Version Description
Download this release
Release Info
Developer | invisnet |
Plugin | WP fail2ban |
Version | 4.3.0-RC4 |
Comparing to | |
See all releases |
Code changes from version 4.2.8 to 4.3.0-RC4
- admin/admin.php +195 -80
- admin/config.php +160 -134
- admin/config/block.php +127 -103
- admin/config/logging.php +224 -221
- admin/config/plugins.php +110 -171
- admin/config/remote-ips.php +97 -85
- admin/config/syslog.php +164 -129
- admin/lib/about.php +124 -173
- admin/lib/tab.php +480 -241
- admin/tools.php +52 -0
- assets/icon.svg +7 -0
- assets/menu.svg +7 -0
- feature/comments.php +146 -157
- feature/lib.php +154 -110
- feature/password.php +23 -23
- feature/plugins.php +234 -212
- feature/spam.php +37 -46
- feature/user-enum.php +103 -119
- feature/user.php +62 -46
- feature/xmlrpc.php +82 -88
- feature/xmlrpc/log.php +22 -24
- feature/xmlrpc/pingback.php +24 -26
- filters.d/wordpress-extra.conf +1 -1
- filters.d/wordpress-hard.conf +2 -1
- filters.d/wordpress-soft.conf +3 -2
- lib/activation.php +83 -0
- lib/constants.php +112 -134
- lib/convert-data.php +102 -0
- lib/defaults.php +34 -71
- lib/loader.php +450 -311
- readme.txt +75 -70
- vendor/freemius/wordpress-sdk/includes/class-freemius.php +1 -3
- wp-fail2ban-core.php +124 -0
- wp-fail2ban-features.php +117 -0
- wp-fail2ban-main.php +18 -284
- wp-fail2ban-premium.php +94 -0
- wp-fail2ban.php +37 -82
admin/admin.php
CHANGED
@@ -4,96 +4,211 @@
|
|
4 |
* Admin
|
5 |
*
|
6 |
* @package wp-fail2ban
|
7 |
-
* @since
|
8 |
*/
|
9 |
namespace org\lecklider\charles\wordpress\wp_fail2ban;
|
10 |
|
11 |
-
|
12 |
-
|
13 |
-
|
14 |
-
|
15 |
-
|
16 |
-
|
17 |
-
|
18 |
-
|
19 |
-
|
20 |
-
|
21 |
-
|
22 |
-
|
23 |
-
|
24 |
-
|
25 |
-
|
26 |
-
|
27 |
-
'
|
28 |
-
|
29 |
-
|
30 |
-
|
31 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
32 |
|
33 |
-
|
34 |
-
|
35 |
-
|
36 |
-
|
37 |
-
|
38 |
-
|
39 |
-
|
40 |
-
|
41 |
-
|
42 |
-
|
43 |
-
|
44 |
-
|
45 |
-
|
46 |
-
'
|
|
|
|
|
|
|
47 |
'wpf2b-settings',
|
48 |
__NAMESPACE__ . '\\settings'
|
49 |
);
|
|
|
|
|
|
|
|
|
50 |
}
|
51 |
|
52 |
-
|
53 |
-
|
54 |
-
|
55 |
-
|
56 |
-
|
57 |
-
|
58 |
-
|
59 |
-
)
|
60 |
-
|
61 |
-
|
62 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
63 |
}
|
64 |
-
} );
|
65 |
-
if ( array_key_exists( 'wp-fail2ban', $submenu ) ) {
|
66 |
-
$submenu['wp-fail2ban'][0][0] = __( 'Welcome' );
|
67 |
}
|
68 |
-
|
69 |
-
|
70 |
-
|
71 |
-
|
72 |
-
|
73 |
-
|
74 |
-
|
75 |
-
|
76 |
-
|
77 |
-
|
78 |
-
|
79 |
-
|
80 |
-
|
81 |
-
|
82 |
-
|
83 |
-
|
84 |
-
|
85 |
-
|
86 |
-
|
87 |
-
|
88 |
-
(
|
89 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
90 |
}
|
91 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
92 |
}
|
93 |
-
|
94 |
-
add_filter(
|
95 |
-
'plugin_action_links',
|
96 |
-
__NAMESPACE__ . '\\plugin_action_links',
|
97 |
-
10,
|
98 |
-
2
|
99 |
-
);
|
4 |
* Admin
|
5 |
*
|
6 |
* @package wp-fail2ban
|
7 |
+
* @since 4.0.0
|
8 |
*/
|
9 |
namespace org\lecklider\charles\wordpress\wp_fail2ban;
|
10 |
|
11 |
+
|
12 |
+
if ( defined( 'ABSPATH' ) ) {
|
13 |
+
require_once __DIR__ . '/config.php';
|
14 |
+
require_once __DIR__ . '/tools.php';
|
15 |
+
require_once __DIR__ . '/lib/about.php';
|
16 |
+
include_once_exists( WP_FAIL2BAN_DIR . '/premium/admin/admin.php' );
|
17 |
+
/**
|
18 |
+
* Helper: Security and Settings menu
|
19 |
+
*
|
20 |
+
* @since 4.3.0
|
21 |
+
*
|
22 |
+
* @param string $capability Capability
|
23 |
+
*/
|
24 |
+
function _security_settings( $capability = 'manage_options' )
|
25 |
+
{
|
26 |
+
|
27 |
+
if ( function_exists( '\\add_security_page' ) ) {
|
28 |
+
$hook = add_security_page(
|
29 |
+
'WP fail2ban',
|
30 |
+
'WP fail2ban',
|
31 |
+
plugin_basename( WP_FAIL2BAN_DIR ),
|
32 |
+
__NAMESPACE__ . '\\security'
|
33 |
+
);
|
34 |
+
add_action( "load-{$hook}", function () {
|
35 |
+
TabBase::setDefaultTab( 'logging' );
|
36 |
+
TabBase::getActiveTab()->current_screen();
|
37 |
+
} );
|
38 |
+
if ( class_exists( __NAMESPACE__ . '\\premium\\WPf2b' ) ) {
|
39 |
+
_settings( 'status', $capability );
|
40 |
+
}
|
41 |
+
} else {
|
42 |
+
_settings( apply_filters( __METHOD__ . '.page', 'logging' ), $capability );
|
43 |
+
}
|
44 |
|
45 |
+
}
|
46 |
+
|
47 |
+
/**
|
48 |
+
* Helper: Settings menu
|
49 |
+
*
|
50 |
+
* @since 4.3.0
|
51 |
+
*
|
52 |
+
* @param $page string|null
|
53 |
+
* @param $capability string
|
54 |
+
*/
|
55 |
+
function _settings( $page = null, $capability = 'manage_options' )
|
56 |
+
{
|
57 |
+
$hook = add_submenu_page(
|
58 |
+
'wp-fail2ban-menu',
|
59 |
+
__( 'Settings', 'wp-fail2ban' ),
|
60 |
+
__( 'Settings', 'wp-fail2ban' ),
|
61 |
+
$capability,
|
62 |
'wpf2b-settings',
|
63 |
__NAMESPACE__ . '\\settings'
|
64 |
);
|
65 |
+
add_action( "load-{$hook}", function () use( $page ) {
|
66 |
+
TabBase::setDefaultTab( $page );
|
67 |
+
TabBase::getActiveTab()->current_screen();
|
68 |
+
} );
|
69 |
}
|
70 |
|
71 |
+
/**
|
72 |
+
* Helper: Remote Tools menu
|
73 |
+
*
|
74 |
+
* @since 4.3.0
|
75 |
+
*
|
76 |
+
* @param string $capability Capability
|
77 |
+
*/
|
78 |
+
function _remote_tools( $capability = 'manage_options' )
|
79 |
+
{
|
80 |
+
add_submenu_page(
|
81 |
+
'wp-fail2ban-menu',
|
82 |
+
__( 'Tools', 'wp-fail2ban' ),
|
83 |
+
__( ' - Remote Tools (β)', 'wp-fail2ban' ),
|
84 |
+
$capability,
|
85 |
+
'wp-fail2ban-tools',
|
86 |
+
__NAMESPACE__ . '\\remote_tools'
|
87 |
+
);
|
88 |
+
}
|
89 |
+
|
90 |
+
/**
|
91 |
+
* Register admin menus
|
92 |
+
*
|
93 |
+
* @since 4.0.0
|
94 |
+
*/
|
95 |
+
function admin_menu()
|
96 |
+
{
|
97 |
+
if ( wf_fs()->is_free_plan() && !wf_fs()->is_trial() || wf_fs()->is_plan( 'remote', true ) ) {
|
98 |
+
|
99 |
+
if ( !is_multisite() ) {
|
100 |
+
add_menu_page(
|
101 |
+
'WP fail2ban',
|
102 |
+
'WP fail2ban',
|
103 |
+
'manage_options',
|
104 |
+
'wp-fail2ban-menu',
|
105 |
+
__NAMESPACE__ . '\\about',
|
106 |
+
plugin_dir_url( WP_FAIL2BAN_FILE ) . 'assets/menu.svg'
|
107 |
+
);
|
108 |
+
add_action( 'admin_menu', __NAMESPACE__ . '\\admin_menu_fix', PHP_INT_MAX );
|
109 |
+
|
110 |
+
if ( !is_multisite() ) {
|
111 |
+
_security_settings();
|
112 |
+
_remote_tools();
|
113 |
+
}
|
114 |
+
|
115 |
+
}
|
116 |
+
|
117 |
}
|
|
|
|
|
|
|
118 |
}
|
119 |
+
|
120 |
+
add_action( 'admin_menu', __NAMESPACE__ . '\\admin_menu' );
|
121 |
+
/**
|
122 |
+
* Register network admin menus
|
123 |
+
*
|
124 |
+
* @since 4.3.0
|
125 |
+
*/
|
126 |
+
function network_admin_menu()
|
127 |
+
{
|
128 |
+
|
129 |
+
if ( wf_fs()->is_free_plan() && !wf_fs()->is_trial() ) {
|
130 |
+
add_menu_page(
|
131 |
+
'WP fail2ban',
|
132 |
+
'WP fail2ban',
|
133 |
+
'manage_options',
|
134 |
+
'wp-fail2ban-menu',
|
135 |
+
__NAMESPACE__ . '\\about',
|
136 |
+
plugin_dir_url( WP_FAIL2BAN_FILE ) . 'assets/menu.svg'
|
137 |
+
);
|
138 |
+
add_action( 'network_admin_menu', __NAMESPACE__ . '\\admin_menu_fix', PHP_INT_MAX );
|
139 |
+
_security_settings();
|
140 |
+
_remote_tools();
|
141 |
+
}
|
142 |
+
|
143 |
+
}
|
144 |
+
|
145 |
+
add_action( 'network_admin_menu', __NAMESPACE__ . '\\network_admin_menu' );
|
146 |
+
/**
|
147 |
+
* Fix first submenu name.
|
148 |
+
*
|
149 |
+
* @since 4.3.0
|
150 |
+
*/
|
151 |
+
function admin_menu_fix()
|
152 |
+
{
|
153 |
+
global $submenu ;
|
154 |
+
if ( isset( $submenu['wp-fail2ban-menu'] ) && 'WP fail2ban' == @$submenu['wp-fail2ban-menu'][0][0] ) {
|
155 |
+
$submenu['wp-fail2ban-menu'][0][0] = __( 'Welcome', 'wp-fail2ban' );
|
156 |
+
}
|
157 |
+
}
|
158 |
+
|
159 |
+
/**
|
160 |
+
* Add Settings link on Plugins page
|
161 |
+
*
|
162 |
+
* @since 4.2.0
|
163 |
+
*
|
164 |
+
* @param string[] $actions An array of plugin action links. By default this can include 'activate',
|
165 |
+
* 'deactivate', and 'delete'.
|
166 |
+
* @param string $plugin_file Path to the plugin file relative to the plugins directory.
|
167 |
+
* @param array $plugin_data An array of plugin data. See `get_plugin_data()`.
|
168 |
+
* @param string $context The plugin context. By default this can include 'all', 'active', 'inactive',
|
169 |
+
* 'recently_activated', 'upgrade', 'mustuse', 'dropins', and 'search'.
|
170 |
+
*/
|
171 |
+
function plugin_action_links(
|
172 |
+
$actions,
|
173 |
+
$plugin_file,
|
174 |
+
$plugin_data,
|
175 |
+
$context
|
176 |
+
)
|
177 |
+
{
|
178 |
+
|
179 |
+
if ( preg_match( "|{$plugin_file}\$|", WP_FAIL2BAN_FILE ) && (!is_multisite() || is_network_admin()) ) {
|
180 |
+
|
181 |
+
if ( function_exists( '\\add_security_page' ) ) {
|
182 |
+
return $actions;
|
183 |
+
} else {
|
184 |
+
$page = 'wpf2b-fail2ban-menu';
|
185 |
+
}
|
186 |
+
|
187 |
+
$settings = sprintf(
|
188 |
+
'<a href="%s?page=wpf2b-settings&tab=about" title="%s">%s</a>',
|
189 |
+
network_admin_url( 'admin.php' ),
|
190 |
+
__( 'Settings', 'wp-fail2ban' ),
|
191 |
+
( function_exists( '\\add_security_page' ) ? '<span class="dashicon dashicons-admin-generic"></span>' : __( 'Settings', 'wp-fail2ban' ) )
|
192 |
+
);
|
193 |
+
// Add Settings at the start
|
194 |
+
$actions = array_merge( [
|
195 |
+
'settings' => $settings,
|
196 |
+
], $actions );
|
197 |
+
}
|
198 |
+
|
199 |
+
return $actions;
|
200 |
}
|
201 |
+
|
202 |
+
add_filter(
|
203 |
+
'plugin_action_links',
|
204 |
+
__NAMESPACE__ . '\\plugin_action_links',
|
205 |
+
10,
|
206 |
+
4
|
207 |
+
);
|
208 |
+
add_filter(
|
209 |
+
'network_admin_plugin_action_links',
|
210 |
+
__NAMESPACE__ . '\\plugin_action_links',
|
211 |
+
10,
|
212 |
+
4
|
213 |
+
);
|
214 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
admin/config.php
CHANGED
@@ -1,160 +1,186 @@
|
|
1 |
<?php
|
2 |
-
|
3 |
/**
|
4 |
* Config
|
5 |
*
|
6 |
* @package wp-fail2ban
|
7 |
-
* @since
|
8 |
*/
|
9 |
namespace org\lecklider\charles\wordpress\wp_fail2ban;
|
10 |
|
11 |
-
if (
|
12 |
-
|
13 |
-
|
14 |
-
require_once '
|
15 |
-
|
16 |
-
require_once
|
17 |
-
|
18 |
-
|
19 |
-
|
20 |
-
|
21 |
-
|
22 |
-
|
23 |
-
|
24 |
-
|
25 |
-
|
26 |
-
|
27 |
-
|
28 |
-
|
29 |
-
|
30 |
-
|
31 |
-
|
32 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
33 |
}
|
34 |
-
|
35 |
-
|
36 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
37 |
}
|
38 |
-
|
39 |
-
}
|
40 |
|
41 |
-
/**
|
42 |
-
|
43 |
-
|
44 |
-
|
45 |
-
|
46 |
-
function
|
47 |
-
{
|
48 |
-
$tabs = [];
|
49 |
-
|
50 |
-
if ( !function_exists( '\\add_security_page' ) ) {
|
51 |
$tabs = [
|
52 |
'logging',
|
53 |
'syslog',
|
54 |
'block',
|
55 |
-
'remote-ips'
|
|
|
56 |
];
|
57 |
-
|
58 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
59 |
}
|
|
|
|
|
|
|
60 |
}
|
61 |
-
|
62 |
-
$default = 'logging';
|
63 |
-
render_tabs( $tabs, $default, 'wpf2b-settings' );
|
64 |
-
}
|
65 |
|
66 |
-
/**
|
67 |
-
|
68 |
-
|
69 |
-
|
70 |
-
|
71 |
-
|
72 |
-
|
73 |
-
|
74 |
-
|
75 |
-
|
76 |
-
|
77 |
-
|
78 |
-
|
79 |
-
|
80 |
-
|
81 |
-
|
82 |
-
|
83 |
-
|
84 |
-
|
85 |
-
|
86 |
-
|
87 |
-
|
88 |
-
|
89 |
-
|
90 |
-
$
|
|
|
|
|
|
|
|
|
91 |
}
|
92 |
-
|
93 |
-
|
94 |
-
|
95 |
-
|
96 |
-
|
97 |
-
|
98 |
-
|
99 |
-
|
100 |
-
|
|
|
|
|
101 |
);
|
102 |
-
|
103 |
-
?>
|
104 |
-
</h2>
|
105 |
-
|
106 |
-
<form action="options.php?tab=<?php
|
107 |
-
echo $active_tab->getSlug() ;
|
108 |
-
?>" method="post">
|
109 |
-
<?php
|
110 |
-
settings_fields( 'wp-fail2ban' );
|
111 |
-
$active_tab->render();
|
112 |
-
echo '<hr><p>' . __( '<strong>Note:</strong> The Free version of <em>WP fail2ban</em> is configured by defining constants in <tt>wp-config.php</tt>; these tabs display those values.' ) . '<br>' . __( 'Upgrade to the Premium version to enable this interface.' ) . '</p>' ;
|
113 |
-
?>
|
114 |
-
</form>
|
115 |
-
</div>
|
116 |
-
<?php
|
117 |
-
}
|
118 |
|
119 |
-
|
120 |
-
|
121 |
-
|
122 |
-
|
123 |
-
*/
|
124 |
-
function remote_tools()
|
125 |
-
{
|
126 |
-
global $current_user ;
|
127 |
-
?>
|
128 |
-
<div class="wrap">
|
129 |
-
<h1>Remote Tools (β)</h1>
|
130 |
-
<hr class="wp-header-end">
|
131 |
-
<?php
|
132 |
-
|
133 |
-
if ( function_exists( '\\org\\lecklider\\charles\\wordpress\\wp_fail2ban\\addons\\remote_tools\\tab' ) ) {
|
134 |
-
\org\lecklider\charles\wordpress\wp_fail2ban\addons\remote_tools\tab();
|
135 |
-
} else {
|
136 |
?>
|
137 |
-
|
138 |
-
<a class="nav-tab nav-tab-active" href="#">Overview</a>
|
139 |
-
</h2>
|
140 |
-
<div class="card">
|
141 |
-
<h2>Remote Tools Add-on</h2>
|
142 |
-
<p>This add-on provides features that make life with WP fail2ban easier, all from a remote server. This gives access to valuable but infrequently used tools without bloating the core plugin.</p>
|
143 |
-
<p>The first of these is a <strong>Custom Filter Tool</strong> (CFT).</p>
|
144 |
-
<blockquote>
|
145 |
-
<p>The filter files included are intended only as a starting point for those who want <em>WPf2b</em> to work “out of the box”.</p>
|
146 |
-
<p>There is no “one size fits all” configuration possible for <em>fail2ban</em> - what may be a soft failure for one site should be treated as a hard failure for another, and vice versa.</p>
|
147 |
-
</blockquote>
|
148 |
-
<p>You could simply edit the filter files included, but it‘s surprisingly easy to make a mistake; I learned this the hard way with earlier versions of <em>WPf2b</em>.... The CFT removes most of the opportunities for human error - always a good thing!</p>
|
149 |
-
<hr>
|
150 |
-
<p>The Remote Tools Add-on is available from the <a href="<?php
|
151 |
-
echo admin_url( 'admin.php?page=wp-fail2ban-addons' ) ;
|
152 |
-
?>">Add-Ons menu</a>.</p>
|
153 |
</div>
|
154 |
-
<?php
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
155 |
}
|
156 |
-
|
157 |
-
?>
|
158 |
-
</div>
|
159 |
-
<?php
|
160 |
}
|
|
1 |
<?php
|
|
|
2 |
/**
|
3 |
* Config
|
4 |
*
|
5 |
* @package wp-fail2ban
|
6 |
+
* @since 4.0.0
|
7 |
*/
|
8 |
namespace org\lecklider\charles\wordpress\wp_fail2ban;
|
9 |
|
10 |
+
if (defined('ABSPATH')) {
|
11 |
+
require_once 'lib/tab.php';
|
12 |
+
require_once 'config/block.php';
|
13 |
+
require_once 'config/logging.php';
|
14 |
+
require_once 'config/plugins.php';
|
15 |
+
require_once 'config/remote-ips.php';
|
16 |
+
require_once 'config/syslog.php';
|
17 |
+
|
18 |
+
if (false === (@include_once WP_FAIL2BAN_DIR.'/premium/admin/config.php')) {
|
19 |
+
/**
|
20 |
+
* Init
|
21 |
+
*
|
22 |
+
*/
|
23 |
+
function init_tabs()
|
24 |
+
{
|
25 |
+
new TabBlock();
|
26 |
+
new TabLogging();
|
27 |
+
new TabPlugins();
|
28 |
+
new TabRemoteIPs();
|
29 |
+
new TabSyslog();
|
30 |
+
}
|
31 |
+
add_action('init', __NAMESPACE__.'\init_tabs', 999);
|
32 |
+
} // @include
|
33 |
+
|
34 |
+
/**
|
35 |
+
* Display settings messages.
|
36 |
+
*
|
37 |
+
* @since 4.3.0
|
38 |
+
*/
|
39 |
+
function admin_notices()
|
40 |
+
{
|
41 |
+
$screen = get_current_screen();
|
42 |
+
switch ($screen->id) {
|
43 |
+
case 'security_page_wp-fail2ban-premium':
|
44 |
+
case 'wp-fail2ban_page_wpf2b-settings':
|
45 |
+
settings_errors();
|
46 |
+
break;
|
47 |
+
}
|
48 |
}
|
49 |
+
add_action('admin_notices', __NAMESPACE__.'\admin_notices');
|
50 |
+
|
51 |
+
/**
|
52 |
+
* Get network settings messages.
|
53 |
+
*
|
54 |
+
* @since 4.3.0
|
55 |
+
*/
|
56 |
+
function network_admin_notices()
|
57 |
+
{
|
58 |
+
$screen = get_current_screen();
|
59 |
+
switch ($screen->id) {
|
60 |
+
case 'security_page_wp-fail2ban-premium-network':
|
61 |
+
case 'wp-fail2ban_page_wpf2b-settings-network':
|
62 |
+
if ($transients = get_site_transient('settings_errors')) {
|
63 |
+
global $wp_settings_errors;
|
64 |
+
|
65 |
+
$wp_settings_errors = array_merge((array)$wp_settings_errors, $transients);
|
66 |
+
delete_site_transient('settings_errors');
|
67 |
+
}
|
68 |
+
settings_errors();
|
69 |
+
break;
|
70 |
+
}
|
71 |
}
|
72 |
+
add_action('network_admin_notices', __NAMESPACE__.'\network_admin_notices');
|
|
|
73 |
|
74 |
+
/**
|
75 |
+
* Render Security settings.
|
76 |
+
*
|
77 |
+
* @since 4.3.0
|
78 |
+
*/
|
79 |
+
function security()
|
80 |
+
{
|
|
|
|
|
|
|
81 |
$tabs = [
|
82 |
'logging',
|
83 |
'syslog',
|
84 |
'block',
|
85 |
+
'remote-ips',
|
86 |
+
'plugins'
|
87 |
];
|
88 |
+
$tabs = apply_filters(__METHOD__.'.tabs', $tabs);
|
89 |
+
$page = apply_filters(__METHOD__.'.page', plugin_basename(WP_FAIL2BAN_DIR));
|
90 |
+
|
91 |
+
render_tabs($tabs, $page);
|
92 |
+
}
|
93 |
+
|
94 |
+
/**
|
95 |
+
* Render Settings.
|
96 |
+
*
|
97 |
+
* @since 4.0.0
|
98 |
+
*/
|
99 |
+
function settings()
|
100 |
+
{
|
101 |
+
$tabs = [];
|
102 |
+
|
103 |
+
if (!function_exists('\add_security_page')) {
|
104 |
+
$tabs = [
|
105 |
+
'logging',
|
106 |
+
'syslog',
|
107 |
+
'block',
|
108 |
+
'remote-ips'
|
109 |
+
];
|
110 |
+
if (version_compare(PHP_VERSION, '5.6.0', '>=')) {
|
111 |
+
$tabs[] = 'plugins';
|
112 |
+
}
|
113 |
}
|
114 |
+
$tabs = apply_filters(__METHOD__.'.tabs', $tabs);
|
115 |
+
|
116 |
+
render_tabs($tabs, 'wpf2b-settings');
|
117 |
}
|
|
|
|
|
|
|
|
|
118 |
|
119 |
+
/**
|
120 |
+
* Render Tabs.
|
121 |
+
*
|
122 |
+
* @since 4.3.0
|
123 |
+
*
|
124 |
+
* @param array $tabs List of slugs of tabs to render
|
125 |
+
* @param string $menu Menu slug
|
126 |
+
*/
|
127 |
+
function render_tabs(array $tabs, $menu)
|
128 |
+
{
|
129 |
+
$active_tab = TabBase::getActiveTab();
|
130 |
+
|
131 |
+
?>
|
132 |
+
<div class="wrap">
|
133 |
+
<?=apply_filters(__METHOD__.'.title', sprintf('<h1>%s</h1>', __('Settings', 'wp-fail2ban')))?>
|
134 |
+
<hr class="wp-header-end">
|
135 |
+
|
136 |
+
<h2 class="nav-tab-wrapper wp-clearfix">
|
137 |
+
<?php
|
138 |
+
foreach ($tabs as $slug) {
|
139 |
+
$class = 'nav-tab';
|
140 |
+
if ($active_tab->getSlug() == $slug) {
|
141 |
+
$class .= ' nav-tab-active';
|
142 |
+
}
|
143 |
+
$params = apply_filters(__METHOD__.'.params', [
|
144 |
+
'page' => $menu,
|
145 |
+
'tab' => $slug
|
146 |
+
]);
|
147 |
+
printf('<a class="%s" href="?%s">%s</a>', $class, http_build_query($params), TabBase::getTabName($slug));
|
148 |
}
|
149 |
+
?>
|
150 |
+
</h2>
|
151 |
+
|
152 |
+
<?php
|
153 |
+
// Because the settings API was never finished we need an ugly hack
|
154 |
+
$action = sprintf(
|
155 |
+
'%s?tab=%s',
|
156 |
+
admin_url(is_network_admin()
|
157 |
+
? 'admin-post.php'
|
158 |
+
: 'options.php'),
|
159 |
+
$active_tab->getSlug()
|
160 |
);
|
161 |
+
?>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
162 |
|
163 |
+
<form action="<?=$action?>" method="post">
|
164 |
+
<?php
|
165 |
+
settings_fields('wp-fail2ban');
|
166 |
+
$active_tab->render();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
167 |
?>
|
168 |
+
</form>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
169 |
</div>
|
170 |
+
<?php
|
171 |
+
}
|
172 |
+
|
173 |
+
/**
|
174 |
+
* Helper: filtered defined(...)
|
175 |
+
*
|
176 |
+
* @since 4.3.0
|
177 |
+
*
|
178 |
+
* @param string $define
|
179 |
+
* @return mixed
|
180 |
+
*/
|
181 |
+
function have_defined($define)
|
182 |
+
{
|
183 |
+
return apply_filters(__NAMESPACE__.'\have_defined', defined($define), $define);
|
184 |
}
|
|
|
|
|
|
|
|
|
185 |
}
|
186 |
+
|
admin/config/block.php
CHANGED
@@ -1,120 +1,144 @@
|
|
1 |
<?php
|
2 |
-
|
3 |
/**
|
4 |
* Settings - Block
|
5 |
*
|
6 |
* @package wp-fail2ban
|
7 |
-
* @since
|
8 |
*/
|
9 |
-
namespace
|
10 |
|
11 |
-
if (
|
12 |
-
exit;
|
13 |
-
}
|
14 |
-
/**
|
15 |
-
* Tab: Block
|
16 |
-
*
|
17 |
-
* @since 4.0.0
|
18 |
-
*/
|
19 |
-
class TabBlock extends Tab
|
20 |
-
{
|
21 |
-
/**
|
22 |
-
* {@inheritDoc}
|
23 |
-
*
|
24 |
-
* @since 4.0.0
|
25 |
-
*/
|
26 |
-
public function __construct()
|
27 |
-
{
|
28 |
-
add_action( 'admin_init', [ $this, 'admin_init' ] );
|
29 |
-
parent::__construct( 'block', 'Users' );
|
30 |
-
}
|
31 |
-
|
32 |
-
/**
|
33 |
-
* {@inheritDoc}
|
34 |
-
*
|
35 |
-
* @since 4.0.0
|
36 |
-
*/
|
37 |
-
public function admin_init()
|
38 |
-
{
|
39 |
-
// phpcs:disable Generic.Functions.FunctionCallArgumentSpacing
|
40 |
-
add_settings_section(
|
41 |
-
'wp-fail2ban-block',
|
42 |
-
__( 'Block' ),
|
43 |
-
[ $this, 'section' ],
|
44 |
-
'wp-fail2ban-block'
|
45 |
-
);
|
46 |
-
add_settings_field(
|
47 |
-
'block-user-enumeration',
|
48 |
-
parent::doc_link( 'WP_FAIL2BAN_BLOCK_USER_ENUMERATION', __( 'User Enumeration' ) ),
|
49 |
-
[ $this, 'userEnumeration' ],
|
50 |
-
'wp-fail2ban-block',
|
51 |
-
'wp-fail2ban-block'
|
52 |
-
);
|
53 |
-
add_settings_field(
|
54 |
-
'block-users',
|
55 |
-
parent::doc_link( 'WP_FAIL2BAN_BLOCKED_USERS', __( 'Usernames' ) ),
|
56 |
-
[ $this, 'usernames' ],
|
57 |
-
'wp-fail2ban-block',
|
58 |
-
'wp-fail2ban-block'
|
59 |
-
);
|
60 |
-
// phpcs:enable
|
61 |
-
}
|
62 |
-
|
63 |
-
/**
|
64 |
-
* {@inheritDoc}
|
65 |
-
*
|
66 |
-
* @since 4.0.0
|
67 |
-
*
|
68 |
-
* @param array $settings
|
69 |
-
* @param array $input
|
70 |
-
*/
|
71 |
-
public function sanitize( array $settings, array $input = null )
|
72 |
-
{
|
73 |
-
return $settings;
|
74 |
-
}
|
75 |
-
|
76 |
-
/**
|
77 |
-
* {@inheritDoc}
|
78 |
-
*
|
79 |
-
* @since 4.0.0
|
80 |
-
*/
|
81 |
-
public function section()
|
82 |
-
{
|
83 |
-
echo '' ;
|
84 |
-
}
|
85 |
-
|
86 |
/**
|
87 |
-
*
|
88 |
*
|
89 |
* @since 4.0.0
|
90 |
*/
|
91 |
-
|
92 |
{
|
93 |
-
|
94 |
-
|
95 |
-
|
96 |
-
|
97 |
-
|
98 |
-
|
99 |
-
|
100 |
-
|
101 |
-
|
102 |
-
|
103 |
-
|
104 |
-
|
105 |
-
|
106 |
-
|
107 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
108 |
} else {
|
109 |
-
$value =
|
110 |
}
|
111 |
-
|
112 |
-
|
113 |
-
|
|
|
114 |
}
|
115 |
-
|
116 |
-
printf( '<input class="regular-text" type="text" disabled="disabled" value="%s">', esc_attr( $value ) );
|
117 |
-
}
|
118 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
119 |
}
|
120 |
-
|
1 |
<?php
|
|
|
2 |
/**
|
3 |
* Settings - Block
|
4 |
*
|
5 |
* @package wp-fail2ban
|
6 |
+
* @since 4.0.0
|
7 |
*/
|
8 |
+
namespace org\lecklider\charles\wordpress\wp_fail2ban;
|
9 |
|
10 |
+
if (defined('ABSPATH')) {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
11 |
/**
|
12 |
+
* Tab: Block
|
13 |
*
|
14 |
* @since 4.0.0
|
15 |
*/
|
16 |
+
class TabBlock extends TabBase
|
17 |
{
|
18 |
+
/**
|
19 |
+
* {@inheritDoc}
|
20 |
+
*
|
21 |
+
* @since 4.0.0
|
22 |
+
*/
|
23 |
+
public function __construct()
|
24 |
+
{
|
25 |
+
// phpcs:disable Generic.Functions.FunctionCallArgumentSpacing
|
26 |
+
$this->__['users'] = __('Users', 'wp-fail2ban');
|
27 |
+
$this->__['user-enumeration'] = __('Block User Enumeration', 'wp-fail2ban');
|
28 |
+
$this->__['blacklist'] = __('Blacklisted Usernames', 'wp-fail2ban');
|
29 |
+
$this->__['username-login'] = __('Block username logins', 'wp-fail2ban');
|
30 |
+
// phpcs:enable
|
31 |
+
|
32 |
+
parent::__construct('block', __('Block', 'wp-fail2ban'));
|
33 |
+
}
|
34 |
+
|
35 |
+
/**
|
36 |
+
* {@inheritDoc}
|
37 |
+
*
|
38 |
+
* @since 4.0.0
|
39 |
+
*/
|
40 |
+
public function admin_init()
|
41 |
+
{
|
42 |
+
// phpcs:disable Generic.Functions.FunctionCallArgumentSpacing
|
43 |
+
add_settings_section('wp-fail2ban-users', $this->__['users'], [$this, 'section'], 'wp-fail2ban-block');
|
44 |
+
add_settings_field('user-enumeration', $this->__['user-enumeration'], [$this, 'userEnumeration'], 'wp-fail2ban-block', 'wp-fail2ban-users');
|
45 |
+
add_settings_field('blacklist', $this->__['blacklist'], [$this, 'users'], 'wp-fail2ban-block', 'wp-fail2ban-users');
|
46 |
+
add_settings_field('username-login', $this->__['username-login'], [$this, 'usernames'], 'wp-fail2ban-block', 'wp-fail2ban-users');
|
47 |
+
// phpcs:enable
|
48 |
+
}
|
49 |
+
|
50 |
+
/**
|
51 |
+
* {*inheritDoc}
|
52 |
+
*
|
53 |
+
* @since 4.3.0
|
54 |
+
*/
|
55 |
+
public function current_screen()
|
56 |
+
{
|
57 |
+
$fmt = <<<___FMT___
|
58 |
+
<dl><style>dt{font-weight:bold;}</style>
|
59 |
+
<dt>%s</dt>
|
60 |
+
<dd><p>%s</p><p>%s</p><p>%s</p>%s</dd>
|
61 |
+
<dt>%s</dt>
|
62 |
+
<dd><p>%s</p><p>%s</p>%s</dd>
|
63 |
+
<dt>%s</dt>
|
64 |
+
<dd><p>%s</p><p>%s</p>%s</dd>
|
65 |
+
</dl>
|
66 |
+
___FMT___;
|
67 |
+
get_current_screen()->add_help_tab([
|
68 |
+
'id' => 'users',
|
69 |
+
'title' => $this->__['users'],
|
70 |
+
'content' => sprintf(
|
71 |
+
$fmt,
|
72 |
+
$this->__['user-enumeration'],
|
73 |
+
__('Automated brute-force attacks ("bots") typically start by getting a list of valid usernames ("user enumeration").', 'wp-fail2ban'),
|
74 |
+
__('Blocking user enumeration can force attackers to guess usernames, making these attacks much less likely to succeed.', 'wp-fail2ban'),
|
75 |
+
__('<strong>N.B.</strong> Some Themes "leak" usernames (for example, via Author profile pages); see <strong>Block username logins</strong> for an alternative.', 'wp-fail2ban'),
|
76 |
+
$this->see_also(['WP_FAIL2BAN_BLOCK_USER_ENUMERATION']),
|
77 |
+
$this->__['blacklist'],
|
78 |
+
__('Automated brute-force attacks ("bots") will often use well-known usernames, e.g. <tt>admin</tt>.', 'wp-fail2ban'),
|
79 |
+
__('Blacklisted usernames are blocked early in the login process, reducing server load.', 'wp-fail2ban'),
|
80 |
+
$this->see_also(['WP_FAIL2BAN_BLOCKED_USERS']),
|
81 |
+
$this->__['username-login'],
|
82 |
+
__('It is sometimes not possible to block user enumeration (for example, if your theme provides Author profiles). An alternative is to require users to login with their email address.', 'wp-fail2ban'),
|
83 |
+
__('<strong>N.B.</strong> This also applies to Blacklisted Usernames; you must list <em>email addresses</em>, not usernames.', 'wp-fail2ban'),
|
84 |
+
$this->see_also(['WP_FAIL2BAN_BLOCK_USERNAME_LOGIN'])
|
85 |
+
)
|
86 |
+
]);
|
87 |
+
|
88 |
+
parent::current_screen();
|
89 |
+
}
|
90 |
+
|
91 |
+
/**
|
92 |
+
* {@inheritDoc}
|
93 |
+
*
|
94 |
+
* @since 4.0.0
|
95 |
+
*/
|
96 |
+
public function section()
|
97 |
+
{
|
98 |
+
echo '';
|
99 |
+
}
|
100 |
+
|
101 |
+
/**
|
102 |
+
* User Enumeration
|
103 |
+
*
|
104 |
+
* @since 4.0.0
|
105 |
+
*/
|
106 |
+
public function userEnumeration()
|
107 |
+
{
|
108 |
+
$this->checkbox('WP_FAIL2BAN_BLOCK_USER_ENUMERATION');
|
109 |
+
}
|
110 |
+
|
111 |
+
/**
|
112 |
+
* Blocked usernames
|
113 |
+
*
|
114 |
+
* @since 4.0.0
|
115 |
+
*/
|
116 |
+
public function users()
|
117 |
+
{
|
118 |
+
if (defined('WP_FAIL2BAN_BLOCKED_USERS')) {
|
119 |
+
if (is_array(WP_FAIL2BAN_BLOCKED_USERS)) {
|
120 |
+
$value = join(', ', WP_FAIL2BAN_BLOCKED_USERS);
|
121 |
+
} else {
|
122 |
+
$value = WP_FAIL2BAN_BLOCKED_USERS;
|
123 |
+
}
|
124 |
} else {
|
125 |
+
$value = '';
|
126 |
}
|
127 |
+
printf(
|
128 |
+
'<input class="regular-text" type="text" disabled="disabled" value="%s">',
|
129 |
+
esc_attr($value)
|
130 |
+
);
|
131 |
}
|
|
|
|
|
|
|
132 |
|
133 |
+
/**
|
134 |
+
* Block username logins
|
135 |
+
*
|
136 |
+
* @since 4.3.0
|
137 |
+
*/
|
138 |
+
public function usernames()
|
139 |
+
{
|
140 |
+
$this->checkbox('WP_FAIL2BAN_BLOCK_USERNAME_LOGIN');
|
141 |
+
}
|
142 |
+
}
|
143 |
}
|
144 |
+
|
admin/config/logging.php
CHANGED
@@ -1,189 +1,182 @@
|
|
1 |
<?php
|
2 |
-
|
3 |
/**
|
4 |
* Settings - Logging
|
5 |
*
|
6 |
* @package wp-fail2ban
|
7 |
-
* @since
|
8 |
*/
|
9 |
-
namespace
|
10 |
|
11 |
-
if (
|
12 |
-
exit;
|
13 |
-
}
|
14 |
-
/**
|
15 |
-
* Tab: Logging
|
16 |
-
*
|
17 |
-
* @since 4.0.0
|
18 |
-
*/
|
19 |
-
class TabLogging extends Tab
|
20 |
-
{
|
21 |
-
/**
|
22 |
-
* {@inheritDoc}
|
23 |
-
*/
|
24 |
-
public function __construct()
|
25 |
-
{
|
26 |
-
add_action( 'admin_init', [ $this, 'admin_init' ], 100 );
|
27 |
-
parent::__construct( 'logging', 'Logging' );
|
28 |
-
}
|
29 |
-
|
30 |
-
/**
|
31 |
-
* {@inheritDoc}
|
32 |
-
*
|
33 |
-
* @since 4.0.0
|
34 |
-
*/
|
35 |
-
public function admin_init()
|
36 |
-
{
|
37 |
-
// phpcs:disable Generic.Functions.FunctionCallArgumentSpacing
|
38 |
-
add_settings_section(
|
39 |
-
'wp-fail2ban-logging',
|
40 |
-
__( 'What & Where' ),
|
41 |
-
[ $this, 'sectionWhatWhere' ],
|
42 |
-
'wp-fail2ban-logging'
|
43 |
-
);
|
44 |
-
add_settings_field(
|
45 |
-
'logging-log-authentication',
|
46 |
-
parent::doc_link( 'WP_FAIL2BAN_AUTH_LOG', __( 'Authentication' ) ),
|
47 |
-
[ $this, 'authentication' ],
|
48 |
-
'wp-fail2ban-logging',
|
49 |
-
'wp-fail2ban-logging'
|
50 |
-
);
|
51 |
-
add_settings_field(
|
52 |
-
'logging-log-comments',
|
53 |
-
parent::doc_link( 'WP_FAIL2BAN_LOG_COMMENTS', __( 'Comments' ) ),
|
54 |
-
[ $this, 'comments' ],
|
55 |
-
'wp-fail2ban-logging',
|
56 |
-
'wp-fail2ban-logging'
|
57 |
-
);
|
58 |
-
add_settings_field(
|
59 |
-
'logging-log-spam',
|
60 |
-
parent::doc_link( 'WP_FAIL2BAN_LOG_SPAM', __( 'Spam' ) ),
|
61 |
-
[ $this, 'spam' ],
|
62 |
-
'wp-fail2ban-logging',
|
63 |
-
'wp-fail2ban-logging'
|
64 |
-
);
|
65 |
-
add_settings_field(
|
66 |
-
'logging-log-password-request',
|
67 |
-
parent::doc_link( 'WP_FAIL2BAN_LOG_PASSWORD_REQUEST', __( 'Password Requests' ) ),
|
68 |
-
[ $this, 'passwordRequest' ],
|
69 |
-
'wp-fail2ban-logging',
|
70 |
-
'wp-fail2ban-logging'
|
71 |
-
);
|
72 |
-
add_settings_field(
|
73 |
-
'logging-log-pingbacks',
|
74 |
-
parent::doc_link( 'WP_FAIL2BAN_LOG_PINGBACKS', __( 'Pingbacks' ) ),
|
75 |
-
[ $this, 'pingbacks' ],
|
76 |
-
'wp-fail2ban-logging',
|
77 |
-
'wp-fail2ban-logging'
|
78 |
-
);
|
79 |
-
// phpcs:enable
|
80 |
-
}
|
81 |
-
|
82 |
-
/**
|
83 |
-
* {@inheritDoc}
|
84 |
-
*
|
85 |
-
* @since 4.0.0
|
86 |
-
*/
|
87 |
-
public function render()
|
88 |
-
{
|
89 |
-
parent::render();
|
90 |
-
}
|
91 |
-
|
92 |
-
/**
|
93 |
-
* {@inheritDoc}
|
94 |
-
*
|
95 |
-
* @since 4.0.0
|
96 |
-
*
|
97 |
-
* @param array $settings {@inheritDoc}
|
98 |
-
* @param array $input {@inheritDoc}
|
99 |
-
*
|
100 |
-
* @return array {@inheritDoc}
|
101 |
-
*/
|
102 |
-
public function sanitize( array $settings, array $input = null )
|
103 |
-
{
|
104 |
-
return $settings;
|
105 |
-
}
|
106 |
-
|
107 |
-
/**
|
108 |
-
* Section summary.
|
109 |
-
*
|
110 |
-
* @since 4.0.0
|
111 |
-
*/
|
112 |
-
public function sectionWhatWhere()
|
113 |
-
{
|
114 |
-
echo '' ;
|
115 |
-
}
|
116 |
-
|
117 |
-
/**
|
118 |
-
* Authentication.
|
119 |
-
*
|
120 |
-
* @since 4.0.0
|
121 |
-
*/
|
122 |
-
public function authentication()
|
123 |
-
{
|
124 |
-
printf( '<label>%s: %s</label>', __( 'Use facility' ), $this->getLogFacilities( 'WP_FAIL2BAN_AUTH_LOG', true ) );
|
125 |
-
}
|
126 |
-
|
127 |
/**
|
128 |
-
*
|
129 |
*
|
130 |
* @since 4.0.0
|
131 |
*/
|
132 |
-
|
133 |
{
|
134 |
-
|
135 |
-
|
136 |
-
|
137 |
-
|
138 |
-
|
139 |
-
|
140 |
-
|
141 |
-
'
|
142 |
-
'
|
143 |
-
'',
|
144 |
-
[
|
145 |
-
|
146 |
-
|
147 |
-
|
148 |
-
|
149 |
-
* Comments extra helper - checked.
|
150 |
-
*
|
151 |
-
* @since 4.0.0
|
152 |
-
*
|
153 |
-
* @param int $value Value to check
|
154 |
-
*/
|
155 |
-
protected function commentExtraChecked( $value )
|
156 |
-
{
|
157 |
-
if ( !defined( 'WP_FAIL2BAN_LOG_COMMENTS_EXTRA' ) ) {
|
158 |
-
return '';
|
159 |
}
|
160 |
-
|
161 |
-
|
162 |
-
|
163 |
-
|
164 |
-
|
165 |
-
|
166 |
-
|
167 |
-
|
168 |
-
|
169 |
-
|
170 |
-
|
171 |
-
|
172 |
-
|
173 |
-
|
174 |
-
|
175 |
-
|
176 |
-
|
177 |
-
|
178 |
-
|
179 |
-
|
180 |
-
|
181 |
-
|
182 |
-
|
183 |
-
|
184 |
-
|
185 |
-
|
186 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
187 |
<table>
|
188 |
<tr>
|
189 |
<th>%s</th>
|
@@ -203,53 +196,63 @@ class TabLogging extends Tab
|
|
203 |
</tr>
|
204 |
</table>
|
205 |
___HTML___;
|
206 |
-
return $html . sprintf(
|
207 |
-
$fmt,
|
208 |
-
parent::doc_link( 'WP_FAIL2BAN_LOG_COMMENTS_EXTRA', __( 'Also log:' ) ),
|
209 |
-
$this->commentExtraChecked( WPF2B_EVENT_COMMENT_NOT_FOUND ),
|
210 |
-
__( 'Post not found' ),
|
211 |
-
$this->commentExtraChecked( WPF2B_EVENT_COMMENT_CLOSED ),
|
212 |
-
__( 'Comments closed' ),
|
213 |
-
$this->commentExtraChecked( WPF2B_EVENT_COMMENT_TRASH ),
|
214 |
-
__( 'Trash post' ),
|
215 |
-
$this->commentExtraChecked( WPF2B_EVENT_COMMENT_DRAFT ),
|
216 |
-
__( 'Draft post' ),
|
217 |
-
$this->commentExtraChecked( WPF2B_EVENT_COMMENT_PASSWORD ),
|
218 |
-
__( 'Password-protected post' ),
|
219 |
-
parent::doc_link( 'WP_FAIL2BAN_COMMENT_EXTRA_LOG', __( 'Use facility:' ) ),
|
220 |
-
$this->getLogFacilities( 'WP_FAIL2BAN_COMMENT_EXTRA_LOG', false )
|
221 |
-
);
|
222 |
-
}
|
223 |
-
|
224 |
-
/**
|
225 |
-
* Password request
|
226 |
-
*
|
227 |
-
* @since 4.0.0
|
228 |
-
*/
|
229 |
-
public function passwordRequest()
|
230 |
-
{
|
231 |
-
$this->log( 'WP_FAIL2BAN_LOG_PASSWORD_REQUEST', 'WP_FAIL2BAN_PASSWORD_REQUEST_LOG' );
|
232 |
-
}
|
233 |
-
|
234 |
-
/**
|
235 |
-
* Pingbacks
|
236 |
-
*
|
237 |
-
* @since 4.0.0
|
238 |
-
*/
|
239 |
-
public function pingbacks()
|
240 |
-
{
|
241 |
-
$this->log( 'WP_FAIL2BAN_LOG_PINGBACKS', 'WP_FAIL2BAN_PINGBACK_LOG' );
|
242 |
-
}
|
243 |
-
|
244 |
-
/**
|
245 |
-
* Spam
|
246 |
-
*
|
247 |
-
* @since 4.0.0
|
248 |
-
*/
|
249 |
-
public function spam()
|
250 |
-
{
|
251 |
-
$this->log( 'WP_FAIL2BAN_LOG_SPAM', 'WP_FAIL2BAN_SPAM_LOG' );
|
252 |
-
}
|
253 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
254 |
}
|
255 |
-
|
1 |
<?php
|
|
|
2 |
/**
|
3 |
* Settings - Logging
|
4 |
*
|
5 |
* @package wp-fail2ban
|
6 |
+
* @since 4.0.0
|
7 |
*/
|
8 |
+
namespace org\lecklider\charles\wordpress\wp_fail2ban;
|
9 |
|
10 |
+
if (defined('ABSPATH')) {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
11 |
/**
|
12 |
+
* Tab: Logging
|
13 |
*
|
14 |
* @since 4.0.0
|
15 |
*/
|
16 |
+
class TabLogging extends TabBase
|
17 |
{
|
18 |
+
/**
|
19 |
+
* {@inheritDoc}
|
20 |
+
*/
|
21 |
+
public function __construct()
|
22 |
+
{
|
23 |
+
// phpcs:disable Generic.Functions.FunctionCallArgumentSpacing
|
24 |
+
$this->__['what-where'] = __('What & Where', 'wp-fail2ban');
|
25 |
+
$this->__['authentication'] = __('Authentication', 'wp-fail2ban');
|
26 |
+
$this->__['comments'] = __('Comments', 'wp-fail2ban');
|
27 |
+
$this->__['spam'] = __('Spam', 'wp-fail2ban');
|
28 |
+
$this->__['password-request'] = __('Password Requests', 'wp-fail2ban');
|
29 |
+
$this->__['pingbacks'] = __('Pingbacks', 'wp-fail2ban');
|
30 |
+
// phpcs:enable
|
31 |
+
|
32 |
+
parent::__construct('logging', __('Logging', 'wp-fail2ban'));
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
33 |
}
|
34 |
+
|
35 |
+
/**
|
36 |
+
* {@inheritDoc}
|
37 |
+
*
|
38 |
+
* @since 4.0.0
|
39 |
+
*/
|
40 |
+
public function admin_init()
|
41 |
+
{
|
42 |
+
// phpcs:disable Generic.Functions.FunctionCallArgumentSpacing
|
43 |
+
add_settings_section('wp-fail2ban-logging', $this->__['what-where'], [$this, 'sectionWhatWhere'],'wp-fail2ban-logging');
|
44 |
+
add_settings_field('logging-log-authentication', $this->__['authentication'], [$this, 'authentication'], 'wp-fail2ban-logging', 'wp-fail2ban-logging');
|
45 |
+
add_settings_field('logging-log-comments', $this->__['comments'], [$this, 'comments'], 'wp-fail2ban-logging', 'wp-fail2ban-logging');
|
46 |
+
add_settings_field('logging-log-spam', $this->__['spam'], [$this, 'spam'], 'wp-fail2ban-logging', 'wp-fail2ban-logging');
|
47 |
+
add_settings_field('logging-log-password-request', $this->__['password-request'], [$this, 'passwordRequest'], 'wp-fail2ban-logging', 'wp-fail2ban-logging');
|
48 |
+
add_settings_field('logging-log-pingbacks', $this->__['pingbacks'], [$this, 'pingbacks'], 'wp-fail2ban-logging', 'wp-fail2ban-logging');
|
49 |
+
// phpcs:enable
|
50 |
+
}
|
51 |
+
|
52 |
+
/**
|
53 |
+
* {@inheritDoc}
|
54 |
+
*
|
55 |
+
* @since 4.3.0
|
56 |
+
*/
|
57 |
+
public function current_screen()
|
58 |
+
{
|
59 |
+
$fmt = <<<___FMT___
|
60 |
+
<dl><style>dt{font-weight:bold;}</style>
|
61 |
+
<dt>%s</dt><dd>%s</dd>
|
62 |
+
<dt>%s</dt><dd>%s</dd>
|
63 |
+
<dt>%s</dt><dd>%s</dd>
|
64 |
+
<dt>%s</dt><dd>%s</dd>
|
65 |
+
<dt>%s</dt><dd>%s</dd>
|
66 |
+
</dl>
|
67 |
+
___FMT___;
|
68 |
+
get_current_screen()->add_help_tab([
|
69 |
+
'id' => 'what-where',
|
70 |
+
'title' => $this->__['what-where'],
|
71 |
+
'content' => sprintf(
|
72 |
+
$fmt,
|
73 |
+
$this->__['authentication'],
|
74 |
+
$this->see_also([
|
75 |
+
'WP_FAIL2BAN_AUTH_LOG'
|
76 |
+
]),
|
77 |
+
$this->__['comments'],
|
78 |
+
$this->see_also([
|
79 |
+
'WP_FAIL2BAN_LOG_COMMENTS',
|
80 |
+
'WP_FAIL2BAN_LOG_COMMENTS_EXTRA',
|
81 |
+
'WP_FAIL2BAN_COMMENT_EXTRA_LOG'
|
82 |
+
]),
|
83 |
+
$this->__['spam'],
|
84 |
+
$this->see_also([
|
85 |
+
'WP_FAIL2BAN_LOG_SPAM',
|
86 |
+
'WP_FAIL2BAN_SPAM_LOG'
|
87 |
+
]),
|
88 |
+
$this->__['password-request'],
|
89 |
+
$this->see_also([
|
90 |
+
'WP_FAIL2BAN_LOG_PASSWORD_REQUEST',
|
91 |
+
'WP_FAIL2BAN_PASSWORD_REQUEST_LOG'
|
92 |
+
]),
|
93 |
+
$this->__['pingbacks'],
|
94 |
+
$this->see_also([
|
95 |
+
'WP_FAIL2BAN_LOG_PINGBACKS',
|
96 |
+
'WP_FAIL2BAN_PINGBACK_LOG'
|
97 |
+
])
|
98 |
+
)
|
99 |
+
]);
|
100 |
+
parent::current_screen();
|
101 |
+
}
|
102 |
+
|
103 |
+
/**
|
104 |
+
* Section summary.
|
105 |
+
*
|
106 |
+
* @since 4.0.0
|
107 |
+
*/
|
108 |
+
public function sectionWhatWhere()
|
109 |
+
{
|
110 |
+
// noop
|
111 |
+
}
|
112 |
+
|
113 |
+
/**
|
114 |
+
* Authentication.
|
115 |
+
*
|
116 |
+
* @since 4.0.0
|
117 |
+
*/
|
118 |
+
public function authentication()
|
119 |
+
{
|
120 |
+
printf(
|
121 |
+
'<label>%s: %s</label><p class="description">%s</p>',
|
122 |
+
__('Use facility', 'wp-fail2ban'),
|
123 |
+
$this->getLogFacilities('WP_FAIL2BAN_AUTH_LOG', true),
|
124 |
+
Config::desc('WP_FAIL2BAN_AUTH_LOG')
|
125 |
+
);
|
126 |
+
}
|
127 |
+
|
128 |
+
/**
|
129 |
+
* Comments.
|
130 |
+
*
|
131 |
+
* @since 4.0.0
|
132 |
+
*/
|
133 |
+
public function comments()
|
134 |
+
{
|
135 |
+
add_filter('wp_fail2ban_log_WP_FAIL2BAN_LOG_COMMENTS', [$this, 'commentsExtra'], 10, 3);
|
136 |
+
|
137 |
+
$this->log(
|
138 |
+
'WP_FAIL2BAN_LOG_COMMENTS',
|
139 |
+
'WP_FAIL2BAN_COMMENT_LOG',
|
140 |
+
['comments-extra', 'logging-comments-extra-facility']
|
141 |
+
);
|
142 |
+
}
|
143 |
+
|
144 |
+
/**
|
145 |
+
* Comments extra helper - checked.
|
146 |
+
*
|
147 |
+
* @since 4.0.0
|
148 |
+
*
|
149 |
+
* @param int $value Value to check
|
150 |
+
*/
|
151 |
+
protected function commentExtraChecked($value)
|
152 |
+
{
|
153 |
+
return checked($value == ($value & Config::get('WP_FAIL2BAN_LOG_COMMENTS_EXTRA')), true, false);
|
154 |
+
}
|
155 |
+
|
156 |
+
/**
|
157 |
+
* Comments extra helper - disabled.
|
158 |
+
*
|
159 |
+
* @since 4.0.0
|
160 |
+
*/
|
161 |
+
protected function commentExtraDisabled()
|
162 |
+
{
|
163 |
+
return 'disabled="disabled';
|
164 |
+
}
|
165 |
+
|
166 |
+
/**
|
167 |
+
* Comments extra.
|
168 |
+
*
|
169 |
+
* @since 4.0.0
|
170 |
+
*
|
171 |
+
* @param string $html HTML prefixed to output
|
172 |
+
* @param string $define_name Not used
|
173 |
+
* @param string $define_log Not used
|
174 |
+
*
|
175 |
+
* @return string
|
176 |
+
*/
|
177 |
+
public function commentsExtra($html, $define_name, $define_log)
|
178 |
+
{
|
179 |
+
$fmt = <<< ___HTML___
|
180 |
<table>
|
181 |
<tr>
|
182 |
<th>%s</th>
|
196 |
</tr>
|
197 |
</table>
|
198 |
___HTML___;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
199 |
|
200 |
+
return $html.sprintf(
|
201 |
+
$fmt,
|
202 |
+
__('Also log:', 'wp-fail2ban'),
|
203 |
+
$this->commentExtraChecked(WPF2B_EVENT_COMMENT_NOT_FOUND),
|
204 |
+
__('Post not found', 'wp-fail2ban'),
|
205 |
+
$this->commentExtraChecked(WPF2B_EVENT_COMMENT_CLOSED),
|
206 |
+
__('Comments closed', 'wp-fail2ban'),
|
207 |
+
$this->commentExtraChecked(WPF2B_EVENT_COMMENT_TRASH),
|
208 |
+
__('Trash post', 'wp-fail2ban'),
|
209 |
+
$this->commentExtraChecked(WPF2B_EVENT_COMMENT_DRAFT),
|
210 |
+
__('Draft post', 'wp-fail2ban'),
|
211 |
+
$this->commentExtraChecked(WPF2B_EVENT_COMMENT_PASSWORD),
|
212 |
+
__('Password-protected post', 'wp-fail2ban'),
|
213 |
+
__('Use facility:', 'wp-fail2ban'),
|
214 |
+
$this->getLogFacilities('WP_FAIL2BAN_COMMENT_EXTRA_LOG', false)
|
215 |
+
);
|
216 |
+
}
|
217 |
+
|
218 |
+
/**
|
219 |
+
* Password request
|
220 |
+
*
|
221 |
+
* @since 4.0.0
|
222 |
+
*/
|
223 |
+
public function passwordRequest()
|
224 |
+
{
|
225 |
+
$this->log(
|
226 |
+
'WP_FAIL2BAN_LOG_PASSWORD_REQUEST',
|
227 |
+
'WP_FAIL2BAN_PASSWORD_REQUEST_LOG'
|
228 |
+
);
|
229 |
+
}
|
230 |
+
|
231 |
+
/**
|
232 |
+
* Pingbacks
|
233 |
+
*
|
234 |
+
* @since 4.0.0
|
235 |
+
*/
|
236 |
+
public function pingbacks()
|
237 |
+
{
|
238 |
+
$this->log(
|
239 |
+
'WP_FAIL2BAN_LOG_PINGBACKS',
|
240 |
+
'WP_FAIL2BAN_PINGBACK_LOG'
|
241 |
+
);
|
242 |
+
}
|
243 |
+
|
244 |
+
/**
|
245 |
+
* Spam
|
246 |
+
*
|
247 |
+
* @since 4.0.0
|
248 |
+
*/
|
249 |
+
public function spam()
|
250 |
+
{
|
251 |
+
$this->log(
|
252 |
+
'WP_FAIL2BAN_LOG_SPAM',
|
253 |
+
'WP_FAIL2BAN_SPAM_LOG'
|
254 |
+
);
|
255 |
+
}
|
256 |
+
}
|
257 |
}
|
258 |
+
|
admin/config/plugins.php
CHANGED
@@ -1,185 +1,124 @@
|
|
1 |
<?php
|
2 |
-
|
3 |
/**
|
4 |
* Settings - Plugins
|
5 |
*
|
6 |
* @package wp-fail2ban
|
7 |
-
* @since
|
8 |
*/
|
9 |
-
namespace
|
10 |
|
11 |
-
if (
|
12 |
-
exit;
|
13 |
-
}
|
14 |
-
/**
|
15 |
-
* Tab: Plugins
|
16 |
-
*
|
17 |
-
* @since 4.2.0
|
18 |
-
*/
|
19 |
-
class TabPlugins extends Tab
|
20 |
-
{
|
21 |
-
/**
|
22 |
-
* {@inheritDoc}
|
23 |
-
*/
|
24 |
-
public function __construct()
|
25 |
-
{
|
26 |
-
add_action( 'admin_init', [ $this, 'admin_init' ], 100 );
|
27 |
-
parent::__construct( 'plugins', 'Plugins' );
|
28 |
-
}
|
29 |
-
|
30 |
-
/**
|
31 |
-
* {@inheritDoc}
|
32 |
-
*
|
33 |
-
* @since 4.0.0
|
34 |
-
*/
|
35 |
-
public function admin_init()
|
36 |
-
{
|
37 |
-
// phpcs:disable Generic.Functions.FunctionCallArgumentSpacing
|
38 |
-
add_settings_section(
|
39 |
-
'wp-fail2ban-plugins',
|
40 |
-
__( 'Event Class Facilities' ),
|
41 |
-
[ $this, 'sectionLoggingEventClasses' ],
|
42 |
-
'wp-fail2ban-plugins'
|
43 |
-
);
|
44 |
-
add_settings_field(
|
45 |
-
'plugins-log-auth',
|
46 |
-
parent::doc_link( 'WP_FAIL2BAN_PLUGIN_LOG_AUTH', __( 'Authentication' ) ),
|
47 |
-
[ $this, 'auth' ],
|
48 |
-
'wp-fail2ban-plugins',
|
49 |
-
'wp-fail2ban-plugins'
|
50 |
-
);
|
51 |
-
add_settings_field(
|
52 |
-
'plugins-log-comment',
|
53 |
-
parent::doc_link( 'WP_FAIL2BAN_PLUGIN_LOG_COMMENT', __( 'Comment' ) ),
|
54 |
-
[ $this, 'comment' ],
|
55 |
-
'wp-fail2ban-plugins',
|
56 |
-
'wp-fail2ban-plugins'
|
57 |
-
);
|
58 |
-
add_settings_field(
|
59 |
-
'plugins-log-password',
|
60 |
-
parent::doc_link( 'WP_FAIL2BAN_PLUGIN_LOG_PASSWORD', __( 'Password' ) ),
|
61 |
-
[ $this, 'password' ],
|
62 |
-
'wp-fail2ban-plugins',
|
63 |
-
'wp-fail2ban-plugins'
|
64 |
-
);
|
65 |
-
add_settings_field(
|
66 |
-
'plugins-log-rest',
|
67 |
-
parent::doc_link( 'WP_FAIL2BAN_PLUGIN_LOG_REST', __( 'REST' ) ),
|
68 |
-
[ $this, 'rest' ],
|
69 |
-
'wp-fail2ban-plugins',
|
70 |
-
'wp-fail2ban-plugins'
|
71 |
-
);
|
72 |
-
add_settings_field(
|
73 |
-
'plugins-log-spam',
|
74 |
-
parent::doc_link( 'WP_FAIL2BAN_PLUGIN_LOG_SPAM', __( 'Spam' ) ),
|
75 |
-
[ $this, 'spam' ],
|
76 |
-
'wp-fail2ban-plugins',
|
77 |
-
'wp-fail2ban-plugins'
|
78 |
-
);
|
79 |
-
add_settings_field(
|
80 |
-
'plugins-log-xmlrpc',
|
81 |
-
parent::doc_link( 'WP_FAIL2BAN_PLUGIN_LOG_XMLRPC', __( 'XML-RPC' ) ),
|
82 |
-
[ $this, 'xmlrpc' ],
|
83 |
-
'wp-fail2ban-plugins',
|
84 |
-
'wp-fail2ban-plugins'
|
85 |
-
);
|
86 |
-
// phpcs:enable
|
87 |
-
}
|
88 |
-
|
89 |
-
/**
|
90 |
-
* {@inheritDoc}
|
91 |
-
*
|
92 |
-
* @since 4.2.0
|
93 |
-
*/
|
94 |
-
public function render()
|
95 |
-
{
|
96 |
-
parent::render();
|
97 |
-
}
|
98 |
-
|
99 |
-
/**
|
100 |
-
* {@inheritDoc}
|
101 |
-
*
|
102 |
-
* @since 4.2.0
|
103 |
-
*
|
104 |
-
* @param array $settings {@inheritDoc}
|
105 |
-
* @param array $input {@inheritDoc}
|
106 |
-
*
|
107 |
-
* @return array {@inheritDoc}
|
108 |
-
*/
|
109 |
-
public function sanitize( array $settings, array $input = null )
|
110 |
-
{
|
111 |
-
return $settings;
|
112 |
-
}
|
113 |
-
|
114 |
/**
|
115 |
-
*
|
116 |
*
|
117 |
* @since 4.2.0
|
118 |
*/
|
119 |
-
|
120 |
{
|
121 |
-
|
122 |
-
|
123 |
-
|
124 |
-
|
125 |
-
|
126 |
-
|
127 |
-
|
128 |
-
|
129 |
-
|
130 |
-
|
131 |
-
|
132 |
-
|
133 |
-
|
134 |
-
|
135 |
-
|
136 |
-
|
137 |
-
|
138 |
-
|
139 |
-
|
140 |
-
|
141 |
-
|
142 |
-
|
143 |
-
|
144 |
-
|
145 |
-
|
146 |
-
*
|
147 |
-
* @since 4.2.0
|
148 |
-
*/
|
149 |
-
public function password()
|
150 |
-
{
|
151 |
-
$this->log( 'WP_FAIL2BAN_PLUGIN_LOG_PASSWORD', 'WP_FAIL2BAN_PLUGIN_PASSWORD_LOG' );
|
152 |
-
}
|
153 |
-
|
154 |
-
/**
|
155 |
-
* REST
|
156 |
-
*
|
157 |
-
* @since 4.2.0
|
158 |
-
*/
|
159 |
-
public function rest()
|
160 |
-
{
|
161 |
-
$this->log( 'WP_FAIL2BAN_PLUGIN_LOG_REST', 'WP_FAIL2BAN_PLUGIN_REST_LOG' );
|
162 |
-
}
|
163 |
-
|
164 |
-
/**
|
165 |
-
* Spam
|
166 |
-
*
|
167 |
-
* @since 4.2.0
|
168 |
-
*/
|
169 |
-
public function spam()
|
170 |
-
{
|
171 |
-
$this->log( 'WP_FAIL2BAN_PLUGIN_LOG_SPAM', 'WP_FAIL2BAN_PLUGIN_SPAM_LOG' );
|
172 |
-
}
|
173 |
-
|
174 |
-
/**
|
175 |
-
* XML-RPC
|
176 |
-
*
|
177 |
-
* @since 4.2.0
|
178 |
-
*/
|
179 |
-
public function xmlrpc()
|
180 |
-
{
|
181 |
-
$this->log( 'WP_FAIL2BAN_PLUGIN_LOG_XMLRPC', 'WP_FAIL2BAN_PLUGIN_XMLRPC_LOG' );
|
182 |
-
}
|
183 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
184 |
}
|
185 |
-
|
1 |
<?php
|
|
|
2 |
/**
|
3 |
* Settings - Plugins
|
4 |
*
|
5 |
* @package wp-fail2ban
|
6 |
+
* @since 4.2.0
|
7 |
*/
|
8 |
+
namespace org\lecklider\charles\wordpress\wp_fail2ban;
|
9 |
|
10 |
+
if (defined('ABSPATH')) {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
11 |
/**
|
12 |
+
* Tab: Plugins
|
13 |
*
|
14 |
* @since 4.2.0
|
15 |
*/
|
16 |
+
class TabPlugins extends TabBase
|
17 |
{
|
18 |
+
/**
|
19 |
+
* {@inheritDoc}
|
20 |
+
*/
|
21 |
+
public function __construct()
|
22 |
+
{
|
23 |
+
parent::__construct('plugins', __('Plugins', 'wp-fail2ban'));
|
24 |
+
}
|
25 |
+
|
26 |
+
/**
|
27 |
+
* {@inheritDoc}
|
28 |
+
*
|
29 |
+
* @since 4.0.0
|
30 |
+
*/
|
31 |
+
public function admin_init()
|
32 |
+
{
|
33 |
+
// phpcs:disable Generic.Functions.FunctionCallArgumentSpacing
|
34 |
+
add_settings_section('wp-fail2ban-plugins', __('Event Class Facilities', 'wp-fail2ban'), [$this, 'sectionLoggingEventClasses'], 'wp-fail2ban-plugins');
|
35 |
+
add_settings_field('plugins-log-auth', __('Authentication', 'wp-fail2ban'), [$this, 'auth'], 'wp-fail2ban-plugins', 'wp-fail2ban-plugins');
|
36 |
+
add_settings_field('plugins-log-comment', __('Comment', 'wp-fail2ban'), [$this, 'comment'], 'wp-fail2ban-plugins', 'wp-fail2ban-plugins');
|
37 |
+
add_settings_field('plugins-log-password', __('Password', 'wp-fail2ban'), [$this, 'password'], 'wp-fail2ban-plugins', 'wp-fail2ban-plugins');
|
38 |
+
add_settings_field('plugins-log-rest', __('REST', 'wp-fail2ban'), [$this, 'rest'], 'wp-fail2ban-plugins', 'wp-fail2ban-plugins');
|
39 |
+
add_settings_field('plugins-log-spam', __('Spam', 'wp-fail2ban'), [$this, 'spam'], 'wp-fail2ban-plugins', 'wp-fail2ban-plugins');
|
40 |
+
add_settings_field('plugins-log-xmlrpc', __('XML-RPC', 'wp-fail2ban'), [$this, 'xmlrpc'], 'wp-fail2ban-plugins', 'wp-fail2ban-plugins');
|
41 |
+
// phpcs:enable
|
42 |
+
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
43 |
|
44 |
+
/**
|
45 |
+
* {@inheritDoc}
|
46 |
+
*
|
47 |
+
* @since 4.3.0
|
48 |
+
*/
|
49 |
+
public function current_screen()
|
50 |
+
{
|
51 |
+
}
|
52 |
+
|
53 |
+
/**
|
54 |
+
* Section summary.
|
55 |
+
*
|
56 |
+
* @since 4.2.0
|
57 |
+
*/
|
58 |
+
public function sectionLoggingEventClasses()
|
59 |
+
{
|
60 |
+
echo __('Facilities to use for plugin-generated messages. The defaults follow the Core defaults.', 'wp-fail2ban');
|
61 |
+
}
|
62 |
+
|
63 |
+
/**
|
64 |
+
* Auth
|
65 |
+
*
|
66 |
+
* @since 4.2.0
|
67 |
+
*/
|
68 |
+
public function auth()
|
69 |
+
{
|
70 |
+
$this->log('WP_FAIL2BAN_PLUGIN_LOG_AUTH', 'WP_FAIL2BAN_PLUGIN_AUTH_LOG');
|
71 |
+
}
|
72 |
+
|
73 |
+
/**
|
74 |
+
* Comment
|
75 |
+
*
|
76 |
+
* @since 4.2.0
|
77 |
+
*/
|
78 |
+
public function comment()
|
79 |
+
{
|
80 |
+
$this->log('WP_FAIL2BAN_PLUGIN_LOG_COMMENT', 'WP_FAIL2BAN_PLUGIN_COMMENT_LOG');
|
81 |
+
}
|
82 |
+
|
83 |
+
/**
|
84 |
+
* Password
|
85 |
+
*
|
86 |
+
* @since 4.2.0
|
87 |
+
*/
|
88 |
+
public function password()
|
89 |
+
{
|
90 |
+
$this->log('WP_FAIL2BAN_PLUGIN_LOG_PASSWORD', 'WP_FAIL2BAN_PLUGIN_PASSWORD_LOG');
|
91 |
+
}
|
92 |
+
|
93 |
+
/**
|
94 |
+
* REST
|
95 |
+
*
|
96 |
+
* @since 4.2.0
|
97 |
+
*/
|
98 |
+
public function rest()
|
99 |
+
{
|
100 |
+
$this->log('WP_FAIL2BAN_PLUGIN_LOG_REST', 'WP_FAIL2BAN_PLUGIN_REST_LOG');
|
101 |
+
}
|
102 |
+
|
103 |
+
/**
|
104 |
+
* Spam
|
105 |
+
*
|
106 |
+
* @since 4.2.0
|
107 |
+
*/
|
108 |
+
public function spam()
|
109 |
+
{
|
110 |
+
$this->log('WP_FAIL2BAN_PLUGIN_LOG_SPAM', 'WP_FAIL2BAN_PLUGIN_SPAM_LOG');
|
111 |
+
}
|
112 |
+
|
113 |
+
/**
|
114 |
+
* XML-RPC
|
115 |
+
*
|
116 |
+
* @since 4.2.0
|
117 |
+
*/
|
118 |
+
public function xmlrpc()
|
119 |
+
{
|
120 |
+
$this->log('WP_FAIL2BAN_PLUGIN_LOG_XMLRPC', 'WP_FAIL2BAN_PLUGIN_XMLRPC_LOG');
|
121 |
+
}
|
122 |
+
}
|
123 |
}
|
124 |
+
|
admin/config/remote-ips.php
CHANGED
@@ -1,100 +1,112 @@
|
|
1 |
<?php
|
2 |
-
|
3 |
/**
|
4 |
* Settings - Remote IPs
|
5 |
*
|
6 |
* @package wp-fail2ban
|
7 |
-
* @since
|
8 |
*/
|
9 |
-
namespace
|
10 |
|
11 |
-
if (
|
12 |
-
exit;
|
13 |
-
}
|
14 |
-
/**
|
15 |
-
* Tab: Remote IPs
|
16 |
-
*
|
17 |
-
* @since 4.0.0
|
18 |
-
*/
|
19 |
-
class TabRemoteIPs extends Tab
|
20 |
-
{
|
21 |
-
/**
|
22 |
-
* {@inheritDoc}
|
23 |
-
*
|
24 |
-
* @since 4.0.0
|
25 |
-
|