}
$message = "<html>\n{$message}</html>\n";
//Setup the remainder of the email
$recipients = ITSEC_Modules::get_setting('global', 'notification_email');
$subject = sprintf(__('[%1$s] WordPress Login Address Changed', 'better-wp-security'), get_site_url());
$subject = apply_filters('itsec_lockout_email_subject', $subject);
$headers = 'From: ' . get_bloginfo('name') . ' <' . get_option('admin_email') . '>' . "\r\n";
//Use HTML Content type
add_filter('wp_mail_content_type', array($this, 'get_html_content_type'));
//Send emails to all recipients
foreach ($recipients as $recipient) {
$recipient = trim($recipient);
if (is_email($recipient)) {
wp_mail($recipient, $subject, $message, $headers);
}
}
//Remove HTML Content type
remove_filter('wp_mail_content_type', array($this, 'get_html_content_type'));
}
/**
* Set HTML content type for email
*
* @return string html content type
*/
public function get_html_content_type()
{
return 'text/html';
}
}
ITSEC_Modules::register_validator(new ITSEC_Hide_Backend_Validator());
$this->set_default_if_empty(array('log_location', 'nginx_file'));
$this->sanitize_setting('bool', 'write_files', __('Write to Files', 'better-wp-security'));
$this->sanitize_setting('bool', 'digest_email', __('Send Digest Email', 'better-wp-security'));
$this->sanitize_setting('bool', 'blacklist', __('Blacklist Repeat Offender', 'better-wp-security'));
$this->sanitize_setting('bool', 'email_notifications', __('Email Lockout Notifications', 'better-wp-security'));
$this->sanitize_setting('bool', 'allow_tracking', __('Allow Data Tracking', 'better-wp-security'));
$this->sanitize_setting('bool', 'lock_file', __('Disable File Locking', 'better-wp-security'));
$this->sanitize_setting('bool', 'proxy_override', __('Override Proxy Detection', 'better-wp-security'));
$this->sanitize_setting('bool', 'hide_admin_bar', __('Hide Security Menu in Admin Bar', 'better-wp-security'));
$this->sanitize_setting('bool', 'show_error_codes', __('Show Error Codes', 'better-wp-security'));
$this->sanitize_setting('string', 'lockout_message', __('Host Lockout Message', 'better-wp-security'));
$this->sanitize_setting('string', 'user_lockout_message', __('User Lockout Message', 'better-wp-security'));
$this->sanitize_setting('string', 'community_lockout_message', __('Community Lockout Message', 'better-wp-security'));
$this->sanitize_setting('writable-directory', 'log_location', __('Path to Log Files', 'better-wp-security'));
$this->sanitize_setting('positive-int', 'blacklist_count', __('Blacklist Threshold', 'better-wp-security'));
$this->sanitize_setting('positive-int', 'blacklist_period', __('Blacklist Lockout Period', 'better-wp-security'));
$this->sanitize_setting('positive-int', 'lockout_period', __('Lockout Period', 'better-wp-security'));
$this->sanitize_setting('positive-int', 'log_rotation', __('Days to Keep Database Logs', 'better-wp-security'));
$log_types = array_keys($this->get_valid_log_types());
$this->sanitize_setting($log_types, 'log_type', __('Log Type', 'better-wp-security'));
$this->sanitize_setting('newline-separated-ips', 'lockout_white_list', __('Lockout White List', 'better-wp-security'));
$this->sanitize_setting('newline-separated-emails', 'notification_email', __('Notification Email', 'better-wp-security'));
$this->sanitize_setting('newline-separated-emails', 'backup_email', __('Backup Delivery Email', 'better-wp-security'));
$allowed_tags = array('a' => array('href' => array(), 'title' => array()), 'br' => array(), 'em' => array(), 'strong' => array(), 'h1' => array(), 'h2' => array(), 'h3' => array(), 'h4' => array(), 'h5' => array(), 'h6' => array(), 'div' => array('style' => array()));
$this->settings['lockout_message'] = trim(wp_kses($this->settings['lockout_message'], $allowed_tags));
$this->settings['user_lockout_message'] = trim(wp_kses($this->settings['user_lockout_message'], $allowed_tags));
$this->settings['community_lockout_message'] = trim(wp_kses($this->settings['community_lockout_message'], $allowed_tags));
}
}
ITSEC_Modules::register_validator(new ITSEC_Global_Validator());
}
$previous_settings = ITSEC_Modules::get_settings($this->get_id());
$diff = array_diff_assoc($this->settings, $previous_settings);
if (!empty($diff)) {
ITSEC_Response::regenerate_server_config();
}
if ($this->settings['write_permissions']) {
// Always set permissions to 0444 when saving the settings.
// This ensures that the file permissions are fixed each time the settings are saved.
$new_permissions = 0444;
} else {
if ($this->settings['write_permissions'] !== $previous_settings['write_permissions']) {
// Only revert the settings to the defaults when disabling the setting.
// This avoids changing the file permissions when the setting has yet to be enabled and disabled.
$new_permissions = 0664;
}
}
if (isset($new_permissions)) {
// Only change the permissions when needed.
require_once ITSEC_Core::get_core_dir() . 'lib/class-itsec-lib-config-file.php';
require_once ITSEC_Core::get_core_dir() . 'lib/class-itsec-lib-file.php';
$server_config_file = ITSEC_Lib_Config_File::get_server_config_file_path();
$wp_config_file = ITSEC_Lib_Config_File::get_wp_config_file_path();
ITSEC_Lib_File::chmod($server_config_file, $new_permissions);
ITSEC_Lib_File::chmod($wp_config_file, $new_permissions);
ITSEC_Response::reload_module('file-permissions');
}
}
}
ITSEC_Modules::register_validator(new ITSEC_System_Tweaks_Validator());
//username didn't validate
$itsec_files->release_file_lock('admin_user');
return false;
} else {
//only changing the id
$user_login = $user_object->user_login;
}
if ($id === true) {
//change the user id
$wpdb->query("DELETE FROM `" . $wpdb->users . "` WHERE ID = 1;");
$wpdb->insert($wpdb->users, array('user_login' => $user_login, 'user_pass' => $user_object->user_pass, 'user_nicename' => $user_object->user_nicename, 'user_email' => $user_object->user_email, 'user_url' => $user_object->user_url, 'user_registered' => $user_object->user_registered, 'user_activation_key' => $user_object->user_activation_key, 'user_status' => $user_object->user_status, 'display_name' => $user_object->display_name));
if (is_multisite() && $username !== null && validate_username($new_user)) {
//process sitemeta if we're in a multi-site situation
$oldAdmins = $wpdb->get_var("SELECT meta_value FROM `" . $wpdb->sitemeta . "` WHERE meta_key = 'site_admins'");
$newAdmins = str_replace('5:"admin"', strlen($new_user) . ':"' . esc_sql($new_user) . '"', $oldAdmins);
$wpdb->query("UPDATE `" . $wpdb->sitemeta . "` SET meta_value = '" . esc_sql($newAdmins) . "' WHERE meta_key = 'site_admins'");
}
$new_user = $wpdb->insert_id;
$wpdb->query("UPDATE `" . $wpdb->posts . "` SET post_author = '" . $new_user . "' WHERE post_author = 1;");
$wpdb->query("UPDATE `" . $wpdb->usermeta . "` SET user_id = '" . $new_user . "' WHERE user_id = 1;");
$wpdb->query("UPDATE `" . $wpdb->comments . "` SET user_id = '" . $new_user . "' WHERE user_id = 1;");
$wpdb->query("UPDATE `" . $wpdb->links . "` SET link_owner = '" . $new_user . "' WHERE link_owner = 1;");
$itsec_files->release_file_lock('admin_user');
return true;
}
}
return false;
}
}
ITSEC_Modules::register_validator(new ITSEC_Admin_User_Validator());
<?php
class ITSEC_Core_Validator extends ITSEC_Validator
{
public function get_id()
{
return 'core';
}
protected function preprocess_settings()
{
}
protected function validate_settings()
{
}
}
ITSEC_Modules::register_validator(new ITSEC_Core_Validator());
protected function validate_settings()
{
if (!$this->can_save()) {
return;
}
if (isset($this->settings['email'])) {
require_once dirname(__FILE__) . '/utilities.php';
$key = ITSEC_Network_Brute_Force_Utilities::get_api_key($this->settings['email'], $this->settings['updates_optin']);
if (is_wp_error($key)) {
$this->set_can_save(false);
$this->add_error($key);
} else {
$secret = ITSEC_Network_Brute_Force_Utilities::activate_api_key($key);
if (is_wp_error($secret)) {
$this->set_can_save(false);
$this->add_error($secret);
} else {
$this->settings['api_key'] = $key;
$this->settings['api_secret'] = $secret;
$this->settings['api_nag'] = false;
ITSEC_Response::reload_module($this->get_id());
}
}
}
if ($this->can_save()) {
unset($this->settings['email']);
}
}
}
ITSEC_Modules::register_validator(new ITSEC_Network_Brute_Force_Validator());
$this->set_can_save(false);
} else {
if (false === ITSEC_Away_Mode_Utilities::is_current_timestamp_active($this->settings['start'], $this->settings['end'], true)) {
/* translators: 1: "End Date", 2: "End Time" */
$this->add_error(new WP_Error("itsec-validator-{$id}-end-already-ended", sprintf(__('The selected restriction date and time has already ended. Please select an %1$s and %2$s that has not already ended.', 'better-wp-security'), __('End Date', 'better-wp-security'), __('End Time', 'better-wp-security'))));
$this->set_can_save(false);
} else {
if (ITSEC_Core::is_interactive() && ITSEC_Away_Mode_Utilities::is_current_timestamp_active($this->settings['start'], $this->settings['end'])) {
/* translators: 1: "Start Date", 2: "Start Time" */
$this->add_error(new WP_Error("itsec-validator-{$id}-start-already-started", sprintf(__('The selected restriction date and time has already started and would result in locking you out immediately. Please select a %1$s and %2$s that has not already started.', 'better-wp-security'), __('Start Date', 'better-wp-security'), __('Start Time', 'better-wp-security'))));
$this->set_can_save(false);
}
}
}
} else {
if ($this->settings['start_time'] === $this->settings['end_time']) {
/* translators: 1: "Start Time", 2: "End Time" */
$this->add_error(new WP_Error("itsec-validator-{$id}-start-equals-end", sprintf(__('The %1$s and %2$s cannot be the same.', 'better-wp-security'), __('Start Time', 'better-wp-security'), __('End Time', 'better-wp-security'))));
$this->set_can_save(false);
} else {
if (ITSEC_Core::is_interactive() && ITSEC_Away_Mode_Utilities::is_current_time_active($this->settings['start_time'], $this->settings['end_time'])) {
/* translators: 1: "Start Time", 2: "End Time" */
$this->add_error(new WP_Error("itsec-validator-{$id}-settings-result-in-current-lockout", sprintf(__('The %1$s and %2$s settings restrict the current time and would result in locking you out immediately. Please select a %1$s and %2$s that does not restrict the current time.', 'better-wp-security'), __('Start Time', 'better-wp-security'), __('End Time', 'better-wp-security'))));
$this->set_can_save(false);
}
}
}
}
}
ITSEC_Modules::register_validator(new ITSEC_Away_Mode_Validator());
if (!isset($this->settings['safe_jquery'])) {
$this->settings['safe_jquery'] = false;
}
$this->sanitize_setting('bool', 'wlwmanifest_header', __('Windows Live Writer Header', 'better-wp-security'));
$this->sanitize_setting('bool', 'edituri_header', __('EditURI Header', 'better-wp-security'));
$this->sanitize_setting('bool', 'comment_spam', __('Comment Spam', 'better-wp-security'));
$this->sanitize_setting('bool', 'file_editor', __('File Editor', 'better-wp-security'));
$this->sanitize_setting('positive-int', 'disable_xmlrpc', __('XML-RPC', 'better-wp-security'));
$this->sanitize_setting(array(0, 1, 2), 'disable_xmlrpc', __('XML-RPC', 'better-wp-security'));
$this->sanitize_setting('bool', 'allow_xmlrpc_multiauth', __('Multiple Authentication Attempts per XML-RPC Request', 'better-wp-security'));
$this->sanitize_setting('bool', 'safe_jquery', __('Replace jQuery With a Safe Version', 'better-wp-security'));
$this->sanitize_setting('bool', 'login_errors', __('Login Error Messages', 'better-wp-security'));
$this->sanitize_setting('bool', 'force_unique_nicename', __('Force Unique Nickname', 'better-wp-security'));
$this->sanitize_setting('bool', 'disable_unused_author_pages', __('Disable Extra User Archives', 'better-wp-security'));
}
protected function validate_settings()
{
if (!$this->can_save()) {
return;
}
$previous_settings = ITSEC_Modules::get_settings($this->get_id());
if ($this->settings['file_editor'] !== $previous_settings['file_editor']) {
ITSEC_Response::regenerate_wp_config();
}
if ($this->settings['disable_xmlrpc'] !== $previous_settings['disable_xmlrpc'] || $this->settings['comment_spam'] !== $previous_settings['comment_spam']) {
ITSEC_Response::regenerate_server_config();
}
}
}
ITSEC_Modules::register_validator(new ITSEC_WordPress_Tweaks_Validator());
class ITSEC_Four_Oh_Four_Validator extends ITSEC_Validator
{
public function get_id()
{
return '404-detection';
}
protected function sanitize_settings()
{
$this->sanitize_setting('positive-int', 'check_period', __('Minutes to Remember 404 Error (Check Period)', 'better-wp-security'));
$this->sanitize_setting('positive-int', 'error_threshold', __('Error Threshold', 'better-wp-security'));
$this->sanitize_setting(array($this, 'sanitize_white_list_entry'), 'white_list', __('404 File/Folder White List', 'better-wp-security'));
$this->sanitize_setting(array($this, 'sanitize_types_entry'), 'types', __('404 File/Folder White List', 'better-wp-security'));
}
protected function sanitize_white_list_entry($entry)
{
if ('/' !== substr($entry, 0, 1)) {
return false;
}
return $entry;
}
protected function sanitize_types_entry($entry)
{
if ('.' !== substr($entry, 0, 1)) {
return false;
}
return $entry;
}
}
ITSEC_Modules::register_validator(new ITSEC_Four_Oh_Four_Validator());
$this->settings['show_warning'] = $previous_settings['show_warning'];
}
$this->vars_to_skip_validate_matching_types[] = 'last_chunk';
$this->sanitize_setting('bool', 'split', __('Split File Scanning', 'better-wp-security'));
$this->sanitize_setting(array('exclude', 'include'), 'method', __('Include/Exclude Files and Folders', 'better-wp-security'));
$this->sanitize_setting('newline-separated-array', 'file_list', __('Files and Folders List', 'better-wp-security'));
$this->sanitize_setting('newline-separated-extensions', 'types', __('Ignore File Types', 'better-wp-security'));
$this->sanitize_setting('bool', 'email', __('Email File Change Notifications', 'better-wp-security'));
$this->sanitize_setting('bool', 'notify_admin', __('Display File Change Admin Warning', 'better-wp-security'));
$this->sanitize_setting('positive-int', 'last_run', __('Last Run', 'better-wp-security'), false);
$this->settings = apply_filters('itsec-file-change-sanitize-settings', $this->settings);
}
protected function validate_settings()
{
$current_time = ITSEC_Core::get_current_time();
if (defined('ITSEC_DOING_FILE_CHECK') && true === ITSEC_DOING_FILE_CHECK) {
$this->settings['last_run'] = $current_time;
} else {
if ($this->settings['split']) {
$interval = 12282;
} else {
$interval = 86340;
}
if ($this->settings['last_run'] <= $current_time - $interval) {
$this->settings['last_run'] = $current_time - $interval + 120;
}
}
}
}
ITSEC_Modules::register_validator(new ITSEC_File_Change_Validator());
<?php
class ITSEC_SSL_Validator extends ITSEC_Validator
{
public function get_id()
{
return 'ssl';
}
protected function sanitize_settings()
{
$this->sanitize_setting('positive-int', 'frontend', __('Front End SSL Mode', 'better-wp-security'));
$this->sanitize_setting(array(0, 1, 2), 'frontend', __('Front End SSL Mode', 'better-wp-security'));
$this->sanitize_setting('bool', 'admin', __('SSL for Dashboard', 'better-wp-security'));
}
protected function validate_settings()
{
if (!$this->can_save()) {
return;
}
$previous_settings = ITSEC_Modules::get_settings($this->get_id());
if ($this->settings['admin'] !== $previous_settings['admin']) {
ITSEC_Response::regenerate_wp_config();
if ($this->settings['admin']) {
ITSEC_Response::force_logout();
}
}
}
}
ITSEC_Modules::register_validator(new ITSEC_SSL_Validator());
<?php
class ITSEC_Backup_Validator extends ITSEC_Validator
{
public function get_id()
{
return 'backup';
}
protected function sanitize_settings()
{
$previous_settings = ITSEC_Modules::get_settings($this->get_id());
if (!isset($this->settings['interval'])) {
$this->settings['interval'] = $previous_settings['interval'];
}
if (!isset($this->settings['last_run'])) {
$this->settings['last_run'] = $previous_settings['last_run'];
}
$this->sanitize_setting('bool', 'all_sites', __('Backup Full Database', 'better-wp-security'));
$this->sanitize_setting('positive-int', 'method', __('Backup Method', 'better-wp-security'));
$this->sanitize_setting(array(0, 1, 2), 'method', __('Backup Method', 'better-wp-security'));
$this->sanitize_setting('writable-directory', 'location', __('Backup Location', 'better-wp-security'));
$this->sanitize_setting('positive-int', 'retain', __('Backups to Retain', 'better-wp-security'));
$this->sanitize_setting('bool', 'zip', __('Compress Backup Files', 'better-wp-security'));
$this->sanitize_setting('newline-separated-array', 'exclude', __('Exclude Tables', 'better-wp-security'));
$this->sanitize_setting('bool', 'enabled', __('Schedule Database Backups', 'better-wp-security'));
$this->sanitize_setting('positive-int', 'interval', __('Backup Interval', 'better-wp-security'));
$this->sanitize_setting('positive-int', 'last_run', __('Last Run', 'better-wp-security'), false);
}
}
ITSEC_Modules::register_validator(new ITSEC_Backup_Validator());
$whitelisted_hosts[] = $host;
}
}
if (!empty($whitelisted_hosts)) {
$this->set_can_save(false);
/* translators: 1: input name, 2: invalid host list */
$this->add_error(wp_sprintf(_n('The following IP in %1$s is whitelisted and cannot be banned: %2$l', 'The following IPs in %1$s are whitelisted and cannot be banned: %2$l', count($whitelisted_hosts), 'better-wp-security'), __('Ban Hosts', 'better-wp-security'), $whitelisted_hosts));
}
}
$this->sanitize_setting(array($this, 'sanitize_agent_list_entry'), 'agent_list', __('Ban User Agents', 'better-wp-security'));
}
protected function sanitize_agent_list_entry($entry)
{
return trim(sanitize_text_field($entry));
}
protected function validate_settings()
{
if (!$this->can_save()) {
return;
}
$previous_settings = ITSEC_Modules::get_settings($this->get_id());
foreach ($this->settings as $key => $val) {
if (!isset($previous_settings[$key]) || $previous_settings[$key] != $val) {
ITSEC_Response::regenerate_server_config();
break;
}
}
}
}
ITSEC_Modules::register_validator(new ITSEC_Ban_Users_Validator());
<?php
class ITSEC_Strong_Passwords_Validator extends ITSEC_Validator
{
public function get_id()
{
return 'strong-passwords';
}
protected function sanitize_settings()
{
$this->sanitize_setting(array('administrator', 'editor', 'author', 'contributor', 'subscriber'), 'role', __('Select Role for Strong Passwords', 'better-wp-security'));
}
}
ITSEC_Modules::register_validator(new ITSEC_Strong_Passwords_Validator());
<?php
class ITSEC_Multisite_Tweaks_Validator extends ITSEC_Validator
{
public function get_id()
{
return 'multisite-tweaks';
}
protected function preprocess_settings()
{
$this->sanitize_setting('bool', 'theme_updates', __('Theme Update Notifications', 'better-wp-security'));
$this->sanitize_setting('bool', 'plugin_updates', __('Plugin Update Notifications', 'better-wp-security'));
$this->sanitize_setting('bool', 'core_updates', __('Core Update Notifications', 'better-wp-security'));
}
}
ITSEC_Modules::register_validator(new ITSEC_Multisite_Tweaks_Validator());
