public function generate_new_salts() { if (!ITSEC_Modules::get_setting('global', 'write_files')) { return new WP_Error('itsec-wordpress-salts-utilities-write-files-disabled', __('The "Write to Files" setting is disabled in Global Settings. In order to use this feature, you must enable the "Write to Files" setting.', 'better-wp-security')); } require_once ITSEC_Core::get_core_dir() . '/lib/class-itsec-lib-config-file.php'; require_once ITSEC_Core::get_core_dir() . '/lib/class-itsec-lib-file.php'; $config_file_path = ITSEC_Lib_Config_File::get_wp_config_file_path(); $config = ITSEC_Lib_File::read($config_file_path); if (is_wp_error($config)) { return new WP_Error('itsec-wordpress-salts-utilities-cannot-read-wp-config.php', sprintf(__('Unable to read the <code>wp-config.php</code> file in order to update the salts. You will need to manually update the file. Error details as follows: %1$s (%2$s)', 'better-wp-security'), $config->get_error_message(), $config->get_error_code())); } $defines = array('AUTH_KEY', 'SECURE_AUTH_KEY', 'LOGGED_IN_KEY', 'NONCE_KEY', 'AUTH_SALT', 'SECURE_AUTH_SALT', 'LOGGED_IN_SALT', 'NONCE_SALT'); foreach ($defines as $define) { if (empty($salts)) { $salts = self::get_new_salts(); } $salt = array_pop($salts); if (empty($salt)) { $salt = wp_generate_password(64, true, true); } $salt = str_replace('$', '\\$', $salt); $regex = "/(define\\s*\\(\\s*(['\"]){$define}\\2\\s*,\\s*)(['\"]).+?\\3(\\s*\\)\\s*;)/"; $config = preg_replace($regex, "\${1}'{$salt}'\${4}", $config); } $write_result = ITSEC_Lib_File::write($config_file_path, $config); if (is_wp_error($write_result)) { return new WP_Error('itsec-wordpress-salts-utilities-cannot-save-wp-config.php', sprintf(__('Unable to update the <code>wp-config.php</code> file in order to update the salts. You will need to manually update the file. Error details as follows: %1$s (%2$s)', 'better-wp-security'), $config->get_error_message(), $config->get_error_code())); } return true; }
public function set_all($settings) { $retval = array('old_settings' => $this->settings, 'new_settings' => $this->settings, 'errors' => array(), 'messages' => array(), 'saved' => false); $validator = ITSEC_Modules::get_validator($this->get_id()); if (is_null($validator)) { $retval['errors'][] = new WP_Error('itsec-settings-missing-validator-for-' . $this->get_id(), sprintf(__('The data validator for %1$s is missing. Data for the module cannot be saved without the validator. This error could indicate a bad install of iThemes Security. Please remove the plugin and reinstall it. If this message persists, please contact support and send them this error message.', 'better-wp-security'), $this->get_id())); } else { $validator->validate($settings); $retval['errors'] = $validator->get_errors(); $retval['messages'] = $validator->get_messages(); if ($validator->can_save()) { $this->settings = $validator->get_settings(); ITSEC_Storage::set($this->get_id(), $this->settings); $this->after_save(); $this->handle_settings_changes($retval['old_settings']); $retval['new_settings'] = $this->settings; $retval['saved'] = true; } else { ITSEC_Response::set_success(false); } } ITSEC_Response::add_errors($retval['errors']); ITSEC_Response::add_messages($retval['messages']); return $retval; }
/** * Execute module upgrade * * @return void */ public function execute_upgrade($itsec_old_version) { if ($itsec_old_version < 4000) { global $itsec_bwps_options; $current_options = get_site_option('itsec_backup'); // Don't do anything if settings haven't already been set, defaults exist in the module system and we prefer to use those if (false !== $current_options) { $current_options['enabled'] = isset($itsec_bwps_options['backup_enabled']) && $itsec_bwps_options['backup_enabled'] == 1 ? true : false; $current_options['interval'] = isset($itsec_bwps_options['backup_interval']) ? intval($itsec_bwps_options['backup_interval']) : 1; update_site_option('itsec_backup', $current_options); } } if ($itsec_old_version < 4041) { $current_options = get_site_option('itsec_backup'); // If there are no current options, go with the new defaults by not saving anything if (is_array($current_options)) { // Make sure the new module is properly activated or deactivated if ($current_options['enabled']) { ITSEC_Modules::activate('backup'); } else { ITSEC_Modules::deactivate('backup'); } if (isset($current_options['location']) && !is_dir($current_options['location'])) { unset($current_options['location']); } $options = ITSEC_Modules::get_defaults('backup'); foreach ($options as $name => $value) { if (isset($current_options[$name])) { $options[$name] = $current_options[$name]; } } ITSEC_Modules::set_settings('backup', $options); } } }
public function init() { if (ITSEC_Core::is_iwp_call()) { return; } if (current_user_can('manage_options')) { return; } $settings = ITSEC_Modules::get_settings('multisite-tweaks'); if ($settings['theme_updates']) { remove_action('load-update-core.php', 'wp_update_themes'); add_filter('pre_site_transient_update_themes', '__return_null'); wp_clear_scheduled_hook('wp_update_themes'); } if ($settings['plugin_updates']) { remove_action('load-update-core.php', 'wp_update_plugins'); add_filter('pre_site_transient_update_plugins', '__return_null'); wp_clear_scheduled_hook('wp_update_plugins'); } if ($settings['core_updates']) { remove_action('admin_notices', 'update_nag', 3); add_filter('pre_site_transient_update_core', '__return_null'); wp_clear_scheduled_hook('wp_version_check'); } }
/** * Execute module upgrade * * @return void */ public function execute_upgrade($itsec_old_version) { if ($itsec_old_version < 4000) { global $itsec_bwps_options; $current_options = get_site_option('itsec_strong_passwords'); // Don't do anything if settings haven't already been set, defaults exist in the module system and we prefer to use those if (false !== $current_options) { $current_options['enabled'] = isset($itsec_bwps_options['st_enablepassword']) && $itsec_bwps_options['st_enablepassword'] == 1 ? true : false; $current_options['roll'] = isset($itsec_bwps_options['st_passrole']) ? $itsec_bwps_options['st_passrole'] : 'administrator'; update_site_option('itsec_strong_passwords', $current_options); } } if ($itsec_old_version < 4041) { $current_options = get_site_option('itsec_strong_passwords'); // If there are no current options, go with the new defaults by not saving anything if (is_array($current_options)) { // Make sure the new module is properly activated or deactivated if ($current_options['enabled']) { ITSEC_Modules::activate('strong-passwords'); } else { ITSEC_Modules::deactivate('strong-passwords'); } $settings = array('role' => $current_options['roll']); ITSEC_Modules::set_settings('strong-passwords', $settings); } } }
/** * Execute module upgrade * * @return void */ public function execute_upgrade($itsec_old_version) { if ($itsec_old_version < 4000) { global $itsec_bwps_options; $current_options = get_site_option('itsec_brute_force'); // Don't do anything if settings haven't already been set, defaults exist in the module system and we prefer to use those if (false !== $current_options) { $current_options['enabled'] = isset($itsec_bwps_options['ll_enabled']) && $itsec_bwps_options['ll_enabled'] == 1 ? true : false; $current_options['max_attempts_host'] = isset($itsec_bwps_options['ll_maxattemptshost']) ? intval($itsec_bwps_options['ll_maxattemptshost']) : 5; $current_options['max_attempts_user'] = isset($itsec_bwps_options['ll_maxattemptsuser']) ? intval($itsec_bwps_options['ll_maxattemptsuser']) : 10; $current_options['check_period'] = isset($itsec_bwps_options['ll_checkinterval']) ? intval($itsec_bwps_options['ll_checkinterval']) : 5; update_site_option('itsec_brute_force', $current_options); } } if ($itsec_old_version < 4041) { $current_options = get_site_option('itsec_brute_force'); // If there are no current options, go with the new defaults by not saving anything if (is_array($current_options)) { // Make sure the new module is properly activated or deactivated if ($current_options['enabled']) { ITSEC_Modules::activate('brute-force'); } else { ITSEC_Modules::deactivate('brute-force'); } // remove 'enabled' which isn't use in the new module unset($current_options['enabled']); ITSEC_Modules::set_settings('brute-force', $current_options); } } }
/** * Execute module upgrade * * @return void */ public function execute_upgrade($itsec_old_version) { if ($itsec_old_version < 4000) { global $itsec_bwps_options; $current_options = get_site_option('itsec_ssl'); // Don't do anything if settings haven't already been set, defaults exist in the module system and we prefer to use those if (false !== $current_options) { $current_options['frontend'] = isset($itsec_bwps_options['ssl_frontend']) ? intval($itsec_bwps_options['ssl_frontend']) : 0; update_site_option('itsec_ssl', $current_options); ITSEC_Response::regenerate_wp_config(); } } if ($itsec_old_version < 4041) { $current_options = get_site_option('itsec_ssl'); // If there are no current options, go with the new defaults by not saving anything if (is_array($current_options)) { // If anything in this module is being used activate it, otherwise deactivate it $activate = false; foreach ($current_options as $on) { if ($on) { $activate = true; break; } } if ($activate) { ITSEC_Modules::activate('ssl'); } else { ITSEC_Modules::deactivate('ssl'); } // remove 'enabled' which isn't used in the new module unset($current_options['enabled']); ITSEC_Modules::set_settings('ssl', $current_options); } } }
private function send_new_login_url($url) { if (ITSEC_Core::doing_data_upgrade()) { // Do not send emails when upgrading data. This prevents spamming users with notifications just because the // data was ported from an old version to a new version. return; } $message = '<p>' . __('Dear Site Admin,', 'better-wp-security') . "</p>\n"; /* translators: 1: Site name, 2: Site address, 3: New login address */ $message .= '<p>' . sprintf(__('The login address for %1$s (<code>%2$s</code>) has changed. The new login address is <code>%3$s</code>. You will be unable to use the old login address.', 'better-wp-security'), get_bloginfo('name'), esc_url(get_site_url()), esc_url($url)) . "</p>\n"; if (defined('ITSEC_DEBUG') && ITSEC_DEBUG === true) { $message .= '<p>Debug info (source page): ' . esc_url($_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]) . "</p>\n"; } $message = "<html>\n{$message}</html>\n"; //Setup the remainder of the email $recipients = ITSEC_Modules::get_setting('global', 'notification_email'); $subject = sprintf(__('[%1$s] WordPress Login Address Changed', 'better-wp-security'), get_site_url()); $subject = apply_filters('itsec_lockout_email_subject', $subject); $headers = 'From: ' . get_bloginfo('name') . ' <' . get_option('admin_email') . '>' . "\r\n"; //Use HTML Content type add_filter('wp_mail_content_type', array($this, 'get_html_content_type')); //Send emails to all recipients foreach ($recipients as $recipient) { $recipient = trim($recipient); if (is_email($recipient)) { wp_mail($recipient, $subject, $message, $headers); } } //Remove HTML Content type remove_filter('wp_mail_content_type', array($this, 'get_html_content_type')); }
/** * Execute module upgrade * * @return void */ public function execute_upgrade($itsec_old_version) { if ($itsec_old_version < 4000) { global $itsec_bwps_options; $current_options = get_site_option('itsec_four_oh_four'); // Don't do anything if settings haven't already been set, defaults exist in the module system and we prefer to use those if (false !== $current_options) { $current_options['enabled'] = isset($itsec_bwps_options['id_enabled']) && $itsec_bwps_options['id_enabled'] == 1 ? true : false; $current_options['check_period'] = isset($itsec_bwps_options['id_checkinterval']) ? intval($itsec_bwps_options['id_checkinterval']) : 5; $current_options['error_threshold'] = isset($itsec_bwps_options['id_threshold']) ? intval($itsec_bwps_options['id_threshold']) : 20; if (isset($itsec_bwps_options['id_whitelist']) && !is_array($itsec_bwps_options['id_whitelist']) && strlen($itsec_bwps_options['id_whitelist']) > 1) { $current_options['white_list'] .= explode(PHP_EOL, $itsec_bwps_options['id_whitelist']); } update_site_option('itsec_four_oh_four', $current_options); } } if ($itsec_old_version < 4041) { $current_options = get_site_option('itsec_four_oh_four'); // If there are no current options, go with the new defaults by not saving anything if (is_array($current_options)) { // Make sure the new module is properly activated or deactivated if ($current_options['enabled']) { ITSEC_Modules::activate('404-detection'); } else { ITSEC_Modules::deactivate('404-detection'); } // remove 'enabled' which isn't use in the new module unset($current_options['enabled']); ITSEC_Modules::set_settings('404-detection', $current_options); } } }
protected function validate_settings() { if (!$this->can_save()) { return; } $previous_settings = ITSEC_Modules::get_settings($this->get_id()); $diff = array_diff_assoc($this->settings, $previous_settings); if (!empty($diff)) { ITSEC_Response::regenerate_server_config(); } if ($this->settings['write_permissions']) { // Always set permissions to 0444 when saving the settings. // This ensures that the file permissions are fixed each time the settings are saved. $new_permissions = 0444; } else { if ($this->settings['write_permissions'] !== $previous_settings['write_permissions']) { // Only revert the settings to the defaults when disabling the setting. // This avoids changing the file permissions when the setting has yet to be enabled and disabled. $new_permissions = 0664; } } if (isset($new_permissions)) { // Only change the permissions when needed. require_once ITSEC_Core::get_core_dir() . 'lib/class-itsec-lib-config-file.php'; require_once ITSEC_Core::get_core_dir() . 'lib/class-itsec-lib-file.php'; $server_config_file = ITSEC_Lib_Config_File::get_server_config_file_path(); $wp_config_file = ITSEC_Lib_Config_File::get_wp_config_file_path(); ITSEC_Lib_File::chmod($server_config_file, $new_permissions); ITSEC_Lib_File::chmod($wp_config_file, $new_permissions); ITSEC_Response::reload_module('file-permissions'); } }
function run() { if (1 === ITSEC_Modules::get_setting('ssl', 'frontend')) { add_action('post_submitbox_misc_actions', array($this, 'ssl_enable_per_content')); add_action('save_post', array($this, 'save_post')); } }
/** * Execute module upgrade * * @return void */ public function execute_upgrade($itsec_old_version) { if ($itsec_old_version < 4041) { $current_options = get_site_option('itsec_ipcheck'); // If there are no current options, go with the new defaults by not saving anything if (is_array($current_options)) { $settings = ITSEC_Modules::get_defaults('network-brute-force'); if (isset($current_options['api_ban'])) { $settings['enable_ban'] = $current_options['api_ban']; } // Make sure the new module is properly activated or deactivated if ($settings['enable_ban']) { ITSEC_Modules::activate('network-brute-force'); } else { ITSEC_Modules::deactivate('network-brute-force'); } if (!empty($current_options['api_key'])) { $settings['api_key'] = $current_options['api_key']; // Don't ask users to sign up if they already have $settings['api_nag'] = false; } if (!empty($current_options['api_s'])) { $settings['api_secret'] = $current_options['api_s']; } if (!empty($current_options['optin'])) { $settings['updates_optin'] = $current_options['optin']; } ITSEC_Modules::set_settings('network-brute-force', $settings); } } }
/** * Execute module upgrade * * @return void */ public function execute_upgrade($itsec_old_version) { if ($itsec_old_version < 4041) { $current_options = get_site_option('itsec_global'); // If there are no current options, go with the new defaults by not saving anything if (is_array($current_options)) { // log_type used to be 0 for database, 1 for file, 2 for both switch ($current_options['log_type']) { case 2: $current_options['log_type'] = 'both'; break; case 1: $current_options['log_type'] = 'file'; break; default: $current_options['log_type'] = 'database'; } if (isset($current_options['log_location']) && !is_dir($current_options['log_location'])) { unset($current_options['log_location']); } if (isset($current_options['nginx_file']) && !is_dir(dirname($current_options['nginx_file']))) { unset($current_options['nginx_file']); } $settings = ITSEC_Modules::get_defaults('global'); foreach ($settings as $index => $setting) { if (isset($current_options[$index])) { $settings[$index] = $current_options[$index]; } } ITSEC_Modules::set_settings('global', $settings); } } }
protected function validate_settings() { if (!$this->can_save()) { return; } if (!$this->settings['regenerate']) { unset($this->settings['regenerate']); if (defined('DOING_AJAX') && DOING_AJAX && !empty($_POST['module']) && $this->get_id() === $_POST['module']) { // Request to modify just this module. $this->set_can_save(false); if (ITSEC_Modules::get_setting('global', 'write_files')) { $this->add_error(new WP_Error('itsec-wordpress-salts-skipping-regeneration-empty-checkbox', __('You must check the Change WordPress Salts checkbox in order to change the WordPress salts.', 'better-wp-security'))); } else { $this->add_error(new WP_Error('itsec-wordpress-salts-skipping-regeneration-write-files-disabled', __('The "Write to Files" setting is disabled in Global Settings. In order to use this feature, you must enable the "Write to Files" setting.', 'better-wp-security'))); } } return; } unset($this->settings['regenerate']); require_once dirname(__FILE__) . '/utilities.php'; $result = ITSEC_WordPress_Salts_Utilities::generate_new_salts(); if (is_wp_error($result)) { $this->add_error($result); $this->set_can_save(false); } else { $this->add_message(__('The WordPress salts were successfully regenerated.', 'better-wp-security')); $this->settings['last_generated'] = ITSEC_Core::get_current_time_gmt(); ITSEC_Response::force_logout(); } }
function run() { $this->settings = ITSEC_Modules::get_settings('hide-backend'); if (!$this->settings['enabled']) { return; } add_filter('itsec_filter_apache_server_config_modification', array($this, 'filter_apache_server_config_modification')); add_filter('itsec_filter_litespeed_server_config_modification', array($this, 'filter_apache_server_config_modification')); add_filter('itsec_filter_nginx_server_config_modification', array($this, 'filter_nginx_server_config_modification')); $jetpack_active_modules = get_option('jetpack_active_modules'); if (is_multisite() && function_exists('is_plugin_active_for_network')) { //see if Jetpack is active $is_jetpack_active = in_array('jetpack/jetpack.php', (array) get_option('active_plugins', array())) || is_plugin_active_for_network('jetpack/jetpack.php'); } else { $is_jetpack_active = in_array('jetpack/jetpack.php', (array) get_option('active_plugins', array())); } if (!($is_jetpack_active === true && is_array($jetpack_active_modules) && in_array('json-api', $jetpack_active_modules) && isset($_GET['action']) && $_GET['action'] == 'jetpack_json_api_authorization')) { $this->auth_cookie_expired = false; add_action('auth_cookie_expired', array($this, 'auth_cookie_expired')); add_action('init', array($this, 'execute_hide_backend'), 1000); add_action('login_init', array($this, 'execute_hide_backend_login')); add_action('plugins_loaded', array($this, 'plugins_loaded'), 11); add_filter('body_class', array($this, 'remove_admin_bar')); add_filter('loginout', array($this, 'filter_loginout')); add_filter('wp_redirect', array($this, 'filter_login_url'), 10, 2); add_filter('lostpassword_url', array($this, 'filter_login_url'), 10, 2); add_filter('site_url', array($this, 'filter_login_url'), 10, 2); add_filter('retrieve_password_message', array($this, 'retrieve_password_message')); add_filter('comment_moderation_text', array($this, 'comment_moderation_text')); remove_action('template_redirect', 'wp_redirect_admin_locations', 1000); } }
/** * Function to instantiate our class and make it a singleton */ public static function get_instance() { if (!self::$instance) { self::$instance = new self(); } return self::$instance; }
public function dismiss_file_change_warning() { ini_set('display_errors', 1); if (!wp_verify_nonce($_REQUEST['nonce'], 'itsec-file-change-dismiss-warning')) { die('Security check'); } ITSEC_Modules::set_setting('file-change', 'show_warning', false); }
public function enqueue_scripts_and_styles() { wp_enqueue_script('jquery-multi-select', plugins_url('js/jquery.multi-select.js', __FILE__), array('jquery'), $this->script_version, true); $vars = array('default_backup_location' => ITSEC_Modules::get_default($this->id, 'location'), 'available_tables_label' => __('Tables for Backup', 'better-wp-security'), 'excluded_tables_label' => __('Excluded Tables', 'better-wp-security'), 'creating_backup_text' => __('Creating Backup...', 'better-wp-security')); wp_enqueue_script('itsec-backup-settings-page-script', plugins_url('js/settings-page.js', __FILE__), array('jquery', 'jquery-multi-select'), $this->script_version, true); wp_localize_script('itsec-backup-settings-page-script', 'itsec_backup', $vars); wp_enqueue_style('itsec-backup-settings-page-style', plugins_url('css/settings-page.css', __FILE__), array(), $this->script_version); }
function itsec_network_brute_force_dismiss_notice() { if (wp_verify_nonce($_REQUEST['notice_nonce'], 'dismiss-brute-force-network-notice')) { ITSEC_Modules::set_setting('network-brute-force', 'api_nag', false); wp_send_json_success(); } wp_send_json_error(); }
function run() { $this->settings = ITSEC_Modules::get_settings('404-detection'); add_filter('itsec_lockout_modules', array($this, 'register_lockout')); add_filter('itsec_logger_modules', array($this, 'register_logger')); add_filter('itsec_logger_displays', array($this, 'register_logger_displays')); add_action('wp_head', array($this, 'check_404')); }
function itsec_ban_users_handle_new_blacklisted_ip($ip) { $host_list = ITSEC_Modules::get_setting('ban-users', 'host_list', array()); if (!is_array($host_list)) { $host_list = array(); } $host_list[] = $ip; ITSEC_Modules::set_setting('ban-users', 'host_list', $host_list); }
/** * Execute module upgrade * * @return void */ public function execute_upgrade($itsec_old_version) { if ($itsec_old_version < 4041) { $last_generated = get_site_option('itsec_salts'); if (is_int($last_generated) && $last_generated >= 0) { ITSEC_Modules::set_setting('wordpress-salts', 'last_generated', $last_generated); } } }
protected function validate_settings() { if (!$this->can_save()) { return; } $previous_settings = ITSEC_Modules::get_settings($this->get_id()); if ($this->settings['admin'] !== $previous_settings['admin']) { ITSEC_Response::regenerate_wp_config(); if ($this->settings['admin']) { ITSEC_Response::force_logout(); } } }
protected function validate_settings() { if (!$this->can_save()) { return; } $previous_settings = ITSEC_Modules::get_settings($this->get_id()); foreach ($this->settings as $key => $val) { if (!isset($previous_settings[$key]) || $previous_settings[$key] != $val) { ITSEC_Response::regenerate_server_config(); break; } } }
public function validate($settings) { $this->settings = $settings; $this->previous_settings = ITSEC_Modules::get_settings($this->get_id()); $this->sanitize_settings(); if ($this->run_validate_matching_fields) { $this->validate_matching_fields(); } if ($this->run_validate_matching_types) { $this->validate_matching_types(); } $this->validate_settings(); }
public function enqueue_scripts_and_styles() { $settings = ITSEC_Modules::get_settings($this->id); $logs_page_url = ITSEC_Core::get_logs_page_url('file_change'); $vars = array('button_text' => isset($settings['split']) && true === $settings['split'] ? __('Scan Next File Chunk', 'better-wp-security') : __('Scan Files Now', 'better-wp-security'), 'scanning_button_text' => __('Scanning...', 'better-wp-security'), 'no_changes' => __('No changes were detected.', 'better-wp-security'), 'found_changes' => sprintf(__('Changes were detected. Please check the <a href="%s" target="_blank">logs page</a> for details.', 'better-wp-security'), esc_url($logs_page_url)), 'unknown_error' => __('An unknown error occured. Please try again later', 'better-wp-security'), 'already_running' => sprintf(__('A scan is already in progress. Please check the <a href="%s" target="_blank">logs page</a> at a later time for the results of the scan.', 'better-wp-security'), esc_url($logs_page_url)), 'ABSPATH' => ITSEC_Lib::get_home_path(), 'nonce' => wp_create_nonce('itsec_do_file_check')); wp_enqueue_script('itsec-file-change-settings-script', plugins_url('js/settings-page.js', __FILE__), array('jquery'), $this->script_version, true); wp_localize_script('itsec-file-change-settings-script', 'itsec_file_change_settings', $vars); $vars = array('nonce' => wp_create_nonce('itsec_jquery_filetree')); wp_enqueue_script('itsec-file-change-admin-filetree-script', plugins_url('js/filetree/jqueryFileTree.js', __FILE__), array('jquery'), $this->script_version, true); wp_localize_script('itsec-file-change-admin-filetree-script', 'itsec_jquery_filetree', $vars); wp_enqueue_style('itsec-file-change-admin-filetree-style', plugins_url('js/filetree/jqueryFileTree.css', __FILE__), array(), $this->script_version); wp_enqueue_style('itsec-file-change-admin-style', plugins_url('css/settings.css', __FILE__), array(), $this->script_version); }
protected function sanitize_settings() { $previous_settings = ITSEC_Modules::get_settings($this->get_id()); $this->settings = array_merge($previous_settings, $this->settings); if (isset($this->settings['email'])) { $this->sanitize_setting('email', 'email', __('Email Address', 'better-wp-security')); $this->vars_to_skip_validate_matching_fields[] = 'email'; } $this->sanitize_setting('bool', 'updates_optin', __('Receive Email Updates', 'better-wp-security')); $this->sanitize_setting('string', 'api_key', __('API Key', 'better-wp-security')); $this->sanitize_setting('string', 'api_secret', __('API Secret', 'better-wp-security')); $this->sanitize_setting('bool', 'enable_ban', __('Ban Reported IPs', 'better-wp-security')); }
protected function validate_settings() { if (!$this->can_save()) { return; } $previous_settings = ITSEC_Modules::get_settings($this->get_id()); if ($this->settings['file_editor'] !== $previous_settings['file_editor']) { ITSEC_Response::regenerate_wp_config(); } if ($this->settings['disable_xmlrpc'] !== $previous_settings['disable_xmlrpc'] || $this->settings['comment_spam'] !== $previous_settings['comment_spam']) { ITSEC_Response::regenerate_server_config(); } }
public function add_hooks() { if ($this->hooks_added) { return; } add_filter('itsec_filter_apache_server_config_modification', array($this, 'filter_apache_server_config_modification')); add_filter('itsec_filter_nginx_server_config_modification', array($this, 'filter_nginx_server_config_modification')); add_filter('itsec_filter_litespeed_server_config_modification', array($this, 'filter_litespeed_server_config_modification')); if (ITSEC_Modules::get_setting('system-tweaks', 'long_url_strings')) { add_action('itsec_initialized', array($this, 'block_long_urls')); } $this->hooks_added = true; }
function run() { $this->settings = ITSEC_Modules::get_settings('brute-force'); $this->username = null; add_action('wp_login', array($this, 'wp_login'), 10, 2); add_action('wp_login_failed', array($this, 'wp_login_failed'), 1, 1); add_filter('itsec_logger_displays', array($this, 'itsec_logger_displays')); //adds logs metaboxes add_filter('authenticate', array($this, 'authenticate'), 10, 3); add_filter('itsec_lockout_modules', array($this, 'itsec_lockout_modules')); add_filter('itsec_logger_modules', array($this, 'itsec_logger_modules')); add_filter('xmlrpc_login_error', array($this, 'xmlrpc_login_error'), 10, 2); add_filter('jetpack_get_default_modules', array($this, 'jetpack_get_default_modules')); //disable jetpack protect via Geoge Stephanis }