PluginProbe ʕ •ᴥ•ʔ
CloudSecure WP Security / 1.4.1
CloudSecure WP Security v1.4.1
1.4.10 1.4.9 trunk 0.9.0 1.0.2 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.2.7 1.3.1 1.3.10 1.3.11 1.3.12 1.3.13 1.3.14 1.3.15 1.3.16 1.3.17 1.3.18 1.3.19 1.3.2 1.3.20 1.3.21 1.3.22 1.3.23 1.3.24 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.3.9 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8
cloudsecure-wp-security / modules / disable-xmlrpc.php
cloudsecure-wp-security / modules Last commit date
admin 4 months ago cli 8 months ago lib 4 months ago captcha.php 2 years ago cloudsecure-wp.php 4 months ago common.php 4 months ago config.php 2 years ago disable-access-system-file.php 4 months ago disable-author-query.php 2 years ago disable-login.php 1 year ago disable-restapi.php 7 months ago disable-xmlrpc.php 1 year ago htaccess.php 5 months ago login-log.php 4 months ago login-notification.php 1 year ago rename-login-page.php 1 year ago restrict-admin-page.php 10 months ago server-error-notification.php 1 year ago two-factor-authentication.php 4 months ago unify-messages.php 2 years ago update-notice.php 7 months ago waf-engine.php 4 months ago waf.php 4 months ago
disable-xmlrpc.php
209 lines
1 <?php
2
3 if ( ! defined( 'ABSPATH' ) ) {
4 exit;
5 }
6
7 class CloudSecureWP_Disable_XMLRPC extends CloudSecureWP_Common {
8 private const KEY_FEATURE = 'disable_xmlrpc';
9 private const KEY_TYPE = self::KEY_FEATURE . '_type';
10 private const TYPE_VALUE_PINGBACK = '1';
11 private const TYPE_VALUE_XMLRPC = '2';
12 private const TYPE_VALUES = array( self::TYPE_VALUE_PINGBACK, self::TYPE_VALUE_XMLRPC );
13 private $config;
14 private $htaccess;
15
16 function __construct( array $info, CloudSecureWP_Config $config, CloudSecureWP_Htaccess $htaccess ) {
17 parent::__construct( $info );
18 $this->config = $config;
19 $this->htaccess = $htaccess;
20 }
21
22 /**
23 * 機能毎のKEY取得
24 *
25 * @return string
26 */
27 public function get_feature_key(): string {
28 return self::KEY_FEATURE;
29 }
30
31 /**
32 * 有効無効判定
33 *
34 * @return bool
35 */
36 public function is_enabled(): bool {
37 return $this->config->get( $this->get_feature_key() ) === 't' ? true : false;
38 }
39
40 /**
41 * 初期設定値取得
42 *
43 * @return array
44 */
45 public function get_default(): array {
46 $ret = array(
47 self::KEY_FEATURE => $this->check_environment() ? 't' : 'f',
48 self::KEY_TYPE => self::TYPE_VALUES[0],
49 );
50 return $ret;
51 }
52
53 /**
54 * 設定値取得
55 */
56 public function get_settings(): array {
57 $settings = array();
58 $default = $this->get_default();
59
60 foreach ( $default as $key => $val ) {
61 $settings[ $key ] = $this->config->get( $key );
62 }
63
64 return $settings;
65 }
66
67 /**
68 * 設定値保存
69 *
70 * @param array $settings
71 * @return void
72 */
73 public function save_settings( $settings ): void {
74 $default = $this->get_default();
75
76 foreach ( $default as $key => $val ) {
77 $this->config->set( $key, $settings[ $key ] ?? '' );
78 }
79
80 $this->config->save();
81 }
82
83 /**
84 * 設定定義値取得
85 *
86 * @return array
87 */
88 public function get_constant_settings(): array {
89 return array( self::KEY_TYPE => self::TYPE_VALUES );
90 }
91
92 /**
93 * ピンバック無効化判定
94 *
95 * @return bool
96 */
97 public function is_pingback_disabled(): bool {
98 $settings = $this->get_settings();
99 if ( self::TYPE_VALUE_PINGBACK === $settings[ self::KEY_TYPE ] ) {
100 return true;
101 }
102 return false;
103 }
104
105 /**
106 * XMLRPC無効化判定
107 *
108 * @return bool
109 */
110 public function is_xmlrpc_disabled(): bool {
111 $settings = $this->get_settings();
112 if ( self::TYPE_VALUE_XMLRPC === $settings[ self::KEY_TYPE ] ) {
113 return true;
114 }
115 return false;
116 }
117
118 /**
119 * htaccessに書き出す設定を取得
120 *
121 * @return string
122 */
123 private function get_htaccess_settings(): string {
124
125 $setting = "<Files xmlrpc.php>" . "\n";
126 $setting .= " <IfModule authz_core_module>" . "\n";
127 $setting .= " Require all denied" . "\n";
128 $setting .= " </IfModule>" . "\n";
129 $setting .= " <IfModule !authz_core_module>" . "\n";
130 $setting .= " Order allow,deny" . "\n";
131 $setting .= " Deny from all" . "\n";
132 $setting .= " </IfModule>" . "\n";
133 $setting .= "</Files>" . "\n";
134
135 return $setting;
136 }
137
138 /**
139 * htaccessに書き出す設定を更新
140 *
141 * @return bool
142 */
143 public function update_htaccess(): bool {
144 $plugin_tag = $this->htaccess->get_plugin_settings_tag();
145 $tag = $this->get_feature_key();
146
147 if ( $this->htaccess->setting_tag_exists( $plugin_tag ) ) {
148 if ( $this->htaccess->setting_tag_exists( $tag ) ) {
149 if ( ! $this->remove_htaccess() ) {
150 return false;
151 }
152 }
153 } else {
154 $this->htaccess->add_plugin_settings_tag();
155 }
156
157 $setting = $this->get_htaccess_settings();
158 $ret = $this->htaccess->add_feature_setting( $tag, $setting );
159
160 return $ret;
161 }
162
163 /**
164 * htaccessから設定を削除
165 *
166 * @return bool
167 */
168 public function remove_htaccess(): bool {
169 return $this->htaccess->remove_settings( array( $this->get_feature_key() ) );
170 }
171
172 /**
173 * 管理画面に通知表示
174 */
175 public function admin_notices() {
176 $feature = 'XML-RPC無効化';
177 $this->prepare_admin_notices( self::KEY_FEATURE, $feature );
178 }
179
180 /**
181 * xmlrpc_methods
182 */
183 function xmlrpc_methods( $methods ) {
184 unset( $methods['pingback.ping'] );
185 unset( $methods['pingback.extensions.getPingbacks'] );
186 return $methods;
187 }
188
189 /**
190 * 有効化
191 *
192 * @return void
193 */
194 public function activate(): void {
195 $this->save_settings( $this->get_default() );
196 }
197
198 /**
199 * 無効化
200 *
201 * @return void
202 */
203 public function deactivate(): void {
204 $this->remove_htaccess();
205 $this->config->set( self::KEY_FEATURE, 'f' );
206 $this->config->save();
207 }
208 }
209