/** * @todo Implement wfWAFHTTPTransportStreams::send. * @param wfWAFHTTP $request * @return mixed * @throws wfWAFHTTPTransportException */ public function send($request) { $timeout = 5; $url = $request->getUrl(); if ($queryString = $request->getQueryString()) { if (is_array($queryString)) { $queryString = http_build_query($queryString); } $url .= (wfWAFUtils::strpos($url, '?') !== false ? '&' : '?') . $queryString; } $urlParsed = parse_url($request->getUrl()); $headers = "Host: {$urlParsed['host']}\r\n"; if ($auth = $request->getAuth()) { $headers .= 'Authorization: Basic ' . base64_encode($auth['user'] . ':' . $auth['password']) . "\r\n"; } if ($cookies = $request->getCookies()) { if (is_array($cookies)) { $cookies = self::buildCookieString($cookies); } $headers .= "Cookie: {$cookies}\r\n"; } $hasUA = false; if ($_headers = $request->getHeaders()) { if (is_array($_headers)) { foreach ($_headers as $header => $value) { if (trim(wfWAFUtils::strtolower($header)) === 'user-agent') { $hasUA = true; } $headers .= $header . ': ' . $value . "\r\n"; } } } if (!$hasUA) { $headers .= "User-Agent: Wordfence Streams UA\r\n"; } $httpOptions = array('method' => $request->getMethod(), 'ignore_errors' => true, 'timeout' => $timeout, 'follow_location' => 1, 'max_redirects' => 5); if (wfWAFUtils::strlen($request->getBody()) > 0) { $httpOptions['content'] = $request->getBody(); $headers .= 'Content-Length: ' . wfWAFUtils::strlen($httpOptions['content']) . "\r\n"; } $httpOptions['header'] = $headers; $options = array(wfWAFUtils::strtolower($urlParsed['scheme']) => $httpOptions); $context = stream_context_create($options); $stream = fopen($request->getUrl(), 'r', false, $context); if (!is_resource($stream)) { return false; } $metaData = stream_get_meta_data($stream); // Get the HTTP response code $httpResponse = array_shift($metaData['wrapper_data']); if (preg_match_all('/(\\w+\\/\\d\\.\\d) (\\d{3})/', $httpResponse, $matches) !== false) { // $protocol = $matches[1][0]; $status = (int) $matches[2][0]; } else { // $protocol = null; $status = null; } $responseObj = new wfWAFHTTPResponse(); $responseObj->setHeaders(join("\r\n", $metaData['wrapper_data'])); $responseObj->setBody(stream_get_contents($stream)); $responseObj->setStatusCode($status); // Close the stream after use fclose($stream); return $responseObj; }
public function fire() { $waf = $this->getWaf(); if (!$waf) { return; } $guessSiteURL = sprintf('%s://%s/', $waf->getRequest()->getProtocol(), $waf->getRequest()->getHost()); try { $this->response = wfWAFHTTP::get(WFWAF_API_URL_SEC . "?" . http_build_query(array('action' => 'get_waf_rules', 'k' => $waf->getStorageEngine()->getConfig('apiKey'), 's' => $waf->getStorageEngine()->getConfig('siteURL') ? $waf->getStorageEngine()->getConfig('siteURL') : $guessSiteURL, 'h' => $waf->getStorageEngine()->getConfig('homeURL') ? $waf->getStorageEngine()->getConfig('homeURL') : $guessSiteURL, 'openssl' => $waf->hasOpenSSL() ? 1 : 0, 'betaFeed' => (int) $waf->getStorageEngine()->getConfig('betaThreatDefenseFeed')), null, '&')); if ($this->response) { $jsonData = wfWAFUtils::json_decode($this->response->getBody(), true); if (is_array($jsonData)) { if ($waf->hasOpenSSL() && isset($jsonData['data']['signature']) && isset($jsonData['data']['rules']) && $waf->verifySignedRequest(base64_decode($jsonData['data']['signature']), $jsonData['data']['rules'])) { $waf->updateRuleSet(base64_decode($jsonData['data']['rules']), isset($jsonData['data']['timestamp']) ? $jsonData['data']['timestamp'] : true); if (array_key_exists('premiumCount', $jsonData['data'])) { $waf->getStorageEngine()->setConfig('premiumCount', $jsonData['data']['premiumCount']); } } else { if (!$waf->hasOpenSSL() && isset($jsonData['data']['hash']) && isset($jsonData['data']['rules']) && $waf->verifyHashedRequest($jsonData['data']['hash'], $jsonData['data']['rules'])) { $waf->updateRuleSet(base64_decode($jsonData['data']['rules']), isset($jsonData['data']['timestamp']) ? $jsonData['data']['timestamp'] : true); if (array_key_exists('premiumCount', $jsonData['data'])) { $waf->getStorageEngine()->setConfig('premiumCount', $jsonData['data']['premiumCount']); } } } } } } catch (wfWAFHTTPTransportException $e) { error_log($e->getMessage()); } catch (wfWAFBuildRulesException $e) { error_log($e->getMessage()); } }
public function fire() { $waf = $this->getWaf(); if (!$waf) { return; } $guessSiteURL = sprintf('%s://%s/', $waf->getRequest()->getProtocol(), $waf->getRequest()->getHost()); try { $request = new wfWAFHTTP(); $request->setHeaders(array('Content-Type' => 'application/json')); $response = wfWAFHTTP::post(WFWAF_API_URL_SEC . "?" . http_build_query(array('action' => 'send_waf_attack_data', 'k' => $waf->getStorageEngine()->getConfig('apiKey'), 's' => $waf->getStorageEngine()->getConfig('siteURL') ? $waf->getStorageEngine()->getConfig('siteURL') : $guessSiteURL, 't' => microtime(true)), null, '&'), '[]', $request); if ($response instanceof wfWAFHTTPResponse && $response->getBody()) { $jsonData = wfWAFUtils::json_decode($response->getBody(), true); if (array_key_exists('data', $jsonData) && array_key_exists('watchedIPList', $jsonData['data'])) { $waf->getStorageEngine()->setConfig('watchedIPs', $jsonData['data']['watchedIPList']); } } } catch (wfWAFHTTPTransportException $e) { error_log($e->getMessage()); } }