public static function misc_form_bypass()
{
/**
* Miscellaneous Form Spam Check Bypass
*/
/* Setup necessary variables */
$url = rs_wpss_get_url();
$url_lc = rs_wpss_casetrans('lower', $url);
$req_uri = $_SERVER['REQUEST_URI'];
$req_uri_lc = rs_wpss_casetrans('lower', $req_uri);
$post_count = count($_POST);
$ip = rs_wpss_get_ip_addr();
$user_agent = rs_wpss_get_user_agent();
$referer = rs_wpss_get_referrer();
/* IP / PROXY INFO - BEGIN */
global $wpss_ip_proxy_info;
if (empty($wpss_ip_proxy_info)) {
$wpss_ip_proxy_info = rs_wpss_ip_proxy_info();
}
extract($wpss_ip_proxy_info);
/* IP / PROXY INFO - END */
/* GEOLOCATION */
if ($post_count == 6 && isset($_POST['updatemylocation'], $_POST['log'], $_POST['lat'], $_POST['country'], $_POST['zip'], $_POST['myaddress'])) {
return TRUE;
}
/* WP Remote */
if (defined('WPRP_PLUGIN_SLUG') && !empty($_POST['wpr_verify_key']) && preg_match("~\\ WP\\-Remote\$~", $user_agent) && preg_match("~\\.amazonaws\\.com\$~", $reverse_dns)) {
return TRUE;
}
/* Ecommerce Plugins */
if ((rs_wpss_is_ssl() || !empty($_POST['add-to-cart']) || !empty($_POST['add_to_cart']) || !empty($_POST['addtocart']) || !empty($_POST['product-id']) || !empty($_POST['product_id']) || !empty($_POST['productid']) || $user_agent === 'PayPal IPN ( https://www.paypal.com/ipn )' && preg_match("~(^|\\.)paypal\\.com\$~", $reverse_dns) && $fcrdns === '[Verified]') && self::is_ecom_enabled()) {
return TRUE;
}
if ((rs_wpss_is_ssl() || self::is_ecom_enabled()) && $fcrdns === '[Verified]') {
/* PayPal, Stripe, Authorize.net, Worldpay, etc */
if ($user_agent === 'PayPal IPN ( https://www.paypal.com/ipn )' && preg_match("~(^|\\.)paypal\\.com\$~", $reverse_dns) || $reverse_dns === 'api.stripe.com' || preg_match("~(^|\\.)(authorize\\.net|worldpay\\.com|payfast\\.co\\.za|api\\.mollie\\.nl|api\\.simplifycommerce\\.com|wepayapi\\.com|2checkout\\.com|paylane\\.com)\$~", $reverse_dns)) {
return TRUE;
}
}
/* WooCommerce Payment Gateways */
if (self::is_woocom_enabled()) {
if ($user_agent === 'PayPal IPN ( https://www.paypal.com/ipn )' && preg_match("~^(ipn|ipnpb|notify|reports)(\\.sandbox)?\\.paypal\\.com\$~", $reverse_dns) || strpos($req_uri, 'WC_Gateway_Paypal') !== FALSE) {
return TRUE;
}
if (preg_match("~(^|\\.)payfast\\.co\\.za\$~", $reverse_dns) || strpos($req_uri, 'wc-api') !== FALSE && strpos($req_uri, 'WC_Gateway_PayFast') !== FALSE) {
return TRUE;
}
/* Plugin: 'woocommerce-gateway-payfast/gateway-payfast.php' */
if (preg_match("~((\\?|\\&)wc\\-api\\=WC_(Addons_)?Gateway_|/wc\\-api/.*WC_(Addons_)?Gateway_)~", $req_uri)) {
return TRUE;
}
/* $wc_gateways = array( 'WC_Gateway_BACS', 'WC_Gateway_Cheque', 'WC_Gateway_COD', 'WC_Gateway_Paypal', 'WC_Addons_Gateway_Simplify_Commerce', 'WC_Gateway_Simplify_Commerce' ); */
}
/* Easy Digital Downloads Payment Gateways */
if (defined('EDD_VERSION')) {
if ($user_agent === 'PayPal IPN ( https://www.paypal.com/ipn )' && preg_match("~^(ipn|ipnpb|notify|reports)(\\.sandbox)?\\.paypal\\.com\$~", $reverse_dns) || !empty($_GET['edd-listener']) && $_GET['edd-listener'] === 'IPN' || strpos($req_uri, 'edd-listener') !== FALSE && strpos($req_uri, 'IPN') !== FALSE) {
return TRUE;
}
if (!empty($_GET['edd-listener']) && $_GET['edd-listener'] === 'amazon' || strpos($req_uri, 'edd-listener') !== FALSE && strpos($req_uri, 'amazon') !== FALSE) {
return TRUE;
}
if (!empty($_GET['edd-listener']) || strpos($req_uri, 'edd-listener') !== FALSE) {
return TRUE;
}
}
/* Gravity Forms PayPal Payments Standard Add-On ( http://www.gravityforms.com/add-ons/paypal/ ) */
if (defined('GF_MIN_WP_VERSION') && defined('GF_PAYPAL_VERSION') || class_exists('GFForms') && class_exists('GF_PayPal_Bootstrap')) {
if ($url === WPSS_SITE_URL . '/?page=gf_paypal_ipn' && isset($_POST['ipn_track_id'], $_POST['payer_id'], $_POST['receiver_id'], $_POST['txn_id'], $_POST['txn_type'], $_POST['verify_sign'])) {
return TRUE;
}
}
/* PayPal IPN */
if (isset($_POST['ipn_track_id'], $_POST['payer_id'], $_POST['payment_type'], $_POST['payment_status'], $_POST['receiver_id'], $_POST['txn_id'], $_POST['txn_type'], $_POST['verify_sign']) && FALSE !== strpos($req_uri_lc, 'paypal') && $user_agent === 'PayPal IPN ( https://www.paypal.com/ipn )' && preg_match("~^(ipn|ipnpb|notify|reports)(\\.sandbox)?\\.paypal\\.com\$~", $reverse_dns) && $fcrdns === '[Verified]') {
return TRUE;
}
/* Clef */
if (defined('CLEF_VERSION')) {
if (preg_match("~^Clef/[0-9](\\.[0-9]+)+\\ \\(https\\://getclef\\.com\\)\$~", $user_agent) && preg_match("~((^|\\.)clef\\.io|\\.amazonaws\\.com)\$~", $reverse_dns)) {
return TRUE;
}
}
/* OA Social Login */
if (defined('OA_SOCIAL_LOGIN_VERSION')) {
$ref_dom_rev = strrev(rs_wpss_get_domain($referer));
$oa_dom_rev = strrev('api.oneall.com');
if ($post_count >= 4 && isset($_GET['oa_social_login_source'], $_POST['oa_action'], $_POST['oa_social_login_token'], $_POST['connection_token'], $_POST['identity_vault_key']) && $_POST['oa_action'] === 'social_login' && strpos($ref_dom_rev, $oa_dom_rev) === 0) {
return TRUE;
}
}
/* Nothing was triggered */
return FALSE;
}
private function ip_ban_htaccess()
{
/***
* Write the updated list of banned IP's to .htaccess.
* Added 1.9.4
***/
$hta_bak_dir = WPSS_CONTENT_DIR_PATH . '/backup';
$hta_wpss_bak_dir = $hta_bak_dir . '/wp-spamshield';
$hta_file = ABSPATH . '/.htaccess';
$hta_bak_file = $hta_wpss_bak_dir . '/original.htaccess';
$wpss_index_file = WPSS_PLUGIN_PATH . '/index.php';
$bak_dir_hta_file = WPSS_PLUGIN_PATH . '/lib/sec/.htaccess';
$ip = rs_wpss_get_ip_addr();
$wpss_ip_ban = get_option('spamshield_ip_ban');
if (empty($wpss_ip_ban)) {
return FALSE;
}
$wpss_ip_ban = rs_wpss_sort_unique($wpss_ip_ban);
$banned_ip_count = count($wpss_ip_ban);
$ip_ban_rgx = '^(' . str_replace(array('.', ':'), array('\\.', '\\:'), implode('|', $wpss_ip_ban)) . ')$';
$wpss_hta_data = WPSS_EOL . WPSS_EOL . '# BEGIN WP-SpamShield' . WPSS_EOL . WPSS_EOL;
$wpss_hta_data .= '<IfModule mod_setenvif.c>' . WPSS_EOL . "\t" . 'SetEnvIf Remote_Addr ' . $ip_ban_rgx . ' WPSS_SEC_THREAT' . WPSS_EOL . '</IfModule>';
$wpss_hta_data .= WPSS_EOL . WPSS_EOL . '# END WP-SpamShield' . WPSS_EOL . WPSS_EOL;
$wpss_hta_data_wp = '# BEGIN WordPress';
if (file_exists($hta_file)) {
if (!file_exists($hta_wpss_bak_dir)) {
wp_mkdir_p($hta_wpss_bak_dir);
@chmod($hta_wpss_bak_dir, 0750);
@chmod($hta_bak_dir, 0750);
@copy($bak_dir_hta_file, $hta_wpss_bak_dir . '/.htaccess');
@copy($wpss_index_file, $hta_wpss_bak_dir . '/index.php');
@copy($bak_dir_hta_file, $hta_bak_dir . '/.htaccess');
@copy($wpss_index_file, $hta_bak_dir . '/index.php');
}
if (!file_exists($hta_bak_file)) {
@copy($hta_file, $hta_bak_file);
}
$hta_contents = file_get_contents($hta_file);
if (strpos($hta_contents, '# BEGIN WP-SpamShield') !== FALSE && strpos($hta_contents, '# END WP-SpamShield') !== FALSE) {
$hta_contents_mod = preg_replace("~#\\ BEGIN\\ WP-SpamShield[\\w\\W]+#\\ END\\ WP-SpamShield~i", trim($wpss_hta_data, WPSS_EOL), $hta_contents);
if ($hta_contents_mod !== $hta_contents) {
file_put_contents($hta_file, $hta_contents_mod, LOCK_EX);
}
} elseif (strpos($hta_contents, '# BEGIN WordPress') !== FALSE) {
$hta_contents_mod = preg_replace("~#\\ BEGIN\\ WordPress~i", $wpss_hta_data . $wpss_hta_data_wp, $hta_contents);
file_put_contents($hta_file, $hta_contents_mod, LOCK_EX);
} else {
file_put_contents($hta_file, WPSS_EOL . WPSS_EOL . $wpss_hta_data . WPSS_EOL . WPSS_EOL, FILE_APPEND | LOCK_EX);
}
rs_wpss_append_log_data(WPSS_EOL . 'IP address banned and added to .htaccess block list. IP: ' . $ip, FALSE);
}
}
function insert_head_js()
{
/***
* This JavaScript is purposely NOT enqueued. It's not coded improperly. This is done exactly like it is for a very good reason.
* It needs to not be modified by any other plugin.
* The JS file is really a dynamically generated hybrid script that uses both server-side and client-side code so it requires the PHP functionality.
* "But couldn't that be done by..." Stop right there...No, it cannot.
***/
if (TRUE === WPSS_COMPAT_MODE || defined('WPSS_SOFT_COMPAT_MODE')) {
return;
}
if ((!is_admin() && is_user_logged_in() || !is_user_logged_in()) && !rs_wpss_is_admin_sproc()) {
echo WPSS_EOL;
global $wpss_ao_active;
$ao_noop_open = $ao_noop_close = '';
if (empty($wpss_ao_active)) {
$wpss_ao_active = rs_wpss_is_plugin_active('autoptimize/autoptimize.php');
}
if (!empty($wpss_ao_active)) {
$ao_noop_open = '<!--noptimize-->';
$ao_noop_close = '<!--/noptimize-->';
}
echo $ao_noop_open . "<script type='text/javascript' src='" . WPSS_PLUGIN_JS_URL . "/jscripts.php'></script>" . $ao_noop_close . " " . WPSS_EOL;
if (!empty($_SESSION['wpss_user_ip_init_' . WPSS_HASH])) {
$_SESSION['wpss_user_ip_init_' . WPSS_HASH] = rs_wpss_get_ip_addr();
}
}
}
public static function disable_xmlrpc_multicall($methods)
{
/**
* SECURITY - Disable the XML-RPC 'system.multicall' method
* Protect against XML-RPC brute force amplification attacks without breaking functionality
* Added 1.9.7.8
*/
$ip = rs_wpss_get_ip_addr();
if (!rs_wpss_is_valid_ip($ip) || !preg_match("~^192\\.0\\.(6[4-9]|[7-9][0-9]|1[01][0-9]|12[0-7])\\.~", $ip)) {
/* 192.0.64.0-192.0.127.255 (CIDR:192.0.64.0/18) */
unset($methods['system.multicall']);
}
return $methods;
}
