Rest.php
4 months ago
Rest_Helper.php
4 months ago
Rest_Helper_Activity.php
4 months ago
Rest_Helper_Dashboard.php
4 months ago
Rest_Helper_Login.php
4 months ago
Rest_Helper_Options.php
4 months ago
Rest_Helper_Post_Hack_Actions.php
4 months ago
Rest_Helper_Site_Security.php
4 months ago
Rest_Helper_Site_Security.php
135 lines
| 1 | <?php |
| 2 | namespace SG_Security\Rest; |
| 3 | |
| 4 | use SG_Security\Rest\Rest_Helper_Options; |
| 5 | use SG_Security\Readme_Service\Readme_Service; |
| 6 | use SG_Security\Htaccess_Service\Directory_Service; |
| 7 | use SG_Security\Htaccess_Service\Headers_Service; |
| 8 | use SG_Security\Htaccess_Service\Xmlrpc_Service; |
| 9 | use SG_Security\Message_Service\Message_Service; |
| 10 | use SG_Security\Options_Service\Options_Service; |
| 11 | |
| 12 | /** |
| 13 | * Rest Helper class that manages the site security. |
| 14 | */ |
| 15 | class Rest_Helper_Site_Security extends Rest_Helper { |
| 16 | |
| 17 | /** |
| 18 | * Local variables |
| 19 | * |
| 20 | * @var mixed |
| 21 | */ |
| 22 | public $readme_service; |
| 23 | public $rest_helper_options; |
| 24 | public $directory_service; |
| 25 | public $xmlrpc_service; |
| 26 | |
| 27 | /** |
| 28 | * The constructor. |
| 29 | */ |
| 30 | public function __construct() { |
| 31 | $this->readme_service = new Readme_Service(); |
| 32 | $this->rest_helper_options = new Rest_Helper_Options(); |
| 33 | $this->directory_service = new Directory_Service(); |
| 34 | $this->xmlrpc_service = new Xmlrpc_Service(); |
| 35 | } |
| 36 | |
| 37 | /** |
| 38 | * Locks system folders. |
| 39 | * |
| 40 | * @since 1.0.0 |
| 41 | * |
| 42 | * @param object $request Request data. |
| 43 | */ |
| 44 | public function lock_system_folders( $request ) { |
| 45 | $value = $this->validate_and_get_option_value( $request, 'lock_system_folders' ); |
| 46 | $this->directory_service->toggle_rules( $value ); |
| 47 | |
| 48 | return $this->rest_helper_options->change_option_from_rest( $request, 'lock_system_folders' ); |
| 49 | } |
| 50 | |
| 51 | /** |
| 52 | * Disable the theme/plugins editor. |
| 53 | * |
| 54 | * @since 1.0.0 |
| 55 | * |
| 56 | * @param object $request Request data. |
| 57 | */ |
| 58 | public function disable_editors( $request ) { |
| 59 | return $this->rest_helper_options->change_option_from_rest( $request, 'disable_file_edit' ); |
| 60 | } |
| 61 | |
| 62 | /** |
| 63 | * WP Version Removal |
| 64 | * |
| 65 | * @since 1.0.0 |
| 66 | * |
| 67 | * @param object $request Request data. |
| 68 | */ |
| 69 | public function hide_wp_version( $request ) { |
| 70 | return $this->rest_helper_options->change_option_from_rest( $request, 'wp_remove_version' ); |
| 71 | } |
| 72 | |
| 73 | /** |
| 74 | * Disable XML-RPC |
| 75 | * |
| 76 | * @since 1.0.0 |
| 77 | * |
| 78 | * @param object $request Request data. |
| 79 | */ |
| 80 | public function disable_xml_rpc( $request ) { |
| 81 | $value = $this->validate_and_get_option_value( $request, 'disable_xml_rpc' ); |
| 82 | $result = $this->xmlrpc_service->toggle_rules( $value ); |
| 83 | |
| 84 | if ( false === $result ) { |
| 85 | return self::send_response( |
| 86 | Message_Service::get_response_message( $result, 'disable_xml_rpc', $value ), |
| 87 | $result |
| 88 | ); |
| 89 | } |
| 90 | |
| 91 | return $this->rest_helper_options->change_option_from_rest( $request, 'disable_xml_rpc' ); |
| 92 | } |
| 93 | |
| 94 | /** |
| 95 | * Disable RSS and ATOM Feeds |
| 96 | * |
| 97 | * @since 1.0.0 |
| 98 | * |
| 99 | * @param object $request Request data. |
| 100 | */ |
| 101 | public function disable_feeds( $request ) { |
| 102 | return $this->rest_helper_options->change_option_from_rest( $request, 'disable_feed' ); |
| 103 | } |
| 104 | |
| 105 | /** |
| 106 | * Enable advanced XSS protection. |
| 107 | * |
| 108 | * @since 1.0.0 |
| 109 | * |
| 110 | * @param object $request Request data. |
| 111 | */ |
| 112 | public function xss_protection( $request ) { |
| 113 | return $this->rest_helper_options->change_option_from_rest( $request, 'xss_protection' ); |
| 114 | } |
| 115 | |
| 116 | /** |
| 117 | * Deletes the WP readme. |
| 118 | * |
| 119 | * @since 1.0.0 |
| 120 | */ |
| 121 | public function delete_readme( $request ) { |
| 122 | |
| 123 | // Get and validate value. |
| 124 | $value = $this->validate_and_get_option_value( $request, 'delete_readme' ); |
| 125 | |
| 126 | // If enabling, delete readme on request, continue if not. |
| 127 | if ( 1 === intval( $value ) ) { |
| 128 | $this->readme_service->delete_readme(); |
| 129 | } |
| 130 | |
| 131 | // Change the option in the DB, so that on the next update the hook for deleting the readme is called. |
| 132 | return $this->rest_helper_options->change_option_from_rest( $request, 'delete_readme' ); |
| 133 | } |
| 134 | } |
| 135 |