function sucuriscan_hardening_whitelist() { $template_variables = array('HardeningWhitelist.List' => '', 'HardeningWhitelist.NoItemsVisibility' => 'visible'); $allowed_folders = array('wp-includes', 'wp-content', 'wp-content/uploads'); // Add a new file to the hardening whitelist. if ($fwhite = SucuriScanRequest::post(':hardening_whitelist')) { $folder = SucuriScanRequest::post(':hardening_folder'); if (in_array($folder, $allowed_folders)) { try { SucuriScanHardening::whitelist($fwhite, $folder); SucuriScanInterface::info('File was whitelisted from the hardening'); } catch (Exception $e) { SucuriScanInterface::error($e->getMessage()); } } else { SucuriScanInterface::error('Specified folder is not hardened by this plugin'); } } // Remove a file from the hardening whitelist. if ($rmfwhite = SucuriScanRequest::post(':hardening_rmfwhite', '_array')) { foreach ($rmfwhite as $fpath) { $fpath = str_replace('/.*/', '|', $fpath); $parts = explode('|', $fpath, 2); SucuriScanHardening::dewhitelist($parts[1], $parts[0]); } SucuriScanInterface::info('Selected files were processed successfully'); } // Read the access control file and retrieve the whitelisted files. $counter = 0; foreach ($allowed_folders as $folder) { $files = SucuriScanHardening::get_whitelisted($folder); if ($files !== false) { $template_variables['HardeningWhitelist.NoItemsVisibility'] = 'hidden'; foreach ($files as $file) { $css_class = $counter % 2 === 0 ? '' : 'alternate'; $fregexp = sprintf('%s/.*/%s', $folder, $file); $html = SucuriScanTemplate::get_snippet('hardening-whitelist', array('HardeningWhitelist.CssClass' => $css_class, 'HardeningWhitelist.File' => SucuriScan::escape($file), 'HardeningWhitelist.Folder' => SucuriScan::escape($folder), 'HardeningWhitelist.Regexp' => SucuriScan::escape($fregexp))); $template_variables['HardeningWhitelist.List'] .= $html; $counter++; } } } return SucuriScanTemplate::get_section('hardening-whitelist', $template_variables); }