/**
* @param wfWAFBlockException $e
* @param int $httpCode
*/
public function blockAction($e, $httpCode = 403)
{
if ($this->isInLearningMode()) {
register_shutdown_function(array($this, 'whitelistFailedRulesIfNot404'));
$this->getStorageEngine()->logAttack($e->getFailedRules(), $e->getParamKey(), $e->getParamValue(), $e->getRequest());
$this->setLearningModeAttackException($e);
} else {
parent::blockAction($e, $httpCode);
}
}
/**
* @param wfWAFBlockException $e
* @param int $httpCode
*/
public function blockAction($e, $httpCode = 403, $redirect = false)
{
if ($this->isInLearningMode() && !$e->getRequest()->getMetadata('finalAction')) {
register_shutdown_function(array($this, 'whitelistFailedRulesIfNot404'));
$this->getStorageEngine()->logAttack($e->getFailedRules(), $e->getParamKey(), $e->getParamValue(), $e->getRequest());
$this->setLearningModeAttackException($e);
} else {
$failedRules = $e->getFailedRules();
if (empty($failedRules)) {
$finalAction = $e->getRequest()->getMetadata('finalAction');
if (is_array($finalAction)) {
$finalAction = $finalAction['action'];
if ($finalAction == wfWAFIPBlocksController::WFWAF_BLOCK_COUNTRY_REDIR) {
$redirect = wfWAFIPBlocksController::currentController()->countryRedirURL();
} else {
if ($finalAction == wfWAFIPBlocksController::WFWAF_BLOCK_COUNTRY_BYPASS_REDIR) {
$redirect = wfWAFIPBlocksController::currentController()->countryBypassRedirURL();
} else {
if ($finalAction == wfWAFIPBlocksController::WFWAF_BLOCK_UAREFIPRANGE) {
wfWAF::getInstance()->getRequest()->setMetadata(array_merge(wfWAF::getInstance()->getRequest()->getMetadata(), array('503Reason' => 'Advanced blocking in effect.', '503Time' => 3600)));
$httpCode = 503;
} else {
if ($finalAction == wfWAFIPBlocksController::WFWAF_BLOCK_COUNTRY) {
wfWAF::getInstance()->getRequest()->setMetadata(array_merge(wfWAF::getInstance()->getRequest()->getMetadata(), array('503Reason' => 'Access from your area has been temporarily limited for security reasons.', '503Time' => 3600)));
$httpCode = 503;
} else {
if (is_string($finalAction) && strlen($finalAction) > 0) {
wfWAF::getInstance()->getRequest()->setMetadata(array_merge(wfWAF::getInstance()->getRequest()->getMetadata(), array('503Reason' => $finalAction, '503Time' => 3600)));
$httpCode = 503;
}
}
}
}
}
}
}
parent::blockAction($e, $httpCode, $redirect);
}
}
/**
* @todo Hook up $httpCode
* @param wfWAFBlockException $e
* @param int $httpCode
*/
public function blockAction($e, $httpCode = 403)
{
$this->getStorageEngine()->logAttack($e->getFailedRules(), $e->getParamKey(), $e->getParamValue(), $e->getRequest());
$this->getStorageEngine()->blockIP($this->getRequest()->getTimestamp(), $this->getRequest()->getIP());
header('HTTP/1.0 403 Forbidden');
exit($this->getBlockedMessage());
}
/**
* @todo Hook up $httpCode
* @param wfWAFBlockException $e
* @param int $httpCode
*/
public function blockAction($e, $httpCode = 403, $redirect = false)
{
$this->getStorageEngine()->logAttack($e->getFailedRules(), $e->getParamKey(), $e->getParamValue(), $e->getRequest(), $e->getRequest()->getMetadata());
$this->getStorageEngine()->blockIP($this->getRequest()->getTimestamp(), $this->getRequest()->getIP());
if ($redirect) {
wfWAFUtils::redirect($redirect);
// exits
}
if ($httpCode == 503) {
wfWAFUtils::statusHeader(503);
if ($secsToGo = $e->getRequest()->getMetadata('503Time')) {
header('Retry-After: ' . $secsToGo);
}
exit($this->getUnavailableMessage($e->getRequest()->getMetadata('503Reason')));
}
header('HTTP/1.0 403 Forbidden');
exit($this->getBlockedMessage());
}
