Пример #1
0
 /**
  * Admin magic starts here.
  *
  * @since 1.0.5
  * @return void
  */
 public static function admin_init()
 {
     $dirname = dirname(self::$settings['plugin_file']);
     require_once $dirname . '/core/class-qwall-util.php';
     require_once $dirname . '/core/class-qwall-setup.php';
     require_once $dirname . '/core/class-qwall-notice.php';
     require_once $dirname . '/core/class-qwall-admin.php';
     require_once $dirname . '/core/class-qwall-monitor.php';
     register_activation_hook(self::$settings['plugin_file'], array('QWall_Setup', 'on_activate'));
     register_deactivation_hook(self::$settings['plugin_file'], array('QWall_Setup', 'on_deactivate'));
     register_uninstall_hook(self::$settings['plugin_file'], array('QWall_Setup', 'on_uninstall'));
     add_action('activated_plugin', array('QWall_Setup', 'on_activated_plugin'));
     if (isset($_POST['qwall_purge_logs_now'])) {
         require_once ABSPATH . 'wp-includes/pluggable.php';
         if (wp_verify_nonce($_POST['qwall_purge_logs_nonce'], 'qwall_purge_logs') && current_user_can('manage_options')) {
             $affected_rows = QWall_DIC::get('monitor')->purge_logs((int) $_POST['qwall_purge_logs_older_than']);
             if (false === $affected_rows) {
                 new QWall_Notice(__('Oh noes! An error occurred while attempting to purge the logs. You may open a support ticket here <a href="https://wordpress.org/support/plugin/querywall">QueryWall Support Forum</a> or here <a href="https://github.com/4ley/querywall/issues">Github QueryWall Issues</a>.', 'querywall'), array('notice-error', 'is-dismissible'));
             } else {
                 new QWall_Notice(sprintf(_n('Success! %s entry purged.', 'Success! %s entries purged.', $affected_rows, 'querywall'), $affected_rows), array('notice-success', 'is-dismissible'));
             }
         }
     }
     if (isset($_POST['qwall_purge_logs_daily']) || isset($_POST['qwall_purge_logs_unschedule'])) {
         require_once ABSPATH . 'wp-includes/pluggable.php';
         if (wp_verify_nonce($_POST['qwall_purge_logs_nonce'], 'qwall_purge_logs') && current_user_can('manage_options')) {
             QWall_Util::unschedule_event('qwall_purge_logs');
             if (isset($_POST['qwall_purge_logs_daily'])) {
                 wp_schedule_event(current_time('timestamp'), 'daily', 'qwall_purge_logs', (int) $_POST['qwall_purge_logs_older_than']);
                 $message = __('Success! You have scheduled to purge logs periodically.', 'querywall');
             } else {
                 $message = __('Success! You have unscheduled periodical cleaning.', 'querywall');
             }
             new QWall_Notice($message, array('notice-success', 'is-dismissible'));
         }
     }
     if (isset($_POST['qwall_avc_rules'])) {
         require_once ABSPATH . 'wp-includes/pluggable.php';
         if (wp_verify_nonce($_POST['qwall_av_rules_nonce'], 'qwall_av_rules') && current_user_can('manage_options')) {
             $attack_vector = QWall_DIC::get('firewall_rules')->get_attack_vectors($_POST['qwall_attack_vector']);
             if ($attack_vector) {
                 $attack_vector_custom_rules = base64_encode(preg_replace('/[\\r\\n]+/', '##', $_POST['qwall_avc_rules']));
                 if (update_option('qwall_avc_' . $_POST['qwall_attack_vector'], $attack_vector_custom_rules)) {
                     new QWall_Notice(__('Success! You have updated the firewall rules.', 'querywall'), array('notice-success', 'is-dismissible'));
                 }
                 /* else {
                 
                 						new QWall_Notice(
                 							__( 'Oh noes! An error occurred while attempting to save the rules. You may open a support ticket here <a href="https://wordpress.org/support/plugin/querywall">QueryWall Support Forum</a> or here <a href="https://github.com/4ley/querywall/issues">Github QueryWall Issues</a>.', 'querywall' ),
                 							array( 'notice-error', 'is-dismissible' )
                 						);
                 					}*/
             } else {
                 new QWall_Notice(__('Oh noes! An error occurred while attempting to save the rules. The attack vector seems to be missing in the list of available vectors. You may open a support ticket here <a href="https://wordpress.org/support/plugin/querywall">QueryWall Support Forum</a> or here <a href="https://github.com/4ley/querywall/issues">Github QueryWall Issues</a>.', 'querywall'), array('notice-error', 'is-dismissible'));
             }
         }
     }
 }
Пример #2
0
 /**
  * Remove plugin options
  *
  * @since 1.0.7
  * @return void
  */
 private static function remove_options()
 {
     QWall_DIC::get('settings')->delete('settings');
 }
Пример #3
0
         * Enqueue actions to build the admin menu.
         *
         * Calls all the needed actions to build the admin menu.
         *
         * @since 1.0.1
         * @return void
         */
        public function cb_admin_menu()
        {
            // add_menu_page( $page_title, $menu_title, $capability, $menu_slug, $function, $icon_url, $position );
            add_menu_page(__('Firewall Request Monitor', 'querywall'), __('QueryWall', 'querywall'), 'manage_options', 'querywall', '', 'dashicons-shield');
        }
        /**
         * Add rating link to plugin page.
         *
         * @since 1.0.7
         * @return array
         */
        public function cb_plugin_meta($links, $file)
        {
            if (strpos($file, 'querywall.php') !== false) {
                // style="padding:0 2px;color:#fff;vertical-align:middle;border-radius:2px;background:#00b9eb;"
                $links[] = '<a target="_blank" href="https://wordpress.org/support/view/plugin-reviews/querywall?rate=5#postform" title="Rate and review QueryWall on WordPress.org">Rate on WordPress.org</a>';
                $links[] = '<a target="_blank" href="https://github.com/4ley/querywall" title="Contribute to QueryWall on GitHub">Contribute on GitHub</a>';
                $links[] = '<a target="_blank" href="https://www.facebook.com/querywall" title="Visit QueryWall on Facebook">Visit on Facebook</a>';
            }
            return $links;
        }
    }
    QWall_DIC::set('admin', new QWall_Admin());
}
Пример #4
0
            _e('Blocked requests are shown in the list below.', 'querywall');
            ?>
</p>
				</div>
				<?php 
            $fw_monitor->display();
            ?>
			</div>
		<?php 
        }
        /**
         * Purge blocked request logs.
         *
         * @since 1.0.5
         * @return int|boolen
         */
        public function purge_logs($older_than_hours = 0)
        {
            global $wpdb;
            if ($older_than_hours == 0) {
                return $wpdb->query("DELETE FROM `" . $wpdb->base_prefix . "qwall_monitor`;");
            } else {
                if (in_array($older_than_hours, array(24, 72, 120, 168, 336, 672))) {
                    return $wpdb->query("DELETE FROM `" . $wpdb->base_prefix . "qwall_monitor` WHERE `date_time_gmt` < '" . current_time('mysql', 1) . "' - INTERVAL " . esc_sql((int) $older_than_hours) . " HOUR;");
                }
            }
            return false;
        }
    }
    QWall_DIC::set('monitor', new QWall_Monitor());
}
Пример #5
0
 /**
  * Log request
  *
  * @param  string  $filter_group  Filter group
  * @param  string  $filter_match  Filter match
  * @param  string  $filter_input  Filter input
  *
  * @since 1.0.1
  * @return void
  */
 private static function log($filter_group, $filter_match, $filter_input)
 {
     global $wpdb;
     if (isset($_SERVER['HTTP_USER_AGENT'])) {
         $user_agent = $_SERVER['HTTP_USER_AGENT'];
     } else {
         $user_agent = '';
     }
     if (QWall_DIC::get('settings')->get('settings', 'anonymize_ip')) {
         $ipv4 = long2ip(ip2long($_SERVER['REMOTE_ADDR']) & 4294967040.0);
     } else {
         $ipv4 = $_SERVER['REMOTE_ADDR'];
     }
     $wpdb->insert($wpdb->base_prefix . 'qwall_monitor', array('date_time' => current_time('mysql'), 'date_time_gmt' => current_time('mysql', 1), 'ipv4' => sprintf('%u', ip2long($ipv4)), 'agent' => $user_agent, 'filter_group' => $filter_group, 'filter_match' => $filter_match, 'filter_input' => $filter_input));
 }
Пример #6
0
            $namespace = 'qwall_' . $namespace;
            if (!isset($this->settings[$namespace])) {
                $this->settings[$namespace] = get_option($namespace, $this->default_settings[$namespace]);
            }
            if (null === $name) {
                return $this->settings[$namespace];
            } else {
                if (isset($this->settings[$namespace][$name])) {
                    return $this->settings[$namespace][$name];
                } else {
                    if (isset($this->default_settings[$namespace][$name])) {
                        return $this->default_settings[$namespace][$name];
                    } else {
                        return $default;
                    }
                }
            }
        }
        /**
         * Delete option settings.
         *
         * @since 1.0.7
         * @return array
         */
        public function delete($namespace)
        {
            delete_option('qwall_' . $namespace);
        }
    }
    QWall_DIC::set('settings', new QWall_Settings());
}
Пример #7
0
         *
         * @since 1.1.0
         * @return string|array
         */
        public function get_attack_vectors($vector = null)
        {
            if (!isset($this->attack_vectors)) {
                $this->attack_vectors = array('request_uri' => array('name' => 'REQUEST_URI', 'default_pattern' => array('eval\\(', 'UNION(.*)SELECT', 'GROUP_CONCAT', 'CONCAT\\s*\\(', '\\(null\\)', 'base64_', '\\/localhost', '\\%2Flocalhost', '\\/pingserver', '\\/config\\.', '\\/wwwroot', '\\/makefile', 'crossdomain\\.', 'proc\\/self\\/environ', 'etc\\/passwd', '\\/https\\:', '\\/http\\:', '\\/ftp\\:', '\\/cgi\\/', '\\.cgi', '\\.exe', '\\.sql', '\\.ini', '\\.dll', '\\.asp', '\\.jsp', '\\/\\.bash', '\\/\\.git', '\\/\\.svn', '\\/\\.tar', ' ', '\\<', '\\>', '\\/\\=', '\\.\\.\\.', '\\+\\+\\+', '\\/&&', '\\/Nt\\.', '\\;Nt\\.', '\\=Nt\\.', '\\,Nt\\.', '\\.exec\\(', '\\)\\.html\\(', '\\{x\\.html\\(', '\\(function\\(', '\\.php\\([0-9]+\\)', '(benchmark|sleep)(\\s|%20)*\\(')), 'query_string' => array('name' => 'QUERY_STRING', 'default_pattern' => array('\\.\\.\\/', '127\\.0\\.0\\.1', 'localhost', 'loopback', '\\%0A', '\\%0D', '\\%00', '\\%2e\\%2e', 'input_file', 'execute', 'mosconfig', 'path\\=\\.', 'mod\\=\\.', 'wp-config\\.php')), 'files' => array('name' => 'FILES', 'default_pattern' => array('\\.dll$', '\\.rb$', '\\.py$', '\\.exe$', '\\.php[3-6]?$', '\\.pl$', '\\.perl$', '\\.ph[34]$', '\\.phl$', '\\.phtml$', '\\.phtm$')), 'http_user_agent' => array('name' => 'HTTP_USER_AGENT', 'default_pattern' => array('acapbot', 'binlar', 'casper', 'cmswor', 'diavol', 'dotbot', 'finder', 'flicky', 'morfeus', 'nutch', 'planet', 'purebot', 'pycurl', 'semalt', 'skygrid', 'snoopy', 'sucker', 'turnit', 'vikspi', 'zmeu')), 'http_referer' => array('name' => 'HTTP_REFERER', 'default_pattern' => array()), 'http_cookie' => array('name' => 'HTTP_COOKIE', 'default_pattern' => array()), 'remote_addr' => array('name' => 'REMOTE_ADDR', 'default_pattern' => array()));
                foreach ($this->attack_vectors as $idx => $v) {
                    $option = get_option('qwall_avc_' . $idx);
                    $custom_pattern = array();
                    if ($option && !empty($option)) {
                        $option = base64_decode($option);
                        if ($option && !empty($option)) {
                            $custom_pattern = explode('##', $option);
                        }
                    }
                    $this->attack_vectors[$idx]['custom_pattern'] = $custom_pattern;
                }
            }
            if (null !== $vector) {
                if (!isset($this->attack_vectors[$vector])) {
                    return null;
                }
                return $this->attack_vectors[$vector];
            }
            return $this->attack_vectors;
        }
    }
    QWall_DIC::set('firewall_rules', new QWall_Firewall_Rules());
}