PluginProbe ʕ •ᴥ•ʔ
CloudSecure WP Security / 1.4.9
CloudSecure WP Security v1.4.9
1.4.10 1.4.9 trunk 0.9.0 1.0.2 1.1.0 1.1.1 1.1.2 1.1.3 1.2.0 1.2.1 1.2.2 1.2.3 1.2.4 1.2.5 1.2.6 1.2.7 1.3.1 1.3.10 1.3.11 1.3.12 1.3.13 1.3.14 1.3.15 1.3.16 1.3.17 1.3.18 1.3.19 1.3.2 1.3.20 1.3.21 1.3.22 1.3.23 1.3.24 1.3.3 1.3.4 1.3.5 1.3.6 1.3.7 1.3.8 1.3.9 1.4.0 1.4.1 1.4.2 1.4.3 1.4.4 1.4.5 1.4.6 1.4.7 1.4.8
cloudsecure-wp-security / modules / lib / class-disable-access-system-file-rules.php
cloudsecure-wp-security / modules / lib Last commit date
class-disable-access-system-file-rules.php 11 months ago class-recovery-codes.php 3 months ago class-time-based-one-time-password.php 4 months ago class-waf-rules.php 1 year ago
class-disable-access-system-file-rules.php
101 lines
1 <?php
2
3 if ( ! defined( 'ABSPATH' ) ) {
4 exit;
5 }
6
7 /**
8 * 設定ファイルアクセス防止で使用するルール設定用のクラス
9 */
10 class CloudSecureWP_Disable_Access_System_File_Rules {
11 // ルールの定義
12 private const DISABLE_ACCESS_SYSTEM_FILE_RULES = array(
13 array(
14 'id' => '1000301',
15 'skip' => 1,
16 'skipafter' => '',
17 'chain' => false,
18 'variables' => array( 'request_filename', 'args', 'args_names', 'request_headers', 'xml' ),
19 'remove_variables' => array(),
20 'attack' => '',
21 'regex_pattern' => '\.www_acl|\.htpasswd|\.htaccess|boot\.ini|httpd\.conf|\/etc\/|\.htgroup|global\.asa|\.wwwacl',
22 'transformations' => array( 'htmlentitydecode', 'lowercase' ),
23 ),
24 array(
25 'id' => '1000302',
26 'skip' => 0,
27 'skipafter' => '959005',
28 'chain' => false,
29 'variables' => array(),
30 'remove_variables' => array(),
31 'attack' => '',
32 'regex_pattern' => '',
33 'transformations' => array(),
34 ),
35 array(
36 'id' => '950005',
37 'skip' => 0,
38 'skipafter' => '',
39 'chain' => false,
40 'variables' => array( 'request_filename', 'args', 'args_names' ),
41 'remove_variables' => array(),
42 'attack' => 1,
43 'regex_pattern' => '(?:\b(?:\.(?:ht(?:access|passwd|group)|www_?acl)|global\.asa|httpd\.conf|boot\.ini)\b|\/etc\/)',
44 'transformations' => array( 'htmlentitydecode', 'lowercase' ),
45 ),
46 array(
47 'id' => '959005',
48 'skip' => 0,
49 'skipafter' => '',
50 'chain' => false,
51 'variables' => array( 'request_headers', 'xml' ),
52 'remove_variables' => array(),
53 'attack' => 1,
54 'regex_pattern' => '(?:\b(?:\.(?:ht(?:access|passwd|group)|www_?acl)|global\.asa|httpd\.conf|boot\.ini)\b|\/etc\/)',
55 'transformations' => array( 'htmlentitydecode', 'lowercase' ),
56 ),
57 array(
58 'id' => 'n101001',
59 'skip' => 0,
60 'skipafter' => '',
61 'chain' => false,
62 'variables' => array( 'request_filename' ),
63 'remove_variables' => array(),
64 'attack' => 1,
65 'regex_pattern' => '(\.env|\.git)',
66 'transformations' => array( 'htmlentitydecode', 'lowercase' ),
67 ),
68 array(
69 'id' => 'n102001',
70 'skip' => 0,
71 'skipafter' => '',
72 'chain' => false,
73 'variables' => array( 'request_filename' ),
74 'remove_variables' => array(),
75 'attack' => 1,
76 'regex_pattern' => 'wp-config\.php',
77 'transformations' => array( 'htmlentitydecode', 'lowercase' ),
78 ),
79 );
80
81 private const LOCATIONMATCH_RULES = array();
82
83 /**
84 * ルールの取得
85 *
86 * @return array
87 */
88 public function get_waf_rules(): array {
89 return self::DISABLE_ACCESS_SYSTEM_FILE_RULES;
90 }
91
92 /**
93 * LocationMatchルールの取得
94 *
95 * @return array
96 */
97 public function get_locationmatch_rules(): array {
98 return self::LOCATIONMATCH_RULES;
99 }
100 }
101