/** * @param string $IP Should be in dot or colon notation (127.0.0.1 or ::1) * @return bool */ public function isWhitelisted($IP) { $wfIPBlock = new wfUserIPRange('69.46.36.[1-32]'); if ($wfIPBlock->isIPInRange($IP)) { //IP is in Wordfence's IP block which would prevent our scanning server manually kicking off scans that are stuck return true; } //We now whitelist all private addrs if (wfUtils::isPrivateAddress($IP)) { return true; } //These belong to sucuri's scanning servers which will get blocked by Wordfence as a false positive if you try a scan. So we whitelisted them. $externalWhite = array('97.74.127.171', '69.164.203.172', '173.230.128.135', '66.228.34.49', '66.228.40.185', '50.116.36.92', '50.116.36.93', '50.116.3.171', '198.58.96.212', '50.116.63.221', '192.155.92.112', '192.81.128.31', '198.58.106.244', '192.155.95.139', '23.239.9.227', '198.58.112.103', '192.155.94.43', '162.216.16.33', '173.255.233.124', '173.255.233.124', '192.155.90.179', '50.116.41.217', '192.81.129.227', '198.58.111.80'); if (in_array($IP, $externalWhite)) { return true; } $list = wfConfig::get('whitelisted'); if (!$list) { return false; } $list = explode(',', $list); if (sizeof($list) < 1) { return false; } foreach ($list as $whiteIP) { $white_ip_block = new wfUserIPRange($whiteIP); if ($white_ip_block->isIPInRange($IP)) { return true; } } return false; }
public function isWhitelisted($IP) { $IPnum = wfUtils::inet_aton($IP); if ($IPnum > 1160651777 && $IPnum < 1160651808) { //IP is in Wordfence's IP block which would prevent our scanning server manually kicking off scans that are stuck return true; } //We now whitelist all private addrs if (wfUtils::isPrivateAddress($IP)) { return true; } $list = wfConfig::get('whitelisted'); if (!$list) { return false; } $list = explode(',', $list); if (sizeof($list) < 1) { return false; } foreach ($list as $whiteIP) { if (preg_match('/\\[\\d+\\-\\d+\\]/', $whiteIP)) { $IPparts = explode('.', $IP); $whiteParts = explode('.', $whiteIP); $mismatch = false; for ($i = 0; $i <= 3; $i++) { if (preg_match('/^\\[(\\d+)\\-(\\d+)\\]$/', $whiteParts[$i], $m)) { if ($IPparts[$i] < $m[1] || $IPparts[$i] > $m[2]) { $mismatch = true; } } else { if ($whiteParts[$i] != $IPparts[$i]) { $mismatch = true; } } } if ($mismatch === false) { return true; //Is whitelisted because we did not get a mismatch } } else { if ($whiteIP == $IP) { return true; } } } return false; }
public function addIP($matches) { $id = $this->currentHooverID; $ipdata = $matches[1]; $path = $matches[2]; $this->dbg("Add IP called with {$ipdata} {$path}"); if (strstr($ipdata, '.') === false) { if ($ipdata >= 16777216 && $ipdata <= 4026531840) { $ipdata = long2ip($ipdata); } else { return; //Is int but invalid address. } } $parts = explode('.', $ipdata); foreach ($parts as $part) { if ($part < 0 || $part > 255) { return; } } if (wfUtils::isPrivateAddress($ipdata)) { return; } if (strlen($path) == 1) { $path = '/'; //Because it's either a whitespace char or a / anyway. } else { if (strlen($path) > 1) { $path = preg_replace_callback('/([^A-Za-z0-9\\-\\.\\_\\~:\\/\\?\\#\\[\\]\\@\\!\\$\\&\'\\(\\)\\*\\+\\,;\\=]+)/', 'wordfenceURLHoover::urlenc', $path); } } $hostKey = substr(hash('sha256', $ipdata . '/', true), 0, 4); $this->hostsToAdd->push(array('owner' => $id, 'host' => $ipdata, 'path' => $path, 'hostKey' => $hostKey)); if ($this->hostsToAdd->size() > 1000) { $this->writeHosts(); } }
public function isWhitelisted($IP) { $IPnum = wfUtils::inet_aton($IP); if ($IPnum > 1160651777 && $IPnum < 1160651808) { //IP is in Wordfence's IP block which would prevent our scanning server manually kicking off scans that are stuck return true; } //We now whitelist all private addrs if (wfUtils::isPrivateAddress($IP)) { return true; } //These belong to sucuri's scanning servers which will get blocked by Wordfence as a false positive if you try a scan. So we whitelisted them. $externalWhite = array('97.74.127.171', '69.164.203.172', '173.230.128.135', '66.228.34.49', '66.228.40.185', '50.116.36.92', '50.116.36.93', '50.116.3.171', '198.58.96.212', '50.116.63.221', '192.155.92.112', '192.81.128.31', '198.58.106.244', '192.155.95.139', '23.239.9.227', '198.58.112.103', '192.155.94.43', '162.216.16.33', '173.255.233.124', '173.255.233.124', '192.155.90.179', '50.116.41.217', '192.81.129.227', '198.58.111.80'); if (in_array($IP, $externalWhite)) { return true; } $list = wfConfig::get('whitelisted'); if (!$list) { return false; } $list = explode(',', $list); if (sizeof($list) < 1) { return false; } foreach ($list as $whiteIP) { if (preg_match('/\\[\\d+\\-\\d+\\]/', $whiteIP)) { $IPparts = explode('.', $IP); $whiteParts = explode('.', $whiteIP); $mismatch = false; for ($i = 0; $i <= 3; $i++) { if (preg_match('/^\\[(\\d+)\\-(\\d+)\\]$/', $whiteParts[$i], $m)) { if ($IPparts[$i] < $m[1] || $IPparts[$i] > $m[2]) { $mismatch = true; } } else { if ($whiteParts[$i] != $IPparts[$i]) { $mismatch = true; } } } if ($mismatch === false) { return true; //Is whitelisted because we did not get a mismatch } } else { if ($whiteIP == $IP) { return true; } } } return false; }