/**
* @param WP_Filesystem_Base $wp_filesystem
* @throws wfWAFAutoPrependHelperException
*/
public function performInstallation($wp_filesystem)
{
$bootstrapPath = wordfence::getWAFBootstrapPath();
if (!$wp_filesystem->put_contents($bootstrapPath, wordfence::getWAFBootstrapContent($this->currentAutoPrependedFile))) {
throw new wfWAFAutoPrependHelperException('We were unable to create the <code>wordfence-waf.php</code> file
in the root of the WordPress installation. It\'s possible WordPress cannot write to the <code>wordfence-waf.php</code>
file because of file permissions. Please verify the permissions are correct and retry the installation.');
}
$serverConfig = $this->getServerConfig();
$htaccessPath = $this->getHtaccessPath();
$homePath = dirname($htaccessPath);
$userIniPath = $this->getUserIniPath();
$userIni = ini_get('user_ini.filename');
$userIniHtaccessDirectives = '';
if ($userIni) {
$userIniHtaccessDirectives = sprintf('<Files "%s">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</Files>
', addcslashes($userIni, '"'));
}
// .htaccess configuration
switch ($serverConfig) {
case 'apache-mod_php':
$autoPrependDirective = sprintf("# Wordfence WAF\n<IfModule mod_php%d.c>\n\tphp_value auto_prepend_file '%s'\n</IfModule>\n{$userIniHtaccessDirectives}\n# END Wordfence WAF\n", PHP_MAJOR_VERSION, addcslashes($bootstrapPath, "'"));
break;
case 'litespeed':
$autoPrependDirective = sprintf("# Wordfence WAF\n<IfModule LiteSpeed>\nphp_value auto_prepend_file '%s'\n</IfModule>\n{$userIniHtaccessDirectives}\n# END Wordfence WAF\n", addcslashes($bootstrapPath, "'"));
break;
case 'apache-suphp':
$autoPrependDirective = sprintf("# Wordfence WAF\n<IfModule mod_suphp.c>\n\tsuPHP_ConfigPath '%s'\n</IfModule>\n{$userIniHtaccessDirectives}\n# END Wordfence WAF\n", addcslashes($homePath, "'"));
break;
case 'cgi':
if ($userIniHtaccessDirectives) {
$autoPrependDirective = sprintf("# Wordfence WAF\n{$userIniHtaccessDirectives}\n# END Wordfence WAF\n", addcslashes($homePath, "'"));
}
break;
}
if (!empty($autoPrependDirective)) {
// Modify .htaccess
$htaccessContent = $wp_filesystem->get_contents($htaccessPath);
if ($htaccessContent) {
$regex = '/# Wordfence WAF.*?# END Wordfence WAF/is';
if (preg_match($regex, $htaccessContent, $matches)) {
$htaccessContent = preg_replace($regex, $autoPrependDirective, $htaccessContent);
} else {
$htaccessContent .= "\n\n" . $autoPrependDirective;
}
} else {
$htaccessContent = $autoPrependDirective;
}
if (!$wp_filesystem->put_contents($htaccessPath, $htaccessContent)) {
throw new wfWAFAutoPrependHelperException('We were unable to make changes to the .htaccess file. It\'s
possible WordPress cannot write to the .htaccess file because of file permissions, which may have been
set by another security plugin, or you may have set them manually. Please verify the permissions allow
the web server to write to the file, and retry the installation.');
}
if ($serverConfig == 'litespeed') {
// sleep(2);
$wp_filesystem->touch($htaccessPath);
}
}
if ($userIni) {
// .user.ini configuration
switch ($serverConfig) {
case 'cgi':
case 'nginx':
case 'apache-suphp':
case 'litespeed':
case 'iis':
$autoPrependIni = sprintf("; Wordfence WAF\nauto_prepend_file = '%s'\n; END Wordfence WAF\n", addcslashes($bootstrapPath, "'"));
break;
}
if (!empty($autoPrependIni)) {
// Modify .user.ini
$userIniContent = $wp_filesystem->get_contents($userIniPath);
if (is_string($userIniContent)) {
$userIniContent = str_replace('auto_prepend_file', ';auto_prepend_file', $userIniContent);
$regex = '/; Wordfence WAF.*?; END Wordfence WAF/is';
if (preg_match($regex, $userIniContent, $matches)) {
$userIniContent = preg_replace($regex, $autoPrependIni, $userIniContent);
} else {
$userIniContent .= "\n\n" . $autoPrependIni;
}
} else {
$userIniContent = $autoPrependIni;
}
if (!$wp_filesystem->put_contents($userIniPath, $userIniContent)) {
throw new wfWAFAutoPrependHelperException(sprintf('We were unable to make changes to the %1$s file.
It\'s possible WordPress cannot write to the %1$s file because of file permissions.
Please verify the permissions are correct and retry the installation.', basename($userIniPath)));
}
}
}
}
/**
* @param WP_Filesystem_Base $wp_filesystem
* @throws wfWAFAutoPrependHelperException
*
* @return bool Whether or not the .user.ini still has a commented-out auto_prepend_file setting
*/
public function performIniRemoval($wp_filesystem)
{
$serverConfig = $this->getServerConfig();
$htaccessPath = $this->getHtaccessPath();
$userIniPath = $this->getUserIniPath();
$userIni = ini_get('user_ini.filename');
// Modify .htaccess
$htaccessContent = $wp_filesystem->get_contents($htaccessPath);
if (is_string($htaccessContent)) {
$htaccessContent = preg_replace('/# Wordfence WAF.*?# END Wordfence WAF/is', '', $htaccessContent);
} else {
$htaccessContent = '';
}
if (!$wp_filesystem->put_contents($htaccessPath, $htaccessContent)) {
throw new wfWAFAutoPrependHelperException('We were unable to make changes to the .htaccess file. It\'s
possible WordPress cannot write to the .htaccess file because of file permissions, which may have been
set by another security plugin, or you may have set them manually. Please verify the permissions allow
the web server to write to the file, and retry the installation.');
}
if ($serverConfig == 'litespeed') {
// sleep(2);
$wp_filesystem->touch($htaccessPath);
}
if ($userIni) {
// Modify .user.ini
$userIniContent = $wp_filesystem->get_contents($userIniPath);
if (is_string($userIniContent)) {
$userIniContent = preg_replace('/; Wordfence WAF.*?; END Wordfence WAF/is', '', $userIniContent);
$userIniContent = str_replace('auto_prepend_file', ';auto_prepend_file', $userIniContent);
} else {
$userIniContent = '';
}
if (!$wp_filesystem->put_contents($userIniPath, $userIniContent)) {
throw new wfWAFAutoPrependHelperException(sprintf('We were unable to make changes to the %1$s file.
It\'s possible WordPress cannot write to the %1$s file because of file permissions.
Please verify the permissions are correct and retry the installation.', basename($userIniPath)));
}
return strpos($userIniContent, 'auto_prepend_file') !== false;
}
return false;
}
