siteguard-admin-filter.php
1 month ago
siteguard-base.php
2 weeks ago
siteguard-captcha.php
2 weeks ago
siteguard-config.php
10 months ago
siteguard-disable-author-query.php
3 days ago
siteguard-disable-pingback.php
1 month ago
siteguard-disable-xmlrpc.php
1 month ago
siteguard-htaccess.php
2 days ago
siteguard-login-alert.php
1 month ago
siteguard-login-history.php
2 weeks ago
siteguard-login-lock.php
2 weeks ago
siteguard-rename-login.php
3 days ago
siteguard-updates-notify.php
2 weeks ago
siteguard-waf-exclude-rule.php
1 month ago
siteguard-base.php
136 lines
| 1 | <?php |
| 2 | |
| 3 | function siteguard_error_log( $message ) { |
| 4 | // Use PHP's error_log() so logs go to the server-configured destination |
| 5 | // (typically outside the web root) instead of a plugin-directory file |
| 6 | // that would be exposed on Nginx (no .htaccess support). |
| 7 | error_log( '[SiteGuard] ' . $message ); |
| 8 | } |
| 9 | |
| 10 | function siteguard_error_dump( $title, $obj ) { |
| 11 | ob_start(); |
| 12 | var_dump( $obj ); |
| 13 | $msg = ob_get_contents(); |
| 14 | ob_end_clean(); |
| 15 | siteguard_error_log( "$title: $msg" ); |
| 16 | } |
| 17 | |
| 18 | function siteguard_rand( $min = null, $max = null ) { |
| 19 | $ret = 0; |
| 20 | if ( $min === null or $max === null ) { |
| 21 | $ret = mt_rand(); |
| 22 | } else { |
| 23 | $ret = mt_rand( $min, $max ); |
| 24 | } |
| 25 | return $ret; |
| 26 | } |
| 27 | |
| 28 | function siteguard_check_multisite() { |
| 29 | if ( ! is_multisite() ) { |
| 30 | return true; |
| 31 | } |
| 32 | $message = esc_html__( 'This plugin does not support WordPress multisite.', 'siteguard' ); |
| 33 | $error = new WP_Error( 'siteguard', $message ); |
| 34 | return $error; |
| 35 | } |
| 36 | |
| 37 | class SiteGuard_Base { |
| 38 | function __construct() { |
| 39 | } |
| 40 | function is_switch_value( $value ) { |
| 41 | if ( '0' === $value || '1' === $value ) { |
| 42 | return true; |
| 43 | } |
| 44 | return false; |
| 45 | } |
| 46 | function cvt_camma2ret( $value ) { |
| 47 | $result = str_replace( ' ', '', $value ); |
| 48 | return str_replace( ',', "\r\n", $result ); |
| 49 | } |
| 50 | function cvt_ret2camma( $exclude ) { |
| 51 | $result = str_replace( ' ', '', $exclude ); |
| 52 | $result = str_replace( ',', '', $result ); |
| 53 | $result = preg_replace( '/(\r\n){2,}/', "\r\n", $result ); |
| 54 | $result = preg_replace( '/\r\n$/', '', $result ); |
| 55 | $result = str_replace( "\r\n", ',', $result ); |
| 56 | $result = str_replace( "\r", ',', $result ); |
| 57 | return str_replace( "\n", ',', $result ); |
| 58 | } |
| 59 | function check_module( $name, $default = false ) { |
| 60 | return true; |
| 61 | // It does not work WP-CLI |
| 62 | // if ( isset( $_SERVER['SERVER_SOFTWARE'] ) ) { |
| 63 | // return ( strpos( $_SERVER['SERVER_SOFTWARE'], 'Apache' ) !== false || strpos( $_SERVER['SERVER_SOFTWARE'], 'LiteSpeed' ) !== false); |
| 64 | // } else { |
| 65 | // return $default; |
| 66 | // } |
| 67 | |
| 68 | // It does not work in FastCGI well. |
| 69 | // $module = 'mod_' . $name; |
| 70 | // return apache_mod_loaded( $module, $default ); |
| 71 | // if ( function_exists('phpinfo') ) { |
| 72 | // ob_start( ); |
| 73 | // phpinfo(8); |
| 74 | // $phpinfo = ob_get_clean( ); |
| 75 | // if ( false !== strpos( $phpinfo, $module ) ) { |
| 76 | // return true; |
| 77 | // } |
| 78 | // } |
| 79 | // return $default; |
| 80 | } |
| 81 | function is_private_ip( $ip ) { |
| 82 | $private_ips = array( |
| 83 | '10.0.0.0,10.255.255.255', |
| 84 | '172.16.0.0,172.31.255.255', |
| 85 | '192.168.0.0,192.168.255.255', |
| 86 | ); |
| 87 | |
| 88 | $long_ip = ip2long( $ip ); |
| 89 | if ( -1 !== $long_ip && false !== $long_ip ) { |
| 90 | $long_ip = sprintf( '%u', $long_ip ); |
| 91 | foreach ( $private_ips as $private_ip ) { |
| 92 | list( $start, $end ) = explode( ',', $private_ip ); |
| 93 | $long_start = ip2long( $start ); |
| 94 | $long_start = sprintf( '%u', $long_start ); |
| 95 | $long_end = ip2long( $end ); |
| 96 | $long_end = sprintf( '%u', $long_end ); |
| 97 | if ( $long_ip >= $long_start && $long_ip <= $long_end ) { |
| 98 | return true; |
| 99 | } |
| 100 | } |
| 101 | } |
| 102 | return false; |
| 103 | } |
| 104 | function get_server_ip() { |
| 105 | if ( isset( $_SERVER['SERVER_ADDR'] ) ) { |
| 106 | $ip = sanitize_text_field( $_SERVER['SERVER_ADDR'] ); |
| 107 | if ( preg_match( '/^[0-9.:]+$/', $ip ) ) { |
| 108 | return $ip; |
| 109 | } |
| 110 | } |
| 111 | |
| 112 | $host = parse_url( home_url(), PHP_URL_HOST ); |
| 113 | if ( false !== $host && null !== $host ) { |
| 114 | putenv( 'RES_OPTIONS=retrans:1 retry:1 timeout:2 attempts:1' ); |
| 115 | $ip = @gethostbyname( $host ); |
| 116 | if ( $ip !== $host && '127.0.0.1' !== $ip && '::1' !== $ip ) { |
| 117 | if ( preg_match( '/^[0-9.:]+$/', $ip ) ) { |
| 118 | return $ip; |
| 119 | } |
| 120 | } |
| 121 | } |
| 122 | return false; |
| 123 | } |
| 124 | function get_ip() { |
| 125 | if ( |
| 126 | ! isset( $_SERVER['REMOTE_ADDR'] ) |
| 127 | || ! is_string( $_SERVER['REMOTE_ADDR'] ) |
| 128 | || '' === $_SERVER['REMOTE_ADDR'] |
| 129 | ) { |
| 130 | siteguard_error_log( 'Your webserver is misconfigured. REMOTE_ADDR is not set.' ); |
| 131 | return '0.0.0.0'; |
| 132 | } |
| 133 | return sanitize_text_field( $_SERVER['REMOTE_ADDR'] ); |
| 134 | } |
| 135 | } |
| 136 |