* Enqueue actions to build the admin menu.
*
* Calls all the needed actions to build the admin menu.
*
* @since 1.0.1
* @return void
*/
public function cb_admin_menu()
{
// add_menu_page( $page_title, $menu_title, $capability, $menu_slug, $function, $icon_url, $position );
add_menu_page(__('Firewall Request Monitor', 'querywall'), __('QueryWall', 'querywall'), 'manage_options', 'querywall', '', 'dashicons-shield');
}
/**
* Add rating link to plugin page.
*
* @since 1.0.7
* @return array
*/
public function cb_plugin_meta($links, $file)
{
if (strpos($file, 'querywall.php') !== false) {
// style="padding:0 2px;color:#fff;vertical-align:middle;border-radius:2px;background:#00b9eb;"
$links[] = '<a target="_blank" href="https://wordpress.org/support/view/plugin-reviews/querywall?rate=5#postform" title="Rate and review QueryWall on WordPress.org">Rate on WordPress.org</a>';
$links[] = '<a target="_blank" href="https://github.com/4ley/querywall" title="Contribute to QueryWall on GitHub">Contribute on GitHub</a>';
$links[] = '<a target="_blank" href="https://www.facebook.com/querywall" title="Visit QueryWall on Facebook">Visit on Facebook</a>';
}
return $links;
}
}
QWall_DIC::set('admin', new QWall_Admin());
}
_e('Blocked requests are shown in the list below.', 'querywall');
?>
</p>
</div>
<?php
$fw_monitor->display();
?>
</div>
<?php
}
/**
* Purge blocked request logs.
*
* @since 1.0.5
* @return int|boolen
*/
public function purge_logs($older_than_hours = 0)
{
global $wpdb;
if ($older_than_hours == 0) {
return $wpdb->query("DELETE FROM `" . $wpdb->base_prefix . "qwall_monitor`;");
} else {
if (in_array($older_than_hours, array(24, 72, 120, 168, 336, 672))) {
return $wpdb->query("DELETE FROM `" . $wpdb->base_prefix . "qwall_monitor` WHERE `date_time_gmt` < '" . current_time('mysql', 1) . "' - INTERVAL " . esc_sql((int) $older_than_hours) . " HOUR;");
}
}
return false;
}
}
QWall_DIC::set('monitor', new QWall_Monitor());
}
$namespace = 'qwall_' . $namespace;
if (!isset($this->settings[$namespace])) {
$this->settings[$namespace] = get_option($namespace, $this->default_settings[$namespace]);
}
if (null === $name) {
return $this->settings[$namespace];
} else {
if (isset($this->settings[$namespace][$name])) {
return $this->settings[$namespace][$name];
} else {
if (isset($this->default_settings[$namespace][$name])) {
return $this->default_settings[$namespace][$name];
} else {
return $default;
}
}
}
}
/**
* Delete option settings.
*
* @since 1.0.7
* @return array
*/
public function delete($namespace)
{
delete_option('qwall_' . $namespace);
}
}
QWall_DIC::set('settings', new QWall_Settings());
}
}
exit;
}
/**
* Log request
*
* @param string $filter_group Filter group
* @param string $filter_match Filter match
* @param string $filter_input Filter input
*
* @since 1.0.1
* @return void
*/
private static function log($filter_group, $filter_match, $filter_input)
{
global $wpdb;
if (isset($_SERVER['HTTP_USER_AGENT'])) {
$user_agent = $_SERVER['HTTP_USER_AGENT'];
} else {
$user_agent = '';
}
if (QWall_DIC::get('settings')->get('settings', 'anonymize_ip')) {
$ipv4 = long2ip(ip2long($_SERVER['REMOTE_ADDR']) & 4294967040.0);
} else {
$ipv4 = $_SERVER['REMOTE_ADDR'];
}
$wpdb->insert($wpdb->base_prefix . 'qwall_monitor', array('date_time' => current_time('mysql'), 'date_time_gmt' => current_time('mysql', 1), 'ipv4' => sprintf('%u', ip2long($ipv4)), 'agent' => $user_agent, 'filter_group' => $filter_group, 'filter_match' => $filter_match, 'filter_input' => $filter_input));
}
}
QWall_DIC::set('firewall', new QWall_Firewall());
}
*
* @since 1.1.0
* @return string|array
*/
public function get_attack_vectors($vector = null)
{
if (!isset($this->attack_vectors)) {
$this->attack_vectors = array('request_uri' => array('name' => 'REQUEST_URI', 'default_pattern' => array('eval\\(', 'UNION(.*)SELECT', 'GROUP_CONCAT', 'CONCAT\\s*\\(', '\\(null\\)', 'base64_', '\\/localhost', '\\%2Flocalhost', '\\/pingserver', '\\/config\\.', '\\/wwwroot', '\\/makefile', 'crossdomain\\.', 'proc\\/self\\/environ', 'etc\\/passwd', '\\/https\\:', '\\/http\\:', '\\/ftp\\:', '\\/cgi\\/', '\\.cgi', '\\.exe', '\\.sql', '\\.ini', '\\.dll', '\\.asp', '\\.jsp', '\\/\\.bash', '\\/\\.git', '\\/\\.svn', '\\/\\.tar', ' ', '\\<', '\\>', '\\/\\=', '\\.\\.\\.', '\\+\\+\\+', '\\/&&', '\\/Nt\\.', '\\;Nt\\.', '\\=Nt\\.', '\\,Nt\\.', '\\.exec\\(', '\\)\\.html\\(', '\\{x\\.html\\(', '\\(function\\(', '\\.php\\([0-9]+\\)', '(benchmark|sleep)(\\s|%20)*\\(')), 'query_string' => array('name' => 'QUERY_STRING', 'default_pattern' => array('\\.\\.\\/', '127\\.0\\.0\\.1', 'localhost', 'loopback', '\\%0A', '\\%0D', '\\%00', '\\%2e\\%2e', 'input_file', 'execute', 'mosconfig', 'path\\=\\.', 'mod\\=\\.', 'wp-config\\.php')), 'files' => array('name' => 'FILES', 'default_pattern' => array('\\.dll$', '\\.rb$', '\\.py$', '\\.exe$', '\\.php[3-6]?$', '\\.pl$', '\\.perl$', '\\.ph[34]$', '\\.phl$', '\\.phtml$', '\\.phtm$')), 'http_user_agent' => array('name' => 'HTTP_USER_AGENT', 'default_pattern' => array('acapbot', 'binlar', 'casper', 'cmswor', 'diavol', 'dotbot', 'finder', 'flicky', 'morfeus', 'nutch', 'planet', 'purebot', 'pycurl', 'semalt', 'skygrid', 'snoopy', 'sucker', 'turnit', 'vikspi', 'zmeu')), 'http_referer' => array('name' => 'HTTP_REFERER', 'default_pattern' => array()), 'http_cookie' => array('name' => 'HTTP_COOKIE', 'default_pattern' => array()), 'remote_addr' => array('name' => 'REMOTE_ADDR', 'default_pattern' => array()));
foreach ($this->attack_vectors as $idx => $v) {
$option = get_option('qwall_avc_' . $idx);
$custom_pattern = array();
if ($option && !empty($option)) {
$option = base64_decode($option);
if ($option && !empty($option)) {
$custom_pattern = explode('##', $option);
}
}
$this->attack_vectors[$idx]['custom_pattern'] = $custom_pattern;
}
}
if (null !== $vector) {
if (!isset($this->attack_vectors[$vector])) {
return null;
}
return $this->attack_vectors[$vector];
}
return $this->attack_vectors;
}
}
QWall_DIC::set('firewall_rules', new QWall_Firewall_Rules());
}
