PluginProbe ʕ •ᴥ•ʔ
CloudSecure WP Security / 1.4.9
CloudSecure WP Security v1.4.9
1.4.10 1.4.9 trunk 0.9.0 1.0.2 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.2.7 1.3.1 1.3.10 1.3.11 1.3.12 1.3.13 1.3.14 1.3.15 1.3.16 1.3.17 1.3.18 1.3.19 1.3.2 1.3.20 1.3.21 1.3.22 1.3.23 1.3.24 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.3.9 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8
cloudsecure-wp-security / modules / cloudsecure-wp.php
cloudsecure-wp-security / modules Last commit date
admin 1 month ago cli 2 months ago lib 3 months ago captcha.php 3 months ago cloudsecure-wp.php 1 month ago common.php 2 months ago config.php 2 years ago disable-access-system-file.php 4 months ago disable-author-query.php 2 years ago disable-login.php 2 months ago disable-restapi.php 2 months ago disable-xmlrpc.php 1 year ago htaccess.php 3 months ago login-log.php 2 months ago login-notification.php 1 year ago rename-login-page.php 3 months ago restrict-admin-page.php 3 months ago server-error-notification.php 2 months ago two-factor-authentication.php 1 month ago unify-messages.php 2 years ago update-notice.php 7 months ago waf-engine.php 1 month ago waf.php 1 month ago
cloudsecure-wp.php
724 lines
1 <?php
2
3 if ( ! defined( 'ABSPATH' ) ) {
4 exit;
5 }
6
7 require_once __DIR__ . '/common.php';
8 require_once __DIR__ . '/config.php';
9 require_once __DIR__ . '/htaccess.php';
10 require_once __DIR__ . '/login-notification.php';
11 require_once __DIR__ . '/disable-login.php';
12 require_once __DIR__ . '/rename-login-page.php';
13 require_once __DIR__ . '/unify-messages.php';
14 require_once __DIR__ . '/restrict-admin-page.php';
15 require_once __DIR__ . '/disable-xmlrpc.php';
16 require_once __DIR__ . '/disable-author-query.php';
17 require_once __DIR__ . '/disable-restapi.php';
18 require_once __DIR__ . '/update-notice.php';
19 require_once __DIR__ . '/captcha.php';
20 require_once __DIR__ . '/../really-simple-captcha/really-simple-captcha.php';
21 require_once __DIR__ . '/lib/class-time-based-one-time-password.php';
22 require_once __DIR__ . '/lib/class-recovery-codes.php';
23 require_once __DIR__ . '/login-log.php';
24 require_once __DIR__ . '/two-factor-authentication.php';
25 require_once __DIR__ . '/server-error-notification.php';
26 require_once __DIR__ . '/lib/class-waf-rules.php';
27 require_once __DIR__ . '/waf-engine.php';
28 require_once __DIR__ . '/waf.php';
29 require_once __DIR__ . '/disable-access-system-file.php';
30 require_once __DIR__ . '/lib/class-disable-access-system-file-rules.php';
31
32 class CloudSecureWP extends CloudSecureWP_Common {
33 private $config;
34 private $htaccess;
35 private $login_notification;
36 private $disable_login;
37 private $rename_login_page;
38 private $unify_messages;
39 private $restrict_admin_page;
40 private $disable_xmlrpc;
41 private $disable_author_query;
42 private $disable_restapi;
43 private $update_notice;
44 private $captcha;
45 private $login_log;
46 private $two_factor_authentication;
47 private $server_error_notification;
48 private $waf;
49 private $disable_access_system_file;
50
51 function __construct( array $info ) {
52 parent::__construct( $info );
53 $this->config = new CloudSecureWP_Config( $info );
54 $this->htaccess = new CloudSecureWP_Htaccess( $info );
55 $this->login_notification = new CloudSecureWP_Login_Notification( $info, $this->config );
56 $this->disable_login = new CloudSecureWP_Disable_Login( $info, $this->config );
57 $this->rename_login_page = new CloudSecureWP_Rename_Login_Page( $info, $this->config, $this->htaccess );
58 $this->unify_messages = new CloudSecureWP_Unify_Messages( $info, $this->config, $this->disable_login );
59 $this->restrict_admin_page = new CloudSecureWP_Restrict_Admin_Page( $info, $this->config, $this->htaccess, $this->disable_login );
60 $this->disable_xmlrpc = new CloudSecureWP_Disable_XMLRPC( $info, $this->config, $this->htaccess );
61 $this->disable_author_query = new CloudSecureWP_Disable_Author_Query( $info, $this->config );
62 $this->disable_restapi = new CloudSecureWP_Disable_RESTAPI( $info, $this->config );
63 $this->update_notice = new CloudSecureWP_Update_Notice( $info, $this->config );
64 $this->captcha = new CloudSecureWP_CAPTCHA( $info, $this->config );
65 $this->login_log = new CloudSecureWP_Login_Log( $info, $this->config, $this->disable_login );
66 $this->two_factor_authentication = new CloudSecureWP_Two_Factor_Authentication( $info, $this->config, $this->disable_login, $this->login_log, $this->disable_xmlrpc );
67 $this->server_error_notification = new CloudSecureWP_Server_Error_Notification( $info, $this->config );
68 $this->waf = new CloudSecureWP_Waf( $info, $this->config );
69 $this->disable_access_system_file = new CloudSecureWP_Disable_Access_System_File( $info, $this->config );
70 }
71
72 /**
73 * プラグイン実行
74 *
75 * @return void
76 */
77 public function run() {
78 if ( ! $this->check_environment() ) {
79 if ( $this->login_notification->is_enabled() ) {
80 $this->login_notification->deactivate();
81 }
82
83 if ( $this->disable_login->is_enabled() ) {
84 $this->disable_login->deactivate();
85 }
86
87 if ( $this->rename_login_page->is_enabled() ) {
88 $this->rename_login_page->deactivate();
89 }
90
91 if ( $this->unify_messages->is_enabled() ) {
92 $this->unify_messages->deactivate();
93 }
94
95 if ( $this->restrict_admin_page->is_enabled() ) {
96 $this->restrict_admin_page->deactivate();
97 }
98
99 if ( $this->disable_xmlrpc->is_enabled() ) {
100 $this->disable_xmlrpc->deactivate();
101 }
102
103 if ( $this->disable_author_query->is_enabled() ) {
104 $this->disable_author_query->deactivate();
105 }
106
107 if ( $this->disable_restapi->is_enabled() ) {
108 $this->disable_restapi->deactivate();
109 }
110
111 if ( $this->update_notice->is_enabled() ) {
112 $this->update_notice->deactivate();
113 }
114
115 if ( $this->captcha->is_enabled() ) {
116 $this->captcha->deactivate();
117 }
118
119 if ( $this->two_factor_authentication->is_enabled() ) {
120 $this->two_factor_authentication->deactivate();
121 }
122
123 if ( $this->server_error_notification->is_enabled() ) {
124 $this->server_error_notification->deactivate();
125 }
126
127 if ( $this->waf->is_enabled() ) {
128 $this->waf->deactivate();
129 }
130
131 if ( $this->disable_access_system_file->is_enabled() ) {
132 $this->disable_access_system_file->deactivate();
133 }
134 } else {
135 if ( $this->waf->is_enabled() ) {
136 add_action( 'plugins_loaded', array( $this->waf, 'waf' ), 10 );
137 }
138
139 if ( $this->server_error_notification->is_enabled() ) {
140 add_filter( 'wp_php_error_args', array( $this->server_error_notification, 'notification' ), 10, 2 );
141 }
142
143 if ( $this->disable_access_system_file->is_enabled() ) {
144 add_action( 'plugins_loaded', array( $this->disable_access_system_file, 'init' ), 11 );
145 }
146
147 add_action( 'wp_login', array( $this->login_log, 'wp_login' ), 1, 1 );
148 add_action( 'wp_login', array( $this->two_factor_authentication, 'cleanup_expired_sessions' ), 2, 0 );
149 add_action( 'xmlrpc_call', array( $this->login_log, 'xmlrpc_call' ), 10 );
150 add_action( 'wp_login_failed', array( $this->login_log, 'wp_login_failed' ), 20, 2 );
151
152 if ( $this->login_notification->is_enabled() ) {
153 add_action( 'wp_login', array( $this->login_notification, 'notification' ), 10, 2 );
154 }
155
156 if ( $this->disable_login->is_enabled() ) {
157 add_filter( 'shake_error_codes', array( $this->disable_login, 'shake_error_codes' ) );
158 add_filter( 'authenticate', array( $this->disable_login, 'authenticate' ), 99, 3 );
159 add_action( 'wp_login_failed', array( $this->disable_login, 'wp_login_failed' ), 10, 2 );
160 }
161
162 if ( $this->rename_login_page->is_enabled() ) {
163 if ( $this->htaccess->setting_tag_exists( $this->rename_login_page->get_feature_key() ) ) {
164 remove_action( 'template_redirect', 'wp_redirect_admin_locations', 1000 );
165 add_action( 'plugins_loaded', array( $this->rename_login_page, 'wp_register_404' ), 10 );
166 add_filter( 'login_init', array( $this->rename_login_page, 'login_init' ), 10, 2 );
167 add_filter( 'site_url', array( $this->rename_login_page, 'site_url' ), 10, 4 );
168 add_filter( 'network_site_url', array( $this->rename_login_page, 'network_site_url' ), 10, 3 );
169 add_filter( 'register', array( $this->rename_login_page, 'register' ), 10, 1 );
170 add_filter( 'wp_redirect', array( $this->rename_login_page, 'wp_redirect' ), 10, 2 );
171 add_filter( 'auth_redirect_scheme', array( $this->rename_login_page, 'auth_redirect_scheme' ), 99, 1 );
172
173 } else {
174 add_action( 'admin_notices', array( $this->rename_login_page, 'admin_notices' ), 10, 0 );
175 $this->rename_login_page->deactivate();
176 }
177 } else {
178 if ( $this->htaccess->setting_tag_exists( $this->rename_login_page->get_feature_key() ) ) {
179 $this->rename_login_page->deactivate();
180 }
181 }
182
183 if ( $this->unify_messages->is_enabled() ) {
184 add_filter( 'login_errors', array( $this->unify_messages, 'login_errors' ), 10, 1 );
185 }
186
187 if ( $this->restrict_admin_page->is_enabled() ) {
188 if ( $this->htaccess->setting_tag_exists( $this->restrict_admin_page->get_feature_key() ) ) {
189 add_action( 'wp_login', array( $this->restrict_admin_page, 'update' ), 1, 2 );
190
191 } else {
192 add_action( 'admin_notices', array( $this->restrict_admin_page, 'admin_notices' ), 10, 0 );
193 $this->restrict_admin_page->deactivate();
194 }
195 } else {
196 if ( $this->htaccess->setting_tag_exists( $this->restrict_admin_page->get_feature_key() ) ) {
197 $this->restrict_admin_page->deactivate();
198 }
199 }
200
201 if ( $this->disable_xmlrpc->is_enabled() ) {
202 if ( $this->disable_xmlrpc->is_pingback_disabled() ) {
203 if ( $this->htaccess->setting_tag_exists( $this->disable_xmlrpc->get_feature_key() ) ) {
204 add_action( 'admin_notices', array( $this->disable_xmlrpc, 'admin_notices' ), 10, 0 );
205 $this->disable_xmlrpc->deactivate();
206 } else {
207 add_filter( 'xmlrpc_methods', array( $this->disable_xmlrpc, 'xmlrpc_methods' ) );
208 }
209 }
210
211 if ( $this->disable_xmlrpc->is_xmlrpc_disabled() ) {
212 if ( ! $this->htaccess->setting_tag_exists( $this->disable_xmlrpc->get_feature_key() ) ) {
213 add_action( 'admin_notices', array( $this->disable_xmlrpc, 'admin_notices' ), 10, 0 );
214 $this->disable_xmlrpc->deactivate();
215 }
216 }
217 } else {
218 if ( $this->htaccess->setting_tag_exists( $this->disable_xmlrpc->get_feature_key() ) ) {
219 $this->disable_xmlrpc->deactivate();
220 }
221 }
222
223 if ( $this->disable_author_query->is_enabled() ) {
224 add_action( 'init', array( $this->disable_author_query, 'init' ) );
225 }
226
227 if ( $this->disable_restapi->is_enabled() ) {
228 add_filter( 'rest_pre_dispatch', array( $this->disable_restapi, 'rest_pre_dispatch' ), 10, 3 );
229 }
230
231 if ( $this->update_notice->is_enabled() ) {
232 $this->update_notice->set_cron();
233 add_action( $this->update_notice->get_cron_key(), array( $this->update_notice, 'update_notice' ) );
234 }
235
236 if ( $this->captcha->is_enabled() && 'xmlrpc.php' !== basename( sanitize_text_field( $_SERVER['SCRIPT_NAME'] ) ) && ! is_admin() ) {
237 add_filter( 'shake_error_codes', array( $this->captcha, 'shake_error_codes' ) );
238
239 if ( $this->captcha->is_login_form_enabled() ) {
240 add_filter( 'login_form', array( $this->captcha, 'login_form' ) );
241 add_action( 'wp_authenticate_user', array( $this->captcha, 'wp_authenticate_user' ), 10, 2 );
242 }
243
244 if ( $this->captcha->is_comment_form_enabled() ) {
245 add_action( 'comment_form_logged_in_after', array( $this->captcha, 'comment_form_default_fields' ), 1 );
246 add_action( 'comment_form_after_fields', array( $this->captcha, 'comment_form_default_fields' ) );
247 add_filter( 'preprocess_comment', array( $this->captcha, 'preprocess_comment' ) );
248 add_action( 'wp_footer', array( $this->captcha, 'comment_captcha_reload_script' ) );
249 }
250
251 if ( $this->captcha->is_lost_password_form_enabled() ) {
252 add_filter( 'lostpassword_form', array( $this->captcha, 'lostpassword_form' ) );
253 add_filter( 'allow_password_reset', array( $this->captcha, 'allow_password_reset' ), 10, 2 );
254 }
255
256 if ( $this->captcha->is_register_form_enabled() ) {
257 add_action( 'register_form', array( $this->captcha, 'register_form' ) );
258 add_action( 'register_post', array( $this->captcha, 'register_post' ), 10, 3 );
259 }
260 }
261
262 if ( $this->two_factor_authentication->is_enabled() ) {
263 // 2段階認証のAJAXハンドラー
264 add_action( 'wp_ajax_cloudsecurewp_generate_key', array( $this->two_factor_authentication, 'ajax_generate_key' ) );
265 add_action( 'wp_ajax_cloudsecurewp_generate_key_and_send_email', array( $this->two_factor_authentication, 'ajax_generate_key_and_send_email' ) );
266 add_action( 'wp_ajax_cloudsecurewp_verify_auth_code', array( $this->two_factor_authentication, 'ajax_verify_auth_code' ) );
267 add_action( 'wp_ajax_cloudsecurewp_generate_recovery_codes', array( $this->two_factor_authentication, 'ajax_generate_recovery_codes' ) );
268 }
269
270 if ( $this->two_factor_authentication->is_enabled() && 'xmlrpc.php' !== basename( sanitize_text_field( $_SERVER['SCRIPT_NAME'] ) ) && ! is_admin() ) {
271 // エラーメッセージ表示
272 add_filter( 'wp_login_errors', array( $this->two_factor_authentication, 'filter_login_errors' ), 10, 2 );
273 // id・passの認証
274 add_filter( 'authenticate', array( $this->two_factor_authentication, 'two_factor_disable_login_check' ), 100, 3 );
275 add_filter( 'authenticate', array( $this->two_factor_authentication, 'block_auth_cookies_for_2fa_user' ), PHP_INT_MAX, 3 );
276 add_action( 'set_auth_cookie', array( $this->two_factor_authentication, 'collect_auth_cookie_tokens' ), 10, 1 );
277 add_action( 'set_logged_in_cookie', array( $this->two_factor_authentication, 'collect_auth_cookie_tokens' ), 10, 1 );
278 add_action( 'wp_login', array( $this->two_factor_authentication, 'maybe_show_two_factor_login' ), 0, 2 );
279 // 2FAコードの認証
280 add_action( 'login_form_cloudsecurewp_validate_2fa', array( $this->two_factor_authentication, 'validate_two_factor_login' ) );
281 add_action( 'wp_login', array( $this->two_factor_authentication, 'redirect_if_not_two_factor_authentication_registered' ), 10, 2 );
282 }
283
284 if ( $this->two_factor_authentication->is_enabled() && $this->two_factor_authentication->is_xmlrpc_login_denied() && 'xmlrpc.php' === basename( sanitize_text_field( $_SERVER['SCRIPT_NAME'] ) ) ) {
285 add_filter( 'authenticate', array( $this->two_factor_authentication, 'deny_xmlrpc_authentication' ), 50, 3 );
286 }
287
288 if ( $this->two_factor_authentication->is_enabled() && is_admin() && current_user_can( 'administrator' ) ) {
289 add_filter( 'manage_users_columns', array( $this->two_factor_authentication, 'add_2factor_state_2user_list' ) );
290 add_action( 'manage_users_custom_column', array( $this->two_factor_authentication, 'show_2factor_state_2user_list' ), 10, 3 );
291 }
292 }
293
294 if ( is_admin() ) {
295 if ( 'cloudsecurewp_rename_login_page' === sanitize_text_field( $_GET['page'] ?? '' ) ) {
296 ob_start();
297 }
298
299 $this->update();
300
301 add_action( 'admin_notices', array( $this->two_factor_authentication, 'admin_notice_148_xmlrpc' ), 1, 0 );
302 add_action( 'wp_ajax_cloudsecurewp_dismiss_notice_148', array( $this->two_factor_authentication, 'ajax_dismiss_notice_148' ) );
303
304 add_action( 'admin_menu', array( $this, 'admin_menu' ) );
305 }
306 }
307
308 /**
309 * プラグイン有効化
310 */
311 public function activate(): void {
312 $this->config->rm();
313 $this->config->set( 'version', $this->info['version'] );
314 $this->config->save();
315
316 $this->login_notification->activate();
317 $this->disable_login->activate();
318 $this->rename_login_page->activate();
319 $this->unify_messages->activate();
320 $this->restrict_admin_page->activate();
321 $this->disable_xmlrpc->activate();
322 $this->disable_author_query->activate();
323 $this->disable_restapi->activate();
324 $this->update_notice->activate();
325 $this->captcha->activate();
326 $this->login_log->activate();
327 $this->two_factor_authentication->activate();
328 $this->server_error_notification->activate();
329 $this->waf->activate();
330 $this->disable_access_system_file->activate();
331 }
332
333 /**
334 * プラグイン無効化
335 */
336 public function deactivate(): void {
337 $this->config->load_option();
338 $this->login_notification->deactivate();
339 $this->disable_login->deactivate();
340 $this->rename_login_page->deactivate();
341 $this->unify_messages->deactivate();
342 $this->restrict_admin_page->deactivate();
343 $this->disable_xmlrpc->deactivate();
344 $this->disable_author_query->deactivate();
345 $this->disable_restapi->deactivate();
346 $this->update_notice->deactivate();
347 $this->captcha->deactivate();
348 $this->two_factor_authentication->deactivate();
349 $this->server_error_notification->deactivate();
350 $this->waf->deactivate();
351 $this->disable_access_system_file->deactivate();
352 }
353
354 /**
355 * admin menuを追加
356 */
357 public function admin_menu(): void {
358 require_once __DIR__ . '/admin/common.php';
359
360 wp_enqueue_style( 'cloudsecurewp', $this->info['plugin_url'] . 'assets/css/style.css', array(), $this->info['version'] );
361
362 $slug = 'cloudsecurewp';
363 add_menu_page( $this->info['plugin_name'], $this->info['plugin_name'], 'manage_options', $slug, array( $this, 'dashboard' ), $this->info['plugin_url'] . 'assets/images/plugin-icon.png?v=2' );
364 add_submenu_page( $slug, 'ダッシュボード', 'ダッシュボード', 'manage_options', $slug, array( $this, 'dashboard' ) );
365 add_submenu_page( $slug, 'ログイン無効化', 'ログイン無効化', 'manage_options', $slug . '_disable_login', array( $this, 'm_disable_login' ) );
366 add_submenu_page( $slug, 'ログインURL変更', 'ログインURL変更', 'manage_options', $slug . '_rename_login_page', array( $this, 'm_rename_login_page' ) );
367 add_submenu_page( $slug, 'ログインエラーメッセージ統一', 'ログインエラーメッセージ統一', 'manage_options', $slug . '_unify_messages', array( $this, 'm_unify_messages' ) );
368 add_submenu_page( $slug, '2段階認証', '2段階認証', 'manage_options', $slug . '_two_factor_authentication', array( $this, 'm_two_factor_authentication' ) );
369 add_submenu_page( $slug, '画像認証追加', '画像認証追加', 'manage_options', $slug . '_captcha', array( $this, 'm_captcha' ) );
370 add_submenu_page( $slug, 'ユーザー名漏えい防止', 'ユーザー名漏えい防止', 'manage_options', $slug . '_disable_author_query', array( $this, 'm_disable_author_query' ) );
371 add_submenu_page( $slug, 'XML-RPC無効化', 'XML-RPC無効化', 'manage_options', $slug . '_disable_xmlrpc', array( $this, 'm_disable_xmlrpc' ) );
372 add_submenu_page( $slug, 'REST API無効化', 'REST API無効化', 'manage_options', $slug . '_disable_restapi', array( $this, 'm_disable_restapi' ) );
373 add_submenu_page( $slug, '管理画面アクセス制限', '管理画面アクセス制限', 'manage_options', $slug . '_restrict_admin_page', array( $this, 'm_restrict_admin_page' ) );
374 add_submenu_page( $slug, '設定ファイルアクセス防止', '設定ファイルアクセス防止', 'manage_options', $slug . '_disable_access_system_file', array( $this, 'm_disable_access_system_file' ) );
375 add_submenu_page( $slug, 'シンプルWAF', 'シンプルWAF', 'manage_options', $slug . '_waf', array( $this, 'm_waf' ) );
376 add_submenu_page( $slug, 'ログイン通知', 'ログイン通知', 'manage_options', $slug . '_login_notification', array( $this, 'm_login_notification' ) );
377 add_submenu_page( $slug, 'アップデート通知', 'アップデート通知', 'manage_options', $slug . '_update_notification', array( $this, 'm_update_notice' ) );
378 add_submenu_page( $slug, 'サーバーエラー通知', 'サーバーエラー通知', 'manage_options', $slug . '_server_error_notification', array( $this, 'm_server_error_notification' ) );
379 add_submenu_page( $slug, 'ログイン履歴', 'ログイン履歴', 'manage_options', $slug . '_login_log', array( $this, 'm_login_log' ) );
380
381 if ( $this->two_factor_authentication->is_enabled_on_screen() ) {
382 add_menu_page( '2段階認証の設定', '2段階認証の設定', 'read', $slug . '_two_factor_authentication_registration', array( $this, 'm_two_factor_authentication_registration' ), 'dashicons-lock', 72 );
383 }
384 }
385
386 /**
387 * ダッシュボードページ
388 *
389 * @return void
390 */
391 public function dashboard(): void {
392 require_once 'admin/dashboard.php';
393
394 $datas = array(
395 $this->login_notification->get_feature_key() => $this->config->get( $this->login_notification->get_feature_key() ),
396 $this->disable_login->get_feature_key() => $this->config->get( $this->disable_login->get_feature_key() ),
397 $this->rename_login_page->get_feature_key() => $this->config->get( $this->rename_login_page->get_feature_key() ),
398 $this->unify_messages->get_feature_key() => $this->config->get( $this->unify_messages->get_feature_key() ),
399 $this->restrict_admin_page->get_feature_key() => $this->config->get( $this->restrict_admin_page->get_feature_key() ),
400 $this->disable_xmlrpc->get_feature_key() => $this->config->get( $this->disable_xmlrpc->get_feature_key() ),
401 $this->disable_author_query->get_feature_key() => $this->config->get( $this->disable_author_query->get_feature_key() ),
402 $this->disable_restapi->get_feature_key() => $this->config->get( $this->disable_restapi->get_feature_key() ),
403 $this->update_notice->get_feature_key() => $this->config->get( $this->update_notice->get_feature_key() ),
404 $this->server_error_notification->get_feature_key() => $this->config->get( $this->server_error_notification->get_feature_key() ),
405 $this->captcha->get_feature_key() => $this->config->get( $this->captcha->get_feature_key() ),
406 $this->two_factor_authentication->get_feature_key() => $this->config->get( $this->two_factor_authentication->get_feature_key() ),
407 $this->waf->get_feature_key() => $this->config->get( $this->waf->get_feature_key() ),
408 $this->disable_access_system_file->get_feature_key() => $this->config->get( $this->disable_access_system_file->get_feature_key() ),
409 );
410
411 new CloudSecureWP_Admin_Dashboard( $this->info, $datas );
412 }
413
414 /**
415 * ログイン通知ページ
416 *
417 * @return void
418 */
419 public function m_login_notification(): void {
420 require_once 'admin/login-notification.php';
421 new CloudSecureWP_Admin_Login_Notification( $this->info, $this->login_notification );
422 }
423
424 /**
425 * ログイン無効化ページ
426 *
427 * @return void
428 */
429 public function m_disable_login(): void {
430 require_once 'admin/disable-login.php';
431 new CloudSecureWP_Admin_Disable_Login( $this->info, $this->disable_login );
432 }
433
434 /**
435 * ログインURL変更
436 *
437 * @return void
438 */
439 public function m_rename_login_page(): void {
440 require_once 'admin/rename-login-page.php';
441 new CloudSecureWP_Admin_Rename_Login_Page( $this->info, $this->rename_login_page );
442 }
443
444 /**
445 * エラーメッセージ単一化機能
446 *
447 * @return void
448 */
449 public function m_unify_messages(): void {
450 require_once 'admin/unify-messages.php';
451 new CloudSecureWP_Admin_Unify_Messages( $this->info, $this->unify_messages );
452 }
453
454 /**
455 * 管理画面アクセス制限
456 *
457 * @return void
458 */
459 public function m_restrict_admin_page(): void {
460 require_once 'admin/restrict-admin-page.php';
461 new CloudSecureWP_Admin_Restrict_Admin_Page( $this->info, $this->restrict_admin_page );
462 }
463
464 /**
465 * XMLRPC無効化
466 *
467 * @return void
468 */
469 public function m_disable_xmlrpc(): void {
470 require_once 'admin/disable-xmlrpc.php';
471 new CloudSecureWP_Admin_Disable_XMLRPC( $this->info, $this->disable_xmlrpc );
472 }
473
474 /**
475 * ユーザー名漏えい防止
476 *
477 * @return void
478 */
479 public function m_disable_author_query(): void {
480 require_once 'admin/disable-author-query.php';
481 new CloudSecureWP_Admin_Disable_Author_Query( $this->info, $this->disable_author_query );
482 }
483
484 /**
485 * REST API無効化
486 *
487 * @return void
488 */
489 public function m_disable_restapi(): void {
490 require_once 'admin/disable-restapi.php';
491 new CloudSecureWP_Admin_Disable_RESTAPI( $this->info, $this->disable_restapi );
492 }
493
494 /**
495 * アップデート通知
496 *
497 * @return void
498 */
499 public function m_update_notice(): void {
500 require_once 'admin/update-notice.php';
501 new CloudSecureWP_Admin_Update_Notice( $this->info, $this->update_notice );
502 }
503
504 /**
505 * 画像認証追加
506 *
507 * @return void
508 */
509 public function m_captcha(): void {
510 require_once 'admin/captcha.php';
511 new CloudSecureWP_Admin_CAPTCHA( $this->info, $this->captcha );
512 }
513
514 /**
515 * ログイン履歴
516 *
517 * @return void
518 */
519 public function m_login_log(): void {
520 require_once 'admin/login-log.php';
521 require_once 'admin/login-log-table.php';
522 new CloudSecureWP_Admin_Login_Log( $this->info, $this->login_log );
523 }
524
525 /**
526 * 2段階認証
527 *
528 * @return void
529 */
530 public function m_two_factor_authentication(): void {
531 require_once 'admin/two-factor-authentication.php';
532 new CloudSecureWP_Admin_Two_Factor_Authentication( $this->info, $this->two_factor_authentication );
533 }
534
535 /**
536 * 2段階認証のデバイス登録
537 *
538 * @return void
539 */
540 public function m_two_factor_authentication_registration(): void {
541 require_once 'admin/two-factor-authentication-registration.php';
542 new CloudSecureWP_Admin_Two_Factor_Authentication_Registration( $this->info, $this->two_factor_authentication );
543 }
544
545 /**
546 * サーバーエラー通知
547 *
548 * @return void
549 */
550 public function m_server_error_notification(): void {
551 require_once 'admin/server-error-notification.php';
552 require_once 'admin/server-error-table.php';
553 new CloudSecureWP_Admin_Server_Error_Notification( $this->info, $this->server_error_notification );
554 }
555
556 /**
557 * シンプルWAF
558 *
559 * @return void
560 */
561 public function m_waf(): void {
562 require_once 'admin/waf.php';
563 require_once 'admin/waf-table.php';
564 new CloudSecureWP_Admin_Waf( $this->info, $this->waf );
565 }
566
567 /**
568 * 設定ファイルアクセス防止
569 *
570 * @return void
571 */
572 public function m_disable_access_system_file(): void {
573 require_once 'admin/disable-access-system-file.php';
574 new CloudSecureWP_Admin_Disable_Access_System_File( $this->info, $this->disable_access_system_file );
575 }
576
577 /**
578 * CLI用のgetterメソッド群
579 * 注意: これらのメソッドはWP-CLI環境でのみ使用されることを想定しています
580 */
581 private function validate_cli_access() {
582 // WP-CLI環境チェック
583 if ( ! defined( 'WP_CLI' ) || ! WP_CLI ) {
584 wp_die( 'Unauthorized access: CLI only' );
585 }
586 }
587
588 public function get_config() {
589 $this->validate_cli_access();
590 return $this->config;
591 }
592
593 public function get_htaccess() {
594 $this->validate_cli_access();
595 return $this->htaccess;
596 }
597
598 public function get_login_notification() {
599 $this->validate_cli_access();
600 return $this->login_notification;
601 }
602
603 public function get_disable_login() {
604 $this->validate_cli_access();
605 return $this->disable_login;
606 }
607
608 public function get_rename_login_page() {
609 $this->validate_cli_access();
610 return $this->rename_login_page;
611 }
612
613 public function get_unify_messages() {
614 $this->validate_cli_access();
615 return $this->unify_messages;
616 }
617
618 public function get_restrict_admin_page() {
619 $this->validate_cli_access();
620 return $this->restrict_admin_page;
621 }
622
623 public function get_disable_xmlrpc() {
624 $this->validate_cli_access();
625 return $this->disable_xmlrpc;
626 }
627
628 public function get_disable_author_query() {
629 $this->validate_cli_access();
630 return $this->disable_author_query;
631 }
632
633 public function get_disable_restapi() {
634 $this->validate_cli_access();
635 return $this->disable_restapi;
636 }
637
638 public function get_update_notice() {
639 $this->validate_cli_access();
640 return $this->update_notice;
641 }
642
643 public function get_captcha() {
644 $this->validate_cli_access();
645 return $this->captcha;
646 }
647
648 public function get_login_log() {
649 $this->validate_cli_access();
650 return $this->login_log;
651 }
652
653 public function get_two_factor_authentication() {
654 $this->validate_cli_access();
655 return $this->two_factor_authentication;
656 }
657
658 public function get_server_error_notification() {
659 $this->validate_cli_access();
660 return $this->server_error_notification;
661 }
662
663 public function get_waf() {
664 $this->validate_cli_access();
665 return $this->waf;
666 }
667
668 public function get_disable_access_system_file() {
669 $this->validate_cli_access();
670 return $this->disable_access_system_file;
671 }
672
673 /**
674 * プラグイン更新時の処理
675 */
676 private function update(): void {
677 $old_version = $this->config->get( 'version' );
678 $now_version = $this->info['version'];
679
680 if ( empty( $old_version ) ) {
681 $old_version = '1.0.0';
682 }
683
684 if ( 0 <= version_compare( $old_version, $now_version ) ) {
685 return;
686 }
687
688 if ( version_compare( $old_version, '1.1.0' ) < 0 ) {
689 $this->two_factor_authentication->activate();
690 $this->server_error_notification->activate();
691 }
692
693 if ( version_compare( $old_version, '1.3.0' ) < 0 ) {
694 $this->waf->activate();
695 $this->disable_access_system_file->activate();
696 }
697
698 if ( version_compare( $old_version, '1.3.7' ) < 0 ) {
699 $this->waf->activate();
700 $this->server_error_notification->activate();
701 }
702
703 if ( version_compare( $old_version, '1.3.24' ) < 0 ) {
704 $this->htaccess->reorganize_plugin_settings_blocks();
705 }
706
707 if ( version_compare( $old_version, '1.4.0' ) < 0 ) {
708 $this->two_factor_authentication->setup_2fa_tables();
709 }
710
711 if ( version_compare( $old_version, '1.4.6' ) < 0 ) {
712 $this->two_factor_authentication->migrate_recovery_codes_to_json();
713 }
714
715 if ( version_compare( $old_version, '1.4.8' ) < 0 ) {
716 $this->two_factor_authentication->migrate_xmlrpc_login_default();
717 $this->two_factor_authentication->send_update_notice();
718 }
719
720 $this->config->set( 'version', $now_version );
721 $this->config->save();
722 }
723 }
724