PluginProbe ʕ •ᴥ•ʔ
CloudSecure WP Security / 0.9.0
CloudSecure WP Security v0.9.0
1.4.10 1.4.9 trunk 0.9.0 1.0.2 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.2.7 1.3.1 1.3.10 1.3.11 1.3.12 1.3.13 1.3.14 1.3.15 1.3.16 1.3.17 1.3.18 1.3.19 1.3.2 1.3.20 1.3.21 1.3.22 1.3.23 1.3.24 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.3.9 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8
cloudsecure-wp-security / modules / cloudsecure-wp.php
cloudsecure-wp-security / modules Last commit date
admin 2 years ago captcha.php 2 years ago cloudsecure-wp.php 2 years ago common.php 2 years ago config.php 2 years ago disable-author-query.php 2 years ago disable-login.php 2 years ago disable-restapi.php 2 years ago disable-xmlrpc.php 2 years ago htaccess.php 2 years ago login-log.php 2 years ago login-notification.php 2 years ago rename-login-page.php 2 years ago restrict-admin-page.php 2 years ago unify-messages.php 2 years ago update-notice.php 2 years ago
cloudsecure-wp.php
396 lines
1 <?php
2
3 if ( ! defined( 'ABSPATH' ) ) {
4 exit;
5 }
6
7 require_once __DIR__ . '/common.php';
8 require_once __DIR__ . '/config.php';
9 require_once __DIR__ . '/htaccess.php';
10 require_once __DIR__ . '/login-notification.php';
11 require_once __DIR__ . '/disable-login.php';
12 require_once __DIR__ . '/rename-login-page.php';
13 require_once __DIR__ . '/unify-messages.php';
14 require_once __DIR__ . '/restrict-admin-page.php';
15 require_once __DIR__ . '/disable-xmlrpc.php';
16 require_once __DIR__ . '/disable-author-query.php';
17 require_once __DIR__ . '/disable-restapi.php';
18 require_once __DIR__ . '/update-notice.php';
19 require_once __DIR__ . '/captcha.php';
20 require_once __DIR__ . '/../really-simple-captcha/really-simple-captcha.php';
21 require_once __DIR__ . '/login-log.php';
22
23 class CloudSecureWP extends CloudSecureWP_Common {
24 private $config;
25 private $htaccess;
26 private $login_notification;
27 private $disable_login;
28 private $rename_login_page;
29 private $unify_messages;
30 private $restrict_admin_page;
31 private $disable_xmlrpc;
32 private $disable_author_query;
33 private $disable_restapi;
34 private $update_notice;
35 private $captcha;
36 private $login_log;
37
38 function __construct( array $info ) {
39 parent::__construct( $info );
40 $this->config = new CloudSecureWP_Config( $info );
41 $this->htaccess = new CloudSecureWP_Htaccess( $info );
42 $this->login_notification = new CloudSecureWP_Login_Notification( $info, $this->config );
43 $this->disable_login = new CloudSecureWP_Disable_Login( $info, $this->config );
44 $this->rename_login_page = new CloudSecureWP_Rename_Login_Page( $info, $this->config, $this->htaccess );
45 $this->unify_messages = new CloudSecureWP_Unify_Messages( $info, $this->config, $this->disable_login );
46 $this->restrict_admin_page = new CloudSecureWP_Restrict_Admin_Page( $info, $this->config, $this->htaccess, $this->disable_login );
47 $this->disable_xmlrpc = new CloudSecureWP_Disable_XMLRPC( $info, $this->config, $this->htaccess );
48 $this->disable_author_query = new CloudSecureWP_Disable_Author_Query( $info, $this->config );
49 $this->disable_restapi = new CloudSecureWP_Disable_RESTAPI( $info, $this->config );
50 $this->update_notice = new CloudSecureWP_Update_Notice( $info, $this->config );
51 $this->captcha = new CloudSecureWP_CAPTCHA( $info, $this->config );
52 $this->login_log = new CloudSecureWP_Login_Log( $info, $this->config, $this->disable_login );
53 }
54
55 /**
56 * プラグイン実行
57 *
58 * @return void
59 */
60 public function run() {
61 if ( ! $this->check_environment() ) {
62 if ( $this->login_notification->is_enabled() ) {
63 $this->login_notification->deactivate();
64 }
65
66 if ( $this->disable_login->is_enabled() ) {
67 $this->disable_login->deactivate();
68 }
69
70 if ( $this->rename_login_page->is_enabled() ) {
71 $this->rename_login_page->deactivate();
72 }
73
74 if ( $this->unify_messages->is_enabled() ) {
75 $this->unify_messages->deactivate();
76 }
77
78 if ( $this->restrict_admin_page->is_enabled() ) {
79 $this->restrict_admin_page->deactivate();
80 }
81
82 if ( $this->disable_xmlrpc->is_enabled() ) {
83 $this->disable_xmlrpc->deactivate();
84 }
85
86 if ( $this->disable_author_query->is_enabled() ) {
87 $this->disable_author_query->deactivate();
88 }
89
90 if ( $this->disable_restapi->is_enabled() ) {
91 $this->disable_restapi->deactivate();
92 }
93
94 if ( $this->update_notice->is_enabled() ) {
95 $this->update_notice->deactivate();
96 }
97
98 if ( $this->captcha->is_enabled() ) {
99 $this->captcha->deactivate();
100 }
101 } else {
102 add_action( 'wp_login', array( $this->login_log, 'wp_login' ), 1, 1 );
103 add_action( 'xmlrpc_call', array( $this->login_log, 'xmlrpc_call' ), 10 );
104 add_action( 'wp_login_failed', array( $this->login_log, 'wp_login_failed' ), 20, 1 );
105
106 if ( $this->login_notification->is_enabled() ) {
107 add_action( 'wp_login', array( $this->login_notification, 'notification' ), 10, 2 );
108 }
109
110 if ( $this->disable_login->is_enabled() ) {
111 add_filter( 'shake_error_codes', array( $this->disable_login, 'shake_error_codes' ) );
112 add_filter( 'authenticate', array( $this->disable_login, 'authenticate' ), 99, 3 );
113 add_action( 'wp_login_failed', array( $this->disable_login, 'wp_login_failed' ), 10, 1 );
114 }
115
116 if ( $this->rename_login_page->is_enabled() ) {
117 if ( $this->htaccess->setting_tag_exists( $this->rename_login_page->get_feature_key() ) ) {
118 remove_action( 'template_redirect', 'wp_redirect_admin_locations', 1000 );
119 add_filter( 'login_init', array( $this->rename_login_page, 'login_init' ), 10, 2 );
120 add_filter( 'site_url', array( $this->rename_login_page, 'site_url' ), 10, 4 );
121 add_filter( 'network_site_url', array( $this->rename_login_page, 'network_site_url' ), 10, 3 );
122 add_filter( 'register', array( $this->rename_login_page, 'register' ), 10, 1 );
123 add_filter( 'wp_redirect', array( $this->rename_login_page, 'wp_redirect' ), 10, 2 );
124 add_filter( 'auth_redirect_scheme', array( $this->rename_login_page, 'auth_redirect_scheme' ), 99, 1 );
125
126 } else {
127 $this->rename_login_page->deactivate();
128 }
129 }
130
131 if ( $this->unify_messages->is_enabled() ) {
132 add_filter( 'login_errors', array( $this->unify_messages, 'login_errors' ), 10, 1 );
133 }
134
135 if ( $this->restrict_admin_page->is_enabled() ) {
136 if ( $this->htaccess->setting_tag_exists( $this->restrict_admin_page->get_feature_key() ) ) {
137 add_action( 'wp_login', array( $this->restrict_admin_page, 'update' ), 1, 2 );
138
139 } else {
140 $this->restrict_admin_page->deactivate();
141 }
142 }
143
144 if ( $this->disable_xmlrpc->is_enabled() ) {
145 if ( $this->disable_xmlrpc->is_pingback_disabled() ) {
146 add_filter( 'xmlrpc_methods', array( $this->disable_xmlrpc, 'xmlrpc_methods' ) );
147 }
148
149 if ( $this->disable_xmlrpc->is_xmlrpc_disabled() ) {
150 if ( ! $this->htaccess->setting_tag_exists( $this->disable_xmlrpc->get_feature_key() ) ) {
151 $this->disable_xmlrpc->deactivate();
152 }
153 }
154 }
155
156 if ( $this->disable_author_query->is_enabled() ) {
157 add_action( 'init', array( $this->disable_author_query, 'init' ) );
158 }
159
160 if ( $this->disable_restapi->is_enabled() ) {
161 add_filter( 'rest_pre_dispatch', array( $this->disable_restapi, 'rest_pre_dispatch' ), 10, 3 );
162 }
163
164 if ( $this->update_notice->is_enabled() ) {
165 add_action( $this->update_notice->get_cron_key(), array( $this->update_notice, 'update_notice' ) );
166 }
167
168 if ( $this->captcha->is_enabled() && 'xmlrpc.php' !== basename( sanitize_text_field( $_SERVER['SCRIPT_NAME'] ) ) && ! is_admin() ) {
169 add_filter( 'shake_error_codes', array( $this->captcha, 'shake_error_codes' ) );
170
171 if ( $this->captcha->is_login_form_enabled() ) {
172 add_filter( 'login_form', array( $this->captcha, 'login_form' ) );
173 add_action( 'wp_authenticate_user', array( $this->captcha, 'wp_authenticate_user' ), 10, 2 );
174 }
175
176 if ( $this->captcha->is_comment_form_enabled() ) {
177 add_action( 'comment_form_logged_in_after', array( $this->captcha, 'comment_form_default_fields' ), 1 );
178 add_action( 'comment_form_after_fields', array( $this->captcha, 'comment_form_default_fields' ) );
179 add_filter( 'preprocess_comment', array( $this->captcha, 'preprocess_comment' ) );
180 }
181
182 if ( $this->captcha->is_lost_password_form_enabled() ) {
183 add_filter( 'lostpassword_form', array( $this->captcha, 'lostpassword_form' ) );
184 add_filter( 'allow_password_reset', array( $this->captcha, 'allow_password_reset' ), 10, 2 );
185 }
186
187 if ( $this->captcha->is_register_form_enabled() ) {
188 add_action( 'register_form', array( $this->captcha, 'register_form' ) );
189 add_action( 'register_post', array( $this->captcha, 'register_post' ), 10, 3 );
190 }
191 }
192 }
193
194 if ( is_admin() ) {
195 if ( 'rename_login_page' === sanitize_text_field( $_GET['page'] ?? '' ) ) {
196 ob_start();
197 }
198 add_action( 'admin_menu', array( $this, 'admin_menu' ) );
199 }
200 }
201
202 /**
203 * プラグイン有効化
204 */
205 public function activate(): void {
206 $this->config->rm();
207 $this->login_notification->activate();
208 $this->disable_login->activate();
209 $this->rename_login_page->activate();
210 $this->unify_messages->activate();
211 $this->restrict_admin_page->activate();
212 $this->disable_xmlrpc->activate();
213 $this->disable_author_query->activate();
214 $this->disable_restapi->activate();
215 $this->update_notice->activate();
216 $this->captcha->activate();
217 $this->login_log->activate();
218 }
219
220 /**
221 * プラグイン無効化
222 */
223 public function deactivate(): void {
224 $this->config->load_option();
225 $this->login_notification->deactivate();
226 $this->disable_login->deactivate();
227 $this->rename_login_page->deactivate();
228 $this->unify_messages->deactivate();
229 $this->restrict_admin_page->deactivate();
230 $this->disable_xmlrpc->deactivate();
231 $this->disable_author_query->deactivate();
232 $this->disable_restapi->deactivate();
233 $this->update_notice->deactivate();
234 $this->captcha->deactivate();
235 }
236
237 /**
238 * admin menuを追加
239 */
240 public function admin_menu(): void {
241 require_once __DIR__ . '/admin/common.php';
242
243 wp_enqueue_style( 'cloudsecurewp', $this->info['plugin_url'] . 'assets/css/style.css' );
244
245 $slug = 'cloudsecurewp';
246 add_menu_page( $this->info['plugin_name'], $this->info['plugin_name'], 'manage_options', $slug, array( $this, 'dashboard' ), $this->info['plugin_url'] . 'assets/images/plugin-icon.png' );
247 add_submenu_page( $slug, 'ダッシュボード', 'ダッシュボード', 'manage_options', $slug, array( $this, 'dashboard' ) );
248 add_submenu_page( $slug, 'ログイン無効化', 'ログイン無効化', 'manage_options', 'disable_login', array( $this, 'm_disable_login' ) );
249 add_submenu_page( $slug, 'ログインURL変更', 'ログインURL変更', 'manage_options', 'rename_login_page', array( $this, 'm_rename_login_page' ) );
250 add_submenu_page( $slug, 'ログインエラーメッセージ統一', 'ログインエラーメッセージ統一', 'manage_options', 'unify_messages', array( $this, 'm_unify_messages' ) );
251 add_submenu_page( $slug, '管理画面アクセス制限', '管理画面アクセス制限', 'manage_options', 'restrict_admin_page', array( $this, 'm_restrict_admin_page' ) );
252 add_submenu_page( $slug, 'ユーザー名漏えい防止', 'ユーザー名漏えい防止', 'manage_options', 'disable_author_query', array( $this, 'm_disable_author_query' ) );
253 add_submenu_page( $slug, 'XML-RPC無効化', 'XML-RPC無効化', 'manage_options', 'disable_xmlrpc', array( $this, 'm_disable_xmlrpc' ) );
254 add_submenu_page( $slug, 'REST API無効化', 'REST API無効化', 'manage_options', 'disable_restapi', array( $this, 'm_disable_restapi' ) );
255 add_submenu_page( $slug, '画像認証追加', '画像認証追加', 'manage_options', 'captcha', array( $this, 'm_captcha' ) );
256 add_submenu_page( $slug, 'ログイン通知', 'ログイン通知', 'manage_options', 'login_notification', array( $this, 'm_login_notification' ) );
257 add_submenu_page( $slug, 'アップデート通知', 'アップデート通知', 'manage_options', 'update_notification', array( $this, 'm_update_notice' ) );
258 add_submenu_page( $slug, 'ログイン履歴', 'ログイン履歴', 'manage_options', 'login_log', array( $this, 'm_login_log' ) );
259 }
260
261 /**
262 * ダッシュボードページ
263 *
264 * @return void
265 */
266 public function dashboard(): void {
267 require_once 'admin/dashboard.php';
268
269 $datas = array(
270 $this->login_notification->get_feature_key() => $this->config->get( $this->login_notification->get_feature_key() ),
271 $this->disable_login->get_feature_key() => $this->config->get( $this->disable_login->get_feature_key() ),
272 $this->rename_login_page->get_feature_key() => $this->config->get( $this->rename_login_page->get_feature_key() ),
273 $this->unify_messages->get_feature_key() => $this->config->get( $this->unify_messages->get_feature_key() ),
274 $this->restrict_admin_page->get_feature_key() => $this->config->get( $this->restrict_admin_page->get_feature_key() ),
275 $this->disable_xmlrpc->get_feature_key() => $this->config->get( $this->disable_xmlrpc->get_feature_key() ),
276 $this->disable_author_query->get_feature_key() => $this->config->get( $this->disable_author_query->get_feature_key() ),
277 $this->disable_restapi->get_feature_key() => $this->config->get( $this->disable_restapi->get_feature_key() ),
278 $this->update_notice->get_feature_key() => $this->config->get( $this->update_notice->get_feature_key() ),
279 $this->captcha->get_feature_key() => $this->config->get( $this->captcha->get_feature_key() ),
280 );
281
282 new CloudSecureWP_Admin_Dashboard( $this->info, $datas );
283 }
284
285 /**
286 * ログイン通知ページ
287 *
288 * @return void
289 */
290 public function m_login_notification(): void {
291 require_once 'admin/login-notification.php';
292 new CloudSecureWP_Admin_Login_Notification( $this->info, $this->login_notification );
293 }
294
295 /**
296 * ログイン無効化ページ
297 *
298 * @return void
299 */
300 public function m_disable_login(): void {
301 require_once 'admin/disable-login.php';
302 new CloudSecureWP_Admin_Disable_Login( $this->info, $this->disable_login );
303 }
304
305 /**
306 * ログインURL変更
307 *
308 * @return void
309 */
310 public function m_rename_login_page(): void {
311 require_once 'admin/rename-login-page.php';
312 new CloudSecureWP_Admin_Rename_Login_Page( $this->info, $this->rename_login_page );
313 }
314
315 /**
316 * エラーメッセージ単一化機能
317 *
318 * @return void
319 */
320 public function m_unify_messages(): void {
321 require_once 'admin/unify-messages.php';
322 new CloudSecureWP_Admin_Unify_Messages( $this->info, $this->unify_messages );
323 }
324
325 /**
326 * 管理画面アクセス制限
327 *
328 * @return void
329 */
330 public function m_restrict_admin_page(): void {
331 require_once 'admin/restrict-admin-page.php';
332 new CloudSecureWP_Admin_Restrict_Admin_Page( $this->info, $this->restrict_admin_page );
333 }
334
335 /**
336 * XMLRPC無効化
337 *
338 * @return void
339 */
340 public function m_disable_xmlrpc(): void {
341 require_once 'admin/disable-xmlrpc.php';
342 new CloudSecureWP_Admin_Disable_XMLRPC( $this->info, $this->disable_xmlrpc );
343 }
344
345 /**
346 * ユーザー名漏えい防止
347 *
348 * @return void
349 */
350 public function m_disable_author_query(): void {
351 require_once 'admin/disable-author-query.php';
352 new CloudSecureWP_Admin_Disable_Author_Query( $this->info, $this->disable_author_query );
353 }
354
355 /**
356 * REST API無効化
357 *
358 * @return void
359 */
360 public function m_disable_restapi(): void {
361 require_once 'admin/disable-restapi.php';
362 new CloudSecureWP_Admin_Disable_RESTAPI( $this->info, $this->disable_restapi );
363 }
364
365 /**
366 * アップデート通知
367 *
368 * @return void
369 */
370 public function m_update_notice(): void {
371 require_once 'admin/update-notice.php';
372 new CloudSecureWP_Admin_Update_Notice( $this->info, $this->update_notice );
373 }
374
375 /**
376 * 画像認証追加
377 *
378 * @return void
379 */
380 public function m_captcha(): void {
381 require_once 'admin/captcha.php';
382 new CloudSecureWP_Admin_CAPTCHA( $this->info, $this->captcha );
383 }
384
385 /**
386 * ログイン履歴
387 *
388 * @return void
389 */
390 public function m_login_log(): void {
391 require_once 'admin/login-log.php';
392 require_once 'admin/login-log-table.php';
393 new CloudSecureWP_Admin_Login_Log( $this->info, $this->login_log );
394 }
395 }
396