PluginProbe ʕ •ᴥ•ʔ
CloudSecure WP Security / 1.4.8
CloudSecure WP Security v1.4.8
1.4.10 1.4.9 trunk 0.9.0 1.0.2 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.2.7 1.3.1 1.3.10 1.3.11 1.3.12 1.3.13 1.3.14 1.3.15 1.3.16 1.3.17 1.3.18 1.3.19 1.3.2 1.3.20 1.3.21 1.3.22 1.3.23 1.3.24 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.3.9 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8
cloudsecure-wp-security / modules / cloudsecure-wp.php
cloudsecure-wp-security / modules Last commit date
admin 2 months ago cli 2 months ago lib 3 months ago captcha.php 3 months ago cloudsecure-wp.php 2 months ago common.php 2 months ago config.php 2 years ago disable-access-system-file.php 4 months ago disable-author-query.php 2 years ago disable-login.php 2 months ago disable-restapi.php 2 months ago disable-xmlrpc.php 1 year ago htaccess.php 3 months ago login-log.php 2 months ago login-notification.php 1 year ago rename-login-page.php 3 months ago restrict-admin-page.php 3 months ago server-error-notification.php 2 months ago two-factor-authentication.php 2 months ago unify-messages.php 2 years ago update-notice.php 7 months ago waf-engine.php 3 months ago waf.php 2 months ago
cloudsecure-wp.php
718 lines
1 <?php
2
3 if ( ! defined( 'ABSPATH' ) ) {
4 exit;
5 }
6
7 require_once __DIR__ . '/common.php';
8 require_once __DIR__ . '/config.php';
9 require_once __DIR__ . '/htaccess.php';
10 require_once __DIR__ . '/login-notification.php';
11 require_once __DIR__ . '/disable-login.php';
12 require_once __DIR__ . '/rename-login-page.php';
13 require_once __DIR__ . '/unify-messages.php';
14 require_once __DIR__ . '/restrict-admin-page.php';
15 require_once __DIR__ . '/disable-xmlrpc.php';
16 require_once __DIR__ . '/disable-author-query.php';
17 require_once __DIR__ . '/disable-restapi.php';
18 require_once __DIR__ . '/update-notice.php';
19 require_once __DIR__ . '/captcha.php';
20 require_once __DIR__ . '/../really-simple-captcha/really-simple-captcha.php';
21 require_once __DIR__ . '/lib/class-time-based-one-time-password.php';
22 require_once __DIR__ . '/lib/class-recovery-codes.php';
23 require_once __DIR__ . '/login-log.php';
24 require_once __DIR__ . '/two-factor-authentication.php';
25 require_once __DIR__ . '/server-error-notification.php';
26 require_once __DIR__ . '/lib/class-waf-rules.php';
27 require_once __DIR__ . '/waf-engine.php';
28 require_once __DIR__ . '/waf.php';
29 require_once __DIR__ . '/disable-access-system-file.php';
30 require_once __DIR__ . '/lib/class-disable-access-system-file-rules.php';
31
32 class CloudSecureWP extends CloudSecureWP_Common {
33 private $config;
34 private $htaccess;
35 private $login_notification;
36 private $disable_login;
37 private $rename_login_page;
38 private $unify_messages;
39 private $restrict_admin_page;
40 private $disable_xmlrpc;
41 private $disable_author_query;
42 private $disable_restapi;
43 private $update_notice;
44 private $captcha;
45 private $login_log;
46 private $two_factor_authentication;
47 private $server_error_notification;
48 private $waf;
49 private $disable_access_system_file;
50
51 function __construct( array $info ) {
52 parent::__construct( $info );
53 $this->config = new CloudSecureWP_Config( $info );
54 $this->htaccess = new CloudSecureWP_Htaccess( $info );
55 $this->login_notification = new CloudSecureWP_Login_Notification( $info, $this->config );
56 $this->disable_login = new CloudSecureWP_Disable_Login( $info, $this->config );
57 $this->rename_login_page = new CloudSecureWP_Rename_Login_Page( $info, $this->config, $this->htaccess );
58 $this->unify_messages = new CloudSecureWP_Unify_Messages( $info, $this->config, $this->disable_login );
59 $this->restrict_admin_page = new CloudSecureWP_Restrict_Admin_Page( $info, $this->config, $this->htaccess, $this->disable_login );
60 $this->disable_xmlrpc = new CloudSecureWP_Disable_XMLRPC( $info, $this->config, $this->htaccess );
61 $this->disable_author_query = new CloudSecureWP_Disable_Author_Query( $info, $this->config );
62 $this->disable_restapi = new CloudSecureWP_Disable_RESTAPI( $info, $this->config );
63 $this->update_notice = new CloudSecureWP_Update_Notice( $info, $this->config );
64 $this->captcha = new CloudSecureWP_CAPTCHA( $info, $this->config );
65 $this->login_log = new CloudSecureWP_Login_Log( $info, $this->config, $this->disable_login );
66 $this->two_factor_authentication = new CloudSecureWP_Two_Factor_Authentication( $info, $this->config, $this->disable_login, $this->login_log, $this->disable_xmlrpc );
67 $this->server_error_notification = new CloudSecureWP_Server_Error_Notification( $info, $this->config );
68 $this->waf = new CloudSecureWP_Waf( $info, $this->config );
69 $this->disable_access_system_file = new CloudSecureWP_Disable_Access_System_File( $info, $this->config );
70 }
71
72 /**
73 * プラグイン実行
74 *
75 * @return void
76 */
77 public function run() {
78 if ( ! $this->check_environment() ) {
79 if ( $this->login_notification->is_enabled() ) {
80 $this->login_notification->deactivate();
81 }
82
83 if ( $this->disable_login->is_enabled() ) {
84 $this->disable_login->deactivate();
85 }
86
87 if ( $this->rename_login_page->is_enabled() ) {
88 $this->rename_login_page->deactivate();
89 }
90
91 if ( $this->unify_messages->is_enabled() ) {
92 $this->unify_messages->deactivate();
93 }
94
95 if ( $this->restrict_admin_page->is_enabled() ) {
96 $this->restrict_admin_page->deactivate();
97 }
98
99 if ( $this->disable_xmlrpc->is_enabled() ) {
100 $this->disable_xmlrpc->deactivate();
101 }
102
103 if ( $this->disable_author_query->is_enabled() ) {
104 $this->disable_author_query->deactivate();
105 }
106
107 if ( $this->disable_restapi->is_enabled() ) {
108 $this->disable_restapi->deactivate();
109 }
110
111 if ( $this->update_notice->is_enabled() ) {
112 $this->update_notice->deactivate();
113 }
114
115 if ( $this->captcha->is_enabled() ) {
116 $this->captcha->deactivate();
117 }
118
119 if ( $this->two_factor_authentication->is_enabled() ) {
120 $this->two_factor_authentication->deactivate();
121 }
122
123 if ( $this->server_error_notification->is_enabled() ) {
124 $this->server_error_notification->deactivate();
125 }
126
127 if ( $this->waf->is_enabled() ) {
128 $this->waf->deactivate();
129 }
130
131 if ( $this->disable_access_system_file->is_enabled() ) {
132 $this->disable_access_system_file->deactivate();
133 }
134 } else {
135 if ( $this->waf->is_enabled() ) {
136 add_action( 'plugins_loaded', array( $this->waf, 'waf' ), 10 );
137 }
138
139 if ( $this->server_error_notification->is_enabled() ) {
140 add_filter( 'wp_php_error_args', array( $this->server_error_notification, 'notification' ), 10, 2 );
141 }
142
143 if ( $this->disable_access_system_file->is_enabled() ) {
144 add_action( 'plugins_loaded', array( $this->disable_access_system_file, 'init' ), 11 );
145 }
146
147 add_action( 'wp_login', array( $this->login_log, 'wp_login' ), 1, 1 );
148 add_action( 'wp_login', array( $this->two_factor_authentication, 'cleanup_expired_sessions' ), 2, 0 );
149 add_action( 'xmlrpc_call', array( $this->login_log, 'xmlrpc_call' ), 10 );
150 add_action( 'wp_login_failed', array( $this->login_log, 'wp_login_failed' ), 20, 2 );
151
152 if ( $this->login_notification->is_enabled() ) {
153 add_action( 'wp_login', array( $this->login_notification, 'notification' ), 10, 2 );
154 }
155
156 if ( $this->disable_login->is_enabled() ) {
157 add_filter( 'shake_error_codes', array( $this->disable_login, 'shake_error_codes' ) );
158 add_filter( 'authenticate', array( $this->disable_login, 'authenticate' ), 99, 3 );
159 add_action( 'wp_login_failed', array( $this->disable_login, 'wp_login_failed' ), 10, 2 );
160 }
161
162 if ( $this->rename_login_page->is_enabled() ) {
163 if ( $this->htaccess->setting_tag_exists( $this->rename_login_page->get_feature_key() ) ) {
164 remove_action( 'template_redirect', 'wp_redirect_admin_locations', 1000 );
165 add_action( 'plugins_loaded', array( $this->rename_login_page, 'wp_register_404' ), 10 );
166 add_filter( 'login_init', array( $this->rename_login_page, 'login_init' ), 10, 2 );
167 add_filter( 'site_url', array( $this->rename_login_page, 'site_url' ), 10, 4 );
168 add_filter( 'network_site_url', array( $this->rename_login_page, 'network_site_url' ), 10, 3 );
169 add_filter( 'register', array( $this->rename_login_page, 'register' ), 10, 1 );
170 add_filter( 'wp_redirect', array( $this->rename_login_page, 'wp_redirect' ), 10, 2 );
171 add_filter( 'auth_redirect_scheme', array( $this->rename_login_page, 'auth_redirect_scheme' ), 99, 1 );
172
173 } else {
174 add_action( 'admin_notices', array( $this->rename_login_page, 'admin_notices' ), 10, 0 );
175 $this->rename_login_page->deactivate();
176 }
177 } else {
178 if ( $this->htaccess->setting_tag_exists( $this->rename_login_page->get_feature_key() ) ) {
179 $this->rename_login_page->deactivate();
180 }
181 }
182
183 if ( $this->unify_messages->is_enabled() ) {
184 add_filter( 'login_errors', array( $this->unify_messages, 'login_errors' ), 10, 1 );
185 }
186
187 if ( $this->restrict_admin_page->is_enabled() ) {
188 if ( $this->htaccess->setting_tag_exists( $this->restrict_admin_page->get_feature_key() ) ) {
189 add_action( 'wp_login', array( $this->restrict_admin_page, 'update' ), 1, 2 );
190
191 } else {
192 add_action( 'admin_notices', array( $this->restrict_admin_page, 'admin_notices' ), 10, 0 );
193 $this->restrict_admin_page->deactivate();
194 }
195 } else {
196 if ( $this->htaccess->setting_tag_exists( $this->restrict_admin_page->get_feature_key() ) ) {
197 $this->restrict_admin_page->deactivate();
198 }
199 }
200
201 if ( $this->disable_xmlrpc->is_enabled() ) {
202 if ( $this->disable_xmlrpc->is_pingback_disabled() ) {
203 if ( $this->htaccess->setting_tag_exists( $this->disable_xmlrpc->get_feature_key() ) ) {
204 add_action( 'admin_notices', array( $this->disable_xmlrpc, 'admin_notices' ), 10, 0 );
205 $this->disable_xmlrpc->deactivate();
206 } else {
207 add_filter( 'xmlrpc_methods', array( $this->disable_xmlrpc, 'xmlrpc_methods' ) );
208 }
209 }
210
211 if ( $this->disable_xmlrpc->is_xmlrpc_disabled() ) {
212 if ( ! $this->htaccess->setting_tag_exists( $this->disable_xmlrpc->get_feature_key() ) ) {
213 add_action( 'admin_notices', array( $this->disable_xmlrpc, 'admin_notices' ), 10, 0 );
214 $this->disable_xmlrpc->deactivate();
215 }
216 }
217 } else {
218 if ( $this->htaccess->setting_tag_exists( $this->disable_xmlrpc->get_feature_key() ) ) {
219 $this->disable_xmlrpc->deactivate();
220 }
221 }
222
223 if ( $this->disable_author_query->is_enabled() ) {
224 add_action( 'init', array( $this->disable_author_query, 'init' ) );
225 }
226
227 if ( $this->disable_restapi->is_enabled() ) {
228 add_filter( 'rest_pre_dispatch', array( $this->disable_restapi, 'rest_pre_dispatch' ), 10, 3 );
229 }
230
231 if ( $this->update_notice->is_enabled() ) {
232 $this->update_notice->set_cron();
233 add_action( $this->update_notice->get_cron_key(), array( $this->update_notice, 'update_notice' ) );
234 }
235
236 if ( $this->captcha->is_enabled() && 'xmlrpc.php' !== basename( sanitize_text_field( $_SERVER['SCRIPT_NAME'] ) ) && ! is_admin() ) {
237 add_filter( 'shake_error_codes', array( $this->captcha, 'shake_error_codes' ) );
238
239 if ( $this->captcha->is_login_form_enabled() ) {
240 add_filter( 'login_form', array( $this->captcha, 'login_form' ) );
241 add_action( 'wp_authenticate_user', array( $this->captcha, 'wp_authenticate_user' ), 10, 2 );
242 }
243
244 if ( $this->captcha->is_comment_form_enabled() ) {
245 add_action( 'comment_form_logged_in_after', array( $this->captcha, 'comment_form_default_fields' ), 1 );
246 add_action( 'comment_form_after_fields', array( $this->captcha, 'comment_form_default_fields' ) );
247 add_filter( 'preprocess_comment', array( $this->captcha, 'preprocess_comment' ) );
248 add_action( 'wp_footer', array( $this->captcha, 'comment_captcha_reload_script' ) );
249 }
250
251 if ( $this->captcha->is_lost_password_form_enabled() ) {
252 add_filter( 'lostpassword_form', array( $this->captcha, 'lostpassword_form' ) );
253 add_filter( 'allow_password_reset', array( $this->captcha, 'allow_password_reset' ), 10, 2 );
254 }
255
256 if ( $this->captcha->is_register_form_enabled() ) {
257 add_action( 'register_form', array( $this->captcha, 'register_form' ) );
258 add_action( 'register_post', array( $this->captcha, 'register_post' ), 10, 3 );
259 }
260 }
261
262 if ( $this->two_factor_authentication->is_enabled() ) {
263 // 2段階認証のAJAXハンドラー
264 add_action( 'wp_ajax_cloudsecurewp_generate_key', array( $this->two_factor_authentication, 'ajax_generate_key' ) );
265 add_action( 'wp_ajax_cloudsecurewp_generate_key_and_send_email', array( $this->two_factor_authentication, 'ajax_generate_key_and_send_email' ) );
266 add_action( 'wp_ajax_cloudsecurewp_verify_auth_code', array( $this->two_factor_authentication, 'ajax_verify_auth_code' ) );
267 add_action( 'wp_ajax_cloudsecurewp_generate_recovery_codes', array( $this->two_factor_authentication, 'ajax_generate_recovery_codes' ) );
268 }
269
270 if ( $this->two_factor_authentication->is_enabled() && 'xmlrpc.php' !== basename( sanitize_text_field( $_SERVER['SCRIPT_NAME'] ) ) && ! is_admin() ) {
271 add_action( 'login_init', array( $this->two_factor_authentication, 'restore_rememberme' ), 0, 0 );
272 add_filter( 'authenticate', array( $this->two_factor_authentication, 'restore_login_session' ), 0, 3 );
273 add_filter( 'authenticate', array( $this->two_factor_authentication, 'two_factor_disable_login_check' ), 100, 3 );
274 add_filter( 'authenticate', array( $this->two_factor_authentication, 'authenticate_with_two_factor' ), 101, 3 );
275 add_action( 'wp_login', array( $this->two_factor_authentication, 'redirect_if_not_two_factor_authentication_registered' ), 10, 2 );
276 }
277
278 if ( $this->two_factor_authentication->is_enabled() && $this->two_factor_authentication->is_xmlrpc_login_denied() && 'xmlrpc.php' === basename( sanitize_text_field( $_SERVER['SCRIPT_NAME'] ) ) ) {
279 add_filter( 'authenticate', array( $this->two_factor_authentication, 'deny_xmlrpc_authentication' ), 50, 3 );
280 }
281
282 if ( $this->two_factor_authentication->is_enabled() && is_admin() && current_user_can( 'administrator' ) ) {
283 add_filter( 'manage_users_columns', array( $this->two_factor_authentication, 'add_2factor_state_2user_list' ) );
284 add_action( 'manage_users_custom_column', array( $this->two_factor_authentication, 'show_2factor_state_2user_list' ), 10, 3 );
285 }
286 }
287
288 if ( is_admin() ) {
289 if ( 'cloudsecurewp_rename_login_page' === sanitize_text_field( $_GET['page'] ?? '' ) ) {
290 ob_start();
291 }
292
293 $this->update();
294
295 add_action( 'admin_notices', array( $this->two_factor_authentication, 'admin_notice_148_xmlrpc' ), 1, 0 );
296 add_action( 'wp_ajax_cloudsecurewp_dismiss_notice_148', array( $this->two_factor_authentication, 'ajax_dismiss_notice_148' ) );
297
298 add_action( 'admin_menu', array( $this, 'admin_menu' ) );
299 }
300 }
301
302 /**
303 * プラグイン有効化
304 */
305 public function activate(): void {
306 $this->config->rm();
307 $this->config->set( 'version', $this->info['version'] );
308 $this->config->save();
309
310 $this->login_notification->activate();
311 $this->disable_login->activate();
312 $this->rename_login_page->activate();
313 $this->unify_messages->activate();
314 $this->restrict_admin_page->activate();
315 $this->disable_xmlrpc->activate();
316 $this->disable_author_query->activate();
317 $this->disable_restapi->activate();
318 $this->update_notice->activate();
319 $this->captcha->activate();
320 $this->login_log->activate();
321 $this->two_factor_authentication->activate();
322 $this->server_error_notification->activate();
323 $this->waf->activate();
324 $this->disable_access_system_file->activate();
325 }
326
327 /**
328 * プラグイン無効化
329 */
330 public function deactivate(): void {
331 $this->config->load_option();
332 $this->login_notification->deactivate();
333 $this->disable_login->deactivate();
334 $this->rename_login_page->deactivate();
335 $this->unify_messages->deactivate();
336 $this->restrict_admin_page->deactivate();
337 $this->disable_xmlrpc->deactivate();
338 $this->disable_author_query->deactivate();
339 $this->disable_restapi->deactivate();
340 $this->update_notice->deactivate();
341 $this->captcha->deactivate();
342 $this->two_factor_authentication->deactivate();
343 $this->server_error_notification->deactivate();
344 $this->waf->deactivate();
345 $this->disable_access_system_file->deactivate();
346 }
347
348 /**
349 * admin menuを追加
350 */
351 public function admin_menu(): void {
352 require_once __DIR__ . '/admin/common.php';
353
354 wp_enqueue_style( 'cloudsecurewp', $this->info['plugin_url'] . 'assets/css/style.css', array(), $this->info['version'] );
355
356 $slug = 'cloudsecurewp';
357 add_menu_page( $this->info['plugin_name'], $this->info['plugin_name'], 'manage_options', $slug, array( $this, 'dashboard' ), $this->info['plugin_url'] . 'assets/images/plugin-icon.png?v=2' );
358 add_submenu_page( $slug, 'ダッシュボード', 'ダッシュボード', 'manage_options', $slug, array( $this, 'dashboard' ) );
359 add_submenu_page( $slug, 'ログイン無効化', 'ログイン無効化', 'manage_options', $slug . '_disable_login', array( $this, 'm_disable_login' ) );
360 add_submenu_page( $slug, 'ログインURL変更', 'ログインURL変更', 'manage_options', $slug . '_rename_login_page', array( $this, 'm_rename_login_page' ) );
361 add_submenu_page( $slug, 'ログインエラーメッセージ統一', 'ログインエラーメッセージ統一', 'manage_options', $slug . '_unify_messages', array( $this, 'm_unify_messages' ) );
362 add_submenu_page( $slug, '2段階認証', '2段階認証', 'manage_options', $slug . '_two_factor_authentication', array( $this, 'm_two_factor_authentication' ) );
363 add_submenu_page( $slug, '画像認証追加', '画像認証追加', 'manage_options', $slug . '_captcha', array( $this, 'm_captcha' ) );
364 add_submenu_page( $slug, 'ユーザー名漏えい防止', 'ユーザー名漏えい防止', 'manage_options', $slug . '_disable_author_query', array( $this, 'm_disable_author_query' ) );
365 add_submenu_page( $slug, 'XML-RPC無効化', 'XML-RPC無効化', 'manage_options', $slug . '_disable_xmlrpc', array( $this, 'm_disable_xmlrpc' ) );
366 add_submenu_page( $slug, 'REST API無効化', 'REST API無効化', 'manage_options', $slug . '_disable_restapi', array( $this, 'm_disable_restapi' ) );
367 add_submenu_page( $slug, '管理画面アクセス制限', '管理画面アクセス制限', 'manage_options', $slug . '_restrict_admin_page', array( $this, 'm_restrict_admin_page' ) );
368 add_submenu_page( $slug, '設定ファイルアクセス防止', '設定ファイルアクセス防止', 'manage_options', $slug . '_disable_access_system_file', array( $this, 'm_disable_access_system_file' ) );
369 add_submenu_page( $slug, 'シンプルWAF', 'シンプルWAF', 'manage_options', $slug . '_waf', array( $this, 'm_waf' ) );
370 add_submenu_page( $slug, 'ログイン通知', 'ログイン通知', 'manage_options', $slug . '_login_notification', array( $this, 'm_login_notification' ) );
371 add_submenu_page( $slug, 'アップデート通知', 'アップデート通知', 'manage_options', $slug . '_update_notification', array( $this, 'm_update_notice' ) );
372 add_submenu_page( $slug, 'サーバーエラー通知', 'サーバーエラー通知', 'manage_options', $slug . '_server_error_notification', array( $this, 'm_server_error_notification' ) );
373 add_submenu_page( $slug, 'ログイン履歴', 'ログイン履歴', 'manage_options', $slug . '_login_log', array( $this, 'm_login_log' ) );
374
375 if ( $this->two_factor_authentication->is_enabled_on_screen() ) {
376 add_menu_page( '2段階認証の設定', '2段階認証の設定', 'read', $slug . '_two_factor_authentication_registration', array( $this, 'm_two_factor_authentication_registration' ), 'dashicons-lock', 72 );
377 }
378 }
379
380 /**
381 * ダッシュボードページ
382 *
383 * @return void
384 */
385 public function dashboard(): void {
386 require_once 'admin/dashboard.php';
387
388 $datas = array(
389 $this->login_notification->get_feature_key() => $this->config->get( $this->login_notification->get_feature_key() ),
390 $this->disable_login->get_feature_key() => $this->config->get( $this->disable_login->get_feature_key() ),
391 $this->rename_login_page->get_feature_key() => $this->config->get( $this->rename_login_page->get_feature_key() ),
392 $this->unify_messages->get_feature_key() => $this->config->get( $this->unify_messages->get_feature_key() ),
393 $this->restrict_admin_page->get_feature_key() => $this->config->get( $this->restrict_admin_page->get_feature_key() ),
394 $this->disable_xmlrpc->get_feature_key() => $this->config->get( $this->disable_xmlrpc->get_feature_key() ),
395 $this->disable_author_query->get_feature_key() => $this->config->get( $this->disable_author_query->get_feature_key() ),
396 $this->disable_restapi->get_feature_key() => $this->config->get( $this->disable_restapi->get_feature_key() ),
397 $this->update_notice->get_feature_key() => $this->config->get( $this->update_notice->get_feature_key() ),
398 $this->server_error_notification->get_feature_key() => $this->config->get( $this->server_error_notification->get_feature_key() ),
399 $this->captcha->get_feature_key() => $this->config->get( $this->captcha->get_feature_key() ),
400 $this->two_factor_authentication->get_feature_key() => $this->config->get( $this->two_factor_authentication->get_feature_key() ),
401 $this->waf->get_feature_key() => $this->config->get( $this->waf->get_feature_key() ),
402 $this->disable_access_system_file->get_feature_key() => $this->config->get( $this->disable_access_system_file->get_feature_key() ),
403 );
404
405 new CloudSecureWP_Admin_Dashboard( $this->info, $datas );
406 }
407
408 /**
409 * ログイン通知ページ
410 *
411 * @return void
412 */
413 public function m_login_notification(): void {
414 require_once 'admin/login-notification.php';
415 new CloudSecureWP_Admin_Login_Notification( $this->info, $this->login_notification );
416 }
417
418 /**
419 * ログイン無効化ページ
420 *
421 * @return void
422 */
423 public function m_disable_login(): void {
424 require_once 'admin/disable-login.php';
425 new CloudSecureWP_Admin_Disable_Login( $this->info, $this->disable_login );
426 }
427
428 /**
429 * ログインURL変更
430 *
431 * @return void
432 */
433 public function m_rename_login_page(): void {
434 require_once 'admin/rename-login-page.php';
435 new CloudSecureWP_Admin_Rename_Login_Page( $this->info, $this->rename_login_page );
436 }
437
438 /**
439 * エラーメッセージ単一化機能
440 *
441 * @return void
442 */
443 public function m_unify_messages(): void {
444 require_once 'admin/unify-messages.php';
445 new CloudSecureWP_Admin_Unify_Messages( $this->info, $this->unify_messages );
446 }
447
448 /**
449 * 管理画面アクセス制限
450 *
451 * @return void
452 */
453 public function m_restrict_admin_page(): void {
454 require_once 'admin/restrict-admin-page.php';
455 new CloudSecureWP_Admin_Restrict_Admin_Page( $this->info, $this->restrict_admin_page );
456 }
457
458 /**
459 * XMLRPC無効化
460 *
461 * @return void
462 */
463 public function m_disable_xmlrpc(): void {
464 require_once 'admin/disable-xmlrpc.php';
465 new CloudSecureWP_Admin_Disable_XMLRPC( $this->info, $this->disable_xmlrpc );
466 }
467
468 /**
469 * ユーザー名漏えい防止
470 *
471 * @return void
472 */
473 public function m_disable_author_query(): void {
474 require_once 'admin/disable-author-query.php';
475 new CloudSecureWP_Admin_Disable_Author_Query( $this->info, $this->disable_author_query );
476 }
477
478 /**
479 * REST API無効化
480 *
481 * @return void
482 */
483 public function m_disable_restapi(): void {
484 require_once 'admin/disable-restapi.php';
485 new CloudSecureWP_Admin_Disable_RESTAPI( $this->info, $this->disable_restapi );
486 }
487
488 /**
489 * アップデート通知
490 *
491 * @return void
492 */
493 public function m_update_notice(): void {
494 require_once 'admin/update-notice.php';
495 new CloudSecureWP_Admin_Update_Notice( $this->info, $this->update_notice );
496 }
497
498 /**
499 * 画像認証追加
500 *
501 * @return void
502 */
503 public function m_captcha(): void {
504 require_once 'admin/captcha.php';
505 new CloudSecureWP_Admin_CAPTCHA( $this->info, $this->captcha );
506 }
507
508 /**
509 * ログイン履歴
510 *
511 * @return void
512 */
513 public function m_login_log(): void {
514 require_once 'admin/login-log.php';
515 require_once 'admin/login-log-table.php';
516 new CloudSecureWP_Admin_Login_Log( $this->info, $this->login_log );
517 }
518
519 /**
520 * 2段階認証
521 *
522 * @return void
523 */
524 public function m_two_factor_authentication(): void {
525 require_once 'admin/two-factor-authentication.php';
526 new CloudSecureWP_Admin_Two_Factor_Authentication( $this->info, $this->two_factor_authentication );
527 }
528
529 /**
530 * 2段階認証のデバイス登録
531 *
532 * @return void
533 */
534 public function m_two_factor_authentication_registration(): void {
535 require_once 'admin/two-factor-authentication-registration.php';
536 new CloudSecureWP_Admin_Two_Factor_Authentication_Registration( $this->info, $this->two_factor_authentication );
537 }
538
539 /**
540 * サーバーエラー通知
541 *
542 * @return void
543 */
544 public function m_server_error_notification(): void {
545 require_once 'admin/server-error-notification.php';
546 require_once 'admin/server-error-table.php';
547 new CloudSecureWP_Admin_Server_Error_Notification( $this->info, $this->server_error_notification );
548 }
549
550 /**
551 * シンプルWAF
552 *
553 * @return void
554 */
555 public function m_waf(): void {
556 require_once 'admin/waf.php';
557 require_once 'admin/waf-table.php';
558 new CloudSecureWP_Admin_Waf( $this->info, $this->waf );
559 }
560
561 /**
562 * 設定ファイルアクセス防止
563 *
564 * @return void
565 */
566 public function m_disable_access_system_file(): void {
567 require_once 'admin/disable-access-system-file.php';
568 new CloudSecureWP_Admin_Disable_Access_System_File( $this->info, $this->disable_access_system_file );
569 }
570
571 /**
572 * CLI用のgetterメソッド群
573 * 注意: これらのメソッドはWP-CLI環境でのみ使用されることを想定しています
574 */
575 private function validate_cli_access() {
576 // WP-CLI環境チェック
577 if ( ! defined( 'WP_CLI' ) || ! WP_CLI ) {
578 wp_die( 'Unauthorized access: CLI only' );
579 }
580 }
581
582 public function get_config() {
583 $this->validate_cli_access();
584 return $this->config;
585 }
586
587 public function get_htaccess() {
588 $this->validate_cli_access();
589 return $this->htaccess;
590 }
591
592 public function get_login_notification() {
593 $this->validate_cli_access();
594 return $this->login_notification;
595 }
596
597 public function get_disable_login() {
598 $this->validate_cli_access();
599 return $this->disable_login;
600 }
601
602 public function get_rename_login_page() {
603 $this->validate_cli_access();
604 return $this->rename_login_page;
605 }
606
607 public function get_unify_messages() {
608 $this->validate_cli_access();
609 return $this->unify_messages;
610 }
611
612 public function get_restrict_admin_page() {
613 $this->validate_cli_access();
614 return $this->restrict_admin_page;
615 }
616
617 public function get_disable_xmlrpc() {
618 $this->validate_cli_access();
619 return $this->disable_xmlrpc;
620 }
621
622 public function get_disable_author_query() {
623 $this->validate_cli_access();
624 return $this->disable_author_query;
625 }
626
627 public function get_disable_restapi() {
628 $this->validate_cli_access();
629 return $this->disable_restapi;
630 }
631
632 public function get_update_notice() {
633 $this->validate_cli_access();
634 return $this->update_notice;
635 }
636
637 public function get_captcha() {
638 $this->validate_cli_access();
639 return $this->captcha;
640 }
641
642 public function get_login_log() {
643 $this->validate_cli_access();
644 return $this->login_log;
645 }
646
647 public function get_two_factor_authentication() {
648 $this->validate_cli_access();
649 return $this->two_factor_authentication;
650 }
651
652 public function get_server_error_notification() {
653 $this->validate_cli_access();
654 return $this->server_error_notification;
655 }
656
657 public function get_waf() {
658 $this->validate_cli_access();
659 return $this->waf;
660 }
661
662 public function get_disable_access_system_file() {
663 $this->validate_cli_access();
664 return $this->disable_access_system_file;
665 }
666
667 /**
668 * プラグイン更新時の処理
669 */
670 private function update(): void {
671 $old_version = $this->config->get( 'version' );
672 $now_version = $this->info['version'];
673
674 if ( empty( $old_version ) ) {
675 $old_version = '1.0.0';
676 }
677
678 if ( 0 <= version_compare( $old_version, $now_version ) ) {
679 return;
680 }
681
682 if ( version_compare( $old_version, '1.1.0' ) < 0 ) {
683 $this->two_factor_authentication->activate();
684 $this->server_error_notification->activate();
685 }
686
687 if ( version_compare( $old_version, '1.3.0' ) < 0 ) {
688 $this->waf->activate();
689 $this->disable_access_system_file->activate();
690 }
691
692 if ( version_compare( $old_version, '1.3.7' ) < 0 ) {
693 $this->waf->activate();
694 $this->server_error_notification->activate();
695 }
696
697 if ( version_compare( $old_version, '1.3.24' ) < 0 ) {
698 $this->htaccess->reorganize_plugin_settings_blocks();
699 }
700
701 if ( version_compare( $old_version, '1.4.0' ) < 0 ) {
702 $this->two_factor_authentication->setup_2fa_tables();
703 }
704
705 if ( version_compare( $old_version, '1.4.6' ) < 0 ) {
706 $this->two_factor_authentication->migrate_recovery_codes_to_json();
707 }
708
709 if ( version_compare( $old_version, '1.4.8' ) < 0 ) {
710 $this->two_factor_authentication->migrate_xmlrpc_login_default();
711 $this->two_factor_authentication->send_update_notice();
712 }
713
714 $this->config->set( 'version', $now_version );
715 $this->config->save();
716 }
717 }
718