Beispiel #1
0
/**
 * Check whether the rules in a htaccess file are the default options generated
 * by WordPress or if the file has custom options added by other Plugins.
 *
 * @param  string  $rules Optional parameter containing a text string with the content of the main htaccess file.
 * @return boolean        Either TRUE or FALSE if the rules found in the htaccess file specified are the default ones or not.
 */
function sucuriscan_htaccess_is_standard($rules = false)
{
    if ($rules === false) {
        $htaccess_path = SucuriScan::get_htaccess_path();
        $rules = $htaccess_path ? file_get_contents($htaccess_path) : '';
    }
    if (!empty($rules)) {
        $standard_lines = array('# BEGIN WordPress', '<IfModule mod_rewrite\\.c>', 'RewriteEngine On', 'RewriteBase \\/', 'RewriteRule .index.\\.php. - \\[L\\]', 'RewriteCond %\\{REQUEST_FILENAME\\} \\!-f', 'RewriteCond %\\{REQUEST_FILENAME\\} \\!-d', 'RewriteRule \\. \\/index\\.php \\[L\\]', '<\\/IfModule>', '# END WordPress');
        $pattern = '';
        $standard_lines_total = count($standard_lines);
        foreach ($standard_lines as $i => $line) {
            if ($i < $standard_lines_total - 1) {
                $end_of_line = "\n";
            } else {
                $end_of_line = '';
            }
            $pattern .= sprintf('%s%s', $line, $end_of_line);
        }
        if (preg_match("/{$pattern}/", $rules)) {
            return true;
        }
    }
    return false;
}
Beispiel #2
0
/**
 * Check if the standard rules for a normal WordPress installation (not network
 * based) are inside the main htaccess file. This only applies to websites that
 * have permalinks enabled, or 3rd-party plugins that require custom rules
 * (generally based on mod_deflate) to compress and/or generate static files for
 * cache.
 *
 * @param  string  $rules Content of the main htaccess file.
 * @return boolean        True if the htaccess has the standard rules, false otherwise.
 */
function sucuriscan_htaccess_is_standard($rules = false)
{
    if ($rules === false) {
        $rules = '';
        $htaccess_path = SucuriScan::get_htaccess_path();
        if ($htaccess_path) {
            $rules = @file_get_contents($htaccess_path);
        }
    }
    if (is_string($rules) && !empty($rules)) {
        $rewrite = new WP_Rewrite();
        $standard = $rewrite->mod_rewrite_rules();
        return (bool) (strpos($rules, $standard) !== false);
    }
    return false;
}