Version Description
Download this release
Release Info
Developer | paultgoodchild |
Plugin | Shield Security for WordPress |
Version | 9.0.0 |
Comparing to | |
See all releases |
Code changes from version 8.7.0 to 9.0.0
- changelog.html +0 -1414
- icwp-wpsf.php +1 -1
- init.php +1 -3
- plugin-spec.php +15 -4
- readme.txt +25 -12
- resources/css/global-plugin.css +7 -0
- resources/css/plugin.css +53 -45
- resources/js/plugin.js +28 -9
- resources/js/shield-antibot.js +53 -16
- src/config/feature-audit_trail.php +2 -2
- src/config/feature-autoupdates.php +1 -13
- src/config/feature-comments_filter.php +64 -132
- src/config/feature-email.php +5 -9
- src/config/feature-events.php +3 -3
- src/config/feature-hack_protect.php +133 -371
- src/config/feature-insights.php +1 -0
- src/config/feature-lockdown.php +1 -12
- src/config/feature-login_protect.php +5 -35
- src/config/feature-plugin.php +62 -13
- src/config/feature-reporting.php +136 -0
- src/config/feature-traffic.php +2 -20
- src/config/feature-user_management.php +2 -2
- src/features/admin_access_restriction.php +1 -1
- src/features/autoupdates.php +0 -10
- src/features/base.php +155 -73
- src/features/base_wpsf.php +62 -65
- src/features/comments_filter.php +52 -58
- src/features/email.php +0 -11
- src/features/firewall.php +36 -27
- src/features/hack_protect.php +245 -382
- src/features/headers.php +1 -1
- src/features/insights.php +28 -7
- src/features/ips.php +24 -28
- src/features/license.php +12 -8
- src/features/lockdown.php +1 -5
- src/features/login_protect.php +83 -62
- src/features/plugin.php +175 -115
- src/features/reporting.php +43 -0
- src/features/traffic.php +10 -92
- src/features/user_management.php +16 -17
- src/lib/src/Controller/Controller.php +109 -108
- src/lib/src/Crons/BaseCron.php +0 -2
- src/lib/src/Crons/DailyCron.php +19 -0
- src/lib/src/Crons/HourlyCron.php +11 -1
- src/lib/src/Databases/AuditTrail/Update.php +5 -1
- src/lib/src/Databases/Base/BaseQuery.php +15 -10
- src/lib/src/Databases/Base/EntryVO.php +1 -1
- src/lib/src/Databases/Base/Handler.php +5 -2
- src/lib/src/Databases/Comments/EntryVO.php +0 -15
- src/lib/src/Databases/Comments/Insert.php +0 -24
- src/lib/src/Databases/Comments/Select.php +0 -31
- src/lib/src/Databases/FileLocker/Common.php +33 -0
- src/lib/src/Databases/FileLocker/Delete.php +10 -0
- src/lib/src/Databases/FileLocker/EntryVO.php +62 -0
- src/lib/src/Databases/FileLocker/Handler.php +48 -0
- src/lib/src/Databases/FileLocker/Insert.php +9 -0
- src/lib/src/Databases/FileLocker/Select.php +10 -0
- src/lib/src/Databases/FileLocker/Update.php +54 -0
- src/lib/src/Databases/Reports/Common.php +25 -0
- src/lib/src/Databases/{Comments → Reports}/Delete.php +2 -1
- src/lib/src/Databases/Reports/EntryVO.php +17 -0
- src/lib/src/Databases/{Comments → Reports}/Handler.php +17 -14
- src/lib/src/Databases/Reports/Insert.php +22 -0
- src/lib/src/Databases/Reports/Select.php +20 -0
- src/lib/src/Databases/Reports/Update.php +10 -0
- src/lib/src/Databases/Scanner/Common.php +14 -0
- src/lib/src/Databases/Scanner/Select.php +0 -9
- src/lib/src/Databases/Traffic/EntryVO.php +28 -8
- src/lib/src/Modules/AuditTrail/Lib/AuditWriter.php +1 -1
- src/lib/src/Modules/AuditTrail/Lib/Ops/Commit.php +9 -30
- src/lib/src/Modules/AuditTrail/Options.php +9 -8
- src/lib/src/Modules/AuditTrail/Strings.php +8 -2
- src/lib/src/Modules/Autoupdates/AjaxHandler.php +0 -52
- src/lib/src/Modules/Autoupdates/Options.php +19 -41
- src/lib/src/Modules/Autoupdates/Strings.php +0 -6
- src/lib/src/Modules/Base/BaseModCon.php +6 -34
- src/lib/src/Modules/Base/BaseProcessor.php +2 -1
- src/lib/src/Modules/Base/BaseReporting.php +49 -0
- src/lib/src/Modules/Base/OneTimeExecute.php +32 -0
- src/lib/src/Modules/Base/Options.php +19 -2
- src/lib/src/Modules/Base/Strings.php +2 -1
- src/lib/src/Modules/BaseShield/ShieldProcessor.php +24 -86
- src/lib/src/Modules/CommentsFilter/Options.php +25 -11
- src/lib/src/Modules/CommentsFilter/Scan/Human.php +4 -3
- src/lib/src/Modules/CommentsFilter/Scan/Scanner.php +12 -5
- src/lib/src/Modules/CommentsFilter/Strings.php +17 -38
- src/lib/src/Modules/Email/Strings.php +0 -53
- src/lib/src/Modules/Events/Lib/Reports/KeyStats.php +78 -0
- src/lib/src/Modules/Events/Lib/Reports/ScanRepairs.php +67 -0
- src/lib/src/Modules/Events/Lib/StatsWriter.php +1 -1
- src/lib/src/Modules/Events/Reporting.php +27 -0
- src/lib/src/Modules/Events/Strings.php +14 -14
- src/lib/src/Modules/Firewall/Options.php +15 -0
- src/lib/src/Modules/HackGuard/AjaxHandler.php +147 -4
- src/lib/src/Modules/HackGuard/Lib/FileLocker/File.php +67 -0
- src/lib/src/Modules/HackGuard/Lib/FileLocker/FileLockerController.php +184 -0
- src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/Accept.php +41 -0
- src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/AssessLocks.php +64 -0
- src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/BaseOps.php +81 -0
- src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/BuildEncryptedFilePayload.php +27 -0
- src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/CreateFileLocks.php +60 -0
- src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/DeleteFileLock.php +32 -0
- src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/LoadFileLocks.php +86 -0
- src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/PerformAction.php +82 -0
- src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/ReadOriginalFileContent.php +60 -0
- src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/Restore.php +35 -0
- src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/Verify.php +26 -0
- src/lib/src/Modules/HackGuard/Lib/Reports/FileLockerAlerts.php +61 -0
- src/lib/src/Modules/HackGuard/Lib/Reports/ScanAlerts.php +97 -0
- src/lib/src/Modules/HackGuard/Lib/Snapshots/StoreAction/DeleteAll.php +0 -2
- src/lib/src/Modules/HackGuard/Lib/Snapshots/StoreAction/ScheduleBuildAll.php +1 -1
- src/lib/src/Modules/HackGuard/Options.php +124 -107
- src/lib/src/Modules/HackGuard/Reporting.php +19 -0
- src/lib/src/Modules/HackGuard/Scan/Controller/Apc.php +1 -5
- src/lib/src/Modules/HackGuard/Scan/Controller/Base.php +29 -14
- src/lib/src/Modules/HackGuard/Scan/Controller/Mal.php +43 -2
- src/lib/src/Modules/HackGuard/Scan/Controller/Ptg.php +33 -2
- src/lib/src/Modules/HackGuard/Scan/Controller/Ufc.php +2 -2
- src/lib/src/Modules/HackGuard/Scan/Controller/Wcf.php +2 -2
- src/lib/src/Modules/HackGuard/Scan/Controller/Wpv.php +1 -1
- src/lib/src/Modules/HackGuard/Scan/Queue/CompleteQueue.php +3 -6
- src/lib/src/Modules/HackGuard/Scan/Queue/QueueProcessor.php +1 -1
- src/lib/src/Modules/HackGuard/Scan/Queue/ScanExecute.php +4 -0
- src/lib/src/Modules/HackGuard/Strings.php +185 -95
- src/lib/src/Modules/IPs/BotTrack/TrackLinkCheese.php +1 -1
- src/lib/src/Modules/IPs/Components/ImportIpsFromFile.php +43 -0
- src/lib/src/Modules/IPs/Lib/BlacklistHandler.php +15 -3
- src/lib/src/Modules/IPs/Lib/BlackmarkRequest.php +1 -1
- src/lib/src/Modules/IPs/Lib/BlockRequest.php +6 -1
- src/lib/src/Modules/IPs/Lib/Ops/AddIp.php +29 -16
- src/lib/src/Modules/IPs/Options.php +1 -1
- src/lib/src/Modules/License/Lib/LicenseEmails.php +2 -2
- src/lib/src/Modules/License/Lib/LicenseHandler.php +43 -2
- src/lib/src/Modules/License/Lib/LookupRequest.php +3 -10
- src/lib/src/Modules/License/Lib/WpHashes/ApiTokenManager.php +11 -3
- src/lib/src/Modules/Lockdown/Strings.php +4 -8
- src/lib/src/Modules/LoginGuard/Lib/AntiBot/AntibotSetup.php +98 -0
- src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/BaseFormProvider.php +144 -0
- src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/BuddyPress.php +18 -0
- src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/EasyDigitalDownloads.php +27 -0
- src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/LearnPress.php +56 -0
- src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/MemberPress.php +73 -0
- src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/PaidMemberSubscriptions.php +26 -0
- src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/ProfileBuilder.php +32 -0
- src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/UltimateMember.php +59 -0
- src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/UserRegistration.php +43 -0
- src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/WooCommerce.php +133 -0
- src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/WordPress.php +84 -0
- src/lib/src/Modules/LoginGuard/Lib/AntiBot/IncludeJs.php +25 -0
- src/lib/src/Modules/LoginGuard/Lib/AntiBot/ProtectionProviders/BaseProtectionProvider.php +61 -0
- src/{processors/loginprotect_cooldown.php → lib/src/Modules/LoginGuard/Lib/AntiBot/ProtectionProviders/CoolDown.php} +14 -6
- src/lib/src/Modules/LoginGuard/Lib/AntiBot/ProtectionProviders/GaspJs.php +123 -0
- src/lib/src/Modules/LoginGuard/Lib/AntiBot/ProtectionProviders/GoogleRecaptcha.php +66 -0
- src/lib/src/Modules/LoginGuard/Lib/AntiBot/ProtectionProviders/HCaptcha.php +15 -0
- src/lib/src/Modules/LoginGuard/Lib/CooldownFlagFile.php +1 -1
- src/lib/src/Modules/LoginGuard/Lib/TwoFactor/Provider/Email.php +2 -4
- src/lib/src/Modules/LoginGuard/Options.php +52 -7
- src/lib/src/Modules/LoginGuard/Strings.php +15 -30
- src/lib/src/Modules/Plugin/AdminNotices.php +35 -0
- src/lib/src/Modules/Plugin/AjaxHandler.php +4 -13
- src/lib/src/Modules/Plugin/Components/PluginBadge.php +35 -7
- src/lib/src/Modules/Plugin/Lib/Captcha/CaptchaConfigVO.php +47 -0
- src/lib/src/Modules/Plugin/Lib/Captcha/CheckCaptchaSettings.php +83 -0
- src/lib/src/Modules/Plugin/Lib/Debug/Collate.php +210 -0
- src/lib/src/Modules/Plugin/Lib/ImportExport/Export.php +152 -0
- src/lib/src/Modules/Plugin/Lib/ImportExport/Import.php +230 -0
- src/lib/src/Modules/Plugin/Lib/ImportExport/ImportExportController.php +181 -0
- src/lib/src/Modules/Plugin/Lib/ImportExport/NotifyWhitelist.php +30 -0
- src/lib/src/Modules/Plugin/Lib/ImportExport/Options/BuildTransferableOptions.php +22 -0
- src/lib/src/Modules/Plugin/Lib/ImportExport/Options/SaveExcludedOptions.php +26 -0
- src/lib/src/Modules/Plugin/Lib/TestCacheDirWrite.php +99 -0
- src/lib/src/Modules/Plugin/Options.php +22 -17
- src/lib/src/Modules/Plugin/Strings.php +45 -53
- src/lib/src/Modules/Reporting/Lib/ReportingController.php +151 -0
- src/lib/src/Modules/Reporting/Lib/Reports/BaseReporter.php +38 -0
- src/lib/src/Modules/Reporting/Lib/Reports/Build/BaseBuilder.php +90 -0
- src/lib/src/Modules/Reporting/Lib/Reports/Build/BuilderAlerts.php +48 -0
- src/lib/src/Modules/Reporting/Lib/Reports/Build/BuilderInfo.php +49 -0
- src/lib/src/Modules/Reporting/Lib/Reports/CreateReportVO.php +155 -0
- src/lib/src/Modules/Reporting/Lib/Reports/ReportVO.php +22 -0
- src/lib/src/Modules/Reporting/Options.php +48 -0
- src/lib/src/Modules/Reporting/Strings.php +138 -0
- src/lib/src/Modules/SecurityAdmin/Lib/Actions/RemoveSecAdmin.php +2 -2
- src/lib/src/Modules/Traffic/Lib/Logger.php +3 -3
- src/lib/src/Modules/Traffic/Strings.php +0 -15
- src/lib/src/Modules/UserManagement/Lib/Registration/EmailValidate.php +1 -1
- src/lib/src/Modules/UserManagement/Options.php +10 -0
- src/lib/src/Scans/Base/BaseBuildScanAction.php +4 -9
- src/lib/src/Scans/Base/BaseResultItem.php +1 -0
- src/lib/src/Scans/Base/BaseResultsSet.php +9 -3
- src/lib/src/Scans/Base/BaseScan.php +0 -1
- src/lib/src/Scans/Base/BaseScanActionVO.php +3 -0
- src/lib/src/Scans/Base/DiffResultForStorage.php +2 -2
- src/lib/src/Scans/Base/Files/BaseScanFromFileMap.php +0 -1
- src/lib/src/Scans/Base/Table/BaseEntryFormatter.php +1 -1
- src/lib/src/Scans/Base/Table/BaseFileEntryFormatter.php +1 -1
- src/lib/src/Scans/Base/Utilities/BaseRepair.php +0 -39
- src/lib/src/Scans/Base/Utilities/ItemActionHandler.php +22 -7
- src/lib/src/Scans/Helpers/CopyResultsSets.php +1 -1
- src/lib/src/Scans/Mal/FileScanner.php +2 -1
- src/lib/src/Scans/Mal/ScanActionVO.php +1 -0
- src/lib/src/Scans/Mal/Table/EntryFormatter.php +3 -3
- src/lib/src/Scans/Mal/Utilities/ItemActionHandler.php +1 -23
- src/lib/src/Scans/Mal/Utilities/Repair.php +26 -28
- src/lib/src/Scans/Ptg/BuildFileMap.php +1 -4
- src/lib/src/Scans/Ptg/BuildScanAction.php +0 -8
- src/lib/src/Scans/Ptg/Utilities/ItemActionHandler.php +1 -1
- src/lib/src/Scans/Ptg/Utilities/Repair.php +14 -13
- src/lib/src/Scans/Realtime/Files/Backup.php +0 -27
- src/lib/src/Scans/Realtime/Files/Process.php +0 -75
- src/lib/src/Scans/Realtime/Files/Revert.php +0 -33
- src/lib/src/Scans/Realtime/Files/TestWritable.php +0 -26
- src/lib/src/Scans/Realtime/Files/Verify.php +0 -19
- src/lib/src/Scans/Ufc/BuildScanAction.php +2 -1
- src/lib/src/Scans/Ufc/Utilities/ItemActionHandler.php +1 -1
- src/lib/src/Scans/Wcf/Utilities/ItemActionHandler.php +1 -1
- src/lib/src/ShieldNetApi/Common/BaseApi.php +120 -0
- src/lib/src/ShieldNetApi/Common/BaseShieldNetApi.php +65 -0
- src/lib/src/ShieldNetApi/FileLocker/DecryptFile.php +35 -0
- src/lib/src/ShieldNetApi/FileLocker/GetPublicKey.php +22 -0
- src/lib/src/ShieldNetApi/Handshake/Verify.php +18 -0
- src/lib/src/ShieldNetApi/HandshakingNonce.php +67 -0
- src/lib/src/ShieldNetApi/ShieldNetApiController.php +93 -0
- src/lib/src/ShieldNetApi/ShieldNetApiDataVO.php +49 -0
- src/lib/src/Tables/Build/AuditTrail.php +3 -2
- src/lib/src/Tables/Build/BaseBuild.php +2 -1
- src/lib/src/Tables/Build/Ip.php +1 -1
- src/lib/src/Tables/Build/ScanBase.php +8 -0
- src/lib/src/Tables/Build/Sessions.php +1 -1
- src/lib/src/Tables/Build/Traffic.php +11 -4
- src/lib/src/Utilities/HCaptcha/TestRequest.php +49 -0
- src/lib/src/Utilities/ReCaptcha/Enqueue.php +93 -0
- src/lib/src/Utilities/ReCaptcha/TestRequest.php +4 -4
- src/lib/vendor/composer/autoload_classmap.php +86 -14
- src/lib/vendor/composer/autoload_static.php +86 -14
- src/lib/vendor/fernleafsystems/utilities/src/Logic/OneTimeExecute.php +44 -0
- src/lib/vendor/fernleafsystems/wordpress-services/src/Core/CoreFileHashes.php +12 -2
- src/lib/vendor/fernleafsystems/wordpress-services/src/Core/Fs.php +9 -1
- src/lib/vendor/fernleafsystems/wordpress-services/src/Core/General.php +3 -2
- src/lib/vendor/fernleafsystems/wordpress-services/src/Core/Nonce.php +116 -0
- src/lib/vendor/fernleafsystems/wordpress-services/src/Core/Request.php +10 -2
- src/lib/vendor/fernleafsystems/wordpress-services/src/Core/System.php +1 -1
- src/lib/vendor/fernleafsystems/wordpress-services/src/Services.php +10 -0
- src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Data.php +16 -13
- src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/ApiBase.php +15 -7
- src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Hashes/AssetHashesBase.php +2 -3
- src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/IpUtils.php +11 -5
- src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Net/BaseIP.php +1 -1
- src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/ServiceProviders.php +42 -0
- src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/WpOrg/Plugin/Files.php +1 -1
- src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/WpOrg/Theme/Files.php +1 -1
- src/lib/vendor/symfony/polyfill-mbstring/bootstrap.php +3 -1
- src/lib/vendor/twig/twig/src/Template.php +2 -2
- src/processors/autoupdates.php +6 -66
- src/processors/comments_filter.php +1 -1
- src/processors/commentsfilter_botspam.php +1 -1
- src/processors/commentsfilter_googlerecaptcha.php +9 -12
- src/processors/email.php +41 -2
- src/processors/firewall.php +14 -13
- src/processors/hack_protect.php +50 -43
- src/processors/hackprotect_integrity.php +5 -18
- src/processors/hackprotect_realtime.php +0 -57
- src/processors/hackprotect_scan_apc.php +0 -71
- src/processors/hackprotect_scan_base.php +12 -34
- src/processors/hackprotect_scan_mal.php +0 -97
- src/processors/hackprotect_scan_ptg.php +3 -85
- src/processors/hackprotect_scan_ufc.php +0 -85
- src/processors/hackprotect_scan_wcf.php +0 -105
- src/processors/hackprotect_scan_wpv.php +6 -79
- src/processors/hackprotect_scanner.php +40 -27
- src/processors/insights.php +4 -0
- src/processors/ips.php +4 -6
- src/processors/license.php +4 -36
- src/processors/lockdown.php +5 -21
- src/processors/login_protect.php +2 -61
- src/processors/loginprotect_base.php +29 -588
- src/processors/loginprotect_gasp.php +6 -68
- src/processors/loginprotect_googlerecaptcha.php +15 -19
- src/processors/plugin.php +15 -24
- src/processors/plugin_importexport.php +4 -581
- src/processors/traffic_logger.php +0 -45
- src/processors/usermanagement_sessions.php +6 -2
- src/processors/usermanagement_suspend.php +7 -7
- src/wizards/base.php +1 -1
- src/wizards/plugin.php +13 -13
- templates/php/snippets/google_recaptcha_js.php +7 -0
- templates/twig/components/options_form/main.twig +1 -1
- templates/twig/components/options_form/option.twig +79 -51
- templates/twig/components/reports/alert_body.twig +5 -0
- templates/twig/components/reports/info_body.twig +6 -0
- templates/twig/components/reports/mod/events/alert_scanrepairs.twig +8 -0
- templates/twig/components/reports/mod/events/info_keystats.twig +8 -0
- templates/twig/components/reports/mod/hack_protect/alert_filelocker.twig +10 -0
- templates/twig/components/reports/mod/hack_protect/alert_scanresults.twig +12 -0
- templates/twig/notices/email-verification-sent.twig +1 -1
- templates/twig/notices/php7.twig +8 -0
- templates/twig/pages/base.twig +11 -9
- templates/twig/snippets/anti_bot/gasp_js.twig +17 -0
- templates/twig/snippets/email/footer.twig +21 -0
- templates/twig/snippets/js/widget_freshdesk.twig +17 -0
- templates/twig/snippets/user/profile/mfa/mfa_email.twig +4 -2
- templates/twig/snippets/user/profile/suspend.twig +1 -1
- templates/twig/wizard/slides/ufc/config.twig +0 -1
- templates/twig/wpadmin_pages/base.twig +7 -4
- templates/twig/wpadmin_pages/insights/base.twig +17 -25
- templates/twig/wpadmin_pages/insights/debug/index.twig +26 -0
- templates/twig/wpadmin_pages/insights/importexport/from_file.twig +3 -15
- templates/twig/wpadmin_pages/insights/license/license.twig +78 -133
- templates/twig/wpadmin_pages/insights/scans/index.twig +4 -0
- templates/twig/wpadmin_pages/insights/scans/{modal_progress.twig → modal/progress.twig} +3 -2
- templates/twig/wpadmin_pages/insights/scans/{modal_progress_snippet.twig → modal/progress_snippet.twig} +0 -0
- templates/twig/wpadmin_pages/insights/scans/realtime/file_locker/file_diff.twig +119 -0
- templates/twig/wpadmin_pages/insights/scans/realtime/file_locker/index.twig +117 -0
- templates/twig/wpadmin_pages/insights/scans/results/common_disabled.twig +3 -2
- templates/twig/wpadmin_pages/insights/scans/results/common_unavailable.twig +3 -2
- templates/twig/wpadmin_pages/insights/scans/results/mal_disabled.twig +0 -8
- templates/twig/wpadmin_pages/insights/scans/results/ptg_unavailable.twig +0 -10
- templates/twig/wpadmin_pages/insights/scans/scan_areas.twig +6 -7
- templates/twig/wpadmin_pages/insights/scans/scan_results.twig +24 -9
- templates/twig/wpadmin_pages/insights/scans/scan_start.twig +15 -30
- templates/twig/wpadmin_pages/security_admin/index.twig +1 -0
changelog.html
DELETED
@@ -1,1414 +0,0 @@
|
|
1 |
-
<p>= 8.5 - Series =
|
2 |
-
<em>Released: 8th January, 2020</em> - <a href="https://shsec.io/gb">Release Notes</a></p>
|
3 |
-
<ul>
|
4 |
-
<li><strong>(v.7)</strong> ADDED: New admin notice to indicate that the plugin is currently disabled.</li>
|
5 |
-
<li><strong>(v.7)</strong> IMPROVED: Optimised loading of libraries that run for certain options, if they aren't enabled.</li>
|
6 |
-
<li><strong>(v.7)</strong> IMPROVED: Prevent a rare fatal error on activation.</li>
|
7 |
-
<li><strong>(v.6)</strong> FIXED: Locking session to IP address was not handling all IP addresses correctly.</li>
|
8 |
-
<li><strong>(v.5)</strong> FIXED: Further protection against errors if IP address is of a private network.</li>
|
9 |
-
<li><strong>(v.5)</strong> FIXED: Can't activate plugins in a particular scenario.</li>
|
10 |
-
<li><strong>(v.5)</strong> FIXED: Traffic Logger wasn't capturing traffic in some cases.</li>
|
11 |
-
<li><strong>(v.3)</strong> FIXED: Prevent MySQL error when Shield is running on private network or local machine.</li>
|
12 |
-
<li><strong>(v.3)</strong> FIXED: Prevent duplicate emails being sent when removing Security Admin key.</li>
|
13 |
-
<li><strong>(v.2)</strong> ADDED: Introductory tour of plugin, on activation.</li>
|
14 |
-
<li><strong>(v.2)</strong> IMPROVED: Enhanced IP detection of service providers for exclusion from traffic log.</li>
|
15 |
-
<li><strong>(v.2)</strong> IMPROVED: Plugin/Theme Hack Guard Snapshot building is optimised to reduce disruption is some cases.</li>
|
16 |
-
<li><strong>(v.2)</strong> IMPROVED: Visitor IP detection processing.</li>
|
17 |
-
<li><strong>(v.2)</strong> IMPROVED: Improved cache-prevention of Login Two-Factor Authentication portal.</li>
|
18 |
-
<li><strong>(v.2)</strong> FIXED: Firewall email alert was not sent when using certain dedicated email plugins.</li>
|
19 |
-
<li><strong>(v.2)</strong> FIXED: Firewall 404 setting was redirecting instead of responding with 404.</li>
|
20 |
-
<li><strong>(v.2)</strong> ADDED: Added support for NodePing filtering in the traffic logger.</li>
|
21 |
-
<li><strong>(v.1)</strong> FIXED: Fix for page loading issue/slowdown in some cases.</li>
|
22 |
-
<li><strong>(v.0)</strong> NEW: Initial support for checksum scanning of premium plugins and themes.</li>
|
23 |
-
<li><strong>(v.0)</strong> NEW: Ability to switch-off Security Admin with an email confirmation if key is lost/forgotten.</li>
|
24 |
-
<li><strong>(v.0)</strong> NEW: Ability to auto-repair theme files.</li>
|
25 |
-
<li><strong>(v.0)</strong> ADDED: Ability to whitelist requests so that they are never blacklisted.</li>
|
26 |
-
<li><strong>(v.0)</strong> ADDED: Ability to filter the IP White/Black list tables for a specific IP address.</li>
|
27 |
-
<li><strong>(v.0)</strong> ADDED: Support for repeated audit trail entries - so the logs don't get filled with repeated messages.</li>
|
28 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] Option to provide complete, custom Content Security Policy headers.</li>
|
29 |
-
<li><strong>(v.0)</strong> IMPROVED: Protection against a certain type of broken plugin installation if WordPress doesn't properly copy files.</li>
|
30 |
-
<li><strong>(v.0)</strong> IMPROVED: Redesigned Table UI for scan results.</li>
|
31 |
-
<li><strong>(v.0)</strong> IMPROVED: Redesigned Plugin/Theme File Guard.</li>
|
32 |
-
<li><strong>(v.0)</strong> IMPROVED: Completely re-written much of the scanners code.</li>
|
33 |
-
<li><strong>(v.0)</strong> IMPROVED: Better detection of the hosting server's IP addresses - i.e. support for IPv6 alongside IPv4.</li>
|
34 |
-
<li><strong>(v.0)</strong> FIXED: Two-Factor Authentication (2FA) login screen redirection bug.</li>
|
35 |
-
<li><strong>(v.0)</strong> FIXED: It was possible to temporarily by-pass the 2FA screen to gain access to WP Admin after logging-in.</li>
|
36 |
-
<li><strong>(v.0)</strong> CLEANED: Code cleaning.</li>
|
37 |
-
<li><strong>(v.0)</strong> UPDATED: Twitter Bootstrap library.</li>
|
38 |
-
</ul>
|
39 |
-
<p>= 8.4 - Series =
|
40 |
-
<em>Released: 29th November, 2019</em> - <a href="https://shsec.io/g5">Release Notes</a></p>
|
41 |
-
<ul>
|
42 |
-
<li><strong>(v.4)</strong> IMPROVED: Discovered serious conflict with SiteGround Optimizer plugin. Provided admin notice and automatic fixing.</li>
|
43 |
-
<li><strong>(v.4)</strong> FIXED: Protected against spurious error log notices when comparing hashes with "nothing".</li>
|
44 |
-
<li><strong>(v.3)</strong> FIXED: Reduce chances of fatal error occurring during upgrade.</li>
|
45 |
-
<li><strong>(v.0)</strong> ADDED: Charts of important events on Overview page highlight effectiveness of Shield.</li>
|
46 |
-
<li><strong>(v.0)</strong> ADDED: Support for whitelisting IPv6 ranges.</li>
|
47 |
-
<li><strong>(v.0)</strong> ADDED: Allow Audit Trail logging for Shield's Bot Detection features for all free installations.</li>
|
48 |
-
<li><strong>(v.0)</strong> IMPROVED: Malware scanner false-positive lookups now use further intelligence from API.</li>
|
49 |
-
<li><strong>(v.0)</strong> IMPROVED: Refactor Comment SPAM implementation away from inline-Javascript.</li>
|
50 |
-
<li><strong>(v.0)</strong> IMPROVED: Consolidate Events/Statistics database table to significantly reduce DB size.</li>
|
51 |
-
<li><strong>(v.0)</strong> CLEANED: Significant clean-out of old, deprecated, retired code.</li>
|
52 |
-
</ul>
|
53 |
-
<p>= 8.3 - Series =
|
54 |
-
<em>Released: 18th November, 2019</em> - <a href="https://shsec.io/g3">Release Notes</a></p>
|
55 |
-
<ul>
|
56 |
-
<li><strong>(v.0)</strong> IMPROVED: Improvements to Malware scanner to <a href="https://shsec.io/g3">now track malware results</a> by specific lines, not just by file.</li>
|
57 |
-
<li><strong>(v.0)</strong> IMPROVED: Support colons (:) in IP addresses during visitor IP address detection.</li>
|
58 |
-
<li><strong>(v.0)</strong> IMPROVED: Ensure license lookups use the correct site URL.</li>
|
59 |
-
<li><strong>(v.0)</strong> IMPROVED: Attempt to ensure that if there is an interruption in the API, malware patterns are available for scanning.</li>
|
60 |
-
<li><strong>(v.0)</strong> IMPROVED: Added default firewall whitelist parameter for AffiliateWP requests.</li>
|
61 |
-
<li><strong>(v.0)</strong> IMPROVED: Spanish, French, Japanese translations.</li>
|
62 |
-
</ul>
|
63 |
-
<p>= 8.2 - Series =
|
64 |
-
<em>Released: 1st October, 2019</em> - <a href="https://shsec.io/g0">Release Notes</a></p>
|
65 |
-
<ul>
|
66 |
-
<li><strong>(v.3)</strong> FIXED: Fix for reported RXSS vulnerability - <a href="https://shsec.io/g1">more info</a>.</li>
|
67 |
-
<li><strong>(v.3)</strong> FIXED: Fix for Rest API detection.</li>
|
68 |
-
<li><strong>(v.3)</strong> FIXED: Fix for translation of some strings.</li>
|
69 |
-
<li><strong>(v.2)</strong> FIXED: Fixes for scans running under Windows/IIS.</li>
|
70 |
-
<li><strong>(v.2)</strong> IMPROVED: Adds a check that a site can send an HTTP request to itself before allowing scans to run.</li>
|
71 |
-
<li><strong>(v.2)</strong> IMPROVED: Scans clean up after themselves better, if they fail to run.</li>
|
72 |
-
<li><strong>(v.2)</strong> IMPROVED: Server's own IP address detection when site migrated to a new host.</li>
|
73 |
-
<li><strong>(v.2)</strong> UPDATED: International translations.</li>
|
74 |
-
<li><strong>(v.2)</strong> FIXED: PHP notices when data wasn't as expected.</li>
|
75 |
-
<li><strong>(v.1)</strong> IMPROVED: Further reduce Malware false positives by also using SVN trunk data when verifying files for plugins and themes.</li>
|
76 |
-
<li><strong>(v.1)</strong> ADDED: Initial support for repairing Themes that have been installed from WordPress.org.</li>
|
77 |
-
<li><strong>(v.1)</strong> ADDED: Support for using <a href="https://wphashes.com">WP Hashes.com</a> for WordPress.org themes (already done for plugins).</li>
|
78 |
-
<li><strong>(v.1)</strong> FIXED: PHP notices in the logs.</li>
|
79 |
-
<li><strong>(v.0)</strong> IMPROVED: [<strong>PRO</strong>] Malware scanner now uses network intelligence to the gather information on malware results.</li>
|
80 |
-
<li><strong>(v.0)</strong> NEW: Traffic Watcher feature is now free for all users (no longer Pro-only).</li>
|
81 |
-
<li><strong>(v.0)</strong> IMPROVED: Scanning cron is improved and more efficient.</li>
|
82 |
-
<li><strong>(v.0)</strong> ADDED: Bulk Delete/Repair/Ignore actions now available for Malware scan results.</li>
|
83 |
-
<li><strong>(v.0)</strong> IMPROVED: Malware scan results now provide details of affected line numbers and patterns discovered.</li>
|
84 |
-
<li><strong>(v.0)</strong> IMPROVED: Malware scanner only scans <code>wp-admin</code>, <code>wp-includes</code>, <code>wp-content</code> folders, and files in top-level directory.</li>
|
85 |
-
<li><strong>(v.0)</strong> IMPROVED: Malware scanner now excludes <code>wp-content/cache/</code> directory.</li>
|
86 |
-
<li><strong>(v.0)</strong> IMPROVED: Malware scanner performance improved with caching.</li>
|
87 |
-
<li><strong>(v.0)</strong> IMPROVED: Malware auto-repair now works more consistently.</li>
|
88 |
-
<li><strong>(v.0)</strong> IMPROVED: Updated default firewall whitelist rules.</li>
|
89 |
-
<li><strong>(v.0)</strong> IMPROVED: If the PWNED Passwords API request fails entirely, the password check is skipped.</li>
|
90 |
-
<li><strong>(v.0)</strong> ADDED: Japanese translations are at 100%.</li>
|
91 |
-
<li><strong>(v.0)</strong> IMPROVED: Dutch translations are greatly improved (a huge thank you to Fred!).</li>
|
92 |
-
<li><strong>(v.0)</strong> FIXED: Audit Trail correctly logs multiple occurrences for the same type of event on the same page request.</li>
|
93 |
-
<li><strong>(v.0)</strong> FIXED: Audit Trail now correctly logs Google reCAPTCHA failure events.</li>
|
94 |
-
<li><strong>(v.0)</strong> FIXED: PHP error when firewall was set to kill response without a user message.</li>
|
95 |
-
</ul>
|
96 |
-
<p>= 8.1 - Series =
|
97 |
-
<em>Released: 18th September, 2019</em> - <a href="https://shsec.io/fy">Release Notes</a></p>
|
98 |
-
<ul>
|
99 |
-
<li><strong>(v.1)</strong> FIXED: Error for sites pre-5.0 that don't have function <code>determine_locale()</code></li>
|
100 |
-
<li><strong>(v.0)</strong> IMPROVED: Massive improvements to asynchronous scans in performance and reliability.</li>
|
101 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] Possible to supply multiple email addresses for Administrator login notifications.</li>
|
102 |
-
<li><strong>(v.0)</strong> ADDED: New firewall whitelist rule to prevent firewall blocks when activating certain plugins.</li>
|
103 |
-
<li><strong>(v.0)</strong> IMPROVED: Prevent errors caused by other plugins not passing correctly-formatted data through WP filters.</li>
|
104 |
-
<li><strong>(v.0)</strong> ADDED: Japanese translations (14%).</li>
|
105 |
-
<li><strong>(v.0)</strong> IMPROVED: Plugin locale now respects user profile locale setting.</li>
|
106 |
-
<li><strong>(v.0)</strong> IMPROVED: Audit Trail filter for specific events.</li>
|
107 |
-
<li><strong>(v.0)</strong> IMPROVED: Lots of cleanup of deprecated PHP code following the the v7-v8 upgrade.</li>
|
108 |
-
</ul>
|
109 |
-
<p>= 8.0 - Series =
|
110 |
-
<em>Released: 27th August, 2019</em> - <a href="https://shsec.io/fv">Release Notes</a></p>
|
111 |
-
<ul>
|
112 |
-
<li><strong>(v.2)</strong> IMPROVED: Password strength metering now better aligns with WordPress library (PHP 5.6+)</li>
|
113 |
-
<li><strong>(v.2)</strong> IMPROVED: Dutch translations have been adjusted.</li>
|
114 |
-
<li><strong>(v.2)</strong> FIXED: Setting 'Month' for IP block duration wasn't being applied.</li>
|
115 |
-
<li><strong>(v.2)</strong> FIXED: Certain admin notices not displayed when they should be.</li>
|
116 |
-
<li><strong>(v.1)</strong> FIXED: Comment SPAM blocking wasn't working if set to "Detect and Reject".</li>
|
117 |
-
<li><strong>(v.1)</strong> FIXED: Shield Widget/Badge broken in some cases.</li>
|
118 |
-
<li><strong>(v.1)</strong> ADDED: You can force Shield to operate in any <a href="https://shsec.io/gistshieldlocale">locale, regardless of site locale</a>.</li>
|
119 |
-
<li><strong>(v.1)</strong> ADDED: Russian translations are now at 100% and some Dutch translations have been adjusted.</li>
|
120 |
-
<li><strong>(v.0)</strong> NEW: [<strong>PRO</strong>] New Malware Scanner with automated file repair for WordPress.org Plugins and Core.</li>
|
121 |
-
<li><strong>(v.0)</strong> NEW: Complete overhaul of events system to better audit and collect statistics.</li>
|
122 |
-
<li><strong>(v.0)</strong> IMPROVED: Asynchronous scans - scans run in the background and so support more restrictive hosting.</li>
|
123 |
-
<li><strong>(v.0)</strong> IMPROVED: Plugin notification system is much improved.</li>
|
124 |
-
<li><strong>(v.0)</strong> IMPROVED: [<strong>PRO</strong>] Plugin Guard uses SVN repositories for file references <a href="https://shsec.io/fw">via WP Hashes API</a>.</li>
|
125 |
-
<li><strong>(v.0)</strong> CHANGED: Comment SPAM system now uses WordPress Transients API instead of dedicated DB table.</li>
|
126 |
-
<li><strong>(v.0)</strong> ADDED: 100% Translation coverage for French, Spanish, German, Portuguese, Serbian, Bosnian, Dutch. (Russian on the way)</li>
|
127 |
-
<li><strong>(v.0)</strong> CHANGED: Major code cleaning/refactoring for much of the plugin. More to come.</li>
|
128 |
-
</ul>
|
129 |
-
<p>= 7.4 - Series =
|
130 |
-
<em>Released: 13th May, 2019</em> - <a href="https://shsec.io/fc">Release Notes</a></p>
|
131 |
-
<ul>
|
132 |
-
<li><strong>(v.2)</strong> NEW: Options finder/jumper menu lets you find and jump to any option in the plugin instantly.</li>
|
133 |
-
<li><strong>(v.2)</strong> NEW: Help/explainer videos for a few sections - more to come.</li>
|
134 |
-
<li><strong>(v.2)</strong> FIXES: Fixes for a few problems introduced with the recent UI changes.</li>
|
135 |
-
<li><strong>(v.2)</strong> FIXED: Welcome wizard launching was broken.</li>
|
136 |
-
<li><strong>(v.1)</strong> NEW: Adjustments and redesign of Shield options pages.</li>
|
137 |
-
<li><strong>(v.1)</strong> IMPROVED: Further prep for better internationalization.</li>
|
138 |
-
<li><strong>(v.0)</strong> NEW: [<strong>PRO</strong>] <a href="https://shsec.io/fa">Manual/Automatic User Suspension</a></li>
|
139 |
-
<li><strong>(v.0)</strong> NEW: Comment SPAM - Increase minimum number of approved comments before scanning is skipped</li>
|
140 |
-
<li><strong>(v.0)</strong> NEW: [<strong>PRO</strong>] Comment SPAM - Trusted user roles where comments scanning is skipped</li>
|
141 |
-
<li><strong>(v.0)</strong> IMPROVED: AntiBot JS was improperly included when not required.</li>
|
142 |
-
<li><strong>(v.0)</strong> IMPROVED: Added a GeoIP caching table and removed bundled GeoIP database - greatly reduces download size.</li>
|
143 |
-
<li><strong>(v.0)</strong> FIXED: Inconsistent behaviour when PWA plugin is active and it infinitely reloads pages.</li>
|
144 |
-
<li><strong>(v.0)</strong> FIXED: Inconsistent behaviour with Anonymous API blocking.</li>
|
145 |
-
<li><strong>(v.0)</strong> IMPROVED: Code improvements and refactoring.</li>
|
146 |
-
<li><strong>(v.0)</strong> ADDED: Prep for upcoming malware scanner.</li>
|
147 |
-
</ul>
|
148 |
-
<p>= 7.3 - Series =
|
149 |
-
<em>Released: 15th April, 2019</em> - <a href="https://shsec.io/f0">Release Notes</a></p>
|
150 |
-
<ul>
|
151 |
-
<li><strong>(v.2)</strong> IMPROVED: Provided inline links for new <a href="https://shsec.io/ez">Bot Signals</a> options.</li>
|
152 |
-
<li><strong>(v.2)</strong> CHANGED: Added a workaround for WPML plugin using old, buggy version of TWIG library.</li>
|
153 |
-
<li><strong>(v.1)</strong> FIX: Protection against 404 tracking blocking visitors in some cases.</li>
|
154 |
-
<li><strong>(v.0)</strong> NEW: [<strong>PRO</strong>] <a href="https://shsec.io/ez">7x New Bot Signals</a> - rules to catch and block bad bots.</li>
|
155 |
-
<li><strong>(v.0)</strong> ADDED: Date picker for filtering Audit Log entries.</li>
|
156 |
-
<li><strong>(v.0)</strong> IMPROVED: Audit Log viewer now combines entries from the same request into 1 for better readability.</li>
|
157 |
-
<li><strong>(v.0)</strong> CHANGED: Use a more refined clearing of WP Fastest Cache.</li>
|
158 |
-
<li><strong>(v.0)</strong> FIX: Error displayed when deleting plugins in some cases.</li>
|
159 |
-
<li><strong>(v.0)</strong> UPDATED: Translations for Chinese, Finnish, Turkish, Dutch, Italian, and German.</li>
|
160 |
-
</ul>
|
161 |
-
<p>= 7.2 - Series =
|
162 |
-
<em>Released: 7th March, 2019</em> - <a href="https://shsec.io/ep">Release Notes</a></p>
|
163 |
-
<ul>
|
164 |
-
<li><strong>(v.2)</strong> SKIPPED: with error.</li>
|
165 |
-
<li><strong>(v.1)</strong> NEW: Provisional support for WP-CLI - no longer blocks Security Admin protected operations</li>
|
166 |
-
<li><strong>(v.1)</strong> FIX: Fix PHP warning notice on login page.</li>
|
167 |
-
<li><strong>(v.1)</strong> FIX: Unrecognised file scanning not operating as expected on Windows hosts.</li>
|
168 |
-
<li><strong>(v.0)</strong> NEW: <a href="https://shsec.io/eq">Scanner to detect and alert</a> to presence of abandoned plugins.</li>
|
169 |
-
<li><strong>(v.0)</strong> FIX: Fix bug with Security Admin passwords.</li>
|
170 |
-
<li><strong>(v.0)</strong> FIX: Fix bug with vulnerability scanner not correctly comparing versions.</li>
|
171 |
-
</ul>
|
172 |
-
<p>= 7.1 - Series =
|
173 |
-
<em>Released: 21st February, 2019</em> - <a href="https://shsec.io/ek">Release Notes</a></p>
|
174 |
-
<ul>
|
175 |
-
<li><strong>(v.2)</strong> IMPROVED: Firewall email notification content now better reflect the information in the audit trail.</li>
|
176 |
-
<li><strong>(v.2)</strong> FIX: Firewall email notification was breaking in some instances.</li>
|
177 |
-
<li><strong>(v.1)</strong> FIX: IP retrieval.</li>
|
178 |
-
<li><strong>(v.0)</strong> NEW: Moved Import/Export UI from Wizard to main Shield Dashboard.</li>
|
179 |
-
<li><strong>(v.0)</strong> NEW: [<strong>PRO</strong>] Option to import/export settings using file downloads/uploads</li>
|
180 |
-
<li><strong>(v.0)</strong> NEW: [<strong>PRO</strong>] Option to allow visitors to automatically unblock themselves (once in 24hrs)</li>
|
181 |
-
<li><strong>(v.0)</strong> NEW: Integrated changelog directly into plugin admin for easy updates (between releases)</li>
|
182 |
-
<li><strong>(v.0)</strong> FIXED: WP Core files scanner now correctly ignores certain files as it used to do, pre-v7. e.g. wp-config-sample.php</li>
|
183 |
-
<li><strong>(v.0)</strong> FIXED: Shield was indicating plugin/theme file editing was possible, when it in-fact was disabled.</li>
|
184 |
-
<li><strong>(v.0)</strong> IMPROVED: Consolidate crons into fewer crons. e.g. all scans run under the same cron.</li>
|
185 |
-
</ul>
|
186 |
-
<p>= 7.0 - Series =
|
187 |
-
<em>Released: 28th January, 2019</em> - <a href="https://shsec.io/ef">Release Notes</a></p>
|
188 |
-
<ul>
|
189 |
-
<li><strong>(v.4)</strong> IMPROVED: Refactored IP address blocking with improved audit trail messages.</li>
|
190 |
-
<li><strong>(v.4)</strong> CHANGED: Expanded anonymous REST API whitelist to include 'wpstatistics' namespace.</li>
|
191 |
-
<li><strong>(v.4)</strong> IMPROVED: Access protection for shield temp/caching dir.</li>
|
192 |
-
<li><strong>(v.4)</strong> IMPROVED: Clarification on reCAPTCHA - v3 is <strong>not</strong> supported.</li>
|
193 |
-
<li><strong>(v.4)</strong> IMPROVED: Clarification on user sessions timeout - Shield sets an absolutely session maximum.</li>
|
194 |
-
<li><strong>(v.4)</strong> IMPROVED: Options form submission is adjusted to work around poorly restrictive webhosts.</li>
|
195 |
-
<li><strong>(v.4)</strong> FIX: Various tweaks and fixes across the plugin.</li>
|
196 |
-
<li><strong>(v.4)</strong> FIX: Error with ClassicPress.</li>
|
197 |
-
<li><strong>(v.3)</strong> NEW: Automatically whitelist anonymous REST API Access for 3 plugins: Contact Form 7, WooCommerce, JetPack.</li>
|
198 |
-
<li><strong>(v.3)</strong> IMPROVED: Security admin login failure messages are clearer.</li>
|
199 |
-
<li><strong>(v.3)</strong> IMPROVED: Admin notification for email sending 2FA verification easily lets you resend email.</li>
|
200 |
-
<li><strong>(v.3)</strong> IMPROVED: File download code for WordPress Core file scanner repairs.</li>
|
201 |
-
<li><strong>(v.3)</strong> IMPROVED: Attempt to also capture B/CC email addresses included in outgoing emails in Audit logs.</li>
|
202 |
-
<li><strong>(v.3)</strong> FIX: Allow use of IPv4 ranges in whitelist again.</li>
|
203 |
-
<li><strong>(v.3)</strong> CHANGED: Numerous code refactoring and improvements building upon the major v7 release and prepping for v7.1.</li>
|
204 |
-
<li><strong>(v.1-2)</strong> FIXED: Some JS fixes.</li>
|
205 |
-
<li><strong>(v.0)</strong> NEW: New primary UI for Shield site security management. Easy access to scans, audit trail, user sessions etc.</li>
|
206 |
-
<li><strong>(v.0)</strong> NEW: Supports only PHP 5.4 or higher</li>
|
207 |
-
<li><strong>(v.0)</strong> NEW: Rebuilt scans architecture and UI</li>
|
208 |
-
<li><strong>(v.0)</strong> NEW: A huge amount of code cleaning and refactoring</li>
|
209 |
-
<li><strong>(v.0)</strong> CHANGED: Too many many changes and bug fixes to list -best to just take a look! :)</li>
|
210 |
-
</ul>
|
211 |
-
<p>= 6.10 - Series =
|
212 |
-
<em>Released: 15th October, 2018</em> - <a href="https://shsec.io/dg">Release Notes</a></p>
|
213 |
-
<ul>
|
214 |
-
<li><strong>(v.9)</strong> FIXED: Admin notices displaying to non-admins.</li>
|
215 |
-
<li><strong>(v.7)</strong> ADDED: [<strong>PRO</strong>] New option to specify usernames for Security Admin role.</li>
|
216 |
-
<li><strong>(v.7)</strong> IMPROVED: Idle user detection.</li>
|
217 |
-
<li><strong>(v.7)</strong> IMPROVED: Support for redirect/cancel URLs in 2FA login page.</li>
|
218 |
-
<li><strong>(v.7)</strong> CHANGED: Final release before Shield v7. Small warning shown on plugins page if PHP < 5.4</li>
|
219 |
-
<li><strong>(v.6)</strong> ADDED: New option to control plugin automatic updates.</li>
|
220 |
-
<li><strong>(v.6)</strong> IMPROVED: Enhancements to the experimental bot JS.</li>
|
221 |
-
<li><strong>(v.6)</strong> IMPROVED: Support for Easy Digital Downloads forms.</li>
|
222 |
-
<li><strong>(v.5)</strong> Release skipped.</li>
|
223 |
-
<li><strong>(v.4)</strong> FIXED: Couldn't deactivate plugin.</li>
|
224 |
-
<li><strong>(v.3)</strong> ADDED: Support for Ultimate Member forms</li>
|
225 |
-
<li><strong>(v.3)</strong> ADDED: Support for LearnPress login/registration forms</li>
|
226 |
-
<li><strong>(v.3)</strong> FIXED: Security Admin now correctly honours the WordPress Options zone setting.</li>
|
227 |
-
<li><strong>(v.3)</strong> IMPROVED: Distinguish which sub-site (sub-domain) for WPMS installations on <a href="https://shsec.io/c1">Traffic Watcher</a>.</li>
|
228 |
-
<li><strong>(v.3)</strong> IMPROVED: Server's own IP lookup is only attempted once.</li>
|
229 |
-
<li><strong>(v.3)</strong> ADDED: Experimental feature to help with some custom 3rd party login/registration forms</li>
|
230 |
-
<li><strong>(v.2)</strong> IMPROVED: Visitor IP address detection</li>
|
231 |
-
<li><strong>(v.2)</strong> IMPROVED: Automatic whitelisting of Manage WP IP addresses</li>
|
232 |
-
<li><strong>(v.2)</strong> IMPROVED: SPAM Comments code enhanced and optimised</li>
|
233 |
-
<li><strong>(v.2)</strong> IMPROVED: IP Whitelisting code enhanced and optimised</li>
|
234 |
-
<li><strong>(v.2)</strong> IMPROVED: Code cleaning and refactoring.</li>
|
235 |
-
<li><strong>(v.1)</strong> FIXED: Googlebot PHP error notice.</li>
|
236 |
-
<li><strong>(v.0)</strong> NEW: [<strong>PRO</strong>] 2FA Login Backup Codes - all users can create a backup login code in-case their MFA factors are temporarily unavailable.</li>
|
237 |
-
<li><strong>(v.0)</strong> NEW: [<strong>PRO</strong>] White Label - you can now specify custom image for 2FA login screen.</li>
|
238 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] Custom Exclusion Rules for Traffic Watcher so you can exclude certain User Agents and request paths.</li>
|
239 |
-
<li><strong>(v.0)</strong> ADDED: Detection of official spiders/bots for Google, Bing, Apple and Yandex - these visitors will never get blacklisted.</li>
|
240 |
-
<li><strong>(v.0)</strong> IMPROVED: Two-Factor Authentication system much improved (+ critical bug fix).</li>
|
241 |
-
<li><strong>(v.0)</strong> IMPROVED: Audit Trail entries for 2FA login factors.</li>
|
242 |
-
<li><strong>(v.0)</strong> IMPROVED: Fixes for Two-Factor Authentication wizard UX.</li>
|
243 |
-
<li><strong>(v.0)</strong> IMPROVED: Traffic Watcher now honours the IP Whitelist.</li>
|
244 |
-
<li><strong>(v.0)</strong> IMPROVED: Security Admin restriction for creating/editing/deleting Administrator users is much improved.</li>
|
245 |
-
<li><strong>(v.0)</strong> IMPROVED: All Shield cookies are SSL-only by default for HTTPS sites.</li>
|
246 |
-
<li><strong>(v.0)</strong> FIXED: GASP checkbox Javascript breaking in a particular scenario.</li>
|
247 |
-
<li><strong>(v.0)</strong> ADDED: Optional plugin deactivation survey.</li>
|
248 |
-
</ul>
|
249 |
-
<p>= 6.9.0 - Series =
|
250 |
-
<em>Released: 6th September, 2018</em> - <a href="https://shsec.io/dc">Release Notes</a></p>
|
251 |
-
<ul>
|
252 |
-
<li><strong>(v.0)</strong> NEW: [<strong>PRO</strong>] <a href="https://shsec.io/c1">Traffic Watcher</a> - live tracking of all requests to your site.</li>
|
253 |
-
<li><strong>(v.0)</strong> NEW: [<strong>PRO</strong>] <a href="https://shsec.io/c1">Yubikey</a> - Allows for multiple Yubikeys on the same user profile.</li>
|
254 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] Option to include listing of affected files within Hack Guard notification emails.</li>
|
255 |
-
<li><strong>(v.0)</strong> ADDED: Option to delete the Security Admin Access Key</li>
|
256 |
-
<li><strong>(v.0)</strong> ADDED: Option to add WooCommerce roles to 2FA-Email setting.</li>
|
257 |
-
<li><strong>(v.0)</strong> CHANGED: Basic Stats system now requires minimum PHP v5.4.</li>
|
258 |
-
<li><strong>(v.0)</strong> CHANGED: Password Policies now requires minimum WordPress v4.4.</li>
|
259 |
-
<li><strong>(v.0)</strong> IMPROVED: Password expiration now redirects to the 'set password' screen, instead of the user profile.</li>
|
260 |
-
<li><strong>(v.0)</strong> IMPROVED: Password capture for purposes of password policies is improved.</li>
|
261 |
-
<li><strong>(v.0)</strong> IMPROVED: You can now delete the 'forceoff' file from inside the WP Admin.</li>
|
262 |
-
<li><strong>(v.0)</strong> IMPROVED: Audit Trail entries for emails will identify the file that's calling the <code>wp_mail</code> function.</li>
|
263 |
-
<li><strong>(v.0)</strong> IMPROVED: Audit Trail entries for post editing will identify the post type wherever possible.</li>
|
264 |
-
<li><strong>(v.0)</strong> IMPROVED: Audit Trail entries will try to display all message text correctly.</li>
|
265 |
-
<li><strong>(v.0)</strong> IMPROVED: Login/Register/Password forms are only checked when visitor is not logged-in.</li>
|
266 |
-
<li><strong>(v.0)</strong> IMPROVED: Major database code refactoring and other code improvements.</li>
|
267 |
-
<li><strong>(v.0)</strong> IMPROVED: User sessions handling.</li>
|
268 |
-
<li><strong>(v.0)</strong> IMPROVED: Security Admin UX - ajax session checking, with admin notifications and auto-page reload.</li>
|
269 |
-
<li><strong>(v.0)</strong> IMPROVED: Security Admin password setting now requires a confirmation password entry.</li>
|
270 |
-
<li><strong>(v.0)</strong> IMPROVED: Refined Cooldown timing system.</li>
|
271 |
-
<li><strong>(v.0)</strong> IMPROVED: Refined Bot checkbox Javascript.</li>
|
272 |
-
<li><strong>(v.0)</strong> IMPROVED: Cron entry cleanup after deactivation.</li>
|
273 |
-
<li><strong>(v.0)</strong> UPDATED: Bootstrap libraries to latest release v4.1.3.</li>
|
274 |
-
<li><strong>(v.0)</strong> FIXED: Potential bug with Plugin/Themes guard scanning.</li>
|
275 |
-
<li><strong>(v.0)</strong> FIXED: PHP Warning(s).</li>
|
276 |
-
</ul>
|
277 |
-
<p>= 6.8 Series =
|
278 |
-
<em>Released: 11th June, 2018</em> - <a href="https://shsec.io/d4">Release Notes</a></p>
|
279 |
-
<ul>
|
280 |
-
<li><strong>(v.2)</strong> FIXED: Bug with multi-factor authentication verification.</li>
|
281 |
-
<li><strong>(v.2)</strong> FIXED: Bug with chosen reCAPTCHA style not being honoured on login pages</li>
|
282 |
-
<li><strong>(v.2)</strong> FIXED: Bug with Invisible reCAPTCHA + WooCommerce</li>
|
283 |
-
<li><strong>(v.2)</strong> FIXED: Bug with Pwned passwords always being checked even if setting turned off.</li>
|
284 |
-
<li><strong>(v.1)</strong> FIXED: A couple of bugs with WooCommerce reCAPTCHA processing.</li>
|
285 |
-
<li><strong>(v.1)</strong> FIXED: A bug with user sessions cleaning</li>
|
286 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] White Label - ability to re-brand the entire Shield Security plugin to your company brand.</li>
|
287 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] Option for all users to receive notification email upon login to their accounts.</li>
|
288 |
-
<li><strong>(v.0)</strong> IMPROVED: Completely rebuilt the bot and reCAPTCHA login protection system.</li>
|
289 |
-
<li><strong>(v.0)</strong> IMPROVED: Import/Export system hugely improved with respect to automated push of options from Master sites.</li>
|
290 |
-
<li><strong>(v.0)</strong> IMPROVED: A different approach to sessions management that should handle sessions a bit better.</li>
|
291 |
-
<li><strong>(v.0)</strong> IMPROVED: Expired user sessions are cleaned from the DB using a cron, and on Insights Dashboard load.</li>
|
292 |
-
</ul>
|
293 |
-
<p>= 6.7 Series =
|
294 |
-
<em>Released: 21st May, 2018</em> - <a href="https://shsec.io/cx">Release Notes</a></p>
|
295 |
-
<ul>
|
296 |
-
<li><strong>(v.2)</strong> ADDED: [<strong>PRO</strong>] Admin Notes feature - Notes can now be easily deleted (editing will not be possible).</li>
|
297 |
-
<li><strong>(v.2)</strong> UPDATED: Some translations.</li>
|
298 |
-
<li><strong>(v.2)</strong> FIXED: A few bugs with the Insights Dashboard.</li>
|
299 |
-
<li><strong>(v.2)</strong> FIXED: Removed the dependency on jQuery with Invisible reCAPTCHA.</li>
|
300 |
-
<li><strong>(v.1)</strong> FIXED: A few bugs with the Insights Dashboard</li>
|
301 |
-
<li><strong>(v.1)</strong> ADDED: [<strong>PRO</strong>] Admin Notes feature - you can now add notes to the Shield plugin in the Insights Dashboard.</li>
|
302 |
-
<li><strong>(v.0)</strong> ADDED: All-New Insights Dashboard providing a high-level overview of your site security, with recommendations.</li>
|
303 |
-
<li><strong>(v.0)</strong> ADDED: Helpful, explanatory videos directly into the Guided Welcome Wizard.</li>
|
304 |
-
<li><strong>(v.0)</strong> ADDED: A simple test cron to demonstrate whether your site crons are running.</li>
|
305 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] Full support for new WordPress GDPR Privacy Policy controls for exporting and erasing data.</li>
|
306 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] New GDPR guided wizard for exporting/erasing particular data based on custom search results.</li>
|
307 |
-
<li><strong>(v.0)</strong> CHANGED: Guided Wizards now load through WP admin to fix ajax problems for poorly configured SSL on some sites</li>
|
308 |
-
<li><strong>(v.0)</strong> IMPROVED: Upgraded Bootstrap library to 4.1.1.</li>
|
309 |
-
<li><strong>(v.0)</strong> IMPROVED: Compatibility with AIO Events Cal - they like to force their old Twig libraries on everyone else.</li>
|
310 |
-
</ul>
|
311 |
-
<p>= 6.6 Series =
|
312 |
-
<em>Released: 19th March, 2018</em> - <a href="https://shsec.io/c3">Release Notes</a></p>
|
313 |
-
<ul>
|
314 |
-
<li><strong>(v.7)</strong> IMPROVED: reCAPTCHA JS is only included on pages where it's actually used by Shield.</li>
|
315 |
-
<li><strong>(v.7)</strong> IMPROVED: Upgrade Bootstrap library to 4.1.0.</li>
|
316 |
-
<li><strong>(v.7)</strong> IMPROVED: Include jQuery for the plugin badge as required</li>
|
317 |
-
<li><strong>(v.6)</strong> ADDED: Small exclusion in the firewall for a jetpack parameter.</li>
|
318 |
-
<li><strong>(v.6)</strong> ADDED: SVGs to the default list of files scanned by the plugin guard.</li>
|
319 |
-
<li><strong>(v.6)</strong> ADDED: Workaround for a <a href="https://wordpress.org/support/topic/forcefully-executing-wp_footer-not-compatible-with-other-plugins/">ridiculous NGG bug</a>.</li>
|
320 |
-
<li><strong>(v.1-4)</strong> FIXED: Various small fixes and improvements</li>
|
321 |
-
<li><strong>(v.4)</strong> FIXED: PHP Fatal Error on wp object cache.</li>
|
322 |
-
<li><strong>(v.0)</strong> NEW: [<strong>PRO</strong>] <a href="https://shsec.io/c1">Keyless Activation of Pro licenses</a>.</li>
|
323 |
-
<li><strong>(v.0)</strong> ADDED: <a href="https://shsec.io/c2">WordPress Password Policies</a>.</li>
|
324 |
-
<li><strong>(v.0)</strong> ADDED: Pwned Passwords Detection.</li>
|
325 |
-
<li><strong>(v.0)</strong> IMPROVED: Major rewrite of plugin AJAX handling.</li>
|
326 |
-
<li><strong>(v.0)</strong> IMPROVED: Notices to indicate the time of the last scans.</li>
|
327 |
-
<li><strong>(v.0)</strong> FIXED: A few bugs</li>
|
328 |
-
</ul>
|
329 |
-
<p>= 6.5 Series =
|
330 |
-
<em>Released: 5th March, 2018</em> - <a href="https://shsec.io/bu">Release Notes</a></p>
|
331 |
-
<ul>
|
332 |
-
<li><strong>(v.0)</strong> IMPROVED: <a href="https://shsec.io/bq">Plugin Guard</a> better handles the case where a plugin/theme has been entirely renamed/removed.</li>
|
333 |
-
<li><strong>(v.0)</strong> IMPROVED: Attempts to access the XML-RPC system when it's disabled will now result in a transgression increment in the IP Black List</li>
|
334 |
-
<li><strong>(v.0)</strong> IMPROVED: Try to prevent black listing the server's own public IP address where visitor IP address detection is not correctly configured.</li>
|
335 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] Provisional support for not processing 2FA logins for Woocommerce Social Login plugin.</li>
|
336 |
-
<li><strong>(v.0)</strong> FIXED: Plugin Guard better handles ignoring non-WordPress.org Plugins/Themes</li>
|
337 |
-
<li><strong>(v.0)</strong> FIXED: A few small bugs</li>
|
338 |
-
</ul>
|
339 |
-
<p>= 6.4 Series =
|
340 |
-
<em>Released: 26th February, 2018</em> - <a href="https://shsec.io/br">Release Notes</a></p>
|
341 |
-
<ul>
|
342 |
-
<li><strong>(v.1-4)</strong> FIXED: Various Fixes</li>
|
343 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] New Scanner to <a href="https://shsec.io/bq">detect file changes for active plugins and themes</a></li>
|
344 |
-
<li><strong>(v.0)</strong> IMPROVED: Automatic updates for vulnerable plugins ignores <a href="https://shsec.io/bc">automatic updates delay setting</a></li>
|
345 |
-
<li><strong>(v.0)</strong> CHANGED: Email notifications for scanners will now link to the Wizard where possible, instead of listing files.</li>
|
346 |
-
</ul>
|
347 |
-
<p>= 6.3 Series =
|
348 |
-
<em>Released: 12th February, 2018</em> - <a href="https://shsec.io/bc">Release Notes</a></p>
|
349 |
-
<ul>
|
350 |
-
<li><strong>(v.3)</strong> FIXED: Bug with automatic updates delay setting</li>
|
351 |
-
<li><strong>(v.2)</strong> CHANGED: Changed a text that seems to cause servers to swallow-up emails. <a href="https://shsec.io/bi">See here for more reliable email</a></li>
|
352 |
-
<li><strong>(v.1)</strong> FIXED: Options page javascript to work around conflicts.</li>
|
353 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] <a href="https://shsec.io/bc">Automatic updates stability delay</a></li>
|
354 |
-
<li><strong>(v.0)</strong> IMPROVED: Complete <a href="https://shsec.io/bd">plugin UI rebuild</a>, using the new Bootstrap 4.</li>
|
355 |
-
<li><strong>(v.0)</strong> FIXED: A few bugs with Google Authenticator.</li>
|
356 |
-
</ul>
|
357 |
-
<p>= 6.2 Series =
|
358 |
-
<em>Released: 31st January, 2018</em> - <a href="https://shsec.io/b6">Release Notes</a></p>
|
359 |
-
<ul>
|
360 |
-
<li><strong>(v.2)</strong> FIXED: Fix for IP Manager PHP error.</li>
|
361 |
-
<li><strong>(v.2)</strong> IMPROVED: Two-factor verification email.</li>
|
362 |
-
<li><strong>(v.1)</strong> FIXED: Bug where administrator login email notification setting is not being honoured.</li>
|
363 |
-
<li><strong>(v.1)</strong> IMPROVED: If a site is having trouble with database creation, User Sessions wont lock you out.</li>
|
364 |
-
<li><strong>(v.0)</strong> IMPROVED: Major overhaul of the Shield User Sessions system.</li>
|
365 |
-
<li><strong>(v.0)</strong> IMPROVED: Link the Security Admin authentication with the new Sessions system.</li>
|
366 |
-
<li><strong>(v.0)</strong> IMPROVED: Major overhaul to plugin's user meta data storage, limiting to a single DB entry for all data.</li>
|
367 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] Ability to increase frequency of file system scans up to once every hour.</li>
|
368 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] Add a "remember me" option, to allow users to skip Multi-factor authentication for a set number of days.</li>
|
369 |
-
</ul>
|
370 |
-
<p>= 6.1 Series =
|
371 |
-
<em>Released: 15th January, 2018</em> - <a href="https://shsec.io/ay">Release Notes</a></p>
|
372 |
-
<ul>
|
373 |
-
<li><strong>(v.1)</strong> FIXED: Verify link missing from the two-factor authentication verification email.</li>
|
374 |
-
<li><strong>(v.0)</strong> ADDED: 3x more Shield Wizards: Multi-factor Authentication, Core File Scanning, Unrecognised File Scanning.</li>
|
375 |
-
<li><strong>(v.0)</strong> ADDED: You can now use regular expressions for file exclusions in the 'Unrecognised File Scanner'.</li>
|
376 |
-
<li><strong>(v.0)</strong> CHANGED: File Scanner email notifications now link to the appropriate scanner wizard directly.</li>
|
377 |
-
<li><strong>(v.0)</strong> IMPROVED: Plugin options pages restyling.</li>
|
378 |
-
<li><strong>(v.0)</strong> IMPROVED: Plugin refactoring and improvements.</li>
|
379 |
-
</ul>
|
380 |
-
<p>= 6.0 Series =
|
381 |
-
<em>Released: 18th December, 2017</em></p>
|
382 |
-
<ul>
|
383 |
-
<li><strong>(v.0)</strong> ADDED: All-new Shield Welcome and Setup Wizard - more helpful guided wizards to come.</li>
|
384 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] <a href="https://shsec.io/at">Shield options import and export</a></li>
|
385 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] In conjunction with import/export - Shield Security Network: automated options syncing.</li>
|
386 |
-
<li><strong>(v.0)</strong> CHANGED: Going forward, new features and options will <a href="https://shsec.io/au">support only PHP 5.4+</a>. Existing features will remain unaffected.</li>
|
387 |
-
</ul>
|
388 |
-
<p>= 5.20 Series =
|
389 |
-
<em>Released: 11th December, 2017</em></p>
|
390 |
-
<ul>
|
391 |
-
<li><strong>(v.0)</strong> IMPROVED: [<strong>PRO</strong>] Audit Trail length are configurable. Length for free is 50 entries (the original unpaginated limit)</li>
|
392 |
-
<li><strong>(v.0)</strong> IMPROVED: Large redesign of options sections to be more intuitive and cleaner</li>
|
393 |
-
<li><strong>(v.0)</strong> IMPROVED: Added dedicated help section for each module.</li>
|
394 |
-
<li><strong>(v.0)</strong> IMPROVED: Certain modules have an new <em>Actions</em> centre, such a Audit Trail viewer and User Sessions manager</li>
|
395 |
-
<li><strong>(v.0)</strong> IMPROVED: Audit Trails are now ajax-paginated. You can browse through all your audit trail entries</li>
|
396 |
-
<li><strong>(v.0)</strong> IMPROVED: User session tables are also ajax-paginated.</li>
|
397 |
-
</ul>
|
398 |
-
<p>= 5.19 Series =
|
399 |
-
<em>Released: 4th December, 2017</em></p>
|
400 |
-
<ul>
|
401 |
-
<li><strong>(v.1)</strong> FIXED: Plugin Vulnerabilities scan for premium plugins.</li>
|
402 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] Automated WordPress plugins vulnerability scanner with auto updates email notifications</li>
|
403 |
-
<li><strong>(v.0)</strong> ADDED: Added Google reCAPTCHA support for register/forget password pages.</li>
|
404 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] Support for Multi-Factor Authentication for WooCommerce and other 3rd party plugins.</li>
|
405 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] Bot-protection/Google reCAPTCHA support for BuddyPress register pages.</li>
|
406 |
-
</ul>
|
407 |
-
<p>= 5.18 Series =
|
408 |
-
<em>Released: 27th November, 2017</em></p>
|
409 |
-
<ul>
|
410 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] Invisible Google reCAPTCHA option.</li>
|
411 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] Support for Google reCAPTCHA themes - light and dark.</li>
|
412 |
-
<li><strong>(v.0)</strong> IMPROVEMENT: Google reCAPTCHA is more reliable and configurable.</li>
|
413 |
-
</ul>
|
414 |
-
<p>= 5.17 Series =
|
415 |
-
<em>Released: 23rd November, 2017</em></p>
|
416 |
-
<ul>
|
417 |
-
<li><strong>(v.0)</strong> ADDED: Shield Security goes Pro! Added new options and extras to premium clients.</li>
|
418 |
-
<li><strong>(v.0)</strong> IMPROVEMENT: Fix and improvement to Google reCAPTCHA.</li>
|
419 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] Support for Woocommerce and Easy Digital Downloads login/registration form protection.</li>
|
420 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] Ability to customise most user-facing texts.</li>
|
421 |
-
<li><strong>(v.0)</strong> ADDED: [<strong>PRO</strong>] Extra IP Transgression signal.</li>
|
422 |
-
</ul>
|
423 |
-
<p>= 5.16 Series =
|
424 |
-
<em>Released: 16th October, 2017</em></p>
|
425 |
-
<p>With this release, we fixed a clash of options for Google reCAPTCHA. Every attempt was made to ensure no interruption to your existing settings, but please check to ensure your reCAPTCHA settings are as you expect them to be.</p>
|
426 |
-
<ul>
|
427 |
-
<li><strong>(v.4)</strong> FIX: Error with incorrect/unprefixed database table name used in SQL query.</li>
|
428 |
-
<li><strong>(v.3)</strong> IMPROVEMENT: Tweak to the Visitor IP Auto-detection to better ensure CloudFlare IP addresses are ignored.</li>
|
429 |
-
<li><strong>(v.3)</strong> IMPROVEMENT: Plugin Badge will now stay closed when a visitor closes it.</li>
|
430 |
-
<li><strong>(v.2)</strong> FIX: Removed some namespace parsing that broke on sites with PHP 5.2.</li>
|
431 |
-
<li><strong>(v.1)</strong> FIX: 404 page displayed for password reset request when Login URL is renamed.</li>
|
432 |
-
<li><strong>(v.0)</strong> IMPROVEMENT: Much better auto-detection of valid request/visitor IP addresses.</li>
|
433 |
-
<li><strong>(v.0)</strong> FIX: Clashing of reCAPTCHA options for Comments and Login Protection.</li>
|
434 |
-
<li><strong>(v.0)</strong> IMPROVEMENT: Statistic Reporting database management and pruning.</li>
|
435 |
-
<li><strong>(v.0)</strong> FIX: Various system fixes and improvements.</li>
|
436 |
-
</ul>
|
437 |
-
<p>= 5.15 Series =
|
438 |
-
<em>Released: 21st September, 2017</em></p>
|
439 |
-
<ul>
|
440 |
-
<li><strong>(v.1)</strong> FIX: Processing AJAX requests from the Network Admin side of WordPress.</li>
|
441 |
-
<li><strong>(v.1)</strong> IMPROVEMENTS: Better handling of file exclusions in the Hack Guard module.</li>
|
442 |
-
<li><strong>(v.1)</strong> IMPROVEMENTS: Better handling of fatal errors in loading Shield where some core files are missing.</li>
|
443 |
-
<li><strong>(v.0)</strong> ADDED: New HTTP Security Header: Referrer Policy.</li>
|
444 |
-
<li><strong>(v.0)</strong> ADDED: Supports paths for file exclusions in the Unrecognised File Scanner.</li>
|
445 |
-
<li><strong>(v.0)</strong> IMPROVEMENTS: Better interception of unintentional redirects to the hidden Login URL (e.g. /wp-admin/customize.php).</li>
|
446 |
-
<li><strong>(v.0)</strong> IMPROVEMENTS: Better handling of email sending entries in the Audit Trail.</li>
|
447 |
-
<li><strong>(v.0)</strong> IMPROVEMENTS: Improved (tabbed) display of Audit Trail.</li>
|
448 |
-
<li><strong>(v.0)</strong> IMPROVEMENTS: Better generation & handling of the One Time Password for email-based two-factor authentication.</li>
|
449 |
-
<li><strong>(v.0)</strong> IMPROVEMENTS: Some code clean up and refactoring.</li>
|
450 |
-
</ul>
|
451 |
-
<p>= 5.14 Series =
|
452 |
-
<em>Released: 9th September, 2017</em></p>
|
453 |
-
<ul>
|
454 |
-
<li><strong>(v.0)</strong> ADDED: Option for administrators to manually override and set the source of the visitor IP address.</li>
|
455 |
-
<li><strong>(v.0)</strong> UPDATED: In-plugin documentation links to updated and revised helpdesk articles/blogs.</li>
|
456 |
-
<li><strong>(v.0)</strong> IMPROVEMENTS: Strip out any non-alphanumeric characters uses in the generation of Google Authenticator URLs.</li>
|
457 |
-
<li><strong>(v.0)</strong> FIX: Shield now ignores any requests sent to Rest API URIs with respect to Shield user sessions.</li>
|
458 |
-
</ul>
|
459 |
-
<p>= 5.13 Series =
|
460 |
-
<em>Released: 15th August, 2017</em></p>
|
461 |
-
<ul>
|
462 |
-
<li><strong>(v.2)</strong> IMPROVEMENTS: Small adjustment to handling of Shield User sessions in conjunction with WordPress sessions.</li>
|
463 |
-
<li><strong>(v.2)</strong> FIX: Restore display of help links for options.</li>
|
464 |
-
<li><strong>(v.1)</strong> FIX: PHP 5.2 incompatibility.</li>
|
465 |
-
<li><strong>(v.0)</strong> ADDED: New option for <a href="https://shsec.io/94">Unrecognised File Scanner</a> to scan the Uploads folder for JS and PHP files.</li>
|
466 |
-
<li><strong>(v.0)</strong> ADDED: Option to provide custom list of files to be excluded from the <a href="https://shsec.io/94">Unrecognised File Scanner</a>.</li>
|
467 |
-
</ul>
|
468 |
-
<p>= 5.12 Series =
|
469 |
-
<em>Released: 3rd August, 2017</em></p>
|
470 |
-
<ul>
|
471 |
-
<li><strong>(v.2)</strong> IMPROVEMENTS: Improved support for Windows IIS hosting for <a href="https://shsec.io/94">Unrecognised File Scanner</a></li>
|
472 |
-
<li><strong>(v.2)</strong> CHANGED: Removed the email-based 2FA automatic login link.</li>
|
473 |
-
<li><strong>(v.2)</strong> FIX: Potential bug with Shield not recognising plugin configuration updates and not rebuilding options accordingly.</li>
|
474 |
-
<li><strong>(v.1)</strong> ADDED: A few more exclusions for the <a href="https://shsec.io/94">Unrecognised File Scanner</a></li>
|
475 |
-
<li><strong>(v.1)</strong> FIX: Fix for Fatal error.</li>
|
476 |
-
<li><strong>(v.0)</strong> ADDED: <a href="https://shsec.io/94">Unrecognised File Scanner</a> release. Automatically detect and delete<pre><code> <span class="hljs-keyword">any</span> <span class="hljs-built_in">files</span> present <span class="hljs-keyword">in</span> core WordPress <span class="hljs-built_in">directories</span> that aren<span class="hljs-string">'t part of your core installation.</span>
|
477 |
-
</code></pre></li>
|
478 |
-
<li><strong>(v.0)</strong> ADDED: Updated Firewall rules for SQL under the 'Aggressive' rule set.</li>
|
479 |
-
</ul>
|
480 |
-
<p>= 5.11 Series =
|
481 |
-
<em>Released: 26th July, 2017</em></p>
|
482 |
-
<ul>
|
483 |
-
<li><strong>(v.1)</strong> FIX: JSON syntax</li>
|
484 |
-
<li><strong>(v.0)</strong> IMPROVEMENTS: Final preparation for <a href="https://shsec.io/83">Shield Central</a> release.</li>
|
485 |
-
</ul>
|
486 |
-
<p>= 5.10 Series =
|
487 |
-
<em>Released: 19th June, 2017</em></p>
|
488 |
-
<ul>
|
489 |
-
<li><strong>(v.2)</strong> FIXED: Fatal error with GASP + Password Reset.</li>
|
490 |
-
<li><strong>(v.2)</strong> FIXED: Fatal error with failing reCAPTCHA HTTP requests.</li>
|
491 |
-
<li><strong>(v.1)</strong> IMPROVEMENTS: Further preparation for <a href="https://shsec.io/83">Shield Central</a> release.</li>
|
492 |
-
<li><strong>(v.0)</strong> ADDED: More in-depth reporting and statistics gathering - options for reports will be made available<pre><code> <span class="hljs-keyword">in</span> <span class="hljs-selector-tag">a</span> later release.
|
493 |
-
</code></pre></li>
|
494 |
-
</ul>
|
495 |
-
<p>= 5.9 Series =
|
496 |
-
<em>Released: 31st May, 2017</em></p>
|
497 |
-
<ul>
|
498 |
-
<li><strong>(v.0)</strong> ADDED: Help Videos for 1 or 2 modules. More to come and just testing format and uptake.</li>
|
499 |
-
<li><strong>(v.0)</strong> ADDED: Special handling for WP Fastest Cache.</li>
|
500 |
-
<li><strong>(v.0)</strong> CHANGE: Configuration for automatic self-update for the Shield plugin has been removed.</li>
|
501 |
-
<li><strong>(v.0)</strong> CHANGE: No longer remove an existing user session when accessed from another IP address. Just redirect.<pre><code> Protects existing, legitimate sessions <span class="hljs-keyword">from</span> <span class="hljs-keyword">being</span> forcefully expired.
|
502 |
-
</code></pre></li>
|
503 |
-
<li><strong>(v.0)</strong> FIXED: Danish string translation.</li>
|
504 |
-
</ul>
|
505 |
-
<p>= 5.8 Series =
|
506 |
-
<em>Released: 7th April, 2017</em></p>
|
507 |
-
<ul>
|
508 |
-
<li><strong>(v.2)</strong> IMPROVEMENTS: The core file scanner now works more reliably for international WordPress installations.</li>
|
509 |
-
<li><strong>(v.2)</strong> CHANGE: Login Cooldown now uses only the flag file as an indicator of login times.</li>
|
510 |
-
<li><strong>(v.2)</strong> CHANGE: Filter to allow for changing the two factor timeout period, from 5 (minutes). Filter: <code>icwp-wpsf-login_intent_timeout</code></li>
|
511 |
-
<li><strong>(v.2)</strong> CHANGE: Changed timeout for two-factor authentication email to 5 minutes to account for slower email-sending providers.</li>
|
512 |
-
<li><strong>(v.2)</strong> CHANGE: Added further clarification to the Login Notification email indicating that two-factor authentication was pending.</li>
|
513 |
-
<li><strong>(v.1)</strong> FIXED: Fixed a couple of bugs with the Login Authentication Portal, for certain edge cases.</li>
|
514 |
-
<li><strong>(v.0)</strong> CHANGE: Major overhaul of <a href="https://shsec.io/87">Two-Factor / Multi-Factor Login Authentication</a>.</li>
|
515 |
-
<li><strong>(v.0)</strong> CHANGE: <a href="https://shsec.io/86">Introduction of Login Authentication Portal</a> for improved Multi-Factor Authentication.</li>
|
516 |
-
<li><strong>(v.0)</strong> ADDED: Option to choose between two-factor or multi-factor login authentication.</li>
|
517 |
-
<li><strong>(v.0)</strong> ADDED: Administrators can remove Google Authenticator from another user's profile.</li>
|
518 |
-
<li><strong>(v.0)</strong> ADDED: When Security Admin is active, only Security Admins may remove Google Authenticator from other admins.</li>
|
519 |
-
<li><strong>(v.0)</strong> CHANGE: Yubikey login authentication is now managed directly from the User Profile screen, as with Google Authenticator.</li>
|
520 |
-
<li><strong>(v.0)</strong> CHANGE: Email-based login authentication no longer uses a separate database table.</li>
|
521 |
-
<li><strong>(v.0)</strong> FIXED: Core file scanning now adequately handles Windows/Unix new lines during scan.</li>
|
522 |
-
<li><strong>(v.0)</strong> FIXED: Certain crons weren't setup correctly.</li>
|
523 |
-
<li><strong>(v.0)</strong> IMPROVEMENTS: Further preparation for <a href="https://shsec.io/83">Shield Central</a> release.</li>
|
524 |
-
</ul>
|
525 |
-
<p>= 5.7 Series =</p>
|
526 |
-
<ul>
|
527 |
-
<li><strong>(v.3)</strong> FIXED: Attempt to improve the Google Authenticator flow for more reliable activation.</li>
|
528 |
-
<li><strong>(v.2)</strong> IMPROVEMENTS: More admin notices when saving Google Authenticator settings.</li>
|
529 |
-
<li><strong>(v.2)</strong> IMPROVEMENTS: Further preparation for <a href="https://shsec.io/83">Shield Central</a> release.</li>
|
530 |
-
<li><strong>(v.1)</strong> Skipped</li>
|
531 |
-
<li><strong>(v.0)</strong> ADDED: Shortcode for displaying plugin badge in pages/posts.</li>
|
532 |
-
<li><strong>(v.0)</strong> CHANGE: Enabled JS eval() for the Content Security Policy by default.</li>
|
533 |
-
<li><strong>(v.0)</strong> IMPROVEMENTS: Replace YAML configuration files with JSON.</li>
|
534 |
-
<li><strong>(v.0)</strong> IMPROVEMENTS: Preparation for <a href="https://shsec.io/83">Shield Central</a> release.</li>
|
535 |
-
<li><strong>(v.0)</strong> IMPROVEMENTS: Security Admin notices are more refined and optimized.</li>
|
536 |
-
<li><strong>(v.0)</strong> IMPROVEMENTS: Removed unnecessary files/code.</li>
|
537 |
-
</ul>
|
538 |
-
<p>= 5.6 Series =</p>
|
539 |
-
<ul>
|
540 |
-
<li><strong>(v.2)</strong> CHANGE: Fix an instance where the hidden Login URL would be leaded.</li>
|
541 |
-
<li><strong>(v.1)</strong> CHANGE: Replaying of Yubikey one-time-passwords is no longer permitted.</li>
|
542 |
-
<li><strong>(v.1)</strong> ADDED: Filter for login form GASP fields.</li>
|
543 |
-
<li><strong>(v.1)</strong> ADDED: Filter for comment form GASP fields.</li>
|
544 |
-
<li><strong>(v.1)</strong> CHANGE: Improved compatibility of HTTP Headers with WP Super Cache.</li>
|
545 |
-
<li><p><strong>(v.0)</strong> ADDED: Option to disable anonymous Rest API access. WordPress v4.7+ only. Note that if another plugin</p>
|
546 |
-
<pre><code> <span class="hljs-keyword">or</span> service authenticates <span class="hljs-keyword">the</span> request <span class="hljs-keyword">it</span> will be honoured, whether anonymous <span class="hljs-keyword">or</span> <span class="hljs-keyword">not</span>.
|
547 |
-
</code></pre><p>= 5.5 Series =</p>
|
548 |
-
</li>
|
549 |
-
<li><p><strong>(v.6)</strong> IMPROVED: Fixed possible leak of the Login URL from the 'Hide WP Login URL' feature.</p>
|
550 |
-
</li>
|
551 |
-
<li><strong>(v.5)</strong> ADDED: Ability to add custom protocols to the domains (apart from http/s) to the Content Security Policy</li>
|
552 |
-
<li><strong>(v.5)</strong> FIXED: Bug where automatic update emails would contain empty plugins.</li>
|
553 |
-
<li><strong>(v.5)</strong> FIXED: Javascript scope on GASP form elements.</li>
|
554 |
-
<li><strong>(v.5)</strong> FIXED: Various fixes and code improvements.</li>
|
555 |
-
<li><strong>(v.4)</strong> FIXED: Bug with data cleaning/storage that caused stored options to balloon resulting in database timeouts. (only certain options affected)</li>
|
556 |
-
<li><strong>(v.4)</strong> IMPROVED: Sometimes "anti-virus" scanners scared normal, everyday hard-working folk by identifying a Shield file as being a virus, because they're not very clever - reduced chances of this.</li>
|
557 |
-
<li><strong>(v.3)</strong> ADDED: Fix for WordPress Multisite where the correct database prefix wasn't being used.</li>
|
558 |
-
<li><strong>(v.2)</strong> ADDED: Filter to allow modification of the email footer</li>
|
559 |
-
<li><strong>(v.2)</strong> ADDED: Block auto-updates on Shield itself if PHP < 5.3 and new version is v6.0+</li>
|
560 |
-
<li><strong>(v.2)</strong> FIXED: Missing Link</li>
|
561 |
-
<li><strong>(v.2)</strong> FIXED: Plugin Installation ID wasn't always being set</li>
|
562 |
-
<li><strong>(v.2)</strong> TRANSLATIONS: Dutch (56%)</li>
|
563 |
-
<li><strong>(v.1)</strong> ADDED: Built-in forceful protection in the form of a wp_die() against the (currently) un-patched W3 Total Cache XSS vulnerability <a href="https://shsec.io/7j">more info</a></li>
|
564 |
-
<li><strong>(v.1)</strong> IMPROVED: Better XMLRPC Lockdown - prevents ANY XMLRPC command processing.</li>
|
565 |
-
<li><strong>(v.1)</strong> IMPROVED: Make certain strings translatable</li>
|
566 |
-
<li><strong>(v.1)</strong> IMPROVED: Wrap-up certain login form elements into spans/divs to allow styling etc.</li>
|
567 |
-
<li><strong>(v.1)</strong> IMPROVED: PHP Version number cleaning during stats tracking.</li>
|
568 |
-
<li><strong>(v.0)</strong> ADDED: Options and statistics tracking ability. Over time we are looking to share statistics and performance metrics of Shield.</li>
|
569 |
-
<li><strong>(v.0)</strong> IMPROVED: Performance for options loading, especially for web hosts that don't permit file writing</li>
|
570 |
-
<li><strong>(v.0)</strong> CHANGED: Numerous fixes and code improvements.</li>
|
571 |
-
<li><strong>(v.0)</strong> CHANGED: Removed query that deletes old GASP comment tokens on normal page loads.</li>
|
572 |
-
<li><strong>(v.0)</strong> CHANGED: Google reCAPTCHA is now based on the locale of the website, not auto-detected.</li>
|
573 |
-
<li><strong>(v.0)</strong> FIXED: Now URL encodes the username in the link for two-factor authentication by email.</li>
|
574 |
-
<li><strong>(v.0)</strong> FIXED: If the xmlrpc.php has been deleted, this is now ignore by the file scanner</li>
|
575 |
-
<li><strong>(v.0)</strong> TRANSLATIONS: Dutch (38%), Portuguese (32%)</li>
|
576 |
-
</ul>
|
577 |
-
<p>= 5.4 Series =</p>
|
578 |
-
<ul>
|
579 |
-
<li><strong>(v.5)</strong> CHANGED: User Management module is no-longer enabled by default on clean installations</li>
|
580 |
-
<li><strong>(v.5)</strong> CHANGED: Made the GASP checkbox for Login protection clickable by label. <a href="https://github.com/FernleafSystems/Shield/pull/22">Thanks Aubrey!</a></li>
|
581 |
-
<li><strong>(v.5)</strong> CHANGED: Shield Statistics only shows for WordPress admins (instead of all users)</li>
|
582 |
-
<li><strong>(v.5)</strong> FIXED: Added a couple of guards to ensure data is of the correct format to prevent spurious errors</li>
|
583 |
-
<li><strong>(v.5)</strong> FIXED: Bug where automatic file repair links from emails we're not working.</li>
|
584 |
-
<li><strong>(v.4)</strong> SKIPPED.</li>
|
585 |
-
<li><strong>(v.3)</strong> FIXED: Various fixes and improvements</li>
|
586 |
-
<li><strong>(v.3)</strong> CHANGED: Lots of cleaning of old code.</li>
|
587 |
-
<li><strong>(v.3)</strong> REMOVED: Various old, unused options, and the force_ssl_login option as it's deprecated by WordPress Core</li>
|
588 |
-
<li><strong>(v.3)</strong> TRANSLATIONS: Dutch (36%), Swedish (35%)</li>
|
589 |
-
<li><strong>(v.3)</strong> FIXED: Various fixes and improvements</li>
|
590 |
-
<li><strong>(v.3)</strong> CHANGED: Lots of cleaning of old code.</li>
|
591 |
-
<li><strong>(v.3)</strong> REMOVED: Various old, unused options, and the force_ssl_login option as it's deprecated by WordPress Core</li>
|
592 |
-
<li><strong>(v.3)</strong> TRANSLATIONS: Dutch (36%), Swedish (35%)</li>
|
593 |
-
<li><strong>(v.2)</strong> ADDED: A guard around certain modules like, User Sessions, to ensure the DB has been initiated properly before use.</li>
|
594 |
-
<li><strong>(v.2)</strong> ADDED: Exclusion for Swedish license files that don't exist in the SVN repo.</li>
|
595 |
-
<li><strong>(v.2)</strong> ADDED: Parameter exclusion for reCAPTCHA.</li>
|
596 |
-
<li><strong>(v.2)</strong> CHANGED: <a href="https://shsec.io/7b">HTTP Security Headers</a> module is enabled by default on new installs.</li>
|
597 |
-
<li><strong>(v.1)</strong> FIXED: Nasty bug that caused an infinite loop bug in some configurations.</li>
|
598 |
-
<li><strong>(v.0)</strong> ADDED: Per-site plugin statistics gathering - summary display on admin dashboard.</li>
|
599 |
-
<li><strong>(v.0)</strong> ADDED: HTML class to the "I'm a human" checkbox field.</li>
|
600 |
-
<li><strong>(v.0)</strong> ADDED: Ability to change minimum user role for login notification emails with use of <code>add_filter()</code>. See FAQs.</li>
|
601 |
-
<li><strong>(v.0)</strong> REMOVED: Option 'Prevent Remote Login' causes more trouble with than it's worth with too many hosting configurations.</li>
|
602 |
-
<li><strong>(v.0)</strong> CHANGED: For websites that don't run WP Crons correctly, added code for automatic database cleaning.</li>
|
603 |
-
<li><strong>(v.0)</strong> CLEANED: Removed Twig render code as it was never being used.</li>
|
604 |
-
</ul>
|
605 |
-
<p>= 5.3 Series =</p>
|
606 |
-
<ul>
|
607 |
-
<li><strong>(v.2)</strong> IMPROVED: <a href="https://shsec.io/7b">HTTP Security Headers</a> Content Security Policy now supports specifying HTTPS for domains/hosts.</li>
|
608 |
-
<li><strong>(v.2)</strong> FIXED: Human Comment SPAM Feature didn't fire under certain circumstances.</li>
|
609 |
-
<li><strong>(v.2)</strong> FIXED: Fixed parsing of Human Comment SPAM dictionary words.</li>
|
610 |
-
<li><strong>(v.1)</strong> TRANSLATIONS: Dutch (32%)</li>
|
611 |
-
<li><strong>(v.0)</strong> ADDED: New Feature - <a href="https://shsec.io/7b">HTTP Security Headers</a>.</li>
|
612 |
-
<li><strong>(v.0)</strong> FIXED: Prevent renaming WP Login to "/login"</li>
|
613 |
-
</ul>
|
614 |
-
<p>= 5.2 Series =</p>
|
615 |
-
<ul>
|
616 |
-
<li><strong>(v.0)</strong> ADDED: Guard against core file scanner and automatic WordPress updates clashing.</li>
|
617 |
-
<li><strong>(v.0)</strong> CHANGED: Logic for brute force login checking is improved - they all run before username/password checking</li>
|
618 |
-
<li><strong>(v.0)</strong> FIXED: Certain older versions of PHP don't like combined IPv4 and IPv6 filter flags</li>
|
619 |
-
<li><strong>(v.0)</strong> FIXED: Google reCAPTCHA for WordPress sites that have restrictive settings for sockets etc.</li>
|
620 |
-
<li><strong>(v.0)</strong> REMOVED: <a href="https://shsec.io/75">Plugin vulnerabilities scanner</a>. It's out-of-date and unsuitable.</li>
|
621 |
-
</ul>
|
622 |
-
<p>= 5.1 Series =</p>
|
623 |
-
<ul>
|
624 |
-
<li><strong>(v.0)</strong> FIXED: Improved compatibility with bbPress.</li>
|
625 |
-
<li><strong>(v.0)</strong> CHANGED: Optimizations around options and definitions (storing fewer options data)</li>
|
626 |
-
<li><strong>(v.0)</strong> CHANGED: Improved styling and responsiveness of plugin badge.</li>
|
627 |
-
<li><strong>(v.0)</strong> ADDED: Ability to programmatically export/import options - further preparation for iControlWP+Shield integration.</li>
|
628 |
-
<li><strong>(v.0)</strong> FIXED: Issue where Core automatic updates would fail, but notification email was sent anyway</li>
|
629 |
-
</ul>
|
630 |
-
<p>= 5.0 Series =</p>
|
631 |
-
<ul>
|
632 |
-
<li><strong>(v.3)</strong> FIXED: Issue with setting session cookies with PHP 7</li>
|
633 |
-
<li><strong>(v.2)</strong> FIXED: <a href="https://shsec.io/5s">Rename WordPress Login URL</a> bug</li>
|
634 |
-
<li><strong>(v.2)</strong> CHANGED: reCAPTCHA text usage corrected throughout plugin.</li>
|
635 |
-
<li><strong>(v.1)</strong> CHANGED: Removed the whole 'wp-content' directory from the <a href="https://shsec.io/wpsf40">Core File Scanner</a> feature.</li>
|
636 |
-
<li><strong>(v.1)</strong> CHANGED: A WordPress filter to change the plugin badge text content (see FAQ)</li>
|
637 |
-
<li><strong>(v.1)</strong> CHANGED: Tweaked the plugin badge styling.</li>
|
638 |
-
<li><strong>(v.1)</strong> CHANGED: All emails sent by the plugin contain the name of the site and the current plugin version in the email footer.</li>
|
639 |
-
<li><strong>(v.1)</strong> ADDED: In-plugin links to blogs and info articles for Google ReCaptcha and <a href="https://shsec.io/wpsf43">Google Authenticator</a></li>
|
640 |
-
<li><strong>(v.0)</strong> NEW: WordPress Simple Firewall plugin has been re-branded and is called <strong>Shield</strong></li>
|
641 |
-
<li><strong>(v.0)</strong> ADDED: NEW feature - <a href="https://shsec.io/shld2">Google ReCaptcha</a> for Comment SPAM and Login protection.</li>
|
642 |
-
<li><strong>(v.0)</strong> ADDED: Support for this plugin is now Premium. Added Premium Support page that links to Helpdesk.</li>
|
643 |
-
<li><strong>(v.0)</strong> CHANGED: Refactor of comment spam code.</li>
|
644 |
-
<li><strong>(v.0)</strong> CHANGED: Core File Scanner now handles the odd Hungarian distribution.</li>
|
645 |
-
</ul>
|
646 |
-
<p>= 4.17 Series =
|
647 |
-
<em>Released: 17th February, 2016</em></p>
|
648 |
-
<ul>
|
649 |
-
<li><strong>(v.0)</strong> ADDED: NEW feature - <a href="https://shsec.io/wpsf43">Google Authenticator Login option</a>.</li>
|
650 |
-
<li><strong>(v.0)</strong> ADDED: <a href="https://shsec.io/wpsf40">Core File Scanner</a> now includes an automatic link to repair files (you must be logged in as admin for this link to work!).</li>
|
651 |
-
<li><strong>(v.0)</strong> ADDED: NEW - if you already have a logged-in session and you open the login screen, you'll be provided with a link to go straight to the admin area.</li>
|
652 |
-
<li><strong>(v.0)</strong> CHANGED: Email-based Two-Factor Authentication is now stateless/session-less - it will not check validity per-page load.</li>
|
653 |
-
<li><strong>(v.0)</strong> CHANGED: Changes to the email-based authentication system - now only 1 option and it no longer locks to IP or browser.</li>
|
654 |
-
<li><strong>(v.0)</strong> CHANGED: Various efficiency improvements including reduced SQL updates.</li>
|
655 |
-
<li><strong>(v.0)</strong> CHANGED: Email system is improved and now send emails from the default WordPress sender. This may be <a href="https://icontrolwp.freshdesk.com/support/solutions/articles/3000048723">changed with filter</a>.</li>
|
656 |
-
</ul>
|
657 |
-
<p>= 4.16 Series =
|
658 |
-
<em>Released: 20th January, 2016</em></p>
|
659 |
-
<ul>
|
660 |
-
<li><strong>(v.2)</strong> CHANGED: Further changes and improvements to the <a href="https://shsec.io/wpsf40">Core File Scanner</a>.</li>
|
661 |
-
<li><strong>(v.2)</strong> CHANGED: Improvements to the <a href="https://shsec.io/wpsf27">automatic black list system</a> for failed login attempts.</li>
|
662 |
-
<li><strong>(v.2)</strong> TRANSLATIONS: Turkish (100%)</li>
|
663 |
-
<li><strong>(v.1)</strong> CHANGED: Improved the contents of the <a href="https://shsec.io/wpsf40">Core File Scanner</a> notification email with links to original source files.</li>
|
664 |
-
<li><strong>(v.1)</strong> CHANGED: Now also excluding the /wp-content/languages/ directory since translations may update independently.</li>
|
665 |
-
<li><strong>(v.1)</strong> CHANGED: Handles the special case of <a href="https://wordpress.org/support/topic/problem-with-checksum-hashes">old index.php files</a></li>
|
666 |
-
<li><strong>(v.0)</strong> ADDED: Feature: <a href="https://shsec.io/wpsf40">Automatically scans WordPress Core files</a> and detects alterations from the default WordPress Core File data</li>
|
667 |
-
<li><strong>(v.0)</strong> ADDED: Feature: to automatically attempt to repair/replace WordPress Core files that are discovered which have been altered.</li>
|
668 |
-
<li><strong>(v.0)</strong> ADDED: Option to toggle the <a href="https://shsec.io/wpsf41">Plugin Vulnerabilities cron</a>.</li>
|
669 |
-
<li><strong>(v.0)</strong> ADDED: Two-Factor Authentication links now honour the WordPress 'redirect_to' parameter.</li>
|
670 |
-
</ul>
|
671 |
-
<p>= 4.15 Series =
|
672 |
-
<em>Released: 6th January, 2016</em></p>
|
673 |
-
<ul>
|
674 |
-
<li><strong>(v.0)</strong> ADDED: New and updated Firewall rules as well as a new 'Aggressive' option that looks for additional request data. Disabled by default, but may cause an increase in false positives.</li>
|
675 |
-
<li><strong>(v.0)</strong> CHANGED: Improved and optimized Firewall processing.</li>
|
676 |
-
<li><strong>(v.0)</strong> FIXED: <a href="https://github.com/FernleafSystems/wp-simple-firewall/issues/3">Issue</a> where automatic update notification emails are sent out without any update notices (probably due to failed updates).</li>
|
677 |
-
<li><strong>(v.0)</strong> FIXED: Small conflict with WP Login Rename and other security plugins.</li>
|
678 |
-
<li><strong>(v.0)</strong> TRANSLATIONS: Czech (91%), Finnish (98%), Turkish (98%).</li>
|
679 |
-
</ul>
|
680 |
-
<p>= 4.14 Series =
|
681 |
-
<em>Released: 20th November, 2015</em></p>
|
682 |
-
<ul>
|
683 |
-
<li><strong>(v.2)</strong> ADDED: User notice message displayed when the 'Theme My Login' plugin is active and you try to rename your login URL - It is not compatible.</li>
|
684 |
-
<li><strong>(v.1)</strong> ADDED: Added WordPress filter option to specify URL instead of present a 404 when Rename WP Login is active. <a href="https://icontrolwp.freshdesk.com/solution/articles/3000044812">more info</a></li>
|
685 |
-
<li><strong>(v.1)</strong> ADDED: Added 'Unique Plugin Installation ID' to be utilized in the future.</li>
|
686 |
-
<li><strong>(v.1)</strong> FIXED: WordPress Comments bug where some comments didn't pass through the SPAM filters in a certain scenario.</li>
|
687 |
-
<li><strong>(v.0)</strong> ADDED: <a href="https://shsec.io/wpsf33">Custom Automatic Update Notifications Email</a> that runs separately to the in-built WordPress core notification email.</li>
|
688 |
-
<li><strong>(v.0)</strong> ADDED: Filter to remove the admin area IP address footer text</li>
|
689 |
-
<li><strong>(v.0)</strong> CHANGED: Added native support for PayPal return links - whitelisting "verify_sign" parameter.</li>
|
690 |
-
<li><strong>(v.0)</strong> CHANGED: Tweak patterns for matching on 'WordPress terms'.</li>
|
691 |
-
<li><strong>(v.0)</strong> TRANSLATIONS: Danish (100%), Czech (92%), Turkish (92%), Finnish (88%),</li>
|
692 |
-
<li><strong>(v.0)</strong> FIXED: Small bugs and readying for WordPress 4.4</li>
|
693 |
-
</ul>
|
694 |
-
<p>= 4.13 Series =
|
695 |
-
<em>Released: 22nd October, 2015</em></p>
|
696 |
-
<ul>
|
697 |
-
<li><strong>(v.0)</strong> NEW: Added option to block the modification, addition/promotion and deletion of WordPress administrators users within the 'Security Admin' module.</li>
|
698 |
-
<li><strong>(v.0)</strong> NEW: Renamed 'Admin Access' module to 'Security Admin'.</li>
|
699 |
-
<li><strong>(v.0)</strong> CHANGED: Simplified and consolidated the use of cookies for User Session - sets and removes cookies better to reduce their usage.</li>
|
700 |
-
<li><strong>(v.0)</strong> CHANGED: Simplified and consolidated the use of cookies for Two Factor Login Authentication.</li>
|
701 |
-
<li><strong>(v.0)</strong> CHANGED: Cleaned up some Comment SPAM filtering code.</li>
|
702 |
-
<li><strong>(v.0)</strong> CHANGED: Comments Filter doesn't use cookies unless a session cookie for the visitor already exists.</li>
|
703 |
-
<li><strong>(v.0)</strong> CHANGED: IP Manager Automatic Black List - default black list duration is now 1 minute & default transgressions limit is 10</li>
|
704 |
-
<li><strong>(v.0)</strong> CHANGED: Improvements to the database create queries: use MySQL Engine defaults (instead of MyISAM); use WordPress dbDelta() for updates.</li>
|
705 |
-
<li><strong>(v.0)</strong> CHANGED: Various code optimizations and cleaning.</li>
|
706 |
-
</ul>
|
707 |
-
<p>= 4.12 Series =
|
708 |
-
<em>Released: 10th October, 2015</em></p>
|
709 |
-
<ul>
|
710 |
-
<li><strong>(v.0)</strong> NEW: Option to completely disable the XML-RPC system. <a href="https://shsec.io/wpsf31">more info</a></li>
|
711 |
-
<li><strong>(v.0)</strong> CHANGED: Logged-in users are automatically forwarded to the WordPress admin only if they are Administrators.</li>
|
712 |
-
</ul>
|
713 |
-
<p>= 4.11 Series =
|
714 |
-
<em>Released: 5th October, 2015</em></p>
|
715 |
-
<ul>
|
716 |
-
<li><strong>(v.0)</strong> NEW: Ability to now completely block the update/changing of certain WordPress site options. <a href="https://shsec.io/wpsf30">more info</a></li>
|
717 |
-
<li><strong>(v.0)</strong> FIXED: Various small bugs with the IP Manager UI ajax.</li>
|
718 |
-
<li><strong>(v.0)</strong> FIXED: Uncaught PHP Exception when a site's hosting isn't properly configured to handle IPv6 addresses.</li>
|
719 |
-
<li><strong>(v.0)</strong> TRANSLATIONS: Danish - 57%, Czech - 100%, Finnish - 94%</li>
|
720 |
-
</ul>
|
721 |
-
<p>= 4.10 Series =
|
722 |
-
<em>Released: 23rd August, 2015</em></p>
|
723 |
-
<ul>
|
724 |
-
<li><strong>(v.4)</strong> REFACTOR: Notifications system is more reliable and most notices can be hidden/closed (at least for the current page load as some notices are persistent).</li>
|
725 |
-
<li><strong>(v.4)</strong> REMOVED: The old manual black list option has been completely removed - in favour of the automatic black list system.</li>
|
726 |
-
<li><strong>(v.4)</strong> CHANGED: Revised the order of certain hooks being created to avoid the possibility of pluggable.php not being loaded for PHP Shutdown.</li>
|
727 |
-
<li><strong>(v.4)</strong> CHANGED: The presence of IP addresses in the IP Whitelist will force the IP Manager feature to be enabled.</li>
|
728 |
-
<li><strong>(v.4)</strong> CHANGED: We now make an attempt to prevent the caching of WordPress wp_die() pages that we generate. (compatible with at least W3TC, Super Cache)</li>
|
729 |
-
<li><p><strong>(v.4)</strong> TRANSLATIONS: Turkish - 100%, Danish - 3%</p>
|
730 |
-
</li>
|
731 |
-
<li><p><strong>(v.3)</strong> FIXED: Another PHP 5.2 incompatibility.</p>
|
732 |
-
</li>
|
733 |
-
<li><strong>(v.2)</strong> ADDED: White Listing UI to the IP Manager - CIDR ranges are supported (also automatically migrates IPs, except ranges, from legacy to new)</li>
|
734 |
-
<li><strong>(v.2)</strong> ADDED: Returned the black marking of failed WP login attempts to the automatic black list system</li>
|
735 |
-
<li><strong>(v.2)</strong> ADDED: Using a 3rd party API service: <a href="https://www.ipify.org/">ipify.org</a> - to find the server's own IP address so we can ensure it's not used in the black lists</li>
|
736 |
-
<li><strong>(v.2)</strong> CHANGED: AJAX calls are handled more robustly with actual error messages where possible.</li>
|
737 |
-
<li><p><strong>(v.2)</strong> FIXED: A few black list processing bugs.</p>
|
738 |
-
</li>
|
739 |
-
<li><p><strong>(v.1)</strong> ADDED: UI to view and remove IP address from Automatic Black List Engine.</p>
|
740 |
-
</li>
|
741 |
-
<li><strong>(v.1)</strong> FIX: Removed transgression counting on failed logins - WP data is inconsistent.</li>
|
742 |
-
<li><strong>(v.1)</strong> CHANGED: Original legacy white list now takes priority over new auto black list</li>
|
743 |
-
<li><strong>(v.1)</strong> CHANGED: Default transgressions limit is now 7</li>
|
744 |
-
<li><strong>(v.1)</strong> ADDED: Ability to reset plugin options to default using 'reset' flag file. <a href="https://shsec.io/wpsf28">more info</a></li>
|
745 |
-
<li><strong>(v.0)</strong> NEW FEATURE: 'FABLE' - <a href="https://shsec.io/wpsf27">Fully Automatic Black Listing Engine</a>.</li>
|
746 |
-
</ul>
|
747 |
-
<p>Simply put, FABLE will automatically block all malicious traffic by IP, based on their activity. This Security Plugin will track malicious behaviour
|
748 |
-
and count all transgressions that visitors make against the site. Once a particular visitor exceeds the specified number transgressions, FABLE
|
749 |
-
will outright block any access they have to your WordPress site.</p>
|
750 |
-
<p>What makes the FABLE system better?</p>
|
751 |
-
<ul>
|
752 |
-
<li>Hands Free - Automatic. No more need for maintaining manual black lists.</li>
|
753 |
-
<li>Loads first before other plugins.</li>
|
754 |
-
<li>Automatic pruning. Based on expiration time you specify, older IP address will be removed.</li>
|
755 |
-
<li>Increased Performance. With automatic pruning, IP look-up tables remain small and concise so page load times for legitimate visitors is minimally affected.</li>
|
756 |
-
<li>Adaptive. It wont just block based on 1 misdemeanour - instead you may allow any given visitor grace to legitimately get things wrong (like login passwords).</li>
|
757 |
-
<li>Intelligent. With an fully integrated plugin such as this, it uses login failure attempts, spam comment attempts, login brute force attempts to capture malicious visitors.</li>
|
758 |
-
</ul>
|
759 |
-
<p>Which actions will trigger an ABLE transgression?</p>
|
760 |
-
<ul>
|
761 |
-
<li>Attempt to login with an invalid username/password combination</li>
|
762 |
-
<li>Any attempt to login while the login cooldown system is in-effect</li>
|
763 |
-
<li>Any login attempt that trips the GASP Login protection system</li>
|
764 |
-
<li>Any login attempt with a username that doesn't exist</li>
|
765 |
-
<li>Any attempt to access /wp-admin/, /login/, or wp-login.php while the Rename WP Login setting is active</li>
|
766 |
-
<li>Any comment that gets labelled as SPAM by the plugin</li>
|
767 |
-
<li>Failed attempt to authenticate with the plugin's Admin Access Protection module</li>
|
768 |
-
<li>Any trigger of a Firewall block rule</li>
|
769 |
-
</ul>
|
770 |
-
<p>= 4.9 Series =
|
771 |
-
<em>Released: 7th July, 2015</em></p>
|
772 |
-
<ul>
|
773 |
-
<li><strong>(v.8)</strong> CHANGED: Firewall, User Sessions and Lockdown Feature Modules are now enabled by default for new installations.</li>
|
774 |
-
<li><strong>(v.8)</strong> FIX: Some server email programs can't handle colons (:) in the email subject (because supporting all characters would be waaay too radical man).</li>
|
775 |
-
<li><strong>(v.8)</strong> ADDED: Function to better get the WordPress home URL to prevent interference from other plugins.</li>
|
776 |
-
<li><strong>(v.8)</strong> CHANGED: Updated Text For <a href="https://shsec.io/6e">Author Scan Block</a> feature.</li>
|
777 |
-
<li><strong>(v.7)</strong> CHANGED: How author query blocking works to be more reliable and stricter - only runs when users are not logged in, and it will DIE instead of redirect.</li>
|
778 |
-
<li><strong>(v.6)</strong> ADDED: New Option: prevent detection of usernames using the ?author=N query. (location under section: Lockdown -> Obscurity)</li>
|
779 |
-
<li><strong>(v.6)</strong> FIXED: Infinite redirect loop logic prevents redirect for rejected comment SPAM that's posted in bulk. This results in email notifications for spam comments.</li>
|
780 |
-
<li><strong>(v.5)</strong> ADDED: The plugin will load itself first before all other plugins</li>
|
781 |
-
<li><strong>(v.5)</strong> FIXED: No longer using parse_url() to determine the request URL as it's too inconsistent and unreliable.</li>
|
782 |
-
<li><strong>(v.4)</strong> FIX: Audit Trail Viewer display issue with non-escaped HTML (Thanks Chris!)</li>
|
783 |
-
<li><strong>(v.4)</strong> ADDED: An admin warning for sites with PHP version less than 5.3.2 (future versions will require this as a minimum)</li>
|
784 |
-
<li><strong>(v.4)</strong> TRANSLATIONS: Danish - 6%, Spanish - 76%</li>
|
785 |
-
<li><strong>(v.3)</strong> ADDED: Further checking for availability of certain PHP/server data before enabling the rename WordPress login feature</li>
|
786 |
-
<li><strong>(v.3)</strong> ADDED: Option to add the Plugin Badge as a Widget to your side-bar or page footer, or any other widget area.</li>
|
787 |
-
<li><strong>(v.3)</strong> TRANSLATIONS: Polish - 100%</li>
|
788 |
-
<li><strong>(v.2)</strong> ADDED: Email notifications sent out to report email address on a daily cron. <a href="https://www.icontrolwp.com/2015/07/plugin-vulnerability-email-notifications/">more info</a></li>
|
789 |
-
<li><strong>(v.2)</strong> FIX: Work around a WordPress inline plugin update Javascript bug.</li>
|
790 |
-
<li><strong>(v.1)</strong> FIX: Fix syntax support for earlier versions of PHP.</li>
|
791 |
-
<li><strong>(v.0)</strong> FEATURE: Plugin Vulnerabilities Detection: If you're running plugins with known vulnerabilities you will be warned - <a href="https://shsec.io/wpsf22">more info</a></li>
|
792 |
-
</ul>
|
793 |
-
<p>= 4.8 Series =
|
794 |
-
<em>Released: 21st June, 2015</em></p>
|
795 |
-
<ul>
|
796 |
-
<li><strong>(v.0)</strong> FEATURE: Admin Access Restriction Areas - Restrict access to certain WordPress areas and functionality to <strong>Administrators</strong> with the Admin Access key.</li>
|
797 |
-
<li><strong>(v.0)</strong> ADDED: Admin Access Restriction Area - Plugins. You can now restrict access to certain Plugin actions - activate, install, update, delete.</li>
|
798 |
-
<li><strong>(v.0)</strong> ADDED: Admin Access Restriction Area - Themes. You can now restrict access to certain Theme actions - activate, install, update, delete.</li>
|
799 |
-
<li><strong>(v.0)</strong> ADDED: Admin Access Restriction Area - Pages/Post. You can now restrict access to certain Page/Post actions - Create/Edit, Publish, Delete.</li>
|
800 |
-
</ul>
|
801 |
-
<p>= 4.7 Series =
|
802 |
-
<em>Released: 29th April, 2015</em></p>
|
803 |
-
<ul>
|
804 |
-
<li><strong>(v.7)</strong> FIXED: The text used to explain why some comments were marked as spam was broken.</li>
|
805 |
-
<li><strong>(v.7)</strong> FIXED: Group sign-up form now honours your SSL setting.</li>
|
806 |
-
<li><strong>(v.7)</strong> TRANSLATIONS: Spanish - 74%, Russian - 91%, Turkish - 94%, Polish- 95%, Finnish - 100%</li>
|
807 |
-
<li><strong>(v.6)</strong> FIXED: Verifying ability to send/receive email doesn't complete if Admin Access Protection is turned on.</li>
|
808 |
-
<li><strong>(v.6)</strong> FIXED: GASP Login Protection feature breaks because certain key options aren't initialized when the feature is enabled.</li>
|
809 |
-
<li><strong>(v.6)</strong> FIXED: Some "more info" links were empty.</li>
|
810 |
-
<li><strong>(v.4)</strong> ADDED: Email Sending Verification when enabling two-factor authentication - this ensures your site can send (and you can receive) emails.</li>
|
811 |
-
<li><strong>(v.4)</strong> ADDED: Section Summaries - each option tab contains a small text summary outlining the purpose and recommendation for each.</li>
|
812 |
-
<li><strong>(v.4)</strong> CHANGED: The Admin Access Key input is now a password field.</li>
|
813 |
-
<li><strong>(v.4)</strong> CHANGED: Custom Login URL now works with or without trailing slash.</li>
|
814 |
-
<li><strong>(v.4)</strong> CHANGED: Streamlining and improvement of PHP UI templates</li>
|
815 |
-
<li><strong>(v.4)</strong> ADDED: Implemented TWIG for templates (not yet activated)</li>
|
816 |
-
<li><strong>(v.4)</strong> TRANSLATIONS: Romanian (100%), Spanish-Spain (63%)</li>
|
817 |
-
<li><strong>(v.3)</strong> ADDED: Integrated protection against 2x RevSlider vulnerabilities (Local File Include and Arbitrary File Upload)</li>
|
818 |
-
<li><strong>(v.3)</strong> CHANGED: Reverted the addition of Permalinks/Rewrite rules flushing, in case this is a problem for some.</li>
|
819 |
-
<li><strong>(v.2)</strong> UPDATED/FIX: Major fixes and improvements to the rename wp-login.php feature.</li>
|
820 |
-
<li><strong>(v.2)</strong> TRANSLATIONS: Mexican-Spanish (61%), Arabic (38%)</li>
|
821 |
-
<li><strong>(v.1)</strong> FIX: Silence warnings from filesystem touch() command.</li>
|
822 |
-
<li><strong>(v.1)</strong> TRANSLATIONS: Polish (100%), Finnish (100%), Czech (73%), Arabic (34%)</li>
|
823 |
-
<li><strong>(v.0)</strong> UPDATED: Options page user interface re-design.</li>
|
824 |
-
<li><strong>(v.0)</strong> FIX: Audit trail time now reflects the user's timezone correctly.</li>
|
825 |
-
<li><strong>(v.0)</strong> FIX: Better compatibility with BBPress.</li>
|
826 |
-
<li><strong>(v.0)</strong> UPDATED: Underlying plugin code improvements.</li>
|
827 |
-
<li><strong>(v.0)</strong> TRANSLATIONS: Russian (100%), Czech (70%), Polish (97%)</li>
|
828 |
-
</ul>
|
829 |
-
<p>= 4.6 Series =
|
830 |
-
<em>Released: 10th April, 2015</em></p>
|
831 |
-
<ul>
|
832 |
-
<li><strong>(v.3)</strong> SECURITY: Added protection against XSS vulnerability in WordPress comments. <a href="https://shsec.io/63">Learn More</a> - Note: This is not a vulnerability with the Firewall plugin.</li>
|
833 |
-
<li><strong>(v.3)</strong> SECURITY: Added extra precautions to WordPress URL redirects. <a href="https://shsec.io/64">Learn More</a>.</li>
|
834 |
-
<li><strong>(v.3)</strong> TRANSLATIONS: Russian (70%), Czech (67%)</li>
|
835 |
-
<li><strong>(v.2)</strong> FIX: Bug with the database table verification logic.</li>
|
836 |
-
<li><strong>(v.2)</strong> TRANSLATIONS: Russian (New- 54%), Romanian (100%), Turkish (89%), Czech (53%)</li>
|
837 |
-
<li><strong>(v.1)</strong> FIX: XMLRPC compatibility logic was preventing other non-XMLRPC related code from running.</li>
|
838 |
-
<li><strong>(v.1)</strong> UPDATED: Plugin Badge styling</li>
|
839 |
-
<li><strong>(v.1)</strong> UPDATED: Updated Czech(41%) and Spanish (60%) translations</li>
|
840 |
-
<li><strong>(v.0)</strong> ADDED: New feature that displays the last login time for all users on the users listing page (User Management feature must be enabled).</li>
|
841 |
-
<li><strong>(v.0)</strong> ADDED: <strong>Completely optional</strong> promotional Plugin Badge option - help us promote the plugin and reassure your site visitors at the same time. <a href="https://shsec.io/5x">Learn More</a></li>
|
842 |
-
<li><strong>(v.0)</strong> UPDATED: Updated Czech(38%) translations</li>
|
843 |
-
</ul>
|
844 |
-
<p>= 4.5 Series =
|
845 |
-
<em>Released: 6th March, 2015</em></p>
|
846 |
-
<ul>
|
847 |
-
<li><strong>(v.5)</strong> CHANGED: Updated Finnish (100%), Czech (16%) translations</li>
|
848 |
-
<li><strong>(v.5)</strong> CHANGED: Change logs now more clearly display changes between versions</li>
|
849 |
-
<li><strong>(v.5)</strong> FIX: Small translation coverage</li>
|
850 |
-
<li><strong>(v.4)</strong> ADDED: New and updated language translations including Polish (100%), Finnish</li>
|
851 |
-
<li><strong>(v.4)</strong> FIX: Better string translation coverage for menus etc.</li>
|
852 |
-
<li><strong>(v.3)</strong> ADDED: New and updated language translations including Polish, Czech and German</li>
|
853 |
-
<li><strong>(v.3)</strong> CHANGED: Only set the plugin cookie if necessary</li>
|
854 |
-
<li><strong>(v.2)</strong> CHANGED: Attempt to resolve DB errors related to transient options reported on WP Engine</li>
|
855 |
-
<li><strong>(v.1)</strong> ADDED: New feature- GASP Login Protection can now be applied to lost password form - enabled by default</li>
|
856 |
-
<li><strong>(v.0)</strong> ADDED: New feature- GASP Login Protection can now be applied to user registrations - enabled by default</li>
|
857 |
-
</ul>
|
858 |
-
<p>= 4.4 Series =
|
859 |
-
<em>Released: 21st February, 2015</em></p>
|
860 |
-
<ul>
|
861 |
-
<li><strong>(v.2)</strong> ADDED: Romanian Translation.</li>
|
862 |
-
<li><strong>(v.2)</strong> ADDED: A plugin minimum-requirements processing system.</li>
|
863 |
-
<li><strong>(v.2)</strong> IMPROVED: The WordPress admin-UI code is simpler and cleaner.</li>
|
864 |
-
<li><strong>(v.1)</strong> ADDED: <strong>Significant</strong> performance enhancement in plugin loading times (up to 50% reduction).</li>
|
865 |
-
<li><strong>(v.0)</strong> CHANGED: The 'Prevent Remote Login' option now tries to detect web hosting server compatibility before allowing it to be enabled.</li>
|
866 |
-
<li><strong>(v.0)</strong> CHANGED: More lax in finding the 'forceOff' file when users are trying to turn off the firewall.</li>
|
867 |
-
<li><strong>(v.0)</strong> CHANGED: Parsing the URL no longer outputs warnings that might interfere with response headers.</li>
|
868 |
-
</ul>
|
869 |
-
<p>= 4.3 Series =
|
870 |
-
<em>Released: 15th January, 2015</em></p>
|
871 |
-
<ul>
|
872 |
-
<li><strong>(v.6)</strong> FIXES: More thorough validation of whitelisted IP addresses</li>
|
873 |
-
<li><strong>(v.5)</strong> FIXES: Some hosting environments need absolute file paths for PHP include()/require()</li>
|
874 |
-
<li><strong>(v.5)</strong> CHANGED: Streamlined the detection of whitelisting and added in-plugin notification if <strong>you</strong> are whitelisted</li>
|
875 |
-
<li><strong>(v.4)</strong> FIXES: Work around for cases where PHP can't successfully run parse_url()</li>
|
876 |
-
<li><strong>(v.2)</strong> IMPROVED: Refactoring for better code organisation</li>
|
877 |
-
<li>ADDED: New Feature - <a href="https://shsec.io/5s">Rename WP Login Page</a>.</li>
|
878 |
-
<li>ADDED: UI indicators on whether plugins will be automatically updated in the plugins listing.</li>
|
879 |
-
<li>CHANGED: IP Address WhiteList is now global for the whole plugin, and can be accessed under the "Dashboard" area</li>
|
880 |
-
<li>IMPROVED: Firewall processing code is simplified and more efficient.</li>
|
881 |
-
</ul>
|
882 |
-
<p>= 4.2.1 =
|
883 |
-
<em>Released: 22th December, 2014</em></p>
|
884 |
-
<ul>
|
885 |
-
<li>FIXED: Changes to how feature specifications are read from disk to prevent .tmp file build up.</li>
|
886 |
-
</ul>
|
887 |
-
<p>= 4.2.0 =
|
888 |
-
<em>Released: 12th December, 2014</em></p>
|
889 |
-
<ul>
|
890 |
-
<li>ADDED: Audit Trail Auto Cleaning - default cleans out entries older than 30 days.</li>
|
891 |
-
<li>FIXED: Various small bug fixes and code cleaning.</li>
|
892 |
-
</ul>
|
893 |
-
<p>= 4.1.4 =
|
894 |
-
<em>Released: 24th November, 2014</em></p>
|
895 |
-
<ul>
|
896 |
-
<li>FIXED: Fixed small logic bug which prevented deactivation of the plugin on the UI.</li>
|
897 |
-
</ul>
|
898 |
-
<p>= 4.1.3 =
|
899 |
-
<em>Released: 19th November, 2014</em></p>
|
900 |
-
<ul>
|
901 |
-
<li>IMPROVED: User Sessions are simplified.</li>
|
902 |
-
<li>UPDATED: a few translation files based on the latest available contributions.</li>
|
903 |
-
</ul>
|
904 |
-
<p>= 4.1.2 =</p>
|
905 |
-
<ul>
|
906 |
-
<li>ADDED: Self-correcting database table validation - if the structure of a database table isn't what is expected, it'll be re-created.</li>
|
907 |
-
</ul>
|
908 |
-
<p>= 4.1.1 =</p>
|
909 |
-
<ul>
|
910 |
-
<li>WARNING: Due to new IPv6 support, all databases tables will be rebuilt - all active user sessions will be destroyed.</li>
|
911 |
-
<li>ADDED: Preliminary support for IPv6 addresses throughout. We don't support whitelist ranges but IPv6 addresses are handled much more reliably in general.</li>
|
912 |
-
<li>ADDED: New audit trail concept added called "immutable" that represents entries that will never be deleted - such entries would usually involve actions taken on the audit trail itself.</li>
|
913 |
-
<li>FIXED: Support for audit trail events with longer names.</li>
|
914 |
-
<li>IMPROVED: Comments Filtering - It now honours the WordPress settings for previously approved comment authors and never filters such comments.</li>
|
915 |
-
<li>REMOVED: Option to enable GASP Comments Filtering for logged-in users has been completely removed - this reduces plugin options complexity. All logged-in users by-pass <strong>all</strong> comments filtering.</li>
|
916 |
-
<li>FIXED: Prevention against plugin redirect loops under certain conditions.</li>
|
917 |
-
<li>FIXED: IP whitelisting wasn't working under certain cases.</li>
|
918 |
-
</ul>
|
919 |
-
<p>= 4.0.0 =</p>
|
920 |
-
<ul>
|
921 |
-
<li>ADDED: New Feature - Audit Trail</li>
|
922 |
-
<li>ADDED: Audit Trail options include: Plugins, Themes, Email, WordPress Core, Posts/Pages, Shield plugin</li>
|
923 |
-
<li>FIXED: Full and proper cleanup of plugin options, crons, and databases upon deactivation.</li>
|
924 |
-
<li>REMOVED: Firewall Log. This is no longer an option and is instead integrated into the "Shield" Audit Trail.</li>
|
925 |
-
</ul>
|
926 |
-
<p>= 3.5.5 =</p>
|
927 |
-
<ul>
|
928 |
-
<li>ADDED: Better admin notifications for events such as options saving etc.</li>
|
929 |
-
<li>CHANGE: Some plugin styling to highlight features and options better.</li>
|
930 |
-
<li>FIXED: Small bug with options default values.</li>
|
931 |
-
</ul>
|
932 |
-
<p>= 3.5.3 =</p>
|
933 |
-
<ul>
|
934 |
-
<li>ADDED: A warning message on the WordPress admin if the "forceOff" override is active.</li>
|
935 |
-
<li>CHANGED: The 'forceOff' system is now temporary - i.e. it doesn't save the configuration, and so once this file is removed, the plugin returns to the settings specified.</li>
|
936 |
-
<li>CHANGED: The 'forceOn' option is now removed.</li>
|
937 |
-
<li>FIXED: Problems with certain hosting environments reading in files with the ".yaml" extension - <a href="https://wordpress.org/support/topic/yaml-breaks-plugin">support ref</a></li>
|
938 |
-
<li>FIXED: Small issue where when the file system paths change, some variables don't update properly.</li>
|
939 |
-
</ul>
|
940 |
-
<p>= 3.5.0 =</p>
|
941 |
-
<ul>
|
942 |
-
<li>CHANGED: Plugin features are now configured <a href="https://github.com/mustangostang/spyc/">using YAML</a> - no more in-PHP configuration.</li>
|
943 |
-
<li>REMOVED: A few options from User Sessions Management as they were unnecessary.</li>
|
944 |
-
<li>CHANGED: Database storing tables now have consistent naming.</li>
|
945 |
-
<li>FIXED: Issue with User Sessions Management where '0' was specified for session length, resulting in lock out.</li>
|
946 |
-
<li>FIXED: Firewall log gathering.</li>
|
947 |
-
<li>FIXED: Various PHP warning notices.</li>
|
948 |
-
</ul>
|
949 |
-
<p>= 3.4.0 =</p>
|
950 |
-
<ul>
|
951 |
-
<li>ADDED: Option to limit number of simultaneous sessions per WordPress user login name (User Management section)</li>
|
952 |
-
</ul>
|
953 |
-
<p>= 3.3.0 =</p>
|
954 |
-
<ul>
|
955 |
-
<li>ADDED: Option to send notification when an administrator user logs in successfully (under User Management menu).</li>
|
956 |
-
<li>CHANGED: Refactoring for how GET and POST data is retrieved</li>
|
957 |
-
</ul>
|
958 |
-
<p>= 3.2.1 =</p>
|
959 |
-
<ul>
|
960 |
-
<li>FIXED: Custom Comment Filter message problem when using more than one substitution. <a href="http://wordpress.org/support/topic/warning-sprintf-too-few-arguments-in-hometnrastropublic_htmlwpwp-conten?replies=8#post-5927337">ref</a></li>
|
961 |
-
</ul>
|
962 |
-
<p>= 3.2.0 =</p>
|
963 |
-
<ul>
|
964 |
-
<li>ADDED: Options to allow by-pass XML-RPC so as to be compatible with WordPress iPhone/Android apps.</li>
|
965 |
-
<li>UPDATED: Login screen message when you're forced logged-out due to 2-factor auth failure on IP or cookie.</li>
|
966 |
-
<li>CHANGED: Tweaked method for setting admin access protection on/off</li>
|
967 |
-
<li>CHANGED: comment filtering code refactoring.</li>
|
968 |
-
<li>FIXED: Options that were "multiple selects" weren't saving correctly</li>
|
969 |
-
</ul>
|
970 |
-
<p>= 3.1.5 =</p>
|
971 |
-
<ul>
|
972 |
-
<li>FIX: Where some comments would fail GASP comment token checking.</li>
|
973 |
-
</ul>
|
974 |
-
<p>= 3.1.4 =</p>
|
975 |
-
<ul>
|
976 |
-
<li>FIX: Logout URL parameters are now generated correctly so that the correct messages are shown.</li>
|
977 |
-
<li>CHANGED: small optimizations and code refactoring.</li>
|
978 |
-
<li>UPDATED: a few translation files based on the latest available contributions.</li>
|
979 |
-
</ul>
|
980 |
-
<p>= 3.1.3 =</p>
|
981 |
-
<ul>
|
982 |
-
<li>FIX: issue with login cooldown timeouts not being updated where admin access restriction is in place.</li>
|
983 |
-
</ul>
|
984 |
-
<p>= 3.1.2 =</p>
|
985 |
-
<ul>
|
986 |
-
<li>FIX: auto-updates feature not loading</li>
|
987 |
-
<li>FIX: simplified implementation of login protection feature to reduce possibility for bugs/lock-outs</li>
|
988 |
-
<li>FIX: auto-forwarding for wp-login.php was preventing user logout</li>
|
989 |
-
</ul>
|
990 |
-
<p>= 3.1.0 =</p>
|
991 |
-
<ul>
|
992 |
-
<li>ADDED: option to check the logged-in user session only on WordPress admin pages (now the default setting)</li>
|
993 |
-
<li>ADDED: option to auto-forward to the WordPress dashboard when you go to wp-login.php and you're already logged in.</li>
|
994 |
-
<li>ADDED: message to login screen when no user session is found</li>
|
995 |
-
<li>CHANGED: does not verify session when performing AJAX request. (need to build appropriate AJAX response)</li>
|
996 |
-
<li>FIX: for wp_login action not passing second argument</li>
|
997 |
-
</ul>
|
998 |
-
<p>= 3.0.0 =</p>
|
999 |
-
<ul>
|
1000 |
-
<li>FEATURE: User Management. Phase 1 - create user sessions to track current and attempted logged in users.</li>
|
1001 |
-
<li>CHANGED: MASSIVE plugin refactoring for better performance and faster, more reliable future development of features</li>
|
1002 |
-
<li>ADDED: Obscurity Feature - ability to remove the WP Generator meta tag.</li>
|
1003 |
-
<li>ADDED: ability to change user login session length in days</li>
|
1004 |
-
<li>ADDED: ability to set session idle timeout in hours</li>
|
1005 |
-
<li>ADDED: ability to lock session to a particular IP address (2-factor auth by IP is separate)</li>
|
1006 |
-
<li>ADDED: ability to view active user sessions</li>
|
1007 |
-
<li>ADDED: ability to view last page visited for active sessions</li>
|
1008 |
-
<li>ADDED: ability to view last active time for active sessions</li>
|
1009 |
-
<li>ADDED: ability to view failed or attempted logins in the past 48hrs</li>
|
1010 |
-
<li>ADDED: Support for GASP login using WooCommerce</li>
|
1011 |
-
<li>CHANGED: Admin Access Restriction now has a separate options/feature page</li>
|
1012 |
-
<li>CHANGED: Admin styling to better see some selected options</li>
|
1013 |
-
<li>ADDED: Support for WP Wall shoutbox plugin (does no GASP comment checks)</li>
|
1014 |
-
<li>CHANGED: Removed support for upgrading from versions prior to 2.0</li>
|
1015 |
-
<li>CHANGED: Removed support for importing from Firewall 2 plugin - to import, manually install plugin v2.6.6, import settings, then upgrade.</li>
|
1016 |
-
</ul>
|
1017 |
-
<p>= 2.6.6 =</p>
|
1018 |
-
<ul>
|
1019 |
-
<li>FIX: Improved compatibility with bbPress.</li>
|
1020 |
-
</ul>
|
1021 |
-
<p>= 2.6.5 =</p>
|
1022 |
-
<ul>
|
1023 |
-
<li>FIX: Could not enable Admin Access Protection feature on new installs due to too aggressive testing on security.</li>
|
1024 |
-
</ul>
|
1025 |
-
<p>= 2.6.4 =</p>
|
1026 |
-
<ul>
|
1027 |
-
<li>ENHANCED: Dashboard now shows a more visual summary of settings and removes duplicate options settings with links to sections.</li>
|
1028 |
-
<li>ENHANCED: WordPress Lock Down options now also set the corresponding WordPress defines if they're not already.</li>
|
1029 |
-
</ul>
|
1030 |
-
<p>= 2.6.3 =</p>
|
1031 |
-
<ul>
|
1032 |
-
<li>ADDED: More in-line plugin links to help/blog resources</li>
|
1033 |
-
<li><p>ENHANCED: <a href="https://shsec.io/5b">Admin Access Protection</a> is further enhanced in 3 ways:</p>
|
1034 |
-
</li>
|
1035 |
-
<li><p>More robust cookie values using MD5s</p>
|
1036 |
-
</li>
|
1037 |
-
<li>Blocks plugin options updating right at the point of WordPress options update so nothing can rewrite the actual plugin options.</li>
|
1038 |
-
<li>Locks the current Admin Access session to your IP address - effectively only 1 Shield admin allowed at a time.</li>
|
1039 |
-
</ul>
|
1040 |
-
<p>= 2.6.2 =</p>
|
1041 |
-
<ul>
|
1042 |
-
<li>ENHANCED: Added option to completely reject a SPAM comment and redirect to the home page (so it doesn't fill up your database with rubbish)</li>
|
1043 |
-
<li>ADDED: Plugin now has an internal stats counter for spam and other significant plugin events.</li>
|
1044 |
-
</ul>
|
1045 |
-
<p>= 2.6.1 =</p>
|
1046 |
-
<ul>
|
1047 |
-
<li>ADDED: Plugin now installs with default SPAM blacklist.</li>
|
1048 |
-
<li>ADDED: Now automatically checks and updates the SPAM blacklist when it's older than 48hrs.</li>
|
1049 |
-
<li>ENHANCED: Comment messages indicate where the SPAM content was found when marking human-based spam messages.</li>
|
1050 |
-
</ul>
|
1051 |
-
<p>= 2.6.0 =</p>
|
1052 |
-
<p><strong>Major Features Release: Please review SPAM comments filtering options to determine where SPAM goes</strong></p>
|
1053 |
-
<ul>
|
1054 |
-
<li>FEATURE: Added Human SPAM comments filtering - replacement for Akismet that doesn't use or send any data to 3rd party services. Uses <a href="https://github.com/splorp/wordpress-comment-blacklist">Blacklist provided and maintained by Grant Hutchinson</a></li>
|
1055 |
-
<li>ENHANCED: Two-Factor Login now automatically logs in the user to the admin area without them having to re-login again.</li>
|
1056 |
-
<li>ENHANCED: Added ability to terminate all currently (two-factor) verified logins.</li>
|
1057 |
-
<li>ENHANCED: Spam filter/scanning adds an explanation to the SPAM content to show why a message was filtered.</li>
|
1058 |
-
<li>FIXES: For PHP warnings while in php strict mode.</li>
|
1059 |
-
<li>CLEAN: Much cleaning up of code.</li>
|
1060 |
-
</ul>
|
1061 |
-
<p>= 2.5.9 =</p>
|
1062 |
-
<ul>
|
1063 |
-
<li>FEATURE: Added option to try and exclude search engine bots from firewall checking option - OFF by default.</li>
|
1064 |
-
</ul>
|
1065 |
-
<p>= 2.5.8 =</p>
|
1066 |
-
<ul>
|
1067 |
-
<li>FEATURE: Added 'PHP Code' Firewall checking option.</li>
|
1068 |
-
</ul>
|
1069 |
-
<p>= 2.5.7 =</p>
|
1070 |
-
<ul>
|
1071 |
-
<li>IMPROVED: Handling and logic of two-factor authentication and user roles/levels</li>
|
1072 |
-
</ul>
|
1073 |
-
<p>= 2.5.6 =</p>
|
1074 |
-
<ul>
|
1075 |
-
<li>FEATURE: Added ability to specify the particular WordPress user roles that are subject to 2-factor authentication. (Default: Contributors, Authors, Editors and Administrators)</li>
|
1076 |
-
</ul>
|
1077 |
-
<p>= 2.5.5 =</p>
|
1078 |
-
<ul>
|
1079 |
-
<li>FEATURE: Added 'Lockdown' feature to force login to WordPress over SSL.</li>
|
1080 |
-
<li>FEATURE: Added 'Lockdown' feature to force WordPress Admin dashboard to be delivered over SSL.</li>
|
1081 |
-
<li>FIX: Admin restricted access feature wasn't disabled with the "forceOff" option.</li>
|
1082 |
-
</ul>
|
1083 |
-
<p>= 2.5.4 =</p>
|
1084 |
-
<ul>
|
1085 |
-
<li>FIX: How WordPress Automatic/Background Updates filters worked was changed with WordPress 3.8.2.</li>
|
1086 |
-
</ul>
|
1087 |
-
<p>= 2.5.3 =</p>
|
1088 |
-
<ul>
|
1089 |
-
<li>UPDATED: Translations. And confirmed compatibility with WordPress 3.9</li>
|
1090 |
-
</ul>
|
1091 |
-
<p>= 2.5.2 =</p>
|
1092 |
-
<ul>
|
1093 |
-
<li>FEATURE: Option to Prevent Remote Posting to the WordPress Login system. Will check that the login form was submitted from the same site.</li>
|
1094 |
-
</ul>
|
1095 |
-
<p>= 2.5.1 =</p>
|
1096 |
-
<ul>
|
1097 |
-
<li>UPDATED: Translations and added some partials (Catalan, Persian)</li>
|
1098 |
-
<li>FIX: for cleanup cron running on non-existent tables.</li>
|
1099 |
-
</ul>
|
1100 |
-
<p>= 2.5.0 =</p>
|
1101 |
-
<ul>
|
1102 |
-
<li>FEATURE: Two-Factor Authenticated Login using <a href="https://shsec.io/4i">Yubikey</a> One Time Passwords (OTP).</li>
|
1103 |
-
</ul>
|
1104 |
-
<p>= 2.4.3 =</p>
|
1105 |
-
<ul>
|
1106 |
-
<li>ADDED: Translations: Spanish, Italian, Turkish. (~15% complete)</li>
|
1107 |
-
<li>UPDATED: Hebrew Translations (100%)</li>
|
1108 |
-
</ul>
|
1109 |
-
<p>= 2.4.2 =</p>
|
1110 |
-
<ul>
|
1111 |
-
<li>ADDED: Contextual help links for many options. More to come...</li>
|
1112 |
-
<li>ADDED: More Portuguese (Brazil) translations (~80%)</li>
|
1113 |
-
</ul>
|
1114 |
-
<p>= 2.4.1 =</p>
|
1115 |
-
<ul>
|
1116 |
-
<li>ADDED: More strings to the translation set for better multilingual support</li>
|
1117 |
-
<li>ADDED: Portuguese (Brazil) translations (~40%)</li>
|
1118 |
-
<li>UPDATED: Hebrew Translations</li>
|
1119 |
-
<li>FIXED: Automatic cleaning of database logs wasn't actually working as expected. Should now be fixed.</li>
|
1120 |
-
</ul>
|
1121 |
-
<p>= 2.4.0 =</p>
|
1122 |
-
<ul>
|
1123 |
-
<li>NEW: Option to enable Two-Factor Authentication based on Cookie. In this way you can tie a user session to a single browser.</li>
|
1124 |
-
<li>FIX: Better WordPress Multisite (WPMS) Support.</li>
|
1125 |
-
</ul>
|
1126 |
-
<p>= 2.3.4 =</p>
|
1127 |
-
<ul>
|
1128 |
-
<li>FIX: Automatic updating of itself.</li>
|
1129 |
-
</ul>
|
1130 |
-
<p>= 2.3.3 =</p>
|
1131 |
-
<ul>
|
1132 |
-
<li>ADDED: Hebrew Translations. Thanks <a href="http://atar4u.com">Ahrale</a>!</li>
|
1133 |
-
<li>ADDED: Automatic trimming of the Firewall access log to 7 days - it just grows too large otherwise.</li>
|
1134 |
-
<li>FIX: The previously added automatic clean up of old comments and login protect database entries was wiping out the valid login protect<pre><code> entries <span class="hljs-keyword">and</span> was forcing users <span class="hljs-keyword">to</span> re-login <span class="hljs-keyword">every</span> <span class="hljs-number">24</span>hrs.
|
1135 |
-
</code></pre></li>
|
1136 |
-
<li>FIX: Some small bugs, errors, and PHPDoc Comments.</li>
|
1137 |
-
</ul>
|
1138 |
-
<p>= 2.3.2 =</p>
|
1139 |
-
<ul>
|
1140 |
-
<li>ADDED: Automatic cleaning of GASP Comments Filter and Login Protection database entries (older than 24hrs) using WordPress Cron (everyday @ 6am)</li>
|
1141 |
-
<li>CHANGED: Huge code refactoring to allow for more easily use with other WordPress plugins.</li>
|
1142 |
-
</ul>
|
1143 |
-
<p>= 2.2.5 =</p>
|
1144 |
-
<ul>
|
1145 |
-
<li>ADDED: Email sending options for automatic update notifications - options to change the notification email address, or turn it off completely.</li>
|
1146 |
-
</ul>
|
1147 |
-
<p>= 2.2.4 =</p>
|
1148 |
-
<ul>
|
1149 |
-
<li>FIX: Small bug fix.</li>
|
1150 |
-
<li>CHANGED: When running a force automatic updates process, tries to remove influence from other plugins and uses only this plugin's automatic updates settings.</li>
|
1151 |
-
<li>CHANGED: A bit of automatic updates code refactoring.</li>
|
1152 |
-
</ul>
|
1153 |
-
<p>= 2.2.2 =</p>
|
1154 |
-
<ul>
|
1155 |
-
<li>CHANGED: Changed all options to be disabled by default.</li>
|
1156 |
-
<li>CHANGED: The option for admin notices will turn off all main admin notices except after you update options.</li>
|
1157 |
-
</ul>
|
1158 |
-
<p>= 2.2.1 =</p>
|
1159 |
-
<ul>
|
1160 |
-
<li>ADDED: Verified compatibility with WordPress 3.8</li>
|
1161 |
-
</ul>
|
1162 |
-
<p>= 2.2.0 =</p>
|
1163 |
-
<ul>
|
1164 |
-
<li>CHANGED: Certain filesystem calls are more compatible with restrictive hosting environments.</li>
|
1165 |
-
<li>CHANGED: Plugin is now ready to integate with <a href="http://www.icontrolwp.com/2013/11/manage-wordpress-automatic-background-updates-icontrolwp/">iControlWP automatic background updates system</a>.</li>
|
1166 |
-
<li>FIX: Login Protection Cooldown feature may not operate properly in certain scenarios.</li>
|
1167 |
-
</ul>
|
1168 |
-
<p>= 2.1.5 =</p>
|
1169 |
-
<ul>
|
1170 |
-
<li>IMPROVED: Improved logic for Firewall whitelisting for pages and parameters to ensure whitelisting rules are followed.</li>
|
1171 |
-
<li>CHANGED: The whitelisting rule for posting pages/posts is only for the "content" and the firewall checking will apply to all other page parameters.</li>
|
1172 |
-
</ul>
|
1173 |
-
<p>= 2.1.4 =</p>
|
1174 |
-
<ul>
|
1175 |
-
<li>FIX: When you run the Force Automatic Background Updates, it disables the plugins. This problem is now fixed.</li>
|
1176 |
-
</ul>
|
1177 |
-
<p>= 2.1.2 =</p>
|
1178 |
-
<ul>
|
1179 |
-
<li>FIX: A bug that prevented auto-updates of this plugin.</li>
|
1180 |
-
<li>FIX: Not being able to hide translations and upgrade notices.</li>
|
1181 |
-
<li>ADDED: Tweaks to auto-update feature to allow interfacing with the iControlWP service to customize the auto update system.</li>
|
1182 |
-
</ul>
|
1183 |
-
<p>= 2.1.0 =</p>
|
1184 |
-
<ul>
|
1185 |
-
<li>ADDED: A button that lets you run the WordPress Automatic Updates process on-demand (so you don't have to wait for WordPress cron).</li>
|
1186 |
-
<li>CHANGED: The plugin now sets more options to be turned on by default when the plugin is first activated.</li>
|
1187 |
-
<li>CHANGED: A lot of optimizations and code refactoring.</li>
|
1188 |
-
</ul>
|
1189 |
-
<p>= 2.0.3 =</p>
|
1190 |
-
<ul>
|
1191 |
-
<li>FIX: Whoops, sorry, accidentally removed the option to toggle "disable file editing". It's back now.</li>
|
1192 |
-
</ul>
|
1193 |
-
<p>= 2.0.2 =</p>
|
1194 |
-
<ul>
|
1195 |
-
<li>CHANGED: WordPress filters used to programmatically update whitelists now update the Login Protection IP whitelist</li>
|
1196 |
-
</ul>
|
1197 |
-
<p>= 2.0.1 =</p>
|
1198 |
-
<ul>
|
1199 |
-
<li>ADDED: Localization capabilities. All we need now are translators! <a href="http://translate.icontrolwp.com/">Go here to get started</a>.</li>
|
1200 |
-
<li>ADDED: Option to mask the WordPress version so the real version is never publicly visible.</li>
|
1201 |
-
</ul>
|
1202 |
-
<p>= 1.9.2 =</p>
|
1203 |
-
<ul>
|
1204 |
-
<li>CHANGED: Simplified the automatic WordPress Plugin updates into 1 filter for consistency</li>
|
1205 |
-
</ul>
|
1206 |
-
<p>= 1.9.1 =</p>
|
1207 |
-
<ul>
|
1208 |
-
<li>ADDED: Increased admin access security features - blocks the deactivation of itself if you're not authenticated fully with the plugin.</li>
|
1209 |
-
<li>ADDED: If you're not authenticated with the plugin, the plugin listing view wont have 'Deactivate' or 'Edit' links.</li>
|
1210 |
-
</ul>
|
1211 |
-
<p>= 1.9.0 =</p>
|
1212 |
-
<ul>
|
1213 |
-
<li>ADDED: New WordPress Automatic Updates Configuration settings</li>
|
1214 |
-
</ul>
|
1215 |
-
<p>= 1.8.2 =</p>
|
1216 |
-
<ul>
|
1217 |
-
<li>ADDED: Notification of available plugin upgrade is now an option under the 'Dashboard'</li>
|
1218 |
-
<li>CHANGED: Certain admin and upgrade notices now only appear when you're authenticated with the plugin (if this is enabled)</li>
|
1219 |
-
<li>FIXED: PHP Notice with undefined index.</li>
|
1220 |
-
</ul>
|
1221 |
-
<p>= 1.8.1 =</p>
|
1222 |
-
<ul>
|
1223 |
-
<li>ADDED: Feature- Access Key Restriction <a href="https://shsec.io/2s">more info</a>.</li>
|
1224 |
-
<li>ADDED: Feature- WordPress Lockdown. Currently only provides 1 option, but more to come.</li>
|
1225 |
-
</ul>
|
1226 |
-
<p>= 1.7.3 =</p>
|
1227 |
-
<ul>
|
1228 |
-
<li>CHANGED: Reworked a lot of the plugin to optimize for further performance.</li>
|
1229 |
-
<li>FIX: Potential infinite loop in processing firewall.</li>
|
1230 |
-
</ul>
|
1231 |
-
<p>= 1.7.1 =</p>
|
1232 |
-
<ul>
|
1233 |
-
<li>ADDED: Much more efficiency yet again in the loading/saving of the plugin options.</li>
|
1234 |
-
</ul>
|
1235 |
-
<p>= 1.7.0 =</p>
|
1236 |
-
<ul>
|
1237 |
-
<li>ADDED: Preliminary WordPress Multisite (WPMS/WPMU) Support.</li>
|
1238 |
-
<li>CHANGED: The Firewall now kicks in on the 'plugins_loaded' hook instead of as the actual firewall plugin is initialized (as a result<pre><code> <span class="hljs-keyword">of</span> WP Multisite support).
|
1239 |
-
</code></pre></li>
|
1240 |
-
</ul>
|
1241 |
-
<p>= 1.6.2 =</p>
|
1242 |
-
<ul>
|
1243 |
-
<li>REMOVED: Automatic upgrade option until I can ascertain what caused the plugin to auto-disable.</li>
|
1244 |
-
</ul>
|
1245 |
-
<p>= 1.6.1 =</p>
|
1246 |
-
<ul>
|
1247 |
-
<li>ADDED: Options to fully customize the text displayed by the GASP comments section.</li>
|
1248 |
-
<li>ADDED: Option to include logged-in users in the GASP Comments Filter.</li>
|
1249 |
-
</ul>
|
1250 |
-
<p>= 1.6.0 =</p>
|
1251 |
-
<ul>
|
1252 |
-
<li>ADDED: A new section - 'Comments Filtering' that will form the basis for filtering comments with SPAM etc.</li>
|
1253 |
-
<li>ADDED: Option to add enhanced GASP based comments filtering to prevent SPAM bots posting comments to your site.</li>
|
1254 |
-
</ul>
|
1255 |
-
<p>= 1.5.6 =</p>
|
1256 |
-
<ul>
|
1257 |
-
<li>IMPROVED: Whitelist/Blacklist IP range processing to better cater for ranges when saving, with more thorough checking.</li>
|
1258 |
-
<li>IMPROVED: Whitelist/Blacklist IP range processing for 32-bit systems.</li>
|
1259 |
-
<li>FIXED: A bug with Whitelist/Blacklist IP checking.</li>
|
1260 |
-
</ul>
|
1261 |
-
<p>= 1.5.5 =</p>
|
1262 |
-
<ul>
|
1263 |
-
<li>FIXED: Quite a few bugs fixed.</li>
|
1264 |
-
</ul>
|
1265 |
-
<p>= 1.5.4 =</p>
|
1266 |
-
<ul>
|
1267 |
-
<li>FIXED: Typo error.</li>
|
1268 |
-
</ul>
|
1269 |
-
<p>= 1.5.3 =</p>
|
1270 |
-
<ul>
|
1271 |
-
<li>FIXED: Some of the firewall processors were saving unnecessary data.</li>
|
1272 |
-
</ul>
|
1273 |
-
<p>= 1.5.2 =</p>
|
1274 |
-
<ul>
|
1275 |
-
<li>CHANGED: The method for finding the client IP address is more thorough, in a bid to work with Proxy servers etc.</li>
|
1276 |
-
<li>FIXED: PHP notice reported here: <a href="http://wordpress.org/support/topic/getting-errors-when-logged-in">http://wordpress.org/support/topic/getting-errors-when-logged-in</a></li>
|
1277 |
-
</ul>
|
1278 |
-
<p>= 1.5.1 =</p>
|
1279 |
-
<ul>
|
1280 |
-
<li>FIXED: Bug fix where IP address didn't show in email.</li>
|
1281 |
-
<li>FIXED: Attempt to fix problem where update message never hides.</li>
|
1282 |
-
</ul>
|
1283 |
-
<p>= 1.5.0 =</p>
|
1284 |
-
<ul>
|
1285 |
-
<li>ADDED: A new IP whitelist on the Login Protect that lets you by-pass login protect rules for given IP addresses.</li>
|
1286 |
-
<li>REMOVED: Firewall rule for wp-login.php and whitelisted IPs.</li>
|
1287 |
-
</ul>
|
1288 |
-
<p>= 1.4.2 =</p>
|
1289 |
-
<ul>
|
1290 |
-
<li>ADDED: The plugin now has an option to automatically upgrade itself when an update is detected - enabled by default.</li>
|
1291 |
-
</ul>
|
1292 |
-
<p>= 1.4.1 =</p>
|
1293 |
-
<ul>
|
1294 |
-
<li>ADDED: The plugin will now displays an admin notice when a plugin upgrade is available with a link to immediately update.</li>
|
1295 |
-
<li>ADDED: Plugin collision: removes the main hook by 'All In One WordPress Security'. No need to have both plugins running.</li>
|
1296 |
-
<li>ADDED: Improved Login Cooldown Feature- works more like email throttling as it now uses an extra filesystem-based level of protection.</li>
|
1297 |
-
<li>FIXED: Login Cooldown Feature didn't take effect in certain circumstances.</li>
|
1298 |
-
</ul>
|
1299 |
-
<p>= 1.4.0 =</p>
|
1300 |
-
<ul>
|
1301 |
-
<li>ADDED: All-new plugin options handling making them more efficient, easier to manage/update, using far fewer WordPress database options.</li>
|
1302 |
-
<li>CHANGED: Huge improvements on database calls and efficiency in loading plugin options.</li>
|
1303 |
-
<li>FIXED: Nonce implementation.</li>
|
1304 |
-
</ul>
|
1305 |
-
<p>= 1.3.2 =</p>
|
1306 |
-
<ul>
|
1307 |
-
<li>FIXED: Small compatibility issue with Quick Cache menu not showing.</li>
|
1308 |
-
</ul>
|
1309 |
-
<p>= 1.3.0 =</p>
|
1310 |
-
<ul>
|
1311 |
-
<li>ADDED: Email Throttle Feature - this will prevent you getting bombarded by 1000s of emails in case you're hit by a bot.</li>
|
1312 |
-
<li>ADDED: Another Firewall die() option. New option will print a message and uses the wp_die() function instead.</li>
|
1313 |
-
<li>ADDED: Refactored and improved the logging system (upgrading will delete your current logs!).</li>
|
1314 |
-
<li>ADDED: Option to separately log Login Protect features.</li>
|
1315 |
-
<li>ADDED: Option to by-pass 2-factor authentication in the case sending the verification email fails<pre><code> <span class="hljs-comment">(so you don't get locked out if your hosting doesn't support email!)</span>.
|
1316 |
-
</code></pre></li>
|
1317 |
-
<li>CHANGED: Login Protect checking now better logs out users immediately with a redirect.</li>
|
1318 |
-
<li>CHANGED: We now escape the log data being printed - just in case there's any HTML/JS etc in there we don't want.</li>
|
1319 |
-
<li>CHANGED: Optimized and cleaned a lot of the option caching code to improve reliability and performance (more to come).</li>
|
1320 |
-
</ul>
|
1321 |
-
<p>= 1.2.7 =</p>
|
1322 |
-
<ul>
|
1323 |
-
<li>FIX: Bug where the GASP Login protection was only working when you had 2-factor authentication enabled.</li>
|
1324 |
-
</ul>
|
1325 |
-
<p>= 1.2.6 =</p>
|
1326 |
-
<ul>
|
1327 |
-
<li>ADDED: Ability to import settings from WordPress Firewall 2 plugin options - note, doesn't import page and variables whitelisting.</li>
|
1328 |
-
<li>FIX: A reported bug - parameter values could also be arrays.</li>
|
1329 |
-
</ul>
|
1330 |
-
<p>= 1.2.5 =</p>
|
1331 |
-
<ul>
|
1332 |
-
<li>ADDED: New Feature - Option to add a checkbox that blocks automated SPAM Bots trying to log into your site.</li>
|
1333 |
-
<li>ADDED: Added a clear user message when they verify their 2-factor authentication.</li>
|
1334 |
-
<li>FIX: A few bugfixes and logic corrections.</li>
|
1335 |
-
</ul>
|
1336 |
-
<p>= 1.2.4 =</p>
|
1337 |
-
<ul>
|
1338 |
-
<li>CHANGED: Documentation on the dashboard, and the message after installing the firewall have been updated to be clearer and more informative.</li>
|
1339 |
-
<li>FIX: A few bugfixes and logic corrections.</li>
|
1340 |
-
</ul>
|
1341 |
-
<p>= 1.2.3 =</p>
|
1342 |
-
<ul>
|
1343 |
-
<li>FIX: bugfix.</li>
|
1344 |
-
</ul>
|
1345 |
-
<p>= 1.2.2 =</p>
|
1346 |
-
<ul>
|
1347 |
-
<li>FIX: Some warnings and display bugs.</li>
|
1348 |
-
</ul>
|
1349 |
-
<p>= 1.2.1 =</p>
|
1350 |
-
<ul>
|
1351 |
-
<li>ADDED: New Feature - Login Wait Interval. To reduce the effectiveness of brute force login attacks, you can add an interval by<pre><code> which WordPress will <span class="hljs-built_in">wait</span> <span class="hljs-keyword">before</span> processing <span class="hljs-keyword">any</span> more login attempts <span class="hljs-keyword">on</span> <span class="hljs-title">a</span> <span class="hljs-title">site</span>.
|
1352 |
-
</code></pre></li>
|
1353 |
-
<li>CHANGED: Optimized some settings for performance.</li>
|
1354 |
-
<li>CHANGED: Cleaned up the UI when the Firewall / Login Protect features are disabled (more to come).</li>
|
1355 |
-
<li>CHANGED: Further code improvements (more to come).</li>
|
1356 |
-
</ul>
|
1357 |
-
<p>= 1.2.0 =</p>
|
1358 |
-
<ul>
|
1359 |
-
<li>ADDED: New Feature - <strong>Login Protect</strong>. Added 2-Factor Login Authentication for all users and their associated IP addresses.</li>
|
1360 |
-
<li>CHANGED: The method for processing the IP address lists is improved.</li>
|
1361 |
-
<li>CHANGED: Improved .htaccess rules (thanks MickeyRoush)</li>
|
1362 |
-
<li>CHANGED: Mailing method now uses WP_MAIL</li>
|
1363 |
-
<li>CHANGED: Lot's of code improvements.</li>
|
1364 |
-
</ul>
|
1365 |
-
<p>= 1.1.6 =</p>
|
1366 |
-
<ul>
|
1367 |
-
<li>ADDED: Option to include Cookies in the firewall checking.</li>
|
1368 |
-
</ul>
|
1369 |
-
<p>= 1.1.5 =</p>
|
1370 |
-
<ul>
|
1371 |
-
<li>ADDED: Ability to whitelist particular pages and their parameters (see FAQ)</li>
|
1372 |
-
<li>CHANGED: Quite a few improvements made to the reliability of the firewall processing.</li>
|
1373 |
-
</ul>
|
1374 |
-
<p>= 1.1.4 =</p>
|
1375 |
-
<ul>
|
1376 |
-
<li>FIX: Left test path in plugin.</li>
|
1377 |
-
</ul>
|
1378 |
-
<p>= 1.1.3 =</p>
|
1379 |
-
<ul>
|
1380 |
-
<li>ADDED: Option to completely ignore logged-in Administrators from the Firewall processing (they wont even trigger logging etc).</li>
|
1381 |
-
<li>ADDED: Ability to (un)blacklist and (un)whitelist IP addresses directly from within the log.</li>
|
1382 |
-
<li>ADDED: helpful link to IP WHOIS from within the log.</li>
|
1383 |
-
</ul>
|
1384 |
-
<p>= 1.1.2 =</p>
|
1385 |
-
<ul>
|
1386 |
-
<li>CHANGED: Logging now has its own dedicated database table.</li>
|
1387 |
-
</ul>
|
1388 |
-
<p>= 1.1.1 =</p>
|
1389 |
-
<ul>
|
1390 |
-
<li>Fix: Block notification emails weren't showing the user-friendly IP Address format.</li>
|
1391 |
-
</ul>
|
1392 |
-
<p>= 1.1.0 =</p>
|
1393 |
-
<ul>
|
1394 |
-
<li>You can now specify IP ranges in whitelists and blacklists. To do this separate the start and end address with a hyphen (-) E.g. For everything between 1.2.3.4 and 1.2.3.10, you would do: 1.2.3.4-1.2.3.10</li>
|
1395 |
-
<li>You can now specify which email address to send the notification emails.</li>
|
1396 |
-
<li>You can now add a comment to IP addresses in the whitelist/blacklist. To do this, write your IP address then type a SPACE and write whatever you want (don't take a new line).</li>
|
1397 |
-
<li>You can now set to delete ALL firewall settings when you deactivate the plugin.</li>
|
1398 |
-
<li>Improved formatting of the firewall log.</li>
|
1399 |
-
</ul>
|
1400 |
-
<p>= 1.0.2 =</p>
|
1401 |
-
<ul>
|
1402 |
-
<li>First Release</li>
|
1403 |
-
</ul>
|
1404 |
-
<p>== Upgrade Notice ==</p>
|
1405 |
-
<p>= 1.1.2 =</p>
|
1406 |
-
<ul>
|
1407 |
-
<li>CHANGED: Logging now has its own dedicated database table.</li>
|
1408 |
-
<li>Fix: Block notification emails weren't showing the user-friendly IP Address format.</li>
|
1409 |
-
<li>You can now specify IP ranges in whitelists and blacklists. To do this separate the start and end address with a hyphen (-) E.g. For everything between 1.2.3.4 and 1.2.3.10, you would do: 1.2.3.4-1.2.3.10</li>
|
1410 |
-
<li>You can now specify which email address to send the notification emails.</li>
|
1411 |
-
<li>You can now add a comment to IP addresses in the whitelist/blacklist. To do this, write your IP address then type a SPACE and write whatever you want (don't take a new line).</li>
|
1412 |
-
<li>You can now set to delete ALL firewall settings when you deactivate the plugin.</li>
|
1413 |
-
<li>Improved formatting of the firewall log.</li>
|
1414 |
-
</ul>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
icwp-wpsf.php
CHANGED
@@ -3,7 +3,7 @@
|
|
3 |
* Plugin Name: Shield Security
|
4 |
* Plugin URI: https://shsec.io/2f
|
5 |
* Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
|
6 |
-
* Version:
|
7 |
* Text Domain: wp-simple-firewall
|
8 |
* Domain Path: /languages
|
9 |
* Author: Shield Security
|
3 |
* Plugin Name: Shield Security
|
4 |
* Plugin URI: https://shsec.io/2f
|
5 |
* Description: Powerful, Easy-To-Use #1 Rated WordPress Security System
|
6 |
+
* Version: 9.0.0
|
7 |
* Text Domain: wp-simple-firewall
|
8 |
* Domain Path: /languages
|
9 |
* Author: Shield Security
|
init.php
CHANGED
@@ -10,9 +10,7 @@ if ( isset( $oICWP_Wpsf ) ) {
|
|
10 |
return;
|
11 |
}
|
12 |
|
13 |
-
|
14 |
-
|
15 |
-
class ICWP_WPSF_Shield_Security extends \FernleafSystems\Wordpress\Plugin\Shield\Deprecated\Foundation {
|
16 |
|
17 |
/**
|
18 |
* @var ICWP_WPSF_Shield_Security
|
10 |
return;
|
11 |
}
|
12 |
|
13 |
+
class ICWP_WPSF_Shield_Security {
|
|
|
|
|
14 |
|
15 |
/**
|
16 |
* @var ICWP_WPSF_Shield_Security
|
plugin-spec.php
CHANGED
@@ -1,8 +1,8 @@
|
|
1 |
{
|
2 |
"properties": {
|
3 |
-
"version": "
|
4 |
-
"release_timestamp":
|
5 |
-
"build": "
|
6 |
"slug_parent": "icwp",
|
7 |
"slug_plugin": "wpsf",
|
8 |
"human_name": "Shield",
|
@@ -12,6 +12,7 @@
|
|
12 |
"wpms_network_admin_only": true,
|
13 |
"logging_enabled": true,
|
14 |
"show_dashboard_widget": true,
|
|
|
15 |
"autoupdate": "confidence",
|
16 |
"autoupdate_days": 2,
|
17 |
"options_encoding": "json",
|
@@ -21,6 +22,16 @@
|
|
21 |
"php": "5.4.0",
|
22 |
"wordpress": "3.5.2"
|
23 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
24 |
"paths": {
|
25 |
"source": "src",
|
26 |
"autoload": "lib/vendor/autoload.php",
|
@@ -85,7 +96,7 @@
|
|
85 |
},
|
86 |
"meta": {
|
87 |
"url_repo_home": "https://shsec.io/eh",
|
88 |
-
"
|
89 |
"privacy_policy_href": "https://shsec.io/shieldprivacypolicy"
|
90 |
},
|
91 |
"plugin_meta": [
|
1 |
{
|
2 |
"properties": {
|
3 |
+
"version": "9.0.0",
|
4 |
+
"release_timestamp": 1588667204,
|
5 |
+
"build": "202005.0501",
|
6 |
"slug_parent": "icwp",
|
7 |
"slug_plugin": "wpsf",
|
8 |
"human_name": "Shield",
|
12 |
"wpms_network_admin_only": true,
|
13 |
"logging_enabled": true,
|
14 |
"show_dashboard_widget": true,
|
15 |
+
"show_admin_bar_menu": true,
|
16 |
"autoupdate": "confidence",
|
17 |
"autoupdate_days": 2,
|
18 |
"options_encoding": "json",
|
22 |
"php": "5.4.0",
|
23 |
"wordpress": "3.5.2"
|
24 |
},
|
25 |
+
"upgrade_reqs": {
|
26 |
+
"7.0": {
|
27 |
+
"php": "5.4",
|
28 |
+
"wp": "3.5.2"
|
29 |
+
},
|
30 |
+
"10.0": {
|
31 |
+
"php": "7.0",
|
32 |
+
"wp": "3.5.2"
|
33 |
+
}
|
34 |
+
},
|
35 |
"paths": {
|
36 |
"source": "src",
|
37 |
"autoload": "lib/vendor/autoload.php",
|
96 |
},
|
97 |
"meta": {
|
98 |
"url_repo_home": "https://shsec.io/eh",
|
99 |
+
"announcekit_changelog_id": "3ObUvS",
|
100 |
"privacy_policy_href": "https://shsec.io/shieldprivacypolicy"
|
101 |
},
|
102 |
"plugin_meta": [
|
readme.txt
CHANGED
@@ -8,7 +8,7 @@ Requires at least: 3.5.2
|
|
8 |
Requires PHP: 5.4.0
|
9 |
Recommended PHP: 7.0
|
10 |
Tested up to: 5.4
|
11 |
-
Stable tag:
|
12 |
|
13 |
Smarter security protection from hackers through automation. Powerful scanners, 2-Factor Auth, limit logins, auto IP blocks & more.
|
14 |
|
@@ -284,7 +284,7 @@ Whitelist. So if you have the same address in both lists, it'll be whitelisted a
|
|
284 |
= What changes go into each version? =
|
285 |
|
286 |
The changelog outlines the main changes for each release. We group changes by minor release "Series". Changes in smaller "point" releases are highlighted
|
287 |
-
using **(
|
288 |
|
289 |
= Can I assist with development? =
|
290 |
|
@@ -349,7 +349,7 @@ Use the following filter and return the HTML/Text you wish to display:
|
|
349 |
|
350 |
Use the following filter and return the role in the function:
|
351 |
|
352 |
-
`add_filter( '
|
353 |
|
354 |
Possible options are: network_admin, administrator, editor, author, contributor, subscriber
|
355 |
|
@@ -370,12 +370,25 @@ You will always be able to use Shield Security and its free features in-full.
|
|
370 |
|
371 |
[Go Pro for just $1/month](https://shsec.io/aa).
|
372 |
|
373 |
-
|
374 |
-
*Released:
|
375 |
-
|
376 |
-
|
377 |
-
|
378 |
-
* **(
|
379 |
-
* **(
|
380 |
-
|
381 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
8 |
Requires PHP: 5.4.0
|
9 |
Recommended PHP: 7.0
|
10 |
Tested up to: 5.4
|
11 |
+
Stable tag: 9.0.0
|
12 |
|
13 |
Smarter security protection from hackers through automation. Powerful scanners, 2-Factor Auth, limit logins, auto IP blocks & more.
|
14 |
|
284 |
= What changes go into each version? =
|
285 |
|
286 |
The changelog outlines the main changes for each release. We group changes by minor release "Series". Changes in smaller "point" releases are highlighted
|
287 |
+
using **(.1)** notation. So for example, version 4.4**.1** will have changelog items appended with **(.1)**
|
288 |
|
289 |
= Can I assist with development? =
|
290 |
|
349 |
|
350 |
Use the following filter and return the role in the function:
|
351 |
|
352 |
+
`add_filter( 'icwp-wpsf-login-notification-email-role', 'your_function_to_return_role' );`
|
353 |
|
354 |
Possible options are: network_admin, administrator, editor, author, contributor, subscriber
|
355 |
|
370 |
|
371 |
[Go Pro for just $1/month](https://shsec.io/aa).
|
372 |
|
373 |
+
#### 9.0 Series
|
374 |
+
*Released: 5th April 2020* - [Release Announcement](https://shsec.io/hq)
|
375 |
+
|
376 |
+
**Note**: The 9.0 Series is the last major version to support PHP 5.x. Shield 10+ will require a minimum of PHP 7.0.
|
377 |
+
|
378 |
+
* **(.0) NEW**: [*PRO*] [Critical File Locker](https://shsec.io/h4) to protect `wp-config.php` files.
|
379 |
+
* **(.0) NEW**: [*PRO*] [Selective Sync](https://shsec.io/hl) - Support for excluding individual options from import and export.
|
380 |
+
* **(.0) NEW**: [Support for hCaptcha](https://shsec.io/h5) in-place of Google reCAPTCHA.
|
381 |
+
* **(.0) NEW**: Reporting Module - streamline notifications and alerts and provide regular statistics updates.
|
382 |
+
* **(.0) NEW**: Integrated Help desk widget for searching documentation.
|
383 |
+
* **(.0) NEW**: Debug page to show summary and important information for debugging.
|
384 |
+
* **(.0) IMPROVED**: Hourly and Daily crons set to specific run times.
|
385 |
+
* **(.0) IMPROVED**: Automatic file repair for WordPress, plugins, and themes is much more reliable.
|
386 |
+
* **(.0) IMPROVED**: Major refactoring and improvements to Bot protection on login, register and lost password forms.
|
387 |
+
* **(.0) IMPROVED**: Simplification of many options and plugin configuration.
|
388 |
+
* **(.0) IMPROVED**: Where an IP address gets repeatedly blocked - consolidates Audit Trail entries over a 24hr period.
|
389 |
+
* **(.0) IMPROVED**: Tweaks and changes to UI.
|
390 |
+
* **(.0) FIXED**: Minor issues with the MFA page.
|
391 |
+
* **(.0) FIXED**: Older Twig Library compatibility with PHP 7.4.
|
392 |
+
* **(.0) REMOVED**: Several unused/useless options, including "Mask WordPress Version".
|
393 |
+
|
394 |
+
##### [Full Shield Security Changelog](https://shsec.io/shieldwporgfullchangelog)
|
resources/css/global-plugin.css
CHANGED
@@ -344,4 +344,11 @@ tr.icwp-plugin-vulnerability dd {
|
|
344 |
}
|
345 |
.icwp-wpsf-dialog h3 {
|
346 |
margin-top: 0;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
347 |
}
|
344 |
}
|
345 |
.icwp-wpsf-dialog h3 {
|
346 |
margin-top: 0;
|
347 |
+
}
|
348 |
+
#wpadminbar .shield-counter {
|
349 |
+
display: inline;
|
350 |
+
padding: 1px 7px 1px 6px!important;
|
351 |
+
border-radius: 50%;
|
352 |
+
margin-left: 6px;
|
353 |
+
/*background-color: rgb(0, 128, 0);*/
|
354 |
}
|
resources/css/plugin.css
CHANGED
@@ -46,7 +46,7 @@ body.rtl {
|
|
46 |
line-height: 10px;
|
47 |
letter-spacing: -0.5px;
|
48 |
}
|
49 |
-
|
50 |
background: rgba(0, 0, 0, 0.1);
|
51 |
position: fixed;
|
52 |
bottom: 0;
|
@@ -56,27 +56,24 @@ body.rtl {
|
|
56 |
z-index: 100;
|
57 |
text-align: center;
|
58 |
}
|
59 |
-
|
60 |
background-color: transparent; /*#d8d8d8;*/
|
61 |
}
|
62 |
-
|
|
|
63 |
margin-top: 10px;
|
64 |
}
|
65 |
-
|
66 |
-
margin-bottom: 50px;
|
67 |
-
}
|
68 |
-
#ColumnOptions form .form-group.row .form-check-null {
|
69 |
-
display: flex;
|
70 |
-
align-items: center;
|
71 |
-
}
|
72 |
-
#ColumnOptions .form-actions .btn {
|
73 |
box-shadow: -1px 2px 2px rgba(0, 0, 0, 0.3);
|
74 |
opacity: 0.85;
|
75 |
}
|
76 |
-
|
77 |
box-shadow: none;
|
78 |
opacity: 1;
|
79 |
}
|
|
|
|
|
|
|
80 |
/* Form elements */
|
81 |
.bootstrap-wpadmin form fieldset {
|
82 |
width: 80%;
|
@@ -336,6 +333,9 @@ label input[type=checkbox] {
|
|
336 |
.module-icon-login_protect:before {
|
337 |
content: "\f112";
|
338 |
}
|
|
|
|
|
|
|
339 |
.module-icon-comments_filter:before {
|
340 |
content: "\f117";
|
341 |
}
|
@@ -487,22 +487,6 @@ label.forcheckbox .summary {
|
|
487 |
line-height: 20px;
|
488 |
margin-left: 7px;
|
489 |
}
|
490 |
-
.icwp-switch {
|
491 |
-
position: relative;
|
492 |
-
display: inline-block;
|
493 |
-
width: 40px;
|
494 |
-
height: 20px;
|
495 |
-
vertical-align: -8px;
|
496 |
-
margin-right: 8px;
|
497 |
-
}
|
498 |
-
.icwp-switch .summary {
|
499 |
-
display: block;
|
500 |
-
}
|
501 |
-
/* Hide default HTML checkbox */
|
502 |
-
/*.icwp-switch input:disabled,*/
|
503 |
-
.icwp-switch input {
|
504 |
-
opacity: 0 !important;
|
505 |
-
}
|
506 |
/* The slider */
|
507 |
.icwp-slider {
|
508 |
position: absolute;
|
@@ -748,7 +732,7 @@ td.column-message textarea {
|
|
748 |
}
|
749 |
.table-side-filter {
|
750 |
position: sticky;
|
751 |
-
top:
|
752 |
}
|
753 |
#SectionNotices tr.title_row th {
|
754 |
padding: 0.25rem 1.0rem;
|
@@ -1061,11 +1045,6 @@ input[type=checkbox].form-check-input {
|
|
1061 |
margin-left: -20px;
|
1062 |
margin-right: 5px;
|
1063 |
}
|
1064 |
-
.icwp-switch input[type=checkbox].form-check-input {
|
1065 |
-
z-index: 10;
|
1066 |
-
margin: 0;
|
1067 |
-
border-width: 10px 20px;
|
1068 |
-
}
|
1069 |
/** copied from bootstrap to override WP admin styles */
|
1070 |
.content-options {
|
1071 |
font-size: 14px;
|
@@ -1116,16 +1095,8 @@ input[type=checkbox].form-check-input {
|
|
1116 |
padding: 15px 0 25px;
|
1117 |
border-bottom: 1px dashed rgba(0, 0, 0, 0.08);
|
1118 |
}
|
1119 |
-
.content-options .option-section-summary,
|
1120 |
.content-options .option-description {
|
1121 |
-
|
1122 |
-
border: 1px solid rgba(0, 0, 0, 0.06);
|
1123 |
-
padding: 5px 9px;
|
1124 |
-
background-color: rgba(255, 255, 255, 0.4);
|
1125 |
-
}
|
1126 |
-
.content-options .option-section-summary {
|
1127 |
-
margin-bottom: 12px;
|
1128 |
-
padding-top: 8px;
|
1129 |
}
|
1130 |
.content-options .option_label_name {
|
1131 |
position: relative;
|
@@ -1172,6 +1143,11 @@ table.odp-table tr.audit-cat-3 td {
|
|
1172 |
background-color: #008000;
|
1173 |
border-color: #008000;
|
1174 |
}
|
|
|
|
|
|
|
|
|
|
|
1175 |
.btn-primary:hover {
|
1176 |
color: #008000;
|
1177 |
background-color: #ffffff;
|
@@ -1209,6 +1185,10 @@ a:focus .gravatar, a:focus, a:focus .media-icon img {
|
|
1209 |
background-color: #008000;
|
1210 |
border-color: #008000 !important;
|
1211 |
}
|
|
|
|
|
|
|
|
|
1212 |
#SessionsFilter .btn-info {
|
1213 |
color: #ffffff;
|
1214 |
background-color: #008000;
|
@@ -1266,15 +1246,43 @@ a.new-window-link::after {
|
|
1266 |
#footer-thankyou {
|
1267 |
display: none;
|
1268 |
}
|
|
|
|
|
|
|
1269 |
a.section_title_info .dashicons {
|
1270 |
color: rgba(0, 128, 0, 1);
|
1271 |
}
|
1272 |
-
dl.pro-features dt{
|
1273 |
-
margin-left:2px;
|
1274 |
}
|
1275 |
dl.pro-features dt:before {
|
1276 |
content: "\1f44d";
|
1277 |
}
|
1278 |
dl.pro-features dd {
|
1279 |
margin-bottom: 10px;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1280 |
}
|
46 |
line-height: 10px;
|
47 |
letter-spacing: -0.5px;
|
48 |
}
|
49 |
+
.footer-form-actions {
|
50 |
background: rgba(0, 0, 0, 0.1);
|
51 |
position: fixed;
|
52 |
bottom: 0;
|
56 |
z-index: 100;
|
57 |
text-align: center;
|
58 |
}
|
59 |
+
.footer-form-actions .row > div {
|
60 |
background-color: transparent; /*#d8d8d8;*/
|
61 |
}
|
62 |
+
.footer-form-actions .btn {
|
63 |
+
display: inline-block;
|
64 |
margin-top: 10px;
|
65 |
}
|
66 |
+
.footer-form-actions .btn {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
67 |
box-shadow: -1px 2px 2px rgba(0, 0, 0, 0.3);
|
68 |
opacity: 0.85;
|
69 |
}
|
70 |
+
.footer-form-actions .btn:hover {
|
71 |
box-shadow: none;
|
72 |
opacity: 1;
|
73 |
}
|
74 |
+
#ColumnOptions form {
|
75 |
+
margin-bottom: 50px;
|
76 |
+
}
|
77 |
/* Form elements */
|
78 |
.bootstrap-wpadmin form fieldset {
|
79 |
width: 80%;
|
333 |
.module-icon-login_protect:before {
|
334 |
content: "\f112";
|
335 |
}
|
336 |
+
.module-icon-reporting:before {
|
337 |
+
content: "\f488";
|
338 |
+
}
|
339 |
.module-icon-comments_filter:before {
|
340 |
content: "\f117";
|
341 |
}
|
487 |
line-height: 20px;
|
488 |
margin-left: 7px;
|
489 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
490 |
/* The slider */
|
491 |
.icwp-slider {
|
492 |
position: absolute;
|
732 |
}
|
733 |
.table-side-filter {
|
734 |
position: sticky;
|
735 |
+
top: 126px;
|
736 |
}
|
737 |
#SectionNotices tr.title_row th {
|
738 |
padding: 0.25rem 1.0rem;
|
1045 |
margin-left: -20px;
|
1046 |
margin-right: 5px;
|
1047 |
}
|
|
|
|
|
|
|
|
|
|
|
1048 |
/** copied from bootstrap to override WP admin styles */
|
1049 |
.content-options {
|
1050 |
font-size: 14px;
|
1095 |
padding: 15px 0 25px;
|
1096 |
border-bottom: 1px dashed rgba(0, 0, 0, 0.08);
|
1097 |
}
|
|
|
1098 |
.content-options .option-description {
|
1099 |
+
border-left: 1px solid rgba(0, 0, 0, 0.1);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1100 |
}
|
1101 |
.content-options .option_label_name {
|
1102 |
position: relative;
|
1143 |
background-color: #008000;
|
1144 |
border-color: #008000;
|
1145 |
}
|
1146 |
+
.btn.btn-primary:not(:disabled):not(.disabled):active,
|
1147 |
+
.btn.btn-primary:not(:disabled):not(.disabled):focus,
|
1148 |
+
.btn.btn-primary:not(:disabled):not(.disabled):focus-within,
|
1149 |
+
.btn-primary:focus-within,
|
1150 |
+
.btn-primary:focus,
|
1151 |
.btn-primary:hover {
|
1152 |
color: #008000;
|
1153 |
background-color: #ffffff;
|
1185 |
background-color: #008000;
|
1186 |
border-color: #008000 !important;
|
1187 |
}
|
1188 |
+
#ScanPageTabsNav > li a:hover {
|
1189 |
+
opacity: 1.0;
|
1190 |
+
color: #ffffff;
|
1191 |
+
}
|
1192 |
#SessionsFilter .btn-info {
|
1193 |
color: #ffffff;
|
1194 |
background-color: #008000;
|
1246 |
#footer-thankyou {
|
1247 |
display: none;
|
1248 |
}
|
1249 |
+
a.section_title_info {
|
1250 |
+
cursor: pointer;
|
1251 |
+
}
|
1252 |
a.section_title_info .dashicons {
|
1253 |
color: rgba(0, 128, 0, 1);
|
1254 |
}
|
1255 |
+
dl.pro-features dt {
|
1256 |
+
margin-left: 2px;
|
1257 |
}
|
1258 |
dl.pro-features dt:before {
|
1259 |
content: "\1f44d";
|
1260 |
}
|
1261 |
dl.pro-features dd {
|
1262 |
margin-bottom: 10px;
|
1263 |
+
}
|
1264 |
+
.custom-control.custom-radio .custom-control-input:checked ~ .custom-control-label::before,
|
1265 |
+
.custom-control.custom-checkbox .custom-control-input:checked ~ .custom-control-label::before,
|
1266 |
+
.option-checkbox.custom-switch .custom-control-input:checked ~ .custom-control-label::before {
|
1267 |
+
background-color: rgba(69, 119, 0, 1);
|
1268 |
+
border-color: rgba(69, 119, 0, 1);
|
1269 |
+
}
|
1270 |
+
.option-checkbox.custom-switch .custom-control-input:disabled:checked ~ .custom-control-label::before {
|
1271 |
+
background-color: rgba(69, 119, 0, 0.3);
|
1272 |
+
border-color: rgba(69, 119, 0, 0.3);
|
1273 |
+
}
|
1274 |
+
.importexport-checkbox.custom-switch .custom-control-input:checked ~ .custom-control-label::before {
|
1275 |
+
background-color: rgba(119, 107, 12, 1);
|
1276 |
+
border-color: rgba(119, 107, 12, 1);
|
1277 |
+
}
|
1278 |
+
.importexport-checkbox.custom-switch .custom-control-input:disabled:checked ~ .custom-control-label::before {
|
1279 |
+
background-color: rgba(119, 107, 12, 0.3);
|
1280 |
+
border-color: rgba(119, 107, 12, 0.3);
|
1281 |
+
}
|
1282 |
+
|
1283 |
+
#FileLockerDiffContents {
|
1284 |
+
margin-bottom: 20px;
|
1285 |
+
}
|
1286 |
+
#FileLockerDiffContents .card-body {
|
1287 |
+
padding: 1.25rem;
|
1288 |
}
|
resources/js/plugin.js
CHANGED
@@ -1,9 +1,6 @@
|
|
1 |
var iCWP_WPSF_OptionsPages = new function () {
|
2 |
|
3 |
var showWaiting = function ( event ) {
|
4 |
-
/* var $oLink = jQuery( this ); for the inner collapses
|
5 |
-
jQuery( '#' + $oLink.data( 'targetcollapse' ) ).collapse( 'show' ); */
|
6 |
-
|
7 |
iCWP_WPSF_BodyOverlay.show();
|
8 |
};
|
9 |
|
@@ -35,13 +32,18 @@ var iCWP_WPSF_OptionsPages = new function () {
|
|
35 |
jQuery( function () {
|
36 |
jQuery( 'a.section_title_info' ).popover( {
|
37 |
placement: 'bottom',
|
38 |
-
trigger: '
|
39 |
-
delay:
|
40 |
html: true
|
41 |
-
} )
|
42 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
43 |
};
|
44 |
-
|
45 |
}();
|
46 |
|
47 |
let iCWP_WPSF_OptsPageRender = new function () {
|
@@ -390,4 +392,21 @@ jQuery.fn.icwpWpsfAjaxTable = function ( aOptions ) {
|
|
390 |
initialise();
|
391 |
|
392 |
return this;
|
393 |
-
};
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
var iCWP_WPSF_OptionsPages = new function () {
|
2 |
|
3 |
var showWaiting = function ( event ) {
|
|
|
|
|
|
|
4 |
iCWP_WPSF_BodyOverlay.show();
|
5 |
};
|
6 |
|
32 |
jQuery( function () {
|
33 |
jQuery( 'a.section_title_info' ).popover( {
|
34 |
placement: 'bottom',
|
35 |
+
trigger: 'click',
|
36 |
+
delay: 50,
|
37 |
html: true
|
38 |
+
} );
|
39 |
+
jQuery( '[data-toggle="tooltip"]' ).tooltip( {
|
40 |
+
placement: 'left',
|
41 |
+
trigger: 'hover focus',
|
42 |
+
delay: 150,
|
43 |
+
html: false
|
44 |
+
} );
|
45 |
+
} );
|
46 |
};
|
|
|
47 |
}();
|
48 |
|
49 |
let iCWP_WPSF_OptsPageRender = new function () {
|
392 |
initialise();
|
393 |
|
394 |
return this;
|
395 |
+
};
|
396 |
+
|
397 |
+
if ( typeof icwp_wpsf_vars_plugin !== 'undefined' ) {
|
398 |
+
|
399 |
+
jQuery( document ).ready( function () {
|
400 |
+
jQuery( document ).on( "click", "a.shield_file_download", function ( evt ) {
|
401 |
+
evt.preventDefault();
|
402 |
+
/** Cache busting **/
|
403 |
+
let url = jQuery( this ).attr( 'href' ) + '&rand='
|
404 |
+
+ Math.floor( 10000 * Math.random() );
|
405 |
+
jQuery.fileDownload( url, {
|
406 |
+
preparingMessageHtml: icwp_wpsf_vars_plugin.strings.downloading_file,
|
407 |
+
failMessageHtml: icwp_wpsf_vars_plugin.strings.problem_downloading_file
|
408 |
+
} );
|
409 |
+
return false;
|
410 |
+
} );
|
411 |
+
} );
|
412 |
+
}
|
resources/js/shield-antibot.js
CHANGED
@@ -6,7 +6,7 @@ if ( typeof icwp_wpsf_vars_lpantibot !== 'undefined' ) {
|
|
6 |
jQuery( icwp_wpsf_vars_lpantibot.form_selectors ).each(
|
7 |
function ( _ ) {
|
8 |
if ( this !== null ) {
|
9 |
-
if ( icwp_wpsf_vars_lpantibot.flags.
|
10 |
insertPlaceHolder_Recap( this );
|
11 |
}
|
12 |
if ( icwp_wpsf_vars_lpantibot.flags.gasp ) {
|
@@ -16,6 +16,21 @@ if ( typeof icwp_wpsf_vars_lpantibot !== 'undefined' ) {
|
|
16 |
}
|
17 |
);
|
18 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
19 |
} );
|
20 |
};
|
21 |
|
@@ -25,19 +40,34 @@ if ( typeof icwp_wpsf_vars_lpantibot !== 'undefined' ) {
|
|
25 |
jQuery( recap_div ).insertBefore( jQuery( ':submit', form ) );
|
26 |
};
|
27 |
|
28 |
-
|
29 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
30 |
var insertPlaceHolder_Gasp = function ( form ) {
|
31 |
-
|
32 |
-
|
33 |
-
|
34 |
-
|
35 |
-
|
|
|
|
|
36 |
|
|
|
37 |
var shishoney = document.createElement( "input" );
|
38 |
shishoney.type = "hidden";
|
39 |
shishoney.name = "icwp_wpsf_login_email";
|
40 |
|
|
|
41 |
shiep.appendChild( shishoney );
|
42 |
|
43 |
var shieThe_lab = document.createElement( "label" );
|
@@ -50,15 +80,22 @@ if ( typeof icwp_wpsf_vars_lpantibot !== 'undefined' ) {
|
|
50 |
shieThe_lab.appendChild( shieThe_cb );
|
51 |
shieThe_lab.appendChild( shieThe_txt );
|
52 |
|
53 |
-
|
|
|
|
|
|
|
|
|
54 |
|
55 |
-
|
56 |
-
|
57 |
-
|
58 |
-
|
59 |
-
|
60 |
-
|
61 |
-
|
|
|
|
|
|
|
62 |
};
|
63 |
}();
|
64 |
iCWP_WPSF_LoginGuard_Gasp.initialise();
|
6 |
jQuery( icwp_wpsf_vars_lpantibot.form_selectors ).each(
|
7 |
function ( _ ) {
|
8 |
if ( this !== null ) {
|
9 |
+
if ( icwp_wpsf_vars_lpantibot.flags.captcha ) {
|
10 |
insertPlaceHolder_Recap( this );
|
11 |
}
|
12 |
if ( icwp_wpsf_vars_lpantibot.flags.gasp ) {
|
16 |
}
|
17 |
);
|
18 |
|
19 |
+
jQuery( 'form' ).each(
|
20 |
+
function ( _ ) {
|
21 |
+
if ( this !== null ) {
|
22 |
+
cleanDuplicates( this );
|
23 |
+
}
|
24 |
+
}
|
25 |
+
);
|
26 |
+
|
27 |
+
jQuery( 'p.shield_gasp_placeholder' ).each(
|
28 |
+
function ( _ ) {
|
29 |
+
if ( this !== null ) {
|
30 |
+
processPlaceHolder_Gasp( this );
|
31 |
+
}
|
32 |
+
}
|
33 |
+
);
|
34 |
} );
|
35 |
};
|
36 |
|
40 |
jQuery( recap_div ).insertBefore( jQuery( ':submit', form ) );
|
41 |
};
|
42 |
|
43 |
+
var cleanDuplicates = function ( form ) {
|
44 |
+
let $oPlaceholders = jQuery( 'p.shield_gasp_placeholder', form );
|
45 |
+
if ( $oPlaceholders.length > 1 ) {
|
46 |
+
$oPlaceholders.each(
|
47 |
+
function ( nkey ) {
|
48 |
+
if ( nkey > 0 && this !== null ) {
|
49 |
+
jQuery( this ).remove();
|
50 |
+
}
|
51 |
+
}
|
52 |
+
);
|
53 |
+
}
|
54 |
+
};
|
55 |
+
|
56 |
var insertPlaceHolder_Gasp = function ( form ) {
|
57 |
+
if ( jQuery( 'p.shield_gasp_placeholder', form ).length === 0 ) {
|
58 |
+
let the_p = document.createElement( "p" );
|
59 |
+
the_p.classList.add( 'shield_gasp_placeholder' );
|
60 |
+
the_p.innerHTML = icwp_wpsf_vars_lpantibot.strings.loading + '…';
|
61 |
+
jQuery( the_p ).insertBefore( jQuery( ':submit', form ) );
|
62 |
+
}
|
63 |
+
};
|
64 |
|
65 |
+
var processPlaceHolder_Gasp = function ( shiep ) {
|
66 |
var shishoney = document.createElement( "input" );
|
67 |
shishoney.type = "hidden";
|
68 |
shishoney.name = "icwp_wpsf_login_email";
|
69 |
|
70 |
+
shiep.innerHTML = '';
|
71 |
shiep.appendChild( shishoney );
|
72 |
|
73 |
var shieThe_lab = document.createElement( "label" );
|
80 |
shieThe_lab.appendChild( shieThe_cb );
|
81 |
shieThe_lab.appendChild( shieThe_txt );
|
82 |
|
83 |
+
let $oPH = jQuery( shiep );
|
84 |
+
if ( [ 'p', 'P' ].includes( $oPH.parent()[ 0 ].nodeName ) ) {
|
85 |
+
/** try to prevent nested paragraphs */
|
86 |
+
jQuery( shiep ).insertBefore( $oPH.parent() )
|
87 |
+
}
|
88 |
|
89 |
+
let $oParentForm = $oPH.closest( 'form' );
|
90 |
+
if ( $oParentForm.length > 0 ) {
|
91 |
+
$oParentForm[ 0 ].onsubmit = function () {
|
92 |
+
if ( shieThe_cb.checked !== true ) {
|
93 |
+
alert( icwp_wpsf_vars_lpantibot.strings.alert );
|
94 |
+
return false;
|
95 |
+
}
|
96 |
+
return true;
|
97 |
+
};
|
98 |
+
}
|
99 |
};
|
100 |
}();
|
101 |
iCWP_WPSF_LoginGuard_Gasp.initialise();
|
src/config/feature-audit_trail.php
CHANGED
@@ -91,7 +91,7 @@
|
|
91 |
"default": 1000,
|
92 |
"min": 0,
|
93 |
"type": "integer",
|
94 |
-
"link_info": "",
|
95 |
"link_blog": "",
|
96 |
"name": "Max Trail Length",
|
97 |
"summary": "Maximum Audit Trail Length To Keep",
|
@@ -235,7 +235,7 @@
|
|
235 |
"db_classes": {
|
236 |
"audit": "\\FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\AuditTrail\\Handler"
|
237 |
},
|
238 |
-
"
|
239 |
"audit_trail_table_name": "audit_trail",
|
240 |
"audit_trail_table_columns": [
|
241 |
"id",
|
91 |
"default": 1000,
|
92 |
"min": 0,
|
93 |
"type": "integer",
|
94 |
+
"link_info": "https://shsec.io/hc",
|
95 |
"link_blog": "",
|
96 |
"name": "Max Trail Length",
|
97 |
"summary": "Maximum Audit Trail Length To Keep",
|
235 |
"db_classes": {
|
236 |
"audit": "\\FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\AuditTrail\\Handler"
|
237 |
},
|
238 |
+
"audit_trail_free_max_entries": 100,
|
239 |
"audit_trail_table_name": "audit_trail",
|
240 |
"audit_trail_table_columns": [
|
241 |
"id",
|
src/config/feature-autoupdates.php
CHANGED
@@ -54,7 +54,7 @@
|
|
54 |
"default": "Y",
|
55 |
"type": "checkbox",
|
56 |
"link_info": "https://shsec.io/3w",
|
57 |
-
"link_blog": "",
|
58 |
"name": "Enable Automatic Updates",
|
59 |
"summary": "Enable (or Disable) The Automatic Updates module",
|
60 |
"description": "Un-Checking this option will completely disable the Automatic Updates module"
|
@@ -106,18 +106,6 @@
|
|
106 |
"summary": "Automatically Update Plugins",
|
107 |
"description": "Note: Automatic updates for plugins are disabled on WordPress by default."
|
108 |
},
|
109 |
-
{
|
110 |
-
"key": "enable_individual_autoupdate_plugins",
|
111 |
-
"section": "section_non_ui",
|
112 |
-
"default": "N",
|
113 |
-
"type": "checkbox",
|
114 |
-
"premium": true,
|
115 |
-
"link_info": "",
|
116 |
-
"link_blog": "",
|
117 |
-
"name": "Individually Select Plugins",
|
118 |
-
"summary": "Select Individual Plugins To Automatically Update",
|
119 |
-
"description": "Turning this on will provide an option on the plugins page to select whether a plugin is automatically updated."
|
120 |
-
},
|
121 |
{
|
122 |
"key": "enable_autoupdate_themes",
|
123 |
"section": "section_automatic_updates_for_wordpress_components",
|
54 |
"default": "Y",
|
55 |
"type": "checkbox",
|
56 |
"link_info": "https://shsec.io/3w",
|
57 |
+
"link_blog": "https://shsec.io/hj",
|
58 |
"name": "Enable Automatic Updates",
|
59 |
"summary": "Enable (or Disable) The Automatic Updates module",
|
60 |
"description": "Un-Checking this option will completely disable the Automatic Updates module"
|
106 |
"summary": "Automatically Update Plugins",
|
107 |
"description": "Note: Automatic updates for plugins are disabled on WordPress by default."
|
108 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
109 |
{
|
110 |
"key": "enable_autoupdate_themes",
|
111 |
"section": "section_automatic_updates_for_wordpress_components",
|
src/config/feature-comments_filter.php
CHANGED
@@ -36,16 +36,6 @@
|
|
36 |
"Recommendation - Use of this feature is highly recommend."
|
37 |
]
|
38 |
},
|
39 |
-
{
|
40 |
-
"slug": "section_recaptcha",
|
41 |
-
"title": "Google reCAPTCHA",
|
42 |
-
"title_short": "reCAPTCHA",
|
43 |
-
"summary": [
|
44 |
-
"Purpose - Adds Google reCAPTCHA to the Comment Forms.",
|
45 |
-
"Recommendation - Keep this turned on.",
|
46 |
-
"Note - You will need to register for Google reCAPTCHA keys and store them in the Shield 'Dashboard' settings."
|
47 |
-
]
|
48 |
-
},
|
49 |
{
|
50 |
"slug": "section_human_spam_filter",
|
51 |
"title": "Human Comment SPAM Protection Filter",
|
@@ -129,6 +119,39 @@
|
|
129 |
"summary": "Don't Scan Comments For Users With The Following Roles",
|
130 |
"description": "Shield doesn't normally scan comments from logged-in or registered users. Specify user roles here that shouldn't be scanned."
|
131 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
132 |
{
|
133 |
"key": "enable_comments_gasp_protection",
|
134 |
"section": "section_bot_comment_spam_protection_filter",
|
@@ -140,18 +163,6 @@
|
|
140 |
"summary": "Block Bot Comment SPAM",
|
141 |
"description": "Taking the lead from the original GASP plugin for WordPress, we have extended it to include advanced spam-bot protection."
|
142 |
},
|
143 |
-
{
|
144 |
-
"key": "comments_cooldown_interval",
|
145 |
-
"section": "section_bot_comment_spam_protection_filter",
|
146 |
-
"default": 10,
|
147 |
-
"min": 0,
|
148 |
-
"type": "integer",
|
149 |
-
"link_info": "https://shsec.io/3o",
|
150 |
-
"link_blog": "",
|
151 |
-
"name": "Comments Cooldown",
|
152 |
-
"summary": "Limit posting comments to X seconds after the page has loaded",
|
153 |
-
"description": "By forcing a comments cooldown period, you restrict a Spambot's ability to post multiple times to your posts."
|
154 |
-
},
|
155 |
{
|
156 |
"key": "comments_default_action_spam_bot",
|
157 |
"section": "section_bot_comment_spam_protection_filter",
|
@@ -177,7 +188,7 @@
|
|
177 |
],
|
178 |
"link_info": "https://shsec.io/6j",
|
179 |
"link_blog": "",
|
180 |
-
"name": "
|
181 |
"summary": "How To Categorise Comments When Identified To Be SPAM",
|
182 |
"description": "When a comment is detected as being SPAM from an automatic bot, the comment will be categorised based on this setting."
|
183 |
},
|
@@ -192,50 +203,6 @@
|
|
192 |
"summary": "Enable (or Disable) The Human SPAM Filter module",
|
193 |
"description": "Scans the content of WordPress comments for keywords that are indicative of SPAM and marks the comment according to your preferred setting below."
|
194 |
},
|
195 |
-
{
|
196 |
-
"key": "enable_comments_human_spam_filter_items",
|
197 |
-
"section": "section_human_spam_filter",
|
198 |
-
"type": "multiple_select",
|
199 |
-
"default": [
|
200 |
-
"author_name",
|
201 |
-
"author_email",
|
202 |
-
"comment_content",
|
203 |
-
"url",
|
204 |
-
"ip_address",
|
205 |
-
"user_agent"
|
206 |
-
],
|
207 |
-
"value_options": [
|
208 |
-
{
|
209 |
-
"value_key": "author_name",
|
210 |
-
"text": "Author Name"
|
211 |
-
},
|
212 |
-
{
|
213 |
-
"value_key": "author_email",
|
214 |
-
"text": "Author Email"
|
215 |
-
},
|
216 |
-
{
|
217 |
-
"value_key": "comment_content",
|
218 |
-
"text": "Comment Content"
|
219 |
-
},
|
220 |
-
{
|
221 |
-
"value_key": "url",
|
222 |
-
"text": "URL"
|
223 |
-
},
|
224 |
-
{
|
225 |
-
"value_key": "ip_address",
|
226 |
-
"text": "IP Address"
|
227 |
-
},
|
228 |
-
{
|
229 |
-
"value_key": "user_agent",
|
230 |
-
"text": "Browser User Agent"
|
231 |
-
}
|
232 |
-
],
|
233 |
-
"link_info": "https://shsec.io/58",
|
234 |
-
"link_blog": "",
|
235 |
-
"name": "Comment Filter Items",
|
236 |
-
"summary": "Select The Items To Scan For SPAM",
|
237 |
-
"description": "When a user submits a comment, only the selected parts of the comment data will be scanned for SPAM content."
|
238 |
-
},
|
239 |
{
|
240 |
"key": "comments_default_action_human_spam",
|
241 |
"section": "section_human_spam_filter",
|
@@ -259,63 +226,10 @@
|
|
259 |
"text": "Block And Redirect"
|
260 |
}
|
261 |
],
|
262 |
-
"name": "
|
263 |
"summary": "How To Categorise Comments When Identified To Be SPAM'",
|
264 |
"description": "When a comment is detected as being SPAM from a human commenter, the comment will be categorised based on this setting."
|
265 |
},
|
266 |
-
{
|
267 |
-
"key": "enable_google_recaptcha_comments",
|
268 |
-
"section": "section_recaptcha",
|
269 |
-
"default": "N",
|
270 |
-
"type": "checkbox",
|
271 |
-
"link_info": "https://shsec.io/shld5",
|
272 |
-
"link_blog": "",
|
273 |
-
"name": "Google reCAPTCHA",
|
274 |
-
"summary": "Enable Google reCAPTCHA For Comments",
|
275 |
-
"description": "Use Google reCAPTCHA on the comments form to prevent bot-spam comments."
|
276 |
-
},
|
277 |
-
{
|
278 |
-
"key": "google_recaptcha_style_comments",
|
279 |
-
"section": "section_recaptcha",
|
280 |
-
"premium": true,
|
281 |
-
"default": "default",
|
282 |
-
"type": "select",
|
283 |
-
"value_options": [
|
284 |
-
{
|
285 |
-
"value_key": "default",
|
286 |
-
"text": "Default Style"
|
287 |
-
},
|
288 |
-
{
|
289 |
-
"value_key": "light",
|
290 |
-
"text": "Light Theme"
|
291 |
-
},
|
292 |
-
{
|
293 |
-
"value_key": "dark",
|
294 |
-
"text": "Dark Theme"
|
295 |
-
},
|
296 |
-
{
|
297 |
-
"value_key": "invisible",
|
298 |
-
"text": "Invisible"
|
299 |
-
}
|
300 |
-
],
|
301 |
-
"link_info": "https://shsec.io/e4",
|
302 |
-
"link_blog": "",
|
303 |
-
"name": "reCAPTCHA Style",
|
304 |
-
"summary": "How Google reCAPTCHA Will Be Displayed",
|
305 |
-
"description": "You can choose the reCAPTCHA display format that best suits your site, including the new Invisible Recaptcha."
|
306 |
-
},
|
307 |
-
{
|
308 |
-
"key": "comments_token_expire_interval",
|
309 |
-
"section": "section_bot_comment_spam_protection_filter",
|
310 |
-
"default": 600,
|
311 |
-
"min": 0,
|
312 |
-
"type": "integer",
|
313 |
-
"link_info": "https://shsec.io/3o",
|
314 |
-
"link_blog": "https://shsec.io/9v",
|
315 |
-
"name": "Comment Token Expire",
|
316 |
-
"summary": "A visitor has X seconds within which to post a comment",
|
317 |
-
"description": "Default: 600 seconds (10 minutes). Each visitor is given a unique 'Token' so they can comment. This restricts spambots, but we need to force these tokens to expire and at the same time not bother the visitors."
|
318 |
-
},
|
319 |
{
|
320 |
"key": "custom_message_checkbox",
|
321 |
"section": "section_user_messages",
|
@@ -363,20 +277,38 @@
|
|
363 |
"name": "Custom Reload Message",
|
364 |
"summary": "If you want a custom message when the comment token has expired, please provide this here.",
|
365 |
"description": "This message is displayed on the submit-button when the comment token is expired."
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
366 |
}
|
367 |
],
|
368 |
"definitions": {
|
369 |
-
"url_spam_blacklist_terms":
|
370 |
-
"
|
371 |
-
"spambot_comments_filter_table_columns": [
|
372 |
-
"id",
|
373 |
-
"post_id",
|
374 |
-
"unique_token",
|
375 |
-
"ip",
|
376 |
-
"created_at",
|
377 |
-
"deleted_at"
|
378 |
-
],
|
379 |
-
"events": {
|
380 |
"spam_block_bot": {
|
381 |
"recent": true,
|
382 |
"offense": true
|
36 |
"Recommendation - Use of this feature is highly recommend."
|
37 |
]
|
38 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
39 |
{
|
40 |
"slug": "section_human_spam_filter",
|
41 |
"title": "Human Comment SPAM Protection Filter",
|
119 |
"summary": "Don't Scan Comments For Users With The Following Roles",
|
120 |
"description": "Shield doesn't normally scan comments from logged-in or registered users. Specify user roles here that shouldn't be scanned."
|
121 |
},
|
122 |
+
{
|
123 |
+
"key": "google_recaptcha_style_comments",
|
124 |
+
"section": "section_bot_comment_spam_protection_filter",
|
125 |
+
"default": "disabled",
|
126 |
+
"type": "select",
|
127 |
+
"value_options": [
|
128 |
+
{
|
129 |
+
"value_key": "disabled",
|
130 |
+
"text": "Disabled"
|
131 |
+
},
|
132 |
+
{
|
133 |
+
"value_key": "default",
|
134 |
+
"text": "Default Style"
|
135 |
+
},
|
136 |
+
{
|
137 |
+
"value_key": "light",
|
138 |
+
"text": "Light Theme"
|
139 |
+
},
|
140 |
+
{
|
141 |
+
"value_key": "dark",
|
142 |
+
"text": "Dark Theme"
|
143 |
+
},
|
144 |
+
{
|
145 |
+
"value_key": "invisible",
|
146 |
+
"text": "Invisible"
|
147 |
+
}
|
148 |
+
],
|
149 |
+
"link_info": "https://shsec.io/e4",
|
150 |
+
"link_blog": "",
|
151 |
+
"name": "CAPTCHA",
|
152 |
+
"summary": "Enable CAPTCHA To Protect Against SPAM Comments",
|
153 |
+
"description": "You can choose the CAPTCHA display format that best suits your site, including the newer Invisible CAPTCHA."
|
154 |
+
},
|
155 |
{
|
156 |
"key": "enable_comments_gasp_protection",
|
157 |
"section": "section_bot_comment_spam_protection_filter",
|
163 |
"summary": "Block Bot Comment SPAM",
|
164 |
"description": "Taking the lead from the original GASP plugin for WordPress, we have extended it to include advanced spam-bot protection."
|
165 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
166 |
{
|
167 |
"key": "comments_default_action_spam_bot",
|
168 |
"section": "section_bot_comment_spam_protection_filter",
|
188 |
],
|
189 |
"link_info": "https://shsec.io/6j",
|
190 |
"link_blog": "",
|
191 |
+
"name": "SPAM Action",
|
192 |
"summary": "How To Categorise Comments When Identified To Be SPAM",
|
193 |
"description": "When a comment is detected as being SPAM from an automatic bot, the comment will be categorised based on this setting."
|
194 |
},
|
203 |
"summary": "Enable (or Disable) The Human SPAM Filter module",
|
204 |
"description": "Scans the content of WordPress comments for keywords that are indicative of SPAM and marks the comment according to your preferred setting below."
|
205 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
206 |
{
|
207 |
"key": "comments_default_action_human_spam",
|
208 |
"section": "section_human_spam_filter",
|
226 |
"text": "Block And Redirect"
|
227 |
}
|
228 |
],
|
229 |
+
"name": "SPAM Action",
|
230 |
"summary": "How To Categorise Comments When Identified To Be SPAM'",
|
231 |
"description": "When a comment is detected as being SPAM from a human commenter, the comment will be categorised based on this setting."
|
232 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
233 |
{
|
234 |
"key": "custom_message_checkbox",
|
235 |
"section": "section_user_messages",
|
277 |
"name": "Custom Reload Message",
|
278 |
"summary": "If you want a custom message when the comment token has expired, please provide this here.",
|
279 |
"description": "This message is displayed on the submit-button when the comment token is expired."
|
280 |
+
},
|
281 |
+
{
|
282 |
+
"key": "comments_cooldown",
|
283 |
+
"section": "section_non_ui",
|
284 |
+
"default": 10,
|
285 |
+
"min": 0,
|
286 |
+
"type": "integer"
|
287 |
+
},
|
288 |
+
{
|
289 |
+
"key": "comments_expire",
|
290 |
+
"section": "section_non_ui",
|
291 |
+
"default": 600,
|
292 |
+
"min": 0,
|
293 |
+
"type": "integer"
|
294 |
+
},
|
295 |
+
{
|
296 |
+
"key": "human_spam_items",
|
297 |
+
"section": "section_non_ui",
|
298 |
+
"type": "array",
|
299 |
+
"default": [
|
300 |
+
"author_name",
|
301 |
+
"author_email",
|
302 |
+
"comment_content",
|
303 |
+
"url",
|
304 |
+
"ip_address",
|
305 |
+
"user_agent"
|
306 |
+
]
|
307 |
}
|
308 |
],
|
309 |
"definitions": {
|
310 |
+
"url_spam_blacklist_terms": "https://raw.githubusercontent.com/splorp/wordpress-comment-blacklist/master/blacklist.txt",
|
311 |
+
"events": {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
312 |
"spam_block_bot": {
|
313 |
"recent": true,
|
314 |
"offense": true
|
src/config/feature-email.php
CHANGED
@@ -11,6 +11,7 @@
|
|
11 |
"access_restricted": true,
|
12 |
"run_if_whitelisted": true,
|
13 |
"run_if_wpcli": true,
|
|
|
14 |
"tracking_exclude": true
|
15 |
},
|
16 |
"sections": [
|
@@ -26,15 +27,10 @@
|
|
26 |
],
|
27 |
"options": [
|
28 |
{
|
29 |
-
"key":
|
30 |
-
"section":
|
31 |
-
"default":
|
32 |
-
"type":
|
33 |
-
"link_info": "",
|
34 |
-
"link_blog": "",
|
35 |
-
"name": "Email Throttle Limit",
|
36 |
-
"summary": "Limit Emails Per Second",
|
37 |
-
"description": "You throttle emails sent by this plugin by limiting the number of emails sent every second. This is useful in case you get hit by a bot attack. Zero (0) turns this off. Suggested: 10."
|
38 |
}
|
39 |
]
|
40 |
}
|
11 |
"access_restricted": true,
|
12 |
"run_if_whitelisted": true,
|
13 |
"run_if_wpcli": true,
|
14 |
+
"skip_processor": true,
|
15 |
"tracking_exclude": true
|
16 |
},
|
17 |
"sections": [
|
27 |
],
|
28 |
"options": [
|
29 |
{
|
30 |
+
"key": "send_throttle_limit",
|
31 |
+
"section": "section_non_ui",
|
32 |
+
"default": 10,
|
33 |
+
"type": "integer"
|
|
|
|
|
|
|
|
|
|
|
34 |
}
|
35 |
]
|
36 |
}
|
src/config/feature-events.php
CHANGED
@@ -21,7 +21,7 @@
|
|
21 |
"title_short": "Disable Module",
|
22 |
"summary": [
|
23 |
"Purpose - Helps you see at a glance how effective the plugin has been.",
|
24 |
-
"Recommendation - Keep the
|
25 |
]
|
26 |
},
|
27 |
{
|
@@ -38,8 +38,8 @@
|
|
38 |
"link_info": "",
|
39 |
"link_blog": "",
|
40 |
"name": "Enable Events",
|
41 |
-
"summary": "Enable (or Disable) The
|
42 |
-
"description": "Un-Checking this option will completely disable the
|
43 |
}
|
44 |
],
|
45 |
"definitions": {
|
21 |
"title_short": "Disable Module",
|
22 |
"summary": [
|
23 |
"Purpose - Helps you see at a glance how effective the plugin has been.",
|
24 |
+
"Recommendation - Keep the Events feature turned on."
|
25 |
]
|
26 |
},
|
27 |
{
|
38 |
"link_info": "",
|
39 |
"link_blog": "",
|
40 |
"name": "Enable Events",
|
41 |
+
"summary": "Enable (or Disable) The Events module",
|
42 |
+
"description": "Un-Checking this option will completely disable the Events module"
|
43 |
}
|
44 |
],
|
45 |
"definitions": {
|
src/config/feature-hack_protect.php
CHANGED
@@ -34,89 +34,48 @@
|
|
34 |
],
|
35 |
"sections": [
|
36 |
{
|
37 |
-
"slug": "
|
38 |
-
"title": "Scan Options",
|
39 |
-
"title_short": "Schedule",
|
40 |
-
"summary": [
|
41 |
-
"Purpose - Set how often the Hack Guard scans will run."
|
42 |
-
]
|
43 |
-
},
|
44 |
-
{
|
45 |
-
"slug": "section_scan_wcf",
|
46 |
"primary": true,
|
47 |
-
"title": "
|
48 |
-
"title_short": "
|
49 |
"summary": [
|
50 |
-
"Purpose -
|
51 |
-
"Recommendation - Keep the
|
52 |
-
]
|
53 |
-
},
|
54 |
-
{
|
55 |
-
"slug": "section_scan_ufc",
|
56 |
-
"title": "Unrecognised Files Scanner",
|
57 |
-
"title_short": "Unrecognised Files Scanner",
|
58 |
-
"summary": [
|
59 |
-
"Purpose - Scan your WordPress core folders for unrecognised files that don't belong.",
|
60 |
-
"Recommendation - Keep the Unrecognised Files Scanner feature turned on."
|
61 |
]
|
62 |
},
|
63 |
{
|
64 |
-
"slug": "
|
65 |
-
"title": "
|
66 |
-
"title_short": "
|
67 |
"summary": [
|
68 |
-
"Purpose - Regularly scan your WordPress plugins and themes for
|
69 |
"Recommendation - Ensure this is turned on and you will always know if any of your assets have known security vulnerabilities."
|
70 |
]
|
71 |
},
|
72 |
{
|
73 |
"slug": "section_realtime",
|
74 |
-
"title": "Realtime
|
75 |
-
"title_short": "Realtime
|
76 |
"summary": [
|
77 |
-
"Purpose -
|
78 |
-
"Recommendation - Keep
|
79 |
]
|
80 |
},
|
81 |
{
|
82 |
-
"slug": "
|
83 |
-
"title": "
|
84 |
-
"title_short": "
|
85 |
-
"summary": [
|
86 |
-
"Purpose - Detect malicious changes to your themes and plugins.",
|
87 |
-
"Recommendation - Keep the Plugins/Theme Guard feature turned on."
|
88 |
-
]
|
89 |
-
},
|
90 |
-
{
|
91 |
-
"slug": "section_scan_ptg",
|
92 |
-
"help_video": {
|
93 |
-
"provider": "vimeo",
|
94 |
-
"embed_url": "https://player.vimeo.com/video/256755089?color=3fde23&byline=0",
|
95 |
-
"id": "256755089"
|
96 |
-
},
|
97 |
-
"title": "Plugins/Themes Guard",
|
98 |
-
"title_short": "Plugins/Themes Guard",
|
99 |
-
"summary": [
|
100 |
-
"Purpose - Detect malicious changes to your themes and plugins.",
|
101 |
-
"Recommendation - Keep the Plugins/Theme Guard feature turned on."
|
102 |
-
]
|
103 |
-
},
|
104 |
-
{
|
105 |
-
"slug": "section_scan_wpv",
|
106 |
-
"title": "Vulnerability Scanner",
|
107 |
-
"title_short": "Vulnerability Scanner",
|
108 |
"summary": [
|
109 |
-
"Purpose -
|
110 |
-
"Recommendation -
|
111 |
]
|
112 |
},
|
113 |
{
|
114 |
-
"slug": "
|
115 |
-
"title": "
|
116 |
-
"title_short": "
|
117 |
"summary": [
|
118 |
-
"Purpose -
|
119 |
-
"Recommendation - Enable these to automatically recover from unauthorized changes to your WordPress site."
|
120 |
]
|
121 |
},
|
122 |
{
|
@@ -146,42 +105,27 @@
|
|
146 |
"description": "Un-Checking this option will completely disable the Hack Guard module"
|
147 |
},
|
148 |
{
|
149 |
-
"key": "
|
150 |
-
"section": "
|
151 |
-
"premium": true,
|
152 |
-
"default": "N",
|
153 |
"type": "checkbox",
|
154 |
-
"
|
155 |
-
"
|
156 |
-
"
|
157 |
-
"
|
158 |
-
"
|
|
|
159 |
},
|
160 |
{
|
161 |
-
"key":
|
162 |
-
"section":
|
163 |
-
"premium":
|
164 |
-
"
|
165 |
-
"
|
166 |
-
"
|
167 |
-
|
168 |
-
|
169 |
-
|
170 |
-
|
171 |
-
{
|
172 |
-
"value_key": "enabled_email",
|
173 |
-
"text": "Scan Enabled - Send Email Notification"
|
174 |
-
},
|
175 |
-
{
|
176 |
-
"value_key": "enabled_no_email",
|
177 |
-
"text": "Scan Enabled - No Email Notification"
|
178 |
-
}
|
179 |
-
],
|
180 |
-
"link_info": "https://shsec.io/du",
|
181 |
-
"link_blog": "https://shsec.io/ah",
|
182 |
-
"name": "Vulnerability Scanner",
|
183 |
-
"summary": "Enable The Vulnerability Scanner",
|
184 |
-
"description": "Scan all your WordPress assets for known security vulnerabilities."
|
185 |
},
|
186 |
{
|
187 |
"key": "wpvuln_scan_autoupdate",
|
@@ -196,77 +140,93 @@
|
|
196 |
"description": "When an update becomes available, automatically apply updates to items with known vulnerabilities."
|
197 |
},
|
198 |
{
|
199 |
-
"key":
|
200 |
-
"section":
|
201 |
-
"default":
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
202 |
"premium": true,
|
203 |
-
"type": "
|
|
|
204 |
"value_options": [
|
205 |
{
|
206 |
-
"value_key": "
|
207 |
-
"text": "
|
208 |
},
|
209 |
{
|
210 |
-
"value_key": "
|
211 |
-
"text": "
|
212 |
},
|
213 |
{
|
214 |
-
"value_key": "
|
215 |
-
"text": "
|
216 |
}
|
217 |
],
|
218 |
-
"link_info": "",
|
219 |
-
"link_blog": "",
|
220 |
-
"name": "
|
221 |
-
"summary": "
|
222 |
-
"description": "
|
223 |
-
},
|
224 |
-
{
|
225 |
-
"key": "
|
226 |
-
"section": "
|
227 |
-
"
|
228 |
-
"
|
|
|
|
|
|
|
229 |
"value_options": [
|
230 |
{
|
231 |
-
"value_key": "
|
232 |
-
"text": "
|
233 |
},
|
234 |
{
|
235 |
-
"value_key": "
|
236 |
-
"text": "
|
237 |
},
|
238 |
{
|
239 |
-
"value_key": "
|
240 |
-
"text": "
|
241 |
}
|
242 |
],
|
243 |
-
"link_info": "https://shsec.io/
|
244 |
-
"link_blog": "https://shsec.io/
|
245 |
-
"name": "
|
246 |
-
"summary": "
|
247 |
-
"description": "
|
248 |
-
},
|
249 |
-
{
|
250 |
-
"key": "enable_core_file_integrity_scan",
|
251 |
-
"section": "section_scan_wcf",
|
252 |
-
"default": "Y",
|
253 |
-
"type": "checkbox",
|
254 |
-
"link_info": "https://shsec.io/wpsf36",
|
255 |
-
"link_blog": "https://shsec.io/wpsf37",
|
256 |
-
"name": "WP Core File Scanner",
|
257 |
-
"summary": "Automatically Scans WordPress Core Files For Alterations",
|
258 |
-
"description": "Compares all WordPress core files on your site against the official WordPress files. WordPress Core files should never be altered for any reason."
|
259 |
-
},
|
260 |
-
{
|
261 |
-
"key": "attempt_auto_file_repair",
|
262 |
-
"section": "section_scan_wcf",
|
263 |
-
"default": "N",
|
264 |
-
"type": "checkbox",
|
265 |
-
"link_info": "https://shsec.io/wpsf36",
|
266 |
-
"link_blog": "https://shsec.io/wpsf37",
|
267 |
-
"name": "Auto Repair",
|
268 |
-
"summary": "Automatically Repair WordPress Core Files That Have Been Altered",
|
269 |
-
"description": "Attempts to automatically repair WordPress Core files with the official WordPress file data, for files that have been altered or are missing."
|
270 |
},
|
271 |
{
|
272 |
"key": "scan_frequency",
|
@@ -314,31 +274,6 @@
|
|
314 |
"summary": "Number Of Times To Automatically Scan Core Files In 24 Hours",
|
315 |
"description": "Default: Once every 24hrs. To improve security, increase the number of scans per day."
|
316 |
},
|
317 |
-
{
|
318 |
-
"key": "notification_interval",
|
319 |
-
"section": "section_scan_options",
|
320 |
-
"premium": true,
|
321 |
-
"default": "7",
|
322 |
-
"min": 0,
|
323 |
-
"type": "integer",
|
324 |
-
"link_info": "",
|
325 |
-
"link_blog": "",
|
326 |
-
"name": "Repeat Notifications",
|
327 |
-
"summary": "Item Repeat Notifications Suppression Interval",
|
328 |
-
"description": "How long the automated scans should wait before repeating a notification about an item."
|
329 |
-
},
|
330 |
-
{
|
331 |
-
"key": "email_files_list",
|
332 |
-
"section": "section_scan_options",
|
333 |
-
"premium": true,
|
334 |
-
"default": "N",
|
335 |
-
"type": "checkbox",
|
336 |
-
"link_info": "",
|
337 |
-
"link_blog": "",
|
338 |
-
"name": "Email Files List",
|
339 |
-
"summary": "Scan Notification Emails Should Include Full Listing Of Files",
|
340 |
-
"description": "Scanner notification emails will include a summary list of all affected files."
|
341 |
-
},
|
342 |
{
|
343 |
"key": "enable_unrecognised_file_cleaner_scan",
|
344 |
"section": "section_scan_ufc",
|
@@ -351,15 +286,11 @@
|
|
351 |
},
|
352 |
{
|
353 |
"value_key": "enabled_report_only",
|
354 |
-
"text": "Scan Enabled -
|
355 |
},
|
356 |
{
|
357 |
"value_key": "enabled_delete_only",
|
358 |
"text": "Scan Enabled - Automatically Delete Files"
|
359 |
-
},
|
360 |
-
{
|
361 |
-
"value_key": "enabled_delete_report",
|
362 |
-
"text": "Scan Enabled - Delete Files and Send Email Notification"
|
363 |
}
|
364 |
],
|
365 |
"link_info": "https://shsec.io/9y",
|
@@ -373,8 +304,8 @@
|
|
373 |
"section": "section_scan_ufc",
|
374 |
"default": "N",
|
375 |
"type": "checkbox",
|
376 |
-
"link_info": "https://shsec.io/
|
377 |
-
"link_blog": "",
|
378 |
"name": "Scan Uploads",
|
379 |
"summary": "Scan Uploads Folder For PHP and Javascript",
|
380 |
"description": "The Uploads folder is primarily for media, but could be used to store nefarious files."
|
@@ -384,6 +315,7 @@
|
|
384 |
"section": "section_scan_ufc",
|
385 |
"default": [
|
386 |
"error_log",
|
|
|
387 |
".htaccess",
|
388 |
".htpasswd",
|
389 |
".user.ini",
|
@@ -399,108 +331,6 @@
|
|
399 |
"summary": "Provide A List Of Files To Be Excluded From The Scan",
|
400 |
"description": "Take a new line for each file you wish to exclude from the scan. No commas are necessary."
|
401 |
},
|
402 |
-
{
|
403 |
-
"key": "ic_enabled",
|
404 |
-
"section": "section_non_ui",
|
405 |
-
"default": "N",
|
406 |
-
"type": "checkbox",
|
407 |
-
"link_info": "",
|
408 |
-
"link_blog": "",
|
409 |
-
"name": "Enable Integrity Checking Scan",
|
410 |
-
"summary": "Scans For Critical Changes Made To Your WordPress Site",
|
411 |
-
"description": "Detects changes made to your WordPress site outside of WordPress."
|
412 |
-
},
|
413 |
-
{
|
414 |
-
"key": "ic_users",
|
415 |
-
"section": "section_non_ui",
|
416 |
-
"default": "N",
|
417 |
-
"type": "checkbox",
|
418 |
-
"link_info": "",
|
419 |
-
"link_blog": "",
|
420 |
-
"name": "Monitor User Accounts",
|
421 |
-
"summary": "Scans For Critical Changes Made To User Accounts",
|
422 |
-
"description": "Detects changes made to critical user account information that were made directly on the database and outside of the WordPress system."
|
423 |
-
},
|
424 |
-
{
|
425 |
-
"key": "mal_scan_enable",
|
426 |
-
"section": "section_scan_mal",
|
427 |
-
"premium": true,
|
428 |
-
"default": "disabled",
|
429 |
-
"type": "select",
|
430 |
-
"value_options": [
|
431 |
-
{
|
432 |
-
"value_key": "disabled",
|
433 |
-
"text": "Automatic Scan Disabled"
|
434 |
-
},
|
435 |
-
{
|
436 |
-
"value_key": "enabled",
|
437 |
-
"text": "Automatic Scan Enabled"
|
438 |
-
}
|
439 |
-
],
|
440 |
-
"link_info": "https://shsec.io/fp",
|
441 |
-
"link_blog": "https://shsec.io/fx",
|
442 |
-
"name": "Automatic Malware Scan",
|
443 |
-
"summary": "Enable Malware File Scanner",
|
444 |
-
"description": "When enabled the Malware scanner will run automatically."
|
445 |
-
},
|
446 |
-
{
|
447 |
-
"key": "mal_fp_confidence",
|
448 |
-
"section": "section_scan_mal",
|
449 |
-
"premium": true,
|
450 |
-
"default": "75",
|
451 |
-
"type": "select",
|
452 |
-
"value_options": [
|
453 |
-
{
|
454 |
-
"value_key": "0",
|
455 |
-
"text": "None - Turn Off Malware Intelligence Network"
|
456 |
-
},
|
457 |
-
{
|
458 |
-
"value_key": "25",
|
459 |
-
"text": "Low"
|
460 |
-
},
|
461 |
-
{
|
462 |
-
"value_key": "50",
|
463 |
-
"text": "Medium"
|
464 |
-
},
|
465 |
-
{
|
466 |
-
"value_key": "75",
|
467 |
-
"text": "High"
|
468 |
-
},
|
469 |
-
{
|
470 |
-
"value_key": "100",
|
471 |
-
"text": "Full"
|
472 |
-
}
|
473 |
-
],
|
474 |
-
"link_info": "https://shsec.io/fp",
|
475 |
-
"link_blog": "https://shsec.io/fz",
|
476 |
-
"name": "Automatic Malware Scan",
|
477 |
-
"summary": "Enable Malware File Scanner",
|
478 |
-
"description": "When enabled the Malware scanner will run automatically."
|
479 |
-
},
|
480 |
-
{
|
481 |
-
"key": "mal_autorepair_core",
|
482 |
-
"section": "section_scan_mal",
|
483 |
-
"premium": true,
|
484 |
-
"type": "checkbox",
|
485 |
-
"default": "N",
|
486 |
-
"link_info": "",
|
487 |
-
"link_blog": "",
|
488 |
-
"name": "Auto-Repair WP Core",
|
489 |
-
"summary": "Automatically Repair WordPress Core Files",
|
490 |
-
"description": "Automatically reinstall any core files found to have potential malware."
|
491 |
-
},
|
492 |
-
{
|
493 |
-
"key": "mal_autorepair_plugins",
|
494 |
-
"section": "section_scan_mal",
|
495 |
-
"premium": true,
|
496 |
-
"type": "checkbox",
|
497 |
-
"default": "N",
|
498 |
-
"link_info": "",
|
499 |
-
"link_blog": "",
|
500 |
-
"name": "Auto-Repair WP Plugins",
|
501 |
-
"summary": "Automatically Repair WordPress.org Plugins",
|
502 |
-
"description": "Automatically repair any plugin files found to have potential malware."
|
503 |
-
},
|
504 |
{
|
505 |
"key": "mal_autorepair_surgical",
|
506 |
"section": "section_non_ui",
|
@@ -513,49 +343,9 @@
|
|
513 |
"summary": "Automatically Attempt To Surgically Remove Malware Code",
|
514 |
"description": "Attempts to automatically remove code from infected files."
|
515 |
},
|
516 |
-
{
|
517 |
-
"key": "ptg_enable",
|
518 |
-
"section": "section_scan_ptg",
|
519 |
-
"premium": true,
|
520 |
-
"default": "disabled",
|
521 |
-
"type": "select",
|
522 |
-
"value_options": [
|
523 |
-
{
|
524 |
-
"value_key": "disabled",
|
525 |
-
"text": "Scan Disabled"
|
526 |
-
},
|
527 |
-
{
|
528 |
-
"value_key": "enabled",
|
529 |
-
"text": "Scan Enabled"
|
530 |
-
}
|
531 |
-
],
|
532 |
-
"link_info": "https://shsec.io/bl",
|
533 |
-
"link_blog": "https://shsec.io/bm",
|
534 |
-
"name": "Enable/Disable Guard",
|
535 |
-
"summary": "Enable The Guard For Plugin And Theme Files",
|
536 |
-
"description": "When enabled the Guard will automatically scan for changes to your Plugin and Theme files."
|
537 |
-
},
|
538 |
-
{
|
539 |
-
"key": "ptg_extensions",
|
540 |
-
"section": "section_scan_ptg",
|
541 |
-
"premium": true,
|
542 |
-
"default": [
|
543 |
-
"php",
|
544 |
-
"php5",
|
545 |
-
"js",
|
546 |
-
"svg",
|
547 |
-
"htaccess"
|
548 |
-
],
|
549 |
-
"type": "array",
|
550 |
-
"link_info": "https://shsec.io/bo",
|
551 |
-
"link_blog": "",
|
552 |
-
"name": "File Types",
|
553 |
-
"summary": "The File Types Included In The Scan",
|
554 |
-
"description": "Take a new line for each file extension. No commas(,) or periods(.) necessary."
|
555 |
-
},
|
556 |
{
|
557 |
"key": "ptg_reinstall_links",
|
558 |
-
"section": "
|
559 |
"premium": true,
|
560 |
"type": "checkbox",
|
561 |
"default": "Y",
|
@@ -565,21 +355,6 @@
|
|
565 |
"summary": "Show Re-Install Links For Plugins",
|
566 |
"description": "Show links to re-install plugins and offer re-install when activating plugins."
|
567 |
},
|
568 |
-
{
|
569 |
-
"key": "ptg_candiskwrite",
|
570 |
-
"section": "section_non_ui",
|
571 |
-
"transferable": false,
|
572 |
-
"type": "boolean",
|
573 |
-
"default": false
|
574 |
-
},
|
575 |
-
{
|
576 |
-
"key": "ptg_candiskwrite_at",
|
577 |
-
"section": "section_non_ui",
|
578 |
-
"transferable": false,
|
579 |
-
"tracking_exclude": true,
|
580 |
-
"type": "integer",
|
581 |
-
"default": false
|
582 |
-
},
|
583 |
{
|
584 |
"key": "snapshot_users",
|
585 |
"section": "section_non_ui",
|
@@ -588,30 +363,6 @@
|
|
588 |
"type": "array",
|
589 |
"default": []
|
590 |
},
|
591 |
-
{
|
592 |
-
"key": "rt_file_hashes",
|
593 |
-
"section": "section_non_ui",
|
594 |
-
"transferable": false,
|
595 |
-
"tracking_exclude": true,
|
596 |
-
"type": "array",
|
597 |
-
"default": []
|
598 |
-
},
|
599 |
-
{
|
600 |
-
"key": "rt_file_backup_names",
|
601 |
-
"section": "section_non_ui",
|
602 |
-
"transferable": false,
|
603 |
-
"tracking_exclude": true,
|
604 |
-
"type": "array",
|
605 |
-
"default": []
|
606 |
-
},
|
607 |
-
{
|
608 |
-
"key": "rt_can_write_files",
|
609 |
-
"section": "section_non_ui",
|
610 |
-
"transferable": false,
|
611 |
-
"tracking_exclude": true,
|
612 |
-
"type": "array",
|
613 |
-
"default": []
|
614 |
-
},
|
615 |
{
|
616 |
"key": "scans_to_build",
|
617 |
"section": "section_non_ui",
|
@@ -639,8 +390,9 @@
|
|
639 |
],
|
640 |
"definitions": {
|
641 |
"db_classes": {
|
642 |
-
"
|
643 |
-
"
|
|
|
644 |
},
|
645 |
"all_scan_slugs": [
|
646 |
"apc",
|
@@ -650,6 +402,21 @@
|
|
650 |
"wcf",
|
651 |
"ufc"
|
652 |
],
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
653 |
"table_name_scanner": "scanner",
|
654 |
"table_columns_scanner": [
|
655 |
"id",
|
@@ -693,11 +460,6 @@
|
|
693 |
"wp-admin/install.php",
|
694 |
"xmlrpc.php"
|
695 |
],
|
696 |
-
"corechecksum_autofix": [
|
697 |
-
"wp-content/index.php",
|
698 |
-
"wp-content/plugins/index.php",
|
699 |
-
"wp-content/themes/index.php"
|
700 |
-
],
|
701 |
"events": {
|
702 |
"apc_alert_sent": {
|
703 |
},
|
34 |
],
|
35 |
"sections": [
|
36 |
{
|
37 |
+
"slug": "section_file_guard",
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
38 |
"primary": true,
|
39 |
+
"title": "File Guard",
|
40 |
+
"title_short": "File Guard",
|
41 |
"summary": [
|
42 |
+
"Purpose - Monitor WordPress files and protect against malicious intrusion and hacking.",
|
43 |
+
"Recommendation - Keep the File Guard features turned on."
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
44 |
]
|
45 |
},
|
46 |
{
|
47 |
+
"slug": "section_scan_wpv",
|
48 |
+
"title": "Vulnerability Scanner",
|
49 |
+
"title_short": "Vulnerability Scanner",
|
50 |
"summary": [
|
51 |
+
"Purpose - Regularly scan your WordPress plugins and themes for known security vulnerabilities.",
|
52 |
"Recommendation - Ensure this is turned on and you will always know if any of your assets have known security vulnerabilities."
|
53 |
]
|
54 |
},
|
55 |
{
|
56 |
"slug": "section_realtime",
|
57 |
+
"title": "Realtime Change Detection",
|
58 |
+
"title_short": "Realtime Change Detection",
|
59 |
"summary": [
|
60 |
+
"Purpose - Monitor Your WordPress Site For Changes To Critical Components In Realtime.",
|
61 |
+
"Recommendation - Keep The Realtime Change Detection Active."
|
62 |
]
|
63 |
},
|
64 |
{
|
65 |
+
"slug": "section_scan_ufc",
|
66 |
+
"title": "Unrecognised Files Scanner",
|
67 |
+
"title_short": "Unrecognised Files Scanner",
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
68 |
"summary": [
|
69 |
+
"Purpose - Scan your WordPress core folders for unrecognised files that don't belong.",
|
70 |
+
"Recommendation - Keep the Unrecognised Files Scanner feature turned on."
|
71 |
]
|
72 |
},
|
73 |
{
|
74 |
+
"slug": "section_scan_options",
|
75 |
+
"title": "Scan Options",
|
76 |
+
"title_short": "Scan Options",
|
77 |
"summary": [
|
78 |
+
"Purpose - Set how often the Hack Guard scans will run."
|
|
|
79 |
]
|
80 |
},
|
81 |
{
|
105 |
"description": "Un-Checking this option will completely disable the Hack Guard module"
|
106 |
},
|
107 |
{
|
108 |
+
"key": "enabled_scan_apc",
|
109 |
+
"section": "section_scan_wpv",
|
|
|
|
|
110 |
"type": "checkbox",
|
111 |
+
"default": "Y",
|
112 |
+
"link_info": "https://shsec.io/ew",
|
113 |
+
"link_blog": "https://shsec.io/eo",
|
114 |
+
"name": "Abandoned Plugin Scanner",
|
115 |
+
"summary": "Enable The Abandoned Plugin Scanner",
|
116 |
+
"description": "Scan your WordPress.org assets for whether they've been abandoned."
|
117 |
},
|
118 |
{
|
119 |
+
"key": "enable_wpvuln_scan",
|
120 |
+
"section": "section_scan_wpv",
|
121 |
+
"premium": true,
|
122 |
+
"type": "checkbox",
|
123 |
+
"default": "Y",
|
124 |
+
"link_info": "https://shsec.io/du",
|
125 |
+
"link_blog": "https://shsec.io/ah",
|
126 |
+
"name": "Vulnerability Scanner",
|
127 |
+
"summary": "Enable The Vulnerability Scanner",
|
128 |
+
"description": "Scan all your WordPress assets for known security vulnerabilities."
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
129 |
},
|
130 |
{
|
131 |
"key": "wpvuln_scan_autoupdate",
|
140 |
"description": "When an update becomes available, automatically apply updates to items with known vulnerabilities."
|
141 |
},
|
142 |
{
|
143 |
+
"key": "enable_core_file_integrity_scan",
|
144 |
+
"section": "section_file_guard",
|
145 |
+
"default": "Y",
|
146 |
+
"type": "checkbox",
|
147 |
+
"link_info": "https://shsec.io/hd",
|
148 |
+
"link_blog": "https://shsec.io/wpsf37",
|
149 |
+
"name": "WP Core File Scanner",
|
150 |
+
"summary": "Automatically Scans WordPress Core Files For Alterations",
|
151 |
+
"description": "Compares all WordPress core files on your site against the official WordPress files. WordPress Core files should never be altered for any reason."
|
152 |
+
},
|
153 |
+
{
|
154 |
+
"key": "mal_scan_enable",
|
155 |
+
"section": "section_file_guard",
|
156 |
+
"premium": true,
|
157 |
+
"default": "Y",
|
158 |
+
"type": "checkbox",
|
159 |
+
"link_info": "https://shsec.io/fp",
|
160 |
+
"link_blog": "https://shsec.io/fx",
|
161 |
+
"name": "Automatic Malware Scan",
|
162 |
+
"summary": "Enable Malware File Scanner",
|
163 |
+
"description": "When enabled the Malware scanner will run automatically."
|
164 |
+
},
|
165 |
+
{
|
166 |
+
"key": "ptg_enable",
|
167 |
+
"section": "section_file_guard",
|
168 |
+
"premium": true,
|
169 |
+
"default": "Y",
|
170 |
+
"type": "checkbox",
|
171 |
+
"link_info": "https://shsec.io/bl",
|
172 |
+
"link_blog": "https://shsec.io/bm",
|
173 |
+
"name": "Enable/Disable Guard",
|
174 |
+
"summary": "Enable The Guard For Plugin And Theme Files",
|
175 |
+
"description": "When enabled the Guard will automatically scan for changes to your Plugin and Theme files."
|
176 |
+
},
|
177 |
+
{
|
178 |
+
"key": "file_locker",
|
179 |
+
"section": "section_realtime",
|
180 |
"premium": true,
|
181 |
+
"type": "multiple_select",
|
182 |
+
"default": [],
|
183 |
"value_options": [
|
184 |
{
|
185 |
+
"value_key": "wpconfig",
|
186 |
+
"text": "WP Config"
|
187 |
},
|
188 |
{
|
189 |
+
"value_key": "root_htaccess",
|
190 |
+
"text": "Root .htaccess"
|
191 |
},
|
192 |
{
|
193 |
+
"value_key": "root_index",
|
194 |
+
"text": "Root index.php"
|
195 |
}
|
196 |
],
|
197 |
+
"link_info": "https://shsec.io/h7",
|
198 |
+
"link_blog": "https://shsec.io/h8",
|
199 |
+
"name": "File Locker",
|
200 |
+
"summary": "Lock Files Against Tampering and Changes",
|
201 |
+
"description": "As soon as changes are detected to any selected files, the contents may be examined and reverted."
|
202 |
+
},
|
203 |
+
{
|
204 |
+
"key": "file_repair_areas",
|
205 |
+
"section": "section_file_guard",
|
206 |
+
"type": "multiple_select",
|
207 |
+
"default": [
|
208 |
+
"wp",
|
209 |
+
"plugin"
|
210 |
+
],
|
211 |
"value_options": [
|
212 |
{
|
213 |
+
"value_key": "wp",
|
214 |
+
"text": "WP Core"
|
215 |
},
|
216 |
{
|
217 |
+
"value_key": "plugin",
|
218 |
+
"text": "Plugin Files"
|
219 |
},
|
220 |
{
|
221 |
+
"value_key": "theme",
|
222 |
+
"text": "Theme Files"
|
223 |
}
|
224 |
],
|
225 |
+
"link_info": "https://shsec.io/wpsf36",
|
226 |
+
"link_blog": "https://shsec.io/wpsf37",
|
227 |
+
"name": "Auto File Repair",
|
228 |
+
"summary": "Which Files Should Be Automatically Repaired?",
|
229 |
+
"description": "When a file is modified, or malware is detected, Shield can try to repair files."
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
230 |
},
|
231 |
{
|
232 |
"key": "scan_frequency",
|
274 |
"summary": "Number Of Times To Automatically Scan Core Files In 24 Hours",
|
275 |
"description": "Default: Once every 24hrs. To improve security, increase the number of scans per day."
|
276 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
277 |
{
|
278 |
"key": "enable_unrecognised_file_cleaner_scan",
|
279 |
"section": "section_scan_ufc",
|
286 |
},
|
287 |
{
|
288 |
"value_key": "enabled_report_only",
|
289 |
+
"text": "Scan Enabled - Report Only"
|
290 |
},
|
291 |
{
|
292 |
"value_key": "enabled_delete_only",
|
293 |
"text": "Scan Enabled - Automatically Delete Files"
|
|
|
|
|
|
|
|
|
294 |
}
|
295 |
],
|
296 |
"link_info": "https://shsec.io/9y",
|
304 |
"section": "section_scan_ufc",
|
305 |
"default": "N",
|
306 |
"type": "checkbox",
|
307 |
+
"link_info": "https://shsec.io/he",
|
308 |
+
"link_blog": "https://shsec.io/95",
|
309 |
"name": "Scan Uploads",
|
310 |
"summary": "Scan Uploads Folder For PHP and Javascript",
|
311 |
"description": "The Uploads folder is primarily for media, but could be used to store nefarious files."
|
315 |
"section": "section_scan_ufc",
|
316 |
"default": [
|
317 |
"error_log",
|
318 |
+
"php_error_log",
|
319 |
".htaccess",
|
320 |
".htpasswd",
|
321 |
".user.ini",
|
331 |
"summary": "Provide A List Of Files To Be Excluded From The Scan",
|
332 |
"description": "Take a new line for each file you wish to exclude from the scan. No commas are necessary."
|
333 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
334 |
{
|
335 |
"key": "mal_autorepair_surgical",
|
336 |
"section": "section_non_ui",
|
343 |
"summary": "Automatically Attempt To Surgically Remove Malware Code",
|
344 |
"description": "Attempts to automatically remove code from infected files."
|
345 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
346 |
{
|
347 |
"key": "ptg_reinstall_links",
|
348 |
+
"section": "section_scan_options",
|
349 |
"premium": true,
|
350 |
"type": "checkbox",
|
351 |
"default": "Y",
|
355 |
"summary": "Show Re-Install Links For Plugins",
|
356 |
"description": "Show links to re-install plugins and offer re-install when activating plugins."
|
357 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
358 |
{
|
359 |
"key": "snapshot_users",
|
360 |
"section": "section_non_ui",
|
363 |
"type": "array",
|
364 |
"default": []
|
365 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
366 |
{
|
367 |
"key": "scans_to_build",
|
368 |
"section": "section_non_ui",
|
390 |
],
|
391 |
"definitions": {
|
392 |
"db_classes": {
|
393 |
+
"file_protect": "\\FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\FileLocker\\Handler",
|
394 |
+
"scanresults": "\\FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Scanner\\Handler",
|
395 |
+
"scanq": "\\FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ScanQueue\\Handler"
|
396 |
},
|
397 |
"all_scan_slugs": [
|
398 |
"apc",
|
402 |
"wcf",
|
403 |
"ufc"
|
404 |
],
|
405 |
+
"table_name_filelocker": "filelocker",
|
406 |
+
"table_columns_filelocker": [
|
407 |
+
"id",
|
408 |
+
"file",
|
409 |
+
"hash_original",
|
410 |
+
"hash_current",
|
411 |
+
"content",
|
412 |
+
"public_key_id",
|
413 |
+
"detected_at",
|
414 |
+
"reverted_at",
|
415 |
+
"notified_at",
|
416 |
+
"updated_at",
|
417 |
+
"created_at",
|
418 |
+
"deleted_at"
|
419 |
+
],
|
420 |
"table_name_scanner": "scanner",
|
421 |
"table_columns_scanner": [
|
422 |
"id",
|
460 |
"wp-admin/install.php",
|
461 |
"xmlrpc.php"
|
462 |
],
|
|
|
|
|
|
|
|
|
|
|
463 |
"events": {
|
464 |
"apc_alert_sent": {
|
465 |
},
|
src/config/feature-insights.php
CHANGED
@@ -15,6 +15,7 @@
|
|
15 |
"run_if_whitelisted": true,
|
16 |
"run_if_verified_bot": false,
|
17 |
"run_if_wpcli": false,
|
|
|
18 |
"tracking_exclude": true
|
19 |
},
|
20 |
"requirements": {
|
15 |
"run_if_whitelisted": true,
|
16 |
"run_if_verified_bot": false,
|
17 |
"run_if_wpcli": false,
|
18 |
+
"skip_processor": true,
|
19 |
"tracking_exclude": true
|
20 |
},
|
21 |
"requirements": {
|
src/config/feature-lockdown.php
CHANGED
@@ -114,7 +114,7 @@
|
|
114 |
"default": "N",
|
115 |
"type": "checkbox",
|
116 |
"link_info": "https://shsec.io/4q",
|
117 |
-
"link_blog": "",
|
118 |
"name": "Disable File Editing",
|
119 |
"summary": "Disable Ability To Edit Files From Within WordPress",
|
120 |
"description": "Removes the option to directly edit any files from within the WordPress admin area. Equivalent to setting 'DISALLOW_FILE_EDIT' to TRUE."
|
@@ -130,17 +130,6 @@
|
|
130 |
"summary": "Forces WordPress Admin Dashboard To Be Delivered Over SSL",
|
131 |
"description": "Please only enable this option if you have a valid SSL certificate installed. Equivalent to setting 'FORCE_SSL_ADMIN' to TRUE."
|
132 |
},
|
133 |
-
{
|
134 |
-
"key": "mask_wordpress_version",
|
135 |
-
"section": "section_wordpress_obscurity_options",
|
136 |
-
"default": "",
|
137 |
-
"type": "text",
|
138 |
-
"link_info": "https://shsec.io/43",
|
139 |
-
"link_blog": "",
|
140 |
-
"name": "Mask WordPress Version",
|
141 |
-
"summary": "Prevents Public Display Of Your WordPress Version",
|
142 |
-
"description": "Enter how you would like your WordPress version displayed publicly. Leave blank to disable this feature. Warning: This may interfere with WordPress plugins that rely on the $wp_version variable."
|
143 |
-
},
|
144 |
{
|
145 |
"key": "hide_wordpress_generator_tag",
|
146 |
"section": "section_wordpress_obscurity_options",
|
114 |
"default": "N",
|
115 |
"type": "checkbox",
|
116 |
"link_info": "https://shsec.io/4q",
|
117 |
+
"link_blog": "https://shsec.io/hk",
|
118 |
"name": "Disable File Editing",
|
119 |
"summary": "Disable Ability To Edit Files From Within WordPress",
|
120 |
"description": "Removes the option to directly edit any files from within the WordPress admin area. Equivalent to setting 'DISALLOW_FILE_EDIT' to TRUE."
|
130 |
"summary": "Forces WordPress Admin Dashboard To Be Delivered Over SSL",
|
131 |
"description": "Please only enable this option if you have a valid SSL certificate installed. Equivalent to setting 'FORCE_SSL_ADMIN' to TRUE."
|
132 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
133 |
{
|
134 |
"key": "hide_wordpress_generator_tag",
|
135 |
"section": "section_wordpress_obscurity_options",
|
src/config/feature-login_protect.php
CHANGED
@@ -38,16 +38,6 @@
|
|
38 |
"Recommendation - Use of this feature is highly recommend."
|
39 |
]
|
40 |
},
|
41 |
-
{
|
42 |
-
"slug": "section_recaptcha",
|
43 |
-
"title": "Google reCAPTCHA",
|
44 |
-
"title_short": "reCAPTCHA",
|
45 |
-
"summary": [
|
46 |
-
"Purpose - Adds Google reCAPTCHA to the Login Forms.",
|
47 |
-
"Recommendation - Keep this turned on.",
|
48 |
-
"Note - You will need to register for Google reCAPTCHA keys and store them in the Shield 'Dashboard' settings."
|
49 |
-
]
|
50 |
-
},
|
51 |
{
|
52 |
"slug": "section_2fa_email",
|
53 |
"title": "Email Two-Factor Authentication",
|
@@ -354,22 +344,10 @@
|
|
354 |
}
|
355 |
],
|
356 |
"link_info": "https://shsec.io/9m",
|
357 |
-
"link_blog": "
|
358 |
-
"name": "
|
359 |
-
"summary": "Enable
|
360 |
-
"description": "Use
|
361 |
-
},
|
362 |
-
{
|
363 |
-
"key": "enable_antibot_js",
|
364 |
-
"section": "section_brute_force_login_protection",
|
365 |
-
"premium": true,
|
366 |
-
"default": "N",
|
367 |
-
"type": "checkbox",
|
368 |
-
"link_info": "https://shsec.io/dw",
|
369 |
-
"link_blog": "",
|
370 |
-
"name": "AntiBot JS",
|
371 |
-
"summary": "Load Anti-Bot JS For 3rd Party Login Forms",
|
372 |
-
"description": "Important: This is experimental. Please contact support for further assistance."
|
373 |
},
|
374 |
{
|
375 |
"key": "antibot_form_ids",
|
@@ -379,7 +357,7 @@
|
|
379 |
"form#ihc_login_form",
|
380 |
"form#createuser"
|
381 |
],
|
382 |
-
"link_info": "",
|
383 |
"link_blog": "",
|
384 |
"name": "AntiBot Forms",
|
385 |
"summary": "Enter The IDs Of The 3rd Party Login Forms For Use With AntiBot JS",
|
@@ -462,14 +440,6 @@
|
|
462 |
"type": "text",
|
463 |
"default": ""
|
464 |
},
|
465 |
-
{
|
466 |
-
"key": "two_factor_secret_key",
|
467 |
-
"section": "section_non_ui",
|
468 |
-
"transferable": false,
|
469 |
-
"sensitive": true,
|
470 |
-
"type": "text",
|
471 |
-
"default": ""
|
472 |
-
},
|
473 |
{
|
474 |
"key": "use_login_intent_page",
|
475 |
"section": "section_non_ui",
|
38 |
"Recommendation - Use of this feature is highly recommend."
|
39 |
]
|
40 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
41 |
{
|
42 |
"slug": "section_2fa_email",
|
43 |
"title": "Email Two-Factor Authentication",
|
344 |
}
|
345 |
],
|
346 |
"link_info": "https://shsec.io/9m",
|
347 |
+
"link_blog": "",
|
348 |
+
"name": "CAPTCHA",
|
349 |
+
"summary": "Enable CAPTCHA",
|
350 |
+
"description": "Use CAPTCHA on the login screen."
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
351 |
},
|
352 |
{
|
353 |
"key": "antibot_form_ids",
|
357 |
"form#ihc_login_form",
|
358 |
"form#createuser"
|
359 |
],
|
360 |
+
"link_info": "https://shsec.io/hg",
|
361 |
"link_blog": "",
|
362 |
"name": "AntiBot Forms",
|
363 |
"summary": "Enter The IDs Of The 3rd Party Login Forms For Use With AntiBot JS",
|
440 |
"type": "text",
|
441 |
"default": ""
|
442 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
443 |
{
|
444 |
"key": "use_login_intent_page",
|
445 |
"section": "section_non_ui",
|
src/config/feature-plugin.php
CHANGED
@@ -34,6 +34,14 @@
|
|
34 |
"can_dismiss": false,
|
35 |
"type": "error"
|
36 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
37 |
"compat-sgoptimize": {
|
38 |
"id": "compat-sgoptimize",
|
39 |
"schedule": "conditions",
|
@@ -85,9 +93,9 @@
|
|
85 |
"help_video_id": "338540386"
|
86 |
},
|
87 |
{
|
88 |
-
"slug": "
|
89 |
-
"title": "
|
90 |
-
"title_short": "
|
91 |
"help_video_id": "338546796"
|
92 |
},
|
93 |
{
|
@@ -303,9 +311,30 @@
|
|
303 |
"summary": "Delete All Plugin Settings Upon Plugin Deactivation",
|
304 |
"description": "Careful: Removes all plugin options when you deactivate the plugin."
|
305 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
306 |
{
|
307 |
"key": "google_recaptcha_style",
|
308 |
-
"section": "
|
309 |
"premium": true,
|
310 |
"default": "light",
|
311 |
"type": "select",
|
@@ -325,13 +354,13 @@
|
|
325 |
],
|
326 |
"link_info": "https://shsec.io/dq",
|
327 |
"link_blog": "",
|
328 |
-
"name": "
|
329 |
"summary": "How Google reCAPTCHA Will Be Displayed By Default",
|
330 |
"description": "You can choose the reCAPTCHA display format that best suits your site, including the new Invisible Recaptcha."
|
331 |
},
|
332 |
{
|
333 |
"key": "google_recaptcha_site_key",
|
334 |
-
"section": "
|
335 |
"sensitive": true,
|
336 |
"default": "",
|
337 |
"type": "text",
|
@@ -343,7 +372,7 @@
|
|
343 |
},
|
344 |
{
|
345 |
"key": "google_recaptcha_secret_key",
|
346 |
-
"section": "
|
347 |
"sensitive": true,
|
348 |
"default": "",
|
349 |
"type": "text",
|
@@ -403,26 +432,41 @@
|
|
403 |
"default": 0
|
404 |
},
|
405 |
{
|
406 |
-
"key": "
|
407 |
-
"section": "section_non_ui",
|
408 |
"transferable": false,
|
|
|
409 |
"type": "text",
|
410 |
"default": ""
|
411 |
},
|
412 |
{
|
413 |
-
"key": "
|
414 |
"transferable": false,
|
|
|
415 |
"section": "section_non_ui",
|
416 |
"type": "text",
|
417 |
"default": ""
|
418 |
},
|
419 |
{
|
420 |
-
"key": "
|
421 |
"transferable": false,
|
422 |
"sensitive": true,
|
423 |
"section": "section_non_ui",
|
424 |
-
"type": "
|
425 |
-
"default":
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
426 |
}
|
427 |
],
|
428 |
"definitions": {
|
@@ -509,6 +553,11 @@
|
|
509 |
"storage_key": "events",
|
510 |
"load_priority": 11
|
511 |
},
|
|
|
|
|
|
|
|
|
|
|
512 |
{
|
513 |
"slug": "sessions",
|
514 |
"storage_key": "sessions",
|
34 |
"can_dismiss": false,
|
35 |
"type": "error"
|
36 |
},
|
37 |
+
"php7": {
|
38 |
+
"id": "php7",
|
39 |
+
"schedule": "conditions",
|
40 |
+
"valid_admin": true,
|
41 |
+
"plugin_page_only": false,
|
42 |
+
"can_dismiss": true,
|
43 |
+
"type": "warning"
|
44 |
+
},
|
45 |
"compat-sgoptimize": {
|
46 |
"id": "compat-sgoptimize",
|
47 |
"schedule": "conditions",
|
93 |
"help_video_id": "338540386"
|
94 |
},
|
95 |
{
|
96 |
+
"slug": "section_third_party_captcha",
|
97 |
+
"title": "CAPTCHA",
|
98 |
+
"title_short": "CAPTCHA",
|
99 |
"help_video_id": "338546796"
|
100 |
},
|
101 |
{
|
311 |
"summary": "Delete All Plugin Settings Upon Plugin Deactivation",
|
312 |
"description": "Careful: Removes all plugin options when you deactivate the plugin."
|
313 |
},
|
314 |
+
{
|
315 |
+
"key": "captcha_provider",
|
316 |
+
"section": "section_third_party_captcha",
|
317 |
+
"default": "grecaptcha",
|
318 |
+
"type": "select",
|
319 |
+
"value_options": [
|
320 |
+
{
|
321 |
+
"value_key": "grecaptcha",
|
322 |
+
"text": "Google reCAPTCHA v2"
|
323 |
+
},
|
324 |
+
{
|
325 |
+
"value_key": "hcaptcha",
|
326 |
+
"text": "hCaptcha"
|
327 |
+
}
|
328 |
+
],
|
329 |
+
"link_info": "https://shsec.io/dq",
|
330 |
+
"link_blog": "",
|
331 |
+
"name": "CAPTCHA Provider",
|
332 |
+
"summary": "Which CAPTCHA Provider To Use Throughout",
|
333 |
+
"description": "You can choose the CAPTCHA provider depending on your preferences."
|
334 |
+
},
|
335 |
{
|
336 |
"key": "google_recaptcha_style",
|
337 |
+
"section": "section_third_party_captcha",
|
338 |
"premium": true,
|
339 |
"default": "light",
|
340 |
"type": "select",
|
354 |
],
|
355 |
"link_info": "https://shsec.io/dq",
|
356 |
"link_blog": "",
|
357 |
+
"name": "CAPTCHA Type",
|
358 |
"summary": "How Google reCAPTCHA Will Be Displayed By Default",
|
359 |
"description": "You can choose the reCAPTCHA display format that best suits your site, including the new Invisible Recaptcha."
|
360 |
},
|
361 |
{
|
362 |
"key": "google_recaptcha_site_key",
|
363 |
+
"section": "section_third_party_captcha",
|
364 |
"sensitive": true,
|
365 |
"default": "",
|
366 |
"type": "text",
|
372 |
},
|
373 |
{
|
374 |
"key": "google_recaptcha_secret_key",
|
375 |
+
"section": "section_third_party_captcha",
|
376 |
"sensitive": true,
|
377 |
"default": "",
|
378 |
"type": "text",
|
432 |
"default": 0
|
433 |
},
|
434 |
{
|
435 |
+
"key": "last_ip_detect_source",
|
|
|
436 |
"transferable": false,
|
437 |
+
"section": "section_non_ui",
|
438 |
"type": "text",
|
439 |
"default": ""
|
440 |
},
|
441 |
{
|
442 |
+
"key": "openssl_private_key",
|
443 |
"transferable": false,
|
444 |
+
"sensitive": true,
|
445 |
"section": "section_non_ui",
|
446 |
"type": "text",
|
447 |
"default": ""
|
448 |
},
|
449 |
{
|
450 |
+
"key": "snapi_data",
|
451 |
"transferable": false,
|
452 |
"sensitive": true,
|
453 |
"section": "section_non_ui",
|
454 |
+
"type": "array",
|
455 |
+
"default": []
|
456 |
+
},
|
457 |
+
{
|
458 |
+
"key": "captcha_checked_at",
|
459 |
+
"transferable": false,
|
460 |
+
"section": "section_non_ui",
|
461 |
+
"type": "int",
|
462 |
+
"default": -1
|
463 |
+
},
|
464 |
+
{
|
465 |
+
"key": "cache_dir_write_test",
|
466 |
+
"transferable": false,
|
467 |
+
"section": "section_non_ui",
|
468 |
+
"type": "array",
|
469 |
+
"default": []
|
470 |
}
|
471 |
],
|
472 |
"definitions": {
|
553 |
"storage_key": "events",
|
554 |
"load_priority": 11
|
555 |
},
|
556 |
+
{
|
557 |
+
"slug": "reporting",
|
558 |
+
"storage_key": "reporting",
|
559 |
+
"load_priority": 12
|
560 |
+
},
|
561 |
{
|
562 |
"slug": "sessions",
|
563 |
"storage_key": "sessions",
|
src/config/feature-reporting.php
ADDED
@@ -0,0 +1,136 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
{
|
2 |
+
"properties": {
|
3 |
+
"slug": "reporting",
|
4 |
+
"name": "Reporting",
|
5 |
+
"storage_key": "reporting",
|
6 |
+
"tagline": "Shield Reporting",
|
7 |
+
"show_central": true,
|
8 |
+
"show_module_menu_item": false,
|
9 |
+
"show_module_options": true,
|
10 |
+
"premium": false,
|
11 |
+
"access_restricted": true,
|
12 |
+
"run_if_whitelisted": true,
|
13 |
+
"run_if_verified_bot": false,
|
14 |
+
"run_if_wpcli": true,
|
15 |
+
"tracking_exclude": true
|
16 |
+
},
|
17 |
+
"sections": [
|
18 |
+
{
|
19 |
+
"slug": "section_timings",
|
20 |
+
"primary": true,
|
21 |
+
"title": "Report Frequencies",
|
22 |
+
"title_short": "Report Frequencies",
|
23 |
+
"summary": [
|
24 |
+
"Purpose - Choose the most appropriate frequency to receive alerts from Shield according to your schedule."
|
25 |
+
]
|
26 |
+
},
|
27 |
+
{
|
28 |
+
"slug": "section_enable_mod_reporting",
|
29 |
+
"title": "Enable Module: Reports",
|
30 |
+
"title_short": "Disable Module",
|
31 |
+
"summary": [
|
32 |
+
"Purpose - Helps you see at a glance how effective the plugin has been.",
|
33 |
+
"Recommendation - Keep the Reporting feature turned on."
|
34 |
+
]
|
35 |
+
},
|
36 |
+
{
|
37 |
+
"slug": "section_non_ui",
|
38 |
+
"hidden": true
|
39 |
+
}
|
40 |
+
],
|
41 |
+
"options": [
|
42 |
+
{
|
43 |
+
"key": "enable_reporting",
|
44 |
+
"section": "section_enable_mod_reporting",
|
45 |
+
"default": "Y",
|
46 |
+
"type": "checkbox",
|
47 |
+
"link_info": "https://shsec.io/hb",
|
48 |
+
"link_blog": "",
|
49 |
+
"name": "Enable Reporting",
|
50 |
+
"summary": "Enable (or Disable) The Reporting module",
|
51 |
+
"description": "Un-Checking this option will completely disable the Reporting module"
|
52 |
+
},
|
53 |
+
{
|
54 |
+
"key": "frequency_alert",
|
55 |
+
"section": "section_timings",
|
56 |
+
"type": "select",
|
57 |
+
"default": "daily",
|
58 |
+
"value_options": [
|
59 |
+
{
|
60 |
+
"value_key": "disabled",
|
61 |
+
"text": "Disabled"
|
62 |
+
},
|
63 |
+
{
|
64 |
+
"value_key": "hourly",
|
65 |
+
"text": "Hourly"
|
66 |
+
},
|
67 |
+
{
|
68 |
+
"value_key": "daily",
|
69 |
+
"text": "Daily"
|
70 |
+
},
|
71 |
+
{
|
72 |
+
"value_key": "weekly",
|
73 |
+
"text": "Weekly"
|
74 |
+
}
|
75 |
+
],
|
76 |
+
"link_info": "https://shsec.io/h9",
|
77 |
+
"link_blog": "",
|
78 |
+
"name": "Alert Frequency",
|
79 |
+
"summary": "How Often Should You Be Sent Important Alerts",
|
80 |
+
"description": "Decide when you should be sent important and critical alerts about your site security."
|
81 |
+
},
|
82 |
+
{
|
83 |
+
"key": "frequency_info",
|
84 |
+
"section": "section_timings",
|
85 |
+
"type": "select",
|
86 |
+
"default": "weekly",
|
87 |
+
"value_options": [
|
88 |
+
{
|
89 |
+
"value_key": "disabled",
|
90 |
+
"text": "Disabled"
|
91 |
+
},
|
92 |
+
{
|
93 |
+
"value_key": "hourly",
|
94 |
+
"text": "Hourly"
|
95 |
+
},
|
96 |
+
{
|
97 |
+
"value_key": "daily",
|
98 |
+
"text": "Daily"
|
99 |
+
},
|
100 |
+
{
|
101 |
+
"value_key": "weekly",
|
102 |
+
"text": "Weekly"
|
103 |
+
},
|
104 |
+
{
|
105 |
+
"value_key": "biweekly",
|
106 |
+
"text": "Bi-Weekly"
|
107 |
+
},
|
108 |
+
{
|
109 |
+
"value_key": "monthly",
|
110 |
+
"text": "Monthly"
|
111 |
+
}
|
112 |
+
],
|
113 |
+
"link_info": "https://shsec.io/ha",
|
114 |
+
"link_blog": "",
|
115 |
+
"name": "Info Frequency",
|
116 |
+
"summary": "How Often Should You Be Sent Information Reports",
|
117 |
+
"description": "Decide when you should be sent non-critical information and reports about your site security."
|
118 |
+
}
|
119 |
+
],
|
120 |
+
"definitions": {
|
121 |
+
"db_classes": {
|
122 |
+
"reports": "\\FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Reports\\Handler"
|
123 |
+
},
|
124 |
+
"reports_table_name": "reports",
|
125 |
+
"reports_table_columns": [
|
126 |
+
"id",
|
127 |
+
"rid",
|
128 |
+
"type",
|
129 |
+
"frequency",
|
130 |
+
"interval_end_at",
|
131 |
+
"sent_at",
|
132 |
+
"created_at",
|
133 |
+
"deleted_at"
|
134 |
+
]
|
135 |
+
}
|
136 |
+
}
|
src/config/feature-traffic.php
CHANGED
@@ -59,7 +59,7 @@
|
|
59 |
{
|
60 |
"key": "enable_traffic",
|
61 |
"section": "section_enable_plugin_feature_traffic",
|
62 |
-
"default": "
|
63 |
"type": "checkbox",
|
64 |
"link_info": "https://shsec.io/ed",
|
65 |
"link_blog": "https://shsec.io/ee",
|
@@ -72,7 +72,7 @@
|
|
72 |
"section": "section_traffic_options",
|
73 |
"default": "N",
|
74 |
"type": "checkbox",
|
75 |
-
"link_info": "",
|
76 |
"link_blog": "",
|
77 |
"name": "Enable Traffic Logger",
|
78 |
"summary": "Turn On The Traffic Logging Feature",
|
@@ -161,17 +161,6 @@
|
|
161 |
"summary": "Maximum Traffic Log Length To Keep",
|
162 |
"description": "Automated DB cleanup will delete logs to maintain this maximum number of records."
|
163 |
},
|
164 |
-
{
|
165 |
-
"key": "auto_disable",
|
166 |
-
"section": "section_traffic_options",
|
167 |
-
"default": "N",
|
168 |
-
"type": "checkbox",
|
169 |
-
"link_info": "",
|
170 |
-
"link_blog": "",
|
171 |
-
"name": "Auto Disable",
|
172 |
-
"summary": "Auto Disable Traffic Logging After 1 Week",
|
173 |
-
"description": "Turn on to prevent unnecessary long-term traffic logging. Timer resets each time you save."
|
174 |
-
},
|
175 |
{
|
176 |
"key": "enable_limiter",
|
177 |
"section": "section_traffic_limiter",
|
@@ -207,13 +196,6 @@
|
|
207 |
"name": "Request Limit Time Interval",
|
208 |
"summary": "The Time Interval To Test For Excessive Requests",
|
209 |
"description": "The time limit within which to monitor for excessive requests that exceed the limit."
|
210 |
-
},
|
211 |
-
{
|
212 |
-
"key": "autodisable_at",
|
213 |
-
"section": "section_non_ui",
|
214 |
-
"type": "integer",
|
215 |
-
"transferable": false,
|
216 |
-
"default": 0
|
217 |
}
|
218 |
],
|
219 |
"definitions": {
|
59 |
{
|
60 |
"key": "enable_traffic",
|
61 |
"section": "section_enable_plugin_feature_traffic",
|
62 |
+
"default": "Y",
|
63 |
"type": "checkbox",
|
64 |
"link_info": "https://shsec.io/ed",
|
65 |
"link_blog": "https://shsec.io/ee",
|
72 |
"section": "section_traffic_options",
|
73 |
"default": "N",
|
74 |
"type": "checkbox",
|
75 |
+
"link_info": "https://shsec.io/hf",
|
76 |
"link_blog": "",
|
77 |
"name": "Enable Traffic Logger",
|
78 |
"summary": "Turn On The Traffic Logging Feature",
|
161 |
"summary": "Maximum Traffic Log Length To Keep",
|
162 |
"description": "Automated DB cleanup will delete logs to maintain this maximum number of records."
|
163 |
},
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
164 |
{
|
165 |
"key": "enable_limiter",
|
166 |
"section": "section_traffic_limiter",
|
196 |
"name": "Request Limit Time Interval",
|
197 |
"summary": "The Time Interval To Test For Excessive Requests",
|
198 |
"description": "The time limit within which to monitor for excessive requests that exceed the limit."
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
199 |
}
|
200 |
],
|
201 |
"definitions": {
|
src/config/feature-user_management.php
CHANGED
@@ -86,7 +86,7 @@
|
|
86 |
"default": "Y",
|
87 |
"type": "checkbox",
|
88 |
"link_info": "https://shsec.io/e3",
|
89 |
-
"link_blog": "",
|
90 |
"name": "Enable User Management",
|
91 |
"summary": "Enable (or Disable) The User Management module",
|
92 |
"description": "Un-Checking this option will completely disable the User Management module"
|
@@ -188,7 +188,7 @@
|
|
188 |
}
|
189 |
],
|
190 |
"link_info": "https://shsec.io/gk",
|
191 |
-
"link_blog": "",
|
192 |
"name": "Validate Email Addresses",
|
193 |
"summary": "Validate Email Addresses When User Attempts To Register",
|
194 |
"description": "Validate Email Addresses When User Attempts To Register."
|
86 |
"default": "Y",
|
87 |
"type": "checkbox",
|
88 |
"link_info": "https://shsec.io/e3",
|
89 |
+
"link_blog": "https://shsec.io/hi",
|
90 |
"name": "Enable User Management",
|
91 |
"summary": "Enable (or Disable) The User Management module",
|
92 |
"description": "Un-Checking this option will completely disable the User Management module"
|
188 |
}
|
189 |
],
|
190 |
"link_info": "https://shsec.io/gk",
|
191 |
+
"link_blog": "https://shsec.io/hh",
|
192 |
"name": "Validate Email Addresses",
|
193 |
"summary": "Validate Email Addresses When User Attempts To Register",
|
194 |
"description": "Validate Email Addresses When User Attempts To Register."
|
src/features/admin_access_restriction.php
CHANGED
@@ -54,7 +54,7 @@ class ICWP_WPSF_FeatureHandler_AdminAccessRestriction extends ICWP_WPSF_FeatureH
|
|
54 |
|
55 |
/**
|
56 |
*/
|
57 |
-
protected function
|
58 |
if ( $this->isValidSecAdminRequest() ) {
|
59 |
$this->setSecurityAdminStatusOnOff( true );
|
60 |
}
|
54 |
|
55 |
/**
|
56 |
*/
|
57 |
+
protected function preProcessOptions() {
|
58 |
if ( $this->isValidSecAdminRequest() ) {
|
59 |
$this->setSecurityAdminStatusOnOff( true );
|
60 |
}
|
src/features/autoupdates.php
CHANGED
@@ -6,16 +6,6 @@ use FernleafSystems\Wordpress\Services\Services;
|
|
6 |
|
7 |
class ICWP_WPSF_FeatureHandler_Autoupdates extends ICWP_WPSF_FeatureHandler_BaseWpsf {
|
8 |
|
9 |
-
/**
|
10 |
-
*/
|
11 |
-
protected function setupCustomHooks() {
|
12 |
-
parent::setupCustomHooks();
|
13 |
-
// Force run automatic updates
|
14 |
-
if ( Services::Request()->query( 'force_run_auto_updates' ) == 'now' ) {
|
15 |
-
add_filter( $this->prefix( 'force_autoupdate' ), '__return_true' );
|
16 |
-
}
|
17 |
-
}
|
18 |
-
|
19 |
/**
|
20 |
* @param array $aAllNotices
|
21 |
* @return array
|
6 |
|
7 |
class ICWP_WPSF_FeatureHandler_Autoupdates extends ICWP_WPSF_FeatureHandler_BaseWpsf {
|
8 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
9 |
/**
|
10 |
* @param array $aAllNotices
|
11 |
* @return array
|
src/features/base.php
CHANGED
@@ -3,7 +3,7 @@
|
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
4 |
use FernleafSystems\Wordpress\Services\Services;
|
5 |
|
6 |
-
abstract class ICWP_WPSF_FeatureHandler_Base
|
7 |
|
8 |
use Shield\Modules\PluginControllerConsumer;
|
9 |
|
@@ -37,6 +37,11 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
37 |
*/
|
38 |
private $oWizard;
|
39 |
|
|
|
|
|
|
|
|
|
|
|
40 |
/**
|
41 |
* @var Shield\Modules\Base\Strings
|
42 |
*/
|
@@ -83,32 +88,33 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
83 |
* @param array $aModProps
|
84 |
*/
|
85 |
protected function setupHooks( $aModProps ) {
|
|
|
86 |
$nRunPriority = isset( $aModProps[ 'load_priority' ] ) ? $aModProps[ 'load_priority' ] : 100;
|
87 |
-
|
|
|
88 |
$this->onModulesLoaded();
|
89 |
}, $nRunPriority );
|
90 |
-
add_action( $
|
91 |
add_action( 'init', [ $this, 'onWpInit' ], 1 );
|
92 |
-
add_action( $this->prefix( 'import_options' ), [ $this, 'processImportOptions' ] );
|
93 |
|
94 |
$nMenuPri = isset( $aModProps[ 'menu_priority' ] ) ? $aModProps[ 'menu_priority' ] : 100;
|
95 |
-
add_filter( $
|
96 |
-
add_filter( $
|
97 |
-
add_filter( $
|
98 |
-
add_filter( $
|
99 |
-
|
100 |
-
add_action( $
|
101 |
-
add_action( $
|
102 |
-
|
|
|
103 |
|
104 |
-
add_filter( $
|
105 |
-
add_filter( $this->prefix( 'gather_options_for_export' ), [ $this, 'exportTransferableOptions' ] );
|
106 |
|
107 |
-
add_action( $
|
108 |
-
add_action( $
|
109 |
|
110 |
// supply supported events for this module
|
111 |
-
add_filter( $
|
112 |
return array_merge(
|
113 |
is_array( $aEvents ) ? $aEvents : [],
|
114 |
array_map(
|
@@ -300,11 +306,13 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
300 |
if ( $this->isUpgrading() ) {
|
301 |
$this->updateHandler();
|
302 |
}
|
303 |
-
|
|
|
304 |
$this->loadProcessor();
|
305 |
}
|
306 |
try {
|
307 |
-
|
|
|
308 |
$this->doExecuteProcessor();
|
309 |
}
|
310 |
}
|
@@ -312,23 +320,12 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
312 |
}
|
313 |
}
|
314 |
|
315 |
-
/**
|
316 |
-
* @param array $aOptions
|
317 |
-
*/
|
318 |
-
public function processImportOptions( $aOptions ) {
|
319 |
-
if ( !empty( $aOptions ) && is_array( $aOptions ) && array_key_exists( $this->getOptionsStorageKey(), $aOptions ) ) {
|
320 |
-
$this->getOptions()
|
321 |
-
->setMultipleOptions( $aOptions[ $this->getOptionsStorageKey() ] );
|
322 |
-
$this->saveModOptions();
|
323 |
-
}
|
324 |
-
}
|
325 |
-
|
326 |
/**
|
327 |
* @return bool
|
328 |
* @throws \Exception
|
329 |
*/
|
330 |
protected function isReadyToExecute() {
|
331 |
-
return ( $this->getProcessor()
|
332 |
}
|
333 |
|
334 |
protected function doExecuteProcessor() {
|
@@ -340,16 +337,26 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
340 |
*/
|
341 |
public function onWpInit() {
|
342 |
$oReq = Services::Request();
|
|
|
|
|
|
|
|
|
|
|
|
|
343 |
if ( $this->isModuleRequest() ) {
|
344 |
|
345 |
if ( Services::WpGeneral()->isAjax() ) {
|
346 |
$this->loadAjaxHandler();
|
347 |
}
|
348 |
-
|
349 |
-
|
350 |
-
|
351 |
-
|
352 |
-
|
|
|
|
|
|
|
|
|
353 |
}
|
354 |
}
|
355 |
|
@@ -433,7 +440,7 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
433 |
* Hooked to the plugin's main plugin_shutdown action
|
434 |
*/
|
435 |
public function onPluginShutdown() {
|
436 |
-
if ( !$this->getCon()->
|
437 |
if ( rand( 1, 40 ) === 2 ) {
|
438 |
// cleanup databases randomly just in-case cron doesn't run.
|
439 |
$this->cleanupDatabases();
|
@@ -445,12 +452,12 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
445 |
/**
|
446 |
* @return string
|
447 |
*/
|
448 |
-
|
449 |
return $this->getCon()->prefixOption( $this->sOptionsStoreKey ).'_options';
|
450 |
}
|
451 |
|
452 |
/**
|
453 |
-
* @return Shield\Modules\Base\BaseProcessor|mixed
|
454 |
*/
|
455 |
public function getProcessor() {
|
456 |
return $this->loadProcessor();
|
@@ -477,6 +484,52 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
477 |
return add_query_arg( $aActionNonce, $this->getUrl_AdminPage() );
|
478 |
}
|
479 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
480 |
/**
|
481 |
* @param string $sOptKey
|
482 |
* @return string
|
@@ -509,7 +562,7 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
509 |
*/
|
510 |
public function getEmailHandler() {
|
511 |
if ( is_null( self::$oEmailHandler ) ) {
|
512 |
-
self::$oEmailHandler = $this->getCon()->
|
513 |
}
|
514 |
return self::$oEmailHandler;
|
515 |
}
|
@@ -597,6 +650,14 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
597 |
return $this->sModSlug;
|
598 |
}
|
599 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
600 |
/**
|
601 |
* @param array $aItems
|
602 |
* @return array
|
@@ -963,9 +1024,15 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
963 |
}
|
964 |
|
965 |
/**
|
|
|
966 |
* @return $this
|
967 |
*/
|
968 |
-
public function saveModOptions() {
|
|
|
|
|
|
|
|
|
|
|
969 |
$this->doPrePluginOptionsSave();
|
970 |
if ( apply_filters( $this->prefix( 'force_options_resave' ), false ) ) {
|
971 |
$this->getOptions()
|
@@ -978,6 +1045,9 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
978 |
return $this;
|
979 |
}
|
980 |
|
|
|
|
|
|
|
981 |
private function store() {
|
982 |
add_filter( $this->prefix( 'bypass_is_plugin_admin' ), '__return_true', 1000 );
|
983 |
$this->getOptions()
|
@@ -1053,7 +1123,7 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
1053 |
else {
|
1054 |
$sHelpVideoUrl = '';
|
1055 |
}
|
1056 |
-
$aOptions[ $nSectionKey ][ 'help_video_url' ] =
|
1057 |
}
|
1058 |
}
|
1059 |
|
@@ -1154,8 +1224,6 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
1154 |
protected function doPrePluginOptionsSave() {
|
1155 |
}
|
1156 |
|
1157 |
-
/**
|
1158 |
-
*/
|
1159 |
public function onPluginDeactivate() {
|
1160 |
}
|
1161 |
|
@@ -1198,16 +1266,17 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
1198 |
if ( !$this->getCon()->isPluginAdmin() ) {
|
1199 |
throw new \Exception( __( "You don't currently have permission to save settings.", 'wp-simple-firewall' ) );
|
1200 |
}
|
|
|
1201 |
$this->doSaveStandardOptions();
|
1202 |
-
$this->doExtraSubmitProcessing();
|
1203 |
-
}
|
1204 |
|
1205 |
-
|
1206 |
-
return $this->getCon()->isPluginAdmin()
|
1207 |
-
&& check_admin_referer( $this->getCon()->getPluginPrefix() );
|
1208 |
-
}
|
1209 |
|
1210 |
-
|
|
|
|
|
|
|
|
|
|
|
1211 |
}
|
1212 |
|
1213 |
/**
|
@@ -1241,16 +1310,6 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
1241 |
return $this->getCon()->isPremiumActive();
|
1242 |
}
|
1243 |
|
1244 |
-
/**
|
1245 |
-
* UNUSED
|
1246 |
-
* Ensure that if an option is premium, it is never changed unless we have premium access
|
1247 |
-
*/
|
1248 |
-
protected function resetPremiumOptions() {
|
1249 |
-
if ( !$this->isPremium() ) {
|
1250 |
-
$this->getOptions()->resetPremiumOptsToDefault();
|
1251 |
-
}
|
1252 |
-
}
|
1253 |
-
|
1254 |
/**
|
1255 |
* @throws \Exception
|
1256 |
*/
|
@@ -1302,8 +1361,7 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
1302 |
elseif ( $sOptType == 'comma_separated_lists' ) {
|
1303 |
$sOptionValue = Services::Data()->extractCommaSeparatedList( $sOptionValue );
|
1304 |
}
|
1305 |
-
elseif ( $sOptType == 'multiple_select' ) {
|
1306 |
-
}
|
1307 |
}
|
1308 |
|
1309 |
// Prevent overwriting of non-editable fields
|
@@ -1312,13 +1370,11 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
1312 |
}
|
1313 |
}
|
1314 |
|
1315 |
-
|
1316 |
-
|
1317 |
-
|
1318 |
-
|
1319 |
-
|
1320 |
-
wp_schedule_single_event( Services::Request()->ts() + 15, $this->prefix( 'importexport_notify' ) );
|
1321 |
-
}
|
1322 |
}
|
1323 |
}
|
1324 |
|
@@ -1439,11 +1495,17 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
1439 |
'mod_slug' => $this->getModSlug( true ),
|
1440 |
'mod_slug_short' => $this->getModSlug( false ),
|
1441 |
'all_options' => $this->buildOptions(),
|
|
|
|
|
|
|
1442 |
'hidden_options' => $this->getOptions()->getHiddenOptions()
|
1443 |
],
|
1444 |
'ajax' => [
|
1445 |
'mod_options' => $this->getAjaxActionData( 'mod_options' ),
|
1446 |
],
|
|
|
|
|
|
|
1447 |
'strings' => $this->getStrings()->getDisplayStrings(),
|
1448 |
'flags' => [
|
1449 |
'access_restricted' => !$this->canDisplayOptionsForm(),
|
@@ -1453,8 +1515,8 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
1453 |
'show_content_help' => true,
|
1454 |
'show_alt_content' => false,
|
1455 |
'has_wizard' => $this->hasWizard(),
|
1456 |
-
|
1457 |
-
'
|
1458 |
],
|
1459 |
'hrefs' => [
|
1460 |
'go_pro' => 'https://shsec.io/shieldgoprofeature',
|
@@ -1721,7 +1783,7 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
1721 |
}
|
1722 |
try {
|
1723 |
$oRndr = $this->getCon()->getRenderer();
|
1724 |
-
if ( $bUseTwig ) {
|
1725 |
$oRndr->setTemplateEngineTwig();
|
1726 |
}
|
1727 |
|
@@ -1900,6 +1962,19 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
1900 |
return $this->oStrings;
|
1901 |
}
|
1902 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1903 |
/**
|
1904 |
* @return $this
|
1905 |
*/
|
@@ -1968,4 +2043,11 @@ abstract class ICWP_WPSF_FeatureHandler_Base extends Shield\Deprecated\Foundatio
|
|
1968 |
public function savePluginOptions() {
|
1969 |
$this->saveModOptions();
|
1970 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1971 |
}
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
4 |
use FernleafSystems\Wordpress\Services\Services;
|
5 |
|
6 |
+
abstract class ICWP_WPSF_FeatureHandler_Base {
|
7 |
|
8 |
use Shield\Modules\PluginControllerConsumer;
|
9 |
|
37 |
*/
|
38 |
private $oWizard;
|
39 |
|
40 |
+
/**
|
41 |
+
* @var Shield\Modules\Base\BaseReporting
|
42 |
+
*/
|
43 |
+
private $oReporting;
|
44 |
+
|
45 |
/**
|
46 |
* @var Shield\Modules\Base\Strings
|
47 |
*/
|
88 |
* @param array $aModProps
|
89 |
*/
|
90 |
protected function setupHooks( $aModProps ) {
|
91 |
+
$oCon = $this->getCon();
|
92 |
$nRunPriority = isset( $aModProps[ 'load_priority' ] ) ? $aModProps[ 'load_priority' ] : 100;
|
93 |
+
|
94 |
+
add_action( $oCon->prefix( 'modules_loaded' ), function () {
|
95 |
$this->onModulesLoaded();
|
96 |
}, $nRunPriority );
|
97 |
+
add_action( $oCon->prefix( 'run_processors' ), [ $this, 'onRunProcessors' ], $nRunPriority );
|
98 |
add_action( 'init', [ $this, 'onWpInit' ], 1 );
|
|
|
99 |
|
100 |
$nMenuPri = isset( $aModProps[ 'menu_priority' ] ) ? $aModProps[ 'menu_priority' ] : 100;
|
101 |
+
add_filter( $oCon->prefix( 'submenu_items' ), [ $this, 'supplySubMenuItem' ], $nMenuPri );
|
102 |
+
add_filter( $oCon->prefix( 'admin_bar_menu_items' ), [ $this, 'addAdminMenuBarItems' ], $nMenuPri );
|
103 |
+
add_filter( $oCon->prefix( 'collect_mod_summary' ), [ $this, 'addModuleSummaryData' ], $nMenuPri );
|
104 |
+
add_filter( $oCon->prefix( 'collect_notices' ), [ $this, 'addInsightsNoticeData' ] );
|
105 |
+
add_filter( $oCon->prefix( 'collect_summary' ), [ $this, 'addInsightsConfigData' ], $nRunPriority );
|
106 |
+
add_action( $oCon->prefix( 'plugin_shutdown' ), [ $this, 'onPluginShutdown' ] );
|
107 |
+
add_action( $oCon->prefix( 'deactivate_plugin' ), [ $this, 'onPluginDeactivate' ] );
|
108 |
+
add_action( $oCon->prefix( 'delete_plugin' ), [ $this, 'onPluginDelete' ] );
|
109 |
+
add_filter( $oCon->prefix( 'aggregate_all_plugin_options' ), [ $this, 'aggregateOptionsValues' ] );
|
110 |
|
111 |
+
add_filter( $oCon->prefix( 'register_admin_notices' ), [ $this, 'fRegisterAdminNotices' ] );
|
|
|
112 |
|
113 |
+
add_action( $oCon->prefix( 'daily_cron' ), [ $this, 'runDailyCron' ] );
|
114 |
+
add_action( $oCon->prefix( 'hourly_cron' ), [ $this, 'runHourlyCron' ] );
|
115 |
|
116 |
// supply supported events for this module
|
117 |
+
add_filter( $oCon->prefix( 'get_all_events' ), function ( $aEvents ) {
|
118 |
return array_merge(
|
119 |
is_array( $aEvents ) ? $aEvents : [],
|
120 |
array_map(
|
306 |
if ( $this->isUpgrading() ) {
|
307 |
$this->updateHandler();
|
308 |
}
|
309 |
+
$oOpts = $this->getOptions();
|
310 |
+
if ( $oOpts->getFeatureProperty( 'auto_load_processor' ) ) {
|
311 |
$this->loadProcessor();
|
312 |
}
|
313 |
try {
|
314 |
+
$bSkip = (bool)$oOpts->getFeatureProperty( 'skip_processor' );
|
315 |
+
if ( !$bSkip && !$this->isUpgrading() && $this->isModuleEnabled() && $this->isReadyToExecute() ) {
|
316 |
$this->doExecuteProcessor();
|
317 |
}
|
318 |
}
|
320 |
}
|
321 |
}
|
322 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
323 |
/**
|
324 |
* @return bool
|
325 |
* @throws \Exception
|
326 |
*/
|
327 |
protected function isReadyToExecute() {
|
328 |
+
return !is_null( $this->getProcessor() );
|
329 |
}
|
330 |
|
331 |
protected function doExecuteProcessor() {
|
337 |
*/
|
338 |
public function onWpInit() {
|
339 |
$oReq = Services::Request();
|
340 |
+
|
341 |
+
$sShieldAction = $this->getCon()->getShieldAction();
|
342 |
+
if ( !empty( $sShieldAction ) ) {
|
343 |
+
do_action( $this->getCon()->prefix( 'shield_action' ), $sShieldAction );
|
344 |
+
}
|
345 |
+
|
346 |
if ( $this->isModuleRequest() ) {
|
347 |
|
348 |
if ( Services::WpGeneral()->isAjax() ) {
|
349 |
$this->loadAjaxHandler();
|
350 |
}
|
351 |
+
else {
|
352 |
+
try {
|
353 |
+
if ( $this->verifyModActionRequest() ) {
|
354 |
+
$this->handleModAction( $oReq->request( 'exec' ) );
|
355 |
+
}
|
356 |
+
}
|
357 |
+
catch ( \Exception $oE ) {
|
358 |
+
wp_nonce_ays( '' );
|
359 |
+
}
|
360 |
}
|
361 |
}
|
362 |
|
440 |
* Hooked to the plugin's main plugin_shutdown action
|
441 |
*/
|
442 |
public function onPluginShutdown() {
|
443 |
+
if ( !$this->getCon()->plugin_deleting ) {
|
444 |
if ( rand( 1, 40 ) === 2 ) {
|
445 |
// cleanup databases randomly just in-case cron doesn't run.
|
446 |
$this->cleanupDatabases();
|
452 |
/**
|
453 |
* @return string
|
454 |
*/
|
455 |
+
public function getOptionsStorageKey() {
|
456 |
return $this->getCon()->prefixOption( $this->sOptionsStoreKey ).'_options';
|
457 |
}
|
458 |
|
459 |
/**
|
460 |
+
* @return Shield\Modules\Base\BaseProcessor|Shield\Modules\Base\OneTimeExecute|mixed
|
461 |
*/
|
462 |
public function getProcessor() {
|
463 |
return $this->loadProcessor();
|
484 |
return add_query_arg( $aActionNonce, $this->getUrl_AdminPage() );
|
485 |
}
|
486 |
|
487 |
+
/**
|
488 |
+
* @param string $sAction
|
489 |
+
* @return array
|
490 |
+
*/
|
491 |
+
protected function getModActionParams( $sAction ) {
|
492 |
+
$oCon = $this->getCon();
|
493 |
+
return [
|
494 |
+
'action' => $oCon->prefix(),
|
495 |
+
'exec' => $sAction,
|
496 |
+
'mod_slug' => $this->getModSlug(),
|
497 |
+
'ts' => Services::Request()->ts(),
|
498 |
+
'exec_nonce' => substr(
|
499 |
+
hash_hmac( 'md5', $sAction.Services::Request()->ts(), $oCon->getSiteInstallationId() )
|
500 |
+
, 0, 6 )
|
501 |
+
];
|
502 |
+
}
|
503 |
+
|
504 |
+
/**
|
505 |
+
* @return bool
|
506 |
+
* @throws \Exception
|
507 |
+
*/
|
508 |
+
protected function verifyModActionRequest() {
|
509 |
+
$bValid = false;
|
510 |
+
|
511 |
+
$oCon = $this->getCon();
|
512 |
+
$oReq = Services::Request();
|
513 |
+
|
514 |
+
$sExec = $oReq->request( 'exec' );
|
515 |
+
if ( !empty( $sExec ) && $oReq->request( 'action' ) == $oCon->prefix() ) {
|
516 |
+
|
517 |
+
|
518 |
+
if ( wp_verify_nonce( $oReq->request( 'exec_nonce' ), $sExec ) && $oCon->getMeetsBasePermissions() ) {
|
519 |
+
$bValid = true;
|
520 |
+
}
|
521 |
+
else {
|
522 |
+
$bValid = $oReq->request( 'exec_nonce' ) ===
|
523 |
+
substr( hash_hmac( 'md5', $sExec.$oReq->request( 'ts' ), $oCon->getSiteInstallationId() ), 0, 6 );
|
524 |
+
}
|
525 |
+
if ( !$bValid ) {
|
526 |
+
throw new Exception( 'Invalid request' );
|
527 |
+
}
|
528 |
+
}
|
529 |
+
|
530 |
+
return $bValid;
|
531 |
+
}
|
532 |
+
|
533 |
/**
|
534 |
* @param string $sOptKey
|
535 |
* @return string
|
562 |
*/
|
563 |
public function getEmailHandler() {
|
564 |
if ( is_null( self::$oEmailHandler ) ) {
|
565 |
+
self::$oEmailHandler = $this->getCon()->getModule( 'email' );
|
566 |
}
|
567 |
return self::$oEmailHandler;
|
568 |
}
|
650 |
return $this->sModSlug;
|
651 |
}
|
652 |
|
653 |
+
/**
|
654 |
+
* @param array $aItems
|
655 |
+
* @return array
|
656 |
+
*/
|
657 |
+
public function addAdminMenuBarItems( array $aItems ) {
|
658 |
+
return $aItems;
|
659 |
+
}
|
660 |
+
|
661 |
/**
|
662 |
* @param array $aItems
|
663 |
* @return array
|
1024 |
}
|
1025 |
|
1026 |
/**
|
1027 |
+
* @param bool $bPreProcessOptions
|
1028 |
* @return $this
|
1029 |
*/
|
1030 |
+
public function saveModOptions( $bPreProcessOptions = false ) {
|
1031 |
+
|
1032 |
+
if ( $bPreProcessOptions ) {
|
1033 |
+
$this->preProcessOptions();
|
1034 |
+
}
|
1035 |
+
|
1036 |
$this->doPrePluginOptionsSave();
|
1037 |
if ( apply_filters( $this->prefix( 'force_options_resave' ), false ) ) {
|
1038 |
$this->getOptions()
|
1045 |
return $this;
|
1046 |
}
|
1047 |
|
1048 |
+
protected function preProcessOptions() {
|
1049 |
+
}
|
1050 |
+
|
1051 |
private function store() {
|
1052 |
add_filter( $this->prefix( 'bypass_is_plugin_admin' ), '__return_true', 1000 );
|
1053 |
$this->getOptions()
|
1123 |
else {
|
1124 |
$sHelpVideoUrl = '';
|
1125 |
}
|
1126 |
+
$aOptions[ $nSectionKey ][ 'help_video_url' ] = ''; /* Remove on Shield 9.0 */
|
1127 |
}
|
1128 |
}
|
1129 |
|
1224 |
protected function doPrePluginOptionsSave() {
|
1225 |
}
|
1226 |
|
|
|
|
|
1227 |
public function onPluginDeactivate() {
|
1228 |
}
|
1229 |
|
1266 |
if ( !$this->getCon()->isPluginAdmin() ) {
|
1267 |
throw new \Exception( __( "You don't currently have permission to save settings.", 'wp-simple-firewall' ) );
|
1268 |
}
|
1269 |
+
|
1270 |
$this->doSaveStandardOptions();
|
|
|
|
|
1271 |
|
1272 |
+
$this->saveModOptions( true );
|
|
|
|
|
|
|
1273 |
|
1274 |
+
// only use this flag when the options are being updated with a MANUAL save.
|
1275 |
+
if ( isset( $this->bImportExportWhitelistNotify ) && $this->bImportExportWhitelistNotify ) {
|
1276 |
+
if ( !wp_next_scheduled( $this->prefix( 'importexport_notify' ) ) ) {
|
1277 |
+
wp_schedule_single_event( Services::Request()->ts() + 15, $this->prefix( 'importexport_notify' ) );
|
1278 |
+
}
|
1279 |
+
}
|
1280 |
}
|
1281 |
|
1282 |
/**
|
1310 |
return $this->getCon()->isPremiumActive();
|
1311 |
}
|
1312 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1313 |
/**
|
1314 |
* @throws \Exception
|
1315 |
*/
|
1361 |
elseif ( $sOptType == 'comma_separated_lists' ) {
|
1362 |
$sOptionValue = Services::Data()->extractCommaSeparatedList( $sOptionValue );
|
1363 |
}
|
1364 |
+
/* elseif ( $sOptType == 'multiple_select' ) { } */
|
|
|
1365 |
}
|
1366 |
|
1367 |
// Prevent overwriting of non-editable fields
|
1370 |
}
|
1371 |
}
|
1372 |
|
1373 |
+
// Handle Import/Export exclusions
|
1374 |
+
if ( $this->isPremium() ) {
|
1375 |
+
( new Shield\Modules\Plugin\Lib\ImportExport\Options\SaveExcludedOptions() )
|
1376 |
+
->setMod( $this )
|
1377 |
+
->save( $aForm );
|
|
|
|
|
1378 |
}
|
1379 |
}
|
1380 |
|
1495 |
'mod_slug' => $this->getModSlug( true ),
|
1496 |
'mod_slug_short' => $this->getModSlug( false ),
|
1497 |
'all_options' => $this->buildOptions(),
|
1498 |
+
'xferable_opts' => ( new Shield\Modules\Plugin\Lib\ImportExport\Options\BuildTransferableOptions() )
|
1499 |
+
->setMod( $this )
|
1500 |
+
->build(),
|
1501 |
'hidden_options' => $this->getOptions()->getHiddenOptions()
|
1502 |
],
|
1503 |
'ajax' => [
|
1504 |
'mod_options' => $this->getAjaxActionData( 'mod_options' ),
|
1505 |
],
|
1506 |
+
'vendors' => [
|
1507 |
+
'widget_freshdesk' => '3000000081' /* TODO: plugin spec config */
|
1508 |
+
],
|
1509 |
'strings' => $this->getStrings()->getDisplayStrings(),
|
1510 |
'flags' => [
|
1511 |
'access_restricted' => !$this->canDisplayOptionsForm(),
|
1515 |
'show_content_help' => true,
|
1516 |
'show_alt_content' => false,
|
1517 |
'has_wizard' => $this->hasWizard(),
|
1518 |
+
'is_premium' => $this->isPremium(),
|
1519 |
+
'show_transfer_switch' => $this->isPremium()
|
1520 |
],
|
1521 |
'hrefs' => [
|
1522 |
'go_pro' => 'https://shsec.io/shieldgoprofeature',
|
1783 |
}
|
1784 |
try {
|
1785 |
$oRndr = $this->getCon()->getRenderer();
|
1786 |
+
if ( $bUseTwig || preg_match( '#^.*\.twig$#i', $sTemplate ) ) {
|
1787 |
$oRndr->setTemplateEngineTwig();
|
1788 |
}
|
1789 |
|
1962 |
return $this->oStrings;
|
1963 |
}
|
1964 |
|
1965 |
+
/**
|
1966 |
+
* @return Shield\Modules\Base\BaseReporting|mixed|false
|
1967 |
+
*/
|
1968 |
+
public function getReportingHandler() {
|
1969 |
+
if ( !isset( $this->oReporting ) ) {
|
1970 |
+
$this->oReporting = $this->loadClass( 'Reporting' );
|
1971 |
+
if ( $this->oReporting instanceof Shield\Modules\Base\BaseReporting ) {
|
1972 |
+
$this->oReporting->setMod( $this );
|
1973 |
+
}
|
1974 |
+
}
|
1975 |
+
return $this->oReporting;
|
1976 |
+
}
|
1977 |
+
|
1978 |
/**
|
1979 |
* @return $this
|
1980 |
*/
|
2043 |
public function savePluginOptions() {
|
2044 |
$this->saveModOptions();
|
2045 |
}
|
2046 |
+
|
2047 |
+
/**
|
2048 |
+
* @deprecated 9.0
|
2049 |
+
*/
|
2050 |
+
protected function doExtraSubmitProcessing() {
|
2051 |
+
$this->preProcessOptions();
|
2052 |
+
}
|
2053 |
}
|
src/features/base_wpsf.php
CHANGED
@@ -1,6 +1,7 @@
|
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
|
|
4 |
use FernleafSystems\Wordpress\Services\Services;
|
5 |
use FernleafSystems\Wordpress\Services\Utilities;
|
6 |
|
@@ -16,6 +17,15 @@ class ICWP_WPSF_FeatureHandler_BaseWpsf extends ICWP_WPSF_FeatureHandler_Base {
|
|
16 |
*/
|
17 |
private static $bVisitorIsWhitelisted;
|
18 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
19 |
/**
|
20 |
* @return \ICWP_WPSF_Processor_Sessions
|
21 |
*/
|
@@ -34,15 +44,6 @@ class ICWP_WPSF_FeatureHandler_BaseWpsf extends ICWP_WPSF_FeatureHandler_Base {
|
|
34 |
->getDbHandler_Sessions();
|
35 |
}
|
36 |
|
37 |
-
/**
|
38 |
-
* @return Shield\Databases\GeoIp\Handler
|
39 |
-
*/
|
40 |
-
public function getDbHandler_GeoIp() {
|
41 |
-
return $this->getCon()
|
42 |
-
->getModule_Plugin()
|
43 |
-
->getDbHandler_GeoIp();
|
44 |
-
}
|
45 |
-
|
46 |
/**
|
47 |
* @return Shield\Databases\Session\EntryVO|null
|
48 |
*/
|
@@ -65,9 +66,6 @@ class ICWP_WPSF_FeatureHandler_BaseWpsf extends ICWP_WPSF_FeatureHandler_Base {
|
|
65 |
return Services::IP()->isValidIp( Services::IP()->getRequestIp() );
|
66 |
}
|
67 |
|
68 |
-
/**
|
69 |
-
* A action added to WordPress 'init' hook
|
70 |
-
*/
|
71 |
public function onWpInit() {
|
72 |
parent::onWpInit();
|
73 |
if ( $this->isThisModulePage() && !$this->isWizardPage() && ( $this->getSlug() != 'insights' ) ) {
|
@@ -87,45 +85,28 @@ class ICWP_WPSF_FeatureHandler_BaseWpsf extends ICWP_WPSF_FeatureHandler_Base {
|
|
87 |
}
|
88 |
|
89 |
/**
|
90 |
-
* @return
|
91 |
*/
|
92 |
-
public function
|
|
|
93 |
/** @var Shield\Modules\Plugin\Options $oOpts */
|
94 |
-
$oOpts = $
|
95 |
-
|
96 |
-
|
97 |
-
return $oOpts->getGoogleRecaptchaConfig();
|
98 |
-
}
|
99 |
|
100 |
-
|
101 |
-
|
102 |
-
|
103 |
-
|
104 |
-
|
105 |
-
|
106 |
-
|
107 |
-
|
108 |
-
|
109 |
-
* @return string
|
110 |
-
* @deprecated
|
111 |
-
*/
|
112 |
-
public function getGoogleRecaptchaSiteKey() {
|
113 |
-
return $this->getGoogleRecaptchaConfig()[ 'key' ];
|
114 |
-
}
|
115 |
|
116 |
-
|
117 |
-
* @return string
|
118 |
-
*/
|
119 |
-
public function getGoogleRecaptchaStyle() {
|
120 |
-
return $this->getGoogleRecaptchaConfig()[ 'style' ];
|
121 |
-
}
|
122 |
|
123 |
-
|
124 |
-
* @return bool
|
125 |
-
*/
|
126 |
-
public function isGoogleRecaptchaReady() {
|
127 |
-
$aConfig = $this->getGoogleRecaptchaConfig();
|
128 |
-
return ( !empty( $aConfig[ 'secret' ] ) && !empty( $aConfig[ 'key' ] ) );
|
129 |
}
|
130 |
|
131 |
/**
|
@@ -158,15 +139,10 @@ class ICWP_WPSF_FeatureHandler_BaseWpsf extends ICWP_WPSF_FeatureHandler_Base {
|
|
158 |
/**
|
159 |
* @return string
|
160 |
*/
|
161 |
-
public function
|
162 |
-
return
|
163 |
-
|
164 |
-
|
165 |
-
/**
|
166 |
-
* @return Shield\Modules\BaseShield\ShieldProcessor|mixed
|
167 |
-
*/
|
168 |
-
public function getProcessor() {
|
169 |
-
return parent::getProcessor();
|
170 |
}
|
171 |
|
172 |
/**
|
@@ -189,6 +165,10 @@ class ICWP_WPSF_FeatureHandler_BaseWpsf extends ICWP_WPSF_FeatureHandler_Base {
|
|
189 |
parent::getBaseDisplayData(),
|
190 |
[
|
191 |
'head' => [
|
|
|
|
|
|
|
|
|
192 |
'meta' => [
|
193 |
[
|
194 |
'type' => 'http-equiv',
|
@@ -244,7 +224,7 @@ class ICWP_WPSF_FeatureHandler_BaseWpsf extends ICWP_WPSF_FeatureHandler_Base {
|
|
244 |
'force_remove_email' => __( "If you've forgotten your key, a link can be sent to the plugin administrator email address to remove this restriction.", 'wp-simple-firewall' ),
|
245 |
'click_email' => __( "Click here to send the verification email.", 'wp-simple-firewall' ),
|
246 |
'send_to_email' => sprintf( __( "Email will be sent to %s", 'wp-simple-firewall' ),
|
247 |
-
Utilities\Obfuscate::Email( $this->
|
248 |
'no_email_override' => __( "The Security Administrator has restricted the use of the email override feature.", 'wp-simple-firewall' ),
|
249 |
],
|
250 |
'flags' => [
|
@@ -313,7 +293,8 @@ class ICWP_WPSF_FeatureHandler_BaseWpsf extends ICWP_WPSF_FeatureHandler_Base {
|
|
313 |
|| $oSP->isIp_DuckDuckGoBot( $sIp, $sAgent )
|
314 |
|| $oSP->isIp_YandexBot( $sIp, $sAgent )
|
315 |
|| ( class_exists( 'ICWP_Plugin' ) && $oSP->isIp_iControlWP( $sIp ) )
|
316 |
-
|| $oSP->isIp_BaiduBot( $sIp, $sAgent )
|
|
|
317 |
}
|
318 |
}
|
319 |
return self::$bIsVerifiedBot;
|
@@ -362,18 +343,34 @@ class ICWP_WPSF_FeatureHandler_BaseWpsf extends ICWP_WPSF_FeatureHandler_Base {
|
|
362 |
}
|
363 |
|
364 |
/**
|
365 |
-
* @return
|
366 |
-
* @deprecated
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
367 |
*/
|
368 |
-
public function
|
369 |
-
return
|
370 |
}
|
371 |
|
372 |
/**
|
373 |
-
* @return
|
374 |
-
* @deprecated
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
375 |
*/
|
376 |
-
public function
|
377 |
-
return
|
378 |
}
|
379 |
}
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
4 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin;
|
5 |
use FernleafSystems\Wordpress\Services\Services;
|
6 |
use FernleafSystems\Wordpress\Services\Utilities;
|
7 |
|
17 |
*/
|
18 |
private static $bVisitorIsWhitelisted;
|
19 |
|
20 |
+
/**
|
21 |
+
* @return bool
|
22 |
+
*/
|
23 |
+
public function canCacheDirWrite() {
|
24 |
+
return ( new Shield\Modules\Plugin\Lib\TestCacheDirWrite() )
|
25 |
+
->setMod( $this->getCon()->getModule_Plugin() )
|
26 |
+
->canWrite();
|
27 |
+
}
|
28 |
+
|
29 |
/**
|
30 |
* @return \ICWP_WPSF_Processor_Sessions
|
31 |
*/
|
44 |
->getDbHandler_Sessions();
|
45 |
}
|
46 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
47 |
/**
|
48 |
* @return Shield\Databases\Session\EntryVO|null
|
49 |
*/
|
66 |
return Services::IP()->isValidIp( Services::IP()->getRequestIp() );
|
67 |
}
|
68 |
|
|
|
|
|
|
|
69 |
public function onWpInit() {
|
70 |
parent::onWpInit();
|
71 |
if ( $this->isThisModulePage() && !$this->isWizardPage() && ( $this->getSlug() != 'insights' ) ) {
|
85 |
}
|
86 |
|
87 |
/**
|
88 |
+
* @return Plugin\Lib\Captcha\CaptchaConfigVO
|
89 |
*/
|
90 |
+
public function getCaptchaCfg() {
|
91 |
+
$oPlugMod = $this->getCon()->getModule_Plugin();
|
92 |
/** @var Shield\Modules\Plugin\Options $oOpts */
|
93 |
+
$oOpts = $oPlugMod->getOptions();
|
94 |
+
$oCfg = ( new Plugin\Lib\Captcha\CaptchaConfigVO() )->applyFromArray( $oOpts->getCaptchaConfig() );
|
95 |
+
$oCfg->invisible = $oCfg->theme === 'invisible';
|
|
|
|
|
96 |
|
97 |
+
if ( $oCfg->provider === Plugin\Lib\Captcha\CaptchaConfigVO::PROV_GOOGLE_RECAP2 ) {
|
98 |
+
$oCfg->url_api = 'https://www.google.com/recaptcha/api.js';
|
99 |
+
}
|
100 |
+
elseif ( $oCfg->provider === Plugin\Lib\Captcha\CaptchaConfigVO::PROV_HCAPTCHA ) {
|
101 |
+
$oCfg->url_api = 'https://hcaptcha.com/1/api.js';
|
102 |
+
}
|
103 |
+
else {
|
104 |
+
error_log( 'CAPTCHA Provider not supported: '.$oCfg->provider );
|
105 |
+
}
|
|
|
|
|
|
|
|
|
|
|
|
|
106 |
|
107 |
+
$oCfg->js_handle = $this->getCon()->prefix( $oCfg->provider );
|
|
|
|
|
|
|
|
|
|
|
108 |
|
109 |
+
return $oCfg;
|
|
|
|
|
|
|
|
|
|
|
110 |
}
|
111 |
|
112 |
/**
|
139 |
/**
|
140 |
* @return string
|
141 |
*/
|
142 |
+
public function getPluginReportEmail() {
|
143 |
+
return $this->getCon()
|
144 |
+
->getModule_Plugin()
|
145 |
+
->getPluginReportEmail();
|
|
|
|
|
|
|
|
|
|
|
146 |
}
|
147 |
|
148 |
/**
|
165 |
parent::getBaseDisplayData(),
|
166 |
[
|
167 |
'head' => [
|
168 |
+
'html' => [
|
169 |
+
'lang' => Services::WpGeneral()->getLocale( '-' ),
|
170 |
+
'dir' => is_rtl() ? 'rtl' : 'ltr',
|
171 |
+
],
|
172 |
'meta' => [
|
173 |
[
|
174 |
'type' => 'http-equiv',
|
224 |
'force_remove_email' => __( "If you've forgotten your key, a link can be sent to the plugin administrator email address to remove this restriction.", 'wp-simple-firewall' ),
|
225 |
'click_email' => __( "Click here to send the verification email.", 'wp-simple-firewall' ),
|
226 |
'send_to_email' => sprintf( __( "Email will be sent to %s", 'wp-simple-firewall' ),
|
227 |
+
Utilities\Obfuscate::Email( $this->getPluginReportEmail() ) ),
|
228 |
'no_email_override' => __( "The Security Administrator has restricted the use of the email override feature.", 'wp-simple-firewall' ),
|
229 |
],
|
230 |
'flags' => [
|
293 |
|| $oSP->isIp_DuckDuckGoBot( $sIp, $sAgent )
|
294 |
|| $oSP->isIp_YandexBot( $sIp, $sAgent )
|
295 |
|| ( class_exists( 'ICWP_Plugin' ) && $oSP->isIp_iControlWP( $sIp ) )
|
296 |
+
|| $oSP->isIp_BaiduBot( $sIp, $sAgent )
|
297 |
+
|| $oSP->isIp_Stripe( $sIp, $sAgent );
|
298 |
}
|
299 |
}
|
300 |
return self::$bIsVerifiedBot;
|
343 |
}
|
344 |
|
345 |
/**
|
346 |
+
* @return string
|
347 |
+
* @deprecated 9.0
|
348 |
+
*/
|
349 |
+
public function getPluginDefaultRecipientAddress() {
|
350 |
+
return $this->getPluginReportEmail();
|
351 |
+
}
|
352 |
+
|
353 |
+
/**
|
354 |
+
* @return string
|
355 |
+
* @deprecated 9.0
|
356 |
*/
|
357 |
+
public function getGoogleRecaptchaSecretKey() {
|
358 |
+
return $this->getCaptchaCfg()->secret;
|
359 |
}
|
360 |
|
361 |
/**
|
362 |
+
* @return string
|
363 |
+
* @deprecated 9.0
|
364 |
+
*/
|
365 |
+
public function getGoogleRecaptchaSiteKey() {
|
366 |
+
return $this->getCaptchaCfg()->key;
|
367 |
+
}
|
368 |
+
|
369 |
+
/**
|
370 |
+
* @return string
|
371 |
+
* @deprecated 9.0
|
372 |
*/
|
373 |
+
public function getCaptchaStyle() {
|
374 |
+
return $this->getCaptchaCfg()->theme;
|
375 |
}
|
376 |
}
|
src/features/comments_filter.php
CHANGED
@@ -1,20 +1,39 @@
|
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
4 |
-
use FernleafSystems\Wordpress\
|
5 |
|
6 |
class ICWP_WPSF_FeatureHandler_CommentsFilter extends ICWP_WPSF_FeatureHandler_BaseWpsf {
|
7 |
|
8 |
/**
|
9 |
-
* @return
|
10 |
*/
|
11 |
-
public function
|
|
|
12 |
$sStyle = $this->getOpt( 'google_recaptcha_style_comments' );
|
13 |
-
$
|
14 |
-
|
15 |
-
$
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
16 |
}
|
17 |
-
return $sStyle;
|
18 |
}
|
19 |
|
20 |
/**
|
@@ -61,36 +80,21 @@ class ICWP_WPSF_FeatureHandler_CommentsFilter extends ICWP_WPSF_FeatureHandler_B
|
|
61 |
return $sText;
|
62 |
}
|
63 |
|
64 |
-
protected function
|
65 |
/** @var Shield\Modules\CommentsFilter\Options $oOpts */
|
66 |
$oOpts = $this->getOptions();
|
67 |
-
if ( $oOpts->getTokenExpireInterval() != 0 && $oOpts->getTokenCooldown() > $oOpts->getTokenExpireInterval() ) {
|
68 |
-
$this->getOptions()->resetOptToDefault( 'comments_cooldown_interval' );
|
69 |
-
$this->getOptions()->resetOptToDefault( 'comments_token_expire_interval' );
|
70 |
-
}
|
71 |
-
|
72 |
-
$aCommentsFilters = $this->getOpt( 'enable_comments_human_spam_filter_items' );
|
73 |
-
if ( empty( $aCommentsFilters ) || !is_array( $aCommentsFilters ) ) {
|
74 |
-
$this->getOptions()->resetOptToDefault( 'enable_comments_human_spam_filter_items' );
|
75 |
-
}
|
76 |
|
77 |
// clean roles
|
78 |
-
$
|
79 |
array_unique( array_filter( array_map(
|
80 |
function ( $sRole ) {
|
81 |
-
return
|
82 |
},
|
83 |
$this->getTrustedRoles()
|
84 |
) ) )
|
85 |
);
|
86 |
-
}
|
87 |
|
88 |
-
|
89 |
-
* @return string[]
|
90 |
-
*/
|
91 |
-
public function getHumanSpamFilterItems() {
|
92 |
-
$aItems = $this->getOpt( 'enable_comments_human_spam_filter_items' );
|
93 |
-
return is_array( $aItems ) ? $aItems : [];
|
94 |
}
|
95 |
|
96 |
/**
|
@@ -113,8 +117,8 @@ class ICWP_WPSF_FeatureHandler_CommentsFilter extends ICWP_WPSF_FeatureHandler_B
|
|
113 |
else {
|
114 |
$aThis[ 'key_opts' ][ 'bot' ] = [
|
115 |
'name' => __( 'Bot SPAM', 'wp-simple-firewall' ),
|
116 |
-
'enabled' => $this->isEnabledGaspCheck() || $this->
|
117 |
-
'summary' => ( $this->isEnabledGaspCheck() || $this->
|
118 |
__( 'Bot SPAM comments are blocked', 'wp-simple-firewall' )
|
119 |
: __( 'There is no protection against Bot SPAM comments', 'wp-simple-firewall' ),
|
120 |
'weight' => 2,
|
@@ -135,48 +139,32 @@ class ICWP_WPSF_FeatureHandler_CommentsFilter extends ICWP_WPSF_FeatureHandler_B
|
|
135 |
return $aAllData;
|
136 |
}
|
137 |
|
138 |
-
/**
|
139 |
-
* @param string $sSection
|
140 |
-
* @return array
|
141 |
-
*/
|
142 |
-
protected function getSectionWarnings( $sSection ) {
|
143 |
-
$aWarnings = [];
|
144 |
-
|
145 |
-
switch ( $sSection ) {
|
146 |
-
case 'section_recaptcha':
|
147 |
-
$oP = $this->getCon()->getModule_Plugin();
|
148 |
-
if ( !$oP->isGoogleRecaptchaReady() ) {
|
149 |
-
$aWarnings[] = sprintf(
|
150 |
-
__( 'Please remember to supply reCAPTCHA keys: %s', 'wp-simple-firewall' ),
|
151 |
-
sprintf( '<a href="%s" target="_blank">%s</a>', $oP->getUrl_DirectLinkToSection( 'section_third_party_google' ), __( 'reCAPTCHA Settings' ) )
|
152 |
-
);
|
153 |
-
}
|
154 |
-
break;
|
155 |
-
}
|
156 |
-
|
157 |
-
return $aWarnings;
|
158 |
-
}
|
159 |
-
|
160 |
/**
|
161 |
* @return bool
|
162 |
*/
|
163 |
-
public function
|
164 |
-
return $this->isModOptEnabled() &&
|
165 |
-
|
166 |
}
|
167 |
|
168 |
/**
|
169 |
* @return bool
|
170 |
*/
|
171 |
public function isEnabledGaspCheck() {
|
172 |
-
|
|
|
|
|
|
|
173 |
}
|
174 |
|
175 |
/**
|
176 |
* @return bool
|
177 |
*/
|
178 |
public function isEnabledHumanCheck() {
|
179 |
-
|
|
|
|
|
|
|
180 |
}
|
181 |
|
182 |
/**
|
@@ -195,10 +183,16 @@ class ICWP_WPSF_FeatureHandler_CommentsFilter extends ICWP_WPSF_FeatureHandler_B
|
|
195 |
}
|
196 |
|
197 |
protected function updateHandler() {
|
198 |
-
$
|
199 |
-
if ( $
|
200 |
-
$
|
201 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
202 |
}
|
203 |
|
204 |
/**
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
4 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\CommentsFilter;
|
5 |
|
6 |
class ICWP_WPSF_FeatureHandler_CommentsFilter extends ICWP_WPSF_FeatureHandler_BaseWpsf {
|
7 |
|
8 |
/**
|
9 |
+
* @return Shield\Modules\Plugin\Lib\Captcha\CaptchaConfigVO
|
10 |
*/
|
11 |
+
public function getCaptchaCfg() {
|
12 |
+
$oCfg = parent::getCaptchaCfg();
|
13 |
$sStyle = $this->getOpt( 'google_recaptcha_style_comments' );
|
14 |
+
if ( $sStyle !== 'default' && $this->isPremium() ) {
|
15 |
+
$oCfg->theme = $sStyle;
|
16 |
+
$oCfg->invisible = $oCfg->theme == 'invisible';
|
17 |
+
}
|
18 |
+
return $oCfg;
|
19 |
+
}
|
20 |
+
|
21 |
+
protected function ensureCorrectCaptchaConfig() {
|
22 |
+
/** @var CommentsFilter\Options $oOpts */
|
23 |
+
$oOpts = $this->getOptions();
|
24 |
+
|
25 |
+
$sStyle = $oOpts->getOpt( 'google_recaptcha_style_comments' );
|
26 |
+
if ( $this->isPremium() ) {
|
27 |
+
$oCfg = $this->getCaptchaCfg();
|
28 |
+
if ( $oCfg->provider == $oCfg::PROV_GOOGLE_RECAP2 ) {
|
29 |
+
if ( !$oCfg->invisible && $sStyle == 'invisible' ) {
|
30 |
+
$oOpts->setOpt( 'google_recaptcha_style_comments', 'default' );
|
31 |
+
}
|
32 |
+
}
|
33 |
+
}
|
34 |
+
elseif ( !in_array( $sStyle, [ 'disabled', 'default' ] ) ) {
|
35 |
+
$oOpts->setOpt( 'google_recaptcha_style_comments', 'default' );
|
36 |
}
|
|
|
37 |
}
|
38 |
|
39 |
/**
|
80 |
return $sText;
|
81 |
}
|
82 |
|
83 |
+
protected function preProcessOptions() {
|
84 |
/** @var Shield\Modules\CommentsFilter\Options $oOpts */
|
85 |
$oOpts = $this->getOptions();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
86 |
|
87 |
// clean roles
|
88 |
+
$oOpts->setOpt( 'trusted_user_roles',
|
89 |
array_unique( array_filter( array_map(
|
90 |
function ( $sRole ) {
|
91 |
+
return sanitize_key( strtolower( $sRole ) );
|
92 |
},
|
93 |
$this->getTrustedRoles()
|
94 |
) ) )
|
95 |
);
|
|
|
96 |
|
97 |
+
$this->ensureCorrectCaptchaConfig();
|
|
|
|
|
|
|
|
|
|
|
98 |
}
|
99 |
|
100 |
/**
|
117 |
else {
|
118 |
$aThis[ 'key_opts' ][ 'bot' ] = [
|
119 |
'name' => __( 'Bot SPAM', 'wp-simple-firewall' ),
|
120 |
+
'enabled' => $this->isEnabledGaspCheck() || $this->isEnabledCaptcha(),
|
121 |
+
'summary' => ( $this->isEnabledGaspCheck() || $this->isEnabledCaptcha() ) ?
|
122 |
__( 'Bot SPAM comments are blocked', 'wp-simple-firewall' )
|
123 |
: __( 'There is no protection against Bot SPAM comments', 'wp-simple-firewall' ),
|
124 |
'weight' => 2,
|
139 |
return $aAllData;
|
140 |
}
|
141 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
142 |
/**
|
143 |
* @return bool
|
144 |
*/
|
145 |
+
public function isEnabledCaptcha() {
|
146 |
+
return $this->isModOptEnabled() && !$this->isOpt( 'google_recaptcha_style_comments', 'disabled' )
|
147 |
+
&& $this->getCaptchaCfg()->ready;
|
148 |
}
|
149 |
|
150 |
/**
|
151 |
* @return bool
|
152 |
*/
|
153 |
public function isEnabledGaspCheck() {
|
154 |
+
/** @var CommentsFilter\Options $oOpts */
|
155 |
+
$oOpts = $this->getOptions();
|
156 |
+
return $this->isModOptEnabled() && $this->isOpt( 'enable_comments_gasp_protection', 'Y' )
|
157 |
+
&& ( $oOpts->getTokenExpireInterval() > $oOpts->getTokenCooldown() );
|
158 |
}
|
159 |
|
160 |
/**
|
161 |
* @return bool
|
162 |
*/
|
163 |
public function isEnabledHumanCheck() {
|
164 |
+
/** @var CommentsFilter\Options $oOpts */
|
165 |
+
$oOpts = $this->getOptions();
|
166 |
+
return $this->isModOptEnabled() && $oOpts->isOpt( 'enable_comments_human_spam_filter', 'Y' )
|
167 |
+
&& count( $oOpts->getHumanSpamFilterItems() ) > 0;
|
168 |
}
|
169 |
|
170 |
/**
|
183 |
}
|
184 |
|
185 |
protected function updateHandler() {
|
186 |
+
$oOpts = $this->getOptions();
|
187 |
+
if ( $oOpts->isValidOptionKey( 'enable_google_recaptcha_comments' ) && !$oOpts->isOpt( 'enable_google_recaptcha_comments', 'Y' ) ) {
|
188 |
+
$oOpts->setOpt( 'google_recaptcha_style_comments', 'disabled' );
|
189 |
}
|
190 |
+
|
191 |
+
$oOpts->setOpt( 'comments_cooldown', $oOpts->getOpt( 'comments_cooldown_interval' ) );
|
192 |
+
$oOpts->setOpt( 'comments_expire', $oOpts->getOpt( 'comments_token_expire_interval' ) );
|
193 |
+
$oOpts->setOpt( 'human_spam_items', $oOpts->getOpt( 'enable_comments_human_spam_filter_items' ) );
|
194 |
+
|
195 |
+
$this->ensureCorrectCaptchaConfig();
|
196 |
}
|
197 |
|
198 |
/**
|
src/features/email.php
CHANGED
@@ -4,17 +4,6 @@ use FernleafSystems\Wordpress\Plugin\Shield;
|
|
4 |
|
5 |
class ICWP_WPSF_FeatureHandler_Email extends ICWP_WPSF_FeatureHandler_BaseWpsf {
|
6 |
|
7 |
-
/**
|
8 |
-
* This is the point where you would want to do any options verification
|
9 |
-
*/
|
10 |
-
protected function doPrePluginOptionsSave() {
|
11 |
-
$sLimit = $this->getOpt( 'send_email_throttle_limit' );
|
12 |
-
if ( !is_numeric( $sLimit ) || $sLimit < 0 ) {
|
13 |
-
$sLimit = 0;
|
14 |
-
}
|
15 |
-
$this->setOpt( 'send_email_throttle_limit', $sLimit );
|
16 |
-
}
|
17 |
-
|
18 |
/**
|
19 |
* @return string
|
20 |
*/
|
4 |
|
5 |
class ICWP_WPSF_FeatureHandler_Email extends ICWP_WPSF_FeatureHandler_BaseWpsf {
|
6 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
7 |
/**
|
8 |
* @return string
|
9 |
*/
|
src/features/firewall.php
CHANGED
@@ -1,42 +1,29 @@
|
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
|
|
4 |
|
5 |
class ICWP_WPSF_FeatureHandler_Firewall extends ICWP_WPSF_FeatureHandler_BaseWpsf {
|
6 |
|
7 |
-
/**
|
8 |
-
* @return array
|
9 |
-
*/
|
10 |
-
public function getDefaultWhitelist() {
|
11 |
-
$aW = $this->getDef( 'default_whitelist' );
|
12 |
-
return is_array( $aW ) ? $aW : [];
|
13 |
-
}
|
14 |
-
|
15 |
/**
|
16 |
* @param string $sParam
|
17 |
* @param string $sPage
|
18 |
-
* @return ICWP_WPSF_FeatureHandler_Firewall
|
19 |
*/
|
20 |
public function addParamToWhitelist( $sParam, $sPage = '*' ) {
|
|
|
|
|
|
|
21 |
if ( empty( $sPage ) ) {
|
22 |
$sPage = '*';
|
23 |
}
|
24 |
|
25 |
-
$aW = $
|
26 |
$aParams = isset( $aW[ $sPage ] ) ? $aW[ $sPage ] : [];
|
27 |
$aParams[] = $sParam;
|
28 |
natsort( $aParams );
|
29 |
$aW[ $sPage ] = array_unique( $aParams );
|
30 |
|
31 |
-
|
32 |
-
}
|
33 |
-
|
34 |
-
/**
|
35 |
-
* @return array
|
36 |
-
*/
|
37 |
-
public function getCustomWhitelist() {
|
38 |
-
$aW = $this->getOpt( 'page_params_whitelist', [] );
|
39 |
-
return is_array( $aW ) ? $aW : [];
|
40 |
}
|
41 |
|
42 |
/**
|
@@ -69,18 +56,14 @@ class ICWP_WPSF_FeatureHandler_Firewall extends ICWP_WPSF_FeatureHandler_BaseWps
|
|
69 |
return $sText;
|
70 |
}
|
71 |
|
72 |
-
/**
|
73 |
-
* @return bool
|
74 |
-
*/
|
75 |
-
public function isIgnoreAdmin() {
|
76 |
-
return $this->isOpt( 'whitelist_admins', 'Y' );
|
77 |
-
}
|
78 |
-
|
79 |
/**
|
80 |
* @param array $aAllData
|
81 |
* @return array
|
82 |
*/
|
83 |
public function addInsightsConfigData( $aAllData ) {
|
|
|
|
|
|
|
84 |
$aThis = [
|
85 |
'strings' => [
|
86 |
'title' => __( 'Firewall', 'wp-simple-firewall' ),
|
@@ -105,7 +88,7 @@ class ICWP_WPSF_FeatureHandler_Firewall extends ICWP_WPSF_FeatureHandler_BaseWps
|
|
105 |
];
|
106 |
|
107 |
//ignoring admin isn't a good idea
|
108 |
-
$bAdminIncluded = !$
|
109 |
$aThis[ 'key_opts' ][ 'admin' ] = [
|
110 |
'name' => __( 'Ignore Admins', 'wp-simple-firewall' ),
|
111 |
'enabled' => $bAdminIncluded,
|
@@ -127,4 +110,30 @@ class ICWP_WPSF_FeatureHandler_Firewall extends ICWP_WPSF_FeatureHandler_BaseWps
|
|
127 |
protected function getNamespaceBase() {
|
128 |
return 'Firewall';
|
129 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
130 |
}
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
4 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Firewall;
|
5 |
|
6 |
class ICWP_WPSF_FeatureHandler_Firewall extends ICWP_WPSF_FeatureHandler_BaseWpsf {
|
7 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
8 |
/**
|
9 |
* @param string $sParam
|
10 |
* @param string $sPage
|
|
|
11 |
*/
|
12 |
public function addParamToWhitelist( $sParam, $sPage = '*' ) {
|
13 |
+
/** @var Firewall\Options $oOpts */
|
14 |
+
$oOpts = $this->getOptions();
|
15 |
+
|
16 |
if ( empty( $sPage ) ) {
|
17 |
$sPage = '*';
|
18 |
}
|
19 |
|
20 |
+
$aW = $oOpts->getCustomWhitelist();
|
21 |
$aParams = isset( $aW[ $sPage ] ) ? $aW[ $sPage ] : [];
|
22 |
$aParams[] = $sParam;
|
23 |
natsort( $aParams );
|
24 |
$aW[ $sPage ] = array_unique( $aParams );
|
25 |
|
26 |
+
$oOpts->setOpt( 'page_params_whitelist', $aW );
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
27 |
}
|
28 |
|
29 |
/**
|
56 |
return $sText;
|
57 |
}
|
58 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
59 |
/**
|
60 |
* @param array $aAllData
|
61 |
* @return array
|
62 |
*/
|
63 |
public function addInsightsConfigData( $aAllData ) {
|
64 |
+
/** @var Firewall\Options $oOpts */
|
65 |
+
$oOpts = $this->getOptions();
|
66 |
+
|
67 |
$aThis = [
|
68 |
'strings' => [
|
69 |
'title' => __( 'Firewall', 'wp-simple-firewall' ),
|
88 |
];
|
89 |
|
90 |
//ignoring admin isn't a good idea
|
91 |
+
$bAdminIncluded = !$oOpts->isIgnoreAdmin();
|
92 |
$aThis[ 'key_opts' ][ 'admin' ] = [
|
93 |
'name' => __( 'Ignore Admins', 'wp-simple-firewall' ),
|
94 |
'enabled' => $bAdminIncluded,
|
110 |
protected function getNamespaceBase() {
|
111 |
return 'Firewall';
|
112 |
}
|
113 |
+
|
114 |
+
/**
|
115 |
+
* @return array
|
116 |
+
* @deprecated 9.0
|
117 |
+
*/
|
118 |
+
public function getDefaultWhitelist() {
|
119 |
+
$aW = $this->getDef( 'default_whitelist' );
|
120 |
+
return is_array( $aW ) ? $aW : [];
|
121 |
+
}
|
122 |
+
|
123 |
+
/**
|
124 |
+
* @return array
|
125 |
+
* @deprecated 9.0
|
126 |
+
*/
|
127 |
+
public function getCustomWhitelist() {
|
128 |
+
$aW = $this->getOpt( 'page_params_whitelist', [] );
|
129 |
+
return is_array( $aW ) ? $aW : [];
|
130 |
+
}
|
131 |
+
|
132 |
+
/**
|
133 |
+
* @return bool
|
134 |
+
* @deprecated 9.0
|
135 |
+
*/
|
136 |
+
public function isIgnoreAdmin() {
|
137 |
+
return $this->isOpt( 'whitelist_admins', 'Y' );
|
138 |
+
}
|
139 |
}
|
src/features/hack_protect.php
CHANGED
@@ -16,22 +16,54 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
16 |
*/
|
17 |
private $aScanCons;
|
18 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
19 |
protected function doPostConstruction() {
|
20 |
$this->setCustomCronSchedules();
|
21 |
}
|
22 |
|
23 |
-
/**
|
24 |
-
* A action added to WordPress 'init' hook
|
25 |
-
*/
|
26 |
public function onWpInit() {
|
27 |
parent::onWpInit();
|
28 |
-
$this->
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
29 |
}
|
30 |
|
31 |
/**
|
32 |
* @return HackGuard\Scan\Queue\Controller
|
33 |
*/
|
34 |
-
public function
|
35 |
if ( !isset( $this->oScanQueueController ) ) {
|
36 |
$this->oScanQueueController = ( new HackGuard\Scan\Queue\Controller() )
|
37 |
->setMod( $this );
|
@@ -71,34 +103,89 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
71 |
->setDbHandler( $this->getDbHandler_ScanResults() )
|
72 |
->downloadByItemId( (int)Services::Request()->query( 'rid', 0 ) );
|
73 |
break;
|
|
|
|
|
|
|
|
|
74 |
default:
|
75 |
break;
|
76 |
}
|
77 |
}
|
78 |
|
79 |
-
|
80 |
-
|
81 |
-
|
82 |
-
|
83 |
-
|
84 |
-
|
85 |
-
$
|
86 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
87 |
}
|
88 |
|
89 |
-
|
90 |
-
|
91 |
-
|
92 |
-
|
93 |
$this->cleanFileExclusions();
|
94 |
-
$this->cleanPtgFileExtensions();
|
95 |
|
96 |
-
$
|
97 |
-
|
|
|
|
|
|
|
98 |
|
99 |
-
|
100 |
-
|
101 |
-
|
|
|
|
|
|
|
102 |
}
|
103 |
|
104 |
/**
|
@@ -136,20 +223,6 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
136 |
return ( $oEntry instanceof Shield\Databases\Events\EntryVO ) ? $oEntry->created_at : 0;
|
137 |
}
|
138 |
|
139 |
-
/**
|
140 |
-
* @return int
|
141 |
-
*/
|
142 |
-
public function getScanNotificationInterval() {
|
143 |
-
return DAY_IN_SECONDS*$this->getOpt( 'notification_interval' );
|
144 |
-
}
|
145 |
-
|
146 |
-
/**
|
147 |
-
* @return bool
|
148 |
-
*/
|
149 |
-
public function isIncludeFileLists() {
|
150 |
-
return $this->isPremium() && $this->isOpt( 'email_files_list', 'Y' );
|
151 |
-
}
|
152 |
-
|
153 |
/**
|
154 |
* @return $this
|
155 |
*/
|
@@ -168,127 +241,45 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
168 |
return $this;
|
169 |
}
|
170 |
|
171 |
-
/**
|
172 |
-
* @return $this
|
173 |
-
*/
|
174 |
-
protected function clearIcSnapshots() {
|
175 |
-
return $this->setIcSnapshotUsers( [] );
|
176 |
-
}
|
177 |
-
|
178 |
-
/**
|
179 |
-
* @return bool
|
180 |
-
*/
|
181 |
-
public function isIcEnabled() {
|
182 |
-
return $this->isOpt( 'ic_enabled', 'Y' );
|
183 |
-
}
|
184 |
-
|
185 |
-
/**
|
186 |
-
* @return bool
|
187 |
-
*/
|
188 |
-
public function isIcUsersEnabled() {
|
189 |
-
return $this->isOpt( 'ic_users', 'Y' );
|
190 |
-
}
|
191 |
-
|
192 |
-
/**
|
193 |
-
* @param array[] $aUsers
|
194 |
-
* @return $this
|
195 |
-
*/
|
196 |
-
public function setIcSnapshotUsers( $aUsers ) {
|
197 |
-
return $this->setOpt( 'snapshot_users', $aUsers );
|
198 |
-
}
|
199 |
-
|
200 |
-
/**
|
201 |
-
* @return array
|
202 |
-
*/
|
203 |
-
public function getUfcFileExclusions() {
|
204 |
-
$aExclusions = $this->getOpt( 'ufc_exclusions', [] );
|
205 |
-
if ( empty( $aExclusions ) || !is_array( $aExclusions ) ) {
|
206 |
-
$aExclusions = [];
|
207 |
-
}
|
208 |
-
return $aExclusions;
|
209 |
-
}
|
210 |
-
|
211 |
-
/**
|
212 |
-
* @return $this
|
213 |
-
*/
|
214 |
protected function cleanFileExclusions() {
|
|
|
|
|
215 |
$aExclusions = [];
|
216 |
|
217 |
-
|
218 |
-
|
|
|
|
|
219 |
|
220 |
-
|
221 |
-
|
222 |
-
|
223 |
-
|
224 |
-
|
225 |
-
|
226 |
|
227 |
-
|
228 |
-
|
|
|
229 |
}
|
230 |
}
|
231 |
|
232 |
-
|
233 |
-
}
|
234 |
-
|
235 |
-
/**
|
236 |
-
* @return string
|
237 |
-
*/
|
238 |
-
public function getWpvulnPluginsHighlightOption() {
|
239 |
-
/** @var HackGuard\Options $oOpts */
|
240 |
-
$oOpts = $this->getOptions();
|
241 |
-
return $oOpts->isWpvulnEnabled() ? $oOpts->getOpt( 'wpvuln_scan_display' ) : 'disabled';
|
242 |
}
|
243 |
|
244 |
/**
|
245 |
* @return bool
|
246 |
*/
|
247 |
public function isWpvulnPluginsHighlightEnabled() {
|
248 |
-
$
|
249 |
-
|
250 |
-
|
251 |
-
}
|
252 |
-
|
253 |
-
/**
|
254 |
-
* @return bool
|
255 |
-
*/
|
256 |
-
public function canPtgWriteToDisk() {
|
257 |
-
$nNow = Services::Request()->ts();
|
258 |
-
$bLastCheckExpired = ( $nNow - $this->getOpt( 'ptg_candiskwrite_at', 0 ) ) > DAY_IN_SECONDS;
|
259 |
-
|
260 |
-
$bCanWrite = $this->getOpt( 'ptg_candiskwrite' ) && !$bLastCheckExpired;
|
261 |
-
if ( !$bCanWrite ) {
|
262 |
-
$oFS = Services::WpFs();
|
263 |
-
$sDir = $this->getPtgSnapsBaseDir();
|
264 |
-
|
265 |
-
if ( $sDir && $oFS->mkdir( $sDir ) ) {
|
266 |
-
$sTestFile = path_join( $sDir, 'test.txt' );
|
267 |
-
$oFS->putFileContent( $sTestFile, 'test-'.$nNow );
|
268 |
-
$sContents = $oFS->exists( $sTestFile ) ? $oFS->getFileContent( $sTestFile ) : '';
|
269 |
-
if ( $sContents === 'test-'.$nNow ) {
|
270 |
-
$oFS->deleteFile( $sTestFile );
|
271 |
-
$bCanWrite = !$oFS->exists( $sTestFile );
|
272 |
-
$this->setOpt( 'ptg_candiskwrite', $bCanWrite );
|
273 |
-
}
|
274 |
-
$this->setOpt( 'ptg_candiskwrite_at', $nNow );
|
275 |
-
}
|
276 |
}
|
277 |
-
|
278 |
-
|
279 |
-
|
280 |
-
|
281 |
-
|
282 |
-
* @return $this
|
283 |
-
*/
|
284 |
-
protected function cleanPtgFileExtensions() {
|
285 |
-
/** @var HackGuard\Options $oOpts */
|
286 |
-
$oOpts = $this->getOptions();
|
287 |
-
$oOpts->setOpt(
|
288 |
-
'ptg_extensions',
|
289 |
-
$this->cleanStringArray( $oOpts->getPtgFileExtensions(), '#[^a-z0-9_-]#i' )
|
290 |
-
);
|
291 |
-
return $this;
|
292 |
}
|
293 |
|
294 |
/**
|
@@ -298,7 +289,7 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
298 |
return $this->isModuleEnabled() && $this->isPremium()
|
299 |
&& $this->isOpt( 'ptg_enable', 'enabled' )
|
300 |
&& $this->getOptions()->isOptReqsMet( 'ptg_enable' )
|
301 |
-
&& $this->
|
302 |
}
|
303 |
|
304 |
/**
|
@@ -310,13 +301,6 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
310 |
->isEnabled();
|
311 |
}
|
312 |
|
313 |
-
/**
|
314 |
-
* @return bool
|
315 |
-
*/
|
316 |
-
public function isApcSendEmail() {
|
317 |
-
return $this->isOpt( 'enabled_scan_apc', 'enabled_email' );
|
318 |
-
}
|
319 |
-
|
320 |
public function insertCustomJsVars_Admin() {
|
321 |
parent::insertCustomJsVars_Admin();
|
322 |
|
@@ -345,47 +329,6 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
345 |
}
|
346 |
}
|
347 |
|
348 |
-
/**
|
349 |
-
* @param string $sSectionSlug
|
350 |
-
* @return array
|
351 |
-
*/
|
352 |
-
protected function getSectionNotices( $sSectionSlug ) {
|
353 |
-
$aNotices = [];
|
354 |
-
switch ( $sSectionSlug ) {
|
355 |
-
|
356 |
-
case 'section_scan_wcf':
|
357 |
-
$nTime = $this->getLastScanAt( 'wcf' );
|
358 |
-
break;
|
359 |
-
|
360 |
-
case 'section_scan_ufc':
|
361 |
-
$nTime = $this->getLastScanAt( 'ufc' );
|
362 |
-
break;
|
363 |
-
|
364 |
-
case 'section_scan_ptg':
|
365 |
-
$nTime = $this->getLastScanAt( 'ptg' );
|
366 |
-
break;
|
367 |
-
|
368 |
-
case 'section_scan_wpv':
|
369 |
-
$nTime = $this->getLastScanAt( 'wpv' );
|
370 |
-
break;
|
371 |
-
|
372 |
-
case 'section_scan_mal':
|
373 |
-
$nTime = $this->getLastScanAt( 'mal' );
|
374 |
-
break;
|
375 |
-
|
376 |
-
default:
|
377 |
-
$nTime = null;
|
378 |
-
break;
|
379 |
-
}
|
380 |
-
|
381 |
-
if ( !is_null( $nTime ) ) {
|
382 |
-
$nTime = ( $nTime > 0 ) ? Services::WpGeneral()
|
383 |
-
->getTimeStampForDisplay( $nTime ) : __( 'Never', 'wp-simple-firewall' );
|
384 |
-
$aNotices[] = sprintf( __( 'Last Scan Time: %s', 'wp-simple-firewall' ), $nTime );
|
385 |
-
}
|
386 |
-
return $aNotices;
|
387 |
-
}
|
388 |
-
|
389 |
/**
|
390 |
* @param string $sSection
|
391 |
* @return array
|
@@ -395,25 +338,20 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
395 |
|
396 |
switch ( $sSection ) {
|
397 |
|
398 |
-
case 'section_scan_ptg':
|
399 |
-
if ( !$this->canPtgWriteToDisk() ) {
|
400 |
-
$aWarnings[] = sprintf( __( 'Sorry, this feature is not available because we cannot write to disk at this location: "%s"', 'wp-simple-firewall' ), $this->getPtgSnapsBaseDir() );
|
401 |
-
}
|
402 |
-
break;
|
403 |
-
|
404 |
case 'section_realtime':
|
405 |
-
|
406 |
-
|
407 |
-
|
408 |
-
|
409 |
-
|
410 |
-
|
411 |
-
else {
|
412 |
-
$sPath = $this->getRtMapFileKeyToFilePath( 'wpconfig' );
|
413 |
-
if ( !$this->getRtCanWriteFile( $sPath ) ) {
|
414 |
-
$aWarnings[] = sprintf( __( "The %s file isn't writable and so can't be further protected.", 'wp-simple-firewall' ), 'wp-config.php' );
|
415 |
-
}
|
416 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
417 |
break;
|
418 |
}
|
419 |
|
@@ -435,154 +373,6 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
435 |
return false;
|
436 |
}
|
437 |
|
438 |
-
/**
|
439 |
-
* cleans out any reference to any backup files
|
440 |
-
*/
|
441 |
-
private function resetRtBackupFiles() {
|
442 |
-
$oCon = $this->getCon();
|
443 |
-
$oFs = Services::WpFs();
|
444 |
-
$oOpts = $this->getOptions();
|
445 |
-
foreach ( [ 'htaccess', 'wpconfig' ] as $sFileKey ) {
|
446 |
-
if ( $oOpts->isOptChanged( 'rt_file_'.$sFileKey ) ) {
|
447 |
-
$sPath = $this->getRtMapFileKeyToFilePath( $sFileKey );
|
448 |
-
try {
|
449 |
-
$sBackupFile = $oCon->getPluginCachePath( $this->getRtFileBackupName( $sPath ) );
|
450 |
-
if ( $oFs->exists( $sBackupFile ) ) {
|
451 |
-
$oFs->deleteFile( $sBackupFile );
|
452 |
-
}
|
453 |
-
|
454 |
-
if ( !$this->getRtCanWriteFile( $sPath ) ) {
|
455 |
-
$this->setOpt( 'rt_file_'.$sFileKey, 'N' );
|
456 |
-
}
|
457 |
-
}
|
458 |
-
catch ( \Exception $oE ) {
|
459 |
-
}
|
460 |
-
$this->setRtFileHash( $sPath, '' )
|
461 |
-
->setRtFileBackupName( $sPath, '' );
|
462 |
-
}
|
463 |
-
}
|
464 |
-
}
|
465 |
-
|
466 |
-
/**
|
467 |
-
* @param string $sKey
|
468 |
-
* @return string|null
|
469 |
-
*/
|
470 |
-
private function getRtMapFileKeyToFilePath( $sKey ) {
|
471 |
-
$aMap = [
|
472 |
-
'wpconfig' => Services::WpGeneral()->getPath_WpConfig(),
|
473 |
-
'htaccess' => path_join( ABSPATH, '.htaccess' ),
|
474 |
-
];
|
475 |
-
return isset( $aMap[ $sKey ] ) ? $aMap[ $sKey ] : null;
|
476 |
-
}
|
477 |
-
|
478 |
-
/**
|
479 |
-
* @return array
|
480 |
-
*/
|
481 |
-
public function getRtFileBackupNames() {
|
482 |
-
$aF = $this->getOpt( 'rt_file_backup_names', [] );
|
483 |
-
return is_array( $aF ) ? $aF : [];
|
484 |
-
}
|
485 |
-
|
486 |
-
/**
|
487 |
-
* @param string $sFile
|
488 |
-
* @return string|null
|
489 |
-
*/
|
490 |
-
public function getRtFileBackupName( $sFile ) {
|
491 |
-
$aD = $this->getRtFileBackupNames();
|
492 |
-
return isset( $aD[ $sFile ] ) ? $aD[ $sFile ] : null;
|
493 |
-
}
|
494 |
-
|
495 |
-
/**
|
496 |
-
* @return array
|
497 |
-
*/
|
498 |
-
public function getRtFileHashes() {
|
499 |
-
$aF = $this->getOpt( 'rt_file_hashes', [] );
|
500 |
-
return is_array( $aF ) ? $aF : [];
|
501 |
-
}
|
502 |
-
|
503 |
-
/**
|
504 |
-
* @param string $sFile
|
505 |
-
* @return string|null
|
506 |
-
*/
|
507 |
-
public function getRtFileHash( $sFile ) {
|
508 |
-
$aD = $this->getRtFileHashes();
|
509 |
-
return isset( $aD[ $sFile ] ) ? $aD[ $sFile ] : null;
|
510 |
-
}
|
511 |
-
|
512 |
-
/**
|
513 |
-
* @param string $sFile
|
514 |
-
* @param string $sName
|
515 |
-
* @return $this
|
516 |
-
*/
|
517 |
-
public function setRtFileBackupName( $sFile, $sName ) {
|
518 |
-
$aD = $this->getRtFileBackupNames();
|
519 |
-
$aD[ $sFile ] = $sName;
|
520 |
-
return $this->setOpt( 'rt_file_backup_names', $aD );
|
521 |
-
}
|
522 |
-
|
523 |
-
/**
|
524 |
-
* @param string $sFile
|
525 |
-
* @param string $sHash
|
526 |
-
* @return $this
|
527 |
-
*/
|
528 |
-
public function setRtFileHash( $sFile, $sHash ) {
|
529 |
-
$aD = $this->getRtFileHashes();
|
530 |
-
$aD[ $sFile ] = $sHash;
|
531 |
-
return $this->setOpt( 'rt_file_hashes', $aD );
|
532 |
-
}
|
533 |
-
|
534 |
-
/**
|
535 |
-
* @return array
|
536 |
-
*/
|
537 |
-
public function getRtCanWriteFiles() {
|
538 |
-
$aF = $this->getOpt( 'rt_can_write_files', [] );
|
539 |
-
return is_array( $aF ) ? $aF : [];
|
540 |
-
}
|
541 |
-
|
542 |
-
/**
|
543 |
-
* @param string $sFile
|
544 |
-
* @return bool
|
545 |
-
*/
|
546 |
-
public function getRtCanWriteFile( $sFile ) {
|
547 |
-
$aFiles = $this->getRtCanWriteFiles();
|
548 |
-
if ( isset( $aFiles[ $sFile ] ) ) {
|
549 |
-
$bCanWrite = $aFiles[ $sFile ] > 0;
|
550 |
-
}
|
551 |
-
else {
|
552 |
-
$bCanWrite = ( new Shield\Scans\Realtime\Files\TestWritable() )->run( $sFile );
|
553 |
-
$this->setRtCanWriteFile( $sFile, $bCanWrite );
|
554 |
-
}
|
555 |
-
return $bCanWrite;
|
556 |
-
}
|
557 |
-
|
558 |
-
/**
|
559 |
-
* @return bool
|
560 |
-
*/
|
561 |
-
public function isRtAvailable() {
|
562 |
-
return $this->isPremium()
|
563 |
-
&& Services::WpFs()->isFilesystemAccessDirect()
|
564 |
-
&& Services::Encrypt()->isSupportedOpenSslDataEncryption();
|
565 |
-
}
|
566 |
-
|
567 |
-
/**
|
568 |
-
* @return bool
|
569 |
-
*/
|
570 |
-
public function isRtEnabledWpConfig() {
|
571 |
-
return $this->isRtAvailable() && $this->isOpt( 'rt_file_wpconfig', 'Y' )
|
572 |
-
&& $this->getRtCanWriteFile( $this->getRtMapFileKeyToFilePath( 'wpconfig' ) );
|
573 |
-
}
|
574 |
-
|
575 |
-
/**
|
576 |
-
* @param string $sPath
|
577 |
-
* @param bool $bCanWrite
|
578 |
-
* @return $this
|
579 |
-
*/
|
580 |
-
public function setRtCanWriteFile( $sPath, $bCanWrite ) {
|
581 |
-
$aFiles = $this->getRtCanWriteFiles();
|
582 |
-
$aFiles[ $sPath ] = $bCanWrite ? Services::Request()->ts() : 0;
|
583 |
-
return $this->setOpt( 'rt_can_write_files', $aFiles );
|
584 |
-
}
|
585 |
-
|
586 |
/**
|
587 |
* @return string
|
588 |
*/
|
@@ -605,12 +395,14 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
605 |
'messages' => []
|
606 |
];
|
607 |
|
|
|
|
|
608 |
{// Core files
|
609 |
if ( !$this->isScanEnabled( 'wcf' ) ) {
|
610 |
$aNotices[ 'messages' ][ 'wcf' ] = [
|
611 |
'title' => $aScanNames[ 'wcf' ],
|
612 |
'message' => __( 'Core File scanner is not enabled.', 'wp-simple-firewall' ),
|
613 |
-
'href' => $this->
|
614 |
'action' => sprintf( __( 'Go To %s', 'wp-simple-firewall' ), __( 'Options', 'wp-simple-firewall' ) ),
|
615 |
'rec' => __( 'Automatic WordPress Core File scanner should be turned-on.', 'wp-simple-firewall' )
|
616 |
];
|
@@ -619,7 +411,7 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
619 |
$aNotices[ 'messages' ][ 'wcf' ] = [
|
620 |
'title' => $aScanNames[ 'wcf' ],
|
621 |
'message' => __( 'Modified WordPress core files found.', 'wp-simple-firewall' ),
|
622 |
-
'href' => $
|
623 |
'action' => __( 'Run Scan', 'wp-simple-firewall' ),
|
624 |
'rec' => __( 'Scan WP core files and repair any files that are flagged as modified.', 'wp-simple-firewall' )
|
625 |
];
|
@@ -640,7 +432,7 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
640 |
$aNotices[ 'messages' ][ 'ufc' ] = [
|
641 |
'title' => $aScanNames[ 'ufc' ],
|
642 |
'message' => __( 'Unrecognised files found in WordPress Core directory.', 'wp-simple-firewall' ),
|
643 |
-
'href' => $
|
644 |
'action' => __( 'Run Scan', 'wp-simple-firewall' ),
|
645 |
'rec' => __( 'Scan and remove any files that are not meant to be in the WP core directories.', 'wp-simple-firewall' )
|
646 |
];
|
@@ -653,7 +445,7 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
653 |
$aNotices[ 'messages' ][ 'ptg' ] = [
|
654 |
'title' => $aScanNames[ 'ptg' ],
|
655 |
'message' => __( 'Automatic Plugin/Themes Guard is not enabled.', 'wp-simple-firewall' ),
|
656 |
-
'href' => $this->
|
657 |
'action' => sprintf( __( 'Go To %s', 'wp-simple-firewall' ), __( 'Options', 'wp-simple-firewall' ) ),
|
658 |
'rec' => __( 'Automatic detection of plugin/theme modifications is recommended.', 'wp-simple-firewall' )
|
659 |
];
|
@@ -662,7 +454,7 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
662 |
$aNotices[ 'messages' ][ 'ptg' ] = [
|
663 |
'title' => $aScanNames[ 'ptg' ],
|
664 |
'message' => __( 'A plugin/theme was found to have been modified.', 'wp-simple-firewall' ),
|
665 |
-
'href' => $
|
666 |
'action' => __( 'Run Scan', 'wp-simple-firewall' ),
|
667 |
'rec' => __( 'Reviewing modifications to your plugins/themes is recommended.', 'wp-simple-firewall' )
|
668 |
];
|
@@ -683,7 +475,7 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
683 |
$aNotices[ 'messages' ][ 'wpv' ] = [
|
684 |
'title' => $aScanNames[ 'wpv' ],
|
685 |
'message' => __( 'At least 1 item has known vulnerabilities.', 'wp-simple-firewall' ),
|
686 |
-
'href' => $
|
687 |
'action' => __( 'Run Scan', 'wp-simple-firewall' ),
|
688 |
'rec' => __( 'Items with known vulnerabilities should be updated, removed, or replaced.', 'wp-simple-firewall' )
|
689 |
];
|
@@ -704,7 +496,7 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
704 |
$aNotices[ 'messages' ][ 'apc' ] = [
|
705 |
'title' => $aScanNames[ 'apc' ],
|
706 |
'message' => __( 'At least 1 plugin on your site is abandoned.', 'wp-simple-firewall' ),
|
707 |
-
'href' => $
|
708 |
'action' => __( 'Run Scan', 'wp-simple-firewall' ),
|
709 |
'rec' => __( 'Plugins that have been abandoned represent a potential risk to your site.', 'wp-simple-firewall' )
|
710 |
];
|
@@ -725,7 +517,7 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
725 |
$aNotices[ 'messages' ][ 'mal' ] = [
|
726 |
'title' => $aScanNames[ 'mal' ],
|
727 |
'message' => __( 'At least 1 file with potential Malware has been discovered.', 'wp-simple-firewall' ),
|
728 |
-
'href' => $
|
729 |
'action' => __( 'Run Scan', 'wp-simple-firewall' ),
|
730 |
'rec' => __( 'Files identified as potential malware should be examined as soon as possible.', 'wp-simple-firewall' )
|
731 |
];
|
@@ -781,21 +573,21 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
781 |
__( 'Core files scanned regularly for hacks', 'wp-simple-firewall' )
|
782 |
: __( "Core files are never scanned for hacks!", 'wp-simple-firewall' ),
|
783 |
'weight' => 2,
|
784 |
-
'href' => $this->
|
785 |
];
|
786 |
-
if ( $bCore && !$oOpts->
|
787 |
$aThis[ 'key_opts' ][ 'wcf_repair' ] = [
|
788 |
'name' => __( 'WP Core File Repair', 'wp-simple-firewall' ),
|
789 |
-
'enabled' => $oOpts->
|
790 |
-
'summary' => $oOpts->
|
791 |
__( 'Core files are automatically repaired', 'wp-simple-firewall' )
|
792 |
: __( "Core files aren't automatically repaired!", 'wp-simple-firewall' ),
|
793 |
'weight' => 1,
|
794 |
-
'href' => $this->
|
795 |
];
|
796 |
}
|
797 |
|
798 |
-
$bUcf = $
|
799 |
$aThis[ 'key_opts' ][ 'ufc' ] = [
|
800 |
'name' => __( 'Unrecognised Files', 'wp-simple-firewall' ),
|
801 |
'enabled' => $bUcf,
|
@@ -805,11 +597,11 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
805 |
'weight' => 2,
|
806 |
'href' => $this->getUrl_DirectLinkToSection( 'section_scan_ufc' ),
|
807 |
];
|
808 |
-
if ( $bUcf && !$oOpts->
|
809 |
$aThis[ 'key_opts' ][ 'ufc_repair' ] = [
|
810 |
'name' => __( 'Unrecognised Files Removal', 'wp-simple-firewall' ),
|
811 |
-
'enabled' => $oOpts->
|
812 |
-
'summary' => $oOpts->
|
813 |
__( 'Unrecognised files are automatically removed', 'wp-simple-firewall' )
|
814 |
: __( "Unrecognised files aren't automatically removed!", 'wp-simple-firewall' ),
|
815 |
'weight' => 1,
|
@@ -817,7 +609,7 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
817 |
];
|
818 |
}
|
819 |
|
820 |
-
$bWpv = $
|
821 |
$aThis[ 'key_opts' ][ 'wpv' ] = [
|
822 |
'name' => __( 'Vulnerability Scan', 'wp-simple-firewall' ),
|
823 |
'enabled' => $bWpv,
|
@@ -849,7 +641,7 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
849 |
__( 'Plugins and Themes are guarded against tampering', 'wp-simple-firewall' )
|
850 |
: __( "Plugins and Themes are never scanned for tampering!", 'wp-simple-firewall' ),
|
851 |
'weight' => 2,
|
852 |
-
'href' => $this->
|
853 |
];
|
854 |
|
855 |
$bMal = $this->isScanEnabled( 'mal' );
|
@@ -882,13 +674,10 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
882 |
}
|
883 |
|
884 |
/**
|
885 |
-
*
|
886 |
*/
|
887 |
-
public function
|
888 |
-
return
|
889 |
-
[ 'inav' => 'scans' ],
|
890 |
-
$this->getCon()->getModule_Insights()->getUrl_AdminPage()
|
891 |
-
);
|
892 |
}
|
893 |
|
894 |
/**
|
@@ -917,10 +706,84 @@ class ICWP_WPSF_FeatureHandler_HackProtect extends ICWP_WPSF_FeatureHandler_Base
|
|
917 |
&& parent::isReadyToExecute();
|
918 |
}
|
919 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
920 |
/**
|
921 |
* @return string
|
922 |
*/
|
923 |
protected function getNamespaceBase() {
|
924 |
return 'HackGuard';
|
925 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
926 |
}
|
16 |
*/
|
17 |
private $aScanCons;
|
18 |
|
19 |
+
/**
|
20 |
+
* @var HackGuard\Lib\FileLocker\FileLockerController
|
21 |
+
*/
|
22 |
+
private $oFileLocker;
|
23 |
+
|
24 |
+
/**
|
25 |
+
* @param array $aItems
|
26 |
+
* @return array
|
27 |
+
*/
|
28 |
+
public function addAdminMenuBarItems( array $aItems ) {
|
29 |
+
$oCon = $this->getCon();
|
30 |
+
$nCountFL = $this->getFileLocker()->countProblems();
|
31 |
+
if ( $nCountFL > 0 ) {
|
32 |
+
$aItems[] = [
|
33 |
+
'id' => $oCon->prefix( 'filelocker_problems' ),
|
34 |
+
'title' => __( 'File Locker', 'wp-simple-firewall' )
|
35 |
+
.sprintf( '<div class="wp-core-ui wp-ui-notification shield-counter"><span aria-hidden="true">%s</span></div>', $nCountFL ),
|
36 |
+
'href' => $this->getCon()->getModule_Insights()->getUrl_SubInsightsPage( 'scans' ),
|
37 |
+
'warnings' => $nCountFL
|
38 |
+
];
|
39 |
+
}
|
40 |
+
return $aItems;
|
41 |
+
}
|
42 |
+
|
43 |
protected function doPostConstruction() {
|
44 |
$this->setCustomCronSchedules();
|
45 |
}
|
46 |
|
|
|
|
|
|
|
47 |
public function onWpInit() {
|
48 |
parent::onWpInit();
|
49 |
+
$this->getScanQueueController();
|
50 |
+
}
|
51 |
+
|
52 |
+
/**
|
53 |
+
* @return HackGuard\Lib\FileLocker\FileLockerController
|
54 |
+
*/
|
55 |
+
public function getFileLocker() {
|
56 |
+
if ( !isset( $this->oFileLocker ) ) {
|
57 |
+
$this->oFileLocker = ( new HackGuard\Lib\FileLocker\FileLockerController() )
|
58 |
+
->setMod( $this );
|
59 |
+
}
|
60 |
+
return $this->oFileLocker;
|
61 |
}
|
62 |
|
63 |
/**
|
64 |
* @return HackGuard\Scan\Queue\Controller
|
65 |
*/
|
66 |
+
public function getScanQueueController() {
|
67 |
if ( !isset( $this->oScanQueueController ) ) {
|
68 |
$this->oScanQueueController = ( new HackGuard\Scan\Queue\Controller() )
|
69 |
->setMod( $this );
|
103 |
->setDbHandler( $this->getDbHandler_ScanResults() )
|
104 |
->downloadByItemId( (int)Services::Request()->query( 'rid', 0 ) );
|
105 |
break;
|
106 |
+
case 'filelocker_download_original':
|
107 |
+
case 'filelocker_download_current':
|
108 |
+
$this->getFileLocker()->handleFileDownloadRequest();
|
109 |
+
break;
|
110 |
default:
|
111 |
break;
|
112 |
}
|
113 |
}
|
114 |
|
115 |
+
protected function updateHandler() {
|
116 |
+
/** @var HackGuard\Options $oOpts */
|
117 |
+
$oOpts = $this->getOptions();
|
118 |
+
if ( $oOpts->getOpt( 'ptg_enable' ) == 'enabled' ) {
|
119 |
+
$oOpts->setOpt( 'ptg_enable', 'Y' );
|
120 |
+
}
|
121 |
+
elseif ( $oOpts->getOpt( 'ptg_enable' ) == 'disabled' ) {
|
122 |
+
$oOpts->setOpt( 'ptg_enable', 'N' );
|
123 |
+
}
|
124 |
+
|
125 |
+
/**
|
126 |
+
* @deprecated 9.0
|
127 |
+
*/
|
128 |
+
{
|
129 |
+
if ( $oOpts->getOpt( 'mal_scan_enable' ) === 'enabled' ) {
|
130 |
+
$oOpts->setOpt( 'mal_scan_enable', 'Y' );
|
131 |
+
}
|
132 |
+
elseif ( $oOpts->getOpt( 'mal_scan_enable' ) === 'disabled' ) {
|
133 |
+
$oOpts->setOpt( 'mal_scan_enable', 'N' );
|
134 |
+
}
|
135 |
+
}
|
136 |
+
|
137 |
+
$aRepairAreas = $oOpts->getRepairAreas();
|
138 |
+
$aMap = [
|
139 |
+
'attempt_auto_file_repair' => 'wp',
|
140 |
+
'mal_autorepair_plugins' => 'plugin',
|
141 |
+
];
|
142 |
+
foreach ( $aMap as $sOld => $sNew ) {
|
143 |
+
if ( $oOpts->getOpt( $sOld ) !== false ) {
|
144 |
+
$bWasEnabled = $oOpts->isOpt( $sOld, 'Y' );
|
145 |
+
$nIsEnabled = array_search( $sNew, $aRepairAreas );
|
146 |
+
if ( $bWasEnabled && ( $nIsEnabled === false ) ) {
|
147 |
+
$aRepairAreas[] = $sNew;
|
148 |
+
}
|
149 |
+
elseif ( !$bWasEnabled && ( $nIsEnabled !== false ) ) {
|
150 |
+
unset( $aRepairAreas[ $nIsEnabled ] );
|
151 |
+
}
|
152 |
+
}
|
153 |
+
}
|
154 |
+
$this->setOpt( 'file_repair_areas', $aRepairAreas );
|
155 |
+
|
156 |
+
{ // migrate old scan options
|
157 |
+
if ( $oOpts->getOpt( 'enable_unrecognised_file_cleaner_scan' ) == 'enabled_delete_report' ) {
|
158 |
+
$oOpts->setOpt( 'enable_unrecognised_file_cleaner_scan', 'enabled_delete_only' );
|
159 |
+
}
|
160 |
+
$sApcOpt = $oOpts->getOpt( 'enabled_scan_apc' );
|
161 |
+
if ( strlen( $sApcOpt ) > 1 ) {
|
162 |
+
$oOpts->setOpt( 'enabled_scan_apc', $sApcOpt == 'disabled' ? 'N' : 'Y' );
|
163 |
+
}
|
164 |
+
$sWpvOpt = $oOpts->getOpt( 'enable_wpvuln_scan' );
|
165 |
+
if ( strlen( $sWpvOpt ) > 1 ) {
|
166 |
+
$oOpts->setOpt( 'enable_wpvuln_scan', $sWpvOpt == 'disabled' ? 'N' : 'Y' );
|
167 |
+
}
|
168 |
+
}
|
169 |
}
|
170 |
|
171 |
+
protected function preProcessOptions() {
|
172 |
+
/** @var HackGuard\Options $oOpts */
|
173 |
+
$oOpts = $this->getOptions();
|
174 |
+
|
175 |
$this->cleanFileExclusions();
|
|
|
176 |
|
177 |
+
if ( $oOpts->isOptChanged( 'scan_frequency' ) ) {
|
178 |
+
/** @var \ICWP_WPSF_Processor_HackProtect $oPro */
|
179 |
+
$oPro = $this->getProcessor();
|
180 |
+
$oPro->getSubProScanner()->deleteCron();
|
181 |
+
}
|
182 |
|
183 |
+
if ( count( $oOpts->getFilesToLock() ) > 0 && !$this->getCon()
|
184 |
+
->getModule_Plugin()
|
185 |
+
->getShieldNetApiController()
|
186 |
+
->canHandshake() ) {
|
187 |
+
$oOpts->setOpt( 'file_locker', [] );
|
188 |
+
}
|
189 |
}
|
190 |
|
191 |
/**
|
223 |
return ( $oEntry instanceof Shield\Databases\Events\EntryVO ) ? $oEntry->created_at : 0;
|
224 |
}
|
225 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
226 |
/**
|
227 |
* @return $this
|
228 |
*/
|
241 |
return $this;
|
242 |
}
|
243 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
244 |
protected function cleanFileExclusions() {
|
245 |
+
/** @var HackGuard\Options $oOpts */
|
246 |
+
$oOpts = $this->getOptions();
|
247 |
$aExclusions = [];
|
248 |
|
249 |
+
$aToClean = $this->getOpt( 'ufc_exclusions', [] );
|
250 |
+
if ( is_array( $aToClean ) ) {
|
251 |
+
foreach ( $aToClean as $nKey => $sExclusion ) {
|
252 |
+
$sExclusion = wp_normalize_path( trim( $sExclusion ) );
|
253 |
|
254 |
+
if ( preg_match( '/^#(.+)#$/', $sExclusion, $aMatches ) ) { // it's regex
|
255 |
+
// ignore it
|
256 |
+
}
|
257 |
+
elseif ( strpos( $sExclusion, '/' ) === false ) { // filename only
|
258 |
+
$sExclusion = trim( preg_replace( '#[^.0-9a-z_-]#i', '', $sExclusion ) );
|
259 |
+
}
|
260 |
|
261 |
+
if ( !empty( $sExclusion ) ) {
|
262 |
+
$aExclusions[] = $sExclusion;
|
263 |
+
}
|
264 |
}
|
265 |
}
|
266 |
|
267 |
+
$oOpts->setOpt( 'ufc_exclusions', array_unique( $aExclusions ) );
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
268 |
}
|
269 |
|
270 |
/**
|
271 |
* @return bool
|
272 |
*/
|
273 |
public function isWpvulnPluginsHighlightEnabled() {
|
274 |
+
$oWpvCon = $this->getScanCon( 'wpv' );
|
275 |
+
if ( $oWpvCon->isEnabled() ) {
|
276 |
+
$sOpt = apply_filters( 'icwp_shield_wpvuln_scan_display', 'securityadmin' );
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
277 |
}
|
278 |
+
else {
|
279 |
+
$sOpt = 'disabled';
|
280 |
+
}
|
281 |
+
return ( $sOpt != 'disabled' ) && Services::WpUsers()->isUserAdmin()
|
282 |
+
&& ( ( $sOpt != 'securityadmin' ) || $this->getCon()->isPluginAdmin() );
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
283 |
}
|
284 |
|
285 |
/**
|
289 |
return $this->isModuleEnabled() && $this->isPremium()
|
290 |
&& $this->isOpt( 'ptg_enable', 'enabled' )
|
291 |
&& $this->getOptions()->isOptReqsMet( 'ptg_enable' )
|
292 |
+
&& $this->canCacheDirWrite();
|
293 |
}
|
294 |
|
295 |
/**
|
301 |
->isEnabled();
|
302 |
}
|
303 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
304 |
public function insertCustomJsVars_Admin() {
|
305 |
parent::insertCustomJsVars_Admin();
|
306 |
|
329 |
}
|
330 |
}
|
331 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
332 |
/**
|
333 |
* @param string $sSection
|
334 |
* @return array
|
338 |
|
339 |
switch ( $sSection ) {
|
340 |
|
|
|
|
|
|
|
|
|
|
|
|
|
341 |
case 'section_realtime':
|
342 |
+
$bCanHandshake = $this->getCon()
|
343 |
+
->getModule_Plugin()
|
344 |
+
->getShieldNetApiController()
|
345 |
+
->canHandshake();
|
346 |
+
if ( !$bCanHandshake ) {
|
347 |
+
$aWarnings[] = sprintf( __( 'Not available as your site cannot handshake with ShieldNET API.', 'wp-simple-firewall' ), 'OpenSSL' );
|
|
|
|
|
|
|
|
|
|
|
348 |
}
|
349 |
+
// if ( !Services::Encrypt()->isSupportedOpenSslDataEncryption() ) {
|
350 |
+
// $aWarnings[] = sprintf( __( 'Not available because the %s extension is not available.', 'wp-simple-firewall' ), 'OpenSSL' );
|
351 |
+
// }
|
352 |
+
// if ( !Services::WpFs()->isFilesystemAccessDirect() ) {
|
353 |
+
// $aWarnings[] = sprintf( __( "Not available because PHP/WordPress doesn't have direct filesystem access.", 'wp-simple-firewall' ), 'OpenSSL' );
|
354 |
+
// }
|
355 |
break;
|
356 |
}
|
357 |
|
373 |
return false;
|
374 |
}
|
375 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
376 |
/**
|
377 |
* @return string
|
378 |
*/
|
395 |
'messages' => []
|
396 |
];
|
397 |
|
398 |
+
$sScansUrl = $this->getCon()->getModule_Insights()->getUrl_SubInsightsPage( 'scans' );
|
399 |
+
|
400 |
{// Core files
|
401 |
if ( !$this->isScanEnabled( 'wcf' ) ) {
|
402 |
$aNotices[ 'messages' ][ 'wcf' ] = [
|
403 |
'title' => $aScanNames[ 'wcf' ],
|
404 |
'message' => __( 'Core File scanner is not enabled.', 'wp-simple-firewall' ),
|
405 |
+
'href' => $this->getUrl_DirectLinkToOption( 'enable_core_file_integrity_scan' ),
|
406 |
'action' => sprintf( __( 'Go To %s', 'wp-simple-firewall' ), __( 'Options', 'wp-simple-firewall' ) ),
|
407 |
'rec' => __( 'Automatic WordPress Core File scanner should be turned-on.', 'wp-simple-firewall' )
|
408 |
];
|
411 |
$aNotices[ 'messages' ][ 'wcf' ] = [
|
412 |
'title' => $aScanNames[ 'wcf' ],
|
413 |
'message' => __( 'Modified WordPress core files found.', 'wp-simple-firewall' ),
|
414 |
+
'href' => $sScansUrl,
|
415 |
'action' => __( 'Run Scan', 'wp-simple-firewall' ),
|
416 |
'rec' => __( 'Scan WP core files and repair any files that are flagged as modified.', 'wp-simple-firewall' )
|
417 |
];
|
432 |
$aNotices[ 'messages' ][ 'ufc' ] = [
|
433 |
'title' => $aScanNames[ 'ufc' ],
|
434 |
'message' => __( 'Unrecognised files found in WordPress Core directory.', 'wp-simple-firewall' ),
|
435 |
+
'href' => $sScansUrl,
|
436 |
'action' => __( 'Run Scan', 'wp-simple-firewall' ),
|
437 |
'rec' => __( 'Scan and remove any files that are not meant to be in the WP core directories.', 'wp-simple-firewall' )
|
438 |
];
|
445 |
$aNotices[ 'messages' ][ 'ptg' ] = [
|
446 |
'title' => $aScanNames[ 'ptg' ],
|
447 |
'message' => __( 'Automatic Plugin/Themes Guard is not enabled.', 'wp-simple-firewall' ),
|
448 |
+
'href' => $this->getUrl_DirectLinkToOption( 'ptg_enable' ),
|
449 |
'action' => sprintf( __( 'Go To %s', 'wp-simple-firewall' ), __( 'Options', 'wp-simple-firewall' ) ),
|
450 |
'rec' => __( 'Automatic detection of plugin/theme modifications is recommended.', 'wp-simple-firewall' )
|
451 |
];
|
454 |
$aNotices[ 'messages' ][ 'ptg' ] = [
|
455 |
'title' => $aScanNames[ 'ptg' ],
|
456 |
'message' => __( 'A plugin/theme was found to have been modified.', 'wp-simple-firewall' ),
|
457 |
+
'href' => $sScansUrl,
|
458 |
'action' => __( 'Run Scan', 'wp-simple-firewall' ),
|
459 |
'rec' => __( 'Reviewing modifications to your plugins/themes is recommended.', 'wp-simple-firewall' )
|
460 |
];
|
475 |
$aNotices[ 'messages' ][ 'wpv' ] = [
|
476 |
'title' => $aScanNames[ 'wpv' ],
|
477 |
'message' => __( 'At least 1 item has known vulnerabilities.', 'wp-simple-firewall' ),
|
478 |
+
'href' => $sScansUrl,
|
479 |
'action' => __( 'Run Scan', 'wp-simple-firewall' ),
|
480 |
'rec' => __( 'Items with known vulnerabilities should be updated, removed, or replaced.', 'wp-simple-firewall' )
|
481 |
];
|
496 |
$aNotices[ 'messages' ][ 'apc' ] = [
|
497 |
'title' => $aScanNames[ 'apc' ],
|
498 |
'message' => __( 'At least 1 plugin on your site is abandoned.', 'wp-simple-firewall' ),
|
499 |
+
'href' => $sScansUrl,
|
500 |
'action' => __( 'Run Scan', 'wp-simple-firewall' ),
|
501 |
'rec' => __( 'Plugins that have been abandoned represent a potential risk to your site.', 'wp-simple-firewall' )
|
502 |
];
|
517 |
$aNotices[ 'messages' ][ 'mal' ] = [
|
518 |
'title' => $aScanNames[ 'mal' ],
|
519 |
'message' => __( 'At least 1 file with potential Malware has been discovered.', 'wp-simple-firewall' ),
|
520 |
+
'href' => $sScansUrl,
|
521 |
'action' => __( 'Run Scan', 'wp-simple-firewall' ),
|
522 |
'rec' => __( 'Files identified as potential malware should be examined as soon as possible.', 'wp-simple-firewall' )
|
523 |
];
|
573 |
__( 'Core files scanned regularly for hacks', 'wp-simple-firewall' )
|
574 |
: __( "Core files are never scanned for hacks!", 'wp-simple-firewall' ),
|
575 |
'weight' => 2,
|
576 |
+
'href' => $this->getUrl_DirectLinkToOption( 'enable_core_file_integrity_scan' ),
|
577 |
];
|
578 |
+
if ( $bCore && !$oOpts->isRepairFileWP() ) {
|
579 |
$aThis[ 'key_opts' ][ 'wcf_repair' ] = [
|
580 |
'name' => __( 'WP Core File Repair', 'wp-simple-firewall' ),
|
581 |
+
'enabled' => $oOpts->isRepairFileWP(),
|
582 |
+
'summary' => $oOpts->isRepairFileWP() ?
|
583 |
__( 'Core files are automatically repaired', 'wp-simple-firewall' )
|
584 |
: __( "Core files aren't automatically repaired!", 'wp-simple-firewall' ),
|
585 |
'weight' => 1,
|
586 |
+
'href' => $this->getUrl_DirectLinkToOption( 'file_repair_areas' ),
|
587 |
];
|
588 |
}
|
589 |
|
590 |
+
$bUcf = $this->isScanEnabled( 'ufc' );
|
591 |
$aThis[ 'key_opts' ][ 'ufc' ] = [
|
592 |
'name' => __( 'Unrecognised Files', 'wp-simple-firewall' ),
|
593 |
'enabled' => $bUcf,
|
597 |
'weight' => 2,
|
598 |
'href' => $this->getUrl_DirectLinkToSection( 'section_scan_ufc' ),
|
599 |
];
|
600 |
+
if ( $bUcf && !$oOpts->isUfsDeleteFiles() ) {
|
601 |
$aThis[ 'key_opts' ][ 'ufc_repair' ] = [
|
602 |
'name' => __( 'Unrecognised Files Removal', 'wp-simple-firewall' ),
|
603 |
+
'enabled' => $oOpts->isUfsDeleteFiles(),
|
604 |
+
'summary' => $oOpts->isUfsDeleteFiles() ?
|
605 |
__( 'Unrecognised files are automatically removed', 'wp-simple-firewall' )
|
606 |
: __( "Unrecognised files aren't automatically removed!", 'wp-simple-firewall' ),
|
607 |
'weight' => 1,
|
609 |
];
|
610 |
}
|
611 |
|
612 |
+
$bWpv = $this->isScanEnabled( 'wpv' );
|
613 |
$aThis[ 'key_opts' ][ 'wpv' ] = [
|
614 |
'name' => __( 'Vulnerability Scan', 'wp-simple-firewall' ),
|
615 |
'enabled' => $bWpv,
|
641 |
__( 'Plugins and Themes are guarded against tampering', 'wp-simple-firewall' )
|
642 |
: __( "Plugins and Themes are never scanned for tampering!", 'wp-simple-firewall' ),
|
643 |
'weight' => 2,
|
644 |
+
'href' => $this->getUrl_DirectLinkToOption( 'ptg_enable' ),
|
645 |
];
|
646 |
|
647 |
$bMal = $this->isScanEnabled( 'mal' );
|
674 |
}
|
675 |
|
676 |
/**
|
677 |
+
* @return Shield\Databases\FileLocker\Handler
|
678 |
*/
|
679 |
+
public function getDbHandler_FileLocker() {
|
680 |
+
return $this->getDbH( 'file_protect' );
|
|
|
|
|
|
|
681 |
}
|
682 |
|
683 |
/**
|
706 |
&& parent::isReadyToExecute();
|
707 |
}
|
708 |
|
709 |
+
public function onPluginDeactivate() {
|
710 |
+
// 1. Clean out the scanners
|
711 |
+
/** @var HackGuard\Options $oOpts */
|
712 |
+
$oOpts = $this->getOptions();
|
713 |
+
foreach ( $oOpts->getScanSlugs() as $sSlug ) {
|
714 |
+
$this->getScanCon( $sSlug )->purge();
|
715 |
+
}
|
716 |
+
$this->getDbHandler_ScanQueue()->deleteTable();
|
717 |
+
$this->getDbHandler_ScanResults()->deleteTable();
|
718 |
+
// 2. Clean out the file locker
|
719 |
+
$this->getFileLocker()->purge();
|
720 |
+
}
|
721 |
+
|
722 |
/**
|
723 |
* @return string
|
724 |
*/
|
725 |
protected function getNamespaceBase() {
|
726 |
return 'HackGuard';
|
727 |
}
|
728 |
+
|
729 |
+
/**
|
730 |
+
* @return string
|
731 |
+
* @deprecated 9.0
|
732 |
+
*/
|
733 |
+
public function getWpvulnPluginsHighlightOption() {
|
734 |
+
return 'disabled';
|
735 |
+
}
|
736 |
+
|
737 |
+
/**
|
738 |
+
* @return bool
|
739 |
+
* @deprecated 9.0
|
740 |
+
*/
|
741 |
+
public function isIncludeFileLists() {
|
742 |
+
return false;
|
743 |
+
}
|
744 |
+
|
745 |
+
/**
|
746 |
+
* @return int
|
747 |
+
* @deprecated 9.0
|
748 |
+
*/
|
749 |
+
public function getScanNotificationInterval() {
|
750 |
+
return 0;
|
751 |
+
}
|
752 |
+
|
753 |
+
/**
|
754 |
+
* @return HackGuard\Scan\Queue\Controller
|
755 |
+
* @deprecated 9.0
|
756 |
+
*/
|
757 |
+
public function getScanController() {
|
758 |
+
return $this->getScanQueueController();
|
759 |
+
}
|
760 |
+
|
761 |
+
/**
|
762 |
+
* @return bool
|
763 |
+
* @deprecated 9.0
|
764 |
+
*/
|
765 |
+
public function canPtgWriteToDisk() {
|
766 |
+
$nNow = Services::Request()->ts();
|
767 |
+
$bLastCheckExpired = ( $nNow - $this->getOpt( 'ptg_candiskwrite_at', 0 ) ) > DAY_IN_SECONDS;
|
768 |
+
|
769 |
+
$bCanWrite = $this->getOpt( 'ptg_candiskwrite' ) && !$bLastCheckExpired;
|
770 |
+
if ( !$bCanWrite ) {
|
771 |
+
$oFS = Services::WpFs();
|
772 |
+
$sDir = $this->getPtgSnapsBaseDir();
|
773 |
+
|
774 |
+
if ( $sDir && $oFS->mkdir( $sDir ) ) {
|
775 |
+
$sTestFile = path_join( $sDir, 'test.txt' );
|
776 |
+
$oFS->putFileContent( $sTestFile, 'test-'.$nNow );
|
777 |
+
$sContents = $oFS->exists( $sTestFile ) ? $oFS->getFileContent( $sTestFile ) : '';
|
778 |
+
if ( $sContents === 'test-'.$nNow ) {
|
779 |
+
$oFS->deleteFile( $sTestFile );
|
780 |
+
$bCanWrite = !$oFS->exists( $sTestFile );
|
781 |
+
$this->setOpt( 'ptg_candiskwrite', $bCanWrite );
|
782 |
+
}
|
783 |
+
$this->setOpt( 'ptg_candiskwrite_at', $nNow );
|
784 |
+
}
|
785 |
+
}
|
786 |
+
|
787 |
+
return $bCanWrite;
|
788 |
+
}
|
789 |
}
|
src/features/headers.php
CHANGED
@@ -5,7 +5,7 @@ use FernleafSystems\Wordpress\Services\Services;
|
|
5 |
|
6 |
class ICWP_WPSF_FeatureHandler_Headers extends ICWP_WPSF_FeatureHandler_BaseWpsf {
|
7 |
|
8 |
-
protected function
|
9 |
$this->cleanCspHosts();
|
10 |
$this->cleanCustomRules();
|
11 |
}
|
5 |
|
6 |
class ICWP_WPSF_FeatureHandler_Headers extends ICWP_WPSF_FeatureHandler_BaseWpsf {
|
7 |
|
8 |
+
protected function preProcessOptions() {
|
9 |
$this->cleanCspHosts();
|
10 |
$this->cleanCustomRules();
|
11 |
}
|
src/features/insights.php
CHANGED
@@ -17,6 +17,17 @@ class ICWP_WPSF_FeatureHandler_Insights extends ICWP_WPSF_FeatureHandler_BaseWps
|
|
17 |
}
|
18 |
}
|
19 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
20 |
/**
|
21 |
* @param array $aData
|
22 |
* @return string
|
@@ -34,8 +45,9 @@ class ICWP_WPSF_FeatureHandler_Insights extends ICWP_WPSF_FeatureHandler_BaseWps
|
|
34 |
$sNavSection = $oReq->query( 'inav', 'overview' );
|
35 |
$sSubNavSection = $oReq->query( 'subnav' );
|
36 |
|
37 |
-
|
38 |
-
|
|
|
39 |
/** @var Shield\Databases\Traffic\Select $oTrafficSelector */
|
40 |
$oTrafficSelector = $oTrafficMod->getDbHandler_Traffic()->getQuerySelector();
|
41 |
|
@@ -69,8 +81,6 @@ class ICWP_WPSF_FeatureHandler_Insights extends ICWP_WPSF_FeatureHandler_BaseWps
|
|
69 |
$oTourManager->setCompleted( 'insights_overview' );
|
70 |
}
|
71 |
|
72 |
-
/** @var ICWP_WPSF_Processor_Plugin $oProPlugin */
|
73 |
-
$oProPlugin = $oModPlugin->getProcessor();
|
74 |
$oEvtsMod = $oCon->getModule_Events();
|
75 |
|
76 |
$bIsPro = $this->isPremium();
|
@@ -104,6 +114,16 @@ class ICWP_WPSF_FeatureHandler_Insights extends ICWP_WPSF_FeatureHandler_BaseWps
|
|
104 |
];
|
105 |
break;
|
106 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
107 |
case 'ips':
|
108 |
$aData = [
|
109 |
'ajax' => [
|
@@ -179,7 +199,7 @@ class ICWP_WPSF_FeatureHandler_Insights extends ICWP_WPSF_FeatureHandler_BaseWps
|
|
179 |
],
|
180 |
'flags' => [
|
181 |
'can_traffic' => true, // since 8.2 it's always available
|
182 |
-
'is_enabled' => $
|
183 |
],
|
184 |
'hrefs' => [
|
185 |
'please_enable' => $oTrafficMod->getUrl_DirectLinkToOption( 'enable_traffic' ),
|
@@ -211,7 +231,7 @@ class ICWP_WPSF_FeatureHandler_Insights extends ICWP_WPSF_FeatureHandler_BaseWps
|
|
211 |
break;
|
212 |
|
213 |
case 'importexport':
|
214 |
-
$aData = $
|
215 |
break;
|
216 |
|
217 |
case 'reports':
|
@@ -311,6 +331,7 @@ class ICWP_WPSF_FeatureHandler_Insights extends ICWP_WPSF_FeatureHandler_BaseWps
|
|
311 |
'notes' => __( 'Notes', 'wp-simple-firewall' ),
|
312 |
// 'reports' => __( 'Reports', 'wp-simple-firewall' ),
|
313 |
'importexport' => sprintf( '%s/%s', __( 'Import', 'wp-simple-firewall' ), __( 'Export', 'wp-simple-firewall' ) ),
|
|
|
314 |
];
|
315 |
if ( $bIsPro ) {
|
316 |
unset( $aTopNav[ 'license' ] );
|
@@ -369,7 +390,7 @@ class ICWP_WPSF_FeatureHandler_Insights extends ICWP_WPSF_FeatureHandler_BaseWps
|
|
369 |
],
|
370 |
'strings' => $this->getStrings()->getDisplayStrings(),
|
371 |
'vars' => [
|
372 |
-
'changelog_id' => $oCon->getPluginSpec()[ 'meta' ][ '
|
373 |
'search_select' => $aSearchSelect
|
374 |
],
|
375 |
],
|
17 |
}
|
18 |
}
|
19 |
|
20 |
+
/**
|
21 |
+
* @param string $sSubPage
|
22 |
+
* @return string
|
23 |
+
*/
|
24 |
+
public function getUrl_SubInsightsPage( $sSubPage ) {
|
25 |
+
return add_query_arg(
|
26 |
+
[ 'inav' => sanitize_key( $sSubPage ) ],
|
27 |
+
$this->getCon()->getModule_Insights()->getUrl_AdminPage()
|
28 |
+
);
|
29 |
+
}
|
30 |
+
|
31 |
/**
|
32 |
* @param array $aData
|
33 |
* @return string
|
45 |
$sNavSection = $oReq->query( 'inav', 'overview' );
|
46 |
$sSubNavSection = $oReq->query( 'subnav' );
|
47 |
|
48 |
+
$oTrafficMod = $oCon->getModule_Traffic();
|
49 |
+
/** @var Shield\Modules\Traffic\Options $oTrafficOpts */
|
50 |
+
$oTrafficOpts = $oTrafficMod->getOptions();
|
51 |
/** @var Shield\Databases\Traffic\Select $oTrafficSelector */
|
52 |
$oTrafficSelector = $oTrafficMod->getDbHandler_Traffic()->getQuerySelector();
|
53 |
|
81 |
$oTourManager->setCompleted( 'insights_overview' );
|
82 |
}
|
83 |
|
|
|
|
|
84 |
$oEvtsMod = $oCon->getModule_Events();
|
85 |
|
86 |
$bIsPro = $this->isPremium();
|
114 |
];
|
115 |
break;
|
116 |
|
117 |
+
case 'debug':
|
118 |
+
$aData = [
|
119 |
+
'vars' => [
|
120 |
+
'debug_data' => ( new Shield\Modules\Plugin\Lib\Debug\Collate() )
|
121 |
+
->setMod( $oModPlugin )
|
122 |
+
->run()
|
123 |
+
],
|
124 |
+
];
|
125 |
+
break;
|
126 |
+
|
127 |
case 'ips':
|
128 |
$aData = [
|
129 |
'ajax' => [
|
199 |
],
|
200 |
'flags' => [
|
201 |
'can_traffic' => true, // since 8.2 it's always available
|
202 |
+
'is_enabled' => $oTrafficOpts->isTrafficLoggerEnabled(),
|
203 |
],
|
204 |
'hrefs' => [
|
205 |
'please_enable' => $oTrafficMod->getUrl_DirectLinkToOption( 'enable_traffic' ),
|
231 |
break;
|
232 |
|
233 |
case 'importexport':
|
234 |
+
$aData = $oModPlugin->getImpExpController()->buildInsightsVars();
|
235 |
break;
|
236 |
|
237 |
case 'reports':
|
331 |
'notes' => __( 'Notes', 'wp-simple-firewall' ),
|
332 |
// 'reports' => __( 'Reports', 'wp-simple-firewall' ),
|
333 |
'importexport' => sprintf( '%s/%s', __( 'Import', 'wp-simple-firewall' ), __( 'Export', 'wp-simple-firewall' ) ),
|
334 |
+
// 'debug' => __( 'Debug', 'wp-simple-firewall' ),
|
335 |
];
|
336 |
if ( $bIsPro ) {
|
337 |
unset( $aTopNav[ 'license' ] );
|
390 |
],
|
391 |
'strings' => $this->getStrings()->getDisplayStrings(),
|
392 |
'vars' => [
|
393 |
+
'changelog_id' => $oCon->getPluginSpec()[ 'meta' ][ 'announcekit_changelog_id' ],
|
394 |
'search_select' => $aSearchSelect
|
395 |
],
|
396 |
],
|
src/features/ips.php
CHANGED
@@ -15,6 +15,28 @@ class ICWP_WPSF_FeatureHandler_Ips extends ICWP_WPSF_FeatureHandler_BaseWpsf {
|
|
15 |
*/
|
16 |
private $oOffenseTracker;
|
17 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
18 |
/**
|
19 |
* @return false|Shield\Databases\IPs\Handler
|
20 |
*/
|
@@ -34,7 +56,7 @@ class ICWP_WPSF_FeatureHandler_Ips extends ICWP_WPSF_FeatureHandler_BaseWpsf {
|
|
34 |
&& parent::isReadyToExecute();
|
35 |
}
|
36 |
|
37 |
-
protected function
|
38 |
/** @var IPs\Options $oOpts */
|
39 |
$oOpts = $this->getOptions();
|
40 |
if ( !defined( strtoupper( $oOpts->getOpt( 'auto_expire' ).'_IN_SECONDS' ) ) ) {
|
@@ -75,14 +97,6 @@ class ICWP_WPSF_FeatureHandler_Ips extends ICWP_WPSF_FeatureHandler_BaseWpsf {
|
|
75 |
) ) ) );
|
76 |
}
|
77 |
|
78 |
-
/**
|
79 |
-
* @return array
|
80 |
-
*/
|
81 |
-
public function getAutoUnblockIps() {
|
82 |
-
$aIps = $this->getOpt( 'autounblock_ips', [] );
|
83 |
-
return is_array( $aIps ) ? $aIps : [];
|
84 |
-
}
|
85 |
-
|
86 |
/**
|
87 |
* @return IPs\Lib\OffenseTracker
|
88 |
*/
|
@@ -93,24 +107,6 @@ class ICWP_WPSF_FeatureHandler_Ips extends ICWP_WPSF_FeatureHandler_BaseWpsf {
|
|
93 |
return $this->oOffenseTracker;
|
94 |
}
|
95 |
|
96 |
-
/**
|
97 |
-
* @param string $sIp
|
98 |
-
* @return $this
|
99 |
-
*/
|
100 |
-
public function updateIpRequestAutoUnblockTs( $sIp ) {
|
101 |
-
$aExistingIps = $this->getAutoUnblockIps();
|
102 |
-
$aExistingIps[ $sIp ] = Services::Request()->ts();
|
103 |
-
return $this->setAutoUnblockIps( $aExistingIps );
|
104 |
-
}
|
105 |
-
|
106 |
-
/**
|
107 |
-
* @param array $aIps
|
108 |
-
* @return $this
|
109 |
-
*/
|
110 |
-
public function setAutoUnblockIps( $aIps ) {
|
111 |
-
return $this->setOpt( 'autounblock_ips', $aIps );
|
112 |
-
}
|
113 |
-
|
114 |
/**
|
115 |
* @param string $sSection
|
116 |
* @return array
|
@@ -179,7 +175,7 @@ class ICWP_WPSF_FeatureHandler_Ips extends ICWP_WPSF_FeatureHandler_BaseWpsf {
|
|
179 |
* Hooked to the plugin's main plugin_shutdown action
|
180 |
*/
|
181 |
public function onPluginShutdown() {
|
182 |
-
if ( !$this->getCon()->
|
183 |
$this->addFilterIpsToWhiteList();
|
184 |
}
|
185 |
parent::onPluginShutdown();
|
15 |
*/
|
16 |
private $oOffenseTracker;
|
17 |
|
18 |
+
/**
|
19 |
+
* @var IPs\Lib\BlacklistHandler
|
20 |
+
*/
|
21 |
+
private $oBlacklistHandler;
|
22 |
+
|
23 |
+
/**
|
24 |
+
* @return IPs\Lib\BlacklistHandler
|
25 |
+
*/
|
26 |
+
public function getBlacklistHandler() {
|
27 |
+
if ( !isset( $this->oBlacklistHandler ) ) {
|
28 |
+
$this->oBlacklistHandler = ( new IPs\Lib\BlacklistHandler() )->setMod( $this );
|
29 |
+
}
|
30 |
+
return $this->oBlacklistHandler;
|
31 |
+
}
|
32 |
+
|
33 |
+
/**
|
34 |
+
* @return IPs\Lib\BlacklistHandler
|
35 |
+
*/
|
36 |
+
public function getProcessor() {
|
37 |
+
return $this->getBlacklistHandler();
|
38 |
+
}
|
39 |
+
|
40 |
/**
|
41 |
* @return false|Shield\Databases\IPs\Handler
|
42 |
*/
|
56 |
&& parent::isReadyToExecute();
|
57 |
}
|
58 |
|
59 |
+
protected function preProcessOptions() {
|
60 |
/** @var IPs\Options $oOpts */
|
61 |
$oOpts = $this->getOptions();
|
62 |
if ( !defined( strtoupper( $oOpts->getOpt( 'auto_expire' ).'_IN_SECONDS' ) ) ) {
|
97 |
) ) ) );
|
98 |
}
|
99 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
100 |
/**
|
101 |
* @return IPs\Lib\OffenseTracker
|
102 |
*/
|
107 |
return $this->oOffenseTracker;
|
108 |
}
|
109 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
110 |
/**
|
111 |
* @param string $sSection
|
112 |
* @return array
|
175 |
* Hooked to the plugin's main plugin_shutdown action
|
176 |
*/
|
177 |
public function onPluginShutdown() {
|
178 |
+
if ( !$this->getCon()->plugin_deleting ) {
|
179 |
$this->addFilterIpsToWhiteList();
|
180 |
}
|
181 |
parent::onPluginShutdown();
|
src/features/license.php
CHANGED
@@ -16,12 +16,19 @@ class ICWP_WPSF_FeatureHandler_License extends ICWP_WPSF_FeatureHandler_BaseWpsf
|
|
16 |
*/
|
17 |
private $oWpHashesTokenManager;
|
18 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
19 |
/**
|
20 |
* @return License\Lib\LicenseHandler
|
21 |
*/
|
22 |
public function getLicenseHandler() {
|
23 |
if ( !isset( $this->oLicHandler ) ) {
|
24 |
-
$this->oLicHandler = ( new
|
25 |
}
|
26 |
return $this->oLicHandler;
|
27 |
}
|
@@ -31,7 +38,7 @@ class ICWP_WPSF_FeatureHandler_License extends ICWP_WPSF_FeatureHandler_BaseWpsf
|
|
31 |
*/
|
32 |
public function getWpHashesTokenManager() {
|
33 |
if ( !isset( $this->oWpHashesTokenManager ) ) {
|
34 |
-
$this->oWpHashesTokenManager = ( new
|
35 |
}
|
36 |
return $this->oWpHashesTokenManager;
|
37 |
}
|
@@ -126,12 +133,9 @@ class ICWP_WPSF_FeatureHandler_License extends ICWP_WPSF_FeatureHandler_BaseWpsf
|
|
126 |
$this->getWpHashesTokenManager()->getToken();
|
127 |
}
|
128 |
|
129 |
-
|
130 |
-
|
131 |
-
|
132 |
-
|
133 |
-
public function onWpLoaded() {
|
134 |
-
$this->getWpHashesTokenManager()->run();
|
135 |
}
|
136 |
|
137 |
/**
|
16 |
*/
|
17 |
private $oWpHashesTokenManager;
|
18 |
|
19 |
+
/**
|
20 |
+
* @return License\Lib\LicenseHandler
|
21 |
+
*/
|
22 |
+
public function getProcessor() {
|
23 |
+
return $this->getLicenseHandler();
|
24 |
+
}
|
25 |
+
|
26 |
/**
|
27 |
* @return License\Lib\LicenseHandler
|
28 |
*/
|
29 |
public function getLicenseHandler() {
|
30 |
if ( !isset( $this->oLicHandler ) ) {
|
31 |
+
$this->oLicHandler = ( new License\Lib\LicenseHandler() )->setMod( $this );
|
32 |
}
|
33 |
return $this->oLicHandler;
|
34 |
}
|
38 |
*/
|
39 |
public function getWpHashesTokenManager() {
|
40 |
if ( !isset( $this->oWpHashesTokenManager ) ) {
|
41 |
+
$this->oWpHashesTokenManager = ( new License\Lib\WpHashes\ApiTokenManager() )->setMod( $this );
|
42 |
}
|
43 |
return $this->oWpHashesTokenManager;
|
44 |
}
|
133 |
$this->getWpHashesTokenManager()->getToken();
|
134 |
}
|
135 |
|
136 |
+
public function onWpInit() {
|
137 |
+
parent::onWpInit();
|
138 |
+
$this->getWpHashesTokenManager()->execute();
|
|
|
|
|
|
|
139 |
}
|
140 |
|
141 |
/**
|
src/features/lockdown.php
CHANGED
@@ -45,11 +45,7 @@ class ICWP_WPSF_FeatureHandler_Lockdown extends ICWP_WPSF_FeatureHandler_BaseWps
|
|
45 |
return $this->isOpt( 'disable_xmlrpc', 'Y' );
|
46 |
}
|
47 |
|
48 |
-
protected function
|
49 |
-
$sMask = $this->getOpt( 'mask_wordpress_version' );
|
50 |
-
if ( !empty( $sMask ) ) {
|
51 |
-
$this->setOpt( 'mask_wordpress_version', preg_replace( '/[^a-z0-9_.-]/i', '', $sMask ) );
|
52 |
-
}
|
53 |
$this->cleanApiExclusions();
|
54 |
}
|
55 |
|
45 |
return $this->isOpt( 'disable_xmlrpc', 'Y' );
|
46 |
}
|
47 |
|
48 |
+
protected function preProcessOptions() {
|
|
|
|
|
|
|
|
|
49 |
$this->cleanApiExclusions();
|
50 |
}
|
51 |
|
src/features/login_protect.php
CHANGED
@@ -11,7 +11,7 @@ class ICWP_WPSF_FeatureHandler_LoginProtect extends ICWP_WPSF_FeatureHandler_Bas
|
|
11 |
*/
|
12 |
private $oLoginIntentController;
|
13 |
|
14 |
-
protected function
|
15 |
/** @var LoginGuard\Options $oOpts */
|
16 |
$oOpts = $this->getOptions();
|
17 |
/**
|
@@ -26,7 +26,7 @@ class ICWP_WPSF_FeatureHandler_LoginProtect extends ICWP_WPSF_FeatureHandler_Bas
|
|
26 |
->sendEmailVerifyCanSend();
|
27 |
}
|
28 |
|
29 |
-
$aIds = $
|
30 |
foreach ( $aIds as $nKey => $sId ) {
|
31 |
$sId = trim( strip_tags( $sId ) );
|
32 |
if ( empty( $sId ) ) {
|
@@ -36,9 +36,32 @@ class ICWP_WPSF_FeatureHandler_LoginProtect extends ICWP_WPSF_FeatureHandler_Bas
|
|
36 |
$aIds[ $nKey ] = $sId;
|
37 |
}
|
38 |
}
|
39 |
-
$
|
40 |
|
41 |
$this->cleanLoginUrlPath();
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
42 |
}
|
43 |
|
44 |
/**
|
@@ -72,7 +95,9 @@ class ICWP_WPSF_FeatureHandler_LoginProtect extends ICWP_WPSF_FeatureHandler_Bas
|
|
72 |
$sMessage = __( 'Email verification could not be completed.', 'wp-simple-firewall' );
|
73 |
}
|
74 |
$this->setFlashAdminNotice( $sMessage, !$bSuccess );
|
75 |
-
Services::
|
|
|
|
|
76 |
}
|
77 |
|
78 |
/**
|
@@ -95,7 +120,7 @@ class ICWP_WPSF_FeatureHandler_LoginProtect extends ICWP_WPSF_FeatureHandler_Bas
|
|
95 |
if ( $bSendAsLink ) {
|
96 |
$aMessage[] = sprintf(
|
97 |
__( 'Click the verify link: %s', 'wp-simple-firewall' ),
|
98 |
-
$this->
|
99 |
);
|
100 |
}
|
101 |
else {
|
@@ -117,35 +142,6 @@ class ICWP_WPSF_FeatureHandler_LoginProtect extends ICWP_WPSF_FeatureHandler_Bas
|
|
117 |
}
|
118 |
}
|
119 |
|
120 |
-
/**
|
121 |
-
* @return bool
|
122 |
-
*/
|
123 |
-
public function isProtectLogin() {
|
124 |
-
return $this->isProtect( 'login' );
|
125 |
-
}
|
126 |
-
|
127 |
-
/**
|
128 |
-
* @return bool
|
129 |
-
*/
|
130 |
-
public function isProtectLostPassword() {
|
131 |
-
return $this->isProtect( 'password' );
|
132 |
-
}
|
133 |
-
|
134 |
-
/**
|
135 |
-
* @return bool
|
136 |
-
*/
|
137 |
-
public function isProtectRegister() {
|
138 |
-
return $this->isProtect( 'register' );
|
139 |
-
}
|
140 |
-
|
141 |
-
/**
|
142 |
-
* @param string $sLocationKey - see config for keys, e.g. login, register, password, checkout_woo
|
143 |
-
* @return bool
|
144 |
-
*/
|
145 |
-
public function isProtect( $sLocationKey ) {
|
146 |
-
return in_array( $sLocationKey, $this->getBotProtectionLocations() );
|
147 |
-
}
|
148 |
-
|
149 |
/**
|
150 |
* @param bool $bAsOptDefaults
|
151 |
* @return array
|
@@ -212,42 +208,32 @@ class ICWP_WPSF_FeatureHandler_LoginProtect extends ICWP_WPSF_FeatureHandler_Bas
|
|
212 |
* @return string
|
213 |
*/
|
214 |
public function getCanEmailVerifyCode() {
|
215 |
-
return strtoupper( substr( $this->
|
216 |
-
}
|
217 |
-
|
218 |
-
/**
|
219 |
-
* @return string
|
220 |
-
*/
|
221 |
-
public function getTwoAuthSecretKey() {
|
222 |
-
$sKey = $this->getOpt( 'two_factor_secret_key' );
|
223 |
-
if ( empty( $sKey ) ) {
|
224 |
-
$sKey = md5( mt_rand() );
|
225 |
-
$this->setOpt( 'two_factor_secret_key', $sKey );
|
226 |
-
}
|
227 |
-
return $sKey;
|
228 |
}
|
229 |
|
230 |
/**
|
231 |
* @return bool
|
232 |
*/
|
233 |
-
public function
|
234 |
-
return
|
235 |
}
|
236 |
|
237 |
/**
|
238 |
-
* @return
|
239 |
*/
|
240 |
-
public function
|
|
|
241 |
$sStyle = $this->getOpt( 'enable_google_recaptcha_login' );
|
242 |
-
$
|
243 |
-
|
244 |
-
$
|
245 |
}
|
246 |
-
return $
|
247 |
}
|
248 |
|
249 |
/**
|
250 |
* @return array
|
|
|
251 |
*/
|
252 |
public function getBotProtectionLocations() {
|
253 |
$aLocs = $this->getOpt( 'bot_protection_locations' );
|
@@ -328,6 +314,7 @@ class ICWP_WPSF_FeatureHandler_LoginProtect extends ICWP_WPSF_FeatureHandler_Bas
|
|
328 |
|
329 |
/**
|
330 |
* @return bool
|
|
|
331 |
*/
|
332 |
public function isEnabledGaspCheck() {
|
333 |
return $this->isModOptEnabled() && $this->isOpt( 'enable_login_gasp_check', 'Y' );
|
@@ -387,15 +374,17 @@ class ICWP_WPSF_FeatureHandler_LoginProtect extends ICWP_WPSF_FeatureHandler_Bas
|
|
387 |
|
388 |
/**
|
389 |
* @return bool
|
|
|
390 |
*/
|
391 |
public function isEnabledBotJs() {
|
392 |
-
|
393 |
-
|
394 |
-
|
395 |
}
|
396 |
|
397 |
/**
|
398 |
* @return array
|
|
|
399 |
*/
|
400 |
public function getAntiBotFormSelectors() {
|
401 |
$aIds = $this->getOpt( 'antibot_form_ids', [] );
|
@@ -437,11 +426,11 @@ class ICWP_WPSF_FeatureHandler_LoginProtect extends ICWP_WPSF_FeatureHandler_Bas
|
|
437 |
$aThis[ 'key_opts' ][ 'mod' ] = $this->getModDisabledInsight();
|
438 |
}
|
439 |
else {
|
440 |
-
$bHasBotCheck = $
|
441 |
|
442 |
-
$bBotLogin = $bHasBotCheck && $
|
443 |
-
$bBotRegister = $bHasBotCheck && $
|
444 |
-
$bBotPassword = $bHasBotCheck && $
|
445 |
$aThis[ 'key_opts' ][ 'bot_login' ] = [
|
446 |
'name' => __( 'Brute Force Login', 'wp-simple-firewall' ),
|
447 |
'enabled' => $bBotLogin,
|
@@ -493,4 +482,36 @@ class ICWP_WPSF_FeatureHandler_LoginProtect extends ICWP_WPSF_FeatureHandler_Bas
|
|
493 |
protected function getNamespaceBase() {
|
494 |
return 'LoginGuard';
|
495 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
496 |
}
|
11 |
*/
|
12 |
private $oLoginIntentController;
|
13 |
|
14 |
+
protected function preProcessOptions() {
|
15 |
/** @var LoginGuard\Options $oOpts */
|
16 |
$oOpts = $this->getOptions();
|
17 |
/**
|
26 |
->sendEmailVerifyCanSend();
|
27 |
}
|
28 |
|
29 |
+
$aIds = $oOpts->getAntiBotFormSelectors();
|
30 |
foreach ( $aIds as $nKey => $sId ) {
|
31 |
$sId = trim( strip_tags( $sId ) );
|
32 |
if ( empty( $sId ) ) {
|
36 |
$aIds[ $nKey ] = $sId;
|
37 |
}
|
38 |
}
|
39 |
+
$oOpts->setOpt( 'antibot_form_ids', array_values( array_unique( $aIds ) ) );
|
40 |
|
41 |
$this->cleanLoginUrlPath();
|
42 |
+
$this->ensureCorrectCaptchaConfig();
|
43 |
+
}
|
44 |
+
|
45 |
+
protected function updateHandler() {
|
46 |
+
$this->ensureCorrectCaptchaConfig();
|
47 |
+
}
|
48 |
+
|
49 |
+
protected function ensureCorrectCaptchaConfig() {
|
50 |
+
/** @var LoginGuard\Options $oOpts */
|
51 |
+
$oOpts = $this->getOptions();
|
52 |
+
|
53 |
+
$sStyle = $oOpts->getOpt( 'enable_google_recaptcha_login' );
|
54 |
+
if ( $this->isPremium() ) {
|
55 |
+
$oCfg = $this->getCaptchaCfg();
|
56 |
+
if ( $oCfg->provider == $oCfg::PROV_GOOGLE_RECAP2 ) {
|
57 |
+
if ( !$oCfg->invisible && $sStyle == 'invisible' ) {
|
58 |
+
$oOpts->setOpt( 'enable_google_recaptcha_login', 'default' );
|
59 |
+
}
|
60 |
+
}
|
61 |
+
}
|
62 |
+
elseif ( !in_array( $sStyle, [ 'disabled', 'default' ] ) ) {
|
63 |
+
$oOpts->setOpt( 'enable_google_recaptcha_login', 'default' );
|
64 |
+
}
|
65 |
}
|
66 |
|
67 |
/**
|
95 |
$sMessage = __( 'Email verification could not be completed.', 'wp-simple-firewall' );
|
96 |
}
|
97 |
$this->setFlashAdminNotice( $sMessage, !$bSuccess );
|
98 |
+
if ( Services::WpUsers()->isUserLoggedIn() ) {
|
99 |
+
Services::Response()->redirect( $this->getUrl_AdminPage() );
|
100 |
+
}
|
101 |
}
|
102 |
|
103 |
/**
|
120 |
if ( $bSendAsLink ) {
|
121 |
$aMessage[] = sprintf(
|
122 |
__( 'Click the verify link: %s', 'wp-simple-firewall' ),
|
123 |
+
add_query_arg( $this->getModActionParams( 'email_send_verify' ), Services::WpGeneral()->getHomeUrl() )
|
124 |
);
|
125 |
}
|
126 |
else {
|
142 |
}
|
143 |
}
|
144 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
145 |
/**
|
146 |
* @param bool $bAsOptDefaults
|
147 |
* @return array
|
208 |
* @return string
|
209 |
*/
|
210 |
public function getCanEmailVerifyCode() {
|
211 |
+
return strtoupper( substr( $this->getCon()->getSiteInstallationId(), 10, 6 ) );
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
212 |
}
|
213 |
|
214 |
/**
|
215 |
* @return bool
|
216 |
*/
|
217 |
+
public function isEnabledCaptcha() {
|
218 |
+
return !$this->isOpt( 'enable_google_recaptcha_login', 'disabled' ) && $this->getCaptchaCfg()->ready;
|
219 |
}
|
220 |
|
221 |
/**
|
222 |
+
* @return Shield\Modules\Plugin\Lib\Captcha\CaptchaConfigVO
|
223 |
*/
|
224 |
+
public function getCaptchaCfg() {
|
225 |
+
$oCfg = parent::getCaptchaCfg();
|
226 |
$sStyle = $this->getOpt( 'enable_google_recaptcha_login' );
|
227 |
+
if ( $sStyle !== 'default' && $this->isPremium() ) {
|
228 |
+
$oCfg->theme = $sStyle;
|
229 |
+
$oCfg->invisible = $oCfg->theme == 'invisible';
|
230 |
}
|
231 |
+
return $oCfg;
|
232 |
}
|
233 |
|
234 |
/**
|
235 |
* @return array
|
236 |
+
* @deprecated 9.0
|
237 |
*/
|
238 |
public function getBotProtectionLocations() {
|
239 |
$aLocs = $this->getOpt( 'bot_protection_locations' );
|
314 |
|
315 |
/**
|
316 |
* @return bool
|
317 |
+
* @deprecated 9.0
|
318 |
*/
|
319 |
public function isEnabledGaspCheck() {
|
320 |
return $this->isModOptEnabled() && $this->isOpt( 'enable_login_gasp_check', 'Y' );
|
374 |
|
375 |
/**
|
376 |
* @return bool
|
377 |
+
* @deprecated 9.0
|
378 |
*/
|
379 |
public function isEnabledBotJs() {
|
380 |
+
/** @var LoginGuard\Options $oOpts */
|
381 |
+
$oOpts = $this->getOptions();
|
382 |
+
return $oOpts->isEnabledGaspCheck() || $this->isEnabledCaptcha();
|
383 |
}
|
384 |
|
385 |
/**
|
386 |
* @return array
|
387 |
+
* @deprecated 9.0
|
388 |
*/
|
389 |
public function getAntiBotFormSelectors() {
|
390 |
$aIds = $this->getOpt( 'antibot_form_ids', [] );
|
426 |
$aThis[ 'key_opts' ][ 'mod' ] = $this->getModDisabledInsight();
|
427 |
}
|
428 |
else {
|
429 |
+
$bHasBotCheck = $oOpts->isEnabledGaspCheck() || $this->isEnabledCaptcha();
|
430 |
|
431 |
+
$bBotLogin = $bHasBotCheck && $oOpts->isProtectLogin();
|
432 |
+
$bBotRegister = $bHasBotCheck && $oOpts->isProtectRegister();
|
433 |
+
$bBotPassword = $bHasBotCheck && $oOpts->isProtectLostPassword();
|
434 |
$aThis[ 'key_opts' ][ 'bot_login' ] = [
|
435 |
'name' => __( 'Brute Force Login', 'wp-simple-firewall' ),
|
436 |
'enabled' => $bBotLogin,
|
482 |
protected function getNamespaceBase() {
|
483 |
return 'LoginGuard';
|
484 |
}
|
485 |
+
|
486 |
+
/**
|
487 |
+
* @return bool
|
488 |
+
* @deprecated 9.0
|
489 |
+
*/
|
490 |
+
public function isProtectLogin() {
|
491 |
+
return false;
|
492 |
+
}
|
493 |
+
|
494 |
+
/**
|
495 |
+
* @return bool
|
496 |
+
* @deprecated 9.0
|
497 |
+
*/
|
498 |
+
public function isProtectLostPassword() {
|
499 |
+
return false;
|
500 |
+
}
|
501 |
+
|
502 |
+
/**
|
503 |
+
* @return bool
|
504 |
+
* @deprecated 9.0
|
505 |
+
*/
|
506 |
+
public function isProtectRegister() {
|
507 |
+
return false;
|
508 |
+
}
|
509 |
+
|
510 |
+
/**
|
511 |
+
* @return bool
|
512 |
+
* @deprecated 9.0
|
513 |
+
*/
|
514 |
+
public function isProtect() {
|
515 |
+
return false;
|
516 |
+
}
|
517 |
}
|
src/features/plugin.php
CHANGED
@@ -7,22 +7,97 @@ use FernleafSystems\Wordpress\Services\Utilities;
|
|
7 |
|
8 |
class ICWP_WPSF_FeatureHandler_Plugin extends ICWP_WPSF_FeatureHandler_BaseWpsf {
|
9 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
10 |
protected function doPostConstruction() {
|
11 |
$this->setVisitorIpSource();
|
12 |
}
|
13 |
|
14 |
-
protected function
|
15 |
-
|
16 |
-
|
17 |
-
|
18 |
-
|
19 |
-
|
20 |
-
|
21 |
-
|
22 |
-
|
23 |
-
|
24 |
-
|
25 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
26 |
}
|
27 |
|
28 |
protected function updateHandler() {
|
@@ -63,24 +138,6 @@ class ICWP_WPSF_FeatureHandler_Plugin extends ICWP_WPSF_FeatureHandler_BaseWpsf
|
|
63 |
$this->getImportExportSecretKey();
|
64 |
}
|
65 |
|
66 |
-
/**
|
67 |
-
* @return bool
|
68 |
-
*/
|
69 |
-
public function isDisplayPluginBadge() {
|
70 |
-
/** @var Plugin\Options $oOpts */
|
71 |
-
$oOpts = $this->getOptions();
|
72 |
-
return $oOpts->isOnFloatingPluginBadge()
|
73 |
-
&& ( Services::Request()->cookie( $this->getCookieIdBadgeState() ) != 'closed' );
|
74 |
-
}
|
75 |
-
|
76 |
-
/**
|
77 |
-
* @param bool $bDisplay
|
78 |
-
* @return $this
|
79 |
-
*/
|
80 |
-
public function setIsDisplayPluginBadge( $bDisplay ) {
|
81 |
-
return $this->setOpt( 'display_plugin_badge', $bDisplay ? 'Y' : 'N' );
|
82 |
-
}
|
83 |
-
|
84 |
/**
|
85 |
* Forcefully sets preferred Visitor IP source in the Data component for use throughout the plugin
|
86 |
*/
|
@@ -94,21 +151,6 @@ class ICWP_WPSF_FeatureHandler_Plugin extends ICWP_WPSF_FeatureHandler_BaseWpsf
|
|
94 |
}
|
95 |
}
|
96 |
|
97 |
-
/**
|
98 |
-
* @param string $sSource
|
99 |
-
* @return $this
|
100 |
-
*/
|
101 |
-
public function setVisitorAddressSource( $sSource ) {
|
102 |
-
return $this->getOptions()->setOpt( 'visitor_address_source', $sSource );
|
103 |
-
}
|
104 |
-
|
105 |
-
/**
|
106 |
-
* @return string
|
107 |
-
*/
|
108 |
-
public function getCookieIdBadgeState() {
|
109 |
-
return $this->prefix( 'badgeState' );
|
110 |
-
}
|
111 |
-
|
112 |
/**
|
113 |
* @inheritDoc
|
114 |
*/
|
@@ -117,18 +159,16 @@ class ICWP_WPSF_FeatureHandler_Plugin extends ICWP_WPSF_FeatureHandler_BaseWpsf
|
|
117 |
|
118 |
case 'export_file_download':
|
119 |
header( 'Set-Cookie: fileDownload=true; path=/' );
|
120 |
-
|
121 |
-
|
122 |
-
|
123 |
-
->doExportDownload();
|
124 |
break;
|
125 |
|
126 |
case 'import_file_upload':
|
127 |
-
/** @var \ICWP_WPSF_Processor_Plugin $oPro */
|
128 |
-
$oPro = $this->getProcessor();
|
129 |
try {
|
130 |
-
|
131 |
-
|
|
|
132 |
$bSuccess = true;
|
133 |
$sMessage = __( 'Options imported successfully', 'wp-simple-firewall' );
|
134 |
}
|
@@ -137,7 +177,9 @@ class ICWP_WPSF_FeatureHandler_Plugin extends ICWP_WPSF_FeatureHandler_BaseWpsf
|
|
137 |
$sMessage = $oE->getMessage();
|
138 |
}
|
139 |
$this->setFlashAdminNotice( $sMessage, !$bSuccess );
|
140 |
-
Services::Response()->redirect(
|
|
|
|
|
141 |
break;
|
142 |
|
143 |
default:
|
@@ -145,32 +187,6 @@ class ICWP_WPSF_FeatureHandler_Plugin extends ICWP_WPSF_FeatureHandler_BaseWpsf
|
|
145 |
}
|
146 |
}
|
147 |
|
148 |
-
/**
|
149 |
-
* TODO: build better/dynamic direct linking to insights sub-pages
|
150 |
-
* see also hackprotect getUrlManualScan()
|
151 |
-
*/
|
152 |
-
private function getUrlImportExport() {
|
153 |
-
return add_query_arg(
|
154 |
-
[ 'inav' => 'importexport' ],
|
155 |
-
$this->getCon()->getModule_Insights()->getUrl_AdminPage()
|
156 |
-
);
|
157 |
-
}
|
158 |
-
|
159 |
-
/**
|
160 |
-
* @return array
|
161 |
-
*/
|
162 |
-
public function getGoogleRecaptchaConfig() {
|
163 |
-
$aConfig = [
|
164 |
-
'key' => $this->getOpt( 'google_recaptcha_site_key' ),
|
165 |
-
'secret' => $this->getOpt( 'google_recaptcha_secret_key' ),
|
166 |
-
'style' => $this->getOpt( 'google_recaptcha_style' ),
|
167 |
-
];
|
168 |
-
if ( !$this->isPremium() && $aConfig[ 'style' ] != 'light' ) {
|
169 |
-
$aConfig[ 'style' ] = 'light'; // hard-coded light style for non-pro
|
170 |
-
}
|
171 |
-
return $aConfig;
|
172 |
-
}
|
173 |
-
|
174 |
/**
|
175 |
* @return bool
|
176 |
*/
|
@@ -209,12 +225,11 @@ class ICWP_WPSF_FeatureHandler_Plugin extends ICWP_WPSF_FeatureHandler_BaseWpsf
|
|
209 |
}
|
210 |
|
211 |
/**
|
212 |
-
* @param string $sEmail
|
213 |
* @return string
|
214 |
*/
|
215 |
-
public function
|
216 |
$sE = $this->getOpt( 'block_send_email_address' );
|
217 |
-
return Services::Data()->validEmail( $sE ) ? $sE :
|
218 |
}
|
219 |
|
220 |
/**
|
@@ -267,6 +282,7 @@ class ICWP_WPSF_FeatureHandler_Plugin extends ICWP_WPSF_FeatureHandler_BaseWpsf
|
|
267 |
if ( !empty( $aKeys[ 'private' ] ) ) {
|
268 |
$sKey = $aKeys[ 'private' ];
|
269 |
$this->setOpt( 'openssl_private_key', base64_encode( $sKey ) );
|
|
|
270 |
}
|
271 |
}
|
272 |
catch ( \Exception $oE ) {
|
@@ -428,13 +444,6 @@ class ICWP_WPSF_FeatureHandler_Plugin extends ICWP_WPSF_FeatureHandler_BaseWpsf
|
|
428 |
return is_array( $aWhitelist ) ? $aWhitelist : [];
|
429 |
}
|
430 |
|
431 |
-
/**
|
432 |
-
* @return string
|
433 |
-
*/
|
434 |
-
public function getImportExportLastImportHash() {
|
435 |
-
return $this->getOpt( 'importexport_last_import_hash', '' );
|
436 |
-
}
|
437 |
-
|
438 |
/**
|
439 |
* @return string
|
440 |
*/
|
@@ -534,22 +543,6 @@ class ICWP_WPSF_FeatureHandler_Plugin extends ICWP_WPSF_FeatureHandler_BaseWpsf
|
|
534 |
return $this->setOpt( 'importexport_masterurl', $sUrl );
|
535 |
}
|
536 |
|
537 |
-
/**
|
538 |
-
* @return $this
|
539 |
-
*/
|
540 |
-
public function startImportExportHandshake() {
|
541 |
-
$this->getOptions()->setOpt( 'importexport_handshake_expires_at', Services::Request()->ts() + 30 );
|
542 |
-
return $this->saveModOptions();
|
543 |
-
}
|
544 |
-
|
545 |
-
/**
|
546 |
-
* @param string $sHash
|
547 |
-
* @return $this
|
548 |
-
*/
|
549 |
-
public function setImportExportLastImportHash( $sHash ) {
|
550 |
-
return $this->setOpt( 'importexport_last_import_hash', $sHash );
|
551 |
-
}
|
552 |
-
|
553 |
/**
|
554 |
* @param string $sUrl
|
555 |
* @return $this
|
@@ -609,6 +602,16 @@ class ICWP_WPSF_FeatureHandler_Plugin extends ICWP_WPSF_FeatureHandler_BaseWpsf
|
|
609 |
'icwp_wpsf_vars_tourmanager',
|
610 |
[ 'ajax' => $this->getAjaxActionData( 'mark_tour_finished' ) ]
|
611 |
);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
612 |
}
|
613 |
|
614 |
/**
|
@@ -640,27 +643,26 @@ class ICWP_WPSF_FeatureHandler_Plugin extends ICWP_WPSF_FeatureHandler_BaseWpsf
|
|
640 |
'href' => $this->getUrl_DirectLinkToOption( 'visitor_address_source' ),
|
641 |
];
|
642 |
|
643 |
-
$bHasSupportEmail = Services::Data()->validEmail( $this->
|
644 |
$aThis[ 'key_opts' ][ 'reports' ] = [
|
645 |
'name' => __( 'Reporting Email', 'wp-simple-firewall' ),
|
646 |
'enabled' => $bHasSupportEmail,
|
647 |
'summary' => $bHasSupportEmail ?
|
648 |
-
sprintf( __( 'Email address for reports set to: %s', 'wp-simple-firewall' ), $this->
|
649 |
-
: sprintf( __( 'No address provided - defaulting to: %s', 'wp-simple-firewall' ),
|
650 |
-
->getSiteAdminEmail() ),
|
651 |
'weight' => 0,
|
652 |
'href' => $this->getUrl_DirectLinkToOption( 'block_send_email_address' ),
|
653 |
];
|
654 |
|
655 |
-
$bRecap = $this->
|
656 |
$aThis[ 'key_opts' ][ 'recap' ] = [
|
657 |
-
'name' => __( '
|
658 |
'enabled' => $bRecap,
|
659 |
'summary' => $bRecap ?
|
660 |
-
__( '
|
661 |
-
: __( "
|
662 |
'weight' => 1,
|
663 |
-
'href' => $this->
|
664 |
];
|
665 |
}
|
666 |
|
@@ -682,6 +684,40 @@ class ICWP_WPSF_FeatureHandler_Plugin extends ICWP_WPSF_FeatureHandler_BaseWpsf
|
|
682 |
return $this->getDbH( 'notes' );
|
683 |
}
|
684 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
685 |
/**
|
686 |
* @return string
|
687 |
*/
|
@@ -695,4 +731,28 @@ class ICWP_WPSF_FeatureHandler_Plugin extends ICWP_WPSF_FeatureHandler_BaseWpsf
|
|
695 |
public function getSurveyEmail() {
|
696 |
return base64_decode( $this->getDef( 'survey_email' ) );
|
697 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
698 |
}
|
7 |
|
8 |
class ICWP_WPSF_FeatureHandler_Plugin extends ICWP_WPSF_FeatureHandler_BaseWpsf {
|
9 |
|
10 |
+
/**
|
11 |
+
* @var Plugin\Lib\ImportExport\ImportExportController
|
12 |
+
*/
|
13 |
+
private $oImportExportController;
|
14 |
+
|
15 |
+
/**
|
16 |
+
* @var Plugin\Components\PluginBadge
|
17 |
+
*/
|
18 |
+
private $oPluginBadgeController;
|
19 |
+
|
20 |
+
/**
|
21 |
+
* @var Shield\Utilities\ReCaptcha\Enqueue
|
22 |
+
*/
|
23 |
+
private $oCaptchaEnqueue;
|
24 |
+
|
25 |
+
/**
|
26 |
+
* @var Shield\ShieldNetApi\ShieldNetApiController
|
27 |
+
*/
|
28 |
+
private $oShieldNetApiController;
|
29 |
+
|
30 |
+
/**
|
31 |
+
* @return Plugin\Lib\ImportExport\ImportExportController
|
32 |
+
*/
|
33 |
+
public function getImpExpController() {
|
34 |
+
if ( !isset( $this->oImportExportController ) ) {
|
35 |
+
$this->oImportExportController = ( new Plugin\Lib\ImportExport\ImportExportController() )
|
36 |
+
->setMod( $this );
|
37 |
+
}
|
38 |
+
return $this->oImportExportController;
|
39 |
+
}
|
40 |
+
|
41 |
+
/**
|
42 |
+
* @return Plugin\Components\PluginBadge
|
43 |
+
*/
|
44 |
+
public function getPluginBadgeCon() {
|
45 |
+
if ( !isset( $this->oPluginBadgeController ) ) {
|
46 |
+
$this->oPluginBadgeController = ( new Plugin\Components\PluginBadge() )
|
47 |
+
->setMod( $this );
|
48 |
+
}
|
49 |
+
return $this->oPluginBadgeController;
|
50 |
+
}
|
51 |
+
|
52 |
+
/**
|
53 |
+
* @return Shield\ShieldNetApi\ShieldNetApiController
|
54 |
+
*/
|
55 |
+
public function getShieldNetApiController() {
|
56 |
+
if ( !isset( $this->oShieldNetApiController ) ) {
|
57 |
+
$this->oShieldNetApiController = ( new Shield\ShieldNetApi\ShieldNetApiController() )
|
58 |
+
->setMod( $this );
|
59 |
+
}
|
60 |
+
return $this->oShieldNetApiController;
|
61 |
+
}
|
62 |
+
|
63 |
protected function doPostConstruction() {
|
64 |
$this->setVisitorIpSource();
|
65 |
}
|
66 |
|
67 |
+
protected function preProcessOptions() {
|
68 |
+
( new Plugin\Lib\Captcha\CheckCaptchaSettings() )
|
69 |
+
->setMod( $this )
|
70 |
+
->checkAll();
|
71 |
+
}
|
72 |
+
|
73 |
+
/**
|
74 |
+
* @param string $sSection
|
75 |
+
* @return array
|
76 |
+
*/
|
77 |
+
protected function getSectionWarnings( $sSection ) {
|
78 |
+
$aWarnings = [];
|
79 |
+
|
80 |
+
switch ( $sSection ) {
|
81 |
+
case 'section_third_party_captcha':
|
82 |
+
/** @var Plugin\Options $oOpts */
|
83 |
+
$oOpts = $this->getOptions();
|
84 |
+
if ( $this->getCaptchaCfg()->ready ) {
|
85 |
+
if ( $oOpts->getOpt( 'captcha_checked_at' ) < 0 ) {
|
86 |
+
( new Plugin\Lib\Captcha\CheckCaptchaSettings() )
|
87 |
+
->setMod( $this )
|
88 |
+
->checkAll();
|
89 |
+
}
|
90 |
+
if ( $oOpts->getOpt( 'captcha_checked_at' ) == 0 ) {
|
91 |
+
$aWarnings[] = sprintf(
|
92 |
+
__( "Your captcha key and secret haven't been verified.", 'wp-simple-firewall' ).' '
|
93 |
+
.__( "Please double-check and make sure you haven't mixed them about, and then re-save.", 'wp-simple-firewall' )
|
94 |
+
);
|
95 |
+
}
|
96 |
+
}
|
97 |
+
break;
|
98 |
+
}
|
99 |
+
|
100 |
+
return $aWarnings;
|
101 |
}
|
102 |
|
103 |
protected function updateHandler() {
|
138 |
$this->getImportExportSecretKey();
|
139 |
}
|
140 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
141 |
/**
|
142 |
* Forcefully sets preferred Visitor IP source in the Data component for use throughout the plugin
|
143 |
*/
|
151 |
}
|
152 |
}
|
153 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
154 |
/**
|
155 |
* @inheritDoc
|
156 |
*/
|
159 |
|
160 |
case 'export_file_download':
|
161 |
header( 'Set-Cookie: fileDownload=true; path=/' );
|
162 |
+
( new Plugin\Lib\ImportExport\Export() )
|
163 |
+
->setMod( $this )
|
164 |
+
->toFile();
|
|
|
165 |
break;
|
166 |
|
167 |
case 'import_file_upload':
|
|
|
|
|
168 |
try {
|
169 |
+
( new Plugin\Lib\ImportExport\Import() )
|
170 |
+
->setMod( $this )
|
171 |
+
->fromFile();
|
172 |
$bSuccess = true;
|
173 |
$sMessage = __( 'Options imported successfully', 'wp-simple-firewall' );
|
174 |
}
|
177 |
$sMessage = $oE->getMessage();
|
178 |
}
|
179 |
$this->setFlashAdminNotice( $sMessage, !$bSuccess );
|
180 |
+
Services::Response()->redirect(
|
181 |
+
$this->getCon()->getModule_Insights()->getUrl_SubInsightsPage( 'importexport' )
|
182 |
+
);
|
183 |
break;
|
184 |
|
185 |
default:
|
187 |
}
|
188 |
}
|
189 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
190 |
/**
|
191 |
* @return bool
|
192 |
*/
|
225 |
}
|
226 |
|
227 |
/**
|
|
|
228 |
* @return string
|
229 |
*/
|
230 |
+
public function getPluginReportEmail() {
|
231 |
$sE = $this->getOpt( 'block_send_email_address' );
|
232 |
+
return Services::Data()->validEmail( $sE ) ? $sE : Services::WpGeneral()->getSiteAdminEmail();
|
233 |
}
|
234 |
|
235 |
/**
|
282 |
if ( !empty( $aKeys[ 'private' ] ) ) {
|
283 |
$sKey = $aKeys[ 'private' ];
|
284 |
$this->setOpt( 'openssl_private_key', base64_encode( $sKey ) );
|
285 |
+
$this->saveModOptions();
|
286 |
}
|
287 |
}
|
288 |
catch ( \Exception $oE ) {
|
444 |
return is_array( $aWhitelist ) ? $aWhitelist : [];
|
445 |
}
|
446 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
447 |
/**
|
448 |
* @return string
|
449 |
*/
|
543 |
return $this->setOpt( 'importexport_masterurl', $sUrl );
|
544 |
}
|
545 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
546 |
/**
|
547 |
* @param string $sUrl
|
548 |
* @return $this
|
602 |
'icwp_wpsf_vars_tourmanager',
|
603 |
[ 'ajax' => $this->getAjaxActionData( 'mark_tour_finished' ) ]
|
604 |
);
|
605 |
+
wp_localize_script(
|
606 |
+
$this->prefix( 'plugin' ),
|
607 |
+
'icwp_wpsf_vars_plugin',
|
608 |
+
[
|
609 |
+
'strings' => [
|
610 |
+
'downloading_file' => __( 'Downloading file, please wait...', 'wp-simple-firewall' ),
|
611 |
+
'problem_downloading_file' => __( 'There was a problem downloading the file.', 'wp-simple-firewall' ),
|
612 |
+
],
|
613 |
+
]
|
614 |
+
);
|
615 |
}
|
616 |
|
617 |
/**
|
643 |
'href' => $this->getUrl_DirectLinkToOption( 'visitor_address_source' ),
|
644 |
];
|
645 |
|
646 |
+
$bHasSupportEmail = Services::Data()->validEmail( $this->getOpt( 'block_send_email_address' ) );
|
647 |
$aThis[ 'key_opts' ][ 'reports' ] = [
|
648 |
'name' => __( 'Reporting Email', 'wp-simple-firewall' ),
|
649 |
'enabled' => $bHasSupportEmail,
|
650 |
'summary' => $bHasSupportEmail ?
|
651 |
+
sprintf( __( 'Email address for reports set to: %s', 'wp-simple-firewall' ), $this->getPluginReportEmail() )
|
652 |
+
: sprintf( __( 'No address provided - defaulting to: %s', 'wp-simple-firewall' ), $this->getPluginReportEmail() ),
|
|
|
653 |
'weight' => 0,
|
654 |
'href' => $this->getUrl_DirectLinkToOption( 'block_send_email_address' ),
|
655 |
];
|
656 |
|
657 |
+
$bRecap = $this->getCaptchaCfg()->ready;
|
658 |
$aThis[ 'key_opts' ][ 'recap' ] = [
|
659 |
+
'name' => __( 'CAPTCHA', 'wp-simple-firewall' ),
|
660 |
'enabled' => $bRecap,
|
661 |
'summary' => $bRecap ?
|
662 |
+
__( 'CAPTCHA keys have been provided', 'wp-simple-firewall' )
|
663 |
+
: __( "CAPTCHA keys haven't been provided", 'wp-simple-firewall' ),
|
664 |
'weight' => 1,
|
665 |
+
'href' => $this->getUrl_DirectLinkToSection( 'section_third_party_captcha' ),
|
666 |
];
|
667 |
}
|
668 |
|
684 |
return $this->getDbH( 'notes' );
|
685 |
}
|
686 |
|
687 |
+
/**
|
688 |
+
* @return Shield\Utilities\ReCaptcha\Enqueue
|
689 |
+
*/
|
690 |
+
public function getCaptchaEnqueue() {
|
691 |
+
if ( !isset( $this->oCaptchaEnqueue ) ) {
|
692 |
+
$this->oCaptchaEnqueue = ( new Shield\Utilities\ReCaptcha\Enqueue() )->setMod( $this );
|
693 |
+
}
|
694 |
+
return $this->oCaptchaEnqueue;
|
695 |
+
}
|
696 |
+
|
697 |
+
/**
|
698 |
+
* @param array $aOptParams
|
699 |
+
* @return array
|
700 |
+
*/
|
701 |
+
protected function buildOptionForUi( $aOptParams ) {
|
702 |
+
$aOptParams = parent::buildOptionForUi( $aOptParams );
|
703 |
+
if ( $aOptParams[ 'key' ] === 'visitor_address_source' ) {
|
704 |
+
$aNewOptions = [];
|
705 |
+
$oIPDet = Services::IP()->getIpDetector();
|
706 |
+
foreach ( $aOptParams[ 'value_options' ] as $sValKey => $sSource ) {
|
707 |
+
if ( $sValKey == 'AUTO_DETECT_IP' ) {
|
708 |
+
$aNewOptions[ $sValKey ] = $sSource;
|
709 |
+
}
|
710 |
+
else {
|
711 |
+
$sIPs = implode( ', ', $oIPDet->getIpsFromSource( $sSource ) );
|
712 |
+
$aNewOptions[ $sValKey ] = sprintf( '%s (%s)',
|
713 |
+
$sSource, empty( $sIPs ) ? '-' : $sIPs );
|
714 |
+
}
|
715 |
+
}
|
716 |
+
$aOptParams[ 'value_options' ] = $aNewOptions;
|
717 |
+
}
|
718 |
+
return $aOptParams;
|
719 |
+
}
|
720 |
+
|
721 |
/**
|
722 |
* @return string
|
723 |
*/
|
731 |
public function getSurveyEmail() {
|
732 |
return base64_decode( $this->getDef( 'survey_email' ) );
|
733 |
}
|
734 |
+
|
735 |
+
/**
|
736 |
+
* @return bool
|
737 |
+
* @deprecated 9.0
|
738 |
+
*/
|
739 |
+
public function isDisplayPluginBadge() {
|
740 |
+
return false;
|
741 |
+
}
|
742 |
+
|
743 |
+
/**
|
744 |
+
* @return string
|
745 |
+
* @deprecated 9.0
|
746 |
+
*/
|
747 |
+
public function getCookieIdBadgeState() {
|
748 |
+
return $this->prefix( 'badgeState' );
|
749 |
+
}
|
750 |
+
|
751 |
+
/**
|
752 |
+
* @return string
|
753 |
+
* @deprecated 9.0
|
754 |
+
*/
|
755 |
+
public function supplyPluginReportEmail() {
|
756 |
+
return $this->getPluginReportEmail();
|
757 |
+
}
|
758 |
}
|
src/features/reporting.php
ADDED
@@ -0,0 +1,43 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
use FernleafSystems\Wordpress\Plugin\Shield;
|
4 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting;
|
5 |
+
|
6 |
+
class ICWP_WPSF_FeatureHandler_Reporting extends ICWP_WPSF_FeatureHandler_BaseWpsf {
|
7 |
+
|
8 |
+
/**
|
9 |
+
* @var Reporting\Lib\ReportingController
|
10 |
+
*/
|
11 |
+
private $oReportsController;
|
12 |
+
|
13 |
+
/**
|
14 |
+
* @return Shield\Databases\Reports\Handler
|
15 |
+
*/
|
16 |
+
public function getDbHandler_Reports() {
|
17 |
+
return $this->getDbH( 'reports' );
|
18 |
+
}
|
19 |
+
|
20 |
+
/**
|
21 |
+
* @return string
|
22 |
+
*/
|
23 |
+
protected function getNamespaceBase() {
|
24 |
+
return 'Reporting';
|
25 |
+
}
|
26 |
+
|
27 |
+
/**
|
28 |
+
* @return Reporting\Lib\ReportingController
|
29 |
+
*/
|
30 |
+
public function getReportingController() {
|
31 |
+
if ( !isset( $this->oReportsController ) ) {
|
32 |
+
$this->oReportsController = ( new Reporting\Lib\ReportingController() )->setMod( $this );
|
33 |
+
}
|
34 |
+
return $this->oReportsController;
|
35 |
+
}
|
36 |
+
|
37 |
+
/**
|
38 |
+
* @return Reporting\Lib\ReportingController
|
39 |
+
*/
|
40 |
+
public function getProcessor() {
|
41 |
+
return $this->getReportingController();
|
42 |
+
}
|
43 |
+
}
|
src/features/traffic.php
CHANGED
@@ -13,32 +13,13 @@ class ICWP_WPSF_FeatureHandler_Traffic extends ICWP_WPSF_FeatureHandler_BaseWpsf
|
|
13 |
return $this->getDbH( 'traffic' );
|
14 |
}
|
15 |
|
16 |
-
protected function updateHandler() {
|
17 |
-
/** @var Traffic\Options $oOpts */
|
18 |
-
$oOpts = $this->getOptions();
|
19 |
-
if ( $this->isModOptEnabled() ) {
|
20 |
-
$oOpts->setOpt( 'enable_logger', 'Y' );
|
21 |
-
}
|
22 |
-
}
|
23 |
-
|
24 |
-
public function onPluginShutdown() {
|
25 |
-
if ( $this->isAutoDisable() && Services::Request()->ts() - $this->getAutoDisableAt() > 0 ) {
|
26 |
-
$this->setOpt( 'auto_disable', 'N' )
|
27 |
-
->setOpt( 'autodisable_at', 0 )
|
28 |
-
->setIsMainFeatureEnabled( false );
|
29 |
-
}
|
30 |
-
parent::onPluginShutdown();
|
31 |
-
}
|
32 |
-
|
33 |
/**
|
34 |
* We clean the database after saving.
|
35 |
*/
|
36 |
-
protected function
|
37 |
/** @var Traffic\Options $oOpts */
|
38 |
$oOpts = $this->getOptions();
|
39 |
|
40 |
-
$oOpts->setOpt( 'autodisable_at', $this->isAutoDisable() ? Services::Request()->ts() + WEEK_IN_SECONDS : 0 );
|
41 |
-
|
42 |
$aExcls = $oOpts->getCustomExclusions();
|
43 |
foreach ( $aExcls as &$sExcl ) {
|
44 |
$sExcl = trim( esc_js( $sExcl ) );
|
@@ -90,96 +71,33 @@ class ICWP_WPSF_FeatureHandler_Traffic extends ICWP_WPSF_FeatureHandler_BaseWpsf
|
|
90 |
}
|
91 |
|
92 |
/**
|
93 |
-
* @return
|
94 |
-
*/
|
95 |
-
protected function getExclusions() {
|
96 |
-
$aEx = $this->getOpt( 'type_exclusions' );
|
97 |
-
return is_array( $aEx ) ? $aEx : [];
|
98 |
-
}
|
99 |
-
|
100 |
-
/**
|
101 |
-
* @return array
|
102 |
-
* @deprecated 8.5.2
|
103 |
*/
|
104 |
-
|
105 |
-
|
106 |
-
return is_array( $aEx ) ? $aEx : [];
|
107 |
}
|
108 |
|
109 |
/**
|
110 |
* @return int
|
|
|
111 |
*/
|
112 |
public function getAutoDisableAt() {
|
113 |
-
return
|
114 |
}
|
115 |
|
116 |
/**
|
117 |
* @return string
|
|
|
118 |
*/
|
119 |
public function getAutoDisableTimestamp() {
|
120 |
-
return
|
121 |
}
|
122 |
|
123 |
/**
|
124 |
* @return bool
|
|
|
125 |
*/
|
126 |
public function isAutoDisable() {
|
127 |
-
return
|
128 |
-
}
|
129 |
-
|
130 |
-
/**
|
131 |
-
* @return bool
|
132 |
-
*/
|
133 |
-
public function isIncluded_Ajax() {
|
134 |
-
return !in_array( 'ajax', $this->getExclusions() );
|
135 |
-
}
|
136 |
-
|
137 |
-
/**
|
138 |
-
* @return bool
|
139 |
-
*/
|
140 |
-
public function isIncluded_Cron() {
|
141 |
-
return !in_array( 'cron', $this->getExclusions() );
|
142 |
-
}
|
143 |
-
|
144 |
-
/**
|
145 |
-
* @return bool
|
146 |
-
*/
|
147 |
-
public function isIncluded_LoggedInUser() {
|
148 |
-
return !in_array( 'logged_in', $this->getExclusions() );
|
149 |
-
}
|
150 |
-
|
151 |
-
/**
|
152 |
-
* @return bool
|
153 |
-
*/
|
154 |
-
public function isIncluded_Search() {
|
155 |
-
return !in_array( 'search', $this->getExclusions() );
|
156 |
-
}
|
157 |
-
|
158 |
-
/**
|
159 |
-
* @return bool
|
160 |
-
*/
|
161 |
-
public function isIncluded_Simple() {
|
162 |
-
return !in_array( 'simple', $this->getExclusions() );
|
163 |
-
}
|
164 |
-
|
165 |
-
/**
|
166 |
-
* @return bool
|
167 |
-
*/
|
168 |
-
public function isIncluded_Uptime() {
|
169 |
-
return !in_array( 'uptime', $this->getExclusions() );
|
170 |
-
}
|
171 |
-
|
172 |
-
/**
|
173 |
-
* @return bool
|
174 |
-
*/
|
175 |
-
public function isLogUsers() {
|
176 |
-
return $this->isIncluded_LoggedInUser();
|
177 |
-
}
|
178 |
-
|
179 |
-
/**
|
180 |
-
* @return string
|
181 |
-
*/
|
182 |
-
protected function getNamespaceBase() {
|
183 |
-
return 'Traffic';
|
184 |
}
|
185 |
}
|
13 |
return $this->getDbH( 'traffic' );
|
14 |
}
|
15 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
16 |
/**
|
17 |
* We clean the database after saving.
|
18 |
*/
|
19 |
+
protected function preProcessOptions() {
|
20 |
/** @var Traffic\Options $oOpts */
|
21 |
$oOpts = $this->getOptions();
|
22 |
|
|
|
|
|
23 |
$aExcls = $oOpts->getCustomExclusions();
|
24 |
foreach ( $aExcls as &$sExcl ) {
|
25 |
$sExcl = trim( esc_js( $sExcl ) );
|
71 |
}
|
72 |
|
73 |
/**
|
74 |
+
* @return string
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
75 |
*/
|
76 |
+
protected function getNamespaceBase() {
|
77 |
+
return 'Traffic';
|
|
|
78 |
}
|
79 |
|
80 |
/**
|
81 |
* @return int
|
82 |
+
* @deprecated 9.0
|
83 |
*/
|
84 |
public function getAutoDisableAt() {
|
85 |
+
return 0;
|
86 |
}
|
87 |
|
88 |
/**
|
89 |
* @return string
|
90 |
+
* @deprecated 9.0
|
91 |
*/
|
92 |
public function getAutoDisableTimestamp() {
|
93 |
+
return '';
|
94 |
}
|
95 |
|
96 |
/**
|
97 |
* @return bool
|
98 |
+
* @deprecated 9.0
|
99 |
*/
|
100 |
public function isAutoDisable() {
|
101 |
+
return false;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
102 |
}
|
103 |
}
|
src/features/user_management.php
CHANGED
@@ -34,7 +34,7 @@ class ICWP_WPSF_FeatureHandler_UserManagement extends \ICWP_WPSF_FeatureHandler_
|
|
34 |
return $aEmails;
|
35 |
}
|
36 |
|
37 |
-
protected function
|
38 |
/** @var UserManagement\Options $oOpts */
|
39 |
$oOpts = $this->getOptions();
|
40 |
|
@@ -111,15 +111,13 @@ class ICWP_WPSF_FeatureHandler_UserManagement extends \ICWP_WPSF_FeatureHandler_
|
|
111 |
* @return $this
|
112 |
*/
|
113 |
public function addRemoveHardSuspendUserId( $nUserId, $bAdd = true ) {
|
114 |
-
$
|
|
|
115 |
|
116 |
-
$aIds = $
|
117 |
-
if ( !is_array( $aIds ) ) {
|
118 |
-
$aIds = [];
|
119 |
-
}
|
120 |
|
121 |
-
$bIdSuspended = isset( $aIds[ $nUserId ] );
|
122 |
$oMeta = $this->getCon()->getUserMeta( Services::WpUsers()->getUserById( $nUserId ) );
|
|
|
123 |
|
124 |
if ( $bAdd && !$bIdSuspended ) {
|
125 |
$oMeta->hard_suspended_at = Services::Request()->ts();
|
@@ -129,7 +127,7 @@ class ICWP_WPSF_FeatureHandler_UserManagement extends \ICWP_WPSF_FeatureHandler_
|
|
129 |
[
|
130 |
'audit' => [
|
131 |
'user_id' => $nUserId,
|
132 |
-
'admin' =>
|
133 |
]
|
134 |
]
|
135 |
);
|
@@ -142,7 +140,7 @@ class ICWP_WPSF_FeatureHandler_UserManagement extends \ICWP_WPSF_FeatureHandler_
|
|
142 |
[
|
143 |
'audit' => [
|
144 |
'user_id' => $nUserId,
|
145 |
-
'admin' =>
|
146 |
]
|
147 |
]
|
148 |
);
|
@@ -151,14 +149,6 @@ class ICWP_WPSF_FeatureHandler_UserManagement extends \ICWP_WPSF_FeatureHandler_
|
|
151 |
return $this->setOpt( 'hard_suspended_userids', $aIds );
|
152 |
}
|
153 |
|
154 |
-
/**
|
155 |
-
* @return array
|
156 |
-
*/
|
157 |
-
public function getSuspendHardUserIds() {
|
158 |
-
$aIds = $this->getOpt( 'hard_suspended_userids', [] );
|
159 |
-
return is_array( $aIds ) ? array_filter( $aIds, 'is_int' ) : [];
|
160 |
-
}
|
161 |
-
|
162 |
/**
|
163 |
* @param array $aAllNotices
|
164 |
* @return array
|
@@ -280,4 +270,13 @@ class ICWP_WPSF_FeatureHandler_UserManagement extends \ICWP_WPSF_FeatureHandler_
|
|
280 |
protected function getNamespaceBase() {
|
281 |
return 'UserManagement';
|
282 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
283 |
}
|
34 |
return $aEmails;
|
35 |
}
|
36 |
|
37 |
+
protected function preProcessOptions() {
|
38 |
/** @var UserManagement\Options $oOpts */
|
39 |
$oOpts = $this->getOptions();
|
40 |
|
111 |
* @return $this
|
112 |
*/
|
113 |
public function addRemoveHardSuspendUserId( $nUserId, $bAdd = true ) {
|
114 |
+
/** @var UserManagement\Options $oOpts */
|
115 |
+
$oOpts = $this->getOptions();
|
116 |
|
117 |
+
$aIds = $oOpts->getSuspendHardUserIds();
|
|
|
|
|
|
|
118 |
|
|
|
119 |
$oMeta = $this->getCon()->getUserMeta( Services::WpUsers()->getUserById( $nUserId ) );
|
120 |
+
$bIdSuspended = isset( $aIds[ $nUserId ] ) || $oMeta->hard_suspended_at > 0;
|
121 |
|
122 |
if ( $bAdd && !$bIdSuspended ) {
|
123 |
$oMeta->hard_suspended_at = Services::Request()->ts();
|
127 |
[
|
128 |
'audit' => [
|
129 |
'user_id' => $nUserId,
|
130 |
+
'admin' => Services::WpUsers()->getCurrentWpUsername(),
|
131 |
]
|
132 |
]
|
133 |
);
|
140 |
[
|
141 |
'audit' => [
|
142 |
'user_id' => $nUserId,
|
143 |
+
'admin' => Services::WpUsers()->getCurrentWpUsername(),
|
144 |
]
|
145 |
]
|
146 |
);
|
149 |
return $this->setOpt( 'hard_suspended_userids', $aIds );
|
150 |
}
|
151 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
152 |
/**
|
153 |
* @param array $aAllNotices
|
154 |
* @return array
|
270 |
protected function getNamespaceBase() {
|
271 |
return 'UserManagement';
|
272 |
}
|
273 |
+
|
274 |
+
/**
|
275 |
+
* @return array
|
276 |
+
* @deprecated 9.0
|
277 |
+
*/
|
278 |
+
public function getSuspendHardUserIds() {
|
279 |
+
$aIds = $this->getOpt( 'hard_suspended_userids', [] );
|
280 |
+
return is_array( $aIds ) ? array_filter( $aIds, 'is_int' ) : [];
|
281 |
+
}
|
282 |
}
|
src/lib/src/Controller/Controller.php
CHANGED
@@ -9,19 +9,20 @@ use FernleafSystems\Wordpress\Services\Services;
|
|
9 |
/**
|
10 |
* Class Controller
|
11 |
* @package FernleafSystems\Wordpress\Plugin\Shield\Controller
|
12 |
-
* @property bool
|
13 |
-
* @property bool
|
14 |
-
* @property bool
|
15 |
-
* @property bool
|
16 |
-
* @property bool
|
17 |
-
* @property
|
18 |
-
* @property string
|
19 |
-
* @property string
|
20 |
-
* @property
|
21 |
-
* @property
|
22 |
-
* @property \
|
|
|
23 |
*/
|
24 |
-
class Controller
|
25 |
|
26 |
use StdClassAdapter;
|
27 |
|
@@ -50,16 +51,6 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
50 |
*/
|
51 |
protected $sForceOffFile;
|
52 |
|
53 |
-
/**
|
54 |
-
* @var bool
|
55 |
-
*/
|
56 |
-
protected $bResetPlugin;
|
57 |
-
|
58 |
-
/**
|
59 |
-
* @var bool
|
60 |
-
*/
|
61 |
-
protected $bPluginDeleting = false;
|
62 |
-
|
63 |
/**
|
64 |
* @var string
|
65 |
*/
|
@@ -159,6 +150,8 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
159 |
$this->sRootFile = $sRootFile;
|
160 |
$this->root_file = $sRootFile;
|
161 |
$this->base_file = $this->getRootFile();
|
|
|
|
|
162 |
$this->loadServices();
|
163 |
$this->checkMinimumRequirements();
|
164 |
$this->doRegisterHooks();
|
@@ -283,15 +276,13 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
283 |
return $this->aRequirementsMessages;
|
284 |
}
|
285 |
|
286 |
-
/**
|
287 |
-
*/
|
288 |
public function onWpDeactivatePlugin() {
|
289 |
do_action( $this->prefix( 'pre_deactivate_plugin' ) );
|
290 |
if ( $this->isPluginAdmin() ) {
|
291 |
do_action( $this->prefix( 'deactivate_plugin' ) );
|
|
|
292 |
if ( apply_filters( $this->prefix( 'delete_on_deactivate' ), false ) ) {
|
293 |
-
$this->
|
294 |
-
$this->plugin_deleting = $this->bPluginDeleting;
|
295 |
do_action( $this->prefix( 'delete_plugin' ) );
|
296 |
$this->deletePluginControllerOptions();
|
297 |
}
|
@@ -370,7 +361,7 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
370 |
add_filter( 'auto_update_plugin', [ $this, 'onWpAutoUpdate' ], 500, 2 );
|
371 |
add_filter( 'set_site_transient_update_plugins', [ $this, 'setUpdateFirstDetectedAt' ] );
|
372 |
|
373 |
-
add_action( 'shutdown', [ $this, 'onWpShutdown' ],
|
374 |
add_action( 'wp_logout', [ $this, 'onWpLogout' ] );
|
375 |
|
376 |
// GDPR
|
@@ -410,6 +401,7 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
410 |
/**
|
411 |
*/
|
412 |
public function onWpAdminInit() {
|
|
|
413 |
add_action( 'wp_dashboard_setup', [ $this, 'onWpDashboardSetup' ] );
|
414 |
add_action( 'admin_enqueue_scripts', [ $this, 'onWpEnqueueAdminCss' ], 100 );
|
415 |
add_action( 'admin_enqueue_scripts', [ $this, 'onWpEnqueueAdminJs' ], 5 );
|
@@ -496,7 +488,34 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
496 |
}
|
497 |
|
498 |
/**
|
|
|
499 |
*/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
500 |
public function onWpDashboardSetup() {
|
501 |
$bShow = apply_filters( $this->prefix( 'show_dashboard_widget' ),
|
502 |
$this->isValidAdminArea() && (bool)$this->getPluginSpec_Property( 'show_dashboard_widget' )
|
@@ -531,6 +550,7 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
531 |
'action' => $this->prefix(), //wp ajax doesn't work without this.
|
532 |
'exec' => $sAction,
|
533 |
'exec_nonce' => wp_create_nonce( $sAction ),
|
|
|
534 |
];
|
535 |
}
|
536 |
|
@@ -819,21 +839,28 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
819 |
}
|
820 |
|
821 |
/**
|
822 |
-
*
|
823 |
* @param \stdClass $oUpdates
|
824 |
* @return \stdClass
|
825 |
*/
|
826 |
public function blockIncompatibleUpdates( $oUpdates ) {
|
827 |
-
/*
|
828 |
-
* No longer used: prevent upgrades to v7.0 for php < 5.4
|
829 |
$sFile = $this->getPluginBaseFile();
|
830 |
if ( !empty( $oUpdates->response ) && isset( $oUpdates->response[ $sFile ] ) ) {
|
831 |
-
|
832 |
-
|
833 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
834 |
}
|
835 |
}
|
836 |
-
*/
|
837 |
return $oUpdates;
|
838 |
}
|
839 |
|
@@ -858,13 +885,6 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
858 |
if ( !isset( $oConOptions->update_first_detected[ $sNewVersion ] ) ) {
|
859 |
$oConOptions->update_first_detected[ $sNewVersion ] = Services::Request()->ts();
|
860 |
}
|
861 |
-
|
862 |
-
// a bit of cleanup to remove the old-style entries which would gather foreva-eva
|
863 |
-
foreach ( $oConOptions as $sKey => $aData ) {
|
864 |
-
if ( strpos( $sKey, 'update_first_detected_' ) !== false ) {
|
865 |
-
unset( $oConOptions->{$sKey} );
|
866 |
-
}
|
867 |
-
}
|
868 |
}
|
869 |
}
|
870 |
|
@@ -989,8 +1009,6 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
989 |
}
|
990 |
}
|
991 |
|
992 |
-
/**
|
993 |
-
*/
|
994 |
protected function deleteFlags() {
|
995 |
$oFS = Services::WpFs();
|
996 |
if ( $oFS->exists( $this->getPath_Flags( 'rebuild' ) ) ) {
|
@@ -1195,13 +1213,6 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
1195 |
);
|
1196 |
}
|
1197 |
|
1198 |
-
/**
|
1199 |
-
* @return bool
|
1200 |
-
*/
|
1201 |
-
public function isPluginDeleting() {
|
1202 |
-
return (bool)$this->bPluginDeleting;
|
1203 |
-
}
|
1204 |
-
|
1205 |
/**
|
1206 |
* DO NOT CHANGE THIS IMPLEMENTATION. We call this as early as possible so that the
|
1207 |
* current_user_can() never gets caught up in an infinite loop of permissions checking
|
@@ -1303,12 +1314,10 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
1303 |
* @return bool
|
1304 |
*/
|
1305 |
public function getIsResetPlugin() {
|
1306 |
-
if ( !isset( $this->
|
1307 |
-
$
|
1308 |
-
$this->bResetPlugin = (bool)$bExists;
|
1309 |
-
$this->plugin_reset = $this->bResetPlugin;
|
1310 |
}
|
1311 |
-
return $this->
|
1312 |
}
|
1313 |
|
1314 |
/**
|
@@ -1393,7 +1402,7 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
1393 |
* @return string
|
1394 |
*/
|
1395 |
public function getPluginUrl_AdminMainPage() {
|
1396 |
-
return $this->
|
1397 |
}
|
1398 |
|
1399 |
/**
|
@@ -1607,15 +1616,11 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
1607 |
return self::$oControllerOptions;
|
1608 |
}
|
1609 |
|
1610 |
-
/**
|
1611 |
-
*/
|
1612 |
protected function deletePluginControllerOptions() {
|
1613 |
$this->setPluginControllerOptions( false );
|
1614 |
$this->saveCurrentPluginControllerOptions();
|
1615 |
}
|
1616 |
|
1617 |
-
/**
|
1618 |
-
*/
|
1619 |
protected function deleteCronJobs() {
|
1620 |
$oWpCron = Services::WpCron();
|
1621 |
$aCrons = $oWpCron->getCrons();
|
@@ -1797,34 +1802,29 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
1797 |
* @return \ICWP_WPSF_FeatureHandler_Plugin
|
1798 |
* @throws \Exception from loadFeatureHandler()
|
1799 |
*/
|
1800 |
-
public function
|
1801 |
-
$
|
1802 |
-
|
1803 |
-
|
1804 |
-
$oMod = $this->loadFeatureHandler(
|
1805 |
[
|
1806 |
-
'slug' =>
|
1807 |
-
'storage_key' =>
|
1808 |
'load_priority' => 10
|
1809 |
]
|
1810 |
);
|
1811 |
}
|
1812 |
-
return $
|
1813 |
}
|
1814 |
|
1815 |
/**
|
1816 |
-
* @param bool $bRecreate
|
1817 |
-
* @param bool $bFullBuild
|
1818 |
* @return bool
|
|
|
1819 |
*/
|
1820 |
-
public function loadAllFeatures(
|
1821 |
-
|
1822 |
-
$oCoreModule = $this->loadCorePluginFeatureHandler();
|
1823 |
-
|
1824 |
$bSuccess = true;
|
1825 |
-
foreach ( $
|
1826 |
try {
|
1827 |
-
$this->
|
1828 |
$bSuccess = true;
|
1829 |
}
|
1830 |
catch ( \Exception $oE ) {
|
@@ -1847,15 +1847,18 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
1847 |
* @return \ICWP_WPSF_FeatureHandler_Base|null|mixed
|
1848 |
*/
|
1849 |
public function getModule( $sSlug ) {
|
1850 |
-
|
1851 |
-
|
1852 |
-
|
1853 |
-
|
1854 |
-
|
1855 |
-
|
1856 |
-
|
|
|
|
|
|
|
1857 |
}
|
1858 |
-
return $
|
1859 |
}
|
1860 |
|
1861 |
/**
|
@@ -1921,6 +1924,13 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
1921 |
return $this->getModule( 'plugin' );
|
1922 |
}
|
1923 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1924 |
/**
|
1925 |
* @return \ICWP_WPSF_FeatureHandler_AdminAccessRestriction
|
1926 |
*/
|
@@ -1942,28 +1952,16 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
1942 |
return $this->getModule( 'traffic' );
|
1943 |
}
|
1944 |
|
1945 |
-
/**
|
1946 |
-
* @return \ICWP_WPSF_FeatureHandler_Base[]
|
1947 |
-
* @deprecated 8.7.0
|
1948 |
-
*/
|
1949 |
-
public function getModules() {
|
1950 |
-
return is_array( $this->modules ) ? $this->modules : [];
|
1951 |
-
}
|
1952 |
-
|
1953 |
/**
|
1954 |
* @param array $aModProps
|
1955 |
-
* @
|
1956 |
-
* @param bool $bFullBuild
|
1957 |
-
* @return mixed
|
1958 |
* @throws \Exception
|
1959 |
*/
|
1960 |
-
public function loadFeatureHandler( $aModProps
|
1961 |
-
|
1962 |
$sModSlug = $aModProps[ 'slug' ];
|
1963 |
-
|
1964 |
-
|
1965 |
-
|
1966 |
-
return $oHandler;
|
1967 |
}
|
1968 |
|
1969 |
if ( !empty( $aModProps[ 'min_php' ] )
|
@@ -1979,12 +1977,7 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
1979 |
|
1980 |
// All this to prevent fatal errors if the plugin doesn't install/upgrade correctly
|
1981 |
if ( class_exists( $sClassName ) ) {
|
1982 |
-
|
1983 |
-
$this->{$sOptionsVarName} = new $sClassName( $this, $aModProps );
|
1984 |
-
}
|
1985 |
-
if ( $bFullBuild ) {
|
1986 |
-
$this->{$sOptionsVarName}->buildOptions();
|
1987 |
-
}
|
1988 |
}
|
1989 |
else {
|
1990 |
$sMessage = sprintf( 'Class "%s" is missing', $sClassName );
|
@@ -1994,7 +1987,7 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
1994 |
$aMs = $this->modules;
|
1995 |
$aMs[ $sModSlug ] = $this->{$sOptionsVarName};
|
1996 |
$this->modules = $aMs;
|
1997 |
-
return $this->
|
1998 |
}
|
1999 |
|
2000 |
/**
|
@@ -2193,4 +2186,12 @@ class Controller extends Shield\Deprecated\Foundation {
|
|
2193 |
->run();
|
2194 |
}
|
2195 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2196 |
}
|
9 |
/**
|
10 |
* Class Controller
|
11 |
* @package FernleafSystems\Wordpress\Plugin\Shield\Controller
|
12 |
+
* @property bool $is_activating
|
13 |
+
* @property bool $modules_loaded
|
14 |
+
* @property bool $rebuild_options
|
15 |
+
* @property bool $plugin_deactivating
|
16 |
+
* @property bool $plugin_deleting
|
17 |
+
* @property bool $plugin_reset
|
18 |
+
* @property string $file_forceoff
|
19 |
+
* @property string $base_file
|
20 |
+
* @property string $root_file
|
21 |
+
* @property bool $user_can_base_permissions
|
22 |
+
* @property Shield\Modules\Events\Lib\EventsService $service_events
|
23 |
+
* @property mixed[]|\ICWP_WPSF_FeatureHandler_Base[] $modules
|
24 |
*/
|
25 |
+
class Controller {
|
26 |
|
27 |
use StdClassAdapter;
|
28 |
|
51 |
*/
|
52 |
protected $sForceOffFile;
|
53 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
54 |
/**
|
55 |
* @var string
|
56 |
*/
|
150 |
$this->sRootFile = $sRootFile;
|
151 |
$this->root_file = $sRootFile;
|
152 |
$this->base_file = $this->getRootFile();
|
153 |
+
$this->modules = [];
|
154 |
+
|
155 |
$this->loadServices();
|
156 |
$this->checkMinimumRequirements();
|
157 |
$this->doRegisterHooks();
|
276 |
return $this->aRequirementsMessages;
|
277 |
}
|
278 |
|
|
|
|
|
279 |
public function onWpDeactivatePlugin() {
|
280 |
do_action( $this->prefix( 'pre_deactivate_plugin' ) );
|
281 |
if ( $this->isPluginAdmin() ) {
|
282 |
do_action( $this->prefix( 'deactivate_plugin' ) );
|
283 |
+
$this->plugin_deactivating = true;
|
284 |
if ( apply_filters( $this->prefix( 'delete_on_deactivate' ), false ) ) {
|
285 |
+
$this->plugin_deleting = true;
|
|
|
286 |
do_action( $this->prefix( 'delete_plugin' ) );
|
287 |
$this->deletePluginControllerOptions();
|
288 |
}
|
361 |
add_filter( 'auto_update_plugin', [ $this, 'onWpAutoUpdate' ], 500, 2 );
|
362 |
add_filter( 'set_site_transient_update_plugins', [ $this, 'setUpdateFirstDetectedAt' ] );
|
363 |
|
364 |
+
add_action( 'shutdown', [ $this, 'onWpShutdown' ], -1 );
|
365 |
add_action( 'wp_logout', [ $this, 'onWpLogout' ] );
|
366 |
|
367 |
// GDPR
|
401 |
/**
|
402 |
*/
|
403 |
public function onWpAdminInit() {
|
404 |
+
add_action( 'admin_bar_menu', [ $this, 'onWpAdminBarMenu' ], 100 );
|
405 |
add_action( 'wp_dashboard_setup', [ $this, 'onWpDashboardSetup' ] );
|
406 |
add_action( 'admin_enqueue_scripts', [ $this, 'onWpEnqueueAdminCss' ], 100 );
|
407 |
add_action( 'admin_enqueue_scripts', [ $this, 'onWpEnqueueAdminJs' ], 5 );
|
488 |
}
|
489 |
|
490 |
/**
|
491 |
+
* @param \WP_Admin_Bar $oAdminBar
|
492 |
*/
|
493 |
+
public function onWpAdminBarMenu( $oAdminBar ) {
|
494 |
+
$bShow = apply_filters( $this->prefix( 'show_admin_bar_menu' ),
|
495 |
+
$this->isValidAdminArea() && (bool)$this->getPluginSpec_Property( 'show_admin_bar_menu' )
|
496 |
+
);
|
497 |
+
if ( $bShow ) {
|
498 |
+
$aMenuItems = apply_filters( $this->prefix( 'admin_bar_menu_items' ), [] );
|
499 |
+
if ( !empty( $aMenuItems ) && is_array( $aMenuItems ) ) {
|
500 |
+
$nCountWarnings = 0;
|
501 |
+
foreach ( $aMenuItems as $aMenuItem ) {
|
502 |
+
$nCountWarnings += isset( $aMenuItem[ 'warnings' ] ) ? $aMenuItem[ 'warnings' ] : 0;
|
503 |
+
}
|
504 |
+
|
505 |
+
$sNodeId = $this->prefix( 'adminbarmenu' );
|
506 |
+
$oAdminBar->add_node( [
|
507 |
+
'id' => $sNodeId,
|
508 |
+
'title' => $this->getHumanName()
|
509 |
+
.sprintf( '<div class="wp-core-ui wp-ui-notification shield-counter"><span aria-hidden="true">%s</span></div>', $nCountWarnings ),
|
510 |
+
] );
|
511 |
+
foreach ( $aMenuItems as $aMenuItem ) {
|
512 |
+
$aMenuItem[ 'parent' ] = $sNodeId;
|
513 |
+
$oAdminBar->add_menu( $aMenuItem );
|
514 |
+
}
|
515 |
+
}
|
516 |
+
}
|
517 |
+
}
|
518 |
+
|
519 |
public function onWpDashboardSetup() {
|
520 |
$bShow = apply_filters( $this->prefix( 'show_dashboard_widget' ),
|
521 |
$this->isValidAdminArea() && (bool)$this->getPluginSpec_Property( 'show_dashboard_widget' )
|
550 |
'action' => $this->prefix(), //wp ajax doesn't work without this.
|
551 |
'exec' => $sAction,
|
552 |
'exec_nonce' => wp_create_nonce( $sAction ),
|
553 |
+
// 'rand' => wp_rand( 10000, 99999 )
|
554 |
];
|
555 |
}
|
556 |
|
839 |
}
|
840 |
|
841 |
/**
|
842 |
+
* Prevents upgrades to Shield versions when the system PHP version is too old.
|
843 |
* @param \stdClass $oUpdates
|
844 |
* @return \stdClass
|
845 |
*/
|
846 |
public function blockIncompatibleUpdates( $oUpdates ) {
|
|
|
|
|
847 |
$sFile = $this->getPluginBaseFile();
|
848 |
if ( !empty( $oUpdates->response ) && isset( $oUpdates->response[ $sFile ] ) ) {
|
849 |
+
$aUpgradeReqs = $this->getPluginSpec()[ 'upgrade_reqs' ];
|
850 |
+
if ( is_array( $aUpgradeReqs ) ) {
|
851 |
+
foreach ( $aUpgradeReqs as $sShieldVer => $aReqs ) {
|
852 |
+
$bNeedsHidden = version_compare( $oUpdates->response[ $sFile ]->new_version, $sShieldVer, '>=' )
|
853 |
+
&& (
|
854 |
+
!Services::Data()->getPhpVersionIsAtLeast( $aReqs[ 'php' ] )
|
855 |
+
|| !Services::WpGeneral()->getWordpressIsAtLeastVersion( $aReqs[ 'wp' ] )
|
856 |
+
);
|
857 |
+
if ( $bNeedsHidden ) {
|
858 |
+
unset( $oUpdates->response[ $sFile ] );
|
859 |
+
break;
|
860 |
+
}
|
861 |
+
}
|
862 |
}
|
863 |
}
|
|
|
864 |
return $oUpdates;
|
865 |
}
|
866 |
|
885 |
if ( !isset( $oConOptions->update_first_detected[ $sNewVersion ] ) ) {
|
886 |
$oConOptions->update_first_detected[ $sNewVersion ] = Services::Request()->ts();
|
887 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
888 |
}
|
889 |
}
|
890 |
|
1009 |
}
|
1010 |
}
|
1011 |
|
|
|
|
|
1012 |
protected function deleteFlags() {
|
1013 |
$oFS = Services::WpFs();
|
1014 |
if ( $oFS->exists( $this->getPath_Flags( 'rebuild' ) ) ) {
|
1213 |
);
|
1214 |
}
|
1215 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1216 |
/**
|
1217 |
* DO NOT CHANGE THIS IMPLEMENTATION. We call this as early as possible so that the
|
1218 |
* current_user_can() never gets caught up in an infinite loop of permissions checking
|
1314 |
* @return bool
|
1315 |
*/
|
1316 |
public function getIsResetPlugin() {
|
1317 |
+
if ( !isset( $this->plugin_reset ) ) {
|
1318 |
+
$this->plugin_reset = (bool)Services::WpFs()->isFile( $this->getPath_Flags( 'reset' ) );
|
|
|
|
|
1319 |
}
|
1320 |
+
return $this->plugin_reset;
|
1321 |
}
|
1322 |
|
1323 |
/**
|
1402 |
* @return string
|
1403 |
*/
|
1404 |
public function getPluginUrl_AdminMainPage() {
|
1405 |
+
return $this->getModule_Plugin()->getUrl_AdminPage();
|
1406 |
}
|
1407 |
|
1408 |
/**
|
1616 |
return self::$oControllerOptions;
|
1617 |
}
|
1618 |
|
|
|
|
|
1619 |
protected function deletePluginControllerOptions() {
|
1620 |
$this->setPluginControllerOptions( false );
|
1621 |
$this->saveCurrentPluginControllerOptions();
|
1622 |
}
|
1623 |
|
|
|
|
|
1624 |
protected function deleteCronJobs() {
|
1625 |
$oWpCron = Services::WpCron();
|
1626 |
$aCrons = $oWpCron->getCrons();
|
1802 |
* @return \ICWP_WPSF_FeatureHandler_Plugin
|
1803 |
* @throws \Exception from loadFeatureHandler()
|
1804 |
*/
|
1805 |
+
public function loadCorePluginFeatureHandler() {
|
1806 |
+
if ( !isset( $this->modules[ 'plugin' ] )
|
1807 |
+
|| !$this->modules[ 'plugin' ] instanceof \ICWP_WPSF_FeatureHandler_Base ) {
|
1808 |
+
$this->loadFeatureHandler(
|
|
|
1809 |
[
|
1810 |
+
'slug' => 'plugin',
|
1811 |
+
'storage_key' => 'plugin',
|
1812 |
'load_priority' => 10
|
1813 |
]
|
1814 |
);
|
1815 |
}
|
1816 |
+
return $this->modules[ 'plugin' ];
|
1817 |
}
|
1818 |
|
1819 |
/**
|
|
|
|
|
1820 |
* @return bool
|
1821 |
+
* @throws \Exception
|
1822 |
*/
|
1823 |
+
public function loadAllFeatures() {
|
|
|
|
|
|
|
1824 |
$bSuccess = true;
|
1825 |
+
foreach ( array_keys( $this->loadCorePluginFeatureHandler()->getActivePluginFeatures() ) as $sSlug ) {
|
1826 |
try {
|
1827 |
+
$this->getModule( $sSlug );
|
1828 |
$bSuccess = true;
|
1829 |
}
|
1830 |
catch ( \Exception $oE ) {
|
1847 |
* @return \ICWP_WPSF_FeatureHandler_Base|null|mixed
|
1848 |
*/
|
1849 |
public function getModule( $sSlug ) {
|
1850 |
+
$oMod = isset( $this->modules[ $sSlug ] ) ? $this->modules[ $sSlug ] : null;
|
1851 |
+
if ( !$oMod instanceof \ICWP_WPSF_FeatureHandler_Base ) {
|
1852 |
+
try {
|
1853 |
+
$aMods = $this->loadCorePluginFeatureHandler()->getActivePluginFeatures();
|
1854 |
+
if ( isset( $aMods[ $sSlug ] ) ) {
|
1855 |
+
$oMod = $this->loadFeatureHandler( $aMods[ $sSlug ] );
|
1856 |
+
}
|
1857 |
+
}
|
1858 |
+
catch ( \Exception $oE ) {
|
1859 |
+
}
|
1860 |
}
|
1861 |
+
return $oMod;
|
1862 |
}
|
1863 |
|
1864 |
/**
|
1924 |
return $this->getModule( 'plugin' );
|
1925 |
}
|
1926 |
|
1927 |
+
/**
|
1928 |
+
* @return \ICWP_WPSF_FeatureHandler_Reporting
|
1929 |
+
*/
|
1930 |
+
public function getModule_Reporting() {
|
1931 |
+
return $this->getModule( 'reporting' );
|
1932 |
+
}
|
1933 |
+
|
1934 |
/**
|
1935 |
* @return \ICWP_WPSF_FeatureHandler_AdminAccessRestriction
|
1936 |
*/
|
1952 |
return $this->getModule( 'traffic' );
|
1953 |
}
|
1954 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1955 |
/**
|
1956 |
* @param array $aModProps
|
1957 |
+
* @return \ICWP_WPSF_FeatureHandler_Base|mixed
|
|
|
|
|
1958 |
* @throws \Exception
|
1959 |
*/
|
1960 |
+
public function loadFeatureHandler( $aModProps ) {
|
|
|
1961 |
$sModSlug = $aModProps[ 'slug' ];
|
1962 |
+
$oMod = isset( $this->modules[ $sModSlug ] ) ? $this->modules[ $sModSlug ] : null;
|
1963 |
+
if ( $oMod instanceof \ICWP_WPSF_FeatureHandler_Base ) {
|
1964 |
+
return $oMod;
|
|
|
1965 |
}
|
1966 |
|
1967 |
if ( !empty( $aModProps[ 'min_php' ] )
|
1977 |
|
1978 |
// All this to prevent fatal errors if the plugin doesn't install/upgrade correctly
|
1979 |
if ( class_exists( $sClassName ) ) {
|
1980 |
+
$this->{$sOptionsVarName} = new $sClassName( $this, $aModProps );
|
|
|
|
|
|
|
|
|
|
|
1981 |
}
|
1982 |
else {
|
1983 |
$sMessage = sprintf( 'Class "%s" is missing', $sClassName );
|
1987 |
$aMs = $this->modules;
|
1988 |
$aMs[ $sModSlug ] = $this->{$sOptionsVarName};
|
1989 |
$this->modules = $aMs;
|
1990 |
+
return $this->modules[ $sModSlug ];
|
1991 |
}
|
1992 |
|
1993 |
/**
|
2186 |
->run();
|
2187 |
}
|
2188 |
}
|
2189 |
+
|
2190 |
+
/**
|
2191 |
+
* @return bool
|
2192 |
+
* @deprecated 9.0
|
2193 |
+
*/
|
2194 |
+
public function isPluginDeleting() {
|
2195 |
+
return (bool)$this->plugin_deleting;
|
2196 |
+
}
|
2197 |
}
|
src/lib/src/Crons/BaseCron.php
CHANGED
@@ -9,8 +9,6 @@ abstract class BaseCron {
|
|
9 |
use Shield\Crons\StandardCron;
|
10 |
use Shield\Modules\ModConsumer;
|
11 |
|
12 |
-
/**
|
13 |
-
*/
|
14 |
public function run() {
|
15 |
$this->setupCron();
|
16 |
}
|
9 |
use Shield\Crons\StandardCron;
|
10 |
use Shield\Modules\ModConsumer;
|
11 |
|
|
|
|
|
12 |
public function run() {
|
13 |
$this->setupCron();
|
14 |
}
|
src/lib/src/Crons/DailyCron.php
CHANGED
@@ -3,6 +3,7 @@
|
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Crons;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
|
|
6 |
|
7 |
class DailyCron extends BaseCron {
|
8 |
|
@@ -21,6 +22,24 @@ class DailyCron extends BaseCron {
|
|
21 |
return $this->getCon()->prefix( 'daily' );
|
22 |
}
|
23 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
24 |
/**
|
25 |
* Use the included action to hook into the plugin's daily cron
|
26 |
*/
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Crons;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
6 |
+
use FernleafSystems\Wordpress\Services\Services;
|
7 |
|
8 |
class DailyCron extends BaseCron {
|
9 |
|
22 |
return $this->getCon()->prefix( 'daily' );
|
23 |
}
|
24 |
|
25 |
+
/**
|
26 |
+
* @return int
|
27 |
+
*/
|
28 |
+
public function getFirstRunTimestamp() {
|
29 |
+
$nHour = apply_filters( $this->getCon()->prefix( 'daily_cron_hour' ), 7 );
|
30 |
+
if ( $nHour < 0 || $nHour > 23 ) {
|
31 |
+
$nHour = 7;
|
32 |
+
}
|
33 |
+
$oCarb = Services::Request()
|
34 |
+
->carbon( true )
|
35 |
+
->minute( 1 )
|
36 |
+
->second( 0 );
|
37 |
+
if ( $oCarb->hour >= $nHour ) {
|
38 |
+
$oCarb->addDays( 1 );
|
39 |
+
}
|
40 |
+
return $oCarb->hour( $nHour )->timestamp;
|
41 |
+
}
|
42 |
+
|
43 |
/**
|
44 |
* Use the included action to hook into the plugin's daily cron
|
45 |
*/
|
src/lib/src/Crons/HourlyCron.php
CHANGED
@@ -3,6 +3,7 @@
|
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Crons;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
|
|
6 |
|
7 |
class HourlyCron extends BaseCron {
|
8 |
|
@@ -22,8 +23,17 @@ class HourlyCron extends BaseCron {
|
|
22 |
}
|
23 |
|
24 |
/**
|
25 |
-
*
|
26 |
*/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
27 |
public function runCron() {
|
28 |
do_action( $this->getCon()->prefix( 'hourly_cron' ) );
|
29 |
}
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Crons;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
6 |
+
use FernleafSystems\Wordpress\Services\Services;
|
7 |
|
8 |
class HourlyCron extends BaseCron {
|
9 |
|
23 |
}
|
24 |
|
25 |
/**
|
26 |
+
* @return int
|
27 |
*/
|
28 |
+
public function getFirstRunTimestamp() {
|
29 |
+
$oCarb = Services::Request()
|
30 |
+
->carbon( true )
|
31 |
+
->addHours( 1 )
|
32 |
+
->minute( 1 )
|
33 |
+
->second( 0 );
|
34 |
+
return $oCarb->timestamp;
|
35 |
+
}
|
36 |
+
|
37 |
public function runCron() {
|
38 |
do_action( $this->getCon()->prefix( 'hourly_cron' ) );
|
39 |
}
|
src/lib/src/Databases/AuditTrail/Update.php
CHANGED
@@ -3,6 +3,7 @@
|
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\AuditTrail;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base;
|
|
|
6 |
|
7 |
class Update extends Base\Update {
|
8 |
|
@@ -12,6 +13,9 @@ class Update extends Base\Update {
|
|
12 |
* @return bool
|
13 |
*/
|
14 |
public function updateCount( $oEntry, $nIncrease = 1 ) {
|
15 |
-
return $this->updateEntry( $oEntry, [
|
|
|
|
|
|
|
16 |
}
|
17 |
}
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\AuditTrail;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base;
|
6 |
+
use FernleafSystems\Wordpress\Services\Services;
|
7 |
|
8 |
class Update extends Base\Update {
|
9 |
|
13 |
* @return bool
|
14 |
*/
|
15 |
public function updateCount( $oEntry, $nIncrease = 1 ) {
|
16 |
+
return $this->updateEntry( $oEntry, [
|
17 |
+
'count' => $oEntry->count + $nIncrease,
|
18 |
+
'updated_at' => Services::Request()->ts()
|
19 |
+
] );
|
20 |
}
|
21 |
}
|
src/lib/src/Databases/Base/BaseQuery.php
CHANGED
@@ -221,14 +221,23 @@ abstract class BaseQuery {
|
|
221 |
return $this;
|
222 |
}
|
223 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
224 |
/**
|
225 |
* @param int $nTs
|
226 |
* @return $this
|
227 |
*/
|
228 |
public function filterByBoundary_Day( $nTs ) {
|
229 |
$oCbn = ( new Carbon() )->setTimestamp( $nTs );
|
230 |
-
return $this->
|
231 |
-
->filterByCreatedAt( $oCbn->startOfDay()->timestamp, '>=' );
|
232 |
}
|
233 |
|
234 |
/**
|
@@ -237,8 +246,7 @@ abstract class BaseQuery {
|
|
237 |
*/
|
238 |
public function filterByBoundary_Hour( $nTs ) {
|
239 |
$oCbn = ( new Carbon() )->setTimestamp( $nTs );
|
240 |
-
return $this->
|
241 |
-
->filterByCreatedAt( $oCbn->startOfHour()->timestamp, '>=' );
|
242 |
}
|
243 |
|
244 |
/**
|
@@ -247,8 +255,7 @@ abstract class BaseQuery {
|
|
247 |
*/
|
248 |
public function filterByBoundary_Month( $nTs ) {
|
249 |
$oCbn = ( new Carbon() )->setTimestamp( $nTs );
|
250 |
-
return $this->
|
251 |
-
->filterByCreatedAt( $oCbn->endOfMonth()->timestamp, '<=' );
|
252 |
}
|
253 |
|
254 |
/**
|
@@ -257,8 +264,7 @@ abstract class BaseQuery {
|
|
257 |
*/
|
258 |
public function filterByBoundary_Week( $nTs ) {
|
259 |
$oCbn = ( new Carbon() )->setTimestamp( $nTs );
|
260 |
-
return $this->
|
261 |
-
->filterByCreatedAt( $oCbn->startOfWeek()->timestamp, '>=' );
|
262 |
}
|
263 |
|
264 |
/**
|
@@ -267,8 +273,7 @@ abstract class BaseQuery {
|
|
267 |
*/
|
268 |
public function filterByBoundary_Year( $nTs ) {
|
269 |
$oCbn = ( new Carbon() )->setTimestamp( $nTs );
|
270 |
-
return $this->
|
271 |
-
->filterByCreatedAt( $oCbn->endOfYear()->timestamp, '<=' );
|
272 |
}
|
273 |
|
274 |
/**
|
221 |
return $this;
|
222 |
}
|
223 |
|
224 |
+
/**
|
225 |
+
* @param int $nStartTS
|
226 |
+
* @param int $nEndTS
|
227 |
+
* @return $this
|
228 |
+
*/
|
229 |
+
public function filterByBoundary( $nStartTS, $nEndTS ) {
|
230 |
+
return $this->filterByCreatedAt( $nEndTS, '<=' )
|
231 |
+
->filterByCreatedAt( $nStartTS, '>=' );
|
232 |
+
}
|
233 |
+
|
234 |
/**
|
235 |
* @param int $nTs
|
236 |
* @return $this
|
237 |
*/
|
238 |
public function filterByBoundary_Day( $nTs ) {
|
239 |
$oCbn = ( new Carbon() )->setTimestamp( $nTs );
|
240 |
+
return $this->filterByBoundary( $oCbn->startOfDay()->timestamp, $oCbn->endOfDay()->timestamp );
|
|
|
241 |
}
|
242 |
|
243 |
/**
|
246 |
*/
|
247 |
public function filterByBoundary_Hour( $nTs ) {
|
248 |
$oCbn = ( new Carbon() )->setTimestamp( $nTs );
|
249 |
+
return $this->filterByBoundary( $oCbn->startOfHour()->timestamp, $oCbn->endOfHour()->timestamp );
|
|
|
250 |
}
|
251 |
|
252 |
/**
|
255 |
*/
|
256 |
public function filterByBoundary_Month( $nTs ) {
|
257 |
$oCbn = ( new Carbon() )->setTimestamp( $nTs );
|
258 |
+
return $this->filterByBoundary( $oCbn->startOfMonth()->timestamp, $oCbn->endOfMonth()->timestamp );
|
|
|
259 |
}
|
260 |
|
261 |
/**
|
264 |
*/
|
265 |
public function filterByBoundary_Week( $nTs ) {
|
266 |
$oCbn = ( new Carbon() )->setTimestamp( $nTs );
|
267 |
+
return $this->filterByBoundary( $oCbn->startOfWeek()->timestamp, $oCbn->endOfWeek()->timestamp );
|
|
|
268 |
}
|
269 |
|
270 |
/**
|
273 |
*/
|
274 |
public function filterByBoundary_Year( $nTs ) {
|
275 |
$oCbn = ( new Carbon() )->setTimestamp( $nTs );
|
276 |
+
return $this->filterByBoundary( $oCbn->startOfYear()->timestamp, $oCbn->endOfYear()->timestamp );
|
|
|
277 |
}
|
278 |
|
279 |
/**
|
src/lib/src/Databases/Base/EntryVO.php
CHANGED
@@ -59,7 +59,7 @@ class EntryVO {
|
|
59 |
/**
|
60 |
* @param string $sProperty
|
61 |
* @param mixed $mValue
|
62 |
-
* @return $this
|
63 |
*/
|
64 |
public function __set( $sProperty, $mValue ) {
|
65 |
|
59 |
/**
|
60 |
* @param string $sProperty
|
61 |
* @param mixed $mValue
|
62 |
+
* @return $this|mixed
|
63 |
*/
|
64 |
public function __set( $sProperty, $mValue ) {
|
65 |
|
src/lib/src/Databases/Base/Handler.php
CHANGED
@@ -91,10 +91,13 @@ class Handler {
|
|
91 |
}
|
92 |
|
93 |
/**
|
|
|
94 |
* @return bool
|
95 |
*/
|
96 |
-
public function deleteTable() {
|
97 |
-
|
|
|
|
|
98 |
}
|
99 |
|
100 |
/**
|
91 |
}
|
92 |
|
93 |
/**
|
94 |
+
* @param bool $bTruncate
|
95 |
* @return bool
|
96 |
*/
|
97 |
+
public function deleteTable( $bTruncate = false ) {
|
98 |
+
$oDB = Services::WpDb();
|
99 |
+
return $this->isTable() &&
|
100 |
+
( $bTruncate ? $oDB->doTruncateTable( $this->getTable() ) : $oDB->doDropTable( $this->getTable() ) );
|
101 |
}
|
102 |
|
103 |
/**
|
src/lib/src/Databases/Comments/EntryVO.php
DELETED
@@ -1,15 +0,0 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\Comments;
|
4 |
-
|
5 |
-
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base;
|
6 |
-
|
7 |
-
/**
|
8 |
-
* Class EntryVO
|
9 |
-
* @property int post_id
|
10 |
-
* @property string unique_token
|
11 |
-
* @property string ip
|
12 |
-
*/
|
13 |
-
class EntryVO extends Base\EntryVO {
|
14 |
-
|
15 |
-
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
src/lib/src/Databases/Comments/Insert.php
DELETED
@@ -1,24 +0,0 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\Comments;
|
4 |
-
|
5 |
-
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base;
|
6 |
-
use FernleafSystems\Wordpress\Services\Services;
|
7 |
-
|
8 |
-
class Insert extends Base\Insert {
|
9 |
-
|
10 |
-
/**
|
11 |
-
* @return $this
|
12 |
-
* @throws \Exception
|
13 |
-
*/
|
14 |
-
protected function verifyInsertData() {
|
15 |
-
parent::verifyInsertData();
|
16 |
-
|
17 |
-
$aData = $this->getInsertData();
|
18 |
-
if ( !isset( $aData[ 'ip' ] ) ) {
|
19 |
-
$aData[ 'ip' ] = Services::IP()->getRequestIp();
|
20 |
-
}
|
21 |
-
|
22 |
-
return $this->setInsertData( $aData );
|
23 |
-
}
|
24 |
-
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
src/lib/src/Databases/Comments/Select.php
DELETED
@@ -1,31 +0,0 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\Comments;
|
4 |
-
|
5 |
-
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base;
|
6 |
-
|
7 |
-
class Select extends Base\Select {
|
8 |
-
|
9 |
-
/**
|
10 |
-
* @param string $sToken
|
11 |
-
* @param string $nPostId
|
12 |
-
* @param string $sIp
|
13 |
-
* @return EntryVO|null
|
14 |
-
*/
|
15 |
-
public function getTokenForPost( $sToken, $nPostId, $sIp = null ) {
|
16 |
-
$oToken = null;
|
17 |
-
|
18 |
-
if ( !empty( $sToken ) && !empty( $nPostId ) ) {
|
19 |
-
$this->reset()
|
20 |
-
->addWhereEquals( 'unique_token', $sToken )
|
21 |
-
->addWhereEquals( 'post_id', (int)$nPostId );
|
22 |
-
if ( !empty( $sIp ) ) {
|
23 |
-
$this->addWhereEquals( 'ip', $sIp );
|
24 |
-
}
|
25 |
-
/** @var EntryVO $oToken */
|
26 |
-
$oToken = $this->first();
|
27 |
-
}
|
28 |
-
|
29 |
-
return $oToken;
|
30 |
-
}
|
31 |
-
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
src/lib/src/Databases/FileLocker/Common.php
ADDED
@@ -0,0 +1,33 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\FileLocker;
|
4 |
+
|
5 |
+
/**
|
6 |
+
* Trait Filters
|
7 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Databases\FileLocker
|
8 |
+
*/
|
9 |
+
trait Common {
|
10 |
+
|
11 |
+
/**
|
12 |
+
* @param string $sFile
|
13 |
+
* @return $this
|
14 |
+
*/
|
15 |
+
public function filterByFile( $sFile ) {
|
16 |
+
return $this->addWhereEquals( 'file', base64_encode( $sFile ) );
|
17 |
+
}
|
18 |
+
|
19 |
+
/**
|
20 |
+
* @param string $sHash
|
21 |
+
* @return $this
|
22 |
+
*/
|
23 |
+
public function filterByHashOriginal( $sHash ) {
|
24 |
+
return $this->addWhereEquals( 'hash_original', base64_encode( $sHash ) );
|
25 |
+
}
|
26 |
+
|
27 |
+
/**
|
28 |
+
* @return $this
|
29 |
+
*/
|
30 |
+
public function filterByProblem() {
|
31 |
+
return $this->addWhereNewerThan( 0, 'detected_at' );
|
32 |
+
}
|
33 |
+
}
|
src/lib/src/Databases/FileLocker/Delete.php
ADDED
@@ -0,0 +1,10 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\FileLocker;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base;
|
6 |
+
|
7 |
+
class Delete extends Base\Delete {
|
8 |
+
|
9 |
+
use Common;
|
10 |
+
}
|
src/lib/src/Databases/FileLocker/EntryVO.php
ADDED
@@ -0,0 +1,62 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\FileLocker;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base;
|
6 |
+
|
7 |
+
/**
|
8 |
+
* Class EntryVO
|
9 |
+
* @property string $file
|
10 |
+
* @property string $hash_original
|
11 |
+
* @property string $hash_current
|
12 |
+
* @property string $content
|
13 |
+
* @property int $public_key_id
|
14 |
+
* @property int $detected_at
|
15 |
+
* @property int $reverted_at
|
16 |
+
* @property int $notified_at
|
17 |
+
* @property int $updated_at
|
18 |
+
*/
|
19 |
+
class EntryVO extends Base\EntryVO {
|
20 |
+
|
21 |
+
/**
|
22 |
+
* @param string $sProperty
|
23 |
+
* @return mixed
|
24 |
+
*/
|
25 |
+
public function __get( $sProperty ) {
|
26 |
+
|
27 |
+
$mValue = parent::__get( $sProperty );
|
28 |
+
|
29 |
+
switch ( $sProperty ) {
|
30 |
+
|
31 |
+
case 'content':
|
32 |
+
case 'file':
|
33 |
+
$mValue = base64_decode( $mValue );
|
34 |
+
break;
|
35 |
+
|
36 |
+
default:
|
37 |
+
break;
|
38 |
+
}
|
39 |
+
return $mValue;
|
40 |
+
}
|
41 |
+
|
42 |
+
/**
|
43 |
+
* @param string $sProperty
|
44 |
+
* @param mixed $mValue
|
45 |
+
* @return $this
|
46 |
+
*/
|
47 |
+
public function __set( $sProperty, $mValue ) {
|
48 |
+
|
49 |
+
switch ( $sProperty ) {
|
50 |
+
|
51 |
+
case 'content':
|
52 |
+
case 'file':
|
53 |
+
$mValue = base64_encode( $mValue );
|
54 |
+
break;
|
55 |
+
|
56 |
+
default:
|
57 |
+
break;
|
58 |
+
}
|
59 |
+
|
60 |
+
return parent::__set( $sProperty, $mValue );
|
61 |
+
}
|
62 |
+
}
|
src/lib/src/Databases/FileLocker/Handler.php
ADDED
@@ -0,0 +1,48 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\FileLocker;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Options;
|
7 |
+
|
8 |
+
class Handler extends Base\Handler {
|
9 |
+
|
10 |
+
/**
|
11 |
+
* @return string[]
|
12 |
+
*/
|
13 |
+
protected function getDefaultColumnsDefinition() {
|
14 |
+
/** @var Options $oOpts */
|
15 |
+
$oOpts = $this->getOptions();
|
16 |
+
return $oOpts->getDbColumns_FileLocker();
|
17 |
+
}
|
18 |
+
|
19 |
+
/**
|
20 |
+
* @return string
|
21 |
+
*/
|
22 |
+
protected function getDefaultTableName() {
|
23 |
+
/** @var Options $oOpts */
|
24 |
+
$oOpts = $this->getOptions();
|
25 |
+
return $oOpts->getDbTable_FileLocker();
|
26 |
+
}
|
27 |
+
|
28 |
+
/**
|
29 |
+
* @return string
|
30 |
+
*/
|
31 |
+
protected function getDefaultCreateTableSql() {
|
32 |
+
return "CREATE TABLE %s (
|
33 |
+
id int(11) UNSIGNED NOT NULL AUTO_INCREMENT,
|
34 |
+
file varchar(256) NOT NULL COMMENT 'File Path relative to ABSPATH',
|
35 |
+
hash_original varchar(40) NOT NULL COMMENT 'SHA1 File Hash Original',
|
36 |
+
hash_current varchar(40) NOT NULL COMMENT 'SHA1 File Hash Current',
|
37 |
+
content blob COMMENT 'Content',
|
38 |
+
public_key_id TINYINT(2) UNSIGNED NOT NULL COMMENT 'Public Key ID',
|
39 |
+
detected_at int(15) UNSIGNED NOT NULL DEFAULT 0 COMMENT 'TS Change Last Detected',
|
40 |
+
reverted_at int(15) UNSIGNED NOT NULL DEFAULT 0 COMMENT 'TS Reverted To Backup',
|
41 |
+
notified_at int(15) UNSIGNED NOT NULL DEFAULT 0 COMMENT 'TS Notification Sent',
|
42 |
+
updated_at int(15) UNSIGNED NOT NULL DEFAULT 0 COMMENT 'TS Updated',
|
43 |
+
created_at int(15) UNSIGNED NOT NULL DEFAULT 0 COMMENT 'TS Created',
|
44 |
+
deleted_at int(15) UNSIGNED NOT NULL DEFAULT 0 COMMENT 'TS Soft Deleted',
|
45 |
+
PRIMARY KEY (id)
|
46 |
+
) %s;";
|
47 |
+
}
|
48 |
+
}
|
src/lib/src/Databases/FileLocker/Insert.php
ADDED
@@ -0,0 +1,9 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\FileLocker;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base;
|
6 |
+
|
7 |
+
class Insert extends Base\Insert {
|
8 |
+
|
9 |
+
}
|
src/lib/src/Databases/FileLocker/Select.php
ADDED
@@ -0,0 +1,10 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\FileLocker;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base;
|
6 |
+
|
7 |
+
class Select extends Base\Select {
|
8 |
+
|
9 |
+
use Common;
|
10 |
+
}
|
src/lib/src/Databases/FileLocker/Update.php
ADDED
@@ -0,0 +1,54 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\FileLocker;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base;
|
6 |
+
use FernleafSystems\Wordpress\Services\Services;
|
7 |
+
|
8 |
+
class Update extends Base\Update {
|
9 |
+
|
10 |
+
/**
|
11 |
+
* @param EntryVO $oEntry
|
12 |
+
* @return bool
|
13 |
+
*/
|
14 |
+
public function markNotified( EntryVO $oEntry ) {
|
15 |
+
return $this->updateEntry( $oEntry, [
|
16 |
+
'notified_at' => Services::Request()->ts()
|
17 |
+
] );
|
18 |
+
}
|
19 |
+
|
20 |
+
/**
|
21 |
+
* @param EntryVO $oEntry
|
22 |
+
* @return bool
|
23 |
+
*/
|
24 |
+
public function markProblem( EntryVO $oEntry ) {
|
25 |
+
return $this->updateEntry( $oEntry, [
|
26 |
+
'detected_at' => Services::Request()->ts(),
|
27 |
+
'notified_at' => 0
|
28 |
+
] );
|
29 |
+
}
|
30 |
+
|
31 |
+
/**
|
32 |
+
* @param EntryVO $oEntry
|
33 |
+
* @return bool
|
34 |
+
*/
|
35 |
+
public function markReverted( EntryVO $oEntry ) {
|
36 |
+
return $this->updateEntry( $oEntry, [
|
37 |
+
'reverted_at' => Services::Request()->ts()
|
38 |
+
] );
|
39 |
+
}
|
40 |
+
|
41 |
+
/**
|
42 |
+
* @param EntryVO $oEntry
|
43 |
+
* @param string $sHash
|
44 |
+
* @return bool
|
45 |
+
*/
|
46 |
+
public function updateCurrentHash( EntryVO $oEntry, $sHash = '' ) {
|
47 |
+
return $this->updateEntry( $oEntry, [
|
48 |
+
'hash_current' => $sHash,
|
49 |
+
'detected_at' => empty( $sHash ) ? 0 : Services::Request()->ts(),
|
50 |
+
'notified_at' => 0,
|
51 |
+
'updated_at' => Services::Request()->ts(),
|
52 |
+
] );
|
53 |
+
}
|
54 |
+
}
|
src/lib/src/Databases/Reports/Common.php
ADDED
@@ -0,0 +1,25 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\Reports;
|
4 |
+
|
5 |
+
trait Common {
|
6 |
+
|
7 |
+
/**
|
8 |
+
* @param string $sFrequency
|
9 |
+
* @return $this
|
10 |
+
*/
|
11 |
+
public function filterByFrequency( $sFrequency ) {
|
12 |
+
return $this->addWhere( 'frequency', $sFrequency );
|
13 |
+
}
|
14 |
+
|
15 |
+
/**
|
16 |
+
* @param string $sType
|
17 |
+
* @return $this
|
18 |
+
*/
|
19 |
+
public function filterByType( $sType ) {
|
20 |
+
if ( in_array( $sType, [ Handler::TYPE_INFO, Handler::TYPE_ALERT ] ) ) {
|
21 |
+
$this->addWhere( 'type', $sType );
|
22 |
+
}
|
23 |
+
return $this;
|
24 |
+
}
|
25 |
+
}
|
src/lib/src/Databases/{Comments → Reports}/Delete.php
RENAMED
@@ -1,9 +1,10 @@
|
|
1 |
<?php
|
2 |
|
3 |
-
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base;
|
6 |
|
7 |
class Delete extends Base\Delete {
|
8 |
|
|
|
9 |
}
|
1 |
<?php
|
2 |
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\Reports;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base;
|
6 |
|
7 |
class Delete extends Base\Delete {
|
8 |
|
9 |
+
use Common;
|
10 |
}
|
src/lib/src/Databases/Reports/EntryVO.php
ADDED
@@ -0,0 +1,17 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\Reports;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base;
|
6 |
+
|
7 |
+
/**
|
8 |
+
* Class EntryVO
|
9 |
+
* @property int $rid
|
10 |
+
* @property string $type
|
11 |
+
* @property string $frequency
|
12 |
+
* @property int $interval_end_at
|
13 |
+
* @property int $sent_at
|
14 |
+
*/
|
15 |
+
class EntryVO extends Base\EntryVO {
|
16 |
+
|
17 |
+
}
|
src/lib/src/Databases/{Comments → Reports}/Handler.php
RENAMED
@@ -1,34 +1,35 @@
|
|
1 |
<?php
|
2 |
|
3 |
-
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base;
|
6 |
-
use FernleafSystems\Wordpress\Plugin\Shield\Modules\
|
7 |
|
8 |
class Handler extends Base\Handler {
|
9 |
|
|
|
|
|
|
|
10 |
public function autoCleanDb() {
|
11 |
-
|
12 |
-
$oOpts = $this->getOptions();
|
13 |
-
$this->cleanDb( $oOpts->getTokenExpireInterval()/DAY_IN_SECONDS );
|
14 |
}
|
15 |
|
16 |
/**
|
17 |
-
* @return string
|
18 |
*/
|
19 |
-
protected function
|
20 |
/** @var Options $oOpts */
|
21 |
$oOpts = $this->getOptions();
|
22 |
-
return $oOpts->
|
23 |
}
|
24 |
|
25 |
/**
|
26 |
-
* @return string
|
27 |
*/
|
28 |
-
protected function
|
29 |
/** @var Options $oOpts */
|
30 |
$oOpts = $this->getOptions();
|
31 |
-
return $oOpts->
|
32 |
}
|
33 |
|
34 |
/**
|
@@ -37,9 +38,11 @@ class Handler extends Base\Handler {
|
|
37 |
protected function getDefaultCreateTableSql() {
|
38 |
return "CREATE TABLE %s (
|
39 |
id int(11) UNSIGNED NOT NULL AUTO_INCREMENT,
|
40 |
-
|
41 |
-
|
42 |
-
|
|
|
|
|
43 |
created_at int(15) UNSIGNED NOT NULL DEFAULT 0,
|
44 |
deleted_at int(15) UNSIGNED NOT NULL DEFAULT 0,
|
45 |
PRIMARY KEY (id)
|
1 |
<?php
|
2 |
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\Reports;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting\Options;
|
7 |
|
8 |
class Handler extends Base\Handler {
|
9 |
|
10 |
+
const TYPE_ALERT = 'alt';
|
11 |
+
const TYPE_INFO = 'nfo';
|
12 |
+
|
13 |
public function autoCleanDb() {
|
14 |
+
$this->cleanDb( 30 );
|
|
|
|
|
15 |
}
|
16 |
|
17 |
/**
|
18 |
+
* @return string[]
|
19 |
*/
|
20 |
+
protected function getDefaultColumnsDefinition() {
|
21 |
/** @var Options $oOpts */
|
22 |
$oOpts = $this->getOptions();
|
23 |
+
return $oOpts->getDbColumns_Reports();
|
24 |
}
|
25 |
|
26 |
/**
|
27 |
+
* @return string
|
28 |
*/
|
29 |
+
protected function getDefaultTableName() {
|
30 |
/** @var Options $oOpts */
|
31 |
$oOpts = $this->getOptions();
|
32 |
+
return $oOpts->getDbTable_Reports();
|
33 |
}
|
34 |
|
35 |
/**
|
38 |
protected function getDefaultCreateTableSql() {
|
39 |
return "CREATE TABLE %s (
|
40 |
id int(11) UNSIGNED NOT NULL AUTO_INCREMENT,
|
41 |
+
rid int(11) UNSIGNED NOT NULL DEFAULT 0 COMMENT 'Report ID',
|
42 |
+
type varchar(3) NOT NULL DEFAULT '' COMMENT 'Report Type',
|
43 |
+
frequency varchar(10) NOT NULL DEFAULT '' COMMENT 'Report Interval/Frequency',
|
44 |
+
interval_end_at int(15) UNSIGNED NOT NULL DEFAULT 0 COMMENT 'TS of end of interval',
|
45 |
+
sent_at int(15) UNSIGNED NOT NULL DEFAULT 0,
|
46 |
created_at int(15) UNSIGNED NOT NULL DEFAULT 0,
|
47 |
deleted_at int(15) UNSIGNED NOT NULL DEFAULT 0,
|
48 |
PRIMARY KEY (id)
|
src/lib/src/Databases/Reports/Insert.php
ADDED
@@ -0,0 +1,22 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\Reports;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base;
|
6 |
+
use FernleafSystems\Wordpress\Services\Services;
|
7 |
+
|
8 |
+
class Insert extends Base\Insert {
|
9 |
+
|
10 |
+
/**
|
11 |
+
* @param int $nReportId
|
12 |
+
* @param string $sType
|
13 |
+
* @return bool
|
14 |
+
*/
|
15 |
+
public function create( $nReportId, $sType ) {
|
16 |
+
return $this->setInsertData( [
|
17 |
+
'rid' => $nReportId,
|
18 |
+
'type' => $sType,
|
19 |
+
'sent_at' => Services::Request()->ts()
|
20 |
+
] )->query() === 1;
|
21 |
+
}
|
22 |
+
}
|
src/lib/src/Databases/Reports/Select.php
ADDED
@@ -0,0 +1,20 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\Reports;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base;
|
6 |
+
|
7 |
+
class Select extends Base\Select {
|
8 |
+
|
9 |
+
use Common;
|
10 |
+
|
11 |
+
/**
|
12 |
+
* @return int
|
13 |
+
*/
|
14 |
+
public function getLastReportId() {
|
15 |
+
return $this->setColumnsToSelect( [ 'rid' ] )
|
16 |
+
->setOrderBy( 'rid', 'DESC' )
|
17 |
+
->setLimit( 1 )
|
18 |
+
->queryVar();
|
19 |
+
}
|
20 |
+
}
|
src/lib/src/Databases/Reports/Update.php
ADDED
@@ -0,0 +1,10 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Databases\Reports;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base;
|
6 |
+
use FernleafSystems\Wordpress\Services\Services;
|
7 |
+
|
8 |
+
class Update extends Base\Update {
|
9 |
+
|
10 |
+
}
|
src/lib/src/Databases/Scanner/Common.php
CHANGED
@@ -39,6 +39,20 @@ trait Common {
|
|
39 |
return $this->addWhereEquals( 'ignored_at', 0 );
|
40 |
}
|
41 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
42 |
/**
|
43 |
* @param int $nInterval
|
44 |
* @return $this
|
39 |
return $this->addWhereEquals( 'ignored_at', 0 );
|
40 |
}
|
41 |
|
42 |
+
/**
|
43 |
+
* @return $this
|
44 |
+
*/
|
45 |
+
public function filterByNotified() {
|
46 |
+
return $this->addWhereOlderThan( 0, 'notified_at' );
|
47 |
+
}
|
48 |
+
|
49 |
+
/**
|
50 |
+
* @return $this
|
51 |
+
*/
|
52 |
+
public function filterByNotNotified() {
|
53 |
+
return $this->addWhereEquals( 'notified_at', 0 );
|
54 |
+
}
|
55 |
+
|
56 |
/**
|
57 |
* @param int $nInterval
|
58 |
* @return $this
|
src/lib/src/Databases/Scanner/Select.php
CHANGED
@@ -8,15 +8,6 @@ class Select extends Base\Select {
|
|
8 |
|
9 |
use Common;
|
10 |
|
11 |
-
/**
|
12 |
-
* @param int $nNotifiedInterval
|
13 |
-
* @return $this
|
14 |
-
*/
|
15 |
-
public function filterForCron( $nNotifiedInterval ) {
|
16 |
-
return $this->filterByNotRecentlyNotified( $nNotifiedInterval )
|
17 |
-
->filterByNotIgnored();
|
18 |
-
}
|
19 |
-
|
20 |
/**
|
21 |
* @param string $sScan
|
22 |
* @return int
|
8 |
|
9 |
use Common;
|
10 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
11 |
/**
|
12 |
* @param string $sScan
|
13 |
* @return int
|
src/lib/src/Databases/Traffic/EntryVO.php
CHANGED
@@ -6,14 +6,14 @@ use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base;
|
|
6 |
|
7 |
/**
|
8 |
* Class EntryVO
|
9 |
-
* @property string rid
|
10 |
-
* @property int uid
|
11 |
-
* @property string ip
|
12 |
-
* @property string path
|
13 |
-
* @property string code
|
14 |
-
* @property string ua
|
15 |
-
* @property string verb
|
16 |
-
* @property bool trans
|
17 |
*/
|
18 |
class EntryVO extends Base\EntryVO {
|
19 |
|
@@ -33,4 +33,24 @@ class EntryVO extends Base\EntryVO {
|
|
33 |
}
|
34 |
return $mVal;
|
35 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
36 |
}
|
6 |
|
7 |
/**
|
8 |
* Class EntryVO
|
9 |
+
* @property string $rid
|
10 |
+
* @property int $uid
|
11 |
+
* @property string $ip
|
12 |
+
* @property string $path
|
13 |
+
* @property string $code
|
14 |
+
* @property string $ua
|
15 |
+
* @property string $verb
|
16 |
+
* @property bool $trans
|
17 |
*/
|
18 |
class EntryVO extends Base\EntryVO {
|
19 |
|
33 |
}
|
34 |
return $mVal;
|
35 |
}
|
36 |
+
|
37 |
+
/**
|
38 |
+
* @param string $sProperty
|
39 |
+
* @param mixed $mValue
|
40 |
+
* @return $this
|
41 |
+
*/
|
42 |
+
public function __set( $sProperty, $mValue ) {
|
43 |
+
|
44 |
+
switch ( $sProperty ) {
|
45 |
+
|
46 |
+
case 'ip':
|
47 |
+
$mValue = inet_pton( $mValue );
|
48 |
+
break;
|
49 |
+
|
50 |
+
default:
|
51 |
+
break;
|
52 |
+
}
|
53 |
+
|
54 |
+
return parent::__set( $sProperty, $mValue );
|
55 |
+
}
|
56 |
}
|
src/lib/src/Modules/AuditTrail/Lib/AuditWriter.php
CHANGED
@@ -46,7 +46,7 @@ class AuditWriter extends EventsListener {
|
|
46 |
}
|
47 |
|
48 |
protected function onShutdown() {
|
49 |
-
if ( !$this->getCon()->
|
50 |
( new Commit() )
|
51 |
->setDbHandler( $this->getDbHandler() )
|
52 |
->commitAudits( $this->getLogs() );
|
46 |
}
|
47 |
|
48 |
protected function onShutdown() {
|
49 |
+
if ( !$this->getCon()->plugin_deleting ) {
|
50 |
( new Commit() )
|
51 |
->setDbHandler( $this->getDbHandler() )
|
52 |
->commitAudits( $this->getLogs() );
|
src/lib/src/Modules/AuditTrail/Lib/Ops/Commit.php
CHANGED
@@ -10,11 +10,6 @@ class Commit {
|
|
10 |
|
11 |
use HandlerConsumer;
|
12 |
|
13 |
-
/**
|
14 |
-
* @var AuditTrail\EntryVO|null
|
15 |
-
*/
|
16 |
-
private $oLatest;
|
17 |
-
|
18 |
/**
|
19 |
* @param AuditTrail\EntryVO[] $aEvents
|
20 |
*/
|
@@ -60,18 +55,17 @@ class Commit {
|
|
60 |
$oLatest = null;
|
61 |
$bCanCount = in_array( $oEntry->event, $this->getCanCountEvents() );
|
62 |
if ( $bCanCount ) {
|
63 |
-
|
64 |
-
|
65 |
-
|
66 |
-
|
67 |
-
|
68 |
-
|
69 |
-
|
70 |
-
|
71 |
-
}
|
72 |
}
|
73 |
|
74 |
-
if ( $bCanCount
|
75 |
/** @var AuditTrail\Update $oQU */
|
76 |
$oQU = $this->getDbHandler()->getQueryUpdater();
|
77 |
$oQU->updateCount( $oLatest );
|
@@ -90,19 +84,4 @@ class Commit {
|
|
90 |
private function getCanCountEvents() {
|
91 |
return [ 'conn_kill' ];
|
92 |
}
|
93 |
-
|
94 |
-
/**
|
95 |
-
* @return AuditTrail\EntryVO|false
|
96 |
-
*/
|
97 |
-
private function latest() {
|
98 |
-
if ( is_null( $this->oLatest ) ) {
|
99 |
-
$this->oLatest = $this->getDbHandler()
|
100 |
-
->getQuerySelector()
|
101 |
-
->selectLatestById();
|
102 |
-
if ( empty( $this->oLatest ) ) {
|
103 |
-
$this->oLatest = false;
|
104 |
-
}
|
105 |
-
}
|
106 |
-
return $this->oLatest;
|
107 |
-
}
|
108 |
}
|
10 |
|
11 |
use HandlerConsumer;
|
12 |
|
|
|
|
|
|
|
|
|
|
|
13 |
/**
|
14 |
* @param AuditTrail\EntryVO[] $aEvents
|
15 |
*/
|
55 |
$oLatest = null;
|
56 |
$bCanCount = in_array( $oEntry->event, $this->getCanCountEvents() );
|
57 |
if ( $bCanCount ) {
|
58 |
+
/** @var AuditTrail\Select $oSel */
|
59 |
+
$oSel = $this->getDbHandler()->getQuerySelector();
|
60 |
+
$oLatest = $oSel->filterByEvent( $oEntry->event )
|
61 |
+
->filterByIp( $oEntry->ip )
|
62 |
+
->filterByCreatedAt( Services::Request()->carbon()->subDay()->timestamp, '>' )
|
63 |
+
->first();
|
64 |
+
$bCanCount = ( $oLatest instanceof AuditTrail\EntryVO )
|
65 |
+
&& ( $oLatest->event === $oEntry->event && $oLatest->ip === $oEntry->ip );
|
|
|
66 |
}
|
67 |
|
68 |
+
if ( $bCanCount ) {
|
69 |
/** @var AuditTrail\Update $oQU */
|
70 |
$oQU = $this->getDbHandler()->getQueryUpdater();
|
71 |
$oQU->updateCount( $oLatest );
|
84 |
private function getCanCountEvents() {
|
85 |
return [ 'conn_kill' ];
|
86 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
87 |
}
|
src/lib/src/Modules/AuditTrail/Options.php
CHANGED
@@ -42,18 +42,11 @@ class Options extends Base\ShieldOptions {
|
|
42 |
return (int)$this->getOpt( 'audit_trail_auto_clean' );
|
43 |
}
|
44 |
|
45 |
-
/**
|
46 |
-
* @return int
|
47 |
-
*/
|
48 |
-
public function getDefaultMaxEntries() {
|
49 |
-
return $this->getDef( 'audit_trail_default_max_entries' );
|
50 |
-
}
|
51 |
-
|
52 |
/**
|
53 |
* @return int
|
54 |
*/
|
55 |
public function getMaxEntries() {
|
56 |
-
return $this->isPremium() ? (int)$this->getOpt( 'audit_trail_max_entries' ) : $this->
|
57 |
}
|
58 |
|
59 |
/**
|
@@ -166,4 +159,12 @@ class Options extends Base\ShieldOptions {
|
|
166 |
public function updateCTLastSnapshotAt() {
|
167 |
return $this->setOptAt( 'ct_last_snapshot_at' );
|
168 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
169 |
}
|
42 |
return (int)$this->getOpt( 'audit_trail_auto_clean' );
|
43 |
}
|
44 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
45 |
/**
|
46 |
* @return int
|
47 |
*/
|
48 |
public function getMaxEntries() {
|
49 |
+
return $this->isPremium() ? (int)$this->getOpt( 'audit_trail_max_entries' ) : $this->getDef( 'audit_trail_free_max_entries' );
|
50 |
}
|
51 |
|
52 |
/**
|
159 |
public function updateCTLastSnapshotAt() {
|
160 |
return $this->setOptAt( 'ct_last_snapshot_at' );
|
161 |
}
|
162 |
+
|
163 |
+
/**
|
164 |
+
* @return int
|
165 |
+
* @deprecated 9.0
|
166 |
+
*/
|
167 |
+
public function getDefaultMaxEntries() {
|
168 |
+
return $this->getDef( 'audit_trail_free_max_entries' );
|
169 |
+
}
|
170 |
}
|
src/lib/src/Modules/AuditTrail/Strings.php
CHANGED
@@ -193,8 +193,14 @@ class Strings extends Base\Strings {
|
|
193 |
case 'audit_trail_max_entries' :
|
194 |
$sName = __( 'Max Trail Length', 'wp-simple-firewall' );
|
195 |
$sSummary = __( 'Maximum Audit Trail Length To Keep', 'wp-simple-firewall' );
|
196 |
-
$sDescription =
|
197 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
198 |
break;
|
199 |
|
200 |
case 'audit_trail_auto_clean' :
|
193 |
case 'audit_trail_max_entries' :
|
194 |
$sName = __( 'Max Trail Length', 'wp-simple-firewall' );
|
195 |
$sSummary = __( 'Maximum Audit Trail Length To Keep', 'wp-simple-firewall' );
|
196 |
+
$sDescription = [
|
197 |
+
__( 'Automatically remove any audit trail entries when this limit is exceeded.', 'wp-simple-firewall' ),
|
198 |
+
];
|
199 |
+
if ( !$oCon->isPremiumActive() ) {
|
200 |
+
$sDescription[] = sprintf( __( 'Upgrade to PRO to increase limit above %s.', 'wp-simple-firewall' ),
|
201 |
+
'<code>'.$oOpts->getDef( 'audit_trail_free_max_entries' ).'</code>' );
|
202 |
+
}
|
203 |
+
|
204 |
break;
|
205 |
|
206 |
case 'audit_trail_auto_clean' :
|
src/lib/src/Modules/Autoupdates/AjaxHandler.php
CHANGED
@@ -3,59 +3,7 @@
|
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Autoupdates;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
6 |
-
use FernleafSystems\Wordpress\Services\Services;
|
7 |
|
8 |
class AjaxHandler extends Shield\Modules\Base\AjaxHandlerShield {
|
9 |
|
10 |
-
/**
|
11 |
-
* @param string $sAction
|
12 |
-
* @return array
|
13 |
-
*/
|
14 |
-
protected function processAjaxAction( $sAction ) {
|
15 |
-
|
16 |
-
switch ( $sAction ) {
|
17 |
-
case 'toggle_plugin_autoupdate':
|
18 |
-
$aResponse = $this->ajaxExec_TogglePluginAutoupdate();
|
19 |
-
break;
|
20 |
-
|
21 |
-
default:
|
22 |
-
$aResponse = parent::processAjaxAction( $sAction );
|
23 |
-
}
|
24 |
-
|
25 |
-
return $aResponse;
|
26 |
-
}
|
27 |
-
|
28 |
-
/**
|
29 |
-
* @return array
|
30 |
-
*/
|
31 |
-
public function ajaxExec_TogglePluginAutoupdate() {
|
32 |
-
/** @var Options $oOpts */
|
33 |
-
$oOpts = $this->getOptions();
|
34 |
-
$bSuccess = false;
|
35 |
-
$sMessage = __( 'You do not have permissions to perform this action.', 'wp-simple-firewall' );
|
36 |
-
|
37 |
-
if ( $oOpts->isAutoupdateIndividualPlugins() && $this->getCon()->isPluginAdmin() ) {
|
38 |
-
$oWpPlugins = Services::WpPlugins();
|
39 |
-
$sFile = Services::Request()->post( 'pluginfile' );
|
40 |
-
if ( $oWpPlugins->isInstalled( $sFile ) ) {
|
41 |
-
$oOpts->setPluginToAutoUpdate( $sFile );
|
42 |
-
|
43 |
-
$sMessage = sprintf( __( 'Plugin "%s" will %s.', 'wp-simple-firewall' ),
|
44 |
-
$oWpPlugins->getPluginAsVo( $sFile )->Name,
|
45 |
-
Services::WpPlugins()->isPluginAutomaticallyUpdated( $sFile ) ?
|
46 |
-
__( 'update automatically', 'wp-simple-firewall' )
|
47 |
-
: __( 'not update automatically', 'wp-simple-firewall' )
|
48 |
-
);
|
49 |
-
$bSuccess = true;
|
50 |
-
}
|
51 |
-
else {
|
52 |
-
$sMessage = __( 'Failed to change the update status of the plugin.', 'wp-simple-firewall' );
|
53 |
-
}
|
54 |
-
}
|
55 |
-
|
56 |
-
return [
|
57 |
-
'success' => $bSuccess,
|
58 |
-
'message' => $sMessage,
|
59 |
-
];
|
60 |
-
}
|
61 |
}
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Autoupdates;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
|
|
6 |
|
7 |
class AjaxHandler extends Shield\Modules\Base\AjaxHandlerShield {
|
8 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
9 |
}
|
src/lib/src/Modules/Autoupdates/Options.php
CHANGED
@@ -7,20 +7,6 @@ use FernleafSystems\Wordpress\Services\Services;
|
|
7 |
|
8 |
class Options extends Base\ShieldOptions {
|
9 |
|
10 |
-
/**
|
11 |
-
* @return string[]
|
12 |
-
*/
|
13 |
-
public function getAutoupdatePlugins() {
|
14 |
-
$aSelected = [];
|
15 |
-
if ( $this->isAutoupdateIndividualPlugins() ) {
|
16 |
-
$aSelected = $this->getOpt( 'selected_plugins', [] );
|
17 |
-
if ( !is_array( $aSelected ) ) {
|
18 |
-
$aSelected = [];
|
19 |
-
}
|
20 |
-
}
|
21 |
-
return $aSelected;
|
22 |
-
}
|
23 |
-
|
24 |
/**
|
25 |
* @return array
|
26 |
*/
|
@@ -84,13 +70,6 @@ class Options extends Base\ShieldOptions {
|
|
84 |
return $this->isOpt( 'enable_autoupdate_plugins', 'Y' );
|
85 |
}
|
86 |
|
87 |
-
/**
|
88 |
-
* @return bool
|
89 |
-
*/
|
90 |
-
public function isAutoupdateIndividualPlugins() {
|
91 |
-
return $this->isPremium() && $this->isOpt( 'enable_individual_autoupdate_plugins', 'Y' );
|
92 |
-
}
|
93 |
-
|
94 |
/**
|
95 |
* @return bool
|
96 |
*/
|
@@ -105,14 +84,6 @@ class Options extends Base\ShieldOptions {
|
|
105 |
return $this->getDelayUpdatesPeriod() > 0;
|
106 |
}
|
107 |
|
108 |
-
/**
|
109 |
-
* @param string $sPluginFile
|
110 |
-
* @return bool
|
111 |
-
*/
|
112 |
-
public function isPluginSetToAutoupdate( $sPluginFile ) {
|
113 |
-
return in_array( $sPluginFile, $this->getAutoupdatePlugins() );
|
114 |
-
}
|
115 |
-
|
116 |
/**
|
117 |
* @return bool
|
118 |
*/
|
@@ -129,20 +100,27 @@ class Options extends Base\ShieldOptions {
|
|
129 |
}
|
130 |
|
131 |
/**
|
132 |
-
* @
|
133 |
-
* @
|
134 |
*/
|
135 |
-
public function
|
136 |
-
|
137 |
-
|
138 |
|
139 |
-
|
140 |
-
|
141 |
-
|
142 |
-
|
143 |
-
|
144 |
-
|
|
|
|
|
145 |
|
146 |
-
|
|
|
|
|
|
|
|
|
|
|
147 |
}
|
148 |
}
|
7 |
|
8 |
class Options extends Base\ShieldOptions {
|
9 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
10 |
/**
|
11 |
* @return array
|
12 |
*/
|
70 |
return $this->isOpt( 'enable_autoupdate_plugins', 'Y' );
|
71 |
}
|
72 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
73 |
/**
|
74 |
* @return bool
|
75 |
*/
|
84 |
return $this->getDelayUpdatesPeriod() > 0;
|
85 |
}
|
86 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
87 |
/**
|
88 |
* @return bool
|
89 |
*/
|
100 |
}
|
101 |
|
102 |
/**
|
103 |
+
* @return bool
|
104 |
+
* @deprecated 9.0
|
105 |
*/
|
106 |
+
public function isAutoupdateIndividualPlugins() {
|
107 |
+
return false;
|
108 |
+
}
|
109 |
|
110 |
+
/**
|
111 |
+
* @param string $sPluginFile
|
112 |
+
* @return bool
|
113 |
+
* @deprecated 9.0
|
114 |
+
*/
|
115 |
+
public function isPluginSetToAutoupdate( $sPluginFile ) {
|
116 |
+
return false;
|
117 |
+
}
|
118 |
|
119 |
+
/**
|
120 |
+
* @return string[]
|
121 |
+
* @deprecated 9.0
|
122 |
+
*/
|
123 |
+
public function getAutoupdatePlugins() {
|
124 |
+
return [];
|
125 |
}
|
126 |
}
|
src/lib/src/Modules/Autoupdates/Strings.php
CHANGED
@@ -125,12 +125,6 @@ class Strings extends Base\Strings {
|
|
125 |
$sDescription = __( 'Note: Automatic updates for plugins are disabled on WordPress by default.', 'wp-simple-firewall' );
|
126 |
break;
|
127 |
|
128 |
-
case 'enable_individual_autoupdate_plugins' :
|
129 |
-
$sName = __( 'Individually Select Plugins', 'wp-simple-firewall' );
|
130 |
-
$sSummary = __( 'Select Individual Plugins To Automatically Update', 'wp-simple-firewall' );
|
131 |
-
$sDescription = __( 'Turning this on will provide an option on the plugins page to select whether a plugin is automatically updated.', 'wp-simple-firewall' );
|
132 |
-
break;
|
133 |
-
|
134 |
case 'enable_autoupdate_themes' :
|
135 |
$sName = __( 'Themes', 'wp-simple-firewall' );
|
136 |
$sSummary = __( 'Automatically Update Themes', 'wp-simple-firewall' );
|
125 |
$sDescription = __( 'Note: Automatic updates for plugins are disabled on WordPress by default.', 'wp-simple-firewall' );
|
126 |
break;
|
127 |
|
|
|
|
|
|
|
|
|
|
|
|
|
128 |
case 'enable_autoupdate_themes' :
|
129 |
$sName = __( 'Themes', 'wp-simple-firewall' );
|
130 |
$sSummary = __( 'Automatically Update Themes', 'wp-simple-firewall' );
|
src/lib/src/Modules/Base/BaseModCon.php
CHANGED
@@ -7,7 +7,7 @@ use FernleafSystems\Wordpress\Plugin\Shield\Deprecated;
|
|
7 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules;
|
8 |
use FernleafSystems\Wordpress\Services\Services;
|
9 |
|
10 |
-
class BaseModCon
|
11 |
|
12 |
use Modules\PluginControllerConsumer;
|
13 |
|
@@ -96,7 +96,6 @@ class BaseModCon extends Deprecated\Foundation {
|
|
96 |
$nRunPriority = isset( $aModProps[ 'load_priority' ] ) ? $aModProps[ 'load_priority' ] : 100;
|
97 |
add_action( $this->prefix( 'run_processors' ), [ $this, 'onRunProcessors' ], $nRunPriority );
|
98 |
add_action( 'init', [ $this, 'onWpInit' ], 1 );
|
99 |
-
add_action( $this->prefix( 'import_options' ), [ $this, 'processImportOptions' ] );
|
100 |
|
101 |
if ( $this->isModuleRequest() ) {
|
102 |
|
@@ -122,7 +121,6 @@ class BaseModCon extends Deprecated\Foundation {
|
|
122 |
add_filter( $this->prefix( 'aggregate_all_plugin_options' ), [ $this, 'aggregateOptionsValues' ] );
|
123 |
|
124 |
add_filter( $this->prefix( 'register_admin_notices' ), [ $this, 'fRegisterAdminNotices' ] );
|
125 |
-
add_filter( $this->prefix( 'gather_options_for_export' ), [ $this, 'exportTransferableOptions' ] );
|
126 |
|
127 |
add_action( $this->prefix( 'daily_cron' ), [ $this, 'runDailyCron' ] );
|
128 |
add_action( $this->prefix( 'hourly_cron' ), [ $this, 'runHourlyCron' ] );
|
@@ -325,17 +323,6 @@ class BaseModCon extends Deprecated\Foundation {
|
|
325 |
}
|
326 |
}
|
327 |
|
328 |
-
/**
|
329 |
-
* @param array $aOptions
|
330 |
-
*/
|
331 |
-
public function processImportOptions( $aOptions ) {
|
332 |
-
if ( !empty( $aOptions ) && is_array( $aOptions ) && array_key_exists( $this->getOptionsStorageKey(), $aOptions ) ) {
|
333 |
-
$this->getOptions()
|
334 |
-
->setMultipleOptions( $aOptions[ $this->getOptionsStorageKey() ] );
|
335 |
-
$this->saveModOptions();
|
336 |
-
}
|
337 |
-
}
|
338 |
-
|
339 |
/**
|
340 |
* @return bool
|
341 |
*/
|
@@ -433,7 +420,7 @@ class BaseModCon extends Deprecated\Foundation {
|
|
433 |
* Hooked to the plugin's main plugin_shutdown action
|
434 |
*/
|
435 |
public function onPluginShutdown() {
|
436 |
-
if ( !$this->getCon()->
|
437 |
if ( rand( 1, 40 ) === 2 ) {
|
438 |
// cleanup databases randomly just in-case cron doesn't run.
|
439 |
$this->cleanupDatabases();
|
@@ -499,7 +486,7 @@ class BaseModCon extends Deprecated\Foundation {
|
|
499 |
*/
|
500 |
public function getEmailHandler() {
|
501 |
if ( is_null( self::$oEmailHandler ) ) {
|
502 |
-
self::$oEmailHandler = $this->getCon()->
|
503 |
}
|
504 |
return self::$oEmailHandler;
|
505 |
}
|
@@ -1165,15 +1152,10 @@ class BaseModCon extends Deprecated\Foundation {
|
|
1165 |
throw new \Exception( __( "You don't currently have permission to save settings.", 'wp-simple-firewall' ) );
|
1166 |
}
|
1167 |
$this->doSaveStandardOptions();
|
1168 |
-
$this->
|
1169 |
}
|
1170 |
|
1171 |
-
protected function
|
1172 |
-
return $this->getCon()->isPluginAdmin()
|
1173 |
-
&& check_admin_referer( $this->getCon()->getPluginPrefix() );
|
1174 |
-
}
|
1175 |
-
|
1176 |
-
protected function doExtraSubmitProcessing() {
|
1177 |
}
|
1178 |
|
1179 |
/**
|
@@ -1207,16 +1189,6 @@ class BaseModCon extends Deprecated\Foundation {
|
|
1207 |
return $this->getCon()->isPremiumActive();
|
1208 |
}
|
1209 |
|
1210 |
-
/**
|
1211 |
-
* UNUSED
|
1212 |
-
* Ensure that if an option is premium, it is never changed unless we have premium access
|
1213 |
-
*/
|
1214 |
-
protected function resetPremiumOptions() {
|
1215 |
-
if ( !$this->isPremium() ) {
|
1216 |
-
$this->getOptions()->resetPremiumOptsToDefault();
|
1217 |
-
}
|
1218 |
-
}
|
1219 |
-
|
1220 |
/**
|
1221 |
* @throws \Exception
|
1222 |
*/
|
@@ -1688,7 +1660,7 @@ class BaseModCon extends Deprecated\Foundation {
|
|
1688 |
}
|
1689 |
try {
|
1690 |
$oRndr = $this->getCon()->getRenderer();
|
1691 |
-
if ( $bUseTwig ) {
|
1692 |
$oRndr->setTemplateEngineTwig();
|
1693 |
}
|
1694 |
|
7 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules;
|
8 |
use FernleafSystems\Wordpress\Services\Services;
|
9 |
|
10 |
+
class BaseModCon {
|
11 |
|
12 |
use Modules\PluginControllerConsumer;
|
13 |
|
96 |
$nRunPriority = isset( $aModProps[ 'load_priority' ] ) ? $aModProps[ 'load_priority' ] : 100;
|
97 |
add_action( $this->prefix( 'run_processors' ), [ $this, 'onRunProcessors' ], $nRunPriority );
|
98 |
add_action( 'init', [ $this, 'onWpInit' ], 1 );
|
|
|
99 |
|
100 |
if ( $this->isModuleRequest() ) {
|
101 |
|
121 |
add_filter( $this->prefix( 'aggregate_all_plugin_options' ), [ $this, 'aggregateOptionsValues' ] );
|
122 |
|
123 |
add_filter( $this->prefix( 'register_admin_notices' ), [ $this, 'fRegisterAdminNotices' ] );
|
|
|
124 |
|
125 |
add_action( $this->prefix( 'daily_cron' ), [ $this, 'runDailyCron' ] );
|
126 |
add_action( $this->prefix( 'hourly_cron' ), [ $this, 'runHourlyCron' ] );
|
323 |
}
|
324 |
}
|
325 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
326 |
/**
|
327 |
* @return bool
|
328 |
*/
|
420 |
* Hooked to the plugin's main plugin_shutdown action
|
421 |
*/
|
422 |
public function onPluginShutdown() {
|
423 |
+
if ( !$this->getCon()->plugin_deleting ) {
|
424 |
if ( rand( 1, 40 ) === 2 ) {
|
425 |
// cleanup databases randomly just in-case cron doesn't run.
|
426 |
$this->cleanupDatabases();
|
486 |
*/
|
487 |
public function getEmailHandler() {
|
488 |
if ( is_null( self::$oEmailHandler ) ) {
|
489 |
+
self::$oEmailHandler = $this->getCon()->getModule( 'email' );
|
490 |
}
|
491 |
return self::$oEmailHandler;
|
492 |
}
|
1152 |
throw new \Exception( __( "You don't currently have permission to save settings.", 'wp-simple-firewall' ) );
|
1153 |
}
|
1154 |
$this->doSaveStandardOptions();
|
1155 |
+
$this->preProcessOptions();
|
1156 |
}
|
1157 |
|
1158 |
+
protected function preProcessOptions() {
|
|
|
|
|
|
|
|
|
|
|
1159 |
}
|
1160 |
|
1161 |
/**
|
1189 |
return $this->getCon()->isPremiumActive();
|
1190 |
}
|
1191 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1192 |
/**
|
1193 |
* @throws \Exception
|
1194 |
*/
|
1660 |
}
|
1661 |
try {
|
1662 |
$oRndr = $this->getCon()->getRenderer();
|
1663 |
+
if ( $bUseTwig || preg_match( '#^.*\.twig$#i', $sTemplate ) ) {
|
1664 |
$oRndr->setTemplateEngineTwig();
|
1665 |
}
|
1666 |
|
src/lib/src/Modules/Base/BaseProcessor.php
CHANGED
@@ -6,7 +6,7 @@ use FernleafSystems\Wordpress\Plugin\Shield\Deprecated;
|
|
6 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules;
|
7 |
use FernleafSystems\Wordpress\Services\Services;
|
8 |
|
9 |
-
class BaseProcessor
|
10 |
|
11 |
use Modules\ModConsumer;
|
12 |
|
@@ -53,6 +53,7 @@ class BaseProcessor extends Deprecated\Foundation {
|
|
53 |
*/
|
54 |
if ( Services::Request()->query( 'wp_service_worker', 0 ) != 1 ) {
|
55 |
add_action( 'wp_enqueue_scripts', [ $this, 'onWpEnqueueJs' ] );
|
|
|
56 |
}
|
57 |
|
58 |
$this->bHasExecuted = false;
|
6 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules;
|
7 |
use FernleafSystems\Wordpress\Services\Services;
|
8 |
|
9 |
+
class BaseProcessor {
|
10 |
|
11 |
use Modules\ModConsumer;
|
12 |
|
53 |
*/
|
54 |
if ( Services::Request()->query( 'wp_service_worker', 0 ) != 1 ) {
|
55 |
add_action( 'wp_enqueue_scripts', [ $this, 'onWpEnqueueJs' ] );
|
56 |
+
add_action( 'login_enqueue_scripts', [ $this, 'onWpEnqueueJs' ] );
|
57 |
}
|
58 |
|
59 |
$this->bHasExecuted = false;
|
src/lib/src/Modules/Base/BaseReporting.php
ADDED
@@ -0,0 +1,49 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Base;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting\Lib\Reports;
|
7 |
+
|
8 |
+
abstract class BaseReporting {
|
9 |
+
|
10 |
+
use ModConsumer;
|
11 |
+
|
12 |
+
/**
|
13 |
+
* @return Reports\BaseReporter[]
|
14 |
+
*/
|
15 |
+
public function getAlertReporters() {
|
16 |
+
return $this->assignMod( $this->enumAlertReporters() );
|
17 |
+
}
|
18 |
+
|
19 |
+
/**
|
20 |
+
* @return Reports\BaseReporter[]
|
21 |
+
*/
|
22 |
+
public function getInfoReporters() {
|
23 |
+
return $this->assignMod( $this->enumInfoReporters() );
|
24 |
+
}
|
25 |
+
|
26 |
+
/**
|
27 |
+
* @return Reports\BaseReporter[]
|
28 |
+
*/
|
29 |
+
protected function enumAlertReporters() {
|
30 |
+
return [];
|
31 |
+
}
|
32 |
+
|
33 |
+
/**
|
34 |
+
* @return Reports\BaseReporter[]
|
35 |
+
*/
|
36 |
+
protected function enumInfoReporters() {
|
37 |
+
return [];
|
38 |
+
}
|
39 |
+
|
40 |
+
/**
|
41 |
+
* @param Reports\BaseReporter[] $aReporters
|
42 |
+
* @return array
|
43 |
+
*/
|
44 |
+
protected function assignMod( $aReporters ) {
|
45 |
+
return array_map( function ( $oReporter ) {
|
46 |
+
return $oReporter->setMod( $this->getMod() );
|
47 |
+
}, $aReporters );
|
48 |
+
}
|
49 |
+
}
|
src/lib/src/Modules/Base/OneTimeExecute.php
ADDED
@@ -0,0 +1,32 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Base;
|
4 |
+
|
5 |
+
trait OneTimeExecute {
|
6 |
+
|
7 |
+
private $bExecuted = false;
|
8 |
+
|
9 |
+
/**
|
10 |
+
* @return bool
|
11 |
+
*/
|
12 |
+
protected function canRun() {
|
13 |
+
return true;
|
14 |
+
}
|
15 |
+
|
16 |
+
public function execute() {
|
17 |
+
if ( !$this->isAlreadyExecuted() && $this->canRun() ) {
|
18 |
+
$this->bExecuted = true;
|
19 |
+
$this->run();
|
20 |
+
}
|
21 |
+
}
|
22 |
+
|
23 |
+
/**
|
24 |
+
* @return bool
|
25 |
+
*/
|
26 |
+
protected function isAlreadyExecuted() {
|
27 |
+
return (bool)$this->bExecuted;
|
28 |
+
}
|
29 |
+
|
30 |
+
protected function run() {
|
31 |
+
}
|
32 |
+
}
|
src/lib/src/Modules/Base/Options.php
CHANGED
@@ -213,7 +213,7 @@ class Options {
|
|
213 |
|
214 |
/**
|
215 |
* Determines whether the given option key is a valid option
|
216 |
-
* @param string
|
217 |
* @return bool
|
218 |
*/
|
219 |
public function isValidOptionKey( $sOptionKey ) {
|
@@ -887,6 +887,16 @@ class Options {
|
|
887 |
}
|
888 |
break;
|
889 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
890 |
case 'email':
|
891 |
$bValid = empty( $mPotentialValue ) || Services::Data()->validEmail( $mPotentialValue );
|
892 |
break;
|
@@ -933,7 +943,14 @@ class Options {
|
|
933 |
* @return array
|
934 |
*/
|
935 |
protected function getVirtualCommonOptions() {
|
936 |
-
return [ 'dismissed_notices', 'ui_track', 'help_video_options' ];
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
937 |
}
|
938 |
|
939 |
/**
|
213 |
|
214 |
/**
|
215 |
* Determines whether the given option key is a valid option
|
216 |
+
* @param string $sOptionKey
|
217 |
* @return bool
|
218 |
*/
|
219 |
public function isValidOptionKey( $sOptionKey ) {
|
887 |
}
|
888 |
break;
|
889 |
|
890 |
+
case 'select':
|
891 |
+
$aPossible = array_map(
|
892 |
+
function ( $aPoss ) {
|
893 |
+
return $aPoss[ 'value_key' ];
|
894 |
+
},
|
895 |
+
$this->getOptProperty( $sOptKey, 'value_options' )
|
896 |
+
);
|
897 |
+
$bValid = in_array( $mPotentialValue, $aPossible );
|
898 |
+
break;
|
899 |
+
|
900 |
case 'email':
|
901 |
$bValid = empty( $mPotentialValue ) || Services::Data()->validEmail( $mPotentialValue );
|
902 |
break;
|
943 |
* @return array
|
944 |
*/
|
945 |
protected function getVirtualCommonOptions() {
|
946 |
+
return [ 'dismissed_notices', 'ui_track', 'help_video_options', 'xfer_excluded' ];
|
947 |
+
}
|
948 |
+
|
949 |
+
/**
|
950 |
+
* @return string[]
|
951 |
+
*/
|
952 |
+
public function getXferExcluded() {
|
953 |
+
return is_array( $this->getOpt( 'xfer_excluded' ) ) ? $this->getOpt( 'xfer_excluded' ) : [];
|
954 |
}
|
955 |
|
956 |
/**
|
src/lib/src/Modules/Base/Strings.php
CHANGED
@@ -100,7 +100,8 @@ class Strings {
|
|
100 |
|
101 |
'page_title' => 'Twig Page',
|
102 |
|
103 |
-
'wphashes_token'
|
|
|
104 |
],
|
105 |
$this->getAdditionalDisplayStrings()
|
106 |
);
|
100 |
|
101 |
'page_title' => 'Twig Page',
|
102 |
|
103 |
+
'wphashes_token' => 'WPHashes.com API Token',
|
104 |
+
'is_opt_importexport' => __( 'Is this option included with import/export?', 'wp-simple-firewall' ),
|
105 |
],
|
106 |
$this->getAdditionalDisplayStrings()
|
107 |
);
|
src/lib/src/Modules/BaseShield/ShieldProcessor.php
CHANGED
@@ -14,11 +14,6 @@ class ShieldProcessor extends Base\BaseProcessor {
|
|
14 |
*/
|
15 |
private static $bRecaptchaEnqueue = false;
|
16 |
|
17 |
-
/**
|
18 |
-
* @var bool
|
19 |
-
*/
|
20 |
-
private $bLogRequest;
|
21 |
-
|
22 |
/**
|
23 |
* Resets the object values to be re-used anew
|
24 |
*/
|
@@ -45,65 +40,6 @@ class ShieldProcessor extends Base\BaseProcessor {
|
|
45 |
return $bIsSubject;
|
46 |
}
|
47 |
|
48 |
-
/**
|
49 |
-
* @return bool
|
50 |
-
*/
|
51 |
-
protected function getRecaptchaTheme() {
|
52 |
-
/** @var \ICWP_WPSF_FeatureHandler_BaseWpsf $oFO */
|
53 |
-
$oFO = $this->getMod();
|
54 |
-
return $this->isRecaptchaInvisible() ? 'light' : $oFO->getGoogleRecaptchaStyle();
|
55 |
-
}
|
56 |
-
|
57 |
-
/**
|
58 |
-
* @return bool
|
59 |
-
*/
|
60 |
-
protected function getIfLogRequest() {
|
61 |
-
return isset( $this->bLogRequest ) ? (bool)$this->bLogRequest : !Services::WpGeneral()->isCron();
|
62 |
-
}
|
63 |
-
|
64 |
-
/**
|
65 |
-
* @param bool $bLog
|
66 |
-
* @return $this
|
67 |
-
*/
|
68 |
-
public function setIfLogRequest( $bLog ) {
|
69 |
-
$this->bLogRequest = $bLog;
|
70 |
-
return $this;
|
71 |
-
}
|
72 |
-
|
73 |
-
/**
|
74 |
-
* @return bool
|
75 |
-
*/
|
76 |
-
protected function isRecaptchaInvisible() {
|
77 |
-
/** @var \ICWP_WPSF_FeatureHandler_BaseWpsf $oFO */
|
78 |
-
$oFO = $this->getMod();
|
79 |
-
return ( $oFO->getGoogleRecaptchaStyle() == 'invisible' );
|
80 |
-
}
|
81 |
-
|
82 |
-
public function registerGoogleRecaptchaJs() {
|
83 |
-
$sJsUri = add_query_arg(
|
84 |
-
[
|
85 |
-
'hl' => $this->getGoogleRecaptchaLocale(),
|
86 |
-
'onload' => 'onLoadIcwpRecaptchaCallback',
|
87 |
-
'render' => 'explicit',
|
88 |
-
],
|
89 |
-
'https://www.google.com/recaptcha/api.js'
|
90 |
-
);
|
91 |
-
wp_register_script( self::RECAPTCHA_JS_HANDLE, $sJsUri, [], false, true );
|
92 |
-
wp_enqueue_script( self::RECAPTCHA_JS_HANDLE );
|
93 |
-
|
94 |
-
// This also gives us the chance to remove recaptcha before it's printed, if it isn't needed
|
95 |
-
add_action( 'wp_footer', [ $this, 'maybeDequeueRecaptcha' ], -100 );
|
96 |
-
add_action( 'login_footer', [ $this, 'maybeDequeueRecaptcha' ], -100 );
|
97 |
-
|
98 |
-
Services::Includes()
|
99 |
-
->addIncludeAttribute( self::RECAPTCHA_JS_HANDLE, 'async', 'async' )
|
100 |
-
->addIncludeAttribute( self::RECAPTCHA_JS_HANDLE, 'defer', 'defer' );
|
101 |
-
/**
|
102 |
-
* Change to recaptcha implementation now means
|
103 |
-
* 1 - the form will not submit unless the recaptcha has been executed (either invisible or manual)
|
104 |
-
*/
|
105 |
-
}
|
106 |
-
|
107 |
/**
|
108 |
* Filter used to collect plugin data for tracking. Fired from the plugin processor only if the option is enabled
|
109 |
* - it is not enabled by default.
|
@@ -126,36 +62,23 @@ class ShieldProcessor extends Base\BaseProcessor {
|
|
126 |
}
|
127 |
|
128 |
/**
|
129 |
-
* If recaptcha is required, it prints the necessary snippet and does not remove the enqueue
|
130 |
-
*
|
131 |
* @throws \Exception
|
|
|
132 |
*/
|
133 |
public function maybeDequeueRecaptcha() {
|
|
|
134 |
|
135 |
-
|
136 |
-
|
137 |
-
|
138 |
-
|
139 |
-
'snippets/google_recaptcha_js',
|
140 |
-
[
|
141 |
-
'sitekey' => $oMod->getGoogleRecaptchaSiteKey(),
|
142 |
-
'size' => $this->isRecaptchaInvisible() ? 'invisible' : '',
|
143 |
-
'theme' => $this->getRecaptchaTheme(),
|
144 |
-
'invis' => $this->isRecaptchaInvisible(),
|
145 |
-
]
|
146 |
-
|
147 |
-
);
|
148 |
-
}
|
149 |
-
else {
|
150 |
-
wp_dequeue_script( self::RECAPTCHA_JS_HANDLE );
|
151 |
-
}
|
152 |
}
|
153 |
|
154 |
/**
|
155 |
-
* @
|
156 |
*/
|
157 |
public function isRecaptchaEnqueue() {
|
158 |
-
return
|
159 |
}
|
160 |
|
161 |
/**
|
@@ -165,7 +88,22 @@ class ShieldProcessor extends Base\BaseProcessor {
|
|
165 |
* @return $this
|
166 |
*/
|
167 |
public function setRecaptchaToEnqueue() {
|
168 |
-
self::$bRecaptchaEnqueue = true;
|
169 |
return $this;
|
170 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
171 |
}
|
14 |
*/
|
15 |
private static $bRecaptchaEnqueue = false;
|
16 |
|
|
|
|
|
|
|
|
|
|
|
17 |
/**
|
18 |
* Resets the object values to be re-used anew
|
19 |
*/
|
40 |
return $bIsSubject;
|
41 |
}
|
42 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
43 |
/**
|
44 |
* Filter used to collect plugin data for tracking. Fired from the plugin processor only if the option is enabled
|
45 |
* - it is not enabled by default.
|
62 |
}
|
63 |
|
64 |
/**
|
|
|
|
|
65 |
* @throws \Exception
|
66 |
+
* @deprecated 9.0
|
67 |
*/
|
68 |
public function maybeDequeueRecaptcha() {
|
69 |
+
}
|
70 |
|
71 |
+
/**
|
72 |
+
* @deprecated 9.0
|
73 |
+
*/
|
74 |
+
public function registerGoogleRecaptchaJs() {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
75 |
}
|
76 |
|
77 |
/**
|
78 |
+
* @deprecated 9.0
|
79 |
*/
|
80 |
public function isRecaptchaEnqueue() {
|
81 |
+
return false;
|
82 |
}
|
83 |
|
84 |
/**
|
88 |
* @return $this
|
89 |
*/
|
90 |
public function setRecaptchaToEnqueue() {
|
|
|
91 |
return $this;
|
92 |
}
|
93 |
+
|
94 |
+
/**
|
95 |
+
* @return bool
|
96 |
+
* @deprecated 9.0
|
97 |
+
*/
|
98 |
+
protected function getRecaptchaTheme() {
|
99 |
+
return 'light';
|
100 |
+
}
|
101 |
+
|
102 |
+
/**
|
103 |
+
* @return bool
|
104 |
+
* @deprecated 9.0
|
105 |
+
*/
|
106 |
+
protected function isRecaptchaInvisible() {
|
107 |
+
return false;
|
108 |
+
}
|
109 |
}
|
src/lib/src/Modules/CommentsFilter/Options.php
CHANGED
@@ -9,28 +9,42 @@ class Options extends Base\ShieldOptions {
|
|
9 |
/**
|
10 |
* @return string[]
|
11 |
*/
|
12 |
-
public function
|
13 |
-
|
14 |
-
|
15 |
-
|
16 |
-
|
17 |
-
|
18 |
-
|
19 |
-
public function getDbTable_Spam() {
|
20 |
-
return $this->getCon()->prefixOption( $this->getDef( 'spambot_comments_filter_table_name' ) );
|
21 |
}
|
22 |
|
23 |
/**
|
24 |
* @return int
|
25 |
*/
|
26 |
public function getTokenCooldown() {
|
27 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
28 |
}
|
29 |
|
30 |
/**
|
31 |
* @return int
|
32 |
*/
|
33 |
public function getTokenExpireInterval() {
|
34 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
35 |
}
|
36 |
}
|
9 |
/**
|
10 |
* @return string[]
|
11 |
*/
|
12 |
+
public function getHumanSpamFilterItems() {
|
13 |
+
$aDefault = $this->getOptDefault( 'human_spam_items' );
|
14 |
+
$aItems = apply_filters(
|
15 |
+
$this->getCon()->prefix( 'human_spam_items' ),
|
16 |
+
$this->getOpt( 'human_spam_items', [] )
|
17 |
+
);
|
18 |
+
return is_array( $aItems ) ? array_intersect( $aDefault, $aItems ) : $aDefault;
|
|
|
|
|
19 |
}
|
20 |
|
21 |
/**
|
22 |
* @return int
|
23 |
*/
|
24 |
public function getTokenCooldown() {
|
25 |
+
if ( (int)$this->getOpt( 'comments_cooldown', 10 ) < 1 ) {
|
26 |
+
$this->resetOptToDefault( 'comments_cooldown' );
|
27 |
+
}
|
28 |
+
return (int)max( 0,
|
29 |
+
apply_filters(
|
30 |
+
$this->getCon()->prefix( 'comments_cooldown' ),
|
31 |
+
$this->getOpt( 'comments_cooldown', 10 )
|
32 |
+
)
|
33 |
+
);
|
34 |
}
|
35 |
|
36 |
/**
|
37 |
* @return int
|
38 |
*/
|
39 |
public function getTokenExpireInterval() {
|
40 |
+
if ( (int)$this->getOpt( 'comments_expire', 600 ) < 1 ) {
|
41 |
+
$this->resetOptToDefault( 'comments_expire' );
|
42 |
+
}
|
43 |
+
return (int)max( 0,
|
44 |
+
apply_filters(
|
45 |
+
$this->getCon()->prefix( 'comments_expire' ),
|
46 |
+
$this->getOpt( 'comments_expire', 600 )
|
47 |
+
)
|
48 |
+
);
|
49 |
}
|
50 |
}
|
src/lib/src/Modules/CommentsFilter/Scan/Human.php
CHANGED
@@ -2,6 +2,7 @@
|
|
2 |
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\CommentsFilter\Scan;
|
4 |
|
|
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
use FernleafSystems\Wordpress\Services\Services;
|
7 |
|
@@ -17,8 +18,8 @@ class Human {
|
|
17 |
* @return \WP_Error|true
|
18 |
*/
|
19 |
public function scan( $aCommData ) {
|
20 |
-
/** @var \
|
21 |
-
$
|
22 |
|
23 |
$aItemsToCheck = array_intersect_key(
|
24 |
[
|
@@ -29,7 +30,7 @@ class Human {
|
|
29 |
'ip_address' => Services::IP()->getRequestIp(),
|
30 |
'user_agent' => substr( Services::Request()->getUserAgent(), 0, 254 )
|
31 |
],
|
32 |
-
array_flip( $
|
33 |
);
|
34 |
|
35 |
$mResult = true;
|
2 |
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\CommentsFilter\Scan;
|
4 |
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\CommentsFilter;
|
6 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
7 |
use FernleafSystems\Wordpress\Services\Services;
|
8 |
|
18 |
* @return \WP_Error|true
|
19 |
*/
|
20 |
public function scan( $aCommData ) {
|
21 |
+
/** @var CommentsFilter\Options $oOpts */
|
22 |
+
$oOpts = $this->getOptions();
|
23 |
|
24 |
$aItemsToCheck = array_intersect_key(
|
25 |
[
|
30 |
'ip_address' => Services::IP()->getRequestIp(),
|
31 |
'user_agent' => substr( Services::Request()->getUserAgent(), 0, 254 )
|
32 |
],
|
33 |
+
array_flip( $oOpts->getHumanSpamFilterItems() )
|
34 |
);
|
35 |
|
36 |
$mResult = true;
|
src/lib/src/Modules/CommentsFilter/Scan/Scanner.php
CHANGED
@@ -3,7 +3,7 @@
|
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\CommentsFilter\Scan;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
-
use FernleafSystems\Wordpress\Plugin\Shield\Utilities
|
7 |
use FernleafSystems\Wordpress\Services\Services;
|
8 |
|
9 |
class Scanner {
|
@@ -128,11 +128,18 @@ class Scanner {
|
|
128 |
->scan( $aCommData[ 'comment_post_ID' ] );
|
129 |
}
|
130 |
|
131 |
-
if ( !is_wp_error( $mResult ) && $oMod->
|
132 |
try {
|
133 |
-
(
|
134 |
-
|
135 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
136 |
}
|
137 |
catch ( \Exception $oE ) {
|
138 |
$mResult = new \WP_Error( 'recaptcha', $oE->getMessage(), [] );
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\CommentsFilter\Scan;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Utilities;
|
7 |
use FernleafSystems\Wordpress\Services\Services;
|
8 |
|
9 |
class Scanner {
|
128 |
->scan( $aCommData[ 'comment_post_ID' ] );
|
129 |
}
|
130 |
|
131 |
+
if ( !is_wp_error( $mResult ) && $oMod->isEnabledCaptcha() ) {
|
132 |
try {
|
133 |
+
if ( $oMod->getCaptchaCfg()->provider === 'hcaptcha' ) {
|
134 |
+
( new Utilities\HCaptcha\TestRequest() )
|
135 |
+
->setMod( $oMod )
|
136 |
+
->test();
|
137 |
+
}
|
138 |
+
else {
|
139 |
+
( new Utilities\ReCaptcha\TestRequest() )
|
140 |
+
->setMod( $oMod )
|
141 |
+
->test();
|
142 |
+
}
|
143 |
}
|
144 |
catch ( \Exception $oE ) {
|
145 |
$mResult = new \WP_Error( 'recaptcha', $oE->getMessage(), [] );
|
src/lib/src/Modules/CommentsFilter/Strings.php
CHANGED
@@ -60,15 +60,6 @@ class Strings extends Base\Strings {
|
|
60 |
$sTitleShort = __( 'Bot SPAM', 'wp-simple-firewall' );
|
61 |
break;
|
62 |
|
63 |
-
case 'section_recaptcha' :
|
64 |
-
$sTitle = 'Google reCAPTCHA';
|
65 |
-
$sTitleShort = 'reCAPTCHA';
|
66 |
-
$aSummary = [
|
67 |
-
sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ), __( 'Adds Google reCAPTCHA to the Comment Forms.', 'wp-simple-firewall' ) ),
|
68 |
-
sprintf( '%s - %s', __( 'Recommendation', 'wp-simple-firewall' ), __( 'Keep this turned on.', 'wp-simple-firewall' ) ),
|
69 |
-
];
|
70 |
-
break;
|
71 |
-
|
72 |
case 'section_human_spam_filter' :
|
73 |
$sTitle = sprintf( __( '%s Comment SPAM Protection Filter', 'wp-simple-firewall' ), __( 'Human', 'wp-simple-firewall' ) );
|
74 |
$aSummary = [
|
@@ -96,6 +87,8 @@ class Strings extends Base\Strings {
|
|
96 |
* @throws \Exception
|
97 |
*/
|
98 |
public function getOptionStrings( $sOptKey ) {
|
|
|
|
|
99 |
$sModName = $this->getMod()->getMainFeatureName();
|
100 |
|
101 |
switch ( $sOptKey ) {
|
@@ -129,14 +122,8 @@ class Strings extends Base\Strings {
|
|
129 |
$sDescription = __( 'Scans the content of WordPress comments for keywords that are indicative of SPAM and marks the comment according to your preferred setting below.', 'wp-simple-firewall' );
|
130 |
break;
|
131 |
|
132 |
-
case 'enable_comments_human_spam_filter_items' :
|
133 |
-
$sName = __( 'Comment Filter Items', 'wp-simple-firewall' );
|
134 |
-
$sSummary = __( 'Select The Items To Scan For SPAM', 'wp-simple-firewall' );
|
135 |
-
$sDescription = __( 'When a user submits a comment, only the selected parts of the comment data will be scanned for SPAM content.', 'wp-simple-firewall' ).' '.sprintf( __( 'Recommended: %s', 'wp-simple-firewall' ), __( 'All', 'wp-simple-firewall' ) );
|
136 |
-
break;
|
137 |
-
|
138 |
case 'comments_default_action_human_spam' :
|
139 |
-
$sName = __( '
|
140 |
$sSummary = __( 'How To Categorise Comments When Identified To Be SPAM', 'wp-simple-firewall' );
|
141 |
$sDescription = sprintf( __( 'When a comment is detected as being SPAM from %s, the comment will be categorised based on this setting.', 'wp-simple-firewall' ), '<span style"text-decoration:underline;">'.__( 'a human commenter', 'wp-simple-firewall' ).'</span>' );
|
142 |
break;
|
@@ -149,23 +136,11 @@ class Strings extends Base\Strings {
|
|
149 |
break;
|
150 |
|
151 |
case 'comments_default_action_spam_bot' :
|
152 |
-
$sName = __( '
|
153 |
$sSummary = __( 'How To Categorise Comments When Identified To Be SPAM', 'wp-simple-firewall' );
|
154 |
$sDescription = sprintf( __( 'When a comment is detected as being SPAM from %s, the comment will be categorised based on this setting.', 'wp-simple-firewall' ), '<span style"text-decoration:underline;">'.__( 'an automatic bot', 'wp-simple-firewall' ).'</span>' );
|
155 |
break;
|
156 |
|
157 |
-
case 'comments_cooldown_interval' :
|
158 |
-
$sName = __( 'Comments Cooldown', 'wp-simple-firewall' );
|
159 |
-
$sSummary = __( 'Limit posting comments to X seconds after the page has loaded', 'wp-simple-firewall' );
|
160 |
-
$sDescription = __( "By forcing a comments cooldown period, you restrict a Spambot's ability to post multiple times to your posts.", 'wp-simple-firewall' );
|
161 |
-
break;
|
162 |
-
|
163 |
-
case 'comments_token_expire_interval' :
|
164 |
-
$sName = __( 'Comment Token Expire', 'wp-simple-firewall' );
|
165 |
-
$sSummary = __( 'A visitor has X seconds within which to post a comment', 'wp-simple-firewall' );
|
166 |
-
$sDescription = __( "Default: 600 seconds (10 minutes). Each visitor is given a unique 'Token' so they can comment. This restricts spambots, but we need to force these tokens to expire and at the same time not bother the visitors.", 'wp-simple-firewall' );
|
167 |
-
break;
|
168 |
-
|
169 |
case 'custom_message_checkbox' :
|
170 |
$sName = __( 'GASP Checkbox Message', 'wp-simple-firewall' );
|
171 |
$sSummary = __( 'If you want a custom checkbox message, please provide this here', 'wp-simple-firewall' );
|
@@ -173,16 +148,20 @@ class Strings extends Base\Strings {
|
|
173 |
.'<br />'.sprintf( __( 'Default Message: %s', 'wp-simple-firewall' ), __( "Please check the box to confirm you're not a spammer", 'wp-simple-firewall' ) );
|
174 |
break;
|
175 |
|
176 |
-
case 'enable_google_recaptcha_comments' :
|
177 |
-
$sName = 'Google reCAPTCHA';
|
178 |
-
$sSummary = __( 'Enable Google reCAPTCHA For Comments', 'wp-simple-firewall' );
|
179 |
-
$sDescription = __( 'Use Google reCAPTCHA on the comments form to prevent bot-spam comments.', 'wp-simple-firewall' );
|
180 |
-
break;
|
181 |
-
|
182 |
case 'google_recaptcha_style_comments' :
|
183 |
-
$sName = __( '
|
184 |
-
$sSummary = __( '
|
185 |
-
$sDescription =
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
186 |
break;
|
187 |
|
188 |
case 'custom_message_alert' :
|
60 |
$sTitleShort = __( 'Bot SPAM', 'wp-simple-firewall' );
|
61 |
break;
|
62 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
63 |
case 'section_human_spam_filter' :
|
64 |
$sTitle = sprintf( __( '%s Comment SPAM Protection Filter', 'wp-simple-firewall' ), __( 'Human', 'wp-simple-firewall' ) );
|
65 |
$aSummary = [
|
87 |
* @throws \Exception
|
88 |
*/
|
89 |
public function getOptionStrings( $sOptKey ) {
|
90 |
+
/** @var \ICWP_WPSF_FeatureHandler_CommentsFilter $oMod */
|
91 |
+
$oMod = $this->getMod();
|
92 |
$sModName = $this->getMod()->getMainFeatureName();
|
93 |
|
94 |
switch ( $sOptKey ) {
|
122 |
$sDescription = __( 'Scans the content of WordPress comments for keywords that are indicative of SPAM and marks the comment according to your preferred setting below.', 'wp-simple-firewall' );
|
123 |
break;
|
124 |
|
|
|
|
|
|
|
|
|
|
|
|
|
125 |
case 'comments_default_action_human_spam' :
|
126 |
+
$sName = __( 'SPAM Action', 'wp-simple-firewall' );
|
127 |
$sSummary = __( 'How To Categorise Comments When Identified To Be SPAM', 'wp-simple-firewall' );
|
128 |
$sDescription = sprintf( __( 'When a comment is detected as being SPAM from %s, the comment will be categorised based on this setting.', 'wp-simple-firewall' ), '<span style"text-decoration:underline;">'.__( 'a human commenter', 'wp-simple-firewall' ).'</span>' );
|
129 |
break;
|
136 |
break;
|
137 |
|
138 |
case 'comments_default_action_spam_bot' :
|
139 |
+
$sName = __( 'SPAM Action', 'wp-simple-firewall' );
|
140 |
$sSummary = __( 'How To Categorise Comments When Identified To Be SPAM', 'wp-simple-firewall' );
|
141 |
$sDescription = sprintf( __( 'When a comment is detected as being SPAM from %s, the comment will be categorised based on this setting.', 'wp-simple-firewall' ), '<span style"text-decoration:underline;">'.__( 'an automatic bot', 'wp-simple-firewall' ).'</span>' );
|
142 |
break;
|
143 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
144 |
case 'custom_message_checkbox' :
|
145 |
$sName = __( 'GASP Checkbox Message', 'wp-simple-firewall' );
|
146 |
$sSummary = __( 'If you want a custom checkbox message, please provide this here', 'wp-simple-firewall' );
|
148 |
.'<br />'.sprintf( __( 'Default Message: %s', 'wp-simple-firewall' ), __( "Please check the box to confirm you're not a spammer", 'wp-simple-firewall' ) );
|
149 |
break;
|
150 |
|
|
|
|
|
|
|
|
|
|
|
|
|
151 |
case 'google_recaptcha_style_comments' :
|
152 |
+
$sName = __( 'CAPTCHA', 'wp-simple-firewall' );
|
153 |
+
$sSummary = __( 'Enable CAPTCHA To Protect Against SPAM Comments', 'wp-simple-firewall' );
|
154 |
+
$sDescription = [
|
155 |
+
__( 'You can choose the CAPTCHA display format that best suits your site, including the newer Invisible CAPTCHA, when you upgrade to PRO.', 'wp-simple-firewall' )
|
156 |
+
];
|
157 |
+
if ( !$oMod->getCaptchaCfg()->ready ) {
|
158 |
+
$sDescription[] = sprintf( '<a href="%s">%s</a>',
|
159 |
+
$this->getCon()
|
160 |
+
->getModule_Plugin()
|
161 |
+
->getUrl_DirectLinkToSection( 'section_third_party_captcha' ),
|
162 |
+
__( 'Please remember to provide your CAPTCHA keys.', 'wp-simple-firewall' )
|
163 |
+
);
|
164 |
+
}
|
165 |
break;
|
166 |
|
167 |
case 'custom_message_alert' :
|
src/lib/src/Modules/Email/Strings.php
CHANGED
@@ -6,57 +6,4 @@ use FernleafSystems\Wordpress\Plugin\Shield\Modules\Base;
|
|
6 |
|
7 |
class Strings extends Base\Strings {
|
8 |
|
9 |
-
/**
|
10 |
-
* @param string $sSectionSlug
|
11 |
-
* @return array
|
12 |
-
* @throws \Exception
|
13 |
-
*/
|
14 |
-
public function getSectionStrings( $sSectionSlug ) {
|
15 |
-
$sModName = $this->getMod()->getMainFeatureName();
|
16 |
-
|
17 |
-
switch ( $sSectionSlug ) {
|
18 |
-
|
19 |
-
case 'section_email_options' :
|
20 |
-
$sTitle = __( 'Email Options', 'wp-simple-firewall' );
|
21 |
-
$sTitleShort = __( 'Email Options', 'wp-simple-firewall' );
|
22 |
-
$aSummary = [];
|
23 |
-
break;
|
24 |
-
|
25 |
-
default:
|
26 |
-
return parent::getSectionStrings( $sSectionSlug );
|
27 |
-
}
|
28 |
-
|
29 |
-
return [
|
30 |
-
'title' => $sTitle,
|
31 |
-
'title_short' => $sTitleShort,
|
32 |
-
'summary' => ( isset( $aSummary ) && is_array( $aSummary ) ) ? $aSummary : [],
|
33 |
-
];
|
34 |
-
}
|
35 |
-
|
36 |
-
/**
|
37 |
-
* @param string $sOptKey
|
38 |
-
* @return array
|
39 |
-
* @throws \Exception
|
40 |
-
*/
|
41 |
-
public function getOptionStrings( $sOptKey ) {
|
42 |
-
$sModName = $this->getMod()->getMainFeatureName();
|
43 |
-
|
44 |
-
switch ( $sOptKey ) {
|
45 |
-
|
46 |
-
case 'send_email_throttle_limit' :
|
47 |
-
$sName = __( 'Email Throttle Limit', 'wp-simple-firewall' );
|
48 |
-
$sSummary = __( 'Limit Emails Per Second', 'wp-simple-firewall' );
|
49 |
-
$sDescription = __( 'You throttle emails sent by this plugin by limiting the number of emails sent every second. This is useful in case you get hit by a bot attack. Zero (0) turns this off. Suggested: 10', 'wp-simple-firewall' );
|
50 |
-
break;
|
51 |
-
|
52 |
-
default:
|
53 |
-
return parent::getOptionStrings( $sOptKey );
|
54 |
-
}
|
55 |
-
|
56 |
-
return [
|
57 |
-
'name' => $sName,
|
58 |
-
'summary' => $sSummary,
|
59 |
-
'description' => $sDescription,
|
60 |
-
];
|
61 |
-
}
|
62 |
}
|
6 |
|
7 |
class Strings extends Base\Strings {
|
8 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
9 |
}
|
src/lib/src/Modules/Events/Lib/Reports/KeyStats.php
ADDED
@@ -0,0 +1,78 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Events\Lib\Reports;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Events;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Events as DBEvents;
|
7 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting\Lib\Reports\BaseReporter;
|
8 |
+
|
9 |
+
class KeyStats extends BaseReporter {
|
10 |
+
|
11 |
+
/**
|
12 |
+
* @inheritDoc
|
13 |
+
*/
|
14 |
+
public function build() {
|
15 |
+
$aAlerts = [];
|
16 |
+
|
17 |
+
/** @var \ICWP_WPSF_FeatureHandler_Events $oMod */
|
18 |
+
$oMod = $this->getMod();
|
19 |
+
/** @var DBEvents\Select $oSelEvts */
|
20 |
+
$oSelEvts = $oMod->getDbHandler_Events()->getQuerySelector();
|
21 |
+
/** @var Events\Strings $oStrings */
|
22 |
+
$oStrings = $oMod->getStrings();
|
23 |
+
|
24 |
+
$aEventKeys = [
|
25 |
+
'ip_offense',
|
26 |
+
'ip_blocked',
|
27 |
+
'conn_kill',
|
28 |
+
'firewall_block',
|
29 |
+
'bottrack_404',
|
30 |
+
'bottrack_fakewebcrawler',
|
31 |
+
'bottrack_linkcheese',
|
32 |
+
'bottrack_loginfailed',
|
33 |
+
'bottrack_logininvalid',
|
34 |
+
'bottrack_xmlrpc',
|
35 |
+
'spam_block_bot',
|
36 |
+
'spam_block_recaptcha',
|
37 |
+
'spam_block_human',
|
38 |
+
];
|
39 |
+
|
40 |
+
$oRep = $this->getReport();
|
41 |
+
|
42 |
+
$aCounts = [];
|
43 |
+
foreach ( $aEventKeys as $sEvent ) {
|
44 |
+
try {
|
45 |
+
$nCount = $oSelEvts
|
46 |
+
->filterByEvent( $sEvent )
|
47 |
+
->filterByBoundary( $oRep->interval_start_at, $oRep->interval_end_at )
|
48 |
+
->count();
|
49 |
+
if ( $nCount > 0 ) {
|
50 |
+
$aCounts[ $sEvent ] = [
|
51 |
+
'count' => $nCount,
|
52 |
+
'name' => $oStrings->getEventName( $sEvent ),
|
53 |
+
];
|
54 |
+
}
|
55 |
+
}
|
56 |
+
catch ( \Exception $oE ) {
|
57 |
+
}
|
58 |
+
}
|
59 |
+
|
60 |
+
if ( count( $aCounts ) > 0 ) {
|
61 |
+
$aAlerts[] = $this->getMod()->renderTemplate(
|
62 |
+
'/components/reports/mod/events/info_keystats.twig',
|
63 |
+
[
|
64 |
+
'vars' => [
|
65 |
+
'counts' => $aCounts
|
66 |
+
],
|
67 |
+
'strings' => [
|
68 |
+
'title' => __( 'Top Security Statistics', 'wp-simple-firewall' ),
|
69 |
+
],
|
70 |
+
'hrefs' => [
|
71 |
+
],
|
72 |
+
]
|
73 |
+
);
|
74 |
+
}
|
75 |
+
|
76 |
+
return $aAlerts;
|
77 |
+
}
|
78 |
+
}
|
src/lib/src/Modules/Events/Lib/Reports/ScanRepairs.php
ADDED
@@ -0,0 +1,67 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Events\Lib\Reports;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Events;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Events as DBEvents;
|
7 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Options;
|
8 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting\Lib\Reports\BaseReporter;
|
9 |
+
|
10 |
+
class ScanRepairs extends BaseReporter {
|
11 |
+
|
12 |
+
/**
|
13 |
+
* @inheritDoc
|
14 |
+
*/
|
15 |
+
public function build() {
|
16 |
+
$aAlerts = [];
|
17 |
+
|
18 |
+
/** @var \ICWP_WPSF_FeatureHandler_Events $oMod */
|
19 |
+
$oMod = $this->getMod();
|
20 |
+
/** @var DBEvents\Select $oSelEvts */
|
21 |
+
$oSelEvts = $oMod->getDbHandler_Events()->getQuerySelector();
|
22 |
+
/** @var Events\Strings $oStrings */
|
23 |
+
$oStrings = $oMod->getStrings();
|
24 |
+
|
25 |
+
$oRep = $this->getReport();
|
26 |
+
|
27 |
+
$aCounts = [];
|
28 |
+
|
29 |
+
/** @var Options $oHGOptions */
|
30 |
+
$oHGOptions = $this->getCon()->getModule_HackGuard()->getOptions();
|
31 |
+
foreach ( $oHGOptions->getScanSlugs() as $sScan ) {
|
32 |
+
try {
|
33 |
+
$sEvt = $sScan.'_item_repair_success';
|
34 |
+
$nCount = $oSelEvts
|
35 |
+
->filterByEvent( $sEvt )
|
36 |
+
->filterByBoundary( $oRep->interval_start_at, $oRep->interval_end_at )
|
37 |
+
->count();
|
38 |
+
if ( $nCount > 0 ) {
|
39 |
+
$aCounts[ $sScan ] = [
|
40 |
+
'count' => $nCount,
|
41 |
+
'name' => $oStrings->getEventName( $sEvt ),
|
42 |
+
];
|
43 |
+
}
|
44 |
+
}
|
45 |
+
catch ( \Exception $oE ) {
|
46 |
+
}
|
47 |
+
}
|
48 |
+
|
49 |
+
if ( count( $aCounts ) > 0 ) {
|
50 |
+
$aAlerts[] = $this->getMod()->renderTemplate(
|
51 |
+
'/components/reports/mod/events/info_keystats.twig',
|
52 |
+
[
|
53 |
+
'vars' => [
|
54 |
+
'counts' => $aCounts
|
55 |
+
],
|
56 |
+
'strings' => [
|
57 |
+
'title' => __( 'Scanner Repairs', 'wp-simple-firewall' ),
|
58 |
+
],
|
59 |
+
'hrefs' => [
|
60 |
+
],
|
61 |
+
]
|
62 |
+
);
|
63 |
+
}
|
64 |
+
|
65 |
+
return $aAlerts;
|
66 |
+
}
|
67 |
+
}
|
src/lib/src/Modules/Events/Lib/StatsWriter.php
CHANGED
@@ -26,7 +26,7 @@ class StatsWriter extends EventsListener {
|
|
26 |
}
|
27 |
|
28 |
protected function onShutdown() {
|
29 |
-
if ( !$this->getCon()->
|
30 |
/** @var Handler $oDbH */
|
31 |
$oDbH = $this->getDbHandler();
|
32 |
$oDbH->commitEvents( $this->getEventStats() );
|
26 |
}
|
27 |
|
28 |
protected function onShutdown() {
|
29 |
+
if ( !$this->getCon()->plugin_deleting ) {
|
30 |
/** @var Handler $oDbH */
|
31 |
$oDbH = $this->getDbHandler();
|
32 |
$oDbH->commitEvents( $this->getEventStats() );
|
src/lib/src/Modules/Events/Reporting.php
ADDED
@@ -0,0 +1,27 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Events;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Base\BaseReporting;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Events\Lib\Reports;
|
7 |
+
|
8 |
+
class Reporting extends BaseReporting {
|
9 |
+
|
10 |
+
/**
|
11 |
+
* @inheritDoc
|
12 |
+
*/
|
13 |
+
protected function enumAlertReporters() {
|
14 |
+
return [
|
15 |
+
new Reports\ScanRepairs(),
|
16 |
+
];
|
17 |
+
}
|
18 |
+
|
19 |
+
/**
|
20 |
+
* @inheritDoc
|
21 |
+
*/
|
22 |
+
protected function enumInfoReporters() {
|
23 |
+
return [
|
24 |
+
new Reports\KeyStats(),
|
25 |
+
];
|
26 |
+
}
|
27 |
+
}
|
src/lib/src/Modules/Events/Strings.php
CHANGED
@@ -29,8 +29,8 @@ class Strings extends Base\Strings {
|
|
29 |
'whitelist_site_added' => __( 'Whitelist Site Added', 'wp-simple-firewall' ),
|
30 |
'whitelist_site_removed' => __( 'Whitelist Site Removed', 'wp-simple-firewall' ),
|
31 |
'master_url_set' => __( 'Master Site URL Set', 'wp-simple-firewall' ),
|
32 |
-
'recaptcha_success' => __( '
|
33 |
-
'recaptcha_fail' => __( '
|
34 |
'key_success' => __( 'Security Admin Key Authentication Success', 'wp-simple-firewall' ),
|
35 |
'key_fail' => __( 'Security Admin Key Authentication Failed', 'wp-simple-firewall' ),
|
36 |
'custom_offense' => __( 'Custom Offense', 'wp-simple-firewall' ),
|
@@ -138,18 +138,18 @@ class Strings extends Base\Strings {
|
|
138 |
__( 'Scan Item Discovered', 'wp-simple-firewall' ),
|
139 |
__( 'Vulnerabilities', 'wp-simple-firewall' )
|
140 |
),
|
141 |
-
'apc_item_repair_success' => __( '', 'wp-simple-firewall' ),
|
142 |
-
'apc_item_repair_fail' => __( '', 'wp-simple-firewall' ),
|
143 |
-
'mal_item_repair_success' => __( '', 'wp-simple-firewall' ),
|
144 |
-
'mal_item_repair_fail' => __( '', 'wp-simple-firewall' ),
|
145 |
-
'ptg_item_repair_success' => __( '', 'wp-simple-firewall' ),
|
146 |
-
'ptg_item_repair_fail' => __( '', 'wp-simple-firewall' ),
|
147 |
-
'ufc_item_repair_success' => __( '', 'wp-simple-firewall' ),
|
148 |
-
'ufc_item_repair_fail' => __( '', 'wp-simple-firewall' ),
|
149 |
-
'wcf_item_repair_success' => __( '', 'wp-simple-firewall' ),
|
150 |
-
'wcf_item_repair_fail' => __( '', 'wp-simple-firewall' ),
|
151 |
-
'wpv_item_repair_success' => __( '', 'wp-simple-firewall' ),
|
152 |
-
'wpv_item_repair_fail' => __( '', 'wp-simple-firewall' ),
|
153 |
'2fa_backupcode_verified' => __( '', 'wp-simple-firewall' ),
|
154 |
'2fa_backupcode_fail' => __( '', 'wp-simple-firewall' ),
|
155 |
'2fa_email_verified' => __( '', 'wp-simple-firewall' ),
|
29 |
'whitelist_site_added' => __( 'Whitelist Site Added', 'wp-simple-firewall' ),
|
30 |
'whitelist_site_removed' => __( 'Whitelist Site Removed', 'wp-simple-firewall' ),
|
31 |
'master_url_set' => __( 'Master Site URL Set', 'wp-simple-firewall' ),
|
32 |
+
'recaptcha_success' => __( 'CAPTCHA Test Success', 'wp-simple-firewall' ),
|
33 |
+
'recaptcha_fail' => __( 'CAPTCHA Test Fail', 'wp-simple-firewall' ),
|
34 |
'key_success' => __( 'Security Admin Key Authentication Success', 'wp-simple-firewall' ),
|
35 |
'key_fail' => __( 'Security Admin Key Authentication Failed', 'wp-simple-firewall' ),
|
36 |
'custom_offense' => __( 'Custom Offense', 'wp-simple-firewall' ),
|
138 |
__( 'Scan Item Discovered', 'wp-simple-firewall' ),
|
139 |
__( 'Vulnerabilities', 'wp-simple-firewall' )
|
140 |
),
|
141 |
+
'apc_item_repair_success' => __( 'Abandoned Plugin Repair Success', 'wp-simple-firewall' ),
|
142 |
+
'apc_item_repair_fail' => __( 'Abandoned Plugin Repair Failure', 'wp-simple-firewall' ),
|
143 |
+
'mal_item_repair_success' => __( 'Malware File Repair Success', 'wp-simple-firewall' ),
|
144 |
+
'mal_item_repair_fail' => __( 'Malware File Repair Failure', 'wp-simple-firewall' ),
|
145 |
+
'ptg_item_repair_success' => __( 'Plugin/Theme File Repair Success', 'wp-simple-firewall' ),
|
146 |
+
'ptg_item_repair_fail' => __( 'Plugin/Theme File Repair Failure', 'wp-simple-firewall' ),
|
147 |
+
'ufc_item_repair_success' => __( 'Unrecognised File Deleted Success', 'wp-simple-firewall' ),
|
148 |
+
'ufc_item_repair_fail' => __( 'Unrecognised File Deleted Failure', 'wp-simple-firewall' ),
|
149 |
+
'wcf_item_repair_success' => __( 'WordPress Core File Repair Success', 'wp-simple-firewall' ),
|
150 |
+
'wcf_item_repair_fail' => __( 'WordPress Core File Repair Failure', 'wp-simple-firewall' ),
|
151 |
+
'wpv_item_repair_success' => __( 'Vulnerable WordPress Plugin Repair Success', 'wp-simple-firewall' ),
|
152 |
+
'wpv_item_repair_fail' => __( 'Vulnerable WordPress Plugin Repair Failure', 'wp-simple-firewall' ),
|
153 |
'2fa_backupcode_verified' => __( '', 'wp-simple-firewall' ),
|
154 |
'2fa_backupcode_fail' => __( '', 'wp-simple-firewall' ),
|
155 |
'2fa_email_verified' => __( '', 'wp-simple-firewall' ),
|
src/lib/src/Modules/Firewall/Options.php
CHANGED
@@ -6,6 +6,21 @@ use FernleafSystems\Wordpress\Plugin\Shield\Modules\Base;
|
|
6 |
|
7 |
class Options extends Base\ShieldOptions {
|
8 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
9 |
/**
|
10 |
* @return bool
|
11 |
*/
|
6 |
|
7 |
class Options extends Base\ShieldOptions {
|
8 |
|
9 |
+
/**
|
10 |
+
* @return array
|
11 |
+
*/
|
12 |
+
public function getCustomWhitelist() {
|
13 |
+
$aW = $this->getOpt( 'page_params_whitelist', [] );
|
14 |
+
return is_array( $aW ) ? $aW : [];
|
15 |
+
}
|
16 |
+
|
17 |
+
/**
|
18 |
+
* @return bool
|
19 |
+
*/
|
20 |
+
public function isIgnoreAdmin() {
|
21 |
+
return $this->isOpt( 'whitelist_admins', 'Y' );
|
22 |
+
}
|
23 |
+
|
24 |
/**
|
25 |
* @return bool
|
26 |
*/
|
src/lib/src/Modules/HackGuard/AjaxHandler.php
CHANGED
@@ -3,6 +3,8 @@
|
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
|
|
|
|
6 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Scan;
|
7 |
use FernleafSystems\Wordpress\Services\Services;
|
8 |
|
@@ -49,6 +51,14 @@ class AjaxHandler extends Shield\Modules\Base\AjaxHandlerShield {
|
|
49 |
$aResponse = $this->ajaxExec_PluginReinstall();
|
50 |
break;
|
51 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
52 |
default:
|
53 |
$aResponse = parent::processAjaxAction( $sAction );
|
54 |
}
|
@@ -114,6 +124,139 @@ class AjaxHandler extends Shield\Modules\Base\AjaxHandlerShield {
|
|
114 |
];
|
115 |
}
|
116 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
117 |
/**
|
118 |
* @return array
|
119 |
*/
|
@@ -199,7 +342,7 @@ class AjaxHandler extends Shield\Modules\Base\AjaxHandlerShield {
|
|
199 |
}
|
200 |
else {
|
201 |
// rescan
|
202 |
-
$oMod->
|
203 |
$sMessage .= ' '.__( 'Rescanning', 'wp-simple-firewall' ).' ...';
|
204 |
}
|
205 |
}
|
@@ -227,7 +370,7 @@ class AjaxHandler extends Shield\Modules\Base\AjaxHandlerShield {
|
|
227 |
/** @var Shield\Databases\ScanQueue\Select $oSel */
|
228 |
$oSel = $oMod->getDbHandler_ScanQueue()->getQuerySelector();
|
229 |
|
230 |
-
$oQueCon = $oMod->
|
231 |
$sCurrent = $oSel->getCurrentScan();
|
232 |
$bHasCurrent = !empty( $sCurrent );
|
233 |
if ( $bHasCurrent ) {
|
@@ -242,7 +385,7 @@ class AjaxHandler extends Shield\Modules\Base\AjaxHandlerShield {
|
|
242 |
'running' => $oQueCon->getScansRunningStates(),
|
243 |
'vars' => [
|
244 |
'progress_html' => $oMod->renderTemplate(
|
245 |
-
'/wpadmin_pages/insights/scans/
|
246 |
[
|
247 |
'current_scan' => __( 'Current Scan', 'wp-simple-firewall' ),
|
248 |
'scan' => $sCurrentScan,
|
@@ -270,7 +413,7 @@ class AjaxHandler extends Shield\Modules\Base\AjaxHandlerShield {
|
|
270 |
$sMessage = __( 'No scans were selected', 'wp-simple-firewall' );
|
271 |
$aFormParams = $this->getAjaxFormParams();
|
272 |
|
273 |
-
$oScanCon = $oMod->
|
274 |
|
275 |
if ( !empty( $aFormParams ) ) {
|
276 |
$aSelectedScans = array_keys( $aFormParams );
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases;
|
7 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker;
|
8 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Scan;
|
9 |
use FernleafSystems\Wordpress\Services\Services;
|
10 |
|
51 |
$aResponse = $this->ajaxExec_PluginReinstall();
|
52 |
break;
|
53 |
|
54 |
+
case 'filelocker_showdiff':
|
55 |
+
$aResponse = $this->ajaxExec_FileLockerShowDiff();
|
56 |
+
break;
|
57 |
+
|
58 |
+
case 'filelocker_fileaction':
|
59 |
+
$aResponse = $this->ajaxExec_FileLockerFileAction();
|
60 |
+
break;
|
61 |
+
|
62 |
default:
|
63 |
$aResponse = parent::processAjaxAction( $sAction );
|
64 |
}
|
124 |
];
|
125 |
}
|
126 |
|
127 |
+
/**
|
128 |
+
* @return array
|
129 |
+
*/
|
130 |
+
private function ajaxExec_FileLockerShowDiff() {
|
131 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
132 |
+
$oMod = $this->getMod();
|
133 |
+
$oFLCon = $oMod->getFileLocker();
|
134 |
+
$oFS = Services::WpFs();
|
135 |
+
|
136 |
+
$nRID = Services::Request()->post( 'rid' );
|
137 |
+
$aData = [
|
138 |
+
'error' => '',
|
139 |
+
'success' => false,
|
140 |
+
'flags' => [
|
141 |
+
'has_diff' => false,
|
142 |
+
],
|
143 |
+
'html' => [
|
144 |
+
'diff' => '',
|
145 |
+
],
|
146 |
+
'vars' => [
|
147 |
+
'rid' => $nRID,
|
148 |
+
],
|
149 |
+
'strings' => [
|
150 |
+
'no_changes' => __( 'There have been no changes to the selected file.' ),
|
151 |
+
'please_review' => __( 'Please review the changes below and accept them, or restore the original file contents.' ),
|
152 |
+
'butt_restore' => __( 'Restore File' ),
|
153 |
+
'butt_accept' => __( 'Accept Changes' ),
|
154 |
+
'file_name' => __( 'Name' ),
|
155 |
+
'file_size' => __( 'File Size' ),
|
156 |
+
'locked_file' => __( 'Locked File' ),
|
157 |
+
'modified_file' => __( 'Modified File' ),
|
158 |
+
'locked' => __( 'Locked' ),
|
159 |
+
'modified' => __( 'Modified' ),
|
160 |
+
'download' => __( 'Download' ),
|
161 |
+
'modified_at' => __( 'Modified' ),
|
162 |
+
'file_content_original' => __( 'Original File Content' ),
|
163 |
+
'file_content_current' => __( 'Current File Content' ),
|
164 |
+
'download_original' => __( 'Download Original' ),
|
165 |
+
'download_modified' => __( 'Download Modified' ),
|
166 |
+
'file_download' => __( 'File Download' ),
|
167 |
+
'file_info' => __( 'File Info' ),
|
168 |
+
'file_accept' => __( 'File Accept' ),
|
169 |
+
'file_accept_checkbox' => __( 'Are you sure you want to keep the file changes?' ),
|
170 |
+
'file_restore' => __( 'File Restore' ),
|
171 |
+
'file_restore_checkbox' => __( 'Are you sure you want to restore the original file contents?' ),
|
172 |
+
'file_restore_button' => __( 'Are you sure you want to restore the original file contents?' ),
|
173 |
+
]
|
174 |
+
];
|
175 |
+
try {
|
176 |
+
$oCarb = Services::Request()->carbon( true );
|
177 |
+
$aData[ 'html' ][ 'diff' ] = ( new FileLocker\Ops\PerformAction() )
|
178 |
+
->setMod( $this->getMod() )
|
179 |
+
->run( $nRID, 'diff' );
|
180 |
+
$oLock = $oFLCon->getFileLock( $nRID );
|
181 |
+
$aData[ 'ajax' ] = $oFLCon->createFileDownloadLinks( $oLock );
|
182 |
+
$aData[ 'flags' ][ 'has_diff' ] = !empty( $aData[ 'html' ][ 'diff' ] );
|
183 |
+
$aData[ 'vars' ][ 'locked_at' ] = $oCarb->setTimestamp( $oLock->updated_at )->diffForHumans();
|
184 |
+
$aData[ 'vars' ][ 'modified_at' ] = $oCarb->setTimestamp( $oLock->detected_at )->diffForHumans();
|
185 |
+
$aData[ 'vars' ][ 'file_size_locked' ] = $this->formatBytes( strlen(
|
186 |
+
( new FileLocker\Ops\ReadOriginalFileContent() )
|
187 |
+
->setMod( $oMod )
|
188 |
+
->run( $oLock )
|
189 |
+
), 3 );
|
190 |
+
$aData[ 'vars' ][ 'file_size_modified' ] = $oFS->exists( $oLock->file ) ? $this->formatBytes( $oFS->getFileSize( $oLock->file ), 3 ) : 0;
|
191 |
+
$aData[ 'vars' ][ 'file_name' ] = basename( $oLock->file );
|
192 |
+
$aData[ 'success' ] = true;
|
193 |
+
}
|
194 |
+
catch ( \Exception $oE ) {
|
195 |
+
$aData[ 'error' ] = $oE->getMessage();
|
196 |
+
};
|
197 |
+
|
198 |
+
return [
|
199 |
+
'success' => $aData[ 'success' ],
|
200 |
+
'message' => $aData[ 'error' ],
|
201 |
+
'html' => $this->getMod()
|
202 |
+
->renderTemplate(
|
203 |
+
'/wpadmin_pages/insights/scans/realtime/file_locker/file_diff.twig',
|
204 |
+
$aData,
|
205 |
+
true
|
206 |
+
)
|
207 |
+
];
|
208 |
+
}
|
209 |
+
|
210 |
+
/**
|
211 |
+
* https://stackoverflow.com/questions/2510434/format-bytes-to-kilobytes-megabytes-gigabytes
|
212 |
+
* @param $bytes
|
213 |
+
* @param int $precision
|
214 |
+
* @return string
|
215 |
+
*/
|
216 |
+
private function formatBytes( $bytes, $precision = 2 ) {
|
217 |
+
$units = [ 'B', 'KB', 'MB', 'GB', 'TB' ];
|
218 |
+
|
219 |
+
$bytes = max( $bytes, 0 );
|
220 |
+
$pow = floor( ( $bytes ? log( $bytes ) : 0 )/log( 1024 ) );
|
221 |
+
$pow = min( $pow, count( $units ) - 1 );
|
222 |
+
|
223 |
+
// Uncomment one of the following alternatives
|
224 |
+
$bytes /= pow( 1024, $pow );
|
225 |
+
// $bytes /= (1 << (10 * $pow));
|
226 |
+
|
227 |
+
return round( $bytes, $precision ).' '.$units[ $pow ];
|
228 |
+
}
|
229 |
+
|
230 |
+
/**
|
231 |
+
* @return array
|
232 |
+
*/
|
233 |
+
private function ajaxExec_FileLockerFileAction() {
|
234 |
+
$oReq = Services::Request();
|
235 |
+
$bSuccess = false;
|
236 |
+
|
237 |
+
if ( $oReq->post( 'confirmed' ) == '1' ) {
|
238 |
+
$nRID = $oReq->post( 'rid' );
|
239 |
+
$sAction = $oReq->post( 'file_action' );
|
240 |
+
try {
|
241 |
+
$bSuccess = ( new FileLocker\Ops\PerformAction() )
|
242 |
+
->setMod( $this->getMod() )
|
243 |
+
->run( $nRID, $sAction );
|
244 |
+
$sMessage = __( 'Requested action completed successfully.', 'wp-simple-firewall' );
|
245 |
+
}
|
246 |
+
catch ( \Exception $oE ) {
|
247 |
+
$sMessage = __( 'Requested action failed.', 'wp-simple-firewall' );
|
248 |
+
}
|
249 |
+
}
|
250 |
+
else {
|
251 |
+
$sMessage = __( 'Please check the box to confirm this action', 'wp-simple-firewall' );
|
252 |
+
}
|
253 |
+
|
254 |
+
return [
|
255 |
+
'success' => $bSuccess,
|
256 |
+
'message' => $sMessage,
|
257 |
+
];
|
258 |
+
}
|
259 |
+
|
260 |
/**
|
261 |
* @return array
|
262 |
*/
|
342 |
}
|
343 |
else {
|
344 |
// rescan
|
345 |
+
$oMod->getScanQueueController()->startScans( $aScanSlugs );
|
346 |
$sMessage .= ' '.__( 'Rescanning', 'wp-simple-firewall' ).' ...';
|
347 |
}
|
348 |
}
|
370 |
/** @var Shield\Databases\ScanQueue\Select $oSel */
|
371 |
$oSel = $oMod->getDbHandler_ScanQueue()->getQuerySelector();
|
372 |
|
373 |
+
$oQueCon = $oMod->getScanQueueController();
|
374 |
$sCurrent = $oSel->getCurrentScan();
|
375 |
$bHasCurrent = !empty( $sCurrent );
|
376 |
if ( $bHasCurrent ) {
|
385 |
'running' => $oQueCon->getScansRunningStates(),
|
386 |
'vars' => [
|
387 |
'progress_html' => $oMod->renderTemplate(
|
388 |
+
'/wpadmin_pages/insights/scans/modal/progress_snippet.twig',
|
389 |
[
|
390 |
'current_scan' => __( 'Current Scan', 'wp-simple-firewall' ),
|
391 |
'scan' => $sCurrentScan,
|
413 |
$sMessage = __( 'No scans were selected', 'wp-simple-firewall' );
|
414 |
$aFormParams = $this->getAjaxFormParams();
|
415 |
|
416 |
+
$oScanCon = $oMod->getScanQueueController();
|
417 |
|
418 |
if ( !empty( $aFormParams ) ) {
|
419 |
$aSelectedScans = array_keys( $aFormParams );
|
src/lib/src/Modules/HackGuard/Lib/FileLocker/File.php
ADDED
@@ -0,0 +1,67 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker;
|
4 |
+
|
5 |
+
use FernleafSystems\Utilities\Data\Adapter\StdClassAdapter;
|
6 |
+
use FernleafSystems\Wordpress\Services\Services;
|
7 |
+
|
8 |
+
/**
|
9 |
+
* Class BaseFile
|
10 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker
|
11 |
+
* @property string $dir
|
12 |
+
* @property string $file
|
13 |
+
* @property int $max_levels
|
14 |
+
* @property int $max_paths
|
15 |
+
*/
|
16 |
+
class File {
|
17 |
+
|
18 |
+
use StdClassAdapter;
|
19 |
+
|
20 |
+
public function __construct( $sFilename, $sDir = ABSPATH ) {
|
21 |
+
$this->file = $sFilename;
|
22 |
+
$this->dir = wp_normalize_path( $sDir );
|
23 |
+
}
|
24 |
+
|
25 |
+
/**
|
26 |
+
* @return string[]
|
27 |
+
*/
|
28 |
+
public function getExistingPossiblePaths() {
|
29 |
+
$aPaths = array_filter(
|
30 |
+
$this->getPossiblePaths(),
|
31 |
+
function ( $sPath ) {
|
32 |
+
return Services::WpFs()->isFile( $sPath );
|
33 |
+
}
|
34 |
+
);
|
35 |
+
|
36 |
+
if ( (int)$this->max_paths > 0 ) {
|
37 |
+
$aPaths = array_slice( $aPaths, 0, $this->max_paths );
|
38 |
+
}
|
39 |
+
return $aPaths;
|
40 |
+
}
|
41 |
+
|
42 |
+
/**
|
43 |
+
* @return string[]
|
44 |
+
*/
|
45 |
+
public function getPossiblePaths() {
|
46 |
+
$aPossible = [];
|
47 |
+
$nLimiter = 1;
|
48 |
+
$sDir = realpath( $this->dir );
|
49 |
+
do {
|
50 |
+
if ( empty( $sDir ) ) {
|
51 |
+
break;
|
52 |
+
}
|
53 |
+
$aPossible[] = path_join( $sDir, $this->file );
|
54 |
+
$sDir = realpath( dirname( $sDir ) );
|
55 |
+
$nLimiter++;
|
56 |
+
} while ( $nLimiter <= $this->getMaxDirLevels() );
|
57 |
+
|
58 |
+
return $aPossible;
|
59 |
+
}
|
60 |
+
|
61 |
+
/**
|
62 |
+
* @return int
|
63 |
+
*/
|
64 |
+
protected function getMaxDirLevels() {
|
65 |
+
return (int)max( 1, (int)$this->max_levels );
|
66 |
+
}
|
67 |
+
}
|
src/lib/src/Modules/HackGuard/Lib/FileLocker/FileLockerController.php
ADDED
@@ -0,0 +1,184 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\FileLocker;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules;
|
7 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard;
|
8 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib;
|
9 |
+
use FernleafSystems\Wordpress\Services\Services;
|
10 |
+
|
11 |
+
class FileLockerController {
|
12 |
+
|
13 |
+
use Modules\ModConsumer;
|
14 |
+
use Modules\Base\OneTimeExecute;
|
15 |
+
|
16 |
+
/**
|
17 |
+
* @return bool
|
18 |
+
*/
|
19 |
+
protected function canRun() {
|
20 |
+
/** @var HackGuard\Options $oOpts */
|
21 |
+
$oOpts = $this->getOptions();
|
22 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
23 |
+
$oMod = $this->getMod();
|
24 |
+
return ( count( $oOpts->getFilesToLock() ) > 0 )
|
25 |
+
&& $this->getCon()
|
26 |
+
->getModule_Plugin()
|
27 |
+
->getShieldNetApiController()
|
28 |
+
->canHandshake()
|
29 |
+
&& $oMod->getDbHandler_FileLocker()->isTable();
|
30 |
+
}
|
31 |
+
|
32 |
+
protected function run() {
|
33 |
+
add_action( $this->getCon()->prefix( 'plugin_shutdown' ), function () {
|
34 |
+
if ( !$this->getCon()->plugin_deactivating ) {
|
35 |
+
if ( $this->getOptions()->isOptChanged( 'file_locker' ) ) {
|
36 |
+
$this->deleteAllLocks();
|
37 |
+
}
|
38 |
+
else {
|
39 |
+
$this->runAnalysis();
|
40 |
+
}
|
41 |
+
}
|
42 |
+
} );
|
43 |
+
}
|
44 |
+
|
45 |
+
/**
|
46 |
+
* @return int
|
47 |
+
*/
|
48 |
+
public function countProblems() {
|
49 |
+
return count( ( new Ops\LoadFileLocks() )
|
50 |
+
->setMod( $this->getMod() )
|
51 |
+
->withProblems() );
|
52 |
+
}
|
53 |
+
|
54 |
+
/**
|
55 |
+
* @param FileLocker\EntryVO $oVO
|
56 |
+
* @return string[]
|
57 |
+
*/
|
58 |
+
public function createFileDownloadLinks( $oVO ) {
|
59 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
60 |
+
$oMod = $this->getMod();
|
61 |
+
$aLinks = [];
|
62 |
+
foreach ( [ 'original', 'current' ] as $sType ) {
|
63 |
+
$aActionNonce = $oMod->getNonceActionData( 'filelocker_download_'.$sType );
|
64 |
+
$aActionNonce[ 'rid' ] = $oVO->id;
|
65 |
+
$aActionNonce[ 'rand' ] = rand();
|
66 |
+
$aLinks[ $sType ] = add_query_arg( $aActionNonce, $oMod->getUrl_AdminPage() );
|
67 |
+
}
|
68 |
+
return $aLinks;
|
69 |
+
}
|
70 |
+
|
71 |
+
public function handleFileDownloadRequest() {
|
72 |
+
$oReq = Services::Request();
|
73 |
+
$oLock = $this->getFileLock( (int)$oReq->query( 'rid', 0 ) );
|
74 |
+
|
75 |
+
if ( $oLock instanceof FileLocker\EntryVO ) {
|
76 |
+
$sType = str_replace( 'filelocker_download_', '', $oReq->query( 'exec' ) );
|
77 |
+
|
78 |
+
// Note: Download what's on the disk if nothing is changed.
|
79 |
+
if ( $sType == 'current' ) {
|
80 |
+
$sContent = Services::WpFs()->getFileContent( $oLock->file );
|
81 |
+
}
|
82 |
+
elseif ( $sType == 'original' ) {
|
83 |
+
$sContent = ( new Lib\FileLocker\Ops\ReadOriginalFileContent() )
|
84 |
+
->setMod( $this->getMod() )
|
85 |
+
->run( $oLock );
|
86 |
+
}
|
87 |
+
|
88 |
+
if ( !empty( $sContent ) ) {
|
89 |
+
header( 'Set-Cookie: fileDownload=true; path=/' );
|
90 |
+
Services::Response()
|
91 |
+
->downloadStringAsFile( $sContent, strtoupper( $sType ).'-'.basename( $oLock->file ) );
|
92 |
+
}
|
93 |
+
}
|
94 |
+
|
95 |
+
wp_die( "Something about this request wasn't right" );
|
96 |
+
}
|
97 |
+
|
98 |
+
public function deleteAllLocks() {
|
99 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
100 |
+
$oMod = $this->getMod();
|
101 |
+
$oMod->getDbHandler_FileLocker()->deleteTable( true );
|
102 |
+
}
|
103 |
+
|
104 |
+
public function purge() {
|
105 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
106 |
+
$oMod = $this->getMod();
|
107 |
+
$oMod->getDbHandler_FileLocker()->deleteTable();
|
108 |
+
}
|
109 |
+
|
110 |
+
/**
|
111 |
+
* @param int $nID
|
112 |
+
* @return FileLocker\EntryVO|null
|
113 |
+
*/
|
114 |
+
public function getFileLock( $nID ) {
|
115 |
+
$aLocks = ( new Lib\FileLocker\Ops\LoadFileLocks() )
|
116 |
+
->setMod( $this->getMod() )
|
117 |
+
->loadLocks();
|
118 |
+
return isset( $aLocks[ $nID ] ) ? $aLocks[ $nID ] : null;
|
119 |
+
}
|
120 |
+
|
121 |
+
private function runAnalysis() {
|
122 |
+
/** @var Modules\HackGuard\Options $oOpts */
|
123 |
+
$oOpts = $this->getOptions();
|
124 |
+
|
125 |
+
// 1. First assess the existing locks for changes.
|
126 |
+
( new Ops\AssessLocks() )
|
127 |
+
->setMod( $this->getMod() )
|
128 |
+
->run();
|
129 |
+
|
130 |
+
// 2. Create new file locks as required
|
131 |
+
foreach ( $oOpts->getFilesToLock() as $sFileKey ) {
|
132 |
+
try {
|
133 |
+
( new Ops\CreateFileLocks() )
|
134 |
+
->setMod( $this->getMod() )
|
135 |
+
->setWorkingFile( $this->getFile( $sFileKey ) )
|
136 |
+
->create();
|
137 |
+
}
|
138 |
+
catch ( \Exception $oE ) {
|
139 |
+
error_log( $oE->getMessage() );
|
140 |
+
}
|
141 |
+
}
|
142 |
+
}
|
143 |
+
|
144 |
+
/**
|
145 |
+
* @param string $sFileKey
|
146 |
+
* @return File|null
|
147 |
+
* @throws \Exception
|
148 |
+
*/
|
149 |
+
private function getFile( $sFileKey ) {
|
150 |
+
$oFile = null;
|
151 |
+
|
152 |
+
$bIsSplitWp = false;
|
153 |
+
$nMaxPaths = 0;
|
154 |
+
switch ( $sFileKey ) {
|
155 |
+
case 'wpconfig':
|
156 |
+
$sFileKey = 'wp-config.php';
|
157 |
+
$nLevels = $bIsSplitWp ? 3 : 2;
|
158 |
+
$nMaxPaths = 1;
|
159 |
+
// TODO: is split URL?
|
160 |
+
break;
|
161 |
+
case 'root_htaccess':
|
162 |
+
$sFileKey = '.htaccess';
|
163 |
+
$nLevels = $bIsSplitWp ? 2 : 1;
|
164 |
+
break;
|
165 |
+
case 'root_index':
|
166 |
+
$sFileKey = 'index.php';
|
167 |
+
$nLevels = $bIsSplitWp ? 2 : 1;
|
168 |
+
break;
|
169 |
+
default:
|
170 |
+
if ( Services::WpFs()->isAbsPath( $sFileKey ) && Services::WpFs()->isFile( $sFileKey ) ) {
|
171 |
+
$nLevels = 1;
|
172 |
+
$nMaxPaths = 1;
|
173 |
+
}
|
174 |
+
else {
|
175 |
+
throw new \Exception( 'Not a supported file lock type' );
|
176 |
+
}
|
177 |
+
break;
|
178 |
+
}
|
179 |
+
$oFile = new File( $sFileKey );
|
180 |
+
$oFile->max_levels = $nLevels;
|
181 |
+
$oFile->max_paths = $nMaxPaths;
|
182 |
+
return $oFile;
|
183 |
+
}
|
184 |
+
}
|
src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/Accept.php
ADDED
@@ -0,0 +1,41 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\FileLocker;
|
6 |
+
use FernleafSystems\Wordpress\Services\Services;
|
7 |
+
|
8 |
+
/**
|
9 |
+
* Class Accept
|
10 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops
|
11 |
+
*/
|
12 |
+
class Accept extends BaseOps {
|
13 |
+
|
14 |
+
/**
|
15 |
+
* @param FileLocker\EntryVO $oLock
|
16 |
+
* @return bool
|
17 |
+
* @throws \ErrorException
|
18 |
+
*/
|
19 |
+
public function run( $oLock ) {
|
20 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
21 |
+
$oMod = $this->getMod();
|
22 |
+
|
23 |
+
$aPublicKey = $this->getPublicKey();
|
24 |
+
$sRawContent = ( new BuildEncryptedFilePayload() )
|
25 |
+
->setMod( $oMod )
|
26 |
+
->build( $oLock->file, reset( $aPublicKey ) );
|
27 |
+
|
28 |
+
/** @var FileLocker\Update $oUpdater */
|
29 |
+
$oUpdater = $oMod->getDbHandler_FileLocker()->getQueryUpdater();
|
30 |
+
$bSuccess = $oUpdater->updateEntry( $oLock, [
|
31 |
+
'hash_original' => hash_file( 'sha1', $oLock->file ),
|
32 |
+
'content' => base64_encode( $sRawContent ),
|
33 |
+
'public_key_id' => key( $aPublicKey ),
|
34 |
+
'detected_at' => 0,
|
35 |
+
'updated_at' => Services::Request()->ts(),
|
36 |
+
] );
|
37 |
+
|
38 |
+
$this->clearFileLocksCache();
|
39 |
+
return $bSuccess;
|
40 |
+
}
|
41 |
+
}
|
src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/AssessLocks.php
ADDED
@@ -0,0 +1,64 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\FileLocker;
|
6 |
+
use FernleafSystems\Wordpress\Services\Utilities\File\Compare\CompareHash;
|
7 |
+
|
8 |
+
class AssessLocks extends BaseOps {
|
9 |
+
|
10 |
+
/**
|
11 |
+
* @return int[]
|
12 |
+
*/
|
13 |
+
public function run() {
|
14 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
15 |
+
$oMod = $this->getMod();
|
16 |
+
/** @var FileLocker\Update $oUpd */
|
17 |
+
$oUpd = $oMod->getDbHandler_FileLocker()->getQueryUpdater();
|
18 |
+
|
19 |
+
$this->removeDuplicates();
|
20 |
+
|
21 |
+
$aProblemIds = [];
|
22 |
+
foreach ( $this->getFileLocks() as $oLock ) {
|
23 |
+
try {
|
24 |
+
if ( ( new CompareHash() )->isEqualFileSha1( $oLock->file, $oLock->hash_original ) ) {
|
25 |
+
if ( !empty( $oLock->hash_current ) ) {
|
26 |
+
$oUpd->updateCurrentHash( $oLock, '' );
|
27 |
+
}
|
28 |
+
}
|
29 |
+
else {
|
30 |
+
$sFileHash = hash_file( 'sha1', $oLock->file );
|
31 |
+
if ( empty( $oLock->hash_current ) || !hash_equals( $oLock->hash_current, $sFileHash ) ) {
|
32 |
+
$oUpd->updateCurrentHash( $oLock, $sFileHash );
|
33 |
+
$aProblemIds[] = $oLock->id;
|
34 |
+
}
|
35 |
+
}
|
36 |
+
}
|
37 |
+
catch ( \InvalidArgumentException $oE ) {
|
38 |
+
$oUpd->markProblem( $oLock );
|
39 |
+
$aProblemIds[] = $oLock->id;
|
40 |
+
}
|
41 |
+
}
|
42 |
+
$this->clearFileLocksCache();
|
43 |
+
return $aProblemIds;
|
44 |
+
}
|
45 |
+
|
46 |
+
private function removeDuplicates() {
|
47 |
+
$aPaths = [];
|
48 |
+
foreach ( $this->getFileLocks() as $oLock ) {
|
49 |
+
if ( in_array( $oLock->file, $aPaths ) ) {
|
50 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
51 |
+
$oMod = $this->getMod();
|
52 |
+
$oMod->getDbHandler_FileLocker()
|
53 |
+
->getQueryDeleter()
|
54 |
+
->deleteById( $oLock->id );
|
55 |
+
}
|
56 |
+
else {
|
57 |
+
$aPaths[] = $oLock->file;
|
58 |
+
}
|
59 |
+
}
|
60 |
+
if ( count( $this->getFileLocks() ) != count( $aPaths ) ) {
|
61 |
+
$this->clearFileLocksCache();
|
62 |
+
}
|
63 |
+
}
|
64 |
+
}
|
src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/BaseOps.php
ADDED
@@ -0,0 +1,81 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker;
|
7 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
8 |
+
use FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi\FileLocker\GetPublicKey;
|
9 |
+
|
10 |
+
class BaseOps {
|
11 |
+
|
12 |
+
use ModConsumer;
|
13 |
+
|
14 |
+
/**
|
15 |
+
* @var Databases\FileLocker\EntryVO[]
|
16 |
+
*/
|
17 |
+
private static $aFileLockRecords;
|
18 |
+
|
19 |
+
/**
|
20 |
+
* @var FileLocker\File
|
21 |
+
*/
|
22 |
+
protected $oFile;
|
23 |
+
|
24 |
+
/**
|
25 |
+
* @return Databases\FileLocker\EntryVO|null
|
26 |
+
*/
|
27 |
+
protected function findLockRecordForFile() {
|
28 |
+
$oTheRecord = null;
|
29 |
+
foreach ( $this->oFile->getPossiblePaths() as $sPath ) {
|
30 |
+
foreach ( $this->getFileLocks() as $oRecord ) {
|
31 |
+
if ( $oRecord->file === $sPath ) {
|
32 |
+
$oTheRecord = $oRecord;
|
33 |
+
break;
|
34 |
+
}
|
35 |
+
}
|
36 |
+
}
|
37 |
+
return $oTheRecord;
|
38 |
+
}
|
39 |
+
|
40 |
+
/**
|
41 |
+
* @return Databases\FileLocker\EntryVO[]|null
|
42 |
+
*/
|
43 |
+
protected function getFileLocks() {
|
44 |
+
return ( new LoadFileLocks() )
|
45 |
+
->setMod( $this->getMod() )
|
46 |
+
->loadLocks();
|
47 |
+
}
|
48 |
+
|
49 |
+
/**
|
50 |
+
* @return array
|
51 |
+
* @throws \ErrorException
|
52 |
+
*/
|
53 |
+
protected function getPublicKey() {
|
54 |
+
$aPublicKey = ( new GetPublicKey() )
|
55 |
+
->setMod( $this->getMod() )
|
56 |
+
->retrieve();
|
57 |
+
if ( empty( $aPublicKey ) ) {
|
58 |
+
throw new \ErrorException( 'Cannot encrypt without a public key' );
|
59 |
+
}
|
60 |
+
return $aPublicKey;
|
61 |
+
}
|
62 |
+
|
63 |
+
/**
|
64 |
+
* @return $this
|
65 |
+
*/
|
66 |
+
protected function clearFileLocksCache() {
|
67 |
+
( new LoadFileLocks() )
|
68 |
+
->setMod( $this->getMod() )
|
69 |
+
->clearLocksCache();
|
70 |
+
return $this;
|
71 |
+
}
|
72 |
+
|
73 |
+
/**
|
74 |
+
* @param FileLocker\File $oFile
|
75 |
+
* @return $this
|
76 |
+
*/
|
77 |
+
public function setWorkingFile( FileLocker\File $oFile ) {
|
78 |
+
$this->oFile = $oFile;
|
79 |
+
return $this;
|
80 |
+
}
|
81 |
+
}
|
src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/BuildEncryptedFilePayload.php
ADDED
@@ -0,0 +1,27 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Services\Services;
|
6 |
+
|
7 |
+
/**
|
8 |
+
* Class BuildEncryptedFilePayload
|
9 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops
|
10 |
+
*/
|
11 |
+
class BuildEncryptedFilePayload extends BaseOps {
|
12 |
+
|
13 |
+
/**
|
14 |
+
* @param string $sPath
|
15 |
+
* @param string $sPublicKey
|
16 |
+
* @return string
|
17 |
+
* @throws \ErrorException
|
18 |
+
*/
|
19 |
+
public function build( $sPath, $sPublicKey ) {
|
20 |
+
$oEnc = Services::Encrypt();
|
21 |
+
$oPayload = $oEnc->sealData( Services::WpFs()->getFileContent( $sPath ), $sPublicKey );
|
22 |
+
if ( !$oPayload->success ) {
|
23 |
+
throw new \ErrorException( 'File contents could not be encrypted' );
|
24 |
+
}
|
25 |
+
return json_encode( $oPayload->getRawDataAsArray() );
|
26 |
+
}
|
27 |
+
}
|
src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/CreateFileLocks.php
ADDED
@@ -0,0 +1,60 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\FileLocker;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi\FileLocker\GetPublicKey;
|
7 |
+
use FernleafSystems\Wordpress\Services\Services;
|
8 |
+
|
9 |
+
/**
|
10 |
+
* Class CreateFileLocks
|
11 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops
|
12 |
+
*/
|
13 |
+
class CreateFileLocks extends BaseOps {
|
14 |
+
|
15 |
+
/**
|
16 |
+
* @throws \Exception
|
17 |
+
*/
|
18 |
+
public function create() {
|
19 |
+
|
20 |
+
foreach ( $this->oFile->getExistingPossiblePaths() as $sPath ) {
|
21 |
+
$oTheFileLock = null;
|
22 |
+
foreach ( $this->getFileLocks() as $oMaybeFileLock ) {
|
23 |
+
if ( $oMaybeFileLock->file === $sPath ) {
|
24 |
+
$oTheFileLock = $oMaybeFileLock;
|
25 |
+
break;
|
26 |
+
}
|
27 |
+
}
|
28 |
+
if ( !$oTheFileLock instanceof FileLocker\EntryVO ) {
|
29 |
+
$this->processPath( $sPath );
|
30 |
+
}
|
31 |
+
}
|
32 |
+
}
|
33 |
+
|
34 |
+
/**
|
35 |
+
* @param string $sPath
|
36 |
+
* @throws \Exception
|
37 |
+
*/
|
38 |
+
private function processPath( $sPath ) {
|
39 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
40 |
+
$oMod = $this->getMod();
|
41 |
+
|
42 |
+
if ( Services::WpFs()->isFile( $sPath ) ) {
|
43 |
+
$oEntry = new FileLocker\EntryVO();
|
44 |
+
$oEntry->file = $sPath;
|
45 |
+
$oEntry->hash_original = hash_file( 'sha1', $sPath );
|
46 |
+
|
47 |
+
$aPublicKey = $this->getPublicKey();
|
48 |
+
$oEntry->public_key_id = key( $aPublicKey );
|
49 |
+
$oEntry->content = ( new BuildEncryptedFilePayload() )
|
50 |
+
->setMod( $oMod )
|
51 |
+
->build( $sPath, reset( $aPublicKey ) );
|
52 |
+
|
53 |
+
/** @var FileLocker\Insert $oInserter */
|
54 |
+
$oInserter = $oMod->getDbHandler_FileLocker()->getQueryInserter();
|
55 |
+
$oInserter->insert( $oEntry );
|
56 |
+
|
57 |
+
$this->clearFileLocksCache();
|
58 |
+
}
|
59 |
+
}
|
60 |
+
}
|
src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/DeleteFileLock.php
ADDED
@@ -0,0 +1,32 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\FileLocker;
|
6 |
+
|
7 |
+
/**
|
8 |
+
* Class DeleteFileLock
|
9 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops
|
10 |
+
*/
|
11 |
+
class DeleteFileLock extends BaseOps {
|
12 |
+
|
13 |
+
/**
|
14 |
+
* @param FileLocker\EntryVO $oLock
|
15 |
+
* @return bool
|
16 |
+
*/
|
17 |
+
public function delete( $oLock = null ) {
|
18 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
19 |
+
$oMod = $this->getMod();
|
20 |
+
if ( empty( $oLock ) ) {
|
21 |
+
$oLock = $this->findLockRecordForFile();
|
22 |
+
}
|
23 |
+
$bSuccess = $oLock instanceof FileLocker\EntryVO
|
24 |
+
&& $oMod->getDbHandler_FileLocker()
|
25 |
+
->getQueryDeleter()
|
26 |
+
->deleteEntry( $oLock );
|
27 |
+
if ( $bSuccess ) {
|
28 |
+
$this->clearFileLocksCache();
|
29 |
+
}
|
30 |
+
return $bSuccess;
|
31 |
+
}
|
32 |
+
}
|
src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/LoadFileLocks.php
ADDED
@@ -0,0 +1,86 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\FileLocker;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
7 |
+
|
8 |
+
/**
|
9 |
+
* Class LoadFileLocks
|
10 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops
|
11 |
+
*/
|
12 |
+
class LoadFileLocks {
|
13 |
+
|
14 |
+
use ModConsumer;
|
15 |
+
|
16 |
+
/**
|
17 |
+
* @var FileLocker\EntryVO[]
|
18 |
+
*/
|
19 |
+
private static $aFileLockRecords;
|
20 |
+
|
21 |
+
/**
|
22 |
+
* @return FileLocker\EntryVO[]
|
23 |
+
*/
|
24 |
+
public function loadLocks() {
|
25 |
+
if ( is_null( self::$aFileLockRecords ) ) {
|
26 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
27 |
+
$oMod = $this->getMod();
|
28 |
+
$aAll = $oMod->getDbHandler_FileLocker()->getQuerySelector()->all();
|
29 |
+
|
30 |
+
self::$aFileLockRecords = [];
|
31 |
+
if ( is_array( $aAll ) ) {
|
32 |
+
foreach ( $aAll as $oLock ) {
|
33 |
+
self::$aFileLockRecords[ $oLock->id ] = $oLock;
|
34 |
+
}
|
35 |
+
}
|
36 |
+
}
|
37 |
+
return self::$aFileLockRecords;
|
38 |
+
}
|
39 |
+
|
40 |
+
/**
|
41 |
+
* @return FileLocker\EntryVO[]
|
42 |
+
*/
|
43 |
+
public function withProblems() {
|
44 |
+
return array_filter(
|
45 |
+
$this->loadLocks(),
|
46 |
+
function ( $oLock ) {
|
47 |
+
/** @var FileLocker\EntryVO $oLock */
|
48 |
+
return $oLock->detected_at > 0;
|
49 |
+
}
|
50 |
+
);
|
51 |
+
}
|
52 |
+
|
53 |
+
/**
|
54 |
+
* @return FileLocker\EntryVO[]
|
55 |
+
*/
|
56 |
+
public function withProblemsNotNotified() {
|
57 |
+
return array_filter(
|
58 |
+
$this->withProblems(),
|
59 |
+
function ( $oLock ) {
|
60 |
+
/** @var FileLocker\EntryVO $oLock */
|
61 |
+
return $oLock->notified_at == 0;
|
62 |
+
}
|
63 |
+
);
|
64 |
+
}
|
65 |
+
|
66 |
+
/**
|
67 |
+
* @return FileLocker\EntryVO[]
|
68 |
+
*/
|
69 |
+
public function withoutProblems() {
|
70 |
+
return array_filter(
|
71 |
+
$this->loadLocks(),
|
72 |
+
function ( $oLock ) {
|
73 |
+
/** @var FileLocker\EntryVO $oLock */
|
74 |
+
return $oLock->detected_at == 0;
|
75 |
+
}
|
76 |
+
);
|
77 |
+
}
|
78 |
+
|
79 |
+
/**
|
80 |
+
* @return $this
|
81 |
+
*/
|
82 |
+
public function clearLocksCache() {
|
83 |
+
self::$aFileLockRecords = null;
|
84 |
+
return $this;
|
85 |
+
}
|
86 |
+
}
|
src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/PerformAction.php
ADDED
@@ -0,0 +1,82 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases;
|
6 |
+
use FernleafSystems\Wordpress\Services\Services;
|
7 |
+
|
8 |
+
/**
|
9 |
+
* Class PerformAction
|
10 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops
|
11 |
+
*/
|
12 |
+
class PerformAction extends BaseOps {
|
13 |
+
|
14 |
+
/**
|
15 |
+
* @param int $nLockID
|
16 |
+
* @param string $sAction
|
17 |
+
* @return string
|
18 |
+
* @throws \Exception
|
19 |
+
*/
|
20 |
+
public function run( $nLockID, $sAction ) {
|
21 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
22 |
+
$oMod = $this->getMod();
|
23 |
+
|
24 |
+
if ( !in_array( $sAction, [ 'accept', 'restore', 'diff' ] ) ) {
|
25 |
+
throw new \Exception( __( 'Not a supported file lock action.', 'wp-simple-firewall' ) );
|
26 |
+
}
|
27 |
+
if ( !is_numeric( $nLockID ) ) {
|
28 |
+
throw new \Exception( __( 'Please select a valid file.', 'wp-simple-firewall' ) );
|
29 |
+
}
|
30 |
+
$oLock = $oMod->getDbHandler_FileLocker()
|
31 |
+
->getQuerySelector()
|
32 |
+
->byId( (int)$nLockID );
|
33 |
+
if ( !$oLock instanceof Databases\FileLocker\EntryVO ) {
|
34 |
+
throw new \Exception( __( 'Not valid file lock ID.', 'wp-simple-firewall' ) );
|
35 |
+
}
|
36 |
+
|
37 |
+
switch ( $sAction ) {
|
38 |
+
case 'accept':
|
39 |
+
$mResult = ( new Accept() )
|
40 |
+
->setMod( $this->getMod() )
|
41 |
+
->run( $oLock );
|
42 |
+
break;
|
43 |
+
case 'diff':
|
44 |
+
$mResult = $this->diff( $oLock );
|
45 |
+
break;
|
46 |
+
case 'restore':
|
47 |
+
$mResult = ( new Restore() )
|
48 |
+
->setMod( $this->getMod() )
|
49 |
+
->run( $oLock );
|
50 |
+
break;
|
51 |
+
default:
|
52 |
+
$mResult = false;
|
53 |
+
break;
|
54 |
+
}
|
55 |
+
return $mResult;
|
56 |
+
}
|
57 |
+
|
58 |
+
/**
|
59 |
+
* @param Databases\FileLocker\EntryVO $oLock
|
60 |
+
* @return string
|
61 |
+
* @throws \Exception
|
62 |
+
*/
|
63 |
+
protected function diff( Databases\FileLocker\EntryVO $oLock ) {
|
64 |
+
$oFS = Services::WpFs();
|
65 |
+
|
66 |
+
if ( !$oFS->isFile( $oLock->file ) ) {
|
67 |
+
throw new \Exception( __( 'File is missing or could not be read.', 'wp-simple-firewall' ) );
|
68 |
+
}
|
69 |
+
|
70 |
+
$sContent = Services::WpFs()->getFileContent( $oLock->file );
|
71 |
+
if ( empty( $sContent ) ) {
|
72 |
+
throw new \Exception( __( 'File is empty or could not be read.', 'wp-simple-firewall' ) );
|
73 |
+
}
|
74 |
+
|
75 |
+
return wp_text_diff(
|
76 |
+
( new ReadOriginalFileContent() )
|
77 |
+
->setMod( $this->getMod() )
|
78 |
+
->run( $oLock ),
|
79 |
+
$sContent
|
80 |
+
);
|
81 |
+
}
|
82 |
+
}
|
src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/ReadOriginalFileContent.php
ADDED
@@ -0,0 +1,60 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi\FileLocker\DecryptFile;
|
7 |
+
use FernleafSystems\Wordpress\Services\Services;
|
8 |
+
use FernleafSystems\Wordpress\Services\Utilities\Encrypt\OpenSslEncryptVo;
|
9 |
+
|
10 |
+
/**
|
11 |
+
* Class ReadOriginalFileContent
|
12 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops
|
13 |
+
*/
|
14 |
+
class ReadOriginalFileContent extends BaseOps {
|
15 |
+
|
16 |
+
/**
|
17 |
+
* @param Databases\FileLocker\EntryVO $oLock
|
18 |
+
* @return string
|
19 |
+
*/
|
20 |
+
public function run( $oLock ) {
|
21 |
+
try {
|
22 |
+
$sContent = $this->useOriginalFile( $oLock );
|
23 |
+
}
|
24 |
+
catch ( \Exception $oE ) {
|
25 |
+
$sContent = $this->useCacheAndApi( $oLock );
|
26 |
+
}
|
27 |
+
return $sContent;
|
28 |
+
}
|
29 |
+
|
30 |
+
/**
|
31 |
+
* @param Databases\FileLocker\EntryVO $oLock
|
32 |
+
* @return string|null
|
33 |
+
* @throws \Exception
|
34 |
+
*/
|
35 |
+
private function useOriginalFile( Databases\FileLocker\EntryVO $oLock ) {
|
36 |
+
$oFS = Services::WpFs();
|
37 |
+
if ( empty( $oLock->detected_at ) && empty( $oLock->hash_current )
|
38 |
+
&& $oFS->exists( $oLock->file ) ) {
|
39 |
+
return $oFS->getFileContent( $oLock->file );
|
40 |
+
}
|
41 |
+
throw new \Exception( 'Cannot use original file' );
|
42 |
+
}
|
43 |
+
|
44 |
+
/**
|
45 |
+
* @param Databases\FileLocker\EntryVO $oLock
|
46 |
+
* @return string|null
|
47 |
+
*/
|
48 |
+
private function useCacheAndApi( Databases\FileLocker\EntryVO $oLock ) {
|
49 |
+
$sCacheKey = 'file-content-'.$oLock->id;
|
50 |
+
$sContent = wp_cache_get( $sCacheKey, $this->getCon()->prefix( 'filelocker' ) );
|
51 |
+
if ( $sContent === false ) {
|
52 |
+
$oVO = ( new OpenSslEncryptVo() )->applyFromArray( json_decode( $oLock->content, true ) );
|
53 |
+
$sContent = ( new DecryptFile() )
|
54 |
+
->setMod( $this->getMod() )
|
55 |
+
->retrieve( $oVO, $oLock->public_key_id );
|
56 |
+
wp_cache_set( $sCacheKey, $sContent, $this->getCon()->prefix( 'filelocker' ), 3 );
|
57 |
+
}
|
58 |
+
return $sContent;
|
59 |
+
}
|
60 |
+
}
|
src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/Restore.php
ADDED
@@ -0,0 +1,35 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases;
|
6 |
+
use FernleafSystems\Wordpress\Services\Services;
|
7 |
+
|
8 |
+
/**
|
9 |
+
* Class Restore
|
10 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops
|
11 |
+
*/
|
12 |
+
class Restore extends BaseOps {
|
13 |
+
|
14 |
+
/**
|
15 |
+
* @param Databases\FileLocker\EntryVO $oRecord
|
16 |
+
* @return mixed
|
17 |
+
*/
|
18 |
+
public function run( $oRecord ) {
|
19 |
+
$bReverted = Services::WpFs()->putFileContent(
|
20 |
+
$oRecord->file,
|
21 |
+
( new ReadOriginalFileContent() )
|
22 |
+
->setMod( $this->getMod() )
|
23 |
+
->run( $oRecord )
|
24 |
+
);
|
25 |
+
if ( $bReverted ) {
|
26 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
27 |
+
$oMod = $this->getMod();
|
28 |
+
/** @var Databases\FileLocker\Update $oUpd */
|
29 |
+
$oUpd = $oMod->getDbHandler_FileLocker()->getQueryUpdater();
|
30 |
+
$oUpd->markReverted( $oRecord );
|
31 |
+
$this->clearFileLocksCache();
|
32 |
+
}
|
33 |
+
return $bReverted;
|
34 |
+
}
|
35 |
+
}
|
src/lib/src/Modules/HackGuard/Lib/FileLocker/Ops/Verify.php
ADDED
@@ -0,0 +1,26 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\FileLocker\EntryVO;
|
6 |
+
use FernleafSystems\Wordpress\Services\Utilities\File\Compare\CompareHash;
|
7 |
+
|
8 |
+
/**
|
9 |
+
* Class Verify
|
10 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops
|
11 |
+
*/
|
12 |
+
class Verify {
|
13 |
+
|
14 |
+
/**
|
15 |
+
* @param EntryVO $oRecord
|
16 |
+
* @return bool
|
17 |
+
*/
|
18 |
+
public function run( $oRecord ) {
|
19 |
+
try {
|
20 |
+
return ( new CompareHash() )->isEqualFileSha1( $oRecord->file, $oRecord->hash );
|
21 |
+
}
|
22 |
+
catch ( \InvalidArgumentException $oE ) {
|
23 |
+
return false;
|
24 |
+
}
|
25 |
+
}
|
26 |
+
}
|
src/lib/src/Modules/HackGuard/Lib/Reports/FileLockerAlerts.php
ADDED
@@ -0,0 +1,61 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\Reports;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\FileLocker;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard;
|
7 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting\Lib\Reports\BaseReporter;
|
8 |
+
|
9 |
+
class FileLockerAlerts extends BaseReporter {
|
10 |
+
|
11 |
+
/**
|
12 |
+
* @inheritDoc
|
13 |
+
*/
|
14 |
+
public function build() {
|
15 |
+
$aAlerts = [];
|
16 |
+
|
17 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
18 |
+
$oMod = $this->getMod();
|
19 |
+
|
20 |
+
$oLockOps = ( new HackGuard\Lib\FileLocker\Ops\LoadFileLocks() )
|
21 |
+
->setMod( $this->getMod() );
|
22 |
+
$aNotNotified = $oLockOps->withProblemsNotNotified();
|
23 |
+
|
24 |
+
if ( count( $aNotNotified ) > 0 ) {
|
25 |
+
$aAlerts[] = $this->getMod()->renderTemplate(
|
26 |
+
'/components/reports/mod/hack_protect/alert_filelocker.twig',
|
27 |
+
[
|
28 |
+
'vars' => [
|
29 |
+
'count' => $oMod->getFileLocker()->countProblems()
|
30 |
+
],
|
31 |
+
'strings' => [
|
32 |
+
'title' => __( 'File Locker Changes Detected', 'wp-simple-firewall' ),
|
33 |
+
'file_changed' => __( 'Changes have been detected in the contents of critical files.', 'wp-simple-firewall' ),
|
34 |
+
'total_files' => sprintf( '%s: %s', __( 'Total Changed Files', 'wp-simple-firewall' ), count( $aNotNotified ) ),
|
35 |
+
'view_results' => __( 'Click Here To View File Locker Results', 'wp-simple-firewall' ),
|
36 |
+
],
|
37 |
+
'hrefs' => [
|
38 |
+
'view_results' => $this->getCon()->getModule_Insights()->getUrl_SubInsightsPage( 'scans' ),
|
39 |
+
],
|
40 |
+
]
|
41 |
+
);
|
42 |
+
$this->markAlertsAsNotified( $aNotNotified );
|
43 |
+
$oLockOps->clearLocksCache();
|
44 |
+
}
|
45 |
+
|
46 |
+
return $aAlerts;
|
47 |
+
}
|
48 |
+
|
49 |
+
/**
|
50 |
+
* @param FileLocker\EntryVO[] $aNotNotified
|
51 |
+
*/
|
52 |
+
private function markAlertsAsNotified( $aNotNotified ) {
|
53 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
54 |
+
$oMod = $this->getMod();
|
55 |
+
/** @var FileLocker\Update $oUpdater */
|
56 |
+
$oUpdater = $oMod->getDbHandler_FileLocker()->getQueryUpdater();
|
57 |
+
foreach ( $aNotNotified as $oEntry ) {
|
58 |
+
$oUpdater->markNotified( $oEntry );
|
59 |
+
}
|
60 |
+
}
|
61 |
+
}
|
src/lib/src/Modules/HackGuard/Lib/Reports/ScanAlerts.php
ADDED
@@ -0,0 +1,97 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\Reports;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Scanner;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard;
|
7 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting\Lib\Reports\BaseReporter;
|
8 |
+
use FernleafSystems\Wordpress\Services\Services;
|
9 |
+
|
10 |
+
class ScanAlerts extends BaseReporter {
|
11 |
+
|
12 |
+
/**
|
13 |
+
* @inheritDoc
|
14 |
+
*/
|
15 |
+
public function build() {
|
16 |
+
$aAlerts = [];
|
17 |
+
|
18 |
+
/** @var HackGuard\Strings $oStrings */
|
19 |
+
$oStrings = $this->getMod()->getStrings();
|
20 |
+
$aScanNames = $oStrings->getScanNames();
|
21 |
+
|
22 |
+
$aScanItemCounts = array_filter( $this->countItemsForEachScan() );
|
23 |
+
if ( !empty( $aScanItemCounts ) ) {
|
24 |
+
foreach ( $aScanItemCounts as $sScan => $nCount ) {
|
25 |
+
$aScanItemCounts[ $sScan ] = [
|
26 |
+
'count' => $nCount,
|
27 |
+
'name' => $aScanNames[ $sScan ],
|
28 |
+
];
|
29 |
+
}
|
30 |
+
$aAlerts[] = $this->getMod()->renderTemplate(
|
31 |
+
'/components/reports/mod/hack_protect/alert_scanresults.twig',
|
32 |
+
[
|
33 |
+
'vars' => [
|
34 |
+
'scan_counts' => $aScanItemCounts
|
35 |
+
],
|
36 |
+
'strings' => [
|
37 |
+
'title' => __( 'New Scan Results', 'wp-simple-firewall' ),
|
38 |
+
'view_results' => __( 'Click Here To View Scan Results Details', 'wp-simple-firewall' ),
|
39 |
+
],
|
40 |
+
'hrefs' => [
|
41 |
+
'view_results' => $this->getCon()->getModule_Insights()->getUrl_SubInsightsPage( 'scans' ),
|
42 |
+
],
|
43 |
+
]
|
44 |
+
);
|
45 |
+
|
46 |
+
$this->markAlertsAsNotified();
|
47 |
+
}
|
48 |
+
|
49 |
+
return $aAlerts;
|
50 |
+
}
|
51 |
+
|
52 |
+
private function markAlertsAsNotified() {
|
53 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
54 |
+
$oMod = $this->getMod();
|
55 |
+
/** @var Scanner\Update $oUpdater */
|
56 |
+
$oUpdater = $oMod->getDbHandler_ScanResults()->getQueryUpdater();
|
57 |
+
$oUpdater
|
58 |
+
->setUpdateWheres( [
|
59 |
+
'ignored_at' => 0,
|
60 |
+
'notified_at' => 0,
|
61 |
+
] )
|
62 |
+
->setUpdateData( [
|
63 |
+
'notified_at' => Services::Request()->ts()
|
64 |
+
] )
|
65 |
+
->query();
|
66 |
+
}
|
67 |
+
|
68 |
+
/**
|
69 |
+
* @return int[] - key is scan slug
|
70 |
+
*/
|
71 |
+
private function countItemsForEachScan() {
|
72 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
73 |
+
$oMod = $this->getMod();
|
74 |
+
/** @var HackGuard\Options $oOpts */
|
75 |
+
$oOpts = $this->getOptions();
|
76 |
+
/** @var Scanner\Select $oSel */
|
77 |
+
$oSel = $oMod->getDbHandler_ScanResults()->getQuerySelector();
|
78 |
+
|
79 |
+
$aCounts = [];
|
80 |
+
|
81 |
+
$oRep = $this->getReport();
|
82 |
+
|
83 |
+
foreach ( $oOpts->getScanSlugs() as $sScanSlug ) {
|
84 |
+
$oSel->filterByScan( $sScanSlug )
|
85 |
+
->filterByNotNotified()
|
86 |
+
->filterByNotIgnored();
|
87 |
+
if ( !is_null( $oRep->interval_start_at ) ) {
|
88 |
+
$oSel->filterByCreatedAt( $oRep->interval_start_at, '>' );
|
89 |
+
}
|
90 |
+
if ( !is_null( $oRep->interval_end_at ) ) {
|
91 |
+
$oSel->filterByCreatedAt( $oRep->interval_end_at, '<' );
|
92 |
+
}
|
93 |
+
$aCounts[ $sScanSlug ] = $oSel->count();
|
94 |
+
}
|
95 |
+
return $aCounts;
|
96 |
+
}
|
97 |
+
}
|
src/lib/src/Modules/HackGuard/Lib/Snapshots/StoreAction/DeleteAll.php
CHANGED
@@ -6,8 +6,6 @@ use FernleafSystems\Wordpress\Services\Services;
|
|
6 |
|
7 |
class DeleteAll extends BaseBulk {
|
8 |
|
9 |
-
/**
|
10 |
-
*/
|
11 |
public function run() {
|
12 |
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
13 |
$oMod = $this->getMod();
|
6 |
|
7 |
class DeleteAll extends BaseBulk {
|
8 |
|
|
|
|
|
9 |
public function run() {
|
10 |
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
11 |
$oMod = $this->getMod();
|
src/lib/src/Modules/HackGuard/Lib/Snapshots/StoreAction/ScheduleBuildAll.php
CHANGED
@@ -30,7 +30,7 @@ class ScheduleBuildAll extends BaseBulk {
|
|
30 |
public function schedule() {
|
31 |
$sHook = $this->getCronHook();
|
32 |
if ( wp_next_scheduled( $sHook ) === false && count( $this->getAssetsThatNeedBuilt() ) > 0 ) {
|
33 |
-
wp_schedule_single_event( Services::Request()->ts() +
|
34 |
}
|
35 |
}
|
36 |
|
30 |
public function schedule() {
|
31 |
$sHook = $this->getCronHook();
|
32 |
if ( wp_next_scheduled( $sHook ) === false && count( $this->getAssetsThatNeedBuilt() ) > 0 ) {
|
33 |
+
wp_schedule_single_event( Services::Request()->ts() + 15, $sHook );
|
34 |
}
|
35 |
}
|
36 |
|
src/lib/src/Modules/HackGuard/Options.php
CHANGED
@@ -7,6 +7,13 @@ use FernleafSystems\Wordpress\Services\Services;
|
|
7 |
|
8 |
class Options extends Base\ShieldOptions {
|
9 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
10 |
/**
|
11 |
* @return string[]
|
12 |
*/
|
@@ -21,6 +28,13 @@ class Options extends Base\ShieldOptions {
|
|
21 |
return $this->getDef( 'table_columns_scanqueue' );
|
22 |
}
|
23 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
24 |
/**
|
25 |
* @return string
|
26 |
*/
|
@@ -36,10 +50,18 @@ class Options extends Base\ShieldOptions {
|
|
36 |
}
|
37 |
|
38 |
/**
|
39 |
-
* @return
|
40 |
*/
|
41 |
-
public function
|
42 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
43 |
}
|
44 |
|
45 |
/**
|
@@ -62,7 +84,7 @@ class Options extends Base\ShieldOptions {
|
|
62 |
* @return int
|
63 |
*/
|
64 |
public function getMalConfidenceBoundary() {
|
65 |
-
return (int)
|
66 |
}
|
67 |
|
68 |
/**
|
@@ -131,35 +153,6 @@ class Options extends Base\ShieldOptions {
|
|
131 |
return $aSigs;
|
132 |
}
|
133 |
|
134 |
-
/**
|
135 |
-
* @return bool
|
136 |
-
*/
|
137 |
-
public function isMalAutoRepairPlugins() {
|
138 |
-
return $this->isOpt( 'mal_autorepair_plugins', 'Y' );
|
139 |
-
}
|
140 |
-
|
141 |
-
/**
|
142 |
-
* @return bool
|
143 |
-
*/
|
144 |
-
public function isMalAutoRepairThemes() {
|
145 |
-
return $this->isOpt( 'mal_autorepair_themes', 'Y' );
|
146 |
-
}
|
147 |
-
|
148 |
-
/**
|
149 |
-
* @return bool
|
150 |
-
*/
|
151 |
-
public function isMalAutoRepair() {
|
152 |
-
return $this->isMalAutoRepairCore() || $this->isMalAutoRepairPlugins() || $this->isMalAutoRepairThemes()
|
153 |
-
|| $this->isMalAutoRepairSurgical();
|
154 |
-
}
|
155 |
-
|
156 |
-
/**
|
157 |
-
* @return bool
|
158 |
-
*/
|
159 |
-
public function isMalAutoRepairCore() {
|
160 |
-
return $this->isOpt( 'mal_autorepair_core', 'Y' );
|
161 |
-
}
|
162 |
-
|
163 |
/**
|
164 |
* @return bool
|
165 |
*/
|
@@ -167,13 +160,6 @@ class Options extends Base\ShieldOptions {
|
|
167 |
return $this->isOpt( 'mal_autorepair_surgical', 'Y' );
|
168 |
}
|
169 |
|
170 |
-
/**
|
171 |
-
* @return bool
|
172 |
-
*/
|
173 |
-
public function isMalScanEnabled() {
|
174 |
-
return !$this->isOpt( 'mal_scan_enable', 'disabled' );
|
175 |
-
}
|
176 |
-
|
177 |
/**
|
178 |
* @return bool
|
179 |
*/
|
@@ -182,46 +168,38 @@ class Options extends Base\ShieldOptions {
|
|
182 |
}
|
183 |
|
184 |
/**
|
185 |
-
* @return
|
186 |
-
*/
|
187 |
-
public function getPtgFileExtensions() {
|
188 |
-
$aExt = $this->getOpt( 'ptg_extensions' );
|
189 |
-
return is_array( $aExt ) ? $aExt : [];
|
190 |
-
}
|
191 |
-
|
192 |
-
/**
|
193 |
-
* @return int
|
194 |
*/
|
195 |
-
public function
|
196 |
-
return
|
197 |
}
|
198 |
|
199 |
/**
|
200 |
* @return bool
|
201 |
*/
|
202 |
-
public function
|
203 |
-
return $this->
|
204 |
}
|
205 |
|
206 |
/**
|
207 |
* @return bool
|
208 |
*/
|
209 |
-
public function
|
210 |
-
return
|
211 |
}
|
212 |
|
213 |
/**
|
214 |
* @return bool
|
215 |
*/
|
216 |
-
public function
|
217 |
-
return
|
218 |
}
|
219 |
|
220 |
/**
|
221 |
* @return bool
|
222 |
*/
|
223 |
-
public function
|
224 |
-
return
|
225 |
}
|
226 |
|
227 |
/**
|
@@ -290,17 +268,6 @@ class Options extends Base\ShieldOptions {
|
|
290 |
return $this->setOpt( 'scans_to_build', array_intersect_key( $aScans, array_flip( $this->getScanSlugs() ) ) );
|
291 |
}
|
292 |
|
293 |
-
/**
|
294 |
-
* @return array
|
295 |
-
*/
|
296 |
-
public function getUfcFileExclusions() {
|
297 |
-
$aExclusions = $this->getOpt( 'ufc_exclusions', [] );
|
298 |
-
if ( !is_array( $aExclusions ) ) {
|
299 |
-
$aExclusions = [];
|
300 |
-
}
|
301 |
-
return $aExclusions;
|
302 |
-
}
|
303 |
-
|
304 |
/**
|
305 |
* Provides an array where the key is the root dir, and the value is the specific file types.
|
306 |
* An empty array means all files.
|
@@ -312,7 +279,7 @@ class Options extends Base\ShieldOptions {
|
|
312 |
path_join( ABSPATH, 'wp-includes' ) => []
|
313 |
];
|
314 |
|
315 |
-
if ( $this->
|
316 |
$sUploadsDir = Services::WpGeneral()->getDirUploads();
|
317 |
if ( !empty( $sUploadsDir ) ) {
|
318 |
$aDirs[ $sUploadsDir ] = [
|
@@ -333,45 +300,11 @@ class Options extends Base\ShieldOptions {
|
|
333 |
return $this->getOpt( 'enable_unrecognised_file_cleaner_scan', 'disabled' );
|
334 |
}
|
335 |
|
336 |
-
/**
|
337 |
-
* @return string
|
338 |
-
*/
|
339 |
-
public function isUfcDeleteFiles() {
|
340 |
-
return in_array( $this->getUnrecognisedFileScannerOption(), [
|
341 |
-
'enabled_delete_only',
|
342 |
-
'enabled_delete_report'
|
343 |
-
] );
|
344 |
-
}
|
345 |
-
|
346 |
-
/**
|
347 |
-
* @return bool
|
348 |
-
*/
|
349 |
-
public function isUfcEnabled() {
|
350 |
-
return ( $this->getUnrecognisedFileScannerOption() != 'disabled' );
|
351 |
-
}
|
352 |
-
|
353 |
-
/**
|
354 |
-
* @return string
|
355 |
-
*/
|
356 |
-
public function isUfcSendReport() {
|
357 |
-
return in_array( $this->getUnrecognisedFileScannerOption(), [
|
358 |
-
'enabled_report_only',
|
359 |
-
'enabled_delete_report'
|
360 |
-
] );
|
361 |
-
}
|
362 |
-
|
363 |
/**
|
364 |
* @return bool
|
365 |
*/
|
366 |
-
public function
|
367 |
-
return $this->
|
368 |
-
}
|
369 |
-
|
370 |
-
/**
|
371 |
-
* @return bool
|
372 |
-
*/
|
373 |
-
public function isWcfScanAutoRepair() {
|
374 |
-
return $this->isOpt( 'attempt_auto_file_repair', 'Y' );
|
375 |
}
|
376 |
|
377 |
/**
|
@@ -446,4 +379,88 @@ class Options extends Base\ShieldOptions {
|
|
446 |
}
|
447 |
) );
|
448 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
449 |
}
|
7 |
|
8 |
class Options extends Base\ShieldOptions {
|
9 |
|
10 |
+
/**
|
11 |
+
* @return string[]
|
12 |
+
*/
|
13 |
+
public function getDbColumns_FileLocker() {
|
14 |
+
return $this->getDef( 'table_columns_filelocker' );
|
15 |
+
}
|
16 |
+
|
17 |
/**
|
18 |
* @return string[]
|
19 |
*/
|
28 |
return $this->getDef( 'table_columns_scanqueue' );
|
29 |
}
|
30 |
|
31 |
+
/**
|
32 |
+
* @return string
|
33 |
+
*/
|
34 |
+
public function getDbTable_FileLocker() {
|
35 |
+
return $this->getCon()->prefixOption( $this->getDef( 'table_name_filelocker' ) );
|
36 |
+
}
|
37 |
+
|
38 |
/**
|
39 |
* @return string
|
40 |
*/
|
50 |
}
|
51 |
|
52 |
/**
|
53 |
+
* @return array
|
54 |
*/
|
55 |
+
public function getFilesToLock() {
|
56 |
+
$aLocks = $this->getOpt( 'file_locker', [] );
|
57 |
+
return is_array( $aLocks ) ? $aLocks : [];
|
58 |
+
}
|
59 |
+
|
60 |
+
/**
|
61 |
+
* @return array
|
62 |
+
*/
|
63 |
+
public function getRepairAreas() {
|
64 |
+
return is_array( $this->getOpt( 'file_repair_areas' ) ) ? $this->getOpt( 'file_repair_areas' ) : [];
|
65 |
}
|
66 |
|
67 |
/**
|
84 |
* @return int
|
85 |
*/
|
86 |
public function getMalConfidenceBoundary() {
|
87 |
+
return (int)apply_filters( 'icwp_shield_fp_confidence_boundary', 50 );
|
88 |
}
|
89 |
|
90 |
/**
|
153 |
return $aSigs;
|
154 |
}
|
155 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
156 |
/**
|
157 |
* @return bool
|
158 |
*/
|
160 |
return $this->isOpt( 'mal_autorepair_surgical', 'Y' );
|
161 |
}
|
162 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
163 |
/**
|
164 |
* @return bool
|
165 |
*/
|
168 |
}
|
169 |
|
170 |
/**
|
171 |
+
* @return bool
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
172 |
*/
|
173 |
+
public function isPtgReinstallLinks() {
|
174 |
+
return $this->isOpt( 'ptg_reinstall_links', 'Y' ) && $this->isPremium();
|
175 |
}
|
176 |
|
177 |
/**
|
178 |
* @return bool
|
179 |
*/
|
180 |
+
public function isRepairFileAuto() {
|
181 |
+
return count( $this->getRepairAreas() ) > 0;
|
182 |
}
|
183 |
|
184 |
/**
|
185 |
* @return bool
|
186 |
*/
|
187 |
+
public function isRepairFilePlugin() {
|
188 |
+
return in_array( 'plugin', $this->getRepairAreas() );
|
189 |
}
|
190 |
|
191 |
/**
|
192 |
* @return bool
|
193 |
*/
|
194 |
+
public function isRepairFileTheme() {
|
195 |
+
return in_array( 'theme', $this->getRepairAreas() );
|
196 |
}
|
197 |
|
198 |
/**
|
199 |
* @return bool
|
200 |
*/
|
201 |
+
public function isRepairFileWP() {
|
202 |
+
return in_array( 'wp', $this->getRepairAreas() );
|
203 |
}
|
204 |
|
205 |
/**
|
268 |
return $this->setOpt( 'scans_to_build', array_intersect_key( $aScans, array_flip( $this->getScanSlugs() ) ) );
|
269 |
}
|
270 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
271 |
/**
|
272 |
* Provides an array where the key is the root dir, and the value is the specific file types.
|
273 |
* An empty array means all files.
|
279 |
path_join( ABSPATH, 'wp-includes' ) => []
|
280 |
];
|
281 |
|
282 |
+
if ( $this->isOpt( 'ufc_scan_uploads', 'Y' ) ) { // include uploads
|
283 |
$sUploadsDir = Services::WpGeneral()->getDirUploads();
|
284 |
if ( !empty( $sUploadsDir ) ) {
|
285 |
$aDirs[ $sUploadsDir ] = [
|
300 |
return $this->getOpt( 'enable_unrecognised_file_cleaner_scan', 'disabled' );
|
301 |
}
|
302 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
303 |
/**
|
304 |
* @return bool
|
305 |
*/
|
306 |
+
public function isUfsDeleteFiles() {
|
307 |
+
return $this->getUnrecognisedFileScannerOption() === 'enabled_delete_only';
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
308 |
}
|
309 |
|
310 |
/**
|
379 |
}
|
380 |
) );
|
381 |
}
|
382 |
+
|
383 |
+
/**
|
384 |
+
* @return bool
|
385 |
+
* @deprecated 9.0
|
386 |
+
*/
|
387 |
+
public function isMalAutoRepairCore() {
|
388 |
+
return $this->isRepairFileWP();
|
389 |
+
}
|
390 |
+
|
391 |
+
/**
|
392 |
+
* @return bool
|
393 |
+
* @deprecated 9.0
|
394 |
+
*/
|
395 |
+
public function isWcfScanAutoRepair() {
|
396 |
+
return $this->isRepairFileWP();
|
397 |
+
}
|
398 |
+
|
399 |
+
/**
|
400 |
+
* @return bool
|
401 |
+
* @deprecated 9.0
|
402 |
+
*/
|
403 |
+
public function isWpvulnEnabled() {
|
404 |
+
return $this->isPremium() && $this->isOpt( 'enable_wpvuln_scan', 'Y' );
|
405 |
+
}
|
406 |
+
|
407 |
+
/**
|
408 |
+
* @return bool
|
409 |
+
* @deprecated 9.0
|
410 |
+
*/
|
411 |
+
public function isPtgEnabled() {
|
412 |
+
return $this->isOpt( 'ptg_enable', 'enabled' ) && $this->isOptReqsMet( 'ptg_enable' );
|
413 |
+
}
|
414 |
+
|
415 |
+
/**
|
416 |
+
* @return bool
|
417 |
+
* @deprecated 9.0
|
418 |
+
*/
|
419 |
+
public function isUfcEnabled() {
|
420 |
+
return ( $this->getUnrecognisedFileScannerOption() != 'disabled' );
|
421 |
+
}
|
422 |
+
|
423 |
+
/**
|
424 |
+
* @return array
|
425 |
+
* @deprecated 9.0
|
426 |
+
*/
|
427 |
+
public function getUfcFileExclusions() {
|
428 |
+
$aExclusions = $this->getOpt( 'ufc_exclusions', [] );
|
429 |
+
if ( !is_array( $aExclusions ) ) {
|
430 |
+
$aExclusions = [];
|
431 |
+
}
|
432 |
+
return $aExclusions;
|
433 |
+
}
|
434 |
+
|
435 |
+
/**
|
436 |
+
* @return bool
|
437 |
+
* @deprecated 9.0
|
438 |
+
*/
|
439 |
+
public function isUfcScanUploads() {
|
440 |
+
return $this->isOpt( 'ufc_scan_uploads', 'Y' );
|
441 |
+
}
|
442 |
+
|
443 |
+
/**
|
444 |
+
* @return bool
|
445 |
+
* @deprecated 9.0
|
446 |
+
*/
|
447 |
+
public function isWcfScanEnabled() {
|
448 |
+
return $this->isOpt( 'enable_core_file_integrity_scan', 'Y' );
|
449 |
+
}
|
450 |
+
|
451 |
+
/**
|
452 |
+
* @return bool
|
453 |
+
* @deprecated 9.0
|
454 |
+
*/
|
455 |
+
public function isApcEnabled() {
|
456 |
+
return $this->isOpt( 'enabled_scan_apc', 'Y' );
|
457 |
+
}
|
458 |
+
|
459 |
+
/**
|
460 |
+
* @return bool
|
461 |
+
* @deprecated 9.0
|
462 |
+
*/
|
463 |
+
public function isMalScanEnabled() {
|
464 |
+
return $this->isOpt( 'mal_scan_enable', 'Y' );
|
465 |
+
}
|
466 |
}
|
src/lib/src/Modules/HackGuard/Reporting.php
ADDED
@@ -0,0 +1,19 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Base\BaseReporting;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\Reports;
|
7 |
+
|
8 |
+
class Reporting extends BaseReporting {
|
9 |
+
|
10 |
+
/**
|
11 |
+
* @inheritDoc
|
12 |
+
*/
|
13 |
+
protected function enumAlertReporters() {
|
14 |
+
return [
|
15 |
+
new Reports\ScanAlerts(),
|
16 |
+
new Reports\FileLockerAlerts(),
|
17 |
+
];
|
18 |
+
}
|
19 |
+
}
|
src/lib/src/Modules/HackGuard/Scan/Controller/Apc.php
CHANGED
@@ -3,8 +3,6 @@
|
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Scan\Controller;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Scans;
|
6 |
-
use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard;
|
7 |
-
use FernleafSystems\Wordpress\Services\Services;
|
8 |
|
9 |
class Apc extends BaseForAssets {
|
10 |
|
@@ -19,9 +17,7 @@ class Apc extends BaseForAssets {
|
|
19 |
* @return bool
|
20 |
*/
|
21 |
public function isEnabled() {
|
22 |
-
|
23 |
-
$oOpts = $this->getOptions();
|
24 |
-
return $oOpts->isApcEnabled();
|
25 |
}
|
26 |
|
27 |
/**
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Scan\Controller;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Scans;
|
|
|
|
|
6 |
|
7 |
class Apc extends BaseForAssets {
|
8 |
|
17 |
* @return bool
|
18 |
*/
|
19 |
public function isEnabled() {
|
20 |
+
return $this->getOptions()->isOpt( 'enabled_scan_apc', 'Y' );
|
|
|
|
|
21 |
}
|
22 |
|
23 |
/**
|
src/lib/src/Modules/HackGuard/Scan/Controller/Base.php
CHANGED
@@ -33,7 +33,7 @@ abstract class Base {
|
|
33 |
->retrieve();
|
34 |
foreach ( $oResults->getItems() as $oItem ) {
|
35 |
if ( !$this->isResultItemStale( $oItem ) ) {
|
36 |
-
$oResults->
|
37 |
}
|
38 |
}
|
39 |
( new HackGuard\Scan\Results\ResultsDelete() )
|
@@ -41,6 +41,18 @@ abstract class Base {
|
|
41 |
->delete( $oResults );
|
42 |
}
|
43 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
44 |
/**
|
45 |
* @return bool
|
46 |
*/
|
@@ -83,7 +95,6 @@ abstract class Base {
|
|
83 |
->convertVoToResultItem( $oEntry );
|
84 |
|
85 |
$bSuccess = $this->getItemActionHandler()
|
86 |
-
->setDbHandler( $this->getScanResultsDbHandler() )
|
87 |
->setScanItem( $oItem )
|
88 |
->process( $sAction );
|
89 |
}
|
@@ -94,13 +105,11 @@ abstract class Base {
|
|
94 |
/**
|
95 |
* @return Scans\Base\BaseResultsSet|mixed
|
96 |
*/
|
97 |
-
|
98 |
-
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
99 |
-
$oMod = $this->getMod();
|
100 |
/** @var Databases\Scanner\Select $oSel */
|
101 |
$oSel = $this->getScanResultsDbHandler()->getQuerySelector();
|
102 |
$oSel->filterByScan( $this->getSlug() )
|
103 |
-
->
|
104 |
return ( new HackGuard\Scan\Results\ConvertBetweenTypes() )
|
105 |
->setScanController( $this )
|
106 |
->fromVOsToResultsSet( $oSel->query() );
|
@@ -213,15 +222,21 @@ abstract class Base {
|
|
213 |
}
|
214 |
|
215 |
/**
|
216 |
-
*
|
217 |
*/
|
218 |
-
public function runCronAutoRepair(
|
219 |
-
|
220 |
-
|
221 |
-
|
222 |
-
|
223 |
-
|
224 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
225 |
}
|
226 |
}
|
227 |
|
33 |
->retrieve();
|
34 |
foreach ( $oResults->getItems() as $oItem ) {
|
35 |
if ( !$this->isResultItemStale( $oItem ) ) {
|
36 |
+
$oResults->removeItemByHash( $oItem->hash );
|
37 |
}
|
38 |
}
|
39 |
( new HackGuard\Scan\Results\ResultsDelete() )
|
41 |
->delete( $oResults );
|
42 |
}
|
43 |
|
44 |
+
/**
|
45 |
+
* @param Databases\Scanner\EntryVO $oEntryVo
|
46 |
+
* @return string
|
47 |
+
*/
|
48 |
+
public function createFileDownloadLink( $oEntryVo ) {
|
49 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
50 |
+
$oMod = $this->getMod();
|
51 |
+
$aActionNonce = $oMod->getNonceActionData( 'scan_file_download' );
|
52 |
+
$aActionNonce[ 'rid' ] = $oEntryVo->id;
|
53 |
+
return add_query_arg( $aActionNonce, $oMod->getUrl_AdminPage() );
|
54 |
+
}
|
55 |
+
|
56 |
/**
|
57 |
* @return bool
|
58 |
*/
|
95 |
->convertVoToResultItem( $oEntry );
|
96 |
|
97 |
$bSuccess = $this->getItemActionHandler()
|
|
|
98 |
->setScanItem( $oItem )
|
99 |
->process( $sAction );
|
100 |
}
|
105 |
/**
|
106 |
* @return Scans\Base\BaseResultsSet|mixed
|
107 |
*/
|
108 |
+
protected function getItemsToAutoRepair() {
|
|
|
|
|
109 |
/** @var Databases\Scanner\Select $oSel */
|
110 |
$oSel = $this->getScanResultsDbHandler()->getQuerySelector();
|
111 |
$oSel->filterByScan( $this->getSlug() )
|
112 |
+
->filterByNotIgnored();
|
113 |
return ( new HackGuard\Scan\Results\ConvertBetweenTypes() )
|
114 |
->setScanController( $this )
|
115 |
->fromVOsToResultsSet( $oSel->query() );
|
222 |
}
|
223 |
|
224 |
/**
|
225 |
+
* TODO: Make private/protected
|
226 |
*/
|
227 |
+
public function runCronAutoRepair() {
|
228 |
+
$oRes = $this->getItemsToAutoRepair();
|
229 |
+
if ( $oRes->hasItems() ) {
|
230 |
+
foreach ( $oRes->getAllItems() as $oItem ) {
|
231 |
+
try {
|
232 |
+
$this->getItemActionHandler()
|
233 |
+
->setScanItem( $oItem )
|
234 |
+
->repair();
|
235 |
+
}
|
236 |
+
catch ( \Exception $oE ) {
|
237 |
+
}
|
238 |
+
}
|
239 |
+
$this->cleanStalesResults();
|
240 |
}
|
241 |
}
|
242 |
|
src/lib/src/Modules/HackGuard/Scan/Controller/Mal.php
CHANGED
@@ -5,9 +5,50 @@ namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Scan\Control
|
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Scans;
|
6 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard;
|
7 |
use FernleafSystems\Wordpress\Services\Services;
|
|
|
8 |
|
9 |
class Mal extends Base {
|
10 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
11 |
/**
|
12 |
* @param Scans\Mal\ResultItem $oItem
|
13 |
* @return bool
|
@@ -29,7 +70,7 @@ class Mal extends Base {
|
|
29 |
public function isCronAutoRepair() {
|
30 |
/** @var HackGuard\Options $oOpts */
|
31 |
$oOpts = $this->getOptions();
|
32 |
-
return $oOpts->
|
33 |
}
|
34 |
|
35 |
/**
|
@@ -38,6 +79,6 @@ class Mal extends Base {
|
|
38 |
public function isEnabled() {
|
39 |
/** @var HackGuard\Options $oOpts */
|
40 |
$oOpts = $this->getOptions();
|
41 |
-
return $oOpts->
|
42 |
}
|
43 |
}
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Scans;
|
6 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard;
|
7 |
use FernleafSystems\Wordpress\Services\Services;
|
8 |
+
use FernleafSystems\Wordpress\Services\Utilities\WpOrg;
|
9 |
|
10 |
class Mal extends Base {
|
11 |
|
12 |
+
/**
|
13 |
+
* Can only possibly repair themes, plugins or core files.
|
14 |
+
* @return Scans\Mal\ResultsSet
|
15 |
+
*/
|
16 |
+
protected function getItemsToAutoRepair() {
|
17 |
+
/** @var HackGuard\Options $oOpts */
|
18 |
+
$oOpts = $this->getOptions();
|
19 |
+
|
20 |
+
$oRes = new Scans\Mal\ResultsSet();
|
21 |
+
|
22 |
+
/** @var Scans\Mal\ResultItem $oItem */
|
23 |
+
foreach ( parent::getItemsToAutoRepair()->getAllItems() as $oItem ) {
|
24 |
+
|
25 |
+
try {
|
26 |
+
if ( $oOpts->isRepairFilePlugin()
|
27 |
+
&& ( new WpOrg\Plugin\Files() )->isValidFileFromPlugin( $oItem->path_full ) ) {
|
28 |
+
$oRes->addItem( $oItem );
|
29 |
+
}
|
30 |
+
}
|
31 |
+
catch ( \InvalidArgumentException $e ) {
|
32 |
+
}
|
33 |
+
|
34 |
+
try {
|
35 |
+
if ( $oOpts->isRepairFileTheme()
|
36 |
+
&& ( new WpOrg\Theme\Files() )->isValidFileFromTheme( $oItem->path_full ) ) {
|
37 |
+
$oRes->addItem( $oItem );
|
38 |
+
}
|
39 |
+
}
|
40 |
+
catch ( \InvalidArgumentException $e ) {
|
41 |
+
}
|
42 |
+
|
43 |
+
if ( !$oOpts->isRepairFileWP()
|
44 |
+
&& Services::CoreFileHashes()->isCoreFile( $oItem->path_full ) ) {
|
45 |
+
$oRes->addItem( $oItem );
|
46 |
+
}
|
47 |
+
}
|
48 |
+
|
49 |
+
return $oRes;
|
50 |
+
}
|
51 |
+
|
52 |
/**
|
53 |
* @param Scans\Mal\ResultItem $oItem
|
54 |
* @return bool
|
70 |
public function isCronAutoRepair() {
|
71 |
/** @var HackGuard\Options $oOpts */
|
72 |
$oOpts = $this->getOptions();
|
73 |
+
return $oOpts->isRepairFileAuto();
|
74 |
}
|
75 |
|
76 |
/**
|
79 |
public function isEnabled() {
|
80 |
/** @var HackGuard\Options $oOpts */
|
81 |
$oOpts = $this->getOptions();
|
82 |
+
return $oOpts->isOpt( 'mal_scan_enable', 'Y' );
|
83 |
}
|
84 |
}
|
src/lib/src/Modules/HackGuard/Scan/Controller/Ptg.php
CHANGED
@@ -9,6 +9,37 @@ use FernleafSystems\Wordpress\Services\Utilities\WpOrg;
|
|
9 |
|
10 |
class Ptg extends BaseForAssets {
|
11 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
12 |
/**
|
13 |
* @param Scans\Mal\ResultItem $oItem
|
14 |
* @return bool
|
@@ -58,7 +89,7 @@ class Ptg extends BaseForAssets {
|
|
58 |
public function isEnabled() {
|
59 |
/** @var HackGuard\Options $oOpts */
|
60 |
$oOpts = $this->getOptions();
|
61 |
-
return $oOpts->
|
62 |
}
|
63 |
|
64 |
/**
|
@@ -69,7 +100,7 @@ class Ptg extends BaseForAssets {
|
|
69 |
$oMod = $this->getMod();
|
70 |
return parent::isScanningAvailable()
|
71 |
&& $this->getOptions()->isOptReqsMet( 'ptg_enable' )
|
72 |
-
&& $oMod->
|
73 |
}
|
74 |
|
75 |
/**
|
9 |
|
10 |
class Ptg extends BaseForAssets {
|
11 |
|
12 |
+
/**
|
13 |
+
* @return Scans\Ptg\ResultsSet
|
14 |
+
*/
|
15 |
+
protected function getItemsToAutoRepair() {
|
16 |
+
/** @var HackGuard\Options $oOpts */
|
17 |
+
$oOpts = $this->getOptions();
|
18 |
+
|
19 |
+
/** @var Scans\Ptg\ResultsSet $oRes */
|
20 |
+
$oRes = parent::getItemsToAutoRepair();
|
21 |
+
|
22 |
+
if ( !$oOpts->isRepairFilePlugin() || !$oOpts->isRepairFileTheme() ) {
|
23 |
+
if ( $oOpts->isRepairFileTheme() ) {
|
24 |
+
$oRes = $oRes->getResultsForThemesContext();
|
25 |
+
}
|
26 |
+
elseif ( $oOpts->isRepairFilePlugin() ) {
|
27 |
+
$oRes = $oRes->getResultsForPluginsContext();
|
28 |
+
}
|
29 |
+
}
|
30 |
+
|
31 |
+
return $oRes;
|
32 |
+
}
|
33 |
+
|
34 |
+
/**
|
35 |
+
* @return bool
|
36 |
+
*/
|
37 |
+
public function isCronAutoRepair() {
|
38 |
+
/** @var HackGuard\Options $oOpts */
|
39 |
+
$oOpts = $this->getOptions();
|
40 |
+
return $oOpts->isRepairFilePlugin() || $oOpts->isRepairFileTheme();
|
41 |
+
}
|
42 |
+
|
43 |
/**
|
44 |
* @param Scans\Mal\ResultItem $oItem
|
45 |
* @return bool
|
89 |
public function isEnabled() {
|
90 |
/** @var HackGuard\Options $oOpts */
|
91 |
$oOpts = $this->getOptions();
|
92 |
+
return $oOpts->isOpt( 'ptg_enable', 'Y' ) && $oOpts->isOptReqsMet( 'ptg_enable' );
|
93 |
}
|
94 |
|
95 |
/**
|
100 |
$oMod = $this->getMod();
|
101 |
return parent::isScanningAvailable()
|
102 |
&& $this->getOptions()->isOptReqsMet( 'ptg_enable' )
|
103 |
+
&& $oMod->canCacheDirWrite();
|
104 |
}
|
105 |
|
106 |
/**
|
src/lib/src/Modules/HackGuard/Scan/Controller/Ufc.php
CHANGED
@@ -29,7 +29,7 @@ class Ufc extends Base {
|
|
29 |
public function isCronAutoRepair() {
|
30 |
/** @var HackGuard\Options $oOpts */
|
31 |
$oOpts = $this->getOptions();
|
32 |
-
return $oOpts->
|
33 |
}
|
34 |
|
35 |
/**
|
@@ -38,7 +38,7 @@ class Ufc extends Base {
|
|
38 |
public function isEnabled() {
|
39 |
/** @var HackGuard\Options $oOpts */
|
40 |
$oOpts = $this->getOptions();
|
41 |
-
return $oOpts->
|
42 |
}
|
43 |
|
44 |
/**
|
29 |
public function isCronAutoRepair() {
|
30 |
/** @var HackGuard\Options $oOpts */
|
31 |
$oOpts = $this->getOptions();
|
32 |
+
return $oOpts->isUfsDeleteFiles();
|
33 |
}
|
34 |
|
35 |
/**
|
38 |
public function isEnabled() {
|
39 |
/** @var HackGuard\Options $oOpts */
|
40 |
$oOpts = $this->getOptions();
|
41 |
+
return $oOpts->getUnrecognisedFileScannerOption() != 'disabled';
|
42 |
}
|
43 |
|
44 |
/**
|
src/lib/src/Modules/HackGuard/Scan/Controller/Wcf.php
CHANGED
@@ -31,7 +31,7 @@ class Wcf extends Base {
|
|
31 |
public function isCronAutoRepair() {
|
32 |
/** @var HackGuard\Options $oOpts */
|
33 |
$oOpts = $this->getOptions();
|
34 |
-
return $oOpts->
|
35 |
}
|
36 |
|
37 |
/**
|
@@ -40,7 +40,7 @@ class Wcf extends Base {
|
|
40 |
public function isEnabled() {
|
41 |
/** @var HackGuard\Options $oOpts */
|
42 |
$oOpts = $this->getOptions();
|
43 |
-
return $oOpts->
|
44 |
}
|
45 |
|
46 |
/**
|
31 |
public function isCronAutoRepair() {
|
32 |
/** @var HackGuard\Options $oOpts */
|
33 |
$oOpts = $this->getOptions();
|
34 |
+
return $oOpts->isRepairFileWP();
|
35 |
}
|
36 |
|
37 |
/**
|
40 |
public function isEnabled() {
|
41 |
/** @var HackGuard\Options $oOpts */
|
42 |
$oOpts = $this->getOptions();
|
43 |
+
return $oOpts->isOpt( 'enable_core_file_integrity_scan', 'Y' );
|
44 |
}
|
45 |
|
46 |
/**
|
src/lib/src/Modules/HackGuard/Scan/Controller/Wpv.php
CHANGED
@@ -29,6 +29,6 @@ class Wpv extends BaseForAssets {
|
|
29 |
public function isEnabled() {
|
30 |
/** @var HackGuard\Options $oOpts */
|
31 |
$oOpts = $this->getOptions();
|
32 |
-
return $oOpts->
|
33 |
}
|
34 |
}
|
29 |
public function isEnabled() {
|
30 |
/** @var HackGuard\Options $oOpts */
|
31 |
$oOpts = $this->getOptions();
|
32 |
+
return $oOpts->isPremium() && $oOpts->isOpt( 'enable_wpvuln_scan', 'Y' );
|
33 |
}
|
34 |
}
|
src/lib/src/Modules/HackGuard/Scan/Queue/CompleteQueue.php
CHANGED
@@ -27,7 +27,6 @@ class CompleteQueue {
|
|
27 |
$oDbH = $this->getDbHandler();
|
28 |
$oSel = $oDbH->getQuerySelector();
|
29 |
|
30 |
-
$aScansToNotify = [];
|
31 |
foreach ( $oSel->getDistinctForColumn( 'scan' ) as $sScanSlug ) {
|
32 |
|
33 |
$oScanCon = $oMod->getScanCon( $sScanSlug );
|
@@ -46,7 +45,6 @@ class CompleteQueue {
|
|
46 |
|
47 |
if ( $oResultsSet->countItems() > 0 ) {
|
48 |
$this->getCon()->fireEvent( $sScanSlug.'_scan_found' );
|
49 |
-
$aScansToNotify[] = $sScanSlug;
|
50 |
}
|
51 |
}
|
52 |
|
@@ -58,11 +56,10 @@ class CompleteQueue {
|
|
58 |
|
59 |
/** @var HackGuard\Options $oOpts */
|
60 |
$oOpts = $this->getOptions();
|
61 |
-
if ( $oOpts->isScanCron() && !
|
62 |
wp_schedule_single_event(
|
63 |
-
Services::Request()->ts() +
|
64 |
-
$oMod->prefix( 'post_scan' )
|
65 |
-
[ $aScansToNotify ]
|
66 |
);
|
67 |
}
|
68 |
$oOpts->setIsScanCron( false );
|
27 |
$oDbH = $this->getDbHandler();
|
28 |
$oSel = $oDbH->getQuerySelector();
|
29 |
|
|
|
30 |
foreach ( $oSel->getDistinctForColumn( 'scan' ) as $sScanSlug ) {
|
31 |
|
32 |
$oScanCon = $oMod->getScanCon( $sScanSlug );
|
45 |
|
46 |
if ( $oResultsSet->countItems() > 0 ) {
|
47 |
$this->getCon()->fireEvent( $sScanSlug.'_scan_found' );
|
|
|
48 |
}
|
49 |
}
|
50 |
|
56 |
|
57 |
/** @var HackGuard\Options $oOpts */
|
58 |
$oOpts = $this->getOptions();
|
59 |
+
if ( $oOpts->isScanCron() && !wp_next_scheduled( $oMod->prefix( 'post_scan' ) ) ) {
|
60 |
wp_schedule_single_event(
|
61 |
+
Services::Request()->ts() + 5,
|
62 |
+
$oMod->prefix( 'post_scan' )
|
|
|
63 |
);
|
64 |
}
|
65 |
$oOpts->setIsScanCron( false );
|
src/lib/src/Modules/HackGuard/Scan/Queue/QueueProcessor.php
CHANGED
@@ -22,7 +22,7 @@ class QueueProcessor extends Utilities\BackgroundProcessing\BackgroundProcess {
|
|
22 |
|
23 |
$oEntry = $oSel->filterByNotStarted()
|
24 |
->filterByNotFinished()
|
25 |
-
->setOrderBy( '
|
26 |
->first();
|
27 |
|
28 |
$oBatch = new \stdClass();
|
22 |
|
23 |
$oEntry = $oSel->filterByNotStarted()
|
24 |
->filterByNotFinished()
|
25 |
+
->setOrderBy( 'id', 'ASC', true )
|
26 |
->first();
|
27 |
|
28 |
$oBatch = new \stdClass();
|
src/lib/src/Modules/HackGuard/Scan/Queue/ScanExecute.php
CHANGED
@@ -31,6 +31,10 @@ class ScanExecute {
|
|
31 |
->setMod( $oMod )
|
32 |
->run();
|
33 |
|
|
|
|
|
|
|
|
|
34 |
$oEntry->results = $oAction->results;
|
35 |
|
36 |
return $oEntry;
|
31 |
->setMod( $oMod )
|
32 |
->run();
|
33 |
|
34 |
+
if ( $oAction->usleep > 0 ) {
|
35 |
+
usleep( $oAction->usleep );
|
36 |
+
}
|
37 |
+
|
38 |
$oEntry->results = $oAction->results;
|
39 |
|
40 |
return $oEntry;
|
src/lib/src/Modules/HackGuard/Strings.php
CHANGED
@@ -3,6 +3,8 @@
|
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Base;
|
|
|
|
|
6 |
|
7 |
class Strings extends Base\Strings {
|
8 |
|
@@ -77,15 +79,6 @@ class Strings extends Base\Strings {
|
|
77 |
];
|
78 |
break;
|
79 |
|
80 |
-
case 'section_realtime' :
|
81 |
-
$sTitleShort = __( 'Realtime', 'wp-simple-firewall' );
|
82 |
-
$sTitle = __( 'Realtime Site Protection', 'wp-simple-firewall' );
|
83 |
-
$aSummary = [
|
84 |
-
sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ), __( 'Provides realtime protection for certain key files.', 'wp-simple-firewall' ) ),
|
85 |
-
sprintf( '%s - %s', __( 'Recommendation', 'wp-simple-firewall' ), __( 'Keep realtime protection turned on to protect key files.', 'wp-simple-firewall' ) ),
|
86 |
-
];
|
87 |
-
break;
|
88 |
-
|
89 |
case 'section_enable_plugin_feature_hack_protection_tools' :
|
90 |
$sTitleShort = sprintf( '%s/%s', __( 'On', 'wp-simple-firewall' ), __( 'Off', 'wp-simple-firewall' ) );
|
91 |
$sTitle = sprintf( __( 'Enable Module: %s', 'wp-simple-firewall' ), $sModName );
|
@@ -105,12 +98,25 @@ class Strings extends Base\Strings {
|
|
105 |
];
|
106 |
break;
|
107 |
|
108 |
-
case '
|
109 |
-
$sTitleShort = __( '
|
110 |
-
$sTitle = __( '
|
111 |
$aSummary = [
|
112 |
-
sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ),
|
113 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
114 |
];
|
115 |
break;
|
116 |
|
@@ -133,12 +139,13 @@ class Strings extends Base\Strings {
|
|
133 |
];
|
134 |
break;
|
135 |
|
136 |
-
|
137 |
-
|
138 |
-
$sTitleShort = __( '
|
|
|
139 |
$aSummary = [
|
140 |
-
sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ), __( '
|
141 |
-
sprintf( '%s - %s', __( 'Recommendation', 'wp-simple-firewall' ), __( 'Keep the
|
142 |
];
|
143 |
break;
|
144 |
|
@@ -151,15 +158,6 @@ class Strings extends Base\Strings {
|
|
151 |
];
|
152 |
break;
|
153 |
|
154 |
-
case 'section_integrity_checking' :
|
155 |
-
$sTitle = __( 'Integrity Checks', 'wp-simple-firewall' );
|
156 |
-
$sTitleShort = __( 'Integrity Checks', 'wp-simple-firewall' );
|
157 |
-
$aSummary = [
|
158 |
-
sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ), __( 'Monitor for unrecognised changes to your system.', 'wp-simple-firewall' ) ),
|
159 |
-
sprintf( '%s - %s', __( 'Recommendation', 'wp-simple-firewall' ), __( 'Enable these to prevent unauthorized changes to your WordPress site.', 'wp-simple-firewall' ) )
|
160 |
-
];
|
161 |
-
break;
|
162 |
-
|
163 |
default:
|
164 |
return parent::getSectionStrings( $sSectionSlug );
|
165 |
}
|
@@ -177,7 +175,7 @@ class Strings extends Base\Strings {
|
|
177 |
* @throws \Exception
|
178 |
*/
|
179 |
public function getOptionStrings( $sOptKey ) {
|
180 |
-
|
181 |
$oMod = $this->getMod();
|
182 |
$sModName = $oMod->getMainFeatureName();
|
183 |
|
@@ -191,23 +189,11 @@ class Strings extends Base\Strings {
|
|
191 |
|
192 |
case 'scan_frequency' :
|
193 |
$sName = __( 'Daily Scan Frequency', 'wp-simple-firewall' );
|
194 |
-
$sSummary = __( 'Number Of Times To
|
195 |
-
$sDescription =
|
196 |
-
|
197 |
-
|
198 |
-
|
199 |
-
case 'notification_interval' :
|
200 |
-
$sName = __( 'Repeat Notifications', 'wp-simple-firewall' );
|
201 |
-
$sSummary = __( 'Item Repeat Notifications Suppression Interval', 'wp-simple-firewall' );
|
202 |
-
$sDescription = __( 'How long the automated scans should wait before repeating a notification about an item.', 'wp-simple-firewall' )
|
203 |
-
.'<br/>'.__( 'Specify the number of days to suppress repeat notifications.', 'wp-simple-firewall' )
|
204 |
-
.'<br/>'.sprintf( '%s: %s', __( 'Note', 'wp-simple-firewall' ), __( 'This is per discovered item or file, not per scan.', 'wp-simple-firewall' ) );
|
205 |
-
break;
|
206 |
-
|
207 |
-
case 'email_files_list' :
|
208 |
-
$sName = __( 'Email Files List', 'wp-simple-firewall' );
|
209 |
-
$sSummary = __( 'Scan Notification Emails Should Include Full Listing Of Files', 'wp-simple-firewall' );
|
210 |
-
$sDescription = __( 'Scanner notification emails will include a summary list of all affected files.', 'wp-simple-firewall' );
|
211 |
break;
|
212 |
|
213 |
case 'enable_plugin_vulnerabilities_scan' :
|
@@ -228,23 +214,72 @@ class Strings extends Base\Strings {
|
|
228 |
$sDescription = __( 'When an update becomes available, automatically apply updates to items with known vulnerabilities.', 'wp-simple-firewall' );
|
229 |
break;
|
230 |
|
231 |
-
case '
|
232 |
-
$sName = __( '
|
233 |
-
|
234 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
235 |
break;
|
236 |
|
237 |
-
case '
|
238 |
-
$sName = __( '
|
239 |
-
$sSummary = __( '
|
240 |
-
$sDescription =
|
241 |
-
|
|
|
|
|
|
|
|
|
242 |
break;
|
243 |
|
244 |
-
case '
|
245 |
-
$sName = __( '
|
246 |
-
$sSummary = __( '
|
247 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
248 |
break;
|
249 |
|
250 |
case 'enable_unrecognised_file_cleaner_scan' :
|
@@ -284,12 +319,6 @@ class Strings extends Base\Strings {
|
|
284 |
.'<br />'.sprintf( '%s: %s', __( 'Warning', 'wp-simple-firewall' ), __( 'This option may cause critical problem with 3rd party plugins that manage user accounts.', 'wp-simple-firewall' ) );
|
285 |
break;
|
286 |
|
287 |
-
case 'ptg_enable' :
|
288 |
-
$sName = sprintf( __( 'Enable %s', 'wp-simple-firewall' ), __( 'Guard', 'wp-simple-firewall' ) );
|
289 |
-
$sSummary = __( 'Enable The Guard For Plugin And Theme Files', 'wp-simple-firewall' );
|
290 |
-
$sDescription = __( 'When enabled the Guard will automatically scan for changes to your Plugin and Theme files.', 'wp-simple-firewall' );
|
291 |
-
break;
|
292 |
-
|
293 |
case 'ptg_depth' : /* DELETED */
|
294 |
$sName = __( 'Guard/Scan Depth', 'wp-simple-firewall' );
|
295 |
$sSummary = __( 'How Deep Into The Plugin Directories To Scan And Guard', 'wp-simple-firewall' );
|
@@ -297,14 +326,6 @@ class Strings extends Base\Strings {
|
|
297 |
.'<br/>'.sprintf( __( 'Setting it to %s will remove this limit and all sub-folders will be scanned - not recommended', 'wp-simple-firewall' ), 0 );
|
298 |
break;
|
299 |
|
300 |
-
case 'ptg_extensions' :
|
301 |
-
$sName = __( 'Included File Types', 'wp-simple-firewall' );
|
302 |
-
$sSummary = __( 'The File Types (by File Extension) Included In The Scan', 'wp-simple-firewall' );
|
303 |
-
$sDescription = __( 'Take a new line for each file extension.', 'wp-simple-firewall' )
|
304 |
-
.'<br/>'.__( 'No commas(,) or periods(.) necessary.', 'wp-simple-firewall' )
|
305 |
-
.'<br/>'.__( 'Remove all extensions to scan all file type (not recommended).', 'wp-simple-firewall' );
|
306 |
-
break;
|
307 |
-
|
308 |
case 'ptg_reinstall_links' :
|
309 |
$sName = __( 'Show Re-Install Links', 'wp-simple-firewall' );
|
310 |
$sSummary = __( 'Show Re-Install Links For Plugins', 'wp-simple-firewall' );
|
@@ -323,18 +344,21 @@ class Strings extends Base\Strings {
|
|
323 |
$sDescription = __( "Abandoned plugins will be highlighted on the main plugins page.", 'wp-simple-firewall' );
|
324 |
break;
|
325 |
|
326 |
-
case 'mal_scan_enable' :
|
327 |
-
$sName = __( 'Automatic Malware Scan', 'wp-simple-firewall' );
|
328 |
-
$sSummary = __( 'Turn On Automatic Malware Scanning', 'wp-simple-firewall' );
|
329 |
-
$sDescription = __( 'Automatically run scanner to detect files infected with malware signatures.', 'wp-simple-firewall' );
|
330 |
-
break;
|
331 |
-
|
332 |
case 'mal_autorepair_core' :
|
333 |
$sName = __( 'Auto-Repair WP Core', 'wp-simple-firewall' );
|
334 |
$sSummary = __( 'Automatically Repair WordPress Core Files', 'wp-simple-firewall' );
|
335 |
$sDescription = __( "Automatically reinstall any core files found to have potential malware.", 'wp-simple-firewall' );
|
336 |
break;
|
337 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
338 |
case 'mal_autorepair_plugins' :
|
339 |
$sName = __( 'Auto-Repair WP Plugins', 'wp-simple-firewall' );
|
340 |
$sSummary = __( 'Automatically Repair WordPress.org Plugins', 'wp-simple-firewall' );
|
@@ -342,15 +366,23 @@ class Strings extends Base\Strings {
|
|
342 |
.'<br />'.sprintf( '%s: %s', __( 'Important', 'wp-simple-firewall' ), __( 'Only compatible with plugins installed from WordPress.org.', 'wp-simple-firewall' ) )
|
343 |
.'<br />'.sprintf( '%s: %s', __( 'Important', 'wp-simple-firewall' ), __( "Also deletes suspected files if they weren't originally distributed with the plugin.", 'wp-simple-firewall' ) );
|
344 |
break;
|
345 |
-
|
346 |
-
case 'mal_autorepair_themes' :
|
347 |
$sName = __( 'Auto-Repair WP Themes', 'wp-simple-firewall' );
|
348 |
$sSummary = __( 'Automatically Repair WordPress.org Themes', 'wp-simple-firewall' );
|
349 |
$sDescription = __( "Automatically repair any theme files found to have potential malware.", 'wp-simple-firewall' )
|
350 |
.'<br />'.sprintf( '%s: %s', __( 'Important', 'wp-simple-firewall' ), __( 'Only compatible with themes installed from WordPress.org.', 'wp-simple-firewall' ) )
|
351 |
.'<br />'.sprintf( '%s: %s', __( 'Important', 'wp-simple-firewall' ), __( "Also deletes suspected files if they weren't originally distributed with the theme.", 'wp-simple-firewall' ) );
|
352 |
break;
|
353 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
354 |
case 'mal_fp_confidence' :
|
355 |
$sName = __( 'Ignore False Positives Threshold', 'wp-simple-firewall' );
|
356 |
$sSummary = __( 'Ignore False Positives In Scan Results Automatically', 'wp-simple-firewall' );
|
@@ -367,21 +399,20 @@ class Strings extends Base\Strings {
|
|
367 |
.' '.' [<a href="https://shsec.io/moreinfomalnetwork">'.__( 'More Info', 'wp-simple-firewall' ).'</a>]'
|
368 |
.'<br />'.__( 'The more sites that share this information, the stronger and smarter the network becomes.', 'wp-simple-firewall' );
|
369 |
break;
|
370 |
-
|
371 |
-
|
372 |
-
$
|
373 |
-
$
|
374 |
-
|
375 |
-
.'<br
|
376 |
-
.'<br />'.sprintf( '%s: %s', __( 'Important', 'wp-simple-firewall' ), __( "Only applies to files that don't fall under the other categories for automatic repair.", 'wp-simple-firewall' ) );
|
377 |
break;
|
378 |
-
|
379 |
-
|
380 |
-
$
|
381 |
-
$
|
382 |
-
|
|
|
383 |
break;
|
384 |
-
|
385 |
default:
|
386 |
return parent::getOptionStrings( $sOptKey );
|
387 |
}
|
@@ -392,4 +423,63 @@ class Strings extends Base\Strings {
|
|
392 |
'description' => $sDescription,
|
393 |
];
|
394 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
395 |
}
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Base;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Lib\FileLocker\Ops\LoadFileLocks;
|
7 |
+
use FernleafSystems\Wordpress\Services\Services;
|
8 |
|
9 |
class Strings extends Base\Strings {
|
10 |
|
79 |
];
|
80 |
break;
|
81 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
82 |
case 'section_enable_plugin_feature_hack_protection_tools' :
|
83 |
$sTitleShort = sprintf( '%s/%s', __( 'On', 'wp-simple-firewall' ), __( 'Off', 'wp-simple-firewall' ) );
|
84 |
$sTitle = sprintf( __( 'Enable Module: %s', 'wp-simple-firewall' ), $sModName );
|
98 |
];
|
99 |
break;
|
100 |
|
101 |
+
case 'section_file_guard' :
|
102 |
+
$sTitleShort = __( 'File Scans and Malware', 'wp-simple-firewall' );
|
103 |
+
$sTitle = __( 'File Scanning and Malware Protection', 'wp-simple-firewall' );
|
104 |
$aSummary = [
|
105 |
+
sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ),
|
106 |
+
__( 'Monitor WordPress files and protect against malicious intrusion and hacking.', 'wp-simple-firewall' ) ),
|
107 |
+
sprintf( '%s - %s', __( 'Recommendation', 'wp-simple-firewall' ),
|
108 |
+
sprintf( __( 'Keep the %s feature turned on.', 'wp-simple-firewall' ), $sTitle ) )
|
109 |
+
];
|
110 |
+
break;
|
111 |
+
|
112 |
+
case 'section_realtime' :
|
113 |
+
$sTitleShort = __( 'Realtime Change Detection', 'wp-simple-firewall' );
|
114 |
+
$sTitle = __( 'Realtime Change Detection', 'wp-simple-firewall' );
|
115 |
+
$aSummary = [
|
116 |
+
sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ),
|
117 |
+
__( 'Monitor Your WordPress Site For Changes To Critical Components In Realtime.', 'wp-simple-firewall' ) ),
|
118 |
+
sprintf( '%s - %s', __( 'Recommendation', 'wp-simple-firewall' ),
|
119 |
+
sprintf( __( 'Enable The Realtime Change Detection Features.', 'wp-simple-firewall' ), $sTitle ) )
|
120 |
];
|
121 |
break;
|
122 |
|
139 |
];
|
140 |
break;
|
141 |
|
142 |
+
//REMOVED:
|
143 |
+
case 'section_scan_wcf' :
|
144 |
+
$sTitleShort = __( 'Core Files', 'wp-simple-firewall' );
|
145 |
+
$sTitle = __( 'WordPress Core File Scanner', 'wp-simple-firewall' );
|
146 |
$aSummary = [
|
147 |
+
sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ), __( 'Regularly scan your WordPress core files for changes compared to official WordPress files.', 'wp-simple-firewall' ) ),
|
148 |
+
sprintf( '%s - %s', __( 'Recommendation', 'wp-simple-firewall' ), sprintf( __( 'Keep the %s feature turned on.', 'wp-simple-firewall' ), $sTitle ) )
|
149 |
];
|
150 |
break;
|
151 |
|
158 |
];
|
159 |
break;
|
160 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
161 |
default:
|
162 |
return parent::getSectionStrings( $sSectionSlug );
|
163 |
}
|
175 |
* @throws \Exception
|
176 |
*/
|
177 |
public function getOptionStrings( $sOptKey ) {
|
178 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
179 |
$oMod = $this->getMod();
|
180 |
$sModName = $oMod->getMainFeatureName();
|
181 |
|
189 |
|
190 |
case 'scan_frequency' :
|
191 |
$sName = __( 'Daily Scan Frequency', 'wp-simple-firewall' );
|
192 |
+
$sSummary = __( 'Number Of Times To Run All Scans Each Day', 'wp-simple-firewall' );
|
193 |
+
$sDescription = [
|
194 |
+
sprintf( '%s: %s', __( 'Default', 'wp-simple-firewall' ), __( 'Once every 24hrs.', 'wp-simple-firewall' ) ),
|
195 |
+
__( 'To improve security, increase the number of scans per day.', 'wp-simple-firewall' )
|
196 |
+
];
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
197 |
break;
|
198 |
|
199 |
case 'enable_plugin_vulnerabilities_scan' :
|
214 |
$sDescription = __( 'When an update becomes available, automatically apply updates to items with known vulnerabilities.', 'wp-simple-firewall' );
|
215 |
break;
|
216 |
|
217 |
+
case 'enable_core_file_integrity_scan' :
|
218 |
+
$sName = sprintf( __( '%s Core Files', 'wp-simple-firewall' ),
|
219 |
+
Services::WpGeneral()->isClassicPress() ? 'ClassicPress' : 'WordPress'
|
220 |
+
);
|
221 |
+
$sSummary = sprintf( __( 'Scan And Monitor %s Core Files For Changes', 'wp-simple-firewall' ),
|
222 |
+
Services::WpGeneral()->isClassicPress() ? 'ClassicPress' : 'WordPress'
|
223 |
+
);
|
224 |
+
$sDescription = [
|
225 |
+
sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ), __( 'Regularly scan your WordPress core files for changes compared to official WordPress files.', 'wp-simple-firewall' ) ),
|
226 |
+
sprintf( '%s - %s', __( 'Recommendation', 'wp-simple-firewall' ), __( 'Keep this feature turned on, at all times.', 'wp-simple-firewall' ) )
|
227 |
+
];
|
228 |
break;
|
229 |
|
230 |
+
case 'mal_scan_enable' :
|
231 |
+
$sName = __( 'Malware', 'wp-simple-firewall' );
|
232 |
+
$sSummary = __( 'Scan And Monitor Files For Malware Infections', 'wp-simple-firewall' );
|
233 |
+
$sDescription = [
|
234 |
+
sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ), __( 'Monitor and detect presence of Malware signatures.', 'wp-simple-firewall' ) ),
|
235 |
+
sprintf( '%s - %s', __( 'Recommendation', 'wp-simple-firewall' ), __( 'Keep this feature turned on, at all times.', 'wp-simple-firewall' ) ),
|
236 |
+
sprintf( '%s - %s', __( 'Note', 'wp-simple-firewall' ), __( 'Currently files of the following types are supported:', 'wp-simple-firewall' ) )
|
237 |
+
.' '.implode( ', ', [ 'PHP' ] )
|
238 |
+
];
|
239 |
break;
|
240 |
|
241 |
+
case 'ptg_enable' :
|
242 |
+
$sName = __( 'Plugins & Themes', 'wp-simple-firewall' );
|
243 |
+
$sSummary = __( 'Scan And Monitor Plugin & Theme Files For Changes', 'wp-simple-firewall' );
|
244 |
+
|
245 |
+
$sDescription = [
|
246 |
+
__( "Looks for new files added to plugins or themes, and also for changes to existing files.", 'wp-simple-firewall' ),
|
247 |
+
sprintf( '%s - %s', __( 'Important', 'wp-simple-firewall' ), __( "Doesn't currently detect missing files.", 'wp-simple-firewall' ) ),
|
248 |
+
sprintf( '%s - %s', __( 'Recommendation', 'wp-simple-firewall' ), __( 'Keep this feature turned on, at all times.', 'wp-simple-firewall' ) )
|
249 |
+
];
|
250 |
+
if ( !$oMod->canCacheDirWrite()) {
|
251 |
+
$sDescription[] = sprintf( __( 'Sorry, this feature is not available because we cannot write to disk at this location: %s', 'wp-simple-firewall' ),
|
252 |
+
'<code>'.$oMod->getPtgSnapsBaseDir().'</code>' );
|
253 |
+
}
|
254 |
+
break;
|
255 |
+
|
256 |
+
case 'file_repair_areas' :
|
257 |
+
$sName = __( 'Automatic File Repair', 'wp-simple-firewall' );
|
258 |
+
$sSummary = __( 'Automatically Repair Files That Have Changes Or Malware Infection', 'wp-simple-firewall' );
|
259 |
+
$sDescription = [
|
260 |
+
__( 'Will attempt to automatically repair files that have been changed or infected with malware.', 'wp-simple-firewall' ),
|
261 |
+
'- '.__( 'In the case of WordPress, original files will be downloaded from WordPress.org to repair any broken files.', 'wp-simple-firewall' ),
|
262 |
+
'- '.__( 'In the case of plugins & themes, only those installed from WordPress.org may be repaired.', 'wp-simple-firewall' ),
|
263 |
+
sprintf( '%s - %s', __( 'Important', 'wp-simple-firewall' ), __( "Auto-Repair will never automatically delete new or unrecognised files.", 'wp-simple-firewall' ) )
|
264 |
+
.' '.__( "Unrecognised files will need to be manually deleted.", 'wp-simple-firewall' ),
|
265 |
+
];
|
266 |
+
break;
|
267 |
+
|
268 |
+
case 'file_locker' :
|
269 |
+
$sName = __( 'File Locker', 'wp-simple-firewall' );
|
270 |
+
$sSummary = __( 'Lock Files Against Tampering And Changes', 'wp-simple-firewall' );
|
271 |
+
$sDescription = [
|
272 |
+
__( 'Detects changes to the files, then lets you examine contents and revert as required.', 'wp-simple-firewall' ),
|
273 |
+
];
|
274 |
+
$aLocks = ( new LoadFileLocks() )
|
275 |
+
->setMod( $this->getMod() )
|
276 |
+
->loadLocks();
|
277 |
+
if ( !empty( $aLocks ) ) {
|
278 |
+
$sDescription[] = __( 'Locked Files', 'wp-simple-firewall' ).':';
|
279 |
+
foreach ( $aLocks as $oLock ) {
|
280 |
+
$sDescription[] = sprintf( '<code>%s</code>', $oLock->file );
|
281 |
+
}
|
282 |
+
}
|
283 |
break;
|
284 |
|
285 |
case 'enable_unrecognised_file_cleaner_scan' :
|
319 |
.'<br />'.sprintf( '%s: %s', __( 'Warning', 'wp-simple-firewall' ), __( 'This option may cause critical problem with 3rd party plugins that manage user accounts.', 'wp-simple-firewall' ) );
|
320 |
break;
|
321 |
|
|
|
|
|
|
|
|
|
|
|
|
|
322 |
case 'ptg_depth' : /* DELETED */
|
323 |
$sName = __( 'Guard/Scan Depth', 'wp-simple-firewall' );
|
324 |
$sSummary = __( 'How Deep Into The Plugin Directories To Scan And Guard', 'wp-simple-firewall' );
|
326 |
.'<br/>'.sprintf( __( 'Setting it to %s will remove this limit and all sub-folders will be scanned - not recommended', 'wp-simple-firewall' ), 0 );
|
327 |
break;
|
328 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
329 |
case 'ptg_reinstall_links' :
|
330 |
$sName = __( 'Show Re-Install Links', 'wp-simple-firewall' );
|
331 |
$sSummary = __( 'Show Re-Install Links For Plugins', 'wp-simple-firewall' );
|
344 |
$sDescription = __( "Abandoned plugins will be highlighted on the main plugins page.", 'wp-simple-firewall' );
|
345 |
break;
|
346 |
|
|
|
|
|
|
|
|
|
|
|
|
|
347 |
case 'mal_autorepair_core' :
|
348 |
$sName = __( 'Auto-Repair WP Core', 'wp-simple-firewall' );
|
349 |
$sSummary = __( 'Automatically Repair WordPress Core Files', 'wp-simple-firewall' );
|
350 |
$sDescription = __( "Automatically reinstall any core files found to have potential malware.", 'wp-simple-firewall' );
|
351 |
break;
|
352 |
|
353 |
+
case 'mal_autorepair_surgical' :
|
354 |
+
$sName = __( 'Surgical Auto-Repair', 'wp-simple-firewall' );
|
355 |
+
$sSummary = __( 'Automatically Attempt To Surgically Remove Malware Code', 'wp-simple-firewall' );
|
356 |
+
$sDescription = __( "Attempts to automatically remove code from infected files.", 'wp-simple-firewall' )
|
357 |
+
.'<br />'.sprintf( '%s: %s', __( 'Warning', 'wp-simple-firewall' ), __( 'This could break your site if code removal leaves remaining code in an inconsistent state.', 'wp-simple-firewall' ) )
|
358 |
+
.'<br />'.sprintf( '%s: %s', __( 'Important', 'wp-simple-firewall' ), __( "Only applies to files that don't fall under the other categories for automatic repair.", 'wp-simple-firewall' ) );
|
359 |
+
break;
|
360 |
+
|
361 |
+
// REMOVED:
|
362 |
case 'mal_autorepair_plugins' :
|
363 |
$sName = __( 'Auto-Repair WP Plugins', 'wp-simple-firewall' );
|
364 |
$sSummary = __( 'Automatically Repair WordPress.org Plugins', 'wp-simple-firewall' );
|
366 |
.'<br />'.sprintf( '%s: %s', __( 'Important', 'wp-simple-firewall' ), __( 'Only compatible with plugins installed from WordPress.org.', 'wp-simple-firewall' ) )
|
367 |
.'<br />'.sprintf( '%s: %s', __( 'Important', 'wp-simple-firewall' ), __( "Also deletes suspected files if they weren't originally distributed with the plugin.", 'wp-simple-firewall' ) );
|
368 |
break;
|
369 |
+
case 'autorepair_themes' :
|
|
|
370 |
$sName = __( 'Auto-Repair WP Themes', 'wp-simple-firewall' );
|
371 |
$sSummary = __( 'Automatically Repair WordPress.org Themes', 'wp-simple-firewall' );
|
372 |
$sDescription = __( "Automatically repair any theme files found to have potential malware.", 'wp-simple-firewall' )
|
373 |
.'<br />'.sprintf( '%s: %s', __( 'Important', 'wp-simple-firewall' ), __( 'Only compatible with themes installed from WordPress.org.', 'wp-simple-firewall' ) )
|
374 |
.'<br />'.sprintf( '%s: %s', __( 'Important', 'wp-simple-firewall' ), __( "Also deletes suspected files if they weren't originally distributed with the theme.", 'wp-simple-firewall' ) );
|
375 |
break;
|
376 |
+
case 'wpvuln_scan_display' :
|
377 |
+
$sName = __( 'Highlight Plugins', 'wp-simple-firewall' );
|
378 |
+
$sSummary = __( 'Highlight Vulnerable Plugins Upon Display', 'wp-simple-firewall' );
|
379 |
+
$sDescription = __( 'Vulnerable plugins will be highlighted on the main plugins page.', 'wp-simple-firewall' );
|
380 |
+
break;
|
381 |
+
case 'email_files_list' :
|
382 |
+
$sName = __( 'Email Files List', 'wp-simple-firewall' );
|
383 |
+
$sSummary = __( 'Scan Notification Emails Should Include Full Listing Of Files', 'wp-simple-firewall' );
|
384 |
+
$sDescription = __( 'Scanner notification emails will include a summary list of all affected files.', 'wp-simple-firewall' );
|
385 |
+
break;
|
386 |
case 'mal_fp_confidence' :
|
387 |
$sName = __( 'Ignore False Positives Threshold', 'wp-simple-firewall' );
|
388 |
$sSummary = __( 'Ignore False Positives In Scan Results Automatically', 'wp-simple-firewall' );
|
399 |
.' '.' [<a href="https://shsec.io/moreinfomalnetwork">'.__( 'More Info', 'wp-simple-firewall' ).'</a>]'
|
400 |
.'<br />'.__( 'The more sites that share this information, the stronger and smarter the network becomes.', 'wp-simple-firewall' );
|
401 |
break;
|
402 |
+
case 'notification_interval' :
|
403 |
+
$sName = __( 'Repeat Notifications', 'wp-simple-firewall' );
|
404 |
+
$sSummary = __( 'Item Repeat Notifications Suppression Interval', 'wp-simple-firewall' );
|
405 |
+
$sDescription = __( 'How long the automated scans should wait before repeating a notification about an item.', 'wp-simple-firewall' )
|
406 |
+
.'<br/>'.__( 'Specify the number of days to suppress repeat notifications.', 'wp-simple-firewall' )
|
407 |
+
.'<br/>'.sprintf( '%s: %s', __( 'Note', 'wp-simple-firewall' ), __( 'This is per discovered item or file, not per scan.', 'wp-simple-firewall' ) );
|
|
|
408 |
break;
|
409 |
+
case 'ptg_extensions' :
|
410 |
+
$sName = __( 'Included File Types', 'wp-simple-firewall' );
|
411 |
+
$sSummary = __( 'The File Types (by File Extension) Included In The Scan', 'wp-simple-firewall' );
|
412 |
+
$sDescription = __( 'Take a new line for each file extension.', 'wp-simple-firewall' )
|
413 |
+
.'<br/>'.__( 'No commas(,) or periods(.) necessary.', 'wp-simple-firewall' )
|
414 |
+
.'<br/>'.__( 'Remove all extensions to scan all file type (not recommended).', 'wp-simple-firewall' );
|
415 |
break;
|
|
|
416 |
default:
|
417 |
return parent::getOptionStrings( $sOptKey );
|
418 |
}
|
423 |
'description' => $sDescription,
|
424 |
];
|
425 |
}
|
426 |
+
|
427 |
+
private function deprecated_strings() {
|
428 |
+
// scan
|
429 |
+
__( "Detect changes to core WordPress files when compared to the official distribution", 'wp-simple-firewall' );
|
430 |
+
__( "Detect files which aren't part of the official WordPress.org distribution", 'wp-simple-firewall' );
|
431 |
+
__( "Detect files that may be infected with malware", 'wp-simple-firewall' );
|
432 |
+
__( '%s has detected abandoned plugins installed on your site.', 'wp-simple-firewall' );
|
433 |
+
__( "Running code that hasn't seen any updates for over 2 years is far from ideal.", 'wp-simple-firewall' );
|
434 |
+
__( 'Details for the items(s) are below:', 'wp-simple-firewall' );
|
435 |
+
__( 'Abandoned Plugin(s) Discovered On Your Site.', 'wp-simple-firewall' );
|
436 |
+
__( 'Unrecognised WordPress Files Detected', 'wp-simple-firewall' );
|
437 |
+
__( 'The %s Unrecognised File Scanner found files which you need to review.', 'wp-simple-firewall' );
|
438 |
+
__( '%s has attempted to delete these files based on your current settings.', 'wp-simple-firewall' );
|
439 |
+
__( 'We recommend you run the scanner to review your site', 'wp-simple-firewall' );
|
440 |
+
sprintf( '[ <a href="https://shsec.io/moreinfoufc">%s</a> ]', __( 'More Info On This Scanner', 'wp-simple-firewall' ) );
|
441 |
+
|
442 |
+
__( 'Modified Core WordPress Files Discovered', 'wp-simple-firewall' );
|
443 |
+
sprintf( __( "The %s Core File Scanner found files with potential problems.", 'wp-simple-firewall' ), $sName );
|
444 |
+
|
445 |
+
$aContent[] = '<strong>'.sprintf( __( "%s has already attempted to repair the files.", 'wp-simple-firewall' ), $sName ).'</strong>'
|
446 |
+
.' '.__( 'But, you should always check these files to ensure everything is as you expect.', 'wp-simple-firewall' );
|
447 |
+
$aContent[] = __( 'You should review these files and replace them with official versions if required.', 'wp-simple-firewall' );
|
448 |
+
$aContent[] = __( 'Alternatively you can have the plugin attempt to repair/replace these files automatically.', 'wp-simple-firewall' )
|
449 |
+
.' [<a href="https://shsec.io/moreinfochecksum">'.__( 'More Info', 'wp-simple-firewall' ).'</a>]';
|
450 |
+
__( "The following files have different content:", 'wp-simple-firewall' );
|
451 |
+
__( 'The following files are missing:', 'wp-simple-firewall' );
|
452 |
+
|
453 |
+
$aContent = [
|
454 |
+
sprintf( __( "The %s Malware Scanner found files with potential malware.", 'wp-simple-firewall' ), $sName ),
|
455 |
+
sprintf( '%s: %s', __( 'Important', 'wp-simple-firewall' ),
|
456 |
+
__( "You must examine the file(s) carefully to determine whether suspicious code is really present.", 'wp-simple-firewall' ) ),
|
457 |
+
sprintf( __( "The %s Malware Scanner searches for common malware patterns and so false positives (detection errors) are to be expected sometimes.", 'wp-simple-firewall' ), $sName ),
|
458 |
+
sprintf( '%s: %s', __( 'Site URL', 'wp-simple-firewall' ), sprintf( '<a href="%s" target="_blank">%s</a>', $sHomeUrl, $sHomeUrl ) ),
|
459 |
+
];
|
460 |
+
__( 'The following files contain suspected malware:', 'wp-simple-firewall' );
|
461 |
+
|
462 |
+
$aContent = [
|
463 |
+
sprintf( __( '%s has detected at least 1 Plugins/Themes have been modified on your site.', 'wp-simple-firewall' ), $sName ),
|
464 |
+
__( 'You will receive only 1 email notification about these changes in a 1 week period.', 'wp-simple-firewall' ),
|
465 |
+
__( 'Details of the problem items are below:', 'wp-simple-firewall' ),
|
466 |
+
];
|
467 |
+
__( 'Modified Themes:', 'wp-simple-firewall' );
|
468 |
+
__( 'Modified Plugins:', 'wp-simple-firewall' );
|
469 |
+
__( 'Plugins/Themes Have Been Altered', 'wp-simple-firewall' );
|
470 |
+
|
471 |
+
$aContent = [
|
472 |
+
sprintf( __( '%s has detected items with known security vulnerabilities.', 'wp-simple-firewall' ), $oCon->getHumanName() ),
|
473 |
+
__( 'You should update or remove these items at your earliest convenience.', 'wp-simple-firewall' ),
|
474 |
+
__( 'Details for the items(s) are below:', 'wp-simple-firewall' ),
|
475 |
+
];
|
476 |
+
|
477 |
+
__( 'Item', 'wp-simple-firewall' );
|
478 |
+
__( 'Vulnerability Title: %s', 'wp-simple-firewall' );
|
479 |
+
__( 'Vulnerability Type: %s', 'wp-simple-firewall' );
|
480 |
+
__( 'Fixed Version: %s', 'wp-simple-firewall' );
|
481 |
+
__( 'Further Information: %s', 'wp-simple-firewall' );
|
482 |
+
|
483 |
+
__( 'Run Scanner', 'wp-simple-firewall' );
|
484 |
+
}
|
485 |
}
|
src/lib/src/Modules/IPs/BotTrack/TrackLinkCheese.php
CHANGED
@@ -15,7 +15,7 @@ class TrackLinkCheese extends Base {
|
|
15 |
const OPT_KEY = 'track_linkcheese';
|
16 |
|
17 |
protected function process() {
|
18 |
-
add_filter( 'robots_txt', [ $this, 'appendRobotsTxt' ],
|
19 |
add_action( 'wp_footer', [ $this, 'insertMouseTrap' ], 0 );
|
20 |
if ( $this->isCheese() ) {
|
21 |
$this->doTransgression();
|
15 |
const OPT_KEY = 'track_linkcheese';
|
16 |
|
17 |
protected function process() {
|
18 |
+
add_filter( 'robots_txt', [ $this, 'appendRobotsTxt' ], 15 );
|
19 |
add_action( 'wp_footer', [ $this, 'insertMouseTrap' ], 0 );
|
20 |
if ( $this->isCheese() ) {
|
21 |
$this->doTransgression();
|
src/lib/src/Modules/IPs/Components/ImportIpsFromFile.php
ADDED
@@ -0,0 +1,43 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\IPs\Components;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\IPs;
|
7 |
+
use FernleafSystems\Wordpress\Services\Services;
|
8 |
+
|
9 |
+
class ImportIpsFromFile {
|
10 |
+
|
11 |
+
use Shield\Modules\ModConsumer;
|
12 |
+
|
13 |
+
public function run() {
|
14 |
+
foreach ( [ 'black', 'white' ] as $sType ) {
|
15 |
+
$this->runFileImport( $sType );
|
16 |
+
}
|
17 |
+
}
|
18 |
+
|
19 |
+
/**
|
20 |
+
* @param string $sType
|
21 |
+
*/
|
22 |
+
private function runFileImport( $sType ) {
|
23 |
+
$oFS = Services::WpFs();
|
24 |
+
|
25 |
+
$sImportFile = $oFS->findFileInDir( 'ip_import_'.$sType, $this->getCon()->getPath_Flags() );
|
26 |
+
if ( $oFS->isFile( $sImportFile ) ) {
|
27 |
+
$sContent = $oFS->getFileContent( $sImportFile );
|
28 |
+
if ( !empty( $sContent ) ) {
|
29 |
+
$oAdd = ( new IPs\Lib\Ops\AddIp() )->setMod( $this->getMod() );
|
30 |
+
foreach ( array_map( 'trim', explode( "\n", $sContent ) ) as $sIP ) {
|
31 |
+
$oAdd->setIP( $sIP );
|
32 |
+
try {
|
33 |
+
$sType == 'white' ? $oAdd->toManualWhitelist( 'file import' )
|
34 |
+
: $oAdd->toManualBlacklist( 'file import' );
|
35 |
+
}
|
36 |
+
catch ( \Exception $oE ) {
|
37 |
+
}
|
38 |
+
}
|
39 |
+
}
|
40 |
+
$oFS->deleteFile( $sImportFile );
|
41 |
+
}
|
42 |
+
}
|
43 |
+
}
|
src/lib/src/Modules/IPs/Lib/BlacklistHandler.php
CHANGED
@@ -2,21 +2,27 @@
|
|
2 |
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\IPs\Lib;
|
4 |
|
|
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\IPs;
|
6 |
-
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
7 |
use FernleafSystems\Wordpress\Services\Services;
|
8 |
|
9 |
class BlacklistHandler {
|
10 |
|
11 |
-
use ModConsumer;
|
|
|
12 |
|
13 |
-
|
14 |
/** @var \ICWP_WPSF_FeatureHandler_Ips $oMod */
|
15 |
$oMod = $this->getMod();
|
16 |
/** @var IPs\Options $oOpts */
|
17 |
$oOpts = $this->getOptions();
|
18 |
if ( $oOpts->isEnabledAutoBlackList() ) {
|
19 |
|
|
|
|
|
|
|
|
|
|
|
20 |
( new IPs\Components\UnblockIpByFlag() )
|
21 |
->setMod( $oMod )
|
22 |
->run();
|
@@ -98,4 +104,10 @@ class BlacklistHandler {
|
|
98 |
}
|
99 |
return $bWhitelisted;
|
100 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
101 |
}
|
2 |
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\IPs\Lib;
|
4 |
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules;
|
6 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\IPs;
|
|
|
7 |
use FernleafSystems\Wordpress\Services\Services;
|
8 |
|
9 |
class BlacklistHandler {
|
10 |
|
11 |
+
use Modules\ModConsumer;
|
12 |
+
use Modules\Base\OneTimeExecute;
|
13 |
|
14 |
+
protected function run() {
|
15 |
/** @var \ICWP_WPSF_FeatureHandler_Ips $oMod */
|
16 |
$oMod = $this->getMod();
|
17 |
/** @var IPs\Options $oOpts */
|
18 |
$oOpts = $this->getOptions();
|
19 |
if ( $oOpts->isEnabledAutoBlackList() ) {
|
20 |
|
21 |
+
$oCon = $this->getCon();
|
22 |
+
if ( Services::WpGeneral()->isCron() && $oCon->isPremiumActive() ) {
|
23 |
+
add_action( $oCon->prefix( 'hourly_cron' ), [ $this, 'runHourlyCron' ] );
|
24 |
+
}
|
25 |
+
|
26 |
( new IPs\Components\UnblockIpByFlag() )
|
27 |
->setMod( $oMod )
|
28 |
->run();
|
104 |
}
|
105 |
return $bWhitelisted;
|
106 |
}
|
107 |
+
|
108 |
+
public function runHourlyCron() {
|
109 |
+
( new IPs\Components\ImportIpsFromFile() )
|
110 |
+
->setMod( $this->getMod() )
|
111 |
+
->run();
|
112 |
+
}
|
113 |
}
|
src/lib/src/Modules/IPs/Lib/BlackmarkRequest.php
CHANGED
@@ -29,7 +29,7 @@ class BlackmarkRequest {
|
|
29 |
$oMod = $this->getMod();
|
30 |
|
31 |
$oTracker = $oMod->loadOffenseTracker();
|
32 |
-
if ( !$this->getCon()->
|
33 |
( new IPs\Components\ProcessOffense() )
|
34 |
->setMod( $oMod )
|
35 |
->setIp( Services::IP()->getRequestIp() )
|
29 |
$oMod = $this->getMod();
|
30 |
|
31 |
$oTracker = $oMod->loadOffenseTracker();
|
32 |
+
if ( !$this->getCon()->plugin_deleting && $oTracker->hasVisitorOffended() && $oTracker->isCommit() ) {
|
33 |
( new IPs\Components\ProcessOffense() )
|
34 |
->setMod( $oMod )
|
35 |
->setIp( Services::IP()->getRequestIp() )
|
src/lib/src/Modules/IPs/Lib/BlockRequest.php
CHANGED
@@ -68,7 +68,12 @@ class BlockRequest {
|
|
68 |
if ( !$oOpts->getCanIpRequestAutoUnblock( $sIp ) ) {
|
69 |
throw new \Exception( 'IP already processed in the last 24hrs' );
|
70 |
}
|
71 |
-
|
|
|
|
|
|
|
|
|
|
|
72 |
|
73 |
( new IPs\Lib\Ops\DeleteIp() )
|
74 |
->setDbHandler( $oMod->getDbHandler_IPs() )
|
68 |
if ( !$oOpts->getCanIpRequestAutoUnblock( $sIp ) ) {
|
69 |
throw new \Exception( 'IP already processed in the last 24hrs' );
|
70 |
}
|
71 |
+
|
72 |
+
{
|
73 |
+
$aExistingIps = $oOpts->getAutoUnblockIps();
|
74 |
+
$aExistingIps[ $sIp ] = Services::Request()->ts();
|
75 |
+
$oOpts->setOpt( 'autounblock_ips', $aExistingIps );
|
76 |
+
}
|
77 |
|
78 |
( new IPs\Lib\Ops\DeleteIp() )
|
79 |
->setDbHandler( $oMod->getDbHandler_IPs() )
|
src/lib/src/Modules/IPs/Lib/Ops/AddIp.php
CHANGED
@@ -22,28 +22,37 @@ class AddIp {
|
|
22 |
public function toAutoBlacklist() {
|
23 |
/** @var \ICWP_WPSF_FeatureHandler_Ips $oMod */
|
24 |
$oMod = $this->getMod();
|
25 |
-
$
|
26 |
|
27 |
$sIP = $this->getIP();
|
28 |
-
if (
|
29 |
throw new \Exception( 'IP address is not valid' );
|
30 |
}
|
|
|
|
|
|
|
31 |
|
32 |
-
$oIP =
|
33 |
-
|
34 |
-
|
35 |
-
|
36 |
-
|
37 |
-
|
38 |
-
|
39 |
-
|
40 |
-
$oIP = $this->add( $oMod::LIST_AUTO_BLACK, 'auto' );
|
41 |
-
}
|
42 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
43 |
$oMod->getDbHandler_IPs()
|
44 |
->getQueryUpdater()
|
45 |
->updateEntry( $oIP, [
|
46 |
-
'last_access_at' => Services::Request()->ts()
|
|
|
47 |
] );
|
48 |
}
|
49 |
return $oIP;
|
@@ -160,11 +169,12 @@ class AddIp {
|
|
160 |
}
|
161 |
|
162 |
/**
|
163 |
-
* @param string
|
164 |
-
* @param string
|
|
|
165 |
* @return Databases\IPs\EntryVO|null
|
166 |
*/
|
167 |
-
private function add( $sList, $sLabel = '' ) {
|
168 |
$oIP = null;
|
169 |
|
170 |
/** @var \ICWP_WPSF_FeatureHandler_Ips $oMod */
|
@@ -178,6 +188,9 @@ class AddIp {
|
|
178 |
$oTempIp->ip = $this->getIP();
|
179 |
$oTempIp->list = $sList;
|
180 |
$oTempIp->label = empty( $sLabel ) ? __( 'No Label', 'wp-simple-firewall' ) : trim( $sLabel );
|
|
|
|
|
|
|
181 |
|
182 |
if ( $oDbh->getQueryInserter()->insert( $oTempIp ) ) {
|
183 |
/** @var Databases\IPs\EntryVO $oIP */
|
22 |
public function toAutoBlacklist() {
|
23 |
/** @var \ICWP_WPSF_FeatureHandler_Ips $oMod */
|
24 |
$oMod = $this->getMod();
|
25 |
+
$oReq = Services::Request();
|
26 |
|
27 |
$sIP = $this->getIP();
|
28 |
+
if ( !Services::IP()->isValidIp( $sIP ) ) {
|
29 |
throw new \Exception( 'IP address is not valid' );
|
30 |
}
|
31 |
+
if ( in_array( $sIP, Services::IP()->getServerPublicIPs() ) ) {
|
32 |
+
throw new \Exception( 'Will not black mark our own server IP' );
|
33 |
+
}
|
34 |
|
35 |
+
$oIP = ( new LookupIpOnList() )
|
36 |
+
->setDbHandler( $oMod->getDbHandler_IPs() )
|
37 |
+
->setListTypeBlack()
|
38 |
+
->setIP( $sIP )
|
39 |
+
->lookup( false );
|
40 |
+
if ( !$oIP instanceof Databases\IPs\EntryVO ) {
|
41 |
+
$oIP = $this->add( $oMod::LIST_AUTO_BLACK, 'auto', $oReq->ts() );
|
42 |
+
}
|
|
|
|
|
43 |
|
44 |
+
// Edge-case: the IP is on the list but the last access long-enough passed
|
45 |
+
// that it's set to be removed by the cron - the IP is basically expired.
|
46 |
+
// We just reset the transgressions
|
47 |
+
/** @var Modules\IPs\Options $oOpts */
|
48 |
+
$oOpts = $this->getOptions();
|
49 |
+
if ( $oIP->transgressions > 0
|
50 |
+
&& ( $oReq->ts() - $oOpts->getAutoExpireTime() > (int)$oIP->last_access_at ) ) {
|
51 |
$oMod->getDbHandler_IPs()
|
52 |
->getQueryUpdater()
|
53 |
->updateEntry( $oIP, [
|
54 |
+
'last_access_at' => Services::Request()->ts(),
|
55 |
+
'transgressions' => 0
|
56 |
] );
|
57 |
}
|
58 |
return $oIP;
|
169 |
}
|
170 |
|
171 |
/**
|
172 |
+
* @param string $sList
|
173 |
+
* @param string $sLabel
|
174 |
+
* @param int|null $nLastAccessAt
|
175 |
* @return Databases\IPs\EntryVO|null
|
176 |
*/
|
177 |
+
private function add( $sList, $sLabel = '', $nLastAccessAt = null ) {
|
178 |
$oIP = null;
|
179 |
|
180 |
/** @var \ICWP_WPSF_FeatureHandler_Ips $oMod */
|
188 |
$oTempIp->ip = $this->getIP();
|
189 |
$oTempIp->list = $sList;
|
190 |
$oTempIp->label = empty( $sLabel ) ? __( 'No Label', 'wp-simple-firewall' ) : trim( $sLabel );
|
191 |
+
if ( is_numeric( $nLastAccessAt ) && $nLastAccessAt > 0 ) {
|
192 |
+
$oTempIp->last_access_at = $nLastAccessAt;
|
193 |
+
}
|
194 |
|
195 |
if ( $oDbh->getQueryInserter()->insert( $oTempIp ) ) {
|
196 |
/** @var Databases\IPs\EntryVO $oIP */
|
src/lib/src/Modules/IPs/Options.php
CHANGED
@@ -29,7 +29,7 @@ class Options extends Base\ShieldOptions {
|
|
29 |
public function getCanIpRequestAutoUnblock( $sIp ) {
|
30 |
$aExistingIps = $this->getAutoUnblockIps();
|
31 |
return !array_key_exists( $sIp, $aExistingIps )
|
32 |
-
|| ( Services::Request()->carbon()->subDay( 1 ) > $aExistingIps[ $sIp ] );
|
33 |
}
|
34 |
|
35 |
/**
|
29 |
public function getCanIpRequestAutoUnblock( $sIp ) {
|
30 |
$aExistingIps = $this->getAutoUnblockIps();
|
31 |
return !array_key_exists( $sIp, $aExistingIps )
|
32 |
+
|| ( Services::Request()->carbon()->subDay( 1 )->timestamp > $aExistingIps[ $sIp ] );
|
33 |
}
|
34 |
|
35 |
/**
|
src/lib/src/Modules/License/Lib/LicenseEmails.php
CHANGED
@@ -29,7 +29,7 @@ class LicenseEmails {
|
|
29 |
];
|
30 |
$oMod->getEmailProcessor()
|
31 |
->sendEmailWithWrap(
|
32 |
-
$oMod->
|
33 |
'Pro License Check Has Failed',
|
34 |
$aMessage
|
35 |
);
|
@@ -57,7 +57,7 @@ class LicenseEmails {
|
|
57 |
];
|
58 |
$oMod->getEmailProcessor()
|
59 |
->sendEmailWithWrap(
|
60 |
-
$oMod->
|
61 |
'[Action May Be Required] Pro License Has Been Deactivated',
|
62 |
$aMessage
|
63 |
);
|
29 |
];
|
30 |
$oMod->getEmailProcessor()
|
31 |
->sendEmailWithWrap(
|
32 |
+
$oMod->getPluginReportEmail(),
|
33 |
'Pro License Check Has Failed',
|
34 |
$aMessage
|
35 |
);
|
57 |
];
|
58 |
$oMod->getEmailProcessor()
|
59 |
->sendEmailWithWrap(
|
60 |
+
$oMod->getPluginReportEmail(),
|
61 |
'[Action May Be Required] Pro License Has Been Deactivated',
|
62 |
$aMessage
|
63 |
);
|
src/lib/src/Modules/License/Lib/LicenseHandler.php
CHANGED
@@ -3,12 +3,53 @@
|
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\License\Lib;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\License\EddLicenseVO;
|
6 |
-
use FernleafSystems\Wordpress\Plugin\Shield\Modules
|
|
|
7 |
use FernleafSystems\Wordpress\Services\Services;
|
8 |
|
9 |
class LicenseHandler {
|
10 |
|
11 |
-
use ModConsumer;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
12 |
|
13 |
/**
|
14 |
* @return bool
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\License\Lib;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\License\EddLicenseVO;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules;
|
7 |
+
use FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi\HandshakingNonce;
|
8 |
use FernleafSystems\Wordpress\Services\Services;
|
9 |
|
10 |
class LicenseHandler {
|
11 |
|
12 |
+
use Modules\ModConsumer;
|
13 |
+
use Modules\Base\OneTimeExecute;
|
14 |
+
|
15 |
+
protected function run() {
|
16 |
+
$oCon = $this->getCon();
|
17 |
+
|
18 |
+
add_action( $oCon->prefix( 'shield_action' ), function ( $sAction ) {
|
19 |
+
$oCon = $this->getCon();
|
20 |
+
switch ( $sAction ) {
|
21 |
+
|
22 |
+
case 'keyless_handshake':
|
23 |
+
case 'snapi_handshake':
|
24 |
+
$sNonce = Services::Request()->query( 'nonce' );
|
25 |
+
if ( !empty( $sNonce ) ) {
|
26 |
+
die( json_encode( [
|
27 |
+
'success' => ( new HandshakingNonce() )
|
28 |
+
->setMod( $this->getMod() )
|
29 |
+
->verify( $sNonce )
|
30 |
+
] ) );
|
31 |
+
}
|
32 |
+
break;
|
33 |
+
|
34 |
+
case 'license_check':
|
35 |
+
if ( !wp_next_scheduled( $oCon->prefix( 'adhoc_cron_license_check' ) ) ) {
|
36 |
+
wp_schedule_single_event( Services::Request()->ts() + 20, $oCon->prefix( 'adhoc_cron_license_check' ) );
|
37 |
+
}
|
38 |
+
break;
|
39 |
+
}
|
40 |
+
} );
|
41 |
+
|
42 |
+
// performs the license check on-demand
|
43 |
+
add_action( $oCon->prefix( 'adhoc_cron_license_check' ), function () {
|
44 |
+
/** @var \ICWP_WPSF_FeatureHandler_License $oMod */
|
45 |
+
$oMod = $this->getMod();
|
46 |
+
try {
|
47 |
+
$oMod->getLicenseHandler()->verify( true );
|
48 |
+
}
|
49 |
+
catch ( \Exception $oE ) {
|
50 |
+
}
|
51 |
+
} );
|
52 |
+
}
|
53 |
|
54 |
/**
|
55 |
* @return bool
|
src/lib/src/Modules/License/Lib/LookupRequest.php
CHANGED
@@ -3,6 +3,7 @@
|
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\License\Lib;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
|
|
6 |
use FernleafSystems\Wordpress\Services\Services;
|
7 |
use FernleafSystems\Wordpress\Services\Utilities\Licenses\Keyless\Lookup;
|
8 |
|
@@ -17,18 +18,13 @@ class LookupRequest {
|
|
17 |
$oCon = $this->getCon();
|
18 |
$oOpts = $this->getOptions();
|
19 |
|
20 |
-
$sPass = wp_generate_password( 16, false );
|
21 |
-
$sUrl = Services::WpGeneral()->getHomeUrl( '', true );
|
22 |
-
|
23 |
-
$this->setKeylessHandshakeNonce( sha1( $sPass.$sUrl ) );
|
24 |
-
|
25 |
{
|
26 |
$oLook = new Lookup();
|
27 |
$oLook->lookup_url_stub = $oOpts->getDef( 'license_store_url_api' );
|
28 |
$oLook->item_id = $oOpts->getDef( 'license_item_id' );
|
29 |
$oLook->install_id = $oCon->getSiteInstallationId();
|
30 |
-
$oLook->url =
|
31 |
-
$oLook->nonce = $
|
32 |
$oLook->meta = [
|
33 |
'version_shield' => $oCon->getVersion(),
|
34 |
'version_php' => Services::Data()->getPhpVersionCleaned()
|
@@ -36,9 +32,6 @@ class LookupRequest {
|
|
36 |
$oLicense = $oLook->lookup();
|
37 |
}
|
38 |
|
39 |
-
// clear the handshake data after the request has gone through
|
40 |
-
$this->setKeylessHandshakeNonce( '' );
|
41 |
-
|
42 |
return $oLicense;
|
43 |
}
|
44 |
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\License\Lib;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi\HandshakingNonce;
|
7 |
use FernleafSystems\Wordpress\Services\Services;
|
8 |
use FernleafSystems\Wordpress\Services\Utilities\Licenses\Keyless\Lookup;
|
9 |
|
18 |
$oCon = $this->getCon();
|
19 |
$oOpts = $this->getOptions();
|
20 |
|
|
|
|
|
|
|
|
|
|
|
21 |
{
|
22 |
$oLook = new Lookup();
|
23 |
$oLook->lookup_url_stub = $oOpts->getDef( 'license_store_url_api' );
|
24 |
$oLook->item_id = $oOpts->getDef( 'license_item_id' );
|
25 |
$oLook->install_id = $oCon->getSiteInstallationId();
|
26 |
+
$oLook->url = Services::WpGeneral()->getHomeUrl( '', true );
|
27 |
+
$oLook->nonce = ( new HandshakingNonce() )->setMod( $this->getMod() )->create();
|
28 |
$oLook->meta = [
|
29 |
'version_shield' => $oCon->getVersion(),
|
30 |
'version_php' => Services::Data()->getPhpVersionCleaned()
|
32 |
$oLicense = $oLook->lookup();
|
33 |
}
|
34 |
|
|
|
|
|
|
|
35 |
return $oLicense;
|
36 |
}
|
37 |
|
src/lib/src/Modules/License/Lib/WpHashes/ApiTokenManager.php
CHANGED
@@ -2,20 +2,21 @@
|
|
2 |
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\License\Lib\WpHashes;
|
4 |
|
5 |
-
use FernleafSystems\Wordpress\Plugin\Shield\Modules
|
6 |
use FernleafSystems\Wordpress\Services\Services;
|
7 |
use FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes\Token;
|
8 |
|
9 |
class ApiTokenManager {
|
10 |
|
11 |
-
use ModConsumer;
|
|
|
12 |
|
13 |
/**
|
14 |
* @var bool
|
15 |
*/
|
16 |
private $bCanRequestOverride = false;
|
17 |
|
18 |
-
|
19 |
add_action( $this->getCon()->prefix( 'event' ), function ( $sEventTag ) {
|
20 |
switch ( $sEventTag ) {
|
21 |
case 'lic_check_success':
|
@@ -39,6 +40,13 @@ class ApiTokenManager {
|
|
39 |
}
|
40 |
|
41 |
/**
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
42 |
* @return string
|
43 |
*/
|
44 |
public function getToken() {
|
2 |
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\License\Lib\WpHashes;
|
4 |
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules;
|
6 |
use FernleafSystems\Wordpress\Services\Services;
|
7 |
use FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes\Token;
|
8 |
|
9 |
class ApiTokenManager {
|
10 |
|
11 |
+
use Modules\ModConsumer;
|
12 |
+
use Modules\Base\OneTimeExecute;
|
13 |
|
14 |
/**
|
15 |
* @var bool
|
16 |
*/
|
17 |
private $bCanRequestOverride = false;
|
18 |
|
19 |
+
protected function run() {
|
20 |
add_action( $this->getCon()->prefix( 'event' ), function ( $sEventTag ) {
|
21 |
switch ( $sEventTag ) {
|
22 |
case 'lic_check_success':
|
40 |
}
|
41 |
|
42 |
/**
|
43 |
+
* IMPORTANT:
|
44 |
+
* To 'Pro Plugin' Nullers: Modifying this wont do your fake PRO registration any good.
|
45 |
+
* The WP Hashes Token API request will always fail for invalid PRO sites.
|
46 |
+
* Please don't change it, as the only result is invalid requests against our API.
|
47 |
+
* Eventually we will completely block their IP addresses and this will result in blocks for the
|
48 |
+
* API requests which don't even require an API Token
|
49 |
+
*
|
50 |
* @return string
|
51 |
*/
|
52 |
public function getToken() {
|
src/lib/src/Modules/Lockdown/Strings.php
CHANGED
@@ -100,7 +100,10 @@ class Strings extends Base\Strings {
|
|
100 |
case 'disable_anonymous_restapi' :
|
101 |
$sName = __( 'Anonymous Rest API', 'wp-simple-firewall' );
|
102 |
$sSummary = sprintf( __( 'Disable The %s System', 'wp-simple-firewall' ), __( 'Anonymous Rest API', 'wp-simple-firewall' ) );
|
103 |
-
$sDescription =
|
|
|
|
|
|
|
104 |
break;
|
105 |
|
106 |
case 'api_namespace_exclusions' :
|
@@ -123,13 +126,6 @@ class Strings extends Base\Strings {
|
|
123 |
.'<br />'.__( 'Equivalent to setting "FORCE_SSL_ADMIN" to TRUE.', 'wp-simple-firewall' );
|
124 |
break;
|
125 |
|
126 |
-
case 'mask_wordpress_version' :
|
127 |
-
$sName = __( 'Mask WordPress Version', 'wp-simple-firewall' );
|
128 |
-
$sSummary = __( 'Prevents Public Display Of Your WordPress Version', 'wp-simple-firewall' );
|
129 |
-
$sDescription = __( 'Enter how you would like your WordPress version displayed publicly. Leave blank to disable this feature.', 'wp-simple-firewall' )
|
130 |
-
.'<br />'.sprintf( '%s: %s', __( 'Warning', 'wp-simple-firewall' ), __( 'This may interfere with WordPress plugins that rely on the $wp_version variable.', 'wp-simple-firewall' ) );
|
131 |
-
break;
|
132 |
-
|
133 |
case 'hide_wordpress_generator_tag' :
|
134 |
$sName = __( 'WP Generator Tag', 'wp-simple-firewall' );
|
135 |
$sSummary = __( 'Remove WP Generator Meta Tag', 'wp-simple-firewall' );
|
100 |
case 'disable_anonymous_restapi' :
|
101 |
$sName = __( 'Anonymous Rest API', 'wp-simple-firewall' );
|
102 |
$sSummary = sprintf( __( 'Disable The %s System', 'wp-simple-firewall' ), __( 'Anonymous Rest API', 'wp-simple-firewall' ) );
|
103 |
+
$sDescription = [
|
104 |
+
__( 'You can choose to completely disable anonymous access to the REST API.', 'wp-simple-firewall' ),
|
105 |
+
sprintf( '%s: %s', __( 'Important', 'wp-simple-firewall' ), __( 'Enabling this option may break plugins that use the REST API for your site visitors.', 'wp-simple-firewall' ) )
|
106 |
+
];
|
107 |
break;
|
108 |
|
109 |
case 'api_namespace_exclusions' :
|
126 |
.'<br />'.__( 'Equivalent to setting "FORCE_SSL_ADMIN" to TRUE.', 'wp-simple-firewall' );
|
127 |
break;
|
128 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
129 |
case 'hide_wordpress_generator_tag' :
|
130 |
$sName = __( 'WP Generator Tag', 'wp-simple-firewall' );
|
131 |
$sSummary = __( 'Remove WP Generator Meta Tag', 'wp-simple-firewall' );
|
src/lib/src/Modules/LoginGuard/Lib/AntiBot/AntibotSetup.php
ADDED
@@ -0,0 +1,98 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
7 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot;
|
8 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Lib\Captcha\CaptchaConfigVO;
|
9 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Lib\TestCacheDirWrite;
|
10 |
+
use FernleafSystems\Wordpress\Services\Services;
|
11 |
+
|
12 |
+
class AntibotSetup {
|
13 |
+
|
14 |
+
use ModConsumer;
|
15 |
+
|
16 |
+
public function __construct() {
|
17 |
+
add_action( 'init', [ $this, 'onWpInit' ], -100 );
|
18 |
+
}
|
19 |
+
|
20 |
+
public function onWpInit() {
|
21 |
+
if ( !Services::WpUsers()->isUserLoggedIn() ) {
|
22 |
+
$this->run();
|
23 |
+
}
|
24 |
+
}
|
25 |
+
|
26 |
+
private function run() {
|
27 |
+
/** @var \ICWP_WPSF_FeatureHandler_LoginProtect $oMod */
|
28 |
+
$oMod = $this->getMod();
|
29 |
+
/** @var LoginGuard\Options $oOpts */
|
30 |
+
$oOpts = $this->getOptions();
|
31 |
+
|
32 |
+
$aProtectionProviders = [];
|
33 |
+
if ( $oOpts->isEnabledCooldown() && $oMod->canCacheDirWrite() ) {
|
34 |
+
$aProtectionProviders[] = ( new AntiBot\ProtectionProviders\CoolDown() )
|
35 |
+
->setMod( $oMod );
|
36 |
+
}
|
37 |
+
|
38 |
+
if ( $oOpts->isEnabledGaspCheck() ) {
|
39 |
+
$aProtectionProviders[] = ( new AntiBot\ProtectionProviders\GaspJs() )
|
40 |
+
->setMod( $oMod );
|
41 |
+
}
|
42 |
+
|
43 |
+
if ( $oMod->isEnabledCaptcha() ) {
|
44 |
+
$oCfg = $oMod->getCaptchaCfg();
|
45 |
+
if ( $oCfg->provider === CaptchaConfigVO::PROV_GOOGLE_RECAP2 ) {
|
46 |
+
$aProtectionProviders[] = ( new AntiBot\ProtectionProviders\GoogleRecaptcha() )
|
47 |
+
->setMod( $oMod );
|
48 |
+
}
|
49 |
+
elseif ( $oCfg->provider === CaptchaConfigVO::PROV_HCAPTCHA ) {
|
50 |
+
$aProtectionProviders[] = ( new AntiBot\ProtectionProviders\HCaptcha() )
|
51 |
+
->setMod( $oMod );
|
52 |
+
}
|
53 |
+
}
|
54 |
+
|
55 |
+
if ( !empty( $aProtectionProviders ) ) {
|
56 |
+
|
57 |
+
AntiBot\FormProviders\WordPress::SetProviders( $aProtectionProviders );
|
58 |
+
/** @var AntiBot\FormProviders\BaseFormProvider[] $aFormProviders */
|
59 |
+
$aFormProviders = [
|
60 |
+
new AntiBot\FormProviders\WordPress()
|
61 |
+
];
|
62 |
+
|
63 |
+
if ( $this->getMod()->getIfSupport3rdParty() ) {
|
64 |
+
if ( @class_exists( 'BuddyPress' ) ) {
|
65 |
+
$aFormProviders[] = new AntiBot\FormProviders\BuddyPress();
|
66 |
+
}
|
67 |
+
if ( @class_exists( 'Easy_Digital_Downloads' ) ) {
|
68 |
+
$aFormProviders[] = new AntiBot\FormProviders\EasyDigitalDownloads();
|
69 |
+
}
|
70 |
+
if ( @class_exists( 'LearnPress' ) ) {
|
71 |
+
$aFormProviders[] = new AntiBot\FormProviders\LearnPress();
|
72 |
+
}
|
73 |
+
if ( function_exists( 'mepr_autoloader' ) || @class_exists( 'MeprAccountCtrl' ) ) {
|
74 |
+
$aFormProviders[] = new AntiBot\FormProviders\MemberPress();
|
75 |
+
}
|
76 |
+
if ( function_exists( 'UM' ) && @class_exists( 'UM' ) && method_exists( 'UM', 'form' ) ) {
|
77 |
+
$aFormProviders[] = new AntiBot\FormProviders\UltimateMember();
|
78 |
+
}
|
79 |
+
if ( @class_exists( 'Paid_Member_Subscriptions' ) && function_exists( 'pms_errors' ) ) {
|
80 |
+
$aFormProviders[] = new AntiBot\FormProviders\PaidMemberSubscriptions();
|
81 |
+
}
|
82 |
+
if ( defined( 'PROFILE_BUILDER_VERSION' ) ) {
|
83 |
+
$aFormProviders[] = new AntiBot\FormProviders\ProfileBuilder();
|
84 |
+
}
|
85 |
+
if ( @class_exists( 'WooCommerce' ) ) {
|
86 |
+
$aFormProviders[] = new AntiBot\FormProviders\WooCommerce();
|
87 |
+
}
|
88 |
+
if ( false && @class_exists( 'UserRegistration' ) && @function_exists( 'UR' ) ) {
|
89 |
+
$aFormProviders[] = new AntiBot\FormProviders\UserRegistration();
|
90 |
+
}
|
91 |
+
}
|
92 |
+
|
93 |
+
foreach ( $aFormProviders as $oForm ) {
|
94 |
+
$oForm->setMod( $oMod )->run();
|
95 |
+
}
|
96 |
+
}
|
97 |
+
}
|
98 |
+
}
|
src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/BaseFormProvider.php
ADDED
@@ -0,0 +1,144 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\FormProviders;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
7 |
+
use FernleafSystems\Wordpress\Services\Services;
|
8 |
+
|
9 |
+
abstract class BaseFormProvider {
|
10 |
+
|
11 |
+
use ModConsumer;
|
12 |
+
|
13 |
+
/**
|
14 |
+
* @var string
|
15 |
+
*/
|
16 |
+
private $sActionToAudit;
|
17 |
+
|
18 |
+
/**
|
19 |
+
* @var string
|
20 |
+
*/
|
21 |
+
private $sUserToAudit;
|
22 |
+
|
23 |
+
/**
|
24 |
+
* @var LoginGuard\Lib\AntiBot\ProtectionProviders\BaseProtectionProvider[]
|
25 |
+
*/
|
26 |
+
private static $aProtectionProviders;
|
27 |
+
|
28 |
+
public static function SetProviders( array $aProviders ) {
|
29 |
+
self::$aProtectionProviders = $aProviders;
|
30 |
+
}
|
31 |
+
|
32 |
+
/**
|
33 |
+
* @return true
|
34 |
+
* @throws \Exception
|
35 |
+
*/
|
36 |
+
protected function checkProviders() {
|
37 |
+
if ( is_array( self::$aProtectionProviders ) ) {
|
38 |
+
foreach ( self::$aProtectionProviders as $oProvider ) {
|
39 |
+
$oProvider->performCheck( $this );
|
40 |
+
}
|
41 |
+
}
|
42 |
+
return true;
|
43 |
+
}
|
44 |
+
|
45 |
+
protected function checkThenDie() {
|
46 |
+
try {
|
47 |
+
$this->checkProviders();
|
48 |
+
}
|
49 |
+
catch ( \Exception $oE ) {
|
50 |
+
Services::WpGeneral()->wpDie( $oE->getMessage() );
|
51 |
+
}
|
52 |
+
}
|
53 |
+
|
54 |
+
public function run() {
|
55 |
+
/** @var LoginGuard\Options $oOpts */
|
56 |
+
$oOpts = $this->getOptions();
|
57 |
+
if ( $oOpts->isProtectLogin() ) {
|
58 |
+
$this->login();
|
59 |
+
}
|
60 |
+
if ( $oOpts->isProtectRegister() ) {
|
61 |
+
$this->register();
|
62 |
+
}
|
63 |
+
if ( $oOpts->isProtectLostPassword() ) {
|
64 |
+
$this->lostpassword();
|
65 |
+
}
|
66 |
+
}
|
67 |
+
|
68 |
+
protected function login() {
|
69 |
+
}
|
70 |
+
|
71 |
+
protected function register() {
|
72 |
+
}
|
73 |
+
|
74 |
+
protected function lostpassword() {
|
75 |
+
}
|
76 |
+
|
77 |
+
/**
|
78 |
+
* @param string $sToAppend
|
79 |
+
* @return string
|
80 |
+
*/
|
81 |
+
public function formInsertsAppend( $sToAppend ) {
|
82 |
+
return $sToAppend.$this->formInsertsBuild();
|
83 |
+
}
|
84 |
+
|
85 |
+
/**
|
86 |
+
* @return string
|
87 |
+
*/
|
88 |
+
public function formInsertsBuild() {
|
89 |
+
$aInserts = [];
|
90 |
+
if ( is_array( self::$aProtectionProviders ) ) {
|
91 |
+
foreach ( self::$aProtectionProviders as $oProvider ) {
|
92 |
+
$aInserts[] = $oProvider->buildFormInsert( $this );
|
93 |
+
}
|
94 |
+
}
|
95 |
+
return implode( "\n", $aInserts );
|
96 |
+
}
|
97 |
+
|
98 |
+
/**
|
99 |
+
* @return void
|
100 |
+
*/
|
101 |
+
public function formInsertsPrint() {
|
102 |
+
echo $this->formInsertsBuild();
|
103 |
+
}
|
104 |
+
|
105 |
+
/**
|
106 |
+
* @return string
|
107 |
+
*/
|
108 |
+
public function getActionToAudit() {
|
109 |
+
return empty( $this->sActionToAudit ) ? 'unknown-action' : $this->sActionToAudit;
|
110 |
+
}
|
111 |
+
|
112 |
+
/**
|
113 |
+
* @return string
|
114 |
+
*/
|
115 |
+
public function getUserToAudit() {
|
116 |
+
return empty( $this->sUserToAudit ) ? 'unknown' : $this->sUserToAudit;
|
117 |
+
}
|
118 |
+
|
119 |
+
/**
|
120 |
+
* @param \WP_Error $oMaybeWpError
|
121 |
+
* @return \WP_Error
|
122 |
+
*/
|
123 |
+
protected function giveMeWpError( $oMaybeWpError ) {
|
124 |
+
return is_wp_error( $oMaybeWpError ) ? $oMaybeWpError : new \WP_Error();
|
125 |
+
}
|
126 |
+
|
127 |
+
/**
|
128 |
+
* @param string $sActionToAudit
|
129 |
+
* @return $this
|
130 |
+
*/
|
131 |
+
protected function setActionToAudit( $sActionToAudit ) {
|
132 |
+
$this->sActionToAudit = $sActionToAudit;
|
133 |
+
return $this;
|
134 |
+
}
|
135 |
+
|
136 |
+
/**
|
137 |
+
* @param string $sUserToAudit
|
138 |
+
* @return $this
|
139 |
+
*/
|
140 |
+
protected function setUserToAudit( $sUserToAudit ) {
|
141 |
+
$this->sUserToAudit = sanitize_user( $sUserToAudit );
|
142 |
+
return $this;
|
143 |
+
}
|
144 |
+
}
|
src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/BuddyPress.php
ADDED
@@ -0,0 +1,18 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\FormProviders;
|
4 |
+
|
5 |
+
class BuddyPress extends BaseFormProvider {
|
6 |
+
|
7 |
+
protected function register() {
|
8 |
+
add_action( 'bp_before_registration_submit_buttons', [ $this, 'formInsertsPrint' ], 10 );
|
9 |
+
add_action( 'bp_signup_validate', [ $this, 'checkRegister' ], 10 );
|
10 |
+
}
|
11 |
+
|
12 |
+
/**
|
13 |
+
* @use die()
|
14 |
+
*/
|
15 |
+
public function checkRegister() {
|
16 |
+
$this->checkThenDie();
|
17 |
+
}
|
18 |
+
}
|
src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/EasyDigitalDownloads.php
ADDED
@@ -0,0 +1,27 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\FormProviders;
|
4 |
+
|
5 |
+
class EasyDigitalDownloads extends BaseFormProvider {
|
6 |
+
|
7 |
+
protected function login() {
|
8 |
+
add_action( 'edd_login_fields_after', [ $this, 'formInsertsPrint' ], 10 );
|
9 |
+
}
|
10 |
+
|
11 |
+
protected function register() {
|
12 |
+
add_action( 'edd_register_form_fields_before_submit', [ $this, 'formInsertsPrint' ], 10 );
|
13 |
+
add_action( 'edd_process_register_form', [ $this, 'checkRegister' ], 10 );
|
14 |
+
}
|
15 |
+
|
16 |
+
public function checkRegister() {
|
17 |
+
try {
|
18 |
+
$this->setActionToAudit( 'edd-register' )
|
19 |
+
->checkProviders();
|
20 |
+
}
|
21 |
+
catch ( \Exception $oE ) {
|
22 |
+
if ( function_exists( 'edd_set_error' ) ) {
|
23 |
+
edd_set_error( $this->getCon()->prefix( rand() ), $oE->getMessage() );
|
24 |
+
}
|
25 |
+
}
|
26 |
+
}
|
27 |
+
}
|
src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/LearnPress.php
ADDED
@@ -0,0 +1,56 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\FormProviders;
|
4 |
+
|
5 |
+
/**
|
6 |
+
* LearnPress actually uses action 'init' to process forms, so that's why we hook AntibotSetup so early (-100).
|
7 |
+
* Class LearnPress
|
8 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\FormProviders
|
9 |
+
*/
|
10 |
+
class LearnPress extends BaseFormProvider {
|
11 |
+
|
12 |
+
protected function login() {
|
13 |
+
add_action( 'learn-press/after-form-login-fields', [ $this, 'formInsertsPrint' ], 100 );
|
14 |
+
add_action( 'learn-press/before-checkout-form-login-button', [ $this, 'formInsertsPrint' ], 100 );
|
15 |
+
add_filter( 'learn-press/login-validate-field', [ $this, 'checkLogin' ], 100 );
|
16 |
+
}
|
17 |
+
|
18 |
+
protected function register() {
|
19 |
+
add_action( 'learn-press/after-form-register-fields', [ $this, 'formInsertsPrint' ], 100 );
|
20 |
+
add_filter( 'learn-press/register-validate-field', [ $this, 'checkRegister' ], 100, 1 );
|
21 |
+
}
|
22 |
+
|
23 |
+
/**
|
24 |
+
* @param string|\WP_Error $sFieldNameOrError
|
25 |
+
* @return string|\WP_Error
|
26 |
+
*/
|
27 |
+
public function checkLogin( $sFieldNameOrError ) {
|
28 |
+
if ( !empty( $sFieldNameOrError ) && !is_wp_error( $sFieldNameOrError ) ) {
|
29 |
+
try {
|
30 |
+
$this->setActionToAudit( 'learnpress-login' )
|
31 |
+
->checkProviders();
|
32 |
+
}
|
33 |
+
catch ( \Exception $oE ) {
|
34 |
+
$sFieldNameOrError = new \WP_Error( 'shield-fail-login', $oE->getMessage() );
|
35 |
+
}
|
36 |
+
}
|
37 |
+
return $sFieldNameOrError;
|
38 |
+
}
|
39 |
+
|
40 |
+
/**
|
41 |
+
* @param string|\WP_Error $sFieldNameOrError
|
42 |
+
* @return string|\WP_Error
|
43 |
+
*/
|
44 |
+
public function checkRegister( $sFieldNameOrError ) {
|
45 |
+
if ( !empty( $sFieldNameOrError ) && !is_wp_error( $sFieldNameOrError ) ) {
|
46 |
+
try {
|
47 |
+
$this->setActionToAudit( 'learnpress-register' )
|
48 |
+
->checkProviders();
|
49 |
+
}
|
50 |
+
catch ( \Exception $oE ) {
|
51 |
+
$sFieldNameOrError = new \WP_Error( 'shield-fail-register', $oE->getMessage() );
|
52 |
+
}
|
53 |
+
}
|
54 |
+
return $sFieldNameOrError;
|
55 |
+
}
|
56 |
+
}
|
src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/MemberPress.php
ADDED
@@ -0,0 +1,73 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\FormProviders;
|
4 |
+
|
5 |
+
class MemberPress extends BaseFormProvider {
|
6 |
+
|
7 |
+
protected function login() {
|
8 |
+
add_action( 'mepr-login-form-before-submit', [ $this, 'formInsertsPrint' ], 100 );
|
9 |
+
add_filter( 'mepr-validate-login', [ $this, 'checkLogin' ], 100 );
|
10 |
+
}
|
11 |
+
|
12 |
+
protected function register() {
|
13 |
+
add_action( 'mepr-checkout-before-submit', [ $this, 'formInsertsPrint' ], 10 );
|
14 |
+
add_filter( 'mepr-validate-signup', [ $this, 'checkReqRegistration_MePr' ], 10, 2 );
|
15 |
+
}
|
16 |
+
|
17 |
+
protected function lostpassword() {
|
18 |
+
add_action( 'mepr-forgot-password-form', [ $this, 'formInsertsPrint' ], 100 );
|
19 |
+
add_filter( 'mepr-validate-forgot-password', [ $this, 'checkLostPassword' ], 100 );
|
20 |
+
}
|
21 |
+
|
22 |
+
/**
|
23 |
+
* @param array $aErrors
|
24 |
+
* @return array
|
25 |
+
*/
|
26 |
+
public function checkLogin( $aErrors ) {
|
27 |
+
if ( !empty( $aErrors ) ) {
|
28 |
+
try {
|
29 |
+
$this->setActionToAudit( 'memberpress-login' )
|
30 |
+
->checkProviders();
|
31 |
+
}
|
32 |
+
catch ( \Exception $oE ) {
|
33 |
+
$aErrors[] = $oE->getMessage();
|
34 |
+
}
|
35 |
+
}
|
36 |
+
return $aErrors;
|
37 |
+
}
|
38 |
+
|
39 |
+
/**
|
40 |
+
* @param array $aErrors
|
41 |
+
* @return array
|
42 |
+
*/
|
43 |
+
public function checkLostPassword( $aErrors ) {
|
44 |
+
if ( !empty( $aErrors ) ) {
|
45 |
+
try {
|
46 |
+
$this->setActionToAudit( 'memberpress-lostpassword' )
|
47 |
+
->checkProviders();
|
48 |
+
}
|
49 |
+
catch ( \Exception $oE ) {
|
50 |
+
$aErrors[] = $oE->getMessage();
|
51 |
+
}
|
52 |
+
}
|
53 |
+
return $aErrors;
|
54 |
+
}
|
55 |
+
|
56 |
+
/**
|
57 |
+
* Errors are passed about here using an array of strings.
|
58 |
+
* @param string[] $aErrors
|
59 |
+
* @return string[]
|
60 |
+
*/
|
61 |
+
public function checkRegister( $aErrors ) {
|
62 |
+
if ( !empty( $aErrors ) ) {
|
63 |
+
try {
|
64 |
+
$this->setActionToAudit( 'memberpress-register' )
|
65 |
+
->checkProviders();
|
66 |
+
}
|
67 |
+
catch ( \Exception $oE ) {
|
68 |
+
$aErrors[] = $oE->getMessage();
|
69 |
+
}
|
70 |
+
}
|
71 |
+
return $aErrors;
|
72 |
+
}
|
73 |
+
}
|
src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/PaidMemberSubscriptions.php
ADDED
@@ -0,0 +1,26 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\FormProviders;
|
4 |
+
|
5 |
+
/**
|
6 |
+
* Class PaidMemberSubscriptions
|
7 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\FormProviders
|
8 |
+
* https://wordpress.org/plugins/paid-member-subscriptions
|
9 |
+
*/
|
10 |
+
class PaidMemberSubscriptions extends BaseFormProvider {
|
11 |
+
|
12 |
+
protected function register() {
|
13 |
+
add_action( 'pms_register_form_after_fields', [ $this, 'formInsertsPrint' ], 100 );
|
14 |
+
add_filter( 'pms_register_form_validation', [ $this, 'checkRegister' ], 100 );
|
15 |
+
}
|
16 |
+
|
17 |
+
public function checkRegister() {
|
18 |
+
try {
|
19 |
+
$this->setActionToAudit( 'paidmembersubscriptions-register' )
|
20 |
+
->checkProviders();
|
21 |
+
}
|
22 |
+
catch ( \Exception $oE ) {
|
23 |
+
\pms_errors()->add( 'shield-fail-register', $oE->getMessage() );
|
24 |
+
}
|
25 |
+
}
|
26 |
+
}
|
src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/ProfileBuilder.php
ADDED
@@ -0,0 +1,32 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\FormProviders;
|
4 |
+
|
5 |
+
/**
|
6 |
+
* Class ProfileBuilder
|
7 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\FormProviders
|
8 |
+
* https://wordpress.org/plugins/profile-builder/
|
9 |
+
*/
|
10 |
+
class ProfileBuilder extends BaseFormProvider {
|
11 |
+
|
12 |
+
protected function register() {
|
13 |
+
add_action( 'wppb_form_before_submit_button', [ $this, 'formInsertsPrint' ], 100 );
|
14 |
+
add_filter( 'wppb_output_field_errors_filter', [ $this, 'checkRegister' ], 100 );
|
15 |
+
}
|
16 |
+
|
17 |
+
/**
|
18 |
+
* @param array $aErrors
|
19 |
+
* @return array
|
20 |
+
*/
|
21 |
+
public function checkRegister( $aErrors ) {
|
22 |
+
try {
|
23 |
+
$this->setActionToAudit( 'profilebuilder-register' )
|
24 |
+
->checkProviders();
|
25 |
+
}
|
26 |
+
catch ( \Exception $oE ) {
|
27 |
+
$aErrors[ 'shield-fail-register' ] =
|
28 |
+
'<span class="wppb-form-error">Bot</span>';
|
29 |
+
}
|
30 |
+
return $aErrors;
|
31 |
+
}
|
32 |
+
}
|
src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/UltimateMember.php
ADDED
@@ -0,0 +1,59 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\FormProviders;
|
4 |
+
|
5 |
+
/**
|
6 |
+
* Class UltimateMember
|
7 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\FormProviders
|
8 |
+
* https://wordpress.org/plugins/ultimate-member/
|
9 |
+
*/
|
10 |
+
class UltimateMember extends BaseFormProvider {
|
11 |
+
|
12 |
+
protected function login() {
|
13 |
+
add_action( 'um_after_login_fields', [ $this, 'formInsertsPrint' ], 100 );
|
14 |
+
add_action( 'um_submit_form_login', [ $this, 'checkLogin' ], 100 );
|
15 |
+
}
|
16 |
+
|
17 |
+
protected function register() {
|
18 |
+
add_action( 'um_after_register_fields', [ $this, 'formInsertsPrint' ], 100 );
|
19 |
+
add_action( 'um_submit_form_register', [ $this, 'checkRegister' ], 5, 0 );
|
20 |
+
}
|
21 |
+
|
22 |
+
protected function lostpassword() {
|
23 |
+
add_action( 'um_after_password_reset_fields', [ $this, 'formInsertsPrint' ], 100 );
|
24 |
+
add_action( 'um_submit_form_password_reset', [ $this, 'checkLostPassword' ], 5, 0 );
|
25 |
+
}
|
26 |
+
|
27 |
+
/**
|
28 |
+
* @return array
|
29 |
+
*/
|
30 |
+
public function checkLogin() {
|
31 |
+
try {
|
32 |
+
$this->setActionToAudit( 'ultimatemember-login' )
|
33 |
+
->checkProviders();
|
34 |
+
}
|
35 |
+
catch ( \Exception $oE ) {
|
36 |
+
\UM()->form()->add_error( 'shield-fail-login', $oE->getMessage() );
|
37 |
+
}
|
38 |
+
}
|
39 |
+
|
40 |
+
public function checkLostPassword() {
|
41 |
+
try {
|
42 |
+
$this->setActionToAudit( 'ultimatemember-lostpassword' )
|
43 |
+
->checkProviders();
|
44 |
+
}
|
45 |
+
catch ( \Exception $oE ) {
|
46 |
+
\UM()->form()->add_error( 'shield-fail-lostpassword', $oE->getMessage() );
|
47 |
+
}
|
48 |
+
}
|
49 |
+
|
50 |
+
public function checkRegister() {
|
51 |
+
try {
|
52 |
+
$this->setActionToAudit( 'ultimatemember-register' )
|
53 |
+
->checkProviders();
|
54 |
+
}
|
55 |
+
catch ( \Exception $oE ) {
|
56 |
+
\UM()->form()->add_error( 'shield-fail-register', $oE->getMessage() );
|
57 |
+
}
|
58 |
+
}
|
59 |
+
}
|
src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/UserRegistration.php
ADDED
@@ -0,0 +1,43 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\FormProviders;
|
4 |
+
|
5 |
+
/**
|
6 |
+
* TODO: Not ready
|
7 |
+
* Class UserRegistration
|
8 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\FormProviders
|
9 |
+
* https://wordpress.org/plugins/user-registration/
|
10 |
+
*/
|
11 |
+
class UserRegistration extends BaseFormProvider {
|
12 |
+
|
13 |
+
protected function register() {
|
14 |
+
add_action( 'user_registration_after_form_fields', [ $this, 'formInsertsPrint' ], 100 );
|
15 |
+
add_action( 'user_registration_response_array', [ $this, 'checkRegister' ], 5, 3 );
|
16 |
+
}
|
17 |
+
|
18 |
+
/**
|
19 |
+
* @return void
|
20 |
+
*/
|
21 |
+
public function formInsertsPrint() {
|
22 |
+
echo '<div class="ur-form-grid">';
|
23 |
+
echo preg_replace('#class="(.*)"#i', 'class="\\1 ur-frontend-field"', $this->formInsertsBuild() );
|
24 |
+
echo '</div>';
|
25 |
+
}
|
26 |
+
|
27 |
+
/**
|
28 |
+
* @param array $aResponse
|
29 |
+
* @param array $aFormData
|
30 |
+
* @param int $nFormID
|
31 |
+
* @return mixed
|
32 |
+
*/
|
33 |
+
public function checkRegister( $aResponse, $aFormData, $nFormID ) {
|
34 |
+
try {
|
35 |
+
$this->setActionToAudit( 'userregistration-register' )
|
36 |
+
->checkProviders();
|
37 |
+
}
|
38 |
+
catch ( \Exception $oE ) {
|
39 |
+
$aResponse[] = $oE->getMessage();
|
40 |
+
}
|
41 |
+
return $aResponse;
|
42 |
+
}
|
43 |
+
}
|
src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/WooCommerce.php
ADDED
@@ -0,0 +1,133 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\FormProviders;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Options;
|
6 |
+
|
7 |
+
class WooCommerce extends BaseFormProvider {
|
8 |
+
|
9 |
+
public function run() {
|
10 |
+
parent::run();
|
11 |
+
/** @var Options $oOpts */
|
12 |
+
$oOpts = $this->getOptions();
|
13 |
+
if ( $oOpts->isProtect( 'checkout_woo' ) ) {
|
14 |
+
$this->woocheckout();
|
15 |
+
}
|
16 |
+
}
|
17 |
+
|
18 |
+
protected function login() {
|
19 |
+
add_action( 'woocommerce_login_form', [ $this, 'formInsertsPrint_WooLogin' ], 100 );
|
20 |
+
add_filter( 'woocommerce_process_login_errors', [ $this, 'checkLogin' ], 10, 2 );
|
21 |
+
add_filter( 'authenticate', [ $this, 'checkLogin' ], 10, 3 );
|
22 |
+
}
|
23 |
+
|
24 |
+
protected function register() {
|
25 |
+
add_action( 'woocommerce_register_form', [ $this, 'formInsertsPrint_WooRegister' ] );
|
26 |
+
add_action( 'woocommerce_after_checkout_registration_form', [ $this, 'formInsertsPrintCheckout' ] );
|
27 |
+
add_filter( 'woocommerce_process_registration_errors', [ $this, 'checkRegister' ], 10, 2 );
|
28 |
+
}
|
29 |
+
|
30 |
+
protected function lostpassword() {
|
31 |
+
add_action( 'woocommerce_lostpassword_form', [ $this, 'formInsertsPrint' ] );
|
32 |
+
}
|
33 |
+
|
34 |
+
protected function woocheckout() {
|
35 |
+
add_action( 'woocommerce_after_checkout_registration_form', [ $this, 'formInsertsPrintCheckout' ] );
|
36 |
+
add_action( 'woocommerce_after_checkout_validation', [ $this, 'checkCheckout' ], 10, 2 );
|
37 |
+
}
|
38 |
+
|
39 |
+
/**
|
40 |
+
* @return void
|
41 |
+
*/
|
42 |
+
public function formInsertsPrint_WooLogin() {
|
43 |
+
/** @var \ICWP_WPSF_FeatureHandler_LoginProtect $oMod */
|
44 |
+
$oMod = $this->getMod();
|
45 |
+
$sInserts = $this->formInsertsBuild();
|
46 |
+
if ( $oMod->getCaptchaCfg()->invisible ) {
|
47 |
+
$sInserts .= '<input type="hidden" name="login" value="Log in" />';
|
48 |
+
}
|
49 |
+
echo $sInserts;
|
50 |
+
}
|
51 |
+
|
52 |
+
/**
|
53 |
+
* @return void
|
54 |
+
*/
|
55 |
+
public function formInsertsPrint_WooRegister() {
|
56 |
+
/** @var \ICWP_WPSF_FeatureHandler_LoginProtect $oMod */
|
57 |
+
$oMod = $this->getMod();
|
58 |
+
$sInserts = $this->formInsertsBuild();
|
59 |
+
if ( $oMod->getCaptchaCfg()->invisible ) {
|
60 |
+
$sInserts .= '<input type="hidden" name="register" value="Register" />';
|
61 |
+
}
|
62 |
+
echo $sInserts;
|
63 |
+
}
|
64 |
+
|
65 |
+
/**
|
66 |
+
* see form-billing.php
|
67 |
+
* @param \WC_Checkout $oCheckout
|
68 |
+
* @return void
|
69 |
+
*/
|
70 |
+
public function formInsertsPrintCheckout( $oCheckout ) {
|
71 |
+
if ( $oCheckout instanceof \WC_Checkout && $oCheckout->is_registration_enabled() ) {
|
72 |
+
$this->formInsertsPrint();
|
73 |
+
}
|
74 |
+
}
|
75 |
+
|
76 |
+
/**
|
77 |
+
* Should be a filter added to WordPress's "authenticate" filter, but before WordPress performs
|
78 |
+
* it's own authentication (theirs is priority 30, so we could go in at around 20).
|
79 |
+
* @param null|\WP_User|\WP_Error $oUserOrError
|
80 |
+
* @param string $sUsername
|
81 |
+
* @return \WP_User|\WP_Error
|
82 |
+
*/
|
83 |
+
public function checkLogin( $oUserOrError, $sUsername ) {
|
84 |
+
try {
|
85 |
+
if ( !is_wp_error( $oUserOrError ) && !empty( $sUsername ) ) {
|
86 |
+
$this->setUserToAudit( $sUsername )
|
87 |
+
->setActionToAudit( 'woo-register' )
|
88 |
+
->checkProviders();
|
89 |
+
}
|
90 |
+
}
|
91 |
+
catch ( \Exception $oE ) {
|
92 |
+
$oUserOrError = $this->giveMeWpError( $oUserOrError );
|
93 |
+
$oUserOrError->add( $this->getCon()->prefix( rand() ), $oE->getMessage() );
|
94 |
+
}
|
95 |
+
return $oUserOrError;
|
96 |
+
}
|
97 |
+
|
98 |
+
/**
|
99 |
+
* @param \WP_Error $oWpError
|
100 |
+
* @param string $sUsername
|
101 |
+
* @return \WP_Error
|
102 |
+
*/
|
103 |
+
public function checkRegister( $oWpError, $sUsername ) {
|
104 |
+
try {
|
105 |
+
$this->setUserToAudit( $sUsername )
|
106 |
+
->setActionToAudit( 'woo-register' )
|
107 |
+
->checkProviders();
|
108 |
+
}
|
109 |
+
catch ( \Exception $oE ) {
|
110 |
+
$oWpError = $this->giveMeWpError( $oWpError );
|
111 |
+
$oWpError->add( $this->getCon()->prefix( rand() ), $oE->getMessage() );
|
112 |
+
}
|
113 |
+
return $oWpError;
|
114 |
+
}
|
115 |
+
|
116 |
+
/**
|
117 |
+
* see class-wc-checkout.php
|
118 |
+
* @param \WP_Error $oWpError
|
119 |
+
* @param array $aPostedData
|
120 |
+
* @return \WP_Error
|
121 |
+
*/
|
122 |
+
public function checkCheckout( $aPostedData, $oWpError ) {
|
123 |
+
try {
|
124 |
+
$this->setActionToAudit( 'woo-checkout' )
|
125 |
+
->checkProviders();
|
126 |
+
}
|
127 |
+
catch ( \Exception $oE ) {
|
128 |
+
$oWpError = $this->giveMeWpError( $oWpError );
|
129 |
+
$oWpError->add( $this->getCon()->prefix( rand() ), $oE->getMessage() );
|
130 |
+
}
|
131 |
+
return $oWpError;
|
132 |
+
}
|
133 |
+
}
|
src/lib/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/WordPress.php
ADDED
@@ -0,0 +1,84 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\FormProviders;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Services\Services;
|
6 |
+
|
7 |
+
class WordPress extends BaseFormProvider {
|
8 |
+
|
9 |
+
protected function login() {
|
10 |
+
add_action( 'login_form', [ $this, 'formInsertsPrint' ], 100 );
|
11 |
+
add_filter( 'login_form_middle', [ $this, 'formInsertsAppend' ], 100 );
|
12 |
+
|
13 |
+
// We give it a priority of 10 so that we can jump in before WordPress does its own validation.
|
14 |
+
add_filter( 'authenticate', [ $this, 'checkLogin' ], 10, 2 );
|
15 |
+
}
|
16 |
+
|
17 |
+
protected function register() {
|
18 |
+
add_action( 'register_form', [ $this, 'formInsertsPrint' ] );
|
19 |
+
|
20 |
+
add_filter( 'registration_errors', [ $this, 'checkRegister' ], 10, 2 );
|
21 |
+
}
|
22 |
+
|
23 |
+
protected function lostpassword() {
|
24 |
+
add_action( 'lostpassword_form', [ $this, 'formInsertsPrint' ] );
|
25 |
+
add_action( 'lostpassword_post', [ $this, 'checkLostPassword' ], 10, 1 );
|
26 |
+
}
|
27 |
+
|
28 |
+
/**
|
29 |
+
* Should be a filter added to WordPress's "authenticate" filter, but before WordPress performs
|
30 |
+
* it's own authentication (theirs is priority 30, so we could go in at around 20).
|
31 |
+
* @param null|\WP_User|\WP_Error $oUserOrError
|
32 |
+
* @param string $sUsername
|
33 |
+
* @return \WP_User|\WP_Error
|
34 |
+
*/
|
35 |
+
public function checkLogin( $oUserOrError, $sUsername ) {
|
36 |
+
try {
|
37 |
+
if ( !is_wp_error( $oUserOrError ) && !empty( $sUsername ) ) {
|
38 |
+
$this->setUserToAudit( $sUsername )
|
39 |
+
->setActionToAudit( 'login' )
|
40 |
+
->checkProviders();
|
41 |
+
}
|
42 |
+
}
|
43 |
+
catch ( \Exception $oE ) {
|
44 |
+
$oUserOrError = $this->giveMeWpError( $oUserOrError );
|
45 |
+
$oUserOrError->add( $this->getCon()->prefix( rand() ), $oE->getMessage() );
|
46 |
+
}
|
47 |
+
return $oUserOrError;
|
48 |
+
}
|
49 |
+
|
50 |
+
/**
|
51 |
+
* @param \WP_Error $oWpError
|
52 |
+
* @return \WP_Error
|
53 |
+
*/
|
54 |
+
public function checkLostPassword( $oWpError ) {
|
55 |
+
try {
|
56 |
+
$this->setUserToAudit( sanitize_user(Services::Request()->post( 'user_login', '' )) )
|
57 |
+
->setActionToAudit( 'reset-password' )
|
58 |
+
->checkProviders();
|
59 |
+
}
|
60 |
+
catch ( \Exception $oE ) {
|
61 |
+
$oWpError = $this->giveMeWpError( $oWpError );
|
62 |
+
$oWpError->add( $this->getCon()->prefix( rand() ), $oE->getMessage() );
|
63 |
+
}
|
64 |
+
return $oWpError;
|
65 |
+
}
|
66 |
+
|
67 |
+
/**
|
68 |
+
* @param \WP_Error $oWpError
|
69 |
+
* @param string $sUsername
|
70 |
+
* @return \WP_Error
|
71 |
+
*/
|
72 |
+
public function checkRegister( $oWpError, $sUsername ) {
|
73 |
+
try {
|
74 |
+
$this->setUserToAudit( $sUsername )
|
75 |
+
->setActionToAudit( 'register' )
|
76 |
+
->checkProviders();
|
77 |
+
}
|
78 |
+
catch ( \Exception $oE ) {
|
79 |
+
$oWpError = $this->giveMeWpError( $oWpError );
|
80 |
+
$oWpError->add( $this->getCon()->prefix( rand() ), $oE->getMessage() );
|
81 |
+
}
|
82 |
+
return $oWpError;
|
83 |
+
}
|
84 |
+
}
|
src/lib/src/Modules/LoginGuard/Lib/AntiBot/IncludeJs.php
ADDED
@@ -0,0 +1,25 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
7 |
+
use FernleafSystems\Wordpress\Services\Services;
|
8 |
+
|
9 |
+
/**
|
10 |
+
* Class IncludeJs
|
11 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot
|
12 |
+
* @deprecated 9.0
|
13 |
+
*/
|
14 |
+
class IncludeJs {
|
15 |
+
|
16 |
+
use ModConsumer;
|
17 |
+
|
18 |
+
private static $bAntiBotJsEnqueued = false;
|
19 |
+
|
20 |
+
public function run() {
|
21 |
+
}
|
22 |
+
|
23 |
+
public function onWpEnqueueJs() {
|
24 |
+
}
|
25 |
+
}
|
src/lib/src/Modules/LoginGuard/Lib/AntiBot/ProtectionProviders/BaseProtectionProvider.php
ADDED
@@ -0,0 +1,61 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\ProtectionProviders;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
7 |
+
|
8 |
+
abstract class BaseProtectionProvider {
|
9 |
+
|
10 |
+
use ModConsumer;
|
11 |
+
|
12 |
+
/**
|
13 |
+
* @var bool
|
14 |
+
*/
|
15 |
+
private $bFactorTested;
|
16 |
+
|
17 |
+
public function __construct() {
|
18 |
+
add_action( 'wp_loaded', [ $this, 'setup' ] );
|
19 |
+
}
|
20 |
+
|
21 |
+
public function setup() {
|
22 |
+
}
|
23 |
+
|
24 |
+
/**
|
25 |
+
* @return bool
|
26 |
+
*/
|
27 |
+
public function isFactorTested() {
|
28 |
+
return (bool)$this->bFactorTested;
|
29 |
+
}
|
30 |
+
|
31 |
+
/**
|
32 |
+
* @param LoginGuard\Lib\AntiBot\FormProviders\BaseFormProvider $oFormProvider
|
33 |
+
* @return string
|
34 |
+
*/
|
35 |
+
abstract public function buildFormInsert( $oFormProvider );
|
36 |
+
|
37 |
+
/**
|
38 |
+
* @param LoginGuard\Lib\AntiBot\FormProviders\BaseFormProvider $oForm
|
39 |
+
* @throws \Exception
|
40 |
+
*/
|
41 |
+
abstract public function performCheck( $oForm );
|
42 |
+
|
43 |
+
/**
|
44 |
+
* @param bool $bFactorTested
|
45 |
+
* @return $this
|
46 |
+
*/
|
47 |
+
public function setFactorTested( $bFactorTested ) {
|
48 |
+
$this->bFactorTested = $bFactorTested;
|
49 |
+
return $this;
|
50 |
+
}
|
51 |
+
|
52 |
+
/**
|
53 |
+
* @return $this
|
54 |
+
*/
|
55 |
+
protected function processFailure() {
|
56 |
+
remove_filter( 'authenticate', 'wp_authenticate_username_password', 20 ); // wp-includes/user.php
|
57 |
+
remove_filter( 'authenticate', 'wp_authenticate_email_password', 20 ); // wp-includes/user.php
|
58 |
+
$this->getCon()->fireEvent( 'login_block' );
|
59 |
+
return $this;
|
60 |
+
}
|
61 |
+
}
|
src/{processors/loginprotect_cooldown.php → lib/src/Modules/LoginGuard/Lib/AntiBot/ProtectionProviders/CoolDown.php}
RENAMED
@@ -1,21 +1,22 @@
|
|
1 |
<?php
|
2 |
|
3 |
-
|
4 |
|
5 |
-
|
|
|
|
|
6 |
|
7 |
/**
|
8 |
-
* @
|
9 |
*/
|
10 |
-
|
11 |
-
|
12 |
if ( !$this->isFactorTested() ) {
|
13 |
$this->setFactorTested( true );
|
14 |
|
15 |
// At this point someone has attempted to login within the previous login wait interval
|
16 |
// So we remove WordPress's authentication filter and our own user check authentication
|
17 |
// And finally return a WP_Error which will be reflected back to the user.
|
18 |
-
$oCooldownFlag = ( new
|
19 |
if ( $oCooldownFlag->isWithinCooldownPeriod() ) {
|
20 |
$sErrorString = __( "Request Cooldown in effect.", 'wp-simple-firewall' ).' '
|
21 |
.sprintf(
|
@@ -31,4 +32,11 @@ class ICWP_WPSF_Processor_LoginProtect_Cooldown extends ICWP_WPSF_Processor_Logi
|
|
31 |
$oCooldownFlag->updateCooldownFlag();
|
32 |
}
|
33 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
34 |
}
|
1 |
<?php
|
2 |
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\ProtectionProviders;
|
4 |
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\CooldownFlagFile;
|
6 |
+
|
7 |
+
class CoolDown extends BaseProtectionProvider {
|
8 |
|
9 |
/**
|
10 |
+
* @inheritDoc
|
11 |
*/
|
12 |
+
public function performCheck( $oForm ) {
|
|
|
13 |
if ( !$this->isFactorTested() ) {
|
14 |
$this->setFactorTested( true );
|
15 |
|
16 |
// At this point someone has attempted to login within the previous login wait interval
|
17 |
// So we remove WordPress's authentication filter and our own user check authentication
|
18 |
// And finally return a WP_Error which will be reflected back to the user.
|
19 |
+
$oCooldownFlag = ( new CooldownFlagFile() )->setMod( $this->getMod() );
|
20 |
if ( $oCooldownFlag->isWithinCooldownPeriod() ) {
|
21 |
$sErrorString = __( "Request Cooldown in effect.", 'wp-simple-firewall' ).' '
|
22 |
.sprintf(
|
32 |
$oCooldownFlag->updateCooldownFlag();
|
33 |
}
|
34 |
}
|
35 |
+
|
36 |
+
/**
|
37 |
+
* @inheritDoc
|
38 |
+
*/
|
39 |
+
public function buildFormInsert( $oFormProvider ) {
|
40 |
+
return '';
|
41 |
+
}
|
42 |
}
|
src/lib/src/Modules/LoginGuard/Lib/AntiBot/ProtectionProviders/GaspJs.php
ADDED
@@ -0,0 +1,123 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\ProtectionProviders;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard;
|
6 |
+
use FernleafSystems\Wordpress\Services\Services;
|
7 |
+
|
8 |
+
class GaspJs extends BaseProtectionProvider {
|
9 |
+
|
10 |
+
public function setup() {
|
11 |
+
if ( Services::Request()->query( 'wp_service_worker', 0 ) != 1 ) {
|
12 |
+
add_action( 'wp_enqueue_scripts', [ $this, 'onWpEnqueueJs' ] );
|
13 |
+
add_action( 'login_enqueue_scripts', [ $this, 'onWpEnqueueJs' ] );
|
14 |
+
}
|
15 |
+
}
|
16 |
+
|
17 |
+
/**
|
18 |
+
* @inheritDoc
|
19 |
+
*/
|
20 |
+
public function performCheck( $oForm ) {
|
21 |
+
if ( $this->isFactorTested() ) {
|
22 |
+
return;
|
23 |
+
}
|
24 |
+
|
25 |
+
/** @var \ICWP_WPSF_FeatureHandler_LoginProtect $oMod */
|
26 |
+
$oMod = $this->getMod();
|
27 |
+
$this->setFactorTested( true );
|
28 |
+
|
29 |
+
$oReq = Services::Request();
|
30 |
+
$sGaspCheckBox = $oReq->post( $oMod->getGaspKey() );
|
31 |
+
$sHoney = $oReq->post( 'icwp_wpsf_login_email' );
|
32 |
+
|
33 |
+
$sUsername = $oForm->getUserToAudit();
|
34 |
+
$sActionAttempted = $oForm->getActionToAudit();
|
35 |
+
|
36 |
+
$bValid = false;
|
37 |
+
$sError = '';
|
38 |
+
if ( empty( $sGaspCheckBox ) ) {
|
39 |
+
$this->getCon()->fireEvent(
|
40 |
+
'botbox_fail',
|
41 |
+
[
|
42 |
+
'audit' => [
|
43 |
+
'user_login' => $sUsername,
|
44 |
+
'action' => $sActionAttempted,
|
45 |
+
]
|
46 |
+
]
|
47 |
+
);
|
48 |
+
$sError = __( "Please check that box to say you're human, and not a bot.", 'wp-simple-firewall' );
|
49 |
+
}
|
50 |
+
elseif ( !empty( $sHoney ) ) {
|
51 |
+
$this->getCon()->fireEvent(
|
52 |
+
'honeypot_fail',
|
53 |
+
[
|
54 |
+
'audit' => [
|
55 |
+
'user_login' => $sUsername,
|
56 |
+
'action' => $sActionAttempted,
|
57 |
+
]
|
58 |
+
]
|
59 |
+
);
|
60 |
+
$sError = __( 'You appear to be a bot.', 'wp-simple-firewall' );
|
61 |
+
}
|
62 |
+
else {
|
63 |
+
$bValid = true;
|
64 |
+
}
|
65 |
+
|
66 |
+
if ( !$bValid ) {
|
67 |
+
$this->processFailure();
|
68 |
+
throw new \Exception( $sError );
|
69 |
+
}
|
70 |
+
}
|
71 |
+
|
72 |
+
public function onWpEnqueueJs() {
|
73 |
+
$oCon = $this->getCon();
|
74 |
+
/** @var \ICWP_WPSF_FeatureHandler_LoginProtect $oMod */
|
75 |
+
$oMod = $this->getMod();
|
76 |
+
/** @var LoginGuard\Options $oOpts */
|
77 |
+
$oOpts = $this->getOptions();
|
78 |
+
|
79 |
+
$sAsset = 'shield-antibot';
|
80 |
+
$sUnique = $oMod->prefix( $sAsset );
|
81 |
+
wp_register_script(
|
82 |
+
$sUnique,
|
83 |
+
$oCon->getPluginUrl_Js( $sAsset ),
|
84 |
+
[ 'jquery' ],
|
85 |
+
$oCon->getVersion(),
|
86 |
+
true
|
87 |
+
);
|
88 |
+
wp_enqueue_script( $sUnique );
|
89 |
+
|
90 |
+
wp_localize_script(
|
91 |
+
$sUnique,
|
92 |
+
'icwp_wpsf_vars_lpantibot',
|
93 |
+
[
|
94 |
+
'form_selectors' => implode( ',', $oOpts->getAntiBotFormSelectors() ),
|
95 |
+
'uniq' => preg_replace( '#[^a-zA-Z0-9]#', '', apply_filters( 'icwp_shield_lp_gasp_uniqid', uniqid() ) ),
|
96 |
+
'cbname' => $oMod->getGaspKey(),
|
97 |
+
'strings' => [
|
98 |
+
'label' => $oMod->getTextImAHuman(),
|
99 |
+
'alert' => $oMod->getTextPleaseCheckBox(),
|
100 |
+
'loading' => __( 'Loading', 'wp-simple-firewall' )
|
101 |
+
],
|
102 |
+
'flags' => [
|
103 |
+
'gasp' => $oOpts->isEnabledGaspCheck(),
|
104 |
+
'captcha' => $oMod->isEnabledCaptcha(),
|
105 |
+
]
|
106 |
+
]
|
107 |
+
);
|
108 |
+
}
|
109 |
+
|
110 |
+
/**
|
111 |
+
* @inheritDoc
|
112 |
+
*/
|
113 |
+
public function buildFormInsert( $oFormProvider ) {
|
114 |
+
return $this->getMod()->renderTemplate(
|
115 |
+
'/snippets/anti_bot/gasp_js.twig',
|
116 |
+
[
|
117 |
+
'strings' => [
|
118 |
+
'loading' => __( 'Loading', 'wp-simple-firewall' )
|
119 |
+
]
|
120 |
+
]
|
121 |
+
);
|
122 |
+
}
|
123 |
+
}
|
src/lib/src/Modules/LoginGuard/Lib/AntiBot/ProtectionProviders/GoogleRecaptcha.php
ADDED
@@ -0,0 +1,66 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\ProtectionProviders;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Utilities\ReCaptcha\TestRequest;
|
6 |
+
|
7 |
+
class GoogleRecaptcha extends BaseProtectionProvider {
|
8 |
+
|
9 |
+
public function setup() {
|
10 |
+
$this->getCon()
|
11 |
+
->getModule_Plugin()
|
12 |
+
->getCaptchaEnqueue()
|
13 |
+
->setMod( $this->getMod() )
|
14 |
+
->setToEnqueue();
|
15 |
+
}
|
16 |
+
|
17 |
+
/**
|
18 |
+
* @inheritDoc
|
19 |
+
*/
|
20 |
+
public function performCheck( $oForm ) {
|
21 |
+
if ( !$this->isFactorTested() ) {
|
22 |
+
$this->setFactorTested( true );
|
23 |
+
try {
|
24 |
+
$this->getResponseTester()
|
25 |
+
->setMod( $this->getMod() )
|
26 |
+
->test();
|
27 |
+
}
|
28 |
+
catch ( \Exception $oE ) {
|
29 |
+
$this->processFailure();
|
30 |
+
throw $oE;
|
31 |
+
}
|
32 |
+
}
|
33 |
+
}
|
34 |
+
|
35 |
+
/**
|
36 |
+
* @return TestRequest
|
37 |
+
*/
|
38 |
+
protected function getResponseTester() {
|
39 |
+
return new TestRequest();
|
40 |
+
}
|
41 |
+
|
42 |
+
/**
|
43 |
+
* @inheritDoc
|
44 |
+
*/
|
45 |
+
public function buildFormInsert( $oFormProvider ) {
|
46 |
+
return $this->getCaptchaHtml();
|
47 |
+
}
|
48 |
+
|
49 |
+
/**
|
50 |
+
* @return string
|
51 |
+
*/
|
52 |
+
private function getCaptchaHtml() {
|
53 |
+
/** @var \ICWP_WPSF_FeatureHandler_LoginProtect $oMod */
|
54 |
+
$oMod = $this->getMod();
|
55 |
+
if ( $oMod->getCaptchaCfg()->invisible ) {
|
56 |
+
$sExtraStyles = '';
|
57 |
+
}
|
58 |
+
else {
|
59 |
+
$sExtraStyles = '<style>@media screen {#rc-imageselect, .icwpg-recaptcha iframe {transform:scale(0.895);-webkit-transform:scale(0.895);transform-origin:0 0;-webkit-transform-origin:0 0;}</style>';
|
60 |
+
}
|
61 |
+
return $sExtraStyles.$this->getCon()
|
62 |
+
->getModule_Plugin()
|
63 |
+
->getCaptchaEnqueue()
|
64 |
+
->getCaptchaHtml();
|
65 |
+
}
|
66 |
+
}
|
src/lib/src/Modules/LoginGuard/Lib/AntiBot/ProtectionProviders/HCaptcha.php
ADDED
@@ -0,0 +1,15 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot\ProtectionProviders;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Utilities\HCaptcha\TestRequest;
|
6 |
+
|
7 |
+
class HCaptcha extends GoogleRecaptcha {
|
8 |
+
|
9 |
+
/**
|
10 |
+
* @return TestRequest
|
11 |
+
*/
|
12 |
+
protected function getResponseTester() {
|
13 |
+
return new TestRequest();
|
14 |
+
}
|
15 |
+
}
|
src/lib/src/Modules/LoginGuard/Lib/CooldownFlagFile.php
CHANGED
@@ -33,7 +33,7 @@ class CooldownFlagFile {
|
|
33 |
* @return string
|
34 |
*/
|
35 |
public function getFlagFilePath() {
|
36 |
-
return path_join( $this->getCon()->
|
37 |
}
|
38 |
|
39 |
/**
|
33 |
* @return string
|
34 |
*/
|
35 |
public function getFlagFilePath() {
|
36 |
+
return path_join( $this->getCon()->getPluginCachePath(), 'mode.login_throttled' );
|
37 |
}
|
38 |
|
39 |
/**
|
src/lib/src/Modules/LoginGuard/Lib/TwoFactor/Provider/Email.php
CHANGED
@@ -82,10 +82,8 @@ class Email extends BaseProvider {
|
|
82 |
* @return string
|
83 |
*/
|
84 |
protected function getSecret( \WP_User $oUser ) {
|
85 |
-
/** @var \ICWP_WPSF_FeatureHandler_LoginProtect $oMod */
|
86 |
-
$oMod = $this->getMod();
|
87 |
return strtoupper( substr(
|
88 |
-
hash_hmac( 'sha1', $this->getCon()->getUniqueRequestId(), $
|
89 |
0, 6
|
90 |
) );
|
91 |
}
|
@@ -121,7 +119,7 @@ class Email extends BaseProvider {
|
|
121 |
}
|
122 |
else {
|
123 |
$this->setProfileValidated( $oUser, false );
|
124 |
-
$sMsg = __( 'Email Two-Factor Authentication
|
125 |
}
|
126 |
|
127 |
if ( !empty( $sMsg ) ) {
|
82 |
* @return string
|
83 |
*/
|
84 |
protected function getSecret( \WP_User $oUser ) {
|
|
|
|
|
85 |
return strtoupper( substr(
|
86 |
+
hash_hmac( 'sha1', $this->getCon()->getUniqueRequestId(), $this->getCon()->getSiteInstallationId() ),
|
87 |
0, 6
|
88 |
) );
|
89 |
}
|
119 |
}
|
120 |
else {
|
121 |
$this->setProfileValidated( $oUser, false );
|
122 |
+
$sMsg = __( 'Email Two-Factor Authentication has been disabled.', 'wp-simple-firewall' );
|
123 |
}
|
124 |
|
125 |
if ( !empty( $sMsg ) ) {
|
src/lib/src/Modules/LoginGuard/Options.php
CHANGED
@@ -10,6 +10,14 @@ use FernleafSystems\Wordpress\Plugin\Shield\Modules\Base;
|
|
10 |
*/
|
11 |
class Options extends Base\ShieldOptions {
|
12 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
13 |
/**
|
14 |
* @return int
|
15 |
*/
|
@@ -69,13 +77,6 @@ class Options extends Base\ShieldOptions {
|
|
69 |
return $this->isOpt( 'enable_chained_authentication', 'Y' );
|
70 |
}
|
71 |
|
72 |
-
/**
|
73 |
-
* @return bool
|
74 |
-
*/
|
75 |
-
public function isCooldownEnabled() {
|
76 |
-
return $this->getCooldownInterval() > 0;
|
77 |
-
}
|
78 |
-
|
79 |
/**
|
80 |
* Also considers whether email sending ability has been verified
|
81 |
* @return bool
|
@@ -91,6 +92,20 @@ class Options extends Base\ShieldOptions {
|
|
91 |
return $this->isOpt( 'enable_email_authentication', 'Y' );
|
92 |
}
|
93 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
94 |
/**
|
95 |
* @return bool
|
96 |
*/
|
@@ -112,6 +127,36 @@ class Options extends Base\ShieldOptions {
|
|
112 |
return $this->isOpt( 'enable_google_authenticator', 'Y' );
|
113 |
}
|
114 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
115 |
/**
|
116 |
* @return bool
|
117 |
*/
|
10 |
*/
|
11 |
class Options extends Base\ShieldOptions {
|
12 |
|
13 |
+
/**
|
14 |
+
* @return array
|
15 |
+
*/
|
16 |
+
public function getAntiBotFormSelectors() {
|
17 |
+
$aIds = $this->getOpt( 'antibot_form_ids', [] );
|
18 |
+
return ( $this->isPremium() && is_array( $aIds ) ) ? $aIds : [];
|
19 |
+
}
|
20 |
+
|
21 |
/**
|
22 |
* @return int
|
23 |
*/
|
77 |
return $this->isOpt( 'enable_chained_authentication', 'Y' );
|
78 |
}
|
79 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
80 |
/**
|
81 |
* Also considers whether email sending ability has been verified
|
82 |
* @return bool
|
92 |
return $this->isOpt( 'enable_email_authentication', 'Y' );
|
93 |
}
|
94 |
|
95 |
+
/**
|
96 |
+
* @return bool
|
97 |
+
*/
|
98 |
+
public function isEnabledCooldown() {
|
99 |
+
return $this->getCooldownInterval() > 0;
|
100 |
+
}
|
101 |
+
|
102 |
+
/**
|
103 |
+
* @return bool
|
104 |
+
*/
|
105 |
+
public function isEnabledGaspCheck() {
|
106 |
+
return $this->isOpt( 'enable_login_gasp_check', 'Y' );
|
107 |
+
}
|
108 |
+
|
109 |
/**
|
110 |
* @return bool
|
111 |
*/
|
127 |
return $this->isOpt( 'enable_google_authenticator', 'Y' );
|
128 |
}
|
129 |
|
130 |
+
/**
|
131 |
+
* @return bool
|
132 |
+
*/
|
133 |
+
public function isProtectLogin() {
|
134 |
+
return $this->isProtect( 'login' );
|
135 |
+
}
|
136 |
+
|
137 |
+
/**
|
138 |
+
* @return bool
|
139 |
+
*/
|
140 |
+
public function isProtectLostPassword() {
|
141 |
+
return $this->isProtect( 'password' );
|
142 |
+
}
|
143 |
+
|
144 |
+
/**
|
145 |
+
* @return bool
|
146 |
+
*/
|
147 |
+
public function isProtectRegister() {
|
148 |
+
return $this->isProtect( 'register' );
|
149 |
+
}
|
150 |
+
|
151 |
+
/**
|
152 |
+
* @param string $sLocation - see config for keys, e.g. login, register, password, checkout_woo
|
153 |
+
* @return bool
|
154 |
+
*/
|
155 |
+
public function isProtect( $sLocation ) {
|
156 |
+
$aLocs = $this->getOpt( 'bot_protection_locations' );
|
157 |
+
return in_array( $sLocation, is_array( $aLocs ) ? $aLocs : $this->getOptDefault( 'bot_protection_locations' ) );
|
158 |
+
}
|
159 |
+
|
160 |
/**
|
161 |
* @return bool
|
162 |
*/
|
src/lib/src/Modules/LoginGuard/Strings.php
CHANGED
@@ -72,16 +72,6 @@ class Strings extends Base\Strings {
|
|
72 |
];
|
73 |
break;
|
74 |
|
75 |
-
case 'section_recaptcha' :
|
76 |
-
$sTitle = 'Google reCAPTCHA';
|
77 |
-
$sTitleShort = 'reCAPTCHA';
|
78 |
-
$aSummary = [
|
79 |
-
sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ), __( 'Adds Google reCAPTCHA to the Login Forms.', 'wp-simple-firewall' ) ),
|
80 |
-
sprintf( '%s - %s', __( 'Recommendation', 'wp-simple-firewall' ), __( 'Keep this turned on.', 'wp-simple-firewall' ) ),
|
81 |
-
sprintf( '%s - %s', __( 'Note', 'wp-simple-firewall' ), __( "You will need to register for Google reCAPTCHA keys and store them in the Shield 'Dashboard' settings.", 'wp-simple-firewall' ) ),
|
82 |
-
];
|
83 |
-
break;
|
84 |
-
|
85 |
case 'section_rename_wplogin' :
|
86 |
$sTitle = __( 'Hide WordPress Login Page', 'wp-simple-firewall' );
|
87 |
$sTitleShort = __( 'Hide Login', 'wp-simple-firewall' );
|
@@ -220,18 +210,12 @@ class Strings extends Base\Strings {
|
|
220 |
break;
|
221 |
|
222 |
case 'enable_google_recaptcha_login' :
|
223 |
-
$sName = __( '
|
224 |
-
$sSummary = __( 'Protect WordPress Account Access Requests With
|
225 |
-
$sDescription = __( 'Use
|
226 |
.sprintf( __( 'Use of any theme other than "%s", requires a Pro license.', 'wp-simple-firewall' ), __( 'Light Theme', 'wp-simple-firewall' ) )
|
227 |
-
.'<br/>'.sprintf( '%s - %s', __( 'Note', 'wp-simple-firewall' ), __( "You'll need to setup your
|
228 |
-
.'<br/><strong>'.sprintf( '%s - %s', __( 'Important', 'wp-simple-firewall' ), __( "Some forms are more dynamic than others so if you experience problems, please use non-Invisible
|
229 |
-
break;
|
230 |
-
|
231 |
-
case 'google_recaptcha_style_login' : // Unused
|
232 |
-
$sName = __( 'reCAPTCHA Style', 'wp-simple-firewall' );
|
233 |
-
$sSummary = __( 'How Google reCAPTCHA Will Be Displayed', 'wp-simple-firewall' );
|
234 |
-
$sDescription = __( 'You can choose the reCAPTCHA display format that best suits your site, including the new Invisible Recaptcha', 'wp-simple-firewall' );
|
235 |
break;
|
236 |
|
237 |
case 'bot_protection_locations' :
|
@@ -248,18 +232,12 @@ class Strings extends Base\Strings {
|
|
248 |
.'<br />'.sprintf( '%s: %s', __( 'Recommendation', 'wp-simple-firewall' ), __( 'ON', 'wp-simple-firewall' ) );
|
249 |
break;
|
250 |
|
251 |
-
case 'enable_antibot_js' :
|
252 |
-
$sName = __( 'AntiBot JS', 'wp-simple-firewall' );
|
253 |
-
$sSummary = __( 'Use AntiBot JS Includes For Custom 3rd Party Forms', 'wp-simple-firewall' );
|
254 |
-
$sDescription = __( 'Important: This is experimental. Please contact support for further assistance.', 'wp-simple-firewall' );
|
255 |
-
break;
|
256 |
-
|
257 |
case 'antibot_form_ids' :
|
258 |
$sName = __( 'AntiBot Forms', 'wp-simple-firewall' );
|
259 |
$sSummary = __( 'Enter The Selectors Of The 3rd Party Login Forms For Use With AntiBot JS', 'wp-simple-firewall' );
|
260 |
-
$sDescription = __( '
|
261 |
-
.' '.__( 'IDs are prefixed with "#".', 'wp-simple-firewall' )
|
262 |
-
.' '.__( 'Classes are prefixed with ".".', 'wp-simple-firewall' )
|
263 |
.'<br />'.__( 'IDs are preferred over classes.', 'wp-simple-firewall' );
|
264 |
break;
|
265 |
|
@@ -321,6 +299,13 @@ class Strings extends Base\Strings {
|
|
321 |
.'<br />'.sprintf( '%s: %s', __( 'Default', 'wp-simple-firewall' ), $oMod->getTextOptDefault( 'text_pleasecheckbox' ) );
|
322 |
break;
|
323 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
324 |
default:
|
325 |
return parent::getOptionStrings( $sOptKey );
|
326 |
}
|
72 |
];
|
73 |
break;
|
74 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
75 |
case 'section_rename_wplogin' :
|
76 |
$sTitle = __( 'Hide WordPress Login Page', 'wp-simple-firewall' );
|
77 |
$sTitleShort = __( 'Hide Login', 'wp-simple-firewall' );
|
210 |
break;
|
211 |
|
212 |
case 'enable_google_recaptcha_login' :
|
213 |
+
$sName = __( 'CAPTCHA', 'wp-simple-firewall' );
|
214 |
+
$sSummary = __( 'Protect WordPress Account Access Requests With CAPTCHA', 'wp-simple-firewall' );
|
215 |
+
$sDescription = __( 'Use CAPTCHA on the user account forms such as login, register, etc.', 'wp-simple-firewall' ).'<br />'
|
216 |
.sprintf( __( 'Use of any theme other than "%s", requires a Pro license.', 'wp-simple-firewall' ), __( 'Light Theme', 'wp-simple-firewall' ) )
|
217 |
+
.'<br/>'.sprintf( '%s - %s', __( 'Note', 'wp-simple-firewall' ), __( "You'll need to setup your CAPTCHA API Keys in 'General' settings.", 'wp-simple-firewall' ) )
|
218 |
+
.'<br/><strong>'.sprintf( '%s - %s', __( 'Important', 'wp-simple-firewall' ), __( "Some forms are more dynamic than others so if you experience problems, please use non-Invisible CAPTCHA.", 'wp-simple-firewall' ) ).'</strong>';
|
|
|
|
|
|
|
|
|
|
|
|
|
219 |
break;
|
220 |
|
221 |
case 'bot_protection_locations' :
|
232 |
.'<br />'.sprintf( '%s: %s', __( 'Recommendation', 'wp-simple-firewall' ), __( 'ON', 'wp-simple-firewall' ) );
|
233 |
break;
|
234 |
|
|
|
|
|
|
|
|
|
|
|
|
|
235 |
case 'antibot_form_ids' :
|
236 |
$sName = __( 'AntiBot Forms', 'wp-simple-firewall' );
|
237 |
$sSummary = __( 'Enter The Selectors Of The 3rd Party Login Forms For Use With AntiBot JS', 'wp-simple-firewall' );
|
238 |
+
$sDescription = __( 'Provide DOM selectors to attached AntiBot protection to any form.', 'wp-simple-firewall' )
|
239 |
+
.'<br />'.__( 'IDs are prefixed with "#".', 'wp-simple-firewall' )
|
240 |
+
.'<br />'.__( 'Classes are prefixed with ".".', 'wp-simple-firewall' )
|
241 |
.'<br />'.__( 'IDs are preferred over classes.', 'wp-simple-firewall' );
|
242 |
break;
|
243 |
|
299 |
.'<br />'.sprintf( '%s: %s', __( 'Default', 'wp-simple-firewall' ), $oMod->getTextOptDefault( 'text_pleasecheckbox' ) );
|
300 |
break;
|
301 |
|
302 |
+
// removed 9.0
|
303 |
+
case 'enable_antibot_js' :
|
304 |
+
$sName = __( 'AntiBot JS', 'wp-simple-firewall' );
|
305 |
+
$sSummary = __( 'Use AntiBot JS Includes For Custom 3rd Party Forms', 'wp-simple-firewall' );
|
306 |
+
$sDescription = __( 'Important: This is experimental. Please contact support for further assistance.', 'wp-simple-firewall' );
|
307 |
+
break;
|
308 |
+
|
309 |
default:
|
310 |
return parent::getOptionStrings( $sOptKey );
|
311 |
}
|
src/lib/src/Modules/Plugin/AdminNotices.php
CHANGED
@@ -16,6 +16,10 @@ class AdminNotices extends Shield\Modules\Base\AdminNotices {
|
|
16 |
|
17 |
switch ( $oNotice->id ) {
|
18 |
|
|
|
|
|
|
|
|
|
19 |
case 'override-forceoff':
|
20 |
$this->buildNotice_OverrideForceoff( $oNotice );
|
21 |
break;
|
@@ -85,6 +89,33 @@ class AdminNotices extends Shield\Modules\Base\AdminNotices {
|
|
85 |
return $this->ajaxExec_DismissAdminNotice();
|
86 |
}
|
87 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
88 |
/**
|
89 |
* @param Shield\Utilities\AdminNotices\NoticeVO $oNotice
|
90 |
*/
|
@@ -298,6 +329,10 @@ class AdminNotices extends Shield\Modules\Base\AdminNotices {
|
|
298 |
$bNeeded = $oCon->getIfForceOffActive();
|
299 |
break;
|
300 |
|
|
|
|
|
|
|
|
|
301 |
case 'plugin-disabled':
|
302 |
$bNeeded = $oOpts->isPluginGloballyDisabled();
|
303 |
break;
|
16 |
|
17 |
switch ( $oNotice->id ) {
|
18 |
|
19 |
+
case 'php7':
|
20 |
+
$this->buildNotice_Php7( $oNotice );
|
21 |
+
break;
|
22 |
+
|
23 |
case 'override-forceoff':
|
24 |
$this->buildNotice_OverrideForceoff( $oNotice );
|
25 |
break;
|
89 |
return $this->ajaxExec_DismissAdminNotice();
|
90 |
}
|
91 |
|
92 |
+
/**
|
93 |
+
* @param Shield\Utilities\AdminNotices\NoticeVO $oNotice
|
94 |
+
*/
|
95 |
+
private function buildNotice_Php7( $oNotice ) {
|
96 |
+
$sName = $this->getCon()->getHumanName();
|
97 |
+
|
98 |
+
$oNotice->render_data = [
|
99 |
+
'notice_attributes' => [],
|
100 |
+
'strings' => [
|
101 |
+
'title' => sprintf( '%s: %s', __( 'Warning', 'wp-simple-firewall' ),
|
102 |
+
sprintf( __( "%s 10+ Wont Be Available For Your Site", 'wp-simple-firewall' ), $sName ) ),
|
103 |
+
'lines' => [
|
104 |
+
sprintf(
|
105 |
+
__( '%s 10 wont support old versions of PHP, including yours (PHP: %s).', 'wp-simple-firewall' ),
|
106 |
+
$sName, Services::Data()->getPhpVersionCleaned( true ), '10'
|
107 |
+
),
|
108 |
+
__( "We recommended updating your server's PHP version ASAP.", 'wp-simple-firewall' )
|
109 |
+
.' '.__( "Your webhost will be able to help guide you in this.", 'wp-simple-firewall' ),
|
110 |
+
],
|
111 |
+
'read_more' => __( 'Click here to read more about this', 'wp-simple-firewall' )
|
112 |
+
],
|
113 |
+
'hrefs' => [
|
114 |
+
'read_more' => 'https://shsec.io/h3'
|
115 |
+
]
|
116 |
+
];
|
117 |
+
}
|
118 |
+
|
119 |
/**
|
120 |
* @param Shield\Utilities\AdminNotices\NoticeVO $oNotice
|
121 |
*/
|
329 |
$bNeeded = $oCon->getIfForceOffActive();
|
330 |
break;
|
331 |
|
332 |
+
case 'php7':
|
333 |
+
$bNeeded = !Services::Data()->getPhpVersionIsAtLeast( '7.0' );
|
334 |
+
break;
|
335 |
+
|
336 |
case 'plugin-disabled':
|
337 |
$bNeeded = $oOpts->isPluginGloballyDisabled();
|
338 |
break;
|
src/lib/src/Modules/Plugin/AjaxHandler.php
CHANGED
@@ -97,12 +97,7 @@ class AjaxHandler extends Shield\Modules\Base\AjaxHandlerShield {
|
|
97 |
private function ajaxExec_PluginBadgeClose() {
|
98 |
/** @var \ICWP_WPSF_FeatureHandler_Plugin $oMod */
|
99 |
$oMod = $this->getMod();
|
100 |
-
$bSuccess =
|
101 |
-
->cookieSet(
|
102 |
-
$oMod->getCookieIdBadgeState(),
|
103 |
-
'closed',
|
104 |
-
DAY_IN_SECONDS
|
105 |
-
);
|
106 |
return [
|
107 |
'success' => $bSuccess,
|
108 |
'message' => $bSuccess ? 'Badge Closed' : 'Badge Not Closed'
|
@@ -225,9 +220,6 @@ class AjaxHandler extends Shield\Modules\Base\AjaxHandlerShield {
|
|
225 |
* @return array
|
226 |
*/
|
227 |
private function ajaxExec_ImportFromSite() {
|
228 |
-
/** @var \ICWP_WPSF_FeatureHandler_Plugin $oMod */
|
229 |
-
$oMod = $this->getMod();
|
230 |
-
|
231 |
$bSuccess = false;
|
232 |
$aFormParams = array_merge(
|
233 |
[
|
@@ -247,11 +239,10 @@ class AjaxHandler extends Shield\Modules\Base\AjaxHandlerShield {
|
|
247 |
$bDisableNetwork = $aFormParams[ 'ShieldNetwork' ] === 'N';
|
248 |
$bNetwork = $bEnabledNetwork ? true : ( $bDisableNetwork ? false : null );
|
249 |
|
250 |
-
/** @var \ICWP_WPSF_Processor_Plugin $oP */
|
251 |
-
$oP = $oMod->getProcessor();
|
252 |
/** @var Shield\Databases\AdminNotes\Insert $oInserter */
|
253 |
-
$nCode =
|
254 |
-
|
|
|
255 |
$bSuccess = $nCode == 0;
|
256 |
$sMessage = $bSuccess ? __( 'Options imported successfully', 'wp-simple-firewall' ) : __( 'Options failed to import', 'wp-simple-firewall' );
|
257 |
}
|
97 |
private function ajaxExec_PluginBadgeClose() {
|
98 |
/** @var \ICWP_WPSF_FeatureHandler_Plugin $oMod */
|
99 |
$oMod = $this->getMod();
|
100 |
+
$bSuccess = $oMod->getPluginBadgeCon()->setBadgeStateClosed();
|
|
|
|
|
|
|
|
|
|
|
101 |
return [
|
102 |
'success' => $bSuccess,
|
103 |
'message' => $bSuccess ? 'Badge Closed' : 'Badge Not Closed'
|
220 |
* @return array
|
221 |
*/
|
222 |
private function ajaxExec_ImportFromSite() {
|
|
|
|
|
|
|
223 |
$bSuccess = false;
|
224 |
$aFormParams = array_merge(
|
225 |
[
|
239 |
$bDisableNetwork = $aFormParams[ 'ShieldNetwork' ] === 'N';
|
240 |
$bNetwork = $bEnabledNetwork ? true : ( $bDisableNetwork ? false : null );
|
241 |
|
|
|
|
|
242 |
/** @var Shield\Databases\AdminNotes\Insert $oInserter */
|
243 |
+
$nCode = ( new Plugin\Lib\ImportExport\Import() )
|
244 |
+
->setMod( $this->getMod() )
|
245 |
+
->fromSite( $sMasterSiteUrl, $sSecretKey, $bNetwork );
|
246 |
$bSuccess = $nCode == 0;
|
247 |
$sMessage = $bSuccess ? __( 'Options imported successfully', 'wp-simple-firewall' ) : __( 'Options failed to import', 'wp-simple-firewall' );
|
248 |
}
|
src/lib/src/Modules/Plugin/Components/PluginBadge.php
CHANGED
@@ -3,6 +3,7 @@
|
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Components;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
|
|
6 |
use FernleafSystems\Wordpress\Services\Services;
|
7 |
|
8 |
/**
|
@@ -14,9 +15,11 @@ class PluginBadge {
|
|
14 |
use ModConsumer;
|
15 |
|
16 |
public function run() {
|
17 |
-
/** @var
|
18 |
-
$
|
19 |
-
|
|
|
|
|
20 |
add_action( 'wp_enqueue_scripts', [ $this, 'includeJquery' ] );
|
21 |
add_action( 'login_enqueue_scripts', [ $this, 'includeJquery' ] );
|
22 |
add_action( 'wp_footer', [ $this, 'printPluginBadge' ], 100 );
|
@@ -42,6 +45,13 @@ class PluginBadge {
|
|
42 |
}
|
43 |
}
|
44 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
45 |
public function includeJquery() {
|
46 |
wp_enqueue_script( 'jquery', null, [], false, true );
|
47 |
}
|
@@ -55,13 +65,11 @@ class PluginBadge {
|
|
55 |
* @return string
|
56 |
*/
|
57 |
public function render( $bFloating = false ) {
|
58 |
-
$oMod = $this->getMod();
|
59 |
$oCon = $this->getCon();
|
60 |
-
|
61 |
$sName = $oCon->getHumanName();
|
62 |
$aData = [
|
63 |
'ajax' => [
|
64 |
-
'plugin_badge_close' => $
|
65 |
],
|
66 |
'flags' => [
|
67 |
'nofollow' => apply_filters( 'icwp_shield_badge_relnofollow', false ),
|
@@ -81,7 +89,7 @@ class PluginBadge {
|
|
81 |
];
|
82 |
|
83 |
try {
|
84 |
-
$sRender = $
|
85 |
}
|
86 |
catch ( \Exception $oE ) {
|
87 |
$sRender = 'Could not generate badge: '.$oE->getMessage();
|
@@ -89,4 +97,24 @@ class PluginBadge {
|
|
89 |
|
90 |
return $sRender;
|
91 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
92 |
}
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Components;
|
4 |
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Options;
|
7 |
use FernleafSystems\Wordpress\Services\Services;
|
8 |
|
9 |
/**
|
15 |
use ModConsumer;
|
16 |
|
17 |
public function run() {
|
18 |
+
/** @var Options $oOpts */
|
19 |
+
$oOpts = $this->getOptions();
|
20 |
+
$bDisplay = $oOpts->isOnFloatingPluginBadge()
|
21 |
+
&& ( Services::Request()->cookie( $this->getCookieIdBadgeState() ) != 'closed' );
|
22 |
+
if ( $bDisplay ) {
|
23 |
add_action( 'wp_enqueue_scripts', [ $this, 'includeJquery' ] );
|
24 |
add_action( 'login_enqueue_scripts', [ $this, 'includeJquery' ] );
|
25 |
add_action( 'wp_footer', [ $this, 'printPluginBadge' ], 100 );
|
45 |
}
|
46 |
}
|
47 |
|
48 |
+
/**
|
49 |
+
* @return string
|
50 |
+
*/
|
51 |
+
private function getCookieIdBadgeState() {
|
52 |
+
return $this->getCon()->prefix( 'badgeState' );
|
53 |
+
}
|
54 |
+
|
55 |
public function includeJquery() {
|
56 |
wp_enqueue_script( 'jquery', null, [], false, true );
|
57 |
}
|
65 |
* @return string
|
66 |
*/
|
67 |
public function render( $bFloating = false ) {
|
|
|
68 |
$oCon = $this->getCon();
|
|
|
69 |
$sName = $oCon->getHumanName();
|
70 |
$aData = [
|
71 |
'ajax' => [
|
72 |
+
'plugin_badge_close' => $this->getMod()->getAjaxActionData( 'plugin_badge_close', true ),
|
73 |
],
|
74 |
'flags' => [
|
75 |
'nofollow' => apply_filters( 'icwp_shield_badge_relnofollow', false ),
|
89 |
];
|
90 |
|
91 |
try {
|
92 |
+
$sRender = $this->getMod()->renderTemplate( 'snippets/plugin_badge_widget', $aData, true );
|
93 |
}
|
94 |
catch ( \Exception $oE ) {
|
95 |
$sRender = 'Could not generate badge: '.$oE->getMessage();
|
97 |
|
98 |
return $sRender;
|
99 |
}
|
100 |
+
|
101 |
+
/**
|
102 |
+
* @return bool
|
103 |
+
*/
|
104 |
+
public function setBadgeStateClosed() {
|
105 |
+
return Services::Response()
|
106 |
+
->cookieSet(
|
107 |
+
$this->getCookieIdBadgeState(),
|
108 |
+
'closed',
|
109 |
+
DAY_IN_SECONDS
|
110 |
+
);
|
111 |
+
}
|
112 |
+
|
113 |
+
/**
|
114 |
+
* @param bool $bDisplay
|
115 |
+
* @return void
|
116 |
+
*/
|
117 |
+
public function setIsDisplayPluginBadge( $bDisplay ) {
|
118 |
+
$this->getOptions()->setOpt( 'display_plugin_badge', $bDisplay ? 'Y' : 'N' );
|
119 |
+
}
|
120 |
}
|
src/lib/src/Modules/Plugin/Lib/Captcha/CaptchaConfigVO.php
ADDED
@@ -0,0 +1,47 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Lib\Captcha;
|
4 |
+
|
5 |
+
use FernleafSystems\Utilities\Data\Adapter\StdClassAdapter;
|
6 |
+
|
7 |
+
/**
|
8 |
+
* Class CaptchaConfigVO
|
9 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Lib\Captcha
|
10 |
+
* @property string $provider
|
11 |
+
* @property string $key
|
12 |
+
* @property string $secret
|
13 |
+
* @property string $theme
|
14 |
+
* @property bool $invisible
|
15 |
+
* @property bool $ready
|
16 |
+
* @property string $url_api
|
17 |
+
* @property string $js_handle
|
18 |
+
*/
|
19 |
+
class CaptchaConfigVO {
|
20 |
+
|
21 |
+
const PROV_GOOGLE_RECAP2 = 'grecaptcha';
|
22 |
+
const PROV_HCAPTCHA = 'hcaptcha';
|
23 |
+
use StdClassAdapter {
|
24 |
+
__get as __adapterGet;
|
25 |
+
}
|
26 |
+
|
27 |
+
/**
|
28 |
+
* @param string $sProperty
|
29 |
+
* @return mixed
|
30 |
+
*/
|
31 |
+
public function __get( $sProperty ) {
|
32 |
+
|
33 |
+
$mValue = $this->__adapterGet( $sProperty );
|
34 |
+
|
35 |
+
switch ( $sProperty ) {
|
36 |
+
|
37 |
+
case 'ready':
|
38 |
+
$mValue = !empty( $this->key ) && !empty( $this->secret );
|
39 |
+
break;
|
40 |
+
|
41 |
+
default:
|
42 |
+
break;
|
43 |
+
}
|
44 |
+
|
45 |
+
return $mValue;
|
46 |
+
}
|
47 |
+
}
|
src/lib/src/Modules/Plugin/Lib/Captcha/CheckCaptchaSettings.php
ADDED
@@ -0,0 +1,83 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Lib\Captcha;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin;
|
7 |
+
use FernleafSystems\Wordpress\Services\Services;
|
8 |
+
|
9 |
+
class CheckCaptchaSettings {
|
10 |
+
|
11 |
+
use ModConsumer;
|
12 |
+
|
13 |
+
public function checkAll() {
|
14 |
+
$this->verifyProSettings();
|
15 |
+
$this->verifyKeys();
|
16 |
+
}
|
17 |
+
|
18 |
+
public function verifyProSettings() {
|
19 |
+
/** @var Plugin\Options $oOpts */
|
20 |
+
$oOpts = $this->getOptions();
|
21 |
+
if ( !$this->getCon()->isPremiumActive() && $oOpts->getOpt( 'google_recaptcha_style' ) !== 'light' ) {
|
22 |
+
$oOpts->setOpt( 'google_recaptcha_style', 'light' );
|
23 |
+
}
|
24 |
+
}
|
25 |
+
|
26 |
+
public function verifyKeys() {
|
27 |
+
/** @var \ICWP_WPSF_FeatureHandler_Plugin $oMod */
|
28 |
+
$oMod = $this->getMod();
|
29 |
+
/** @var Plugin\Options $oOpts */
|
30 |
+
$oOpts = $this->getOptions();
|
31 |
+
$oCfg = $oMod->getCaptchaCfg();
|
32 |
+
|
33 |
+
$nAt = -1;
|
34 |
+
if ( $oCfg->ready && $oOpts->getOpt( 'captcha_checked_at' ) <= 0 ) {
|
35 |
+
if ( $oCfg->provider == CaptchaConfigVO::PROV_GOOGLE_RECAP2 ) {
|
36 |
+
$bValid = $this->verifyRecaptcha();
|
37 |
+
}
|
38 |
+
elseif ( $oCfg->provider == CaptchaConfigVO::PROV_HCAPTCHA ) {
|
39 |
+
$bValid = $this->verifyHcaptcha();
|
40 |
+
}
|
41 |
+
else {
|
42 |
+
$bValid = false;
|
43 |
+
}
|
44 |
+
$nAt = $bValid ? Services::Request()->ts() : 0;
|
45 |
+
}
|
46 |
+
$oOpts->setOpt( 'captcha_checked_at', $nAt );
|
47 |
+
}
|
48 |
+
|
49 |
+
/**
|
50 |
+
* @return bool
|
51 |
+
*/
|
52 |
+
private function verifyHcaptcha() {
|
53 |
+
/** @var \ICWP_WPSF_FeatureHandler_Plugin $oMod */
|
54 |
+
$oMod = $this->getMod();
|
55 |
+
$oCfg = $oMod->getCaptchaCfg();
|
56 |
+
return substr_count( $oCfg->key, '-' ) > 1
|
57 |
+
&& strpos( $oCfg->secret, '0x' ) === 0;
|
58 |
+
}
|
59 |
+
|
60 |
+
/**
|
61 |
+
* @return bool
|
62 |
+
*/
|
63 |
+
private function verifyRecaptcha() {
|
64 |
+
/** @var \ICWP_WPSF_FeatureHandler_Plugin $oMod */
|
65 |
+
$oMod = $this->getMod();
|
66 |
+
|
67 |
+
$sResponse = Services::HttpRequest()->getContent( add_query_arg(
|
68 |
+
[
|
69 |
+
'secret' => $oMod->getCaptchaCfg()->secret,
|
70 |
+
'response' => rand(),
|
71 |
+
],
|
72 |
+
'https://www.google.com/recaptcha/api/siteverify'
|
73 |
+
) );
|
74 |
+
|
75 |
+
$bValid = false;
|
76 |
+
if ( !empty( $sResponse ) ) {
|
77 |
+
$aDec = json_decode( $sResponse, true );
|
78 |
+
$bValid = is_array( $aDec ) && is_array( $aDec[ 'error-codes' ] )
|
79 |
+
&& !in_array( 'invalid-input-secret', $aDec[ 'error-codes' ] );
|
80 |
+
}
|
81 |
+
return $bValid;
|
82 |
+
}
|
83 |
+
}
|
src/lib/src/Modules/Plugin/Lib/Debug/Collate.php
ADDED
@@ -0,0 +1,210 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Lib\Debug;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Options;
|
7 |
+
use FernleafSystems\Wordpress\Services\Services;
|
8 |
+
use FernleafSystems\Wordpress\Services\Utilities\Integrations\WpHashes\ApiPing;
|
9 |
+
use FernleafSystems\Wordpress\Services\Utilities\Licenses;
|
10 |
+
|
11 |
+
/**
|
12 |
+
* Class Collate
|
13 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Lib\Debug
|
14 |
+
*/
|
15 |
+
class Collate {
|
16 |
+
|
17 |
+
use ModConsumer;
|
18 |
+
|
19 |
+
/**
|
20 |
+
* @return array[]
|
21 |
+
*/
|
22 |
+
public function run() {
|
23 |
+
return [
|
24 |
+
'Shield' => [
|
25 |
+
'Summary' => $this->getShieldSummary(),
|
26 |
+
'Capabilities' => $this->getShieldCapabilities(),
|
27 |
+
],
|
28 |
+
'System' => [
|
29 |
+
'PHP' => $this->getPHP(),
|
30 |
+
'Environment' => $this->getEnv(),
|
31 |
+
],
|
32 |
+
'WordPress' => [
|
33 |
+
'Summary' => $this->getWordPressSummary(),
|
34 |
+
'Plugins (Active)' => $this->getPlugins( true ),
|
35 |
+
'Plugins (Inactive)' => $this->getPlugins( false ),
|
36 |
+
'Themes (Active)' => $this->getThemes( true ),
|
37 |
+
],
|
38 |
+
];
|
39 |
+
}
|
40 |
+
|
41 |
+
/**
|
42 |
+
* @return array
|
43 |
+
*/
|
44 |
+
private function getEnv() {
|
45 |
+
$oIP = Services::IP();
|
46 |
+
$oReq = Services::Request();
|
47 |
+
|
48 |
+
$sSig = $oReq->server( 'SERVER_SIGNATURE' );
|
49 |
+
$aIPs = $oIP->getServerPublicIPs();
|
50 |
+
$rDNS = '';
|
51 |
+
foreach ( $aIPs as $sIP ) {
|
52 |
+
if ( $oIP->getIpVersion( $sIP ) === 4 ) {
|
53 |
+
$rDNS = gethostbyaddr( $sIP );
|
54 |
+
break;
|
55 |
+
}
|
56 |
+
}
|
57 |
+
return [
|
58 |
+
'Host OS' => PHP_OS,
|
59 |
+
'Server Hostname' => gethostname(),
|
60 |
+
'Server IPs' => implode( ', ', $aIPs ),
|
61 |
+
'rDNS' => empty( $rDNS ) ? '-' : $rDNS,
|
62 |
+
'Server Name' => $oReq->server( 'SERVER_NAME' ),
|
63 |
+
'Server Signature' => empty( $sSig ) ? '-' : $sSig,
|
64 |
+
];
|
65 |
+
}
|
66 |
+
|
67 |
+
/**
|
68 |
+
* @return array
|
69 |
+
*/
|
70 |
+
private function getPHP() {
|
71 |
+
$oDP = Services::Data();
|
72 |
+
|
73 |
+
$sPHP = $oDP->getPhpVersionCleaned();
|
74 |
+
if ( $sPHP !== $oDP->getPhpVersion() ) {
|
75 |
+
$sPHP .= sprintf( ' (%s)', $oDP->getPhpVersion() );
|
76 |
+
}
|
77 |
+
return [
|
78 |
+
'PHP' => $sPHP,
|
79 |
+
'Memory Limit' => ini_get( 'memory_limit' ),
|
80 |
+
'32/64-bit' => ( PHP_INT_SIZE === 4 ) ? 32 : 64,
|
81 |
+
'Time Limit' => ini_get( 'max_execution_time' ),
|
82 |
+
'Dir Separator' => DIRECTORY_SEPARATOR,
|
83 |
+
];
|
84 |
+
}
|
85 |
+
|
86 |
+
/**
|
87 |
+
* @param bool $bActive
|
88 |
+
* @return array
|
89 |
+
*/
|
90 |
+
private function getPlugins( $bActive ) {
|
91 |
+
$oWpPlugins = Services::WpPlugins();
|
92 |
+
|
93 |
+
$aD = [];
|
94 |
+
|
95 |
+
foreach ( $oWpPlugins->getPluginsAsVo() as $oVO ) {
|
96 |
+
if ( $bActive === $oVO->active ) {
|
97 |
+
$aD[ $oVO->Name ] = sprintf( '%s / %s / %s',
|
98 |
+
$oVO->Version, $oVO->active ? 'Active' : 'Deactivated',
|
99 |
+
$oVO->hasUpdate() ? 'Update Available' : 'No Update'
|
100 |
+
);
|
101 |
+
}
|
102 |
+
}
|
103 |
+
|
104 |
+
return array_merge(
|
105 |
+
[ 'Total' => count( $aD ), ],
|
106 |
+
$aD
|
107 |
+
);
|
108 |
+
}
|
109 |
+
|
110 |
+
/**
|
111 |
+
* @param bool $bActive
|
112 |
+
* @return array
|
113 |
+
*/
|
114 |
+
private function getThemes( $bActive ) {
|
115 |
+
$oWpT = Services::WpThemes();
|
116 |
+
|
117 |
+
$aD = [];
|
118 |
+
|
119 |
+
foreach ( $oWpT->getThemesAsVo() as $oVO ) {
|
120 |
+
|
121 |
+
$bIsActive = $oVO->active ||
|
122 |
+
( $oWpT->isActiveThemeAChild() && ( $oVO->is_child || $oVO->is_parent ) );
|
123 |
+
|
124 |
+
if ( $bActive == $bIsActive ) {
|
125 |
+
$sLine = sprintf( '%s / %s / %s',
|
126 |
+
$oVO->Version, $oVO->active ? 'Active' : 'Deactivated',
|
127 |
+
$oVO->hasUpdate() ? 'Update Available' : 'No Update'
|
128 |
+
);
|
129 |
+
|
130 |
+
if ( $oWpT->isActiveThemeAChild() && ( $oVO->is_child || $oVO->is_parent ) ) {
|
131 |
+
$sLine .= ' / '.( $oVO->is_parent ? 'Parent' : 'Child' );
|
132 |
+
}
|
133 |
+
$aD[ $oVO->Name ] = $sLine;
|
134 |
+
}
|
135 |
+
}
|
136 |
+
|
137 |
+
return array_merge(
|
138 |
+
[ 'Total' => count( $aD ), ],
|
139 |
+
$aD
|
140 |
+
);
|
141 |
+
}
|
142 |
+
|
143 |
+
/**
|
144 |
+
* @return array
|
145 |
+
*/
|
146 |
+
private function getShieldCapabilities() {
|
147 |
+
$oCon = $this->getCon();
|
148 |
+
$oModPlugin = $oCon->getModule_Plugin();
|
149 |
+
|
150 |
+
$sHome = Services::WpGeneral()->getHomeUrl();
|
151 |
+
$aD = [
|
152 |
+
sprintf( 'Loopback To %s', $sHome ) => $oModPlugin->getCanSiteCallToItself() ? 'Yes' : 'No',
|
153 |
+
'Handshake ShieldNET' => $oModPlugin->getShieldNetApiController()
|
154 |
+
->canHandshake() ? 'Yes' : 'No',
|
155 |
+
'WP Hashes Ping' => ( new ApiPing() )->ping() ? 'Yes' : 'No',
|
156 |
+
];
|
157 |
+
|
158 |
+
$oPing = new Licenses\Keyless\Ping();
|
159 |
+
$oPing->lookup_url_stub = $this->getOptions()->getDef( 'license_store_url_api' );
|
160 |
+
$aD[ 'Ping License Server' ] = $oPing->ping() ? 'Yes' : 'No';
|
161 |
+
|
162 |
+
$sTmpPath = $oCon->getPluginCachePath();
|
163 |
+
$aD[ 'Write TMP DIR' ] = empty( $sTmpPath ) ? 'No' : 'Yes: '.$sTmpPath;
|
164 |
+
|
165 |
+
return $aD;
|
166 |
+
}
|
167 |
+
|
168 |
+
/**
|
169 |
+
* @return array
|
170 |
+
*/
|
171 |
+
private function getShieldSummary() {
|
172 |
+
$oCon = $this->getCon();
|
173 |
+
$oModLicense = $oCon->getModule_License();
|
174 |
+
$oModPlugin = $oCon->getModule_Plugin();
|
175 |
+
|
176 |
+
$aD = [
|
177 |
+
'Version' => $oCon->getVersion(),
|
178 |
+
'PRO' => $oCon->isPremiumActive() ? 'Yes' : 'No',
|
179 |
+
'WP Hashes Token' => $oModLicense->getWpHashesTokenManager()->hasToken() ? 'Yes' : 'No',
|
180 |
+
'Security Admin Enabled' => $oCon->getModule_SecAdmin()->isEnabledSecurityAdmin() ? 'Yes' : 'No',
|
181 |
+
];
|
182 |
+
|
183 |
+
/** @var Options $oOptsIP */
|
184 |
+
$oOptsPlugin = $oModPlugin->getOptions();
|
185 |
+
$sSource = $oOptsPlugin->getSelectOptionValueText( 'visitor_address_source' );
|
186 |
+
$aD[ 'Visitor IP Source' ] = $sSource.' - '.Services::Request()->server( $sSource );
|
187 |
+
|
188 |
+
return $aD;
|
189 |
+
}
|
190 |
+
|
191 |
+
/**
|
192 |
+
* @return array
|
193 |
+
*/
|
194 |
+
private function getWordPressSummary() {
|
195 |
+
$oWP = Services::WpGeneral();
|
196 |
+
$aD = [
|
197 |
+
'URL - Home' => $oWP->getHomeUrl(),
|
198 |
+
'URL - Site' => $oWP->getWpUrl(),
|
199 |
+
'WP' => $oWP->getVersion( true ),
|
200 |
+
'Locale' => $oWP->getLocale(),
|
201 |
+
'Multisite' => $oWP->isMultisite() ? 'Yes' : 'No',
|
202 |
+
'ABSPATH' => ABSPATH,
|
203 |
+
];
|
204 |
+
if ( $oWP->isClassicPress() ) {
|
205 |
+
$aD[ 'ClassicPress' ] = $oWP->getVersion();
|
206 |
+
}
|
207 |
+
|
208 |
+
return $aD;
|
209 |
+
}
|
210 |
+
}
|
src/lib/src/Modules/Plugin/Lib/ImportExport/Export.php
ADDED
@@ -0,0 +1,152 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Lib\ImportExport;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin;
|
7 |
+
use FernleafSystems\Wordpress\Services\Services;
|
8 |
+
|
9 |
+
class Export {
|
10 |
+
|
11 |
+
use ModConsumer;
|
12 |
+
|
13 |
+
/**
|
14 |
+
* @param string $sMethod
|
15 |
+
*/
|
16 |
+
public function run( $sMethod ) {
|
17 |
+
try {
|
18 |
+
switch ( $sMethod ) {
|
19 |
+
case 'file':
|
20 |
+
$this->toFile();
|
21 |
+
break;
|
22 |
+
|
23 |
+
case 'json':
|
24 |
+
default:
|
25 |
+
$this->toJson();
|
26 |
+
break;
|
27 |
+
}
|
28 |
+
}
|
29 |
+
catch ( \Exception $oE ) {
|
30 |
+
}
|
31 |
+
die();
|
32 |
+
}
|
33 |
+
|
34 |
+
public function toJson() {
|
35 |
+
/** @var \ICWP_WPSF_FeatureHandler_Plugin $oMod */
|
36 |
+
$oMod = $this->getMod();
|
37 |
+
$oReq = Services::Request();
|
38 |
+
|
39 |
+
$sSecretKey = $oReq->query( 'secret', '' );
|
40 |
+
|
41 |
+
$sNetworkOpt = $oReq->query( 'network', '' );
|
42 |
+
$bDoNetwork = !empty( $sNetworkOpt );
|
43 |
+
$sUrl = Services::Data()->validateSimpleHttpUrl( $oReq->query( 'url', '' ) );
|
44 |
+
|
45 |
+
if ( !$oMod->isImportExportSecretKey( $sSecretKey ) && !$this->isUrlOnWhitelist( $sUrl ) ) {
|
46 |
+
return; // we show no signs of responding to invalid secret keys or unwhitelisted URLs
|
47 |
+
}
|
48 |
+
|
49 |
+
$bSuccess = false;
|
50 |
+
$aData = [];
|
51 |
+
|
52 |
+
if ( !$this->verifyUrlWithHandshake( $sUrl ) ) {
|
53 |
+
$nCode = 3;
|
54 |
+
$sMessage = __( 'Handshake verification failed.', 'wp-simple-firewall' );
|
55 |
+
}
|
56 |
+
else {
|
57 |
+
$nCode = 0;
|
58 |
+
$bSuccess = true;
|
59 |
+
$aData = $this->getExportData();
|
60 |
+
$sMessage = 'Options Exported Successfully';
|
61 |
+
|
62 |
+
$this->getCon()->fireEvent(
|
63 |
+
'options_exported',
|
64 |
+
[ 'audit' => [ 'site' => $sUrl ] ]
|
65 |
+
);
|
66 |
+
|
67 |
+
if ( $bDoNetwork ) {
|
68 |
+
if ( $sNetworkOpt === 'Y' ) {
|
69 |
+
$oMod->addUrlToImportExportWhitelistUrls( $sUrl );
|
70 |
+
$this->getCon()->fireEvent(
|
71 |
+
'whitelist_site_added',
|
72 |
+
[ 'audit' => [ 'site' => $sUrl ] ]
|
73 |
+
);
|
74 |
+
}
|
75 |
+
else {
|
76 |
+
$oMod->removeUrlFromImportExportWhitelistUrls( $sUrl );
|
77 |
+
$this->getCon()->fireEvent(
|
78 |
+
'whitelist_site_removed',
|
79 |
+
[ 'audit' => [ 'site' => $sUrl ] ]
|
80 |
+
);
|
81 |
+
}
|
82 |
+
}
|
83 |
+
}
|
84 |
+
|
85 |
+
$aResponse = [
|
86 |
+
'success' => $bSuccess,
|
87 |
+
'code' => $nCode,
|
88 |
+
'message' => $sMessage,
|
89 |
+
'data' => $aData,
|
90 |
+
];
|
91 |
+
echo json_encode( $aResponse );
|
92 |
+
die();
|
93 |
+
}
|
94 |
+
|
95 |
+
public function toFile() {
|
96 |
+
$sExport = json_encode( $this->getExportData() );
|
97 |
+
$aData = [
|
98 |
+
'# Site URL: '.Services::WpGeneral()->getHomeUrl(),
|
99 |
+
'# Export Date: '.Services::WpGeneral()->getTimeStringForDisplay(),
|
100 |
+
'# Hash: '.sha1( $sExport ),
|
101 |
+
$sExport
|
102 |
+
];
|
103 |
+
Services::Response()->downloadStringAsFile(
|
104 |
+
implode( "\n", $aData ),
|
105 |
+
sprintf( 'shieldexport-%s-%s.json',
|
106 |
+
Services::Data()->urlStripSchema( Services::WpGeneral()->getHomeUrl() ),
|
107 |
+
$sFilename = date( 'Ymd_His' )
|
108 |
+
)
|
109 |
+
);
|
110 |
+
}
|
111 |
+
|
112 |
+
/**
|
113 |
+
* @return array
|
114 |
+
*/
|
115 |
+
private function getExportData() {
|
116 |
+
$aAll = [];
|
117 |
+
foreach ( $this->getCon()->modules as $oMod ) {
|
118 |
+
$oOpts = $oMod->getOptions();
|
119 |
+
$aAll[ $oMod->getOptionsStorageKey() ] = array_diff_key(
|
120 |
+
$oOpts->getTransferableOptions(),
|
121 |
+
array_flip( $oOpts->getXferExcluded() )
|
122 |
+
);
|
123 |
+
}
|
124 |
+
return $aAll;
|
125 |
+
}
|
126 |
+
|
127 |
+
/**
|
128 |
+
* @param string $sUrl
|
129 |
+
* @return bool
|
130 |
+
*/
|
131 |
+
private function isUrlOnWhitelist( $sUrl ) {
|
132 |
+
/** @var Plugin\Options $oOpts */
|
133 |
+
$oOpts = $this->getOptions();
|
134 |
+
return !empty( $sUrl ) && in_array( $sUrl, $oOpts->getImportExportWhitelist() );
|
135 |
+
}
|
136 |
+
|
137 |
+
/**
|
138 |
+
* @param string $sUrl
|
139 |
+
* @return bool
|
140 |
+
*/
|
141 |
+
private function verifyUrlWithHandshake( $sUrl ) {
|
142 |
+
$bVerified = false;
|
143 |
+
|
144 |
+
if ( !empty( $sUrl ) ) {
|
145 |
+
$sReqUrl = add_query_arg( [ 'shield_action' => 'importexport_handshake' ], $sUrl );
|
146 |
+
$aResp = @json_decode( Services::HttpRequest()->getContent( $sReqUrl ), true );
|
147 |
+
$bVerified = is_array( $aResp ) && isset( $aResp[ 'success' ] ) && ( $aResp[ 'success' ] === true );
|
148 |
+
}
|
149 |
+
|
150 |
+
return $bVerified;
|
151 |
+
}
|
152 |
+
}
|
src/lib/src/Modules/Plugin/Lib/ImportExport/Import.php
ADDED
@@ -0,0 +1,230 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Lib\ImportExport;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin;
|
7 |
+
use FernleafSystems\Wordpress\Services\Services;
|
8 |
+
|
9 |
+
class Import {
|
10 |
+
|
11 |
+
use ModConsumer;
|
12 |
+
|
13 |
+
/**
|
14 |
+
* @param string $sMethod
|
15 |
+
*/
|
16 |
+
public function run( $sMethod = 'site' ) {
|
17 |
+
try {
|
18 |
+
switch ( $sMethod ) {
|
19 |
+
case 'file':
|
20 |
+
$this->fromFile();
|
21 |
+
break;
|
22 |
+
case 'site':
|
23 |
+
default:
|
24 |
+
$this->fromSite();
|
25 |
+
break;
|
26 |
+
}
|
27 |
+
}
|
28 |
+
catch ( \Exception $oE ) {
|
29 |
+
}
|
30 |
+
die();
|
31 |
+
}
|
32 |
+
|
33 |
+
/**
|
34 |
+
* @throws \Exception
|
35 |
+
*/
|
36 |
+
public function fromFile() {
|
37 |
+
if ( !$this->getCon()->isPluginAdmin() ) {
|
38 |
+
throw new \Exception( __( 'Not currently logged-in as security admin', 'wp-simple-firewall' ) );
|
39 |
+
}
|
40 |
+
|
41 |
+
if ( Services::Request()->post( 'confirm' ) != 'Y' ) {
|
42 |
+
throw new \Exception( __( 'Please check the box to confirm your intent to overwrite settings', 'wp-simple-firewall' ) );
|
43 |
+
}
|
44 |
+
|
45 |
+
$oFs = Services::WpFs();
|
46 |
+
if ( empty( $_FILES ) || !isset( $_FILES[ 'import_file' ] )
|
47 |
+
|| empty( $_FILES[ 'import_file' ][ 'tmp_name' ] ) ) {
|
48 |
+
throw new \Exception( __( 'Please select a file to upload', 'wp-simple-firewall' ) );
|
49 |
+
}
|
50 |
+
if ( $_FILES[ 'import_file' ][ 'size' ] == 0
|
51 |
+
|| isset( $_FILES[ 'error' ] ) && $_FILES[ 'error' ] != UPLOAD_ERR_OK
|
52 |
+
|| !$oFs->isFile( $_FILES[ 'import_file' ][ 'tmp_name' ] )
|
53 |
+
|| filesize( $_FILES[ 'import_file' ][ 'tmp_name' ] ) === 0
|
54 |
+
) {
|
55 |
+
throw new \Exception( __( 'Uploading of file failed', 'wp-simple-firewall' ) );
|
56 |
+
}
|
57 |
+
|
58 |
+
$sContent = Services::WpFs()->getFileContent( $_FILES[ 'import_file' ][ 'tmp_name' ] );
|
59 |
+
if ( empty( $sContent ) ) {
|
60 |
+
throw new \Exception( __( 'Uploaded file was empty', 'wp-simple-firewall' ) );
|
61 |
+
}
|
62 |
+
|
63 |
+
{//filter any comment lines
|
64 |
+
$aParts = array_filter(
|
65 |
+
array_map( 'trim', explode( "\n", $sContent ) ),
|
66 |
+
function ( $sLine ) {
|
67 |
+
return ( strpos( $sLine, '{' ) === 0 );
|
68 |
+
}
|
69 |
+
);
|
70 |
+
if ( empty( $aParts ) ) {
|
71 |
+
throw new \Exception( __( 'Options data could not be found in uploaded file', 'wp-simple-firewall' ) );
|
72 |
+
}
|
73 |
+
}
|
74 |
+
{//parse the options json
|
75 |
+
$aData = @json_decode( array_shift( $aParts ), true );
|
76 |
+
if ( empty( $aData ) || !is_array( $aData ) ) {
|
77 |
+
throw new \Exception( __( 'Uploaded options data was not of the correct format', 'wp-simple-firewall' ) );
|
78 |
+
}
|
79 |
+
}
|
80 |
+
|
81 |
+
$this->processDataImport( $aData, __( 'uploaded file', 'wp-simple-firewall' ) );
|
82 |
+
$oFs->deleteFile( $_FILES[ 'import_file' ][ 'tmp_name' ] );
|
83 |
+
}
|
84 |
+
|
85 |
+
/**
|
86 |
+
* @param string $sMasterSiteUrl
|
87 |
+
* @param string $sSecretKey
|
88 |
+
* @param bool|null $bEnableNetwork
|
89 |
+
* @param string $sSiteResponse
|
90 |
+
* @return int
|
91 |
+
*/
|
92 |
+
public function fromSite( $sMasterSiteUrl = '', $sSecretKey = '', $bEnableNetwork = null, &$sSiteResponse = '' ) {
|
93 |
+
/** @var Plugin\Options $oOpts */
|
94 |
+
$oOpts = $this->getOptions();
|
95 |
+
/** @var \ICWP_WPSF_FeatureHandler_Plugin $oMod */
|
96 |
+
$oMod = $this->getMod();
|
97 |
+
$oDP = Services::Data();
|
98 |
+
|
99 |
+
if ( empty( $sMasterSiteUrl ) ) {
|
100 |
+
$sMasterSiteUrl = $oOpts->getImportExportMasterImportUrl();
|
101 |
+
}
|
102 |
+
|
103 |
+
$aParts = parse_url( $sMasterSiteUrl );
|
104 |
+
|
105 |
+
$sOriginalMasterSiteUrl = $oOpts->getImportExportMasterImportUrl();
|
106 |
+
$bHadMasterSiteUrl = $oOpts->hasImportExportMasterImportUrl();
|
107 |
+
$bCheckKeyFormat = !$bHadMasterSiteUrl;
|
108 |
+
$sSecretKey = sanitize_key( $sSecretKey );
|
109 |
+
|
110 |
+
if ( $bCheckKeyFormat && empty( $sSecretKey ) ) {
|
111 |
+
$nErrorCode = 1;
|
112 |
+
}
|
113 |
+
elseif ( $bCheckKeyFormat && strlen( $sSecretKey ) != 40 ) {
|
114 |
+
$nErrorCode = 2;
|
115 |
+
}
|
116 |
+
elseif ( empty( $aParts ) ) {
|
117 |
+
$nErrorCode = 4;
|
118 |
+
}
|
119 |
+
elseif ( $oDP->validateSimpleHttpUrl( $sMasterSiteUrl ) === false ) {
|
120 |
+
$nErrorCode = 4; // a final check
|
121 |
+
}
|
122 |
+
else {
|
123 |
+
$bReady = true;
|
124 |
+
$aEssential = [ 'scheme', 'host' ];
|
125 |
+
foreach ( $aEssential as $sKey ) {
|
126 |
+
$bReady = $bReady && !empty( $aParts[ $sKey ] );
|
127 |
+
}
|
128 |
+
|
129 |
+
$sMasterSiteUrl = $oDP->validateSimpleHttpUrl( $sMasterSiteUrl ); // final clean
|
130 |
+
|
131 |
+
if ( !$bReady || !$sMasterSiteUrl ) {
|
132 |
+
$nErrorCode = 4;
|
133 |
+
}
|
134 |
+
else {
|
135 |
+
$oOpts->setOpt( 'importexport_handshake_expires_at', Services::Request()->ts() + 30 );
|
136 |
+
$this->getMod()->saveModOptions();
|
137 |
+
|
138 |
+
$aData = [
|
139 |
+
'shield_action' => 'importexport_export',
|
140 |
+
'secret' => $sSecretKey,
|
141 |
+
'url' => Services::WpGeneral()->getHomeUrl()
|
142 |
+
];
|
143 |
+
// Don't send the network setup request if it's the cron.
|
144 |
+
if ( !is_null( $bEnableNetwork ) && !Services::WpGeneral()->isCron() ) {
|
145 |
+
$aData[ 'network' ] = $bEnableNetwork ? 'Y' : 'N';
|
146 |
+
}
|
147 |
+
|
148 |
+
$sFinalUrl = add_query_arg( $aData, $sMasterSiteUrl );
|
149 |
+
$sResponse = Services::HttpRequest()->getContent( $sFinalUrl );
|
150 |
+
$aParts = @json_decode( $sResponse, true );
|
151 |
+
|
152 |
+
if ( empty( $aParts ) ) {
|
153 |
+
$nErrorCode = 5;
|
154 |
+
}
|
155 |
+
elseif ( !isset( $aParts[ 'success' ] ) || !$aParts[ 'success' ] ) {
|
156 |
+
|
157 |
+
if ( empty ( $aParts[ 'message' ] ) ) {
|
158 |
+
$nErrorCode = 6;
|
159 |
+
}
|
160 |
+
else {
|
161 |
+
$nErrorCode = 7;
|
162 |
+
$sSiteResponse = $aParts[ 'message' ]; // This is crap because we can't use Response objects
|
163 |
+
}
|
164 |
+
}
|
165 |
+
elseif ( empty( $aParts[ 'data' ] ) || !is_array( $aParts[ 'data' ] ) ) {
|
166 |
+
$nErrorCode = 8;
|
167 |
+
}
|
168 |
+
else {
|
169 |
+
$this->processDataImport( $aParts[ 'data' ], $sMasterSiteUrl );
|
170 |
+
|
171 |
+
// Fix for the overwriting of the Master Site URL with an empty string.
|
172 |
+
// Only do so if we're not turning it off. i.e on or no-change
|
173 |
+
if ( is_null( $bEnableNetwork ) ) {
|
174 |
+
if ( $bHadMasterSiteUrl && !$oOpts->hasImportExportMasterImportUrl() ) {
|
175 |
+
$oMod->setImportExportMasterImportUrl( $sOriginalMasterSiteUrl );
|
176 |
+
}
|
177 |
+
}
|
178 |
+
elseif ( $bEnableNetwork === true ) {
|
179 |
+
$oMod->setImportExportMasterImportUrl( $sMasterSiteUrl );
|
180 |
+
$this->getCon()->fireEvent(
|
181 |
+
'master_url_set',
|
182 |
+
[ 'audit' => [ 'site' => $sMasterSiteUrl ] ]
|
183 |
+
);
|
184 |
+
}
|
185 |
+
elseif ( $bEnableNetwork === false ) {
|
186 |
+
$oMod->setImportExportMasterImportUrl( '' );
|
187 |
+
}
|
188 |
+
|
189 |
+
$nErrorCode = 0;
|
190 |
+
}
|
191 |
+
}
|
192 |
+
}
|
193 |
+
|
194 |
+
return $nErrorCode;
|
195 |
+
}
|
196 |
+
|
197 |
+
/**
|
198 |
+
* @param array $aImportData
|
199 |
+
* @param string $sImportSource
|
200 |
+
* @return bool
|
201 |
+
*/
|
202 |
+
private function processDataImport( $aImportData, $sImportSource = 'unspecified' ) {
|
203 |
+
$bImported = false;
|
204 |
+
|
205 |
+
$bAnythingChanged = false;
|
206 |
+
foreach ( $this->getCon()->modules as $oTheMod ) {
|
207 |
+
if ( !empty( $aImportData[ $oTheMod->getOptionsStorageKey() ] ) ) {
|
208 |
+
$oTheseOpts = $oTheMod->getOptions();
|
209 |
+
$oTheseOpts->setMultipleOptions(
|
210 |
+
array_diff_key(
|
211 |
+
$aImportData[ $oTheMod->getOptionsStorageKey() ],
|
212 |
+
array_flip( $oTheseOpts->getXferExcluded() )
|
213 |
+
)
|
214 |
+
);
|
215 |
+
|
216 |
+
$bAnythingChanged = $bAnythingChanged || $oTheseOpts->getNeedSave();
|
217 |
+
$oTheMod->saveModOptions( true );
|
218 |
+
}
|
219 |
+
}
|
220 |
+
|
221 |
+
if ( $bAnythingChanged ) {
|
222 |
+
$this->getCon()->fireEvent(
|
223 |
+
'options_imported',
|
224 |
+
[ 'audit' => [ 'site' => $sImportSource ] ]
|
225 |
+
);
|
226 |
+
}
|
227 |
+
|
228 |
+
return $bImported;
|
229 |
+
}
|
230 |
+
}
|
src/lib/src/Modules/Plugin/Lib/ImportExport/ImportExportController.php
ADDED
@@ -0,0 +1,181 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Lib\ImportExport;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield;
|
7 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin;
|
8 |
+
use FernleafSystems\Wordpress\Services\Services;
|
9 |
+
|
10 |
+
class ImportExportController {
|
11 |
+
|
12 |
+
use ModConsumer;
|
13 |
+
|
14 |
+
public function run() {
|
15 |
+
$oCon = $this->getCon();
|
16 |
+
/** @var Plugin\Options $oOpts */
|
17 |
+
$oOpts = $this->getOptions();
|
18 |
+
|
19 |
+
// Cron
|
20 |
+
add_action( $oCon->prefix( 'importexport_notify' ), function () {
|
21 |
+
( new NotifyWhitelist() )
|
22 |
+
->setMod( $this->getMod() )
|
23 |
+
->run();
|
24 |
+
} );
|
25 |
+
|
26 |
+
if ( $oOpts->hasImportExportMasterImportUrl() ) {
|
27 |
+
// For auto update whitelist notifications:
|
28 |
+
add_action( $oCon->prefix( 'importexport_updatenotified' ), function () {
|
29 |
+
( new Import() )
|
30 |
+
->setMod( $this->getMod() )
|
31 |
+
->run( 'site' );
|
32 |
+
} );
|
33 |
+
}
|
34 |
+
|
35 |
+
add_action( $oCon->prefix( 'shield_action' ), function ( $sAction ) {
|
36 |
+
switch ( $sAction ) {
|
37 |
+
case 'importexport_export':
|
38 |
+
( new Export() )
|
39 |
+
->setMod( $this->getMod() )
|
40 |
+
->run( Services::Request()->query( 'method' ) );
|
41 |
+
break;
|
42 |
+
|
43 |
+
case 'importexport_import':
|
44 |
+
( new Import() )
|
45 |
+
->setMod( $this->getMod() )
|
46 |
+
->run( Services::Request()->query( 'method' ) );
|
47 |
+
break;
|
48 |
+
|
49 |
+
case 'importexport_handshake':
|
50 |
+
$this->confirmExportHandshake();
|
51 |
+
break;
|
52 |
+
|
53 |
+
case 'importexport_updatenotified':
|
54 |
+
$this->runOptionsUpdateNotified();
|
55 |
+
break;
|
56 |
+
}
|
57 |
+
} );
|
58 |
+
}
|
59 |
+
|
60 |
+
/**
|
61 |
+
* We've been notified that there's an update to pull in from the master site so we set a cron to do this.
|
62 |
+
*/
|
63 |
+
private function runOptionsUpdateNotified() {
|
64 |
+
$oCon = $this->getCon();
|
65 |
+
/** @var Plugin\Options $oOpts */
|
66 |
+
$oOpts = $this->getOptions();
|
67 |
+
|
68 |
+
$sCronHook = $oCon->prefix( 'importexport_updatenotified' );
|
69 |
+
if ( wp_next_scheduled( $sCronHook ) ) {
|
70 |
+
wp_clear_scheduled_hook( $sCronHook );
|
71 |
+
}
|
72 |
+
|
73 |
+
if ( !wp_next_scheduled( $sCronHook ) ) {
|
74 |
+
|
75 |
+
wp_schedule_single_event( Services::Request()->ts() + 12, $sCronHook );
|
76 |
+
|
77 |
+
preg_match( '#.*WordPress/.*\s+(.*)\s?#', Services::Request()->getUserAgent(), $aMatches );
|
78 |
+
if ( !empty( $aMatches[ 1 ] ) && filter_var( $aMatches[ 1 ], FILTER_VALIDATE_URL ) ) {
|
79 |
+
$sUrl = parse_url( $aMatches[ 1 ], PHP_URL_HOST );
|
80 |
+
if ( !empty( $sUrl ) ) {
|
81 |
+
$sUrl = 'Site: '.$sUrl;
|
82 |
+
}
|
83 |
+
}
|
84 |
+
else {
|
85 |
+
$sUrl = '';
|
86 |
+
}
|
87 |
+
|
88 |
+
$this->getCon()->fireEvent(
|
89 |
+
'import_notify_received',
|
90 |
+
[ 'audit' => [ 'master_site' => $oOpts->getImportExportMasterImportUrl() ] ]
|
91 |
+
);
|
92 |
+
}
|
93 |
+
}
|
94 |
+
|
95 |
+
/**
|
96 |
+
* This is called from a remote site when this site sends out an export request to another
|
97 |
+
* site but without a secret key i.e. it assumes it's on the white list. We give a 30 second
|
98 |
+
* window for the handshake to complete. We do not explicitly fail.
|
99 |
+
*/
|
100 |
+
private function confirmExportHandshake() {
|
101 |
+
/** @var Plugin\Options $oOpts */
|
102 |
+
$oOpts = $this->getOptions();
|
103 |
+
if ( Services::Request()->ts() < (int)$oOpts->getOpt( 'importexport_handshake_expires_at' ) ) {
|
104 |
+
echo json_encode( [ 'success' => true ] );
|
105 |
+
die();
|
106 |
+
}
|
107 |
+
else {
|
108 |
+
return;
|
109 |
+
}
|
110 |
+
}
|
111 |
+
|
112 |
+
/**
|
113 |
+
* @return array
|
114 |
+
*/
|
115 |
+
public function buildInsightsVars() {
|
116 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
117 |
+
$oMod = $this->getMod();
|
118 |
+
return [
|
119 |
+
'vars' => [
|
120 |
+
'file_upload_nonce' => $oMod->getNonceActionData( 'import_file_upload' ),
|
121 |
+
'form_action' => $oMod->getUrl_AdminPage()
|
122 |
+
],
|
123 |
+
'ajax' => [
|
124 |
+
'import_from_site' => $oMod->getAjaxActionData( 'import_from_site', true ),
|
125 |
+
],
|
126 |
+
'flags' => [
|
127 |
+
'can_importexport' => $this->getCon()->isPremiumActive(),
|
128 |
+
],
|
129 |
+
'hrefs' => [
|
130 |
+
'export_file_download' => $this->createExportFileDownloadLink()
|
131 |
+
],
|
132 |
+
'strings' => [
|
133 |
+
'title_import_file' => __( 'Import From File', 'wp-simple-firewall' ),
|
134 |
+
'subtitle_import_file' => __( 'Upload an exported options file you downloaded from another site', 'wp-simple-firewall' ),
|
135 |
+
'select_import_file' => __( 'Select file to import options from', 'wp-simple-firewall' ),
|
136 |
+
'i_understand' => __( 'I Understand Existing Options Will Be Overwritten', 'wp-simple-firewall' ),
|
137 |
+
'be_sure' => __( 'Please be sure that this is what you want.', 'wp-simple-firewall' ),
|
138 |
+
'not_undone' => __( "This action can't be undone.", 'wp-simple-firewall' ),
|
139 |
+
'title_import_site' => __( "Import From Site", 'wp-simple-firewall' ),
|
140 |
+
|
141 |
+
'title_download_file' => __( 'Download Options Export File', 'wp-simple-firewall' ),
|
142 |
+
'subtitle_download_file' => __( 'Use this file to copy options from this site into another site', 'wp-simple-firewall' ),
|
143 |
+
|
144 |
+
'subtitle_import_site' => __( 'Import options directly from another site', 'wp-simple-firewall' ),
|
145 |
+
'master_site_url' => __( 'Master Site URL', 'wp-simple-firewall' ),
|
146 |
+
'remember_include' => sprintf(
|
147 |
+
__( 'Remember to include %s or %s', 'wp-simple-firewall' ),
|
148 |
+
'<code>https://</code>',
|
149 |
+
'<code>http://</code>'
|
150 |
+
),
|
151 |
+
'secret_key' => __( 'Secret Key', 'wp-simple-firewall' ),
|
152 |
+
'master_site_key' => __( 'Master Site Secret Key', 'wp-simple-firewall' ),
|
153 |
+
'create_network' => __( 'Create Shield Network', 'wp-simple-firewall' ),
|
154 |
+
'key_found_under' => sprintf( __( 'The secret key is found in: %s', 'wp-simple-firewall' ),
|
155 |
+
ucwords( sprintf( '%s > %s > %s ', __( 'General Settings', 'wp-simple-firewall' ), __( 'Import/Export', 'wp-simple-firewall' ), __( 'Secret Key', 'wp-simple-firewall' ) ) )
|
156 |
+
),
|
157 |
+
'turn_on' => __( 'Turn On', 'wp-simple-firewall' ),
|
158 |
+
'turn_off' => __( 'Turn Off', 'wp-simple-firewall' ),
|
159 |
+
'no_change' => __( 'No Change', 'wp-simple-firewall' ),
|
160 |
+
'network_explain' => [
|
161 |
+
__( 'Checking this option on will link this site to Master site.', 'wp-simple-firewall' ),
|
162 |
+
__( 'Options will be automatically imported from the Master site each night', 'wp-simple-firewall' ),
|
163 |
+
__( 'When you adjust options on the Master site, they will be reflected in this site after the automatic import', 'wp-simple-firewall' ),
|
164 |
+
],
|
165 |
+
'import_options' => __( 'Import Options', 'wp-simple-firewall' ),
|
166 |
+
'downloading_please_wait' => __( 'Downloading file, please wait...', 'wp-simple-firewall' ),
|
167 |
+
'problem_downloading_file' => __( 'There was a problem downloading the file.', 'wp-simple-firewall' ),
|
168 |
+
]
|
169 |
+
];
|
170 |
+
}
|
171 |
+
|
172 |
+
/**
|
173 |
+
* @return string
|
174 |
+
*/
|
175 |
+
private function createExportFileDownloadLink() {
|
176 |
+
return add_query_arg(
|
177 |
+
$this->getMod()->getNonceActionData( 'export_file_download' ),
|
178 |
+
$this->getMod()->getUrl_AdminPage()
|
179 |
+
);
|
180 |
+
}
|
181 |
+
}
|
src/lib/src/Modules/Plugin/Lib/ImportExport/NotifyWhitelist.php
ADDED
@@ -0,0 +1,30 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Lib\ImportExport;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
+
use FernleafSystems\Wordpress\Services\Services;
|
7 |
+
|
8 |
+
class NotifyWhitelist {
|
9 |
+
|
10 |
+
use ModConsumer;
|
11 |
+
|
12 |
+
public function run() {
|
13 |
+
/** @var \ICWP_WPSF_FeatureHandler_Plugin $oMod */
|
14 |
+
$oMod = $this->getMod();
|
15 |
+
$oHttpReq = Services::HttpRequest();
|
16 |
+
|
17 |
+
if ( $oMod->hasImportExportWhitelistSites() ) {
|
18 |
+
|
19 |
+
$aQuery = [
|
20 |
+
'blocking' => false,
|
21 |
+
'body' => [ 'shield_action' => 'importexport_updatenotified' ]
|
22 |
+
];
|
23 |
+
foreach ( $oMod->getImportExportWhitelist() as $sUrl ) {
|
24 |
+
$oHttpReq->get( $sUrl, $aQuery );
|
25 |
+
}
|
26 |
+
|
27 |
+
$this->getCon()->fireEvent( 'import_notify_sent' );
|
28 |
+
}
|
29 |
+
}
|
30 |
+
}
|
src/lib/src/Modules/Plugin/Lib/ImportExport/Options/BuildTransferableOptions.php
ADDED
@@ -0,0 +1,22 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Lib\ImportExport\Options;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
+
|
7 |
+
class BuildTransferableOptions {
|
8 |
+
|
9 |
+
use ModConsumer;
|
10 |
+
|
11 |
+
/**
|
12 |
+
* @return mixed[]
|
13 |
+
*/
|
14 |
+
public function build() {
|
15 |
+
$oOpts = $this->getOptions();
|
16 |
+
return array_merge(
|
17 |
+
array_fill_keys( $oOpts->getOptionsKeys(), false ),
|
18 |
+
array_fill_keys( array_keys( $oOpts->getTransferableOptions() ), 'Y' ),
|
19 |
+
array_fill_keys( $oOpts->getXferExcluded(), 'N' )
|
20 |
+
);
|
21 |
+
}
|
22 |
+
}
|
src/lib/src/Modules/Plugin/Lib/ImportExport/Options/SaveExcludedOptions.php
ADDED
@@ -0,0 +1,26 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Lib\ImportExport\Options;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
+
|
7 |
+
class SaveExcludedOptions {
|
8 |
+
|
9 |
+
use ModConsumer;
|
10 |
+
|
11 |
+
/**
|
12 |
+
* Takes a form submission and if the checkbox isn't checked for a given option,
|
13 |
+
* it means we are to exclude that option from imports/exports.
|
14 |
+
* @param string[] $aFormSubmission
|
15 |
+
*/
|
16 |
+
public function save( $aFormSubmission ) {
|
17 |
+
$oOpts = $this->getOptions();
|
18 |
+
$aExcluded = [];
|
19 |
+
foreach ( array_keys( $oOpts->getTransferableOptions() ) as $sOptKey ) {
|
20 |
+
if ( empty( $aFormSubmission[ 'optxfer-'.$sOptKey ] ) ) {
|
21 |
+
$aExcluded[] = $sOptKey;
|
22 |
+
}
|
23 |
+
}
|
24 |
+
$oOpts->setOpt( 'xfer_excluded', $aExcluded );
|
25 |
+
}
|
26 |
+
}
|
src/lib/src/Modules/Plugin/Lib/TestCacheDirWrite.php
ADDED
@@ -0,0 +1,99 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Lib;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
+
use FernleafSystems\Wordpress\Services\Services;
|
7 |
+
|
8 |
+
/**
|
9 |
+
* Class TestCacheDirWrite
|
10 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin\Lib
|
11 |
+
*/
|
12 |
+
class TestCacheDirWrite {
|
13 |
+
|
14 |
+
use ModConsumer;
|
15 |
+
|
16 |
+
/**
|
17 |
+
* @return bool
|
18 |
+
*/
|
19 |
+
public function canWrite() {
|
20 |
+
return $this->run()->getTestData()[ 'last_success_at' ] > 0;
|
21 |
+
}
|
22 |
+
|
23 |
+
/**
|
24 |
+
* @return $this
|
25 |
+
*/
|
26 |
+
protected function run() {
|
27 |
+
$aD = $this->getTestData();
|
28 |
+
$nNow = Services::Request()->ts();
|
29 |
+
|
30 |
+
if ( ( $aD[ 'last_success_at' ] === 0 || $nNow - WEEK_IN_SECONDS > $aD[ 'last_success_at' ] )
|
31 |
+
&& ( $nNow - HOUR_IN_SECONDS > $aD[ 'last_test_at' ] ) ) {
|
32 |
+
|
33 |
+
$sRoot = $this->getCon()->getPath_PluginCache();
|
34 |
+
$bCanWrite = !empty( $sRoot )
|
35 |
+
&& $this->canCreateWriteDeleteFile()
|
36 |
+
&& $this->canCreateWriteDeleteDir();
|
37 |
+
|
38 |
+
$aD[ 'last_success_at' ] = $bCanWrite ? $nNow : 0;
|
39 |
+
$aD[ 'last_test_at' ] = $nNow;
|
40 |
+
$this->getOptions()->setOpt( 'cache_dir_write_test', $aD );
|
41 |
+
}
|
42 |
+
return $this;
|
43 |
+
}
|
44 |
+
|
45 |
+
/**
|
46 |
+
* @return bool
|
47 |
+
*/
|
48 |
+
private function canCreateWriteDeleteDir() {
|
49 |
+
$bCanWrite = false;
|
50 |
+
|
51 |
+
$oFS = Services::WpFs();
|
52 |
+
|
53 |
+
$sTestDir = $this->getCon()->getPluginCachePath( uniqid() );
|
54 |
+
$oFS->mkdir( $sTestDir );
|
55 |
+
if ( $oFS->isDir( $sTestDir ) ) {
|
56 |
+
$sFile = path_join( $sTestDir, uniqid() );
|
57 |
+
$oFS->touch( $sFile );
|
58 |
+
$oFS->deleteDir( $sTestDir );
|
59 |
+
$bCanWrite = !$oFS->isDir( $sTestDir );
|
60 |
+
}
|
61 |
+
return $bCanWrite;
|
62 |
+
}
|
63 |
+
|
64 |
+
/**
|
65 |
+
* @return bool
|
66 |
+
*/
|
67 |
+
private function canCreateWriteDeleteFile() {
|
68 |
+
$bCanWrite = false;
|
69 |
+
|
70 |
+
$oFS = Services::WpFs();
|
71 |
+
|
72 |
+
$sTestFile = $this->getCon()->getPluginCachePath( 'test_write_file.txt' );
|
73 |
+
$oFS->touch( $sTestFile );
|
74 |
+
|
75 |
+
if ( $oFS->exists( $sTestFile ) ) {
|
76 |
+
$sUniq = uniqid();
|
77 |
+
$oFS->putFileContent( $sTestFile, $sUniq );
|
78 |
+
if ( $oFS->getFileContent( $sTestFile ) == $sUniq ) {
|
79 |
+
$oFS->deleteFile( $sTestFile );
|
80 |
+
$bCanWrite = !$oFS->exists( $sTestFile );
|
81 |
+
}
|
82 |
+
}
|
83 |
+
return $bCanWrite;
|
84 |
+
}
|
85 |
+
|
86 |
+
/**
|
87 |
+
* @return array
|
88 |
+
*/
|
89 |
+
private function getTestData() {
|
90 |
+
$aD = $this->getOptions()->getOpt( 'cache_dir_write_test' );
|
91 |
+
return array_merge(
|
92 |
+
[
|
93 |
+
'last_test_at' => 0,
|
94 |
+
'last_success_at' => 0,
|
95 |
+
],
|
96 |
+
is_array( $aD ) ? $aD : []
|
97 |
+
);
|
98 |
+
}
|
99 |
+
}
|
src/lib/src/Modules/Plugin/Options.php
CHANGED
@@ -38,24 +38,13 @@ class Options extends Base\ShieldOptions {
|
|
38 |
/**
|
39 |
* @return array
|
40 |
*/
|
41 |
-
public function
|
42 |
-
|
43 |
-
'
|
44 |
-
'
|
45 |
-
'
|
46 |
-
'
|
47 |
];
|
48 |
-
if ( $aConfig[ 'style_override' ] ) {
|
49 |
-
$aConfig[ 'style' ] = 'light'; // hard-coded light style for non-pro
|
50 |
-
}
|
51 |
-
return $aConfig;
|
52 |
-
}
|
53 |
-
|
54 |
-
/**
|
55 |
-
* @return int
|
56 |
-
*/
|
57 |
-
public function getImportExportHandshakeExpiresAt() {
|
58 |
-
return (int)$this->getOpt( 'importexport_handshake_expires_at', Services::Request()->ts() );
|
59 |
}
|
60 |
|
61 |
/**
|
@@ -72,6 +61,14 @@ class Options extends Base\ShieldOptions {
|
|
72 |
return $this->getOpt( 'visitor_address_source' );
|
73 |
}
|
74 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
75 |
/**
|
76 |
* @return bool
|
77 |
*/
|
@@ -122,6 +119,14 @@ class Options extends Base\ShieldOptions {
|
|
122 |
return $this->isPremium() && $this->isOpt( 'importexport_enable', 'Y' );
|
123 |
}
|
124 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
125 |
/**
|
126 |
* @param bool $bOnOrOff
|
127 |
* @return $this
|
38 |
/**
|
39 |
* @return array
|
40 |
*/
|
41 |
+
public function getCaptchaConfig() {
|
42 |
+
return [
|
43 |
+
'provider' => $this->getOpt( 'captcha_provider', 'grecaptcha' ),
|
44 |
+
'key' => $this->getOpt( 'google_recaptcha_site_key' ),
|
45 |
+
'secret' => $this->getOpt( 'google_recaptcha_secret_key' ),
|
46 |
+
'theme' => $this->getOpt( 'google_recaptcha_style' ),
|
47 |
];
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
48 |
}
|
49 |
|
50 |
/**
|
61 |
return $this->getOpt( 'visitor_address_source' );
|
62 |
}
|
63 |
|
64 |
+
/**
|
65 |
+
* @return array
|
66 |
+
*/
|
67 |
+
public function getShieldNetApiData() {
|
68 |
+
$aD = $this->getOpt( 'snapi_data', [] );
|
69 |
+
return is_array( $aD ) ? $aD:[];
|
70 |
+
}
|
71 |
+
|
72 |
/**
|
73 |
* @return bool
|
74 |
*/
|
119 |
return $this->isPremium() && $this->isOpt( 'importexport_enable', 'Y' );
|
120 |
}
|
121 |
|
122 |
+
/**
|
123 |
+
* @return string[]
|
124 |
+
*/
|
125 |
+
public function getImportExportWhitelist() {
|
126 |
+
$aWhitelist = $this->getOpt( 'importexport_whitelist', [] );
|
127 |
+
return is_array( $aWhitelist ) ? $aWhitelist : [];
|
128 |
+
}
|
129 |
+
|
130 |
/**
|
131 |
* @param bool $bOnOrOff
|
132 |
* @return $this
|
src/lib/src/Modules/Plugin/Strings.php
CHANGED
@@ -45,7 +45,7 @@ class Strings extends Base\Strings {
|
|
45 |
__( 'Master Site URL set: %s', 'wp-simple-firewall' ),
|
46 |
],
|
47 |
'recaptcha_fail' => [
|
48 |
-
__( '
|
49 |
],
|
50 |
];
|
51 |
}
|
@@ -90,19 +90,20 @@ class Strings extends Base\Strings {
|
|
90 |
$sTitleShort = __( 'General Options', 'wp-simple-firewall' );
|
91 |
break;
|
92 |
|
93 |
-
case '
|
94 |
-
$sTitle = __( '
|
95 |
-
$sTitleShort = __( '
|
96 |
$aSummary = [
|
97 |
-
sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ), sprintf( __( 'Setup
|
98 |
sprintf( '%s - %s',
|
99 |
__( 'Recommendation', 'wp-simple-firewall' ),
|
100 |
sprintf( __( 'Use of this feature is highly recommend.', 'wp-simple-firewall' ).' '
|
101 |
-
.sprintf( '%s: %s', __( 'Note', 'wp-simple-firewall' ), __( 'You must create your own
|
102 |
)
|
103 |
-
.sprintf( ' <a href="%s" target="_blank">%s</a>', 'https://www.google.com/recaptcha/admin', __( '
|
|
|
104 |
),
|
105 |
-
sprintf( '%s - %s', __( 'Note', 'wp-simple-firewall' ), sprintf( __( 'Invisible
|
106 |
];
|
107 |
break;
|
108 |
|
@@ -139,7 +140,13 @@ class Strings extends Base\Strings {
|
|
139 |
case 'global_enable_plugin_features' :
|
140 |
$sName = sprintf( __( 'Enable %s Protection', 'wp-simple-firewall' ), $sPlugName );
|
141 |
$sSummary = __( 'Switch Off To Disable All Security Protection', 'wp-simple-firewall' );
|
142 |
-
$sDescription =
|
|
|
|
|
|
|
|
|
|
|
|
|
143 |
break;
|
144 |
|
145 |
case 'enable_tracking' :
|
@@ -162,8 +169,11 @@ class Strings extends Base\Strings {
|
|
162 |
'<strong>'.$oOpts->getIpSource().'</strong>',
|
163 |
Services::IP()->getRequestIp()
|
164 |
)
|
165 |
-
.
|
166 |
-
|
|
|
|
|
|
|
167 |
break;
|
168 |
|
169 |
case 'block_send_email_address' :
|
@@ -239,24 +249,37 @@ class Strings extends Base\Strings {
|
|
239 |
$sDescription = __( 'Keep this ID private.', 'wp-simple-firewall' );
|
240 |
break;
|
241 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
242 |
case 'google_recaptcha_secret_key' :
|
243 |
-
$sName = __( '
|
244 |
-
$sSummary = __( '
|
245 |
-
$sDescription = __( 'Enter your
|
246 |
-
.'<br />'.sprintf( '<strong>%s</strong>: %s', __( 'Important', 'wp-simple-firewall' ), 'reCAPTCHA v3 not supported.' );
|
247 |
break;
|
248 |
|
249 |
case 'google_recaptcha_site_key' :
|
250 |
-
$sName = __( '
|
251 |
-
$sSummary = __( '
|
252 |
-
$sDescription = __( 'Enter your
|
253 |
-
.'<br />'.sprintf( '<strong>%s</strong>: %s', __( 'Important', 'wp-simple-firewall' ), 'reCAPTCHA v3 not supported.' );
|
254 |
break;
|
255 |
|
256 |
case 'google_recaptcha_style' :
|
257 |
-
$sName = __( '
|
258 |
-
$sSummary = __( 'How
|
259 |
-
$sDescription = __( 'You can choose the
|
260 |
break;
|
261 |
|
262 |
default:
|
@@ -270,37 +293,6 @@ class Strings extends Base\Strings {
|
|
270 |
];
|
271 |
}
|
272 |
|
273 |
-
/**
|
274 |
-
* @return array
|
275 |
-
*/
|
276 |
-
private function buildIpAddressMap() {
|
277 |
-
$oReq = Services::Request();
|
278 |
-
$oOpts = $this->getOptions();
|
279 |
-
|
280 |
-
$aOptionData = $oOpts->getRawData_SingleOption( 'visitor_address_source' );
|
281 |
-
$aValueOptions = $aOptionData[ 'value_options' ];
|
282 |
-
|
283 |
-
$aMap = [];
|
284 |
-
$aEmpties = [];
|
285 |
-
foreach ( $aValueOptions as $aOptionValue ) {
|
286 |
-
$sKey = $aOptionValue[ 'value_key' ];
|
287 |
-
if ( $sKey == 'AUTO_DETECT_IP' ) {
|
288 |
-
$sKey = 'Auto Detect';
|
289 |
-
$sIp = Services::IP()->getRequestIp().sprintf( ' (%s)', $oOpts->getOpt( 'last_ip_detect_source' ) );
|
290 |
-
}
|
291 |
-
else {
|
292 |
-
$sIp = $oReq->server( $sKey );
|
293 |
-
}
|
294 |
-
if ( empty( $sIp ) ) {
|
295 |
-
$aEmpties[] = sprintf( '%s- %s', $sKey, 'ip not available' );
|
296 |
-
}
|
297 |
-
else {
|
298 |
-
$aMap[] = sprintf( '%s- %s', $sKey, empty( $sIp ) ? 'ip not available' : '<strong>'.$sIp.'</strong>' );
|
299 |
-
}
|
300 |
-
}
|
301 |
-
return array_merge( $aMap, $aEmpties );
|
302 |
-
}
|
303 |
-
|
304 |
/**
|
305 |
* Kept just in-case and represent dynamically translated strings
|
306 |
*/
|
45 |
__( 'Master Site URL set: %s', 'wp-simple-firewall' ),
|
46 |
],
|
47 |
'recaptcha_fail' => [
|
48 |
+
__( 'CAPTCHA Test Fail', 'wp-simple-firewall' )
|
49 |
],
|
50 |
];
|
51 |
}
|
90 |
$sTitleShort = __( 'General Options', 'wp-simple-firewall' );
|
91 |
break;
|
92 |
|
93 |
+
case 'section_third_party_captcha' :
|
94 |
+
$sTitle = __( 'CAPTCHA', 'wp-simple-firewall' );
|
95 |
+
$sTitleShort = __( 'CAPTCHA', 'wp-simple-firewall' );
|
96 |
$aSummary = [
|
97 |
+
sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ), sprintf( __( 'Setup CAPTCHA for use across %s.', 'wp-simple-firewall' ), $sPlugName ) ),
|
98 |
sprintf( '%s - %s',
|
99 |
__( 'Recommendation', 'wp-simple-firewall' ),
|
100 |
sprintf( __( 'Use of this feature is highly recommend.', 'wp-simple-firewall' ).' '
|
101 |
+
.sprintf( '%s: %s', __( 'Note', 'wp-simple-firewall' ), __( 'You must create your own CAPTCHA API Keys.', 'wp-simple-firewall' ) )
|
102 |
)
|
103 |
+
.'<ul class="mt-1"><li>- '.sprintf( ' <a href="%s" target="_blank">%s</a>', 'https://www.google.com/recaptcha/admin', __( 'Google reCAPTCHA Keys', 'wp-simple-firewall' ) )
|
104 |
+
.'</li><li>- '.sprintf( ' <a href="%s" target="_blank">%s</a>', 'https://dashboard.hcaptcha.com/', __( 'hCaptcha Keys', 'wp-simple-firewall' ) ).'</li></ul>'
|
105 |
),
|
106 |
+
sprintf( '%s - %s', __( 'Note', 'wp-simple-firewall' ), sprintf( __( 'Invisible CAPTCHA is available with %s Pro.', 'wp-simple-firewall' ), $sPlugName ) )
|
107 |
];
|
108 |
break;
|
109 |
|
140 |
case 'global_enable_plugin_features' :
|
141 |
$sName = sprintf( __( 'Enable %s Protection', 'wp-simple-firewall' ), $sPlugName );
|
142 |
$sSummary = __( 'Switch Off To Disable All Security Protection', 'wp-simple-firewall' );
|
143 |
+
$sDescription = [
|
144 |
+
sprintf( __( "You can keep the security plugin activated, but temporarily disable all protection it provides.", 'wp-simple-firewall' ), $sPlugName ),
|
145 |
+
sprintf( '<a href="%s" target="_blank">%s</a>',
|
146 |
+
$this->getCon()->getModule_Insights()->getUrl_SubInsightsPage( 'debug' ),
|
147 |
+
'Launch Debug Info Page'
|
148 |
+
)
|
149 |
+
];
|
150 |
break;
|
151 |
|
152 |
case 'enable_tracking' :
|
169 |
'<strong>'.$oOpts->getIpSource().'</strong>',
|
170 |
Services::IP()->getRequestIp()
|
171 |
)
|
172 |
+
.sprintf(
|
173 |
+
'<p class="mt-2"><a href="%s" target="_blank">%s</a></p>',
|
174 |
+
'https://shsec.io/shieldwhatismyip',
|
175 |
+
__( 'What Is My IP Address?', 'wp-simple-firewall' )
|
176 |
+
);
|
177 |
break;
|
178 |
|
179 |
case 'block_send_email_address' :
|
249 |
$sDescription = __( 'Keep this ID private.', 'wp-simple-firewall' );
|
250 |
break;
|
251 |
|
252 |
+
case 'captcha_provider' :
|
253 |
+
$sName = __( 'CAPTCHA Provider', 'wp-simple-firewall' );
|
254 |
+
$sSummary = __( 'Which CAPTCHA Provider To Use Throughout', 'wp-simple-firewall' );
|
255 |
+
$sDescription = [
|
256 |
+
__( 'You can choose the CAPTCHA provider depending on your preferences.', 'wp-simple-firewall' ),
|
257 |
+
__( 'Ensure your Site Keys and Secret Keys are supplied from the appropriate provider.', 'wp-simple-firewall' ),
|
258 |
+
sprintf( '<strong>%s</strong>',
|
259 |
+
sprintf( '%s: %s', __( 'Important', 'wp-simple-firewall' ),
|
260 |
+
__( 'Keys for different providers are not interchangeable.', 'wp-simple-firewall' ) )
|
261 |
+
),
|
262 |
+
];
|
263 |
+
break;
|
264 |
+
|
265 |
case 'google_recaptcha_secret_key' :
|
266 |
+
$sName = __( 'CAPTCHA Secret', 'wp-simple-firewall' );
|
267 |
+
$sSummary = __( 'CAPTCHA Secret Key', 'wp-simple-firewall' );
|
268 |
+
$sDescription = __( 'Enter your CAPTCHA secret key for use throughout the plugin.', 'wp-simple-firewall' )
|
269 |
+
.'<br />'.sprintf( '<strong>%s</strong>: %s', __( 'Important', 'wp-simple-firewall' ), __( 'Google reCAPTCHA v3 not supported.', 'wp-simple-firewall' ) );
|
270 |
break;
|
271 |
|
272 |
case 'google_recaptcha_site_key' :
|
273 |
+
$sName = __( 'CAPTCHA Site Key', 'wp-simple-firewall' );
|
274 |
+
$sSummary = __( 'CAPTCHA Site Key', 'wp-simple-firewall' );
|
275 |
+
$sDescription = __( 'Enter your CAPTCHA site key for use throughout the plugin.', 'wp-simple-firewall' )
|
276 |
+
.'<br />'.sprintf( '<strong>%s</strong>: %s', __( 'Important', 'wp-simple-firewall' ), __( 'Google reCAPTCHA v3 not supported.', 'wp-simple-firewall' ) );
|
277 |
break;
|
278 |
|
279 |
case 'google_recaptcha_style' :
|
280 |
+
$sName = __( 'CAPTCHA Style', 'wp-simple-firewall' );
|
281 |
+
$sSummary = __( 'How CAPTCHA Will Be Displayed By Default', 'wp-simple-firewall' );
|
282 |
+
$sDescription = __( 'You can choose the CAPTCHA display format that best suits your site, including the new Invisible CAPTCHA.', 'wp-simple-firewall' );
|
283 |
break;
|
284 |
|
285 |
default:
|
293 |
];
|
294 |
}
|
295 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
296 |
/**
|
297 |
* Kept just in-case and represent dynamically translated strings
|
298 |
*/
|
src/lib/src/Modules/Reporting/Lib/ReportingController.php
ADDED
@@ -0,0 +1,151 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting\Lib;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Reports as DBReports;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules;
|
7 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting\Lib\Reports\Build;
|
8 |
+
use FernleafSystems\Wordpress\Services\Services;
|
9 |
+
|
10 |
+
class ReportingController {
|
11 |
+
|
12 |
+
use Modules\ModConsumer;
|
13 |
+
use Modules\Base\OneTimeExecute;
|
14 |
+
|
15 |
+
/**
|
16 |
+
* @return bool
|
17 |
+
*/
|
18 |
+
protected function canRun() {
|
19 |
+
/** @var Modules\Reporting\Options $oOpts */
|
20 |
+
$oOpts = $this->getOptions();
|
21 |
+
return $oOpts->getFrequencyInfo() !== 'disabled' || $oOpts->getFrequencyAlert() !== 'disabled';
|
22 |
+
}
|
23 |
+
|
24 |
+
protected function run() {
|
25 |
+
add_action( $this->getCon()->prefix( 'hourly_cron' ), [ $this, 'runHourlyCron' ] );
|
26 |
+
}
|
27 |
+
|
28 |
+
public function runHourlyCron() {
|
29 |
+
$this->buildAndSendReport();
|
30 |
+
}
|
31 |
+
|
32 |
+
private function buildAndSendReport() {
|
33 |
+
/** @var Modules\Reporting\Options $oOpts */
|
34 |
+
$oOpts = $this->getOptions();
|
35 |
+
|
36 |
+
$aReports = [];
|
37 |
+
|
38 |
+
if ( $oOpts->getFrequencyAlert() !== 'disabled' ) {
|
39 |
+
try {
|
40 |
+
$oAlertReport = $this->buildReportAlerts();
|
41 |
+
if ( !empty( $oAlertReport->content ) ) {
|
42 |
+
$this->storeReportRecord( $oAlertReport );
|
43 |
+
$aReports[] = $oAlertReport;
|
44 |
+
}
|
45 |
+
}
|
46 |
+
catch ( \Exception $oE ) {
|
47 |
+
}
|
48 |
+
}
|
49 |
+
|
50 |
+
if ( $oOpts->getFrequencyInfo() !== 'disabled' ) {
|
51 |
+
try {
|
52 |
+
$oInfoReport = $this->buildReportInfo();
|
53 |
+
if ( !empty( $oInfoReport->content ) ) {
|
54 |
+
$this->storeReportRecord( $oInfoReport );
|
55 |
+
$aReports[] = $oInfoReport;
|
56 |
+
}
|
57 |
+
}
|
58 |
+
catch ( \Exception $oE ) {
|
59 |
+
}
|
60 |
+
}
|
61 |
+
|
62 |
+
$this->sendEmail( $aReports );
|
63 |
+
}
|
64 |
+
|
65 |
+
/**
|
66 |
+
* @param \FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting\Lib\Reports\ReportVO $oReport
|
67 |
+
* @return bool
|
68 |
+
*/
|
69 |
+
private function storeReportRecord( Reports\ReportVO $oReport ) {
|
70 |
+
$oRecord = new DBReports\EntryVO();
|
71 |
+
$oRecord->sent_at = Services::Request()->ts();
|
72 |
+
$oRecord->rid = $oReport->rid;
|
73 |
+
$oRecord->type = $oReport->type;
|
74 |
+
$oRecord->frequency = $oReport->interval;
|
75 |
+
$oRecord->interval_end_at = $oReport->interval_end_at;
|
76 |
+
|
77 |
+
/** @var \ICWP_WPSF_FeatureHandler_Reporting $oMod */
|
78 |
+
$oMod = $this->getMod();
|
79 |
+
return $oMod->getDbHandler_Reports()
|
80 |
+
->getQueryInserter()
|
81 |
+
->insert( $oRecord );
|
82 |
+
}
|
83 |
+
|
84 |
+
/**
|
85 |
+
* @return \FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting\Lib\Reports\ReportVO
|
86 |
+
* @throws \Exception
|
87 |
+
*/
|
88 |
+
private function buildReportAlerts() {
|
89 |
+
$oReport = ( new Reports\CreateReportVO( DBReports\Handler::TYPE_ALERT ) )
|
90 |
+
->setMod( $this->getMod() )
|
91 |
+
->create();
|
92 |
+
( new Build\BuilderAlerts( $oReport ) )
|
93 |
+
->setMod( $this->getMod() )
|
94 |
+
->build();
|
95 |
+
return $oReport;
|
96 |
+
}
|
97 |
+
|
98 |
+
/**
|
99 |
+
* @return \FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting\Lib\Reports\ReportVO
|
100 |
+
* @throws \Exception
|
101 |
+
*/
|
102 |
+
private function buildReportInfo() {
|
103 |
+
$oReport = ( new Reports\CreateReportVO( DBReports\Handler::TYPE_INFO ) )
|
104 |
+
->setMod( $this->getMod() )
|
105 |
+
->create();
|
106 |
+
( new Build\BuilderInfo( $oReport ) )
|
107 |
+
->setMod( $this->getMod() )
|
108 |
+
->build();
|
109 |
+
return $oReport;
|
110 |
+
}
|
111 |
+
|
112 |
+
/**
|
113 |
+
* @param \FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting\Lib\Reports\ReportVO[] $aReportVOs
|
114 |
+
*/
|
115 |
+
private function sendEmail( array $aReportVOs ) {
|
116 |
+
|
117 |
+
$aReports = array_filter( array_map(
|
118 |
+
function ( $oReport ) {
|
119 |
+
return $oReport->content;
|
120 |
+
},
|
121 |
+
$aReportVOs
|
122 |
+
) );
|
123 |
+
|
124 |
+
if ( !empty( $aReports ) ) {
|
125 |
+
$oWP = Services::WpGeneral();
|
126 |
+
$aReports = array_merge(
|
127 |
+
[
|
128 |
+
__( 'Please find your site report below.', 'wp-simple-firewall' ),
|
129 |
+
__( 'Depending on your settings and cron timings, this report may contain a combination of alerts, statistics and other information.', 'wp-simple-firewall' ),
|
130 |
+
'',
|
131 |
+
sprintf( '- %s: %s', __( 'Site URL', 'wp-simple-firewall' ), $oWP->getHomeUrl() ),
|
132 |
+
sprintf( '- %s: %s', __( 'Report Generation Date', 'wp-simple-firewall' ),
|
133 |
+
$oWP->getTimeStampForDisplay() ),
|
134 |
+
'',
|
135 |
+
__( 'Please use the links provided to review the report details.', 'wp-simple-firewall' ),
|
136 |
+
],
|
137 |
+
$aReports,
|
138 |
+
[
|
139 |
+
__( 'Thank You.', 'wp-simple-firewall' ),
|
140 |
+
]
|
141 |
+
);
|
142 |
+
$this->getMod()
|
143 |
+
->getEmailProcessor()
|
144 |
+
->sendEmailWithWrap(
|
145 |
+
$this->getMod()->getPluginReportEmail(),
|
146 |
+
__( 'Site Report', 'wp-simple-firewall' ).' - '.$this->getCon()->getHumanName(),
|
147 |
+
$aReports
|
148 |
+
);
|
149 |
+
}
|
150 |
+
}
|
151 |
+
}
|
src/lib/src/Modules/Reporting/Lib/Reports/BaseReporter.php
ADDED
@@ -0,0 +1,38 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting\Lib\Reports;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
+
|
7 |
+
abstract class BaseReporter {
|
8 |
+
|
9 |
+
use ModConsumer;
|
10 |
+
|
11 |
+
/**
|
12 |
+
* @var ReportVO
|
13 |
+
*/
|
14 |
+
private $rep;
|
15 |
+
|
16 |
+
/**
|
17 |
+
* @return array
|
18 |
+
*/
|
19 |
+
public function build() {
|
20 |
+
return [];
|
21 |
+
}
|
22 |
+
|
23 |
+
/**
|
24 |
+
* @return ReportVO
|
25 |
+
*/
|
26 |
+
public function getReport() {
|
27 |
+
return $this->rep;
|
28 |
+
}
|
29 |
+
|
30 |
+
/**
|
31 |
+
* @param ReportVO $oRep
|
32 |
+
* @return $this
|
33 |
+
*/
|
34 |
+
public function setReport( ReportVO $oRep ) {
|
35 |
+
$this->rep = $oRep;
|
36 |
+
return $this;
|
37 |
+
}
|
38 |
+
}
|
src/lib/src/Modules/Reporting/Lib/Reports/Build/BaseBuilder.php
ADDED
@@ -0,0 +1,90 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting\Lib\Reports\Build;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
7 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting\Lib\Reports\ReportVO;
|
8 |
+
use FernleafSystems\Wordpress\Services\Services;
|
9 |
+
|
10 |
+
abstract class BaseBuilder {
|
11 |
+
|
12 |
+
use ModConsumer;
|
13 |
+
|
14 |
+
/**
|
15 |
+
* @var ReportVO
|
16 |
+
*/
|
17 |
+
protected $rep;
|
18 |
+
|
19 |
+
public function __construct( ReportVO $oReport ) {
|
20 |
+
$this->rep = $oReport;
|
21 |
+
}
|
22 |
+
|
23 |
+
/**
|
24 |
+
* @throws \Exception
|
25 |
+
*/
|
26 |
+
public function build() {
|
27 |
+
if ( $this->isReadyToSend() ) {
|
28 |
+
$aData = $this->gather();
|
29 |
+
if ( !empty( $aData ) ) {
|
30 |
+
$this->rep->content = $this->render( $aData );
|
31 |
+
}
|
32 |
+
}
|
33 |
+
}
|
34 |
+
|
35 |
+
/**
|
36 |
+
* @return bool
|
37 |
+
*/
|
38 |
+
protected function isReadyToSend() {
|
39 |
+
return !Services::WpGeneral()->isCron()
|
40 |
+
|| empty( $this->rep->previous )
|
41 |
+
|| Services::Request()->ts() > $this->rep->interval_end_at;
|
42 |
+
}
|
43 |
+
|
44 |
+
/**
|
45 |
+
* @return string[]
|
46 |
+
*/
|
47 |
+
abstract protected function gather();
|
48 |
+
|
49 |
+
/**
|
50 |
+
* @param array $aGatheredData
|
51 |
+
* @return string
|
52 |
+
*/
|
53 |
+
abstract protected function render( array $aGatheredData );
|
54 |
+
|
55 |
+
/**
|
56 |
+
* When displaying, we must take into account the GMT offset of the site.
|
57 |
+
* @return string
|
58 |
+
*/
|
59 |
+
protected function getTimeIntervalForDisplay() {
|
60 |
+
$oCStart = Services::Request()->carbon( true )->setTimestamp( $this->rep->interval_start_at );
|
61 |
+
$oCEnd = Services::Request()->carbon( true )->setTimestamp( $this->rep->interval_end_at );
|
62 |
+
|
63 |
+
switch ( $this->rep->interval ) {
|
64 |
+
case 'hourly':
|
65 |
+
$sTime = sprintf( 'The full hour from %s until %s on %s.',
|
66 |
+
$oCStart->format( 'H:i' ),
|
67 |
+
$oCStart->addHours( 1 )->format( 'H:i' ),
|
68 |
+
$oCEnd->format( 'D, d F (Y)' ) );
|
69 |
+
break;
|
70 |
+
case 'daily':
|
71 |
+
$sTime = sprintf( 'The entire day of %s.', $oCStart->format( 'D j F' ) );
|
72 |
+
break;
|
73 |
+
case 'weekly':
|
74 |
+
$sTime = sprintf( '1 week from %s until %s (inclusive).',
|
75 |
+
$oCStart->format( 'D j F' ), $oCEnd->format( 'D j F' )
|
76 |
+
);
|
77 |
+
break;
|
78 |
+
case 'monthly':
|
79 |
+
$sTime = sprintf( 'The month of %s.', $oCStart->format( 'F, Y' ) );
|
80 |
+
break;
|
81 |
+
case 'yearly':
|
82 |
+
$sTime = sprintf( 'The year %s', $oCStart->format( 'Y' ) );
|
83 |
+
break;
|
84 |
+
default:
|
85 |
+
$sTime = '';
|
86 |
+
break;
|
87 |
+
}
|
88 |
+
return $sTime;
|
89 |
+
}
|
90 |
+
}
|
src/lib/src/Modules/Reporting/Lib/Reports/Build/BuilderAlerts.php
ADDED
@@ -0,0 +1,48 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting\Lib\Reports\Build;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Base\BaseReporting;
|
7 |
+
|
8 |
+
class BuilderAlerts extends BaseBuilder {
|
9 |
+
|
10 |
+
/**
|
11 |
+
* @return string[]
|
12 |
+
*/
|
13 |
+
protected function gather() {
|
14 |
+
$aReports = [];
|
15 |
+
foreach ( $this->getCon()->modules as $oMod ) {
|
16 |
+
$oRepCon = $oMod->getReportingHandler();
|
17 |
+
if ( $oRepCon instanceof BaseReporting ) {
|
18 |
+
foreach ( $oRepCon->getAlertReporters() as $oReporter ) {
|
19 |
+
$aReports = array_merge(
|
20 |
+
$aReports,
|
21 |
+
$oReporter->setReport( $this->rep )
|
22 |
+
->build()
|
23 |
+
);
|
24 |
+
}
|
25 |
+
}
|
26 |
+
}
|
27 |
+
return $aReports;
|
28 |
+
}
|
29 |
+
|
30 |
+
/**
|
31 |
+
* @param array $aGatheredData
|
32 |
+
* @return string
|
33 |
+
*/
|
34 |
+
protected function render( array $aGatheredData ) {
|
35 |
+
return $this->getMod()->renderTemplate(
|
36 |
+
'/components/reports/alert_body.twig',
|
37 |
+
[
|
38 |
+
'vars' => [
|
39 |
+
'alerts' => $aGatheredData
|
40 |
+
],
|
41 |
+
'strings' => [
|
42 |
+
'title' => __( 'Important Alerts', 'wp-simple-firewall' ),
|
43 |
+
'subtitle' => __( 'The following is a collection of the latest alerts since your previous report.', 'wp-simple-firewall' ),
|
44 |
+
],
|
45 |
+
]
|
46 |
+
);
|
47 |
+
}
|
48 |
+
}
|
src/lib/src/Modules/Reporting/Lib/Reports/Build/BuilderInfo.php
ADDED
@@ -0,0 +1,49 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting\Lib\Reports\Build;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Base\BaseReporting;
|
6 |
+
|
7 |
+
class BuilderInfo extends BaseBuilder {
|
8 |
+
|
9 |
+
/**
|
10 |
+
* @return string[]
|
11 |
+
*/
|
12 |
+
protected function gather() {
|
13 |
+
$aReports = [];
|
14 |
+
foreach ( $this->getCon()->modules as $oMod ) {
|
15 |
+
$oRepCon = $oMod->getReportingHandler();
|
16 |
+
if ( $oRepCon instanceof BaseReporting ) {
|
17 |
+
foreach ( $oRepCon->getInfoReporters() as $oReporter ) {
|
18 |
+
$aReports = array_merge(
|
19 |
+
$aReports,
|
20 |
+
$oReporter->setReport( $this->rep )
|
21 |
+
->build()
|
22 |
+
);
|
23 |
+
}
|
24 |
+
}
|
25 |
+
}
|
26 |
+
return $aReports;
|
27 |
+
}
|
28 |
+
|
29 |
+
/**
|
30 |
+
* @inheritDoc
|
31 |
+
*/
|
32 |
+
protected function render( array $aGatheredData ) {
|
33 |
+
return $this->getMod()->renderTemplate(
|
34 |
+
'/components/reports/info_body.twig',
|
35 |
+
[
|
36 |
+
'vars' => [
|
37 |
+
'alerts' => $aGatheredData
|
38 |
+
],
|
39 |
+
'strings' => [
|
40 |
+
'title' => __( 'Site Information Report', 'wp-simple-firewall' ),
|
41 |
+
'subtitle' => __( 'The following is a collection of the latest information based on your reporting settings.', 'wp-simple-firewall' ),
|
42 |
+
'dates_below' => __( 'Information is for the following time period.', 'wp-simple-firewall' ),
|
43 |
+
'reporting_period' => __( 'Reporting Period', 'wp-simple-firewall' ),
|
44 |
+
'time_interval' => $this->getTimeIntervalForDisplay(),
|
45 |
+
],
|
46 |
+
]
|
47 |
+
);
|
48 |
+
}
|
49 |
+
}
|
src/lib/src/Modules/Reporting/Lib/Reports/CreateReportVO.php
ADDED
@@ -0,0 +1,155 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting\Lib\Reports;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Reports;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
7 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting;
|
8 |
+
use FernleafSystems\Wordpress\Services\Services;
|
9 |
+
|
10 |
+
class CreateReportVO {
|
11 |
+
|
12 |
+
use ModConsumer;
|
13 |
+
|
14 |
+
/**
|
15 |
+
* @var ReportVO
|
16 |
+
*/
|
17 |
+
private $rep;
|
18 |
+
|
19 |
+
/**
|
20 |
+
* CreateReportVO constructor.
|
21 |
+
* @param string $sReportType
|
22 |
+
*/
|
23 |
+
public function __construct( $sReportType ) {
|
24 |
+
$this->rep = new ReportVO();
|
25 |
+
$this->rep->type = $sReportType;
|
26 |
+
}
|
27 |
+
|
28 |
+
/**
|
29 |
+
* @return ReportVO
|
30 |
+
* @throws \Exception
|
31 |
+
*/
|
32 |
+
public function create() {
|
33 |
+
$this->setReportInterval()
|
34 |
+
->setPreviousReport()
|
35 |
+
->setIntervalBoundaries()
|
36 |
+
->setReportId();
|
37 |
+
return $this->rep;
|
38 |
+
}
|
39 |
+
|
40 |
+
/**
|
41 |
+
* @return $this
|
42 |
+
* @throws \Exception
|
43 |
+
*/
|
44 |
+
private function setReportInterval() {
|
45 |
+
/** @var Reporting\Options $oOpts */
|
46 |
+
$oOpts = $this->getOptions();
|
47 |
+
|
48 |
+
switch ( $this->rep->type ) {
|
49 |
+
case Reports\Handler::TYPE_ALERT:
|
50 |
+
$this->rep->interval = $oOpts->getFrequencyAlert();
|
51 |
+
break;
|
52 |
+
case Reports\Handler::TYPE_INFO:
|
53 |
+
$this->rep->interval = $oOpts->getFrequencyInfo();
|
54 |
+
break;
|
55 |
+
default:
|
56 |
+
throw new \Exception( 'Not a supported report type: '.$this->rep->type );
|
57 |
+
break;
|
58 |
+
}
|
59 |
+
return $this;
|
60 |
+
}
|
61 |
+
|
62 |
+
/**
|
63 |
+
* @return $this
|
64 |
+
*/
|
65 |
+
private function setPreviousReport() {
|
66 |
+
/** @var \ICWP_WPSF_FeatureHandler_Reporting $oMod */
|
67 |
+
$oMod = $this->getMod();
|
68 |
+
/** @var Reports\Select $oSel */
|
69 |
+
$oSel = $oMod->getDbHandler_Reports()->getQuerySelector();
|
70 |
+
/** @var Reports\EntryVO $oLast */
|
71 |
+
$this->rep->previous = $oSel->filterByType( $this->rep->type )
|
72 |
+
->filterByFrequency( $this->rep->interval )
|
73 |
+
->setOrderBy( 'sent_at', 'DESC' )
|
74 |
+
->first();
|
75 |
+
return $this;
|
76 |
+
}
|
77 |
+
|
78 |
+
/**
|
79 |
+
* Here we test whether the report time boundary overlaps with the boundaries of the previous report.
|
80 |
+
* If it does overlap, we're creating a duplicate report.
|
81 |
+
*
|
82 |
+
* @return $this
|
83 |
+
* @throws \Exception
|
84 |
+
*/
|
85 |
+
private function setIntervalBoundaries() {
|
86 |
+
|
87 |
+
$oC = Services::Request()->carbon( true );
|
88 |
+
$nAddition = -1; // the previous hour, day, week, month
|
89 |
+
|
90 |
+
switch ( $this->rep->interval ) {
|
91 |
+
// case 'realtime':
|
92 |
+
// break;
|
93 |
+
case 'hourly':
|
94 |
+
$oC->addHours( $nAddition );
|
95 |
+
$nStart = $oC->startOfHour()->timestamp;
|
96 |
+
$nEnd = $oC->endOfHour()->timestamp;
|
97 |
+
break;
|
98 |
+
case 'daily':
|
99 |
+
$oC->addDays( $nAddition );
|
100 |
+
$nStart = $oC->startOfDay()->timestamp;
|
101 |
+
$nEnd = $oC->endOfDay()->timestamp;
|
102 |
+
break;
|
103 |
+
case 'weekly':
|
104 |
+
$oC->addWeeks( $nAddition );
|
105 |
+
$nStart = $oC->startOfWeek()->timestamp;
|
106 |
+
$nEnd = $oC->endOfWeek()->timestamp;
|
107 |
+
break;
|
108 |
+
case 'monthly':
|
109 |
+
$oC->addMonths( $nAddition );
|
110 |
+
$nStart = $oC->startOfMonth()->timestamp;
|
111 |
+
$nEnd = $oC->endOfMonth()->timestamp;
|
112 |
+
break;
|
113 |
+
case 'yearly':
|
114 |
+
$oC->addYears( $nAddition );
|
115 |
+
$nStart = $oC->startOfYear()->timestamp;
|
116 |
+
$nEnd = $oC->endOfYear()->timestamp;
|
117 |
+
break;
|
118 |
+
default:
|
119 |
+
throw new \Exception( 'Not a supported frequency' );
|
120 |
+
break;
|
121 |
+
}
|
122 |
+
|
123 |
+
if ( $this->rep->previous instanceof Reports\EntryVO
|
124 |
+
&& $nEnd <= $this->rep->previous->interval_end_at ) {
|
125 |
+
throw new \Exception( 'Attempting to create a duplicate report based on interval.' );
|
126 |
+
}
|
127 |
+
|
128 |
+
$this->rep->interval_start_at = $nStart;
|
129 |
+
$this->rep->interval_end_at = $nEnd;
|
130 |
+
|
131 |
+
return $this;
|
132 |
+
}
|
133 |
+
|
134 |
+
/**
|
135 |
+
* @return $this
|
136 |
+
* @throws \Exception
|
137 |
+
*/
|
138 |
+
private function setReportId() {
|
139 |
+
/** @var \ICWP_WPSF_FeatureHandler_Reporting $oMod */
|
140 |
+
$oMod = $this->getMod();
|
141 |
+
/** @var Reports\Select $oSel */
|
142 |
+
$oSel = $oMod->getDbHandler_Reports()->getQuerySelector();
|
143 |
+
$nPrevID = $oSel->getLastReportId();
|
144 |
+
$this->rep->rid = is_numeric( $nPrevID ) ? $nPrevID + 1 : 1;
|
145 |
+
return $this;
|
146 |
+
}
|
147 |
+
|
148 |
+
/**
|
149 |
+
* TODO
|
150 |
+
* @return bool
|
151 |
+
*/
|
152 |
+
private function isOnDemandReport() {
|
153 |
+
return !Services::WpGeneral()->isCron();
|
154 |
+
}
|
155 |
+
}
|
src/lib/src/Modules/Reporting/Lib/Reports/ReportVO.php
ADDED
@@ -0,0 +1,22 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting\Lib\Reports;
|
4 |
+
|
5 |
+
use FernleafSystems\Utilities\Data\Adapter\StdClassAdapter;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Reports\EntryVO;
|
7 |
+
|
8 |
+
/**
|
9 |
+
* Class ReportVO
|
10 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting\Lib\Reports\Build
|
11 |
+
* @property int $rid
|
12 |
+
* @property string $type
|
13 |
+
* @property string $interval
|
14 |
+
* @property int $interval_start_at
|
15 |
+
* @property int $interval_end_at
|
16 |
+
* @property string $content
|
17 |
+
* @property EntryVO|false $previous
|
18 |
+
*/
|
19 |
+
class ReportVO {
|
20 |
+
|
21 |
+
use StdClassAdapter;
|
22 |
+
}
|
src/lib/src/Modules/Reporting/Options.php
ADDED
@@ -0,0 +1,48 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Base;
|
6 |
+
|
7 |
+
class Options extends Base\ShieldOptions {
|
8 |
+
|
9 |
+
/**
|
10 |
+
* @return string[]
|
11 |
+
*/
|
12 |
+
public function getDbColumns_Reports() {
|
13 |
+
return $this->getDef( 'reports_table_columns' );
|
14 |
+
}
|
15 |
+
|
16 |
+
/**
|
17 |
+
* @return string
|
18 |
+
*/
|
19 |
+
public function getDbTable_Reports() {
|
20 |
+
return $this->getCon()->prefixOption( $this->getDef( 'reports_table_name' ) );
|
21 |
+
}
|
22 |
+
|
23 |
+
/**
|
24 |
+
* @return string
|
25 |
+
*/
|
26 |
+
public function getFrequencyAlert() {
|
27 |
+
return $this->getFrequency( 'alert' );
|
28 |
+
}
|
29 |
+
|
30 |
+
/**
|
31 |
+
* @return string
|
32 |
+
*/
|
33 |
+
public function getFrequencyInfo() {
|
34 |
+
return $this->getFrequency( 'info' );
|
35 |
+
}
|
36 |
+
|
37 |
+
/**
|
38 |
+
* @param string $sType
|
39 |
+
* @return string
|
40 |
+
*/
|
41 |
+
private function getFrequency( $sType ) {
|
42 |
+
$sKey = 'frequency_'.$sType;
|
43 |
+
$sDefault = $this->getOptDefault( $sKey );
|
44 |
+
return ( $this->isPremium() || in_array( $this->getOpt( $sKey ), [ 'disabled', $sDefault ] ) )
|
45 |
+
? $this->getOpt( $sKey )
|
46 |
+
: $sDefault;
|
47 |
+
}
|
48 |
+
}
|
src/lib/src/Modules/Reporting/Strings.php
ADDED
@@ -0,0 +1,138 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Modules\Reporting;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Base;
|
6 |
+
|
7 |
+
class Strings extends Base\Strings {
|
8 |
+
|
9 |
+
/**
|
10 |
+
* @return string[]
|
11 |
+
*/
|
12 |
+
protected function getAdditionalDisplayStrings() {
|
13 |
+
return [
|
14 |
+
'title_license_summary' => __( 'License Summary', 'wp-simple-firewall' ),
|
15 |
+
'title_license_activation' => __( 'License Activation', 'wp-simple-firewall' ),
|
16 |
+
'check_availability' => __( 'Check License Availability For This Site', 'wp-simple-firewall' ),
|
17 |
+
'check_license' => __( 'Check License', 'wp-simple-firewall' ),
|
18 |
+
'clear_license' => __( 'Clear License Status', 'wp-simple-firewall' ),
|
19 |
+
'url_to_activate' => __( 'URL To Activate', 'wp-simple-firewall' ),
|
20 |
+
'activate_site_in' => sprintf(
|
21 |
+
__( 'Activate this site URL in your %s control panel', 'wp-simple-firewall' ),
|
22 |
+
__( 'Keyless Activation', 'wp-simple-firewall' )
|
23 |
+
),
|
24 |
+
'license_check_limit' => sprintf( __( 'Licenses may be checked once every %s seconds', 'wp-simple-firewall' ), 20 ),
|
25 |
+
'more_frequent' => __( 'more frequent checks will be ignored', 'wp-simple-firewall' ),
|
26 |
+
'incase_debug' => __( 'In case of activation problems, click the link', 'wp-simple-firewall' ),
|
27 |
+
|
28 |
+
'product_name' => __( 'Name', 'wp-simple-firewall' ),
|
29 |
+
'license_active' => __( 'Active', 'wp-simple-firewall' ),
|
30 |
+
'license_status' => __( 'Status', 'wp-simple-firewall' ),
|
31 |
+
'license_key' => __( 'Key', 'wp-simple-firewall' ),
|
32 |
+
'license_expires' => __( 'Expires', 'wp-simple-firewall' ),
|
33 |
+
'license_email' => __( 'Owner', 'wp-simple-firewall' ),
|
34 |
+
'last_checked' => __( 'Checked', 'wp-simple-firewall' ),
|
35 |
+
'last_errors' => __( 'Error', 'wp-simple-firewall' ),
|
36 |
+
];
|
37 |
+
}
|
38 |
+
|
39 |
+
/**
|
40 |
+
* @return string[][]
|
41 |
+
*/
|
42 |
+
protected function getAuditMessages() {
|
43 |
+
return [
|
44 |
+
'lic_check_success' => [
|
45 |
+
__( 'Pro License check succeeded.', 'wp-simple-firewall' )
|
46 |
+
],
|
47 |
+
'lic_fail_email' => [
|
48 |
+
__( 'License check failed. Sending Warning Email.', 'wp-simple-firewall' )
|
49 |
+
],
|
50 |
+
'lic_fail_deactivate' => [
|
51 |
+
__( 'License check failed. Deactivating Pro.', 'wp-simple-firewall' )
|
52 |
+
],
|
53 |
+
];
|
54 |
+
}
|
55 |
+
|
56 |
+
/**
|
57 |
+
* @param string $sOptKey
|
58 |
+
* @return array
|
59 |
+
* @throws \Exception
|
60 |
+
*/
|
61 |
+
public function getOptionStrings( $sOptKey ) {
|
62 |
+
$oCon = $this->getCon();
|
63 |
+
|
64 |
+
switch ( $sOptKey ) {
|
65 |
+
|
66 |
+
case 'frequency_alert' :
|
67 |
+
$sName = __( 'Alert Frequency', 'wp-simple-firewall' );
|
68 |
+
$sSummary = __( 'How Often Important Alerts Will Be Sent To You', 'wp-simple-firewall' );
|
69 |
+
$sDescription = [
|
70 |
+
__( 'Choose when you should be sent important and critical alerts about your site security.', 'wp-simple-firewall' ),
|
71 |
+
__( 'Critical alerts are typically results from your most recent site scans.', 'wp-simple-firewall' )
|
72 |
+
];
|
73 |
+
if ( !$oCon->isPremiumActive() ) {
|
74 |
+
$sDescription[] = __( 'If you wish to receive alerts more quickly, please consider upgrading to ShieldPRO.', 'wp-simple-firewall' );
|
75 |
+
$sDescription[] = sprintf( '<a href="%s" target="_blank">%s</a>', 'https://shsec.io/shieldgoprofeature', __( 'Upgrade to ShieldPRO', 'wp-simple-firewall' ) );
|
76 |
+
}
|
77 |
+
break;
|
78 |
+
|
79 |
+
case 'frequency_info' :
|
80 |
+
$sName = __( 'Info Frequency', 'wp-simple-firewall' );
|
81 |
+
$sSummary = __( 'How Often Informational Reports Will Be Sent To You', 'wp-simple-firewall' );
|
82 |
+
$sDescription = [
|
83 |
+
__( 'Choose when you should be sent non-critical information and reports about your site security.', 'wp-simple-firewall' ),
|
84 |
+
__( 'Information and reports are typically statistics.', 'wp-simple-firewall' )
|
85 |
+
];
|
86 |
+
if ( !$oCon->isPremiumActive() ) {
|
87 |
+
$sDescription[] = __( 'If you wish to receive reports more often, please consider upgrading to ShieldPRO.', 'wp-simple-firewall' );
|
88 |
+
$sDescription[] = sprintf( '<a href="%s" target="_blank">%s</a>', 'https://shsec.io/shieldgoprofeature', __( 'Upgrade to ShieldPRO', 'wp-simple-firewall' ) );
|
89 |
+
}
|
90 |
+
break;
|
91 |
+
|
92 |
+
default:
|
93 |
+
return parent::getOptionStrings( $sOptKey );
|
94 |
+
}
|
95 |
+
|
96 |
+
return [
|
97 |
+
'name' => $sName,
|
98 |
+
'summary' => $sSummary,
|
99 |
+
'description' => $sDescription,
|
100 |
+
];
|
101 |
+
}
|
102 |
+
|
103 |
+
/**
|
104 |
+
* @param string $sSectionSlug
|
105 |
+
* @return array
|
106 |
+
* @throws \Exception
|
107 |
+
*/
|
108 |
+
public function getSectionStrings( $sSectionSlug ) {
|
109 |
+
|
110 |
+
switch ( $sSectionSlug ) {
|
111 |
+
|
112 |
+
case 'section_timings' :
|
113 |
+
$sTitle = __( 'Report Frequencies', 'wp-simple-firewall' );
|
114 |
+
$sTitleShort = __( 'Report Frequencies', 'wp-simple-firewall' );
|
115 |
+
$aSummary = [
|
116 |
+
__( 'Receive regular reports from the plugin summarising important events.', 'wp-simple-firewall' ),
|
117 |
+
sprintf( 'Your reporting email address is: %s', '<code>'.$this->getMod()->getPluginReportEmail().'</code>' )
|
118 |
+
.' '.
|
119 |
+
sprintf( '<br/><a href="%s" class="font-weight-bolder">%s</a>',
|
120 |
+
$this->getCon()->getModule_Plugin()
|
121 |
+
->getUrl_DirectLinkToOption( 'block_send_email_address' ),
|
122 |
+
__( 'Update reporting email address', 'wp-simple-firewall' )
|
123 |
+
),
|
124 |
+
sprintf( '%s - %s', __( 'Purpose', 'wp-simple-firewall' ), __( 'Choose the most appropriate frequency to receive alerts from Shield according to your schedule.', 'wp-simple-firewall' ) ),
|
125 |
+
];
|
126 |
+
break;
|
127 |
+
|
128 |
+
default:
|
129 |
+
return parent::getSectionStrings( $sSectionSlug );
|
130 |
+
}
|
131 |
+
|
132 |
+
return [
|
133 |
+
'title' => $sTitle,
|
134 |
+
'title_short' => $sTitleShort,
|
135 |
+
'summary' => ( isset( $aSummary ) && is_array( $aSummary ) ) ? $aSummary : [],
|
136 |
+
];
|
137 |
+
}
|
138 |
+
}
|
src/lib/src/Modules/SecurityAdmin/Lib/Actions/RemoveSecAdmin.php
CHANGED
@@ -25,7 +25,7 @@ class RemoveSecAdmin {
|
|
25 |
public function sendConfirmationEmail() {
|
26 |
/** @var \ICWP_WPSF_FeatureHandler_AdminAccessRestriction $oMod */
|
27 |
$oMod = $this->getMod();
|
28 |
-
$sEmail = $oMod->
|
29 |
if ( !Services::Data()->validEmail( $sEmail ) ) {
|
30 |
$sEmail = Services::WpGeneral()->getSiteAdminEmail();
|
31 |
}
|
@@ -55,7 +55,7 @@ class RemoveSecAdmin {
|
|
55 |
}
|
56 |
|
57 |
private function sendNotificationEmail() {
|
58 |
-
$sEmail = $this->getMod()->
|
59 |
if ( !Services::Data()->validEmail( $sEmail ) ) {
|
60 |
$sEmail = Services::WpGeneral()->getSiteAdminEmail();
|
61 |
}
|
25 |
public function sendConfirmationEmail() {
|
26 |
/** @var \ICWP_WPSF_FeatureHandler_AdminAccessRestriction $oMod */
|
27 |
$oMod = $this->getMod();
|
28 |
+
$sEmail = $oMod->getPluginReportEmail();
|
29 |
if ( !Services::Data()->validEmail( $sEmail ) ) {
|
30 |
$sEmail = Services::WpGeneral()->getSiteAdminEmail();
|
31 |
}
|
55 |
}
|
56 |
|
57 |
private function sendNotificationEmail() {
|
58 |
+
$sEmail = $this->getMod()->getPluginReportEmail();
|
59 |
if ( !Services::Data()->validEmail( $sEmail ) ) {
|
60 |
$sEmail = Services::WpGeneral()->getSiteAdminEmail();
|
61 |
}
|
src/lib/src/Modules/Traffic/Lib/Logger.php
CHANGED
@@ -27,8 +27,8 @@ class Logger {
|
|
27 |
* @return bool
|
28 |
*/
|
29 |
private function isRequestToBeLogged() {
|
30 |
-
return
|
31 |
-
&&
|
32 |
&& ( !$this->isCustomExcluded() )
|
33 |
&& ( !$this->isRequestTypeExcluded() );
|
34 |
}
|
@@ -120,7 +120,7 @@ class Logger {
|
|
120 |
|
121 |
$oEntry->rid = $this->getCon()->getShortRequestId();
|
122 |
$oEntry->uid = Services::WpUsers()->getCurrentWpUserId();
|
123 |
-
$oEntry->ip =
|
124 |
$oEntry->verb = $oReq->getMethod();
|
125 |
$oEntry->path = $sLeadingPath.$oReq->getPath().( empty( $_GET ) ? '' : '?'.http_build_query( $_GET ) );
|
126 |
$oEntry->code = http_response_code();
|
27 |
* @return bool
|
28 |
*/
|
29 |
private function isRequestToBeLogged() {
|
30 |
+
return !$this->getCon()->plugin_deleting
|
31 |
+
&& apply_filters( $this->getCon()->prefix( 'is_log_traffic' ), true )
|
32 |
&& ( !$this->isCustomExcluded() )
|
33 |
&& ( !$this->isRequestTypeExcluded() );
|
34 |
}
|
120 |
|
121 |
$oEntry->rid = $this->getCon()->getShortRequestId();
|
122 |
$oEntry->uid = Services::WpUsers()->getCurrentWpUserId();
|
123 |
+
$oEntry->ip = Services::IP()->getRequestIp();
|
124 |
$oEntry->verb = $oReq->getMethod();
|
125 |
$oEntry->path = $sLeadingPath.$oReq->getPath().( empty( $_GET ) ? '' : '?'.http_build_query( $_GET ) );
|
126 |
$oEntry->code = http_response_code();
|
src/lib/src/Modules/Traffic/Strings.php
CHANGED
@@ -145,21 +145,6 @@ class Strings extends Base\Strings {
|
|
145 |
.'<br/>'.__( 'Use a smaller interval to reduce the risk of blocking legitimate visitors.', 'wp-simple-firewall' );
|
146 |
break;
|
147 |
|
148 |
-
case 'auto_disable' :
|
149 |
-
$sName = __( 'Auto Disable', 'wp-simple-firewall' );
|
150 |
-
$sSummary = __( 'Auto Disable Traffic Logging After 1 Week', 'wp-simple-firewall' );
|
151 |
-
|
152 |
-
if ( $oMod->isAutoDisable() ) {
|
153 |
-
$sTimestamp = '<br/>'.sprintf( __( 'Auto Disable At: %s', 'wp-simple-firewall' ), $oMod->getAutoDisableTimestamp() );
|
154 |
-
}
|
155 |
-
else {
|
156 |
-
$sTimestamp = '';
|
157 |
-
}
|
158 |
-
$sDescription = __( 'Turn on to prevent unnecessary long-term traffic logging.', 'wp-simple-firewall' )
|
159 |
-
.'<br />'.__( 'Timer resets after options save.', 'wp-simple-firewall' )
|
160 |
-
.$sTimestamp;
|
161 |
-
break;
|
162 |
-
|
163 |
default:
|
164 |
return parent::getOptionStrings( $sOptKey );
|
165 |
}
|
145 |
.'<br/>'.__( 'Use a smaller interval to reduce the risk of blocking legitimate visitors.', 'wp-simple-firewall' );
|
146 |
break;
|
147 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
148 |
default:
|
149 |
return parent::getOptionStrings( $sOptKey );
|
150 |
}
|
src/lib/src/Modules/UserManagement/Lib/Registration/EmailValidate.php
CHANGED
@@ -72,7 +72,7 @@ class EmailValidate {
|
|
72 |
);
|
73 |
|
74 |
if ( $sOpt == 'block' ) {
|
75 |
-
wp_die( 'Attempted user registration with invalid email
|
76 |
}
|
77 |
}
|
78 |
}
|
72 |
);
|
73 |
|
74 |
if ( $sOpt == 'block' ) {
|
75 |
+
wp_die( 'Attempted user registration with invalid email address has been blocked.' );
|
76 |
}
|
77 |
}
|
78 |
}
|
src/lib/src/Modules/UserManagement/Options.php
CHANGED
@@ -6,6 +6,16 @@ use FernleafSystems\Wordpress\Plugin\Shield\Modules\Base;
|
|
6 |
|
7 |
class Options extends Base\ShieldOptions {
|
8 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
9 |
/**
|
10 |
* @return array
|
11 |
*/
|
6 |
|
7 |
class Options extends Base\ShieldOptions {
|
8 |
|
9 |
+
/**
|
10 |
+
* @return array
|
11 |
+
*/
|
12 |
+
public function getSuspendHardUserIds() {
|
13 |
+
$aIds = $this->getOpt( 'hard_suspended_userids', [] );
|
14 |
+
return is_array( $aIds ) ? array_filter( $aIds, function ( $nTime ) {
|
15 |
+
return is_int( $nTime ) && $nTime > 0;
|
16 |
+
} ) : [];
|
17 |
+
}
|
18 |
+
|
19 |
/**
|
20 |
* @return array
|
21 |
*/
|
src/lib/src/Scans/Base/BaseBuildScanAction.php
CHANGED
@@ -14,7 +14,6 @@ abstract class BaseBuildScanAction {
|
|
14 |
* @throws \Exception
|
15 |
*/
|
16 |
public function build() {
|
17 |
-
/** @var BaseScanActionVO $oAction */
|
18 |
$oAction = $this->getScanActionVO();
|
19 |
if ( !$oAction instanceof BaseScanActionVO ) {
|
20 |
throw new \Exception( 'Scan Action VO not provided.' );
|
@@ -32,30 +31,26 @@ abstract class BaseBuildScanAction {
|
|
32 |
* @throws \Exception
|
33 |
*/
|
34 |
protected function buildScanItems() {
|
35 |
-
/** @var BaseScanActionVO $oAction */
|
36 |
$oAction = $this->getScanActionVO();
|
37 |
$this->buildItems();
|
38 |
$oAction->total_items = count( $oAction->items );
|
39 |
}
|
40 |
|
41 |
-
/**
|
42 |
-
*/
|
43 |
abstract protected function buildItems();
|
44 |
|
45 |
-
/**
|
46 |
-
*/
|
47 |
protected function setStandardFields() {
|
48 |
-
/** @var BaseScanActionVO $oAction */
|
49 |
$oAction = $this->getScanActionVO();
|
50 |
if ( empty( $oAction->created_at ) ) {
|
51 |
$oAction->created_at = Services::Request()->ts();
|
52 |
$oAction->started_at = 0;
|
53 |
$oAction->finished_at = 0;
|
|
|
|
|
|
|
|
|
54 |
}
|
55 |
}
|
56 |
|
57 |
-
/**
|
58 |
-
*/
|
59 |
protected function setCustomFields() {
|
60 |
}
|
61 |
}
|
14 |
* @throws \Exception
|
15 |
*/
|
16 |
public function build() {
|
|
|
17 |
$oAction = $this->getScanActionVO();
|
18 |
if ( !$oAction instanceof BaseScanActionVO ) {
|
19 |
throw new \Exception( 'Scan Action VO not provided.' );
|
31 |
* @throws \Exception
|
32 |
*/
|
33 |
protected function buildScanItems() {
|
|
|
34 |
$oAction = $this->getScanActionVO();
|
35 |
$this->buildItems();
|
36 |
$oAction->total_items = count( $oAction->items );
|
37 |
}
|
38 |
|
|
|
|
|
39 |
abstract protected function buildItems();
|
40 |
|
|
|
|
|
41 |
protected function setStandardFields() {
|
|
|
42 |
$oAction = $this->getScanActionVO();
|
43 |
if ( empty( $oAction->created_at ) ) {
|
44 |
$oAction->created_at = Services::Request()->ts();
|
45 |
$oAction->started_at = 0;
|
46 |
$oAction->finished_at = 0;
|
47 |
+
$oAction->usleep = (int)( 1000000*max( 0, apply_filters(
|
48 |
+
$this->getCon()->prefix( 'scan_block_sleep' ),
|
49 |
+
$oAction::DEFAULT_SLEEP_SECONDS, $oAction->scan
|
50 |
+
) ) );
|
51 |
}
|
52 |
}
|
53 |
|
|
|
|
|
54 |
protected function setCustomFields() {
|
55 |
}
|
56 |
}
|
src/lib/src/Scans/Base/BaseResultItem.php
CHANGED
@@ -10,6 +10,7 @@ use FernleafSystems\Utilities\Data\Adapter\StdClassAdapter;
|
|
10 |
* @property string $hash
|
11 |
* @property bool $is_excluded
|
12 |
* @property string $scan
|
|
|
13 |
*/
|
14 |
class BaseResultItem {
|
15 |
|
10 |
* @property string $hash
|
11 |
* @property bool $is_excluded
|
12 |
* @property string $scan
|
13 |
+
* @property bool $repaired
|
14 |
*/
|
15 |
class BaseResultItem {
|
16 |
|
src/lib/src/Scans/Base/BaseResultsSet.php
CHANGED
@@ -66,7 +66,6 @@ class BaseResultsSet {
|
|
66 |
return array_values( array_filter(
|
67 |
$this->getAllItems(),
|
68 |
function ( $oItem ) {
|
69 |
-
/** @var BaseResultItem $oItem */
|
70 |
return $oItem->is_excluded;
|
71 |
}
|
72 |
) );
|
@@ -80,7 +79,6 @@ class BaseResultsSet {
|
|
80 |
return array_values( array_filter(
|
81 |
$this->getAllItems(),
|
82 |
function ( $oItem ) {
|
83 |
-
/** @var BaseResultItem $oItem */
|
84 |
return !$this->isFilterExcludedItems() || !$oItem->is_excluded;
|
85 |
}
|
86 |
) );
|
@@ -107,11 +105,19 @@ class BaseResultsSet {
|
|
107 |
return (bool)$this->bFilterExcluded;
|
108 |
}
|
109 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
110 |
/**
|
111 |
* @param string $sHash
|
112 |
* @return $this
|
113 |
*/
|
114 |
-
public function
|
115 |
if ( $this->getItemExists( $sHash ) ) {
|
116 |
$aItems = $this->getAllItems();
|
117 |
unset( $aItems[ $sHash ] );
|
66 |
return array_values( array_filter(
|
67 |
$this->getAllItems(),
|
68 |
function ( $oItem ) {
|
|
|
69 |
return $oItem->is_excluded;
|
70 |
}
|
71 |
) );
|
79 |
return array_values( array_filter(
|
80 |
$this->getAllItems(),
|
81 |
function ( $oItem ) {
|
|
|
82 |
return !$this->isFilterExcludedItems() || !$oItem->is_excluded;
|
83 |
}
|
84 |
) );
|
105 |
return (bool)$this->bFilterExcluded;
|
106 |
}
|
107 |
|
108 |
+
/**
|
109 |
+
* @param BaseResultItem $oItem
|
110 |
+
* @return $this
|
111 |
+
*/
|
112 |
+
public function removeItem( $oItem ) {
|
113 |
+
return $this->removeItemByHash( $oItem->hash );
|
114 |
+
}
|
115 |
+
|
116 |
/**
|
117 |
* @param string $sHash
|
118 |
* @return $this
|
119 |
*/
|
120 |
+
public function removeItemByHash( $sHash ) {
|
121 |
if ( $this->getItemExists( $sHash ) ) {
|
122 |
$aItems = $this->getAllItems();
|
123 |
unset( $aItems[ $sHash ] );
|
src/lib/src/Scans/Base/BaseScan.php
CHANGED
@@ -35,7 +35,6 @@ abstract class BaseScan {
|
|
35 |
}
|
36 |
|
37 |
protected function scan() {
|
38 |
-
/** @var BaseScanActionVO $oAction */
|
39 |
$oAction = $this->getScanActionVO();
|
40 |
|
41 |
if ( empty( $oAction->items ) ) {
|
35 |
}
|
36 |
|
37 |
protected function scan() {
|
|
|
38 |
$oAction = $this->getScanActionVO();
|
39 |
|
40 |
if ( empty( $oAction->items ) ) {
|
src/lib/src/Scans/Base/BaseScanActionVO.php
CHANGED
@@ -16,11 +16,14 @@ use FernleafSystems\Wordpress\Plugin\Shield\Scans\Base\Table\BaseEntryFormatter;
|
|
16 |
* @property int $total_items
|
17 |
* @property string[] $items
|
18 |
* @property array[] $results
|
|
|
19 |
*/
|
20 |
abstract class BaseScanActionVO {
|
21 |
|
22 |
use StdClassAdapter;
|
|
|
23 |
const QUEUE_GROUP_SIZE_LIMIT = 1;
|
|
|
24 |
|
25 |
/**
|
26 |
* @return BaseResultItem|mixed
|
16 |
* @property int $total_items
|
17 |
* @property string[] $items
|
18 |
* @property array[] $results
|
19 |
+
* @property int $usleep
|
20 |
*/
|
21 |
abstract class BaseScanActionVO {
|
22 |
|
23 |
use StdClassAdapter;
|
24 |
+
|
25 |
const QUEUE_GROUP_SIZE_LIMIT = 1;
|
26 |
+
const DEFAULT_SLEEP_SECONDS = 0;
|
27 |
|
28 |
/**
|
29 |
* @return BaseResultItem|mixed
|
src/lib/src/Scans/Base/DiffResultForStorage.php
CHANGED
@@ -25,7 +25,7 @@ class DiffResultForStorage {
|
|
25 |
// 1 Remove items in EXISTING that are not in NEW
|
26 |
foreach ( $oExistingRes->getAllItems() as $oExistItem ) {
|
27 |
if ( !$oNewResults->getItemExists( $oExistItem->hash ) ) {
|
28 |
-
$oExistingRes->
|
29 |
$oToDelete->addItem( $oExistItem );
|
30 |
}
|
31 |
}
|
@@ -34,7 +34,7 @@ class DiffResultForStorage {
|
|
34 |
foreach ( $oNewResults->getAllItems() as $oNewItem ) {
|
35 |
if ( $oExistingRes->getItemExists( $oNewItem->hash ) ) {
|
36 |
$oMerger->mergeItemTo( $oExistingRes->getItemByHash( $oNewItem->hash ), $oNewItem );
|
37 |
-
$oNewResults->
|
38 |
}
|
39 |
}
|
40 |
|
25 |
// 1 Remove items in EXISTING that are not in NEW
|
26 |
foreach ( $oExistingRes->getAllItems() as $oExistItem ) {
|
27 |
if ( !$oNewResults->getItemExists( $oExistItem->hash ) ) {
|
28 |
+
$oExistingRes->removeItemByHash( $oExistItem->hash );
|
29 |
$oToDelete->addItem( $oExistItem );
|
30 |
}
|
31 |
}
|
34 |
foreach ( $oNewResults->getAllItems() as $oNewItem ) {
|
35 |
if ( $oExistingRes->getItemExists( $oNewItem->hash ) ) {
|
36 |
$oMerger->mergeItemTo( $oExistingRes->getItemByHash( $oNewItem->hash ), $oNewItem );
|
37 |
+
$oNewResults->removeItemByHash( $oNewItem->hash );
|
38 |
}
|
39 |
}
|
40 |
|
src/lib/src/Scans/Base/Files/BaseScanFromFileMap.php
CHANGED
@@ -18,7 +18,6 @@ abstract class BaseScanFromFileMap {
|
|
18 |
* @return Scans\Base\BaseResultsSet
|
19 |
*/
|
20 |
public function run() {
|
21 |
-
/** @var Scans\Base\BaseScanActionVO $oAction */
|
22 |
$oAction = $this->getScanActionVO();
|
23 |
$oResultSet = $oAction->getNewResultsSet();
|
24 |
|
18 |
* @return Scans\Base\BaseResultsSet
|
19 |
*/
|
20 |
public function run() {
|
|
|
21 |
$oAction = $this->getScanActionVO();
|
22 |
$oResultSet = $oAction->getNewResultsSet();
|
23 |
|
src/lib/src/Scans/Base/Table/BaseEntryFormatter.php
CHANGED
@@ -52,7 +52,7 @@ abstract class BaseEntryFormatter {
|
|
52 |
'download' => [
|
53 |
'text' => __( 'Download', 'wp-simple-firewall' ),
|
54 |
'classes' => [ 'href-download', 'text-info' ],
|
55 |
-
'data' => [ 'href-download' => $this->
|
56 |
],
|
57 |
];
|
58 |
}
|
52 |
'download' => [
|
53 |
'text' => __( 'Download', 'wp-simple-firewall' ),
|
54 |
'classes' => [ 'href-download', 'text-info' ],
|
55 |
+
'data' => [ 'href-download' => $this->getScanController()->createFileDownloadLink( $this->getEntryVO() ) ]
|
56 |
],
|
57 |
];
|
58 |
}
|
src/lib/src/Scans/Base/Table/BaseFileEntryFormatter.php
CHANGED
@@ -66,7 +66,7 @@ abstract class BaseFileEntryFormatter extends BaseEntryFormatter {
|
|
66 |
'download' => [
|
67 |
'text' => sprintf( __( 'Download %s', 'wp-simple-firewall' ), __( 'File', 'wp-simple-firewall' ) ),
|
68 |
'classes' => [ 'href-download', 'text-info' ],
|
69 |
-
'data' => [ 'href-download' => $this->
|
70 |
],
|
71 |
];
|
72 |
}
|
66 |
'download' => [
|
67 |
'text' => sprintf( __( 'Download %s', 'wp-simple-firewall' ), __( 'File', 'wp-simple-firewall' ) ),
|
68 |
'classes' => [ 'href-download', 'text-info' ],
|
69 |
+
'data' => [ 'href-download' => $this->getScanController()->createFileDownloadLink( $this->getEntryVO() ) ]
|
70 |
],
|
71 |
];
|
72 |
}
|
src/lib/src/Scans/Base/Utilities/BaseRepair.php
CHANGED
@@ -2,9 +2,6 @@
|
|
2 |
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Scans\Base\Utilities;
|
4 |
|
5 |
-
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
-
use FernleafSystems\Wordpress\Plugin\Shield\Scans\Base\BaseResultItem;
|
7 |
-
use FernleafSystems\Wordpress\Plugin\Shield\Scans\Base\BaseResultsSet;
|
8 |
use FernleafSystems\Wordpress\Plugin\Shield\Scans\Common\ScanItemConsumer;
|
9 |
|
10 |
/**
|
@@ -20,11 +17,6 @@ abstract class BaseRepair {
|
|
20 |
*/
|
21 |
private $bAllowDelete = false;
|
22 |
|
23 |
-
/**
|
24 |
-
* @var bool
|
25 |
-
*/
|
26 |
-
private $bIsManualAction = false;
|
27 |
-
|
28 |
/**
|
29 |
* @return bool
|
30 |
*/
|
@@ -32,13 +24,6 @@ abstract class BaseRepair {
|
|
32 |
return (bool)$this->bAllowDelete;
|
33 |
}
|
34 |
|
35 |
-
/**
|
36 |
-
* @return bool
|
37 |
-
*/
|
38 |
-
public function isManualAction() {
|
39 |
-
return (bool)$this->bIsManualAction;
|
40 |
-
}
|
41 |
-
|
42 |
/**
|
43 |
* @param bool $bAllowDelete
|
44 |
* @return $this
|
@@ -48,30 +33,6 @@ abstract class BaseRepair {
|
|
48 |
return $this;
|
49 |
}
|
50 |
|
51 |
-
/**
|
52 |
-
* @param bool $bManual
|
53 |
-
* @return $this
|
54 |
-
*/
|
55 |
-
public function setIsManualAction( $bManual ) {
|
56 |
-
$this->bIsManualAction = $bManual;
|
57 |
-
return $this;
|
58 |
-
}
|
59 |
-
|
60 |
-
/**
|
61 |
-
* @param BaseResultsSet $oResults
|
62 |
-
*/
|
63 |
-
public function repairResultsSet( $oResults ) {
|
64 |
-
foreach ( $oResults->getItems() as $oItem ) {
|
65 |
-
try {
|
66 |
-
/** @var BaseResultItem $oItem */
|
67 |
-
$this->setScanItem( $oItem )
|
68 |
-
->repairItem();
|
69 |
-
}
|
70 |
-
catch ( \Exception $oE ) {
|
71 |
-
}
|
72 |
-
}
|
73 |
-
}
|
74 |
-
|
75 |
/**
|
76 |
* @return bool
|
77 |
* @throws \Exception
|
2 |
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Scans\Base\Utilities;
|
4 |
|
|
|
|
|
|
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Scans\Common\ScanItemConsumer;
|
6 |
|
7 |
/**
|
17 |
*/
|
18 |
private $bAllowDelete = false;
|
19 |
|
|
|
|
|
|
|
|
|
|
|
20 |
/**
|
21 |
* @return bool
|
22 |
*/
|
24 |
return (bool)$this->bAllowDelete;
|
25 |
}
|
26 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
27 |
/**
|
28 |
* @param bool $bAllowDelete
|
29 |
* @return $this
|
33 |
return $this;
|
34 |
}
|
35 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
36 |
/**
|
37 |
* @return bool
|
38 |
* @throws \Exception
|
src/lib/src/Scans/Base/Utilities/ItemActionHandler.php
CHANGED
@@ -2,7 +2,6 @@
|
|
2 |
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Scans\Base\Utilities;
|
4 |
|
5 |
-
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Base\HandlerConsumer;
|
6 |
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Scanner;
|
7 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Scan\Controller\ScanControllerConsumer;
|
8 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
@@ -12,7 +11,6 @@ abstract class ItemActionHandler {
|
|
12 |
|
13 |
use ModConsumer;
|
14 |
use ScanItemConsumer;
|
15 |
-
use HandlerConsumer;
|
16 |
use ScanControllerConsumer;
|
17 |
|
18 |
/**
|
@@ -62,8 +60,10 @@ abstract class ItemActionHandler {
|
|
62 |
throw new \Exception( 'Item could not be found to ignore.' );
|
63 |
}
|
64 |
|
|
|
|
|
65 |
/** @var Scanner\Update $oUp */
|
66 |
-
$oUp = $
|
67 |
if ( !$oUp->setIgnored( $oEntry ) ) {
|
68 |
throw new \Exception( 'Item could not be ignored at this time.' );
|
69 |
}
|
@@ -80,17 +80,32 @@ abstract class ItemActionHandler {
|
|
80 |
if ( !$oRep->canRepair() ) {
|
81 |
throw new \Exception( 'This item cannot be automatically repaired.' );
|
82 |
}
|
83 |
-
|
84 |
-
$this->
|
85 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
86 |
}
|
87 |
|
88 |
/**
|
89 |
* @return Scanner\EntryVO|null
|
90 |
*/
|
91 |
protected function getEntryVO() {
|
|
|
|
|
92 |
/** @var Scanner\Select $oSel */
|
93 |
-
$oSel = $
|
94 |
return $oSel->filterByHash( $this->getScanItem()->hash )
|
95 |
->filterByScan( $this->getScanController()->getSlug() )
|
96 |
->first();
|
2 |
|
3 |
namespace FernleafSystems\Wordpress\Plugin\Shield\Scans\Base\Utilities;
|
4 |
|
|
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Databases\Scanner;
|
6 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard\Scan\Controller\ScanControllerConsumer;
|
7 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
11 |
|
12 |
use ModConsumer;
|
13 |
use ScanItemConsumer;
|
|
|
14 |
use ScanControllerConsumer;
|
15 |
|
16 |
/**
|
60 |
throw new \Exception( 'Item could not be found to ignore.' );
|
61 |
}
|
62 |
|
63 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
64 |
+
$oMod = $this->getMod();
|
65 |
/** @var Scanner\Update $oUp */
|
66 |
+
$oUp = $oMod->getDbHandler_ScanResults()->getQueryUpdater();
|
67 |
if ( !$oUp->setIgnored( $oEntry ) ) {
|
68 |
throw new \Exception( 'Item could not be ignored at this time.' );
|
69 |
}
|
80 |
if ( !$oRep->canRepair() ) {
|
81 |
throw new \Exception( 'This item cannot be automatically repaired.' );
|
82 |
}
|
83 |
+
|
84 |
+
$oItem = $this->getScanItem();
|
85 |
+
$oItem->repaired = $oRep->repairItem();
|
86 |
+
$this->fireRepairEvent( $oItem->repaired );
|
87 |
+
|
88 |
+
if ( $oItem->repaired ) {
|
89 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
90 |
+
$oMod = $this->getMod();
|
91 |
+
/** @var Scanner\Delete $oDel */
|
92 |
+
$oDel = $oMod->getDbHandler_ScanResults()->getQueryDeleter();
|
93 |
+
$oDel->filterByHash( $oItem->hash )
|
94 |
+
->filterByScan( $oItem->scan )
|
95 |
+
->query();
|
96 |
+
}
|
97 |
+
|
98 |
+
return $oItem->repaired;
|
99 |
}
|
100 |
|
101 |
/**
|
102 |
* @return Scanner\EntryVO|null
|
103 |
*/
|
104 |
protected function getEntryVO() {
|
105 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
106 |
+
$oMod = $this->getMod();
|
107 |
/** @var Scanner\Select $oSel */
|
108 |
+
$oSel = $oMod->getDbHandler_ScanResults()->getQuerySelector();
|
109 |
return $oSel->filterByHash( $this->getScanItem()->hash )
|
110 |
->filterByScan( $this->getScanController()->getSlug() )
|
111 |
->first();
|
src/lib/src/Scans/Helpers/CopyResultsSets.php
CHANGED
@@ -5,7 +5,7 @@ namespace FernleafSystems\Wordpress\Plugin\Shield\Scans\Helpers;
|
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Scans\Base\BaseResultsSet;
|
6 |
|
7 |
/**
|
8 |
-
* Class
|
9 |
* @package FernleafSystems\Wordpress\Plugin\Shield\Scans\Helpers
|
10 |
*/
|
11 |
class CopyResultsSets {
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Scans\Base\BaseResultsSet;
|
6 |
|
7 |
/**
|
8 |
+
* Class CopyResultsSets
|
9 |
* @package FernleafSystems\Wordpress\Plugin\Shield\Scans\Helpers
|
10 |
*/
|
11 |
class CopyResultsSets {
|
src/lib/src/Scans/Mal/FileScanner.php
CHANGED
@@ -76,6 +76,7 @@ class FileScanner extends Shield\Scans\Base\Files\BaseFileScanner {
|
|
76 |
$oReporter->reportPath( $sFullPath, true );
|
77 |
}
|
78 |
else {
|
|
|
79 |
$oAction = $this->getScanActionVO();
|
80 |
|
81 |
if ( $oAction->confidence_threshold > 0 ) {
|
@@ -183,7 +184,7 @@ class FileScanner extends Shield\Scans\Base\Files\BaseFileScanner {
|
|
183 |
}
|
184 |
catch ( \Exception $oE ) {
|
185 |
}
|
186 |
-
|
187 |
return $bIsValidFile;
|
188 |
}
|
189 |
|
76 |
$oReporter->reportPath( $sFullPath, true );
|
77 |
}
|
78 |
else {
|
79 |
+
/** @var ScanActionVO $oAction */
|
80 |
$oAction = $this->getScanActionVO();
|
81 |
|
82 |
if ( $oAction->confidence_threshold > 0 ) {
|
184 |
}
|
185 |
catch ( \Exception $oE ) {
|
186 |
}
|
187 |
+
|
188 |
return $bIsValidFile;
|
189 |
}
|
190 |
|
src/lib/src/Scans/Mal/ScanActionVO.php
CHANGED
@@ -17,4 +17,5 @@ use FernleafSystems\Wordpress\Plugin\Shield\Scans\Base\BaseScanActionVO;
|
|
17 |
class ScanActionVO extends BaseScanActionVO {
|
18 |
|
19 |
const QUEUE_GROUP_SIZE_LIMIT = 50;
|
|
|
20 |
}
|
17 |
class ScanActionVO extends BaseScanActionVO {
|
18 |
|
19 |
const QUEUE_GROUP_SIZE_LIMIT = 50;
|
20 |
+
const DEFAULT_SLEEP_SECONDS = 1;
|
21 |
}
|
src/lib/src/Scans/Mal/Table/EntryFormatter.php
CHANGED
@@ -14,7 +14,7 @@ class EntryFormatter extends BaseFileEntryFormatter {
|
|
14 |
public function format() {
|
15 |
$aE = $this->getBaseData();
|
16 |
$aE[ 'status' ] = __( 'Potential Malware Detected', 'wp-simple-firewall' );
|
17 |
-
if ( !
|
18 |
$aE[ 'explanation' ][] = __( 'Repair Unavailable', 'wp-simple-firewall' );
|
19 |
}
|
20 |
|
@@ -44,9 +44,9 @@ class EntryFormatter extends BaseFileEntryFormatter {
|
|
44 |
$oOpts = $this->getOptions();
|
45 |
if ( $oOpts->isMalUseNetworkIntelligence() ) {
|
46 |
$aExpl[] = sprintf( '%s: %s/100 [%s]',
|
47 |
-
__( 'False Positive
|
48 |
sprintf( '<strong>%s</strong>', (int)$oIt->fp_confidence ),
|
49 |
-
sprintf( '<a href="%s" target="_blank">%s
|
50 |
);
|
51 |
}
|
52 |
|
14 |
public function format() {
|
15 |
$aE = $this->getBaseData();
|
16 |
$aE[ 'status' ] = __( 'Potential Malware Detected', 'wp-simple-firewall' );
|
17 |
+
if ( !array_key_exists( 'repair', $aE[ 'actions' ] ) ) {
|
18 |
$aE[ 'explanation' ][] = __( 'Repair Unavailable', 'wp-simple-firewall' );
|
19 |
}
|
20 |
|
44 |
$oOpts = $this->getOptions();
|
45 |
if ( $oOpts->isMalUseNetworkIntelligence() ) {
|
46 |
$aExpl[] = sprintf( '%s: %s/100 [%s]',
|
47 |
+
__( 'Likelihood That This Is A False Positive' ),
|
48 |
sprintf( '<strong>%s</strong>', (int)$oIt->fp_confidence ),
|
49 |
+
sprintf( '<a href="%s" target="_blank">%s</a>', 'https://shsec.io/isthismalware', __( 'more info', 'wp-simple-firewall' ) )
|
50 |
);
|
51 |
}
|
52 |
|
src/lib/src/Scans/Mal/Utilities/ItemActionHandler.php
CHANGED
@@ -7,17 +7,6 @@ use FernleafSystems\Wordpress\Plugin\Shield\Scans\Mal;
|
|
7 |
|
8 |
class ItemActionHandler extends Base\Utilities\ItemActionHandler {
|
9 |
|
10 |
-
/**
|
11 |
-
* @return bool
|
12 |
-
* @throws \Exception
|
13 |
-
*/
|
14 |
-
public function delete() {
|
15 |
-
return $this->getRepairer()
|
16 |
-
->setIsManualAction( true )
|
17 |
-
->setAllowDelete( true )
|
18 |
-
->repairItem();
|
19 |
-
}
|
20 |
-
|
21 |
/**
|
22 |
* @return bool
|
23 |
* @throws \Exception
|
@@ -32,17 +21,6 @@ class ItemActionHandler extends Base\Utilities\ItemActionHandler {
|
|
32 |
return true;
|
33 |
}
|
34 |
|
35 |
-
/**
|
36 |
-
* @return bool
|
37 |
-
* @throws \Exception
|
38 |
-
*/
|
39 |
-
public function repair() {
|
40 |
-
return $this->getRepairer()
|
41 |
-
->setIsManualAction( true )
|
42 |
-
->setAllowDelete( false )
|
43 |
-
->repairItem();
|
44 |
-
}
|
45 |
-
|
46 |
/**
|
47 |
* @return Repair
|
48 |
*/
|
@@ -60,7 +38,7 @@ class ItemActionHandler extends Base\Utilities\ItemActionHandler {
|
|
60 |
$oItem = $this->getScanItem();
|
61 |
$this->getCon()->fireEvent(
|
62 |
$this->getScanController()->getSlug().'_item_repair_'.( $bSuccess ? 'success' : 'fail' ),
|
63 |
-
[ 'audit' => [ 'fragment' => $oItem->
|
64 |
);
|
65 |
}
|
66 |
}
|
7 |
|
8 |
class ItemActionHandler extends Base\Utilities\ItemActionHandler {
|
9 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
10 |
/**
|
11 |
* @return bool
|
12 |
* @throws \Exception
|
21 |
return true;
|
22 |
}
|
23 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
24 |
/**
|
25 |
* @return Repair
|
26 |
*/
|
38 |
$oItem = $this->getScanItem();
|
39 |
$this->getCon()->fireEvent(
|
40 |
$this->getScanController()->getSlug().'_item_repair_'.( $bSuccess ? 'success' : 'fail' ),
|
41 |
+
[ 'audit' => [ 'fragment' => $oItem->path_full ] ]
|
42 |
);
|
43 |
}
|
44 |
}
|
src/lib/src/Scans/Mal/Utilities/Repair.php
CHANGED
@@ -25,22 +25,14 @@ class Repair extends Shield\Scans\Base\Utilities\BaseRepair {
|
|
25 |
$oOpts = $this->getOptions();
|
26 |
$bSuccess = false;
|
27 |
|
28 |
-
// 2). Repair
|
29 |
try {
|
30 |
-
$
|
31 |
}
|
32 |
catch ( \Exception $e ) {
|
33 |
-
$
|
34 |
}
|
35 |
|
36 |
-
if ( $
|
37 |
-
// 1) Report the file as being malware.
|
38 |
-
( new Shield\Scans\Mal\Utilities\FalsePositiveReporter() )
|
39 |
-
->setMod( $this->getMod() )
|
40 |
-
->reportResultItem( $oItem, false );
|
41 |
-
}
|
42 |
-
|
43 |
-
if ( $bCanAutoRepair ) {
|
44 |
|
45 |
if ( Services\Services::CoreFileHashes()->isCoreFile( $oItem->path_fragment ) ) {
|
46 |
$bSuccess = $this->repairCoreItem( $oItem );
|
@@ -49,17 +41,13 @@ class Repair extends Shield\Scans\Base\Utilities\BaseRepair {
|
|
49 |
$oPlugin = ( new WpOrg\Plugin\Files() )->findPluginFromFile( $oItem->path_full );
|
50 |
if ( $oPlugin instanceof Services\Core\VOs\WpPluginVo && $oPlugin->isWpOrg() ) {
|
51 |
|
52 |
-
|
53 |
-
$bSuccess = $this->repairItemInPlugin( $oItem );
|
54 |
-
}
|
55 |
}
|
56 |
else {
|
57 |
$oTheme = ( new WpOrg\Theme\Files() )->findThemeFromFile( $oItem->path_full );
|
58 |
if ( $oTheme instanceof Services\Core\VOs\WpThemeVo && $oTheme->isWpOrg() ) {
|
59 |
|
60 |
-
|
61 |
-
$bSuccess = $this->repairItemInTheme( $oItem );
|
62 |
-
}
|
63 |
}
|
64 |
elseif ( $oOpts->isMalAutoRepairSurgical() ) {
|
65 |
$bSuccess = $this->repairSurgicalItem( $oItem );
|
@@ -71,6 +59,13 @@ class Repair extends Shield\Scans\Base\Utilities\BaseRepair {
|
|
71 |
$bSuccess = $this->repairItemByDelete( $oItem );
|
72 |
}
|
73 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
74 |
return $bSuccess;
|
75 |
}
|
76 |
|
@@ -110,9 +105,7 @@ class Repair extends Shield\Scans\Base\Utilities\BaseRepair {
|
|
110 |
)
|
111 |
);
|
112 |
}
|
113 |
-
if (
|
114 |
-
->setWorkingSlug( $oPlugin->slug )
|
115 |
-
->exists( $oPlugin->Version, true ) ) {
|
116 |
throw new \Exception( __( "Plugin developer doesn't use SVN tags for official releases.", 'wp-simple-firewall' ) );
|
117 |
}
|
118 |
|
@@ -145,6 +138,7 @@ class Repair extends Shield\Scans\Base\Utilities\BaseRepair {
|
|
145 |
}
|
146 |
}
|
147 |
}
|
|
|
148 |
return $bCanRepair;
|
149 |
}
|
150 |
|
@@ -187,19 +181,21 @@ class Repair extends Shield\Scans\Base\Utilities\BaseRepair {
|
|
187 |
* @return bool
|
188 |
*/
|
189 |
private function repairItemInPlugin( $oItem ) {
|
|
|
|
|
190 |
$oFiles = new WpOrg\Plugin\Files();
|
191 |
try {
|
192 |
if ( $oFiles->isValidFileFromPlugin( $oItem->path_full ) ) {
|
193 |
$bSuccess = $oFiles->replaceFileFromVcs( $oItem->path_full );
|
194 |
}
|
195 |
-
|
196 |
-
$bSuccess = Services\Services::WpFs()->deleteFile( $oItem->path_full );
|
197 |
}
|
198 |
}
|
199 |
catch ( \InvalidArgumentException $oE ) {
|
200 |
-
$bSuccess = false;
|
201 |
}
|
202 |
-
|
|
|
203 |
}
|
204 |
|
205 |
/**
|
@@ -207,18 +203,20 @@ class Repair extends Shield\Scans\Base\Utilities\BaseRepair {
|
|
207 |
* @return bool
|
208 |
*/
|
209 |
private function repairItemInTheme( $oItem ) {
|
|
|
|
|
210 |
$oFiles = new WpOrg\Theme\Files();
|
211 |
try {
|
212 |
if ( $oFiles->isValidFileFromTheme( $oItem->path_full ) ) {
|
213 |
$bSuccess = $oFiles->replaceFileFromVcs( $oItem->path_full );
|
214 |
}
|
215 |
-
|
216 |
-
$bSuccess = Services\Services::WpFs()->deleteFile( $oItem->path_full );
|
217 |
}
|
218 |
}
|
219 |
catch ( \InvalidArgumentException $oE ) {
|
220 |
-
$bSuccess = false;
|
221 |
}
|
222 |
-
|
|
|
223 |
}
|
224 |
}
|
25 |
$oOpts = $this->getOptions();
|
26 |
$bSuccess = false;
|
27 |
|
|
|
28 |
try {
|
29 |
+
$bCanRepair = $this->canRepair();
|
30 |
}
|
31 |
catch ( \Exception $e ) {
|
32 |
+
$bCanRepair = false;
|
33 |
}
|
34 |
|
35 |
+
if ( $bCanRepair ) {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
36 |
|
37 |
if ( Services\Services::CoreFileHashes()->isCoreFile( $oItem->path_fragment ) ) {
|
38 |
$bSuccess = $this->repairCoreItem( $oItem );
|
41 |
$oPlugin = ( new WpOrg\Plugin\Files() )->findPluginFromFile( $oItem->path_full );
|
42 |
if ( $oPlugin instanceof Services\Core\VOs\WpPluginVo && $oPlugin->isWpOrg() ) {
|
43 |
|
44 |
+
$bSuccess = $this->repairItemInPlugin( $oItem );
|
|
|
|
|
45 |
}
|
46 |
else {
|
47 |
$oTheme = ( new WpOrg\Theme\Files() )->findThemeFromFile( $oItem->path_full );
|
48 |
if ( $oTheme instanceof Services\Core\VOs\WpThemeVo && $oTheme->isWpOrg() ) {
|
49 |
|
50 |
+
$bSuccess = $this->repairItemInTheme( $oItem );
|
|
|
|
|
51 |
}
|
52 |
elseif ( $oOpts->isMalAutoRepairSurgical() ) {
|
53 |
$bSuccess = $this->repairSurgicalItem( $oItem );
|
59 |
$bSuccess = $this->repairItemByDelete( $oItem );
|
60 |
}
|
61 |
|
62 |
+
if ( $bSuccess ) {
|
63 |
+
// 1) Report the file as being malware.
|
64 |
+
( new Shield\Scans\Mal\Utilities\FalsePositiveReporter() )
|
65 |
+
->setMod( $this->getMod() )
|
66 |
+
->reportResultItem( $oItem, false );
|
67 |
+
}
|
68 |
+
|
69 |
return $bSuccess;
|
70 |
}
|
71 |
|
105 |
)
|
106 |
);
|
107 |
}
|
108 |
+
if ( !$oPlugin->svn_uses_tags ) {
|
|
|
|
|
109 |
throw new \Exception( __( "Plugin developer doesn't use SVN tags for official releases.", 'wp-simple-firewall' ) );
|
110 |
}
|
111 |
|
138 |
}
|
139 |
}
|
140 |
}
|
141 |
+
|
142 |
return $bCanRepair;
|
143 |
}
|
144 |
|
181 |
* @return bool
|
182 |
*/
|
183 |
private function repairItemInPlugin( $oItem ) {
|
184 |
+
$bSuccess = false;
|
185 |
+
|
186 |
$oFiles = new WpOrg\Plugin\Files();
|
187 |
try {
|
188 |
if ( $oFiles->isValidFileFromPlugin( $oItem->path_full ) ) {
|
189 |
$bSuccess = $oFiles->replaceFileFromVcs( $oItem->path_full );
|
190 |
}
|
191 |
+
elseif ( $this->isAllowDelete() ) {
|
192 |
+
$bSuccess = (bool)Services\Services::WpFs()->deleteFile( $oItem->path_full );
|
193 |
}
|
194 |
}
|
195 |
catch ( \InvalidArgumentException $oE ) {
|
|
|
196 |
}
|
197 |
+
|
198 |
+
return $bSuccess;
|
199 |
}
|
200 |
|
201 |
/**
|
203 |
* @return bool
|
204 |
*/
|
205 |
private function repairItemInTheme( $oItem ) {
|
206 |
+
$bSuccess = false;
|
207 |
+
|
208 |
$oFiles = new WpOrg\Theme\Files();
|
209 |
try {
|
210 |
if ( $oFiles->isValidFileFromTheme( $oItem->path_full ) ) {
|
211 |
$bSuccess = $oFiles->replaceFileFromVcs( $oItem->path_full );
|
212 |
}
|
213 |
+
elseif ( $this->isAllowDelete() ) {
|
214 |
+
$bSuccess = (bool)Services\Services::WpFs()->deleteFile( $oItem->path_full );
|
215 |
}
|
216 |
}
|
217 |
catch ( \InvalidArgumentException $oE ) {
|
|
|
218 |
}
|
219 |
+
|
220 |
+
return $bSuccess;
|
221 |
}
|
222 |
}
|
src/lib/src/Scans/Ptg/BuildFileMap.php
CHANGED
@@ -20,13 +20,10 @@ class BuildFileMap {
|
|
20 |
public function build() {
|
21 |
$aFiles = [];
|
22 |
|
23 |
-
/** @var ScanActionVO $oAction */
|
24 |
-
$oAction = $this->getScanActionVO();
|
25 |
-
|
26 |
$sAbsPath = wp_normalize_path( ABSPATH );
|
27 |
foreach ( $this->getScanRoots() as $sRootDir ) {
|
28 |
try {
|
29 |
-
$oDirIt = StandardDirectoryIterator::create( $sRootDir
|
30 |
foreach ( $oDirIt as $oFsItem ) {
|
31 |
/** @var \SplFileInfo $oFsItem */
|
32 |
if ( $oFsItem->getSize() != 0 ) {
|
20 |
public function build() {
|
21 |
$aFiles = [];
|
22 |
|
|
|
|
|
|
|
23 |
$sAbsPath = wp_normalize_path( ABSPATH );
|
24 |
foreach ( $this->getScanRoots() as $sRootDir ) {
|
25 |
try {
|
26 |
+
$oDirIt = StandardDirectoryIterator::create( $sRootDir );
|
27 |
foreach ( $oDirIt as $oFsItem ) {
|
28 |
/** @var \SplFileInfo $oFsItem */
|
29 |
if ( $oFsItem->getSize() != 0 ) {
|
src/lib/src/Scans/Ptg/BuildScanAction.php
CHANGED
@@ -13,12 +13,4 @@ class BuildScanAction extends Shield\Scans\Base\BaseBuildScanAction {
|
|
13 |
->setScanActionVO( $oAction )
|
14 |
->build();
|
15 |
}
|
16 |
-
|
17 |
-
protected function setCustomFields() {
|
18 |
-
/** @var ScanActionVO $oAction */
|
19 |
-
$oAction = $this->getScanActionVO();
|
20 |
-
/** @var Shield\Modules\HackGuard\Options $oOpts */
|
21 |
-
$oOpts = $this->getOptions();
|
22 |
-
$oAction->file_exts = $oOpts->getPtgFileExtensions();
|
23 |
-
}
|
24 |
}
|
13 |
->setScanActionVO( $oAction )
|
14 |
->build();
|
15 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
16 |
}
|
src/lib/src/Scans/Ptg/Utilities/ItemActionHandler.php
CHANGED
@@ -113,7 +113,7 @@ class ItemActionHandler extends Base\Utilities\ItemActionHandlerAssets {
|
|
113 |
$oItem = $this->getScanItem();
|
114 |
$this->getCon()->fireEvent(
|
115 |
$this->getScanController()->getSlug().'_item_repair_'.( $bSuccess ? 'success' : 'fail' ),
|
116 |
-
[ 'audit' => [ 'fragment' => $oItem->
|
117 |
);
|
118 |
}
|
119 |
}
|
113 |
$oItem = $this->getScanItem();
|
114 |
$this->getCon()->fireEvent(
|
115 |
$this->getScanController()->getSlug().'_item_repair_'.( $bSuccess ? 'success' : 'fail' ),
|
116 |
+
[ 'audit' => [ 'fragment' => $oItem->path_full ] ]
|
117 |
);
|
118 |
}
|
119 |
}
|
src/lib/src/Scans/Ptg/Utilities/Repair.php
CHANGED
@@ -21,12 +21,19 @@ class Repair extends Scans\Base\Utilities\BaseRepair {
|
|
21 |
public function repairItem() {
|
22 |
/** @var Ptg\ResultItem $oItem */
|
23 |
$oItem = $this->getScanItem();
|
24 |
-
|
25 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
26 |
}
|
27 |
else {
|
28 |
-
$bSuccess =
|
29 |
}
|
|
|
30 |
return $bSuccess;
|
31 |
}
|
32 |
|
@@ -35,20 +42,17 @@ class Repair extends Scans\Base\Utilities\BaseRepair {
|
|
35 |
* @return bool
|
36 |
*/
|
37 |
private function repairPluginFile( $sPath ) {
|
|
|
38 |
$oFiles = new WpOrg\Plugin\Files();
|
39 |
try {
|
40 |
if ( $oFiles->isValidFileFromPlugin( $sPath ) ) {
|
41 |
$bSuccess = $oFiles->replaceFileFromVcs( $sPath );
|
42 |
}
|
43 |
elseif ( $this->isAllowDelete() ) {
|
44 |
-
$bSuccess = Services::WpFs()->deleteFile( $sPath );
|
45 |
-
}
|
46 |
-
else {
|
47 |
-
$bSuccess = false;
|
48 |
}
|
49 |
}
|
50 |
catch ( \InvalidArgumentException $oE ) {
|
51 |
-
$bSuccess = false;
|
52 |
}
|
53 |
return (bool)$bSuccess;
|
54 |
}
|
@@ -58,20 +62,17 @@ class Repair extends Scans\Base\Utilities\BaseRepair {
|
|
58 |
* @return bool
|
59 |
*/
|
60 |
private function repairThemeFile( $sPath ) {
|
|
|
61 |
$oFiles = new WpOrg\Theme\Files();
|
62 |
try {
|
63 |
if ( $oFiles->isValidFileFromTheme( $sPath ) ) {
|
64 |
$bSuccess = $oFiles->replaceFileFromVcs( $sPath );
|
65 |
}
|
66 |
elseif ( $this->isAllowDelete() ) {
|
67 |
-
$bSuccess = Services::WpFs()->deleteFile( $sPath );
|
68 |
-
}
|
69 |
-
else {
|
70 |
-
$bSuccess = false;
|
71 |
}
|
72 |
}
|
73 |
catch ( \InvalidArgumentException $oE ) {
|
74 |
-
$bSuccess = false;
|
75 |
}
|
76 |
return (bool)$bSuccess;
|
77 |
}
|
21 |
public function repairItem() {
|
22 |
/** @var Ptg\ResultItem $oItem */
|
23 |
$oItem = $this->getScanItem();
|
24 |
+
|
25 |
+
if ( $this->canRepair() ) {
|
26 |
+
if ( $oItem->context == 'plugins' ) {
|
27 |
+
$bSuccess = $this->repairPluginFile( $oItem->path_full );
|
28 |
+
}
|
29 |
+
else {
|
30 |
+
$bSuccess = $this->repairThemeFile( $oItem->path_full );
|
31 |
+
}
|
32 |
}
|
33 |
else {
|
34 |
+
$bSuccess = false;
|
35 |
}
|
36 |
+
|
37 |
return $bSuccess;
|
38 |
}
|
39 |
|
42 |
* @return bool
|
43 |
*/
|
44 |
private function repairPluginFile( $sPath ) {
|
45 |
+
$bSuccess = false;
|
46 |
$oFiles = new WpOrg\Plugin\Files();
|
47 |
try {
|
48 |
if ( $oFiles->isValidFileFromPlugin( $sPath ) ) {
|
49 |
$bSuccess = $oFiles->replaceFileFromVcs( $sPath );
|
50 |
}
|
51 |
elseif ( $this->isAllowDelete() ) {
|
52 |
+
$bSuccess = (bool)Services::WpFs()->deleteFile( $sPath );
|
|
|
|
|
|
|
53 |
}
|
54 |
}
|
55 |
catch ( \InvalidArgumentException $oE ) {
|
|
|
56 |
}
|
57 |
return (bool)$bSuccess;
|
58 |
}
|
62 |
* @return bool
|
63 |
*/
|
64 |
private function repairThemeFile( $sPath ) {
|
65 |
+
$bSuccess = false;
|
66 |
$oFiles = new WpOrg\Theme\Files();
|
67 |
try {
|
68 |
if ( $oFiles->isValidFileFromTheme( $sPath ) ) {
|
69 |
$bSuccess = $oFiles->replaceFileFromVcs( $sPath );
|
70 |
}
|
71 |
elseif ( $this->isAllowDelete() ) {
|
72 |
+
$bSuccess = (bool)Services::WpFs()->deleteFile( $sPath );
|
|
|
|
|
|
|
73 |
}
|
74 |
}
|
75 |
catch ( \InvalidArgumentException $oE ) {
|
|
|
76 |
}
|
77 |
return (bool)$bSuccess;
|
78 |
}
|
src/lib/src/Scans/Realtime/Files/Backup.php
DELETED
@@ -1,27 +0,0 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
namespace FernleafSystems\Wordpress\Plugin\Shield\Scans\Realtime\Files;
|
4 |
-
|
5 |
-
use FernleafSystems\Wordpress\Services;
|
6 |
-
|
7 |
-
/**
|
8 |
-
* Class Backup
|
9 |
-
* @package FernleafSystems\Wordpress\Plugin\Shield\Scans\WpConfig
|
10 |
-
*/
|
11 |
-
class Backup {
|
12 |
-
|
13 |
-
/**
|
14 |
-
* @param string $sOriginalPath
|
15 |
-
* @param string $sBackupPath
|
16 |
-
* @param string $sPubKey
|
17 |
-
* @return bool
|
18 |
-
* @throws \Exception
|
19 |
-
*/
|
20 |
-
public function run( $sOriginalPath, $sBackupPath, $sPubKey ) {
|
21 |
-
$sCont = Services\Services::WpFs()->getFileContent( $sOriginalPath );
|
22 |
-
if ( empty( $sCont ) ) {
|
23 |
-
throw new \Exception( 'WP Config contents were empty' );
|
24 |
-
}
|
25 |
-
return ( new Services\Utilities\File\WriteDataToFileEncrypted() )->run( $sBackupPath, $sCont, $sPubKey );
|
26 |
-
}
|
27 |
-
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
src/lib/src/Scans/Realtime/Files/Process.php
DELETED
@@ -1,75 +0,0 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
namespace FernleafSystems\Wordpress\Plugin\Shield\Scans\Realtime\Files;
|
4 |
-
|
5 |
-
use FernleafSystems\Utilities\Data\Adapter\StdClassAdapter;
|
6 |
-
use FernleafSystems\Wordpress\Services\Services;
|
7 |
-
|
8 |
-
/**
|
9 |
-
* Class Process
|
10 |
-
* @package FernleafSystems\Wordpress\Plugin\Shield\Scans\WpConfig
|
11 |
-
* @property string $priv_key
|
12 |
-
* @property string $backup_dir
|
13 |
-
* @property string $backup_file
|
14 |
-
* @property string $original_path
|
15 |
-
* @property string $original_path_hash
|
16 |
-
*/
|
17 |
-
class Process {
|
18 |
-
|
19 |
-
use StdClassAdapter;
|
20 |
-
|
21 |
-
/**
|
22 |
-
* @return bool
|
23 |
-
* @throws \Exception
|
24 |
-
*/
|
25 |
-
public function run() {
|
26 |
-
$oFs = Services::WpFs();
|
27 |
-
|
28 |
-
if ( empty( $this->backup_file ) ) {
|
29 |
-
// we haven't created a backup yet.
|
30 |
-
$this->createBackup();
|
31 |
-
}
|
32 |
-
elseif ( !$oFs->isFile( $this->getFullBackupPath() ) ) {
|
33 |
-
throw new \Exception( 'Backup file is missing', 1 );
|
34 |
-
}
|
35 |
-
elseif ( !( new Verify() )->run( $this->original_path, $this->original_path_hash ) ) {
|
36 |
-
( new Revert() )->run( $this->original_path, $this->getFullBackupPath(), $this->priv_key );
|
37 |
-
}
|
38 |
-
|
39 |
-
return true;
|
40 |
-
}
|
41 |
-
|
42 |
-
/**
|
43 |
-
* @return bool
|
44 |
-
* @throws \Exception
|
45 |
-
*/
|
46 |
-
protected function createBackup() {
|
47 |
-
$this->backup_file = '.shieldbak-'.wp_rand( 1000, 999999 );
|
48 |
-
|
49 |
-
if ( !( new TestWritable() )->run( $this->original_path ) ) {
|
50 |
-
throw new \Exception( 'Cannot write to path: '.$this->original_path, 2 );
|
51 |
-
}
|
52 |
-
|
53 |
-
try {
|
54 |
-
$bSuccess = ( new Backup() )->run(
|
55 |
-
Services::WpGeneral()->getPath_WpConfig(),
|
56 |
-
$this->getFullBackupPath(),
|
57 |
-
Services::Encrypt()->getPublicKeyFromPrivateKey( $this->priv_key )
|
58 |
-
);
|
59 |
-
if ( $bSuccess ) {
|
60 |
-
$this->original_path_hash = sha1_file( Services::WpGeneral()->getPath_WpConfig() );
|
61 |
-
}
|
62 |
-
}
|
63 |
-
catch ( \Exception $oE ) {
|
64 |
-
throw new \Exception( $oE->getMessage(), 3 );
|
65 |
-
}
|
66 |
-
return $bSuccess;
|
67 |
-
}
|
68 |
-
|
69 |
-
/**
|
70 |
-
* @return string
|
71 |
-
*/
|
72 |
-
protected function getFullBackupPath() {
|
73 |
-
return path_join( $this->backup_dir, $this->backup_file );
|
74 |
-
}
|
75 |
-
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
src/lib/src/Scans/Realtime/Files/Revert.php
DELETED
@@ -1,33 +0,0 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
namespace FernleafSystems\Wordpress\Plugin\Shield\Scans\Realtime\Files;
|
4 |
-
|
5 |
-
use FernleafSystems\Wordpress\Services\Services;
|
6 |
-
use FernleafSystems\Wordpress\Services\Utilities\File\ReadDataFromFileEncrypted;
|
7 |
-
|
8 |
-
/**
|
9 |
-
* Class Revert
|
10 |
-
* @package FernleafSystems\Wordpress\Plugin\Shield\Scans\WpConfig
|
11 |
-
*/
|
12 |
-
class Revert {
|
13 |
-
|
14 |
-
/**
|
15 |
-
* @param string $sOriginalPath
|
16 |
-
* @param string $sBackupFilePath
|
17 |
-
* @param string $sPrivateKey
|
18 |
-
* @return bool
|
19 |
-
*/
|
20 |
-
public function run( $sOriginalPath, $sBackupFilePath, $sPrivateKey ) {
|
21 |
-
$bSuccess = false;
|
22 |
-
try {
|
23 |
-
$sData = ( new ReadDataFromFileEncrypted() )->run( $sBackupFilePath, $sPrivateKey );
|
24 |
-
if ( !empty( $sData ) ) {
|
25 |
-
$bSuccess = Services::WpFs()->putFileContent( $sOriginalPath, $sData );
|
26 |
-
}
|
27 |
-
}
|
28 |
-
catch ( \Exception $oE ) {
|
29 |
-
}
|
30 |
-
|
31 |
-
return $bSuccess;
|
32 |
-
}
|
33 |
-
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
src/lib/src/Scans/Realtime/Files/TestWritable.php
DELETED
@@ -1,26 +0,0 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
namespace FernleafSystems\Wordpress\Plugin\Shield\Scans\Realtime\Files;
|
4 |
-
|
5 |
-
use FernleafSystems\Wordpress\Services\Utilities\File\TestFileWritable;
|
6 |
-
|
7 |
-
/**
|
8 |
-
* Class TestWritable
|
9 |
-
* @package FernleafSystems\Wordpress\Plugin\Shield\Scans\WpConfig
|
10 |
-
*/
|
11 |
-
class TestWritable {
|
12 |
-
|
13 |
-
/**
|
14 |
-
* @param string $sPath
|
15 |
-
* @return bool
|
16 |
-
*/
|
17 |
-
public function run( $sPath ) {
|
18 |
-
try {
|
19 |
-
$bCan = ( new TestFileWritable() )->run( $sPath );
|
20 |
-
}
|
21 |
-
catch ( \Exception $oE ) {
|
22 |
-
$bCan = false;
|
23 |
-
}
|
24 |
-
return $bCan;
|
25 |
-
}
|
26 |
-
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
src/lib/src/Scans/Realtime/Files/Verify.php
DELETED
@@ -1,19 +0,0 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
namespace FernleafSystems\Wordpress\Plugin\Shield\Scans\Realtime\Files;
|
4 |
-
|
5 |
-
/**
|
6 |
-
* Class Verify
|
7 |
-
* @package FernleafSystems\Wordpress\Plugin\Shield\Scans\WpConfig
|
8 |
-
*/
|
9 |
-
class Verify {
|
10 |
-
|
11 |
-
/**
|
12 |
-
* @param string $sPath
|
13 |
-
* @param string $sHash
|
14 |
-
* @return bool
|
15 |
-
*/
|
16 |
-
public function run( $sPath, $sHash ) {
|
17 |
-
return sha1_file( $sPath ) === $sHash;
|
18 |
-
}
|
19 |
-
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
src/lib/src/Scans/Ufc/BuildScanAction.php
CHANGED
@@ -24,7 +24,8 @@ class BuildScanAction extends Shield\Scans\Base\BaseBuildScanAction {
|
|
24 |
/** @var Shield\Modules\HackGuard\Options $oOpts */
|
25 |
$oOpts = $this->getOptions();
|
26 |
|
27 |
-
$
|
|
|
28 |
$oAction->scan_dirs = $oOpts->getUfcScanDirectories();
|
29 |
}
|
30 |
}
|
24 |
/** @var Shield\Modules\HackGuard\Options $oOpts */
|
25 |
$oOpts = $this->getOptions();
|
26 |
|
27 |
+
$aExcls = $oOpts->getOpt( 'ufc_exclusions', [] );
|
28 |
+
$oAction->exclusions = is_array( $aExcls ) ? $aExcls : [];
|
29 |
$oAction->scan_dirs = $oOpts->getUfcScanDirectories();
|
30 |
}
|
31 |
}
|
src/lib/src/Scans/Ufc/Utilities/ItemActionHandler.php
CHANGED
@@ -22,7 +22,7 @@ class ItemActionHandler extends Base\Utilities\ItemActionHandler {
|
|
22 |
$oItem = $this->getScanItem();
|
23 |
$this->getCon()->fireEvent(
|
24 |
$this->getScanController()->getSlug().'_item_repair_'.( $bSuccess ? 'success' : 'fail' ),
|
25 |
-
[ 'audit' => [ 'fragment' => $oItem->
|
26 |
);
|
27 |
}
|
28 |
}
|
22 |
$oItem = $this->getScanItem();
|
23 |
$this->getCon()->fireEvent(
|
24 |
$this->getScanController()->getSlug().'_item_repair_'.( $bSuccess ? 'success' : 'fail' ),
|
25 |
+
[ 'audit' => [ 'fragment' => $oItem->path_full ] ]
|
26 |
);
|
27 |
}
|
28 |
}
|
src/lib/src/Scans/Wcf/Utilities/ItemActionHandler.php
CHANGED
@@ -22,7 +22,7 @@ class ItemActionHandler extends Base\Utilities\ItemActionHandler {
|
|
22 |
$oItem = $this->getScanItem();
|
23 |
$this->getCon()->fireEvent(
|
24 |
$this->getScanController()->getSlug().'_item_repair_'.( $bSuccess ? 'success' : 'fail' ),
|
25 |
-
[ 'audit' => [ 'fragment' => $oItem->
|
26 |
);
|
27 |
}
|
28 |
}
|
22 |
$oItem = $this->getScanItem();
|
23 |
$this->getCon()->fireEvent(
|
24 |
$this->getScanController()->getSlug().'_item_repair_'.( $bSuccess ? 'success' : 'fail' ),
|
25 |
+
[ 'audit' => [ 'fragment' => $oItem->path_full ] ]
|
26 |
);
|
27 |
}
|
28 |
}
|
src/lib/src/ShieldNetApi/Common/BaseApi.php
ADDED
@@ -0,0 +1,120 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi\Common;
|
4 |
+
|
5 |
+
use FernleafSystems\Utilities\Data\Adapter\StdClassAdapter;
|
6 |
+
use FernleafSystems\Wordpress\Services\Services;
|
7 |
+
use FernleafSystems\Wordpress\Services\Utilities\HttpRequest;
|
8 |
+
|
9 |
+
/**
|
10 |
+
* Class Lookup
|
11 |
+
* @package FernleafSystems\Wordpress\Services\Utilities\Licenses\Keyless
|
12 |
+
* @property string $lookup_url_stub
|
13 |
+
* @property string $request_method
|
14 |
+
* @property int $timeout
|
15 |
+
* @property HttpRequest $last_http_req
|
16 |
+
* @property array $params_body
|
17 |
+
* @property array $params_query
|
18 |
+
*/
|
19 |
+
abstract class BaseApi {
|
20 |
+
|
21 |
+
use StdClassAdapter {
|
22 |
+
__get as __adapterGet;
|
23 |
+
}
|
24 |
+
const DEFAULT_URL_STUB = '';
|
25 |
+
const API_ACTION = '';
|
26 |
+
|
27 |
+
/**
|
28 |
+
* @return array|null
|
29 |
+
*/
|
30 |
+
protected function sendReq() {
|
31 |
+
$oHttpReq = Services::HttpRequest();
|
32 |
+
|
33 |
+
$aReqParams = [
|
34 |
+
'timeout' => $this->timeout,
|
35 |
+
];
|
36 |
+
|
37 |
+
switch ( $this->request_method ) {
|
38 |
+
|
39 |
+
case 'post':
|
40 |
+
$aReqParams[ 'body' ] = $this->params_body;
|
41 |
+
$bReqSuccess = $oHttpReq->post( $this->getApiRequestUrl(), $aReqParams );
|
42 |
+
break;
|
43 |
+
|
44 |
+
case 'get':
|
45 |
+
default:
|
46 |
+
// Doing it in the ['body'] on some sites fails with the params not passed through to query string.
|
47 |
+
// if they're not using the newer WP Request() class. WP 4.6+
|
48 |
+
$bReqSuccess = $oHttpReq->get(
|
49 |
+
add_query_arg( $this->params_query, $this->getApiRequestUrl() ),
|
50 |
+
$aReqParams
|
51 |
+
);
|
52 |
+
break;
|
53 |
+
}
|
54 |
+
|
55 |
+
if ( $bReqSuccess ) {
|
56 |
+
$aResponse = empty( $oHttpReq->lastResponse->body ) ? [] : @json_decode( $oHttpReq->lastResponse->body, true );
|
57 |
+
}
|
58 |
+
else {
|
59 |
+
$aResponse = null;
|
60 |
+
}
|
61 |
+
|
62 |
+
$this->last_http_req = $oHttpReq;
|
63 |
+
return $aResponse;
|
64 |
+
}
|
65 |
+
|
66 |
+
/**
|
67 |
+
* @return string
|
68 |
+
*/
|
69 |
+
protected function getApiRequestUrl() {
|
70 |
+
return sprintf( '%s/%s', $this->lookup_url_stub, static::API_ACTION );
|
71 |
+
}
|
72 |
+
|
73 |
+
/**
|
74 |
+
* @return string[]
|
75 |
+
*/
|
76 |
+
protected function getRequestParamKeys() {
|
77 |
+
return [];
|
78 |
+
}
|
79 |
+
|
80 |
+
/**
|
81 |
+
* @param string $sProperty
|
82 |
+
* @return mixed
|
83 |
+
*/
|
84 |
+
public function __get( $sProperty ) {
|
85 |
+
|
86 |
+
$mValue = $this->__adapterGet( $sProperty );
|
87 |
+
|
88 |
+
switch ( $sProperty ) {
|
89 |
+
|
90 |
+
case 'params_query':
|
91 |
+
case 'params_body':
|
92 |
+
if ( !is_array( $mValue ) ) {
|
93 |
+
$mValue = [];
|
94 |
+
}
|
95 |
+
break;
|
96 |
+
|
97 |
+
case 'request_method':
|
98 |
+
$mValue = empty( $mValue ) ? 'get' : strtolower( $mValue );
|
99 |
+
break;
|
100 |
+
|
101 |
+
case 'lookup_url_stub':
|
102 |
+
if ( empty( $mValue ) ) {
|
103 |
+
$mValue = static::DEFAULT_URL_STUB;
|
104 |
+
}
|
105 |
+
$mValue = rtrim( $mValue, '/' );
|
106 |
+
break;
|
107 |
+
|
108 |
+
case 'timeout':
|
109 |
+
if ( empty( $mValue ) || !is_numeric( $mValue ) ) {
|
110 |
+
$mValue = 60;
|
111 |
+
}
|
112 |
+
break;
|
113 |
+
|
114 |
+
default:
|
115 |
+
break;
|
116 |
+
}
|
117 |
+
|
118 |
+
return $mValue;
|
119 |
+
}
|
120 |
+
}
|
src/lib/src/ShieldNetApi/Common/BaseShieldNetApi.php
ADDED
@@ -0,0 +1,65 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi\Common;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi\HandshakingNonce;
|
7 |
+
use FernleafSystems\Wordpress\Services\Services;
|
8 |
+
|
9 |
+
/**
|
10 |
+
* Class BaseShieldNetApi
|
11 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi\Common
|
12 |
+
* @property array $shield_net_params
|
13 |
+
*/
|
14 |
+
class BaseShieldNetApi extends BaseApi {
|
15 |
+
|
16 |
+
use ModConsumer;
|
17 |
+
const DEFAULT_URL_STUB = 'https://net.shieldsecurity.io/wp-json/apto-snapi/v1';
|
18 |
+
|
19 |
+
/**
|
20 |
+
* @param string $sProperty
|
21 |
+
* @return mixed
|
22 |
+
*/
|
23 |
+
public function __get( $sProperty ) {
|
24 |
+
|
25 |
+
$mValue = parent::__get( $sProperty );
|
26 |
+
|
27 |
+
switch ( $sProperty ) {
|
28 |
+
|
29 |
+
case 'params_query':
|
30 |
+
if ( $this->request_method == 'get' ) {
|
31 |
+
$mValue = array_merge( $this->shield_net_params, $mValue );
|
32 |
+
}
|
33 |
+
break;
|
34 |
+
|
35 |
+
case 'params_body':
|
36 |
+
if ( $this->request_method == 'post' ) {
|
37 |
+
$mValue = array_merge( $this->shield_net_params, $mValue );
|
38 |
+
}
|
39 |
+
break;
|
40 |
+
|
41 |
+
case 'shield_net_params':
|
42 |
+
if ( !is_array( $mValue ) ) {
|
43 |
+
$mValue = $this->getShieldNetApiParams();
|
44 |
+
$this->shield_net_params = $mValue;
|
45 |
+
}
|
46 |
+
break;
|
47 |
+
|
48 |
+
default:
|
49 |
+
break;
|
50 |
+
}
|
51 |
+
|
52 |
+
return $mValue;
|
53 |
+
}
|
54 |
+
|
55 |
+
/**
|
56 |
+
* @return string[]
|
57 |
+
*/
|
58 |
+
protected function getShieldNetApiParams() {
|
59 |
+
return [
|
60 |
+
'url' => Services::WpGeneral()->getHomeUrl( '', true ),
|
61 |
+
'install_id' => $this->getCon()->getSiteInstallationId(),
|
62 |
+
'nonce' => ( new HandshakingNonce() )->setMod( $this->getMod() )->create(),
|
63 |
+
];
|
64 |
+
}
|
65 |
+
}
|
src/lib/src/ShieldNetApi/FileLocker/DecryptFile.php
ADDED
@@ -0,0 +1,35 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi\FileLocker;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi\Common\BaseShieldNetApi;
|
7 |
+
use FernleafSystems\Wordpress\Services\Utilities\Encrypt\OpenSslEncryptVo;
|
8 |
+
|
9 |
+
class DecryptFile extends BaseShieldNetApi {
|
10 |
+
|
11 |
+
use ModConsumer;
|
12 |
+
const API_ACTION = 'filelocker/decrypt';
|
13 |
+
|
14 |
+
/**
|
15 |
+
* @param OpenSslEncryptVo $oOpenSslVO
|
16 |
+
* @param int $nPublicKeyId
|
17 |
+
* @return string|null
|
18 |
+
*/
|
19 |
+
public function retrieve( OpenSslEncryptVo $oOpenSslVO, $nPublicKeyId ) {
|
20 |
+
$sContent = null;
|
21 |
+
|
22 |
+
$this->request_method = 'post';
|
23 |
+
$this->params_body = [
|
24 |
+
'key_id' => $nPublicKeyId,
|
25 |
+
'sealed_data' => $oOpenSslVO->sealed_data,
|
26 |
+
'sealed_pass' => $oOpenSslVO->sealed_password,
|
27 |
+
];
|
28 |
+
|
29 |
+
$aRaw = $this->sendReq();
|
30 |
+
if ( is_array( $aRaw ) && !empty( $aRaw[ 'data' ] ) ) {
|
31 |
+
$sContent = base64_decode( $aRaw[ 'data' ][ 'opened_data' ] );
|
32 |
+
}
|
33 |
+
return $sContent;
|
34 |
+
}
|
35 |
+
}
|
src/lib/src/ShieldNetApi/FileLocker/GetPublicKey.php
ADDED
@@ -0,0 +1,22 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi\FileLocker;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi\Common\BaseShieldNetApi;
|
6 |
+
|
7 |
+
class GetPublicKey extends BaseShieldNetApi {
|
8 |
+
|
9 |
+
const API_ACTION = 'filelocker/public_key';
|
10 |
+
|
11 |
+
/**
|
12 |
+
* @return array|null
|
13 |
+
*/
|
14 |
+
public function retrieve() {
|
15 |
+
$aKey = null;
|
16 |
+
$aRaw = $this->sendReq();
|
17 |
+
if ( is_array( $aRaw ) && !empty( $aRaw[ 'data' ][ 'key_id' ] ) ) {
|
18 |
+
$aKey[ $aRaw[ 'data' ][ 'key_id' ] ] = $aRaw[ 'data' ][ 'pub_key' ];
|
19 |
+
}
|
20 |
+
return $aKey;
|
21 |
+
}
|
22 |
+
}
|
src/lib/src/ShieldNetApi/Handshake/Verify.php
ADDED
@@ -0,0 +1,18 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi\Handshake;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi\Common;
|
6 |
+
|
7 |
+
class Verify extends Common\BaseShieldNetApi {
|
8 |
+
|
9 |
+
const API_ACTION = 'handshake/verify';
|
10 |
+
|
11 |
+
/**
|
12 |
+
* @return bool
|
13 |
+
*/
|
14 |
+
public function run() {
|
15 |
+
$aRaw = $this->sendReq();
|
16 |
+
return is_array( $aRaw ) && !empty( $aRaw[ 'data' ][ 'success' ] );
|
17 |
+
}
|
18 |
+
}
|
src/lib/src/ShieldNetApi/HandshakingNonce.php
ADDED
@@ -0,0 +1,67 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
+
use FernleafSystems\Wordpress\Services\Services;
|
7 |
+
|
8 |
+
class HandshakingNonce {
|
9 |
+
|
10 |
+
use ModConsumer;
|
11 |
+
|
12 |
+
/**
|
13 |
+
* @return string
|
14 |
+
*/
|
15 |
+
public function create() {
|
16 |
+
$aNonces = $this->getNonces();
|
17 |
+
|
18 |
+
$sPass = wp_generate_password( 12, false );
|
19 |
+
$aNonces[ $sPass ] = Services::Request()->ts() + 90;
|
20 |
+
$this->storeNonces( $aNonces );
|
21 |
+
|
22 |
+
return $sPass;
|
23 |
+
}
|
24 |
+
|
25 |
+
/**
|
26 |
+
* @param string $sNonce
|
27 |
+
* @return bool
|
28 |
+
*/
|
29 |
+
public function verify( $sNonce ) {
|
30 |
+
$aNs = $this->getNonces();
|
31 |
+
$bValid = false;
|
32 |
+
if ( isset( $aNs[ $sNonce ] ) ) {
|
33 |
+
$bValid = Services::Request()->ts() <= $aNs[ $sNonce ];
|
34 |
+
unset( $aNs[ $sNonce ] );
|
35 |
+
$this->storeNonces( $aNs );
|
36 |
+
}
|
37 |
+
return $bValid;
|
38 |
+
}
|
39 |
+
|
40 |
+
/**
|
41 |
+
* @return int[]
|
42 |
+
*/
|
43 |
+
private function getNonces() {
|
44 |
+
return $this->getCon()
|
45 |
+
->getModule_Plugin()
|
46 |
+
->getShieldNetApiController()->vo->nonces;
|
47 |
+
}
|
48 |
+
|
49 |
+
/**
|
50 |
+
* Also filters out expired nonces on-save
|
51 |
+
* @param int[] $aNonces
|
52 |
+
* @return $this
|
53 |
+
*/
|
54 |
+
private function storeNonces( array $aNonces ) {
|
55 |
+
$oSnapiCon = $this->getCon()
|
56 |
+
->getModule_Plugin()
|
57 |
+
->getShieldNetApiController();
|
58 |
+
$oSnapiCon->vo->nonces = array_filter(
|
59 |
+
$aNonces,
|
60 |
+
function ( $nTS ) {
|
61 |
+
return $nTS > Services::Request()->ts();
|
62 |
+
}
|
63 |
+
);
|
64 |
+
$oSnapiCon->storeVoData();
|
65 |
+
return $this;
|
66 |
+
}
|
67 |
+
}
|
src/lib/src/ShieldNetApi/ShieldNetApiController.php
ADDED
@@ -0,0 +1,93 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi;
|
4 |
+
|
5 |
+
use FernleafSystems\Utilities\Data\Adapter\StdClassAdapter;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
7 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin;
|
8 |
+
use FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi;
|
9 |
+
use FernleafSystems\Wordpress\Services\Services;
|
10 |
+
|
11 |
+
/**
|
12 |
+
* Class ShieldNetApiController
|
13 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi
|
14 |
+
* @property ShieldNetApiDataVO $vo
|
15 |
+
*/
|
16 |
+
class ShieldNetApiController {
|
17 |
+
|
18 |
+
use ModConsumer;
|
19 |
+
use StdClassAdapter {
|
20 |
+
__get as __adapterGet;
|
21 |
+
}
|
22 |
+
|
23 |
+
/**
|
24 |
+
* Automatically throttles request because otherwise PRO-nulled versions of Shield will cause
|
25 |
+
* overload on our API.
|
26 |
+
*
|
27 |
+
* Note To Plugin 'Null'ers:
|
28 |
+
* PRO features that require handshaking wont work even if you null the plugin because our
|
29 |
+
* API will always reject those requests. Don't fiddle with this function, please. You may get
|
30 |
+
* away with nulling the plugin for many PRO features, but you can't null our API, sorry.
|
31 |
+
* @return bool
|
32 |
+
*/
|
33 |
+
public function canHandshake() {
|
34 |
+
$nNow = Services::Request()->ts();
|
35 |
+
if ( $this->vo->last_handshake_at === 0 ) {
|
36 |
+
|
37 |
+
$bCanTry = $nNow - MINUTE_IN_SECONDS*5*$this->vo->handshake_fail_count
|
38 |
+
> $this->vo->last_handshake_attempt_at;
|
39 |
+
if ( $bCanTry ) {
|
40 |
+
$bCanHandshake = ( new ShieldNetApi\Handshake\Verify() )
|
41 |
+
->setMod( $this->getMod() )
|
42 |
+
->run();
|
43 |
+
|
44 |
+
if ( $bCanHandshake ) {
|
45 |
+
$this->vo->last_handshake_at = $nNow;
|
46 |
+
$this->vo->handshake_fail_count = 0;
|
47 |
+
}
|
48 |
+
else {
|
49 |
+
$this->vo->handshake_fail_count++;
|
50 |
+
}
|
51 |
+
$this->vo->last_handshake_attempt_at = $nNow;
|
52 |
+
$this->storeVoData();
|
53 |
+
}
|
54 |
+
}
|
55 |
+
|
56 |
+
return $this->vo->last_handshake_at > 0;
|
57 |
+
}
|
58 |
+
|
59 |
+
public function storeVoData() {
|
60 |
+
$oMod = $this->getMod();
|
61 |
+
$oMod->getOptions()->setOpt( 'snapi_data', $this->vo->getRawDataAsArray() );
|
62 |
+
$oMod->saveModOptions();
|
63 |
+
}
|
64 |
+
|
65 |
+
/**
|
66 |
+
* @param string $sProperty
|
67 |
+
* @return mixed
|
68 |
+
*/
|
69 |
+
public function __get( $sProperty ) {
|
70 |
+
/** @var Plugin\Options $oOpts */
|
71 |
+
$oOpts = $this->getOptions();
|
72 |
+
|
73 |
+
$mValue = $this->__adapterGet( $sProperty );
|
74 |
+
|
75 |
+
switch ( $sProperty ) {
|
76 |
+
|
77 |
+
case 'vo':
|
78 |
+
if ( empty( $mValue ) ) {
|
79 |
+
$aData = $oOpts->getOpt( 'snapi_data', [] );
|
80 |
+
$mValue = ( new ShieldNetApiDataVO() )->applyFromArray(
|
81 |
+
is_array( $aData ) ? $aData : []
|
82 |
+
);
|
83 |
+
$this->vo = $mValue;
|
84 |
+
}
|
85 |
+
break;
|
86 |
+
|
87 |
+
default:
|
88 |
+
break;
|
89 |
+
}
|
90 |
+
|
91 |
+
return $mValue;
|
92 |
+
}
|
93 |
+
}
|
src/lib/src/ShieldNetApi/ShieldNetApiDataVO.php
ADDED
@@ -0,0 +1,49 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi;
|
4 |
+
|
5 |
+
use FernleafSystems\Utilities\Data\Adapter\StdClassAdapter;
|
6 |
+
|
7 |
+
/**
|
8 |
+
* Class ShieldNetApiDataVO
|
9 |
+
* @package FernleafSystems\Wordpress\Plugin\Shield\ShieldNetApi
|
10 |
+
* @property int $last_handshake_at
|
11 |
+
* @property int $last_handshake_attempt_at
|
12 |
+
* @property int $handshake_fail_count
|
13 |
+
* @property int[] $nonces
|
14 |
+
*/
|
15 |
+
class ShieldNetApiDataVO {
|
16 |
+
|
17 |
+
use StdClassAdapter {
|
18 |
+
__get as __adapterGet;
|
19 |
+
}
|
20 |
+
|
21 |
+
/**
|
22 |
+
* @param string $sProperty
|
23 |
+
* @return mixed
|
24 |
+
*/
|
25 |
+
public function __get( $sProperty ) {
|
26 |
+
|
27 |
+
$mValue = $this->__adapterGet( $sProperty );
|
28 |
+
|
29 |
+
switch ( $sProperty ) {
|
30 |
+
|
31 |
+
case 'nonces':
|
32 |
+
if ( !is_array( $mValue ) ) {
|
33 |
+
$mValue = [];
|
34 |
+
}
|
35 |
+
break;
|
36 |
+
|
37 |
+
case 'last_handshake_at':
|
38 |
+
case 'last_handshake_attempt_at':
|
39 |
+
case 'handshake_fail_count':
|
40 |
+
$mValue = (int)$mValue;
|
41 |
+
break;
|
42 |
+
|
43 |
+
default:
|
44 |
+
break;
|
45 |
+
}
|
46 |
+
|
47 |
+
return $mValue;
|
48 |
+
}
|
49 |
+
}
|
src/lib/src/Tables/Build/AuditTrail.php
CHANGED
@@ -61,7 +61,8 @@ class AuditTrail extends BaseBuild {
|
|
61 |
$oSelector->filterByIsLoggedIn( $aParams[ 'fLoggedIn' ] );
|
62 |
}
|
63 |
|
64 |
-
$oSelector->setOrderBy( 'updated_at'
|
|
|
65 |
|
66 |
return $this;
|
67 |
}
|
@@ -142,7 +143,7 @@ class AuditTrail extends BaseBuild {
|
|
142 |
|
143 |
if ( $oEntry->count > 1 ) {
|
144 |
$aE[ 'message' ] = $sMsg."\n"
|
145 |
-
.sprintf( __( 'This event repeated %s times in
|
146 |
}
|
147 |
|
148 |
$aEntries[ $oEntry->rid ] = $aE;
|
61 |
$oSelector->filterByIsLoggedIn( $aParams[ 'fLoggedIn' ] );
|
62 |
}
|
63 |
|
64 |
+
$oSelector->setOrderBy( 'updated_at', 'DESC', true )
|
65 |
+
->setOrderBy( 'created_at' );
|
66 |
|
67 |
return $this;
|
68 |
}
|
143 |
|
144 |
if ( $oEntry->count > 1 ) {
|
145 |
$aE[ 'message' ] = $sMsg."\n"
|
146 |
+
.sprintf( __( 'This event repeated %s times in the last 24hrs.', 'wp-simple-firewall' ), $oEntry->count );
|
147 |
}
|
148 |
|
149 |
$aEntries[ $oEntry->rid ] = $aE;
|
src/lib/src/Tables/Build/BaseBuild.php
CHANGED
@@ -62,7 +62,8 @@ class BaseBuild {
|
|
62 |
* @return string
|
63 |
*/
|
64 |
protected function buildEmpty() {
|
65 |
-
return sprintf( '<div class="alert alert-success m-0">%s</div>',
|
|
|
66 |
}
|
67 |
|
68 |
/**
|
62 |
* @return string
|
63 |
*/
|
64 |
protected function buildEmpty() {
|
65 |
+
return sprintf( '<div class="alert alert-success m-0">%s</div>',
|
66 |
+
__( "No entries to display.", 'wp-simple-firewall' ) );
|
67 |
}
|
68 |
|
69 |
/**
|
src/lib/src/Tables/Build/Ip.php
CHANGED
@@ -58,7 +58,7 @@ class Ip extends BaseBuild {
|
|
58 |
$aE = $oEntry->getRawDataAsArray();
|
59 |
$bBlocked = $oEntry->blocked_at > 0 || $oEntry->transgressions >= $nTransLimit;
|
60 |
$aE[ 'last_trans_at' ] = Services::Request()
|
61 |
-
->carbon()
|
62 |
->setTimestamp( $oEntry->last_access_at )
|
63 |
->diffForHumans();
|
64 |
$aE[ 'last_access_at' ] = $this->formatTimestampField( $oEntry->last_access_at );
|
58 |
$aE = $oEntry->getRawDataAsArray();
|
59 |
$bBlocked = $oEntry->blocked_at > 0 || $oEntry->transgressions >= $nTransLimit;
|
60 |
$aE[ 'last_trans_at' ] = Services::Request()
|
61 |
+
->carbon( true )
|
62 |
->setTimestamp( $oEntry->last_access_at )
|
63 |
->diffForHumans();
|
64 |
$aE[ 'last_access_at' ] = $this->formatTimestampField( $oEntry->last_access_at );
|
src/lib/src/Tables/Build/ScanBase.php
CHANGED
@@ -12,6 +12,14 @@ use FernleafSystems\Wordpress\Services\Services;
|
|
12 |
*/
|
13 |
class ScanBase extends BaseBuild {
|
14 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
15 |
/**
|
16 |
* @return array[]
|
17 |
*/
|
12 |
*/
|
13 |
class ScanBase extends BaseBuild {
|
14 |
|
15 |
+
/**
|
16 |
+
* @return string
|
17 |
+
*/
|
18 |
+
protected function buildEmpty() {
|
19 |
+
return sprintf( '<div class="alert alert-success m-0">%s</div>',
|
20 |
+
__( "The previous scan either didn't detect any items that require your attention or they've already been repaired.", 'wp-simple-firewall' ) );
|
21 |
+
}
|
22 |
+
|
23 |
/**
|
24 |
* @return array[]
|
25 |
*/
|
src/lib/src/Tables/Build/Sessions.php
CHANGED
@@ -39,7 +39,7 @@ class Sessions extends BaseBuild {
|
|
39 |
}
|
40 |
}
|
41 |
|
42 |
-
$oSelector->setOrderBy( 'last_activity_at' );
|
43 |
|
44 |
return $this;
|
45 |
}
|
39 |
}
|
40 |
}
|
41 |
|
42 |
+
$oSelector->setOrderBy( 'last_activity_at', 'DESC', true );
|
43 |
|
44 |
return $this;
|
45 |
}
|
src/lib/src/Tables/Build/Traffic.php
CHANGED
@@ -52,6 +52,14 @@ class Traffic extends BaseBuild {
|
|
52 |
return $this;
|
53 |
}
|
54 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
55 |
/**
|
56 |
* Override to allow other parameter keys for building the table
|
57 |
* @return array
|
@@ -74,11 +82,10 @@ class Traffic extends BaseBuild {
|
|
74 |
protected function getEntriesFormatted() {
|
75 |
$aEntries = [];
|
76 |
|
77 |
-
/** @var \ICWP_WPSF_FeatureHandler_Plugin $oMod */
|
78 |
-
$oMod = $this->getMod();
|
79 |
-
|
80 |
$oWpUsers = Services::WpUsers();
|
81 |
-
$oGeoIpLookup = ( new Lookup() )->setDbHandler( $
|
|
|
|
|
82 |
$oIpSrv = Services::IP();
|
83 |
$sYou = $oIpSrv->getRequestIp();
|
84 |
|
52 |
return $this;
|
53 |
}
|
54 |
|
55 |
+
/**
|
56 |
+
* @return string
|
57 |
+
*/
|
58 |
+
protected function buildEmpty() {
|
59 |
+
return sprintf( '<div class="alert alert-success m-0">%s</div>',
|
60 |
+
__( "No requests have been logged.", 'wp-simple-firewall' ) );
|
61 |
+
}
|
62 |
+
|
63 |
/**
|
64 |
* Override to allow other parameter keys for building the table
|
65 |
* @return array
|
82 |
protected function getEntriesFormatted() {
|
83 |
$aEntries = [];
|
84 |
|
|
|
|
|
|
|
85 |
$oWpUsers = Services::WpUsers();
|
86 |
+
$oGeoIpLookup = ( new Lookup() )->setDbHandler( $this->getCon()
|
87 |
+
->getModule_Plugin()
|
88 |
+
->getDbHandler_GeoIp() );
|
89 |
$oIpSrv = Services::IP();
|
90 |
$sYou = $oIpSrv->getRequestIp();
|
91 |
|
src/lib/src/Utilities/HCaptcha/TestRequest.php
ADDED
@@ -0,0 +1,49 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Utilities\HCaptcha;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Services\Services;
|
6 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Utilities\ReCaptcha;
|
7 |
+
|
8 |
+
class TestRequest extends ReCaptcha\TestRequest {
|
9 |
+
|
10 |
+
const URL_VERIFY = 'https://hcaptcha.com/siteverify';
|
11 |
+
|
12 |
+
/**
|
13 |
+
* @return bool
|
14 |
+
* @throws \Exception
|
15 |
+
*/
|
16 |
+
protected function runTest() {
|
17 |
+
/** @var \ICWP_WPSF_FeatureHandler_BaseWpsf $oMod */
|
18 |
+
$oMod = $this->getMod();
|
19 |
+
|
20 |
+
$sCaptchaResponse = Services::Request()->post( 'h-captcha-response' );
|
21 |
+
|
22 |
+
if ( empty( $sCaptchaResponse ) ) {
|
23 |
+
throw new \Exception( __( 'Whoops.', 'wp-simple-firewall' ).' '.__( 'CAPTCHA was not submitted.', 'wp-simple-firewall' ), 1 );
|
24 |
+
}
|
25 |
+
else {
|
26 |
+
$oHTTP = Services::HttpRequest();
|
27 |
+
$bSuccess = $oHTTP->post( self::URL_VERIFY, [
|
28 |
+
'body' => [
|
29 |
+
'secret' => $oMod->getCaptchaCfg()->secret,
|
30 |
+
'response' => $sCaptchaResponse,
|
31 |
+
'remoteip' => Services::IP()->getRequestIp(),
|
32 |
+
]
|
33 |
+
] )
|
34 |
+
&& !empty( $oHTTP->lastResponse->body );
|
35 |
+
$aResponse = $bSuccess ? json_decode( $oHTTP->lastResponse->body, true ) : [];
|
36 |
+
|
37 |
+
if ( empty( $aResponse[ 'success' ] ) ) {
|
38 |
+
$aMsg = [
|
39 |
+
__( 'Whoops.', 'wp-simple-firewall' ),
|
40 |
+
__( 'CAPTCHA verification failed.', 'wp-simple-firewall' ),
|
41 |
+
Services::WpGeneral()->isAjax() ?
|
42 |
+
__( 'Maybe refresh the page and try again.', 'wp-simple-firewall' ) : ''
|
43 |
+
];
|
44 |
+
throw new \Exception( implode( ' ', $aMsg ), 2 );
|
45 |
+
}
|
46 |
+
}
|
47 |
+
return true;
|
48 |
+
}
|
49 |
+
}
|
src/lib/src/Utilities/ReCaptcha/Enqueue.php
ADDED
@@ -0,0 +1,93 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Plugin\Shield\Utilities\ReCaptcha;
|
4 |
+
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\ModConsumer;
|
6 |
+
use FernleafSystems\Wordpress\Services\Services;
|
7 |
+
|
8 |
+
class Enqueue {
|
9 |
+
|
10 |
+
use ModConsumer;
|
11 |
+
|
12 |
+
/**
|
13 |
+
* @var bool
|
14 |
+
*/
|
15 |
+
private $bEnqueue;
|
16 |
+
|
17 |
+
public function __construct() {
|
18 |
+
$this->bEnqueue = false;
|
19 |
+
if ( Services::Request()->query( 'wp_service_worker', 0 ) != 1 ) {
|
20 |
+
add_action( 'wp_enqueue_scripts', [ $this, 'onWpEnqueueJs' ] );
|
21 |
+
add_action( 'login_enqueue_scripts', [ $this, 'onWpEnqueueJs' ] );
|
22 |
+
}
|
23 |
+
}
|
24 |
+
|
25 |
+
public function onWpEnqueueJs() {
|
26 |
+
/** @var \ICWP_WPSF_FeatureHandler_BaseWpsf $oMod */
|
27 |
+
$oMod = $this->getMod();
|
28 |
+
$oCFG = $oMod->getCaptchaCfg();
|
29 |
+
|
30 |
+
$sJsUri = add_query_arg(
|
31 |
+
[
|
32 |
+
'hl' => Services::WpGeneral()->getLocale( '-' ),
|
33 |
+
'onload' => 'onLoadIcwpRecaptchaCallback',
|
34 |
+
'render' => 'explicit',
|
35 |
+
],
|
36 |
+
$oCFG->url_api
|
37 |
+
);
|
38 |
+
wp_register_script( $oCFG->js_handle, $sJsUri, [], false, true );
|
39 |
+
wp_enqueue_script( $oCFG->js_handle );
|
40 |
+
|
41 |
+
Services::Includes()
|
42 |
+
->addIncludeAttribute( $oCFG->js_handle, 'async', 'async' )
|
43 |
+
->addIncludeAttribute( $oCFG->js_handle, 'defer', 'defer' );
|
44 |
+
/**
|
45 |
+
* Change to recaptcha implementation now means
|
46 |
+
* 1 - the form will not submit unless the recaptcha has been executed (either invisible or manual)
|
47 |
+
*/
|
48 |
+
add_action( 'wp_footer', [ $this, 'maybeDequeueRecaptcha' ], -100 );
|
49 |
+
add_action( 'login_footer', [ $this, 'maybeDequeueRecaptcha' ], -100 );
|
50 |
+
}
|
51 |
+
|
52 |
+
/**
|
53 |
+
* @return string
|
54 |
+
*/
|
55 |
+
public function getCaptchaHtml() {
|
56 |
+
return '<div class="icwpg-recaptcha"></div>';
|
57 |
+
}
|
58 |
+
|
59 |
+
/**
|
60 |
+
* If recaptcha is required, it prints the necessary snippet and does not remove the enqueue
|
61 |
+
*
|
62 |
+
* @throws \Exception
|
63 |
+
*/
|
64 |
+
public function maybeDequeueRecaptcha() {
|
65 |
+
/** @var \ICWP_WPSF_FeatureHandler_BaseWpsf $oMod */
|
66 |
+
$oMod = $this->getMod();
|
67 |
+
$oCFG = $oMod->getCaptchaCfg();
|
68 |
+
|
69 |
+
if ( $this->bEnqueue ) {
|
70 |
+
echo $oMod->renderTemplate(
|
71 |
+
'snippets/google_recaptcha_js',
|
72 |
+
[
|
73 |
+
'sitekey' => $oCFG->key,
|
74 |
+
'size' => $oCFG->invisible ? 'invisible' : '',
|
75 |
+
'theme' => $oCFG->theme,
|
76 |
+
'invis' => $oCFG->invisible,
|
77 |
+
]
|
78 |
+
|
79 |
+
);
|
80 |
+
}
|
81 |
+
else {
|
82 |
+
wp_dequeue_script( $oCFG->js_handle );
|
83 |
+
}
|
84 |
+
}
|
85 |
+
|
86 |
+
/**
|
87 |
+
* @return $this
|
88 |
+
*/
|
89 |
+
public function setToEnqueue() {
|
90 |
+
$this->bEnqueue = true;
|
91 |
+
return $this;
|
92 |
+
}
|
93 |
+
}
|
src/lib/src/Utilities/ReCaptcha/TestRequest.php
CHANGED
@@ -30,22 +30,22 @@ class TestRequest {
|
|
30 |
* @return bool
|
31 |
* @throws \Exception
|
32 |
*/
|
33 |
-
|
34 |
/** @var \ICWP_WPSF_FeatureHandler_BaseWpsf $oMod */
|
35 |
$oMod = $this->getMod();
|
36 |
|
37 |
$sCaptchaResponse = Services::Request()->post( 'g-recaptcha-response' );
|
38 |
|
39 |
if ( empty( $sCaptchaResponse ) ) {
|
40 |
-
throw new \Exception( __( 'Whoops.', 'wp-simple-firewall' ).' '.__( '
|
41 |
}
|
42 |
else {
|
43 |
-
$oResponse = ( new ReCaptcha( $oMod->
|
44 |
->verify( $sCaptchaResponse, Services::IP()->getRequestIp() );
|
45 |
if ( empty( $oResponse ) || !$oResponse->isSuccess() ) {
|
46 |
$aMsg = [
|
47 |
__( 'Whoops.', 'wp-simple-firewall' ),
|
48 |
-
__( '
|
49 |
Services::WpGeneral()->isAjax() ?
|
50 |
__( 'Maybe refresh the page and try again.', 'wp-simple-firewall' ) : ''
|
51 |
];
|
30 |
* @return bool
|
31 |
* @throws \Exception
|
32 |
*/
|
33 |
+
protected function runTest() {
|
34 |
/** @var \ICWP_WPSF_FeatureHandler_BaseWpsf $oMod */
|
35 |
$oMod = $this->getMod();
|
36 |
|
37 |
$sCaptchaResponse = Services::Request()->post( 'g-recaptcha-response' );
|
38 |
|
39 |
if ( empty( $sCaptchaResponse ) ) {
|
40 |
+
throw new \Exception( __( 'Whoops.', 'wp-simple-firewall' ).' '.__( 'CAPTCHA was not submitted.', 'wp-simple-firewall' ), 1 );
|
41 |
}
|
42 |
else {
|
43 |
+
$oResponse = ( new ReCaptcha( $oMod->getCaptchaCfg()->secret, new WordpressPost() ) )
|
44 |
->verify( $sCaptchaResponse, Services::IP()->getRequestIp() );
|
45 |
if ( empty( $oResponse ) || !$oResponse->isSuccess() ) {
|
46 |
$aMsg = [
|
47 |
__( 'Whoops.', 'wp-simple-firewall' ),
|
48 |
+
__( 'CAPTCHA verification failed.', 'wp-simple-firewall' ),
|
49 |
Services::WpGeneral()->isAjax() ?
|
50 |
__( 'Maybe refresh the page and try again.', 'wp-simple-firewall' ) : ''
|
51 |
];
|
src/lib/vendor/composer/autoload_classmap.php
CHANGED
@@ -24,6 +24,7 @@ return array(
|
|
24 |
'Elliotchance\\Iterator\\PagedIterator2' => $vendorDir . '/elliotchance/iterator/tests/Elliotchance/Iterator/PagedIteratorTest.php',
|
25 |
'Elliotchance\\Iterator\\PagedIteratorTest' => $vendorDir . '/elliotchance/iterator/tests/Elliotchance/Iterator/PagedIteratorTest.php',
|
26 |
'FernleafSystems\\Utilities\\Data\\Adapter\\StdClassAdapter' => $vendorDir . '/fernleafsystems/utilities/src/Data/Adapter/StdClassAdapter.php',
|
|
|
27 |
'FernleafSystems\\Utilities\\Response' => $vendorDir . '/fernleafsystems/utilities/src/Response.php',
|
28 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ChangeTrack\\Diff\\Base' => $baseDir . '/src/ChangeTrack/Diff/Base.php',
|
29 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ChangeTrack\\Diff\\DiffComments' => $baseDir . '/src/ChangeTrack/Diff/DiffComments.php',
|
@@ -81,11 +82,6 @@ return array(
|
|
81 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ChangeTracking\\Insert' => $baseDir . '/src/Databases/ChangeTracking/Insert.php',
|
82 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ChangeTracking\\Select' => $baseDir . '/src/Databases/ChangeTracking/Select.php',
|
83 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ChangeTracking\\Update' => $baseDir . '/src/Databases/ChangeTracking/Update.php',
|
84 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Comments\\Delete' => $baseDir . '/src/Databases/Comments/Delete.php',
|
85 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Comments\\EntryVO' => $baseDir . '/src/Databases/Comments/EntryVO.php',
|
86 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Comments\\Handler' => $baseDir . '/src/Databases/Comments/Handler.php',
|
87 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Comments\\Insert' => $baseDir . '/src/Databases/Comments/Insert.php',
|
88 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Comments\\Select' => $baseDir . '/src/Databases/Comments/Select.php',
|
89 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\Common' => $baseDir . '/src/Databases/Events/Common.php',
|
90 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\Delete' => $baseDir . '/src/Databases/Events/Delete.php',
|
91 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\EntryVO' => $baseDir . '/src/Databases/Events/EntryVO.php',
|
@@ -93,6 +89,13 @@ return array(
|
|
93 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\Insert' => $baseDir . '/src/Databases/Events/Insert.php',
|
94 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\Select' => $baseDir . '/src/Databases/Events/Select.php',
|
95 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\Update' => $baseDir . '/src/Databases/Events/Update.php',
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
96 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\GeoIp\\BaseGeoIp' => $baseDir . '/src/Databases/GeoIp/BaseGeoIp.php',
|
97 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\GeoIp\\Delete' => $baseDir . '/src/Databases/GeoIp/Delete.php',
|
98 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\GeoIp\\EntryVO' => $baseDir . '/src/Databases/GeoIp/EntryVO.php',
|
@@ -106,6 +109,13 @@ return array(
|
|
106 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\IPs\\Insert' => $baseDir . '/src/Databases/IPs/Insert.php',
|
107 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\IPs\\Select' => $baseDir . '/src/Databases/IPs/Select.php',
|
108 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\IPs\\Update' => $baseDir . '/src/Databases/IPs/Update.php',
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
109 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ScanQueue\\Common' => $baseDir . '/src/Databases/ScanQueue/Common.php',
|
110 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ScanQueue\\Delete' => $baseDir . '/src/Databases/ScanQueue/Delete.php',
|
111 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ScanQueue\\EntryVO' => $baseDir . '/src/Databases/ScanQueue/EntryVO.php',
|
@@ -138,7 +148,6 @@ return array(
|
|
138 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Traffic\\Handler' => $baseDir . '/src/Databases/Traffic/Handler.php',
|
139 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Traffic\\Insert' => $baseDir . '/src/Databases/Traffic/Insert.php',
|
140 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Traffic\\Select' => $baseDir . '/src/Databases/Traffic/Select.php',
|
141 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Deprecated\\Foundation' => $baseDir . '/src/Deprecated/Foundation.php',
|
142 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\License\\EddLicenseVO' => $baseDir . '/src/License/EddLicenseVO.php',
|
143 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\AuditTrail\\AjaxHandler' => $baseDir . '/src/Modules/AuditTrail/AjaxHandler.php',
|
144 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\AuditTrail\\Auditors\\Base' => $baseDir . '/src/Modules/AuditTrail/Auditors/Base.php',
|
@@ -162,7 +171,9 @@ return array(
|
|
162 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\AjaxHandlerShield' => $baseDir . '/src/Modules/Base/AjaxHandlerShield.php',
|
163 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\BaseModCon' => $baseDir . '/src/Modules/Base/BaseModCon.php',
|
164 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\BaseProcessor' => $baseDir . '/src/Modules/Base/BaseProcessor.php',
|
|
|
165 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\BaseService' => $baseDir . '/src/Modules/Base/Lib/BaseService.php',
|
|
|
166 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\Options' => $baseDir . '/src/Modules/Base/Options.php',
|
167 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\ShieldOptions' => $baseDir . '/src/Modules/Base/ShieldOptions.php',
|
168 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\Strings' => $baseDir . '/src/Modules/Base/Strings.php',
|
@@ -183,13 +194,31 @@ return array(
|
|
183 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Consolidate\\ConsolidateAllEvents' => $baseDir . '/src/Modules/Events/Consolidate/ConsolidateAllEvents.php',
|
184 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Lib\\EventsListener' => $baseDir . '/src/Modules/Events/Lib/EventsListener.php',
|
185 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Lib\\EventsService' => $baseDir . '/src/Modules/Events/Lib/EventsService.php',
|
|
|
|
|
186 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Lib\\StatsWriter' => $baseDir . '/src/Modules/Events/Lib/StatsWriter.php',
|
187 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Options' => $baseDir . '/src/Modules/Events/Options.php',
|
|
|
188 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Strings' => $baseDir . '/src/Modules/Events/Strings.php',
|
189 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Firewall\\Options' => $baseDir . '/src/Modules/Firewall/Options.php',
|
190 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Firewall\\Strings' => $baseDir . '/src/Modules/Firewall/Strings.php',
|
191 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\GeoIp\\Lookup' => $baseDir . '/src/Modules/GeoIp/Lookup.php',
|
192 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\AjaxHandler' => $baseDir . '/src/Modules/HackGuard/AjaxHandler.php',
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
193 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesForAsset' => $baseDir . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesForAsset.php',
|
194 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesFromApi' => $baseDir . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesFromApi.php',
|
195 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesFromDir' => $baseDir . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesFromDir.php',
|
@@ -207,6 +236,7 @@ return array(
|
|
207 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\StoreAction\\TouchAll' => $baseDir . '/src/Modules/HackGuard/Lib/Snapshots/StoreAction/TouchAll.php',
|
208 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Utility\\FileDownloadHandler' => $baseDir . '/src/Modules/HackGuard/Lib/Utility/FileDownloadHandler.php',
|
209 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Options' => $baseDir . '/src/Modules/HackGuard/Options.php',
|
|
|
210 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Scan\\Controller\\Apc' => $baseDir . '/src/Modules/HackGuard/Scan/Controller/Apc.php',
|
211 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Scan\\Controller\\Base' => $baseDir . '/src/Modules/HackGuard/Scan/Controller/Base.php',
|
212 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Scan\\Controller\\BaseForAssets' => $baseDir . '/src/Modules/HackGuard/Scan/Controller/BaseForAssets.php',
|
@@ -248,6 +278,7 @@ return array(
|
|
248 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\BotTrack\\TrackLoginInvalid' => $baseDir . '/src/Modules/IPs/BotTrack/TrackLoginInvalid.php',
|
249 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\BotTrack\\TrackUserAgent' => $baseDir . '/src/Modules/IPs/BotTrack/TrackUserAgent.php',
|
250 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\BotTrack\\TrackXmlRpc' => $baseDir . '/src/Modules/IPs/BotTrack/TrackXmlRpc.php',
|
|
|
251 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\Components\\IpAddressConsumer' => $baseDir . '/src/Modules/IPs/Components/IpAddressConsumer.php',
|
252 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\Components\\ProcessOffense' => $baseDir . '/src/Modules/IPs/Components/ProcessOffense.php',
|
253 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\Components\\QueryIpBlock' => $baseDir . '/src/Modules/IPs/Components/QueryIpBlock.php',
|
@@ -278,6 +309,24 @@ return array(
|
|
278 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Lockdown\\Strings' => $baseDir . '/src/Modules/Lockdown/Strings.php',
|
279 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\AdminNotices' => $baseDir . '/src/Modules/LoginGuard/AdminNotices.php',
|
280 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\AjaxHandler' => $baseDir . '/src/Modules/LoginGuard/AjaxHandler.php',
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
281 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\CooldownFlagFile' => $baseDir . '/src/Modules/LoginGuard/Lib/CooldownFlagFile.php',
|
282 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\CooldownRedirect' => $baseDir . '/src/Modules/LoginGuard/Lib/CooldownRedirect.php',
|
283 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\TwoFactor\\LoginIntentPage' => $baseDir . '/src/Modules/LoginGuard/Lib/TwoFactor/LoginIntentPage.php',
|
@@ -300,9 +349,28 @@ return array(
|
|
300 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Components\\BadgeWidget' => $baseDir . '/src/Modules/Plugin/Components/BadgeWidget.php',
|
301 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Components\\PluginBadge' => $baseDir . '/src/Modules/Plugin/Components/PluginBadge.php',
|
302 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Components\\SiteGroundPluginCompatibility' => $baseDir . '/src/Modules/Plugin/Components/SiteGroundPluginCompatibility.php',
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
303 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\TourManager' => $baseDir . '/src/Modules/Plugin/Lib/TourManager.php',
|
304 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Options' => $baseDir . '/src/Modules/Plugin/Options.php',
|
305 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Strings' => $baseDir . '/src/Modules/Plugin/Strings.php',
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
306 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\SecurityAdmin\\AdminNotices' => $baseDir . '/src/Modules/SecurityAdmin/AdminNotices.php',
|
307 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\SecurityAdmin\\AjaxHandler' => $baseDir . '/src/Modules/SecurityAdmin/AjaxHandler.php',
|
308 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\SecurityAdmin\\Lib\\Actions\\RemoveSecAdmin' => $baseDir . '/src/Modules/SecurityAdmin/Lib/Actions/RemoveSecAdmin.php',
|
@@ -389,11 +457,6 @@ return array(
|
|
389 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ptg\\Table\\EntryFormatter' => $baseDir . '/src/Scans/Ptg/Table/EntryFormatter.php',
|
390 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ptg\\Utilities\\ItemActionHandler' => $baseDir . '/src/Scans/Ptg/Utilities/ItemActionHandler.php',
|
391 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ptg\\Utilities\\Repair' => $baseDir . '/src/Scans/Ptg/Utilities/Repair.php',
|
392 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Realtime\\Files\\Backup' => $baseDir . '/src/Scans/Realtime/Files/Backup.php',
|
393 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Realtime\\Files\\Process' => $baseDir . '/src/Scans/Realtime/Files/Process.php',
|
394 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Realtime\\Files\\Revert' => $baseDir . '/src/Scans/Realtime/Files/Revert.php',
|
395 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Realtime\\Files\\TestWritable' => $baseDir . '/src/Scans/Realtime/Files/TestWritable.php',
|
396 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Realtime\\Files\\Verify' => $baseDir . '/src/Scans/Realtime/Files/Verify.php',
|
397 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ufc\\BuildFileMap' => $baseDir . '/src/Scans/Ufc/BuildFileMap.php',
|
398 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ufc\\BuildScanAction' => $baseDir . '/src/Scans/Ufc/BuildScanAction.php',
|
399 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ufc\\ConvertVosToResults' => $baseDir . '/src/Scans/Ufc/ConvertVosToResults.php',
|
@@ -427,6 +490,14 @@ return array(
|
|
427 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Wpv\\Utilities\\ItemActionHandler' => $baseDir . '/src/Scans/Wpv/Utilities/ItemActionHandler.php',
|
428 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Wpv\\Utilities\\Repair' => $baseDir . '/src/Scans/Wpv/Utilities/Repair.php',
|
429 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Wpv\\WpVulnDb\\WpVulnVO' => $baseDir . '/src/Scans/Wpv/WpVulnDb/WpVulnVO.php',
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
430 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Tables\\Build\\AdminNotes' => $baseDir . '/src/Tables/Build/AdminNotes.php',
|
431 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Tables\\Build\\AuditTrail' => $baseDir . '/src/Tables/Build/AuditTrail.php',
|
432 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Tables\\Build\\BaseBuild' => $baseDir . '/src/Tables/Build/BaseBuild.php',
|
@@ -462,6 +533,8 @@ return array(
|
|
462 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Users\\ShieldUserMeta' => $baseDir . '/src/Users/ShieldUserMeta.php',
|
463 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\AdminNotices\\Controller' => $baseDir . '/src/Utilities/AdminNotices/Controller.php',
|
464 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\AdminNotices\\NoticeVO' => $baseDir . '/src/Utilities/AdminNotices/NoticeVO.php',
|
|
|
|
|
465 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\ReCaptcha\\TestRequest' => $baseDir . '/src/Utilities/ReCaptcha/TestRequest.php',
|
466 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\ReCaptcha\\WordpressPost' => $baseDir . '/src/Utilities/ReCaptcha/WordpressPost.php',
|
467 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\Tool\\IpListSort' => $baseDir . '/src/Utilities/Tool/IpListSort.php',
|
@@ -474,6 +547,7 @@ return array(
|
|
474 |
'FernleafSystems\\Wordpress\\Services\\Core\\Fs' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Fs.php',
|
475 |
'FernleafSystems\\Wordpress\\Services\\Core\\General' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/General.php',
|
476 |
'FernleafSystems\\Wordpress\\Services\\Core\\Includes' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Includes.php',
|
|
|
477 |
'FernleafSystems\\Wordpress\\Services\\Core\\Plugins' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Plugins.php',
|
478 |
'FernleafSystems\\Wordpress\\Services\\Core\\Post' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Post.php',
|
479 |
'FernleafSystems\\Wordpress\\Services\\Core\\Request' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Request.php',
|
@@ -626,6 +700,7 @@ return array(
|
|
626 |
'ICWP_WPSF_FeatureHandler_Lockdown' => $baseDir . '/../features/lockdown.php',
|
627 |
'ICWP_WPSF_FeatureHandler_LoginProtect' => $baseDir . '/../features/login_protect.php',
|
628 |
'ICWP_WPSF_FeatureHandler_Plugin' => $baseDir . '/../features/plugin.php',
|
|
|
629 |
'ICWP_WPSF_FeatureHandler_Sessions' => $baseDir . '/../features/sessions.php',
|
630 |
'ICWP_WPSF_FeatureHandler_Traffic' => $baseDir . '/../features/traffic.php',
|
631 |
'ICWP_WPSF_FeatureHandler_UserManagement' => $baseDir . '/../features/user_management.php',
|
@@ -645,7 +720,6 @@ return array(
|
|
645 |
'ICWP_WPSF_Processor_HackProtect_Integrity' => $baseDir . '/../processors/hackprotect_integrity.php',
|
646 |
'ICWP_WPSF_Processor_HackProtect_Mal' => $baseDir . '/../processors/hackprotect_scan_mal.php',
|
647 |
'ICWP_WPSF_Processor_HackProtect_Ptg' => $baseDir . '/../processors/hackprotect_scan_ptg.php',
|
648 |
-
'ICWP_WPSF_Processor_HackProtect_Realtime' => $baseDir . '/../processors/hackprotect_realtime.php',
|
649 |
'ICWP_WPSF_Processor_HackProtect_Scanner' => $baseDir . '/../processors/hackprotect_scanner.php',
|
650 |
'ICWP_WPSF_Processor_HackProtect_Ufc' => $baseDir . '/../processors/hackprotect_scan_ufc.php',
|
651 |
'ICWP_WPSF_Processor_HackProtect_Wcf' => $baseDir . '/../processors/hackprotect_scan_wcf.php',
|
@@ -657,7 +731,6 @@ return array(
|
|
657 |
'ICWP_WPSF_Processor_Lockdown' => $baseDir . '/../processors/lockdown.php',
|
658 |
'ICWP_WPSF_Processor_LoginProtect' => $baseDir . '/../processors/login_protect.php',
|
659 |
'ICWP_WPSF_Processor_LoginProtect_Base' => $baseDir . '/../processors/loginprotect_base.php',
|
660 |
-
'ICWP_WPSF_Processor_LoginProtect_Cooldown' => $baseDir . '/../processors/loginprotect_cooldown.php',
|
661 |
'ICWP_WPSF_Processor_LoginProtect_Gasp' => $baseDir . '/../processors/loginprotect_gasp.php',
|
662 |
'ICWP_WPSF_Processor_LoginProtect_GoogleRecaptcha' => $baseDir . '/../processors/loginprotect_googlerecaptcha.php',
|
663 |
'ICWP_WPSF_Processor_LoginProtect_WpLogin' => $baseDir . '/../processors/loginprotect_wplogin.php',
|
@@ -667,7 +740,6 @@ return array(
|
|
667 |
'ICWP_WPSF_Processor_ScanBase' => $baseDir . '/../processors/hackprotect_scan_base.php',
|
668 |
'ICWP_WPSF_Processor_Sessions' => $baseDir . '/../processors/sessions.php',
|
669 |
'ICWP_WPSF_Processor_Traffic' => $baseDir . '/../processors/traffic.php',
|
670 |
-
'ICWP_WPSF_Processor_TrafficLogger' => $baseDir . '/../processors/traffic_logger.php',
|
671 |
'ICWP_WPSF_Processor_UserManagement' => $baseDir . '/../processors/user_management.php',
|
672 |
'ICWP_WPSF_Processor_UserManagement_Passwords' => $baseDir . '/../processors/usermanagement_passwords.php',
|
673 |
'ICWP_WPSF_Processor_UserManagement_Sessions' => $baseDir . '/../processors/usermanagement_sessions.php',
|
24 |
'Elliotchance\\Iterator\\PagedIterator2' => $vendorDir . '/elliotchance/iterator/tests/Elliotchance/Iterator/PagedIteratorTest.php',
|
25 |
'Elliotchance\\Iterator\\PagedIteratorTest' => $vendorDir . '/elliotchance/iterator/tests/Elliotchance/Iterator/PagedIteratorTest.php',
|
26 |
'FernleafSystems\\Utilities\\Data\\Adapter\\StdClassAdapter' => $vendorDir . '/fernleafsystems/utilities/src/Data/Adapter/StdClassAdapter.php',
|
27 |
+
'FernleafSystems\\Utilities\\Logic\\OneTimeExecute' => $vendorDir . '/fernleafsystems/utilities/src/Logic/OneTimeExecute.php',
|
28 |
'FernleafSystems\\Utilities\\Response' => $vendorDir . '/fernleafsystems/utilities/src/Response.php',
|
29 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ChangeTrack\\Diff\\Base' => $baseDir . '/src/ChangeTrack/Diff/Base.php',
|
30 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ChangeTrack\\Diff\\DiffComments' => $baseDir . '/src/ChangeTrack/Diff/DiffComments.php',
|
82 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ChangeTracking\\Insert' => $baseDir . '/src/Databases/ChangeTracking/Insert.php',
|
83 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ChangeTracking\\Select' => $baseDir . '/src/Databases/ChangeTracking/Select.php',
|
84 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ChangeTracking\\Update' => $baseDir . '/src/Databases/ChangeTracking/Update.php',
|
|
|
|
|
|
|
|
|
|
|
85 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\Common' => $baseDir . '/src/Databases/Events/Common.php',
|
86 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\Delete' => $baseDir . '/src/Databases/Events/Delete.php',
|
87 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\EntryVO' => $baseDir . '/src/Databases/Events/EntryVO.php',
|
89 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\Insert' => $baseDir . '/src/Databases/Events/Insert.php',
|
90 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\Select' => $baseDir . '/src/Databases/Events/Select.php',
|
91 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\Update' => $baseDir . '/src/Databases/Events/Update.php',
|
92 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\FileLocker\\Common' => $baseDir . '/src/Databases/FileLocker/Common.php',
|
93 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\FileLocker\\Delete' => $baseDir . '/src/Databases/FileLocker/Delete.php',
|
94 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\FileLocker\\EntryVO' => $baseDir . '/src/Databases/FileLocker/EntryVO.php',
|
95 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\FileLocker\\Handler' => $baseDir . '/src/Databases/FileLocker/Handler.php',
|
96 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\FileLocker\\Insert' => $baseDir . '/src/Databases/FileLocker/Insert.php',
|
97 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\FileLocker\\Select' => $baseDir . '/src/Databases/FileLocker/Select.php',
|
98 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\FileLocker\\Update' => $baseDir . '/src/Databases/FileLocker/Update.php',
|
99 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\GeoIp\\BaseGeoIp' => $baseDir . '/src/Databases/GeoIp/BaseGeoIp.php',
|
100 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\GeoIp\\Delete' => $baseDir . '/src/Databases/GeoIp/Delete.php',
|
101 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\GeoIp\\EntryVO' => $baseDir . '/src/Databases/GeoIp/EntryVO.php',
|
109 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\IPs\\Insert' => $baseDir . '/src/Databases/IPs/Insert.php',
|
110 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\IPs\\Select' => $baseDir . '/src/Databases/IPs/Select.php',
|
111 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\IPs\\Update' => $baseDir . '/src/Databases/IPs/Update.php',
|
112 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Reports\\Common' => $baseDir . '/src/Databases/Reports/Common.php',
|
113 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Reports\\Delete' => $baseDir . '/src/Databases/Reports/Delete.php',
|
114 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Reports\\EntryVO' => $baseDir . '/src/Databases/Reports/EntryVO.php',
|
115 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Reports\\Handler' => $baseDir . '/src/Databases/Reports/Handler.php',
|
116 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Reports\\Insert' => $baseDir . '/src/Databases/Reports/Insert.php',
|
117 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Reports\\Select' => $baseDir . '/src/Databases/Reports/Select.php',
|
118 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Reports\\Update' => $baseDir . '/src/Databases/Reports/Update.php',
|
119 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ScanQueue\\Common' => $baseDir . '/src/Databases/ScanQueue/Common.php',
|
120 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ScanQueue\\Delete' => $baseDir . '/src/Databases/ScanQueue/Delete.php',
|
121 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ScanQueue\\EntryVO' => $baseDir . '/src/Databases/ScanQueue/EntryVO.php',
|
148 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Traffic\\Handler' => $baseDir . '/src/Databases/Traffic/Handler.php',
|
149 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Traffic\\Insert' => $baseDir . '/src/Databases/Traffic/Insert.php',
|
150 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Traffic\\Select' => $baseDir . '/src/Databases/Traffic/Select.php',
|
|
|
151 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\License\\EddLicenseVO' => $baseDir . '/src/License/EddLicenseVO.php',
|
152 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\AuditTrail\\AjaxHandler' => $baseDir . '/src/Modules/AuditTrail/AjaxHandler.php',
|
153 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\AuditTrail\\Auditors\\Base' => $baseDir . '/src/Modules/AuditTrail/Auditors/Base.php',
|
171 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\AjaxHandlerShield' => $baseDir . '/src/Modules/Base/AjaxHandlerShield.php',
|
172 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\BaseModCon' => $baseDir . '/src/Modules/Base/BaseModCon.php',
|
173 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\BaseProcessor' => $baseDir . '/src/Modules/Base/BaseProcessor.php',
|
174 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\BaseReporting' => $baseDir . '/src/Modules/Base/BaseReporting.php',
|
175 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\BaseService' => $baseDir . '/src/Modules/Base/Lib/BaseService.php',
|
176 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\OneTimeExecute' => $baseDir . '/src/Modules/Base/OneTimeExecute.php',
|
177 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\Options' => $baseDir . '/src/Modules/Base/Options.php',
|
178 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\ShieldOptions' => $baseDir . '/src/Modules/Base/ShieldOptions.php',
|
179 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\Strings' => $baseDir . '/src/Modules/Base/Strings.php',
|
194 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Consolidate\\ConsolidateAllEvents' => $baseDir . '/src/Modules/Events/Consolidate/ConsolidateAllEvents.php',
|
195 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Lib\\EventsListener' => $baseDir . '/src/Modules/Events/Lib/EventsListener.php',
|
196 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Lib\\EventsService' => $baseDir . '/src/Modules/Events/Lib/EventsService.php',
|
197 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Lib\\Reports\\KeyStats' => $baseDir . '/src/Modules/Events/Lib/Reports/KeyStats.php',
|
198 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Lib\\Reports\\ScanRepairs' => $baseDir . '/src/Modules/Events/Lib/Reports/ScanRepairs.php',
|
199 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Lib\\StatsWriter' => $baseDir . '/src/Modules/Events/Lib/StatsWriter.php',
|
200 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Options' => $baseDir . '/src/Modules/Events/Options.php',
|
201 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Reporting' => $baseDir . '/src/Modules/Events/Reporting.php',
|
202 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Strings' => $baseDir . '/src/Modules/Events/Strings.php',
|
203 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Firewall\\Options' => $baseDir . '/src/Modules/Firewall/Options.php',
|
204 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Firewall\\Strings' => $baseDir . '/src/Modules/Firewall/Strings.php',
|
205 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\GeoIp\\Lookup' => $baseDir . '/src/Modules/GeoIp/Lookup.php',
|
206 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\AjaxHandler' => $baseDir . '/src/Modules/HackGuard/AjaxHandler.php',
|
207 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\File' => $baseDir . '/src/Modules/HackGuard/Lib/FileLocker/File.php',
|
208 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\FileLockerController' => $baseDir . '/src/Modules/HackGuard/Lib/FileLocker/FileLockerController.php',
|
209 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\Accept' => $baseDir . '/src/Modules/HackGuard/Lib/FileLocker/Ops/Accept.php',
|
210 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\AssessLocks' => $baseDir . '/src/Modules/HackGuard/Lib/FileLocker/Ops/AssessLocks.php',
|
211 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\BaseOps' => $baseDir . '/src/Modules/HackGuard/Lib/FileLocker/Ops/BaseOps.php',
|
212 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\BuildEncryptedFilePayload' => $baseDir . '/src/Modules/HackGuard/Lib/FileLocker/Ops/BuildEncryptedFilePayload.php',
|
213 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\CreateFileLocks' => $baseDir . '/src/Modules/HackGuard/Lib/FileLocker/Ops/CreateFileLocks.php',
|
214 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\DeleteFileLock' => $baseDir . '/src/Modules/HackGuard/Lib/FileLocker/Ops/DeleteFileLock.php',
|
215 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\LoadFileLocks' => $baseDir . '/src/Modules/HackGuard/Lib/FileLocker/Ops/LoadFileLocks.php',
|
216 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\PerformAction' => $baseDir . '/src/Modules/HackGuard/Lib/FileLocker/Ops/PerformAction.php',
|
217 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\ReadOriginalFileContent' => $baseDir . '/src/Modules/HackGuard/Lib/FileLocker/Ops/ReadOriginalFileContent.php',
|
218 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\Restore' => $baseDir . '/src/Modules/HackGuard/Lib/FileLocker/Ops/Restore.php',
|
219 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\Verify' => $baseDir . '/src/Modules/HackGuard/Lib/FileLocker/Ops/Verify.php',
|
220 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Reports\\FileLockerAlerts' => $baseDir . '/src/Modules/HackGuard/Lib/Reports/FileLockerAlerts.php',
|
221 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Reports\\ScanAlerts' => $baseDir . '/src/Modules/HackGuard/Lib/Reports/ScanAlerts.php',
|
222 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesForAsset' => $baseDir . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesForAsset.php',
|
223 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesFromApi' => $baseDir . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesFromApi.php',
|
224 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesFromDir' => $baseDir . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesFromDir.php',
|
236 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\StoreAction\\TouchAll' => $baseDir . '/src/Modules/HackGuard/Lib/Snapshots/StoreAction/TouchAll.php',
|
237 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Utility\\FileDownloadHandler' => $baseDir . '/src/Modules/HackGuard/Lib/Utility/FileDownloadHandler.php',
|
238 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Options' => $baseDir . '/src/Modules/HackGuard/Options.php',
|
239 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Reporting' => $baseDir . '/src/Modules/HackGuard/Reporting.php',
|
240 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Scan\\Controller\\Apc' => $baseDir . '/src/Modules/HackGuard/Scan/Controller/Apc.php',
|
241 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Scan\\Controller\\Base' => $baseDir . '/src/Modules/HackGuard/Scan/Controller/Base.php',
|
242 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Scan\\Controller\\BaseForAssets' => $baseDir . '/src/Modules/HackGuard/Scan/Controller/BaseForAssets.php',
|
278 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\BotTrack\\TrackLoginInvalid' => $baseDir . '/src/Modules/IPs/BotTrack/TrackLoginInvalid.php',
|
279 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\BotTrack\\TrackUserAgent' => $baseDir . '/src/Modules/IPs/BotTrack/TrackUserAgent.php',
|
280 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\BotTrack\\TrackXmlRpc' => $baseDir . '/src/Modules/IPs/BotTrack/TrackXmlRpc.php',
|
281 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\Components\\ImportIpsFromFile' => $baseDir . '/src/Modules/IPs/Components/ImportIpsFromFile.php',
|
282 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\Components\\IpAddressConsumer' => $baseDir . '/src/Modules/IPs/Components/IpAddressConsumer.php',
|
283 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\Components\\ProcessOffense' => $baseDir . '/src/Modules/IPs/Components/ProcessOffense.php',
|
284 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\Components\\QueryIpBlock' => $baseDir . '/src/Modules/IPs/Components/QueryIpBlock.php',
|
309 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Lockdown\\Strings' => $baseDir . '/src/Modules/Lockdown/Strings.php',
|
310 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\AdminNotices' => $baseDir . '/src/Modules/LoginGuard/AdminNotices.php',
|
311 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\AjaxHandler' => $baseDir . '/src/Modules/LoginGuard/AjaxHandler.php',
|
312 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\AntibotSetup' => $baseDir . '/src/Modules/LoginGuard/Lib/AntiBot/AntibotSetup.php',
|
313 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\BaseFormProvider' => $baseDir . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/BaseFormProvider.php',
|
314 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\BuddyPress' => $baseDir . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/BuddyPress.php',
|
315 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\EasyDigitalDownloads' => $baseDir . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/EasyDigitalDownloads.php',
|
316 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\LearnPress' => $baseDir . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/LearnPress.php',
|
317 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\MemberPress' => $baseDir . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/MemberPress.php',
|
318 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\PaidMemberSubscriptions' => $baseDir . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/PaidMemberSubscriptions.php',
|
319 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\ProfileBuilder' => $baseDir . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/ProfileBuilder.php',
|
320 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\UltimateMember' => $baseDir . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/UltimateMember.php',
|
321 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\UserRegistration' => $baseDir . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/UserRegistration.php',
|
322 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\WooCommerce' => $baseDir . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/WooCommerce.php',
|
323 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\WordPress' => $baseDir . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/WordPress.php',
|
324 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\IncludeJs' => $baseDir . '/src/Modules/LoginGuard/Lib/AntiBot/IncludeJs.php',
|
325 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\ProtectionProviders\\BaseProtectionProvider' => $baseDir . '/src/Modules/LoginGuard/Lib/AntiBot/ProtectionProviders/BaseProtectionProvider.php',
|
326 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\ProtectionProviders\\CoolDown' => $baseDir . '/src/Modules/LoginGuard/Lib/AntiBot/ProtectionProviders/CoolDown.php',
|
327 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\ProtectionProviders\\GaspJs' => $baseDir . '/src/Modules/LoginGuard/Lib/AntiBot/ProtectionProviders/GaspJs.php',
|
328 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\ProtectionProviders\\GoogleRecaptcha' => $baseDir . '/src/Modules/LoginGuard/Lib/AntiBot/ProtectionProviders/GoogleRecaptcha.php',
|
329 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\ProtectionProviders\\HCaptcha' => $baseDir . '/src/Modules/LoginGuard/Lib/AntiBot/ProtectionProviders/HCaptcha.php',
|
330 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\CooldownFlagFile' => $baseDir . '/src/Modules/LoginGuard/Lib/CooldownFlagFile.php',
|
331 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\CooldownRedirect' => $baseDir . '/src/Modules/LoginGuard/Lib/CooldownRedirect.php',
|
332 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\TwoFactor\\LoginIntentPage' => $baseDir . '/src/Modules/LoginGuard/Lib/TwoFactor/LoginIntentPage.php',
|
349 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Components\\BadgeWidget' => $baseDir . '/src/Modules/Plugin/Components/BadgeWidget.php',
|
350 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Components\\PluginBadge' => $baseDir . '/src/Modules/Plugin/Components/PluginBadge.php',
|
351 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Components\\SiteGroundPluginCompatibility' => $baseDir . '/src/Modules/Plugin/Components/SiteGroundPluginCompatibility.php',
|
352 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\Captcha\\CaptchaConfigVO' => $baseDir . '/src/Modules/Plugin/Lib/Captcha/CaptchaConfigVO.php',
|
353 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\Captcha\\CheckCaptchaSettings' => $baseDir . '/src/Modules/Plugin/Lib/Captcha/CheckCaptchaSettings.php',
|
354 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\Debug\\Collate' => $baseDir . '/src/Modules/Plugin/Lib/Debug/Collate.php',
|
355 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\ImportExport\\Export' => $baseDir . '/src/Modules/Plugin/Lib/ImportExport/Export.php',
|
356 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\ImportExport\\Import' => $baseDir . '/src/Modules/Plugin/Lib/ImportExport/Import.php',
|
357 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\ImportExport\\ImportExportController' => $baseDir . '/src/Modules/Plugin/Lib/ImportExport/ImportExportController.php',
|
358 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\ImportExport\\NotifyWhitelist' => $baseDir . '/src/Modules/Plugin/Lib/ImportExport/NotifyWhitelist.php',
|
359 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\ImportExport\\Options\\BuildTransferableOptions' => $baseDir . '/src/Modules/Plugin/Lib/ImportExport/Options/BuildTransferableOptions.php',
|
360 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\ImportExport\\Options\\SaveExcludedOptions' => $baseDir . '/src/Modules/Plugin/Lib/ImportExport/Options/SaveExcludedOptions.php',
|
361 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\TestCacheDirWrite' => $baseDir . '/src/Modules/Plugin/Lib/TestCacheDirWrite.php',
|
362 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\TourManager' => $baseDir . '/src/Modules/Plugin/Lib/TourManager.php',
|
363 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Options' => $baseDir . '/src/Modules/Plugin/Options.php',
|
364 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Strings' => $baseDir . '/src/Modules/Plugin/Strings.php',
|
365 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Reporting\\Lib\\ReportingController' => $baseDir . '/src/Modules/Reporting/Lib/ReportingController.php',
|
366 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Reporting\\Lib\\Reports\\BaseReporter' => $baseDir . '/src/Modules/Reporting/Lib/Reports/BaseReporter.php',
|
367 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Reporting\\Lib\\Reports\\Build\\BaseBuilder' => $baseDir . '/src/Modules/Reporting/Lib/Reports/Build/BaseBuilder.php',
|
368 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Reporting\\Lib\\Reports\\Build\\BuilderAlerts' => $baseDir . '/src/Modules/Reporting/Lib/Reports/Build/BuilderAlerts.php',
|
369 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Reporting\\Lib\\Reports\\Build\\BuilderInfo' => $baseDir . '/src/Modules/Reporting/Lib/Reports/Build/BuilderInfo.php',
|
370 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Reporting\\Lib\\Reports\\CreateReportVO' => $baseDir . '/src/Modules/Reporting/Lib/Reports/CreateReportVO.php',
|
371 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Reporting\\Lib\\Reports\\ReportVO' => $baseDir . '/src/Modules/Reporting/Lib/Reports/ReportVO.php',
|
372 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Reporting\\Options' => $baseDir . '/src/Modules/Reporting/Options.php',
|
373 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Reporting\\Strings' => $baseDir . '/src/Modules/Reporting/Strings.php',
|
374 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\SecurityAdmin\\AdminNotices' => $baseDir . '/src/Modules/SecurityAdmin/AdminNotices.php',
|
375 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\SecurityAdmin\\AjaxHandler' => $baseDir . '/src/Modules/SecurityAdmin/AjaxHandler.php',
|
376 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\SecurityAdmin\\Lib\\Actions\\RemoveSecAdmin' => $baseDir . '/src/Modules/SecurityAdmin/Lib/Actions/RemoveSecAdmin.php',
|
457 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ptg\\Table\\EntryFormatter' => $baseDir . '/src/Scans/Ptg/Table/EntryFormatter.php',
|
458 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ptg\\Utilities\\ItemActionHandler' => $baseDir . '/src/Scans/Ptg/Utilities/ItemActionHandler.php',
|
459 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ptg\\Utilities\\Repair' => $baseDir . '/src/Scans/Ptg/Utilities/Repair.php',
|
|
|
|
|
|
|
|
|
|
|
460 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ufc\\BuildFileMap' => $baseDir . '/src/Scans/Ufc/BuildFileMap.php',
|
461 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ufc\\BuildScanAction' => $baseDir . '/src/Scans/Ufc/BuildScanAction.php',
|
462 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ufc\\ConvertVosToResults' => $baseDir . '/src/Scans/Ufc/ConvertVosToResults.php',
|
490 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Wpv\\Utilities\\ItemActionHandler' => $baseDir . '/src/Scans/Wpv/Utilities/ItemActionHandler.php',
|
491 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Wpv\\Utilities\\Repair' => $baseDir . '/src/Scans/Wpv/Utilities/Repair.php',
|
492 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Wpv\\WpVulnDb\\WpVulnVO' => $baseDir . '/src/Scans/Wpv/WpVulnDb/WpVulnVO.php',
|
493 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ShieldNetApi\\Common\\BaseApi' => $baseDir . '/src/ShieldNetApi/Common/BaseApi.php',
|
494 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ShieldNetApi\\Common\\BaseShieldNetApi' => $baseDir . '/src/ShieldNetApi/Common/BaseShieldNetApi.php',
|
495 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ShieldNetApi\\FileLocker\\DecryptFile' => $baseDir . '/src/ShieldNetApi/FileLocker/DecryptFile.php',
|
496 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ShieldNetApi\\FileLocker\\GetPublicKey' => $baseDir . '/src/ShieldNetApi/FileLocker/GetPublicKey.php',
|
497 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ShieldNetApi\\Handshake\\Verify' => $baseDir . '/src/ShieldNetApi/Handshake/Verify.php',
|
498 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ShieldNetApi\\HandshakingNonce' => $baseDir . '/src/ShieldNetApi/HandshakingNonce.php',
|
499 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ShieldNetApi\\ShieldNetApiController' => $baseDir . '/src/ShieldNetApi/ShieldNetApiController.php',
|
500 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ShieldNetApi\\ShieldNetApiDataVO' => $baseDir . '/src/ShieldNetApi/ShieldNetApiDataVO.php',
|
501 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Tables\\Build\\AdminNotes' => $baseDir . '/src/Tables/Build/AdminNotes.php',
|
502 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Tables\\Build\\AuditTrail' => $baseDir . '/src/Tables/Build/AuditTrail.php',
|
503 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Tables\\Build\\BaseBuild' => $baseDir . '/src/Tables/Build/BaseBuild.php',
|
533 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Users\\ShieldUserMeta' => $baseDir . '/src/Users/ShieldUserMeta.php',
|
534 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\AdminNotices\\Controller' => $baseDir . '/src/Utilities/AdminNotices/Controller.php',
|
535 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\AdminNotices\\NoticeVO' => $baseDir . '/src/Utilities/AdminNotices/NoticeVO.php',
|
536 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\HCaptcha\\TestRequest' => $baseDir . '/src/Utilities/HCaptcha/TestRequest.php',
|
537 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\ReCaptcha\\Enqueue' => $baseDir . '/src/Utilities/ReCaptcha/Enqueue.php',
|
538 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\ReCaptcha\\TestRequest' => $baseDir . '/src/Utilities/ReCaptcha/TestRequest.php',
|
539 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\ReCaptcha\\WordpressPost' => $baseDir . '/src/Utilities/ReCaptcha/WordpressPost.php',
|
540 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\Tool\\IpListSort' => $baseDir . '/src/Utilities/Tool/IpListSort.php',
|
547 |
'FernleafSystems\\Wordpress\\Services\\Core\\Fs' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Fs.php',
|
548 |
'FernleafSystems\\Wordpress\\Services\\Core\\General' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/General.php',
|
549 |
'FernleafSystems\\Wordpress\\Services\\Core\\Includes' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Includes.php',
|
550 |
+
'FernleafSystems\\Wordpress\\Services\\Core\\Nonce' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Nonce.php',
|
551 |
'FernleafSystems\\Wordpress\\Services\\Core\\Plugins' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Plugins.php',
|
552 |
'FernleafSystems\\Wordpress\\Services\\Core\\Post' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Post.php',
|
553 |
'FernleafSystems\\Wordpress\\Services\\Core\\Request' => $vendorDir . '/fernleafsystems/wordpress-services/src/Core/Request.php',
|
700 |
'ICWP_WPSF_FeatureHandler_Lockdown' => $baseDir . '/../features/lockdown.php',
|
701 |
'ICWP_WPSF_FeatureHandler_LoginProtect' => $baseDir . '/../features/login_protect.php',
|
702 |
'ICWP_WPSF_FeatureHandler_Plugin' => $baseDir . '/../features/plugin.php',
|
703 |
+
'ICWP_WPSF_FeatureHandler_Reporting' => $baseDir . '/../features/reporting.php',
|
704 |
'ICWP_WPSF_FeatureHandler_Sessions' => $baseDir . '/../features/sessions.php',
|
705 |
'ICWP_WPSF_FeatureHandler_Traffic' => $baseDir . '/../features/traffic.php',
|
706 |
'ICWP_WPSF_FeatureHandler_UserManagement' => $baseDir . '/../features/user_management.php',
|
720 |
'ICWP_WPSF_Processor_HackProtect_Integrity' => $baseDir . '/../processors/hackprotect_integrity.php',
|
721 |
'ICWP_WPSF_Processor_HackProtect_Mal' => $baseDir . '/../processors/hackprotect_scan_mal.php',
|
722 |
'ICWP_WPSF_Processor_HackProtect_Ptg' => $baseDir . '/../processors/hackprotect_scan_ptg.php',
|
|
|
723 |
'ICWP_WPSF_Processor_HackProtect_Scanner' => $baseDir . '/../processors/hackprotect_scanner.php',
|
724 |
'ICWP_WPSF_Processor_HackProtect_Ufc' => $baseDir . '/../processors/hackprotect_scan_ufc.php',
|
725 |
'ICWP_WPSF_Processor_HackProtect_Wcf' => $baseDir . '/../processors/hackprotect_scan_wcf.php',
|
731 |
'ICWP_WPSF_Processor_Lockdown' => $baseDir . '/../processors/lockdown.php',
|
732 |
'ICWP_WPSF_Processor_LoginProtect' => $baseDir . '/../processors/login_protect.php',
|
733 |
'ICWP_WPSF_Processor_LoginProtect_Base' => $baseDir . '/../processors/loginprotect_base.php',
|
|
|
734 |
'ICWP_WPSF_Processor_LoginProtect_Gasp' => $baseDir . '/../processors/loginprotect_gasp.php',
|
735 |
'ICWP_WPSF_Processor_LoginProtect_GoogleRecaptcha' => $baseDir . '/../processors/loginprotect_googlerecaptcha.php',
|
736 |
'ICWP_WPSF_Processor_LoginProtect_WpLogin' => $baseDir . '/../processors/loginprotect_wplogin.php',
|
740 |
'ICWP_WPSF_Processor_ScanBase' => $baseDir . '/../processors/hackprotect_scan_base.php',
|
741 |
'ICWP_WPSF_Processor_Sessions' => $baseDir . '/../processors/sessions.php',
|
742 |
'ICWP_WPSF_Processor_Traffic' => $baseDir . '/../processors/traffic.php',
|
|
|
743 |
'ICWP_WPSF_Processor_UserManagement' => $baseDir . '/../processors/user_management.php',
|
744 |
'ICWP_WPSF_Processor_UserManagement_Passwords' => $baseDir . '/../processors/usermanagement_passwords.php',
|
745 |
'ICWP_WPSF_Processor_UserManagement_Sessions' => $baseDir . '/../processors/usermanagement_sessions.php',
|
src/lib/vendor/composer/autoload_static.php
CHANGED
@@ -173,6 +173,7 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
|
|
173 |
'Elliotchance\\Iterator\\PagedIterator2' => __DIR__ . '/..' . '/elliotchance/iterator/tests/Elliotchance/Iterator/PagedIteratorTest.php',
|
174 |
'Elliotchance\\Iterator\\PagedIteratorTest' => __DIR__ . '/..' . '/elliotchance/iterator/tests/Elliotchance/Iterator/PagedIteratorTest.php',
|
175 |
'FernleafSystems\\Utilities\\Data\\Adapter\\StdClassAdapter' => __DIR__ . '/..' . '/fernleafsystems/utilities/src/Data/Adapter/StdClassAdapter.php',
|
|
|
176 |
'FernleafSystems\\Utilities\\Response' => __DIR__ . '/..' . '/fernleafsystems/utilities/src/Response.php',
|
177 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ChangeTrack\\Diff\\Base' => __DIR__ . '/../..' . '/src/ChangeTrack/Diff/Base.php',
|
178 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ChangeTrack\\Diff\\DiffComments' => __DIR__ . '/../..' . '/src/ChangeTrack/Diff/DiffComments.php',
|
@@ -230,11 +231,6 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
|
|
230 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ChangeTracking\\Insert' => __DIR__ . '/../..' . '/src/Databases/ChangeTracking/Insert.php',
|
231 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ChangeTracking\\Select' => __DIR__ . '/../..' . '/src/Databases/ChangeTracking/Select.php',
|
232 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ChangeTracking\\Update' => __DIR__ . '/../..' . '/src/Databases/ChangeTracking/Update.php',
|
233 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Comments\\Delete' => __DIR__ . '/../..' . '/src/Databases/Comments/Delete.php',
|
234 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Comments\\EntryVO' => __DIR__ . '/../..' . '/src/Databases/Comments/EntryVO.php',
|
235 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Comments\\Handler' => __DIR__ . '/../..' . '/src/Databases/Comments/Handler.php',
|
236 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Comments\\Insert' => __DIR__ . '/../..' . '/src/Databases/Comments/Insert.php',
|
237 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Comments\\Select' => __DIR__ . '/../..' . '/src/Databases/Comments/Select.php',
|
238 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\Common' => __DIR__ . '/../..' . '/src/Databases/Events/Common.php',
|
239 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\Delete' => __DIR__ . '/../..' . '/src/Databases/Events/Delete.php',
|
240 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\EntryVO' => __DIR__ . '/../..' . '/src/Databases/Events/EntryVO.php',
|
@@ -242,6 +238,13 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
|
|
242 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\Insert' => __DIR__ . '/../..' . '/src/Databases/Events/Insert.php',
|
243 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\Select' => __DIR__ . '/../..' . '/src/Databases/Events/Select.php',
|
244 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\Update' => __DIR__ . '/../..' . '/src/Databases/Events/Update.php',
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
245 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\GeoIp\\BaseGeoIp' => __DIR__ . '/../..' . '/src/Databases/GeoIp/BaseGeoIp.php',
|
246 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\GeoIp\\Delete' => __DIR__ . '/../..' . '/src/Databases/GeoIp/Delete.php',
|
247 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\GeoIp\\EntryVO' => __DIR__ . '/../..' . '/src/Databases/GeoIp/EntryVO.php',
|
@@ -255,6 +258,13 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
|
|
255 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\IPs\\Insert' => __DIR__ . '/../..' . '/src/Databases/IPs/Insert.php',
|
256 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\IPs\\Select' => __DIR__ . '/../..' . '/src/Databases/IPs/Select.php',
|
257 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\IPs\\Update' => __DIR__ . '/../..' . '/src/Databases/IPs/Update.php',
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
258 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ScanQueue\\Common' => __DIR__ . '/../..' . '/src/Databases/ScanQueue/Common.php',
|
259 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ScanQueue\\Delete' => __DIR__ . '/../..' . '/src/Databases/ScanQueue/Delete.php',
|
260 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ScanQueue\\EntryVO' => __DIR__ . '/../..' . '/src/Databases/ScanQueue/EntryVO.php',
|
@@ -287,7 +297,6 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
|
|
287 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Traffic\\Handler' => __DIR__ . '/../..' . '/src/Databases/Traffic/Handler.php',
|
288 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Traffic\\Insert' => __DIR__ . '/../..' . '/src/Databases/Traffic/Insert.php',
|
289 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Traffic\\Select' => __DIR__ . '/../..' . '/src/Databases/Traffic/Select.php',
|
290 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Deprecated\\Foundation' => __DIR__ . '/../..' . '/src/Deprecated/Foundation.php',
|
291 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\License\\EddLicenseVO' => __DIR__ . '/../..' . '/src/License/EddLicenseVO.php',
|
292 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\AuditTrail\\AjaxHandler' => __DIR__ . '/../..' . '/src/Modules/AuditTrail/AjaxHandler.php',
|
293 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\AuditTrail\\Auditors\\Base' => __DIR__ . '/../..' . '/src/Modules/AuditTrail/Auditors/Base.php',
|
@@ -311,7 +320,9 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
|
|
311 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\AjaxHandlerShield' => __DIR__ . '/../..' . '/src/Modules/Base/AjaxHandlerShield.php',
|
312 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\BaseModCon' => __DIR__ . '/../..' . '/src/Modules/Base/BaseModCon.php',
|
313 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\BaseProcessor' => __DIR__ . '/../..' . '/src/Modules/Base/BaseProcessor.php',
|
|
|
314 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\BaseService' => __DIR__ . '/../..' . '/src/Modules/Base/Lib/BaseService.php',
|
|
|
315 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\Options' => __DIR__ . '/../..' . '/src/Modules/Base/Options.php',
|
316 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\ShieldOptions' => __DIR__ . '/../..' . '/src/Modules/Base/ShieldOptions.php',
|
317 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\Strings' => __DIR__ . '/../..' . '/src/Modules/Base/Strings.php',
|
@@ -332,13 +343,31 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
|
|
332 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Consolidate\\ConsolidateAllEvents' => __DIR__ . '/../..' . '/src/Modules/Events/Consolidate/ConsolidateAllEvents.php',
|
333 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Lib\\EventsListener' => __DIR__ . '/../..' . '/src/Modules/Events/Lib/EventsListener.php',
|
334 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Lib\\EventsService' => __DIR__ . '/../..' . '/src/Modules/Events/Lib/EventsService.php',
|
|
|
|
|
335 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Lib\\StatsWriter' => __DIR__ . '/../..' . '/src/Modules/Events/Lib/StatsWriter.php',
|
336 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Options' => __DIR__ . '/../..' . '/src/Modules/Events/Options.php',
|
|
|
337 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Strings' => __DIR__ . '/../..' . '/src/Modules/Events/Strings.php',
|
338 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Firewall\\Options' => __DIR__ . '/../..' . '/src/Modules/Firewall/Options.php',
|
339 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Firewall\\Strings' => __DIR__ . '/../..' . '/src/Modules/Firewall/Strings.php',
|
340 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\GeoIp\\Lookup' => __DIR__ . '/../..' . '/src/Modules/GeoIp/Lookup.php',
|
341 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\AjaxHandler' => __DIR__ . '/../..' . '/src/Modules/HackGuard/AjaxHandler.php',
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
342 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesForAsset' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesForAsset.php',
|
343 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesFromApi' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesFromApi.php',
|
344 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesFromDir' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesFromDir.php',
|
@@ -356,6 +385,7 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
|
|
356 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\StoreAction\\TouchAll' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Snapshots/StoreAction/TouchAll.php',
|
357 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Utility\\FileDownloadHandler' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Utility/FileDownloadHandler.php',
|
358 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Options' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Options.php',
|
|
|
359 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Scan\\Controller\\Apc' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Scan/Controller/Apc.php',
|
360 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Scan\\Controller\\Base' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Scan/Controller/Base.php',
|
361 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Scan\\Controller\\BaseForAssets' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Scan/Controller/BaseForAssets.php',
|
@@ -397,6 +427,7 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
|
|
397 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\BotTrack\\TrackLoginInvalid' => __DIR__ . '/../..' . '/src/Modules/IPs/BotTrack/TrackLoginInvalid.php',
|
398 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\BotTrack\\TrackUserAgent' => __DIR__ . '/../..' . '/src/Modules/IPs/BotTrack/TrackUserAgent.php',
|
399 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\BotTrack\\TrackXmlRpc' => __DIR__ . '/../..' . '/src/Modules/IPs/BotTrack/TrackXmlRpc.php',
|
|
|
400 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\Components\\IpAddressConsumer' => __DIR__ . '/../..' . '/src/Modules/IPs/Components/IpAddressConsumer.php',
|
401 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\Components\\ProcessOffense' => __DIR__ . '/../..' . '/src/Modules/IPs/Components/ProcessOffense.php',
|
402 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\Components\\QueryIpBlock' => __DIR__ . '/../..' . '/src/Modules/IPs/Components/QueryIpBlock.php',
|
@@ -427,6 +458,24 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
|
|
427 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Lockdown\\Strings' => __DIR__ . '/../..' . '/src/Modules/Lockdown/Strings.php',
|
428 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\AdminNotices' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/AdminNotices.php',
|
429 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\AjaxHandler' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/AjaxHandler.php',
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
430 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\CooldownFlagFile' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/CooldownFlagFile.php',
|
431 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\CooldownRedirect' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/CooldownRedirect.php',
|
432 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\TwoFactor\\LoginIntentPage' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/TwoFactor/LoginIntentPage.php',
|
@@ -449,9 +498,28 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
|
|
449 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Components\\BadgeWidget' => __DIR__ . '/../..' . '/src/Modules/Plugin/Components/BadgeWidget.php',
|
450 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Components\\PluginBadge' => __DIR__ . '/../..' . '/src/Modules/Plugin/Components/PluginBadge.php',
|
451 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Components\\SiteGroundPluginCompatibility' => __DIR__ . '/../..' . '/src/Modules/Plugin/Components/SiteGroundPluginCompatibility.php',
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
452 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\TourManager' => __DIR__ . '/../..' . '/src/Modules/Plugin/Lib/TourManager.php',
|
453 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Options' => __DIR__ . '/../..' . '/src/Modules/Plugin/Options.php',
|
454 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Strings' => __DIR__ . '/../..' . '/src/Modules/Plugin/Strings.php',
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
455 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\SecurityAdmin\\AdminNotices' => __DIR__ . '/../..' . '/src/Modules/SecurityAdmin/AdminNotices.php',
|
456 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\SecurityAdmin\\AjaxHandler' => __DIR__ . '/../..' . '/src/Modules/SecurityAdmin/AjaxHandler.php',
|
457 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\SecurityAdmin\\Lib\\Actions\\RemoveSecAdmin' => __DIR__ . '/../..' . '/src/Modules/SecurityAdmin/Lib/Actions/RemoveSecAdmin.php',
|
@@ -538,11 +606,6 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
|
|
538 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ptg\\Table\\EntryFormatter' => __DIR__ . '/../..' . '/src/Scans/Ptg/Table/EntryFormatter.php',
|
539 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ptg\\Utilities\\ItemActionHandler' => __DIR__ . '/../..' . '/src/Scans/Ptg/Utilities/ItemActionHandler.php',
|
540 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ptg\\Utilities\\Repair' => __DIR__ . '/../..' . '/src/Scans/Ptg/Utilities/Repair.php',
|
541 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Realtime\\Files\\Backup' => __DIR__ . '/../..' . '/src/Scans/Realtime/Files/Backup.php',
|
542 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Realtime\\Files\\Process' => __DIR__ . '/../..' . '/src/Scans/Realtime/Files/Process.php',
|
543 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Realtime\\Files\\Revert' => __DIR__ . '/../..' . '/src/Scans/Realtime/Files/Revert.php',
|
544 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Realtime\\Files\\TestWritable' => __DIR__ . '/../..' . '/src/Scans/Realtime/Files/TestWritable.php',
|
545 |
-
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Realtime\\Files\\Verify' => __DIR__ . '/../..' . '/src/Scans/Realtime/Files/Verify.php',
|
546 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ufc\\BuildFileMap' => __DIR__ . '/../..' . '/src/Scans/Ufc/BuildFileMap.php',
|
547 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ufc\\BuildScanAction' => __DIR__ . '/../..' . '/src/Scans/Ufc/BuildScanAction.php',
|
548 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ufc\\ConvertVosToResults' => __DIR__ . '/../..' . '/src/Scans/Ufc/ConvertVosToResults.php',
|
@@ -576,6 +639,14 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
|
|
576 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Wpv\\Utilities\\ItemActionHandler' => __DIR__ . '/../..' . '/src/Scans/Wpv/Utilities/ItemActionHandler.php',
|
577 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Wpv\\Utilities\\Repair' => __DIR__ . '/../..' . '/src/Scans/Wpv/Utilities/Repair.php',
|
578 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Wpv\\WpVulnDb\\WpVulnVO' => __DIR__ . '/../..' . '/src/Scans/Wpv/WpVulnDb/WpVulnVO.php',
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
579 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Tables\\Build\\AdminNotes' => __DIR__ . '/../..' . '/src/Tables/Build/AdminNotes.php',
|
580 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Tables\\Build\\AuditTrail' => __DIR__ . '/../..' . '/src/Tables/Build/AuditTrail.php',
|
581 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Tables\\Build\\BaseBuild' => __DIR__ . '/../..' . '/src/Tables/Build/BaseBuild.php',
|
@@ -611,6 +682,8 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
|
|
611 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Users\\ShieldUserMeta' => __DIR__ . '/../..' . '/src/Users/ShieldUserMeta.php',
|
612 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\AdminNotices\\Controller' => __DIR__ . '/../..' . '/src/Utilities/AdminNotices/Controller.php',
|
613 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\AdminNotices\\NoticeVO' => __DIR__ . '/../..' . '/src/Utilities/AdminNotices/NoticeVO.php',
|
|
|
|
|
614 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\ReCaptcha\\TestRequest' => __DIR__ . '/../..' . '/src/Utilities/ReCaptcha/TestRequest.php',
|
615 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\ReCaptcha\\WordpressPost' => __DIR__ . '/../..' . '/src/Utilities/ReCaptcha/WordpressPost.php',
|
616 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\Tool\\IpListSort' => __DIR__ . '/../..' . '/src/Utilities/Tool/IpListSort.php',
|
@@ -623,6 +696,7 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
|
|
623 |
'FernleafSystems\\Wordpress\\Services\\Core\\Fs' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Fs.php',
|
624 |
'FernleafSystems\\Wordpress\\Services\\Core\\General' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/General.php',
|
625 |
'FernleafSystems\\Wordpress\\Services\\Core\\Includes' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Includes.php',
|
|
|
626 |
'FernleafSystems\\Wordpress\\Services\\Core\\Plugins' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Plugins.php',
|
627 |
'FernleafSystems\\Wordpress\\Services\\Core\\Post' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Post.php',
|
628 |
'FernleafSystems\\Wordpress\\Services\\Core\\Request' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Request.php',
|
@@ -775,6 +849,7 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
|
|
775 |
'ICWP_WPSF_FeatureHandler_Lockdown' => __DIR__ . '/../..' . '/../features/lockdown.php',
|
776 |
'ICWP_WPSF_FeatureHandler_LoginProtect' => __DIR__ . '/../..' . '/../features/login_protect.php',
|
777 |
'ICWP_WPSF_FeatureHandler_Plugin' => __DIR__ . '/../..' . '/../features/plugin.php',
|
|
|
778 |
'ICWP_WPSF_FeatureHandler_Sessions' => __DIR__ . '/../..' . '/../features/sessions.php',
|
779 |
'ICWP_WPSF_FeatureHandler_Traffic' => __DIR__ . '/../..' . '/../features/traffic.php',
|
780 |
'ICWP_WPSF_FeatureHandler_UserManagement' => __DIR__ . '/../..' . '/../features/user_management.php',
|
@@ -794,7 +869,6 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
|
|
794 |
'ICWP_WPSF_Processor_HackProtect_Integrity' => __DIR__ . '/../..' . '/../processors/hackprotect_integrity.php',
|
795 |
'ICWP_WPSF_Processor_HackProtect_Mal' => __DIR__ . '/../..' . '/../processors/hackprotect_scan_mal.php',
|
796 |
'ICWP_WPSF_Processor_HackProtect_Ptg' => __DIR__ . '/../..' . '/../processors/hackprotect_scan_ptg.php',
|
797 |
-
'ICWP_WPSF_Processor_HackProtect_Realtime' => __DIR__ . '/../..' . '/../processors/hackprotect_realtime.php',
|
798 |
'ICWP_WPSF_Processor_HackProtect_Scanner' => __DIR__ . '/../..' . '/../processors/hackprotect_scanner.php',
|
799 |
'ICWP_WPSF_Processor_HackProtect_Ufc' => __DIR__ . '/../..' . '/../processors/hackprotect_scan_ufc.php',
|
800 |
'ICWP_WPSF_Processor_HackProtect_Wcf' => __DIR__ . '/../..' . '/../processors/hackprotect_scan_wcf.php',
|
@@ -806,7 +880,6 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
|
|
806 |
'ICWP_WPSF_Processor_Lockdown' => __DIR__ . '/../..' . '/../processors/lockdown.php',
|
807 |
'ICWP_WPSF_Processor_LoginProtect' => __DIR__ . '/../..' . '/../processors/login_protect.php',
|
808 |
'ICWP_WPSF_Processor_LoginProtect_Base' => __DIR__ . '/../..' . '/../processors/loginprotect_base.php',
|
809 |
-
'ICWP_WPSF_Processor_LoginProtect_Cooldown' => __DIR__ . '/../..' . '/../processors/loginprotect_cooldown.php',
|
810 |
'ICWP_WPSF_Processor_LoginProtect_Gasp' => __DIR__ . '/../..' . '/../processors/loginprotect_gasp.php',
|
811 |
'ICWP_WPSF_Processor_LoginProtect_GoogleRecaptcha' => __DIR__ . '/../..' . '/../processors/loginprotect_googlerecaptcha.php',
|
812 |
'ICWP_WPSF_Processor_LoginProtect_WpLogin' => __DIR__ . '/../..' . '/../processors/loginprotect_wplogin.php',
|
@@ -816,7 +889,6 @@ class ComposerStaticInitfcf2fe1888f1f5fc092770cdc8ef3cf4
|
|
816 |
'ICWP_WPSF_Processor_ScanBase' => __DIR__ . '/../..' . '/../processors/hackprotect_scan_base.php',
|
817 |
'ICWP_WPSF_Processor_Sessions' => __DIR__ . '/../..' . '/../processors/sessions.php',
|
818 |
'ICWP_WPSF_Processor_Traffic' => __DIR__ . '/../..' . '/../processors/traffic.php',
|
819 |
-
'ICWP_WPSF_Processor_TrafficLogger' => __DIR__ . '/../..' . '/../processors/traffic_logger.php',
|
820 |
'ICWP_WPSF_Processor_UserManagement' => __DIR__ . '/../..' . '/../processors/user_management.php',
|
821 |
'ICWP_WPSF_Processor_UserManagement_Passwords' => __DIR__ . '/../..' . '/../processors/usermanagement_passwords.php',
|
822 |
'ICWP_WPSF_Processor_UserManagement_Sessions' => __DIR__ . '/../..' . '/../processors/usermanagement_sessions.php',
|
173 |
'Elliotchance\\Iterator\\PagedIterator2' => __DIR__ . '/..' . '/elliotchance/iterator/tests/Elliotchance/Iterator/PagedIteratorTest.php',
|
174 |
'Elliotchance\\Iterator\\PagedIteratorTest' => __DIR__ . '/..' . '/elliotchance/iterator/tests/Elliotchance/Iterator/PagedIteratorTest.php',
|
175 |
'FernleafSystems\\Utilities\\Data\\Adapter\\StdClassAdapter' => __DIR__ . '/..' . '/fernleafsystems/utilities/src/Data/Adapter/StdClassAdapter.php',
|
176 |
+
'FernleafSystems\\Utilities\\Logic\\OneTimeExecute' => __DIR__ . '/..' . '/fernleafsystems/utilities/src/Logic/OneTimeExecute.php',
|
177 |
'FernleafSystems\\Utilities\\Response' => __DIR__ . '/..' . '/fernleafsystems/utilities/src/Response.php',
|
178 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ChangeTrack\\Diff\\Base' => __DIR__ . '/../..' . '/src/ChangeTrack/Diff/Base.php',
|
179 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ChangeTrack\\Diff\\DiffComments' => __DIR__ . '/../..' . '/src/ChangeTrack/Diff/DiffComments.php',
|
231 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ChangeTracking\\Insert' => __DIR__ . '/../..' . '/src/Databases/ChangeTracking/Insert.php',
|
232 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ChangeTracking\\Select' => __DIR__ . '/../..' . '/src/Databases/ChangeTracking/Select.php',
|
233 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ChangeTracking\\Update' => __DIR__ . '/../..' . '/src/Databases/ChangeTracking/Update.php',
|
|
|
|
|
|
|
|
|
|
|
234 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\Common' => __DIR__ . '/../..' . '/src/Databases/Events/Common.php',
|
235 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\Delete' => __DIR__ . '/../..' . '/src/Databases/Events/Delete.php',
|
236 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\EntryVO' => __DIR__ . '/../..' . '/src/Databases/Events/EntryVO.php',
|
238 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\Insert' => __DIR__ . '/../..' . '/src/Databases/Events/Insert.php',
|
239 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\Select' => __DIR__ . '/../..' . '/src/Databases/Events/Select.php',
|
240 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Events\\Update' => __DIR__ . '/../..' . '/src/Databases/Events/Update.php',
|
241 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\FileLocker\\Common' => __DIR__ . '/../..' . '/src/Databases/FileLocker/Common.php',
|
242 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\FileLocker\\Delete' => __DIR__ . '/../..' . '/src/Databases/FileLocker/Delete.php',
|
243 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\FileLocker\\EntryVO' => __DIR__ . '/../..' . '/src/Databases/FileLocker/EntryVO.php',
|
244 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\FileLocker\\Handler' => __DIR__ . '/../..' . '/src/Databases/FileLocker/Handler.php',
|
245 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\FileLocker\\Insert' => __DIR__ . '/../..' . '/src/Databases/FileLocker/Insert.php',
|
246 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\FileLocker\\Select' => __DIR__ . '/../..' . '/src/Databases/FileLocker/Select.php',
|
247 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\FileLocker\\Update' => __DIR__ . '/../..' . '/src/Databases/FileLocker/Update.php',
|
248 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\GeoIp\\BaseGeoIp' => __DIR__ . '/../..' . '/src/Databases/GeoIp/BaseGeoIp.php',
|
249 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\GeoIp\\Delete' => __DIR__ . '/../..' . '/src/Databases/GeoIp/Delete.php',
|
250 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\GeoIp\\EntryVO' => __DIR__ . '/../..' . '/src/Databases/GeoIp/EntryVO.php',
|
258 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\IPs\\Insert' => __DIR__ . '/../..' . '/src/Databases/IPs/Insert.php',
|
259 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\IPs\\Select' => __DIR__ . '/../..' . '/src/Databases/IPs/Select.php',
|
260 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\IPs\\Update' => __DIR__ . '/../..' . '/src/Databases/IPs/Update.php',
|
261 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Reports\\Common' => __DIR__ . '/../..' . '/src/Databases/Reports/Common.php',
|
262 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Reports\\Delete' => __DIR__ . '/../..' . '/src/Databases/Reports/Delete.php',
|
263 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Reports\\EntryVO' => __DIR__ . '/../..' . '/src/Databases/Reports/EntryVO.php',
|
264 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Reports\\Handler' => __DIR__ . '/../..' . '/src/Databases/Reports/Handler.php',
|
265 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Reports\\Insert' => __DIR__ . '/../..' . '/src/Databases/Reports/Insert.php',
|
266 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Reports\\Select' => __DIR__ . '/../..' . '/src/Databases/Reports/Select.php',
|
267 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Reports\\Update' => __DIR__ . '/../..' . '/src/Databases/Reports/Update.php',
|
268 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ScanQueue\\Common' => __DIR__ . '/../..' . '/src/Databases/ScanQueue/Common.php',
|
269 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ScanQueue\\Delete' => __DIR__ . '/../..' . '/src/Databases/ScanQueue/Delete.php',
|
270 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\ScanQueue\\EntryVO' => __DIR__ . '/../..' . '/src/Databases/ScanQueue/EntryVO.php',
|
297 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Traffic\\Handler' => __DIR__ . '/../..' . '/src/Databases/Traffic/Handler.php',
|
298 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Traffic\\Insert' => __DIR__ . '/../..' . '/src/Databases/Traffic/Insert.php',
|
299 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Databases\\Traffic\\Select' => __DIR__ . '/../..' . '/src/Databases/Traffic/Select.php',
|
|
|
300 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\License\\EddLicenseVO' => __DIR__ . '/../..' . '/src/License/EddLicenseVO.php',
|
301 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\AuditTrail\\AjaxHandler' => __DIR__ . '/../..' . '/src/Modules/AuditTrail/AjaxHandler.php',
|
302 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\AuditTrail\\Auditors\\Base' => __DIR__ . '/../..' . '/src/Modules/AuditTrail/Auditors/Base.php',
|
320 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\AjaxHandlerShield' => __DIR__ . '/../..' . '/src/Modules/Base/AjaxHandlerShield.php',
|
321 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\BaseModCon' => __DIR__ . '/../..' . '/src/Modules/Base/BaseModCon.php',
|
322 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\BaseProcessor' => __DIR__ . '/../..' . '/src/Modules/Base/BaseProcessor.php',
|
323 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\BaseReporting' => __DIR__ . '/../..' . '/src/Modules/Base/BaseReporting.php',
|
324 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\BaseService' => __DIR__ . '/../..' . '/src/Modules/Base/Lib/BaseService.php',
|
325 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\OneTimeExecute' => __DIR__ . '/../..' . '/src/Modules/Base/OneTimeExecute.php',
|
326 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\Options' => __DIR__ . '/../..' . '/src/Modules/Base/Options.php',
|
327 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\ShieldOptions' => __DIR__ . '/../..' . '/src/Modules/Base/ShieldOptions.php',
|
328 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Base\\Strings' => __DIR__ . '/../..' . '/src/Modules/Base/Strings.php',
|
343 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Consolidate\\ConsolidateAllEvents' => __DIR__ . '/../..' . '/src/Modules/Events/Consolidate/ConsolidateAllEvents.php',
|
344 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Lib\\EventsListener' => __DIR__ . '/../..' . '/src/Modules/Events/Lib/EventsListener.php',
|
345 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Lib\\EventsService' => __DIR__ . '/../..' . '/src/Modules/Events/Lib/EventsService.php',
|
346 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Lib\\Reports\\KeyStats' => __DIR__ . '/../..' . '/src/Modules/Events/Lib/Reports/KeyStats.php',
|
347 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Lib\\Reports\\ScanRepairs' => __DIR__ . '/../..' . '/src/Modules/Events/Lib/Reports/ScanRepairs.php',
|
348 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Lib\\StatsWriter' => __DIR__ . '/../..' . '/src/Modules/Events/Lib/StatsWriter.php',
|
349 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Options' => __DIR__ . '/../..' . '/src/Modules/Events/Options.php',
|
350 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Reporting' => __DIR__ . '/../..' . '/src/Modules/Events/Reporting.php',
|
351 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Events\\Strings' => __DIR__ . '/../..' . '/src/Modules/Events/Strings.php',
|
352 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Firewall\\Options' => __DIR__ . '/../..' . '/src/Modules/Firewall/Options.php',
|
353 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Firewall\\Strings' => __DIR__ . '/../..' . '/src/Modules/Firewall/Strings.php',
|
354 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\GeoIp\\Lookup' => __DIR__ . '/../..' . '/src/Modules/GeoIp/Lookup.php',
|
355 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\AjaxHandler' => __DIR__ . '/../..' . '/src/Modules/HackGuard/AjaxHandler.php',
|
356 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\File' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/FileLocker/File.php',
|
357 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\FileLockerController' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/FileLocker/FileLockerController.php',
|
358 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\Accept' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/FileLocker/Ops/Accept.php',
|
359 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\AssessLocks' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/FileLocker/Ops/AssessLocks.php',
|
360 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\BaseOps' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/FileLocker/Ops/BaseOps.php',
|
361 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\BuildEncryptedFilePayload' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/FileLocker/Ops/BuildEncryptedFilePayload.php',
|
362 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\CreateFileLocks' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/FileLocker/Ops/CreateFileLocks.php',
|
363 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\DeleteFileLock' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/FileLocker/Ops/DeleteFileLock.php',
|
364 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\LoadFileLocks' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/FileLocker/Ops/LoadFileLocks.php',
|
365 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\PerformAction' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/FileLocker/Ops/PerformAction.php',
|
366 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\ReadOriginalFileContent' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/FileLocker/Ops/ReadOriginalFileContent.php',
|
367 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\Restore' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/FileLocker/Ops/Restore.php',
|
368 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\FileLocker\\Ops\\Verify' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/FileLocker/Ops/Verify.php',
|
369 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Reports\\FileLockerAlerts' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Reports/FileLockerAlerts.php',
|
370 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Reports\\ScanAlerts' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Reports/ScanAlerts.php',
|
371 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesForAsset' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesForAsset.php',
|
372 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesFromApi' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesFromApi.php',
|
373 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\Build\\BuildHashesFromDir' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Snapshots/Build/BuildHashesFromDir.php',
|
385 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Snapshots\\StoreAction\\TouchAll' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Snapshots/StoreAction/TouchAll.php',
|
386 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Lib\\Utility\\FileDownloadHandler' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Lib/Utility/FileDownloadHandler.php',
|
387 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Options' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Options.php',
|
388 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Reporting' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Reporting.php',
|
389 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Scan\\Controller\\Apc' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Scan/Controller/Apc.php',
|
390 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Scan\\Controller\\Base' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Scan/Controller/Base.php',
|
391 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\HackGuard\\Scan\\Controller\\BaseForAssets' => __DIR__ . '/../..' . '/src/Modules/HackGuard/Scan/Controller/BaseForAssets.php',
|
427 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\BotTrack\\TrackLoginInvalid' => __DIR__ . '/../..' . '/src/Modules/IPs/BotTrack/TrackLoginInvalid.php',
|
428 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\BotTrack\\TrackUserAgent' => __DIR__ . '/../..' . '/src/Modules/IPs/BotTrack/TrackUserAgent.php',
|
429 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\BotTrack\\TrackXmlRpc' => __DIR__ . '/../..' . '/src/Modules/IPs/BotTrack/TrackXmlRpc.php',
|
430 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\Components\\ImportIpsFromFile' => __DIR__ . '/../..' . '/src/Modules/IPs/Components/ImportIpsFromFile.php',
|
431 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\Components\\IpAddressConsumer' => __DIR__ . '/../..' . '/src/Modules/IPs/Components/IpAddressConsumer.php',
|
432 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\Components\\ProcessOffense' => __DIR__ . '/../..' . '/src/Modules/IPs/Components/ProcessOffense.php',
|
433 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\IPs\\Components\\QueryIpBlock' => __DIR__ . '/../..' . '/src/Modules/IPs/Components/QueryIpBlock.php',
|
458 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Lockdown\\Strings' => __DIR__ . '/../..' . '/src/Modules/Lockdown/Strings.php',
|
459 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\AdminNotices' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/AdminNotices.php',
|
460 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\AjaxHandler' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/AjaxHandler.php',
|
461 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\AntibotSetup' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/AntiBot/AntibotSetup.php',
|
462 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\BaseFormProvider' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/BaseFormProvider.php',
|
463 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\BuddyPress' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/BuddyPress.php',
|
464 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\EasyDigitalDownloads' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/EasyDigitalDownloads.php',
|
465 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\LearnPress' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/LearnPress.php',
|
466 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\MemberPress' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/MemberPress.php',
|
467 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\PaidMemberSubscriptions' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/PaidMemberSubscriptions.php',
|
468 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\ProfileBuilder' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/ProfileBuilder.php',
|
469 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\UltimateMember' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/UltimateMember.php',
|
470 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\UserRegistration' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/UserRegistration.php',
|
471 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\WooCommerce' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/WooCommerce.php',
|
472 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\FormProviders\\WordPress' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/AntiBot/FormProviders/WordPress.php',
|
473 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\IncludeJs' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/AntiBot/IncludeJs.php',
|
474 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\ProtectionProviders\\BaseProtectionProvider' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/AntiBot/ProtectionProviders/BaseProtectionProvider.php',
|
475 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\ProtectionProviders\\CoolDown' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/AntiBot/ProtectionProviders/CoolDown.php',
|
476 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\ProtectionProviders\\GaspJs' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/AntiBot/ProtectionProviders/GaspJs.php',
|
477 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\ProtectionProviders\\GoogleRecaptcha' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/AntiBot/ProtectionProviders/GoogleRecaptcha.php',
|
478 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\AntiBot\\ProtectionProviders\\HCaptcha' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/AntiBot/ProtectionProviders/HCaptcha.php',
|
479 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\CooldownFlagFile' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/CooldownFlagFile.php',
|
480 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\CooldownRedirect' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/CooldownRedirect.php',
|
481 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\LoginGuard\\Lib\\TwoFactor\\LoginIntentPage' => __DIR__ . '/../..' . '/src/Modules/LoginGuard/Lib/TwoFactor/LoginIntentPage.php',
|
498 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Components\\BadgeWidget' => __DIR__ . '/../..' . '/src/Modules/Plugin/Components/BadgeWidget.php',
|
499 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Components\\PluginBadge' => __DIR__ . '/../..' . '/src/Modules/Plugin/Components/PluginBadge.php',
|
500 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Components\\SiteGroundPluginCompatibility' => __DIR__ . '/../..' . '/src/Modules/Plugin/Components/SiteGroundPluginCompatibility.php',
|
501 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\Captcha\\CaptchaConfigVO' => __DIR__ . '/../..' . '/src/Modules/Plugin/Lib/Captcha/CaptchaConfigVO.php',
|
502 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\Captcha\\CheckCaptchaSettings' => __DIR__ . '/../..' . '/src/Modules/Plugin/Lib/Captcha/CheckCaptchaSettings.php',
|
503 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\Debug\\Collate' => __DIR__ . '/../..' . '/src/Modules/Plugin/Lib/Debug/Collate.php',
|
504 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\ImportExport\\Export' => __DIR__ . '/../..' . '/src/Modules/Plugin/Lib/ImportExport/Export.php',
|
505 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\ImportExport\\Import' => __DIR__ . '/../..' . '/src/Modules/Plugin/Lib/ImportExport/Import.php',
|
506 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\ImportExport\\ImportExportController' => __DIR__ . '/../..' . '/src/Modules/Plugin/Lib/ImportExport/ImportExportController.php',
|
507 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\ImportExport\\NotifyWhitelist' => __DIR__ . '/../..' . '/src/Modules/Plugin/Lib/ImportExport/NotifyWhitelist.php',
|
508 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\ImportExport\\Options\\BuildTransferableOptions' => __DIR__ . '/../..' . '/src/Modules/Plugin/Lib/ImportExport/Options/BuildTransferableOptions.php',
|
509 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\ImportExport\\Options\\SaveExcludedOptions' => __DIR__ . '/../..' . '/src/Modules/Plugin/Lib/ImportExport/Options/SaveExcludedOptions.php',
|
510 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\TestCacheDirWrite' => __DIR__ . '/../..' . '/src/Modules/Plugin/Lib/TestCacheDirWrite.php',
|
511 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Lib\\TourManager' => __DIR__ . '/../..' . '/src/Modules/Plugin/Lib/TourManager.php',
|
512 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Options' => __DIR__ . '/../..' . '/src/Modules/Plugin/Options.php',
|
513 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Plugin\\Strings' => __DIR__ . '/../..' . '/src/Modules/Plugin/Strings.php',
|
514 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Reporting\\Lib\\ReportingController' => __DIR__ . '/../..' . '/src/Modules/Reporting/Lib/ReportingController.php',
|
515 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Reporting\\Lib\\Reports\\BaseReporter' => __DIR__ . '/../..' . '/src/Modules/Reporting/Lib/Reports/BaseReporter.php',
|
516 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Reporting\\Lib\\Reports\\Build\\BaseBuilder' => __DIR__ . '/../..' . '/src/Modules/Reporting/Lib/Reports/Build/BaseBuilder.php',
|
517 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Reporting\\Lib\\Reports\\Build\\BuilderAlerts' => __DIR__ . '/../..' . '/src/Modules/Reporting/Lib/Reports/Build/BuilderAlerts.php',
|
518 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Reporting\\Lib\\Reports\\Build\\BuilderInfo' => __DIR__ . '/../..' . '/src/Modules/Reporting/Lib/Reports/Build/BuilderInfo.php',
|
519 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Reporting\\Lib\\Reports\\CreateReportVO' => __DIR__ . '/../..' . '/src/Modules/Reporting/Lib/Reports/CreateReportVO.php',
|
520 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Reporting\\Lib\\Reports\\ReportVO' => __DIR__ . '/../..' . '/src/Modules/Reporting/Lib/Reports/ReportVO.php',
|
521 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Reporting\\Options' => __DIR__ . '/../..' . '/src/Modules/Reporting/Options.php',
|
522 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\Reporting\\Strings' => __DIR__ . '/../..' . '/src/Modules/Reporting/Strings.php',
|
523 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\SecurityAdmin\\AdminNotices' => __DIR__ . '/../..' . '/src/Modules/SecurityAdmin/AdminNotices.php',
|
524 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\SecurityAdmin\\AjaxHandler' => __DIR__ . '/../..' . '/src/Modules/SecurityAdmin/AjaxHandler.php',
|
525 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Modules\\SecurityAdmin\\Lib\\Actions\\RemoveSecAdmin' => __DIR__ . '/../..' . '/src/Modules/SecurityAdmin/Lib/Actions/RemoveSecAdmin.php',
|
606 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ptg\\Table\\EntryFormatter' => __DIR__ . '/../..' . '/src/Scans/Ptg/Table/EntryFormatter.php',
|
607 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ptg\\Utilities\\ItemActionHandler' => __DIR__ . '/../..' . '/src/Scans/Ptg/Utilities/ItemActionHandler.php',
|
608 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ptg\\Utilities\\Repair' => __DIR__ . '/../..' . '/src/Scans/Ptg/Utilities/Repair.php',
|
|
|
|
|
|
|
|
|
|
|
609 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ufc\\BuildFileMap' => __DIR__ . '/../..' . '/src/Scans/Ufc/BuildFileMap.php',
|
610 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ufc\\BuildScanAction' => __DIR__ . '/../..' . '/src/Scans/Ufc/BuildScanAction.php',
|
611 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Ufc\\ConvertVosToResults' => __DIR__ . '/../..' . '/src/Scans/Ufc/ConvertVosToResults.php',
|
639 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Wpv\\Utilities\\ItemActionHandler' => __DIR__ . '/../..' . '/src/Scans/Wpv/Utilities/ItemActionHandler.php',
|
640 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Wpv\\Utilities\\Repair' => __DIR__ . '/../..' . '/src/Scans/Wpv/Utilities/Repair.php',
|
641 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Scans\\Wpv\\WpVulnDb\\WpVulnVO' => __DIR__ . '/../..' . '/src/Scans/Wpv/WpVulnDb/WpVulnVO.php',
|
642 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ShieldNetApi\\Common\\BaseApi' => __DIR__ . '/../..' . '/src/ShieldNetApi/Common/BaseApi.php',
|
643 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ShieldNetApi\\Common\\BaseShieldNetApi' => __DIR__ . '/../..' . '/src/ShieldNetApi/Common/BaseShieldNetApi.php',
|
644 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ShieldNetApi\\FileLocker\\DecryptFile' => __DIR__ . '/../..' . '/src/ShieldNetApi/FileLocker/DecryptFile.php',
|
645 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ShieldNetApi\\FileLocker\\GetPublicKey' => __DIR__ . '/../..' . '/src/ShieldNetApi/FileLocker/GetPublicKey.php',
|
646 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ShieldNetApi\\Handshake\\Verify' => __DIR__ . '/../..' . '/src/ShieldNetApi/Handshake/Verify.php',
|
647 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ShieldNetApi\\HandshakingNonce' => __DIR__ . '/../..' . '/src/ShieldNetApi/HandshakingNonce.php',
|
648 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ShieldNetApi\\ShieldNetApiController' => __DIR__ . '/../..' . '/src/ShieldNetApi/ShieldNetApiController.php',
|
649 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\ShieldNetApi\\ShieldNetApiDataVO' => __DIR__ . '/../..' . '/src/ShieldNetApi/ShieldNetApiDataVO.php',
|
650 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Tables\\Build\\AdminNotes' => __DIR__ . '/../..' . '/src/Tables/Build/AdminNotes.php',
|
651 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Tables\\Build\\AuditTrail' => __DIR__ . '/../..' . '/src/Tables/Build/AuditTrail.php',
|
652 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Tables\\Build\\BaseBuild' => __DIR__ . '/../..' . '/src/Tables/Build/BaseBuild.php',
|
682 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Users\\ShieldUserMeta' => __DIR__ . '/../..' . '/src/Users/ShieldUserMeta.php',
|
683 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\AdminNotices\\Controller' => __DIR__ . '/../..' . '/src/Utilities/AdminNotices/Controller.php',
|
684 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\AdminNotices\\NoticeVO' => __DIR__ . '/../..' . '/src/Utilities/AdminNotices/NoticeVO.php',
|
685 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\HCaptcha\\TestRequest' => __DIR__ . '/../..' . '/src/Utilities/HCaptcha/TestRequest.php',
|
686 |
+
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\ReCaptcha\\Enqueue' => __DIR__ . '/../..' . '/src/Utilities/ReCaptcha/Enqueue.php',
|
687 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\ReCaptcha\\TestRequest' => __DIR__ . '/../..' . '/src/Utilities/ReCaptcha/TestRequest.php',
|
688 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\ReCaptcha\\WordpressPost' => __DIR__ . '/../..' . '/src/Utilities/ReCaptcha/WordpressPost.php',
|
689 |
'FernleafSystems\\Wordpress\\Plugin\\Shield\\Utilities\\Tool\\IpListSort' => __DIR__ . '/../..' . '/src/Utilities/Tool/IpListSort.php',
|
696 |
'FernleafSystems\\Wordpress\\Services\\Core\\Fs' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Fs.php',
|
697 |
'FernleafSystems\\Wordpress\\Services\\Core\\General' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/General.php',
|
698 |
'FernleafSystems\\Wordpress\\Services\\Core\\Includes' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Includes.php',
|
699 |
+
'FernleafSystems\\Wordpress\\Services\\Core\\Nonce' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Nonce.php',
|
700 |
'FernleafSystems\\Wordpress\\Services\\Core\\Plugins' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Plugins.php',
|
701 |
'FernleafSystems\\Wordpress\\Services\\Core\\Post' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Post.php',
|
702 |
'FernleafSystems\\Wordpress\\Services\\Core\\Request' => __DIR__ . '/..' . '/fernleafsystems/wordpress-services/src/Core/Request.php',
|
849 |
'ICWP_WPSF_FeatureHandler_Lockdown' => __DIR__ . '/../..' . '/../features/lockdown.php',
|
850 |
'ICWP_WPSF_FeatureHandler_LoginProtect' => __DIR__ . '/../..' . '/../features/login_protect.php',
|
851 |
'ICWP_WPSF_FeatureHandler_Plugin' => __DIR__ . '/../..' . '/../features/plugin.php',
|
852 |
+
'ICWP_WPSF_FeatureHandler_Reporting' => __DIR__ . '/../..' . '/../features/reporting.php',
|
853 |
'ICWP_WPSF_FeatureHandler_Sessions' => __DIR__ . '/../..' . '/../features/sessions.php',
|
854 |
'ICWP_WPSF_FeatureHandler_Traffic' => __DIR__ . '/../..' . '/../features/traffic.php',
|
855 |
'ICWP_WPSF_FeatureHandler_UserManagement' => __DIR__ . '/../..' . '/../features/user_management.php',
|
869 |
'ICWP_WPSF_Processor_HackProtect_Integrity' => __DIR__ . '/../..' . '/../processors/hackprotect_integrity.php',
|
870 |
'ICWP_WPSF_Processor_HackProtect_Mal' => __DIR__ . '/../..' . '/../processors/hackprotect_scan_mal.php',
|
871 |
'ICWP_WPSF_Processor_HackProtect_Ptg' => __DIR__ . '/../..' . '/../processors/hackprotect_scan_ptg.php',
|
|
|
872 |
'ICWP_WPSF_Processor_HackProtect_Scanner' => __DIR__ . '/../..' . '/../processors/hackprotect_scanner.php',
|
873 |
'ICWP_WPSF_Processor_HackProtect_Ufc' => __DIR__ . '/../..' . '/../processors/hackprotect_scan_ufc.php',
|
874 |
'ICWP_WPSF_Processor_HackProtect_Wcf' => __DIR__ . '/../..' . '/../processors/hackprotect_scan_wcf.php',
|
880 |
'ICWP_WPSF_Processor_Lockdown' => __DIR__ . '/../..' . '/../processors/lockdown.php',
|
881 |
'ICWP_WPSF_Processor_LoginProtect' => __DIR__ . '/../..' . '/../processors/login_protect.php',
|
882 |
'ICWP_WPSF_Processor_LoginProtect_Base' => __DIR__ . '/../..' . '/../processors/loginprotect_base.php',
|
|
|
883 |
'ICWP_WPSF_Processor_LoginProtect_Gasp' => __DIR__ . '/../..' . '/../processors/loginprotect_gasp.php',
|
884 |
'ICWP_WPSF_Processor_LoginProtect_GoogleRecaptcha' => __DIR__ . '/../..' . '/../processors/loginprotect_googlerecaptcha.php',
|
885 |
'ICWP_WPSF_Processor_LoginProtect_WpLogin' => __DIR__ . '/../..' . '/../processors/loginprotect_wplogin.php',
|
889 |
'ICWP_WPSF_Processor_ScanBase' => __DIR__ . '/../..' . '/../processors/hackprotect_scan_base.php',
|
890 |
'ICWP_WPSF_Processor_Sessions' => __DIR__ . '/../..' . '/../processors/sessions.php',
|
891 |
'ICWP_WPSF_Processor_Traffic' => __DIR__ . '/../..' . '/../processors/traffic.php',
|
|
|
892 |
'ICWP_WPSF_Processor_UserManagement' => __DIR__ . '/../..' . '/../processors/user_management.php',
|
893 |
'ICWP_WPSF_Processor_UserManagement_Passwords' => __DIR__ . '/../..' . '/../processors/usermanagement_passwords.php',
|
894 |
'ICWP_WPSF_Processor_UserManagement_Sessions' => __DIR__ . '/../..' . '/../processors/usermanagement_sessions.php',
|
src/lib/vendor/fernleafsystems/utilities/src/Logic/OneTimeExecute.php
ADDED
@@ -0,0 +1,44 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Utilities\Logic;
|
4 |
+
|
5 |
+
/**
|
6 |
+
* Trait OneTimeExecute
|
7 |
+
* @package FernleafSystems\Utilities\Logic
|
8 |
+
*/
|
9 |
+
trait OneTimeExecute {
|
10 |
+
|
11 |
+
private $bHasOneTimeExecuted = false;
|
12 |
+
|
13 |
+
/**
|
14 |
+
* @return bool
|
15 |
+
*/
|
16 |
+
protected function canRun() {
|
17 |
+
return true;
|
18 |
+
}
|
19 |
+
|
20 |
+
public function execute() {
|
21 |
+
if ( !$this->isAlreadyExecuted() && $this->canRun() ) {
|
22 |
+
$this->bHasOneTimeExecuted = true;
|
23 |
+
$this->run();
|
24 |
+
}
|
25 |
+
}
|
26 |
+
|
27 |
+
/**
|
28 |
+
* @return bool
|
29 |
+
*/
|
30 |
+
protected function isAlreadyExecuted() {
|
31 |
+
return (bool)$this->bHasOneTimeExecuted;
|
32 |
+
}
|
33 |
+
|
34 |
+
/**
|
35 |
+
* @return $this
|
36 |
+
*/
|
37 |
+
public function resetExecution() {
|
38 |
+
$this->bHasOneTimeExecuted = false;
|
39 |
+
return $this;
|
40 |
+
}
|
41 |
+
|
42 |
+
protected function run() {
|
43 |
+
}
|
44 |
+
}
|
src/lib/vendor/fernleafsystems/wordpress-services/src/Core/CoreFileHashes.php
CHANGED
@@ -17,12 +17,22 @@ class CoreFileHashes {
|
|
17 |
private $aHashes;
|
18 |
|
19 |
/**
|
|
|
20 |
* @return array
|
21 |
*/
|
22 |
public function getHashes() {
|
23 |
if ( !isset( $this->aHashes ) ) {
|
24 |
-
$
|
25 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
26 |
}
|
27 |
return $this->aHashes;
|
28 |
}
|
17 |
private $aHashes;
|
18 |
|
19 |
/**
|
20 |
+
* Filters out wp-content plugins/themes data.
|
21 |
* @return array
|
22 |
*/
|
23 |
public function getHashes() {
|
24 |
if ( !isset( $this->aHashes ) ) {
|
25 |
+
$aHashes = Services::WpGeneral()->getCoreChecksums();
|
26 |
+
|
27 |
+
$this->aHashes = array_intersect_key(
|
28 |
+
$aHashes,
|
29 |
+
array_flip( array_filter(
|
30 |
+
array_keys( $aHashes ),
|
31 |
+
function ( $sFilePath ) {
|
32 |
+
return preg_match( '#wp-content/(plugins|themes)#i', $sFilePath ) === 0;
|
33 |
+
}
|
34 |
+
) )
|
35 |
+
);
|
36 |
}
|
37 |
return $this->aHashes;
|
38 |
}
|
src/lib/vendor/fernleafsystems/wordpress-services/src/Core/Fs.php
CHANGED
@@ -15,6 +15,15 @@ class Fs {
|
|
15 |
*/
|
16 |
protected $oWpfs = null;
|
17 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
18 |
/**
|
19 |
* @param string $sBase
|
20 |
* @param string $sPath
|
@@ -54,7 +63,6 @@ class Fs {
|
|
54 |
|
55 |
$oDirIt = new \DirectoryIterator( $sSource );
|
56 |
foreach ( $oDirIt as $oFile ) {
|
57 |
-
/** @var $oFile \DirectoryIterator */
|
58 |
if ( !$oFile->isDot() ) {
|
59 |
$this->move( $oFile->getPathname(), path_join( $sTarget, $oFile->getBasename() ) );
|
60 |
}
|
15 |
*/
|
16 |
protected $oWpfs = null;
|
17 |
|
18 |
+
/**
|
19 |
+
* @param string $sPath
|
20 |
+
* @return bool
|
21 |
+
*/
|
22 |
+
public function isAbsPath( $sPath ) {
|
23 |
+
return path_is_absolute( $sPath ) ||
|
24 |
+
( Services::Data()->isWindows() && preg_match( '#^[a-zA-Z]:/{1,2}#', wp_normalize_path( $sPath ) ) === 1 );
|
25 |
+
}
|
26 |
+
|
27 |
/**
|
28 |
* @param string $sBase
|
29 |
* @param string $sPath
|
63 |
|
64 |
$oDirIt = new \DirectoryIterator( $sSource );
|
65 |
foreach ( $oDirIt as $oFile ) {
|
|
|
66 |
if ( !$oFile->isDot() ) {
|
67 |
$this->move( $oFile->getPathname(), path_join( $sTarget, $oFile->getBasename() ) );
|
68 |
}
|
src/lib/vendor/fernleafsystems/wordpress-services/src/Core/General.php
CHANGED
@@ -129,7 +129,8 @@ class General {
|
|
129 |
* @return string[]
|
130 |
*/
|
131 |
private function getCoreChecksums_CP() {
|
132 |
-
|
|
|
133 |
}
|
134 |
|
135 |
/**
|
@@ -143,7 +144,7 @@ class General {
|
|
143 |
else {
|
144 |
$aChecksumData = ( new Hashes\WordPress() )->getCurrent();
|
145 |
}
|
146 |
-
return $aChecksumData;
|
147 |
}
|
148 |
|
149 |
/**
|
129 |
* @return string[]
|
130 |
*/
|
131 |
private function getCoreChecksums_CP() {
|
132 |
+
$aCS = ( new Hashes\ClassicPress() )->getCurrent();
|
133 |
+
return is_array( $aCS ) ? $aCS : [];
|
134 |
}
|
135 |
|
136 |
/**
|
144 |
else {
|
145 |
$aChecksumData = ( new Hashes\WordPress() )->getCurrent();
|
146 |
}
|
147 |
+
return is_array( $aChecksumData ) ? $aChecksumData : [];
|
148 |
}
|
149 |
|
150 |
/**
|
src/lib/vendor/fernleafsystems/wordpress-services/src/Core/Nonce.php
ADDED
@@ -0,0 +1,116 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
|
3 |
+
namespace FernleafSystems\Wordpress\Services\Core;
|
4 |
+
|
5 |
+
/**
|
6 |
+
* Class Nonce
|
7 |
+
* @package FernleafSystems\Wordpress\Services\Core
|
8 |
+
*/
|
9 |
+
class Nonce {
|
10 |
+
|
11 |
+
/**
|
12 |
+
* @var bool
|
13 |
+
*/
|
14 |
+
private $bIncludeUserId;
|
15 |
+
|
16 |
+
/**
|
17 |
+
* @var string
|
18 |
+
*/
|
19 |
+
private $sAction;
|
20 |
+
|
21 |
+
public function create() {
|
22 |
+
if ( !$this->hasAction() ) {
|
23 |
+
throw new \Exception( 'No action specified for nonce' );
|
24 |
+
}
|
25 |
+
return $this->isIncludeUserId() ? wp_create_nonce( $this->getAction() ) : $this->createNonceNoUser();
|
26 |
+
}
|
27 |
+
|
28 |
+
/**
|
29 |
+
* @param string $sNonce
|
30 |
+
* @return false|int
|
31 |
+
* @throws \Exception
|
32 |
+
*/
|
33 |
+
public function verify( $sNonce ) {
|
34 |
+
if ( !$this->hasAction() ) {
|
35 |
+
throw new \Exception( 'No action specified for nonce' );
|
36 |
+
}
|
37 |
+
return $this->isIncludeUserId() ? wp_verify_nonce( $sNonce, $this->getAction() ) : $this->verifyNonceNoUser( $sNonce );
|
38 |
+
}
|
39 |
+
|
40 |
+
/**
|
41 |
+
* Taken directly from wp_create_nonce() but excludes the user ID part.
|
42 |
+
* @return false|string
|
43 |
+
*/
|
44 |
+
private function createNonceNoUser() {
|
45 |
+
$token = wp_get_session_token();
|
46 |
+
$i = wp_nonce_tick();
|
47 |
+
return substr( wp_hash( $i.'|'.$this->getAction().'|'.$token, 'nonce' ), -12, 10 );
|
48 |
+
}
|
49 |
+
|
50 |
+
/**
|
51 |
+
* @param $sNonce
|
52 |
+
* @return int
|
53 |
+
* @throws \Exception
|
54 |
+
*/
|
55 |
+
private function verifyNonceNoUser( $sNonce ) {
|
56 |
+
if ( empty( $sNonce ) ) {
|
57 |
+
throw new \Exception( 'Nonce is empty' );
|
58 |
+
}
|
59 |
+
|
60 |
+
$token = wp_get_session_token();
|
61 |
+
$i = wp_nonce_tick();
|
62 |
+
|
63 |
+
// Nonce generated 0-12 hours ago.
|
64 |
+
$expected = substr( wp_hash( $i.'|'.$this->getAction().'|'.$token, 'nonce' ), -12, 10 );
|
65 |
+
if ( hash_equals( $expected, $sNonce ) ) {
|
66 |
+
return 1;
|
67 |
+
}
|
68 |
+
|
69 |
+
// Nonce generated 12-24 hours ago.
|
70 |
+
$expected = substr( wp_hash( ( $i - 1 ).'|'.$this->getAction().'|'.$token, 'nonce' ), -12, 10 );
|
71 |
+
if ( hash_equals( $expected, $sNonce ) ) {
|
72 |
+
return 2;
|
73 |
+
}
|
74 |
+
|
75 |
+
throw new \Exception( 'Nonce verification failed.' );
|
76 |
+
}
|
77 |
+
|
78 |
+
/**
|
79 |
+
* @return string
|
80 |
+
*/
|
81 |
+
public function getAction() {
|
82 |
+
return (string)$this->sAction;
|
83 |
+
}
|
84 |
+
|
85 |
+
/**
|
86 |
+
* @return bool
|
87 |
+
*/
|
88 |
+
public function hasAction() {
|
89 |
+
return !empty( $this->sAction );
|
90 |
+
}
|
91 |
+
|
92 |
+
/**
|
93 |
+
* @return bool
|
94 |
+
*/
|
95 |
+
public function isIncludeUserId() {
|
96 |
+
return isset( $this->bIncludeUserId ) ? (bool)$this->bIncludeUserId : true;
|
97 |
+
}
|
98 |
+
|
99 |
+
/**
|
100 |
+
* @param bool $sAction
|
101 |
+
* @return $this
|
102 |
+
*/
|
103 |
+
public function setAction( $sAction ) {
|
104 |
+
$this->sAction = $sAction;
|
105 |
+
return $this;
|
106 |
+
}
|
107 |
+
|
108 |
+
/**
|
109 |
+
* @param bool $bUse
|
110 |
+
* @return $this
|
111 |
+
*/
|
112 |
+
public function setIncludeUserId( $bUse ) {
|
113 |
+
$this->bIncludeUserId = $bUse;
|
114 |
+
return $this;
|
115 |
+
}
|
116 |
+
}
|
src/lib/vendor/fernleafsystems/wordpress-services/src/Core/Request.php
CHANGED
@@ -108,12 +108,20 @@ class Request {
|
|
108 |
}
|
109 |
|
110 |
/**
|
|
|
111 |
* @return Carbon
|
112 |
*/
|
113 |
-
public function carbon() {
|
|
|
114 |
$oC = new Carbon();
|
115 |
$oC->setTimestamp( $this->ts() );
|
116 |
-
$oC->setLocale(
|
|
|
|
|
|
|
|
|
|
|
|
|
117 |
return $oC;
|
118 |
}
|
119 |
|
108 |
}
|
109 |
|
110 |
/**
|
111 |
+
* @param bool $bSetTimezone - useful only when you're reporting times or displaying
|
112 |
* @return Carbon
|
113 |
*/
|
114 |
+
public function carbon( $bSetTimezone = false ) {
|
115 |
+
$oWP = Services::WpGeneral();
|
116 |
$oC = new Carbon();
|
117 |
$oC->setTimestamp( $this->ts() );
|
118 |
+
$oC->setLocale( $oWP->getLocaleCountry() );
|
119 |
+
if ( $bSetTimezone ) {
|
120 |
+
$sTZ = $oWP->getOption( 'timezone_string' );
|
121 |
+
if ( !empty( $sTZ ) ) {
|
122 |
+
$oC->setTimezone( $sTZ );
|
123 |
+
}
|
124 |
+
}
|
125 |
return $oC;
|
126 |
}
|
127 |
|
src/lib/vendor/fernleafsystems/wordpress-services/src/Core/System.php
CHANGED
@@ -5,4 +5,4 @@ namespace FernleafSystems\Wordpress\Services\Core;
|
|
5 |
class System {
|
6 |
|
7 |
const PREFIX = 'aptoweb_';
|
8 |
-
}
|
5 |
class System {
|
6 |
|
7 |
const PREFIX = 'aptoweb_';
|
8 |
+
}
|
src/lib/vendor/fernleafsystems/wordpress-services/src/Services.php
CHANGED
@@ -58,6 +58,9 @@ class Services {
|
|
58 |
self::$oDic[ 'service_customhooks' ] = function () {
|
59 |
return new Core\CustomHooks();
|
60 |
};
|
|
|
|
|
|
|
61 |
self::$oDic[ 'service_request' ] = function () {
|
62 |
return new Core\Request();
|
63 |
};
|
@@ -196,6 +199,13 @@ class Services {
|
|
196 |
return self::getObj( __FUNCTION__ );
|
197 |
}
|
198 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
199 |
/**
|
200 |
* @param string $sTemplatePath
|
201 |
* @return Utilities\Render
|
58 |
self::$oDic[ 'service_customhooks' ] = function () {
|
59 |
return new Core\CustomHooks();
|
60 |
};
|
61 |
+
self::$oDic[ 'service_nonce' ] = function () {
|
62 |
+
return new Core\Nonce();
|
63 |
+
};
|
64 |
self::$oDic[ 'service_request' ] = function () {
|
65 |
return new Core\Request();
|
66 |
};
|
199 |
return self::getObj( __FUNCTION__ );
|
200 |
}
|
201 |
|
202 |
+
/**
|
203 |
+
* @return Core\Nonce
|
204 |
+
*/
|
205 |
+
public static function Nonce() {
|
206 |
+
return self::getObj( __FUNCTION__ );
|
207 |
+
}
|
208 |
+
|
209 |
/**
|
210 |
* @param string $sTemplatePath
|
211 |
* @return Utilities\Render
|
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Data.php
CHANGED
@@ -261,11 +261,8 @@ class Data {
|
|
261 |
* @param mixed $mDefault
|
262 |
* @return mixed|null
|
263 |
*/
|
264 |
-
public static function ArrayFetch(
|
265 |
-
|
266 |
-
return $mDefault;
|
267 |
-
}
|
268 |
-
return $aArray[ $sKey ];
|
269 |
}
|
270 |
|
271 |
/**
|
@@ -295,16 +292,15 @@ class Data {
|
|
295 |
/**
|
296 |
* Cleans out any of the junk that can appear in a PHP version and returns just the 5.4.45
|
297 |
* e.g. 5.4.45-0+deb7u5
|
298 |
-
* @
|
|
|
299 |
*/
|
300 |
-
public function getPhpVersionCleaned() {
|
301 |
$sVersion = $this->getPhpVersion();
|
302 |
-
if ( preg_match( '#^[0-9]
|
303 |
-
|
304 |
-
}
|
305 |
-
else {
|
306 |
-
return $sVersion;
|
307 |
}
|
|
|
308 |
}
|
309 |
|
310 |
/**
|
@@ -388,7 +384,14 @@ class Data {
|
|
388 |
$sDomainName = trim( $sDomainName );
|
389 |
return ( preg_match( "/^([a-z\d](-*[a-z\d])*)(\.([a-z\d](-*[a-z\d])*))*$/i", $sDomainName ) //valid chars check
|
390 |
&& preg_match( "/^.{1,253}$/", $sDomainName ) //overall length check
|
391 |
-
&& preg_match( "/^[
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
392 |
}
|
393 |
|
394 |
/**
|
261 |
* @param mixed $mDefault
|
262 |
* @return mixed|null
|
263 |
*/
|
264 |
+
public static function ArrayFetch( $aArray, $sKey, $mDefault = null ) {
|
265 |
+
return isset( $aArray[ $sKey ] ) ? $aArray[ $sKey ] : $mDefault;
|
|
|
|
|
|
|
266 |
}
|
267 |
|
268 |
/**
|
292 |
/**
|
293 |
* Cleans out any of the junk that can appear in a PHP version and returns just the 5.4.45
|
294 |
* e.g. 5.4.45-0+deb7u5
|
295 |
+
* @param bool $bExcludeMinor
|
296 |
+
* @return mixed|string
|
297 |
*/
|
298 |
+
public function getPhpVersionCleaned( $bExcludeMinor = false ) {
|
299 |
$sVersion = $this->getPhpVersion();
|
300 |
+
if ( preg_match( '#^[0-9]+\.[0-9]+(\.[0-9]+)?#', $sVersion, $aMatches ) ) {
|
301 |
+
$sVersion = $aMatches[ 0 ];
|
|
|
|
|
|
|
302 |
}
|
303 |
+
return $bExcludeMinor ? substr( $sVersion, 0, strrpos( $sVersion, '.' ) ) : $sVersion;
|
304 |
}
|
305 |
|
306 |
/**
|
384 |
$sDomainName = trim( $sDomainName );
|
385 |
return ( preg_match( "/^([a-z\d](-*[a-z\d])*)(\.([a-z\d](-*[a-z\d])*))*$/i", $sDomainName ) //valid chars check
|
386 |
&& preg_match( "/^.{1,253}$/", $sDomainName ) //overall length check
|
387 |
+
&& preg_match( "/^[^.]{1,63}(\.[^.]{1,63})*$/", $sDomainName ) );//length of each label
|
388 |
+
}
|
389 |
+
|
390 |
+
/**
|
391 |
+
* @return bool
|
392 |
+
*/
|
393 |
+
public function isWindows() {
|
394 |
+
return strtoupper( substr( PHP_OS, 0, 3 ) ) === 'WIN';
|
395 |
}
|
396 |
|
397 |
/**
|
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/ApiBase.php
CHANGED
@@ -76,12 +76,11 @@ abstract class ApiBase {
|
|
76 |
* @return array|mixed|null
|
77 |
*/
|
78 |
public function query() {
|
79 |
-
$this->
|
80 |
-
|
81 |
-
|
82 |
-
|
83 |
-
|
84 |
-
$aData = $aData[ static::RESPONSE_DATA_KEY ];
|
85 |
}
|
86 |
else {
|
87 |
$aData = null;
|
@@ -89,13 +88,19 @@ abstract class ApiBase {
|
|
89 |
return $aData;
|
90 |
}
|
91 |
|
92 |
-
|
|
|
|
|
|
|
|
|
|
|
93 |
}
|
94 |
|
95 |
/**
|
96 |
* @return string
|
97 |
*/
|
98 |
protected function fireRequest() {
|
|
|
99 |
switch ( static::REQUEST_TYPE ) {
|
100 |
case 'POST':
|
101 |
$sResponse = $this->fireRequest_POST();
|
@@ -108,6 +113,9 @@ abstract class ApiBase {
|
|
108 |
return $sResponse;
|
109 |
}
|
110 |
|
|
|
|
|
|
|
111 |
/**
|
112 |
* @return string
|
113 |
*/
|
76 |
* @return array|mixed|null
|
77 |
*/
|
78 |
public function query() {
|
79 |
+
$aData = $this->fireRequestDecodeResponse();
|
80 |
+
if ( is_array( $aData ) ) {
|
81 |
+
if ( strlen( static::RESPONSE_DATA_KEY ) > 0 ) {
|
82 |
+
$aData = isset( $aData[ static::RESPONSE_DATA_KEY ] ) ? $aData[ static::RESPONSE_DATA_KEY ] : null;
|
83 |
+
}
|
|
|
84 |
}
|
85 |
else {
|
86 |
$aData = null;
|
88 |
return $aData;
|
89 |
}
|
90 |
|
91 |
+
/**
|
92 |
+
* @return array|null - null on failure
|
93 |
+
*/
|
94 |
+
protected function fireRequestDecodeResponse() {
|
95 |
+
$sResponse = $this->fireRequest();
|
96 |
+
return empty( $sResponse ) ? null : json_decode( $sResponse, true );
|
97 |
}
|
98 |
|
99 |
/**
|
100 |
* @return string
|
101 |
*/
|
102 |
protected function fireRequest() {
|
103 |
+
$this->preRequest();
|
104 |
switch ( static::REQUEST_TYPE ) {
|
105 |
case 'POST':
|
106 |
$sResponse = $this->fireRequest_POST();
|
113 |
return $sResponse;
|
114 |
}
|
115 |
|
116 |
+
protected function preRequest() {
|
117 |
+
}
|
118 |
+
|
119 |
/**
|
120 |
* @return string
|
121 |
*/
|
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Integrations/WpHashes/Hashes/AssetHashesBase.php
CHANGED
@@ -32,9 +32,8 @@ abstract class AssetHashesBase extends Base {
|
|
32 |
return new RequestVO();
|
33 |
}
|
34 |
|
35 |
-
|
36 |
-
|
37 |
-
protected function preQuery() {
|
38 |
$oReq = $this->getRequestVO();
|
39 |
if ( empty( $oReq->hash ) ) {
|
40 |
$this->setHashAlgo( static::DEFAULT_HASH_ALGO );
|
32 |
return new RequestVO();
|
33 |
}
|
34 |
|
35 |
+
protected function preRequest() {
|
36 |
+
/** @var RequestVO $oReq */
|
|
|
37 |
$oReq = $this->getRequestVO();
|
38 |
if ( empty( $oReq->hash ) ) {
|
39 |
$this->setHashAlgo( static::DEFAULT_HASH_ALGO );
|
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/IpUtils.php
CHANGED
@@ -296,11 +296,18 @@ class IpUtils {
|
|
296 |
}
|
297 |
|
298 |
/**
|
|
|
299 |
* @return string[]
|
300 |
*/
|
301 |
-
public function getServerPublicIPs() {
|
302 |
-
if ( empty( $this->aMyIps ) ) {
|
|
|
303 |
$aIPs = Services::WpGeneral()->getOption( 'aptoweb_my_server_ips' );
|
|
|
|
|
|
|
|
|
|
|
304 |
|
305 |
if ( empty( $aIPs ) || !is_array( $aIPs ) || empty( $aIPs[ 'check_at' ] ) ) {
|
306 |
$aIPs = [
|
@@ -313,7 +320,7 @@ class IpUtils {
|
|
313 |
$nAge = Services::Request()->ts() - $aIPs[ 'check_at' ];
|
314 |
$bExpired = ( $nAge > HOUR_IN_SECONDS )
|
315 |
&& ( Services::Data()->getServerHash() != $aIPs[ 'hash' ] || $nAge > WEEK_IN_SECONDS );
|
316 |
-
if ( $bExpired ) {
|
317 |
$aIPs = [
|
318 |
'check_at' => Services::Request()->ts(),
|
319 |
'hash' => Services::Data()->getServerHash(),
|
@@ -324,8 +331,7 @@ class IpUtils {
|
|
324 |
}
|
325 |
)
|
326 |
];
|
327 |
-
|
328 |
-
->updateOption( 'aptoweb_my_server_ips', $aIPs );
|
329 |
}
|
330 |
|
331 |
$this->aMyIps = $aIPs[ 'ips' ];
|
296 |
}
|
297 |
|
298 |
/**
|
299 |
+
* @param bool $bForceRefresh
|
300 |
* @return string[]
|
301 |
*/
|
302 |
+
public function getServerPublicIPs( $bForceRefresh = false ) {
|
303 |
+
if ( $bForceRefresh || empty( $this->aMyIps ) ) {
|
304 |
+
|
305 |
$aIPs = Services::WpGeneral()->getOption( 'aptoweb_my_server_ips' );
|
306 |
+
if ( !empty( $aIPs ) ) {
|
307 |
+
Services::WpGeneral()->deleteOption( 'aptoweb_my_server_ips' );
|
308 |
+
Utilities\Options\Transient::Set( 'my_server_ips', $aIPs, WEEK_IN_SECONDS );
|
309 |
+
}
|
310 |
+
$aIPs = Utilities\Options\Transient::Get( 'my_server_ips' );
|
311 |
|
312 |
if ( empty( $aIPs ) || !is_array( $aIPs ) || empty( $aIPs[ 'check_at' ] ) ) {
|
313 |
$aIPs = [
|
320 |
$nAge = Services::Request()->ts() - $aIPs[ 'check_at' ];
|
321 |
$bExpired = ( $nAge > HOUR_IN_SECONDS )
|
322 |
&& ( Services::Data()->getServerHash() != $aIPs[ 'hash' ] || $nAge > WEEK_IN_SECONDS );
|
323 |
+
if ( $bForceRefresh || $bExpired ) {
|
324 |
$aIPs = [
|
325 |
'check_at' => Services::Request()->ts(),
|
326 |
'hash' => Services::Data()->getServerHash(),
|
331 |
}
|
332 |
)
|
333 |
];
|
334 |
+
Utilities\Options\Transient::Set( 'my_server_ips', $aIPs, WEEK_IN_SECONDS );
|
|
|
335 |
}
|
336 |
|
337 |
$this->aMyIps = $aIPs[ 'ips' ];
|
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/Net/BaseIP.php
CHANGED
@@ -14,7 +14,7 @@ class BaseIP {
|
|
14 |
* @param string $sSource
|
15 |
* @return string[]
|
16 |
*/
|
17 |
-
|
18 |
return array_filter(
|
19 |
array_map( 'trim', explode( ',', (string)Services::Request()->server( $sSource ) ) ),
|
20 |
function ( $sIp ) {
|
14 |
* @param string $sSource
|
15 |
* @return string[]
|
16 |
*/
|
17 |
+
public function getIpsFromSource( $sSource ) {
|
18 |
return array_filter(
|
19 |
array_map( 'trim', explode( ',', (string)Services::Request()->server( $sSource ) ) ),
|
20 |
function ( $sIp ) {
|
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/ServiceProviders.php
CHANGED
@@ -24,6 +24,7 @@ class ServiceProviders {
|
|
24 |
'APIs-Google',
|
25 |
'AdsBot-Google',
|
26 |
'Mediapartners-Google',
|
|
|
27 |
'yandex.com/bots',
|
28 |
'yahoo!'
|
29 |
];
|
@@ -285,6 +286,38 @@ class ServiceProviders {
|
|
285 |
&& $this->isIpInCollection( $sIp, $this->getIpsForSlug( 'pingdom' ) );
|
286 |
}
|
287 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
288 |
/**
|
289 |
* @param string $sIp
|
290 |
* @param string $sAgent
|
@@ -394,6 +427,15 @@ class ServiceProviders {
|
|
394 |
);
|
395 |
}
|
396 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
397 |
/**
|
398 |
* @param string $sIp
|
399 |
* @param string $sUserAgent
|
24 |
'APIs-Google',
|
25 |
'AdsBot-Google',
|
26 |
'Mediapartners-Google',
|
27 |
+
'SemrushBot',
|
28 |
'yandex.com/bots',
|
29 |
'yahoo!'
|
30 |
];
|
286 |
&& $this->isIpInCollection( $sIp, $this->getIpsForSlug( 'pingdom' ) );
|
287 |
}
|
288 |
|
289 |
+
/**
|
290 |
+
* @param string $sIp
|
291 |
+
* @param string $sAgent
|
292 |
+
* @return bool
|
293 |
+
*/
|
294 |
+
public function isIp_Stripe( $sIp, $sAgent ) {
|
295 |
+
return ( stripos( $sAgent, 'Stripe/' ) !== false )
|
296 |
+
&& $this->isIpInCollection( $sIp, $this->getIpsForSlug( 'stripe' ) );
|
297 |
+
}
|
298 |
+
|
299 |
+
/**
|
300 |
+
* @param string $sIp
|
301 |
+
* @param string $sUserAgent
|
302 |
+
* @return bool
|
303 |
+
*/
|
304 |
+
public function isIp_SemRush( $sIp, $sUserAgent ) {
|
305 |
+
$oWp = Services::WpGeneral();
|
306 |
+
|
307 |
+
$sStoreKey = $this->getPrefixedStoreKey( 'serviceips_semrush' );
|
308 |
+
$aIps = $oWp->getTransient( $sStoreKey );
|
309 |
+
if ( !is_array( $aIps ) ) {
|
310 |
+
$aIps = [];
|
311 |
+
}
|
312 |
+
|
313 |
+
if ( !in_array( $sIp, $aIps ) && $this->verifyIp_SemRush( $sIp, $sUserAgent ) ) {
|
314 |
+
$aIps[] = $sIp;
|
315 |
+
$oWp->setTransient( $sStoreKey, $aIps, WEEK_IN_SECONDS*4 );
|
316 |
+
}
|
317 |
+
|
318 |
+
return in_array( $sIp, $aIps );
|
319 |
+
}
|
320 |
+
|
321 |
/**
|
322 |
* @param string $sIp
|
323 |
* @param string $sAgent
|
427 |
);
|
428 |
}
|
429 |
|
430 |
+
/**
|
431 |
+
* @param string $sIp
|
432 |
+
* @param string $sUserAgent
|
433 |
+
* @return bool
|
434 |
+
*/
|
435 |
+
private function verifyIp_SemRush( $sIp, $sUserAgent = '' ) {
|
436 |
+
return $this->isIpOfBot( [ 'SemrushBot' ], '#.*\.bot\.semrush\.com\.?$#i', $sIp, $sUserAgent );
|
437 |
+
}
|
438 |
+
|
439 |
/**
|
440 |
* @param string $sIp
|
441 |
* @param string $sUserAgent
|
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/WpOrg/Plugin/Files.php
CHANGED
@@ -90,7 +90,7 @@ class Files extends Services\Utilities\WpOrg\Base\PluginThemeFilesBase {
|
|
90 |
public function getPluginPathFragmentFromPath( $sFile ) {
|
91 |
$sFragment = null;
|
92 |
|
93 |
-
if ( !
|
94 |
$sFile = path_join( ABSPATH, $sFile );
|
95 |
}
|
96 |
$sFile = wp_normalize_path( $sFile );
|
90 |
public function getPluginPathFragmentFromPath( $sFile ) {
|
91 |
$sFragment = null;
|
92 |
|
93 |
+
if ( !Services\Services::WpFs()->isAbsPath( $sFile ) ) { // assume it's relative to ABSPATH
|
94 |
$sFile = path_join( ABSPATH, $sFile );
|
95 |
}
|
96 |
$sFile = wp_normalize_path( $sFile );
|
src/lib/vendor/fernleafsystems/wordpress-services/src/Utilities/WpOrg/Theme/Files.php
CHANGED
@@ -103,7 +103,7 @@ class Files extends Services\Utilities\WpOrg\Base\PluginThemeFilesBase {
|
|
103 |
public function getThemePathFragmentFromPath( $sFile ) {
|
104 |
$sFragment = null;
|
105 |
|
106 |
-
if ( !
|
107 |
$sFile = path_join( ABSPATH, $sFile );
|
108 |
}
|
109 |
$sFile = wp_normalize_path( $sFile );
|
103 |
public function getThemePathFragmentFromPath( $sFile ) {
|
104 |
$sFragment = null;
|
105 |
|
106 |
+
if ( !Services\Services::WpFs()->isAbsPath( $sFile ) ) { // assume it's relative to ABSPATH
|
107 |
$sFile = path_join( ABSPATH, $sFile );
|
108 |
}
|
109 |
$sFile = wp_normalize_path( $sFile );
|
src/lib/vendor/symfony/polyfill-mbstring/bootstrap.php
CHANGED
@@ -11,11 +11,13 @@
|
|
11 |
|
12 |
use Symfony\Polyfill\Mbstring as p;
|
13 |
|
14 |
-
if (!
|
15 |
define('MB_CASE_UPPER', 0);
|
16 |
define('MB_CASE_LOWER', 1);
|
17 |
define('MB_CASE_TITLE', 2);
|
|
|
18 |
|
|
|
19 |
function mb_convert_encoding($s, $to, $from = null) { return p\Mbstring::mb_convert_encoding($s, $to, $from); }
|
20 |
function mb_decode_mimeheader($s) { return p\Mbstring::mb_decode_mimeheader($s); }
|
21 |
function mb_encode_mimeheader($s, $charset = null, $transferEnc = null, $lf = null, $indent = null) { return p\Mbstring::mb_encode_mimeheader($s, $charset, $transferEnc, $lf, $indent); }
|
11 |
|
12 |
use Symfony\Polyfill\Mbstring as p;
|
13 |
|
14 |
+
if (!defined('MB_CASE_UPPER')) {
|
15 |
define('MB_CASE_UPPER', 0);
|
16 |
define('MB_CASE_LOWER', 1);
|
17 |
define('MB_CASE_TITLE', 2);
|
18 |
+
}
|
19 |
|
20 |
+
if (!function_exists('mb_strlen')) {
|
21 |
function mb_convert_encoding($s, $to, $from = null) { return p\Mbstring::mb_convert_encoding($s, $to, $from); }
|
22 |
function mb_decode_mimeheader($s) { return p\Mbstring::mb_decode_mimeheader($s); }
|
23 |
function mb_encode_mimeheader($s, $charset = null, $transferEnc = null, $lf = null, $indent = null) { return p\Mbstring::mb_encode_mimeheader($s, $charset, $transferEnc, $lf, $indent); }
|
src/lib/vendor/twig/twig/src/Template.php
CHANGED
@@ -537,7 +537,7 @@ abstract class Template implements \Twig_TemplateInterface
|
|
537 |
if (self::METHOD_CALL !== $type) {
|
538 |
$arrayItem = \is_bool($item) || \is_float($item) ? (int) $item : $item;
|
539 |
|
540 |
-
if (((\is_array($object) || $object instanceof \ArrayObject) && (isset($object[$arrayItem]) || \array_key_exists($arrayItem, $object)))
|
541 |
|| ($object instanceof \ArrayAccess && isset($object[$arrayItem]))
|
542 |
) {
|
543 |
if ($isDefinedTest) {
|
@@ -604,7 +604,7 @@ abstract class Template implements \Twig_TemplateInterface
|
|
604 |
|
605 |
// object property
|
606 |
if (self::METHOD_CALL !== $type && !$object instanceof self) { // \Twig\Template does not have public properties, and we don't want to allow access to internal ones
|
607 |
-
if (isset($object->$item) || \array_key_exists((string) $item, $object)) {
|
608 |
if ($isDefinedTest) {
|
609 |
return true;
|
610 |
}
|
537 |
if (self::METHOD_CALL !== $type) {
|
538 |
$arrayItem = \is_bool($item) || \is_float($item) ? (int) $item : $item;
|
539 |
|
540 |
+
if (((\is_array($object) || $object instanceof \ArrayObject) && (isset($object[$arrayItem]) || \array_key_exists($arrayItem, (array) $object)))
|
541 |
|| ($object instanceof \ArrayAccess && isset($object[$arrayItem]))
|
542 |
) {
|
543 |
if ($isDefinedTest) {
|
604 |
|
605 |
// object property
|
606 |
if (self::METHOD_CALL !== $type && !$object instanceof self) { // \Twig\Template does not have public properties, and we don't want to allow access to internal ones
|
607 |
+
if (isset($object->$item) || \array_key_exists((string) $item, (array) $object)) {
|
608 |
if ($isDefinedTest) {
|
609 |
return true;
|
610 |
}
|
src/processors/autoupdates.php
CHANGED
@@ -45,11 +45,6 @@ class ICWP_WPSF_Processor_Autoupdates extends Modules\BaseShield\ShieldProcessor
|
|
45 |
$this->trackAssetsVersions();
|
46 |
add_action( 'automatic_updates_complete', [ $this, 'sendNotificationEmail' ] );
|
47 |
}
|
48 |
-
|
49 |
-
if ( $oOpts->isAutoupdateIndividualPlugins() ) {
|
50 |
-
// Adds automatic update indicator column to all plugins in plugin listing.
|
51 |
-
add_filter( 'manage_plugins_columns', [ $this, 'fAddPluginsListAutoUpdateColumn' ] );
|
52 |
-
}
|
53 |
}
|
54 |
}
|
55 |
|
@@ -247,9 +242,6 @@ class ICWP_WPSF_Processor_Autoupdates extends Modules\BaseShield\ShieldProcessor
|
|
247 |
if ( $oOpts->isAutoupdateAllPlugins() ) {
|
248 |
$bDoAutoUpdate = true;
|
249 |
}
|
250 |
-
elseif ( $oOpts->isPluginSetToAutoupdate( $sFile ) ) {
|
251 |
-
$bDoAutoUpdate = true;
|
252 |
-
}
|
253 |
elseif ( $sFile === $this->getCon()->getPluginBaseFile() ) {
|
254 |
$sAuto = $oOpts->getSelfAutoUpdateOpt();
|
255 |
if ( $sAuto === 'immediate' ) {
|
@@ -360,59 +352,6 @@ class ICWP_WPSF_Processor_Autoupdates extends Modules\BaseShield\ShieldProcessor
|
|
360 |
return $aEmailParams;
|
361 |
}
|
362 |
|
363 |
-
/**
|
364 |
-
* @filter
|
365 |
-
* @param array $aPluginMeta
|
366 |
-
* @param string $sPluginBaseFileName
|
367 |
-
* @return array
|
368 |
-
*/
|
369 |
-
public function fAddAutomaticUpdatePluginMeta( $aPluginMeta, $sPluginBaseFileName ) {
|
370 |
-
|
371 |
-
// first we prevent collision between iControlWP <-> Simple Firewall by not duplicating icons
|
372 |
-
foreach ( $aPluginMeta as $sMetaItem ) {
|
373 |
-
if ( strpos( $sMetaItem, 'icwp-pluginautoupdateicon' ) !== false ) {
|
374 |
-
return $aPluginMeta;
|
375 |
-
}
|
376 |
-
}
|
377 |
-
$bUpdate = Services::WpPlugins()->isPluginAutomaticallyUpdated( $sPluginBaseFileName );
|
378 |
-
$sHtml = $this->getPluginAutoupdateIconHtml( $bUpdate );
|
379 |
-
array_unshift( $aPluginMeta, sprintf( '%s', $sHtml ) );
|
380 |
-
return $aPluginMeta;
|
381 |
-
}
|
382 |
-
|
383 |
-
/**
|
384 |
-
* Adds the column to the plugins listing table to indicate whether WordPress will automatically update the plugins
|
385 |
-
* @param array $aColumns
|
386 |
-
* @return array
|
387 |
-
*/
|
388 |
-
public function fAddPluginsListAutoUpdateColumn( $aColumns ) {
|
389 |
-
if ( $this->getCon()->isPluginAdmin() && !isset( $aColumns[ 'icwp_autoupdate' ] ) ) {
|
390 |
-
$aColumns[ 'icwp_autoupdate' ] = 'Auto Update';
|
391 |
-
add_action( 'manage_plugins_custom_column',
|
392 |
-
[ $this, 'aPrintPluginsListAutoUpdateColumnContent' ],
|
393 |
-
100, 2
|
394 |
-
);
|
395 |
-
}
|
396 |
-
return $aColumns;
|
397 |
-
}
|
398 |
-
|
399 |
-
/**
|
400 |
-
* @param string $sColumnName
|
401 |
-
* @param string $sPluginBaseFileName
|
402 |
-
*/
|
403 |
-
public function aPrintPluginsListAutoUpdateColumnContent( $sColumnName, $sPluginBaseFileName ) {
|
404 |
-
if ( $sColumnName != 'icwp_autoupdate' ) {
|
405 |
-
return;
|
406 |
-
}
|
407 |
-
/** @var Modules\Autoupdates\Options $oOpts */
|
408 |
-
$oOpts = $this->getOptions();
|
409 |
-
|
410 |
-
$bUpdate = Services::WpPlugins()->isPluginAutomaticallyUpdated( $sPluginBaseFileName );
|
411 |
-
// $bUpdate = in_array( $sPluginBaseFileName, $oOpts->getAutoupdatePlugins() );
|
412 |
-
$bDisabled = $bUpdate && !in_array( $sPluginBaseFileName, $oOpts->getAutoupdatePlugins() );
|
413 |
-
echo $this->getPluginAutoupdateIconHtml( $sPluginBaseFileName, $bUpdate, $bDisabled );
|
414 |
-
}
|
415 |
-
|
416 |
/**
|
417 |
* @param array $aUpdateResults
|
418 |
*/
|
@@ -434,20 +373,21 @@ class ICWP_WPSF_Processor_Autoupdates extends Modules\BaseShield\ShieldProcessor
|
|
434 |
|
435 |
$aTrkd = $this->getTrackedAssetsVersions();
|
436 |
|
|
|
437 |
if ( !empty( $aUpdateResults[ 'plugin' ] ) && is_array( $aUpdateResults[ 'plugin' ] ) ) {
|
438 |
$bHasPluginUpdates = false;
|
439 |
$aTrkdPlugs = $aTrkd[ 'plugins' ];
|
440 |
|
441 |
$aTempContent[] = __( 'Plugins Updated:', 'wp-simple-firewall' );
|
442 |
foreach ( $aUpdateResults[ 'plugin' ] as $oUpdate ) {
|
443 |
-
$
|
444 |
-
$bValidUpdate =
|
445 |
-
&& isset( $aTrkdPlugs[ $
|
446 |
-
&& version_compare( $aTrkdPlugs[ $
|
447 |
if ( $bValidUpdate ) {
|
448 |
$aTempContent[] = ' - '.sprintf(
|
449 |
__( 'Plugin "%s" auto-updated from "%s" to version "%s"', 'wp-simple-firewall' ),
|
450 |
-
$oUpdate->name, $aTrkdPlugs[ $
|
451 |
$bHasPluginUpdates = true;
|
452 |
}
|
453 |
}
|
45 |
$this->trackAssetsVersions();
|
46 |
add_action( 'automatic_updates_complete', [ $this, 'sendNotificationEmail' ] );
|
47 |
}
|
|
|
|
|
|
|
|
|
|
|
48 |
}
|
49 |
}
|
50 |
|
242 |
if ( $oOpts->isAutoupdateAllPlugins() ) {
|
243 |
$bDoAutoUpdate = true;
|
244 |
}
|
|
|
|
|
|
|
245 |
elseif ( $sFile === $this->getCon()->getPluginBaseFile() ) {
|
246 |
$sAuto = $oOpts->getSelfAutoUpdateOpt();
|
247 |
if ( $sAuto === 'immediate' ) {
|
352 |
return $aEmailParams;
|
353 |
}
|
354 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
355 |
/**
|
356 |
* @param array $aUpdateResults
|
357 |
*/
|
373 |
|
374 |
$aTrkd = $this->getTrackedAssetsVersions();
|
375 |
|
376 |
+
$oWpPlugins = Services::WpPlugins();
|
377 |
if ( !empty( $aUpdateResults[ 'plugin' ] ) && is_array( $aUpdateResults[ 'plugin' ] ) ) {
|
378 |
$bHasPluginUpdates = false;
|
379 |
$aTrkdPlugs = $aTrkd[ 'plugins' ];
|
380 |
|
381 |
$aTempContent[] = __( 'Plugins Updated:', 'wp-simple-firewall' );
|
382 |
foreach ( $aUpdateResults[ 'plugin' ] as $oUpdate ) {
|
383 |
+
$oP = $oWpPlugins->getPluginAsVo( $oUpdate->item->plugin, true );
|
384 |
+
$bValidUpdate = !empty( $oUpdate->result ) && !empty( $oUpdate->name )
|
385 |
+
&& isset( $aTrkdPlugs[ $oP->file ] )
|
386 |
+
&& version_compare( $aTrkdPlugs[ $oP->file ], $oP->Version, '<' );
|
387 |
if ( $bValidUpdate ) {
|
388 |
$aTempContent[] = ' - '.sprintf(
|
389 |
__( 'Plugin "%s" auto-updated from "%s" to version "%s"', 'wp-simple-firewall' ),
|
390 |
+
$oUpdate->name, $aTrkdPlugs[ $oP->file ], $oP->Version );
|
391 |
$bHasPluginUpdates = true;
|
392 |
}
|
393 |
}
|
src/processors/comments_filter.php
CHANGED
@@ -25,7 +25,7 @@ class ICWP_WPSF_Processor_CommentsFilter extends Modules\BaseShield\ShieldProces
|
|
25 |
|
26 |
if ( $bLoadComProc ) {
|
27 |
|
28 |
-
if ( $oMod->
|
29 |
$this->getSubPro( 'recaptcha' )->execute();
|
30 |
}
|
31 |
|
25 |
|
26 |
if ( $bLoadComProc ) {
|
27 |
|
28 |
+
if ( $oMod->isEnabledCaptcha() ) {
|
29 |
$this->getSubPro( 'recaptcha' )->execute();
|
30 |
}
|
31 |
|
src/processors/commentsfilter_botspam.php
CHANGED
@@ -72,7 +72,7 @@ class ICWP_WPSF_Processor_CommentsFilter_BotSpam extends Modules\BaseShield\Shie
|
|
72 |
],
|
73 |
'flags' => [
|
74 |
'gasp' => true,
|
75 |
-
'recap' => $oMod->
|
76 |
]
|
77 |
]
|
78 |
);
|
72 |
],
|
73 |
'flags' => [
|
74 |
'gasp' => true,
|
75 |
+
'recap' => $oMod->isEnabledCaptcha(),
|
76 |
]
|
77 |
]
|
78 |
);
|
src/processors/commentsfilter_googlerecaptcha.php
CHANGED
@@ -16,22 +16,19 @@ class ICWP_WPSF_Processor_CommentsFilter_GoogleRecaptcha extends Modules\BaseShi
|
|
16 |
*/
|
17 |
public function setup() {
|
18 |
if ( Services::WpComments()->isCommentsOpen() ) {
|
19 |
-
|
|
|
|
|
|
|
|
|
20 |
add_action( 'comment_form_after_fields', [ $this, 'printGoogleRecaptchaCheck' ] );
|
21 |
}
|
22 |
}
|
23 |
|
24 |
-
/**
|
25 |
-
*/
|
26 |
public function printGoogleRecaptchaCheck() {
|
27 |
-
$this->
|
28 |
-
|
29 |
-
|
30 |
-
|
31 |
-
/**
|
32 |
-
* @return string
|
33 |
-
*/
|
34 |
-
protected function getGoogleRecaptchaHtml() {
|
35 |
-
return '<div class="icwpg-recaptcha" style="margin: 10px 0; clear:both;"></div>';
|
36 |
}
|
37 |
}
|
16 |
*/
|
17 |
public function setup() {
|
18 |
if ( Services::WpComments()->isCommentsOpen() ) {
|
19 |
+
$this->getCon()
|
20 |
+
->getModule_Plugin()
|
21 |
+
->getCaptchaEnqueue()
|
22 |
+
->setMod( $this->getMod() )
|
23 |
+
->setToEnqueue();
|
24 |
add_action( 'comment_form_after_fields', [ $this, 'printGoogleRecaptchaCheck' ] );
|
25 |
}
|
26 |
}
|
27 |
|
|
|
|
|
28 |
public function printGoogleRecaptchaCheck() {
|
29 |
+
echo $this->getCon()
|
30 |
+
->getModule_Plugin()
|
31 |
+
->getCaptchaEnqueue()
|
32 |
+
->getCaptchaHtml();
|
|
|
|
|
|
|
|
|
|
|
33 |
}
|
34 |
}
|
src/processors/email.php
CHANGED
@@ -21,8 +21,47 @@ class ICWP_WPSF_Processor_Email extends Modules\BaseShield\ShieldProcessor {
|
|
21 |
* @return array
|
22 |
*/
|
23 |
protected function getEmailFooter() {
|
|
|
24 |
$oWp = Services::WpGeneral();
|
25 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
26 |
'',
|
27 |
sprintf( __( 'Email sent from the %s Plugin v%s, on %s.', 'wp-simple-firewall' ),
|
28 |
$this->getCon()->getHumanName(),
|
@@ -33,7 +72,7 @@ class ICWP_WPSF_Processor_Email extends Modules\BaseShield\ShieldProcessor {
|
|
33 |
sprintf( __( 'Time Sent: %s', 'wp-simple-firewall' ), $oWp->getTimeStampForDisplay() )
|
34 |
];
|
35 |
|
36 |
-
return apply_filters( 'icwp_shield_email_footer', $
|
37 |
}
|
38 |
|
39 |
/**
|
21 |
* @return array
|
22 |
*/
|
23 |
protected function getEmailFooter() {
|
24 |
+
$oCon = $this->getCon();
|
25 |
$oWp = Services::WpGeneral();
|
26 |
+
|
27 |
+
{
|
28 |
+
$aGoProPhrases = [
|
29 |
+
'Go PRO For The Equivalent Of 1 Cappuccino Per Month ☕',
|
30 |
+
'Go PRO For The Equivalent Of 1 Beer Per Month 🍺',
|
31 |
+
'Go PRO For The Equivalent Of 1 Glass Of Wine Per Month 🍷',
|
32 |
+
];
|
33 |
+
$aBenefits = [
|
34 |
+
'The Easiest, Frustration-Free Pro-Upgrade Available Anywhere',
|
35 |
+
'Powerful, Auto-Learning Malware Scanner',
|
36 |
+
'Plugin and Theme File Guard',
|
37 |
+
'Vulnerability Scanner',
|
38 |
+
'Traffic Rate Limiting',
|
39 |
+
'WooCommerce Support',
|
40 |
+
'Automatic Import/Export Sync Of Options Across Your WP Portfolio',
|
41 |
+
'Powerful User Password Policies',
|
42 |
+
'Exclusive Customer Support',
|
43 |
+
'That Warm And Fuzzy Feeling That Comes From Supporting Future Development',
|
44 |
+
];
|
45 |
+
shuffle( $aBenefits );
|
46 |
+
}
|
47 |
+
$aFooter = [
|
48 |
+
'',
|
49 |
+
$this->getMod()
|
50 |
+
->renderTemplate( '/snippets/email/footer.twig', [
|
51 |
+
'strings' => [
|
52 |
+
'benefits' => $aBenefits,
|
53 |
+
'much_more' => 'And So Much More',
|
54 |
+
'upgrade' => $aGoProPhrases[ array_rand( $aGoProPhrases ) ],
|
55 |
+
],
|
56 |
+
'hrefs' => [
|
57 |
+
'upgrade' => 'https://shsec.io/buyshieldproemailfooter',
|
58 |
+
'much_more' => 'https://shsec.io/gp'
|
59 |
+
],
|
60 |
+
'flags' => [
|
61 |
+
'is_pro' => $oCon->isPremiumActive(),
|
62 |
+
'is_whitelabelled' => $oCon->getModule_SecAdmin()->isWlEnabled()
|
63 |
+
]
|
64 |
+
] ),
|
65 |
'',
|
66 |
sprintf( __( 'Email sent from the %s Plugin v%s, on %s.', 'wp-simple-firewall' ),
|
67 |
$this->getCon()->getHumanName(),
|
72 |
sprintf( __( 'Time Sent: %s', 'wp-simple-firewall' ), $oWp->getTimeStampForDisplay() )
|
73 |
];
|
74 |
|
75 |
+
return apply_filters( 'icwp_shield_email_footer', $aFooter );
|
76 |
}
|
77 |
|
78 |
/**
|
src/processors/firewall.php
CHANGED
@@ -49,8 +49,8 @@ class ICWP_WPSF_Processor_Firewall extends Modules\BaseShield\ShieldProcessor {
|
|
49 |
*/
|
50 |
private function getIfPerformFirewallScan() {
|
51 |
$bPerformScan = true;
|
52 |
-
/** @var
|
53 |
-
$
|
54 |
|
55 |
$sPath = Services::Request()->getPath();
|
56 |
|
@@ -65,7 +65,7 @@ class ICWP_WPSF_Processor_Firewall extends Modules\BaseShield\ShieldProcessor {
|
|
65 |
$bPerformScan = false;
|
66 |
}
|
67 |
// TODO: are we calling is_super_admin() too early?
|
68 |
-
elseif ( $
|
69 |
$bPerformScan = false;
|
70 |
}
|
71 |
|
@@ -111,8 +111,8 @@ class ICWP_WPSF_Processor_Firewall extends Modules\BaseShield\ShieldProcessor {
|
|
111 |
* @return bool
|
112 |
*/
|
113 |
protected function doPassCheckBlockExeFileUploads() {
|
114 |
-
/** @var ICWP_WPSF_FeatureHandler_Firewall $
|
115 |
-
$
|
116 |
|
117 |
$sKey = 'exefile';
|
118 |
$bFAIL = false;
|
@@ -142,7 +142,7 @@ class ICWP_WPSF_Processor_Firewall extends Modules\BaseShield\ShieldProcessor {
|
|
142 |
'block_exefile',
|
143 |
[
|
144 |
'audit' => [
|
145 |
-
'blockresponse' => $
|
146 |
'blockkey' => $sKey,
|
147 |
]
|
148 |
]
|
@@ -160,8 +160,8 @@ class ICWP_WPSF_Processor_Firewall extends Modules\BaseShield\ShieldProcessor {
|
|
160 |
* @return bool
|
161 |
*/
|
162 |
private function doPassCheck( $sBlockKey ) {
|
163 |
-
/** @var ICWP_WPSF_FeatureHandler_Firewall $
|
164 |
-
$
|
165 |
|
166 |
$aMatchTerms = $this->getFirewallPatterns( $sBlockKey );
|
167 |
$aParamValues = $this->getParamsToCheck();
|
@@ -215,7 +215,7 @@ class ICWP_WPSF_Processor_Firewall extends Modules\BaseShield\ShieldProcessor {
|
|
215 |
'audit' => [
|
216 |
'param' => $sParam,
|
217 |
'val' => $mValue,
|
218 |
-
'blockresponse' => $
|
219 |
'blockkey' => $sBlockKey,
|
220 |
]
|
221 |
]
|
@@ -256,7 +256,7 @@ class ICWP_WPSF_Processor_Firewall extends Modules\BaseShield\ShieldProcessor {
|
|
256 |
$oOpts = $this->getOptions();
|
257 |
|
258 |
if ( $oOpts->isSendBlockEmail() ) {
|
259 |
-
$sRecipient = $oMod->
|
260 |
$this->getCon()->fireEvent(
|
261 |
$this->sendBlockEmail( $sRecipient ) ? 'fw_email_success' : 'fw_email_fail',
|
262 |
[ 'audit' => [ 'recipient' => $sRecipient ] ]
|
@@ -332,12 +332,13 @@ class ICWP_WPSF_Processor_Firewall extends Modules\BaseShield\ShieldProcessor {
|
|
332 |
if ( isset( $this->aPageParams ) ) {
|
333 |
return $this->aPageParams;
|
334 |
}
|
335 |
-
|
336 |
-
|
|
|
337 |
|
338 |
$this->aPageParams = $this->getRawRequestParams();
|
339 |
$aWhitelist = Services::DataManipulation()
|
340 |
-
->mergeArraysRecursive( $
|
341 |
|
342 |
// first we remove globally whitelisted request parameters
|
343 |
if ( !empty( $aWhitelist[ '*' ] ) && is_array( $aWhitelist[ '*' ] ) ) {
|
49 |
*/
|
50 |
private function getIfPerformFirewallScan() {
|
51 |
$bPerformScan = true;
|
52 |
+
/** @var Modules\Firewall\Options $oOpts */
|
53 |
+
$oOpts = $this->getOptions();
|
54 |
|
55 |
$sPath = Services::Request()->getPath();
|
56 |
|
65 |
$bPerformScan = false;
|
66 |
}
|
67 |
// TODO: are we calling is_super_admin() too early?
|
68 |
+
elseif ( $oOpts->isIgnoreAdmin() && is_super_admin() ) {
|
69 |
$bPerformScan = false;
|
70 |
}
|
71 |
|
111 |
* @return bool
|
112 |
*/
|
113 |
protected function doPassCheckBlockExeFileUploads() {
|
114 |
+
/** @var \ICWP_WPSF_FeatureHandler_Firewall $oMod */
|
115 |
+
$oMod = $this->getMod();
|
116 |
|
117 |
$sKey = 'exefile';
|
118 |
$bFAIL = false;
|
142 |
'block_exefile',
|
143 |
[
|
144 |
'audit' => [
|
145 |
+
'blockresponse' => $oMod->getBlockResponse(),
|
146 |
'blockkey' => $sKey,
|
147 |
]
|
148 |
]
|
160 |
* @return bool
|
161 |
*/
|
162 |
private function doPassCheck( $sBlockKey ) {
|
163 |
+
/** @var ICWP_WPSF_FeatureHandler_Firewall $oMod */
|
164 |
+
$oMod = $this->getMod();
|
165 |
|
166 |
$aMatchTerms = $this->getFirewallPatterns( $sBlockKey );
|
167 |
$aParamValues = $this->getParamsToCheck();
|
215 |
'audit' => [
|
216 |
'param' => $sParam,
|
217 |
'val' => $mValue,
|
218 |
+
'blockresponse' => $oMod->getBlockResponse(),
|
219 |
'blockkey' => $sBlockKey,
|
220 |
]
|
221 |
]
|
256 |
$oOpts = $this->getOptions();
|
257 |
|
258 |
if ( $oOpts->isSendBlockEmail() ) {
|
259 |
+
$sRecipient = $oMod->getPluginReportEmail();
|
260 |
$this->getCon()->fireEvent(
|
261 |
$this->sendBlockEmail( $sRecipient ) ? 'fw_email_success' : 'fw_email_fail',
|
262 |
[ 'audit' => [ 'recipient' => $sRecipient ] ]
|
332 |
if ( isset( $this->aPageParams ) ) {
|
333 |
return $this->aPageParams;
|
334 |
}
|
335 |
+
|
336 |
+
/** @var Modules\Firewall\Options $oOpts */
|
337 |
+
$oOpts = $this->getOptions();
|
338 |
|
339 |
$this->aPageParams = $this->getRawRequestParams();
|
340 |
$aWhitelist = Services::DataManipulation()
|
341 |
+
->mergeArraysRecursive( $oOpts->getDef( 'default_whitelist' ), $oOpts->getCustomWhitelist() );
|
342 |
|
343 |
// first we remove globally whitelisted request parameters
|
344 |
if ( !empty( $aWhitelist[ '*' ] ) && is_array( $aWhitelist[ '*' ] ) ) {
|
src/processors/hack_protect.php
CHANGED
@@ -2,6 +2,7 @@
|
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
4 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules;
|
|
|
5 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard;
|
6 |
use FernleafSystems\Wordpress\Services\Core\VOs\WpPluginVo;
|
7 |
use FernleafSystems\Wordpress\Services\Services;
|
@@ -12,23 +13,13 @@ class ICWP_WPSF_Processor_HackProtect extends Modules\BaseShield\ShieldProcessor
|
|
12 |
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
13 |
$oMod = $this->getMod();
|
14 |
|
15 |
-
$sPath = Services::Request()->getPath();
|
16 |
-
if ( !empty( $sPath ) && ( strpos( $sPath, '/wp-admin/admin-ajax.php' ) !== false ) ) {
|
17 |
-
$this->revSliderPatch_LFI();
|
18 |
-
$this->revSliderPatch_AFU();
|
19 |
-
}
|
20 |
-
|
21 |
$this->getSubProScanner()->execute();
|
22 |
-
if ( $oMod->isRtEnabledWpConfig() ) {
|
23 |
-
$this->getSubProRealtime()->execute();
|
24 |
-
}
|
25 |
-
}
|
26 |
|
27 |
-
|
28 |
-
|
29 |
-
|
30 |
-
|
31 |
-
|
32 |
}
|
33 |
|
34 |
/**
|
@@ -43,33 +34,10 @@ class ICWP_WPSF_Processor_HackProtect extends Modules\BaseShield\ShieldProcessor
|
|
43 |
*/
|
44 |
protected function getSubProMap() {
|
45 |
return [
|
46 |
-
'scanner'
|
47 |
-
'realtime' => 'ICWP_WPSF_Processor_HackProtect_Realtime',
|
48 |
];
|
49 |
}
|
50 |
|
51 |
-
protected function revSliderPatch_LFI() {
|
52 |
-
$oReq = Services::Request();
|
53 |
-
|
54 |
-
$sAction = $oReq->query( 'action', '' );
|
55 |
-
$sFileExt = strtolower( Services::Data()->getExtension( $oReq->query( 'img', '' ) ) );
|
56 |
-
if ( $sAction == 'revslider_show_image' && !empty( $sFileExt ) ) {
|
57 |
-
if ( !in_array( $sFileExt, [ 'jpg', 'jpeg', 'png', 'tiff', 'tif', 'gif' ] ) ) {
|
58 |
-
die( 'RevSlider Local File Inclusion Attempt' );
|
59 |
-
}
|
60 |
-
}
|
61 |
-
}
|
62 |
-
|
63 |
-
protected function revSliderPatch_AFU() {
|
64 |
-
$oReq = Services::Request();
|
65 |
-
|
66 |
-
$sAction = strtolower( $oReq->request( 'action', '' ) );
|
67 |
-
$sClientAction = strtolower( $oReq->request( 'client_action', '' ) );
|
68 |
-
if ( ( strpos( $sAction, 'revslider_ajax_action' ) !== false || strpos( $sAction, 'showbiz_ajax_action' ) !== false ) && $sClientAction == 'update_plugin' ) {
|
69 |
-
die( 'RevSlider Arbitrary File Upload Attempt' );
|
70 |
-
}
|
71 |
-
}
|
72 |
-
|
73 |
/**
|
74 |
* @return array
|
75 |
*/
|
@@ -100,7 +68,6 @@ class ICWP_WPSF_Processor_HackProtect extends Modules\BaseShield\ShieldProcessor
|
|
100 |
$aReasonCantScan = $this->getSubProScanner()
|
101 |
->getReasonsScansCantExecute();
|
102 |
|
103 |
-
$oQueCon = $oMod->getScanController();
|
104 |
/** @var \FernleafSystems\Wordpress\Plugin\Shield\Databases\Scanner\Select $oSelector */
|
105 |
$oSelector = $oMod->getDbHandler_ScanResults()->getQuerySelector();
|
106 |
$aData = [
|
@@ -141,12 +108,12 @@ class ICWP_WPSF_Processor_HackProtect extends Modules\BaseShield\ShieldProcessor
|
|
141 |
'clear_suppression' => __( 'Remove Notification Suppression', 'wp-simple-firewall' ),
|
142 |
'clear_suppression_sub' => __( 'Allow notification emails to be resent (for the selected scans only)', 'wp-simple-firewall' ),
|
143 |
'run_scans_now' => __( 'Run Scans Now', 'wp-simple-firewall' ),
|
144 |
-
'no_entries_to_display' => __( '
|
145 |
'scan_progress' => __( 'Scan Progress', 'wp-simple-firewall' ),
|
146 |
'reason_not_call_self' => __( "This site currently can't make HTTP requests to itself.", 'wp-simple-firewall' ),
|
147 |
],
|
148 |
'vars' => [
|
149 |
-
'initial_check' => $
|
150 |
'cannot_scan_reasons' => $aReasonCantScan
|
151 |
],
|
152 |
'scan_results' => [
|
@@ -161,13 +128,14 @@ class ICWP_WPSF_Processor_HackProtect extends Modules\BaseShield\ShieldProcessor
|
|
161 |
'vars' => [
|
162 |
],
|
163 |
'strings' => [
|
164 |
-
'title' => __(
|
165 |
'subtitle' => __( "Results of all file scans", 'wp-simple-firewall' )
|
166 |
],
|
167 |
'count' => $oSelector->filterByScans( [ 'ptg', 'mal', 'wcf', 'ufc' ] )
|
168 |
->filterByNotIgnored()
|
169 |
->count()
|
170 |
],
|
|
|
171 |
'scans' => [
|
172 |
'apc' => [
|
173 |
'flags' => [
|
@@ -248,6 +216,45 @@ class ICWP_WPSF_Processor_HackProtect extends Modules\BaseShield\ShieldProcessor
|
|
248 |
return $aData;
|
249 |
}
|
250 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
251 |
/**
|
252 |
* @return array
|
253 |
*/
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
4 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules;
|
5 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Databases;
|
6 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules\HackGuard;
|
7 |
use FernleafSystems\Wordpress\Services\Core\VOs\WpPluginVo;
|
8 |
use FernleafSystems\Wordpress\Services\Services;
|
13 |
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
14 |
$oMod = $this->getMod();
|
15 |
|
|
|
|
|
|
|
|
|
|
|
|
|
16 |
$this->getSubProScanner()->execute();
|
|
|
|
|
|
|
|
|
17 |
|
18 |
+
/** @var HackGuard\Options $oOpts */
|
19 |
+
$oOpts = $this->getOptions();
|
20 |
+
if ( count( $oOpts->getFilesToLock() ) > 0 ) {
|
21 |
+
$oMod->getFileLocker()->execute();
|
22 |
+
}
|
23 |
}
|
24 |
|
25 |
/**
|
34 |
*/
|
35 |
protected function getSubProMap() {
|
36 |
return [
|
37 |
+
'scanner' => 'ICWP_WPSF_Processor_HackProtect_Scanner',
|
|
|
38 |
];
|
39 |
}
|
40 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
41 |
/**
|
42 |
* @return array
|
43 |
*/
|
68 |
$aReasonCantScan = $this->getSubProScanner()
|
69 |
->getReasonsScansCantExecute();
|
70 |
|
|
|
71 |
/** @var \FernleafSystems\Wordpress\Plugin\Shield\Databases\Scanner\Select $oSelector */
|
72 |
$oSelector = $oMod->getDbHandler_ScanResults()->getQuerySelector();
|
73 |
$aData = [
|
108 |
'clear_suppression' => __( 'Remove Notification Suppression', 'wp-simple-firewall' ),
|
109 |
'clear_suppression_sub' => __( 'Allow notification emails to be resent (for the selected scans only)', 'wp-simple-firewall' ),
|
110 |
'run_scans_now' => __( 'Run Scans Now', 'wp-simple-firewall' ),
|
111 |
+
'no_entries_to_display' => __( "The previous scan either didn't detect any items that require your attention or they've already been repaired.", 'wp-simple-firewall' ),
|
112 |
'scan_progress' => __( 'Scan Progress', 'wp-simple-firewall' ),
|
113 |
'reason_not_call_self' => __( "This site currently can't make HTTP requests to itself.", 'wp-simple-firewall' ),
|
114 |
],
|
115 |
'vars' => [
|
116 |
+
'initial_check' => $oMod->getScanQueueController()->hasRunningScans(),
|
117 |
'cannot_scan_reasons' => $aReasonCantScan
|
118 |
],
|
119 |
'scan_results' => [
|
128 |
'vars' => [
|
129 |
],
|
130 |
'strings' => [
|
131 |
+
'title' => __( 'File Scan', 'wp-simple-firewall' ),
|
132 |
'subtitle' => __( "Results of all file scans", 'wp-simple-firewall' )
|
133 |
],
|
134 |
'count' => $oSelector->filterByScans( [ 'ptg', 'mal', 'wcf', 'ufc' ] )
|
135 |
->filterByNotIgnored()
|
136 |
->count()
|
137 |
],
|
138 |
+
'file_locker' => $this->getFileLockerVars(),
|
139 |
'scans' => [
|
140 |
'apc' => [
|
141 |
'flags' => [
|
216 |
return $aData;
|
217 |
}
|
218 |
|
219 |
+
/**
|
220 |
+
* @return array
|
221 |
+
*/
|
222 |
+
protected function getFileLockerVars() {
|
223 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
224 |
+
$oMod = $this->getMod();
|
225 |
+
|
226 |
+
$oLockLoader = ( new HackGuard\Lib\FileLocker\Ops\LoadFileLocks() )->setMod( $oMod );
|
227 |
+
$aProblemLocks = $oLockLoader->withProblems();
|
228 |
+
$aGoodLocks = $oLockLoader->withoutProblems();
|
229 |
+
|
230 |
+
return [
|
231 |
+
'ajax' => [
|
232 |
+
'filelocker_showdiff' => $oMod->getAjaxActionData( 'filelocker_showdiff', true ),
|
233 |
+
'filelocker_fileaction' => $oMod->getAjaxActionData( 'filelocker_fileaction', true ),
|
234 |
+
],
|
235 |
+
'flags' => [
|
236 |
+
'has_items' => count( $oLockLoader->loadLocks() ) > 0,
|
237 |
+
'is_restricted' => !$this->getCon()->isPremiumActive(),
|
238 |
+
],
|
239 |
+
'hrefs' => [
|
240 |
+
'options' => $oMod->getUrl_DirectLinkToSection( 'section_realtime' ),
|
241 |
+
'please_enable' => $oMod->getUrl_DirectLinkToSection( 'section_realtime' ),
|
242 |
+
],
|
243 |
+
'vars' => [
|
244 |
+
'file_locks' => [
|
245 |
+
'good' => $aGoodLocks,
|
246 |
+
'bad' => $aProblemLocks,
|
247 |
+
],
|
248 |
+
],
|
249 |
+
'strings' => [
|
250 |
+
'title' => __( 'File Locker', 'wp-simple-firewall' ),
|
251 |
+
'subtitle' => __( 'Results of file locker monitoring', 'wp-simple-firewall' ),
|
252 |
+
'please_select' => __( 'Please select a file to review.', 'wp-simple-firewall' ),
|
253 |
+
],
|
254 |
+
'count' => count( $aProblemLocks )
|
255 |
+
];
|
256 |
+
}
|
257 |
+
|
258 |
/**
|
259 |
* @return array
|
260 |
*/
|
src/processors/hackprotect_integrity.php
CHANGED
@@ -10,14 +10,9 @@ class ICWP_WPSF_Processor_HackProtect_Integrity extends ShieldProcessor {
|
|
10 |
*/
|
11 |
public function run() {
|
12 |
$this->setupSnapshots();
|
13 |
-
|
14 |
-
|
15 |
-
|
16 |
-
if ( $oMod->isIcUsersEnabled() ) {
|
17 |
-
add_action( 'user_register', [ $this, 'snapshotUsers' ] );
|
18 |
-
add_action( 'profile_update', [ $this, 'snapshotUsers' ] );
|
19 |
-
add_action( 'after_password_reset', [ $this, 'snapshotUsers' ] );
|
20 |
-
}
|
21 |
}
|
22 |
|
23 |
/**
|
@@ -47,12 +42,6 @@ class ICWP_WPSF_Processor_HackProtect_Integrity extends ShieldProcessor {
|
|
47 |
}
|
48 |
|
49 |
protected function verifyUsers() {
|
50 |
-
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
51 |
-
$oMod = $this->getMod();
|
52 |
-
if ( !$oMod->isIcUsersEnabled() ) {
|
53 |
-
return;
|
54 |
-
}
|
55 |
-
|
56 |
$aSnapshot = $this->getSnapshotUsers();
|
57 |
$aFieldsToCheck = $this->getStandardUserFields();
|
58 |
|
@@ -113,10 +102,8 @@ class ICWP_WPSF_Processor_HackProtect_Integrity extends ShieldProcessor {
|
|
113 |
* @return $this
|
114 |
*/
|
115 |
public function snapshotUsers( $bUpdate = false ) {
|
116 |
-
/** @var ICWP_WPSF_FeatureHandler_HackProtect $oFO */
|
117 |
-
$oFO = $this->getMod();
|
118 |
|
119 |
-
if ( $
|
120 |
|
121 |
$aUsersToStore = [];
|
122 |
$aFields = $this->getStandardUserFields();
|
@@ -128,7 +115,7 @@ class ICWP_WPSF_Processor_HackProtect_Integrity extends ShieldProcessor {
|
|
128 |
}
|
129 |
$aUsersToStore[ $oUser->ID ] = $aUserData;
|
130 |
}
|
131 |
-
|
132 |
}
|
133 |
return $this;
|
134 |
}
|
10 |
*/
|
11 |
public function run() {
|
12 |
$this->setupSnapshots();
|
13 |
+
add_action( 'user_register', [ $this, 'snapshotUsers' ] );
|
14 |
+
add_action( 'profile_update', [ $this, 'snapshotUsers' ] );
|
15 |
+
add_action( 'after_password_reset', [ $this, 'snapshotUsers' ] );
|
|
|
|
|
|
|
|
|
|
|
16 |
}
|
17 |
|
18 |
/**
|
42 |
}
|
43 |
|
44 |
protected function verifyUsers() {
|
|
|
|
|
|
|
|
|
|
|
|
|
45 |
$aSnapshot = $this->getSnapshotUsers();
|
46 |
$aFieldsToCheck = $this->getStandardUserFields();
|
47 |
|
102 |
* @return $this
|
103 |
*/
|
104 |
public function snapshotUsers( $bUpdate = false ) {
|
|
|
|
|
105 |
|
106 |
+
if ( $bUpdate || !$this->hasSnapshotUsers() ) {
|
107 |
|
108 |
$aUsersToStore = [];
|
109 |
$aFields = $this->getStandardUserFields();
|
115 |
}
|
116 |
$aUsersToStore[ $oUser->ID ] = $aUserData;
|
117 |
}
|
118 |
+
// store snapshot users
|
119 |
}
|
120 |
return $this;
|
121 |
}
|
src/processors/hackprotect_realtime.php
DELETED
@@ -1,57 +0,0 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
use FernleafSystems\Wordpress\Plugin\Shield;
|
4 |
-
use FernleafSystems\Wordpress\Services\Services;
|
5 |
-
|
6 |
-
class ICWP_WPSF_Processor_HackProtect_Realtime extends Shield\Modules\BaseShield\ShieldProcessor {
|
7 |
-
|
8 |
-
/**
|
9 |
-
*/
|
10 |
-
public function run() {
|
11 |
-
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
12 |
-
$oMod = $this->getMod();
|
13 |
-
|
14 |
-
if ( $oMod->isRtEnabledWpConfig() ) {
|
15 |
-
$this->runWpConfig();
|
16 |
-
}
|
17 |
-
}
|
18 |
-
|
19 |
-
private function runWpConfig() {
|
20 |
-
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
21 |
-
$oMod = $this->getMod();
|
22 |
-
$oProc = new Shield\Scans\Realtime\Files\Process();
|
23 |
-
|
24 |
-
$oModPlugin = $this->getCon()->getModule_Plugin();
|
25 |
-
$oProc->priv_key = $oModPlugin->getOpenSslPrivateKey();
|
26 |
-
$oProc->original_path = Services::WpGeneral()->getPath_WpConfig();
|
27 |
-
$oProc->original_path_hash = $oMod->getRtFileHash( $oProc->original_path );
|
28 |
-
$oProc->backup_file = $oMod->getRtFileBackupName( $oProc->original_path );
|
29 |
-
$oProc->backup_dir = $this->getCon()->getPath_PluginCache();
|
30 |
-
|
31 |
-
// This is going to create the new backup file
|
32 |
-
$bNeedStoreHashAndPath = empty( $oProc->backup_file );
|
33 |
-
try {
|
34 |
-
if ( $oProc->run() && $bNeedStoreHashAndPath ) {
|
35 |
-
$oProc->backup_file = $oMod->setRtFileBackupName( $oProc->original_path, $oProc->backup_file );
|
36 |
-
$oProc->original_path_hash = $oMod->setRtFileHash( $oProc->original_path, $oProc->original_path_hash );
|
37 |
-
}
|
38 |
-
}
|
39 |
-
catch ( \Exception $oE ) {
|
40 |
-
$this->handleErrorCode( $oE->getCode() );
|
41 |
-
}
|
42 |
-
}
|
43 |
-
|
44 |
-
private function handleErrorCode( $nCode ) {
|
45 |
-
switch ( $nCode ) {
|
46 |
-
|
47 |
-
case 1:
|
48 |
-
break;
|
49 |
-
|
50 |
-
case 2:
|
51 |
-
break;
|
52 |
-
|
53 |
-
default:
|
54 |
-
break;
|
55 |
-
}
|
56 |
-
}
|
57 |
-
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
src/processors/hackprotect_scan_apc.php
CHANGED
@@ -1,79 +1,8 @@
|
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
4 |
-
use FernleafSystems\Wordpress\Plugin\Shield\Scans\Apc;
|
5 |
-
use FernleafSystems\Wordpress\Services\Services;
|
6 |
|
7 |
class ICWP_WPSF_Processor_HackProtect_Apc extends ICWP_WPSF_Processor_ScanBase {
|
8 |
|
9 |
const SCAN_SLUG = 'apc';
|
10 |
-
|
11 |
-
/**
|
12 |
-
* @param Apc\ResultsSet $oRes
|
13 |
-
* @return bool - true if user notified
|
14 |
-
*/
|
15 |
-
protected function runCronUserNotify( $oRes ) {
|
16 |
-
/** @var ICWP_WPSF_FeatureHandler_HackProtect $oFO */
|
17 |
-
$oFO = $this->getMod();
|
18 |
-
$bSend = $oFO->isApcSendEmail();
|
19 |
-
if ( $bSend ) {
|
20 |
-
$this->emailResults( $oRes );
|
21 |
-
}
|
22 |
-
return $bSend;
|
23 |
-
}
|
24 |
-
|
25 |
-
/**
|
26 |
-
* @param Apc\ResultsSet $oRes
|
27 |
-
*/
|
28 |
-
protected function emailResults( $oRes ) {
|
29 |
-
/** @var ICWP_WPSF_FeatureHandler_HackProtect $oFO */
|
30 |
-
$oFO = $this->getMod();
|
31 |
-
$oWpPlugins = Services::WpPlugins();
|
32 |
-
$oWpThemes = Services::WpThemes();
|
33 |
-
$oWp = Services::WpGeneral();
|
34 |
-
$oCon = $this->getCon();
|
35 |
-
|
36 |
-
$aContent = [
|
37 |
-
sprintf( __( '%s has detected abandoned plugins installed on your site.', 'wp-simple-firewall' ), $oCon->getHumanName() ),
|
38 |
-
__( "Running code that hasn't seen any updates for over 2 years is far from ideal.", 'wp-simple-firewall' ),
|
39 |
-
__( 'Details for the items(s) are below:', 'wp-simple-firewall' ),
|
40 |
-
'',
|
41 |
-
];
|
42 |
-
|
43 |
-
/** @var Apc\ResultItem $oItem */
|
44 |
-
foreach ( $oRes->getItems() as $oItem ) {
|
45 |
-
|
46 |
-
if ( $oItem->context == 'plugins' ) {
|
47 |
-
$oPlug = $oWpPlugins->getPluginAsVo( $oItem->slug );
|
48 |
-
$sName = sprintf( '%s - %s', __( 'Plugin', 'wp-simple-firewall' ), empty( $oPlug ) ? 'Unknown' : $oPlug->Name );
|
49 |
-
}
|
50 |
-
else {
|
51 |
-
$sName = sprintf( '%s - %s', __( 'Theme', 'wp-simple-firewall' ), $oWpThemes->getTheme( $oItem->slug ) );
|
52 |
-
}
|
53 |
-
|
54 |
-
$aContent[] = implode( "<br />", [
|
55 |
-
sprintf( '%s: %s', __( 'Item', 'wp-simple-firewall' ), $sName ),
|
56 |
-
'- '.sprintf( __( 'Last Updated: %s', 'wp-simple-firewall' ), $oWp->getTimeStringForDisplay( $oItem->last_updated_at, false ) ),
|
57 |
-
'',
|
58 |
-
] );
|
59 |
-
}
|
60 |
-
|
61 |
-
$aContent[] = $this->getScannerButtonForEmail();
|
62 |
-
$aContent[] = '';
|
63 |
-
|
64 |
-
$sSubject = sprintf( '%s - %s', __( 'Warning', 'wp-simple-firewall' ), __( 'Abandoned Plugin(s) Discovered On Your Site.', 'wp-simple-firewall' ) );
|
65 |
-
$sTo = $oFO->getPluginDefaultRecipientAddress();
|
66 |
-
$this->getEmailProcessor()
|
67 |
-
->sendEmailWithWrap( $sTo, $sSubject, $aContent );
|
68 |
-
|
69 |
-
$this->getCon()->fireEvent(
|
70 |
-
'apc_alert_sent',
|
71 |
-
[
|
72 |
-
'audit' => [
|
73 |
-
'to' => $sTo,
|
74 |
-
'via' => 'email',
|
75 |
-
]
|
76 |
-
]
|
77 |
-
);
|
78 |
-
}
|
79 |
}
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
|
|
|
|
4 |
|
5 |
class ICWP_WPSF_Processor_HackProtect_Apc extends ICWP_WPSF_Processor_ScanBase {
|
6 |
|
7 |
const SCAN_SLUG = 'apc';
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
8 |
}
|
src/processors/hackprotect_scan_base.php
CHANGED
@@ -15,7 +15,7 @@ abstract class ICWP_WPSF_Processor_ScanBase extends Shield\Modules\BaseShield\Sh
|
|
15 |
function () {
|
16 |
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
17 |
$oMod = $this->getMod();
|
18 |
-
$oMod->
|
19 |
->startScans( [ $this->getThisScanCon()->getSlug() ] );
|
20 |
}
|
21 |
);
|
@@ -45,48 +45,26 @@ abstract class ICWP_WPSF_Processor_ScanBase extends Shield\Modules\BaseShield\Sh
|
|
45 |
}
|
46 |
|
47 |
/**
|
48 |
-
*
|
49 |
-
* only for items that have not been notified recently.
|
50 |
*/
|
51 |
-
|
52 |
-
|
53 |
-
$
|
54 |
-
|
55 |
-
|
56 |
|
57 |
-
|
58 |
-
|
59 |
-
|
60 |
-
|
61 |
}
|
62 |
|
63 |
/**
|
64 |
* @param Shield\Scans\Base\BaseResultsSet $oRes
|
65 |
* @return bool - true if user notified
|
|
|
66 |
*/
|
67 |
protected function runCronUserNotify( $oRes ) {
|
68 |
return false;
|
69 |
}
|
70 |
-
|
71 |
-
/**
|
72 |
-
* @return string
|
73 |
-
*/
|
74 |
-
protected function getScannerButtonForEmail() {
|
75 |
-
/** @var ICWP_WPSF_FeatureHandler_HackProtect $oFO */
|
76 |
-
$oFO = $this->getMod();
|
77 |
-
return sprintf( '<a href="%s" target="_blank" style="%s">%s →</a>',
|
78 |
-
$oFO->getUrlManualScan(),
|
79 |
-
'border:2px solid #e66900;padding:20px;line-height:19px;margin:15px 20px 10px;display:inline-block;text-align:center;width:200px;font-size:18px;color: #e66900;border-radius:3px;',
|
80 |
-
__( 'Run Scanner', 'wp-simple-firewall' )
|
81 |
-
);
|
82 |
-
}
|
83 |
-
|
84 |
-
/**
|
85 |
-
* @return HackGuard\Scan\Controller\Base|mixed
|
86 |
-
*/
|
87 |
-
protected function getThisScanCon() {
|
88 |
-
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
89 |
-
$oMod = $this->getMod();
|
90 |
-
return $oMod->getScanCon( static::SCAN_SLUG );
|
91 |
-
}
|
92 |
}
|
15 |
function () {
|
16 |
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
17 |
$oMod = $this->getMod();
|
18 |
+
$oMod->getScanQueueController()
|
19 |
->startScans( [ $this->getThisScanCon()->getSlug() ] );
|
20 |
}
|
21 |
);
|
45 |
}
|
46 |
|
47 |
/**
|
48 |
+
* @return HackGuard\Scan\Controller\Base|mixed
|
|
|
49 |
*/
|
50 |
+
protected function getThisScanCon() {
|
51 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
52 |
+
$oMod = $this->getMod();
|
53 |
+
return $oMod->getScanCon( static::SCAN_SLUG );
|
54 |
+
}
|
55 |
|
56 |
+
/**
|
57 |
+
* @deprecated 9.0
|
58 |
+
*/
|
59 |
+
public function cronProcessScanResults() {
|
60 |
}
|
61 |
|
62 |
/**
|
63 |
* @param Shield\Scans\Base\BaseResultsSet $oRes
|
64 |
* @return bool - true if user notified
|
65 |
+
* @deprecated 9.0
|
66 |
*/
|
67 |
protected function runCronUserNotify( $oRes ) {
|
68 |
return false;
|
69 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
70 |
}
|
src/processors/hackprotect_scan_mal.php
CHANGED
@@ -1,105 +1,8 @@
|
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
4 |
-
use FernleafSystems\Wordpress\Services\Services;
|
5 |
|
6 |
class ICWP_WPSF_Processor_HackProtect_Mal extends ICWP_WPSF_Processor_ScanBase {
|
7 |
|
8 |
const SCAN_SLUG = 'mal';
|
9 |
-
|
10 |
-
/**
|
11 |
-
* @param Shield\Scans\Mal\ResultsSet $oRes
|
12 |
-
* @return bool
|
13 |
-
*/
|
14 |
-
protected function runCronUserNotify( $oRes ) {
|
15 |
-
$this->emailResults( $oRes );
|
16 |
-
return true;
|
17 |
-
}
|
18 |
-
|
19 |
-
/**
|
20 |
-
* @param Shield\Scans\Mal\ResultsSet $oResults
|
21 |
-
*/
|
22 |
-
protected function emailResults( $oResults ) {
|
23 |
-
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
24 |
-
$oMod = $this->getMod();
|
25 |
-
|
26 |
-
$sTo = $oMod->getPluginDefaultRecipientAddress();
|
27 |
-
$this->getEmailProcessor()
|
28 |
-
->sendEmailWithWrap(
|
29 |
-
$sTo,
|
30 |
-
sprintf( '%s - %s', __( 'Warning', 'wp-simple-firewall' ), __( 'Potential Malware Detected', 'wp-simple-firewall' ) ),
|
31 |
-
$this->buildEmailBodyFromFiles( $oResults )
|
32 |
-
);
|
33 |
-
|
34 |
-
$this->getCon()->fireEvent(
|
35 |
-
'mal_alert_sent',
|
36 |
-
[
|
37 |
-
'audit' => [
|
38 |
-
'to' => $sTo,
|
39 |
-
'via' => 'email',
|
40 |
-
]
|
41 |
-
]
|
42 |
-
);
|
43 |
-
}
|
44 |
-
|
45 |
-
/**
|
46 |
-
* @param Shield\Scans\Mal\ResultsSet $oResults
|
47 |
-
* @return array
|
48 |
-
*/
|
49 |
-
private function buildEmailBodyFromFiles( $oResults ) {
|
50 |
-
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
51 |
-
$oMod = $this->getMod();
|
52 |
-
/** @var Shield\Modules\HackGuard\Options $oOpts */
|
53 |
-
$oOpts = $this->getOptions();
|
54 |
-
$sName = $this->getCon()->getHumanName();
|
55 |
-
$sHomeUrl = Services::WpGeneral()->getHomeUrl();
|
56 |
-
|
57 |
-
$aContent = [
|
58 |
-
sprintf( __( "The %s Malware Scanner found files with potential malware.", 'wp-simple-firewall' ), $sName ),
|
59 |
-
sprintf( '%s: %s', __( 'Important', 'wp-simple-firewall' ),
|
60 |
-
__( "You must examine the file(s) carefully to determine whether suspicious code is really present.", 'wp-simple-firewall' ) ),
|
61 |
-
sprintf( __( "The %s Malware Scanner searches for common malware patterns and so false positives (detection errors) are to be expected sometimes.", 'wp-simple-firewall' ), $sName ),
|
62 |
-
sprintf( '%s: %s', __( 'Site URL', 'wp-simple-firewall' ), sprintf( '<a href="%s" target="_blank">%s</a>', $sHomeUrl, $sHomeUrl ) ),
|
63 |
-
];
|
64 |
-
|
65 |
-
if ( $oOpts->isMalAutoRepair() || $oMod->isIncludeFileLists() ) {
|
66 |
-
$aContent = array_merge( $aContent, $this->buildListOfFilesForEmail( $oResults ) );
|
67 |
-
$aContent[] = '';
|
68 |
-
|
69 |
-
if ( $oOpts->isMalAutoRepair() ) {
|
70 |
-
$aContent[] = '<strong>'.sprintf( __( "%s has already attempted to repair the files.", 'wp-simple-firewall' ), $sName ).'</strong>'
|
71 |
-
.' '.__( 'But, you should always check these files to ensure everything is as you expect.', 'wp-simple-firewall' );
|
72 |
-
}
|
73 |
-
else {
|
74 |
-
$aContent[] = __( 'You should review these files and replace them with official versions if required.', 'wp-simple-firewall' );
|
75 |
-
$aContent[] = __( 'Alternatively you can have the plugin attempt to repair/replace these files automatically.', 'wp-simple-firewall' )
|
76 |
-
.' [<a href="https://shsec.io/g2">'.__( 'More Info', 'wp-simple-firewall' ).'</a>]';
|
77 |
-
}
|
78 |
-
}
|
79 |
-
|
80 |
-
$aContent[] = '';
|
81 |
-
$aContent[] = __( 'We recommend you run the scanner to review your site', 'wp-simple-firewall' ).':';
|
82 |
-
$aContent[] = $this->getScannerButtonForEmail();
|
83 |
-
|
84 |
-
if ( !$this->getCon()->isRelabelled() ) {
|
85 |
-
$aContent[] = '';
|
86 |
-
$aContent[] = '[ <a href="https://shsec.io/moreinfochecksum">'.__( 'More Info On This Scanner', 'wp-simple-firewall' ).'</a> ]';
|
87 |
-
}
|
88 |
-
|
89 |
-
return $aContent;
|
90 |
-
}
|
91 |
-
|
92 |
-
/**
|
93 |
-
* @param Shield\Scans\Mal\ResultsSet $oResult
|
94 |
-
* @return array
|
95 |
-
*/
|
96 |
-
private function buildListOfFilesForEmail( $oResult ) {
|
97 |
-
$aContent = [ '' ];
|
98 |
-
$aContent[] = __( 'The following files contain suspected malware:', 'wp-simple-firewall' );
|
99 |
-
foreach ( $oResult->getAllItems() as $oItem ) {
|
100 |
-
/** @var Shield\Scans\Mal\ResultItem $oItem */
|
101 |
-
$aContent[] = ' - '.$oItem->path_fragment;
|
102 |
-
}
|
103 |
-
return $aContent;
|
104 |
-
}
|
105 |
}
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
|
|
4 |
|
5 |
class ICWP_WPSF_Processor_HackProtect_Mal extends ICWP_WPSF_Processor_ScanBase {
|
6 |
|
7 |
const SCAN_SLUG = 'mal';
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
8 |
}
|
src/processors/hackprotect_scan_ptg.php
CHANGED
@@ -12,10 +12,12 @@ class ICWP_WPSF_Processor_HackProtect_Ptg extends ICWP_WPSF_Processor_ScanBase {
|
|
12 |
*/
|
13 |
public function run() {
|
14 |
parent::run();
|
|
|
|
|
15 |
|
16 |
/** @var HackGuard\Options $oOpts */
|
17 |
$oOpts = $this->getOptions();
|
18 |
-
if ( $oOpts->isPtgReinstallLinks() ) {
|
19 |
add_filter( 'plugin_action_links', [ $this, 'addActionLinkRefresh' ], 50, 2 );
|
20 |
add_action( 'admin_footer', [ $this, 'printPluginReinstallDialogs' ] );
|
21 |
}
|
@@ -99,88 +101,4 @@ class ICWP_WPSF_Processor_HackProtect_Ptg extends ICWP_WPSF_Processor_ScanBase {
|
|
99 |
true
|
100 |
);
|
101 |
}
|
102 |
-
|
103 |
-
/**
|
104 |
-
* @param Shield\Scans\Ptg\ResultsSet $oRes
|
105 |
-
* @return bool
|
106 |
-
*/
|
107 |
-
protected function runCronUserNotify( $oRes ) {
|
108 |
-
$this->emailResults( $oRes );
|
109 |
-
return true;
|
110 |
-
}
|
111 |
-
|
112 |
-
/**
|
113 |
-
* @param Shield\Scans\Ptg\ResultsSet $oRes
|
114 |
-
*/
|
115 |
-
protected function emailResults( $oRes ) {
|
116 |
-
/** @var ICWP_WPSF_FeatureHandler_HackProtect $oFO */
|
117 |
-
$oFO = $this->getMod();
|
118 |
-
$oWpPlugins = Services\Services::WpPlugins();
|
119 |
-
$oWpThemes = Services\Services::WpThemes();
|
120 |
-
|
121 |
-
$aAllPlugins = [];
|
122 |
-
foreach ( $oRes->getResultsForPluginsContext()->getUniqueSlugs() as $sBaseFile ) {
|
123 |
-
$oP = $oWpPlugins->getPluginAsVo( $sBaseFile );
|
124 |
-
if ( !empty( $oP ) ) {
|
125 |
-
$sVersion = empty( $oP->Version ) ? '' : ': v'.ltrim( $oP->Version, 'v' );
|
126 |
-
$aAllPlugins[] = sprintf( '%s%s', $oP->Name, $sVersion );
|
127 |
-
}
|
128 |
-
}
|
129 |
-
|
130 |
-
$aAllThemes = [];
|
131 |
-
foreach ( $oRes->getResultsForThemesContext()->getUniqueSlugs() as $sBaseFile ) {
|
132 |
-
$oTheme = $oWpThemes->getTheme( $sBaseFile );
|
133 |
-
if ( !empty( $oTheme ) ) {
|
134 |
-
$sVersion = empty( $oTheme->version ) ? '' : ': v'.ltrim( $oTheme->version, 'v' );
|
135 |
-
$aAllThemes[] = sprintf( '%s%s', $oTheme->get( 'Name' ), $sVersion );
|
136 |
-
}
|
137 |
-
}
|
138 |
-
|
139 |
-
$sName = $this->getCon()->getHumanName();
|
140 |
-
$sHomeUrl = Services\Services::WpGeneral()->getHomeUrl();
|
141 |
-
|
142 |
-
$aContent = [
|
143 |
-
sprintf( __( '%s has detected at least 1 Plugins/Themes have been modified on your site.', 'wp-simple-firewall' ), $sName ),
|
144 |
-
'',
|
145 |
-
sprintf( '<strong>%s</strong>', __( 'You will receive only 1 email notification about these changes in a 1 week period.', 'wp-simple-firewall' ) ),
|
146 |
-
'',
|
147 |
-
sprintf( '%s: %s', __( 'Site URL', 'wp-simple-firewall' ), sprintf( '<a href="%s" target="_blank">%s</a>', $sHomeUrl, $sHomeUrl ) ),
|
148 |
-
'',
|
149 |
-
__( 'Details of the problem items are below:', 'wp-simple-firewall' ),
|
150 |
-
];
|
151 |
-
|
152 |
-
if ( !empty( $aAllPlugins ) ) {
|
153 |
-
$aContent[] = '';
|
154 |
-
$aContent[] = sprintf( '<strong>%s</strong>', __( 'Modified Plugins:', 'wp-simple-firewall' ) );
|
155 |
-
foreach ( $aAllPlugins as $sPlugins ) {
|
156 |
-
$aContent[] = ' - '.$sPlugins;
|
157 |
-
}
|
158 |
-
}
|
159 |
-
|
160 |
-
if ( !empty( $aAllThemes ) ) {
|
161 |
-
$aContent[] = '';
|
162 |
-
$aContent[] = sprintf( '<strong>%s</strong>', __( 'Modified Themes:', 'wp-simple-firewall' ) );
|
163 |
-
foreach ( $aAllThemes as $sTheme ) {
|
164 |
-
$aContent[] = ' - '.$sTheme;
|
165 |
-
}
|
166 |
-
}
|
167 |
-
|
168 |
-
$aContent[] = $this->getScannerButtonForEmail();
|
169 |
-
$aContent[] = '';
|
170 |
-
|
171 |
-
$sTo = $oFO->getPluginDefaultRecipientAddress();
|
172 |
-
$sEmailSubject = sprintf( '%s - %s', __( 'Warning', 'wp-simple-firewall' ), __( 'Plugins/Themes Have Been Altered', 'wp-simple-firewall' ) );
|
173 |
-
$this->getEmailProcessor()
|
174 |
-
->sendEmailWithWrap( $sTo, $sEmailSubject, $aContent );
|
175 |
-
|
176 |
-
$this->getCon()->fireEvent(
|
177 |
-
'ptg_alert_sent',
|
178 |
-
[
|
179 |
-
'audit' => [
|
180 |
-
'to' => $sTo,
|
181 |
-
'via' => 'email',
|
182 |
-
]
|
183 |
-
]
|
184 |
-
);
|
185 |
-
}
|
186 |
}
|
12 |
*/
|
13 |
public function run() {
|
14 |
parent::run();
|
15 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
16 |
+
$oMod = $this->getMod();
|
17 |
|
18 |
/** @var HackGuard\Options $oOpts */
|
19 |
$oOpts = $this->getOptions();
|
20 |
+
if ( $oMod->getScanCon( 'ptg' )->isEnabled() && $oOpts->isPtgReinstallLinks() ) {
|
21 |
add_filter( 'plugin_action_links', [ $this, 'addActionLinkRefresh' ], 50, 2 );
|
22 |
add_action( 'admin_footer', [ $this, 'printPluginReinstallDialogs' ] );
|
23 |
}
|
101 |
true
|
102 |
);
|
103 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
104 |
}
|
src/processors/hackprotect_scan_ufc.php
CHANGED
@@ -1,93 +1,8 @@
|
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
4 |
-
use FernleafSystems\Wordpress\Services\Services;
|
5 |
|
6 |
class ICWP_WPSF_Processor_HackProtect_Ufc extends ICWP_WPSF_Processor_ScanBase {
|
7 |
|
8 |
const SCAN_SLUG = 'ufc';
|
9 |
-
|
10 |
-
/**
|
11 |
-
* @param Shield\Scans\Ufc\ResultsSet $oRes
|
12 |
-
* @return bool - true if user notified
|
13 |
-
*/
|
14 |
-
protected function runCronUserNotify( $oRes ) {
|
15 |
-
/** @var Shield\Modules\HackGuard\Options $oOpts */
|
16 |
-
$oOpts = $this->getOptions();
|
17 |
-
$bSend = $oOpts->isUfcSendReport();
|
18 |
-
if ( $bSend ) {
|
19 |
-
$this->emailResults( $oRes );
|
20 |
-
}
|
21 |
-
return $bSend;
|
22 |
-
}
|
23 |
-
|
24 |
-
/**
|
25 |
-
* @param Shield\Scans\Ufc\ResultsSet $oRes
|
26 |
-
*/
|
27 |
-
protected function emailResults( $oRes ) {
|
28 |
-
/** @var ICWP_WPSF_FeatureHandler_HackProtect $oFO */
|
29 |
-
$oFO = $this->getMod();
|
30 |
-
|
31 |
-
$sTo = $oFO->getPluginDefaultRecipientAddress();
|
32 |
-
$this->getEmailProcessor()
|
33 |
-
->sendEmailWithWrap(
|
34 |
-
$sTo,
|
35 |
-
sprintf( '%s - %s', __( 'Warning', 'wp-simple-firewall' ), __( 'Unrecognised WordPress Files Detected', 'wp-simple-firewall' ) ),
|
36 |
-
$this->buildEmailBodyFromFiles( $oRes->getItemsPathsFull() )
|
37 |
-
);
|
38 |
-
|
39 |
-
$this->getCon()->fireEvent(
|
40 |
-
'ufc_alert_sent',
|
41 |
-
[
|
42 |
-
'audit' => [
|
43 |
-
'to' => $sTo,
|
44 |
-
'via' => 'email',
|
45 |
-
]
|
46 |
-
]
|
47 |
-
);
|
48 |
-
}
|
49 |
-
|
50 |
-
/**
|
51 |
-
* The newer approach is to only enumerate files if they were deleted
|
52 |
-
* @param string[] $aFiles
|
53 |
-
* @return string[]
|
54 |
-
*/
|
55 |
-
private function buildEmailBodyFromFiles( $aFiles ) {
|
56 |
-
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
57 |
-
$oMod = $this->getMod();
|
58 |
-
/** @var Shield\Modules\HackGuard\Options $oOpts */
|
59 |
-
$oOpts = $this->getOptions();
|
60 |
-
$oCon = $this->getCon();
|
61 |
-
$sName = $oCon->getHumanName();
|
62 |
-
$sHomeUrl = Services::WpGeneral()->getHomeUrl();
|
63 |
-
|
64 |
-
$aContent = [
|
65 |
-
sprintf( __( 'The %s Unrecognised File Scanner found files which you need to review.', 'wp-simple-firewall' ), $sName ),
|
66 |
-
'',
|
67 |
-
sprintf( '%s: %s', __( 'Site URL', 'wp-simple-firewall' ), sprintf( '<a href="%s" target="_blank">%s</a>', $sHomeUrl, $sHomeUrl ) ),
|
68 |
-
];
|
69 |
-
|
70 |
-
if ( $oOpts->isUfcDeleteFiles() || $oMod->isIncludeFileLists() ) {
|
71 |
-
$aContent[] = __( 'Files discovered', 'wp-simple-firewall' ).':';
|
72 |
-
foreach ( $aFiles as $sFile ) {
|
73 |
-
$aContent[] = ' - '.$sFile;
|
74 |
-
}
|
75 |
-
$aContent[] = '';
|
76 |
-
|
77 |
-
if ( $oOpts->isUfcDeleteFiles() ) {
|
78 |
-
$aContent[] = sprintf( __( '%s has attempted to delete these files based on your current settings.', 'wp-simple-firewall' ), $sName );
|
79 |
-
$aContent[] = '';
|
80 |
-
}
|
81 |
-
}
|
82 |
-
|
83 |
-
$aContent[] = __( 'We recommend you run the scanner to review your site', 'wp-simple-firewall' ).':';
|
84 |
-
$aContent[] = $this->getScannerButtonForEmail();
|
85 |
-
$aContent[] = '';
|
86 |
-
|
87 |
-
if ( !$oCon->isRelabelled() ) {
|
88 |
-
$aContent[] = sprintf( '[ <a href="https://shsec.io/moreinfoufc">%s</a> ]', __( 'More Info On This Scanner', 'wp-simple-firewall' ) );
|
89 |
-
}
|
90 |
-
|
91 |
-
return $aContent;
|
92 |
-
}
|
93 |
}
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
|
|
4 |
|
5 |
class ICWP_WPSF_Processor_HackProtect_Ufc extends ICWP_WPSF_Processor_ScanBase {
|
6 |
|
7 |
const SCAN_SLUG = 'ufc';
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
8 |
}
|
src/processors/hackprotect_scan_wcf.php
CHANGED
@@ -1,113 +1,8 @@
|
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
4 |
-
use FernleafSystems\Wordpress\Plugin\Shield\Scans\Wcf;
|
5 |
-
use FernleafSystems\Wordpress\Services\Services;
|
6 |
|
7 |
class ICWP_WPSF_Processor_HackProtect_Wcf extends ICWP_WPSF_Processor_ScanBase {
|
8 |
|
9 |
const SCAN_SLUG = 'wcf';
|
10 |
-
|
11 |
-
/**
|
12 |
-
* @param Shield\Scans\Wcf\ResultsSet $oRes
|
13 |
-
* @return bool
|
14 |
-
*/
|
15 |
-
protected function runCronUserNotify( $oRes ) {
|
16 |
-
$this->emailResults( $oRes );
|
17 |
-
return true;
|
18 |
-
}
|
19 |
-
|
20 |
-
/**
|
21 |
-
* @param Shield\Scans\Wcf\ResultsSet $oResults
|
22 |
-
*/
|
23 |
-
protected function emailResults( $oResults ) {
|
24 |
-
/** @var ICWP_WPSF_FeatureHandler_HackProtect $oFO */
|
25 |
-
$oFO = $this->getMod();
|
26 |
-
|
27 |
-
$sTo = $oFO->getPluginDefaultRecipientAddress();
|
28 |
-
$this->getEmailProcessor()
|
29 |
-
->sendEmailWithWrap(
|
30 |
-
$sTo,
|
31 |
-
sprintf( '[%s] %s', __( 'Warning', 'wp-simple-firewall' ), __( 'Modified Core WordPress Files Discovered', 'wp-simple-firewall' ) ),
|
32 |
-
$this->buildEmailBodyFromFiles( $oResults )
|
33 |
-
);
|
34 |
-
|
35 |
-
$this->getCon()->fireEvent(
|
36 |
-
'wcf_alert_sent',
|
37 |
-
[
|
38 |
-
'audit' => [
|
39 |
-
'to' => $sTo,
|
40 |
-
'via' => 'email',
|
41 |
-
]
|
42 |
-
]
|
43 |
-
);
|
44 |
-
}
|
45 |
-
|
46 |
-
/**
|
47 |
-
* @param Shield\Scans\Wcf\ResultsSet $oResults
|
48 |
-
* @return array
|
49 |
-
*/
|
50 |
-
private function buildEmailBodyFromFiles( $oResults ) {
|
51 |
-
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
52 |
-
$oMod = $this->getMod();
|
53 |
-
/** @var Shield\Modules\HackGuard\Options $oOpts */
|
54 |
-
$oOpts = $this->getOptions();
|
55 |
-
$sName = $this->getCon()->getHumanName();
|
56 |
-
$sHomeUrl = Services::WpGeneral()->getHomeUrl();
|
57 |
-
|
58 |
-
$aContent = [
|
59 |
-
sprintf( __( "The %s Core File Scanner found files with potential problems.", 'wp-simple-firewall' ), $sName ),
|
60 |
-
sprintf( '%s: %s', __( 'Site URL', 'wp-simple-firewall' ), sprintf( '<a href="%s" target="_blank">%s</a>', $sHomeUrl, $sHomeUrl ) ),
|
61 |
-
];
|
62 |
-
|
63 |
-
if ( $oOpts->isWcfScanAutoRepair() || $oMod->isIncludeFileLists() ) {
|
64 |
-
$aContent = array_merge( $aContent, $this->buildListOfFilesForEmail( $oResults ) );
|
65 |
-
$aContent[] = '';
|
66 |
-
|
67 |
-
if ( $oOpts->isWcfScanAutoRepair() ) {
|
68 |
-
$aContent[] = '<strong>'.sprintf( __( "%s has already attempted to repair the files.", 'wp-simple-firewall' ), $sName ).'</strong>'
|
69 |
-
.' '.__( 'But, you should always check these files to ensure everything is as you expect.', 'wp-simple-firewall' );
|
70 |
-
}
|
71 |
-
else {
|
72 |
-
$aContent[] = __( 'You should review these files and replace them with official versions if required.', 'wp-simple-firewall' );
|
73 |
-
$aContent[] = __( 'Alternatively you can have the plugin attempt to repair/replace these files automatically.', 'wp-simple-firewall' )
|
74 |
-
.' [<a href="https://shsec.io/moreinfochecksum">'.__( 'More Info', 'wp-simple-firewall' ).'</a>]';
|
75 |
-
}
|
76 |
-
}
|
77 |
-
|
78 |
-
$aContent[] = '';
|
79 |
-
$aContent[] = __( 'We recommend you run the scanner to review your site', 'wp-simple-firewall' ).':';
|
80 |
-
$aContent[] = $this->getScannerButtonForEmail();
|
81 |
-
|
82 |
-
if ( !$this->getCon()->isRelabelled() ) {
|
83 |
-
$aContent[] = '';
|
84 |
-
$aContent[] = '[ <a href="https://shsec.io/moreinfochecksum">'.__( 'More Info On This Scanner', 'wp-simple-firewall' ).'</a> ]';
|
85 |
-
}
|
86 |
-
|
87 |
-
return $aContent;
|
88 |
-
}
|
89 |
-
|
90 |
-
/**
|
91 |
-
* @param Shield\Scans\Wcf\ResultsSet $oResult
|
92 |
-
* @return array
|
93 |
-
*/
|
94 |
-
private function buildListOfFilesForEmail( $oResult ) {
|
95 |
-
$aContent = [];
|
96 |
-
|
97 |
-
if ( $oResult->hasChecksumFailed() ) {
|
98 |
-
$aContent[] = '';
|
99 |
-
$aContent[] = __( "The following files have different content:", 'wp-simple-firewall' );
|
100 |
-
foreach ( $oResult->getChecksumFailedPaths() as $sFile ) {
|
101 |
-
$aContent[] = ' - '.$sFile;
|
102 |
-
}
|
103 |
-
}
|
104 |
-
if ( $oResult->hasMissing() ) {
|
105 |
-
$aContent[] = '';
|
106 |
-
$aContent[] = __( 'The following files are missing:', 'wp-simple-firewall' );
|
107 |
-
foreach ( $oResult->getMissingPaths() as $sFile ) {
|
108 |
-
$aContent[] = ' - '.$sFile;
|
109 |
-
}
|
110 |
-
}
|
111 |
-
return $aContent;
|
112 |
-
}
|
113 |
}
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
|
|
|
|
4 |
|
5 |
class ICWP_WPSF_Processor_HackProtect_Wcf extends ICWP_WPSF_Processor_ScanBase {
|
6 |
|
7 |
const SCAN_SLUG = 'wcf';
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
8 |
}
|
src/processors/hackprotect_scan_wpv.php
CHANGED
@@ -31,28 +31,14 @@ class ICWP_WPSF_Processor_HackProtect_Wpv extends ICWP_WPSF_Processor_ScanBase {
|
|
31 |
}
|
32 |
|
33 |
/**
|
34 |
-
* @param
|
35 |
-
* @
|
36 |
-
*/
|
37 |
-
protected function runCronUserNotify( $oRes ) {
|
38 |
-
/** @var Shield\Modules\HackGuard\Options $oOpts */
|
39 |
-
$oOpts = $this->getOptions();
|
40 |
-
$bSend = $oOpts->isOpt( 'enable_wpvuln_scan', 'enabled_email' );
|
41 |
-
if ( $bSend ) {
|
42 |
-
$this->emailResults( $oRes );
|
43 |
-
}
|
44 |
-
return $bSend;
|
45 |
-
}
|
46 |
-
|
47 |
-
/**
|
48 |
-
* @param bool $bDoAutoUpdate
|
49 |
-
* @param StdClass|string $mItem
|
50 |
* @return bool
|
51 |
*/
|
52 |
public function autoupdateVulnerablePlugins( $bDoAutoUpdate, $mItem ) {
|
53 |
$sItemFile = Services::WpGeneral()->getFileFromAutomaticUpdateItem( $mItem );
|
54 |
// TODO Audit.
|
55 |
-
return $bDoAutoUpdate || ( $this->getPluginVulnerabilities( $sItemFile ) > 0
|
56 |
}
|
57 |
|
58 |
/**
|
@@ -67,10 +53,10 @@ class ICWP_WPSF_Processor_HackProtect_Wpv extends ICWP_WPSF_Processor_ScanBase {
|
|
67 |
}
|
68 |
|
69 |
public function addPluginVulnerabilityRows() {
|
70 |
-
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $
|
71 |
-
$
|
72 |
|
73 |
-
if ( $
|
74 |
// These 3 add the 'Vulnerable' plugin status view.
|
75 |
// BUG: when vulnerable is active, only 1 plugin is available to "All" status. don't know fix.
|
76 |
add_action( 'pre_current_active_plugins', [ $this, 'addVulnerablePluginStatusView' ], 1000 );
|
@@ -155,64 +141,6 @@ class ICWP_WPSF_Processor_HackProtect_Wpv extends ICWP_WPSF_Processor_ScanBase {
|
|
155 |
}
|
156 |
}
|
157 |
|
158 |
-
/**
|
159 |
-
* @param Shield\Scans\Wpv\ResultsSet $oRes
|
160 |
-
*/
|
161 |
-
protected function emailResults( $oRes ) {
|
162 |
-
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
163 |
-
$oMod = $this->getMod();
|
164 |
-
$oWpPlugins = Services::WpPlugins();
|
165 |
-
$oWpThemes = Services::WpThemes();
|
166 |
-
$oCon = $this->getCon();
|
167 |
-
|
168 |
-
$aContent = [
|
169 |
-
sprintf( __( '%s has detected items with known security vulnerabilities.', 'wp-simple-firewall' ), $oCon->getHumanName() ),
|
170 |
-
__( 'You should update or remove these items at your earliest convenience.', 'wp-simple-firewall' ),
|
171 |
-
__( 'Details for the items(s) are below:', 'wp-simple-firewall' ),
|
172 |
-
'',
|
173 |
-
];
|
174 |
-
|
175 |
-
/** @var Shield\Scans\Wpv\ResultItem $oItem */
|
176 |
-
foreach ( $oRes->getItems() as $oItem ) {
|
177 |
-
|
178 |
-
if ( $oItem->context == 'plugins' ) {
|
179 |
-
$aPlugin = $oWpPlugins->getPlugin( $oItem->slug );
|
180 |
-
$sName = sprintf( '%s - %s', __( 'Plugin', 'wp-simple-firewall' ), empty( $aPlugin ) ? 'Unknown' : $aPlugin[ 'Name' ] );
|
181 |
-
}
|
182 |
-
else {
|
183 |
-
$sName = sprintf( '%s - %s', __( 'Theme', 'wp-simple-firewall' ), $oWpThemes->getCurrentThemeName() );
|
184 |
-
}
|
185 |
-
|
186 |
-
$oVuln = $oItem->getWpVulnVo();
|
187 |
-
$aContent[] = implode( "<br />", [
|
188 |
-
sprintf( '%s: %s', __( 'Item', 'wp-simple-firewall' ), $sName ),
|
189 |
-
'- '.sprintf( __( 'Vulnerability Title: %s', 'wp-simple-firewall' ), $oVuln->title ),
|
190 |
-
'- '.sprintf( __( 'Vulnerability Type: %s', 'wp-simple-firewall' ), $oVuln->vuln_type ),
|
191 |
-
'- '.sprintf( __( 'Fixed Version: %s', 'wp-simple-firewall' ), $oVuln->fixed_in ),
|
192 |
-
'- '.sprintf( __( 'Further Information: %s', 'wp-simple-firewall' ), $oVuln->getUrl() ),
|
193 |
-
'',
|
194 |
-
] );
|
195 |
-
}
|
196 |
-
|
197 |
-
$aContent[] = $this->getScannerButtonForEmail();
|
198 |
-
$aContent[] = '';
|
199 |
-
|
200 |
-
$sSubject = sprintf( '%s - %s', __( 'Warning', 'wp-simple-firewall' ), __( 'Plugin(s) Discovered With Known Security Vulnerabilities.', 'wp-simple-firewall' ) );
|
201 |
-
$sTo = $oMod->getPluginDefaultRecipientAddress();
|
202 |
-
$this->getEmailProcessor()
|
203 |
-
->sendEmailWithWrap( $sTo, $sSubject, $aContent );
|
204 |
-
|
205 |
-
$this->getCon()->fireEvent(
|
206 |
-
'wpv_alert_sent',
|
207 |
-
[
|
208 |
-
'audit' => [
|
209 |
-
'to' => $sTo,
|
210 |
-
'via' => 'email',
|
211 |
-
]
|
212 |
-
]
|
213 |
-
);
|
214 |
-
}
|
215 |
-
|
216 |
/**
|
217 |
* @param string $sFile
|
218 |
* @return Shield\Scans\Wpv\WpVulnDb\WpVulnVO[]
|
@@ -222,7 +150,6 @@ class ICWP_WPSF_Processor_HackProtect_Wpv extends ICWP_WPSF_Processor_ScanBase {
|
|
222 |
$oVulnerableRes = $this->getThisScanCon()->getAllResults();
|
223 |
return array_map(
|
224 |
function ( $oItem ) {
|
225 |
-
/** @var Shield\Scans\Wpv\ResultItem $oItem */
|
226 |
return $oItem->getWpVulnVo();
|
227 |
},
|
228 |
$oVulnerableRes->getItemsForSlug( $sFile )
|
31 |
}
|
32 |
|
33 |
/**
|
34 |
+
* @param bool $bDoAutoUpdate
|
35 |
+
* @param \stdClass|string $mItem
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
36 |
* @return bool
|
37 |
*/
|
38 |
public function autoupdateVulnerablePlugins( $bDoAutoUpdate, $mItem ) {
|
39 |
$sItemFile = Services::WpGeneral()->getFileFromAutomaticUpdateItem( $mItem );
|
40 |
// TODO Audit.
|
41 |
+
return $bDoAutoUpdate || count( $this->getPluginVulnerabilities( $sItemFile ) ) > 0;
|
42 |
}
|
43 |
|
44 |
/**
|
53 |
}
|
54 |
|
55 |
public function addPluginVulnerabilityRows() {
|
56 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
57 |
+
$oMod = $this->getMod();
|
58 |
|
59 |
+
if ( $oMod->isWpvulnPluginsHighlightEnabled() && $this->countVulnerablePlugins() > 0 ) {
|
60 |
// These 3 add the 'Vulnerable' plugin status view.
|
61 |
// BUG: when vulnerable is active, only 1 plugin is available to "All" status. don't know fix.
|
62 |
add_action( 'pre_current_active_plugins', [ $this, 'addVulnerablePluginStatusView' ], 1000 );
|
141 |
}
|
142 |
}
|
143 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
144 |
/**
|
145 |
* @param string $sFile
|
146 |
* @return Shield\Scans\Wpv\WpVulnDb\WpVulnVO[]
|
150 |
$oVulnerableRes = $this->getThisScanCon()->getAllResults();
|
151 |
return array_map(
|
152 |
function ( $oItem ) {
|
|
|
153 |
return $oItem->getWpVulnVo();
|
154 |
},
|
155 |
$oVulnerableRes->getItemsForSlug( $sFile )
|
src/processors/hackprotect_scanner.php
CHANGED
@@ -9,8 +9,6 @@ class ICWP_WPSF_Processor_HackProtect_Scanner extends ShieldProcessor {
|
|
9 |
|
10 |
use Shield\Crons\StandardCron;
|
11 |
|
12 |
-
/**
|
13 |
-
*/
|
14 |
public function run() {
|
15 |
$this->getSubPro( 'apc' )->execute();
|
16 |
$this->getSubPro( 'ufc' )->execute();
|
@@ -25,19 +23,7 @@ class ICWP_WPSF_Processor_HackProtect_Scanner extends ShieldProcessor {
|
|
25 |
}
|
26 |
|
27 |
/**
|
28 |
-
|
29 |
-
public function deactivatePlugin() {
|
30 |
-
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
31 |
-
$oMod = $this->getMod();
|
32 |
-
/** @var HackGuard\Options $oOpts */
|
33 |
-
$oOpts = $this->getOptions();
|
34 |
-
foreach ( $oOpts->getScanSlugs() as $sSlug ) {
|
35 |
-
$oMod->getScanCon( $sSlug )->purge();
|
36 |
-
}
|
37 |
-
}
|
38 |
-
|
39 |
-
/**
|
40 |
-
* @return ICWP_WPSF_Processor_HackProtect_Ptg
|
41 |
*/
|
42 |
public function getSubProcessorPtg() {
|
43 |
return $this->getSubPro( 'ptg' );
|
@@ -49,7 +35,6 @@ class ICWP_WPSF_Processor_HackProtect_Scanner extends ShieldProcessor {
|
|
49 |
protected function getSubProMap() {
|
50 |
return [
|
51 |
'apc' => 'ICWP_WPSF_Processor_HackProtect_Apc',
|
52 |
-
'int' => 'ICWP_WPSF_Processor_HackProtect_Integrity',
|
53 |
'mal' => 'ICWP_WPSF_Processor_HackProtect_Mal',
|
54 |
'ptg' => 'ICWP_WPSF_Processor_HackProtect_Ptg',
|
55 |
'ufc' => 'ICWP_WPSF_Processor_HackProtect_Ufc',
|
@@ -58,20 +43,25 @@ class ICWP_WPSF_Processor_HackProtect_Scanner extends ShieldProcessor {
|
|
58 |
];
|
59 |
}
|
60 |
|
61 |
-
/**
|
62 |
-
* Responsible for sending out emails and doing any automated repairs.
|
63 |
-
*/
|
64 |
private function handlePostScanCron() {
|
65 |
-
add_action( $this->getCon()->prefix( 'post_scan' ), function (
|
66 |
-
|
67 |
-
$oOpts = $this->getOptions();
|
68 |
-
foreach ( array_intersect( $oOpts->getScanSlugs(), $aScansToNotify ) as $sSlug ) {
|
69 |
-
$this->getSubPro( $sSlug )
|
70 |
-
->cronProcessScanResults();
|
71 |
-
}
|
72 |
} );
|
73 |
}
|
74 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
75 |
public function runHourlyCron() {
|
76 |
( new HackGuard\Lib\Snapshots\StoreAction\TouchAll() )
|
77 |
->setMod( $this->getMod() )
|
@@ -121,7 +111,7 @@ class ICWP_WPSF_Processor_HackProtect_Scanner extends ShieldProcessor {
|
|
121 |
|
122 |
$oOpts->setIsScanCron( true );
|
123 |
$oMod->saveModOptions()
|
124 |
-
->
|
125 |
->startScans( $aScans );
|
126 |
}
|
127 |
else {
|
@@ -154,6 +144,29 @@ class ICWP_WPSF_Processor_HackProtect_Scanner extends ShieldProcessor {
|
|
154 |
return $oOpts->getScanFrequency();
|
155 |
}
|
156 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
157 |
/**
|
158 |
* @return int
|
159 |
*/
|
9 |
|
10 |
use Shield\Crons\StandardCron;
|
11 |
|
|
|
|
|
12 |
public function run() {
|
13 |
$this->getSubPro( 'apc' )->execute();
|
14 |
$this->getSubPro( 'ufc' )->execute();
|
23 |
}
|
24 |
|
25 |
/**
|
26 |
+
* @return \ICWP_WPSF_Processor_HackProtect_Ptg
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
27 |
*/
|
28 |
public function getSubProcessorPtg() {
|
29 |
return $this->getSubPro( 'ptg' );
|
35 |
protected function getSubProMap() {
|
36 |
return [
|
37 |
'apc' => 'ICWP_WPSF_Processor_HackProtect_Apc',
|
|
|
38 |
'mal' => 'ICWP_WPSF_Processor_HackProtect_Mal',
|
39 |
'ptg' => 'ICWP_WPSF_Processor_HackProtect_Ptg',
|
40 |
'ufc' => 'ICWP_WPSF_Processor_HackProtect_Ufc',
|
43 |
];
|
44 |
}
|
45 |
|
|
|
|
|
|
|
46 |
private function handlePostScanCron() {
|
47 |
+
add_action( $this->getCon()->prefix( 'post_scan' ), function () {
|
48 |
+
$this->runAutoRepair();
|
|
|
|
|
|
|
|
|
|
|
49 |
} );
|
50 |
}
|
51 |
|
52 |
+
private function runAutoRepair() {
|
53 |
+
/** @var \ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
54 |
+
$oMod = $this->getMod();
|
55 |
+
/** @var HackGuard\Options $oOpts */
|
56 |
+
$oOpts = $this->getOptions();
|
57 |
+
foreach ( $oOpts->getScanSlugs() as $sSlug ) {
|
58 |
+
$oScanCon = $oMod->getScanCon( $sSlug );
|
59 |
+
if ( $oScanCon->isCronAutoRepair() ) {
|
60 |
+
$oScanCon->runCronAutoRepair();
|
61 |
+
}
|
62 |
+
}
|
63 |
+
}
|
64 |
+
|
65 |
public function runHourlyCron() {
|
66 |
( new HackGuard\Lib\Snapshots\StoreAction\TouchAll() )
|
67 |
->setMod( $this->getMod() )
|
111 |
|
112 |
$oOpts->setIsScanCron( true );
|
113 |
$oMod->saveModOptions()
|
114 |
+
->getScanQueueController()
|
115 |
->startScans( $aScans );
|
116 |
}
|
117 |
else {
|
144 |
return $oOpts->getScanFrequency();
|
145 |
}
|
146 |
|
147 |
+
/**
|
148 |
+
* @return int
|
149 |
+
*/
|
150 |
+
public function getFirstRunTimestamp() {
|
151 |
+
$oCarb = Services::Request()->carbon( true );
|
152 |
+
$oCarb->addHours( $oCarb->minute < 40 ? 0 : 1 )
|
153 |
+
->minute( $oCarb->minute < 40 ? 45 : 15 )
|
154 |
+
->second( 0 );
|
155 |
+
|
156 |
+
if ( $this->getCronFrequency() === 1 ) { // If it's a daily scan only, set to 3am by default
|
157 |
+
$nHour = (int)apply_filters( $this->getCon()->prefix( 'daily_scan_cron_hour' ), 3 );
|
158 |
+
if ( $nHour < 0 || $nHour > 23 ) {
|
159 |
+
$nHour = 3;
|
160 |
+
}
|
161 |
+
if ( $oCarb->hour >= $nHour ) {
|
162 |
+
$oCarb->addDays( 1 );
|
163 |
+
}
|
164 |
+
$oCarb->hour( $nHour );
|
165 |
+
}
|
166 |
+
|
167 |
+
return $oCarb->timestamp;
|
168 |
+
}
|
169 |
+
|
170 |
/**
|
171 |
* @return int
|
172 |
*/
|
src/processors/insights.php
CHANGED
@@ -2,6 +2,10 @@
|
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules;
|
4 |
|
|
|
|
|
|
|
|
|
5 |
class ICWP_WPSF_Processor_Insights extends Modules\BaseShield\ShieldProcessor {
|
6 |
|
7 |
}
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules;
|
4 |
|
5 |
+
/**
|
6 |
+
* Class ICWP_WPSF_Processor_Insights
|
7 |
+
* @deprecated 9.0
|
8 |
+
*/
|
9 |
class ICWP_WPSF_Processor_Insights extends Modules\BaseShield\ShieldProcessor {
|
10 |
|
11 |
}
|
src/processors/ips.php
CHANGED
@@ -1,13 +1,11 @@
|
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
4 |
-
use FernleafSystems\Wordpress\Plugin\Shield\Modules\IPs;
|
5 |
|
|
|
|
|
|
|
|
|
6 |
class ICWP_WPSF_Processor_Ips extends Shield\Modules\BaseShield\ShieldProcessor {
|
7 |
|
8 |
-
public function run() {
|
9 |
-
( new IPs\Lib\BlacklistHandler() )
|
10 |
-
->setMod( $this->getMod() )
|
11 |
-
->run();
|
12 |
-
}
|
13 |
}
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
|
|
4 |
|
5 |
+
/**
|
6 |
+
* Class ICWP_WPSF_Processor_Ips
|
7 |
+
* @deprecated 9.0
|
8 |
+
*/
|
9 |
class ICWP_WPSF_Processor_Ips extends Shield\Modules\BaseShield\ShieldProcessor {
|
10 |
|
|
|
|
|
|
|
|
|
|
|
11 |
}
|
src/processors/license.php
CHANGED
@@ -1,43 +1,11 @@
|
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules;
|
4 |
-
use FernleafSystems\Wordpress\Services\Services;
|
5 |
|
|
|
|
|
|
|
|
|
6 |
class ICWP_WPSF_Processor_License extends Modules\BaseShield\ShieldProcessor {
|
7 |
|
8 |
-
public function run() {
|
9 |
-
$oCon = $this->getCon();
|
10 |
-
/** @var Modules\License\Options $oOpts */
|
11 |
-
$oOpts = $this->getOptions();
|
12 |
-
$oReq = Services::Request();
|
13 |
-
|
14 |
-
// performs the license check on-demand
|
15 |
-
add_action( $oCon->prefix( 'adhoc_cron_license_check' ), function () {
|
16 |
-
/** @var \ICWP_WPSF_FeatureHandler_License $oMod */
|
17 |
-
$oMod = $this->getMod();
|
18 |
-
try {
|
19 |
-
$oMod->getLicenseHandler()->verify( true );
|
20 |
-
}
|
21 |
-
catch ( \Exception $oE ) {
|
22 |
-
}
|
23 |
-
} );
|
24 |
-
|
25 |
-
switch ( $oCon->getShieldAction() ) {
|
26 |
-
|
27 |
-
case 'keyless_handshake':
|
28 |
-
$sNonce = $oReq->query( 'nonce' );
|
29 |
-
if ( !empty( $sNonce ) && $sNonce === $oOpts->getOpt( 'keyless_handshake_hash' ) ) {
|
30 |
-
die( json_encode( [
|
31 |
-
'success' => $oOpts->getOpt( 'keyless_handshake_until', 0 ) >= $oReq->ts()
|
32 |
-
] ) );
|
33 |
-
}
|
34 |
-
break;
|
35 |
-
|
36 |
-
case 'license_check':
|
37 |
-
if ( !wp_next_scheduled( $oCon->prefix( 'adhoc_cron_license_check' ) ) ) {
|
38 |
-
wp_schedule_single_event( $oReq->ts() + 20, $oCon->prefix( 'adhoc_cron_license_check' ) );
|
39 |
-
}
|
40 |
-
break;
|
41 |
-
}
|
42 |
-
}
|
43 |
}
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules;
|
|
|
4 |
|
5 |
+
/**
|
6 |
+
* Class ICWP_WPSF_Processor_License
|
7 |
+
* @deprecated 9.0
|
8 |
+
*/
|
9 |
class ICWP_WPSF_Processor_License extends Modules\BaseShield\ShieldProcessor {
|
10 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
11 |
}
|
src/processors/lockdown.php
CHANGED
@@ -1,6 +1,7 @@
|
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules;
|
|
|
4 |
use FernleafSystems\Wordpress\Services\Services;
|
5 |
|
6 |
class ICWP_WPSF_Processor_Lockdown extends Modules\BaseShield\ShieldProcessor {
|
@@ -8,25 +9,21 @@ class ICWP_WPSF_Processor_Lockdown extends Modules\BaseShield\ShieldProcessor {
|
|
8 |
public function run() {
|
9 |
/** @var \ICWP_WPSF_FeatureHandler_Lockdown $oMod */
|
10 |
$oMod = $this->getMod();
|
|
|
|
|
11 |
|
12 |
if ( $oMod->isOptFileEditingDisabled() ) {
|
13 |
$this->blockFileEditing();
|
14 |
}
|
15 |
|
16 |
-
|
17 |
-
if ( !empty( $sWpVersionMask ) ) {
|
18 |
-
global $wp_version;
|
19 |
-
$wp_version = $sWpVersionMask;
|
20 |
-
}
|
21 |
-
|
22 |
-
if ( $oMod->isOpt( 'force_ssl_admin', 'Y' ) && function_exists( 'force_ssl_admin' ) ) {
|
23 |
if ( !defined( 'FORCE_SSL_ADMIN' ) ) {
|
24 |
define( 'FORCE_SSL_ADMIN', true );
|
25 |
}
|
26 |
force_ssl_admin( true );
|
27 |
}
|
28 |
|
29 |
-
if ( $
|
30 |
remove_action( 'wp_head', 'wp_generator' );
|
31 |
}
|
32 |
|
@@ -129,17 +126,4 @@ class ICWP_WPSF_Processor_Lockdown extends Modules\BaseShield\ShieldProcessor {
|
|
129 |
|
130 |
return $mStatus;
|
131 |
}
|
132 |
-
|
133 |
-
/**
|
134 |
-
* Override the original collection to then add plugin statistics to the mix
|
135 |
-
* @param $aData
|
136 |
-
* @return array
|
137 |
-
*/
|
138 |
-
public function tracking_DataCollect( $aData ) {
|
139 |
-
$aData = parent::tracking_DataCollect( $aData );
|
140 |
-
$sSlug = $this->getMod()->getSlug();
|
141 |
-
$aData[ $sSlug ][ 'options' ][ 'mask_wordpress_version' ]
|
142 |
-
= empty( $aData[ $sSlug ][ 'options' ][ 'mask_wordpress_version' ] ) ? 0 : 1;
|
143 |
-
return $aData;
|
144 |
-
}
|
145 |
}
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules;
|
4 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Lockdown;
|
5 |
use FernleafSystems\Wordpress\Services\Services;
|
6 |
|
7 |
class ICWP_WPSF_Processor_Lockdown extends Modules\BaseShield\ShieldProcessor {
|
9 |
public function run() {
|
10 |
/** @var \ICWP_WPSF_FeatureHandler_Lockdown $oMod */
|
11 |
$oMod = $this->getMod();
|
12 |
+
/** @var Lockdown\Options $oOpts */
|
13 |
+
$oOpts = $this->getOptions();
|
14 |
|
15 |
if ( $oMod->isOptFileEditingDisabled() ) {
|
16 |
$this->blockFileEditing();
|
17 |
}
|
18 |
|
19 |
+
if ( $oOpts->isOpt( 'force_ssl_admin', 'Y' ) && function_exists( 'force_ssl_admin' ) ) {
|
|
|
|
|
|
|
|
|
|
|
|
|
20 |
if ( !defined( 'FORCE_SSL_ADMIN' ) ) {
|
21 |
define( 'FORCE_SSL_ADMIN', true );
|
22 |
}
|
23 |
force_ssl_admin( true );
|
24 |
}
|
25 |
|
26 |
+
if ( $oOpts->isOpt( 'hide_wordpress_generator_tag', 'Y' ) ) {
|
27 |
remove_action( 'wp_head', 'wp_generator' );
|
28 |
}
|
29 |
|
126 |
|
127 |
return $mStatus;
|
128 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
129 |
}
|
src/processors/login_protect.php
CHANGED
@@ -1,6 +1,7 @@
|
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules;
|
|
|
4 |
use FernleafSystems\Wordpress\Services\Services;
|
5 |
|
6 |
class ICWP_WPSF_Processor_LoginProtect extends Modules\BaseShield\ShieldProcessor {
|
@@ -10,8 +11,6 @@ class ICWP_WPSF_Processor_LoginProtect extends Modules\BaseShield\ShieldProcesso
|
|
10 |
public function run() {
|
11 |
/** @var \ICWP_WPSF_FeatureHandler_LoginProtect $oMod */
|
12 |
$oMod = $this->getMod();
|
13 |
-
/** @var Modules\LoginGuard\Options $oOpts */
|
14 |
-
$oOpts = $this->getOptions();
|
15 |
|
16 |
// XML-RPC Compatibility
|
17 |
if ( Services::WpGeneral()->isXmlrpc() && $oMod->isXmlrpcBypass() ) {
|
@@ -24,66 +23,11 @@ class ICWP_WPSF_Processor_LoginProtect extends Modules\BaseShield\ShieldProcesso
|
|
24 |
}
|
25 |
|
26 |
if ( !$oMod->isVisitorWhitelisted() ) {
|
27 |
-
|
28 |
-
$this->getSubPro( 'gasp' )->execute();
|
29 |
-
}
|
30 |
-
|
31 |
-
if ( $oOpts->isCooldownEnabled() ) {
|
32 |
-
if ( Services::Request()->isPost() ) {
|
33 |
-
$this->getSubPro( 'cooldown' )->execute();
|
34 |
-
}
|
35 |
-
}
|
36 |
-
|
37 |
-
if ( $oMod->isGoogleRecaptchaEnabled() ) {
|
38 |
-
$this->getSubPro( 'recaptcha' )->execute();
|
39 |
-
}
|
40 |
-
|
41 |
$oMod->getLoginIntentController()->run();
|
42 |
}
|
43 |
}
|
44 |
|
45 |
-
public function onWpEnqueueJs() {
|
46 |
-
/** @var \ICWP_WPSF_FeatureHandler_LoginProtect $oMod */
|
47 |
-
$oMod = $this->getMod();
|
48 |
-
|
49 |
-
if ( $oMod->isEnabledBotJs() ) {
|
50 |
-
$oConn = $this->getCon();
|
51 |
-
|
52 |
-
$sAsset = 'shield-antibot';
|
53 |
-
$sUnique = $oMod->prefix( $sAsset );
|
54 |
-
wp_register_script(
|
55 |
-
$sUnique,
|
56 |
-
$oConn->getPluginUrl_Js( $sAsset ),
|
57 |
-
[ 'jquery' ],
|
58 |
-
$oConn->getVersion(),
|
59 |
-
true
|
60 |
-
);
|
61 |
-
wp_enqueue_script( $sUnique );
|
62 |
-
|
63 |
-
wp_localize_script(
|
64 |
-
$sUnique,
|
65 |
-
'icwp_wpsf_vars_lpantibot',
|
66 |
-
[
|
67 |
-
'form_selectors' => implode( ',', $oMod->getAntiBotFormSelectors() ),
|
68 |
-
'uniq' => preg_replace( '#[^a-zA-Z0-9]#', '', apply_filters( 'icwp_shield_lp_gasp_uniqid', uniqid() ) ),
|
69 |
-
'cbname' => $oMod->getGaspKey(),
|
70 |
-
'strings' => [
|
71 |
-
'label' => $oMod->getTextImAHuman(),
|
72 |
-
'alert' => $oMod->getTextPleaseCheckBox(),
|
73 |
-
],
|
74 |
-
'flags' => [
|
75 |
-
'gasp' => $oMod->isEnabledGaspCheck(),
|
76 |
-
'recap' => $oMod->isGoogleRecaptchaEnabled(),
|
77 |
-
]
|
78 |
-
]
|
79 |
-
);
|
80 |
-
|
81 |
-
if ( $oMod->isGoogleRecaptchaEnabled() ) {
|
82 |
-
$this->setRecaptchaToEnqueue();
|
83 |
-
}
|
84 |
-
}
|
85 |
-
}
|
86 |
-
|
87 |
/**
|
88 |
* Override the original collection to then add plugin statistics to the mix
|
89 |
* @param $aData
|
@@ -102,9 +46,6 @@ class ICWP_WPSF_Processor_LoginProtect extends Modules\BaseShield\ShieldProcesso
|
|
102 |
*/
|
103 |
protected function getSubProMap() {
|
104 |
return [
|
105 |
-
'cooldown' => 'ICWP_WPSF_Processor_LoginProtect_Cooldown',
|
106 |
-
'gasp' => 'ICWP_WPSF_Processor_LoginProtect_Gasp',
|
107 |
-
'recaptcha' => 'ICWP_WPSF_Processor_LoginProtect_GoogleRecaptcha',
|
108 |
'rename' => 'ICWP_WPSF_Processor_LoginProtect_WpLogin',
|
109 |
];
|
110 |
}
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield\Modules;
|
4 |
+
use FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Lib\AntiBot;
|
5 |
use FernleafSystems\Wordpress\Services\Services;
|
6 |
|
7 |
class ICWP_WPSF_Processor_LoginProtect extends Modules\BaseShield\ShieldProcessor {
|
11 |
public function run() {
|
12 |
/** @var \ICWP_WPSF_FeatureHandler_LoginProtect $oMod */
|
13 |
$oMod = $this->getMod();
|
|
|
|
|
14 |
|
15 |
// XML-RPC Compatibility
|
16 |
if ( Services::WpGeneral()->isXmlrpc() && $oMod->isXmlrpcBypass() ) {
|
23 |
}
|
24 |
|
25 |
if ( !$oMod->isVisitorWhitelisted() ) {
|
26 |
+
( new AntiBot\AntibotSetup() )->setMod( $oMod );
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
27 |
$oMod->getLoginIntentController()->run();
|
28 |
}
|
29 |
}
|
30 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
31 |
/**
|
32 |
* Override the original collection to then add plugin statistics to the mix
|
33 |
* @param $aData
|
46 |
*/
|
47 |
protected function getSubProMap() {
|
48 |
return [
|
|
|
|
|
|
|
49 |
'rename' => 'ICWP_WPSF_Processor_LoginProtect_WpLogin',
|
50 |
];
|
51 |
}
|
src/processors/loginprotect_base.php
CHANGED
@@ -20,18 +20,6 @@ abstract class ICWP_WPSF_Processor_LoginProtect_Base extends Modules\BaseShield\
|
|
20 |
*/
|
21 |
private $bFactorTested;
|
22 |
|
23 |
-
/**
|
24 |
-
* We assume that any given page will have at most 1 login form.
|
25 |
-
* @var int
|
26 |
-
*/
|
27 |
-
private $nLoginFormCountMax = 1;
|
28 |
-
|
29 |
-
/**
|
30 |
-
* Track the number of times a login form element has been printed.
|
31 |
-
* @var int
|
32 |
-
*/
|
33 |
-
private $nLoginFormPrintCount = 0;
|
34 |
-
|
35 |
/**
|
36 |
*/
|
37 |
public function run() {
|
@@ -39,120 +27,8 @@ abstract class ICWP_WPSF_Processor_LoginProtect_Base extends Modules\BaseShield\
|
|
39 |
add_action( 'init', [ $this, 'addHooks' ], -100 );
|
40 |
}
|
41 |
|
42 |
-
/**
|
43 |
-
* Hooked to INIT so we can test for logged-in. We don't process for logged-in users.
|
44 |
-
*/
|
45 |
public function addHooks() {
|
46 |
-
|
47 |
-
return;
|
48 |
-
}
|
49 |
-
|
50 |
-
/** @var ICWP_WPSF_FeatureHandler_LoginProtect $oFO */
|
51 |
-
$oFO = $this->getMod();
|
52 |
-
$b3rdParty = $oFO->getIfSupport3rdParty();
|
53 |
-
|
54 |
-
if ( $oFO->isProtectLogin() ) {
|
55 |
-
// We give it a priority of 10 so that we can jump in before WordPress does its own validation.
|
56 |
-
add_filter( 'authenticate', [ $this, 'checkReqLogin_Wp' ], 10, 3 );
|
57 |
-
|
58 |
-
add_action( 'login_form', [ $this, 'printLoginFormItems' ], 100 );
|
59 |
-
add_filter( 'login_form_middle', [ $this, 'provideLoginFormItems' ], 100 );
|
60 |
-
|
61 |
-
if ( $b3rdParty ) {
|
62 |
-
add_action( 'edd_login_fields_after', [ $this, 'printLoginFormItems' ], 10 );
|
63 |
-
|
64 |
-
add_action( 'woocommerce_login_form', [ $this, 'printLoginFormItems_Woo' ], 100 );
|
65 |
-
add_filter( 'woocommerce_process_login_errors', [ $this, 'checkReqLogin_Woo' ], 10, 2 );
|
66 |
-
|
67 |
-
// MemberPress
|
68 |
-
add_action( 'mepr-login-form-before-submit', [ $this, 'printLoginFormItems_MePr' ], 100 );
|
69 |
-
add_filter( 'mepr-validate-login', [ $this, 'checkReqLogin_MePr' ], 100 );
|
70 |
-
// Ultimate Member
|
71 |
-
add_action( 'um_after_login_fields', [ $this, 'printFormItems_UltMem' ], 100 );
|
72 |
-
add_action( 'um_submit_form_login', [ $this, 'checkReqLogin_UltMem' ], 100 );
|
73 |
-
|
74 |
-
// LearnPress
|
75 |
-
add_action( 'learn-press/after-form-login-fields', [ $this, 'printFormItems_LearnPress' ], 100 );
|
76 |
-
add_action( 'learn-press/before-checkout-form-login-button', [
|
77 |
-
$this,
|
78 |
-
'printFormItems_LearnPress'
|
79 |
-
], 100 );
|
80 |
-
add_filter( 'learn-press/login-validate-field', [ $this, 'checkReqLogin_LearnPress' ], 100 );
|
81 |
-
}
|
82 |
-
}
|
83 |
-
|
84 |
-
if ( $oFO->isProtectLostPassword() ) {
|
85 |
-
add_action( 'lostpassword_form', [ $this, 'printFormItems' ] );
|
86 |
-
add_action( 'lostpassword_post', [ $this, 'checkReqLostPassword_Wp' ], 10, 1 );
|
87 |
-
|
88 |
-
//No need to really cover this form
|
89 |
-
// add_action( 'resetpass_form', array( $this, 'printFormItems' ) );
|
90 |
-
// add_action( 'validate_password_reset', array( $this, 'checkReqResetPassword_Wp' ), 10, 1 );
|
91 |
-
// add_action( 'woocommerce_resetpassword_form', array( $this, 'printFormItems' ), 10 );
|
92 |
-
|
93 |
-
if ( $b3rdParty ) {
|
94 |
-
add_action( 'woocommerce_lostpassword_form', [ $this, 'printFormItems' ], 10 );
|
95 |
-
|
96 |
-
// MemberPress
|
97 |
-
add_action( 'mepr-forgot-password-form', [ $this, 'printLoginFormItems_MePr' ], 100 );
|
98 |
-
add_filter( 'mepr-validate-forgot-password', [ $this, 'checkReqLostPassword_MePr' ], 100 );
|
99 |
-
// Ultimate Member
|
100 |
-
add_action( 'um_after_password_reset_fields', [ $this, 'printFormItems_UltMem' ], 100 );
|
101 |
-
add_action( 'um_submit_form_password_reset', [ $this, 'checkReqLostPassword_UltMem' ], 5, 0 );
|
102 |
-
}
|
103 |
-
}
|
104 |
-
|
105 |
-
if ( $oFO->isProtectRegister() ) {
|
106 |
-
add_action( 'register_form', [ $this, 'printFormItems' ] );
|
107 |
-
// add_action( 'register_post', array( $this, 'checkReqRegistration_Wp' ), 10, 1 );
|
108 |
-
add_filter( 'registration_errors', [ $this, 'checkReqRegistrationErrors_Wp' ], 10, 2 );
|
109 |
-
|
110 |
-
if ( $b3rdParty ) {
|
111 |
-
// A Catch-all:
|
112 |
-
// 20180909 - not a bit wise as it breaks anything that doesn't properly display front-end output
|
113 |
-
// add_filter( 'wp_pre_insert_user_data', array( $this, 'checkPreUserInsert_Wp' ), 10, 1 );
|
114 |
-
|
115 |
-
add_action( 'bp_before_registration_submit_buttons', [ $this, 'printLoginFormItems_Bp' ], 10 );
|
116 |
-
add_action( 'bp_signup_validate', [ $this, 'checkReqRegistration_Bp' ], 10 );
|
117 |
-
|
118 |
-
add_action( 'edd_register_form_fields_before_submit', [ $this, 'printFormItems' ], 10 );
|
119 |
-
add_action( 'edd_process_register_form', [ $this, 'checkReqRegistration_Edd' ], 10 );
|
120 |
-
|
121 |
-
add_action( 'woocommerce_register_form', [ $this, 'printRegisterFormItems_Woo' ], 10 );
|
122 |
-
add_action( 'woocommerce_after_checkout_registration_form', [
|
123 |
-
$this,
|
124 |
-
'printRegistrationFormItems_Woo'
|
125 |
-
], 10 );
|
126 |
-
add_filter( 'woocommerce_process_registration_errors', [ $this, 'checkReqRegistration_Woo' ], 10, 2 );
|
127 |
-
|
128 |
-
// MemberPress - Checkout == Registration
|
129 |
-
add_action( 'mepr-checkout-before-submit', [ $this, 'printRegisterFormItems_MePr' ], 10 );
|
130 |
-
add_filter( 'mepr-validate-signup', [ $this, 'checkReqRegistration_MePr' ], 10, 2 );
|
131 |
-
// Paid Member Subscriptions (https://wordpress.org/plugins/paid-member-subscriptions)
|
132 |
-
add_action( 'pms_register_form_after_fields', [ $this, 'printFormItems_PaidMemberSubscriptions' ], 100 );
|
133 |
-
add_filter( 'pms_register_form_validation', [ $this, 'checkReqReg_PaidMemberSubscriptions' ], 100 );
|
134 |
-
// Profile Builder (https://wordpress.org/plugins/profile-builder/)
|
135 |
-
add_action( 'wppb_form_before_submit_button', [ $this, 'printLoginFormItems' ], 100 );
|
136 |
-
add_filter( 'wppb_output_field_errors_filter', [ $this, 'checkReqReg_ProfileBuilder' ], 100 );
|
137 |
-
// Ultimate Member
|
138 |
-
add_action( 'um_after_register_fields', [ $this, 'printFormItems_UltMem' ], 100 );
|
139 |
-
add_action( 'um_submit_form_register', [ $this, 'checkReqRegistration_UltMem' ], 5, 0 );
|
140 |
-
// LearnPress
|
141 |
-
add_action( 'learn-press/after-form-register-fields', [ $this, 'printFormItems_LearnPress' ], 100 );
|
142 |
-
add_filter( 'learn-press/register-validate-field', [
|
143 |
-
$this,
|
144 |
-
'checkReqRegistration_LearnPress'
|
145 |
-
], 100, 1 );
|
146 |
-
}
|
147 |
-
}
|
148 |
-
|
149 |
-
if ( $b3rdParty && $oFO->isProtect( 'checkout_woo' ) ) {
|
150 |
-
add_action( 'woocommerce_after_checkout_registration_form', [
|
151 |
-
$this,
|
152 |
-
'printRegistrationFormItems_Woo'
|
153 |
-
], 10 );
|
154 |
-
add_action( 'woocommerce_after_checkout_validation', [ $this, 'checkReqCheckout_Woo' ], 10, 2 );
|
155 |
-
}
|
156 |
}
|
157 |
|
158 |
/**
|
@@ -160,351 +36,6 @@ abstract class ICWP_WPSF_Processor_LoginProtect_Base extends Modules\BaseShield\
|
|
160 |
*/
|
161 |
abstract protected function performCheckWithException();
|
162 |
|
163 |
-
/**
|
164 |
-
*/
|
165 |
-
protected function performCheckWithDie() {
|
166 |
-
try {
|
167 |
-
$this->performCheckWithException();
|
168 |
-
}
|
169 |
-
catch ( \Exception $oE ) {
|
170 |
-
Services::WpGeneral()->wpDie( $oE->getMessage() );
|
171 |
-
}
|
172 |
-
}
|
173 |
-
|
174 |
-
/**
|
175 |
-
* @param string|WP_Error $sFieldNameOrError
|
176 |
-
* @return string|WP_Error
|
177 |
-
*/
|
178 |
-
public function checkReqLogin_LearnPress( $sFieldNameOrError ) {
|
179 |
-
if ( !empty( $sFieldNameOrError ) || !is_wp_error( $sFieldNameOrError ) ) {
|
180 |
-
try {
|
181 |
-
$this->setActionToAudit( 'learnpress-login' )
|
182 |
-
->performCheckWithException();
|
183 |
-
}
|
184 |
-
catch ( \Exception $oE ) {
|
185 |
-
$sFieldNameOrError = new \WP_Error( 'shield-fail-login', $oE->getMessage() );
|
186 |
-
}
|
187 |
-
}
|
188 |
-
return $sFieldNameOrError;
|
189 |
-
}
|
190 |
-
|
191 |
-
/**
|
192 |
-
* @param \WP_Error $oWpError
|
193 |
-
* @param string $sUsername
|
194 |
-
* @return \WP_Error
|
195 |
-
*/
|
196 |
-
public function checkReqLogin_Woo( $oWpError, $sUsername ) {
|
197 |
-
try {
|
198 |
-
$this->setUserToAudit( $sUsername )
|
199 |
-
->setActionToAudit( 'woo-login' )
|
200 |
-
->performCheckWithException();
|
201 |
-
}
|
202 |
-
catch ( \Exception $oE ) {
|
203 |
-
$oWpError = $this->giveMeWpError( $oWpError );
|
204 |
-
$oWpError->add( $this->getCon()->prefix( rand() ), $oE->getMessage() );
|
205 |
-
}
|
206 |
-
return $oWpError;
|
207 |
-
}
|
208 |
-
|
209 |
-
/**
|
210 |
-
* Should be a filter added to WordPress's "authenticate" filter, but before WordPress performs
|
211 |
-
* it's own authentication (theirs is priority 30, so we could go in at around 20).
|
212 |
-
* @param null|WP_User|WP_Error $oUserOrError
|
213 |
-
* @param string $sUsername
|
214 |
-
* @param string $sPassword
|
215 |
-
* @return WP_User|WP_Error
|
216 |
-
*/
|
217 |
-
public function checkReqLogin_Wp( $oUserOrError, $sUsername, $sPassword ) {
|
218 |
-
try {
|
219 |
-
if ( !is_wp_error( $oUserOrError ) && !empty( $sUsername ) && !empty( $sPassword ) ) {
|
220 |
-
$this->setUserToAudit( $sUsername )
|
221 |
-
->setActionToAudit( 'login' )
|
222 |
-
->performCheckWithException();
|
223 |
-
}
|
224 |
-
}
|
225 |
-
catch ( \Exception $oE ) {
|
226 |
-
$oUserOrError = $this->giveMeWpError( $oUserOrError );
|
227 |
-
$oUserOrError->add( $this->getCon()->prefix( rand() ), $oE->getMessage() );
|
228 |
-
}
|
229 |
-
return $oUserOrError;
|
230 |
-
}
|
231 |
-
|
232 |
-
/**
|
233 |
-
* @param array $aErrors
|
234 |
-
* @return array
|
235 |
-
*/
|
236 |
-
public function checkReqLogin_MePr( $aErrors ) {
|
237 |
-
if ( !empty( $aErrors ) && $this->isMemberPress() ) {
|
238 |
-
try {
|
239 |
-
$this->setActionToAudit( 'memberpress-login' )
|
240 |
-
->performCheckWithException();
|
241 |
-
}
|
242 |
-
catch ( \Exception $oE ) {
|
243 |
-
$aErrors[] = $oE->getMessage();
|
244 |
-
}
|
245 |
-
}
|
246 |
-
return $aErrors;
|
247 |
-
}
|
248 |
-
|
249 |
-
/**
|
250 |
-
*/
|
251 |
-
public function checkReqLogin_UltMem() {
|
252 |
-
if ( $this->isUltimateMember() ) {
|
253 |
-
try {
|
254 |
-
$this->setActionToAudit( 'ultimatemember-login' )
|
255 |
-
->performCheckWithException();
|
256 |
-
}
|
257 |
-
catch ( \Exception $oE ) {
|
258 |
-
\UM()->form()->add_error( 'shield-fail-login', $oE->getMessage() );
|
259 |
-
}
|
260 |
-
}
|
261 |
-
}
|
262 |
-
|
263 |
-
/**
|
264 |
-
* @param \WP_Error $oWpError
|
265 |
-
* @return \WP_Error
|
266 |
-
*/
|
267 |
-
public function checkReqLostPassword_Wp( $oWpError ) {
|
268 |
-
try {
|
269 |
-
$this->setUserToAudit( Services::Request()->post( 'user_login', '' ) )
|
270 |
-
->setActionToAudit( 'reset-password' )
|
271 |
-
->performCheckWithException();
|
272 |
-
}
|
273 |
-
catch ( \Exception $oE ) {
|
274 |
-
$oWpError = $this->giveMeWpError( $oWpError );
|
275 |
-
$oWpError->add( $this->getCon()->prefix( rand() ), $oE->getMessage() );
|
276 |
-
}
|
277 |
-
return $oWpError;
|
278 |
-
}
|
279 |
-
|
280 |
-
/**
|
281 |
-
* @param array $aErrors
|
282 |
-
* @return array
|
283 |
-
*/
|
284 |
-
public function checkReqLostPassword_MePr( $aErrors ) {
|
285 |
-
if ( !empty( $aErrors ) && $this->isMemberPress() ) {
|
286 |
-
try {
|
287 |
-
$this->setActionToAudit( 'memberpress-lostpassword' )
|
288 |
-
->performCheckWithException();
|
289 |
-
}
|
290 |
-
catch ( \Exception $oE ) {
|
291 |
-
$aErrors[] = $oE->getMessage();
|
292 |
-
}
|
293 |
-
}
|
294 |
-
return $aErrors;
|
295 |
-
}
|
296 |
-
|
297 |
-
/**
|
298 |
-
*/
|
299 |
-
public function checkReqLostPassword_UltMem() {
|
300 |
-
if ( $this->isUltimateMember() ) {
|
301 |
-
try {
|
302 |
-
$this->setActionToAudit( 'ultimatemember-lostpassword' )
|
303 |
-
->performCheckWithException();
|
304 |
-
}
|
305 |
-
catch ( \Exception $oE ) {
|
306 |
-
UM()->form()->add_error( 'shield-fail-lostpassword', $oE->getMessage() );
|
307 |
-
}
|
308 |
-
}
|
309 |
-
}
|
310 |
-
|
311 |
-
/**
|
312 |
-
* This is for the request where the User actually enters their new password
|
313 |
-
* @param \WP_Error $oWpError
|
314 |
-
* @return \WP_Error
|
315 |
-
*/
|
316 |
-
public function checkReqResetPassword_Wp( $oWpError ) {
|
317 |
-
try {
|
318 |
-
$oReq = Services::Request();
|
319 |
-
if ( $oReq->isPost() && is_wp_error( $oWpError ) && empty( $oWpError->errors ) ) {
|
320 |
-
list( $sUser, $null ) = explode( ':', wp_unslash( $oReq->cookie( 'wp-resetpass-'.COOKIEHASH, '' ) ), 2 );
|
321 |
-
$this->setUserToAudit( $sUser )
|
322 |
-
->setActionToAudit( 'set-password' )
|
323 |
-
->performCheckWithException();
|
324 |
-
}
|
325 |
-
}
|
326 |
-
catch ( \Exception $oE ) {
|
327 |
-
$oWpError = $this->giveMeWpError( $oWpError );
|
328 |
-
$oWpError->add( $this->getCon()->prefix( rand() ), $oE->getMessage() );
|
329 |
-
}
|
330 |
-
return $oWpError;
|
331 |
-
}
|
332 |
-
|
333 |
-
/**
|
334 |
-
* @param array $aData
|
335 |
-
* @return array
|
336 |
-
*/
|
337 |
-
public function checkPreUserInsert_Wp( $aData ) {
|
338 |
-
if ( !Services::WpUsers()->isUserLoggedIn() && Services::Request()->isPost() ) {
|
339 |
-
$this->setActionToAudit( 'register' )
|
340 |
-
->performCheckWithDie();
|
341 |
-
}
|
342 |
-
return $aData;
|
343 |
-
}
|
344 |
-
|
345 |
-
/**
|
346 |
-
* @param string $sUsername
|
347 |
-
*/
|
348 |
-
public function checkReqRegistration_Wp( $sUsername ) {
|
349 |
-
return $this->setUserToAudit( $sUsername )
|
350 |
-
->setActionToAudit( 'register' )
|
351 |
-
->performCheckWithDie();
|
352 |
-
}
|
353 |
-
|
354 |
-
/**
|
355 |
-
* see class-wc-checkout.php
|
356 |
-
* @param \WP_Error $oWpError
|
357 |
-
* @param array $aPostedData
|
358 |
-
* @return \WP_Error
|
359 |
-
*/
|
360 |
-
public function checkReqCheckout_Woo( $aPostedData, $oWpError ) {
|
361 |
-
try {
|
362 |
-
$this->setActionToAudit( 'woo-checkout' )
|
363 |
-
->performCheckWithException();
|
364 |
-
}
|
365 |
-
catch ( \Exception $oE ) {
|
366 |
-
$oWpError = $this->giveMeWpError( $oWpError );
|
367 |
-
$oWpError->add( $this->getCon()->prefix( rand() ), $oE->getMessage() );
|
368 |
-
}
|
369 |
-
return $oWpError;
|
370 |
-
}
|
371 |
-
|
372 |
-
/**
|
373 |
-
*/
|
374 |
-
public function checkReqRegistration_Edd() {
|
375 |
-
try {
|
376 |
-
$this->setActionToAudit( 'edd-register' )
|
377 |
-
->performCheckWithException();
|
378 |
-
}
|
379 |
-
catch ( \Exception $oE ) {
|
380 |
-
if ( function_exists( 'edd_set_error' ) ) {
|
381 |
-
edd_set_error( $this->getCon()->prefix( rand() ), $oE->getMessage() );
|
382 |
-
}
|
383 |
-
}
|
384 |
-
}
|
385 |
-
|
386 |
-
/**
|
387 |
-
* @param \WP_Error $oWpError
|
388 |
-
* @param string $sUsername
|
389 |
-
* @return \WP_Error
|
390 |
-
*/
|
391 |
-
public function checkReqRegistration_Woo( $oWpError, $sUsername ) {
|
392 |
-
try {
|
393 |
-
$this->setUserToAudit( $sUsername )
|
394 |
-
->setActionToAudit( 'woo-register' )
|
395 |
-
->performCheckWithException();
|
396 |
-
}
|
397 |
-
catch ( \Exception $oE ) {
|
398 |
-
$oWpError = $this->giveMeWpError( $oWpError );
|
399 |
-
$oWpError->add( $this->getCon()->prefix( rand() ), $oE->getMessage() );
|
400 |
-
}
|
401 |
-
return $oWpError;
|
402 |
-
}
|
403 |
-
|
404 |
-
/**
|
405 |
-
* Errors are passed about here using an array of strings.
|
406 |
-
* @param string[] $aErrors
|
407 |
-
* @return string[]
|
408 |
-
*/
|
409 |
-
public function checkReqRegistration_MePr( $aErrors ) {
|
410 |
-
if ( !empty( $aErrors ) && $this->isMemberPress() ) {
|
411 |
-
try {
|
412 |
-
$this->setActionToAudit( 'memberpress-register' )
|
413 |
-
->performCheckWithException();
|
414 |
-
}
|
415 |
-
catch ( \Exception $oE ) {
|
416 |
-
$aErrors[] = $oE->getMessage();
|
417 |
-
}
|
418 |
-
}
|
419 |
-
return $aErrors;
|
420 |
-
}
|
421 |
-
|
422 |
-
/**
|
423 |
-
* @param string|WP_Error $sFieldNameOrError
|
424 |
-
* @return string|WP_Error
|
425 |
-
*/
|
426 |
-
public function checkReqRegistration_LearnPress( $sFieldNameOrError ) {
|
427 |
-
if ( !empty( $sFieldNameOrError ) || !is_wp_error( $sFieldNameOrError ) ) {
|
428 |
-
try {
|
429 |
-
$this->setActionToAudit( 'learnpress-register' )
|
430 |
-
->performCheckWithException();
|
431 |
-
}
|
432 |
-
catch ( \Exception $oE ) {
|
433 |
-
$sFieldNameOrError = new \WP_Error( 'shield-fail-register', $oE->getMessage() );
|
434 |
-
}
|
435 |
-
}
|
436 |
-
return $sFieldNameOrError;
|
437 |
-
}
|
438 |
-
|
439 |
-
public function checkReqReg_PaidMemberSubscriptions() {
|
440 |
-
if ( $this->isPaidMemberSubscriptions() ) {
|
441 |
-
try {
|
442 |
-
$this->setActionToAudit( 'paidmembersubscriptions-register' )
|
443 |
-
->performCheckWithException();
|
444 |
-
}
|
445 |
-
catch ( \Exception $oE ) {
|
446 |
-
\pms_errors()->add( 'shield-fail-register', $oE->getMessage() );
|
447 |
-
}
|
448 |
-
}
|
449 |
-
}
|
450 |
-
|
451 |
-
/**
|
452 |
-
* @param array $aErrors
|
453 |
-
* @return array
|
454 |
-
*/
|
455 |
-
public function checkReqReg_ProfileBuilder( $aErrors ) {
|
456 |
-
if ( $this->isProfileBuilder() ) {
|
457 |
-
try {
|
458 |
-
$this->setActionToAudit( 'profilebuilder-register' )
|
459 |
-
->performCheckWithException();
|
460 |
-
}
|
461 |
-
catch ( \Exception $oE ) {
|
462 |
-
$aErrors[ 'shield-fail-register' ] =
|
463 |
-
'<span class="wppb-form-error">Bot</span>';
|
464 |
-
}
|
465 |
-
}
|
466 |
-
return $aErrors;
|
467 |
-
}
|
468 |
-
|
469 |
-
/**
|
470 |
-
*/
|
471 |
-
public function checkReqRegistration_UltMem() {
|
472 |
-
if ( $this->isUltimateMember() ) {
|
473 |
-
try {
|
474 |
-
$this->setActionToAudit( 'ultimatemember-register' )
|
475 |
-
->performCheckWithException();
|
476 |
-
}
|
477 |
-
catch ( \Exception $oE ) {
|
478 |
-
UM()->form()->add_error( 'shield-fail-register', $oE->getMessage() );
|
479 |
-
}
|
480 |
-
}
|
481 |
-
}
|
482 |
-
|
483 |
-
/**
|
484 |
-
* @param \WP_Error $oWpError
|
485 |
-
* @param string $sUsername
|
486 |
-
* @return \WP_Error
|
487 |
-
*/
|
488 |
-
public function checkReqRegistrationErrors_Wp( $oWpError, $sUsername ) {
|
489 |
-
try {
|
490 |
-
$this->setUserToAudit( $sUsername )
|
491 |
-
->setActionToAudit( 'register' )
|
492 |
-
->performCheckWithException();
|
493 |
-
}
|
494 |
-
catch ( \Exception $oE ) {
|
495 |
-
$oWpError = $this->giveMeWpError( $oWpError );
|
496 |
-
$oWpError->add( $this->getCon()->prefix( rand() ), $oE->getMessage() );
|
497 |
-
}
|
498 |
-
return $oWpError;
|
499 |
-
}
|
500 |
-
|
501 |
-
/**
|
502 |
-
* @return bool
|
503 |
-
*/
|
504 |
-
public function checkReqRegistration_Bp() {
|
505 |
-
return $this->performCheckWithDie();
|
506 |
-
}
|
507 |
-
|
508 |
/**
|
509 |
* @return string
|
510 |
*/
|
@@ -516,7 +47,7 @@ abstract class ICWP_WPSF_Processor_LoginProtect_Base extends Modules\BaseShield\
|
|
516 |
* @return string
|
517 |
*/
|
518 |
protected function buildLoginFormItems() {
|
519 |
-
$sItems = $this->
|
520 |
if ( !empty( $sItems ) ) {
|
521 |
$this->incrementLoginFormPrintCount();
|
522 |
}
|
@@ -537,44 +68,6 @@ abstract class ICWP_WPSF_Processor_LoginProtect_Base extends Modules\BaseShield\
|
|
537 |
echo $this->buildLoginFormItems();
|
538 |
}
|
539 |
|
540 |
-
/**
|
541 |
-
* @return void
|
542 |
-
*/
|
543 |
-
public function printLoginFormItems_MePr() {
|
544 |
-
$this->printLoginFormItems();
|
545 |
-
}
|
546 |
-
|
547 |
-
/**
|
548 |
-
* @return void
|
549 |
-
*/
|
550 |
-
public function printFormItems_PaidMemberSubscriptions() {
|
551 |
-
$this->printLoginFormItems();
|
552 |
-
}
|
553 |
-
|
554 |
-
/**
|
555 |
-
* LearnPress
|
556 |
-
* @return void
|
557 |
-
*/
|
558 |
-
public function printFormItems_LearnPress() {
|
559 |
-
$this->printLoginFormItems();
|
560 |
-
}
|
561 |
-
|
562 |
-
/**
|
563 |
-
* Ultimate Member Forms
|
564 |
-
* https://wordpress.org/plugins/ultimate-member/
|
565 |
-
* @return void
|
566 |
-
*/
|
567 |
-
public function printFormItems_UltMem() {
|
568 |
-
$this->printLoginFormItems();
|
569 |
-
}
|
570 |
-
|
571 |
-
/**
|
572 |
-
* @return void
|
573 |
-
*/
|
574 |
-
public function printRegisterFormItems_MePr() {
|
575 |
-
$this->printLoginFormItems();
|
576 |
-
}
|
577 |
-
|
578 |
/**
|
579 |
* @return void
|
580 |
*/
|
@@ -589,24 +82,6 @@ abstract class ICWP_WPSF_Processor_LoginProtect_Base extends Modules\BaseShield\
|
|
589 |
$this->printFormItems();
|
590 |
}
|
591 |
|
592 |
-
/**
|
593 |
-
* see form-billing.php
|
594 |
-
* @param \WC_Checkout $oCheckout
|
595 |
-
* @return void
|
596 |
-
*/
|
597 |
-
public function printRegistrationFormItems_Woo( $oCheckout ) {
|
598 |
-
if ( $oCheckout instanceof \WC_Checkout && $oCheckout->is_registration_enabled() ) {
|
599 |
-
$this->printFormItems();
|
600 |
-
}
|
601 |
-
}
|
602 |
-
|
603 |
-
/**
|
604 |
-
* @return void
|
605 |
-
*/
|
606 |
-
public function printLoginFormItems_Bp() {
|
607 |
-
$this->printLoginFormItems();
|
608 |
-
}
|
609 |
-
|
610 |
/**
|
611 |
* @return string
|
612 |
*/
|
@@ -632,13 +107,6 @@ abstract class ICWP_WPSF_Processor_LoginProtect_Base extends Modules\BaseShield\
|
|
632 |
return is_wp_error( $oMaybeWpError ) ? $oMaybeWpError : new \WP_Error();
|
633 |
}
|
634 |
|
635 |
-
/**
|
636 |
-
* @return bool
|
637 |
-
*/
|
638 |
-
protected function canPrintLoginFormElement() {
|
639 |
-
return $this->getLoginFormPrintCount() < $this->getLoginFormCountMax();
|
640 |
-
}
|
641 |
-
|
642 |
/**
|
643 |
* @return string
|
644 |
*/
|
@@ -646,20 +114,6 @@ abstract class ICWP_WPSF_Processor_LoginProtect_Base extends Modules\BaseShield\
|
|
646 |
return empty( $this->sActionToAudit ) ? 'unknown-action' : $this->sActionToAudit;
|
647 |
}
|
648 |
|
649 |
-
/**
|
650 |
-
* @return int
|
651 |
-
*/
|
652 |
-
protected function getLoginFormCountMax() {
|
653 |
-
return $this->nLoginFormCountMax;
|
654 |
-
}
|
655 |
-
|
656 |
-
/**
|
657 |
-
* @return int
|
658 |
-
*/
|
659 |
-
protected function getLoginFormPrintCount() {
|
660 |
-
return max( 0, (int)$this->nLoginFormPrintCount );
|
661 |
-
}
|
662 |
-
|
663 |
/**
|
664 |
* @return string
|
665 |
*/
|
@@ -675,74 +129,61 @@ abstract class ICWP_WPSF_Processor_LoginProtect_Base extends Modules\BaseShield\
|
|
675 |
}
|
676 |
|
677 |
/**
|
678 |
-
* @
|
679 |
-
|
680 |
-
protected function isMemberPress() {
|
681 |
-
return defined( 'MEPR_LIB_PATH' ) || defined( 'MEPR_PLUGIN_NAME' );
|
682 |
-
}
|
683 |
-
|
684 |
-
/**
|
685 |
-
* @return bool
|
686 |
-
*/
|
687 |
-
protected function isPaidMemberSubscriptions() {
|
688 |
-
return @class_exists( 'Paid_Member_Subscriptions' ) && function_exists( 'pms_errors' );
|
689 |
-
}
|
690 |
-
|
691 |
-
/**
|
692 |
-
* @return bool
|
693 |
*/
|
694 |
-
protected function
|
695 |
-
|
|
|
696 |
}
|
697 |
|
698 |
/**
|
699 |
-
* @
|
|
|
700 |
*/
|
701 |
-
|
702 |
-
|
|
|
703 |
}
|
704 |
|
705 |
/**
|
706 |
-
* @param string $
|
707 |
* @return $this
|
708 |
*/
|
709 |
-
protected function
|
710 |
-
$this->
|
711 |
return $this;
|
712 |
}
|
713 |
|
714 |
/**
|
715 |
-
* @return
|
|
|
716 |
*/
|
717 |
-
|
718 |
-
|
719 |
-
return $this;
|
720 |
}
|
721 |
|
722 |
/**
|
723 |
-
* @param int $nMax
|
724 |
* @return $this
|
|
|
725 |
*/
|
726 |
-
public function
|
727 |
-
$this->nLoginFormCountMax = $nMax;
|
728 |
return $this;
|
729 |
}
|
730 |
|
731 |
/**
|
732 |
-
* @
|
733 |
-
* @
|
734 |
*/
|
735 |
-
|
736 |
-
|
737 |
-
return $this;
|
738 |
}
|
739 |
|
740 |
/**
|
741 |
-
* @
|
742 |
-
* @
|
743 |
*/
|
744 |
-
protected function
|
745 |
-
|
746 |
-
return $this;
|
747 |
}
|
748 |
}
|
20 |
*/
|
21 |
private $bFactorTested;
|
22 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
23 |
/**
|
24 |
*/
|
25 |
public function run() {
|
27 |
add_action( 'init', [ $this, 'addHooks' ], -100 );
|
28 |
}
|
29 |
|
|
|
|
|
|
|
30 |
public function addHooks() {
|
31 |
+
return;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
32 |
}
|
33 |
|
34 |
/**
|
36 |
*/
|
37 |
abstract protected function performCheckWithException();
|
38 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
39 |
/**
|
40 |
* @return string
|
41 |
*/
|
47 |
* @return string
|
48 |
*/
|
49 |
protected function buildLoginFormItems() {
|
50 |
+
$sItems = $this->buildFormItems();
|
51 |
if ( !empty( $sItems ) ) {
|
52 |
$this->incrementLoginFormPrintCount();
|
53 |
}
|
68 |
echo $this->buildLoginFormItems();
|
69 |
}
|
70 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
71 |
/**
|
72 |
* @return void
|
73 |
*/
|
82 |
$this->printFormItems();
|
83 |
}
|
84 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
85 |
/**
|
86 |
* @return string
|
87 |
*/
|
107 |
return is_wp_error( $oMaybeWpError ) ? $oMaybeWpError : new \WP_Error();
|
108 |
}
|
109 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
110 |
/**
|
111 |
* @return string
|
112 |
*/
|
114 |
return empty( $this->sActionToAudit ) ? 'unknown-action' : $this->sActionToAudit;
|
115 |
}
|
116 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
117 |
/**
|
118 |
* @return string
|
119 |
*/
|
129 |
}
|
130 |
|
131 |
/**
|
132 |
+
* @param string $sActionToAudit
|
133 |
+
* @return $this
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
134 |
*/
|
135 |
+
protected function setActionToAudit( $sActionToAudit ) {
|
136 |
+
$this->sActionToAudit = $sActionToAudit;
|
137 |
+
return $this;
|
138 |
}
|
139 |
|
140 |
/**
|
141 |
+
* @param bool $bFactorTested
|
142 |
+
* @return $this
|
143 |
*/
|
144 |
+
public function setFactorTested( $bFactorTested ) {
|
145 |
+
$this->bFactorTested = $bFactorTested;
|
146 |
+
return $this;
|
147 |
}
|
148 |
|
149 |
/**
|
150 |
+
* @param string $sUserToAudit
|
151 |
* @return $this
|
152 |
*/
|
153 |
+
protected function setUserToAudit( $sUserToAudit ) {
|
154 |
+
$this->sUserToAudit = sanitize_user( $sUserToAudit );
|
155 |
return $this;
|
156 |
}
|
157 |
|
158 |
/**
|
159 |
+
* @return bool
|
160 |
+
* @deprecated 9.0
|
161 |
*/
|
162 |
+
protected function canPrintLoginFormElement() {
|
163 |
+
return true;
|
|
|
164 |
}
|
165 |
|
166 |
/**
|
|
|
167 |
* @return $this
|
168 |
+
* @deprecated 9.0
|
169 |
*/
|
170 |
+
public function incrementLoginFormPrintCount() {
|
|
|
171 |
return $this;
|
172 |
}
|
173 |
|
174 |
/**
|
175 |
+
* @return int
|
176 |
+
* @deprecated 9.0
|
177 |
*/
|
178 |
+
protected function getLoginFormCountMax() {
|
179 |
+
return 1;
|
|
|
180 |
}
|
181 |
|
182 |
/**
|
183 |
+
* @return int
|
184 |
+
* @deprecated 9.0
|
185 |
*/
|
186 |
+
protected function getLoginFormPrintCount() {
|
187 |
+
return 0;
|
|
|
188 |
}
|
189 |
}
|
src/processors/loginprotect_gasp.php
CHANGED
@@ -1,7 +1,9 @@
|
|
1 |
<?php
|
2 |
|
3 |
-
|
4 |
-
|
|
|
|
|
5 |
class ICWP_WPSF_Processor_LoginProtect_Gasp extends ICWP_WPSF_Processor_LoginProtect_Base {
|
6 |
|
7 |
/**
|
@@ -15,77 +17,13 @@ class ICWP_WPSF_Processor_LoginProtect_Gasp extends ICWP_WPSF_Processor_LoginPro
|
|
15 |
* @return string
|
16 |
*/
|
17 |
private function getGaspLoginHtml() {
|
18 |
-
|
19 |
-
$oFO = $this->getMod();
|
20 |
-
$sUniqId = preg_replace( '#[^a-zA-Z0-9]#', '', apply_filters( 'icwp_shield_lp_gasp_uniqid', uniqid() ) );
|
21 |
-
return $this->getMod()->renderTemplate(
|
22 |
-
'snippets/gasp_js.php',
|
23 |
-
[
|
24 |
-
'sCbName' => $oFO->getGaspKey(),
|
25 |
-
'sLabel' => $oFO->getTextImAHuman(),
|
26 |
-
'sAlert' => $oFO->getTextPleaseCheckBox(),
|
27 |
-
'sMustJs' => __( 'You MUST enable Javascript to be able to login', 'wp-simple-firewall' ),
|
28 |
-
'sUniqId' => $sUniqId,
|
29 |
-
'sUniqElem' => 'icwp_wpsf_login_p'.$sUniqId,
|
30 |
-
'strings' => [
|
31 |
-
'loading' => __( 'Loading', 'wp-simple-firewall' )
|
32 |
-
]
|
33 |
-
]
|
34 |
-
);
|
35 |
}
|
36 |
|
37 |
/**
|
38 |
* @throws \Exception
|
39 |
*/
|
40 |
protected function performCheckWithException() {
|
41 |
-
|
42 |
-
return;
|
43 |
-
}
|
44 |
-
|
45 |
-
/** @var ICWP_WPSF_FeatureHandler_LoginProtect $oMod */
|
46 |
-
$oMod = $this->getMod();
|
47 |
-
$this->setFactorTested( true );
|
48 |
-
|
49 |
-
$oReq = Services::Request();
|
50 |
-
$sGaspCheckBox = $oReq->post( $oMod->getGaspKey() );
|
51 |
-
$sHoney = $oReq->post( 'icwp_wpsf_login_email' );
|
52 |
-
|
53 |
-
$sUsername = $this->getUserToAudit();
|
54 |
-
$sActionAttempted = $this->getActionToAudit();
|
55 |
-
|
56 |
-
$bValid = false;
|
57 |
-
$sError = '';
|
58 |
-
if ( empty( $sGaspCheckBox ) ) {
|
59 |
-
$this->getCon()->fireEvent(
|
60 |
-
'botbox_fail',
|
61 |
-
[
|
62 |
-
'audit' => [
|
63 |
-
'user_login' => $sUsername,
|
64 |
-
'action' => $sActionAttempted,
|
65 |
-
]
|
66 |
-
]
|
67 |
-
);
|
68 |
-
$sError = __( "You must check that box to say you're not a bot.", 'wp-simple-firewall' );
|
69 |
-
}
|
70 |
-
elseif ( !empty( $sHoney ) ) {
|
71 |
-
$this->getCon()->fireEvent(
|
72 |
-
'honeypot_fail',
|
73 |
-
[
|
74 |
-
'audit' => [
|
75 |
-
'user_login' => $sUsername,
|
76 |
-
'action' => $sActionAttempted,
|
77 |
-
]
|
78 |
-
]
|
79 |
-
);
|
80 |
-
$sError = __( 'You appear to be a bot.', 'wp-simple-firewall' );
|
81 |
-
}
|
82 |
-
else {
|
83 |
-
$bValid = true;
|
84 |
-
}
|
85 |
-
|
86 |
-
if ( !$bValid ) {
|
87 |
-
$this->processFailure();
|
88 |
-
throw new \Exception( $sError );
|
89 |
-
}
|
90 |
}
|
91 |
}
|
1 |
<?php
|
2 |
|
3 |
+
/**
|
4 |
+
* Class ICWP_WPSF_Processor_LoginProtect_Gasp
|
5 |
+
* @deprecated 9.0
|
6 |
+
*/
|
7 |
class ICWP_WPSF_Processor_LoginProtect_Gasp extends ICWP_WPSF_Processor_LoginProtect_Base {
|
8 |
|
9 |
/**
|
17 |
* @return string
|
18 |
*/
|
19 |
private function getGaspLoginHtml() {
|
20 |
+
return '';
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
21 |
}
|
22 |
|
23 |
/**
|
24 |
* @throws \Exception
|
25 |
*/
|
26 |
protected function performCheckWithException() {
|
27 |
+
return;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
28 |
}
|
29 |
}
|
src/processors/loginprotect_googlerecaptcha.php
CHANGED
@@ -2,33 +2,19 @@
|
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
4 |
|
|
|
|
|
|
|
|
|
5 |
class ICWP_WPSF_Processor_LoginProtect_GoogleRecaptcha extends ICWP_WPSF_Processor_LoginProtect_Base {
|
6 |
|
7 |
-
|
8 |
-
* We no longer check if recaptcha is ready, we just use run(). So check beforehand.
|
9 |
-
*/
|
10 |
-
public function run() {
|
11 |
-
parent::run();
|
12 |
-
add_action( 'wp_enqueue_scripts', [ $this, 'registerGoogleRecaptchaJs' ], 99 );
|
13 |
-
add_action( 'login_enqueue_scripts', [ $this, 'registerGoogleRecaptchaJs' ], 99 );
|
14 |
}
|
15 |
|
16 |
/**
|
17 |
* @throws \Exception
|
18 |
*/
|
19 |
protected function performCheckWithException() {
|
20 |
-
if ( !$this->isFactorTested() ) {
|
21 |
-
$this->setFactorTested( true );
|
22 |
-
try {
|
23 |
-
( new Shield\Utilities\ReCaptcha\TestRequest() )
|
24 |
-
->setMod( $this->getMod() )
|
25 |
-
->test();
|
26 |
-
}
|
27 |
-
catch ( \Exception $oE ) {
|
28 |
-
$this->processFailure();
|
29 |
-
throw $oE;
|
30 |
-
}
|
31 |
-
}
|
32 |
}
|
33 |
|
34 |
/**
|
@@ -93,4 +79,14 @@ class ICWP_WPSF_Processor_LoginProtect_GoogleRecaptcha extends ICWP_WPSF_Process
|
|
93 |
$sNonInvisStyle = '<style>@media screen {#rc-imageselect, .icwpg-recaptcha iframe {transform:scale(0.90);-webkit-transform:scale(0.90);transform-origin:0 0;-webkit-transform-origin:0 0;}</style>';
|
94 |
return sprintf( '%s<div class="icwpg-recaptcha"></div>', $this->isRecaptchaInvisible() ? '' : $sNonInvisStyle );
|
95 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
96 |
}
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
4 |
|
5 |
+
/**
|
6 |
+
* Class ICWP_WPSF_Processor_LoginProtect_GoogleRecaptcha
|
7 |
+
* @deprecated 9.0
|
8 |
+
*/
|
9 |
class ICWP_WPSF_Processor_LoginProtect_GoogleRecaptcha extends ICWP_WPSF_Processor_LoginProtect_Base {
|
10 |
|
11 |
+
public function onWpEnqueueJs() {
|
|
|
|
|
|
|
|
|
|
|
|
|
12 |
}
|
13 |
|
14 |
/**
|
15 |
* @throws \Exception
|
16 |
*/
|
17 |
protected function performCheckWithException() {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
18 |
}
|
19 |
|
20 |
/**
|
79 |
$sNonInvisStyle = '<style>@media screen {#rc-imageselect, .icwpg-recaptcha iframe {transform:scale(0.90);-webkit-transform:scale(0.90);transform-origin:0 0;-webkit-transform-origin:0 0;}</style>';
|
80 |
return sprintf( '%s<div class="icwpg-recaptcha"></div>', $this->isRecaptchaInvisible() ? '' : $sNonInvisStyle );
|
81 |
}
|
82 |
+
|
83 |
+
/**
|
84 |
+
* @return bool
|
85 |
+
* @deprecated 9.0
|
86 |
+
*/
|
87 |
+
protected function isRecaptchaInvisible() {
|
88 |
+
/** @var \ICWP_WPSF_FeatureHandler_BaseWpsf $oMod */
|
89 |
+
$oMod = $this->getMod();
|
90 |
+
return ( $oMod->getCaptchaCfg()->theme == 'invisible' );
|
91 |
+
}
|
92 |
}
|
src/processors/plugin.php
CHANGED
@@ -11,27 +11,27 @@ class ICWP_WPSF_Processor_Plugin extends Modules\BaseShield\ShieldProcessor {
|
|
11 |
*/
|
12 |
public function run() {
|
13 |
parent::run();
|
|
|
|
|
14 |
/** @var Plugin\Options $oOpts */
|
15 |
$oOpts = $this->getOptions();
|
16 |
|
17 |
$this->removePluginConflicts();
|
18 |
|
19 |
( new Shield\Crons\HourlyCron() )
|
20 |
-
->setMod( $
|
21 |
->run();
|
22 |
( new Shield\Crons\DailyCron() )
|
23 |
-
->setMod( $
|
24 |
-
->run();
|
25 |
-
( new Plugin\Components\PluginBadge() )
|
26 |
-
->setMod( $this->getMod() )
|
27 |
->run();
|
|
|
28 |
|
29 |
if ( $oOpts->isTrackingEnabled() || !$oOpts->isTrackingPermissionSet() ) {
|
30 |
$this->getSubProTracking()->execute();
|
31 |
}
|
32 |
|
33 |
if ( $oOpts->isImportExportPermitted() ) {
|
34 |
-
$
|
35 |
}
|
36 |
|
37 |
$oCon = $this->getCon();
|
@@ -39,15 +39,6 @@ class ICWP_WPSF_Processor_Plugin extends Modules\BaseShield\ShieldProcessor {
|
|
39 |
case 'dump_tracking_data':
|
40 |
add_action( 'wp_loaded', [ $this, 'dumpTrackingData' ] );
|
41 |
break;
|
42 |
-
|
43 |
-
case 'importexport_export':
|
44 |
-
case 'importexport_import':
|
45 |
-
case 'importexport_handshake':
|
46 |
-
case 'importexport_updatenotified':
|
47 |
-
if ( $oOpts->isImportExportPermitted() ) {
|
48 |
-
add_action( 'init', [ $this->getSubProImportExport(), 'runAction' ] );
|
49 |
-
}
|
50 |
-
break;
|
51 |
default:
|
52 |
break;
|
53 |
}
|
@@ -92,20 +83,12 @@ class ICWP_WPSF_Processor_Plugin extends Modules\BaseShield\ShieldProcessor {
|
|
92 |
return $this->getSubPro( 'tracking' );
|
93 |
}
|
94 |
|
95 |
-
/**
|
96 |
-
* @return \ICWP_WPSF_Processor_Plugin_ImportExport
|
97 |
-
*/
|
98 |
-
public function getSubProImportExport() {
|
99 |
-
return $this->getSubPro( 'importexport' );
|
100 |
-
}
|
101 |
-
|
102 |
/**
|
103 |
* @return array
|
104 |
*/
|
105 |
protected function getSubProMap() {
|
106 |
return [
|
107 |
-
'
|
108 |
-
'tracking' => 'ICWP_WPSF_Processor_Plugin_Tracking',
|
109 |
];
|
110 |
}
|
111 |
|
@@ -171,6 +154,14 @@ class ICWP_WPSF_Processor_Plugin extends Modules\BaseShield\ShieldProcessor {
|
|
171 |
|
172 |
public function runDailyCron() {
|
173 |
$this->getCon()->fireEvent( 'test_cron_run' );
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
174 |
}
|
175 |
|
176 |
/**
|
11 |
*/
|
12 |
public function run() {
|
13 |
parent::run();
|
14 |
+
/** @var \ICWP_WPSF_FeatureHandler_Plugin $oMod */
|
15 |
+
$oMod = $this->getMod();
|
16 |
/** @var Plugin\Options $oOpts */
|
17 |
$oOpts = $this->getOptions();
|
18 |
|
19 |
$this->removePluginConflicts();
|
20 |
|
21 |
( new Shield\Crons\HourlyCron() )
|
22 |
+
->setMod( $oMod )
|
23 |
->run();
|
24 |
( new Shield\Crons\DailyCron() )
|
25 |
+
->setMod( $oMod )
|
|
|
|
|
|
|
26 |
->run();
|
27 |
+
$oMod->getPluginBadgeCon()->run();
|
28 |
|
29 |
if ( $oOpts->isTrackingEnabled() || !$oOpts->isTrackingPermissionSet() ) {
|
30 |
$this->getSubProTracking()->execute();
|
31 |
}
|
32 |
|
33 |
if ( $oOpts->isImportExportPermitted() ) {
|
34 |
+
$oMod->getImpExpController()->run();
|
35 |
}
|
36 |
|
37 |
$oCon = $this->getCon();
|
39 |
case 'dump_tracking_data':
|
40 |
add_action( 'wp_loaded', [ $this, 'dumpTrackingData' ] );
|
41 |
break;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
42 |
default:
|
43 |
break;
|
44 |
}
|
83 |
return $this->getSubPro( 'tracking' );
|
84 |
}
|
85 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
86 |
/**
|
87 |
* @return array
|
88 |
*/
|
89 |
protected function getSubProMap() {
|
90 |
return [
|
91 |
+
'tracking' => 'ICWP_WPSF_Processor_Plugin_Tracking',
|
|
|
92 |
];
|
93 |
}
|
94 |
|
154 |
|
155 |
public function runDailyCron() {
|
156 |
$this->getCon()->fireEvent( 'test_cron_run' );
|
157 |
+
|
158 |
+
/** @var Plugin\Options $oOpts */
|
159 |
+
$oOpts = $this->getOptions();
|
160 |
+
if ( $oOpts->isImportExportPermitted() ) {
|
161 |
+
( new Plugin\Lib\ImportExport\Import() )
|
162 |
+
->setMod( $this->getMod() )
|
163 |
+
->fromSite( $oOpts->getImportExportMasterImportUrl() );
|
164 |
+
}
|
165 |
}
|
166 |
|
167 |
/**
|
src/processors/plugin_importexport.php
CHANGED
@@ -1,588 +1,11 @@
|
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
4 |
-
use FernleafSystems\Wordpress\Plugin\Shield\Modules\Plugin;
|
5 |
-
use FernleafSystems\Wordpress\Services\Services;
|
6 |
|
|
|
|
|
|
|
|
|
7 |
class ICWP_WPSF_Processor_Plugin_ImportExport extends Shield\Modules\BaseShield\ShieldProcessor {
|
8 |
|
9 |
-
public function run() {
|
10 |
-
/** @var Plugin\Options $oOpts */
|
11 |
-
$oOpts = $this->getOptions();
|
12 |
-
|
13 |
-
add_action( $this->getCon()->prefix( 'importexport_notify' ), [ $this, 'runWhitelistNotify' ] );
|
14 |
-
|
15 |
-
if ( $oOpts->hasImportExportMasterImportUrl() ) {
|
16 |
-
// For auto update whitelist notifications:
|
17 |
-
add_action( $this->getCon()->prefix( 'importexport_updatenotified' ), [ $this, 'runImport' ] );
|
18 |
-
}
|
19 |
-
}
|
20 |
-
|
21 |
-
/**
|
22 |
-
* @return array
|
23 |
-
*/
|
24 |
-
public function buildInsightsVars() {
|
25 |
-
/** @var ICWP_WPSF_FeatureHandler_HackProtect $oMod */
|
26 |
-
$oMod = $this->getMod();
|
27 |
-
$aData = [
|
28 |
-
'vars' => [
|
29 |
-
'file_upload_nonce' => $oMod->getNonceActionData( 'import_file_upload' ),
|
30 |
-
'form_action' => $oMod->getUrl_AdminPage()
|
31 |
-
],
|
32 |
-
'ajax' => [
|
33 |
-
'import_from_site' => $oMod->getAjaxActionData( 'import_from_site', true ),
|
34 |
-
],
|
35 |
-
'flags' => [
|
36 |
-
'can_importexport' => $this->getCon()->isPremiumActive(),
|
37 |
-
],
|
38 |
-
'hrefs' => [
|
39 |
-
'export_file_download' => $this->createExportFileDownloadLink()
|
40 |
-
],
|
41 |
-
'strings' => [
|
42 |
-
'title_import_file' => __( 'Import From File', 'wp-simple-firewall' ),
|
43 |
-
'subtitle_import_file' => __( 'Upload an exported options file you downloaded from another site', 'wp-simple-firewall' ),
|
44 |
-
'select_import_file' => __( 'Select file to import options from', 'wp-simple-firewall' ),
|
45 |
-
'i_understand' => __( 'I Understand Existing Options Will Be Overwritten', 'wp-simple-firewall' ),
|
46 |
-
'be_sure' => __( 'Please be sure that this is what you want.', 'wp-simple-firewall' ),
|
47 |
-
'not_undone' => __( "This action can't be undone.", 'wp-simple-firewall' ),
|
48 |
-
'title_import_site' => __( "Import From Site", 'wp-simple-firewall' ),
|
49 |
-
|
50 |
-
'title_download_file' => __( 'Download Options Export File', 'wp-simple-firewall' ),
|
51 |
-
'subtitle_download_file' => __( 'Use this file to copy options from this site into another site', 'wp-simple-firewall' ),
|
52 |
-
|
53 |
-
'subtitle_import_site' => __( 'Import options directly from another site', 'wp-simple-firewall' ),
|
54 |
-
'master_site_url' => __( 'Master Site URL', 'wp-simple-firewall' ),
|
55 |
-
'remember_include' => sprintf(
|
56 |
-
__( 'Remember to include %s or %s', 'wp-simple-firewall' ),
|
57 |
-
'<code>https://</code>',
|
58 |
-
'<code>http://</code>'
|
59 |
-
),
|
60 |
-
'secret_key' => __( 'Secret Key', 'wp-simple-firewall' ),
|
61 |
-
'master_site_key' => __( 'Master Site Secret Key', 'wp-simple-firewall' ),
|
62 |
-
'create_network' => __( 'Create Shield Network', 'wp-simple-firewall' ),
|
63 |
-
'key_found_under' => sprintf( __( 'The secret key is found in: %s', 'wp-simple-firewall' ),
|
64 |
-
ucwords( sprintf( '%s > %s > %s ', __( 'General Settings', 'wp-simple-firewall' ), __( 'Import/Export', 'wp-simple-firewall' ), __( 'Secret Key', 'wp-simple-firewall' ) ) )
|
65 |
-
),
|
66 |
-
'turn_on' => __( 'Turn On', 'wp-simple-firewall' ),
|
67 |
-
'turn_off' => __( 'Turn Off', 'wp-simple-firewall' ),
|
68 |
-
'no_change' => __( 'No Change', 'wp-simple-firewall' ),
|
69 |
-
'network_explain' => [
|
70 |
-
__( 'Checking this option on will link this site to Master site.', 'wp-simple-firewall' ),
|
71 |
-
__( 'Options will be automatically imported from the Master site each night', 'wp-simple-firewall' ),
|
72 |
-
__( 'When you adjust options on the Master site, they will be reflected in this site after the automatic import', 'wp-simple-firewall' ),
|
73 |
-
],
|
74 |
-
'import_options' => __( 'Import Options', 'wp-simple-firewall' ),
|
75 |
-
'downloading_please_wait' => __( 'Downloading file, please wait...', 'wp-simple-firewall' ),
|
76 |
-
'problem_downloading_file' => __( 'There was a problem downloading the file.', 'wp-simple-firewall' ),
|
77 |
-
]
|
78 |
-
];
|
79 |
-
|
80 |
-
return $aData;
|
81 |
-
}
|
82 |
-
|
83 |
-
/**
|
84 |
-
* @return string
|
85 |
-
*/
|
86 |
-
private function createExportFileDownloadLink() {
|
87 |
-
return add_query_arg(
|
88 |
-
$this->getMod()->getNonceActionData( 'export_file_download' ),
|
89 |
-
$this->getMod()->getUrl_AdminPage()
|
90 |
-
);
|
91 |
-
}
|
92 |
-
|
93 |
-
public function runWhitelistNotify() {
|
94 |
-
/** @var ICWP_WPSF_FeatureHandler_Plugin $oMod */
|
95 |
-
$oMod = $this->getMod();
|
96 |
-
$oHttpReq = Services::HttpRequest();
|
97 |
-
|
98 |
-
if ( $oMod->hasImportExportWhitelistSites() ) {
|
99 |
-
|
100 |
-
$aQuery = [
|
101 |
-
'blocking' => false,
|
102 |
-
'body' => [ 'shield_action' => 'importexport_updatenotified' ]
|
103 |
-
];
|
104 |
-
foreach ( $oMod->getImportExportWhitelist() as $sUrl ) {
|
105 |
-
$oHttpReq->get( $sUrl, $aQuery );
|
106 |
-
}
|
107 |
-
|
108 |
-
$this->getCon()->fireEvent( 'import_notify_sent' );
|
109 |
-
}
|
110 |
-
}
|
111 |
-
|
112 |
-
public function runAction() {
|
113 |
-
|
114 |
-
try {
|
115 |
-
$oReq = Services::Request();
|
116 |
-
switch ( $this->getCon()->getShieldAction() ) {
|
117 |
-
|
118 |
-
case 'importexport_export':
|
119 |
-
$this->executeExport( $oReq->query( 'method' ) );
|
120 |
-
break;
|
121 |
-
|
122 |
-
case 'importexport_import':
|
123 |
-
$this->executeImport( $oReq->query( 'method' ) );
|
124 |
-
break;
|
125 |
-
|
126 |
-
case 'importexport_handshake':
|
127 |
-
$this->runOptionsExportHandshake();
|
128 |
-
break;
|
129 |
-
|
130 |
-
case 'importexport_updatenotified':
|
131 |
-
$this->runOptionsUpdateNotified();
|
132 |
-
break;
|
133 |
-
|
134 |
-
default:
|
135 |
-
break;
|
136 |
-
}
|
137 |
-
}
|
138 |
-
catch ( \Exception $oE ) {
|
139 |
-
}
|
140 |
-
}
|
141 |
-
|
142 |
-
/**
|
143 |
-
* @param string $sMethod
|
144 |
-
*/
|
145 |
-
private function executeExport( $sMethod = 'json' ) {
|
146 |
-
|
147 |
-
try {
|
148 |
-
$this->preActionVerify();
|
149 |
-
|
150 |
-
switch ( $sMethod ) {
|
151 |
-
case 'file':
|
152 |
-
$this->downloadExportToFile();
|
153 |
-
break;
|
154 |
-
|
155 |
-
case 'json':
|
156 |
-
default:
|
157 |
-
$this->exportToJsonResponse();
|
158 |
-
break;
|
159 |
-
}
|
160 |
-
}
|
161 |
-
catch ( \Exception $oE ) {
|
162 |
-
}
|
163 |
-
die();
|
164 |
-
}
|
165 |
-
|
166 |
-
/**
|
167 |
-
* @param string $sMethod
|
168 |
-
*/
|
169 |
-
private function executeImport( $sMethod = 'file' ) {
|
170 |
-
|
171 |
-
try {
|
172 |
-
$this->preActionVerify();
|
173 |
-
|
174 |
-
switch ( $sMethod ) {
|
175 |
-
case 'file':
|
176 |
-
default:
|
177 |
-
$this->importFromUploadFile();
|
178 |
-
break;
|
179 |
-
}
|
180 |
-
}
|
181 |
-
catch ( \Exception $oE ) {
|
182 |
-
}
|
183 |
-
die();
|
184 |
-
}
|
185 |
-
|
186 |
-
/**
|
187 |
-
* @throws \Exception
|
188 |
-
*/
|
189 |
-
private function downloadExportToFile() {
|
190 |
-
if ( !$this->getCon()->isPluginAdmin() ) {
|
191 |
-
throw new \Exception( 'Not currently logged-in as admin' );
|
192 |
-
}
|
193 |
-
$this->doExportDownload();
|
194 |
-
}
|
195 |
-
|
196 |
-
public function doExportDownload() {
|
197 |
-
$sExport = json_encode( $this->getExportData() );
|
198 |
-
$aData = [
|
199 |
-
'# Site URL: '.Services::WpGeneral()->getHomeUrl(),
|
200 |
-
'# Export Date: '.Services::WpGeneral()->getTimeStringForDisplay(),
|
201 |
-
'# Hash: '.sha1( $sExport ),
|
202 |
-
$sExport
|
203 |
-
];
|
204 |
-
Services::Response()->downloadStringAsFile(
|
205 |
-
implode( "\n", $aData ),
|
206 |
-
sprintf( 'shieldexport-%s-%s.json',
|
207 |
-
Services::Data()->urlStripSchema( Services::WpGeneral()->getHomeUrl() ),
|
208 |
-
$sFilename = date( 'Ymd_His' )
|
209 |
-
)
|
210 |
-
);
|
211 |
-
}
|
212 |
-
|
213 |
-
/**
|
214 |
-
* @throws \Exception
|
215 |
-
*/
|
216 |
-
public function importFromUploadFile() {
|
217 |
-
if ( !$this->getCon()->isPluginAdmin() ) {
|
218 |
-
throw new \Exception( __( 'Not currently logged-in as security admin', 'wp-simple-firewall' ) );
|
219 |
-
}
|
220 |
-
|
221 |
-
if ( Services::Request()->post( 'confirm' ) != 'Y' ) {
|
222 |
-
throw new \Exception( __( 'Please check the box to confirm your intent to overwrite settings', 'wp-simple-firewall' ) );
|
223 |
-
}
|
224 |
-
|
225 |
-
$oFs = Services::WpFs();
|
226 |
-
if ( empty( $_FILES ) || !isset( $_FILES[ 'import_file' ] )
|
227 |
-
|| empty( $_FILES[ 'import_file' ][ 'tmp_name' ] ) ) {
|
228 |
-
throw new \Exception( __( 'Please select a file to upload', 'wp-simple-firewall' ) );
|
229 |
-
}
|
230 |
-
if ( $_FILES[ 'import_file' ][ 'size' ] == 0
|
231 |
-
|| isset( $_FILES[ 'error' ] ) && $_FILES[ 'error' ] != UPLOAD_ERR_OK
|
232 |
-
|| !$oFs->isFile( $_FILES[ 'import_file' ][ 'tmp_name' ] )
|
233 |
-
|| filesize( $_FILES[ 'import_file' ][ 'tmp_name' ] ) === 0
|
234 |
-
) {
|
235 |
-
throw new \Exception( __( 'Uploading of file failed', 'wp-simple-firewall' ) );
|
236 |
-
}
|
237 |
-
|
238 |
-
$sContent = Services::WpFs()->getFileContent( $_FILES[ 'import_file' ][ 'tmp_name' ] );
|
239 |
-
if ( empty( $sContent ) ) {
|
240 |
-
throw new \Exception( __( 'Uploaded file was empty', 'wp-simple-firewall' ) );
|
241 |
-
}
|
242 |
-
|
243 |
-
{//filter any comment lines
|
244 |
-
$aParts = array_filter(
|
245 |
-
array_map( 'trim', explode( "\n", $sContent ) ),
|
246 |
-
function ( $sLine ) {
|
247 |
-
return ( strpos( $sLine, '{' ) === 0 );
|
248 |
-
}
|
249 |
-
);
|
250 |
-
if ( empty( $aParts ) ) {
|
251 |
-
throw new \Exception( __( 'Options data could not be found in uploaded file', 'wp-simple-firewall' ) );
|
252 |
-
}
|
253 |
-
}
|
254 |
-
{//parse the options json
|
255 |
-
$aData = @json_decode( array_shift( $aParts ), true );
|
256 |
-
if ( empty( $aData ) || !is_array( $aData ) ) {
|
257 |
-
throw new \Exception( __( 'Uploaded options data was not of the correct format', 'wp-simple-firewall' ) );
|
258 |
-
}
|
259 |
-
}
|
260 |
-
|
261 |
-
$this->processDataImport( $aData, __( 'uploaded file', 'wp-simple-firewall' ) );
|
262 |
-
$oFs->deleteFile( $_FILES[ 'import_file' ][ 'tmp_name' ] );
|
263 |
-
}
|
264 |
-
|
265 |
-
/**
|
266 |
-
* @return array
|
267 |
-
*/
|
268 |
-
private function getExportData() {
|
269 |
-
$aD = apply_filters( $this->getMod()->prefix( 'gather_options_for_export' ), [] );
|
270 |
-
return is_array( $aD ) ? $aD : [];
|
271 |
-
}
|
272 |
-
|
273 |
-
/**
|
274 |
-
* @throws \Exception
|
275 |
-
*/
|
276 |
-
private function preActionVerify() {
|
277 |
-
/** @var Plugin\Options $oOpts */
|
278 |
-
$oOpts = $this->getOptions();
|
279 |
-
$oCon = $this->getCon();
|
280 |
-
|
281 |
-
if ( !$oCon->isPremiumActive() ) {
|
282 |
-
throw new \Exception(
|
283 |
-
sprintf( __( 'Not currently running %s Pro.', 'wp-simple-firewall' ), $oCon->getHumanName() ),
|
284 |
-
1
|
285 |
-
);
|
286 |
-
}
|
287 |
-
if ( !$oOpts->isImportExportPermitted() ) {
|
288 |
-
throw new \Exception( __( 'Export of options is currently disabled.', 'wp-simple-firewall' ), 2 );
|
289 |
-
}
|
290 |
-
}
|
291 |
-
|
292 |
-
/**
|
293 |
-
* This is called from a remote site when this site sends out an export request to another
|
294 |
-
* site but without a secret key i.e. it assumes it's on the white list. We give a 30 second
|
295 |
-
* window for the handshake to complete. We do not explicitly fail.
|
296 |
-
*/
|
297 |
-
public function runOptionsExportHandshake() {
|
298 |
-
/** @var Plugin\Options $oOpts */
|
299 |
-
$oOpts = $this->getOptions();
|
300 |
-
if ( $oOpts->isImportExportPermitted() &&
|
301 |
-
( Services::Request()->ts() < $oOpts->getImportExportHandshakeExpiresAt() ) ) {
|
302 |
-
echo json_encode( [ 'success' => true ] );
|
303 |
-
die();
|
304 |
-
}
|
305 |
-
else {
|
306 |
-
return;
|
307 |
-
}
|
308 |
-
}
|
309 |
-
|
310 |
-
/**
|
311 |
-
* We've been notified that there's an update to pull in from the master site so we set a cron to do this.
|
312 |
-
*/
|
313 |
-
public function runOptionsUpdateNotified() {
|
314 |
-
$oCon = $this->getCon();
|
315 |
-
/** @var Plugin\Options $oOpts */
|
316 |
-
$oOpts = $this->getOptions();
|
317 |
-
|
318 |
-
$sCronHook = $oCon->prefix( 'importexport_updatenotified' );
|
319 |
-
if ( wp_next_scheduled( $sCronHook ) ) {
|
320 |
-
wp_clear_scheduled_hook( $sCronHook );
|
321 |
-
}
|
322 |
-
|
323 |
-
if ( !wp_next_scheduled( $sCronHook ) ) {
|
324 |
-
|
325 |
-
wp_schedule_single_event( Services::Request()->ts() + 12, $sCronHook );
|
326 |
-
|
327 |
-
preg_match( '#.*WordPress/.*\s+(.*)\s?#', Services::Request()->getUserAgent(), $aMatches );
|
328 |
-
if ( !empty( $aMatches[ 1 ] ) && filter_var( $aMatches[ 1 ], FILTER_VALIDATE_URL ) ) {
|
329 |
-
$sUrl = parse_url( $aMatches[ 1 ], PHP_URL_HOST );
|
330 |
-
if ( !empty( $sUrl ) ) {
|
331 |
-
$sUrl = 'Site: '.$sUrl;
|
332 |
-
}
|
333 |
-
}
|
334 |
-
else {
|
335 |
-
$sUrl = '';
|
336 |
-
}
|
337 |
-
|
338 |
-
$this->getCon()->fireEvent(
|
339 |
-
'import_notify_received',
|
340 |
-
[ 'audit' => [ 'master_site' => $oOpts->getImportExportMasterImportUrl() ] ]
|
341 |
-
);
|
342 |
-
}
|
343 |
-
}
|
344 |
-
|
345 |
-
/**
|
346 |
-
*/
|
347 |
-
private function exportToJsonResponse() {
|
348 |
-
/** @var Plugin\Options $oOpts */
|
349 |
-
$oOpts = $this->getOptions();
|
350 |
-
$oCon = $this->getCon();
|
351 |
-
/** @var ICWP_WPSF_FeatureHandler_Plugin $oFO */
|
352 |
-
$oFO = $this->getMod();
|
353 |
-
$oReq = Services::Request();
|
354 |
-
|
355 |
-
$sSecretKey = $oReq->query( 'secret', '' );
|
356 |
-
|
357 |
-
$sNetworkOpt = $oReq->query( 'network', '' );
|
358 |
-
$bDoNetwork = !empty( $sNetworkOpt );
|
359 |
-
$sUrl = Services::Data()->validateSimpleHttpUrl( $oReq->query( 'url', '' ) );
|
360 |
-
|
361 |
-
if ( !$oFO->isImportExportSecretKey( $sSecretKey ) && !$this->isUrlOnWhitelist( $sUrl ) ) {
|
362 |
-
return; // we show no signs of responding to invalid secret keys or unwhitelisted URLs
|
363 |
-
}
|
364 |
-
|
365 |
-
$bSuccess = false;
|
366 |
-
$aData = [];
|
367 |
-
|
368 |
-
if ( !$oCon->isPremiumActive() ) {
|
369 |
-
$nCode = 1;
|
370 |
-
$sMessage = sprintf( __( 'Not currently running %s Pro.', 'wp-simple-firewall' ), $this->getCon()
|
371 |
-
->getHumanName() );
|
372 |
-
}
|
373 |
-
elseif ( !$oOpts->isImportExportPermitted() ) {
|
374 |
-
$nCode = 2;
|
375 |
-
$sMessage = __( 'Export of options is currently disabled.', 'wp-simple-firewall' );
|
376 |
-
}
|
377 |
-
elseif ( !$this->verifyUrlWithHandshake( $sUrl ) ) {
|
378 |
-
$nCode = 3;
|
379 |
-
$sMessage = __( 'Handshake verification failed.', 'wp-simple-firewall' );
|
380 |
-
}
|
381 |
-
else {
|
382 |
-
$nCode = 0;
|
383 |
-
$bSuccess = true;
|
384 |
-
$aData = $this->getExportData();
|
385 |
-
$sMessage = 'Options Exported Successfully';
|
386 |
-
|
387 |
-
$this->getCon()->fireEvent(
|
388 |
-
'options_exported',
|
389 |
-
[ 'audit' => [ 'site' => $sUrl ] ]
|
390 |
-
);
|
391 |
-
|
392 |
-
if ( $bDoNetwork ) {
|
393 |
-
if ( $sNetworkOpt === 'Y' ) {
|
394 |
-
$oFO->addUrlToImportExportWhitelistUrls( $sUrl );
|
395 |
-
$this->getCon()->fireEvent(
|
396 |
-
'whitelist_site_added',
|
397 |
-
[ 'audit' => [ 'site' => $sUrl ] ]
|
398 |
-
);
|
399 |
-
}
|
400 |
-
else {
|
401 |
-
$oFO->removeUrlFromImportExportWhitelistUrls( $sUrl );
|
402 |
-
$this->getCon()->fireEvent(
|
403 |
-
'whitelist_site_removed',
|
404 |
-
[ 'audit' => [ 'site' => $sUrl ] ]
|
405 |
-
);
|
406 |
-
}
|
407 |
-
}
|
408 |
-
}
|
409 |
-
|
410 |
-
$aResponse = [
|
411 |
-
'success' => $bSuccess,
|
412 |
-
'code' => $nCode,
|
413 |
-
'message' => $sMessage,
|
414 |
-
'data' => $aData,
|
415 |
-
];
|
416 |
-
echo json_encode( $aResponse );
|
417 |
-
die();
|
418 |
-
}
|
419 |
-
|
420 |
-
/**
|
421 |
-
* @param string $sUrl
|
422 |
-
* @return bool
|
423 |
-
*/
|
424 |
-
protected function isUrlOnWhitelist( $sUrl ) {
|
425 |
-
/** @var ICWP_WPSF_FeatureHandler_Plugin $oFO */
|
426 |
-
$oFO = $this->getMod();
|
427 |
-
return !empty( $sUrl ) && in_array( $sUrl, $oFO->getImportExportWhitelist() );
|
428 |
-
}
|
429 |
-
|
430 |
-
/**
|
431 |
-
* @param string $sUrl
|
432 |
-
* @return bool
|
433 |
-
*/
|
434 |
-
private function verifyUrlWithHandshake( $sUrl ) {
|
435 |
-
$bVerified = false;
|
436 |
-
|
437 |
-
if ( !empty( $sUrl ) ) {
|
438 |
-
$sReqUrl = add_query_arg( [ 'shield_action' => 'importexport_handshake' ], $sUrl );
|
439 |
-
$aResp = @json_decode( Services::HttpRequest()->getContent( $sReqUrl ), true );
|
440 |
-
$bVerified = is_array( $aResp ) && isset( $aResp[ 'success' ] ) && ( $aResp[ 'success' ] === true );
|
441 |
-
}
|
442 |
-
|
443 |
-
return $bVerified;
|
444 |
-
}
|
445 |
-
|
446 |
-
/**
|
447 |
-
* @param string $sMasterSiteUrl
|
448 |
-
* @param string $sSecretKey
|
449 |
-
* @param bool|null $bEnableNetwork
|
450 |
-
* @param string $sSiteResponse
|
451 |
-
* @return int
|
452 |
-
*/
|
453 |
-
public function runImport( $sMasterSiteUrl = '', $sSecretKey = '', $bEnableNetwork = null, &$sSiteResponse = '' ) {
|
454 |
-
/** @var Plugin\Options $oOpts */
|
455 |
-
$oOpts = $this->getOptions();
|
456 |
-
/** @var ICWP_WPSF_FeatureHandler_Plugin $oMod */
|
457 |
-
$oMod = $this->getMod();
|
458 |
-
$oDP = Services::Data();
|
459 |
-
|
460 |
-
if ( empty( $sMasterSiteUrl ) ) {
|
461 |
-
$sMasterSiteUrl = $oOpts->getImportExportMasterImportUrl();
|
462 |
-
}
|
463 |
-
|
464 |
-
$aParts = parse_url( $sMasterSiteUrl );
|
465 |
-
|
466 |
-
$sOriginalMasterSiteUrl = $oOpts->getImportExportMasterImportUrl();
|
467 |
-
$bHadMasterSiteUrl = $oOpts->hasImportExportMasterImportUrl();
|
468 |
-
$bCheckKeyFormat = !$bHadMasterSiteUrl;
|
469 |
-
$sSecretKey = preg_replace( '#[^0-9a-z]#i', '', $sSecretKey );
|
470 |
-
|
471 |
-
if ( $bCheckKeyFormat && empty( $sSecretKey ) ) {
|
472 |
-
$nErrorCode = 1;
|
473 |
-
}
|
474 |
-
elseif ( $bCheckKeyFormat && strlen( $sSecretKey ) != 40 ) {
|
475 |
-
$nErrorCode = 2;
|
476 |
-
}
|
477 |
-
elseif ( $bCheckKeyFormat && preg_match( '#[^0-9a-z]#i', $sSecretKey ) ) {
|
478 |
-
$nErrorCode = 3; //unused
|
479 |
-
}
|
480 |
-
elseif ( empty( $aParts ) ) {
|
481 |
-
$nErrorCode = 4;
|
482 |
-
}
|
483 |
-
elseif ( $oDP->validateSimpleHttpUrl( $sMasterSiteUrl ) === false ) {
|
484 |
-
$nErrorCode = 4; // a final check
|
485 |
-
}
|
486 |
-
else {
|
487 |
-
$bReady = true;
|
488 |
-
$aEssential = [ 'scheme', 'host' ];
|
489 |
-
foreach ( $aEssential as $sKey ) {
|
490 |
-
$bReady = $bReady && !empty( $aParts[ $sKey ] );
|
491 |
-
}
|
492 |
-
|
493 |
-
$sMasterSiteUrl = $oDP->validateSimpleHttpUrl( $sMasterSiteUrl ); // final clean
|
494 |
-
|
495 |
-
if ( !$bReady || !$sMasterSiteUrl ) {
|
496 |
-
$nErrorCode = 4;
|
497 |
-
}
|
498 |
-
else {
|
499 |
-
$oMod->startImportExportHandshake();
|
500 |
-
|
501 |
-
$aData = [
|
502 |
-
'shield_action' => 'importexport_export',
|
503 |
-
'secret' => $sSecretKey,
|
504 |
-
'url' => Services::WpGeneral()->getHomeUrl()
|
505 |
-
];
|
506 |
-
// Don't send the network setup request if it's the cron.
|
507 |
-
if ( !is_null( $bEnableNetwork ) && !Services::WpGeneral()->isCron() ) {
|
508 |
-
$aData[ 'network' ] = $bEnableNetwork ? 'Y' : 'N';
|
509 |
-
}
|
510 |
-
|
511 |
-
$sFinalUrl = add_query_arg( $aData, $sMasterSiteUrl );
|
512 |
-
$sResponse = Services::HttpRequest()->getContent( $sFinalUrl );
|
513 |
-
$aParts = @json_decode( $sResponse, true );
|
514 |
-
|
515 |
-
if ( empty( $aParts ) ) {
|
516 |
-
$nErrorCode = 5;
|
517 |
-
}
|
518 |
-
elseif ( !isset( $aParts[ 'success' ] ) || !$aParts[ 'success' ] ) {
|
519 |
-
|
520 |
-
if ( empty ( $aParts[ 'message' ] ) ) {
|
521 |
-
$nErrorCode = 6;
|
522 |
-
}
|
523 |
-
else {
|
524 |
-
$nErrorCode = 7;
|
525 |
-
$sSiteResponse = $aParts[ 'message' ]; // This is crap because we can't use Response objects
|
526 |
-
}
|
527 |
-
}
|
528 |
-
elseif ( empty( $aParts[ 'data' ] ) || !is_array( $aParts[ 'data' ] ) ) {
|
529 |
-
$nErrorCode = 8;
|
530 |
-
}
|
531 |
-
else {
|
532 |
-
$this->processDataImport( $aParts[ 'data' ], $sMasterSiteUrl );
|
533 |
-
|
534 |
-
// Fix for the overwriting of the Master Site URL with an empty string.
|
535 |
-
// Only do so if we're not turning it off. i.e on or no-change
|
536 |
-
if ( is_null( $bEnableNetwork ) ) {
|
537 |
-
if ( $bHadMasterSiteUrl && !$oOpts->hasImportExportMasterImportUrl() ) {
|
538 |
-
$oMod->setImportExportMasterImportUrl( $sOriginalMasterSiteUrl );
|
539 |
-
}
|
540 |
-
}
|
541 |
-
elseif ( $bEnableNetwork === true ) {
|
542 |
-
$oMod->setImportExportMasterImportUrl( $sMasterSiteUrl );
|
543 |
-
$this->getCon()->fireEvent(
|
544 |
-
'master_url_set',
|
545 |
-
[ 'audit' => [ 'site' => $sMasterSiteUrl ] ]
|
546 |
-
);
|
547 |
-
}
|
548 |
-
elseif ( $bEnableNetwork === false ) {
|
549 |
-
$oMod->setImportExportMasterImportUrl( '' );
|
550 |
-
}
|
551 |
-
|
552 |
-
$nErrorCode = 0;
|
553 |
-
}
|
554 |
-
}
|
555 |
-
}
|
556 |
-
|
557 |
-
return $nErrorCode;
|
558 |
-
}
|
559 |
-
|
560 |
-
/**
|
561 |
-
* @param array $aImportData
|
562 |
-
* @param string $sImportSource
|
563 |
-
* @return bool
|
564 |
-
*/
|
565 |
-
private function processDataImport( $aImportData, $sImportSource = 'unspecified' ) {
|
566 |
-
/** @var ICWP_WPSF_FeatureHandler_Plugin $oFO */
|
567 |
-
$oFO = $this->getMod();
|
568 |
-
$bImported = false;
|
569 |
-
if ( md5( serialize( $aImportData ) ) != $oFO->getImportExportLastImportHash() ) {
|
570 |
-
do_action( $oFO->prefix( 'import_options' ), $aImportData );
|
571 |
-
$oFO->setImportExportLastImportHash( md5( serialize( $aImportData ) ) );
|
572 |
-
$this->getCon()->fireEvent(
|
573 |
-
'options_imported',
|
574 |
-
[ 'audit' => [ 'site' => $sImportSource ] ]
|
575 |
-
);
|
576 |
-
}
|
577 |
-
return $bImported;
|
578 |
-
}
|
579 |
-
|
580 |
-
/**
|
581 |
-
* Cron callback
|
582 |
-
*/
|
583 |
-
public function runDailyCron() {
|
584 |
-
/** @var Plugin\Options $oOpts */
|
585 |
-
$oOpts = $this->getOptions();
|
586 |
-
$this->runImport( $oOpts->getImportExportMasterImportUrl() );
|
587 |
-
}
|
588 |
}
|
1 |
<?php
|
2 |
|
3 |
use FernleafSystems\Wordpress\Plugin\Shield;
|
|
|
|
|
4 |
|
5 |
+
/**
|
6 |
+
* Class ICWP_WPSF_Processor_Plugin_ImportExport
|
7 |
+
* @deprecated 9.0
|
8 |
+
*/
|
9 |
class ICWP_WPSF_Processor_Plugin_ImportExport extends Shield\Modules\BaseShield\ShieldProcessor {
|
10 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
11 |
}
|
src/processors/traffic_logger.php
DELETED
@@ -1,45 +0,0 @@
|
|
1 |
-
<?php
|
2 |
-
|
3 |
-
use FernleafSystems\Wordpress\Plugin\Shield\Modules\BaseShield\ShieldProcessor;
|
4 |
-
|
5 |
-
/**
|
6 |
-
* Class ICWP_WPSF_Processor_TrafficLogger
|
7 |
-
* @deprecated 8.7.0
|
8 |
-
*/
|
9 |
-
class ICWP_WPSF_Processor_TrafficLogger extends ShieldProcessor {
|
10 |
-
|
11 |
-
public function onModuleShutdown() {
|
12 |
-
parent::onModuleShutdown();
|
13 |
-
}
|
14 |
-
|
15 |
-
/**
|
16 |
-
* @return bool
|
17 |
-
*/
|
18 |
-
protected function getIfLogRequest() {
|
19 |
-
return false;
|
20 |
-
}
|
21 |
-
|
22 |
-
/**
|
23 |
-
* @return bool
|
24 |
-
*/
|
25 |
-
protected function isCustomExcluded() {
|
26 |
-
return true;
|
27 |
-
}
|
28 |
-
|
29 |
-
/**
|
30 |
-
* @return bool
|
31 |
-
*/
|
32 |
-
protected function isServiceIp_Search() {
|
33 |
-
return false;
|
34 |
-
}
|
35 |
-
|
36 |
-
/**
|
37 |
-
* @return bool
|
38 |
-
*/
|
39 |
-
protected function isServiceIp_Uptime() {
|
40 |
-
return false;
|
41 |
-
}
|
42 |
-
|
43 |
-
protected function logTraffic() {
|
44 |
-
}
|
45 |
-
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
src/processors/usermanagement_sessions.php
CHANGED
@@ -94,8 +94,12 @@ class ICWP_WPSF_Processor_UserManagement_Sessions extends Modules\BaseShield\Shi
|
|
94 |
}
|
95 |
|
96 |
$oIP = Services::IP();
|
97 |
-
if ( $oOpts->isLockToIp() &&
|
98 |
-
|
|
|
|
|
|
|
|
|
99 |
}
|
100 |
// TODO: 'session_browserlock';
|
101 |
}
|
94 |
}
|
95 |
|
96 |
$oIP = Services::IP();
|
97 |
+
if ( $oOpts->isLockToIp() && $oIP->getRequestIp() != $oSess->ip ) {
|
98 |
+
// We force-refresh the server IPs just to be sure.
|
99 |
+
Services::IP()->getServerPublicIPs( true );
|
100 |
+
if ( !$oIP->isLoopback() ) {
|
101 |
+
throw new \Exception( 'session_iplock' );
|
102 |
+
}
|
103 |
}
|
104 |
// TODO: 'session_browserlock';
|
105 |
}
|
src/processors/usermanagement_suspend.php
CHANGED
@@ -71,8 +71,8 @@ class ICWP_WPSF_Processor_UserManagement_Suspend extends Modules\BaseShield\Shie
|
|
71 |
* Sets-up all the UI filters necessary to provide manual user suspension and filter the User Tables
|
72 |
*/
|
73 |
private function setupUserFilters() {
|
74 |
-
/** @var \
|
75 |
-
$
|
76 |
|
77 |
// User profile UI
|
78 |
add_filter( 'edit_user_profile', [ $this, 'addUserBlockOption' ], 1, 1 );
|
@@ -82,7 +82,7 @@ class ICWP_WPSF_Processor_UserManagement_Suspend extends Modules\BaseShield\Shie
|
|
82 |
add_filter( 'manage_users_columns', [ $this, 'addUserListSuspendedFlag' ] );
|
83 |
|
84 |
// Provide Suspended user filter above table
|
85 |
-
$aUserIds = array_keys( $
|
86 |
if ( !empty( $aUserIds ) ) {
|
87 |
// Provide the link above the table.
|
88 |
add_filter( 'views_users', function ( $aViews ) use ( $aUserIds ) {
|
@@ -124,7 +124,7 @@ class ICWP_WPSF_Processor_UserManagement_Suspend extends Modules\BaseShield\Shie
|
|
124 |
$sNewContent = sprintf( '%s: %s',
|
125 |
__( 'Suspended', 'wp-simple-firewall' ),
|
126 |
Services::Request()
|
127 |
-
->carbon()
|
128 |
->setTimestamp( $oMeta->hard_suspended_at )
|
129 |
->diffForHumans()
|
130 |
);
|
@@ -155,8 +155,8 @@ class ICWP_WPSF_Processor_UserManagement_Suspend extends Modules\BaseShield\Shie
|
|
155 |
'label' => __( 'Check to un/suspend user account', 'wp-simple-firewall' ),
|
156 |
'description' => __( 'The user can never login while their account is suspended.', 'wp-simple-firewall' ),
|
157 |
'cant_manage' => __( 'Sorry, suspension for this account may only be managed by a security administrator.', 'wp-simple-firewall' ),
|
158 |
-
'since' => sprintf( '%s: %s', __( 'Suspended', 'wp-simple-firewall' ),
|
159 |
-
|
160 |
],
|
161 |
'flags' => [
|
162 |
'can_manage_suspension' => !$oWpUsers->isUserAdmin( $oUser ) || $oCon->isPluginAdmin(),
|
@@ -180,7 +180,7 @@ class ICWP_WPSF_Processor_UserManagement_Suspend extends Modules\BaseShield\Shie
|
|
180 |
|
181 |
if ( !$oWpUsers->isUserAdmin( $oEditedUser ) || $oCon->isPluginAdmin() ) {
|
182 |
$bIsSuspend = Services::Request()->post( 'shield_suspend_user' ) === 'Y';
|
183 |
-
/** @var ICWP_WPSF_FeatureHandler_UserManagement $oMod */
|
184 |
$oMod = $this->getMod();
|
185 |
$oMod->addRemoveHardSuspendUserId( $nUserId, $bIsSuspend );
|
186 |
|
71 |
* Sets-up all the UI filters necessary to provide manual user suspension and filter the User Tables
|
72 |
*/
|
73 |
private function setupUserFilters() {
|
74 |
+
/** @var UserManagement\Options $oOpts */
|
75 |
+
$oOpts = $this->getOptions();
|
76 |
|
77 |
// User profile UI
|
78 |
add_filter( 'edit_user_profile', [ $this, 'addUserBlockOption' ], 1, 1 );
|
82 |
add_filter( 'manage_users_columns', [ $this, 'addUserListSuspendedFlag' ] );
|
83 |
|
84 |
// Provide Suspended user filter above table
|
85 |
+
$aUserIds = array_keys( $oOpts->getSuspendHardUserIds() );
|
86 |
if ( !empty( $aUserIds ) ) {
|
87 |
// Provide the link above the table.
|
88 |
add_filter( 'views_users', function ( $aViews ) use ( $aUserIds ) {
|
124 |
$sNewContent = sprintf( '%s: %s',
|
125 |
__( 'Suspended', 'wp-simple-firewall' ),
|
126 |
Services::Request()
|
127 |
+
->carbon( true )
|
128 |
->setTimestamp( $oMeta->hard_suspended_at )
|
129 |
->diffForHumans()
|
130 |
);
|
155 |
'label' => __( 'Check to un/suspend user account', 'wp-simple-firewall' ),
|
156 |
'description' => __( 'The user can never login while their account is suspended.', 'wp-simple-firewall' ),
|
157 |
'cant_manage' => __( 'Sorry, suspension for this account may only be managed by a security administrator.', 'wp-simple-firewall' ),
|
158 |
+
'since' => sprintf( '%s: %s', __( 'Suspended', 'wp-simple-firewall' ),
|
159 |
+
Services::WpGeneral()->getTimeStringForDisplay( $oMeta->hard_suspended_at ) ),
|
160 |
],
|
161 |
'flags' => [
|
162 |
'can_manage_suspension' => !$oWpUsers->isUserAdmin( $oUser ) || $oCon->isPluginAdmin(),
|
180 |
|
181 |
if ( !$oWpUsers->isUserAdmin( $oEditedUser ) || $oCon->isPluginAdmin() ) {
|
182 |
$bIsSuspend = Services::Request()->post( 'shield_suspend_user' ) === 'Y';
|
183 |
+
/** @var \ICWP_WPSF_FeatureHandler_UserManagement $oMod */
|
184 |
$oMod = $this->getMod();
|
185 |
$oMod->addRemoveHardSuspendUserId( $nUserId, $bIsSuspend );
|
186 |
|
src/wizards/base.php
CHANGED
@@ -7,7 +7,7 @@ use FernleafSystems\Wordpress\Services\Services;
|
|
7 |
* @uses php 5.4+
|
8 |
* Class ICWP_WPSF_Wizard_Base
|
9 |
*/
|
10 |
-
abstract class ICWP_WPSF_Wizard_Base
|
11 |
|
12 |
use Shield\Modules\ModConsumer;
|
13 |
|
7 |
* @uses php 5.4+
|
8 |
* Class ICWP_WPSF_Wizard_Base
|
9 |
*/
|
10 |
+
abstract class ICWP_WPSF_Wizard_Base {
|
11 |
|
12 |
use Shield\Modules\ModConsumer;
|
13 |
|
src/wizards/plugin.php
CHANGED
@@ -155,13 +155,14 @@ class ICWP_WPSF_Wizard_Plugin extends ICWP_WPSF_Wizard_BaseWpsf {
|
|
155 |
$aStepsSlugs[] = 'ips';
|
156 |
}
|
157 |
|
158 |
-
|
159 |
-
|
160 |
-
|
|
|
161 |
$aStepsSlugs[] = 'login_protect';
|
162 |
}
|
163 |
|
164 |
-
/** @var ICWP_WPSF_FeatureHandler_CommentsFilter $oModule */
|
165 |
$oModule = $oConn->getModule( 'comments_filter' );
|
166 |
if ( !( $oModule->isModuleEnabled() && $oModule->isEnabledGaspCheck() ) ) {
|
167 |
$aStepsSlugs[] = 'comments_filter';
|
@@ -397,18 +398,15 @@ class ICWP_WPSF_Wizard_Plugin extends ICWP_WPSF_Wizard_BaseWpsf {
|
|
397 |
* @return \FernleafSystems\Utilities\Response
|
398 |
*/
|
399 |
private function wizardImportOptions() {
|
400 |
-
/** @var ICWP_WPSF_FeatureHandler_Plugin $oFO */
|
401 |
-
$oFO = $this->getMod();
|
402 |
$oREq = Services::Request();
|
403 |
|
404 |
$sMasterSiteUrl = $oREq->post( 'MasterSiteUrl' );
|
405 |
$sSecretKey = $oREq->post( 'MasterSiteSecretKey' );
|
406 |
$bEnabledNetwork = $oREq->post( 'ShieldNetworkCheck' ) === 'Y';
|
407 |
|
408 |
-
|
409 |
-
|
410 |
-
|
411 |
-
->runImport( $sMasterSiteUrl, $sSecretKey, $bEnabledNetwork, $sSiteResponse );
|
412 |
|
413 |
$aErrors = [
|
414 |
__( 'Options imported successfully to your site.', 'wp-simple-firewall' ), // success
|
@@ -534,6 +532,9 @@ class ICWP_WPSF_Wizard_Plugin extends ICWP_WPSF_Wizard_BaseWpsf {
|
|
534 |
* @return \FernleafSystems\Utilities\Response
|
535 |
*/
|
536 |
private function wizardLoginProtect() {
|
|
|
|
|
|
|
537 |
|
538 |
$sInput = Services::Request()->post( 'LoginProtectOption' );
|
539 |
$bSuccess = false;
|
@@ -542,14 +543,13 @@ class ICWP_WPSF_Wizard_Plugin extends ICWP_WPSF_Wizard_BaseWpsf {
|
|
542 |
if ( !empty( $sInput ) ) {
|
543 |
$bEnabled = $sInput === 'Y';
|
544 |
|
545 |
-
$oMod = $this->getCon()->getModule_LoginGuard();
|
546 |
if ( $bEnabled ) { // we don't disable the whole module
|
547 |
$oMod->setIsMainFeatureEnabled( true );
|
548 |
}
|
549 |
$oMod->setEnabledGaspCheck( $bEnabled );
|
550 |
$oMod->saveModOptions();
|
551 |
|
552 |
-
$bSuccess = $
|
553 |
if ( $bSuccess ) {
|
554 |
$sMessage = sprintf( '%s has been %s.', __( 'Login Guard', 'wp-simple-firewall' ),
|
555 |
$bEnabled ? __( 'Enabled', 'wp-simple-firewall' ) : __( 'Disabled', 'wp-simple-firewall' )
|
@@ -583,7 +583,7 @@ class ICWP_WPSF_Wizard_Plugin extends ICWP_WPSF_Wizard_BaseWpsf {
|
|
583 |
|
584 |
if ( !empty( $sInput ) ) {
|
585 |
$bEnabled = $sInput === 'Y';
|
586 |
-
$oMod->setIsDisplayPluginBadge( $bEnabled );
|
587 |
$bSuccess = true;
|
588 |
$sMessage = __( 'Preferences have been saved.', 'wp-simple-firewall' );
|
589 |
}
|
155 |
$aStepsSlugs[] = 'ips';
|
156 |
}
|
157 |
|
158 |
+
$oModule = $oConn->getModule_LoginGuard();
|
159 |
+
/** @var \FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Options $oOpts */
|
160 |
+
$oOpts = $oModule->getOptions();
|
161 |
+
if ( !( $oModule->isModuleEnabled() && $oOpts->isEnabledGaspCheck() ) ) {
|
162 |
$aStepsSlugs[] = 'login_protect';
|
163 |
}
|
164 |
|
165 |
+
/** @var \ICWP_WPSF_FeatureHandler_CommentsFilter $oModule */
|
166 |
$oModule = $oConn->getModule( 'comments_filter' );
|
167 |
if ( !( $oModule->isModuleEnabled() && $oModule->isEnabledGaspCheck() ) ) {
|
168 |
$aStepsSlugs[] = 'comments_filter';
|
398 |
* @return \FernleafSystems\Utilities\Response
|
399 |
*/
|
400 |
private function wizardImportOptions() {
|
|
|
|
|
401 |
$oREq = Services::Request();
|
402 |
|
403 |
$sMasterSiteUrl = $oREq->post( 'MasterSiteUrl' );
|
404 |
$sSecretKey = $oREq->post( 'MasterSiteSecretKey' );
|
405 |
$bEnabledNetwork = $oREq->post( 'ShieldNetworkCheck' ) === 'Y';
|
406 |
|
407 |
+
$nCode = ( new Plugin\Lib\ImportExport\Import() )
|
408 |
+
->setMod( $this->getMod() )
|
409 |
+
->fromSite( $sMasterSiteUrl, $sSecretKey, $bEnabledNetwork, $sSiteResponse );
|
|
|
410 |
|
411 |
$aErrors = [
|
412 |
__( 'Options imported successfully to your site.', 'wp-simple-firewall' ), // success
|
532 |
* @return \FernleafSystems\Utilities\Response
|
533 |
*/
|
534 |
private function wizardLoginProtect() {
|
535 |
+
$oMod = $this->getCon()->getModule_LoginGuard();
|
536 |
+
/** @var \FernleafSystems\Wordpress\Plugin\Shield\Modules\LoginGuard\Options $oOpts */
|
537 |
+
$oOpts = $oMod->getOptions();
|
538 |
|
539 |
$sInput = Services::Request()->post( 'LoginProtectOption' );
|
540 |
$bSuccess = false;
|
543 |
if ( !empty( $sInput ) ) {
|
544 |
$bEnabled = $sInput === 'Y';
|
545 |
|
|
|
546 |
if ( $bEnabled ) { // we don't disable the whole module
|
547 |
$oMod->setIsMainFeatureEnabled( true );
|
548 |
}
|
549 |
$oMod->setEnabledGaspCheck( $bEnabled );
|
550 |
$oMod->saveModOptions();
|
551 |
|
552 |
+
$bSuccess = $oOpts->isEnabledGaspCheck() === $bEnabled;
|
553 |
if ( $bSuccess ) {
|
554 |
$sMessage = sprintf( '%s has been %s.', __( 'Login Guard', 'wp-simple-firewall' ),
|
555 |
$bEnabled ? __( 'Enabled', 'wp-simple-firewall' ) : __( 'Disabled', 'wp-simple-firewall' )
|
583 |
|
584 |
if ( !empty( $sInput ) ) {
|
585 |
$bEnabled = $sInput === 'Y';
|
586 |
+
$oMod->getPluginBadgeCon()->setIsDisplayPluginBadge( $bEnabled );
|
587 |
$bSuccess = true;
|
588 |
$sMessage = __( 'Preferences have been saved.', 'wp-simple-firewall' );
|
589 |
}
|
templates/php/snippets/google_recaptcha_js.php
CHANGED
@@ -47,6 +47,13 @@
|
|
47 |
for ( var i = 0; i < document.forms.length; i++ ) {
|
48 |
this.setupForm( document.forms[ i ] );
|
49 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
50 |
}
|
51 |
};
|
52 |
}();
|
47 |
for ( var i = 0; i < document.forms.length; i++ ) {
|
48 |
this.setupForm( document.forms[ i ] );
|
49 |
}
|
50 |
+
/**
|
51 |
+
* For some crazy reason invisible recaptcha badge attaches to div with this class.
|
52 |
+
* Fortunately removing the class at this stage doesn't interrupt normal behaviour.
|
53 |
+
*/
|
54 |
+
if ( bInvisible ) {
|
55 |
+
document.querySelector( 'form' ).classList.remove( 'shake' );
|
56 |
+
}
|
57 |
}
|
58 |
};
|
59 |
}();
|
templates/twig/components/options_form/main.twig
CHANGED
@@ -76,7 +76,7 @@
|
|
76 |
</div>
|
77 |
{% endfor %}
|
78 |
</div>
|
79 |
-
<div class="container-fluid form-actions" id="OptionsFormActions">
|
80 |
<div class="row">
|
81 |
<div class="col">
|
82 |
<button type="submit" class="btn btn-primary btn-lg icwp-form-button"
|
76 |
</div>
|
77 |
{% endfor %}
|
78 |
</div>
|
79 |
+
<div class="container-fluid footer-form-actions" id="OptionsFormActions">
|
80 |
<div class="row">
|
81 |
<div class="col">
|
82 |
<button type="submit" class="btn btn-primary btn-lg icwp-form-button"
|
templates/twig/components/options_form/option.twig
CHANGED
@@ -25,21 +25,18 @@
|
|
25 |
<div class="col-4">
|
26 |
|
27 |
{% if aOption.type is sameas('checkbox') %}
|
28 |
-
<div class="
|
29 |
-
<
|
30 |
-
|
31 |
-
|
32 |
-
|
33 |
-
|
34 |
-
|
35 |
-
|
36 |
-
|
37 |
-
|
38 |
-
|
39 |
-
<div>
|
40 |
-
<label class="form-check-label"
|
41 |
for="Opt-{{ aOption.key }}">{{ aOption.summary }}</label>
|
42 |
-
</div>
|
43 |
</div>
|
44 |
|
45 |
{% elseif aOption.type is sameas('text') %}
|
@@ -80,39 +77,48 @@
|
|
80 |
|
81 |
{% elseif aOption.type is sameas('select') %}
|
82 |
|
83 |
-
|
84 |
-
|
85 |
-
id="Opt-{{ aOption.key }}"
|
86 |
-
|
87 |
-
|
88 |
-
|
89 |
-
{
|
90 |
-
|
91 |
-
|
92 |
-
|
93 |
-
|
94 |
-
|
95 |
-
|
96 |
-
|
|
|
|
|
|
|
|
|
97 |
|
98 |
{% elseif aOption.type is sameas('multiple_select') %}
|
99 |
|
100 |
-
|
101 |
-
|
102 |
-
|
103 |
-
|
104 |
-
|
105 |
-
|
106 |
-
|
107 |
-
<option value="{{ option_value }}"
|
108 |
{% if option_value in aOption.value %}
|
109 |
-
|
110 |
{% endif %}
|
111 |
-
|
112 |
-
|
113 |
-
|
114 |
-
|
115 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
116 |
|
117 |
{% elseif aOption.type is sameas('array') %}
|
118 |
|
@@ -158,20 +164,42 @@
|
|
158 |
{% endif %}
|
159 |
</div>
|
160 |
|
161 |
-
<div class="col">
|
162 |
-
<div
|
163 |
-
{{ aOption.description|raw }}
|
164 |
-
|
165 |
<div class="mt-3 text-left text-nowrap">
|
|
|
166 |
<a href="{{ aOption.link_info }}" target="_blank"
|
167 |
title="{{ strings.opt_info_helpdesk }}">{{ strings.more_info }}</a>
|
168 |
-
|
169 |
<span class="m-1">|</span>
|
170 |
-
|
171 |
-
|
172 |
{% endif %}
|
173 |
-
|
174 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
175 |
</div>
|
176 |
</div>
|
177 |
</div>
|
25 |
<div class="col-4">
|
26 |
|
27 |
{% if aOption.type is sameas('checkbox') %}
|
28 |
+
<div class="custom-control custom-switch option-checkbox">
|
29 |
+
<input type="checkbox"
|
30 |
+
class="custom-control-input"
|
31 |
+
id="Opt-{{ aOption.key }}"
|
32 |
+
name="{{ aOption.key }}"
|
33 |
+
{% if aOption.disabled %}disabled="disabled"{% endif %}
|
34 |
+
aria-labelledby="Label-{{ aOption.key }}"
|
35 |
+
value="Y"
|
36 |
+
{{ ( aOption.value is sameas('Y') ) ? 'checked="checked"' : '' }}
|
37 |
+
/>
|
38 |
+
<label class="custom-control-label"
|
|
|
|
|
39 |
for="Opt-{{ aOption.key }}">{{ aOption.summary }}</label>
|
|
|
40 |
</div>
|
41 |
|
42 |
{% elseif aOption.type is sameas('text') %}
|
77 |
|
78 |
{% elseif aOption.type is sameas('select') %}
|
79 |
|
80 |
+
{% for option_value, option_value_name in aOption.value_options %}
|
81 |
+
<div class="custom-control custom-radio">
|
82 |
+
<input type="radio" id="Opt-{{ aOption.key }}_{{ option_value }}"
|
83 |
+
name="{{ aOption.key }}"
|
84 |
+
value="{{ option_value }}"
|
85 |
+
{% if aOption.disabled %}disabled="disabled"{% endif %}
|
86 |
+
{# this type of comparison required for comment spam as value is 0 or '0' #}
|
87 |
+
{% if aOption.value matches "'^"~option_value~"$'" %}checked="checked"{% endif %}
|
88 |
+
class="custom-control-input">
|
89 |
+
<label class="custom-control-label"
|
90 |
+
for="Opt-{{ aOption.key }}_{{ option_value }}">
|
91 |
+
{% if aOption.value matches "'^"~option_value~"$'" %}
|
92 |
+
<strong>{{ option_value_name }}</strong>
|
93 |
+
{% else %}
|
94 |
+
{{ option_value_name }}
|
95 |
+
{% endif %}</label>
|
96 |
+
</div>
|
97 |
+
{% endfor %}
|
98 |
|
99 |
{% elseif aOption.type is sameas('multiple_select') %}
|
100 |
|
101 |
+
{% for option_value, option_value_name in aOption.value_options %}
|
102 |
+
<div class="custom-control custom-checkbox">
|
103 |
+
<input type="checkbox"
|
104 |
+
class="custom-control-input"
|
105 |
+
id="Opt-{{ aOption.key }}_{{ option_value }}"
|
106 |
+
name="{{ aOption.key }}[]"
|
107 |
+
value="{{ option_value }}"
|
|
|
108 |
{% if option_value in aOption.value %}
|
109 |
+
checked="checked"
|
110 |
{% endif %}
|
111 |
+
{% if aOption.disabled %}disabled="disabled"{% endif %}
|
112 |
+
/>
|
113 |
+
<label class="custom-control-label"
|
114 |
+
for="Opt-{{ aOption.key }}_{{ option_value }}">
|
115 |
+
{% if option_value in aOption.value %}
|
116 |
+
<strong>{{ option_value_name }}</strong>
|
117 |
+
{% else %}
|
118 |
+
{{ option_value_name }}
|
119 |
+
{% endif %}</label>
|
120 |
+
</div>
|
121 |
+
{% endfor %}
|
122 |
|
123 |
{% elseif aOption.type is sameas('array') %}
|
124 |
|
164 |
{% endif %}
|
165 |
</div>
|
166 |
|
167 |
+
<div class="col option-description">
|
168 |
+
<div id="Description{{ aOption.key }}">
|
169 |
+
<div>{{ aOption.description|raw }}</div>
|
170 |
+
|
171 |
<div class="mt-3 text-left text-nowrap">
|
172 |
+
{% if aOption.link_info %}
|
173 |
<a href="{{ aOption.link_info }}" target="_blank"
|
174 |
title="{{ strings.opt_info_helpdesk }}">{{ strings.more_info }}</a>
|
175 |
+
{% if aOption.link_blog %}
|
176 |
<span class="m-1">|</span>
|
177 |
+
<a href="{{ aOption.link_blog }}" target="_blank"
|
178 |
+
title="{{ strings.opt_info_blog }}">{{ strings.blog }}</a>
|
179 |
{% endif %}
|
180 |
+
{% endif %}
|
181 |
+
|
182 |
+
{% if flags.show_transfer_switch %}
|
183 |
+
{% if attribute(data.xferable_opts, aOption.key) is not same as(false) %}
|
184 |
+
<span class="custom-control custom-switch float-right importexport-checkbox"
|
185 |
+
title="{{ strings.is_opt_importexport }}" data-toggle="tooltip"
|
186 |
+
>
|
187 |
+
<input type="checkbox"
|
188 |
+
class="custom-control-input optxfer-exclude"
|
189 |
+
id="optxfer-{{ aOption.key }}"
|
190 |
+
name="optxfer-{{ aOption.key }}"
|
191 |
+
aria-labelledby="Label-{{ aOption.key }}"
|
192 |
+
value="Y"
|
193 |
+
{{ ( attribute(data.xferable_opts, aOption.key) is same as('Y') ) ? 'checked="checked"' : '' }}
|
194 |
+
/>
|
195 |
+
<label class="custom-control-label"
|
196 |
+
for="optxfer-{{ aOption.key }}"> </label>
|
197 |
+
</span>
|
198 |
+
{% endif %}
|
199 |
+
{% endif %}
|
200 |
+
<div class="clearfix"></div>
|
201 |
+
</div>
|
202 |
+
|
203 |
</div>
|
204 |
</div>
|
205 |
</div>
|
templates/twig/components/reports/alert_body.twig
ADDED
@@ -0,0 +1,5 @@
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<h2>{{ strings.title }}</h2>
|
2 |
+
<p>{{ strings.subtitle }}</p>
|
3 |
+
{% for alert in vars.alerts %}
|
4 |
+
<div>{{ alert|raw }}</div>
|
5 |
+
{% endfor %}
|
templates/twig/components/reports/info_body.twig
ADDED
@@ -0,0 +1,6 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<h2>{{ strings.title }}</h2>
|
2 |
+
<p>{{ strings.subtitle }}</p>
|
3 |
+
<p>{{ strings.reporting_period }}: <strong>{{ strings.time_interval }}</strong></p>
|
4 |
+
{% for alert in vars.alerts %}
|
5 |
+
<div>{{ alert|raw }}</div>
|
6 |
+
{% endfor %}
|
templates/twig/components/reports/mod/events/alert_scanrepairs.twig
ADDED
@@ -0,0 +1,8 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<div style="padding-left: 10px;">
|
2 |
+
<h3>{{ strings.title }}</h3>
|
3 |
+
<ul>
|
4 |
+
{% for event_data in vars.counts %}
|
5 |
+
<li>{{ event_data.name }}: {{ event_data.count }}</li>
|
6 |
+
{% endfor %}
|
7 |
+
</ul>
|
8 |
+
</div>
|
templates/twig/components/reports/mod/events/info_keystats.twig
ADDED
@@ -0,0 +1,8 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<div style="padding-left: 10px;">
|
2 |
+
<h3>{{ strings.title }}</h3>
|
3 |
+
<ul>
|
4 |
+
{% for event_data in vars.counts %}
|
5 |
+
<li>{{ event_data.name }}: {{ event_data.count }}</li>
|
6 |
+
{% endfor %}
|
7 |
+
</ul>
|
8 |
+
</div>
|
templates/twig/components/reports/mod/hack_protect/alert_filelocker.twig
ADDED
@@ -0,0 +1,10 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<div style="padding-left: 10px;">
|
2 |
+
<h3>{{ strings.title }}</h3>
|
3 |
+
<p>{{ strings.file_changed }}</p>
|
4 |
+
<ul>
|
5 |
+
<li>{{ strings.total_files }}</li>
|
6 |
+
</ul>
|
7 |
+
<p><a href="{{ hrefs.view_results }}"
|
8 |
+
style="margin:8px 4px 10px;font-size:14px;color:#008000;"
|
9 |
+
target="_blank">{{ strings.view_results }}</a></p>
|
10 |
+
</div>
|
templates/twig/components/reports/mod/hack_protect/alert_scanresults.twig
ADDED
@@ -0,0 +1,12 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<div style="padding-left: 10px;">
|
2 |
+
<h3>{{ strings.title }}</h3>
|
3 |
+
<ul>
|
4 |
+
{% for scan_slug,scan_data in vars.scan_counts %}
|
5 |
+
<li>{{ scan_data.name }}: {{ scan_data.count }}</li>
|
6 |
+
{% endfor %}
|
7 |
+
</ul>
|
8 |
+
|
9 |
+
<p><a href="{{ hrefs.view_results }}"
|
10 |
+
style="margin:8px 4px 10px;font-size:14px;color:#008000;"
|
11 |
+
target="_blank">{{ strings.view_results }}</a></p>
|
12 |
+
</div>
|
templates/twig/notices/email-verification-sent.twig
CHANGED
@@ -45,7 +45,7 @@
|
|
45 |
}
|
46 |
iCWP_WPSF_Toaster.showMessage( sMessage, oResponse.success );
|
47 |
if ( oResponse.data.page_reload ) {
|
48 |
-
location.reload(
|
49 |
}
|
50 |
}
|
51 |
).always( function () {
|
45 |
}
|
46 |
iCWP_WPSF_Toaster.showMessage( sMessage, oResponse.success );
|
47 |
if ( oResponse.data.page_reload ) {
|
48 |
+
location.reload();
|
49 |
}
|
50 |
}
|
51 |
).always( function () {
|
templates/twig/notices/php7.twig
ADDED
@@ -0,0 +1,8 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
{% extends "/notices/base-error.twig" %}
|
2 |
+
|
3 |
+
{% block notice_body %}
|
4 |
+
{% for line in strings.lines %}
|
5 |
+
<p>{{ line }}</p>
|
6 |
+
{% endfor %}
|
7 |
+
<p><a href="{{ hrefs.read_more }}">{{ strings.read_more }}</a></p>
|
8 |
+
{% endblock %}
|
templates/twig/pages/base.twig
CHANGED
@@ -1,6 +1,8 @@
|
|
1 |
-
|
|
|
2 |
<head>
|
3 |
<link rel="icon" type="image/png" href="{{ imgs.favicon }}" />
|
|
|
4 |
<meta name="viewport" content="width=device-width, initial-scale=1">
|
5 |
{% if not head.meta is empty %}
|
6 |
{% for metaEntry in head.meta %}
|
@@ -8,7 +10,7 @@
|
|
8 |
{% endfor %}
|
9 |
{% endif %}
|
10 |
|
11 |
-
|
12 |
|
13 |
{% block head_stylesheets %}
|
14 |
<link rel="stylesheet" href="{{ hrefs.css_bootstrap }}" />
|
@@ -36,22 +38,22 @@
|
|
36 |
{% endblock %}
|
37 |
|
38 |
{% block body_content %}
|
39 |
-
|
40 |
{% block body_content_header %}
|
41 |
<div class="row">
|
42 |
<div class="col-4 offset-4"></div>
|
43 |
</div>
|
44 |
{% endblock %}
|
45 |
-
|
46 |
-
|
47 |
<div class="col-4 offset-4"></div>
|
48 |
</div>
|
49 |
-
|
50 |
-
|
51 |
-
|
52 |
<div class="col-4 offset-4"></div>
|
53 |
</div>
|
54 |
-
|
55 |
</div>
|
56 |
{% endblock %}
|
57 |
|
1 |
+
<!DOCTYPE html>
|
2 |
+
<html{% for htmlattr, htmlattrval in head.html %} {{ htmlattr }}="{{ htmlattrval }}"{% endfor %}>
|
3 |
<head>
|
4 |
<link rel="icon" type="image/png" href="{{ imgs.favicon }}" />
|
5 |
+
<meta charset="UTF-8">
|
6 |
<meta name="viewport" content="width=device-width, initial-scale=1">
|
7 |
{% if not head.meta is empty %}
|
8 |
{% for metaEntry in head.meta %}
|
10 |
{% endfor %}
|
11 |
{% endif %}
|
12 |
|
13 |
+
<title>{{ strings.page_title }}</title>
|
14 |
|
15 |
{% block head_stylesheets %}
|
16 |
<link rel="stylesheet" href="{{ hrefs.css_bootstrap }}" />
|
38 |
{% endblock %}
|
39 |
|
40 |
{% block body_content %}
|
41 |
+
<div class="container-fluid">
|
42 |
{% block body_content_header %}
|
43 |
<div class="row">
|
44 |
<div class="col-4 offset-4"></div>
|
45 |
</div>
|
46 |
{% endblock %}
|
47 |
+
{% block body_content_main %}
|
48 |
+
<div class="row">
|
49 |
<div class="col-4 offset-4"></div>
|
50 |
</div>
|
51 |
+
{% endblock %}
|
52 |
+
{% block body_content_footer %}
|
53 |
+
<div class="row">
|
54 |
<div class="col-4 offset-4"></div>
|
55 |
</div>
|
56 |
+
{% endblock %}
|
57 |
</div>
|
58 |
{% endblock %}
|
59 |
|
templates/twig/snippets/anti_bot/gasp_js.twig
ADDED
@@ -0,0 +1,17 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<style>
|
2 |
+
.shield_gasp_placeholder {
|
3 |
+
clear: both;
|
4 |
+
border: 1px solid #dddddd;
|
5 |
+
padding: 6px 8px 4px 10px;
|
6 |
+
margin: 0 0 12px !important;
|
7 |
+
border-radius: 2px;
|
8 |
+
background-color: #f9f9f9;
|
9 |
+
}
|
10 |
+
.shield_gasp_placeholder input {
|
11 |
+
margin-right: 5px;
|
12 |
+
}
|
13 |
+
.shield_gasp_placeholder label {
|
14 |
+
display: block;
|
15 |
+
}
|
16 |
+
</style>
|
17 |
+
<p class="icwpImHuman_ shield_gasp_placeholder">{{ strings.loading }} …</p>
|
templates/twig/snippets/email/footer.twig
ADDED
@@ -0,0 +1,21 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<p>--</p>
|
2 |
+
{% if flags.is_pro %}
|
3 |
+
{% if not flags.is_whitelabelled %}
|
4 |
+
<p>Thank you for choosing Shield Security PRO.</p>
|
5 |
+
{% endif %}
|
6 |
+
{% else %}
|
7 |
+
<div style="background-color: #f9f9f9; padding: 1px 14px 4px;display: inline-block;border: 1px solid #ddd;">
|
8 |
+
<p>Thank you for choosing Shield Security (Free).</p>
|
9 |
+
<h5>Upgrade To <strong>Shield</strong>PRO today and these are just some of the added benefits you'll get:</h5>
|
10 |
+
<ul>
|
11 |
+
{% for benefit in strings.benefits %}
|
12 |
+
<li>{{ benefit }}</li>
|
13 |
+
{% endfor %}
|
14 |
+
</ul>
|
15 |
+
<p>… <a href="{{ hrefs.much_more }}" target="_blank">{{ strings.much_more }}</a>!</p>
|
16 |
+
<p><a href="{{ hrefs.upgrade }}"
|
17 |
+
target="_blank"
|
18 |
+
style="border: 1px solid #070;display: inline-block;padding: 10px 20px;border-radius: 10px;color: #070;text-decoration: none;margin-left: 20px;font-weight: bolder;"
|
19 |
+
>{{ strings.upgrade|raw }}</a></p>
|
20 |
+
</div>
|
21 |
+
{% endif %}
|
templates/twig/snippets/js/widget_freshdesk.twig
ADDED
@@ -0,0 +1,17 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
{% if not vendors.widget_freshdesk|default('') is empty %}
|
2 |
+
<script>
|
3 |
+
window.fwSettings = {
|
4 |
+
'widget_id': {{ vendors.widget_freshdesk }}
|
5 |
+
};
|
6 |
+
!function () {
|
7 |
+
if ( "function" != typeof window.FreshworksWidget ) {
|
8 |
+
var n = function () {
|
9 |
+
n.q.push( arguments )
|
10 |
+
};
|
11 |
+
n.q = [], window.FreshworksWidget = n
|
12 |
+
}
|
13 |
+
}()
|
14 |
+
</script>
|
15 |
+
<script type="text/javascript" src="https://widget.freshworks.com/widgets/{{ vendors.widget_freshdesk }}.js"
|
16 |
+
async defer></script>
|
17 |
+
{% endif %}
|
templates/twig/snippets/user/profile/mfa/mfa_email.twig
CHANGED
@@ -1,9 +1,11 @@
|
|
1 |
<tr>
|
2 |
-
<th><label for="shield_enable_mfaemail"
|
|
|
|
|
3 |
<td>
|
4 |
<input type="checkbox" name="shield_enable_mfaemail" id="shield_enable_mfaemail" value="Y"
|
5 |
{% if flags.is_profile_active %}checked="checked"{% endif %}
|
6 |
-
{% if flags.is_enforced %}
|
7 |
/>
|
8 |
<p class="description">{{ strings.description_email_authentication_checkbox }}</p>
|
9 |
{% if flags.is_enforced %}
|
1 |
<tr>
|
2 |
+
<th><label for="shield_enable_mfaemail"
|
3 |
+
{% if flags.is_enforced %}style="pointer-events: none;"{% endif %}
|
4 |
+
>{{ strings.label_email_authentication }}</label></th>
|
5 |
<td>
|
6 |
<input type="checkbox" name="shield_enable_mfaemail" id="shield_enable_mfaemail" value="Y"
|
7 |
{% if flags.is_profile_active %}checked="checked"{% endif %}
|
8 |
+
{% if flags.is_enforced %}style="opacity:0.5;pointer-events: none;"{% endif %}
|
9 |
/>
|
10 |
<p class="description">{{ strings.description_email_authentication_checkbox }}</p>
|
11 |
{% if flags.is_enforced %}
|
templates/twig/snippets/user/profile/suspend.twig
CHANGED
@@ -1,6 +1,6 @@
|
|
1 |
<table class="form-table">
|
2 |
<tbody>
|
3 |
-
<tr id="
|
4 |
<th><label for="_shield_suspend_user">{{ strings.title }}</label></th>
|
5 |
{% if flags.can_manage_suspension %}
|
6 |
<td>
|
1 |
<table class="form-table">
|
2 |
<tbody>
|
3 |
+
<tr id="ShieldSuspend" class="shield-user-suspend-wrap">
|
4 |
<th><label for="_shield_suspend_user">{{ strings.title }}</label></th>
|
5 |
{% if flags.can_manage_suspension %}
|
6 |
<td>
|
templates/twig/wizard/slides/ufc/config.twig
CHANGED
@@ -13,7 +13,6 @@
|
|
13 |
{
|
14 |
'enabled_report_only': '<span>Report Only</span> - send email reports only.',
|
15 |
'enabled_delete_only': "<span>Delete Only</span> - automatically delete discovered files; don't send email report.",
|
16 |
-
'enabled_delete_report': "<span>Delete & Report</span> - automatically delete discovered files; send email report. (<em>recommended</em>)"
|
17 |
}
|
18 |
%}
|
19 |
{{ icwp_macros.formInput_Radio( 'enable_scan', radiovalues, 'Enable Automatic Scanning' ) }}
|
13 |
{
|
14 |
'enabled_report_only': '<span>Report Only</span> - send email reports only.',
|
15 |
'enabled_delete_only': "<span>Delete Only</span> - automatically delete discovered files; don't send email report.",
|
|
|
16 |
}
|
17 |
%}
|
18 |
{{ icwp_macros.formInput_Radio( 'enable_scan', radiovalues, 'Enable Automatic Scanning' ) }}
|
templates/twig/wpadmin_pages/base.twig
CHANGED
@@ -27,8 +27,10 @@
|
|
27 |
</div>
|
28 |
</div>
|
29 |
</div>
|
30 |
-
|
31 |
-
|
|
|
|
|
32 |
<div id="WizardBanner" class="row">
|
33 |
<div class="col-xl-5 offset-xl-1 col-6">
|
34 |
<h6 class="text-left">{{ strings.join_thousands_H }}</h6>
|
@@ -36,11 +38,12 @@
|
|
36 |
</div>
|
37 |
<div class="offset-1 col-3">
|
38 |
<a href="{{ hrefs.go_pro }}" target="_blank" class="btn btn-success">
|
39 |
-
{{ strings.get_pro_protection }}
|
40 |
</div>
|
41 |
</div>
|
42 |
</div>
|
43 |
-
{% endif %}
|
|
|
44 |
|
45 |
{% block inline_scripts %}
|
46 |
{% endblock %}
|
27 |
</div>
|
28 |
</div>
|
29 |
</div>
|
30 |
+
|
31 |
+
{% block pro_promo %}
|
32 |
+
{% if flags.show_promo %}
|
33 |
+
<div id="FooterWizardBanner" class="container-fluid">
|
34 |
<div id="WizardBanner" class="row">
|
35 |
<div class="col-xl-5 offset-xl-1 col-6">
|
36 |
<h6 class="text-left">{{ strings.join_thousands_H }}</h6>
|
38 |
</div>
|
39 |
<div class="offset-1 col-3">
|
40 |
<a href="{{ hrefs.go_pro }}" target="_blank" class="btn btn-success">
|
41 |
+
{{ strings.get_pro_protection }} </a>
|
42 |
</div>
|
43 |
</div>
|
44 |
</div>
|
45 |
+
{% endif %}
|
46 |
+
{% endblock %}
|
47 |
|
48 |
{% block inline_scripts %}
|
49 |
{% endblock %}
|
templates/twig/wpadmin_pages/insights/base.twig
CHANGED
@@ -40,25 +40,7 @@
|
|
40 |
{% endif %}
|
41 |
{% endfor %}
|
42 |
|
43 |
-
<
|
44 |
-
<select class="selectpicker" data-live-search="true"
|
45 |
-
title="{{ strings.jump_to_option }}"
|
46 |
-
data-size="10" multiple
|
47 |
-
data-header="{{ strings.type_below_search }} ..."
|
48 |
-
onchange="location = this.value;">
|
49 |
-
{% for select_section_name,select_section_opts in vars.search_select %}
|
50 |
-
<optgroup label="{{ select_section_name }}">
|
51 |
-
{% for select_opt_key,select_opt_data in select_section_opts %}
|
52 |
-
<option value="{{ select_opt_data.href }}" aria-selected="false"
|
53 |
-
data-tokens="{{ select_opt_data.summary }}"
|
54 |
-
>{{ select_opt_data.name }}
|
55 |
-
</option>
|
56 |
-
{% endfor %}
|
57 |
-
</optgroup>
|
58 |
-
{% endfor %}
|
59 |
-
</select>
|
60 |
-
</li>
|
61 |
-
<div class="nav-item" id="PluginHeadwayChangelog"></div>
|
62 |
</ul>
|
63 |
</div>
|
64 |
{#<form class="form-inline">#}
|
@@ -68,12 +50,21 @@
|
|
68 |
</nav>
|
69 |
</div>
|
70 |
</div>
|
71 |
-
|
72 |
<script>
|
73 |
-
|
74 |
-
|
75 |
-
|
76 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
77 |
jQuery( document ).ready( function () {
|
78 |
jQuery.fn.selectpicker.Constructor.BootstrapVersion = '4';
|
79 |
|
@@ -81,7 +72,8 @@
|
|
81 |
.removeAttr( "selected" );
|
82 |
} );
|
83 |
</script>
|
84 |
-
<script async src="https://cdn.
|
|
|
85 |
{% endblock %}
|
86 |
|
87 |
{% block page_main %}
|
40 |
{% endif %}
|
41 |
{% endfor %}
|
42 |
|
43 |
+
<div class="nav-item announcekit-widget"></div>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
44 |
</ul>
|
45 |
</div>
|
46 |
{#<form class="form-inline">#}
|
50 |
</nav>
|
51 |
</div>
|
52 |
</div>
|
|
|
53 |
<script>
|
54 |
+
window.announcekit = (window.announcekit || {
|
55 |
+
queue: [], on: function ( n, x ) {
|
56 |
+
window.announcekit.queue.push( [ n, x ] );
|
57 |
+
}, push: function ( x ) {
|
58 |
+
window.announcekit.queue.push( x );
|
59 |
+
}
|
60 |
+
});
|
61 |
+
window.announcekit.push( {
|
62 |
+
"widget": "https://announcekit.app/widget/{{ vars.changelog_id }}",
|
63 |
+
"selector": ".announcekit-widget",
|
64 |
+
"version": 2
|
65 |
+
} )
|
66 |
+
</script>
|
67 |
+
<script>
|
68 |
jQuery( document ).ready( function () {
|
69 |
jQuery.fn.selectpicker.Constructor.BootstrapVersion = '4';
|
70 |
|
72 |
.removeAttr( "selected" );
|
73 |
} );
|
74 |
</script>
|
75 |
+
<script async src="https://cdn.announcekit.app/widget.js"></script>
|
76 |
+
{% include '/snippets/js/widget_freshdesk.twig' %}
|
77 |
{% endblock %}
|
78 |
|
79 |
{% block page_main %}
|
templates/twig/wpadmin_pages/insights/debug/index.twig
ADDED
@@ -0,0 +1,26 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
{% extends '/wpadmin_pages/insights/base.twig' %}
|
2 |
+
|
3 |
+
{% block page_main %}
|
4 |
+
<div class="row">
|
5 |
+
{% for group_title,group in vars.debug_data %}
|
6 |
+
<div class="col-12 insights_section">
|
7 |
+
<h5 class="mb-3">{{ group_title }}</h5>
|
8 |
+
<div class="card-group">
|
9 |
+
{% for title,section_data in group %}
|
10 |
+
<div class="card">
|
11 |
+
<div class="card-header">{{ title }}</div>
|
12 |
+
<div class="card-body">
|
13 |
+
<dl>
|
14 |
+
{% for key,val in section_data %}
|
15 |
+
<dt>{{ key }}</dt>
|
16 |
+
<dd class="mb-2">{{ val }}</dd>
|
17 |
+
{% endfor %}
|
18 |
+
</dl>
|
19 |
+
</div>
|
20 |
+
</div>
|
21 |
+
{% endfor %}
|
22 |
+
</div>
|
23 |
+
</div>
|
24 |
+
{% endfor %}
|
25 |
+
</div>
|
26 |
+
{% endblock %}
|
templates/twig/wpadmin_pages/insights/importexport/from_file.twig
CHANGED
@@ -45,24 +45,12 @@
|
|
45 |
<div class="" id="">
|
46 |
<div class="form-group text-right">
|
47 |
<a id="ExportDownload" href="{{ hrefs.export_file_download }}"
|
48 |
-
class="btn btn-primary
|
|
|
49 |
</div>
|
50 |
</div>
|
51 |
</div>
|
52 |
</div>
|
53 |
</div>
|
54 |
|
55 |
-
</div>
|
56 |
-
|
57 |
-
<script>
|
58 |
-
jQuery( document ).ready( function () {
|
59 |
-
jQuery( document ).on( "click", "a#ExportDownload", function () {
|
60 |
-
event.preventDefault();
|
61 |
-
jQuery.fileDownload( jQuery( this ).attr( 'href' ), {
|
62 |
-
preparingMessageHtml: "{{ strings.downloading_please_wait }}",
|
63 |
-
failMessageHtml: "{{ strings.problem_downloading_file }}"
|
64 |
-
} );
|
65 |
-
return false;
|
66 |
-
} );
|
67 |
-
} );
|
68 |
-
</script>
|
45 |
<div class="" id="">
|
46 |
<div class="form-group text-right">
|
47 |
<a id="ExportDownload" href="{{ hrefs.export_file_download }}"
|
48 |
+
class="btn btn-primary shield_file_download"
|
49 |
+
type="submit">{{ strings.title_download_file }}</a>
|
50 |
</div>
|
51 |
</div>
|
52 |
</div>
|
53 |
</div>
|
54 |
</div>
|
55 |
|
56 |
+
</div>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
templates/twig/wpadmin_pages/insights/license/license.twig
CHANGED
@@ -1,30 +1,8 @@
|
|
1 |
{% import "/common/macros.twig" as icwp_macros %}
|
2 |
<style>
|
3 |
-
#accordionTop .accordion-toggle h3 {
|
4 |
-
color: #333333;
|
5 |
-
}
|
6 |
-
#accordionTop .accordion-toggle {
|
7 |
-
background-color: rgba(255, 255, 255, 0.6);
|
8 |
-
}
|
9 |
-
#accordionTop .accordion-toggle:hover {
|
10 |
-
text-decoration: none;
|
11 |
-
background-color: rgba(255, 255, 255, 0.6);
|
12 |
-
}
|
13 |
-
#accordionTop .accordion-toggle:focus {
|
14 |
-
box-shadow: none;
|
15 |
-
}
|
16 |
-
#accordionTop .accordion-group {
|
17 |
-
margin-bottom: 15px;
|
18 |
-
}
|
19 |
-
#accordionTop .accordion-inner {
|
20 |
-
background-color: rgba(255, 255, 255, 0.6);
|
21 |
-
}
|
22 |
#ButtonBuyNow {
|
23 |
margin: 20px;
|
24 |
}
|
25 |
-
.licenseForm button {
|
26 |
-
display: block;
|
27 |
-
}
|
28 |
.card {
|
29 |
margin-bottom: 20px;
|
30 |
}
|
@@ -65,77 +43,103 @@
|
|
65 |
<h6 class="card-subtitle text-muted">{{ strings.check_availability }}</h6>
|
66 |
</div>
|
67 |
<div class="card-body">
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
68 |
<form method="post" class="licenseForm">
|
69 |
{% for ajax_key, ajax_val in ajax.license_handling %}
|
70 |
<input type="hidden" name="{{ ajax_key }}" value="{{ ajax_val }}" />
|
71 |
{% endfor %}
|
72 |
<input type="hidden" name="license-action" value="check" />
|
73 |
-
<
|
74 |
-
|
75 |
-
{{ strings.check_license }}
|
76 |
-
</button>
|
77 |
-
|
78 |
-
<div class="form-text text-muted">
|
79 |
-
<ol>
|
80 |
-
<li>{{ strings.url_to_activate }}:
|
81 |
-
<code class="font-weight-bold">{{ vars.activation_url }}</code></li>
|
82 |
-
<li class="font-weight-bold">
|
83 |
-
<a target="_blank" href="{{ aHrefs.keyless_cp }}">{{ strings.activate_site_in }}</a>
|
84 |
-
</li>
|
85 |
-
<li>{{ strings.license_check_limit }}.
|
86 |
-
<br />({{ strings.more_frequent }})
|
87 |
-
</li>
|
88 |
-
</ol>
|
89 |
-
</div>
|
90 |
-
</form>
|
91 |
-
{% if flags.is_pro %}
|
92 |
-
<form method="post" class="licenseForm">
|
93 |
-
{% for ajax_key, ajax_val in ajax.license_handling %}
|
94 |
-
<input type="hidden" name="{{ ajax_key }}" value="{{ ajax_val }}" />
|
95 |
-
{% endfor %}
|
96 |
-
<input type="hidden" name="license-action" value="clear" />
|
97 |
-
|
98 |
-
<button class="btn btn-link m-2" type="submit"
|
99 |
-
style="float: right; text-decoration: none; font-size: small;"
|
100 |
{% if not flags.button_enabled_check %}disabled="disabled"{% endif %} >
|
101 |
-
|
102 |
</button>
|
103 |
-
</form>
|
104 |
-
{% endif %}
|
105 |
-
</div>
|
106 |
-
<div class="card-footer">
|
107 |
-
<form method="post" id="ConnectionDebug">
|
108 |
-
{% for ajax_key, ajax_val in ajax.connection_debug %}
|
109 |
-
<input type="hidden" name="{{ ajax_key }}" value="{{ ajax_val }}" />
|
110 |
-
{% endfor %}
|
111 |
-
<p class="mb-0 text-right">
|
112 |
-
{{ strings.incase_debug }}:
|
113 |
-
<button class="btn btn-link btn-sm p-0" type="submit">[{{ strings.debug }}]</button>
|
114 |
</p>
|
115 |
</form>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
116 |
</div>
|
117 |
|
118 |
</div>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
119 |
</div>
|
120 |
|
121 |
<div class="col-7">
|
122 |
<div id="accordion">
|
123 |
|
124 |
<div class="card gopro-card">
|
125 |
-
<div class="card-header" id="headingOne">
|
126 |
-
<h4 class="mb-0">
|
127 |
-
<button class="btn btn-link" data-toggle="collapse" data-target="#collone"
|
128 |
-
aria-expanded="true" aria-controls="collone">
|
129 |
-
→ {{ icwp_macros.shieldpro }} gives you ...
|
130 |
-
</button>
|
131 |
-
</h4>
|
132 |
-
</div>
|
133 |
|
134 |
-
<div id="collone"
|
135 |
-
data-parent="#accordion">
|
136 |
<div class="card-body">
|
137 |
-
<p><a href="https://shsec.io/gp" target="_blank" class="btn btn-success">
|
138 |
-
See All PRO Features and Extras
|
139 |
<dl class="pro-features">
|
140 |
<dt>Easiest, Frustration-Free WP Pro-Upgrade Anywhere</dt>
|
141 |
<dd>No more license keys to remember/copy-paste! Simply activate your site URL in your
|
@@ -144,7 +148,7 @@
|
|
144 |
|
145 |
<dt>Powerful, Auto-Learning Malware Scanner</dt>
|
146 |
<dd>Detects common and uncommon malware patterns in PHP files and alerts you immediately.
|
147 |
-
<br/>With ShieldNET crowd-sourcing intelligence, Shield automatically hides false-positives
|
148 |
so you can focus on risks that matter, and can ignore the noise that wastes your time.
|
149 |
</dd>
|
150 |
|
@@ -190,63 +194,6 @@
|
|
190 |
</div>
|
191 |
</div>
|
192 |
|
193 |
-
<div class="card gopro-card">
|
194 |
-
<div class="card-header" id="headingTwo">
|
195 |
-
<h5 class="mb-0">
|
196 |
-
<button class="btn btn-link collapsed" data-toggle="collapse" data-target="#colltwo"
|
197 |
-
aria-expanded="false" aria-controls="colltwo">
|
198 |
-
→ Coming Soon...
|
199 |
-
</button>
|
200 |
-
</h5>
|
201 |
-
</div>
|
202 |
-
<div id="colltwo" class="collapse" aria-labelledby="headingTwo" data-parent="#accordion">
|
203 |
-
<div class="card-body">
|
204 |
-
<dl>
|
205 |
-
<dt>Select individual plugins for automatic updates</dt>
|
206 |
-
<dd>You'll soon be able to select individual plugins for automatic updates. Right now it's all or nothing.</dd>
|
207 |
-
|
208 |
-
<dt>Improved performance/optimizations for PHP 5.6+</dt>
|
209 |
-
<dd>We're rewriting your favourite security plugin to take full advantage of the latest PHP developments.</dd>
|
210 |
-
|
211 |
-
<dt>Statistic and Reporting</dt>
|
212 |
-
<dd>You'll be able to review and generate reports on keys security events on your sites.</dd>
|
213 |
-
|
214 |
-
<dt>And Much More...</dt>
|
215 |
-
<dd>With your continued support, we'll add more and more features...</dd>
|
216 |
-
</dl>
|
217 |
-
</div>
|
218 |
-
</div>
|
219 |
-
</div>
|
220 |
-
|
221 |
-
<div class="card gopro-card">
|
222 |
-
<div class="card-header" id="headingThree">
|
223 |
-
<h5 class="mb-0">
|
224 |
-
<button class="btn btn-link collapsed" data-toggle="collapse" data-target="#collthree"
|
225 |
-
aria-expanded="false" aria-controls="collthree">
|
226 |
-
→ How To Get Shield Pro?
|
227 |
-
</button>
|
228 |
-
</h5>
|
229 |
-
</div>
|
230 |
-
<div id="collthree" class="collapse" aria-labelledby="headingThree" data-parent="#accordion">
|
231 |
-
<div class="card-body">
|
232 |
-
|
233 |
-
<p>Shield Security Pro is available from our online store and may be purchased
|
234 |
-
in US Dollar, €uros, or £GBPounds</p>
|
235 |
-
<ol>
|
236 |
-
<li>Just grab a new license from the
|
237 |
-
<a href="https://shsec.io/buyshieldpro" target="_blank">Shield Pro store</a>.</li>
|
238 |
-
<li>Register your site URL with our control panel.</li>
|
239 |
-
<li>Activate your license on your sites using the 'Check License' button.</li>
|
240 |
-
</ol>
|
241 |
-
|
242 |
-
<p class="text-center">
|
243 |
-
<a href="https://shsec.io/buyshieldpro" target="_blank" id="ButtonBuyNow"
|
244 |
-
class="btn btn-large btn-success">
|
245 |
-
Upgrade To Shield Pro Now →</a>
|
246 |
-
</p>
|
247 |
-
</div>
|
248 |
-
</div>
|
249 |
-
</div>
|
250 |
</div>
|
251 |
</div>
|
252 |
|
@@ -258,8 +205,6 @@ var iCWP_WPSF_LicenseHandler = new function () {
|
|
258 |
|
259 |
var bRequestCurrentlyRunning = false;
|
260 |
|
261 |
-
/**
|
262 |
-
*/
|
263 |
var submitLicenseForm = function ( event ) {
|
264 |
iCWP_WPSF_BodyOverlay.show();
|
265 |
|
1 |
{% import "/common/macros.twig" as icwp_macros %}
|
2 |
<style>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
3 |
#ButtonBuyNow {
|
4 |
margin: 20px;
|
5 |
}
|
|
|
|
|
|
|
6 |
.card {
|
7 |
margin-bottom: 20px;
|
8 |
}
|
43 |
<h6 class="card-subtitle text-muted">{{ strings.check_availability }}</h6>
|
44 |
</div>
|
45 |
<div class="card-body">
|
46 |
+
|
47 |
+
<ol>
|
48 |
+
<li>
|
49 |
+
<a target="_blank" href="{{ aHrefs.keyless_cp }}">{{ strings.activate_site_in }}</a>
|
50 |
+
</li>
|
51 |
+
<li>{{ strings.url_to_activate }}:
|
52 |
+
<code class="font-weight-bold">{{ vars.activation_url }}</code></li>
|
53 |
+
<li>{{ strings.license_check_limit }}.
|
54 |
+
<br />({{ strings.more_frequent }})
|
55 |
+
</li>
|
56 |
+
</ol>
|
57 |
+
|
58 |
<form method="post" class="licenseForm">
|
59 |
{% for ajax_key, ajax_val in ajax.license_handling %}
|
60 |
<input type="hidden" name="{{ ajax_key }}" value="{{ ajax_val }}" />
|
61 |
{% endfor %}
|
62 |
<input type="hidden" name="license-action" value="check" />
|
63 |
+
<p class="text-center">
|
64 |
+
<button class="btn btn-success m-2" type="submit"
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
65 |
{% if not flags.button_enabled_check %}disabled="disabled"{% endif %} >
|
66 |
+
{{ strings.check_license }}
|
67 |
</button>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
68 |
</p>
|
69 |
</form>
|
70 |
+
|
71 |
+
<div class="row">
|
72 |
+
<div class="col-6 text-left">
|
73 |
+
{% if flags.is_pro %}
|
74 |
+
<form method="post" class="licenseForm">
|
75 |
+
{% for ajax_key, ajax_val in ajax.license_handling %}
|
76 |
+
<input type="hidden" name="{{ ajax_key }}" value="{{ ajax_val }}" />
|
77 |
+
{% endfor %}
|
78 |
+
<input type="hidden" name="license-action" value="clear" />
|
79 |
+
|
80 |
+
<button class="btn btn-link p-0" type="submit"
|
81 |
+
style="text-decoration: none; font-size: small;"
|
82 |
+
{% if not flags.button_enabled_check %}disabled="disabled"{% endif %} >
|
83 |
+
<span class="text-danger">✘ {{ strings.clear_license }}</span>
|
84 |
+
</button>
|
85 |
+
</form>
|
86 |
+
{% else %}
|
87 |
+
<a href="https://shsec.io/buyshieldpro" target="_blank" class="card-link"
|
88 |
+
class="">{{ strings.go_pro }}</a>
|
89 |
+
{% endif %}
|
90 |
+
</div>
|
91 |
+
|
92 |
+
<div class="col-6 text-right">
|
93 |
+
<form method="post" id="ConnectionDebug">
|
94 |
+
{% for ajax_key, ajax_val in ajax.connection_debug %}
|
95 |
+
<input type="hidden" name="{{ ajax_key }}" value="{{ ajax_val }}" />
|
96 |
+
{% endfor %}
|
97 |
+
<p class="mb-0">
|
98 |
+
<button class="btn btn-link btn-sm p-0"
|
99 |
+
title="{{ strings.incase_debug }}"
|
100 |
+
type="submit">{{ strings.debug }}</button>
|
101 |
+
</p>
|
102 |
+
</form>
|
103 |
+
</div>
|
104 |
+
|
105 |
+
</div>
|
106 |
</div>
|
107 |
|
108 |
</div>
|
109 |
+
|
110 |
+
{% if not flags.is_premium %}
|
111 |
+
<div class="card gopro-card">
|
112 |
+
<div class="card-body">
|
113 |
+
|
114 |
+
<p>Shield Security Pro is available from our online store and may be purchased
|
115 |
+
in US Dollar, €uros, or £GBPounds</p>
|
116 |
+
<ol>
|
117 |
+
<li>Just grab a new license from the
|
118 |
+
<a href="https://shsec.io/buyshieldpro" target="_blank">Shield Pro store</a>.</li>
|
119 |
+
<li>Register your site URL with our control panel.</li>
|
120 |
+
<li>Activate your license on your sites using the 'Check License' button.</li>
|
121 |
+
</ol>
|
122 |
+
|
123 |
+
<p class="text-center">
|
124 |
+
<a href="https://shsec.io/buyshieldpro" target="_blank" id="ButtonBuyNow"
|
125 |
+
class="btn btn-large btn-outline-success">
|
126 |
+
Upgrade To Shield Pro Now</a>
|
127 |
+
</p>
|
128 |
+
</div>
|
129 |
+
</div>
|
130 |
+
{% endif %}
|
131 |
+
|
132 |
</div>
|
133 |
|
134 |
<div class="col-7">
|
135 |
<div id="accordion">
|
136 |
|
137 |
<div class="card gopro-card">
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
138 |
|
139 |
+
<div id="collone" aria-labelledby="headingOne">
|
|
|
140 |
<div class="card-body">
|
141 |
+
<p><a href="https://shsec.io/gp" target="_blank" class="btn btn-outline-success">
|
142 |
+
See All PRO Features and Extras</a></p>
|
143 |
<dl class="pro-features">
|
144 |
<dt>Easiest, Frustration-Free WP Pro-Upgrade Anywhere</dt>
|
145 |
<dd>No more license keys to remember/copy-paste! Simply activate your site URL in your
|
148 |
|
149 |
<dt>Powerful, Auto-Learning Malware Scanner</dt>
|
150 |
<dd>Detects common and uncommon malware patterns in PHP files and alerts you immediately.
|
151 |
+
<br />With ShieldNET crowd-sourcing intelligence, Shield automatically hides false-positives
|
152 |
so you can focus on risks that matter, and can ignore the noise that wastes your time.
|
153 |
</dd>
|
154 |
|
194 |
</div>
|
195 |
</div>
|
196 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
197 |
</div>
|
198 |
</div>
|
199 |
|
205 |
|
206 |
var bRequestCurrentlyRunning = false;
|
207 |
|
|
|
|
|
208 |
var submitLicenseForm = function ( event ) {
|
209 |
iCWP_WPSF_BodyOverlay.show();
|
210 |
|
templates/twig/wpadmin_pages/insights/scans/index.twig
CHANGED
@@ -6,4 +6,8 @@
|
|
6 |
{% include '/wpadmin_pages/insights/scans/scan_start.twig' %}
|
7 |
</div>
|
8 |
</div>
|
|
|
|
|
|
|
|
|
9 |
{% endblock %}
|
6 |
{% include '/wpadmin_pages/insights/scans/scan_start.twig' %}
|
7 |
</div>
|
8 |
</div>
|
9 |
+
{% include '/wpadmin_pages/insights/scans/modal/progress.twig' %}
|
10 |
+
{% endblock %}
|
11 |
+
|
12 |
+
{% block pro_promo %}
|
13 |
{% endblock %}
|
templates/twig/wpadmin_pages/insights/scans/{modal_progress.twig → modal/progress.twig}
RENAMED
@@ -1,6 +1,7 @@
|
|
1 |
-
<div class="modal fade" id="ScanProgressModal" tabindex="-1" role="dialog" aria-labelledby="
|
|
|
2 |
aria-hidden="true">
|
3 |
-
<div class="modal-dialog" role="document">
|
4 |
<div class="modal-content">
|
5 |
<div class="modal-header">
|
6 |
<h5 class="modal-title" id="exampleModalLongTitle">
|
1 |
+
<div class="modal fade" id="ScanProgressModal" tabindex="-1" role="dialog" aria-labelledby=""
|
2 |
+
style="z-index: 10000000;"
|
3 |
aria-hidden="true">
|
4 |
+
<div class="modal-dialog modal-dialog-centered" role="document" style="z-index: 10000001;">
|
5 |
<div class="modal-content">
|
6 |
<div class="modal-header">
|
7 |
<h5 class="modal-title" id="exampleModalLongTitle">
|
templates/twig/wpadmin_pages/insights/scans/{modal_progress_snippet.twig → modal/progress_snippet.twig}
RENAMED
File without changes
|
templates/twig/wpadmin_pages/insights/scans/realtime/file_locker/file_diff.twig
ADDED
@@ -0,0 +1,119 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
{% if success %}
|
2 |
+
<div class="card-group">
|
3 |
+
|
4 |
+
<div class="card">
|
5 |
+
|
6 |
+
<div class="card-body">
|
7 |
+
<h5 class="card-title">{{ strings.locked_file }}</h5>
|
8 |
+
|
9 |
+
<dl class="row">
|
10 |
+
<dt class="col">{{ strings.locked }}</dt>
|
11 |
+
<dd class="col">{{ vars.locked_at }}</dd>
|
12 |
+
</dl>
|
13 |
+
|
14 |
+
<dl class="row">
|
15 |
+
<dt class="col">{{ strings.file_size }}</dt>
|
16 |
+
<dd class="col">{{ vars.file_size_locked }}</dd>
|
17 |
+
</dl>
|
18 |
+
|
19 |
+
<dl class="row">
|
20 |
+
<dt class="col">{{ strings.download }}</dt>
|
21 |
+
<dd class="col">
|
22 |
+
<a href="{{ ajax.original }}" title="{{ strings.download }}" class="shield_file_download text-nowrap">
|
23 |
+
<span class="dashicons dashicons-download"></span></a>
|
24 |
+
</dd>
|
25 |
+
</dl>
|
26 |
+
</div>
|
27 |
+
|
28 |
+
</div>
|
29 |
+
|
30 |
+
{% if flags.has_diff %}
|
31 |
+
<div class="card">
|
32 |
+
|
33 |
+
<div class="card-body">
|
34 |
+
<h5 class="card-title">{{ strings.modified_file }}</h5>
|
35 |
+
|
36 |
+
<dl class="row">
|
37 |
+
<dt class="col">{{ strings.modified_at }}</dt>
|
38 |
+
<dd class="col">{{ vars.modified_at }}</dd>
|
39 |
+
</dl>
|
40 |
+
|
41 |
+
<dl class="row">
|
42 |
+
<dt class="col">{{ strings.file_size }}</dt>
|
43 |
+
<dd class="col">{{ vars.file_size_modified }}</dd>
|
44 |
+
</dl>
|
45 |
+
|
46 |
+
<dl class="row">
|
47 |
+
<dt class="col">{{ strings.download }}</dt>
|
48 |
+
<dd class="col">
|
49 |
+
<a href="{{ ajax.current }}" title="{{ strings.download }}" class="shield_file_download text-nowrap">
|
50 |
+
<span class="dashicons dashicons-download"></span></a>
|
51 |
+
</dd>
|
52 |
+
</dl>
|
53 |
+
</div>
|
54 |
+
</div>
|
55 |
+
|
56 |
+
<div class="card">
|
57 |
+
<div class="card-body">
|
58 |
+
<h5 class="card-title">{{ strings.file_restore }}</h5>
|
59 |
+
<form class="filelocker_fileaction">
|
60 |
+
<div class="custom-control custom-checkbox">
|
61 |
+
<input type="checkbox" class="custom-control-input"
|
62 |
+
id="ConfirmFileRestore"
|
63 |
+
name="ConfirmFileRestore"
|
64 |
+
value="Y"
|
65 |
+
/>
|
66 |
+
<label class="custom-control-label"
|
67 |
+
for="ConfirmFileRestore">{{ strings.file_restore_checkbox }}</label>
|
68 |
+
</div>
|
69 |
+
<input href="#"
|
70 |
+
type="submit" value="{{ strings.butt_restore }}"
|
71 |
+
data-action="restore"
|
72 |
+
data-rid="{{ vars.rid }}"
|
73 |
+
class="btn btn-outline-success btn-sm mt-3" />
|
74 |
+
</form>
|
75 |
+
</div>
|
76 |
+
</div>
|
77 |
+
|
78 |
+
<div class="card">
|
79 |
+
<div class="card-body">
|
80 |
+
<h5 class="card-title">{{ strings.file_accept }}</h5>
|
81 |
+
<form class="filelocker_fileaction">
|
82 |
+
<div class="custom-control custom-checkbox">
|
83 |
+
<input type="checkbox" class="custom-control-input"
|
84 |
+
id="ConfirmFileAccept"
|
85 |
+
name="ConfirmFileAccept"
|
86 |
+
value="Y"
|
87 |
+
/>
|
88 |
+
<label class="custom-control-label"
|
89 |
+
for="ConfirmFileAccept">{{ strings.file_accept_checkbox }}</label>
|
90 |
+
</div>
|
91 |
+
<input href="#"
|
92 |
+
type="submit" value="{{ strings.butt_accept }}"
|
93 |
+
data-action="accept"
|
94 |
+
data-rid="{{ vars.rid }}"
|
95 |
+
class="btn btn-outline-danger btn-sm mt-3" />
|
96 |
+
</form>
|
97 |
+
</div>
|
98 |
+
</div>
|
99 |
+
{% endif %}
|
100 |
+
|
101 |
+
</div>
|
102 |
+
{% if flags.has_diff %}
|
103 |
+
<div class="row text-center mt-4">
|
104 |
+
<div class="col">
|
105 |
+
<div class="alert alert-warning mb-2">
|
106 |
+
<p class="m-0">{{ strings.please_review }}</p>
|
107 |
+
</div>
|
108 |
+
</div>
|
109 |
+
</div>
|
110 |
+
<div class="row text-center mt-4">
|
111 |
+
<div class="col"><h5>{{ strings.file_content_original }}</h5></div>
|
112 |
+
<div class="col"><h5>{{ strings.file_content_current }}</h5></div>
|
113 |
+
</div>
|
114 |
+
<hr />
|
115 |
+
{{ html.diff|raw }}
|
116 |
+
{% endif %}
|
117 |
+
{% else %}
|
118 |
+
<div class="alert alert-warning">{{ error }}</div>
|
119 |
+
{% endif %}
|
templates/twig/wpadmin_pages/insights/scans/realtime/file_locker/index.twig
ADDED
@@ -0,0 +1,117 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<div class="row insights_widget" id="SectionScanResultsFileLocker">
|
2 |
+
<div class="col">
|
3 |
+
<div class="card card-scan_results">
|
4 |
+
|
5 |
+
<div class="card-header">
|
6 |
+
<h5 class="card-title">{{ scan.strings.title }}</h5>
|
7 |
+
<h6 class="card-subtitle text-muted">{{ scan.strings.subtitle }}</h6>
|
8 |
+
</div>
|
9 |
+
|
10 |
+
<div class="card-body">
|
11 |
+
|
12 |
+
{% if scan.flags.is_restricted %}
|
13 |
+
{% include '/wpadmin_pages/insights/scans/results/common_unavailable.twig' %}
|
14 |
+
{% else %}
|
15 |
+
{% if scan.flags.has_items %}
|
16 |
+
<div class="col mt-3 mb-3">
|
17 |
+
<div class="input-group m-auto mt-3 mb-3">
|
18 |
+
<div class="input-group-prepend">
|
19 |
+
<label class="input-group-text" for="FileLockerFileSelect">
|
20 |
+
Select File To Review
|
21 |
+
</label>
|
22 |
+
</div>
|
23 |
+
<select class="custom-select mw-100" id="FileLockerFileSelect">
|
24 |
+
<option selected value="-">--</option>
|
25 |
+
{% for lock_key, file_lock in scan.vars.file_locks.bad %}
|
26 |
+
<option value="{{ lock_key }}" class="text-danger">{{ file_lock.file }}</option>
|
27 |
+
{% endfor %}
|
28 |
+
{% for lock_key, file_lock in scan.vars.file_locks.good %}
|
29 |
+
<option value="{{ lock_key }}" class="text-success">{{ file_lock.file }}</option>
|
30 |
+
{% endfor %}
|
31 |
+
</select>
|
32 |
+
</div>
|
33 |
+
</div>
|
34 |
+
|
35 |
+
<div class="col">
|
36 |
+
<div id="FileLockerDiffContents" class="w-100">
|
37 |
+
<div class="alert alert-success">
|
38 |
+
<p class="m-0">{{ scan.strings.please_select }}</p>
|
39 |
+
</div>
|
40 |
+
</div>
|
41 |
+
</div>
|
42 |
+
{% else %}
|
43 |
+
{% include '/wpadmin_pages/insights/scans/results/common_disabled.twig' %}
|
44 |
+
{% endif %}
|
45 |
+
{% endif %}
|
46 |
+
</div>
|
47 |
+
|
48 |
+
<div class="card-footer">
|
49 |
+
<div class="row">
|
50 |
+
<div class="col-sm-6">
|
51 |
+
</div>
|
52 |
+
<div class="col-sm-6 text-right">
|
53 |
+
<a href="{{ scan.hrefs.options }}"
|
54 |
+
class="btn btn-sm btn-outline-dark">{{ strings.options }} →</a>
|
55 |
+
</div>
|
56 |
+
</div>
|
57 |
+
</div>
|
58 |
+
|
59 |
+
</div>
|
60 |
+
</div>
|
61 |
+
</div>
|
62 |
+
|
63 |
+
{% if not scan.flags.is_restricted %}
|
64 |
+
<script type="text/javascript">
|
65 |
+
jQuery( '#FileLockerFileSelect' ).on( 'change', function ( e ) {
|
66 |
+
iCWP_WPSF_BodyOverlay.show();
|
67 |
+
let ajax_vars ={{ scan.ajax.filelocker_showdiff|raw }};
|
68 |
+
ajax_vars.rid = jQuery( this ).val();
|
69 |
+
jQuery.post( ajaxurl, ajax_vars,
|
70 |
+
function ( oResponse ) {
|
71 |
+
jQuery( '#FileLockerDiffContents' ).html( oResponse.data.html );
|
72 |
+
}
|
73 |
+
).fail(
|
74 |
+
function () {
|
75 |
+
}
|
76 |
+
).always( function () {
|
77 |
+
iCWP_WPSF_BodyOverlay.hide();
|
78 |
+
}
|
79 |
+
);
|
80 |
+
} );
|
81 |
+
jQuery( document ).on( 'submit', 'form.filelocker_fileaction', function ( evt ) {
|
82 |
+
evt.preventDefault();
|
83 |
+
iCWP_WPSF_BodyOverlay.show();
|
84 |
+
let ajax_vars ={{ scan.ajax.filelocker_fileaction|raw }};
|
85 |
+
let $oButton = jQuery( 'input[type=submit]', this );
|
86 |
+
ajax_vars.confirmed = jQuery( 'input[type=checkbox]', this ).is( ':checked' ) ? 1 : 0;
|
87 |
+
ajax_vars.rid = $oButton.data( 'rid' );
|
88 |
+
ajax_vars.file_action = $oButton.data( 'action' );
|
89 |
+
|
90 |
+
jQuery.post( ajaxurl, ajax_vars,
|
91 |
+
function ( oResponse ) {
|
92 |
+
let sMessage = '';
|
93 |
+
if ( oResponse === null || typeof oResponse.data === 'undefined'
|
94 |
+
|| typeof oResponse.data.message === 'undefined' ) {
|
95 |
+
sMessage = oResponse.success ? 'Success' : 'Failure';
|
96 |
+
}
|
97 |
+
else {
|
98 |
+
sMessage = oResponse.data.message;
|
99 |
+
}
|
100 |
+
iCWP_WPSF_Toaster.showMessage( sMessage, oResponse.success );
|
101 |
+
if ( oResponse.success ) {
|
102 |
+
setTimeout( function () {
|
103 |
+
location.reload();
|
104 |
+
}, 500 );
|
105 |
+
}
|
106 |
+
}
|
107 |
+
).fail(
|
108 |
+
function () {
|
109 |
+
}
|
110 |
+
).always( function () {
|
111 |
+
iCWP_WPSF_BodyOverlay.hide();
|
112 |
+
}
|
113 |
+
);
|
114 |
+
return false;
|
115 |
+
} );
|
116 |
+
</script>
|
117 |
+
{% endif %}
|
templates/twig/wpadmin_pages/insights/scans/results/common_disabled.twig
CHANGED
@@ -1,8 +1,9 @@
|
|
1 |
<div class="row">
|
2 |
-
<div class="col
|
3 |
<div class="alert alert-success m-0">
|
4 |
<h6 class="alert-heading">{{ strings.not_enabled }}</h6>
|
5 |
-
<p class="m-0"><a class="alert-link" href="{{ scan.hrefs.please_enable }}"
|
|
|
6 |
</div>
|
7 |
</div>
|
8 |
</div>
|
1 |
<div class="row">
|
2 |
+
<div class="col">
|
3 |
<div class="alert alert-success m-0">
|
4 |
<h6 class="alert-heading">{{ strings.not_enabled }}</h6>
|
5 |
+
<p class="m-0"><a class="alert-link" href="{{ scan.hrefs.please_enable }}"
|
6 |
+
>{{ strings.please_enable }}</a></p>
|
7 |
</div>
|
8 |
</div>
|
9 |
</div>
|
templates/twig/wpadmin_pages/insights/scans/results/common_unavailable.twig
CHANGED
@@ -1,9 +1,10 @@
|
|
1 |
<div class="row">
|
2 |
-
<div class="col
|
3 |
<div class="alert alert-warning m-0">
|
4 |
<h6 class="alert-heading">{{ strings.not_available }}</h6>
|
5 |
<p class="mb-0">
|
6 |
-
<a href="{{ hrefs.go_pro }}" target="_blank" class="alert-link"
|
|
|
7 |
</p>
|
8 |
</div>
|
9 |
</div>
|
1 |
<div class="row">
|
2 |
+
<div class="col">
|
3 |
<div class="alert alert-warning m-0">
|
4 |
<h6 class="alert-heading">{{ strings.not_available }}</h6>
|
5 |
<p class="mb-0">
|
6 |
+
<a href="{{ hrefs.go_pro }}" target="_blank" class="alert-link"
|
7 |
+
>{{ strings.please_upgrade }}</a>
|
8 |
</p>
|
9 |
</div>
|
10 |
</div>
|
templates/twig/wpadmin_pages/insights/scans/results/mal_disabled.twig
DELETED
@@ -1,8 +0,0 @@
|
|
1 |
-
<div class="row">
|
2 |
-
<div class="col-12">
|
3 |
-
<div class="alert alert-success m-0">
|
4 |
-
<h6 class="alert-heading">{{ strings.not_enabled }}</h6>
|
5 |
-
<p class="m-0"><a class="alert-link" href="{{ scan.hrefs.please_enable }}">{{ strings.please_enable }}</a></p>
|
6 |
-
</div>
|
7 |
-
</div>
|
8 |
-
</div>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
templates/twig/wpadmin_pages/insights/scans/results/ptg_unavailable.twig
DELETED
@@ -1,10 +0,0 @@
|
|
1 |
-
<div class="row">
|
2 |
-
<div class="col-12">
|
3 |
-
<div class="alert alert-warning m-0">
|
4 |
-
<h6 class="alert-heading">{{ strings.not_available }}</h6>
|
5 |
-
<p class="mb-0">
|
6 |
-
<a href="{{ hrefs.go_pro }}" target="_blank"class="alert-link">{{ strings.please_upgrade }} ↗</a>
|
7 |
-
</p>
|
8 |
-
</div>
|
9 |
-
</div>
|
10 |
-
</div>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
templates/twig/wpadmin_pages/insights/scans/scan_areas.twig
CHANGED
@@ -146,7 +146,7 @@
|
|
146 |
<div class="card-footer">
|
147 |
<button class="btn btn-primary float-right"
|
148 |
{% if not flags.can_scan %}disabled="disabled"{% endif %}
|
149 |
-
type="submit" id="
|
150 |
{% if flags.can_scan %}
|
151 |
{{ strings.more_items_longer }}
|
152 |
{% else %}
|
@@ -158,7 +158,6 @@
|
|
158 |
{% endif %}
|
159 |
</div>
|
160 |
</div>
|
161 |
-
{% include '/wpadmin_pages/insights/scans/modal_progress.twig' %}
|
162 |
</form>
|
163 |
|
164 |
<script>
|
@@ -169,11 +168,11 @@
|
|
169 |
}
|
170 |
);
|
171 |
{% if vars.initial_check %}
|
172 |
-
|
173 |
-
|
174 |
-
|
175 |
-
|
176 |
-
|
177 |
{% endif %}
|
178 |
|
179 |
</script>
|
146 |
<div class="card-footer">
|
147 |
<button class="btn btn-primary float-right"
|
148 |
{% if not flags.can_scan %}disabled="disabled"{% endif %}
|
149 |
+
type="submit" id="StartScansButton">{{ strings.run_scans_now }} →</button>
|
150 |
{% if flags.can_scan %}
|
151 |
{{ strings.more_items_longer }}
|
152 |
{% else %}
|
158 |
{% endif %}
|
159 |
</div>
|
160 |
</div>
|
|
|
161 |
</form>
|
162 |
|
163 |
<script>
|
168 |
}
|
169 |
);
|
170 |
{% if vars.initial_check %}
|
171 |
+
jQuery( document ).icwpWpsfScansCheck(
|
172 |
+
{
|
173 |
+
'ajax_scans_check':{{ ajax.scans_check|raw }}
|
174 |
+
}
|
175 |
+
);
|
176 |
{% endif %}
|
177 |
|
178 |
</script>
|
templates/twig/wpadmin_pages/insights/scans/scan_results.twig
CHANGED
@@ -3,8 +3,8 @@
|
|
3 |
<li class="nav-item">
|
4 |
<a class="nav-link active ml-3 mr-2" id="h-tabs-home-tab" data-toggle="tab" href="#h-tabs-aggregate"
|
5 |
role="tab" aria-controls="h-tabs-aggregate" aria-selected="true">
|
6 |
-
<span class="badge badge-{% if aggregate.count > 0 %}danger{%
|
7 |
-
>{
|
8 |
{{ aggregate.strings.title }}
|
9 |
</a>
|
10 |
</li>
|
@@ -14,20 +14,31 @@
|
|
14 |
<li class="nav-item">
|
15 |
<a class="nav-link mr-2" id="h-tabs-home-tab" data-toggle="tab" href="#h-tabs-{{ scankey }}"
|
16 |
role="tab" aria-controls="h-tabs-{{ scankey }}">
|
17 |
-
<span class="badge badge-{% if scanvars.count > 0 %}danger{%
|
18 |
-
>{
|
19 |
-
|
20 |
</a>
|
21 |
</li>
|
22 |
{% endif %}
|
23 |
{% endfor %}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
24 |
</ul>
|
25 |
-
<div class="tab-content" id="ScanResultsTabsContent">
|
|
|
|
|
26 |
<div class="tab-pane show active" id="h-tabs-aggregate" role="tabpanel"
|
27 |
aria-labelledby="h-tabs-aggregate-tab">
|
28 |
-
{% set scan = aggregate %}
|
29 |
{% include '/wpadmin_pages/insights/scans/results/aggregate.twig' %}
|
30 |
</div>
|
|
|
31 |
{% for scankey,scanvars in scans %}
|
32 |
{% if scanvars.flags.show_table %}
|
33 |
<div class="tab-pane" id="h-tabs-{{ scankey }}" role="tabpanel"
|
@@ -37,6 +48,10 @@
|
|
37 |
</div>
|
38 |
{% endif %}
|
39 |
{% endfor %}
|
40 |
-
|
41 |
-
|
|
|
|
|
|
|
|
|
42 |
</div>
|
3 |
<li class="nav-item">
|
4 |
<a class="nav-link active ml-3 mr-2" id="h-tabs-home-tab" data-toggle="tab" href="#h-tabs-aggregate"
|
5 |
role="tab" aria-controls="h-tabs-aggregate" aria-selected="true">
|
6 |
+
<span class="badge badge-{% if aggregate.count > 0 %}danger{% endif %}"
|
7 |
+
>{% if aggregate.count > 0 %}!{% endif %}</span>
|
8 |
{{ aggregate.strings.title }}
|
9 |
</a>
|
10 |
</li>
|
14 |
<li class="nav-item">
|
15 |
<a class="nav-link mr-2" id="h-tabs-home-tab" data-toggle="tab" href="#h-tabs-{{ scankey }}"
|
16 |
role="tab" aria-controls="h-tabs-{{ scankey }}">
|
17 |
+
<span class="badge badge-{% if scanvars.count > 0 %}danger{% endif %}"
|
18 |
+
>{% if scanvars.count > 0 %}!{% endif %}</span>
|
19 |
+
{{ scanvars.strings.title }}
|
20 |
</a>
|
21 |
</li>
|
22 |
{% endif %}
|
23 |
{% endfor %}
|
24 |
+
|
25 |
+
<li class="nav-item">
|
26 |
+
<a class="nav-link ml-3 mr-2" id="h-tabs-home-tab" data-toggle="tab" href="#h-tabs-file_locker"
|
27 |
+
role="tab" aria-controls="h-tabs-file_locker">
|
28 |
+
<span class="badge badge-{% if file_locker.count > 0 %}danger{% endif %}"
|
29 |
+
>{% if file_locker.count > 0 %}!{% endif %}</span>
|
30 |
+
{{ file_locker.strings.title }}
|
31 |
+
</a>
|
32 |
+
</li>
|
33 |
</ul>
|
34 |
+
<div class="tab-content mb-5" id="ScanResultsTabsContent">
|
35 |
+
|
36 |
+
{% set scan = aggregate %}
|
37 |
<div class="tab-pane show active" id="h-tabs-aggregate" role="tabpanel"
|
38 |
aria-labelledby="h-tabs-aggregate-tab">
|
|
|
39 |
{% include '/wpadmin_pages/insights/scans/results/aggregate.twig' %}
|
40 |
</div>
|
41 |
+
|
42 |
{% for scankey,scanvars in scans %}
|
43 |
{% if scanvars.flags.show_table %}
|
44 |
<div class="tab-pane" id="h-tabs-{{ scankey }}" role="tabpanel"
|
48 |
</div>
|
49 |
{% endif %}
|
50 |
{% endfor %}
|
51 |
+
|
52 |
+
<div class="tab-pane show" id="h-tabs-file_locker" role="tabpanel"
|
53 |
+
aria-labelledby="h-tabs-aggregate-tab">
|
54 |
+
{% set scan = file_locker %}
|
55 |
+
{% include '/wpadmin_pages/insights/scans/realtime/file_locker/index.twig' %}
|
56 |
+
</div>
|
57 |
</div>
|
templates/twig/wpadmin_pages/insights/scans/scan_start.twig
CHANGED
@@ -1,33 +1,3 @@
|
|
1 |
-
<style>
|
2 |
-
#ScanPageTabsNav > li {
|
3 |
-
}
|
4 |
-
#ScanPageTabsNav > li a {
|
5 |
-
opacity: 0.7;
|
6 |
-
border-color: #343a40;
|
7 |
-
font-weight: bolder;
|
8 |
-
color: #343a40;
|
9 |
-
}
|
10 |
-
#ScanPageTabsNav > li a:hover {
|
11 |
-
opacity: 1.0;
|
12 |
-
color: #ffffff;
|
13 |
-
}
|
14 |
-
</style>
|
15 |
-
|
16 |
-
<ul class="nav nav-tabs d-block" id="ScanPageTabsNav" role="tablist" style="border-bottom: 0 none;">
|
17 |
-
|
18 |
-
<li id="ScanPageTabsNavResults" class="nav-item hidden">
|
19 |
-
<a class="nav-link active mb-3 btn btn-outline-dark" data-toggle="tab" href="#ScanPagePaneResults"
|
20 |
-
role="tab" aria-controls="h-tabs-scanpage" aria-selected="true">
|
21 |
-
← {{ strings.select_view_results }}
|
22 |
-
</a>
|
23 |
-
</li>
|
24 |
-
<li id="ScanPageTabsNavScan" class="nav-item">
|
25 |
-
<a class="nav-link mb-3 btn btn-outline-dark" data-toggle="tab" href="#ScanPagePaneScanNow"
|
26 |
-
role="tab" aria-controls="h-tabs-scanpage" aria-selected="true">
|
27 |
-
{{ strings.run_scans_now }} →
|
28 |
-
</a>
|
29 |
-
</li>
|
30 |
-
</ul>
|
31 |
<div class="tab-content" id="ScanResultsTabsContent">
|
32 |
|
33 |
<div class="tab-pane show active fade" id="ScanPagePaneResults" role="tabpanel"
|
@@ -48,6 +18,21 @@
|
|
48 |
</div>
|
49 |
</div>
|
50 |
</div>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
51 |
|
52 |
<script type="text/javascript">
|
53 |
jQuery( '#ScanPageTabsNavResults a[data-toggle="tab"]' ).on( 'shown.bs.tab', function ( e ) {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
<div class="tab-content" id="ScanResultsTabsContent">
|
2 |
|
3 |
<div class="tab-pane show active fade" id="ScanPagePaneResults" role="tabpanel"
|
18 |
</div>
|
19 |
</div>
|
20 |
</div>
|
21 |
+
<ul class="nav nav-tabs d-block" id="ScanPageTabsNav" role="tablist" style="border-bottom: 0 none;">
|
22 |
+
|
23 |
+
<li id="ScanPageTabsNavResults" class="nav-item hidden footer-form-actions">
|
24 |
+
<a class="nav-link active btn btn-primary btn-lg" data-toggle="tab" href="#ScanPagePaneResults"
|
25 |
+
role="tab" aria-controls="h-tabs-scanpage" aria-selected="true">
|
26 |
+
← {{ strings.select_view_results }}
|
27 |
+
</a>
|
28 |
+
</li>
|
29 |
+
<li id="ScanPageTabsNavScan" class="nav-item footer-form-actions">
|
30 |
+
<a class="nav-link btn btn-primary btn-lg" data-toggle="tab" href="#ScanPagePaneScanNow"
|
31 |
+
role="tab" aria-controls="h-tabs-scanpage" aria-selected="true">
|
32 |
+
{{ strings.run_scans_now }} →
|
33 |
+
</a>
|
34 |
+
</li>
|
35 |
+
</ul>
|
36 |
|
37 |
<script type="text/javascript">
|
38 |
jQuery( '#ScanPageTabsNavResults a[data-toggle="tab"]' ).on( 'shown.bs.tab', function ( e ) {
|
templates/twig/wpadmin_pages/security_admin/index.twig
CHANGED
@@ -78,4 +78,5 @@
|
|
78 |
{% endblock %}
|
79 |
|
80 |
{% block inline_scripts %}
|
|
|
81 |
{% endblock %}
|
78 |
{% endblock %}
|
79 |
|
80 |
{% block inline_scripts %}
|
81 |
+
{% include '/snippets/js/widget_freshdesk.twig' %}
|
82 |
{% endblock %}
|