menu_rangeBlocking.php — Wordfence Security – Firewall, Malware Scan, and Login Security 6.1.15

wordfence / lib / menu_rangeBlocking.php

wordfence / lib Last commit date

menu_rangeBlocking.php

105 lines

1	<div class="wordfenceModeElem" id="wordfenceMode_rangeBlocking"></div>
2	<div class="wrap" id="paidWrap">
3	<?php require('menuHeader.php'); ?>
4	<?php $helpLink="http://docs.wordfence.com/en/Advanced_Blocking"; $helpLabel="Learn more about Advanced Blocking"; $pageTitle = "Advanced Blocking"; include('pageTitle.php'); ?>
5	<div class="wordfenceWrap" style="margin: 20px 20px 20px 30px;">
6	<p>
7	<?php if(! wfConfig::get('firewallEnabled')){ ?><div style="color: #F00; font-weight: bold;">Rate limiting rules and advanced blocking are disabled. You can enable it on the <a href="admin.php?page=WordfenceSecOpt">Wordfence Options page</a> at the top.</div><br /><?php } ?>
8	<table class="wfConfigForm">
9	<tr><th>IP address range:</th><td><input id="ipRange" type="text" size="30" maxlength="255" value="<?php
10	if( isset( $_GET['wfBlockRange'] ) && preg_match('/^[\da-f\.\s\t\-:]+$/i', $_GET['wfBlockRange']) ){ echo wp_kses($_GET['wfBlockRange'], array()); }
11	?>" onkeyup="WFAD.calcRangeTotal();"> <span id="wfShowRangeTotal"></span></td></tr>
12	<tr><td></td><td style="padding-bottom: 15px;"><strong>Examples:</strong> 192.168.200.200 - 192.168.200.220</td></tr>
13	<tr><th>Hostname:</th><td><input id="hostname" type="text" size="30" maxlength="255" value="<?php
14	if( isset( $_GET['wfBlockHostname'] ) ){ echo esc_attr($_GET['wfBlockHostname']); }
15	?>" onkeyup="WFAD.calcRangeTotal();"> <span id="wfShowRangeTotal"></span></td></tr>
16	<tr><td><em class="small">
17	Using this setting will make a DNS query<br>
18	per unique IP address (per visitor),<br>
19	and can add additional load. High traffic<br> sites may not want to use this feature.</em>
20	</td><td style="padding-bottom: 15px;vertical-align: top;"><strong>Examples:</strong> .amazonaws.com, .linode.com</td></tr>
21	<tr><th>User-Agent (browser) that matches:</th><td><input id="uaRange" type="text" size="30" maxlength="255" > (Case insensitive)</td></tr>
22	<tr><td></td><td style="padding-bottom: 15px;"><strong>Examples:</strong> badRobot, AnotherBadRobot, someBrowserSuffix</td></tr>
23	<tr><th>Referer (website visitor arrived from) that matches:</th><td><input id="wfreferer" type="text" size="30" maxlength="255" > (Case insensitive)</td></tr>
24	<tr><td></td><td style="padding-bottom: 15px;"><strong>Examples:</strong> badWebsite, AnotherBadWebsite, someWebsiteSuffix</td></tr>
25	<tr><th>Enter a reason you're blocking this visitor pattern:</th><td><input id="wfReason" type="text" size="30" maxlength="255"></td></tr>
26	<tr><td></td><td style="padding-bottom: 15px;"><strong>Why a reason:</strong> The reason you specify above is for your own record keeping.</td></tr>
27	<tr><td colspan="2" style="padding-top: 15px;">
28	<input type="button" name="but3" class="button-primary" value="Block Visitors Matching this Pattern" onclick="WFAD.blockIPUARange(jQuery('#ipRange').val(), jQuery('#hostname').val(), jQuery('#uaRange').val(), jQuery('#wfreferer').val(), jQuery('#wfReason').val()); return false;" />
29	</td></tr>
30	</table>
31	</p>
32	<p>
33	<h2>Current list of ranges and patterns you've blocked</h2>
34	<div id="currentBlocks"></div>
35	</p>
36	</div>
37	</div>
38	<script type="text/x-jquery-template" id="wfBlockedRangesTmpl">
39	<div>
40	<div style="padding-bottom: 10px; margin-bottom: 10px;">
41	<table border="0" style="width: 100%" class="block-ranges-table">
42	{{each(idx, elem) results}}
43	<tr><td>
44	{{if patternDisabled}}
45	<div style="width: 500px; margin-top: 20px;">
46	<span style="color: #F00;">Pattern Below has been DISABLED:</span> Falcon engine does not support advanced blocks that include combinations of IP range, browser pattern and referring website. You can only specify one of the three in patterns when using Falcon.
47	</div>
48	<div style="color: #AAA;">
49	{{/if}}
50	<div>
51	<strong>IP Range:</strong> ${ipPattern}
52	</div>
53	<div>
54	<strong>Hostname:</strong> ${hostnamePattern}
55	</div>
56	<div>
57	<strong>Browser Pattern:</strong> ${browserPattern}
58	</div>
59	<div>
60	<strong>Source website:</strong> ${refererPattern}
61	</div>
62	<div>
63	<strong>Reason:</strong> ${reason}
64	</div>
65	<div><a href="#" onclick="WFAD.unblockRange('${id}'); return false;">Delete this blocking pattern</a></div>
66	{{if patternDisabled}}
67	</div>
68	{{/if}}
69	</td>
70	<td style="color: #999;">
71	<ul>
72	<li>${totalBlocked} blocked hits</li>
73	{{if lastBlockedAgo}}
74	<li>Last blocked: ${lastBlockedAgo}</li>
75	{{/if}}
76	</ul>
77	</td></tr>
78	{{/each}}
79	</table>
80	</div>
81	</div>
82	</script>
83	<script type="text/x-jquery-template" id="wfWelcomeContentRangeBlocking">
84	<div>
85	<h3>Block Networks & Browsers</h3>
86	<strong><p>Easily block advanced attacks</p></strong>
87	<p>
88	Advanced Blocking is a new feature in Wordfence that lets you block whole networks and certain types of web browsers.
89	You'll sometimes find a smart attacker will change their IP address frequently to make it harder to identify and block
90	the attack. Usually those attackers stick to a certain network or IP address range.
91	Wordfence lets you block entire networks using Advanced blocking to easily defeat advanced attacks.
92	</p>
93	<p>
94	You may also find an attacker that is identifying themselves as a certain kind of web browser that your
95	normal visitors don't use. You can use our User-Agent or Browser ID blocking feature to easily block
96	attacks like this.
97	</p>
98	<p>
99	You can also block any combination of network address range and User-Agent by specifying both in Wordfence Advanced Blocking.
100	As always we keep track of how many attacks have been blocked and when the last attack occured so that you know
101	when it's safe to remove the blocking rule.
102	</p>
103	</div>
104	</script>
105