protected function checkSecurityLevel() { if (!CSecurityFilter::IsActive()) { $this->addUnformattedDetailError("SECURITY_SITE_CHECKER_WAF_OFF", CSecurityCriticalLevel::HIGHT); } if (self::AdminPolicyLevel() != "high") { $this->addUnformattedDetailError("SECURITY_SITE_CHECKER_ADMIN_SECURITY_LEVEL", CSecurityCriticalLevel::HIGHT); } }
/** * @param bool $bActive */ public static function SetActive($bActive = false) { if ($bActive) { if (!CSecurityFilter::IsActive()) { registerModuleDependences("main", "OnBeforeProlog", "security", "CSecurityFilter", "OnBeforeProlog", "5"); registerModuleDependences("main", "OnEndBufferContent", "security", "CSecurityXSSDetect", "OnEndBufferContent", 9999); } } else { if (CSecurityFilter::IsActive()) { unregisterModuleDependences("main", "OnBeforeProlog", "security", "CSecurityFilter", "OnBeforeProlog"); unregisterModuleDependences("main", "OnEndBufferContent", "security", "CSecurityXSSDetect", "OnEndBufferContent"); } } }
protected function checkSecurityLevel() { /** @global CDataBase $DB */ global $DB; if (!CSecurityFilter::IsActive()) { $this->addUnformattedDetailError("SECURITY_SITE_CHECKER_WAF_OFF", CSecurityCriticalLevel::HIGHT); } if (self::AdminPolicyLevel() != "high") { $this->addUnformattedDetailError("SECURITY_SITE_CHECKER_ADMIN_SECURITY_LEVEL", CSecurityCriticalLevel::HIGHT); } $validErrorReporting = E_COMPILE_ERROR | E_ERROR | E_CORE_ERROR | E_PARSE; if (COption::GetOptionInt("main", "error_reporting", $validErrorReporting) != $validErrorReporting && COption::GetOptionString("main", "error_reporting", "") != "") { $this->addUnformattedDetailError("SECURITY_SITE_CHECKER_ERROR_REPORTING", CSecurityCriticalLevel::MIDDLE); } if ($DB->debug) { $this->addUnformattedDetailError("SECURITY_SITE_CHECKER_DB_DEBUG", CSecurityCriticalLevel::HIGHT); } }
protected function checkSecurityLevel() { $isFailed = false; if (!CSecurityFilter::IsActive()) { $this->addUnformattedDetailError("SECURITY_SITE_CHECKER_WAF_OFF", CSecurityCriticalLevel::HIGHT); $isFailed = true; } if (!CSecurityRedirect::IsActive()) { $this->addUnformattedDetailError("SECURITY_SITE_CHECKER_REDIRECT_OFF", CSecurityCriticalLevel::MIDDLE); $isFailed = true; } if (self::AdminPolicyLevel() != "high") { $this->addUnformattedDetailError("SECURITY_SITE_CHECKER_ADMIN_SECURITY_LEVEL", CSecurityCriticalLevel::HIGHT); $isFailed = true; } if ($isFailed) { return self::STATUS_FAILED; } else { return self::STATUS_PASSED; } }
" enctype="multipart/form-data" name="editform"> <?php echo bitrix_sessid_post(); ?> <input type="hidden" name="lang" value="<?php echo LANG; ?> "> <?php $tabControl->Begin(); $tabControl->BeginNextTab(); ?> <tr> <td colspan="2" align="left"> <?php if (CSecurityFilter::IsActive()) { ?> <input type="hidden" name="filter_active" value="N"> <input type="submit" name="filter_siteb" value="<?php echo GetMessage("SEC_FILTER_BUTTON_OFF"); ?> "<?php if (!$canWrite) { echo " disabled"; } ?> > <?php } else { ?> <input type="hidden" name="filter_active" value="Y">
$criticalResultsCount = CSecuritySiteChecker::calculateCriticalResults($lastResults); } else { $criticalResultsCount = 0; } if (isset($lastTestingInfo["test_date"])) { $lastDate = $lastTestingInfo["test_date"]; } else { $lastDate = GetMessage("SEC_PANEL_SCANNER_NEVER_START"); } $data['scanner']['ITEMS'][] = array("KPI_NAME" => GetMessage("SEC_PANEL_SCANNER_LAST_SCAN"), "KPI_VALUE" => $lastDate, "KPI_RECOMMENDATION" => !CSecuritySiteChecker::isNewTestNeeded() ? ' ' : ($USER->isAdmin() ? '<a href="security_scanner.php?lang=' . LANGUAGE_ID . '&return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '">' . GetMessage("SEC_PANEL_SCANNER_RUN") . '</a>' : GetMessage("SEC_PANEL_SCANNER_RUN"))); $data['scanner']['ITEMS'][] = array("KPI_NAME" => GetMessage("SEC_PANEL_SCANNER_PROBLEM_COUNT"), "KPI_VALUE" => count($lastResults), "KPI_RECOMMENDATION" => count($lastResults) <= 0 ? ' ' : ($USER->isAdmin() ? '<a href="security_scanner.php?lang=' . LANGUAGE_ID . '&return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '">' . GetMessage("SEC_PANEL_SCANNER_FIX_IT") . '</a>' : GetMessage("SEC_PANEL_SCANNER_FIX_IT"))); $data['scanner']['ITEMS'][] = array("KPI_NAME" => GetMessage("SEC_PANEL_SCANNER_CRITICAL_PROBLEM_COUNT"), "KPI_VALUE" => $criticalResultsCount, "KPI_RECOMMENDATION" => $criticalResultsCount <= 0 ? ' ' : ($USER->isAdmin() ? '<a href="security_scanner.php?lang=' . LANGUAGE_ID . '&return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '">' . GetMessage("SEC_PANEL_SCANNER_FIX_IT") . '</a>' : GetMessage("SEC_PANEL_SCANNER_FIX_IT"))); unset($lastTestingInfo); unset($lastResults); unset($criticalResultsCount); $bSecurityFilter = CSecurityFilter::IsActive(); $data['std']['ITEMS'][] = array("IS_OK" => $bSecurityFilter, "KPI_NAME" => GetMessage("SEC_PANEL_FILTER_NAME"), "KPI_VALUE" => $bSecurityFilter ? GetMessage("SEC_PANEL_FILTER_VALUE_ON") : GetMessage("SEC_PANEL_FILTER_VALUE_OFF"), "KPI_RECOMMENDATION" => $bSecurityFilter ? ' ' : ($USER->CanDoOperation('security_filter_settings_write') ? '<a href="security_filter.php?lang=' . LANGUAGE_ID . '&return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '">' . GetMessage("SEC_PANEL_FILTER_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_FILTER_RECOMMENDATION"))); $rsSecurityFilterExclMask = CSecurityFilterMask::GetList(); if ($rsSecurityFilterExclMask->Fetch()) { $bSecurityFilterExcl = true; } else { $bSecurityFilterExcl = false; } $data['std']['ITEMS'][] = array("IS_OK" => !$bSecurityFilterExcl, "KPI_NAME" => GetMessage("SEC_PANEL_FILTER_EXCL_NAME"), "KPI_VALUE" => $bSecurityFilterExcl ? GetMessage("SEC_PANEL_FILTER_EXCL_VALUE_ON") : GetMessage("SEC_PANEL_FILTER_EXCL_VALUE_OFF"), "KPI_RECOMMENDATION" => !$bSecurityFilterExcl ? ' ' : ($USER->CanDoOperation('security_filter_settings_write') ? '<a href="security_filter.php?lang=' . LANGUAGE_ID . '&return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '&tabControl_active_tab=exceptions">' . GetMessage("SEC_PANEL_FILTER_EXCL_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_FILTER_EXCL_RECOMMENDATION"))); $days = COption::GetOptionInt("main", "event_log_cleanup_days", 7); if ($days > 7) { $days = 7; } $cntLog = 0; $rsLog = CEventLog::GetList(array(), array("TIMESTAMP_X_1" => ConvertTimeStamp(time() - $days * 24 * 3600 + CTimeZone::GetOffset(), "FULL"), "AUDIT_TYPE_ID" => "SECURITY_FILTER_SQL|SECURITY_FILTER_XSS|SECURITY_FILTER_XSS2|SECURITY_FILTER_PHP|SECURITY_REDIRECT")); while ($rsLog->Fetch()) {
function CheckSecurity($arParams) { global $DB; $err = 1; $arResult['STATUS'] = false; switch ($arParams["ACTION"]) { case "SECURITY_LEVEL": if (IsModuleInstalled("security")) { if ($arMask = CSecurityFilterMask::GetList()->Fetch()) $arMessage.= $err++.". ".GetMessage("CL_FILTER_EXEPTION_FOUND")."\n"; if(!CSecurityFilter::IsActive()) $arMessage.=$err++.". ".GetMessage("CL_FILTER_NON_ACTIVE")."\n"; if(COption::GetOptionString("main", "captcha_registration", "N") == "N") $arMessage.=$err++.". ".GetMessage("CL_CAPTCHA_NOT_USE")."\n"; if (CCheckListTools::AdminPolicyLevel() != "high") $arMessage.=$err++.". ".GetMessage("CL_ADMIN_SECURITY_LEVEL")."\n"; if (COption::GetOptionInt("main", "error_reporting", E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR|E_PARSE) != (E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR|E_PARSE) && COption::GetOptionString("main","error_reporting","") != 0) $arMessage.=$err++.". ".GetMessage("CL_ERROR_REPORTING_LEVEL")."\n"; if($DB->debug) $arMessage.=$err++.". ".GetMessage("CL_DBDEBUG_TURN_ON")."\n"; if ($arMessage) { $arResult["STATUS"] = false; $arResult["MESSAGE"]=Array( "PREVIEW"=>GetMessage("CL_MIN_LEVEL_SECURITY"), "DETAIL"=>GetMessage("CL_ERROR_FOUND")."\n".$arMessage ); } else { $arResult["STATUS"] = true; $arResult["MESSAGE"]=Array( "PREVIEW"=>GetMessage("CL_LEVEL_SECURITY")."\n" ); } } else $arResult = Array( "STATUS" => false, "MESSAGE"=>Array( "PREVIEW"=>GetMessage("CL_SECURITY_MODULE_NOT_INSTALLED")."\n" ) ); break; case "ADMIN_POLICY": if (CCheckListTools::AdminPolicyLevel() != "high") $arResult["MESSAGE"]["PREVIEW"] = GetMessage("CL_ADMIN_SECURITY_LEVEL")."\n"; else $arResult = Array( "STATUS" => true, "MESSAGE"=>Array( "PREVIEW"=>GetMessage("CL_ADMIN_SECURITY_LEVEL_IS_HIGH")."\n" ) ); break; } return $arResult; }
/** * @param bool $bActive */ public static function SetActive($bActive = false) { if ($bActive) { if (!CSecurityFilter::IsActive()) { RegisterModuleDependences("main", "OnBeforeProlog", "security", "CSecurityFilter", "OnBeforeProlog", "5"); RegisterModuleDependences("main", "OnEndBufferContent", "security", "CSecurityXSSDetect", "OnEndBufferContent", 9999); // CAgent::AddAgent("CSecurityFilter::ClearTmpFiles();", "security", "N"); } } else { if (CSecurityFilter::IsActive()) { UnRegisterModuleDependences("main", "OnBeforeProlog", "security", "CSecurityFilter", "OnBeforeProlog"); UnRegisterModuleDependences("main", "OnEndBufferContent", "security", "CSecurityXSSDetect", "OnEndBufferContent"); // CAgent::RemoveAgent("CSecurityFilter::ClearTmpFiles();", "security"); } } }