ""
|
905 |
+
"il est possible d'énumérer les noms des utilisateurs de votre blog via l'API "
|
906 |
+
"REST, la page d'archive d'un auteur ou la page de connexion au Tableau de "
|
907 |
+
"bord. Bien que ce ne soit pas une vulnérabilité, mais une caractéristique de "
|
908 |
+
"WordPress, certains hackers utilisent ces astuces pour récupérer les noms "
|
909 |
+
"d'utilisateur afin de lancer des attaques par force brute plus précises."
|
910 |
+
|
911 |
+
#: lib/help.php:166
|
912 |
+
msgid "WordPress REST API:"
|
913 |
+
msgstr "API REST de WordPress :"
|
914 |
+
|
915 |
+
#: lib/help.php:166
|
916 |
+
msgid ""
|
917 |
+
"it allows you to access your WordPress site's data through an easy-to-use "
|
918 |
+
"HTTP REST API. Since WordPress 4.7, it is enabled by default. NinjaFirewall "
|
919 |
+
"allows you to block any access to that API if you do not intend to use it."
|
920 |
+
msgstr ""
|
921 |
+
"elle vous permet d'accéder aux données de votre blog via l'API HTTP REST. "
|
922 |
+
"Depuis WordPress 4.7, cette elle est activée par défaut. NinjaFirewall vous "
|
923 |
+
"permet de bloquer tout accès a cette API si vous ne l'utilisez pas."
|
924 |
+
|
925 |
+
#: lib/help.php:167
|
926 |
+
msgid "WordPress XML-RPC API:"
|
927 |
+
msgstr "API XML-RPC de WordPress :"
|
928 |
+
|
929 |
+
#: lib/help.php:167
|
930 |
+
msgid ""
|
931 |
+
"XML-RPC is a remote procedure call (RPC) protocol which uses XML to encode "
|
932 |
+
"its calls and HTTP as a transport mechanism. WordPress has an XMLRPC API "
|
933 |
+
"that can be accessed through the <code>xmlrpc.php</code> file. Since "
|
934 |
+
"WordPress version 3.5, it is always activated and cannot be turned off. "
|
935 |
+
"NinjaFirewall allows you to immediately block any access to that file, or "
|
936 |
+
"only to block an access using the <code>system.multicall</code> method often "
|
937 |
+
"used in brute-force amplification attacks or to block Pingbacks."
|
938 |
+
msgstr ""
|
939 |
+
"XML-RPC est un protocole RPC (Remote procedure call), une spécification "
|
940 |
+
"simple et un ensemble de codes qui permettent à des processus s'exécutant "
|
941 |
+
"dans des environnements différents de faire des appels de méthodes à travers "
|
942 |
+
"un réseau. WordPress dispose d'une API XML-RPC accessible via son fichier "
|
943 |
+
"<code>xmlrpc.php</code>. Depuis la version 3.5 de WordPress, elle est "
|
944 |
+
"toujours activée et ne peut pas être désactivée. NinjaFirewall vous permet "
|
945 |
+
"de bloquer immédiatement tout accès à ce fichier, ou de ne bloquer que les "
|
946 |
+
"requêtes qui utilisent la méthode <code>system.multicall</code> ou les "
|
947 |
+
"Pingbacks."
|
948 |
+
|
949 |
+
#: lib/help.php:168
|
950 |
+
msgid ""
|
951 |
+
"Block <code>POST</code> requests in the themes folder <code>/wp-content/"
|
952 |
+
"themes</code>:"
|
953 |
+
msgstr ""
|
954 |
+
"Bloquer les requêtes <code>POST</code> dans le dossier des thèmes <code>/wp-"
|
955 |
+
"content/themes</code> :"
|
956 |
+
|
957 |
+
#: lib/help.php:168
|
958 |
+
msgid ""
|
959 |
+
"this option can be useful to block hackers from installing backdoor in the "
|
960 |
+
"PHP theme files. However, because some custom themes may include an HTML "
|
961 |
+
"form (contact, search form etc), this option is not enabled by default."
|
962 |
+
msgstr ""
|
963 |
+
"cette option peut être utile afin de bloquer l'exploitation de "
|
964 |
+
"vulnérabilités dans les fichiers PHP de vos thèmes. Toutefois, parce que "
|
965 |
+
"certains thèmes personnalisés peuvent inclure un formulaire HTML (formulaire "
|
966 |
+
"de recherche ou de contact etc) nécessitant des requêtes <code>POST</code> , "
|
967 |
+
"cette option n'est pas activée par défaut."
|
968 |
+
|
969 |
+
#: lib/help.php:169
|
970 |
+
msgid "Force SSL for admin and logins <code>FORCE_SSL_ADMIN</code>:"
|
971 |
+
msgstr ""
|
972 |
+
"Forcer la connexion sécurisée au Tableau de bord <code>FORCE_SSL_ADMIN</"
|
973 |
+
"code> :"
|
974 |
+
|
975 |
+
#: lib/help.php:169
|
976 |
+
msgid ""
|
977 |
+
"enable this option when you want to secure logins and the admin area so that "
|
978 |
+
"both passwords and cookies are never sent in the clear. Ensure that you can "
|
979 |
+
"access your admin console from HTTPS before enabling this option, otherwise "
|
980 |
+
"you will lock yourself out of your site!"
|
981 |
+
msgstr ""
|
982 |
+
"activez cette option lorsque vous souhaitez sécuriser les connexions à votre "
|
983 |
+
"Tableau de bord. Assurez-vous que vous pouvez accéder à votre page de "
|
984 |
+
"connexion via HTTPS avant d'activer cette option, sinon vous risquez de "
|
985 |
+
"bloquer l’accès à votre site !"
|
986 |
+
|
987 |
+
#: lib/help.php:170
|
988 |
+
msgid "Disable the plugin and theme editor <code>DISALLOW_FILE_EDIT</code>:"
|
989 |
+
msgstr ""
|
990 |
+
"Désactiver l’éditeur de thème et d'extension <code>DISALLOW_FILE_EDIT</"
|
991 |
+
"code> :"
|
992 |
+
|
993 |
+
#: lib/help.php:170
|
994 |
+
msgid ""
|
995 |
+
"disabling the plugin and theme editor provides an additional layer of "
|
996 |
+
"security if a hacker gains access to a well-privileged user account."
|
997 |
+
msgstr ""
|
998 |
+
"désactiver l’éditeur de thème et d'extension fournit une couche de sécurité "
|
999 |
+
"supplémentaire. Si un pirate accédait a votre compte administrateur, il ne "
|
1000 |
+
"pourrait pas l'utiliser pour insérer une porte dérobée dans l'un de vos "
|
1001 |
+
"scripts PHP."
|
1002 |
+
|
1003 |
+
#: lib/help.php:171
|
1004 |
+
msgid ""
|
1005 |
+
"Disable plugin and theme update/installation <code>DISALLOW_FILE_MODS</code>:"
|
1006 |
+
msgstr ""
|
1007 |
+
"Désactiver l'installation et mise à jour des thèmes et extensions "
|
1008 |
+
"<code>DISALLOW_FILE_MODS</code> :"
|
1009 |
+
|
1010 |
+
#: lib/help.php:171
|
1011 |
+
msgid ""
|
1012 |
+
"this option will block users being able to use the plugin and theme "
|
1013 |
+
"installation/update functionality from the WordPress admin area. Setting "
|
1014 |
+
"this constant also disables the Plugin and Theme editor."
|
1015 |
+
msgstr ""
|
1016 |
+
"cette option permet de bloquer les utilisateurs voulant lancer une "
|
1017 |
+
"installation ou mise à jour d'une extension ou d'un thème. Elle désactive "
|
1018 |
+
"aussi l’éditeur de thème et d'extension."
|
1019 |
+
|
1020 |
+
#: lib/help.php:176 ninjafirewall.php:1330
|
1021 |
+
msgid "Intermediate Policies"
|
1022 |
+
msgstr "Politiques intermédiaires"
|
1023 |
+
|
1024 |
+
#: lib/help.php:178 ninjafirewall.php:1696
|
1025 |
+
msgid "HTTP GET variable"
|
1026 |
+
msgstr "Variable HTTP GET"
|
1027 |
+
|
1028 |
+
#: lib/help.php:179
|
1029 |
+
msgid "Whether to scan and/or sanitise the <code>GET</code> variable."
|
1030 |
+
msgstr "S'il faut filtrer / nettoyer la variable <code>GET</code>."
|
1031 |
+
|
1032 |
+
#: lib/help.php:181 ninjafirewall.php:1739
|
1033 |
+
msgid "HTTP POST variable"
|
1034 |
+
msgstr "Variable HTTP POST"
|
1035 |
+
|
1036 |
+
#: lib/help.php:182
|
1037 |
+
msgid "Whether to scan and/or sanitise the <code>POST</code> variable."
|
1038 |
+
msgstr "S'il faut filtrer / nettoyer la variable <code>POST</code>."
|
1039 |
+
|
1040 |
+
#: lib/help.php:183
|
1041 |
+
msgid "Decode Base64-encoded <code>POST</code> variable:"
|
1042 |
+
msgstr ""
|
1043 |
+
"Décoder les chaîne encodées en Base64 dans la variable <code>POST</"
|
1044 |
+
"code> :"
|
1045 |
+
|
1046 |
+
#: lib/help.php:183
|
1047 |
+
msgid ""
|
1048 |
+
"NinjaFirewall will decode and scan base64 encoded values in order to detect "
|
1049 |
+
"obfuscated malicious code. This option is only available for the <code>POST</"
|
1050 |
+
"code> variable."
|
1051 |
+
msgstr ""
|
1052 |
+
"NinjaFirewall peut décoder et filtrer les chaînes de caractères encodées en "
|
1053 |
+
"Base64 afin d'y détecter du code malveillant caché."
|
1054 |
+
|
1055 |
+
#: lib/help.php:185 ninjafirewall.php:1782
|
1056 |
+
msgid "HTTP REQUEST variable"
|
1057 |
+
msgstr "Variable HTTP REQUEST"
|
1058 |
+
|
1059 |
+
#: lib/help.php:186
|
1060 |
+
msgid "Whether to sanitise the <code>REQUEST</code> variable."
|
1061 |
+
msgstr "S'il faut filtrer / nettoyer la variable <code>REQUEST</code>."
|
1062 |
+
|
1063 |
+
#: lib/help.php:188 ninjafirewall.php:1810
|
1064 |
+
msgid "Cookies"
|
1065 |
+
msgstr "Cookies"
|
1066 |
+
|
1067 |
+
#: lib/help.php:189
|
1068 |
+
msgid "Whether to scan and/or sanitise cookies."
|
1069 |
+
msgstr "S'il faut filtrer / nettoyer les cookies."
|
1070 |
+
|
1071 |
+
#: lib/help.php:191 ninjafirewall.php:1855
|
1072 |
+
msgid "HTTP_USER_AGENT server variable"
|
1073 |
+
msgstr "Variable HTTP_USER_AGENT"
|
1074 |
+
|
1075 |
+
#: lib/help.php:192
|
1076 |
+
msgid "Whether to scan and/or sanitise <code>HTTP_USER_AGENT</code> requests."
|
1077 |
+
msgstr "S'il faut filtrer / nettoyer la variable <code>HTTP_USER_AGENT</code>."
|
1078 |
+
|
1079 |
+
#: lib/help.php:193
|
1080 |
+
msgid "Block suspicious bots/scanners:"
|
1081 |
+
msgstr "Bloquer les requêtes provenant de bots/scanners suspects :"
|
1082 |
+
|
1083 |
+
#: lib/help.php:193
|
1084 |
+
msgid ""
|
1085 |
+
"rejects some known bots, scanners and various malicious scripts attempting "
|
1086 |
+
"to access your blog."
|
1087 |
+
msgstr ""
|
1088 |
+
"cette option peut bloquer de nombreux crawlers, spambots et autres scrappers."
|
1089 |
+
|
1090 |
+
#: lib/help.php:195 ninjafirewall.php:1908
|
1091 |
+
msgid "HTTP_REFERER server variable"
|
1092 |
+
msgstr "Variable HTTP_REFERER"
|
1093 |
+
|
1094 |
+
#: lib/help.php:196
|
1095 |
+
msgid "Whether to scan and/or sanitise <code>HTTP_REFERER</code> requests."
|
1096 |
+
msgstr "S'il faut filtrer / nettoyer la variable <code>HTTP_REFERER</code>."
|
1097 |
+
|
1098 |
+
#: lib/help.php:197
|
1099 |
+
msgid ""
|
1100 |
+
"Block POST requests that do not have an <code>HTTP_REFERER</code> header:"
|
1101 |
+
msgstr ""
|
1102 |
+
"Bloquer les requêtes POST qui n'ont pas d'en-tête <code>HTTP_REFERER</"
|
1103 |
+
"code> :"
|
1104 |
+
|
1105 |
+
#: lib/help.php:197
|
1106 |
+
msgid ""
|
1107 |
+
"this option will block any <code>POST</code> request that does not have a "
|
1108 |
+
"Referrer header (<code>HTTP_REFERER</code> variable). If you need external "
|
1109 |
+
"applications to post to your scripts (e.g. Paypal IPN, WordPress WP-"
|
1110 |
+
"Cron...), you are advised to keep this option disabled otherwise they will "
|
1111 |
+
"likely be blocked. Note that <code>POST</code> requests are not required to "
|
1112 |
+
"have a Referrer header and, for that reason, this option is disabled by "
|
1113 |
+
"default."
|
1114 |
+
msgstr ""
|
1115 |
+
"cette option bloque toutes les requêtes POST qui n'incluent pas le Referrer "
|
1116 |
+
"<code>HTTP_REFERER</code> (adresse de la page -si elle existe- qui a conduit "
|
1117 |
+
"le client à la page courante). Puisque les requêtes POST ne sont pas "
|
1118 |
+
"obligées d'avoir un Referrer, cette option n'est pas activée par défaut. Si "
|
1119 |
+
"vous utilisez des scripts comme Paypal IPN, WordPress WP-Cron etc, "
|
1120 |
+
"désactivez cette fonction."
|
1121 |
+
|
1122 |
+
#: lib/help.php:200
|
1123 |
+
msgid "Block localhost IP in <code>GET/POST</code> requests:"
|
1124 |
+
msgstr ""
|
1125 |
+
"Bloquer les requêtes <code>GET/POST</code> contenant l'IP localhost :"
|
1126 |
+
|
1127 |
+
#: lib/help.php:200
|
1128 |
+
msgid ""
|
1129 |
+
"this option will block any <code>GET</code> or <code>POST</code> request "
|
1130 |
+
"containing the localhost IP (127.0.0.1). It can be useful to block SQL "
|
1131 |
+
"dumpers and various hacker's shell scripts."
|
1132 |
+
msgstr ""
|
1133 |
+
"cette option bloque toute requête <code>GET</code> ou <code>POST</code> "
|
1134 |
+
"contenant l'IP localhost (127.0.0.1). Cela peut s'avérer utile pour bloquer "
|
1135 |
+
"les programmes malveillants. Attention toutefois à ne pas bloquer certains "
|
1136 |
+
"scripts d'installation ou de configuration si vous l'activez. "
|
1137 |
+
|
1138 |
+
#: lib/help.php:201
|
1139 |
+
msgid "Block HTTP requests with an IP in the <code>HTTP_HOST</code> header:"
|
1140 |
+
msgstr ""
|
1141 |
+
"Bloquer les requêtes HTTP dont l'en-tête <code>HTTP_HOST</code> contient une "
|
1142 |
+
"IP :"
|
1143 |
+
|
1144 |
+
#: lib/help.php:201
|
1145 |
+
#, php-format
|
1146 |
+
msgid ""
|
1147 |
+
"this option will reject any request using an IP instead of a domain name in "
|
1148 |
+
"the <code>Host</code> header of the HTTP request. Unless you need to connect "
|
1149 |
+
"to your site using its IP address, (e.g. %s), enabling this option will "
|
1150 |
+
"block a lot of hackers scanners because such applications scan IPs rather "
|
1151 |
+
"than domain names."
|
1152 |
+
msgstr ""
|
1153 |
+
"cette option rejette toute requête HTTP contenant une adresse IP au lieu "
|
1154 |
+
"d'un nom de domaine dans son en-tête <code>Host</code>. Sauf si vous avez "
|
1155 |
+
"besoin de vous connecter à votre site en utilisant son adresse IP (ex: %s), "
|
1156 |
+
"activer cette option bloquera de nombreux scanners de vulnérabilité car ces "
|
1157 |
+
"application trouvent les sites en scannant les plages d'adresses IP plutôt "
|
1158 |
+
"que les noms de domaine. "
|
1159 |
+
|
1160 |
+
#: lib/help.php:202
|
1161 |
+
msgid "Scan traffic coming from localhost and private IP address spaces:"
|
1162 |
+
msgstr ""
|
1163 |
+
"Filtrer les connexions provenant de localhost et d'adresses IP privées :"
|
1164 |
+
|
1165 |
+
#: lib/help.php:202
|
1166 |
+
msgid ""
|
1167 |
+
"this option will allow the firewall to scan traffic from all non-routable "
|
1168 |
+
"private IPs (IPv4 and IPv6) as well as the localhost IP. We recommend to "
|
1169 |
+
"keep it enabled if you have a private network (2 or more servers "
|
1170 |
+
"interconnected)."
|
1171 |
+
msgstr ""
|
1172 |
+
"cette option vous permet de filtrer le trafic émanant de votre réseau privé. "
|
1173 |
+
"Nous vous recommandons de le garder activé si vous avez 2 ou plusieurs "
|
1174 |
+
"serveurs reliés entre eux."
|
1175 |
+
|
1176 |
+
#: lib/help.php:207 ninjafirewall.php:1331
|
1177 |
+
msgid "Advanced Policies"
|
1178 |
+
msgstr "Politiques avancées"
|
1179 |
+
|
1180 |
+
#: lib/help.php:209 ninjafirewall.php:2021
|
1181 |
+
msgid "HTTP response headers"
|
1182 |
+
msgstr "En-têtes de réponse HTTP"
|
1183 |
+
|
1184 |
+
#: lib/help.php:211
|
1185 |
+
msgid ""
|
1186 |
+
"In addition to filtering incoming requests, NinjaFirewall can also hook the "
|
1187 |
+
"HTTP response in order to alter its headers. Those modifications can help to "
|
1188 |
+
"mitigate threats such as XSS, phishing and clickjacking attacks."
|
1189 |
+
msgstr ""
|
1190 |
+
"En plus de filtrer les requêtes entrantes, NinjaFirewall peut aussi "
|
1191 |
+
"intercepter la réponse HTTP afin de modifier ses en-têtes. Ces modifications "
|
1192 |
+
"peuvent aider à atténuer les menaces telles que les attaques XSS, phishing "
|
1193 |
+
"et clickjacking."
|
1194 |
+
|
1195 |
+
#: lib/help.php:213
|
1196 |
+
msgid ""
|
1197 |
+
"Set <code>X-Content-Type-Options</code> to protect against MIME type "
|
1198 |
+
"confusion attacks:"
|
1199 |
+
msgstr ""
|
1200 |
+
"Activer <code>X-Content-Type-Options</code> pour protéger contre les "
|
1201 |
+
"attaques basées sur la confusion du type MIME :"
|
1202 |
+
|
1203 |
+
#: lib/help.php:213
|
1204 |
+
msgid ""
|
1205 |
+
"sending this response header with the <code>nosniff</code> value will "
|
1206 |
+
"prevent compatible browsers from MIME-sniffing a response away from the "
|
1207 |
+
"declared content-type."
|
1208 |
+
msgstr ""
|
1209 |
+
"les éléments script et styleSheet rejettent les réponses avec des types MIME "
|
1210 |
+
"incorrects si le serveur envoie l’en-tête de réponse <code>X-Content-Type-"
|
1211 |
+
"Options: nosniff</code>. Il s’agit d’une fonctionnalité de sécurité qui "
|
1212 |
+
"facilite la prévention des attaques basées sur la confusion du type MIME."
|
1213 |
+
|
1214 |
+
#: lib/help.php:214
|
1215 |
+
msgid ""
|
1216 |
+
"Set <code>X-Frame-Options</code> to protect against clickjacking attempts:"
|
1217 |
+
msgstr ""
|
1218 |
+
"Activer <code>X-Frame-Options</code> pour protéger contre les attaques de "
|
1219 |
+
"détournement de clic (clickjacking) :"
|
1220 |
+
|
1221 |
+
#: lib/help.php:214
|
1222 |
+
msgid ""
|
1223 |
+
"this header indicates a policy whether a browser must not allow to render a "
|
1224 |
+
"page in a <frame> or <iframe>. Hosts can declare this policy in "
|
1225 |
+
"the header of their HTTP responses to prevent clickjacking attacks, by "
|
1226 |
+
"ensuring that their content is not embedded into other pages or frames. "
|
1227 |
+
"NinjaFirewall accepts two different values:"
|
1228 |
+
msgstr ""
|
1229 |
+
"cet en-tête informe le navigateur s'il doit autoriser ou non l'affichage "
|
1230 |
+
"d'une page dans une <frame> ou <iframe>. Cela permet d'empêcher "
|
1231 |
+
"les attaques de clickjacking, en veillant à ce que le contenu d'une page ne "
|
1232 |
+
"sont pas intégré dans d'autres pages ou cadres, notamment d'un autre site. "
|
1233 |
+
"NinjaFirewall accepte deux valeurs différentes :"
|
1234 |
+
|
1235 |
+
#: lib/help.php:216
|
1236 |
+
msgid ""
|
1237 |
+
"a browser receiving content with this header must not display this content "
|
1238 |
+
"in any frame from a page of different origin than the content itself."
|
1239 |
+
msgstr ""
|
1240 |
+
"un navigateur ne doit pas afficher le contenu dans une <frame> ou <"
|
1241 |
+
"iframe> d'une page d'origine différente que le contenu lui-même."
|
1242 |
+
|
1243 |
+
#: lib/help.php:217
|
1244 |
+
msgid ""
|
1245 |
+
"a browser receiving content with this header must not display this content "
|
1246 |
+
"in any frame."
|
1247 |
+
msgstr ""
|
1248 |
+
"un navigateur ne doit jamais afficher le contenu dans une <frame> ou "
|
1249 |
+
"<iframe>"
|
1250 |
+
|
1251 |
+
#: lib/help.php:220
|
1252 |
+
msgid "NinjaFirewall does not support the <code>ALLOW-FROM</code> value."
|
1253 |
+
msgstr ""
|
1254 |
+
"La valeur <code>ALLOW-FROM</code> n'est pas prise en charge par "
|
1255 |
+
"NinjaFirewall."
|
1256 |
+
|
1257 |
+
#: lib/help.php:222
|
1258 |
+
msgid ""
|
1259 |
+
"Since v3.1.3, WordPress sets this value to <code>SAMEORIGIN</code> for the "
|
1260 |
+
"administrator and the login page only."
|
1261 |
+
msgstr ""
|
1262 |
+
"Depuis la version 3.1.3, WordPress active <code>SAMEORIGIN</code> pour "
|
1263 |
+
"l'administrateur et la page de connexion uniquement."
|
1264 |
+
|
1265 |
+
#: lib/help.php:223
|
1266 |
+
msgid "Enforce <code>X-XSS-Protection</code> (IE, Chrome and Safari browsers):"
|
1267 |
+
msgstr ""
|
1268 |
+
"Forcer <code>X-XSS-Protection</code> pour utiliser les filtres anti-XSS des "
|
1269 |
+
"navigateurs (IE, Chrome et Safari) :"
|
1270 |
+
|
1271 |
+
#: lib/help.php:223
|
1272 |
+
msgid ""
|
1273 |
+
"this header allows compatible browsers to identify and block XSS attack by "
|
1274 |
+
"preventing the malicious script from executing. NinjaFirewall will set its "
|
1275 |
+
"value to <code>1; mode=block</code>."
|
1276 |
+
msgstr ""
|
1277 |
+
"cet en-tête permet aux navigateurs compatibles d'identifier et bloquer les "
|
1278 |
+
"attaques XSS en empêchant un script malveillant de s'exécuter. NinjaFirewall "
|
1279 |
+
"envoie cet en-tête avec la valeur <code>1; mode=block</code>."
|
1280 |
+
|
1281 |
+
#: lib/help.php:224
|
1282 |
+
msgid ""
|
1283 |
+
"Force <code>HttpOnly</code> flag on all cookies to mitigate XSS attacks:"
|
1284 |
+
msgstr ""
|
1285 |
+
"Activer la propriété <code>HttpOnly</code> pour tous les cookies afin "
|
1286 |
+
"d'atténuer les menaces XSS qui génèrent des vols de cookies :"
|
1287 |
+
|
1288 |
+
#: lib/help.php:224
|
1289 |
+
msgid ""
|
1290 |
+
"adding this flag to cookies helps to mitigate the risk of cross-site "
|
1291 |
+
"scripting by preventing them from being accessed through client-side script. "
|
1292 |
+
"NinjaFirewall can hook all cookies sent by your blog, its plugins or any "
|
1293 |
+
"other PHP script, add the <code>HttpOnly</code> flag if it is missing, and "
|
1294 |
+
"re-inject those cookies back into your server HTTP response headers right "
|
1295 |
+
"before they are sent to your visitors. Note that WordPress sets that flag on "
|
1296 |
+
"the logged in user cookies only."
|
1297 |
+
msgstr ""
|
1298 |
+
"cette protection permet de diminuer les risques d'attaques XSS en empêchant "
|
1299 |
+
"JavaScript d'accéder aux cookies de l'utilisateur. NinjaFirewall peut "
|
1300 |
+
"intercepter les cookies envoyés par vos scripts PHP, activer la propriété "
|
1301 |
+
"<code>HttpOnly</code> si elle est manquante, puis réinjecter les cookies "
|
1302 |
+
"dans la réponse HTTP juste avant que celle-ci ne soit envoyée à vos "
|
1303 |
+
"visiteurs."
|
1304 |
+
|
1305 |
+
#: lib/help.php:225
|
1306 |
+
msgid ""
|
1307 |
+
"If your PHP scripts send cookies that need to be accessed from JavaScript, "
|
1308 |
+
"you should keep that option disabled."
|
1309 |
+
msgstr ""
|
1310 |
+
"Si vos scripts PHP envoient des cookies qui doivent être accessibles à "
|
1311 |
+
"partir de JavaScript, vous devez garder cette option désactivée."
|
1312 |
+
|
1313 |
+
#: lib/help.php:226
|
1314 |
+
msgid ""
|
1315 |
+
"Set <code>Strict-Transport-Security</code> (HSTS) to enforce secure "
|
1316 |
+
"connections to the server:"
|
1317 |
+
msgstr ""
|
1318 |
+
"Activer <code>Strict-Transport-Security</code> (HSTS) pour forcer les "
|
1319 |
+
"connexions sécurisées vers le serveur "
|
1320 |
+
|
1321 |
+
#: lib/help.php:226
|
1322 |
+
msgid ""
|
1323 |
+
"this policy enforces secure HTTPS connections to the server. Web browsers "
|
1324 |
+
"will not allow the user to access the web application over insecure HTTP "
|
1325 |
+
"protocol. It helps to defend against cookie hijacking and Man-in-the-middle "
|
1326 |
+
"attacks. Most recent browsers support HSTS headers."
|
1327 |
+
msgstr ""
|
1328 |
+
"cette politique force les connexions HTTPS sécurisées vers le serveur. Les "
|
1329 |
+
"navigateurs n'accepteront pas de se connecter au site si la connexion n'est "
|
1330 |
+
"pas sécurisée (HTTPS). Cela permet de se défendre contre les détournements "
|
1331 |
+
"de cookies ou les attaques du type \"Man-in-the-middle\". La plupart des "
|
1332 |
+
"navigateurs récents sont compatibles avec cette politique."
|
1333 |
+
|
1334 |
+
#: lib/help.php:227
|
1335 |
+
msgid "Set <code>Content-Security-Policy</code>:"
|
1336 |
+
msgstr "Activer <code>Content-Security-Policy</code> :"
|
1337 |
+
|
1338 |
+
#: lib/help.php:227
|
1339 |
+
msgid ""
|
1340 |
+
"this policy helps to mitigate threats such as XSS, phishing and clickjacking "
|
1341 |
+
"attacks. It covers JavaScript, CSS, HTML frames, web workers, fonts, images, "
|
1342 |
+
"objects (Java, ActiveX, audio and video files), and other HTML5 features."
|
1343 |
+
msgstr ""
|
1344 |
+
"cette politique aide pour bloquer les attaques XSS notamment. Elle couvre le "
|
1345 |
+
"code JavaScript, les styles CSS, frames/iframes HTML, polices, images, "
|
1346 |
+
"objets (Java, ActiveX, fichiers audio et video), mais aussi les WebSocket."
|
1347 |
+
|
1348 |
+
#: lib/help.php:227
|
1349 |
+
msgid ""
|
1350 |
+
"NinjaFirewall lets you configure the CSP policy separately for the frontend "
|
1351 |
+
"(blog, website) and the backend (WordPress admin dashboard)."
|
1352 |
+
msgstr ""
|
1353 |
+
"NinjaFirewall vous permet de configurer CSP séparément pour le site et "
|
1354 |
+
"l'interface d'administration de WordPress."
|
1355 |
+
|
1356 |
+
#: lib/help.php:230
|
1357 |
+
msgid "Block PHP built-in wrappers:"
|
1358 |
+
msgstr "Bloquer les gestionnaires (wrappers) PHP dangereux :"
|
1359 |
+
|
1360 |
+
#: lib/help.php:230
|
1361 |
+
msgid ""
|
1362 |
+
"PHP has several wrappers for use with the filesystem functions. It is "
|
1363 |
+
"possible for an attacker to use them to bypass firewalls and various IDS to "
|
1364 |
+
"exploit remote and local file inclusions. This option lets you block any "
|
1365 |
+
"script attempting to pass a <code>expect://</code>, <code>file://</code>, "
|
1366 |
+
"<code>phar://</code>, <code>php://</code>, <code>zip://</code> or "
|
1367 |
+
"<code>data://</code> stream inside a <code>GET</code> or <code>POST</code> "
|
1368 |
+
"request, cookies, user agent and referrer variables."
|
1369 |
+
msgstr ""
|
1370 |
+
"PHP dispose de nombreux gestionnaires pour différents types de protocoles de "
|
1371 |
+
"style URL, à utiliser avec les fonctions de manipulation de fichiers. Il est "
|
1372 |
+
"possible pour un hacker de les utiliser afin de passer outre un pare-feu ou "
|
1373 |
+
"des extensions de sécurité afin d'exploiter une vulnérabilité dans un script "
|
1374 |
+
"(RFI/LFI etc). Cette option détecte et bloque toute tentative d'utilisation "
|
1375 |
+
"de <code>expect://</code>, <code>file://</code>, <code>phar://</code>, "
|
1376 |
+
"<code>php://</code>, <code>zip://</code> ou <code>data://</code> dans une "
|
1377 |
+
"requête <code>GET</code> ou <code>POST</code>, des cookies, ou dans les "
|
1378 |
+
"variables <code>HTTP_REFERER</code> et <code>HTTP_USER_AGENT</code>."
|
1379 |
+
|
1380 |
+
#: lib/help.php:231
|
1381 |
+
msgid "Block serialized PHP objects:"
|
1382 |
+
msgstr "Bloquer les objets PHP sérialisés :"
|
1383 |
+
|
1384 |
+
#: lib/help.php:231
|
1385 |
+
#, php-format
|
1386 |
+
msgid ""
|
1387 |
+
"Object Serialization is a PHP feature used by many applications to generate "
|
1388 |
+
"a storable representation of a value. However, some insecure PHP "
|
1389 |
+
"applications and plugins can turn that feature into a critical vulnerability "
|
1390 |
+
"called <a href=\"%s\">PHP Object Injection</a>. This option can block "
|
1391 |
+
"serialized PHP objects found inside a a <code>GET</code> or <code>POST</"
|
1392 |
+
"code> request, cookies, user agent and referrer variables."
|
1393 |
+
msgstr ""
|
1394 |
+
"La sérialisation est utilisée par de nombreuses applications afin de générer "
|
1395 |
+
"une représentation stockable d'une valeur. Cependant, lorsqu'elle est "
|
1396 |
+
"utilisée dans des applications, thèmes ou extensions mal sécurisées, la "
|
1397 |
+
"sérialisation d'objets peut être exploitée pour injecter et exécuter du code "
|
1398 |
+
"PHP (<a href=\"%s\">PHP Object Injection</a>). NinjaFirewall peut bloquer "
|
1399 |
+
"les objets PHP sérialisés se trouvant dans les requêtes <code>GET</code> ou "
|
1400 |
+
"<code>POST</code>, les cookies, ou dans les variables <code>HTTP_REFERER</"
|
1401 |
+
"code> et <code>HTTP_USER_AGENT</code>."
|
1402 |
+
|
1403 |
+
#: lib/help.php:232
|
1404 |
+
msgid "Hide PHP notice and error messages:"
|
1405 |
+
msgstr "Masquer les messages d'erreur de PHP :"
|
1406 |
+
|
1407 |
+
#: lib/help.php:232
|
1408 |
+
msgid ""
|
1409 |
+
"this option lets you hide errors returned by your scripts. Such errors can "
|
1410 |
+
"leak sensitive informations which can be exploited by hackers."
|
1411 |
+
msgstr ""
|
1412 |
+
"vous permet de masquer les erreurs retournées par PHP. Ces erreurs peuvent "
|
1413 |
+
"afficher des informations sensibles qui peuvent être exploitées "
|
1414 |
+
"ultérieurement par des pirates."
|
1415 |
+
|
1416 |
+
#: lib/help.php:233
|
1417 |
+
msgid ""
|
1418 |
+
"Sanitise <code>PHP_SELF</code>, <code>PATH_TRANSLATED</code>, "
|
1419 |
+
"<code>PATH_INFO</code>:"
|
1420 |
+
msgstr ""
|
1421 |
+
"Nettoyer <code>PHP_SELF</code>, <code>PATH_TRANSLATED</code>, "
|
1422 |
+
"<code>PATH_INFO</code> :"
|
1423 |
+
|
1424 |
+
#: lib/help.php:233
|
1425 |
+
msgid ""
|
1426 |
+
"this option can sanitise any dangerous characters found in those 3 server "
|
1427 |
+
"variables to prevent various XSS and database injection attempts."
|
1428 |
+
msgstr ""
|
1429 |
+
"activez ces options si vous souhaitez que le pare-feu nettoie ces trois "
|
1430 |
+
"variables."
|
1431 |
+
|
1432 |
+
#: lib/help.php:235 ninjafirewall.php:2295
|
1433 |
+
msgid "Various"
|
1434 |
+
msgstr "Divers"
|
1435 |
+
|
1436 |
+
#: lib/help.php:236
|
1437 |
+
#, php-format
|
1438 |
+
msgid ""
|
1439 |
+
"Block the <code>DOCUMENT_ROOT</code> server variable (%s) in HTTP requests:"
|
1440 |
+
msgstr ""
|
1441 |
+
"Bloquer les requêtes HTTP contenant la variable <code>DOCUMENT_ROOT</code> "
|
1442 |
+
"(%s) :"
|
1443 |
+
|
1444 |
+
#: lib/help.php:236
|
1445 |
+
msgid ""
|
1446 |
+
"this option will block scripts attempting to pass the <code>DOCUMENT_ROOT</"
|
1447 |
+
"code> server variable in a <code>GET</code> or <code>POST</code> request. "
|
1448 |
+
"Hackers use shell scripts that often need to pass this value, but most "
|
1449 |
+
"legitimate programs do not."
|
1450 |
+
msgstr ""
|
1451 |
+
"cette option bloque toute tentative de passer la variable "
|
1452 |
+
"<code>DOCUMENT_ROOT</code> dans une requête <code>GET</code> ou <code>POST</"
|
1453 |
+
"code>. Les pirates utilisent souvent des scripts qui nécessitent d'utiliser "
|
1454 |
+
"cette variable, mais pas la plupart des applications légitimes (hormis "
|
1455 |
+
"certains scripts d'installation ou de configuration)."
|
1456 |
+
|
1457 |
+
#: lib/help.php:237
|
1458 |
+
msgid "Block ASCII character 0x00 (NULL byte):"
|
1459 |
+
msgstr "Bloquer le caractère ASCII 0x00 (NULL byte) :"
|
1460 |
+
|
1461 |
+
#: lib/help.php:237
|
1462 |
+
msgid ""
|
1463 |
+
"this option will reject any <code>GET</code> or <code>POST</code> request, "
|
1464 |
+
"<code>HTTP_USER_AGENT</code>, <code>REQUEST_URI</code>, <code>PHP_SELF</"
|
1465 |
+
"code>, <code>PATH_INFO</code>, <code>HTTP_REFERER</code> variables "
|
1466 |
+
"containing the ASCII character 0x00 (NULL byte). Such a character is "
|
1467 |
+
"dangerous and should always be rejected."
|
1468 |
+
msgstr ""
|
1469 |
+
"toute requête <code>GET</code> ou <code>POST</code>, ainsi que toute "
|
1470 |
+
"variable <code>HTTP_REFERER</code>, <code>HTTP_USER_AGENT</code>, "
|
1471 |
+
"<code>REQUEST_URI</code>, <code>PHP_SELF</code>, <code>PATH_INFO</code> "
|
1472 |
+
"contenant le caractère ASCI 0x00 (NULL byte) sera bloquée immédiatement. Ce "
|
1473 |
+
"caractère est dangereux et devrait toujours être rejeté."
|
1474 |
+
|
1475 |
+
#: lib/help.php:238
|
1476 |
+
msgid "Block ASCII control characters 1 to 8 and 14 to 31:"
|
1477 |
+
msgstr "Bloquer les caractères de contrôle ASCII 1 à 8 et 14 à 31 :"
|
1478 |
+
|
1479 |
+
#: lib/help.php:238
|
1480 |
+
msgid ""
|
1481 |
+
"this option will reject any <code>GET</code> or <code>POST</code> request, "
|
1482 |
+
"<code>HTTP_USER_AGENT</code>, <code>HTTP_REFERER</code> variables containing "
|
1483 |
+
"ASCII characters from 1 to 8 and 14 to 31."
|
1484 |
+
msgstr ""
|
1485 |
+
"toute requête <code>GET</code> ou <code>POST</code>, ainsi que toute "
|
1486 |
+
"variable <code>HTTP_USER_AGENT</code>, <code>HTTP_REFERER</code> contenant "
|
1487 |
+
"des caractères ASCII 1 à 8 et 14 à 31 sera bloquée."
|
1488 |
+
|
1489 |
+
#: lib/help.php:244 ninjafirewall.php:1665
|
1490 |
+
msgid "Users Whitelist"
|
1491 |
+
msgstr "Liste Blanche"
|
1492 |
+
|
1493 |
+
#: lib/help.php:246
|
1494 |
+
#, php-format
|
1495 |
+
msgid ""
|
1496 |
+
"By default, any logged in WordPress administrator will not be blocked by "
|
1497 |
+
"NinjaFirewall. You can also add any logged in users to the whitelist (make "
|
1498 |
+
"sure you trust them all before doing so).<br />This feature applies to all "
|
1499 |
+
"Firewall Policies listed below, except <code>FORCE_SSL_ADMIN</code>, "
|
1500 |
+
"<code>DISALLOW_FILE_EDIT</code>, <code>DISALLOW_FILE_MODS</code> options and "
|
1501 |
+
"the <a href=\"%s\">Login Protection</a> which, if enabled, are always "
|
1502 |
+
"enforced."
|
1503 |
+
msgstr ""
|
1504 |
+
"Par défaut, tout administrateur connecté à WordPress ne sera pas bloqué par "
|
1505 |
+
"NinjaFirewall. Vous pouvez aussi ajouter à la liste blanche tous les autres "
|
1506 |
+
"utilisateurs connectés (avant de le faire, assurez-vous que ce sont tous des "
|
1507 |
+
"utilisateurs de confiance).<br />Cela vaut pour toutes les politiques de "
|
1508 |
+
"pare-feu énumérées ci-dessous, à l'exception de <code>FORCE_SSL_ADMIN</"
|
1509 |
+
"code>, <code>DISALLOW_FILE_EDIT</code>, <code>DISALLOW_FILE_MODS</code> et "
|
1510 |
+
"les options de la <a href=\"%s\">Page de Connexion</a> qui, si elle sont "
|
1511 |
+
"activées, seront toujours appliquées."
|
1512 |
+
|
1513 |
+
#: lib/help.php:258 ninjafirewall.php:815 ninjafirewall.php:2844
|
1514 |
+
msgid "File Guard"
|
1515 |
+
msgstr "File Guard"
|
1516 |
+
|
1517 |
+
#: lib/help.php:260
|
1518 |
+
msgid ""
|
1519 |
+
"File Guard can detect, in real-time, any access to a PHP file that was "
|
1520 |
+
"recently modified or created, and alert you about this."
|
1521 |
+
msgstr ""
|
1522 |
+
"File Guard peut détecter, en temps réel, tout accès à un fichier PHP qui a "
|
1523 |
+
"été récemment modifié ou créé, et vous alerter à ce sujet."
|
1524 |
+
|
1525 |
+
#: lib/help.php:262
|
1526 |
+
msgid ""
|
1527 |
+
"If a hacker uploaded a shell script to your site (or injected a backdoor "
|
1528 |
+
"into an already existing file) and tried to directly access that file using "
|
1529 |
+
"his browser or a script, NinjaFirewall would hook the HTTP request and "
|
1530 |
+
"immediately detect that the file was recently modified/created. It would "
|
1531 |
+
"send you a detailed alert (script name, IP, request, date and time). Alerts "
|
1532 |
+
"will be sent to the contact email address defined in the \"Event "
|
1533 |
+
"Notifications\" menu."
|
1534 |
+
msgstr ""
|
1535 |
+
"Si un pirate téléchargeait un script PHP sur votre site (ou injectait une "
|
1536 |
+
"porte dérobée dans un fichier existant) et essayait d'accéder directement à "
|
1537 |
+
"ce fichier en utilisant son navigateur ou un autre script, NinjaFirewall "
|
1538 |
+
"intercepterait la requête HTTP et détecterait immédiatement que le fichier a "
|
1539 |
+
"été récemment modifié ou créé. Il vous enverrait une alerte détaillée (nom "
|
1540 |
+
"du script, adresse IP, requête HTTP, la date et l'heure). Les alertes seront "
|
1541 |
+
"envoyées à l'adresse e-mail de contact définie dans le menu \"Notifications "
|
1542 |
+
"d’Événement\"."
|
1543 |
+
|
1544 |
+
#: lib/help.php:263
|
1545 |
+
msgid ""
|
1546 |
+
"If you do not want to monitor a folder, you can exclude its full path or a "
|
1547 |
+
"part of it (e.g., <code>/var/www/public_html/cache/</code> or <code>/cache/</"
|
1548 |
+
"code> etc). NinjaFirewall will compare this value to the <code>"
|
1549 |
+
"$_SERVER[\"SCRIPT_FILENAME\"]</code> server variable and, if it matches, "
|
1550 |
+
"will ignore it."
|
1551 |
+
msgstr ""
|
1552 |
+
"Pour exclure un répertoire, vous pouvez entrer son chemin complet ou une "
|
1553 |
+
"partie de celui-ci (par ex. <code>/var/www/public_html/cache/</code> ou "
|
1554 |
+
"simplement <code>/cache/</code>). NinjaFirewall comparera cette valeur à la "
|
1555 |
+
"variable <code>$_SERVER[\"SCRIPT_FILENAME\"]</code> et, si elle correspond, "
|
1556 |
+
"l'ignorera."
|
1557 |
+
|
1558 |
+
#: lib/help.php:264
|
1559 |
+
msgid ""
|
1560 |
+
"Multiple values must be comma-separated (e.g., <code>/foo/bar/,/cache/</"
|
1561 |
+
"code>)."
|
1562 |
+
msgstr ""
|
1563 |
+
"Plusieurs valeurs doivent être séparées par des virgules (par ex. <code>/foo/"
|
1564 |
+
"bar/,/cache/</code>)."
|
1565 |
+
|
1566 |
+
#: lib/help.php:265
|
1567 |
+
msgid ""
|
1568 |
+
"File Guard real-time detection is a totally unique feature, because "
|
1569 |
+
"NinjaFirewall is the only plugin for WordPress that can hook HTTP requests "
|
1570 |
+
"sent to any PHP script, even if that script is not part of the WordPress "
|
1571 |
+
"package (third-party software, shell script, backdoor etc)."
|
1572 |
+
msgstr ""
|
1573 |
+
"La détection en temps réel de File Guard est une caractéristique tout à fait "
|
1574 |
+
"unique, parce NinjaFirewall est la seule extension pour WordPress pouvant "
|
1575 |
+
"intercepter les requêtes HTTP envoyées à tout script PHP, même si ce dernier "
|
1576 |
+
"ne fait pas partie de WordPress (logiciel tiers, backdoor, etc)."
|
1577 |
+
|
1578 |
+
#: lib/help.php:274 ninjafirewall.php:833 ninjafirewall.php:2975
|
1579 |
+
msgid "Network"
|
1580 |
+
msgstr "Réseau"
|
1581 |
+
|
1582 |
+
#: lib/help.php:276
|
1583 |
+
msgid ""
|
1584 |
+
"Even if NinjaFirewall administration menu is only available to the Super "
|
1585 |
+
"Admin (from the main site), you can still display its status to all sites in "
|
1586 |
+
"the network by adding a small NinjaFirewall icon to their admin bar. It will "
|
1587 |
+
"be visible only to the administrators of those sites."
|
1588 |
+
msgstr ""
|
1589 |
+
"Même si NinjaFirewall n'est accessible qu'au Super Administrateur (depuis le "
|
1590 |
+
"site principal), vous pouvez toujours afficher son statut à tous les sites "
|
1591 |
+
"du réseau en ajoutant une petite icône à leur barre d'administration. Elle "
|
1592 |
+
"ne sera visible que par les administrateurs de ces sites."
|
1593 |
+
|
1594 |
+
#: lib/help.php:278
|
1595 |
+
msgid ""
|
1596 |
+
"It is recommended to enable this feature as it is the only way to know "
|
1597 |
+
"whether the sites in your network are protected and if NinjaFirewall "
|
1598 |
+
"installation was successful."
|
1599 |
+
msgstr ""
|
1600 |
+
"Il est recommandé d'activer cette fonction car c'est le seul moyen de savoir "
|
1601 |
+
"si les sites de votre réseau sont protégés et si l'installation de "
|
1602 |
+
"NinjaFirewall a réussi."
|
1603 |
+
|
1604 |
+
#: lib/help.php:280
|
1605 |
+
msgid ""
|
1606 |
+
"Note that when it is disabled, the icon still remains visible to you, the "
|
1607 |
+
"Super Admin."
|
1608 |
+
msgstr ""
|
1609 |
+
"Notez que même lorsqu'il est désactivé, l'icône reste visible pour vous, le "
|
1610 |
+
"Super Administrateur."
|
1611 |
+
|
1612 |
+
#: lib/help.php:290 lib/nf_sub_filecheck.php:130 ninjafirewall.php:819
|
1613 |
+
msgid "File Check"
|
1614 |
+
msgstr "File Check"
|
1615 |
+
|
1616 |
+
#: lib/help.php:291
|
1617 |
+
msgid ""
|
1618 |
+
"File Check lets you perform file integrity monitoring upon request or on a "
|
1619 |
+
"specific interval."
|
1620 |
+
msgstr ""
|
1621 |
+
"File Check vous permet d'effectuer une analyse de l'intégrité de vos "
|
1622 |
+
"fichiers sur demande ou à un intervalle spécifique défini."
|
1623 |
+
|
1624 |
+
#: lib/help.php:293
|
1625 |
+
msgid ""
|
1626 |
+
"You need to create a snapshot of all your files and then, at a later time, "
|
1627 |
+
"you can scan your system to compare it with the previous snapshot. Any "
|
1628 |
+
"modification will be immediately detected: file content, file permissions, "
|
1629 |
+
"file ownership, timestamp as well as file creation and deletion."
|
1630 |
+
msgstr ""
|
1631 |
+
"Vous devez créer un instantané de tous vos fichiers, puis, ultérieurement, "
|
1632 |
+
"vous pouvez scanner votre système pour le comparer avec l'instantané "
|
1633 |
+
"précédent. Toute modification sera immédiatement détectée : contenu, "
|
1634 |
+
"permissions et propriétés des fichiers, leur création et suppression ainsi "
|
1635 |
+
"que l'horodatage."
|
1636 |
+
|
1637 |
+
#: lib/help.php:294
|
1638 |
+
#, php-format
|
1639 |
+
msgid ""
|
1640 |
+
"Create a snapshot of all files stored in that directory: by default, the "
|
1641 |
+
"directory is set to WordPress <code>ABSPATH</code> (%s)"
|
1642 |
+
msgstr ""
|
1643 |
+
"Créer un instantané de tous les fichiers se trouvant dans ce "
|
1644 |
+
"répertoire : par défaut, le repertoire est l'<code>ABSPATH</code> de "
|
1645 |
+
"WordPress (%s)"
|
1646 |
+
|
1647 |
+
#: lib/help.php:295
|
1648 |
+
msgid ""
|
1649 |
+
"Exclude the following files/folders: you can enter a directory or a file "
|
1650 |
+
"name (e.g., <code>/foo/bar/</code>), or a part of it (e.g., <code>foo</"
|
1651 |
+
"code>). Or you can exclude a file extension (e.g., <code>.css</code>)."
|
1652 |
+
msgstr ""
|
1653 |
+
"Exclure les fichiers / dossiers suivants : vous pouvez entrer un "
|
1654 |
+
"répertoire ou un nom de fichier (par ex. <code>/foo/bar/</code>), ou une "
|
1655 |
+
"partie de celui-ci (par ex. <code>foo</code>), ou même exclure une extension "
|
1656 |
+
"de fichier (par ex. <code>.css</code>)."
|
1657 |
+
|
1658 |
+
#: lib/help.php:297
|
1659 |
+
msgid ""
|
1660 |
+
"Multiple values must be comma-separated (e.g., <code>/foo/bar/,.css,.png</"
|
1661 |
+
"code>)."
|
1662 |
+
msgstr ""
|
1663 |
+
"Plusieurs valeurs doivent être séparées par des virgules (par ex. <code>/foo/"
|
1664 |
+
"bar/,.css,.png</code>)."
|
1665 |
+
|
1666 |
+
#: lib/help.php:298
|
1667 |
+
msgid ""
|
1668 |
+
"Do not follow symbolic links: by default, NinjaFirewall will not follow "
|
1669 |
+
"symbolic links."
|
1670 |
+
msgstr ""
|
1671 |
+
"Ne pas suivre les liens symboliques : par défaut, NinjaFirewall ignore "
|
1672 |
+
"les liens symboliques lors de son analyse des fichiers."
|
1673 |
+
|
1674 |
+
#: lib/help.php:303
|
1675 |
+
msgid "Scheduled scans"
|
1676 |
+
msgstr "Analyses planifiées"
|
1677 |
+
|
1678 |
+
#: lib/help.php:304
|
1679 |
+
msgid ""
|
1680 |
+
"NinjaFirewall can scan your system on a specific interval (hourly, "
|
1681 |
+
"twicedaily or daily)."
|
1682 |
+
msgstr ""
|
1683 |
+
"NinjaFirewall peut scanner votre système à intervalle régulier (une fois par "
|
1684 |
+
"heure, deux fois par jour ou tous les jours)."
|
1685 |
+
|
1686 |
+
#: lib/help.php:306
|
1687 |
+
msgid ""
|
1688 |
+
"It can either send you a scan report only if changes are detected, or always "
|
1689 |
+
"send you one after each scan."
|
1690 |
+
msgstr ""
|
1691 |
+
"Il peut vous envoyer un rapport d'analyse uniquement si des changements ont "
|
1692 |
+
"été détectés, ou bien vous en envoyer un systématiquement après chaque "
|
1693 |
+
"analyse."
|
1694 |
+
|
1695 |
+
#: lib/help.php:308
|
1696 |
+
msgid ""
|
1697 |
+
"Reports will be sent to the contact email address defined in the \"Event "
|
1698 |
+
"Notifications\" menu."
|
1699 |
+
msgstr ""
|
1700 |
+
"Les rapports seront envoyés à l'adresse e-mail définie dans la page "
|
1701 |
+
"\"Notifications d'Événement\"."
|
1702 |
+
|
1703 |
+
#: lib/help.php:310
|
1704 |
+
#, php-format
|
1705 |
+
msgid ""
|
1706 |
+
"Scheduled scans rely on <a href=\"%s\">WordPress pseudo cron</a> which works "
|
1707 |
+
"only if your site gets sufficient traffic."
|
1708 |
+
msgstr ""
|
1709 |
+
"Les analyses planifiées utilisent le <a href=\"%s\">pseudo cron de "
|
1710 |
+
"WordPress</a> qui ne fonctionne que si votre site reçoit un trafic suffisant."
|
1711 |
+
|
1712 |
+
#: lib/help.php:323 lib/nf_sub_event.php:46 ninjafirewall.php:837
|
1713 |
+
msgid "Event Notifications"
|
1714 |
+
msgstr "Notifications d'Événement"
|
1715 |
+
|
1716 |
+
#: lib/help.php:324
|
1717 |
+
msgid ""
|
1718 |
+
"NinjaFirewall can alert you by email on specific events triggered within "
|
1719 |
+
"your blog. They include installations, updates, activations etc, as well as "
|
1720 |
+
"users login and modification of any administrator account in the database. "
|
1721 |
+
"Some of those alerts are enabled by default and it is highly recommended to "
|
1722 |
+
"keep them enabled. It is not unusual for a hacker, after breaking into your "
|
1723 |
+
"WordPress admin console, to install or just to upload a backdoored plugin or "
|
1724 |
+
"theme in order to take full control of your website."
|
1725 |
+
msgstr ""
|
1726 |
+
"NinjaFirewall peut vous alerter par e-mail au sujet d'événements spécifiques "
|
1727 |
+
"déclenchés au sein de votre blog. Ils comprennent les installations, mises à "
|
1728 |
+
"jour, activations, ainsi que les connexions des utilisateurs mais aussi la "
|
1729 |
+
"modification de tout compte d'administrateur dans la base de données. "
|
1730 |
+
"Certaines de ces alertes sont activées par défaut et il est fortement "
|
1731 |
+
"recommandé de les garder activées. Il n'est pas inhabituel pour un pirate, "
|
1732 |
+
"après avoir pénétré dans votre Tableau de bord de WordPress, d'y installer "
|
1733 |
+
"une porte dérobée (backdoor) afin de prendre le contrôle de votre blog."
|
1734 |
+
|
1735 |
+
#: lib/help.php:335 lib/login_protection.php:22 ninjafirewall.php:841
|
1736 |
+
msgid "Login Protection"
|
1737 |
+
msgstr "Page de Connexion"
|
1738 |
+
|
1739 |
+
#: lib/help.php:339
|
1740 |
+
msgid ""
|
1741 |
+
"By processing incoming HTTP requests before your blog and any of its "
|
1742 |
+
"plugins, NinjaFirewall is the only plugin for WordPress able to protect it "
|
1743 |
+
"against very large brute-force attacks, including distributed attacks coming "
|
1744 |
+
"from several thousands of different IPs."
|
1745 |
+
msgstr ""
|
1746 |
+
"Parce qu’il intercepte les requêtes HTTP avant même que WordPress et ses "
|
1747 |
+
"extensions se soient chargés, NinjaFirewall est la seule extension en mesure "
|
1748 |
+
"de protéger un blog contre de très grosses attaques par force brute, y "
|
1749 |
+
"compris les attaques distribuées provenant de plusieurs milliers d'adresses "
|
1750 |
+
"IP différentes."
|
1751 |
+
|
1752 |
+
#: lib/help.php:341
|
1753 |
+
msgid ""
|
1754 |
+
"You can choose two different types of protection: a password or a captcha. "
|
1755 |
+
"You can enable the protection only if an attack is detected or to keep it "
|
1756 |
+
"always activated."
|
1757 |
+
msgstr ""
|
1758 |
+
"Vous pouvez sélectionner deux types de protection : par mot de passe ou par "
|
1759 |
+
"captcha. Vous pouvez choisir d'activer la protection uniquement lorsqu'une "
|
1760 |
+
"attaque est détectée ou bien l'activer en permanence."
|
1761 |
+
|
1762 |
+
#: lib/help.php:343
|
1763 |
+
msgid "Yes, if under attack:"
|
1764 |
+
msgstr "Oui, si attaque en cours :"
|
1765 |
+
|
1766 |
+
#: lib/help.php:345
|
1767 |
+
msgid ""
|
1768 |
+
"The protection will be triggered when too many login attempts are detected, "
|
1769 |
+
"regardless of the offending IP. It blocks the attack instantly and prevents "
|
1770 |
+
"it from reaching WordPress, but still allows you to access your "
|
1771 |
+
"administration console using either the predefined username/password "
|
1772 |
+
"combination or the captcha code. "
|
1773 |
+
msgstr ""
|
1774 |
+
"Lorsque trop de tentatives de connexion sont détectées, NinjaFirewall "
|
1775 |
+
"protège immédiatement la page de connexion, quelle que soit l'adresse IP "
|
1776 |
+
"incriminée. Il bloque l'attaque instantanément et l'empêche d'atteindre "
|
1777 |
+
"WordPress, tout en vous permettant d'accéder à votre Tableau de bord en "
|
1778 |
+
"utilisant soit une combinaison nom d'utilisateur / mot de passe prédéfinie, "
|
1779 |
+
"soit un code captcha."
|
1780 |
+
|
1781 |
+
#: lib/help.php:347
|
1782 |
+
msgid "Always ON:"
|
1783 |
+
msgstr "Toujours activée :"
|
1784 |
+
|
1785 |
+
#: lib/help.php:349
|
1786 |
+
msgid ""
|
1787 |
+
"NinjaFirewall will always enforce the HTTP authentication or captcha "
|
1788 |
+
"implementation each time you access the login page."
|
1789 |
+
msgstr ""
|
1790 |
+
"Vous serez toujours invité à saisir votre nom d'utilisateur / mot de passe, "
|
1791 |
+
"ou le code du captcha, chaque fois que vous accéderez à la page de connexion."
|
1792 |
+
|
1793 |
+
#: lib/help.php:352
|
1794 |
+
msgid "Type of protection:"
|
1795 |
+
msgstr "Type de protection :"
|
1796 |
+
|
1797 |
+
#: lib/help.php:353
|
1798 |
+
msgid ""
|
1799 |
+
"<b>Password:</b> It password-protects the login page. NinjaFirewall uses its "
|
1800 |
+
"own very fast authentication scheme and it is compatible with any HTTP "
|
1801 |
+
"server (Apache, Nginx, Lighttpd etc)."
|
1802 |
+
msgstr ""
|
1803 |
+
"<b>Mot de passe :</b> Ajoute une protection par mot de passe. NinjaFirewall "
|
1804 |
+
"utilise son propre système d'authentification, rapide et compatible avec "
|
1805 |
+
"n'importe quel serveur HTTP (Apache, Nginx, Lighttpd etc)."
|
1806 |
+
|
1807 |
+
#: lib/help.php:354
|
1808 |
+
msgid "<b>Captcha:</b> It will display a 5-character captcha code."
|
1809 |
+
msgstr "<b>Captcha :</b> Affichera un code captcha à 5 caractères."
|
1810 |
+
|
1811 |
+
#: lib/help.php:355
|
1812 |
+
msgid "Bot protection:"
|
1813 |
+
msgstr "Protection contre les bots :"
|
1814 |
+
|
1815 |
+
#: lib/help.php:356
|
1816 |
+
msgid ""
|
1817 |
+
"NinjaFirewall will attempt to block bots and scripts immediately, i.e., even "
|
1818 |
+
"before they start a brute-force attack."
|
1819 |
+
msgstr ""
|
1820 |
+
"NinjaFirewall tentera de bloquer les bots et les scripts immédiatement, "
|
1821 |
+
"c'est-à-dire avant même qu'ils ne commencent une attaque par force brute."
|
1822 |
+
|
1823 |
+
#: lib/help.php:364
|
1824 |
+
msgid "AUTH log"
|
1825 |
+
msgstr "Journal d'authentification"
|
1826 |
+
|
1827 |
+
#: lib/help.php:367
|
1828 |
+
msgid ""
|
1829 |
+
"NinjaFirewall can write to the server Authentication log when the brute-"
|
1830 |
+
"force protection is triggered. This can be useful to the system "
|
1831 |
+
"administrator for monitoring purposes or banning IPs at the server level."
|
1832 |
+
msgstr ""
|
1833 |
+
"Lorsqu'il détecte une attaque par force brute, NinjaFirewall peut "
|
1834 |
+
"enregistrer les détails de celle-ci dans le journal des authentifications du "
|
1835 |
+
"serveur. Cela peut être utile à l'administrateur du système à des fins de "
|
1836 |
+
"surveillance ou pour bloquer l'IP incriminée au niveau du pare-feu du "
|
1837 |
+
"serveur."
|
1838 |
+
|
1839 |
+
#: lib/help.php:369
|
1840 |
+
msgid ""
|
1841 |
+
"If you have a shared hosting account, keep this option disabled as you do "
|
1842 |
+
"not have any access to the server's logs."
|
1843 |
+
msgstr ""
|
1844 |
+
"Si vous avez un hébergement mutualisé, laissez cette option désactivée car "
|
1845 |
+
"vous n'avez pas accès aux journaux du serveur."
|
1846 |
+
|
1847 |
+
#: lib/help.php:371
|
1848 |
+
msgid ""
|
1849 |
+
"On Debian-based systems, the log is located in <code>/var/log/auth.log</"
|
1850 |
+
"code>, and on Red Hat-based systems in <code>/var/log/secure</code>. The "
|
1851 |
+
"logline uses the following format:"
|
1852 |
+
msgstr ""
|
1853 |
+
"Sous Debian le journal se trouve dans <code>/var/log/auth.log</code>, et "
|
1854 |
+
"sous Red Hat, dans <code>/var/log/secure</code>. Le format utilisé est le "
|
1855 |
+
"suivant :"
|
1856 |
+
|
1857 |
+
#: lib/help.php:374
|
1858 |
+
msgid "AA: the process ID (PID)."
|
1859 |
+
msgstr "AA : l'identifiant de processus (PID)."
|
1860 |
+
|
1861 |
+
#: lib/help.php:375
|
1862 |
+
msgid "BB: the user IPv4 or IPv6 address."
|
1863 |
+
msgstr "BB : L'adresse IPv4 ou IPv6 de l'utilisateur."
|
1864 |
+
|
1865 |
+
#: lib/help.php:376
|
1866 |
+
msgid "CC: the blog (sub-)domain name."
|
1867 |
+
msgstr "CC : le nom de (sous-)domaine du blog."
|
1868 |
+
|
1869 |
+
#: lib/help.php:377
|
1870 |
+
msgid ""
|
1871 |
+
"DD: the target: it can be either <code>wp-login.php</code> or <code>XML-RPC "
|
1872 |
+
"API</code>."
|
1873 |
+
msgstr ""
|
1874 |
+
"DD : la cible; il peut s'agir soit de <code>wp-login.php</code>, soit de "
|
1875 |
+
"<code>XML-RPC API</code>."
|
1876 |
+
|
1877 |
+
#: lib/help.php:378
|
1878 |
+
msgid "EE: the time, in minutes, the protection will remain active."
|
1879 |
+
msgstr ""
|
1880 |
+
"EE : le temps, en minutes, pendant lequel la protection restera active."
|
1881 |
+
|
1882 |
+
#: lib/help.php:380
|
1883 |
+
msgid "Sample loglines:"
|
1884 |
+
msgstr "Exemple :"
|
1885 |
+
|
1886 |
+
#: lib/help.php:383
|
1887 |
+
#, php-format
|
1888 |
+
msgid ""
|
1889 |
+
"Be careful if you are behind a load balancer, reverse-proxy or CDN because "
|
1890 |
+
"the Login Protection feature will always record the <code>REMOTE_ADDR</code> "
|
1891 |
+
"IP. If you have an application parsing the AUTH log in order to ban IPs (e."
|
1892 |
+
"g. Fail2ban), you <strong>must</strong> setup your HTTP server to forward "
|
1893 |
+
"the correct IP (or use the <code><a href=\"%s\">.htninja</a></code> file), "
|
1894 |
+
"otherwise you will likely block legitimate users."
|
1895 |
+
msgstr ""
|
1896 |
+
"Faites attention si votre blog se trouve derrière un load-balancer, reverse-"
|
1897 |
+
"proxy ou CDN parce que la protection de la Page de Connexion se base "
|
1898 |
+
"toujours sur l'IP trouvée dans <code>REMOTE_ADDR</code>. Si vous utilisez "
|
1899 |
+
"une application d'analyse du journal des authentifications du serveur afin "
|
1900 |
+
"de bloquer les adresses IP (par ex. Fail2ban), vous <strong>devez</strong> "
|
1901 |
+
"configurer votre serveur HTTP afin qu'il transmette la véritable adresse IP "
|
1902 |
+
"de vos visiteurs, sinon vous risquez de bloquer des utilisateurs légitimes. "
|
1903 |
+
"Alternativement, vous pouvez utiliser le fichier <code><a href=\"%s\">."
|
1904 |
+
"htninja</a></code>."
|
1905 |
+
|
1906 |
+
#: lib/help.php:397 lib/nf_sub_log.php:78 ninjafirewall.php:845
|
1907 |
+
msgid "Firewall Log"
|
1908 |
+
msgstr "Journal du Pare-feu"
|
1909 |
+
|
1910 |
+
#: lib/help.php:399
|
1911 |
+
msgid ""
|
1912 |
+
"The firewall log displays blocked and sanitised requests as well as some "
|
1913 |
+
"useful information. It has 6 columns:"
|
1914 |
+
msgstr ""
|
1915 |
+
"Le journal du pare-feu affiche les requêtes HTTP qui ont été bloquées ou "
|
1916 |
+
"nettoyées ainsi que d'autres informations utiles. Il a six colonnes :"
|
1917 |
+
|
1918 |
+
#: lib/help.php:400
|
1919 |
+
msgid "DATE : date and time of the incident."
|
1920 |
+
msgstr "DATE : date et heure de l'incident."
|
1921 |
+
|
1922 |
+
#: lib/help.php:401
|
1923 |
+
msgid ""
|
1924 |
+
"INCIDENT : unique incident number/ID as it was displayed to the blocked user."
|
1925 |
+
msgstr ""
|
1926 |
+
"INCIDENT : le numéro d'incident (ID) unique. Par défaut, il sera aussi "
|
1927 |
+
"affiché à l'utilisateur dont la requête aura été bloquée par le pare-feu."
|
1928 |
+
|
1929 |
+
#: lib/help.php:402
|
1930 |
+
msgid ""
|
1931 |
+
"LEVEL : level of severity (<code>CRITICAL</code>, <code>HIGH</code> or "
|
1932 |
+
"<code>MEDIUM</code>), information (<code>INFO</code>, <code>UPLOAD</code>) "
|
1933 |
+
"and debugging mode (<code>DEBUG_ON</code>)."
|
1934 |
+
msgstr ""
|
1935 |
+
"LEVEL : sévérité des attaques (<code>CRITICAL</code>, <code>HIGH</code> ou "
|
1936 |
+
"<code>MEDIUM</code>), information (<code>INFO</code>, <code>UPLOAD</code>) "
|
1937 |
+
"et mode débogage (<code>DEBUG_ON</code>)."
|
1938 |
+
|
1939 |
+
#: lib/help.php:403
|
1940 |
+
msgid ""
|
1941 |
+
"RULE : reference of the NinjaFirewall built-in security rule that triggered "
|
1942 |
+
"the action. A hyphen (<code>-</code>) instead of a number means it was a "
|
1943 |
+
"rule from the \"Firewall Policies\" page."
|
1944 |
+
msgstr ""
|
1945 |
+
"RULE : le numéro de référence de la règle de sécurité qui a été utilisée "
|
1946 |
+
"pour bloquer la requête HTTP. Un trait d'union (<code>-</code>) à la place "
|
1947 |
+
"d'un numéro signifie que la règle provient de votre configuration "
|
1948 |
+
"personnelle de la page \"Politiques du Pare-feu\"."
|
1949 |
+
|
1950 |
+
#: lib/help.php:404
|
1951 |
+
msgid "IP : the user IPv4 or IPv6 address."
|
1952 |
+
msgstr "BB : L'adresse IPv4 ou IPv6 de l'utilisateur."
|
1953 |
+
|
1954 |
+
#: lib/help.php:405
|
1955 |
+
msgid ""
|
1956 |
+
"REQUEST : the HTTP request including offending variables and values as well "
|
1957 |
+
"as the reason the action was logged."
|
1958 |
+
msgstr ""
|
1959 |
+
"REQUEST : la requête HTTP avec ses variables et valeurs, ainsi que la raison "
|
1960 |
+
"qui a déclenché l'incident."
|
1961 |
+
|
1962 |
+
#: lib/help.php:411 lib/nf_sub_log.php:163 lib/nf_sub_wplus.php:94
|
1963 |
+
#: ninjafirewall.php:1115
|
1964 |
+
msgid "Centralized Logging"
|
1965 |
+
msgstr "Centralisation des Logs"
|
1966 |
+
|
1967 |
+
#: lib/help.php:413
|
1968 |
+
msgid ""
|
1969 |
+
"Centralized Logging lets you remotely access the firewall log of all your "
|
1970 |
+
"NinjaFirewall protected websites from one single installation. You do not "
|
1971 |
+
"need any longer to log in to individual servers to analyse your log data."
|
1972 |
+
msgstr ""
|
1973 |
+
"La Centralisation des Logs vous permet d’accéder, depuis votre blog "
|
1974 |
+
"principal, au journal du pare-feu de chacun de vos sites protégés par "
|
1975 |
+
"NinjaFirewall. Vous n'avez plus besoin de vous connecter à chaque site pour "
|
1976 |
+
"analyser vos journaux."
|
1977 |
+
|
1978 |
+
#: lib/help.php:413
|
1979 |
+
#, php-format
|
1980 |
+
msgid "<a href=\"%s\">Consult our blog</a> for more info about it."
|
1981 |
+
msgstr ""
|
1982 |
+
"<a href=\"%s\">Consultez notre blog pour plus d'informations à ce sujet</a>."
|
1983 |
+
|
1984 |
+
#: lib/help.php:414
|
1985 |
+
msgid ""
|
1986 |
+
"Enter your public key (optional): This is the public key that was created "
|
1987 |
+
"from your main server."
|
1988 |
+
msgstr ""
|
1989 |
+
"Entrez votre clé publique (optionnel) : Il s'agit de la clé qui a été créée "
|
1990 |
+
"depuis le serveur principal."
|
1991 |
+
|
1992 |
+
#: lib/help.php:417
|
1993 |
+
msgid ""
|
1994 |
+
"Centralized Logging will keep working even if NinjaFirewall is disabled. "
|
1995 |
+
"Delete your public key below if you want to disable it."
|
1996 |
+
msgstr ""
|
1997 |
+
"L'option de centralisation des logs fonctionnera même si vous désactivez "
|
1998 |
+
"NinjaFirewall. Si vous souhaitez complètement désactiver cette option, "
|
1999 |
+
"supprimez votre clé publique ci-dessous. "
|
2000 |
+
|
2001 |
+
#: lib/help.php:430 lib/nf_sub_livelog.php:38 lib/nf_sub_livelog.php:210
|
2002 |
+
#: ninjafirewall.php:849
|
2003 |
+
msgid "Live Log"
|
2004 |
+
msgstr "Live Log"
|
2005 |
+
|
2006 |
+
#: lib/help.php:432
|
2007 |
+
msgid ""
|
2008 |
+
"Live Log lets you watch your website traffic in real time. It displays "
|
2009 |
+
"connections in a format similar to the one used by most HTTP server logs. "
|
2010 |
+
"Note that requests sent to static elements like JS/CSS files and images are "
|
2011 |
+
"not managed by NinjaFirewall."
|
2012 |
+
msgstr ""
|
2013 |
+
"Cette fonctionnalité vous permet de voir, en direct, les connexions en cours "
|
2014 |
+
"en vous les affichant dans un format similaire à celui des journaux des "
|
2015 |
+
"serveurs HTTP (Apache, Nginx etc). Notez que les requêtes concernant les "
|
2016 |
+
"éléments statiques comme les fichiers JS/CSS ou les images ne sont pas "
|
2017 |
+
"traitées par NinjaFirewall."
|
2018 |
+
|
2019 |
+
#: lib/help.php:434
|
2020 |
+
msgid ""
|
2021 |
+
"You can enable/disable the monitoring process, change the refresh rate, "
|
2022 |
+
"clear the screen, enable automatic vertical scrolling, change the log "
|
2023 |
+
"format, select which traffic you want to view (HTTP/HTTPS) and the timezone "
|
2024 |
+
"as well."
|
2025 |
+
msgstr ""
|
2026 |
+
"Vous pouvez activer/stopper le processus, régler l'intervalle de "
|
2027 |
+
"rafraîchissement de la page, activer le défilement vertical automatique, "
|
2028 |
+
"effacer l'écran, changer le format d'affichage, le fuseau horaire et choisir "
|
2029 |
+
"le type de trafic à visualiser (HTTP/HTTPS)."
|
2030 |
+
|
2031 |
+
#: lib/help.php:437
|
2032 |
+
msgid ""
|
2033 |
+
"Live Log does not make use of any WordPress core file (e.g., <code>admin-"
|
2034 |
+
"ajax.php</code>). It communicates directly with the firewall without loading "
|
2035 |
+
"WordPress bootstrap. Consequently, it is fast, light and it should not "
|
2036 |
+
"affect your server load, even if you set its refresh rate to the lowest "
|
2037 |
+
"value."
|
2038 |
+
msgstr ""
|
2039 |
+
"Pour son fonctionnement, Live Log n'utilise aucun Fichier WordPress (par ex. "
|
2040 |
+
"<code>admin-ajax.php</code>). Il communique directement et uniquement avec "
|
2041 |
+
"le pare-feu. De ce fait, il est léger, rapide et n'affecte pas la charge du "
|
2042 |
+
"serveur, même si vous ajustez son intervalle de rafraîchissement de la page "
|
2043 |
+
"sur la fréquence la plus rapide (5 secondes)."
|
2044 |
+
|
2045 |
+
#: lib/help.php:439
|
2046 |
+
msgid ""
|
2047 |
+
"If you are using the optional <code>.htninja</code> configuration file to "
|
2048 |
+
"whitelist your IP, the Live Log feature will not work."
|
2049 |
+
msgstr ""
|
2050 |
+
"Si vous utilisez le fichier optionnel de configuration <code>.htninja</code> "
|
2051 |
+
"pour toujours accepter les requêtes provenant de votre adresse IP, Live Log "
|
2052 |
+
"ne fonctionnera pas."
|
2053 |
+
|
2054 |
+
#: lib/help.php:444
|
2055 |
+
msgid "Log Format"
|
2056 |
+
msgstr "Format d'affichage"
|
2057 |
+
|
2058 |
+
#: lib/help.php:445
|
2059 |
+
msgid "You can easily customize the log format. Possible values are:"
|
2060 |
+
msgstr ""
|
2061 |
+
"Vous pouvez facilement changer le format d'affichage en combinant une ou "
|
2062 |
+
"plusieurs des valeurs suivantes :"
|
2063 |
+
|
2064 |
+
#: lib/help.php:446
|
2065 |
+
msgid "<code>%time</code>: the server date, time and timezone."
|
2066 |
+
msgstr "<code>%time</code> : la date, heure et fuseau horaire du serveur."
|
2067 |
+
|
2068 |
+
#: lib/help.php:447
|
2069 |
+
msgid "<code>%name</code>: authenticated user (HTTP basic auth), if any."
|
2070 |
+
msgstr ""
|
2071 |
+
"<code>%name</code> : le nom de l'utilisateur (Authentification HTTP), s'il "
|
2072 |
+
"existe."
|
2073 |
+
|
2074 |
+
#: lib/help.php:448
|
2075 |
+
#, php-format
|
2076 |
+
msgid ""
|
2077 |
+
"<code>%client</code>: the client REMOTE_ADDR. If you are behind a load "
|
2078 |
+
"balancer or CDN, this will be its IP."
|
2079 |
+
msgstr ""
|
2080 |
+
"<code>%client</code> : l'adresse IP du client (REMOTE_ADDR). Si votre "
|
2081 |
+
"serveur est derrière un CDN ou un proxy, cette variable retournera l'adresse "
|
2082 |
+
"IP de celui-ci."
|
2083 |
+
|
2084 |
+
#: lib/help.php:449
|
2085 |
+
msgid "<code>%method</code>: HTTP method (e.g., GET, POST)."
|
2086 |
+
msgstr "<code>%method</code> : la méthode HTTP (ex. GET, POST)."
|
2087 |
+
|
2088 |
+
#: lib/help.php:450
|
2089 |
+
#, php-format
|
2090 |
+
msgid ""
|
2091 |
+
"<code>%uri</code>: the URI which was given in order to access the page "
|
2092 |
+
"(REQUEST_URI)."
|
2093 |
+
msgstr "<code>%uri</code> : l'URI donnée pour accéder à la page (REQUEST_URI)."
|
2094 |
+
|
2095 |
+
#: lib/help.php:451
|
2096 |
+
msgid "<code>%referrer</code>: the referrer (HTTP_REFERER), if any."
|
2097 |
+
msgstr "<code>%referrer</code> : le referrer (HTTP_REFERER), s'il existe."
|
2098 |
+
|
2099 |
+
#: lib/help.php:452
|
2100 |
+
#, php-format
|
2101 |
+
msgid "<code>%ua</code>: the user-agent (HTTP_USER_AGENT), if any."
|
2102 |
+
msgstr ""
|
2103 |
+
"<code>%ua</code> : l'en-tête User-Agent (HTTP_USER_AGENT), s'il existe."
|
2104 |
+
|
2105 |
+
#: lib/help.php:453
|
2106 |
+
#, php-format
|
2107 |
+
msgid ""
|
2108 |
+
"<code>%forward</code>: HTTP_X_FORWARDED_FOR, if any. If you are behind a "
|
2109 |
+
"load balancer or CDN, this will likely be the visitor true IP."
|
2110 |
+
msgstr ""
|
2111 |
+
"<code>%forward</code> : l'en-tête HTTP_X_FORWARDED_FOR, s'il existe. Si "
|
2112 |
+
"votre serveur est derrière un CDN ou un proxy, cette variable retournera "
|
2113 |
+
"l'adresse réelle du client."
|
2114 |
+
|
2115 |
+
#: lib/help.php:454
|
2116 |
+
msgid "<code>%host</code>: the requested host (HTTP_HOST), if any."
|
2117 |
+
msgstr ""
|
2118 |
+
"<code>%host</code> : l'en-tête Host de la requête courante (HTTP_HOST), si "
|
2119 |
+
"elle existe."
|
2120 |
+
|
2121 |
+
#: lib/help.php:455
|
2122 |
+
msgid ""
|
2123 |
+
"Additionally, you can include any of the following characters: <code>\"</"
|
2124 |
+
"code>, <code>%</code>, <code>[</code>, <code>]</code>, <code>space</code> "
|
2125 |
+
"and lowercase letters <code>a-z</code>."
|
2126 |
+
msgstr ""
|
2127 |
+
"Vous pouvez aussi utiliser les caractères suivants :<code>\"</code>, <code>"
|
2128 |
+
"%</code>, <code>[</code>, <code>]</code>, <code>espace</code> et toute "
|
2129 |
+
"lettre minuscule <code>a-z</code>."
|
2130 |
+
|
2131 |
+
#: lib/help.php:467 ninjafirewall.php:853 ninjafirewall.php:3192
|
2132 |
+
msgid "Rules Editor"
|
2133 |
+
msgstr "Éditeur de Règles"
|
2134 |
+
|
2135 |
+
#: lib/help.php:469
|
2136 |
+
msgid ""
|
2137 |
+
"Besides the \"Firewall Policies\", NinjaFirewall includes also a large set "
|
2138 |
+
"of built-in rules used to protect your blog against the most common "
|
2139 |
+
"vulnerabilities and hacking attempts. They are always enabled and you cannot "
|
2140 |
+
"edit them, but if you notice that your visitors are wrongly blocked by some "
|
2141 |
+
"of those rules, you can use the Rules Editor below to disable them "
|
2142 |
+
"individually:"
|
2143 |
+
msgstr ""
|
2144 |
+
"Outre les \"Politiques du Pare-feu\", NinjaFirewall intègre également un "
|
2145 |
+
"grand nombre de règles de sécurité utilisées pour protéger votre blog contre "
|
2146 |
+
"les vulnérabilités les plus courantes et les tentatives de piratage. Elles "
|
2147 |
+
"sont toujours activées et vous ne pouvez pas les modifier, mais si vous "
|
2148 |
+
"remarquez que vos visiteurs sont bloqués par erreur par certaines de ces "
|
2149 |
+
"règles, vous pouvez utiliser l’Éditeur de règles ci-dessous pour les "
|
2150 |
+
"désactiver individuellement :"
|
2151 |
+
|
2152 |
+
#: lib/help.php:471
|
2153 |
+
msgid ""
|
2154 |
+
"Check your firewall log and find the rule ID you want to disable (it is "
|
2155 |
+
"displayed in the <code>RULE</code> column)."
|
2156 |
+
msgstr ""
|
2157 |
+
"Consultez le journal du pare-feu afin d'y trouver l'ID de la règle que vous "
|
2158 |
+
"souhaitez désactiver (il est affiché dans la colonne <code>RULE</code>)."
|
2159 |
+
|
2160 |
+
#: lib/help.php:472
|
2161 |
+
msgid ""
|
2162 |
+
"Select its ID from the enabled rules list below and click the \"Disable it\" "
|
2163 |
+
"button."
|
2164 |
+
msgstr ""
|
2165 |
+
"Sélectionnez son ID dans la liste des règles ci-dessous et cliquez sur le "
|
2166 |
+
"bouton \"Désactiver\"."
|
2167 |
+
|
2168 |
+
#: lib/help.php:474
|
2169 |
+
msgid ""
|
2170 |
+
"Note: if the <code>RULE</code> column from your log shows a hyphen <code>-</"
|
2171 |
+
"code> instead of a number, that means that the rule can be changed in the "
|
2172 |
+
"\"Firewall Policies\" page."
|
2173 |
+
msgstr ""
|
2174 |
+
"Note: si la colonne <code>RULE</code> de votre journal affiche un trait "
|
2175 |
+
"d'union <code>-</code> à la place d'un nombre, cela signifie que la règle ne "
|
2176 |
+
"peut être modifiée quand dans la page \"Politiques du Pare-feu\"."
|
2177 |
+
|
2178 |
+
#: lib/help.php:479
|
2179 |
+
msgid "Credits"
|
2180 |
+
msgstr "Crédits"
|
2181 |
+
|
2182 |
+
#: lib/help.php:481
|
2183 |
+
msgid ""
|
2184 |
+
"NinjaFirewall security rules protect against many vulnerabilities. Some of "
|
2185 |
+
"them were reported by the following companies, individuals or mailing lists:"
|
2186 |
+
msgstr ""
|
2187 |
+
"Les règles de sécurité de NinjaFirewall protègent contre de nombreuses "
|
2188 |
+
"vulnérabilités. Certaines d'entre elles ont été découvertes par les "
|
2189 |
+
"entreprises, particuliers ou listes de diffusion suivantes:"
|
2190 |
+
|
2191 |
+
#: lib/help.php:536 lib/nf_sub_updates.php:74 ninjafirewall.php:857
|
2192 |
+
#: ninjafirewall.php:1042
|
2193 |
+
msgid "Updates"
|
2194 |
+
msgstr "Mises à Jour"
|
2195 |
+
|
2196 |
+
#: lib/help.php:538
|
2197 |
+
msgid ""
|
2198 |
+
"To get the most efficient protection, you can ask NinjaFirewall to "
|
2199 |
+
"automatically update its security rules."
|
2200 |
+
msgstr ""
|
2201 |
+
"Pour bénéficier de la protection la plus efficace, vous pouvez demander à "
|
2202 |
+
"NinjaFirewall de mettre à jour ses règles de sécurité automatiquement."
|
2203 |
+
|
2204 |
+
#: lib/help.php:540
|
2205 |
+
msgid ""
|
2206 |
+
"Each time a new vulnerability is found in WordPress or one of its plugins/"
|
2207 |
+
"themes, a new set of security rules will be made available to protect "
|
2208 |
+
"against such vulnerability. Updates can be checked as often as daily, twice "
|
2209 |
+
"daily or even hourly."
|
2210 |
+
msgstr ""
|
2211 |
+
"Chaque fois qu'une nouvelle vulnérabilité est découverte dans WordPress, ses "
|
2212 |
+
"extensions ou ses thèmes, un nouvel ensemble de règles de sécurité est "
|
2213 |
+
"disponible pour protéger contre cette vulnérabilité. Les mises à jour "
|
2214 |
+
"peuvent être effectuées chaque jour, deux fois par jour ou même une fois par "
|
2215 |
+
"heure."
|
2216 |
+
|
2217 |
+
#: lib/help.php:542
|
2218 |
+
msgid ""
|
2219 |
+
"Only security rules will be downloaded. If a new version of NinjaFirewall "
|
2220 |
+
"(including new files, options and features) was available, it would have to "
|
2221 |
+
"be updated from the dashboard plugins menu as usual."
|
2222 |
+
msgstr ""
|
2223 |
+
"Seules les règles de sécurité seront téléchargées. Si une nouvelle version "
|
2224 |
+
"de NinjaFirewall (WP Edition) était disponible, elle devrait être mise à "
|
2225 |
+
"jour depuis la page des \"Extensions\" de votre tableau de bord, comme "
|
2226 |
+
"d'habitude."
|
2227 |
+
|
2228 |
+
#: lib/help.php:544
|
2229 |
+
msgid ""
|
2230 |
+
"We recommend to enable this feature, as it is the <strong>only way to keep "
|
2231 |
+
"your WordPress secure</strong> against new vulnerabilities."
|
2232 |
+
msgstr ""
|
2233 |
+
"Nous vous recommandons d'activer cette fonctionnalité, car c'est la "
|
2234 |
+
"<strong>meilleure façon de garder votre WordPress protégé</strong> contre "
|
2235 |
+
"les dernières vulnérabilités."
|
2236 |
+
|
2237 |
+
#: lib/install_fullwaf.php:36 lib/install_fullwaf.php:151
|
2238 |
+
#: lib/install_fullwaf.php:307 lib/install_wpwaf.php:54
|
2239 |
+
#: lib/install_wpwaf.php:64 lib/install_wpwaf.php:71
|
2240 |
+
msgid "Error:"
|
2241 |
+
msgstr "Erreur :"
|
2242 |
+
|
2243 |
+
#: lib/install_fullwaf.php:40
|
2244 |
+
#, php-format
|
2245 |
+
msgid ""
|
2246 |
+
"Your WordPress directory (%s) is different from your website document root "
|
2247 |
+
"(%s). Because it is possible to install WordPress into a subdirectory, but "
|
2248 |
+
"have the blog exist in the site root, NinjaFirewall needs to know the exact "
|
2249 |
+
"location of the site root."
|
2250 |
+
msgstr ""
|
2251 |
+
"Le répertoire de WordPress (%s) est différent du répertoire racine de votre "
|
2252 |
+
"site Web (%s). Parce qu'il est possible d'installer WordPress dans un sous-"
|
2253 |
+
"répertoire, tout en ayant le blog à la racine du site, NinjaFirewall a "
|
2254 |
+
"besoin de connaître l'emplacement de la racine du site."
|
2255 |
+
|
2256 |
+
#: lib/install_fullwaf.php:41
|
2257 |
+
#, php-format
|
2258 |
+
msgid ""
|
2259 |
+
"Please edit the path below only if you have manually modified your WordPress "
|
2260 |
+
"root directory as described in the <a href=\"%s\">Giving WordPress Its Own "
|
2261 |
+
"Directory</a> article."
|
2262 |
+
msgstr ""
|
2263 |
+
"Veuillez corriger le chemin ci-dessous uniquement si vous avez modifié "
|
2264 |
+
"manuellement votre répertoire racine de WordPress comme décrit dans "
|
2265 |
+
"l'article <a href=\"%s\">Giving WordPress Its Own Directory</a>."
|
2266 |
+
|
2267 |
+
#: lib/install_fullwaf.php:42
|
2268 |
+
msgid "Most users should not change this value."
|
2269 |
+
msgstr "La plupart des utilisateurs ne devront pas changer cette valeur."
|
2270 |
+
|
2271 |
+
#: lib/install_fullwaf.php:43
|
2272 |
+
msgid "Path to WordPress site root directory:"
|
2273 |
+
msgstr "Chemin vers le répertoire racine de WordPress :"
|
2274 |
+
|
2275 |
+
#: lib/install_fullwaf.php:58 lib/install_fullwaf.php:251
|
2276 |
+
msgid "please enter the full path to WordPress folder."
|
2277 |
+
msgstr "veuillez entrer le chemin complet vers le répertoire de WordPress."
|
2278 |
+
|
2279 |
+
#: lib/install_fullwaf.php:63
|
2280 |
+
#, php-format
|
2281 |
+
msgid ""
|
2282 |
+
"cannot find the %s directory! Please correct the full path to WordPress site "
|
2283 |
+
"root directory."
|
2284 |
+
msgstr ""
|
2285 |
+
"impossible de trouver le répertoire %s ! Veuillez corriger le chemin "
|
2286 |
+
"complet vers le répertoire racine de WordPress."
|
2287 |
+
|
2288 |
+
#: lib/install_fullwaf.php:76
|
2289 |
+
msgid "(recommended)"
|
2290 |
+
msgstr "(recommandé)"
|
2291 |
+
|
2292 |
+
#: lib/install_fullwaf.php:119
|
2293 |
+
msgid "Please select the PHP initialization file supported by your server."
|
2294 |
+
msgstr ""
|
2295 |
+
"Sélectionnez le type de fichier de configuration PHP utilisé par votre "
|
2296 |
+
"serveur."
|
2297 |
+
|
2298 |
+
#: lib/install_fullwaf.php:146
|
2299 |
+
#, php-format
|
2300 |
+
msgid ""
|
2301 |
+
"Error: NinjaFirewall log directory is not writable (%s). Please chmod it to "
|
2302 |
+
"0777 and reload this page."
|
2303 |
+
msgstr ""
|
2304 |
+
"Erreur : le répertoire du journal et cache de NinjaFirewall (%s) n'est pas "
|
2305 |
+
"accessible en écriture. Veuillez changer ses permissions (par ex. 0777) et "
|
2306 |
+
"recharger cette page."
|
2307 |
+
|
2308 |
+
#: lib/install_fullwaf.php:155
|
2309 |
+
msgid "System configuration"
|
2310 |
+
msgstr "Configuration du système"
|
2311 |
+
|
2312 |
+
#: lib/install_fullwaf.php:161
|
2313 |
+
#, php-format
|
2314 |
+
msgid ""
|
2315 |
+
"NinjaFirewall detected that the PHP <code>auto_prepend_file</code> directive "
|
2316 |
+
"seems to be used by another application: %s."
|
2317 |
+
msgstr ""
|
2318 |
+
"NinjaFirewall a détecté que <code>auto_prepend_file</code> est déjà utilisé "
|
2319 |
+
"par une autre application : %s."
|
2320 |
+
|
2321 |
+
#: lib/install_fullwaf.php:161
|
2322 |
+
msgid ""
|
2323 |
+
"Because NinjaFirewall needs to use that directive, it will orverride your "
|
2324 |
+
"current one."
|
2325 |
+
msgstr ""
|
2326 |
+
"Parce qu’il a besoin de cette directive, NinjaFirewall va la remplacer par "
|
2327 |
+
"la sienne."
|
2328 |
+
|
2329 |
+
#: lib/install_fullwaf.php:168 lib/install_wpwaf.php:96
|
2330 |
+
msgid "Multisite network detected:"
|
2331 |
+
msgstr "Réseau multi-site détecté :"
|
2332 |
+
|
2333 |
+
#: lib/install_fullwaf.php:168 lib/install_wpwaf.php:96
|
2334 |
+
msgid ""
|
2335 |
+
"NinjaFirewall will protect all sites from your network and its configuration "
|
2336 |
+
"interface will be accessible only to the Super Admin from the network main "
|
2337 |
+
"site."
|
2338 |
+
msgstr ""
|
2339 |
+
"NinjaFirewall protégera tous les sites de votre réseau; son interface de "
|
2340 |
+
"configuration ne sera accessible qu'au Super Administrateur à partir du site "
|
2341 |
+
"principal du réseau."
|
2342 |
+
|
2343 |
+
#: lib/install_fullwaf.php:177
|
2344 |
+
msgid "Select your HTTP server and your PHP server API"
|
2345 |
+
msgstr "Sélectionnez votre serveur HTTP et PHP SAPI"
|
2346 |
+
|
2347 |
+
#: lib/install_fullwaf.php:184
|
2348 |
+
msgid "CGI or PHP-FPM"
|
2349 |
+
msgstr "CGI ou PHP-FPM"
|
2350 |
+
|
2351 |
+
#: lib/install_fullwaf.php:186
|
2352 |
+
msgid "Other webserver + CGI/FastCGI"
|
2353 |
+
msgstr "Autre serveur + CGI/FastCGI"
|
2354 |
+
|
2355 |
+
#: lib/install_fullwaf.php:187
|
2356 |
+
msgid "Other webserver + HHVM"
|
2357 |
+
msgstr "Autre serveur + HHVM"
|
2358 |
+
|
2359 |
+
#: lib/install_fullwaf.php:188
|
2360 |
+
msgid "view PHPINFO"
|
2361 |
+
msgstr "voir PHPINFO"
|
2362 |
+
|
2363 |
+
#: lib/install_fullwaf.php:196
|
2364 |
+
#, php-format
|
2365 |
+
msgid ""
|
2366 |
+
"Please <a href=\"%s\">check our blog</a> if you want to install "
|
2367 |
+
"NinjaFirewall on HHVM."
|
2368 |
+
msgstr ""
|
2369 |
+
"Veuillez consulter <a href=\"%s\">notre blog</a> afin d'installer "
|
2370 |
+
"NinjaFirewall avec HHVM."
|
2371 |
+
|
2372 |
+
#: lib/install_fullwaf.php:225
|
2373 |
+
msgid "Select the PHP initialization file supported by your server"
|
2374 |
+
msgstr ""
|
2375 |
+
"Sélectionnez le type de fichier de configuration PHP utilisé par votre "
|
2376 |
+
"serveur"
|
2377 |
+
|
2378 |
+
#: lib/install_fullwaf.php:228
|
2379 |
+
msgid "Used by most shared hosting accounts."
|
2380 |
+
msgstr "Utilisé par la plupart des hébergements mutualisés"
|
2381 |
+
|
2382 |
+
#: lib/install_fullwaf.php:230
|
2383 |
+
msgid ""
|
2384 |
+
"Used by most dedicated/VPS servers, as well as shared hosting accounts that "
|
2385 |
+
"do not support php.ini"
|
2386 |
+
msgstr ""
|
2387 |
+
"Utilisé par la plupart des serveurs dédiés et VPS, ainsi que de nombreux "
|
2388 |
+
"hébergements mutualisés n'utilisant pas les fichiers php.ini"
|
2389 |
+
|
2390 |
+
#: lib/install_fullwaf.php:230
|
2391 |
+
msgid "more info"
|
2392 |
+
msgstr "plus d'info"
|
2393 |
+
|
2394 |
+
#: lib/install_fullwaf.php:232
|
2395 |
+
msgid "A few shared hosting accounts. Seldom used."
|
2396 |
+
msgstr "Quelques hébergements mutualisés. Rarement utilisé."
|
2397 |
+
|
2398 |
+
#: lib/install_fullwaf.php:256 lib/install_fullwaf.php:517
|
2399 |
+
msgid "select your HTTP server and PHP SAPI."
|
2400 |
+
msgstr "sélectionnez votre serveur HTTP et PHP SAPI."
|
2401 |
+
|
2402 |
+
#: lib/install_fullwaf.php:262 lib/install_fullwaf.php:523
|
2403 |
+
msgid "select the PHP initialization file supported by your server."
|
2404 |
+
msgstr ""
|
2405 |
+
"sélectionnez le type de fichier de configuration PHP utilisé par votre "
|
2406 |
+
"serveur."
|
2407 |
+
|
2408 |
+
#: lib/install_fullwaf.php:310 lib/install_wpwaf.php:90
|
2409 |
+
msgid "Firewall Integration"
|
2410 |
+
msgstr "Intégration du Pare-feu"
|
2411 |
+
|
2412 |
+
#: lib/install_fullwaf.php:315
|
2413 |
+
#, php-format
|
2414 |
+
msgid ""
|
2415 |
+
"The <code>%s</code> file must be created, and the following lines of code "
|
2416 |
+
"added to it:"
|
2417 |
+
msgstr ""
|
2418 |
+
"Le fichier <code>%s</code> doit être créé, et les lignes suivantes doivent y "
|
2419 |
+
"être ajoutées :"
|
2420 |
+
|
2421 |
+
#: lib/install_fullwaf.php:316
|
2422 |
+
#, php-format
|
2423 |
+
msgid ""
|
2424 |
+
"The following <font color=\"green\">green lines</font> of code must be added "
|
2425 |
+
"to your <code>%s</code> file."
|
2426 |
+
msgstr ""
|
2427 |
+
"Les lignes de code de <font color=\"green\">couleur verte</font> doivent "
|
2428 |
+
"être ajoutées à votre fichier <code>%s</code>."
|
2429 |
+
|
2430 |
+
#: lib/install_fullwaf.php:316 lib/install_wpwaf.php:102
|
2431 |
+
msgid "All other lines, if any, are the actual content of the file:"
|
2432 |
+
msgstr ""
|
2433 |
+
"Toutes les autres lignes, le cas échéant, sont le contenu actuel du fichier "
|
2434 |
+
"et ne doivent pas être modifiées :"
|
2435 |
+
|
2436 |
+
#: lib/install_fullwaf.php:318
|
2437 |
+
msgid "The file is not writable, I cannot edit it for you."
|
2438 |
+
msgstr ""
|
2439 |
+
"Le fichier est protégé en écriture, je ne peux pas faire ces changements "
|
2440 |
+
"pour vous."
|
2441 |
+
|
2442 |
+
#: lib/install_fullwaf.php:400
|
2443 |
+
msgid ""
|
2444 |
+
"Add the following code to your <code>/etc/hhvm/php.ini</code> file, and "
|
2445 |
+
"restart HHVM afterwards:"
|
2446 |
+
msgstr ""
|
2447 |
+
"Veuillez ajouter le code suivant au fichier <code>/etc/hhvm/php.ini</code>, "
|
2448 |
+
"puis veuillez redémarrer HHVM :"
|
2449 |
+
|
2450 |
+
#: lib/install_fullwaf.php:465 lib/install_wpwaf.php:136
|
2451 |
+
msgid "Please make those changes, then click on button below."
|
2452 |
+
msgstr ""
|
2453 |
+
"Veuillez faire ces modifications, puis cliquez sur le bouton ci-dessous pour "
|
2454 |
+
"continuer."
|
2455 |
+
|
2456 |
+
#: lib/install_fullwaf.php:470 lib/install_wpwaf.php:128
|
2457 |
+
msgid "Let NinjaFirewall make the above changes (recommended)."
|
2458 |
+
msgstr "Laissez NinjaFirewall faire les changements ci-dessus (recommandé)."
|
2459 |
+
|
2460 |
+
#: lib/install_fullwaf.php:473 lib/install_wpwaf.php:132
|
2461 |
+
msgid ""
|
2462 |
+
"Ensure that you have FTP access to your website so that, if there were a "
|
2463 |
+
"problem during the installation of the firewall, you could easily undo the "
|
2464 |
+
"changes."
|
2465 |
+
msgstr ""
|
2466 |
+
"Assurez-vous d'avoir un accès FTP à votre site de sorte que, s'il y avait un "
|
2467 |
+
"problème pendant l'installation du pare-feu, vous pourriez annuler les "
|
2468 |
+
"modifications."
|
2469 |
+
|
2470 |
+
#: lib/install_fullwaf.php:478 lib/install_wpwaf.php:135
|
2471 |
+
msgid "I want to make the changes myself."
|
2472 |
+
msgstr "Je veux faire les changements moi-même."
|
2473 |
+
|
2474 |
+
#: lib/install_fullwaf.php:487
|
2475 |
+
msgid "Please check our blog if you want to install NinjaFirewall on HHVM."
|
2476 |
+
msgstr ""
|
2477 |
+
"Veuillez consulter notre blog si vous souhaitez installer NinjaFirewall avec "
|
2478 |
+
"HHVM."
|
2479 |
+
|
2480 |
+
#: lib/install_fullwaf.php:507
|
2481 |
+
msgid "you must select how to make changes to your files."
|
2482 |
+
msgstr ""
|
2483 |
+
"vous devez sélectionner la façon dont vous souhaitez modifier vos fichiers."
|
2484 |
+
|
2485 |
+
#: lib/install_fullwaf.php:533
|
2486 |
+
msgid ""
|
2487 |
+
"your WordPress root directory is not writable, I cannot make those changes "
|
2488 |
+
"for you."
|
2489 |
+
msgstr ""
|
2490 |
+
"le répertoire racine de WordPress n'est pas accessible en écriture, je ne "
|
2491 |
+
"peux pas faire ces changements pour vous."
|
2492 |
+
|
2493 |
+
#: lib/install_fullwaf.php:548 lib/install_fullwaf.php:587
|
2494 |
+
#, php-format
|
2495 |
+
msgid "cannot write to <code>%s</code>, it is read-only."
|
2496 |
+
msgstr ""
|
2497 |
+
"impossible d’écrire dans <code>%s</code>, le fichier est en lecture seule."
|
2498 |
+
|
2499 |
+
#: lib/install_fullwaf.php:620 lib/install_wpwaf.php:205
|
2500 |
+
msgid "Your configuration was saved."
|
2501 |
+
msgstr "Les modifications ont été enregistrées."
|
2502 |
+
|
2503 |
+
#: lib/install_fullwaf.php:625 lib/install_wpwaf.php:210
|
2504 |
+
#, php-format
|
2505 |
+
msgid "A \"Quick Start, FAQ & Troubleshooting Guide\" email was sent to %s."
|
2506 |
+
msgstr ""
|
2507 |
+
"Un e-mail \"Guide d'Utilisation, d'Installation et de Dépannage\" a été "
|
2508 |
+
"envoyé à %s."
|
2509 |
+
|
2510 |
+
#: lib/install_fullwaf.php:630 lib/install_wpwaf.php:215
|
2511 |
+
msgid ""
|
2512 |
+
"Please click the button below to test if the firewall integration was "
|
2513 |
+
"successful."
|
2514 |
+
msgstr ""
|
2515 |
+
"Veuillez cliquer sur le bouton ci-dessous pour vérifier le bon "
|
2516 |
+
"fonctionnement du pare-feu."
|
2517 |
+
|
2518 |
+
#: lib/install_fullwaf.php:632 lib/install_wpwaf.php:217
|
2519 |
+
msgid "Test Firewall"
|
2520 |
+
msgstr "Tester le pare-feu"
|
2521 |
+
|
2522 |
+
#: lib/install_wpwaf.php:55
|
2523 |
+
#, php-format
|
2524 |
+
msgid ""
|
2525 |
+
"Unable to read the wp-config.php file (%s). Make sure it is readable and try "
|
2526 |
+
"again."
|
2527 |
+
msgstr ""
|
2528 |
+
"Impossible de lire le fichier wp-config.php (%s). Veuillez-vous assurer "
|
2529 |
+
"qu'il est bien accessible en lecture."
|
2530 |
+
|
2531 |
+
#: lib/install_wpwaf.php:72
|
2532 |
+
#, php-format
|
2533 |
+
msgid "Unable to find the wp-config.php file in the %s or %s directories."
|
2534 |
+
msgstr ""
|
2535 |
+
"Impossible de trouver le fichier wp-config.php dans les répertoires %s ou %s."
|
2536 |
+
|
2537 |
+
#: lib/install_wpwaf.php:102
|
2538 |
+
#, php-format
|
2539 |
+
msgid ""
|
2540 |
+
"The following <font color=\"green\">green lines</font> of code must be added "
|
2541 |
+
"to your %s file."
|
2542 |
+
msgstr ""
|
2543 |
+
"Les lignes de code de <font color=\"green\">couleur verte</font> doivent "
|
2544 |
+
"être ajoutées à votre fichier %s."
|
2545 |
+
|
2546 |
+
#: lib/install_wpwaf.php:121
|
2547 |
+
msgid ""
|
2548 |
+
"The file is not writable, I cannot edit it for you. Please make those "
|
2549 |
+
"changes, then click on button below."
|
2550 |
+
msgstr ""
|
2551 |
+
"Le fichier est protégé en écriture, je ne peux pas le modifier pour vous. "
|
2552 |
+
"Veuillez effectuer ces changements, puis cliquer sur le bouton ci-dessous."
|
2553 |
+
|
2554 |
+
#: lib/install_wpwaf.php:130
|
2555 |
+
msgid "Back up the file (wp-config.bak.php) before editing it."
|
2556 |
+
msgstr "Faire une sauvegarde du fichier (wp-config.bak.php)."
|
2557 |
+
|
2558 |
+
#: lib/install_wpwaf.php:156
|
2559 |
+
#, php-format
|
2560 |
+
msgid "Unable to find the wp-config.php file (#%s)."
|
2561 |
+
msgstr "Impossible de trouver le fichier wp-config.php (#%s)."
|
2562 |
+
|
2563 |
+
#: lib/install_wpwaf.php:240
|
2564 |
+
msgid ""
|
2565 |
+
"The firewall is not loaded. Make sure that the required lines of code were "
|
2566 |
+
"added to your wp-config.php file."
|
2567 |
+
msgstr ""
|
2568 |
+
"Le pare-feu n'est pas activé. Assurez-vous de bien ajouter les lignes de "
|
2569 |
+
"code nécessaires au fichier wp-config.php."
|
2570 |
+
|
2571 |
+
#: lib/login_protection.php:31 lib/nf_sub_event.php:54
|
2572 |
+
#: lib/nf_sub_filecheck.php:113 lib/nf_sub_livelog.php:217
|
2573 |
+
#: lib/nf_sub_options.php:67 lib/nf_sub_updates.php:105 ninjafirewall.php:1315
|
2574 |
+
#: ninjafirewall.php:2863 ninjafirewall.php:2991
|
2575 |
+
msgid "Your changes have been saved."
|
2576 |
+
msgstr "Les modifications ont été enregistrées."
|
2577 |
+
|
2578 |
+
#: lib/login_protection.php:70 lib/login_protection.php:125
|
2579 |
+
#: lib/login_protection.php:540
|
2580 |
+
msgid "Access restricted"
|
2581 |
+
msgstr "Accès limité"
|
2582 |
+
|
2583 |
+
#: lib/login_protection.php:80 lib/login_protection.php:129
|
2584 |
+
#: lib/login_protection.php:550
|
2585 |
+
msgid "Type the characters you see in the picture below:"
|
2586 |
+
msgstr "Entrez le texte de l'image ci-dessous :"
|
2587 |
+
|
2588 |
+
#: lib/login_protection.php:139
|
2589 |
+
msgid "Please enter a number from 1 to 99 in 'Password-protect' field."
|
2590 |
+
msgstr ""
|
2591 |
+
"Veuillez entrer uniquement des nombres de 1 à 99 dans les champs \\'Protéger "
|
2592 |
+
"par mot de passe\\'."
|
2593 |
+
|
2594 |
+
#: lib/login_protection.php:146
|
2595 |
+
msgid "Invalid character."
|
2596 |
+
msgstr "Caractère invalide."
|
2597 |
+
|
2598 |
+
#: lib/login_protection.php:151
|
2599 |
+
msgid "\"admin\" is not acceptable, please choose another user name."
|
2600 |
+
msgstr ""
|
2601 |
+
"\"admin\" n\\'est pas acceptable, merci de bien vouloir choisir un autre "
|
2602 |
+
"identifiant."
|
2603 |
+
|
2604 |
+
#: lib/login_protection.php:159
|
2605 |
+
msgid "Please enter max 1024 character only."
|
2606 |
+
msgstr "Veuillez ne pas entrer plus de 1 024 caractères."
|
2607 |
+
|
2608 |
+
#: lib/login_protection.php:212
|
2609 |
+
msgid ""
|
2610 |
+
"Note: Access to the XML-RPC API will be completely disabled when the brute-"
|
2611 |
+
"force attack protection is set to 'Always ON'."
|
2612 |
+
msgstr ""
|
2613 |
+
"L'accès API XML-RPC sera complètement désactivé lorsque la protection est "
|
2614 |
+
"toujours activée."
|
2615 |
+
|
2616 |
+
#: lib/login_protection.php:272
|
2617 |
+
msgid "GD Support is not available on your server."
|
2618 |
+
msgstr "L'extension PHP GD n'est pas disponible sur votre serveur."
|
2619 |
+
|
2620 |
+
#: lib/login_protection.php:278
|
2621 |
+
msgid ""
|
2622 |
+
"Error: GD Support is not available on your server, the captcha protection "
|
2623 |
+
"will not work!"
|
2624 |
+
msgstr ""
|
2625 |
+
"Erreur : L'extension PHP GD n'est pas disponible sur votre serveur, la "
|
2626 |
+
"protection par captcha ne peut pas fonctionner."
|
2627 |
+
|
2628 |
+
#: lib/login_protection.php:287
|
2629 |
+
msgid "Enable brute force attack protection"
|
2630 |
+
msgstr "Activer la protection contre les attaques par force brute"
|
2631 |
+
|
2632 |
+
#: lib/login_protection.php:290
|
2633 |
+
msgid "Yes, if under attack"
|
2634 |
+
msgstr "Oui, si attaque en cours"
|
2635 |
+
|
2636 |
+
#: lib/login_protection.php:293
|
2637 |
+
msgid "Always ON"
|
2638 |
+
msgstr "Toujours activer"
|
2639 |
+
|
2640 |
+
#: lib/login_protection.php:296 lib/nf_sub_filecheck.php:510
|
2641 |
+
#: ninjafirewall.php:1610 ninjafirewall.php:1625 ninjafirewall.php:1635
|
2642 |
+
#: ninjafirewall.php:1645 ninjafirewall.php:1715 ninjafirewall.php:1758
|
2643 |
+
#: ninjafirewall.php:1791 ninjafirewall.php:1829 ninjafirewall.php:1917
|
2644 |
+
#: ninjafirewall.php:1937 ninjafirewall.php:1980 ninjafirewall.php:2107
|
2645 |
+
#: ninjafirewall.php:2121 ninjafirewall.php:2324
|
2646 |
+
msgid "No (default)"
|
2647 |
+
msgstr "Non (défaut)"
|
2648 |
+
|
2649 |
+
#: lib/login_protection.php:306
|
2650 |
+
msgid "Type of protection"
|
2651 |
+
msgstr "Type de protection"
|
2652 |
+
|
2653 |
+
#: lib/login_protection.php:309
|
2654 |
+
msgid "Password"
|
2655 |
+
msgstr "Mot de passe"
|
2656 |
+
|
2657 |
+
#: lib/login_protection.php:312
|
2658 |
+
msgid "Captcha"
|
2659 |
+
msgstr "Captcha"
|
2660 |
+
|
2661 |
+
#: lib/login_protection.php:321
|
2662 |
+
msgid "Protect the login page against"
|
2663 |
+
msgstr "Protéger la page de connexion contre"
|
2664 |
+
|
2665 |
+
#: lib/login_protection.php:323
|
2666 |
+
msgid "<code>GET</code> request attacks"
|
2667 |
+
msgstr "Les attaques <code>GET</code>"
|
2668 |
+
|
2669 |
+
#: lib/login_protection.php:324
|
2670 |
+
msgid "<code>POST</code> request attacks (default)"
|
2671 |
+
msgstr "Les attaques <code>POST</code> (défaut)"
|
2672 |
+
|
2673 |
+
#: lib/login_protection.php:325
|
2674 |
+
msgid "<code>GET</code> and <code>POST</code> requests attacks"
|
2675 |
+
msgstr "Les attaques <code>GET</code> et <code>POST</code>"
|
2676 |
+
|
2677 |
+
#: lib/login_protection.php:329
|
2678 |
+
msgid "Enable protection"
|
2679 |
+
msgstr "Activer la protection"
|
2680 |
+
|
2681 |
+
#: lib/login_protection.php:332
|
2682 |
+
#, php-format
|
2683 |
+
msgid "For %1$s minutes, if more than %2$s %3$s requests within %4$s seconds."
|
2684 |
+
msgstr ""
|
2685 |
+
"Pendant %1$s minutes, si plus de %2$s requêtes %3$s détectées en moins de "
|
2686 |
+
"%4$s secondes."
|
2687 |
+
|
2688 |
+
#: lib/login_protection.php:353
|
2689 |
+
msgid "HTTP authentication"
|
2690 |
+
msgstr "Authentification HTTP"
|
2691 |
+
|
2692 |
+
#: lib/login_protection.php:355
|
2693 |
+
msgid "User:"
|
2694 |
+
msgstr "Utilisateur :"
|
2695 |
+
|
2696 |
+
#: lib/login_protection.php:355
|
2697 |
+
msgid "Password:"
|
2698 |
+
msgstr "Mot de passe :"
|
2699 |
+
|
2700 |
+
#: lib/login_protection.php:356
|
2701 |
+
msgid "User and Password must be from 6 to 32 characters."
|
2702 |
+
msgstr "L'utilisateur et mot de passe doivent comporter de 6 à 32 caractères."
|
2703 |
+
|
2704 |
+
#: lib/login_protection.php:357
|
2705 |
+
msgid "Message (max. 1024 characters, HTML tags allowed)"
|
2706 |
+
msgstr "Message (1 024 caractères maximum, balises HTML acceptées)"
|
2707 |
+
|
2708 |
+
#: lib/login_protection.php:368
|
2709 |
+
msgid "Message"
|
2710 |
+
msgstr "Message"
|
2711 |
+
|
2712 |
+
#: lib/login_protection.php:371
|
2713 |
+
msgid "This message will be displayed above the captcha. Max. 255 characters."
|
2714 |
+
msgstr "Ce message sera affiché au-dessus du captcha."
|
2715 |
+
|
2716 |
+
#: lib/login_protection.php:380
|
2717 |
+
msgid "Various options"
|
2718 |
+
msgstr "Options diverses"
|
2719 |
+
|
2720 |
+
#: lib/login_protection.php:383
|
2721 |
+
msgid "XML-RPC API"
|
2722 |
+
msgstr "API XML-RPC"
|
2723 |
+
|
2724 |
+
#: lib/login_protection.php:385
|
2725 |
+
msgid "Apply the protection to the <code>xmlrpc.php</code> script as well."
|
2726 |
+
msgstr "Activer aussi la protection pour le fichier <code>xmlrpc.php</code>."
|
2727 |
+
|
2728 |
+
#: lib/login_protection.php:390
|
2729 |
+
msgid "Bot protection"
|
2730 |
+
msgstr "Protection contre les bots"
|
2731 |
+
|
2732 |
+
#: lib/login_protection.php:392
|
2733 |
+
msgid "Enable bot protection (applies to <code>wp-login.php</code> only.)"
|
2734 |
+
msgstr ""
|
2735 |
+
"Activer la protection contre les bots (ne s'applique qu'à <code>wp-login."
|
2736 |
+
"php</code>)."
|
2737 |
+
|
2738 |
+
#: lib/login_protection.php:397
|
2739 |
+
msgid "Authentication log"
|
2740 |
+
msgstr "Journal d'authentification"
|
2741 |
+
|
2742 |
+
#: lib/login_protection.php:403
|
2743 |
+
msgid "Your server configuration is not compatible with that option."
|
2744 |
+
msgstr ""
|
2745 |
+
"La configuration de votre serveur n'est pas compatible avec cette option."
|
2746 |
+
|
2747 |
+
#: lib/login_protection.php:406
|
2748 |
+
msgid "See contextual help before enabling this option."
|
2749 |
+
msgstr "Consultez l'aide contextuelle avant d'activer cette option."
|
2750 |
+
|
2751 |
+
#: lib/login_protection.php:410
|
2752 |
+
msgid "Write the incident to the server Authentication log."
|
2753 |
+
msgstr ""
|
2754 |
+
"Enregistrer l'incident dans le journal des authentifications du serveur."
|
2755 |
+
|
2756 |
+
#: lib/login_protection.php:416
|
2757 |
+
msgid "Signature"
|
2758 |
+
msgstr "Signature"
|
2759 |
+
|
2760 |
+
#. translators: "Brute-force protection by NinjaFirewall" should not be translated.
|
2761 |
+
#: lib/login_protection.php:420
|
2762 |
+
msgid ""
|
2763 |
+
"Disable the <i>Brute-force protection by NinjaFirewall</i> signature on the "
|
2764 |
+
"protection page."
|
2765 |
+
msgstr ""
|
2766 |
+
"Ne pas afficher <i>Brute-force protection by NinjaFirewall</i> sur la page "
|
2767 |
+
"de connexion."
|
2768 |
+
|
2769 |
+
#: lib/login_protection.php:429
|
2770 |
+
msgid "Save Login Protection"
|
2771 |
+
msgstr "Sauvegarder les options"
|
2772 |
+
|
2773 |
+
#: lib/login_protection.php:430
|
2774 |
+
msgid "See our benchmark and stress-test:"
|
2775 |
+
msgstr "Consultez nos benchmarks :"
|
2776 |
+
|
2777 |
+
#: lib/login_protection.php:448
|
2778 |
+
#, php-format
|
2779 |
+
msgid "Error: %s directory is not writable. Please chmod it to 0777."
|
2780 |
+
msgstr ""
|
2781 |
+
"Erreur : impossible d’écrire dans le répertoire %s. Assurez-vous qu'il "
|
2782 |
+
"n'est pas en lecture seule."
|
2783 |
+
|
2784 |
+
#: lib/login_protection.php:522
|
2785 |
+
msgid "Error: please enter a user name for HTTP authentication."
|
2786 |
+
msgstr ""
|
2787 |
+
"Erreur : veuillez entrer un nom d'utilisateur pour l'authentification HTTP."
|
2788 |
+
|
2789 |
+
#: lib/login_protection.php:524
|
2790 |
+
msgid "Error: HTTP authentication user name is not valid."
|
2791 |
+
msgstr ""
|
2792 |
+
"Erreur : le nom d'utilisateur pour l'authentification HTTP n'est pas valide."
|
2793 |
+
|
2794 |
+
#: lib/login_protection.php:530
|
2795 |
+
msgid "Error: please enter a user name and password for HTTP authentication."
|
2796 |
+
msgstr ""
|
2797 |
+
"Erreur : veuillez entrer un nom d'utilisateur et mot de passe pour "
|
2798 |
+
"l'authentification HTTP."
|
2799 |
+
|
2800 |
+
#: lib/login_protection.php:533
|
2801 |
+
msgid "Error: password must be from 6 to 32 characters."
|
2802 |
+
msgstr "Erreur : le mot de passe doit comporter de 6 à 32 caractères."
|
2803 |
+
|
2804 |
+
#: lib/login_protection.php:568
|
2805 |
+
#, php-format
|
2806 |
+
msgid "Error: unable to write to the %s configuration file"
|
2807 |
+
msgstr "Erreur : impossible d’écrire dans le fichier de configuration %s"
|
2808 |
+
|
2809 |
+
#: lib/nf_sub_about.php:31
|
2810 |
+
msgid "Error : cannot find changelog :("
|
2811 |
+
msgstr "Erreur: impossible de trouver le fichier changelog :("
|
2812 |
+
|
2813 |
+
#: lib/nf_sub_about.php:54
|
2814 |
+
msgid "About"
|
2815 |
+
msgstr "À Propos"
|
2816 |
+
|
2817 |
+
#: lib/nf_sub_about.php:75
|
2818 |
+
msgid "A powerful antivirus<br />scanner for WordPress."
|
2819 |
+
msgstr "Un puissant antivirus<br />pour WordPress."
|
2820 |
+
|
2821 |
+
#: lib/nf_sub_about.php:77
|
2822 |
+
msgid "Free Download"
|
2823 |
+
msgstr "Télécharger"
|
2824 |
+
|
2825 |
+
#: lib/nf_sub_about.php:81
|
2826 |
+
msgid "Website Monitoring<br />for just $4.99/month."
|
2827 |
+
msgstr "Surveillance de site<br />à partir de $4.99/mois."
|
2828 |
+
|
2829 |
+
#: lib/nf_sub_about.php:83
|
2830 |
+
msgid "7-Day Free Trial"
|
2831 |
+
msgstr "Essai Gratuit"
|
2832 |
+
|
2833 |
+
#: lib/nf_sub_about.php:87
|
2834 |
+
msgid "Malware removal<br />and hack recovery."
|
2835 |
+
msgstr "Nettoyage de site<br />piraté ou infecté."
|
2836 |
+
|
2837 |
+
#: lib/nf_sub_about.php:89
|
2838 |
+
msgid "Clean Your Site!"
|
2839 |
+
msgstr "Nettoyez votre site"
|
2840 |
+
|
2841 |
+
#: lib/nf_sub_about.php:101
|
2842 |
+
msgid "Changelog"
|
2843 |
+
msgstr "Changelog"
|
2844 |
+
|
2845 |
+
#: lib/nf_sub_about.php:101
|
2846 |
+
msgid "Spread the word!"
|
2847 |
+
msgstr "Partagez !"
|
2848 |
+
|
2849 |
+
#: lib/nf_sub_about.php:101
|
2850 |
+
msgid "Referral Program"
|
2851 |
+
msgstr "Programme de parrainage"
|
2852 |
+
|
2853 |
+
#: lib/nf_sub_about.php:101
|
2854 |
+
msgid "System Info"
|
2855 |
+
msgstr "Info système"
|
2856 |
+
|
2857 |
+
#: lib/nf_sub_about.php:135
|
2858 |
+
msgid "PHP version"
|
2859 |
+
msgstr "Version PHP"
|
2860 |
+
|
2861 |
+
#: lib/nf_sub_about.php:144
|
2862 |
+
msgid "HTTP server"
|
2863 |
+
msgstr "Serveur HTTP"
|
2864 |
+
|
2865 |
+
#: lib/nf_sub_about.php:147
|
2866 |
+
msgid "Operating System"
|
2867 |
+
msgstr "Système d'exploitation"
|
2868 |
+
|
2869 |
+
#: lib/nf_sub_about.php:150
|
2870 |
+
msgid "Load Average"
|
2871 |
+
msgstr "Charge moyenne"
|
2872 |
+
|
2873 |
+
#: lib/nf_sub_about.php:168
|
2874 |
+
msgid "RAM"
|
2875 |
+
msgstr "RAM"
|
2876 |
+
|
2877 |
+
#: lib/nf_sub_about.php:168
|
2878 |
+
msgid "MB free"
|
2879 |
+
msgstr "Mo libres"
|
2880 |
+
|
2881 |
+
#: lib/nf_sub_about.php:168
|
2882 |
+
msgid "MB total"
|
2883 |
+
msgstr "Mo total"
|
2884 |
+
|
2885 |
+
#: lib/nf_sub_about.php:176
|
2886 |
+
msgid "Processor"
|
2887 |
+
msgid_plural "Processors"
|
2888 |
+
msgstr[0] "Processeur"
|
2889 |
+
msgstr[1] "Processeurs"
|
2890 |
+
|
2891 |
+
#: lib/nf_sub_about.php:176
|
2892 |
+
msgid "CPU core:"
|
2893 |
+
msgid_plural "CPU cores:"
|
2894 |
+
msgstr[0] "cœur :"
|
2895 |
+
msgstr[1] "cœurs :"
|
2896 |
+
|
2897 |
+
#: lib/nf_sub_about.php:177
|
2898 |
+
msgid "CPU model"
|
2899 |
+
msgstr "Modèle CPU"
|
2900 |
+
|
2901 |
+
#: lib/nf_sub_about.php:189
|
2902 |
+
#, php-format
|
2903 |
+
msgid ""
|
2904 |
+
"By joining our NinjaFirewall Referral Program you can earn up to %s for "
|
2905 |
+
"every payment made by a user who signs up using your personal referral link."
|
2906 |
+
msgstr ""
|
2907 |
+
"En rejoignant le Programme de Parrainage de NinjaFirewall, vous pouvez "
|
2908 |
+
"gagner jusqu'à %s pour chaque paiement effectué par un utilisateur qui "
|
2909 |
+
"achète une licence en utilisant votre lien de parrainage personnel."
|
2910 |
+
|
2911 |
+
#: lib/nf_sub_about.php:190
|
2912 |
+
#, php-format
|
2913 |
+
msgid ""
|
2914 |
+
"For more info and subscription, please check our <a href=\"%s\">Referral "
|
2915 |
+
"Program page</a>."
|
2916 |
+
msgstr ""
|
2917 |
+
"Pour plus d'information, consultez notre page du <a href=\"%s\">Programme de "
|
2918 |
+
"Parrainage</a>."
|
2919 |
+
|
2920 |
+
#: lib/nf_sub_event.php:64
|
2921 |
+
msgid "WordPress admin dashboard"
|
2922 |
+
msgstr "Connexion"
|
2923 |
+
|
2924 |
+
#: lib/nf_sub_event.php:67 lib/nf_sub_event.php:136
|
2925 |
+
msgid "Send me an alert whenever"
|
2926 |
+
msgstr "Envoyer une alerte quand"
|
2927 |
+
|
2928 |
+
#: lib/nf_sub_event.php:69
|
2929 |
+
msgid "An administrator logs in (default)"
|
2930 |
+
msgstr "Un Administrateur se connecte (défaut)"
|
2931 |
+
|
2932 |
+
#: lib/nf_sub_event.php:70
|
2933 |
+
msgid "Someone - user, admin, editor, etc - logs in"
|
2934 |
+
msgstr "Quelqu'un - utilisateur, admin, éditeur etc - se connecte"
|
2935 |
+
|
2936 |
+
#: lib/nf_sub_event.php:71
|
2937 |
+
msgid "No, thanks (not recommended)"
|
2938 |
+
msgstr "Non, merci"
|
2939 |
+
|
2940 |
+
#: lib/nf_sub_event.php:78
|
2941 |
+
msgid "Plugins"
|
2942 |
+
msgstr "Extensions"
|
2943 |
+
|
2944 |
+
#: lib/nf_sub_event.php:81 lib/nf_sub_event.php:98 lib/nf_sub_event.php:113
|
2945 |
+
msgid "Send me an alert whenever someone"
|
2946 |
+
msgstr "Envoyer une alerte quand quelqu'un"
|
2947 |
+
|
2948 |
+
#: lib/nf_sub_event.php:83
|
2949 |
+
msgid "Uploads a plugin (default)"
|
2950 |
+
msgstr "Télécharge une extension (défaut)"
|
2951 |
+
|
2952 |
+
#: lib/nf_sub_event.php:84
|
2953 |
+
msgid "Installs a plugin (default)"
|
2954 |
+
msgstr "Installe une extension (défaut)"
|
2955 |
+
|
2956 |
+
#: lib/nf_sub_event.php:85
|
2957 |
+
msgid "Activates a plugin"
|
2958 |
+
msgstr "Active une extension"
|
2959 |
+
|
2960 |
+
#: lib/nf_sub_event.php:86
|
2961 |
+
msgid "Updates a plugin"
|
2962 |
+
msgstr "Met à jour une extension"
|
2963 |
+
|
2964 |
+
#: lib/nf_sub_event.php:87
|
2965 |
+
msgid "Deactivates a plugin (default)"
|
2966 |
+
msgstr "Désactive une extension (défaut)"
|
2967 |
+
|
2968 |
+
#: lib/nf_sub_event.php:88
|
2969 |
+
msgid "Deletes a plugin"
|
2970 |
+
msgstr "Supprime une extension"
|
2971 |
+
|
2972 |
+
#: lib/nf_sub_event.php:95
|
2973 |
+
msgid "Themes"
|
2974 |
+
msgstr "Thèmes"
|
2975 |
+
|
2976 |
+
#: lib/nf_sub_event.php:100
|
2977 |
+
msgid "Uploads a theme (default)"
|
2978 |
+
msgstr "Télécharge un thème (défaut)"
|
2979 |
+
|
2980 |
+
#: lib/nf_sub_event.php:101
|
2981 |
+
msgid "Installs a theme (default)"
|
2982 |
+
msgstr "Installe un thème (défaut)"
|
2983 |
+
|
2984 |
+
#: lib/nf_sub_event.php:102
|
2985 |
+
msgid "Activates a theme"
|
2986 |
+
msgstr "Active un thème"
|
2987 |
+
|
2988 |
+
#: lib/nf_sub_event.php:103
|
2989 |
+
msgid "Deletes a theme"
|
2990 |
+
msgstr "Supprime un thème"
|
2991 |
+
|
2992 |
+
#: lib/nf_sub_event.php:110
|
2993 |
+
msgid "Core"
|
2994 |
+
msgstr "WordPress"
|
2995 |
+
|
2996 |
+
#: lib/nf_sub_event.php:115
|
2997 |
+
msgid "Updates WordPress (default)"
|
2998 |
+
msgstr "Met à jour WordPress (défaut)"
|
2999 |
+
|
3000 |
+
#: lib/nf_sub_event.php:133
|
3001 |
+
msgid "Administrator account"
|
3002 |
+
msgstr "Compte administrateur"
|
3003 |
+
|
3004 |
+
#: lib/nf_sub_event.php:138
|
3005 |
+
msgid ""
|
3006 |
+
"An administrator account is created, modified or deleted in the database "
|
3007 |
+
"(default)"
|
3008 |
+
msgstr ""
|
3009 |
+
"Un compte Administrateur est crée, modifié ou supprimé dans la base de "
|
3010 |
+
"données (défaut)"
|
3011 |
+
|
3012 |
+
#: lib/nf_sub_event.php:139
|
3013 |
+
msgid "A user attempts to gain administrative privileges (default)"
|
3014 |
+
msgstr ""
|
3015 |
+
"Un utilisateur a essayé d'élever ses privilèges pour devenir administrateur "
|
3016 |
+
"du blog (défaut)"
|
3017 |
+
|
3018 |
+
#: lib/nf_sub_event.php:146
|
3019 |
+
msgid "Daily report"
|
3020 |
+
msgstr "Rapport quotidien"
|
3021 |
+
|
3022 |
+
#: lib/nf_sub_event.php:149
|
3023 |
+
msgid "Send me a daily activity report"
|
3024 |
+
msgstr "Envoyer un rapport d'activité quotidien"
|
3025 |
+
|
3026 |
+
#: lib/nf_sub_event.php:151 lib/nf_sub_event.php:163
|
3027 |
+
#: lib/nf_sub_updates.php:146 ninjafirewall.php:1702 ninjafirewall.php:1745
|
3028 |
+
#: ninjafirewall.php:1765 ninjafirewall.php:1816 ninjafirewall.php:1861
|
3029 |
+
#: ninjafirewall.php:1871 ninjafirewall.php:1881 ninjafirewall.php:1924
|
3030 |
+
#: ninjafirewall.php:1967 ninjafirewall.php:1987 ninjafirewall.php:2168
|
3031 |
+
#: ninjafirewall.php:2224 ninjafirewall.php:2234 ninjafirewall.php:2244
|
3032 |
+
#: ninjafirewall.php:2254 ninjafirewall.php:2301 ninjafirewall.php:2311
|
3033 |
+
#: ninjafirewall.php:3005
|
3034 |
+
msgid "Yes (default)"
|
3035 |
+
msgstr "Oui (défaut)"
|
3036 |
+
|
3037 |
+
#: lib/nf_sub_event.php:158
|
3038 |
+
msgid "Log"
|
3039 |
+
msgstr "Journal"
|
3040 |
+
|
3041 |
+
#: lib/nf_sub_event.php:161
|
3042 |
+
msgid "Write all events to the firewall log"
|
3043 |
+
msgstr "Enregistrer les événements dans le journal du pare-feu"
|
3044 |
+
|
3045 |
+
#: lib/nf_sub_event.php:173 lib/nf_sub_event.php:203
|
3046 |
+
msgid "Contact email"
|
3047 |
+
msgstr "Adresse e-mail du contact"
|
3048 |
+
|
3049 |
+
#: lib/nf_sub_event.php:176 lib/nf_sub_event.php:206
|
3050 |
+
msgid "Alerts should be sent to"
|
3051 |
+
msgstr "Envoyer les alertes à"
|
3052 |
+
|
3053 |
+
#: lib/nf_sub_event.php:185 lib/nf_sub_event.php:211
|
3054 |
+
msgid ""
|
3055 |
+
"Multiple recipients must be comma-separated (e.g., <code>joe@example.org,"
|
3056 |
+
"alice@example.org</code>)."
|
3057 |
+
msgstr ""
|
3058 |
+
"Plusieurs destinataires doivent être séparés par des virgules (par ex. "
|
3059 |
+
"<code>joe@example.org,alice@example.org</code>)."
|
3060 |
+
|
3061 |
+
#: lib/nf_sub_event.php:208
|
3062 |
+
msgid "Only to me, the Super Admin"
|
3063 |
+
msgstr "Moi uniquement, le Super Admin"
|
3064 |
+
|
3065 |
+
#: lib/nf_sub_event.php:208
|
3066 |
+
msgid "default"
|
3067 |
+
msgstr "défaut"
|
3068 |
+
|
3069 |
+
#: lib/nf_sub_event.php:209
|
3070 |
+
msgid "To the administrator of the site where originated the alert"
|
3071 |
+
msgstr "L'Administrateur du site d’où provient l'alerte"
|
3072 |
+
|
3073 |
+
#: lib/nf_sub_event.php:210
|
3074 |
+
msgid "Other(s):"
|
3075 |
+
msgstr "Autre(s) :"
|
3076 |
+
|
3077 |
+
#: lib/nf_sub_event.php:222
|
3078 |
+
msgid "Save Event Notifications"
|
3079 |
+
msgstr "Sauvegarder les options"
|
3080 |
+
|
3081 |
+
#: lib/nf_sub_event.php:429
|
3082 |
+
msgid "[NinjaFirewall] Daily Activity Report"
|
3083 |
+
msgstr "[NinjaFirewall] Rapport d'activité quotidien"
|
3084 |
+
|
3085 |
+
#: lib/nf_sub_event.php:436
|
3086 |
+
#, php-format
|
3087 |
+
msgid "Daily activity report for: %s"
|
3088 |
+
msgstr "Rapport d'activité quotidien pour : %s"
|
3089 |
+
|
3090 |
+
#: lib/nf_sub_event.php:437
|
3091 |
+
msgid "Date Range Processed: Yesterday"
|
3092 |
+
msgstr "Plage de date traitée : Hier"
|
3093 |
+
|
3094 |
+
#: lib/nf_sub_event.php:439
|
3095 |
+
msgid "Blocked hacking attempts:"
|
3096 |
+
msgstr "Tentatives de piratage bloquées :"
|
3097 |
+
|
3098 |
+
#: lib/nf_sub_event.php:441
|
3099 |
+
msgid "critical:"
|
3100 |
+
msgstr "Critique :"
|
3101 |
+
|
3102 |
+
#: lib/nf_sub_event.php:442
|
3103 |
+
msgid "high:"
|
3104 |
+
msgstr "Élevé :"
|
3105 |
+
|
3106 |
+
#: lib/nf_sub_event.php:443
|
3107 |
+
msgid "medium:"
|
3108 |
+
msgstr "Moyen :"
|
3109 |
+
|
3110 |
+
#: lib/nf_sub_event.php:445
|
3111 |
+
msgid "Blocked brute-force attacks:"
|
3112 |
+
msgstr "Attaques par force brute bloquées :"
|
3113 |
+
|
3114 |
+
#: lib/nf_sub_event.php:446 lib/nfw_misc.php:459
|
3115 |
+
msgid ""
|
3116 |
+
"This notification can be turned off from NinjaFirewall \"Event Notifications"
|
3117 |
+
"\" page."
|
3118 |
+
msgstr ""
|
3119 |
+
"Cette notification peut être désactivée depuis la page \"Notifications "
|
3120 |
+
"d’Événement\" de NinjaFirewall."
|
3121 |
+
|
3122 |
+
#: lib/nf_sub_event.php:450 lib/nf_sub_filecheck.php:840
|
3123 |
+
#: lib/nf_sub_filecheck.php:857 lib/nf_sub_options.php:483
|
3124 |
+
#: lib/nf_sub_updates.php:550 ninjafirewall.php:3461
|
3125 |
+
msgid "Support forum:"
|
3126 |
+
msgstr "Forum :"
|
3127 |
+
|
3128 |
+
#: lib/nf_sub_filecheck.php:55 lib/nf_sub_filecheck.php:88
|
3129 |
+
msgid "You did not create any snapshot yet."
|
3130 |
+
msgstr "Vous n'avez pas encore créé d'instantané."
|
3131 |
+
|
3132 |
+
#: lib/nf_sub_filecheck.php:64
|
3133 |
+
msgid "Snapshot successfully created."
|
3134 |
+
msgstr "L'instantané a bien été créé."
|
3135 |
+
|
3136 |
+
#: lib/nf_sub_filecheck.php:73
|
3137 |
+
msgid "Snapshot file successfully deleted."
|
3138 |
+
msgstr "L'instantané a bien été supprimé."
|
3139 |
+
|
3140 |
+
#: lib/nf_sub_filecheck.php:93
|
3141 |
+
msgid "You must create a snapshot first."
|
3142 |
+
msgstr "Vous devez d'abord créer un instantané."
|
3143 |
+
|
3144 |
+
#: lib/nf_sub_filecheck.php:104 lib/nf_sub_filecheck.php:831
|
3145 |
+
msgid "NinjaFirewall detected that changes were made to your files."
|
3146 |
+
msgstr "NinjaFirewall a détecté des changements dans vos fichiers."
|
3147 |
+
|
3148 |
+
#: lib/nf_sub_filecheck.php:107
|
3149 |
+
msgid "No changes detected."
|
3150 |
+
msgstr "Aucun changement n'a été détecté."
|
3151 |
+
|
3152 |
+
#: lib/nf_sub_filecheck.php:146
|
3153 |
+
msgid "Create a snapshot of all files stored in that directory"
|
3154 |
+
msgstr ""
|
3155 |
+
"Créer un instantané de tous les fichiers se trouvant dans ce répertoire"
|
3156 |
+
|
3157 |
+
#: lib/nf_sub_filecheck.php:154
|
3158 |
+
#, php-format
|
3159 |
+
msgid "Default: %s"
|
3160 |
+
msgstr "Défaut : %s"
|
3161 |
+
|
3162 |
+
#: lib/nf_sub_filecheck.php:159 ninjafirewall.php:2909
|
3163 |
+
msgid "Exclude the following files/folders (optional)"
|
3164 |
+
msgstr "Exclure les fichiers / dossiers suivants (optionnel)"
|
3165 |
+
|
3166 |
+
#: lib/nf_sub_filecheck.php:160 ninjafirewall.php:2910
|
3167 |
+
msgid "e.g.,"
|
3168 |
+
msgstr "par ex."
|
3169 |
+
|
3170 |
+
#: lib/nf_sub_filecheck.php:160
|
3171 |
+
msgid ""
|
3172 |
+
"Full or partial case-sensitive string(s). Multiple values must be comma-"
|
3173 |
+
"separated"
|
3174 |
+
msgstr ""
|
3175 |
+
"Chaîne de caractères complète ou partielle, sensible à la casse. Plusieurs "
|
3176 |
+
"valeurs doivent être séparées par des virgules"
|
3177 |
+
|
3178 |
+
#: lib/nf_sub_filecheck.php:165
|
3179 |
+
msgid "Do not follow symbolic links (default)"
|
3180 |
+
msgstr "Ne pas suivre les liens symboliques (défaut)"
|
3181 |
+
|
3182 |
+
#: lib/nf_sub_filecheck.php:170
|
3183 |
+
msgid "Create Snapshot"
|
3184 |
+
msgstr "Créer un Instantané"
|
3185 |
+
|
3186 |
+
#: lib/nf_sub_filecheck.php:291
|
3187 |
+
msgid "Delete the current snapshot?"
|
3188 |
+
msgstr "Supprimer l'instantané actuel ?"
|
3189 |
+
|
3190 |
+
#: lib/nf_sub_filecheck.php:305
|
3191 |
+
msgid "Last snapshot"
|
3192 |
+
msgstr "Dernier instantané"
|
3193 |
+
|
3194 |
+
#: lib/nf_sub_filecheck.php:307
|
3195 |
+
#, php-format
|
3196 |
+
msgid "Created on: %s"
|
3197 |
+
msgstr "Créé le : %s"
|
3198 |
+
|
3199 |
+
#: lib/nf_sub_filecheck.php:308
|
3200 |
+
#, php-format
|
3201 |
+
msgid "Total files: %s "
|
3202 |
+
msgstr "Nombre de fichiers : %s "
|
3203 |
+
|
3204 |
+
#: lib/nf_sub_filecheck.php:310
|
3205 |
+
msgid "Directory:"
|
3206 |
+
msgstr "Répertoire :"
|
3207 |
+
|
3208 |
+
#: lib/nf_sub_filecheck.php:314
|
3209 |
+
msgid "Exclusion:"
|
3210 |
+
msgstr "Exclusion :"
|
3211 |
+
|
3212 |
+
#: lib/nf_sub_filecheck.php:320
|
3213 |
+
msgid "Symlinks:"
|
3214 |
+
msgstr "Lien symboliques :"
|
3215 |
+
|
3216 |
+
#: lib/nf_sub_filecheck.php:322
|
3217 |
+
msgid "follow"
|
3218 |
+
msgstr "suivre"
|
3219 |
+
|
3220 |
+
#: lib/nf_sub_filecheck.php:324
|
3221 |
+
msgid "do not follow"
|
3222 |
+
msgstr "ne pas suivre"
|
3223 |
+
|
3224 |
+
#: lib/nf_sub_filecheck.php:328
|
3225 |
+
#, php-format
|
3226 |
+
msgid "Processing time: %s seconds"
|
3227 |
+
msgstr "Temps de traitement : %s secondes"
|
3228 |
+
|
3229 |
+
#: lib/nf_sub_filecheck.php:333
|
3230 |
+
msgid "Download Snapshot"
|
3231 |
+
msgstr "Télécharger l'instantané"
|
3232 |
+
|
3233 |
+
#: lib/nf_sub_filecheck.php:333
|
3234 |
+
msgid "Delete Snapshot"
|
3235 |
+
msgstr "Supprimer l'instantané"
|
3236 |
+
|
3237 |
+
#: lib/nf_sub_filecheck.php:338
|
3238 |
+
msgid "Last changes"
|
3239 |
+
msgstr "Dernières modifications"
|
3240 |
+
|
3241 |
+
#: lib/nf_sub_filecheck.php:345
|
3242 |
+
#, php-format
|
3243 |
+
msgid "New files: %s"
|
3244 |
+
msgstr "Nouveaux fichiers : %s"
|
3245 |
+
|
3246 |
+
#: lib/nf_sub_filecheck.php:346
|
3247 |
+
#, php-format
|
3248 |
+
msgid "Deleted files: %s"
|
3249 |
+
msgstr "Fichiers supprimés : %s"
|
3250 |
+
|
3251 |
+
#: lib/nf_sub_filecheck.php:347
|
3252 |
+
#, php-format
|
3253 |
+
msgid "Modified files: %s"
|
3254 |
+
msgstr "Fichiers modifiés : %s"
|
3255 |
+
|
3256 |
+
#: lib/nf_sub_filecheck.php:351
|
3257 |
+
msgid "View Changes"
|
3258 |
+
msgstr "Voir les Modifications"
|
3259 |
+
|
3260 |
+
#: lib/nf_sub_filecheck.php:355
|
3261 |
+
msgid "Download Changes"
|
3262 |
+
msgstr "Télécharger les Modifications"
|
3263 |
+
|
3264 |
+
#: lib/nf_sub_filecheck.php:367
|
3265 |
+
msgid "Click a file to get more info about it."
|
3266 |
+
msgstr "Cliquez sur un fichier pour obtenir plus d'informations à son sujet."
|
3267 |
+
|
3268 |
+
#: lib/nf_sub_filecheck.php:370
|
3269 |
+
msgid "New files:"
|
3270 |
+
msgstr "Nouveaux fichiers :"
|
3271 |
+
|
3272 |
+
#: lib/nf_sub_filecheck.php:379 lib/nf_sub_filecheck.php:432
|
3273 |
+
msgid "Size"
|
3274 |
+
msgstr "Taille"
|
3275 |
+
|
3276 |
+
#: lib/nf_sub_filecheck.php:383 lib/nf_sub_filecheck.php:437
|
3277 |
+
msgid "Access"
|
3278 |
+
msgstr "Accès"
|
3279 |
+
|
3280 |
+
#: lib/nf_sub_filecheck.php:387 lib/nf_sub_filecheck.php:442
|
3281 |
+
msgid "Uid / Gid"
|
3282 |
+
msgstr "Uid / Gid"
|
3283 |
+
|
3284 |
+
#: lib/nf_sub_filecheck.php:391 lib/nf_sub_filecheck.php:447
|
3285 |
+
msgid "Modify"
|
3286 |
+
msgstr "Modification"
|
3287 |
+
|
3288 |
+
#: lib/nf_sub_filecheck.php:395 lib/nf_sub_filecheck.php:452
|
3289 |
+
msgid "Change"
|
3290 |
+
msgstr "Changement"
|
3291 |
+
|
3292 |
+
#: lib/nf_sub_filecheck.php:405
|
3293 |
+
msgid "Deleted files:"
|
3294 |
+
msgstr "Fichiers supprimés :"
|
3295 |
+
|
3296 |
+
#: lib/nf_sub_filecheck.php:418
|
3297 |
+
msgid "Modified files:"
|
3298 |
+
msgstr "Fichiers modifiés :"
|
3299 |
+
|
3300 |
+
#: lib/nf_sub_filecheck.php:428
|
3301 |
+
msgid "Old"
|
3302 |
+
msgstr "Ancien"
|
3303 |
+
|
3304 |
+
#: lib/nf_sub_filecheck.php:429
|
3305 |
+
msgid "New"
|
3306 |
+
msgstr "Nouveau"
|
3307 |
+
|
3308 |
+
#: lib/nf_sub_filecheck.php:468
|
3309 |
+
msgid "None"
|
3310 |
+
msgstr "Aucune"
|
3311 |
+
|
3312 |
+
#: lib/nf_sub_filecheck.php:478
|
3313 |
+
msgid "Scan System For File Changes"
|
3314 |
+
msgstr "Lancer l'analyse des fichiers"
|
3315 |
+
|
3316 |
+
#: lib/nf_sub_filecheck.php:495
|
3317 |
+
msgid "Options"
|
3318 |
+
msgstr "Options"
|
3319 |
+
|
3320 |
+
#: lib/nf_sub_filecheck.php:502
|
3321 |
+
#, php-format
|
3322 |
+
msgid ""
|
3323 |
+
"It seems that %s is enabled. Ensure you have another way to run WP-Cron, "
|
3324 |
+
"otherwise NinjaFirewall scheduled scans will not work."
|
3325 |
+
msgstr ""
|
3326 |
+
"Il semble que %s est activé. Assurez vous de pouvoir exécuter WP-Cron, sinon "
|
3327 |
+
"File Check ne pourra pas se lancer automatiquement."
|
3328 |
+
|
3329 |
+
#: lib/nf_sub_filecheck.php:508
|
3330 |
+
msgid "Enable scheduled scans"
|
3331 |
+
msgstr "Lancer File Check automatiquement"
|
3332 |
+
|
3333 |
+
#: lib/nf_sub_filecheck.php:511 lib/nf_sub_updates.php:167
|
3334 |
+
msgid "Hourly"
|
3335 |
+
msgstr "Une fois par heure"
|
3336 |
+
|
3337 |
+
#: lib/nf_sub_filecheck.php:512 lib/nf_sub_updates.php:168
|
3338 |
+
msgid "Twicedaily"
|
3339 |
+
msgstr "Deux fois par jour"
|
3340 |
+
|
3341 |
+
#: lib/nf_sub_filecheck.php:513 lib/nf_sub_updates.php:169
|
3342 |
+
msgid "Daily"
|
3343 |
+
msgstr "Tous les jours"
|
3344 |
+
|
3345 |
+
#: lib/nf_sub_filecheck.php:520
|
3346 |
+
#, php-format
|
3347 |
+
msgid ""
|
3348 |
+
"Next scan will start in approximately %s day(s), %s hour(s), %s minute(s) "
|
3349 |
+
"and %s second(s)."
|
3350 |
+
msgstr ""
|
3351 |
+
"La prochaine analyse commencera dans %s jour(s), %s heure(s), %s minute(s) "
|
3352 |
+
"et %s seconde(s)."
|
3353 |
+
|
3354 |
+
#: lib/nf_sub_filecheck.php:527
|
3355 |
+
msgid ""
|
3356 |
+
"The next scheduled scan date is in the past! WordPress wp-cron may not be "
|
3357 |
+
"working or may have been disabled."
|
3358 |
+
msgstr ""
|
3359 |
+
"La date de la prochaine analyse est dans le passé ! Essayez de "
|
3360 |
+
"recharger cette page, sinon vérifiez que WP-Cron n'a pas été désactivé."
|
3361 |
+
|
3362 |
+
#: lib/nf_sub_filecheck.php:535
|
3363 |
+
msgid "Scheduled scan report"
|
3364 |
+
msgstr "Rapport d'analyse"
|
3365 |
+
|
3366 |
+
#: lib/nf_sub_filecheck.php:537
|
3367 |
+
msgid "Send me a report by email only if changes are detected (default)"
|
3368 |
+
msgstr ""
|
3369 |
+
"Envoyez-moi un rapport uniquement si des changements ont été détectés "
|
3370 |
+
"(défaut)"
|
3371 |
+
|
3372 |
+
#: lib/nf_sub_filecheck.php:538
|
3373 |
+
msgid "Always send me a report by email after a scheduled scan"
|
3374 |
+
msgstr "Envoyez-moi toujours un rapport après une analyse automatique"
|
3375 |
+
|
3376 |
+
#: lib/nf_sub_filecheck.php:543
|
3377 |
+
msgid "Save Scan Options"
|
3378 |
+
msgstr "Sauvegarder les options"
|
3379 |
+
|
3380 |
+
#: lib/nf_sub_filecheck.php:555
|
3381 |
+
msgid "Enter the full path to the directory to be scanned."
|
3382 |
+
msgstr "Entrez le chemin complet vers le répertoire à scanner."
|
3383 |
+
|
3384 |
+
#: lib/nf_sub_filecheck.php:562
|
3385 |
+
#, php-format
|
3386 |
+
msgid "The directory %s does not exist."
|
3387 |
+
msgstr "Le répertoire %s n'existe pas."
|
3388 |
+
|
3389 |
+
#: lib/nf_sub_filecheck.php:565
|
3390 |
+
#, php-format
|
3391 |
+
msgid "The directory %s is not readable."
|
3392 |
+
msgstr "Le répertoire %s n'est pas lisible."
|
3393 |
+
|
3394 |
+
#: lib/nf_sub_filecheck.php:606
|
3395 |
+
#, php-format
|
3396 |
+
msgid "Cannot write to %s."
|
3397 |
+
msgstr "Impossible d'écrire dans %s."
|
3398 |
+
|
3399 |
+
#: lib/nf_sub_filecheck.php:636
|
3400 |
+
#, php-format
|
3401 |
+
msgid "Error : cannot open %s directory."
|
3402 |
+
msgstr "Erreur : impossible d'ouvrir le répertoire %s."
|
3403 |
+
|
3404 |
+
#: lib/nf_sub_filecheck.php:639
|
3405 |
+
#, php-format
|
3406 |
+
msgid "Error : %s directory is not readable."
|
3407 |
+
msgstr "Erreur : le répertoire %s n'est pas lisible."
|
3408 |
+
|
3409 |
+
#: lib/nf_sub_filecheck.php:654
|
3410 |
+
#, php-format
|
3411 |
+
msgid "Missing options line %s, please try again."
|
3412 |
+
msgstr "Option manquante (ligne %s). Veuillez essayer à nouveau."
|
3413 |
+
|
3414 |
+
#: lib/nf_sub_filecheck.php:664
|
3415 |
+
#, php-format
|
3416 |
+
msgid "Cannot create %s."
|
3417 |
+
msgstr "Impossible de créer %s."
|
3418 |
+
|
3419 |
+
#: lib/nf_sub_filecheck.php:681
|
3420 |
+
msgid "Error reading old snapshot file."
|
3421 |
+
msgstr "Erreur lors de la lecture du fichier de l'ancien instantané."
|
3422 |
+
|
3423 |
+
#: lib/nf_sub_filecheck.php:692
|
3424 |
+
msgid "Error reading new snapshot file."
|
3425 |
+
msgstr "Erreur lors de la lecture du fichier du nouvel instantané."
|
3426 |
+
|
3427 |
+
#: lib/nf_sub_filecheck.php:808 ninjafirewall.php:271
|
3428 |
+
msgid "New file"
|
3429 |
+
msgstr "Nouveau fichier"
|
3430 |
+
|
3431 |
+
#: lib/nf_sub_filecheck.php:809 ninjafirewall.php:272
|
3432 |
+
msgid "Deleted file"
|
3433 |
+
msgstr "Fichier supprimé"
|
3434 |
+
|
3435 |
+
#: lib/nf_sub_filecheck.php:810 ninjafirewall.php:273
|
3436 |
+
msgid "Modified file"
|
3437 |
+
msgstr "Fichier modifié"
|
3438 |
+
|
3439 |
+
#: lib/nf_sub_filecheck.php:830
|
3440 |
+
msgid "[NinjaFirewall] Alert: File Check detection"
|
3441 |
+
msgstr "[NinjaFirewall] Alerte: Détection File Check"
|
3442 |
+
|
3443 |
+
#: lib/nf_sub_filecheck.php:833 lib/nf_sub_filecheck.php:835
|
3444 |
+
#: lib/nf_sub_filecheck.php:851 lib/nf_sub_filecheck.php:853
|
3445 |
+
#: lib/nf_sub_updates.php:542 lib/nf_sub_updates.php:544 lib/nfw_misc.php:311
|
3446 |
+
#: lib/nfw_misc.php:313 lib/nfw_misc.php:450 lib/nfw_misc.php:452
|
3447 |
+
msgid "Blog:"
|
3448 |
+
msgstr "Blog :"
|
3449 |
+
|
3450 |
+
#: lib/nf_sub_filecheck.php:837 lib/nf_sub_filecheck.php:855
|
3451 |
+
#: lib/nf_sub_updates.php:547
|
3452 |
+
#, php-format
|
3453 |
+
msgid "Date: %s"
|
3454 |
+
msgstr "Date : %s"
|
3455 |
+
|
3456 |
+
#: lib/nf_sub_filecheck.php:838
|
3457 |
+
msgid "See attached file for details."
|
3458 |
+
msgstr "Voir le fichier joint pour plus de détails."
|
3459 |
+
|
3460 |
+
#: lib/nf_sub_filecheck.php:848
|
3461 |
+
msgid "[NinjaFirewall] File Check report"
|
3462 |
+
msgstr "[NinjaFirewall] Rapport de File Check"
|
3463 |
+
|
3464 |
+
#: lib/nf_sub_filecheck.php:849
|
3465 |
+
msgid "NinjaFirewall did not detect changes in your files."
|
3466 |
+
msgstr "NinjaFirewall n'a pas détecté de changements dans vos fichiers."
|
3467 |
+
|
3468 |
+
#: lib/nf_sub_livelog.php:29
|
3469 |
+
msgid ""
|
3470 |
+
"Error: NinjaFirewall must be enabled and working in order to use this "
|
3471 |
+
"feature."
|
3472 |
+
msgstr ""
|
3473 |
+
"Erreur : NinjaFirewall doit être activé pour pouvoir utiliser cette option."
|
3474 |
+
|
3475 |
+
#: lib/nf_sub_livelog.php:32
|
3476 |
+
#, php-format
|
3477 |
+
msgid ""
|
3478 |
+
"Error: You must be whitelisted in order to use that feature: click on the <a "
|
3479 |
+
"href=\"%s\">Firewall Policies</a> menu and ensure that the \"Add the "
|
3480 |
+
"Administrator to the whitelist\" option is enabled."
|
3481 |
+
msgstr ""
|
3482 |
+
"Erreur : Vous devez être dans la liste blanche afin de pouvoir utiliser "
|
3483 |
+
"cette option. Cliquez sur le menu <a href=\"%s\">Politiques du Pare-feu</a> "
|
3484 |
+
"et assurez vous que l'option \"Ajouter l'Administrateur à la liste blanche\" "
|
3485 |
+
"est activée."
|
3486 |
+
|
3487 |
+
#: lib/nf_sub_livelog.php:95
|
3488 |
+
msgid "Loading..."
|
3489 |
+
msgstr "Chargement..."
|
3490 |
+
|
3491 |
+
#: lib/nf_sub_livelog.php:113 lib/nf_sub_livelog.php:142
|
3492 |
+
#: lib/nf_sub_livelog.php:227
|
3493 |
+
msgid "No traffic yet, please wait..."
|
3494 |
+
msgstr "Aucun visiteur actuellement, veuillez patienter..."
|
3495 |
+
|
3496 |
+
#: lib/nf_sub_livelog.php:116
|
3497 |
+
msgid "Error: Live Log did not receive the expected response from your server:"
|
3498 |
+
msgstr "Erreur : le serveur distant n\\'a pas retourné la réponse attendue :"
|
3499 |
+
|
3500 |
+
#: lib/nf_sub_livelog.php:135
|
3501 |
+
msgid "Error: URL does not seem to exist:"
|
3502 |
+
msgstr "Erreur : l\\'URL ne semble pas valide :"
|
3503 |
+
|
3504 |
+
#: lib/nf_sub_livelog.php:137
|
3505 |
+
msgid "Error: cannot find your log file. Try to reload this page."
|
3506 |
+
msgstr ""
|
3507 |
+
"Erreur : impossible de trouver le fichier log. Essayez de recharger cette "
|
3508 |
+
"page."
|
3509 |
+
|
3510 |
+
#: lib/nf_sub_livelog.php:139
|
3511 |
+
msgid "Error: the HTTP server returned the following error code:"
|
3512 |
+
msgstr "Erreur : le serveur HTTP a retourné le code d\\'erreur suivant :"
|
3513 |
+
|
3514 |
+
#: lib/nf_sub_livelog.php:144 lib/nf_sub_livelog.php:157
|
3515 |
+
#: lib/nf_sub_livelog.php:177
|
3516 |
+
msgid "Sleeping"
|
3517 |
+
msgstr "Rafraîchissement dans"
|
3518 |
+
|
3519 |
+
#: lib/nf_sub_livelog.php:144 lib/nf_sub_livelog.php:157
|
3520 |
+
#: lib/nf_sub_livelog.php:177
|
3521 |
+
msgid "seconds"
|
3522 |
+
msgstr "secondes"
|
3523 |
+
|
3524 |
+
#: lib/nf_sub_livelog.php:231
|
3525 |
+
msgid "On"
|
3526 |
+
msgstr "Activer"
|
3527 |
+
|
3528 |
+
#: lib/nf_sub_livelog.php:231
|
3529 |
+
msgid "Off"
|
3530 |
+
msgstr "Stopper"
|
3531 |
+
|
3532 |
+
#: lib/nf_sub_livelog.php:231
|
3533 |
+
msgid "Refresh rate:"
|
3534 |
+
msgstr "Intervalle :"
|
3535 |
+
|
3536 |
+
#: lib/nf_sub_livelog.php:233
|
3537 |
+
msgid "5 seconds"
|
3538 |
+
msgstr "5 secondes"
|
3539 |
+
|
3540 |
+
#: lib/nf_sub_livelog.php:234
|
3541 |
+
msgid "10 seconds"
|
3542 |
+
msgstr "10 secondes"
|
3543 |
+
|
3544 |
+
#: lib/nf_sub_livelog.php:235
|
3545 |
+
msgid "20 seconds"
|
3546 |
+
msgstr "20 secondes"
|
3547 |
+
|
3548 |
+
#: lib/nf_sub_livelog.php:236
|
3549 |
+
msgid "45 seconds"
|
3550 |
+
msgstr "45 secondes"
|
3551 |
+
|
3552 |
+
#: lib/nf_sub_livelog.php:237
|
3553 |
+
msgid "Clear screen"
|
3554 |
+
msgstr "Effacer"
|
3555 |
+
|
3556 |
+
#: lib/nf_sub_livelog.php:237
|
3557 |
+
msgid "Autoscrolling"
|
3558 |
+
msgstr "Défilement auto."
|
3559 |
+
|
3560 |
+
#: lib/nf_sub_livelog.php:243
|
3561 |
+
msgid "Live Log will not display whitelisted users and brute-force attacks."
|
3562 |
+
msgstr ""
|
3563 |
+
"Live Log n'affiche pas les connexions de l'administrateur, ni les attaques "
|
3564 |
+
"par force brute."
|
3565 |
+
|
3566 |
+
#: lib/nf_sub_livelog.php:266
|
3567 |
+
msgid "Live Log options"
|
3568 |
+
msgstr "Options"
|
3569 |
+
|
3570 |
+
#: lib/nf_sub_livelog.php:269
|
3571 |
+
msgid "Format"
|
3572 |
+
msgstr "Format d'affichage"
|
3573 |
+
|
3574 |
+
#: lib/nf_sub_livelog.php:272
|
3575 |
+
msgid "Custom"
|
3576 |
+
msgstr "Autre"
|
3577 |
+
|
3578 |
+
#: lib/nf_sub_livelog.php:273
|
3579 |
+
msgid "See contextual help for available log format."
|
3580 |
+
msgstr ""
|
3581 |
+
"Consultez l'aide contextuelle pour avoir plus d'information sur les formats "
|
3582 |
+
"disponibles."
|
3583 |
+
|
3584 |
+
#: lib/nf_sub_livelog.php:277
|
3585 |
+
msgid "Display"
|
3586 |
+
msgstr "Afficher"
|
3587 |
+
|
3588 |
+
#: lib/nf_sub_livelog.php:280 ninjafirewall.php:1358
|
3589 |
+
msgid "HTTP and HTTPS traffic (default)"
|
3590 |
+
msgstr "Trafic HTTP et HTTPS (défaut)"
|
3591 |
+
|
3592 |
+
#: lib/nf_sub_livelog.php:281 ninjafirewall.php:1359
|
3593 |
+
msgid "HTTP traffic only"
|
3594 |
+
msgstr "Trafic HTTP uniquement"
|
3595 |
+
|
3596 |
+
#: lib/nf_sub_livelog.php:282 ninjafirewall.php:1360
|
3597 |
+
msgid "HTTPS traffic only"
|
3598 |
+
msgstr "Trafic HTTPS uniquement"
|
3599 |
+
|
3600 |
+
#: lib/nf_sub_livelog.php:287
|
3601 |
+
msgid "Timezone"
|
3602 |
+
msgstr "Fuseau horaire"
|
3603 |
+
|
3604 |
+
#: lib/nf_sub_livelog.php:302
|
3605 |
+
msgid "Save Live Log Options"
|
3606 |
+
msgstr "Sauvegarder les options"
|
3607 |
+
|
3608 |
+
#: lib/nf_sub_livelog.php:326
|
3609 |
+
msgid "Error: please enter the custom log format."
|
3610 |
+
msgstr "Erreur : veuillez entrer le format d'affichage."
|
3611 |
+
|
3612 |
+
#: lib/nf_sub_log.php:34
|
3613 |
+
#, php-format
|
3614 |
+
msgid ""
|
3615 |
+
"the current month log (%s) is not writable. Please chmod it and its parent "
|
3616 |
+
"directory to 0777"
|
3617 |
+
msgstr ""
|
3618 |
+
"le fichier du journal (%s) est en lecture seule. Veuillez changer ses "
|
3619 |
+
"permissions ainsi que celles du répertoire parent (par ex. 0777)"
|
3620 |
+
|
3621 |
+
#: lib/nf_sub_log.php:36
|
3622 |
+
#, php-format
|
3623 |
+
msgid "the log directory (%s) is not writable. Please chmod it to 0777"
|
3624 |
+
msgstr ""
|
3625 |
+
"le répertoire du journal (%s) est en lecture seule. Veuillez changer ses "
|
3626 |
+
"permissions (par ex. 0777)"
|
3627 |
+
|
3628 |
+
#: lib/nf_sub_log.php:48
|
3629 |
+
msgid "Your public key has been deleted"
|
3630 |
+
msgstr "Votre clé publique a été supprimée"
|
3631 |
+
|
3632 |
+
#: lib/nf_sub_log.php:50
|
3633 |
+
msgid "Your public key has been saved"
|
3634 |
+
msgstr "Votre clé publique a été sauvegardée"
|
3635 |
+
|
3636 |
+
#: lib/nf_sub_log.php:82
|
3637 |
+
msgid "Error"
|
3638 |
+
msgstr "Erreur"
|
3639 |
+
|
3640 |
+
#: lib/nf_sub_log.php:89
|
3641 |
+
msgid "Note"
|
3642 |
+
msgstr "Notice"
|
3643 |
+
|
3644 |
+
#: lib/nf_sub_log.php:89
|
3645 |
+
#, php-format
|
3646 |
+
msgid "your log has %s lines. I will display the last %s lines only."
|
3647 |
+
msgstr ""
|
3648 |
+
"votre journal contient %s lignes. Seules les %s dernières lignes vont être "
|
3649 |
+
"affichées."
|
3650 |
+
|
3651 |
+
#: lib/nf_sub_log.php:93
|
3652 |
+
msgid "Viewing:"
|
3653 |
+
msgstr "Journal :"
|
3654 |
+
|
3655 |
+
#: lib/nf_sub_log.php:100
|
3656 |
+
msgid "bytes"
|
3657 |
+
msgstr "octets"
|
3658 |
+
|
3659 |
+
#: lib/nf_sub_log.php:137 lib/nf_sub_log.php:281
|
3660 |
+
msgid "The selected log is empty."
|
3661 |
+
msgstr "Le journal sélectionné est vide."
|
3662 |
+
|
3663 |
+
#: lib/nf_sub_log.php:143
|
3664 |
+
msgid "The log is rotated monthly"
|
3665 |
+
msgstr ""
|
3666 |
+
"NinjaFirewall effectue une rotation automatique du journal le premier jour "
|
3667 |
+
"de chaque mois."
|
3668 |
+
|
3669 |
+
#: lib/nf_sub_log.php:166
|
3670 |
+
msgid "Enter your public key (optional)"
|
3671 |
+
msgstr "Entrez votre clé publique (optionnel)"
|
3672 |
+
|
3673 |
+
#: lib/nf_sub_log.php:169
|
3674 |
+
#, php-format
|
3675 |
+
msgid ""
|
3676 |
+
"<a href=\"%s\">Consult our blog</a> if you want to enable centralized "
|
3677 |
+
"logging."
|
3678 |
+
msgstr ""
|
3679 |
+
"Veuillez <a href=\"%s\">consulter notre blog</a> afin d'activer la "
|
3680 |
+
"Centralisation des Logs."
|
3681 |
+
|
3682 |
+
#: lib/nf_sub_log.php:176
|
3683 |
+
msgid "Save Public Key"
|
3684 |
+
msgstr "Sauvegarder la clé publique"
|
3685 |
+
|
3686 |
+
#: lib/nf_sub_log.php:178
|
3687 |
+
msgid "Delete Public Key"
|
3688 |
+
msgstr "Supprimer la clé publique"
|
3689 |
+
|
3690 |
+
#: lib/nf_sub_log.php:197
|
3691 |
+
msgid "Your public key is not valid."
|
3692 |
+
msgstr "Votre clé publique n\\'est pas valide."
|
3693 |
+
|
3694 |
+
#: lib/nf_sub_log.php:260
|
3695 |
+
msgid "The requested log does not exist."
|
3696 |
+
msgstr "Le journal demandé n'existe pas."
|
3697 |
+
|
3698 |
+
#: lib/nf_sub_log.php:267
|
3699 |
+
msgid "Unable to open the log for read operation."
|
3700 |
+
msgstr "Impossible de lire le journal."
|
3701 |
+
|
3702 |
+
#: lib/nf_sub_malwarescan.php:25 ninjafirewall.php:829
|
3703 |
+
msgid "Anti-Malware"
|
3704 |
+
msgstr "Anti-Malware"
|
3705 |
+
|
3706 |
+
#: lib/nf_sub_malwarescan.php:27
|
3707 |
+
msgid ""
|
3708 |
+
"Oops...! We have removed the \"Anti-Malware\" from NinjaFirewall. Instead, "
|
3709 |
+
"we have now a brand new and much better antivirus plugin:"
|
3710 |
+
msgstr ""
|
3711 |
+
"Oops...! Nous avons supprimé l'option \"Anti-Malware \" de NinjaFirewall. À "
|
3712 |
+
"la place, nous avons maintenant un tout nouveau plugin antivirus :"
|
3713 |
+
|
3714 |
+
#: lib/nf_sub_malwarescan.php:29
|
3715 |
+
#, php-format
|
3716 |
+
msgid ""
|
3717 |
+
"It is awesome and includes many great features: <a href=\"%s\">check it out!"
|
3718 |
+
"</a>"
|
3719 |
+
msgstr ""
|
3720 |
+
"Il est beaucoup mieux et comprend de nombreuses fonctionnalités : <a href="
|
3721 |
+
"\"%s\">En savoir plus</a>."
|
3722 |
+
|
3723 |
+
#: lib/nf_sub_malwarescan.php:30
|
3724 |
+
msgid "Download it from wordpress.org!"
|
3725 |
+
msgstr "Téléchargez -le sur wordpress.org !"
|
3726 |
+
|
3727 |
+
#: lib/nf_sub_malwarescan.php:32
|
3728 |
+
msgid ""
|
3729 |
+
"After installing NinjaScanner, click on \"NinjaScanner > Settings > "
|
3730 |
+
"Advanced Users Settings\" and enable the \"Integrate NinjaScanner with "
|
3731 |
+
"NinjaFirewall\" option. That will replace this page with NinjaScanner's own "
|
3732 |
+
"menu instead:"
|
3733 |
+
msgstr ""
|
3734 |
+
"Après avoir installé NinjaScanner, cliquez sur \"NinjaScanner > Réglages "
|
3735 |
+
"> Paramètres Utilisateurs Avancés\" et activez l'option \"Intégrer "
|
3736 |
+
"NinjaScanner au menu de NinjaFirewall\". Cela remplacera cette page par le "
|
3737 |
+
"propre menu de NinjaScanner :"
|
3738 |
+
|
3739 |
+
#: lib/nf_sub_options.php:35
|
3740 |
+
msgid "CSS style sheets"
|
3741 |
+
msgstr "des feuilles de style CSS"
|
3742 |
+
|
3743 |
+
#: lib/nf_sub_options.php:38
|
3744 |
+
msgid "Javascript code"
|
3745 |
+
msgstr "du code Javascript"
|
3746 |
+
|
3747 |
+
#: lib/nf_sub_options.php:41
|
3748 |
+
#, php-format
|
3749 |
+
msgid ""
|
3750 |
+
"Your message seems to contain %s. For security reasons, it cannot be "
|
3751 |
+
"previewed from the admin dashboard."
|
3752 |
+
msgstr ""
|
3753 |
+
"Votre message semble contenir %s. Pour des raisons de sécurité, il ne peut "
|
3754 |
+
"pas être prévisualisé à partir du Tableau de Bord d'administration."
|
3755 |
+
|
3756 |
+
#: lib/nf_sub_options.php:46
|
3757 |
+
msgid "Refresh preview"
|
3758 |
+
msgstr "Réactualiser"
|
3759 |
+
|
3760 |
+
#: lib/nf_sub_options.php:55 ninjafirewall.php:807
|
3761 |
+
msgid "Firewall Options"
|
3762 |
+
msgstr "Options du Pare-feu"
|
3763 |
+
|
3764 |
+
#: lib/nf_sub_options.php:84 lib/nf_sub_options.php:93
|
3765 |
+
#: lib/nf_sub_options.php:108 lib/nf_sub_options.php:118 ninjafirewall.php:988
|
3766 |
+
#: ninjafirewall.php:1127
|
3767 |
+
msgid "Enabled"
|
3768 |
+
msgstr "Activé"
|
3769 |
+
|
3770 |
+
#: lib/nf_sub_options.php:85 lib/nf_sub_options.php:94
|
3771 |
+
msgid "Disabled"
|
3772 |
+
msgstr "Désactivé"
|
3773 |
+
|
3774 |
+
#: lib/nf_sub_options.php:95 lib/nf_sub_options.php:110
|
3775 |
+
msgid "Warning: your site is not protected!"
|
3776 |
+
msgstr "Attention, votre site n'est pas protégé !"
|
3777 |
+
|
3778 |
+
#: lib/nf_sub_options.php:109 lib/nf_sub_options.php:119
|
3779 |
+
msgid "Disabled (default)"
|
3780 |
+
msgstr "Désactivé (défaut)"
|
3781 |
+
|
3782 |
+
#: lib/nf_sub_options.php:131
|
3783 |
+
msgid "HTTP error code to return"
|
3784 |
+
msgstr "Code HTTP à retourner"
|
3785 |
+
|
3786 |
+
#: lib/nf_sub_options.php:135
|
3787 |
+
msgid "400 Bad Request"
|
3788 |
+
msgstr "400 Bad Request"
|
3789 |
+
|
3790 |
+
#: lib/nf_sub_options.php:136
|
3791 |
+
msgid "403 Forbidden (default)"
|
3792 |
+
msgstr "403 Forbidden (défaut)"
|
3793 |
+
|
3794 |
+
#: lib/nf_sub_options.php:137
|
3795 |
+
msgid "404 Not Found"
|
3796 |
+
msgstr "404 Not Found"
|
3797 |
+
|
3798 |
+
#: lib/nf_sub_options.php:138
|
3799 |
+
msgid "406 Not Acceptable"
|
3800 |
+
msgstr "406 Not Acceptable"
|
3801 |
+
|
3802 |
+
#: lib/nf_sub_options.php:139
|
3803 |
+
msgid "500 Internal Server Error"
|
3804 |
+
msgstr "500 Internal Server Error"
|
3805 |
+
|
3806 |
+
#: lib/nf_sub_options.php:140
|
3807 |
+
msgid "503 Service Unavailable"
|
3808 |
+
msgstr "503 Service Unavailable"
|
3809 |
+
|
3810 |
+
#: lib/nf_sub_options.php:147
|
3811 |
+
msgid "Blocked user message"
|
3812 |
+
msgstr "Message pour les utilisateurs bloqués"
|
3813 |
+
|
3814 |
+
#: lib/nf_sub_options.php:158
|
3815 |
+
msgid "Preview message"
|
3816 |
+
msgstr "Prévisualiser"
|
3817 |
+
|
3818 |
+
#: lib/nf_sub_options.php:158
|
3819 |
+
msgid "Default message"
|
3820 |
+
msgstr "Message par défaut"
|
3821 |
+
|
3822 |
+
#: lib/nf_sub_options.php:171
|
3823 |
+
msgid "Export configuration"
|
3824 |
+
msgstr "Exporter la configuration"
|
3825 |
+
|
3826 |
+
#: lib/nf_sub_options.php:173
|
3827 |
+
msgid "Download"
|
3828 |
+
msgstr "Télécharger"
|
3829 |
+
|
3830 |
+
#: lib/nf_sub_options.php:173
|
3831 |
+
msgid "File Check configuration will not be exported/imported."
|
3832 |
+
msgstr ""
|
3833 |
+
"La configuration de \"File Check\" ne peut pas être importée ou exportée."
|
3834 |
+
|
3835 |
+
#: lib/nf_sub_options.php:176
|
3836 |
+
msgid "Import configuration"
|
3837 |
+
msgstr "Importer la configuration"
|
3838 |
+
|
3839 |
+
#: lib/nf_sub_options.php:179
|
3840 |
+
#, php-format
|
3841 |
+
msgid "Imported configuration must match plugin version %s."
|
3842 |
+
msgstr "La fichier importé doit être compatible avec la version %s."
|
3843 |
+
|
3844 |
+
#: lib/nf_sub_options.php:180
|
3845 |
+
msgid "It will override all your current firewall options and rules."
|
3846 |
+
msgstr "Il remplacera toutes vos options et règles de pare-feu en vigueur."
|
3847 |
+
|
3848 |
+
#: lib/nf_sub_options.php:186
|
3849 |
+
msgid "Save Firewall Options"
|
3850 |
+
msgstr "Sauvegarder les options"
|
3851 |
+
|
3852 |
+
#: lib/nf_sub_options.php:311
|
3853 |
+
#, php-format
|
3854 |
+
msgid "Uploaded file is either corrupted or its format is not supported (#%s)"
|
3855 |
+
msgstr ""
|
3856 |
+
"Le fichier importé est illisible ou son format n'est pas supporté (#%s)"
|
3857 |
+
|
3858 |
+
#: lib/nf_sub_options.php:335
|
3859 |
+
msgid "The imported file is not compatible with that version of NinjaFirewall"
|
3860 |
+
msgstr ""
|
3861 |
+
"Le fichier importé n'est pas compatible avec cette version de NinjaFirewall"
|
3862 |
+
|
3863 |
+
#: lib/nf_sub_options.php:457
|
3864 |
+
msgid "[NinjaFirewall] Alert: Firewall is disabled"
|
3865 |
+
msgstr "[NinjaFirewall] Alerte : Le pare-feu a été désactivé"
|
3866 |
+
|
3867 |
+
#: lib/nf_sub_options.php:459 lib/nf_sub_options.php:461 ninjafirewall.php:564
|
3868 |
+
#: ninjafirewall.php:566 ninjafirewall.php:690 ninjafirewall.php:692
|
3869 |
+
#: ninjafirewall.php:3449 ninjafirewall.php:3451
|
3870 |
+
msgid "-Blog :"
|
3871 |
+
msgstr "- Blog :"
|
3872 |
+
|
3873 |
+
#: lib/nf_sub_options.php:465
|
3874 |
+
msgid "Someone disabled NinjaFirewall from your WordPress admin dashboard:"
|
3875 |
+
msgstr ""
|
3876 |
+
"Quelqu'un a désactivé NinjaFirewall depuis votre Tableau de bord de "
|
3877 |
+
"WordPress :"
|
3878 |
+
|
3879 |
+
#: lib/nf_sub_options.php:468
|
3880 |
+
msgid ""
|
3881 |
+
"NinjaFirewall is disabled because someone enabled debugging mode from your "
|
3882 |
+
"WordPress admin dashboard:"
|
3883 |
+
msgstr ""
|
3884 |
+
"NinjaFirewall est désactivé car quelqu'un activé son \"Mode débogage\" "
|
3885 |
+
"depuis votre tableau de bord de WordPress :"
|
3886 |
+
|
3887 |
+
#: lib/nf_sub_options.php:471
|
3888 |
+
msgid "[NinjaFirewall] Alert: Firewall override settings"
|
3889 |
+
msgstr "[NinjaFirewall] Alerte : Modification des paramètres du pare-feu"
|
3890 |
+
|
3891 |
+
#: lib/nf_sub_options.php:472
|
3892 |
+
msgid ""
|
3893 |
+
"Someone imported a new configuration which overrode the firewall settings:"
|
3894 |
+
msgstr ""
|
3895 |
+
"Quelqu'un a importé une nouvelle configuration qui a modifié tous les "
|
3896 |
+
"paramètres du pare-feu :"
|
3897 |
+
|
3898 |
+
#: lib/nf_sub_options.php:478 ninjafirewall.php:698 ninjafirewall.php:3456
|
3899 |
+
msgid "-User :"
|
3900 |
+
msgstr "- Nom :"
|
3901 |
+
|
3902 |
+
#: lib/nf_sub_options.php:479 ninjafirewall.php:699 ninjafirewall.php:3457
|
3903 |
+
msgid "-IP :"
|
3904 |
+
msgstr "- IP :"
|
3905 |
+
|
3906 |
+
#: lib/nf_sub_options.php:480 ninjafirewall.php:573 ninjafirewall.php:700
|
3907 |
+
#: ninjafirewall.php:3458
|
3908 |
+
msgid "-Date :"
|
3909 |
+
msgstr "- Date :"
|
3910 |
+
|
3911 |
+
#: lib/nf_sub_statistics.php:28 ninjafirewall.php:803
|
3912 |
+
msgid "Statistics"
|
3913 |
+
msgstr "Statistiques"
|
3914 |
+
|
3915 |
+
#: lib/nf_sub_statistics.php:75
|
3916 |
+
msgid "Cannot open logfile"
|
3917 |
+
msgstr "Impossible d'ouvrir le fichier journal"
|
3918 |
+
|
3919 |
+
#: lib/nf_sub_statistics.php:86
|
3920 |
+
msgid "You do not have any stats for the current month yet."
|
3921 |
+
msgstr "Vous n'avez pas encore de statistiques pour le mois en cours."
|
3922 |
+
|
3923 |
+
#: lib/nf_sub_statistics.php:122
|
3924 |
+
msgid "Critical"
|
3925 |
+
msgstr "Critique"
|
3926 |
+
|
3927 |
+
#: lib/nf_sub_statistics.php:128
|
3928 |
+
msgid "High"
|
3929 |
+
msgstr "Élevé"
|
3930 |
+
|
3931 |
+
#: lib/nf_sub_statistics.php:134
|
3932 |
+
msgid "Medium"
|
3933 |
+
msgstr "Moyen"
|
3934 |
+
|
3935 |
+
#: lib/nf_sub_statistics.php:148
|
3936 |
+
msgid "Average time per request"
|
3937 |
+
msgstr "Durée moyenne par requête"
|
3938 |
+
|
3939 |
+
#: lib/nf_sub_statistics.php:152
|
3940 |
+
msgid "Fastest request"
|
3941 |
+
msgstr "Requête la plus rapide"
|
3942 |
+
|
3943 |
+
#: lib/nf_sub_statistics.php:156
|
3944 |
+
msgid "Slowest request"
|
3945 |
+
msgstr "Requête la plus lente"
|
3946 |
+
|
3947 |
+
#: lib/nf_sub_statistics.php:184
|
3948 |
+
msgid "Select monthly stats to view..."
|
3949 |
+
msgstr "Sélectionnez les statistiques à afficher"
|
3950 |
+
|
3951 |
+
#: lib/nf_sub_updates.php:81
|
3952 |
+
msgid "Security rules cannot be updated when NinjaFirewall is disabled."
|
3953 |
+
msgstr ""
|
3954 |
+
"Les règles de sécurité ne peuvent pas être mises à jour quand NinjaFirewall "
|
3955 |
+
"est désactivé."
|
3956 |
+
|
3957 |
+
#: lib/nf_sub_updates.php:93
|
3958 |
+
msgid "Security rules have been updated."
|
3959 |
+
msgstr "Les règles de sécurité ont été mises à jour."
|
3960 |
+
|
3961 |
+
#: lib/nf_sub_updates.php:95 lib/nf_sub_updates.php:442
|
3962 |
+
msgid "No update available."
|
3963 |
+
msgstr "Aucune mise à jour disponible."
|
3964 |
+
|
3965 |
+
#: lib/nf_sub_updates.php:144
|
3966 |
+
msgid "Automatically update NinjaFirewall security rules"
|
3967 |
+
msgstr "Activer la mise à jour automatique des règles de sécurité"
|
3968 |
+
|
3969 |
+
#: lib/nf_sub_updates.php:149 ninjafirewall.php:1226 ninjafirewall.php:1705
|
3970 |
+
#: ninjafirewall.php:1748 ninjafirewall.php:1768 ninjafirewall.php:1819
|
3971 |
+
#: ninjafirewall.php:1864 ninjafirewall.php:1874 ninjafirewall.php:1884
|
3972 |
+
#: ninjafirewall.php:1927 ninjafirewall.php:1970 ninjafirewall.php:1990
|
3973 |
+
#: ninjafirewall.php:2171 ninjafirewall.php:2227 ninjafirewall.php:2237
|
3974 |
+
#: ninjafirewall.php:2247 ninjafirewall.php:2257 ninjafirewall.php:2304
|
3975 |
+
#: ninjafirewall.php:2314 ninjafirewall.php:2891 ninjafirewall.php:3006
|
3976 |
+
msgid "No"
|
3977 |
+
msgstr "Non"
|
3978 |
+
|
3979 |
+
#: lib/nf_sub_updates.php:158
|
3980 |
+
#, php-format
|
3981 |
+
msgid ""
|
3982 |
+
"It seems that %s is enabled. Ensure you have another way to run WP-Cron, "
|
3983 |
+
"otherwise NinjaFirewall automatic updates will not work."
|
3984 |
+
msgstr ""
|
3985 |
+
"Il semble que %s est activé. Assurez vous de pouvoir exécuter WP-Cron, sinon "
|
3986 |
+
"les mises à jour automatiques ne pourront pas être effectuées."
|
3987 |
+
|
3988 |
+
#: lib/nf_sub_updates.php:165
|
3989 |
+
msgid "Check for updates"
|
3990 |
+
msgstr "Vérifier les mises à jour"
|
3991 |
+
|
3992 |
+
#: lib/nf_sub_updates.php:176
|
3993 |
+
#, php-format
|
3994 |
+
msgid ""
|
3995 |
+
"Next scheduled update will start in approximately %s day, %s hour(s), %s "
|
3996 |
+
"minute(s) and %s seconds."
|
3997 |
+
msgstr ""
|
3998 |
+
"La prochaine vérification des mises à jour aura lieu dans %s jour, %s "
|
3999 |
+
"heure(s), %s minute(s) et %s secondes."
|
4000 |
+
|
4001 |
+
#: lib/nf_sub_updates.php:183
|
4002 |
+
msgid ""
|
4003 |
+
"The next scheduled date is in the past! WordPress wp-cron may not be working "
|
4004 |
+
"or may have been disabled."
|
4005 |
+
msgstr ""
|
4006 |
+
"La date de la prochaine vérification des mises à jour est dans le "
|
4007 |
+
"passé ! Essayez de recharger cette page, sinon vérifiez que WP-Cron n'a "
|
4008 |
+
"pas été désactivé."
|
4009 |
+
|
4010 |
+
#: lib/nf_sub_updates.php:191
|
4011 |
+
msgid "Notification"
|
4012 |
+
msgstr "Notification"
|
4013 |
+
|
4014 |
+
#: lib/nf_sub_updates.php:193
|
4015 |
+
msgid "Send me a report by email when security rules have been updated."
|
4016 |
+
msgstr ""
|
4017 |
+
"Envoyez-moi un rapport par e-mail lorsque les règles de sécurité ont été "
|
4018 |
+
"mises à jour."
|
4019 |
+
|
4020 |
+
#: lib/nf_sub_updates.php:194
|
4021 |
+
msgid ""
|
4022 |
+
"Reports will be sent to the contact email address defined in the Event "
|
4023 |
+
"Notifications menu."
|
4024 |
+
msgstr ""
|
4025 |
+
"Les rapports seront envoyés à l'adresse e-mail définie dans la page "
|
4026 |
+
"\"Notifications d'Événement\"."
|
4027 |
+
|
4028 |
+
#: lib/nf_sub_updates.php:201
|
4029 |
+
msgid "Save Updates Options"
|
4030 |
+
msgstr "Sauvegarder les options"
|
4031 |
+
|
4032 |
+
#: lib/nf_sub_updates.php:201
|
4033 |
+
msgid "Check For Updates Now!"
|
4034 |
+
msgstr "Vérifier les mises à jour maintenant ! "
|
4035 |
+
|
4036 |
+
#: lib/nf_sub_updates.php:210
|
4037 |
+
msgid "The updates log is currently empty."
|
4038 |
+
msgstr "Le journal des mises à jour est vide."
|
4039 |
+
|
4040 |
+
#: lib/nf_sub_updates.php:218
|
4041 |
+
msgid "Updates Log"
|
4042 |
+
msgstr "Journal des mises à jour"
|
4043 |
+
|
4044 |
+
#: lib/nf_sub_updates.php:227
|
4045 |
+
msgid "Delete Log"
|
4046 |
+
msgstr "Supprimer le journal"
|
4047 |
+
|
4048 |
+
#: lib/nf_sub_updates.php:233
|
4049 |
+
msgid "Log is flushed automatically."
|
4050 |
+
msgstr "Le journal est purgé automatiquement."
|
4051 |
+
|
4052 |
+
#: lib/nf_sub_updates.php:329
|
4053 |
+
msgid "Error: Wrong rules format."
|
4054 |
+
msgstr "Erreur : Le format des règles téléchargées ne correspond pas."
|
4055 |
+
|
4056 |
+
#: lib/nf_sub_updates.php:338
|
4057 |
+
msgid "Error: Unable to unserialize the new rules."
|
4058 |
+
msgstr ""
|
4059 |
+
"Erreur : Impossible d'extraire les règles du fichier téléchargé (unable to "
|
4060 |
+
"unserialize the new rules)."
|
4061 |
+
|
4062 |
+
#: lib/nf_sub_updates.php:346
|
4063 |
+
msgid "Error: Unserialized rules seem corrupted."
|
4064 |
+
msgstr ""
|
4065 |
+
"Erreur : Le fichier des règles téléchargé semblent corrompu (unserialized "
|
4066 |
+
"rules seem corrupted)."
|
4067 |
+
|
4068 |
+
#: lib/nf_sub_updates.php:386
|
4069 |
+
#, php-format
|
4070 |
+
msgid "Security rules updated to version %s."
|
4071 |
+
msgstr "Les règles de sécurité ont été mises à jour vers la version %s."
|
4072 |
+
|
4073 |
+
#: lib/nf_sub_updates.php:422
|
4074 |
+
msgid ""
|
4075 |
+
"Error: Your version of NinjaFirewall is too old and is not compatible with "
|
4076 |
+
"those rules. Please upgrade it."
|
4077 |
+
msgstr ""
|
4078 |
+
"Erreur : Votre version de NinjaFirewall est trop ancienne et n'est pas "
|
4079 |
+
"compatible avec ces règles de sécurité. Mettez à jour NinjaFirewall."
|
4080 |
+
|
4081 |
+
#: lib/nf_sub_updates.php:431
|
4082 |
+
msgid "Error: Unable to retrieve the new rules version."
|
4083 |
+
msgstr "Erreur : Impossible de récupérer la nouvelle version des règles."
|
4084 |
+
|
4085 |
+
#: lib/nf_sub_updates.php:449
|
4086 |
+
#, php-format
|
4087 |
+
msgid "Error: Server returned a %s HTTP error code (#1)."
|
4088 |
+
msgstr "Erreur : Le serveur a retourné un code d'erreur HTTP %s (#1)."
|
4089 |
+
|
4090 |
+
#: lib/nf_sub_updates.php:456 lib/nf_sub_updates.php:506
|
4091 |
+
msgid "Error: Unable to connect to the remote server"
|
4092 |
+
msgstr "Erreur : Impossible de se connecter au serveur distant"
|
4093 |
+
|
4094 |
+
#: lib/nf_sub_updates.php:486
|
4095 |
+
#, php-format
|
4096 |
+
msgid "Error: The new rules versions do not match (%s != %s)."
|
4097 |
+
msgstr ""
|
4098 |
+
"Erreur : La versions des nouvelles règles ne correspond pas (%s != %s)."
|
4099 |
+
|
4100 |
+
#: lib/nf_sub_updates.php:499
|
4101 |
+
#, php-format
|
4102 |
+
msgid "Error: Server returned a %s HTTP error code (#2)."
|
4103 |
+
msgstr "Erreur : Le serveur a retourné un code d'erreur HTTP %s (#2)."
|
4104 |
+
|
4105 |
+
#: lib/nf_sub_updates.php:539
|
4106 |
+
msgid "[NinjaFirewall] Security rules update"
|
4107 |
+
msgstr "[NinjaFirewall] Mise à jour des règles de sécurité"
|
4108 |
+
|
4109 |
+
#: lib/nf_sub_updates.php:540
|
4110 |
+
msgid "NinjaFirewall security rules have been updated:"
|
4111 |
+
msgstr "Les règles de sécurité de NinjaFirewall ont été mises à jour :"
|
4112 |
+
|
4113 |
+
#: lib/nf_sub_updates.php:546
|
4114 |
+
msgid "Rules version:"
|
4115 |
+
msgstr "Version des règles :"
|
4116 |
+
|
4117 |
+
#: lib/nf_sub_updates.php:548
|
4118 |
+
msgid ""
|
4119 |
+
"This notification can be turned off from NinjaFirewall \"Updates\" page."
|
4120 |
+
msgstr ""
|
4121 |
+
"Cette notification peut être désactivée depuis la page \"Mises à Jour\" de "
|
4122 |
+
"NinjaFirewall."
|
4123 |
+
|
4124 |
+
#: lib/nf_sub_wplus.php:34
|
4125 |
+
msgid "Need more security? Check out NinjaFirewall"
|
4126 |
+
msgstr "Besoin de plus de sécurité ? Venez découvrir NinjaFirewall"
|
4127 |
+
|
4128 |
+
#. translators: [NinjaFirewall] is a supercharged Edition...
|
4129 |
+
#: lib/nf_sub_wplus.php:38
|
4130 |
+
msgid ""
|
4131 |
+
"is a supercharged Edition of our Web Application Firewall. It adds many new "
|
4132 |
+
"exciting features and blazing fast performances to make it the fastest and "
|
4133 |
+
"most advanced security plugin for WordPress."
|
4134 |
+
msgstr ""
|
4135 |
+
"est une version encore plus musclée de notre pare-feu applicatif. Elle offre "
|
4136 |
+
"de meilleures performances et contient de nouvelles fonctionnalités qui en "
|
4137 |
+
"font l'extension de sécurité pour WordPress la plus avancée et puissante sur "
|
4138 |
+
"le marché."
|
4139 |
+
|
4140 |
+
#: lib/nf_sub_wplus.php:43
|
4141 |
+
msgid "Access Control"
|
4142 |
+
msgstr "Contrôle d'Accès"
|
4143 |
+
|
4144 |
+
#: lib/nf_sub_wplus.php:44
|
4145 |
+
msgid ""
|
4146 |
+
"<b>Access Control</b> is a powerful set of directives that can be used to "
|
4147 |
+
"allow or restrict access to your blog, depending on the <strong>User Role</"
|
4148 |
+
"strong>, <strong>IP</strong>, <strong>Geolocation</strong>, "
|
4149 |
+
"<strong>Requested URL</strong>, <strong>User-agent</strong> and visitors "
|
4150 |
+
"behavior (<strong>Rate Limiting</strong>). Those directives will be "
|
4151 |
+
"processed before the Firewall Policies and NinjaFirewall's built-in security "
|
4152 |
+
"rules."
|
4153 |
+
msgstr ""
|
4154 |
+
"Le <b>Contrôle d'Accès</b> est un puissant ensemble de directives qui peut "
|
4155 |
+
"être utilisé pour autoriser ou restreindre l'accès à votre blog selon de "
|
4156 |
+
"nombreux critères : <strong>Rôle</strong> de l'utilisateur, "
|
4157 |
+
"<strong>adresse IP</strong>, <strong>Géolocalisation</strong>, <strong>URL "
|
4158 |
+
"demandée</strong>, <strong>User-agent</strong> et le comportement des "
|
4159 |
+
"visiteurs (<strong>Limitation du trafic</strong>). "
|
4160 |
+
|
4161 |
+
#: lib/nf_sub_wplus.php:46
|
4162 |
+
msgid ""
|
4163 |
+
"Its main configuration allows you to whitelist WordPress users depending on "
|
4164 |
+
"their roles, to select the source IP (useful if your site is using a CDN or "
|
4165 |
+
"behind a reverse-proxy/load balancer), and the HTTP methods all directives "
|
4166 |
+
"should apply to:"
|
4167 |
+
msgstr ""
|
4168 |
+
"Sa configuration principale vous permet de créer une liste blanche des "
|
4169 |
+
"utilisateurs de WordPress en fonction de leurs rôles, de sélectionner "
|
4170 |
+
"l'adresse IP source (utile si votre site utilise un CDN ou un équilibreur de "
|
4171 |
+
"charge), et les méthodes HTTP auxquelles s'appliqueront toutes les "
|
4172 |
+
"directives :"
|
4173 |
+
|
4174 |
+
#: lib/nf_sub_wplus.php:51
|
4175 |
+
msgid ""
|
4176 |
+
"<b>Access Control</b> can use geolocation to block visitors from specific "
|
4177 |
+
"countries. It can apply to the whole blog or only to specific folders or "
|
4178 |
+
"scripts (e.g., /wp-login.php, /xmlrpc.php etc). If you have a theme or a "
|
4179 |
+
"plugin that needs to know your visitors location, you can even ask "
|
4180 |
+
"NinjaFirewall to append the country code to the PHP headers:"
|
4181 |
+
msgstr ""
|
4182 |
+
"Le <b>Contrôle d'Accès</b> peut utiliser la géolocalisation pour bloquer les "
|
4183 |
+
"visiteurs en provenance de pays spécifiques. Il peut s'appliquer à tout le "
|
4184 |
+
"site ou bien à certains scripts ou répertoires uniquement (ex: /wp-login."
|
4185 |
+
"php, xmlrpc.php etc). Si vous avez un thème ou une extension qui nécessite "
|
4186 |
+
"de géolocaliser vos visiteurs, vous pouvez même demander à NinjaFirewall "
|
4187 |
+
"d’insérer le code à deux lettres du pays dans les en-têtes PHP :"
|
4188 |
+
|
4189 |
+
#: lib/nf_sub_wplus.php:56
|
4190 |
+
msgid ""
|
4191 |
+
"<b>Access Control</b> can be used to whitelist/blacklist an IP or any part "
|
4192 |
+
"of it. NinjaFirewall natively supports IPv4 and IPv6 protocols, for both "
|
4193 |
+
"public and private addresses:"
|
4194 |
+
msgstr ""
|
4195 |
+
"Le <b>Contrôle d'Accès</b> peut immédiatement accepter ou bloquer une "
|
4196 |
+
"adresse IP ou une partie de celle-ci. NinjaFirewall est compatible avec "
|
4197 |
+
"l'IPv4 et l'IPv6 :"
|
4198 |
+
|
4199 |
+
#: lib/nf_sub_wplus.php:61
|
4200 |
+
msgid ""
|
4201 |
+
"<b>Access Control</b> can slow down aggressive bots, crawlers, web scrapers "
|
4202 |
+
"or even small HTTP attacks with its <strong>Rate-Limiting</strong> feature."
|
4203 |
+
msgstr ""
|
4204 |
+
"Le <b>Contrôle d'Accès</b> vous permet de ralentir les bots, crawlers, web "
|
4205 |
+
"scrapers ou même de petites attaques HTTP avec son option <strong>Limiter le "
|
4206 |
+
"trafic</strong>."
|
4207 |
+
|
4208 |
+
#: lib/nf_sub_wplus.php:63
|
4209 |
+
msgid ""
|
4210 |
+
"Because it can block attackers <strong>before WordPress and all its plugins "
|
4211 |
+
"are loaded</strong> and can handle thousands of HTTP requests per second, "
|
4212 |
+
"NinjaFirewall will save precious bandwidth and reduce your server load."
|
4213 |
+
msgstr ""
|
4214 |
+
"Parce qu'il peut bloquer les attaques <strong>avant que WordPress et ses "
|
4215 |
+
"extensions ne soient chargés</strong> et peut gérer un très grand nombre de "
|
4216 |
+
"requêtes HTTP par seconde, NinjaFirewall vous fera économiser de la bande "
|
4217 |
+
"passante et permettra de réduire la charge du serveur."
|
4218 |
+
|
4219 |
+
#: lib/nf_sub_wplus.php:68
|
4220 |
+
msgid ""
|
4221 |
+
"<b>URL Access Control</b> lets you permanently allow/block any access to one "
|
4222 |
+
"or more PHP scripts based on their path or name:"
|
4223 |
+
msgstr ""
|
4224 |
+
"Le <b>Contrôle d'accès par URL</b> vous permet d'autoriser / bloquer tout "
|
4225 |
+
"accès à un ou plusieurs scripts PHP basé sur leur chemin ou leur nom :"
|
4226 |
+
|
4227 |
+
#: lib/nf_sub_wplus.php:73
|
4228 |
+
msgid ""
|
4229 |
+
"<b>Bots Access Control</b> allows you block bots, scanners and various "
|
4230 |
+
"annoying crawlers:"
|
4231 |
+
msgstr ""
|
4232 |
+
"Avec le <b>Contrôle d'accès par Bot</b> vous pouvez bloquer les robots, "
|
4233 |
+
"scanners et autres robots ennuyeux :"
|
4234 |
+
|
4235 |
+
#: lib/nf_sub_wplus.php:79
|
4236 |
+
msgid ""
|
4237 |
+
"If NinjaFirewall can hook and scan incoming requests, the <b><font color="
|
4238 |
+
"\"#21759B\">WP+</font> Edition</b> can also hook the response body (i.e., "
|
4239 |
+
"the output of the HTML page right before it is sent to your visitors "
|
4240 |
+
"browser) and search it for some specific keywords. Such a filter can be "
|
4241 |
+
"useful to detect hacking or malware patterns injected into your HTML page "
|
4242 |
+
"(text strings, spam links, malicious JavaScript code), hackers shell script, "
|
4243 |
+
"redirections and even errors (PHP/MySQL errors). Some suggested keywords as "
|
4244 |
+
"well as a default list are included."
|
4245 |
+
msgstr ""
|
4246 |
+
"Si NinjaFirewall peut filtrer les requêtes HTTP entrantes, la version "
|
4247 |
+
"<b><font color=\"#21759B\">WP+</font> Edition</b> peut aussi intercepter les "
|
4248 |
+
"requêtes sortantes, c'est à dire le contenu de la page HTML juste avant que "
|
4249 |
+
"celui-ci ne soit envoyé au navigateur de l'utilisateur. Ce type de filtre "
|
4250 |
+
"est particulièrement intéressant pour détecter du code malveillant injectés "
|
4251 |
+
"dans vos pages HTML (texte, liens, code JavaScript etc), des scripts "
|
4252 |
+
"utilisés par les hackers (shell, backdoor) et même des erreurs (PHP, MySQL). "
|
4253 |
+
|
4254 |
+
#: lib/nf_sub_wplus.php:81
|
4255 |
+
msgid ""
|
4256 |
+
"In the case of a positive detection, NinjaFirewall will not block the "
|
4257 |
+
"response body but will send you an alert by email. It can even attach the "
|
4258 |
+
"whole HTML source of the page for your review:"
|
4259 |
+
msgstr ""
|
4260 |
+
"En cas de détection positive, NinjaFirewall ne bloquera pas la requête mais "
|
4261 |
+
"vous enverra immédiatement une alerte par e-mail :"
|
4262 |
+
|
4263 |
+
#: lib/nf_sub_wplus.php:86
|
4264 |
+
msgid "Antispam"
|
4265 |
+
msgstr "Antispam"
|
4266 |
+
|
4267 |
+
#: lib/nf_sub_wplus.php:87
|
4268 |
+
msgid ""
|
4269 |
+
"NinjaFirewall (<font color=\"#21759B\">WP+</font> Edition) can protect your "
|
4270 |
+
"blog comment and registration forms against spam. The protection is totally "
|
4271 |
+
"transparent to your visitors and does not require any interaction: no "
|
4272 |
+
"CAPTCHA, no math puzzles or trivia questions. Extremely easy to activate, "
|
4273 |
+
"but powerful enough to make spam bots life as miserable as possible:"
|
4274 |
+
msgstr ""
|
4275 |
+
"NinjaFirewall (<font color=\"#21759B\">WP+</font> Edition) peut protéger les "
|
4276 |
+
"formulaires de commentaire et d'inscription de votre blog contre le spam. La "
|
4277 |
+
"protection est totalement transparente pour vos visiteurs et ne nécessite ni "
|
4278 |
+
"CAPTCHA ni interaction de leur part. Extrêmement facile à activer, mais "
|
4279 |
+
"assez puissante pour ne laisser aucune chance aux spammeurs :"
|
4280 |
+
|
4281 |
+
#: lib/nf_sub_wplus.php:90
|
4282 |
+
msgid ""
|
4283 |
+
"NinjaFirewall antispam feature works only with WordPress built-in comment "
|
4284 |
+
"and registration forms."
|
4285 |
+
msgstr ""
|
4286 |
+
"L'option anti-spam de NinjaFirewall ne fonctionne qu'avec les formulaires "
|
4287 |
+
"intégrés à WordPress (commentaire et d'inscription)."
|
4288 |
+
|
4289 |
+
#: lib/nf_sub_wplus.php:95
|
4290 |
+
#, php-format
|
4291 |
+
msgid ""
|
4292 |
+
"NinjaFirewall (<font color=\"#21759B\">WP+</font> Edition) lets you remotely "
|
4293 |
+
"access the firewall log of all your NinjaFirewall protected websites from "
|
4294 |
+
"one single installation, using the <a href=\"%s\">Centralized Logging</a> "
|
4295 |
+
"feature. You do not need any longer to log in to individual servers to "
|
4296 |
+
"analyse your log data."
|
4297 |
+
msgstr ""
|
4298 |
+
"NinjaFirewall (<font color=\"#21759B\">WP+</font> Edition) vous permet "
|
4299 |
+
"d’accéder, depuis votre blog principal, au journal du pare-feu de chacun de "
|
4300 |
+
"vos sites protégés par NinjaFirewall grâce à la fonction de <a href=\"%s"
|
4301 |
+
"\">Centralisation des Logs</a>. Vous n'avez plus besoin de vous connecter à "
|
4302 |
+
"chaque site pour analyser vos journaux."
|
4303 |
+
|
4304 |
+
#: lib/nf_sub_wplus.php:97
|
4305 |
+
msgid ""
|
4306 |
+
"There is no limit to the number of websites you can connect to, and they can "
|
4307 |
+
"be running any edition of NinjaFirewall: WP, <font color=\"#21759B\">WP+</"
|
4308 |
+
"font>, Pro or <font color=\"red\">Pro+</font>."
|
4309 |
+
msgstr ""
|
4310 |
+
"Vous pouvez vous connecter à un nombre illimité de sites, quelque soit leur "
|
4311 |
+
"version de NinjaFirewall : WP, <font color=\"#21759B\">WP+</font>, Pro ou "
|
4312 |
+
"<font color=\"red\">Pro+</font>."
|
4313 |
+
|
4314 |
+
#: lib/nf_sub_wplus.php:103
|
4315 |
+
msgid "Improved features"
|
4316 |
+
msgstr "Fonctionnalités améliorées"
|
4317 |
+
|
4318 |
+
#: lib/nf_sub_wplus.php:104
|
4319 |
+
msgid "File uploads:"
|
4320 |
+
msgstr "Téléchargements :"
|
4321 |
+
|
4322 |
+
#: lib/nf_sub_wplus.php:105
|
4323 |
+
msgid ""
|
4324 |
+
"NinjaFirewall (<font color=\"#21759B\">WP+</font> Edition) makes it possible "
|
4325 |
+
"to allow uploads while rejecting potentially dangerous files: system files (."
|
4326 |
+
"htaccess, .htpasswd. PHP INI), scripts (bash/shell, PHP, Ruby, Perl/CGI, "
|
4327 |
+
"Python), C/C++ source code and Unix/Linux binary files (ELF). You can easily "
|
4328 |
+
"limit the size of each uploaded file too, without having to modify your PHP "
|
4329 |
+
"configuration:"
|
4330 |
+
msgstr ""
|
4331 |
+
"NinjaFirewall (<font color=\"#21759B\">WP+</font> Edition) vous permet "
|
4332 |
+
"d'autoriser ou d'interdire tout téléchargement de fichiers vers votre site, "
|
4333 |
+
"ou bien de bloquer uniquement les fichiers potentiellement dangereux : "
|
4334 |
+
"scripts (PHP, CGI, Ruby, Python, bash/shell), code source C/C++, ELF "
|
4335 |
+
"(fichiers exécutables pour Unix/Linux) et certains fichiers systèmes (."
|
4336 |
+
"htaccess, .htpasswd et PHP INI). Vous pouvez aussi sélectionner la taille "
|
4337 |
+
"maximale d'un fichier téléchargé, sans avoir à modifier la configuration de "
|
4338 |
+
"PHP :"
|
4339 |
+
|
4340 |
+
#: lib/nf_sub_wplus.php:110
|
4341 |
+
msgid "Firewall Log:"
|
4342 |
+
msgstr "Journal du Pare-feu :"
|
4343 |
+
|
4344 |
+
#: lib/nf_sub_wplus.php:112
|
4345 |
+
msgid ""
|
4346 |
+
"The log menu has been revamped too. You can disable the firewall log, delete "
|
4347 |
+
"the current one, enable its rotation based on the size of the file and, if "
|
4348 |
+
"any, view each rotated log separately. Quick filtering options are easily "
|
4349 |
+
"accessible from checkboxes and the log can be exported as a TSV (tab-"
|
4350 |
+
"separated values) text file."
|
4351 |
+
msgstr ""
|
4352 |
+
"Le <b>Journal du Pare-feu</b> a été remanié. Vous pouvez maintenant le "
|
4353 |
+
"désactiver, le supprimer et permettre sa rotation en vous basant sur la "
|
4354 |
+
"taille du fichier. Des options de filtrage rapides sont facilement "
|
4355 |
+
"accessibles à partir de cases à cocher et le journal peut également être "
|
4356 |
+
"exporté dans un fichier au format TSV (valeurs séparées par des "
|
4357 |
+
"tabulations) :"
|
4358 |
+
|
4359 |
+
#: lib/nf_sub_wplus.php:113
|
4360 |
+
msgid ""
|
4361 |
+
"It is also possible to redirect all incidents and events to the Syslog "
|
4362 |
+
"server:"
|
4363 |
+
msgstr ""
|
4364 |
+
"Il est également possible de rediriger tous les incidents et les événements "
|
4365 |
+
"vers le serveur Syslog :"
|
4366 |
+
|
4367 |
+
#: lib/nf_sub_wplus.php:118
|
4368 |
+
msgid "Shared Memory use:"
|
4369 |
+
msgstr "Utilisation de la mémoire partagée :"
|
4370 |
+
|
4371 |
+
#: lib/nf_sub_wplus.php:120
|
4372 |
+
#, php-format
|
4373 |
+
msgid ""
|
4374 |
+
"Although NinjaFirewall is already <a href=\"%s\">much faster than other "
|
4375 |
+
"WordPress plugins</a>, the <b><font color=\"#21759B\">WP+</font> Edition</b> "
|
4376 |
+
"brings its performance to a whole new level by using Unix shared memory in "
|
4377 |
+
"order to speed things up even more."
|
4378 |
+
msgstr ""
|
4379 |
+
"Bien que NinjaFirewall soit <a href=\"%s\">plus rapide que la plupart des "
|
4380 |
+
"autres extensions WordPress</a>, la <b><font color=\"#21759B\">WP+</font> "
|
4381 |
+
"Edition</b> améliore encore plus ses performances en utilisant la mémoire "
|
4382 |
+
"partagée."
|
4383 |
+
|
4384 |
+
#: lib/nf_sub_wplus.php:120
|
4385 |
+
msgid ""
|
4386 |
+
"This allows easier and faster inter-process communication between the "
|
4387 |
+
"firewall and the plugin part of NinjaFirewall and, because its data and "
|
4388 |
+
"configuration are stored in shared memory segments, the firewall does not "
|
4389 |
+
"need to connect to the database any longer."
|
4390 |
+
msgstr ""
|
4391 |
+
"Cela permet au pare-feu et à son extension de communiquer par segment de "
|
4392 |
+
"mémoire partagée; les données de configuration de NinjaFirewall sont "
|
4393 |
+
"stockées en mémoire et le pare-feu n'a même plus besoin de se connecter à la "
|
4394 |
+
"base de données pour y accéder."
|
4395 |
+
|
4396 |
+
#: lib/nf_sub_wplus.php:120
|
4397 |
+
msgid ""
|
4398 |
+
"This dramatically increases the processing speed (there is nothing faster "
|
4399 |
+
"than RAM), prevents blocking I/O and MySQL slow queries. On a very busy "
|
4400 |
+
"server like a multi-site network, the firewall processing speed will "
|
4401 |
+
"increase from 25% to 30%. It can be enabled from the \"Firewall Options\" "
|
4402 |
+
"menu:"
|
4403 |
+
msgstr ""
|
4404 |
+
"Cela augmente considérablement la vitesse de traitement (il n'y a rien de "
|
4405 |
+
"plus rapide que la mémoire), empêche le blocage des E/S et les requêtes "
|
4406 |
+
"lentes MySQL. Sur un serveur très sollicité comme un réseau multi-site, la "
|
4407 |
+
"vitesse de traitement de pare-feu va augmenter de 25% à 30%. Cette option "
|
4408 |
+
"peut être activé à partir de la page \"Options du pare-feu\" :"
|
4409 |
+
|
4410 |
+
#: lib/nf_sub_wplus.php:124
|
4411 |
+
msgid ""
|
4412 |
+
"This feature requires that PHP was compiled with the <code>--enable-shmop</"
|
4413 |
+
"code> parameter."
|
4414 |
+
msgstr ""
|
4415 |
+
"Cette fonction nécessite que PHP soit compilé avec le paramètre <code>--"
|
4416 |
+
"enable-shmop</code>."
|
4417 |
+
|
4418 |
+
#: lib/nf_sub_wplus.php:134
|
4419 |
+
msgid ""
|
4420 |
+
"Learn more</a> about the <font color=\"#21759B\">WP+</font> Edition unique "
|
4421 |
+
"features."
|
4422 |
+
msgstr ""
|
4423 |
+
"En savoir plus</a> sur les caractéristiques uniques de la version <font "
|
4424 |
+
"color=\"#21759B\">WP+</font>."
|
4425 |
+
|
4426 |
+
#: lib/nf_sub_wplus.php:135
|
4427 |
+
msgid "Compare</a> the WP and <font color=\"#21759B\">WP+</font> Editions."
|
4428 |
+
msgstr "Comparez</a> les versions WP et <font color=\"#21759B\">WP+</font>."
|
4429 |
+
|
4430 |
+
#: lib/nfw_misc.php:132 lib/nfw_misc.php:136
|
4431 |
+
msgid "NinjaFirewall error"
|
4432 |
+
msgstr "NinjaFirewall Erreur"
|
4433 |
+
|
4434 |
+
#: lib/nfw_misc.php:133
|
4435 |
+
#, php-format
|
4436 |
+
msgid ""
|
4437 |
+
"%s directory cannot be created. Please review your installation and ensure "
|
4438 |
+
"that %s is writable."
|
4439 |
+
msgstr ""
|
4440 |
+
"Le répertoire %s ne peut pas être créé. Vérifiez votre installation et "
|
4441 |
+
"assurez vous que %s n'est pas en lecture seule."
|
4442 |
+
|
4443 |
+
#: lib/nfw_misc.php:137
|
4444 |
+
#, php-format
|
4445 |
+
msgid ""
|
4446 |
+
"%s directory is read-only. Please review your installation and ensure that "
|
4447 |
+
"%s is writable."
|
4448 |
+
msgstr ""
|
4449 |
+
"Le répertoire %s est en lecture seule. Vérifiez votre installation et les "
|
4450 |
+
"permissions de %s."
|
4451 |
+
|
4452 |
+
#: lib/nfw_misc.php:156 ninjafirewall.php:972
|
4453 |
+
msgid "unknown error"
|
4454 |
+
msgstr "erreur inconnue"
|
4455 |
+
|
4456 |
+
#: lib/nfw_misc.php:158
|
4457 |
+
msgid "NinjaFirewall fatal error:"
|
4458 |
+
msgstr "NinjaFirewall erreur fatale :"
|
4459 |
+
|
4460 |
+
#: lib/nfw_misc.php:159
|
4461 |
+
msgid "Review your installation, your site is not protected."
|
4462 |
+
msgstr "Vérifiez votre installation, votre site n'est pas protégé."
|
4463 |
+
|
4464 |
+
#: lib/nfw_misc.php:206 lib/nfw_misc.php:228
|
4465 |
+
msgid "Forbidden access"
|
4466 |
+
msgstr "Accès interdit"
|
4467 |
+
|
4468 |
+
#: lib/nfw_misc.php:247
|
4469 |
+
#, php-format
|
4470 |
+
msgid ""
|
4471 |
+
"<strong>ERROR</strong>: Invalid username or password.<br /><a href=\"%s"
|
4472 |
+
"\">Lost your password</a>?"
|
4473 |
+
msgstr ""
|
4474 |
+
"<strong>ERREUR</strong>: Identifiant ou mot de passe invalide.<br /><a href="
|
4475 |
+
"\"%s\">Mot de passe perdu</a> ?"
|
4476 |
+
|
4477 |
+
#: lib/nfw_misc.php:308
|
4478 |
+
msgid "[NinjaFirewall] Alert: Database changes detected"
|
4479 |
+
msgstr "[NinjaFirewall] Alerte: Modification dans la base de données"
|
4480 |
+
|
4481 |
+
#: lib/nfw_misc.php:309
|
4482 |
+
msgid ""
|
4483 |
+
"NinjaFirewall has detected that one or more administrator accounts were "
|
4484 |
+
"modified in the database:"
|
4485 |
+
msgstr ""
|
4486 |
+
"NinjaFirewall a détecté que un ou plusieurs comptes d'administrateur ont été "
|
4487 |
+
"modifiés dans la base de données:"
|
4488 |
+
|
4489 |
+
#: lib/nfw_misc.php:315 lib/nfw_misc.php:455
|
4490 |
+
msgid "User IP:"
|
4491 |
+
msgstr "IP utilisateur :"
|
4492 |
+
|
4493 |
+
#: lib/nfw_misc.php:316 lib/nfw_misc.php:458
|
4494 |
+
msgid "Date:"
|
4495 |
+
msgstr "Date :"
|
4496 |
+
|
4497 |
+
#: lib/nfw_misc.php:317
|
4498 |
+
#, php-format
|
4499 |
+
msgid "Total administrators : %s"
|
4500 |
+
msgstr "Nombre d'administrateurs : %s"
|
4501 |
+
|
4502 |
+
#: lib/nfw_misc.php:326
|
4503 |
+
msgid ""
|
4504 |
+
"If you cannot see any modifications in the above fields, it is likely that "
|
4505 |
+
"the administrator password was changed."
|
4506 |
+
msgstr ""
|
4507 |
+
"Si vous ne voyez pas de modifications dans les données ci-dessus, il est "
|
4508 |
+
"probable que le mot de passe administrateur a été changé."
|
4509 |
+
|
4510 |
+
#: lib/nfw_misc.php:424
|
4511 |
+
msgid "Blocked privilege escalation attempt"
|
4512 |
+
msgstr "Tentatives d'élévation des privilèges"
|
4513 |
+
|
4514 |
+
#: lib/nfw_misc.php:448
|
4515 |
+
msgid "NinjaFirewall has blocked an attempt to gain administrative privileges:"
|
4516 |
+
msgstr ""
|
4517 |
+
"NinjaFirewall a bloqué un utilisateur ayant essayé d'élever ses privilèges "
|
4518 |
+
"pour devenir administrateur du blog :"
|
4519 |
+
|
4520 |
+
#: lib/nfw_misc.php:454
|
4521 |
+
msgid "Username:"
|
4522 |
+
msgstr "Utilisateur :"
|
4523 |
+
|
4524 |
+
#: lib/nfw_misc.php:474
|
4525 |
+
msgid ""
|
4526 |
+
"NinjaFirewall brute-force protection is enabled and you are temporarily "
|
4527 |
+
"whitelisted."
|
4528 |
+
msgstr ""
|
4529 |
+
"La protection de NinjaFirewall contre les attaques par force brute est "
|
4530 |
+
"activée. Vous êtes temporairement dans la liste blanche."
|
4531 |
+
|
4532 |
+
#: ninjafirewall.php:73
|
4533 |
+
msgid "A true Web Application Firewall to protect and secure WordPress."
|
4534 |
+
msgstr "Un véritable pare-feu applicatif pour sécuriser et protéger WordPress."
|
4535 |
+
|
4536 |
+
#: ninjafirewall.php:82
|
4537 |
+
msgid "Cannot find WordPress configuration file"
|
4538 |
+
msgstr "Impossible de trouver le fichier de configuration de WordPress"
|
4539 |
+
|
4540 |
+
#: ninjafirewall.php:83
|
4541 |
+
msgid "Cannot read WordPress configuration file"
|
4542 |
+
msgstr "Impossible de lire le fichier de configuration de WordPress"
|
4543 |
+
|
4544 |
+
#: ninjafirewall.php:84
|
4545 |
+
msgid "Cannot retrieve WordPress database credentials"
|
4546 |
+
msgstr ""
|
4547 |
+
"Impossible de récupérer les informations d'identification de base de données "
|
4548 |
+
"WordPress"
|
4549 |
+
|
4550 |
+
#: ninjafirewall.php:85
|
4551 |
+
msgid "Cannot connect to WordPress database"
|
4552 |
+
msgstr "Impossible de se connecter à la base de données WordPress"
|
4553 |
+
|
4554 |
+
#: ninjafirewall.php:86
|
4555 |
+
msgid "Cannot retrieve user options from database (#2)"
|
4556 |
+
msgstr ""
|
4557 |
+
"Impossible de récupérer les options de l'utilisateur dans la base de données "
|
4558 |
+
"(#2)"
|
4559 |
+
|
4560 |
+
#: ninjafirewall.php:87
|
4561 |
+
msgid "Cannot retrieve user options from database (#3)"
|
4562 |
+
msgstr ""
|
4563 |
+
"Impossible de récupérer les options de l'utilisateur dans la base de données "
|
4564 |
+
"(#3)"
|
4565 |
+
|
4566 |
+
#: ninjafirewall.php:88
|
4567 |
+
msgid "Cannot retrieve user rules from database (#2)"
|
4568 |
+
msgstr ""
|
4569 |
+
"Impossible de récupérer les règles de l'utilisateur dans la base de données "
|
4570 |
+
"(#2)"
|
4571 |
+
|
4572 |
+
#: ninjafirewall.php:89
|
4573 |
+
msgid "Cannot retrieve user rules from database (#3)"
|
4574 |
+
msgstr ""
|
4575 |
+
"Impossible de récupérer les règles de l'utilisateur dans la base de données "
|
4576 |
+
"(#3)"
|
4577 |
+
|
4578 |
+
#: ninjafirewall.php:90
|
4579 |
+
msgid ""
|
4580 |
+
"The firewall has been disabled from the <a href=\"admin.php?page=nfsubopt"
|
4581 |
+
"\">administration console</a>"
|
4582 |
+
msgstr ""
|
4583 |
+
"Le pare-feu a été désactivé depuis son <a href=\"admin.php?page=nfsubopt"
|
4584 |
+
"\">interface d'administration</a>"
|
4585 |
+
|
4586 |
+
#: ninjafirewall.php:91
|
4587 |
+
msgid "Unable to communicate with the firewall. Please check your settings"
|
4588 |
+
msgstr ""
|
4589 |
+
"Impossible de communiquer avec le pare-feu. Veuillez vérifiez votre "
|
4590 |
+
"configuration"
|
4591 |
+
|
4592 |
+
#: ninjafirewall.php:92
|
4593 |
+
msgid "Cannot retrieve user options from database (#1)"
|
4594 |
+
msgstr ""
|
4595 |
+
"Impossible de récupérer les options de l'utilisateur dans la base de données "
|
4596 |
+
"(#1)"
|
4597 |
+
|
4598 |
+
#: ninjafirewall.php:93
|
4599 |
+
msgid "Cannot retrieve user rules from database (#1)"
|
4600 |
+
msgstr ""
|
4601 |
+
"Impossible de récupérer les règles de l'utilisateur dans la base de données "
|
4602 |
+
"(#1)"
|
4603 |
+
|
4604 |
+
#: ninjafirewall.php:94
|
4605 |
+
#, php-format
|
4606 |
+
msgid ""
|
4607 |
+
"The firewall cannot access its log and cache folders. If you changed the "
|
4608 |
+
"name of WordPress %s or %s folders, you must define NinjaFirewall's built-in "
|
4609 |
+
"%s constant (see %s for more info)"
|
4610 |
+
msgstr ""
|
4611 |
+
"NinjaFirewall ne peut pas accéder à son répertoire cache. Si vous avez "
|
4612 |
+
"modifié les dossiers %s ou %s, vous DEVEZ définir la constante %s afin de "
|
4613 |
+
"résoudre ce problème (consultez %s pour plus de détails)"
|
4614 |
+
|
4615 |
+
#: ninjafirewall.php:121
|
4616 |
+
#, php-format
|
4617 |
+
msgid ""
|
4618 |
+
"NinjaFirewall requires WordPress 3.3 or greater but your current version is "
|
4619 |
+
"%s."
|
4620 |
+
msgstr ""
|
4621 |
+
"NinjaFirewall nécessite au moins WordPress 3.3 mais votre version de "
|
4622 |
+
"WordPress est %s."
|
4623 |
+
|
4624 |
+
#: ninjafirewall.php:125
|
4625 |
+
#, php-format
|
4626 |
+
msgid ""
|
4627 |
+
"NinjaFirewall requires PHP 5.3 or greater but your current version is %s."
|
4628 |
+
msgstr ""
|
4629 |
+
"NinjaFirewall nécessite au moins PHP 5.3 mais votre version de PHP est %s."
|
4630 |
+
|
4631 |
+
#: ninjafirewall.php:129
|
4632 |
+
#, php-format
|
4633 |
+
msgid "NinjaFirewall requires the PHP %s extension."
|
4634 |
+
msgstr "NinjaFirewall nécessite l'extension PHP %s."
|
4635 |
+
|
4636 |
+
#: ninjafirewall.php:133
|
4637 |
+
msgid ""
|
4638 |
+
"You have SAFE_MODE enabled. Please disable it, it is deprecated as of PHP "
|
4639 |
+
"5.3.0 (see http://php.net/safe-mode)."
|
4640 |
+
msgstr ""
|
4641 |
+
"Vous avez SAFE_MODE activé. Veuillez le désactiver, cette fonctionnalité est "
|
4642 |
+
"devenue obsolète depuis PHP 5.3 et a été supprimée depuis PHP 5.4 (cf. "
|
4643 |
+
"http://php.net/safe-mode)."
|
4644 |
+
|
4645 |
+
#: ninjafirewall.php:137
|
4646 |
+
msgid "You are not allowed to activate NinjaFirewall."
|
4647 |
+
msgstr "Vous n’êtes pas autorisé à activer NinjaFirewall."
|
4648 |
+
|
4649 |
+
#: ninjafirewall.php:141
|
4650 |
+
msgid "NinjaFirewall is not compatible with Microsoft Windows."
|
4651 |
+
msgstr "NinjaFirewall n'est pas compatible avec Microsoft Windows."
|
4652 |
+
|
4653 |
+
#: ninjafirewall.php:562
|
4654 |
+
msgid "ERROR: Failed to update rules"
|
4655 |
+
msgstr "ERREUR: Échec de la mise à jour des règles"
|
4656 |
+
|
4657 |
+
#: ninjafirewall.php:568
|
4658 |
+
msgid ""
|
4659 |
+
"NinjaFirewall failed to update its rules. This is a critical error, your "
|
4660 |
+
"current rules may be corrupted or disabled. In order to solve the problem, "
|
4661 |
+
"please follow these instructions:"
|
4662 |
+
msgstr ""
|
4663 |
+
"La mise à jour des règles de NinjaFirewall a échoué. Ceci est une erreur "
|
4664 |
+
"critique, vos règles actuelles peuvent être endommagées ou bien désactivées. "
|
4665 |
+
"Afin de résoudre le problème, veuillez suivre ces instructions :"
|
4666 |
+
|
4667 |
+
#: ninjafirewall.php:569
|
4668 |
+
msgid "1. Log in to your WordPress admin dashboard."
|
4669 |
+
msgstr "1. Connectez-vous à votre tableau de bord WordPress."
|
4670 |
+
|
4671 |
+
#: ninjafirewall.php:570
|
4672 |
+
msgid "2. Go to \"NinjaFirewall > Updates\"."
|
4673 |
+
msgstr "2. Sélectionnez \"NinjaFirewall > Mises à Jour\"."
|
4674 |
+
|
4675 |
+
#: ninjafirewall.php:571
|
4676 |
+
msgid "3. Click on \"Check for updates now!\"."
|
4677 |
+
msgstr "3. Cliquez sur le bouton \"Vérifier les mises à jour maintenant ! \"."
|
4678 |
+
|
4679 |
+
#: ninjafirewall.php:576 ninjafirewall.php:703
|
4680 |
+
msgid "Support forum"
|
4681 |
+
msgstr "Forum "
|
4682 |
+
|
4683 |
+
#: ninjafirewall.php:688
|
4684 |
+
msgid "Alert: WordPress console login"
|
4685 |
+
msgstr "Alerte : Connexion à WordPress"
|
4686 |
+
|
4687 |
+
#: ninjafirewall.php:697
|
4688 |
+
msgid "Someone just logged in to your WordPress admin console:"
|
4689 |
+
msgstr "Quelqu'un vient de se connecter à votre Tableau de bord de WordPress:"
|
4690 |
+
|
4691 |
+
#: ninjafirewall.php:770
|
4692 |
+
#, php-format
|
4693 |
+
msgid "Sorry %s, your request cannot be processed."
|
4694 |
+
msgstr "Désolé %s, votre requête ne peut pas aboutir."
|
4695 |
+
|
4696 |
+
#: ninjafirewall.php:771
|
4697 |
+
msgid "For security reasons, it was blocked and logged."
|
4698 |
+
msgstr "Pour des raisons de sécurité, elle a été bloquée et enregistrée."
|
4699 |
+
|
4700 |
+
#: ninjafirewall.php:773
|
4701 |
+
msgid ""
|
4702 |
+
"If you believe this was an error please contact the<br />webmaster and "
|
4703 |
+
"enclose the following incident ID:"
|
4704 |
+
msgstr ""
|
4705 |
+
"Si vous pensez qu'il s'agit d'une erreur, veuillez contacter<br />le "
|
4706 |
+
"webmaster et joindre le numéro d'incident suivant:"
|
4707 |
+
|
4708 |
+
#: ninjafirewall.php:799
|
4709 |
+
msgid "NinjaFirewall: Overview"
|
4710 |
+
msgstr "NinjaFirewall : Aperçu"
|
4711 |
+
|
4712 |
+
#: ninjafirewall.php:803
|
4713 |
+
msgid "NinjaFirewall: Statistics"
|
4714 |
+
msgstr "NinjaFirewall : Statistiques"
|
4715 |
+
|
4716 |
+
#: ninjafirewall.php:807
|
4717 |
+
msgid "NinjaFirewall: Firewall Options"
|
4718 |
+
msgstr "NinjaFirewall : Options du Pare-feu"
|
4719 |
+
|
4720 |
+
#: ninjafirewall.php:811
|
4721 |
+
msgid "NinjaFirewall: Firewall Policies"
|
4722 |
+
msgstr "NinjaFirewall : Politiques du Pare-feu"
|
4723 |
+
|
4724 |
+
#: ninjafirewall.php:815
|
4725 |
+
msgid "NinjaFirewall: File Guard"
|
4726 |
+
msgstr "NinjaFirewall: File Guard"
|
4727 |
+
|
4728 |
+
#: ninjafirewall.php:819
|
4729 |
+
msgid "NinjaFirewall: File Check"
|
4730 |
+
msgstr "NinjaFirewall: File Check"
|
4731 |
+
|
4732 |
+
#: ninjafirewall.php:829
|
4733 |
+
msgid "NinjaFirewall: Anti-Malware"
|
4734 |
+
msgstr "NinjaFirewall : Anti-Malware"
|
4735 |
+
|
4736 |
+
#: ninjafirewall.php:833
|
4737 |
+
msgid "NinjaFirewall: Network"
|
4738 |
+
msgstr "NinjaFirewall : Réseau"
|
4739 |
+
|
4740 |
+
#: ninjafirewall.php:837
|
4741 |
+
msgid "NinjaFirewall: Event Notifications"
|
4742 |
+
msgstr "NinjaFirewall : Notifications d’Événement"
|
4743 |
+
|
4744 |
+
#: ninjafirewall.php:841
|
4745 |
+
msgid "NinjaFirewall: Log-in Protection"
|
4746 |
+
msgstr "NinjaFirewall : Page de Connexion"
|
4747 |
+
|
4748 |
+
#: ninjafirewall.php:845
|
4749 |
+
msgid "NinjaFirewall: Firewall Log"
|
4750 |
+
msgstr "NinjaFirewall : Journal du Pare-feu"
|
4751 |
+
|
4752 |
+
#: ninjafirewall.php:849
|
4753 |
+
msgid "NinjaFirewall: Live Log"
|
4754 |
+
msgstr "NinjaFirewall: Live Log"
|
4755 |
+
|
4756 |
+
#: ninjafirewall.php:853
|
4757 |
+
msgid "NinjaFirewall: Rules Editor"
|
4758 |
+
msgstr "NinjaFirewall : Éditeur de Règles"
|
4759 |
+
|
4760 |
+
#: ninjafirewall.php:857
|
4761 |
+
msgid "NinjaFirewall: Updates"
|
4762 |
+
msgstr "NinjaFirewall : Mises à Jour"
|
4763 |
+
|
4764 |
+
#: ninjafirewall.php:864
|
4765 |
+
msgid "NinjaFirewall: About"
|
4766 |
+
msgstr "NinjaFirewall : À Propos"
|
4767 |
+
|
4768 |
+
#: ninjafirewall.php:864
|
4769 |
+
msgid "About..."
|
4770 |
+
msgstr "À Propos..."
|
4771 |
+
|
4772 |
+
#: ninjafirewall.php:904
|
4773 |
+
msgid "NinjaFirewall Settings"
|
4774 |
+
msgstr "Réglages de NinjaFirewall"
|
4775 |
+
|
4776 |
+
#: ninjafirewall.php:912
|
4777 |
+
msgid "NinjaFirewall is enabled"
|
4778 |
+
msgstr "NinjaFirewall est activé"
|
4779 |
+
|
4780 |
+
#: ninjafirewall.php:951
|
4781 |
+
msgid "Congratulations, NinjaFirewall is up and running!"
|
4782 |
+
msgstr "Félicitations, NinjaFirewall est bien activé !"
|
4783 |
+
|
4784 |
+
#: ninjafirewall.php:952
|
4785 |
+
msgid ""
|
4786 |
+
"If you need help, click on the contextual \"Help\" menu tab located in the "
|
4787 |
+
"upper right corner of each page."
|
4788 |
+
msgstr ""
|
4789 |
+
"Si vous avez besoin d'aide, cliquez sur l'onglet \"Aide\" situé dans le coin "
|
4790 |
+
"supérieur droit de chaque page."
|
4791 |
+
|
4792 |
+
#: ninjafirewall.php:954
|
4793 |
+
msgid "A \"Quick Start, FAQ & Troubleshooting Guide\" email was sent to"
|
4794 |
+
msgstr ""
|
4795 |
+
"Un e-mail \"Guide d'Utilisation, d'Installation et de Dépannage\" a été "
|
4796 |
+
"envoyé à l'adresse"
|
4797 |
+
|
4798 |
+
#: ninjafirewall.php:976 ninjafirewall.php:986
|
4799 |
+
msgid "Firewall"
|
4800 |
+
msgstr "Pare-feu"
|
4801 |
+
|
4802 |
+
#: ninjafirewall.php:995
|
4803 |
+
msgid "WordPress WAF"
|
4804 |
+
msgstr "WordPress WAF"
|
4805 |
+
|
4806 |
+
#: ninjafirewall.php:997
|
4807 |
+
msgid "Full WAF"
|
4808 |
+
msgstr "Full WAF"
|
4809 |
+
|
4810 |
+
#: ninjafirewall.php:1001
|
4811 |
+
msgid "Mode"
|
4812 |
+
msgstr "Mode"
|
4813 |
+
|
4814 |
+
#: ninjafirewall.php:1003
|
4815 |
+
#, php-format
|
4816 |
+
msgid "NinjaFirewall is running in %s mode."
|
4817 |
+
msgstr "NinjaFirewall fonctionne en mode %s."
|
4818 |
+
|
4819 |
+
#: ninjafirewall.php:1012
|
4820 |
+
msgid "Enabled."
|
4821 |
+
msgstr "Activé."
|
4822 |
+
|
4823 |
+
#: ninjafirewall.php:1012
|
4824 |
+
msgid "Click here to turn Debugging Mode off"
|
4825 |
+
msgstr "Cliquez ici pour désactiver le mode Débogage"
|
4826 |
+
|
4827 |
+
#: ninjafirewall.php:1018
|
4828 |
+
msgid "PHP SAPI"
|
4829 |
+
msgstr "PHP SAPI"
|
4830 |
+
|
4831 |
+
#: ninjafirewall.php:1032 ninjafirewall.php:3439
|
4832 |
+
msgid "Version"
|
4833 |
+
msgstr "Version"
|
4834 |
+
|
4835 |
+
#: ninjafirewall.php:1034
|
4836 |
+
msgid "Security rules:"
|
4837 |
+
msgstr "Règles de sécurité :"
|
4838 |
+
|
4839 |
+
#: ninjafirewall.php:1044
|
4840 |
+
msgid "Security rules updates are disabled."
|
4841 |
+
msgstr "La mise à jour automatique des règles de sécurité est désactivée."
|
4842 |
+
|
4843 |
+
#: ninjafirewall.php:1044
|
4844 |
+
msgid ""
|
4845 |
+
"If you want your blog to be protected against the latest threats, enable "
|
4846 |
+
"automatic security rules updates."
|
4847 |
+
msgstr ""
|
4848 |
+
"Pour garder votre WordPress protégé contre les dernières vulnérabilités, "
|
4849 |
+
"pensez à l'activer."
|
4850 |
+
|
4851 |
+
#: ninjafirewall.php:1052 ninjafirewall.php:1061
|
4852 |
+
msgid "Admin user"
|
4853 |
+
msgstr "Administrateur"
|
4854 |
+
|
4855 |
+
#: ninjafirewall.php:1054
|
4856 |
+
#, php-format
|
4857 |
+
msgid ""
|
4858 |
+
"You are not whitelisted. Ensure that the \"Do not block WordPress "
|
4859 |
+
"administrator\" option is enabled in the <a href=\"%s\">Firewall Policies</"
|
4860 |
+
"a> menu, otherwise you will likely get blocked by the firewall while working "
|
4861 |
+
"from your administration dashboard."
|
4862 |
+
msgstr ""
|
4863 |
+
"Vous n'êtes pas dans la liste blanche. Assurez vous que l'option \"Ne pas "
|
4864 |
+
"bloquer l'Administrateur de WordPress\" est activée dans la page <a href="
|
4865 |
+
"\"%s\">Politiques du Pare-feu</a>, sinon vous pourriez être bloqué par le "
|
4866 |
+
"pare-feu lorsque vous travaillez depuis votre Tableau de bord."
|
4867 |
+
|
4868 |
+
#: ninjafirewall.php:1063
|
4869 |
+
msgid "You are whitelisted by the firewall."
|
4870 |
+
msgstr "Vous êtes dans la liste blanche du pare-feu."
|
4871 |
+
|
4872 |
+
#: ninjafirewall.php:1070
|
4873 |
+
msgid "Restrictions"
|
4874 |
+
msgstr "Restrictions"
|
4875 |
+
|
4876 |
+
#: ninjafirewall.php:1072
|
4877 |
+
msgid "Access to NinjaFirewall is restricted to:"
|
4878 |
+
msgstr "L'accès à NinjaFirewall est restreint à :"
|
4879 |
+
|
4880 |
+
#: ninjafirewall.php:1080 ninjafirewall.php:1090
|
4881 |
+
msgid "User session"
|
4882 |
+
msgstr "Session utilisateur"
|
4883 |
+
|
4884 |
+
#: ninjafirewall.php:1082
|
4885 |
+
msgid ""
|
4886 |
+
"It seems the user session was not set by the firewall script or may have "
|
4887 |
+
"been destroyed by another plugin. You may get blocked by the firewall while "
|
4888 |
+
"working from the WordPress administration dashboard."
|
4889 |
+
msgstr ""
|
4890 |
+
"Il semble que la session de l'utilisateur n'a pas été définie par le script "
|
4891 |
+
"du pare-feu, ou bien a peut être été détruite malencontreusement par une "
|
4892 |
+
"autre extension. Vous pourriez être bloqué par le pare-feu lorsque vous "
|
4893 |
+
"travaillez depuis le Tableau de bord de WordPress."
|
4894 |
+
|
4895 |
+
#: ninjafirewall.php:1092
|
4896 |
+
msgid ""
|
4897 |
+
"It seems that the user session set by NinjaFirewall was not found by the "
|
4898 |
+
"firewall script. You may get blocked by the firewall while working from the "
|
4899 |
+
"WordPress administration dashboard."
|
4900 |
+
msgstr ""
|
4901 |
+
"Il semble que la session d'utilisateur définie par NinjaFirewall n'a pas été "
|
4902 |
+
"trouvé par le script du pare-feu. Vous pourriez être bloqué par le pare-feu "
|
4903 |
+
"lorsque vous travaillez depuis le Tableau de bord de WordPress."
|
4904 |
+
|
4905 |
+
#: ninjafirewall.php:1100
|
4906 |
+
#, php-format
|
4907 |
+
msgid ""
|
4908 |
+
"the public key is invalid. Please <a href=\"%s\">check your configuration</"
|
4909 |
+
"a>."
|
4910 |
+
msgstr ""
|
4911 |
+
"la clé publique est invalide. Veuillez vérifier <a href=\"%s\">votre "
|
4912 |
+
"configuration</a>."
|
4913 |
+
|
4914 |
+
#: ninjafirewall.php:1104
|
4915 |
+
msgid "No IP address restriction."
|
4916 |
+
msgstr "Aucune restriction d'accès par adresse IP."
|
4917 |
+
|
4918 |
+
#: ninjafirewall.php:1107
|
4919 |
+
#, php-format
|
4920 |
+
msgid "IP address %s is allowed to access NinjaFirewall's log on this server."
|
4921 |
+
msgstr ""
|
4922 |
+
"L'adresse IP %s est autorisée à accéder au journal du pare-feu de "
|
4923 |
+
"NinjaFirewall."
|
4924 |
+
|
4925 |
+
#: ninjafirewall.php:1110
|
4926 |
+
#, php-format
|
4927 |
+
msgid ""
|
4928 |
+
"the whitelisted IP is not valid. Please <a href=\"%s\">check your "
|
4929 |
+
"configuration</a>."
|
4930 |
+
msgstr ""
|
4931 |
+
"l'adresse IP est invalide. Veuillez vérifier <a href=\"%s\">votre "
|
4932 |
+
"configuration</a>."
|
4933 |
+
|
4934 |
+
#: ninjafirewall.php:1120
|
4935 |
+
#, php-format
|
4936 |
+
msgid "Error: %s"
|
4937 |
+
msgstr "Erreur : %s"
|
4938 |
+
|
4939 |
+
#: ninjafirewall.php:1138
|
4940 |
+
msgid "Source IP"
|
4941 |
+
msgstr "IP source"
|
4942 |
+
|
4943 |
+
#: ninjafirewall.php:1140
|
4944 |
+
#, php-format
|
4945 |
+
msgid "You have a private IP : %s"
|
4946 |
+
msgstr "Vous avez l'adresse IP d'un réseau privé : %s"
|
4947 |
+
|
4948 |
+
#: ninjafirewall.php:1140
|
4949 |
+
#, php-format
|
4950 |
+
msgid ""
|
4951 |
+
"If your site is behind a reverse proxy or a load balancer, ensure that you "
|
4952 |
+
"have setup your HTTP server or PHP to forward the correct visitor IP, "
|
4953 |
+
"otherwise use the NinjaFirewall %s configuration file."
|
4954 |
+
msgstr ""
|
4955 |
+
"Si votre blog se trouve derrière un load-balancer, reverse-proxy ou CDN, "
|
4956 |
+
"pensez à configurer correctement votre serveur HTTP afin qu'il fasse suivre "
|
4957 |
+
"la bonne adresse IP, sinon utilisez le fichier de configuration %s de "
|
4958 |
+
"NinjaFirewall. "
|
4959 |
+
|
4960 |
+
#: ninjafirewall.php:1148 ninjafirewall.php:1159
|
4961 |
+
msgid "CDN detection"
|
4962 |
+
msgstr "Détection CDN"
|
4963 |
+
|
4964 |
+
#: ninjafirewall.php:1150
|
4965 |
+
#, php-format
|
4966 |
+
msgid ""
|
4967 |
+
"%s detected: you seem to be using Cloudflare CDN services. Ensure that you "
|
4968 |
+
"have setup your HTTP server or PHP to forward the correct visitor IP, "
|
4969 |
+
"otherwise use the NinjaFirewall %s configuration file."
|
4970 |
+
msgstr ""
|
4971 |
+
"%s détecté : il semble que vous utilisez le service CDN Cloudflare. Assurez "
|
4972 |
+
"vous d'avoir configuré votre serveur HTTP afin qu'il fasse suivre la bonne "
|
4973 |
+
"adresse IP, sinon utilisez le fichier de configuration %s de NinjaFirewall."
|
4974 |
+
|
4975 |
+
#: ninjafirewall.php:1161
|
4976 |
+
#, php-format
|
4977 |
+
msgid ""
|
4978 |
+
"%s detected: you seem to be using Incapsula CDN services. Ensure that you "
|
4979 |
+
"have setup your HTTP server or PHP to forward the correct visitor IP, "
|
4980 |
+
"otherwise use the NinjaFirewall %s configuration file."
|
4981 |
+
msgstr ""
|
4982 |
+
"%s détecté : il semble que vous utilisez le service CDN Incapsula. Assurez "
|
4983 |
+
"vous d'avoir configuré votre serveur HTTP afin qu'il fasse suivre la bonne "
|
4984 |
+
"adresse IP, sinon utilisez le fichier de configuration %s de NinjaFirewall."
|
4985 |
+
|
4986 |
+
#: ninjafirewall.php:1170 ninjafirewall.php:1180
|
4987 |
+
msgid "Log dir"
|
4988 |
+
msgstr "Répertoire du Journal"
|
4989 |
+
|
4990 |
+
#: ninjafirewall.php:1172 ninjafirewall.php:1182
|
4991 |
+
#, php-format
|
4992 |
+
msgid "%s directory is not writable! Please chmod it to 0777 or equivalent."
|
4993 |
+
msgstr ""
|
4994 |
+
"Le répertoire %s est en lecture seule ! Veuillez changer ses permissions "
|
4995 |
+
"(0777 ou équivalent)."
|
4996 |
+
|
4997 |
+
#: ninjafirewall.php:1190
|
4998 |
+
msgid "Optional configuration file"
|
4999 |
+
msgstr "Fichier de configuration"
|
5000 |
+
|
5001 |
+
#: ninjafirewall.php:1225 ninjafirewall.php:1607 ninjafirewall.php:1622
|
5002 |
+
#: ninjafirewall.php:1632 ninjafirewall.php:1642 ninjafirewall.php:1712
|
5003 |
+
#: ninjafirewall.php:1755 ninjafirewall.php:1788 ninjafirewall.php:1826
|
5004 |
+
#: ninjafirewall.php:1914 ninjafirewall.php:1934 ninjafirewall.php:1977
|
5005 |
+
#: ninjafirewall.php:2106 ninjafirewall.php:2120 ninjafirewall.php:2321
|
5006 |
+
msgid "Yes"
|
5007 |
+
msgstr "Oui"
|
5008 |
+
|
5009 |
+
#: ninjafirewall.php:1227
|
5010 |
+
msgid "(default)"
|
5011 |
+
msgstr "(défaut)"
|
5012 |
+
|
5013 |
+
#: ninjafirewall.php:1228
|
5014 |
+
#, php-format
|
5015 |
+
msgid ""
|
5016 |
+
"This feature is only available when NinjaFirewall is running in %s mode."
|
5017 |
+
msgstr ""
|
5018 |
+
"Cette option ne peut être activée que lorsque NinjaFirewall fonctionne en "
|
5019 |
+
"mode %s."
|
5020 |
+
|
5021 |
+
#: ninjafirewall.php:1241
|
5022 |
+
msgid "All fields will be restored to their default values. Go ahead?"
|
5023 |
+
msgstr ""
|
5024 |
+
"Tous les champs vont être réinitialisés avec leur valeur par défaut. "
|
5025 |
+
"Continuer ?"
|
5026 |
+
|
5027 |
+
#: ninjafirewall.php:1271
|
5028 |
+
msgid ""
|
5029 |
+
"WARNING: ensure that you can access your admin console over HTTPS before "
|
5030 |
+
"enabling this option, otherwise you will lock yourself out of your site. Go "
|
5031 |
+
"ahead?"
|
5032 |
+
msgstr ""
|
5033 |
+
"AVERTISSEMENT: assurez-vous que vous pouvez accéder à votre Tableau de bord "
|
5034 |
+
"via HTTPS avant d'activer cette option, sinon vous risquez de bloquer "
|
5035 |
+
"l’accès à votre site. Continuer ?"
|
5036 |
+
|
5037 |
+
#: ninjafirewall.php:1280
|
5038 |
+
msgid ""
|
5039 |
+
"Any character that is not a letter [a-zA-Z], a digit [0-9], a dot [.], a "
|
5040 |
+
"hyphen [-] or an underscore [_] will be removed from the filename and "
|
5041 |
+
"replaced with the substitution character. Continue?"
|
5042 |
+
msgstr ""
|
5043 |
+
"Tout caractère qui n'est pas une lettre [a-zA-Z], un chiffre [0-9], un point "
|
5044 |
+
"[.], un trait d'union[-] ou un caractère de soulignement[_], sera supprimé "
|
5045 |
+
"du nom du fichier et remplacé par le caractère de substitution."
|
5046 |
+
|
5047 |
+
#: ninjafirewall.php:1318
|
5048 |
+
msgid "Default values were restored."
|
5049 |
+
msgstr "Les valeurs par défaut ont été restaurées."
|
5050 |
+
|
5051 |
+
#: ninjafirewall.php:1320
|
5052 |
+
msgid "No action taken."
|
5053 |
+
msgstr "Aucune mesure prise."
|
5054 |
+
|
5055 |
+
#: ninjafirewall.php:1355
|
5056 |
+
msgid "Enable NinjaFirewall for"
|
5057 |
+
msgstr "Activer NinjaFirewall pour le trafic"
|
5058 |
+
|
5059 |
+
#: ninjafirewall.php:1387
|
5060 |
+
msgid "File Uploads"
|
5061 |
+
msgstr "Autoriser les téléchargements (uploads)"
|
5062 |
+
|
5063 |
+
#: ninjafirewall.php:1391
|
5064 |
+
msgid "Allow uploads"
|
5065 |
+
msgstr "Autoriser"
|
5066 |
+
|
5067 |
+
#: ninjafirewall.php:1392
|
5068 |
+
msgid "Disallow uploads (default)"
|
5069 |
+
msgstr "Ne pas autoriser (défaut)"
|
5070 |
+
|
5071 |
+
#: ninjafirewall.php:1395
|
5072 |
+
msgid "Sanitise filenames"
|
5073 |
+
msgstr "Nettoyer le nom des fichiers"
|
5074 |
+
|
5075 |
+
#: ninjafirewall.php:1395
|
5076 |
+
msgid "substitution character:"
|
5077 |
+
msgstr "caractère de substitution :"
|
5078 |
+
|
5079 |
+
#: ninjafirewall.php:1496
|
5080 |
+
msgid "Block direct access to any PHP file located in one of these directories"
|
5081 |
+
msgstr ""
|
5082 |
+
"Bloquer l'accès direct à un fichier PHP situé dans l'un de ces répertoires"
|
5083 |
+
|
5084 |
+
#: ninjafirewall.php:1526
|
5085 |
+
msgid ""
|
5086 |
+
"NinjaFirewall will not block access to the TinyMCE WYSIWYG editor even if "
|
5087 |
+
"this option is enabled."
|
5088 |
+
msgstr ""
|
5089 |
+
"NinjaFirewall ne bloquera pas l'accès à l'éditeur WYSIWYG TinyMCE même si "
|
5090 |
+
"cette option est activée."
|
5091 |
+
|
5092 |
+
#: ninjafirewall.php:1541
|
5093 |
+
msgid ""
|
5094 |
+
"Unless you have PHP scripts in a \"/cache/\" folder that need to be accessed "
|
5095 |
+
"by your visitors, we recommend to enable this option."
|
5096 |
+
msgstr ""
|
5097 |
+
"Sauf si vous avez des scripts PHP se trouvant dans un dossier \"*/cache/*\" "
|
5098 |
+
"pouvant être consultés par vos visiteurs, nous vous recommandons d'activer "
|
5099 |
+
"cette option."
|
5100 |
+
|
5101 |
+
#: ninjafirewall.php:1552
|
5102 |
+
msgid ""
|
5103 |
+
"If you are using the Jetpack plugin, blocking <code>system.multicall</code> "
|
5104 |
+
"may prevent it from working correctly."
|
5105 |
+
msgstr ""
|
5106 |
+
"Si vous utilisez l'extension Jetpack, bloquer <code>system.multicall</code> "
|
5107 |
+
"pourrait l’empêcher de fonctionner correctement."
|
5108 |
+
|
5109 |
+
#: ninjafirewall.php:1560
|
5110 |
+
msgid "Protect against username enumeration"
|
5111 |
+
msgstr "Protéger contre l'énumération des comptes utilisateurs"
|
5112 |
+
|
5113 |
+
#: ninjafirewall.php:1563
|
5114 |
+
msgid "Through the author archives"
|
5115 |
+
msgstr "Via la page d'archive d'un auteur"
|
5116 |
+
|
5117 |
+
#: ninjafirewall.php:1564
|
5118 |
+
msgid "Through the login page"
|
5119 |
+
msgstr "Via la page de connexion"
|
5120 |
+
|
5121 |
+
#: ninjafirewall.php:1565
|
5122 |
+
msgid "Through the WordPress REST API"
|
5123 |
+
msgstr "Via l'API REST de WordPress"
|
5124 |
+
|
5125 |
+
#: ninjafirewall.php:1573
|
5126 |
+
msgid "This feature is only available when running WordPress 4.7 or above."
|
5127 |
+
msgstr "Cette option ne peut être activée qu'avec WordPress 4.7 ou plus."
|
5128 |
+
|
5129 |
+
#: ninjafirewall.php:1580
|
5130 |
+
msgid "WordPress REST API"
|
5131 |
+
msgstr "API REST de WordPress"
|
5132 |
+
|
5133 |
+
#: ninjafirewall.php:1583 ninjafirewall.php:1592
|
5134 |
+
msgid "Block any access to the API"
|
5135 |
+
msgstr "Bloquer tout accès à l'API"
|
5136 |
+
|
5137 |
+
#: ninjafirewall.php:1589
|
5138 |
+
msgid "WordPress XML-RPC API"
|
5139 |
+
msgstr "API XML-RPC de WordPress"
|
5140 |
+
|
5141 |
+
#: ninjafirewall.php:1593
|
5142 |
+
msgid "Block <code>system.multicall</code> method"
|
5143 |
+
msgstr "Bloquer la méthode <code>system.multicall</code>"
|
5144 |
+
|
5145 |
+
#: ninjafirewall.php:1595
|
5146 |
+
msgid "Block Pingbacks"
|
5147 |
+
msgstr "Bloquer les Pingbacks"
|
5148 |
+
|
5149 |
+
#: ninjafirewall.php:1600
|
5150 |
+
msgid ""
|
5151 |
+
"Disabling access to the REST or XML-RPC API may break some functionality on "
|
5152 |
+
"your blog, its themes or plugins."
|
5153 |
+
msgstr ""
|
5154 |
+
"L'activation de ces options peut rompre certaines fonctionnalités de votre "
|
5155 |
+
"blog, ses thèmes ou ses plugins."
|
5156 |
+
|
5157 |
+
#: ninjafirewall.php:1604
|
5158 |
+
msgid "Block <code>POST</code> requests in the themes folder"
|
5159 |
+
msgstr "Bloquer les requêtes <code>POST</code> dans le dossier des thèmes"
|
5160 |
+
|
5161 |
+
#: ninjafirewall.php:1619
|
5162 |
+
msgid "Force SSL for admin and logins"
|
5163 |
+
msgstr "Forcer la connexion sécurisée au Tableau de bord"
|
5164 |
+
|
5165 |
+
#: ninjafirewall.php:1629
|
5166 |
+
msgid "Disable the plugin and theme editor"
|
5167 |
+
msgstr "Désactiver l’éditeur de thème et d'extension"
|
5168 |
+
|
5169 |
+
#: ninjafirewall.php:1639
|
5170 |
+
msgid "Disable plugin and theme update/installation"
|
5171 |
+
msgstr "Désactiver l'installation et mise à jour des thèmes et extensions"
|
5172 |
+
|
5173 |
+
#: ninjafirewall.php:1668
|
5174 |
+
msgid "Add the Administrator to the whitelist (default)."
|
5175 |
+
msgstr "Ajouter l'Administrateur à la liste blanche (défaut)."
|
5176 |
+
|
5177 |
+
#: ninjafirewall.php:1669
|
5178 |
+
msgid "Add all logged in users to the whitelist."
|
5179 |
+
msgstr "Ajouter tous les utilisateurs connectés à la liste blanche."
|
5180 |
+
|
5181 |
+
#: ninjafirewall.php:1670
|
5182 |
+
msgid "Disable users whitelist."
|
5183 |
+
msgstr "Désactiver la liste blanche."
|
5184 |
+
|
5185 |
+
#: ninjafirewall.php:1671
|
5186 |
+
msgid ""
|
5187 |
+
"Note: This feature does not apply to <code>FORCE_SSL_ADMIN</code>, "
|
5188 |
+
"<code>DISALLOW_FILE_EDIT</code> and <code>DISALLOW_FILE_MODS</code> options "
|
5189 |
+
"which, if enabled, are always enforced."
|
5190 |
+
msgstr ""
|
5191 |
+
"Ne s'applique pas aux options <code>FORCE_SSL_ADMIN</code>, "
|
5192 |
+
"<code>DISALLOW_FILE_EDIT</code> et <code>DISALLOW_FILE_MODS</code> qui, si "
|
5193 |
+
"elles sont activées, seront toujours appliquées."
|
5194 |
+
|
5195 |
+
#: ninjafirewall.php:1699
|
5196 |
+
msgid "Scan <code>GET</code> variable"
|
5197 |
+
msgstr "Filtrer la variable <code>GET</code>"
|
5198 |
+
|
5199 |
+
#: ninjafirewall.php:1709
|
5200 |
+
msgid "Sanitise <code>GET</code> variable"
|
5201 |
+
msgstr "Nettoyer la variable <code>GET</code>"
|
5202 |
+
|
5203 |
+
#: ninjafirewall.php:1742
|
5204 |
+
msgid "Scan <code>POST</code> variable"
|
5205 |
+
msgstr "Filtrer la variable <code>POST</code>"
|
5206 |
+
|
5207 |
+
#: ninjafirewall.php:1752
|
5208 |
+
msgid "Sanitise <code>POST</code> variable"
|
5209 |
+
msgstr "Nettoyer la variable <code>POST</code>"
|
5210 |
+
|
5211 |
+
#: ninjafirewall.php:1758 ninjafirewall.php:1791
|
5212 |
+
msgid "Do not enable this option unless you know what you are doing!"
|
5213 |
+
msgstr ""
|
5214 |
+
"N'activez pas cette option si vous n'êtes pas sûr de ce que vous "
|
5215 |
+
"faites !"
|
5216 |
+
|
5217 |
+
#: ninjafirewall.php:1762
|
5218 |
+
msgid "Decode Base64-encoded <code>POST</code> variable"
|
5219 |
+
msgstr ""
|
5220 |
+
"Décoder les chaîne encodées en Base64 dans la variable <code>POST</code>"
|
5221 |
+
|
5222 |
+
#: ninjafirewall.php:1785
|
5223 |
+
msgid "Sanitise <code>REQUEST</code> variable"
|
5224 |
+
msgstr "Nettoyer la variable <code>REQUEST</code>"
|
5225 |
+
|
5226 |
+
#: ninjafirewall.php:1813
|
5227 |
+
msgid "Scan cookies"
|
5228 |
+
msgstr "Filtrer les cookies"
|
5229 |
+
|
5230 |
+
#: ninjafirewall.php:1823
|
5231 |
+
msgid "Sanitise cookies"
|
5232 |
+
msgstr "Nettoyer les cookies"
|
5233 |
+
|
5234 |
+
#: ninjafirewall.php:1858
|
5235 |
+
msgid "Scan <code>HTTP_USER_AGENT</code>"
|
5236 |
+
msgstr "Filtrer <code>HTTP_USER_AGENT</code>"
|
5237 |
+
|
5238 |
+
#: ninjafirewall.php:1868
|
5239 |
+
msgid "Sanitise <code>HTTP_USER_AGENT</code>"
|
5240 |
+
msgstr "Nettoyer <code>HTTP_USER_AGENT</code>"
|
5241 |
+
|
5242 |
+
#: ninjafirewall.php:1878
|
5243 |
+
msgid "Block suspicious bots/scanners"
|
5244 |
+
msgstr "Bloquer les requêtes provenant de bots/scanners suspects"
|
5245 |
+
|
5246 |
+
#: ninjafirewall.php:1911
|
5247 |
+
msgid "Scan <code>HTTP_REFERER</code>"
|
5248 |
+
msgstr "Filtrer <code>HTTP_REFERER</code>"
|
5249 |
+
|
5250 |
+
#: ninjafirewall.php:1921
|
5251 |
+
msgid "Sanitise <code>HTTP_REFERER</code>"
|
5252 |
+
msgstr "Nettoyer <code>HTTP_REFERER</code>"
|
5253 |
+
|
5254 |
+
#: ninjafirewall.php:1931
|
5255 |
+
msgid ""
|
5256 |
+
"Block <code>POST</code> requests that do not have an <code>HTTP_REFERER</"
|
5257 |
+
"code> header"
|
5258 |
+
msgstr ""
|
5259 |
+
"Bloquer les requêtes <code>POST</code> qui n'ont pas d'en-tête "
|
5260 |
+
"<code>HTTP_REFERER</code>"
|
5261 |
+
|
5262 |
+
#: ninjafirewall.php:1937
|
5263 |
+
msgid ""
|
5264 |
+
"Keep this option disabled if you are using scripts like Paypal IPN, "
|
5265 |
+
"WordPress WP-Cron etc"
|
5266 |
+
msgstr ""
|
5267 |
+
"N'activez pas cette option si vous utilisez des scripts comme Paypal IPN, "
|
5268 |
+
"WordPress WP-Cron etc"
|
5269 |
+
|
5270 |
+
#: ninjafirewall.php:1964
|
5271 |
+
msgid "Block localhost IP in <code>GET/POST</code> request"
|
5272 |
+
msgstr "Bloquer les requêtes <code>GET/POST</code> contenant l'IP localhost"
|
5273 |
+
|
5274 |
+
#: ninjafirewall.php:1974
|
5275 |
+
msgid "Block HTTP requests with an IP in the <code>HTTP_HOST</code> header"
|
5276 |
+
msgstr ""
|
5277 |
+
"Bloquer les requêtes HTTP dont l'en-tête <code>HTTP_HOST</code> contient une "
|
5278 |
+
"IP"
|
5279 |
+
|
5280 |
+
#: ninjafirewall.php:1984
|
5281 |
+
msgid "Scan traffic coming from localhost and private IP address spaces"
|
5282 |
+
msgstr "Filtrer les connexions provenant de localhost et d'adresses IP privées"
|
5283 |
+
|
5284 |
+
#: ninjafirewall.php:2006
|
5285 |
+
#, php-format
|
5286 |
+
msgid ""
|
5287 |
+
"This option is disabled because the %s PHP function is not available on your "
|
5288 |
+
"server."
|
5289 |
+
msgstr ""
|
5290 |
+
"Cette option n'est pas disponible parce que la fonction PHP %s n'est pas "
|
5291 |
+
"présente sur votre serveur."
|
5292 |
+
|
5293 |
+
#: ninjafirewall.php:2024
|
5294 |
+
#, php-format
|
5295 |
+
msgid "Set %s to protect against MIME type confusion attacks"
|
5296 |
+
msgstr ""
|
5297 |
+
"Activer %s pour protéger contre les attaques basées sur la confusion du type "
|
5298 |
+
"MIME"
|
5299 |
+
|
5300 |
+
#: ninjafirewall.php:2034
|
5301 |
+
#, php-format
|
5302 |
+
msgid "Set %s to protect against clickjacking attempts"
|
5303 |
+
msgstr ""
|
5304 |
+
"Activer %s pour protéger contre les attaques de détournement de clic "
|
5305 |
+
"(clickjacking)"
|
5306 |
+
|
5307 |
+
#: ninjafirewall.php:2043
|
5308 |
+
#, php-format
|
5309 |
+
msgid "Enforce %s (IE, Chrome and Safari browsers)"
|
5310 |
+
msgstr "Forcer %s (IE, Chrome et Safari)"
|
5311 |
+
|
5312 |
+
#: ninjafirewall.php:2053
|
5313 |
+
#, php-format
|
5314 |
+
msgid "Force %s flag on all cookies to mitigate XSS attacks"
|
5315 |
+
msgstr ""
|
5316 |
+
"Activer la propriété %s pour tous les cookies afin d'atténuer les menaces "
|
5317 |
+
"XSS qui génèrent des vols de cookies"
|
5318 |
+
|
5319 |
+
#: ninjafirewall.php:2059
|
5320 |
+
msgid ""
|
5321 |
+
"If your PHP scripts use cookies that need to be accessed from JavaScript, "
|
5322 |
+
"you should disable this option."
|
5323 |
+
msgstr ""
|
5324 |
+
"Si vos scripts PHP envoient des cookies qui doivent être accessibles à "
|
5325 |
+
"partir de JavaScript, vous devez garder cette option désactivée."
|
5326 |
+
|
5327 |
+
#: ninjafirewall.php:2065
|
5328 |
+
msgid ""
|
5329 |
+
"HSTS headers can only be set when you are accessing your site over HTTPS."
|
5330 |
+
msgstr ""
|
5331 |
+
"Les en-têtes HSTS ne peuvent être utilisés que lorsque vous vous connectez à "
|
5332 |
+
"votre site en HTTPS (connexion sécurisée)."
|
5333 |
+
|
5334 |
+
#: ninjafirewall.php:2072
|
5335 |
+
#, php-format
|
5336 |
+
msgid "Set %s (HSTS) to enforce secure connections to the server"
|
5337 |
+
msgstr ""
|
5338 |
+
"Activer %s (HSTS) pour forcer les connexions sécurisées vers le serveur"
|
5339 |
+
|
5340 |
+
#: ninjafirewall.php:2075
|
5341 |
+
msgid "1 month"
|
5342 |
+
msgstr "1 mois"
|
5343 |
+
|
5344 |
+
#: ninjafirewall.php:2076
|
5345 |
+
msgid "6 months"
|
5346 |
+
msgstr "6 mois"
|
5347 |
+
|
5348 |
+
#: ninjafirewall.php:2077
|
5349 |
+
msgid "1 year"
|
5350 |
+
msgstr "1 année"
|
5351 |
+
|
5352 |
+
#: ninjafirewall.php:2079
|
5353 |
+
msgid "Apply to subdomains"
|
5354 |
+
msgstr "Appliquer aux sous-domaines"
|
5355 |
+
|
5356 |
+
#: ninjafirewall.php:2083
|
5357 |
+
msgid "Set <code>max-age</code> to 0"
|
5358 |
+
msgstr "Régler <code>max-age</code> à 0"
|
5359 |
+
|
5360 |
+
#: ninjafirewall.php:2103
|
5361 |
+
#, php-format
|
5362 |
+
msgid "Set %s for the website frontend"
|
5363 |
+
msgstr "Activer %s pour le site"
|
5364 |
+
|
5365 |
+
#: ninjafirewall.php:2111
|
5366 |
+
msgid "This CSP header will apply to the website frontend only."
|
5367 |
+
msgstr "Cet en-tête CSP ne s'appliquera qu'au site."
|
5368 |
+
|
5369 |
+
#: ninjafirewall.php:2117
|
5370 |
+
#, php-format
|
5371 |
+
msgid "Set %s for the WordPress admin dashboard"
|
5372 |
+
msgstr "Activer %s pour la console d'administration de WordPress"
|
5373 |
+
|
5374 |
+
#: ninjafirewall.php:2125
|
5375 |
+
msgid "This CSP header will apply to the WordPress admin dashboard only."
|
5376 |
+
msgstr ""
|
5377 |
+
"Cet en-tête CSP ne s'appliquera qu'à la console d'administration de "
|
5378 |
+
"WordPress."
|
5379 |
+
|
5380 |
+
#: ninjafirewall.php:2165
|
5381 |
+
msgid ""
|
5382 |
+
"Block PHP built-in wrappers in <code>GET</code>, <code>POST</code>, "
|
5383 |
+
"<code>HTTP_USER_AGENT</code>, <code>HTTP_REFERER</code> and cookies"
|
5384 |
+
msgstr ""
|
5385 |
+
"Bloquer les gestionnaires PHP dangereux (wrappers) dans les variables "
|
5386 |
+
"<code>GET</code>, <code>POST</code>, <code>HTTP_USER_AGENT</code>, "
|
5387 |
+
"<code>HTTP_REFERER</code> et les cookies"
|
5388 |
+
|
5389 |
+
#: ninjafirewall.php:2208
|
5390 |
+
msgid "Block serialized PHP objects in the following global variables"
|
5391 |
+
msgstr ""
|
5392 |
+
"Bloquer les objets PHP sérialisés dans les variables globales suivantes"
|
5393 |
+
|
5394 |
+
#: ninjafirewall.php:2221
|
5395 |
+
msgid "Hide PHP notice and error messages"
|
5396 |
+
msgstr "Masquer les messages d'erreur de PHP"
|
5397 |
+
|
5398 |
+
#: ninjafirewall.php:2231
|
5399 |
+
msgid "Sanitise <code>PHP_SELF</code>"
|
5400 |
+
msgstr "Nettoyer <code>PHP_SELF</code>"
|
5401 |
+
|
5402 |
+
#: ninjafirewall.php:2241
|
5403 |
+
msgid "Sanitise <code>PATH_TRANSLATED</code>"
|
5404 |
+
msgstr "Nettoyer <code>PATH_TRANSLATED</code>"
|
5405 |
+
|
5406 |
+
#: ninjafirewall.php:2251
|
5407 |
+
msgid "Sanitise <code>PATH_INFO</code>"
|
5408 |
+
msgstr "Nettoyer <code>PATH_INFO</code>"
|
5409 |
+
|
5410 |
+
#: ninjafirewall.php:2271
|
5411 |
+
msgid "This option is not compatible with your actual configuration."
|
5412 |
+
msgstr ""
|
5413 |
+
"Cette option n'est pas compatible avec la configuration de votre serveur."
|
5414 |
+
|
5415 |
+
#: ninjafirewall.php:2298
|
5416 |
+
msgid "Block the <code>DOCUMENT_ROOT</code> server variable in HTTP request"
|
5417 |
+
msgstr ""
|
5418 |
+
"Bloquer les requêtes HTTP contenant la variable <code>DOCUMENT_ROOT</code>"
|
5419 |
+
|
5420 |
+
#: ninjafirewall.php:2308
|
5421 |
+
msgid "Block ASCII character 0x00 (NULL byte)"
|
5422 |
+
msgstr "Bloquer le caractère ASCII 0x00 (NULL byte)"
|
5423 |
+
|
5424 |
+
#: ninjafirewall.php:2318
|
5425 |
+
msgid "Block ASCII control characters 1 to 8 and 14 to 31"
|
5426 |
+
msgstr "Bloquer les caractères de contrôle ASCII 1 à 8 et 14 à 31"
|
5427 |
+
|
5428 |
+
#: ninjafirewall.php:2334
|
5429 |
+
msgid "Save Firewall Policies"
|
5430 |
+
msgstr "Sauvegarder les options"
|
5431 |
+
|
5432 |
+
#: ninjafirewall.php:2336
|
5433 |
+
msgid "Restore Default Values"
|
5434 |
+
msgstr "Rétablir les valeurs par défaut"
|
5435 |
+
|
5436 |
+
#: ninjafirewall.php:2829 ninjafirewall.php:2835
|
5437 |
+
msgid "Please enter a number from 1 to 99."
|
5438 |
+
msgstr "Veuillez entrer un nombre de 1 à 99."
|
5439 |
+
|
5440 |
+
#: ninjafirewall.php:2848
|
5441 |
+
#, php-format
|
5442 |
+
msgid ""
|
5443 |
+
"You are running NinjaFirewall in <i>WordPress WAF</i> mode. The %s feature "
|
5444 |
+
"will be limited to a few WordPress files only (e.g., index.php, wp-login."
|
5445 |
+
"php, xmlrpc.php, admin-ajax.php, wp-load.php etc). If you want it to apply "
|
5446 |
+
"to any PHP script, you will need to run NinjaFirewall in %s mode."
|
5447 |
+
msgstr ""
|
5448 |
+
"NinjaFirewall fonctionne en mode <i>WordPress WAF</i>. L'option %s sera "
|
5449 |
+
"limitée à quelques fichiers de WordPress uniquement (par ex. index.php, wp-"
|
5450 |
+
"login.php, xmlrpc.php, admin-ajax.php, wp-load.php etc). Si vous voulez que "
|
5451 |
+
"cette option s'applique à tous les fichiers PHP, vous devez installer "
|
5452 |
+
"NinjaFirewall en mode %s."
|
5453 |
+
|
5454 |
+
#: ninjafirewall.php:2854
|
5455 |
+
#, php-format
|
5456 |
+
msgid ""
|
5457 |
+
"The cache directory %s is not writable. Please change its permissions (0777 "
|
5458 |
+
"or equivalent)."
|
5459 |
+
msgstr ""
|
5460 |
+
"Impossible d'écrire dans le répertoire du cache %s. Assurez-vous que ce "
|
5461 |
+
"répertoire n'est pas en lecture seule."
|
5462 |
+
|
5463 |
+
#: ninjafirewall.php:2886
|
5464 |
+
msgid "Enable File Guard"
|
5465 |
+
msgstr "Activer File Guard"
|
5466 |
+
|
5467 |
+
#: ninjafirewall.php:2888
|
5468 |
+
msgid "Yes (recommended)"
|
5469 |
+
msgstr "Oui (recommandé)"
|
5470 |
+
|
5471 |
+
#: ninjafirewall.php:2901
|
5472 |
+
msgid "Real-time detection"
|
5473 |
+
msgstr "Détection en temps réel"
|
5474 |
+
|
5475 |
+
#: ninjafirewall.php:2904
|
5476 |
+
#, php-format
|
5477 |
+
msgid ""
|
5478 |
+
"Monitor file activity and send an alert when someone is accessing a PHP "
|
5479 |
+
"script that was modified or created less than %s hour(s) ago."
|
5480 |
+
msgstr ""
|
5481 |
+
"Surveiller et alerter par e-mail lorsqu'un visiteur accède à un script PHP "
|
5482 |
+
"qui a été modifié ou créé il y a moins de %s heure(s)."
|
5483 |
+
|
5484 |
+
#: ninjafirewall.php:2910
|
5485 |
+
msgid "or"
|
5486 |
+
msgstr "ou"
|
5487 |
+
|
5488 |
+
#: ninjafirewall.php:2910
|
5489 |
+
msgid ""
|
5490 |
+
"Full or partial case-sensitive string(s), max. 255 characters. Multiple "
|
5491 |
+
"values must be comma-separated"
|
5492 |
+
msgstr ""
|
5493 |
+
"Chaîne de caractères complète ou partielle, sensible à la casse, 255 "
|
5494 |
+
"caractères maximum. Plusieurs valeurs doivent être séparées par des virgules"
|
5495 |
+
|
5496 |
+
#: ninjafirewall.php:2915
|
5497 |
+
msgid "Save File Guard options"
|
5498 |
+
msgstr "Sauvegarder les options"
|
5499 |
+
|
5500 |
+
#: ninjafirewall.php:2966 ninjafirewall.php:3518
|
5501 |
+
#, php-format
|
5502 |
+
msgid "You are not allowed to perform this task (%s)."
|
5503 |
+
msgstr "Vous n'êtes pas autorisé à effectuer cette tâche (%s)."
|
5504 |
+
|
5505 |
+
#: ninjafirewall.php:2977
|
5506 |
+
msgid "You do not have a multisite network."
|
5507 |
+
msgstr "Vous ne disposez pas d'un réseau multisite."
|
5508 |
+
|
5509 |
+
#: ninjafirewall.php:3001
|
5510 |
+
msgid "NinjaFirewall Status"
|
5511 |
+
msgstr "Statut de NinjaFirewall"
|
5512 |
+
|
5513 |
+
#: ninjafirewall.php:3004
|
5514 |
+
msgid ""
|
5515 |
+
"Display NinjaFirewall status icon in the admin bar of all sites in the "
|
5516 |
+
"network"
|
5517 |
+
msgstr ""
|
5518 |
+
"Afficher l'icône du statut de NinjaFirewall dans la barre d'administration "
|
5519 |
+
"de tous les sites du réseau"
|
5520 |
+
|
5521 |
+
#: ninjafirewall.php:3012
|
5522 |
+
msgid "Save Network options"
|
5523 |
+
msgstr "Sauvegarder les options"
|
5524 |
+
|
5525 |
+
#: ninjafirewall.php:3202
|
5526 |
+
msgid "Error: you did not select a rule to disable."
|
5527 |
+
msgstr "Erreur : vous devez sélectionner la règle à désactiver."
|
5528 |
+
|
5529 |
+
#: ninjafirewall.php:3204 ninjafirewall.php:3219
|
5530 |
+
msgid "Error: to change this rule, use the \"Firewall Policies\" menu."
|
5531 |
+
msgstr ""
|
5532 |
+
"Erreur : pour modifier cette règle, utilisez le menu \"Politiques du Pare-feu"
|
5533 |
+
"\"."
|
5534 |
+
|
5535 |
+
#: ninjafirewall.php:3206 ninjafirewall.php:3221
|
5536 |
+
msgid "Error: this rule does not exist."
|
5537 |
+
msgstr "Erreur : cette règle n'existe pas."
|
5538 |
+
|
5539 |
+
#: ninjafirewall.php:3210
|
5540 |
+
#, php-format
|
5541 |
+
msgid "Rule ID %s has been disabled."
|
5542 |
+
msgstr "La règle %s a été désactivée."
|
5543 |
+
|
5544 |
+
#: ninjafirewall.php:3217
|
5545 |
+
msgid "Error: you did not select a rule to enable."
|
5546 |
+
msgstr "Erreur : vous devez sélectionner la règle à activer."
|
5547 |
+
|
5548 |
+
#: ninjafirewall.php:3225
|
5549 |
+
#, php-format
|
5550 |
+
msgid "Rule ID %s has been enabled."
|
5551 |
+
msgstr "La règle %s a été activée."
|
5552 |
+
|
5553 |
+
#: ninjafirewall.php:3235
|
5554 |
+
msgid "Error: no rules found."
|
5555 |
+
msgstr "Erreur : aucune règle de sécurité trouvée."
|
5556 |
+
|
5557 |
+
#: ninjafirewall.php:3250
|
5558 |
+
msgid "NinjaFirewall built-in security rules"
|
5559 |
+
msgstr "Éditeur de règles du pare-feu"
|
5560 |
+
|
5561 |
+
#: ninjafirewall.php:3253
|
5562 |
+
msgid "Select the rule you want to disable or enable"
|
5563 |
+
msgstr "Sélectionnez la règle à activer ou désactiver"
|
5564 |
+
|
5565 |
+
#: ninjafirewall.php:3257
|
5566 |
+
msgid "Total rules enabled"
|
5567 |
+
msgstr "Règles activées"
|
5568 |
+
|
5569 |
+
#: ninjafirewall.php:3265 ninjafirewall.php:3284 ninjafirewall.php:3299
|
5570 |
+
#: ninjafirewall.php:3318
|
5571 |
+
msgid "Rule ID"
|
5572 |
+
msgstr "Règle"
|
5573 |
+
|
5574 |
+
#: ninjafirewall.php:3265 ninjafirewall.php:3299
|
5575 |
+
msgid "Firewall policy"
|
5576 |
+
msgstr "Politique du pare-feu"
|
5577 |
+
|
5578 |
+
# Todo ?
|
5579 |
+
#: ninjafirewall.php:3268 ninjafirewall.php:3302
|
5580 |
+
msgid "Remote/local file inclusion"
|
5581 |
+
msgstr "Remote/local file inclusion"
|
5582 |
+
|
5583 |
+
# Todo ?
|
5584 |
+
#: ninjafirewall.php:3270 ninjafirewall.php:3304
|
5585 |
+
msgid "Cross-site scripting"
|
5586 |
+
msgstr "Cross-site scripting"
|
5587 |
+
|
5588 |
+
# Todo ?
|
5589 |
+
#: ninjafirewall.php:3272 ninjafirewall.php:3306
|
5590 |
+
msgid "Code injection"
|
5591 |
+
msgstr "Code injection"
|
5592 |
+
|
5593 |
+
# Todo ?
|
5594 |
+
#: ninjafirewall.php:3274 ninjafirewall.php:3308
|
5595 |
+
msgid "SQL injection"
|
5596 |
+
msgstr "SQL injection"
|
5597 |
+
|
5598 |
+
#: ninjafirewall.php:3276 ninjafirewall.php:3310
|
5599 |
+
msgid "Various vulnerability"
|
5600 |
+
msgstr "Vulnérabilité (divers)"
|
5601 |
+
|
5602 |
+
# Todo ?
|
5603 |
+
#: ninjafirewall.php:3278 ninjafirewall.php:3312
|
5604 |
+
msgid "Backdoor/shell"
|
5605 |
+
msgstr "Backdoor/shell"
|
5606 |
+
|
5607 |
+
#: ninjafirewall.php:3280 ninjafirewall.php:3314
|
5608 |
+
msgid "Application specific"
|
5609 |
+
msgstr "Application spécifique"
|
5610 |
+
|
5611 |
+
#: ninjafirewall.php:3282 ninjafirewall.php:3316
|
5612 |
+
msgid "WordPress vulnerability"
|
5613 |
+
msgstr "Vulnérabilité WordPress"
|
5614 |
+
|
5615 |
+
#: ninjafirewall.php:3288
|
5616 |
+
msgid "Disable it"
|
5617 |
+
msgstr "Désactiver"
|
5618 |
+
|
5619 |
+
#: ninjafirewall.php:3293
|
5620 |
+
msgid "Total rules disabled"
|
5621 |
+
msgstr "Règles désactivées"
|
5622 |
+
|
5623 |
+
#: ninjafirewall.php:3323
|
5624 |
+
msgid "Enable it"
|
5625 |
+
msgstr "Activer"
|
5626 |
+
|
5627 |
+
#: ninjafirewall.php:3325
|
5628 |
+
#, php-format
|
5629 |
+
msgid ""
|
5630 |
+
"Greyed out rules can be changed in the <a href=\"%s\">Firewall Policies</a> "
|
5631 |
+
"page."
|
5632 |
+
msgstr ""
|
5633 |
+
"Les règles grisées ne peuvent être modifiées que dans la page <a href=\"%s"
|
5634 |
+
"\">Politiques du Pare-feu</a>."
|
5635 |
+
|
5636 |
+
#: ninjafirewall.php:3368
|
5637 |
+
msgid "Settings"
|
5638 |
+
msgstr "Réglages"
|
5639 |
+
|
5640 |
+
#: ninjafirewall.php:3369
|
5641 |
+
msgid "Upgrade to Premium"
|
5642 |
+
msgstr "Passez Premium !"
|
5643 |
+
|
5644 |
+
#: ninjafirewall.php:3370
|
5645 |
+
msgid "Rate it!"
|
5646 |
+
msgstr "Notez-le !"
|
5647 |
+
|
5648 |
+
#: ninjafirewall.php:3431
|
5649 |
+
msgid "Plugin"
|
5650 |
+
msgstr "Extension"
|
5651 |
+
|
5652 |
+
#: ninjafirewall.php:3431 ninjafirewall.php:3435
|
5653 |
+
msgid "uploaded"
|
5654 |
+
msgstr "téléchargé(e)"
|
5655 |
+
|
5656 |
+
#: ninjafirewall.php:3431 ninjafirewall.php:3435
|
5657 |
+
msgid "installed"
|
5658 |
+
msgstr "installé(e)"
|
5659 |
+
|
5660 |
+
#: ninjafirewall.php:3431 ninjafirewall.php:3435
|
5661 |
+
msgid "activated"
|
5662 |
+
msgstr "activé(e)"
|
5663 |
+
|
5664 |
+
#: ninjafirewall.php:3432
|
5665 |
+
msgid "updated"
|
5666 |
+
msgstr "mis(e) à jour"
|
5667 |
+
|
5668 |
+
#: ninjafirewall.php:3432
|
5669 |
+
msgid "deactivated"
|
5670 |
+
msgstr "désactivé(e)"
|
5671 |
+
|
5672 |
+
#: ninjafirewall.php:3432 ninjafirewall.php:3436
|
5673 |
+
msgid "deleted"
|
5674 |
+
msgstr "supprimé(e)"
|
5675 |
+
|
5676 |
+
#: ninjafirewall.php:3432 ninjafirewall.php:3436
|
5677 |
+
msgid "Name"
|
5678 |
+
msgstr "Nom"
|
5679 |
+
|
5680 |
+
#: ninjafirewall.php:3435
|
5681 |
+
msgid "Theme"
|
5682 |
+
msgstr "Thème"
|
5683 |
+
|
5684 |
+
#: ninjafirewall.php:3439
|
5685 |
+
msgid "upgraded"
|
5686 |
+
msgstr "mis(e) à jour"
|
5687 |
+
|
5688 |
+
#: ninjafirewall.php:3447
|
5689 |
+
msgid "[NinjaFirewall] Alert:"
|
5690 |
+
msgstr "[NinjaFirewall] Alerte :"
|
5691 |
+
|
5692 |
+
#: ninjafirewall.php:3453
|
5693 |
+
msgid "NinjaFirewall has detected the following activity on your account:"
|
5694 |
+
msgstr "NinjaFirewall a détecté l'activité suivante sur votre compte :"
|
5695 |
+
|
languages/ninjafirewall.pot
ADDED
@@ -0,0 +1,4731 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
msgid ""
|
2 |
+
msgstr ""
|
3 |
+
"Project-Id-Version: Stable (latest release)\n"
|
4 |
+
"POT-Creation-Date: 2017-12-08 15:16+0700\n"
|
5 |
+
"PO-Revision-Date: 2017-12-08 15:16+0700\n"
|
6 |
+
"Last-Translator: NinTechNet <contact@nintechnet.com>\n"
|
7 |
+
"Language-Team: \n"
|
8 |
+
"Language: fr_FR\n"
|
9 |
+
"MIME-Version: 1.0\n"
|
10 |
+
"Content-Type: text/plain; charset=UTF-8\n"
|
11 |
+
"Content-Transfer-Encoding: 8bit\n"
|
12 |
+
"X-Generator: Poedit 1.6.10\n"
|
13 |
+
"X-Poedit-Basepath: ../\n"
|
14 |
+
"Plural-Forms: nplurals=2; plural=(n > 1);\n"
|
15 |
+
"X-Poedit-SourceCharset: UTF-8\n"
|
16 |
+
"X-Poedit-KeywordsList: __;_e;_n:1,2;_x:1,2c;_ex:1,2c;esc_attr_e\n"
|
17 |
+
"X-Poedit-SearchPath-0: .\n"
|
18 |
+
"X-Poedit-SearchPathExcluded-0: /languages\n"
|
19 |
+
|
20 |
+
#: install.php:129
|
21 |
+
#, php-format
|
22 |
+
msgid ""
|
23 |
+
"Error: You have a copy of NinjaFirewall (%s) installed.<br />Please "
|
24 |
+
"uninstall it completely before attempting to install NinjaFirewall (WP "
|
25 |
+
"Edition)."
|
26 |
+
msgstr ""
|
27 |
+
|
28 |
+
#: install.php:133
|
29 |
+
msgid "Thank you for using NinjaFirewall"
|
30 |
+
msgstr ""
|
31 |
+
|
32 |
+
#: install.php:133
|
33 |
+
msgid ""
|
34 |
+
"This installer will help you to make the setup process as quick and easy as "
|
35 |
+
"possible."
|
36 |
+
msgstr ""
|
37 |
+
|
38 |
+
#: install.php:135
|
39 |
+
msgid ""
|
40 |
+
"Although NinjaFirewall looks like a regular security plugin, it is not. It "
|
41 |
+
"can be installed and configured from the WordPress admin console, but it is "
|
42 |
+
"a stand-alone Web Application Firewall that sits in front of WordPress."
|
43 |
+
msgstr ""
|
44 |
+
|
45 |
+
#: install.php:135
|
46 |
+
msgid ""
|
47 |
+
"It can run in two different modes: <b>Full WAF</b> or <b>WordPress WAF</b> "
|
48 |
+
"modes."
|
49 |
+
msgstr ""
|
50 |
+
|
51 |
+
#: install.php:137
|
52 |
+
msgid "Full WAF mode"
|
53 |
+
msgstr ""
|
54 |
+
|
55 |
+
#: install.php:139
|
56 |
+
msgid ""
|
57 |
+
"In <b>Full WAF</b> mode, NinjaFirewall will hook, scan, reject or sanitise "
|
58 |
+
"any HTTP and HTTPS request sent to a PHP script before it reaches WordPress, "
|
59 |
+
"its plugins or even the database. All scripts located inside the blog "
|
60 |
+
"installation directories and sub-directories will be protected, including "
|
61 |
+
"those that aren't part of the WordPress package. Even encoded PHP scripts (e."
|
62 |
+
"g., ionCube), potential backdoors and shell scripts (e.g., c99, r57) will be "
|
63 |
+
"filtered by NinjaFirewall."
|
64 |
+
msgstr ""
|
65 |
+
|
66 |
+
#: install.php:141
|
67 |
+
#, php-format
|
68 |
+
msgid ""
|
69 |
+
"That makes it a true firewall and gives you the highest possible level of "
|
70 |
+
"protection: <a href=\"%s\" title=\"%s\">security without compromise</a>."
|
71 |
+
msgstr ""
|
72 |
+
|
73 |
+
#: install.php:143
|
74 |
+
#, php-format
|
75 |
+
msgid ""
|
76 |
+
"To run NinjaFirewall in <b>Full WAF</b> mode, your server must allow the use "
|
77 |
+
"of the <code>auto_prepend_file</code> PHP directive. It is required to "
|
78 |
+
"instruct the PHP interpreter to load the firewall before WordPress or any "
|
79 |
+
"other script. Most of the time it works right out of the box, or may require "
|
80 |
+
"<a href=\"%s\" title=\"%s\">some very little tweaks</a>. But in a few cases, "
|
81 |
+
"mostly because of some shared hosting plans restrictions, it may simply not "
|
82 |
+
"work at all."
|
83 |
+
msgstr ""
|
84 |
+
|
85 |
+
#: install.php:145 install.php:162
|
86 |
+
msgid "WordPress WAF mode"
|
87 |
+
msgstr ""
|
88 |
+
|
89 |
+
#: install.php:147
|
90 |
+
msgid ""
|
91 |
+
"The <b>WordPress WAF</b> mode requires to load NinjaFirewall via the "
|
92 |
+
"WordPress wp-config.php script. This process makes it easy to setup and the "
|
93 |
+
"installation will always be successful, regardless of your hosting plan "
|
94 |
+
"restrictions."
|
95 |
+
msgstr ""
|
96 |
+
|
97 |
+
#: install.php:147
|
98 |
+
msgid ""
|
99 |
+
"NinjaFirewall will still load before WordPress, its plugins and the database "
|
100 |
+
"and will run as fast as the <b>Full WAF</b> mode."
|
101 |
+
msgstr ""
|
102 |
+
|
103 |
+
#: install.php:149
|
104 |
+
msgid ""
|
105 |
+
"However, the downside of this mode is that NinjaFirewall will be able to "
|
106 |
+
"hook and filter HTTP requests sent to WordPress only. A few features such as "
|
107 |
+
"File Guard, the URL Access Control and Web Filter (WP+ Edition only) will be "
|
108 |
+
"limited."
|
109 |
+
msgstr ""
|
110 |
+
|
111 |
+
#: install.php:151
|
112 |
+
msgid ""
|
113 |
+
"Despite being less powerful than the <b>Full WAF</b> mode, it still offers a "
|
114 |
+
"level of protection and performance higher than any other security plugin."
|
115 |
+
msgstr ""
|
116 |
+
|
117 |
+
#: install.php:154 ninjafirewall.php:786
|
118 |
+
msgid "Installation"
|
119 |
+
msgstr ""
|
120 |
+
|
121 |
+
#: install.php:156
|
122 |
+
msgid ""
|
123 |
+
"We recommend to select the <b>Full WAF</b> mode option first. If it fails, "
|
124 |
+
"this installer will let you switch to the <b>WordPress WAF</b> mode easily."
|
125 |
+
msgstr ""
|
126 |
+
|
127 |
+
#: install.php:160
|
128 |
+
msgid "Full WAF mode (recommended)"
|
129 |
+
msgstr ""
|
130 |
+
|
131 |
+
#: install.php:164 lib/install_fullwaf.php:46 lib/install_fullwaf.php:237
|
132 |
+
#: lib/install_fullwaf.php:492 lib/install_wpwaf.php:141
|
133 |
+
msgid "Next Step"
|
134 |
+
msgstr ""
|
135 |
+
|
136 |
+
#: install.php:180
|
137 |
+
#, php-format
|
138 |
+
msgid ""
|
139 |
+
"NinjaFirewall cannot create its <code>nfwlog/</code>log and cache folder; "
|
140 |
+
"please make sure that the <code>%s</code> directory is writable"
|
141 |
+
msgstr ""
|
142 |
+
|
143 |
+
#: install.php:214
|
144 |
+
msgid ""
|
145 |
+
"This is NinjaFirewall's logs, loader and cache directory. DO NOT alter or "
|
146 |
+
"remove it as long as NinjaFirewall is running!"
|
147 |
+
msgstr ""
|
148 |
+
|
149 |
+
#: install.php:241 ninjafirewall.php:947
|
150 |
+
msgid "NinjaFirewall (WP Edition)"
|
151 |
+
msgstr ""
|
152 |
+
|
153 |
+
#: install.php:248
|
154 |
+
msgid "Try again"
|
155 |
+
msgstr ""
|
156 |
+
|
157 |
+
#: install.php:261
|
158 |
+
msgid "Quick Start, FAQ & Troubleshooting Guide"
|
159 |
+
msgstr ""
|
160 |
+
|
161 |
+
#: install.php:262
|
162 |
+
msgid "Hi,"
|
163 |
+
msgstr ""
|
164 |
+
|
165 |
+
#: install.php:264
|
166 |
+
msgid ""
|
167 |
+
"This is NinjaFirewall's installer. Below are some helpful info and links you "
|
168 |
+
"may consider reading before using NinjaFirewall."
|
169 |
+
msgstr ""
|
170 |
+
|
171 |
+
#: install.php:266
|
172 |
+
msgid "Troubleshooting:"
|
173 |
+
msgstr ""
|
174 |
+
|
175 |
+
#: install.php:269
|
176 |
+
msgid "-Locked out of your site / Fatal error / WordPress crash?"
|
177 |
+
msgstr ""
|
178 |
+
|
179 |
+
#: install.php:270
|
180 |
+
msgid "-Failed installation (\"Error: The firewall is not loaded\")?"
|
181 |
+
msgstr ""
|
182 |
+
|
183 |
+
#: install.php:271
|
184 |
+
msgid "-Blank page after INSTALLING NinjaFirewall?"
|
185 |
+
msgstr ""
|
186 |
+
|
187 |
+
#: install.php:272
|
188 |
+
msgid "-Blank page after UNINSTALLING NinjaFirewall?"
|
189 |
+
msgstr ""
|
190 |
+
|
191 |
+
#: install.php:273
|
192 |
+
msgid "-500 Internal Server Error?"
|
193 |
+
msgstr ""
|
194 |
+
|
195 |
+
#: install.php:274
|
196 |
+
msgid "-\"Cannot connect to WordPress database\" error message?"
|
197 |
+
msgstr ""
|
198 |
+
|
199 |
+
#: install.php:275
|
200 |
+
msgid "-How to disable NinjaFirewall?"
|
201 |
+
msgstr ""
|
202 |
+
|
203 |
+
#: install.php:276
|
204 |
+
msgid "-Lost password (brute-force protection)?"
|
205 |
+
msgstr ""
|
206 |
+
|
207 |
+
#: install.php:277
|
208 |
+
msgid "-Blocked visitors (see below)?"
|
209 |
+
msgstr ""
|
210 |
+
|
211 |
+
#: install.php:278
|
212 |
+
msgid "-Exporting NinjaFirewall's configuration"
|
213 |
+
msgstr ""
|
214 |
+
|
215 |
+
#: install.php:280
|
216 |
+
msgid "-NinjaFirewall (WP Edition) troubleshooter script"
|
217 |
+
msgstr ""
|
218 |
+
|
219 |
+
#: install.php:282
|
220 |
+
msgid "-Rename this file to \"wp-check.php\"."
|
221 |
+
msgstr ""
|
222 |
+
|
223 |
+
#: install.php:283
|
224 |
+
msgid "-Upload it into your WordPress root folder."
|
225 |
+
msgstr ""
|
226 |
+
|
227 |
+
#: install.php:284
|
228 |
+
msgid "-Goto http://YOUR WEBSITE/wp-check.php."
|
229 |
+
msgstr ""
|
230 |
+
|
231 |
+
#: install.php:285
|
232 |
+
msgid "-Delete it afterwards."
|
233 |
+
msgstr ""
|
234 |
+
|
235 |
+
#: install.php:287
|
236 |
+
msgid "FAQ:"
|
237 |
+
msgstr ""
|
238 |
+
|
239 |
+
#: install.php:290
|
240 |
+
msgid ""
|
241 |
+
"-Why is NinjaFirewall different from other security plugins for WordPress?"
|
242 |
+
msgstr ""
|
243 |
+
|
244 |
+
#: install.php:291
|
245 |
+
msgid "-Do I need root privileges to install NinjaFirewall?"
|
246 |
+
msgstr ""
|
247 |
+
|
248 |
+
#: install.php:292
|
249 |
+
msgid "-Does it work with Nginx?"
|
250 |
+
msgstr ""
|
251 |
+
|
252 |
+
#: install.php:293
|
253 |
+
msgid "-Do I need to alter my PHP scripts?"
|
254 |
+
msgstr ""
|
255 |
+
|
256 |
+
#: install.php:294
|
257 |
+
msgid ""
|
258 |
+
"-Will NinjaFirewall detect the correct IP of my visitors if I am behind a "
|
259 |
+
"CDN service like Cloudflare or Incapsula?"
|
260 |
+
msgstr ""
|
261 |
+
|
262 |
+
#: install.php:295
|
263 |
+
msgid ""
|
264 |
+
"-I moved my wp-config.php file to another directory. Will it work with "
|
265 |
+
"NinjaFirewall?"
|
266 |
+
msgstr ""
|
267 |
+
|
268 |
+
#: install.php:296
|
269 |
+
msgid "-Will it slow down my site?"
|
270 |
+
msgstr ""
|
271 |
+
|
272 |
+
#: install.php:297
|
273 |
+
msgid "-Is there a Microsoft Windows version?"
|
274 |
+
msgstr ""
|
275 |
+
|
276 |
+
#: install.php:298
|
277 |
+
msgid "-Can I add/write my own security rules?"
|
278 |
+
msgstr ""
|
279 |
+
|
280 |
+
#: install.php:299
|
281 |
+
msgid "-Can I migrate my site(s) with NinjaFirewall installed?"
|
282 |
+
msgstr ""
|
283 |
+
|
284 |
+
#: install.php:301
|
285 |
+
msgid "Must Read:"
|
286 |
+
msgstr ""
|
287 |
+
|
288 |
+
#: install.php:303
|
289 |
+
msgid "-An introduction to NinjaFirewall filtering engine:"
|
290 |
+
msgstr ""
|
291 |
+
|
292 |
+
#: install.php:306
|
293 |
+
msgid "-Testing NinjaFirewall without blocking your visitors:"
|
294 |
+
msgstr ""
|
295 |
+
|
296 |
+
#: install.php:309
|
297 |
+
msgid "-Add your own code to the firewall: the \".htninja\" file:"
|
298 |
+
msgstr ""
|
299 |
+
|
300 |
+
#: install.php:312
|
301 |
+
msgid "-Restricting access to NinjaFirewall settings:"
|
302 |
+
msgstr ""
|
303 |
+
|
304 |
+
#: install.php:315
|
305 |
+
msgid "-Upgrading to PHP 7 with NinjaFirewall installed:"
|
306 |
+
msgstr ""
|
307 |
+
|
308 |
+
#: install.php:318
|
309 |
+
msgid "-Keep your blog protected against the latest vulnerabilities:"
|
310 |
+
msgstr ""
|
311 |
+
|
312 |
+
#: install.php:321
|
313 |
+
msgid "-NinjaFirewall Referral Program:"
|
314 |
+
msgstr ""
|
315 |
+
|
316 |
+
#: install.php:324
|
317 |
+
msgid "Help & Support Links:"
|
318 |
+
msgstr ""
|
319 |
+
|
320 |
+
#: install.php:326
|
321 |
+
msgid ""
|
322 |
+
"-Each page of NinjaFirewall includes a contextual help: click on the \"Help"
|
323 |
+
"\" menu tab located in the upper right corner of the corresponding page."
|
324 |
+
msgstr ""
|
325 |
+
|
326 |
+
#: install.php:327
|
327 |
+
msgid "-Online documentation is also available here:"
|
328 |
+
msgstr ""
|
329 |
+
|
330 |
+
#: install.php:328
|
331 |
+
msgid "-The WordPress support forum:"
|
332 |
+
msgstr ""
|
333 |
+
|
334 |
+
#: install.php:329
|
335 |
+
msgid "-Updates info are available via Twitter:"
|
336 |
+
msgstr ""
|
337 |
+
|
338 |
+
#: install.php:352
|
339 |
+
msgid "Error: The firewall is not loaded."
|
340 |
+
msgstr ""
|
341 |
+
|
342 |
+
#: install.php:353
|
343 |
+
msgid "Suggestions:"
|
344 |
+
msgstr ""
|
345 |
+
|
346 |
+
#: install.php:357
|
347 |
+
msgid ""
|
348 |
+
"You selected <code>Apache + PHP module</code> as your HTTP server and PHP "
|
349 |
+
"SAPI. Maybe your HTTP server is <code>Apache + CGI/FastCGI</code>?"
|
350 |
+
msgstr ""
|
351 |
+
|
352 |
+
#: install.php:359 install.php:387
|
353 |
+
msgid ""
|
354 |
+
"You can click the \"Go Back\" button and try to select another HTTP server "
|
355 |
+
"type."
|
356 |
+
msgstr ""
|
357 |
+
|
358 |
+
#: install.php:363
|
359 |
+
msgid ""
|
360 |
+
"You have selected LiteSpeed as your HTTP server. Did you enable the "
|
361 |
+
"\"AllowOverride\" directive from its admin panel? Make sure it is enabled, "
|
362 |
+
"restart LiteSpeed and then, click the \"Test Again\" button below."
|
363 |
+
msgstr ""
|
364 |
+
|
365 |
+
#: install.php:365 install.php:376
|
366 |
+
msgid "Test Again"
|
367 |
+
msgstr ""
|
368 |
+
|
369 |
+
#: install.php:374
|
370 |
+
msgid ""
|
371 |
+
"You have selected <code>.user.ini</code> as your PHP initialization file. "
|
372 |
+
"Unlike <code>php.ini</code>, <code>.user.ini</code> files are not reloaded "
|
373 |
+
"immediately by PHP, but every five minutes. If this is your own server, "
|
374 |
+
"restart Apache (or PHP-FPM if applicable) to force PHP to reload it, "
|
375 |
+
"otherwise please <strong>wait up to five minutes</strong> and then, click "
|
376 |
+
"the \"Test Again\" button below."
|
377 |
+
msgstr ""
|
378 |
+
|
379 |
+
#: install.php:385
|
380 |
+
msgid ""
|
381 |
+
"You selected <code>Apache + CGI/FastCGI</code> as your HTTP server and PHP "
|
382 |
+
"SAPI. Maybe your HTTP server is <code>Apache + PHP module</code>?"
|
383 |
+
msgstr ""
|
384 |
+
|
385 |
+
#: install.php:390
|
386 |
+
msgid "Maybe you did not select the correct PHP INI ?"
|
387 |
+
msgstr ""
|
388 |
+
|
389 |
+
#: install.php:392
|
390 |
+
msgid "You can click the \"Go Back\" button and try to select another one."
|
391 |
+
msgstr ""
|
392 |
+
|
393 |
+
#: install.php:396
|
394 |
+
msgid "Go Back"
|
395 |
+
msgstr ""
|
396 |
+
|
397 |
+
#: install.php:402
|
398 |
+
#, php-format
|
399 |
+
msgid ""
|
400 |
+
"If none of the above suggestions work, you can still install NinjaFirewall "
|
401 |
+
"in %s mode by clicking the button below. Setup is easy and will always work."
|
402 |
+
msgstr ""
|
403 |
+
|
404 |
+
#: install.php:407
|
405 |
+
msgid "Switch to the WordPress WAF mode installer »"
|
406 |
+
msgstr ""
|
407 |
+
|
408 |
+
#: install.php:411
|
409 |
+
msgid "Need help? Check our blog:"
|
410 |
+
msgstr ""
|
411 |
+
|
412 |
+
#: install.php:562
|
413 |
+
msgid ""
|
414 |
+
"Error: The installer cannot download the security rules from wordpress.org "
|
415 |
+
"website."
|
416 |
+
msgstr ""
|
417 |
+
|
418 |
+
#: install.php:563
|
419 |
+
msgid ""
|
420 |
+
"The server may be temporarily down or you may have network connectivity "
|
421 |
+
"problems? Please try again in a few minutes."
|
422 |
+
msgstr ""
|
423 |
+
|
424 |
+
#: install.php:564
|
425 |
+
msgid ""
|
426 |
+
"NinjaFirewall downloads its rules over an HTTPS secure connection. Maybe "
|
427 |
+
"your server does not support SSL? You can force NinjaFirewall to use a non-"
|
428 |
+
"secure HTTP connection by adding the following directive to your <strong>wp-"
|
429 |
+
"config.php</strong> file:"
|
430 |
+
msgstr ""
|
431 |
+
|
432 |
+
#: lib/dashboard_widget.php:30
|
433 |
+
msgid "NinjaFirewall Statistics"
|
434 |
+
msgstr ""
|
435 |
+
|
436 |
+
#: lib/dashboard_widget.php:52 lib/nf_sub_statistics.php:116
|
437 |
+
msgid "Blocked hacking attempts"
|
438 |
+
msgstr ""
|
439 |
+
|
440 |
+
#: lib/dashboard_widget.php:56 lib/nf_sub_statistics.php:120
|
441 |
+
msgid "Hacking attempts severity"
|
442 |
+
msgstr ""
|
443 |
+
|
444 |
+
#: lib/dashboard_widget.php:58
|
445 |
+
msgid "Critical:"
|
446 |
+
msgstr ""
|
447 |
+
|
448 |
+
#: lib/dashboard_widget.php:66
|
449 |
+
msgid "High:"
|
450 |
+
msgstr ""
|
451 |
+
|
452 |
+
#: lib/dashboard_widget.php:74
|
453 |
+
msgid "Medium:"
|
454 |
+
msgstr ""
|
455 |
+
|
456 |
+
#: lib/dashboard_widget.php:84 lib/nf_sub_statistics.php:143
|
457 |
+
msgid "Uploaded files"
|
458 |
+
msgstr ""
|
459 |
+
|
460 |
+
#: lib/dashboard_widget.php:90
|
461 |
+
msgid "View firewall log"
|
462 |
+
msgstr ""
|
463 |
+
|
464 |
+
#: lib/help.php:37 ninjafirewall.php:799
|
465 |
+
msgid "Overview"
|
466 |
+
msgstr ""
|
467 |
+
|
468 |
+
#: lib/help.php:38
|
469 |
+
msgid ""
|
470 |
+
"This is the Overview page; it shows information about the firewall status. "
|
471 |
+
"We recommend you keep an eye on it because, in case of problems, all "
|
472 |
+
"possible errors and warnings will be displayed here."
|
473 |
+
msgstr ""
|
474 |
+
|
475 |
+
#: lib/help.php:41
|
476 |
+
msgid "For more information:"
|
477 |
+
msgstr ""
|
478 |
+
|
479 |
+
#: lib/help.php:42
|
480 |
+
msgid "Installation, help and troubleshooting"
|
481 |
+
msgstr ""
|
482 |
+
|
483 |
+
#: lib/help.php:43
|
484 |
+
msgid "Support Forum"
|
485 |
+
msgstr ""
|
486 |
+
|
487 |
+
#: lib/help.php:44
|
488 |
+
msgid "Updates via Twitter"
|
489 |
+
msgstr ""
|
490 |
+
|
491 |
+
#: lib/help.php:57 lib/nf_sub_statistics.php:112
|
492 |
+
msgid "Monthly stats"
|
493 |
+
msgstr ""
|
494 |
+
|
495 |
+
#: lib/help.php:59
|
496 |
+
msgid ""
|
497 |
+
"Statistics are taken from the current log. It is rotated on the first day of "
|
498 |
+
"each month."
|
499 |
+
msgstr ""
|
500 |
+
|
501 |
+
#: lib/help.php:61
|
502 |
+
#, php-format
|
503 |
+
msgid ""
|
504 |
+
"You can view the log by clicking on the <a href=\"%s\">Firewall Log</a> menu."
|
505 |
+
msgstr ""
|
506 |
+
|
507 |
+
#: lib/help.php:65 lib/nf_sub_statistics.php:146
|
508 |
+
msgid "Benchmarks"
|
509 |
+
msgstr ""
|
510 |
+
|
511 |
+
#: lib/help.php:67
|
512 |
+
msgid ""
|
513 |
+
"Benchmarks show the time NinjaFirewall took, in seconds, to proceed each "
|
514 |
+
"request it has blocked."
|
515 |
+
msgstr ""
|
516 |
+
|
517 |
+
#: lib/help.php:78 lib/nf_sub_options.php:76
|
518 |
+
msgid "Firewall protection"
|
519 |
+
msgstr ""
|
520 |
+
|
521 |
+
#: lib/help.php:80
|
522 |
+
#, php-format
|
523 |
+
msgid ""
|
524 |
+
"This option allows you to disable NinjaFirewall. It has basically the same "
|
525 |
+
"effect as deactivating it from the <a href=\"%s\">Plugins</a> menu page."
|
526 |
+
msgstr ""
|
527 |
+
|
528 |
+
#: lib/help.php:82
|
529 |
+
msgid "Your site will remain unprotected until you enable it again."
|
530 |
+
msgstr ""
|
531 |
+
|
532 |
+
#: lib/help.php:86 lib/nf_sub_options.php:101 ninjafirewall.php:1010
|
533 |
+
msgid "Debugging mode"
|
534 |
+
msgstr ""
|
535 |
+
|
536 |
+
#: lib/help.php:88
|
537 |
+
#, php-format
|
538 |
+
msgid ""
|
539 |
+
"In Debugging mode, NinjaFirewall will not block or sanitise suspicious "
|
540 |
+
"requests but will only log them. The <a href=\"%s\">Firewall Log</a> will "
|
541 |
+
"display <code>DEBUG_ON</code> in the LEVEL column."
|
542 |
+
msgstr ""
|
543 |
+
|
544 |
+
#: lib/help.php:89
|
545 |
+
msgid ""
|
546 |
+
"We recommend to run it in Debugging Mode for at least 24 hours after "
|
547 |
+
"installing it on a new site and then to keep an eye on the firewall log "
|
548 |
+
"during that time. If you notice a false positive in the log, you can simply "
|
549 |
+
"use NinjaFirewall's Rules Editor to disable the security rule that was "
|
550 |
+
"wrongly triggered."
|
551 |
+
msgstr ""
|
552 |
+
|
553 |
+
#: lib/help.php:93
|
554 |
+
msgid "Error code and message to return"
|
555 |
+
msgstr ""
|
556 |
+
|
557 |
+
#: lib/help.php:95
|
558 |
+
msgid ""
|
559 |
+
"Lets you customize the HTTP error code returned by NinjaFirewall when "
|
560 |
+
"blocking a dangerous request and the message to display to the user."
|
561 |
+
msgstr ""
|
562 |
+
|
563 |
+
#: lib/help.php:96
|
564 |
+
msgid "You can use any HTML tags and 3 built-in variables:"
|
565 |
+
msgstr ""
|
566 |
+
|
567 |
+
#: lib/help.php:97
|
568 |
+
msgid "the blocked user IP."
|
569 |
+
msgstr ""
|
570 |
+
|
571 |
+
#: lib/help.php:98
|
572 |
+
msgid ""
|
573 |
+
"the unique incident number as it will appear in the firewall log \"INCIDENT"
|
574 |
+
"\" column."
|
575 |
+
msgstr ""
|
576 |
+
|
577 |
+
#: lib/help.php:99
|
578 |
+
msgid "NinjaFirewall logo."
|
579 |
+
msgstr ""
|
580 |
+
|
581 |
+
#: lib/help.php:103
|
582 |
+
msgid "Export/import configuration"
|
583 |
+
msgstr ""
|
584 |
+
|
585 |
+
#: lib/help.php:105
|
586 |
+
msgid ""
|
587 |
+
"This options lets you export you current configuration or import it from "
|
588 |
+
"another NinjaFirewall (WP Edition) installation. The imported file must "
|
589 |
+
"match your current version otherwise it will be rejected. Note that "
|
590 |
+
"importing will override all firewall rules and options."
|
591 |
+
msgstr ""
|
592 |
+
|
593 |
+
#: lib/help.php:107
|
594 |
+
msgid "\"File Check\" configuration will not be exported/imported."
|
595 |
+
msgstr ""
|
596 |
+
|
597 |
+
#: lib/help.php:120
|
598 |
+
#, php-format
|
599 |
+
msgid ""
|
600 |
+
"Keep in mind, however, that the Firewall Policies apply to any PHP scripts "
|
601 |
+
"located inside the %s directory and its sub-directories, and not only to "
|
602 |
+
"your WordPress index page."
|
603 |
+
msgstr ""
|
604 |
+
|
605 |
+
#: lib/help.php:125
|
606 |
+
msgid "Policies overview"
|
607 |
+
msgstr ""
|
608 |
+
|
609 |
+
#: lib/help.php:127
|
610 |
+
#, php-format
|
611 |
+
msgid ""
|
612 |
+
"Because NinjaFirewall sits in front of WordPress, it can hook, scan and "
|
613 |
+
"sanitise all PHP requests, HTTP variables, headers and IPs before they reach "
|
614 |
+
"your blog: <code><a href=\"%s\">$_GET</a></code>, <code><a href=\"%s\">"
|
615 |
+
"$_POST</a></code>, <code><a href=\"%s\">$_COOKIES</a></code>, <code><a href="
|
616 |
+
"\"%s\">$_REQUEST</a></code>, <code><a href=\"%s\">$_FILES</a></code>, "
|
617 |
+
"<code><a href=\"%s\">$_SERVER</a></code> in HTTP and/or HTTPS mode."
|
618 |
+
msgstr ""
|
619 |
+
|
620 |
+
#: lib/help.php:129
|
621 |
+
msgid ""
|
622 |
+
"Use the options below to enable, disable or to tweak these rules according "
|
623 |
+
"to your needs."
|
624 |
+
msgstr ""
|
625 |
+
|
626 |
+
#: lib/help.php:136
|
627 |
+
msgid "Scan and Sanitise"
|
628 |
+
msgstr ""
|
629 |
+
|
630 |
+
#: lib/help.php:138
|
631 |
+
msgid ""
|
632 |
+
"You can choose to scan and reject dangerous content but also to sanitise "
|
633 |
+
"requests and variables. Those two actions are different and can be combined "
|
634 |
+
"together for better security."
|
635 |
+
msgstr ""
|
636 |
+
|
637 |
+
#: lib/help.php:139
|
638 |
+
msgid ""
|
639 |
+
"Scan : if anything suspicious is detected, NinjaFirewall will block the "
|
640 |
+
"request and return an HTTP error code and message (defined in the \"Firewall "
|
641 |
+
"Options\" page). The user request will fail and the connection will be "
|
642 |
+
"closed immediately."
|
643 |
+
msgstr ""
|
644 |
+
|
645 |
+
#: lib/help.php:140
|
646 |
+
#, php-format
|
647 |
+
msgid ""
|
648 |
+
"Sanitise : this option will not block but sanitise the user request by "
|
649 |
+
"escaping characters that can be used to exploit vulnerabilities (%s) and "
|
650 |
+
"replacing <code><</code> and <code>></code> with their corresponding "
|
651 |
+
"HTML entities (<code>&lt;</code>, <code>&gt;</code>). If it is a "
|
652 |
+
"variable, i.e. <code>?name=value</code>, both its name and value will be "
|
653 |
+
"sanitised."
|
654 |
+
msgstr ""
|
655 |
+
|
656 |
+
#: lib/help.php:142
|
657 |
+
msgid ""
|
658 |
+
"This action will be performed when the filtering process is over, right "
|
659 |
+
"before NinjaFirewall forwards the request to your PHP script."
|
660 |
+
msgstr ""
|
661 |
+
|
662 |
+
#: lib/help.php:145
|
663 |
+
msgid ""
|
664 |
+
"If you enabled <code>POST</code> requests sanitising, articles and messages "
|
665 |
+
"posted by your visitors could be corrupted with excessive backslashes or "
|
666 |
+
"substitution characters."
|
667 |
+
msgstr ""
|
668 |
+
|
669 |
+
#: lib/help.php:149 ninjafirewall.php:811 ninjafirewall.php:1307
|
670 |
+
msgid "Firewall Policies"
|
671 |
+
msgstr ""
|
672 |
+
|
673 |
+
#: lib/help.php:154 ninjafirewall.php:1329
|
674 |
+
msgid "Basic Policies"
|
675 |
+
msgstr ""
|
676 |
+
|
677 |
+
#: lib/help.php:157
|
678 |
+
msgid "Whether to filter HTTP and/or HTTPS traffic"
|
679 |
+
msgstr ""
|
680 |
+
|
681 |
+
#: lib/help.php:159 ninjafirewall.php:1384
|
682 |
+
msgid "Uploads"
|
683 |
+
msgstr ""
|
684 |
+
|
685 |
+
#: lib/help.php:160
|
686 |
+
msgid "File Uploads:"
|
687 |
+
msgstr ""
|
688 |
+
|
689 |
+
#: lib/help.php:160
|
690 |
+
msgid "whether to allow/disallow file uploads."
|
691 |
+
msgstr ""
|
692 |
+
|
693 |
+
#: lib/help.php:161
|
694 |
+
msgid "Sanitise filenames:"
|
695 |
+
msgstr ""
|
696 |
+
|
697 |
+
#: lib/help.php:161
|
698 |
+
msgid ""
|
699 |
+
"any character that is not a letter <code>a-zA-Z</code>, a digit <code>0-9</"
|
700 |
+
"code>, a dot <code>.</code>, a hyphen <code>-</code> or an underscore "
|
701 |
+
"<code>_</code> will be removed from the filename and replaced with the "
|
702 |
+
"substitution character."
|
703 |
+
msgstr ""
|
704 |
+
|
705 |
+
#: lib/help.php:164
|
706 |
+
msgid ""
|
707 |
+
"Whether to block direct access to PHP files located in specific WordPress "
|
708 |
+
"directories."
|
709 |
+
msgstr ""
|
710 |
+
|
711 |
+
#: lib/help.php:165
|
712 |
+
msgid "Protect against username enumeration:"
|
713 |
+
msgstr ""
|
714 |
+
|
715 |
+
#: lib/help.php:165
|
716 |
+
msgid ""
|
717 |
+
"it is possible to enumerate usernames either through the WordPress author "
|
718 |
+
"archives, the REST API or the login page. Although this is not a "
|
719 |
+
"vulnerability but a WordPress feature, some hackers use it to retrieve "
|
720 |
+
"usernames in order to launch more accurate brute-force attacks. If it is a "
|
721 |
+
"failed login attempt, NinjaFirewall will sanitise the error message returned "
|
722 |
+
"by WordPress. If it is an author archives scan, it will invalidate it and "
|
723 |
+
"redirect the user to the blog index page. Regarding the WP REST API, it will "
|
724 |
+
"block the request immediately."
|
725 |
+
msgstr ""
|
726 |
+
|
727 |
+
#: lib/help.php:166
|
728 |
+
msgid "WordPress REST API:"
|
729 |
+
msgstr ""
|
730 |
+
|
731 |
+
#: lib/help.php:166
|
732 |
+
msgid ""
|
733 |
+
"it allows you to access your WordPress site's data through an easy-to-use "
|
734 |
+
"HTTP REST API. Since WordPress 4.7, it is enabled by default. NinjaFirewall "
|
735 |
+
"allows you to block any access to that API if you do not intend to use it."
|
736 |
+
msgstr ""
|
737 |
+
|
738 |
+
#: lib/help.php:167
|
739 |
+
msgid "WordPress XML-RPC API:"
|
740 |
+
msgstr ""
|
741 |
+
|
742 |
+
#: lib/help.php:167
|
743 |
+
msgid ""
|
744 |
+
"XML-RPC is a remote procedure call (RPC) protocol which uses XML to encode "
|
745 |
+
"its calls and HTTP as a transport mechanism. WordPress has an XMLRPC API "
|
746 |
+
"that can be accessed through the <code>xmlrpc.php</code> file. Since "
|
747 |
+
"WordPress version 3.5, it is always activated and cannot be turned off. "
|
748 |
+
"NinjaFirewall allows you to immediately block any access to that file, or "
|
749 |
+
"only to block an access using the <code>system.multicall</code> method often "
|
750 |
+
"used in brute-force amplification attacks or to block Pingbacks."
|
751 |
+
msgstr ""
|
752 |
+
|
753 |
+
#: lib/help.php:168
|
754 |
+
msgid ""
|
755 |
+
"Block <code>POST</code> requests in the themes folder <code>/wp-content/"
|
756 |
+
"themes</code>:"
|
757 |
+
msgstr ""
|
758 |
+
|
759 |
+
#: lib/help.php:168
|
760 |
+
msgid ""
|
761 |
+
"this option can be useful to block hackers from installing backdoor in the "
|
762 |
+
"PHP theme files. However, because some custom themes may include an HTML "
|
763 |
+
"form (contact, search form etc), this option is not enabled by default."
|
764 |
+
msgstr ""
|
765 |
+
|
766 |
+
#: lib/help.php:169
|
767 |
+
msgid "Force SSL for admin and logins <code>FORCE_SSL_ADMIN</code>:"
|
768 |
+
msgstr ""
|
769 |
+
|
770 |
+
#: lib/help.php:169
|
771 |
+
msgid ""
|
772 |
+
"enable this option when you want to secure logins and the admin area so that "
|
773 |
+
"both passwords and cookies are never sent in the clear. Ensure that you can "
|
774 |
+
"access your admin console from HTTPS before enabling this option, otherwise "
|
775 |
+
"you will lock yourself out of your site!"
|
776 |
+
msgstr ""
|
777 |
+
|
778 |
+
#: lib/help.php:170
|
779 |
+
msgid "Disable the plugin and theme editor <code>DISALLOW_FILE_EDIT</code>:"
|
780 |
+
msgstr ""
|
781 |
+
|
782 |
+
#: lib/help.php:170
|
783 |
+
msgid ""
|
784 |
+
"disabling the plugin and theme editor provides an additional layer of "
|
785 |
+
"security if a hacker gains access to a well-privileged user account."
|
786 |
+
msgstr ""
|
787 |
+
|
788 |
+
#: lib/help.php:171
|
789 |
+
msgid ""
|
790 |
+
"Disable plugin and theme update/installation <code>DISALLOW_FILE_MODS</code>:"
|
791 |
+
msgstr ""
|
792 |
+
|
793 |
+
#: lib/help.php:171
|
794 |
+
msgid ""
|
795 |
+
"this option will block users being able to use the plugin and theme "
|
796 |
+
"installation/update functionality from the WordPress admin area. Setting "
|
797 |
+
"this constant also disables the Plugin and Theme editor."
|
798 |
+
msgstr ""
|
799 |
+
|
800 |
+
#: lib/help.php:176 ninjafirewall.php:1330
|
801 |
+
msgid "Intermediate Policies"
|
802 |
+
msgstr ""
|
803 |
+
|
804 |
+
#: lib/help.php:178 ninjafirewall.php:1696
|
805 |
+
msgid "HTTP GET variable"
|
806 |
+
msgstr ""
|
807 |
+
|
808 |
+
#: lib/help.php:179
|
809 |
+
msgid "Whether to scan and/or sanitise the <code>GET</code> variable."
|
810 |
+
msgstr ""
|
811 |
+
|
812 |
+
#: lib/help.php:181 ninjafirewall.php:1739
|
813 |
+
msgid "HTTP POST variable"
|
814 |
+
msgstr ""
|
815 |
+
|
816 |
+
#: lib/help.php:182
|
817 |
+
msgid "Whether to scan and/or sanitise the <code>POST</code> variable."
|
818 |
+
msgstr ""
|
819 |
+
|
820 |
+
#: lib/help.php:183
|
821 |
+
msgid "Decode Base64-encoded <code>POST</code> variable:"
|
822 |
+
msgstr ""
|
823 |
+
|
824 |
+
#: lib/help.php:183
|
825 |
+
msgid ""
|
826 |
+
"NinjaFirewall will decode and scan base64 encoded values in order to detect "
|
827 |
+
"obfuscated malicious code. This option is only available for the <code>POST</"
|
828 |
+
"code> variable."
|
829 |
+
msgstr ""
|
830 |
+
|
831 |
+
#: lib/help.php:185 ninjafirewall.php:1782
|
832 |
+
msgid "HTTP REQUEST variable"
|
833 |
+
msgstr ""
|
834 |
+
|
835 |
+
#: lib/help.php:186
|
836 |
+
msgid "Whether to sanitise the <code>REQUEST</code> variable."
|
837 |
+
msgstr ""
|
838 |
+
|
839 |
+
#: lib/help.php:188 ninjafirewall.php:1810
|
840 |
+
msgid "Cookies"
|
841 |
+
msgstr ""
|
842 |
+
|
843 |
+
#: lib/help.php:189
|
844 |
+
msgid "Whether to scan and/or sanitise cookies."
|
845 |
+
msgstr ""
|
846 |
+
|
847 |
+
#: lib/help.php:191 ninjafirewall.php:1855
|
848 |
+
msgid "HTTP_USER_AGENT server variable"
|
849 |
+
msgstr ""
|
850 |
+
|
851 |
+
#: lib/help.php:192
|
852 |
+
msgid "Whether to scan and/or sanitise <code>HTTP_USER_AGENT</code> requests."
|
853 |
+
msgstr ""
|
854 |
+
|
855 |
+
#: lib/help.php:193
|
856 |
+
msgid "Block suspicious bots/scanners:"
|
857 |
+
msgstr ""
|
858 |
+
|
859 |
+
#: lib/help.php:193
|
860 |
+
msgid ""
|
861 |
+
"rejects some known bots, scanners and various malicious scripts attempting "
|
862 |
+
"to access your blog."
|
863 |
+
msgstr ""
|
864 |
+
|
865 |
+
#: lib/help.php:195 ninjafirewall.php:1908
|
866 |
+
msgid "HTTP_REFERER server variable"
|
867 |
+
msgstr ""
|
868 |
+
|
869 |
+
#: lib/help.php:196
|
870 |
+
msgid "Whether to scan and/or sanitise <code>HTTP_REFERER</code> requests."
|
871 |
+
msgstr ""
|
872 |
+
|
873 |
+
#: lib/help.php:197
|
874 |
+
msgid ""
|
875 |
+
"Block POST requests that do not have an <code>HTTP_REFERER</code> header:"
|
876 |
+
msgstr ""
|
877 |
+
|
878 |
+
#: lib/help.php:197
|
879 |
+
msgid ""
|
880 |
+
"this option will block any <code>POST</code> request that does not have a "
|
881 |
+
"Referrer header (<code>HTTP_REFERER</code> variable). If you need external "
|
882 |
+
"applications to post to your scripts (e.g. Paypal IPN, WordPress WP-"
|
883 |
+
"Cron...), you are advised to keep this option disabled otherwise they will "
|
884 |
+
"likely be blocked. Note that <code>POST</code> requests are not required to "
|
885 |
+
"have a Referrer header and, for that reason, this option is disabled by "
|
886 |
+
"default."
|
887 |
+
msgstr ""
|
888 |
+
|
889 |
+
#: lib/help.php:200
|
890 |
+
msgid "Block localhost IP in <code>GET/POST</code> requests:"
|
891 |
+
msgstr ""
|
892 |
+
|
893 |
+
#: lib/help.php:200
|
894 |
+
msgid ""
|
895 |
+
"this option will block any <code>GET</code> or <code>POST</code> request "
|
896 |
+
"containing the localhost IP (127.0.0.1). It can be useful to block SQL "
|
897 |
+
"dumpers and various hacker's shell scripts."
|
898 |
+
msgstr ""
|
899 |
+
|
900 |
+
#: lib/help.php:201
|
901 |
+
msgid "Block HTTP requests with an IP in the <code>HTTP_HOST</code> header:"
|
902 |
+
msgstr ""
|
903 |
+
|
904 |
+
#: lib/help.php:201
|
905 |
+
#, php-format
|
906 |
+
msgid ""
|
907 |
+
"this option will reject any request using an IP instead of a domain name in "
|
908 |
+
"the <code>Host</code> header of the HTTP request. Unless you need to connect "
|
909 |
+
"to your site using its IP address, (e.g. %s), enabling this option will "
|
910 |
+
"block a lot of hackers scanners because such applications scan IPs rather "
|
911 |
+
"than domain names."
|
912 |
+
msgstr ""
|
913 |
+
|
914 |
+
#: lib/help.php:202
|
915 |
+
msgid "Scan traffic coming from localhost and private IP address spaces:"
|
916 |
+
msgstr ""
|
917 |
+
|
918 |
+
#: lib/help.php:202
|
919 |
+
msgid ""
|
920 |
+
"this option will allow the firewall to scan traffic from all non-routable "
|
921 |
+
"private IPs (IPv4 and IPv6) as well as the localhost IP. We recommend to "
|
922 |
+
"keep it enabled if you have a private network (2 or more servers "
|
923 |
+
"interconnected)."
|
924 |
+
msgstr ""
|
925 |
+
|
926 |
+
#: lib/help.php:207 ninjafirewall.php:1331
|
927 |
+
msgid "Advanced Policies"
|
928 |
+
msgstr ""
|
929 |
+
|
930 |
+
#: lib/help.php:209 ninjafirewall.php:2021
|
931 |
+
msgid "HTTP response headers"
|
932 |
+
msgstr ""
|
933 |
+
|
934 |
+
#: lib/help.php:211
|
935 |
+
msgid ""
|
936 |
+
"In addition to filtering incoming requests, NinjaFirewall can also hook the "
|
937 |
+
"HTTP response in order to alter its headers. Those modifications can help to "
|
938 |
+
"mitigate threats such as XSS, phishing and clickjacking attacks."
|
939 |
+
msgstr ""
|
940 |
+
|
941 |
+
#: lib/help.php:213
|
942 |
+
msgid ""
|
943 |
+
"Set <code>X-Content-Type-Options</code> to protect against MIME type "
|
944 |
+
"confusion attacks:"
|
945 |
+
msgstr ""
|
946 |
+
|
947 |
+
#: lib/help.php:213
|
948 |
+
msgid ""
|
949 |
+
"sending this response header with the <code>nosniff</code> value will "
|
950 |
+
"prevent compatible browsers from MIME-sniffing a response away from the "
|
951 |
+
"declared content-type."
|
952 |
+
msgstr ""
|
953 |
+
|
954 |
+
#: lib/help.php:214
|
955 |
+
msgid ""
|
956 |
+
"Set <code>X-Frame-Options</code> to protect against clickjacking attempts:"
|
957 |
+
msgstr ""
|
958 |
+
|
959 |
+
#: lib/help.php:214
|
960 |
+
msgid ""
|
961 |
+
"this header indicates a policy whether a browser must not allow to render a "
|
962 |
+
"page in a <frame> or <iframe>. Hosts can declare this policy in "
|
963 |
+
"the header of their HTTP responses to prevent clickjacking attacks, by "
|
964 |
+
"ensuring that their content is not embedded into other pages or frames. "
|
965 |
+
"NinjaFirewall accepts two different values:"
|
966 |
+
msgstr ""
|
967 |
+
|
968 |
+
#: lib/help.php:216
|
969 |
+
msgid ""
|
970 |
+
"a browser receiving content with this header must not display this content "
|
971 |
+
"in any frame from a page of different origin than the content itself."
|
972 |
+
msgstr ""
|
973 |
+
|
974 |
+
#: lib/help.php:217
|
975 |
+
msgid ""
|
976 |
+
"a browser receiving content with this header must not display this content "
|
977 |
+
"in any frame."
|
978 |
+
msgstr ""
|
979 |
+
|
980 |
+
#: lib/help.php:220
|
981 |
+
msgid "NinjaFirewall does not support the <code>ALLOW-FROM</code> value."
|
982 |
+
msgstr ""
|
983 |
+
|
984 |
+
#: lib/help.php:222
|
985 |
+
msgid ""
|
986 |
+
"Since v3.1.3, WordPress sets this value to <code>SAMEORIGIN</code> for the "
|
987 |
+
"administrator and the login page only."
|
988 |
+
msgstr ""
|
989 |
+
|
990 |
+
#: lib/help.php:223
|
991 |
+
msgid "Enforce <code>X-XSS-Protection</code> (IE, Chrome and Safari browsers):"
|
992 |
+
msgstr ""
|
993 |
+
|
994 |
+
#: lib/help.php:223
|
995 |
+
msgid ""
|
996 |
+
"this header allows compatible browsers to identify and block XSS attack by "
|
997 |
+
"preventing the malicious script from executing. NinjaFirewall will set its "
|
998 |
+
"value to <code>1; mode=block</code>."
|
999 |
+
msgstr ""
|
1000 |
+
|
1001 |
+
#: lib/help.php:224
|
1002 |
+
msgid ""
|
1003 |
+
"Force <code>HttpOnly</code> flag on all cookies to mitigate XSS attacks:"
|
1004 |
+
msgstr ""
|
1005 |
+
|
1006 |
+
#: lib/help.php:224
|
1007 |
+
msgid ""
|
1008 |
+
"adding this flag to cookies helps to mitigate the risk of cross-site "
|
1009 |
+
"scripting by preventing them from being accessed through client-side script. "
|
1010 |
+
"NinjaFirewall can hook all cookies sent by your blog, its plugins or any "
|
1011 |
+
"other PHP script, add the <code>HttpOnly</code> flag if it is missing, and "
|
1012 |
+
"re-inject those cookies back into your server HTTP response headers right "
|
1013 |
+
"before they are sent to your visitors. Note that WordPress sets that flag on "
|
1014 |
+
"the logged in user cookies only."
|
1015 |
+
msgstr ""
|
1016 |
+
|
1017 |
+
#: lib/help.php:225
|
1018 |
+
msgid ""
|
1019 |
+
"If your PHP scripts send cookies that need to be accessed from JavaScript, "
|
1020 |
+
"you should keep that option disabled."
|
1021 |
+
msgstr ""
|
1022 |
+
|
1023 |
+
#: lib/help.php:226
|
1024 |
+
msgid ""
|
1025 |
+
"Set <code>Strict-Transport-Security</code> (HSTS) to enforce secure "
|
1026 |
+
"connections to the server:"
|
1027 |
+
msgstr ""
|
1028 |
+
|
1029 |
+
#: lib/help.php:226
|
1030 |
+
msgid ""
|
1031 |
+
"this policy enforces secure HTTPS connections to the server. Web browsers "
|
1032 |
+
"will not allow the user to access the web application over insecure HTTP "
|
1033 |
+
"protocol. It helps to defend against cookie hijacking and Man-in-the-middle "
|
1034 |
+
"attacks. Most recent browsers support HSTS headers."
|
1035 |
+
msgstr ""
|
1036 |
+
|
1037 |
+
#: lib/help.php:227
|
1038 |
+
msgid "Set <code>Content-Security-Policy</code>:"
|
1039 |
+
msgstr ""
|
1040 |
+
|
1041 |
+
#: lib/help.php:227
|
1042 |
+
msgid ""
|
1043 |
+
"this policy helps to mitigate threats such as XSS, phishing and clickjacking "
|
1044 |
+
"attacks. It covers JavaScript, CSS, HTML frames, web workers, fonts, images, "
|
1045 |
+
"objects (Java, ActiveX, audio and video files), and other HTML5 features."
|
1046 |
+
msgstr ""
|
1047 |
+
|
1048 |
+
#: lib/help.php:227
|
1049 |
+
msgid ""
|
1050 |
+
"NinjaFirewall lets you configure the CSP policy separately for the frontend "
|
1051 |
+
"(blog, website) and the backend (WordPress admin dashboard)."
|
1052 |
+
msgstr ""
|
1053 |
+
|
1054 |
+
#: lib/help.php:230
|
1055 |
+
msgid "Block PHP built-in wrappers:"
|
1056 |
+
msgstr ""
|
1057 |
+
|
1058 |
+
#: lib/help.php:230
|
1059 |
+
msgid ""
|
1060 |
+
"PHP has several wrappers for use with the filesystem functions. It is "
|
1061 |
+
"possible for an attacker to use them to bypass firewalls and various IDS to "
|
1062 |
+
"exploit remote and local file inclusions. This option lets you block any "
|
1063 |
+
"script attempting to pass a <code>expect://</code>, <code>file://</code>, "
|
1064 |
+
"<code>phar://</code>, <code>php://</code>, <code>zip://</code> or "
|
1065 |
+
"<code>data://</code> stream inside a <code>GET</code> or <code>POST</code> "
|
1066 |
+
"request, cookies, user agent and referrer variables."
|
1067 |
+
msgstr ""
|
1068 |
+
|
1069 |
+
#: lib/help.php:231
|
1070 |
+
msgid "Block serialized PHP objects:"
|
1071 |
+
msgstr ""
|
1072 |
+
|
1073 |
+
#: lib/help.php:231
|
1074 |
+
#, php-format
|
1075 |
+
msgid ""
|
1076 |
+
"Object Serialization is a PHP feature used by many applications to generate "
|
1077 |
+
"a storable representation of a value. However, some insecure PHP "
|
1078 |
+
"applications and plugins can turn that feature into a critical vulnerability "
|
1079 |
+
"called <a href=\"%s\">PHP Object Injection</a>. This option can block "
|
1080 |
+
"serialized PHP objects found inside a a <code>GET</code> or <code>POST</"
|
1081 |
+
"code> request, cookies, user agent and referrer variables."
|
1082 |
+
msgstr ""
|
1083 |
+
|
1084 |
+
#: lib/help.php:232
|
1085 |
+
msgid "Hide PHP notice and error messages:"
|
1086 |
+
msgstr ""
|
1087 |
+
|
1088 |
+
#: lib/help.php:232
|
1089 |
+
msgid ""
|
1090 |
+
"this option lets you hide errors returned by your scripts. Such errors can "
|
1091 |
+
"leak sensitive informations which can be exploited by hackers."
|
1092 |
+
msgstr ""
|
1093 |
+
|
1094 |
+
#: lib/help.php:233
|
1095 |
+
msgid ""
|
1096 |
+
"Sanitise <code>PHP_SELF</code>, <code>PATH_TRANSLATED</code>, "
|
1097 |
+
"<code>PATH_INFO</code>:"
|
1098 |
+
msgstr ""
|
1099 |
+
|
1100 |
+
#: lib/help.php:233
|
1101 |
+
msgid ""
|
1102 |
+
"this option can sanitise any dangerous characters found in those 3 server "
|
1103 |
+
"variables to prevent various XSS and database injection attempts."
|
1104 |
+
msgstr ""
|
1105 |
+
|
1106 |
+
#: lib/help.php:235 ninjafirewall.php:2295
|
1107 |
+
msgid "Various"
|
1108 |
+
msgstr ""
|
1109 |
+
|
1110 |
+
#: lib/help.php:236
|
1111 |
+
#, php-format
|
1112 |
+
msgid ""
|
1113 |
+
"Block the <code>DOCUMENT_ROOT</code> server variable (%s) in HTTP requests:"
|
1114 |
+
msgstr ""
|
1115 |
+
|
1116 |
+
#: lib/help.php:236
|
1117 |
+
msgid ""
|
1118 |
+
"this option will block scripts attempting to pass the <code>DOCUMENT_ROOT</"
|
1119 |
+
"code> server variable in a <code>GET</code> or <code>POST</code> request. "
|
1120 |
+
"Hackers use shell scripts that often need to pass this value, but most "
|
1121 |
+
"legitimate programs do not."
|
1122 |
+
msgstr ""
|
1123 |
+
|
1124 |
+
#: lib/help.php:237
|
1125 |
+
msgid "Block ASCII character 0x00 (NULL byte):"
|
1126 |
+
msgstr ""
|
1127 |
+
|
1128 |
+
#: lib/help.php:237
|
1129 |
+
msgid ""
|
1130 |
+
"this option will reject any <code>GET</code> or <code>POST</code> request, "
|
1131 |
+
"<code>HTTP_USER_AGENT</code>, <code>REQUEST_URI</code>, <code>PHP_SELF</"
|
1132 |
+
"code>, <code>PATH_INFO</code>, <code>HTTP_REFERER</code> variables "
|
1133 |
+
"containing the ASCII character 0x00 (NULL byte). Such a character is "
|
1134 |
+
"dangerous and should always be rejected."
|
1135 |
+
msgstr ""
|
1136 |
+
|
1137 |
+
#: lib/help.php:238
|
1138 |
+
msgid "Block ASCII control characters 1 to 8 and 14 to 31:"
|
1139 |
+
msgstr ""
|
1140 |
+
|
1141 |
+
#: lib/help.php:238
|
1142 |
+
msgid ""
|
1143 |
+
"this option will reject any <code>GET</code> or <code>POST</code> request, "
|
1144 |
+
"<code>HTTP_USER_AGENT</code>, <code>HTTP_REFERER</code> variables containing "
|
1145 |
+
"ASCII characters from 1 to 8 and 14 to 31."
|
1146 |
+
msgstr ""
|
1147 |
+
|
1148 |
+
#: lib/help.php:244 ninjafirewall.php:1665
|
1149 |
+
msgid "Users Whitelist"
|
1150 |
+
msgstr ""
|
1151 |
+
|
1152 |
+
#: lib/help.php:246
|
1153 |
+
#, php-format
|
1154 |
+
msgid ""
|
1155 |
+
"By default, any logged in WordPress administrator will not be blocked by "
|
1156 |
+
"NinjaFirewall. You can also add any logged in users to the whitelist (make "
|
1157 |
+
"sure you trust them all before doing so).<br />This feature applies to all "
|
1158 |
+
"Firewall Policies listed below, except <code>FORCE_SSL_ADMIN</code>, "
|
1159 |
+
"<code>DISALLOW_FILE_EDIT</code>, <code>DISALLOW_FILE_MODS</code> options and "
|
1160 |
+
"the <a href=\"%s\">Login Protection</a> which, if enabled, are always "
|
1161 |
+
"enforced."
|
1162 |
+
msgstr ""
|
1163 |
+
|
1164 |
+
#: lib/help.php:258 ninjafirewall.php:815 ninjafirewall.php:2844
|
1165 |
+
msgid "File Guard"
|
1166 |
+
msgstr ""
|
1167 |
+
|
1168 |
+
#: lib/help.php:260
|
1169 |
+
msgid ""
|
1170 |
+
"File Guard can detect, in real-time, any access to a PHP file that was "
|
1171 |
+
"recently modified or created, and alert you about this."
|
1172 |
+
msgstr ""
|
1173 |
+
|
1174 |
+
#: lib/help.php:262
|
1175 |
+
msgid ""
|
1176 |
+
"If a hacker uploaded a shell script to your site (or injected a backdoor "
|
1177 |
+
"into an already existing file) and tried to directly access that file using "
|
1178 |
+
"his browser or a script, NinjaFirewall would hook the HTTP request and "
|
1179 |
+
"immediately detect that the file was recently modified/created. It would "
|
1180 |
+
"send you a detailed alert (script name, IP, request, date and time). Alerts "
|
1181 |
+
"will be sent to the contact email address defined in the \"Event "
|
1182 |
+
"Notifications\" menu."
|
1183 |
+
msgstr ""
|
1184 |
+
|
1185 |
+
#: lib/help.php:263
|
1186 |
+
msgid ""
|
1187 |
+
"If you do not want to monitor a folder, you can exclude its full path or a "
|
1188 |
+
"part of it (e.g., <code>/var/www/public_html/cache/</code> or <code>/cache/</"
|
1189 |
+
"code> etc). NinjaFirewall will compare this value to the <code>"
|
1190 |
+
"$_SERVER[\"SCRIPT_FILENAME\"]</code> server variable and, if it matches, "
|
1191 |
+
"will ignore it."
|
1192 |
+
msgstr ""
|
1193 |
+
|
1194 |
+
#: lib/help.php:264
|
1195 |
+
msgid ""
|
1196 |
+
"Multiple values must be comma-separated (e.g., <code>/foo/bar/,/cache/</"
|
1197 |
+
"code>)."
|
1198 |
+
msgstr ""
|
1199 |
+
|
1200 |
+
#: lib/help.php:265
|
1201 |
+
msgid ""
|
1202 |
+
"File Guard real-time detection is a totally unique feature, because "
|
1203 |
+
"NinjaFirewall is the only plugin for WordPress that can hook HTTP requests "
|
1204 |
+
"sent to any PHP script, even if that script is not part of the WordPress "
|
1205 |
+
"package (third-party software, shell script, backdoor etc)."
|
1206 |
+
msgstr ""
|
1207 |
+
|
1208 |
+
#: lib/help.php:274 ninjafirewall.php:833 ninjafirewall.php:2975
|
1209 |
+
msgid "Network"
|
1210 |
+
msgstr ""
|
1211 |
+
|
1212 |
+
#: lib/help.php:276
|
1213 |
+
msgid ""
|
1214 |
+
"Even if NinjaFirewall administration menu is only available to the Super "
|
1215 |
+
"Admin (from the main site), you can still display its status to all sites in "
|
1216 |
+
"the network by adding a small NinjaFirewall icon to their admin bar. It will "
|
1217 |
+
"be visible only to the administrators of those sites."
|
1218 |
+
msgstr ""
|
1219 |
+
|
1220 |
+
#: lib/help.php:278
|
1221 |
+
msgid ""
|
1222 |
+
"It is recommended to enable this feature as it is the only way to know "
|
1223 |
+
"whether the sites in your network are protected and if NinjaFirewall "
|
1224 |
+
"installation was successful."
|
1225 |
+
msgstr ""
|
1226 |
+
|
1227 |
+
#: lib/help.php:280
|
1228 |
+
msgid ""
|
1229 |
+
"Note that when it is disabled, the icon still remains visible to you, the "
|
1230 |
+
"Super Admin."
|
1231 |
+
msgstr ""
|
1232 |
+
|
1233 |
+
#: lib/help.php:290 lib/nf_sub_filecheck.php:130 ninjafirewall.php:819
|
1234 |
+
msgid "File Check"
|
1235 |
+
msgstr ""
|
1236 |
+
|
1237 |
+
#: lib/help.php:291
|
1238 |
+
msgid ""
|
1239 |
+
"File Check lets you perform file integrity monitoring upon request or on a "
|
1240 |
+
"specific interval."
|
1241 |
+
msgstr ""
|
1242 |
+
|
1243 |
+
#: lib/help.php:293
|
1244 |
+
msgid ""
|
1245 |
+
"You need to create a snapshot of all your files and then, at a later time, "
|
1246 |
+
"you can scan your system to compare it with the previous snapshot. Any "
|
1247 |
+
"modification will be immediately detected: file content, file permissions, "
|
1248 |
+
"file ownership, timestamp as well as file creation and deletion."
|
1249 |
+
msgstr ""
|
1250 |
+
|
1251 |
+
#: lib/help.php:294
|
1252 |
+
#, php-format
|
1253 |
+
msgid ""
|
1254 |
+
"Create a snapshot of all files stored in that directory: by default, the "
|
1255 |
+
"directory is set to WordPress <code>ABSPATH</code> (%s)"
|
1256 |
+
msgstr ""
|
1257 |
+
|
1258 |
+
#: lib/help.php:295
|
1259 |
+
msgid ""
|
1260 |
+
"Exclude the following files/folders: you can enter a directory or a file "
|
1261 |
+
"name (e.g., <code>/foo/bar/</code>), or a part of it (e.g., <code>foo</"
|
1262 |
+
"code>). Or you can exclude a file extension (e.g., <code>.css</code>)."
|
1263 |
+
msgstr ""
|
1264 |
+
|
1265 |
+
#: lib/help.php:297
|
1266 |
+
msgid ""
|
1267 |
+
"Multiple values must be comma-separated (e.g., <code>/foo/bar/,.css,.png</"
|
1268 |
+
"code>)."
|
1269 |
+
msgstr ""
|
1270 |
+
|
1271 |
+
#: lib/help.php:298
|
1272 |
+
msgid ""
|
1273 |
+
"Do not follow symbolic links: by default, NinjaFirewall will not follow "
|
1274 |
+
"symbolic links."
|
1275 |
+
msgstr ""
|
1276 |
+
|
1277 |
+
#: lib/help.php:303
|
1278 |
+
msgid "Scheduled scans"
|
1279 |
+
msgstr ""
|
1280 |
+
|
1281 |
+
#: lib/help.php:304
|
1282 |
+
msgid ""
|
1283 |
+
"NinjaFirewall can scan your system on a specific interval (hourly, "
|
1284 |
+
"twicedaily or daily)."
|
1285 |
+
msgstr ""
|
1286 |
+
|
1287 |
+
#: lib/help.php:306
|
1288 |
+
msgid ""
|
1289 |
+
"It can either send you a scan report only if changes are detected, or always "
|
1290 |
+
"send you one after each scan."
|
1291 |
+
msgstr ""
|
1292 |
+
|
1293 |
+
#: lib/help.php:308
|
1294 |
+
msgid ""
|
1295 |
+
"Reports will be sent to the contact email address defined in the \"Event "
|
1296 |
+
"Notifications\" menu."
|
1297 |
+
msgstr ""
|
1298 |
+
|
1299 |
+
#: lib/help.php:310
|
1300 |
+
#, php-format
|
1301 |
+
msgid ""
|
1302 |
+
"Scheduled scans rely on <a href=\"%s\">WordPress pseudo cron</a> which works "
|
1303 |
+
"only if your site gets sufficient traffic."
|
1304 |
+
msgstr ""
|
1305 |
+
|
1306 |
+
#: lib/help.php:323 lib/nf_sub_event.php:46 ninjafirewall.php:837
|
1307 |
+
msgid "Event Notifications"
|
1308 |
+
msgstr ""
|
1309 |
+
|
1310 |
+
#: lib/help.php:324
|
1311 |
+
msgid ""
|
1312 |
+
"NinjaFirewall can alert you by email on specific events triggered within "
|
1313 |
+
"your blog. They include installations, updates, activations etc, as well as "
|
1314 |
+
"users login and modification of any administrator account in the database. "
|
1315 |
+
"Some of those alerts are enabled by default and it is highly recommended to "
|
1316 |
+
"keep them enabled. It is not unusual for a hacker, after breaking into your "
|
1317 |
+
"WordPress admin console, to install or just to upload a backdoored plugin or "
|
1318 |
+
"theme in order to take full control of your website."
|
1319 |
+
msgstr ""
|
1320 |
+
|
1321 |
+
#: lib/help.php:335 lib/login_protection.php:22 ninjafirewall.php:841
|
1322 |
+
msgid "Login Protection"
|
1323 |
+
msgstr ""
|
1324 |
+
|
1325 |
+
#: lib/help.php:339
|
1326 |
+
msgid ""
|
1327 |
+
"By processing incoming HTTP requests before your blog and any of its "
|
1328 |
+
"plugins, NinjaFirewall is the only plugin for WordPress able to protect it "
|
1329 |
+
"against very large brute-force attacks, including distributed attacks coming "
|
1330 |
+
"from several thousands of different IPs."
|
1331 |
+
msgstr ""
|
1332 |
+
|
1333 |
+
#: lib/help.php:341
|
1334 |
+
msgid ""
|
1335 |
+
"You can choose two different types of protection: a password or a captcha. "
|
1336 |
+
"You can enable the protection only if an attack is detected or to keep it "
|
1337 |
+
"always activated."
|
1338 |
+
msgstr ""
|
1339 |
+
|
1340 |
+
#: lib/help.php:343
|
1341 |
+
msgid "Yes, if under attack:"
|
1342 |
+
msgstr ""
|
1343 |
+
|
1344 |
+
#: lib/help.php:345
|
1345 |
+
msgid ""
|
1346 |
+
"The protection will be triggered when too many login attempts are detected, "
|
1347 |
+
"regardless of the offending IP. It blocks the attack instantly and prevents "
|
1348 |
+
"it from reaching WordPress, but still allows you to access your "
|
1349 |
+
"administration console using either the predefined username/password "
|
1350 |
+
"combination or the captcha code. "
|
1351 |
+
msgstr ""
|
1352 |
+
|
1353 |
+
#: lib/help.php:347
|
1354 |
+
msgid "Always ON:"
|
1355 |
+
msgstr ""
|
1356 |
+
|
1357 |
+
#: lib/help.php:349
|
1358 |
+
msgid ""
|
1359 |
+
"NinjaFirewall will always enforce the HTTP authentication or captcha "
|
1360 |
+
"implementation each time you access the login page."
|
1361 |
+
msgstr ""
|
1362 |
+
|
1363 |
+
#: lib/help.php:352
|
1364 |
+
msgid "Type of protection:"
|
1365 |
+
msgstr ""
|
1366 |
+
|
1367 |
+
#: lib/help.php:353
|
1368 |
+
msgid ""
|
1369 |
+
"<b>Password:</b> It password-protects the login page. NinjaFirewall uses its "
|
1370 |
+
"own very fast authentication scheme and it is compatible with any HTTP "
|
1371 |
+
"server (Apache, Nginx, Lighttpd etc)."
|
1372 |
+
msgstr ""
|
1373 |
+
|
1374 |
+
#: lib/help.php:354
|
1375 |
+
msgid "<b>Captcha:</b> It will display a 5-character captcha code."
|
1376 |
+
msgstr ""
|
1377 |
+
|
1378 |
+
#: lib/help.php:355
|
1379 |
+
msgid "Bot protection:"
|
1380 |
+
msgstr ""
|
1381 |
+
|
1382 |
+
#: lib/help.php:356
|
1383 |
+
msgid ""
|
1384 |
+
"NinjaFirewall will attempt to block bots and scripts immediately, i.e., even "
|
1385 |
+
"before they start a brute-force attack."
|
1386 |
+
msgstr ""
|
1387 |
+
|
1388 |
+
#: lib/help.php:364
|
1389 |
+
msgid "AUTH log"
|
1390 |
+
msgstr ""
|
1391 |
+
|
1392 |
+
#: lib/help.php:367
|
1393 |
+
msgid ""
|
1394 |
+
"NinjaFirewall can write to the server Authentication log when the brute-"
|
1395 |
+
"force protection is triggered. This can be useful to the system "
|
1396 |
+
"administrator for monitoring purposes or banning IPs at the server level."
|
1397 |
+
msgstr ""
|
1398 |
+
|
1399 |
+
#: lib/help.php:369
|
1400 |
+
msgid ""
|
1401 |
+
"If you have a shared hosting account, keep this option disabled as you do "
|
1402 |
+
"not have any access to the server's logs."
|
1403 |
+
msgstr ""
|
1404 |
+
|
1405 |
+
#: lib/help.php:371
|
1406 |
+
msgid ""
|
1407 |
+
"On Debian-based systems, the log is located in <code>/var/log/auth.log</"
|
1408 |
+
"code>, and on Red Hat-based systems in <code>/var/log/secure</code>. The "
|
1409 |
+
"logline uses the following format:"
|
1410 |
+
msgstr ""
|
1411 |
+
|
1412 |
+
#: lib/help.php:374
|
1413 |
+
msgid "AA: the process ID (PID)."
|
1414 |
+
msgstr ""
|
1415 |
+
|
1416 |
+
#: lib/help.php:375
|
1417 |
+
msgid "BB: the user IPv4 or IPv6 address."
|
1418 |
+
msgstr ""
|
1419 |
+
|
1420 |
+
#: lib/help.php:376
|
1421 |
+
msgid "CC: the blog (sub-)domain name."
|
1422 |
+
msgstr ""
|
1423 |
+
|
1424 |
+
#: lib/help.php:377
|
1425 |
+
msgid ""
|
1426 |
+
"DD: the target: it can be either <code>wp-login.php</code> or <code>XML-RPC "
|
1427 |
+
"API</code>."
|
1428 |
+
msgstr ""
|
1429 |
+
|
1430 |
+
#: lib/help.php:378
|
1431 |
+
msgid "EE: the time, in minutes, the protection will remain active."
|
1432 |
+
msgstr ""
|
1433 |
+
|
1434 |
+
#: lib/help.php:380
|
1435 |
+
msgid "Sample loglines:"
|
1436 |
+
msgstr ""
|
1437 |
+
|
1438 |
+
#: lib/help.php:383
|
1439 |
+
#, php-format
|
1440 |
+
msgid ""
|
1441 |
+
"Be careful if you are behind a load balancer, reverse-proxy or CDN because "
|
1442 |
+
"the Login Protection feature will always record the <code>REMOTE_ADDR</code> "
|
1443 |
+
"IP. If you have an application parsing the AUTH log in order to ban IPs (e."
|
1444 |
+
"g. Fail2ban), you <strong>must</strong> setup your HTTP server to forward "
|
1445 |
+
"the correct IP (or use the <code><a href=\"%s\">.htninja</a></code> file), "
|
1446 |
+
"otherwise you will likely block legitimate users."
|
1447 |
+
msgstr ""
|
1448 |
+
|
1449 |
+
#: lib/help.php:397 lib/nf_sub_log.php:78 ninjafirewall.php:845
|
1450 |
+
msgid "Firewall Log"
|
1451 |
+
msgstr ""
|
1452 |
+
|
1453 |
+
#: lib/help.php:399
|
1454 |
+
msgid ""
|
1455 |
+
"The firewall log displays blocked and sanitised requests as well as some "
|
1456 |
+
"useful information. It has 6 columns:"
|
1457 |
+
msgstr ""
|
1458 |
+
|
1459 |
+
#: lib/help.php:400
|
1460 |
+
msgid "DATE : date and time of the incident."
|
1461 |
+
msgstr ""
|
1462 |
+
|
1463 |
+
#: lib/help.php:401
|
1464 |
+
msgid ""
|
1465 |
+
"INCIDENT : unique incident number/ID as it was displayed to the blocked user."
|
1466 |
+
msgstr ""
|
1467 |
+
|
1468 |
+
#: lib/help.php:402
|
1469 |
+
msgid ""
|
1470 |
+
"LEVEL : level of severity (<code>CRITICAL</code>, <code>HIGH</code> or "
|
1471 |
+
"<code>MEDIUM</code>), information (<code>INFO</code>, <code>UPLOAD</code>) "
|
1472 |
+
"and debugging mode (<code>DEBUG_ON</code>)."
|
1473 |
+
msgstr ""
|
1474 |
+
|
1475 |
+
#: lib/help.php:403
|
1476 |
+
msgid ""
|
1477 |
+
"RULE : reference of the NinjaFirewall built-in security rule that triggered "
|
1478 |
+
"the action. A hyphen (<code>-</code>) instead of a number means it was a "
|
1479 |
+
"rule from the \"Firewall Policies\" page."
|
1480 |
+
msgstr ""
|
1481 |
+
|
1482 |
+
#: lib/help.php:404
|
1483 |
+
msgid "IP : the user IPv4 or IPv6 address."
|
1484 |
+
msgstr ""
|
1485 |
+
|
1486 |
+
#: lib/help.php:405
|
1487 |
+
msgid ""
|
1488 |
+
"REQUEST : the HTTP request including offending variables and values as well "
|
1489 |
+
"as the reason the action was logged."
|
1490 |
+
msgstr ""
|
1491 |
+
|
1492 |
+
#: lib/help.php:411 lib/nf_sub_log.php:163 lib/nf_sub_wplus.php:94
|
1493 |
+
#: ninjafirewall.php:1115
|
1494 |
+
msgid "Centralized Logging"
|
1495 |
+
msgstr ""
|
1496 |
+
|
1497 |
+
#: lib/help.php:413
|
1498 |
+
msgid ""
|
1499 |
+
"Centralized Logging lets you remotely access the firewall log of all your "
|
1500 |
+
"NinjaFirewall protected websites from one single installation. You do not "
|
1501 |
+
"need any longer to log in to individual servers to analyse your log data."
|
1502 |
+
msgstr ""
|
1503 |
+
|
1504 |
+
#: lib/help.php:413
|
1505 |
+
#, php-format
|
1506 |
+
msgid "<a href=\"%s\">Consult our blog</a> for more info about it."
|
1507 |
+
msgstr ""
|
1508 |
+
|
1509 |
+
#: lib/help.php:414
|
1510 |
+
msgid ""
|
1511 |
+
"Enter your public key (optional): This is the public key that was created "
|
1512 |
+
"from your main server."
|
1513 |
+
msgstr ""
|
1514 |
+
|
1515 |
+
#: lib/help.php:417
|
1516 |
+
msgid ""
|
1517 |
+
"Centralized Logging will keep working even if NinjaFirewall is disabled. "
|
1518 |
+
"Delete your public key below if you want to disable it."
|
1519 |
+
msgstr ""
|
1520 |
+
|
1521 |
+
#: lib/help.php:430 lib/nf_sub_livelog.php:38 lib/nf_sub_livelog.php:210
|
1522 |
+
#: ninjafirewall.php:849
|
1523 |
+
msgid "Live Log"
|
1524 |
+
msgstr ""
|
1525 |
+
|
1526 |
+
#: lib/help.php:432
|
1527 |
+
msgid ""
|
1528 |
+
"Live Log lets you watch your website traffic in real time. It displays "
|
1529 |
+
"connections in a format similar to the one used by most HTTP server logs. "
|
1530 |
+
"Note that requests sent to static elements like JS/CSS files and images are "
|
1531 |
+
"not managed by NinjaFirewall."
|
1532 |
+
msgstr ""
|
1533 |
+
|
1534 |
+
#: lib/help.php:434
|
1535 |
+
msgid ""
|
1536 |
+
"You can enable/disable the monitoring process, change the refresh rate, "
|
1537 |
+
"clear the screen, enable automatic vertical scrolling, change the log "
|
1538 |
+
"format, select which traffic you want to view (HTTP/HTTPS) and the timezone "
|
1539 |
+
"as well."
|
1540 |
+
msgstr ""
|
1541 |
+
|
1542 |
+
#: lib/help.php:437
|
1543 |
+
msgid ""
|
1544 |
+
"Live Log does not make use of any WordPress core file (e.g., <code>admin-"
|
1545 |
+
"ajax.php</code>). It communicates directly with the firewall without loading "
|
1546 |
+
"WordPress bootstrap. Consequently, it is fast, light and it should not "
|
1547 |
+
"affect your server load, even if you set its refresh rate to the lowest "
|
1548 |
+
"value."
|
1549 |
+
msgstr ""
|
1550 |
+
|
1551 |
+
#: lib/help.php:439
|
1552 |
+
msgid ""
|
1553 |
+
"If you are using the optional <code>.htninja</code> configuration file to "
|
1554 |
+
"whitelist your IP, the Live Log feature will not work."
|
1555 |
+
msgstr ""
|
1556 |
+
|
1557 |
+
#: lib/help.php:444
|
1558 |
+
msgid "Log Format"
|
1559 |
+
msgstr ""
|
1560 |
+
|
1561 |
+
#: lib/help.php:445
|
1562 |
+
msgid "You can easily customize the log format. Possible values are:"
|
1563 |
+
msgstr ""
|
1564 |
+
|
1565 |
+
#: lib/help.php:446
|
1566 |
+
msgid "<code>%time</code>: the server date, time and timezone."
|
1567 |
+
msgstr ""
|
1568 |
+
|
1569 |
+
#: lib/help.php:447
|
1570 |
+
msgid "<code>%name</code>: authenticated user (HTTP basic auth), if any."
|
1571 |
+
msgstr ""
|
1572 |
+
|
1573 |
+
#: lib/help.php:448
|
1574 |
+
#, php-format
|
1575 |
+
msgid ""
|
1576 |
+
"<code>%client</code>: the client REMOTE_ADDR. If you are behind a load "
|
1577 |
+
"balancer or CDN, this will be its IP."
|
1578 |
+
msgstr ""
|
1579 |
+
|
1580 |
+
#: lib/help.php:449
|
1581 |
+
msgid "<code>%method</code>: HTTP method (e.g., GET, POST)."
|
1582 |
+
msgstr ""
|
1583 |
+
|
1584 |
+
#: lib/help.php:450
|
1585 |
+
#, php-format
|
1586 |
+
msgid ""
|
1587 |
+
"<code>%uri</code>: the URI which was given in order to access the page "
|
1588 |
+
"(REQUEST_URI)."
|
1589 |
+
msgstr ""
|
1590 |
+
|
1591 |
+
#: lib/help.php:451
|
1592 |
+
msgid "<code>%referrer</code>: the referrer (HTTP_REFERER), if any."
|
1593 |
+
msgstr ""
|
1594 |
+
|
1595 |
+
#: lib/help.php:452
|
1596 |
+
#, php-format
|
1597 |
+
msgid "<code>%ua</code>: the user-agent (HTTP_USER_AGENT), if any."
|
1598 |
+
msgstr ""
|
1599 |
+
|
1600 |
+
#: lib/help.php:453
|
1601 |
+
#, php-format
|
1602 |
+
msgid ""
|
1603 |
+
"<code>%forward</code>: HTTP_X_FORWARDED_FOR, if any. If you are behind a "
|
1604 |
+
"load balancer or CDN, this will likely be the visitor true IP."
|
1605 |
+
msgstr ""
|
1606 |
+
|
1607 |
+
#: lib/help.php:454
|
1608 |
+
msgid "<code>%host</code>: the requested host (HTTP_HOST), if any."
|
1609 |
+
msgstr ""
|
1610 |
+
|
1611 |
+
#: lib/help.php:455
|
1612 |
+
msgid ""
|
1613 |
+
"Additionally, you can include any of the following characters: <code>\"</"
|
1614 |
+
"code>, <code>%</code>, <code>[</code>, <code>]</code>, <code>space</code> "
|
1615 |
+
"and lowercase letters <code>a-z</code>."
|
1616 |
+
msgstr ""
|
1617 |
+
|
1618 |
+
#: lib/help.php:467 ninjafirewall.php:853 ninjafirewall.php:3192
|
1619 |
+
msgid "Rules Editor"
|
1620 |
+
msgstr ""
|
1621 |
+
|
1622 |
+
#: lib/help.php:469
|
1623 |
+
msgid ""
|
1624 |
+
"Besides the \"Firewall Policies\", NinjaFirewall includes also a large set "
|
1625 |
+
"of built-in rules used to protect your blog against the most common "
|
1626 |
+
"vulnerabilities and hacking attempts. They are always enabled and you cannot "
|
1627 |
+
"edit them, but if you notice that your visitors are wrongly blocked by some "
|
1628 |
+
"of those rules, you can use the Rules Editor below to disable them "
|
1629 |
+
"individually:"
|
1630 |
+
msgstr ""
|
1631 |
+
|
1632 |
+
#: lib/help.php:471
|
1633 |
+
msgid ""
|
1634 |
+
"Check your firewall log and find the rule ID you want to disable (it is "
|
1635 |
+
"displayed in the <code>RULE</code> column)."
|
1636 |
+
msgstr ""
|
1637 |
+
|
1638 |
+
#: lib/help.php:472
|
1639 |
+
msgid ""
|
1640 |
+
"Select its ID from the enabled rules list below and click the \"Disable it\" "
|
1641 |
+
"button."
|
1642 |
+
msgstr ""
|
1643 |
+
|
1644 |
+
#: lib/help.php:474
|
1645 |
+
msgid ""
|
1646 |
+
"Note: if the <code>RULE</code> column from your log shows a hyphen <code>-</"
|
1647 |
+
"code> instead of a number, that means that the rule can be changed in the "
|
1648 |
+
"\"Firewall Policies\" page."
|
1649 |
+
msgstr ""
|
1650 |
+
|
1651 |
+
#: lib/help.php:479
|
1652 |
+
msgid "Credits"
|
1653 |
+
msgstr ""
|
1654 |
+
|
1655 |
+
#: lib/help.php:481
|
1656 |
+
msgid ""
|
1657 |
+
"NinjaFirewall security rules protect against many vulnerabilities. Some of "
|
1658 |
+
"them were reported by the following companies, individuals or mailing lists:"
|
1659 |
+
msgstr ""
|
1660 |
+
|
1661 |
+
#: lib/help.php:536 lib/nf_sub_updates.php:74 ninjafirewall.php:857
|
1662 |
+
#: ninjafirewall.php:1042
|
1663 |
+
msgid "Updates"
|
1664 |
+
msgstr ""
|
1665 |
+
|
1666 |
+
#: lib/help.php:538
|
1667 |
+
msgid ""
|
1668 |
+
"To get the most efficient protection, you can ask NinjaFirewall to "
|
1669 |
+
"automatically update its security rules."
|
1670 |
+
msgstr ""
|
1671 |
+
|
1672 |
+
#: lib/help.php:540
|
1673 |
+
msgid ""
|
1674 |
+
"Each time a new vulnerability is found in WordPress or one of its plugins/"
|
1675 |
+
"themes, a new set of security rules will be made available to protect "
|
1676 |
+
"against such vulnerability. Updates can be checked as often as daily, twice "
|
1677 |
+
"daily or even hourly."
|
1678 |
+
msgstr ""
|
1679 |
+
|
1680 |
+
#: lib/help.php:542
|
1681 |
+
msgid ""
|
1682 |
+
"Only security rules will be downloaded. If a new version of NinjaFirewall "
|
1683 |
+
"(including new files, options and features) was available, it would have to "
|
1684 |
+
"be updated from the dashboard plugins menu as usual."
|
1685 |
+
msgstr ""
|
1686 |
+
|
1687 |
+
#: lib/help.php:544
|
1688 |
+
msgid ""
|
1689 |
+
"We recommend to enable this feature, as it is the <strong>only way to keep "
|
1690 |
+
"your WordPress secure</strong> against new vulnerabilities."
|
1691 |
+
msgstr ""
|
1692 |
+
|
1693 |
+
#: lib/install_fullwaf.php:36 lib/install_fullwaf.php:151
|
1694 |
+
#: lib/install_fullwaf.php:307 lib/install_wpwaf.php:54
|
1695 |
+
#: lib/install_wpwaf.php:64 lib/install_wpwaf.php:71
|
1696 |
+
msgid "Error:"
|
1697 |
+
msgstr ""
|
1698 |
+
|
1699 |
+
#: lib/install_fullwaf.php:40
|
1700 |
+
#, php-format
|
1701 |
+
msgid ""
|
1702 |
+
"Your WordPress directory (%s) is different from your website document root "
|
1703 |
+
"(%s). Because it is possible to install WordPress into a subdirectory, but "
|
1704 |
+
"have the blog exist in the site root, NinjaFirewall needs to know the exact "
|
1705 |
+
"location of the site root."
|
1706 |
+
msgstr ""
|
1707 |
+
|
1708 |
+
#: lib/install_fullwaf.php:41
|
1709 |
+
#, php-format
|
1710 |
+
msgid ""
|
1711 |
+
"Please edit the path below only if you have manually modified your WordPress "
|
1712 |
+
"root directory as described in the <a href=\"%s\">Giving WordPress Its Own "
|
1713 |
+
"Directory</a> article."
|
1714 |
+
msgstr ""
|
1715 |
+
|
1716 |
+
#: lib/install_fullwaf.php:42
|
1717 |
+
msgid "Most users should not change this value."
|
1718 |
+
msgstr ""
|
1719 |
+
|
1720 |
+
#: lib/install_fullwaf.php:43
|
1721 |
+
msgid "Path to WordPress site root directory:"
|
1722 |
+
msgstr ""
|
1723 |
+
|
1724 |
+
#: lib/install_fullwaf.php:58 lib/install_fullwaf.php:251
|
1725 |
+
msgid "please enter the full path to WordPress folder."
|
1726 |
+
msgstr ""
|
1727 |
+
|
1728 |
+
#: lib/install_fullwaf.php:63
|
1729 |
+
#, php-format
|
1730 |
+
msgid ""
|
1731 |
+
"cannot find the %s directory! Please correct the full path to WordPress site "
|
1732 |
+
"root directory."
|
1733 |
+
msgstr ""
|
1734 |
+
|
1735 |
+
#: lib/install_fullwaf.php:76
|
1736 |
+
msgid "(recommended)"
|
1737 |
+
msgstr ""
|
1738 |
+
|
1739 |
+
#: lib/install_fullwaf.php:119
|
1740 |
+
msgid "Please select the PHP initialization file supported by your server."
|
1741 |
+
msgstr ""
|
1742 |
+
|
1743 |
+
#: lib/install_fullwaf.php:146
|
1744 |
+
#, php-format
|
1745 |
+
msgid ""
|
1746 |
+
"Error: NinjaFirewall log directory is not writable (%s). Please chmod it to "
|
1747 |
+
"0777 and reload this page."
|
1748 |
+
msgstr ""
|
1749 |
+
|
1750 |
+
#: lib/install_fullwaf.php:155
|
1751 |
+
msgid "System configuration"
|
1752 |
+
msgstr ""
|
1753 |
+
|
1754 |
+
#: lib/install_fullwaf.php:161
|
1755 |
+
#, php-format
|
1756 |
+
msgid ""
|
1757 |
+
"NinjaFirewall detected that the PHP <code>auto_prepend_file</code> directive "
|
1758 |
+
"seems to be used by another application: %s."
|
1759 |
+
msgstr ""
|
1760 |
+
|
1761 |
+
#: lib/install_fullwaf.php:161
|
1762 |
+
msgid ""
|
1763 |
+
"Because NinjaFirewall needs to use that directive, it will orverride your "
|
1764 |
+
"current one."
|
1765 |
+
msgstr ""
|
1766 |
+
|
1767 |
+
#: lib/install_fullwaf.php:168 lib/install_wpwaf.php:96
|
1768 |
+
msgid "Multisite network detected:"
|
1769 |
+
msgstr ""
|
1770 |
+
|
1771 |
+
#: lib/install_fullwaf.php:168 lib/install_wpwaf.php:96
|
1772 |
+
msgid ""
|
1773 |
+
"NinjaFirewall will protect all sites from your network and its configuration "
|
1774 |
+
"interface will be accessible only to the Super Admin from the network main "
|
1775 |
+
"site."
|
1776 |
+
msgstr ""
|
1777 |
+
|
1778 |
+
#: lib/install_fullwaf.php:177
|
1779 |
+
msgid "Select your HTTP server and your PHP server API"
|
1780 |
+
msgstr ""
|
1781 |
+
|
1782 |
+
#: lib/install_fullwaf.php:184
|
1783 |
+
msgid "CGI or PHP-FPM"
|
1784 |
+
msgstr ""
|
1785 |
+
|
1786 |
+
#: lib/install_fullwaf.php:186
|
1787 |
+
msgid "Other webserver + CGI/FastCGI"
|
1788 |
+
msgstr ""
|
1789 |
+
|
1790 |
+
#: lib/install_fullwaf.php:187
|
1791 |
+
msgid "Other webserver + HHVM"
|
1792 |
+
msgstr ""
|
1793 |
+
|
1794 |
+
#: lib/install_fullwaf.php:188
|
1795 |
+
msgid "view PHPINFO"
|
1796 |
+
msgstr ""
|
1797 |
+
|
1798 |
+
#: lib/install_fullwaf.php:196
|
1799 |
+
#, php-format
|
1800 |
+
msgid ""
|
1801 |
+
"Please <a href=\"%s\">check our blog</a> if you want to install "
|
1802 |
+
"NinjaFirewall on HHVM."
|
1803 |
+
msgstr ""
|
1804 |
+
|
1805 |
+
#: lib/install_fullwaf.php:225
|
1806 |
+
msgid "Select the PHP initialization file supported by your server"
|
1807 |
+
msgstr ""
|
1808 |
+
|
1809 |
+
#: lib/install_fullwaf.php:228
|
1810 |
+
msgid "Used by most shared hosting accounts."
|
1811 |
+
msgstr ""
|
1812 |
+
|
1813 |
+
#: lib/install_fullwaf.php:230
|
1814 |
+
msgid ""
|
1815 |
+
"Used by most dedicated/VPS servers, as well as shared hosting accounts that "
|
1816 |
+
"do not support php.ini"
|
1817 |
+
msgstr ""
|
1818 |
+
|
1819 |
+
#: lib/install_fullwaf.php:230
|
1820 |
+
msgid "more info"
|
1821 |
+
msgstr ""
|
1822 |
+
|
1823 |
+
#: lib/install_fullwaf.php:232
|
1824 |
+
msgid "A few shared hosting accounts. Seldom used."
|
1825 |
+
msgstr ""
|
1826 |
+
|
1827 |
+
#: lib/install_fullwaf.php:256 lib/install_fullwaf.php:517
|
1828 |
+
msgid "select your HTTP server and PHP SAPI."
|
1829 |
+
msgstr ""
|
1830 |
+
|
1831 |
+
#: lib/install_fullwaf.php:262 lib/install_fullwaf.php:523
|
1832 |
+
msgid "select the PHP initialization file supported by your server."
|
1833 |
+
msgstr ""
|
1834 |
+
|
1835 |
+
#: lib/install_fullwaf.php:310 lib/install_wpwaf.php:90
|
1836 |
+
msgid "Firewall Integration"
|
1837 |
+
msgstr ""
|
1838 |
+
|
1839 |
+
#: lib/install_fullwaf.php:315
|
1840 |
+
#, php-format
|
1841 |
+
msgid ""
|
1842 |
+
"The <code>%s</code> file must be created, and the following lines of code "
|
1843 |
+
"added to it:"
|
1844 |
+
msgstr ""
|
1845 |
+
|
1846 |
+
#: lib/install_fullwaf.php:316
|
1847 |
+
#, php-format
|
1848 |
+
msgid ""
|
1849 |
+
"The following <font color=\"green\">green lines</font> of code must be added "
|
1850 |
+
"to your <code>%s</code> file."
|
1851 |
+
msgstr ""
|
1852 |
+
|
1853 |
+
#: lib/install_fullwaf.php:316 lib/install_wpwaf.php:102
|
1854 |
+
msgid "All other lines, if any, are the actual content of the file:"
|
1855 |
+
msgstr ""
|
1856 |
+
|
1857 |
+
#: lib/install_fullwaf.php:318
|
1858 |
+
msgid "The file is not writable, I cannot edit it for you."
|
1859 |
+
msgstr ""
|
1860 |
+
|
1861 |
+
#: lib/install_fullwaf.php:400
|
1862 |
+
msgid ""
|
1863 |
+
"Add the following code to your <code>/etc/hhvm/php.ini</code> file, and "
|
1864 |
+
"restart HHVM afterwards:"
|
1865 |
+
msgstr ""
|
1866 |
+
|
1867 |
+
#: lib/install_fullwaf.php:465 lib/install_wpwaf.php:136
|
1868 |
+
msgid "Please make those changes, then click on button below."
|
1869 |
+
msgstr ""
|
1870 |
+
|
1871 |
+
#: lib/install_fullwaf.php:470 lib/install_wpwaf.php:128
|
1872 |
+
msgid "Let NinjaFirewall make the above changes (recommended)."
|
1873 |
+
msgstr ""
|
1874 |
+
|
1875 |
+
#: lib/install_fullwaf.php:473 lib/install_wpwaf.php:132
|
1876 |
+
msgid ""
|
1877 |
+
"Ensure that you have FTP access to your website so that, if there were a "
|
1878 |
+
"problem during the installation of the firewall, you could easily undo the "
|
1879 |
+
"changes."
|
1880 |
+
msgstr ""
|
1881 |
+
|
1882 |
+
#: lib/install_fullwaf.php:478 lib/install_wpwaf.php:135
|
1883 |
+
msgid "I want to make the changes myself."
|
1884 |
+
msgstr ""
|
1885 |
+
|
1886 |
+
#: lib/install_fullwaf.php:487
|
1887 |
+
msgid "Please check our blog if you want to install NinjaFirewall on HHVM."
|
1888 |
+
msgstr ""
|
1889 |
+
|
1890 |
+
#: lib/install_fullwaf.php:507
|
1891 |
+
msgid "you must select how to make changes to your files."
|
1892 |
+
msgstr ""
|
1893 |
+
|
1894 |
+
#: lib/install_fullwaf.php:533
|
1895 |
+
msgid ""
|
1896 |
+
"your WordPress root directory is not writable, I cannot make those changes "
|
1897 |
+
"for you."
|
1898 |
+
msgstr ""
|
1899 |
+
|
1900 |
+
#: lib/install_fullwaf.php:548 lib/install_fullwaf.php:587
|
1901 |
+
#, php-format
|
1902 |
+
msgid "cannot write to <code>%s</code>, it is read-only."
|
1903 |
+
msgstr ""
|
1904 |
+
|
1905 |
+
#: lib/install_fullwaf.php:620 lib/install_wpwaf.php:205
|
1906 |
+
msgid "Your configuration was saved."
|
1907 |
+
msgstr ""
|
1908 |
+
|
1909 |
+
#: lib/install_fullwaf.php:625 lib/install_wpwaf.php:210
|
1910 |
+
#, php-format
|
1911 |
+
msgid "A \"Quick Start, FAQ & Troubleshooting Guide\" email was sent to %s."
|
1912 |
+
msgstr ""
|
1913 |
+
|
1914 |
+
#: lib/install_fullwaf.php:630 lib/install_wpwaf.php:215
|
1915 |
+
msgid ""
|
1916 |
+
"Please click the button below to test if the firewall integration was "
|
1917 |
+
"successful."
|
1918 |
+
msgstr ""
|
1919 |
+
|
1920 |
+
#: lib/install_fullwaf.php:632 lib/install_wpwaf.php:217
|
1921 |
+
msgid "Test Firewall"
|
1922 |
+
msgstr ""
|
1923 |
+
|
1924 |
+
#: lib/install_wpwaf.php:55
|
1925 |
+
#, php-format
|
1926 |
+
msgid ""
|
1927 |
+
"Unable to read the wp-config.php file (%s). Make sure it is readable and try "
|
1928 |
+
"again."
|
1929 |
+
msgstr ""
|
1930 |
+
|
1931 |
+
#: lib/install_wpwaf.php:72
|
1932 |
+
#, php-format
|
1933 |
+
msgid "Unable to find the wp-config.php file in the %s or %s directories."
|
1934 |
+
msgstr ""
|
1935 |
+
|
1936 |
+
#: lib/install_wpwaf.php:102
|
1937 |
+
#, php-format
|
1938 |
+
msgid ""
|
1939 |
+
"The following <font color=\"green\">green lines</font> of code must be added "
|
1940 |
+
"to your %s file."
|
1941 |
+
msgstr ""
|
1942 |
+
|
1943 |
+
#: lib/install_wpwaf.php:121
|
1944 |
+
msgid ""
|
1945 |
+
"The file is not writable, I cannot edit it for you. Please make those "
|
1946 |
+
"changes, then click on button below."
|
1947 |
+
msgstr ""
|
1948 |
+
|
1949 |
+
#: lib/install_wpwaf.php:130
|
1950 |
+
msgid "Back up the file (wp-config.bak.php) before editing it."
|
1951 |
+
msgstr ""
|
1952 |
+
|
1953 |
+
#: lib/install_wpwaf.php:156
|
1954 |
+
#, php-format
|
1955 |
+
msgid "Unable to find the wp-config.php file (#%s)."
|
1956 |
+
msgstr ""
|
1957 |
+
|
1958 |
+
#: lib/install_wpwaf.php:240
|
1959 |
+
msgid ""
|
1960 |
+
"The firewall is not loaded. Make sure that the required lines of code were "
|
1961 |
+
"added to your wp-config.php file."
|
1962 |
+
msgstr ""
|
1963 |
+
|
1964 |
+
#: lib/login_protection.php:31 lib/nf_sub_event.php:54
|
1965 |
+
#: lib/nf_sub_filecheck.php:113 lib/nf_sub_livelog.php:217
|
1966 |
+
#: lib/nf_sub_options.php:67 lib/nf_sub_updates.php:105 ninjafirewall.php:1315
|
1967 |
+
#: ninjafirewall.php:2863 ninjafirewall.php:2991
|
1968 |
+
msgid "Your changes have been saved."
|
1969 |
+
msgstr ""
|
1970 |
+
|
1971 |
+
#: lib/login_protection.php:70 lib/login_protection.php:125
|
1972 |
+
#: lib/login_protection.php:540
|
1973 |
+
msgid "Access restricted"
|
1974 |
+
msgstr ""
|
1975 |
+
|
1976 |
+
#: lib/login_protection.php:80 lib/login_protection.php:129
|
1977 |
+
#: lib/login_protection.php:550
|
1978 |
+
msgid "Type the characters you see in the picture below:"
|
1979 |
+
msgstr ""
|
1980 |
+
|
1981 |
+
#: lib/login_protection.php:139
|
1982 |
+
msgid "Please enter a number from 1 to 99 in 'Password-protect' field."
|
1983 |
+
msgstr ""
|
1984 |
+
|
1985 |
+
#: lib/login_protection.php:146
|
1986 |
+
msgid "Invalid character."
|
1987 |
+
msgstr ""
|
1988 |
+
|
1989 |
+
#: lib/login_protection.php:151
|
1990 |
+
msgid "\"admin\" is not acceptable, please choose another user name."
|
1991 |
+
msgstr ""
|
1992 |
+
|
1993 |
+
#: lib/login_protection.php:159
|
1994 |
+
msgid "Please enter max 1024 character only."
|
1995 |
+
msgstr ""
|
1996 |
+
|
1997 |
+
#: lib/login_protection.php:212
|
1998 |
+
msgid ""
|
1999 |
+
"Note: Access to the XML-RPC API will be completely disabled when the brute-"
|
2000 |
+
"force attack protection is set to 'Always ON'."
|
2001 |
+
msgstr ""
|
2002 |
+
|
2003 |
+
#: lib/login_protection.php:272
|
2004 |
+
msgid "GD Support is not available on your server."
|
2005 |
+
msgstr ""
|
2006 |
+
|
2007 |
+
#: lib/login_protection.php:278
|
2008 |
+
msgid ""
|
2009 |
+
"Error: GD Support is not available on your server, the captcha protection "
|
2010 |
+
"will not work!"
|
2011 |
+
msgstr ""
|
2012 |
+
|
2013 |
+
#: lib/login_protection.php:287
|
2014 |
+
msgid "Enable brute force attack protection"
|
2015 |
+
msgstr ""
|
2016 |
+
|
2017 |
+
#: lib/login_protection.php:290
|
2018 |
+
msgid "Yes, if under attack"
|
2019 |
+
msgstr ""
|
2020 |
+
|
2021 |
+
#: lib/login_protection.php:293
|
2022 |
+
msgid "Always ON"
|
2023 |
+
msgstr ""
|
2024 |
+
|
2025 |
+
#: lib/login_protection.php:296 lib/nf_sub_filecheck.php:510
|
2026 |
+
#: ninjafirewall.php:1610 ninjafirewall.php:1625 ninjafirewall.php:1635
|
2027 |
+
#: ninjafirewall.php:1645 ninjafirewall.php:1715 ninjafirewall.php:1758
|
2028 |
+
#: ninjafirewall.php:1791 ninjafirewall.php:1829 ninjafirewall.php:1917
|
2029 |
+
#: ninjafirewall.php:1937 ninjafirewall.php:1980 ninjafirewall.php:2107
|
2030 |
+
#: ninjafirewall.php:2121 ninjafirewall.php:2324
|
2031 |
+
msgid "No (default)"
|
2032 |
+
msgstr ""
|
2033 |
+
|
2034 |
+
#: lib/login_protection.php:306
|
2035 |
+
msgid "Type of protection"
|
2036 |
+
msgstr ""
|
2037 |
+
|
2038 |
+
#: lib/login_protection.php:309
|
2039 |
+
msgid "Password"
|
2040 |
+
msgstr ""
|
2041 |
+
|
2042 |
+
#: lib/login_protection.php:312
|
2043 |
+
msgid "Captcha"
|
2044 |
+
msgstr ""
|
2045 |
+
|
2046 |
+
#: lib/login_protection.php:321
|
2047 |
+
msgid "Protect the login page against"
|
2048 |
+
msgstr ""
|
2049 |
+
|
2050 |
+
#: lib/login_protection.php:323
|
2051 |
+
msgid "<code>GET</code> request attacks"
|
2052 |
+
msgstr ""
|
2053 |
+
|
2054 |
+
#: lib/login_protection.php:324
|
2055 |
+
msgid "<code>POST</code> request attacks (default)"
|
2056 |
+
msgstr ""
|
2057 |
+
|
2058 |
+
#: lib/login_protection.php:325
|
2059 |
+
msgid "<code>GET</code> and <code>POST</code> requests attacks"
|
2060 |
+
msgstr ""
|
2061 |
+
|
2062 |
+
#: lib/login_protection.php:329
|
2063 |
+
msgid "Enable protection"
|
2064 |
+
msgstr ""
|
2065 |
+
|
2066 |
+
#: lib/login_protection.php:332
|
2067 |
+
#, php-format
|
2068 |
+
msgid "For %1$s minutes, if more than %2$s %3$s requests within %4$s seconds."
|
2069 |
+
msgstr ""
|
2070 |
+
|
2071 |
+
#: lib/login_protection.php:353
|
2072 |
+
msgid "HTTP authentication"
|
2073 |
+
msgstr ""
|
2074 |
+
|
2075 |
+
#: lib/login_protection.php:355
|
2076 |
+
msgid "User:"
|
2077 |
+
msgstr ""
|
2078 |
+
|
2079 |
+
#: lib/login_protection.php:355
|
2080 |
+
msgid "Password:"
|
2081 |
+
msgstr ""
|
2082 |
+
|
2083 |
+
#: lib/login_protection.php:356
|
2084 |
+
msgid "User and Password must be from 6 to 32 characters."
|
2085 |
+
msgstr ""
|
2086 |
+
|
2087 |
+
#: lib/login_protection.php:357
|
2088 |
+
msgid "Message (max. 1024 characters, HTML tags allowed)"
|
2089 |
+
msgstr ""
|
2090 |
+
|
2091 |
+
#: lib/login_protection.php:368
|
2092 |
+
msgid "Message"
|
2093 |
+
msgstr ""
|
2094 |
+
|
2095 |
+
#: lib/login_protection.php:371
|
2096 |
+
msgid "This message will be displayed above the captcha. Max. 255 characters."
|
2097 |
+
msgstr ""
|
2098 |
+
|
2099 |
+
#: lib/login_protection.php:380
|
2100 |
+
msgid "Various options"
|
2101 |
+
msgstr ""
|
2102 |
+
|
2103 |
+
#: lib/login_protection.php:383
|
2104 |
+
msgid "XML-RPC API"
|
2105 |
+
msgstr ""
|
2106 |
+
|
2107 |
+
#: lib/login_protection.php:385
|
2108 |
+
msgid "Apply the protection to the <code>xmlrpc.php</code> script as well."
|
2109 |
+
msgstr ""
|
2110 |
+
|
2111 |
+
#: lib/login_protection.php:390
|
2112 |
+
msgid "Bot protection"
|
2113 |
+
msgstr ""
|
2114 |
+
|
2115 |
+
#: lib/login_protection.php:392
|
2116 |
+
msgid "Enable bot protection (applies to <code>wp-login.php</code> only.)"
|
2117 |
+
msgstr ""
|
2118 |
+
|
2119 |
+
#: lib/login_protection.php:397
|
2120 |
+
msgid "Authentication log"
|
2121 |
+
msgstr ""
|
2122 |
+
|
2123 |
+
#: lib/login_protection.php:403
|
2124 |
+
msgid "Your server configuration is not compatible with that option."
|
2125 |
+
msgstr ""
|
2126 |
+
|
2127 |
+
#: lib/login_protection.php:406
|
2128 |
+
msgid "See contextual help before enabling this option."
|
2129 |
+
msgstr ""
|
2130 |
+
|
2131 |
+
#: lib/login_protection.php:410
|
2132 |
+
msgid "Write the incident to the server Authentication log."
|
2133 |
+
msgstr ""
|
2134 |
+
|
2135 |
+
#: lib/login_protection.php:416
|
2136 |
+
msgid "Signature"
|
2137 |
+
msgstr ""
|
2138 |
+
|
2139 |
+
#. translators: "Brute-force protection by NinjaFirewall" should not be translated.
|
2140 |
+
#: lib/login_protection.php:420
|
2141 |
+
msgid ""
|
2142 |
+
"Disable the <i>Brute-force protection by NinjaFirewall</i> signature on the "
|
2143 |
+
"protection page."
|
2144 |
+
msgstr ""
|
2145 |
+
|
2146 |
+
#: lib/login_protection.php:429
|
2147 |
+
msgid "Save Login Protection"
|
2148 |
+
msgstr ""
|
2149 |
+
|
2150 |
+
#: lib/login_protection.php:430
|
2151 |
+
msgid "See our benchmark and stress-test:"
|
2152 |
+
msgstr ""
|
2153 |
+
|
2154 |
+
#: lib/login_protection.php:448
|
2155 |
+
#, php-format
|
2156 |
+
msgid "Error: %s directory is not writable. Please chmod it to 0777."
|
2157 |
+
msgstr ""
|
2158 |
+
|
2159 |
+
#: lib/login_protection.php:522
|
2160 |
+
msgid "Error: please enter a user name for HTTP authentication."
|
2161 |
+
msgstr ""
|
2162 |
+
|
2163 |
+
#: lib/login_protection.php:524
|
2164 |
+
msgid "Error: HTTP authentication user name is not valid."
|
2165 |
+
msgstr ""
|
2166 |
+
|
2167 |
+
#: lib/login_protection.php:530
|
2168 |
+
msgid "Error: please enter a user name and password for HTTP authentication."
|
2169 |
+
msgstr ""
|
2170 |
+
|
2171 |
+
#: lib/login_protection.php:533
|
2172 |
+
msgid "Error: password must be from 6 to 32 characters."
|
2173 |
+
msgstr ""
|
2174 |
+
|
2175 |
+
#: lib/login_protection.php:568
|
2176 |
+
#, php-format
|
2177 |
+
msgid "Error: unable to write to the %s configuration file"
|
2178 |
+
msgstr ""
|
2179 |
+
|
2180 |
+
#: lib/nf_sub_about.php:31
|
2181 |
+
msgid "Error : cannot find changelog :("
|
2182 |
+
msgstr ""
|
2183 |
+
|
2184 |
+
#: lib/nf_sub_about.php:54
|
2185 |
+
msgid "About"
|
2186 |
+
msgstr ""
|
2187 |
+
|
2188 |
+
#: lib/nf_sub_about.php:75
|
2189 |
+
msgid "A powerful antivirus<br />scanner for WordPress."
|
2190 |
+
msgstr ""
|
2191 |
+
|
2192 |
+
#: lib/nf_sub_about.php:77
|
2193 |
+
msgid "Free Download"
|
2194 |
+
msgstr ""
|
2195 |
+
|
2196 |
+
#: lib/nf_sub_about.php:81
|
2197 |
+
msgid "Website Monitoring<br />for just $4.99/month."
|
2198 |
+
msgstr ""
|
2199 |
+
|
2200 |
+
#: lib/nf_sub_about.php:83
|
2201 |
+
msgid "7-Day Free Trial"
|
2202 |
+
msgstr ""
|
2203 |
+
|
2204 |
+
#: lib/nf_sub_about.php:87
|
2205 |
+
msgid "Malware removal<br />and hack recovery."
|
2206 |
+
msgstr ""
|
2207 |
+
|
2208 |
+
#: lib/nf_sub_about.php:89
|
2209 |
+
msgid "Clean Your Site!"
|
2210 |
+
msgstr ""
|
2211 |
+
|
2212 |
+
#: lib/nf_sub_about.php:101
|
2213 |
+
msgid "Changelog"
|
2214 |
+
msgstr ""
|
2215 |
+
|
2216 |
+
#: lib/nf_sub_about.php:101
|
2217 |
+
msgid "Spread the word!"
|
2218 |
+
msgstr ""
|
2219 |
+
|
2220 |
+
#: lib/nf_sub_about.php:101
|
2221 |
+
msgid "Referral Program"
|
2222 |
+
msgstr ""
|
2223 |
+
|
2224 |
+
#: lib/nf_sub_about.php:101
|
2225 |
+
msgid "System Info"
|
2226 |
+
msgstr ""
|
2227 |
+
|
2228 |
+
#: lib/nf_sub_about.php:135
|
2229 |
+
msgid "PHP version"
|
2230 |
+
msgstr ""
|
2231 |
+
|
2232 |
+
#: lib/nf_sub_about.php:144
|
2233 |
+
msgid "HTTP server"
|
2234 |
+
msgstr ""
|
2235 |
+
|
2236 |
+
#: lib/nf_sub_about.php:147
|
2237 |
+
msgid "Operating System"
|
2238 |
+
msgstr ""
|
2239 |
+
|
2240 |
+
#: lib/nf_sub_about.php:150
|
2241 |
+
msgid "Load Average"
|
2242 |
+
msgstr ""
|
2243 |
+
|
2244 |
+
#: lib/nf_sub_about.php:168
|
2245 |
+
msgid "RAM"
|
2246 |
+
msgstr ""
|
2247 |
+
|
2248 |
+
#: lib/nf_sub_about.php:168
|
2249 |
+
msgid "MB free"
|
2250 |
+
msgstr ""
|
2251 |
+
|
2252 |
+
#: lib/nf_sub_about.php:168
|
2253 |
+
msgid "MB total"
|
2254 |
+
msgstr ""
|
2255 |
+
|
2256 |
+
#: lib/nf_sub_about.php:176
|
2257 |
+
msgid "Processor"
|
2258 |
+
msgid_plural "Processors"
|
2259 |
+
msgstr[0] ""
|
2260 |
+
msgstr[1] ""
|
2261 |
+
|
2262 |
+
#: lib/nf_sub_about.php:176
|
2263 |
+
msgid "CPU core:"
|
2264 |
+
msgid_plural "CPU cores:"
|
2265 |
+
msgstr[0] ""
|
2266 |
+
msgstr[1] ""
|
2267 |
+
|
2268 |
+
#: lib/nf_sub_about.php:177
|
2269 |
+
msgid "CPU model"
|
2270 |
+
msgstr ""
|
2271 |
+
|
2272 |
+
#: lib/nf_sub_about.php:189
|
2273 |
+
#, php-format
|
2274 |
+
msgid ""
|
2275 |
+
"By joining our NinjaFirewall Referral Program you can earn up to %s for "
|
2276 |
+
"every payment made by a user who signs up using your personal referral link."
|
2277 |
+
msgstr ""
|
2278 |
+
|
2279 |
+
#: lib/nf_sub_about.php:190
|
2280 |
+
#, php-format
|
2281 |
+
msgid ""
|
2282 |
+
"For more info and subscription, please check our <a href=\"%s\">Referral "
|
2283 |
+
"Program page</a>."
|
2284 |
+
msgstr ""
|
2285 |
+
|
2286 |
+
#: lib/nf_sub_event.php:64
|
2287 |
+
msgid "WordPress admin dashboard"
|
2288 |
+
msgstr ""
|
2289 |
+
|
2290 |
+
#: lib/nf_sub_event.php:67 lib/nf_sub_event.php:136
|
2291 |
+
msgid "Send me an alert whenever"
|
2292 |
+
msgstr ""
|
2293 |
+
|
2294 |
+
#: lib/nf_sub_event.php:69
|
2295 |
+
msgid "An administrator logs in (default)"
|
2296 |
+
msgstr ""
|
2297 |
+
|
2298 |
+
#: lib/nf_sub_event.php:70
|
2299 |
+
msgid "Someone - user, admin, editor, etc - logs in"
|
2300 |
+
msgstr ""
|
2301 |
+
|
2302 |
+
#: lib/nf_sub_event.php:71
|
2303 |
+
msgid "No, thanks (not recommended)"
|
2304 |
+
msgstr ""
|
2305 |
+
|
2306 |
+
#: lib/nf_sub_event.php:78
|
2307 |
+
msgid "Plugins"
|
2308 |
+
msgstr ""
|
2309 |
+
|
2310 |
+
#: lib/nf_sub_event.php:81 lib/nf_sub_event.php:98 lib/nf_sub_event.php:113
|
2311 |
+
msgid "Send me an alert whenever someone"
|
2312 |
+
msgstr ""
|
2313 |
+
|
2314 |
+
#: lib/nf_sub_event.php:83
|
2315 |
+
msgid "Uploads a plugin (default)"
|
2316 |
+
msgstr ""
|
2317 |
+
|
2318 |
+
#: lib/nf_sub_event.php:84
|
2319 |
+
msgid "Installs a plugin (default)"
|
2320 |
+
msgstr ""
|
2321 |
+
|
2322 |
+
#: lib/nf_sub_event.php:85
|
2323 |
+
msgid "Activates a plugin"
|
2324 |
+
msgstr ""
|
2325 |
+
|
2326 |
+
#: lib/nf_sub_event.php:86
|
2327 |
+
msgid "Updates a plugin"
|
2328 |
+
msgstr ""
|
2329 |
+
|
2330 |
+
#: lib/nf_sub_event.php:87
|
2331 |
+
msgid "Deactivates a plugin (default)"
|
2332 |
+
msgstr ""
|
2333 |
+
|
2334 |
+
#: lib/nf_sub_event.php:88
|
2335 |
+
msgid "Deletes a plugin"
|
2336 |
+
msgstr ""
|
2337 |
+
|
2338 |
+
#: lib/nf_sub_event.php:95
|
2339 |
+
msgid "Themes"
|
2340 |
+
msgstr ""
|
2341 |
+
|
2342 |
+
#: lib/nf_sub_event.php:100
|
2343 |
+
msgid "Uploads a theme (default)"
|
2344 |
+
msgstr ""
|
2345 |
+
|
2346 |
+
#: lib/nf_sub_event.php:101
|
2347 |
+
msgid "Installs a theme (default)"
|
2348 |
+
msgstr ""
|
2349 |
+
|
2350 |
+
#: lib/nf_sub_event.php:102
|
2351 |
+
msgid "Activates a theme"
|
2352 |
+
msgstr ""
|
2353 |
+
|
2354 |
+
#: lib/nf_sub_event.php:103
|
2355 |
+
msgid "Deletes a theme"
|
2356 |
+
msgstr ""
|
2357 |
+
|
2358 |
+
#: lib/nf_sub_event.php:110
|
2359 |
+
msgid "Core"
|
2360 |
+
msgstr ""
|
2361 |
+
|
2362 |
+
#: lib/nf_sub_event.php:115
|
2363 |
+
msgid "Updates WordPress (default)"
|
2364 |
+
msgstr ""
|
2365 |
+
|
2366 |
+
#: lib/nf_sub_event.php:133
|
2367 |
+
msgid "Administrator account"
|
2368 |
+
msgstr ""
|
2369 |
+
|
2370 |
+
#: lib/nf_sub_event.php:138
|
2371 |
+
msgid ""
|
2372 |
+
"An administrator account is created, modified or deleted in the database "
|
2373 |
+
"(default)"
|
2374 |
+
msgstr ""
|
2375 |
+
|
2376 |
+
#: lib/nf_sub_event.php:139
|
2377 |
+
msgid "A user attempts to gain administrative privileges (default)"
|
2378 |
+
msgstr ""
|
2379 |
+
|
2380 |
+
#: lib/nf_sub_event.php:146
|
2381 |
+
msgid "Daily report"
|
2382 |
+
msgstr ""
|
2383 |
+
|
2384 |
+
#: lib/nf_sub_event.php:149
|
2385 |
+
msgid "Send me a daily activity report"
|
2386 |
+
msgstr ""
|
2387 |
+
|
2388 |
+
#: lib/nf_sub_event.php:151 lib/nf_sub_event.php:163
|
2389 |
+
#: lib/nf_sub_updates.php:146 ninjafirewall.php:1702 ninjafirewall.php:1745
|
2390 |
+
#: ninjafirewall.php:1765 ninjafirewall.php:1816 ninjafirewall.php:1861
|
2391 |
+
#: ninjafirewall.php:1871 ninjafirewall.php:1881 ninjafirewall.php:1924
|
2392 |
+
#: ninjafirewall.php:1967 ninjafirewall.php:1987 ninjafirewall.php:2168
|
2393 |
+
#: ninjafirewall.php:2224 ninjafirewall.php:2234 ninjafirewall.php:2244
|
2394 |
+
#: ninjafirewall.php:2254 ninjafirewall.php:2301 ninjafirewall.php:2311
|
2395 |
+
#: ninjafirewall.php:3005
|
2396 |
+
msgid "Yes (default)"
|
2397 |
+
msgstr ""
|
2398 |
+
|
2399 |
+
#: lib/nf_sub_event.php:158
|
2400 |
+
msgid "Log"
|
2401 |
+
msgstr ""
|
2402 |
+
|
2403 |
+
#: lib/nf_sub_event.php:161
|
2404 |
+
msgid "Write all events to the firewall log"
|
2405 |
+
msgstr ""
|
2406 |
+
|
2407 |
+
#: lib/nf_sub_event.php:173 lib/nf_sub_event.php:203
|
2408 |
+
msgid "Contact email"
|
2409 |
+
msgstr ""
|
2410 |
+
|
2411 |
+
#: lib/nf_sub_event.php:176 lib/nf_sub_event.php:206
|
2412 |
+
msgid "Alerts should be sent to"
|
2413 |
+
msgstr ""
|
2414 |
+
|
2415 |
+
#: lib/nf_sub_event.php:185 lib/nf_sub_event.php:211
|
2416 |
+
msgid ""
|
2417 |
+
"Multiple recipients must be comma-separated (e.g., <code>joe@example.org,"
|
2418 |
+
"alice@example.org</code>)."
|
2419 |
+
msgstr ""
|
2420 |
+
|
2421 |
+
#: lib/nf_sub_event.php:208
|
2422 |
+
msgid "Only to me, the Super Admin"
|
2423 |
+
msgstr ""
|
2424 |
+
|
2425 |
+
#: lib/nf_sub_event.php:208
|
2426 |
+
msgid "default"
|
2427 |
+
msgstr ""
|
2428 |
+
|
2429 |
+
#: lib/nf_sub_event.php:209
|
2430 |
+
msgid "To the administrator of the site where originated the alert"
|
2431 |
+
msgstr ""
|
2432 |
+
|
2433 |
+
#: lib/nf_sub_event.php:210
|
2434 |
+
msgid "Other(s):"
|
2435 |
+
msgstr ""
|
2436 |
+
|
2437 |
+
#: lib/nf_sub_event.php:222
|
2438 |
+
msgid "Save Event Notifications"
|
2439 |
+
msgstr ""
|
2440 |
+
|
2441 |
+
#: lib/nf_sub_event.php:429
|
2442 |
+
msgid "[NinjaFirewall] Daily Activity Report"
|
2443 |
+
msgstr ""
|
2444 |
+
|
2445 |
+
#: lib/nf_sub_event.php:436
|
2446 |
+
#, php-format
|
2447 |
+
msgid "Daily activity report for: %s"
|
2448 |
+
msgstr ""
|
2449 |
+
|
2450 |
+
#: lib/nf_sub_event.php:437
|
2451 |
+
msgid "Date Range Processed: Yesterday"
|
2452 |
+
msgstr ""
|
2453 |
+
|
2454 |
+
#: lib/nf_sub_event.php:439
|
2455 |
+
msgid "Blocked hacking attempts:"
|
2456 |
+
msgstr ""
|
2457 |
+
|
2458 |
+
#: lib/nf_sub_event.php:441
|
2459 |
+
msgid "critical:"
|
2460 |
+
msgstr ""
|
2461 |
+
|
2462 |
+
#: lib/nf_sub_event.php:442
|
2463 |
+
msgid "high:"
|
2464 |
+
msgstr ""
|
2465 |
+
|
2466 |
+
#: lib/nf_sub_event.php:443
|
2467 |
+
msgid "medium:"
|
2468 |
+
msgstr ""
|
2469 |
+
|
2470 |
+
#: lib/nf_sub_event.php:445
|
2471 |
+
msgid "Blocked brute-force attacks:"
|
2472 |
+
msgstr ""
|
2473 |
+
|
2474 |
+
#: lib/nf_sub_event.php:446 lib/nfw_misc.php:459
|
2475 |
+
msgid ""
|
2476 |
+
"This notification can be turned off from NinjaFirewall \"Event Notifications"
|
2477 |
+
"\" page."
|
2478 |
+
msgstr ""
|
2479 |
+
|
2480 |
+
#: lib/nf_sub_event.php:450 lib/nf_sub_filecheck.php:840
|
2481 |
+
#: lib/nf_sub_filecheck.php:857 lib/nf_sub_options.php:483
|
2482 |
+
#: lib/nf_sub_updates.php:550 ninjafirewall.php:3461
|
2483 |
+
msgid "Support forum:"
|
2484 |
+
msgstr ""
|
2485 |
+
|
2486 |
+
#: lib/nf_sub_filecheck.php:55 lib/nf_sub_filecheck.php:88
|
2487 |
+
msgid "You did not create any snapshot yet."
|
2488 |
+
msgstr ""
|
2489 |
+
|
2490 |
+
#: lib/nf_sub_filecheck.php:64
|
2491 |
+
msgid "Snapshot successfully created."
|
2492 |
+
msgstr ""
|
2493 |
+
|
2494 |
+
#: lib/nf_sub_filecheck.php:73
|
2495 |
+
msgid "Snapshot file successfully deleted."
|
2496 |
+
msgstr ""
|
2497 |
+
|
2498 |
+
#: lib/nf_sub_filecheck.php:93
|
2499 |
+
msgid "You must create a snapshot first."
|
2500 |
+
msgstr ""
|
2501 |
+
|
2502 |
+
#: lib/nf_sub_filecheck.php:104 lib/nf_sub_filecheck.php:831
|
2503 |
+
msgid "NinjaFirewall detected that changes were made to your files."
|
2504 |
+
msgstr ""
|
2505 |
+
|
2506 |
+
#: lib/nf_sub_filecheck.php:107
|
2507 |
+
msgid "No changes detected."
|
2508 |
+
msgstr ""
|
2509 |
+
|
2510 |
+
#: lib/nf_sub_filecheck.php:146
|
2511 |
+
msgid "Create a snapshot of all files stored in that directory"
|
2512 |
+
msgstr ""
|
2513 |
+
|
2514 |
+
#: lib/nf_sub_filecheck.php:154
|
2515 |
+
#, php-format
|
2516 |
+
msgid "Default: %s"
|
2517 |
+
msgstr ""
|
2518 |
+
|
2519 |
+
#: lib/nf_sub_filecheck.php:159 ninjafirewall.php:2909
|
2520 |
+
msgid "Exclude the following files/folders (optional)"
|
2521 |
+
msgstr ""
|
2522 |
+
|
2523 |
+
#: lib/nf_sub_filecheck.php:160 ninjafirewall.php:2910
|
2524 |
+
msgid "e.g.,"
|
2525 |
+
msgstr ""
|
2526 |
+
|
2527 |
+
#: lib/nf_sub_filecheck.php:160
|
2528 |
+
msgid ""
|
2529 |
+
"Full or partial case-sensitive string(s). Multiple values must be comma-"
|
2530 |
+
"separated"
|
2531 |
+
msgstr ""
|
2532 |
+
|
2533 |
+
#: lib/nf_sub_filecheck.php:165
|
2534 |
+
msgid "Do not follow symbolic links (default)"
|
2535 |
+
msgstr ""
|
2536 |
+
|
2537 |
+
#: lib/nf_sub_filecheck.php:170
|
2538 |
+
msgid "Create Snapshot"
|
2539 |
+
msgstr ""
|
2540 |
+
|
2541 |
+
#: lib/nf_sub_filecheck.php:291
|
2542 |
+
msgid "Delete the current snapshot?"
|
2543 |
+
msgstr ""
|
2544 |
+
|
2545 |
+
#: lib/nf_sub_filecheck.php:305
|
2546 |
+
msgid "Last snapshot"
|
2547 |
+
msgstr ""
|
2548 |
+
|
2549 |
+
#: lib/nf_sub_filecheck.php:307
|
2550 |
+
#, php-format
|
2551 |
+
msgid "Created on: %s"
|
2552 |
+
msgstr ""
|
2553 |
+
|
2554 |
+
#: lib/nf_sub_filecheck.php:308
|
2555 |
+
#, php-format
|
2556 |
+
msgid "Total files: %s "
|
2557 |
+
msgstr ""
|
2558 |
+
|
2559 |
+
#: lib/nf_sub_filecheck.php:310
|
2560 |
+
msgid "Directory:"
|
2561 |
+
msgstr ""
|
2562 |
+
|
2563 |
+
#: lib/nf_sub_filecheck.php:314
|
2564 |
+
msgid "Exclusion:"
|
2565 |
+
msgstr ""
|
2566 |
+
|
2567 |
+
#: lib/nf_sub_filecheck.php:320
|
2568 |
+
msgid "Symlinks:"
|
2569 |
+
msgstr ""
|
2570 |
+
|
2571 |
+
#: lib/nf_sub_filecheck.php:322
|
2572 |
+
msgid "follow"
|
2573 |
+
msgstr ""
|
2574 |
+
|
2575 |
+
#: lib/nf_sub_filecheck.php:324
|
2576 |
+
msgid "do not follow"
|
2577 |
+
msgstr ""
|
2578 |
+
|
2579 |
+
#: lib/nf_sub_filecheck.php:328
|
2580 |
+
#, php-format
|
2581 |
+
msgid "Processing time: %s seconds"
|
2582 |
+
msgstr ""
|
2583 |
+
|
2584 |
+
#: lib/nf_sub_filecheck.php:333
|
2585 |
+
msgid "Download Snapshot"
|
2586 |
+
msgstr ""
|
2587 |
+
|
2588 |
+
#: lib/nf_sub_filecheck.php:333
|
2589 |
+
msgid "Delete Snapshot"
|
2590 |
+
msgstr ""
|
2591 |
+
|
2592 |
+
#: lib/nf_sub_filecheck.php:338
|
2593 |
+
msgid "Last changes"
|
2594 |
+
msgstr ""
|
2595 |
+
|
2596 |
+
#: lib/nf_sub_filecheck.php:345
|
2597 |
+
#, php-format
|
2598 |
+
msgid "New files: %s"
|
2599 |
+
msgstr ""
|
2600 |
+
|
2601 |
+
#: lib/nf_sub_filecheck.php:346
|
2602 |
+
#, php-format
|
2603 |
+
msgid "Deleted files: %s"
|
2604 |
+
msgstr ""
|
2605 |
+
|
2606 |
+
#: lib/nf_sub_filecheck.php:347
|
2607 |
+
#, php-format
|
2608 |
+
msgid "Modified files: %s"
|
2609 |
+
msgstr ""
|
2610 |
+
|
2611 |
+
#: lib/nf_sub_filecheck.php:351
|
2612 |
+
msgid "View Changes"
|
2613 |
+
msgstr ""
|
2614 |
+
|
2615 |
+
#: lib/nf_sub_filecheck.php:355
|
2616 |
+
msgid "Download Changes"
|
2617 |
+
msgstr ""
|
2618 |
+
|
2619 |
+
#: lib/nf_sub_filecheck.php:367
|
2620 |
+
msgid "Click a file to get more info about it."
|
2621 |
+
msgstr ""
|
2622 |
+
|
2623 |
+
#: lib/nf_sub_filecheck.php:370
|
2624 |
+
msgid "New files:"
|
2625 |
+
msgstr ""
|
2626 |
+
|
2627 |
+
#: lib/nf_sub_filecheck.php:379 lib/nf_sub_filecheck.php:432
|
2628 |
+
msgid "Size"
|
2629 |
+
msgstr ""
|
2630 |
+
|
2631 |
+
#: lib/nf_sub_filecheck.php:383 lib/nf_sub_filecheck.php:437
|
2632 |
+
msgid "Access"
|
2633 |
+
msgstr ""
|
2634 |
+
|
2635 |
+
#: lib/nf_sub_filecheck.php:387 lib/nf_sub_filecheck.php:442
|
2636 |
+
msgid "Uid / Gid"
|
2637 |
+
msgstr ""
|
2638 |
+
|
2639 |
+
#: lib/nf_sub_filecheck.php:391 lib/nf_sub_filecheck.php:447
|
2640 |
+
msgid "Modify"
|
2641 |
+
msgstr ""
|
2642 |
+
|
2643 |
+
#: lib/nf_sub_filecheck.php:395 lib/nf_sub_filecheck.php:452
|
2644 |
+
msgid "Change"
|
2645 |
+
msgstr ""
|
2646 |
+
|
2647 |
+
#: lib/nf_sub_filecheck.php:405
|
2648 |
+
msgid "Deleted files:"
|
2649 |
+
msgstr ""
|
2650 |
+
|
2651 |
+
#: lib/nf_sub_filecheck.php:418
|
2652 |
+
msgid "Modified files:"
|
2653 |
+
msgstr ""
|
2654 |
+
|
2655 |
+
#: lib/nf_sub_filecheck.php:428
|
2656 |
+
msgid "Old"
|
2657 |
+
msgstr ""
|
2658 |
+
|
2659 |
+
#: lib/nf_sub_filecheck.php:429
|
2660 |
+
msgid "New"
|
2661 |
+
msgstr ""
|
2662 |
+
|
2663 |
+
#: lib/nf_sub_filecheck.php:468
|
2664 |
+
msgid "None"
|
2665 |
+
msgstr ""
|
2666 |
+
|
2667 |
+
#: lib/nf_sub_filecheck.php:478
|
2668 |
+
msgid "Scan System For File Changes"
|
2669 |
+
msgstr ""
|
2670 |
+
|
2671 |
+
#: lib/nf_sub_filecheck.php:495
|
2672 |
+
msgid "Options"
|
2673 |
+
msgstr ""
|
2674 |
+
|
2675 |
+
#: lib/nf_sub_filecheck.php:502
|
2676 |
+
#, php-format
|
2677 |
+
msgid ""
|
2678 |
+
"It seems that %s is enabled. Ensure you have another way to run WP-Cron, "
|
2679 |
+
"otherwise NinjaFirewall scheduled scans will not work."
|
2680 |
+
msgstr ""
|
2681 |
+
|
2682 |
+
#: lib/nf_sub_filecheck.php:508
|
2683 |
+
msgid "Enable scheduled scans"
|
2684 |
+
msgstr ""
|
2685 |
+
|
2686 |
+
#: lib/nf_sub_filecheck.php:511 lib/nf_sub_updates.php:167
|
2687 |
+
msgid "Hourly"
|
2688 |
+
msgstr ""
|
2689 |
+
|
2690 |
+
#: lib/nf_sub_filecheck.php:512 lib/nf_sub_updates.php:168
|
2691 |
+
msgid "Twicedaily"
|
2692 |
+
msgstr ""
|
2693 |
+
|
2694 |
+
#: lib/nf_sub_filecheck.php:513 lib/nf_sub_updates.php:169
|
2695 |
+
msgid "Daily"
|
2696 |
+
msgstr ""
|
2697 |
+
|
2698 |
+
#: lib/nf_sub_filecheck.php:520
|
2699 |
+
#, php-format
|
2700 |
+
msgid ""
|
2701 |
+
"Next scan will start in approximately %s day(s), %s hour(s), %s minute(s) "
|
2702 |
+
"and %s second(s)."
|
2703 |
+
msgstr ""
|
2704 |
+
|
2705 |
+
#: lib/nf_sub_filecheck.php:527
|
2706 |
+
msgid ""
|
2707 |
+
"The next scheduled scan date is in the past! WordPress wp-cron may not be "
|
2708 |
+
"working or may have been disabled."
|
2709 |
+
msgstr ""
|
2710 |
+
|
2711 |
+
#: lib/nf_sub_filecheck.php:535
|
2712 |
+
msgid "Scheduled scan report"
|
2713 |
+
msgstr ""
|
2714 |
+
|
2715 |
+
#: lib/nf_sub_filecheck.php:537
|
2716 |
+
msgid "Send me a report by email only if changes are detected (default)"
|
2717 |
+
msgstr ""
|
2718 |
+
|
2719 |
+
#: lib/nf_sub_filecheck.php:538
|
2720 |
+
msgid "Always send me a report by email after a scheduled scan"
|
2721 |
+
msgstr ""
|
2722 |
+
|
2723 |
+
#: lib/nf_sub_filecheck.php:543
|
2724 |
+
msgid "Save Scan Options"
|
2725 |
+
msgstr ""
|
2726 |
+
|
2727 |
+
#: lib/nf_sub_filecheck.php:555
|
2728 |
+
msgid "Enter the full path to the directory to be scanned."
|
2729 |
+
msgstr ""
|
2730 |
+
|
2731 |
+
#: lib/nf_sub_filecheck.php:562
|
2732 |
+
#, php-format
|
2733 |
+
msgid "The directory %s does not exist."
|
2734 |
+
msgstr ""
|
2735 |
+
|
2736 |
+
#: lib/nf_sub_filecheck.php:565
|
2737 |
+
#, php-format
|
2738 |
+
msgid "The directory %s is not readable."
|
2739 |
+
msgstr ""
|
2740 |
+
|
2741 |
+
#: lib/nf_sub_filecheck.php:606
|
2742 |
+
#, php-format
|
2743 |
+
msgid "Cannot write to %s."
|
2744 |
+
msgstr ""
|
2745 |
+
|
2746 |
+
#: lib/nf_sub_filecheck.php:636
|
2747 |
+
#, php-format
|
2748 |
+
msgid "Error : cannot open %s directory."
|
2749 |
+
msgstr ""
|
2750 |
+
|
2751 |
+
#: lib/nf_sub_filecheck.php:639
|
2752 |
+
#, php-format
|
2753 |
+
msgid "Error : %s directory is not readable."
|
2754 |
+
msgstr ""
|
2755 |
+
|
2756 |
+
#: lib/nf_sub_filecheck.php:654
|
2757 |
+
#, php-format
|
2758 |
+
msgid "Missing options line %s, please try again."
|
2759 |
+
msgstr ""
|
2760 |
+
|
2761 |
+
#: lib/nf_sub_filecheck.php:664
|
2762 |
+
#, php-format
|
2763 |
+
msgid "Cannot create %s."
|
2764 |
+
msgstr ""
|
2765 |
+
|
2766 |
+
#: lib/nf_sub_filecheck.php:681
|
2767 |
+
msgid "Error reading old snapshot file."
|
2768 |
+
msgstr ""
|
2769 |
+
|
2770 |
+
#: lib/nf_sub_filecheck.php:692
|
2771 |
+
msgid "Error reading new snapshot file."
|
2772 |
+
msgstr ""
|
2773 |
+
|
2774 |
+
#: lib/nf_sub_filecheck.php:808 ninjafirewall.php:271
|
2775 |
+
msgid "New file"
|
2776 |
+
msgstr ""
|
2777 |
+
|
2778 |
+
#: lib/nf_sub_filecheck.php:809 ninjafirewall.php:272
|
2779 |
+
msgid "Deleted file"
|
2780 |
+
msgstr ""
|
2781 |
+
|
2782 |
+
#: lib/nf_sub_filecheck.php:810 ninjafirewall.php:273
|
2783 |
+
msgid "Modified file"
|
2784 |
+
msgstr ""
|
2785 |
+
|
2786 |
+
#: lib/nf_sub_filecheck.php:830
|
2787 |
+
msgid "[NinjaFirewall] Alert: File Check detection"
|
2788 |
+
msgstr ""
|
2789 |
+
|
2790 |
+
#: lib/nf_sub_filecheck.php:833 lib/nf_sub_filecheck.php:835
|
2791 |
+
#: lib/nf_sub_filecheck.php:851 lib/nf_sub_filecheck.php:853
|
2792 |
+
#: lib/nf_sub_updates.php:542 lib/nf_sub_updates.php:544 lib/nfw_misc.php:311
|
2793 |
+
#: lib/nfw_misc.php:313 lib/nfw_misc.php:450 lib/nfw_misc.php:452
|
2794 |
+
msgid "Blog:"
|
2795 |
+
msgstr ""
|
2796 |
+
|
2797 |
+
#: lib/nf_sub_filecheck.php:837 lib/nf_sub_filecheck.php:855
|
2798 |
+
#: lib/nf_sub_updates.php:547
|
2799 |
+
#, php-format
|
2800 |
+
msgid "Date: %s"
|
2801 |
+
msgstr ""
|
2802 |
+
|
2803 |
+
#: lib/nf_sub_filecheck.php:838
|
2804 |
+
msgid "See attached file for details."
|
2805 |
+
msgstr ""
|
2806 |
+
|
2807 |
+
#: lib/nf_sub_filecheck.php:848
|
2808 |
+
msgid "[NinjaFirewall] File Check report"
|
2809 |
+
msgstr ""
|
2810 |
+
|
2811 |
+
#: lib/nf_sub_filecheck.php:849
|
2812 |
+
msgid "NinjaFirewall did not detect changes in your files."
|
2813 |
+
msgstr ""
|
2814 |
+
|
2815 |
+
#: lib/nf_sub_livelog.php:29
|
2816 |
+
msgid ""
|
2817 |
+
"Error: NinjaFirewall must be enabled and working in order to use this "
|
2818 |
+
"feature."
|
2819 |
+
msgstr ""
|
2820 |
+
|
2821 |
+
#: lib/nf_sub_livelog.php:32
|
2822 |
+
#, php-format
|
2823 |
+
msgid ""
|
2824 |
+
"Error: You must be whitelisted in order to use that feature: click on the <a "
|
2825 |
+
"href=\"%s\">Firewall Policies</a> menu and ensure that the \"Add the "
|
2826 |
+
"Administrator to the whitelist\" option is enabled."
|
2827 |
+
msgstr ""
|
2828 |
+
|
2829 |
+
#: lib/nf_sub_livelog.php:95
|
2830 |
+
msgid "Loading..."
|
2831 |
+
msgstr ""
|
2832 |
+
|
2833 |
+
#: lib/nf_sub_livelog.php:113 lib/nf_sub_livelog.php:142
|
2834 |
+
#: lib/nf_sub_livelog.php:227
|
2835 |
+
msgid "No traffic yet, please wait..."
|
2836 |
+
msgstr ""
|
2837 |
+
|
2838 |
+
#: lib/nf_sub_livelog.php:116
|
2839 |
+
msgid "Error: Live Log did not receive the expected response from your server:"
|
2840 |
+
msgstr ""
|
2841 |
+
|
2842 |
+
#: lib/nf_sub_livelog.php:135
|
2843 |
+
msgid "Error: URL does not seem to exist:"
|
2844 |
+
msgstr ""
|
2845 |
+
|
2846 |
+
#: lib/nf_sub_livelog.php:137
|
2847 |
+
msgid "Error: cannot find your log file. Try to reload this page."
|
2848 |
+
msgstr ""
|
2849 |
+
|
2850 |
+
#: lib/nf_sub_livelog.php:139
|
2851 |
+
msgid "Error: the HTTP server returned the following error code:"
|
2852 |
+
msgstr ""
|
2853 |
+
|
2854 |
+
#: lib/nf_sub_livelog.php:144 lib/nf_sub_livelog.php:157
|
2855 |
+
#: lib/nf_sub_livelog.php:177
|
2856 |
+
msgid "Sleeping"
|
2857 |
+
msgstr ""
|
2858 |
+
|
2859 |
+
#: lib/nf_sub_livelog.php:144 lib/nf_sub_livelog.php:157
|
2860 |
+
#: lib/nf_sub_livelog.php:177
|
2861 |
+
msgid "seconds"
|
2862 |
+
msgstr ""
|
2863 |
+
|
2864 |
+
#: lib/nf_sub_livelog.php:231
|
2865 |
+
msgid "On"
|
2866 |
+
msgstr ""
|
2867 |
+
|
2868 |
+
#: lib/nf_sub_livelog.php:231
|
2869 |
+
msgid "Off"
|
2870 |
+
msgstr ""
|
2871 |
+
|
2872 |
+
#: lib/nf_sub_livelog.php:231
|
2873 |
+
msgid "Refresh rate:"
|
2874 |
+
msgstr ""
|
2875 |
+
|
2876 |
+
#: lib/nf_sub_livelog.php:233
|
2877 |
+
msgid "5 seconds"
|
2878 |
+
msgstr ""
|
2879 |
+
|
2880 |
+
#: lib/nf_sub_livelog.php:234
|
2881 |
+
msgid "10 seconds"
|
2882 |
+
msgstr ""
|
2883 |
+
|
2884 |
+
#: lib/nf_sub_livelog.php:235
|
2885 |
+
msgid "20 seconds"
|
2886 |
+
msgstr ""
|
2887 |
+
|
2888 |
+
#: lib/nf_sub_livelog.php:236
|
2889 |
+
msgid "45 seconds"
|
2890 |
+
msgstr ""
|
2891 |
+
|
2892 |
+
#: lib/nf_sub_livelog.php:237
|
2893 |
+
msgid "Clear screen"
|
2894 |
+
msgstr ""
|
2895 |
+
|
2896 |
+
#: lib/nf_sub_livelog.php:237
|
2897 |
+
msgid "Autoscrolling"
|
2898 |
+
msgstr ""
|
2899 |
+
|
2900 |
+
#: lib/nf_sub_livelog.php:243
|
2901 |
+
msgid "Live Log will not display whitelisted users and brute-force attacks."
|
2902 |
+
msgstr ""
|
2903 |
+
|
2904 |
+
#: lib/nf_sub_livelog.php:266
|
2905 |
+
msgid "Live Log options"
|
2906 |
+
msgstr ""
|
2907 |
+
|
2908 |
+
#: lib/nf_sub_livelog.php:269
|
2909 |
+
msgid "Format"
|
2910 |
+
msgstr ""
|
2911 |
+
|
2912 |
+
#: lib/nf_sub_livelog.php:272
|
2913 |
+
msgid "Custom"
|
2914 |
+
msgstr ""
|
2915 |
+
|
2916 |
+
#: lib/nf_sub_livelog.php:273
|
2917 |
+
msgid "See contextual help for available log format."
|
2918 |
+
msgstr ""
|
2919 |
+
|
2920 |
+
#: lib/nf_sub_livelog.php:277
|
2921 |
+
msgid "Display"
|
2922 |
+
msgstr ""
|
2923 |
+
|
2924 |
+
#: lib/nf_sub_livelog.php:280 ninjafirewall.php:1358
|
2925 |
+
msgid "HTTP and HTTPS traffic (default)"
|
2926 |
+
msgstr ""
|
2927 |
+
|
2928 |
+
#: lib/nf_sub_livelog.php:281 ninjafirewall.php:1359
|
2929 |
+
msgid "HTTP traffic only"
|
2930 |
+
msgstr ""
|
2931 |
+
|
2932 |
+
#: lib/nf_sub_livelog.php:282 ninjafirewall.php:1360
|
2933 |
+
msgid "HTTPS traffic only"
|
2934 |
+
msgstr ""
|
2935 |
+
|
2936 |
+
#: lib/nf_sub_livelog.php:287
|
2937 |
+
msgid "Timezone"
|
2938 |
+
msgstr ""
|
2939 |
+
|
2940 |
+
#: lib/nf_sub_livelog.php:302
|
2941 |
+
msgid "Save Live Log Options"
|
2942 |
+
msgstr ""
|
2943 |
+
|
2944 |
+
#: lib/nf_sub_livelog.php:326
|
2945 |
+
msgid "Error: please enter the custom log format."
|
2946 |
+
msgstr ""
|
2947 |
+
|
2948 |
+
#: lib/nf_sub_log.php:34
|
2949 |
+
#, php-format
|
2950 |
+
msgid ""
|
2951 |
+
"the current month log (%s) is not writable. Please chmod it and its parent "
|
2952 |
+
"directory to 0777"
|
2953 |
+
msgstr ""
|
2954 |
+
|
2955 |
+
#: lib/nf_sub_log.php:36
|
2956 |
+
#, php-format
|
2957 |
+
msgid "the log directory (%s) is not writable. Please chmod it to 0777"
|
2958 |
+
msgstr ""
|
2959 |
+
|
2960 |
+
#: lib/nf_sub_log.php:48
|
2961 |
+
msgid "Your public key has been deleted"
|
2962 |
+
msgstr ""
|
2963 |
+
|
2964 |
+
#: lib/nf_sub_log.php:50
|
2965 |
+
msgid "Your public key has been saved"
|
2966 |
+
msgstr ""
|
2967 |
+
|
2968 |
+
#: lib/nf_sub_log.php:82
|
2969 |
+
msgid "Error"
|
2970 |
+
msgstr ""
|
2971 |
+
|
2972 |
+
#: lib/nf_sub_log.php:89
|
2973 |
+
msgid "Note"
|
2974 |
+
msgstr ""
|
2975 |
+
|
2976 |
+
#: lib/nf_sub_log.php:89
|
2977 |
+
#, php-format
|
2978 |
+
msgid "your log has %s lines. I will display the last %s lines only."
|
2979 |
+
msgstr ""
|
2980 |
+
|
2981 |
+
#: lib/nf_sub_log.php:93
|
2982 |
+
msgid "Viewing:"
|
2983 |
+
msgstr ""
|
2984 |
+
|
2985 |
+
#: lib/nf_sub_log.php:100
|
2986 |
+
msgid "bytes"
|
2987 |
+
msgstr ""
|
2988 |
+
|
2989 |
+
#: lib/nf_sub_log.php:137 lib/nf_sub_log.php:281
|
2990 |
+
msgid "The selected log is empty."
|
2991 |
+
msgstr ""
|
2992 |
+
|
2993 |
+
#: lib/nf_sub_log.php:143
|
2994 |
+
msgid "The log is rotated monthly"
|
2995 |
+
msgstr ""
|
2996 |
+
|
2997 |
+
#: lib/nf_sub_log.php:166
|
2998 |
+
msgid "Enter your public key (optional)"
|
2999 |
+
msgstr ""
|
3000 |
+
|
3001 |
+
#: lib/nf_sub_log.php:169
|
3002 |
+
#, php-format
|
3003 |
+
msgid ""
|
3004 |
+
"<a href=\"%s\">Consult our blog</a> if you want to enable centralized "
|
3005 |
+
"logging."
|
3006 |
+
msgstr ""
|
3007 |
+
|
3008 |
+
#: lib/nf_sub_log.php:176
|
3009 |
+
msgid "Save Public Key"
|
3010 |
+
msgstr ""
|
3011 |
+
|
3012 |
+
#: lib/nf_sub_log.php:178
|
3013 |
+
msgid "Delete Public Key"
|
3014 |
+
msgstr ""
|
3015 |
+
|
3016 |
+
#: lib/nf_sub_log.php:197
|
3017 |
+
msgid "Your public key is not valid."
|
3018 |
+
msgstr ""
|
3019 |
+
|
3020 |
+
#: lib/nf_sub_log.php:260
|
3021 |
+
msgid "The requested log does not exist."
|
3022 |
+
msgstr ""
|
3023 |
+
|
3024 |
+
#: lib/nf_sub_log.php:267
|
3025 |
+
msgid "Unable to open the log for read operation."
|
3026 |
+
msgstr ""
|
3027 |
+
|
3028 |
+
#: lib/nf_sub_malwarescan.php:25 ninjafirewall.php:829
|
3029 |
+
msgid "Anti-Malware"
|
3030 |
+
msgstr ""
|
3031 |
+
|
3032 |
+
#: lib/nf_sub_malwarescan.php:27
|
3033 |
+
msgid ""
|
3034 |
+
"Oops...! We have removed the \"Anti-Malware\" from NinjaFirewall. Instead, "
|
3035 |
+
"we have now a brand new and much better antivirus plugin:"
|
3036 |
+
msgstr ""
|
3037 |
+
|
3038 |
+
#: lib/nf_sub_malwarescan.php:29
|
3039 |
+
#, php-format
|
3040 |
+
msgid ""
|
3041 |
+
"It is awesome and includes many great features: <a href=\"%s\">check it out!"
|
3042 |
+
"</a>"
|
3043 |
+
msgstr ""
|
3044 |
+
|
3045 |
+
#: lib/nf_sub_malwarescan.php:30
|
3046 |
+
msgid "Download it from wordpress.org!"
|
3047 |
+
msgstr ""
|
3048 |
+
|
3049 |
+
#: lib/nf_sub_malwarescan.php:32
|
3050 |
+
msgid ""
|
3051 |
+
"After installing NinjaScanner, click on \"NinjaScanner > Settings > "
|
3052 |
+
"Advanced Users Settings\" and enable the \"Integrate NinjaScanner with "
|
3053 |
+
"NinjaFirewall\" option. That will replace this page with NinjaScanner's own "
|
3054 |
+
"menu instead:"
|
3055 |
+
msgstr ""
|
3056 |
+
|
3057 |
+
#: lib/nf_sub_options.php:35
|
3058 |
+
msgid "CSS style sheets"
|
3059 |
+
msgstr ""
|
3060 |
+
|
3061 |
+
#: lib/nf_sub_options.php:38
|
3062 |
+
msgid "Javascript code"
|
3063 |
+
msgstr ""
|
3064 |
+
|
3065 |
+
#: lib/nf_sub_options.php:41
|
3066 |
+
#, php-format
|
3067 |
+
msgid ""
|
3068 |
+
"Your message seems to contain %s. For security reasons, it cannot be "
|
3069 |
+
"previewed from the admin dashboard."
|
3070 |
+
msgstr ""
|
3071 |
+
|
3072 |
+
#: lib/nf_sub_options.php:46
|
3073 |
+
msgid "Refresh preview"
|
3074 |
+
msgstr ""
|
3075 |
+
|
3076 |
+
#: lib/nf_sub_options.php:55 ninjafirewall.php:807
|
3077 |
+
msgid "Firewall Options"
|
3078 |
+
msgstr ""
|
3079 |
+
|
3080 |
+
#: lib/nf_sub_options.php:84 lib/nf_sub_options.php:93
|
3081 |
+
#: lib/nf_sub_options.php:108 lib/nf_sub_options.php:118 ninjafirewall.php:988
|
3082 |
+
#: ninjafirewall.php:1127
|
3083 |
+
msgid "Enabled"
|
3084 |
+
msgstr ""
|
3085 |
+
|
3086 |
+
#: lib/nf_sub_options.php:85 lib/nf_sub_options.php:94
|
3087 |
+
msgid "Disabled"
|
3088 |
+
msgstr ""
|
3089 |
+
|
3090 |
+
#: lib/nf_sub_options.php:95 lib/nf_sub_options.php:110
|
3091 |
+
msgid "Warning: your site is not protected!"
|
3092 |
+
msgstr ""
|
3093 |
+
|
3094 |
+
#: lib/nf_sub_options.php:109 lib/nf_sub_options.php:119
|
3095 |
+
msgid "Disabled (default)"
|
3096 |
+
msgstr ""
|
3097 |
+
|
3098 |
+
#: lib/nf_sub_options.php:131
|
3099 |
+
msgid "HTTP error code to return"
|
3100 |
+
msgstr ""
|
3101 |
+
|
3102 |
+
#: lib/nf_sub_options.php:135
|
3103 |
+
msgid "400 Bad Request"
|
3104 |
+
msgstr ""
|
3105 |
+
|
3106 |
+
#: lib/nf_sub_options.php:136
|
3107 |
+
msgid "403 Forbidden (default)"
|
3108 |
+
msgstr ""
|
3109 |
+
|
3110 |
+
#: lib/nf_sub_options.php:137
|
3111 |
+
msgid "404 Not Found"
|
3112 |
+
msgstr ""
|
3113 |
+
|
3114 |
+
#: lib/nf_sub_options.php:138
|
3115 |
+
msgid "406 Not Acceptable"
|
3116 |
+
msgstr ""
|
3117 |
+
|
3118 |
+
#: lib/nf_sub_options.php:139
|
3119 |
+
msgid "500 Internal Server Error"
|
3120 |
+
msgstr ""
|
3121 |
+
|
3122 |
+
#: lib/nf_sub_options.php:140
|
3123 |
+
msgid "503 Service Unavailable"
|
3124 |
+
msgstr ""
|
3125 |
+
|
3126 |
+
#: lib/nf_sub_options.php:147
|
3127 |
+
msgid "Blocked user message"
|
3128 |
+
msgstr ""
|
3129 |
+
|
3130 |
+
#: lib/nf_sub_options.php:158
|
3131 |
+
msgid "Preview message"
|
3132 |
+
msgstr ""
|
3133 |
+
|
3134 |
+
#: lib/nf_sub_options.php:158
|
3135 |
+
msgid "Default message"
|
3136 |
+
msgstr ""
|
3137 |
+
|
3138 |
+
#: lib/nf_sub_options.php:171
|
3139 |
+
msgid "Export configuration"
|
3140 |
+
msgstr ""
|
3141 |
+
|
3142 |
+
#: lib/nf_sub_options.php:173
|
3143 |
+
msgid "Download"
|
3144 |
+
msgstr ""
|
3145 |
+
|
3146 |
+
#: lib/nf_sub_options.php:173
|
3147 |
+
msgid "File Check configuration will not be exported/imported."
|
3148 |
+
msgstr ""
|
3149 |
+
|
3150 |
+
#: lib/nf_sub_options.php:176
|
3151 |
+
msgid "Import configuration"
|
3152 |
+
msgstr ""
|
3153 |
+
|
3154 |
+
#: lib/nf_sub_options.php:179
|
3155 |
+
#, php-format
|
3156 |
+
msgid "Imported configuration must match plugin version %s."
|
3157 |
+
msgstr ""
|
3158 |
+
|
3159 |
+
#: lib/nf_sub_options.php:180
|
3160 |
+
msgid "It will override all your current firewall options and rules."
|
3161 |
+
msgstr ""
|
3162 |
+
|
3163 |
+
#: lib/nf_sub_options.php:186
|
3164 |
+
msgid "Save Firewall Options"
|
3165 |
+
msgstr ""
|
3166 |
+
|
3167 |
+
#: lib/nf_sub_options.php:311
|
3168 |
+
#, php-format
|
3169 |
+
msgid "Uploaded file is either corrupted or its format is not supported (#%s)"
|
3170 |
+
msgstr ""
|
3171 |
+
|
3172 |
+
#: lib/nf_sub_options.php:335
|
3173 |
+
msgid "The imported file is not compatible with that version of NinjaFirewall"
|
3174 |
+
msgstr ""
|
3175 |
+
|
3176 |
+
#: lib/nf_sub_options.php:457
|
3177 |
+
msgid "[NinjaFirewall] Alert: Firewall is disabled"
|
3178 |
+
msgstr ""
|
3179 |
+
|
3180 |
+
#: lib/nf_sub_options.php:459 lib/nf_sub_options.php:461 ninjafirewall.php:564
|
3181 |
+
#: ninjafirewall.php:566 ninjafirewall.php:690 ninjafirewall.php:692
|
3182 |
+
#: ninjafirewall.php:3449 ninjafirewall.php:3451
|
3183 |
+
msgid "-Blog :"
|
3184 |
+
msgstr ""
|
3185 |
+
|
3186 |
+
#: lib/nf_sub_options.php:465
|
3187 |
+
msgid "Someone disabled NinjaFirewall from your WordPress admin dashboard:"
|
3188 |
+
msgstr ""
|
3189 |
+
|
3190 |
+
#: lib/nf_sub_options.php:468
|
3191 |
+
msgid ""
|
3192 |
+
"NinjaFirewall is disabled because someone enabled debugging mode from your "
|
3193 |
+
"WordPress admin dashboard:"
|
3194 |
+
msgstr ""
|
3195 |
+
|
3196 |
+
#: lib/nf_sub_options.php:471
|
3197 |
+
msgid "[NinjaFirewall] Alert: Firewall override settings"
|
3198 |
+
msgstr ""
|
3199 |
+
|
3200 |
+
#: lib/nf_sub_options.php:472
|
3201 |
+
msgid ""
|
3202 |
+
"Someone imported a new configuration which overrode the firewall settings:"
|
3203 |
+
msgstr ""
|
3204 |
+
|
3205 |
+
#: lib/nf_sub_options.php:478 ninjafirewall.php:698 ninjafirewall.php:3456
|
3206 |
+
msgid "-User :"
|
3207 |
+
msgstr ""
|
3208 |
+
|
3209 |
+
#: lib/nf_sub_options.php:479 ninjafirewall.php:699 ninjafirewall.php:3457
|
3210 |
+
msgid "-IP :"
|
3211 |
+
msgstr ""
|
3212 |
+
|
3213 |
+
#: lib/nf_sub_options.php:480 ninjafirewall.php:573 ninjafirewall.php:700
|
3214 |
+
#: ninjafirewall.php:3458
|
3215 |
+
msgid "-Date :"
|
3216 |
+
msgstr ""
|
3217 |
+
|
3218 |
+
#: lib/nf_sub_statistics.php:28 ninjafirewall.php:803
|
3219 |
+
msgid "Statistics"
|
3220 |
+
msgstr ""
|
3221 |
+
|
3222 |
+
#: lib/nf_sub_statistics.php:75
|
3223 |
+
msgid "Cannot open logfile"
|
3224 |
+
msgstr ""
|
3225 |
+
|
3226 |
+
#: lib/nf_sub_statistics.php:86
|
3227 |
+
msgid "You do not have any stats for the current month yet."
|
3228 |
+
msgstr ""
|
3229 |
+
|
3230 |
+
#: lib/nf_sub_statistics.php:122
|
3231 |
+
msgid "Critical"
|
3232 |
+
msgstr ""
|
3233 |
+
|
3234 |
+
#: lib/nf_sub_statistics.php:128
|
3235 |
+
msgid "High"
|
3236 |
+
msgstr ""
|
3237 |
+
|
3238 |
+
#: lib/nf_sub_statistics.php:134
|
3239 |
+
msgid "Medium"
|
3240 |
+
msgstr ""
|
3241 |
+
|
3242 |
+
#: lib/nf_sub_statistics.php:148
|
3243 |
+
msgid "Average time per request"
|
3244 |
+
msgstr ""
|
3245 |
+
|
3246 |
+
#: lib/nf_sub_statistics.php:152
|
3247 |
+
msgid "Fastest request"
|
3248 |
+
msgstr ""
|
3249 |
+
|
3250 |
+
#: lib/nf_sub_statistics.php:156
|
3251 |
+
msgid "Slowest request"
|
3252 |
+
msgstr ""
|
3253 |
+
|
3254 |
+
#: lib/nf_sub_statistics.php:184
|
3255 |
+
msgid "Select monthly stats to view..."
|
3256 |
+
msgstr ""
|
3257 |
+
|
3258 |
+
#: lib/nf_sub_updates.php:81
|
3259 |
+
msgid "Security rules cannot be updated when NinjaFirewall is disabled."
|
3260 |
+
msgstr ""
|
3261 |
+
|
3262 |
+
#: lib/nf_sub_updates.php:93
|
3263 |
+
msgid "Security rules have been updated."
|
3264 |
+
msgstr ""
|
3265 |
+
|
3266 |
+
#: lib/nf_sub_updates.php:95 lib/nf_sub_updates.php:442
|
3267 |
+
msgid "No update available."
|
3268 |
+
msgstr ""
|
3269 |
+
|
3270 |
+
#: lib/nf_sub_updates.php:144
|
3271 |
+
msgid "Automatically update NinjaFirewall security rules"
|
3272 |
+
msgstr ""
|
3273 |
+
|
3274 |
+
#: lib/nf_sub_updates.php:149 ninjafirewall.php:1226 ninjafirewall.php:1705
|
3275 |
+
#: ninjafirewall.php:1748 ninjafirewall.php:1768 ninjafirewall.php:1819
|
3276 |
+
#: ninjafirewall.php:1864 ninjafirewall.php:1874 ninjafirewall.php:1884
|
3277 |
+
#: ninjafirewall.php:1927 ninjafirewall.php:1970 ninjafirewall.php:1990
|
3278 |
+
#: ninjafirewall.php:2171 ninjafirewall.php:2227 ninjafirewall.php:2237
|
3279 |
+
#: ninjafirewall.php:2247 ninjafirewall.php:2257 ninjafirewall.php:2304
|
3280 |
+
#: ninjafirewall.php:2314 ninjafirewall.php:2891 ninjafirewall.php:3006
|
3281 |
+
msgid "No"
|
3282 |
+
msgstr ""
|
3283 |
+
|
3284 |
+
#: lib/nf_sub_updates.php:158
|
3285 |
+
#, php-format
|
3286 |
+
msgid ""
|
3287 |
+
"It seems that %s is enabled. Ensure you have another way to run WP-Cron, "
|
3288 |
+
"otherwise NinjaFirewall automatic updates will not work."
|
3289 |
+
msgstr ""
|
3290 |
+
|
3291 |
+
#: lib/nf_sub_updates.php:165
|
3292 |
+
msgid "Check for updates"
|
3293 |
+
msgstr ""
|
3294 |
+
|
3295 |
+
#: lib/nf_sub_updates.php:176
|
3296 |
+
#, php-format
|
3297 |
+
msgid ""
|
3298 |
+
"Next scheduled update will start in approximately %s day, %s hour(s), %s "
|
3299 |
+
"minute(s) and %s seconds."
|
3300 |
+
msgstr ""
|
3301 |
+
|
3302 |
+
#: lib/nf_sub_updates.php:183
|
3303 |
+
msgid ""
|
3304 |
+
"The next scheduled date is in the past! WordPress wp-cron may not be working "
|
3305 |
+
"or may have been disabled."
|
3306 |
+
msgstr ""
|
3307 |
+
|
3308 |
+
#: lib/nf_sub_updates.php:191
|
3309 |
+
msgid "Notification"
|
3310 |
+
msgstr ""
|
3311 |
+
|
3312 |
+
#: lib/nf_sub_updates.php:193
|
3313 |
+
msgid "Send me a report by email when security rules have been updated."
|
3314 |
+
msgstr ""
|
3315 |
+
|
3316 |
+
#: lib/nf_sub_updates.php:194
|
3317 |
+
msgid ""
|
3318 |
+
"Reports will be sent to the contact email address defined in the Event "
|
3319 |
+
"Notifications menu."
|
3320 |
+
msgstr ""
|
3321 |
+
|
3322 |
+
#: lib/nf_sub_updates.php:201
|
3323 |
+
msgid "Save Updates Options"
|
3324 |
+
msgstr ""
|
3325 |
+
|
3326 |
+
#: lib/nf_sub_updates.php:201
|
3327 |
+
msgid "Check For Updates Now!"
|
3328 |
+
msgstr ""
|
3329 |
+
|
3330 |
+
#: lib/nf_sub_updates.php:210
|
3331 |
+
msgid "The updates log is currently empty."
|
3332 |
+
msgstr ""
|
3333 |
+
|
3334 |
+
#: lib/nf_sub_updates.php:218
|
3335 |
+
msgid "Updates Log"
|
3336 |
+
msgstr ""
|
3337 |
+
|
3338 |
+
#: lib/nf_sub_updates.php:227
|
3339 |
+
msgid "Delete Log"
|
3340 |
+
msgstr ""
|
3341 |
+
|
3342 |
+
#: lib/nf_sub_updates.php:233
|
3343 |
+
msgid "Log is flushed automatically."
|
3344 |
+
msgstr ""
|
3345 |
+
|
3346 |
+
#: lib/nf_sub_updates.php:329
|
3347 |
+
msgid "Error: Wrong rules format."
|
3348 |
+
msgstr ""
|
3349 |
+
|
3350 |
+
#: lib/nf_sub_updates.php:338
|
3351 |
+
msgid "Error: Unable to unserialize the new rules."
|
3352 |
+
msgstr ""
|
3353 |
+
|
3354 |
+
#: lib/nf_sub_updates.php:346
|
3355 |
+
msgid "Error: Unserialized rules seem corrupted."
|
3356 |
+
msgstr ""
|
3357 |
+
|
3358 |
+
#: lib/nf_sub_updates.php:386
|
3359 |
+
#, php-format
|
3360 |
+
msgid "Security rules updated to version %s."
|
3361 |
+
msgstr ""
|
3362 |
+
|
3363 |
+
#: lib/nf_sub_updates.php:422
|
3364 |
+
msgid ""
|
3365 |
+
"Error: Your version of NinjaFirewall is too old and is not compatible with "
|
3366 |
+
"those rules. Please upgrade it."
|
3367 |
+
msgstr ""
|
3368 |
+
|
3369 |
+
#: lib/nf_sub_updates.php:431
|
3370 |
+
msgid "Error: Unable to retrieve the new rules version."
|
3371 |
+
msgstr ""
|
3372 |
+
|
3373 |
+
#: lib/nf_sub_updates.php:449
|
3374 |
+
#, php-format
|
3375 |
+
msgid "Error: Server returned a %s HTTP error code (#1)."
|
3376 |
+
msgstr ""
|
3377 |
+
|
3378 |
+
#: lib/nf_sub_updates.php:456 lib/nf_sub_updates.php:506
|
3379 |
+
msgid "Error: Unable to connect to the remote server"
|
3380 |
+
msgstr ""
|
3381 |
+
|
3382 |
+
#: lib/nf_sub_updates.php:486
|
3383 |
+
#, php-format
|
3384 |
+
msgid "Error: The new rules versions do not match (%s != %s)."
|
3385 |
+
msgstr ""
|
3386 |
+
|
3387 |
+
#: lib/nf_sub_updates.php:499
|
3388 |
+
#, php-format
|
3389 |
+
msgid "Error: Server returned a %s HTTP error code (#2)."
|
3390 |
+
msgstr ""
|
3391 |
+
|
3392 |
+
#: lib/nf_sub_updates.php:539
|
3393 |
+
msgid "[NinjaFirewall] Security rules update"
|
3394 |
+
msgstr ""
|
3395 |
+
|
3396 |
+
#: lib/nf_sub_updates.php:540
|
3397 |
+
msgid "NinjaFirewall security rules have been updated:"
|
3398 |
+
msgstr ""
|
3399 |
+
|
3400 |
+
#: lib/nf_sub_updates.php:546
|
3401 |
+
msgid "Rules version:"
|
3402 |
+
msgstr ""
|
3403 |
+
|
3404 |
+
#: lib/nf_sub_updates.php:548
|
3405 |
+
msgid ""
|
3406 |
+
"This notification can be turned off from NinjaFirewall \"Updates\" page."
|
3407 |
+
msgstr ""
|
3408 |
+
|
3409 |
+
#: lib/nf_sub_wplus.php:34
|
3410 |
+
msgid "Need more security? Check out NinjaFirewall"
|
3411 |
+
msgstr ""
|
3412 |
+
|
3413 |
+
#. translators: [NinjaFirewall] is a supercharged Edition...
|
3414 |
+
#: lib/nf_sub_wplus.php:38
|
3415 |
+
msgid ""
|
3416 |
+
"is a supercharged Edition of our Web Application Firewall. It adds many new "
|
3417 |
+
"exciting features and blazing fast performances to make it the fastest and "
|
3418 |
+
"most advanced security plugin for WordPress."
|
3419 |
+
msgstr ""
|
3420 |
+
|
3421 |
+
#: lib/nf_sub_wplus.php:43
|
3422 |
+
msgid "Access Control"
|
3423 |
+
msgstr ""
|
3424 |
+
|
3425 |
+
#: lib/nf_sub_wplus.php:44
|
3426 |
+
msgid ""
|
3427 |
+
"<b>Access Control</b> is a powerful set of directives that can be used to "
|
3428 |
+
"allow or restrict access to your blog, depending on the <strong>User Role</"
|
3429 |
+
"strong>, <strong>IP</strong>, <strong>Geolocation</strong>, "
|
3430 |
+
"<strong>Requested URL</strong>, <strong>User-agent</strong> and visitors "
|
3431 |
+
"behavior (<strong>Rate Limiting</strong>). Those directives will be "
|
3432 |
+
"processed before the Firewall Policies and NinjaFirewall's built-in security "
|
3433 |
+
"rules."
|
3434 |
+
msgstr ""
|
3435 |
+
|
3436 |
+
#: lib/nf_sub_wplus.php:46
|
3437 |
+
msgid ""
|
3438 |
+
"Its main configuration allows you to whitelist WordPress users depending on "
|
3439 |
+
"their roles, to select the source IP (useful if your site is using a CDN or "
|
3440 |
+
"behind a reverse-proxy/load balancer), and the HTTP methods all directives "
|
3441 |
+
"should apply to:"
|
3442 |
+
msgstr ""
|
3443 |
+
|
3444 |
+
#: lib/nf_sub_wplus.php:51
|
3445 |
+
msgid ""
|
3446 |
+
"<b>Access Control</b> can use geolocation to block visitors from specific "
|
3447 |
+
"countries. It can apply to the whole blog or only to specific folders or "
|
3448 |
+
"scripts (e.g., /wp-login.php, /xmlrpc.php etc). If you have a theme or a "
|
3449 |
+
"plugin that needs to know your visitors location, you can even ask "
|
3450 |
+
"NinjaFirewall to append the country code to the PHP headers:"
|
3451 |
+
msgstr ""
|
3452 |
+
|
3453 |
+
#: lib/nf_sub_wplus.php:56
|
3454 |
+
msgid ""
|
3455 |
+
"<b>Access Control</b> can be used to whitelist/blacklist an IP or any part "
|
3456 |
+
"of it. NinjaFirewall natively supports IPv4 and IPv6 protocols, for both "
|
3457 |
+
"public and private addresses:"
|
3458 |
+
msgstr ""
|
3459 |
+
|
3460 |
+
#: lib/nf_sub_wplus.php:61
|
3461 |
+
msgid ""
|
3462 |
+
"<b>Access Control</b> can slow down aggressive bots, crawlers, web scrapers "
|
3463 |
+
"or even small HTTP attacks with its <strong>Rate-Limiting</strong> feature."
|
3464 |
+
msgstr ""
|
3465 |
+
|
3466 |
+
#: lib/nf_sub_wplus.php:63
|
3467 |
+
msgid ""
|
3468 |
+
"Because it can block attackers <strong>before WordPress and all its plugins "
|
3469 |
+
"are loaded</strong> and can handle thousands of HTTP requests per second, "
|
3470 |
+
"NinjaFirewall will save precious bandwidth and reduce your server load."
|
3471 |
+
msgstr ""
|
3472 |
+
|
3473 |
+
#: lib/nf_sub_wplus.php:68
|
3474 |
+
msgid ""
|
3475 |
+
"<b>URL Access Control</b> lets you permanently allow/block any access to one "
|
3476 |
+
"or more PHP scripts based on their path or name:"
|
3477 |
+
msgstr ""
|
3478 |
+
|
3479 |
+
#: lib/nf_sub_wplus.php:73
|
3480 |
+
msgid ""
|
3481 |
+
"<b>Bots Access Control</b> allows you block bots, scanners and various "
|
3482 |
+
"annoying crawlers:"
|
3483 |
+
msgstr ""
|
3484 |
+
|
3485 |
+
#: lib/nf_sub_wplus.php:79
|
3486 |
+
msgid ""
|
3487 |
+
"If NinjaFirewall can hook and scan incoming requests, the <b><font color="
|
3488 |
+
"\"#21759B\">WP+</font> Edition</b> can also hook the response body (i.e., "
|
3489 |
+
"the output of the HTML page right before it is sent to your visitors "
|
3490 |
+
"browser) and search it for some specific keywords. Such a filter can be "
|
3491 |
+
"useful to detect hacking or malware patterns injected into your HTML page "
|
3492 |
+
"(text strings, spam links, malicious JavaScript code), hackers shell script, "
|
3493 |
+
"redirections and even errors (PHP/MySQL errors). Some suggested keywords as "
|
3494 |
+
"well as a default list are included."
|
3495 |
+
msgstr ""
|
3496 |
+
|
3497 |
+
#: lib/nf_sub_wplus.php:81
|
3498 |
+
msgid ""
|
3499 |
+
"In the case of a positive detection, NinjaFirewall will not block the "
|
3500 |
+
"response body but will send you an alert by email. It can even attach the "
|
3501 |
+
"whole HTML source of the page for your review:"
|
3502 |
+
msgstr ""
|
3503 |
+
|
3504 |
+
#: lib/nf_sub_wplus.php:86
|
3505 |
+
msgid "Antispam"
|
3506 |
+
msgstr ""
|
3507 |
+
|
3508 |
+
#: lib/nf_sub_wplus.php:87
|
3509 |
+
msgid ""
|
3510 |
+
"NinjaFirewall (<font color=\"#21759B\">WP+</font> Edition) can protect your "
|
3511 |
+
"blog comment and registration forms against spam. The protection is totally "
|
3512 |
+
"transparent to your visitors and does not require any interaction: no "
|
3513 |
+
"CAPTCHA, no math puzzles or trivia questions. Extremely easy to activate, "
|
3514 |
+
"but powerful enough to make spam bots life as miserable as possible:"
|
3515 |
+
msgstr ""
|
3516 |
+
|
3517 |
+
#: lib/nf_sub_wplus.php:90
|
3518 |
+
msgid ""
|
3519 |
+
"NinjaFirewall antispam feature works only with WordPress built-in comment "
|
3520 |
+
"and registration forms."
|
3521 |
+
msgstr ""
|
3522 |
+
|
3523 |
+
#: lib/nf_sub_wplus.php:95
|
3524 |
+
#, php-format
|
3525 |
+
msgid ""
|
3526 |
+
"NinjaFirewall (<font color=\"#21759B\">WP+</font> Edition) lets you remotely "
|
3527 |
+
"access the firewall log of all your NinjaFirewall protected websites from "
|
3528 |
+
"one single installation, using the <a href=\"%s\">Centralized Logging</a> "
|
3529 |
+
"feature. You do not need any longer to log in to individual servers to "
|
3530 |
+
"analyse your log data."
|
3531 |
+
msgstr ""
|
3532 |
+
|
3533 |
+
#: lib/nf_sub_wplus.php:97
|
3534 |
+
msgid ""
|
3535 |
+
"There is no limit to the number of websites you can connect to, and they can "
|
3536 |
+
"be running any edition of NinjaFirewall: WP, <font color=\"#21759B\">WP+</"
|
3537 |
+
"font>, Pro or <font color=\"red\">Pro+</font>."
|
3538 |
+
msgstr ""
|
3539 |
+
|
3540 |
+
#: lib/nf_sub_wplus.php:103
|
3541 |
+
msgid "Improved features"
|
3542 |
+
msgstr ""
|
3543 |
+
|
3544 |
+
#: lib/nf_sub_wplus.php:104
|
3545 |
+
msgid "File uploads:"
|
3546 |
+
msgstr ""
|
3547 |
+
|
3548 |
+
#: lib/nf_sub_wplus.php:105
|
3549 |
+
msgid ""
|
3550 |
+
"NinjaFirewall (<font color=\"#21759B\">WP+</font> Edition) makes it possible "
|
3551 |
+
"to allow uploads while rejecting potentially dangerous files: system files (."
|
3552 |
+
"htaccess, .htpasswd. PHP INI), scripts (bash/shell, PHP, Ruby, Perl/CGI, "
|
3553 |
+
"Python), C/C++ source code and Unix/Linux binary files (ELF). You can easily "
|
3554 |
+
"limit the size of each uploaded file too, without having to modify your PHP "
|
3555 |
+
"configuration:"
|
3556 |
+
msgstr ""
|
3557 |
+
|
3558 |
+
#: lib/nf_sub_wplus.php:110
|
3559 |
+
msgid "Firewall Log:"
|
3560 |
+
msgstr ""
|
3561 |
+
|
3562 |
+
#: lib/nf_sub_wplus.php:112
|
3563 |
+
msgid ""
|
3564 |
+
"The log menu has been revamped too. You can disable the firewall log, delete "
|
3565 |
+
"the current one, enable its rotation based on the size of the file and, if "
|
3566 |
+
"any, view each rotated log separately. Quick filtering options are easily "
|
3567 |
+
"accessible from checkboxes and the log can be exported as a TSV (tab-"
|
3568 |
+
"separated values) text file."
|
3569 |
+
msgstr ""
|
3570 |
+
|
3571 |
+
#: lib/nf_sub_wplus.php:113
|
3572 |
+
msgid ""
|
3573 |
+
"It is also possible to redirect all incidents and events to the Syslog "
|
3574 |
+
"server:"
|
3575 |
+
msgstr ""
|
3576 |
+
|
3577 |
+
#: lib/nf_sub_wplus.php:118
|
3578 |
+
msgid "Shared Memory use:"
|
3579 |
+
msgstr ""
|
3580 |
+
|
3581 |
+
#: lib/nf_sub_wplus.php:120
|
3582 |
+
#, php-format
|
3583 |
+
msgid ""
|
3584 |
+
"Although NinjaFirewall is already <a href=\"%s\">much faster than other "
|
3585 |
+
"WordPress plugins</a>, the <b><font color=\"#21759B\">WP+</font> Edition</b> "
|
3586 |
+
"brings its performance to a whole new level by using Unix shared memory in "
|
3587 |
+
"order to speed things up even more."
|
3588 |
+
msgstr ""
|
3589 |
+
|
3590 |
+
#: lib/nf_sub_wplus.php:120
|
3591 |
+
msgid ""
|
3592 |
+
"This allows easier and faster inter-process communication between the "
|
3593 |
+
"firewall and the plugin part of NinjaFirewall and, because its data and "
|
3594 |
+
"configuration are stored in shared memory segments, the firewall does not "
|
3595 |
+
"need to connect to the database any longer."
|
3596 |
+
msgstr ""
|
3597 |
+
|
3598 |
+
#: lib/nf_sub_wplus.php:120
|
3599 |
+
msgid ""
|
3600 |
+
"This dramatically increases the processing speed (there is nothing faster "
|
3601 |
+
"than RAM), prevents blocking I/O and MySQL slow queries. On a very busy "
|
3602 |
+
"server like a multi-site network, the firewall processing speed will "
|
3603 |
+
"increase from 25% to 30%. It can be enabled from the \"Firewall Options\" "
|
3604 |
+
"menu:"
|
3605 |
+
msgstr ""
|
3606 |
+
|
3607 |
+
#: lib/nf_sub_wplus.php:124
|
3608 |
+
msgid ""
|
3609 |
+
"This feature requires that PHP was compiled with the <code>--enable-shmop</"
|
3610 |
+
"code> parameter."
|
3611 |
+
msgstr ""
|
3612 |
+
|
3613 |
+
#: lib/nf_sub_wplus.php:134
|
3614 |
+
msgid ""
|
3615 |
+
"Learn more</a> about the <font color=\"#21759B\">WP+</font> Edition unique "
|
3616 |
+
"features."
|
3617 |
+
msgstr ""
|
3618 |
+
|
3619 |
+
#: lib/nf_sub_wplus.php:135
|
3620 |
+
msgid "Compare</a> the WP and <font color=\"#21759B\">WP+</font> Editions."
|
3621 |
+
msgstr ""
|
3622 |
+
|
3623 |
+
#: lib/nfw_misc.php:132 lib/nfw_misc.php:136
|
3624 |
+
msgid "NinjaFirewall error"
|
3625 |
+
msgstr ""
|
3626 |
+
|
3627 |
+
#: lib/nfw_misc.php:133
|
3628 |
+
#, php-format
|
3629 |
+
msgid ""
|
3630 |
+
"%s directory cannot be created. Please review your installation and ensure "
|
3631 |
+
"that %s is writable."
|
3632 |
+
msgstr ""
|
3633 |
+
|
3634 |
+
#: lib/nfw_misc.php:137
|
3635 |
+
#, php-format
|
3636 |
+
msgid ""
|
3637 |
+
"%s directory is read-only. Please review your installation and ensure that "
|
3638 |
+
"%s is writable."
|
3639 |
+
msgstr ""
|
3640 |
+
|
3641 |
+
#: lib/nfw_misc.php:156 ninjafirewall.php:972
|
3642 |
+
msgid "unknown error"
|
3643 |
+
msgstr ""
|
3644 |
+
|
3645 |
+
#: lib/nfw_misc.php:158
|
3646 |
+
msgid "NinjaFirewall fatal error:"
|
3647 |
+
msgstr ""
|
3648 |
+
|
3649 |
+
#: lib/nfw_misc.php:159
|
3650 |
+
msgid "Review your installation, your site is not protected."
|
3651 |
+
msgstr ""
|
3652 |
+
|
3653 |
+
#: lib/nfw_misc.php:206 lib/nfw_misc.php:228
|
3654 |
+
msgid "Forbidden access"
|
3655 |
+
msgstr ""
|
3656 |
+
|
3657 |
+
#: lib/nfw_misc.php:247
|
3658 |
+
#, php-format
|
3659 |
+
msgid ""
|
3660 |
+
"<strong>ERROR</strong>: Invalid username or password.<br /><a href=\"%s"
|
3661 |
+
"\">Lost your password</a>?"
|
3662 |
+
msgstr ""
|
3663 |
+
|
3664 |
+
#: lib/nfw_misc.php:308
|
3665 |
+
msgid "[NinjaFirewall] Alert: Database changes detected"
|
3666 |
+
msgstr ""
|
3667 |
+
|
3668 |
+
#: lib/nfw_misc.php:309
|
3669 |
+
msgid ""
|
3670 |
+
"NinjaFirewall has detected that one or more administrator accounts were "
|
3671 |
+
"modified in the database:"
|
3672 |
+
msgstr ""
|
3673 |
+
|
3674 |
+
#: lib/nfw_misc.php:315 lib/nfw_misc.php:455
|
3675 |
+
msgid "User IP:"
|
3676 |
+
msgstr ""
|
3677 |
+
|
3678 |
+
#: lib/nfw_misc.php:316 lib/nfw_misc.php:458
|
3679 |
+
msgid "Date:"
|
3680 |
+
msgstr ""
|
3681 |
+
|
3682 |
+
#: lib/nfw_misc.php:317
|
3683 |
+
#, php-format
|
3684 |
+
msgid "Total administrators : %s"
|
3685 |
+
msgstr ""
|
3686 |
+
|
3687 |
+
#: lib/nfw_misc.php:326
|
3688 |
+
msgid ""
|
3689 |
+
"If you cannot see any modifications in the above fields, it is likely that "
|
3690 |
+
"the administrator password was changed."
|
3691 |
+
msgstr ""
|
3692 |
+
|
3693 |
+
#: lib/nfw_misc.php:424
|
3694 |
+
msgid "Blocked privilege escalation attempt"
|
3695 |
+
msgstr ""
|
3696 |
+
|
3697 |
+
#: lib/nfw_misc.php:448
|
3698 |
+
msgid "NinjaFirewall has blocked an attempt to gain administrative privileges:"
|
3699 |
+
msgstr ""
|
3700 |
+
|
3701 |
+
#: lib/nfw_misc.php:454
|
3702 |
+
msgid "Username:"
|
3703 |
+
msgstr ""
|
3704 |
+
|
3705 |
+
#: lib/nfw_misc.php:474
|
3706 |
+
msgid ""
|
3707 |
+
"NinjaFirewall brute-force protection is enabled and you are temporarily "
|
3708 |
+
"whitelisted."
|
3709 |
+
msgstr ""
|
3710 |
+
|
3711 |
+
#: ninjafirewall.php:73
|
3712 |
+
msgid "A true Web Application Firewall to protect and secure WordPress."
|
3713 |
+
msgstr ""
|
3714 |
+
|
3715 |
+
#: ninjafirewall.php:82
|
3716 |
+
msgid "Cannot find WordPress configuration file"
|
3717 |
+
msgstr ""
|
3718 |
+
|
3719 |
+
#: ninjafirewall.php:83
|
3720 |
+
msgid "Cannot read WordPress configuration file"
|
3721 |
+
msgstr ""
|
3722 |
+
|
3723 |
+
#: ninjafirewall.php:84
|
3724 |
+
msgid "Cannot retrieve WordPress database credentials"
|
3725 |
+
msgstr ""
|
3726 |
+
|
3727 |
+
#: ninjafirewall.php:85
|
3728 |
+
msgid "Cannot connect to WordPress database"
|
3729 |
+
msgstr ""
|
3730 |
+
|
3731 |
+
#: ninjafirewall.php:86
|
3732 |
+
msgid "Cannot retrieve user options from database (#2)"
|
3733 |
+
msgstr ""
|
3734 |
+
|
3735 |
+
#: ninjafirewall.php:87
|
3736 |
+
msgid "Cannot retrieve user options from database (#3)"
|
3737 |
+
msgstr ""
|
3738 |
+
|
3739 |
+
#: ninjafirewall.php:88
|
3740 |
+
msgid "Cannot retrieve user rules from database (#2)"
|
3741 |
+
msgstr ""
|
3742 |
+
|
3743 |
+
#: ninjafirewall.php:89
|
3744 |
+
msgid "Cannot retrieve user rules from database (#3)"
|
3745 |
+
msgstr ""
|
3746 |
+
|
3747 |
+
#: ninjafirewall.php:90
|
3748 |
+
msgid ""
|
3749 |
+
"The firewall has been disabled from the <a href=\"admin.php?page=nfsubopt"
|
3750 |
+
"\">administration console</a>"
|
3751 |
+
msgstr ""
|
3752 |
+
|
3753 |
+
#: ninjafirewall.php:91
|
3754 |
+
msgid "Unable to communicate with the firewall. Please check your settings"
|
3755 |
+
msgstr ""
|
3756 |
+
|
3757 |
+
#: ninjafirewall.php:92
|
3758 |
+
msgid "Cannot retrieve user options from database (#1)"
|
3759 |
+
msgstr ""
|
3760 |
+
|
3761 |
+
#: ninjafirewall.php:93
|
3762 |
+
msgid "Cannot retrieve user rules from database (#1)"
|
3763 |
+
msgstr ""
|
3764 |
+
|
3765 |
+
#: ninjafirewall.php:94
|
3766 |
+
#, php-format
|
3767 |
+
msgid ""
|
3768 |
+
"The firewall cannot access its log and cache folders. If you changed the "
|
3769 |
+
"name of WordPress %s or %s folders, you must define NinjaFirewall's built-in "
|
3770 |
+
"%s constant (see %s for more info)"
|
3771 |
+
msgstr ""
|
3772 |
+
|
3773 |
+
#: ninjafirewall.php:121
|
3774 |
+
#, php-format
|
3775 |
+
msgid ""
|
3776 |
+
"NinjaFirewall requires WordPress 3.3 or greater but your current version is "
|
3777 |
+
"%s."
|
3778 |
+
msgstr ""
|
3779 |
+
|
3780 |
+
#: ninjafirewall.php:125
|
3781 |
+
#, php-format
|
3782 |
+
msgid ""
|
3783 |
+
"NinjaFirewall requires PHP 5.3 or greater but your current version is %s."
|
3784 |
+
msgstr ""
|
3785 |
+
|
3786 |
+
#: ninjafirewall.php:129
|
3787 |
+
#, php-format
|
3788 |
+
msgid "NinjaFirewall requires the PHP %s extension."
|
3789 |
+
msgstr ""
|
3790 |
+
|
3791 |
+
#: ninjafirewall.php:133
|
3792 |
+
msgid ""
|
3793 |
+
"You have SAFE_MODE enabled. Please disable it, it is deprecated as of PHP "
|
3794 |
+
"5.3.0 (see http://php.net/safe-mode)."
|
3795 |
+
msgstr ""
|
3796 |
+
|
3797 |
+
#: ninjafirewall.php:137
|
3798 |
+
msgid "You are not allowed to activate NinjaFirewall."
|
3799 |
+
msgstr ""
|
3800 |
+
|
3801 |
+
#: ninjafirewall.php:141
|
3802 |
+
msgid "NinjaFirewall is not compatible with Microsoft Windows."
|
3803 |
+
msgstr ""
|
3804 |
+
|
3805 |
+
#: ninjafirewall.php:562
|
3806 |
+
msgid "ERROR: Failed to update rules"
|
3807 |
+
msgstr ""
|
3808 |
+
|
3809 |
+
#: ninjafirewall.php:568
|
3810 |
+
msgid ""
|
3811 |
+
"NinjaFirewall failed to update its rules. This is a critical error, your "
|
3812 |
+
"current rules may be corrupted or disabled. In order to solve the problem, "
|
3813 |
+
"please follow these instructions:"
|
3814 |
+
msgstr ""
|
3815 |
+
|
3816 |
+
#: ninjafirewall.php:569
|
3817 |
+
msgid "1. Log in to your WordPress admin dashboard."
|
3818 |
+
msgstr ""
|
3819 |
+
|
3820 |
+
#: ninjafirewall.php:570
|
3821 |
+
msgid "2. Go to \"NinjaFirewall > Updates\"."
|
3822 |
+
msgstr ""
|
3823 |
+
|
3824 |
+
#: ninjafirewall.php:571
|
3825 |
+
msgid "3. Click on \"Check for updates now!\"."
|
3826 |
+
msgstr ""
|
3827 |
+
|
3828 |
+
#: ninjafirewall.php:576 ninjafirewall.php:703
|
3829 |
+
msgid "Support forum"
|
3830 |
+
msgstr ""
|
3831 |
+
|
3832 |
+
#: ninjafirewall.php:688
|
3833 |
+
msgid "Alert: WordPress console login"
|
3834 |
+
msgstr ""
|
3835 |
+
|
3836 |
+
#: ninjafirewall.php:697
|
3837 |
+
msgid "Someone just logged in to your WordPress admin console:"
|
3838 |
+
msgstr ""
|
3839 |
+
|
3840 |
+
#: ninjafirewall.php:770
|
3841 |
+
#, php-format
|
3842 |
+
msgid "Sorry %s, your request cannot be processed."
|
3843 |
+
msgstr ""
|
3844 |
+
|
3845 |
+
#: ninjafirewall.php:771
|
3846 |
+
msgid "For security reasons, it was blocked and logged."
|
3847 |
+
msgstr ""
|
3848 |
+
|
3849 |
+
#: ninjafirewall.php:773
|
3850 |
+
msgid ""
|
3851 |
+
"If you believe this was an error please contact the<br />webmaster and "
|
3852 |
+
"enclose the following incident ID:"
|
3853 |
+
msgstr ""
|
3854 |
+
|
3855 |
+
#: ninjafirewall.php:799
|
3856 |
+
msgid "NinjaFirewall: Overview"
|
3857 |
+
msgstr ""
|
3858 |
+
|
3859 |
+
#: ninjafirewall.php:803
|
3860 |
+
msgid "NinjaFirewall: Statistics"
|
3861 |
+
msgstr ""
|
3862 |
+
|
3863 |
+
#: ninjafirewall.php:807
|
3864 |
+
msgid "NinjaFirewall: Firewall Options"
|
3865 |
+
msgstr ""
|
3866 |
+
|
3867 |
+
#: ninjafirewall.php:811
|
3868 |
+
msgid "NinjaFirewall: Firewall Policies"
|
3869 |
+
msgstr ""
|
3870 |
+
|
3871 |
+
#: ninjafirewall.php:815
|
3872 |
+
msgid "NinjaFirewall: File Guard"
|
3873 |
+
msgstr ""
|
3874 |
+
|
3875 |
+
#: ninjafirewall.php:819
|
3876 |
+
msgid "NinjaFirewall: File Check"
|
3877 |
+
msgstr ""
|
3878 |
+
|
3879 |
+
#: ninjafirewall.php:829
|
3880 |
+
msgid "NinjaFirewall: Anti-Malware"
|
3881 |
+
msgstr ""
|
3882 |
+
|
3883 |
+
#: ninjafirewall.php:833
|
3884 |
+
msgid "NinjaFirewall: Network"
|
3885 |
+
msgstr ""
|
3886 |
+
|
3887 |
+
#: ninjafirewall.php:837
|
3888 |
+
msgid "NinjaFirewall: Event Notifications"
|
3889 |
+
msgstr ""
|
3890 |
+
|
3891 |
+
#: ninjafirewall.php:841
|
3892 |
+
msgid "NinjaFirewall: Log-in Protection"
|
3893 |
+
msgstr ""
|
3894 |
+
|
3895 |
+
#: ninjafirewall.php:845
|
3896 |
+
msgid "NinjaFirewall: Firewall Log"
|
3897 |
+
msgstr ""
|
3898 |
+
|
3899 |
+
#: ninjafirewall.php:849
|
3900 |
+
msgid "NinjaFirewall: Live Log"
|
3901 |
+
msgstr ""
|
3902 |
+
|
3903 |
+
#: ninjafirewall.php:853
|
3904 |
+
msgid "NinjaFirewall: Rules Editor"
|
3905 |
+
msgstr ""
|
3906 |
+
|
3907 |
+
#: ninjafirewall.php:857
|
3908 |
+
msgid "NinjaFirewall: Updates"
|
3909 |
+
msgstr ""
|
3910 |
+
|
3911 |
+
#: ninjafirewall.php:864
|
3912 |
+
msgid "NinjaFirewall: About"
|
3913 |
+
msgstr ""
|
3914 |
+
|
3915 |
+
#: ninjafirewall.php:864
|
3916 |
+
msgid "About..."
|
3917 |
+
msgstr ""
|
3918 |
+
|
3919 |
+
#: ninjafirewall.php:904
|
3920 |
+
msgid "NinjaFirewall Settings"
|
3921 |
+
msgstr ""
|
3922 |
+
|
3923 |
+
#: ninjafirewall.php:912
|
3924 |
+
msgid "NinjaFirewall is enabled"
|
3925 |
+
msgstr ""
|
3926 |
+
|
3927 |
+
#: ninjafirewall.php:951
|
3928 |
+
msgid "Congratulations, NinjaFirewall is up and running!"
|
3929 |
+
msgstr ""
|
3930 |
+
|
3931 |
+
#: ninjafirewall.php:952
|
3932 |
+
msgid ""
|
3933 |
+
"If you need help, click on the contextual \"Help\" menu tab located in the "
|
3934 |
+
"upper right corner of each page."
|
3935 |
+
msgstr ""
|
3936 |
+
|
3937 |
+
#: ninjafirewall.php:954
|
3938 |
+
msgid "A \"Quick Start, FAQ & Troubleshooting Guide\" email was sent to"
|
3939 |
+
msgstr ""
|
3940 |
+
|
3941 |
+
#: ninjafirewall.php:976 ninjafirewall.php:986
|
3942 |
+
msgid "Firewall"
|
3943 |
+
msgstr ""
|
3944 |
+
|
3945 |
+
#: ninjafirewall.php:995
|
3946 |
+
msgid "WordPress WAF"
|
3947 |
+
msgstr ""
|
3948 |
+
|
3949 |
+
#: ninjafirewall.php:997
|
3950 |
+
msgid "Full WAF"
|
3951 |
+
msgstr ""
|
3952 |
+
|
3953 |
+
#: ninjafirewall.php:1001
|
3954 |
+
msgid "Mode"
|
3955 |
+
msgstr ""
|
3956 |
+
|
3957 |
+
#: ninjafirewall.php:1003
|
3958 |
+
#, php-format
|
3959 |
+
msgid "NinjaFirewall is running in %s mode."
|
3960 |
+
msgstr ""
|
3961 |
+
|
3962 |
+
#: ninjafirewall.php:1012
|
3963 |
+
msgid "Enabled."
|
3964 |
+
msgstr ""
|
3965 |
+
|
3966 |
+
#: ninjafirewall.php:1012
|
3967 |
+
msgid "Click here to turn Debugging Mode off"
|
3968 |
+
msgstr ""
|
3969 |
+
|
3970 |
+
#: ninjafirewall.php:1018
|
3971 |
+
msgid "PHP SAPI"
|
3972 |
+
msgstr ""
|
3973 |
+
|
3974 |
+
#: ninjafirewall.php:1032 ninjafirewall.php:3439
|
3975 |
+
msgid "Version"
|
3976 |
+
msgstr ""
|
3977 |
+
|
3978 |
+
#: ninjafirewall.php:1034
|
3979 |
+
msgid "Security rules:"
|
3980 |
+
msgstr ""
|
3981 |
+
|
3982 |
+
#: ninjafirewall.php:1044
|
3983 |
+
msgid "Security rules updates are disabled."
|
3984 |
+
msgstr ""
|
3985 |
+
|
3986 |
+
#: ninjafirewall.php:1044
|
3987 |
+
msgid ""
|
3988 |
+
"If you want your blog to be protected against the latest threats, enable "
|
3989 |
+
"automatic security rules updates."
|
3990 |
+
msgstr ""
|
3991 |
+
|
3992 |
+
#: ninjafirewall.php:1052 ninjafirewall.php:1061
|
3993 |
+
msgid "Admin user"
|
3994 |
+
msgstr ""
|
3995 |
+
|
3996 |
+
#: ninjafirewall.php:1054
|
3997 |
+
#, php-format
|
3998 |
+
msgid ""
|
3999 |
+
"You are not whitelisted. Ensure that the \"Do not block WordPress "
|
4000 |
+
"administrator\" option is enabled in the <a href=\"%s\">Firewall Policies</"
|
4001 |
+
"a> menu, otherwise you will likely get blocked by the firewall while working "
|
4002 |
+
"from your administration dashboard."
|
4003 |
+
msgstr ""
|
4004 |
+
|
4005 |
+
#: ninjafirewall.php:1063
|
4006 |
+
msgid "You are whitelisted by the firewall."
|
4007 |
+
msgstr ""
|
4008 |
+
|
4009 |
+
#: ninjafirewall.php:1070
|
4010 |
+
msgid "Restrictions"
|
4011 |
+
msgstr ""
|
4012 |
+
|
4013 |
+
#: ninjafirewall.php:1072
|
4014 |
+
msgid "Access to NinjaFirewall is restricted to:"
|
4015 |
+
msgstr ""
|
4016 |
+
|
4017 |
+
#: ninjafirewall.php:1080 ninjafirewall.php:1090
|
4018 |
+
msgid "User session"
|
4019 |
+
msgstr ""
|
4020 |
+
|
4021 |
+
#: ninjafirewall.php:1082
|
4022 |
+
msgid ""
|
4023 |
+
"It seems the user session was not set by the firewall script or may have "
|
4024 |
+
"been destroyed by another plugin. You may get blocked by the firewall while "
|
4025 |
+
"working from the WordPress administration dashboard."
|
4026 |
+
msgstr ""
|
4027 |
+
|
4028 |
+
#: ninjafirewall.php:1092
|
4029 |
+
msgid ""
|
4030 |
+
"It seems that the user session set by NinjaFirewall was not found by the "
|
4031 |
+
"firewall script. You may get blocked by the firewall while working from the "
|
4032 |
+
"WordPress administration dashboard."
|
4033 |
+
msgstr ""
|
4034 |
+
|
4035 |
+
#: ninjafirewall.php:1100
|
4036 |
+
#, php-format
|
4037 |
+
msgid ""
|
4038 |
+
"the public key is invalid. Please <a href=\"%s\">check your configuration</"
|
4039 |
+
"a>."
|
4040 |
+
msgstr ""
|
4041 |
+
|
4042 |
+
#: ninjafirewall.php:1104
|
4043 |
+
msgid "No IP address restriction."
|
4044 |
+
msgstr ""
|
4045 |
+
|
4046 |
+
#: ninjafirewall.php:1107
|
4047 |
+
#, php-format
|
4048 |
+
msgid "IP address %s is allowed to access NinjaFirewall's log on this server."
|
4049 |
+
msgstr ""
|
4050 |
+
|
4051 |
+
#: ninjafirewall.php:1110
|
4052 |
+
#, php-format
|
4053 |
+
msgid ""
|
4054 |
+
"the whitelisted IP is not valid. Please <a href=\"%s\">check your "
|
4055 |
+
"configuration</a>."
|
4056 |
+
msgstr ""
|
4057 |
+
|
4058 |
+
#: ninjafirewall.php:1120
|
4059 |
+
#, php-format
|
4060 |
+
msgid "Error: %s"
|
4061 |
+
msgstr ""
|
4062 |
+
|
4063 |
+
#: ninjafirewall.php:1138
|
4064 |
+
msgid "Source IP"
|
4065 |
+
msgstr ""
|
4066 |
+
|
4067 |
+
#: ninjafirewall.php:1140
|
4068 |
+
#, php-format
|
4069 |
+
msgid "You have a private IP : %s"
|
4070 |
+
msgstr ""
|
4071 |
+
|
4072 |
+
#: ninjafirewall.php:1140
|
4073 |
+
#, php-format
|
4074 |
+
msgid ""
|
4075 |
+
"If your site is behind a reverse proxy or a load balancer, ensure that you "
|
4076 |
+
"have setup your HTTP server or PHP to forward the correct visitor IP, "
|
4077 |
+
"otherwise use the NinjaFirewall %s configuration file."
|
4078 |
+
msgstr ""
|
4079 |
+
|
4080 |
+
#: ninjafirewall.php:1148 ninjafirewall.php:1159
|
4081 |
+
msgid "CDN detection"
|
4082 |
+
msgstr ""
|
4083 |
+
|
4084 |
+
#: ninjafirewall.php:1150
|
4085 |
+
#, php-format
|
4086 |
+
msgid ""
|
4087 |
+
"%s detected: you seem to be using Cloudflare CDN services. Ensure that you "
|
4088 |
+
"have setup your HTTP server or PHP to forward the correct visitor IP, "
|
4089 |
+
"otherwise use the NinjaFirewall %s configuration file."
|
4090 |
+
msgstr ""
|
4091 |
+
|
4092 |
+
#: ninjafirewall.php:1161
|
4093 |
+
#, php-format
|
4094 |
+
msgid ""
|
4095 |
+
"%s detected: you seem to be using Incapsula CDN services. Ensure that you "
|
4096 |
+
"have setup your HTTP server or PHP to forward the correct visitor IP, "
|
4097 |
+
"otherwise use the NinjaFirewall %s configuration file."
|
4098 |
+
msgstr ""
|
4099 |
+
|
4100 |
+
#: ninjafirewall.php:1170 ninjafirewall.php:1180
|
4101 |
+
msgid "Log dir"
|
4102 |
+
msgstr ""
|
4103 |
+
|
4104 |
+
#: ninjafirewall.php:1172 ninjafirewall.php:1182
|
4105 |
+
#, php-format
|
4106 |
+
msgid "%s directory is not writable! Please chmod it to 0777 or equivalent."
|
4107 |
+
msgstr ""
|
4108 |
+
|
4109 |
+
#: ninjafirewall.php:1190
|
4110 |
+
msgid "Optional configuration file"
|
4111 |
+
msgstr ""
|
4112 |
+
|
4113 |
+
#: ninjafirewall.php:1225 ninjafirewall.php:1607 ninjafirewall.php:1622
|
4114 |
+
#: ninjafirewall.php:1632 ninjafirewall.php:1642 ninjafirewall.php:1712
|
4115 |
+
#: ninjafirewall.php:1755 ninjafirewall.php:1788 ninjafirewall.php:1826
|
4116 |
+
#: ninjafirewall.php:1914 ninjafirewall.php:1934 ninjafirewall.php:1977
|
4117 |
+
#: ninjafirewall.php:2106 ninjafirewall.php:2120 ninjafirewall.php:2321
|
4118 |
+
msgid "Yes"
|
4119 |
+
msgstr ""
|
4120 |
+
|
4121 |
+
#: ninjafirewall.php:1227
|
4122 |
+
msgid "(default)"
|
4123 |
+
msgstr ""
|
4124 |
+
|
4125 |
+
#: ninjafirewall.php:1228
|
4126 |
+
#, php-format
|
4127 |
+
msgid ""
|
4128 |
+
"This feature is only available when NinjaFirewall is running in %s mode."
|
4129 |
+
msgstr ""
|
4130 |
+
|
4131 |
+
#: ninjafirewall.php:1241
|
4132 |
+
msgid "All fields will be restored to their default values. Go ahead?"
|
4133 |
+
msgstr ""
|
4134 |
+
|
4135 |
+
#: ninjafirewall.php:1271
|
4136 |
+
msgid ""
|
4137 |
+
"WARNING: ensure that you can access your admin console over HTTPS before "
|
4138 |
+
"enabling this option, otherwise you will lock yourself out of your site. Go "
|
4139 |
+
"ahead?"
|
4140 |
+
msgstr ""
|
4141 |
+
|
4142 |
+
#: ninjafirewall.php:1280
|
4143 |
+
msgid ""
|
4144 |
+
"Any character that is not a letter [a-zA-Z], a digit [0-9], a dot [.], a "
|
4145 |
+
"hyphen [-] or an underscore [_] will be removed from the filename and "
|
4146 |
+
"replaced with the substitution character. Continue?"
|
4147 |
+
msgstr ""
|
4148 |
+
|
4149 |
+
#: ninjafirewall.php:1318
|
4150 |
+
msgid "Default values were restored."
|
4151 |
+
msgstr ""
|
4152 |
+
|
4153 |
+
#: ninjafirewall.php:1320
|
4154 |
+
msgid "No action taken."
|
4155 |
+
msgstr ""
|
4156 |
+
|
4157 |
+
#: ninjafirewall.php:1355
|
4158 |
+
msgid "Enable NinjaFirewall for"
|
4159 |
+
msgstr ""
|
4160 |
+
|
4161 |
+
#: ninjafirewall.php:1387
|
4162 |
+
msgid "File Uploads"
|
4163 |
+
msgstr ""
|
4164 |
+
|
4165 |
+
#: ninjafirewall.php:1391
|
4166 |
+
msgid "Allow uploads"
|
4167 |
+
msgstr ""
|
4168 |
+
|
4169 |
+
#: ninjafirewall.php:1392
|
4170 |
+
msgid "Disallow uploads (default)"
|
4171 |
+
msgstr ""
|
4172 |
+
|
4173 |
+
#: ninjafirewall.php:1395
|
4174 |
+
msgid "Sanitise filenames"
|
4175 |
+
msgstr ""
|
4176 |
+
|
4177 |
+
#: ninjafirewall.php:1395
|
4178 |
+
msgid "substitution character:"
|
4179 |
+
msgstr ""
|
4180 |
+
|
4181 |
+
#: ninjafirewall.php:1496
|
4182 |
+
msgid "Block direct access to any PHP file located in one of these directories"
|
4183 |
+
msgstr ""
|
4184 |
+
|
4185 |
+
#: ninjafirewall.php:1526
|
4186 |
+
msgid ""
|
4187 |
+
"NinjaFirewall will not block access to the TinyMCE WYSIWYG editor even if "
|
4188 |
+
"this option is enabled."
|
4189 |
+
msgstr ""
|
4190 |
+
|
4191 |
+
#: ninjafirewall.php:1541
|
4192 |
+
msgid ""
|
4193 |
+
"Unless you have PHP scripts in a \"/cache/\" folder that need to be accessed "
|
4194 |
+
"by your visitors, we recommend to enable this option."
|
4195 |
+
msgstr ""
|
4196 |
+
|
4197 |
+
#: ninjafirewall.php:1552
|
4198 |
+
msgid ""
|
4199 |
+
"If you are using the Jetpack plugin, blocking <code>system.multicall</code> "
|
4200 |
+
"may prevent it from working correctly."
|
4201 |
+
msgstr ""
|
4202 |
+
|
4203 |
+
#: ninjafirewall.php:1560
|
4204 |
+
msgid "Protect against username enumeration"
|
4205 |
+
msgstr ""
|
4206 |
+
|
4207 |
+
#: ninjafirewall.php:1563
|
4208 |
+
msgid "Through the author archives"
|
4209 |
+
msgstr ""
|
4210 |
+
|
4211 |
+
#: ninjafirewall.php:1564
|
4212 |
+
msgid "Through the login page"
|
4213 |
+
msgstr ""
|
4214 |
+
|
4215 |
+
#: ninjafirewall.php:1565
|
4216 |
+
msgid "Through the WordPress REST API"
|
4217 |
+
msgstr ""
|
4218 |
+
|
4219 |
+
#: ninjafirewall.php:1573
|
4220 |
+
msgid "This feature is only available when running WordPress 4.7 or above."
|
4221 |
+
msgstr ""
|
4222 |
+
|
4223 |
+
#: ninjafirewall.php:1580
|
4224 |
+
msgid "WordPress REST API"
|
4225 |
+
msgstr ""
|
4226 |
+
|
4227 |
+
#: ninjafirewall.php:1583 ninjafirewall.php:1592
|
4228 |
+
msgid "Block any access to the API"
|
4229 |
+
msgstr ""
|
4230 |
+
|
4231 |
+
#: ninjafirewall.php:1589
|
4232 |
+
msgid "WordPress XML-RPC API"
|
4233 |
+
msgstr ""
|
4234 |
+
|
4235 |
+
#: ninjafirewall.php:1593
|
4236 |
+
msgid "Block <code>system.multicall</code> method"
|
4237 |
+
msgstr ""
|
4238 |
+
|
4239 |
+
#: ninjafirewall.php:1595
|
4240 |
+
msgid "Block Pingbacks"
|
4241 |
+
msgstr ""
|
4242 |
+
|
4243 |
+
#: ninjafirewall.php:1600
|
4244 |
+
msgid ""
|
4245 |
+
"Disabling access to the REST or XML-RPC API may break some functionality on "
|
4246 |
+
"your blog, its themes or plugins."
|
4247 |
+
msgstr ""
|
4248 |
+
|
4249 |
+
#: ninjafirewall.php:1604
|
4250 |
+
msgid "Block <code>POST</code> requests in the themes folder"
|
4251 |
+
msgstr ""
|
4252 |
+
|
4253 |
+
#: ninjafirewall.php:1619
|
4254 |
+
msgid "Force SSL for admin and logins"
|
4255 |
+
msgstr ""
|
4256 |
+
|
4257 |
+
#: ninjafirewall.php:1629
|
4258 |
+
msgid "Disable the plugin and theme editor"
|
4259 |
+
msgstr ""
|
4260 |
+
|
4261 |
+
#: ninjafirewall.php:1639
|
4262 |
+
msgid "Disable plugin and theme update/installation"
|
4263 |
+
msgstr ""
|
4264 |
+
|
4265 |
+
#: ninjafirewall.php:1668
|
4266 |
+
msgid "Add the Administrator to the whitelist (default)."
|
4267 |
+
msgstr ""
|
4268 |
+
|
4269 |
+
#: ninjafirewall.php:1669
|
4270 |
+
msgid "Add all logged in users to the whitelist."
|
4271 |
+
msgstr ""
|
4272 |
+
|
4273 |
+
#: ninjafirewall.php:1670
|
4274 |
+
msgid "Disable users whitelist."
|
4275 |
+
msgstr ""
|
4276 |
+
|
4277 |
+
#: ninjafirewall.php:1671
|
4278 |
+
msgid ""
|
4279 |
+
"Note: This feature does not apply to <code>FORCE_SSL_ADMIN</code>, "
|
4280 |
+
"<code>DISALLOW_FILE_EDIT</code> and <code>DISALLOW_FILE_MODS</code> options "
|
4281 |
+
"which, if enabled, are always enforced."
|
4282 |
+
msgstr ""
|
4283 |
+
|
4284 |
+
#: ninjafirewall.php:1699
|
4285 |
+
msgid "Scan <code>GET</code> variable"
|
4286 |
+
msgstr ""
|
4287 |
+
|
4288 |
+
#: ninjafirewall.php:1709
|
4289 |
+
msgid "Sanitise <code>GET</code> variable"
|
4290 |
+
msgstr ""
|
4291 |
+
|
4292 |
+
#: ninjafirewall.php:1742
|
4293 |
+
msgid "Scan <code>POST</code> variable"
|
4294 |
+
msgstr ""
|
4295 |
+
|
4296 |
+
#: ninjafirewall.php:1752
|
4297 |
+
msgid "Sanitise <code>POST</code> variable"
|
4298 |
+
msgstr ""
|
4299 |
+
|
4300 |
+
#: ninjafirewall.php:1758 ninjafirewall.php:1791
|
4301 |
+
msgid "Do not enable this option unless you know what you are doing!"
|
4302 |
+
msgstr ""
|
4303 |
+
|
4304 |
+
#: ninjafirewall.php:1762
|
4305 |
+
msgid "Decode Base64-encoded <code>POST</code> variable"
|
4306 |
+
msgstr ""
|
4307 |
+
|
4308 |
+
#: ninjafirewall.php:1785
|
4309 |
+
msgid "Sanitise <code>REQUEST</code> variable"
|
4310 |
+
msgstr ""
|
4311 |
+
|
4312 |
+
#: ninjafirewall.php:1813
|
4313 |
+
msgid "Scan cookies"
|
4314 |
+
msgstr ""
|
4315 |
+
|
4316 |
+
#: ninjafirewall.php:1823
|
4317 |
+
msgid "Sanitise cookies"
|
4318 |
+
msgstr ""
|
4319 |
+
|
4320 |
+
#: ninjafirewall.php:1858
|
4321 |
+
msgid "Scan <code>HTTP_USER_AGENT</code>"
|
4322 |
+
msgstr ""
|
4323 |
+
|
4324 |
+
#: ninjafirewall.php:1868
|
4325 |
+
msgid "Sanitise <code>HTTP_USER_AGENT</code>"
|
4326 |
+
msgstr ""
|
4327 |
+
|
4328 |
+
#: ninjafirewall.php:1878
|
4329 |
+
msgid "Block suspicious bots/scanners"
|
4330 |
+
msgstr ""
|
4331 |
+
|
4332 |
+
#: ninjafirewall.php:1911
|
4333 |
+
msgid "Scan <code>HTTP_REFERER</code>"
|
4334 |
+
msgstr ""
|
4335 |
+
|
4336 |
+
#: ninjafirewall.php:1921
|
4337 |
+
msgid "Sanitise <code>HTTP_REFERER</code>"
|
4338 |
+
msgstr ""
|
4339 |
+
|
4340 |
+
#: ninjafirewall.php:1931
|
4341 |
+
msgid ""
|
4342 |
+
"Block <code>POST</code> requests that do not have an <code>HTTP_REFERER</"
|
4343 |
+
"code> header"
|
4344 |
+
msgstr ""
|
4345 |
+
|
4346 |
+
#: ninjafirewall.php:1937
|
4347 |
+
msgid ""
|
4348 |
+
"Keep this option disabled if you are using scripts like Paypal IPN, "
|
4349 |
+
"WordPress WP-Cron etc"
|
4350 |
+
msgstr ""
|
4351 |
+
|
4352 |
+
#: ninjafirewall.php:1964
|
4353 |
+
msgid "Block localhost IP in <code>GET/POST</code> request"
|
4354 |
+
msgstr ""
|
4355 |
+
|
4356 |
+
#: ninjafirewall.php:1974
|
4357 |
+
msgid "Block HTTP requests with an IP in the <code>HTTP_HOST</code> header"
|
4358 |
+
msgstr ""
|
4359 |
+
|
4360 |
+
#: ninjafirewall.php:1984
|
4361 |
+
msgid "Scan traffic coming from localhost and private IP address spaces"
|
4362 |
+
msgstr ""
|
4363 |
+
|
4364 |
+
#: ninjafirewall.php:2006
|
4365 |
+
#, php-format
|
4366 |
+
msgid ""
|
4367 |
+
"This option is disabled because the %s PHP function is not available on your "
|
4368 |
+
"server."
|
4369 |
+
msgstr ""
|
4370 |
+
|
4371 |
+
#: ninjafirewall.php:2024
|
4372 |
+
#, php-format
|
4373 |
+
msgid "Set %s to protect against MIME type confusion attacks"
|
4374 |
+
msgstr ""
|
4375 |
+
|
4376 |
+
#: ninjafirewall.php:2034
|
4377 |
+
#, php-format
|
4378 |
+
msgid "Set %s to protect against clickjacking attempts"
|
4379 |
+
msgstr ""
|
4380 |
+
|
4381 |
+
#: ninjafirewall.php:2043
|
4382 |
+
#, php-format
|
4383 |
+
msgid "Enforce %s (IE, Chrome and Safari browsers)"
|
4384 |
+
msgstr ""
|
4385 |
+
|
4386 |
+
#: ninjafirewall.php:2053
|
4387 |
+
#, php-format
|
4388 |
+
msgid "Force %s flag on all cookies to mitigate XSS attacks"
|
4389 |
+
msgstr ""
|
4390 |
+
|
4391 |
+
#: ninjafirewall.php:2059
|
4392 |
+
msgid ""
|
4393 |
+
"If your PHP scripts use cookies that need to be accessed from JavaScript, "
|
4394 |
+
"you should disable this option."
|
4395 |
+
msgstr ""
|
4396 |
+
|
4397 |
+
#: ninjafirewall.php:2065
|
4398 |
+
msgid ""
|
4399 |
+
"HSTS headers can only be set when you are accessing your site over HTTPS."
|
4400 |
+
msgstr ""
|
4401 |
+
|
4402 |
+
#: ninjafirewall.php:2072
|
4403 |
+
#, php-format
|
4404 |
+
msgid "Set %s (HSTS) to enforce secure connections to the server"
|
4405 |
+
msgstr ""
|
4406 |
+
|
4407 |
+
#: ninjafirewall.php:2075
|
4408 |
+
msgid "1 month"
|
4409 |
+
msgstr ""
|
4410 |
+
|
4411 |
+
#: ninjafirewall.php:2076
|
4412 |
+
msgid "6 months"
|
4413 |
+
msgstr ""
|
4414 |
+
|
4415 |
+
#: ninjafirewall.php:2077
|
4416 |
+
msgid "1 year"
|
4417 |
+
msgstr ""
|
4418 |
+
|
4419 |
+
#: ninjafirewall.php:2079
|
4420 |
+
msgid "Apply to subdomains"
|
4421 |
+
msgstr ""
|
4422 |
+
|
4423 |
+
#: ninjafirewall.php:2083
|
4424 |
+
msgid "Set <code>max-age</code> to 0"
|
4425 |
+
msgstr ""
|
4426 |
+
|
4427 |
+
#: ninjafirewall.php:2103
|
4428 |
+
#, php-format
|
4429 |
+
msgid "Set %s for the website frontend"
|
4430 |
+
msgstr ""
|
4431 |
+
|
4432 |
+
#: ninjafirewall.php:2111
|
4433 |
+
msgid "This CSP header will apply to the website frontend only."
|
4434 |
+
msgstr ""
|
4435 |
+
|
4436 |
+
#: ninjafirewall.php:2117
|
4437 |
+
#, php-format
|
4438 |
+
msgid "Set %s for the WordPress admin dashboard"
|
4439 |
+
msgstr ""
|
4440 |
+
|
4441 |
+
#: ninjafirewall.php:2125
|
4442 |
+
msgid "This CSP header will apply to the WordPress admin dashboard only."
|
4443 |
+
msgstr ""
|
4444 |
+
|
4445 |
+
#: ninjafirewall.php:2165
|
4446 |
+
msgid ""
|
4447 |
+
"Block PHP built-in wrappers in <code>GET</code>, <code>POST</code>, "
|
4448 |
+
"<code>HTTP_USER_AGENT</code>, <code>HTTP_REFERER</code> and cookies"
|
4449 |
+
msgstr ""
|
4450 |
+
|
4451 |
+
#: ninjafirewall.php:2208
|
4452 |
+
msgid "Block serialized PHP objects in the following global variables"
|
4453 |
+
msgstr ""
|
4454 |
+
|
4455 |
+
#: ninjafirewall.php:2221
|
4456 |
+
msgid "Hide PHP notice and error messages"
|
4457 |
+
msgstr ""
|
4458 |
+
|
4459 |
+
#: ninjafirewall.php:2231
|
4460 |
+
msgid "Sanitise <code>PHP_SELF</code>"
|
4461 |
+
msgstr ""
|
4462 |
+
|
4463 |
+
#: ninjafirewall.php:2241
|
4464 |
+
msgid "Sanitise <code>PATH_TRANSLATED</code>"
|
4465 |
+
msgstr ""
|
4466 |
+
|
4467 |
+
#: ninjafirewall.php:2251
|
4468 |
+
msgid "Sanitise <code>PATH_INFO</code>"
|
4469 |
+
msgstr ""
|
4470 |
+
|
4471 |
+
#: ninjafirewall.php:2271
|
4472 |
+
msgid "This option is not compatible with your actual configuration."
|
4473 |
+
msgstr ""
|
4474 |
+
|
4475 |
+
#: ninjafirewall.php:2298
|
4476 |
+
msgid "Block the <code>DOCUMENT_ROOT</code> server variable in HTTP request"
|
4477 |
+
msgstr ""
|
4478 |
+
|
4479 |
+
#: ninjafirewall.php:2308
|
4480 |
+
msgid "Block ASCII character 0x00 (NULL byte)"
|
4481 |
+
msgstr ""
|
4482 |
+
|
4483 |
+
#: ninjafirewall.php:2318
|
4484 |
+
msgid "Block ASCII control characters 1 to 8 and 14 to 31"
|
4485 |
+
msgstr ""
|
4486 |
+
|
4487 |
+
#: ninjafirewall.php:2334
|
4488 |
+
msgid "Save Firewall Policies"
|
4489 |
+
msgstr ""
|
4490 |
+
|
4491 |
+
#: ninjafirewall.php:2336
|
4492 |
+
msgid "Restore Default Values"
|
4493 |
+
msgstr ""
|
4494 |
+
|
4495 |
+
#: ninjafirewall.php:2829 ninjafirewall.php:2835
|
4496 |
+
msgid "Please enter a number from 1 to 99."
|
4497 |
+
msgstr ""
|
4498 |
+
|
4499 |
+
#: ninjafirewall.php:2848
|
4500 |
+
#, php-format
|
4501 |
+
msgid ""
|
4502 |
+
"You are running NinjaFirewall in <i>WordPress WAF</i> mode. The %s feature "
|
4503 |
+
"will be limited to a few WordPress files only (e.g., index.php, wp-login."
|
4504 |
+
"php, xmlrpc.php, admin-ajax.php, wp-load.php etc). If you want it to apply "
|
4505 |
+
"to any PHP script, you will need to run NinjaFirewall in %s mode."
|
4506 |
+
msgstr ""
|
4507 |
+
|
4508 |
+
#: ninjafirewall.php:2854
|
4509 |
+
#, php-format
|
4510 |
+
msgid ""
|
4511 |
+
"The cache directory %s is not writable. Please change its permissions (0777 "
|
4512 |
+
"or equivalent)."
|
4513 |
+
msgstr ""
|
4514 |
+
|
4515 |
+
#: ninjafirewall.php:2886
|
4516 |
+
msgid "Enable File Guard"
|
4517 |
+
msgstr ""
|
4518 |
+
|
4519 |
+
#: ninjafirewall.php:2888
|
4520 |
+
msgid "Yes (recommended)"
|
4521 |
+
msgstr ""
|
4522 |
+
|
4523 |
+
#: ninjafirewall.php:2901
|
4524 |
+
msgid "Real-time detection"
|
4525 |
+
msgstr ""
|
4526 |
+
|
4527 |
+
#: ninjafirewall.php:2904
|
4528 |
+
#, php-format
|
4529 |
+
msgid ""
|
4530 |
+
"Monitor file activity and send an alert when someone is accessing a PHP "
|
4531 |
+
"script that was modified or created less than %s hour(s) ago."
|
4532 |
+
msgstr ""
|
4533 |
+
|
4534 |
+
#: ninjafirewall.php:2910
|
4535 |
+
msgid "or"
|
4536 |
+
msgstr ""
|
4537 |
+
|
4538 |
+
#: ninjafirewall.php:2910
|
4539 |
+
msgid ""
|
4540 |
+
"Full or partial case-sensitive string(s), max. 255 characters. Multiple "
|
4541 |
+
"values must be comma-separated"
|
4542 |
+
msgstr ""
|
4543 |
+
|
4544 |
+
#: ninjafirewall.php:2915
|
4545 |
+
msgid "Save File Guard options"
|
4546 |
+
msgstr ""
|
4547 |
+
|
4548 |
+
#: ninjafirewall.php:2966 ninjafirewall.php:3518
|
4549 |
+
#, php-format
|
4550 |
+
msgid "You are not allowed to perform this task (%s)."
|
4551 |
+
msgstr ""
|
4552 |
+
|
4553 |
+
#: ninjafirewall.php:2977
|
4554 |
+
msgid "You do not have a multisite network."
|
4555 |
+
msgstr ""
|
4556 |
+
|
4557 |
+
#: ninjafirewall.php:3001
|
4558 |
+
msgid "NinjaFirewall Status"
|
4559 |
+
msgstr ""
|
4560 |
+
|
4561 |
+
#: ninjafirewall.php:3004
|
4562 |
+
msgid ""
|
4563 |
+
"Display NinjaFirewall status icon in the admin bar of all sites in the "
|
4564 |
+
"network"
|
4565 |
+
msgstr ""
|
4566 |
+
|
4567 |
+
#: ninjafirewall.php:3012
|
4568 |
+
msgid "Save Network options"
|
4569 |
+
msgstr ""
|
4570 |
+
|
4571 |
+
#: ninjafirewall.php:3202
|
4572 |
+
msgid "Error: you did not select a rule to disable."
|
4573 |
+
msgstr ""
|
4574 |
+
|
4575 |
+
#: ninjafirewall.php:3204 ninjafirewall.php:3219
|
4576 |
+
msgid "Error: to change this rule, use the \"Firewall Policies\" menu."
|
4577 |
+
msgstr ""
|
4578 |
+
|
4579 |
+
#: ninjafirewall.php:3206 ninjafirewall.php:3221
|
4580 |
+
msgid "Error: this rule does not exist."
|
4581 |
+
msgstr ""
|
4582 |
+
|
4583 |
+
#: ninjafirewall.php:3210
|
4584 |
+
#, php-format
|
4585 |
+
msgid "Rule ID %s has been disabled."
|
4586 |
+
msgstr ""
|
4587 |
+
|
4588 |
+
#: ninjafirewall.php:3217
|
4589 |
+
msgid "Error: you did not select a rule to enable."
|
4590 |
+
msgstr ""
|
4591 |
+
|
4592 |
+
#: ninjafirewall.php:3225
|
4593 |
+
#, php-format
|
4594 |
+
msgid "Rule ID %s has been enabled."
|
4595 |
+
msgstr ""
|
4596 |
+
|
4597 |
+
#: ninjafirewall.php:3235
|
4598 |
+
msgid "Error: no rules found."
|
4599 |
+
msgstr ""
|
4600 |
+
|
4601 |
+
#: ninjafirewall.php:3250
|
4602 |
+
msgid "NinjaFirewall built-in security rules"
|
4603 |
+
msgstr ""
|
4604 |
+
|
4605 |
+
#: ninjafirewall.php:3253
|
4606 |
+
msgid "Select the rule you want to disable or enable"
|
4607 |
+
msgstr ""
|
4608 |
+
|
4609 |
+
#: ninjafirewall.php:3257
|
4610 |
+
msgid "Total rules enabled"
|
4611 |
+
msgstr ""
|
4612 |
+
|
4613 |
+
#: ninjafirewall.php:3265 ninjafirewall.php:3284 ninjafirewall.php:3299
|
4614 |
+
#: ninjafirewall.php:3318
|
4615 |
+
msgid "Rule ID"
|
4616 |
+
msgstr ""
|
4617 |
+
|
4618 |
+
#: ninjafirewall.php:3265 ninjafirewall.php:3299
|
4619 |
+
msgid "Firewall policy"
|
4620 |
+
msgstr ""
|
4621 |
+
|
4622 |
+
#: ninjafirewall.php:3268 ninjafirewall.php:3302
|
4623 |
+
msgid "Remote/local file inclusion"
|
4624 |
+
msgstr ""
|
4625 |
+
|
4626 |
+
#: ninjafirewall.php:3270 ninjafirewall.php:3304
|
4627 |
+
msgid "Cross-site scripting"
|
4628 |
+
msgstr ""
|
4629 |
+
|
4630 |
+
#: ninjafirewall.php:3272 ninjafirewall.php:3306
|
4631 |
+
msgid "Code injection"
|
4632 |
+
msgstr ""
|
4633 |
+
|
4634 |
+
#: ninjafirewall.php:3274 ninjafirewall.php:3308
|
4635 |
+
msgid "SQL injection"
|
4636 |
+
msgstr ""
|
4637 |
+
|
4638 |
+
#: ninjafirewall.php:3276 ninjafirewall.php:3310
|
4639 |
+
msgid "Various vulnerability"
|
4640 |
+
msgstr ""
|
4641 |
+
|
4642 |
+
#: ninjafirewall.php:3278 ninjafirewall.php:3312
|
4643 |
+
msgid "Backdoor/shell"
|
4644 |
+
msgstr ""
|
4645 |
+
|
4646 |
+
#: ninjafirewall.php:3280 ninjafirewall.php:3314
|
4647 |
+
msgid "Application specific"
|
4648 |
+
msgstr ""
|
4649 |
+
|
4650 |
+
#: ninjafirewall.php:3282 ninjafirewall.php:3316
|
4651 |
+
msgid "WordPress vulnerability"
|
4652 |
+
msgstr ""
|
4653 |
+
|
4654 |
+
#: ninjafirewall.php:3288
|
4655 |
+
msgid "Disable it"
|
4656 |
+
msgstr ""
|
4657 |
+
|
4658 |
+
#: ninjafirewall.php:3293
|
4659 |
+
msgid "Total rules disabled"
|
4660 |
+
msgstr ""
|
4661 |
+
|
4662 |
+
#: ninjafirewall.php:3323
|
4663 |
+
msgid "Enable it"
|
4664 |
+
msgstr ""
|
4665 |
+
|
4666 |
+
#: ninjafirewall.php:3325
|
4667 |
+
#, php-format
|
4668 |
+
msgid ""
|
4669 |
+
"Greyed out rules can be changed in the <a href=\"%s\">Firewall Policies</a> "
|
4670 |
+
"page."
|
4671 |
+
msgstr ""
|
4672 |
+
|
4673 |
+
#: ninjafirewall.php:3368
|
4674 |
+
msgid "Settings"
|
4675 |
+
msgstr ""
|
4676 |
+
|
4677 |
+
#: ninjafirewall.php:3369
|
4678 |
+
msgid "Upgrade to Premium"
|
4679 |
+
msgstr ""
|
4680 |
+
|
4681 |
+
#: ninjafirewall.php:3370
|
4682 |
+
msgid "Rate it!"
|
4683 |
+
msgstr ""
|
4684 |
+
|
4685 |
+
#: ninjafirewall.php:3431
|
4686 |
+
msgid "Plugin"
|
4687 |
+
msgstr ""
|
4688 |
+
|
4689 |
+
#: ninjafirewall.php:3431 ninjafirewall.php:3435
|
4690 |
+
msgid "uploaded"
|
4691 |
+
msgstr ""
|
4692 |
+
|
4693 |
+
#: ninjafirewall.php:3431 ninjafirewall.php:3435
|
4694 |
+
msgid "installed"
|
4695 |
+
msgstr ""
|
4696 |
+
|
4697 |
+
#: ninjafirewall.php:3431 ninjafirewall.php:3435
|
4698 |
+
msgid "activated"
|
4699 |
+
msgstr ""
|
4700 |
+
|
4701 |
+
#: ninjafirewall.php:3432
|
4702 |
+
msgid "updated"
|
4703 |
+
msgstr ""
|
4704 |
+
|
4705 |
+
#: ninjafirewall.php:3432
|
4706 |
+
msgid "deactivated"
|
4707 |
+
msgstr ""
|
4708 |
+
|
4709 |
+
#: ninjafirewall.php:3432 ninjafirewall.php:3436
|
4710 |
+
msgid "deleted"
|
4711 |
+
msgstr ""
|
4712 |
+
|
4713 |
+
#: ninjafirewall.php:3432 ninjafirewall.php:3436
|
4714 |
+
msgid "Name"
|
4715 |
+
msgstr ""
|
4716 |
+
|
4717 |
+
#: ninjafirewall.php:3435
|
4718 |
+
msgid "Theme"
|
4719 |
+
msgstr ""
|
4720 |
+
|
4721 |
+
#: ninjafirewall.php:3439
|
4722 |
+
msgid "upgraded"
|
4723 |
+
msgstr ""
|
4724 |
+
|
4725 |
+
#: ninjafirewall.php:3447
|
4726 |
+
msgid "[NinjaFirewall] Alert:"
|
4727 |
+
msgstr ""
|
4728 |
+
|
4729 |
+
#: ninjafirewall.php:3453
|
4730 |
+
msgid "NinjaFirewall has detected the following activity on your account:"
|
4731 |
+
msgstr ""
|
lib/.htaccess
ADDED
@@ -0,0 +1,20 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<Files "*">
|
2 |
+
<IfModule mod_version.c>
|
3 |
+
<IfVersion < 2.4>
|
4 |
+
Order Deny,Allow
|
5 |
+
Deny from All
|
6 |
+
</IfVersion>
|
7 |
+
<IfVersion >= 2.4>
|
8 |
+
Require all denied
|
9 |
+
</IfVersion>
|
10 |
+
</IfModule>
|
11 |
+
<IfModule !mod_version.c>
|
12 |
+
<IfModule !mod_authz_core.c>
|
13 |
+
Order Deny,Allow
|
14 |
+
Deny from All
|
15 |
+
</IfModule>
|
16 |
+
<IfModule mod_authz_core.c>
|
17 |
+
Require all denied
|
18 |
+
</IfModule>
|
19 |
+
</IfModule>
|
20 |
+
</Files>
|
lib/dashboard_widget.php
ADDED
@@ -0,0 +1,93 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+---------------------------------------------------------------------+
|
4 |
+
| NinjaFirewall (WP Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+---------------------------------------------------------------------+
|
8 |
+
| This program is free software: you can redistribute it and/or |
|
9 |
+
| modify it under the terms of the GNU General Public License as |
|
10 |
+
| published by the Free Software Foundation, either version 3 of |
|
11 |
+
| the License, or (at your option) any later version. |
|
12 |
+
| |
|
13 |
+
| This program is distributed in the hope that it will be useful, |
|
14 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
+
| GNU General Public License for more details. |
|
17 |
+
+---------------------------------------------------------------------+ i18n+ / sa
|
18 |
+
*/
|
19 |
+
|
20 |
+
if (! defined( 'NFW_ENGINE_VERSION' ) ) {
|
21 |
+
header('HTTP/1.1 404 Not Found');
|
22 |
+
header('Status: 404 Not Found');
|
23 |
+
exit;
|
24 |
+
}
|
25 |
+
|
26 |
+
|
27 |
+
// Return immediately if user is not allowed :
|
28 |
+
if (nf_not_allowed( 0, __LINE__ ) ) { return; }
|
29 |
+
|
30 |
+
wp_add_dashboard_widget( 'nfw_dashboard_welcome', __('NinjaFirewall Statistics', 'ninjafirewall'), 'nfw_stats_widget' );
|
31 |
+
|
32 |
+
function nfw_stats_widget(){
|
33 |
+
|
34 |
+
$critical = $high = $medium = $upload = $total = 0;
|
35 |
+
$stat_file = NFW_LOG_DIR . '/nfwlog/stats_' . date( 'Y-m' ) . '.php';
|
36 |
+
if ( file_exists( $stat_file ) ) {
|
37 |
+
$nfw_stat = file_get_contents( $stat_file, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES );
|
38 |
+
} else {
|
39 |
+
$nfw_stat = '0:0:0:0:0:0:0:0:0:0';
|
40 |
+
}
|
41 |
+
list($tmp, $medium, $high, $critical, $tmp, $upload, $tmp, $tmp, $tmp, $tmp) = explode(':', $nfw_stat . ':');
|
42 |
+
$total = $critical + $high + $medium;
|
43 |
+
if ( $total ) {
|
44 |
+
$coef = 100 / $total;
|
45 |
+
$critical = round( $critical * $coef, 2);
|
46 |
+
$high = round( $high * $coef, 2);
|
47 |
+
$medium = round( $medium * $coef, 2);
|
48 |
+
}
|
49 |
+
echo '
|
50 |
+
<table border="0" width="100%">
|
51 |
+
<tr>
|
52 |
+
<th width="50%" align="left">' . __('Blocked hacking attempts', 'ninjafirewall') .'</th>
|
53 |
+
<td width="50%" align="left">' . $total . '</td>
|
54 |
+
</tr>
|
55 |
+
<tr>
|
56 |
+
<th width="50%" align="left">' . __('Hacking attempts severity', 'ninjafirewall') .'</th>
|
57 |
+
<td width="50%" align="left">
|
58 |
+
<i>' . __('Critical:', 'ninjafirewall') . ' ' . $critical . '%</i>
|
59 |
+
<br />
|
60 |
+
<table bgcolor="#DFDFDF" border="0" cellpadding="0" cellspacing="0" height="14" width="100%" align="left" style="height:14px;">
|
61 |
+
<tr>
|
62 |
+
<td width="' . round( $critical) . '%" background="' . plugins_url() . '/ninjafirewall/images/bar-critical.png" style="padding:0px"></td><td width="' . round(100 - $critical) . '%" style="padding:0px"></td>
|
63 |
+
</tr>
|
64 |
+
</table>
|
65 |
+
<br />
|
66 |
+
<i>' . __('High:', 'ninjafirewall') . ' ' . $high . '%</i>
|
67 |
+
<br />
|
68 |
+
<table bgcolor="#DFDFDF" border="0" cellpadding="0" cellspacing="0" height="14" width="100%" align="left" style="height:14px;">
|
69 |
+
<tr>
|
70 |
+
<td width="' . round( $high) . '%" background="' . plugins_url() . '/ninjafirewall/images/bar-high.png" style="padding:0px"></td><td width="' . round(100 - $high) . '%" style="padding:0px"></td>
|
71 |
+
</tr>
|
72 |
+
</table>
|
73 |
+
<br />
|
74 |
+
<i>' . __('Medium:', 'ninjafirewall') . ' ' . $medium . '%</i>
|
75 |
+
<br />
|
76 |
+
<table bgcolor="#DFDFDF" border="0" cellpadding="0" cellspacing="0" height="14" width="100%" align="left" style="height:14px;">
|
77 |
+
<tr>
|
78 |
+
<td width="' . round( $medium) . '%" background="' . plugins_url() . '/ninjafirewall/images/bar-medium.png" style="padding:0px;"></td><td width="' . round(100 - $medium) . '%" style="padding:0px;"></td>
|
79 |
+
</tr>
|
80 |
+
</table>
|
81 |
+
</td>
|
82 |
+
</tr>
|
83 |
+
<tr>
|
84 |
+
<th width="50%" align="left">' . __('Uploaded files', 'ninjafirewall') .'</th>
|
85 |
+
<td width="50%" align="left">' . round($upload) . '</td>
|
86 |
+
</tr>
|
87 |
+
</table>';
|
88 |
+
// Display the link to the log page only if the log is not empty :
|
89 |
+
if ( $total || $upload ) {
|
90 |
+
echo '<div align="right"><small><a href="admin.php?page=nfsublog">' . __('View firewall log', 'ninjafirewall') .'</a></small></div>';
|
91 |
+
}
|
92 |
+
}
|
93 |
+
// EOF
|
lib/firewall.php
ADDED
@@ -0,0 +1,1573 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
// +---------------------------------------------------------------------+
|
3 |
+
// | NinjaFirewall (WP Edition) |
|
4 |
+
// | |
|
5 |
+
// | (c) NinTechNet - https://nintechnet.com/ |
|
6 |
+
// +---------------------------------------------------------------------+
|
7 |
+
// | This program is free software: you can redistribute it and/or |
|
8 |
+
// | modify it under the terms of the GNU General Public License as |
|
9 |
+
// | published by the Free Software Foundation, either version 3 of |
|
10 |
+
// | the License, or (at your option) any later version. |
|
11 |
+
// | |
|
12 |
+
// | This program is distributed in the hope that it will be useful, |
|
13 |
+
// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
14 |
+
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
15 |
+
// | GNU General Public License for more details. |
|
16 |
+
// +---------------------------------------------------------------------+ sa
|
17 |
+
if ( strpos($_SERVER['SCRIPT_NAME'], '/nfwlog/') !== FALSE ||
|
18 |
+
strpos($_SERVER['SCRIPT_NAME'], '/ninjafirewall/') !== FALSE ) { die('Forbidden'); }
|
19 |
+
if (defined('NFW_STATUS')) { return; }
|
20 |
+
|
21 |
+
$nfw_['fw_starttime'] = microtime(true);
|
22 |
+
|
23 |
+
// Optional NinjaFirewall configuration file
|
24 |
+
// ( see https://nintechnet.com/ninjafirewall/wp-edition/help/?htninja ) :
|
25 |
+
if ( @file_exists($nfw_['file'] = dirname($_SERVER['DOCUMENT_ROOT']) .'/.htninja') ||
|
26 |
+
@file_exists($nfw_['file'] = $_SERVER['DOCUMENT_ROOT'] .'/.htninja') ) {
|
27 |
+
$nfw_['res'] = @include $nfw_['file'];
|
28 |
+
if ( $nfw_['res'] == 'ALLOW' ) {
|
29 |
+
define( 'NFW_STATUS', 20 );
|
30 |
+
unset($nfw_);
|
31 |
+
return;
|
32 |
+
}
|
33 |
+
if ( $nfw_['res'] == 'BLOCK' ) {
|
34 |
+
header('HTTP/1.1 403 Forbidden');
|
35 |
+
header('Status: 403 Forbidden');
|
36 |
+
header('Pragma: no-cache');
|
37 |
+
header('Cache-Control: no-cache, no-store, must-revalidate');
|
38 |
+
header('Expires: 0');
|
39 |
+
die('403 Forbidden');
|
40 |
+
}
|
41 |
+
}
|
42 |
+
|
43 |
+
$nfw_['wp_content'] = dirname(dirname(dirname( __DIR__ )));
|
44 |
+
// Check if we have a user-defined log directory
|
45 |
+
// (see "Path to NinjaFirewall's log and cache directory"
|
46 |
+
// at https://nintechnet.com/ninjafirewall/wp-edition/help/?htninja ) :
|
47 |
+
if ( defined('NFW_LOG_DIR') ) {
|
48 |
+
$nfw_['log_dir'] = NFW_LOG_DIR . '/nfwlog';
|
49 |
+
} else {
|
50 |
+
$nfw_['log_dir'] = $nfw_['wp_content'] . '/nfwlog';
|
51 |
+
}
|
52 |
+
if (! is_dir($nfw_['log_dir']) ) {
|
53 |
+
if (! mkdir( $nfw_['log_dir'] . '/cache', 0755, true) ) {
|
54 |
+
define( 'NFW_STATUS', 13 );
|
55 |
+
return;
|
56 |
+
}
|
57 |
+
}
|
58 |
+
|
59 |
+
if ( strpos($_SERVER['SCRIPT_NAME'], 'wp-login.php' ) !== FALSE ) {
|
60 |
+
nfw_bfd(1);
|
61 |
+
} elseif ( strpos($_SERVER['SCRIPT_NAME'], 'xmlrpc.php' ) !== FALSE ) {
|
62 |
+
nfw_bfd(2);
|
63 |
+
}
|
64 |
+
|
65 |
+
if (empty ($wp_config)) {
|
66 |
+
$wp_config = dirname($nfw_['wp_content']) . '/wp-config.php';
|
67 |
+
}
|
68 |
+
|
69 |
+
if (! file_exists($wp_config) ) {
|
70 |
+
if (! @file_exists( $wp_config = dirname( dirname($nfw_['wp_content']) ) . '/wp-config.php') ) {
|
71 |
+
define( 'NFW_STATUS', 1 );
|
72 |
+
unset($nfw_);
|
73 |
+
unset($wp_config);
|
74 |
+
return;
|
75 |
+
}
|
76 |
+
}
|
77 |
+
if (! $nfw_['fh'] = fopen($wp_config, 'r') ) {
|
78 |
+
define( 'NFW_STATUS', 2 );
|
79 |
+
unset($nfw_);
|
80 |
+
unset($wp_config);
|
81 |
+
return;
|
82 |
+
}
|
83 |
+
|
84 |
+
while (! feof($nfw_['fh'])) {
|
85 |
+
$nfw_['line'] = fgets($nfw_['fh']);
|
86 |
+
if ( preg_match('/^\s*define\s*\(\s*[\'"]DB_NAME[\'"]\s*,\s*[\'"](.+?)[\'"]/', $nfw_['line'], $nfw_['match']) ) {
|
87 |
+
$nfw_['DB_NAME'] = $nfw_['match'][1];
|
88 |
+
} elseif ( preg_match('/^\s*define\s*\(\s*[\'"]DB_USER[\'"]\s*,\s*[\'"](.+?)[\'"]/', $nfw_['line'], $nfw_['match']) ) {
|
89 |
+
$nfw_['DB_USER'] = $nfw_['match'][1];
|
90 |
+
} elseif ( preg_match('/^\s*define\s*\(\s*[\'"]DB_PASSWORD[\'"]\s*,\s*([\'"])(.+?)\1/', $nfw_['line'], $nfw_['match']) ) {
|
91 |
+
$nfw_['DB_PASSWORD'] = $nfw_['match'][2];
|
92 |
+
} elseif ( preg_match('/^\s*define\s*\(\s*[\'"]DB_HOST[\'"]\s*,\s*[\'"](.+?)[\'"]/', $nfw_['line'], $nfw_['match']) ) {
|
93 |
+
$nfw_['DB_HOST'] = $nfw_['match'][1];
|
94 |
+
} elseif ( preg_match('/^\s*\$table_prefix\s*=\s*[\'"](.+?)[\'"]/', $nfw_['line'], $nfw_['match']) ) {
|
95 |
+
$nfw_['table_prefix'] = $nfw_['match'][1];
|
96 |
+
}
|
97 |
+
}
|
98 |
+
fclose($nfw_['fh']);
|
99 |
+
unset($wp_config);
|
100 |
+
if ( (! isset($nfw_['DB_NAME'])) || (! isset($nfw_['DB_USER'])) || (! isset($nfw_['DB_PASSWORD'])) || (! isset($nfw_['DB_HOST'])) || (! isset($nfw_['table_prefix'])) ) {
|
101 |
+
define( 'NFW_STATUS', 3 );
|
102 |
+
unset($nfw_);
|
103 |
+
return;
|
104 |
+
}
|
105 |
+
|
106 |
+
nfw_check_dbhost();
|
107 |
+
@$nfw_['mysqli'] = new mysqli($nfw_['DB_HOST'], $nfw_['DB_USER'], $nfw_['DB_PASSWORD'], $nfw_['DB_NAME'], $nfw_['port'], $nfw_['socket']);
|
108 |
+
if ($nfw_['mysqli']->connect_error) {
|
109 |
+
define( 'NFW_STATUS', 4 );
|
110 |
+
unset($nfw_);
|
111 |
+
return;
|
112 |
+
}
|
113 |
+
|
114 |
+
if (! $nfw_['result'] = @$nfw_['mysqli']->query('SELECT * FROM `' . $nfw_['mysqli']->real_escape_string($nfw_['table_prefix']) . "options` WHERE `option_name` = 'nfw_options'")) {
|
115 |
+
define( 'NFW_STATUS', 5 );
|
116 |
+
$nfw_['mysqli']->close();
|
117 |
+
unset($nfw_);
|
118 |
+
return;
|
119 |
+
}
|
120 |
+
if (! $nfw_['options'] = @$nfw_['result']->fetch_object() ) {
|
121 |
+
define( 'NFW_STATUS', 6 );
|
122 |
+
$nfw_['mysqli']->close();
|
123 |
+
unset($nfw_);
|
124 |
+
return;
|
125 |
+
}
|
126 |
+
$nfw_['result']->close();
|
127 |
+
|
128 |
+
if (! $nfw_['nfw_options'] = @unserialize($nfw_['options']->option_value) ) {
|
129 |
+
$nfw_['mysqli']->close();
|
130 |
+
define( 'NFW_STATUS', 11 );
|
131 |
+
unset($nfw_);
|
132 |
+
return;
|
133 |
+
}
|
134 |
+
|
135 |
+
if (! empty($nfw_['nfw_options']['clogs_pubkey']) && isset($_POST['clogs_req']) ) {
|
136 |
+
include 'fw_centlog.php';
|
137 |
+
fw_centlog();
|
138 |
+
exit;
|
139 |
+
}
|
140 |
+
|
141 |
+
if ( empty($nfw_['nfw_options']['enabled']) ) {
|
142 |
+
$nfw_['mysqli']->close();
|
143 |
+
define( 'NFW_STATUS', 20 );
|
144 |
+
unset($nfw_);
|
145 |
+
return;
|
146 |
+
}
|
147 |
+
|
148 |
+
if (! empty($nfw_['nfw_options']['response_headers']) && function_exists('header_register_callback')) {
|
149 |
+
define('NFW_RESHEADERS', $nfw_['nfw_options']['response_headers']);
|
150 |
+
if (! empty( $nfw_['nfw_options']['response_headers'][6] ) && ! empty( $nfw_['nfw_options']['csp_frontend_data'] ) ) {
|
151 |
+
define( 'CSP_FRONTEND_DATA', $nfw_['nfw_options']['csp_frontend_data']);
|
152 |
+
}
|
153 |
+
if (! empty( $nfw_['nfw_options']['response_headers'][7] ) && ! empty( $nfw_['nfw_options']['csp_backend_data'] ) ) {
|
154 |
+
define( 'CSP_BACKEND_DATA', $nfw_['nfw_options']['csp_backend_data'] );
|
155 |
+
}
|
156 |
+
header_register_callback('nfw_response_headers');
|
157 |
+
}
|
158 |
+
|
159 |
+
if (! empty($nfw_['nfw_options']['force_ssl']) ) {
|
160 |
+
define('FORCE_SSL_ADMIN', true);
|
161 |
+
}
|
162 |
+
if (! empty($nfw_['nfw_options']['disallow_edit']) ) {
|
163 |
+
define('DISALLOW_FILE_EDIT', true);
|
164 |
+
}
|
165 |
+
if (! empty($nfw_['nfw_options']['disallow_mods']) ) {
|
166 |
+
define('DISALLOW_FILE_MODS', true);
|
167 |
+
}
|
168 |
+
|
169 |
+
$nfw_['a_msg'] = '';
|
170 |
+
if ( strpos($_SERVER['SCRIPT_NAME'], '/plugins.php' ) !== FALSE ) {
|
171 |
+
if ( isset( $_REQUEST['action2'] )) {
|
172 |
+
if ( (! isset( $_REQUEST['action'] )) || ( $_REQUEST['action'] == '-1') ) {
|
173 |
+
$_REQUEST['action'] = $_REQUEST['action2'];
|
174 |
+
}
|
175 |
+
$_REQUEST['action2'] = '-1';
|
176 |
+
}
|
177 |
+
if ( isset( $_REQUEST['action'] ) ) {
|
178 |
+
if ( $_REQUEST['action'] == 'update-selected' ) {
|
179 |
+
if (! empty( $_POST['checked'] ) ) {
|
180 |
+
$nfw_['a_msg'] = '1:4:' . @implode(", ", $_POST['checked']);
|
181 |
+
}
|
182 |
+
} elseif ( $_REQUEST['action'] == 'activate' ) {
|
183 |
+
$nfw_['a_msg'] = '1:3:' . @$_REQUEST['plugin'];
|
184 |
+
} elseif ( $_REQUEST['action'] == 'activate-selected' ) {
|
185 |
+
if (! empty( $_POST['checked'] ) ) {
|
186 |
+
$nfw_['a_msg'] = '1:3:' . @implode(", ", $_POST['checked']);
|
187 |
+
}
|
188 |
+
} elseif ( $_REQUEST['action'] == 'deactivate' ) {
|
189 |
+
$nfw_['a_msg'] = '1:5:' . @$_REQUEST['plugin'];
|
190 |
+
} elseif ( ( $_REQUEST['action'] == 'deactivate-selected' ) ){
|
191 |
+
if (! empty( $_POST['checked'] ) ) {
|
192 |
+
$nfw_['a_msg'] = '1:5:' . @implode(", ", $_POST['checked']);
|
193 |
+
}
|
194 |
+
} elseif ( ( $_REQUEST['action'] == 'delete-selected' ) &&
|
195 |
+
( isset($_REQUEST['verify-delete'])) ) {
|
196 |
+
if (! empty( $_POST['checked'] ) ) {
|
197 |
+
$nfw_['a_msg'] = '1:6:' . @implode(", ", $_POST['checked']);
|
198 |
+
}
|
199 |
+
}
|
200 |
+
}
|
201 |
+
} elseif ( strpos($_SERVER['SCRIPT_NAME'], '/themes.php' ) !== FALSE ) {
|
202 |
+
if ( isset( $_GET['action'] ) ) {
|
203 |
+
if ( $_GET['action'] == 'activate' ) {
|
204 |
+
$nfw_['a_msg'] = '2:3:' . @$_GET['stylesheet'];
|
205 |
+
} elseif ( $_GET['action'] == 'delete' ) {
|
206 |
+
$nfw_['a_msg'] = '2:4:' . @$_GET['stylesheet'];
|
207 |
+
}
|
208 |
+
}
|
209 |
+
} elseif ( strpos($_SERVER['SCRIPT_NAME'], '/update.php' ) !== FALSE ) {
|
210 |
+
if ( isset( $_GET['action'] ) ) {
|
211 |
+
if ( $_REQUEST['action'] == 'update-selected' ) {
|
212 |
+
if (! empty( $_POST['checked'] ) ) {
|
213 |
+
$nfw_['a_msg'] = '1:4:' . @implode(", ", $_POST['checked']);
|
214 |
+
}
|
215 |
+
} elseif ( $_GET['action'] == 'upgrade-plugin' ) {
|
216 |
+
$nfw_['a_msg'] = '1:4:' . @$_REQUEST['plugin'];
|
217 |
+
} elseif ( $_GET['action'] == 'activate-plugin' ) {
|
218 |
+
$nfw_['a_msg'] = '1:3:' . @$_GET['plugin'];
|
219 |
+
} elseif ( $_GET['action'] == 'install-plugin' ) {
|
220 |
+
$nfw_['a_msg'] = '1:2:' . @$_REQUEST['plugin'];
|
221 |
+
} elseif ( $_GET['action'] == 'upload-plugin' ) {
|
222 |
+
$nfw_['a_msg'] = '1:1:' . @$_FILES['pluginzip']['name'];
|
223 |
+
} elseif ( $_GET['action'] == 'install-theme' ) {
|
224 |
+
$nfw_['a_msg'] = '2:2:' . @$_REQUEST['theme'];
|
225 |
+
} elseif ( $_GET['action'] == 'upload-theme' ) {
|
226 |
+
$nfw_['a_msg'] = '2:1:' . @$_FILES['themezip']['name'];
|
227 |
+
}
|
228 |
+
}
|
229 |
+
} elseif ( strpos($_SERVER['SCRIPT_NAME'], '/admin-ajax.php' ) !== FALSE ) {
|
230 |
+
if ( isset( $_REQUEST['action']) && $_REQUEST['action'] == 'update-plugin' ) {
|
231 |
+
if (! empty($_REQUEST['plugin']) ) {
|
232 |
+
$nfw_['a_msg'] = '1:4:' . @$_REQUEST['plugin'];
|
233 |
+
}
|
234 |
+
}
|
235 |
+
if ( isset( $_REQUEST['action']) && $_REQUEST['action'] == 'delete-plugin' ) {
|
236 |
+
if (! empty($_REQUEST['plugin']) ) {
|
237 |
+
$nfw_['a_msg'] = '1:6:' . @$_REQUEST['plugin'];
|
238 |
+
}
|
239 |
+
}
|
240 |
+
|
241 |
+
} elseif ( strpos($_SERVER['SCRIPT_NAME'], '/update-core.php' ) !== FALSE ) {
|
242 |
+
if ( isset( $_GET['action'] ) ) {
|
243 |
+
if ( $_GET['action'] == 'do-plugin-upgrade' ) {
|
244 |
+
if (! empty( $_POST['checked'] ) ) {
|
245 |
+
$nfw_['a_msg'] = '1:4:' . @implode(", ", $_POST['checked']);
|
246 |
+
}
|
247 |
+
} elseif ( $_GET['action'] == 'do-core-upgrade' ) {
|
248 |
+
$nfw_['a_msg'] = '3:1:' . @$_POST['version'];
|
249 |
+
}
|
250 |
+
}
|
251 |
+
}
|
252 |
+
if ( $nfw_['a_msg'] ) {
|
253 |
+
define('NFW_ALERT', $nfw_['a_msg']);
|
254 |
+
}
|
255 |
+
|
256 |
+
nfw_check_ip();
|
257 |
+
|
258 |
+
nfw_check_session();
|
259 |
+
if (! empty($_SESSION['nfw_goodguy']) ) {
|
260 |
+
|
261 |
+
if (! empty($_SESSION['nfw_livelog']) && isset($_POST['livecls']) && isset($_POST['lines'])) {
|
262 |
+
include 'fw_livelog.php';
|
263 |
+
fw_livelog_show();
|
264 |
+
}
|
265 |
+
|
266 |
+
if (! $nfw_['result'] = @$nfw_['mysqli']->query('SELECT * FROM `' . $nfw_['mysqli']->real_escape_string($nfw_['table_prefix']) . "options` WHERE `option_name` = 'nfw_rules'")) {
|
267 |
+
define( 'NFW_STATUS', 7 );
|
268 |
+
$nfw_['mysqli']->close();
|
269 |
+
unset($nfw_);
|
270 |
+
return;
|
271 |
+
}
|
272 |
+
if (! $nfw_['rules'] = @$nfw_['result']->fetch_object() ) {
|
273 |
+
define( 'NFW_STATUS', 8 );
|
274 |
+
$nfw_['mysqli']->close();
|
275 |
+
unset($nfw_);
|
276 |
+
return;
|
277 |
+
}
|
278 |
+
if (! $nfw_['nfw_rules'] = @unserialize($nfw_['rules']->option_value) ) {
|
279 |
+
$nfw_['mysqli']->close();
|
280 |
+
define( 'NFW_STATUS', 12 );
|
281 |
+
unset($nfw_);
|
282 |
+
return;
|
283 |
+
}
|
284 |
+
|
285 |
+
if (isset($nfw_['nfw_rules']['999']) ) {
|
286 |
+
$nfw_['adm_rules'] = array();
|
287 |
+
foreach ($nfw_['nfw_rules']['999'] as $key => $value) {
|
288 |
+
if (empty($nfw_['nfw_rules'][$key]['ena']) ) { continue; }
|
289 |
+
$nfw_['adm_rules'][$key] = $nfw_['nfw_rules'][$key];
|
290 |
+
}
|
291 |
+
if (! empty($nfw_['adm_rules'])) {
|
292 |
+
nfw_check_request( $nfw_['adm_rules'], $nfw_['nfw_options'] );
|
293 |
+
}
|
294 |
+
}
|
295 |
+
$nfw_['mysqli']->close();
|
296 |
+
define( 'NFW_STATUS', 20 );
|
297 |
+
unset($nfw_);
|
298 |
+
return;
|
299 |
+
}
|
300 |
+
define('NFW_SWL', 1);
|
301 |
+
|
302 |
+
if ( file_exists($nfw_['log_dir'] .'/cache/livelogrun.php')) {
|
303 |
+
include 'fw_livelog.php';
|
304 |
+
fw_livelog_record();
|
305 |
+
}
|
306 |
+
|
307 |
+
if (! empty($nfw_['nfw_options']['php_errors']) ) {
|
308 |
+
@error_reporting(0);
|
309 |
+
@ini_set('display_errors', 0);
|
310 |
+
}
|
311 |
+
|
312 |
+
if (! empty($nfw_['nfw_options']['allow_local_ip']) && ! filter_var(NFW_REMOTE_ADDR, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) ) {
|
313 |
+
$nfw_['mysqli']->close();
|
314 |
+
unset($nfw_);
|
315 |
+
define( 'NFW_STATUS', 20 );
|
316 |
+
return;
|
317 |
+
}
|
318 |
+
|
319 |
+
if ( (@$nfw_['nfw_options']['scan_protocol'] == 1) && ($_SERVER['SERVER_PORT'] == 443) ) {
|
320 |
+
$nfw_['mysqli']->close();
|
321 |
+
unset($nfw_);
|
322 |
+
define( 'NFW_STATUS', 20 );
|
323 |
+
return;
|
324 |
+
}
|
325 |
+
if ( (@$nfw_['nfw_options']['scan_protocol'] == 2) && ($_SERVER['SERVER_PORT'] != 443) ) {
|
326 |
+
$nfw_['mysqli']->close();
|
327 |
+
define( 'NFW_STATUS', 20 );
|
328 |
+
unset($nfw_);
|
329 |
+
return;
|
330 |
+
}
|
331 |
+
|
332 |
+
if (! empty($nfw_['nfw_options']['fg_enable']) && ! defined('NFW_WPWAF') ) {
|
333 |
+
include 'fw_fileguard.php';
|
334 |
+
fw_fileguard();
|
335 |
+
}
|
336 |
+
|
337 |
+
if (! empty($nfw_['nfw_options']['no_host_ip']) && @filter_var(parse_url('http://'.$_SERVER['HTTP_HOST'], PHP_URL_HOST), FILTER_VALIDATE_IP) ) {
|
338 |
+
nfw_log('HTTP_HOST is an IP', $_SERVER['HTTP_HOST'], 1, 0);
|
339 |
+
nfw_block();
|
340 |
+
}
|
341 |
+
|
342 |
+
if (! empty($nfw_['nfw_options']['referer_post']) && $_SERVER['REQUEST_METHOD'] == 'POST' && ! isset($_SERVER['HTTP_REFERER']) ) {
|
343 |
+
nfw_log('POST method without Referer header', $_SERVER['REQUEST_METHOD'], 1, 0);
|
344 |
+
nfw_block();
|
345 |
+
}
|
346 |
+
|
347 |
+
if ( strpos($_SERVER['SCRIPT_NAME'], '/xmlrpc.php' ) !== FALSE ) {
|
348 |
+
if (! empty($nfw_['nfw_options']['no_xmlrpc']) ) {
|
349 |
+
nfw_log('Access to WordPress XML-RPC API', $_SERVER['SCRIPT_NAME'], 2, 0);
|
350 |
+
nfw_block();
|
351 |
+
}
|
352 |
+
if ( $_SERVER['REQUEST_METHOD'] == 'POST' ) {
|
353 |
+
if (! isset( $HTTP_RAW_POST_DATA ) ) {
|
354 |
+
@$HTTP_RAW_POST_DATA = file_get_contents( 'php://input' );
|
355 |
+
}
|
356 |
+
|
357 |
+
if (! empty($nfw_['nfw_options']['no_xmlrpc_multi']) ) {
|
358 |
+
|
359 |
+
if ( @strpos( $HTTP_RAW_POST_DATA, '<methodName>system.multicall</methodName>') !== FALSE ) {
|
360 |
+
nfw_log('Access to WordPress XML-RPC API (system.multicall method)', $_SERVER['SCRIPT_NAME'], 2, 0);
|
361 |
+
nfw_block();
|
362 |
+
}
|
363 |
+
}
|
364 |
+
|
365 |
+
if (! empty($nfw_['nfw_options']['no_xmlrpc_pingback']) ) {
|
366 |
+
|
367 |
+
if ( @strpos( $HTTP_RAW_POST_DATA, '<methodName>pingback.ping</methodName>') !== FALSE ) {
|
368 |
+
nfw_log('Access to WordPress XML-RPC API (pingback.ping)', $_SERVER['SCRIPT_NAME'], 2, 0);
|
369 |
+
nfw_block();
|
370 |
+
}
|
371 |
+
}
|
372 |
+
}
|
373 |
+
}
|
374 |
+
if (! empty($nfw_['nfw_options']['no_xmlrpc_pingback']) && strpos($_SERVER['HTTP_USER_AGENT'], '; verifying pingback from ') !== FALSE) {
|
375 |
+
nfw_log('Blocked pingback verification', $_SERVER['HTTP_USER_AGENT'], 2, 0);
|
376 |
+
nfw_block();
|
377 |
+
}
|
378 |
+
|
379 |
+
if (! empty($nfw_['nfw_options']['no_post_themes']) && $_SERVER['REQUEST_METHOD'] == 'POST' && strpos($_SERVER['SCRIPT_NAME'], $nfw_['nfw_options']['no_post_themes']) !== FALSE ) {
|
380 |
+
nfw_log('POST request in the themes folder', $_SERVER['SCRIPT_NAME'], 2, 0);
|
381 |
+
nfw_block();
|
382 |
+
}
|
383 |
+
|
384 |
+
if (! empty($nfw_['nfw_options']['wp_dir']) && preg_match( '`' . $nfw_['nfw_options']['wp_dir'] . '`', $_SERVER['SCRIPT_NAME']) ) {
|
385 |
+
nfw_log('Forbidden direct access to PHP script', $_SERVER['SCRIPT_NAME'], 2, 0);
|
386 |
+
nfw_block();
|
387 |
+
}
|
388 |
+
|
389 |
+
nfw_check_upload();
|
390 |
+
|
391 |
+
if (! $nfw_['result'] = @$nfw_['mysqli']->query('SELECT * FROM `' . $nfw_['mysqli']->real_escape_string($nfw_['table_prefix']) . "options` WHERE `option_name` = 'nfw_rules'")) {
|
392 |
+
define( 'NFW_STATUS', 7 );
|
393 |
+
$nfw_['mysqli']->close();
|
394 |
+
unset($nfw_);
|
395 |
+
return;
|
396 |
+
}
|
397 |
+
|
398 |
+
if (! $nfw_['rules'] = @$nfw_['result']->fetch_object() ) {
|
399 |
+
define( 'NFW_STATUS', 8 );
|
400 |
+
$nfw_['mysqli']->close();
|
401 |
+
unset($nfw_);
|
402 |
+
return;
|
403 |
+
}
|
404 |
+
$nfw_['result']->close();
|
405 |
+
|
406 |
+
if (! $nfw_['nfw_rules'] = @unserialize($nfw_['rules']->option_value) ) {
|
407 |
+
$nfw_['mysqli']->close();
|
408 |
+
define( 'NFW_STATUS', 12 );
|
409 |
+
unset($nfw_);
|
410 |
+
return;
|
411 |
+
}
|
412 |
+
|
413 |
+
nfw_check_request( $nfw_['nfw_rules'], $nfw_['nfw_options'] );
|
414 |
+
|
415 |
+
if (! empty($nfw_['nfw_options']['get_sanitise']) && ! empty($_GET) ){
|
416 |
+
$_GET = nfw_sanitise( $_GET, 1, 'GET');
|
417 |
+
}
|
418 |
+
if (! empty($nfw_['nfw_options']['post_sanitise']) && ! empty($_POST) ){
|
419 |
+
$_POST = nfw_sanitise( $_POST, 1, 'POST');
|
420 |
+
}
|
421 |
+
if (! empty($nfw_['nfw_options']['request_sanitise']) && ! empty($_REQUEST) ){
|
422 |
+
$_REQUEST = nfw_sanitise( $_REQUEST, 1, 'REQUEST');
|
423 |
+
}
|
424 |
+
if (! empty($nfw_['nfw_options']['cookies_sanitise']) && ! empty($_COOKIE) ) {
|
425 |
+
$_COOKIE = nfw_sanitise( $_COOKIE, 3, 'COOKIE');
|
426 |
+
}
|
427 |
+
if (! empty($nfw_['nfw_options']['ua_sanitise']) && ! empty($_SERVER['HTTP_USER_AGENT']) ) {
|
428 |
+
$_SERVER['HTTP_USER_AGENT'] = nfw_sanitise( $_SERVER['HTTP_USER_AGENT'], 1, 'HTTP_USER_AGENT');
|
429 |
+
}
|
430 |
+
if (! empty($nfw_['nfw_options']['referer_sanitise']) && ! empty($_SERVER['HTTP_REFERER']) ) {
|
431 |
+
$_SERVER['HTTP_REFERER'] = nfw_sanitise( $_SERVER['HTTP_REFERER'], 1, 'HTTP_REFERER');
|
432 |
+
}
|
433 |
+
if (! empty($nfw_['nfw_options']['php_path_i']) && ! empty($_SERVER['PATH_INFO']) ) {
|
434 |
+
$_SERVER['PATH_INFO'] = nfw_sanitise( $_SERVER['PATH_INFO'], 2, 'PATH_INFO');
|
435 |
+
}
|
436 |
+
if (! empty($nfw_['nfw_options']['php_path_t']) && ! empty($_SERVER['PATH_TRANSLATED']) ) {
|
437 |
+
$_SERVER['PATH_TRANSLATED'] = nfw_sanitise( $_SERVER['PATH_TRANSLATED'], 2, 'PATH_TRANSLATED');
|
438 |
+
}
|
439 |
+
if (! empty($nfw_['nfw_options']['php_self']) && ! empty($_SERVER['PHP_SELF']) ) {
|
440 |
+
$_SERVER['PHP_SELF'] = nfw_sanitise( $_SERVER['PHP_SELF'], 2, 'PHP_SELF');
|
441 |
+
}
|
442 |
+
|
443 |
+
@$nfw_['mysqli']->close();
|
444 |
+
define( 'NFW_STATUS', 20 );
|
445 |
+
unset($nfw_);
|
446 |
+
return;
|
447 |
+
|
448 |
+
// =====================================================================
|
449 |
+
|
450 |
+
function nfw_check_session() {
|
451 |
+
|
452 |
+
if (version_compare(PHP_VERSION, '5.4', '<') ) {
|
453 |
+
if (session_id() ) return;
|
454 |
+
} else {
|
455 |
+
if (session_status() === PHP_SESSION_ACTIVE) return;
|
456 |
+
}
|
457 |
+
|
458 |
+
@ini_set('session.cookie_httponly', 1);
|
459 |
+
@ini_set('session.use_only_cookies', 1);
|
460 |
+
if ($_SERVER['SERVER_PORT'] == 443) {
|
461 |
+
@ini_set('session.cookie_secure', 1);
|
462 |
+
}
|
463 |
+
session_start();
|
464 |
+
}
|
465 |
+
|
466 |
+
// =====================================================================
|
467 |
+
|
468 |
+
function nfw_check_ip() {
|
469 |
+
|
470 |
+
if ( defined('NFW_REMOTE_ADDR') ) { return; }
|
471 |
+
|
472 |
+
global $nfw_;
|
473 |
+
|
474 |
+
if (strpos($_SERVER['REMOTE_ADDR'], ',') !== false) {
|
475 |
+
// Ensure we have a proper and single IP (a user may use the .htninja file
|
476 |
+
// to redirect HTTP_X_FORWARDED_FOR, which may contain more than one IP,
|
477 |
+
// to REMOTE_ADDR):
|
478 |
+
$nfw_['match'] = array_map('trim', @explode(',', $_SERVER['REMOTE_ADDR']));
|
479 |
+
foreach($nfw_['match'] as $nfw_['m']) {
|
480 |
+
if ( filter_var($nfw_['m'], FILTER_VALIDATE_IP) ) {
|
481 |
+
define( 'NFW_REMOTE_ADDR', $nfw_['m']);
|
482 |
+
break;
|
483 |
+
}
|
484 |
+
}
|
485 |
+
}
|
486 |
+
if (! defined('NFW_REMOTE_ADDR') ) {
|
487 |
+
define('NFW_REMOTE_ADDR', htmlspecialchars($_SERVER['REMOTE_ADDR']) );
|
488 |
+
}
|
489 |
+
}
|
490 |
+
|
491 |
+
// =====================================================================
|
492 |
+
|
493 |
+
function nfw_check_upload() {
|
494 |
+
|
495 |
+
if ( defined('NFW_STATUS') ) { return; }
|
496 |
+
|
497 |
+
global $nfw_;
|
498 |
+
|
499 |
+
$f_uploaded = array();
|
500 |
+
$f_uploaded = nfw_fetch_uploads();
|
501 |
+
$tmp = '';
|
502 |
+
if ( empty($nfw_['nfw_options']['uploads']) ) {
|
503 |
+
$tmp = '';
|
504 |
+
foreach ($f_uploaded as $key => $value) {
|
505 |
+
if (! $f_uploaded[$key]['name']) { continue; }
|
506 |
+
$tmp .= $f_uploaded[$key]['name'] . ' (' . number_format($f_uploaded[$key]['size']) . ' bytes) ';
|
507 |
+
}
|
508 |
+
if ( $tmp ) {
|
509 |
+
nfw_log('Blocked file upload attempt', rtrim($tmp, ' '), 3, 0);
|
510 |
+
nfw_block();
|
511 |
+
}
|
512 |
+
} else {
|
513 |
+
foreach ($f_uploaded as $key => $value) {
|
514 |
+
if (! $f_uploaded[$key]['name']) { continue; }
|
515 |
+
|
516 |
+
if ( $f_uploaded[$key]['size'] > 67 && $f_uploaded[$key]['size'] < 129 ) {
|
517 |
+
$data = file_get_contents( $f_uploaded[$key]['tmp_name'] );
|
518 |
+
if ( preg_match('`^X5O!P%@AP' . '\[4\\\PZX54\(P\^\)7CC\)7}\$EIC' .
|
519 |
+
'AR-STANDARD-ANTIVI' . 'RUS-TEST-FILE!\$H' . '\+H\*' .
|
520 |
+
'[\x09\x10\x13\x20\x1A]*`', $data) ) {
|
521 |
+
nfw_log('EICAR Standard Anti-Virus Test File blocked', $f_uploaded[$key]['name'] . ' (' . number_format($f_uploaded[$key]['size']) . ' bytes)', 3, 0);
|
522 |
+
nfw_block();
|
523 |
+
}
|
524 |
+
}
|
525 |
+
|
526 |
+
if (! defined('NFW_NO_MIMECHECK') && isset( $f_uploaded[$key]['type'] ) && ! preg_match('/\/.*\bphp\d?\b/i', $f_uploaded[$key]['type']) &&
|
527 |
+
preg_match('/\.ph(?:p([34x7]|5\d?)?|t(ml)?)(?:\.|$)/', $f_uploaded[$key]['name']) ) {
|
528 |
+
nfw_log('Blocked file upload attempt (MIME-type mismatch)', $f_uploaded[$key]['type'] .' != '. $f_uploaded[$key]['name'], 3, 0);
|
529 |
+
nfw_block();
|
530 |
+
}
|
531 |
+
|
532 |
+
|
533 |
+
if (! empty($nfw_['nfw_options']['sanitise_fn']) ) {
|
534 |
+
if ( empty( $nfw_['nfw_options']['substitute'] ) ) {
|
535 |
+
$nfw_['nfw_options']['substitute'] = 'X';
|
536 |
+
}
|
537 |
+
$tmp = '';
|
538 |
+
$f_uploaded_name = $f_uploaded[$key]['name'];
|
539 |
+
$f_uploaded[$key]['name'] = preg_replace('/[^\w\.\-]/i', $nfw_['nfw_options']['substitute'], $f_uploaded[$key]['name'], -1, $count);
|
540 |
+
|
541 |
+
if ($count) {
|
542 |
+
$tmp = ' (sanitising '. $count . ' char. from filename)';
|
543 |
+
$_FILES = nfw_sanitize_filename( $_FILES, $f_uploaded_name, $f_uploaded[$key]['name'] );
|
544 |
+
}
|
545 |
+
|
546 |
+
}
|
547 |
+
nfw_log('File upload detected, no action taken' . $tmp , $f_uploaded[$key]['name'] . ' (' . number_format($f_uploaded[$key]['size']) . ' bytes)', 5, 0);
|
548 |
+
}
|
549 |
+
}
|
550 |
+
}
|
551 |
+
|
552 |
+
// =====================================================================
|
553 |
+
|
554 |
+
function nfw_fetch_uploads() {
|
555 |
+
|
556 |
+
global $file_buffer, $upload_array, $prop_key;
|
557 |
+
$upload_array = array();
|
558 |
+
|
559 |
+
foreach( $_FILES as $f_key => $f_value ) {
|
560 |
+
|
561 |
+
foreach( $f_value as $prop_key => $prop_value ) {
|
562 |
+
|
563 |
+
// Fetch all but 'error':
|
564 |
+
if (! in_array( $prop_key, array( 'name', 'type', 'tmp_name', 'size' ) ) ) { continue; }
|
565 |
+
|
566 |
+
$file_buffer = $f_key;
|
567 |
+
|
568 |
+
if ( is_array( $_FILES[$f_key][$prop_key] ) ) {
|
569 |
+
nfw_recursive_upload( $_FILES[$f_key][$prop_key] );
|
570 |
+
} else {
|
571 |
+
if (! empty( $_FILES[$f_key][$prop_key] ) ) {
|
572 |
+
$upload_array[$f_key][$prop_key] = $_FILES[$f_key][$prop_key];
|
573 |
+
}
|
574 |
+
}
|
575 |
+
}
|
576 |
+
}
|
577 |
+
return $upload_array;
|
578 |
+
}
|
579 |
+
|
580 |
+
// =====================================================================
|
581 |
+
|
582 |
+
function nfw_recursive_upload( $data ) {
|
583 |
+
|
584 |
+
global $file_buffer, $upload_array, $prop_key;
|
585 |
+
|
586 |
+
foreach( $data as $data_key => $data_value ) {
|
587 |
+
if ( is_array( $data_value ) ) {
|
588 |
+
$file_buffer .= "_{$data_key}";
|
589 |
+
nfw_recursive_upload( $data_value );
|
590 |
+
} else {
|
591 |
+
if ( empty( $data_value ) ) { continue; }
|
592 |
+
$upload_array["{$file_buffer}_{$data_key}"][$prop_key] = $data_value;
|
593 |
+
}
|
594 |
+
}
|
595 |
+
}
|
596 |
+
|
597 |
+
// =====================================================================
|
598 |
+
|
599 |
+
function nfw_sanitize_filename( $array, $key, $value ) {
|
600 |
+
|
601 |
+
array_walk_recursive(
|
602 |
+
$array, function( &$v, $k ) use ( $key, $value ) {
|
603 |
+
if (! empty( $v ) && $v == $key ) { $v = $value; }
|
604 |
+
}
|
605 |
+
);
|
606 |
+
return $array;
|
607 |
+
}
|
608 |
+
|
609 |
+
// =====================================================================
|
610 |
+
|
611 |
+
function nfw_check_request( $nfw_rules, $nfw_options ) {
|
612 |
+
|
613 |
+
if ( defined('NFW_STATUS') ) { return; }
|
614 |
+
|
615 |
+
global $nfw_, $HTTP_RAW_POST_DATA;
|
616 |
+
|
617 |
+
foreach ( $nfw_rules as $id => $rules ) {
|
618 |
+
|
619 |
+
if ( empty( $rules['ena']) ) { continue; }
|
620 |
+
|
621 |
+
$wherelist = explode('|', $rules['cha'][1]['whe']);
|
622 |
+
|
623 |
+
foreach ($wherelist as $where) {
|
624 |
+
|
625 |
+
if ( nfw_disabled_scan( $where, $nfw_options ) ) { continue; }
|
626 |
+
|
627 |
+
// =================================================================
|
628 |
+
if ( $where == 'RAW' ) {
|
629 |
+
if (! isset( $HTTP_RAW_POST_DATA ) ) {
|
630 |
+
@$HTTP_RAW_POST_DATA = file_get_contents( 'php://input' );
|
631 |
+
}
|
632 |
+
|
633 |
+
if ( nfw_matching( 'RAW', $_SERVER['REQUEST_METHOD'], $nfw_rules, $rules, 1, $id, $HTTP_RAW_POST_DATA, $nfw_options ) ) {
|
634 |
+
nfw_check_subrule( 'RAW', $_SERVER['REQUEST_METHOD'], $nfw_rules, $nfw_options, $rules, $id );
|
635 |
+
}
|
636 |
+
continue;
|
637 |
+
}
|
638 |
+
|
639 |
+
// =================================================================
|
640 |
+
if ( $where == 'POST' || $where == 'GET' || $where == 'COOKIE' ||
|
641 |
+
$where == 'SERVER' || $where == 'REQUEST' || $where == 'FILES' ||
|
642 |
+
$where == 'SESSION'
|
643 |
+
) {
|
644 |
+
|
645 |
+
if ( empty($GLOBALS['_' . $where]) ) {continue;}
|
646 |
+
|
647 |
+
foreach ($GLOBALS['_' . $where] as $key => $val) {
|
648 |
+
|
649 |
+
if ( nfw_matching( $where, $key, $nfw_rules, $rules, 1, $id, null, $nfw_options ) ) {
|
650 |
+
nfw_check_subrule( $where, $key, $nfw_rules, $nfw_options, $rules, $id );
|
651 |
+
}
|
652 |
+
|
653 |
+
}
|
654 |
+
continue;
|
655 |
+
}
|
656 |
+
|
657 |
+
// =================================================================
|
658 |
+
|
659 |
+
if ( isset( $_SERVER[$where] ) ) {
|
660 |
+
|
661 |
+
if ( nfw_matching( 'SERVER', $where, $nfw_rules, $rules, 1, $id, null, $nfw_options ) ) {
|
662 |
+
nfw_check_subrule( 'SERVER', $where, $nfw_rules, $nfw_options, $rules, $id );
|
663 |
+
}
|
664 |
+
continue;
|
665 |
+
}
|
666 |
+
|
667 |
+
// =================================================================
|
668 |
+
|
669 |
+
$w = explode(':', $where);
|
670 |
+
|
671 |
+
if ( empty($w[1]) || ! isset( $GLOBALS['_'.$w[0]][$w[1]] ) || nfw_disabled_scan( $w[0], $nfw_options ) ) {
|
672 |
+
continue;
|
673 |
+
}
|
674 |
+
|
675 |
+
if ( nfw_matching( $w[0], $w[1], $nfw_rules, $rules, 1, $id, null, $nfw_options ) ) {
|
676 |
+
nfw_check_subrule( $w[0], $w[1], $nfw_rules, $nfw_options, $rules, $id );
|
677 |
+
}
|
678 |
+
|
679 |
+
// =================================================================
|
680 |
+
|
681 |
+
}
|
682 |
+
|
683 |
+
}
|
684 |
+
|
685 |
+
}
|
686 |
+
|
687 |
+
// =====================================================================
|
688 |
+
|
689 |
+
function nfw_check_subrule( $w0, $w1, $nfw_rules, $nfw_options, $rules, $id ) {
|
690 |
+
|
691 |
+
if ( isset( $rules['cha'][1]['cap'] ) ) {
|
692 |
+
nfw_matching( $w0, $w1, $nfw_rules, $rules, 2, $id, null, $nfw_options );
|
693 |
+
|
694 |
+
} else {
|
695 |
+
$w = explode(':', $rules['cha'][2]['whe']);
|
696 |
+
|
697 |
+
if (! isset( $w[1] ) ) {
|
698 |
+
|
699 |
+
if ( $w[0] == 'RAW' ) {
|
700 |
+
if ( nfw_disabled_scan( 'POST', $nfw_options) && $_SERVER['REQUEST_METHOD'] == 'POST' ) {
|
701 |
+
return;
|
702 |
+
}
|
703 |
+
global $HTTP_RAW_POST_DATA;
|
704 |
+
if (! isset( $HTTP_RAW_POST_DATA ) ) {
|
705 |
+
@$HTTP_RAW_POST_DATA = file_get_contents( 'php://input' );
|
706 |
+
}
|
707 |
+
nfw_matching( $_SERVER['REQUEST_METHOD'], 'RAW', $nfw_rules, $rules, 2, $id, $HTTP_RAW_POST_DATA, $nfw_options );
|
708 |
+
return;
|
709 |
+
}
|
710 |
+
$w[2] = $w[1] = $w[0];
|
711 |
+
$w[0] = 'SERVER';
|
712 |
+
} else {
|
713 |
+
$w[2] = null;
|
714 |
+
}
|
715 |
+
|
716 |
+
if (! isset( $GLOBALS['_'.$w[0]][$w[1]] ) ) {
|
717 |
+
return;
|
718 |
+
}
|
719 |
+
|
720 |
+
if ( nfw_disabled_scan( $w[0], $nfw_options, $w[2] ) ) {
|
721 |
+
return;
|
722 |
+
} else {
|
723 |
+
nfw_matching( $w[0], $w[1], $nfw_rules, $rules, 2, $id, null, $nfw_options);
|
724 |
+
}
|
725 |
+
}
|
726 |
+
|
727 |
+
}
|
728 |
+
|
729 |
+
// =====================================================================
|
730 |
+
|
731 |
+
function nfw_disabled_scan( $where, $nfw_options, $extra = null ) {
|
732 |
+
|
733 |
+
if ( $extra ) { $where = $extra; }
|
734 |
+
|
735 |
+
if ( $where == 'POST' && empty($nfw_options['post_scan']) ||
|
736 |
+
$where == 'GET' && empty($nfw_options['get_scan']) ||
|
737 |
+
$where == 'COOKIE' && empty($nfw_options['cookies_scan']) ||
|
738 |
+
$where == 'HTTP_USER_AGENT' && empty($nfw_options['ua_scan']) ||
|
739 |
+
$where == 'HTTP_REFERER' && empty($nfw_options['referer_scan'])
|
740 |
+
) {
|
741 |
+
return 1;
|
742 |
+
}
|
743 |
+
return 0;
|
744 |
+
}
|
745 |
+
|
746 |
+
// =====================================================================
|
747 |
+
|
748 |
+
function nfw_matching( $where, $key, $nfw_rules, $rules, $subid, $id, $RAW_POST = null, $nfw_options ) {
|
749 |
+
|
750 |
+
global $nfw_;
|
751 |
+
|
752 |
+
if ( isset( $RAW_POST ) ) {
|
753 |
+
$val = $RAW_POST;
|
754 |
+
} else {
|
755 |
+
$val = $GLOBALS['_'.$where][$key];
|
756 |
+
}
|
757 |
+
|
758 |
+
if ( is_array($val) ) {
|
759 |
+
if ( isset( $nfw_['flattened'][$where][$key] ) ) {
|
760 |
+
$val = $nfw_['flattened'][$where][$key];
|
761 |
+
} else {
|
762 |
+
$val = nfw_flatten( ' ', $val );
|
763 |
+
$nfw_['flattened'][$where][$key] = $val;
|
764 |
+
}
|
765 |
+
}
|
766 |
+
|
767 |
+
if ( $where == 'POST' && ! empty($nfw_options['post_b64']) && ! isset($nfw_['b64'][$where][$key]) && $val ) {
|
768 |
+
nfw_check_b64($key, $val);
|
769 |
+
$nfw_['b64'][$where][$key] = 1;
|
770 |
+
}
|
771 |
+
|
772 |
+
if ( isset( $rules['cha'][$subid]['exe'] ) ) {
|
773 |
+
$val = @$rules['cha'][$subid]['exe']($val);
|
774 |
+
}
|
775 |
+
|
776 |
+
$t = '';
|
777 |
+
|
778 |
+
if ( isset( $rules['cha'][$subid]['nor'] ) ) {
|
779 |
+
$t .= 'N';
|
780 |
+
if ( isset( $nfw_[$t][$where][$key] ) && ! isset( $rules['cha'][$subid]['exe'] ) ) {
|
781 |
+
$val = $nfw_[$t][$where][$key];
|
782 |
+
} else {
|
783 |
+
$val = nfw_normalize( $val, $nfw_rules );
|
784 |
+
if (! isset( $rules['cha'][$subid]['exe']) ) {
|
785 |
+
$nfw_[$t][$where][$key] = $val;
|
786 |
+
}
|
787 |
+
}
|
788 |
+
}
|
789 |
+
|
790 |
+
if ( isset( $rules['cha'][$subid]['tra'] ) ) {
|
791 |
+
$t .= 'T' . $rules['cha'][$subid]['tra'];
|
792 |
+
if ( isset( $nfw_[$t][$where][$key] ) && ! isset( $rules['cha'][$subid]['exe'] ) ) {
|
793 |
+
$val = $nfw_[$t][$where][$key];
|
794 |
+
} else {
|
795 |
+
$val = nfw_transform_string( $val, $rules['cha'][$subid]['tra'] );
|
796 |
+
if (! isset( $rules['cha'][$subid]['exe']) ) {
|
797 |
+
$nfw_[$t][$where][$key] = $val;
|
798 |
+
}
|
799 |
+
}
|
800 |
+
}
|
801 |
+
if ( empty( $rules['cha'][$subid]['noc']) ) {
|
802 |
+
$t .= 'C';
|
803 |
+
if ( isset( $nfw_[$t][$where][$key] ) && ! isset( $rules['cha'][$subid]['exe'] ) ) {
|
804 |
+
$val = $nfw_[$t][$where][$key];
|
805 |
+
} else {
|
806 |
+
$val = nfw_compress_string( $val );
|
807 |
+
if (! isset( $rules['cha'][$subid]['exe']) ) {
|
808 |
+
$nfw_[$t][$where][$key] = $val;
|
809 |
+
}
|
810 |
+
}
|
811 |
+
}
|
812 |
+
|
813 |
+
if ( nfw_operator( $val, $rules['cha'][$subid]['wha'], $rules['cha'][$subid]['ope'] ) ) {
|
814 |
+
if ( isset( $rules['cha'][$subid+1]) ) {
|
815 |
+
return 1;
|
816 |
+
} else {
|
817 |
+
if ( isset( $nfw_['flattened'][$where][$key] ) ) {
|
818 |
+
nfw_log($rules['why'], $where .':' . $key . ' = ' . $nfw_['flattened'][$where][$key], $rules['lev'], $id);
|
819 |
+
} elseif ( isset( $RAW_POST ) ) {
|
820 |
+
nfw_log($rules['why'], $where .':' . $key . ' = ' . $RAW_POST, $rules['lev'], $id);
|
821 |
+
} else {
|
822 |
+
nfw_log($rules['why'], $where .':' . $key . ' = ' . $GLOBALS['_'.$where][$key], $rules['lev'], $id);
|
823 |
+
}
|
824 |
+
nfw_block();
|
825 |
+
}
|
826 |
+
}
|
827 |
+
return 0;
|
828 |
+
}
|
829 |
+
|
830 |
+
// =====================================================================
|
831 |
+
|
832 |
+
function nfw_operator( $val, $what, $op ) {
|
833 |
+
|
834 |
+
if ( $op == 2 ) {
|
835 |
+
if ( $val != $what ) {
|
836 |
+
return true;
|
837 |
+
}
|
838 |
+
} elseif ( $op == 3 ) {
|
839 |
+
if ( strpos($val, $what) !== FALSE ) {
|
840 |
+
return true;
|
841 |
+
}
|
842 |
+
} elseif ( $op == 4 ) {
|
843 |
+
if ( stripos($val, $what) !== FALSE ) {
|
844 |
+
return true;
|
845 |
+
}
|
846 |
+
} elseif ( $op == 5 ) {
|
847 |
+
if ( preg_match("`$what`", $val ) ) {
|
848 |
+
return true;
|
849 |
+
}
|
850 |
+
} elseif ( $op == 6 ) {
|
851 |
+
if (! preg_match("`$what`", $val) ) {
|
852 |
+
return true;
|
853 |
+
}
|
854 |
+
} elseif ( $op == 7 ) {
|
855 |
+
return true;
|
856 |
+
|
857 |
+
} elseif ( $op == 8 ) {
|
858 |
+
if ( strpos($val, $what) === FALSE ) {
|
859 |
+
return true;
|
860 |
+
}
|
861 |
+
} elseif ( $op == 9 ) {
|
862 |
+
if ( stripos($val, $what) === FALSE ) {
|
863 |
+
return true;
|
864 |
+
}
|
865 |
+
} else {
|
866 |
+
if ( $val == $what ) {
|
867 |
+
return true;
|
868 |
+
}
|
869 |
+
}
|
870 |
+
}
|
871 |
+
|
872 |
+
// =====================================================================
|
873 |
+
|
874 |
+
function nfw_normalize( $string, $nfw_rules ) {
|
875 |
+
|
876 |
+
if ( empty( $string ) ) {
|
877 |
+
return;
|
878 |
+
}
|
879 |
+
|
880 |
+
$norm = rawurldecode( $string );
|
881 |
+
if (! $norm ) {
|
882 |
+
return $string;
|
883 |
+
}
|
884 |
+
|
885 |
+
if ( preg_match('/&(?:#x0*[0-9a-f]{2}|#0*[12]?[0-9]{2}|amp|[lg]t|nbsp|quot)(?!;|\d)/i', $norm) ) {
|
886 |
+
$norm = preg_replace('/&(#x0*[0-9a-f]{2}|#0*[12]?[0-9]{2}|amp|[lg]t|nbsp|quot)(?!;|\d)/i', '&\1;', $norm);
|
887 |
+
if (! $norm ) {
|
888 |
+
return $string;
|
889 |
+
}
|
890 |
+
}
|
891 |
+
|
892 |
+
if ( preg_match('/\\\x[a-f0-9]{2}/i', $norm) ) {
|
893 |
+
$norm = preg_replace_callback('/\\\x([a-f0-9]{2})/i', 'nfw_hex2ascii', $norm);
|
894 |
+
if (! $norm ) {
|
895 |
+
return $string;
|
896 |
+
}
|
897 |
+
}
|
898 |
+
|
899 |
+
$norm = nfw_html_decode( $norm );
|
900 |
+
if (! $norm ) {
|
901 |
+
return $string;
|
902 |
+
}
|
903 |
+
|
904 |
+
if ( preg_match('/&#x?[0-9a-f]+;/i', $norm) ) {
|
905 |
+
$norm = preg_replace('/(&#x?[0-9a-f]+;)/i', '', $norm);
|
906 |
+
if (! $norm ) {
|
907 |
+
return $string;
|
908 |
+
}
|
909 |
+
}
|
910 |
+
|
911 |
+
if ( preg_match( '/(?:%|\\\)u[0-9a-f]{4}/i', $norm ) ) {
|
912 |
+
$norm = preg_replace_callback('/(?:%|\\\)(u[0-9a-f]{4})/i', 'nfw_udecode', $norm);
|
913 |
+
if (! $norm ) {
|
914 |
+
return $string;
|
915 |
+
}
|
916 |
+
}
|
917 |
+
|
918 |
+
if ( empty( $nfw_rules[2]['ena'] ) ) {
|
919 |
+
$norm = preg_replace('/\x0|%00/', '', $norm);
|
920 |
+
if (! $norm ) {
|
921 |
+
return $string;
|
922 |
+
}
|
923 |
+
}
|
924 |
+
|
925 |
+
return $norm;
|
926 |
+
}
|
927 |
+
|
928 |
+
// =====================================================================
|
929 |
+
|
930 |
+
function nfw_html_decode( $norm ) {
|
931 |
+
|
932 |
+
global $nfw_;
|
933 |
+
|
934 |
+
$nfw_['entity_in'] = array (
|
935 |
+
'	','
','!','"','"','#','$',
|
936 |
+
'%','&','&',''','(',')','*',
|
937 |
+
'*','+',',','.','/',':',';',
|
938 |
+
'<','<','=','>','>','?','@','[',
|
939 |
+
'[','\',']',']','^','_','`',
|
940 |
+
'`','{','{','|','|','|',
|
941 |
+
'}','}',' ',' ','<⃒','>⃒',"\xa0",
|
942 |
+
);
|
943 |
+
|
944 |
+
$nfw_['entity_out'] = array (
|
945 |
+
'','','!','"','"','#','$','%','&','&',"'",'(',')','*','*','+',',','.','/',
|
946 |
+
':',';','<','<','=','>','>','?','@','[','[','\\',']',']','^','_','`','`',
|
947 |
+
'{','{','|','|','|','}','}',' ',' ','','',' '
|
948 |
+
);
|
949 |
+
|
950 |
+
$normout = str_replace( $nfw_['entity_in'], $nfw_['entity_out'], $norm);
|
951 |
+
$normout = html_entity_decode( $normout, ENT_QUOTES, 'UTF-8' );
|
952 |
+
|
953 |
+
return $normout;
|
954 |
+
|
955 |
+
}
|
956 |
+
|
957 |
+
// =====================================================================
|
958 |
+
|
959 |
+
function nfw_compress_string( $string, $where = null ) {
|
960 |
+
|
961 |
+
if ( $where == 1 ) {
|
962 |
+
$replace = ' ';
|
963 |
+
} else {
|
964 |
+
$replace = '';
|
965 |
+
}
|
966 |
+
|
967 |
+
$string = str_replace( array( "\x09", "\x0a","\x0b", "\x0c", "\x0d"),
|
968 |
+
$replace, $string);
|
969 |
+
$string = trim ( preg_replace('/\x20{2,}/', ' ', $string) );
|
970 |
+
return $string;
|
971 |
+
|
972 |
+
}
|
973 |
+
|
974 |
+
// =====================================================================
|
975 |
+
|
976 |
+
function nfw_transform_string( $string, $where ) {
|
977 |
+
|
978 |
+
if ( $where == 1 ) {
|
979 |
+
$norm = trim( preg_replace_callback('((^([^a-z/&|#]*)|([\'"])(?:\\\\.|[^\n\3\\\\])*?\3|(?:[0-9a-z_$]+)|.)'.
|
980 |
+
'(?:\s|--[^\n]*+\n|/\*(?:[^*!]|\*(?!/))*+\*/)*'.
|
981 |
+
'(?:(?:\#|--(?:[\x00-\x20\x7f]|$)|/\*$)[^\n]*+\n|/\*!(?:\d{5})?|\*/|/\*(?:[^*!]|\*(?!/))*+\*/)*)si',
|
982 |
+
'nfw_delcomments1', $string . "\n") );
|
983 |
+
$norm = preg_replace('/[\'"]\x20*\+?\x20*[\'"]/', '', $norm);
|
984 |
+
$norm = strtolower( str_replace( array('+', "'", '"', "(", ')', '`', ',', ';'), ' ', $norm) );
|
985 |
+
|
986 |
+
} elseif ( $where == 2 ) {
|
987 |
+
$norm = trim( preg_replace_callback('((^|([\'"])(?:\\\\.|[^\n\2\\\\])*?\2|(?:[0-9a-z_$]+)|.)'.
|
988 |
+
'(?://[^\n]*+\n|/\*(?:[^*]|\*(?!/))*+\*/)*)si',
|
989 |
+
'nfw_delcomments2', $string . "\n") );
|
990 |
+
$norm = preg_replace( array('/[\n\r\t\f\v]/', '`/\*\s*\*/`', '/[\'"`]\x20*[+.]?\x20*[\'"`]/'),
|
991 |
+
array('', ' ', ''), $norm);
|
992 |
+
} elseif ( $where == 3 ) {
|
993 |
+
$norm = preg_replace( array('`/(\./)+`','`/{2,}`', '`/(.+?)/\.\./\1\b`', '`\n`', '`\\\`'), array('/', '/', '/\1', '', ''), $string );
|
994 |
+
}
|
995 |
+
|
996 |
+
return $norm;
|
997 |
+
|
998 |
+
}
|
999 |
+
|
1000 |
+
// =====================================================================
|
1001 |
+
|
1002 |
+
function nfw_delcomments1 ( $match ) {
|
1003 |
+
|
1004 |
+
if (! empty($match[2]) ) { return ' '; }
|
1005 |
+
if ( $match[0] != $match[1] ) {
|
1006 |
+
return $match[1]. ' ';
|
1007 |
+
}
|
1008 |
+
return $match[1];
|
1009 |
+
|
1010 |
+
}
|
1011 |
+
|
1012 |
+
function nfw_delcomments2 ( $match ) {
|
1013 |
+
|
1014 |
+
if ( $match[0] != $match[1] ) {
|
1015 |
+
return $match[1]. ' ';
|
1016 |
+
}
|
1017 |
+
return $match[1];
|
1018 |
+
|
1019 |
+
}
|
1020 |
+
|
1021 |
+
// =====================================================================
|
1022 |
+
|
1023 |
+
function nfw_udecode( $match ) {
|
1024 |
+
|
1025 |
+
return @json_decode('"\\'.$match[1].'"');
|
1026 |
+
|
1027 |
+
}
|
1028 |
+
|
1029 |
+
// =====================================================================
|
1030 |
+
|
1031 |
+
function nfw_hex2ascii( $match ) {
|
1032 |
+
|
1033 |
+
return chr( '0x'.$match[1] );
|
1034 |
+
|
1035 |
+
}
|
1036 |
+
|
1037 |
+
// =====================================================================
|
1038 |
+
|
1039 |
+
function nfw_flatten( $glue, $pieces ) {
|
1040 |
+
|
1041 |
+
if ( defined('NFW_STATUS') ) { return; }
|
1042 |
+
|
1043 |
+
$ret = array();
|
1044 |
+
|
1045 |
+
foreach ($pieces as $r_pieces) {
|
1046 |
+
if ( is_array($r_pieces)) {
|
1047 |
+
$ret[] = nfw_flatten($glue, $r_pieces);
|
1048 |
+
} else {
|
1049 |
+
if (! empty($r_pieces) ) {
|
1050 |
+
$ret[] = $r_pieces;
|
1051 |
+
}
|
1052 |
+
}
|
1053 |
+
}
|
1054 |
+
return implode($glue, $ret);
|
1055 |
+
}
|
1056 |
+
|
1057 |
+
// =====================================================================
|
1058 |
+
|
1059 |
+
function nfw_check_b64( $key, $string ) {
|
1060 |
+
|
1061 |
+
if ( defined('NFW_STATUS') || strlen($string) < 4 ) { return; }
|
1062 |
+
|
1063 |
+
$decoded = base64_decode($string);
|
1064 |
+
if ( strlen($decoded) < 4 ) { return; }
|
1065 |
+
|
1066 |
+
if ( preg_match( '`\b(?:\$?_(COOKIE|ENV|FILES|(?:GE|POS|REQUES)T|SE(RVER|SSION))|HTTP_(?:(?:POST|GET)_VARS|RAW_POST_DATA)|GLOBALS)\s*[=\[)]|\b(?i:array_map|assert|base64_(?:de|en)code|chmod|curl_exec|(?:ex|im)plode|error_reporting|eval|file(?:_get_contents)?|f(?:open|write|close)|fsockopen|function_exists|gzinflate|md5|move_uploaded_file|ob_start|passthru|[ep]reg_replace|phpinfo|stripslashes|strrev|(?:shell_)?exec|substr|system|unlink)\s*\(|\becho\s*[\'"]|<(?i:a[\s/]|applet|div|embed|i?frame(?:set)?|img|link|meta|marquee|object|script|style|textarea)\b|\W\$\{\s*[\'"]\w+[\'"]|<\?(?i:php|=)|(?i:(?:\b|\d)select\b.+?from\b.+?(?:\b|\d)where|(?:\b|\d)insert\b.+?into\b|(?:\b|\d)union\b.+?(?:\b|\d)select\b|(?:\b|\d)update\b.+?(?:\b|\d)set\b)`', $decoded) ) {
|
1067 |
+
nfw_log('BASE64-encoded injection', 'POST:' . $key . ' = ' . $string, '3', 0);
|
1068 |
+
nfw_block();
|
1069 |
+
}
|
1070 |
+
}
|
1071 |
+
|
1072 |
+
// =====================================================================
|
1073 |
+
|
1074 |
+
function nfw_sanitise( $str, $how, $msg ) {
|
1075 |
+
|
1076 |
+
if ( defined('NFW_STATUS') ) { return; }
|
1077 |
+
|
1078 |
+
if (! isset($str) ) { return null; }
|
1079 |
+
|
1080 |
+
global $nfw_;
|
1081 |
+
|
1082 |
+
if (is_string($str) ) {
|
1083 |
+
if (get_magic_quotes_gpc() ) { $str = stripslashes($str); }
|
1084 |
+
if ($how == 1) {
|
1085 |
+
$str2 = $nfw_['mysqli']->real_escape_string($str);
|
1086 |
+
$str2 = str_replace( array( '`', '<', '>'), array( '\\`', '<', '>'), $str2);
|
1087 |
+
} elseif ($how == 2) {
|
1088 |
+
$str2 = str_replace( array('\\', "'", '"', "\x0d", "\x0a", "\x00", "\x1a", '`', '<', '>'),
|
1089 |
+
array('\\\\', "\\'", '\\"', '-', '-', '-', '-', '\\`', '<', '>'), $str);
|
1090 |
+
} else {
|
1091 |
+
$str2 = str_replace( array('\\', "'", "\x00", "\x1a", '`', '<'),
|
1092 |
+
array('\\\\', "\\'", '-', '-', '\\`', '<'), $str);
|
1093 |
+
}
|
1094 |
+
if (! empty($nfw_['nfw_options']['debug']) ) {
|
1095 |
+
if ($str2 != $str) {
|
1096 |
+
nfw_log('Sanitising user input', $msg . ': ' . $str, 7, 0);
|
1097 |
+
}
|
1098 |
+
return $str;
|
1099 |
+
}
|
1100 |
+
if ($str2 != $str) {
|
1101 |
+
nfw_log('Sanitising user input', $msg . ': ' . $str, 6, 0);
|
1102 |
+
}
|
1103 |
+
return $str2;
|
1104 |
+
|
1105 |
+
} else if (is_array($str) ) {
|
1106 |
+
foreach($str as $key => $value) {
|
1107 |
+
if (get_magic_quotes_gpc() ) {$key = stripslashes($key);}
|
1108 |
+
if ($how == 3) {
|
1109 |
+
$key2 = str_replace( array('\\', "'", "\x00", "\x1a", '`', '<', '>'),
|
1110 |
+
array('\\\\', "\\'", '-', '-', '\\`', '<', '>'), $key, $occ);
|
1111 |
+
} else {
|
1112 |
+
$key2 = str_replace( array('\\', "'", '"', "\x0d", "\x0a", "\x00", "\x1a", '`', '<', '>'),
|
1113 |
+
array('\\\\', "\\'", '\\"', '-', '-', '-', '-', '`', '<', '>'), $key, $occ);
|
1114 |
+
}
|
1115 |
+
if ($occ) {
|
1116 |
+
unset($str[$key]);
|
1117 |
+
nfw_log('Sanitising user input', $msg . ': ' . $key, 6, 0);
|
1118 |
+
}
|
1119 |
+
$str[$key2] = nfw_sanitise($value, $how, $msg);
|
1120 |
+
}
|
1121 |
+
return $str;
|
1122 |
+
}
|
1123 |
+
}
|
1124 |
+
|
1125 |
+
// =====================================================================
|
1126 |
+
|
1127 |
+
function nfw_block() {
|
1128 |
+
|
1129 |
+
if ( defined('NFW_STATUS') ) { return; }
|
1130 |
+
|
1131 |
+
global $nfw_;
|
1132 |
+
|
1133 |
+
if (! empty($nfw_['nfw_options']['debug']) ) {
|
1134 |
+
return;
|
1135 |
+
}
|
1136 |
+
|
1137 |
+
@$nfw_['mysqli']->close();
|
1138 |
+
|
1139 |
+
$http_codes = array(
|
1140 |
+
400 => '400 Bad Request', 403 => '403 Forbidden',
|
1141 |
+
404 => '404 Not Found', 406 => '406 Not Acceptable',
|
1142 |
+
500 => '500 Internal Server Error', 503 => '503 Service Unavailable',
|
1143 |
+
);
|
1144 |
+
if (! isset($http_codes[$nfw_['nfw_options']['ret_code']]) ) {
|
1145 |
+
$nfw_['nfw_options']['ret_code'] = 403;
|
1146 |
+
}
|
1147 |
+
|
1148 |
+
if (empty($nfw_['num_incident']) ) { $nfw_['num_incident'] = '000000'; }
|
1149 |
+
$tmp = str_replace( '%%NUM_INCIDENT%%', $nfw_['num_incident'], base64_decode($nfw_['nfw_options']['blocked_msg']) );
|
1150 |
+
$tmp = @str_replace( '%%NINJA_LOGO%%', '<img title="NinjaFirewall" src="' . $nfw_['nfw_options']['logo'] . '" width="75" height="75">', $tmp );
|
1151 |
+
$tmp = str_replace( '%%REM_ADDRESS%%', NFW_REMOTE_ADDR, $tmp );
|
1152 |
+
|
1153 |
+
@session_destroy();
|
1154 |
+
|
1155 |
+
if (! headers_sent() ) {
|
1156 |
+
header('HTTP/1.1 ' . $http_codes[$nfw_['nfw_options']['ret_code']] );
|
1157 |
+
header('Status: ' . $http_codes[$nfw_['nfw_options']['ret_code']] );
|
1158 |
+
header('Pragma: no-cache');
|
1159 |
+
header('Cache-Control: no-cache, no-store, must-revalidate');
|
1160 |
+
header('Expires: 0');
|
1161 |
+
}
|
1162 |
+
|
1163 |
+
echo '<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">' . "\n" .
|
1164 |
+
'<html><head><title>NinjaFirewall: ' . $http_codes[$nfw_['nfw_options']['ret_code']] .
|
1165 |
+
'</title><style>body{font-family:sans-serif;font-size:13px;color:#000;}</style><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body bgcolor="white">' . $tmp . '</body></html>';
|
1166 |
+
exit;
|
1167 |
+
}
|
1168 |
+
|
1169 |
+
// =====================================================================
|
1170 |
+
|
1171 |
+
function nfw_log($loginfo, $logdata, $loglevel, $ruleid) {
|
1172 |
+
|
1173 |
+
if ( defined('NFW_STATUS') ) { return; }
|
1174 |
+
|
1175 |
+
global $nfw_;
|
1176 |
+
|
1177 |
+
$nfw_['num_incident'] = mt_rand(1000000, 9000000);
|
1178 |
+
|
1179 |
+
if ( $loglevel == 6) {
|
1180 |
+
$http_ret_code = '200';
|
1181 |
+
} else {
|
1182 |
+
if (! empty($nfw_['nfw_options']['debug']) ) {
|
1183 |
+
$loglevel = 7;
|
1184 |
+
$http_ret_code = '200';
|
1185 |
+
} else {
|
1186 |
+
$http_ret_code = $nfw_['nfw_options']['ret_code'];
|
1187 |
+
}
|
1188 |
+
}
|
1189 |
+
|
1190 |
+
if (strlen($logdata) > 200) { $logdata = mb_substr($logdata, 0, 200, 'utf-8') . '...'; }
|
1191 |
+
$res = '';
|
1192 |
+
$string = str_split($logdata);
|
1193 |
+
foreach ( $string as $char ) {
|
1194 |
+
if ( ord($char) < 32 || ord($char) > 126 ) {
|
1195 |
+
$res .= '%' . bin2hex($char);
|
1196 |
+
} else {
|
1197 |
+
$res .= $char;
|
1198 |
+
}
|
1199 |
+
}
|
1200 |
+
|
1201 |
+
if (! $tzstring = ini_get('date.timezone') ) {
|
1202 |
+
$tzstring = 'UTC';
|
1203 |
+
}
|
1204 |
+
date_default_timezone_set($tzstring);
|
1205 |
+
$cur_month = date('Y-m');
|
1206 |
+
|
1207 |
+
$stat_file = $nfw_['log_dir']. '/stats_' . $cur_month . '.php';
|
1208 |
+
$log_file = $nfw_['log_dir']. '/firewall_' . $cur_month . '.php';
|
1209 |
+
|
1210 |
+
if ( file_exists( $stat_file ) ) {
|
1211 |
+
$nfw_stat = file_get_contents( $stat_file, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES );
|
1212 |
+
} else {
|
1213 |
+
$nfw_stat = '0:0:0:0:0:0:0:0:0:0';
|
1214 |
+
}
|
1215 |
+
$nfw_stat_arr = explode(':', $nfw_stat . ':');
|
1216 |
+
++$nfw_stat_arr[$loglevel];
|
1217 |
+
|
1218 |
+
@file_put_contents( $stat_file, $nfw_stat_arr[0] . ':' . $nfw_stat_arr[1] . ':' .
|
1219 |
+
$nfw_stat_arr[2] . ':' . $nfw_stat_arr[3] . ':' . $nfw_stat_arr[4] . ':' .
|
1220 |
+
$nfw_stat_arr[5] . ':' . $nfw_stat_arr[6] . ':' . $nfw_stat_arr[7] . ':' .
|
1221 |
+
$nfw_stat_arr[8] . ':' . $nfw_stat_arr[9], LOCK_EX );
|
1222 |
+
|
1223 |
+
if (! file_exists($log_file) ) {
|
1224 |
+
$tmp = '<?php exit; ?>' . "\n";
|
1225 |
+
} else {
|
1226 |
+
$tmp = '';
|
1227 |
+
}
|
1228 |
+
|
1229 |
+
if (! defined('NFW_REMOTE_ADDR') ) { define('NFW_REMOTE_ADDR', $_SERVER['REMOTE_ADDR']); }
|
1230 |
+
|
1231 |
+
// Which encoding to use?
|
1232 |
+
if ( defined('NFW_LOG_ENCODING') ) {
|
1233 |
+
if ( NFW_LOG_ENCODING == 'b64' ) {
|
1234 |
+
$encoding = '[b64:' . base64_encode( $res ) . ']';
|
1235 |
+
} elseif ( NFW_LOG_ENCODING == 'none' ) {
|
1236 |
+
$encoding = '[' . $res . ']';
|
1237 |
+
} else {
|
1238 |
+
$unp = unpack('H*', $res);
|
1239 |
+
$encoding = '[hex:' . array_shift( $unp ) . ']';
|
1240 |
+
}
|
1241 |
+
} else {
|
1242 |
+
$unp = unpack('H*', $res);
|
1243 |
+
$encoding = '[hex:' . array_shift( $unp ) . ']';
|
1244 |
+
}
|
1245 |
+
|
1246 |
+
@file_put_contents( $log_file,
|
1247 |
+
$tmp . '[' . time() . '] ' . '[' . round( microtime(true) - $nfw_['fw_starttime'], 5) . '] ' .
|
1248 |
+
'[' . $_SERVER['SERVER_NAME'] . '] ' . '[#' . $nfw_['num_incident'] . '] ' .
|
1249 |
+
'[' . $ruleid . '] ' .
|
1250 |
+
'[' . $loglevel . '] ' . '[' . NFW_REMOTE_ADDR . '] ' .
|
1251 |
+
'[' . $http_ret_code . '] ' . '[' . $_SERVER['REQUEST_METHOD'] . '] ' .
|
1252 |
+
'[' . $_SERVER['SCRIPT_NAME'] . '] ' . '[' . $loginfo . '] ' .
|
1253 |
+
$encoding . "\n", FILE_APPEND | LOCK_EX );
|
1254 |
+
}
|
1255 |
+
|
1256 |
+
// =====================================================================
|
1257 |
+
|
1258 |
+
function nfw_bfd($where) {
|
1259 |
+
|
1260 |
+
if ( defined('NFW_STATUS') ) { return; }
|
1261 |
+
|
1262 |
+
global $nfw_;
|
1263 |
+
$bf_conf_dir = $nfw_['log_dir'] . '/cache';
|
1264 |
+
|
1265 |
+
if (! file_exists($bf_conf_dir . '/bf_conf.php') ) {
|
1266 |
+
return;
|
1267 |
+
}
|
1268 |
+
|
1269 |
+
$now = time();
|
1270 |
+
require($bf_conf_dir . '/bf_conf.php');
|
1271 |
+
if ( empty($bf_enable) ) {
|
1272 |
+
return;
|
1273 |
+
}
|
1274 |
+
|
1275 |
+
if ( $where == 2 && empty($bf_xmlrpc) ) {
|
1276 |
+
return;
|
1277 |
+
}
|
1278 |
+
|
1279 |
+
// NinjaFirewall <= 3.4.2:
|
1280 |
+
if (! isset( $auth_msgtxt ) ) {
|
1281 |
+
$auth_msgtxt = $auth_msg;
|
1282 |
+
$b64 = 0;
|
1283 |
+
// NinjaFirewall > 3.4.2:
|
1284 |
+
} else {
|
1285 |
+
$b64 = 1;
|
1286 |
+
}
|
1287 |
+
// NinjaFirewall < 3.5:
|
1288 |
+
if (! isset( $bf_allow_bot ) ) {
|
1289 |
+
$bf_allow_bot = 0;
|
1290 |
+
}
|
1291 |
+
if (! isset( $bf_type ) ) {
|
1292 |
+
$bf_type = 0;
|
1293 |
+
}
|
1294 |
+
|
1295 |
+
if ( $where == 1 && $bf_allow_bot == 0 ) {
|
1296 |
+
if ( empty( $_SERVER['HTTP_ACCEPT'] ) || empty( $_SERVER['HTTP_ACCEPT_LANGUAGE'] ) || empty( $_SERVER['HTTP_USER_AGENT'] ) || stripos( $_SERVER['HTTP_USER_AGENT'], 'Mozilla' ) === FALSE ) {
|
1297 |
+
header('HTTP/1.0 404 Not Found');
|
1298 |
+
header('Pragma: no-cache');
|
1299 |
+
header('Cache-Control: no-cache, no-store, must-revalidate');
|
1300 |
+
header('Expires: 0');
|
1301 |
+
$nfw_['nfw_options']['ret_code'] = '404';
|
1302 |
+
nfw_log('Blocked access to the login page', 'bot detection is enabled', 1, 0);
|
1303 |
+
@session_destroy();
|
1304 |
+
exit('404 Not Found');
|
1305 |
+
}
|
1306 |
+
}
|
1307 |
+
|
1308 |
+
if ( $bf_enable == 2 ) {
|
1309 |
+
nfw_check_auth($auth_name, $auth_pass, $auth_msgtxt, $bf_rand, $b64, $bf_allow_bot, $bf_type, $captcha_text, $bf_nosig);
|
1310 |
+
return;
|
1311 |
+
}
|
1312 |
+
|
1313 |
+
|
1314 |
+
if ( file_exists($bf_conf_dir . '/bf_blocked' . $where . $_SERVER['SERVER_NAME'] . $bf_rand) ) {
|
1315 |
+
|
1316 |
+
$mtime = filemtime( $bf_conf_dir . '/bf_blocked' . $where . $_SERVER['SERVER_NAME'] . $bf_rand );
|
1317 |
+
if ( ($now - $mtime) < $bf_bantime * 60 ) {
|
1318 |
+
|
1319 |
+
nfw_check_auth($auth_name, $auth_pass, $auth_msgtxt, $bf_rand, $b64, $bf_allow_bot, $bf_type, $captcha_text, $bf_nosig);
|
1320 |
+
return;
|
1321 |
+
} else {
|
1322 |
+
|
1323 |
+
@unlink($bf_conf_dir . '/bf_blocked' . $where . $_SERVER['SERVER_NAME'] . $bf_rand);
|
1324 |
+
}
|
1325 |
+
}
|
1326 |
+
|
1327 |
+
|
1328 |
+
if ( strpos($bf_request, $_SERVER['REQUEST_METHOD']) === false ) {
|
1329 |
+
return;
|
1330 |
+
}
|
1331 |
+
|
1332 |
+
|
1333 |
+
if ( file_exists($bf_conf_dir . '/bf_' . $where . $_SERVER['SERVER_NAME'] . $bf_rand ) ) {
|
1334 |
+
$tmp_log = file( $bf_conf_dir . '/bf_' . $where . $_SERVER['SERVER_NAME'] . $bf_rand, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
|
1335 |
+
if ( count( $tmp_log) >= $bf_attempt ) {
|
1336 |
+
if ( ($tmp_log[count($tmp_log) - 1] - $tmp_log[count($tmp_log) - $bf_attempt]) <= $bf_maxtime ) {
|
1337 |
+
|
1338 |
+
$bfdh = fopen( $bf_conf_dir . '/bf_blocked' . $where . $_SERVER['SERVER_NAME'] . $bf_rand, 'w');
|
1339 |
+
fclose( $bfdh );
|
1340 |
+
|
1341 |
+
unlink( $bf_conf_dir . '/bf_' . $where . $_SERVER['SERVER_NAME'] . $bf_rand );
|
1342 |
+
$nfw_['nfw_options']['ret_code'] = '401';
|
1343 |
+
if ($where == 1) {
|
1344 |
+
$where = 'wp-login.php';
|
1345 |
+
} else {
|
1346 |
+
$where = 'XML-RPC API';
|
1347 |
+
}
|
1348 |
+
nfw_log('Brute-force attack detected on ' . $where, 'enabling HTTP authentication for ' . $bf_bantime . 'mn', 3, 0);
|
1349 |
+
if (! empty($bf_authlog) ) {
|
1350 |
+
if (defined('LOG_AUTHPRIV') ) { $tmp = LOG_AUTHPRIV; }
|
1351 |
+
else { $tmp = LOG_AUTH; }
|
1352 |
+
@openlog('ninjafirewall', LOG_NDELAY|LOG_PID, $tmp);
|
1353 |
+
@syslog(LOG_INFO, 'Possible brute-force attack from '. $_SERVER['REMOTE_ADDR'] .
|
1354 |
+
' on '. $_SERVER['SERVER_NAME'] .' ('. $where .'). Blocking access for ' . $bf_bantime . 'mn.');
|
1355 |
+
@closelog();
|
1356 |
+
}
|
1357 |
+
nfw_check_auth($auth_name, $auth_pass, $auth_msgtxt, $bf_rand, $b64, $bf_allow_bot, $bf_type, $captcha_text, $bf_nosig);
|
1358 |
+
return;
|
1359 |
+
|
1360 |
+
}
|
1361 |
+
}
|
1362 |
+
$mtime = filemtime( $bf_conf_dir . '/bf_' . $where . $_SERVER['SERVER_NAME'] . $bf_rand );
|
1363 |
+
if ( ($now - $mtime) > $bf_bantime * 60 ) {
|
1364 |
+
unlink( $bf_conf_dir . '/bf_' . $where . $_SERVER['SERVER_NAME'] . $bf_rand );
|
1365 |
+
}
|
1366 |
+
}
|
1367 |
+
|
1368 |
+
@file_put_contents($bf_conf_dir . '/bf_' . $where . $_SERVER['SERVER_NAME'] . $bf_rand, $now . "\n", FILE_APPEND | LOCK_EX);
|
1369 |
+
|
1370 |
+
}
|
1371 |
+
// =====================================================================
|
1372 |
+
|
1373 |
+
function nfw_check_auth( $auth_name, $auth_pass, $auth_msgtxt, $bf_rand, $b64, $bf_allow_bot, $bf_type, $captcha_text, $bf_nosig ) {
|
1374 |
+
|
1375 |
+
if ( defined('NFW_STATUS') ) { return; }
|
1376 |
+
|
1377 |
+
nfw_check_session();
|
1378 |
+
|
1379 |
+
if ( isset($_SESSION['nfw_bfd']) && $_SESSION['nfw_bfd'] == $bf_rand ) {
|
1380 |
+
return;
|
1381 |
+
}
|
1382 |
+
|
1383 |
+
if ( $bf_type == 0 ) {
|
1384 |
+
// Password protection:
|
1385 |
+
if (! empty($_REQUEST['u']) && ! empty($_REQUEST['p']) ) {
|
1386 |
+
if ( $_REQUEST['u'] === $auth_name && sha1($_REQUEST['p']) === $auth_pass ) {
|
1387 |
+
$_SESSION['nfw_bfd'] = $bf_rand;
|
1388 |
+
return;
|
1389 |
+
}
|
1390 |
+
}
|
1391 |
+
} else {
|
1392 |
+
// Make sure the GD extension is loaded:
|
1393 |
+
if ( function_exists( 'gd_info' ) ) {
|
1394 |
+
// Captcha protection:
|
1395 |
+
if (! empty( $_REQUEST['c'] ) && isset( $_SESSION['nfw_bfd_c'] ) ) {
|
1396 |
+
if ( $_SESSION['nfw_bfd_c'] == strtolower( $_REQUEST['c'] ) ) {
|
1397 |
+
$_SESSION['nfw_bfd'] = $bf_rand;
|
1398 |
+
unset( $_SESSION['nfw_bfd_c'] );
|
1399 |
+
return;
|
1400 |
+
}
|
1401 |
+
}
|
1402 |
+
} else {
|
1403 |
+
// Return in no GD extension:
|
1404 |
+
return;
|
1405 |
+
}
|
1406 |
+
}
|
1407 |
+
|
1408 |
+
session_destroy();
|
1409 |
+
|
1410 |
+
if ( $b64 ) { $auth_msgtxt = base64_decode( $auth_msgtxt ); }
|
1411 |
+
|
1412 |
+
header('HTTP/1.0 401 Unauthorized');
|
1413 |
+
header('X-Frame-Options: SAMEORIGIN');
|
1414 |
+
header('Pragma: no-cache');
|
1415 |
+
header('Cache-Control: no-cache, no-store, must-revalidate');
|
1416 |
+
header('Expires: 0');
|
1417 |
+
if ( empty( $bf_nosig ) ) {
|
1418 |
+
$bf_nosig = 'Brute-force protection by NinjaFirewall';
|
1419 |
+
} else {
|
1420 |
+
$bf_nosig = '';
|
1421 |
+
}
|
1422 |
+
if ( $bf_type == 0 ) {
|
1423 |
+
$message = '<html><head><title>'. $bf_nosig .'</title><link rel="stylesheet" href="./wp-includes/css/buttons.min.css" type="text/css"><link rel="stylesheet" href="./wp-admin/css/login.min.css" type="text/css"></head><body class="login wp-core-ui" style="color:#444"><div id="login"><center><h2>' . $auth_msgtxt . '</h2><form method="post"><label>'. $bf_nosig .'</label><br><br><p><input class="input" type="text" name="u" placeholder="Username"></p><p><input class="input" type="password" name="p" placeholder="Password"></p><p align="right"><input type="submit" value="Login Page »" class="button-secondary"></p></form></center></div></body></html>';
|
1424 |
+
} else {
|
1425 |
+
$message = '<html><head><title>'. $bf_nosig .'</title><link rel="stylesheet" href="./wp-includes/css/buttons.min.css" type="text/css"><link rel="stylesheet" href="./wp-admin/css/login.min.css" type="text/css"></head><body class="login wp-core-ui" style="color:#444"><div id="login"><center><form method="post"><p><label>'. base64_decode( $captcha_text ) .'</label></p><br><p>' . nfw_get_captcha() . '</p><p><input class="input" type="text" name="c" autofocus></p><p align="right"><input type="submit" value="Login Page »" class="button-secondary"></p></form><br><label>'. $bf_nosig .'</label></center></div></body></html>';
|
1426 |
+
}
|
1427 |
+
if ( $bf_allow_bot == 0 ) {
|
1428 |
+
ini_set('zlib.output_compression','Off');
|
1429 |
+
header('Content-Encoding: gzip');
|
1430 |
+
echo gzencode( $message, 1 );
|
1431 |
+
} else {
|
1432 |
+
header('Content-Type: text/html; charset=utf-8');
|
1433 |
+
echo $message;
|
1434 |
+
}
|
1435 |
+
|
1436 |
+
exit;
|
1437 |
+
}
|
1438 |
+
|
1439 |
+
// =====================================================================
|
1440 |
+
function nfw_get_captcha() {
|
1441 |
+
|
1442 |
+
session_start();
|
1443 |
+
|
1444 |
+
$characters = 'AaBbCcDdEeFfGgHhiIJjKkLMmNnPpRrSsTtUuVvWwXxYyZz123456789';
|
1445 |
+
$captcha = '';
|
1446 |
+
while( strlen( $captcha ) < 5 ) {
|
1447 |
+
$captcha .= substr( $characters, mt_rand() % strlen( $characters ), 1 );
|
1448 |
+
}
|
1449 |
+
|
1450 |
+
// Background image with dimensions
|
1451 |
+
$image = imagecreate( 200, 60 );
|
1452 |
+
// Background color:
|
1453 |
+
imagecolorallocate( $image, 255, 255, 255 );
|
1454 |
+
// Text color:
|
1455 |
+
$text_color = imagecolorallocate( $image, 77, 77, 77 );
|
1456 |
+
// Font:
|
1457 |
+
global $nfw_;
|
1458 |
+
if ( file_exists( "{$nfw_['log_dir']}/font.ttf" ) ) {
|
1459 |
+
imagettftext( $image, 35, 0, 15, 45, $text_color, "{$nfw_['log_dir']}/font.ttf", $captcha );
|
1460 |
+
} else {
|
1461 |
+
imagettftext( $image, 35, 0, 15, 45, $text_color, __DIR__ . '/share/font.ttf', $captcha );
|
1462 |
+
}
|
1463 |
+
|
1464 |
+
ob_start();
|
1465 |
+
imagepng( $image );
|
1466 |
+
$img_content = ob_get_contents();
|
1467 |
+
ob_end_clean();
|
1468 |
+
imagedestroy( $image );
|
1469 |
+
|
1470 |
+
$res = '<img src="data:image/png;base64,'. base64_encode( $img_content ) .'" />';
|
1471 |
+
|
1472 |
+
$_SESSION['nfw_bfd_c'] = strtolower( $captcha );
|
1473 |
+
|
1474 |
+
return $res;
|
1475 |
+
}
|
1476 |
+
|
1477 |
+
// =====================================================================
|
1478 |
+
// From WP db_connect() :
|
1479 |
+
function nfw_check_dbhost() {
|
1480 |
+
|
1481 |
+
global $nfw_;
|
1482 |
+
|
1483 |
+
$nfw_['port'] = null;
|
1484 |
+
$nfw_['socket'] = null;
|
1485 |
+
$port_or_socket = strstr( $nfw_['DB_HOST'], ':' );
|
1486 |
+
if ( ! empty( $port_or_socket ) ) {
|
1487 |
+
$nfw_['DB_HOST'] = substr( $nfw_['DB_HOST'], 0, strpos( $nfw_['DB_HOST'], ':' ) );
|
1488 |
+
$port_or_socket = substr( $port_or_socket, 1 );
|
1489 |
+
if ( 0 !== strpos( $port_or_socket, '/' ) ) {
|
1490 |
+
$nfw_['port'] = intval( $port_or_socket );
|
1491 |
+
$maybe_socket = strstr( $port_or_socket, ':' );
|
1492 |
+
if ( ! empty( $maybe_socket ) ) {
|
1493 |
+
$nfw_['socket'] = substr( $maybe_socket, 1 );
|
1494 |
+
}
|
1495 |
+
} else {
|
1496 |
+
$nfw_['socket'] = $port_or_socket;
|
1497 |
+
}
|
1498 |
+
}
|
1499 |
+
}
|
1500 |
+
|
1501 |
+
// =====================================================================
|
1502 |
+
|
1503 |
+
function nfw_response_headers() {
|
1504 |
+
|
1505 |
+
if (! defined('NFW_RESHEADERS') ) { return; }
|
1506 |
+
$NFW_RESHEADERS = NFW_RESHEADERS;
|
1507 |
+
|
1508 |
+
$rewrite = array();
|
1509 |
+
|
1510 |
+
if (! empty( $NFW_RESHEADERS[0] ) ) {
|
1511 |
+
foreach (@headers_list() as $header) {
|
1512 |
+
if (strpos($header, 'Set-Cookie:') === false) { continue; }
|
1513 |
+
if (stripos($header, '; httponly') !== false) {
|
1514 |
+
$rewrite[] = $header;
|
1515 |
+
continue;
|
1516 |
+
}
|
1517 |
+
$rewrite[] = $header . '; httponly';
|
1518 |
+
}
|
1519 |
+
if (! empty($rewrite) ) {
|
1520 |
+
@header_remove('Set-Cookie');
|
1521 |
+
foreach($rewrite as $cookie) {
|
1522 |
+
header($cookie, false);
|
1523 |
+
}
|
1524 |
+
}
|
1525 |
+
}
|
1526 |
+
|
1527 |
+
if (! empty( $NFW_RESHEADERS[1] ) ) {
|
1528 |
+
header('X-Content-Type-Options: nosniff');
|
1529 |
+
}
|
1530 |
+
|
1531 |
+
if (! empty( $NFW_RESHEADERS[2] ) ) {
|
1532 |
+
if ($NFW_RESHEADERS[2] == 1) {
|
1533 |
+
header('X-Frame-Options: SAMEORIGIN');
|
1534 |
+
} else {
|
1535 |
+
header('X-Frame-Options: DENY');
|
1536 |
+
}
|
1537 |
+
}
|
1538 |
+
|
1539 |
+
if (! empty( $NFW_RESHEADERS[3] ) ) {
|
1540 |
+
header('X-XSS-Protection: 1; mode=block');
|
1541 |
+
}
|
1542 |
+
|
1543 |
+
if (! empty( $NFW_RESHEADERS[6] ) && strpos($_SERVER['SCRIPT_NAME'], '/wp-admin/') === FALSE ) {
|
1544 |
+
header('Content-Security-Policy: ' . CSP_FRONTEND_DATA);
|
1545 |
+
}
|
1546 |
+
if (! empty( $NFW_RESHEADERS[7] ) && strpos($_SERVER['SCRIPT_NAME'], '/wp-admin/') !== FALSE ) {
|
1547 |
+
header('Content-Security-Policy: ' . CSP_BACKEND_DATA);
|
1548 |
+
}
|
1549 |
+
|
1550 |
+
if ( empty($NFW_RESHEADERS[4] ) ) { return; }
|
1551 |
+
|
1552 |
+
if ( $_SERVER['SERVER_PORT'] != 443 &&
|
1553 |
+
(! isset( $_SERVER['HTTP_X_FORWARDED_PROTO']) ||
|
1554 |
+
$_SERVER['HTTP_X_FORWARDED_PROTO'] != 'https') ) {
|
1555 |
+
return;
|
1556 |
+
}
|
1557 |
+
if ($NFW_RESHEADERS[4] == 1) {
|
1558 |
+
$max_age = 'max-age=2628000';
|
1559 |
+
} elseif ($NFW_RESHEADERS[4] == 2) {
|
1560 |
+
$max_age = 'max-age=15768000';
|
1561 |
+
} elseif ($NFW_RESHEADERS[4] == 3) {
|
1562 |
+
$max_age = 'max-age=31536000';
|
1563 |
+
} elseif ($NFW_RESHEADERS[4] == 4) {
|
1564 |
+
$max_age = 'max-age=0';
|
1565 |
+
}
|
1566 |
+
if (! empty( $NFW_RESHEADERS[5] ) ) {
|
1567 |
+
$max_age .= ' ; includeSubDomains';
|
1568 |
+
}
|
1569 |
+
header('Strict-Transport-Security: '. $max_age);
|
1570 |
+
}
|
1571 |
+
|
1572 |
+
// =====================================================================
|
1573 |
+
// EOF
|
lib/fw_centlog.php
ADDED
@@ -0,0 +1,75 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
// +---------------------------------------------------------------------+
|
3 |
+
// | NinjaFirewall (WP Edition) |
|
4 |
+
// | |
|
5 |
+
// | (c) NinTechNet - https://nintechnet.com/ |
|
6 |
+
// +---------------------------------------------------------------------+
|
7 |
+
// | This program is free software: you can redistribute it and/or |
|
8 |
+
// | modify it under the terms of the GNU General Public License as |
|
9 |
+
// | published by the Free Software Foundation, either version 3 of |
|
10 |
+
// | the License, or (at your option) any later version. |
|
11 |
+
// | |
|
12 |
+
// | This program is distributed in the hope that it will be useful, |
|
13 |
+
// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
14 |
+
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
15 |
+
// | GNU General Public License for more details. |
|
16 |
+
// +---------------------------------------------------------------------+ sa
|
17 |
+
|
18 |
+
if (! isset( $nfw_['nfw_options']['enabled']) ) {
|
19 |
+
header('HTTP/1.1 404 Not Found');
|
20 |
+
header('Status: 404 Not Found');
|
21 |
+
exit;
|
22 |
+
}
|
23 |
+
|
24 |
+
/* ------------------------------------------------------------------ */
|
25 |
+
function fw_centlog() {
|
26 |
+
|
27 |
+
global $nfw_;
|
28 |
+
|
29 |
+
$pubkey = explode( ':', $nfw_['nfw_options']['clogs_pubkey'], 2 );
|
30 |
+
|
31 |
+
if ( isset( $pubkey[1]) && $pubkey[1] != '*' ) {
|
32 |
+
nfw_check_ip();
|
33 |
+
|
34 |
+
if ( NFW_REMOTE_ADDR != $pubkey[1] ) {
|
35 |
+
nfw_log('Centralized logging: IP not allowed', NFW_REMOTE_ADDR, 6, 0);
|
36 |
+
fw_centlog_die();
|
37 |
+
}
|
38 |
+
}
|
39 |
+
|
40 |
+
if ( empty( $pubkey[0] ) || sha1( $_POST['clogs_req'] ) !== $pubkey[0] ) {
|
41 |
+
nfw_log('Centralized logging: public key rejected', NFW_REMOTE_ADDR, 6, 0);
|
42 |
+
fw_centlog_die();
|
43 |
+
}
|
44 |
+
|
45 |
+
if (! $tzstring = ini_get('date.timezone') ) {
|
46 |
+
$tzstring = 'UTC';
|
47 |
+
}
|
48 |
+
date_default_timezone_set($tzstring);
|
49 |
+
$cur_month = date('Y-m');
|
50 |
+
$log_file = $nfw_['log_dir']. '/firewall_' . $cur_month . '.php';
|
51 |
+
|
52 |
+
if (! file_exists( $log_file ) ) {
|
53 |
+
exit('1:');
|
54 |
+
}
|
55 |
+
|
56 |
+
$data = file( $log_file, FILE_SKIP_EMPTY_LINES );
|
57 |
+
if ( $data === false ) {
|
58 |
+
exit('2:');
|
59 |
+
}
|
60 |
+
|
61 |
+
echo '0:~*~:' . base64_encode( json_encode( $data ) );
|
62 |
+
exit;
|
63 |
+
}
|
64 |
+
|
65 |
+
/* ------------------------------------------------------------------ */
|
66 |
+
|
67 |
+
function fw_centlog_die() {
|
68 |
+
|
69 |
+
header('HTTP/1.1 406 Not Acceptable');
|
70 |
+
header('Status: 406 Not Acceptable');
|
71 |
+
|
72 |
+
}
|
73 |
+
|
74 |
+
/* ------------------------------------------------------------------ */
|
75 |
+
// EOF
|
lib/fw_fileguard.php
ADDED
@@ -0,0 +1,71 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+---------------------------------------------------------------------+
|
4 |
+
| NinjaFirewall (WP Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+---------------------------------------------------------------------+
|
8 |
+
| This program is free software: you can redistribute it and/or |
|
9 |
+
| modify it under the terms of the GNU General Public License as |
|
10 |
+
| published by the Free Software Foundation, either version 3 of |
|
11 |
+
| the License, or (at your option) any later version. |
|
12 |
+
| |
|
13 |
+
| This program is distributed in the hope that it will be useful, |
|
14 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
+
| GNU General Public License for more details. |
|
17 |
+
+---------------------------------------------------------------------+ i18n+ / sa
|
18 |
+
*/
|
19 |
+
|
20 |
+
if (! isset( $nfw_['nfw_options']['enabled']) ) {
|
21 |
+
header('HTTP/1.1 404 Not Found');
|
22 |
+
header('Status: 404 Not Found');
|
23 |
+
exit;
|
24 |
+
}
|
25 |
+
|
26 |
+
/* ------------------------------------------------------------------ */
|
27 |
+
|
28 |
+
function fw_fileguard() {
|
29 |
+
|
30 |
+
global $nfw_;
|
31 |
+
|
32 |
+
// Look for exclusion :
|
33 |
+
if ( empty($nfw_['nfw_options']['fg_exclude']) || ! @preg_match( "`{$nfw_['nfw_options']['fg_exclude']}`", $_SERVER['SCRIPT_FILENAME'] ) ) {
|
34 |
+
// Stat() the requested script :
|
35 |
+
if ( $nfw_['nfw_options']['fg_stat'] = stat( $_SERVER['SCRIPT_FILENAME'] ) ) {
|
36 |
+
// Was it created/modified lately ?
|
37 |
+
if ( time() - $nfw_['nfw_options']['fg_mtime'] * 3660 < $nfw_['nfw_options']['fg_stat']['ctime'] ) {
|
38 |
+
// Did we check it already ?
|
39 |
+
if (! file_exists( $nfw_['log_dir'] . '/cache/fg_' . $nfw_['nfw_options']['fg_stat']['ino'] . '.php' ) ) {
|
40 |
+
// Log it :
|
41 |
+
nfw_log('Access to a script modified/created less than ' . $nfw_['nfw_options']['fg_mtime'] . ' hour(s) ago', $_SERVER['SCRIPT_FILENAME'], 6, 0);
|
42 |
+
// We need to alert the admin :
|
43 |
+
if (! $nfw_['nfw_options']['tzstring'] = ini_get('date.timezone') ) {
|
44 |
+
$nfw_['nfw_options']['tzstring'] = 'UTC';
|
45 |
+
}
|
46 |
+
date_default_timezone_set($nfw_['nfw_options']['tzstring']);
|
47 |
+
$nfw_['nfw_options']['m_headers'] = 'From: "NinjaFirewall" <postmaster@'. $_SERVER['SERVER_NAME'] . ">\r\n";
|
48 |
+
$nfw_['nfw_options']['m_headers'] .= "Content-Transfer-Encoding: 7bit\r\n";
|
49 |
+
$nfw_['nfw_options']['m_headers'] .= "Content-Type: text/plain; charset=\"UTF-8\"\r\n";
|
50 |
+
$nfw_['nfw_options']['m_headers'] .= "MIME-Version: 1.0\r\n";
|
51 |
+
$nfw_['nfw_options']['m_subject'] = '[NinjaFirewall] Alert: File Guard detection';
|
52 |
+
$nfw_['nfw_options']['m_msg'] = 'Someone accessed a script that was modified or created less than ' .
|
53 |
+
$nfw_['nfw_options']['fg_mtime'] . ' hour(s) ago:' . "\n\n".
|
54 |
+
'SERVER_NAME: ' . $_SERVER['SERVER_NAME'] . "\n" .
|
55 |
+
'USER IP: ' . NFW_REMOTE_ADDR . "\n" .
|
56 |
+
'SCRIPT_FILENAME: ' . $_SERVER['SCRIPT_FILENAME'] . "\n" .
|
57 |
+
'REQUEST_URI: ' . $_SERVER['REQUEST_URI'] . "\n" .
|
58 |
+
'Last changed on: ' . date('F j, Y @ H:i:s', $nfw_['nfw_options']['fg_stat']['ctime'] ) . ' (UTC '. date('O') . ")\n\n" .
|
59 |
+
'NinjaFirewall (WP Edition) - https://nintechnet.com/' . "\n" .
|
60 |
+
'Support forum: http://wordpress.org/support/plugin/ninjafirewall' . "\n";
|
61 |
+
mail( $nfw_['nfw_options']['alert_email'], $nfw_['nfw_options']['m_subject'], $nfw_['nfw_options']['m_msg'], $nfw_['nfw_options']['m_headers']);
|
62 |
+
// Remember it so that we don't spam the admin each time the script is requested :
|
63 |
+
touch($nfw_['log_dir'] . '/cache/fg_' . $nfw_['nfw_options']['fg_stat']['ino'] . '.php');
|
64 |
+
}
|
65 |
+
}
|
66 |
+
}
|
67 |
+
}
|
68 |
+
}
|
69 |
+
|
70 |
+
/* ------------------------------------------------------------------ */
|
71 |
+
// EOF
|
lib/fw_livelog.php
ADDED
@@ -0,0 +1,135 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+---------------------------------------------------------------------+
|
4 |
+
| NinjaFirewall (WP Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+---------------------------------------------------------------------+
|
8 |
+
| This program is free software: you can redistribute it and/or |
|
9 |
+
| modify it under the terms of the GNU General Public License as |
|
10 |
+
| published by the Free Software Foundation, either version 3 of |
|
11 |
+
| the License, or (at your option) any later version. |
|
12 |
+
| |
|
13 |
+
| This program is distributed in the hope that it will be useful, |
|
14 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
+
| GNU General Public License for more details. |
|
17 |
+
+---------------------------------------------------------------------+ i18n+ / sa
|
18 |
+
*/
|
19 |
+
|
20 |
+
if (! isset( $nfw_['nfw_options']['enabled']) ) {
|
21 |
+
header('HTTP/1.1 404 Not Found');
|
22 |
+
header('Status: 404 Not Found');
|
23 |
+
exit;
|
24 |
+
}
|
25 |
+
|
26 |
+
/* ------------------------------------------------------------------ */
|
27 |
+
|
28 |
+
function fw_livelog_show() {
|
29 |
+
|
30 |
+
global $nfw_;
|
31 |
+
|
32 |
+
$nfw_['livelog'] = $nfw_['log_dir'] . '/cache/livelog.php';
|
33 |
+
if ( file_exists($nfw_['livelog']) ) {
|
34 |
+
// Check if we need to flush it :
|
35 |
+
if ($_POST['livecls'] > 0) {
|
36 |
+
$fh = fopen($nfw_['livelog'],'w');
|
37 |
+
fclose($fh);
|
38 |
+
}
|
39 |
+
$count = 0;
|
40 |
+
$buffer = '';
|
41 |
+
if ( $fh = fopen($nfw_['livelog'], 'r' ) ) {
|
42 |
+
while (! feof($fh) ) {
|
43 |
+
if ( $count >= $_POST['lines'] ) {
|
44 |
+
$buffer .= fgets($fh);
|
45 |
+
} else {
|
46 |
+
fgets($fh);
|
47 |
+
}
|
48 |
+
++$count;
|
49 |
+
}
|
50 |
+
fclose($fh);
|
51 |
+
}
|
52 |
+
|
53 |
+
// Return the log content :
|
54 |
+
header('HTTP/1.0 200 OK');
|
55 |
+
if ( $buffer ) {
|
56 |
+
echo '^'.$buffer;
|
57 |
+
} else {
|
58 |
+
echo '*';
|
59 |
+
}
|
60 |
+
touch($nfw_['log_dir'] .'/cache/livelogrun.php');
|
61 |
+
} else {
|
62 |
+
// Something went wrong :
|
63 |
+
header('HTTP/1.0 503 Service Unavailable');
|
64 |
+
}
|
65 |
+
$nfw_['mysqli']->close();
|
66 |
+
exit;
|
67 |
+
}
|
68 |
+
|
69 |
+
/* ------------------------------------------------------------------ */
|
70 |
+
function fw_livelog_record() {
|
71 |
+
|
72 |
+
global $nfw_;
|
73 |
+
|
74 |
+
$nfw_['mtime'] = filemtime($nfw_['log_dir'] .'/cache/livelogrun.php');
|
75 |
+
|
76 |
+
// If the file was not accessed for more than 100s, we assume
|
77 |
+
// the admin has stopped using live log from WordPress
|
78 |
+
// dashboard (max refresh rate is 45s) :
|
79 |
+
if ( $nfw_['fw_starttime'] - $nfw_['mtime'] > 100 ) {
|
80 |
+
unlink($nfw_['log_dir'] .'/cache/livelogrun.php');
|
81 |
+
// If the log was not modified for the past 10mn, we delete it as well :
|
82 |
+
$nfw_['livelog'] = $nfw_['log_dir'] . '/cache/livelog.php';
|
83 |
+
if ( file_exists($nfw_['livelog']) ) {
|
84 |
+
$nfw_['mtime'] = filemtime($nfw_['livelog']);
|
85 |
+
if ( $nfw_['fw_starttime'] - $nfw_['mtime'] > 600 ) {
|
86 |
+
unlink( $nfw_['livelog'] );
|
87 |
+
}
|
88 |
+
}
|
89 |
+
} else {
|
90 |
+
// Check if we are supposed to log the request (http/https) :
|
91 |
+
if ( empty($nfw_['nfw_options']['liveport']) ||
|
92 |
+
($nfw_['nfw_options']['liveport'] == 1 && $_SERVER['SERVER_PORT'] != 443) ||
|
93 |
+
($nfw_['nfw_options']['liveport'] == 2 && $_SERVER['SERVER_PORT'] == 443) ) {
|
94 |
+
|
95 |
+
if ( empty($_SERVER['PHP_AUTH_USER']) ) { $PHP_AUTH_USER = '-'; }
|
96 |
+
else { $PHP_AUTH_USER = $_SERVER['PHP_AUTH_USER']; }
|
97 |
+
if ( empty($_SERVER['HTTP_REFERER']) ) { $HTTP_REFERER = '-'; }
|
98 |
+
else { $HTTP_REFERER = $_SERVER['HTTP_REFERER']; }
|
99 |
+
if ( empty($_SERVER['HTTP_USER_AGENT']) ) { $HTTP_USER_AGENT = '-'; }
|
100 |
+
else { $HTTP_USER_AGENT = $_SERVER['HTTP_USER_AGENT']; }
|
101 |
+
if ( empty($_SERVER['HTTP_X_FORWARDED_FOR']) ) { $HTTP_X_FORWARDED_FOR = '-'; }
|
102 |
+
else { $HTTP_X_FORWARDED_FOR = $_SERVER['HTTP_X_FORWARDED_FOR']; }
|
103 |
+
if ( empty($_SERVER['HTTP_HOST']) ) { $HTTP_HOST = '-'; }
|
104 |
+
else { $HTTP_HOST = $_SERVER['HTTP_HOST']; }
|
105 |
+
|
106 |
+
// Set the timezone :
|
107 |
+
if (! empty($nfw_['nfw_options']['livetz']) ) {
|
108 |
+
@date_default_timezone_set($nfw_['nfw_options']['livetz']);
|
109 |
+
} else {
|
110 |
+
if (! $nfw_['nfw_options']['tzstring'] = ini_get('date.timezone') ) {
|
111 |
+
$nfw_['nfw_options']['tzstring'] = 'UTC';
|
112 |
+
}
|
113 |
+
@date_default_timezone_set($nfw_['nfw_options']['tzstring']);
|
114 |
+
}
|
115 |
+
|
116 |
+
// Log the request :
|
117 |
+
if (! empty($nfw_['nfw_options']['liveformat']) ) {
|
118 |
+
// User-defined format :
|
119 |
+
$nfw_['tmp'] = str_replace(
|
120 |
+
array( '%time', '%name', '%client', '%method', '%uri', '%referrer', '%ua', '%forward', '%host' ),
|
121 |
+
array( date('d/M/y:H:i:s O', time()), $PHP_AUTH_USER, $_SERVER["REMOTE_ADDR"], $_SERVER["REQUEST_METHOD"], $_SERVER["REQUEST_URI"], $HTTP_REFERER, $HTTP_USER_AGENT, $HTTP_X_FORWARDED_FOR, $HTTP_HOST ), $nfw_['nfw_options']['liveformat'] );
|
122 |
+
@file_put_contents( $nfw_['log_dir'] . '/cache/livelog.php', htmlentities($nfw_['tmp'], ENT_NOQUOTES) ."\n", FILE_APPEND | LOCK_EX);
|
123 |
+
} else {
|
124 |
+
// Default format :
|
125 |
+
@file_put_contents( $nfw_['log_dir'] . '/cache/livelog.php',
|
126 |
+
'['. @date('d/M/y:H:i:s O', time()) .'] '. htmlentities(
|
127 |
+
$PHP_AUTH_USER .' '. $_SERVER['REMOTE_ADDR'] .' "'. $_SERVER['REQUEST_METHOD'] .' '.
|
128 |
+
$_SERVER['REQUEST_URI'] .'" "'. $HTTP_REFERER .'" "'. $HTTP_USER_AGENT .'" "'.
|
129 |
+
$HTTP_X_FORWARDED_FOR .'" "'. $HTTP_HOST, ENT_NOQUOTES) ."\"\n", FILE_APPEND | LOCK_EX);
|
130 |
+
}
|
131 |
+
}
|
132 |
+
}
|
133 |
+
}
|
134 |
+
/* ------------------------------------------------------------------ */
|
135 |
+
// EOF
|
lib/help.php
ADDED
@@ -0,0 +1,549 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+---------------------------------------------------------------------+
|
4 |
+
| NinjaFirewall (WP Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+---------------------------------------------------------------------+
|
8 |
+
| This program is free software: you can redistribute it and/or |
|
9 |
+
| modify it under the terms of the GNU General Public License as |
|
10 |
+
| published by the Free Software Foundation, either version 3 of |
|
11 |
+
| the License, or (at your option) any later version. |
|
12 |
+
| |
|
13 |
+
| This program is distributed in the hope that it will be useful, |
|
14 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
+
| GNU General Public License for more details. |
|
17 |
+
+---------------------------------------------------------------------+ i18n+ / sa
|
18 |
+
*/
|
19 |
+
|
20 |
+
if (! defined( 'NFW_ENGINE_VERSION' ) ) {
|
21 |
+
header('HTTP/1.1 404 Not Found');
|
22 |
+
header('Status: 404 Not Found');
|
23 |
+
exit;
|
24 |
+
}
|
25 |
+
|
26 |
+
// Contextual help - choose Help on the top right
|
27 |
+
// of the admin panel to preview this.
|
28 |
+
|
29 |
+
/* ------------------------------------------------------------------ */ // i18n+
|
30 |
+
|
31 |
+
function help_nfsubmain() {
|
32 |
+
|
33 |
+
// Overview menu help :
|
34 |
+
|
35 |
+
get_current_screen()->add_help_tab( array(
|
36 |
+
'id' => 'main01',
|
37 |
+
'title' => __('Overview', 'ninjafirewall'),
|
38 |
+
'content' => '<br />' . __('This is the Overview page; it shows information about the firewall status. We recommend you keep an eye on it because, in case of problems, all possible errors and warnings will be displayed here.', 'ninjafirewall') . '<br /> '
|
39 |
+
) );
|
40 |
+
get_current_screen()->set_help_sidebar(
|
41 |
+
'<p><strong>' . __( 'For more information:', 'ninjafirewall') . '</strong></p>' .
|
42 |
+
'<p><a href="https://nintechnet.com/ninjafirewall/wp-edition/help/">'. __('Installation, help and troubleshooting', 'ninjafirewall') . '</a></p>' .
|
43 |
+
'<p><a href="http://wordpress.org/support/plugin/ninjafirewall/">' . __( 'Support Forum', 'ninjafirewall') . '</a></p>' .
|
44 |
+
'<p>'. __('Updates via Twitter', 'ninjafirewall') . '<br /><a href="https://twitter.com/nintechnet"><img border="0" src="' . plugins_url( '/images/twitter_ntn.png', __DIR__ ) . '" width="116" height="28"></a></p>'
|
45 |
+
);
|
46 |
+
|
47 |
+
}
|
48 |
+
|
49 |
+
/* ------------------------------------------------------------------ */ // i18n+
|
50 |
+
|
51 |
+
function help_nfsubstat() {
|
52 |
+
|
53 |
+
// Stats menu help :
|
54 |
+
|
55 |
+
get_current_screen()->add_help_tab( array(
|
56 |
+
'id' => 'help01',
|
57 |
+
'title' => __('Monthly stats', 'ninjafirewall'),
|
58 |
+
'content' => '<br />'.
|
59 |
+
__('Statistics are taken from the current log. It is rotated on the first day of each month.', 'ninjafirewall') .
|
60 |
+
'<br />'.
|
61 |
+
sprintf( __('You can view the log by clicking on the <a href="%s">Firewall Log</a> menu.', 'ninjafirewall'), '?page=nfsublog')
|
62 |
+
) );
|
63 |
+
get_current_screen()->add_help_tab( array(
|
64 |
+
'id' => 'help02',
|
65 |
+
'title' => __('Benchmarks', 'ninjafirewall'),
|
66 |
+
'content' => '<br />'.
|
67 |
+
__('Benchmarks show the time NinjaFirewall took, in seconds, to proceed each request it has blocked.', 'ninjafirewall')
|
68 |
+
) );
|
69 |
+
}
|
70 |
+
/* ------------------------------------------------------------------ */ // i18n+
|
71 |
+
|
72 |
+
function help_nfsubopt() {
|
73 |
+
|
74 |
+
// Firewall options menu help :
|
75 |
+
|
76 |
+
get_current_screen()->add_help_tab( array(
|
77 |
+
'id' => 'opt01',
|
78 |
+
'title' => __('Firewall protection', 'ninjafirewall'),
|
79 |
+
'content' => '<br />' .
|
80 |
+
sprintf( __('This option allows you to disable NinjaFirewall. It has basically the same effect as deactivating it from the <a href="%s">Plugins</a> menu page.', 'ninjafirewall'), admin_url() . 'plugins.php') .
|
81 |
+
'<br />'.
|
82 |
+
__('Your site will remain unprotected until you enable it again.', 'ninjafirewall')
|
83 |
+
) );
|
84 |
+
get_current_screen()->add_help_tab( array(
|
85 |
+
'id' => 'opt02',
|
86 |
+
'title' => __('Debugging mode', 'ninjafirewall'),
|
87 |
+
'content' => '<br />' .
|
88 |
+
sprintf( __('In Debugging mode, NinjaFirewall will not block or sanitise suspicious requests but will only log them. The <a href="%s">Firewall Log</a> will display <code>DEBUG_ON</code> in the LEVEL column.', 'ninjafirewall'), '?page=nfsublog') .
|
89 |
+
'<p>' . __('We recommend to run it in Debugging Mode for at least 24 hours after installing it on a new site and then to keep an eye on the firewall log during that time. If you notice a false positive in the log, you can simply use NinjaFirewall\'s Rules Editor to disable the security rule that was wrongly triggered.', 'ninjafirewall') . '</p>'
|
90 |
+
) );
|
91 |
+
get_current_screen()->add_help_tab( array(
|
92 |
+
'id' => 'opt03',
|
93 |
+
'title' => __('Error code and message to return', 'ninjafirewall'),
|
94 |
+
'content' => '<br />' .
|
95 |
+
__('Lets you customize the HTTP error code returned by NinjaFirewall when blocking a dangerous request and the message to display to the user.' , 'ninjafirewall') . ' ' .
|
96 |
+
__('You can use any HTML tags and 3 built-in variables:' , 'ninjafirewall') .
|
97 |
+
'<li><code>%%REM_ADDRESS%%</code> : '. __('the blocked user IP.' , 'ninjafirewall') . '</li>
|
98 |
+
<li><code>%%NUM_INCIDENT%%</code> : '. __('the unique incident number as it will appear in the firewall log "INCIDENT" column.' , 'ninjafirewall') . '</li>
|
99 |
+
<li><code>%%NINJA_LOGO%%</code> : '. __('NinjaFirewall logo.' , 'ninjafirewall') . '</li>'
|
100 |
+
) );
|
101 |
+
get_current_screen()->add_help_tab( array(
|
102 |
+
'id' => 'opt04',
|
103 |
+
'title' => __('Export/import configuration', 'ninjafirewall'),
|
104 |
+
'content' => '<br />' .
|
105 |
+
__('This options lets you export you current configuration or import it from another NinjaFirewall (WP Edition) installation. The imported file must match your current version otherwise it will be rejected. Note that importing will override all firewall rules and options.', 'ninjafirewall') .
|
106 |
+
'<p><img src="' . plugins_url( '/images/icon_warn_16.png', __DIR__ ) . '" height="16" border="0" width="16"> <span class="description">' .
|
107 |
+
__('"File Check" configuration will not be exported/imported.', 'ninjafirewall') . '</span></p>'
|
108 |
+
) );
|
109 |
+
}
|
110 |
+
/* ------------------------------------------------------------------ */ // i18n+
|
111 |
+
|
112 |
+
function help_nfsubpolicies() {
|
113 |
+
|
114 |
+
// Firewall policies menu help :
|
115 |
+
|
116 |
+
// Show this text only if we are running in "Full WAF" mode:
|
117 |
+
if ( defined('NFW_WPWAF') ) {
|
118 |
+
$res= '';
|
119 |
+
} else {
|
120 |
+
$res = sprintf( __('Keep in mind, however, that the Firewall Policies apply to any PHP scripts located inside the %s directory and its sub-directories, and not only to your WordPress index page.', 'ninjafirewall'), '<code>' . ABSPATH . '</code>');
|
121 |
+
}
|
122 |
+
|
123 |
+
get_current_screen()->add_help_tab( array(
|
124 |
+
'id' => 'policies01',
|
125 |
+
'title' => __('Policies overview', 'ninjafirewall'),
|
126 |
+
'content' => '<br />' .
|
127 |
+
sprintf( __('Because NinjaFirewall sits in front of WordPress, it can hook, scan and sanitise all PHP requests, HTTP variables, headers and IPs before they reach your blog: <code><a href="%s">$_GET</a></code>, <code><a href="%s">$_POST</a></code>, <code><a href="%s">$_COOKIES</a></code>, <code><a href="%s">$_REQUEST</a></code>, <code><a href="%s">$_FILES</a></code>, <code><a href="%s">$_SERVER</a></code> in HTTP and/or HTTPS mode.', 'ninjafirewall'), 'http://www.php.net/manual/en/reserved.variables.get.php', 'http://www.php.net/manual/en/reserved.variables.post.php', 'http://www.php.net/manual/en/reserved.variables.cookies.php', 'http://www.php.net/manual/en/reserved.variables.request.php', 'http://www.php.net/manual/en/reserved.variables.files.php', 'http://php.net/manual/en/reserved.variables.server.php') .
|
128 |
+
'<br />' .
|
129 |
+
__('Use the options below to enable, disable or to tweak these rules according to your needs.', 'ninjafirewall') .
|
130 |
+
'<br />' .
|
131 |
+
$res .
|
132 |
+
'<br />'
|
133 |
+
) );
|
134 |
+
get_current_screen()->add_help_tab( array(
|
135 |
+
'id' => 'policies02',
|
136 |
+
'title' => __('Scan and Sanitise', 'ninjafirewall'),
|
137 |
+
'content' => '<br />'.
|
138 |
+
__('You can choose to scan and reject dangerous content but also to sanitise requests and variables. Those two actions are different and can be combined together for better security.', 'ninjafirewall') .
|
139 |
+
'<li>'. __('Scan : if anything suspicious is detected, NinjaFirewall will block the request and return an HTTP error code and message (defined in the "Firewall Options" page). The user request will fail and the connection will be closed immediately.', 'ninjafirewall') .'</li>
|
140 |
+
<li>'. sprintf( __('Sanitise : this option will not block but sanitise the user request by escaping characters that can be used to exploit vulnerabilities (%s) and replacing <code><</code> and <code>></code> with their corresponding HTML entities (<code>&lt;</code>, <code>&gt;</code>). If it is a variable, i.e. <code>?name=value</code>, both its name and value will be sanitised.', 'ninjafirewall'), '<code>\'</code>, <code>"</code>, <code>\\</code>, <code>\n</code>, <code>\r</code>, <code>`</code>, <code>\x1a</code>, <code>\x00</code>') .'
|
141 |
+
<br />' .
|
142 |
+
__('This action will be performed when the filtering process is over, right before NinjaFirewall forwards the request to your PHP script.', 'ninjafirewall') . '
|
143 |
+
<br />
|
144 |
+
<br />
|
145 |
+
<img src="' . plugins_url( '/images/icon_warn_16.png', __DIR__ ) . '" border="0" height="16" width="16"> <span class="description">'. __('If you enabled <code>POST</code> requests sanitising, articles and messages posted by your visitors could be corrupted with excessive backslashes or substitution characters.', 'ninjafirewall'). '</span></li>'
|
146 |
+
) );
|
147 |
+
get_current_screen()->add_help_tab( array(
|
148 |
+
'id' => 'policies04',
|
149 |
+
'title' => __('Firewall Policies', 'ninjafirewall'),
|
150 |
+
'content' => '
|
151 |
+
<div style="height:400px;">
|
152 |
+
|
153 |
+
<!-- Basic Policies -->
|
154 |
+
<h3>' . __('Basic Policies', 'ninjafirewall'). '</h3>
|
155 |
+
|
156 |
+
<strong>HTTP / HTTPS</strong>
|
157 |
+
<li>' . __('Whether to filter HTTP and/or HTTPS traffic', 'ninjafirewall'). '</li>
|
158 |
+
<br />
|
159 |
+
<strong>' . __('Uploads', 'ninjafirewall'). '</strong>
|
160 |
+
<li>' . __('File Uploads:', 'ninjafirewall'). '<span class="description"> ' . __('whether to allow/disallow file uploads.', 'ninjafirewall'). '</span></li>
|
161 |
+
<li>' . __('Sanitise filenames:', 'ninjafirewall'). '<span class="description"> ' . __('any character that is not a letter <code>a-zA-Z</code>, a digit <code>0-9</code>, a dot <code>.</code>, a hyphen <code>-</code> or an underscore <code>_</code> will be removed from the filename and replaced with the substitution character.', 'ninjafirewall'). '</span></li>
|
162 |
+
<br />
|
163 |
+
<strong>WordPress</strong>
|
164 |
+
<li>' . __('Whether to block direct access to PHP files located in specific WordPress directories.', 'ninjafirewall'). '</li>
|
165 |
+
<li>' . __('Protect against username enumeration:', 'ninjafirewall'). '<span class="description"> ' . __('it is possible to enumerate usernames either through the WordPress author archives, the REST API or the login page. Although this is not a vulnerability but a WordPress feature, some hackers use it to retrieve usernames in order to launch more accurate brute-force attacks. If it is a failed login attempt, NinjaFirewall will sanitise the error message returned by WordPress. If it is an author archives scan, it will invalidate it and redirect the user to the blog index page. Regarding the WP REST API, it will block the request immediately.', 'ninjafirewall'). '</span></li>
|
166 |
+
<li>' . __('WordPress REST API:', 'ninjafirewall'). '<span class="description"> ' . __('it allows you to access your WordPress site\'s data through an easy-to-use HTTP REST API. Since WordPress 4.7, it is enabled by default. NinjaFirewall allows you to block any access to that API if you do not intend to use it.', 'ninjafirewall'). '</span></li>
|
167 |
+
<li>' . __('WordPress XML-RPC API:', 'ninjafirewall'). '<span class="description"> ' . __('XML-RPC is a remote procedure call (RPC) protocol which uses XML to encode its calls and HTTP as a transport mechanism. WordPress has an XMLRPC API that can be accessed through the <code>xmlrpc.php</code> file. Since WordPress version 3.5, it is always activated and cannot be turned off. NinjaFirewall allows you to immediately block any access to that file, or only to block an access using the <code>system.multicall</code> method often used in brute-force amplification attacks or to block Pingbacks.', 'ninjafirewall'). '</span></li>
|
168 |
+
<li>' . __('Block <code>POST</code> requests in the themes folder <code>/wp-content/themes</code>:', 'ninjafirewall'). '<span class="description"> ' . __('this option can be useful to block hackers from installing backdoor in the PHP theme files. However, because some custom themes may include an HTML form (contact, search form etc), this option is not enabled by default.', 'ninjafirewall'). '</span></li>
|
169 |
+
<li>' . __('Force SSL for admin and logins <code>FORCE_SSL_ADMIN</code>:', 'ninjafirewall'). '<span class="description"> ' . __('enable this option when you want to secure logins and the admin area so that both passwords and cookies are never sent in the clear. Ensure that you can access your admin console from HTTPS before enabling this option, otherwise you will lock yourself out of your site!', 'ninjafirewall'). '</span></li>
|
170 |
+
<li>' . __('Disable the plugin and theme editor <code>DISALLOW_FILE_EDIT</code>:', 'ninjafirewall'). '<span class="description"> ' . __('disabling the plugin and theme editor provides an additional layer of security if a hacker gains access to a well-privileged user account.', 'ninjafirewall'). '</span></li>
|
171 |
+
<li>' . __('Disable plugin and theme update/installation <code>DISALLOW_FILE_MODS</code>:', 'ninjafirewall'). '<span class="description"> ' . __('this option will block users being able to use the plugin and theme installation/update functionality from the WordPress admin area. Setting this constant also disables the Plugin and Theme editor.', 'ninjafirewall'). '</span></li>
|
172 |
+
|
173 |
+
<br />
|
174 |
+
|
175 |
+
<!-- Intermediate Policies -->
|
176 |
+
<h3>' . __('Intermediate Policies', 'ninjafirewall'). '</h3>
|
177 |
+
|
178 |
+
<strong>' . __('HTTP GET variable', 'ninjafirewall'). '</strong>
|
179 |
+
<li>' . __('Whether to scan and/or sanitise the <code>GET</code> variable.', 'ninjafirewall'). '</li>
|
180 |
+
<br />
|
181 |
+
<strong>' . __('HTTP POST variable', 'ninjafirewall'). '</strong>
|
182 |
+
<li>' . __('Whether to scan and/or sanitise the <code>POST</code> variable.', 'ninjafirewall'). '</li>
|
183 |
+
<li>' . __('Decode Base64-encoded <code>POST</code> variable:', 'ninjafirewall'). '<span class="description"> ' . __('NinjaFirewall will decode and scan base64 encoded values in order to detect obfuscated malicious code. This option is only available for the <code>POST</code> variable.', 'ninjafirewall'). '</span></li>
|
184 |
+
<br />
|
185 |
+
<strong>' . __('HTTP REQUEST variable', 'ninjafirewall'). '</strong>
|
186 |
+
<li>' . __('Whether to sanitise the <code>REQUEST</code> variable.', 'ninjafirewall'). '</li>
|
187 |
+
<br />
|
188 |
+
<strong>' . __('Cookies', 'ninjafirewall'). '</strong>
|
189 |
+
<li>' . __('Whether to scan and/or sanitise cookies.', 'ninjafirewall'). '</li>
|
190 |
+
<br />
|
191 |
+
<strong>' . __('HTTP_USER_AGENT server variable', 'ninjafirewall'). '</strong>
|
192 |
+
<li>' . __('Whether to scan and/or sanitise <code>HTTP_USER_AGENT</code> requests.', 'ninjafirewall'). '</li>
|
193 |
+
<li>' . __('Block suspicious bots/scanners:', 'ninjafirewall'). '<span class="description"> ' . __('rejects some known bots, scanners and various malicious scripts attempting to access your blog.', 'ninjafirewall'). '</span></li>
|
194 |
+
<br />
|
195 |
+
<strong>' . __('HTTP_REFERER server variable', 'ninjafirewall'). '</strong>
|
196 |
+
<li>' . __('Whether to scan and/or sanitise <code>HTTP_REFERER</code> requests.', 'ninjafirewall'). '</li>
|
197 |
+
<li>' . __('Block POST requests that do not have an <code>HTTP_REFERER</code> header:', 'ninjafirewall'). '<span class="description"> ' . __('this option will block any <code>POST</code> request that does not have a Referrer header (<code>HTTP_REFERER</code> variable). If you need external applications to post to your scripts (e.g. Paypal IPN, WordPress WP-Cron...), you are advised to keep this option disabled otherwise they will likely be blocked. Note that <code>POST</code> requests are not required to have a Referrer header and, for that reason, this option is disabled by default.', 'ninjafirewall'). '</span></li>
|
198 |
+
<br />
|
199 |
+
<strong>IP</strong>
|
200 |
+
<li>' . __('Block localhost IP in <code>GET/POST</code> requests:', 'ninjafirewall'). '<span class="description"> ' . __('this option will block any <code>GET</code> or <code>POST</code> request containing the localhost IP (127.0.0.1). It can be useful to block SQL dumpers and various hacker\'s shell scripts.', 'ninjafirewall'). '</span></li>
|
201 |
+
<li>' . __('Block HTTP requests with an IP in the <code>HTTP_HOST</code> header:', 'ninjafirewall'). '<span class="description"> ' . sprintf( __('this option will reject any request using an IP instead of a domain name in the <code>Host</code> header of the HTTP request. Unless you need to connect to your site using its IP address, (e.g. %s), enabling this option will block a lot of hackers scanners because such applications scan IPs rather than domain names.', 'ninjafirewall'), 'http://' . htmlspecialchars($_SERVER['SERVER_ADDR']) . '/index.php'). '</span></li>
|
202 |
+
<li>' . __('Scan traffic coming from localhost and private IP address spaces:', 'ninjafirewall'). '<span class="description"> ' . __('this option will allow the firewall to scan traffic from all non-routable private IPs (IPv4 and IPv6) as well as the localhost IP. We recommend to keep it enabled if you have a private network (2 or more servers interconnected).', 'ninjafirewall'). '</span></li>
|
203 |
+
|
204 |
+
<br />
|
205 |
+
|
206 |
+
<!-- Advanced Policies -->
|
207 |
+
<h3>' . __('Advanced Policies', 'ninjafirewall'). '</h3>
|
208 |
+
|
209 |
+
<strong>' . __('HTTP response headers', 'ninjafirewall'). '</strong>
|
210 |
+
<br />
|
211 |
+
' . __('In addition to filtering incoming requests, NinjaFirewall can also hook the HTTP response in order to alter its headers. Those modifications can help to mitigate threats such as XSS, phishing and clickjacking attacks.', 'ninjafirewall'). '
|
212 |
+
<br />
|
213 |
+
<li>' . __('Set <code>X-Content-Type-Options</code> to protect against MIME type confusion attacks:', 'ninjafirewall'). '<span class="description"> ' . __('sending this response header with the <code>nosniff</code> value will prevent compatible browsers from MIME-sniffing a response away from the declared content-type.', 'ninjafirewall'). '</span></li>
|
214 |
+
<li>' . __('Set <code>X-Frame-Options</code> to protect against clickjacking attempts:', 'ninjafirewall'). '<span class="description"> ' . __('this header indicates a policy whether a browser must not allow to render a page in a <frame> or <iframe>. Hosts can declare this policy in the header of their HTTP responses to prevent clickjacking attacks, by ensuring that their content is not embedded into other pages or frames. NinjaFirewall accepts two different values:', 'ninjafirewall'). '
|
215 |
+
<ul>
|
216 |
+
<li><code>SAMEORIGIN</code>: ' . __('a browser receiving content with this header must not display this content in any frame from a page of different origin than the content itself.', 'ninjafirewall'). '</li>
|
217 |
+
<li><code>DENY</code>: ' . __('a browser receiving content with this header must not display this content in any frame.', 'ninjafirewall'). '</li>
|
218 |
+
</ul>
|
219 |
+
</span>
|
220 |
+
' . __('NinjaFirewall does not support the <code>ALLOW-FROM</code> value.', 'ninjafirewall'). '
|
221 |
+
<br />' .
|
222 |
+
__('Since v3.1.3, WordPress sets this value to <code>SAMEORIGIN</code> for the administrator and the login page only.', 'ninjafirewall'). '</li>
|
223 |
+
<li>' . __('Enforce <code>X-XSS-Protection</code> (IE, Chrome and Safari browsers):', 'ninjafirewall'). '<span class="description"> ' . __('this header allows compatible browsers to identify and block XSS attack by preventing the malicious script from executing. NinjaFirewall will set its value to <code>1; mode=block</code>.', 'ninjafirewall'). '</span></li>
|
224 |
+
<li>' . __('Force <code>HttpOnly</code> flag on all cookies to mitigate XSS attacks:', 'ninjafirewall'). '<span class="description"> ' . __('adding this flag to cookies helps to mitigate the risk of cross-site scripting by preventing them from being accessed through client-side script. NinjaFirewall can hook all cookies sent by your blog, its plugins or any other PHP script, add the <code>HttpOnly</code> flag if it is missing, and re-inject those cookies back into your server HTTP response headers right before they are sent to your visitors. Note that WordPress sets that flag on the logged in user cookies only.', 'ninjafirewall'). '</span></li>
|
225 |
+
<p><img src="' . plugins_url( '/images/icon_warn_16.png', __DIR__ ) . '" height="16" border="0" width="16"> <span class="description">' . __('If your PHP scripts send cookies that need to be accessed from JavaScript, you should keep that option disabled.', 'ninjafirewall'). '</span></p>
|
226 |
+
<li>' . __('Set <code>Strict-Transport-Security</code> (HSTS) to enforce secure connections to the server:', 'ninjafirewall'). '<span class="description"> ' . __('this policy enforces secure HTTPS connections to the server. Web browsers will not allow the user to access the web application over insecure HTTP protocol. It helps to defend against cookie hijacking and Man-in-the-middle attacks. Most recent browsers support HSTS headers.', 'ninjafirewall'). '</span></li>
|
227 |
+
<li>' . __('Set <code>Content-Security-Policy</code>:', 'ninjafirewall'). '<span class="description"> ' . __('this policy helps to mitigate threats such as XSS, phishing and clickjacking attacks. It covers JavaScript, CSS, HTML frames, web workers, fonts, images, objects (Java, ActiveX, audio and video files), and other HTML5 features.', 'ninjafirewall'). ' ' . __('NinjaFirewall lets you configure the CSP policy separately for the frontend (blog, website) and the backend (WordPress admin dashboard).', 'ninjafirewall') . '</span></li>
|
228 |
+
<br />
|
229 |
+
<strong>PHP</strong>
|
230 |
+
<li>' . __('Block PHP built-in wrappers:', 'ninjafirewall'). '<span class="description"> ' . __('PHP has several wrappers for use with the filesystem functions. It is possible for an attacker to use them to bypass firewalls and various IDS to exploit remote and local file inclusions. This option lets you block any script attempting to pass a <code>expect://</code>, <code>file://</code>, <code>phar://</code>, <code>php://</code>, <code>zip://</code> or <code>data://</code> stream inside a <code>GET</code> or <code>POST</code> request, cookies, user agent and referrer variables.', 'ninjafirewall'). '</span></li>
|
231 |
+
<li>' . sprintf( __('Block serialized PHP objects:', 'ninjafirewall'). '<span class="description"> ' . __('Object Serialization is a PHP feature used by many applications to generate a storable representation of a value. However, some insecure PHP applications and plugins can turn that feature into a critical vulnerability called <a href="%s">PHP Object Injection</a>. This option can block serialized PHP objects found inside a a <code>GET</code> or <code>POST</code> request, cookies, user agent and referrer variables.', 'ninjafirewall'), 'https://www.owasp.org/index.php/PHP_Object_Injection'). '</span></li>
|
232 |
+
<li>' . __('Hide PHP notice and error messages:', 'ninjafirewall'). '<span class="description"> ' . __('this option lets you hide errors returned by your scripts. Such errors can leak sensitive informations which can be exploited by hackers.', 'ninjafirewall'). '</span></li>
|
233 |
+
<li>' . __('Sanitise <code>PHP_SELF</code>, <code>PATH_TRANSLATED</code>, <code>PATH_INFO</code>:', 'ninjafirewall'). '<span class="description"> ' . __('this option can sanitise any dangerous characters found in those 3 server variables to prevent various XSS and database injection attempts.', 'ninjafirewall'). '</span></li>
|
234 |
+
<br />
|
235 |
+
<strong>' . __('Various', 'ninjafirewall'). '</strong>
|
236 |
+
<li>' . sprintf( __('Block the <code>DOCUMENT_ROOT</code> server variable (%s) in HTTP requests:', 'ninjafirewall'), '<code>' . $_SERVER['DOCUMENT_ROOT'] . '</code>'). '<span class="description"> ' . __('this option will block scripts attempting to pass the <code>DOCUMENT_ROOT</code> server variable in a <code>GET</code> or <code>POST</code> request. Hackers use shell scripts that often need to pass this value, but most legitimate programs do not.', 'ninjafirewall'). '</span></li>
|
237 |
+
<li>' . __('Block ASCII character 0x00 (NULL byte):', 'ninjafirewall'). '<span class="description"> ' . __('this option will reject any <code>GET</code> or <code>POST</code> request, <code>HTTP_USER_AGENT</code>, <code>REQUEST_URI</code>, <code>PHP_SELF</code>, <code>PATH_INFO</code>, <code>HTTP_REFERER</code> variables containing the ASCII character 0x00 (NULL byte). Such a character is dangerous and should always be rejected.', 'ninjafirewall'). '</span></li>
|
238 |
+
<li>' . __('Block ASCII control characters 1 to 8 and 14 to 31:', 'ninjafirewall'). '<span class="description"> ' . __('this option will reject any <code>GET</code> or <code>POST</code> request, <code>HTTP_USER_AGENT</code>, <code>HTTP_REFERER</code> variables containing ASCII characters from 1 to 8 and 14 to 31.', 'ninjafirewall'). '</span></li>
|
239 |
+
|
240 |
+
</div>'
|
241 |
+
) );
|
242 |
+
get_current_screen()->add_help_tab( array(
|
243 |
+
'id' => 'policies03',
|
244 |
+
'title' => __('Users Whitelist', 'ninjafirewall'),
|
245 |
+
'content' => '<br />'.
|
246 |
+
sprintf( __('By default, any logged in WordPress administrator will not be blocked by NinjaFirewall. You can also add any logged in users to the whitelist (make sure you trust them all before doing so).<br />This feature applies to all Firewall Policies listed below, except <code>FORCE_SSL_ADMIN</code>, <code>DISALLOW_FILE_EDIT</code>, <code>DISALLOW_FILE_MODS</code> options and the <a href="%s">Login Protection</a> which, if enabled, are always enforced.', 'ninjafirewall'), '?page=nfsubloginprot').
|
247 |
+
'<br />'
|
248 |
+
) );
|
249 |
+
|
250 |
+
}
|
251 |
+
/* ------------------------------------------------------------------ */ // i18n+
|
252 |
+
|
253 |
+
function help_nfsubfileguard() {
|
254 |
+
|
255 |
+
// File Guard :
|
256 |
+
get_current_screen()->add_help_tab( array(
|
257 |
+
'id' => 'fileguard01',
|
258 |
+
'title' => __('File Guard', 'ninjafirewall'),
|
259 |
+
'content' => '<br/>' .
|
260 |
+
__('File Guard can detect, in real-time, any access to a PHP file that was recently modified or created, and alert you about this.', 'ninjafirewall') .
|
261 |
+
'<br />' .
|
262 |
+
__('If a hacker uploaded a shell script to your site (or injected a backdoor into an already existing file) and tried to directly access that file using his browser or a script, NinjaFirewall would hook the HTTP request and immediately detect that the file was recently modified/created. It would send you a detailed alert (script name, IP, request, date and time). Alerts will be sent to the contact email address defined in the "Event Notifications" menu.', 'ninjafirewall') .
|
263 |
+
'<p>' . __('If you do not want to monitor a folder, you can exclude its full path or a part of it (e.g., <code>/var/www/public_html/cache/</code> or <code>/cache/</code> etc). NinjaFirewall will compare this value to the <code>$_SERVER["SCRIPT_FILENAME"]</code> server variable and, if it matches, will ignore it.', 'ninjafirewall') . '</p>' .
|
264 |
+
__('Multiple values must be comma-separated (e.g., <code>/foo/bar/,/cache/</code>).', 'ninjafirewall') .'</li>' .
|
265 |
+
'<p><img src="' . plugins_url( '/images/icon_warn_16.png', __DIR__ ) . '" height="16" border="0" width="16"> <span class="description">' . __('File Guard real-time detection is a totally unique feature, because NinjaFirewall is the only plugin for WordPress that can hook HTTP requests sent to any PHP script, even if that script is not part of the WordPress package (third-party software, shell script, backdoor etc).', 'ninjafirewall') . '</span></p>'
|
266 |
+
) );
|
267 |
+
}
|
268 |
+
/* ------------------------------------------------------------------ */ // i18n+
|
269 |
+
function help_nfsubnetwork() {
|
270 |
+
|
271 |
+
// Network (multisite version only) :
|
272 |
+
get_current_screen()->add_help_tab( array(
|
273 |
+
'id' => 'network01',
|
274 |
+
'title' => __('Network', 'ninjafirewall'),
|
275 |
+
'content' => '<br />' .
|
276 |
+
__('Even if NinjaFirewall administration menu is only available to the Super Admin (from the main site), you can still display its status to all sites in the network by adding a small NinjaFirewall icon to their admin bar. It will be visible only to the administrators of those sites.', 'ninjafirewall') .
|
277 |
+
'<br />' .
|
278 |
+
__('It is recommended to enable this feature as it is the only way to know whether the sites in your network are protected and if NinjaFirewall installation was successful.', 'ninjafirewall') .
|
279 |
+
'<br />'.
|
280 |
+
__('Note that when it is disabled, the icon still remains visible to you, the Super Admin.', 'ninjafirewall')
|
281 |
+
) );
|
282 |
+
}
|
283 |
+
/* ------------------------------------------------------------------ */ // i18n+
|
284 |
+
|
285 |
+
function help_nfsubfilecheck() {
|
286 |
+
|
287 |
+
// File check menu help :
|
288 |
+
get_current_screen()->add_help_tab( array(
|
289 |
+
'id' => 'filecheck01',
|
290 |
+
'title' => __('File Check', 'ninjafirewall'),
|
291 |
+
'content' => '<p>'. __('File Check lets you perform file integrity monitoring upon request or on a specific interval.', 'ninjafirewall') .
|
292 |
+
'<br />' .
|
293 |
+
__('You need to create a snapshot of all your files and then, at a later time, you can scan your system to compare it with the previous snapshot. Any modification will be immediately detected: file content, file permissions, file ownership, timestamp as well as file creation and deletion.', 'ninjafirewall') .'</p>' .
|
294 |
+
'<li>'. sprintf( __('Create a snapshot of all files stored in that directory: by default, the directory is set to WordPress <code>ABSPATH</code> (%s)', 'ninjafirewall'), '<code>' . ABSPATH . '</code>') .'</li>'.
|
295 |
+
'<li>'. __('Exclude the following files/folders: you can enter a directory or a file name (e.g., <code>/foo/bar/</code>), or a part of it (e.g., <code>foo</code>). Or you can exclude a file extension (e.g., <code>.css</code>).', 'ninjafirewall') .
|
296 |
+
'<br />' .
|
297 |
+
__('Multiple values must be comma-separated (e.g., <code>/foo/bar/,.css,.png</code>).', 'ninjafirewall') .'</li>' .
|
298 |
+
'<li>'. __('Do not follow symbolic links: by default, NinjaFirewall will not follow symbolic links.', 'ninjafirewall') .'</li>'
|
299 |
+
) );
|
300 |
+
|
301 |
+
get_current_screen()->add_help_tab( array(
|
302 |
+
'id' => 'filecheck02',
|
303 |
+
'title' => __('Scheduled scans', 'ninjafirewall'),
|
304 |
+
'content' => '<p>'. __('NinjaFirewall can scan your system on a specific interval (hourly, twicedaily or daily).', 'ninjafirewall').
|
305 |
+
'<br />'.
|
306 |
+
__('It can either send you a scan report only if changes are detected, or always send you one after each scan.', 'ninjafirewall').
|
307 |
+
'<br />'.
|
308 |
+
__('Reports will be sent to the contact email address defined in the "Event Notifications" menu.', 'ninjafirewall'). '</p>'.
|
309 |
+
|
310 |
+
'<p><img src="' . plugins_url( '/images/icon_warn_16.png', __DIR__ ) . '" height="16" border="0" width="16"> <span class="description">'. sprintf( __('Scheduled scans rely on <a href="%s">WordPress pseudo cron</a> which works only if your site gets sufficient traffic.', 'ninjafirewall'), 'http://codex.wordpress.org/Category:WP-Cron_Functions') . '</span></p>'
|
311 |
+
) );
|
312 |
+
|
313 |
+
}
|
314 |
+
|
315 |
+
/* ------------------------------------------------------------------ */ // i18n+
|
316 |
+
|
317 |
+
function help_nfsubevent() {
|
318 |
+
|
319 |
+
// Event Notifications menu help :
|
320 |
+
|
321 |
+
get_current_screen()->add_help_tab( array(
|
322 |
+
'id' => 'log01',
|
323 |
+
'title' => __('Event Notifications', 'ninjafirewall'),
|
324 |
+
'content' => '<br />' . __('NinjaFirewall can alert you by email on specific events triggered within your blog. They include installations, updates, activations etc, as well as users login and modification of any administrator account in the database. Some of those alerts are enabled by default and it is highly recommended to keep them enabled. It is not unusual for a hacker, after breaking into your WordPress admin console, to install or just to upload a backdoored plugin or theme in order to take full control of your website.', 'ninjafirewall')
|
325 |
+
) );
|
326 |
+
}
|
327 |
+
/* ------------------------------------------------------------------ */ // i18n+
|
328 |
+
|
329 |
+
function help_nfsublogin() {
|
330 |
+
|
331 |
+
// Login protection menu help :
|
332 |
+
|
333 |
+
get_current_screen()->add_help_tab( array(
|
334 |
+
'id' => 'login01',
|
335 |
+
'title' => __('Login Protection', 'ninjafirewall'),
|
336 |
+
'content' => '
|
337 |
+
<div style="height:250px;">
|
338 |
+
|
339 |
+
<p>' . __('By processing incoming HTTP requests before your blog and any of its plugins, NinjaFirewall is the only plugin for WordPress able to protect it against very large brute-force attacks, including distributed attacks coming from several thousands of different IPs.', 'ninjafirewall') .
|
340 |
+
|
341 |
+
'<p>' . __('You can choose two different types of protection: a password or a captcha. You can enable the protection only if an attack is detected or to keep it always activated.', 'ninjafirewall') . '</p>
|
342 |
+
|
343 |
+
<strong>' . __('Yes, if under attack:', 'ninjafirewall') . '</strong>
|
344 |
+
<br />' .
|
345 |
+
__('The protection will be triggered when too many login attempts are detected, regardless of the offending IP. It blocks the attack instantly and prevents it from reaching WordPress, but still allows you to access your administration console using either the predefined username/password combination or the captcha code. ', 'ninjafirewall') . '
|
346 |
+
<br />
|
347 |
+
<strong>' . __('Always ON:', 'ninjafirewall') . '</strong>
|
348 |
+
<br />'.
|
349 |
+
__('NinjaFirewall will always enforce the HTTP authentication or captcha implementation each time you access the login page.', 'ninjafirewall') . '
|
350 |
+
<br />
|
351 |
+
<br />
|
352 |
+
<strong>' . __('Type of protection:', 'ninjafirewall') . '</strong>
|
353 |
+
<p>' . __('<b>Password:</b> It password-protects the login page. NinjaFirewall uses its own very fast authentication scheme and it is compatible with any HTTP server (Apache, Nginx, Lighttpd etc).', 'ninjafirewall') . '</p>
|
354 |
+
<p>' . __('<b>Captcha:</b> It will display a 5-character captcha code.', 'ninjafirewall') . '</p>
|
355 |
+
<p><b>' . __('Bot protection:', 'ninjafirewall') . '</b>
|
356 |
+
<br />' . __('NinjaFirewall will attempt to block bots and scripts immediately, i.e., even before they start a brute-force attack.', 'ninjafirewall') . '</p>
|
357 |
+
|
358 |
+
<br />
|
359 |
+
</div>'
|
360 |
+
) );
|
361 |
+
|
362 |
+
get_current_screen()->add_help_tab( array(
|
363 |
+
'id' => 'login02',
|
364 |
+
'title' => __('AUTH log', 'ninjafirewall'),
|
365 |
+
'content' => '
|
366 |
+
<div style="height:250px;">
|
367 |
+
<p>' . __('NinjaFirewall can write to the server Authentication log when the brute-force protection is triggered. This can be useful to the system administrator for monitoring purposes or banning IPs at the server level.', 'ninjafirewall') . '
|
368 |
+
<br />' .
|
369 |
+
__('If you have a shared hosting account, keep this option disabled as you do not have any access to the server\'s logs.', 'ninjafirewall') .
|
370 |
+
'<br />' .
|
371 |
+
__('On Debian-based systems, the log is located in <code>/var/log/auth.log</code>, and on Red Hat-based systems in <code>/var/log/secure</code>. The logline uses the following format:', 'ninjafirewall') .
|
372 |
+
'<p><code>ninjafirewall[<font color="red">AA</font>]: Possible brute-force attack from <font color="red">BB</font> on <font color="red">CC</font> (<font color="red">DD</font>). Blocking access for <font color="red">EE</font>mn.</code><p>
|
373 |
+
<ul>
|
374 |
+
<li>' . __('AA: the process ID (PID).', 'ninjafirewall') . '</li>
|
375 |
+
<li>' . __('BB: the user IPv4 or IPv6 address.', 'ninjafirewall') . '</li>
|
376 |
+
<li>' . __('CC: the blog (sub-)domain name.', 'ninjafirewall') . '</li>
|
377 |
+
<li>' . __('DD: the target: it can be either <code>wp-login.php</code> or <code>XML-RPC API</code>.', 'ninjafirewall') . '</li>
|
378 |
+
<li>' . __('EE: the time, in minutes, the protection will remain active.', 'ninjafirewall') . '</li>
|
379 |
+
</ul>'.
|
380 |
+
__('Sample loglines:', 'ninjafirewall') .
|
381 |
+
'<br />
|
382 |
+
<textarea class="small-text code" style="width:100%;height:80px;" wrap="off">Aug 31 01:40:35 www ninjafirewall[6191]: Possible brute-force attack from 172.16.0.1 on mysite.com (wp-login.php). Blocking access for 5mn.'. "\n" . 'Aug 31 01:45:28 www ninjafirewall[6192]: Possible brute-force attack from fe80::6e88:14ff:fe3e:86f0 on blog.domain.com (XML-RPC API). Blocking access for 25mn.</textarea>
|
383 |
+
<p><img src="' . plugins_url( '/images/icon_warn_16.png', __DIR__ ) . '" height="16" border="0" width="16"> <span class="description">' . sprintf( __('Be careful if you are behind a load balancer, reverse-proxy or CDN because the Login Protection feature will always record the <code>REMOTE_ADDR</code> IP. If you have an application parsing the AUTH log in order to ban IPs (e.g. Fail2ban), you <strong>must</strong> setup your HTTP server to forward the correct IP (or use the <code><a href="%s">.htninja</a></code> file), otherwise you will likely block legitimate users.', 'ninjafirewall'), 'https://nintechnet.com/ninjafirewall/wp-edition/help/?htninja') . '</span></p>
|
384 |
+
</div>'
|
385 |
+
) );
|
386 |
+
|
387 |
+
|
388 |
+
}
|
389 |
+
/* ------------------------------------------------------------------ */ // i18n+
|
390 |
+
|
391 |
+
function help_nfsublog() {
|
392 |
+
|
393 |
+
// Firewall log menu help :
|
394 |
+
|
395 |
+
get_current_screen()->add_help_tab( array(
|
396 |
+
'id' => 'log01',
|
397 |
+
'title' => __('Firewall Log', 'ninjafirewall'),
|
398 |
+
'content' => '<br />'.
|
399 |
+
__('The firewall log displays blocked and sanitised requests as well as some useful information. It has 6 columns:', 'ninjafirewall') . '
|
400 |
+
<li>' . __('DATE : date and time of the incident.', 'ninjafirewall') . '</li>
|
401 |
+
<li>' . __('INCIDENT : unique incident number/ID as it was displayed to the blocked user.', 'ninjafirewall') . '</li>
|
402 |
+
<li>' . __('LEVEL : level of severity (<code>CRITICAL</code>, <code>HIGH</code> or <code>MEDIUM</code>), information (<code>INFO</code>, <code>UPLOAD</code>) and debugging mode (<code>DEBUG_ON</code>).', 'ninjafirewall') . '</li>
|
403 |
+
<li>' . __('RULE : reference of the NinjaFirewall built-in security rule that triggered the action. A hyphen (<code>-</code>) instead of a number means it was a rule from the "Firewall Policies" page.', 'ninjafirewall') . '</li>
|
404 |
+
<li>' . __('IP : the user IPv4 or IPv6 address.', 'ninjafirewall') . '</li>
|
405 |
+
<li>' . __('REQUEST : the HTTP request including offending variables and values as well as the reason the action was logged.', 'ninjafirewall') . '</li>'
|
406 |
+
) );
|
407 |
+
|
408 |
+
// Centralized Logging tab:
|
409 |
+
get_current_screen()->add_help_tab( array(
|
410 |
+
'id' => 'log04',
|
411 |
+
'title' => __('Centralized Logging', 'ninjafirewall'),
|
412 |
+
'content' =>
|
413 |
+
'<p>'. __('Centralized Logging lets you remotely access the firewall log of all your NinjaFirewall protected websites from one single installation. You do not need any longer to log in to individual servers to analyse your log data.', 'ninjafirewall') . ' ' . sprintf( __('<a href="%s">Consult our blog</a> for more info about it.', 'ninjafirewall'), 'https://blog.nintechnet.com/centralized-logging-with-ninjafirewall/' ) . '</p>' .
|
414 |
+
'<li>' . __('Enter your public key (optional): This is the public key that was created from your main server.', 'ninjafirewall') . '</li>' .
|
415 |
+
|
416 |
+
'<p><img src="' . plugins_url( '/images/icon_warn_16.png', __DIR__ ) . '" height="16" border="0" width="16"> <span class="description">'.
|
417 |
+
__('Centralized Logging will keep working even if NinjaFirewall is disabled. Delete your public key below if you want to disable it.', 'ninjafirewall') .
|
418 |
+
'</span></p>'
|
419 |
+
) );
|
420 |
+
|
421 |
+
}
|
422 |
+
/* ------------------------------------------------------------------ */ // i18n+
|
423 |
+
|
424 |
+
function help_nfsublivelog() {
|
425 |
+
|
426 |
+
// Firewall Live Log menu help :
|
427 |
+
|
428 |
+
get_current_screen()->add_help_tab( array(
|
429 |
+
'id' => 'log01',
|
430 |
+
'title' => __('Live Log', 'ninjafirewall'),
|
431 |
+
'content' =>
|
432 |
+
'<p>' . __('Live Log lets you watch your website traffic in real time. It displays connections in a format similar to the one used by most HTTP server logs. Note that requests sent to static elements like JS/CSS files and images are not managed by NinjaFirewall.', 'ninjafirewall') .'</p>
|
433 |
+
|
434 |
+
<p>' . __('You can enable/disable the monitoring process, change the refresh rate, clear the screen, enable automatic vertical scrolling, change the log format, select which traffic you want to view (HTTP/HTTPS) and the timezone as well.', 'ninjafirewall') .
|
435 |
+
'</p>
|
436 |
+
|
437 |
+
<p>' . __('Live Log does not make use of any WordPress core file (e.g., <code>admin-ajax.php</code>). It communicates directly with the firewall without loading WordPress bootstrap. Consequently, it is fast, light and it should not affect your server load, even if you set its refresh rate to the lowest value.', 'ninjafirewall') . '</p>
|
438 |
+
|
439 |
+
<p><img src="' . plugins_url( '/images/icon_warn_16.png', __DIR__ ) . '" height="16" border="0" width="16"> <span class="description">' . __('If you are using the optional <code>.htninja</code> configuration file to whitelist your IP, the Live Log feature will not work.', 'ninjafirewall') . '
|
440 |
+
</span></p>'
|
441 |
+
) );
|
442 |
+
get_current_screen()->add_help_tab( array(
|
443 |
+
'id' => 'log02',
|
444 |
+
'title' => __('Log Format', 'ninjafirewall'),
|
445 |
+
'content' => '<p>'. __('You can easily customize the log format. Possible values are:', 'ninjafirewall') .'</p>' .
|
446 |
+
'<li>'. __('<code>%time</code>: the server date, time and timezone.', 'ninjafirewall') . '</li>' .
|
447 |
+
'<li>'. __('<code>%name</code>: authenticated user (HTTP basic auth), if any.', 'ninjafirewall') . '</li>' .
|
448 |
+
'<li>'. __('<code>%client</code>: the client REMOTE_ADDR. If you are behind a load balancer or CDN, this will be its IP.', 'ninjafirewall') . '</li>' .
|
449 |
+
'<li>'. __('<code>%method</code>: HTTP method (e.g., GET, POST).', 'ninjafirewall') . '</li>' .
|
450 |
+
'<li>'. __('<code>%uri</code>: the URI which was given in order to access the page (REQUEST_URI).', 'ninjafirewall') . '</li>' .
|
451 |
+
'<li>'. __('<code>%referrer</code>: the referrer (HTTP_REFERER), if any.', 'ninjafirewall') . '</li>' .
|
452 |
+
'<li>'. __('<code>%ua</code>: the user-agent (HTTP_USER_AGENT), if any.', 'ninjafirewall') . '</li>' .
|
453 |
+
'<li>'. __('<code>%forward</code>: HTTP_X_FORWARDED_FOR, if any. If you are behind a load balancer or CDN, this will likely be the visitor true IP.', 'ninjafirewall') . '</li>' .
|
454 |
+
'<li>'. __('<code>%host</code>: the requested host (HTTP_HOST), if any.', 'ninjafirewall') . '</li>' .
|
455 |
+
__('Additionally, you can include any of the following characters: <code>"</code>, <code>%</code>, <code>[</code>, <code>]</code>, <code>space</code> and lowercase letters <code>a-z</code>.', 'ninjafirewall')
|
456 |
+
) );
|
457 |
+
}
|
458 |
+
|
459 |
+
/* ------------------------------------------------------------------ */ // i18n+
|
460 |
+
|
461 |
+
function help_nfsubedit() {
|
462 |
+
|
463 |
+
// Firewall Rules Editor menu help :
|
464 |
+
|
465 |
+
get_current_screen()->add_help_tab( array(
|
466 |
+
'id' => 'editor01',
|
467 |
+
'title' => __('Rules Editor', 'ninjafirewall'),
|
468 |
+
'content' => '<br />' .
|
469 |
+
__('Besides the "Firewall Policies", NinjaFirewall includes also a large set of built-in rules used to protect your blog against the most common vulnerabilities and hacking attempts. They are always enabled and you cannot edit them, but if you notice that your visitors are wrongly blocked by some of those rules, you can use the Rules Editor below to disable them individually:', 'ninjafirewall') . '
|
470 |
+
<br />
|
471 |
+
<li>'. __('Check your firewall log and find the rule ID you want to disable (it is displayed in the <code>RULE</code> column).', 'ninjafirewall') . '</li>
|
472 |
+
<li>'. __('Select its ID from the enabled rules list below and click the "Disable it" button.', 'ninjafirewall') . '</li>
|
473 |
+
<br />
|
474 |
+
<span class="description">'. __('Note: if the <code>RULE</code> column from your log shows a hyphen <code>-</code> instead of a number, that means that the rule can be changed in the "Firewall Policies" page.', 'ninjafirewall') . '</span>'
|
475 |
+
) );
|
476 |
+
|
477 |
+
get_current_screen()->add_help_tab( array(
|
478 |
+
'id' => 'editor02',
|
479 |
+
'title' => __('Credits', 'ninjafirewall'),
|
480 |
+
'content' =>
|
481 |
+
'<p>' . __('NinjaFirewall security rules protect against many vulnerabilities. Some of them were reported by the following companies, individuals or mailing lists:', 'ninjafirewall') . '<p>
|
482 |
+
<table cellpadding="2" cellspacing="3">
|
483 |
+
<tr>
|
484 |
+
<th scope="row" style="text-align:left">g0blin Research</th><td>https://g0blin.co.uk/</td>
|
485 |
+
</tr>
|
486 |
+
<tr>
|
487 |
+
<th scope="row" style="text-align:left">HomeLab IT</th><td>https://homelab.it/</td>
|
488 |
+
</tr>
|
489 |
+
<tr>
|
490 |
+
<th scope="row" style="text-align:left">Klikki Oy</th><td>https://klikki.fi/</td>
|
491 |
+
</tr>
|
492 |
+
<tr>
|
493 |
+
<th scope="row" style="text-align:left">Netsparker</th><td>https://netsparker.com/</td>
|
494 |
+
</tr>
|
495 |
+
<tr>
|
496 |
+
<th scope="row" style="text-align:left">Packet Storm</th><td>https://packetstormsecurity.com/</td>
|
497 |
+
</tr>
|
498 |
+
<tr>
|
499 |
+
<th scope="row" style="text-align:left">Plugin Vulnerabilities</th><td>https://pluginvulnerabilities.com/</td>
|
500 |
+
</tr>
|
501 |
+
<tr>
|
502 |
+
<th scope="row" style="text-align:left">Pritect Network</th><td>http://pritect.net/</td>
|
503 |
+
</tr>
|
504 |
+
<tr>
|
505 |
+
<th scope="row" style="text-align:left">SecLists.Org</th><td>http://seclists.org/ (fulldisclosure & oss-sec)</td>
|
506 |
+
</tr>
|
507 |
+
<tr>
|
508 |
+
<th scope="row" style="text-align:left">SecurityFocus</th><td>http://securityfocus.com/</td>
|
509 |
+
</tr>
|
510 |
+
<tr>
|
511 |
+
<th scope="row" style="text-align:left">Sucuri</th><td>https://sucuri.net/</td>
|
512 |
+
</tr>
|
513 |
+
<tr>
|
514 |
+
<th scope="row" style="text-align:left">Summer Of Pwnage</th><td>https://sumofpwn.nl/</td>
|
515 |
+
</tr>
|
516 |
+
<tr>
|
517 |
+
<th scope="row" style="text-align:left">Wordfence</th><td>https://wordfence.com/</td>
|
518 |
+
</tr>
|
519 |
+
<tr>
|
520 |
+
<th scope="row" style="text-align:left">WordPress Hütte</th><td>http://wphutte.com/</td>
|
521 |
+
</tr>
|
522 |
+
</table>
|
523 |
+
</span>'
|
524 |
+
) );
|
525 |
+
|
526 |
+
}
|
527 |
+
|
528 |
+
/* ------------------------------------------------------------------ */ // i18n+
|
529 |
+
|
530 |
+
function help_nfsubupdates() {
|
531 |
+
|
532 |
+
// Firewall Updates menu help :
|
533 |
+
|
534 |
+
get_current_screen()->add_help_tab( array(
|
535 |
+
'id' => 'updates01',
|
536 |
+
'title' => __('Updates', 'ninjafirewall'),
|
537 |
+
'content' => '<p>'.
|
538 |
+
__('To get the most efficient protection, you can ask NinjaFirewall to automatically update its security rules.', 'ninjafirewall') .
|
539 |
+
'<br />' .
|
540 |
+
__('Each time a new vulnerability is found in WordPress or one of its plugins/themes, a new set of security rules will be made available to protect against such vulnerability. Updates can be checked as often as daily, twice daily or even hourly.', 'ninjafirewall') .
|
541 |
+
'<br />' .
|
542 |
+
__('Only security rules will be downloaded. If a new version of NinjaFirewall (including new files, options and features) was available, it would have to be updated from the dashboard plugins menu as usual.', 'ninjafirewall') .
|
543 |
+
'</p><p>' .
|
544 |
+
__('We recommend to enable this feature, as it is the <strong>only way to keep your WordPress secure</strong> against new vulnerabilities.', 'ninjafirewall') . '</p>'
|
545 |
+
) );
|
546 |
+
}
|
547 |
+
|
548 |
+
/* ------------------------------------------------------------------ */
|
549 |
+
// EOF
|
lib/index.html
ADDED
@@ -0,0 +1 @@
|
|
|
1 |
+
<html><head><meta http-equiv="refresh" content="0;URL=../../../../"></head></html>
|
lib/install_fullwaf.php
ADDED
@@ -0,0 +1,648 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+---------------------------------------------------------------------+
|
4 |
+
| NinjaFirewall (WP Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+---------------------------------------------------------------------+
|
8 |
+
| This program is free software: you can redistribute it and/or |
|
9 |
+
| modify it under the terms of the GNU General Public License as |
|
10 |
+
| published by the Free Software Foundation, either version 3 of |
|
11 |
+
| the License, or (at your option) any later version. |
|
12 |
+
| |
|
13 |
+
| This program is distributed in the hope that it will be useful, |
|
14 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
+
| GNU General Public License for more details. |
|
17 |
+
+---------------------------------------------------------------------+ i18n+ / sa
|
18 |
+
*/
|
19 |
+
|
20 |
+
if (! defined( 'NFW_ENGINE_VERSION' ) ) { die( 'Forbidden' ); }
|
21 |
+
|
22 |
+
/* ------------------------------------------------------------------ */
|
23 |
+
|
24 |
+
function nfw_get_abspath( $err = 0 ) {
|
25 |
+
|
26 |
+
if ( $_SERVER['DOCUMENT_ROOT'] . '/' == ABSPATH ) {
|
27 |
+
$_POST['abspath'] = htmlspecialchars(ABSPATH);
|
28 |
+
nfw_presave();
|
29 |
+
return;
|
30 |
+
}
|
31 |
+
echo '
|
32 |
+
<div class="wrap">
|
33 |
+
<div style="width:33px;height:33px;background-image:url(' . plugins_url() . '/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
34 |
+
<h1>NinjaFirewall (WP Edition)</h1>';
|
35 |
+
if ( $err ) {
|
36 |
+
echo '<div class="error settings-error"><p>' . __('Error:', 'ninjafirewall') .' '. $err . '</p></div>';
|
37 |
+
}
|
38 |
+
echo '
|
39 |
+
<form method="post">
|
40 |
+
<p>' . sprintf(__('Your WordPress directory (%s) is different from your website document root (%s). Because it is possible to install WordPress into a subdirectory, but have the blog exist in the site root, NinjaFirewall needs to know the exact location of the site root.', 'ninjafirewall'), '<code>' . htmlspecialchars(ABSPATH) . '</code>', '<code>' . htmlspecialchars( $_SERVER['DOCUMENT_ROOT'] ) . '/</code>') . '</p>
|
41 |
+
<p>' . sprintf( __('Please edit the path below only if you have manually modified your WordPress root directory as described in the <a href="%s">Giving WordPress Its Own Directory</a> article.', 'ninjafirewall'), 'http://codex.wordpress.org/Giving_WordPress_Its_Own_Directory') .'</p>
|
42 |
+
<p><strong style="color:red">'. __('Most users should not change this value.', 'ninjafirewall') .'</strong></p>
|
43 |
+
<p>'. __('Path to WordPress site root directory:', 'ninjafirewall') .' <input class="regular-text code" type="text" name="abspath" value="' . htmlspecialchars(ABSPATH) . '"></p>
|
44 |
+
<br />
|
45 |
+
<br />
|
46 |
+
<input class="button-primary" type="submit" name="Save" value="'. __('Next Step', 'ninjafirewall') .' »" />
|
47 |
+
<input type="hidden" name="nfw_act" value="presave" />' . wp_nonce_field('presave', 'nfwnonce', 0) . '
|
48 |
+
</form>
|
49 |
+
</div>';
|
50 |
+
|
51 |
+
}
|
52 |
+
|
53 |
+
/* ------------------------------------------------------------------ */
|
54 |
+
|
55 |
+
function nfw_presave( $err = '' ) {
|
56 |
+
|
57 |
+
if (empty ($_POST['abspath']) ) {
|
58 |
+
nfw_get_abspath( __('please enter the full path to WordPress folder.', 'ninjafirewall') );
|
59 |
+
return;
|
60 |
+
}
|
61 |
+
$abspath = htmlspecialchars( rtrim( $_POST['abspath'], '/' ) );
|
62 |
+
if (! file_exists( $abspath . '/index.php' ) ) {
|
63 |
+
nfw_get_abspath( sprintf( __('cannot find the %s directory! Please correct the full path to WordPress site root directory.', 'ninjafirewall'), '<code>' . $abspath . '/index.php</code>') );
|
64 |
+
return;
|
65 |
+
}
|
66 |
+
|
67 |
+
$_SESSION['abspath'] = $abspath . '/';
|
68 |
+
|
69 |
+
if ( empty($_SESSION['default_conf']) ) {
|
70 |
+
nfw_default_conf();
|
71 |
+
|
72 |
+
welcome_email();
|
73 |
+
}
|
74 |
+
|
75 |
+
$s1 = $s2 = $s3 = $s4 = $s5 = $s7 = '';
|
76 |
+
$recommended = ' ' . __('(recommended)', 'ninjafirewall');
|
77 |
+
if ( defined('HHVM_VERSION') ) {
|
78 |
+
$http_server = 7;
|
79 |
+
$s7 = $recommended;
|
80 |
+
$htaccess = 0;
|
81 |
+
$php_ini = 0;
|
82 |
+
} elseif ( preg_match('/apache/i', PHP_SAPI) ) {
|
83 |
+
$http_server = 1;
|
84 |
+
$s1 = $recommended;
|
85 |
+
$htaccess = 1;
|
86 |
+
$php_ini = 0;
|
87 |
+
} elseif ( preg_match( '/litespeed/i', PHP_SAPI ) ) {
|
88 |
+
$http_server = 4;
|
89 |
+
$php_ini = 1;
|
90 |
+
$htaccess = 1;
|
91 |
+
$s4 = $recommended;
|
92 |
+
} else {
|
93 |
+
$php_ini = 1;
|
94 |
+
$htaccess = 0;
|
95 |
+
if ( preg_match('/apache/i', $_SERVER['SERVER_SOFTWARE']) ) {
|
96 |
+
$http_server = 2;
|
97 |
+
$s2 = $recommended;
|
98 |
+
} elseif ( preg_match('/nginx/i', $_SERVER['SERVER_SOFTWARE']) ) {
|
99 |
+
$http_server = 3;
|
100 |
+
$s3 = $recommended;
|
101 |
+
} else {
|
102 |
+
$http_server = 5;
|
103 |
+
$s5 = $recommended;
|
104 |
+
}
|
105 |
+
}
|
106 |
+
|
107 |
+
?>
|
108 |
+
<script>
|
109 |
+
function popup(url,width,height,scroll_bar) {height=height+20;width=width+20;var str = "height=" + height + ",innerHeight=" + height;str += ",width=" + width + ",innerWidth=" + width;if (window.screen){var ah = screen.availHeight - 30;var aw = screen.availWidth -10;var xc = (aw - width) / 2;var yc = (ah - height) / 2;str += ",left=" + xc + ",screenX=" + xc;str += ",top=" + yc + ",screenY=" + yc;if (scroll_bar) {str += ",scrollbars=no";}else {str += ",scrollbars=yes";}str += ",status=no,location=no,resizable=yes";}win = open(url, "nfpop", str);setTimeout("win.window.focus()",1300);}
|
110 |
+
function check_fields() {
|
111 |
+
var ischecked = 0;
|
112 |
+
for (var i = 0; i < document.presave_form.php_ini_type.length; ++i) {
|
113 |
+
if(document.presave_form.php_ini_type[i].checked) {
|
114 |
+
ischecked = 1;
|
115 |
+
break;
|
116 |
+
}
|
117 |
+
}
|
118 |
+
if (! ischecked && document.presave_form.http_server.value != 1 && document.presave_form.http_server.value != 7) {
|
119 |
+
alert('<?php echo esc_js( __('Please select the PHP initialization file supported by your server.', 'ninjafirewall') ) ?>');
|
120 |
+
return false;
|
121 |
+
}
|
122 |
+
return true;
|
123 |
+
}
|
124 |
+
function ini_toogle(what) {
|
125 |
+
if (what == 1) {
|
126 |
+
document.getElementById('trini').style.display = 'none';
|
127 |
+
document.getElementById('hhvm').style.display = 'none';
|
128 |
+
} else if(what == 7) {
|
129 |
+
document.getElementById('trini').style.display = 'none';
|
130 |
+
document.getElementById('hhvm').style.display = '';
|
131 |
+
} else {
|
132 |
+
document.getElementById('trini').style.display = '';
|
133 |
+
document.getElementById('hhvm').style.display = 'none';
|
134 |
+
}
|
135 |
+
}
|
136 |
+
</script>
|
137 |
+
|
138 |
+
<?php
|
139 |
+
|
140 |
+
echo '
|
141 |
+
<div class="wrap">
|
142 |
+
<div style="width:33px;height:33px;background-image:url(' . plugins_url() . '/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
143 |
+
<h1>NinjaFirewall (WP Edition)</h1>';
|
144 |
+
|
145 |
+
if (! is_writable( NFW_LOG_DIR . '/nfwlog' ) ) {
|
146 |
+
echo '<div class="error settings-error"><p>'. sprintf( __('Error: NinjaFirewall log directory is not writable (%s). Please chmod it to 0777 and reload this page.', 'ninjafirewall'), '<code>' . htmlspecialchars(NFW_LOG_DIR) . '/nfwlog/</code>') .'</p></div></div>';
|
147 |
+
return;
|
148 |
+
}
|
149 |
+
|
150 |
+
if ( $err ) {
|
151 |
+
echo '<div class="error settings-error"><p>'. __('Error:', 'ninjafirewall') . ' ' . $err . '</p></div>';
|
152 |
+
}
|
153 |
+
|
154 |
+
?>
|
155 |
+
<h3><?php _e('System configuration', 'ninjafirewall') ?></h3>
|
156 |
+
<?php
|
157 |
+
// auto_prepend_file already being used?
|
158 |
+
if ( $apf = ini_get('auto_prepend_file') ) {
|
159 |
+
?>
|
160 |
+
<div style="background:#fff;border-left:4px solid #fff;-webkit-box-shadow:0 1px 1px 0 rgba(0,0,0,.1);box-shadow:0 1px 1px 0 rgba(0,0,0,.1);margin:5px 0 15px;padding:1px 12px;border-left-color:orange;">
|
161 |
+
<p><?php printf( __('NinjaFirewall detected that the PHP <code>auto_prepend_file</code> directive seems to be used by another application: %s.', 'ninjafirewall'), '<code>'. htmlspecialchars($apf) .'</code>' ); echo ' '; _e('Because NinjaFirewall needs to use that directive, it will orverride your current one.', 'ninjafirewall') ?></p>
|
162 |
+
</div>
|
163 |
+
<?php
|
164 |
+
}
|
165 |
+
if ( is_multisite() ) {
|
166 |
+
?>
|
167 |
+
<div style="background:#fff;border-left:4px solid #fff;-webkit-box-shadow:0 1px 1px 0 rgba(0,0,0,.1);box-shadow:0 1px 1px 0 rgba(0,0,0,.1);margin:5px 0 15px;padding:1px 12px;border-left-color:green;">
|
168 |
+
<p><?php _e('Multisite network detected:', 'ninjafirewall'); echo ' '; _e('NinjaFirewall will protect all sites from your network and its configuration interface will be accessible only to the Super Admin from the network main site.', 'ninjafirewall') ?></p>
|
169 |
+
</div>
|
170 |
+
<?php
|
171 |
+
}
|
172 |
+
?>
|
173 |
+
<form method="post" name="presave_form" onSubmit="return check_fields();">
|
174 |
+
<table class="form-table">
|
175 |
+
|
176 |
+
<tr>
|
177 |
+
<th scope="row"><?php _e('Select your HTTP server and your PHP server API', 'ninjafirewall') ?> (<code>SAPI</code>)</th>
|
178 |
+
<td width="20"> </td>
|
179 |
+
<td>
|
180 |
+
<select class="input" name="http_server" onchange="ini_toogle(this.value);">
|
181 |
+
<option value="1"<?php selected($http_server, 1) ?>>Apache + PHP<?php echo PHP_MAJOR_VERSION ?> module<?php echo $s1 ?></option>
|
182 |
+
<option value="2"<?php selected($http_server, 2) ?>>Apache + CGI/FastCGI<?php echo $s2 ?></option>
|
183 |
+
<option value="6"<?php selected($http_server, 6) ?>>Apache + suPHP</option>
|
184 |
+
<option value="3"<?php selected($http_server, 3) ?>>Nginx + <?php _e('CGI or PHP-FPM', 'ninjafirewall') ?><?php echo $s3 ?></option>
|
185 |
+
<option value="4"<?php selected($http_server, 4) ?>>Litespeed<?php echo $s4 ?></option>
|
186 |
+
<option value="5"<?php selected($http_server, 5) ?>><?php _e('Other webserver + CGI/FastCGI', 'ninjafirewall') ?><?php echo $s5 ?></option>
|
187 |
+
<option value="7"<?php selected($http_server, 7) ?>><?php _e('Other webserver + HHVM', 'ninjafirewall') ?><?php echo $s7 ?></option>
|
188 |
+
</select> <span class="description"><a class="links" href="javascript:popup('<?php echo wp_nonce_url( '?page=NinjaFirewall&nfw_act=99', 'show_phpinfo', 'nfwnonce' ); ?>',700,500,0);"><?php _e('view PHPINFO', 'ninjafirewall') ?></a></span>
|
189 |
+
<?php
|
190 |
+
if ($http_server == 7) {
|
191 |
+
echo '<p id="hhvm">';
|
192 |
+
} else {
|
193 |
+
echo '<p id="hhvm" style="display:none;">';
|
194 |
+
}
|
195 |
+
?>
|
196 |
+
<?php sprintf( __('Please <a href="%s">check our blog</a> if you want to install NinjaFirewall on HHVM.', 'ninjafirewall'), '<a href="https://blog.nintechnet.com/installing-ninjafirewall-with-hhvm-hiphop-virtual-machine/">') ?></p>
|
197 |
+
</td>
|
198 |
+
</tr>
|
199 |
+
|
200 |
+
<?php
|
201 |
+
$f1 = $f2 = $f3 = $php_ini_type = '';
|
202 |
+
if ( file_exists( $_SESSION['abspath'] . 'php.ini') ) {
|
203 |
+
if (empty($_SESSION['php_ini_type']) ) {
|
204 |
+
$f1 = $recommended;
|
205 |
+
}
|
206 |
+
$php_ini_type = 1;
|
207 |
+
} elseif ( file_exists( $_SESSION['abspath'] . '.user.ini') ) {
|
208 |
+
if (empty($_SESSION['php_ini_type']) ) {
|
209 |
+
$f2 = $recommended;
|
210 |
+
}
|
211 |
+
$php_ini_type = 2;
|
212 |
+
} elseif ( file_exists( $_SESSION['abspath'] . 'php5.ini') ) {
|
213 |
+
if (empty($_SESSION['php_ini_type']) ) {
|
214 |
+
$f3 = $recommended;
|
215 |
+
}
|
216 |
+
$php_ini_type = 3;
|
217 |
+
}
|
218 |
+
|
219 |
+
if ($http_server == 1 || $http_server == 7) {
|
220 |
+
echo '<tr id="trini" style="display:none;">';
|
221 |
+
} else {
|
222 |
+
echo '<tr id="trini">';
|
223 |
+
}
|
224 |
+
?>
|
225 |
+
<th scope="row"><?php _e('Select the PHP initialization file supported by your server', 'ninjafirewall') ?></th>
|
226 |
+
<td width="20"> </td>
|
227 |
+
<td>
|
228 |
+
<p><label><input type="radio" name="php_ini_type" value="1"<?php checked($php_ini_type, 1) ?>><code>php.ini</code></label><?php echo $f1 ?><br /><span class="description"><?php _e('Used by most shared hosting accounts.', 'ninjafirewall') ?></span></p>
|
229 |
+
|
230 |
+
<p><label><input type="radio" name="php_ini_type" value="2"<?php checked($php_ini_type, 2) ?>><code>.user.ini</code></label><?php echo $f2 ?><br /><span class="description"><?php _e('Used by most dedicated/VPS servers, as well as shared hosting accounts that do not support php.ini', 'ninjafirewall') ?> (<a href="http://php.net/manual/en/configuration.file.per-user.php"><?php _e('more info', 'ninjafirewall') ?></a>).</span></p>
|
231 |
+
|
232 |
+
<p><label><input type="radio" name="php_ini_type" value="3"<?php checked($php_ini_type, 3) ?>><code>php5.ini</code></label><?php echo $f3 ?><br /><span class="description"><?php _e('A few shared hosting accounts. Seldom used.', 'ninjafirewall') ?></span></p>
|
233 |
+
</td>
|
234 |
+
</tr>
|
235 |
+
|
236 |
+
</table>
|
237 |
+
<input type="submit" class="button-primary" name="next" value="<?php _e('Next Step', 'ninjafirewall') ?> »">
|
238 |
+
<input type="hidden" name="nfw_act" value="integration">
|
239 |
+
<input type="hidden" name="abspath" value="<?php echo $_SESSION['abspath'] ?>">
|
240 |
+
<?php wp_nonce_field('integration', 'nfwnonce', 0); ?>
|
241 |
+
</form>
|
242 |
+
</div>
|
243 |
+
<?php
|
244 |
+
}
|
245 |
+
|
246 |
+
/* ------------------------------------------------------------------ */
|
247 |
+
|
248 |
+
function nfw_integration( $err = '' ) {
|
249 |
+
|
250 |
+
if ( empty($_SESSION['abspath']) ) {
|
251 |
+
nfw_get_abspath( __('please enter the full path to WordPress folder.', 'ninjafirewall') );
|
252 |
+
return;
|
253 |
+
}
|
254 |
+
|
255 |
+
if ( empty($_POST['http_server']) || ! preg_match('/^[1-7]$/', $_POST['http_server']) ) {
|
256 |
+
nfw_presave( __('select your HTTP server and PHP SAPI.', 'ninjafirewall') );
|
257 |
+
return;
|
258 |
+
}
|
259 |
+
|
260 |
+
if ( preg_match('/^[2-6]$/', $_POST['http_server']) ) {
|
261 |
+
if ( empty($_POST['php_ini_type']) || ! preg_match('/^[1-3]$/', $_POST['php_ini_type']) ) {
|
262 |
+
nfw_presave( __('select the PHP initialization file supported by your server.', 'ninjafirewall') );
|
263 |
+
return;
|
264 |
+
}
|
265 |
+
} else {
|
266 |
+
$_POST['php_ini_type'] = 0;
|
267 |
+
}
|
268 |
+
|
269 |
+
nfw_ini_data();
|
270 |
+
|
271 |
+
$_SESSION['http_server'] = $_POST['http_server'];
|
272 |
+
$_SESSION['php_ini_type'] = @$_POST['php_ini_type'];
|
273 |
+
|
274 |
+
$_SESSION['ini_write'] = $_SESSION['htaccess_write'] = 1;
|
275 |
+
|
276 |
+
if ($_SESSION['php_ini_type'] == 1) {
|
277 |
+
$php_file = 'php.ini';
|
278 |
+
} elseif ($_SESSION['php_ini_type'] == 2) {
|
279 |
+
$php_file = '.user.ini';
|
280 |
+
} elseif ($_SESSION['php_ini_type'] == 3) {
|
281 |
+
$php_file = 'php5.ini';
|
282 |
+
} else {
|
283 |
+
$php_file = 0;
|
284 |
+
}
|
285 |
+
if ( is_writable($_SESSION['abspath']) ) {
|
286 |
+
$_SESSION['abspath_writable'] = 1;
|
287 |
+
} else {
|
288 |
+
$_SESSION['abspath_writable'] = 0;
|
289 |
+
}
|
290 |
+
?>
|
291 |
+
<script>
|
292 |
+
function diy_chg(what) {
|
293 |
+
if (what == 'nfw') {
|
294 |
+
jQuery('#lmd').slideDown();
|
295 |
+
jQuery('#diy').slideUp();
|
296 |
+
} else {
|
297 |
+
jQuery('#lmd').slideUp();
|
298 |
+
jQuery('#diy').slideDown();
|
299 |
+
}
|
300 |
+
}
|
301 |
+
</script>
|
302 |
+
<div class="wrap">
|
303 |
+
<div style="width:33px;height:33px;background-image:url(<?php echo plugins_url() ?>/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
304 |
+
<h1>NinjaFirewall (WP Edition)</h1>
|
305 |
+
<?php
|
306 |
+
if ( $err ) {
|
307 |
+
echo '<div class="error settings-error"><p>' . __('Error:', 'ninjafirewall') .' '. $err . '</p></div>';
|
308 |
+
}
|
309 |
+
?>
|
310 |
+
<h3><?php _e('Firewall Integration', 'ninjafirewall') ?> (Full WAF)</h3>
|
311 |
+
<?php
|
312 |
+
|
313 |
+
$fdata = $height = '';
|
314 |
+
|
315 |
+
$createfile = '<p>'. __('The <code>%s</code> file must be created, and the following lines of code added to it:', 'ninjafirewall') . '</p>';
|
316 |
+
$add2file = '<p>'. __('The following <font color="green">green lines</font> of code must be added to your <code>%s</code> file.', 'ninjafirewall') .' '. __('All other lines, if any, are the actual content of the file:', 'ninjafirewall') .'</p>';
|
317 |
+
$not_writable = '<div style="background:#fff;border-left:4px solid #fff;-webkit-box-shadow:0 1px 1px 0 rgba(0,0,0,.1);box-shadow:0 1px 1px 0 rgba(0,0,0,.1);margin:5px 0 15px;padding:1px 12px;border-left-color:orange;">
|
318 |
+
<p>' . __('The file is not writable, I cannot edit it for you.', 'ninjafirewall') . '</p>
|
319 |
+
</div>';
|
320 |
+
|
321 |
+
|
322 |
+
if ($_SESSION['http_server'] == 1) {
|
323 |
+
if ( file_exists($_SESSION['abspath'] . '.htaccess') ) {
|
324 |
+
if (! is_writable($_SESSION['abspath'] . '.htaccess') ) {
|
325 |
+
$_SESSION['htaccess_write'] = $_SESSION['abspath_writable'] = 0;
|
326 |
+
}
|
327 |
+
|
328 |
+
printf( $add2file, $_SESSION['abspath'] . '.htaccess');
|
329 |
+
$fdata = file_get_contents($_SESSION['abspath'] . '.htaccess');
|
330 |
+
$fdata = preg_replace( '`\s?'. HTACCESS_BEGIN .'.+?'. HTACCESS_END .'[^\r\n]*\s?`s' , "\n", $fdata);
|
331 |
+
$fdata = "\n<font color='#444'>" . htmlentities($fdata) . '</font>';
|
332 |
+
$height = 'height:150px;';
|
333 |
+
} else {
|
334 |
+
|
335 |
+
printf( $createfile, $_SESSION['abspath'] . '.htaccess');
|
336 |
+
}
|
337 |
+
echo '<pre style="cursor:text;background-color:#FFF;border:1px solid #ccc;margin:0px;padding:6px;overflow:auto;' .
|
338 |
+
$height . '">' . "\n" .
|
339 |
+
'<font color="green">' . HTACCESS_BEGIN . "\n" . htmlentities(HTACCESS_DATA) . "\n" . HTACCESS_END . "\n" .
|
340 |
+
'</font>' . $fdata . "\n" .
|
341 |
+
'</pre><br />';
|
342 |
+
if (empty($_SESSION['htaccess_write']) ) {
|
343 |
+
echo $not_writable;
|
344 |
+
}
|
345 |
+
|
346 |
+
|
347 |
+
} elseif ($_SESSION['http_server'] == 4) {
|
348 |
+
if ( file_exists($_SESSION['abspath'] . '.htaccess') ) {
|
349 |
+
|
350 |
+
if (! is_writable($_SESSION['abspath'] . '.htaccess') ) {
|
351 |
+
$_SESSION['htaccess_write'] = $_SESSION['abspath_writable'] = 0;
|
352 |
+
}
|
353 |
+
printf( $add2file, $_SESSION['abspath'] . '.htaccess');
|
354 |
+
$fdata = file_get_contents($_SESSION['abspath'] . '.htaccess');
|
355 |
+
$fdata = preg_replace( '`\s?'. HTACCESS_BEGIN .'.+?'. HTACCESS_END .'[^\r\n]*\s?`s' , "\n", $fdata);
|
356 |
+
$fdata = "\n<font color='#444'>" . htmlentities($fdata) . '</font>';
|
357 |
+
$height = 'height:150px;';
|
358 |
+
} else {
|
359 |
+
|
360 |
+
printf( $createfile, $_SESSION['abspath'] . '.htaccess');
|
361 |
+
}
|
362 |
+
echo '<pre style="cursor:text;background-color:#FFF;border:1px solid #ccc;margin:0px;padding:6px;overflow:auto;' .
|
363 |
+
$height . '">' . "\n" .
|
364 |
+
'<font color="green">' . HTACCESS_BEGIN . "\n" . LITESPEED_DATA . "\n" . HTACCESS_END . "\n" .
|
365 |
+
'</font>' . $fdata . "\n" .
|
366 |
+
'</pre><br />';
|
367 |
+
if (empty($_SESSION['htaccess_write']) ) {
|
368 |
+
echo $not_writable;
|
369 |
+
}
|
370 |
+
echo '<br /><br />';
|
371 |
+
|
372 |
+
$fdata = $height = '';
|
373 |
+
if ( file_exists($_SESSION['abspath'] . $php_file) ) {
|
374 |
+
if (! is_writable($_SESSION['abspath'] . $php_file) ) {
|
375 |
+
$_SESSION['ini_write'] = $_SESSION['abspath_writable'] = 0;
|
376 |
+
}
|
377 |
+
|
378 |
+
printf( $add2file, $_SESSION['abspath'] . $php_file);
|
379 |
+
$fdata = file_get_contents($_SESSION['abspath'] . $php_file);
|
380 |
+
$fdata = preg_replace( '`\s?'. PHPINI_BEGIN .'.+?'. PHPINI_END .'[^\r\n]*\s?`s' , "\n", $fdata);
|
381 |
+
$fdata = "\n<font color='#444'>" . htmlentities($fdata) . '</font>';
|
382 |
+
$height = 'height:150px;';
|
383 |
+
} else {
|
384 |
+
|
385 |
+
printf( $createfile, $_SESSION['abspath'] . $php_file);
|
386 |
+
}
|
387 |
+
|
388 |
+
echo '<pre style="cursor:text;background-color:#FFF;border:1px solid #ccc;margin:0px;padding:6px;overflow:auto;' .
|
389 |
+
$height . '">' . "\n" .
|
390 |
+
'<font color="green">' . PHPINI_BEGIN . "\n" . PHPINI_DATA . "\n" . PHPINI_END . "\n" .
|
391 |
+
'</font>' . $fdata . "\n" .
|
392 |
+
'</pre><br />';
|
393 |
+
if (empty($_SESSION['ini_write']) ) {
|
394 |
+
echo $not_writable;
|
395 |
+
}
|
396 |
+
|
397 |
+
|
398 |
+
} elseif ($_SESSION['http_server'] == 7) {
|
399 |
+
?>
|
400 |
+
<li><?php _e('Add the following code to your <code>/etc/hhvm/php.ini</code> file, and restart HHVM afterwards:', 'ninjafirewall') ?></li>
|
401 |
+
<pre style="background-color:#FFF;border:1px solid #ccc;margin:0px;padding:6px;overflow:auto;height:70px;"><font color="green"><?php echo PHPINI_DATA ?></font></pre>
|
402 |
+
<br />
|
403 |
+
<?php
|
404 |
+
|
405 |
+
|
406 |
+
} else {
|
407 |
+
|
408 |
+
if ($_SESSION['http_server'] == 6) {
|
409 |
+
if ( file_exists($_SESSION['abspath'] . '.htaccess') ) {
|
410 |
+
|
411 |
+
if (! is_writable($_SESSION['abspath'] . '.htaccess') ) {
|
412 |
+
$_SESSION['htaccess_write'] = $_SESSION['abspath_writable'] = 0;
|
413 |
+
}
|
414 |
+
printf( $add2file, $_SESSION['abspath'] . '.htaccess');
|
415 |
+
$fdata = file_get_contents($_SESSION['abspath'] . '.htaccess');
|
416 |
+
$fdata = preg_replace( '`\s?'. HTACCESS_BEGIN .'.+?'. HTACCESS_END .'[^\r\n]*\s?`s' , "\n", $fdata);
|
417 |
+
$fdata = "\n<font color='#444'>" . htmlentities($fdata) . '</font>';
|
418 |
+
$height = 'height:150px;';
|
419 |
+
} else {
|
420 |
+
|
421 |
+
printf( $createfile, $_SESSION['abspath'] . '.htaccess');
|
422 |
+
}
|
423 |
+
echo '<pre style="cursor:text;background-color:#FFF;border:1px solid #ccc;margin:0px;padding:6px;overflow:auto;' .
|
424 |
+
$height . '">' . "\n" .
|
425 |
+
'<font color="green">' . HTACCESS_BEGIN . "\n" . htmlentities(SUPHP_DATA) . "\n" . HTACCESS_END . "\n" .
|
426 |
+
'</font>' . $fdata . "\n" .
|
427 |
+
'</pre><br />';
|
428 |
+
if (empty($_SESSION['htaccess_write']) ) {
|
429 |
+
echo $not_writable;
|
430 |
+
}
|
431 |
+
echo '<br /><br />';
|
432 |
+
$fdata = $height = '';
|
433 |
+
}
|
434 |
+
|
435 |
+
|
436 |
+
if ( file_exists($_SESSION['abspath'] . $php_file) ) {
|
437 |
+
if (! is_writable($_SESSION['abspath'] . $php_file) ) {
|
438 |
+
$_SESSION['ini_write'] = $_SESSION['abspath_writable'] = 0;
|
439 |
+
}
|
440 |
+
|
441 |
+
printf( $add2file, $_SESSION['abspath'] . $php_file);
|
442 |
+
$fdata = file_get_contents($_SESSION['abspath'] . $php_file);
|
443 |
+
$fdata = preg_replace( '`\s?'. PHPINI_BEGIN .'.+?'. PHPINI_END .'[^\r\n]*\s?`s' , "\n", $fdata);
|
444 |
+
$fdata = "\n<font color='#444'>" . htmlentities($fdata) . '</font>';
|
445 |
+
$height = 'height:150px;';
|
446 |
+
} else {
|
447 |
+
|
448 |
+
printf( $createfile, $_SESSION['abspath'] . $php_file);
|
449 |
+
}
|
450 |
+
|
451 |
+
echo '<pre style="cursor:text;background-color:#FFF;border:1px solid #ccc;margin:0px;padding:6px;overflow:auto;' .
|
452 |
+
$height . '">' . "\n" .
|
453 |
+
'<font color="green">' . PHPINI_BEGIN . "\n" . PHPINI_DATA . "\n" . PHPINI_END . "\n" .
|
454 |
+
'</font>' . $fdata . "\n" .
|
455 |
+
'</pre><br />';
|
456 |
+
if (empty($_SESSION['ini_write']) ) {
|
457 |
+
echo $not_writable;
|
458 |
+
}
|
459 |
+
}
|
460 |
+
|
461 |
+
echo '<form method="post" name="integration_form">';
|
462 |
+
|
463 |
+
|
464 |
+
if ($_SESSION['http_server'] != 7) {
|
465 |
+
$chg_str = __('Please make those changes, then click on button below.', 'ninjafirewall');
|
466 |
+
if (! empty($_SESSION['abspath_writable']) ) {
|
467 |
+
|
468 |
+
|
469 |
+
echo '<p><label><input type="radio" name="makechange" onClick="diy_chg(this.value)" value="nfw" checked="checked">'.
|
470 |
+
__('Let NinjaFirewall make the above changes (recommended).', 'ninjafirewall') .'</label></p>
|
471 |
+
<div id="lmd">
|
472 |
+
<div style="background:#fff;border-left:4px solid #fff;-webkit-box-shadow:0 1px 1px 0 rgba(0,0,0,.1);box-shadow:0 1px 1px 0 rgba(0,0,0,.1);margin:5px 0 15px;padding:1px 12px;border-left-color:orange;">
|
473 |
+
<p>' . __('Ensure that you have FTP access to your website so that, if there were a problem during the installation of the firewall, you could easily undo the changes.', 'ninjafirewall') .'</p>
|
474 |
+
</div>
|
475 |
+
</div>
|
476 |
+
|
477 |
+
<p><label><input type="radio" name="makechange" onClick="diy_chg(this.value)" value="usr">'.
|
478 |
+
__('I want to make the changes myself.', 'ninjafirewall') .'</label></p>
|
479 |
+
<p id="diy" style="display:none;">' . $chg_str . '</p>';
|
480 |
+
} else {
|
481 |
+
echo '<p>'. $chg_str .'</p>';
|
482 |
+
}
|
483 |
+
} else {
|
484 |
+
|
485 |
+
$_SESSION['php_ini_type'] = 1;
|
486 |
+
echo '<input type="hidden" name="makechange" value="usr">
|
487 |
+
<a href="https://blog.nintechnet.com/installing-ninjafirewall-with-hhvm-hiphop-virtual-machine/">' . __('Please check our blog if you want to install NinjaFirewall on HHVM.', 'ninjafirewall') . '</a>
|
488 |
+
<br />';
|
489 |
+
}
|
490 |
+
?>
|
491 |
+
<br />
|
492 |
+
<input type="submit" class="button-primary" name="next" value="<?php _e('Next Step', 'ninjafirewall') ?> »">
|
493 |
+
<input type="hidden" name="nfw_act" value="postsave">
|
494 |
+
<input type="hidden" name="nfw_firstrun" value="1" />
|
495 |
+
<?php wp_nonce_field('postsave', 'nfwnonce', 0); ?>
|
496 |
+
</form>
|
497 |
+
</div>
|
498 |
+
|
499 |
+
<?php
|
500 |
+
}
|
501 |
+
|
502 |
+
/* ------------------------------------------------------------------ */
|
503 |
+
|
504 |
+
function nfw_postsave() {
|
505 |
+
|
506 |
+
if ( @$_POST['makechange'] != 'usr' && @$_POST['makechange'] != 'nfw' ) {
|
507 |
+
$err = __('you must select how to make changes to your files.', 'ninjafirewall');
|
508 |
+
NFW_INTEGRATION:
|
509 |
+
$_POST['abspath'] = $_SESSION['abspath'];
|
510 |
+
$_POST['http_server'] = $_SESSION['http_server'];
|
511 |
+
$_POST['php_ini_type'] = $_SESSION['php_ini_type'];
|
512 |
+
nfw_integration($err);
|
513 |
+
return;
|
514 |
+
}
|
515 |
+
if ( empty($_SESSION['http_server']) || ! preg_match('/^[1-7]$/', $_SESSION['http_server']) ) {
|
516 |
+
$_POST['abspath'] = $_SESSION['abspath'];
|
517 |
+
nfw_presave( __('select your HTTP server and PHP SAPI.', 'ninjafirewall') );
|
518 |
+
return;
|
519 |
+
}
|
520 |
+
if ($_SESSION['http_server'] != 1) {
|
521 |
+
if ( empty($_SESSION['php_ini_type']) || ! preg_match('/^[1-3]$/', $_SESSION['php_ini_type']) ) {
|
522 |
+
$_POST['abspath'] = $_SESSION['abspath'];
|
523 |
+
nfw_presave( __('select the PHP initialization file supported by your server.', 'ninjafirewall') );
|
524 |
+
return;
|
525 |
+
}
|
526 |
+
}
|
527 |
+
|
528 |
+
if ( $_POST['makechange'] == 'usr' ) {
|
529 |
+
goto DOITYOURSELF;
|
530 |
+
}
|
531 |
+
|
532 |
+
if ( empty($_SESSION['abspath_writable']) ) {
|
533 |
+
$err = __('your WordPress root directory is not writable, I cannot make those changes for you.', 'ninjafirewall');
|
534 |
+
goto NFW_INTEGRATION;
|
535 |
+
exit;
|
536 |
+
}
|
537 |
+
|
538 |
+
nfw_ini_data();
|
539 |
+
|
540 |
+
$bakup_file = time();
|
541 |
+
|
542 |
+
$nfw_install['htaccess'] = $nfw_install['phpini'] = 0;
|
543 |
+
|
544 |
+
if ($_SESSION['http_server'] == 1 || $_SESSION['http_server'] == 4 || $_SESSION['http_server'] == 6 ) {
|
545 |
+
$fdata = '';
|
546 |
+
if ( file_exists($_SESSION['abspath'] . '.htaccess') ) {
|
547 |
+
if (! is_writable($_SESSION['abspath'] . '.htaccess') ) {
|
548 |
+
$err = sprintf(__('cannot write to <code>%s</code>, it is read-only.', 'ninjafirewall'), $_SESSION['abspath'] . '.htaccess');
|
549 |
+
goto NFW_INTEGRATION;
|
550 |
+
exit;
|
551 |
+
}
|
552 |
+
$fdata = file_get_contents($_SESSION['abspath'] . '.htaccess');
|
553 |
+
$fdata = preg_replace( '`\s?'. HTACCESS_BEGIN .'.+?'. HTACCESS_END .'[^\r\n]*\s?`s' , "\n", $fdata);
|
554 |
+
copy( $_SESSION['abspath'] . '.htaccess', $_SESSION['abspath'] . '.htaccess.ninja' . $bakup_file );
|
555 |
+
}
|
556 |
+
if ($_SESSION['http_server'] == 6) {
|
557 |
+
@file_put_contents($_SESSION['abspath'] . '.htaccess',
|
558 |
+
HTACCESS_BEGIN . "\n" . SUPHP_DATA . "\n" . HTACCESS_END . "\n\n" . $fdata, LOCK_EX );
|
559 |
+
} else {
|
560 |
+
if ($_SESSION['http_server'] == 4) {
|
561 |
+
@file_put_contents($_SESSION['abspath'] . '.htaccess',
|
562 |
+
HTACCESS_BEGIN . "\n" . LITESPEED_DATA . "\n" . HTACCESS_END . "\n\n" . $fdata, LOCK_EX );
|
563 |
+
|
564 |
+
} else {
|
565 |
+
@file_put_contents($_SESSION['abspath'] . '.htaccess',
|
566 |
+
HTACCESS_BEGIN . "\n" . HTACCESS_DATA . "\n" . HTACCESS_END . "\n\n" . $fdata, LOCK_EX );
|
567 |
+
}
|
568 |
+
}
|
569 |
+
@chmod( $_SESSION['abspath'] . '.htaccess', 0644 );
|
570 |
+
$nfw_install['htaccess'] = $_SESSION['abspath'] . '.htaccess';
|
571 |
+
}
|
572 |
+
|
573 |
+
if ($_SESSION['http_server'] != 1) {
|
574 |
+
$fdata = '';
|
575 |
+
$ini_array = array('php.ini', '.user.ini','php5.ini');
|
576 |
+
|
577 |
+
if ($_SESSION['php_ini_type'] == 1) {
|
578 |
+
$php_file = 'php.ini';
|
579 |
+
} elseif ($_SESSION['php_ini_type'] == 2) {
|
580 |
+
$php_file = '.user.ini';
|
581 |
+
} else {
|
582 |
+
$php_file = 'php5.ini';
|
583 |
+
}
|
584 |
+
|
585 |
+
if ( file_exists($_SESSION['abspath'] . $php_file) ) {
|
586 |
+
if (! is_writable($_SESSION['abspath'] . $php_file) ) {
|
587 |
+
$err = sprintf(__('cannot write to <code>%s</code>, it is read-only.', 'ninjafirewall'), $_SESSION['abspath'] . $php_file);
|
588 |
+
goto NFW_INTEGRATION;
|
589 |
+
exit;
|
590 |
+
}
|
591 |
+
$fdata = file_get_contents($_SESSION['abspath'] . $php_file);
|
592 |
+
$fdata = preg_replace( '`auto_prepend_file`' , ";auto_prepend_file", $fdata);
|
593 |
+
$fdata = preg_replace( '`\s?'. PHPINI_BEGIN .'.+?'. PHPINI_END .'[^\r\n]*\s?`s' , "\n", $fdata);
|
594 |
+
copy( $_SESSION['abspath'] . $php_file, $_SESSION['abspath'] . $php_file . '.ninja' . $bakup_file );
|
595 |
+
}
|
596 |
+
@file_put_contents($_SESSION['abspath'] . $php_file,
|
597 |
+
PHPINI_BEGIN . "\n" . PHPINI_DATA . "\n" . PHPINI_END . "\n\n" . $fdata, LOCK_EX );
|
598 |
+
@chmod( $_SESSION['abspath'] . $php_file, 0644 );
|
599 |
+
$nfw_install['phpini'] = $_SESSION['abspath'] . $php_file;
|
600 |
+
|
601 |
+
foreach ( $ini_array as $ini_file ) {
|
602 |
+
if ($ini_file == $php_file) { continue; }
|
603 |
+
if ( file_exists($_SESSION['abspath'] . $ini_file) ) {
|
604 |
+
if ( is_writable($_SESSION['abspath'] . $ini_file) ) {
|
605 |
+
$ini_data = file_get_contents($_SESSION['abspath'] . $ini_file);
|
606 |
+
$ini_data = preg_replace( '`auto_prepend_file`' , ";auto_prepend_file", $ini_data);
|
607 |
+
$ini_data = preg_replace( '`\s?'. PHPINI_BEGIN .'.+?'. PHPINI_END .'[^\r\n]*\s?`s' , "\n", $ini_data);
|
608 |
+
@file_put_contents($_SESSION['abspath'] . $ini_file, $ini_data, LOCK_EX );
|
609 |
+
}
|
610 |
+
}
|
611 |
+
}
|
612 |
+
}
|
613 |
+
nfw_update_option( 'nfw_install', $nfw_install);
|
614 |
+
|
615 |
+
?>
|
616 |
+
<div class="wrap">
|
617 |
+
<div style="width:33px;height:33px;background-image:url(<?php echo plugins_url() ?>/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
618 |
+
<h1>NinjaFirewall (WP Edition)</h1>
|
619 |
+
<br />
|
620 |
+
<div class="updated settings-error"><p><?php _e('Your configuration was saved.', 'ninjafirewall') ?>
|
621 |
+
<?php
|
622 |
+
if (! empty($_SESSION['email_install']) ) {
|
623 |
+
|
624 |
+
echo '<br />';
|
625 |
+
printf( __('A "Quick Start, FAQ & Troubleshooting Guide" email was sent to %s.', 'ninjafirewall'), '<code>' . htmlspecialchars( $_SESSION['email_install'] ) . '</code>' );
|
626 |
+
unset($_SESSION['email_install']);
|
627 |
+
}
|
628 |
+
?>
|
629 |
+
</p></div>
|
630 |
+
<?php _e('Please click the button below to test if the firewall integration was successful.', 'ninjafirewall') ?>
|
631 |
+
<form method="POST" action="?page=NinjaFirewall&nfw_firstrun=1&rnd=<?php echo time() ?>">
|
632 |
+
<p><input type="submit" class="button-primary" value="<?php _e('Test Firewall', 'ninjafirewall') ?> »" /></p>
|
633 |
+
<input type="hidden" name="nfw_act" value="postsave" />
|
634 |
+
<input type="hidden" name="makechange" value="usr" />
|
635 |
+
<?php wp_nonce_field('postsave', 'nfwnonce', 0); ?>
|
636 |
+
</form>
|
637 |
+
|
638 |
+
</div>
|
639 |
+
<?php
|
640 |
+
return;
|
641 |
+
|
642 |
+
DOITYOURSELF:
|
643 |
+
nfw_firewalltest();
|
644 |
+
return;
|
645 |
+
}
|
646 |
+
|
647 |
+
/* ------------------------------------------------------------------ */
|
648 |
+
// EOF //
|
lib/install_wpwaf.php
ADDED
@@ -0,0 +1,247 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+---------------------------------------------------------------------+
|
4 |
+
| NinjaFirewall (WP Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+---------------------------------------------------------------------+
|
8 |
+
| This program is free software: you can redistribute it and/or |
|
9 |
+
| modify it under the terms of the GNU General Public License as |
|
10 |
+
| published by the Free Software Foundation, either version 3 of |
|
11 |
+
| the License, or (at your option) any later version. |
|
12 |
+
| |
|
13 |
+
| This program is distributed in the hope that it will be useful, |
|
14 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
+
| GNU General Public License for more details. |
|
17 |
+
+---------------------------------------------------------------------+ i18n+ / sa
|
18 |
+
*/
|
19 |
+
|
20 |
+
if (! defined( 'NFW_ENGINE_VERSION' ) ) { die( 'Forbidden' ); }
|
21 |
+
|
22 |
+
/* ------------------------------------------------------------------ */
|
23 |
+
|
24 |
+
function nfw_integration_wpwaf( $err_msg = null ) {
|
25 |
+
|
26 |
+
// Look for the wp-config.php file:
|
27 |
+
$wp_config = '';
|
28 |
+
if ( file_exists( ABSPATH . 'wp-config.php') ) {
|
29 |
+
$wp_config = ABSPATH . 'wp-config.php';
|
30 |
+
|
31 |
+
} elseif ( @file_exists( dirname( ABSPATH ) . '/wp-config.php' ) ) {
|
32 |
+
$wp_config = dirname( ABSPATH ) . '/wp-config.php';
|
33 |
+
}
|
34 |
+
|
35 |
+
?>
|
36 |
+
<script>
|
37 |
+
function diy_chg(what) {
|
38 |
+
if (what == 'nfw') {
|
39 |
+
jQuery('#lmd').slideDown();
|
40 |
+
jQuery('#diy').slideUp();
|
41 |
+
} else {
|
42 |
+
jQuery('#lmd').slideUp();
|
43 |
+
jQuery('#diy').slideDown();
|
44 |
+
}
|
45 |
+
}
|
46 |
+
</script>
|
47 |
+
<div class="wrap">
|
48 |
+
<div style="width:33px;height:33px;background-image:url(<?php echo plugins_url() ?>/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
49 |
+
<h1>NinjaFirewall (WP Edition)</h1>
|
50 |
+
<?php
|
51 |
+
|
52 |
+
$wp_config_content = @file_get_contents( $wp_config );
|
53 |
+
if ( empty( $wp_config_content ) ) {
|
54 |
+
$err = __('Error:', 'ninjafirewall') . ' ' .
|
55 |
+
sprintf( __('Unable to read the wp-config.php file (%s). Make sure it is readable and try again.', 'ninjafirewall' ),
|
56 |
+
'<code>'. htmlspecialchars( $wp_config ) .'</code>' );
|
57 |
+
?>
|
58 |
+
<div class="error settings-error"><p> <?php echo $err ?></p></div>
|
59 |
+
<?php
|
60 |
+
return;
|
61 |
+
}
|
62 |
+
|
63 |
+
if (! empty( $err_msg) ) {
|
64 |
+
$err = __('Error:', 'ninjafirewall') . ' ' . $err_msg;
|
65 |
+
?>
|
66 |
+
<div class="error settings-error"><p> <?php echo $err; ?></p></div>
|
67 |
+
<?php
|
68 |
+
}
|
69 |
+
|
70 |
+
if (! $wp_config ) {
|
71 |
+
$err = __('Error:', 'ninjafirewall') . ' ' . sprintf(
|
72 |
+
__('Unable to find the wp-config.php file in the %s or %s directories.', 'ninjafirewall' ),
|
73 |
+
'<code>'. htmlspecialchars( ABSPATH ) .'</code>',
|
74 |
+
'<code>'. htmlspecialchars( dirname( ABSPATH ) ) .'</code>' );
|
75 |
+
?>
|
76 |
+
<div class="error settings-error"><p> <?php echo $err ?></p></div>
|
77 |
+
</div>
|
78 |
+
<?php
|
79 |
+
return;
|
80 |
+
}
|
81 |
+
|
82 |
+
// Fetch rules, options and send welcome email:
|
83 |
+
if ( empty($_SESSION['default_conf']) ) {
|
84 |
+
nfw_default_conf();
|
85 |
+
welcome_email();
|
86 |
+
}
|
87 |
+
$nfw_install['wp_config'] = $wp_config;
|
88 |
+
nfw_update_option( 'nfw_install', $nfw_install);
|
89 |
+
|
90 |
+
?><h3><?php _e('Firewall Integration', 'ninjafirewall') ?> (WordPress WAF)</h3>
|
91 |
+
|
92 |
+
<?php
|
93 |
+
if ( is_multisite() ) {
|
94 |
+
?>
|
95 |
+
<div style="background:#fff;border-left:4px solid #fff;-webkit-box-shadow:0 1px 1px 0 rgba(0,0,0,.1);box-shadow:0 1px 1px 0 rgba(0,0,0,.1);margin:5px 0 15px;padding:1px 12px;border-left-color:green;">
|
96 |
+
<p><?php _e('Multisite network detected:', 'ninjafirewall'); echo ' '; _e('NinjaFirewall will protect all sites from your network and its configuration interface will be accessible only to the Super Admin from the network main site.', 'ninjafirewall') ?></p>
|
97 |
+
</div>
|
98 |
+
<?php
|
99 |
+
}
|
100 |
+
?>
|
101 |
+
|
102 |
+
<p><?php printf( __('The following <font color="green">green lines</font> of code must be added to your %s file.', 'ninjafirewall'), '<code>'. htmlentities( $wp_config ) . '</code>' ) ?> <?php _e('All other lines, if any, are the actual content of the file:', 'ninjafirewall') ?>
|
103 |
+
</p>
|
104 |
+
|
105 |
+
<?php
|
106 |
+
nfw_wpconfig_data();
|
107 |
+
$wp_config_content = preg_replace( '`<\?php(.+)`s', '$1', $wp_config_content );
|
108 |
+
$wp_config_content = preg_replace( '`\s?'. WP_CONFIG_BEGIN .'.+?'. WP_CONFIG_END .'[^\r\n]*\s?`s' , "\n", $wp_config_content);
|
109 |
+
|
110 |
+
echo '<pre style="cursor:text;background-color:#FFF;border:1px solid #ccc;margin:0px;padding:6px;overflow:auto;height:180px;">' . "\n" .
|
111 |
+
"<font color='#777'><?php\n" .
|
112 |
+
'<font color="green">' . WP_CONFIG_BEGIN . "\n" . htmlentities(WP_CONFIG_DATA) . "\n" . WP_CONFIG_END . "\n" .
|
113 |
+
'</font>' . htmlspecialchars( $wp_config_content ) . "\n" .
|
114 |
+
'</font></pre><br />';
|
115 |
+
|
116 |
+
echo '<form method="post" name="integration_form">';
|
117 |
+
|
118 |
+
if (! is_writable( $wp_config ) ) {
|
119 |
+
?>
|
120 |
+
<div style="background:#fff;border-left:4px solid #fff;-webkit-box-shadow:0 1px 1px 0 rgba(0,0,0,.1);box-shadow:0 1px 1px 0 rgba(0,0,0,.1);margin:5px 0 15px;padding:1px 12px;border-left-color:orange;">
|
121 |
+
<p><?php _e('The file is not writable, I cannot edit it for you. Please make those changes, then click on button below.', 'ninjafirewall'); ?></p>
|
122 |
+
</div>
|
123 |
+
<?php
|
124 |
+
|
125 |
+
} else {
|
126 |
+
|
127 |
+
?>
|
128 |
+
<p><label><input type="radio" name="makechange" onClick="diy_chg(this.value)" value="nfw" checked="checked"><strong><?php _e('Let NinjaFirewall make the above changes (recommended).', 'ninjafirewall'); ?></strong></label></p>
|
129 |
+
<div id="lmd">
|
130 |
+
<label><input type="checkbox" name="conf_backup" checked="checked" /><?php _e('Back up the file (wp-config.bak.php) before editing it.', 'ninjafirewall') ?></label>
|
131 |
+
<div style="background:#fff;border-left:4px solid #fff;-webkit-box-shadow:0 1px 1px 0 rgba(0,0,0,.1);box-shadow:0 1px 1px 0 rgba(0,0,0,.1);margin:5px 0 15px;padding:1px 12px;border-left-color:orange;">
|
132 |
+
<p><?php _e('Ensure that you have FTP access to your website so that, if there were a problem during the installation of the firewall, you could easily undo the changes.', 'ninjafirewall') ?></p>
|
133 |
+
</div>
|
134 |
+
</div>
|
135 |
+
<p><label><input type="radio" name="makechange" onClick="diy_chg(this.value)" value="usr"><strong><?php _e('I want to make the changes myself.', 'ninjafirewall'); ?></strong></label></p>
|
136 |
+
<p id="diy" style="display:none;"><?php _e('Please make those changes, then click on button below.', 'ninjafirewall') ?></p>
|
137 |
+
<?php
|
138 |
+
}
|
139 |
+
?>
|
140 |
+
<br />
|
141 |
+
<input type="submit" class="button-primary" name="next" value="<?php _e('Next Step', 'nfwplus') ?> »">
|
142 |
+
<input type="hidden" name="nfw_act" value="save_changes_wpwaf">
|
143 |
+
<?php wp_nonce_field('save_changes_wpwaf', 'nfwnonce', 0); ?>
|
144 |
+
</form>
|
145 |
+
</div>
|
146 |
+
|
147 |
+
<?php
|
148 |
+
$_SESSION['wp_config'] = $wp_config;
|
149 |
+
}
|
150 |
+
|
151 |
+
/* ------------------------------------------------------------------ */
|
152 |
+
|
153 |
+
function nfw_save_changes_wpwaf() {
|
154 |
+
|
155 |
+
if ( empty( $_SESSION['wp_config'] ) || ! file_exists( $_SESSION['wp_config'] ) ) {
|
156 |
+
$err = sprintf( __('Unable to find the wp-config.php file (#%s).', 'ninjafirewall' ), __LINE__ );
|
157 |
+
nfw_integration_wpwaf( $err );
|
158 |
+
return;
|
159 |
+
}
|
160 |
+
|
161 |
+
$wp_config = $_SESSION['wp_config'];
|
162 |
+
|
163 |
+
// Let NinjaFirewall do the changes:
|
164 |
+
if ( isset( $_POST['makechange'] ) && $_POST['makechange'] == 'nfw' ) {
|
165 |
+
|
166 |
+
// Back up the wp-config.php?
|
167 |
+
if ( isset( $_POST['conf_backup'] ) ) {
|
168 |
+
$dirname = dirname( $_SESSION['wp_config'] );
|
169 |
+
if (! file_exists( $dirname . '/wp-config.bak.php' ) ) {
|
170 |
+
@copy( $_SESSION['wp_config'], $dirname . '/wp-config.bak.php' );
|
171 |
+
}
|
172 |
+
}
|
173 |
+
|
174 |
+
// Clean-up any PHP INI:
|
175 |
+
$_SESSION['abspath'] = ABSPATH;
|
176 |
+
nfw_ini_data();
|
177 |
+
$php_ini = array( ABSPATH . 'php.ini', ABSPATH . 'php5.ini', ABSPATH . '.user.ini' );
|
178 |
+
foreach ( $php_ini as $file ) {
|
179 |
+
if ( file_exists( $file ) ) {
|
180 |
+
$data = file_get_contents( $file );
|
181 |
+
$data = preg_replace( '`\s?'. PHPINI_BEGIN .'.+?'. PHPINI_END .'[^\r\n]*\s?`s' , "\n", $data);
|
182 |
+
@file_put_contents( $file, $data, LOCK_EX );
|
183 |
+
}
|
184 |
+
}
|
185 |
+
// Clean-up .htaccess:
|
186 |
+
$htaccess_file = ABSPATH . '.htaccess';
|
187 |
+
if ( file_exists( $htaccess_file ) ) {
|
188 |
+
$data = file_get_contents( $htaccess_file );
|
189 |
+
$data = preg_replace( '`\s?'. HTACCESS_BEGIN .'.+?'. HTACCESS_END .'[^\r\n]*\s?`s' , "\n", $data);
|
190 |
+
@file_put_contents( $htaccess_file, $data, LOCK_EX );
|
191 |
+
}
|
192 |
+
|
193 |
+
$wp_config_content = @file_get_contents( $wp_config );
|
194 |
+
|
195 |
+
nfw_wpconfig_data();
|
196 |
+
$wp_config_content = preg_replace( '`<\?php(.+)`s', '$1', $wp_config_content );
|
197 |
+
$wp_config_content = preg_replace( '`\s?'. WP_CONFIG_BEGIN .'.+?'. WP_CONFIG_END .'[^\r\n]*\s?`s' , "\n", $wp_config_content);
|
198 |
+
@file_put_contents( $wp_config, "<?php\n". WP_CONFIG_BEGIN ."\n". WP_CONFIG_DATA ."\n". WP_CONFIG_END ."\n$wp_config_content", LOCK_EX );
|
199 |
+
|
200 |
+
?>
|
201 |
+
<div class="wrap">
|
202 |
+
<div style="width:33px;height:33px;background-image:url(<?php echo plugins_url() ?>/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
203 |
+
<h1>NinjaFirewall (WP Edition)</h1>
|
204 |
+
<br />
|
205 |
+
<div class="updated settings-error"><p><?php _e('Your configuration was saved.', 'ninjafirewall') ?>
|
206 |
+
<?php
|
207 |
+
if (! empty($_SESSION['email_install']) ) {
|
208 |
+
|
209 |
+
echo '<br />';
|
210 |
+
printf( __('A "Quick Start, FAQ & Troubleshooting Guide" email was sent to %s.', 'ninjafirewall'), '<code>' . htmlspecialchars( $_SESSION['email_install'] ) . '</code>' );
|
211 |
+
unset($_SESSION['email_install']);
|
212 |
+
}
|
213 |
+
?>
|
214 |
+
</p></div>
|
215 |
+
<?php _e('Please click the button below to test if the firewall integration was successful.', 'ninjafirewall') ?>
|
216 |
+
<form method="POST" action="?page=NinjaFirewall&nfw_firstrun=1&rnd=<?php echo time() ?>">
|
217 |
+
<p><input type="submit" class="button-primary" value="<?php _e('Test Firewall', 'ninjafirewall') ?> »" /></p>
|
218 |
+
|
219 |
+
|
220 |
+
<input type="hidden" name="nfw_act" value="save_changes_wpwaf" />
|
221 |
+
<input type="hidden" name="makechange" value="usr" />
|
222 |
+
<?php wp_nonce_field('save_changes_wpwaf', 'nfwnonce', 0); ?>
|
223 |
+
|
224 |
+
|
225 |
+
</form>
|
226 |
+
</div>
|
227 |
+
<?php
|
228 |
+
return;
|
229 |
+
}
|
230 |
+
|
231 |
+
nfw_test_wpwaf();
|
232 |
+
return;
|
233 |
+
}
|
234 |
+
|
235 |
+
/* ------------------------------------------------------------------ */
|
236 |
+
|
237 |
+
function nfw_test_wpwaf() {
|
238 |
+
|
239 |
+
if (! defined('NFW_STATUS') || NFW_STATUS != 20 ) {
|
240 |
+
$err = __('The firewall is not loaded. Make sure that the required lines of code were added to your wp-config.php file.', 'ninjafirewall' );
|
241 |
+
nfw_integration_wpwaf( $err );
|
242 |
+
}
|
243 |
+
return;
|
244 |
+
}
|
245 |
+
|
246 |
+
/* ------------------------------------------------------------------ */
|
247 |
+
// EOF //
|
lib/login_protection.php
ADDED
@@ -0,0 +1,653 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+=====================================================================+
|
4 |
+
| NinjaFirewall (WP+ Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+=====================================================================+ sa
|
8 |
+
*/
|
9 |
+
|
10 |
+
if (! defined( 'NFW_ENGINE_VERSION' ) ) {
|
11 |
+
header('HTTP/1.1 404 Not Found');
|
12 |
+
header('Status: 404 Not Found');
|
13 |
+
exit;
|
14 |
+
}
|
15 |
+
|
16 |
+
// Block immediately if user is not allowed :
|
17 |
+
nf_not_allowed( 'block', __LINE__ );
|
18 |
+
|
19 |
+
echo '
|
20 |
+
<div class="wrap">
|
21 |
+
<div style="width:33px;height:33px;background-image:url( ' . plugins_url() . '/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
22 |
+
<h1>' . __('Login Protection', 'ninjafirewall') . '</h1>';
|
23 |
+
|
24 |
+
// Saved ?
|
25 |
+
if ( isset( $_POST['nfw_options']) ) {
|
26 |
+
if ( empty($_POST['nfwnonce']) || ! wp_verify_nonce($_POST['nfwnonce'], 'bfd_save') ) {
|
27 |
+
wp_nonce_ays('bfd_save');
|
28 |
+
}
|
29 |
+
$res = nf_sub_loginprot_save();
|
30 |
+
if (! $res ) {
|
31 |
+
echo '<div class="updated notice is-dismissible"><p>' . __('Your changes have been saved.', 'ninjafirewall') . '</p></div>';
|
32 |
+
} else {
|
33 |
+
echo '<div class="error notice is-dismissible"><p>' . $res . '</p></div>';
|
34 |
+
}
|
35 |
+
}
|
36 |
+
|
37 |
+
// Fetch the current configuration, if any :
|
38 |
+
if ( file_exists( NFW_LOG_DIR . '/nfwlog/cache/bf_conf.php' ) ) {
|
39 |
+
|
40 |
+
$bfconfig = nfw_read_bf_config( NFW_LOG_DIR . '/nfwlog/cache/bf_conf.php' );
|
41 |
+
|
42 |
+
if (! @preg_match('/^[1-2]$/', $bfconfig['bf_enable']) ) {
|
43 |
+
$bfconfig['bf_enable'] = 0;
|
44 |
+
}
|
45 |
+
if (! @preg_match('/^(GET|POST|GETPOST)$/', $bfconfig['bf_request'] ) ) {
|
46 |
+
$bfconfig['bf_request'] = 'POST';
|
47 |
+
}
|
48 |
+
if ( $bfconfig['bf_request'] == 'GETPOST' ) {
|
49 |
+
$get_post = 'GET/POST';
|
50 |
+
} else {
|
51 |
+
$get_post = $bfconfig['bf_request'];
|
52 |
+
}
|
53 |
+
if (! @preg_match('/^[1-9][0-9]?$/', $bfconfig['bf_bantime'] ) ) {
|
54 |
+
$bfconfig['bf_bantime'] = 5;
|
55 |
+
}
|
56 |
+
if (! @preg_match('/^[1-9][0-9]?$/', $bfconfig['bf_attempt'] ) ) {
|
57 |
+
$bfconfig['bf_attempt'] = 8;
|
58 |
+
}
|
59 |
+
if (! @preg_match('/^[1-9][0-9]?$/', $bfconfig['bf_maxtime'] ) ) {
|
60 |
+
$bfconfig['bf_maxtime'] = 15;
|
61 |
+
}
|
62 |
+
if ( empty($bfconfig['auth_name']) || @strlen( $bfconfig['auth_pass'] ) != 40 ) {
|
63 |
+
$bfconfig['auth_name']= '';
|
64 |
+
}
|
65 |
+
if ( empty( $bfconfig['auth_msgtxt'] ) ) {
|
66 |
+
// NinjaFirewall <= 3.4.2
|
67 |
+
if (! empty( $bfconfig['auth_msg'] ) ) {
|
68 |
+
$bfconfig['auth_msgtxt'] = $bfconfig['auth_msg'];
|
69 |
+
} else {
|
70 |
+
$bfconfig['auth_msgtxt'] = __('Access restricted', 'ninjafirewall');
|
71 |
+
}
|
72 |
+
} else {
|
73 |
+
$bfconfig['auth_msgtxt'] = base64_decode( $bfconfig['auth_msgtxt'] );
|
74 |
+
}
|
75 |
+
if ( strlen( $bfconfig['auth_msgtxt'] ) > 1024 ) {
|
76 |
+
$bfconfig['auth_msgtxt'] = mb_substr( $bfconfig['auth_msgtxt'], 0, 1024, 'utf-8' );
|
77 |
+
}
|
78 |
+
|
79 |
+
if ( empty( $bfconfig['captcha_text'] ) ) {
|
80 |
+
$bfconfig['captcha_text'] = __( 'Type the characters you see in the picture below:', 'ninjafirewall' );
|
81 |
+
} else {
|
82 |
+
$bfconfig['captcha_text'] = html_entity_decode( base64_decode( $bfconfig['captcha_text'] ) );
|
83 |
+
if ( strlen( $bfconfig['captcha_text'] ) > 255 ) {
|
84 |
+
$bfconfig['captcha_text'] = mb_substr( $bfconfig['captcha_text'], 0, 255, 'utf-8' );
|
85 |
+
}
|
86 |
+
}
|
87 |
+
|
88 |
+
if (empty($bfconfig['bf_xmlrpc']) ) {
|
89 |
+
$bfconfig['bf_xmlrpc'] = 0;
|
90 |
+
} else {
|
91 |
+
$bfconfig['bf_xmlrpc'] = 1;
|
92 |
+
}
|
93 |
+
if (empty($bfconfig['bf_authlog']) ) {
|
94 |
+
$bfconfig['bf_authlog'] = 0;
|
95 |
+
} else {
|
96 |
+
$bfconfig['bf_authlog'] = 1;
|
97 |
+
}
|
98 |
+
if ( empty( $bfconfig['bf_type'] ) ) {
|
99 |
+
// Password
|
100 |
+
$bfconfig['bf_type'] = 0;
|
101 |
+
} else {
|
102 |
+
// Captcha
|
103 |
+
$bfconfig['bf_type'] = 1;
|
104 |
+
}
|
105 |
+
if ( empty( $bfconfig['bf_allow_bot'] ) ) {
|
106 |
+
$bfconfig['bf_allow_bot'] = 0;
|
107 |
+
} else {
|
108 |
+
$bfconfig['bf_allow_bot'] = 1;
|
109 |
+
}
|
110 |
+
if ( empty( $bfconfig['bf_nosig'] ) ) {
|
111 |
+
$bfconfig['bf_nosig'] = 0;
|
112 |
+
} else {
|
113 |
+
$bfconfig['bf_nosig'] = 1;
|
114 |
+
}
|
115 |
+
|
116 |
+
} else {
|
117 |
+
// Default values :
|
118 |
+
$bfconfig['bf_type'] = 0;
|
119 |
+
$bfconfig['bf_enable'] = 0;
|
120 |
+
$bfconfig['bf_request'] = 'POST';
|
121 |
+
$bfconfig['bf_bantime'] = 5;
|
122 |
+
$bfconfig['bf_attempt'] = 8;
|
123 |
+
$bfconfig['bf_maxtime'] = 15;
|
124 |
+
$bfconfig['auth_name'] = '';
|
125 |
+
$bfconfig['auth_msgtxt'] = __('Access restricted', 'ninjafirewall');
|
126 |
+
$bfconfig['bf_xmlrpc'] = 0;
|
127 |
+
$bfconfig['bf_authlog'] = 0;
|
128 |
+
$bfconfig['bf_allow_bot'] = 0;
|
129 |
+
$bfconfig['captcha_text'] = __( 'Type the characters you see in the picture below:', 'ninjafirewall' );
|
130 |
+
$bfconfig['bf_nosig'] = 0;
|
131 |
+
$get_post = 'POST';
|
132 |
+
}
|
133 |
+
?>
|
134 |
+
<script type="text/javascript">
|
135 |
+
function is_number(id) {
|
136 |
+
var e = document.getElementById(id);
|
137 |
+
if (! e.value ) { return }
|
138 |
+
if (! /^[1-9][0-9]?$/.test(e.value) ) {
|
139 |
+
alert("<?php echo esc_js( __('Please enter a number from 1 to 99 in \'Password-protect\' field.', 'ninjafirewall') ) ?>");
|
140 |
+
e.value = e.value.substring(0, e.value.length-1);
|
141 |
+
}
|
142 |
+
}
|
143 |
+
function auth_user_valid() {
|
144 |
+
var e = document.bp_form.elements['nfw_options[auth_name]'];
|
145 |
+
if ( e.value.match(/[^-\/\\_.a-zA-Z0-9]/) ) {
|
146 |
+
alert('<?php echo esc_js( __('Invalid character.', 'ninjafirewall') ) ?>');
|
147 |
+
e.value = e.value.replace(/[^-\/\\_.a-zA-Z0-9]/g,'');
|
148 |
+
return false;
|
149 |
+
}
|
150 |
+
if (e.value == 'admin') {
|
151 |
+
alert('<?php echo esc_js( __('"admin" is not acceptable, please choose another user name.', 'ninjafirewall') ) ?>');
|
152 |
+
e.value = '';
|
153 |
+
return false;
|
154 |
+
}
|
155 |
+
}
|
156 |
+
function realm_valid() {
|
157 |
+
var e = document.getElementById("realm").value;
|
158 |
+
if ( e.length >= 1024 ) {
|
159 |
+
alert('<?php echo esc_js( __('Please enter max 1024 character only.', 'ninjafirewall') ) ?>');
|
160 |
+
return false;
|
161 |
+
}
|
162 |
+
}
|
163 |
+
|
164 |
+
var bf_type = <?php echo $bfconfig['bf_type'] ?>;
|
165 |
+
var bf_enable = <?php echo $bfconfig['bf_enable'] ?>;
|
166 |
+
function toggle_submenu( enable ) {
|
167 |
+
if ( enable == 0 ) {
|
168 |
+
// Disable protection
|
169 |
+
bf_enable = 0;
|
170 |
+
jQuery("#submenu_table").slideUp();
|
171 |
+
jQuery("#bf_table").slideUp();
|
172 |
+
jQuery("#bf_table_extra").slideUp();
|
173 |
+
jQuery("#bf_table_password").slideUp();
|
174 |
+
jQuery("#bf_table_captcha").slideUp();
|
175 |
+
} else {
|
176 |
+
bf_enable = enable;
|
177 |
+
jQuery("#submenu_table").slideDown();
|
178 |
+
// Display the right table (captcha or password protection)
|
179 |
+
toggle_table( enable, bf_type );
|
180 |
+
jQuery("#bf_table_extra").slideDown();
|
181 |
+
}
|
182 |
+
}
|
183 |
+
function toggle_table( enable, type ) {
|
184 |
+
if ( type == 1 ) {
|
185 |
+
// Captcha
|
186 |
+
bf_type = 1;
|
187 |
+
if ( enable == 1 ) {
|
188 |
+
// Yes, if under attack
|
189 |
+
jQuery("#bf_table").slideDown();
|
190 |
+
} else {
|
191 |
+
// Always ON
|
192 |
+
jQuery("#bf_table").slideUp();
|
193 |
+
}
|
194 |
+
jQuery("#bf_table_password").slideUp();
|
195 |
+
jQuery("#bf_table_captcha").slideDown();
|
196 |
+
} else { // type == 2
|
197 |
+
// Password
|
198 |
+
bf_type = 0;
|
199 |
+
if ( enable == 1 ) {
|
200 |
+
// Yes, if under attack
|
201 |
+
jQuery("#bf_table").slideDown();
|
202 |
+
} else {
|
203 |
+
// Always ON
|
204 |
+
jQuery("#bf_table").slideUp();
|
205 |
+
}
|
206 |
+
jQuery("#bf_table_password").slideDown();
|
207 |
+
jQuery("#bf_table_captcha").slideUp();
|
208 |
+
}
|
209 |
+
}
|
210 |
+
function xmlrpc_warn( what ) {
|
211 |
+
if ( bf_enable == 2 && what.checked == true ) {
|
212 |
+
alert("<?php echo esc_js( __("Note: Access to the XML-RPC API will be completely disabled when the brute-force attack protection is set to 'Always ON'.", 'ninjafirewall') ) ?>");
|
213 |
+
}
|
214 |
+
}
|
215 |
+
|
216 |
+
function getpost(request){
|
217 |
+
if ( request == 'GETPOST' ) {
|
218 |
+
request = 'GET/POST';
|
219 |
+
}
|
220 |
+
document.getElementById('get_post').innerHTML = request;
|
221 |
+
}
|
222 |
+
</script>
|
223 |
+
<br />
|
224 |
+
|
225 |
+
<?php
|
226 |
+
// Protection is disabled:
|
227 |
+
if ( empty( $bfconfig['bf_enable'] ) ) {
|
228 |
+
$show_submenu_table = 0;
|
229 |
+
$show_bf_table = 0;
|
230 |
+
$show_bf_table_password = 0;
|
231 |
+
$show_bf_table_extra = 0;
|
232 |
+
$show_bf_table_captcha = 0;
|
233 |
+
|
234 |
+
// Protection set to "Yes, if under attack":
|
235 |
+
} elseif ( $bfconfig['bf_enable'] == 1 ) {
|
236 |
+
$show_submenu_table = 1;
|
237 |
+
$show_bf_table = 1;
|
238 |
+
$show_bf_table_extra = 1;
|
239 |
+
// Password?
|
240 |
+
if ( empty( $bfconfig['bf_type'] ) ) {
|
241 |
+
$show_bf_table_password = 1;
|
242 |
+
$show_bf_table_captcha = 0;
|
243 |
+
// Captcha?
|
244 |
+
} else {
|
245 |
+
$show_bf_table_password = 0;
|
246 |
+
$show_bf_table_captcha = 1;
|
247 |
+
}
|
248 |
+
|
249 |
+
// Protection set to "Always ON" (2):
|
250 |
+
} else {
|
251 |
+
$show_submenu_table = 1;
|
252 |
+
$show_bf_table = 0;
|
253 |
+
$show_bf_table_extra = 1;
|
254 |
+
// Password?
|
255 |
+
if ( empty( $bfconfig['bf_type'] ) ) {
|
256 |
+
$show_bf_table_password = 1;
|
257 |
+
$show_bf_table_captcha = 0;
|
258 |
+
// Captcha?
|
259 |
+
} else {
|
260 |
+
$show_bf_table_password = 0;
|
261 |
+
$show_bf_table_captcha = 1;
|
262 |
+
|
263 |
+
}
|
264 |
+
}
|
265 |
+
|
266 |
+
// Make sure we can display the captcha with the GD extension:
|
267 |
+
if ( function_exists( 'gd_info' ) ) {
|
268 |
+
$missing_gd = '';
|
269 |
+
$gd_disabled = '';
|
270 |
+
} else {
|
271 |
+
$missing_gd = '<p><span class="description">' .
|
272 |
+
__( 'GD Support is not available on your server.', 'ninjafirewall' ) . '</span></p>';
|
273 |
+
$gd_disabled = ' disabled="disabled"';
|
274 |
+
}
|
275 |
+
|
276 |
+
if ( $gd_disabled && $bfconfig['bf_type'] == 1 ) {
|
277 |
+
echo '<div class="error notice is-dismissible"><p>' .
|
278 |
+
__('Error: GD Support is not available on your server, the captcha protection will not work!', 'ninjafirewall') .'</p></div>';
|
279 |
+
}
|
280 |
+
|
281 |
+
?>
|
282 |
+
|
283 |
+
<form method="post" name="bp_form">
|
284 |
+
<?php wp_nonce_field('bfd_save', 'nfwnonce', 0); ?>
|
285 |
+
<table class="form-table">
|
286 |
+
<tr style="background-color:#F9F9F9;border: solid 1px #DFDFDF;">
|
287 |
+
<th scope="row"><?php _e('Enable brute force attack protection', 'ninjafirewall') ?></th>
|
288 |
+
<td> </td>
|
289 |
+
<td align="left">
|
290 |
+
<label><input type="radio" name="nfw_options[bf_enable]" value="1"<?php checked($bfconfig['bf_enable'], 1) ?> onclick="toggle_submenu(1);"> <?php _e('Yes, if under attack', 'ninjafirewall') ?></label>
|
291 |
+
</td>
|
292 |
+
<td align="left">
|
293 |
+
<label><input type="radio" name="nfw_options[bf_enable]" value="2"<?php checked($bfconfig['bf_enable'], 2) ?> onclick="toggle_submenu(2);"> <?php _e('Always ON', 'ninjafirewall') ?></label>
|
294 |
+
</td>
|
295 |
+
<td align="left">
|
296 |
+
<label><input type="radio" name="nfw_options[bf_enable]" value="0"<?php checked($bfconfig['bf_enable'], 0) ?> onclick="toggle_submenu(0);"> <?php _e('No (default)', 'ninjafirewall') ?></label>
|
297 |
+
</td>
|
298 |
+
</tr>
|
299 |
+
</table>
|
300 |
+
<br />
|
301 |
+
|
302 |
+
<div id="submenu_table"<?php echo $show_submenu_table == 1 ? '' : ' style="display:none"' ?>>
|
303 |
+
<table class="form-table">
|
304 |
+
|
305 |
+
<tr style="background-color:#F9F9F9;border: solid 1px #DFDFDF;">
|
306 |
+
<th scope="row"><?php _e('Type of protection', 'ninjafirewall') ?></th>
|
307 |
+
<td> </td>
|
308 |
+
<td align="left" style="vertical-align:top">
|
309 |
+
<label><input type="radio" name="nfw_options[bf_type]" value="0"<?php checked($bfconfig['bf_type'], 0) ?> onclick="toggle_table(bf_enable, 0);"> <?php _e('Password', 'ninjafirewall') ?></label>
|
310 |
+
</td>
|
311 |
+
<td align="left" style="vertical-align:top">
|
312 |
+
<label><input type="radio" name="nfw_options[bf_type]" value="1"<?php checked($bfconfig['bf_type'], 1) ?> onclick="toggle_table(bf_enable, 1);"<?php echo $gd_disabled ?> /> <?php _e('Captcha', 'ninjafirewall') ?></label><?php echo $missing_gd ?>
|
313 |
+
</td>
|
314 |
+
</tr>
|
315 |
+
</table>
|
316 |
+
</div>
|
317 |
+
|
318 |
+
<div id="bf_table"<?php echo $show_bf_table == 1 ? '' : ' style="display:none"' ?>>
|
319 |
+
<table class="form-table">
|
320 |
+
<tr>
|
321 |
+
<th scope="row"><?php _e('Protect the login page against', 'ninjafirewall') ?></th>
|
322 |
+
<td align="left">
|
323 |
+
<p><label><input onclick="getpost(this.value);" type="radio" name="nfw_options[bf_request]" value="GET"<?php checked($bfconfig['bf_request'], 'GET') ?>> <?php _e('<code>GET</code> request attacks', 'ninjafirewall') ?></label></p>
|
324 |
+
<p><label><input onclick="getpost(this.value);" type="radio" name="nfw_options[bf_request]" value="POST"<?php checked($bfconfig['bf_request'], 'POST') ?>> <?php _e('<code>POST</code> request attacks (default)', 'ninjafirewall') ?></label></p>
|
325 |
+
<p><label><input onclick="getpost(this.value);" type="radio" name="nfw_options[bf_request]" value="GETPOST"<?php checked($bfconfig['bf_request'], 'GETPOST') ?>> <?php _e('<code>GET</code> and <code>POST</code> requests attacks', 'ninjafirewall') ?></label></p>
|
326 |
+
</td>
|
327 |
+
</tr>
|
328 |
+
<tr valign="top">
|
329 |
+
<th scope="row"><?php _e('Enable protection', 'ninjafirewall') ?></th>
|
330 |
+
<td align="left">
|
331 |
+
<?php
|
332 |
+
printf( __('For %1$s minutes, if more than %2$s %3$s requests within %4$s seconds.', 'ninjafirewall'),
|
333 |
+
'<input maxlength="2" size="2" value="'. $bfconfig['bf_bantime'] .'" name="nfw_options[bf_bantime]" id="ban1" onkeyup="is_number(\'ban1\')" class="small-text" type="number" />',
|
334 |
+
'<input maxlength="2" size="2" value="'. $bfconfig['bf_attempt'] .'" name="nfw_options[bf_attempt]" id="ban2" onkeyup="is_number(\'ban2\')" class="small-text" type="number" />', '<code id="get_post">'. $get_post .'</code>',
|
335 |
+
'<input maxlength="2" size="2" value="'. $bfconfig['bf_maxtime'] .'" name="nfw_options[bf_maxtime]" id="ban3" onkeyup="is_number(\'ban3\')" class="small-text" type="number" />'
|
336 |
+
);
|
337 |
+
?>
|
338 |
+
</td>
|
339 |
+
</tr>
|
340 |
+
</table>
|
341 |
+
</div>
|
342 |
+
|
343 |
+
<?php
|
344 |
+
if ( empty($bfconfig['auth_pass']) ) {
|
345 |
+
$placeholder = '';
|
346 |
+
} else {
|
347 |
+
$placeholder = '••••••••';
|
348 |
+
}
|
349 |
+
?>
|
350 |
+
<div id="bf_table_password"<?php echo $show_bf_table_password ? '' : ' style="display:none"' ?>>
|
351 |
+
<table class="form-table">
|
352 |
+
<tr valign="top">
|
353 |
+
<th scope="row"><?php _e('HTTP authentication', 'ninjafirewall') ?></th>
|
354 |
+
<td align="left">
|
355 |
+
<?php _e('User:', 'ninjafirewall') ?> <input maxlength="32" type="text" autocomplete="off" value="<?php echo htmlspecialchars( $bfconfig['auth_name'] ) ?>" size="12" name="nfw_options[auth_name]" onkeyup="auth_user_valid();" /> <?php _e('Password:', 'ninjafirewall') ?> <input maxlength="32" placeholder="<?php echo $placeholder ?>" type="password" autocomplete="off" value="" size="12" name="nfw_options[auth_pass]" />
|
356 |
+
<br /><span class="description"> <?php _e('User and Password must be from 6 to 32 characters.', 'ninjafirewall') ?></span>
|
357 |
+
<br /><br /><?php _e('Message (max. 1024 characters, HTML tags allowed)', 'ninjafirewall') ?>:<br />
|
358 |
+
<textarea id="realm" name="nfw_options[auth_msgtxt]" class="small-text code" cols="60" rows="5" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" oninput="realm_valid();"><?php echo htmlspecialchars( $bfconfig['auth_msgtxt'] ) ?></textarea>
|
359 |
+
</td>
|
360 |
+
</tr>
|
361 |
+
</table>
|
362 |
+
</div>
|
363 |
+
|
364 |
+
|
365 |
+
<div id="bf_table_captcha"<?php echo $show_bf_table_captcha ? '' : ' style="display:none"' ?>>
|
366 |
+
<table class="form-table">
|
367 |
+
<tr valign="top">
|
368 |
+
<th scope="row"><?php _e('Message', 'ninjafirewall') ?></th>
|
369 |
+
<td align="left">
|
370 |
+
<input maxlength="255" class="large-text" type="text" autocomplete="off" value="<?php echo htmlspecialchars( $bfconfig['captcha_text'] ) ?>" name="nfw_options[captcha_text]" />
|
371 |
+
<p><span class="description"><?php _e('This message will be displayed above the captcha. Max. 255 characters.', 'ninjafirewall') ?></span></p>
|
372 |
+
</td>
|
373 |
+
</tr>
|
374 |
+
</table>
|
375 |
+
</div>
|
376 |
+
|
377 |
+
|
378 |
+
<div id="bf_table_extra"<?php echo $show_bf_table_extra ? '' : ' style="display:none"' ?>>
|
379 |
+
<br />
|
380 |
+
<h3><?php _e('Various options', 'ninjafirewall') ?></h3>
|
381 |
+
<table class="form-table">
|
382 |
+
<tr>
|
383 |
+
<th scope="row"><?php _e('XML-RPC API', 'ninjafirewall') ?></th>
|
384 |
+
<td align="left">
|
385 |
+
<label><input type="checkbox" onClick="xmlrpc_warn(this);" name="nfw_options[bf_xmlrpc]" value="1"<?php checked($bfconfig['bf_xmlrpc'], 1) ?>> <?php _e('Apply the protection to the <code>xmlrpc.php</code> script as well.', 'ninjafirewall') ?></label>
|
386 |
+
</td>
|
387 |
+
</tr>
|
388 |
+
|
389 |
+
<tr>
|
390 |
+
<th scope="row"><?php _e('Bot protection', 'ninjafirewall') ?></th>
|
391 |
+
<td align="left">
|
392 |
+
<label><input type="checkbox" name="nfw_options[bf_allow_bot]" value="1"<?php checked($bfconfig['bf_allow_bot'], 0) ?>> <?php _e('Enable bot protection (applies to <code>wp-login.php</code> only.)', 'ninjafirewall') ?></label>
|
393 |
+
</td>
|
394 |
+
</tr>
|
395 |
+
|
396 |
+
<tr valign="top">
|
397 |
+
<th scope="row"><?php _e('Authentication log', 'ninjafirewall') ?></th>
|
398 |
+
<td align="left">
|
399 |
+
<?php
|
400 |
+
// Ensure that openlog() and syslog() are not disabled:
|
401 |
+
if (! function_exists('syslog') || ! function_exists('openlog') ) {
|
402 |
+
$bfconfig['bf_authlog'] = 0;
|
403 |
+
$bf_msg = __('Your server configuration is not compatible with that option.', 'ninjafirewall');
|
404 |
+
$enabled = 0;
|
405 |
+
} else {
|
406 |
+
$bf_msg = __('See contextual help before enabling this option.', 'ninjafirewall');
|
407 |
+
$enabled = 1;
|
408 |
+
}
|
409 |
+
?>
|
410 |
+
<label><input type="checkbox" name="nfw_options[bf_authlog]" value="1"<?php checked($bfconfig['bf_authlog'], 1) ?><?php disabled($enabled, 0)?>> <?php _e('Write the incident to the server Authentication log.', 'ninjafirewall') ?></label>
|
411 |
+
<br />
|
412 |
+
<span class="description"><?php echo $bf_msg ?></span>
|
413 |
+
</td>
|
414 |
+
</tr>
|
415 |
+
<tr>
|
416 |
+
<th scope="row"><?php _e('Signature', 'ninjafirewall') ?></th>
|
417 |
+
<td align="left">
|
418 |
+
<label><input type="checkbox" name="nfw_options[bf_nosig]" value="1"<?php checked($bfconfig['bf_nosig'], 1) ?>> <?php
|
419 |
+
// translators: "Brute-force protection by NinjaFirewall" should not be translated.
|
420 |
+
_e('Disable the <i>Brute-force protection by NinjaFirewall</i> signature on the protection page.', 'ninjafirewall') ?></label>
|
421 |
+
</td>
|
422 |
+
</tr>
|
423 |
+
|
424 |
+
</table>
|
425 |
+
</div>
|
426 |
+
|
427 |
+
<br />
|
428 |
+
<br />
|
429 |
+
<input id="save_login" class="button-primary" type="submit" name="Save" value="<?php _e('Save Login Protection', 'ninjafirewall') ?>" />
|
430 |
+
<div align="right"><?php _e('See our benchmark and stress-test:', 'ninjafirewall') ?>
|
431 |
+
<br />
|
432 |
+
<a href="https://blog.nintechnet.com/wordpress-brute-force-attack-detection-plugins-comparison-2015/">Brute-force attack detection plugins comparison</a>
|
433 |
+
</div>
|
434 |
+
</form>
|
435 |
+
</div>
|
436 |
+
|
437 |
+
<?php
|
438 |
+
|
439 |
+
/* ================================================================== */
|
440 |
+
|
441 |
+
function nf_sub_loginprot_save() {
|
442 |
+
|
443 |
+
// Block immediately if user is not allowed :
|
444 |
+
nf_not_allowed( 'block', __LINE__ );
|
445 |
+
|
446 |
+
// The directory must be writable :
|
447 |
+
if (! is_writable( NFW_LOG_DIR . '/nfwlog/cache' ) ) {
|
448 |
+
return( sprintf( __('Error: %s directory is not writable. Please chmod it to 0777.', 'ninjafirewall'), '<code>'. htmlspecialchars(NFW_LOG_DIR) .'/nfwlog/cache</code>') );
|
449 |
+
}
|
450 |
+
|
451 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
452 |
+
|
453 |
+
$bf_rand = '';
|
454 |
+
if ( file_exists( NFW_LOG_DIR . '/nfwlog/cache/bf_conf.php' ) ) {
|
455 |
+
require( NFW_LOG_DIR . '/nfwlog/cache/bf_conf.php' );
|
456 |
+
}
|
457 |
+
|
458 |
+
if ( preg_match( '/^[012]$/', $_POST['nfw_options']['bf_enable'] ) ) {
|
459 |
+
$bf_enable = $_POST['nfw_options']['bf_enable'];
|
460 |
+
} else {
|
461 |
+
$bf_enable = 1;
|
462 |
+
}
|
463 |
+
|
464 |
+
if ( preg_match( '/^[01]$/', $_POST['nfw_options']['bf_type'] ) ) {
|
465 |
+
$bf_type = $_POST['nfw_options']['bf_type'];
|
466 |
+
} else {
|
467 |
+
$bf_type = 0;
|
468 |
+
}
|
469 |
+
|
470 |
+
// Ensure we have all values, otherwise set the default ones :
|
471 |
+
if ( @preg_match('/^(GET|POST|GETPOST)$/', $_POST['nfw_options']['bf_request'] ) ) {
|
472 |
+
$bf_request = $_POST['nfw_options']['bf_request'];
|
473 |
+
} else {
|
474 |
+
// Default value :
|
475 |
+
$bf_request = 'POST';
|
476 |
+
}
|
477 |
+
|
478 |
+
if ( @preg_match('/^[1-9][0-9]?$/', $_POST['nfw_options']['bf_bantime'] ) ) {
|
479 |
+
$bf_bantime = $_POST['nfw_options']['bf_bantime'];
|
480 |
+
} else {
|
481 |
+
// Default value :
|
482 |
+
$bf_bantime = 5;
|
483 |
+
}
|
484 |
+
if ( @preg_match('/^[1-9][0-9]?$/', $_POST['nfw_options']['bf_attempt'] ) ) {
|
485 |
+
$bf_attempt = $_POST['nfw_options']['bf_attempt'];
|
486 |
+
} else {
|
487 |
+
// Default value :
|
488 |
+
$bf_attempt = 8;
|
489 |
+
}
|
490 |
+
if ( @preg_match('/^[1-9][0-9]?$/', $_POST['nfw_options']['bf_maxtime'] ) ) {
|
491 |
+
$bf_maxtime = $_POST['nfw_options']['bf_maxtime'];
|
492 |
+
} else {
|
493 |
+
// Default value :
|
494 |
+
$bf_maxtime = 15;
|
495 |
+
}
|
496 |
+
|
497 |
+
if ( empty($_POST['nfw_options']['bf_xmlrpc']) ) {
|
498 |
+
$bf_xmlrpc = 0;
|
499 |
+
} else {
|
500 |
+
$bf_xmlrpc = 1;
|
501 |
+
}
|
502 |
+
|
503 |
+
if ( empty($_POST['nfw_options']['bf_authlog']) ) {
|
504 |
+
$bf_authlog = 0;
|
505 |
+
} else {
|
506 |
+
$bf_authlog = 1;
|
507 |
+
}
|
508 |
+
|
509 |
+
if ( empty($_POST['nfw_options']['bf_allow_bot']) ) {
|
510 |
+
$bf_allow_bot = 1;
|
511 |
+
} else {
|
512 |
+
$bf_allow_bot = 0;
|
513 |
+
}
|
514 |
+
|
515 |
+
if ( empty($_POST['nfw_options']['bf_nosig']) ) {
|
516 |
+
$bf_nosig = 0;
|
517 |
+
} else {
|
518 |
+
$bf_nosig = 1;
|
519 |
+
}
|
520 |
+
|
521 |
+
if ( empty($_POST['nfw_options']['auth_name']) && ! empty( $bf_enable ) && empty( $bf_type ) ) {
|
522 |
+
return( __('Error: please enter a user name for HTTP authentication.', 'ninjafirewall') );
|
523 |
+
} elseif (! preg_match('`^[-/\\_.a-zA-Z0-9]{6,32}$`', $_POST['nfw_options']['auth_name']) && ! empty( $bf_enable ) && empty( $bf_type ) ) {
|
524 |
+
return( __('Error: HTTP authentication user name is not valid.', 'ninjafirewall') );
|
525 |
+
}
|
526 |
+
$auth_name = $_POST['nfw_options']['auth_name'];
|
527 |
+
|
528 |
+
if ( empty($_POST['nfw_options']['auth_pass']) && ! empty( $bf_enable ) && empty( $bf_type ) ) {
|
529 |
+
if ( empty($auth_name) || empty($auth_pass) ) {
|
530 |
+
return( __('Error: please enter a user name and password for HTTP authentication.', 'ninjafirewall') );
|
531 |
+
}
|
532 |
+
} elseif ( (strlen($_POST['nfw_options']['auth_pass']) < 6 || strlen($_POST['nfw_options']['auth_pass']) > 32 ) && ! empty( $bf_enable ) && empty( $bf_type ) ) {
|
533 |
+
return( __('Error: password must be from 6 to 32 characters.', 'ninjafirewall') );
|
534 |
+
} else {
|
535 |
+
// Use stripslashes() to prevent WordPress from escaping the password:
|
536 |
+
$auth_pass = sha1( stripslashes( $_POST['nfw_options']['auth_pass'] ) );
|
537 |
+
}
|
538 |
+
|
539 |
+
if ( empty( $_POST['nfw_options']['auth_msgtxt'] ) ) {
|
540 |
+
$auth_msgtxt = base64_encode( __('Access restricted', 'ninjafirewall') );
|
541 |
+
} else {
|
542 |
+
$auth_msgtxt = stripslashes( $_POST['nfw_options']['auth_msgtxt'] );
|
543 |
+
if ( strlen( $auth_msgtxt ) > 1024 ) {
|
544 |
+
$auth_msgtxt = mb_substr( $auth_msgtxt, 0, 1024, 'utf-8' );
|
545 |
+
}
|
546 |
+
$auth_msgtxt = base64_encode( $auth_msgtxt );
|
547 |
+
}
|
548 |
+
|
549 |
+
if ( empty( $_POST['nfw_options']['captcha_text'] ) ) {
|
550 |
+
$captcha_text = base64_encode( __('Type the characters you see in the picture below:', 'ninjafirewall') );
|
551 |
+
} else {
|
552 |
+
$captcha_text = stripslashes( $_POST['nfw_options']['captcha_text'] );
|
553 |
+
if ( strlen( $captcha_text ) > 255 ) {
|
554 |
+
$captcha_text = mb_substr( $captcha_text, 0, 255, 'utf-8' );
|
555 |
+
}
|
556 |
+
$captcha_text = base64_encode( htmlentities( $captcha_text ) );
|
557 |
+
}
|
558 |
+
|
559 |
+
// Generate a new rand value:
|
560 |
+
$bf_rand = mt_rand(100000, 999999);
|
561 |
+
|
562 |
+
// Save config:
|
563 |
+
$data = "<?php \$bf_enable={$bf_enable};\$bf_type={$bf_type};\$bf_request='{$bf_request}';\$bf_bantime={$bf_bantime};\$bf_attempt={$bf_attempt};\$bf_maxtime={$bf_maxtime};\$bf_xmlrpc={$bf_xmlrpc};\$bf_allow_bot={$bf_allow_bot};\$auth_name='{$auth_name}';\$auth_pass='{$auth_pass}';\$auth_msgtxt='{$auth_msgtxt}';\$bf_rand='{$bf_rand}';\$bf_authlog={$bf_authlog};\$captcha_text='{$captcha_text}';\$bf_nosig={$bf_nosig}; ?>";
|
564 |
+
|
565 |
+
|
566 |
+
$fh = fopen( NFW_LOG_DIR . '/nfwlog/cache/bf_conf.php', 'w' );
|
567 |
+
if (! $fh) {
|
568 |
+
return( sprintf( __('Error: unable to write to the %s configuration file', 'ninjafirewall'), '<code>' .
|
569 |
+
htmlspecialchars(NFW_LOG_DIR) . '/nfwlog/cache/bf_conf.php</code>') );
|
570 |
+
}
|
571 |
+
fwrite( $fh, $data );
|
572 |
+
fclose( $fh );
|
573 |
+
|
574 |
+
// Whitelist the admin:
|
575 |
+
$_SESSION['nfw_bfd'] = $bf_rand;
|
576 |
+
|
577 |
+
// Delete cached files:
|
578 |
+
$path = NFW_LOG_DIR . '/nfwlog/cache/';
|
579 |
+
$glob = glob( $path . "bf_*" );
|
580 |
+
if ( is_array( $glob ) ) {
|
581 |
+
foreach( $glob as $file ) {
|
582 |
+
// Keep the current config:
|
583 |
+
if ( preg_match( '`/bf_conf.php`', $file ) ) { continue; }
|
584 |
+
unlink( $file );
|
585 |
+
}
|
586 |
+
}
|
587 |
+
|
588 |
+
}
|
589 |
+
|
590 |
+
/* ================================================================== */
|
591 |
+
|
592 |
+
function nfw_read_bf_config( $file ) {
|
593 |
+
|
594 |
+
// Rather then including the file with include() or require(), we open
|
595 |
+
// and read it, because if the user had an opcode cache running, changes
|
596 |
+
// would not appear right away.
|
597 |
+
|
598 |
+
$conf = file_get_contents( $file );
|
599 |
+
|
600 |
+
$bfconfig = array();
|
601 |
+
|
602 |
+
if ( preg_match( '/\$bf_enable=[\'"]?(\d*)[\'"]?;/', $conf, $match ) ) {
|
603 |
+
$bfconfig['bf_enable'] = $match[1];
|
604 |
+
}
|
605 |
+
if ( preg_match( '/\$bf_type=[\'"]?(\d*)[\'"]?;/', $conf, $match ) ) {
|
606 |
+
$bfconfig['bf_type'] = $match[1];
|
607 |
+
}
|
608 |
+
if ( preg_match( '/\$bf_request=[\'"]?(.*?)[\'"]?;/', $conf, $match ) ) {
|
609 |
+
$bfconfig['bf_request'] = $match[1];
|
610 |
+
}
|
611 |
+
if ( preg_match( '/\$bf_bantime=[\'"]?(\d*)[\'"]?;/', $conf, $match ) ) {
|
612 |
+
$bfconfig['bf_bantime'] = $match[1];
|
613 |
+
}
|
614 |
+
if ( preg_match( '/\$bf_attempt=[\'"]?(\d*)[\'"]?;/', $conf, $match ) ) {
|
615 |
+
$bfconfig['bf_attempt'] = $match[1];
|
616 |
+
}
|
617 |
+
if ( preg_match( '/\$bf_maxtime=[\'"]?(\d*)[\'"]?;/', $conf, $match ) ) {
|
618 |
+
$bfconfig['bf_maxtime'] = $match[1];
|
619 |
+
}
|
620 |
+
if ( preg_match( '/\$bf_xmlrpc=[\'"]?(\d*)[\'"]?;/', $conf, $match ) ) {
|
621 |
+
$bfconfig['bf_xmlrpc'] = $match[1];
|
622 |
+
}
|
623 |
+
if ( preg_match( '/\$bf_allow_bot=[\'"]?(\d*)[\'"]?;/', $conf, $match ) ) {
|
624 |
+
$bfconfig['bf_allow_bot'] = $match[1];
|
625 |
+
}
|
626 |
+
if ( preg_match( '/\$auth_name=[\'"]?(.*?)[\'"]?;/', $conf, $match ) ) {
|
627 |
+
$bfconfig['auth_name'] = $match[1];
|
628 |
+
}
|
629 |
+
if ( preg_match( '/\$auth_pass=[\'"]?(.*?)[\'"]?;/', $conf, $match ) ) {
|
630 |
+
$bfconfig['auth_pass'] = $match[1];
|
631 |
+
}
|
632 |
+
if ( preg_match( '/\$auth_msgtxt=[\'"]?(.*?)[\'"]?;/', $conf, $match ) ) {
|
633 |
+
$bfconfig['auth_msgtxt'] = $match[1];
|
634 |
+
}
|
635 |
+
if ( preg_match( '/\$bf_rand=[\'"]?(.*?)[\'"]?;/', $conf, $match ) ) {
|
636 |
+
$bfconfig['bf_rand'] = $match[1];
|
637 |
+
}
|
638 |
+
if ( preg_match( '/\$bf_authlog=[\'"]?(.*?)[\'"]?;/', $conf, $match ) ) {
|
639 |
+
$bfconfig['bf_authlog'] = $match[1];
|
640 |
+
}
|
641 |
+
if ( preg_match( '/\$captcha_text=[\'"]?(.*?)[\'"]?;/', $conf, $match ) ) {
|
642 |
+
$bfconfig['captcha_text'] = $match[1];
|
643 |
+
}
|
644 |
+
if ( preg_match( '/\$bf_nosig=[\'"]?(.*?)[\'"]?;/', $conf, $match ) ) {
|
645 |
+
$bfconfig['bf_nosig'] = $match[1];
|
646 |
+
}
|
647 |
+
|
648 |
+
return $bfconfig;
|
649 |
+
|
650 |
+
}
|
651 |
+
|
652 |
+
/* ================================================================== */
|
653 |
+
// EOF
|
lib/nf_sub_about.php
ADDED
@@ -0,0 +1,199 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+---------------------------------------------------------------------+
|
4 |
+
| NinjaFirewall (WP Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+---------------------------------------------------------------------+
|
8 |
+
| This program is free software: you can redistribute it and/or |
|
9 |
+
| modify it under the terms of the GNU General Public License as |
|
10 |
+
| published by the Free Software Foundation, either version 3 of |
|
11 |
+
| the License, or (at your option) any later version. |
|
12 |
+
| |
|
13 |
+
| This program is distributed in the hope that it will be useful, |
|
14 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
+
| GNU General Public License for more details. |
|
17 |
+
+---------------------------------------------------------------------+ i18n+ / sa
|
18 |
+
*/
|
19 |
+
|
20 |
+
if (! defined( 'NFW_ENGINE_VERSION' ) ) { die( 'Forbidden' ); }
|
21 |
+
|
22 |
+
// Block immediately if user is not allowed :
|
23 |
+
nf_not_allowed( 'block', __LINE__ );
|
24 |
+
|
25 |
+
// Fetch readme.txt :
|
26 |
+
if ( $data = @file_get_contents( dirname( plugin_dir_path(__FILE__) ) . '/readme.txt' ) ) {
|
27 |
+
$what = '== Changelog ==';
|
28 |
+
$pos_start = strpos( $data, $what );
|
29 |
+
$changelog = substr( $data, $pos_start + strlen( $what ) + 1 );
|
30 |
+
} else {
|
31 |
+
$changelog = __('Error : cannot find changelog :(', 'ninjafirewall');
|
32 |
+
}
|
33 |
+
|
34 |
+
// Hide/show the corresponding table when the user clicks a button
|
35 |
+
// (e.g., changelog, privacy policy etc) :
|
36 |
+
echo '<script>
|
37 |
+
function show_table(table_id) {
|
38 |
+
var av_table = [11, 12, 13, 14];
|
39 |
+
for (var i = 0; i < av_table.length; ++i) {
|
40 |
+
if ( table_id == av_table[i] ) {
|
41 |
+
jQuery("#" + table_id).slideDown();
|
42 |
+
} else {
|
43 |
+
jQuery("#" + av_table[i]).slideUp();
|
44 |
+
}
|
45 |
+
};
|
46 |
+
}
|
47 |
+
var dgs=0;
|
48 |
+
function nfw_eg() {
|
49 |
+
setTimeout("nfw_eg()",5);if(dgs<180){++dgs;document.body.style.webkitTransform = "rotate("+dgs+"deg)";document.body.style.msTransform = "rotate("+dgs+"deg)";document.body.style.transform = "rotate("+dgs+"deg)";}document.body.style.overflow="hidden";
|
50 |
+
}
|
51 |
+
</script>
|
52 |
+
<div class="wrap">
|
53 |
+
<div style="width:33px;height:33px;background-image:url( ' . plugins_url() . '/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;" title="NinTechNet"></div>
|
54 |
+
<h1>' . __('About', 'ninjafirewall') .'</h1>
|
55 |
+
<br />
|
56 |
+
<center>';
|
57 |
+
?>
|
58 |
+
<table border="0" width="80%" style="padding:10px;-moz-box-shadow:-3px 5px 5px #999;-webkit-box-shadow:-3px 5px 5px #999;box-shadow:-3px 5px 5px #999;background-color:#749BBB;border:1px solid #638DB0;color:#fff;border-radius:6px">
|
59 |
+
<tr>
|
60 |
+
<td style="text-align:center">
|
61 |
+
<font style="font-size: 2em; font-weight: bold;">NinjaFirewall (WP Edition) v<?php echo NFW_ENGINE_VERSION ?></font>
|
62 |
+
<br />
|
63 |
+
<font onContextMenu="nfw_eg();return false;">©</font> <?php echo date( 'Y' ) ?> <a href="https://nintechnet.com/" target="_blank" title="The Ninja Technologies Network" style="color:#fcdc25"><strong>NinTechNet</strong></a>
|
64 |
+
<br />
|
65 |
+
The Ninja Technologies Network
|
66 |
+
<p><a href="https://twitter.com/nintechnet"><img border="1" src="<?php echo plugins_url() ?>/ninjafirewall/images/twitter_ntn.png" width="116" height="28" target="_blank"></a></p>
|
67 |
+
</td>
|
68 |
+
</tr>
|
69 |
+
<tr style="text-align:center">
|
70 |
+
<td width="100%">
|
71 |
+
<table width="100%" border="0">
|
72 |
+
<tr>
|
73 |
+
<td style="width:33.3333%">
|
74 |
+
<font style="font-size: 1.5em; font-weight: bold;">NinjaScanner</font>
|
75 |
+
<p><?php _e('A powerful antivirus<br />scanner for WordPress.', 'ninjafirewall') ?></p>
|
76 |
+
<i style="border-radius:20%;display:inline-block;height:150px;vertical-align:middle;width:150px;border:5px solid #FFF;box-shadow: -2px 3px 3px #999 inset;background:transparent url('<?php echo plugins_url() ?>/ninjafirewall/images/logo_ns_80.png') no-repeat scroll center center;background-color:#F8F8F8;"></i>
|
77 |
+
<p><a href="https://nintechnet.com/ninjascanner/" class="button-primary" style="color:#FFF;background-color:#449D44;border-color:#398439;text-shadow:none"><?php _e('Free Download', 'ninjafirewall') ?></a></p>
|
78 |
+
</td>
|
79 |
+
<td style="width:33.3333%">
|
80 |
+
<font style="font-size: 1.5em; font-weight: bold;">NinjaMonitoring</font>
|
81 |
+
<p><?php _e('Website Monitoring<br />for just $4.99/month.', 'ninjafirewall') ?></p>
|
82 |
+
<i style="border-radius:20%;display:inline-block;height:150px;vertical-align:middle;width:150px;border:5px solid #FFF;box-shadow: -2px 3px 3px #999 inset;background:transparent url('<?php echo plugins_url() ?>/ninjafirewall/images/logo_nm_80.png') no-repeat scroll center center;background-color:#F8F8F8;"></i>
|
83 |
+
<p><a href="https://nintechnet.com/ninjamonitoring/" class="button-primary" style="color:#FFF;background-color:#EC971F;border-color:#D58512;text-shadow:none"><?php _e('7-Day Free Trial', 'ninjafirewall') ?></a></p>
|
84 |
+
</td>
|
85 |
+
<td style="width:33.3333%">
|
86 |
+
<font style="font-size: 1.5em; font-weight: bold;">NinjaRecovery</font>
|
87 |
+
<p><?php _e('Malware removal<br />and hack recovery.', 'ninjafirewall') ?></p>
|
88 |
+
<i style="border-radius:20%;display:inline-block;height:150px;vertical-align:middle;width:150px;border:5px solid #FFF;box-shadow: -2px 3px 3px #999 inset;background:transparent url('<?php echo plugins_url() ?>/ninjafirewall/images/logo_nr_80.png') no-repeat scroll center center;background-color:#F8F8F8;"></i>
|
89 |
+
<p><a href="https://nintechnet.com/ninjarecovery/" class="button-primary" style="color:#FFF;background-color:#C9302C;border-color:#AC2925;text-shadow:none"><?php _e('Clean Your Site!', 'ninjafirewall') ?></a></p>
|
90 |
+
</td>
|
91 |
+
</tr>
|
92 |
+
</table>
|
93 |
+
</td>
|
94 |
+
</tr>
|
95 |
+
|
96 |
+
</table>
|
97 |
+
<?php
|
98 |
+
echo '
|
99 |
+
<br />
|
100 |
+
<br />
|
101 |
+
<input class="button-secondary" type="button" value="' . __('Changelog', 'ninjafirewall') . '" onclick="show_table(12);"> <input class="button-primary" type="button" value="' . __('Spread the word!', 'ninjafirewall') . '" onclick="show_table(11);" active> <input class="button-secondary" type="button" value="' . __('Referral Program', 'ninjafirewall') . '" onclick="show_table(14);"> <input class="button-secondary" type="button" value="' . __('System Info', 'ninjafirewall') . '" onclick="show_table(13);">
|
102 |
+
<br />
|
103 |
+
<br />
|
104 |
+
|
105 |
+
<div id="11">
|
106 |
+
<table style="text-align:justify;border:2px #749BBB solid;padding:6px;border-radius:4px" border="0" width="500">
|
107 |
+
<tr style="text-align:center;">
|
108 |
+
<td><a href="http://www.facebook.com/sharer.php?u=https://nintechnet.com/" target="_blank"><img title="Share it" src="' . plugins_url() . '/ninjafirewall/images/facebook.png" width="90" height="90" style="border: 0px solid #DFDFDF;padding:0px;-moz-box-shadow:-3px 5px 5px #999;-webkit-box-shadow:-3px 5px 5px #999;box-shadow:-3px 5px 5px #999;background-color:#FCFCFC;"></a></td>
|
109 |
+
<td><a href="https://plus.google.com/share?url=https://nintechnet.com/" target="_blank"><img title="Share it" src="' . plugins_url() . '/ninjafirewall/images/google.png" width="90" height="90" style="border: 0px solid #DFDFDF;padding:0px;-moz-box-shadow:-3px 5px 5px #999;-webkit-box-shadow:-3px 5px 5px #999;box-shadow:-3px 5px 5px #999;background-color:#FCFCFC;"></a></td>
|
110 |
+
<td><a href="http://twitter.com/share?text=NinjaFirewall&url=https://nintechnet.com/" target="_blank"><img title="Share it" src="' . plugins_url() . '/ninjafirewall/images/twitter.png" width="90" height="90" style="border: 0px solid #DFDFDF;padding:0px;-moz-box-shadow:-3px 5px 5px #999;-webkit-box-shadow:-3px 5px 5px #999;box-shadow:-3px 5px 5px #999;background-color:#FCFCFC;"></a></td>
|
111 |
+
<td><a href="https://wordpress.org/support/view/plugin-reviews/ninjafirewall?rate=5#postform"><img title="Rate it" border="0" src="'. plugins_url() .'/ninjafirewall/images/rate.png" width="116" height="28" style="border: 0px solid #DFDFDF;padding:0px;-moz-box-shadow:-3px 5px 5px #999;-webkit-box-shadow:-3px 5px 5px #999;box-shadow:-3px 5px 5px #999;background-color:#FCFCFC;"><br />Rate it on WordPress.org!</a>
|
112 |
+
</td>
|
113 |
+
</tr>
|
114 |
+
</table>
|
115 |
+
</div>
|
116 |
+
|
117 |
+
<div id="12" style="display:none;">
|
118 |
+
<table width="500">
|
119 |
+
<tr>
|
120 |
+
<td>
|
121 |
+
<textarea class="small-text code" cols="60" rows="8" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false">' . htmlspecialchars($changelog) . '</textarea>
|
122 |
+
</td>
|
123 |
+
</tr>
|
124 |
+
</table>
|
125 |
+
</div>
|
126 |
+
|
127 |
+
<div id="13" style="display:none;">
|
128 |
+
<table border="0" style="text-align:justify;border:2px #749BBB solid;padding:6px;border-radius:4px" width="500">
|
129 |
+
<tr valign="top"><td width="47%;" align="right">REMOTE_ADDR</td><td width="3%"> </td><td width="50%" align="left">' . htmlspecialchars($_SERVER['REMOTE_ADDR']) . '</td></tr>
|
130 |
+
<tr valign="top"><td width="47%;" align="right">SERVER_ADDR</td><td width="3%"> </td><td width="50%" align="left">' .htmlspecialchars($_SERVER['SERVER_ADDR']) . '</td></tr>
|
131 |
+
<tr valign="top"><td width="47%;" align="right">SERVER_NAME</td><td width="3%"> </td><td width="50%" align="left">' . htmlspecialchars($_SERVER['SERVER_NAME']) . '</td></tr>
|
132 |
+
<tr valign="top"><td width="47%;" align="right">HTTP_HOST</td><td width="3%"> </td><td width="50%" align="left">' . htmlspecialchars($_SERVER['HTTP_HOST']) . '</td></tr>';
|
133 |
+
|
134 |
+
if ( PHP_VERSION ) {
|
135 |
+
echo '<tr valign="top"><td width="47%;" align="right">' . __('PHP version', 'ninjafirewall') . '</td><td width="3%"> </td><td width="50%" align="left">'. PHP_VERSION . ' (';
|
136 |
+
if ( defined('HHVM_VERSION') ) {
|
137 |
+
echo 'HHVM';
|
138 |
+
} else {
|
139 |
+
echo strtoupper(PHP_SAPI);
|
140 |
+
}
|
141 |
+
echo ')</td></tr>';
|
142 |
+
}
|
143 |
+
if ( $_SERVER['SERVER_SOFTWARE'] ) {
|
144 |
+
echo '<tr valign="top"><td width="47%;" align="right">' . __('HTTP server', 'ninjafirewall') . '</td><td width="3%"> </td><td width="50%" align="left">' . htmlspecialchars($_SERVER['SERVER_SOFTWARE']) . '</td></tr>';
|
145 |
+
}
|
146 |
+
if ( PHP_OS ) {
|
147 |
+
echo '<tr valign="top"><td width="47%;" align="right">' . __('Operating System', 'ninjafirewall') . '</td><td width="3%"> </td><td width="50%" align="left">' . PHP_OS . '</td></tr>';
|
148 |
+
}
|
149 |
+
if ( $load = sys_getloadavg() ) {
|
150 |
+
echo '<tr valign="top"><td width="47%;" align="right">' . __('Load Average', 'ninjafirewall') . '</td><td width="3%"> </td><td width="50%" align="left">' . $load[0] . ', '. $load[1] . ', '. $load[2] . '</td></tr>';
|
151 |
+
}
|
152 |
+
if (! preg_match( '/^win/i', PHP_OS ) ) {
|
153 |
+
$MemTotal = $MemFree = $Buffers = $Cached = 0;
|
154 |
+
$data = @explode( "\n", `cat /proc/meminfo` );
|
155 |
+
foreach ( $data as $line ) {
|
156 |
+
if ( preg_match( '/^MemTotal:\s+?(\d+)\s/', $line, $match ) ) {
|
157 |
+
$MemTotal = $match[1] / 1024;
|
158 |
+
} elseif ( preg_match( '/^MemFree:\s+?(\d+)\s/', $line, $match ) ) {
|
159 |
+
$MemFree = $match[1];
|
160 |
+
} elseif ( preg_match( '/^Buffers:\s+?(\d+)\s/', $line, $match ) ) {
|
161 |
+
$Buffers = $match[1];
|
162 |
+
} elseif ( preg_match( '/^Cached:\s+?(\d+)\s/', $line, $match ) ) {
|
163 |
+
$Cached = $match[1];
|
164 |
+
}
|
165 |
+
}
|
166 |
+
$free = ( $MemFree + $Buffers + $Cached ) / 1024;
|
167 |
+
if ( $free ) {
|
168 |
+
echo '<tr valign="top"><td width="47%;" align="right">' . __('RAM', 'ninjafirewall') . '</td><td width="3%"> </td><td width="50%" align="left">' . number_format( $free ) . ' ' . __('MB free', 'ninjafirewall') . ' / '. number_format( $MemTotal ) . ' ' . __('MB total', 'ninjafirewall') . '</td></tr>';
|
169 |
+
}
|
170 |
+
|
171 |
+
$cpu = array_filter( @explode( "\n", `egrep 'model name|cpu cores' /proc/cpuinfo` ) );
|
172 |
+
if (! empty( $cpu[0] ) ) {
|
173 |
+
$cpu_tot = count( $cpu ) / 2;
|
174 |
+
$core_tot = array_pop( $cpu );
|
175 |
+
$core_tot = preg_replace( '/^.+(\d+)/', '$1', $core_tot );
|
176 |
+
echo '<tr valign="top"><td width="47%;" align="right">' . _n('Processor', 'Processors', $cpu_tot, 'ninjafirewall') . '</td><td width="3%"> </td><td width="50%" align="left">' . $cpu_tot .' ('. _n('CPU core:', 'CPU cores:', $core_tot, 'ninjafirewall') .' '. $core_tot . ')</td></tr>';
|
177 |
+
echo '<tr valign="top"><td width="47%;" align="right">' . __('CPU model', 'ninjafirewall') . '</td><td width="3%"> </td><td width="50%" align="left">' . str_replace ("model name\t:", '', htmlspecialchars($cpu[0])) . '</td></tr>';
|
178 |
+
}
|
179 |
+
}
|
180 |
+
|
181 |
+
echo '
|
182 |
+
</table>
|
183 |
+
</div>
|
184 |
+
|
185 |
+
<div id="14" style="display:none;">
|
186 |
+
<table style="text-align:justify;border:2px #749BBB solid;padding:6px;border-radius:4px" width="500">
|
187 |
+
<tr>
|
188 |
+
<td>
|
189 |
+
' . sprintf(__('By joining our NinjaFirewall Referral Program you can earn up to %s for every payment made by a user who signs up using your personal referral link.', 'ninjafirewall'), '20%') .
|
190 |
+
'<p>' . sprintf(__('For more info and subscription, please check our <a href="%s">Referral Program page</a>.', 'ninjafirewall'), 'https://nintechnet.com/referral/') . '</p>
|
191 |
+
</td>
|
192 |
+
</tr>
|
193 |
+
</table>
|
194 |
+
</div>
|
195 |
+
</center>
|
196 |
+
</div>';
|
197 |
+
|
198 |
+
/* ------------------------------------------------------------------ */
|
199 |
+
// EOF
|
lib/nf_sub_event.php
ADDED
@@ -0,0 +1,456 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+---------------------------------------------------------------------+
|
4 |
+
| NinjaFirewall (WP Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+---------------------------------------------------------------------+
|
8 |
+
| This program is free software: you can redistribute it and/or |
|
9 |
+
| modify it under the terms of the GNU General Public License as |
|
10 |
+
| published by the Free Software Foundation, either version 3 of |
|
11 |
+
| the License, or (at your option) any later version. |
|
12 |
+
| |
|
13 |
+
| This program is distributed in the hope that it will be useful, |
|
14 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
+
| GNU General Public License for more details. |
|
17 |
+
+---------------------------------------------------------------------+ i18n+ / sa
|
18 |
+
*/
|
19 |
+
|
20 |
+
if (! defined( 'NFW_ENGINE_VERSION' ) ) { die( 'Forbidden' ); }
|
21 |
+
|
22 |
+
// Daily report cronjob?
|
23 |
+
if ( defined('NFREPORTDO') ) {
|
24 |
+
nf_daily_report();
|
25 |
+
return;
|
26 |
+
}
|
27 |
+
|
28 |
+
// Block immediately if user is not allowed :
|
29 |
+
nf_not_allowed( 'block', __LINE__ );
|
30 |
+
|
31 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
32 |
+
|
33 |
+
echo '<script>
|
34 |
+
function ac_radio_toogle(on_off, rbutton) {
|
35 |
+
var what = "nfw_options["+rbutton+"]";
|
36 |
+
if (on_off) {
|
37 |
+
document.nfwalerts.elements[what].disabled = false;
|
38 |
+
document.nfwalerts.elements[what].focus();
|
39 |
+
} else {
|
40 |
+
document.nfwalerts.elements[what].disabled = true;
|
41 |
+
}
|
42 |
+
}
|
43 |
+
</script>
|
44 |
+
<div class="wrap">
|
45 |
+
<div style="width:33px;height:33px;background-image:url( ' . plugins_url() . '/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
46 |
+
<h1>' . __('Event Notifications', 'ninjafirewall') . '</h1>';
|
47 |
+
|
48 |
+
// Saved ?
|
49 |
+
if ( isset( $_POST['nfw_options']) ) {
|
50 |
+
if ( empty($_POST['nfwnonce']) || ! wp_verify_nonce($_POST['nfwnonce'], 'events_save') ) {
|
51 |
+
wp_nonce_ays('events_save');
|
52 |
+
}
|
53 |
+
nf_sub_event_save();
|
54 |
+
echo '<div class="updated notice is-dismissible"><p>' . __('Your changes have been saved.', 'ninjafirewall') . '</p></div>';
|
55 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
56 |
+
}
|
57 |
+
|
58 |
+
if (! isset( $nfw_options['a_0'] ) ) {
|
59 |
+
$nfw_options['a_0'] = 1;
|
60 |
+
}
|
61 |
+
?><br />
|
62 |
+
<form method="post" name="nfwalerts">
|
63 |
+
<?php wp_nonce_field('events_save', 'nfwnonce', 0); ?>
|
64 |
+
<h3><?php _e('WordPress admin dashboard', 'ninjafirewall') ?></h3>
|
65 |
+
<table class="form-table">
|
66 |
+
<tr>
|
67 |
+
<th scope="row"><?php _e('Send me an alert whenever', 'ninjafirewall') ?></th>
|
68 |
+
<td align="left">
|
69 |
+
<p><label><input type="radio" name="nfw_options[a_0]" value="1"<?php checked( $nfw_options['a_0'], 1) ?>> <?php _e('An administrator logs in (default)', 'ninjafirewall') ?></label></p>
|
70 |
+
<p><label><input type="radio" name="nfw_options[a_0]" value="2"<?php checked( $nfw_options['a_0'], 2) ?>> <?php _e('Someone - user, admin, editor, etc - logs in', 'ninjafirewall') ?></label></p>
|
71 |
+
<p><label><input type="radio" name="nfw_options[a_0]" value="0"<?php checked( $nfw_options['a_0'], 0) ?>> <?php _e('No, thanks (not recommended)', 'ninjafirewall') ?></label></p>
|
72 |
+
</td>
|
73 |
+
</tr>
|
74 |
+
</table>
|
75 |
+
|
76 |
+
<br />
|
77 |
+
|
78 |
+
<h3><?php _e('Plugins', 'ninjafirewall') ?></h3>
|
79 |
+
<table class="form-table">
|
80 |
+
<tr>
|
81 |
+
<th scope="row"><?php _e('Send me an alert whenever someone', 'ninjafirewall') ?></th>
|
82 |
+
<td align="left">
|
83 |
+
<p><label><input type="checkbox" name="nfw_options[a_11]" value="1"<?php checked( $nfw_options['a_11'], 1) ?>> <?php _e('Uploads a plugin (default)', 'ninjafirewall') ?></label></p>
|
84 |
+
<p><label><input type="checkbox" name="nfw_options[a_12]" value="1"<?php checked( $nfw_options['a_12'], 1) ?>> <?php _e('Installs a plugin (default)', 'ninjafirewall') ?></label></p>
|
85 |
+
<p><label><input type="checkbox" name="nfw_options[a_13]" value="1"<?php checked( $nfw_options['a_13'], 1) ?>> <?php _e('Activates a plugin', 'ninjafirewall') ?></label></p>
|
86 |
+
<p><label><input type="checkbox" name="nfw_options[a_14]" value="1"<?php checked( $nfw_options['a_14'], 1) ?>> <?php _e('Updates a plugin', 'ninjafirewall') ?></label></p>
|
87 |
+
<p><label><input type="checkbox" name="nfw_options[a_15]" value="1"<?php checked( $nfw_options['a_15'], 1) ?>> <?php _e('Deactivates a plugin (default)', 'ninjafirewall') ?></label></p>
|
88 |
+
<p><label><input type="checkbox" name="nfw_options[a_16]" value="1"<?php checked( $nfw_options['a_16'], 1) ?>> <?php _e('Deletes a plugin', 'ninjafirewall') ?></label></p>
|
89 |
+
</td>
|
90 |
+
</tr>
|
91 |
+
</table>
|
92 |
+
|
93 |
+
<br />
|
94 |
+
|
95 |
+
<h3><?php _e('Themes', 'ninjafirewall') ?></h3>
|
96 |
+
<table class="form-table">
|
97 |
+
<tr>
|
98 |
+
<th scope="row"><?php _e('Send me an alert whenever someone', 'ninjafirewall') ?></th>
|
99 |
+
<td align="left">
|
100 |
+
<p><label><input type="checkbox" name="nfw_options[a_21]" value="1"<?php checked( $nfw_options['a_21'], 1) ?>> <?php _e('Uploads a theme (default)', 'ninjafirewall') ?></label></p>
|
101 |
+
<p><label><input type="checkbox" name="nfw_options[a_22]" value="1"<?php checked( $nfw_options['a_22'], 1) ?>> <?php _e('Installs a theme (default)', 'ninjafirewall') ?></label></p>
|
102 |
+
<p><label><input type="checkbox" name="nfw_options[a_23]" value="1"<?php checked( $nfw_options['a_23'], 1) ?>> <?php _e('Activates a theme', 'ninjafirewall') ?></label></p>
|
103 |
+
<p><label><input type="checkbox" name="nfw_options[a_24]" value="1"<?php checked( $nfw_options['a_24'], 1) ?>> <?php _e('Deletes a theme', 'ninjafirewall') ?></label></p>
|
104 |
+
</td>
|
105 |
+
</tr>
|
106 |
+
</table>
|
107 |
+
|
108 |
+
<br />
|
109 |
+
|
110 |
+
<h3><?php _e('Core', 'ninjafirewall') ?></h3>
|
111 |
+
<table class="form-table">
|
112 |
+
<tr>
|
113 |
+
<th scope="row"><?php _e('Send me an alert whenever someone', 'ninjafirewall') ?></th>
|
114 |
+
<td align="left">
|
115 |
+
<p><label><input type="checkbox" name="nfw_options[a_31]" value="1"<?php checked( $nfw_options['a_31'], 1) ?>> <?php _e('Updates WordPress (default)', 'ninjafirewall') ?></label></p>
|
116 |
+
</td>
|
117 |
+
</tr>
|
118 |
+
</table>
|
119 |
+
|
120 |
+
<br />
|
121 |
+
|
122 |
+
<?php
|
123 |
+
if (! isset( $nfw_options['a_51']) ) {
|
124 |
+
$nfw_options['a_51'] = 1;
|
125 |
+
}
|
126 |
+
if (! isset( $nfw_options['a_52']) ) {
|
127 |
+
$nfw_options['a_52'] = 1;
|
128 |
+
}
|
129 |
+
if (! isset( $nfw_options['a_53']) ) {
|
130 |
+
$nfw_options['a_53'] = 1;
|
131 |
+
}
|
132 |
+
?>
|
133 |
+
<h3><?php _e('Administrator account', 'ninjafirewall') ?></h3>
|
134 |
+
<table class="form-table">
|
135 |
+
<tr>
|
136 |
+
<th scope="row"><?php _e('Send me an alert whenever', 'ninjafirewall') ?></th>
|
137 |
+
<td align="left">
|
138 |
+
<p><label><input type="checkbox" name="nfw_options[a_51]" value="1"<?php checked( $nfw_options['a_51'], 1) ?>> <?php _e('An administrator account is created, modified or deleted in the database (default)', 'ninjafirewall') ?></label></p>
|
139 |
+
<p><label><input type="checkbox" name="nfw_options[a_53]" value="1"<?php checked( $nfw_options['a_53'], 1) ?>> <?php _e('A user attempts to gain administrative privileges (default)', 'ninjafirewall') ?></label></p>
|
140 |
+
</td>
|
141 |
+
</tr>
|
142 |
+
</table>
|
143 |
+
|
144 |
+
<br />
|
145 |
+
|
146 |
+
<h3><?php _e('Daily report', 'ninjafirewall') ?></h3>
|
147 |
+
<table class="form-table">
|
148 |
+
<tr>
|
149 |
+
<th scope="row"><?php _e('Send me a daily activity report', 'ninjafirewall') ?></th>
|
150 |
+
<td align="left">
|
151 |
+
<p><label><input type="checkbox" name="nfw_options[a_52]" value="1"<?php checked( $nfw_options['a_52'], 1) ?>> <?php _e('Yes (default)', 'ninjafirewall') ?></label></p>
|
152 |
+
</td>
|
153 |
+
</tr>
|
154 |
+
</table>
|
155 |
+
|
156 |
+
<br />
|
157 |
+
|
158 |
+
<h3><?php _e('Log', 'ninjafirewall') ?></h3>
|
159 |
+
<table class="form-table">
|
160 |
+
<tr>
|
161 |
+
<th scope="row"><?php _e('Write all events to the firewall log', 'ninjafirewall') ?></th>
|
162 |
+
<td align="left">
|
163 |
+
<p><label><input type="checkbox" name="nfw_options[a_41]" value="1"<?php checked( $nfw_options['a_41'], 1) ?>> <?php _e('Yes (default)', 'ninjafirewall') ?></label></p>
|
164 |
+
</td>
|
165 |
+
</tr>
|
166 |
+
</table>
|
167 |
+
|
168 |
+
<br />
|
169 |
+
|
170 |
+
<?php
|
171 |
+
if (! is_multisite() ) {
|
172 |
+
?>
|
173 |
+
<h3><?php _e('Contact email', 'ninjafirewall') ?></h3>
|
174 |
+
<table class="form-table">
|
175 |
+
<tr style="background-color:#F9F9F9;border: solid 1px #DFDFDF;">
|
176 |
+
<th scope="row"><?php _e('Alerts should be sent to', 'ninjafirewall') ?></th>
|
177 |
+
<td align="left">
|
178 |
+
<input class="regular-text" type="text" name="nfw_options[alert_email]" size="45" maxlength="250" value="<?php
|
179 |
+
if ( empty( $nfw_options['alert_email'])) {
|
180 |
+
echo htmlspecialchars( get_option('admin_email') );
|
181 |
+
} else {
|
182 |
+
echo htmlspecialchars( $nfw_options['alert_email'] );
|
183 |
+
}
|
184 |
+
?>">
|
185 |
+
<br /><span class="description"><?php _e('Multiple recipients must be comma-separated (e.g., <code>joe@example.org,alice@example.org</code>).', 'ninjafirewall') ?></span>
|
186 |
+
<input type="hidden" name="nfw_options[alert_sa_only]" value="2">
|
187 |
+
</td>
|
188 |
+
</tr>
|
189 |
+
</table>
|
190 |
+
|
191 |
+
<?php
|
192 |
+
} else {
|
193 |
+
// Select which admin(s) will recevied alerts in multi-site mode :
|
194 |
+
if (! isset( $nfw_options['alert_sa_only'] ) ) {
|
195 |
+
$nfw_options['alert_sa_only'] = 1;
|
196 |
+
}
|
197 |
+
if ($nfw_options['alert_sa_only'] == 3) {
|
198 |
+
$tmp_email = htmlspecialchars( $nfw_options['alert_email'] );
|
199 |
+
} else {
|
200 |
+
$tmp_email = '';
|
201 |
+
}
|
202 |
+
?>
|
203 |
+
<h3><?php _e('Contact email', 'ninjafirewall') ?></h3>
|
204 |
+
<table class="form-table">
|
205 |
+
<tr style="background-color:#F9F9F9;border: solid 1px #DFDFDF;">
|
206 |
+
<th scope="row"><?php _e('Alerts should be sent to', 'ninjafirewall') ?></th>
|
207 |
+
<td align="left">
|
208 |
+
<p><label><input type="radio" name="nfw_options[alert_sa_only]" value="1"<?php checked( $nfw_options['alert_sa_only'], 1 ) ?> onclick="ac_radio_toogle(0,'alert_multirec');" /> <?php _e('Only to me, the Super Admin', 'ninjafirewall') ?>, <?php echo '<code>'. htmlspecialchars(get_option('admin_email')) . '</code>'; ?> (<?php _e('default', 'ninjafirewall') ?>)</label></p>
|
209 |
+
<p><label><input type="radio" name="nfw_options[alert_sa_only]" value="2"<?php checked( $nfw_options['alert_sa_only'], 2) ?> onclick="ac_radio_toogle(0,'alert_multirec');" /> <?php _e('To the administrator of the site where originated the alert', 'ninjafirewall') ?></label></p>
|
210 |
+
<p><label><input type="radio" name="nfw_options[alert_sa_only]" value="3"<?php checked( $nfw_options['alert_sa_only'], 3) ?> onclick="ac_radio_toogle(1,'alert_multirec');" /> <?php _e('Other(s):', 'ninjafirewall') ?> </label><input class="regular-text" type="text" name="nfw_options[alert_multirec]" size="45" maxlength="250" value="<?php echo $tmp_email ?>" <?php disabled($tmp_email, '') ?>></p>
|
211 |
+
<span class="description"><?php _e('Multiple recipients must be comma-separated (e.g., <code>joe@example.org,alice@example.org</code>).', 'ninjafirewall') ?></span>
|
212 |
+
<input type="hidden" name="nfw_options[alert_email]" value="<?php echo htmlspecialchars(get_option('admin_email')); ?>">
|
213 |
+
</td>
|
214 |
+
</tr>
|
215 |
+
</table>
|
216 |
+
<?php
|
217 |
+
}
|
218 |
+
?>
|
219 |
+
|
220 |
+
<br />
|
221 |
+
<br />
|
222 |
+
<input class="button-primary" type="submit" name="Save" value="<?php _e('Save Event Notifications', 'ninjafirewall') ?>" />
|
223 |
+
|
224 |
+
</form>
|
225 |
+
|
226 |
+
</div>
|
227 |
+
<?php
|
228 |
+
|
229 |
+
/* ------------------------------------------------------------------ */
|
230 |
+
|
231 |
+
function nf_sub_event_save() {
|
232 |
+
|
233 |
+
// Save Event Notifications :
|
234 |
+
|
235 |
+
// Block immediately if user is not allowed :
|
236 |
+
nf_not_allowed( 'block', __LINE__ );
|
237 |
+
|
238 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
239 |
+
|
240 |
+
if (! preg_match('/^[012]$/', $_POST['nfw_options']['a_0']) ) {
|
241 |
+
$nfw_options['a_0'] = 1;
|
242 |
+
} else {
|
243 |
+
$nfw_options['a_0'] = $_POST['nfw_options']['a_0'];
|
244 |
+
}
|
245 |
+
|
246 |
+
if (! preg_match('/^[123]$/', $_POST['nfw_options']['alert_sa_only']) ) {
|
247 |
+
$nfw_options['alert_sa_only'] = 1;
|
248 |
+
} else {
|
249 |
+
$nfw_options['alert_sa_only'] = $_POST['nfw_options']['alert_sa_only'];
|
250 |
+
}
|
251 |
+
|
252 |
+
if ( empty( $_POST['nfw_options']['a_11']) ) {
|
253 |
+
$nfw_options['a_11'] = 0;
|
254 |
+
} else {
|
255 |
+
$nfw_options['a_11'] = 1;
|
256 |
+
}
|
257 |
+
if ( empty( $_POST['nfw_options']['a_12']) ) {
|
258 |
+
$nfw_options['a_12'] = 0;
|
259 |
+
} else {
|
260 |
+
$nfw_options['a_12'] = 1;
|
261 |
+
}
|
262 |
+
if ( empty( $_POST['nfw_options']['a_13']) ) {
|
263 |
+
$nfw_options['a_13'] = 0;
|
264 |
+
} else {
|
265 |
+
$nfw_options['a_13'] = 1;
|
266 |
+
}
|
267 |
+
if ( empty( $_POST['nfw_options']['a_14']) ) {
|
268 |
+
$nfw_options['a_14'] = 0;
|
269 |
+
} else {
|
270 |
+
$nfw_options['a_14'] = 1;
|
271 |
+
}
|
272 |
+
if ( empty( $_POST['nfw_options']['a_15']) ) {
|
273 |
+
$nfw_options['a_15'] = 0;
|
274 |
+
} else {
|
275 |
+
$nfw_options['a_15'] = 1;
|
276 |
+
}
|
277 |
+
if ( empty( $_POST['nfw_options']['a_16']) ) {
|
278 |
+
$nfw_options['a_16'] = 0;
|
279 |
+
} else {
|
280 |
+
$nfw_options['a_16'] = 1;
|
281 |
+
}
|
282 |
+
|
283 |
+
if ( empty( $_POST['nfw_options']['a_21']) ) {
|
284 |
+
$nfw_options['a_21'] = 0;
|
285 |
+
} else {
|
286 |
+
$nfw_options['a_21'] = 1;
|
287 |
+
}
|
288 |
+
if ( empty( $_POST['nfw_options']['a_22']) ) {
|
289 |
+
$nfw_options['a_22'] = 0;
|
290 |
+
} else {
|
291 |
+
$nfw_options['a_22'] = 1;
|
292 |
+
}
|
293 |
+
if ( empty( $_POST['nfw_options']['a_23']) ) {
|
294 |
+
$nfw_options['a_23'] = 0;
|
295 |
+
} else {
|
296 |
+
$nfw_options['a_23'] = 1;
|
297 |
+
}
|
298 |
+
if ( empty( $_POST['nfw_options']['a_24']) ) {
|
299 |
+
$nfw_options['a_24'] = 0;
|
300 |
+
} else {
|
301 |
+
$nfw_options['a_24'] = 1;
|
302 |
+
}
|
303 |
+
|
304 |
+
if ( empty( $_POST['nfw_options']['a_31']) ) {
|
305 |
+
$nfw_options['a_31'] = 0;
|
306 |
+
} else {
|
307 |
+
$nfw_options['a_31'] = 1;
|
308 |
+
}
|
309 |
+
|
310 |
+
if ( empty( $_POST['nfw_options']['a_41']) ) {
|
311 |
+
$nfw_options['a_41'] = 0;
|
312 |
+
} else {
|
313 |
+
$nfw_options['a_41'] = 1;
|
314 |
+
}
|
315 |
+
|
316 |
+
if ( empty( $_POST['nfw_options']['a_51']) ) {
|
317 |
+
$nfw_options['a_51'] = 0;
|
318 |
+
} else {
|
319 |
+
$nfw_options['a_51'] = 1;
|
320 |
+
}
|
321 |
+
if ( empty( $_POST['nfw_options']['a_52']) ) {
|
322 |
+
$nfw_options['a_52'] = 0;
|
323 |
+
// Clear the daily report cronjob, if any:
|
324 |
+
if ( wp_next_scheduled('nfdailyreport') ) {
|
325 |
+
wp_clear_scheduled_hook('nfdailyreport');
|
326 |
+
}
|
327 |
+
} else {
|
328 |
+
$nfw_options['a_52'] = 1;
|
329 |
+
// Create the cronjob that will send the daily report:
|
330 |
+
if (! wp_next_scheduled('nfdailyreport') ) {
|
331 |
+
nfw_get_blogtimezone();
|
332 |
+
wp_schedule_event( strtotime( date('Y-m-d 00:00:05', strtotime("+1 day")) ), 'daily', 'nfdailyreport');
|
333 |
+
}
|
334 |
+
}
|
335 |
+
if ( empty( $_POST['nfw_options']['a_53']) ) {
|
336 |
+
$nfw_options['a_53'] = 0;
|
337 |
+
} else {
|
338 |
+
$nfw_options['a_53'] = 1;
|
339 |
+
}
|
340 |
+
|
341 |
+
// Multiple recipients (WPMU only) ?
|
342 |
+
if (! empty( $_POST['nfw_options']['alert_multirec']) ) {
|
343 |
+
$_POST['nfw_options']['alert_email'] = $_POST['nfw_options']['alert_multirec'];
|
344 |
+
}
|
345 |
+
|
346 |
+
if (! empty( $_POST['nfw_options']['alert_email']) ) {
|
347 |
+
$nfw_options['alert_email'] = '';
|
348 |
+
$tmp_email = explode(',', preg_replace('/\s/', '', $_POST['nfw_options']['alert_email']) );
|
349 |
+
foreach ($tmp_email as $notif_email) {
|
350 |
+
$nfw_options['alert_email'] .= sanitize_email($notif_email) . ', ';
|
351 |
+
}
|
352 |
+
$nfw_options['alert_email'] = rtrim($nfw_options['alert_email'], ', ' );
|
353 |
+
}
|
354 |
+
if ( empty( $nfw_options['alert_email'] ) ) {
|
355 |
+
$nfw_options['alert_email'] = get_option('admin_email');
|
356 |
+
}
|
357 |
+
|
358 |
+
// Update options :
|
359 |
+
nfw_update_option( 'nfw_options', $nfw_options );
|
360 |
+
|
361 |
+
}
|
362 |
+
|
363 |
+
/* ------------------------------------------------------------------ */
|
364 |
+
|
365 |
+
function nf_daily_report() {
|
366 |
+
|
367 |
+
// Send a daily report to the admin(s):
|
368 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
369 |
+
|
370 |
+
if ( ( is_multisite() ) && ( @$nfw_options['alert_sa_only'] == 2 ) ) {
|
371 |
+
$recipient = get_option('admin_email');
|
372 |
+
} else {
|
373 |
+
$recipient = $nfw_options['alert_email'];
|
374 |
+
}
|
375 |
+
|
376 |
+
$logstats = array();
|
377 |
+
$logstats = nf_daily_report_log();
|
378 |
+
|
379 |
+
nf_daily_report_email($recipient, $logstats);
|
380 |
+
|
381 |
+
}
|
382 |
+
/* ------------------------------------------------------------------ */
|
383 |
+
function nf_daily_report_log() {
|
384 |
+
|
385 |
+
nfw_get_blogtimezone();
|
386 |
+
|
387 |
+
if (date('j') == 1) {
|
388 |
+
$cur_month_log = date('Y-m', strtotime(date('Y-m')." -1 month"));
|
389 |
+
} else {
|
390 |
+
$cur_month_log = date('Y-m');
|
391 |
+
}
|
392 |
+
$previous_day = strtotime( date('Y-m-d 00:00:01', strtotime("-1 day")) );
|
393 |
+
$log_file = NFW_LOG_DIR . '/nfwlog/firewall_' . $cur_month_log;
|
394 |
+
$logstats = array( 0 => 0, 1 => 0, 2 => 0, 3 => 0, 5 => 0);
|
395 |
+
|
396 |
+
$glob = glob($log_file . "*.php");
|
397 |
+
if ( is_array($glob)) {
|
398 |
+
// Parse each log :
|
399 |
+
foreach($glob as $file) {
|
400 |
+
// Stat the file; if it's older than 24 hours,
|
401 |
+
// we don't waste our time to parse it:
|
402 |
+
$log_stat = stat($file);
|
403 |
+
if ( $log_stat['mtime'] < $previous_day ) {
|
404 |
+
continue;
|
405 |
+
}
|
406 |
+
|
407 |
+
$log_lines = file($file, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES);
|
408 |
+
foreach ($log_lines as $line) {
|
409 |
+
if ( preg_match( '/^\[(\d{10})\]\s+\[.+?\]\s+\[.+?\]\s+\[#\d{7}\]\s+\[\d+\]\s+\[([1235])\]\s+\[/', $line, $match) ) {
|
410 |
+
// Fetch last 24 hours only :
|
411 |
+
if ( $match[1] > $previous_day && $match[1] < $previous_day + 86400 ) {
|
412 |
+
++$logstats[$match[2]];
|
413 |
+
if ( strpos($line, 'Brute-force attack detected') !== FALSE ) {
|
414 |
+
++$logstats[0];
|
415 |
+
}
|
416 |
+
}
|
417 |
+
}
|
418 |
+
}
|
419 |
+
}
|
420 |
+
|
421 |
+
}
|
422 |
+
return $logstats;
|
423 |
+
}
|
424 |
+
|
425 |
+
/* ------------------------------------------------------------------ */
|
426 |
+
|
427 |
+
function nf_daily_report_email($recipient, $logstats) {
|
428 |
+
|
429 |
+
$subject = __('[NinjaFirewall] Daily Activity Report', 'ninjafirewall');
|
430 |
+
if ( is_multisite() ) {
|
431 |
+
$url = network_home_url('/');
|
432 |
+
} else {
|
433 |
+
$url = home_url('/');
|
434 |
+
}
|
435 |
+
|
436 |
+
$message = "\n". sprintf( __('Daily activity report for: %s', 'ninjafirewall'), $url) . "\n";
|
437 |
+
$message .= __('Date Range Processed: Yesterday', 'ninjafirewall') .", ". ucfirst( date_i18n('F j, Y',strtotime("-1 days")) ) ."\n\n";
|
438 |
+
|
439 |
+
$message.= __('Blocked hacking attempts:', 'ninjafirewall') .' '.
|
440 |
+
($logstats[1] + $logstats[2] + $logstats[3]) .
|
441 |
+
' ('. __('critical:', 'ninjafirewall') .' '. $logstats[3] .', '.
|
442 |
+
__('high:', 'ninjafirewall') .' '. $logstats[2] .', '.
|
443 |
+
__('medium:', 'ninjafirewall') .' '. $logstats[1] . ")\n";
|
444 |
+
|
445 |
+
$message.= __('Blocked brute-force attacks:', 'ninjafirewall') .' '. $logstats[0] ."\n\n";
|
446 |
+
$message.= __('This notification can be turned off from NinjaFirewall "Event Notifications" page.', 'ninjafirewall') ."\n\n";
|
447 |
+
|
448 |
+
$message .=
|
449 |
+
'NinjaFirewall (WP Edition) - https://nintechnet.com/' . "\n" .
|
450 |
+
__('Support forum:', 'ninjafirewall') . ' http://wordpress.org/support/plugin/ninjafirewall' . "\n";
|
451 |
+
wp_mail( $recipient, $subject, $message );
|
452 |
+
|
453 |
+
}
|
454 |
+
|
455 |
+
/* ------------------------------------------------------------------ */
|
456 |
+
// EOF
|
lib/nf_sub_filecheck.php
ADDED
@@ -0,0 +1,863 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+---------------------------------------------------------------------+
|
4 |
+
| NinjaFirewall (WP Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+---------------------------------------------------------------------+
|
8 |
+
| This program is free software: you can redistribute it and/or |
|
9 |
+
| modify it under the terms of the GNU General Public License as |
|
10 |
+
| published by the Free Software Foundation, either version 3 of |
|
11 |
+
| the License, or (at your option) any later version. |
|
12 |
+
| |
|
13 |
+
| This program is distributed in the hope that it will be useful, |
|
14 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
+
| GNU General Public License for more details. |
|
17 |
+
+---------------------------------------------------------------------+ i18n+ / sa
|
18 |
+
*/
|
19 |
+
|
20 |
+
if (! defined( 'NFW_ENGINE_VERSION' ) ) { die( 'Forbidden' ); }
|
21 |
+
|
22 |
+
$log_dir = NFW_LOG_DIR . '/nfwlog/cache/';
|
23 |
+
$nfmon_snapshot = $log_dir . 'nfilecheck_snapshot.php';
|
24 |
+
$nfmon_diff = $log_dir . 'nfilecheck_diff.php';
|
25 |
+
$err = $success = '';
|
26 |
+
|
27 |
+
// Scheduled scan ?
|
28 |
+
if (defined('NFSCANDO') ) {
|
29 |
+
|
30 |
+
$snapproc = microtime(true);
|
31 |
+
$err = nf_sub_monitoring_scan($nfmon_snapshot, $nfmon_diff);
|
32 |
+
$nfw_options = nfw_get_option('nfw_options');
|
33 |
+
if (empty($nfw_options['enabled']) ) { return; }
|
34 |
+
$nfw_options['snapproc'] = round( microtime(true) - $snapproc, 2 );
|
35 |
+
nfw_update_option('nfw_options', $nfw_options);
|
36 |
+
|
37 |
+
// Changes detected :
|
38 |
+
if (! $err && file_exists($nfmon_diff) ) {
|
39 |
+
nf_scan_email($nfmon_diff, $log_dir);
|
40 |
+
// No changes detected :
|
41 |
+
} else {
|
42 |
+
// Always send a report after a scan ?
|
43 |
+
if (! empty($nfw_options['report_scan']) ) {
|
44 |
+
nf_scan_email(0, 0);
|
45 |
+
}
|
46 |
+
}
|
47 |
+
return;
|
48 |
+
}
|
49 |
+
|
50 |
+
// Block immediately if user is not allowed :
|
51 |
+
nf_not_allowed( 'block', __LINE__ );
|
52 |
+
|
53 |
+
// Check if we have a snapshot or not:
|
54 |
+
if (! file_exists($nfmon_snapshot) ) {
|
55 |
+
$err = __('You did not create any snapshot yet.', 'ninjafirewall');
|
56 |
+
}
|
57 |
+
|
58 |
+
if (! empty($_REQUEST['nfw_act'])) {
|
59 |
+
if ( empty($_POST['nfwnonce']) || ! wp_verify_nonce($_POST['nfwnonce'], 'filecheck_save') ) {
|
60 |
+
wp_nonce_ays('filecheck_save');
|
61 |
+
}
|
62 |
+
if ( $_REQUEST['nfw_act'] == 'create') {
|
63 |
+
if (! $err = nf_sub_monitoring_create($nfmon_snapshot) ) {
|
64 |
+
$success = __('Snapshot successfully created.', 'ninjafirewall');
|
65 |
+
if (file_exists($nfmon_diff) ) {
|
66 |
+
unlink($nfmon_diff);
|
67 |
+
}
|
68 |
+
}
|
69 |
+
} elseif ( $_REQUEST['nfw_act'] == 'delete') {
|
70 |
+
// Delete de current snapshot file :
|
71 |
+
if (file_exists($nfmon_snapshot) ) {
|
72 |
+
unlink ($nfmon_snapshot);
|
73 |
+
$success = __('Snapshot file successfully deleted.', 'ninjafirewall');
|
74 |
+
// Remove old diff file as well :
|
75 |
+
if ( file_exists($nfmon_diff . '.php') ) {
|
76 |
+
unlink($nfmon_diff . '.php');
|
77 |
+
}
|
78 |
+
// Clear scheduled scan (if any) and its options :
|
79 |
+
if ( wp_next_scheduled('nfscanevent') ) {
|
80 |
+
wp_clear_scheduled_hook('nfscanevent');
|
81 |
+
}
|
82 |
+
$nfw_options = nfw_get_option('nfw_options');
|
83 |
+
$nfw_options['report_scan'] = 0;
|
84 |
+
$nfw_options['sched_scan'] = 0;
|
85 |
+
nfw_update_option('nfw_options', $nfw_options);
|
86 |
+
|
87 |
+
} else {
|
88 |
+
$err = __('You did not create any snapshot yet.', 'ninjafirewall');
|
89 |
+
}
|
90 |
+
} elseif ( $_REQUEST['nfw_act'] == 'scan') {
|
91 |
+
// Scan disk for changes :
|
92 |
+
if (! file_exists($nfmon_snapshot) ) {
|
93 |
+
$err = __('You must create a snapshot first.', 'ninjafirewall');
|
94 |
+
} else {
|
95 |
+
|
96 |
+
$snapproc = microtime(true);
|
97 |
+
$err = nf_sub_monitoring_scan($nfmon_snapshot, $nfmon_diff);
|
98 |
+
$nfw_options = nfw_get_option('nfw_options');
|
99 |
+
$nfw_options['snapproc'] = round( microtime(true) - $snapproc, 2);
|
100 |
+
nfw_update_option('nfw_options', $nfw_options);
|
101 |
+
|
102 |
+
if (! $err) {
|
103 |
+
if (file_exists($nfmon_diff) ) {
|
104 |
+
$err = __('NinjaFirewall detected that changes were made to your files.', 'ninjafirewall');
|
105 |
+
$changes = 1;
|
106 |
+
} else {
|
107 |
+
$success = __('No changes detected.', 'ninjafirewall');
|
108 |
+
}
|
109 |
+
}
|
110 |
+
}
|
111 |
+
} elseif ( $_REQUEST['nfw_act'] == 'scheduled') {
|
112 |
+
nf_scheduled_scan();
|
113 |
+
$success = __('Your changes have been saved.', 'ninjafirewall');
|
114 |
+
}
|
115 |
+
}
|
116 |
+
|
117 |
+
$nfw_options = nfw_get_option('nfw_options');
|
118 |
+
if ( empty($nfw_options['snapdir']) ) {
|
119 |
+
$nfw_options['snapdir'] = '';
|
120 |
+
if ( file_exists($nfmon_snapshot) ) {
|
121 |
+
unlink($nfmon_snapshot);
|
122 |
+
}
|
123 |
+
}
|
124 |
+
if (! isset($nfw_options['snapexclude']) ) {
|
125 |
+
$nfw_options['snapexclude'] = '/'. basename(WP_CONTENT_DIR) .'/nfwlog/';
|
126 |
+
}
|
127 |
+
|
128 |
+
echo '<div class="wrap">
|
129 |
+
<div style="width:33px;height:33px;background-image:url( ' . plugins_url() . '/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
130 |
+
<h1>' . __('File Check', 'ninjafirewall') . '</h1>';
|
131 |
+
|
132 |
+
if ( $err ) {
|
133 |
+
echo '<div class="error notice is-dismissible"><p>' . $err . '</p></div>';
|
134 |
+
} elseif ( $success ) {
|
135 |
+
echo '<div class="updated notice is-dismissible"><p>' . $success . '</p></div>';
|
136 |
+
}
|
137 |
+
|
138 |
+
// If we don't have a snapshopt, offer to create one :
|
139 |
+
if (! file_exists($nfmon_snapshot) ) {
|
140 |
+
?>
|
141 |
+
<br />
|
142 |
+
<form method="post" name="monitor_form">
|
143 |
+
<?php wp_nonce_field('filecheck_save', 'nfwnonce', 0); ?>
|
144 |
+
<table class="form-table">
|
145 |
+
<tr>
|
146 |
+
<th scope="row"><?php _e('Create a snapshot of all files stored in that directory', 'ninjafirewall') ?></th>
|
147 |
+
<td align="left"><input class="large-text" type="text" name="snapdir" value="<?php
|
148 |
+
if (! empty($nfw_options['snapdir']) ) {
|
149 |
+
echo htmlspecialchars($nfw_options['snapdir']);
|
150 |
+
} else {
|
151 |
+
echo htmlspecialchars(ABSPATH);
|
152 |
+
}
|
153 |
+
?>" required />
|
154 |
+
<span class="description"><?php printf( __('Default: %s', 'ninjafirewall'), htmlentities( rtrim( ABSPATH, '/\\ ' ) ) ) ?></span>
|
155 |
+
</td>
|
156 |
+
</tr>
|
157 |
+
|
158 |
+
<tr>
|
159 |
+
<th scope="row"><?php _e('Exclude the following files/folders (optional)', 'ninjafirewall') ?></th>
|
160 |
+
<td align="left"><input class="large-text" type="text" name="snapexclude" value="<?php echo htmlentities($nfw_options['snapexclude']); ?>" placeholder="<?php _e('e.g.,', 'ninjafirewall') ?> /wp-content/nfwlog/" maxlength="255"><br /><span class="description"><?php _e('Full or partial case-sensitive string(s). Multiple values must be comma-separated', 'ninjafirewall') ?> (<code>,</code>).</span></td>
|
161 |
+
</tr>
|
162 |
+
|
163 |
+
<tr>
|
164 |
+
<th scope="row"> </th>
|
165 |
+
<td align="left"><label><input type="checkbox" name="snapnoslink" value="1" checked="checked" /><?php _e('Do not follow symbolic links (default)', 'ninjafirewall') ?></label></td>
|
166 |
+
</tr>
|
167 |
+
|
168 |
+
</table>
|
169 |
+
<input type="hidden" name="nfw_act" value="create" />
|
170 |
+
<p><input type="submit" class="button-primary" value="<?php _e('Create Snapshot', 'ninjafirewall') ?>" /></p>
|
171 |
+
</form>
|
172 |
+
</div>
|
173 |
+
<?php
|
174 |
+
return;
|
175 |
+
}
|
176 |
+
|
177 |
+
// We have a snapshot :
|
178 |
+
$stat = stat($nfmon_snapshot);
|
179 |
+
$count = -2;
|
180 |
+
$fh = fopen($nfmon_snapshot, 'r');
|
181 |
+
while (! feof($fh) ) {
|
182 |
+
fgets($fh);
|
183 |
+
++$count;
|
184 |
+
}
|
185 |
+
fclose($fh);
|
186 |
+
nfw_get_blogtimezone();
|
187 |
+
// Look for new/mod/del files :
|
188 |
+
$res = $new_file = $del_file = $mod_file = array();
|
189 |
+
// If no changes were detected, we display the last ones (if any) :
|
190 |
+
if (! file_exists($nfmon_diff) && file_exists($nfmon_diff . '.php') ) {
|
191 |
+
$nfmon_diff = $nfmon_diff . '.php';
|
192 |
+
}
|
193 |
+
if (file_exists($nfmon_diff) ) {
|
194 |
+
$fh = fopen($nfmon_diff, 'r');
|
195 |
+
while (! feof($fh) ) {
|
196 |
+
$res = explode('::', fgets($fh) );
|
197 |
+
if ( empty($res[1]) ) { continue; }
|
198 |
+
// New file :
|
199 |
+
if ($res[1] == 'N') {
|
200 |
+
$s_tmp = explode(':', rtrim($res[2]));
|
201 |
+
$new_file[$res[0]] = $s_tmp[0] .':'.
|
202 |
+
$s_tmp[1] .':'.
|
203 |
+
$s_tmp[2] .':'.
|
204 |
+
$s_tmp[3] .':'.
|
205 |
+
date('Y-m-d H~i~s O', $s_tmp[4]) .':'.
|
206 |
+
date('Y-m-d H~i~s O', $s_tmp[5]);
|
207 |
+
// Deleted file :
|
208 |
+
} elseif ($res[1] == 'D') {
|
209 |
+
$del_file[$res[0]] = 1;
|
210 |
+
// Modified file:
|
211 |
+
} elseif ($res[1] == 'M') {
|
212 |
+
$s_tmp = explode(':', $res[2]);
|
213 |
+
$mod_file[$res[0]] = $s_tmp[0] .':'.
|
214 |
+
$s_tmp[1] .':'.
|
215 |
+
$s_tmp[2] .':'.
|
216 |
+
$s_tmp[3] .':'.
|
217 |
+
date('Y-m-d H~i~s O', $s_tmp[4]) .':'.
|
218 |
+
date('Y-m-d H~i~s O', $s_tmp[5]) .'::';
|
219 |
+
$s_tmp = explode(':', rtrim($res[3]));
|
220 |
+
$mod_file[$res[0]] .= $s_tmp[0] .':'.
|
221 |
+
$s_tmp[1] .':'.
|
222 |
+
$s_tmp[2] .':'.
|
223 |
+
$s_tmp[3] .':'.
|
224 |
+
date('Y-m-d H~i~s O', $s_tmp[4]) .':'.
|
225 |
+
date('Y-m-d H~i~s O', $s_tmp[5]);
|
226 |
+
}
|
227 |
+
}
|
228 |
+
fclose($fh);
|
229 |
+
$mod = 1;
|
230 |
+
} else {
|
231 |
+
$mod = 0;
|
232 |
+
}
|
233 |
+
?>
|
234 |
+
<script>
|
235 |
+
<?php if ($mod) { ?>
|
236 |
+
function file_info(what, where) {
|
237 |
+
if ( what == '' ) { return false; }
|
238 |
+
// New file :
|
239 |
+
if (where == 1) {
|
240 |
+
<?php if ($new_file) { ?>
|
241 |
+
var nfo = what.split(':');
|
242 |
+
document.getElementById('new_size').innerHTML = nfo[3];
|
243 |
+
document.getElementById('new_chmod').innerHTML = nfo[0];
|
244 |
+
document.getElementById('new_uidgid').innerHTML = nfo[1] + ' / ' + nfo[2];
|
245 |
+
document.getElementById('new_mtime').innerHTML = nfo[4].replace(/~/g, ':');
|
246 |
+
document.getElementById('new_ctime').innerHTML = nfo[5].replace(/~/g, ':');
|
247 |
+
document.getElementById('table_new').style.display = '';
|
248 |
+
<?php } ?>
|
249 |
+
// Modified file :
|
250 |
+
} else if (where == 2) {
|
251 |
+
<?php if ($mod_file) { ?>
|
252 |
+
var all = what.split('::');
|
253 |
+
var nfo = all[0].split(':');
|
254 |
+
var nfo2 = all[1].split(':');
|
255 |
+
document.getElementById('mod_size').innerHTML = nfo[3];
|
256 |
+
if (nfo[3] != nfo2[3]) {
|
257 |
+
document.getElementById('mod_size2').innerHTML = '<font color="red">'+ nfo2[3] +'</font>';
|
258 |
+
} else {
|
259 |
+
document.getElementById('mod_size2').innerHTML = nfo2[3];
|
260 |
+
}
|
261 |
+
document.getElementById('mod_chmod').innerHTML = nfo[0];
|
262 |
+
if (nfo[0] != nfo2[0]) {
|
263 |
+
document.getElementById('mod_chmod2').innerHTML = '<font color="red">'+ nfo2[0] +'</font>';
|
264 |
+
} else {
|
265 |
+
document.getElementById('mod_chmod2').innerHTML = nfo2[0];
|
266 |
+
}
|
267 |
+
document.getElementById('mod_uidgid').innerHTML = nfo[1] + ' / ' + nfo[2];
|
268 |
+
if ( (nfo[1] != nfo2[1]) || (nfo[2] != nfo2[2]) ) {
|
269 |
+
document.getElementById('mod_uidgid2').innerHTML = '<font color="red">'+ nfo2[1] + '/' + nfo2[2] +'</font>';
|
270 |
+
} else {
|
271 |
+
document.getElementById('mod_uidgid2').innerHTML = nfo2[1] + ' / ' + nfo2[2];
|
272 |
+
}
|
273 |
+
document.getElementById('mod_mtime').innerHTML = nfo[4].replace(/~/g, ':');
|
274 |
+
if (nfo[4] != nfo2[4]) {
|
275 |
+
document.getElementById('mod_mtime2').innerHTML = '<font color="red">'+ nfo2[4].replace(/~/g, ':') +'</font>';
|
276 |
+
} else {
|
277 |
+
document.getElementById('mod_mtime2').innerHTML = nfo2[4].replace(/~/g, ':');
|
278 |
+
}
|
279 |
+
document.getElementById('mod_ctime').innerHTML = nfo[5].replace(/~/g, ':');
|
280 |
+
if (nfo[5] != nfo2[5]) {
|
281 |
+
document.getElementById('mod_ctime2').innerHTML = '<font color="red">'+ nfo2[5].replace(/~/g, ':') +'</font>';
|
282 |
+
} else {
|
283 |
+
document.getElementById('mod_ctime2').innerHTML = nfo2[5].replace(/~/g, ':');
|
284 |
+
}
|
285 |
+
document.getElementById('table_mod').style.display = '';
|
286 |
+
<?php } ?>
|
287 |
+
}
|
288 |
+
}
|
289 |
+
<?php } ?>
|
290 |
+
function delit() {
|
291 |
+
if (confirm("<?php echo esc_js( __('Delete the current snapshot?', 'ninjafirewall') ) ?>") ) {
|
292 |
+
return true;
|
293 |
+
}
|
294 |
+
return false;
|
295 |
+
}
|
296 |
+
function nftoogle() {
|
297 |
+
jQuery("#changes_table").slideDown();
|
298 |
+
document.getElementById('vcbtn').disabled = true;
|
299 |
+
}
|
300 |
+
</script>
|
301 |
+
<br />
|
302 |
+
|
303 |
+
<table class="form-table">
|
304 |
+
<tr>
|
305 |
+
<th scope="row"><?php _e('Last snapshot', 'ninjafirewall') ?></th>
|
306 |
+
<td align="left">
|
307 |
+
<p><?php printf( __('Created on: %s', 'ninjafirewall'), date_i18n('M d, Y @ H:i:s O', $stat['ctime'])); ?></p>
|
308 |
+
<p><?php printf( __('Total files: %s ', 'ninjafirewall'), number_format($count) ); ?></p>
|
309 |
+
|
310 |
+
<p><?php _e('Directory:', 'ninjafirewall') ?> <code><?php echo htmlspecialchars($nfw_options['snapdir']) ?></code></p>
|
311 |
+
<?php
|
312 |
+
if (! empty($nfw_options['snapexclude']) ) {
|
313 |
+
$res = @explode(',', $nfw_options['snapexclude']);
|
314 |
+
echo '<p>' . __('Exclusion:', 'ninjafirewall') . ' ';
|
315 |
+
foreach ($res as $exc) {
|
316 |
+
echo '<code>' . htmlspecialchars($exc) . '</code> ';
|
317 |
+
}
|
318 |
+
echo '</p>';
|
319 |
+
}
|
320 |
+
echo '<p>' . __('Symlinks:', 'ninjafirewall') . ' ';
|
321 |
+
if ( empty($nfw_options['snapnoslink']) ) {
|
322 |
+
echo __('follow', 'ninjafirewall');
|
323 |
+
} else {
|
324 |
+
echo __('do not follow', 'ninjafirewall');
|
325 |
+
}
|
326 |
+
echo '</p>';
|
327 |
+
if (! empty($nfw_options['snapproc']) ) {
|
328 |
+
echo '<p>' . sprintf( __('Processing time: %s seconds', 'ninjafirewall'), $nfw_options['snapproc']) . '</p>';
|
329 |
+
}
|
330 |
+
?>
|
331 |
+
<form method="post">
|
332 |
+
<?php wp_nonce_field('filecheck_save', 'nfwnonce', 0); ?>
|
333 |
+
<p><input type="submit" name="dlsnap" value="<?php _e('Download Snapshot', 'ninjafirewall') ?>" class="button-secondary" /> <input type="submit" class="button-secondary" onClick="return delit();" value="<?php _e('Delete Snapshot', 'ninjafirewall') ?>" /><input type="hidden" name="nfw_act" value="delete" /></p>
|
334 |
+
</form>
|
335 |
+
</td>
|
336 |
+
</tr>
|
337 |
+
<tr>
|
338 |
+
<th scope="row"><?php _e('Last changes', 'ninjafirewall') ?></th>
|
339 |
+
<td align="left">
|
340 |
+
|
341 |
+
<?php
|
342 |
+
// Show info about last changes, if any :
|
343 |
+
if ($mod) {
|
344 |
+
?>
|
345 |
+
<p><?php printf( __('New files: %s', 'ninjafirewall'), count($new_file) ) ?></p>
|
346 |
+
<p><?php printf( __('Deleted files: %s', 'ninjafirewall'), count($del_file) ) ?></p>
|
347 |
+
<p><?php printf( __('Modified files: %s', 'ninjafirewall'), count($mod_file) ) ?></p>
|
348 |
+
|
349 |
+
<form method="post">
|
350 |
+
<?php wp_nonce_field('filecheck_save', 'nfwnonce', 0); ?>
|
351 |
+
<p><input type="button" value="<?php _e('View Changes', 'ninjafirewall') ?>" onClick="nftoogle();" class="button-secondary" id="vcbtn" <?php
|
352 |
+
if (! empty($changes)) {
|
353 |
+
echo 'disabled="disabled" ';
|
354 |
+
}
|
355 |
+
?>/> <input type="submit" name="dlmods" value="<?php _e('Download Changes', 'ninjafirewall') ?>" class="button-secondary" /></p>
|
356 |
+
</form>
|
357 |
+
<br />
|
358 |
+
<?php
|
359 |
+
if (empty($changes)) {
|
360 |
+
echo '<div id="changes_table" style="display:none">';
|
361 |
+
} else {
|
362 |
+
echo '<div id="changes_table">';
|
363 |
+
}
|
364 |
+
|
365 |
+
echo '<table border="0" width="100%">';
|
366 |
+
|
367 |
+
$more_info = __('Click a file to get more info about it.', 'ninjafirewall');
|
368 |
+
if ($new_file) {
|
369 |
+
echo '<tr><td>';
|
370 |
+
echo __('New files:', 'ninjafirewall') . ' ' . count($new_file). '<br />';
|
371 |
+
echo '<select name="sometext" multiple="multiple" style="width:100%;height:150px" onClick="file_info(this.value, 1);">';
|
372 |
+
foreach($new_file as $k => $v) {
|
373 |
+
echo '<option value="' . htmlspecialchars($v) . '" title="' . htmlspecialchars($k) . '">' . htmlspecialchars($k) . '</option>';
|
374 |
+
}
|
375 |
+
echo'</select>
|
376 |
+
<p style="text-align:center"><span class="description">' . $more_info . '</span></p>
|
377 |
+
<table id="table_new" style="width:100%;background-color:#F7F7F7;border:solid 1px #DFDFDF;display:none;">
|
378 |
+
<tr>
|
379 |
+
<th style="padding:0;width:25%;">' . __('Size', 'ninjafirewall') .'</th>
|
380 |
+
<td style="padding:0" id="new_size"></td>
|
381 |
+
</tr>
|
382 |
+
<tr>
|
383 |
+
<th style="padding:0;width:25%;">' . __('Access', 'ninjafirewall') .'</th>
|
384 |
+
<td style="padding:0" id="new_chmod"></td>
|
385 |
+
</tr>
|
386 |
+
<tr>
|
387 |
+
<th style="padding:0;width:25%;">' . __('Uid / Gid', 'ninjafirewall') .'</th>
|
388 |
+
<td style="padding:0" id="new_uidgid"></td>
|
389 |
+
</tr>
|
390 |
+
<tr>
|
391 |
+
<th style="padding:0;width:25%;">' . __('Modify', 'ninjafirewall') .'</th>
|
392 |
+
<td style="padding:0" id="new_mtime"></td>
|
393 |
+
</tr>
|
394 |
+
<tr>
|
395 |
+
<th style="padding:0;width:25%;">' . __('Change', 'ninjafirewall') .'</th>
|
396 |
+
<td style="padding:0" id="new_ctime"></td>
|
397 |
+
</tr>
|
398 |
+
</table>
|
399 |
+
</td></tr>';
|
400 |
+
|
401 |
+
}
|
402 |
+
if ($del_file) {
|
403 |
+
echo '
|
404 |
+
<tr>
|
405 |
+
<td>' . __('Deleted files:', 'ninjafirewall') .' '. count($del_file). '<br />' .
|
406 |
+
'<select name="sometext" multiple="multiple" style="width:100%;height:150px">';
|
407 |
+
foreach($del_file as $k => $v) {
|
408 |
+
echo '<option title="' . htmlspecialchars($k) . '">' . htmlspecialchars($k) . '</option>';
|
409 |
+
}
|
410 |
+
echo'</select>
|
411 |
+
</td>
|
412 |
+
</tr>';
|
413 |
+
|
414 |
+
}
|
415 |
+
if ($mod_file) {
|
416 |
+
echo '
|
417 |
+
<tr>
|
418 |
+
<td>' . __('Modified files:', 'ninjafirewall') .' '. count($mod_file). '<br />' .
|
419 |
+
'<select name="sometext" multiple="multiple" style="width:100%;height:150px" onClick="file_info(this.value, 2);">';
|
420 |
+
foreach($mod_file as $k => $v) {
|
421 |
+
echo '<option value="' . htmlspecialchars($v) . '" title="' . htmlspecialchars($k) . '">' . htmlspecialchars($k) . '</option>';
|
422 |
+
}
|
423 |
+
echo'</select>
|
424 |
+
<p style="text-align:center"><span class="description">' . $more_info . '</span></p>
|
425 |
+
<table id="table_mod" style="width:100%;background-color:#F7F7F7;border:solid 1px #DFDFDF;display:none;">
|
426 |
+
<tr>
|
427 |
+
<th style="padding:0;width:25%;"> </th>
|
428 |
+
<td style="padding:0"><b>' . __('Old', 'ninjafirewall') .'</b></td>
|
429 |
+
<td style="padding:0"><b>' . __('New', 'ninjafirewall') .'</b></td>
|
430 |
+
</tr>
|
431 |
+
<tr>
|
432 |
+
<th style="padding:0;width:25%;">' . __('Size', 'ninjafirewall') .'</th>
|
433 |
+
<td style="padding:0" id="mod_size"></td>
|
434 |
+
<td style="padding:0" id="mod_size2"></td>
|
435 |
+
</tr>
|
436 |
+
<tr>
|
437 |
+
<th style="padding:0;width:25%;">' . __('Access', 'ninjafirewall') .'</th>
|
438 |
+
<td style="padding:0" id="mod_chmod"></td>
|
439 |
+
<td style="padding:0" id="mod_chmod2"></td>
|
440 |
+
</tr>
|
441 |
+
<tr>
|
442 |
+
<th style="padding:0;width:25%;">' . __('Uid / Gid', 'ninjafirewall') .'</th>
|
443 |
+
<td style="padding:0" id="mod_uidgid"></td>
|
444 |
+
<td style="padding:0" id="mod_uidgid2"></td>
|
445 |
+
</tr>
|
446 |
+
<tr>
|
447 |
+
<th style="padding:0;width:25%;">' . __('Modify', 'ninjafirewall') .'</th>
|
448 |
+
<td style="padding:0" id="mod_mtime"></td>
|
449 |
+
<td style="padding:0" id="mod_mtime2"></td>
|
450 |
+
</tr>
|
451 |
+
<tr>
|
452 |
+
<th style="padding:0;width:25%;">' . __('Change', 'ninjafirewall') .'</th>
|
453 |
+
<td style="padding:0" id="mod_ctime"></td>
|
454 |
+
<td style="padding:0" id="mod_ctime2"></td>
|
455 |
+
</tr>
|
456 |
+
</table>
|
457 |
+
</td>
|
458 |
+
</tr>';
|
459 |
+
}
|
460 |
+
echo '
|
461 |
+
</table>
|
462 |
+
</div>
|
463 |
+
|
464 |
+
</td>
|
465 |
+
</tr>
|
466 |
+
</table>';
|
467 |
+
} else {
|
468 |
+
echo __('None', 'ninjafirewall') . '
|
469 |
+
</td>
|
470 |
+
</tr>
|
471 |
+
</table>
|
472 |
+
<br />';
|
473 |
+
}
|
474 |
+
?>
|
475 |
+
<form method="post">
|
476 |
+
<?php wp_nonce_field('filecheck_save', 'nfwnonce', 0); ?>
|
477 |
+
<input type="hidden" name="nfw_act" value="scan" />
|
478 |
+
<p><input type="submit" class="button-primary" value="<?php _e('Scan System For File Changes', 'ninjafirewall') ?> »" /></p>
|
479 |
+
</form>
|
480 |
+
|
481 |
+
<br />
|
482 |
+
<br />
|
483 |
+
<?php
|
484 |
+
if (! isset($nfw_options['sched_scan']) ) {
|
485 |
+
$sched_scan = 0;
|
486 |
+
} else {
|
487 |
+
$sched_scan = $nfw_options['sched_scan'];
|
488 |
+
}
|
489 |
+
if ( empty($nfw_options['report_scan']) ) {
|
490 |
+
$report_scan = 0;
|
491 |
+
} else {
|
492 |
+
$report_scan = 1;
|
493 |
+
}
|
494 |
+
?>
|
495 |
+
<h3><?php _e('Options', 'ninjafirewall') ?></h3>
|
496 |
+
<form method="post">
|
497 |
+
<?php
|
498 |
+
wp_nonce_field('filecheck_save', 'nfwnonce', 0);
|
499 |
+
// If WP cron is disabled, we simply warn the user :
|
500 |
+
if ( defined('DISABLE_WP_CRON') ) {
|
501 |
+
?>
|
502 |
+
<p><img src="<?php echo plugins_url() ?>/ninjafirewall/images/icon_warn_16.png" height="16" border="0" width="16"> <span class="description"><?php printf( __('It seems that %s is enabled. Ensure you have another way to run WP-Cron, otherwise NinjaFirewall scheduled scans will not work.', 'ninjafirewall'), '<code>DISABLE_WP_CRON</code>' ) ?></span></p>
|
503 |
+
<?php
|
504 |
+
}
|
505 |
+
?>
|
506 |
+
<table class="form-table">
|
507 |
+
<tr>
|
508 |
+
<th scope="row"><?php _e('Enable scheduled scans', 'ninjafirewall') ?></th>
|
509 |
+
<td align="left">
|
510 |
+
<p><label><input type="radio" name="sched_scan" value="0"<?php checked($sched_scan, 0) ?> /><?php _e('No (default)', 'ninjafirewall') ?></label></p>
|
511 |
+
<p><label><input type="radio" name="sched_scan" value="1"<?php checked($sched_scan, 1) ?> /><?php _e('Hourly', 'ninjafirewall') ?></label></p>
|
512 |
+
<p><label><input type="radio" name="sched_scan" value="2"<?php checked($sched_scan, 2) ?> /><?php _e('Twicedaily', 'ninjafirewall') ?></label></p>
|
513 |
+
<p><label><input type="radio" name="sched_scan" value="3"<?php checked($sched_scan, 3) ?> /><?php _e('Daily', 'ninjafirewall') ?></label></p>
|
514 |
+
<?php
|
515 |
+
if ( $nextscan = wp_next_scheduled('nfscanevent') ) {
|
516 |
+
$sched = new DateTime( date('M d, Y H:i:s', $nextscan) );
|
517 |
+
$now = new DateTime( date('M d, Y H:i:s', time() ) );
|
518 |
+
$diff = $now->diff($sched);
|
519 |
+
?>
|
520 |
+
<p><span class="description"><?php printf( __('Next scan will start in approximately %s day(s), %s hour(s), %s minute(s) and %s second(s).', 'ninjafirewall'), $diff->format('%a') % 7, $diff->format('%h'), $diff->format('%i'), $diff->format('%s') ) ?></span></p>
|
521 |
+
<?php
|
522 |
+
// Ensure that the scheduled scan time is in the future,
|
523 |
+
// not in the past, otherwise send a warning because wp-cron
|
524 |
+
// is obviously not working as expected :
|
525 |
+
if ( $nextscan < time() ) {
|
526 |
+
?>
|
527 |
+
<p><img src="<?php echo plugins_url() ?>/ninjafirewall/images/icon_warn_16.png" height="16" border="0" width="16"> <span class="description"><?php _e('The next scheduled scan date is in the past! WordPress wp-cron may not be working or may have been disabled.', 'ninjafirewall'); ?></span>
|
528 |
+
<?php
|
529 |
+
}
|
530 |
+
}
|
531 |
+
?>
|
532 |
+
</td>
|
533 |
+
</tr>
|
534 |
+
<tr>
|
535 |
+
<th scope="row"><?php _e('Scheduled scan report', 'ninjafirewall') ?></th>
|
536 |
+
<td align="left">
|
537 |
+
<p><label><input type="radio" name="report_scan" value="0"<?php checked($report_scan, 0) ?> /><?php _e('Send me a report by email only if changes are detected (default)', 'ninjafirewall') ?></label></p>
|
538 |
+
<p><label><input type="radio" name="report_scan" value="1"<?php checked($report_scan, 1) ?> /><?php _e('Always send me a report by email after a scheduled scan', 'ninjafirewall') ?></label></p>
|
539 |
+
</td>
|
540 |
+
</tr>
|
541 |
+
</table>
|
542 |
+
<input type="hidden" name="nfw_act" value="scheduled" />
|
543 |
+
<p><input type="submit" class="button-primary" value="<?php _e('Save Scan Options', 'ninjafirewall') ?>" /></p>
|
544 |
+
</form>
|
545 |
+
|
546 |
+
</div>
|
547 |
+
<?php
|
548 |
+
|
549 |
+
/* ------------------------------------------------------------------ */
|
550 |
+
|
551 |
+
function nf_sub_monitoring_create($nfmon_snapshot) {
|
552 |
+
|
553 |
+
// Check POST data:
|
554 |
+
if ( empty($_POST['snapdir']) ) {
|
555 |
+
return __('Enter the full path to the directory to be scanned.', 'ninjafirewall');
|
556 |
+
}
|
557 |
+
if ( strlen($_POST['snapdir']) > 1 ) {
|
558 |
+
$_POST['snapdir'] = trim($_POST['snapdir'], ' ');
|
559 |
+
$_POST['snapdir'] = rtrim($_POST['snapdir'], '/');
|
560 |
+
}
|
561 |
+
if (! file_exists($_POST['snapdir']) ) {
|
562 |
+
return sprintf( __('The directory %s does not exist.', 'ninjafirewall'), '<code>'. htmlspecialchars($_POST['snapdir']) .'</code>');
|
563 |
+
}
|
564 |
+
if (! is_readable($_POST['snapdir']) ) {
|
565 |
+
return sprintf( __('The directory %s is not readable.', 'ninjafirewall'), '<code>'. htmlspecialchars($_POST['snapdir']) .'</code>');
|
566 |
+
}
|
567 |
+
if ( isset($_POST['snapnoslink']) ) {
|
568 |
+
$snapnoslink = 1;
|
569 |
+
} else {
|
570 |
+
$snapnoslink = 0;
|
571 |
+
}
|
572 |
+
|
573 |
+
$snapexclude = '';
|
574 |
+
if (! empty( $_POST['snapexclude'] ) ) {
|
575 |
+
$_POST['snapexclude'] = trim( $_POST['snapexclude'] );
|
576 |
+
$_POST['snapexclude'] = preg_replace( '/\s*,\s*/', ',', $_POST['snapexclude'] );
|
577 |
+
$tmp = preg_quote( $_POST['snapexclude'], '/' );
|
578 |
+
$snapexclude = str_replace(',', '|', $tmp);
|
579 |
+
}
|
580 |
+
|
581 |
+
@ini_set('max_execution_time', 0);
|
582 |
+
$snapproc = microtime(true);
|
583 |
+
|
584 |
+
if ($fh = fopen($nfmon_snapshot, 'w') ) {
|
585 |
+
fwrite($fh, '<?php die("Forbidden"); ?>' . "\n");
|
586 |
+
$res = scd($_POST['snapdir'], $snapexclude, $fh, $snapnoslink);
|
587 |
+
fclose($fh);
|
588 |
+
|
589 |
+
// Error ?
|
590 |
+
if ($res) {
|
591 |
+
if (file_exists($nfmon_snapshot) ) {
|
592 |
+
unlink($nfmon_snapshot);
|
593 |
+
}
|
594 |
+
return $res;
|
595 |
+
}
|
596 |
+
|
597 |
+
// Save scan dir :
|
598 |
+
$nfw_options = nfw_get_option('nfw_options');
|
599 |
+
$nfw_options['snapproc'] = round( microtime(true) - $snapproc, 2);
|
600 |
+
$nfw_options['snapexclude'] = $_POST['snapexclude'];
|
601 |
+
$nfw_options['snapdir'] = $_POST['snapdir'];
|
602 |
+
$nfw_options['snapnoslink'] = $snapnoslink;
|
603 |
+
nfw_update_option('nfw_options', $nfw_options);
|
604 |
+
|
605 |
+
} else {
|
606 |
+
return sprintf( __('Cannot write to %s.', 'ninjafirewall'), '<code>'. $nfmon_snapshot .'</code>');
|
607 |
+
}
|
608 |
+
}
|
609 |
+
|
610 |
+
/* ------------------------------------------------------------------ */
|
611 |
+
|
612 |
+
function scd($snapdir, $snapexclude, $fh, $snapnoslink) {
|
613 |
+
|
614 |
+
if (is_readable($snapdir) ) {
|
615 |
+
if ($dh = opendir($snapdir) ) {
|
616 |
+
while ( FALSE !== ($file = readdir($dh)) ) {
|
617 |
+
if ( $file == '.' || $file == '..') { continue; }
|
618 |
+
$full_path = $snapdir . '/' . $file;
|
619 |
+
if ( $snapexclude ) {
|
620 |
+
if ( preg_match("/$snapexclude/", $full_path) ) { continue; }
|
621 |
+
}
|
622 |
+
if (is_readable($full_path)) {
|
623 |
+
if ( $snapnoslink && is_link($full_path)) { continue; }
|
624 |
+
if ( is_dir($full_path) ) {
|
625 |
+
scd($full_path, $snapexclude, $fh, $snapnoslink);
|
626 |
+
} elseif (is_file($full_path) ) {
|
627 |
+
$file_stat = stat($full_path);
|
628 |
+
fwrite($fh, $full_path . '::' . sprintf ("%04o", $file_stat['mode'] & 0777) . ':' . $file_stat['uid'] . ':' .
|
629 |
+
$file_stat['gid'] . ':' . $file_stat['size'] . ':' . $file_stat['mtime'] . ':' .
|
630 |
+
$file_stat['ctime'] . "\n");
|
631 |
+
}
|
632 |
+
}
|
633 |
+
}
|
634 |
+
closedir($dh);
|
635 |
+
} else {
|
636 |
+
return sprintf(__('Error : cannot open %s directory.', 'ninjafirewall'), '<code>'. htmlspecialchars($snapdir) .'</code>');
|
637 |
+
}
|
638 |
+
} else {
|
639 |
+
return sprintf(__('Error : %s directory is not readable.', 'ninjafirewall'), '<code>'. htmlspecialchars($snapdir) .'</code>');
|
640 |
+
}
|
641 |
+
}
|
642 |
+
|
643 |
+
/* ------------------------------------------------------------------ */
|
644 |
+
|
645 |
+
function nf_sub_monitoring_scan($nfmon_snapshot, $nfmon_diff) {
|
646 |
+
|
647 |
+
$nfw_options = nfw_get_option('nfw_options');
|
648 |
+
|
649 |
+
if (empty($nfw_options['enabled']) ) { return; }
|
650 |
+
|
651 |
+
@ini_set('max_execution_time', 0);
|
652 |
+
|
653 |
+
if (! isset($nfw_options['snapexclude']) || ! isset($nfw_options['snapdir']) || ! isset($nfw_options['snapnoslink']) ) {
|
654 |
+
return sprintf( __('Missing options line %s, please try again.', 'ninjafirewall'), __LINE__ );
|
655 |
+
}
|
656 |
+
$tmp = preg_quote($nfw_options['snapexclude'], '/');
|
657 |
+
$snapexclude = str_replace(',', '|', $tmp);
|
658 |
+
|
659 |
+
if ($fh = fopen($nfmon_snapshot . '_tmp', 'w') ) {
|
660 |
+
fwrite($fh, '<?php die("Forbidden"); ?>' . "\n");
|
661 |
+
$res = scd($nfw_options['snapdir'], $snapexclude, $fh, $nfw_options['snapnoslink']);
|
662 |
+
fclose($fh);
|
663 |
+
} else {
|
664 |
+
return sprintf( __('Cannot create %s.', 'ninjafirewall'), '<code>'. $nfmon_snapshot . '_tmp</code>');
|
665 |
+
}
|
666 |
+
|
667 |
+
// Error ?
|
668 |
+
if ($res) {
|
669 |
+
if (file_exists($nfmon_snapshot . '_tmp') ) {
|
670 |
+
unlink($nfmon_snapshot . '_tmp');
|
671 |
+
}
|
672 |
+
return $res;
|
673 |
+
}
|
674 |
+
|
675 |
+
// Compare both snapshots :
|
676 |
+
|
677 |
+
$old_files = $file = $new_files = array();
|
678 |
+
$modified_files = $match = array();
|
679 |
+
|
680 |
+
if (! $fh = fopen($nfmon_snapshot, 'r') ) {
|
681 |
+
return sprintf( __('Error reading old snapshot file.', 'ninjafirewall'), __LINE__ );
|
682 |
+
}
|
683 |
+
while (! feof($fh) ) {
|
684 |
+
$match = explode('::', rtrim(fgets($fh)) . '::' );
|
685 |
+
if (! empty($match[1]) ) {
|
686 |
+
$old_files[$match[0]] = $match[1];
|
687 |
+
}
|
688 |
+
}
|
689 |
+
fclose($fh);
|
690 |
+
|
691 |
+
if (! $fh = fopen($nfmon_snapshot . '_tmp', 'r') ) {
|
692 |
+
return sprintf( __('Error reading new snapshot file.', 'ninjafirewall'), __LINE__ );
|
693 |
+
}
|
694 |
+
while (! feof($fh) ) {
|
695 |
+
$match = explode('::', rtrim(fgets($fh)) . '::' );
|
696 |
+
|
697 |
+
if ( empty($match[1]) ) {
|
698 |
+
continue;
|
699 |
+
}
|
700 |
+
|
701 |
+
// New file ?
|
702 |
+
if ( empty( $old_files[$match[0]] ) ) {
|
703 |
+
$new_files[$match[0]] = $match[1];
|
704 |
+
continue;
|
705 |
+
}
|
706 |
+
|
707 |
+
// Modified file ?
|
708 |
+
if ( $old_files[$match[0]] != $match[1] ) {
|
709 |
+
$modified_files[$match[0]] = $old_files[$match[0]] . '::' . $match[1];
|
710 |
+
}
|
711 |
+
|
712 |
+
// Delete it from old files list :
|
713 |
+
unset( $old_files[$match[0]] );
|
714 |
+
}
|
715 |
+
fclose ($fh);
|
716 |
+
|
717 |
+
// Write changes to file, if any :
|
718 |
+
if ($new_files || $modified_files || $old_files) {
|
719 |
+
|
720 |
+
$fh = fopen($nfmon_diff, 'w');
|
721 |
+
fwrite($fh, '<?php die("Forbidden"); ?>' . "\n");
|
722 |
+
|
723 |
+
if ( $new_files ) {
|
724 |
+
foreach ( $new_files as $fkey => $fvalue ) {
|
725 |
+
fwrite($fh, $fkey . '::N::' . $fvalue . "\n");
|
726 |
+
}
|
727 |
+
}
|
728 |
+
|
729 |
+
if ( $modified_files ) {
|
730 |
+
foreach ( $modified_files as $fkey => $fvalue ) {
|
731 |
+
fwrite($fh, $fkey . '::M::' . $fvalue . "\n");
|
732 |
+
}
|
733 |
+
}
|
734 |
+
|
735 |
+
if ( $old_files ) {
|
736 |
+
foreach ( $old_files as $fkey => $fvalue ) {
|
737 |
+
fwrite($fh, $fkey . '::D::' . $fvalue . "\n");
|
738 |
+
}
|
739 |
+
}
|
740 |
+
fclose($fh);
|
741 |
+
rename( $nfmon_snapshot . '_tmp', $nfmon_snapshot);
|
742 |
+
|
743 |
+
} else {
|
744 |
+
if (file_exists($nfmon_diff) ) {
|
745 |
+
// Keep last changes :
|
746 |
+
rename($nfmon_diff, $nfmon_diff. '.php');
|
747 |
+
}
|
748 |
+
unlink( $nfmon_snapshot . '_tmp');
|
749 |
+
}
|
750 |
+
}
|
751 |
+
|
752 |
+
/* ------------------------------------------------------------------ */
|
753 |
+
|
754 |
+
function nf_scheduled_scan() {
|
755 |
+
|
756 |
+
$nfw_options = nfw_get_option('nfw_options');
|
757 |
+
|
758 |
+
if (! isset($_POST['sched_scan']) || ! preg_match('/^[1-3]$/', $_POST['sched_scan']) ) {
|
759 |
+
$nfw_options['sched_scan'] = 0;
|
760 |
+
// Clear scheduled scan, if any :
|
761 |
+
if ( wp_next_scheduled('nfscanevent') ) {
|
762 |
+
wp_clear_scheduled_hook('nfscanevent');
|
763 |
+
}
|
764 |
+
} else {
|
765 |
+
if ($_POST['sched_scan'] == 1) {
|
766 |
+
$schedtype = 'hourly';
|
767 |
+
} elseif ($_POST['sched_scan'] == 2) {
|
768 |
+
$schedtype = 'twicedaily';
|
769 |
+
} else {
|
770 |
+
$schedtype = 'daily';
|
771 |
+
}
|
772 |
+
$nfw_options['sched_scan'] = $_POST['sched_scan'];
|
773 |
+
// Create a new scheduled scan :
|
774 |
+
if ( wp_next_scheduled('nfscanevent') ) {
|
775 |
+
wp_clear_scheduled_hook('nfscanevent');
|
776 |
+
}
|
777 |
+
wp_schedule_event( time() + 3600, $schedtype, 'nfscanevent');
|
778 |
+
}
|
779 |
+
|
780 |
+
if ( empty($_POST['report_scan']) ) {
|
781 |
+
$nfw_options['report_scan'] = 0;
|
782 |
+
} else {
|
783 |
+
$nfw_options['report_scan'] = 1;
|
784 |
+
}
|
785 |
+
nfw_update_option('nfw_options', $nfw_options);
|
786 |
+
|
787 |
+
}
|
788 |
+
|
789 |
+
/* ------------------------------------------------------------------ */
|
790 |
+
|
791 |
+
function nf_scan_email($nfmon_diff, $log_dir) {
|
792 |
+
|
793 |
+
$nfw_options = nfw_get_option('nfw_options');
|
794 |
+
if ( ( is_multisite() ) && ( $nfw_options['alert_sa_only'] == 2 ) ) {
|
795 |
+
$recipient = get_option('admin_email');
|
796 |
+
} else {
|
797 |
+
$recipient = $nfw_options['alert_email'];
|
798 |
+
}
|
799 |
+
|
800 |
+
nfw_get_blogtimezone();
|
801 |
+
|
802 |
+
// Changes were detected :
|
803 |
+
if ( $nfmon_diff ) {
|
804 |
+
$stat = stat($nfmon_diff);
|
805 |
+
$data = '== NinjaFirewall File Check (diff)'. "\n";
|
806 |
+
$data.= '== ' . site_url() . "\n";
|
807 |
+
$data.= '== ' . date_i18n('M d, Y @ H:i:s O', $stat['ctime']) . "\n\n";
|
808 |
+
$data.= '[+] = ' . __('New file', 'ninjafirewall') .
|
809 |
+
' [-] = ' . __('Deleted file', 'ninjafirewall') .
|
810 |
+
' [!] = ' . __('Modified file', 'ninjafirewall') .
|
811 |
+
"\n\n";
|
812 |
+
$fh = fopen($nfmon_diff, 'r');
|
813 |
+
while (! feof($fh) ) {
|
814 |
+
$res = explode('::', fgets($fh) );
|
815 |
+
if ( empty($res[1]) ) { continue; }
|
816 |
+
// New file :
|
817 |
+
if ($res[1] == 'N') {
|
818 |
+
$data .= '[+] ' . $res[0] . "\n";
|
819 |
+
// Deleted file :
|
820 |
+
} elseif ($res[1] == 'D') {
|
821 |
+
$data .= '[-] ' . $res[0] . "\n";
|
822 |
+
// Modified file:
|
823 |
+
} elseif ($res[1] == 'M') {
|
824 |
+
$data .= '[!] ' . $res[0] . "\n";
|
825 |
+
}
|
826 |
+
}
|
827 |
+
fclose($fh);
|
828 |
+
$data .= "\n== EOF\n";
|
829 |
+
@file_put_contents($log_dir . 'nf_filecheck.txt', $data, LOCK_EX);
|
830 |
+
$subject = __('[NinjaFirewall] Alert: File Check detection', 'ninjafirewall');
|
831 |
+
$msg = __('NinjaFirewall detected that changes were made to your files.', 'ninjafirewall') . "\n\n";
|
832 |
+
if ( is_multisite() ) {
|
833 |
+
$msg .=__('Blog:', 'ninjafirewall') .' '. network_home_url('/') . "\n";
|
834 |
+
} else {
|
835 |
+
$msg .=__('Blog:', 'ninjafirewall') .' '. home_url('/') . "\n";
|
836 |
+
}
|
837 |
+
$msg .= sprintf( __('Date: %s', 'ninjafirewall'), ucfirst(date_i18n('M d, Y @ H:i:s O')) )."\n\n";
|
838 |
+
$msg .= __('See attached file for details.', 'ninjafirewall') . "\n\n" .
|
839 |
+
'NinjaFirewall (WP Edition) - https://nintechnet.com/' . "\n" .
|
840 |
+
__('Support forum:', 'ninjafirewall') .' http://wordpress.org/support/plugin/ninjafirewall' . "\n";
|
841 |
+
|
842 |
+
wp_mail( $recipient, $subject, $msg, '', $log_dir . 'nf_filecheck.txt' );
|
843 |
+
unlink($log_dir . 'nf_filecheck.txt');
|
844 |
+
|
845 |
+
} else {
|
846 |
+
|
847 |
+
// User asked to always receive a report after a scheduled scan :
|
848 |
+
$subject = __('[NinjaFirewall] File Check report', 'ninjafirewall');
|
849 |
+
$msg = __('NinjaFirewall did not detect changes in your files.', 'ninjafirewall') . "\n\n";
|
850 |
+
if ( is_multisite() ) {
|
851 |
+
$msg .=__('Blog:', 'ninjafirewall') .' '. network_home_url('/') . "\n";
|
852 |
+
} else {
|
853 |
+
$msg .=__('Blog:', 'ninjafirewall') .' '. home_url('/') . "\n";
|
854 |
+
}
|
855 |
+
$msg .= sprintf( __('Date: %s', 'ninjafirewall'), ucfirst(date_i18n('M d, Y @ H:i:s O')) ) . "\n\n" .
|
856 |
+
'NinjaFirewall (WP Edition) - https://nintechnet.com/' . "\n" .
|
857 |
+
__('Support forum:', 'ninjafirewall') .' http://wordpress.org/support/plugin/ninjafirewall' . "\n";
|
858 |
+
wp_mail( $recipient, $subject, $msg );
|
859 |
+
}
|
860 |
+
}
|
861 |
+
|
862 |
+
/* ------------------------------------------------------------------ */
|
863 |
+
// EOF
|
lib/nf_sub_livelog.php
ADDED
@@ -0,0 +1,352 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+---------------------------------------------------------------------+
|
4 |
+
| NinjaFirewall (WP Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+---------------------------------------------------------------------+
|
8 |
+
| This program is free software: you can redistribute it and/or |
|
9 |
+
| modify it under the terms of the GNU General Public License as |
|
10 |
+
| published by the Free Software Foundation, either version 3 of |
|
11 |
+
| the License, or (at your option) any later version. |
|
12 |
+
| |
|
13 |
+
| This program is distributed in the hope that it will be useful, |
|
14 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
+
| GNU General Public License for more details. |
|
17 |
+
+---------------------------------------------------------------------+ i18n+ / sa
|
18 |
+
*/
|
19 |
+
|
20 |
+
if (! defined( 'NFW_ENGINE_VERSION' ) ) { die( 'Forbidden' ); }
|
21 |
+
|
22 |
+
// Block immediately if user is not allowed :
|
23 |
+
nf_not_allowed( 'block', __LINE__ );
|
24 |
+
|
25 |
+
if (! defined('NF_DISABLED') ) {
|
26 |
+
is_nfw_enabled();
|
27 |
+
}
|
28 |
+
if (NF_DISABLED) {
|
29 |
+
$err_msg = __('Error: NinjaFirewall must be enabled and working in order to use this feature.', 'ninjafirewall');
|
30 |
+
}
|
31 |
+
if ( empty($_SESSION['nfw_goodguy']) ) {
|
32 |
+
$err_msg = sprintf( __('Error: You must be whitelisted in order to use that feature: click on the <a href="%s">Firewall Policies</a> menu and ensure that the "Add the Administrator to the whitelist" option is enabled.', 'ninjafirewall'), '?page=nfsubpolicies' );
|
33 |
+
}
|
34 |
+
if (! empty($err_msg) ) {
|
35 |
+
?>
|
36 |
+
<div class="wrap">
|
37 |
+
<div style="width:33px;height:33px;background-image:url( <?php echo plugins_url() ?>/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
38 |
+
<h1><?php _e('Live Log', 'ninjafirewall') ?></h1>
|
39 |
+
<br />
|
40 |
+
<div class="error notice is-dismissible"><p><?php echo $err_msg ?></p></div>
|
41 |
+
</div>
|
42 |
+
<?php
|
43 |
+
return;
|
44 |
+
}
|
45 |
+
|
46 |
+
// Create an empty log :
|
47 |
+
$fh = fopen( NFW_LOG_DIR . '/nfwlog/cache/livelog.php', 'w');
|
48 |
+
fclose($fh);
|
49 |
+
$_SESSION['nfw_livelog'] = 1;
|
50 |
+
|
51 |
+
// jQuery ? No, thanks :
|
52 |
+
?>
|
53 |
+
<script>
|
54 |
+
var count = 0;
|
55 |
+
var lines = 0;
|
56 |
+
var liveon = 1;
|
57 |
+
<?php
|
58 |
+
if (! isset($_COOKIE['nfwscroll']) || ! empty($_COOKIE['nfwscroll']) ) {
|
59 |
+
// Default
|
60 |
+
echo 'var scroll = 1;';
|
61 |
+
$nfwscroll = 1;
|
62 |
+
} else {
|
63 |
+
echo 'var scroll = 0;';
|
64 |
+
$nfwscroll = 0;
|
65 |
+
}
|
66 |
+
if ( isset($_COOKIE['nfwintval']) && preg_match('/^(5|10|20|45)000$/', $_COOKIE['nfwintval']) ) {
|
67 |
+
echo "var liveint = {$_COOKIE['nfwintval']};";
|
68 |
+
$nfwintval = $_COOKIE['nfwintval'];
|
69 |
+
} else {
|
70 |
+
echo 'var liveint = 10000;';
|
71 |
+
$nfwintval = 10000;
|
72 |
+
}
|
73 |
+
?>
|
74 |
+
var livecls = 0;
|
75 |
+
var myinterval;
|
76 |
+
var ajaxURL = '<?php
|
77 |
+
if ( $_SERVER['SERVER_PORT'] == 443 ) {
|
78 |
+
echo site_url( '', 'https' );
|
79 |
+
} else {
|
80 |
+
echo site_url();
|
81 |
+
}
|
82 |
+
?>/index.php';
|
83 |
+
function getHTTPObject(){
|
84 |
+
var http;
|
85 |
+
if(window.XMLHttpRequest){
|
86 |
+
http = new XMLHttpRequest();
|
87 |
+
} else if(window.ActiveXObject){
|
88 |
+
http = new ActiveXObject("Microsoft.XMLHTTP");
|
89 |
+
}
|
90 |
+
return http;
|
91 |
+
}
|
92 |
+
var http = getHTTPObject();
|
93 |
+
function live_fetch() {
|
94 |
+
if (count) {
|
95 |
+
document.getElementById("loading").innerHTML = "<?php echo esc_js( __('Loading...', 'ninjafirewall') ) ?>";
|
96 |
+
document.getElementById('radioon').style.background = 'orange';
|
97 |
+
document.getElementById('radiooff').disabled = true;
|
98 |
+
}
|
99 |
+
http.open("POST", ajaxURL, true);
|
100 |
+
http.onreadystatechange = live_fetchRes;
|
101 |
+
http.setRequestHeader("Content-Type","application/x-www-form-urlencoded");
|
102 |
+
http.send('livecls=' + livecls + '&lines=' + lines);
|
103 |
+
count = 1;
|
104 |
+
livecls = 0;
|
105 |
+
}
|
106 |
+
live_fetch();
|
107 |
+
myinterval = setInterval(live_fetch, liveint);
|
108 |
+
|
109 |
+
function live_fetchRes() {
|
110 |
+
if (http.readyState == 4) {
|
111 |
+
if (http.status == 200) {
|
112 |
+
if (http.responseText == '') {
|
113 |
+
document.liveform.txtlog.value = '<?php echo esc_js( __('No traffic yet, please wait...', 'ninjafirewall') ) ?>' + "\n";
|
114 |
+
} else if (http.responseText != '*') {
|
115 |
+
if ( http.responseText.charAt(0) != '^' ) {
|
116 |
+
document.liveform.txtlog.value = '<?php echo esc_js( __('Error: Live Log did not receive the expected response from your server:', 'ninjafirewall') ) ?>' + "\n\n" + http.responseText;
|
117 |
+
} else {
|
118 |
+
var line = http.responseText.substr(1);
|
119 |
+
// Get number of lines :
|
120 |
+
var res = line.split(/\n/).length - 1;
|
121 |
+
// Work around for old IE bug :
|
122 |
+
if (! res) { res = 1; }
|
123 |
+
if (lines == 0) {
|
124 |
+
document.liveform.txtlog.value = line;
|
125 |
+
} else {
|
126 |
+
document.liveform.txtlog.value += line;
|
127 |
+
}
|
128 |
+
lines += res;
|
129 |
+
if (scroll) {
|
130 |
+
document.getElementById("idtxtlog").scrollTop = document.getElementById("idtxtlog").scrollHeight;
|
131 |
+
}
|
132 |
+
}
|
133 |
+
}
|
134 |
+
} else if (http.status == 404) {
|
135 |
+
document.liveform.txtlog.value += '<?php echo esc_js( __('Error: URL does not seem to exist:', 'ninjafirewall') ) ?> ' + ajaxURL + "\n";
|
136 |
+
} else if (http.status == 503) {
|
137 |
+
document.liveform.txtlog.value += '<?php echo esc_js( __('Error: cannot find your log file. Try to reload this page.', 'ninjafirewall') ) ?>' + "\n";
|
138 |
+
} else {
|
139 |
+
document.liveform.txtlog.value += '<?php echo esc_js( __('Error: the HTTP server returned the following error code:', 'ninjafirewall') ) ?> ' + http.status + "\n";
|
140 |
+
}
|
141 |
+
if (document.liveform.txtlog.value == '') {
|
142 |
+
document.liveform.txtlog.value = '<?php echo esc_js( __('No traffic yet, please wait...', 'ninjafirewall') ) ?>' + "\n";
|
143 |
+
}
|
144 |
+
document.getElementById('loading').innerHTML = "<?php echo esc_js( __('Sleeping', 'ninjafirewall') ) ?> " + liveint/1000 + " <?php echo esc_js( __('seconds', 'ninjafirewall') ) ?>...";
|
145 |
+
document.getElementById('radioon').style.background = 'green';
|
146 |
+
document.getElementById('radiooff').disabled = false;
|
147 |
+
return false;
|
148 |
+
}
|
149 |
+
}
|
150 |
+
function on_off(onoff) {
|
151 |
+
if (onoff == 1 && liveon != 1) {
|
152 |
+
liveon = 1;
|
153 |
+
live_fetch();
|
154 |
+
if (scroll == 1) {
|
155 |
+
document.getElementById("idtxtlog").scrollTop = document.getElementById("idtxtlog").scrollHeight;
|
156 |
+
}
|
157 |
+
document.getElementById("loading").innerHTML = "<?php echo esc_js( __('Sleeping', 'ninjafirewall') ) ?> " + liveint/1000 + " <?php echo esc_js( __('seconds', 'ninjafirewall') ) ?>...";
|
158 |
+
document.getElementById("liveint").disabled = false;
|
159 |
+
document.getElementById("livescroll").disabled = false;
|
160 |
+
document.getElementById('radioon').style.background = 'green';
|
161 |
+
document.getElementById('radioon').style.color = 'white';
|
162 |
+
myinterval = setInterval(live_fetch, liveint);
|
163 |
+
} else if (onoff != 1 && liveon == 1) {
|
164 |
+
liveon = 0;
|
165 |
+
lines = 0;
|
166 |
+
document.getElementById("loading").innerHTML = " ";
|
167 |
+
document.getElementById("liveint").disabled = true;
|
168 |
+
document.getElementById("livescroll").disabled = true;
|
169 |
+
clearInterval(myinterval);
|
170 |
+
document.getElementById('radioon').style.background = '';
|
171 |
+
document.getElementById('radioon').style.color = '';
|
172 |
+
}
|
173 |
+
}
|
174 |
+
function change_int(intv) {
|
175 |
+
clearInterval(myinterval);
|
176 |
+
liveint = intv;
|
177 |
+
document.getElementById("loading").innerHTML = "<?php echo esc_js( __('Sleeping', 'ninjafirewall') ) ?> " + liveint/1000 + " <?php echo esc_js( __('seconds', 'ninjafirewall') ) ?>...";
|
178 |
+
myinterval = setInterval(live_fetch, liveint);
|
179 |
+
// Add cookie so that we remember the user choice for 365 days:
|
180 |
+
create_cookie('nfwintval', intv);
|
181 |
+
}
|
182 |
+
function cls() {
|
183 |
+
document.liveform.txtlog.value = '';
|
184 |
+
livecls = 1;
|
185 |
+
lines = 0;
|
186 |
+
}
|
187 |
+
function is_scroll() {
|
188 |
+
if (document.liveform.livescroll.checked == true) {
|
189 |
+
scroll = 1;
|
190 |
+
if (liveon == 1) {
|
191 |
+
document.getElementById("idtxtlog").scrollTop = document.getElementById("idtxtlog").scrollHeight;
|
192 |
+
}
|
193 |
+
} else {
|
194 |
+
scroll = 0;
|
195 |
+
}
|
196 |
+
// Add cookie so that we remember the user choice for 365 days:
|
197 |
+
create_cookie('nfwscroll', scroll);
|
198 |
+
}
|
199 |
+
function create_cookie(name, value) {
|
200 |
+
// Add cookie so that we remember the user choice for 365 days:
|
201 |
+
var d = new Date();
|
202 |
+
d.setTime(d.getTime() + ( 365 * 24 * 60 * 60 * 1000) );
|
203 |
+
var expires = "expires=" + d.toUTCString();
|
204 |
+
document.cookie = name +'=' + value + "; " + expires;
|
205 |
+
}
|
206 |
+
</script>
|
207 |
+
|
208 |
+
<div class="wrap">
|
209 |
+
<div style="width:33px;height:33px;background-image:url( <?php echo plugins_url() ?>/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
210 |
+
<h1><?php _e('Live Log', 'ninjafirewall') ?></h1>
|
211 |
+
<?php
|
212 |
+
if ( isset($_POST['lf']) ) {
|
213 |
+
$res = nf_sub_liveloge_save();
|
214 |
+
if ($res) {
|
215 |
+
echo '<div class="error notice is-dismissible"><p>' . $res . '</p></div>';
|
216 |
+
} else {
|
217 |
+
echo '<div class="updated notice is-dismissible"><p>'. __('Your changes have been saved.', 'ninjafirewall') .'</p></div>';
|
218 |
+
}
|
219 |
+
}
|
220 |
+
$nfw_options = nfw_get_option('nfw_options');
|
221 |
+
?>
|
222 |
+
<form name="liveform">
|
223 |
+
<table class="form-table">
|
224 |
+
<tr>
|
225 |
+
<td style="width:100%;text-align:center;">
|
226 |
+
<span class="description" id="loading"> </span><br />
|
227 |
+
<textarea name="txtlog" id="idtxtlog" class="small-text code" style="width:100%;height:325px;" wrap="off" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false"><?php _e('No traffic yet, please wait...', 'ninjafirewall'); echo "\n"; ?></textarea>
|
228 |
+
<br />
|
229 |
+
<center>
|
230 |
+
<p>
|
231 |
+
<label><input type="radio" name="liveon" value="1" onclick="on_off(1)" checked="checked"><font style="color:white;background-color:green;padding:3px;border-radius:15px;" id="radioon"><?php _e('On', 'ninjafirewall') ?></font></label> <label><input type="radio" name="liveon" value="0" onclick="on_off(0)" id="radiooff"><?php _e('Off', 'ninjafirewall') ?></label> <?php _e('Refresh rate:', 'ninjafirewall') ?>
|
232 |
+
<select name="liveint" id="liveint" onchange="change_int(this.value);">
|
233 |
+
<option value="5000"<?php selected($nfwintval, 5000) ?>><?php _e('5 seconds', 'ninjafirewall') ?></option>
|
234 |
+
<option value="10000"<?php selected($nfwintval, 10000) ?>><?php _e('10 seconds', 'ninjafirewall') ?></option>
|
235 |
+
<option value="20000"<?php selected($nfwintval, 20000) ?>><?php _e('20 seconds', 'ninjafirewall') ?></option>
|
236 |
+
<option value="45000"<?php selected($nfwintval, 45000) ?>><?php _e('45 seconds', 'ninjafirewall') ?></option>
|
237 |
+
</select> <input type="button" class="button-secondary" name="livecls" value="<?php _e('Clear screen', 'ninjafirewall') ?>" onClick="cls()"/> <label><input type="checkbox" name="livescroll" id="livescroll" value="1" onchange="is_scroll()" <?php checked($nfwscroll, 1)?>><?php _e('Autoscrolling', 'ninjafirewall') ?></label>
|
238 |
+
</p>
|
239 |
+
</center>
|
240 |
+
</td>
|
241 |
+
</tr>
|
242 |
+
</table>
|
243 |
+
<div align="right"><span class="description"><?php _e('Live Log will not display whitelisted users and brute-force attacks.', 'ninjafirewall') ?></span></div>
|
244 |
+
</form>
|
245 |
+
<?php
|
246 |
+
if ( empty($nfw_options['liveformat']) ) {
|
247 |
+
$lf = 0;
|
248 |
+
$liveformat = '';
|
249 |
+
} else {
|
250 |
+
$lf = 1;
|
251 |
+
$liveformat = htmlspecialchars($nfw_options['liveformat']);
|
252 |
+
}
|
253 |
+
|
254 |
+
if ( empty($nfw_options['liveport']) || ! preg_match('/^[1-2]$/', $nfw_options['liveport']) ) {
|
255 |
+
$liveport = 0;
|
256 |
+
} else {
|
257 |
+
$liveport = $nfw_options['liveport'];
|
258 |
+
}
|
259 |
+
if ( empty($nfw_options['livetz']) || preg_match('/[^\w\/]/', $nfw_options['livetz']) ) {
|
260 |
+
$livetz = 'UTC';
|
261 |
+
} else {
|
262 |
+
$livetz = $nfw_options['livetz'];
|
263 |
+
}
|
264 |
+
?>
|
265 |
+
<form method="post">
|
266 |
+
<h3><?php _e('Live Log options', 'ninjafirewall') ?></h3>
|
267 |
+
<table class="form-table">
|
268 |
+
<tr>
|
269 |
+
<th scope="row"><?php _e('Format', 'ninjafirewall') ?></th>
|
270 |
+
<td align="left">
|
271 |
+
<p><label><input type="radio" name="lf" value="0"<?php checked($lf, 0) ?> onclick="document.getElementById('liveformat').disabled=true"><code>[%time] %name %client "%method %uri" "%referrer" "%ua" "%forward" "%host"</code></label></p>
|
272 |
+
<p><label><input type="radio" name="lf" value="1"<?php checked($lf, 1) ?> onclick="document.getElementById('liveformat').disabled=false"><?php _e('Custom', 'ninjafirewall') ?> </label><input id="liveformat" type="text" class="regular-text" name="liveformat" value="<?php echo $liveformat ?>"<?php disabled($lf, 0) ?> autocomplete="off"></p>
|
273 |
+
<span class="description"><?php _e('See contextual help for available log format.', 'ninjafirewall') ?></span>
|
274 |
+
</td>
|
275 |
+
</tr>
|
276 |
+
<tr>
|
277 |
+
<th scope="row"><?php _e('Display', 'ninjafirewall') ?></th>
|
278 |
+
<td align="left">
|
279 |
+
<select name="liveport">
|
280 |
+
<option value="0"<?php selected($liveport, 0) ?>><?php _e('HTTP and HTTPS traffic (default)', 'ninjafirewall') ?></option>
|
281 |
+
<option value="1"<?php selected($liveport, 1) ?>><?php _e('HTTP traffic only', 'ninjafirewall') ?></option>
|
282 |
+
<option value="2"<?php selected($liveport, 2) ?>><?php _e('HTTPS traffic only', 'ninjafirewall') ?></option>
|
283 |
+
</select>
|
284 |
+
</td>
|
285 |
+
</tr>
|
286 |
+
<tr>
|
287 |
+
<th scope="row"><?php _e('Timezone', 'ninjafirewall') ?></th>
|
288 |
+
<td align="left">
|
289 |
+
<select name="livetz">
|
290 |
+
<?php
|
291 |
+
$timezone_choice = nfw_timezone_choice();
|
292 |
+
foreach ($timezone_choice as $tz_place) {
|
293 |
+
echo '<option value ="' . htmlentities( $tz_place ) . '"';
|
294 |
+
if ($livetz == $tz_place) { echo ' selected'; }
|
295 |
+
echo '>'. htmlentities( $tz_place ) .'</option>';
|
296 |
+
}
|
297 |
+
?>
|
298 |
+
</select>
|
299 |
+
</td>
|
300 |
+
</tr>
|
301 |
+
</table>
|
302 |
+
<p><input type="submit" class="button-primary" value="<?php _e('Save Live Log Options', 'ninjafirewall') ?>" /></p>
|
303 |
+
<?php wp_nonce_field('livelog_save', 'nfwnonce', 0); ?>
|
304 |
+
</form>
|
305 |
+
</div>
|
306 |
+
<?php
|
307 |
+
|
308 |
+
/* ------------------------------------------------------------------ */
|
309 |
+
function nf_sub_liveloge_save() {
|
310 |
+
|
311 |
+
if ( empty($_POST['nfwnonce']) || ! wp_verify_nonce($_POST['nfwnonce'], 'livelog_save') ) {
|
312 |
+
wp_nonce_ays('livelog_save');
|
313 |
+
}
|
314 |
+
|
315 |
+
$nfw_options = nfw_get_option('nfw_options');
|
316 |
+
|
317 |
+
if ( empty($_POST['lf']) ) {
|
318 |
+
$nfw_options['liveformat'] = '';
|
319 |
+
} else {
|
320 |
+
if (! empty($_POST['liveformat']) ) {
|
321 |
+
$tmp = stripslashes($_POST['liveformat']);
|
322 |
+
// Keep only the allowed characters :
|
323 |
+
$nfw_options['liveformat'] = preg_replace('`[^a-z%[\]"\x20]`', '', $tmp);
|
324 |
+
}
|
325 |
+
if (empty($_POST['liveformat']) ) {
|
326 |
+
return __('Error: please enter the custom log format.', 'ninjafirewall');
|
327 |
+
}
|
328 |
+
}
|
329 |
+
|
330 |
+
if ( empty($_POST['liveport']) || ! preg_match('/^[1-2]$/', $_POST['liveport']) ) {
|
331 |
+
$nfw_options['liveport'] = 0;
|
332 |
+
} else {
|
333 |
+
$nfw_options['liveport'] = $_POST['liveport'];
|
334 |
+
}
|
335 |
+
|
336 |
+
if ( empty($_POST['livetz']) || preg_match('/[^\w\/]/', $_POST['livetz']) ) {
|
337 |
+
$nfw_options['livetz'] = 0;
|
338 |
+
} else {
|
339 |
+
$nfw_options['livetz'] = $_POST['livetz'];
|
340 |
+
}
|
341 |
+
|
342 |
+
$nfw_options = nfw_update_option('nfw_options', $nfw_options);
|
343 |
+
}
|
344 |
+
|
345 |
+
/* ------------------------------------------------------------------ */
|
346 |
+
|
347 |
+
function nfw_timezone_choice() {
|
348 |
+
return array('UTC', 'Africa/Abidjan', 'Africa/Accra', 'Africa/Addis_Ababa', 'Africa/Algiers', 'Africa/Asmara', 'Africa/Asmera', 'Africa/Bamako', 'Africa/Bangui', 'Africa/Banjul', 'Africa/Bissau', 'Africa/Blantyre', 'Africa/Brazzaville', 'Africa/Bujumbura', 'Africa/Cairo', 'Africa/Casablanca', 'Africa/Ceuta', 'Africa/Conakry', 'Africa/Dakar', 'Africa/Dar_es_Salaam', 'Africa/Djibouti', 'Africa/Douala', 'Africa/El_Aaiun', 'Africa/Freetown', 'Africa/Gaborone', 'Africa/Harare', 'Africa/Johannesburg', 'Africa/Kampala', 'Africa/Khartoum', 'Africa/Kigali', 'Africa/Kinshasa', 'Africa/Lagos', 'Africa/Libreville', 'Africa/Lome', 'Africa/Luanda', 'Africa/Lubumbashi', 'Africa/Lusaka', 'Africa/Malabo', 'Africa/Maputo', 'Africa/Maseru', 'Africa/Mbabane', 'Africa/Mogadishu', 'Africa/Monrovia', 'Africa/Nairobi', 'Africa/Ndjamena', 'Africa/Niamey', 'Africa/Nouakchott', 'Africa/Ouagadougou', 'Africa/Porto-Novo', 'Africa/Sao_Tome', 'Africa/Timbuktu', 'Africa/Tripoli', 'Africa/Tunis', 'Africa/Windhoek', 'America/Adak', 'America/Anchorage', 'America/Anguilla', 'America/Antigua', 'America/Araguaina', 'America/Argentina/Buenos_Aires', 'America/Argentina/Catamarca', 'America/Argentina/ComodRivadavia', 'America/Argentina/Cordoba', 'America/Argentina/Jujuy', 'America/Argentina/La_Rioja', 'America/Argentina/Mendoza', 'America/Argentina/Rio_Gallegos', 'America/Argentina/Salta', 'America/Argentina/San_Juan', 'America/Argentina/San_Luis', 'America/Argentina/Tucuman', 'America/Argentina/Ushuaia', 'America/Aruba', 'America/Asuncion', 'America/Atikokan', 'America/Atka', 'America/Bahia', 'America/Barbados', 'America/Belem', 'America/Belize', 'America/Blanc-Sablon', 'America/Boa_Vista', 'America/Bogota', 'America/Boise', 'America/Buenos_Aires', 'America/Cambridge_Bay', 'America/Campo_Grande', 'America/Cancun', 'America/Caracas', 'America/Catamarca', 'America/Cayenne', 'America/Cayman', 'America/Chicago', 'America/Chihuahua', 'America/Coral_Harbour', 'America/Cordoba', 'America/Costa_Rica', 'America/Cuiaba', 'America/Curacao', 'America/Danmarkshavn', 'America/Dawson', 'America/Dawson_Creek', 'America/Denver', 'America/Detroit', 'America/Dominica', 'America/Edmonton', 'America/Eirunepe', 'America/El_Salvador', 'America/Ensenada', 'America/Fort_Wayne', 'America/Fortaleza', 'America/Glace_Bay', 'America/Godthab', 'America/Goose_Bay', 'America/Grand_Turk', 'America/Grenada', 'America/Guadeloupe', 'America/Guatemala', 'America/Guayaquil', 'America/Guyana', 'America/Halifax', 'America/Havana', 'America/Hermosillo', 'America/Indiana/Indianapolis', 'America/Indiana/Knox', 'America/Indiana/Marengo', 'America/Indiana/Petersburg', 'America/Indiana/Tell_City', 'America/Indiana/Vevay', 'America/Indiana/Vincennes', 'America/Indiana/Winamac', 'America/Indianapolis', 'America/Inuvik', 'America/Iqaluit', 'America/Jamaica', 'America/Jujuy', 'America/Juneau', 'America/Kentucky/Louisville', 'America/Kentucky/Monticello', 'America/Knox_IN', 'America/La_Paz', 'America/Lima', 'America/Los_Angeles', 'America/Louisville', 'America/Maceio', 'America/Managua', 'America/Manaus', 'America/Marigot', 'America/Martinique', 'America/Matamoros', 'America/Mazatlan', 'America/Mendoza', 'America/Menominee', 'America/Merida', 'America/Mexico_City', 'America/Miquelon', 'America/Moncton', 'America/Monterrey', 'America/Montevideo', 'America/Montreal', 'America/Montserrat', 'America/Nassau', 'America/New_York', 'America/Nipigon', 'America/Nome', 'America/Noronha', 'America/North_Dakota/Center', 'America/North_Dakota/New_Salem', 'America/Ojinaga', 'America/Panama', 'America/Pangnirtung', 'America/Paramaribo', 'America/Phoenix', 'America/Port-au-Prince', 'America/Port_of_Spain', 'America/Porto_Acre', 'America/Porto_Velho', 'America/Puerto_Rico', 'America/Rainy_River', 'America/Rankin_Inlet', 'America/Recife', 'America/Regina', 'America/Resolute', 'America/Rio_Branco', 'America/Rosario', 'America/Santa_Isabel', 'America/Santarem', 'America/Santiago', 'America/Santo_Domingo', 'America/Sao_Paulo', 'America/Scoresbysund', 'America/Shiprock', 'America/St_Barthelemy', 'America/St_Johns', 'America/St_Kitts', 'America/St_Lucia', 'America/St_Thomas', 'America/St_Vincent', 'America/Swift_Current', 'America/Tegucigalpa', 'America/Thule', 'America/Thunder_Bay', 'America/Tijuana', 'America/Toronto', 'America/Tortola', 'America/Vancouver', 'America/Virgin', 'America/Whitehorse', 'America/Winnipeg', 'America/Yakutat', 'America/Yellowknife', 'Arctic/Longyearbyen', 'Asia/Aden', 'Asia/Almaty', 'Asia/Amman', 'Asia/Anadyr', 'Asia/Aqtau', 'Asia/Aqtobe', 'Asia/Ashgabat', 'Asia/Ashkhabad', 'Asia/Baghdad', 'Asia/Bahrain', 'Asia/Baku', 'Asia/Bangkok', 'Asia/Beirut', 'Asia/Bishkek', 'Asia/Brunei', 'Asia/Calcutta', 'Asia/Choibalsan', 'Asia/Chongqing', 'Asia/Chungking', 'Asia/Colombo', 'Asia/Dacca', 'Asia/Damascus', 'Asia/Dhaka', 'Asia/Dili', 'Asia/Dubai', 'Asia/Dushanbe', 'Asia/Gaza', 'Asia/Harbin', 'Asia/Ho_Chi_Minh', 'Asia/Hong_Kong', 'Asia/Hovd', 'Asia/Irkutsk', 'Asia/Istanbul', 'Asia/Jakarta', 'Asia/Jayapura', 'Asia/Jerusalem', 'Asia/Kabul', 'Asia/Kamchatka', 'Asia/Karachi', 'Asia/Kashgar', 'Asia/Kathmandu', 'Asia/Katmandu', 'Asia/Kolkata', 'Asia/Krasnoyarsk', 'Asia/Kuala_Lumpur', 'Asia/Kuching', 'Asia/Kuwait', 'Asia/Macao', 'Asia/Macau', 'Asia/Magadan', 'Asia/Makassar', 'Asia/Manila', 'Asia/Muscat', 'Asia/Nicosia', 'Asia/Novokuznetsk', 'Asia/Novosibirsk', 'Asia/Omsk', 'Asia/Oral', 'Asia/Phnom_Penh', 'Asia/Pontianak', 'Asia/Pyongyang', 'Asia/Qatar', 'Asia/Qyzylorda', 'Asia/Rangoon', 'Asia/Riyadh', 'Asia/Saigon', 'Asia/Sakhalin', 'Asia/Samarkand', 'Asia/Seoul', 'Asia/Shanghai', 'Asia/Singapore', 'Asia/Taipei', 'Asia/Tashkent', 'Asia/Tbilisi', 'Asia/Tehran', 'Asia/Tel_Aviv', 'Asia/Thimbu', 'Asia/Thimphu', 'Asia/Tokyo', 'Asia/Ujung_Pandang', 'Asia/Ulaanbaatar', 'Asia/Ulan_Bator', 'Asia/Urumqi', 'Asia/Vientiane', 'Asia/Vladivostok', 'Asia/Yakutsk', 'Asia/Yekaterinburg', 'Asia/Yerevan', 'Atlantic/Azores', 'Atlantic/Bermuda', 'Atlantic/Canary', 'Atlantic/Cape_Verde', 'Atlantic/Faeroe', 'Atlantic/Faroe', 'Atlantic/Jan_Mayen', 'Atlantic/Madeira', 'Atlantic/Reykjavik', 'Atlantic/South_Georgia', 'Atlantic/St_Helena', 'Atlantic/Stanley', 'Australia/ACT', 'Australia/Adelaide', 'Australia/Brisbane', 'Australia/Broken_Hill', 'Australia/Canberra', 'Australia/Currie', 'Australia/Darwin', 'Australia/Eucla', 'Australia/Hobart', 'Australia/LHI', 'Australia/Lindeman', 'Australia/Lord_Howe', 'Australia/Melbourne', 'Australia/NSW', 'Australia/North', 'Australia/Perth', 'Australia/Queensland', 'Australia/South', 'Australia/Sydney', 'Australia/Tasmania', 'Australia/Victoria', 'Australia/West', 'Australia/Yancowinna', 'Europe/Amsterdam', 'Europe/Andorra', 'Europe/Athens', 'Europe/Belfast', 'Europe/Belgrade', 'Europe/Berlin', 'Europe/Bratislava', 'Europe/Brussels', 'Europe/Bucharest', 'Europe/Budapest', 'Europe/Chisinau', 'Europe/Copenhagen', 'Europe/Dublin', 'Europe/Gibraltar', 'Europe/Guernsey', 'Europe/Helsinki', 'Europe/Isle_of_Man', 'Europe/Istanbul', 'Europe/Jersey', 'Europe/Kaliningrad', 'Europe/Kiev', 'Europe/Lisbon', 'Europe/Ljubljana', 'Europe/London', 'Europe/Luxembourg', 'Europe/Madrid', 'Europe/Malta', 'Europe/Mariehamn', 'Europe/Minsk', 'Europe/Monaco', 'Europe/Moscow', 'Europe/Nicosia', 'Europe/Oslo', 'Europe/Paris', 'Europe/Podgorica', 'Europe/Prague', 'Europe/Riga', 'Europe/Rome', 'Europe/Samara', 'Europe/San_Marino', 'Europe/Sarajevo', 'Europe/Simferopol', 'Europe/Skopje', 'Europe/Sofia', 'Europe/Stockholm', 'Europe/Tallinn', 'Europe/Tirane', 'Europe/Tiraspol', 'Europe/Uzhgorod', 'Europe/Vaduz', 'Europe/Vatican', 'Europe/Vienna', 'Europe/Vilnius', 'Europe/Volgograd', 'Europe/Warsaw', 'Europe/Zagreb', 'Europe/Zaporozhye', 'Europe/Zurich', 'Indian/Antananarivo', 'Indian/Chagos', 'Indian/Christmas', 'Indian/Cocos', 'Indian/Comoro', 'Indian/Kerguelen', 'Indian/Mahe', 'Indian/Maldives', 'Indian/Mauritius', 'Indian/Mayotte', 'Indian/Reunion', 'Pacific/Apia', 'Pacific/Auckland', 'Pacific/Chatham', 'Pacific/Easter', 'Pacific/Efate', 'Pacific/Enderbury', 'Pacific/Fakaofo', 'Pacific/Fiji', 'Pacific/Funafuti', 'Pacific/Galapagos', 'Pacific/Gambier', 'Pacific/Guadalcanal', 'Pacific/Guam', 'Pacific/Honolulu', 'Pacific/Johnston', 'Pacific/Kiritimati', 'Pacific/Kosrae', 'Pacific/Kwajalein', 'Pacific/Majuro', 'Pacific/Marquesas', 'Pacific/Midway', 'Pacific/Nauru', 'Pacific/Niue', 'Pacific/Norfolk', 'Pacific/Noumea', 'Pacific/Pago_Pago', 'Pacific/Palau', 'Pacific/Pitcairn', 'Pacific/Ponape', 'Pacific/Port_Moresby', 'Pacific/Rarotonga', 'Pacific/Saipan', 'Pacific/Samoa', 'Pacific/Tahiti', 'Pacific/Tarawa', 'Pacific/Tongatapu', 'Pacific/Truk', 'Pacific/Wake', 'Pacific/Wallis', 'Pacific/Yap');
|
349 |
+
}
|
350 |
+
|
351 |
+
/* ------------------------------------------------------------------ */
|
352 |
+
// EOF
|
lib/nf_sub_log.php
ADDED
@@ -0,0 +1,289 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+---------------------------------------------------------------------+
|
4 |
+
| NinjaFirewall (WP Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+---------------------------------------------------------------------+
|
8 |
+
| This program is free software: you can redistribute it and/or |
|
9 |
+
| modify it under the terms of the GNU General Public License as |
|
10 |
+
| published by the Free Software Foundation, either version 3 of |
|
11 |
+
| the License, or (at your option) any later version. |
|
12 |
+
| |
|
13 |
+
| This program is distributed in the hope that it will be useful, |
|
14 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
+
| GNU General Public License for more details. |
|
17 |
+
+---------------------------------------------------------------------+ i18n+ / sa
|
18 |
+
*/
|
19 |
+
|
20 |
+
if (! defined( 'NFW_ENGINE_VERSION' ) ) { die( 'Forbidden' ); }
|
21 |
+
|
22 |
+
nf_not_allowed( 'block', __LINE__ );
|
23 |
+
|
24 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
25 |
+
|
26 |
+
$log_dir = NFW_LOG_DIR . '/nfwlog/';
|
27 |
+
$monthly_log = 'firewall_' . date( 'Y-m' ) . '.php';
|
28 |
+
|
29 |
+
if ( ! file_exists( $log_dir . $monthly_log ) ) {
|
30 |
+
nf_sub_log_create( $log_dir . $monthly_log );
|
31 |
+
}
|
32 |
+
|
33 |
+
if (! is_writable( $log_dir . $monthly_log ) ) {
|
34 |
+
$write_err = sprintf( __('the current month log (%s) is not writable. Please chmod it and its parent directory to 0777', 'ninjafirewall'), htmlspecialchars( $log_dir . $monthly_log ) );
|
35 |
+
} elseif (! is_writable( $log_dir ) ) {
|
36 |
+
$write_err = sprintf( __('the log directory (%s) is not writable. Please chmod it to 0777', 'ninjafirewall'), htmlspecialchars($log_dir ) );
|
37 |
+
}
|
38 |
+
|
39 |
+
global $available_logs;
|
40 |
+
$available_logs = nf_sub_log_find_local( $log_dir );
|
41 |
+
|
42 |
+
if (! empty( $_POST['nfw_act']) && $_POST['nfw_act'] == 'pubkey' ) {
|
43 |
+
if ( empty($_POST['nfwnonce']) || ! wp_verify_nonce($_POST['nfwnonce'], 'clogs_pubkey') ) {
|
44 |
+
wp_nonce_ays('clogs_pubkey');
|
45 |
+
}
|
46 |
+
if (isset( $_POST['delete_pubkey'] ) ) {
|
47 |
+
$_POST['nfw_options']['clogs_pubkey'] = '';
|
48 |
+
$ok_msg = __('Your public key has been deleted', 'ninjafirewall');
|
49 |
+
} else {
|
50 |
+
$ok_msg = __('Your public key has been saved', 'ninjafirewall');
|
51 |
+
}
|
52 |
+
nf_sub_log_save_pubkey( $nfw_options );
|
53 |
+
|
54 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
55 |
+
}
|
56 |
+
|
57 |
+
$max_lines = 1500;
|
58 |
+
|
59 |
+
if ( isset( $_GET['nfw_logname'] ) ) {
|
60 |
+
if ( empty( $_GET['nfwnonce'] ) || ! wp_verify_nonce($_GET['nfwnonce'], 'log_select') ) {
|
61 |
+
wp_nonce_ays('log_select');
|
62 |
+
}
|
63 |
+
$data = nf_sub_log_read_local( $_GET['nfw_logname'], $log_dir, $max_lines-1 );
|
64 |
+
}
|
65 |
+
|
66 |
+
if ( isset( $_GET['nfw_logname'] ) && ! empty( $available_logs[$_GET['nfw_logname']] ) ) {
|
67 |
+
$selected_log = $_GET['nfw_logname'];
|
68 |
+
} else {
|
69 |
+
$selected_log = $monthly_log;
|
70 |
+
$data = nf_sub_log_read_local( $monthly_log, $log_dir, $max_lines-1 );
|
71 |
+
}
|
72 |
+
|
73 |
+
nf_sub_log_js_header();
|
74 |
+
|
75 |
+
?>
|
76 |
+
<div class="wrap">
|
77 |
+
<div style="width:33px;height:33px;background-image:url(<?php echo plugins_url(); ?>/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
78 |
+
<h1><?php _e('Firewall Log', 'ninjafirewall') ?></h1>
|
79 |
+
<?php
|
80 |
+
|
81 |
+
if ( ! empty( $write_err ) ) {
|
82 |
+
echo '<div class="error notice is-dismissible"><p>' . __('Error', 'ninjafirewall') . ': ' . $write_err . '</p></div>';
|
83 |
+
}
|
84 |
+
|
85 |
+
if ( ! empty( $ok_msg ) ) {
|
86 |
+
echo '<div class="updated notice is-dismissible"><p>' . $ok_msg . '.</p></div>';
|
87 |
+
}
|
88 |
+
if ( isset( $data['lines'] ) && $data['lines'] > $max_lines ) {
|
89 |
+
echo '<div class="notice-info notice is-dismissible"><p>' . __('Note', 'ninjafirewall') . ': ' . sprintf( __('your log has %s lines. I will display the last %s lines only.', 'ninjafirewall'), $data['lines'], $max_lines ) . '</p></div>';
|
90 |
+
}
|
91 |
+
|
92 |
+
|
93 |
+
echo '<center>' . __('Viewing:', 'ninjafirewall') . ' <select onChange=\'window.location="?page=nfsublog&nfwnonce='. wp_create_nonce('log_select') .'&nfw_logname=" + this.value;\'>';
|
94 |
+
foreach ($available_logs as $log_name => $tmp) {
|
95 |
+
echo '<option value="' . $log_name . '"';
|
96 |
+
if ( $selected_log == $log_name ) {
|
97 |
+
echo ' selected';
|
98 |
+
}
|
99 |
+
$log_stat = stat($log_dir . $log_name);
|
100 |
+
echo '>' . str_replace('.php', '', $log_name) . ' (' . number_format($log_stat['size']) .' '. __('bytes', 'ninjafirewall') . ')</option>';
|
101 |
+
}
|
102 |
+
echo '</select></center>';
|
103 |
+
|
104 |
+
$levels = array( '', 'MEDIUM', 'HIGH', 'CRITICAL', 'ERROR', 'UPLOAD', 'INFO', 'DEBUG_ON' );
|
105 |
+
|
106 |
+
nfw_get_blogtimezone();
|
107 |
+
|
108 |
+
$logline = '';
|
109 |
+
if ( isset( $data['log'] ) && is_array( $data['log'] ) ) {
|
110 |
+
foreach ( $data['log'] as $line ) {
|
111 |
+
if ( preg_match( '/^\[(\d{10})\]\s+\[.+?\]\s+\[(.+?)\]\s+\[(#\d{7})\]\s+\[(\d+)\]\s+\[(\d)\]\s+\[([\d.:a-fA-F, ]+?)\]\s+\[.+?\]\s+\[(.+?)\]\s+\[(.+?)\]\s+\[(.+?)\]\s+\[(hex:|b64:)?(.+)\]$/', $line, $match ) ) {
|
112 |
+
if ( empty( $match[4]) ) { $match[4] = '-'; }
|
113 |
+
if ( $match[10] == 'hex:' ) { $match[11] = pack('H*', $match[11]); }
|
114 |
+
if ( $match[10] == 'b64:' ) { $match[11] = base64_decode( $match[11]); }
|
115 |
+
$res = date( 'd/M/y H:i:s', $match[1] ) . ' ' . $match[3] . ' ' .
|
116 |
+
str_pad( $levels[$match[5]], 8 , ' ', STR_PAD_RIGHT) .' ' .
|
117 |
+
str_pad( $match[4], 4 , ' ', STR_PAD_LEFT) . ' ' . str_pad( $match[6], 15, ' ', STR_PAD_RIGHT) . ' ' .
|
118 |
+
$match[7] . ' ' . $match[8] . ' - ' . $match[9] . ' - [' . $match[11] . '] - ' . $match[2];
|
119 |
+
$logline .= htmlentities( $res ."\n" );
|
120 |
+
}
|
121 |
+
}
|
122 |
+
}
|
123 |
+
|
124 |
+
?>
|
125 |
+
<form name="frmlog">
|
126 |
+
<table class="form-table">
|
127 |
+
<tr>
|
128 |
+
<td width="100%">
|
129 |
+
<textarea name="txtlog" class="small-text code" style="width:100%;height:300px;" wrap="off" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false"><?php
|
130 |
+
if ( ! empty( $logline ) ) {
|
131 |
+
echo ' DATE INCIDENT LEVEL RULE IP REQUEST' . "\n";
|
132 |
+
echo $logline;
|
133 |
+
} else {
|
134 |
+
if (! empty( $data['err_msg'] ) ) {
|
135 |
+
echo "\n\n > {$data['err_msg']}";
|
136 |
+
} else {
|
137 |
+
echo "\n\n > " . __('The selected log is empty.', 'ninjafirewall');
|
138 |
+
}
|
139 |
+
}
|
140 |
+
?></textarea>
|
141 |
+
<br />
|
142 |
+
<center>
|
143 |
+
<span class="description"><?php _e('The log is rotated monthly', 'ninjafirewall') ?></span>
|
144 |
+
</center>
|
145 |
+
</td>
|
146 |
+
</tr>
|
147 |
+
</table>
|
148 |
+
</form>
|
149 |
+
|
150 |
+
<a name="clogs"></a>
|
151 |
+
<form name="frmlog2" method="post" action="?page=nfsublog" onsubmit="return check_key();">
|
152 |
+
<?php
|
153 |
+
|
154 |
+
wp_nonce_field('clogs_pubkey', 'nfwnonce', 0);
|
155 |
+
if ( empty( $nfw_options['clogs_pubkey'] ) || ! preg_match( '/^[a-f0-9]{40}:(?:[a-f0-9:.]{3,39}|\*)$/', $nfw_options['clogs_pubkey'] ) ) {
|
156 |
+
$nfw_options['clogs_pubkey'] = '';
|
157 |
+
}
|
158 |
+
|
159 |
+
?>
|
160 |
+
<br />
|
161 |
+
|
162 |
+
<a name="clogs"></a>
|
163 |
+
<h3><?php _e('Centralized Logging', 'ninjafirewall') ?></h3>
|
164 |
+
<table class="form-table">
|
165 |
+
<tr>
|
166 |
+
<th scope="row"><?php _e('Enter your public key (optional)', 'ninjafirewall') ?></th>
|
167 |
+
<td align="left">
|
168 |
+
<input class="large-text" type="text" maxlength="80" name="nfw_options[clogs_pubkey]" value="<?php echo htmlspecialchars( $nfw_options['clogs_pubkey'] ) ?>" autocomplete="off" />
|
169 |
+
<p><span class="description"><?php printf( __('<a href="%s">Consult our blog</a> if you want to enable centralized logging.', 'ninjafirewall'), 'https://blog.nintechnet.com/centralized-logging-with-ninjafirewall/' ) ?></span></p>
|
170 |
+
</td>
|
171 |
+
</tr>
|
172 |
+
</table>
|
173 |
+
|
174 |
+
<br />
|
175 |
+
<input type="hidden" name="nfw_act" value="pubkey" />
|
176 |
+
<input class="button-primary" name="save_pubkey" onclick="what=0" value="<?php _e('Save Public Key', 'ninjafirewall') ?>" type="submit" />
|
177 |
+
|
178 |
+
<input class="button-secondary" name="delete_pubkey" onclick="what=1" value="<?php _e('Delete Public Key', 'ninjafirewall') ?>" type="submit"<?php disabled($nfw_options['clogs_pubkey'], '' ) ?> />
|
179 |
+
|
180 |
+
</form>
|
181 |
+
|
182 |
+
<?php
|
183 |
+
echo '
|
184 |
+
</div>';
|
185 |
+
|
186 |
+
/* ------------------------------------------------------------------ */
|
187 |
+
|
188 |
+
function nf_sub_log_js_header() {
|
189 |
+
|
190 |
+
echo '<script>
|
191 |
+
var what;
|
192 |
+
function check_key() {
|
193 |
+
if (what == 1) { return true; }
|
194 |
+
var pubkey = document.frmlog2.elements["nfw_options[clogs_pubkey]"];
|
195 |
+
if (! pubkey.value.match( /^[a-f0-9]{40}:(?:[a-f0-9:.]{3,39}|\*)$/) ) {
|
196 |
+
pubkey.focus();
|
197 |
+
alert("'. esc_js( __('Your public key is not valid.', 'ninjafirewall') ) . '");
|
198 |
+
return false;
|
199 |
+
}
|
200 |
+
}
|
201 |
+
</script>';
|
202 |
+
|
203 |
+
}
|
204 |
+
|
205 |
+
/* ------------------------------------------------------------------ */
|
206 |
+
|
207 |
+
function nf_sub_log_create( $log ) {
|
208 |
+
|
209 |
+
file_put_contents( $log, "<?php exit; ?>\n" );
|
210 |
+
|
211 |
+
}
|
212 |
+
|
213 |
+
/* ------------------------------------------------------------------ */
|
214 |
+
|
215 |
+
function nf_sub_log_find_local( $log_dir ) {
|
216 |
+
|
217 |
+
$available_logs = array();
|
218 |
+
if ( is_dir( $log_dir ) ) {
|
219 |
+
if ( $dh = opendir( $log_dir ) ) {
|
220 |
+
while ( ($file = readdir($dh) ) !== false ) {
|
221 |
+
if (preg_match( '/^(firewall_(\d{4})-(\d\d)(?:\.\d+)?\.php)$/', $file, $match ) ) {
|
222 |
+
$available_logs[$match[1]] = 1;
|
223 |
+
}
|
224 |
+
}
|
225 |
+
closedir($dh);
|
226 |
+
}
|
227 |
+
}
|
228 |
+
krsort($available_logs);
|
229 |
+
|
230 |
+
return $available_logs;
|
231 |
+
}
|
232 |
+
|
233 |
+
/* ------------------------------------------------------------------ */
|
234 |
+
|
235 |
+
function nf_sub_log_save_pubkey( $nfw_options ) {
|
236 |
+
|
237 |
+
if ( empty( $_POST['nfw_options']['clogs_pubkey'] ) ||
|
238 |
+
! preg_match( '/^[a-f0-9]{40}:(?:[a-f0-9:.]{3,39}|\*)$/', $_POST['nfw_options']['clogs_pubkey'] ) ) {
|
239 |
+
$nfw_options['clogs_pubkey'] = '';
|
240 |
+
} else {
|
241 |
+
$nfw_options['clogs_pubkey'] = $_POST['nfw_options']['clogs_pubkey'];
|
242 |
+
}
|
243 |
+
|
244 |
+
nfw_update_option( 'nfw_options', $nfw_options);
|
245 |
+
|
246 |
+
}
|
247 |
+
|
248 |
+
/* ------------------------------------------------------------------ */
|
249 |
+
|
250 |
+
function nf_sub_log_read_local( $log, $log_dir, $max_lines ) {
|
251 |
+
|
252 |
+
if (! preg_match( '/^(firewall_\d{4}-\d\d(?:\.\d+)?\.)php$/', trim( $log ) ) ) {
|
253 |
+
wp_nonce_ays('log_select');
|
254 |
+
}
|
255 |
+
|
256 |
+
$data = array();
|
257 |
+
$data['type'] = 'local';
|
258 |
+
|
259 |
+
if (! file_exists( $log_dir . $log ) ) {
|
260 |
+
$data['err_msg'] = __('The requested log does not exist.', 'ninjafirewall');
|
261 |
+
return $data;
|
262 |
+
}
|
263 |
+
|
264 |
+
$data['log'] = file( $log_dir . $log, FILE_SKIP_EMPTY_LINES );
|
265 |
+
|
266 |
+
if ( $data['log'] === false ) {
|
267 |
+
$data['err_msg'] = __('Unable to open the log for read operation.', 'ninjafirewall');
|
268 |
+
return $data;
|
269 |
+
}
|
270 |
+
if ( strpos( $data['log'][0], '<?php' ) !== FALSE ) {
|
271 |
+
unset( $data['log'][0] );
|
272 |
+
}
|
273 |
+
$data['lines'] = count( $data['log'] );
|
274 |
+
if ( $max_lines < $data['lines'] ) {
|
275 |
+
for ($i = 0; $i < ( $data['lines'] - $max_lines); ++$i ) {
|
276 |
+
unset( $data['log'][$i] ) ;
|
277 |
+
}
|
278 |
+
}
|
279 |
+
|
280 |
+
if ( $data['lines'] == 0 ) {
|
281 |
+
$data['err_msg'] = __('The selected log is empty.', 'ninjafirewall');
|
282 |
+
}
|
283 |
+
|
284 |
+
return $data;
|
285 |
+
|
286 |
+
}
|
287 |
+
|
288 |
+
/* ------------------------------------------------------------------ */
|
289 |
+
// EOF
|
lib/nf_sub_malwarescan.php
ADDED
@@ -0,0 +1,40 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+---------------------------------------------------------------------+
|
4 |
+
| NinjaFirewall (WP Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+---------------------------------------------------------------------+
|
8 |
+
| This program is free software: you can redistribute it and/or |
|
9 |
+
| modify it under the terms of the GNU General Public License as |
|
10 |
+
| published by the Free Software Foundation, either version 3 of |
|
11 |
+
| the License, or (at your option) any later version. |
|
12 |
+
| |
|
13 |
+
| This program is distributed in the hope that it will be useful, |
|
14 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
+
| GNU General Public License for more details. |
|
17 |
+
+---------------------------------------------------------------------+ i18n+ / sa
|
18 |
+
*/
|
19 |
+
|
20 |
+
if (! defined( 'NFW_ENGINE_VERSION' ) ) { die( 'Forbidden' ); }
|
21 |
+
|
22 |
+
?>
|
23 |
+
<div class="wrap">
|
24 |
+
<div style="width:33px;height:33px;background-image:url( <?php echo plugins_url() ?>/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
25 |
+
<h1><?php _e('Anti-Malware', 'ninjafirewall') ?></h1>
|
26 |
+
<div class="card">
|
27 |
+
<p><?php _e('Oops...! We have removed the "Anti-Malware" from NinjaFirewall. Instead, we have now a brand new and much better antivirus plugin:', 'ninjafirewall') ?></p>
|
28 |
+
<center><img src="<?php echo plugins_url() ?>/ninjafirewall/images/ninjascanner.png"></center>
|
29 |
+
<p><?php printf( __('It is awesome and includes many great features: <a href="%s">check it out!</a>', 'ninjafirewall'), 'https://blog.nintechnet.com/ninjascanner-powerful-antivirus-scanner-for-wordpress/' ) ?></p>
|
30 |
+
<p><a href="https://wordpress.org/plugins/ninjascanner/"><?php _e('Download it from wordpress.org!', 'ninjafirewall') ?></a></p>
|
31 |
+
<br /><hr /><br />
|
32 |
+
<p><?php _e('After installing NinjaScanner, click on "NinjaScanner > Settings > Advanced Users Settings" and enable the "Integrate NinjaScanner with NinjaFirewall" option. That will replace this page with NinjaScanner\'s own menu instead:', 'ninjafirewall') ?></p>
|
33 |
+
<br />
|
34 |
+
<center><img src="<?php echo plugins_url() ?>/ninjafirewall/images/ns_integration.png"></center>
|
35 |
+
<br />
|
36 |
+
</div>
|
37 |
+
</div>
|
38 |
+
<?php
|
39 |
+
/* ------------------------------------------------------------------ */
|
40 |
+
// EOF
|
lib/nf_sub_options.php
ADDED
@@ -0,0 +1,488 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+---------------------------------------------------------------------+
|
4 |
+
| NinjaFirewall (WP Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+---------------------------------------------------------------------+
|
8 |
+
| This program is free software: you can redistribute it and/or |
|
9 |
+
| modify it under the terms of the GNU General Public License as |
|
10 |
+
| published by the Free Software Foundation, either version 3 of |
|
11 |
+
| the License, or (at your option) any later version. |
|
12 |
+
| |
|
13 |
+
| This program is distributed in the hope that it will be useful, |
|
14 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
+
| GNU General Public License for more details. |
|
17 |
+
+---------------------------------------------------------------------+ i18n+ / sa
|
18 |
+
*/
|
19 |
+
|
20 |
+
if (! defined( 'NFW_ENGINE_VERSION' ) ) { die( 'Forbidden' ); }
|
21 |
+
|
22 |
+
// Block immediately if user is not allowed :
|
23 |
+
nf_not_allowed( 'block', __LINE__ );
|
24 |
+
|
25 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
26 |
+
|
27 |
+
echo '
|
28 |
+
<script>
|
29 |
+
function preview_msg() {
|
30 |
+
var t1 = document.option_form.elements[\'nfw_options[blocked_msg]\'].value.replace(\'%%REM_ADDRESS%%\',\'' . htmlspecialchars(NFW_REMOTE_ADDR) . '\');
|
31 |
+
var t2 = t1.replace(\'%%NUM_INCIDENT%%\',\'1234567\');
|
32 |
+
var t3 = t2.replace(\'%%NINJA_LOGO%%\',\'<img src="' . plugins_url() . '/ninjafirewall/images/ninjafirewall_75.png" width="75" height="75" title="NinjaFirewall">\');
|
33 |
+
var ns;
|
34 |
+
if ( t3.match(/<style/i) ) {
|
35 |
+
ns = "'. esc_js( __('CSS style sheets', 'ninjafirewall') ) .'";
|
36 |
+
}
|
37 |
+
if ( t3.match(/<script/i) ) {
|
38 |
+
ns = "'. esc_js( __('Javascript code', 'ninjafirewall') ) .'";
|
39 |
+
}
|
40 |
+
if ( ns ) {
|
41 |
+
alert("'. sprintf( esc_js( __('Your message seems to contain %s. For security reasons, it cannot be previewed from the admin dashboard.', 'ninjafirewall') ), '"+ ns +"'). '");
|
42 |
+
return false;
|
43 |
+
}
|
44 |
+
document.getElementById(\'out_msg\').innerHTML = t3;
|
45 |
+
jQuery("#td_msg").slideDown();
|
46 |
+
document.getElementById(\'btn_msg\').value = \'' . esc_js( __('Refresh preview', 'ninjafirewall') ) . '\';
|
47 |
+
}
|
48 |
+
function default_msg() {
|
49 |
+
document.option_form.elements[\'nfw_options[blocked_msg]\'].value = "' . preg_replace( '/[\r\n]/', '\n', NFW_DEFAULT_MSG) .'";
|
50 |
+
}
|
51 |
+
</script>
|
52 |
+
|
53 |
+
<div class="wrap">
|
54 |
+
<div style="width:33px;height:33px;background-image:url( ' . plugins_url() . '/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
55 |
+
<h1>' . __('Firewall Options', 'ninjafirewall') . '</h1>';
|
56 |
+
|
57 |
+
// Saved options ?
|
58 |
+
if ( isset( $_POST['nfw_options']) ) {
|
59 |
+
if ( empty($_POST['nfwnonce']) || ! wp_verify_nonce($_POST['nfwnonce'], 'options_save') ) {
|
60 |
+
wp_nonce_ays('options_save');
|
61 |
+
}
|
62 |
+
$res = nf_sub_options_save();
|
63 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
64 |
+
if ($res) {
|
65 |
+
echo '<div class="error notice is-dismissible"><p>' . $res . '.</p></div>';
|
66 |
+
} else {
|
67 |
+
echo '<div class="updated notice is-dismissible"><p>' . __('Your changes have been saved.', 'ninjafirewall') . '</p></div>';
|
68 |
+
}
|
69 |
+
}
|
70 |
+
|
71 |
+
?><br />
|
72 |
+
<form method="post" name="option_form" enctype="multipart/form-data">
|
73 |
+
<?php wp_nonce_field('options_save', 'nfwnonce', 0); ?>
|
74 |
+
<table class="form-table">
|
75 |
+
<tr>
|
76 |
+
<th scope="row"><?php _e('Firewall protection', 'ninjafirewall') ?></th>
|
77 |
+
<?php
|
78 |
+
// Enabled :
|
79 |
+
if (! empty( $nfw_options['enabled']) ) {
|
80 |
+
echo '
|
81 |
+
<td width="20" align="left"> </td>
|
82 |
+
<td align="left">
|
83 |
+
<select name="nfw_options[enabled]" style="width:200px">
|
84 |
+
<option value="1" selected>' . __('Enabled', 'ninjafirewall') . '</option>
|
85 |
+
<option value="0">' . __('Disabled', 'ninjafirewall') . '</option>
|
86 |
+
</select>';
|
87 |
+
// Disabled :
|
88 |
+
} else {
|
89 |
+
echo '
|
90 |
+
<td width="20" align="left"><img src="' . plugins_url() . '/ninjafirewall/images/icon_error_16.png" border="0" height="16" width="16"></td>
|
91 |
+
<td align="left">
|
92 |
+
<select name="nfw_options[enabled]" style="width:200px">
|
93 |
+
<option value="1">' . __('Enabled', 'ninjafirewall') . '</option>
|
94 |
+
<option value="0" selected>' . __('Disabled', 'ninjafirewall') . '</option>
|
95 |
+
</select> <span class="description"> ' . __('Warning: your site is not protected!', 'ninjafirewall') . '</span>';
|
96 |
+
}
|
97 |
+
echo '
|
98 |
+
</td>
|
99 |
+
</tr>
|
100 |
+
<tr>
|
101 |
+
<th scope="row">' . __('Debugging mode', 'ninjafirewall') . '</th>';
|
102 |
+
|
103 |
+
// Debugging enabled ?
|
104 |
+
if (! empty( $nfw_options['debug']) ) {
|
105 |
+
echo '<td width="20" align="left"><img src="' . plugins_url() . '/ninjafirewall/images/icon_error_16.png" border="0" height="16" width="16"></td>
|
106 |
+
<td align="left">
|
107 |
+
<select name="nfw_options[debug]" style="width:200px">
|
108 |
+
<option value="1" selected>' . __('Enabled', 'ninjafirewall') . '</option>
|
109 |
+
<option value="0">' . __('Disabled (default)', 'ninjafirewall') . '</option>
|
110 |
+
</select> <span class="description"> ' . __('Warning: your site is not protected!', 'ninjafirewall') . '</span>
|
111 |
+
</td>';
|
112 |
+
|
113 |
+
} else {
|
114 |
+
// Debugging disabled ?
|
115 |
+
echo '<td width="20"> </td>
|
116 |
+
<td align="left">
|
117 |
+
<select name="nfw_options[debug]" style="width:200px">
|
118 |
+
<option value="1">' . __('Enabled', 'ninjafirewall') . '</option>
|
119 |
+
<option value="0" selected>' . __('Disabled (default)', 'ninjafirewall') . '</option>
|
120 |
+
</select>
|
121 |
+
</td>';
|
122 |
+
}
|
123 |
+
|
124 |
+
// Get (if any) the HTTP error code to return :
|
125 |
+
if (! @preg_match( '/^(?:40[0346]|50[03])$/', $nfw_options['ret_code']) ) {
|
126 |
+
$nfw_options['ret_code'] = '403';
|
127 |
+
}
|
128 |
+
?>
|
129 |
+
</tr>
|
130 |
+
<tr>
|
131 |
+
<th scope="row"><?php _e('HTTP error code to return', 'ninjafirewall') ?></th>
|
132 |
+
<td width="20"> </td>
|
133 |
+
<td align="left">
|
134 |
+
<select name="nfw_options[ret_code]" style="width:200px">
|
135 |
+
<option value="400"<?php selected($nfw_options['ret_code'], 400) ?>><?php _e('400 Bad Request', 'ninjafirewall') ?></option>
|
136 |
+
<option value="403"<?php selected($nfw_options['ret_code'], 403) ?>><?php _e('403 Forbidden (default)', 'ninjafirewall') ?></option>
|
137 |
+
<option value="404"<?php selected($nfw_options['ret_code'], 404) ?>><?php _e('404 Not Found', 'ninjafirewall') ?></option>
|
138 |
+
<option value="406"<?php selected($nfw_options['ret_code'], 406) ?>><?php _e('406 Not Acceptable', 'ninjafirewall') ?></option>
|
139 |
+
<option value="500"<?php selected($nfw_options['ret_code'], 500) ?>><?php _e('500 Internal Server Error', 'ninjafirewall') ?></option>
|
140 |
+
<option value="503"<?php selected($nfw_options['ret_code'], 503) ?>><?php _e('503 Service Unavailable', 'ninjafirewall') ?></option>
|
141 |
+
</select>
|
142 |
+
</td>
|
143 |
+
</tr>
|
144 |
+
<?php
|
145 |
+
echo '
|
146 |
+
<tr>
|
147 |
+
<th scope="row">' . __('Blocked user message', 'ninjafirewall') . '</th>
|
148 |
+
<td width="20"> </td>
|
149 |
+
<td align="left">
|
150 |
+
<textarea name="nfw_options[blocked_msg]" class="small-text code" cols="60" rows="5" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false">';
|
151 |
+
|
152 |
+
if (! empty( $nfw_options['blocked_msg']) ) {
|
153 |
+
echo htmlentities(base64_decode($nfw_options['blocked_msg']));
|
154 |
+
} else {
|
155 |
+
echo NFW_DEFAULT_MSG;
|
156 |
+
}
|
157 |
+
?></textarea>
|
158 |
+
<p><input class="button-secondary" type="button" id="btn_msg" value="<?php _e('Preview message', 'ninjafirewall') ?>" onclick="javascript:preview_msg();" /> <input class="button-secondary" type="button" id="btn_msg" value="<?php _e('Default message', 'ninjafirewall') ?>" onclick="javascript:default_msg();" /></p>
|
159 |
+
</td>
|
160 |
+
</tr>
|
161 |
+
</table>
|
162 |
+
|
163 |
+
<div id="td_msg" style="display:none">
|
164 |
+
<table class="form-table" border="1">
|
165 |
+
<tr><td id="out_msg" style="border:1px solid #DFDFDF;background-color:#ffffff;" width="100%"></td></tr>
|
166 |
+
</table>
|
167 |
+
</div>
|
168 |
+
|
169 |
+
<table class="form-table">
|
170 |
+
<tr>
|
171 |
+
<th scope="row"><?php _e('Export configuration', 'ninjafirewall') ?></th>
|
172 |
+
<td width="20"> </td>
|
173 |
+
<td align="left"><input class="button-secondary" type="submit" name="nf_export" value="<?php _e('Download', 'ninjafirewall') ?>" /><br /><span class="description"><?php _e( 'File Check configuration will not be exported/imported.', 'ninjafirewall') ?></span></td>
|
174 |
+
</tr>
|
175 |
+
<tr>
|
176 |
+
<th scope="row"><?php _e('Import configuration', 'ninjafirewall') ?></th>
|
177 |
+
<td width="20"> </td>
|
178 |
+
<td align="left"><input type="file" name="nf_imp" /><br /><span class="description"><?php
|
179 |
+
printf( __( 'Imported configuration must match plugin version %s.', 'ninjafirewall'), NFW_ENGINE_VERSION);
|
180 |
+
echo '<br />'. __('It will override all your current firewall options and rules.', 'ninjafirewall')
|
181 |
+
?></span></td>
|
182 |
+
</tr>
|
183 |
+
</table>
|
184 |
+
|
185 |
+
<br />
|
186 |
+
<input class="button-primary" type="submit" name="Save" value="<?php _e('Save Firewall Options', 'ninjafirewall') ?>" />
|
187 |
+
</form>
|
188 |
+
</div>
|
189 |
+
|
190 |
+
<?php
|
191 |
+
return;
|
192 |
+
|
193 |
+
/* ------------------------------------------------------------------ */
|
194 |
+
|
195 |
+
function nf_sub_options_save() {
|
196 |
+
|
197 |
+
// Save options :
|
198 |
+
|
199 |
+
// Check if we are uploading/importing the configuration :
|
200 |
+
if (! empty($_FILES['nf_imp']['size']) ) {
|
201 |
+
return nf_sub_options_import();
|
202 |
+
}
|
203 |
+
|
204 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
205 |
+
|
206 |
+
if ( empty( $_POST['nfw_options']['enabled']) ) {
|
207 |
+
if (! empty($nfw_options['enabled']) ) {
|
208 |
+
// Alert the admin :
|
209 |
+
nf_sub_options_alert(1);
|
210 |
+
}
|
211 |
+
$nfw_options['enabled'] = 0;
|
212 |
+
|
213 |
+
// Disable cron jobs:
|
214 |
+
if ( wp_next_scheduled('nfscanevent') ) {
|
215 |
+
wp_clear_scheduled_hook('nfscanevent');
|
216 |
+
}
|
217 |
+
if ( wp_next_scheduled('nfsecupdates') ) {
|
218 |
+
wp_clear_scheduled_hook('nfsecupdates');
|
219 |
+
}
|
220 |
+
if ( wp_next_scheduled('nfdailyreport') ) {
|
221 |
+
wp_clear_scheduled_hook('nfdailyreport');
|
222 |
+
}
|
223 |
+
// Disable brute-force protection :
|
224 |
+
if ( file_exists( NFW_LOG_DIR . '/nfwlog/cache/bf_conf.php' ) ) {
|
225 |
+
rename(NFW_LOG_DIR . '/nfwlog/cache/bf_conf.php', NFW_LOG_DIR . '/nfwlog/cache/bf_conf_off.php');
|
226 |
+
}
|
227 |
+
|
228 |
+
} else {
|
229 |
+
$nfw_options['enabled'] = 1;
|
230 |
+
|
231 |
+
// Re-enable cron jobs, if needed :
|
232 |
+
if (! empty($nfw_options['sched_scan']) ) {
|
233 |
+
if ($nfw_options['sched_scan'] == 1) {
|
234 |
+
$schedtype = 'hourly';
|
235 |
+
} elseif ($nfw_options['sched_scan'] == 2) {
|
236 |
+
$schedtype = 'twicedaily';
|
237 |
+
} else {
|
238 |
+
$schedtype = 'daily';
|
239 |
+
}
|
240 |
+
if ( wp_next_scheduled('nfscanevent') ) {
|
241 |
+
wp_clear_scheduled_hook('nfscanevent');
|
242 |
+
}
|
243 |
+
wp_schedule_event( time() + 3600, $schedtype, 'nfscanevent');
|
244 |
+
}
|
245 |
+
if (! empty($nfw_options['enable_updates']) ) {
|
246 |
+
if ($nfw_options['sched_updates'] == 1) {
|
247 |
+
$schedtype = 'hourly';
|
248 |
+
} elseif ($nfw_options['sched_updates'] == 2) {
|
249 |
+
$schedtype = 'twicedaily';
|
250 |
+
} else {
|
251 |
+
$schedtype = 'daily';
|
252 |
+
}
|
253 |
+
if ( wp_next_scheduled('nfsecupdates') ) {
|
254 |
+
wp_clear_scheduled_hook('nfsecupdates');
|
255 |
+
}
|
256 |
+
wp_schedule_event( time() + 15, $schedtype, 'nfsecupdates');
|
257 |
+
}
|
258 |
+
// Re-enable daily report, if needed :
|
259 |
+
if (! empty($nfw_options['a_52']) ) {
|
260 |
+
if ( wp_next_scheduled('nfdailyreport') ) {
|
261 |
+
wp_clear_scheduled_hook('nfdailyreport');
|
262 |
+
}
|
263 |
+
nfw_get_blogtimezone();
|
264 |
+
wp_schedule_event( strtotime( date('Y-m-d 00:00:05', strtotime("+1 day")) ), 'daily', 'nfdailyreport');
|
265 |
+
}
|
266 |
+
// Reenable brute-force protection :
|
267 |
+
if ( file_exists( NFW_LOG_DIR . '/nfwlog/cache/bf_conf_off.php' ) ) {
|
268 |
+
rename(NFW_LOG_DIR . '/nfwlog/cache/bf_conf_off.php', NFW_LOG_DIR . '/nfwlog/cache/bf_conf.php');
|
269 |
+
}
|
270 |
+
}
|
271 |
+
|
272 |
+
if ( (isset( $_POST['nfw_options']['ret_code'])) &&
|
273 |
+
(preg_match( '/^(?:40[0346]|50[03])$/', $_POST['nfw_options']['ret_code'])) ) {
|
274 |
+
$nfw_options['ret_code'] = $_POST['nfw_options']['ret_code'];
|
275 |
+
} else {
|
276 |
+
$nfw_options['ret_code'] = '403';
|
277 |
+
}
|
278 |
+
|
279 |
+
if ( empty( $_POST['nfw_options']['blocked_msg']) ) {
|
280 |
+
$nfw_options['blocked_msg'] = base64_encode(NFW_DEFAULT_MSG);
|
281 |
+
} else {
|
282 |
+
$nfw_options['blocked_msg'] = base64_encode(stripslashes($_POST['nfw_options']['blocked_msg']));
|
283 |
+
}
|
284 |
+
|
285 |
+
if ( empty( $_POST['nfw_options']['debug']) ) {
|
286 |
+
$nfw_options['debug'] = 0;
|
287 |
+
} else {
|
288 |
+
if ( empty($nfw_options['debug']) ) {
|
289 |
+
// Alert the admin :
|
290 |
+
nf_sub_options_alert(2);
|
291 |
+
}
|
292 |
+
$nfw_options['debug'] = 1;
|
293 |
+
}
|
294 |
+
|
295 |
+
// Save them :
|
296 |
+
nfw_update_option( 'nfw_options', $nfw_options);
|
297 |
+
|
298 |
+
// Make sure the garbage collector cron job is scheduled:
|
299 |
+
if (! wp_next_scheduled( 'nfwgccron' ) ) {
|
300 |
+
wp_schedule_event( time() + 60, 'hourly', 'nfwgccron' );
|
301 |
+
}
|
302 |
+
|
303 |
+
}
|
304 |
+
/* ------------------------------------------------------------------ */
|
305 |
+
|
306 |
+
function nf_sub_options_import() {
|
307 |
+
|
308 |
+
// Import NF configuration from file :
|
309 |
+
|
310 |
+
$data = file_get_contents($_FILES['nf_imp']['tmp_name']);
|
311 |
+
$err_msg = __('Uploaded file is either corrupted or its format is not supported (#%s)', 'ninjafirewall');
|
312 |
+
if (! $data) {
|
313 |
+
return sprintf($err_msg, 1);
|
314 |
+
}
|
315 |
+
@list ($options, $rules, $bf) = @explode("\n:-:\n", $data . "\n:-:\n");
|
316 |
+
|
317 |
+
|
318 |
+
if ( preg_match( '/^\xef\xbb\xbf/', $options ) ) {
|
319 |
+
$options = preg_replace( '/^\xef\xbb\xbf/', '', $options );
|
320 |
+
}
|
321 |
+
|
322 |
+
if (! $options || ! $rules) {
|
323 |
+
return sprintf($err_msg, 2);
|
324 |
+
}
|
325 |
+
$nfw_options = @unserialize($options);
|
326 |
+
$nfw_rules = @unserialize($rules);
|
327 |
+
if (! empty($bf) ) {
|
328 |
+
$bf_conf = unserialize($bf);
|
329 |
+
}
|
330 |
+
|
331 |
+
if ( empty($nfw_options['engine_version']) ) {
|
332 |
+
return sprintf($err_msg, 3);
|
333 |
+
}
|
334 |
+
if ( $nfw_options['engine_version'] != NFW_ENGINE_VERSION ) {
|
335 |
+
return __('The imported file is not compatible with that version of NinjaFirewall', 'ninjafirewall');
|
336 |
+
}
|
337 |
+
|
338 |
+
// We cannot import WP+ config :
|
339 |
+
if ( isset($nfw_options['shmop']) ) {
|
340 |
+
return sprintf($err_msg, 4);
|
341 |
+
}
|
342 |
+
|
343 |
+
if ( empty($nfw_rules[1]) ) {
|
344 |
+
return sprintf($err_msg, 5);
|
345 |
+
}
|
346 |
+
|
347 |
+
// Fix paths and directories :
|
348 |
+
$nfw_options['logo'] = plugins_url() . '/ninjafirewall/images/ninjafirewall_75.png';
|
349 |
+
$nfw_options['wp_dir'] = '/wp-admin/(?:css|images|includes|js)/|' .
|
350 |
+
'/wp-includes/(?:(?:css|images|js(?!/tinymce/wp-tinymce\.php)|theme-compat)/|[^/]+\.php)|' .
|
351 |
+
'/'. basename(WP_CONTENT_DIR) .'/uploads/|/cache/';
|
352 |
+
// $nfw_options['alert_email'] = get_option('admin_email');
|
353 |
+
|
354 |
+
// Anti-Malware: if the path doest not exist on this server,
|
355 |
+
// set it to ABSPATH:
|
356 |
+
if (! is_dir( $nfw_options['malware_dir'] ) ) {
|
357 |
+
$nfw_options['malware_dir'] = rtrim( ABSPATH, '/\\ ' );
|
358 |
+
}
|
359 |
+
|
360 |
+
// We don't import the File Check 'snapshot directory' path:
|
361 |
+
$nfw_options['snapdir'] = '';
|
362 |
+
// We delete any File Check cron jobs :
|
363 |
+
if ( wp_next_scheduled('nfscanevent') ) {
|
364 |
+
wp_clear_scheduled_hook('nfscanevent');
|
365 |
+
}
|
366 |
+
|
367 |
+
// Re-enable auto updates, if needed :
|
368 |
+
if ( wp_next_scheduled('nfsecupdates') ) {
|
369 |
+
// Clear old one :
|
370 |
+
wp_clear_scheduled_hook('nfsecupdates');
|
371 |
+
}
|
372 |
+
if (! empty($nfw_options['enable_updates']) ) {
|
373 |
+
if ($nfw_options['sched_updates'] == 1) {
|
374 |
+
$schedtype = 'hourly';
|
375 |
+
} elseif ($nfw_options['sched_updates'] == 2) {
|
376 |
+
$schedtype = 'twicedaily';
|
377 |
+
} else {
|
378 |
+
$schedtype = 'daily';
|
379 |
+
}
|
380 |
+
wp_schedule_event( time() + 15, $schedtype, 'nfsecupdates');
|
381 |
+
}
|
382 |
+
// Re-enable daily report, if needed :
|
383 |
+
if ( wp_next_scheduled('nfdailyreport') ) {
|
384 |
+
// Clear old one :
|
385 |
+
wp_clear_scheduled_hook('nfdailyreport');
|
386 |
+
}
|
387 |
+
if (! empty($nfw_options['a_52']) ) {
|
388 |
+
nfw_get_blogtimezone();
|
389 |
+
wp_schedule_event( strtotime( date('Y-m-d 00:00:05', strtotime("+1 day")) ), 'daily', 'nfdailyreport');
|
390 |
+
}
|
391 |
+
|
392 |
+
// Re-enable the garbage collector, if needed:
|
393 |
+
if ( wp_next_scheduled('nfwgccron') ) {
|
394 |
+
// Clear old one:
|
395 |
+
wp_clear_scheduled_hook('nfwgccron');
|
396 |
+
}
|
397 |
+
wp_schedule_event( time() + 60, 'hourly', 'nfwgccron' );
|
398 |
+
|
399 |
+
// Check compatibility before importing HSTS headers configration
|
400 |
+
// or unset the option :
|
401 |
+
if (! function_exists('header_register_callback') || ! function_exists('headers_list') || ! function_exists('header_remove') ) {
|
402 |
+
if ( isset($nfw_options['response_headers']) ) {
|
403 |
+
unset($nfw_options['response_headers']);
|
404 |
+
}
|
405 |
+
}
|
406 |
+
|
407 |
+
// If brute force protection is enabled, we need to create a new config file :
|
408 |
+
$nfwbfd_log = NFW_LOG_DIR . '/nfwlog/cache/bf_conf.php';
|
409 |
+
if (! empty($bf_conf) ) {
|
410 |
+
$fh = fopen($nfwbfd_log, 'w');
|
411 |
+
fwrite($fh, $bf_conf);
|
412 |
+
fclose($fh);
|
413 |
+
} else {
|
414 |
+
// ...or delete the current one, if any :
|
415 |
+
if ( file_exists($nfwbfd_log) ) {
|
416 |
+
unlink($nfwbfd_log);
|
417 |
+
}
|
418 |
+
}
|
419 |
+
// Save options :
|
420 |
+
nfw_update_option( 'nfw_options', $nfw_options);
|
421 |
+
|
422 |
+
// Add the correct DOCUMENT_ROOT :
|
423 |
+
if ( strlen( $_SERVER['DOCUMENT_ROOT'] ) > 5 ) {
|
424 |
+
$nfw_rules[NFW_DOC_ROOT]['cha'][1]['wha'] = str_replace( '/', '/[./]*', $_SERVER['DOCUMENT_ROOT'] );
|
425 |
+
} elseif ( strlen( getenv( 'DOCUMENT_ROOT' ) ) > 5 ) {
|
426 |
+
$nfw_rules[NFW_DOC_ROOT]['cha'][1]['wha'] = str_replace( '/', '/[./]*', getenv( 'DOCUMENT_ROOT' ) );
|
427 |
+
} else {
|
428 |
+
$nfw_rules[NFW_DOC_ROOT]['ena'] = 0;
|
429 |
+
}
|
430 |
+
// Save rules :
|
431 |
+
nfw_update_option( 'nfw_rules', $nfw_rules);
|
432 |
+
|
433 |
+
// Alert the admin :
|
434 |
+
nf_sub_options_alert(3);
|
435 |
+
|
436 |
+
return;
|
437 |
+
}
|
438 |
+
|
439 |
+
/* ------------------------------------------------------------------ */
|
440 |
+
|
441 |
+
function nf_sub_options_alert( $what ) {
|
442 |
+
|
443 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
444 |
+
|
445 |
+
if ( ( is_multisite() ) && ( $nfw_options['alert_sa_only'] == 2 ) ) {
|
446 |
+
$recipient = get_option('admin_email');
|
447 |
+
} else {
|
448 |
+
$recipient = $nfw_options['alert_email'];
|
449 |
+
}
|
450 |
+
|
451 |
+
global $current_user;
|
452 |
+
$current_user = wp_get_current_user();
|
453 |
+
|
454 |
+
// Get timezone :
|
455 |
+
nfw_get_blogtimezone();
|
456 |
+
|
457 |
+
$subject = __('[NinjaFirewall] Alert: Firewall is disabled', 'ninjafirewall');
|
458 |
+
if ( is_multisite() ) {
|
459 |
+
$url = __('-Blog :', 'ninjafirewall') .' '. network_home_url('/') . "\n\n";
|
460 |
+
} else {
|
461 |
+
$url = __('-Blog :', 'ninjafirewall') .' '. home_url('/') . "\n\n";
|
462 |
+
}
|
463 |
+
// Disabled ?
|
464 |
+
if ($what == 1) {
|
465 |
+
$message = __('Someone disabled NinjaFirewall from your WordPress admin dashboard:', 'ninjafirewall') . "\n\n";
|
466 |
+
// Debugging mode :
|
467 |
+
} elseif ($what == 2) {
|
468 |
+
$message = __('NinjaFirewall is disabled because someone enabled debugging mode from your WordPress admin dashboard:', 'ninjafirewall') . "\n\n";
|
469 |
+
// Imported configuration ?
|
470 |
+
} elseif ($what == 3) {
|
471 |
+
$subject = __('[NinjaFirewall] Alert: Firewall override settings', 'ninjafirewall');
|
472 |
+
$message = __('Someone imported a new configuration which overrode the firewall settings:', 'ninjafirewall') . "\n\n";
|
473 |
+
} else {
|
474 |
+
// Should never reach this line!
|
475 |
+
return;
|
476 |
+
}
|
477 |
+
|
478 |
+
$message .= __('-User :', 'ninjafirewall') .' '. $current_user->user_login . ' (' . $current_user->roles[0] . ")\n" .
|
479 |
+
__('-IP :', 'ninjafirewall') .' '. NFW_REMOTE_ADDR . "\n" .
|
480 |
+
__('-Date :', 'ninjafirewall') .' '. ucfirst( date_i18n('F j, Y @ H:i:s O') ) ."\n" .
|
481 |
+
$url .
|
482 |
+
'NinjaFirewall (WP Edition) - https://nintechnet.com/' . "\n" .
|
483 |
+
__('Support forum:', 'ninjafirewall') . ' http://wordpress.org/support/plugin/ninjafirewall' . "\n";
|
484 |
+
wp_mail( $recipient, $subject, $message );
|
485 |
+
}
|
486 |
+
|
487 |
+
/* ------------------------------------------------------------------ */
|
488 |
+
// EOF
|
lib/nf_sub_statistics.php
ADDED
@@ -0,0 +1,198 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+---------------------------------------------------------------------+
|
4 |
+
| NinjaFirewall (WP Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+---------------------------------------------------------------------+
|
8 |
+
| This program is free software: you can redistribute it and/or |
|
9 |
+
| modify it under the terms of the GNU General Public License as |
|
10 |
+
| published by the Free Software Foundation, either version 3 of |
|
11 |
+
| the License, or (at your option) any later version. |
|
12 |
+
| |
|
13 |
+
| This program is distributed in the hope that it will be useful, |
|
14 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
+
| GNU General Public License for more details. |
|
17 |
+
+---------------------------------------------------------------------+ i18n+ / sa
|
18 |
+
*/
|
19 |
+
|
20 |
+
if (! defined( 'NFW_ENGINE_VERSION' ) ) { die( 'Forbidden' ); }
|
21 |
+
|
22 |
+
// Block immediately if user is not allowed :
|
23 |
+
nf_not_allowed( 'block', __LINE__ );
|
24 |
+
|
25 |
+
echo '
|
26 |
+
<div class="wrap">
|
27 |
+
<div style="width:33px;height:33px;background-image:url( ' . plugins_url() . '/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
28 |
+
<h1>' . __('Statistics', 'ninjafirewall') . '</h1>';
|
29 |
+
|
30 |
+
$critical = $high = $medium = $slow = $benchmark =
|
31 |
+
$tot_bench = $speed = $upload = $banned_ip = $xtr = 0;
|
32 |
+
$fast = 1000;
|
33 |
+
|
34 |
+
// Which monthly log should we read ?
|
35 |
+
if (! empty($_GET['xtr']) ) {
|
36 |
+
$xtr = $_GET['xtr'];
|
37 |
+
}
|
38 |
+
if ( empty($xtr) || ! preg_match('/^firewall_\d{4}-\d{2}\.php$/D', $xtr) ) {
|
39 |
+
$xtr = 'firewall_' . date('Y-m') . '.php';
|
40 |
+
}
|
41 |
+
$fw_log = NFW_LOG_DIR . '/nfwlog/' . $xtr;
|
42 |
+
|
43 |
+
if (! file_exists($fw_log) ) {
|
44 |
+
goto NO_STATS_FILE;
|
45 |
+
}
|
46 |
+
|
47 |
+
if ($fh = @fopen($fw_log, 'r') ) {
|
48 |
+
// Retrieve all lines :
|
49 |
+
while (! feof( $fh) ) {
|
50 |
+
$line = fgets( $fh);
|
51 |
+
if (preg_match( '/^\[.+?\]\s+\[(.+?)\]\s+(?:\[.+?\]\s+){3}\[(1|2|3|4|5|6)\]/', $line, $match) ) {
|
52 |
+
if ( $match[2] == 1) {
|
53 |
+
++$medium;
|
54 |
+
} elseif ( $match[2] == 2) {
|
55 |
+
++$high;
|
56 |
+
} elseif ( $match[2] == 3) {
|
57 |
+
++$critical;
|
58 |
+
} elseif ( $match[2] == 5) {
|
59 |
+
++$upload;
|
60 |
+
}
|
61 |
+
if ($match[1]) {
|
62 |
+
if ( $match[1] > $slow) {
|
63 |
+
$slow = $match[1];
|
64 |
+
}
|
65 |
+
if ( $match[1] < $fast) {
|
66 |
+
$fast = $match[1];
|
67 |
+
}
|
68 |
+
$speed += $match[1];
|
69 |
+
++$tot_bench;
|
70 |
+
}
|
71 |
+
}
|
72 |
+
}
|
73 |
+
fclose( $fh);
|
74 |
+
} else {
|
75 |
+
echo '<div class="error notice is-dismissible"><p>' . __('Cannot open logfile', 'ninjafirewall') . ' : <code>' . $fw_log . '</code></p></div></div>';
|
76 |
+
summary_stats_combo($xtr);
|
77 |
+
return;
|
78 |
+
}
|
79 |
+
|
80 |
+
NO_STATS_FILE:
|
81 |
+
|
82 |
+
$total = $critical + $high + $medium;
|
83 |
+
if ($total == 1) {$fast = $slow;}
|
84 |
+
|
85 |
+
if (! $total ) {
|
86 |
+
echo '<div class="notice-info notice is-dismissible"><p>' . __('You do not have any stats for the current month yet.', 'ninjafirewall') . '</p></div>';
|
87 |
+
$fast = 0;
|
88 |
+
} else {
|
89 |
+
$coef = 100 / $total;
|
90 |
+
$critical = round($critical * $coef, 2);
|
91 |
+
$high = round($high * $coef, 2);
|
92 |
+
$medium = round($medium * $coef, 2);
|
93 |
+
// Avoid divide error :
|
94 |
+
if ($tot_bench) {
|
95 |
+
$speed = round($speed / $tot_bench, 4);
|
96 |
+
} else {
|
97 |
+
$fast = 0;
|
98 |
+
}
|
99 |
+
}
|
100 |
+
// Prepare select box :
|
101 |
+
$ret = summary_stats_combo($xtr);
|
102 |
+
|
103 |
+
echo '
|
104 |
+
<script>
|
105 |
+
function stat_redir(where) {
|
106 |
+
if (where == "") { return false;}
|
107 |
+
document.location.href="?page=nfsubstat&xtr=" + where;
|
108 |
+
}
|
109 |
+
</script>
|
110 |
+
<table class="form-table">
|
111 |
+
<tr>
|
112 |
+
<th scope="row"><h3>' . __('Monthly stats', 'ninjafirewall') . '</h3></th>
|
113 |
+
<td align="left">' . $ret . '</td>
|
114 |
+
</tr>
|
115 |
+
<tr>
|
116 |
+
<th scope="row">' . __('Blocked hacking attempts', 'ninjafirewall') . '</th>
|
117 |
+
<td align="left">' . $total . '</td>
|
118 |
+
</tr>
|
119 |
+
<tr>
|
120 |
+
<th scope="row">' . __('Hacking attempts severity', 'ninjafirewall') . '</th>
|
121 |
+
<td align="left">
|
122 |
+
' . __('Critical', 'ninjafirewall') . ' : ' . $critical . '%<br />
|
123 |
+
<table bgcolor="#DFDFDF" border="0" cellpadding="0" cellspacing="0" height="14" width="250" align="left" style="height:14px;">
|
124 |
+
<tr>
|
125 |
+
<td width="' . round( $critical) . '%" background="' . plugins_url() . '/ninjafirewall/images/bar-critical.png" style="padding:0px"></td><td width="' . round(100 - $critical) . '%" style="padding:0px"></td>
|
126 |
+
</tr>
|
127 |
+
</table>
|
128 |
+
<br /><br />' . __('High', 'ninjafirewall') . ' : ' . $high . '%<br />
|
129 |
+
<table bgcolor="#DFDFDF" border="0" cellpadding="0" cellspacing="0" height="14" width="250" align="left" style="height:14px;">
|
130 |
+
<tr>
|
131 |
+
<td width="' . round( $high) . '%" background="' . plugins_url() . '/ninjafirewall/images/bar-high.png" style="padding:0px"></td><td width="' . round(100 - $high) . '%" style="padding:0px"></td>
|
132 |
+
</tr>
|
133 |
+
</table>
|
134 |
+
<br /><br />' . __('Medium', 'ninjafirewall') . ' : ' . $medium . '%<br />
|
135 |
+
<table bgcolor="#DFDFDF" border="0" cellpadding="0" cellspacing="0" height="14" width="250" align="left" style="height:14px;">
|
136 |
+
<tr>
|
137 |
+
<td width="' . round( $medium) . '%" background="' . plugins_url() . '/ninjafirewall/images/bar-medium.png" style="padding:0px;"></td><td width="' . round(100 - $medium) . '%" style="padding:0px;"></td>
|
138 |
+
</tr>
|
139 |
+
</table>
|
140 |
+
</td>
|
141 |
+
</tr>
|
142 |
+
<tr>
|
143 |
+
<th scope="row">' . __('Uploaded files', 'ninjafirewall') . '</th>
|
144 |
+
<td align="left">' . $upload . '</td>
|
145 |
+
</tr>
|
146 |
+
<tr><th scope="row"><h3>' . __('Benchmarks', 'ninjafirewall') . '</h3></th><td> </td><td> </td></tr>
|
147 |
+
<tr>
|
148 |
+
<th scope="row">' . __('Average time per request', 'ninjafirewall') . '</th>
|
149 |
+
<td align="left">' . $speed . 's</td>
|
150 |
+
</tr>
|
151 |
+
<tr>
|
152 |
+
<th scope="row">' . __('Fastest request', 'ninjafirewall') . '</th>
|
153 |
+
<td align="left">' . round( $fast, 4) . 's</td>
|
154 |
+
</tr>
|
155 |
+
<tr>
|
156 |
+
<th scope="row">' . __('Slowest request', 'ninjafirewall') . '</th>
|
157 |
+
<td align="left">' . round( $slow, 4) . 's</td>
|
158 |
+
</tr>
|
159 |
+
</table>
|
160 |
+
</div>';
|
161 |
+
|
162 |
+
/* ------------------------------------------------------------------ */
|
163 |
+
function summary_stats_combo( $xtr ) {
|
164 |
+
|
165 |
+
// Find all available logs :
|
166 |
+
$avail_logs = array();
|
167 |
+
if ( is_dir( NFW_LOG_DIR . '/nfwlog/' ) ) {
|
168 |
+
if ( $dh = opendir( NFW_LOG_DIR . '/nfwlog/' ) ) {
|
169 |
+
while ( ($file = readdir($dh) ) !== false ) {
|
170 |
+
if (preg_match( '/^(firewall_(\d{4})-(\d\d)\.php)$/', $file, $match ) ) {
|
171 |
+
$log_stat = stat( NFW_LOG_DIR . '/nfwlog/' . $file );
|
172 |
+
if ( $log_stat['size'] < 10 ) { continue; }
|
173 |
+
$month = ucfirst( date_i18n('F', mktime(0, 0, 0, $match[3], 1, 2000) ) );
|
174 |
+
$avail_logs[$match[1] ] = $month . ' ' . $match[2];
|
175 |
+
}
|
176 |
+
}
|
177 |
+
closedir($dh);
|
178 |
+
}
|
179 |
+
}
|
180 |
+
krsort($avail_logs);
|
181 |
+
|
182 |
+
$ret = '<form>
|
183 |
+
<select class="input" name="xtr" onChange="return stat_redir(this.value);">
|
184 |
+
<option value="">' . __('Select monthly stats to view...', 'ninjafirewall') . '</option>';
|
185 |
+
foreach ($avail_logs as $file => $text) {
|
186 |
+
$ret .= '<option value="' . $file . '"';
|
187 |
+
if ($file === $xtr ) {
|
188 |
+
$ret .= ' selected';
|
189 |
+
}
|
190 |
+
$ret .= '>' . $text . '</option>';
|
191 |
+
}
|
192 |
+
$ret .= '</select>
|
193 |
+
</form>';
|
194 |
+
return $ret;
|
195 |
+
}
|
196 |
+
|
197 |
+
/* ------------------------------------------------------------------ */
|
198 |
+
// EOF
|
lib/nf_sub_updates.php
ADDED
@@ -0,0 +1,556 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+---------------------------------------------------------------------+
|
4 |
+
| NinjaFirewall (WP Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+---------------------------------------------------------------------+
|
8 |
+
| This program is free software: you can redistribute it and/or |
|
9 |
+
| modify it under the terms of the GNU General Public License as |
|
10 |
+
| published by the Free Software Foundation, either version 3 of |
|
11 |
+
| the License, or (at your option) any later version. |
|
12 |
+
| |
|
13 |
+
| This program is distributed in the hope that it will be useful, |
|
14 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
+
| GNU General Public License for more details. |
|
17 |
+
+---------------------------------------------------------------------+ i18n+ / sa
|
18 |
+
*/
|
19 |
+
|
20 |
+
if (! defined( 'NFW_ENGINE_VERSION' ) ) { die( 'Forbidden' ); }
|
21 |
+
|
22 |
+
// If your server can't remotely connect to a SSL port, add this
|
23 |
+
// to your wp-config.php script: define('NFW_DONT_USE_SSL', 1);
|
24 |
+
if ( defined( 'NFW_DONT_USE_SSL' ) ) {
|
25 |
+
$proto = "http";
|
26 |
+
} else {
|
27 |
+
$proto = "https";
|
28 |
+
}
|
29 |
+
$update_log = NFW_LOG_DIR . '/nfwlog/updates.php';
|
30 |
+
|
31 |
+
// Check which rules should be returned:
|
32 |
+
if ( defined('NFW_WPWAF') ) {
|
33 |
+
$rules_type = 0;
|
34 |
+
} else {
|
35 |
+
$rules_type = 1;
|
36 |
+
}
|
37 |
+
|
38 |
+
$nfw_options = nfw_get_option('nfw_options');
|
39 |
+
|
40 |
+
if ( empty( $nfw_options['sched_updates'] ) || empty( $nfw_options['enable_updates'] ) ) {
|
41 |
+
$sched_updates = 0;
|
42 |
+
} else {
|
43 |
+
$sched_updates = (int) $nfw_options['sched_updates'];
|
44 |
+
}
|
45 |
+
|
46 |
+
if ( defined( 'NFUPDATESDO' ) && NFUPDATESDO == 2 ) {
|
47 |
+
// Installation:
|
48 |
+
$update_url = array(
|
49 |
+
$proto . '://plugins.svn.wordpress.org/ninjafirewall/trunk/updates/',
|
50 |
+
'version3.txt',
|
51 |
+
'rules3.txt'
|
52 |
+
);
|
53 |
+
} else {
|
54 |
+
// Scheduled updates:
|
55 |
+
$caching_id = sha1( home_url() );
|
56 |
+
$update_url = array(
|
57 |
+
$proto . '://updates.nintechnet.com/index.php',
|
58 |
+
"?version=3&cid={$caching_id}&edn=wp&rt={$rules_type}&su={$sched_updates}",
|
59 |
+
"?rules=3&cid={$caching_id}&edn=wp&rt={$rules_type}&su={$sched_updates}"
|
60 |
+
);
|
61 |
+
}
|
62 |
+
|
63 |
+
// Scheduled updates or NinjaFirewall installation:
|
64 |
+
if (defined('NFUPDATESDO') ) {
|
65 |
+
define('NFW_RULES', nf_sub_do_updates($update_url, $update_log, NFUPDATESDO));
|
66 |
+
return;
|
67 |
+
}
|
68 |
+
|
69 |
+
// Block immediately if user is not allowed :
|
70 |
+
nf_not_allowed( 'block', __LINE__ );
|
71 |
+
|
72 |
+
echo '<div class="wrap">
|
73 |
+
<div style="width:33px;height:33px;background-image:url( ' . plugins_url() . '/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
74 |
+
<h1>' . __('Updates', 'ninjafirewall') . '</h1>';
|
75 |
+
|
76 |
+
// We stop and warn the user if the firewall is disabled:
|
77 |
+
if (! defined('NF_DISABLED') ) {
|
78 |
+
is_nfw_enabled();
|
79 |
+
}
|
80 |
+
if (NF_DISABLED) {
|
81 |
+
echo '<div class="error notice is-dismissible"><p>' . __('Security rules cannot be updated when NinjaFirewall is disabled.', 'ninjafirewall') . '</p></div></div>';
|
82 |
+
return;
|
83 |
+
}
|
84 |
+
|
85 |
+
//Saved options ?
|
86 |
+
if (! empty($_POST['nfw_act']) ) {
|
87 |
+
if ( empty($_POST['nfwnonce']) || ! wp_verify_nonce($_POST['nfwnonce'], 'updates_save') ) {
|
88 |
+
wp_nonce_ays('updates_save');
|
89 |
+
}
|
90 |
+
// Check updates now :
|
91 |
+
if ($_POST['nfw_act'] == 3) {
|
92 |
+
if ( $res = nf_sub_do_updates($update_url, $update_log, 0) ) {
|
93 |
+
echo '<div class="updated notice is-dismissible"><p>' . __('Security rules have been updated.', 'ninjafirewall') . '</p></div>';
|
94 |
+
} else {
|
95 |
+
echo '<div class="updated notice is-dismissible"><p>' . __('No update available.', 'ninjafirewall') . '</p></div>';
|
96 |
+
}
|
97 |
+
// Enable flag to display log :
|
98 |
+
$tmp_showlog = 1;
|
99 |
+
} else {
|
100 |
+
if ($_POST['nfw_act'] == 1) {
|
101 |
+
nf_sub_updates_save();
|
102 |
+
} elseif ($_POST['nfw_act'] == 2) {
|
103 |
+
nf_sub_updates_clearlog($update_log);
|
104 |
+
}
|
105 |
+
echo '<div class="updated notice is-dismissible"><p>' . __('Your changes have been saved.', 'ninjafirewall') . '</p></div>';
|
106 |
+
}
|
107 |
+
// Reload options:
|
108 |
+
$nfw_options = nfw_get_option('nfw_options');
|
109 |
+
}
|
110 |
+
|
111 |
+
if ( empty($nfw_options['enable_updates']) ) {
|
112 |
+
$enable_updates = 0;
|
113 |
+
} else {
|
114 |
+
$enable_updates = 1;
|
115 |
+
}
|
116 |
+
if ( empty($nfw_options['sched_updates']) || ! preg_match('/^[2-3]$/', $nfw_options['sched_updates']) ) {
|
117 |
+
$sched_updates = 1;
|
118 |
+
} else {
|
119 |
+
$sched_updates = $nfw_options['sched_updates'];
|
120 |
+
}
|
121 |
+
if ( empty($nfw_options['notify_updates']) && isset($nfw_options['notify_updates']) ) {
|
122 |
+
$notify_updates = 0;
|
123 |
+
} else {
|
124 |
+
// Defaut if not set yet:
|
125 |
+
$notify_updates = 1;
|
126 |
+
}
|
127 |
+
?>
|
128 |
+
|
129 |
+
<script type="text/javascript">
|
130 |
+
function toogle_table(off) {
|
131 |
+
if ( off == 1 ) {
|
132 |
+
jQuery("#upd_table").slideDown();
|
133 |
+
} else if ( off == 2 ) {
|
134 |
+
jQuery("#upd_table").slideUp();
|
135 |
+
}
|
136 |
+
return;
|
137 |
+
}
|
138 |
+
</script>
|
139 |
+
<br />
|
140 |
+
<form method="post" name="fupdates">
|
141 |
+
<?php wp_nonce_field('updates_save', 'nfwnonce', 0); ?>
|
142 |
+
<table class="form-table">
|
143 |
+
<tr style="background-color:#F9F9F9;border: solid 1px #DFDFDF;">
|
144 |
+
<th scope="row"><?php _e('Automatically update NinjaFirewall security rules', 'ninjafirewall') ?></th>
|
145 |
+
<td align="left">
|
146 |
+
<label><input type="radio" name="enable_updates" value="1"<?php checked($enable_updates, 1) ?> onclick="toogle_table(1);"> <?php _e('Yes (default)', 'ninjafirewall') ?></label>
|
147 |
+
</td>
|
148 |
+
<td align="left">
|
149 |
+
<label><input type="radio" name="enable_updates" value="0"<?php checked($enable_updates, 0) ?> onclick="toogle_table(2);"> <?php _e('No', 'ninjafirewall') ?></label>
|
150 |
+
</td>
|
151 |
+
</tr>
|
152 |
+
</table>
|
153 |
+
|
154 |
+
<?php
|
155 |
+
// If WP cron is disabled, we simply warn the user :
|
156 |
+
if ( defined('DISABLE_WP_CRON') ) {
|
157 |
+
?>
|
158 |
+
<p><img src="<?php echo plugins_url() ?>/ninjafirewall/images/icon_warn_16.png" height="16" border="0" width="16"> <span class="description"><?php printf( __('It seems that %s is enabled. Ensure you have another way to run WP-Cron, otherwise NinjaFirewall automatic updates will not work.', 'ninjafirewall'), '<code>DISABLE_WP_CRON</code>' ) ?></span></p>
|
159 |
+
<?php
|
160 |
+
}
|
161 |
+
?>
|
162 |
+
<div id="upd_table"<?php echo $enable_updates == 1 ? '' : ' style="display:none"' ?>>
|
163 |
+
<table class="form-table">
|
164 |
+
<tr>
|
165 |
+
<th scope="row"><?php _e('Check for updates', 'ninjafirewall') ?></th>
|
166 |
+
<td align="left">
|
167 |
+
<p><label><input type="radio" name="sched_updates" value="1"<?php checked($sched_updates, 1) ?> /><?php _e('Hourly', 'ninjafirewall') ?></label></p>
|
168 |
+
<p><label><input type="radio" name="sched_updates" value="2"<?php checked($sched_updates, 2) ?> /><?php _e('Twicedaily', 'ninjafirewall') ?></label></p>
|
169 |
+
<p><label><input type="radio" name="sched_updates" value="3"<?php checked($sched_updates, 3) ?> /><?php _e('Daily', 'ninjafirewall') ?></label></p>
|
170 |
+
<?php
|
171 |
+
if ( $nextcron = wp_next_scheduled('nfsecupdates') ) {
|
172 |
+
$sched = new DateTime( date('M d, Y H:i:s', $nextcron) );
|
173 |
+
$now = new DateTime( date('M d, Y H:i:s', time() ) );
|
174 |
+
$diff = $now->diff($sched);
|
175 |
+
?>
|
176 |
+
<p><span class="description"><?php printf( __('Next scheduled update will start in approximately %s day, %s hour(s), %s minute(s) and %s seconds.', 'ninjafirewall'), $diff->format('%a') % 7, $diff->format('%h'), $diff->format('%i'), $diff->format('%s') ) ?></span></p>
|
177 |
+
<?php
|
178 |
+
// Ensure that the scheduled scan time is in the future,
|
179 |
+
// not in the past, otherwise send a warning because wp-cron
|
180 |
+
// is obviously not working as expected :
|
181 |
+
if ( $nextcron < time() ) {
|
182 |
+
?>
|
183 |
+
<p><img src="<?php echo plugins_url() ?>/ninjafirewall/images/icon_warn_16.png" height="16" border="0" width="16"> <span class="description"><?php _e('The next scheduled date is in the past! WordPress wp-cron may not be working or may have been disabled.', 'ninjafirewall'); ?></span>
|
184 |
+
<?php
|
185 |
+
}
|
186 |
+
}
|
187 |
+
?>
|
188 |
+
</td>
|
189 |
+
</tr>
|
190 |
+
<tr>
|
191 |
+
<th scope="row"><?php _e('Notification', 'ninjafirewall') ?></th>
|
192 |
+
<td align="left">
|
193 |
+
<p><label><input type="checkbox" name="notify_updates" value="1"<?php checked($notify_updates, 1) ?> /><?php _e('Send me a report by email when security rules have been updated.', 'ninjafirewall') ?></label></p>
|
194 |
+
<span class="description"><?php _e('Reports will be sent to the contact email address defined in the Event Notifications menu.', 'ninjafirewall') ?></span>
|
195 |
+
</td>
|
196 |
+
</tr>
|
197 |
+
</table>
|
198 |
+
</div>
|
199 |
+
|
200 |
+
<input type="hidden" name="nfw_act" value="1" />
|
201 |
+
<p><input type="submit" class="button-primary" value="<?php _e('Save Updates Options', 'ninjafirewall') ?>" /> <input type="submit" class="button-secondary" onClick="document.fupdates.nfw_act.value=3" value="<?php _e('Check For Updates Now!', 'ninjafirewall') ?>" /></p>
|
202 |
+
</form>
|
203 |
+
|
204 |
+
<?php
|
205 |
+
if (! empty($nfw_options['enable_updates']) || ! empty($tmp_showlog) ) {
|
206 |
+
$log_data = array();
|
207 |
+
if ( file_exists($update_log) ) {
|
208 |
+
$log_data = file($update_log);
|
209 |
+
} else {
|
210 |
+
$log_data[] = __('The updates log is currently empty.', 'ninjafirewall');
|
211 |
+
}
|
212 |
+
?>
|
213 |
+
<br />
|
214 |
+
<form method="post">
|
215 |
+
<?php wp_nonce_field('updates_save', 'nfwnonce', 0); ?>
|
216 |
+
<table class="form-table">
|
217 |
+
<tr>
|
218 |
+
<th scope="row"><?php _e('Updates Log', 'ninjafirewall') ?></th>
|
219 |
+
<td align="left">
|
220 |
+
<textarea class="small-text code" style="width:100%;height:150px;" wrap="off" autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false"><?php
|
221 |
+
$reversed = array_reverse($log_data);
|
222 |
+
foreach ($reversed as $key) {
|
223 |
+
echo htmlentities($key);
|
224 |
+
}?></textarea>
|
225 |
+
<p>
|
226 |
+
<?php
|
227 |
+
echo '<input type="submit" name="clear_updates_log" value="' . __('Delete Log', 'ninjafirewall') . '" class="button-secondary"';
|
228 |
+
if (file_exists($update_log) ) {
|
229 |
+
echo ' />';
|
230 |
+
} else {
|
231 |
+
echo ' disabled="disabled" />';
|
232 |
+
}
|
233 |
+
echo ' <span class="description">' . __('Log is flushed automatically.', 'ninjafirewall') . '</span>';
|
234 |
+
?>
|
235 |
+
</td>
|
236 |
+
</tr>
|
237 |
+
</table>
|
238 |
+
<input type="hidden" name="nfw_act" value="2" />
|
239 |
+
</form>
|
240 |
+
<?php
|
241 |
+
}
|
242 |
+
?>
|
243 |
+
</div>
|
244 |
+
<?php
|
245 |
+
|
246 |
+
/* ------------------------------------------------------------------ */
|
247 |
+
|
248 |
+
function nf_sub_updates_save() {
|
249 |
+
|
250 |
+
$nfw_options = nfw_get_option('nfw_options');
|
251 |
+
|
252 |
+
if ( empty($_POST['sched_updates']) || ! preg_match('/^[2-3]$/', $_POST['sched_updates']) ) {
|
253 |
+
$nfw_options['sched_updates'] = 1;
|
254 |
+
$schedtype = 'hourly';
|
255 |
+
} else {
|
256 |
+
$nfw_options['sched_updates'] = $_POST['sched_updates'];
|
257 |
+
if ($nfw_options['sched_updates'] == 2) {
|
258 |
+
$schedtype = 'twicedaily';
|
259 |
+
} else {
|
260 |
+
$schedtype = 'daily';
|
261 |
+
}
|
262 |
+
}
|
263 |
+
|
264 |
+
if ( empty($_POST['enable_updates']) ) {
|
265 |
+
$nfw_options['enable_updates'] = 0;
|
266 |
+
// Clear scheduled scan (if any) and its options :
|
267 |
+
if ( wp_next_scheduled('nfsecupdates') ) {
|
268 |
+
wp_clear_scheduled_hook('nfsecupdates');
|
269 |
+
}
|
270 |
+
} else {
|
271 |
+
$nfw_options['enable_updates'] = 1;
|
272 |
+
// Create a new scheduled scan :
|
273 |
+
if ( wp_next_scheduled('nfsecupdates') ) {
|
274 |
+
wp_clear_scheduled_hook('nfsecupdates');
|
275 |
+
}
|
276 |
+
// Start next cron in 15 seconds:
|
277 |
+
wp_schedule_event( time() + 15, $schedtype, 'nfsecupdates');
|
278 |
+
}
|
279 |
+
|
280 |
+
if ( empty($_POST['notify_updates']) ) {
|
281 |
+
$nfw_options['notify_updates'] = 0;
|
282 |
+
} else {
|
283 |
+
$nfw_options['notify_updates'] = 1;
|
284 |
+
}
|
285 |
+
|
286 |
+
nfw_update_option('nfw_options', $nfw_options);
|
287 |
+
|
288 |
+
}
|
289 |
+
|
290 |
+
/* ------------------------------------------------------------------ */
|
291 |
+
|
292 |
+
function nf_sub_updates_clearlog($update_log) {
|
293 |
+
|
294 |
+
if (file_exists($update_log) ) {
|
295 |
+
unlink($update_log);
|
296 |
+
}
|
297 |
+
|
298 |
+
}
|
299 |
+
|
300 |
+
/* ------------------------------------------------------------------ */
|
301 |
+
|
302 |
+
function nf_sub_do_updates($update_url, $update_log, $NFUPDATESDO = 1) {
|
303 |
+
|
304 |
+
// Are we installing NinjaFirewall ?
|
305 |
+
if ( $NFUPDATESDO == 2 ) {
|
306 |
+
return nf_sub_updates_download($update_url, $update_log, 0);
|
307 |
+
}
|
308 |
+
|
309 |
+
$nfw_options = nfw_get_option('nfw_options');
|
310 |
+
|
311 |
+
// Don't do anything if NinjaFirewall is disabled :
|
312 |
+
if ( empty( $nfw_options['enabled'] ) ) { return 0; }
|
313 |
+
|
314 |
+
if (! $new_rules_version = nf_sub_updates_getversion($update_url, $nfw_options['rules_version'], $update_log) ) {
|
315 |
+
// Error or nothing to update :
|
316 |
+
return;
|
317 |
+
}
|
318 |
+
|
319 |
+
// There is a new version, let's fetch it:
|
320 |
+
if (! $data = nf_sub_updates_download($update_url, $update_log, $new_rules_version) ) {
|
321 |
+
// Error :
|
322 |
+
return;
|
323 |
+
}
|
324 |
+
|
325 |
+
// Make sure we received the right format:
|
326 |
+
if (! preg_match('/^a:\d+:{i:\d/', $data ) ) {
|
327 |
+
nf_sub_updates_log(
|
328 |
+
$update_log,
|
329 |
+
__('Error: Wrong rules format.', 'ninjafirewall')
|
330 |
+
);
|
331 |
+
return 0;
|
332 |
+
}
|
333 |
+
|
334 |
+
// Unserialize the new rules :
|
335 |
+
if (! $new_rules = @unserialize($data) ) {
|
336 |
+
nf_sub_updates_log(
|
337 |
+
$update_log,
|
338 |
+
__('Error: Unable to unserialize the new rules.', 'ninjafirewall')
|
339 |
+
);
|
340 |
+
return 0;
|
341 |
+
}
|
342 |
+
// One more check...:
|
343 |
+
if (! is_array($new_rules) || empty($new_rules[1]['cha'][1]['whe']) ) {
|
344 |
+
nf_sub_updates_log(
|
345 |
+
$update_log,
|
346 |
+
__('Error: Unserialized rules seem corrupted.', 'ninjafirewall')
|
347 |
+
);
|
348 |
+
return 0;
|
349 |
+
}
|
350 |
+
|
351 |
+
$nfw_rules = nfw_get_option('nfw_rules');
|
352 |
+
|
353 |
+
foreach ( $new_rules as $new_key => $new_value ) {
|
354 |
+
foreach ( $new_value as $key => $value ) {
|
355 |
+
// If that rule exists already, we keep its 'ena' flag value
|
356 |
+
// as it may have been changed by the user with the rules editor:
|
357 |
+
// v3.x:
|
358 |
+
if ( ( isset( $nfw_rules[$new_key]['ena'] ) ) && ( $key == 'ena' ) ) {
|
359 |
+
$new_rules[$new_key]['ena'] = $nfw_rules[$new_key]['ena'];
|
360 |
+
}
|
361 |
+
// v1.x:
|
362 |
+
if ( ( isset( $nfw_rules[$new_key]['on'] ) ) && ( $key == 'ena' ) ) {
|
363 |
+
$new_rules[$new_key]['ena'] = $nfw_rules[$new_key]['on'];
|
364 |
+
}
|
365 |
+
}
|
366 |
+
}
|
367 |
+
// v1.x:
|
368 |
+
if ( isset( $nfw_rules[NFW_DOC_ROOT]['what'] ) ) {
|
369 |
+
$new_rules[NFW_DOC_ROOT]['cha'][1]['wha']= str_replace( '/', '/[./]*', $nfw_rules[NFW_DOC_ROOT]['what'] );
|
370 |
+
$new_rules[NFW_DOC_ROOT]['ena'] = $nfw_rules[NFW_DOC_ROOT]['on'];
|
371 |
+
// v3.x:
|
372 |
+
} else {
|
373 |
+
$new_rules[NFW_DOC_ROOT]['cha'][1]['wha']= $nfw_rules[NFW_DOC_ROOT]['cha'][1]['wha'];
|
374 |
+
$new_rules[NFW_DOC_ROOT]['ena'] = $nfw_rules[NFW_DOC_ROOT]['ena'];
|
375 |
+
}
|
376 |
+
|
377 |
+
// Update rules in the DB :
|
378 |
+
nfw_update_option('nfw_rules', $new_rules);
|
379 |
+
|
380 |
+
// Update rules version in the options table :
|
381 |
+
$nfw_options['rules_version'] = $new_rules_version;
|
382 |
+
nfw_update_option('nfw_options', $nfw_options);
|
383 |
+
|
384 |
+
nf_sub_updates_log(
|
385 |
+
$update_log,
|
386 |
+
sprintf( __('Security rules updated to version %s.', 'ninjafirewall'),
|
387 |
+
preg_replace('/(\d{4})(\d\d)(\d\d)/', '$1-$2-$3', $new_rules_version) )
|
388 |
+
);
|
389 |
+
|
390 |
+
// Email the admin ?
|
391 |
+
if (! empty($nfw_options['notify_updates']) ) {
|
392 |
+
nf_sub_updates_notification($new_rules_version);
|
393 |
+
}
|
394 |
+
return 1;
|
395 |
+
}
|
396 |
+
|
397 |
+
/* ------------------------------------------------------------------ */
|
398 |
+
|
399 |
+
function nf_sub_updates_getversion($update_url, $rules_version, $update_log) {
|
400 |
+
|
401 |
+
global $wp_version;
|
402 |
+
$res = wp_remote_get(
|
403 |
+
$update_url[0] . $update_url[1],
|
404 |
+
array(
|
405 |
+
'timeout' => 20,
|
406 |
+
'httpversion' => '1.1' ,
|
407 |
+
'user-agent' => 'Mozilla/5.0 (compatible; NinjaFirewall/'.
|
408 |
+
NFW_ENGINE_VERSION .'; WordPress/'. $wp_version . ')',
|
409 |
+
'sslverify' => true
|
410 |
+
)
|
411 |
+
);
|
412 |
+
if (! is_wp_error($res) ) {
|
413 |
+
if ( $res['response']['code'] == 200 ) {
|
414 |
+
// Get the rules version :
|
415 |
+
$new_version = explode('|', rtrim($res['body']), 2);
|
416 |
+
|
417 |
+
// Ensure that the rules are compatible :
|
418 |
+
if ( $new_version[0] != 3 ) {
|
419 |
+
// This version of NinjaFirewall may be too old :
|
420 |
+
nf_sub_updates_log(
|
421 |
+
$update_log,
|
422 |
+
__('Error: Your version of NinjaFirewall is too old and is not compatible with those rules. Please upgrade it.', 'ninjafirewall')
|
423 |
+
);
|
424 |
+
return 0;
|
425 |
+
}
|
426 |
+
|
427 |
+
if (! preg_match('/^\d{8}\.\d+$/', $new_version[1]) ) {
|
428 |
+
// Not what we were expecting:
|
429 |
+
nf_sub_updates_log(
|
430 |
+
$update_log,
|
431 |
+
__('Error: Unable to retrieve the new rules version.', 'ninjafirewall')
|
432 |
+
);
|
433 |
+
return 0;
|
434 |
+
}
|
435 |
+
// Compare versions:
|
436 |
+
if ( version_compare($rules_version, $new_version[1], '<') ) {
|
437 |
+
return $new_version[1];
|
438 |
+
|
439 |
+
} else {
|
440 |
+
nf_sub_updates_log(
|
441 |
+
$update_log,
|
442 |
+
__('No update available.', 'ninjafirewall')
|
443 |
+
);
|
444 |
+
}
|
445 |
+
// Not a 200 OK ret code :
|
446 |
+
} else {
|
447 |
+
nf_sub_updates_log(
|
448 |
+
$update_log,
|
449 |
+
sprintf( __('Error: Server returned a %s HTTP error code (#1).', 'ninjafirewall'), htmlspecialchars($res['response']['code']))
|
450 |
+
);
|
451 |
+
}
|
452 |
+
// Connection error :
|
453 |
+
} else {
|
454 |
+
nf_sub_updates_log(
|
455 |
+
$update_log,
|
456 |
+
__('Error: Unable to connect to the remote server', 'ninjafirewall') . htmlspecialchars(" ({$res->get_error_message()})")
|
457 |
+
);
|
458 |
+
}
|
459 |
+
return 0;
|
460 |
+
}
|
461 |
+
|
462 |
+
/* ------------------------------------------------------------------ */
|
463 |
+
|
464 |
+
function nf_sub_updates_download($update_url, $update_log, $new_rules_version) {
|
465 |
+
|
466 |
+
global $wp_version;
|
467 |
+
$res = wp_remote_get(
|
468 |
+
$update_url[0] . $update_url[2],
|
469 |
+
array(
|
470 |
+
'timeout' => 20,
|
471 |
+
'httpversion' => '1.1' ,
|
472 |
+
'user-agent' => 'Mozilla/5.0 (compatible; NinjaFirewall/'.
|
473 |
+
NFW_ENGINE_VERSION .'; WordPress/'. $wp_version . ')',
|
474 |
+
'sslverify' => true
|
475 |
+
)
|
476 |
+
);
|
477 |
+
if (! is_wp_error($res) ) {
|
478 |
+
if ( $res['response']['code'] == 200 ) {
|
479 |
+
$data = explode('|', rtrim($res['body']), 2);
|
480 |
+
|
481 |
+
// Rules version should match the one we just fetched
|
482 |
+
// unless we are intalling NinjaFirewall ($new_rules_version==0) :
|
483 |
+
if ( $new_rules_version & $new_rules_version != $data[0]) {
|
484 |
+
nf_sub_updates_log(
|
485 |
+
$update_log,
|
486 |
+
sprintf( __('Error: The new rules versions do not match (%s != %s).', 'nfwplus'), $new_rules_version, htmlspecialchars($data[0]))
|
487 |
+
);
|
488 |
+
return 0;
|
489 |
+
}
|
490 |
+
// Save new rules version for install/upgrade:
|
491 |
+
define('NFW_NEWRULES_VERSION', $data[0]);
|
492 |
+
// Return the rules:
|
493 |
+
return $data[1];
|
494 |
+
|
495 |
+
// Not a 200 OK ret code :
|
496 |
+
} else {
|
497 |
+
nf_sub_updates_log(
|
498 |
+
$update_log,
|
499 |
+
sprintf( __('Error: Server returned a %s HTTP error code (#2).', 'ninjafirewall'), htmlspecialchars($res['response']['code']))
|
500 |
+
);
|
501 |
+
}
|
502 |
+
// Connection error :
|
503 |
+
} else {
|
504 |
+
nf_sub_updates_log(
|
505 |
+
$update_log,
|
506 |
+
__('Error: Unable to connect to the remote server', 'ninjafirewall') . htmlspecialchars(" ({$res->get_error_message()})")
|
507 |
+
);
|
508 |
+
}
|
509 |
+
return 0;
|
510 |
+
}
|
511 |
+
|
512 |
+
/* ------------------------------------------------------------------ */
|
513 |
+
|
514 |
+
function nf_sub_updates_log($update_log, $msg) {
|
515 |
+
|
516 |
+
// If the log is bigger than 50Kb (+/- one month old), we flush it :
|
517 |
+
if ( file_exists($update_log) ) {
|
518 |
+
$log_stat = stat($update_log);
|
519 |
+
if ( $log_stat['size'] > 51200 ) {
|
520 |
+
@unlink($update_log);
|
521 |
+
}
|
522 |
+
}
|
523 |
+
@file_put_contents($update_log, date_i18n('[d/M/y:H:i:s O]') . " $msg\n", FILE_APPEND | LOCK_EX);
|
524 |
+
|
525 |
+
}
|
526 |
+
|
527 |
+
/* ------------------------------------------------------------------ */
|
528 |
+
|
529 |
+
function nf_sub_updates_notification($new_rules_version) {
|
530 |
+
|
531 |
+
$nfw_options = nfw_get_option('nfw_options');
|
532 |
+
|
533 |
+
if ( ( is_multisite() ) && ( $nfw_options['alert_sa_only'] == 2 ) ) {
|
534 |
+
$recipient = get_option('admin_email');
|
535 |
+
} else {
|
536 |
+
$recipient = $nfw_options['alert_email'];
|
537 |
+
}
|
538 |
+
|
539 |
+
$subject = __('[NinjaFirewall] Security rules update', 'ninjafirewall');
|
540 |
+
$msg = __('NinjaFirewall security rules have been updated:', 'ninjafirewall') . "\n\n";
|
541 |
+
if ( is_multisite() ) {
|
542 |
+
$msg .=__('Blog:', 'ninjafirewall') .' '. network_home_url('/') . "\n";
|
543 |
+
} else {
|
544 |
+
$msg .=__('Blog:', 'ninjafirewall') .' '. home_url('/') . "\n";
|
545 |
+
}
|
546 |
+
$msg .=__('Rules version:', 'ninjafirewall') .' '. preg_replace('/(\d{4})(\d\d)(\d\d)/', '$1-$2-$3', $new_rules_version) . "\n";
|
547 |
+
$msg .= sprintf( __('Date: %s', 'ninjafirewall'), ucfirst(date_i18n('M d, Y @ H:i:s O')) ) . "\n\n" .
|
548 |
+
__('This notification can be turned off from NinjaFirewall "Updates" page.', 'ninjafirewall') ."\n\n" .
|
549 |
+
'NinjaFirewall (WP Edition) - https://nintechnet.com/' . "\n" .
|
550 |
+
__('Support forum:', 'ninjafirewall') .' http://wordpress.org/support/plugin/ninjafirewall' . "\n";
|
551 |
+
wp_mail( $recipient, $subject, $msg );
|
552 |
+
|
553 |
+
}
|
554 |
+
|
555 |
+
/* ------------------------------------------------------------------ */
|
556 |
+
// EOF
|
lib/nf_sub_wplus.php
ADDED
@@ -0,0 +1,142 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+---------------------------------------------------------------------+
|
4 |
+
| NinjaFirewall (WP Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+---------------------------------------------------------------------+
|
8 |
+
| This program is free software: you can redistribute it and/or |
|
9 |
+
| modify it under the terms of the GNU General Public License as |
|
10 |
+
| published by the Free Software Foundation, either version 3 of |
|
11 |
+
| the License, or (at your option) any later version. |
|
12 |
+
| |
|
13 |
+
| This program is distributed in the hope that it will be useful, |
|
14 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
+
| GNU General Public License for more details. |
|
17 |
+
+---------------------------------------------------------------------+ i18n+ / sa
|
18 |
+
*/
|
19 |
+
|
20 |
+
if (! defined( 'NFW_ENGINE_VERSION' ) ) { die( 'Forbidden' ); }
|
21 |
+
|
22 |
+
// Block immediately if user is not allowed :
|
23 |
+
nf_not_allowed( 'block', __LINE__ );
|
24 |
+
|
25 |
+
?>
|
26 |
+
<div class="wrap">
|
27 |
+
<div style="width:33px;height:33px;background-image:url(<?php echo plugins_url() ?>/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;" title="NinTechNet"></div>
|
28 |
+
<h1><font color="#21759B">WP+</font> Edition</h1>
|
29 |
+
<br />
|
30 |
+
<table border="0" cellspacing="2" cellpadding="5" width="100%">
|
31 |
+
<tr>
|
32 |
+
<td>
|
33 |
+
<h2>
|
34 |
+
<b><?php _e('Need more security? Check out NinjaFirewall', 'ninjafirewall') ?> (<font color="#21759B">WP+</font> Edition).</b>
|
35 |
+
</h2>
|
36 |
+
NinjaFirewall (<font color="#21759B">WP+</font> Edition) <?php
|
37 |
+
// translators: [NinjaFirewall] is a supercharged Edition...
|
38 |
+
_e('is a supercharged Edition of our Web Application Firewall. It adds many new exciting features and blazing fast performances to make it the fastest and most advanced security plugin for WordPress.', 'ninjafirewall') ?>
|
39 |
+
</td>
|
40 |
+
</tr>
|
41 |
+
<tr>
|
42 |
+
<td>
|
43 |
+
<h3><?php _e('Access Control', 'ninjafirewall') ?></h3>
|
44 |
+
<p><?php _e('<b>Access Control</b> is a powerful set of directives that can be used to allow or restrict access to your blog, depending on the <strong>User Role</strong>, <strong>IP</strong>, <strong>Geolocation</strong>, <strong>Requested URL</strong>, <strong>User-agent</strong> and visitors behavior (<strong>Rate Limiting</strong>). Those directives will be processed before the Firewall Policies and NinjaFirewall\'s built-in security rules.', 'ninjafirewall') ?>
|
45 |
+
<p>
|
46 |
+
<?php _e('Its main configuration allows you to whitelist WordPress users depending on their roles, to select the source IP (useful if your site is using a CDN or behind a reverse-proxy/load balancer), and the HTTP methods all directives should apply to:', 'ninjafirewall') ?></p>
|
47 |
+
<center><img src="<?php echo plugins_url() ?>/ninjafirewall/images/screenshots/01_ac_main.png" width="490" height="504" style="border: 1px solid #999;-moz-box-shadow:-3px 5px 5px #999;-webkit-box-shadow:-3px 5px 5px #999;box-shadow:-3px 5px 5px #999;"></center>
|
48 |
+
|
49 |
+
<br />
|
50 |
+
|
51 |
+
<p><?php _e('<b>Access Control</b> can use geolocation to block visitors from specific countries. It can apply to the whole blog or only to specific folders or scripts (e.g., /wp-login.php, /xmlrpc.php etc). If you have a theme or a plugin that needs to know your visitors location, you can even ask NinjaFirewall to append the country code to the PHP headers:', 'ninjafirewall') ?></p>
|
52 |
+
<center><img src="<?php echo plugins_url() ?>/ninjafirewall/images/screenshots/02_ac_geoip.png" width="460" height="611" style="border: 1px solid #999;-moz-box-shadow:-3px 5px 5px #999;-webkit-box-shadow:-3px 5px 5px #999;box-shadow:-3px 5px 5px #999;"></center>
|
53 |
+
|
54 |
+
<br />
|
55 |
+
|
56 |
+
<p><?php _e('<b>Access Control</b> can be used to whitelist/blacklist an IP or any part of it. NinjaFirewall natively supports IPv4 and IPv6 protocols, for both public and private addresses:', 'ninjafirewall') ?></p>
|
57 |
+
<center><img src="<?php echo plugins_url() ?>/ninjafirewall/images/screenshots/03_ac_ip.png" width="471" height="374" style="border: 1px solid #999;-moz-box-shadow:-3px 5px 5px #999;-webkit-box-shadow:-3px 5px 5px #999;box-shadow:-3px 5px 5px #999;"></center>
|
58 |
+
|
59 |
+
<br />
|
60 |
+
|
61 |
+
<p><?php _e('<b>Access Control</b> can slow down aggressive bots, crawlers, web scrapers or even small HTTP attacks with its <strong>Rate-Limiting</strong> feature.', 'ninjafirewall') ?>
|
62 |
+
<br />
|
63 |
+
<?php _e('Because it can block attackers <strong>before WordPress and all its plugins are loaded</strong> and can handle thousands of HTTP requests per second, NinjaFirewall will save precious bandwidth and reduce your server load.', 'ninjafirewall') ?></p>
|
64 |
+
<center><img src="<?php echo plugins_url() ?>/ninjafirewall/images/screenshots/04_ac_limit.png" width="471" height="122" style="border: 1px solid #999;-moz-box-shadow:-3px 5px 5px #999;-webkit-box-shadow:-3px 5px 5px #999;box-shadow:-3px 5px 5px #999;"></center>
|
65 |
+
|
66 |
+
<br />
|
67 |
+
|
68 |
+
<p><?php _e('<b>URL Access Control</b> lets you permanently allow/block any access to one or more PHP scripts based on their path or name:', 'ninjafirewall') ?></p>
|
69 |
+
<center><img src="<?php echo plugins_url() ?>/ninjafirewall/images/screenshots/05_ac_url.png" width="467" height="367" style="border: 1px solid #999;-moz-box-shadow:-3px 5px 5px #999;-webkit-box-shadow:-3px 5px 5px #999;box-shadow:-3px 5px 5px #999;"></center>
|
70 |
+
|
71 |
+
<br />
|
72 |
+
|
73 |
+
<p><?php _e('<b>Bots Access Control</b> allows you block bots, scanners and various annoying crawlers:', 'ninjafirewall') ?></p>
|
74 |
+
<center><img src="<?php echo plugins_url() ?>/ninjafirewall/images/screenshots/06_ac_bots.png" width="471" height="263" style="border: 1px solid #999;-moz-box-shadow:-3px 5px 5px #999;-webkit-box-shadow:-3px 5px 5px #999;box-shadow:-3px 5px 5px #999;"></center>
|
75 |
+
|
76 |
+
<br />
|
77 |
+
|
78 |
+
<h3>Web Filter</h3>
|
79 |
+
<p><?php _e('If NinjaFirewall can hook and scan incoming requests, the <b><font color="#21759B">WP+</font> Edition</b> can also hook the response body (i.e., the output of the HTML page right before it is sent to your visitors browser) and search it for some specific keywords. Such a filter can be useful to detect hacking or malware patterns injected into your HTML page (text strings, spam links, malicious JavaScript code), hackers shell script, redirections and even errors (PHP/MySQL errors). Some suggested keywords as well as a default list are included.', 'ninjafirewall') ?>
|
80 |
+
<br />
|
81 |
+
<?php _e('In the case of a positive detection, NinjaFirewall will not block the response body but will send you an alert by email. It can even attach the whole HTML source of the page for your review:', 'ninjafirewall') ?></p>
|
82 |
+
<center><img src="<?php echo plugins_url() ?>/ninjafirewall/images/screenshots/07_webfilter.png" width="461" height="445" style="border: 1px solid #999;-moz-box-shadow:-3px 5px 5px #999;-webkit-box-shadow:-3px 5px 5px #999;box-shadow:-3px 5px 5px #999;"></center>
|
83 |
+
|
84 |
+
<br />
|
85 |
+
|
86 |
+
<h3><?php _e('Antispam', 'ninjafirewall') ?></h3>
|
87 |
+
<p><?php _e('NinjaFirewall (<font color="#21759B">WP+</font> Edition) can protect your blog comment and registration forms against spam. The protection is totally transparent to your visitors and does not require any interaction: no CAPTCHA, no math puzzles or trivia questions. Extremely easy to activate, but powerful enough to make spam bots life as miserable as possible:', 'ninjafirewall') ?></p>
|
88 |
+
<center><img src="<?php echo plugins_url() ?>/ninjafirewall/images/screenshots/08_antispam.png" width="490" height="323" style="border: 1px solid #999;-moz-box-shadow:-3px 5px 5px #999;-webkit-box-shadow:-3px 5px 5px #999;box-shadow:-3px 5px 5px #999;">
|
89 |
+
<br />
|
90 |
+
<p class="description"><?php _e('NinjaFirewall antispam feature works only with WordPress built-in comment and registration forms.', 'ninjafirewall') ?></p></center>
|
91 |
+
|
92 |
+
<br />
|
93 |
+
|
94 |
+
<h3><?php _e('Centralized Logging', 'ninjafirewall') ?></h3>
|
95 |
+
<p><?php printf( __('NinjaFirewall (<font color="#21759B">WP+</font> Edition) lets you remotely access the firewall log of all your NinjaFirewall protected websites from one single installation, using the <a href="%s">Centralized Logging</a> feature. You do not need any longer to log in to individual servers to analyse your log data.', 'ninjafirewall'), 'https://blog.nintechnet.com/centralized-logging-with-ninjafirewall/') ?>
|
96 |
+
<br />
|
97 |
+
<?php _e('There is no limit to the number of websites you can connect to, and they can be running any edition of NinjaFirewall: WP, <font color="#21759B">WP+</font>, Pro or <font color="red">Pro+</font>.', 'ninjafirewall') ?>
|
98 |
+
</p>
|
99 |
+
<center><img src="<?php echo plugins_url() ?>/ninjafirewall/images/screenshots/12_centlog.png" width="490" height="367" style="border: 1px solid #999;-moz-box-shadow:-3px 5px 5px #999;-webkit-box-shadow:-3px 5px 5px #999;box-shadow:-3px 5px 5px #999;"></center>
|
100 |
+
|
101 |
+
<br />
|
102 |
+
|
103 |
+
<h3><?php _e('Improved features', 'ninjafirewall') ?></h3>
|
104 |
+
<strong><?php _e('File uploads:', 'ninjafirewall') ?></strong>
|
105 |
+
<p><?php _e('NinjaFirewall (<font color="#21759B">WP+</font> Edition) makes it possible to allow uploads while rejecting potentially dangerous files: system files (.htaccess, .htpasswd. PHP INI), scripts (bash/shell, PHP, Ruby, Perl/CGI, Python), C/C++ source code and Unix/Linux binary files (ELF). You can easily limit the size of each uploaded file too, without having to modify your PHP configuration:', 'ninjafirewall') ?></p>
|
106 |
+
<center><img src="<?php echo plugins_url() ?>/ninjafirewall/images/screenshots/09_uploads.png" width="410" height="363" style="border: 1px solid #999;-moz-box-shadow:-3px 5px 5px #999;-webkit-box-shadow:-3px 5px 5px #999;box-shadow:-3px 5px 5px #999;"></center>
|
107 |
+
|
108 |
+
<br />
|
109 |
+
|
110 |
+
<p><strong><?php _e('Firewall Log:', 'ninjafirewall') ?></strong>
|
111 |
+
<br />
|
112 |
+
<?php _e('The log menu has been revamped too. You can disable the firewall log, delete the current one, enable its rotation based on the size of the file and, if any, view each rotated log separately. Quick filtering options are easily accessible from checkboxes and the log can be exported as a TSV (tab-separated values) text file.', 'ninjafirewall') ?><br />
|
113 |
+
<?php _e('It is also possible to redirect all incidents and events to the Syslog server:', 'ninjafirewall') ?> <a href="https://blog.nintechnet.com/syslog-logging-with-ninjafirewall/">Syslog logging with NinjaFirewall</a>.</p>
|
114 |
+
<center><img src="<?php echo plugins_url() ?>/ninjafirewall/images/screenshots/10_log.png" width="490" height="519" style="border: 1px solid #999;-moz-box-shadow:-3px 5px 5px #999;-webkit-box-shadow:-3px 5px 5px #999;box-shadow:-3px 5px 5px #999;"></center>
|
115 |
+
|
116 |
+
<br />
|
117 |
+
|
118 |
+
<p><strong><?php _e('Shared Memory use:', 'ninjafirewall') ?></strong>
|
119 |
+
<br />
|
120 |
+
<?php printf( __('Although NinjaFirewall is already <a href="%s">much faster than other WordPress plugins</a>, the <b><font color="#21759B">WP+</font> Edition</b> brings its performance to a whole new level by using Unix shared memory in order to speed things up even more.', 'ninjafirewall'), 'https://blog.nintechnet.com/wordpress-brute-force-attack-detection-plugins-comparison-2015/') ?> <?php _e('This allows easier and faster inter-process communication between the firewall and the plugin part of NinjaFirewall and, because its data and configuration are stored in shared memory segments, the firewall does not need to connect to the database any longer.', 'ninjafirewall') ?> <?php _e('This dramatically increases the processing speed (there is nothing faster than RAM), prevents blocking I/O and MySQL slow queries. On a very busy server like a multi-site network, the firewall processing speed will increase from 25% to 30%. It can be enabled from the "Firewall Options" menu:', 'ninjafirewall') ?></p>
|
121 |
+
|
122 |
+
<center><img src="<?php echo plugins_url() ?>/ninjafirewall/images/screenshots/11_shmop.png" width="490" height="306" style="border: 1px solid #999;-moz-box-shadow:-3px 5px 5px #999;-webkit-box-shadow:-3px 5px 5px #999;box-shadow:-3px 5px 5px #999;">
|
123 |
+
<br />
|
124 |
+
<span class="description"><?php _e('This feature requires that PHP was compiled with the <code>--enable-shmop</code> parameter.', 'ninjafirewall') ?></span>
|
125 |
+
</center>
|
126 |
+
|
127 |
+
</td>
|
128 |
+
</tr>
|
129 |
+
<tr>
|
130 |
+
<td> </td>
|
131 |
+
</tr>
|
132 |
+
<tr style="background-color:#F9F9F9;border: solid 1px #DFDFDF;">
|
133 |
+
<td style="text-align:center">
|
134 |
+
<h2><b><a href="https://nintechnet.com/"><?php _e('Learn more</a> about the <font color="#21759B">WP+</font> Edition unique features.', 'ninjafirewall') ?></b></h2>
|
135 |
+
<h2><b><a href="https://nintechnet.com/ninjafirewall/wp-edition/?comparison"><?php _e('Compare</a> the WP and <font color="#21759B">WP+</font> Editions.', 'ninjafirewall') ?></b></h2>
|
136 |
+
</td>
|
137 |
+
</tr>
|
138 |
+
</table>
|
139 |
+
</div>
|
140 |
+
<?php
|
141 |
+
/* ------------------------------------------------------------------ */
|
142 |
+
// EOF
|
lib/nfw_misc.php
ADDED
@@ -0,0 +1,536 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+---------------------------------------------------------------------+
|
4 |
+
| NinjaFirewall (WP Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+---------------------------------------------------------------------+
|
8 |
+
| This program is free software: you can redistribute it and/or |
|
9 |
+
| modify it under the terms of the GNU General Public License as |
|
10 |
+
| published by the Free Software Foundation, either version 3 of |
|
11 |
+
| the License, or (at your option) any later version. |
|
12 |
+
| |
|
13 |
+
| This program is distributed in the hope that it will be useful, |
|
14 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
+
| GNU General Public License for more details. |
|
17 |
+
+---------------------------------------------------------------------+ i18n+ / sa
|
18 |
+
*/
|
19 |
+
|
20 |
+
if (! defined( 'NFW_ENGINE_VERSION' ) ) { die( 'Forbidden' ); }
|
21 |
+
|
22 |
+
/* ------------------------------------------------------------------ */
|
23 |
+
|
24 |
+
function nfw_garbage_collector() {
|
25 |
+
|
26 |
+
// Clean/delete cache folder & temp files:
|
27 |
+
|
28 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
29 |
+
$path = NFW_LOG_DIR . '/nfwlog/cache/';
|
30 |
+
$now = time();
|
31 |
+
|
32 |
+
// Make sure the cache folder exists, i.e, we have been
|
33 |
+
// through the whole installation process:
|
34 |
+
if (! is_dir( $path ) ) {
|
35 |
+
return;
|
36 |
+
}
|
37 |
+
|
38 |
+
// Don't do anything if the cache folder
|
39 |
+
// was cleaned up less than 5 minutes ago:
|
40 |
+
$gc = $path . 'garbage_collector.php';
|
41 |
+
if ( file_exists( $gc ) ) {
|
42 |
+
$nfw_mtime = filemtime( $gc ) ;
|
43 |
+
if ( $now - $nfw_mtime < 300 ) {
|
44 |
+
return;
|
45 |
+
}
|
46 |
+
unlink( $gc );
|
47 |
+
}
|
48 |
+
touch( $gc );
|
49 |
+
|
50 |
+
// File Guard temp files:
|
51 |
+
$glob = glob( $path . "fg_*.php" );
|
52 |
+
if ( is_array( $glob ) ) {
|
53 |
+
foreach( $glob as $file ) {
|
54 |
+
$nfw_ctime = filectime( $file );
|
55 |
+
// Delete it, if it is too old :
|
56 |
+
if ( $now - $nfw_options['fg_mtime'] * 3660 > $nfw_ctime ) {
|
57 |
+
unlink( $file );
|
58 |
+
}
|
59 |
+
}
|
60 |
+
}
|
61 |
+
|
62 |
+
// Anti-Malware signatures: delete them if older than 1 hour:
|
63 |
+
$nfw_malsigs = NFW_LOG_DIR . '/nfwlog/cache/malscan.txt';
|
64 |
+
if ( file_exists( $nfw_malsigs ) ) {
|
65 |
+
if ( time() - filemtime( $nfw_malsigs ) > 3600 ) {
|
66 |
+
unlink( $nfw_malsigs );
|
67 |
+
}
|
68 |
+
}
|
69 |
+
|
70 |
+
// Live Log:
|
71 |
+
$nfw_livelogrun = $path . 'livelogrun.php';
|
72 |
+
if ( file_exists( $nfw_livelogrun ) ) {
|
73 |
+
$nfw_mtime = filemtime( $nfw_livelogrun );
|
74 |
+
// If the file was not accessed for more than 100s, we assume
|
75 |
+
// the admin has stopped using live log from WordPress
|
76 |
+
// dashboard (refresh rate is max 45 seconds):
|
77 |
+
if ( $now - $nfw_mtime > 100 ) {
|
78 |
+
unlink( $nfw_livelogrun );
|
79 |
+
}
|
80 |
+
}
|
81 |
+
// If the log was not modified for the past 10mn, we delete it as well:
|
82 |
+
$nfw_livelog = $path . 'livelog.php';
|
83 |
+
if ( file_exists( $nfw_livelog ) ) {
|
84 |
+
$nfw_mtime = filemtime( $nfw_livelog ) ;
|
85 |
+
if ( $now - $nfw_mtime > 600 ) {
|
86 |
+
unlink( $nfw_livelog );
|
87 |
+
}
|
88 |
+
}
|
89 |
+
}
|
90 |
+
|
91 |
+
/* ------------------------------------------------------------------ */
|
92 |
+
|
93 |
+
function nfw_select_ip() {
|
94 |
+
// Ensure we have a proper and single IP (a user may use the .htninja file
|
95 |
+
// to redirect HTTP_X_FORWARDED_FOR, which may contain more than one IP,
|
96 |
+
// to REMOTE_ADDR):
|
97 |
+
if (strpos($_SERVER['REMOTE_ADDR'], ',') !== false) {
|
98 |
+
$nfw_match = array_map('trim', @explode(',', $_SERVER['REMOTE_ADDR']));
|
99 |
+
foreach($nfw_match as $nfw_m) {
|
100 |
+
if ( filter_var($nfw_m, FILTER_VALIDATE_IP) ) {
|
101 |
+
define( 'NFW_REMOTE_ADDR', $nfw_m);
|
102 |
+
break;
|
103 |
+
}
|
104 |
+
}
|
105 |
+
}
|
106 |
+
if (! defined('NFW_REMOTE_ADDR') ) {
|
107 |
+
define('NFW_REMOTE_ADDR', htmlspecialchars($_SERVER['REMOTE_ADDR']) );
|
108 |
+
}
|
109 |
+
}
|
110 |
+
|
111 |
+
/* ------------------------------------------------------------------ */
|
112 |
+
|
113 |
+
function nfw_admin_notice(){
|
114 |
+
|
115 |
+
if (nf_not_allowed( 0, __LINE__ ) ) { return; }
|
116 |
+
|
117 |
+
if (! defined('NF_DISABLED') ) {
|
118 |
+
is_nfw_enabled();
|
119 |
+
}
|
120 |
+
|
121 |
+
if (! file_exists(NFW_LOG_DIR . '/nfwlog') ) {
|
122 |
+
@mkdir( NFW_LOG_DIR . '/nfwlog', 0755);
|
123 |
+
@touch( NFW_LOG_DIR . '/nfwlog/index.html' );
|
124 |
+
@file_put_contents(NFW_LOG_DIR . '/nfwlog/.htaccess', "Order Deny,Allow\nDeny from all", LOCK_EX);
|
125 |
+
if (! file_exists(NFW_LOG_DIR . '/nfwlog/cache') ) {
|
126 |
+
@mkdir( NFW_LOG_DIR . '/nfwlog/cache', 0755);
|
127 |
+
@touch( NFW_LOG_DIR . '/nfwlog/cache/index.html' );
|
128 |
+
@file_put_contents(NFW_LOG_DIR . '/nfwlog/cache/.htaccess', "Order Deny,Allow\nDeny from all", LOCK_EX);
|
129 |
+
}
|
130 |
+
}
|
131 |
+
if (! file_exists(NFW_LOG_DIR . '/nfwlog') ) {
|
132 |
+
echo '<div class="error notice is-dismissible"><p><strong>' . __('NinjaFirewall error', 'ninjafirewall') . ' :</strong> ' .
|
133 |
+
sprintf( __('%s directory cannot be created. Please review your installation and ensure that %s is writable.', 'ninjafirewall'), '<code>'. htmlspecialchars(NFW_LOG_DIR) .'/nfwlog/</code>', '<code>/wp-content/</code>') . '</p></div>';
|
134 |
+
}
|
135 |
+
if (! is_writable(NFW_LOG_DIR . '/nfwlog') ) {
|
136 |
+
echo '<div class="error notice is-dismissible"><p><strong>' . __('NinjaFirewall error', 'ninjafirewall') . ' :</strong> ' .
|
137 |
+
sprintf( __('%s directory is read-only. Please review your installation and ensure that %s is writable.', 'ninjafirewall'), '<code>'. htmlspecialchars(NFW_LOG_DIR) .'/nfwlog/</code>', '<code>/nfwlog/</code>') . '</p></div>';
|
138 |
+
}
|
139 |
+
|
140 |
+
if (! NF_DISABLED) {
|
141 |
+
return;
|
142 |
+
}
|
143 |
+
|
144 |
+
if (isset($_GET['page']) && preg_match('/^(?:NinjaFirewall|nfsubopt)$/', $_GET['page']) ) {
|
145 |
+
return;
|
146 |
+
}
|
147 |
+
|
148 |
+
$nfw_options = nfw_get_option('nfw_options');
|
149 |
+
if ( empty($nfw_options['ret_code']) && NF_DISABLED != 11 ) {
|
150 |
+
return;
|
151 |
+
}
|
152 |
+
|
153 |
+
if (! empty($GLOBALS['err_fw'][NF_DISABLED]) ) {
|
154 |
+
$msg = $GLOBALS['err_fw'][NF_DISABLED];
|
155 |
+
} else {
|
156 |
+
$msg = __('unknown error', 'ninjafirewall') . ' #' . NF_DISABLED;
|
157 |
+
}
|
158 |
+
echo '<div class="error notice is-dismissible"><p><strong>' . __('NinjaFirewall fatal error:', 'ninjafirewall') . '</strong> ' . $msg .
|
159 |
+
'. ' . __('Review your installation, your site is not protected.', 'ninjafirewall') . '</p></div>';
|
160 |
+
}
|
161 |
+
|
162 |
+
add_action('all_admin_notices', 'nfw_admin_notice');
|
163 |
+
|
164 |
+
/* ------------------------------------------------------------------ */
|
165 |
+
|
166 |
+
function nfw_query( $query ) { // i18n
|
167 |
+
|
168 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
169 |
+
if ( empty($nfw_options['enum_archives']) || empty($nfw_options['enabled']) || is_admin() ) {
|
170 |
+
return;
|
171 |
+
}
|
172 |
+
if ( $query->is_main_query() && $query->is_author() ) {
|
173 |
+
if ( $query->get('author_name') ) {
|
174 |
+
$tmp = 'author_name=' . $query->get('author_name');
|
175 |
+
} elseif ( $query->get('author') ) {
|
176 |
+
$tmp = 'author=' . $query->get('author');
|
177 |
+
} else {
|
178 |
+
$tmp = 'author';
|
179 |
+
}
|
180 |
+
@session_destroy();
|
181 |
+
$query->set('author_name', '0');
|
182 |
+
nfw_log2('User enumeration scan (author archives)', $tmp, 2, 0);
|
183 |
+
wp_redirect( home_url('/') );
|
184 |
+
exit;
|
185 |
+
}
|
186 |
+
}
|
187 |
+
|
188 |
+
if (! isset($_SESSION['nfw_goodguy']) ) {
|
189 |
+
add_action('pre_get_posts','nfw_query');
|
190 |
+
}
|
191 |
+
|
192 |
+
/* ------------------------------------------------------------------ */
|
193 |
+
|
194 |
+
// WP >= 4.7:
|
195 |
+
function nfwhook_rest_authentication_errors( $ret ) {
|
196 |
+
|
197 |
+
if (! defined('NF_DISABLED') ) {
|
198 |
+
is_nfw_enabled();
|
199 |
+
}
|
200 |
+
if ( NF_DISABLED ) { return $ret; }
|
201 |
+
|
202 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
203 |
+
|
204 |
+
if (! empty( $nfw_options['no_restapi']) && ! isset($_SESSION['nfw_goodguy']) ) {
|
205 |
+
nfw_log2( 'WordPress: Blocked access to the WP REST API', $_SERVER['REQUEST_URI'], 2, 0);
|
206 |
+
return new WP_Error( 'nfw_rest_api_access_restricted', __('Forbidden access', 'ninjafirewall'), array('status' => $nfw_options['ret_code']) );
|
207 |
+
}
|
208 |
+
|
209 |
+
return $ret;
|
210 |
+
}
|
211 |
+
add_filter( 'rest_authentication_errors', 'nfwhook_rest_authentication_errors' );
|
212 |
+
|
213 |
+
/* ------------------------------------------------------------------ */
|
214 |
+
|
215 |
+
function nfwhook_rest_request_before_callbacks( $res, $hnd, $req ) {
|
216 |
+
|
217 |
+
if (! defined('NF_DISABLED') ) {
|
218 |
+
is_nfw_enabled();
|
219 |
+
}
|
220 |
+
if ( NF_DISABLED ) { return $res; }
|
221 |
+
|
222 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
223 |
+
|
224 |
+
if (! empty( $nfw_options['enum_restapi']) && ! isset($_SESSION['nfw_goodguy']) ) {
|
225 |
+
|
226 |
+
if ( strpos( $req->get_route(), '/wp/v2/users' ) !== false && ! current_user_can('list_users') ) {
|
227 |
+
nfw_log2('User enumeration scan (WP REST API)', $_SERVER['REQUEST_URI'], 2, 0);
|
228 |
+
return new WP_Error('nfw_rest_api_access_restricted', __('Forbidden access', 'ninjafirewall'), array('status' => $nfw_options['ret_code']) );
|
229 |
+
}
|
230 |
+
}
|
231 |
+
return $res;
|
232 |
+
}
|
233 |
+
add_filter('rest_request_before_callbacks', 'nfwhook_rest_request_before_callbacks', 999, 3);
|
234 |
+
|
235 |
+
/* ------------------------------------------------------------------ */
|
236 |
+
|
237 |
+
function nfw_authenticate( $user ) { // i18n
|
238 |
+
|
239 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
240 |
+
|
241 |
+
if ( empty( $nfw_options['enum_login']) || empty($nfw_options['enabled']) ) {
|
242 |
+
return $user;
|
243 |
+
}
|
244 |
+
|
245 |
+
if ( is_wp_error( $user ) ) {
|
246 |
+
if ( preg_match( '/^(?:in(?:correct_password|valid_username)|authentication_failed)$/', $user->get_error_code() ) ) {
|
247 |
+
$user = new WP_Error( 'denied', sprintf( __( '<strong>ERROR</strong>: Invalid username or password.<br /><a href="%s">Lost your password</a>?', 'ninjafirewall' ), wp_lostpassword_url() ) );
|
248 |
+
add_filter('shake_error_codes', 'nfw_err_shake');
|
249 |
+
}
|
250 |
+
}
|
251 |
+
return $user;
|
252 |
+
}
|
253 |
+
|
254 |
+
add_filter( 'authenticate', 'nfw_authenticate', 90, 3 );
|
255 |
+
|
256 |
+
function nfw_err_shake( $shake_codes ) {
|
257 |
+
$shake_codes[] = 'denied';
|
258 |
+
return $shake_codes;
|
259 |
+
}
|
260 |
+
|
261 |
+
/* ------------------------------------------------------------------ */
|
262 |
+
|
263 |
+
function nf_check_dbdata() {
|
264 |
+
|
265 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
266 |
+
|
267 |
+
if ( empty( $nfw_options['enabled'] ) || empty($nfw_options['a_51']) ) { return; }
|
268 |
+
|
269 |
+
if ( is_multisite() ) {
|
270 |
+
global $current_blog;
|
271 |
+
$nfdbhash = NFW_LOG_DIR .'/nfwlog/cache/nfdbhash.'. $current_blog->site_id .'-'. $current_blog->blog_id .'.php';
|
272 |
+
} else {
|
273 |
+
global $blog_id;
|
274 |
+
$nfdbhash = NFW_LOG_DIR .'/nfwlog/cache/nfdbhash.'. $blog_id .'.php';
|
275 |
+
}
|
276 |
+
|
277 |
+
$adm_users = nf_get_dbdata();
|
278 |
+
if (! $adm_users) { return; }
|
279 |
+
|
280 |
+
if (! file_exists($nfdbhash) ) {
|
281 |
+
@file_put_contents( $nfdbhash, md5( serialize( $adm_users) ), LOCK_EX );
|
282 |
+
return;
|
283 |
+
}
|
284 |
+
|
285 |
+
$old_hash = trim (file_get_contents($nfdbhash) );
|
286 |
+
|
287 |
+
if ( $old_hash == md5( serialize($adm_users)) ) {
|
288 |
+
return;
|
289 |
+
} else {
|
290 |
+
$fstat = stat($nfdbhash);
|
291 |
+
if ( ( time() - $fstat['mtime']) < 60 ) {
|
292 |
+
return;
|
293 |
+
}
|
294 |
+
|
295 |
+
$tmp = @file_put_contents( $nfdbhash, md5( serialize( $adm_users) ), LOCK_EX );
|
296 |
+
if ( $tmp === FALSE ) {
|
297 |
+
return;
|
298 |
+
}
|
299 |
+
|
300 |
+
nfw_get_blogtimezone();
|
301 |
+
|
302 |
+
if ( ( is_multisite() ) && ( $nfw_options['alert_sa_only'] == 2 ) ) {
|
303 |
+
$recipient = get_option('admin_email');
|
304 |
+
} else {
|
305 |
+
$recipient = $nfw_options['alert_email'];
|
306 |
+
}
|
307 |
+
|
308 |
+
$subject = __('[NinjaFirewall] Alert: Database changes detected', 'ninjafirewall');
|
309 |
+
$message = __('NinjaFirewall has detected that one or more administrator accounts were modified in the database:', 'ninjafirewall') . "\n\n";
|
310 |
+
if ( is_multisite() ) {
|
311 |
+
$message.= __('Blog:', 'ninjafirewall') .' '. network_home_url('/') . "\n";
|
312 |
+
} else {
|
313 |
+
$message.= __('Blog:', 'ninjafirewall') .' '. home_url('/') . "\n";
|
314 |
+
}
|
315 |
+
$message.= __('User IP:', 'ninjafirewall') .' '. NFW_REMOTE_ADDR . "\n";
|
316 |
+
$message.= __('Date:', 'ninjafirewall') .' '. date_i18n('F j, Y @ H:i:s') . ' (UTC '. date('O') . ")\n\n";
|
317 |
+
$message.= sprintf(__('Total administrators : %s', 'ninjafirewall'), count($adm_users) ) . "\n\n";
|
318 |
+
foreach( $adm_users as $obj => $adm ) {
|
319 |
+
$message.= 'Admin ID : ' . $adm->ID . "\n";
|
320 |
+
$message.= '-user_login : ' . $adm->user_login . "\n";
|
321 |
+
$message.= '-user_nicename : ' . $adm->user_nicename . "\n";
|
322 |
+
$message.= '-user_email : ' . $adm->user_email . "\n";
|
323 |
+
$message.= '-user_registered : ' . $adm->user_registered . "\n";
|
324 |
+
$message.= '-display_name : ' . $adm->display_name . "\n\n";
|
325 |
+
}
|
326 |
+
$message.= "\n" . __('If you cannot see any modifications in the above fields, it is likely that the administrator password was changed.', 'ninjafirewall'). "\n\n";
|
327 |
+
$message.= 'NinjaFirewall (WP Edition) - https://nintechnet.com/' . "\n" .
|
328 |
+
'Support forum: http://wordpress.org/support/plugin/ninjafirewall' . "\n";
|
329 |
+
wp_mail( $recipient, $subject, $message );
|
330 |
+
|
331 |
+
if (! empty($nfw_options['a_41']) ) {
|
332 |
+
nfw_log2('Database changes detected', 'administrator account', 4, 0);
|
333 |
+
}
|
334 |
+
}
|
335 |
+
|
336 |
+
}
|
337 |
+
|
338 |
+
/* ------------------------------------------------------------------ */
|
339 |
+
|
340 |
+
function nf_get_dbdata() {
|
341 |
+
|
342 |
+
return get_users(
|
343 |
+
array( 'role' => 'administrator',
|
344 |
+
'fields' => array(
|
345 |
+
'ID', 'user_login', 'user_pass', 'user_nicename',
|
346 |
+
'user_email', 'user_registered', 'display_name'
|
347 |
+
)
|
348 |
+
)
|
349 |
+
);
|
350 |
+
|
351 |
+
}
|
352 |
+
|
353 |
+
/* ------------------------------------------------------------------ */
|
354 |
+
|
355 |
+
function nfw_get_option( $option ) {
|
356 |
+
|
357 |
+
if ( is_multisite() ) {
|
358 |
+
return get_site_option($option);
|
359 |
+
} else {
|
360 |
+
return get_option($option);
|
361 |
+
}
|
362 |
+
}
|
363 |
+
|
364 |
+
/* ------------------------------------------------------------------ */
|
365 |
+
|
366 |
+
function nfw_update_option( $option, $new_value ) {
|
367 |
+
|
368 |
+
update_option( $option, $new_value );
|
369 |
+
if ( is_multisite() ) {
|
370 |
+
update_site_option( $option, $new_value );
|
371 |
+
}
|
372 |
+
return;
|
373 |
+
}
|
374 |
+
|
375 |
+
/* ------------------------------------------------------------------ */
|
376 |
+
|
377 |
+
function nfw_delete_option( $option ) {
|
378 |
+
|
379 |
+
delete_option( $option );
|
380 |
+
if ( is_multisite() ) {
|
381 |
+
delete_site_option( $option );
|
382 |
+
}
|
383 |
+
return;
|
384 |
+
}
|
385 |
+
|
386 |
+
/* ------------------------------------------------------------------ */
|
387 |
+
|
388 |
+
function nfwhook_update_user_meta( $user_id, $meta_key, $meta_value, $prev_value ) {
|
389 |
+
|
390 |
+
nfwhook_user_meta( $meta_key, $meta_value, $prev_value );
|
391 |
+
|
392 |
+
}
|
393 |
+
add_filter('update_user_meta', 'nfwhook_update_user_meta', 1, 4);
|
394 |
+
|
395 |
+
/* ------------------------------------------------------------------ */
|
396 |
+
|
397 |
+
function nfwhook_add_user_meta( $user_id, $meta_key, $meta_value ) {
|
398 |
+
|
399 |
+
nfwhook_user_meta( $user_id, $meta_key, $meta_value );
|
400 |
+
|
401 |
+
}
|
402 |
+
add_filter('add_user_meta', 'nfwhook_add_user_meta', 1, 3);
|
403 |
+
|
404 |
+
/* ------------------------------------------------------------------ */
|
405 |
+
|
406 |
+
function nfwhook_user_meta( $id, $key, $value ) {
|
407 |
+
|
408 |
+
if (! defined('NF_DISABLED') ) {
|
409 |
+
is_nfw_enabled();
|
410 |
+
}
|
411 |
+
// Note: "NFW_DISABLE_PRVESC2" is the only way to disable this feature.
|
412 |
+
if ( NF_DISABLED || defined('NFW_DISABLE_PRVESC2') ) { return; }
|
413 |
+
|
414 |
+
global $wpdb;
|
415 |
+
|
416 |
+
if ( is_array( $key ) ) {
|
417 |
+
$key = serialize( $key );
|
418 |
+
}
|
419 |
+
if ( strpos( $key, "{$wpdb->base_prefix}capabilities") !== FALSE && ! current_user_can('edit_users') ) {
|
420 |
+
if ( is_array( $value ) ) {
|
421 |
+
$value = serialize( $value );
|
422 |
+
}
|
423 |
+
if ( strpos( $value, "administrator") === FALSE ) { return; }
|
424 |
+
$subject = __('Blocked privilege escalation attempt', 'ninjafirewall');
|
425 |
+
|
426 |
+
$user_info = get_userdata( $id );
|
427 |
+
if (! empty( $user_info->user_login ) ) {
|
428 |
+
nfw_log2( 'WordPress: ' . $subject, "Username: {$user_info->user_login}, ID: $id", 3, 0);
|
429 |
+
} else {
|
430 |
+
nfw_log2( 'WordPress: ' . $subject, "$key: $value", 3, 0);
|
431 |
+
}
|
432 |
+
|
433 |
+
@session_destroy();
|
434 |
+
|
435 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
436 |
+
|
437 |
+
// Alert the admin if needed:
|
438 |
+
if (! empty( $nfw_options['a_53'] ) ) {
|
439 |
+
|
440 |
+
nfw_get_blogtimezone();
|
441 |
+
|
442 |
+
if ( is_multisite() && $nfw_options['alert_sa_only'] == 2 ) {
|
443 |
+
$recipient = get_option('admin_email');
|
444 |
+
} else {
|
445 |
+
$recipient = $nfw_options['alert_email'];
|
446 |
+
}
|
447 |
+
$subject = '[NinjaFirewall] ' . $subject;
|
448 |
+
$message = __('NinjaFirewall has blocked an attempt to gain administrative privileges:', 'ninjafirewall') . "\n\n";
|
449 |
+
if ( is_multisite() ) {
|
450 |
+
$message.= __('Blog:', 'ninjafirewall') .' '. network_home_url('/') . "\n";
|
451 |
+
} else {
|
452 |
+
$message.= __('Blog:', 'ninjafirewall') .' '. home_url('/') . "\n";
|
453 |
+
}
|
454 |
+
$message.= __('Username:', 'ninjafirewall') .' '. $user_info->user_login . " (ID: $id)\n";
|
455 |
+
$message.= __('User IP:', 'ninjafirewall') .' '. NFW_REMOTE_ADDR . "\n";
|
456 |
+
$message.= 'SCRIPT_FILENAME: ' . $_SERVER['SCRIPT_FILENAME'] . "\n";
|
457 |
+
$message.= 'REQUEST_URI: ' . $_SERVER['REQUEST_URI'] . "\n";
|
458 |
+
$message.= __('Date:', 'ninjafirewall') .' '. date_i18n('F j, Y @ H:i:s') . ' (UTC '. date('O') . ")\n\n";
|
459 |
+
$message.= __('This notification can be turned off from NinjaFirewall "Event Notifications" page.', 'ninjafirewall') . "\n\n";
|
460 |
+
$message.= 'NinjaFirewall (WP Edition) - https://nintechnet.com/' . "\n" .
|
461 |
+
'Support forum: http://wordpress.org/support/plugin/ninjafirewall' . "\n";
|
462 |
+
wp_mail( $recipient, $subject, $message );
|
463 |
+
|
464 |
+
}
|
465 |
+
|
466 |
+
die("<script>if(document.body===null||document.body===undefined){document.write('NinjaFirewall: $subject.');}else{document.body.innerHTML='NinjaFirewall: $subject.';}</script><noscript>NinjaFirewallL $subject.</noscript>");
|
467 |
+
}
|
468 |
+
}
|
469 |
+
/* ------------------------------------------------------------------ */
|
470 |
+
|
471 |
+
function nfw_login_form_hook() {
|
472 |
+
|
473 |
+
if (! empty( $_SESSION['nfw_bfd'] ) ) {
|
474 |
+
echo '<p class="message">'. __('NinjaFirewall brute-force protection is enabled and you are temporarily whitelisted.', 'ninjafirewall' ) . '</p><br />';
|
475 |
+
}
|
476 |
+
}
|
477 |
+
add_filter( 'login_message', 'nfw_login_form_hook');
|
478 |
+
|
479 |
+
/* ------------------------------------------------------------------ */
|
480 |
+
|
481 |
+
function nfw_session_debug() {
|
482 |
+
|
483 |
+
// Make sure NinjaFirewall is running :
|
484 |
+
if (! defined('NF_DISABLED') ) {
|
485 |
+
is_nfw_enabled();
|
486 |
+
}
|
487 |
+
if ( NF_DISABLED ) { return; }
|
488 |
+
|
489 |
+
$show_session_icon = 0;
|
490 |
+
$current_user = wp_get_current_user();
|
491 |
+
// Check users first:
|
492 |
+
if ( defined( 'NFW_SESSION_DEBUG_USER' ) ) {
|
493 |
+
$users = explode( ',', NFW_SESSION_DEBUG_USER );
|
494 |
+
foreach ( $users as $user ) {
|
495 |
+
if ( trim( $user ) == $current_user->user_login ) {
|
496 |
+
$show_session_icon = 1;
|
497 |
+
break;
|
498 |
+
}
|
499 |
+
}
|
500 |
+
// Check capabilities:
|
501 |
+
} elseif ( defined( 'NFW_SESSION_DEBUG_CAPS' ) ) {
|
502 |
+
$caps = explode( ',', NFW_SESSION_DEBUG_CAPS );
|
503 |
+
foreach ( $caps as $cap ) {
|
504 |
+
if (! empty( $current_user->caps[ trim( $cap ) ] ) ) {
|
505 |
+
$show_session_icon = 1;
|
506 |
+
break;
|
507 |
+
}
|
508 |
+
}
|
509 |
+
}
|
510 |
+
|
511 |
+
if ( empty( $show_session_icon ) ) { return; }
|
512 |
+
|
513 |
+
// Check if the user whitelisted?
|
514 |
+
if ( empty( $_SESSION['nfw_goodguy'] ) ) {
|
515 |
+
// No:
|
516 |
+
$font = 'ff0000';
|
517 |
+
} else {
|
518 |
+
// Yes:
|
519 |
+
$font = '00ff00';
|
520 |
+
}
|
521 |
+
|
522 |
+
global $wp_admin_bar;
|
523 |
+
$wp_admin_bar->add_menu( array(
|
524 |
+
'id' => 'nfw_session_dbg',
|
525 |
+
'title' => "<font color='#{$font}'>NF</font>",
|
526 |
+
) );
|
527 |
+
|
528 |
+
}
|
529 |
+
|
530 |
+
// Check if the session debug option is enabled:
|
531 |
+
if ( defined( 'NFW_SESSION_DEBUG_USER' ) || defined( 'NFW_SESSION_DEBUG_CAPS' ) ) {
|
532 |
+
add_action( 'admin_bar_menu', 'nfw_session_debug', 500 );
|
533 |
+
}
|
534 |
+
|
535 |
+
/* ------------------------------------------------------------------ */
|
536 |
+
// EOF
|
lib/share/.htaccess
ADDED
@@ -0,0 +1,21 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
# Deny access to this directory
|
2 |
+
<Files "*">
|
3 |
+
<IfModule mod_version.c>
|
4 |
+
<IfVersion < 2.4>
|
5 |
+
Order Deny,Allow
|
6 |
+
Deny from All
|
7 |
+
</IfVersion>
|
8 |
+
<IfVersion >= 2.4>
|
9 |
+
Require all denied
|
10 |
+
</IfVersion>
|
11 |
+
</IfModule>
|
12 |
+
<IfModule !mod_version.c>
|
13 |
+
<IfModule !mod_authz_core.c>
|
14 |
+
Order Deny,Allow
|
15 |
+
Deny from All
|
16 |
+
</IfModule>
|
17 |
+
<IfModule mod_authz_core.c>
|
18 |
+
Require all denied
|
19 |
+
</IfModule>
|
20 |
+
</IfModule>
|
21 |
+
</Files>
|
lib/share/font.ttf
ADDED
Binary file
|
lib/share/index.html
ADDED
@@ -0,0 +1 @@
|
|
|
1 |
+
<html><head><meta http-equiv="refresh" content="0;URL=../../../../"></head></html>
|
lib/wp_ajax.php
ADDED
@@ -0,0 +1,58 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+---------------------------------------------------------------------+
|
4 |
+
| NinjaFirewall (WP Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+---------------------------------------------------------------------+
|
8 |
+
| This program is free software: you can redistribute it and/or |
|
9 |
+
| modify it under the terms of the GNU General Public License as |
|
10 |
+
| published by the Free Software Foundation, either version 3 of |
|
11 |
+
| the License, or (at your option) any later version. |
|
12 |
+
| |
|
13 |
+
| This program is distributed in the hope that it will be useful, |
|
14 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
+
| GNU General Public License for more details. |
|
17 |
+
+---------------------------------------------------------------------+ i18n+ / sa
|
18 |
+
*/
|
19 |
+
|
20 |
+
if (! defined( 'NFW_ENGINE_VERSION' ) ) { die( 'Forbidden' ); }
|
21 |
+
|
22 |
+
nf_not_allowed( 'block', __LINE__ );
|
23 |
+
|
24 |
+
@file_put_contents( NFW_LOG_DIR . '/nfwlog/cache/malscan.log', time() . ": [AX] Entering ajax callback\n" );
|
25 |
+
|
26 |
+
if ( check_ajax_referer( 'nfw_msajax_javascript', 'nfw_sc_nonce', false ) && ! empty( $_POST['sigs'] ) ){
|
27 |
+
$sigs = rtrim( $_POST['sigs'], ':' );
|
28 |
+
wp_schedule_single_event( time() - 10, 'nfmalwarescan', array( $sigs ) );
|
29 |
+
$doing_wp_cron = sprintf( '%.22F', microtime( true ) );
|
30 |
+
set_transient( 'doing_cron', $doing_wp_cron );
|
31 |
+
$cron_request = apply_filters( 'cron_request', array(
|
32 |
+
'url' => add_query_arg( 'doing_wp_cron', $doing_wp_cron, site_url( 'wp-cron.php' ) ),
|
33 |
+
'key' => $doing_wp_cron,
|
34 |
+
'args' => array(
|
35 |
+
//~ 'timeout' => 0.01,
|
36 |
+
'blocking' => false,
|
37 |
+
'sslverify' => apply_filters( 'https_local_ssl_verify', false )
|
38 |
+
)
|
39 |
+
), $doing_wp_cron );
|
40 |
+
|
41 |
+
@file_put_contents( NFW_LOG_DIR . '/nfwlog/cache/malscan.log', time() . ": [AX] POSTing request to " . site_url( 'wp-cron.php' ) . "\n", FILE_APPEND );
|
42 |
+
|
43 |
+
$res = wp_remote_post( $cron_request['url'], $cron_request['args'] );
|
44 |
+
|
45 |
+
if ( is_wp_error( $res ) ) {
|
46 |
+
@file_put_contents( NFW_LOG_DIR . '/nfwlog/cache/malscan.log', time() . ": [AX] ERROR: ". $res->get_error_message() . "\n", FILE_APPEND );
|
47 |
+
echo htmlspecialchars( $res->get_error_message() );
|
48 |
+
} else {
|
49 |
+
echo 'OK';
|
50 |
+
}
|
51 |
+
} else {
|
52 |
+
@file_put_contents( NFW_LOG_DIR . '/nfwlog/cache/malscan.log', time() . ": [AX] ERROR: security nonces do not match\n", FILE_APPEND );
|
53 |
+
// Nonces do not match:
|
54 |
+
echo '1';
|
55 |
+
}
|
56 |
+
wp_die();
|
57 |
+
/* ------------------------------------------------------------------ */
|
58 |
+
// EOF
|
ninjafirewall.php
ADDED
@@ -0,0 +1,3525 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
Plugin Name: NinjaFirewall (WP Edition)
|
4 |
+
Plugin URI: https://nintechnet.com/
|
5 |
+
Description: A true Web Application Firewall to protect and secure WordPress.
|
6 |
+
Version: 3.6
|
7 |
+
Author: The Ninja Technologies Network
|
8 |
+
Author URI: https://nintechnet.com/
|
9 |
+
License: GPLv3 or later
|
10 |
+
Network: true
|
11 |
+
Text Domain: ninjafirewall
|
12 |
+
Domain Path: /languages
|
13 |
+
*/
|
14 |
+
|
15 |
+
/*
|
16 |
+
+---------------------------------------------------------------------+
|
17 |
+
| NinjaFirewall (WP Edition) |
|
18 |
+
| |
|
19 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
20 |
+
+---------------------------------------------------------------------+
|
21 |
+
*/
|
22 |
+
define( 'NFW_ENGINE_VERSION', '3.6' );
|
23 |
+
/*
|
24 |
+
+---------------------------------------------------------------------+
|
25 |
+
| This program is free software: you can redistribute it and/or |
|
26 |
+
| modify it under the terms of the GNU General Public License as |
|
27 |
+
| published by the Free Software Foundation, either version 3 of |
|
28 |
+
| the License, or (at your option) any later version. |
|
29 |
+
| |
|
30 |
+
| This program is distributed in the hope that it will be useful, |
|
31 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
32 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
33 |
+
| GNU General Public License for more details. |
|
34 |
+
+---------------------------------------------------------------------+
|
35 |
+
*/
|
36 |
+
|
37 |
+
if (! defined( 'ABSPATH' ) ) { die( 'Forbidden' ); }
|
38 |
+
|
39 |
+
if (! headers_sent() ) {
|
40 |
+
if (version_compare(PHP_VERSION, '5.4', '<') ) {
|
41 |
+
if (! session_id() ) {
|
42 |
+
session_start();
|
43 |
+
$_SESSION['nfw_st'] = 1;
|
44 |
+
}
|
45 |
+
} else {
|
46 |
+
if (session_status() !== PHP_SESSION_ACTIVE) {
|
47 |
+
session_start();
|
48 |
+
$_SESSION['nfw_st'] = 2;
|
49 |
+
}
|
50 |
+
}
|
51 |
+
}
|
52 |
+
|
53 |
+
/* ------------------------------------------------------------------ */
|
54 |
+
global $wp_version;
|
55 |
+
if ( version_compare( $wp_version, '4.6', '<' ) ||
|
56 |
+
! file_exists( WP_CONTENT_DIR . '/languages/plugins/ninjafirewall-fr_FR.mo' ) ) {
|
57 |
+
add_action( 'init', 'nfw_load_translation' );
|
58 |
+
} else {
|
59 |
+
add_filter('override_load_textdomain', 'nfwhook_load_textdomain', 10, 3);
|
60 |
+
}
|
61 |
+
function nfw_load_translation() {
|
62 |
+
load_plugin_textdomain('ninjafirewall', FALSE, dirname(plugin_basename(__FILE__)).'/languages/');
|
63 |
+
}
|
64 |
+
function nfwhook_load_textdomain( $retval, $domain, $mofile ) {
|
65 |
+
if ( $domain == 'ninjafirewall' && strpos( $mofile, '/plugins/ninjafirewall-fr_FR.mo') !== false ) {
|
66 |
+
load_textdomain('ninjafirewall', __DIR__ . '/languages/ninjafirewall-fr_FR.mo');
|
67 |
+
return true;
|
68 |
+
}
|
69 |
+
return false;
|
70 |
+
}
|
71 |
+
/* ------------------------------------------------------------------ */
|
72 |
+
|
73 |
+
$null = __('A true Web Application Firewall to protect and secure WordPress.', 'ninjafirewall');
|
74 |
+
define('NFW_NULL_BYTE', 2);
|
75 |
+
define('NFW_SCAN_BOTS', 531);
|
76 |
+
define('NFW_ASCII_CTRL', 500);
|
77 |
+
define('NFW_DOC_ROOT', 510);
|
78 |
+
define('NFW_WRAPPERS', 520);
|
79 |
+
define('NFW_OBJECTS', 525);
|
80 |
+
define('NFW_LOOPBACK', 540);
|
81 |
+
$err_fw = array(
|
82 |
+
1 => __('Cannot find WordPress configuration file', 'ninjafirewall'),
|
83 |
+
2 => __('Cannot read WordPress configuration file', 'ninjafirewall'),
|
84 |
+
3 => __('Cannot retrieve WordPress database credentials', 'ninjafirewall'),
|
85 |
+
4 => __('Cannot connect to WordPress database', 'ninjafirewall'),
|
86 |
+
5 => __('Cannot retrieve user options from database (#2)', 'ninjafirewall'),
|
87 |
+
6 => __('Cannot retrieve user options from database (#3)', 'ninjafirewall'),
|
88 |
+
7 => __('Cannot retrieve user rules from database (#2)', 'ninjafirewall'),
|
89 |
+
8 => __('Cannot retrieve user rules from database (#3)', 'ninjafirewall'),
|
90 |
+
9 => __('The firewall has been disabled from the <a href="admin.php?page=nfsubopt">administration console</a>', 'ninjafirewall'),
|
91 |
+
10 => __('Unable to communicate with the firewall. Please check your settings', 'ninjafirewall'),
|
92 |
+
11 => __('Cannot retrieve user options from database (#1)', 'ninjafirewall'),
|
93 |
+
12 => __('Cannot retrieve user rules from database (#1)', 'ninjafirewall'),
|
94 |
+
13 => sprintf( __("The firewall cannot access its log and cache folders. If you changed the name of WordPress %s or %s folders, you must define NinjaFirewall's built-in %s constant (see %s for more info)", 'ninjafirewall'), '<code>/wp-content/</code>', '<code>/plugins/</code>', '<code>NFW_LOG_DIR</code>', "<a href='https://nintechnet.com/ninjafirewall/wp-edition/help/?htninja' target='_blank'>Path to NinjaFirewall's log and cache directory</a>"),
|
95 |
+
);
|
96 |
+
|
97 |
+
if (! defined('NFW_LOG_DIR') ) {
|
98 |
+
define('NFW_LOG_DIR', WP_CONTENT_DIR);
|
99 |
+
}
|
100 |
+
if (! empty($_SERVER['DOCUMENT_ROOT']) && $_SERVER['DOCUMENT_ROOT'] != '/' ) {
|
101 |
+
$_SERVER['DOCUMENT_ROOT'] = rtrim( $_SERVER['DOCUMENT_ROOT'] , '/' );
|
102 |
+
}
|
103 |
+
/* ------------------------------------------------------------------ */
|
104 |
+
|
105 |
+
require plugin_dir_path(__FILE__) . 'lib/nfw_misc.php';
|
106 |
+
|
107 |
+
if (! defined( 'NFW_REMOTE_ADDR') ) {
|
108 |
+
nfw_select_ip();
|
109 |
+
}
|
110 |
+
|
111 |
+
add_action( 'nfwgccron', 'nfw_garbage_collector' );
|
112 |
+
|
113 |
+
/* ------------------------------------------------------------------ */
|
114 |
+
|
115 |
+
function nfw_activate() {
|
116 |
+
|
117 |
+
nf_not_allowed( 'block', __LINE__ );
|
118 |
+
|
119 |
+
global $wp_version;
|
120 |
+
if ( version_compare( $wp_version, '3.3', '<' ) ) {
|
121 |
+
exit( sprintf( __('NinjaFirewall requires WordPress 3.3 or greater but your current version is %s.', 'ninjafirewall'), $wp_version) );
|
122 |
+
}
|
123 |
+
|
124 |
+
if ( version_compare( PHP_VERSION, '5.3.0', '<' ) ) {
|
125 |
+
exit( sprintf( __('NinjaFirewall requires PHP 5.3 or greater but your current version is %s.', 'ninjafirewall'), PHP_VERSION) );
|
126 |
+
}
|
127 |
+
|
128 |
+
if (! function_exists('mysqli_connect') ) {
|
129 |
+
exit( sprintf( __('NinjaFirewall requires the PHP %s extension.', 'ninjafirewall'), '<code>mysqli</code>') );
|
130 |
+
}
|
131 |
+
|
132 |
+
if ( ini_get( 'safe_mode' ) ) {
|
133 |
+
exit( __('You have SAFE_MODE enabled. Please disable it, it is deprecated as of PHP 5.3.0 (see http://php.net/safe-mode).', 'ninjafirewall'));
|
134 |
+
}
|
135 |
+
|
136 |
+
if ( ( is_multisite() ) && (! current_user_can( 'manage_network' ) ) ) {
|
137 |
+
exit( __('You are not allowed to activate NinjaFirewall.', 'ninjafirewall') );
|
138 |
+
}
|
139 |
+
|
140 |
+
if ( PATH_SEPARATOR == ';' ) {
|
141 |
+
exit( __('NinjaFirewall is not compatible with Microsoft Windows.', 'ninjafirewall') );
|
142 |
+
}
|
143 |
+
|
144 |
+
if ( $nfw_options = nfw_get_option( 'nfw_options' ) ) {
|
145 |
+
$nfw_options['enabled'] = 1;
|
146 |
+
nfw_update_option( 'nfw_options', $nfw_options);
|
147 |
+
|
148 |
+
if (! empty($nfw_options['sched_scan']) ) {
|
149 |
+
if ($nfw_options['sched_scan'] == 1) {
|
150 |
+
$schedtype = 'hourly';
|
151 |
+
} elseif ($nfw_options['sched_scan'] == 2) {
|
152 |
+
$schedtype = 'twicedaily';
|
153 |
+
} else {
|
154 |
+
$schedtype = 'daily';
|
155 |
+
}
|
156 |
+
if ( wp_next_scheduled('nfscanevent') ) {
|
157 |
+
wp_clear_scheduled_hook('nfscanevent');
|
158 |
+
}
|
159 |
+
wp_schedule_event( time() + 3600, $schedtype, 'nfscanevent');
|
160 |
+
}
|
161 |
+
if (! empty($nfw_options['enable_updates']) ) {
|
162 |
+
if ($nfw_options['sched_updates'] == 1) {
|
163 |
+
$schedtype = 'hourly';
|
164 |
+
} elseif ($nfw_options['sched_updates'] == 2) {
|
165 |
+
$schedtype = 'twicedaily';
|
166 |
+
} else {
|
167 |
+
$schedtype = 'daily';
|
168 |
+
}
|
169 |
+
if ( wp_next_scheduled('nfsecupdates') ) {
|
170 |
+
wp_clear_scheduled_hook('nfsecupdates');
|
171 |
+
}
|
172 |
+
wp_schedule_event( time() + 15, $schedtype, 'nfsecupdates');
|
173 |
+
}
|
174 |
+
if (! empty($nfw_options['a_52']) ) {
|
175 |
+
if ( wp_next_scheduled('nfdailyreport') ) {
|
176 |
+
wp_clear_scheduled_hook('nfdailyreport');
|
177 |
+
}
|
178 |
+
nfw_get_blogtimezone();
|
179 |
+
wp_schedule_event( strtotime( date('Y-m-d 00:00:05', strtotime("+1 day")) ), 'daily', 'nfdailyreport');
|
180 |
+
}
|
181 |
+
if ( file_exists( NFW_LOG_DIR . '/nfwlog/cache/bf_conf_off.php' ) ) {
|
182 |
+
rename(NFW_LOG_DIR . '/nfwlog/cache/bf_conf_off.php', NFW_LOG_DIR . '/nfwlog/cache/bf_conf.php');
|
183 |
+
}
|
184 |
+
|
185 |
+
if (! empty( $nfw_options['wl_admin']) ) {
|
186 |
+
$_SESSION['nfw_goodguy'] = true;
|
187 |
+
}
|
188 |
+
}
|
189 |
+
}
|
190 |
+
|
191 |
+
register_activation_hook( __FILE__, 'nfw_activate' );
|
192 |
+
|
193 |
+
/* ------------------------------------------------------------------ */
|
194 |
+
|
195 |
+
function nfw_deactivate() {
|
196 |
+
|
197 |
+
nf_not_allowed( 'block', __LINE__ );
|
198 |
+
|
199 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
200 |
+
$nfw_options['enabled'] = 0;
|
201 |
+
|
202 |
+
if ( wp_next_scheduled('nfscanevent') ) {
|
203 |
+
wp_clear_scheduled_hook('nfscanevent');
|
204 |
+
}
|
205 |
+
if ( wp_next_scheduled('nfsecupdates') ) {
|
206 |
+
wp_clear_scheduled_hook('nfsecupdates');
|
207 |
+
}
|
208 |
+
if ( wp_next_scheduled('nfdailyreport') ) {
|
209 |
+
wp_clear_scheduled_hook('nfdailyreport');
|
210 |
+
}
|
211 |
+
if ( file_exists( NFW_LOG_DIR . '/nfwlog/cache/bf_conf.php' ) ) {
|
212 |
+
rename(NFW_LOG_DIR . '/nfwlog/cache/bf_conf.php', NFW_LOG_DIR . '/nfwlog/cache/bf_conf_off.php');
|
213 |
+
}
|
214 |
+
|
215 |
+
nfw_update_option( 'nfw_options', $nfw_options);
|
216 |
+
|
217 |
+
}
|
218 |
+
|
219 |
+
register_deactivation_hook( __FILE__, 'nfw_deactivate' );
|
220 |
+
|
221 |
+
/* ------------------------------------------------------------------ */
|
222 |
+
|
223 |
+
function nfw_upgrade() {
|
224 |
+
|
225 |
+
if ( nf_not_allowed(0, __LINE__) ) { return; }
|
226 |
+
|
227 |
+
$is_update = 0;
|
228 |
+
|
229 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
230 |
+
$nfw_rules = nfw_get_option( 'nfw_rules' );
|
231 |
+
|
232 |
+
// Only used for multisite installs running NF < 3.2.2:
|
233 |
+
if ( empty($nfw_options['engine_version']) ) {
|
234 |
+
$nfw_options = get_option( 'nfw_options' );
|
235 |
+
$nfw_rules = get_option( 'nfw_rules' );
|
236 |
+
}
|
237 |
+
|
238 |
+
if ( isset($_POST['nf_export']) ) {
|
239 |
+
if ( empty($_POST['nfwnonce']) || ! wp_verify_nonce($_POST['nfwnonce'], 'options_save') ) {
|
240 |
+
wp_nonce_ays('options_save');
|
241 |
+
}
|
242 |
+
$nfwbfd_log = NFW_LOG_DIR . '/nfwlog/cache/bf_conf.php';
|
243 |
+
if ( file_exists($nfwbfd_log) ) {
|
244 |
+
$bd_data = serialize( file_get_contents($nfwbfd_log) );
|
245 |
+
} else {
|
246 |
+
$bd_data = '';
|
247 |
+
}
|
248 |
+
$data = serialize($nfw_options) . "\n:-:\n" . serialize($nfw_rules) . "\n:-:\n" . $bd_data;
|
249 |
+
header('Content-Type: text/plain');
|
250 |
+
header('Content-Length: '. strlen( $data ) );
|
251 |
+
header('Content-Disposition: attachment; filename="nfwp.' . NFW_ENGINE_VERSION . '.dat"');
|
252 |
+
echo $data;
|
253 |
+
exit;
|
254 |
+
}
|
255 |
+
|
256 |
+
if ( isset($_POST['dlmods']) ) {
|
257 |
+
if ( empty($_POST['nfwnonce']) || ! wp_verify_nonce($_POST['nfwnonce'], 'filecheck_save') ) {
|
258 |
+
wp_nonce_ays('filecheck_save');
|
259 |
+
}
|
260 |
+
if (file_exists(NFW_LOG_DIR . '/nfwlog/cache/nfilecheck_diff.php') ) {
|
261 |
+
$download_file = NFW_LOG_DIR . '/nfwlog/cache/nfilecheck_diff.php';
|
262 |
+
} elseif (file_exists(NFW_LOG_DIR . '/nfwlog/cache/nfilecheck_diff.php.php') ) {
|
263 |
+
$download_file = NFW_LOG_DIR . '/nfwlog/cache/nfilecheck_diff.php.php';
|
264 |
+
} else {
|
265 |
+
wp_nonce_ays('filecheck_save');
|
266 |
+
}
|
267 |
+
$stat = stat($download_file);
|
268 |
+
$data = '== NinjaFirewall File Check (diff)'. "\n";
|
269 |
+
$data.= '== ' . site_url() . "\n";
|
270 |
+
$data.= '== ' . date_i18n('M d, Y @ H:i:s O', $stat['ctime']) . "\n\n";
|
271 |
+
$data.= '[+] = ' . __('New file', 'ninjafirewall') .
|
272 |
+
' [-] = ' . __('Deleted file', 'ninjafirewall') .
|
273 |
+
' [!] = ' . __('Modified file', 'ninjafirewall') .
|
274 |
+
"\n\n";
|
275 |
+
$fh = fopen($download_file, 'r');
|
276 |
+
while (! feof($fh) ) {
|
277 |
+
$res = explode('::', fgets($fh) );
|
278 |
+
if ( empty($res[1]) ) { continue; }
|
279 |
+
if ($res[1] == 'N') {
|
280 |
+
$data .= '[+] ' . $res[0] . "\n";
|
281 |
+
} elseif ($res[1] == 'D') {
|
282 |
+
$data .= '[-] ' . $res[0] . "\n";
|
283 |
+
} elseif ($res[1] == 'M') {
|
284 |
+
$data .= '[!] ' . $res[0] . "\n";
|
285 |
+
}
|
286 |
+
}
|
287 |
+
fclose($fh);
|
288 |
+
$data .= "\n== EOF\n";
|
289 |
+
|
290 |
+
header('Content-Type: text/plain');
|
291 |
+
header('Content-Length: '. strlen( $data ) );
|
292 |
+
header('Content-Disposition: attachment; filename="'. $_SERVER['SERVER_NAME'] .'_diff.txt"');
|
293 |
+
echo $data;
|
294 |
+
exit;
|
295 |
+
}
|
296 |
+
|
297 |
+
if ( isset($_POST['dlsnap']) ) {
|
298 |
+
if ( empty($_POST['nfwnonce']) || ! wp_verify_nonce($_POST['nfwnonce'], 'filecheck_save') ) {
|
299 |
+
wp_nonce_ays('filecheck_save');
|
300 |
+
}
|
301 |
+
if (file_exists(NFW_LOG_DIR . '/nfwlog/cache/nfilecheck_snapshot.php') ) {
|
302 |
+
$stat = stat(NFW_LOG_DIR . '/nfwlog/cache/nfilecheck_snapshot.php');
|
303 |
+
$data = '== NinjaFirewall File Check (snapshot)'. "\n";
|
304 |
+
$data.= '== ' . site_url() . "\n";
|
305 |
+
$data.= '== ' . date_i18n('M d, Y @ H:i:s O', $stat['ctime']) . "\n\n";
|
306 |
+
$fh = fopen(NFW_LOG_DIR . '/nfwlog/cache/nfilecheck_snapshot.php', 'r');
|
307 |
+
while (! feof($fh) ) {
|
308 |
+
$res = explode('::', fgets($fh) );
|
309 |
+
if (! empty($res[0][0]) && $res[0][0] == '/') {
|
310 |
+
$data .= $res[0] . "\n";
|
311 |
+
}
|
312 |
+
}
|
313 |
+
fclose($fh);
|
314 |
+
$data .= "\n== EOF\n";
|
315 |
+
header('Content-Type: text/plain');
|
316 |
+
header('Content-Length: '. strlen( $data ) );
|
317 |
+
header('Content-Disposition: attachment; filename="'. $_SERVER['SERVER_NAME'] .'_snapshot.txt"');
|
318 |
+
echo $data;
|
319 |
+
exit;
|
320 |
+
} else {
|
321 |
+
wp_nonce_ays('filecheck_save');
|
322 |
+
}
|
323 |
+
}
|
324 |
+
|
325 |
+
if (! empty($nfw_options['engine_version']) && version_compare($nfw_options['engine_version'], NFW_ENGINE_VERSION, '<') ) {
|
326 |
+
// v1.0.4 update -------------------------------------------------
|
327 |
+
if ( empty( $nfw_options['alert_email']) ) {
|
328 |
+
$nfw_options['a_0'] = 1; $nfw_options['a_11'] = 1;
|
329 |
+
$nfw_options['a_12'] = 1; $nfw_options['a_13'] = 0;
|
330 |
+
$nfw_options['a_14'] = 0; $nfw_options['a_15'] = 1;
|
331 |
+
$nfw_options['a_16'] = 0; $nfw_options['a_21'] = 1;
|
332 |
+
$nfw_options['a_22'] = 1; $nfw_options['a_23'] = 0;
|
333 |
+
$nfw_options['a_24'] = 0; $nfw_options['a_31'] = 1;
|
334 |
+
$nfw_options['alert_email'] = get_option('admin_email');
|
335 |
+
}
|
336 |
+
// v1.1.0 update -------------------------------------------------
|
337 |
+
if (! isset( $nfw_options['post_b64'] ) ) {
|
338 |
+
$nfw_options['alert_sa_only'] = 2;
|
339 |
+
$nfw_options['nt_show_status'] = 1;
|
340 |
+
$nfw_options['post_b64'] = 1;
|
341 |
+
}
|
342 |
+
// v1.1.2 update -------------------------------------------------
|
343 |
+
if (! isset( $nfw_options['no_xmlrpc'] ) ) {
|
344 |
+
$nfw_options['no_xmlrpc'] = 0;
|
345 |
+
}
|
346 |
+
// v1.1.3 update -------------------------------------------------
|
347 |
+
if (! isset( $nfw_options['enum_archives'] ) ) {
|
348 |
+
$nfw_options['enum_archives'] = 0;
|
349 |
+
$nfw_options['enum_login'] = 1;
|
350 |
+
}
|
351 |
+
// v1.1.6 update -------------------------------------------------
|
352 |
+
if (! isset( $nfw_options['request_sanitise'] ) ) {
|
353 |
+
$nfw_options['request_sanitise'] = 0;
|
354 |
+
}
|
355 |
+
// v1.1.9 update -------------------------------------------------
|
356 |
+
if ( empty( $nfw_options['logo']) ) {
|
357 |
+
$nfw_options['logo'] = plugins_url() . '/ninjafirewall/images/ninjafirewall_75.png';
|
358 |
+
}
|
359 |
+
// v1.2.1 update -------------------------------------------------
|
360 |
+
if ( empty( $nfw_options['fg_mtime']) ) {
|
361 |
+
$nfw_options['fg_enable'] = 0;
|
362 |
+
$nfw_options['fg_mtime'] = 10;
|
363 |
+
}
|
364 |
+
// v1.2.3 update -------------------------------------------------
|
365 |
+
if ( version_compare( $nfw_options['engine_version'], '1.2.3', '<' ) ) {
|
366 |
+
$nfw_options['blocked_msg'] = base64_encode($nfw_options['blocked_msg']);
|
367 |
+
}
|
368 |
+
// v1.2.4 update -------------------------------------------------
|
369 |
+
if ( isset($nfw_options['$auth_msg']) ) {
|
370 |
+
unset($nfw_options['$auth_msg']);
|
371 |
+
}
|
372 |
+
// v1.2.7 update -------------------------------------------------
|
373 |
+
if ( version_compare( $nfw_options['engine_version'], '1.2.7', '<' ) ) {
|
374 |
+
if ( is_writable(NFW_LOG_DIR) ) {
|
375 |
+
if (! file_exists(NFW_LOG_DIR . '/nfwlog') ) {
|
376 |
+
mkdir( NFW_LOG_DIR . '/nfwlog', 0755);
|
377 |
+
}
|
378 |
+
if (! file_exists(NFW_LOG_DIR . '/nfwlog/cache') ) {
|
379 |
+
mkdir( NFW_LOG_DIR . '/nfwlog/cache', 0755);
|
380 |
+
}
|
381 |
+
touch( NFW_LOG_DIR . '/nfwlog/index.html' );
|
382 |
+
touch( NFW_LOG_DIR . '/nfwlog/cache/index.html' );
|
383 |
+
@file_put_contents(NFW_LOG_DIR . '/nfwlog/.htaccess', "Order Deny,Allow\nDeny from all", LOCK_EX);
|
384 |
+
@file_put_contents(NFW_LOG_DIR . '/nfwlog/cache/.htaccess', "Order Deny,Allow\nDeny from all", LOCK_EX);
|
385 |
+
|
386 |
+
$nfwbfd_log = NFW_LOG_DIR . '/nfwlog/cache/bf_conf.php';
|
387 |
+
if ((! empty($nfw_options['bf_request'])) && (! empty($nfw_options['bf_bantime'])) &&
|
388 |
+
(! empty($nfw_options['bf_attempt'])) && (! empty($nfw_options['bf_maxtime'])) &&
|
389 |
+
(! empty($nfw_options['auth_name'])) && (! empty($nfw_options['auth_pass'])) &&
|
390 |
+
(! empty($nfw_options['bf_rand'])) ) {
|
391 |
+
if ( empty($nfw_options['bf_enable'])) {
|
392 |
+
$nfw_options['bf_enable'] = 1;
|
393 |
+
}
|
394 |
+
if ( empty($nfw_options['auth_msg']) ) {
|
395 |
+
$nfw_options['auth_msg'] = 'Access restricted';
|
396 |
+
}
|
397 |
+
if (! isset($nfw_options['bf_xmlrpc']) ) {
|
398 |
+
$nfw_options['bf_xmlrpc'] = 0;
|
399 |
+
}
|
400 |
+
if (! isset($nfw_options['bf_authlog']) ) {
|
401 |
+
$nfw_options['bf_authlog'] = 0;
|
402 |
+
}
|
403 |
+
$data = '<?php $bf_enable=' . $nfw_options['bf_enable'] .
|
404 |
+
';$bf_request=\'' . $nfw_options['bf_request'] . '\'' .
|
405 |
+
';$bf_bantime=' . $nfw_options['bf_bantime'] .
|
406 |
+
';$bf_attempt=' . $nfw_options['bf_attempt'] .
|
407 |
+
';$bf_maxtime=' . $nfw_options['bf_maxtime'] .
|
408 |
+
';$bf_xmlrpc=' . $nfw_options['bf_xmlrpc'] .
|
409 |
+
';$auth_name=\'' . $nfw_options['auth_name'] . '\'' .
|
410 |
+
';$auth_pass=\'' . $nfw_options['auth_pass'] . '\';' .
|
411 |
+
'$auth_msg=\'' . $nfw_options['auth_msg'] . '\'' .
|
412 |
+
';$bf_rand=\'' . $nfw_options['bf_rand'] . '\';'.
|
413 |
+
'$bf_authlog='. $nfw_options['bf_authlog'] . '; ?>';
|
414 |
+
$fh = fopen( $nfwbfd_log, 'w' );
|
415 |
+
fwrite( $fh, $data );
|
416 |
+
fclose( $fh );
|
417 |
+
}
|
418 |
+
}
|
419 |
+
unset($nfw_options['bf_enable']);
|
420 |
+
unset($nfw_options['bf_request']);
|
421 |
+
unset($nfw_options['bf_bantime']);
|
422 |
+
unset($nfw_options['bf_attempt']);
|
423 |
+
unset($nfw_options['bf_maxtime']);
|
424 |
+
unset($nfw_options['bf_xmlrpc']);
|
425 |
+
unset($nfw_options['auth_name']);
|
426 |
+
unset($nfw_options['auth_pass']);
|
427 |
+
unset($nfw_options['auth_msg']);
|
428 |
+
unset($nfw_options['bf_rand']);
|
429 |
+
unset($nfw_options['bf_authlog']);
|
430 |
+
}
|
431 |
+
// v1.3.1 update -------------------------------------------------
|
432 |
+
if ( version_compare( $nfw_options['engine_version'], '1.3.1', '<' ) ) {
|
433 |
+
if ( function_exists('header_register_callback') && function_exists('headers_list') && function_exists('header_remove') ) {
|
434 |
+
$nfw_options['response_headers'] = '00010000';
|
435 |
+
}
|
436 |
+
}
|
437 |
+
// v1.3.3 update -------------------------------------------------
|
438 |
+
if ( version_compare( $nfw_options['engine_version'], '1.3.3', '<' ) ) {
|
439 |
+
$nfw_options['a_41'] = 1;
|
440 |
+
$nfw_options['sched_scan'] = 0;
|
441 |
+
$nfw_options['report_scan'] = 0;
|
442 |
+
}
|
443 |
+
// v1.3.4 update -------------------------------------------------
|
444 |
+
if ( version_compare( $nfw_options['engine_version'], '1.3.4', '<' ) ) {
|
445 |
+
$nfw_options['a_51'] = 1;
|
446 |
+
}
|
447 |
+
// v1.3.5 update -------------------------------------------------
|
448 |
+
if ( version_compare( $nfw_options['engine_version'], '1.3.5', '<' ) ) {
|
449 |
+
$nfw_options['fg_exclude'] = '';
|
450 |
+
}
|
451 |
+
// v1.3.6 update -------------------------------------------------
|
452 |
+
if ( version_compare( $nfw_options['engine_version'], '1.3.6', '<' ) ) {
|
453 |
+
$path = NFW_LOG_DIR . '/nfwlog/cache/';
|
454 |
+
$glob = glob($path . "nfdbhash*php");
|
455 |
+
if ( is_array($glob)) {
|
456 |
+
foreach($glob as $file) {
|
457 |
+
unlink($file);
|
458 |
+
}
|
459 |
+
}
|
460 |
+
}
|
461 |
+
// v1.7 update -------------------------------------------------
|
462 |
+
if ( version_compare( $nfw_options['engine_version'], '1.7', '<' ) ) {
|
463 |
+
$nfw_options['a_52'] = 1;
|
464 |
+
if ( ! wp_next_scheduled('nfdailyreport') ) {
|
465 |
+
nfw_get_blogtimezone();
|
466 |
+
wp_schedule_event( strtotime( date('Y-m-d 00:00:05', strtotime("+1 day")) ), 'daily', 'nfdailyreport');
|
467 |
+
}
|
468 |
+
$nfw_options['no_xmlrpc_multi'] = 0;
|
469 |
+
}
|
470 |
+
// v3.1.2 update (file guard) ----------------------------------
|
471 |
+
if ( version_compare( $nfw_options['engine_version'], '3.1.2', '<' ) ) {
|
472 |
+
if (! empty( $nfw_options['fg_exclude'] ) ) {
|
473 |
+
$nfw_options['fg_exclude'] = preg_quote( $nfw_options['fg_exclude'], '`');
|
474 |
+
}
|
475 |
+
}
|
476 |
+
// v3.2 update (anti-malware) ----------------------------------
|
477 |
+
if ( version_compare( $nfw_options['engine_version'], '3.2', '<' ) ) {
|
478 |
+
$nfw_options['malware_dir'] = ABSPATH;
|
479 |
+
$nfw_options['malware_symlink'] = 1;
|
480 |
+
$nfw_options['malware_timestamp'] = 7;
|
481 |
+
$nfw_options['malware_size'] = 2048;
|
482 |
+
}
|
483 |
+
// v3.2.2 update -----------------------------------------------
|
484 |
+
if ( version_compare( $nfw_options['engine_version'], '3.2.2', '<' ) ) {
|
485 |
+
if ( is_multisite() ) {
|
486 |
+
update_site_option('nfw_options', $nfw_options);
|
487 |
+
update_site_option('nfw_rules', $nfw_rules_new);
|
488 |
+
}
|
489 |
+
}
|
490 |
+
// v3.3 update ---------------------------------------------------
|
491 |
+
if ( version_compare( $nfw_options['engine_version'], '3.3', '<' ) ) {
|
492 |
+
if ( function_exists('header_register_callback') && function_exists('headers_list') && function_exists('header_remove') ) {
|
493 |
+
if (! empty( $nfw_options['response_headers'] ) && strlen( $nfw_options['response_headers'] ) == 6 ) {
|
494 |
+
$nfw_options['response_headers'] .= '00';
|
495 |
+
}
|
496 |
+
}
|
497 |
+
}
|
498 |
+
// v3.4 update ---------------------------------------------------
|
499 |
+
if ( version_compare( $nfw_options['engine_version'], '3.4', '<' ) ) {
|
500 |
+
$nfw_options['a_53'] = 1;
|
501 |
+
}
|
502 |
+
// v3.5.1 update -------------------------------------------------
|
503 |
+
if ( version_compare( $nfw_options['engine_version'], '3.5.1', '<' ) ) {
|
504 |
+
// Create garbage collector's cron job:
|
505 |
+
if ( wp_next_scheduled( 'nfwgccron' ) ) {
|
506 |
+
wp_clear_scheduled_hook( 'nfwgccron' );
|
507 |
+
}
|
508 |
+
wp_schedule_event( time() + 60, 'hourly', 'nfwgccron' );
|
509 |
+
}
|
510 |
+
// -------------------------------------------------------------
|
511 |
+
|
512 |
+
$nfw_options['engine_version'] = NFW_ENGINE_VERSION;
|
513 |
+
$is_update = 1;
|
514 |
+
|
515 |
+
define('NFUPDATESDO', 2);
|
516 |
+
@nf_sub_updates();
|
517 |
+
|
518 |
+
if (! defined('NFW_NEWRULES_VERSION') ) {
|
519 |
+
define('NFW_NEWRULES_VERSION', '20160101.1');
|
520 |
+
}
|
521 |
+
|
522 |
+
if ( $nfw_rules_new = @unserialize(NFW_RULES) ) {
|
523 |
+
foreach ( $nfw_rules_new as $new_key => $new_value ) {
|
524 |
+
foreach ( $new_value as $key => $value ) {
|
525 |
+
if ( ( isset( $nfw_rules[$new_key]['ena'] ) ) && ( $key == 'ena' ) ) {
|
526 |
+
$nfw_rules_new[$new_key]['ena'] = $nfw_rules[$new_key]['ena'];
|
527 |
+
}
|
528 |
+
if ( ( isset( $nfw_rules[$new_key]['on'] ) ) && ( $key == 'ena' ) ) {
|
529 |
+
$nfw_rules_new[$new_key]['ena'] = $nfw_rules[$new_key]['on'];
|
530 |
+
}
|
531 |
+
}
|
532 |
+
}
|
533 |
+
if ( isset( $nfw_rules[NFW_DOC_ROOT]['what'] ) ) {
|
534 |
+
$nfw_rules_new[NFW_DOC_ROOT]['cha'][1]['wha'] = str_replace( '/', '/[./]*', $nfw_rules[NFW_DOC_ROOT]['what'] );
|
535 |
+
$nfw_rules_new[NFW_DOC_ROOT]['ena'] = $nfw_rules[NFW_DOC_ROOT]['on'];
|
536 |
+
} else {
|
537 |
+
$nfw_rules_new[NFW_DOC_ROOT]['cha'][1]['wha'] = $nfw_rules[NFW_DOC_ROOT]['cha'][1]['wha'];
|
538 |
+
$nfw_rules_new[NFW_DOC_ROOT]['ena'] = $nfw_rules[NFW_DOC_ROOT]['ena'];
|
539 |
+
}
|
540 |
+
|
541 |
+
if ( version_compare( $nfw_options['rules_version'], '20140925', '<' ) ) {
|
542 |
+
if ( isset($nfw_rules_new[151]) ) {
|
543 |
+
unset($nfw_rules_new[151]);
|
544 |
+
}
|
545 |
+
if ( isset($nfw_rules_new[152]) ) {
|
546 |
+
unset($nfw_rules_new[152]);
|
547 |
+
}
|
548 |
+
}
|
549 |
+
// ---------------------------------------------------------------
|
550 |
+
|
551 |
+
nfw_update_option( 'nfw_rules', $nfw_rules_new);
|
552 |
+
$nfw_options['rules_version'] = NFW_NEWRULES_VERSION;
|
553 |
+
|
554 |
+
} else {
|
555 |
+
|
556 |
+
if ( ( is_multisite() ) && ( $nfw_options['alert_sa_only'] == 2 ) ) {
|
557 |
+
$recipient = get_option('admin_email');
|
558 |
+
} else {
|
559 |
+
$recipient = $nfw_options['alert_email'];
|
560 |
+
}
|
561 |
+
|
562 |
+
$subject = '[NinjaFirewall] ' . __('ERROR: Failed to update rules', 'ninjafirewall');
|
563 |
+
if ( is_multisite() ) {
|
564 |
+
$url = __('-Blog :', 'ninjafirewall') .' '. network_home_url('/') . "\n\n";
|
565 |
+
} else {
|
566 |
+
$url = __('-Blog :', 'ninjafirewall') .' '. home_url('/') . "\n\n";
|
567 |
+
}
|
568 |
+
$message = __('NinjaFirewall failed to update its rules. This is a critical error, your current rules may be corrupted or disabled. In order to solve the problem, please follow these instructions:', 'ninjafirewall') . "\n\n";
|
569 |
+
$message.= __('1. Log in to your WordPress admin dashboard.', 'ninjafirewall') . "\n";
|
570 |
+
$message.= __('2. Go to "NinjaFirewall > Updates".', 'ninjafirewall') . "\n";
|
571 |
+
$message.= __('3. Click on "Check for updates now!".', 'ninjafirewall') .
|
572 |
+
"\n\n".
|
573 |
+
__('-Date :', 'ninjafirewall') .' '. ucfirst(date_i18n('F j, Y @ H:i:s')) . ' (UTC '. date('O') . ")\n" .
|
574 |
+
$url .
|
575 |
+
'NinjaFirewall (WP Edition) - https://nintechnet.com/' . "\n" .
|
576 |
+
__('Support forum', 'ninjafirewall') . ': http://wordpress.org/support/plugin/ninjafirewall' . "\n";
|
577 |
+
wp_mail( $recipient, $subject, $message );
|
578 |
+
}
|
579 |
+
}
|
580 |
+
|
581 |
+
|
582 |
+
if ( $is_update ) {
|
583 |
+
$tmp_data = '';
|
584 |
+
// up to v1.2.7 -------------------------------------------------
|
585 |
+
if ( version_compare( $nfw_options['engine_version'], '1.2.8', '<' ) ) {
|
586 |
+
if ( isset($nfw_options['nfw_tmp']) ) {
|
587 |
+
unset( $nfw_options['nfw_tmp'] );
|
588 |
+
$log_file = NFW_LOG_DIR . '/nfwlog/firewall_' . date( 'Y-m' ) . '.php';
|
589 |
+
if ( $tmp_data = @gzinflate( base64_decode( nfw_get_option('nfw_tmp') ) ) ) {
|
590 |
+
@file_put_contents( $log_file, $tmp_data, LOCK_EX);
|
591 |
+
}
|
592 |
+
nfw_delete_option( 'nfw_tmp' );
|
593 |
+
}
|
594 |
+
if ( $tmp_data ) {
|
595 |
+
$stat_file = NFW_LOG_DIR . '/nfwlog/stats_' . date( 'Y-m' ) . '.php';
|
596 |
+
$nfw_stat = array('0', '0', '0', '0', '0', '0', '0', '0', '0', '0');
|
597 |
+
$stats_lines = explode( PHP_EOL, $tmp_data );
|
598 |
+
foreach ( $stats_lines as $line ) {
|
599 |
+
if (preg_match( '/^\[.+?\]\s+\[.+?\]\s+(?:\[.+?\]\s+){3}\[([0-9])\]/', $line, $match) ) {
|
600 |
+
++$nfw_stat[$match[1]];
|
601 |
+
}
|
602 |
+
}
|
603 |
+
@file_put_contents( $stat_file, $nfw_stat[0] . ':' . $nfw_stat[1] . ':' .
|
604 |
+
$nfw_stat[2] . ':' . $nfw_stat[3] . ':' . $nfw_stat[4] . ':' .
|
605 |
+
$nfw_stat[5] . ':' . $nfw_stat[6] . ':' . $nfw_stat[7] . ':' .
|
606 |
+
$nfw_stat[8] . ':' . $nfw_stat[9], LOCK_EX );
|
607 |
+
}
|
608 |
+
}
|
609 |
+
|
610 |
+
nfw_update_option( 'nfw_options', $nfw_options);
|
611 |
+
}
|
612 |
+
|
613 |
+
if ( defined( 'NFW_ALERT' ) ) {
|
614 |
+
nfw_check_emailalert();
|
615 |
+
}
|
616 |
+
|
617 |
+
// Run the garbage collector if needed:
|
618 |
+
nfw_garbage_collector();
|
619 |
+
|
620 |
+
if (! empty( $nfw_options['wl_admin']) ) {
|
621 |
+
$_SESSION['nfw_goodguy'] = true;
|
622 |
+
if (! empty( $nfw_options['bf_enable'] ) && ! empty( $nfw_options['bf_rand'] ) ) {
|
623 |
+
$_SESSION['nfw_bfd'] = $nfw_options['bf_rand'];
|
624 |
+
}
|
625 |
+
return;
|
626 |
+
}
|
627 |
+
if ( isset( $_SESSION['nfw_goodguy'] ) ) {
|
628 |
+
unset( $_SESSION['nfw_goodguy'] );
|
629 |
+
}
|
630 |
+
}
|
631 |
+
|
632 |
+
add_action('admin_init', 'nfw_upgrade' );
|
633 |
+
|
634 |
+
/* ------------------------------------------------------------------ */
|
635 |
+
|
636 |
+
function nfw_login_hook( $user_login, $user ) {
|
637 |
+
|
638 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
639 |
+
|
640 |
+
if ( empty( $nfw_options['enabled'] ) ) { return; }
|
641 |
+
|
642 |
+
if ( empty( $user->roles[0] ) ) {
|
643 |
+
$whoami = '';
|
644 |
+
$admin_flag = 1;
|
645 |
+
} elseif ( $user->roles[0] == 'administrator' ) {
|
646 |
+
$whoami = 'administrator';
|
647 |
+
$admin_flag = 2;
|
648 |
+
} else {
|
649 |
+
$whoami = $user->roles[0];
|
650 |
+
$admin_flag = 0;
|
651 |
+
}
|
652 |
+
|
653 |
+
if (! empty($nfw_options['a_0']) ) {
|
654 |
+
if ( ( ( $nfw_options['a_0'] == 1) && ( $admin_flag ) ) || ( $nfw_options['a_0'] == 2 ) ) {
|
655 |
+
nfw_send_loginemail( $user_login, $whoami );
|
656 |
+
if (! empty($nfw_options['a_41']) ) {
|
657 |
+
nfw_log2('Logged in user', $user_login .' ('. $whoami .')', 6, 0);
|
658 |
+
}
|
659 |
+
}
|
660 |
+
}
|
661 |
+
|
662 |
+
if (! empty( $nfw_options['wl_admin']) ) {
|
663 |
+
if ( ( $nfw_options['wl_admin'] == 1 && $admin_flag == 2 ) || ( $nfw_options['wl_admin'] == 2 ) ) {
|
664 |
+
$_SESSION['nfw_goodguy'] = $nfw_options['wl_admin'];
|
665 |
+
return;
|
666 |
+
}
|
667 |
+
}
|
668 |
+
|
669 |
+
if ( isset( $_SESSION['nfw_goodguy'] ) ) {
|
670 |
+
unset( $_SESSION['nfw_goodguy'] );
|
671 |
+
}
|
672 |
+
}
|
673 |
+
|
674 |
+
add_action( 'wp_login', 'nfw_login_hook', 10, 2 );
|
675 |
+
|
676 |
+
/* ------------------------------------------------------------------ */
|
677 |
+
|
678 |
+
function nfw_send_loginemail( $user_login, $whoami ) {
|
679 |
+
|
680 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
681 |
+
|
682 |
+
if ( ( is_multisite() ) && ( $nfw_options['alert_sa_only'] == 2 ) ) {
|
683 |
+
$recipient = get_option('admin_email');
|
684 |
+
} else {
|
685 |
+
$recipient = $nfw_options['alert_email'];
|
686 |
+
}
|
687 |
+
|
688 |
+
$subject = '[NinjaFirewall] ' . __('Alert: WordPress console login', 'ninjafirewall');
|
689 |
+
if ( is_multisite() ) {
|
690 |
+
$url = __('-Blog :', 'ninjafirewall') .' '. network_home_url('/') . "\n\n";
|
691 |
+
} else {
|
692 |
+
$url = __('-Blog :', 'ninjafirewall') .' '. home_url('/') . "\n\n";
|
693 |
+
}
|
694 |
+
if (! empty( $whoami ) ) {
|
695 |
+
$whoami = " ($whoami)";
|
696 |
+
}
|
697 |
+
$message = __('Someone just logged in to your WordPress admin console:', 'ninjafirewall') . "\n\n".
|
698 |
+
__('-User :', 'ninjafirewall') .' '. $user_login . $whoami . "\n" .
|
699 |
+
__('-IP :', 'ninjafirewall') .' '. NFW_REMOTE_ADDR . "\n" .
|
700 |
+
__('-Date :', 'ninjafirewall') .' '. ucfirst(date_i18n('F j, Y @ H:i:s')) . ' (UTC '. date('O') . ")\n" .
|
701 |
+
$url .
|
702 |
+
'NinjaFirewall (WP Edition) - https://nintechnet.com/' . "\n" .
|
703 |
+
__('Support forum', 'ninjafirewall') . ': http://wordpress.org/support/plugin/ninjafirewall' . "\n";
|
704 |
+
wp_mail( $recipient, $subject, $message );
|
705 |
+
|
706 |
+
}
|
707 |
+
/* ------------------------------------------------------------------ */
|
708 |
+
|
709 |
+
function nfw_logout_hook() {
|
710 |
+
|
711 |
+
if ( isset( $_SESSION['nfw_goodguy'] ) ) {
|
712 |
+
unset( $_SESSION['nfw_goodguy'] );
|
713 |
+
}
|
714 |
+
if (isset($_SESSION['nfw_livelog']) ) {
|
715 |
+
unset($_SESSION['nfw_livelog']);
|
716 |
+
}
|
717 |
+
if (isset($_SESSION['nfw_malscan']) ) {
|
718 |
+
unset($_SESSION['nfw_malscan']);
|
719 |
+
}
|
720 |
+
}
|
721 |
+
|
722 |
+
add_action( 'wp_logout', 'nfw_logout_hook' );
|
723 |
+
|
724 |
+
/* ------------------------------------------------------------------ */
|
725 |
+
|
726 |
+
function is_nfw_enabled() {
|
727 |
+
|
728 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
729 |
+
|
730 |
+
if (! defined('NFW_STATUS') ) {
|
731 |
+
define('NF_DISABLED', 10);
|
732 |
+
return;
|
733 |
+
}
|
734 |
+
|
735 |
+
if ( isset($nfw_options['enabled']) && $nfw_options['enabled'] == '0' ) {
|
736 |
+
define('NF_DISABLED', 9);
|
737 |
+
return;
|
738 |
+
}
|
739 |
+
|
740 |
+
if (NFW_STATUS == 21 || NFW_STATUS == 22 || NFW_STATUS == 23) {
|
741 |
+
define('NF_DISABLED', 10);
|
742 |
+
return;
|
743 |
+
}
|
744 |
+
|
745 |
+
if (NFW_STATUS == 20) {
|
746 |
+
define('NF_DISABLED', 0);
|
747 |
+
return;
|
748 |
+
}
|
749 |
+
|
750 |
+
define('NF_DISABLED', NFW_STATUS);
|
751 |
+
return;
|
752 |
+
|
753 |
+
}
|
754 |
+
|
755 |
+
/* ------------------------------------------------------------------ */
|
756 |
+
|
757 |
+
function ninjafirewall_admin_menu() {
|
758 |
+
|
759 |
+
if ( nf_not_allowed( 0, __LINE__ ) ) { return; }
|
760 |
+
|
761 |
+
if (! empty($_REQUEST['nfw_act']) && $_REQUEST['nfw_act'] == 99) {
|
762 |
+
if ( empty($_GET['nfwnonce']) || ! wp_verify_nonce($_GET['nfwnonce'], 'show_phpinfo') ) {
|
763 |
+
wp_nonce_ays('show_phpinfo');
|
764 |
+
}
|
765 |
+
phpinfo(33);
|
766 |
+
exit;
|
767 |
+
}
|
768 |
+
|
769 |
+
$message = '<br /><br /><br /><br /><center>' .
|
770 |
+
sprintf( __('Sorry %s, your request cannot be processed.', 'ninjafirewall'), '<b>%%REM_ADDRESS%%</b>') .
|
771 |
+
'<br />' . __('For security reasons, it was blocked and logged.', 'ninjafirewall') .
|
772 |
+
'<br /><br />%%NINJA_LOGO%%<br /><br />' .
|
773 |
+
__('If you believe this was an error please contact the<br />webmaster and enclose the following incident ID:', 'ninjafirewall') .
|
774 |
+
'<br /><br />[ <b>#%%NUM_INCIDENT%%</b> ]</center>';
|
775 |
+
|
776 |
+
define( 'NFW_DEFAULT_MSG', $message );
|
777 |
+
|
778 |
+
if (! defined('NF_DISABLED') ) {
|
779 |
+
is_nfw_enabled();
|
780 |
+
}
|
781 |
+
|
782 |
+
if (NF_DISABLED == 10) {
|
783 |
+
add_menu_page( 'NinjaFirewall', 'NinjaFirewall', 'manage_options',
|
784 |
+
'NinjaFirewall', 'nf_menu_install', plugins_url( '/images/nf_icon.png', __FILE__ )
|
785 |
+
);
|
786 |
+
add_submenu_page( 'NinjaFirewall', __('Installation', 'ninjafirewall'), __('Installation', 'ninjafirewall'), 'manage_options',
|
787 |
+
'NinjaFirewall', 'nf_menu_install' );
|
788 |
+
return;
|
789 |
+
}
|
790 |
+
|
791 |
+
add_menu_page( 'NinjaFirewall', 'NinjaFirewall', 'manage_options',
|
792 |
+
'NinjaFirewall', 'nf_menu_main', plugins_url( '/images/nf_icon.png', __FILE__ )
|
793 |
+
);
|
794 |
+
|
795 |
+
global $menu_hook;
|
796 |
+
|
797 |
+
require_once plugin_dir_path(__FILE__) . 'lib/help.php';
|
798 |
+
|
799 |
+
$menu_hook = add_submenu_page( 'NinjaFirewall', __('NinjaFirewall: Overview', 'ninjafirewall'), __('Overview', 'ninjafirewall'), 'manage_options',
|
800 |
+
'NinjaFirewall', 'nf_menu_main' );
|
801 |
+
add_action( 'load-' . $menu_hook, 'help_nfsubmain' );
|
802 |
+
|
803 |
+
$menu_hook = add_submenu_page( 'NinjaFirewall', __('NinjaFirewall: Statistics', 'ninjafirewall'), __('Statistics', 'ninjafirewall'), 'manage_options',
|
804 |
+
'nfsubstat', 'nf_sub_statistics' );
|
805 |
+
add_action( 'load-' . $menu_hook, 'help_nfsubstat' );
|
806 |
+
|
807 |
+
$menu_hook = add_submenu_page( 'NinjaFirewall', __('NinjaFirewall: Firewall Options', 'ninjafirewall'), __('Firewall Options', 'ninjafirewall'), 'manage_options',
|
808 |
+
'nfsubopt', 'nf_sub_options' );
|
809 |
+
add_action( 'load-' . $menu_hook, 'help_nfsubopt' );
|
810 |
+
|
811 |
+
$menu_hook = add_submenu_page( 'NinjaFirewall', __('NinjaFirewall: Firewall Policies', 'ninjafirewall'), __('Firewall Policies', 'ninjafirewall'), 'manage_options',
|
812 |
+
'nfsubpolicies', 'nf_sub_policies' );
|
813 |
+
add_action( 'load-' . $menu_hook, 'help_nfsubpolicies' );
|
814 |
+
|
815 |
+
$menu_hook = add_submenu_page( 'NinjaFirewall', __('NinjaFirewall: File Guard', 'ninjafirewall'), __( 'File Guard', 'ninjafirewall'), 'manage_options',
|
816 |
+
'nfsubfileguard', 'nf_sub_fileguard' );
|
817 |
+
add_action( 'load-' . $menu_hook, 'help_nfsubfileguard' );
|
818 |
+
|
819 |
+
$menu_hook = add_submenu_page( 'NinjaFirewall', __('NinjaFirewall: File Check', 'ninjafirewall'), __('File Check', 'ninjafirewall'), 'manage_options',
|
820 |
+
'nfsubfilecheck', 'nf_sub_filecheck' );
|
821 |
+
add_action( 'load-' . $menu_hook, 'help_nfsubfilecheck' );
|
822 |
+
|
823 |
+
$nscan_options = get_option( 'nscan_options' );
|
824 |
+
if ( defined('NSCAN_NAME') && defined('NSCAN_SLUG') && ! empty( $nscan_options['scan_nfwpintegration'] ) ) {
|
825 |
+
$menu_hook = add_submenu_page( 'NinjaFirewall', NSCAN_NAME, NSCAN_NAME, 'manage_options', NSCAN_NAME, 'nscan_main_menu' );
|
826 |
+
require_once dirname( __DIR__ ).'/'. NSCAN_SLUG .'/lib/help.php';
|
827 |
+
add_action( 'load-' . $menu_hook, 'nscan_help' );
|
828 |
+
} else {
|
829 |
+
$menu_hook = add_submenu_page( 'NinjaFirewall', __('NinjaFirewall: Anti-Malware', 'ninjafirewall'), __('Anti-Malware', 'ninjafirewall'), 'manage_options',
|
830 |
+
'nfsubmalwarescan', 'nf_sub_malwarescan' );
|
831 |
+
}
|
832 |
+
|
833 |
+
$menu_hook = add_submenu_page( 'NinjaFirewall', __('NinjaFirewall: Network', 'ninjafirewall'), __('Network', 'ninjafirewall'), 'manage_network',
|
834 |
+
'nfsubnetwork', 'nf_sub_network' );
|
835 |
+
add_action( 'load-' . $menu_hook, 'help_nfsubnetwork' );
|
836 |
+
|
837 |
+
$menu_hook = add_submenu_page( 'NinjaFirewall', __('NinjaFirewall: Event Notifications', 'ninjafirewall'), __('Event Notifications', 'ninjafirewall'), 'manage_options',
|
838 |
+
'nfsubevent', 'nf_sub_event' );
|
839 |
+
add_action( 'load-' . $menu_hook, 'help_nfsubevent' );
|
840 |
+
|
841 |
+
$menu_hook = add_submenu_page( 'NinjaFirewall', __('NinjaFirewall: Log-in Protection', 'ninjafirewall'), __('Login Protection', 'ninjafirewall'), 'manage_options',
|
842 |
+
'nfsubloginprot', 'nf_sub_loginprot' );
|
843 |
+
add_action( 'load-' . $menu_hook, 'help_nfsublogin' );
|
844 |
+
|
845 |
+
$menu_hook = add_submenu_page( 'NinjaFirewall', __('NinjaFirewall: Firewall Log', 'ninjafirewall'), __('Firewall Log', 'ninjafirewall'), 'manage_options',
|
846 |
+
'nfsublog', 'nf_sub_log' );
|
847 |
+
add_action( 'load-' . $menu_hook, 'help_nfsublog' );
|
848 |
+
|
849 |
+
$menu_hook = add_submenu_page( 'NinjaFirewall', __('NinjaFirewall: Live Log', 'ninjafirewall'), __('Live Log', 'ninjafirewall'), 'manage_options',
|
850 |
+
'nfsublive', 'nf_sub_live' );
|
851 |
+
add_action( 'load-' . $menu_hook, 'help_nfsublivelog' );
|
852 |
+
|
853 |
+
$menu_hook = add_submenu_page( 'NinjaFirewall', __('NinjaFirewall: Rules Editor', 'ninjafirewall'), __('Rules Editor', 'ninjafirewall'), 'manage_options',
|
854 |
+
'nfsubedit', 'nf_sub_edit' );
|
855 |
+
add_action( 'load-' . $menu_hook, 'help_nfsubedit' );
|
856 |
+
|
857 |
+
$menu_hook = add_submenu_page( 'NinjaFirewall', __('NinjaFirewall: Updates', 'ninjafirewall'), __('Updates', 'ninjafirewall'), 'manage_options',
|
858 |
+
'nfsubupdates', 'nf_sub_updates' );
|
859 |
+
add_action( 'load-' . $menu_hook, 'help_nfsubupdates' );
|
860 |
+
|
861 |
+
$menu_hook = add_submenu_page( 'NinjaFirewall', 'NinjaFirewall: WP+ Edition', '<b style="color:#fcdc25">WP+ Edition</b>', 'manage_options',
|
862 |
+
'nfsubwplus', 'nf_sub_wplus' );
|
863 |
+
|
864 |
+
$menu_hook = add_submenu_page( 'NinjaFirewall', __('NinjaFirewall: About', 'ninjafirewall'), __('About...', 'ninjafirewall'), 'manage_options',
|
865 |
+
'nfsubabout', 'nf_sub_about' );
|
866 |
+
|
867 |
+
}
|
868 |
+
// Must load before NinjaScanner (11):
|
869 |
+
if (! is_multisite() ) {
|
870 |
+
add_action( 'admin_menu', 'ninjafirewall_admin_menu', 10 );
|
871 |
+
} else {
|
872 |
+
add_action( 'network_admin_menu', 'ninjafirewall_admin_menu', 10 );
|
873 |
+
}
|
874 |
+
|
875 |
+
/* ------------------------------------------------------------------ */
|
876 |
+
|
877 |
+
function nf_admin_bar_status() {
|
878 |
+
|
879 |
+
if (! current_user_can( 'manage_options' ) ) {
|
880 |
+
return;
|
881 |
+
}
|
882 |
+
|
883 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
884 |
+
if ( @$nfw_options['nt_show_status'] != 1 && ! current_user_can('manage_network') ) {
|
885 |
+
return;
|
886 |
+
}
|
887 |
+
|
888 |
+
if (! defined('NF_DISABLED') ) {
|
889 |
+
is_nfw_enabled();
|
890 |
+
}
|
891 |
+
if (NF_DISABLED) { return; }
|
892 |
+
|
893 |
+
global $wp_admin_bar;
|
894 |
+
$wp_admin_bar->add_menu( array(
|
895 |
+
'id' => 'nfw_ntw1',
|
896 |
+
'title' => '<img src="' . plugins_url() . '/ninjafirewall/images/ninjafirewall_20.png" ' .
|
897 |
+
'style="vertical-align:middle;margin-right:5px" />',
|
898 |
+
) );
|
899 |
+
|
900 |
+
if ( current_user_can( 'manage_network' ) ) {
|
901 |
+
$wp_admin_bar->add_menu( array(
|
902 |
+
'parent' => 'nfw_ntw1',
|
903 |
+
'id' => 'nfw_ntw2',
|
904 |
+
'title' => __( 'NinjaFirewall Settings', 'ninjafirewall'),
|
905 |
+
'href' => network_admin_url() . 'admin.php?page=NinjaFirewall',
|
906 |
+
) );
|
907 |
+
} else {
|
908 |
+
if ( defined('NFW_STATUS') ) {
|
909 |
+
$wp_admin_bar->add_menu( array(
|
910 |
+
'parent' => 'nfw_ntw1',
|
911 |
+
'id' => 'nfw_ntw2',
|
912 |
+
'title' => __( 'NinjaFirewall is enabled', 'ninjafirewall'),
|
913 |
+
) );
|
914 |
+
}
|
915 |
+
}
|
916 |
+
}
|
917 |
+
|
918 |
+
if ( is_multisite() ) {
|
919 |
+
add_action('admin_bar_menu', 'nf_admin_bar_status', 95);
|
920 |
+
}
|
921 |
+
|
922 |
+
/* ------------------------------------------------------------------ */
|
923 |
+
|
924 |
+
function nf_menu_install() {
|
925 |
+
|
926 |
+
nf_not_allowed( 'block', __LINE__ );
|
927 |
+
|
928 |
+
require_once plugin_dir_path(__FILE__) . 'install.php';
|
929 |
+
}
|
930 |
+
|
931 |
+
/* ------------------------------------------------------------------ */
|
932 |
+
|
933 |
+
function nf_menu_main() {
|
934 |
+
|
935 |
+
nf_not_allowed( 'block', __LINE__ );
|
936 |
+
|
937 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
938 |
+
|
939 |
+
if (! defined('NF_DISABLED') ) {
|
940 |
+
is_nfw_enabled();
|
941 |
+
}
|
942 |
+
|
943 |
+
?>
|
944 |
+
|
945 |
+
<div class="wrap">
|
946 |
+
<div style="width:33px;height:33px;background-image:url(<?php echo plugins_url() ?>/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
947 |
+
<h1><?php _e('NinjaFirewall (WP Edition)', 'ninjafirewall') ?></h1>
|
948 |
+
<?php
|
949 |
+
if ( @NFW_STATUS == 20 && ! empty( $_REQUEST['nfw_firstrun']) ) {
|
950 |
+
echo '<br><div class="updated notice is-dismissible"><p>' .
|
951 |
+
__('Congratulations, NinjaFirewall is up and running!', 'ninjafirewall') . '<br />' .
|
952 |
+
__('If you need help, click on the contextual "Help" menu tab located in the upper right corner of each page.', 'ninjafirewall');
|
953 |
+
if (! empty($_SESSION['email_install']) ) {
|
954 |
+
echo '<p>' . __('A "Quick Start, FAQ & Troubleshooting Guide" email was sent to', 'ninjafirewall') .' <code>' .htmlspecialchars( $_SESSION['email_install'] ) .'</code>.</p>';
|
955 |
+
unset($_SESSION['email_install']);
|
956 |
+
}
|
957 |
+
echo '</p></div>';
|
958 |
+
unset( $_SESSION['abspath'] ); unset( $_SESSION['http_server'] );
|
959 |
+
unset( $_SESSION['php_ini_type'] ); unset( $_SESSION['abspath_writable'] );
|
960 |
+
unset( $_SESSION['ini_write'] ); unset( $_SESSION['htaccess_write'] );
|
961 |
+
unset( $_SESSION['waf_mode'] );
|
962 |
+
}
|
963 |
+
?>
|
964 |
+
<br />
|
965 |
+
<table class="form-table">
|
966 |
+
|
967 |
+
<?php
|
968 |
+
if (NF_DISABLED) {
|
969 |
+
if (! empty($GLOBALS['err_fw'][NF_DISABLED]) ) {
|
970 |
+
$msg = $GLOBALS['err_fw'][NF_DISABLED];
|
971 |
+
} else {
|
972 |
+
$msg = __('unknown error', 'ninjafirewall') . ' #' . NF_DISABLED;
|
973 |
+
}
|
974 |
+
?>
|
975 |
+
<tr>
|
976 |
+
<th scope="row"><?php _e('Firewall', 'ninjafirewall') ?></th>
|
977 |
+
<td width="20" align="left"><img src="<?php echo plugins_url( '/images/icon_error_16.png', __FILE__ ) ?>" border="0" height="16" width="16"></td>
|
978 |
+
<td><?php echo $msg ?></td>
|
979 |
+
</tr>
|
980 |
+
|
981 |
+
<?php
|
982 |
+
} else {
|
983 |
+
?>
|
984 |
+
|
985 |
+
<tr>
|
986 |
+
<th scope="row"><?php _e('Firewall', 'ninjafirewall') ?></th>
|
987 |
+
<td width="20" align="left"> </td>
|
988 |
+
<td><?php _e('Enabled', 'ninjafirewall') ?></td>
|
989 |
+
</tr>
|
990 |
+
|
991 |
+
<?php
|
992 |
+
}
|
993 |
+
|
994 |
+
if ( defined('NFW_WPWAF') ) {
|
995 |
+
$mode = __('WordPress WAF', 'ninjafirewall');
|
996 |
+
} else {
|
997 |
+
$mode = __('Full WAF', 'ninjafirewall');
|
998 |
+
}
|
999 |
+
?>
|
1000 |
+
<tr>
|
1001 |
+
<th scope="row"><?php _e('Mode', 'ninjafirewall') ?></th>
|
1002 |
+
<td width="20" align="left"> </td>
|
1003 |
+
<td><?php printf( __('NinjaFirewall is running in %s mode.', 'ninjafirewall'), '<a href="https://blog.nintechnet.com/full_waf-vs-wordpress_waf/">'. $mode .'</a>'); ?></td>
|
1004 |
+
</tr>
|
1005 |
+
<?php
|
1006 |
+
|
1007 |
+
if (! empty( $nfw_options['debug']) ) {
|
1008 |
+
?>
|
1009 |
+
<tr>
|
1010 |
+
<th scope="row"><?php _e('Debugging mode', 'ninjafirewall') ?></th>
|
1011 |
+
<td width="20" align="left"><img src="<?php echo plugins_url( '/images/icon_error_16.png', __FILE__ ) ?>" border="0" height="16" width="16"></td>
|
1012 |
+
<td><?php _e('Enabled.', 'ninjafirewall') ?> <a href="?page=nfsubopt"><?php _e('Click here to turn Debugging Mode off', 'ninjafirewall') ?></a></td>
|
1013 |
+
</tr>
|
1014 |
+
<?php
|
1015 |
+
}
|
1016 |
+
?>
|
1017 |
+
<tr>
|
1018 |
+
<th scope="row"><?php _e('PHP SAPI', 'ninjafirewall') ?></th>
|
1019 |
+
<td width="20" align="left"> </td>
|
1020 |
+
<td>
|
1021 |
+
<?php
|
1022 |
+
if ( defined('HHVM_VERSION') ) {
|
1023 |
+
echo 'HHVM';
|
1024 |
+
} else {
|
1025 |
+
echo strtoupper(PHP_SAPI);
|
1026 |
+
}
|
1027 |
+
echo ' ~ '. PHP_MAJOR_VERSION .'.'. PHP_MINOR_VERSION .'.'. PHP_RELEASE_VERSION;
|
1028 |
+
?>
|
1029 |
+
</td>
|
1030 |
+
</tr>
|
1031 |
+
<tr>
|
1032 |
+
<th scope="row"><?php _e('Version', 'ninjafirewall') ?></th>
|
1033 |
+
<td width="20" align="left"> </td>
|
1034 |
+
<td><?php echo NFW_ENGINE_VERSION . ' ~ ' . __('Security rules:', 'ninjafirewall' ) . ' ' . preg_replace('/(\d{4})(\d\d)(\d\d)/', '$1-$2-$3', $nfw_options['rules_version']) ?></td>
|
1035 |
+
</tr>
|
1036 |
+
<?php
|
1037 |
+
|
1038 |
+
// If security rules updates are disabled, warn the user:
|
1039 |
+
if ( empty( $nfw_options['enable_updates'] ) ) {
|
1040 |
+
?>
|
1041 |
+
<tr>
|
1042 |
+
<th scope="row"><?php _e('Updates', 'ninjafirewall') ?></th>
|
1043 |
+
<td width="20" align="left"><img src="<?php echo plugins_url() ?>/ninjafirewall/images/icon_warn_16.png" border="0" height="16" width="16"></td>
|
1044 |
+
<td><a href="?page=nfsubupdates"><?php _e( 'Security rules updates are disabled.', 'ninjafirewall' ) ?></a> <?php _e( 'If you want your blog to be protected against the latest threats, enable automatic security rules updates.', 'ninjafirewall' ) ?></td>
|
1045 |
+
</tr>
|
1046 |
+
<?php
|
1047 |
+
}
|
1048 |
+
|
1049 |
+
if ( empty($_SESSION['nfw_goodguy']) ) {
|
1050 |
+
?>
|
1051 |
+
<tr>
|
1052 |
+
<th scope="row"><?php _e('Admin user', 'ninjafirewall') ?></th>
|
1053 |
+
<td width="20" align="left"><img src="<?php echo plugins_url() ?>/ninjafirewall/images/icon_warn_16.png" border="0" height="16" width="16"></td>
|
1054 |
+
<td><?php printf( __('You are not whitelisted. Ensure that the "Do not block WordPress administrator" option is enabled in the <a href="%s">Firewall Policies</a> menu, otherwise you will likely get blocked by the firewall while working from your administration dashboard.', 'ninjafirewall'), '?page=nfsubpolicies') ?></td>
|
1055 |
+
</tr>
|
1056 |
+
<?php
|
1057 |
+
} else {
|
1058 |
+
$current_user = wp_get_current_user();
|
1059 |
+
?>
|
1060 |
+
<tr>
|
1061 |
+
<th scope="row"><?php _e('Admin user', 'ninjafirewall') ?></th>
|
1062 |
+
<td width="20" align="left"> </td>
|
1063 |
+
<td><code><?php echo htmlspecialchars($current_user->user_login) ?></code>: <?php _e('You are whitelisted by the firewall.', 'ninjafirewall') ?></td>
|
1064 |
+
</tr>
|
1065 |
+
<?php
|
1066 |
+
}
|
1067 |
+
if ( defined('NFW_ALLOWED_ADMIN') && ! is_multisite() ) {
|
1068 |
+
?>
|
1069 |
+
<tr>
|
1070 |
+
<th scope="row"><?php _e('Restrictions', 'ninjafirewall') ?></th>
|
1071 |
+
<td width="20" align="left"> </td>
|
1072 |
+
<td><?php _e('Access to NinjaFirewall is restricted to:', 'ninjafirewall') ?> <code><?php echo htmlspecialchars(NFW_ALLOWED_ADMIN) ?></code></td>
|
1073 |
+
</tr>
|
1074 |
+
<?php
|
1075 |
+
}
|
1076 |
+
|
1077 |
+
if (! empty($_SESSION['nfw_st']) && ! NF_DISABLED && empty($_REQUEST['nfw_firstrun']) ) {
|
1078 |
+
?>
|
1079 |
+
<tr>
|
1080 |
+
<th scope="row"><?php _e('User session', 'ninjafirewall') ?></th>
|
1081 |
+
<td width="20" align="left"><img src="<?php echo plugins_url() . '/ninjafirewall/images/icon_warn_16.png' ?>" border="0" height="16" width="16"></td>
|
1082 |
+
<td><?php _e('It seems the user session was not set by the firewall script or may have been destroyed by another plugin. You may get blocked by the firewall while working from the WordPress administration dashboard.', 'ninjafirewall') ?></td>
|
1083 |
+
</tr>
|
1084 |
+
<?php
|
1085 |
+
unset($_SESSION['nfw_st']);
|
1086 |
+
}
|
1087 |
+
if ( defined('NFW_SWL') && ! empty($_SESSION['nfw_goodguy']) && empty($_REQUEST['nfw_firstrun']) ) {
|
1088 |
+
?>
|
1089 |
+
<tr>
|
1090 |
+
<th scope="row"><?php _e('User session', 'ninjafirewall') ?></th>
|
1091 |
+
<td width="20" align="left"><img src="<?php echo plugins_url() . '/ninjafirewall/images/icon_warn_16.png' ?>" border="0" height="16" width="16"></td>
|
1092 |
+
<td><?php _e('It seems that the user session set by NinjaFirewall was not found by the firewall script. You may get blocked by the firewall while working from the WordPress administration dashboard.', 'ninjafirewall') ?></td>
|
1093 |
+
</tr>
|
1094 |
+
<?php
|
1095 |
+
}
|
1096 |
+
|
1097 |
+
if ( ! empty( $nfw_options['clogs_pubkey'] ) ) {
|
1098 |
+
$err_msg = $ok_msg = '';
|
1099 |
+
if (! preg_match( '/^[a-f0-9]{40}:([a-f0-9:.]{3,39}|\*)$/', $nfw_options['clogs_pubkey'], $match ) ) {
|
1100 |
+
$err_msg = sprintf( __('the public key is invalid. Please <a href="%s">check your configuration</a>.', 'ninjafirewall'), '?page=nfsublog#clogs');
|
1101 |
+
|
1102 |
+
} else {
|
1103 |
+
if ( $match[1] == '*' ) {
|
1104 |
+
$ok_msg = __( "No IP address restriction.", 'ninjafirewall');
|
1105 |
+
|
1106 |
+
} elseif ( filter_var( $match[1], FILTER_VALIDATE_IP ) ) {
|
1107 |
+
$ok_msg = sprintf( __("IP address %s is allowed to access NinjaFirewall's log on this server.", 'ninjafirewall'), htmlspecialchars( $match[1]) );
|
1108 |
+
|
1109 |
+
} else {
|
1110 |
+
$err_msg = sprintf( __('the whitelisted IP is not valid. Please <a href="%s">check your configuration</a>.', 'ninjafirewall'), '?page=nfsublog#clogs');
|
1111 |
+
}
|
1112 |
+
}
|
1113 |
+
?>
|
1114 |
+
<tr>
|
1115 |
+
<th scope="row"><?php _e('Centralized Logging', 'ninjafirewall') ?></th>
|
1116 |
+
<?php
|
1117 |
+
if ( $err_msg ) {
|
1118 |
+
?>
|
1119 |
+
<td width="20" align="left"><img src="<?php echo plugins_url() . '/ninjafirewall/images/icon_error_16.png' ?>" border="0" height="16" width="16"></td>
|
1120 |
+
<td><?php printf( __('Error: %s', 'ninjafirewall'), $err_msg) ?></td>
|
1121 |
+
</tr>
|
1122 |
+
<?php
|
1123 |
+
$err_msg = '';
|
1124 |
+
} else {
|
1125 |
+
?>
|
1126 |
+
<td width="20" align="left"> </td>
|
1127 |
+
<td><a href="?page=nfsublog#clogs"><?php _e('Enabled', 'ninjafirewall'); echo "</a>. $ok_msg"; ?></td>
|
1128 |
+
</tr>
|
1129 |
+
<?php
|
1130 |
+
}
|
1131 |
+
}
|
1132 |
+
|
1133 |
+
|
1134 |
+
|
1135 |
+
if (! filter_var(NFW_REMOTE_ADDR, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) ) {
|
1136 |
+
?>
|
1137 |
+
<tr>
|
1138 |
+
<th scope="row"><?php _e('Source IP', 'ninjafirewall') ?></th>
|
1139 |
+
<td width="20" align="left"><img src="<?php echo plugins_url( '/images/icon_warn_16.png', __FILE__ )?>" border="0" height="16" width="16"></td>
|
1140 |
+
<td><?php printf( __('You have a private IP : %s', 'ninjafirewall') .'<br />'. __('If your site is behind a reverse proxy or a load balancer, ensure that you have setup your HTTP server or PHP to forward the correct visitor IP, otherwise use the NinjaFirewall %s configuration file.', 'ninjafirewall'), htmlentities(NFW_REMOTE_ADDR), '<code><a href="https://nintechnet.com/ninjafirewall/wp-edition/help/?htninja">.htninja</a></code>') ?></td>
|
1141 |
+
</tr>
|
1142 |
+
<?php
|
1143 |
+
}
|
1144 |
+
if (! empty($_SERVER["HTTP_CF_CONNECTING_IP"]) ) {
|
1145 |
+
if ( NFW_REMOTE_ADDR != $_SERVER["HTTP_CF_CONNECTING_IP"] ) {
|
1146 |
+
?>
|
1147 |
+
<tr>
|
1148 |
+
<th scope="row"><?php _e('CDN detection', 'ninjafirewall') ?></th>
|
1149 |
+
<td width="20" align="left"><img src="<?php echo plugins_url( '/images/icon_warn_16.png', __FILE__ )?>" border="0" height="16" width="16"></td>
|
1150 |
+
<td><?php printf( __('%s detected: you seem to be using Cloudflare CDN services. Ensure that you have setup your HTTP server or PHP to forward the correct visitor IP, otherwise use the NinjaFirewall %s configuration file.', 'ninjafirewall'), '<code>HTTP_CF_CONNECTING_IP</code>', '<code><a href="https://nintechnet.com/ninjafirewall/wp-edition/help/?htninja">.htninja</a></code>') ?></td>
|
1151 |
+
</tr>
|
1152 |
+
<?php
|
1153 |
+
}
|
1154 |
+
}
|
1155 |
+
if (! empty($_SERVER["HTTP_INCAP_CLIENT_IP"]) ) {
|
1156 |
+
if ( NFW_REMOTE_ADDR != $_SERVER["HTTP_INCAP_CLIENT_IP"] ) {
|
1157 |
+
?>
|
1158 |
+
<tr>
|
1159 |
+
<th scope="row"><?php _e('CDN detection', 'ninjafirewall') ?></th>
|
1160 |
+
<td width="20" align="left"><img src="<?php echo plugins_url( '/images/icon_warn_16.png', __FILE__ )?>" border="0" height="16" width="16"></td>
|
1161 |
+
<td><?php printf( __('%s detected: you seem to be using Incapsula CDN services. Ensure that you have setup your HTTP server or PHP to forward the correct visitor IP, otherwise use the NinjaFirewall %s configuration file.', 'ninjafirewall'), '<code>HTTP_INCAP_CLIENT_IP</code>', '<code><a href="https://nintechnet.com/ninjafirewall/wp-edition/help/?htninja">.htninja</a></code>') ?></td>
|
1162 |
+
</tr>
|
1163 |
+
<?php
|
1164 |
+
}
|
1165 |
+
}
|
1166 |
+
|
1167 |
+
if (! is_writable( NFW_LOG_DIR . '/nfwlog') ) {
|
1168 |
+
?>
|
1169 |
+
<tr>
|
1170 |
+
<th scope="row"><?php _e('Log dir', 'ninjafirewall') ?></th>
|
1171 |
+
<td width="20" align="left"><img src="<?php echo plugins_url( '/images/icon_error_16.png', __FILE__ )?>" border="0" height="16" width="16"></td>
|
1172 |
+
<td><?php printf( __('%s directory is not writable! Please chmod it to 0777 or equivalent.', 'ninjafirewall'), '<code>'. htmlspecialchars(NFW_LOG_DIR) .'/nfwlog/</code>') ?></td>
|
1173 |
+
</tr>
|
1174 |
+
<?php
|
1175 |
+
}
|
1176 |
+
|
1177 |
+
if (! is_writable( NFW_LOG_DIR . '/nfwlog/cache') ) {
|
1178 |
+
?>
|
1179 |
+
<tr>
|
1180 |
+
<th scope="row"><?php _e('Log dir', 'ninjafirewall') ?></th>
|
1181 |
+
<td width="20" align="left"><img src="<?php echo plugins_url( '/images/icon_error_16.png', __FILE__ )?>" border="0" height="16" width="16"></td>
|
1182 |
+
<td><?php printf(__('%s directory is not writable! Please chmod it to 0777 or equivalent.', 'ninjafirewall'), '<code>'. htmlspecialchars(NFW_LOG_DIR) . '/nfwlog/cache/</code>') ?></td>
|
1183 |
+
</tr>
|
1184 |
+
<?php
|
1185 |
+
}
|
1186 |
+
|
1187 |
+
$doc_root = rtrim($_SERVER['DOCUMENT_ROOT'], '/');
|
1188 |
+
if ( @file_exists( $file = dirname( $doc_root ) . '/.htninja') ||
|
1189 |
+
@file_exists( $file = $doc_root . '/.htninja') ) {
|
1190 |
+
echo '<tr><th scope="row">' . __('Optional configuration file', 'ninjafirewall') . '</th>
|
1191 |
+
<td width="20"> </td>
|
1192 |
+
<td><code>' . htmlentities($file) . '</code></td>
|
1193 |
+
</tr>';
|
1194 |
+
}
|
1195 |
+
|
1196 |
+
echo '</table>';
|
1197 |
+
?>
|
1198 |
+
</div>
|
1199 |
+
|
1200 |
+
<?php
|
1201 |
+
}
|
1202 |
+
|
1203 |
+
/* ------------------------------------------------------------------ */
|
1204 |
+
|
1205 |
+
function nf_sub_statistics() {
|
1206 |
+
|
1207 |
+
require plugin_dir_path(__FILE__) . 'lib/nf_sub_statistics.php';
|
1208 |
+
|
1209 |
+
}
|
1210 |
+
|
1211 |
+
/* ------------------------------------------------------------------ */
|
1212 |
+
|
1213 |
+
function nf_sub_options() { // i18n
|
1214 |
+
|
1215 |
+
require plugin_dir_path(__FILE__) . 'lib/nf_sub_options.php';
|
1216 |
+
|
1217 |
+
}
|
1218 |
+
|
1219 |
+
/* ------------------------------------------------------------------ */
|
1220 |
+
|
1221 |
+
function nf_sub_policies() {
|
1222 |
+
|
1223 |
+
nf_not_allowed( 'block', __LINE__ );
|
1224 |
+
|
1225 |
+
$yes = __('Yes', 'ninjafirewall');
|
1226 |
+
$no = __('No', 'ninjafirewall');
|
1227 |
+
$default = ' ' . __('(default)', 'ninjafirewall');
|
1228 |
+
$full_waf_msg = '<br /><img src="' . plugins_url() . '/ninjafirewall/images/icon_warn_16.png" border="0" height="16" width="16"> <span class="description">' . sprintf( __('This feature is only available when NinjaFirewall is running in %s mode.', 'ninjafirewall'), '<a href="https://blog.nintechnet.com/full_waf-vs-wordpress_waf/">Full WAF</a>') . '</span>';
|
1229 |
+
if ( defined('NFW_WPWAF') ) {
|
1230 |
+
$option_disabled = 1;
|
1231 |
+
} else {
|
1232 |
+
$option_disabled = 0;
|
1233 |
+
}
|
1234 |
+
|
1235 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
1236 |
+
$nfw_rules = nfw_get_option( 'nfw_rules' );
|
1237 |
+
|
1238 |
+
echo '
|
1239 |
+
<script>
|
1240 |
+
function restore() {
|
1241 |
+
if (confirm("' . esc_js( __('All fields will be restored to their default values. Go ahead?', 'ninjafirewall') ) . '")){
|
1242 |
+
return true;
|
1243 |
+
}else{
|
1244 |
+
return false;
|
1245 |
+
}
|
1246 |
+
}
|
1247 |
+
function chksubmenu() {
|
1248 |
+
if (document.fwrules.elements[\'nfw_options[uploads]\'].value > 0) {
|
1249 |
+
document.fwrules.san.disabled = false;
|
1250 |
+
document.fwrules.subs.disabled = false;
|
1251 |
+
document.getElementById("sanitize-fn").style.color = "#444";
|
1252 |
+
} else {
|
1253 |
+
document.fwrules.san.disabled = true;
|
1254 |
+
document.fwrules.subs.disabled = true;
|
1255 |
+
document.getElementById("sanitize-fn").style.color = "#bbbbbb";
|
1256 |
+
}
|
1257 |
+
}
|
1258 |
+
function csp_onoff(what, csp) {
|
1259 |
+
if (what == 0) {
|
1260 |
+
document.getElementById(csp).readOnly = true;
|
1261 |
+
} else {
|
1262 |
+
document.getElementById(csp).readOnly = false;
|
1263 |
+
document.getElementById(csp).focus();
|
1264 |
+
}
|
1265 |
+
}
|
1266 |
+
function ssl_warn() {';
|
1267 |
+
if ($_SERVER['SERVER_PORT'] == 443 ) {
|
1268 |
+
echo 'return true;';
|
1269 |
+
} else {
|
1270 |
+
echo '
|
1271 |
+
if (confirm("' . esc_js( __('WARNING: ensure that you can access your admin console over HTTPS before enabling this option, otherwise you will lock yourself out of your site. Go ahead?', 'ninjafirewall') ) . '")){
|
1272 |
+
return true;
|
1273 |
+
}
|
1274 |
+
return false;';
|
1275 |
+
}
|
1276 |
+
echo '
|
1277 |
+
}
|
1278 |
+
function sanitise_fn(cbox) {
|
1279 |
+
if(cbox.checked) {
|
1280 |
+
if (confirm("' . esc_js( __('Any character that is not a letter [a-zA-Z], a digit [0-9], a dot [.], a hyphen [-] or an underscore [_] will be removed from the filename and replaced with the substitution character. Continue?', 'ninjafirewall') ) . '")){
|
1281 |
+
return true;
|
1282 |
+
}
|
1283 |
+
return false;
|
1284 |
+
}
|
1285 |
+
}
|
1286 |
+
function nfw_switch_tabs(tab) {
|
1287 |
+
if ( tab == 1 ) {
|
1288 |
+
jQuery("#basic-options").show(); jQuery("#tab-1").addClass("nav-tab-active");
|
1289 |
+
jQuery("#intermediate-options").hide(); jQuery("#tab-2").removeClass("nav-tab-active");
|
1290 |
+
jQuery("#advanced-options").hide(); jQuery("#tab-3").removeClass("nav-tab-active");
|
1291 |
+
|
1292 |
+
} else if ( tab == 2 ) {
|
1293 |
+
jQuery("#basic-options").hide(); jQuery("#tab-1").removeClass("nav-tab-active");
|
1294 |
+
jQuery("#intermediate-options").show(); jQuery("#tab-2").addClass("nav-tab-active");
|
1295 |
+
jQuery("#advanced-options").hide(); jQuery("#tab-3").removeClass("nav-tab-active");
|
1296 |
+
|
1297 |
+
} else if ( tab ==3 ) {
|
1298 |
+
jQuery("#basic-options").hide(); jQuery("#tab-1").removeClass("nav-tab-active");
|
1299 |
+
jQuery("#intermediate-options").hide(); jQuery("#tab-2").removeClass("nav-tab-active");
|
1300 |
+
jQuery("#advanced-options").show(); jQuery("#tab-3").addClass("nav-tab-active");
|
1301 |
+
}
|
1302 |
+
}
|
1303 |
+
</script>
|
1304 |
+
|
1305 |
+
<div class="wrap">
|
1306 |
+
<div style="width:33px;height:33px;background-image:url( ' . plugins_url() . '/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
1307 |
+
<h1>' . __('Firewall Policies', 'ninjafirewall') . '</h1>';
|
1308 |
+
|
1309 |
+
if ( isset( $_POST['nfw_options']) ) {
|
1310 |
+
if ( empty($_POST['nfwnonce']) || ! wp_verify_nonce($_POST['nfwnonce'], 'policies_save') ) {
|
1311 |
+
wp_nonce_ays('policies_save');
|
1312 |
+
}
|
1313 |
+
if (! empty($_POST['Save']) ) {
|
1314 |
+
nf_sub_policies_save();
|
1315 |
+
echo '<div class="updated notice is-dismissible"><p>' . __('Your changes have been saved.', 'ninjafirewall') . '</p></div>';
|
1316 |
+
} elseif (! empty($_POST['Default']) ) {
|
1317 |
+
nf_sub_policies_default();
|
1318 |
+
echo '<div class="updated notice is-dismissible"><p>' . __('Default values were restored.', 'ninjafirewall') . '</p></div>';
|
1319 |
+
} else {
|
1320 |
+
echo '<div class="error notice is-dismissible"><p>' . __('No action taken.', 'ninjafirewall') . '</p></div>';
|
1321 |
+
}
|
1322 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
1323 |
+
$nfw_rules = nfw_get_option( 'nfw_rules' );
|
1324 |
+
}
|
1325 |
+
|
1326 |
+
?>
|
1327 |
+
<br />
|
1328 |
+
<h2 class="nav-tab-wrapper wp-clearfix" style="cursor:pointer">
|
1329 |
+
<a id="tab-1" class="nav-tab nav-tab-active" onClick="nfw_switch_tabs(1)"><?php _e( 'Basic Policies', 'ninjafirewall' ) ?></a>
|
1330 |
+
<a id="tab-2" class="nav-tab" onClick="nfw_switch_tabs(2)"><?php _e( 'Intermediate Policies', 'ninjafirewall' ) ?></a>
|
1331 |
+
<a id="tab-3" class="nav-tab" onClick="nfw_switch_tabs(3)"><?php _e( 'Advanced Policies', 'ninjafirewall' ) ?></a>
|
1332 |
+
</h2>
|
1333 |
+
<br />
|
1334 |
+
<?php
|
1335 |
+
|
1336 |
+
echo '<form method="post" name="fwrules">';
|
1337 |
+
wp_nonce_field('policies_save', 'nfwnonce', 0);
|
1338 |
+
|
1339 |
+
// ==========================================================================
|
1340 |
+
// Basic options:
|
1341 |
+
?>
|
1342 |
+
<div id="basic-options">
|
1343 |
+
<?php
|
1344 |
+
if ( ( isset( $nfw_options['scan_protocol']) ) &&
|
1345 |
+
( preg_match( '/^[123]$/', $nfw_options['scan_protocol']) ) ) {
|
1346 |
+
$scan_protocol = $nfw_options['scan_protocol'];
|
1347 |
+
} else {
|
1348 |
+
$scan_protocol = 3;
|
1349 |
+
}
|
1350 |
+
|
1351 |
+
?>
|
1352 |
+
<h3>HTTP / HTTPS</h3>
|
1353 |
+
<table class="form-table">
|
1354 |
+
<tr>
|
1355 |
+
<th scope="row"><?php _e('Enable NinjaFirewall for', 'ninjafirewall') ?></th>
|
1356 |
+
<td width="20"> </td>
|
1357 |
+
<td align="left">
|
1358 |
+
<p><label><input type="radio" name="nfw_options[scan_protocol]" value="3"<?php checked($scan_protocol, 3 ) ?>> <?php _e('HTTP and HTTPS traffic (default)', 'ninjafirewall') ?></label></p>
|
1359 |
+
<p><label><input type="radio" name="nfw_options[scan_protocol]" value="1"<?php checked($scan_protocol, 1 ) ?>> <?php _e('HTTP traffic only', 'ninjafirewall') ?></label></p>
|
1360 |
+
<p><label><input type="radio" name="nfw_options[scan_protocol]" value="2"<?php checked($scan_protocol, 2 ) ?>> <?php _e('HTTPS traffic only', 'ninjafirewall') ?></label></p>
|
1361 |
+
</td>
|
1362 |
+
</tr>
|
1363 |
+
</table>
|
1364 |
+
|
1365 |
+
<?php
|
1366 |
+
if ( empty( $nfw_options['sanitise_fn']) ) {
|
1367 |
+
$sanitise_fn = 0;
|
1368 |
+
} else {
|
1369 |
+
$sanitise_fn = 1;
|
1370 |
+
}
|
1371 |
+
if ( empty( $nfw_options['uploads']) ) {
|
1372 |
+
$uploads = 0;
|
1373 |
+
$sanitise_fn = 0;
|
1374 |
+
} else {
|
1375 |
+
$uploads = 1;
|
1376 |
+
}
|
1377 |
+
if ( empty( $nfw_options['substitute'] ) || strlen( $nfw_options['substitute'] ) > 1 || $nfw_options['substitute'] == '/' ) {
|
1378 |
+
$substitute = 'X';
|
1379 |
+
} else {
|
1380 |
+
$substitute = htmlspecialchars( $nfw_options['substitute'] );
|
1381 |
+
}
|
1382 |
+
?>
|
1383 |
+
<br />
|
1384 |
+
<h3><?php _e('Uploads', 'ninjafirewall') ?></h3>
|
1385 |
+
<table class="form-table">
|
1386 |
+
<tr>
|
1387 |
+
<th scope="row"><?php _e('File Uploads', 'ninjafirewall') ?></th>
|
1388 |
+
<td width="20"> </td>
|
1389 |
+
<td align="left">
|
1390 |
+
<select name="nfw_options[uploads]" onchange="chksubmenu();">
|
1391 |
+
<option value="1"<?php selected( $uploads, 1 ) ?>><?php _e('Allow uploads', 'ninjafirewall') ?></option>
|
1392 |
+
<option value="0"<?php selected( $uploads, 0 ) ?>><?php _e('Disallow uploads (default)', 'ninjafirewall') ?></option>
|
1393 |
+
</select>
|
1394 |
+
<p id="sanitize-fn"<?php if (! $uploads) { echo ' style="color:#bbbbbb;"'; }?>>
|
1395 |
+
<label><input type="checkbox" onclick='return sanitise_fn(this);' name="nfw_options[sanitise_fn]"<?php checked( $sanitise_fn, 1 ); disabled( $uploads, 0 ) ?> id="san"> <?php _e('Sanitise filenames', 'ninjafirewall') ?> (<?php _e('substitution character:', 'ninjafirewall') ?></label> <input id="subs" maxlength="1" size="1" value="<?php echo $substitute ?>" name="nfw_options[substitute]" type="text" <?php disabled( $uploads, 0 ) ?>/> )
|
1396 |
+
</p>
|
1397 |
+
</td>
|
1398 |
+
</tr>
|
1399 |
+
</table>
|
1400 |
+
|
1401 |
+
<br />
|
1402 |
+
|
1403 |
+
<?php
|
1404 |
+
if ( @strpos( $nfw_options['wp_dir'], 'wp-admin' ) !== FALSE ) {
|
1405 |
+
$wp_admin = 1;
|
1406 |
+
} else {
|
1407 |
+
$wp_admin = 0;
|
1408 |
+
}
|
1409 |
+
if ( @strpos( $nfw_options['wp_dir'], 'wp-includes' ) !== FALSE ) {
|
1410 |
+
$wp_inc = 1;
|
1411 |
+
} else {
|
1412 |
+
$wp_inc = 0;
|
1413 |
+
}
|
1414 |
+
if ( @strpos( $nfw_options['wp_dir'], 'uploads' ) !== FALSE ) {
|
1415 |
+
$wp_upl = 1;
|
1416 |
+
} else {
|
1417 |
+
$wp_upl = 0;
|
1418 |
+
}
|
1419 |
+
if ( @strpos( $nfw_options['wp_dir'], 'cache' ) !== FALSE ) {
|
1420 |
+
$wp_cache = 1;
|
1421 |
+
} else {
|
1422 |
+
$wp_cache = 0;
|
1423 |
+
}
|
1424 |
+
if ( empty( $nfw_options['enum_archives']) ) {
|
1425 |
+
$enum_archives = 0;
|
1426 |
+
} else {
|
1427 |
+
$enum_archives = 1;
|
1428 |
+
}
|
1429 |
+
if ( empty( $nfw_options['enum_login']) ) {
|
1430 |
+
$enum_login = 0;
|
1431 |
+
} else {
|
1432 |
+
$enum_login = 1;
|
1433 |
+
}
|
1434 |
+
if ( empty( $nfw_options['enum_restapi']) ) {
|
1435 |
+
$enum_restapi = 0;
|
1436 |
+
} else {
|
1437 |
+
$enum_restapi = 1;
|
1438 |
+
}
|
1439 |
+
if ( empty( $nfw_options['no_restapi']) ) {
|
1440 |
+
$no_restapi = 0;
|
1441 |
+
} else {
|
1442 |
+
$no_restapi = 1;
|
1443 |
+
}
|
1444 |
+
if ( empty( $nfw_options['no_xmlrpc']) ) {
|
1445 |
+
$no_xmlrpc = 0;
|
1446 |
+
} else {
|
1447 |
+
$no_xmlrpc = 1;
|
1448 |
+
}
|
1449 |
+
if ( empty( $nfw_options['no_xmlrpc_multi']) ) {
|
1450 |
+
$no_xmlrpc_multi = 0;
|
1451 |
+
} else {
|
1452 |
+
$no_xmlrpc_multi = 1;
|
1453 |
+
}
|
1454 |
+
if ( empty( $nfw_options['no_xmlrpc_pingback']) ) {
|
1455 |
+
$no_xmlrpc_pingback = 0;
|
1456 |
+
} else {
|
1457 |
+
$no_xmlrpc_pingback = 1;
|
1458 |
+
}
|
1459 |
+
if ( empty( $nfw_options['no_post_themes']) ) {
|
1460 |
+
$no_post_themes = 0;
|
1461 |
+
} else {
|
1462 |
+
$no_post_themes = 1;
|
1463 |
+
}
|
1464 |
+
|
1465 |
+
if ( empty( $nfw_options['force_ssl']) ) {
|
1466 |
+
$force_ssl = 0;
|
1467 |
+
} else {
|
1468 |
+
$force_ssl = 1;
|
1469 |
+
}
|
1470 |
+
if ( empty( $nfw_options['disallow_edit']) ) {
|
1471 |
+
$disallow_edit = 0;
|
1472 |
+
} else {
|
1473 |
+
$disallow_edit = 1;
|
1474 |
+
}
|
1475 |
+
if ( empty( $nfw_options['disallow_mods']) ) {
|
1476 |
+
$disallow_mods = 0;
|
1477 |
+
} else {
|
1478 |
+
$disallow_mods = 1;
|
1479 |
+
}
|
1480 |
+
|
1481 |
+
$force_ssl_already_enabled = $disallow_edit_already_enabled = $disallow_mods_already_enabled = 0;
|
1482 |
+
if ( defined('DISALLOW_FILE_EDIT') && ! $disallow_edit ) {
|
1483 |
+
$disallow_edit_already_enabled = 1;
|
1484 |
+
}
|
1485 |
+
if ( defined('DISALLOW_FILE_MODS') && ! $disallow_mods ) {
|
1486 |
+
$disallow_mods_already_enabled = 1;
|
1487 |
+
}
|
1488 |
+
if ( defined('FORCE_SSL_ADMIN') && FORCE_SSL_ADMIN == true && ! $force_ssl ) {
|
1489 |
+
$force_ssl_already_enabled = 1;
|
1490 |
+
}
|
1491 |
+
?>
|
1492 |
+
<h3>WordPress</h3>
|
1493 |
+
<table class="form-table">
|
1494 |
+
<tr>
|
1495 |
+
<th scope="row"><?php
|
1496 |
+
_e('Block direct access to any PHP file located in one of these directories', 'ninjafirewall');
|
1497 |
+
if ( defined('NFW_WPWAF') ) {
|
1498 |
+
echo '<br /><font style="font-weight:400">' . $full_waf_msg . '</font>';
|
1499 |
+
}
|
1500 |
+
?></th>
|
1501 |
+
<td width="20"> </td>
|
1502 |
+
<td align="left">
|
1503 |
+
<table class="form-table">
|
1504 |
+
<tr style="border: solid 1px #DFDFDF;">
|
1505 |
+
<td align="center" width="10"><input type="checkbox" name="nfw_options[wp_admin]" id="wp_01"<?php checked( $wp_admin, 1 ); disabled( $option_disabled, 1) ?>></td>
|
1506 |
+
<td>
|
1507 |
+
<label for="wp_01">
|
1508 |
+
<p><code>/wp-admin/css/*</code></p>
|
1509 |
+
<p><code>/wp-admin/images/*</code></p>
|
1510 |
+
<p><code>/wp-admin/includes/*</code></p>
|
1511 |
+
<p><code>/wp-admin/js/*</code></p>
|
1512 |
+
</label>
|
1513 |
+
</td>
|
1514 |
+
</tr>
|
1515 |
+
<tr style="border: solid 1px #DFDFDF;">
|
1516 |
+
<td align="center" width="10"><input type="checkbox" name="nfw_options[wp_inc]" id="wp_02"<?php checked( $wp_inc, 1 ); disabled( $option_disabled, 1) ?>></td>
|
1517 |
+
<td>
|
1518 |
+
<label for="wp_02">
|
1519 |
+
<p><code>/wp-includes/*.php</code></p>
|
1520 |
+
<p><code>/wp-includes/css/*</code></p>
|
1521 |
+
<p><code>/wp-includes/images/*</code></p>
|
1522 |
+
<p><code>/wp-includes/js/*</code></p>
|
1523 |
+
<p><code>/wp-includes/theme-compat/*</code></p>
|
1524 |
+
</label>
|
1525 |
+
<br />
|
1526 |
+
<span class="description"><?php _e('NinjaFirewall will not block access to the TinyMCE WYSIWYG editor even if this option is enabled.', 'ninjafirewall') ?></span>
|
1527 |
+
</td>
|
1528 |
+
</tr>
|
1529 |
+
<tr style="border: solid 1px #DFDFDF;">
|
1530 |
+
<td align="center" width="10"><input type="checkbox" name="nfw_options[wp_upl]" id="wp_03"<?php checked( $wp_upl, 1 ); disabled( $option_disabled, 1) ?>></td>
|
1531 |
+
<td><label for="wp_03">
|
1532 |
+
<p><code>/<?php echo basename(WP_CONTENT_DIR); ?>/uploads/*</code></p>
|
1533 |
+
<p><code>/<?php echo basename(WP_CONTENT_DIR); ?>/blogs.dir/*</code></p>
|
1534 |
+
</label></td>
|
1535 |
+
</tr>
|
1536 |
+
<tr style="border: solid 1px #DFDFDF;">
|
1537 |
+
<td align="center" style="vertical-align:top" width="10"><input type="checkbox" name="nfw_options[wp_cache]" id="wp_04"<?php checked( $wp_cache, 1 ); disabled( $option_disabled, 1) ?>></td>
|
1538 |
+
<td style="vertical-align:top"><label for="wp_04"><code>*/cache/*</code></label>
|
1539 |
+
<br />
|
1540 |
+
<br />
|
1541 |
+
<span class="description"><?php _e('Unless you have PHP scripts in a "/cache/" folder that need to be accessed by your visitors, we recommend to enable this option.', 'ninjafirewall') ?></span>
|
1542 |
+
</td>
|
1543 |
+
</tr>
|
1544 |
+
</table>
|
1545 |
+
<br />
|
1546 |
+
</td>
|
1547 |
+
</tr>
|
1548 |
+
</table>
|
1549 |
+
|
1550 |
+
<?php
|
1551 |
+
if ( is_dir( WP_PLUGIN_DIR . '/jetpack' ) ) {
|
1552 |
+
$is_JetPack = '<p><img src="' . plugins_url() . '/ninjafirewall/images/icon_warn_16.png" border="0" height="16" width="16"> <span class="description">' . __('If you are using the Jetpack plugin, blocking <code>system.multicall</code> may prevent it from working correctly.', 'ninjafirewall') . '</span></p>';
|
1553 |
+
} else {
|
1554 |
+
$is_JetPack = '';
|
1555 |
+
}
|
1556 |
+
?>
|
1557 |
+
|
1558 |
+
<table class="form-table">
|
1559 |
+
<tr>
|
1560 |
+
<th scope="row"><?php _e('Protect against username enumeration', 'ninjafirewall') ?></th>
|
1561 |
+
<td width="20"> </td>
|
1562 |
+
<td align="left">
|
1563 |
+
<p><label><input type="checkbox" name="nfw_options[enum_archives]" value="1"<?php checked( $enum_archives, 1 ) ?>> <?php _e('Through the author archives', 'ninjafirewall') ?></label></p>
|
1564 |
+
<p><label><input type="checkbox" name="nfw_options[enum_login]" value="1"<?php checked( $enum_login, 1 ) ?>> <?php _e('Through the login page', 'ninjafirewall') ?></label></p>
|
1565 |
+
<p><label><input type="checkbox" name="nfw_options[enum_restapi]" value="1"<?php checked( $enum_restapi, 1 ) ?>> <?php _e('Through the WordPress REST API', 'ninjafirewall') ?></label></p>
|
1566 |
+
</td>
|
1567 |
+
</tr>
|
1568 |
+
|
1569 |
+
<?php
|
1570 |
+
global $wp_version;
|
1571 |
+
if ( version_compare( $wp_version, '4.7', '<' ) ) {
|
1572 |
+
$restapi_error = '1';
|
1573 |
+
$restapi_msg = '<p><img src="' . plugins_url() . '/ninjafirewall/images/icon_warn_16.png" border="0" height="16" width="16"> <span class="description">' . __('This feature is only available when running WordPress 4.7 or above.', 'ninjafirewall') . '</span></p>';
|
1574 |
+
} else {
|
1575 |
+
$restapi_msg = '';
|
1576 |
+
$restapi_error = 0;
|
1577 |
+
}
|
1578 |
+
?>
|
1579 |
+
<tr>
|
1580 |
+
<th scope="row"><?php _e('WordPress REST API', 'ninjafirewall') ?>*</th>
|
1581 |
+
<td width="20"> </td>
|
1582 |
+
<td align="left">
|
1583 |
+
<p><label><input type="checkbox" name="nfw_options[no_restapi]" value="1"<?php checked( $no_restapi, 1 );disabled( $restapi_error, 1) ?>> <?php _e('Block any access to the API', 'ninjafirewall') ?></label></p>
|
1584 |
+
<?php echo $restapi_msg; ?>
|
1585 |
+
</td>
|
1586 |
+
</tr>
|
1587 |
+
|
1588 |
+
<tr>
|
1589 |
+
<th scope="row"><?php _e('WordPress XML-RPC API', 'ninjafirewall') ?>*</th>
|
1590 |
+
<td width="20"> </td>
|
1591 |
+
<td align="left">
|
1592 |
+
<p><label><input type="checkbox" name="nfw_options[no_xmlrpc]" value="1"<?php checked( $no_xmlrpc, 1 ) ?>> <?php _e('Block any access to the API', 'ninjafirewall') ?></label></p>
|
1593 |
+
<p><label><input type="checkbox" name="nfw_options[no_xmlrpc_multi]" value="1"<?php checked( $no_xmlrpc_multi, 1 ) ?>> <?php _e('Block <code>system.multicall</code> method', 'ninjafirewall') ?></label></p>
|
1594 |
+
<?php echo $is_JetPack; ?>
|
1595 |
+
<p><label><input type="checkbox" name="nfw_options[no_xmlrpc_pingback]" value="1"<?php checked( $no_xmlrpc_pingback, 1 ) ?>> <?php _e('Block Pingbacks', 'ninjafirewall') ?></label></p>
|
1596 |
+
</td>
|
1597 |
+
</tr>
|
1598 |
+
</table>
|
1599 |
+
|
1600 |
+
<span class="description">*<?php _e('Disabling access to the REST or XML-RPC API may break some functionality on your blog, its themes or plugins.', 'ninjafirewall') ?></span>
|
1601 |
+
|
1602 |
+
<table class="form-table">
|
1603 |
+
<tr valign="top">
|
1604 |
+
<th scope="row" style="vertical-align:top"><?php _e('Block <code>POST</code> requests in the themes folder', 'ninjafirewall') ?> <code>/<?php echo basename(WP_CONTENT_DIR); ?>/themes</code></th>
|
1605 |
+
<td width="20"> </td>
|
1606 |
+
<td align="left" width="120" style="vertical-align:top">
|
1607 |
+
<label><input type="radio" name="nfw_options[no_post_themes]" value="1"<?php checked( $no_post_themes, 1 ); disabled( $option_disabled, 1) ?>> <?php _e('Yes', 'ninjafirewall') ?></label>
|
1608 |
+
</td>
|
1609 |
+
<td align="left" style="vertical-align:top">
|
1610 |
+
<label><input type="radio" name="nfw_options[no_post_themes]" value="0"<?php checked( $no_post_themes, 0 ); disabled( $option_disabled, 1) ?>> <?php _e('No (default)', 'ninjafirewall') ?></label>
|
1611 |
+
<?php
|
1612 |
+
if ( defined('NFW_WPWAF') ) {
|
1613 |
+
echo '<br />'. $full_waf_msg;
|
1614 |
+
}
|
1615 |
+
?>
|
1616 |
+
</td>
|
1617 |
+
</tr>
|
1618 |
+
<tr valign="top">
|
1619 |
+
<th scope="row"><a name="builtinconstants"></a><?php _e('Force SSL for admin and logins', 'ninjafirewall') ?> <code><a href="http://codex.wordpress.org/Editing_wp-config.php#Require_SSL_for_Admin_and_Logins" target="_blank">FORCE_SSL_ADMIN</a></code></th>
|
1620 |
+
<td width="20"> </td>
|
1621 |
+
<td align="left" width="120">
|
1622 |
+
<label><input type="radio" name="nfw_options[force_ssl]" value="1"<?php checked( $force_ssl, 1 ) ?> onclick="return ssl_warn();" <?php disabled( $force_ssl_already_enabled, 1 ) ?>> <?php _e('Yes', 'ninjafirewall') ?></label>
|
1623 |
+
</td>
|
1624 |
+
<td align="left">
|
1625 |
+
<label><input type="radio" id="ssl_0" name="nfw_options[force_ssl]" value="0"<?php checked( $force_ssl, 0 ) ?> <?php disabled( $force_ssl_already_enabled, 1 ) ?>> <?php _e('No (default)', 'ninjafirewall') ?></label>
|
1626 |
+
</td>
|
1627 |
+
</tr>
|
1628 |
+
<tr valign="top">
|
1629 |
+
<th scope="row"><?php _e('Disable the plugin and theme editor', 'ninjafirewall') ?> <code><a href="http://codex.wordpress.org/Editing_wp-config.php#Disable_the_Plugin_and_Theme_Editor" target="_blank">DISALLOW_FILE_EDIT</a></code></th>
|
1630 |
+
<td width="20"> </td>
|
1631 |
+
<td align="left" width="120">
|
1632 |
+
<label><input type="radio" name="nfw_options[disallow_edit]" value="1"<?php checked( $disallow_edit, 1 ) ?> <?php disabled( $disallow_edit_already_enabled, 1 ) ?>> <?php _e('Yes', 'ninjafirewall') ?></label>
|
1633 |
+
</td>
|
1634 |
+
<td align="left">
|
1635 |
+
<label><input type="radio" name="nfw_options[disallow_edit]" value="0"<?php checked( $disallow_edit, 0 ) ?> <?php disabled( $disallow_edit_already_enabled, 1 ) ?>> <?php _e('No (default)', 'ninjafirewall') ?></label>
|
1636 |
+
</td>
|
1637 |
+
</tr>
|
1638 |
+
<tr valign="top">
|
1639 |
+
<th scope="row"><?php _e('Disable plugin and theme update/installation', 'ninjafirewall') ?> <code><a href="http://codex.wordpress.org/Editing_wp-config.php#Disable_Plugin_and_Theme_Update_and_Installation" target="_blank">DISALLOW_FILE_MODS</a></code></th>
|
1640 |
+
<td width="20"> </td>
|
1641 |
+
<td align="left" width="120">
|
1642 |
+
<label><input type="radio" name="nfw_options[disallow_mods]" value="1"<?php checked( $disallow_mods, 1 ) ?> <?php disabled( $disallow_mods_already_enabled, 1 ) ?>> <?php _e('Yes', 'ninjafirewall') ?></label>
|
1643 |
+
</td>
|
1644 |
+
<td align="left">
|
1645 |
+
<label><input type="radio" name="nfw_options[disallow_mods]" value="0"<?php checked( $disallow_mods, 0 ) ?> <?php disabled( $disallow_mods_already_enabled, 1 ) ?>> <?php _e('No (default)', 'ninjafirewall') ?></label>
|
1646 |
+
</td>
|
1647 |
+
</tr>
|
1648 |
+
|
1649 |
+
</table>
|
1650 |
+
<a name="donotblockadmin"></a>
|
1651 |
+
<br />
|
1652 |
+
<br />
|
1653 |
+
|
1654 |
+
<?php
|
1655 |
+
if ( empty( $nfw_options['wl_admin']) ) {
|
1656 |
+
$wl_admin = 0;
|
1657 |
+
} elseif ( $nfw_options['wl_admin'] == 2 ) {
|
1658 |
+
$wl_admin = 2;
|
1659 |
+
} else {
|
1660 |
+
$wl_admin = 1;
|
1661 |
+
}
|
1662 |
+
?>
|
1663 |
+
<table class="form-table">
|
1664 |
+
<tr style="background-color:#F9F9F9;border: solid 1px #DFDFDF;">
|
1665 |
+
<th scope="row"><?php _e('Users Whitelist', 'ninjafirewall') ?></th>
|
1666 |
+
<td width="20"> </td>
|
1667 |
+
<td align="left">
|
1668 |
+
<p><label><input type="radio" name="nfw_options[wl_admin]" value="1"<?php checked( $wl_admin, 1 ) ?>> <?php _e('Add the Administrator to the whitelist (default).', 'ninjafirewall') ?></label></p>
|
1669 |
+
<p><label><input type="radio" name="nfw_options[wl_admin]" value="2"<?php checked( $wl_admin, 2 ) ?>> <?php _e('Add all logged in users to the whitelist.', 'ninjafirewall') ?></label></p>
|
1670 |
+
<p><label><input type="radio" name="nfw_options[wl_admin]" value="0"<?php checked( $wl_admin, 0 ) ?>> <?php _e('Disable users whitelist.', 'ninjafirewall') ?></label></p>
|
1671 |
+
<p><span class="description"><?php _e('Note: This feature does not apply to <code>FORCE_SSL_ADMIN</code>, <code>DISALLOW_FILE_EDIT</code> and <code>DISALLOW_FILE_MODS</code> options which, if enabled, are always enforced.', 'ninjafirewall') ?></span></p>
|
1672 |
+
</td>
|
1673 |
+
</tr>
|
1674 |
+
</table>
|
1675 |
+
|
1676 |
+
</div>
|
1677 |
+
|
1678 |
+
|
1679 |
+
<?php
|
1680 |
+
// ==========================================================================
|
1681 |
+
// Intermediate options:
|
1682 |
+
?>
|
1683 |
+
<div id="intermediate-options" style="display:none">
|
1684 |
+
<?php
|
1685 |
+
if ( empty( $nfw_options['get_scan']) ) {
|
1686 |
+
$get_scan = 0;
|
1687 |
+
} else {
|
1688 |
+
$get_scan = 1;
|
1689 |
+
}
|
1690 |
+
if ( empty( $nfw_options['get_sanitise']) ) {
|
1691 |
+
$get_sanitise = 0;
|
1692 |
+
} else {
|
1693 |
+
$get_sanitise = 1;
|
1694 |
+
}
|
1695 |
+
?>
|
1696 |
+
<h3><?php _e('HTTP GET variable', 'ninjafirewall') ?></h3>
|
1697 |
+
<table class="form-table">
|
1698 |
+
<tr>
|
1699 |
+
<th scope="row"><?php _e('Scan <code>GET</code> variable', 'ninjafirewall') ?></th>
|
1700 |
+
<td width="20"> </td>
|
1701 |
+
<td align="left" width="120">
|
1702 |
+
<label><input type="radio" name="nfw_options[get_scan]" value="1"<?php checked( $get_scan, 1 ) ?>> <?php _e('Yes (default)', 'ninjafirewall') ?></label>
|
1703 |
+
</td>
|
1704 |
+
<td align="left">
|
1705 |
+
<label><input type="radio" name="nfw_options[get_scan]" value="0"<?php checked( $get_scan, 0 ) ?>> <?php _e('No', 'ninjafirewall') ?></label>
|
1706 |
+
</td>
|
1707 |
+
</tr>
|
1708 |
+
<tr>
|
1709 |
+
<th scope="row"><?php _e('Sanitise <code>GET</code> variable', 'ninjafirewall') ?></th>
|
1710 |
+
<td width="20"> </td>
|
1711 |
+
<td align="left" width="120">
|
1712 |
+
<label><input type="radio" name="nfw_options[get_sanitise]" value="1"<?php checked( $get_sanitise, 1 ) ?>> <?php _e('Yes', 'ninjafirewall') ?></label>
|
1713 |
+
</td>
|
1714 |
+
<td align="left">
|
1715 |
+
<label><input type="radio" name="nfw_options[get_sanitise]" value="0"<?php checked( $get_sanitise, 0 ) ?>> <?php _e('No (default)', 'ninjafirewall') ?></label>
|
1716 |
+
</td>
|
1717 |
+
</tr>
|
1718 |
+
</table>
|
1719 |
+
|
1720 |
+
<br /><br />
|
1721 |
+
|
1722 |
+
<?php
|
1723 |
+
if ( empty( $nfw_options['post_scan']) ) {
|
1724 |
+
$post_scan = 0;
|
1725 |
+
} else {
|
1726 |
+
$post_scan = 1;
|
1727 |
+
}
|
1728 |
+
if ( empty( $nfw_options['post_sanitise']) ) {
|
1729 |
+
$post_sanitise = 0;
|
1730 |
+
} else {
|
1731 |
+
$post_sanitise = 1;
|
1732 |
+
}
|
1733 |
+
if ( empty( $nfw_options['post_b64']) ) {
|
1734 |
+
$post_b64 = 0;
|
1735 |
+
} else {
|
1736 |
+
$post_b64 = 1;
|
1737 |
+
}
|
1738 |
+
?>
|
1739 |
+
<h3><?php _e('HTTP POST variable', 'ninjafirewall') ?></h3>
|
1740 |
+
<table class="form-table">
|
1741 |
+
<tr valign="top">
|
1742 |
+
<th scope="row"><?php _e('Scan <code>POST</code> variable', 'ninjafirewall') ?></th>
|
1743 |
+
<td width="20"> </td>
|
1744 |
+
<td align="left" width="120">
|
1745 |
+
<label><input type="radio" name="nfw_options[post_scan]" value="1"<?php checked( $post_scan, 1 ) ?>> <?php _e('Yes (default)', 'ninjafirewall') ?></label>
|
1746 |
+
</td>
|
1747 |
+
<td align="left">
|
1748 |
+
<label><input type="radio" name="nfw_options[post_scan]" value="0"<?php checked( $post_scan, 0 ) ?>> <?php _e('No', 'ninjafirewall') ?></label>
|
1749 |
+
</td>
|
1750 |
+
</tr>
|
1751 |
+
<tr valign="top">
|
1752 |
+
<th scope="row"><?php _e('Sanitise <code>POST</code> variable', 'ninjafirewall') ?></th>
|
1753 |
+
<td width="20"> </td>
|
1754 |
+
<td align="left" width="120" style="vertical-align:top;">
|
1755 |
+
<label><input type="radio" name="nfw_options[post_sanitise]" value="1"<?php checked( $post_sanitise, 1 ) ?>> <?php _e('Yes', 'ninjafirewall') ?></label>
|
1756 |
+
</td>
|
1757 |
+
<td align="left">
|
1758 |
+
<label><input type="radio" name="nfw_options[post_sanitise]" value="0"<?php checked( $post_sanitise, 0 ) ?>> <?php _e('No (default)', 'ninjafirewall') ?></label><br /><span class="description"> <?php _e('Do not enable this option unless you know what you are doing!', 'ninjafirewall') ?></span>
|
1759 |
+
</td>
|
1760 |
+
</tr>
|
1761 |
+
<tr valign="top">
|
1762 |
+
<th scope="row"><?php _e('Decode Base64-encoded <code>POST</code> variable', 'ninjafirewall') ?></th>
|
1763 |
+
<td width="20"> </td>
|
1764 |
+
<td align="left" width="120">
|
1765 |
+
<label><input type="radio" name="nfw_options[post_b64]" value="1"<?php checked( $post_b64, 1 ) ?>> <?php _e('Yes (default)', 'ninjafirewall') ?></label>
|
1766 |
+
</td>
|
1767 |
+
<td align="left">
|
1768 |
+
<label><input type="radio" name="nfw_options[post_b64]" value="0"<?php checked( $post_b64, 0 ) ?>> <?php _e('No', 'ninjafirewall') ?></label>
|
1769 |
+
</td>
|
1770 |
+
</tr>
|
1771 |
+
</table>
|
1772 |
+
|
1773 |
+
<br /><br />
|
1774 |
+
|
1775 |
+
<?php
|
1776 |
+
if ( empty( $nfw_options['request_sanitise']) ) {
|
1777 |
+
$request_sanitise = 0;
|
1778 |
+
} else {
|
1779 |
+
$request_sanitise = 1;
|
1780 |
+
}
|
1781 |
+
?>
|
1782 |
+
<h3><?php _e('HTTP REQUEST variable', 'ninjafirewall') ?></h3>
|
1783 |
+
<table class="form-table">
|
1784 |
+
<tr>
|
1785 |
+
<th scope="row"><?php _e('Sanitise <code>REQUEST</code> variable', 'ninjafirewall') ?></th>
|
1786 |
+
<td width="20"> </td>
|
1787 |
+
<td align="left" width="120" style="vertical-align:top;">
|
1788 |
+
<label><input type="radio" name="nfw_options[request_sanitise]" value="1"<?php checked( $request_sanitise, 1 ) ?>> <?php _e('Yes', 'ninjafirewall') ?></label>
|
1789 |
+
</td>
|
1790 |
+
<td align="left">
|
1791 |
+
<label><input type="radio" name="nfw_options[request_sanitise]" value="0"<?php checked( $request_sanitise, 0 ) ?>> <?php _e('No (default)', 'ninjafirewall') ?></label><br /><span class="description"> <?php _e('Do not enable this option unless you know what you are doing!', 'ninjafirewall') ?></span>
|
1792 |
+
</td>
|
1793 |
+
</tr>
|
1794 |
+
</table>
|
1795 |
+
|
1796 |
+
<br /><br />
|
1797 |
+
|
1798 |
+
<?php
|
1799 |
+
if ( empty( $nfw_options['cookies_scan']) ) {
|
1800 |
+
$cookies_scan = 0;
|
1801 |
+
} else {
|
1802 |
+
$cookies_scan = 1;
|
1803 |
+
}
|
1804 |
+
if ( empty( $nfw_options['cookies_sanitise']) ) {
|
1805 |
+
$cookies_sanitise = 0;
|
1806 |
+
} else {
|
1807 |
+
$cookies_sanitise = 1;
|
1808 |
+
}
|
1809 |
+
?>
|
1810 |
+
<h3><?php _e('Cookies', 'ninjafirewall') ?></h3>
|
1811 |
+
<table class="form-table">
|
1812 |
+
<tr>
|
1813 |
+
<th scope="row"><?php _e('Scan cookies', 'ninjafirewall') ?></th>
|
1814 |
+
<td width="20"> </td>
|
1815 |
+
<td align="left" width="120">
|
1816 |
+
<label><input type="radio" name="nfw_options[cookies_scan]" value="1"<?php checked( $cookies_scan, 1 ) ?>> <?php _e('Yes (default)', 'ninjafirewall') ?></label>
|
1817 |
+
</td>
|
1818 |
+
<td align="left">
|
1819 |
+
<label><input type="radio" name="nfw_options[cookies_scan]" value="0"<?php checked( $cookies_scan, 0 ) ?>> <?php _e('No', 'ninjafirewall') ?></label>
|
1820 |
+
</td>
|
1821 |
+
</tr>
|
1822 |
+
<tr>
|
1823 |
+
<th scope="row"><?php _e('Sanitise cookies', 'ninjafirewall') ?></th>
|
1824 |
+
<td width="20"> </td>
|
1825 |
+
<td align="left" width="120">
|
1826 |
+
<label><input type="radio" name="nfw_options[cookies_sanitise]" value="1"<?php checked( $cookies_sanitise, 1 ) ?>> <?php _e('Yes', 'ninjafirewall') ?></label>
|
1827 |
+
</td>
|
1828 |
+
<td align="left">
|
1829 |
+
<label><input type="radio" name="nfw_options[cookies_sanitise]" value="0"<?php checked( $cookies_sanitise, 0 ) ?>> <?php _e('No (default)', 'ninjafirewall') ?></label>
|
1830 |
+
</td>
|
1831 |
+
</tr>
|
1832 |
+
</table>
|
1833 |
+
|
1834 |
+
<br /><br />
|
1835 |
+
|
1836 |
+
<?php
|
1837 |
+
if ( empty( $nfw_options['ua_scan']) ) {
|
1838 |
+
$ua_scan = 0;
|
1839 |
+
} else {
|
1840 |
+
$ua_scan = 1;
|
1841 |
+
}
|
1842 |
+
if ( empty( $nfw_options['ua_sanitise']) ) {
|
1843 |
+
$ua_sanitise = 0;
|
1844 |
+
} else {
|
1845 |
+
$ua_sanitise = 1;
|
1846 |
+
}
|
1847 |
+
|
1848 |
+
|
1849 |
+
if ( empty( $nfw_rules[NFW_SCAN_BOTS]['ena']) ) {
|
1850 |
+
$block_bots = 0;
|
1851 |
+
} else {
|
1852 |
+
$block_bots = 1;
|
1853 |
+
}
|
1854 |
+
?>
|
1855 |
+
<h3><?php _e('HTTP_USER_AGENT server variable', 'ninjafirewall') ?></h3>
|
1856 |
+
<table class="form-table">
|
1857 |
+
<tr>
|
1858 |
+
<th scope="row"><?php _e('Scan <code>HTTP_USER_AGENT</code>', 'ninjafirewall') ?></th>
|
1859 |
+
<td width="20"> </td>
|
1860 |
+
<td align="left" width="120">
|
1861 |
+
<label><input type="radio" name="nfw_options[ua_scan]" value="1"<?php checked( $ua_scan, 1 ) ?>> <?php _e('Yes (default)', 'ninjafirewall') ?></label>
|
1862 |
+
</td>
|
1863 |
+
<td align="left">
|
1864 |
+
<label><input type="radio" name="nfw_options[ua_scan]" value="0"<?php checked( $ua_scan, 0 ) ?>> <?php _e('No', 'ninjafirewall') ?></label>
|
1865 |
+
</td>
|
1866 |
+
</tr>
|
1867 |
+
<tr>
|
1868 |
+
<th scope="row"><?php _e('Sanitise <code>HTTP_USER_AGENT</code>', 'ninjafirewall') ?></th>
|
1869 |
+
<td width="20"> </td>
|
1870 |
+
<td align="left" width="120">
|
1871 |
+
<label><input type="radio" name="nfw_options[ua_sanitise]" value="1"<?php checked( $ua_sanitise, 1 ) ?>> <?php _e('Yes (default)', 'ninjafirewall') ?></label>
|
1872 |
+
</td>
|
1873 |
+
<td align="left">
|
1874 |
+
<label><input type="radio" name="nfw_options[ua_sanitise]" value="0"<?php checked( $ua_sanitise, 0 ) ?>> <?php _e('No', 'ninjafirewall') ?></label>
|
1875 |
+
</td>
|
1876 |
+
</tr>
|
1877 |
+
<tr>
|
1878 |
+
<th scope="row"><?php _e('Block suspicious bots/scanners', 'ninjafirewall') ?></th>
|
1879 |
+
<td width="20"> </td>
|
1880 |
+
<td align="left" width="120">
|
1881 |
+
<label><input type="radio" name="nfw_rules[block_bots]" value="1"<?php checked( $block_bots, 1 ) ?>> <?php _e('Yes (default)', 'ninjafirewall') ?></label>
|
1882 |
+
</td>
|
1883 |
+
<td align="left">
|
1884 |
+
<label><input type="radio" name="nfw_rules[block_bots]" value="0"<?php checked( $block_bots, 0 ) ?>> <?php _e('No', 'ninjafirewall') ?></label>
|
1885 |
+
</td>
|
1886 |
+
</tr>
|
1887 |
+
</table>
|
1888 |
+
|
1889 |
+
<br /><br />
|
1890 |
+
|
1891 |
+
<?php
|
1892 |
+
if ( empty( $nfw_options['referer_scan']) ) {
|
1893 |
+
$referer_scan = 0;
|
1894 |
+
} else {
|
1895 |
+
$referer_scan = 1;
|
1896 |
+
}
|
1897 |
+
if ( empty( $nfw_options['referer_sanitise']) ) {
|
1898 |
+
$referer_sanitise = 0;
|
1899 |
+
} else {
|
1900 |
+
$referer_sanitise = 1;
|
1901 |
+
}
|
1902 |
+
if ( empty( $nfw_options['referer_post']) ) {
|
1903 |
+
$referer_post = 0;
|
1904 |
+
} else {
|
1905 |
+
$referer_post = 1;
|
1906 |
+
}
|
1907 |
+
?>
|
1908 |
+
<h3><?php _e('HTTP_REFERER server variable', 'ninjafirewall') ?></h3>
|
1909 |
+
<table class="form-table">
|
1910 |
+
<tr>
|
1911 |
+
<th scope="row"><?php _e('Scan <code>HTTP_REFERER</code>', 'ninjafirewall') ?></th>
|
1912 |
+
<td width="20"> </td>
|
1913 |
+
<td align="left" width="120">
|
1914 |
+
<label><input type="radio" name="nfw_options[referer_scan]" value="1"<?php checked( $referer_scan, 1 ) ?>> <?php _e('Yes', 'ninjafirewall') ?></label>
|
1915 |
+
</td>
|
1916 |
+
<td align="left">
|
1917 |
+
<label><input type="radio" name="nfw_options[referer_scan]" value="0"<?php checked( $referer_scan, 0 ) ?>> <?php _e('No (default)', 'ninjafirewall') ?></label>
|
1918 |
+
</td>
|
1919 |
+
</tr>
|
1920 |
+
<tr>
|
1921 |
+
<th scope="row"><?php _e('Sanitise <code>HTTP_REFERER</code>', 'ninjafirewall') ?></th>
|
1922 |
+
<td width="20"> </td>
|
1923 |
+
<td align="left" width="120">
|
1924 |
+
<label><input type="radio" name="nfw_options[referer_sanitise]" value="1"<?php checked( $referer_sanitise, 1 ) ?>> <?php _e('Yes (default)', 'ninjafirewall') ?></label>
|
1925 |
+
</td>
|
1926 |
+
<td align="left">
|
1927 |
+
<label><input type="radio" name="nfw_options[referer_sanitise]" value="0"<?php checked( $referer_sanitise, 0 ) ?>> <?php _e('No', 'ninjafirewall') ?></label>
|
1928 |
+
</td>
|
1929 |
+
</tr>
|
1930 |
+
<tr valign="top">
|
1931 |
+
<th scope="row"><?php _e('Block <code>POST</code> requests that do not have an <code>HTTP_REFERER</code> header', 'ninjafirewall') ?></th>
|
1932 |
+
<td width="20"> </td>
|
1933 |
+
<td align="left" width="120" style="vertical-align:top;">
|
1934 |
+
<label><input type="radio" name="nfw_options[referer_post]" value="1"<?php checked( $referer_post, 1 ) ?>> <?php _e('Yes', 'ninjafirewall') ?></label>
|
1935 |
+
</td>
|
1936 |
+
<td align="left" style="vertical-align:top;">
|
1937 |
+
<label><input type="radio" name="nfw_options[referer_post]" value="0"<?php checked( $referer_post, 0 ) ?>> <?php _e('No (default)', 'ninjafirewall') ?></label><br /><span class="description"> <?php _e('Keep this option disabled if you are using scripts like Paypal IPN, WordPress WP-Cron etc', 'ninjafirewall') ?></span>
|
1938 |
+
</td>
|
1939 |
+
</tr>
|
1940 |
+
</table>
|
1941 |
+
|
1942 |
+
<br /><br />
|
1943 |
+
|
1944 |
+
<?php
|
1945 |
+
if ( empty( $nfw_rules[NFW_LOOPBACK]['ena']) ) {
|
1946 |
+
$no_localhost_ip = 0;
|
1947 |
+
} else {
|
1948 |
+
$no_localhost_ip = 1;
|
1949 |
+
}
|
1950 |
+
if ( empty( $nfw_options['no_host_ip']) ) {
|
1951 |
+
$no_host_ip = 0;
|
1952 |
+
} else {
|
1953 |
+
$no_host_ip = 1;
|
1954 |
+
}
|
1955 |
+
if ( empty( $nfw_options['allow_local_ip']) ) {
|
1956 |
+
$allow_local_ip = 0;
|
1957 |
+
} else {
|
1958 |
+
$allow_local_ip = 1;
|
1959 |
+
}
|
1960 |
+
?>
|
1961 |
+
<h3>IP</h3>
|
1962 |
+
<table class="form-table" border=0>
|
1963 |
+
<tr>
|
1964 |
+
<th scope="row"><?php _e('Block localhost IP in <code>GET/POST</code> request', 'ninjafirewall') ?></th>
|
1965 |
+
<td width="20"> </td>
|
1966 |
+
<td align="left" width="120" style="vertical-align:top">
|
1967 |
+
<label><input type="radio" name="nfw_rules[no_localhost_ip]" value="1"<?php checked( $no_localhost_ip, 1 ) ?>> <?php _e('Yes (default)', 'ninjafirewall') ?></label>
|
1968 |
+
</td>
|
1969 |
+
<td align="left" style="vertical-align:top">
|
1970 |
+
<label><input type="radio" name="nfw_rules[no_localhost_ip]" value="0"<?php checked( $no_localhost_ip, 0 ) ?>> <?php _e('No', 'ninjafirewall') ?></label>
|
1971 |
+
</td>
|
1972 |
+
</tr>
|
1973 |
+
<tr>
|
1974 |
+
<th scope="row"><?php _e('Block HTTP requests with an IP in the <code>HTTP_HOST</code> header', 'ninjafirewall') ?></th>
|
1975 |
+
<td width="20"> </td>
|
1976 |
+
<td align="left" width="120" style="vertical-align:top">
|
1977 |
+
<label><input type="radio" name="nfw_options[no_host_ip]" value="1"<?php checked( $no_host_ip, 1 ) ?>> <?php _e('Yes', 'ninjafirewall') ?></label>
|
1978 |
+
</td>
|
1979 |
+
<td align="left" style="vertical-align:top">
|
1980 |
+
<label><input type="radio" name="nfw_options[no_host_ip]" value="0"<?php checked( $no_host_ip, 0 ) ?>> <?php _e('No (default)', 'ninjafirewall') ?></label>
|
1981 |
+
</td>
|
1982 |
+
</tr>
|
1983 |
+
<tr>
|
1984 |
+
<th scope="row"><?php _e('Scan traffic coming from localhost and private IP address spaces', 'ninjafirewall') ?></th>
|
1985 |
+
<td width="20"> </td>
|
1986 |
+
<td align="left" width="120" style="vertical-align:top">
|
1987 |
+
<label><input type="radio" name="nfw_options[allow_local_ip]" value="0"<?php checked( $allow_local_ip, 0 ) ?>> <?php _e('Yes (default)', 'ninjafirewall') ?></label>
|
1988 |
+
</td>
|
1989 |
+
<td align="left" style="vertical-align:top">
|
1990 |
+
<label><input type="radio" name="nfw_options[allow_local_ip]" value="1"<?php checked( $allow_local_ip, 1 ) ?>> <?php _e('No', 'ninjafirewall') ?></label>
|
1991 |
+
</td>
|
1992 |
+
</tr>
|
1993 |
+
</table>
|
1994 |
+
|
1995 |
+
</div>
|
1996 |
+
|
1997 |
+
<?php
|
1998 |
+
// ==========================================================================
|
1999 |
+
// Advanced options:
|
2000 |
+
?>
|
2001 |
+
<div id="advanced-options" style="display:none">
|
2002 |
+
|
2003 |
+
<?php
|
2004 |
+
$err_msg = $err = '';
|
2005 |
+
$err_img = '<p><span class="description"><img src="' . plugins_url() . '/ninjafirewall/images/icon_warn_16.png" border="0" height="16" width="16"> ';
|
2006 |
+
$msg = __('This option is disabled because the %s PHP function is not available on your server.', 'ninjafirewall');
|
2007 |
+
if (! function_exists('header_register_callback') ) {
|
2008 |
+
$err_msg = $err_img . sprintf($msg, '<code>header_register_callback()</code>') . '</span></p>';
|
2009 |
+
$err = 1;
|
2010 |
+
} elseif (! function_exists('headers_list') ) {
|
2011 |
+
$err_msg = $err_img . sprintf($msg, '<code>headers_list()</code>') . '</span></p>';
|
2012 |
+
$err = 1;
|
2013 |
+
} elseif (! function_exists('header_remove') ) {
|
2014 |
+
$err_msg = $err_img . sprintf($msg, '<code>header_remove()</code>') . '</span></p>';
|
2015 |
+
$err = 1;
|
2016 |
+
}
|
2017 |
+
if ( empty($nfw_options['response_headers']) || strlen($nfw_options['response_headers']) != 8 || $err_msg ) {
|
2018 |
+
$nfw_options['response_headers'] = '00000000';
|
2019 |
+
}
|
2020 |
+
?>
|
2021 |
+
<h3><?php _e('HTTP response headers', 'ninjafirewall') ?></h3>
|
2022 |
+
<table class="form-table">
|
2023 |
+
<tr>
|
2024 |
+
<th scope="row"><?php printf( __('Set %s to protect against MIME type confusion attacks', 'ninjafirewall'), '<code><a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">X-Content-Type-Options</a></code>') ?></th>
|
2025 |
+
<td width="20"> </td>
|
2026 |
+
<td align="left" width="120">
|
2027 |
+
<label><input type="radio" name="nfw_options[x_content_type_options]" value="1"<?php checked( $nfw_options['response_headers'][1], 1 ); disabled($err, 1); ?>><?php echo $yes; ?></label>
|
2028 |
+
</td>
|
2029 |
+
<td align="left">
|
2030 |
+
<label><input type="radio" name="nfw_options[x_content_type_options]" value="0"<?php checked( $nfw_options['response_headers'][1], 0 ); disabled($err, 1); ?>><?php echo $no . $default; ?></label><?php echo $err_msg ?>
|
2031 |
+
</td>
|
2032 |
+
</tr>
|
2033 |
+
<tr>
|
2034 |
+
<th scope="row"><?php printf( __('Set %s to protect against clickjacking attempts', 'ninjafirewall'), '<code><a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">X-Frame-Options</a></code>') ?></th>
|
2035 |
+
<td width="20"> </td>
|
2036 |
+
<td align="left" width="120" style="vertical-align:top;">
|
2037 |
+
<p><label><input type="radio" name="nfw_options[x_frame_options]" value="1"<?php checked( $nfw_options['response_headers'][2], 1 ); disabled($err, 1); ?>><code>SAMEORIGIN</code></label></p>
|
2038 |
+
<p><label><input type="radio" name="nfw_options[x_frame_options]" value="2"<?php checked( $nfw_options['response_headers'][2], 2 ); disabled($err, 1); ?>><code>DENY</code></label></p>
|
2039 |
+
</td>
|
2040 |
+
<td align="left" style="vertical-align:top;"><p><label><input type="radio" name="nfw_options[x_frame_options]" value="0"<?php checked( $nfw_options['response_headers'][2], 0 ); disabled($err, 1); ?>><?php echo $no . $default; ?></label><?php echo $err_msg ?></p></td>
|
2041 |
+
</tr>
|
2042 |
+
<tr>
|
2043 |
+
<th scope="row"><?php printf( __("Enforce %s (IE, Chrome and Safari browsers)", 'ninjafirewall'), '<code><a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">X-XSS-Protection</a></code>') ?></th>
|
2044 |
+
<td width="20"></td>
|
2045 |
+
<td align="left" width="120">
|
2046 |
+
<label><input type="radio" name="nfw_options[x_xss_protection]" value="1"<?php checked( $nfw_options['response_headers'][3], 1 ); disabled($err, 1); ?>><?php echo $yes . $default ?></label>
|
2047 |
+
</td>
|
2048 |
+
<td align="left">
|
2049 |
+
<label><input type="radio" name="nfw_options[x_xss_protection]" value="0"<?php checked( $nfw_options['response_headers'][3], 0 ); disabled($err, 1); ?>><?php echo $no; ?></label><?php echo $err_msg ?>
|
2050 |
+
</td>
|
2051 |
+
</tr>
|
2052 |
+
<tr>
|
2053 |
+
<th scope="row"><?php printf( __('Force %s flag on all cookies to mitigate XSS attacks', 'ninjafirewall'), '<code><a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">HttpOnly</a></code>') ?></th>
|
2054 |
+
<td width="20"> </td>
|
2055 |
+
<td align="left" width="120" style="vertical-align:top;">
|
2056 |
+
<label><input type="radio" name="nfw_options[cookies_httponly]" value="1"<?php checked( $nfw_options['response_headers'][0], 1 ); disabled($err, 1); ?> > <?php echo $yes ?></label>
|
2057 |
+
</td>
|
2058 |
+
<td align="left" style="vertical-align:top;">
|
2059 |
+
<label><input type="radio" name="nfw_options[cookies_httponly]" value="0"<?php checked( $nfw_options['response_headers'][0], 0 ); disabled($err, 1); ?>> <?php echo $no . $default; ?></label><br /><span class="description"><?php _e('If your PHP scripts use cookies that need to be accessed from JavaScript, you should disable this option.', 'ninjafirewall') ?></span><?php echo $err_msg ?>
|
2060 |
+
</td>
|
2061 |
+
</tr>
|
2062 |
+
<?php
|
2063 |
+
if ($_SERVER['SERVER_PORT'] != 443 && ! $err && (! isset( $_SERVER['HTTP_X_FORWARDED_PROTO']) || $_SERVER['HTTP_X_FORWARDED_PROTO'] != 'https') ) {
|
2064 |
+
$hsts_err = 1;
|
2065 |
+
$hsts_msg = '<br /><img src="' . plugins_url() . '/ninjafirewall/images/icon_warn_16.png" border="0" height="16" width="16"> <span class="description">' . __('HSTS headers can only be set when you are accessing your site over HTTPS.', 'ninjafirewall') . '</span>';
|
2066 |
+
} else {
|
2067 |
+
$hsts_msg = '';
|
2068 |
+
$hsts_err = 0;
|
2069 |
+
}
|
2070 |
+
?>
|
2071 |
+
<tr>
|
2072 |
+
<th scope="row"><?php printf( __('Set %s (HSTS) to enforce secure connections to the server', 'ninjafirewall'), '<code><a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">Strict-Transport-Security</a></code>') ?></th>
|
2073 |
+
<td width="20"> </td>
|
2074 |
+
<td align="left" width="120" style="vertical-align:top;">
|
2075 |
+
<p><label><input type="radio" name="nfw_options[strict_transport]" value="1"<?php checked( $nfw_options['response_headers'][4], 1 ); disabled($hsts_err, 1); ?>><?php _e('1 month', 'ninjafirewall') ?></label></p>
|
2076 |
+
<p><label><input type="radio" name="nfw_options[strict_transport]" value="2"<?php checked( $nfw_options['response_headers'][4], 2 ); disabled($hsts_err, 1); ?>><?php _e('6 months', 'ninjafirewall') ?></label></p>
|
2077 |
+
<p><label><input type="radio" name="nfw_options[strict_transport]" value="3"<?php checked( $nfw_options['response_headers'][4], 3 ); disabled($hsts_err, 1); ?>><?php _e('1 year', 'ninjafirewall') ?></label></p>
|
2078 |
+
<br />
|
2079 |
+
<label><input type="checkbox" name="nfw_options[strict_transport_sub]" value="1"<?php checked( $nfw_options['response_headers'][5], 1 ); disabled($hsts_err, 1); ?>><?php _e('Apply to subdomains', 'ninjafirewall') ?></label>
|
2080 |
+
</td>
|
2081 |
+
<td align="left" style="vertical-align:top;">
|
2082 |
+
<p><label><input type="radio" name="nfw_options[strict_transport]" value="0"<?php checked( $nfw_options['response_headers'][4], 0 ); disabled($hsts_err, 1); ?>><?php echo $no . $default; ?></label></p>
|
2083 |
+
<p><label><input type="radio" name="nfw_options[strict_transport]" value="4"<?php checked( $nfw_options['response_headers'][4], 4 ); disabled($hsts_err, 1); ?>><?php _e('Set <code>max-age</code> to 0', 'ninjafirewall'); ?></label><?php echo $err_msg ?></p>
|
2084 |
+
<?php echo $hsts_msg; ?>
|
2085 |
+
</td>
|
2086 |
+
</tr>
|
2087 |
+
|
2088 |
+
<?php
|
2089 |
+
if (! isset( $nfw_options['csp_frontend_data'] ) ) {
|
2090 |
+
$nfw_options['csp_frontend_data'] = '';
|
2091 |
+
}
|
2092 |
+
if (! isset( $nfw_options['csp_backend_data'] ) ) {
|
2093 |
+
$nfw_options['csp_backend_data'] = nf_sub_policies_csp();
|
2094 |
+
}
|
2095 |
+
if (! isset( $nfw_options['response_headers'][6] ) ) {
|
2096 |
+
$nfw_options['response_headers'][6] = 0;
|
2097 |
+
}
|
2098 |
+
if (! isset( $nfw_options['response_headers'][7] ) ) {
|
2099 |
+
$nfw_options['response_headers'][7] = 0;
|
2100 |
+
}
|
2101 |
+
?>
|
2102 |
+
<tr>
|
2103 |
+
<th scope="row"><?php printf( __('Set %s for the website frontend', 'ninjafirewall'), '<code><a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">Content-Security-Policy</a></code>') ?></th>
|
2104 |
+
<td width="20"> </td>
|
2105 |
+
<td align="left" width="120" style="vertical-align:top;">
|
2106 |
+
<p><label><input type="radio" onclick="csp_onoff(1, 'csp_frontend')" name="nfw_options[csp_frontend]" value="1"<?php checked( $nfw_options['response_headers'][6], 1 ); disabled($err, 1); ?>><?php _e('Yes', 'ninjafirewall') ?></label></p>
|
2107 |
+
<p><label><input type="radio" onclick="csp_onoff(0, 'csp_frontend')" name="nfw_options[csp_frontend]" value="0"<?php checked( $nfw_options['response_headers'][6], 0 ); disabled($err, 1); ?>><?php _e('No (default)', 'ninjafirewall') ?></label></p>
|
2108 |
+
</td>
|
2109 |
+
<td align="left" style="vertical-align:top;">
|
2110 |
+
<textarea autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" name="nfw_options[csp_frontend_data]" id="csp_frontend" class="large-text code" rows="4"<?php __checked_selected_helper($err, 1, true, 'readonly'); __checked_selected_helper($nfw_options['response_headers'][6], 0, true, 'readonly') ?>><?php echo htmlspecialchars( $nfw_options['csp_frontend_data'] ) ?></textarea>
|
2111 |
+
<span class="description"><?php _e('This CSP header will apply to the website frontend only.', 'ninjafirewall') ?></span>
|
2112 |
+
<?php echo $err_msg ?>
|
2113 |
+
</td>
|
2114 |
+
</tr>
|
2115 |
+
|
2116 |
+
<tr>
|
2117 |
+
<th scope="row"><?php printf( __('Set %s for the WordPress admin dashboard', 'ninjafirewall'), '<code><a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">Content-Security-Policy</a></code>') ?></th>
|
2118 |
+
<td width="20"> </td>
|
2119 |
+
<td align="left" width="120" style="vertical-align:top;">
|
2120 |
+
<p><label><input type="radio" onclick="csp_onoff(1, 'csp_backend')" name="nfw_options[csp_backend]" value="1"<?php checked( $nfw_options['response_headers'][7], 1 ); disabled($err, 1); ?>><?php _e('Yes', 'ninjafirewall') ?></label></p>
|
2121 |
+
<p><label><input type="radio" onclick="csp_onoff(0, 'csp_backend')" name="nfw_options[csp_backend]" value="0"<?php checked( $nfw_options['response_headers'][7], 0 ); disabled($err, 1); ?>><?php _e('No (default)', 'ninjafirewall') ?></label></p>
|
2122 |
+
</td>
|
2123 |
+
<td align="left" style="vertical-align:top;">
|
2124 |
+
<textarea autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" name="nfw_options[csp_backend_data]" id="csp_backend" class="large-text code" rows="4"<?php __checked_selected_helper($err, 1, true, 'readonly'); __checked_selected_helper($nfw_options['response_headers'][7], 0, true, 'readonly') ?>><?php echo htmlspecialchars( $nfw_options['csp_backend_data'] ) ?></textarea>
|
2125 |
+
<span class="description"><?php _e('This CSP header will apply to the WordPress admin dashboard only.', 'ninjafirewall') ?></span>
|
2126 |
+
<?php echo $err_msg ?>
|
2127 |
+
</td>
|
2128 |
+
</tr>
|
2129 |
+
|
2130 |
+
|
2131 |
+
</table>
|
2132 |
+
|
2133 |
+
<br /><br />
|
2134 |
+
|
2135 |
+
<?php
|
2136 |
+
if ( empty( $nfw_rules[NFW_WRAPPERS]['ena']) ) {
|
2137 |
+
$php_wrappers = 0;
|
2138 |
+
} else {
|
2139 |
+
$php_wrappers = 1;
|
2140 |
+
}
|
2141 |
+
if ( empty( $nfw_options['php_errors']) ) {
|
2142 |
+
$php_errors = 0;
|
2143 |
+
} else {
|
2144 |
+
$php_errors = 1;
|
2145 |
+
}
|
2146 |
+
if ( empty( $nfw_options['php_self']) ) {
|
2147 |
+
$php_self = 0;
|
2148 |
+
} else {
|
2149 |
+
$php_self = 1;
|
2150 |
+
}
|
2151 |
+
if ( empty( $nfw_options['php_path_t']) ) {
|
2152 |
+
$php_path_t = 0;
|
2153 |
+
} else {
|
2154 |
+
$php_path_t = 1;
|
2155 |
+
}
|
2156 |
+
if ( empty( $nfw_options['php_path_i']) ) {
|
2157 |
+
$php_path_i = 0;
|
2158 |
+
} else {
|
2159 |
+
$php_path_i = 1;
|
2160 |
+
}
|
2161 |
+
?>
|
2162 |
+
<h3>PHP</h3>
|
2163 |
+
<table class="form-table">
|
2164 |
+
<tr>
|
2165 |
+
<th scope="row"><?php _e('Block PHP built-in wrappers in <code>GET</code>, <code>POST</code>, <code>HTTP_USER_AGENT</code>, <code>HTTP_REFERER</code> and cookies', 'ninjafirewall') ?></th>
|
2166 |
+
<td width="20"> </td>
|
2167 |
+
<td align="left" width="120" style="vertical-align:top">
|
2168 |
+
<label><input type="radio" name="nfw_rules[php_wrappers]" value="1"<?php checked( $php_wrappers, 1 ) ?>> <?php _e('Yes (default)', 'ninjafirewall') ?></label>
|
2169 |
+
</td>
|
2170 |
+
<td align="left" style="vertical-align:top">
|
2171 |
+
<label><input type="radio" name="nfw_rules[php_wrappers]" value="0"<?php checked( $php_wrappers, 0 ) ?>> <?php _e('No', 'ninjafirewall') ?></label>
|
2172 |
+
</td>
|
2173 |
+
</tr>
|
2174 |
+
|
2175 |
+
<?php
|
2176 |
+
if (! empty( $nfw_rules[NFW_OBJECTS]['ena'] ) ) {
|
2177 |
+
if ( strpos( $nfw_rules[NFW_OBJECTS]['cha'][1]['whe'], 'GET' ) !== FALSE) {
|
2178 |
+
$NFW_OBJECTS_GET = ' checked="checked"';
|
2179 |
+
} else {
|
2180 |
+
$NFW_OBJECTS_GET = '';
|
2181 |
+
}
|
2182 |
+
if ( strpos( $nfw_rules[NFW_OBJECTS]['cha'][1]['whe'], 'POST' ) !== FALSE) {
|
2183 |
+
$NFW_OBJECTS_POST = ' checked="checked"';
|
2184 |
+
} else {
|
2185 |
+
$NFW_OBJECTS_POST = '';
|
2186 |
+
}
|
2187 |
+
if ( strpos( $nfw_rules[NFW_OBJECTS]['cha'][1]['whe'], 'COOKIE' ) !== FALSE) {
|
2188 |
+
$NFW_OBJECTS_COOKIE = ' checked="checked"';
|
2189 |
+
} else {
|
2190 |
+
$NFW_OBJECTS_COOKIE = '';
|
2191 |
+
}
|
2192 |
+
if ( strpos( $nfw_rules[NFW_OBJECTS]['cha'][1]['whe'], 'HTTP_USER_AGENT' ) !== FALSE) {
|
2193 |
+
$NFW_OBJECTS_HTTP_USER_AGENT = ' checked="checked"';
|
2194 |
+
} else {
|
2195 |
+
$NFW_OBJECTS_HTTP_USER_AGENT = '';
|
2196 |
+
}
|
2197 |
+
if ( strpos( $nfw_rules[NFW_OBJECTS]['cha'][1]['whe'], 'HTTP_REFERER' ) !== FALSE) {
|
2198 |
+
$NFW_OBJECTS_HTTP_REFERER = ' checked="checked"';
|
2199 |
+
} else {
|
2200 |
+
$NFW_OBJECTS_HTTP_REFERER = '';
|
2201 |
+
}
|
2202 |
+
} else {
|
2203 |
+
$NFW_OBJECTS_GET = ''; $NFW_OBJECTS_POST = ''; $NFW_OBJECTS_COOKIE = '';
|
2204 |
+
$NFW_OBJECTS_HTTP_USER_AGENT = ''; $NFW_OBJECTS_HTTP_REFERER = '';
|
2205 |
+
}
|
2206 |
+
?>
|
2207 |
+
<tr>
|
2208 |
+
<th scope="row"><?php _e('Block serialized PHP objects in the following global variables', 'ninjafirewall') ?></th>
|
2209 |
+
<td width="20"> </td>
|
2210 |
+
<td align="left" width="120" style="vertical-align:top">
|
2211 |
+
<p><label><input type="checkbox" name="nfw_rules[php_objects_get]" value="1"<?php echo $NFW_OBJECTS_GET ?>><code>GET</code><?php echo $default ?></label><p>
|
2212 |
+
<p><label><input type="checkbox" name="nfw_rules[php_objects_post]" value="1"<?php echo $NFW_OBJECTS_POST ?>><code>POST</code><?php echo $default ?></label><p>
|
2213 |
+
<p><label><input type="checkbox" name="nfw_rules[php_objects_cookie]" value="1"<?php echo $NFW_OBJECTS_COOKIE ?>><code>COOKIE</code></label><p>
|
2214 |
+
</td>
|
2215 |
+
<td align="left" style="vertical-align:top">
|
2216 |
+
<p><label><input type="checkbox" name="nfw_rules[php_objects_http_user_agent]" value="1"<?php echo $NFW_OBJECTS_HTTP_USER_AGENT ?>><code>HTTP_USER_AGENT</code><?php echo $default ?></label><p>
|
2217 |
+
<p><label><input type="checkbox" name="nfw_rules[php_objects_http_referer]" value="1"<?php echo $NFW_OBJECTS_HTTP_REFERER ?>><code>HTTP_REFERER</code><?php echo $default ?></label><p>
|
2218 |
+
</td>
|
2219 |
+
</tr>
|
2220 |
+
<tr>
|
2221 |
+
<th scope="row"><?php _e('Hide PHP notice and error messages', 'ninjafirewall') ?></th>
|
2222 |
+
<td width="20"> </td>
|
2223 |
+
<td align="left" width="120">
|
2224 |
+
<label><input type="radio" name="nfw_options[php_errors]" value="1"<?php checked( $php_errors, 1 ) ?>> <?php _e('Yes (default)', 'ninjafirewall') ?></label>
|
2225 |
+
</td>
|
2226 |
+
<td align="left">
|
2227 |
+
<label><input type="radio" name="nfw_options[php_errors]" value="0"<?php checked( $php_errors, 0 ) ?>> <?php _e('No', 'ninjafirewall') ?></label>
|
2228 |
+
</td>
|
2229 |
+
</tr>
|
2230 |
+
<tr>
|
2231 |
+
<th scope="row"><?php _e('Sanitise <code>PHP_SELF</code>', 'ninjafirewall') ?></th>
|
2232 |
+
<td width="20"> </td>
|
2233 |
+
<td align="left" width="120">
|
2234 |
+
<label><input type="radio" name="nfw_options[php_self]" value="1"<?php checked( $php_self, 1 ) ?>> <?php _e('Yes (default)', 'ninjafirewall') ?></label>
|
2235 |
+
</td>
|
2236 |
+
<td align="left">
|
2237 |
+
<label><input type="radio" name="nfw_options[php_self]" value="0"<?php checked( $php_self, 0 ) ?>> <?php _e('No', 'ninjafirewall') ?></label>
|
2238 |
+
</td>
|
2239 |
+
</tr>
|
2240 |
+
<tr>
|
2241 |
+
<th scope="row"><?php _e('Sanitise <code>PATH_TRANSLATED</code>', 'ninjafirewall') ?></th>
|
2242 |
+
<td width="20"> </td>
|
2243 |
+
<td align="left" width="120">
|
2244 |
+
<label><input type="radio" name="nfw_options[php_path_t]" value="1"<?php checked( $php_path_t, 1 ) ?>> <?php _e('Yes (default)', 'ninjafirewall') ?></label>
|
2245 |
+
</td>
|
2246 |
+
<td align="left">
|
2247 |
+
<label><input type="radio" name="nfw_options[php_path_t]" value="0"<?php checked( $php_path_t, 0 ) ?>> <?php _e('No', 'ninjafirewall') ?></label>
|
2248 |
+
</td>
|
2249 |
+
</tr>
|
2250 |
+
<tr>
|
2251 |
+
<th scope="row"><?php _e('Sanitise <code>PATH_INFO</code>', 'ninjafirewall') ?></th>
|
2252 |
+
<td width="20"> </td>
|
2253 |
+
<td align="left" width="120">
|
2254 |
+
<label><input type="radio" name="nfw_options[php_path_i]" value="1"<?php checked( $php_path_i, 1 ) ?>> <?php _e('Yes (default)', 'ninjafirewall') ?></label>
|
2255 |
+
</td>
|
2256 |
+
<td align="left">
|
2257 |
+
<label><input type="radio" name="nfw_options[php_path_i]" value="0"<?php checked( $php_path_i, 0 ) ?>> <?php _e('No', 'ninjafirewall') ?></label>
|
2258 |
+
</td>
|
2259 |
+
</tr>
|
2260 |
+
</table>
|
2261 |
+
|
2262 |
+
<br /><br />
|
2263 |
+
|
2264 |
+
<?php
|
2265 |
+
|
2266 |
+
if ( strlen( $_SERVER['DOCUMENT_ROOT'] ) < 5 ) {
|
2267 |
+
$nfw_rules[NFW_DOC_ROOT]['ena'] = 0;
|
2268 |
+
$greyed = 'style="color:#bbbbbb"';
|
2269 |
+
$disabled = 'disabled ';
|
2270 |
+
$disabled_msg = '<br /><span class="description"> ' .
|
2271 |
+
__('This option is not compatible with your actual configuration.', 'ninjafirewall') .
|
2272 |
+
'</span>';
|
2273 |
+
} else {
|
2274 |
+
$greyed = '';
|
2275 |
+
$disabled = '';
|
2276 |
+
$disabled_msg = '';
|
2277 |
+
}
|
2278 |
+
|
2279 |
+
if ( empty( $nfw_rules[NFW_DOC_ROOT]['ena']) ) {
|
2280 |
+
$block_doc_root = 0;
|
2281 |
+
} else {
|
2282 |
+
$block_doc_root = 1;
|
2283 |
+
}
|
2284 |
+
if ( empty( $nfw_rules[NFW_NULL_BYTE]['ena']) ) {
|
2285 |
+
$block_null_byte = 0;
|
2286 |
+
} else {
|
2287 |
+
$block_null_byte = 1;
|
2288 |
+
}
|
2289 |
+
if ( empty( $nfw_rules[NFW_ASCII_CTRL]['ena']) ) {
|
2290 |
+
$block_ctrl_chars = 0;
|
2291 |
+
} else {
|
2292 |
+
$block_ctrl_chars = 1;
|
2293 |
+
}
|
2294 |
+
?>
|
2295 |
+
<h3><?php _e('Various', 'ninjafirewall') ?></h3>
|
2296 |
+
<table class="form-table">
|
2297 |
+
<tr valign="top">
|
2298 |
+
<th scope="row"><?php _e('Block the <code>DOCUMENT_ROOT</code> server variable in HTTP request', 'ninjafirewall') ?></th>
|
2299 |
+
<td width="20"> </td>
|
2300 |
+
<td align="left" width="120">
|
2301 |
+
<label <?php echo $greyed ?>><input type="radio" name="nfw_rules[block_doc_root]" value="1"<?php checked( $block_doc_root, 1 ) ?>> <?php _e('Yes (default)', 'ninjafirewall') ?></label>
|
2302 |
+
</td>
|
2303 |
+
<td align="left">
|
2304 |
+
<label <?php echo $greyed ?>><input <?php echo $disabled ?>type="radio" name="nfw_rules[block_doc_root]" value="0"<?php checked( $block_doc_root, 0 ) ?>> <?php _e('No', 'ninjafirewall') ?></label><?php echo $disabled_msg ?>
|
2305 |
+
</td>
|
2306 |
+
</tr>
|
2307 |
+
<tr>
|
2308 |
+
<th scope="row"><?php _e('Block ASCII character 0x00 (NULL byte)', 'ninjafirewall') ?></th>
|
2309 |
+
<td width="20"> </td>
|
2310 |
+
<td align="left" width="120">
|
2311 |
+
<label><input type="radio" name="nfw_rules[block_null_byte]" value="1"<?php checked( $block_null_byte, 1 ) ?>> <?php _e('Yes (default)', 'ninjafirewall') ?></label>
|
2312 |
+
</td>
|
2313 |
+
<td align="left">
|
2314 |
+
<label><input type="radio" name="nfw_rules[block_null_byte]" value="0"<?php checked( $block_null_byte, 0 ) ?>> <?php _e('No', 'ninjafirewall') ?></label>
|
2315 |
+
</td>
|
2316 |
+
</tr>
|
2317 |
+
<tr>
|
2318 |
+
<th scope="row"><?php _e('Block ASCII control characters 1 to 8 and 14 to 31', 'ninjafirewall') ?></th>
|
2319 |
+
<td width="20"> </td>
|
2320 |
+
<td align="left">
|
2321 |
+
<label><input type="radio" name="nfw_rules[block_ctrl_chars]" value="1"<?php checked( $block_ctrl_chars, 1 ) ?>> <?php _e('Yes', 'ninjafirewall') ?></label>
|
2322 |
+
</td>
|
2323 |
+
<td align="left">
|
2324 |
+
<label><input type="radio" name="nfw_rules[block_ctrl_chars]" value="0"<?php checked( $block_ctrl_chars, 0 ) ?>> <?php _e('No (default)', 'ninjafirewall') ?></label>
|
2325 |
+
</td>
|
2326 |
+
</tr>
|
2327 |
+
</table>
|
2328 |
+
|
2329 |
+
</div>
|
2330 |
+
|
2331 |
+
<br />
|
2332 |
+
<br />
|
2333 |
+
|
2334 |
+
<input class="button-primary" type="submit" name="Save" value="<?php _e('Save Firewall Policies', 'ninjafirewall') ?>" />
|
2335 |
+
|
2336 |
+
<input class="button-secondary" type="submit" name="Default" value="<?php _e('Restore Default Values', 'ninjafirewall') ?>" onclick="return restore();" />
|
2337 |
+
</form>
|
2338 |
+
</div>
|
2339 |
+
|
2340 |
+
<?php
|
2341 |
+
}
|
2342 |
+
|
2343 |
+
/* ------------------------------------------------------------------ */
|
2344 |
+
|
2345 |
+
function nf_sub_policies_save() {
|
2346 |
+
|
2347 |
+
nf_not_allowed( 'block', __LINE__ );
|
2348 |
+
|
2349 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
2350 |
+
$nfw_rules = nfw_get_option( 'nfw_rules' );
|
2351 |
+
|
2352 |
+
if ( (isset( $_POST['nfw_options']['scan_protocol'])) &&
|
2353 |
+
( preg_match( '/^[123]$/', $_POST['nfw_options']['scan_protocol'])) ) {
|
2354 |
+
$nfw_options['scan_protocol'] = $_POST['nfw_options']['scan_protocol'];
|
2355 |
+
} else {
|
2356 |
+
$nfw_options['scan_protocol'] = 3;
|
2357 |
+
}
|
2358 |
+
|
2359 |
+
if ( empty( $_POST['nfw_options']['uploads']) ) {
|
2360 |
+
$nfw_options['uploads'] = 0;
|
2361 |
+
} else {
|
2362 |
+
$nfw_options['uploads'] = 1;
|
2363 |
+
}
|
2364 |
+
|
2365 |
+
if ( (isset( $_POST['nfw_options']['sanitise_fn']) ) && ( $nfw_options['uploads'] == 1) ) {
|
2366 |
+
$nfw_options['sanitise_fn'] = 1;
|
2367 |
+
} else {
|
2368 |
+
$nfw_options['sanitise_fn'] = 0;
|
2369 |
+
}
|
2370 |
+
// Substitution character:
|
2371 |
+
// Don't allow the '/' character:
|
2372 |
+
if ( empty( $_POST['nfw_options']['substitute'] ) || strlen( $_POST['nfw_options']['substitute'] ) > 1 || $_POST['nfw_options']['substitute'] == '/' ) {
|
2373 |
+
$nfw_options['substitute'] = 'X';
|
2374 |
+
} else {
|
2375 |
+
$nfw_options['substitute'] = $_POST['nfw_options']['substitute'];
|
2376 |
+
}
|
2377 |
+
|
2378 |
+
|
2379 |
+
if ( empty( $_POST['nfw_options']['get_scan']) ) {
|
2380 |
+
$nfw_options['get_scan'] = 0;
|
2381 |
+
} else {
|
2382 |
+
$nfw_options['get_scan'] = 1;
|
2383 |
+
}
|
2384 |
+
if ( empty( $_POST['nfw_options']['get_sanitise']) ) {
|
2385 |
+
$nfw_options['get_sanitise'] = 0;
|
2386 |
+
} else {
|
2387 |
+
$nfw_options['get_sanitise'] = 1;
|
2388 |
+
}
|
2389 |
+
|
2390 |
+
|
2391 |
+
if ( empty( $_POST['nfw_options']['post_scan']) ) {
|
2392 |
+
$nfw_options['post_scan'] = 0;
|
2393 |
+
} else {
|
2394 |
+
$nfw_options['post_scan'] = 1;
|
2395 |
+
}
|
2396 |
+
if ( empty( $_POST['nfw_options']['post_sanitise']) ) {
|
2397 |
+
$nfw_options['post_sanitise'] = 0;
|
2398 |
+
} else {
|
2399 |
+
$nfw_options['post_sanitise'] = 1;
|
2400 |
+
}
|
2401 |
+
if ( empty( $_POST['nfw_options']['post_b64']) ) {
|
2402 |
+
$nfw_options['post_b64'] = 0;
|
2403 |
+
} else {
|
2404 |
+
$nfw_options['post_b64'] = 1;
|
2405 |
+
}
|
2406 |
+
|
2407 |
+
|
2408 |
+
if ( empty( $_POST['nfw_options']['request_sanitise']) ) {
|
2409 |
+
$nfw_options['request_sanitise'] = 0;
|
2410 |
+
} else {
|
2411 |
+
$nfw_options['request_sanitise'] = 1;
|
2412 |
+
}
|
2413 |
+
|
2414 |
+
|
2415 |
+
if ( function_exists('header_register_callback') && function_exists('headers_list') && function_exists('header_remove') ) {
|
2416 |
+
$nfw_options['response_headers'] = '00000000';
|
2417 |
+
$nfw_options['csp_frontend_data'] = '';
|
2418 |
+
$nfw_options['csp_backend_data'] = '';
|
2419 |
+
if ( empty( $_POST['nfw_options']['x_content_type_options']) ) {
|
2420 |
+
$nfw_options['response_headers'][1] = 0;
|
2421 |
+
} else {
|
2422 |
+
$nfw_options['response_headers'][1] = 1;
|
2423 |
+
}
|
2424 |
+
if ( empty( $_POST['nfw_options']['x_frame_options']) ) {
|
2425 |
+
$nfw_options['response_headers'][2] = 0;
|
2426 |
+
} elseif ( $_POST['nfw_options']['x_frame_options'] == 1) {
|
2427 |
+
$nfw_options['response_headers'][2] = 1;
|
2428 |
+
} else {
|
2429 |
+
$nfw_options['response_headers'][2] = 2;
|
2430 |
+
}
|
2431 |
+
if ( empty( $_POST['nfw_options']['x_xss_protection']) ) {
|
2432 |
+
$nfw_options['response_headers'][3] = 0;
|
2433 |
+
} else {
|
2434 |
+
$nfw_options['response_headers'][3] = 1;
|
2435 |
+
}
|
2436 |
+
if ( empty( $_POST['nfw_options']['cookies_httponly']) ) {
|
2437 |
+
$nfw_options['response_headers'][0] = 0;
|
2438 |
+
} else {
|
2439 |
+
$nfw_options['response_headers'][0] = 1;
|
2440 |
+
}
|
2441 |
+
if (! isset( $_POST['nfw_options']['strict_transport_sub']) ) {
|
2442 |
+
$nfw_options['response_headers'][5] = 0;
|
2443 |
+
} else {
|
2444 |
+
$nfw_options['response_headers'][5] = 1;
|
2445 |
+
}
|
2446 |
+
if ( empty( $_POST['nfw_options']['strict_transport']) ) {
|
2447 |
+
$nfw_options['response_headers'][4] = 0;
|
2448 |
+
$nfw_options['response_headers'][5] = 0;
|
2449 |
+
} elseif ( $_POST['nfw_options']['strict_transport'] == 1) {
|
2450 |
+
$nfw_options['response_headers'][4] = 1;
|
2451 |
+
} elseif ( $_POST['nfw_options']['strict_transport'] == 2) {
|
2452 |
+
$nfw_options['response_headers'][4] = 2;
|
2453 |
+
} elseif ( $_POST['nfw_options']['strict_transport'] == 3) {
|
2454 |
+
$nfw_options['response_headers'][4] = 3;
|
2455 |
+
} else {
|
2456 |
+
$nfw_options['response_headers'][4] = 4;
|
2457 |
+
}
|
2458 |
+
$nfw_options['csp_frontend_data'] = stripslashes( str_replace( array( '<', '>', "\x0a", "\x0d", '%', '$', '&') , '', $_POST['nfw_options']['csp_frontend_data'] ) );
|
2459 |
+
if ( empty( $_POST['nfw_options']['csp_frontend']) || empty( $nfw_options['csp_frontend_data'] ) ) {
|
2460 |
+
$nfw_options['response_headers'][6] = 0;
|
2461 |
+
} else {
|
2462 |
+
$nfw_options['response_headers'][6] = 1;
|
2463 |
+
}
|
2464 |
+
$nfw_options['csp_backend_data'] = stripslashes( str_replace( array( '<', '>', "\x0a", "\x0d", '%', '$', '&') , '', $_POST['nfw_options']['csp_backend_data'] ) );
|
2465 |
+
if ( empty( $_POST['nfw_options']['csp_backend']) || empty( $nfw_options['csp_backend_data'] ) ) {
|
2466 |
+
$nfw_options['response_headers'][7] = 0;
|
2467 |
+
} else {
|
2468 |
+
$nfw_options['response_headers'][7] = 1;
|
2469 |
+
}
|
2470 |
+
}
|
2471 |
+
|
2472 |
+
|
2473 |
+
if ( empty( $_POST['nfw_options']['cookies_scan']) ) {
|
2474 |
+
$nfw_options['cookies_scan'] = 0;
|
2475 |
+
} else {
|
2476 |
+
$nfw_options['cookies_scan'] = 1;
|
2477 |
+
}
|
2478 |
+
if ( empty( $_POST['nfw_options']['cookies_sanitise']) ) {
|
2479 |
+
$nfw_options['cookies_sanitise'] = 0;
|
2480 |
+
} else {
|
2481 |
+
$nfw_options['cookies_sanitise'] = 1;
|
2482 |
+
}
|
2483 |
+
|
2484 |
+
|
2485 |
+
if ( empty( $_POST['nfw_options']['ua_scan']) ) {
|
2486 |
+
$nfw_options['ua_scan'] = 0;
|
2487 |
+
} else {
|
2488 |
+
$nfw_options['ua_scan'] = 1;
|
2489 |
+
}
|
2490 |
+
if ( empty( $_POST['nfw_options']['ua_sanitise']) ) {
|
2491 |
+
$nfw_options['ua_sanitise'] = 0;
|
2492 |
+
} else {
|
2493 |
+
$nfw_options['ua_sanitise'] = 1;
|
2494 |
+
}
|
2495 |
+
|
2496 |
+
|
2497 |
+
if ( empty( $_POST['nfw_options']['referer_scan']) ) {
|
2498 |
+
$nfw_options['referer_scan'] = 0;
|
2499 |
+
} else {
|
2500 |
+
$nfw_options['referer_scan'] = 1;
|
2501 |
+
}
|
2502 |
+
if ( empty( $_POST['nfw_options']['referer_sanitise']) ) {
|
2503 |
+
$nfw_options['referer_sanitise'] = 0;
|
2504 |
+
} else {
|
2505 |
+
$nfw_options['referer_sanitise'] = 1;
|
2506 |
+
}
|
2507 |
+
if ( empty( $_POST['nfw_options']['referer_post']) ) {
|
2508 |
+
$nfw_options['referer_post'] = 0;
|
2509 |
+
} else {
|
2510 |
+
$nfw_options['referer_post'] = 1;
|
2511 |
+
}
|
2512 |
+
|
2513 |
+
|
2514 |
+
if ( empty( $_POST['nfw_options']['no_host_ip']) ) {
|
2515 |
+
$nfw_options['no_host_ip'] = 0;
|
2516 |
+
} else {
|
2517 |
+
$nfw_options['no_host_ip'] = 1;
|
2518 |
+
}
|
2519 |
+
if ( empty( $_POST['nfw_options']['allow_local_ip']) ) {
|
2520 |
+
$nfw_options['allow_local_ip'] = 0;
|
2521 |
+
} else {
|
2522 |
+
$nfw_options['allow_local_ip'] = 1;
|
2523 |
+
}
|
2524 |
+
|
2525 |
+
|
2526 |
+
if ( empty( $_POST['nfw_options']['php_errors']) ) {
|
2527 |
+
$nfw_options['php_errors'] = 0;
|
2528 |
+
} else {
|
2529 |
+
$nfw_options['php_errors'] = 1;
|
2530 |
+
}
|
2531 |
+
|
2532 |
+
if ( empty( $_POST['nfw_options']['php_self']) ) {
|
2533 |
+
$nfw_options['php_self'] = 0;
|
2534 |
+
} else {
|
2535 |
+
$nfw_options['php_self'] = 1;
|
2536 |
+
}
|
2537 |
+
if ( empty( $_POST['nfw_options']['php_path_t']) ) {
|
2538 |
+
$nfw_options['php_path_t'] = 0;
|
2539 |
+
} else {
|
2540 |
+
$nfw_options['php_path_t'] = 1;
|
2541 |
+
}
|
2542 |
+
if ( empty( $_POST['nfw_options']['php_path_i']) ) {
|
2543 |
+
$nfw_options['php_path_i'] = 0;
|
2544 |
+
} else {
|
2545 |
+
$nfw_options['php_path_i'] = 1;
|
2546 |
+
}
|
2547 |
+
|
2548 |
+
$nfw_options['wp_dir'] = $tmp = '';
|
2549 |
+
if ( isset( $_POST['nfw_options']['wp_admin']) ) {
|
2550 |
+
$tmp .= '/wp-admin/(?:css|images|includes|js)/|';
|
2551 |
+
}
|
2552 |
+
if ( isset( $_POST['nfw_options']['wp_inc']) ) {
|
2553 |
+
$tmp .= '/wp-includes/(?:(?:css|images|js(?!/tinymce/wp-tinymce\.php)|theme-compat)/|[^/]+\.php)|';
|
2554 |
+
}
|
2555 |
+
if ( isset( $_POST['nfw_options']['wp_upl']) ) {
|
2556 |
+
$tmp .= '/' . basename(WP_CONTENT_DIR) .'/(?:uploads|blogs\.dir)/|';
|
2557 |
+
}
|
2558 |
+
if ( isset( $_POST['nfw_options']['wp_cache']) ) {
|
2559 |
+
$tmp .= '/cache/|';
|
2560 |
+
}
|
2561 |
+
if ( $tmp ) {
|
2562 |
+
$nfw_options['wp_dir'] = rtrim( $tmp, '|' );
|
2563 |
+
}
|
2564 |
+
|
2565 |
+
if (! isset( $_POST['nfw_options']['enum_archives']) ) {
|
2566 |
+
$nfw_options['enum_archives'] = 0;
|
2567 |
+
} else {
|
2568 |
+
$nfw_options['enum_archives'] = 1;
|
2569 |
+
}
|
2570 |
+
if (! isset( $_POST['nfw_options']['enum_login']) ) {
|
2571 |
+
$nfw_options['enum_login'] = 0;
|
2572 |
+
} else {
|
2573 |
+
$nfw_options['enum_login'] = 1;
|
2574 |
+
}
|
2575 |
+
if (! isset( $_POST['nfw_options']['enum_restapi']) ) {
|
2576 |
+
$nfw_options['enum_restapi'] = 0;
|
2577 |
+
} else {
|
2578 |
+
$nfw_options['enum_restapi'] = 1;
|
2579 |
+
}
|
2580 |
+
if (! isset( $_POST['nfw_options']['no_restapi']) ) {
|
2581 |
+
$nfw_options['no_restapi'] = 0;
|
2582 |
+
} else {
|
2583 |
+
$nfw_options['no_restapi'] = 1;
|
2584 |
+
}
|
2585 |
+
|
2586 |
+
|
2587 |
+
if ( empty( $_POST['nfw_options']['no_xmlrpc']) ) {
|
2588 |
+
$nfw_options['no_xmlrpc'] = 0;
|
2589 |
+
} else {
|
2590 |
+
$nfw_options['no_xmlrpc'] = 1;
|
2591 |
+
$_POST['nfw_options']['no_xmlrpc_multi'] = 0;
|
2592 |
+
$_POST['nfw_options']['no_xmlrpc_pingback'] = 0;
|
2593 |
+
}
|
2594 |
+
if ( empty( $_POST['nfw_options']['no_xmlrpc_multi']) ) {
|
2595 |
+
$nfw_options['no_xmlrpc_multi'] = 0;
|
2596 |
+
} else {
|
2597 |
+
$nfw_options['no_xmlrpc_multi'] = 1;
|
2598 |
+
}
|
2599 |
+
if ( empty( $_POST['nfw_options']['no_xmlrpc_pingback']) ) {
|
2600 |
+
$nfw_options['no_xmlrpc_pingback'] = 0;
|
2601 |
+
} else {
|
2602 |
+
$nfw_options['no_xmlrpc_pingback'] = 1;
|
2603 |
+
}
|
2604 |
+
|
2605 |
+
if ( empty( $_POST['nfw_options']['no_post_themes']) ) {
|
2606 |
+
$nfw_options['no_post_themes'] = 0;
|
2607 |
+
} else {
|
2608 |
+
$nfw_options['no_post_themes'] = '/'. basename(WP_CONTENT_DIR) .'/themes/';
|
2609 |
+
}
|
2610 |
+
|
2611 |
+
if ( empty( $_POST['nfw_options']['force_ssl']) ) {
|
2612 |
+
$nfw_options['force_ssl'] = 0;
|
2613 |
+
} else {
|
2614 |
+
$nfw_options['force_ssl'] = 1;
|
2615 |
+
}
|
2616 |
+
|
2617 |
+
if ( empty( $_POST['nfw_options']['disallow_edit']) ) {
|
2618 |
+
$nfw_options['disallow_edit'] = 0;
|
2619 |
+
} else {
|
2620 |
+
$nfw_options['disallow_edit'] = 1;
|
2621 |
+
}
|
2622 |
+
|
2623 |
+
if ( empty( $_POST['nfw_options']['disallow_mods']) ) {
|
2624 |
+
$nfw_options['disallow_mods'] = 0;
|
2625 |
+
} else {
|
2626 |
+
$nfw_options['disallow_mods'] = 1;
|
2627 |
+
}
|
2628 |
+
|
2629 |
+
|
2630 |
+
if ( empty( $_POST['nfw_options']['wl_admin']) ) {
|
2631 |
+
$nfw_options['wl_admin'] = 0;
|
2632 |
+
if ( isset( $_SESSION['nfw_goodguy']) ) {
|
2633 |
+
unset( $_SESSION['nfw_goodguy']);
|
2634 |
+
}
|
2635 |
+
} else {
|
2636 |
+
if ( $_POST['nfw_options']['wl_admin'] == 2 ) {
|
2637 |
+
$nfw_options['wl_admin'] = 2;
|
2638 |
+
} else {
|
2639 |
+
$nfw_options['wl_admin'] = 1;
|
2640 |
+
}
|
2641 |
+
$_SESSION['nfw_goodguy'] = $nfw_options['wl_admin'];
|
2642 |
+
}
|
2643 |
+
|
2644 |
+
|
2645 |
+
if ( empty( $_POST['nfw_rules']['block_null_byte']) ) {
|
2646 |
+
$nfw_rules[NFW_NULL_BYTE]['ena'] = 0;
|
2647 |
+
} else {
|
2648 |
+
$nfw_rules[NFW_NULL_BYTE]['ena'] = 1;
|
2649 |
+
}
|
2650 |
+
if ( empty( $_POST['nfw_rules']['block_bots']) ) {
|
2651 |
+
$nfw_rules[NFW_SCAN_BOTS]['ena'] = 0;
|
2652 |
+
} else {
|
2653 |
+
$nfw_rules[NFW_SCAN_BOTS]['ena'] = 1;
|
2654 |
+
}
|
2655 |
+
if ( empty( $_POST['nfw_rules']['block_ctrl_chars']) ) {
|
2656 |
+
$nfw_rules[NFW_ASCII_CTRL]['ena'] = 0;
|
2657 |
+
} else {
|
2658 |
+
$nfw_rules[NFW_ASCII_CTRL]['ena'] = 1;
|
2659 |
+
}
|
2660 |
+
|
2661 |
+
|
2662 |
+
if ( empty( $_POST['nfw_rules']['block_doc_root']) ) {
|
2663 |
+
$nfw_rules[NFW_DOC_ROOT]['ena'] = 0;
|
2664 |
+
} else {
|
2665 |
+
|
2666 |
+
if ( strlen( $_SERVER['DOCUMENT_ROOT'] ) > 5 ) {
|
2667 |
+
$nfw_rules[NFW_DOC_ROOT]['cha'][1]['wha'] = str_replace( '/', '/[./]*', $_SERVER['DOCUMENT_ROOT'] );
|
2668 |
+
$nfw_rules[NFW_DOC_ROOT]['ena'] = 1;
|
2669 |
+
} elseif ( strlen( getenv( 'DOCUMENT_ROOT' ) ) > 5 ) {
|
2670 |
+
$nfw_rules[NFW_DOC_ROOT]['cha'][1]['wha'] = str_replace( '/', '/[./]*', getenv( 'DOCUMENT_ROOT' ) );
|
2671 |
+
$nfw_rules[NFW_DOC_ROOT]['ena'] = 1;
|
2672 |
+
} else {
|
2673 |
+
$nfw_rules[NFW_DOC_ROOT]['ena'] = 0;
|
2674 |
+
}
|
2675 |
+
}
|
2676 |
+
|
2677 |
+
|
2678 |
+
if ( empty( $_POST['nfw_rules']['php_wrappers']) ) {
|
2679 |
+
$nfw_rules[NFW_WRAPPERS]['ena'] = 0;
|
2680 |
+
} else {
|
2681 |
+
$nfw_rules[NFW_WRAPPERS]['ena'] = 1;
|
2682 |
+
}
|
2683 |
+
|
2684 |
+
|
2685 |
+
$nfw_objects = '';
|
2686 |
+
if (! empty( $_POST['nfw_rules']['php_objects_get'] ) ) {
|
2687 |
+
$nfw_objects .= "GET|";
|
2688 |
+
}
|
2689 |
+
if (! empty( $_POST['nfw_rules']['php_objects_post'] ) ) {
|
2690 |
+
$nfw_objects .= "POST|";
|
2691 |
+
}
|
2692 |
+
if (! empty( $_POST['nfw_rules']['php_objects_cookie'] ) ) {
|
2693 |
+
$nfw_objects .= "COOKIE|";
|
2694 |
+
}
|
2695 |
+
if (! empty( $_POST['nfw_rules']['php_objects_http_user_agent'] ) ) {
|
2696 |
+
$nfw_objects .= "SERVER:HTTP_USER_AGENT|";
|
2697 |
+
}
|
2698 |
+
if (! empty( $_POST['nfw_rules']['php_objects_http_referer'] ) ) {
|
2699 |
+
$nfw_objects .= "SERVER:HTTP_REFERER|";
|
2700 |
+
}
|
2701 |
+
if (! empty( $nfw_objects ) ) {
|
2702 |
+
$nfw_objects = rtrim( $nfw_objects, '|' );
|
2703 |
+
$nfw_rules[NFW_OBJECTS]['ena'] = 1;
|
2704 |
+
} else {
|
2705 |
+
// Disable rule:
|
2706 |
+
$nfw_rules[NFW_OBJECTS]['ena'] = 0;
|
2707 |
+
}
|
2708 |
+
$nfw_rules[NFW_OBJECTS]['cha'][1]['whe'] = $nfw_objects;
|
2709 |
+
|
2710 |
+
|
2711 |
+
if ( empty( $_POST['nfw_rules']['no_localhost_ip']) ) {
|
2712 |
+
$nfw_rules[NFW_LOOPBACK]['ena'] = 0;
|
2713 |
+
} else {
|
2714 |
+
$nfw_rules[NFW_LOOPBACK]['ena'] = 1;
|
2715 |
+
}
|
2716 |
+
|
2717 |
+
nfw_update_option( 'nfw_options', $nfw_options );
|
2718 |
+
nfw_update_option( 'nfw_rules', $nfw_rules );
|
2719 |
+
|
2720 |
+
}
|
2721 |
+
|
2722 |
+
/* ------------------------------------------------------------------ */
|
2723 |
+
|
2724 |
+
function nf_sub_policies_csp() {
|
2725 |
+
return "script-src 'self' 'unsafe-inline' 'unsafe-eval' *.videopress.com *.google.com *.wp.com; style-src 'self' 'unsafe-inline' *.googleapis.com *.google.com *.jquery.com; connect-src 'self'; media-src 'self' *.youtube.com *.w.org; child-src 'self' *.videopress.com *.google.com; object-src 'self'; form-action 'self'; img-src 'self' *.gravatar.com *.wp.com *.w.org *.cldup.com woocommerce.com data:;";
|
2726 |
+
}
|
2727 |
+
|
2728 |
+
/* ------------------------------------------------------------------ */
|
2729 |
+
|
2730 |
+
function nf_sub_policies_default() {
|
2731 |
+
|
2732 |
+
nf_not_allowed( 'block', __LINE__ );
|
2733 |
+
|
2734 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
2735 |
+
$nfw_rules = nfw_get_option( 'nfw_rules' );
|
2736 |
+
|
2737 |
+
$nfw_options['scan_protocol'] = 3;
|
2738 |
+
$nfw_options['uploads'] = 0;
|
2739 |
+
$nfw_options['sanitise_fn'] = 0;
|
2740 |
+
$nfw_options['substitute'] = 'X';
|
2741 |
+
$nfw_options['get_scan'] = 1;
|
2742 |
+
$nfw_options['get_sanitise'] = 0;
|
2743 |
+
$nfw_options['post_scan'] = 1;
|
2744 |
+
$nfw_options['post_sanitise'] = 0;
|
2745 |
+
$nfw_options['request_sanitise'] = 0;
|
2746 |
+
if ( function_exists('header_register_callback') && function_exists('headers_list') && function_exists('header_remove') ) {
|
2747 |
+
$nfw_options['response_headers'] = '00010000';
|
2748 |
+
$nfw_options['csp_backend_data'] = nf_sub_policies_csp();
|
2749 |
+
$nfw_options['csp_frontend_data'] = '';
|
2750 |
+
}
|
2751 |
+
$nfw_options['cookies_scan'] = 1;
|
2752 |
+
$nfw_options['cookies_sanitise'] = 0;
|
2753 |
+
$nfw_options['ua_scan'] = 1;
|
2754 |
+
$nfw_options['ua_sanitise'] = 1;
|
2755 |
+
$nfw_options['referer_scan'] = 0;
|
2756 |
+
$nfw_options['referer_sanitise'] = 1;
|
2757 |
+
$nfw_options['referer_post'] = 0;
|
2758 |
+
$nfw_options['no_host_ip'] = 0;
|
2759 |
+
$nfw_options['allow_local_ip'] = 0;
|
2760 |
+
$nfw_options['php_errors'] = 1;
|
2761 |
+
$nfw_options['php_self'] = 1;
|
2762 |
+
$nfw_options['php_path_t'] = 1;
|
2763 |
+
$nfw_options['php_path_i'] = 1;
|
2764 |
+
$nfw_options['wp_dir'] = '/wp-admin/(?:css|images|includes|js)/|' .
|
2765 |
+
'/wp-includes/(?:(?:css|images|js(?!/tinymce/wp-tinymce\.php)|theme-compat)/|[^/]+\.php)|' .
|
2766 |
+
'/'. basename(WP_CONTENT_DIR) .'/(?:uploads|blogs\.dir)/';
|
2767 |
+
$nfw_options['enum_archives'] = 0;
|
2768 |
+
$nfw_options['enum_login'] = 0;
|
2769 |
+
$nfw_options['enum_restapi'] = 0;
|
2770 |
+
$nfw_options['no_restapi'] = 0;
|
2771 |
+
$nfw_options['no_xmlrpc'] = 0;
|
2772 |
+
$nfw_options['no_xmlrpc_multi'] = 0;
|
2773 |
+
$nfw_options['no_xmlrpc_pingback']= 0;
|
2774 |
+
$nfw_options['no_post_themes'] = 0;
|
2775 |
+
$nfw_options['force_ssl'] = 0;
|
2776 |
+
$nfw_options['disallow_edit'] = 0;
|
2777 |
+
$nfw_options['disallow_mods'] = 0;
|
2778 |
+
$nfw_options['post_b64'] = 1;
|
2779 |
+
$nfw_options['wl_admin'] = 1;
|
2780 |
+
$_SESSION['nfw_goodguy'] = true;
|
2781 |
+
|
2782 |
+
$nfw_rules[NFW_SCAN_BOTS]['ena'] = 1;
|
2783 |
+
$nfw_rules[NFW_LOOPBACK]['ena'] = 1;
|
2784 |
+
$nfw_rules[NFW_WRAPPERS]['ena'] = 1;
|
2785 |
+
|
2786 |
+
$nfw_rules[NFW_OBJECTS]['ena'] = 1;
|
2787 |
+
$nfw_rules[NFW_OBJECTS]['cha'][1]['whe'] = 'GET|POST|SERVER:HTTP_USER_AGENT|SERVER:HTTP_REFERER';
|
2788 |
+
|
2789 |
+
if ( strlen( $_SERVER['DOCUMENT_ROOT'] ) > 5 ) {
|
2790 |
+
$nfw_rules[NFW_DOC_ROOT]['cha'][1]['wha'] = str_replace( '/', '/[./]*', $_SERVER['DOCUMENT_ROOT'] );
|
2791 |
+
$nfw_rules[NFW_DOC_ROOT]['ena'] = 1;
|
2792 |
+
} elseif ( strlen( getenv( 'DOCUMENT_ROOT' ) ) > 5 ) {
|
2793 |
+
$nfw_rules[NFW_DOC_ROOT]['cha'][1]['wha'] = str_replace( '/', '/[./]*', getenv( 'DOCUMENT_ROOT' ) );
|
2794 |
+
$nfw_rules[NFW_DOC_ROOT]['ena'] = 1;
|
2795 |
+
} else {
|
2796 |
+
$nfw_rules[NFW_DOC_ROOT]['ena'] = 0;
|
2797 |
+
}
|
2798 |
+
|
2799 |
+
$nfw_rules[NFW_NULL_BYTE]['ena'] = 1;
|
2800 |
+
$nfw_rules[NFW_ASCII_CTRL]['ena'] = 0;
|
2801 |
+
|
2802 |
+
nfw_update_option( 'nfw_options', $nfw_options);
|
2803 |
+
nfw_update_option( 'nfw_rules', $nfw_rules);
|
2804 |
+
|
2805 |
+
}
|
2806 |
+
|
2807 |
+
/* ------------------------------------------------------------------ */
|
2808 |
+
|
2809 |
+
function nf_sub_fileguard() {
|
2810 |
+
|
2811 |
+
nf_not_allowed( 'block', __LINE__ );
|
2812 |
+
|
2813 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
2814 |
+
|
2815 |
+
?>
|
2816 |
+
<script>
|
2817 |
+
function toggle_table(off) {
|
2818 |
+
if ( off == 1 ) {
|
2819 |
+
jQuery("#fg_table").slideDown();
|
2820 |
+
} else if ( off == 2 ) {
|
2821 |
+
jQuery("#fg_table").slideUp();
|
2822 |
+
}
|
2823 |
+
return;
|
2824 |
+
}
|
2825 |
+
function is_number(id) {
|
2826 |
+
var e = document.getElementById(id);
|
2827 |
+
if (! e.value ) { return }
|
2828 |
+
if (! /^[1-9][0-9]?$/.test(e.value) ) {
|
2829 |
+
alert("<?php echo esc_js( __('Please enter a number from 1 to 99.', 'ninjafirewall') ) ?>");
|
2830 |
+
e.value = e.value.substring(0, e.value.length-1);
|
2831 |
+
}
|
2832 |
+
}
|
2833 |
+
function check_fields() {
|
2834 |
+
if (! document.nfwfilefuard.elements["nfw_options[fg_mtime]"]){
|
2835 |
+
alert("<?php echo esc_js( __('Please enter a number from 1 to 99.', 'ninjafirewall') ) ?>");
|
2836 |
+
return false;
|
2837 |
+
}
|
2838 |
+
return true;
|
2839 |
+
}
|
2840 |
+
</script>
|
2841 |
+
|
2842 |
+
<div class="wrap">
|
2843 |
+
<div style="width:33px;height:33px;background-image:url(<?php echo plugins_url() ?>/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
2844 |
+
<h1><?php _e('File Guard', 'ninjafirewall') ?></h1>
|
2845 |
+
<?php
|
2846 |
+
if ( defined('NFW_WPWAF') ) {
|
2847 |
+
?>
|
2848 |
+
<div class="notice-warning notice is-dismissible"><p><?php printf( __('You are running NinjaFirewall in <i>WordPress WAF</i> mode. The %s feature will be limited to a few WordPress files only (e.g., index.php, wp-login.php, xmlrpc.php, admin-ajax.php, wp-load.php etc). If you want it to apply to any PHP script, you will need to run NinjaFirewall in %s mode.', 'ninjafirewall'), 'File Guard', '<a href="https://blog.nintechnet.com/full_waf-vs-wordpress_waf/">Full WAF</a>') ?></p></div>
|
2849 |
+
<?php
|
2850 |
+
}
|
2851 |
+
|
2852 |
+
if (! is_writable( NFW_LOG_DIR . '/nfwlog/cache/') ) {
|
2853 |
+
echo '<div class="error notice is-dismissible"><p>' .
|
2854 |
+
sprintf( __('The cache directory %s is not writable. Please change its permissions (0777 or equivalent).', 'ninjafirewall'), '('. htmlspecialchars(NFW_LOG_DIR) . '/nfwlog/cache/)' ) . '</p></div>';
|
2855 |
+
}
|
2856 |
+
|
2857 |
+
if ( isset( $_POST['nfw_options']) ) {
|
2858 |
+
if ( empty($_POST['nfwnonce']) || ! wp_verify_nonce($_POST['nfwnonce'], 'fileguard_save') ) {
|
2859 |
+
wp_nonce_ays('fileguard_save');
|
2860 |
+
}
|
2861 |
+
nf_sub_fileguard_save();
|
2862 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
2863 |
+
echo '<div class="updated notice is-dismissible"><p>' . __('Your changes have been saved.', 'ninjafirewall') .'</p></div>';
|
2864 |
+
}
|
2865 |
+
|
2866 |
+
if ( empty($nfw_options['fg_enable']) ) {
|
2867 |
+
$nfw_options['fg_enable'] = 0;
|
2868 |
+
} else {
|
2869 |
+
$nfw_options['fg_enable'] = 1;
|
2870 |
+
}
|
2871 |
+
if ( empty($nfw_options['fg_mtime']) || ! preg_match('/^[1-9][0-9]?$/', $nfw_options['fg_mtime']) ) {
|
2872 |
+
$nfw_options['fg_mtime'] = 10;
|
2873 |
+
}
|
2874 |
+
if ( empty($nfw_options['fg_exclude']) ) {
|
2875 |
+
$fg_exclude = '';
|
2876 |
+
} else {
|
2877 |
+
$tmp = str_replace('|', ',', $nfw_options['fg_exclude']);
|
2878 |
+
$fg_exclude = preg_replace( '/\\\([`.\\/\\\+*?\[^\]$(){}=!<>:-])/', '$1', $tmp );
|
2879 |
+
}
|
2880 |
+
?>
|
2881 |
+
<br />
|
2882 |
+
<form method="post" name="nfwfilefuard" onSubmit="return check_fields();">
|
2883 |
+
<?php wp_nonce_field('fileguard_save', 'nfwnonce', 0); ?>
|
2884 |
+
<table class="form-table">
|
2885 |
+
<tr style="background-color:#F9F9F9;border: solid 1px #DFDFDF;">
|
2886 |
+
<th scope="row"><?php _e('Enable File Guard', 'ninjafirewall') ?></th>
|
2887 |
+
<td align="left">
|
2888 |
+
<label><input type="radio" id="fgenable" name="nfw_options[fg_enable]" value="1"<?php checked($nfw_options['fg_enable'], 1) ?> onclick="toggle_table(1);"> <?php _e('Yes (recommended)', 'ninjafirewall') ?></label>
|
2889 |
+
</td>
|
2890 |
+
<td align="left">
|
2891 |
+
<label><input type="radio" name="nfw_options[fg_enable]" value="0"<?php checked($nfw_options['fg_enable'], 0) ?> onclick="toggle_table(2);"> <?php _e('No', 'ninjafirewall') ?></label>
|
2892 |
+
</td>
|
2893 |
+
</tr>
|
2894 |
+
</table>
|
2895 |
+
|
2896 |
+
<br />
|
2897 |
+
|
2898 |
+
<div id="fg_table"<?php echo $nfw_options['fg_enable'] == 1 ? '' : ' style="display:none"' ?>>
|
2899 |
+
<table class="form-table" border="0">
|
2900 |
+
<tr valign="top">
|
2901 |
+
<th scope="row"><?php _e('Real-time detection', 'ninjafirewall') ?></th>
|
2902 |
+
<td align="left">
|
2903 |
+
<?php
|
2904 |
+
printf( __('Monitor file activity and send an alert when someone is accessing a PHP script that was modified or created less than %s hour(s) ago.', 'ninjafirewall'), '<input maxlength="2" size="2" value="'. $nfw_options['fg_mtime'] .'" name="nfw_options[fg_mtime]" id="mtime" onkeyup="is_number(\'mtime\')" class="small-text" type="number" />');
|
2905 |
+
?>
|
2906 |
+
</td>
|
2907 |
+
</tr>
|
2908 |
+
<tr>
|
2909 |
+
<th scope="row"><?php _e('Exclude the following files/folders (optional)', 'ninjafirewall') ?></th>
|
2910 |
+
<td align="left"><input class="large-text" type="text" maxlength="255" name="nfw_options[fg_exclude]" value="<?php echo htmlspecialchars( $fg_exclude ); ?>" placeholder="<?php _e('e.g.,', 'ninjafirewall') ?> /foo/bar/cache/ <?php _e('or', 'ninjafirewall') ?> /cache/" /><br /><span class="description"><?php _e('Full or partial case-sensitive string(s), max. 255 characters. Multiple values must be comma-separated', 'ninjafirewall') ?> (<code>,</code>).</span></td>
|
2911 |
+
</tr>
|
2912 |
+
</table>
|
2913 |
+
</div>
|
2914 |
+
<br />
|
2915 |
+
<input class="button-primary" type="submit" name="Save" value="<?php _e('Save File Guard options', 'ninjafirewall') ?>" />
|
2916 |
+
</form>
|
2917 |
+
</div>
|
2918 |
+
<?php
|
2919 |
+
|
2920 |
+
}
|
2921 |
+
|
2922 |
+
/* ------------------------------------------------------------------ */
|
2923 |
+
|
2924 |
+
function nf_sub_fileguard_save() {
|
2925 |
+
|
2926 |
+
nf_not_allowed( 'block', __LINE__ );
|
2927 |
+
|
2928 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
2929 |
+
|
2930 |
+
if ( empty($_POST['nfw_options']['fg_enable']) ) {
|
2931 |
+
$nfw_options['fg_enable'] = 0;
|
2932 |
+
} else {
|
2933 |
+
$nfw_options['fg_enable'] = $_POST['nfw_options']['fg_enable'];
|
2934 |
+
}
|
2935 |
+
|
2936 |
+
if ( empty($_POST['nfw_options']['fg_mtime']) || ! preg_match('/^[1-9][0-9]?$/', $_POST['nfw_options']['fg_mtime']) ) {
|
2937 |
+
$nfw_options['fg_mtime'] = 10;
|
2938 |
+
} else {
|
2939 |
+
$nfw_options['fg_mtime'] = $_POST['nfw_options']['fg_mtime'];
|
2940 |
+
}
|
2941 |
+
|
2942 |
+
if ( empty($_POST['nfw_options']['fg_exclude']) || strlen($_POST['nfw_options']['fg_exclude']) > 255 ) {
|
2943 |
+
$nfw_options['fg_exclude'] = '';
|
2944 |
+
} else {
|
2945 |
+
$exclude = '';
|
2946 |
+
$fg_exclude = explode(',', $_POST['nfw_options']['fg_exclude'] );
|
2947 |
+
foreach ($fg_exclude as $path) {
|
2948 |
+
if ( $path ) {
|
2949 |
+
$path = str_replace( array(' ', '\\', '|'), '', $path);
|
2950 |
+
$exclude .= preg_quote( rtrim($path, ','), '`') . '|';
|
2951 |
+
}
|
2952 |
+
}
|
2953 |
+
$nfw_options['fg_exclude'] = rtrim($exclude, '|');
|
2954 |
+
}
|
2955 |
+
|
2956 |
+
nfw_update_option( 'nfw_options', $nfw_options );
|
2957 |
+
|
2958 |
+
}
|
2959 |
+
/* ------------------------------------------------------------------ */
|
2960 |
+
|
2961 |
+
function nf_sub_network() {
|
2962 |
+
|
2963 |
+
|
2964 |
+
if (! current_user_can( 'manage_network' ) ) {
|
2965 |
+
die( '<br /><br /><br /><div class="error notice is-dismissible"><p>' .
|
2966 |
+
sprintf( __('You are not allowed to perform this task (%s).', 'ninjafirewall'), __LINE__) .
|
2967 |
+
'</p></div>' );
|
2968 |
+
}
|
2969 |
+
|
2970 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
2971 |
+
|
2972 |
+
echo '
|
2973 |
+
<div class="wrap">
|
2974 |
+
<div style="width:33px;height:33px;background-image:url( ' . plugins_url() . '/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
2975 |
+
<h1>' . __('Network', 'ninjafirewall') . '</h1>';
|
2976 |
+
if (! is_multisite() ) {
|
2977 |
+
echo '<div class="updated notice is-dismissible"><p>' . __('You do not have a multisite network.', 'ninjafirewall') . '</p></div></div>';
|
2978 |
+
return;
|
2979 |
+
}
|
2980 |
+
|
2981 |
+
if ( isset( $_POST['nfw_options']) ) {
|
2982 |
+
if ( empty($_POST['nfwnonce']) || ! wp_verify_nonce($_POST['nfwnonce'], 'network_save') ) {
|
2983 |
+
wp_nonce_ays('network_save');
|
2984 |
+
}
|
2985 |
+
if ( $_POST['nfw_options']['nt_show_status'] == 2 ) {
|
2986 |
+
$nfw_options['nt_show_status'] = 2;
|
2987 |
+
} else {
|
2988 |
+
$nfw_options['nt_show_status'] = 1;
|
2989 |
+
}
|
2990 |
+
nfw_update_option( 'nfw_options', $nfw_options );
|
2991 |
+
echo '<div class="updated notice is-dismissible"><p>' . __('Your changes have been saved.', 'ninjafirewall') . '</p></div>';
|
2992 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
2993 |
+
}
|
2994 |
+
|
2995 |
+
if ( empty($nfw_options['nt_show_status']) ) {
|
2996 |
+
$nfw_options['nt_show_status'] = 1;
|
2997 |
+
}
|
2998 |
+
?>
|
2999 |
+
<form method="post" name="nfwnetwork">
|
3000 |
+
<?php wp_nonce_field('network_save', 'nfwnonce', 0); ?>
|
3001 |
+
<h3><?php _e('NinjaFirewall Status', 'ninjafirewall') ?></h3>
|
3002 |
+
<table class="form-table">
|
3003 |
+
<tr>
|
3004 |
+
<th scope="row"><?php _e('Display NinjaFirewall status icon in the admin bar of all sites in the network', 'ninjafirewall') ?></th>
|
3005 |
+
<td align="left" width="200"><label><input type="radio" name="nfw_options[nt_show_status]" value="1"<?php echo $nfw_options['nt_show_status'] != 2 ? ' checked' : '' ?>> <?php _e('Yes (default)', 'ninjafirewall') ?></label></td>
|
3006 |
+
<td align="left"><label><input type="radio" name="nfw_options[nt_show_status]" value="2"<?php echo $nfw_options['nt_show_status'] == 2 ? ' checked' : '' ?>> <?php _e('No', 'ninjafirewall') ?></label></td>
|
3007 |
+
</tr>
|
3008 |
+
</table>
|
3009 |
+
|
3010 |
+
<br />
|
3011 |
+
<br />
|
3012 |
+
<input class="button-primary" type="submit" name="Save" value="<?php _e('Save Network options', 'ninjafirewall') ?>" />
|
3013 |
+
</form>
|
3014 |
+
</div>
|
3015 |
+
<?php
|
3016 |
+
}
|
3017 |
+
|
3018 |
+
/* ------------------------------------------------------------------ */
|
3019 |
+
|
3020 |
+
function nf_sub_filecheck() {
|
3021 |
+
|
3022 |
+
require plugin_dir_path(__FILE__) . 'lib/nf_sub_filecheck.php';
|
3023 |
+
|
3024 |
+
}
|
3025 |
+
|
3026 |
+
add_action('nfscanevent', 'nfscando');
|
3027 |
+
|
3028 |
+
function nfscando() {
|
3029 |
+
|
3030 |
+
define('NFSCANDO', 1);
|
3031 |
+
nf_sub_filecheck();
|
3032 |
+
}
|
3033 |
+
|
3034 |
+
/* ------------------------------------------------------------------ */
|
3035 |
+
|
3036 |
+
function nf_sub_malwarescan() {
|
3037 |
+
|
3038 |
+
require plugin_dir_path(__FILE__) . 'lib/nf_sub_malwarescan.php';
|
3039 |
+
|
3040 |
+
}
|
3041 |
+
|
3042 |
+
add_action('nfmalwarescan', 'nfmalwarescando');
|
3043 |
+
function nfmalwarescando( $sigs ) {
|
3044 |
+
|
3045 |
+
define('NFW_SCAN_SIGS', $sigs );
|
3046 |
+
define('NFMALWARESCANDO', 1);
|
3047 |
+
nf_sub_malwarescan();
|
3048 |
+
|
3049 |
+
}
|
3050 |
+
|
3051 |
+
// Anti-Malware ajax processing:
|
3052 |
+
add_action( 'wp_ajax_nfw_msajax', 'nfw_msajax_callback' );
|
3053 |
+
function nfw_msajax_callback() {
|
3054 |
+
|
3055 |
+
require plugin_dir_path(__FILE__) . 'lib/wp_ajax.php';
|
3056 |
+
|
3057 |
+
}
|
3058 |
+
|
3059 |
+
/* ------------------------------------------------------------------ */
|
3060 |
+
|
3061 |
+
function nf_sub_event() {
|
3062 |
+
|
3063 |
+
require plugin_dir_path(__FILE__) . 'lib/nf_sub_event.php';
|
3064 |
+
|
3065 |
+
}
|
3066 |
+
|
3067 |
+
add_action('init', 'nf_check_dbdata', 1);
|
3068 |
+
|
3069 |
+
add_action('nfdailyreport', 'nfdailyreportdo');
|
3070 |
+
|
3071 |
+
function nfdailyreportdo() {
|
3072 |
+
define('NFREPORTDO', 1);
|
3073 |
+
nf_sub_event();
|
3074 |
+
}
|
3075 |
+
|
3076 |
+
/* ------------------------------------------------------------------ */
|
3077 |
+
|
3078 |
+
function nf_sub_log() {
|
3079 |
+
|
3080 |
+
require plugin_dir_path(__FILE__) . 'lib/nf_sub_log.php';
|
3081 |
+
|
3082 |
+
}
|
3083 |
+
/* ------------------------------------------------------------------ */
|
3084 |
+
|
3085 |
+
function nf_sub_live() {
|
3086 |
+
|
3087 |
+
require plugin_dir_path(__FILE__) . 'lib/nf_sub_livelog.php';
|
3088 |
+
|
3089 |
+
}
|
3090 |
+
/* ------------------------------------------------------------------ */
|
3091 |
+
|
3092 |
+
function nf_sub_loginprot() {
|
3093 |
+
|
3094 |
+
require plugin_dir_path(__FILE__) . 'lib/login_protection.php';
|
3095 |
+
|
3096 |
+
}
|
3097 |
+
|
3098 |
+
/* ------------------------------------------------------------------ */
|
3099 |
+
|
3100 |
+
function nfw_log2($loginfo, $logdata, $loglevel, $ruleid) { // i18n
|
3101 |
+
|
3102 |
+
|
3103 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
3104 |
+
|
3105 |
+
if (! empty($nfw_options['debug']) ) {
|
3106 |
+
$num_incident = '0000000';
|
3107 |
+
$loglevel = 7;
|
3108 |
+
$http_ret_code = '200';
|
3109 |
+
} else {
|
3110 |
+
$num_incident = mt_rand(1000000, 9000000);
|
3111 |
+
$http_ret_code = $nfw_options['ret_code'];
|
3112 |
+
}
|
3113 |
+
if (strlen($logdata) > 200) { $logdata = mb_substr($logdata, 0, 200, 'utf-8') . '...'; }
|
3114 |
+
$res = '';
|
3115 |
+
$string = str_split($logdata);
|
3116 |
+
foreach ( $string as $char ) {
|
3117 |
+
if ( ( ord($char) < 32 ) || ( ord($char) > 126 ) ) {
|
3118 |
+
$res .= '%' . bin2hex($char);
|
3119 |
+
} else {
|
3120 |
+
$res .= $char;
|
3121 |
+
}
|
3122 |
+
}
|
3123 |
+
nfw_get_blogtimezone();
|
3124 |
+
|
3125 |
+
$cur_month = date('Y-m');
|
3126 |
+
$stat_file = NFW_LOG_DIR . '/nfwlog/stats_' . $cur_month . '.php';
|
3127 |
+
$log_file = NFW_LOG_DIR . '/nfwlog/firewall_' . $cur_month . '.php';
|
3128 |
+
|
3129 |
+
if ( file_exists( $stat_file ) ) {
|
3130 |
+
$nfw_stat = file_get_contents( $stat_file, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES );
|
3131 |
+
} else {
|
3132 |
+
$nfw_stat = '0:0:0:0:0:0:0:0:0:0';
|
3133 |
+
}
|
3134 |
+
$nfw_stat_arr = explode(':', $nfw_stat . ':');
|
3135 |
+
++$nfw_stat_arr[$loglevel];
|
3136 |
+
@file_put_contents( $stat_file, $nfw_stat_arr[0] . ':' . $nfw_stat_arr[1] . ':' .
|
3137 |
+
$nfw_stat_arr[2] . ':' . $nfw_stat_arr[3] . ':' . $nfw_stat_arr[4] . ':' .
|
3138 |
+
$nfw_stat_arr[5] . ':' . $nfw_stat_arr[6] . ':' . $nfw_stat_arr[7] . ':' .
|
3139 |
+
$nfw_stat_arr[8] . ':' . $nfw_stat_arr[9], LOCK_EX );
|
3140 |
+
|
3141 |
+
if ( $loglevel == 4 ) {
|
3142 |
+
$SCRIPT_NAME = '-';
|
3143 |
+
$REQUEST_METHOD = 'N/A';
|
3144 |
+
$REMOTE_ADDR = '0.0.0.0';
|
3145 |
+
$loglevel = 6;
|
3146 |
+
} else {
|
3147 |
+
$SCRIPT_NAME = $_SERVER['SCRIPT_NAME'];
|
3148 |
+
$REQUEST_METHOD = $_SERVER['REQUEST_METHOD'];
|
3149 |
+
$REMOTE_ADDR = NFW_REMOTE_ADDR;
|
3150 |
+
}
|
3151 |
+
|
3152 |
+
if (! file_exists($log_file) ) {
|
3153 |
+
$tmp = '<?php exit; ?>' . "\n";
|
3154 |
+
} else {
|
3155 |
+
$tmp = '';
|
3156 |
+
}
|
3157 |
+
|
3158 |
+
// Which encoding to use?
|
3159 |
+
if ( defined('NFW_LOG_ENCODING') ) {
|
3160 |
+
if ( NFW_LOG_ENCODING == 'b64' ) {
|
3161 |
+
$encoding = '[b64:' . base64_encode( $res ) . ']';
|
3162 |
+
} elseif ( NFW_LOG_ENCODING == 'none' ) {
|
3163 |
+
$encoding = '[' . $res . ']';
|
3164 |
+
} else {
|
3165 |
+
$unp = unpack('H*', $res);
|
3166 |
+
$encoding = '[hex:' . array_shift( $unp ) . ']';
|
3167 |
+
}
|
3168 |
+
} else {
|
3169 |
+
$unp = unpack('H*', $res);
|
3170 |
+
$encoding = '[hex:' . array_shift( $unp ) . ']';
|
3171 |
+
}
|
3172 |
+
|
3173 |
+
@file_put_contents( $log_file,
|
3174 |
+
$tmp . '[' . time() . '] ' . '[0] ' .
|
3175 |
+
'[' . $_SERVER['SERVER_NAME'] . '] ' . '[#' . $num_incident . '] ' .
|
3176 |
+
'[' . $ruleid . '] ' .
|
3177 |
+
'[' . $loglevel . '] ' . '[' . $REMOTE_ADDR . '] ' .
|
3178 |
+
'[' . $http_ret_code . '] ' . '[' . $REQUEST_METHOD . '] ' .
|
3179 |
+
'[' . $SCRIPT_NAME . '] ' . '[' . $loginfo . '] ' .
|
3180 |
+
$encoding . "\n", FILE_APPEND | LOCK_EX);
|
3181 |
+
}
|
3182 |
+
|
3183 |
+
/* ------------------------------------------------------------------ */
|
3184 |
+
|
3185 |
+
function nf_sub_edit() {
|
3186 |
+
|
3187 |
+
nf_not_allowed( 'block', __LINE__ );
|
3188 |
+
|
3189 |
+
echo '
|
3190 |
+
<div class="wrap">
|
3191 |
+
<div style="width:33px;height:33px;background-image:url( ' . plugins_url() . '/ninjafirewall/images/ninjafirewall_32.png);background-repeat:no-repeat;background-position:0 0;margin:7px 5px 0 0;float:left;"></div>
|
3192 |
+
<h1>' . __('Rules Editor', 'ninjafirewall') .'</h1>';
|
3193 |
+
|
3194 |
+
$nfw_rules = nfw_get_option( 'nfw_rules' );
|
3195 |
+
$is_update = 0;
|
3196 |
+
|
3197 |
+
if ( isset($_POST['sel_e_r']) ) {
|
3198 |
+
if ( empty($_POST['nfwnonce']) || ! wp_verify_nonce($_POST['nfwnonce'], 'editor_save') ) {
|
3199 |
+
wp_nonce_ays('editor_save');
|
3200 |
+
}
|
3201 |
+
if ( $_POST['sel_e_r'] < 1 ) {
|
3202 |
+
echo '<div class="error notice is-dismissible"><p>' . __('Error: you did not select a rule to disable.', 'ninjafirewall') .'</p></div>';
|
3203 |
+
} else if ( ( $_POST['sel_e_r'] == 2 ) || ( $_POST['sel_e_r'] > 499 ) && ( $_POST['sel_e_r'] < 600 ) ) {
|
3204 |
+
echo '<div class="error notice is-dismissible"><p>' . __('Error: to change this rule, use the "Firewall Policies" menu.', 'ninjafirewall') .'</p></div>';
|
3205 |
+
} else if (! isset( $nfw_rules[$_POST['sel_e_r']] ) ) {
|
3206 |
+
echo '<div class="error notice is-dismissible"><p>' . __('Error: this rule does not exist.', 'ninjafirewall') .'</p></div>';
|
3207 |
+
} elseif ($_POST['sel_e_r'] != 999) {
|
3208 |
+
$nfw_rules[$_POST['sel_e_r']]['ena'] = 0;
|
3209 |
+
$is_update = 1;
|
3210 |
+
echo '<div class="updated notice is-dismissible"><p>' . sprintf( __('Rule ID %s has been disabled.', 'ninjafirewall'), htmlentities($_POST['sel_e_r']) ) .'</p></div>';
|
3211 |
+
}
|
3212 |
+
} else if ( isset($_POST['sel_d_r']) ) {
|
3213 |
+
if ( empty($_POST['nfwnonce']) || ! wp_verify_nonce($_POST['nfwnonce'], 'editor_save') ) {
|
3214 |
+
wp_nonce_ays('editor_save');
|
3215 |
+
}
|
3216 |
+
if ( $_POST['sel_d_r'] < 1 ) {
|
3217 |
+
echo '<div class="error notice is-dismissible"><p>' . __('Error: you did not select a rule to enable.', 'ninjafirewall') .'</p></div>';
|
3218 |
+
} else if ( ( $_POST['sel_d_r'] == 2 ) || ( $_POST['sel_d_r'] > 499 ) && ( $_POST['sel_d_r'] < 600 ) ) {
|
3219 |
+
echo '<div class="error notice is-dismissible"><p>' . __('Error: to change this rule, use the "Firewall Policies" menu.', 'ninjafirewall') .'</p></div>';
|
3220 |
+
} else if (! isset( $nfw_rules[$_POST['sel_d_r']] ) ) {
|
3221 |
+
echo '<div class="error notice is-dismissible"><p>' . __('Error: this rule does not exist.', 'ninjafirewall') .'</p></div>';
|
3222 |
+
} elseif ($_POST['sel_d_r'] != 999) {
|
3223 |
+
$nfw_rules[$_POST['sel_d_r']]['ena'] = 1;
|
3224 |
+
$is_update = 1;
|
3225 |
+
echo '<div class="updated notice is-dismissible"><p>' . sprintf( __('Rule ID %s has been enabled.', 'ninjafirewall'), htmlentities($_POST['sel_d_r']) ) .'</p></div>';
|
3226 |
+
}
|
3227 |
+
}
|
3228 |
+
if ( $is_update ) {
|
3229 |
+
nfw_update_option( 'nfw_rules', $nfw_rules);
|
3230 |
+
}
|
3231 |
+
|
3232 |
+
$disabled_rules = $enabled_rules = array();
|
3233 |
+
|
3234 |
+
if ( empty( $nfw_rules ) ) {
|
3235 |
+
echo '<div class="error notice is-dismissible"><p>' . __('Error: no rules found.', 'ninjafirewall') .'</p></div></div>';
|
3236 |
+
return;
|
3237 |
+
}
|
3238 |
+
|
3239 |
+
foreach ( $nfw_rules as $rule_key => $rule_value ) {
|
3240 |
+
if ( $rule_key == 999 ) { continue; }
|
3241 |
+
if (! empty( $nfw_rules[$rule_key]['ena'] ) ) {
|
3242 |
+
$enabled_rules[] = $rule_key;
|
3243 |
+
} else {
|
3244 |
+
$disabled_rules[] = $rule_key;
|
3245 |
+
}
|
3246 |
+
}
|
3247 |
+
|
3248 |
+
$nonce = wp_nonce_field('editor_save', 'nfwnonce', 0, 0);
|
3249 |
+
|
3250 |
+
echo '<br /><h3>' . __('NinjaFirewall built-in security rules', 'ninjafirewall') .'</h3>
|
3251 |
+
<table class="form-table">
|
3252 |
+
<tr>
|
3253 |
+
<th scope="row">' . __('Select the rule you want to disable or enable', 'ninjafirewall') .'</th>
|
3254 |
+
<td align="left">
|
3255 |
+
<form method="post">'. $nonce . '
|
3256 |
+
<select name="sel_e_r" style="font-family:Consolas,Monaco,monospace;">
|
3257 |
+
<option value="0">' . __('Total rules enabled', 'ninjafirewall') .' : ' . count( $enabled_rules ) . '</option>';
|
3258 |
+
sort( $enabled_rules );
|
3259 |
+
$count = 0;
|
3260 |
+
|
3261 |
+
$desr = '';
|
3262 |
+
foreach ( $enabled_rules as $key ) {
|
3263 |
+
if ( $key == 999 ) { continue; }
|
3264 |
+
if ( ( $key == 2 ) || ( $key > 499 ) && ( $key < 600 ) ) {
|
3265 |
+
echo '<option value="0" disabled="disabled">' . __('Rule ID', 'ninjafirewall') .' : ' . htmlspecialchars($key) . ' ' . __('Firewall policy', 'ninjafirewall') .'</option>';
|
3266 |
+
} else {
|
3267 |
+
if ( $key < 100 ) {
|
3268 |
+
$desc = ' ' . __('Remote/local file inclusion', 'ninjafirewall');
|
3269 |
+
} elseif ( $key < 150 ) {
|
3270 |
+
$desc = ' ' . __('Cross-site scripting', 'ninjafirewall');
|
3271 |
+
} elseif ( $key < 200 ) {
|
3272 |
+
$desc = ' ' . __('Code injection', 'ninjafirewall');
|
3273 |
+
} elseif ( $key > 249 && $key < 300 ) {
|
3274 |
+
$desc = ' ' . __('SQL injection', 'ninjafirewall');
|
3275 |
+
} elseif ( $key < 350 ) {
|
3276 |
+
$desc = ' ' . __('Various vulnerability', 'ninjafirewall');
|
3277 |
+
} elseif ( $key < 400 ) {
|
3278 |
+
$desc = ' ' . __('Backdoor/shell', 'ninjafirewall');
|
3279 |
+
} elseif ( $key > 999 && $key < 1300 ) {
|
3280 |
+
$desc = ' ' . __('Application specific', 'ninjafirewall');
|
3281 |
+
} elseif ( $key > 1349 ) {
|
3282 |
+
$desc = ' ' . __('WordPress vulnerability', 'ninjafirewall');
|
3283 |
+
}
|
3284 |
+
echo '<option value="' . htmlspecialchars($key) . '">' . __('Rule ID', 'ninjafirewall') .' : ' . htmlspecialchars($key) . $desc . '</option>';
|
3285 |
+
++$count;
|
3286 |
+
}
|
3287 |
+
}
|
3288 |
+
echo '</select> <input class="button-secondary" type="submit" name="disable" value="' . __('Disable it', 'ninjafirewall') .'"' . disabled( $count, 0) .'>
|
3289 |
+
</form>
|
3290 |
+
<br />
|
3291 |
+
<form method="post">'. $nonce . '
|
3292 |
+
<select name="sel_d_r" style="font-family:Consolas,Monaco,monospace;">
|
3293 |
+
<option value="0">' . __('Total rules disabled', 'ninjafirewall') .' : ' . count( $disabled_rules ) . '</option>';
|
3294 |
+
sort( $disabled_rules );
|
3295 |
+
$count = 0;
|
3296 |
+
foreach ( $disabled_rules as $key ) {
|
3297 |
+
if ( $key == 999 ) { continue; }
|
3298 |
+
if ( ( $key == 2 ) || ( $key > 499 ) && ( $key < 600 ) ) {
|
3299 |
+
echo '<option value="0" disabled="disabled">' . __('Rule ID', 'ninjafirewall') .' #' . htmlspecialchars($key) . ' ' . __('Firewall policy', 'ninjafirewall') .'</option>';
|
3300 |
+
} else {
|
3301 |
+
if ( $key < 100 ) {
|
3302 |
+
$desc = ' ' . __('Remote/local file inclusion', 'ninjafirewall');
|
3303 |
+
} elseif ( $key < 150 ) {
|
3304 |
+
$desc = ' ' . __('Cross-site scripting', 'ninjafirewall');
|
3305 |
+
} elseif ( $key < 200 ) {
|
3306 |
+
$desc = ' ' . __('Code injection', 'ninjafirewall');
|
3307 |
+
} elseif ( $key > 249 && $key < 300 ) {
|
3308 |
+
$desc = ' ' . __('SQL injection', 'ninjafirewall');
|
3309 |
+
} elseif ( $key < 350 ) {
|
3310 |
+
$desc = ' ' . __('Various vulnerability', 'ninjafirewall');
|
3311 |
+
} elseif ( $key < 400 ) {
|
3312 |
+
$desc = ' ' . __('Backdoor/shell', 'ninjafirewall');
|
3313 |
+
} elseif ( $key > 999 && $key < 1300 ) {
|
3314 |
+
$desc = ' ' . __('Application specific', 'ninjafirewall');
|
3315 |
+
} elseif ( $key > 1349 ) {
|
3316 |
+
$desc = ' ' . __('WordPress vulnerability', 'ninjafirewall');
|
3317 |
+
}
|
3318 |
+
echo '<option value="' . htmlspecialchars($key) . '">' . __('Rule ID', 'ninjafirewall') .' #' . htmlspecialchars($key) . $desc . '</option>';
|
3319 |
+
++$count;
|
3320 |
+
}
|
3321 |
+
}
|
3322 |
+
|
3323 |
+
echo '</select> <input class="button-secondary" type="submit" name="disable" value="' . __('Enable it', 'ninjafirewall') .'"' . disabled( $count, 0) .'>
|
3324 |
+
</form>
|
3325 |
+
<br /><span class="description">' . sprintf( __('Greyed out rules can be changed in the <a href="%s">Firewall Policies</a> page.', 'ninjafirewall'), '?page=nfsubpolicies') .'</span>
|
3326 |
+
</td>
|
3327 |
+
</tr>
|
3328 |
+
</table>
|
3329 |
+
</div>';
|
3330 |
+
|
3331 |
+
}
|
3332 |
+
|
3333 |
+
/* ------------------------------------------------------------------ */
|
3334 |
+
|
3335 |
+
function nf_sub_updates() {
|
3336 |
+
|
3337 |
+
require plugin_dir_path(__FILE__) . 'lib/nf_sub_updates.php';
|
3338 |
+
|
3339 |
+
}
|
3340 |
+
|
3341 |
+
add_action('nfsecupdates', 'nfupdatesdo');
|
3342 |
+
|
3343 |
+
function nfupdatesdo() {
|
3344 |
+
define('NFUPDATESDO', 1);
|
3345 |
+
nf_sub_updates();
|
3346 |
+
}
|
3347 |
+
|
3348 |
+
/* ------------------------------------------------------------------ */
|
3349 |
+
|
3350 |
+
function nf_sub_wplus() {
|
3351 |
+
|
3352 |
+
require plugin_dir_path(__FILE__) . 'lib/nf_sub_wplus.php';
|
3353 |
+
}
|
3354 |
+
|
3355 |
+
/* ------------------------------------------------------------------ */
|
3356 |
+
|
3357 |
+
function nf_sub_about() {
|
3358 |
+
|
3359 |
+
require plugin_dir_path(__FILE__) . 'lib/nf_sub_about.php';
|
3360 |
+
|
3361 |
+
}
|
3362 |
+
/* ------------------------------------------------------------------ */
|
3363 |
+
|
3364 |
+
function ninjafirewall_settings_link( $links ) {
|
3365 |
+
|
3366 |
+
if ( is_multisite() ) { $net = 'network/'; } else { $net = ''; }
|
3367 |
+
|
3368 |
+
$links[] = '<a href="'. get_admin_url(null, $net .'admin.php?page=NinjaFirewall') .'">'. __('Settings', 'ninjafirewall') .'</a>';
|
3369 |
+
$links[] = '<a href="https://nintechnet.com/ninjafirewall/wp-edition/?pricing" target="_blank">'. __('Upgrade to Premium', 'ninjafirewall'). '</a>';
|
3370 |
+
$links[] = '<a href="https://wordpress.org/support/view/plugin-reviews/ninjafirewall?rate=5#postform" target="_blank">'. __('Rate it!', 'ninjafirewall'). '</a>';
|
3371 |
+
unset($links['edit']);
|
3372 |
+
return $links;
|
3373 |
+
|
3374 |
+
}
|
3375 |
+
|
3376 |
+
if ( is_multisite() ) {
|
3377 |
+
add_filter( 'network_admin_plugin_action_links_' . plugin_basename(__FILE__), 'ninjafirewall_settings_link' );
|
3378 |
+
} else {
|
3379 |
+
add_filter( 'plugin_action_links_' . plugin_basename(__FILE__), 'ninjafirewall_settings_link' );
|
3380 |
+
}
|
3381 |
+
|
3382 |
+
/* ------------------------------------------------------------------ */
|
3383 |
+
|
3384 |
+
function ninjafirewall_all_plugins( $plugins ) {
|
3385 |
+
|
3386 |
+
// Cf https://blog.nintechnet.com/restricting-access-to-ninjafirewall-wp-edition-settings/
|
3387 |
+
if ( nf_not_allowed( 0, __LINE__ ) ) {
|
3388 |
+
|
3389 |
+
if ( isset( $plugins['ninjafirewall/ninjafirewall.php'] ) ) {
|
3390 |
+
unset( $plugins['ninjafirewall/ninjafirewall.php'] );
|
3391 |
+
}
|
3392 |
+
}
|
3393 |
+
return $plugins;
|
3394 |
+
}
|
3395 |
+
|
3396 |
+
add_filter( 'all_plugins', 'ninjafirewall_all_plugins' );
|
3397 |
+
|
3398 |
+
/* ------------------------------------------------------------------ */
|
3399 |
+
|
3400 |
+
function nfw_get_blogtimezone() {
|
3401 |
+
|
3402 |
+
$tzstring = get_option( 'timezone_string' );
|
3403 |
+
if (! $tzstring ) {
|
3404 |
+
$tzstring = ini_get( 'date.timezone' );
|
3405 |
+
if (! $tzstring ) {
|
3406 |
+
$tzstring = 'UTC';
|
3407 |
+
}
|
3408 |
+
}
|
3409 |
+
date_default_timezone_set( $tzstring );
|
3410 |
+
}
|
3411 |
+
/* ------------------------------------------------------------------ */
|
3412 |
+
|
3413 |
+
function nfw_check_emailalert() {
|
3414 |
+
|
3415 |
+
$nfw_options = nfw_get_option( 'nfw_options' );
|
3416 |
+
|
3417 |
+
if ( ( is_multisite() ) && ( $nfw_options['alert_sa_only'] == 2 ) ) {
|
3418 |
+
$recipient = get_option('admin_email');
|
3419 |
+
} else {
|
3420 |
+
$recipient = $nfw_options['alert_email'];
|
3421 |
+
}
|
3422 |
+
|
3423 |
+
global $current_user;
|
3424 |
+
$current_user = wp_get_current_user();
|
3425 |
+
|
3426 |
+
list( $a_1, $a_2, $a_3 ) = explode( ':', NFW_ALERT . ':' );
|
3427 |
+
|
3428 |
+
if (! empty($nfw_options['a_' . $a_1 . $a_2]) ) {
|
3429 |
+
$alert_array = array(
|
3430 |
+
'1' => array (
|
3431 |
+
'0' => __('Plugin', 'ninjafirewall'), '1' => __('uploaded', 'ninjafirewall'), '2' => __('installed', 'ninjafirewall'), '3' => __('activated', 'ninjafirewall'),
|
3432 |
+
'4' => __('updated', 'ninjafirewall'), '5' => __('deactivated', 'ninjafirewall'), '6' => __('deleted', 'ninjafirewall'), 'label' => __('Name', 'ninjafirewall')
|
3433 |
+
),
|
3434 |
+
'2' => array (
|
3435 |
+
'0' => __('Theme', 'ninjafirewall'), '1' => __('uploaded', 'ninjafirewall'), '2' => __('installed', 'ninjafirewall'), '3' => __('activated', 'ninjafirewall'),
|
3436 |
+
'4' => __('deleted', 'ninjafirewall'), 'label' => __('Name', 'ninjafirewall')
|
3437 |
+
),
|
3438 |
+
'3' => array (
|
3439 |
+
'0' => 'WordPress', '1' => __('upgraded', 'ninjafirewall'), 'label' => __('Version', 'ninjafirewall')
|
3440 |
+
)
|
3441 |
+
);
|
3442 |
+
|
3443 |
+
if ( substr_count($a_3, ',') ) {
|
3444 |
+
$alert_array[$a_1][0] .= 's';
|
3445 |
+
$alert_array[$a_1]['label'] .= 's';
|
3446 |
+
}
|
3447 |
+
$subject = __('[NinjaFirewall] Alert:', 'ninjafirewall') . ' ' . $alert_array[$a_1][0] . ' ' . $alert_array[$a_1][$a_2];
|
3448 |
+
if ( is_multisite() ) {
|
3449 |
+
$url = __('-Blog :', 'ninjafirewall') .' '. network_home_url('/') . "\n\n";
|
3450 |
+
} else {
|
3451 |
+
$url = __('-Blog :', 'ninjafirewall') .' '. home_url('/') . "\n\n";
|
3452 |
+
}
|
3453 |
+
$message = __('NinjaFirewall has detected the following activity on your account:', 'ninjafirewall') . "\n\n".
|
3454 |
+
'-' . $alert_array[$a_1][0] . ' ' . $alert_array[$a_1][$a_2] . "\n" .
|
3455 |
+
'-' . $alert_array[$a_1]['label'] . ' : ' . $a_3 . "\n\n" .
|
3456 |
+
__('-User :', 'ninjafirewall') .' '. $current_user->user_login . ' (' . $current_user->roles[0] . ")\n" .
|
3457 |
+
__('-IP :', 'ninjafirewall') .' '. NFW_REMOTE_ADDR . "\n" .
|
3458 |
+
__('-Date :', 'ninjafirewall') .' '. ucfirst( date_i18n('F j, Y @ H:i:s O') ) ."\n" .
|
3459 |
+
$url .
|
3460 |
+
'NinjaFirewall (WP Edition) - https://nintechnet.com/' . "\n" .
|
3461 |
+
__('Support forum:', 'ninjafirewall') . ' http://wordpress.org/support/plugin/ninjafirewall' . "\n";
|
3462 |
+
wp_mail( $recipient, $subject, $message );
|
3463 |
+
|
3464 |
+
if (! empty($nfw_options['a_41']) ) {
|
3465 |
+
nfw_log2(
|
3466 |
+
$alert_array[$a_1][0] . ' ' . $alert_array[$a_1][$a_2] . ' by '. $current_user->user_login,
|
3467 |
+
$alert_array[$a_1]['label'] . ': ' . $a_3,
|
3468 |
+
6,
|
3469 |
+
0
|
3470 |
+
);
|
3471 |
+
}
|
3472 |
+
|
3473 |
+
}
|
3474 |
+
}
|
3475 |
+
/* ------------------------------------------------------------------ */
|
3476 |
+
|
3477 |
+
function nfw_dashboard_widgets() {
|
3478 |
+
|
3479 |
+
require plugin_dir_path(__FILE__) . 'lib/dashboard_widget.php';
|
3480 |
+
|
3481 |
+
}
|
3482 |
+
|
3483 |
+
if ( is_multisite() ) {
|
3484 |
+
add_action( 'wp_network_dashboard_setup', 'nfw_dashboard_widgets' );
|
3485 |
+
} else {
|
3486 |
+
add_action( 'wp_dashboard_setup', 'nfw_dashboard_widgets' );
|
3487 |
+
}
|
3488 |
+
|
3489 |
+
/* ------------------------------------------------------------------ */
|
3490 |
+
|
3491 |
+
function nf_not_allowed($block, $line = 0) {
|
3492 |
+
|
3493 |
+
if ( is_multisite() ) {
|
3494 |
+
if ( current_user_can('manage_network') ) {
|
3495 |
+
return false;
|
3496 |
+
}
|
3497 |
+
} else {
|
3498 |
+
if ( current_user_can('manage_options') &&
|
3499 |
+
current_user_can('unfiltered_html') ) {
|
3500 |
+
// Check if that admin is allowed to use NinjaFirewall
|
3501 |
+
// (see NFW_ALLOWED_ADMIN at http://nin.link/nfwaa ):
|
3502 |
+
if ( defined('NFW_ALLOWED_ADMIN') ) {
|
3503 |
+
$current_user = wp_get_current_user();
|
3504 |
+
$admins = explode(',', NFW_ALLOWED_ADMIN);
|
3505 |
+
foreach ($admins as $admin) {
|
3506 |
+
if ( trim($admin) == $current_user->user_login ) {
|
3507 |
+
return false;
|
3508 |
+
}
|
3509 |
+
}
|
3510 |
+
} else {
|
3511 |
+
return false;
|
3512 |
+
}
|
3513 |
+
}
|
3514 |
+
}
|
3515 |
+
|
3516 |
+
if ($block) {
|
3517 |
+
die( '<br /><br /><br /><div class="error notice is-dismissible"><p>' .
|
3518 |
+
sprintf( __('You are not allowed to perform this task (%s).', 'ninjafirewall'), $line) .
|
3519 |
+
'</p></div>' );
|
3520 |
+
}
|
3521 |
+
return true;
|
3522 |
+
}
|
3523 |
+
|
3524 |
+
/* ------------------------------------------------------------------ */
|
3525 |
+
// EOF //
|
readme.txt
ADDED
@@ -0,0 +1,203 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
=== NinjaFirewall (WP Edition) ===
|
2 |
+
Contributors: nintechnet, bruandet
|
3 |
+
Tags: firewall, security, WAF, antivirus, brute force, protection, malware, admin, attack, backdoor, botnet, bruteforce, brute-force, hack, hhvm, infection, injection, login, nginx, nintechnet, ninjafirewall, palomuuri, pare-feu, phishing, prevention, proxy, sécurité, sécuriser, seguridad, seguranca, sicherheit, sicurezza, veiligheid, shellshock, soaksoak, sqli, trojan, user enumeration, virus, Web application firewall, widget, wp-login, XML-RPC, xmlrpc, XSS
|
4 |
+
Requires at least: 3.3.0
|
5 |
+
Tested up to: 4.9
|
6 |
+
Stable tag: 3.6
|
7 |
+
Requires PHP: 5.3
|
8 |
+
License: GPLv3 or later
|
9 |
+
License URI: http://www.gnu.org/licenses/gpl-3.0.html
|
10 |
+
|
11 |
+
A true Web Application Firewall to protect and secure WordPress.
|
12 |
+
|
13 |
+
== Description ==
|
14 |
+
|
15 |
+
= A true Web Application Firewall =
|
16 |
+
|
17 |
+
NinjaFirewall (WP Edition) is a true Web Application Firewall. Although it can be installed and configured just like a plugin, it is a stand-alone firewall that sits in front of WordPress.
|
18 |
+
|
19 |
+
It allows any blog administrator to benefit from very advanced and powerful security features that usually aren't available at the WordPress level, but only in security applications such as the Apache [ModSecurity](http://www.modsecurity.org/ "") module or the PHP [Suhosin](http://suhosin.org/ "") extension.
|
20 |
+
|
21 |
+
> NinjaFirewall requires at least PHP 5.3 (5.4 or higher recommended to use all its features) or HHVM 3.4+, MySQLi extension and is only compatible with Unix-like OS (Linux, BSD). It is **not compatible with Microsoft Windows**.
|
22 |
+
|
23 |
+
NinjaFirewall can hook, scan, sanitise or reject any HTTP/HTTPS request sent to a PHP script before it reaches WordPress or any of its plugins. All scripts located inside the blog installation directories and sub-directories will be protected, including those that aren't part of the WordPress package. Even encoded PHP scripts, hackers shell scripts and backdoors will be filtered by NinjaFirewall.
|
24 |
+
|
25 |
+
= Powerful filtering engine =
|
26 |
+
|
27 |
+
NinjaFirewall includes the most powerful filtering engine available in a WordPress plugin. Its most important feature is its ability to normalize and transform data from incoming HTTP requests which allows it to detect Web Application Firewall evasion techniques and obfuscation tactics used by hackers, as well as to support and decode a large set of encodings. See our blog for a full description: [An introduction to NinjaFirewall filtering engine](https://blog.nintechnet.com/introduction-to-ninjafirewall-filtering-engine/ "").
|
28 |
+
|
29 |
+
= Fastest and most efficient brute-force attack protection for WordPress =
|
30 |
+
|
31 |
+
By processing incoming HTTP requests before your blog and any of its plugins, NinjaFirewall is the only plugin for WordPress able to protect it against very large brute-force attacks, including distributed attacks coming from several thousands of different IPs.
|
32 |
+
|
33 |
+
See our benchmarks and stress-tests: [Brute-force attack detection plugins comparison](https://blog.nintechnet.com/wordpress-brute-force-attack-detection-plugins-comparison-2015/ "")
|
34 |
+
|
35 |
+
The protection applies to the `wp-login.php` script but can be extended to the `xmlrpc.php` one. The incident can also be written to the server `AUTH` log, which can be useful to the system administrator for monitoring purposes or banning IPs at the server level (e.g., Fail2ban).
|
36 |
+
|
37 |
+
= Real-time detection =
|
38 |
+
|
39 |
+
**File Guard** real-time detection is a totally unique feature provided by NinjaFirewall: it can detect, in real-time, any access to a PHP file that was recently modified or created, and alert you about this. If a hacker uploaded a shell script to your site (or injected a backdoor into an already existing file) and tried to directly access that file using his browser or a script, NinjaFirewall would hook the HTTP request and immediately detect that the file was recently modified or created. It would send you an alert with all details (script name, IP, request, date and time).
|
40 |
+
|
41 |
+
= File integrity monitoring =
|
42 |
+
|
43 |
+
**File Check** lets you perform file integrity monitoring by scanning your website hourly, twicedaily or daily. Any modification made to a file will be detected: file content, file permissions, file ownership, timestamp as well as file creation and deletion.
|
44 |
+
|
45 |
+
= Watch your website traffic in real time =
|
46 |
+
|
47 |
+
**Live Log** lets you watch your website traffic in real time. It displays connections in a format similar to the one used by most HTTP server logs. Because it communicates directly with the firewall, i.e., without loading WordPress, **Live Log** is fast, light and it will not affect your server load, even if you set its refresh rate to the lowest value.
|
48 |
+
|
49 |
+
= Events Notification =
|
50 |
+
|
51 |
+
NinjaFirewall can alert you by email on specific events triggered within your blog. Some of those alerts are enabled by default and it is highly recommended to keep them enabled. It is not unusual for a hacker, after breaking into your WordPress admin console, to install or just to upload a backdoored plugin or theme in order to take full control of your website.
|
52 |
+
|
53 |
+
Monitored events:
|
54 |
+
|
55 |
+
* Administrator login.
|
56 |
+
* Modification of any administrator account in the database.
|
57 |
+
* Plugins upload, installation, (de)activation, update, deletion.
|
58 |
+
* Themes upload, installation, activation, deletion.
|
59 |
+
* WordPress update.
|
60 |
+
|
61 |
+
= Stay protected against the latest WordPress security vulnerabilities =
|
62 |
+
|
63 |
+
To get the most efficient protection, NinjaFirewall can automatically update its security rules daily, twice daily or even hourly. Each time a new vulnerability is found in WordPress or one of its plugins/themes, a new set of security rules will be made available to protect your blog immediately.
|
64 |
+
|
65 |
+
= Strong Privacy =
|
66 |
+
|
67 |
+
Unlike a Cloud Web Application Firewall, or Cloud WAF, NinjaFirewall works and filters the traffic on your own server and infrastructure. That means that your sensitive data (contact form messages, customers credit card number, login credentials etc) remains on your server and is not routed through a third-party company's servers, which could pose unnecessary risks (e.g., employees accessing your data or logs in plain text, theft of private information, man-in-the-middle attack etc).
|
68 |
+
|
69 |
+
= IPv6 compatibility =
|
70 |
+
|
71 |
+
IPv6 compatibility is a mandatory feature for a security plugin: if it supports only IPv4, hackers can easily bypass the plugin by using an IPv6. NinjaFirewall natively supports IPv4 and IPv6 protocols, for both public and private addresses.
|
72 |
+
|
73 |
+
= Multi-site support =
|
74 |
+
|
75 |
+
NinjaFirewall is multi-site compatible. It will protect all sites from your network and its configuration interface will be accessible only to the Super Admin from the network main site.
|
76 |
+
|
77 |
+
= Possibility to prepend your own PHP code to the firewall =
|
78 |
+
|
79 |
+
You can prepend your own PHP code to the firewall with the help of an [optional distributed configuration file](https://nintechnet.com/ninjafirewall/wp-edition/help/?htninja). It will be processed before WordPress and all its plugins are loaded. This is a very powerful feature, and there is almost no limit to what you can do: add your own security rules, manipulate HTTP requests, variables etc.
|
80 |
+
|
81 |
+
= Low Footprint Firewall =
|
82 |
+
|
83 |
+
NinjaFirewall is very fast, optimised, compact, and requires very low system resource.
|
84 |
+
See for yourself: download and install [Query Monitor](https://wordpress.org/plugins/query-monitor/ "") and [Xdebug Profiler](https://xdebug.org/ "") and compare NinjaFirewall performances with other security plugins.
|
85 |
+
|
86 |
+
= Non-Intrusive User Interface =
|
87 |
+
|
88 |
+
NinjaFirewall looks and feels like a built-in WordPress feature. It does not contain intrusive banners, warnings or flashy colors. It uses the WordPress simple and clean interface and is also smartphone-friendly.
|
89 |
+
|
90 |
+
= Contextual Help =
|
91 |
+
|
92 |
+
Each NinjaFirewall menu page has a contextual help screen with useful information about how to use and configure it.
|
93 |
+
If you need help, click on the *Help* menu tab located in the upper right corner of each page in your admin panel.
|
94 |
+
|
95 |
+
= Need more security ? =
|
96 |
+
|
97 |
+
Check out our new supercharged edition: [NinjaFirewall WP+ Edition](https://nintechnet.com/ninjafirewall/wp-edition/ "NinjaFirewall WP+ Edition")
|
98 |
+
|
99 |
+
* Unix shared memory use for inter-process communication and blazing fast performances.
|
100 |
+
* IP-based Access Control.
|
101 |
+
* Role-based Access Control.
|
102 |
+
* Country-based Access Control via geolocation.
|
103 |
+
* URL-based Access Control.
|
104 |
+
* Bot-based Access Control.
|
105 |
+
* [Centralized Logging](https://blog.nintechnet.com/centralized-logging-with-ninjafirewall/ "Centralized Logging").
|
106 |
+
* Antispam for comment and user regisration forms.
|
107 |
+
* Rate limiting option to block aggressive bots, crawlers, web scrapers and HTTP attacks.
|
108 |
+
* Response body filter to scan the output of the HTML page right before it is sent to your visitors browser.
|
109 |
+
* Better File uploads management.
|
110 |
+
* Better logs management.
|
111 |
+
* [Syslog logging](https://blog.nintechnet.com/syslog-logging-with-ninjafirewall/ "Syslog logging").
|
112 |
+
|
113 |
+
[Learn more](https://nintechnet.com/ninjafirewall/wp-edition/ "") about the WP+ Edition unique features. [Compare](https://nintechnet.com/ninjafirewall/wp-edition/?comparison "") the WP and WP+ Editions.
|
114 |
+
|
115 |
+
|
116 |
+
= Requirements =
|
117 |
+
|
118 |
+
* WordPress 3.3+
|
119 |
+
* PHP 5.3+ (5.4 or higher recommended) or [HHVM 3.4+](https://blog.nintechnet.com/installing-ninjafirewall-with-hhvm-hiphop-virtual-machine/ "")
|
120 |
+
* MySQL or MariaDB with MySQLi extension
|
121 |
+
* Apache / Nginx / LiteSpeed compatible
|
122 |
+
* Unix-like operating systems only (Linux, BSD etc). NinjaFirewall is **NOT** compatible with Microsoft Windows.
|
123 |
+
|
124 |
+
== Frequently Asked Questions ==
|
125 |
+
|
126 |
+
= Why is NinjaFirewall different from other security plugins for WordPress ? =
|
127 |
+
|
128 |
+
NinjaFirewall sits between the attacker and WordPress. It can filter requests before they reach your blog and any of its plugins. This is how it works :
|
129 |
+
|
130 |
+
`Attacker > HTTP server > PHP > NinjaFirewall > WordPress`
|
131 |
+
|
132 |
+
And this is how all WordPress plugins work :
|
133 |
+
|
134 |
+
`Attacker > HTTP server > PHP > WordPress > Plugins`
|
135 |
+
|
136 |
+
Unlike other security plugins, it will protect all PHP scripts, including those that aren't part of the WordPress package.
|
137 |
+
|
138 |
+
= How powerful is NinjaFirewall? =
|
139 |
+
NinjaFirewall includes a very powerful filtering engine which can detect Web Application Firewall evasion techniques and obfuscation tactics used by hackers, as well as support and decode a large set of encodings. See our blog for a full description: [An introduction to NinjaFirewall 3.0 filtering engine](https://blog.nintechnet.com/introduction-to-ninjafirewall-filtering-engine/ "").
|
140 |
+
|
141 |
+
= Do I need root privileges to install NinjaFirewall ? =
|
142 |
+
|
143 |
+
NinjaFirewall does not require any root privilege and is fully compatible with shared hosting accounts. You can install it from your WordPress admin console, just like a regular plugin.
|
144 |
+
|
145 |
+
|
146 |
+
= Does it work with Nginx ? =
|
147 |
+
|
148 |
+
NinjaFirewall works with Nginx and others Unix-based HTTP servers (Apache, LiteSpeed etc). Its installer will detect it.
|
149 |
+
|
150 |
+
= Do I need to alter my PHP scripts ? =
|
151 |
+
|
152 |
+
You do not need to make any modifications to your scripts. NinjaFirewall hooks all requests before they reach your scripts. It will even work with encoded scripts (ionCube, ZendGuard, SourceGuardian etc).
|
153 |
+
|
154 |
+
= I moved my wp-config.php file to another directory. Will it work with NinjaFirewall ? =
|
155 |
+
|
156 |
+
NinjaFirewall will look for the wp-config.php script in the current folder or, if it cannot find it, in the parent folder.
|
157 |
+
|
158 |
+
= Will NinjaFirewall detect the correct IP of my visitors if I am behind a CDN service like Cloudflare ? =
|
159 |
+
|
160 |
+
You can use an optional configuration file to tell NinjaFirewall which IP to use. Please [follow these steps](https://nintechnet.com/ninjafirewall/wp-edition/help/?htninja "").
|
161 |
+
|
162 |
+
= Will it slow down my site ? =
|
163 |
+
|
164 |
+
Your visitors will not notice any difference with or without NinjaFirewall. From WordPress administration console, you can click "NinjaFirewall > Status" menu to see the benchmarks and statistics (the fastest, slowest and average time per request). NinjaFirewall is very fast, optimised, compact, requires very low system resources and [outperforms all other security plugins](https://blog.nintechnet.com/wordpress-brute-force-attack-detection-plugins-comparison/ "").
|
165 |
+
By blocking dangerous requests and bots before WordPress is loaded, it will save bandwidth and reduce server load.
|
166 |
+
|
167 |
+
= Is there any Microsoft Windows version ? =
|
168 |
+
|
169 |
+
NinjaFirewall works on Unix-like servers only. There is no Microsoft Windows version and we do not expect to release any.
|
170 |
+
|
171 |
+
|
172 |
+
== Installation ==
|
173 |
+
|
174 |
+
1. Upload `ninjafirewall` folder to the `/wp-content/plugins/` directory.
|
175 |
+
2. Activate the plugin through the 'Plugins' menu in WordPress.
|
176 |
+
3. Plugin settings are located in 'NinjaFirewall' menu.
|
177 |
+
|
178 |
+
== Screenshots ==
|
179 |
+
|
180 |
+
1. Overview page.
|
181 |
+
2. Statistics and benchmarks page.
|
182 |
+
3. Options page.
|
183 |
+
4. Policies pages: NinjaFirewall has a large list of powerful and unique policies that you can tweak accordingly to your needs.
|
184 |
+
5. Contextual help.
|
185 |
+
6. Event notifications can alert you by email on specific events triggered within your blog.
|
186 |
+
7. Login page protection: the fastest and most efficient brute-force attack protection for WordPress.
|
187 |
+
8. Live Log: lets you watch your website traffic in real time. It is fast, light and it does not affect your server load.
|
188 |
+
9. Firewall Log.
|
189 |
+
10. Dashboard widget.
|
190 |
+
11. File Guard: this is a totally unique feature, because it can detect, in real-time, any access to a PHP file that was recently modified or created, and alert you about this.
|
191 |
+
12. Network.
|
192 |
+
13. Rules Editor.
|
193 |
+
14. File Check: lets you perform file integrity monitoring upon request or on a specific interval (hourly, twicedaily, daily).
|
194 |
+
15. Security rules updates.
|
195 |
+
|
196 |
+
== Changelog ==
|
197 |
+
|
198 |
+
= v3.6 =
|
199 |
+
|
200 |
+
* Important: We have removed the "Anti-Malware" option from NinjaFirewall. Instead, we have now a brand new and much better antivirus plugin: NinjaScanner. You can download it from wordpress.org: https://wordpress.org/plugins/ninjascanner/
|
201 |
+
* [WP+ Edition] Fixed a bug where IPs that were whitelisted in the "Access Control" page could not connect to the REST API if its access was disabled in the "Firewall Policies".
|
202 |
+
* [WP+ Edition] Updated IPv4/IPv6 GeoIP databases.
|
203 |
+
* Minor fixes.
|
uninstall.php
ADDED
@@ -0,0 +1,149 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/*
|
3 |
+
+---------------------------------------------------------------------+
|
4 |
+
| NinjaFirewall (WP Edition) |
|
5 |
+
| |
|
6 |
+
| (c) NinTechNet - https://nintechnet.com/ |
|
7 |
+
+---------------------------------------------------------------------+
|
8 |
+
| This program is free software: you can redistribute it and/or |
|
9 |
+
| modify it under the terms of the GNU General Public License as |
|
10 |
+
| published by the Free Software Foundation, either version 3 of |
|
11 |
+
| the License, or (at your option) any later version. |
|
12 |
+
| |
|
13 |
+
| This program is distributed in the hope that it will be useful, |
|
14 |
+
| but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
15 |
+
| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
16 |
+
| GNU General Public License for more details. |
|
17 |
+
+---------------------------------------------------------------------+ sa
|
18 |
+
*/
|
19 |
+
|
20 |
+
if (! defined('WP_UNINSTALL_PLUGIN') ) {
|
21 |
+
exit;
|
22 |
+
}
|
23 |
+
|
24 |
+
if (version_compare(PHP_VERSION, '5.4', '<') ) {
|
25 |
+
if (! session_id() ) {
|
26 |
+
session_start();
|
27 |
+
$_SESSION['nfw_st'] = 1;
|
28 |
+
}
|
29 |
+
} else {
|
30 |
+
if (session_status() !== PHP_SESSION_ACTIVE) {
|
31 |
+
session_start();
|
32 |
+
$_SESSION['nfw_st'] = 2;
|
33 |
+
}
|
34 |
+
}
|
35 |
+
|
36 |
+
nfw_uninstall();
|
37 |
+
|
38 |
+
/* ------------------------------------------------------------------ */
|
39 |
+
|
40 |
+
function nfw_uninstall() {
|
41 |
+
|
42 |
+
// Unset the goodguy flag :
|
43 |
+
if ( isset( $_SESSION['nfw_goodguy'] ) ) {
|
44 |
+
unset( $_SESSION['nfw_goodguy'] );
|
45 |
+
}
|
46 |
+
|
47 |
+
define( 'HTACCESS_BEGIN', '# BEGIN NinjaFirewall' );
|
48 |
+
define( 'HTACCESS_END', '# END NinjaFirewall' );
|
49 |
+
define( 'PHPINI_BEGIN', '; BEGIN NinjaFirewall' );
|
50 |
+
define( 'PHPINI_END', '; END NinjaFirewall' );
|
51 |
+
define( 'WP_CONFIG_BEGIN', '// BEGIN NinjaFirewall' );
|
52 |
+
define( 'WP_CONFIG_END', '// END NinjaFirewall' );
|
53 |
+
|
54 |
+
// Retrieve installation info :
|
55 |
+
if ( is_multisite() ) {
|
56 |
+
$nfw_install = get_site_option('nfw_install');
|
57 |
+
} else {
|
58 |
+
$nfw_install = get_option('nfw_install');
|
59 |
+
}
|
60 |
+
|
61 |
+
|
62 |
+
// Clean-up wp-config.php:
|
63 |
+
if (! empty( $nfw_install['wp_config'] ) && file_exists( $nfw_install['wp_config'] ) && is_writable( $nfw_install['wp_config'] ) ) {
|
64 |
+
$wp_config_content = @file_get_contents( $nfw_install['wp_config'] );
|
65 |
+
$wp_config_content = preg_replace( '`\s?'. WP_CONFIG_BEGIN .'.+?'. WP_CONFIG_END .'[^\r\n]*\s?`s' , "\n", $wp_config_content);
|
66 |
+
@file_put_contents( $nfw_install['wp_config'], $wp_config_content, LOCK_EX );
|
67 |
+
}
|
68 |
+
|
69 |
+
|
70 |
+
// Clean-up .htaccess :
|
71 |
+
if (! empty($nfw_install['htaccess']) && file_exists($nfw_install['htaccess']) ) {
|
72 |
+
$htaccess_file = $nfw_install['htaccess'];
|
73 |
+
} elseif ( file_exists( ABSPATH . '.htaccess' ) ) {
|
74 |
+
$htaccess_file = ABSPATH . '.htaccess';
|
75 |
+
} else {
|
76 |
+
$htaccess_file = '';
|
77 |
+
}
|
78 |
+
|
79 |
+
// Ensure it is writable :
|
80 |
+
if (! empty($htaccess_file) && is_writable( $htaccess_file ) ) {
|
81 |
+
$data = file_get_contents( $htaccess_file );
|
82 |
+
// Find / delete instructions :
|
83 |
+
$data = preg_replace( '`\s?'. HTACCESS_BEGIN .'.+?'. HTACCESS_END .'[^\r\n]*\s?`s' , "\n", $data);
|
84 |
+
@file_put_contents( $htaccess_file, $data, LOCK_EX );
|
85 |
+
}
|
86 |
+
|
87 |
+
// Clean up PHP INI file :
|
88 |
+
if (! empty($nfw_install['phpini']) && file_exists($nfw_install['phpini']) ) {
|
89 |
+
if ( is_writable( $nfw_install['phpini'] ) ) {
|
90 |
+
$phpini[] = $nfw_install['phpini'];
|
91 |
+
}
|
92 |
+
}
|
93 |
+
if ( file_exists( ABSPATH . 'php.ini' ) ) {
|
94 |
+
if ( is_writable( ABSPATH . 'php.ini' ) ) {
|
95 |
+
$phpini[] = ABSPATH . 'php.ini';
|
96 |
+
}
|
97 |
+
}
|
98 |
+
if ( file_exists( ABSPATH . 'php5.ini' ) ) {
|
99 |
+
if ( is_writable( ABSPATH . 'php5.ini' ) ) {
|
100 |
+
$phpini[] = ABSPATH . 'php5.ini';
|
101 |
+
}
|
102 |
+
}
|
103 |
+
if ( file_exists( ABSPATH . '.user.ini' ) ) {
|
104 |
+
if ( is_writable( ABSPATH . '.user.ini' ) ) {
|
105 |
+
$phpini[] = ABSPATH . '.user.ini';
|
106 |
+
}
|
107 |
+
}
|
108 |
+
foreach( $phpini as $ini ) {
|
109 |
+
$data = file_get_contents( $ini );
|
110 |
+
$data = preg_replace( '`\s?'. PHPINI_BEGIN .'.+?'. PHPINI_END .'[^\r\n]*\s?`s' , "\n", $data);
|
111 |
+
@file_put_contents( $ini, $data, LOCK_EX );
|
112 |
+
}
|
113 |
+
|
114 |
+
// Remove any scheduled cron job :
|
115 |
+
if ( wp_next_scheduled('nfscanevent') ) {
|
116 |
+
wp_clear_scheduled_hook('nfscanevent');
|
117 |
+
}
|
118 |
+
if ( wp_next_scheduled('nfsecupdates') ) {
|
119 |
+
wp_clear_scheduled_hook('nfsecupdates');
|
120 |
+
}
|
121 |
+
if ( wp_next_scheduled('nfdailyreport') ) {
|
122 |
+
wp_clear_scheduled_hook('nfdailyreport');
|
123 |
+
}
|
124 |
+
if ( wp_next_scheduled( 'nfwgccron' ) ) {
|
125 |
+
wp_clear_scheduled_hook( 'nfwgccron' );
|
126 |
+
}
|
127 |
+
|
128 |
+
// Delete DB rows :
|
129 |
+
delete_option('nfw_options');
|
130 |
+
delete_option('nfw_rules');
|
131 |
+
delete_option('nfw_install');
|
132 |
+
delete_option('nfw_tmp');
|
133 |
+
if ( is_multisite() ) {
|
134 |
+
// Delete those ones too :
|
135 |
+
delete_site_option('nfw_options');
|
136 |
+
delete_site_option('nfw_rules');
|
137 |
+
delete_site_option('nfw_install');
|
138 |
+
delete_site_option('nfw_tmp');
|
139 |
+
}
|
140 |
+
|
141 |
+
// Clear session flag:
|
142 |
+
if ( isset( $_SESSION['nfw_goodguy'] ) ) {
|
143 |
+
unset( $_SESSION['nfw_goodguy'] );
|
144 |
+
}
|
145 |
+
|
146 |
+
}
|
147 |
+
|
148 |
+
/* ------------------------------------------------------------------ */
|
149 |
+
// EOF
|