function block_selected_ips($entries) { global $wpdb, $aio_wp_security; if (is_array($entries)) { if (isset($_REQUEST['_wp_http_referer'])) { //Let's go through each entry and block IP foreach ($entries as $id) { $ip_address = get_user_meta($id, 'aiowps_registrant_ip', true); $result = AIOWPSecurity_Blocking::add_ip_to_block_list($ip_address, 'registration_spam'); if ($result === false) { $aio_wp_security->debug_logger->log_debug("AIOWPSecurity_List_Registered_Users::block_selected_ips() - could not block IP : {$ip_address}", 4); } } $msg = __('The selected IP addresses were successfully added to the permanent block list!', 'all-in-one-wp-security-and-firewall'); $msg .= ' <a href="admin.php?page=' . AIOWPSEC_MAIN_MENU_SLUG . '&tab=tab4" target="_blank">' . __('View Blocked IPs', 'all-in-one-wp-security-and-firewall') . '</a>'; AIOWPSecurity_Admin_Menu::show_msg_updated_st($msg); } } elseif ($entries != NULL) { $nonce = isset($_GET['aiowps_nonce']) ? $_GET['aiowps_nonce'] : ''; if (!isset($nonce) || !wp_verify_nonce($nonce, 'block_ip')) { $aio_wp_security->debug_logger->log_debug("Nonce check failed for block IP operation of registered user!", 4); die(__('Nonce check failed for block IP operation of registered user!', 'all-in-one-wp-security-and-firewall')); } //Block single IP $result = AIOWPSecurity_Blocking::add_ip_to_block_list($entries, 'registration_spam'); if ($result === true) { $msg = __('The selected IP was successfully added to the permanent block list!', 'all-in-one-wp-security-and-firewall'); $msg .= ' <a href="admin.php?page=' . AIOWPSEC_MAIN_MENU_SLUG . '&tab=tab4" target="_blank">' . __('View Blocked IPs', 'all-in-one-wp-security-and-firewall') . '</a>'; AIOWPSecurity_Admin_Menu::show_msg_updated_st($msg); } else { $aio_wp_security->debug_logger->log_debug("AIOWPSecurity_List_Registered_Users::block_selected_ips() - could not block IP: {$entries}", 4); } } }
/** * Will check auto-spam blocking settings and will add IP to blocked table accordingly * @param $comment_id */ function block_comment_ip($comment_id) { global $aio_wp_security, $wpdb; $comment_obj = get_comment($comment_id); $comment_ip = $comment_obj->comment_author_IP; //Get number of spam comments from this IP $sql = $wpdb->prepare("SELECT * FROM {$wpdb->comments}\n WHERE comment_approved = 'spam'\n AND comment_author_IP = %s\n ", $comment_ip); $comment_data = $wpdb->get_results($sql, ARRAY_A); $spam_count = count($comment_data); $min_comment_before_block = $aio_wp_security->configs->get_value('aiowps_spam_ip_min_comments_block'); if (!empty($min_comment_before_block) && $spam_count >= $min_comment_before_block - 1) { AIOWPSecurity_Blocking::add_ip_to_block_list($comment_ip, 'spam'); } }
function prepare_items() { //First, lets decide how many records per page to show $per_page = 20; $columns = $this->get_columns(); $hidden = array(); $sortable = $this->get_sortable_columns(); $this->_column_headers = array($columns, $hidden, $sortable); $this->process_bulk_action(); global $wpdb; global $aio_wp_security; $minimum_comments_per_ip = $aio_wp_security->configs->get_value('aiowps_spam_ip_min_comments'); if (empty($minimum_comments_per_ip)) { $minimum_comments_per_ip = 5; } /* -- Ordering parameters -- */ //Parameters that are going to be used to order the result isset($_GET["orderby"]) ? $orderby = strip_tags($_GET["orderby"]) : ($orderby = ''); isset($_GET["order"]) ? $order = strip_tags($_GET["order"]) : ($order = ''); $orderby = !empty($orderby) ? esc_sql($orderby) : 'amount'; $order = !empty($order) ? esc_sql($order) : 'DESC'; $orderby = AIOWPSecurity_Utility::sanitize_value_by_array($orderby, $sortable); $order = AIOWPSecurity_Utility::sanitize_value_by_array($order, array('DESC' => '1', 'ASC' => '1')); $sql = $wpdb->prepare("SELECT comment_author_IP, COUNT(*) AS amount\n FROM {$wpdb->comments} \n WHERE comment_approved = 'spam'\n GROUP BY comment_author_IP\n HAVING amount >= %d\n ORDER BY {$orderby} {$order}\n ", $minimum_comments_per_ip); $data = $wpdb->get_results($sql, ARRAY_A); //Get all permamnetly blocked IP addresses $block_list = AIOWPSecurity_Blocking::get_list_blocked_ips(); if (!empty($block_list)) { foreach ($data as $key => $value) { if (in_array($value['comment_author_IP'], $block_list)) { $data[$key]['status'] = 'blocked'; } } } $current_page = $this->get_pagenum(); $total_items = count($data); $data = array_slice($data, ($current_page - 1) * $per_page, $per_page); $this->items = $data; $this->set_pagination_args(array('total_items' => $total_items, 'per_page' => $per_page, 'total_pages' => ceil($total_items / $per_page))); }
/** * Will check the current visitor IP against the blocked table * If IP present will block the visitor from viewing the site */ static function check_visitor_ip_and_perform_blocking() { global $aio_wp_security, $wpdb; $visitor_ip = AIOWPSecurity_Utility_IP::get_user_ip_address(); $ip_type = WP_Http::is_ip_address($visitor_ip); if (empty($ip_type)) { $aio_wp_security->debug_logger->log_debug("do_general_ip_blocking_tasks: " . $visitor_ip . " is not a valid IP!", 4); return; } //Check if this IP address is in the block list $blocked = AIOWPSecurity_Blocking::is_ip_blocked($visitor_ip); //TODO - future feature: add blocking whitelist and check if (empty($blocked)) { return; //Visitor IP is not blocked - allow page to load } else { //block this visitor!! AIOWPSecurity_Utility::redirect_to_url('http://127.0.0.1'); } return; }