PluginProbe ʕ •ᴥ•ʔ
CloudSecure WP Security / 1.3.13
CloudSecure WP Security v1.3.13
1.4.10 1.4.9 trunk 0.9.0 1.0.2 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.2.7 1.3.1 1.3.10 1.3.11 1.3.12 1.3.13 1.3.14 1.3.15 1.3.16 1.3.17 1.3.18 1.3.19 1.3.2 1.3.20 1.3.21 1.3.22 1.3.23 1.3.24 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.3.9 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8
cloudsecure-wp-security / modules / disable-access-system-file.php
cloudsecure-wp-security / modules Last commit date
admin 1 year ago lib 1 year ago captcha.php 2 years ago cloudsecure-wp.php 1 year ago common.php 1 year ago config.php 2 years ago disable-access-system-file.php 1 year ago disable-author-query.php 2 years ago disable-login.php 1 year ago disable-restapi.php 1 year ago disable-xmlrpc.php 1 year ago htaccess.php 1 year ago login-log.php 1 year ago login-notification.php 1 year ago rename-login-page.php 1 year ago restrict-admin-page.php 1 year ago server-error-notification.php 1 year ago two-factor-authentication.php 1 year ago unify-messages.php 2 years ago update-notice.php 2 years ago waf-engine.php 1 year ago waf.php 1 year ago
disable-access-system-file.php
116 lines
1 <?php
2
3 if ( ! defined( 'ABSPATH' ) ) {
4 exit;
5 }
6
7 class CloudSecureWP_Disable_Access_System_File extends CloudSecureWP_Waf_Engine {
8 private const KEY_FEATURE = 'disable_access_system_file';
9 private const AVAILABLE_RULES = 1; // waf機能でいう検知する攻撃種別について、本機能では1種類のため1で固定
10 private $disable_access_system_file_rules;
11 private $config;
12
13 function __construct( array $info, CloudSecureWP_Config $config ) {
14 parent::__construct( $info );
15 $this->config = $config;
16 $this->disable_access_system_file_rules = new CloudSecureWP_Disable_Access_System_File_Rules();
17 }
18
19 /**
20 * 機能毎のKEY取得
21 *
22 * @return string
23 */
24 public function get_feature_key(): string {
25 return self::KEY_FEATURE;
26 }
27
28 /**
29 * 有効無効判定
30 *
31 * @return bool
32 */
33 public function is_enabled(): bool {
34 return $this->config->get( $this->get_feature_key() ) === 't' ? true : false;
35 }
36
37 /**
38 * 初期設定値取得
39 *
40 * @return array
41 */
42 public function get_default(): array {
43 $ret = array(
44 self::KEY_FEATURE => $this->check_environment() ? 't' : 'f',
45 );
46 return $ret;
47 }
48
49 /**
50 * 設定値取得
51 */
52 public function get_settings(): array {
53 $settings = array();
54 $default = $this->get_default();
55
56 foreach ( $default as $key => $val ) {
57 $settings[ $key ] = $this->config->get( $key );
58 }
59
60 return $settings;
61 }
62
63 /**
64 * 設定値保存
65 *
66 * @param array $settings
67 * @return void
68 */
69 public function save_settings( $settings ): void {
70 $default = $this->get_default();
71
72 foreach ( $default as $key => $val ) {
73 $this->config->set( $key, $settings[ $key ] ?? '' );
74 }
75
76 $this->config->save();
77 }
78
79 /**
80 * システム設定ファイルアクセス制限
81 */
82 public function init(): void {
83 $waf_rules = $this->disable_access_system_file_rules->get_waf_rules();
84 $locationmatch_rules = $this->disable_access_system_file_rules->get_locationmatch_rules();
85 $remove_rules = array(
86 'ajax_editor' => array( '950005' ),
87 );
88
89 $results = $this->waf_engine( $waf_rules, $locationmatch_rules, self::AVAILABLE_RULES, $remove_rules );
90
91 if ( $results['is_deny'] ) {
92 $this->page403();
93 exit;
94 }
95 }
96
97 /**
98 * 有効化
99 *
100 * @return void
101 */
102 public function activate(): void {
103 $this->save_settings( $this->get_default() );
104 }
105
106 /**
107 * 無効化
108 *
109 * @return void
110 */
111 public function deactivate(): void {
112 $this->config->set( $this->get_feature_key(), 'f' );
113 $this->config->save();
114 }
115 }
116