siteguard-login-history-table.php
1 month ago
siteguard-menu-admin-filter.php
1 month ago
siteguard-menu-author-query.php
2 weeks ago
siteguard-menu-captcha.php
1 month ago
siteguard-menu-dashboard.php
1 month ago
siteguard-menu-fail-once.php
1 month ago
siteguard-menu-init.php
1 month ago
siteguard-menu-login-alert.php
1 month ago
siteguard-menu-login-history.php
1 month ago
siteguard-menu-login-lock.php
1 month ago
siteguard-menu-protect-xmlrpc.php
1 month ago
siteguard-menu-rename-login.php
2 weeks ago
siteguard-menu-same-error.php
1 month ago
siteguard-menu-updates-notify.php
1 month ago
siteguard-menu-waf-tuning-support.php
1 month ago
siteguard-waf-exclude-rule-table.php
1 month ago
siteguard-menu-waf-tuning-support.php
371 lines
| 1 | <?php |
| 2 | |
| 3 | require_once 'siteguard-waf-exclude-rule-table.php'; |
| 4 | |
| 5 | class SiteGuard_Menu_WAF_Tuning_Support extends SiteGuard_Base { |
| 6 | protected $wp_list_table; |
| 7 | function __construct() { |
| 8 | $this->wp_list_table = new SiteGuard_WAF_Exclude_Rule_Table(); |
| 9 | $this->wp_list_table->prepare_items(); |
| 10 | $this->render_page(); |
| 11 | } |
| 12 | // convert from URL to PATH |
| 13 | function set_filename( $filename ) { |
| 14 | $base = basename( $filename ); |
| 15 | $base = str_replace( '"', '', $base ); |
| 16 | $base = trim( $base ); |
| 17 | $idx = strpos( $base, '?' ); |
| 18 | if ( false !== $idx ) { |
| 19 | return substr( $base, 0, $idx ); |
| 20 | } else { |
| 21 | return $base; |
| 22 | } |
| 23 | } |
| 24 | function htaccess_error() { |
| 25 | echo '<div class="error settings-error"><p><strong>'; |
| 26 | esc_html_e( 'ERROR: Failed to update settings. Please try again.', 'siteguard' ); |
| 27 | echo '</strong></p></div>'; |
| 28 | } |
| 29 | function htaccess_unavailable_error() { |
| 30 | echo '<div class="error settings-error"><p><strong>'; |
| 31 | if ( isset( $_SERVER['SERVER_SOFTWARE'] ) && false !== stripos( $_SERVER['SERVER_SOFTWARE'], 'nginx' ) ) { |
| 32 | esc_html_e( 'ERROR: WAF tuning support is not available on Nginx. This feature edits the .htaccess file used by Apache.', 'siteguard' ); |
| 33 | } elseif ( file_exists( ABSPATH . '.htaccess' ) && ! is_writable( ABSPATH . '.htaccess' ) ) { |
| 34 | esc_html_e( 'ERROR: Cannot enable WAF tuning support because the .htaccess file is not writable.', 'siteguard' ); |
| 35 | } elseif ( ! is_writable( ABSPATH ) ) { |
| 36 | esc_html_e( 'ERROR: Cannot enable WAF tuning support because the WordPress installation directory is not writable.', 'siteguard' ); |
| 37 | } else { |
| 38 | esc_html_e( 'ERROR: Cannot enable WAF tuning support. The .htaccess file appears to be ignored by the server (e.g. AllowOverride is disabled, or mod_rewrite is not loaded).', 'siteguard' ); |
| 39 | } |
| 40 | echo '</strong></p></div>'; |
| 41 | } |
| 42 | function render_page() { |
| 43 | global $siteguard_waf_exclude_rule; |
| 44 | isset( $_GET['action'] ) ? $action = sanitize_text_field( $_GET['action'] ) : $action = 'list'; |
| 45 | if ( 'list' == $action && isset( $_POST['action'] ) ) { |
| 46 | $action = sanitize_text_field( $_POST['action'] ); |
| 47 | } |
| 48 | if ( ! in_array( $action, array( 'list', 'add', 'edit', 'delete' ) ) ) { |
| 49 | $action = 'list'; |
| 50 | } |
| 51 | |
| 52 | $waf_exclude_rule_enable = $siteguard_waf_exclude_rule->get_enable(); |
| 53 | if ( 'edit' == $action && isset( $_GET['rule'] ) ) { |
| 54 | $offset = 0; |
| 55 | $id = intval( sanitize_text_field( $_GET['rule'] ) ); |
| 56 | $rule = $siteguard_waf_exclude_rule->get_rule( $id, $offset ); |
| 57 | if ( false === $rule ) { |
| 58 | $filename = ''; |
| 59 | $sig = ''; |
| 60 | $comment = ''; |
| 61 | } else { |
| 62 | $filename = $rule['filename']; |
| 63 | $sig = $rule['sig']; |
| 64 | $comment = $rule['comment']; |
| 65 | } |
| 66 | } elseif ( 'delete' == $action ) { |
| 67 | if ( isset( $_GET['rule'] ) ) { |
| 68 | $ids = array( $_GET['rule'] ); |
| 69 | } elseif ( isset( $_POST['rule'] ) ) { |
| 70 | $ids = $_POST['rule']; |
| 71 | } else { |
| 72 | $ids = array(); |
| 73 | } |
| 74 | } else { |
| 75 | $filename = ''; |
| 76 | $sig = ''; |
| 77 | $comment = ''; |
| 78 | } |
| 79 | if ( isset( $_POST['update'] ) ) { |
| 80 | $update = sanitize_text_field( $_POST['update'] ); |
| 81 | switch ( $update ) { |
| 82 | case 'add': |
| 83 | if ( check_admin_referer( 'siteguard-menu-waf-tuning-support-add' ) ) { |
| 84 | $error = false; |
| 85 | $errors = siteguard_check_multisite(); |
| 86 | if ( is_wp_error( $errors ) ) { |
| 87 | $error = true; |
| 88 | } |
| 89 | if ( true == $error || ! isset( $_POST['filename'] ) || ! isset( $_POST['sig'] ) || ! isset( $_POST['comment'] ) ) { |
| 90 | // error |
| 91 | if ( true === $error ) { |
| 92 | siteguard_error_log( 'multisite enabled: ' . __FILE__ ); |
| 93 | } |
| 94 | if ( ! isset( $_POST['sig'] ) ) { |
| 95 | siteguard_error_log( 'post value sig not set: ' . __FILE__ ); |
| 96 | } |
| 97 | } else { |
| 98 | $filename = $this->set_filename( stripslashes( sanitize_text_field( $_POST['filename'] ) ) ); |
| 99 | $sig = stripslashes( sanitize_textarea_field( $_POST['sig'] ) ); |
| 100 | $comment = stripslashes( $_POST['comment'] ); |
| 101 | |
| 102 | $errors = $siteguard_waf_exclude_rule->add_rule( $filename, $sig, $comment ); |
| 103 | if ( ! is_wp_error( $errors ) ) { |
| 104 | if ( $waf_exclude_rule_enable ) { |
| 105 | if ( false === $siteguard_waf_exclude_rule->feature_on() ) { |
| 106 | $this->htaccess_error(); |
| 107 | } |
| 108 | } |
| 109 | echo '<div class="updated"><p><strong>' . esc_html__( 'New rule created', 'siteguard' ) . '</strong></p></div>'; |
| 110 | $action = 'list'; |
| 111 | $this->wp_list_table->prepare_items(); |
| 112 | } else { |
| 113 | $action = 'add'; |
| 114 | } |
| 115 | } |
| 116 | } |
| 117 | break; |
| 118 | case 'edit': |
| 119 | if ( check_admin_referer( 'siteguard-menu-waf-tuning-support-edit' ) ) { |
| 120 | if ( ! isset( $_POST['rule'] ) || ! isset( $_POST['filename'] ) || ! isset( $_POST['sig'] ) || ! isset( $_POST['comment'] ) ) { |
| 121 | // error |
| 122 | } else { |
| 123 | $id = sanitize_text_field( $_POST['rule'] ); |
| 124 | $filename = $this->set_filename( stripslashes( sanitize_text_field( $_POST['filename'] ) ) ); |
| 125 | $sig = stripslashes( sanitize_textarea_field( $_POST['sig'] ) ); |
| 126 | $comment = stripslashes( sanitize_text_field( $_POST['comment'] ) ); |
| 127 | $errors = $siteguard_waf_exclude_rule->update_rule( $id, $filename, $sig, $comment ); |
| 128 | if ( ! is_wp_error( $errors ) ) { |
| 129 | if ( $waf_exclude_rule_enable ) { |
| 130 | if ( false === $siteguard_waf_exclude_rule->feature_on() ) { |
| 131 | $this->htaccess_error(); |
| 132 | } |
| 133 | } |
| 134 | echo '<div class="updated"><p><strong>' . esc_html__( 'Rule updated', 'siteguard' ) . '</strong></p></div>'; |
| 135 | $action = 'list'; |
| 136 | $this->wp_list_table->prepare_items(); |
| 137 | } else { |
| 138 | $action = 'edit'; |
| 139 | } |
| 140 | } |
| 141 | } |
| 142 | break; |
| 143 | case 'delete': |
| 144 | if ( check_admin_referer( 'siteguard-menu-waf-tuning-support-delete' ) ) { |
| 145 | if ( ! isset( $_POST['rule'] ) ) { |
| 146 | // error |
| 147 | } else { |
| 148 | $ids = $_POST['rule']; |
| 149 | $siteguard_waf_exclude_rule->delete_rule( $ids ); |
| 150 | if ( $waf_exclude_rule_enable ) { |
| 151 | if ( false === $siteguard_waf_exclude_rule->feature_on() ) { |
| 152 | $this->htaccess_error(); |
| 153 | } |
| 154 | } |
| 155 | echo '<div class="updated"><p><strong>' . esc_html__( 'Rule deleted', 'siteguard' ) . '</strong></p></div>'; |
| 156 | $action = 'list'; |
| 157 | $this->wp_list_table->prepare_items(); |
| 158 | } |
| 159 | } |
| 160 | break; |
| 161 | case 'apply': |
| 162 | if ( isset( $_POST['action'] ) && 'delete' == $_POST['action'] ) { |
| 163 | break; |
| 164 | } |
| 165 | if ( check_admin_referer( 'siteguard-menu-waf-tuning-support-apply' ) ) { |
| 166 | if ( ! isset( $_POST['waf_exclude_rule_enable'] ) ) { |
| 167 | // error |
| 168 | } else { |
| 169 | $error = false; |
| 170 | $errors = siteguard_check_multisite(); |
| 171 | if ( is_wp_error( $errors ) ) { |
| 172 | $error = true; |
| 173 | } |
| 174 | if ( false === $error && '1' === $_POST['waf_exclude_rule_enable'] && false === SiteGuard_Htaccess::test_htaccess() ) { |
| 175 | $error = true; |
| 176 | $siteguard_waf_exclude_rule->set_enable( '0' ); |
| 177 | $siteguard_waf_exclude_rule->feature_off(); |
| 178 | $waf_exclude_rule_enable = '0'; |
| 179 | $this->htaccess_unavailable_error(); |
| 180 | } |
| 181 | if ( false === $error && false === $this->is_switch_value( $_POST['waf_exclude_rule_enable'] ) ) { |
| 182 | echo '<div class="error settings-error"><p><strong>'; |
| 183 | esc_html_e( 'ERROR: Invalid input value.', 'siteguard' ); |
| 184 | echo '</strong></p></div>'; |
| 185 | $error = true; |
| 186 | } |
| 187 | if ( false === $error ) { |
| 188 | $old_waf_exclude_rule_enable = $waf_exclude_rule_enable; |
| 189 | $waf_exclude_rule_enable = sanitize_text_field( $_POST['waf_exclude_rule_enable'] ); |
| 190 | $siteguard_waf_exclude_rule->set_enable( $waf_exclude_rule_enable ); |
| 191 | if ( '1' == $waf_exclude_rule_enable ) { |
| 192 | $result = $siteguard_waf_exclude_rule->feature_on(); |
| 193 | if ( true === $result ) { |
| 194 | echo '<div class="updated"><p><strong>' . esc_html__( 'Rules applied', 'siteguard' ) . '</strong></p></div>'; |
| 195 | } |
| 196 | } else { |
| 197 | $result = $siteguard_waf_exclude_rule->feature_off(); |
| 198 | if ( true === $result ) { |
| 199 | echo '<div class="updated"><p><strong>' . esc_html__( 'Rules removed', 'siteguard' ) . '</strong></p></div>'; |
| 200 | } |
| 201 | } |
| 202 | if ( false === $result ) { |
| 203 | $waf_exclude_rule_enable = $old_waf_exclude_rule_enable; |
| 204 | $siteguard_waf_exclude_rule->set_enable( $waf_exclude_rule_enable ); |
| 205 | $this->htaccess_error(); |
| 206 | } |
| 207 | } |
| 208 | } |
| 209 | } |
| 210 | break; |
| 211 | default: |
| 212 | } |
| 213 | } elseif ( 'delete' == $action ) { |
| 214 | if ( isset( $_GET['rule'] ) ) { |
| 215 | $ids = array( $_GET['rule'] ); |
| 216 | } elseif ( isset( $_POST['rule'] ) ) { |
| 217 | $ids = $_POST['rule']; |
| 218 | } else { |
| 219 | $ids = array(); |
| 220 | } |
| 221 | } |
| 222 | |
| 223 | if ( isset( $errors ) && is_wp_error( $errors ) ) { |
| 224 | ?> |
| 225 | <div class="error"> |
| 226 | <ul> |
| 227 | <?php |
| 228 | foreach ( $errors->get_error_messages() as $err ) { |
| 229 | echo '<li>' . esc_html( $err ) . "</li>\n"; |
| 230 | } |
| 231 | ?> |
| 232 | </ul> |
| 233 | </div> |
| 234 | <?php |
| 235 | } |
| 236 | |
| 237 | echo '<div class="wrap">'; |
| 238 | echo '<img src="' . SITEGUARD_URL_PATH . 'images/sg_wp_plugin_logo_40.png" alt="SiteGuard Logo" />'; |
| 239 | switch ( $action ) { |
| 240 | case 'list': |
| 241 | echo '<h2>' . esc_html__( 'WAF Tuning Support', 'siteguard' ) . ' <a href="?page=siteguard_waf_tuning_support&action=add" class="add-new-h2">' . esc_html__( 'Add New', 'siteguard' ) . '</a></h2>'; |
| 242 | $documentation_link = '<a href="' . esc_url( __( 'https://www.jp-secure.com/siteguard_wp_plugin_en/howto/waf_tuning_support/', 'siteguard' ) ) . '" target="_blank">' . esc_html__( 'online documentation', 'siteguard' ) . '</a>'; |
| 243 | echo '<div class="siteguard-description">' |
| 244 | . sprintf( |
| 245 | /* translators: %1$s: Link to the online documentation. */ |
| 246 | esc_html__( 'See the %1$s.', 'siteguard' ), |
| 247 | $documentation_link |
| 248 | ) |
| 249 | . '</div>'; |
| 250 | ?> |
| 251 | <form name="form1" method="post" action=""> |
| 252 | <table class="form-table"> |
| 253 | <tr> |
| 254 | <th scope="row" colspan="2"> |
| 255 | <ul class="siteguard-radios"> |
| 256 | <li> |
| 257 | <input type="radio" name="waf_exclude_rule_enable" id="waf_exclude_rule_enable_on" value="1" <?php checked( $waf_exclude_rule_enable, '1' ); ?> > |
| 258 | <label for="waf_exclude_rule_enable_on"><?php esc_html_e( 'ON', 'siteguard' ); ?></label> |
| 259 | </li><li> |
| 260 | <input type="radio" name="waf_exclude_rule_enable" id="waf_exclude_rule_enable_off" value="0" <?php checked( $waf_exclude_rule_enable, '0' ); ?> > |
| 261 | <label for="waf_exclude_rule_enable_off"><?php esc_html_e( 'OFF', 'siteguard' ); ?></label> |
| 262 | </li> |
| 263 | </ul> |
| 264 | <?php |
| 265 | $error = siteguard_check_multisite(); |
| 266 | if ( is_wp_error( $error ) ) { |
| 267 | echo '<p class="description">'; |
| 268 | echo esc_html( $error->get_error_message() ); |
| 269 | echo '</p>'; |
| 270 | } |
| 271 | echo '<p class="description">'; |
| 272 | esc_html_e( 'This feature requires WAF (SiteGuard Server Edition) to be installed on the server.', 'siteguard' ); |
| 273 | echo '</p>'; |
| 274 | ?> |
| 275 | </th> |
| 276 | </table> |
| 277 | <?php |
| 278 | $this->wp_list_table->display(); |
| 279 | ?> |
| 280 | <div class="siteguard-description"> |
| 281 | <?php |
| 282 | esc_html_e( |
| 283 | 'If WAF (SiteGuard Server Edition) is installed on the server, it may occasionally block legitimate WordPress actions. Use this tool to create exceptions so those actions work while keeping WAF protection active.', |
| 284 | 'siteguard' |
| 285 | ) |
| 286 | ?> |
| 287 | </div> |
| 288 | <hr /> |
| 289 | <?php |
| 290 | echo '<input type="hidden" name="update" id="update" value="apply">'; |
| 291 | wp_nonce_field( 'siteguard-menu-waf-tuning-support-apply' ); |
| 292 | submit_button( esc_attr__( 'Apply rules', 'siteguard' ) ); |
| 293 | ?> |
| 294 | </form> |
| 295 | <?php |
| 296 | break; |
| 297 | case 'add': |
| 298 | case 'edit': |
| 299 | if ( 'add' == $action ) { |
| 300 | echo '<h2>' . esc_html__( 'Add WAF Exclusion Rule', 'siteguard' ) . '</h2>'; |
| 301 | } else { |
| 302 | echo '<h2>' . esc_html__( 'Edit WAF Exclusion Rule', 'siteguard' ) . '</h2>'; |
| 303 | } |
| 304 | ?> |
| 305 | <form name="form1" method="post" action="<?php echo esc_url( menu_page_url( 'siteguard_waf_tuning_support', false ) ); ?>"> |
| 306 | <table class="form-table"> |
| 307 | <tr> |
| 308 | <th scope="row"><label for="sig"><?php esc_html_e( 'Signature', 'siteguard' ); ?></label></th> |
| 309 | <td> |
| 310 | <textarea name="sig" id="sig" style="width:350px;" rows="5" ><?php echo esc_html( $sig ); ?></textarea> |
| 311 | <p class="description"><?php esc_html_e( 'Enter the detected signature name or signature ID. To specify more than one, enter each one on a separate line.', 'siteguard' ); ?></p> |
| 312 | </td> |
| 313 | </tr> |
| 314 | <tr> |
| 315 | <th scope="row"><label for="filename"><?php esc_html_e( 'Filename (optional)', 'siteguard' ); ?></label></th> |
| 316 | <td> |
| 317 | <input type="text" name="filename" id="filename" value="<?php echo esc_attr( $filename ); ?>" class="regular-text code" > |
| 318 | <p class="description"><?php esc_html_e( 'Enter the target filename. You can also paste the URL path before the question mark (?).', 'siteguard' ); ?></p> |
| 319 | </td> |
| 320 | </tr> |
| 321 | <tr> |
| 322 | <th scope="row"><label for="comment"><?php esc_html_e( 'Comment (optional)', 'siteguard' ); ?></label></th> |
| 323 | <td> |
| 324 | <input type="text" name="comment" id="comment" value="<?php echo esc_attr( $comment ); ?>" class="regular-text" > |
| 325 | </td> |
| 326 | </tr> |
| 327 | </table> |
| 328 | |
| 329 | <hr /> |
| 330 | <?php |
| 331 | if ( 'add' == $action ) { |
| 332 | echo '<input type="hidden" name="update" id="update" value="add">'; |
| 333 | wp_nonce_field( 'siteguard-menu-waf-tuning-support-add' ); |
| 334 | submit_button( esc_attr__( 'Save', 'siteguard' ) ); |
| 335 | } else { |
| 336 | echo '<input type="hidden" name="update" id="update" value="edit">'; |
| 337 | echo '<input type="hidden" name="rule" id="rule" value="' . esc_attr( $id ) . '">'; |
| 338 | wp_nonce_field( 'siteguard-menu-waf-tuning-support-edit' ); |
| 339 | submit_button(); |
| 340 | } |
| 341 | echo '</form>'; |
| 342 | break; |
| 343 | case 'delete': |
| 344 | echo '<h2>' . esc_html__( 'Delete WAF Exclusion Rule', 'siteguard' ) . '</h2>'; |
| 345 | ?> |
| 346 | <form name="form1" method="post" action="<?php echo esc_url( menu_page_url( 'siteguard_waf_tuning_support', false ) ); ?>"> |
| 347 | <?php |
| 348 | echo '<p>' . esc_html( _n( 'You have specified this rule for deletion:', 'You have specified these rules for deletion:', count( $ids ), 'siteguard' ) ) . '</p>'; |
| 349 | $go_delete = 0; |
| 350 | foreach ( $ids as $id ) { |
| 351 | $offset = 0; |
| 352 | $rule = $siteguard_waf_exclude_rule->get_rule( sanitize_text_field( $id ), $offset ); |
| 353 | echo '<input type="hidden" name="rule[]" value="' . esc_attr( $id ) . '" />' . esc_html__( 'Signature', 'siteguard' ) . ' : ' . esc_html__( 'Filename', 'siteguard' ) . ' : ' . esc_html__( 'Comment', 'siteguard' ) . ' [' . esc_html( $rule['sig'] ) . ' : ' . esc_html( $rule['filename'] ) . ' : ' . esc_html( $rule['comment'] ) . "]<br />\n"; |
| 354 | $go_delete = 1; |
| 355 | } |
| 356 | if ( 1 == $go_delete ) { |
| 357 | echo '<input type="hidden" name="update" id="update" value="delete">'; |
| 358 | wp_nonce_field( 'siteguard-menu-waf-tuning-support-delete' ); |
| 359 | submit_button( esc_attr__( 'Confirm Deletion', 'siteguard' ) ); |
| 360 | } else { |
| 361 | echo '<p>' . esc_html__( 'There are no rules selected for deletion.', 'siteguard' ) . '</p>'; |
| 362 | } |
| 363 | echo '</form>'; |
| 364 | break; |
| 365 | } |
| 366 | ?> |
| 367 | </div> |
| 368 | <?php |
| 369 | } |
| 370 | } |
| 371 |