PluginProbe ʕ •ᴥ•ʔ
CloudSecure WP Security / 1.4.6
CloudSecure WP Security v1.4.6
1.4.10 1.4.9 trunk 0.9.0 1.0.2 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.2.7 1.3.1 1.3.10 1.3.11 1.3.12 1.3.13 1.3.14 1.3.15 1.3.16 1.3.17 1.3.18 1.3.19 1.3.2 1.3.20 1.3.21 1.3.22 1.3.23 1.3.24 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.3.9 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8
cloudsecure-wp-security / modules / cloudsecure-wp.php
cloudsecure-wp-security / modules Last commit date
admin 3 months ago cli 8 months ago lib 3 months ago captcha.php 3 months ago cloudsecure-wp.php 3 months ago common.php 3 months ago config.php 2 years ago disable-access-system-file.php 4 months ago disable-author-query.php 2 years ago disable-login.php 3 months ago disable-restapi.php 7 months ago disable-xmlrpc.php 1 year ago htaccess.php 3 months ago login-log.php 3 months ago login-notification.php 1 year ago rename-login-page.php 3 months ago restrict-admin-page.php 3 months ago server-error-notification.php 3 months ago two-factor-authentication.php 3 months ago unify-messages.php 2 years ago update-notice.php 7 months ago waf-engine.php 3 months ago waf.php 3 months ago
cloudsecure-wp.php
706 lines
1 <?php
2
3 if ( ! defined( 'ABSPATH' ) ) {
4 exit;
5 }
6
7 require_once __DIR__ . '/common.php';
8 require_once __DIR__ . '/config.php';
9 require_once __DIR__ . '/htaccess.php';
10 require_once __DIR__ . '/login-notification.php';
11 require_once __DIR__ . '/disable-login.php';
12 require_once __DIR__ . '/rename-login-page.php';
13 require_once __DIR__ . '/unify-messages.php';
14 require_once __DIR__ . '/restrict-admin-page.php';
15 require_once __DIR__ . '/disable-xmlrpc.php';
16 require_once __DIR__ . '/disable-author-query.php';
17 require_once __DIR__ . '/disable-restapi.php';
18 require_once __DIR__ . '/update-notice.php';
19 require_once __DIR__ . '/captcha.php';
20 require_once __DIR__ . '/../really-simple-captcha/really-simple-captcha.php';
21 require_once __DIR__ . '/lib/class-time-based-one-time-password.php';
22 require_once __DIR__ . '/lib/class-recovery-codes.php';
23 require_once __DIR__ . '/login-log.php';
24 require_once __DIR__ . '/two-factor-authentication.php';
25 require_once __DIR__ . '/server-error-notification.php';
26 require_once __DIR__ . '/lib/class-waf-rules.php';
27 require_once __DIR__ . '/waf-engine.php';
28 require_once __DIR__ . '/waf.php';
29 require_once __DIR__ . '/disable-access-system-file.php';
30 require_once __DIR__ . '/lib/class-disable-access-system-file-rules.php';
31
32 class CloudSecureWP extends CloudSecureWP_Common {
33 private $config;
34 private $htaccess;
35 private $login_notification;
36 private $disable_login;
37 private $rename_login_page;
38 private $unify_messages;
39 private $restrict_admin_page;
40 private $disable_xmlrpc;
41 private $disable_author_query;
42 private $disable_restapi;
43 private $update_notice;
44 private $captcha;
45 private $login_log;
46 private $two_factor_authentication;
47 private $server_error_notification;
48 private $waf;
49 private $disable_access_system_file;
50
51 function __construct( array $info ) {
52 parent::__construct( $info );
53 $this->config = new CloudSecureWP_Config( $info );
54 $this->htaccess = new CloudSecureWP_Htaccess( $info );
55 $this->login_notification = new CloudSecureWP_Login_Notification( $info, $this->config );
56 $this->disable_login = new CloudSecureWP_Disable_Login( $info, $this->config );
57 $this->rename_login_page = new CloudSecureWP_Rename_Login_Page( $info, $this->config, $this->htaccess );
58 $this->unify_messages = new CloudSecureWP_Unify_Messages( $info, $this->config, $this->disable_login );
59 $this->restrict_admin_page = new CloudSecureWP_Restrict_Admin_Page( $info, $this->config, $this->htaccess, $this->disable_login );
60 $this->disable_xmlrpc = new CloudSecureWP_Disable_XMLRPC( $info, $this->config, $this->htaccess );
61 $this->disable_author_query = new CloudSecureWP_Disable_Author_Query( $info, $this->config );
62 $this->disable_restapi = new CloudSecureWP_Disable_RESTAPI( $info, $this->config );
63 $this->update_notice = new CloudSecureWP_Update_Notice( $info, $this->config );
64 $this->captcha = new CloudSecureWP_CAPTCHA( $info, $this->config );
65 $this->login_log = new CloudSecureWP_Login_Log( $info, $this->config, $this->disable_login );
66 $this->two_factor_authentication = new CloudSecureWP_Two_Factor_Authentication( $info, $this->config, $this->disable_login, $this->login_log );
67 $this->server_error_notification = new CloudSecureWP_Server_Error_Notification( $info, $this->config );
68 $this->waf = new CloudSecureWP_Waf( $info, $this->config );
69 $this->disable_access_system_file = new CloudSecureWP_Disable_Access_System_File( $info, $this->config );
70 }
71
72 /**
73 * プラグイン実行
74 *
75 * @return void
76 */
77 public function run() {
78 if ( ! $this->check_environment() ) {
79 if ( $this->login_notification->is_enabled() ) {
80 $this->login_notification->deactivate();
81 }
82
83 if ( $this->disable_login->is_enabled() ) {
84 $this->disable_login->deactivate();
85 }
86
87 if ( $this->rename_login_page->is_enabled() ) {
88 $this->rename_login_page->deactivate();
89 }
90
91 if ( $this->unify_messages->is_enabled() ) {
92 $this->unify_messages->deactivate();
93 }
94
95 if ( $this->restrict_admin_page->is_enabled() ) {
96 $this->restrict_admin_page->deactivate();
97 }
98
99 if ( $this->disable_xmlrpc->is_enabled() ) {
100 $this->disable_xmlrpc->deactivate();
101 }
102
103 if ( $this->disable_author_query->is_enabled() ) {
104 $this->disable_author_query->deactivate();
105 }
106
107 if ( $this->disable_restapi->is_enabled() ) {
108 $this->disable_restapi->deactivate();
109 }
110
111 if ( $this->update_notice->is_enabled() ) {
112 $this->update_notice->deactivate();
113 }
114
115 if ( $this->captcha->is_enabled() ) {
116 $this->captcha->deactivate();
117 }
118
119 if ( $this->two_factor_authentication->is_enabled() ) {
120 $this->two_factor_authentication->deactivate();
121 }
122
123 if ( $this->server_error_notification->is_enabled() ) {
124 $this->server_error_notification->deactivate();
125 }
126
127 if ( $this->waf->is_enabled() ) {
128 $this->waf->deactivate();
129 }
130
131 if ( $this->disable_access_system_file->is_enabled() ) {
132 $this->disable_access_system_file->deactivate();
133 }
134 } else {
135 if ( $this->waf->is_enabled() ) {
136 add_action( 'plugins_loaded', array( $this->waf, 'waf' ), 10 );
137 }
138
139 if ( $this->server_error_notification->is_enabled() ) {
140 add_filter( 'wp_php_error_args', array( $this->server_error_notification, 'notification' ), 10, 2 );
141 }
142
143 if ( $this->disable_access_system_file->is_enabled() ) {
144 add_action( 'plugins_loaded', array( $this->disable_access_system_file, 'init' ), 11 );
145 }
146
147 add_action( 'wp_login', array( $this->login_log, 'wp_login' ), 1, 1 );
148 add_action( 'wp_login', array( $this->two_factor_authentication, 'cleanup_expired_sessions' ), 2, 0 );
149 add_action( 'xmlrpc_call', array( $this->login_log, 'xmlrpc_call' ), 10 );
150 add_action( 'wp_login_failed', array( $this->login_log, 'wp_login_failed' ), 20, 1 );
151
152 if ( $this->login_notification->is_enabled() ) {
153 add_action( 'wp_login', array( $this->login_notification, 'notification' ), 10, 2 );
154 }
155
156 if ( $this->disable_login->is_enabled() ) {
157 add_filter( 'shake_error_codes', array( $this->disable_login, 'shake_error_codes' ) );
158 add_filter( 'authenticate', array( $this->disable_login, 'authenticate' ), 99, 3 );
159 add_action( 'wp_login_failed', array( $this->disable_login, 'wp_login_failed' ), 10, 1 );
160 }
161
162 if ( $this->rename_login_page->is_enabled() ) {
163 if ( $this->htaccess->setting_tag_exists( $this->rename_login_page->get_feature_key() ) ) {
164 remove_action( 'template_redirect', 'wp_redirect_admin_locations', 1000 );
165 add_action( 'plugins_loaded', array( $this->rename_login_page, 'wp_register_404' ), 10 );
166 add_filter( 'login_init', array( $this->rename_login_page, 'login_init' ), 10, 2 );
167 add_filter( 'site_url', array( $this->rename_login_page, 'site_url' ), 10, 4 );
168 add_filter( 'network_site_url', array( $this->rename_login_page, 'network_site_url' ), 10, 3 );
169 add_filter( 'register', array( $this->rename_login_page, 'register' ), 10, 1 );
170 add_filter( 'wp_redirect', array( $this->rename_login_page, 'wp_redirect' ), 10, 2 );
171 add_filter( 'auth_redirect_scheme', array( $this->rename_login_page, 'auth_redirect_scheme' ), 99, 1 );
172
173 } else {
174 add_action( 'admin_notices', array( $this->rename_login_page, 'admin_notices' ), 10, 0 );
175 $this->rename_login_page->deactivate();
176 }
177 } else {
178 if ( $this->htaccess->setting_tag_exists( $this->rename_login_page->get_feature_key() ) ) {
179 $this->rename_login_page->deactivate();
180 }
181 }
182
183 if ( $this->unify_messages->is_enabled() ) {
184 add_filter( 'login_errors', array( $this->unify_messages, 'login_errors' ), 10, 1 );
185 }
186
187 if ( $this->restrict_admin_page->is_enabled() ) {
188 if ( $this->htaccess->setting_tag_exists( $this->restrict_admin_page->get_feature_key() ) ) {
189 add_action( 'wp_login', array( $this->restrict_admin_page, 'update' ), 1, 2 );
190
191 } else {
192 add_action( 'admin_notices', array( $this->restrict_admin_page, 'admin_notices' ), 10, 0 );
193 $this->restrict_admin_page->deactivate();
194 }
195 } else {
196 if ( $this->htaccess->setting_tag_exists( $this->restrict_admin_page->get_feature_key() ) ) {
197 $this->restrict_admin_page->deactivate();
198 }
199 }
200
201 if ( $this->disable_xmlrpc->is_enabled() ) {
202 if ( $this->disable_xmlrpc->is_pingback_disabled() ) {
203 if ( $this->htaccess->setting_tag_exists( $this->disable_xmlrpc->get_feature_key() ) ) {
204 add_action( 'admin_notices', array( $this->disable_xmlrpc, 'admin_notices' ), 10, 0 );
205 $this->disable_xmlrpc->deactivate();
206 } else {
207 add_filter( 'xmlrpc_methods', array( $this->disable_xmlrpc, 'xmlrpc_methods' ) );
208 }
209 }
210
211 if ( $this->disable_xmlrpc->is_xmlrpc_disabled() ) {
212 if ( ! $this->htaccess->setting_tag_exists( $this->disable_xmlrpc->get_feature_key() ) ) {
213 add_action( 'admin_notices', array( $this->disable_xmlrpc, 'admin_notices' ), 10, 0 );
214 $this->disable_xmlrpc->deactivate();
215 }
216 }
217 } else {
218 if ( $this->htaccess->setting_tag_exists( $this->disable_xmlrpc->get_feature_key() ) ) {
219 $this->disable_xmlrpc->deactivate();
220 }
221 }
222
223 if ( $this->disable_author_query->is_enabled() ) {
224 add_action( 'init', array( $this->disable_author_query, 'init' ) );
225 }
226
227 if ( $this->disable_restapi->is_enabled() ) {
228 add_filter( 'rest_pre_dispatch', array( $this->disable_restapi, 'rest_pre_dispatch' ), 10, 3 );
229 }
230
231 if ( $this->update_notice->is_enabled() ) {
232 $this->update_notice->set_cron();
233 add_action( $this->update_notice->get_cron_key(), array( $this->update_notice, 'update_notice' ) );
234 }
235
236 if ( $this->captcha->is_enabled() && 'xmlrpc.php' !== basename( sanitize_text_field( $_SERVER['SCRIPT_NAME'] ) ) && ! is_admin() ) {
237 add_filter( 'shake_error_codes', array( $this->captcha, 'shake_error_codes' ) );
238
239 if ( $this->captcha->is_login_form_enabled() ) {
240 add_filter( 'login_form', array( $this->captcha, 'login_form' ) );
241 add_action( 'wp_authenticate_user', array( $this->captcha, 'wp_authenticate_user' ), 10, 2 );
242 }
243
244 if ( $this->captcha->is_comment_form_enabled() ) {
245 add_action( 'comment_form_logged_in_after', array( $this->captcha, 'comment_form_default_fields' ), 1 );
246 add_action( 'comment_form_after_fields', array( $this->captcha, 'comment_form_default_fields' ) );
247 add_filter( 'preprocess_comment', array( $this->captcha, 'preprocess_comment' ) );
248 add_action( 'wp_footer', array( $this->captcha, 'comment_captcha_reload_script' ) );
249 }
250
251 if ( $this->captcha->is_lost_password_form_enabled() ) {
252 add_filter( 'lostpassword_form', array( $this->captcha, 'lostpassword_form' ) );
253 add_filter( 'allow_password_reset', array( $this->captcha, 'allow_password_reset' ), 10, 2 );
254 }
255
256 if ( $this->captcha->is_register_form_enabled() ) {
257 add_action( 'register_form', array( $this->captcha, 'register_form' ) );
258 add_action( 'register_post', array( $this->captcha, 'register_post' ), 10, 3 );
259 }
260 }
261
262 if ( $this->two_factor_authentication->is_enabled() ) {
263 // 2段階認証のAJAXハンドラー
264 add_action( 'wp_ajax_cloudsecurewp_generate_key', array( $this->two_factor_authentication, 'ajax_generate_key' ) );
265 add_action( 'wp_ajax_cloudsecurewp_generate_key_and_send_email', array( $this->two_factor_authentication, 'ajax_generate_key_and_send_email' ) );
266 add_action( 'wp_ajax_cloudsecurewp_verify_auth_code', array( $this->two_factor_authentication, 'ajax_verify_auth_code' ) );
267 add_action( 'wp_ajax_cloudsecurewp_generate_recovery_codes', array( $this->two_factor_authentication, 'ajax_generate_recovery_codes' ) );
268 }
269
270 if ( $this->two_factor_authentication->is_enabled() && 'xmlrpc.php' !== basename( $_SERVER['SCRIPT_NAME'] ) && ! is_admin() ) {
271 add_filter( 'sanitize_user', array( $this->two_factor_authentication, 'restore_login_name' ), 0, 1 );
272 add_filter( 'authenticate', array( $this->two_factor_authentication, 'restore_login_session' ), 0, 3 );
273 add_filter( 'authenticate', array( $this->two_factor_authentication, 'two_factor_disable_login_check' ), 100, 3 );
274 add_filter( 'authenticate', array( $this->two_factor_authentication, 'authenticate_with_two_factor' ), 101, 3 );
275 add_action( 'wp_login', array( $this->two_factor_authentication, 'redirect_if_not_two_factor_authentication_registered' ), 10, 2 );
276 }
277
278 if ( $this->two_factor_authentication->is_enabled() && is_admin() && current_user_can( 'administrator' ) ) {
279 add_filter( 'manage_users_columns', array( $this->two_factor_authentication, 'add_2factor_state_2user_list' ) );
280 add_action( 'manage_users_custom_column', array( $this->two_factor_authentication, 'show_2factor_state_2user_list' ), 10, 3 );
281 }
282 }
283
284 if ( is_admin() ) {
285 if ( 'cloudsecurewp_rename_login_page' === sanitize_text_field( $_GET['page'] ?? '' ) ) {
286 ob_start();
287 }
288
289 $this->update();
290
291 add_action( 'admin_menu', array( $this, 'admin_menu' ) );
292 }
293 }
294
295 /**
296 * プラグイン有効化
297 */
298 public function activate(): void {
299 $this->config->rm();
300 $this->config->set( 'version', $this->info['version'] );
301 $this->config->save();
302
303 $this->login_notification->activate();
304 $this->disable_login->activate();
305 $this->rename_login_page->activate();
306 $this->unify_messages->activate();
307 $this->restrict_admin_page->activate();
308 $this->disable_xmlrpc->activate();
309 $this->disable_author_query->activate();
310 $this->disable_restapi->activate();
311 $this->update_notice->activate();
312 $this->captcha->activate();
313 $this->login_log->activate();
314 $this->two_factor_authentication->activate();
315 $this->server_error_notification->activate();
316 $this->waf->activate();
317 $this->disable_access_system_file->activate();
318 }
319
320 /**
321 * プラグイン無効化
322 */
323 public function deactivate(): void {
324 $this->config->load_option();
325 $this->login_notification->deactivate();
326 $this->disable_login->deactivate();
327 $this->rename_login_page->deactivate();
328 $this->unify_messages->deactivate();
329 $this->restrict_admin_page->deactivate();
330 $this->disable_xmlrpc->deactivate();
331 $this->disable_author_query->deactivate();
332 $this->disable_restapi->deactivate();
333 $this->update_notice->deactivate();
334 $this->captcha->deactivate();
335 $this->two_factor_authentication->deactivate();
336 $this->server_error_notification->deactivate();
337 $this->waf->deactivate();
338 $this->disable_access_system_file->deactivate();
339 }
340
341 /**
342 * admin menuを追加
343 */
344 public function admin_menu(): void {
345 require_once __DIR__ . '/admin/common.php';
346
347 wp_enqueue_style( 'cloudsecurewp', $this->info['plugin_url'] . 'assets/css/style.css', array(), $this->info['version'] );
348
349 $slug = 'cloudsecurewp';
350 add_menu_page( $this->info['plugin_name'], $this->info['plugin_name'], 'manage_options', $slug, array( $this, 'dashboard' ), $this->info['plugin_url'] . 'assets/images/plugin-icon.png?v=2' );
351 add_submenu_page( $slug, 'ダッシュボード', 'ダッシュボード', 'manage_options', $slug, array( $this, 'dashboard' ) );
352 add_submenu_page( $slug, 'ログイン無効化', 'ログイン無効化', 'manage_options', $slug . '_disable_login', array( $this, 'm_disable_login' ) );
353 add_submenu_page( $slug, 'ログインURL変更', 'ログインURL変更', 'manage_options', $slug . '_rename_login_page', array( $this, 'm_rename_login_page' ) );
354 add_submenu_page( $slug, 'ログインエラーメッセージ統一', 'ログインエラーメッセージ統一', 'manage_options', $slug . '_unify_messages', array( $this, 'm_unify_messages' ) );
355 add_submenu_page( $slug, '2段階認証', '2段階認証', 'manage_options', $slug . '_two_factor_authentication', array( $this, 'm_two_factor_authentication' ) );
356 add_submenu_page( $slug, '画像認証追加', '画像認証追加', 'manage_options', $slug . '_captcha', array( $this, 'm_captcha' ) );
357 add_submenu_page( $slug, '管理画面アクセス制限', '管理画面アクセス制限', 'manage_options', $slug . '_restrict_admin_page', array( $this, 'm_restrict_admin_page' ) );
358 add_submenu_page( $slug, '設定ファイルアクセス防止', '設定ファイルアクセス防止', 'manage_options', $slug . '_disable_access_system_file', array( $this, 'm_disable_access_system_file' ) );
359 add_submenu_page( $slug, 'ユーザー名漏えい防止', 'ユーザー名漏えい防止', 'manage_options', $slug . '_disable_author_query', array( $this, 'm_disable_author_query' ) );
360 add_submenu_page( $slug, 'XML-RPC無効化', 'XML-RPC無効化', 'manage_options', $slug . '_disable_xmlrpc', array( $this, 'm_disable_xmlrpc' ) );
361 add_submenu_page( $slug, 'REST API無効化', 'REST API無効化', 'manage_options', $slug . '_disable_restapi', array( $this, 'm_disable_restapi' ) );
362 add_submenu_page( $slug, 'シンプルWAF', 'シンプルWAF', 'manage_options', $slug . '_waf', array( $this, 'm_waf' ) );
363 add_submenu_page( $slug, 'ログイン通知', 'ログイン通知', 'manage_options', $slug . '_login_notification', array( $this, 'm_login_notification' ) );
364 add_submenu_page( $slug, 'アップデート通知', 'アップデート通知', 'manage_options', $slug . '_update_notification', array( $this, 'm_update_notice' ) );
365 add_submenu_page( $slug, 'サーバーエラー通知', 'サーバーエラー通知', 'manage_options', $slug . '_server_error_notification', array( $this, 'm_server_error_notification' ) );
366 add_submenu_page( $slug, 'ログイン履歴', 'ログイン履歴', 'manage_options', $slug . '_login_log', array( $this, 'm_login_log' ) );
367
368 if ( $this->two_factor_authentication->is_enabled_on_screen() ) {
369 add_menu_page( '2段階認証の設定', '2段階認証の設定', 'read', $slug . '_two_factor_authentication_registration', array( $this, 'm_two_factor_authentication_registration' ), 'dashicons-lock', 72 );
370 }
371 }
372
373 /**
374 * ダッシュボードページ
375 *
376 * @return void
377 */
378 public function dashboard(): void {
379 require_once 'admin/dashboard.php';
380
381 $datas = array(
382 $this->login_notification->get_feature_key() => $this->config->get( $this->login_notification->get_feature_key() ),
383 $this->disable_login->get_feature_key() => $this->config->get( $this->disable_login->get_feature_key() ),
384 $this->rename_login_page->get_feature_key() => $this->config->get( $this->rename_login_page->get_feature_key() ),
385 $this->unify_messages->get_feature_key() => $this->config->get( $this->unify_messages->get_feature_key() ),
386 $this->restrict_admin_page->get_feature_key() => $this->config->get( $this->restrict_admin_page->get_feature_key() ),
387 $this->disable_xmlrpc->get_feature_key() => $this->config->get( $this->disable_xmlrpc->get_feature_key() ),
388 $this->disable_author_query->get_feature_key() => $this->config->get( $this->disable_author_query->get_feature_key() ),
389 $this->disable_restapi->get_feature_key() => $this->config->get( $this->disable_restapi->get_feature_key() ),
390 $this->update_notice->get_feature_key() => $this->config->get( $this->update_notice->get_feature_key() ),
391 $this->server_error_notification->get_feature_key() => $this->config->get( $this->server_error_notification->get_feature_key() ),
392 $this->captcha->get_feature_key() => $this->config->get( $this->captcha->get_feature_key() ),
393 $this->two_factor_authentication->get_feature_key() => $this->config->get( $this->two_factor_authentication->get_feature_key() ),
394 $this->waf->get_feature_key() => $this->config->get( $this->waf->get_feature_key() ),
395 $this->disable_access_system_file->get_feature_key() => $this->config->get( $this->disable_access_system_file->get_feature_key() ),
396 );
397
398 new CloudSecureWP_Admin_Dashboard( $this->info, $datas );
399 }
400
401 /**
402 * ログイン通知ページ
403 *
404 * @return void
405 */
406 public function m_login_notification(): void {
407 require_once 'admin/login-notification.php';
408 new CloudSecureWP_Admin_Login_Notification( $this->info, $this->login_notification );
409 }
410
411 /**
412 * ログイン無効化ページ
413 *
414 * @return void
415 */
416 public function m_disable_login(): void {
417 require_once 'admin/disable-login.php';
418 new CloudSecureWP_Admin_Disable_Login( $this->info, $this->disable_login );
419 }
420
421 /**
422 * ログインURL変更
423 *
424 * @return void
425 */
426 public function m_rename_login_page(): void {
427 require_once 'admin/rename-login-page.php';
428 new CloudSecureWP_Admin_Rename_Login_Page( $this->info, $this->rename_login_page );
429 }
430
431 /**
432 * エラーメッセージ単一化機能
433 *
434 * @return void
435 */
436 public function m_unify_messages(): void {
437 require_once 'admin/unify-messages.php';
438 new CloudSecureWP_Admin_Unify_Messages( $this->info, $this->unify_messages );
439 }
440
441 /**
442 * 管理画面アクセス制限
443 *
444 * @return void
445 */
446 public function m_restrict_admin_page(): void {
447 require_once 'admin/restrict-admin-page.php';
448 new CloudSecureWP_Admin_Restrict_Admin_Page( $this->info, $this->restrict_admin_page );
449 }
450
451 /**
452 * XMLRPC無効化
453 *
454 * @return void
455 */
456 public function m_disable_xmlrpc(): void {
457 require_once 'admin/disable-xmlrpc.php';
458 new CloudSecureWP_Admin_Disable_XMLRPC( $this->info, $this->disable_xmlrpc );
459 }
460
461 /**
462 * ユーザー名漏えい防止
463 *
464 * @return void
465 */
466 public function m_disable_author_query(): void {
467 require_once 'admin/disable-author-query.php';
468 new CloudSecureWP_Admin_Disable_Author_Query( $this->info, $this->disable_author_query );
469 }
470
471 /**
472 * REST API無効化
473 *
474 * @return void
475 */
476 public function m_disable_restapi(): void {
477 require_once 'admin/disable-restapi.php';
478 new CloudSecureWP_Admin_Disable_RESTAPI( $this->info, $this->disable_restapi );
479 }
480
481 /**
482 * アップデート通知
483 *
484 * @return void
485 */
486 public function m_update_notice(): void {
487 require_once 'admin/update-notice.php';
488 new CloudSecureWP_Admin_Update_Notice( $this->info, $this->update_notice );
489 }
490
491 /**
492 * 画像認証追加
493 *
494 * @return void
495 */
496 public function m_captcha(): void {
497 require_once 'admin/captcha.php';
498 new CloudSecureWP_Admin_CAPTCHA( $this->info, $this->captcha );
499 }
500
501 /**
502 * ログイン履歴
503 *
504 * @return void
505 */
506 public function m_login_log(): void {
507 require_once 'admin/login-log.php';
508 require_once 'admin/login-log-table.php';
509 new CloudSecureWP_Admin_Login_Log( $this->info, $this->login_log );
510 }
511
512 /**
513 * 2段階認証
514 *
515 * @return void
516 */
517 public function m_two_factor_authentication(): void {
518 require_once 'admin/two-factor-authentication.php';
519 new CloudSecureWP_Admin_Two_Factor_Authentication( $this->info, $this->two_factor_authentication );
520 }
521
522 /**
523 * 2段階認証のデバイス登録
524 *
525 * @return void
526 */
527 public function m_two_factor_authentication_registration(): void {
528 require_once 'admin/two-factor-authentication-registration.php';
529 new CloudSecureWP_Admin_Two_Factor_Authentication_Registration( $this->info, $this->two_factor_authentication );
530 }
531
532 /**
533 * サーバーエラー通知
534 *
535 * @return void
536 */
537 public function m_server_error_notification(): void {
538 require_once 'admin/server-error-notification.php';
539 require_once 'admin/server-error-table.php';
540 new CloudSecureWP_Admin_Server_Error_Notification( $this->info, $this->server_error_notification );
541 }
542
543 /**
544 * シンプルWAF
545 *
546 * @return void
547 */
548 public function m_waf(): void {
549 require_once 'admin/waf.php';
550 require_once 'admin/waf-table.php';
551 new CloudSecureWP_Admin_Waf( $this->info, $this->waf );
552 }
553
554 /**
555 * 設定ファイルアクセス防止
556 *
557 * @return void
558 */
559 public function m_disable_access_system_file(): void {
560 require_once 'admin/disable-access-system-file.php';
561 new CloudSecureWP_Admin_Disable_Access_System_File( $this->info, $this->disable_access_system_file );
562 }
563
564 /**
565 * CLI用のgetterメソッド群
566 * 注意: これらのメソッドはWP-CLI環境でのみ使用されることを想定しています
567 */
568 private function validate_cli_access() {
569 // WP-CLI環境チェック
570 if ( ! defined( 'WP_CLI' ) || ! WP_CLI ) {
571 wp_die( 'Unauthorized access: CLI only' );
572 }
573 }
574
575 public function get_config() {
576 $this->validate_cli_access();
577 return $this->config;
578 }
579
580 public function get_htaccess() {
581 $this->validate_cli_access();
582 return $this->htaccess;
583 }
584
585 public function get_login_notification() {
586 $this->validate_cli_access();
587 return $this->login_notification;
588 }
589
590 public function get_disable_login() {
591 $this->validate_cli_access();
592 return $this->disable_login;
593 }
594
595 public function get_rename_login_page() {
596 $this->validate_cli_access();
597 return $this->rename_login_page;
598 }
599
600 public function get_unify_messages() {
601 $this->validate_cli_access();
602 return $this->unify_messages;
603 }
604
605 public function get_restrict_admin_page() {
606 $this->validate_cli_access();
607 return $this->restrict_admin_page;
608 }
609
610 public function get_disable_xmlrpc() {
611 $this->validate_cli_access();
612 return $this->disable_xmlrpc;
613 }
614
615 public function get_disable_author_query() {
616 $this->validate_cli_access();
617 return $this->disable_author_query;
618 }
619
620 public function get_disable_restapi() {
621 $this->validate_cli_access();
622 return $this->disable_restapi;
623 }
624
625 public function get_update_notice() {
626 $this->validate_cli_access();
627 return $this->update_notice;
628 }
629
630 public function get_captcha() {
631 $this->validate_cli_access();
632 return $this->captcha;
633 }
634
635 public function get_login_log() {
636 $this->validate_cli_access();
637 return $this->login_log;
638 }
639
640 public function get_two_factor_authentication() {
641 $this->validate_cli_access();
642 return $this->two_factor_authentication;
643 }
644
645 public function get_server_error_notification() {
646 $this->validate_cli_access();
647 return $this->server_error_notification;
648 }
649
650 public function get_waf() {
651 $this->validate_cli_access();
652 return $this->waf;
653 }
654
655 public function get_disable_access_system_file() {
656 $this->validate_cli_access();
657 return $this->disable_access_system_file;
658 }
659
660 /**
661 * プラグイン更新時の処理
662 */
663 private function update(): void {
664 $old_version = $this->config->get( 'version' );
665 $now_version = $this->info['version'];
666
667 if ( empty( $old_version ) ) {
668 $old_version = '1.0.0';
669 }
670
671 if ( 0 <= version_compare( $old_version, $now_version ) ) {
672 return;
673 }
674
675 if ( version_compare( $old_version, '1.1.0' ) < 0 ) {
676 $this->two_factor_authentication->activate();
677 $this->server_error_notification->activate();
678 }
679
680 if ( version_compare( $old_version, '1.3.0' ) < 0 ) {
681 $this->waf->activate();
682 $this->disable_access_system_file->activate();
683 }
684
685 if ( version_compare( $old_version, '1.3.7' ) < 0 ) {
686 $this->waf->activate();
687 $this->server_error_notification->activate();
688 }
689
690 if ( version_compare( $old_version, '1.3.24' ) < 0 ) {
691 $this->htaccess->reorganize_plugin_settings_blocks();
692 }
693
694 if ( version_compare( $old_version, '1.4.0' ) < 0 ) {
695 $this->two_factor_authentication->setup_2fa_tables();
696 }
697
698 if ( version_compare( $old_version, '1.4.6' ) < 0 ) {
699 $this->two_factor_authentication->migrate_recovery_codes_to_json();
700 }
701
702 $this->config->set( 'version', $now_version );
703 $this->config->save();
704 }
705 }
706