/**
* @param $row
* @return bool|string
*/
private function serializeRow($row)
{
foreach ($this->rowsToB64 as $index) {
if (array_key_exists($index, $row)) {
$row[$index] = base64_encode($row[$index]);
}
}
$row = wfWAFUtils::json_encode($row);
if (is_string($row) && wfWAFUtils::strlen($row) > 0) {
return $row;
}
return false;
}
/**
* @param array $signatures
* @param bool $updateLastUpdatedTimestamp
*/
public function setMalwareSignatures($signatures, $updateLastUpdatedTimestamp = true)
{
try {
if (!is_array($signatures)) {
$signatures = array();
}
$authKey = $this->getStorageEngine()->getConfig('authKey');
$json = wfWAFUtils::json_encode($signatures);
$paddedKey = substr(str_repeat($authKey, ceil(strlen($json) / strlen($authKey))), 0, strlen($json));
$payload = $json ^ $paddedKey;
$this->getStorageEngine()->setConfig('filePatterns', base64_encode($payload));
if ($updateLastUpdatedTimestamp) {
$this->getStorageEngine()->setConfig('signaturesLastUpdated', is_int($updateLastUpdatedTimestamp) ? $updateLastUpdatedTimestamp : time());
}
} catch (Exception $e) {
//Ignore
}
}
<p>A potentially unsafe operation has been detected in your request to this site, and has been blocked by Wordfence.</p>
<?php
if ($urlParamsToWhitelist) {
?>
<p>If you are an administrator and you are certain this is a false positive, you can automatically whitelist this
request and repeat the same action.</p>
<form id="whitelist-form" action="<?php
echo htmlentities($waf->getRequest()->getPath(), ENT_QUOTES, 'utf-8');
?>
"
method="post">
<input type="hidden" name="wfwaf-false-positive-params"
value="<?php
echo htmlentities(wfWAFUtils::json_encode($urlParamsToWhitelist), ENT_QUOTES, 'utf-8');
?>
">
<input type="hidden" name="wfwaf-false-positive-nonce"
value="<?php
echo htmlentities($waf->getAuthCookieValue('nonce', ''), ENT_QUOTES, 'utf-8');
?>
">
<div id="whitelist-actions">
<p>
<label>
<input id="verified-false-positive-checkbox" type="checkbox" name="wfwaf-false-positive-verified"
value="1">
<em>I am certain this is a false positive.</em>
</label>
public static function synchronizeConfigSettings()
{
if (!class_exists('wfConfig')) {
// Ensure this is only called when WordPress and the plugin are fully loaded
return;
}
static $isSynchronizing = false;
if ($isSynchronizing) {
return;
}
$isSynchronizing = true;
global $wpdb;
$db = new wfDB();
// Pattern Blocks
$r1 = $db->querySelect("SELECT id, blockType, blockString FROM {$wpdb->base_prefix}wfBlocksAdv");
$patternBlocks = array();
foreach ($r1 as $blockRec) {
if ($blockRec['blockType'] == 'IU') {
$bDat = explode('|', $blockRec['blockString']);
$ipRange = isset($bDat[0]) ? $bDat[0] : '';
$uaPattern = isset($bDat[1]) ? $bDat[1] : '';
$refPattern = isset($bDat[2]) ? $bDat[2] : '';
$hostnamePattern = isset($bDat[3]) ? $bDat[3] : '';
$patternBlocks[] = array('id' => $blockRec['id'], 'ipRange' => $ipRange, 'hostnamePattern' => $hostnamePattern, 'uaPattern' => $uaPattern, 'refPattern' => $refPattern);
}
}
// Country Blocks
$wfLog = new wfLog(wfConfig::get('apiKey'), wfUtils::getWPVersion());
$cblCookie = $wfLog->getCBLCookieVal();
//Ensure we have the bypass cookie option set
$countryBlocks = array();
$countryBlocks['action'] = wfConfig::get('cbl_action', false);
$countryBlocks['loggedInBlocked'] = wfConfig::get('cbl_loggedInBlocked', false);
$countryBlocks['loginFormBlocked'] = wfConfig::get('cbl_loginFormBlocked', false);
$countryBlocks['restOfSiteBlocked'] = wfConfig::get('cbl_restOfSiteBlocked', false);
$countryBlocks['bypassRedirURL'] = wfConfig::get('cbl_bypassRedirURL', '');
$countryBlocks['bypassRedirDest'] = wfConfig::get('cbl_bypassRedirDest', '');
$countryBlocks['bypassViewURL'] = wfConfig::get('cbl_bypassViewURL', '');
$countryBlocks['redirURL'] = wfConfig::get('cbl_redirURL', '');
$countryBlocks['countries'] = explode(',', wfConfig::get('cbl_countries', ''));
$countryBlocks['cookieVal'] = $cblCookie;
//Other Blocks
$otherBlocks = array('blockedTime' => wfConfig::get('blockedTime', 0));
$otherBlockEntries = $db->querySelect("SELECT IP, blockedTime, reason, permanent, wfsn FROM {$wpdb->base_prefix}wfBlocks WHERE permanent = 1 OR (blockedTime + %d > unix_timestamp())", $otherBlocks['blockedTime']);
$otherBlocks['blocks'] = is_array($otherBlockEntries) ? $otherBlockEntries : array();
foreach ($otherBlocks['blocks'] as &$b) {
$b['IP'] = base64_encode($b['IP']);
}
// Save it
try {
$patternBlocksJSON = wfWAFUtils::json_encode($patternBlocks);
wfWAF::getInstance()->getStorageEngine()->setConfig('patternBlocks', $patternBlocksJSON);
$countryBlocksJSON = wfWAFUtils::json_encode($countryBlocks);
wfWAF::getInstance()->getStorageEngine()->setConfig('countryBlocks', $countryBlocksJSON);
$otherBlocksJSON = wfWAFUtils::json_encode($otherBlocks);
wfWAF::getInstance()->getStorageEngine()->setConfig('otherBlocks', $otherBlocksJSON);
wfWAF::getInstance()->getStorageEngine()->setConfig('advancedBlockingEnabled', wfConfig::get('firewallEnabled'));
wfWAF::getInstance()->getStorageEngine()->setConfig('disableWAFIPBlocking', wfConfig::get('disableWAFIPBlocking'));
} catch (Exception $e) {
// Do nothing
}
$isSynchronizing = false;
}