Example #1
0
function sixscan_backup_comm_req_signature_from_server($req_type, $params, $date, $backup_id, $prev_etag = "")
{
    $req_signature = array();
    $api_token = sixscan_common_get_api_token();
    $site_id = sixscan_common_get_site_id();
    $url = SIXSCAN_BODYGUARD_6SCAN_BACKUP_MPU_SIG_URL . "?site_id=" . $site_id . "&api_token=" . $api_token . "&backup_id=" . $backup_id . "&req_type=" . $req_type . "&date=" . urlencode($date) . "&prev_etag=" . $prev_etag . "&parameters=" . urlencode($params);
    $result = sixscan_common_request_network($url, NULL);
    if (is_wp_error($result) == TRUE) {
        return NULL;
    }
    $result = json_decode(wp_remote_retrieve_body($result));
    $req_signature['url'] = base64_decode(urldecode($result->url));
    $req_signature['signature'] = $result->signature;
    return $req_signature;
}
Example #2
0
function sixscan_send_security_log($site_id, $api_token)
{
    $version_update_url = SIXSCAN_BODYGUARD_6SCAN_UPDATE_LOG_URL . "?site_id=" . $site_id . "&api_token=" . $api_token;
    $log_fname = "../../" . SIXSCAN_SECURITY_LOG_FILENAME;
    /*	Can't write/delete logs without configured FS */
    if (get_option(SIXSCAN_OPTION_WPFS_CONFIG) !== FALSE) {
        return TRUE;
    }
    if (is_file($log_fname) === FALSE) {
        $log_data = "";
    } else {
        $log_data = file_get_contents($log_fname);
        unlink($log_fname);
        if ($log_data === FALSE) {
            $log_data = "";
        }
        #empty
    }
    /*	Get suspicious requests statistics from DB and reset it  */
    $suspicious_request_count = sixscan_signatures_analyzer_requests_get();
    sixscan_signatures_analyzer_requests_reset();
    /* If there are no counter fields in databse, it means we have upgraded from version, which didn't add those fields on install */
    if (array_key_exists(SIXSCAN_OPTION_STAT_SUSPICIOUS_REQ_COUNT, $suspicious_request_count) === false || array_key_exists(SIXSCAN_OPTION_STAT_OK_REQ_COUNT, $suspicious_request_count) === false) {
        update_option(SIXSCAN_OPTION_STAT_SUSPICIOUS_REQ_COUNT, '0');
        update_option(SIXSCAN_OPTION_STAT_OK_REQ_COUNT, '0');
    } else {
        $version_update_url .= "&bad_requests=" . $suspicious_request_count[SIXSCAN_OPTION_STAT_SUSPICIOUS_REQ_COUNT] . "&good_requests=" . $suspicious_request_count[SIXSCAN_OPTION_STAT_OK_REQ_COUNT];
    }
    $response = sixscan_common_request_network($version_update_url, $log_data, "POST");
    if (is_wp_error($response)) {
        return $response->get_error_message();
    }
    return TRUE;
}
Example #3
0
function sixscan_installation_verification_get_page_result($page_url)
{
    $response = sixscan_common_request_network($page_url, "", "GET");
    return wp_remote_retrieve_response_code($response);
}
Example #4
0
function sixscan_signatures_update_get($site_id, $api_token, $current_signature_md5sum = "")
{
    /*	Craft an URL to request new signature */
    $version_update_url = SIXSCAN_BODYGUARD_6SCAN_UPDATE_SIG_URL . "?site_id=" . $site_id . "&api_token=" . $api_token . "&current_sig_md5=" . $current_signature_md5sum;
    /*	Request signatures from the server */
    $response = sixscan_common_request_network($version_update_url, "", "GET");
    if (is_wp_error($response)) {
        return "wp_remote_get() failed : " . $response->get_error_message();
    }
    $response_code = wp_remote_retrieve_response_code($response);
    /*	The signatures do not need an update */
    if (SIXSCAN_UPDATE_LAST_VERSION_RESPONSE_CODE == $response_code) {
        return TRUE;
    }
    $response_data = wp_remote_retrieve_body($response);
    /*	Get the headers , and extract the openssl signature from there */
    $response_headers = wp_remote_retrieve_headers($response);
    /* Check the authenticity of new signatures. have to be signed by 6Scan private key */
    $ssl_check_result = sixscan_signatures_update_check_ssl_signature($response_data, $response_headers);
    if ($ssl_check_result !== TRUE) {
        return $ssl_check_result;
    }
    /*	Server has returned an error */
    if (SIXSCAN_UPDATE_OK_RESPONSE_CODE != $response_code) {
        return "wp_remote_get() returned status code " . $response_code;
    }
    if (sixscan_signatures_init_wp_filesystem($response_headers) == NULL) {
        return "Failed initializing wp_filesystem()";
    }
    /*	OK - we need to update our signatures */
    return sixscan_signatures_update_parse($response_data);
}
Example #5
0
function sixscan_communication_oracle_reg_uninstall($site_id, $api_token)
{
    $request_uninstall_url = SIXSCAN_BODYGUARD_UNINSTALL_ACCOUNT . "?site_id={$site_id}&api_token={$api_token}";
    $response = sixscan_common_request_network($request_uninstall_url, "", "GET");
    return TRUE;
}