function rs_wpss_trackback_ip_filter($commentdata, $spamshield_options) { /** * Trackback/Pingback IP Filter * This will knock out 99.99% of Trackback/Pingback Spam * WordPress does not validate IP addresses of incoming Pingbacks & Trackbacks * WordPress checks URL of Pingbacks for link to this blog, but not Trackbacks * Keeping this separate and before content filter because it's fast * If passes this, then content filter will take out the rest */ /* Timer Start - Content Filter */ if (empty($commentdata['start_time_content_filter'])) { $wpss_start_time_content_filter = microtime(TRUE); $commentdata['start_time_content_filter'] = $wpss_start_time_content_filter; } $content_filter_status = $wpss_error_code = ''; /* Must go before tests */ $commentdata_remote_addr = rs_wpss_get_ip_addr(); $commentdata_remote_addr_lc = rs_wpss_casetrans('lower', $commentdata_remote_addr); $commentdata_comment_type = $commentdata['comment_type']; $commentdata_comment_author_url = $commentdata['comment_author_url']; $commentdata_comment_author_url_lc = rs_wpss_casetrans('lower', $commentdata_comment_author_url); /* Check to see if IP Trackback client IP matches IP of Server where link is supposedly coming from */ $trackback_domain = rs_wpss_get_domain($commentdata_comment_author_url_lc); $trackback_ip = rs_wpss_get_reverse_dns_ip($trackback_domain); if (rs_wpss_is_local_request() && $commentdata['comment_type'] === 'pingback') { $local_pingback = TRUE; } else { $local_pingback = FALSE; } if (empty($local_pingback) && $commentdata_remote_addr_lc !== $trackback_ip) { if (empty($content_filter_status)) { $content_filter_status = '3'; } $wpss_error_code .= ' TP1000-FIP-1'; } if (!empty($wpss_error_code)) { $wpss_error_code = trim($wpss_error_code); /* Timer End - Content Filter */ $wpss_end_time_content_filter = microtime(TRUE); $wpss_total_time_content_filter = rs_wpss_timer($commentdata['start_time_content_filter'], $wpss_end_time_content_filter, FALSE, 6, TRUE); $commentdata['total_time_content_filter'] = $wpss_total_time_content_filter; } $commentdata['wpss_error_code'] = trim($wpss_error_code); $commentdata['content_filter_status'] = $content_filter_status; return $commentdata; }
public static function early_post_intercept() { /** * SECURITY - Checks all incoming POST requests early for malicious behavior * Added 1.9.7.8 */ if ('POST' !== $_SERVER['REQUEST_METHOD'] || rs_wpss_is_local_request() || is_user_logged_in()) { return; } global $spamshield_options; if (empty($spamshield_options)) { $spamshield_options = get_option('spamshield_options'); } if (!empty($spamshield_options['disable_misc_form_shield'])) { return; } $url = rs_wpss_get_url(); $url_lc = rs_wpss_casetrans('lower', $url); $req_uri = $_SERVER['REQUEST_URI']; $req_uri_lc = rs_wpss_casetrans('lower', $req_uri); $epc_filter_status = $wpss_error_code = $log_pref = ''; $epc_jsck_error = $epc_badrobot_error = FALSE; $form_type = 'misc form'; $pref = 'EPC-'; $errors_3p = array(); $error_txt = rs_wpss_error_txt(); $server_name = WPSS_SERVER_NAME; $server_email_domain = rs_wpss_get_email_domain($server_name); $epc_serial_post = json_encode($_POST); $form_auth_dat = array('comment_author' => '', 'comment_author_email' => '', 'comment_author_url' => ''); $blocked = FALSE; $c = array('name' => '', 'value' => '1', 'expire' => time() + 60 * 60 * 24 * 365 * 1, 'path' => '/', 'domain' => rs_wpss_get_cookie_domain(), 'secure' => FALSE, 'httponly' => FALSE); if (rs_wpss_is_xmlrpc()) { if (empty($_POST) || !empty($_GET)) { $blocked = TRUE; } rs_wpss_start_session(); $c['name'] = 'P_XMLRPC'; } if (rs_wpss_is_doing_ajax()) { if (empty($_POST) && empty($_GET) || empty($_REQUEST['action'])) { $wpss_error_code .= ' ' . $pref . 'FAR1020'; $err_cod = 'fake_ajax_request_error'; $err_msg = __('That action is currently not allowed.'); $errors_3p[$err_cod] = $err_msg; } } if (rs_wpss_skiddie_ua_check()) { $wpss_error_code .= ' ' . $pref . 'UA1004'; $err_cod = 'badrobot_skiddie_error'; $err_msg = __('That action is currently not allowed.'); $errors_3p[$err_cod] = $err_msg; } if (rs_wpss_ubl_cache()) { if (TRUE === WPSS_IP_BAN_ENABLE && rs_wpss_is_xmlrpc()) { self::ip_ban(); } $wpss_error_code .= ' ' . $pref . '0-BL'; $err_cod = 'blacklisted_user_error'; $err_msg = __('That action is currently not allowed.'); $errors_3p[$err_cod] = $err_msg; } if (!empty($c['name'])) { /* Setting cookie to honeypot bad actors */ @setcookie($c['name'], $c['value'], $c['expire'], $c['path'], $c['domain'], $c['secure'], $c['httponly']); } if (!empty($wpss_error_code)) { rs_wpss_update_accept_status($form_auth_dat, 'r', 'Line: ' . __LINE__, $wpss_error_code); if (!empty($spamshield_options['comment_logging'])) { rs_wpss_log_data($form_auth_dat, $wpss_error_code, $form_type, $epc_serial_post); } } else { rs_wpss_update_accept_status($form_auth_dat, 'a', 'Line: ' . __LINE__); } /* Now output error message */ if (!empty($wpss_error_code)) { $error_msg = ''; foreach ($errors_3p as $c => $m) { $error_msg .= '<strong>' . $error_txt . ':</strong> ' . $m . '<br /><br />' . WPSS_EOL; } WP_SpamShield::wp_die($error_msg, TRUE); } }