public static function regenerate_server_config($add_responses = true)
{
require_once ITSEC_Core::get_core_dir() . '/lib/class-itsec-lib-config-file.php';
$result = ITSEC_Lib_Config_File::update_server_config();
$success = !is_wp_error($result);
$server = ITSEC_Lib_Utility::get_web_server();
if ($add_responses) {
if (is_wp_error($result)) {
ITSEC_Response::add_error($result);
$file = ITSEC_Lib_Config_File::get_server_config_file_path();
} else {
if ('nginx' === $server) {
ITSEC_Response::add_message(__('You must restart your NGINX server for the changes to take effect.', 'better-wp-security'));
}
}
}
return $success;
}
/**
* Get file permissions from the requested file.
*
* @since 1.15.0
*
* @param string $file Full path to the file to retrieve permissions from.
* @return int|WP_Error The permissions as an int or a WP_Error object if an error occurs.
*/
public static function get_permissions($file)
{
if (!self::is_file($file)) {
return new WP_Error('itsec-lib-file-get-permissions-missing-file', sprintf(__('Permissions for the file %s could not be read as the file could not be found.', 'it-l10n-better-wp-security'), $file));
}
if (!ITSEC_Lib_Utility::is_callable_function('fileperms')) {
return new WP_Error('itsec-lib-file-get-permissions-fileperms-is-disabled', sprintf(__('Permissions for the file %s could not be read as the fileperms() function is disabled. This is a system configuration issue.', 'it-l10n-better-wp-security'), $file));
}
@clearstatcache(true, $file);
return fileperms($file) & 0777;
}
public function filter_nginx_server_config_modification( $modification ) {
$input = get_site_option( 'itsec_tweaks' );
if ( true === $input['protect_files'] ) {
$modification .= "\n";
$modification .= "\t# " . __( 'Protect System Files - Security > Settings > System Tweaks > System Files', 'it-l10n-ithemes-security-pro' ) . "\n";
$modification .= "\tlocation ~ /\.ht { deny all; }\n";
$modification .= "\tlocation ~ wp-config.php { deny all; }\n";
$modification .= "\tlocation ~ readme.html { deny all; }\n";
$modification .= "\tlocation ~ readme.txt { deny all; }\n";
$modification .= "\tlocation ~ /install.php { deny all; }\n";
$modification .= "\tlocation ^wp-includes/(.*).php { deny all; }\n";
$modification .= "\tlocation ^/wp-admin/includes(.*)$ { deny all; }\n";
}
if ( 2 == $input['disable_xmlrpc'] ) {
$modification .= "\n";
$modification .= "\t# " . __( 'Disable XML-RPC - Security > Settings > WordPress Tweaks > XML-RPC', 'it-l10n-ithemes-security-pro' ) . "\n";
$modification .= "\tlocation ~ xmlrpc.php { deny all; }\n";
}
// Rewrite Rules for Disable PHP in Uploads
if ( true === $input['uploads_php'] ) {
require_once( trailingslashit( $GLOBALS['itsec_globals']['plugin_dir'] ) . 'core/lib/class-itsec-lib-utility.php' );
$dir = ITSEC_Lib_Utility::get_relative_upload_url_path();
if ( ! empty( $dir ) ) {
$dir = preg_quote( $dir );
$modification .= "\n";
$modification .= "\t# " . __( 'Disable PHP in Uploads - Security > Settings > System Tweaks > Uploads', 'it-l10n-ithemes-security-pro' ) . "\n";
$modification .= "\tlocation ^$dir/(.*).php(.?) { deny all; }\n";
}
}
// Apache rewrite rules for disable http methods
if ( true == $input['request_methods'] ) {
$modification .= "\n";
$modification .= "\t# " . __( 'Filter Request Methods - Security > Settings > System Tweaks > Request Methods', 'it-l10n-ithemes-security-pro' ) . "\n";
$modification .= "\tif (\$request_method ~* \"^(TRACE|DELETE|TRACK)\") { return 403; }\n";
}
// Process suspicious query rules
if ( true == $input['suspicious_query_strings'] ) {
$modification .= "\n";
$modification .= "\t# " . __( 'Filter Suspicious Query Strings in the URL - Security > Settings > System Tweaks > Suspicious Query Strings', 'it-l10n-ithemes-security-pro' ) . "\n";
$modification .= "\tset \$susquery 0;\n";
$modification .= "\tif (\$args ~* \"\\.\\./\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"\.(bash|git|hg|log|svn|swp|cvs)\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"etc/passwd\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"boot.ini\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"ftp:\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"http:\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"https:\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"(<|%3C).*script.*(>|%3E)\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"mosConfig_[a-zA-Z_]{1,21}(=|%3D)\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"base64_encode\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"(%24&x)\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"(127.0)\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"(globals|encode|localhost|loopback)\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"(request|insert|concat|union|declare)\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args !~ \"^loggedout=true\") { set \$susquery 0; }\n";
$modification .= "\tif (\$args !~ \"^action=jetpack-sso\") { set \$susquery 0; }\n";
$modification .= "\tif (\$args !~ \"^action=rp\") { set \$susquery 0; }\n";
$modification .= "\tif (\$http_cookie !~ \"^.*wordpress_logged_in_.*\$\") { set \$susquery 0; }\n";
$modification .= "\tif (\$http_referer !~ \"^http://maps.googleapis.com(.*)\$\") { set \$susquery 0; }\n";
$modification .= "\tif (\$susquery = 1) { return 403; } \n";
}
// Process filtering of foreign characters
if ( true == $input['non_english_characters'] ) {
$modification .= "\n";
$modification .= "\t# " . __( 'Filter Non-English Characters - Security > Settings > System Tweaks > Non-English Characters', 'it-l10n-ithemes-security-pro' ) . "\n";
$modification .= "\tif (\$args ~* \"(%0|%A|%B|%C|%D|%E|%F)\") { return 403; }\n";
}
// Process Comment spam rules
if ( true == $input['comment_spam'] ) {
$valid_referers = $this->get_valid_referers( 'nginx' );
$modification .= "\n";
$modification .= "\t# " . __( 'Reduce Comment Spam - Security > Settings > System Tweaks > Comment Spam', 'it-l10n-ithemes-security-pro' ) . "\n";
$modification .= "\t# " . __( 'Help reduce spam', 'it-l10n-ithemes-security-pro' ) . "\n";
$modification .= "\tlocation /wp-comments-post.php {\n";
$modification .= "\t\tlimit_except POST { deny all; }\n";
$modification .= "\t\tif (\$http_user_agent ~ \"^$\") { return 403; }\n";
if ( ! empty( $valid_referers ) && ! in_array( '*', $valid_referers ) ) {
$modification .= "\t\tvalid_referers " . implode( ' ', $valid_referers ) . ";\n";
$modification .= "\t\tif (\$invalid_referer) { return 403; }\n";
}
$modification .= "\t}\n";
}
return $modification;
}
/**
* Returns the server type of the plugin user.
*
* Attempts to figure out what http server the visiting user is running.
*
* @since 4.0.0
*
* @return string|bool server type the user is using of false if undetectable.
*/
public static function get_server()
{
require_once trailingslashit($GLOBALS['itsec_globals']['plugin_dir']) . 'core/lib/class-itsec-lib-utility.php';
return ITSEC_Lib_Utility::get_web_server();
}
/**
* Saves all rewrite rules to htaccess or similar file.
*
* Gets a file lock for .htaccess and calls the writing function if successful.
*
* @since 4.0.0
*
* @return mixed array or false if writing disabled or error message
*/
public function save_rewrites()
{
require_once trailingslashit($GLOBALS['itsec_globals']['plugin_dir']) . 'core/lib/class-itsec-lib-config-file.php';
$result = ITSEC_Lib_Config_File::update_server_config();
if (is_wp_error($result)) {
$retval = array('success' => false, 'text' => $result->get_error_message());
} else {
$server = ITSEC_Lib_Utility::get_web_server();
if ('nginx' === $server) {
$retval = array('success' => true, 'text' => __('You must restart your NGINX server for the settings to take effect', 'better-wp-security'));
} else {
$retval = array('success' => true, 'text' => true);
}
}
return $retval;
}
/**
* Get the default name for server config files based upon the web server.
*
* Customize the returned value with the itsec_filter_default_server_config_file_name filter. This filter can be
* used to change the name of the config file used for this server, add support for additional server types (Apache
* and nginx are supported by default), or to disable modifications for the active server type by returning a blank
* string ("").
*
* @since 1.15.0
* @access protected
*
* @return string|bool File name of the config file used for the server, a blank string if modifications for the
* server config file are disabled, or a boolean false if the server is not recognized.
*/
protected static function get_default_server_config_file_name()
{
$server = ITSEC_Lib_Utility::get_web_server();
$defaults = array('apache' => '.htaccess', 'litespeed' => '.htaccess', 'nginx' => 'nginx.conf');
if (isset($defaults[$server])) {
$name = $defaults[$server];
} else {
$name = false;
}
return apply_filters('itsec_filter_default_server_config_file_name', $name, $server);
}
public static function filter_nginx_server_config_modification($modification)
{
require_once $GLOBALS['itsec_globals']['plugin_dir'] . 'core/lib/class-itsec-lib-utility.php';
$input = ITSEC_Modules::get_settings('system-tweaks');
$wp_includes = WPINC;
if ($input['protect_files']) {
$config_file = ITSEC_Lib::get_htaccess();
if (0 === strpos($config_file, ABSPATH)) {
$config_file = '/' . substr($config_file, strlen(ABSPATH));
} else {
$config_file = '/nginx.conf';
}
$modification .= "\n";
$modification .= "\t# " . __('Protect System Files - Security > Settings > System Tweaks > System Files', 'better-wp-security') . "\n";
$modification .= "\tlocation = /wp-admin/install\\.php { deny all; }\n";
$modification .= "\tlocation = {$config_file} { deny all; }\n";
$modification .= "\tlocation ~ /\\.htaccess\$ { deny all; }\n";
$modification .= "\tlocation ~ /readme\\.html\$ { deny all; }\n";
$modification .= "\tlocation ~ /readme\\.txt\$ { deny all; }\n";
$modification .= "\tlocation ~ /wp-config.php\$ { deny all; }\n";
$modification .= "\tlocation ~ ^/wp-admin/includes/ { deny all; }\n";
if (!is_multisite() || !get_site_option('ms_files_rewriting')) {
// nginx can only reliably block PHP files in wp-includes if requests to wp-includes/ms-files.php are
// not required. This is because there is no skip directive as Apache has.
$modification .= "\tlocation ~ ^/{$wp_includes}/[^/]+\\.php\$ { deny all; }\n";
}
$modification .= "\tlocation ~ ^/{$wp_includes}/js/tinymce/langs/.+\\.php\$ { deny all; }\n";
$modification .= "\tlocation ~ ^/{$wp_includes}/theme-compat/ { deny all; }\n";
}
// Rewrite Rules for Disable PHP in Uploads
if ($input['uploads_php']) {
$dir = ITSEC_Lib_Utility::get_relative_upload_url_path();
if (!empty($dir)) {
$dir = preg_quote($dir);
$modification .= "\n";
$modification .= "\t# " . __('Disable PHP in Uploads - Security > Settings > System Tweaks > PHP in Uploads', 'better-wp-security') . "\n";
$modification .= "\tlocation ~ ^/{$dir}/.*\\.(?:php[1-7]?|pht|phtml?|phps)\$ { deny all; }\n";
}
}
// Rewrite Rules for Disable PHP in Plugins
if ($input['plugins_php']) {
$dir = ITSEC_Lib_Utility::get_relative_url_path(WP_PLUGIN_URL);
if (!empty($dir)) {
$dir = preg_quote($dir);
$modification .= "\n";
$modification .= "\t# " . __('Disable PHP in Plugins - Security > Settings > System Tweaks > PHP in Plugins', 'better-wp-security') . "\n";
$modification .= "\tlocation ~ ^/{$dir}/.*\\.(?:php[1-7]?|pht|phtml?|phps)\$ { deny all; }\n";
}
}
// Rewrite Rules for Disable PHP in Themes
if ($input['themes_php']) {
$dir = ITSEC_Lib_Utility::get_relative_url_path(get_theme_root_uri());
if (!empty($dir)) {
$dir = preg_quote($dir);
$modification .= "\n";
$modification .= "\t# " . __('Disable PHP in Themes - Security > Settings > System Tweaks > PHP in Themes', 'better-wp-security') . "\n";
$modification .= "\tlocation ~ ^/{$dir}/.*\\.(?:php[1-7]?|pht|phtml?|phps)\$ { deny all; }\n";
}
}
// Apache rewrite rules for disable http methods
if ($input['request_methods']) {
$modification .= "\n";
$modification .= "\t# " . __('Filter Request Methods - Security > Settings > System Tweaks > Request Methods', 'better-wp-security') . "\n";
$modification .= "\tif ( \$request_method ~* ^(TRACE|DELETE|TRACK)\$ ) { return 403; }\n";
}
// Process suspicious query rules
if ($input['suspicious_query_strings']) {
$modification .= "\n";
$modification .= "\t# " . __('Filter Suspicious Query Strings in the URL - Security > Settings > System Tweaks > Suspicious Query Strings', 'better-wp-security') . "\n";
$modification .= "\tset \$susquery 0;\n";
$modification .= "\tif ( \$args ~* \"\\.\\./\" ) { set \$susquery 1; }\n";
$modification .= "\tif ( \$args ~* \"\\.(bash|git|hg|log|svn|swp|cvs)\" ) { set \$susquery 1; }\n";
$modification .= "\tif ( \$args ~* \"etc/passwd\" ) { set \$susquery 1; }\n";
$modification .= "\tif ( \$args ~* \"boot\\.ini\" ) { set \$susquery 1; }\n";
$modification .= "\tif ( \$args ~* \"ftp:\" ) { set \$susquery 1; }\n";
$modification .= "\tif ( \$args ~* \"https?:\" ) { set \$susquery 1; }\n";
$modification .= "\tif ( \$args ~* \"(<|%3C)script(>|%3E)\" ) { set \$susquery 1; }\n";
$modification .= "\tif ( \$args ~* \"mosConfig_[a-zA-Z_]{1,21}(=|%3D)\" ) { set \$susquery 1; }\n";
$modification .= "\tif ( \$args ~* \"base64_decode\\(\" ) { set \$susquery 1; }\n";
$modification .= "\tif ( \$args ~* \"%24&x\" ) { set \$susquery 1; }\n";
$modification .= "\tif ( \$args ~* \"127\\.0\" ) { set \$susquery 1; }\n";
$modification .= "\tif ( \$args ~* \"(globals|encode|localhost|loopback)\" ) { set \$susquery 1; }\n";
$modification .= "\tif ( \$args ~* \"(request|insert|concat|union|declare)\" ) { set \$susquery 1; }\n";
$modification .= "\tif ( \$args ~* \"%[01][0-9A-F]\" ) { set \$susquery 1; }\n";
$modification .= "\tif ( \$args ~ \"^loggedout=true\" ) { set \$susquery 0; }\n";
$modification .= "\tif ( \$args ~ \"^action=jetpack-sso\" ) { set \$susquery 0; }\n";
$modification .= "\tif ( \$args ~ \"^action=rp\" ) { set \$susquery 0; }\n";
$modification .= "\tif ( \$http_cookie ~ \"wordpress_logged_in_\" ) { set \$susquery 0; }\n";
$modification .= "\tif ( \$http_referer ~* \"^https?://maps\\.googleapis\\.com/\" ) { set \$susquery 0; }\n";
$modification .= "\tif ( \$susquery = 1 ) { return 403; }\n";
}
// Process filtering of foreign characters
if ($input['non_english_characters']) {
$modification .= "\n";
$modification .= "\t# " . __('Filter Non-English Characters - Security > Settings > System Tweaks > Non-English Characters', 'better-wp-security') . "\n";
$modification .= "\tif (\$args ~* \"%[A-F][0-9A-F]\") { return 403; }\n";
}
return $modification;
}
public static function filter_nginx_server_config_modification($modification)
{
$input = ITSEC_Modules::get_settings('system-tweaks');
if ($input['protect_files']) {
$modification .= "\n";
$modification .= "\t# " . __('Protect System Files - Security > Settings > System Tweaks > System Files', 'better-wp-security') . "\n";
$modification .= "\tlocation ~ /\\.ht { deny all; }\n";
$modification .= "\tlocation ~ wp-config.php { deny all; }\n";
$modification .= "\tlocation ~ readme.html { deny all; }\n";
$modification .= "\tlocation ~ readme.txt { deny all; }\n";
$modification .= "\tlocation ~ /install.php { deny all; }\n";
$modification .= "\tlocation ^wp-includes/(.*).php { deny all; }\n";
$modification .= "\tlocation ^/wp-admin/includes(.*)\$ { deny all; }\n";
}
// Rewrite Rules for Disable PHP in Uploads
if ($input['uploads_php']) {
require_once $GLOBALS['itsec_globals']['plugin_dir'] . 'core/lib/class-itsec-lib-utility.php';
$dir = ITSEC_Lib_Utility::get_relative_upload_url_path();
if (!empty($dir)) {
$dir = preg_quote($dir);
$modification .= "\n";
$modification .= "\t# " . __('Disable PHP in Uploads - Security > Settings > System Tweaks > Uploads', 'better-wp-security') . "\n";
$modification .= "\tlocation ^{$dir}/(.*).php(.?) { deny all; }\n";
}
}
// Apache rewrite rules for disable http methods
if ($input['request_methods']) {
$modification .= "\n";
$modification .= "\t# " . __('Filter Request Methods - Security > Settings > System Tweaks > Request Methods', 'better-wp-security') . "\n";
$modification .= "\tif (\$request_method ~* \"^(TRACE|DELETE|TRACK)\") { return 403; }\n";
}
// Process suspicious query rules
if ($input['suspicious_query_strings']) {
$modification .= "\n";
$modification .= "\t# " . __('Filter Suspicious Query Strings in the URL - Security > Settings > System Tweaks > Suspicious Query Strings', 'better-wp-security') . "\n";
$modification .= "\tset \$susquery 0;\n";
$modification .= "\tif (\$args ~* \"\\.\\./\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"\\.(bash|git|hg|log|svn|swp|cvs)\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"etc/passwd\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"boot.ini\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"ftp:\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"http:\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"https:\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"(<|%3C).*script.*(>|%3E)\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"mosConfig_[a-zA-Z_]{1,21}(=|%3D)\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"base64_encode\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"(%24&x)\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"(127.0)\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"(globals|encode|localhost|loopback)\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args ~* \"(request|insert|concat|union|declare)\") { set \$susquery 1; }\n";
$modification .= "\tif (\$args !~ \"^loggedout=true\") { set \$susquery 0; }\n";
$modification .= "\tif (\$args !~ \"^action=jetpack-sso\") { set \$susquery 0; }\n";
$modification .= "\tif (\$args !~ \"^action=rp\") { set \$susquery 0; }\n";
$modification .= "\tif (\$http_cookie !~ \"^.*wordpress_logged_in_.*\$\") { set \$susquery 0; }\n";
$modification .= "\tif (\$http_referer !~ \"^http://maps.googleapis.com(.*)\$\") { set \$susquery 0; }\n";
$modification .= "\tif (\$susquery = 1) { return 403; } \n";
}
// Process filtering of foreign characters
if ($input['non_english_characters']) {
$modification .= "\n";
$modification .= "\t# " . __('Filter Non-English Characters - Security > Settings > System Tweaks > Non-English Characters', 'better-wp-security') . "\n";
$modification .= "\tif (\$args ~* \"(%0|%A|%B|%C|%D|%E|%F)\") { return 403; }\n";
}
return $modification;
}
/**
* Get file permissions from the requested directory.
*
* If the directory permissions cannot be read, a default value of 0644 will be returned.
*
* @since 1.15.0
*
* @param string $dir Full path to the file to retrieve permissions from.
* @return int|WP_Error The permissions as an int or a WP_Error object if an error occurs.
*/
public static function get_permissions( $dir ) {
if ( ! self::is_dir( $dir ) ) {
return new WP_Error( 'itsec-lib-dir-get-permissions-missing-dir', sprintf( __( 'Permissions for the directory %s could not be read as the directory could not be found.', 'it-l10n-ithemes-security-pro' ), $dir ) );
}
if ( ! ITSEC_Lib_Utility::is_callable_function( 'fileperms' ) ) {
return new WP_Error( 'itsec-lib-directory-get-permissions-fileperms-is-disabled', sprintf( __( 'Permissions for the directory %s could not be read as the fileperms() function is disabled. This is a system configuration issue.', 'it-l10n-ithemes-security-pro' ), $dir ) );
}
$dir = rtrim( $dir, '/' );
@clearstatcache( true, $dir );
return fileperms( $dir ) & 0777;
}
protected function is_modified_by_it_security()
{
if (!$this->is_custom_directory()) {
return false;
}
if (isset($this->is_modified_by_it_security)) {
return $this->is_modified_by_it_security;
}
$this->is_modified_by_it_security = false;
require_once trailingslashit($GLOBALS['itsec_globals']['plugin_dir']) . 'core/lib/class-itsec-lib-config-file.php';
$wp_config_file = ITSEC_Lib_Config_File::get_wp_config_file_path();
if (empty($wp_config_file)) {
return false;
}
require_once trailingslashit($GLOBALS['itsec_globals']['plugin_dir']) . 'core/lib/class-itsec-lib-file.php';
$wp_config = ITSEC_Lib_File::read($wp_config_file);
if (is_wp_error($wp_config)) {
return false;
}
$define_expression = $this->get_wp_config_define_expression();
if (!preg_match($define_expression, $wp_config)) {
return false;
}
require_once trailingslashit($GLOBALS['itsec_globals']['plugin_dir']) . 'core/lib/class-itsec-lib-utility.php';
$wp_config_without_comments = ITSEC_Lib_Utility::strip_php_comments($wp_config);
if (is_wp_error($wp_config_without_comments)) {
return false;
}
$define_expression_without_comment = $this->get_wp_config_define_expression(false);
if (!preg_match($define_expression_without_comment, $wp_config_without_comments)) {
return false;
}
$this->is_modified_by_it_security = true;
return true;
}
/**
* Returns the server type of the plugin user.
*
* Attempts to figure out what http server the visiting user is running.
*
* @since 4.0.0
*
* @return string|bool server type the user is using of false if undetectable.
*/
public static function get_server()
{
require_once ITSEC_Core::get_core_dir() . '/lib/class-itsec-lib-utility.php';
return ITSEC_Lib_Utility::get_web_server();
}
public static function is_modified_by_it_security()
{
if (isset($GLOBALS['__itsec_content_directory_is_modified_by_it_security'])) {
return $GLOBALS['__itsec_content_directory_is_modified_by_it_security'];
}
$GLOBALS['__itsec_content_directory_is_modified_by_it_security'] = false;
if (!self::is_custom_directory()) {
return false;
}
require_once $GLOBALS['itsec_globals']['plugin_dir'] . 'core/lib/class-itsec-lib-config-file.php';
$wp_config_file = ITSEC_Lib_Config_File::get_wp_config_file_path();
if (empty($wp_config_file)) {
return false;
}
require_once $GLOBALS['itsec_globals']['plugin_dir'] . 'core/lib/class-itsec-lib-file.php';
$wp_config = ITSEC_Lib_File::read($wp_config_file);
if (is_wp_error($wp_config)) {
return false;
}
$define_expression = self::get_wp_config_define_expression();
if (!preg_match($define_expression, $wp_config)) {
return false;
}
require_once $GLOBALS['itsec_globals']['plugin_dir'] . 'core/lib/class-itsec-lib-utility.php';
$wp_config_without_comments = ITSEC_Lib_Utility::strip_php_comments($wp_config);
if (is_wp_error($wp_config_without_comments)) {
return false;
}
$define_expression_without_comment = self::get_wp_config_define_expression(false);
if (!preg_match($define_expression_without_comment, $wp_config_without_comments)) {
return false;
}
$GLOBALS['__itsec_content_directory_is_modified_by_it_security'] = true;
return true;
}
/**
* Returns the directory path to the uploads directory relative to the site root.
*
* @since 1.16.1
*
* @return string|bool The upload directory relative path or false if the path could not be determined.
*/
public static function get_relative_upload_url_path()
{
$upload_dir_details = wp_upload_dir();
return ITSEC_Lib_Utility::get_relative_url_path($upload_dir_details['baseurl']);
}
