예제 #1
0
 function OnPageStart()
 {
     if (self::isSafetyRequest()) {
         //Check only GET and POST request
         return;
     }
     global $APPLICATION, $DB, $BX_SECURITY_AV_TIMEOUT, $BX_SECURITY_AV_ACTION;
     $BX_SECURITY_AV_TIMEOUT = COption::GetOptionInt("security", "antivirus_timeout");
     $BX_SECURITY_AV_ACTION = COption::GetOptionInt("security", "antivirus_action");
     //user white list
     global $BX_SECURITY_AV_WHITE_LIST, $CACHE_MANAGER;
     if ($CACHE_MANAGER->Read(36000, "b_sec_white_list")) {
         $BX_SECURITY_AV_WHITE_LIST = $CACHE_MANAGER->Get("b_sec_white_list");
     } else {
         $BX_SECURITY_AV_WHITE_LIST = array();
         $res = CSecurityAntiVirus::GetWhiteList();
         while ($ar = $res->Fetch()) {
             $BX_SECURITY_AV_WHITE_LIST[] = $ar["WHITE_SUBSTR"];
         }
         $CACHE_MANAGER->Set("b_sec_white_list", $BX_SECURITY_AV_WHITE_LIST);
     }
     //Init DB in order to be able to register the event in the shutdown function
     CSecurityDB::Init();
     //Check if we started output buffering in auto_prepend_file
     //so we'll have chances to detect virus before prolog
     if (defined("BX_SECURITY_AV_STARTED")) {
         $content = ob_get_contents();
         ob_end_clean();
         if (strlen($content)) {
             $Antivirus = new CSecurityAntiVirus("pre");
             $Antivirus->Analyze($content);
             echo $content;
         }
     }
     //Initiate monitoring of output that can be after working antivirus.
     register_shutdown_function(array('CSecurityAntiVirus', 'PHPShutdown'));
     //Check notification from previous hit
     $fname = $_SERVER["DOCUMENT_ROOT"] . BX_PERSONAL_ROOT . "/managed_cache/b_sec_virus";
     if (file_exists($fname)) {
         $rsInfo = $DB->Query("select * from b_sec_virus where SENT='N'");
         if ($arInfo = $rsInfo->Fetch()) {
             if ($table_lock = CSecurityDB::LockTable('b_sec_virus', $APPLICATION->GetServerUniqID() . "_virus")) {
                 $SITE_ID = false;
                 do {
                     $SITE_ID = $arInfo["SITE_ID"];
                     if (strlen($arInfo["INFO"])) {
                         $arEvent = unserialize(base64_decode($arInfo["INFO"]));
                         if (is_array($arEvent)) {
                             $DB->Add("b_event_log", $arEvent, array("DESCRIPTION"));
                         }
                     }
                     CSecurityDB::Query("update b_sec_virus set SENT='Y' where ID='" . $arInfo["ID"] . "'", '');
                 } while ($arInfo = $rsInfo->Fetch());
                 CTimeZone::Disable();
                 $arDate = localtime(time());
                 $date = mktime($arDate[2], $arDate[1] - $BX_SECURITY_AV_TIMEOUT, 0, $arDate[4] + 1, $arDate[3], 1900 + $arDate[5]);
                 CSecurityDB::Query("DELETE FROM b_sec_virus WHERE TIMESTAMP_X <= " . $DB->CharToDateFunction(ConvertTimeStamp($date, "FULL")), '');
                 CTimeZone::Enable();
                 CEvent::Send("VIRUS_DETECTED", $SITE_ID ? $SITE_ID : SITE_ID, array("EMAIL" => COption::GetOptionString("main", "email_from", "")));
                 CSecurityDB::UnlockTable($table_lock);
                 @unlink($fname);
             }
         }
     }
 }
예제 #2
0
$data['high']['ITEMS'][] = array("IS_OK" => $bIPProtection && $msgStopListDisabled === false, "KPI_NAME" => GetMessage("SEC_PANEL_IPBLOCK_NAME"), "KPI_VALUE" => $bIPProtection && $msgStopListDisabled === false ? GetMessage("SEC_PANEL_IPBLOCK_VALUE_ON") : GetMessage("SEC_PANEL_IPBLOCK_VALUE_OFF"), "KPI_RECOMMENDATION" => $bIPProtection ? $msgStopListDisabled === false ? '&nbsp;' : $msgStopListDisabled->Show() : ($USER->CanDoOperation('security_iprule_admin_settings_write') ? '<a href="security_iprule_admin.php?lang=' . LANGUAGE_ID . '&amp;return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '">' . GetMessage("SEC_PANEL_IPBLOCK_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_IPBLOCK_RECOMMENDATION")));
$bSessionsDB = COption::GetOptionString("security", "session") == "Y";
$data['high']['ITEMS'][] = array("IS_OK" => $bSessionsDB, "KPI_NAME" => GetMessage("SEC_PANEL_SESSDB_NAME"), "KPI_VALUE" => $bSessionsDB ? GetMessage("SEC_PANEL_SESSDB_VALUE_ON") : GetMessage("SEC_PANEL_SESSDB_VALUE_OFF"), "KPI_RECOMMENDATION" => $bSessionsDB ? '&nbsp;' : ($USER->CanDoOperation('security_session_settings_write') ? '<a href="security_session.php?lang=' . LANGUAGE_ID . '&amp;return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '&amp;tabControl_active_tab=savedb">' . GetMessage("SEC_PANEL_SESSDB_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_SESSDB_RECOMMENDATION")));
$bSessionTTL = COption::GetOptionString("main", "use_session_id_ttl", "N") == "Y" && COption::GetOptionInt("main", "session_id_ttl", 0) > 0;
$data['high']['ITEMS'][] = array("IS_OK" => $bSessionTTL, "KPI_NAME" => GetMessage("SEC_PANEL_SESSID_NAME"), "KPI_VALUE" => $bSessionTTL ? GetMessage("SEC_PANEL_SESSID_VALUE_ON") : GetMessage("SEC_PANEL_SESSID_VALUE_OFF"), "KPI_RECOMMENDATION" => $bSessionTTL ? '&nbsp;' : ($USER->CanDoOperation('security_session_settings_write') ? '<a href="security_session.php?lang=' . LANGUAGE_ID . '&amp;return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '&amp;tabControl_active_tab=sessid">' . GetMessage("SEC_PANEL_SESSID_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_SESSID_RECOMMENDATION")));
$bRedirect = CSecurityRedirect::IsActive();
$data['high']['ITEMS'][] = array("IS_OK" => $bRedirect, "KPI_NAME" => GetMessage("SEC_PANEL_ANTIFISHING_NAME"), "KPI_VALUE" => $bRedirect ? GetMessage("SEC_PANEL_ANTIFISHING_VALUE_ON") : GetMessage("SEC_PANEL_ANTIFISHING_VALUE_OFF"), "KPI_RECOMMENDATION" => $bRedirect ? '&nbsp;' : ($USER->CanDoOperation('security_redirect_settings_write') ? '<a href="security_redirect.php?lang=' . LANGUAGE_ID . '&amp;return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '">' . GetMessage("SEC_PANEL_ANTIFISHING_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_ANTIFISHING_RECOMMENDATION")));
$bOTP = CSecurityUser::isActive();
$data['very_high']['ITEMS'][] = array("IS_OK" => $bOTP, "KPI_NAME" => GetMessage("SEC_PANEL_OTP_NAME"), "KPI_VALUE" => $bOTP ? GetMessage("SEC_PANEL_OTP_VALUE_ON") : GetMessage("SEC_PANEL_OTP_VALUE_OFF"), "KPI_RECOMMENDATION" => $bOTP ? '&nbsp;' : ($USER->CanDoOperation('security_otp_settings_write') ? '<a href="security_otp.php?lang=' . LANGUAGE_ID . '&amp;return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '">' . GetMessage("SEC_PANEL_OTP_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_OTP_RECOMMENDATION")));
$timeFC = COption::GetOptionInt("security", "last_files_check", -1);
$data['very_high']['ITEMS'][] = array("IS_OK" => $timeFC > 1 && time() - $timeFC < 7 * 24 * 3600, "KPI_NAME" => GetMessage("SEC_PANEL_FILES_NAME"), "KPI_VALUE" => $timeFC < 0 ? GetMessage("SEC_PANEL_FILES_VALUE_NEVER") : (time() - $timeFC > 24 * 3600 ? GetMessage("SEC_PANEL_FILES_VALUE_LONGTIMEAGO") : GetMessage("SEC_PANEL_FILES_VALUE_ACTUAL")), "KPI_RECOMMENDATION" => $timeFC > 1 && time() - $timeFC < 7 * 24 * 3600 ? '&nbsp;' : ($USER->CanDoOperation('security_file_verifier_verify') ? '<a href="security_file_verifier.php?lang=' . LANGUAGE_ID . '">' . GetMessage("SEC_PANEL_FILES_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_FILES_RECOMMENDATION")));
$bSecurityAV = CSecurityAntiVirus::IsActive();
$data['very_high']['ITEMS'][] = array("IS_OK" => $bSecurityAV, "KPI_NAME" => GetMessage("SEC_PANEL_ANTIVIRUS_NAME"), "KPI_VALUE" => $bSecurityAV ? GetMessage("SEC_PANEL_ANTIVIRUS_VALUE_ON") : GetMessage("SEC_PANEL_ANTIVIRUS_VALUE_OFF"), "KPI_RECOMMENDATION" => $bSecurityAV ? '&nbsp;' : ($USER->CanDoOperation('security_antivirus_settings_write') ? '<a href="security_antivirus.php?lang=' . LANGUAGE_ID . '&amp;return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '">' . GetMessage("SEC_PANEL_ANTIVIRUS_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_ANTIVIRUS_RECOMMENDATION")));
$strSecurityAVAction = COption::GetOptionString("security", "antivirus_action");
$data['very_high']['ITEMS'][] = array("IS_OK" => $strSecurityAVAction !== "notify_only", "KPI_NAME" => GetMessage("SEC_PANEL_AV_ACTION_NAME"), "KPI_VALUE" => $strSecurityAVAction === "notify_only" ? GetMessage("SEC_PANEL_AV_ACTION_VALUE_NOTIFY") : GetMessage("SEC_PANEL_AV_ACTION_VALUE_ACT"), "KPI_RECOMMENDATION" => $strSecurityAVAction !== "notify_only" ? '&nbsp;' : ($USER->CanDoOperation('security_antivirus_settings_write') ? '<a href="security_antivirus.php?lang=' . LANGUAGE_ID . '&amp;return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '&amp;tabControl_active_tab=params">' . GetMessage("SEC_PANEL_AV_ACTION_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_AV_ACTION_RECOMMENDATION")));
$rsSecurityWhiteList = CSecurityAntiVirus::GetWhiteList();
if ($rsSecurityWhiteList->Fetch()) {
    $bSecurityWhiteList = true;
} else {
    $bSecurityWhiteList = false;
}
$data['very_high']['ITEMS'][] = array("IS_OK" => !$bSecurityWhiteList, "KPI_NAME" => GetMessage("SEC_PANEL_AV_WHITE_LIST_NAME"), "KPI_VALUE" => $bSecurityWhiteList ? GetMessage("SEC_PANEL_AV_WHITE_LIST_VALUE_ON") : GetMessage("SEC_PANEL_AV_WHITE_LIST_VALUE_OFF"), "KPI_RECOMMENDATION" => !$bSecurityWhiteList ? '&nbsp;' : ($USER->CanDoOperation('security_antivirus_settings_write') ? '<a href="security_antivirus.php?lang=' . LANGUAGE_ID . '&amp;return_url=' . urlencode('security_panel.php?lang=' . LANGUAGE_ID) . '&amp;tabControl_active_tab=exceptions">' . GetMessage("SEC_PANEL_AV_WHITE_LIST_RECOMMENDATION") . '</a>' : GetMessage("SEC_PANEL_AV_WHITE_LIST_RECOMMENDATION")));
$days = COption::GetOptionInt("main", "event_log_cleanup_days", 7);
if ($days > 7) {
    $days = 7;
}
$cntLog = 0;
$rsLog = CEventLog::GetList(array(), array("TIMESTAMP_X_1" => ConvertTimeStamp(time() - $days * 24 * 3600 + CTimeZone::GetOffset(), "FULL"), "AUDIT_TYPE_ID" => "SECURITY_VIRUS"));
while ($rsLog->Fetch()) {
    $cntLog++;
}