protected function checkSecurityLevel()
{
if (!CSecurityFilter::IsActive()) {
$this->addUnformattedDetailError("SECURITY_SITE_CHECKER_WAF_OFF", CSecurityCriticalLevel::HIGHT);
}
if (self::AdminPolicyLevel() != "high") {
$this->addUnformattedDetailError("SECURITY_SITE_CHECKER_ADMIN_SECURITY_LEVEL", CSecurityCriticalLevel::HIGHT);
}
}
/**
* @param bool $bActive
*/
public static function SetActive($bActive = false)
{
if ($bActive) {
if (!CSecurityFilter::IsActive()) {
registerModuleDependences("main", "OnBeforeProlog", "security", "CSecurityFilter", "OnBeforeProlog", "5");
registerModuleDependences("main", "OnEndBufferContent", "security", "CSecurityXSSDetect", "OnEndBufferContent", 9999);
}
} else {
if (CSecurityFilter::IsActive()) {
unregisterModuleDependences("main", "OnBeforeProlog", "security", "CSecurityFilter", "OnBeforeProlog");
unregisterModuleDependences("main", "OnEndBufferContent", "security", "CSecurityXSSDetect", "OnEndBufferContent");
}
}
}
protected function checkSecurityLevel()
{
/** @global CDataBase $DB */
global $DB;
if (!CSecurityFilter::IsActive()) {
$this->addUnformattedDetailError("SECURITY_SITE_CHECKER_WAF_OFF", CSecurityCriticalLevel::HIGHT);
}
if (self::AdminPolicyLevel() != "high") {
$this->addUnformattedDetailError("SECURITY_SITE_CHECKER_ADMIN_SECURITY_LEVEL", CSecurityCriticalLevel::HIGHT);
}
$validErrorReporting = E_COMPILE_ERROR | E_ERROR | E_CORE_ERROR | E_PARSE;
if (COption::GetOptionInt("main", "error_reporting", $validErrorReporting) != $validErrorReporting && COption::GetOptionString("main", "error_reporting", "") != "") {
$this->addUnformattedDetailError("SECURITY_SITE_CHECKER_ERROR_REPORTING", CSecurityCriticalLevel::MIDDLE);
}
if ($DB->debug) {
$this->addUnformattedDetailError("SECURITY_SITE_CHECKER_DB_DEBUG", CSecurityCriticalLevel::HIGHT);
}
}
protected function checkSecurityLevel()
{
$isFailed = false;
if (!CSecurityFilter::IsActive()) {
$this->addUnformattedDetailError("SECURITY_SITE_CHECKER_WAF_OFF", CSecurityCriticalLevel::HIGHT);
$isFailed = true;
}
if (!CSecurityRedirect::IsActive()) {
$this->addUnformattedDetailError("SECURITY_SITE_CHECKER_REDIRECT_OFF", CSecurityCriticalLevel::MIDDLE);
$isFailed = true;
}
if (self::AdminPolicyLevel() != "high") {
$this->addUnformattedDetailError("SECURITY_SITE_CHECKER_ADMIN_SECURITY_LEVEL", CSecurityCriticalLevel::HIGHT);
$isFailed = true;
}
if ($isFailed) {
return self::STATUS_FAILED;
} else {
return self::STATUS_PASSED;
}
}
" enctype="multipart/form-data" name="editform">
<?php
echo bitrix_sessid_post();
?>
<input type="hidden" name="lang" value="<?php
echo LANG;
?>
">
<?php
$tabControl->Begin();
$tabControl->BeginNextTab();
?>
<tr>
<td colspan="2" align="left">
<?php
if (CSecurityFilter::IsActive()) {
?>
<input type="hidden" name="filter_active" value="N">
<input type="submit" name="filter_siteb" value="<?php
echo GetMessage("SEC_FILTER_BUTTON_OFF");
?>
"<?php
if (!$canWrite) {
echo " disabled";
}
?>
>
<?php
} else {
?>
<input type="hidden" name="filter_active" value="Y">
$criticalResultsCount = CSecuritySiteChecker::calculateCriticalResults($lastResults);
} else {
$criticalResultsCount = 0;
}
if (isset($lastTestingInfo["test_date"])) {
$lastDate = $lastTestingInfo["test_date"];
} else {
$lastDate = GetMessage("SEC_PANEL_SCANNER_NEVER_START");
}
$data['scanner']['ITEMS'][] = array("KPI_NAME" => GetMessage("SEC_PANEL_SCANNER_LAST_SCAN"), "KPI_VALUE" => $lastDate, "KPI_RECOMMENDATION" => !CSecuritySiteChecker::isNewTestNeeded() ? ' ' : ($USER->isAdmin() ? '<a href="security_scanner.php?lang=' . LANGUAGE_ID . '&return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '">' . GetMessage("SEC_PANEL_SCANNER_RUN") . '</a>' : GetMessage("SEC_PANEL_SCANNER_RUN")));
$data['scanner']['ITEMS'][] = array("KPI_NAME" => GetMessage("SEC_PANEL_SCANNER_PROBLEM_COUNT"), "KPI_VALUE" => count($lastResults), "KPI_RECOMMENDATION" => count($lastResults) <= 0 ? ' ' : ($USER->isAdmin() ? '<a href="security_scanner.php?lang=' . LANGUAGE_ID . '&return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '">' . GetMessage("SEC_PANEL_SCANNER_FIX_IT") . '</a>' : GetMessage("SEC_PANEL_SCANNER_FIX_IT")));
$data['scanner']['ITEMS'][] = array("KPI_NAME" => GetMessage("SEC_PANEL_SCANNER_CRITICAL_PROBLEM_COUNT"), "KPI_VALUE" => $criticalResultsCount, "KPI_RECOMMENDATION" => $criticalResultsCount <= 0 ? ' ' : ($USER->isAdmin() ? '<a href="security_scanner.php?lang=' . LANGUAGE_ID . '&return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '">' . GetMessage("SEC_PANEL_SCANNER_FIX_IT") . '</a>' : GetMessage("SEC_PANEL_SCANNER_FIX_IT")));
unset($lastTestingInfo);
unset($lastResults);
unset($criticalResultsCount);
$bSecurityFilter = CSecurityFilter::IsActive();
$data['std']['ITEMS'][] = array("IS_OK" => $bSecurityFilter, "KPI_NAME" => GetMessage("SEC_PANEL_FILTER_NAME"), "KPI_VALUE" => $bSecurityFilter ? GetMessage("SEC_PANEL_FILTER_VALUE_ON") : GetMessage("SEC_PANEL_FILTER_VALUE_OFF"), "KPI_RECOMMENDATION" => $bSecurityFilter ? ' ' : ($USER->CanDoOperation('security_filter_settings_write') ? '<a href="security_filter.php?lang=' . LANGUAGE_ID . '&return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '">' . GetMessage("SEC_PANEL_FILTER_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_FILTER_RECOMMENDATION")));
$rsSecurityFilterExclMask = CSecurityFilterMask::GetList();
if ($rsSecurityFilterExclMask->Fetch()) {
$bSecurityFilterExcl = true;
} else {
$bSecurityFilterExcl = false;
}
$data['std']['ITEMS'][] = array("IS_OK" => !$bSecurityFilterExcl, "KPI_NAME" => GetMessage("SEC_PANEL_FILTER_EXCL_NAME"), "KPI_VALUE" => $bSecurityFilterExcl ? GetMessage("SEC_PANEL_FILTER_EXCL_VALUE_ON") : GetMessage("SEC_PANEL_FILTER_EXCL_VALUE_OFF"), "KPI_RECOMMENDATION" => !$bSecurityFilterExcl ? ' ' : ($USER->CanDoOperation('security_filter_settings_write') ? '<a href="security_filter.php?lang=' . LANGUAGE_ID . '&return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '&tabControl_active_tab=exceptions">' . GetMessage("SEC_PANEL_FILTER_EXCL_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_FILTER_EXCL_RECOMMENDATION")));
$days = COption::GetOptionInt("main", "event_log_cleanup_days", 7);
if ($days > 7) {
$days = 7;
}
$cntLog = 0;
$rsLog = CEventLog::GetList(array(), array("TIMESTAMP_X_1" => ConvertTimeStamp(time() - $days * 24 * 3600 + CTimeZone::GetOffset(), "FULL"), "AUDIT_TYPE_ID" => "SECURITY_FILTER_SQL|SECURITY_FILTER_XSS|SECURITY_FILTER_XSS2|SECURITY_FILTER_PHP|SECURITY_REDIRECT"));
while ($rsLog->Fetch()) {
function CheckSecurity($arParams)
{
global $DB;
$err = 1;
$arResult['STATUS'] = false;
switch ($arParams["ACTION"])
{
case "SECURITY_LEVEL":
if (IsModuleInstalled("security"))
{
if ($arMask = CSecurityFilterMask::GetList()->Fetch())
$arMessage.= $err++.". ".GetMessage("CL_FILTER_EXEPTION_FOUND")."\n";
if(!CSecurityFilter::IsActive())
$arMessage.=$err++.". ".GetMessage("CL_FILTER_NON_ACTIVE")."\n";
if(COption::GetOptionString("main", "captcha_registration", "N") == "N")
$arMessage.=$err++.". ".GetMessage("CL_CAPTCHA_NOT_USE")."\n";
if (CCheckListTools::AdminPolicyLevel() != "high")
$arMessage.=$err++.". ".GetMessage("CL_ADMIN_SECURITY_LEVEL")."\n";
if (COption::GetOptionInt("main", "error_reporting", E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR|E_PARSE) != (E_COMPILE_ERROR|E_ERROR|E_CORE_ERROR|E_PARSE) && COption::GetOptionString("main","error_reporting","") != 0)
$arMessage.=$err++.". ".GetMessage("CL_ERROR_REPORTING_LEVEL")."\n";
if($DB->debug)
$arMessage.=$err++.". ".GetMessage("CL_DBDEBUG_TURN_ON")."\n";
if ($arMessage)
{
$arResult["STATUS"] = false;
$arResult["MESSAGE"]=Array(
"PREVIEW"=>GetMessage("CL_MIN_LEVEL_SECURITY"),
"DETAIL"=>GetMessage("CL_ERROR_FOUND")."\n".$arMessage
);
}
else
{
$arResult["STATUS"] = true;
$arResult["MESSAGE"]=Array(
"PREVIEW"=>GetMessage("CL_LEVEL_SECURITY")."\n"
);
}
}
else
$arResult = Array(
"STATUS" => false,
"MESSAGE"=>Array(
"PREVIEW"=>GetMessage("CL_SECURITY_MODULE_NOT_INSTALLED")."\n"
)
);
break;
case "ADMIN_POLICY":
if (CCheckListTools::AdminPolicyLevel() != "high")
$arResult["MESSAGE"]["PREVIEW"] = GetMessage("CL_ADMIN_SECURITY_LEVEL")."\n";
else
$arResult = Array(
"STATUS" => true,
"MESSAGE"=>Array(
"PREVIEW"=>GetMessage("CL_ADMIN_SECURITY_LEVEL_IS_HIGH")."\n"
)
);
break;
}
return $arResult;
}
/**
* @param bool $bActive
*/
public static function SetActive($bActive = false)
{
if ($bActive) {
if (!CSecurityFilter::IsActive()) {
RegisterModuleDependences("main", "OnBeforeProlog", "security", "CSecurityFilter", "OnBeforeProlog", "5");
RegisterModuleDependences("main", "OnEndBufferContent", "security", "CSecurityXSSDetect", "OnEndBufferContent", 9999);
// CAgent::AddAgent("CSecurityFilter::ClearTmpFiles();", "security", "N");
}
} else {
if (CSecurityFilter::IsActive()) {
UnRegisterModuleDependences("main", "OnBeforeProlog", "security", "CSecurityFilter", "OnBeforeProlog");
UnRegisterModuleDependences("main", "OnEndBufferContent", "security", "CSecurityXSSDetect", "OnEndBufferContent");
// CAgent::RemoveAgent("CSecurityFilter::ClearTmpFiles();", "security");
}
}
}
