public function process($ip, &$stats = array(), &$options = array(), &$post = array())
{
// load the chk404 module
if ($options['chk404'] !== 'Y') {
return false;
}
$reason = be_load('chk404', $ip);
if ($reason === false) {
return;
}
// update log
kpg_ss_log_bad($ip, $reason, 'chk404');
// need to deny access
$rejectmessage = $options['rejectmessage'];
wp_die("{$rejectmessage}", "Login Access Denied", array('response' => 403));
exit;
}
public function process($ip, &$stats = array(), &$options = array(), &$post = array())
{
// does all of the post checks.
// these are the deny before addons
// returns array
//[0]=class location,[1]=class name (also used as counter),[2]=addon name,
//[3]=addon author, [4]=addon description
$addons = array();
$addons = apply_filters('kpg_ss_addons_deny', $addons);
if (!empty($addons) && is_array($addons)) {
foreach ($addons as $add) {
if (!empty($add) && is_array($add)) {
$reason = be_load($add, kpg_get_ip(), $stats, $options, $post);
if ($reason !== false) {
// need to log a passed hit on post here.
kpg_ss_log_bad(kpg_get_ip(), $reason, $add[1], $add);
exit;
}
}
}
}
// here on a post only so it will not check GET vars.
$noipactions = array('chkagent', 'chkbbcode', 'chkblem', 'chkbluserid', 'chkdisp', 'chkexploits', 'chklong', 'chkreferer', 'chksession', 'chkspamwords', 'chktld', 'chkaccept', 'chkadmin');
$actions = array('chkamazon', 'chkbcache', 'chkblip', 'chkdisp', 'chkhosting', 'chkinvalidip', 'chkubiquity', 'chkmulti', 'chkgooglesafe', 'chkAD', 'chkAE', 'chkAF', 'chkAL', 'chkAM', 'chkAR', 'chkAT', 'chkAU', 'chkAX', 'chkAZ', 'chkBA', 'chkBB', 'chkBD', 'chkBE', 'chkBG', 'chkBH', 'chkBN', 'chkBO', 'chkBR', 'chkBS', 'chkBY', 'chkBZ', 'chkCA', 'chkCD', 'chkCH', 'chkCL', 'chkCN', 'chkCO', 'chkCR', 'chkCU', 'chkCW', 'chkCY', 'chkCZ', 'chkDE', 'chkDK', 'chkDO', 'chkDZ', 'chkEC', 'chkEE', 'chkES', 'chkEU', 'chkFI', 'chkFJ', 'chkFR', 'chkGB', 'chkGE', 'chkGF', 'chkGI', 'chkGP', 'chkGR', 'chkGT', 'chkGU', 'chkGY', 'chkHK', 'chkHN', 'chkHR', 'chkHT', 'chkHU', 'chkID', 'chkIE', 'chkIL', 'chkIN', 'chkIQ', 'chkIR', 'chkIS', 'chkIT', 'chkJM', 'chkJO', 'chkJP', 'chkKE', 'chkKG', 'chkKH', 'chkKR', 'chkKW', 'chkKY', 'chkKZ', 'chkLA', 'chkLB', 'chkLK', 'chkLT', 'chkLU', 'chkLV', 'chkMD', 'chkME', 'chkMK', 'chkMM', 'chkMN', 'chkMO', 'chkMP', 'chkMQ', 'chkMT', 'chkMV', 'chkMX', 'chkMY', 'chkNC', 'chkNI', 'chkNL', 'chkNO', 'chkNP', 'chkNZ', 'chkOM', 'chkPA', 'chkPE', 'chkPG', 'chkPH', 'chkPK', 'chkPL', 'chkPR', 'chkPS', 'chkPT', 'chkPW', 'chkPY', 'chkQA', 'chkRO', 'chkRS', 'chkRU', 'chkSA', 'chkSC', 'chkSE', 'chkSG', 'chkSI', 'chkSK', 'chkSV', 'chkSX', 'chkSY', 'chkTH', 'chkTJ', 'chkTM', 'chkTR', 'chkTT', 'chkTW', 'chkUA', 'chkUK', 'chkUS', 'chkUY', 'chkUZ', 'chkVC', 'chkVE', 'chkVN', 'chkYE', 'chksfs', 'chkhoney', 'chkbotscout', 'chkdnsbl');
$chk = '';
// start with the no ip list
foreach ($noipactions as $chk) {
if ($options[$chk] == 'Y') {
$reason = be_load($chk, kpg_get_ip(), $stats, $options, $post);
if ($reason !== false) {
break;
}
}
}
if ($reason === false) {
// check for a valid ip - if ip is valid we can do the ip checks
$actionvalid = array('chkvalidip');
// took out the cloudflare exclusion
foreach ($actionvalid as $chk) {
$reason = be_load($chk, kpg_get_ip(), $stats, $options, $post);
if ($reason !== false) {
break;
}
}
// if the ip is valid reason will be false
if ($reason !== false) {
return false;
}
}
if ($reason === false) {
foreach ($actions as $chk) {
if ($options[$chk] == 'Y') {
$reason = be_load($chk, kpg_get_ip(), $stats, $options, $post);
if ($reason !== false) {
break;
}
}
}
}
//sfs_debug_msg("check post $ip, ".print_r($post,true));
if (array_key_exists('email', $post) && $post['email'] == '*****@*****.**') {
$post['reason'] = "testing IP - will always be blocked";
// use to test plugin
be_load('kpg_ss_challenge', kpg_get_ip(), $stats, $options, $post);
return;
}
// these are the deny after addons
// returns array
//[0]=class location,[1]=class name (also used as counter),[2]=addon name,
//[3]=addon author, [4]=addon description
if ($reason === false) {
return false;
}
// here because we have a spammer that's been caught
kpg_ss_log_bad(kpg_get_ip(), $reason, $chk);
exit;
}
function kpg_ss_init()
{
remove_action('init', 'kpg_ss_init');
// incompatible with a jetpack submit
if ($_POST != null && array_key_exists('jetpack_protect_num', $_POST)) {
return;
}
// emember trying to log in - disable plugin for emember logins.
if (function_exists('wp_emember_is_member_logged_in')) {
// only emember function I could find after 30 econds of googling.
if (!empty($_POST) && array_key_exists('login_pwd', $_POST)) {
return;
}
}
// set up the akismet hit
add_action('akismet_spam_caught', 'kpg_ss_log_akismet');
//hook akismet spam
$muswitch = 'N';
// fcheck to see if this is an opencpatcha image request - we need this to get the image
if ($_GET != null && array_key_exists('ocimg', $_GET)) {
// returns the image
$s = $_GET['ocimg'];
header('Content-Type: image/jpeg');
$response = wp_remote_get('http://www.opencaptcha.com/img/' . $s);
echo wp_remote_retrieve_body($response);
exit;
}
if (function_exists('is_multisite') && is_multisite()) {
$muswitch = 'Y';
// check the muswitch option
$muswitch = 'Y';
switch_to_blog(1);
// get the mu option
$muswitch = get_option('kpg_muswitch');
if (empty($muswitch)) {
$muswitch = 'Y';
}
// by default we operate in network mode with blog(1) being the main.
if ($muswitch != 'N') {
$muswitch = 'Y';
}
restore_current_blog();
if ($muswitch == 'Y') {
// install the hooks for options
define('KPG_SS_MU', $muswitch);
kpg_sp_require('includes/ss-mu-options.php');
kpg_ssp_global_setup();
}
} else {
define('KPG_SS_MU', $muswitch);
}
if (function_exists('is_user_logged_in')) {
// check to see if we need to hook the settings
// load the settings if logged in
if (is_user_logged_in()) {
if (current_user_can('manage_options')) {
kpg_sp_require('includes/ss-admin-options.php');
return;
}
}
}
// user is not logged in. We can do checks.
// add the new user hooks
global $wp_version;
if (!version_compare($wp_version, "3.1", "<")) {
// only in newer versions
add_action('user_register', 'kpg_new_user_ip');
add_action('wp_login', 'kpg_log_user_ip', 10, 2);
}
// don't do anything else if the emember is logged in
if (function_exists('wp_emember_is_member_logged_in')) {
if (wp_emember_is_member_logged_in()) {
return;
}
}
if (isset($_POST) && !empty($_POST)) {
// see if we are returning from a deny
if (array_key_exists('kpg_deny', $_POST) && array_key_exists('kn', $_POST)) {
//deny form hit
$knonce = $_POST['kn'];
if (!empty($knonce) && wp_verify_nonce($knonce, 'kpg_stopspam_deny')) {
//call the checker program
sfs_errorsonoff();
$options = kpg_ss_get_options();
$stats = kpg_ss_get_stats();
$post = get_post_variables();
be_load('kpg_ss_challenge', kpg_get_ip(), $stats, $options, $post);
// if we come back we continue as normal
sfs_errorsonoff('off');
return;
//
}
}
// need to check that we are not Allow Listed.
// don' check if ip is google, etc
// check to see if we are doing a post with values
$post = get_post_variables();
if (!empty($post['email']) || !empty($post['author']) || !empty($post['comment'])) {
// must be a login or a comment which require minimum stuff
//sfs_debug_msg('email or author '.print_r($post,true));
$reason = kpg_ss_check_white();
if ($reason !== false) {
//sfs_debug_msg("return from white $reason");
return;
}
//sfs_debug_msg('past white ');
kpg_ss_check_post();
// on POST check if we need to stop comments or logins
} else {
//sfs_debug_msg('no email or author '.print_r($post,true));
}
} else {
// this is a get - check for get addons
$addons = array();
$addons = apply_filters('kpg_ss_addons_get', $addons);
// these are the allow before addons
// returns array
//[0]=class location,[1]=class name (also used as counter),[2]=addon name,
//[3]=addon author, [4]=addon description
if (!empty($addons) && is_array($addons)) {
foreach ($addons as $add) {
if (!empty($add) && is_array($add)) {
$options = kpg_ss_get_options();
$stats = kpg_ss_get_stats();
$post = get_post_variables();
$reason = be_load($add, kpg_get_ip(), $stats, $options);
if ($reason !== false) {
// need to log a passed hit on post here.
kpg_ss_log_bad(kpg_get_ip(), $reason, $add[1], $add);
return;
}
}
}
}
}
add_action('template_redirect', 'kpg_ss_check_404s');
// check missed hits for robots scanning for exploits.
add_action('kpg_stop_spam_caught', 'kpg_caught_action', 10, 2);
// hook stop spam - for testing
add_action('kpg_stop_spam_OK', 'kpg_stop_spam_OK', 10, 2);
// hook stop spam - for testing
}
