PluginProbe ʕ •ᴥ•ʔ
CloudSecure WP Security / 1.4.1
CloudSecure WP Security v1.4.1
1.4.10 1.4.9 trunk 0.9.0 1.0.2 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.2.7 1.3.1 1.3.10 1.3.11 1.3.12 1.3.13 1.3.14 1.3.15 1.3.16 1.3.17 1.3.18 1.3.19 1.3.2 1.3.20 1.3.21 1.3.22 1.3.23 1.3.24 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.3.9 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8
cloudsecure-wp-security / modules / cloudsecure-wp.php
cloudsecure-wp-security / modules Last commit date
admin 4 months ago cli 8 months ago lib 4 months ago captcha.php 2 years ago cloudsecure-wp.php 4 months ago common.php 4 months ago config.php 2 years ago disable-access-system-file.php 4 months ago disable-author-query.php 2 years ago disable-login.php 1 year ago disable-restapi.php 7 months ago disable-xmlrpc.php 1 year ago htaccess.php 5 months ago login-log.php 4 months ago login-notification.php 1 year ago rename-login-page.php 1 year ago restrict-admin-page.php 10 months ago server-error-notification.php 1 year ago two-factor-authentication.php 4 months ago unify-messages.php 2 years ago update-notice.php 7 months ago waf-engine.php 4 months ago waf.php 4 months ago
cloudsecure-wp.php
701 lines
1 <?php
2
3 if ( ! defined( 'ABSPATH' ) ) {
4 exit;
5 }
6
7 require_once __DIR__ . '/common.php';
8 require_once __DIR__ . '/config.php';
9 require_once __DIR__ . '/htaccess.php';
10 require_once __DIR__ . '/login-notification.php';
11 require_once __DIR__ . '/disable-login.php';
12 require_once __DIR__ . '/rename-login-page.php';
13 require_once __DIR__ . '/unify-messages.php';
14 require_once __DIR__ . '/restrict-admin-page.php';
15 require_once __DIR__ . '/disable-xmlrpc.php';
16 require_once __DIR__ . '/disable-author-query.php';
17 require_once __DIR__ . '/disable-restapi.php';
18 require_once __DIR__ . '/update-notice.php';
19 require_once __DIR__ . '/captcha.php';
20 require_once __DIR__ . '/../really-simple-captcha/really-simple-captcha.php';
21 require_once __DIR__ . '/lib/class-time-based-one-time-password.php';
22 require_once __DIR__ . '/lib/class-recovery-codes.php';
23 require_once __DIR__ . '/login-log.php';
24 require_once __DIR__ . '/two-factor-authentication.php';
25 require_once __DIR__ . '/server-error-notification.php';
26 require_once __DIR__ . '/lib/class-waf-rules.php';
27 require_once __DIR__ . '/waf-engine.php';
28 require_once __DIR__ . '/waf.php';
29 require_once __DIR__ . '/disable-access-system-file.php';
30 require_once __DIR__ . '/lib/class-disable-access-system-file-rules.php';
31
32 class CloudSecureWP extends CloudSecureWP_Common {
33 private $config;
34 private $htaccess;
35 private $login_notification;
36 private $disable_login;
37 private $rename_login_page;
38 private $unify_messages;
39 private $restrict_admin_page;
40 private $disable_xmlrpc;
41 private $disable_author_query;
42 private $disable_restapi;
43 private $update_notice;
44 private $captcha;
45 private $login_log;
46 private $two_factor_authentication;
47 private $server_error_notification;
48 private $waf;
49 private $disable_access_system_file;
50
51 function __construct( array $info ) {
52 parent::__construct( $info );
53 $this->config = new CloudSecureWP_Config( $info );
54 $this->htaccess = new CloudSecureWP_Htaccess( $info );
55 $this->login_notification = new CloudSecureWP_Login_Notification( $info, $this->config );
56 $this->disable_login = new CloudSecureWP_Disable_Login( $info, $this->config );
57 $this->rename_login_page = new CloudSecureWP_Rename_Login_Page( $info, $this->config, $this->htaccess );
58 $this->unify_messages = new CloudSecureWP_Unify_Messages( $info, $this->config, $this->disable_login );
59 $this->restrict_admin_page = new CloudSecureWP_Restrict_Admin_Page( $info, $this->config, $this->htaccess, $this->disable_login );
60 $this->disable_xmlrpc = new CloudSecureWP_Disable_XMLRPC( $info, $this->config, $this->htaccess );
61 $this->disable_author_query = new CloudSecureWP_Disable_Author_Query( $info, $this->config );
62 $this->disable_restapi = new CloudSecureWP_Disable_RESTAPI( $info, $this->config );
63 $this->update_notice = new CloudSecureWP_Update_Notice( $info, $this->config );
64 $this->captcha = new CloudSecureWP_CAPTCHA( $info, $this->config );
65 $this->login_log = new CloudSecureWP_Login_Log( $info, $this->config, $this->disable_login );
66 $this->two_factor_authentication = new CloudSecureWP_Two_Factor_Authentication( $info, $this->config, $this->disable_login, $this->login_log );
67 $this->server_error_notification = new CloudSecureWP_Server_Error_Notification( $info, $this->config );
68 $this->waf = new CloudSecureWP_Waf( $info, $this->config );
69 $this->disable_access_system_file = new CloudSecureWP_Disable_Access_System_File( $info, $this->config );
70 }
71
72 /**
73 * プラグイン実行
74 *
75 * @return void
76 */
77 public function run() {
78 if ( ! $this->check_environment() ) {
79 if ( $this->login_notification->is_enabled() ) {
80 $this->login_notification->deactivate();
81 }
82
83 if ( $this->disable_login->is_enabled() ) {
84 $this->disable_login->deactivate();
85 }
86
87 if ( $this->rename_login_page->is_enabled() ) {
88 $this->rename_login_page->deactivate();
89 }
90
91 if ( $this->unify_messages->is_enabled() ) {
92 $this->unify_messages->deactivate();
93 }
94
95 if ( $this->restrict_admin_page->is_enabled() ) {
96 $this->restrict_admin_page->deactivate();
97 }
98
99 if ( $this->disable_xmlrpc->is_enabled() ) {
100 $this->disable_xmlrpc->deactivate();
101 }
102
103 if ( $this->disable_author_query->is_enabled() ) {
104 $this->disable_author_query->deactivate();
105 }
106
107 if ( $this->disable_restapi->is_enabled() ) {
108 $this->disable_restapi->deactivate();
109 }
110
111 if ( $this->update_notice->is_enabled() ) {
112 $this->update_notice->deactivate();
113 }
114
115 if ( $this->captcha->is_enabled() ) {
116 $this->captcha->deactivate();
117 }
118
119 if ( $this->two_factor_authentication->is_enabled() ) {
120 $this->two_factor_authentication->deactivate();
121 }
122
123 if ( $this->server_error_notification->is_enabled() ) {
124 $this->server_error_notification->deactivate();
125 }
126
127 if ( $this->waf->is_enabled() ) {
128 $this->waf->deactivate();
129 }
130
131 if ( $this->disable_access_system_file->is_enabled() ) {
132 $this->disable_access_system_file->deactivate();
133 }
134 } else {
135 if ( $this->waf->is_enabled() ) {
136 add_action( 'plugins_loaded', array( $this->waf, 'waf' ), 10 );
137 }
138
139 if ( $this->server_error_notification->is_enabled() ) {
140 add_filter( 'wp_php_error_args', array( $this->server_error_notification, 'notification' ), 10, 2 );
141 }
142
143 if ( $this->disable_access_system_file->is_enabled() ) {
144 add_action( 'plugins_loaded', array( $this->disable_access_system_file, 'init' ), 11 );
145 }
146
147 add_action( 'wp_login', array( $this->login_log, 'wp_login' ), 1, 1 );
148 add_action( 'wp_login', array( $this->two_factor_authentication, 'cleanup_expired_sessions' ), 2, 0 );
149 add_action( 'xmlrpc_call', array( $this->login_log, 'xmlrpc_call' ), 10 );
150 add_action( 'wp_login_failed', array( $this->login_log, 'wp_login_failed' ), 20, 1 );
151
152 if ( $this->login_notification->is_enabled() ) {
153 add_action( 'wp_login', array( $this->login_notification, 'notification' ), 10, 2 );
154 }
155
156 if ( $this->disable_login->is_enabled() ) {
157 add_filter( 'shake_error_codes', array( $this->disable_login, 'shake_error_codes' ) );
158 add_filter( 'authenticate', array( $this->disable_login, 'authenticate' ), 99, 3 );
159 add_action( 'wp_login_failed', array( $this->disable_login, 'wp_login_failed' ), 10, 1 );
160 }
161
162 if ( $this->rename_login_page->is_enabled() ) {
163 if ( $this->htaccess->setting_tag_exists( $this->rename_login_page->get_feature_key() ) ) {
164 remove_action( 'template_redirect', 'wp_redirect_admin_locations', 1000 );
165 add_action( 'plugins_loaded', array( $this->rename_login_page, 'wp_register_404' ), 10 );
166 add_filter( 'login_init', array( $this->rename_login_page, 'login_init' ), 10, 2 );
167 add_filter( 'site_url', array( $this->rename_login_page, 'site_url' ), 10, 4 );
168 add_filter( 'network_site_url', array( $this->rename_login_page, 'network_site_url' ), 10, 3 );
169 add_filter( 'register', array( $this->rename_login_page, 'register' ), 10, 1 );
170 add_filter( 'wp_redirect', array( $this->rename_login_page, 'wp_redirect' ), 10, 2 );
171 add_filter( 'auth_redirect_scheme', array( $this->rename_login_page, 'auth_redirect_scheme' ), 99, 1 );
172
173 } else {
174 add_action( 'admin_notices', array( $this->rename_login_page, 'admin_notices' ), 10, 0 );
175 $this->rename_login_page->deactivate();
176 }
177 } else {
178 if ( $this->htaccess->setting_tag_exists( $this->rename_login_page->get_feature_key() ) ) {
179 $this->rename_login_page->deactivate();
180 }
181 }
182
183 if ( $this->unify_messages->is_enabled() ) {
184 add_filter( 'login_errors', array( $this->unify_messages, 'login_errors' ), 10, 1 );
185 }
186
187 if ( $this->restrict_admin_page->is_enabled() ) {
188 if ( $this->htaccess->setting_tag_exists( $this->restrict_admin_page->get_feature_key() ) ) {
189 add_action( 'wp_login', array( $this->restrict_admin_page, 'update' ), 1, 2 );
190
191 } else {
192 add_action( 'admin_notices', array( $this->restrict_admin_page, 'admin_notices' ), 10, 0 );
193 $this->restrict_admin_page->deactivate();
194 }
195 } else {
196 if ( $this->htaccess->setting_tag_exists( $this->restrict_admin_page->get_feature_key() ) ) {
197 $this->restrict_admin_page->deactivate();
198 }
199 }
200
201 if ( $this->disable_xmlrpc->is_enabled() ) {
202 if ( $this->disable_xmlrpc->is_pingback_disabled() ) {
203 if ( $this->htaccess->setting_tag_exists( $this->disable_xmlrpc->get_feature_key() ) ) {
204 add_action( 'admin_notices', array( $this->disable_xmlrpc, 'admin_notices' ), 10, 0 );
205 $this->disable_xmlrpc->deactivate();
206 } else {
207 add_filter( 'xmlrpc_methods', array( $this->disable_xmlrpc, 'xmlrpc_methods' ) );
208 }
209 }
210
211 if ( $this->disable_xmlrpc->is_xmlrpc_disabled() ) {
212 if ( ! $this->htaccess->setting_tag_exists( $this->disable_xmlrpc->get_feature_key() ) ) {
213 add_action( 'admin_notices', array( $this->disable_xmlrpc, 'admin_notices' ), 10, 0 );
214 $this->disable_xmlrpc->deactivate();
215 }
216 }
217 } else {
218 if ( $this->htaccess->setting_tag_exists( $this->disable_xmlrpc->get_feature_key() ) ) {
219 $this->disable_xmlrpc->deactivate();
220 }
221 }
222
223 if ( $this->disable_author_query->is_enabled() ) {
224 add_action( 'init', array( $this->disable_author_query, 'init' ) );
225 }
226
227 if ( $this->disable_restapi->is_enabled() ) {
228 add_filter( 'rest_pre_dispatch', array( $this->disable_restapi, 'rest_pre_dispatch' ), 10, 3 );
229 }
230
231 if ( $this->update_notice->is_enabled() ) {
232 $this->update_notice->set_cron();
233 add_action( $this->update_notice->get_cron_key(), array( $this->update_notice, 'update_notice' ) );
234 }
235
236 if ( $this->captcha->is_enabled() && 'xmlrpc.php' !== basename( sanitize_text_field( $_SERVER['SCRIPT_NAME'] ) ) && ! is_admin() ) {
237 add_filter( 'shake_error_codes', array( $this->captcha, 'shake_error_codes' ) );
238
239 if ( $this->captcha->is_login_form_enabled() ) {
240 add_filter( 'login_form', array( $this->captcha, 'login_form' ) );
241 add_action( 'wp_authenticate_user', array( $this->captcha, 'wp_authenticate_user' ), 10, 2 );
242 }
243
244 if ( $this->captcha->is_comment_form_enabled() ) {
245 add_action( 'comment_form_logged_in_after', array( $this->captcha, 'comment_form_default_fields' ), 1 );
246 add_action( 'comment_form_after_fields', array( $this->captcha, 'comment_form_default_fields' ) );
247 add_filter( 'preprocess_comment', array( $this->captcha, 'preprocess_comment' ) );
248 }
249
250 if ( $this->captcha->is_lost_password_form_enabled() ) {
251 add_filter( 'lostpassword_form', array( $this->captcha, 'lostpassword_form' ) );
252 add_filter( 'allow_password_reset', array( $this->captcha, 'allow_password_reset' ), 10, 2 );
253 }
254
255 if ( $this->captcha->is_register_form_enabled() ) {
256 add_action( 'register_form', array( $this->captcha, 'register_form' ) );
257 add_action( 'register_post', array( $this->captcha, 'register_post' ), 10, 3 );
258 }
259 }
260
261 if ( $this->two_factor_authentication->is_enabled() ) {
262 // 2段階認証のAJAXハンドラー
263 add_action( 'wp_ajax_cloudsecurewp_generate_key', array( $this->two_factor_authentication, 'ajax_generate_key' ) );
264 add_action( 'wp_ajax_cloudsecurewp_generate_key_and_send_email', array( $this->two_factor_authentication, 'ajax_generate_key_and_send_email' ) );
265 add_action( 'wp_ajax_cloudsecurewp_verify_auth_code', array( $this->two_factor_authentication, 'ajax_verify_auth_code' ) );
266 add_action( 'wp_ajax_cloudsecurewp_generate_recovery_codes', array( $this->two_factor_authentication, 'ajax_generate_recovery_codes' ) );
267 }
268
269 if ( $this->two_factor_authentication->is_enabled() && 'xmlrpc.php' !== basename( $_SERVER['SCRIPT_NAME'] ) && ! is_admin() ) {
270 add_filter( 'sanitize_user', array( $this->two_factor_authentication, 'restore_login_name' ), 0, 1 );
271 add_filter( 'authenticate', array( $this->two_factor_authentication, 'restore_login_session' ), 0, 3 );
272 add_filter( 'authenticate', array( $this->two_factor_authentication, 'two_factor_disable_login_check' ), 100, 3 );
273 add_filter( 'authenticate', array( $this->two_factor_authentication, 'authenticate_with_two_factor' ), 101, 3 );
274 add_action( 'wp_login', array( $this->two_factor_authentication, 'redirect_if_not_two_factor_authentication_registered' ), 10, 2 );
275 }
276
277 if ( $this->two_factor_authentication->is_enabled() && is_admin() && current_user_can( 'administrator' ) ) {
278 add_filter( 'manage_users_columns', array( $this->two_factor_authentication, 'add_2factor_state_2user_list' ) );
279 add_action( 'manage_users_custom_column', array( $this->two_factor_authentication, 'show_2factor_state_2user_list' ), 10, 3 );
280 }
281 }
282
283 if ( is_admin() ) {
284 if ( 'cloudsecurewp_rename_login_page' === sanitize_text_field( $_GET['page'] ?? '' ) ) {
285 ob_start();
286 }
287
288 $this->update();
289
290 add_action( 'admin_menu', array( $this, 'admin_menu' ) );
291 }
292 }
293
294 /**
295 * プラグイン有効化
296 */
297 public function activate(): void {
298 $this->config->rm();
299 $this->config->set( 'version', $this->info['version'] );
300 $this->config->save();
301
302 $this->login_notification->activate();
303 $this->disable_login->activate();
304 $this->rename_login_page->activate();
305 $this->unify_messages->activate();
306 $this->restrict_admin_page->activate();
307 $this->disable_xmlrpc->activate();
308 $this->disable_author_query->activate();
309 $this->disable_restapi->activate();
310 $this->update_notice->activate();
311 $this->captcha->activate();
312 $this->login_log->activate();
313 $this->two_factor_authentication->activate();
314 $this->server_error_notification->activate();
315 $this->waf->activate();
316 $this->disable_access_system_file->activate();
317 }
318
319 /**
320 * プラグイン無効化
321 */
322 public function deactivate(): void {
323 $this->config->load_option();
324 $this->login_notification->deactivate();
325 $this->disable_login->deactivate();
326 $this->rename_login_page->deactivate();
327 $this->unify_messages->deactivate();
328 $this->restrict_admin_page->deactivate();
329 $this->disable_xmlrpc->deactivate();
330 $this->disable_author_query->deactivate();
331 $this->disable_restapi->deactivate();
332 $this->update_notice->deactivate();
333 $this->captcha->deactivate();
334 $this->two_factor_authentication->deactivate();
335 $this->server_error_notification->deactivate();
336 $this->waf->deactivate();
337 $this->disable_access_system_file->deactivate();
338 }
339
340 /**
341 * admin menuを追加
342 */
343 public function admin_menu(): void {
344 require_once __DIR__ . '/admin/common.php';
345
346 wp_enqueue_style( 'cloudsecurewp', $this->info['plugin_url'] . 'assets/css/style.css', array(), $this->info['version'] );
347
348 $slug = 'cloudsecurewp';
349 add_menu_page( $this->info['plugin_name'], $this->info['plugin_name'], 'manage_options', $slug, array( $this, 'dashboard' ), $this->info['plugin_url'] . 'assets/images/plugin-icon.png?v=2' );
350 add_submenu_page( $slug, 'ダッシュボード', 'ダッシュボード', 'manage_options', $slug, array( $this, 'dashboard' ) );
351 add_submenu_page( $slug, 'ログイン無効化', 'ログイン無効化', 'manage_options', $slug . '_disable_login', array( $this, 'm_disable_login' ) );
352 add_submenu_page( $slug, 'ログインURL変更', 'ログインURL変更', 'manage_options', $slug . '_rename_login_page', array( $this, 'm_rename_login_page' ) );
353 add_submenu_page( $slug, 'ログインエラーメッセージ統一', 'ログインエラーメッセージ統一', 'manage_options', $slug . '_unify_messages', array( $this, 'm_unify_messages' ) );
354 add_submenu_page( $slug, '2段階認証', '2段階認証', 'manage_options', $slug . '_two_factor_authentication', array( $this, 'm_two_factor_authentication' ) );
355 add_submenu_page( $slug, '画像認証追加', '画像認証追加', 'manage_options', $slug . '_captcha', array( $this, 'm_captcha' ) );
356 add_submenu_page( $slug, '管理画面アクセス制限', '管理画面アクセス制限', 'manage_options', $slug . '_restrict_admin_page', array( $this, 'm_restrict_admin_page' ) );
357 add_submenu_page( $slug, '設定ファイルアクセス防止', '設定ファイルアクセス防止', 'manage_options', $slug . '_disable_access_system_file', array( $this, 'm_disable_access_system_file' ) );
358 add_submenu_page( $slug, 'ユーザー名漏えい防止', 'ユーザー名漏えい防止', 'manage_options', $slug . '_disable_author_query', array( $this, 'm_disable_author_query' ) );
359 add_submenu_page( $slug, 'XML-RPC無効化', 'XML-RPC無効化', 'manage_options', $slug . '_disable_xmlrpc', array( $this, 'm_disable_xmlrpc' ) );
360 add_submenu_page( $slug, 'REST API無効化', 'REST API無効化', 'manage_options', $slug . '_disable_restapi', array( $this, 'm_disable_restapi' ) );
361 add_submenu_page( $slug, 'シンプルWAF', 'シンプルWAF', 'manage_options', $slug . '_waf', array( $this, 'm_waf' ) );
362 add_submenu_page( $slug, 'ログイン通知', 'ログイン通知', 'manage_options', $slug . '_login_notification', array( $this, 'm_login_notification' ) );
363 add_submenu_page( $slug, 'アップデート通知', 'アップデート通知', 'manage_options', $slug . '_update_notification', array( $this, 'm_update_notice' ) );
364 add_submenu_page( $slug, 'サーバーエラー通知', 'サーバーエラー通知', 'manage_options', $slug . '_server_error_notification', array( $this, 'm_server_error_notification' ) );
365 add_submenu_page( $slug, 'ログイン履歴', 'ログイン履歴', 'manage_options', $slug . '_login_log', array( $this, 'm_login_log' ) );
366
367 if ( $this->two_factor_authentication->is_enabled_on_screen() ) {
368 add_menu_page( '2段階認証の設定', '2段階認証の設定', 'read', $slug . '_two_factor_authentication_registration', array( $this, 'm_two_factor_authentication_registration' ), 'dashicons-lock', 72 );
369 }
370 }
371
372 /**
373 * ダッシュボードページ
374 *
375 * @return void
376 */
377 public function dashboard(): void {
378 require_once 'admin/dashboard.php';
379
380 $datas = array(
381 $this->login_notification->get_feature_key() => $this->config->get( $this->login_notification->get_feature_key() ),
382 $this->disable_login->get_feature_key() => $this->config->get( $this->disable_login->get_feature_key() ),
383 $this->rename_login_page->get_feature_key() => $this->config->get( $this->rename_login_page->get_feature_key() ),
384 $this->unify_messages->get_feature_key() => $this->config->get( $this->unify_messages->get_feature_key() ),
385 $this->restrict_admin_page->get_feature_key() => $this->config->get( $this->restrict_admin_page->get_feature_key() ),
386 $this->disable_xmlrpc->get_feature_key() => $this->config->get( $this->disable_xmlrpc->get_feature_key() ),
387 $this->disable_author_query->get_feature_key() => $this->config->get( $this->disable_author_query->get_feature_key() ),
388 $this->disable_restapi->get_feature_key() => $this->config->get( $this->disable_restapi->get_feature_key() ),
389 $this->update_notice->get_feature_key() => $this->config->get( $this->update_notice->get_feature_key() ),
390 $this->server_error_notification->get_feature_key() => $this->config->get( $this->server_error_notification->get_feature_key() ),
391 $this->captcha->get_feature_key() => $this->config->get( $this->captcha->get_feature_key() ),
392 $this->two_factor_authentication->get_feature_key() => $this->config->get( $this->two_factor_authentication->get_feature_key() ),
393 $this->waf->get_feature_key() => $this->config->get( $this->waf->get_feature_key() ),
394 $this->disable_access_system_file->get_feature_key() => $this->config->get( $this->disable_access_system_file->get_feature_key() ),
395 );
396
397 new CloudSecureWP_Admin_Dashboard( $this->info, $datas );
398 }
399
400 /**
401 * ログイン通知ページ
402 *
403 * @return void
404 */
405 public function m_login_notification(): void {
406 require_once 'admin/login-notification.php';
407 new CloudSecureWP_Admin_Login_Notification( $this->info, $this->login_notification );
408 }
409
410 /**
411 * ログイン無効化ページ
412 *
413 * @return void
414 */
415 public function m_disable_login(): void {
416 require_once 'admin/disable-login.php';
417 new CloudSecureWP_Admin_Disable_Login( $this->info, $this->disable_login );
418 }
419
420 /**
421 * ログインURL変更
422 *
423 * @return void
424 */
425 public function m_rename_login_page(): void {
426 require_once 'admin/rename-login-page.php';
427 new CloudSecureWP_Admin_Rename_Login_Page( $this->info, $this->rename_login_page );
428 }
429
430 /**
431 * エラーメッセージ単一化機能
432 *
433 * @return void
434 */
435 public function m_unify_messages(): void {
436 require_once 'admin/unify-messages.php';
437 new CloudSecureWP_Admin_Unify_Messages( $this->info, $this->unify_messages );
438 }
439
440 /**
441 * 管理画面アクセス制限
442 *
443 * @return void
444 */
445 public function m_restrict_admin_page(): void {
446 require_once 'admin/restrict-admin-page.php';
447 new CloudSecureWP_Admin_Restrict_Admin_Page( $this->info, $this->restrict_admin_page );
448 }
449
450 /**
451 * XMLRPC無効化
452 *
453 * @return void
454 */
455 public function m_disable_xmlrpc(): void {
456 require_once 'admin/disable-xmlrpc.php';
457 new CloudSecureWP_Admin_Disable_XMLRPC( $this->info, $this->disable_xmlrpc );
458 }
459
460 /**
461 * ユーザー名漏えい防止
462 *
463 * @return void
464 */
465 public function m_disable_author_query(): void {
466 require_once 'admin/disable-author-query.php';
467 new CloudSecureWP_Admin_Disable_Author_Query( $this->info, $this->disable_author_query );
468 }
469
470 /**
471 * REST API無効化
472 *
473 * @return void
474 */
475 public function m_disable_restapi(): void {
476 require_once 'admin/disable-restapi.php';
477 new CloudSecureWP_Admin_Disable_RESTAPI( $this->info, $this->disable_restapi );
478 }
479
480 /**
481 * アップデート通知
482 *
483 * @return void
484 */
485 public function m_update_notice(): void {
486 require_once 'admin/update-notice.php';
487 new CloudSecureWP_Admin_Update_Notice( $this->info, $this->update_notice );
488 }
489
490 /**
491 * 画像認証追加
492 *
493 * @return void
494 */
495 public function m_captcha(): void {
496 require_once 'admin/captcha.php';
497 new CloudSecureWP_Admin_CAPTCHA( $this->info, $this->captcha );
498 }
499
500 /**
501 * ログイン履歴
502 *
503 * @return void
504 */
505 public function m_login_log(): void {
506 require_once 'admin/login-log.php';
507 require_once 'admin/login-log-table.php';
508 new CloudSecureWP_Admin_Login_Log( $this->info, $this->login_log );
509 }
510
511 /**
512 * 2段階認証
513 *
514 * @return void
515 */
516 public function m_two_factor_authentication(): void {
517 require_once 'admin/two-factor-authentication.php';
518 new CloudSecureWP_Admin_Two_Factor_Authentication( $this->info, $this->two_factor_authentication );
519 }
520
521 /**
522 * 2段階認証のデバイス登録
523 *
524 * @return void
525 */
526 public function m_two_factor_authentication_registration(): void {
527 require_once 'admin/two-factor-authentication-registration.php';
528 new CloudSecureWP_Admin_Two_Factor_Authentication_Registration( $this->info, $this->two_factor_authentication );
529 }
530
531 /**
532 * サーバーエラー通知
533 *
534 * @return void
535 */
536 public function m_server_error_notification(): void {
537 require_once 'admin/server-error-notification.php';
538 require_once 'admin/server-error-table.php';
539 new CloudSecureWP_Admin_Server_Error_Notification( $this->info, $this->server_error_notification );
540 }
541
542 /**
543 * シンプルWAF
544 *
545 * @return void
546 */
547 public function m_waf(): void {
548 require_once 'admin/waf.php';
549 require_once 'admin/waf-table.php';
550 new CloudSecureWP_Admin_Waf( $this->info, $this->waf );
551 }
552
553 /**
554 * 設定ファイルアクセス防止
555 *
556 * @return void
557 */
558 public function m_disable_access_system_file(): void {
559 require_once 'admin/disable-access-system-file.php';
560 new CloudSecureWP_Admin_Disable_Access_System_File( $this->info, $this->disable_access_system_file );
561 }
562
563 /**
564 * CLI用のgetterメソッド群
565 * 注意: これらのメソッドはWP-CLI環境でのみ使用されることを想定しています
566 */
567 private function validate_cli_access() {
568 // WP-CLI環境チェック
569 if ( ! defined( 'WP_CLI' ) || ! WP_CLI ) {
570 wp_die( 'Unauthorized access: CLI only' );
571 }
572 }
573
574 public function get_config() {
575 $this->validate_cli_access();
576 return $this->config;
577 }
578
579 public function get_htaccess() {
580 $this->validate_cli_access();
581 return $this->htaccess;
582 }
583
584 public function get_login_notification() {
585 $this->validate_cli_access();
586 return $this->login_notification;
587 }
588
589 public function get_disable_login() {
590 $this->validate_cli_access();
591 return $this->disable_login;
592 }
593
594 public function get_rename_login_page() {
595 $this->validate_cli_access();
596 return $this->rename_login_page;
597 }
598
599 public function get_unify_messages() {
600 $this->validate_cli_access();
601 return $this->unify_messages;
602 }
603
604 public function get_restrict_admin_page() {
605 $this->validate_cli_access();
606 return $this->restrict_admin_page;
607 }
608
609 public function get_disable_xmlrpc() {
610 $this->validate_cli_access();
611 return $this->disable_xmlrpc;
612 }
613
614 public function get_disable_author_query() {
615 $this->validate_cli_access();
616 return $this->disable_author_query;
617 }
618
619 public function get_disable_restapi() {
620 $this->validate_cli_access();
621 return $this->disable_restapi;
622 }
623
624 public function get_update_notice() {
625 $this->validate_cli_access();
626 return $this->update_notice;
627 }
628
629 public function get_captcha() {
630 $this->validate_cli_access();
631 return $this->captcha;
632 }
633
634 public function get_login_log() {
635 $this->validate_cli_access();
636 return $this->login_log;
637 }
638
639 public function get_two_factor_authentication() {
640 $this->validate_cli_access();
641 return $this->two_factor_authentication;
642 }
643
644 public function get_server_error_notification() {
645 $this->validate_cli_access();
646 return $this->server_error_notification;
647 }
648
649 public function get_waf() {
650 $this->validate_cli_access();
651 return $this->waf;
652 }
653
654 public function get_disable_access_system_file() {
655 $this->validate_cli_access();
656 return $this->disable_access_system_file;
657 }
658
659 /**
660 * プラグイン更新時の処理
661 */
662 private function update(): void {
663 $old_version = $this->config->get( 'version' );
664 $now_version = $this->info['version'];
665
666 if ( empty( $old_version ) ) {
667 $old_version = '1.0.0';
668 }
669
670 if ( 0 <= version_compare( $old_version, $now_version ) ) {
671 return;
672 }
673
674 if ( version_compare( $old_version, '1.1.0' ) < 0 ) {
675 $this->two_factor_authentication->activate();
676 $this->server_error_notification->activate();
677 }
678
679 if ( version_compare( $old_version, '1.3.0' ) < 0 ) {
680 $this->waf->activate();
681 $this->disable_access_system_file->activate();
682 }
683
684 if ( version_compare( $old_version, '1.3.7' ) < 0 ) {
685 $this->waf->activate();
686 $this->server_error_notification->activate();
687 }
688
689 if ( version_compare( $old_version, '1.3.24' ) < 0 ) {
690 $this->htaccess->reorganize_plugin_settings_blocks();
691 }
692
693 if ( version_compare( $old_version, '1.4.0' ) < 0 ) {
694 $this->two_factor_authentication->setup_2fa_tables();
695 }
696
697 $this->config->set( 'version', $now_version );
698 $this->config->save();
699 }
700 }
701