/**
* Display a notice message with instructions to continue the setup of the
* plugin, this includes the generation of the API key and other steps that need
* to be done to fully activate this plugin.
*
* @return void
*/
public static function setup_notice()
{
if (current_user_can('manage_options') && SucuriScan::no_notices_here() === false && !SucuriScanAPI::get_plugin_key() && SucuriScanRequest::post(':plugin_api_key') === false && SucuriScanRequest::post(':recover_key') === false && !SucuriScanRequest::post(':manual_api_key')) {
if (SucuriScanRequest::get(':dismiss_setup') !== false) {
SucuriScanOption::update_option(':dismiss_setup', 'enabled');
} elseif (SucuriScanOption::is_enabled(':dismiss_setup')) {
/* Do not display API key generation form. */
} else {
echo SucuriScanTemplate::get_section('setup-notice');
echo SucuriScanTemplate::get_modal('setup-form', array('Visibility' => 'hidden', 'Title' => 'Sucuri API key generation', 'CssClass' => 'sucuriscan-setup-instructions'));
}
}
}
/**
* Gather all the checksums (aka. file hashes) of this site, send them, and
* analyze them using the Sucuri Monitoring service, this will generate the
* audit logs for this site and be part of the integrity checks.
*
* @param boolean $force_scan Whether the filesystem scan was forced by an administrator user or not.
* @return boolean TRUE if the filesystem scan was successful, FALSE otherwise.
*/
public static function filesystem_scan($force_scan = false)
{
$minimum_runtime = SUCURISCAN_MINIMUM_RUNTIME;
if (self::verify_run($minimum_runtime, $force_scan) && class_exists('SucuriScanFileInfo') && SucuriScanAPI::get_plugin_key()) {
self::report_site_version();
$sucuri_fileinfo = new SucuriScanFileInfo();
$sucuri_fileinfo->scan_interface = SucuriScanOption::get_option(':scan_interface');
$signatures = $sucuri_fileinfo->get_directory_tree_md5(ABSPATH);
if ($signatures) {
$hashes_sent = SucuriScanAPI::send_hashes($signatures);
if ($hashes_sent) {
SucuriScanOption::update_option(':runtime', time());
return true;
} else {
SucuriScanInterface::error('The file hashes could not be stored.');
}
} else {
SucuriScanInterface::error('The file hashes could not be retrieved, the filesystem scan failed.');
}
}
return false;
}
public static function timeoutPage($nonce)
{
$params = array();
// Update the SiteCheck timeout.
if ($nonce) {
$timeout = (int) SucuriScanRequest::post(':sitecheck_timeout', '[0-9]+');
if ($timeout > 0) {
if ($timeout <= SUCURISCAN_MAX_SITECHECK_TIMEOUT) {
$message = 'SiteCheck timeout set to <code>' . $timeout . '</code> seconds.';
SucuriScanOption::update_option(':sitecheck_timeout', $timeout);
SucuriScanEvent::report_info_event($message);
SucuriScanEvent::notify_event('plugin_change', $message);
SucuriScanInterface::info($message);
} else {
SucuriScanInterface::error('SiteCheck timeout in seconds is too high.');
}
}
}
$params['MaxRequestTimeout'] = SUCURISCAN_MAX_SITECHECK_TIMEOUT;
$params['RequestTimeout'] = SucuriScanOption::get_option(':sitecheck_timeout') . ' seconds';
return SucuriScanTemplate::getSection('settings-sitecheck-timeout', $params);
}
/**
* Determine whether an API response was successful or not checking the expected
* generic variables and types, in case of an error a notification will appears
* in the administrator panel explaining the result of the operation.
*
* @param array $response Response object after the HTTP request is executed.
* @return boolean Either true or false in case of success or failure of the API response (respectively).
*/
private static function handle_response($response = array())
{
if ($response) {
if ($response['body'] instanceof stdClass) {
if (isset($response['body']->status)) {
if ($response['body']->status == 1) {
return true;
} else {
$action_message = 'Unknown error, there is no more information.';
// Check whether the message list is empty or not.
if (isset($response['body']->messages[0])) {
$action_message = $response['body']->messages[0] . '.';
}
// Keep a copy of the original API response message.
$raw_message = $action_message;
// Special response for invalid API keys.
if (stripos($raw_message, 'log file not found') !== false) {
SucuriScanOption::delete_option(':api_key');
$action_message .= ' This generally happens when you add an invalid API key, the' . ' key will be deleted automatically to hide these warnings, if you want to' . ' recover it go to the settings page and use the recover button to send the' . ' key to your email address.';
}
// Special response for invalid CloudProxy API keys.
if (stripos($raw_message, 'wrong api key') !== false) {
SucuriScanOption::delete_option(':cloudproxy_apikey');
SucuriScanOption::delete_option(':revproxy');
$action_message .= ' The CloudProxy API key does not seems to be valid.';
}
// Special response for connection time outs.
if (stripos($raw_message, 'timed out') !== false) {
$current_timeout = SucuriScanOption::get_option(':request_timeout');
if ($current_timeout < 300) {
SucuriScanOption::update_option(':request_timeout', 300);
}
$action_message .= ' This generally happens when the API service fails to respond' . ' in time, you currently have configured the plugin to discard the network' . ' connection after ' . $current_timeout . ' seconds. Wait a few minutes until' . ' the issue is resolved by itself, or change the timeout limit from the general' . ' settings page of the plugin, the option is named "API request timeout".';
}
// Stop SSL peer verification on connection failures.
if (stripos($raw_message, 'no alternative certificate') || stripos($raw_message, 'error setting certificate')) {
SucuriScanOption::update_option(':verify_ssl_cert', 'false');
$action_message .= 'There were some issues with the SSL certificate either in this' . ' server or with the remote API service. The automatic verification of the' . ' certificates has been deactivated to reduce the noise during the execution' . ' of the HTTP requests.';
}
SucuriScanInterface::error(sprintf('(%d) %s: %s', SucuriScan::local_time(), ucwords($response['body']->action), $action_message));
}
} else {
SucuriScanInterface::error('Could not determine the status of an API call.');
}
} else {
$error_message = 'non JSON-encoded response.';
if (isset($response['response']) && isset($response['response']['message']) && isset($response['response']['code']) && $response['response']['code'] !== 200) {
$error_message = sprintf('(%s) %s', $response['response']['code'], $response['response']['message']);
}
SucuriScanInterface::error('Malformed API response: ' . $error_message);
}
}
return false;
}
