/**
  * @param string $IP Should be in dot or colon notation (127.0.0.1 or ::1)
  * @return bool
  */
 public function isWhitelisted($IP)
 {
     $wfIPBlock = new wfUserIPRange('69.46.36.[1-32]');
     if ($wfIPBlock->isIPInRange($IP)) {
         //IP is in Wordfence's IP block which would prevent our scanning server manually kicking off scans that are stuck
         return true;
     }
     //We now whitelist all private addrs
     if (wfUtils::isPrivateAddress($IP)) {
         return true;
     }
     //These belong to sucuri's scanning servers which will get blocked by Wordfence as a false positive if you try a scan. So we whitelisted them.
     $externalWhite = array('97.74.127.171', '69.164.203.172', '173.230.128.135', '66.228.34.49', '66.228.40.185', '50.116.36.92', '50.116.36.93', '50.116.3.171', '198.58.96.212', '50.116.63.221', '192.155.92.112', '192.81.128.31', '198.58.106.244', '192.155.95.139', '23.239.9.227', '198.58.112.103', '192.155.94.43', '162.216.16.33', '173.255.233.124', '173.255.233.124', '192.155.90.179', '50.116.41.217', '192.81.129.227', '198.58.111.80');
     if (in_array($IP, $externalWhite)) {
         return true;
     }
     $list = wfConfig::get('whitelisted');
     if (!$list) {
         return false;
     }
     $list = explode(',', $list);
     if (sizeof($list) < 1) {
         return false;
     }
     foreach ($list as $whiteIP) {
         $white_ip_block = new wfUserIPRange($whiteIP);
         if ($white_ip_block->isIPInRange($IP)) {
             return true;
         }
     }
     return false;
 }
Exemple #2
0
 public function isWhitelisted($IP)
 {
     $IPnum = wfUtils::inet_aton($IP);
     if ($IPnum > 1160651777 && $IPnum < 1160651808) {
         //IP is in Wordfence's IP block which would prevent our scanning server manually kicking off scans that are stuck
         return true;
     }
     //We now whitelist all private addrs
     if (wfUtils::isPrivateAddress($IP)) {
         return true;
     }
     $list = wfConfig::get('whitelisted');
     if (!$list) {
         return false;
     }
     $list = explode(',', $list);
     if (sizeof($list) < 1) {
         return false;
     }
     foreach ($list as $whiteIP) {
         if (preg_match('/\\[\\d+\\-\\d+\\]/', $whiteIP)) {
             $IPparts = explode('.', $IP);
             $whiteParts = explode('.', $whiteIP);
             $mismatch = false;
             for ($i = 0; $i <= 3; $i++) {
                 if (preg_match('/^\\[(\\d+)\\-(\\d+)\\]$/', $whiteParts[$i], $m)) {
                     if ($IPparts[$i] < $m[1] || $IPparts[$i] > $m[2]) {
                         $mismatch = true;
                     }
                 } else {
                     if ($whiteParts[$i] != $IPparts[$i]) {
                         $mismatch = true;
                     }
                 }
             }
             if ($mismatch === false) {
                 return true;
                 //Is whitelisted because we did not get a mismatch
             }
         } else {
             if ($whiteIP == $IP) {
                 return true;
             }
         }
     }
     return false;
 }
 public function addIP($matches)
 {
     $id = $this->currentHooverID;
     $ipdata = $matches[1];
     $path = $matches[2];
     $this->dbg("Add IP called with {$ipdata} {$path}");
     if (strstr($ipdata, '.') === false) {
         if ($ipdata >= 16777216 && $ipdata <= 4026531840) {
             $ipdata = long2ip($ipdata);
         } else {
             return;
             //Is int but invalid address.
         }
     }
     $parts = explode('.', $ipdata);
     foreach ($parts as $part) {
         if ($part < 0 || $part > 255) {
             return;
         }
     }
     if (wfUtils::isPrivateAddress($ipdata)) {
         return;
     }
     if (strlen($path) == 1) {
         $path = '/';
         //Because it's either a whitespace char or a / anyway.
     } else {
         if (strlen($path) > 1) {
             $path = preg_replace_callback('/([^A-Za-z0-9\\-\\.\\_\\~:\\/\\?\\#\\[\\]\\@\\!\\$\\&\'\\(\\)\\*\\+\\,;\\=]+)/', 'wordfenceURLHoover::urlenc', $path);
         }
     }
     $hostKey = substr(hash('sha256', $ipdata . '/', true), 0, 4);
     $this->hostsToAdd->push(array('owner' => $id, 'host' => $ipdata, 'path' => $path, 'hostKey' => $hostKey));
     if ($this->hostsToAdd->size() > 1000) {
         $this->writeHosts();
     }
 }
 public function isWhitelisted($IP)
 {
     $IPnum = wfUtils::inet_aton($IP);
     if ($IPnum > 1160651777 && $IPnum < 1160651808) {
         //IP is in Wordfence's IP block which would prevent our scanning server manually kicking off scans that are stuck
         return true;
     }
     //We now whitelist all private addrs
     if (wfUtils::isPrivateAddress($IP)) {
         return true;
     }
     //These belong to sucuri's scanning servers which will get blocked by Wordfence as a false positive if you try a scan. So we whitelisted them.
     $externalWhite = array('97.74.127.171', '69.164.203.172', '173.230.128.135', '66.228.34.49', '66.228.40.185', '50.116.36.92', '50.116.36.93', '50.116.3.171', '198.58.96.212', '50.116.63.221', '192.155.92.112', '192.81.128.31', '198.58.106.244', '192.155.95.139', '23.239.9.227', '198.58.112.103', '192.155.94.43', '162.216.16.33', '173.255.233.124', '173.255.233.124', '192.155.90.179', '50.116.41.217', '192.81.129.227', '198.58.111.80');
     if (in_array($IP, $externalWhite)) {
         return true;
     }
     $list = wfConfig::get('whitelisted');
     if (!$list) {
         return false;
     }
     $list = explode(',', $list);
     if (sizeof($list) < 1) {
         return false;
     }
     foreach ($list as $whiteIP) {
         if (preg_match('/\\[\\d+\\-\\d+\\]/', $whiteIP)) {
             $IPparts = explode('.', $IP);
             $whiteParts = explode('.', $whiteIP);
             $mismatch = false;
             for ($i = 0; $i <= 3; $i++) {
                 if (preg_match('/^\\[(\\d+)\\-(\\d+)\\]$/', $whiteParts[$i], $m)) {
                     if ($IPparts[$i] < $m[1] || $IPparts[$i] > $m[2]) {
                         $mismatch = true;
                     }
                 } else {
                     if ($whiteParts[$i] != $IPparts[$i]) {
                         $mismatch = true;
                     }
                 }
             }
             if ($mismatch === false) {
                 return true;
                 //Is whitelisted because we did not get a mismatch
             }
         } else {
             if ($whiteIP == $IP) {
                 return true;
             }
         }
     }
     return false;
 }