protected function validate_settings() { if (!$this->can_save()) { return; } $forbidden_slugs = array('admin', 'login', 'wp-login.php', 'dashboard', 'wp-admin'); if (in_array($this->settings['slug'], $forbidden_slugs)) { $this->add_error(__('The Login Slug cannot be "%1$s" as WordPress uses that slug.', 'better-wp-security')); $this->set_can_save(false); return; } if ($this->settings['enabled'] && $this->settings['slug'] !== $this->previous_settings['slug']) { $url = get_site_url() . '/' . $this->settings['slug']; ITSEC_Response::add_message(sprintf(__('The Hide Backend feature is now active. Your new login URL is <strong><code>%1$s</code></strong>. Please note this may be different than what you sent as the URL was sanitized to meet various requirements. A reminder has also been sent to the notification email addresses set in iThemes Security\'s Global settings.', 'better-wp-security'), esc_url($url))); } else { if ($this->settings['enabled'] && !$this->previous_settings['enabled']) { $url = get_site_url() . '/' . $this->settings['slug']; ITSEC_Response::add_message(sprintf(__('The Hide Backend feature is now active. Your new login URL is <strong><code>%1$s</code></strong>. A reminder has also been sent to the notification email addresses set in iThemes Security\'s Global settings.', 'better-wp-security'), esc_url($url))); } else { if (!$this->settings['enabled'] && $this->previous_settings['enabled']) { $url = get_site_url() . '/wp-login.php'; ITSEC_Response::add_message(sprintf(__('The Hide Backend feature is now disabled. Your new login URL is <strong><code>%1$s</code></strong>. A reminder has also been sent to the notification email addresses set in iThemes Security\'s Global settings.', 'better-wp-security'), esc_url($url))); } } } if (isset($url)) { $this->send_new_login_url($url); ITSEC_Response::prevent_modal_close(); } if ($this->settings['enabled'] !== $this->previous_settings['enabled'] || $this->settings['slug'] !== $this->previous_settings['slug'] || $this->settings['register'] !== $this->previous_settings['register']) { ITSEC_Response::regenerate_server_config(); } ITSEC_Response::reload_module($this->get_id()); }
protected function validate_settings() { if (!$this->can_save()) { return; } $previous_settings = ITSEC_Modules::get_settings($this->get_id()); $diff = array_diff_assoc($this->settings, $previous_settings); if (!empty($diff)) { ITSEC_Response::regenerate_server_config(); } if ($this->settings['write_permissions']) { // Always set permissions to 0444 when saving the settings. // This ensures that the file permissions are fixed each time the settings are saved. $new_permissions = 0444; } else { if ($this->settings['write_permissions'] !== $previous_settings['write_permissions']) { // Only revert the settings to the defaults when disabling the setting. // This avoids changing the file permissions when the setting has yet to be enabled and disabled. $new_permissions = 0664; } } if (isset($new_permissions)) { // Only change the permissions when needed. require_once ITSEC_Core::get_core_dir() . 'lib/class-itsec-lib-config-file.php'; require_once ITSEC_Core::get_core_dir() . 'lib/class-itsec-lib-file.php'; $server_config_file = ITSEC_Lib_Config_File::get_server_config_file_path(); $wp_config_file = ITSEC_Lib_Config_File::get_wp_config_file_path(); ITSEC_Lib_File::chmod($server_config_file, $new_permissions); ITSEC_Lib_File::chmod($wp_config_file, $new_permissions); ITSEC_Response::reload_module('file-permissions'); } }
public static function deactivate() { $self = self::get_instance(); $self->remove_config_hooks(); ITSEC_Response::regenerate_server_config(); ITSEC_Response::regenerate_wp_config(); }
protected function handle_settings_changes($old_settings) { if ($this->settings['digest_email'] && !$old_settings['digest_email']) { $digest_queue = array('last_sent' => ITSEC_Core::get_current_time_gmt(), 'messages' => array()); update_site_option('itsec_message_queue', $digest_queue); } if ($this->settings['write_files'] && !$old_settings['write_files']) { ITSEC_Response::regenerate_server_config(); ITSEC_Response::regenerate_wp_config(); } }
protected function validate_settings() { if (!$this->can_save()) { return; } $previous_settings = ITSEC_Modules::get_settings($this->get_id()); if ($this->settings['file_editor'] !== $previous_settings['file_editor']) { ITSEC_Response::regenerate_wp_config(); } if ($this->settings['disable_xmlrpc'] !== $previous_settings['disable_xmlrpc'] || $this->settings['comment_spam'] !== $previous_settings['comment_spam']) { ITSEC_Response::regenerate_server_config(); } }
protected function validate_settings() { if (!$this->can_save()) { return; } $previous_settings = ITSEC_Modules::get_settings($this->get_id()); foreach ($this->settings as $key => $val) { if (!isset($previous_settings[$key]) || $previous_settings[$key] != $val) { ITSEC_Response::regenerate_server_config(); break; } } }
/** * Execute module upgrade * * @since 4.0 * * @return void */ public function execute_upgrade($itsec_old_version) { if ($itsec_old_version < 4000) { global $itsec_bwps_options; ITSEC_Lib::create_database_tables(); $current_options = get_site_option('itsec_tweaks'); // Don't do anything if settings haven't already been set, defaults exist in the module system and we prefer to use those if (false !== $current_options) { $current_options['protect_files'] = isset($itsec_bwps_options['st_ht_files']) && $itsec_bwps_options['st_ht_files'] == 1 ? true : false; $current_options['directory_browsing'] = isset($itsec_bwps_options['st_ht_browsing']) && $itsec_bwps_options['st_ht_browsing'] == 1 ? true : false; $current_options['request_methods'] = isset($itsec_bwps_options['st_ht_request']) && $itsec_bwps_options['st_ht_request'] == 1 ? true : false; $current_options['suspicious_query_strings'] = isset($itsec_bwps_options['st_ht_query']) && $itsec_bwps_options['st_ht_query'] == 1 ? true : false; $current_options['non_english_characters'] = isset($itsec_bwps_options['st_ht_foreign']) && $itsec_bwps_options['st_ht_foreign'] == 1 ? true : false; $current_options['long_url_strings'] = isset($itsec_bwps_options['st_longurl']) && $itsec_bwps_options['st_longurl'] == 1 ? true : false; $current_options['write_permissions'] = isset($itsec_bwps_options['st_fileperm']) && $itsec_bwps_options['st_fileperm'] == 1 ? true : false; update_site_option('itsec_tweaks', $current_options); ITSEC_Response::regenerate_server_config(); ITSEC_Response::regenerate_wp_config(); } } if ($itsec_old_version < 4035) { ITSEC_Response::regenerate_server_config(); } if ($itsec_old_version < 4041) { $current_options = get_site_option('itsec_tweaks'); // If there are no current options, go with the new defaults by not saving anything if (is_array($current_options)) { $new_module_settings = ITSEC_Modules::get_settings('system-tweaks'); // Reduce to only settings in new module $current_options = array_intersect_key($current_options, $new_module_settings); // Use new module settings as defaults for any missing settings $current_options = array_merge($new_module_settings, $current_options); // If anything in this module is being used activate it, otherwise deactivate it $activate = false; foreach ($current_options as $on) { if ($on) { $activate = true; break; } } if ($activate) { ITSEC_Modules::activate('system-tweaks'); } else { ITSEC_Modules::deactivate('system-tweaks'); } ITSEC_Modules::set_settings('system-tweaks', $current_options); } } }
/** * Execute module upgrade * * @since 4.0 * * @return void */ public function execute_upgrade($itsec_old_version) { if ($itsec_old_version < 4000) { global $itsec_bwps_options; ITSEC_Lib::create_database_tables(); $current_options = get_site_option('itsec_tweaks'); // Don't do anything if settings haven't already been set, defaults exist in the module system and we prefer to use those if (false !== $current_options) { $current_options['wlwmanifest_header'] = isset($itsec_bwps_options['st_manifest']) && $itsec_bwps_options['st_manifest'] == 1 ? true : false; $current_options['edituri_header'] = isset($itsec_bwps_options['st_edituri']) && $itsec_bwps_options['st_edituri'] == 1 ? true : false; $current_options['comment_spam'] = isset($itsec_bwps_options['st_comment']) && $itsec_bwps_options['st_comment'] == 1 ? true : false; $current_options['login_errors'] = isset($itsec_bwps_options['st_loginerror']) && $itsec_bwps_options['st_loginerror'] == 1 ? true : false; update_site_option('itsec_tweaks', $current_options); ITSEC_Response::regenerate_server_config(); ITSEC_Response::regenerate_wp_config(); } } if ($itsec_old_version < 4035) { ITSEC_Response::regenerate_server_config(); } if ($itsec_old_version < 4041) { $current_options = get_site_option('itsec_tweaks'); // If there are no current options, go with the new defaults by not saving anything if (is_array($current_options)) { $new_module_settings = ITSEC_Modules::get_settings('wordpress-tweaks'); // Reduce to only settings in new module $current_options = array_intersect_key($current_options, $new_module_settings); // Use new module settings as defaults for any missing settings $current_options = array_merge($new_module_settings, $current_options); // If anything in this module is being used activate it, otherwise deactivate it $activate = false; foreach ($current_options as $setting => $on) { // False is actually "enabled" for blocking xmlrpc multiauth if ('allow_xmlrpc_multiauth' !== $setting && $on || 'allow_xmlrpc_multiauth' === $setting && !$on) { $activate = true; break; } } if ($activate) { ITSEC_Modules::activate('wordpress-tweaks'); } else { ITSEC_Modules::deactivate('wordpress-tweaks'); } ITSEC_Modules::set_settings('wordpress-tweaks', $current_options); } } }
/** * Execute module upgrade * * @since 4.0 * * @return void */ public function execute_upgrade($itsec_old_version) { if ($itsec_old_version < 4000) { global $itsec_bwps_options; ITSEC_Lib::create_database_tables(); $current_options = get_site_option('itsec_tweaks'); // Don't do anything if settings haven't already been set, defaults exist in the module system and we prefer to use those if (false !== $current_options) { $current_options['theme_updates'] = isset($itsec_bwps_options['st_themenot']) && $itsec_bwps_options['st_themenot'] == 1 ? true : false; $current_options['plugin_updates'] = isset($itsec_bwps_options['st_pluginnot']) && $itsec_bwps_options['st_pluginnot'] == 1 ? true : false; $current_options['core_updates'] = isset($itsec_bwps_options['st_corenot']) && $itsec_bwps_options['st_corenot'] == 1 ? true : false; update_site_option('itsec_tweaks', $current_options); ITSEC_Response::regenerate_server_config(); ITSEC_Response::regenerate_wp_config(); } } if ($itsec_old_version < 4035) { ITSEC_Response::regenerate_server_config(); } if ($itsec_old_version < 4041) { $current_options = get_site_option('itsec_tweaks'); // If there are no current options, go with the new defaults by not saving anything if (is_array($current_options)) { $new_module_settings = ITSEC_Modules::get_settings('multisite-tweaks'); // Reduce to only settings in new module $current_options = array_intersect_key($current_options, $new_module_settings); // Use new module settings as defaults for any missing settings $current_options = array_merge($new_module_settings, $current_options); // If anything in this module is being used activate it, otherwise deactivate it $activate = false; foreach ($current_options as $on) { if ($on) { $activate = true; break; } } if ($activate) { ITSEC_Modules::activate('multisite-tweaks'); } else { ITSEC_Modules::deactivate('multisite-tweaks'); } ITSEC_Modules::set_settings('multisite-tweaks', $current_options); } } }
/** * Execute module upgrade * * @return void */ public function execute_upgrade($itsec_old_version) { if ($itsec_old_version < 4000) { global $itsec_bwps_options; $current_options = get_site_option('itsec_ban_users'); // Don't do anything if settings haven't already been set, defaults exist in the module system and we prefer to use those if (false !== $current_options) { $current_options['enabled'] = isset($itsec_bwps_options['bu_enabled']) && $itsec_bwps_options['bu_enabled'] == 1 ? true : false; $current_options['default'] = isset($itsec_bwps_options['bu_blacklist']) && $itsec_bwps_options['bu_blacklist'] == 1 ? true : false; if (isset($itsec_bwps_options['bu_banlist']) && !is_array($itsec_bwps_options['bu_banlist']) && strlen($itsec_bwps_options['bu_banlist']) > 1) { $raw_hosts = explode(PHP_EOL, $itsec_bwps_options['bu_banlist']); foreach ($raw_hosts as $host) { if (strlen($host) > 1) { $current_options['host_list'][] = $host; } } } if (isset($itsec_bwps_options['bu_banagent']) && !is_array($itsec_bwps_options['bu_banagent']) && strlen($itsec_bwps_options['bu_banagent']) > 1) { $current_options['agent_list'] = explode(PHP_EOL, $itsec_bwps_options['bu_banagent']); $raw_agents = explode(PHP_EOL, $itsec_bwps_options['bu_banagent']); foreach ($raw_agents as $agent) { if (strlen($agent) > 1) { $current_options['agent_list'][] = $agent; } } } update_site_option('itsec_ban_users', $current_options); ITSEC_Response::regenerate_server_config(); } } if ($itsec_old_version < 4027) { ITSEC_Response::regenerate_server_config(); } if ($itsec_old_version < 4041) { $current_options = get_site_option('itsec_ban_users'); // If there are no current options, go with the new defaults by not saving anything if (is_array($current_options)) { $itsec_modules = ITSEC_Modules::get_instance(); // 'enable_ban_lists' was previously just 'enabled' // Make sure the new module is properly activated or deactivated if ($current_options['enabled']) { ITSEC_Modules::activate('backup'); $current_options['enable_ban_lists'] = true; } else { ITSEC_Modules::deactivate('backup'); $current_options['enable_ban_lists'] = false; } unset($current_options['enabled']); // Filter out invalid IPs $current_options['host_list'] = array_map('trim', $current_options['host_list']); if (!class_exists('ITSEC_Lib_IP_Tools')) { require_once ITSEC_Core::get_core_dir() . '/lib/class-itsec-lib-ip-tools.php'; } foreach ($current_options['host_list'] as $index => $ip) { if ('' === $ip || false === ITSEC_Lib_IP_Tools::ip_wild_to_ip_cidr($ip)) { unset($current_options['host_list'][$index]); } } $itsec_modules->set_settings('ban-users', $current_options); } } }
/** * Update Execution * * @since 4.0 * * @param string $old_version Old version number * * @return void */ private function upgrade_execute($upgrade = false) { global $itsec_old_version, $itsec_globals, $wpdb, $itsec_setup_action; $tables_updated = false; $itsec_setup_action = 'upgrade'; $itsec_old_version = $upgrade; if ($itsec_old_version < 4000) { global $itsec_bwps_options; if (wp_next_scheduled('bwps_backup')) { wp_clear_scheduled_hook('bwps_backup'); } if (is_multisite()) { switch_to_blog(1); $itsec_bwps_options = get_option('bit51_bwps'); delete_option('bit51_bwps'); delete_option('bwps_intrusion_warning'); delete_option('bit51_bwps_data'); delete_site_transient('bit51_bwps_backup'); delete_site_transient('bwps_away'); restore_current_blog(); } else { $itsec_bwps_options = get_option('bit51_bwps'); delete_option('bit51_bwps'); delete_option('bwps_intrusion_warning'); delete_option('bit51_bwps_data'); delete_site_transient('bit51_bwps_backup'); delete_site_transient('bwps_away'); } if ($itsec_bwps_options !== false) { $current_options = get_site_option('itsec_global'); if ($current_options === false) { $current_options = $this->defaults; } $current_options['notification_email'] = array(isset($itsec_bwps_options['ll_emailaddress']) && strlen($itsec_bwps_options['ll_emailaddress']) ? $itsec_bwps_options['ll_emailaddress'] : get_option('admin_email')); $current_options['backup_email'] = array(isset($itsec_bwps_options['backup_emailaddress']) && strlen($itsec_bwps_options['backup_emailaddress']) ? $itsec_bwps_options['backup_emailaddress'] : get_option('admin_email')); $current_options['blacklist'] = isset($itsec_bwps_options['ll_blacklistip']) && $itsec_bwps_options['ll_blacklistip'] == 0 ? false : true; $current_options['blacklist_count'] = isset($itsec_bwps_options['ll_blacklistipthreshold']) && intval($itsec_bwps_options['ll_blacklistipthreshold']) > 0 ? intval($itsec_bwps_options['ll_blacklistipthreshold']) : 3; $current_options['write_files'] = isset($itsec_bwps_options['st_writefiles']) && $itsec_bwps_options['st_writefiles'] == 1 ? true : false; $itsec_globals['settings']['write_files'] = $current_options['write_files']; $current_options['did_upgrade'] = true; if (isset($itsec_bwps_options['id_whitelist']) && !is_array($itsec_bwps_options['id_whitelist']) && strlen($itsec_bwps_options['id_whitelist']) > 1) { $raw_hosts = explode(PHP_EOL, $itsec_bwps_options['id_whitelist']); foreach ($raw_hosts as $host) { if (strlen($host) > 1) { $current_options['lockout_white_list'][] = $host; } } } if ($current_options['write_files'] === false) { set_site_transient('ITSEC_SHOW_WRITE_FILES_TOOLTIP', true, 600); } update_site_option('itsec_global', $current_options); } $wpdb->query("DROP TABLE IF EXISTS `" . $wpdb->base_prefix . "bwps_lockouts`;"); $wpdb->query("DROP TABLE IF EXISTS `" . $wpdb->base_prefix . "bwps_log`;"); $wpdb->query("DROP TABLE IF EXISTS `" . $wpdb->base_prefix . "BWPS_d404`;"); $wpdb->query("DROP TABLE IF EXISTS `" . $wpdb->base_prefix . "BWPS_ll`;"); $wpdb->query("DROP TABLE IF EXISTS `" . $wpdb->base_prefix . "BWPS_lockouts`;"); delete_option('bwps_file_log'); delete_option('bwps_awaymode'); delete_option('bwps_filecheck'); delete_option('BWPS_Login_Slug'); delete_option('BWPS_options'); delete_option('BWPS_versions'); delete_option('bit51_bwps_data'); } $this->do_modules(); $itsec_globals['data']['build'] = ITSEC_Core::get_plugin_build(); update_site_option('itsec_data', $itsec_globals['data']); if ($itsec_old_version < 4030) { ITSEC_Lib::create_database_tables(); //adds username field to lockouts and temp $tables_updated = true; ITSEC_Response::regenerate_server_config(); } if ($itsec_old_version < 4031) { $banned_option = get_site_option('itsec_ban_users'); if (isset($banned_option['white_list'])) { $banned_white_list = $banned_option['white_list']; $options = get_site_option('itsec_global'); $white_list = isset($options['lockout_white_list']) ? $options['lockout_white_list'] : array(); if (!is_array($white_list)) { $white_list = explode(PHP_EOL, $white_list); } if (!is_array($banned_white_list)) { $banned_white_list = explode(PHP_EOL, $banned_white_list); } $new_white_list = array_merge($white_list, $banned_white_list); $options['lockout_white_list'] = $new_white_list; update_site_option('itsec_global', $options); } } if ($itsec_old_version < 4033) { if (get_site_option('itsec_api_nag') === false) { //show the nag to activate an API key add_site_option('itsec_api_nag', true, false); } } //IPv6 support was added in 4039 if ($itsec_old_version < 4039 && !$tables_updated) { ITSEC_Lib::create_database_tables(); $tables_updated = true; } if ($itsec_old_version < 4040) { $options = get_site_option('itsec_global'); if ($options['log_info']) { $new_log_info = substr(sanitize_title(get_bloginfo('name')), 0, 20) . '-' . wp_generate_password(30, false); $old_file = path_join($options['log_location'], 'event-log-' . $options['log_info'] . '.log'); $new_file = path_join($options['log_location'], 'event-log-' . $new_log_info . '.log'); // If the file exists already, don't update the location unless we successfully move it. if (file_exists($old_file) && rename($old_file, $new_file)) { $options['log_info'] = $new_log_info; } } // Make sure we have an index files to block directory listing in logs directory if (is_dir($options['log_location']) && !file_exists(path_join($options['log_location'], 'index.php'))) { file_put_contents(path_join($options['log_location'], 'index.php'), "<?php\n// Silence is golden."); } $backup_options = get_site_option('itsec_backup'); // Make sure we have an index files to block directory listing in backups directory if (is_dir($backup_options['location']) && !file_exists(path_join($backup_options['location'], 'index.php'))) { file_put_contents(path_join($backup_options['location'], 'index.php'), "<?php\n// Silence is golden."); } update_site_option('itsec_global', $options); } $itsec_modules = ITSEC_Modules::get_instance(); $itsec_modules->run_upgrade($itsec_old_version, ITSEC_Core::get_plugin_build()); }
/** * Execute module upgrade * * @return void */ public function execute_upgrade($itsec_old_version) { if ($itsec_old_version < 4000) { global $itsec_bwps_options; $current_options = get_site_option('itsec_hide_backend'); if (false !== $current_options) { $current_options['enabled'] = isset($itsec_bwps_options['hb_enabled']) && $itsec_bwps_options['hb_enabled'] == 1 ? true : false; $current_options['register'] = isset($itsec_bwps_options['hb_register']) ? sanitize_text_field($itsec_bwps_options['hb_register']) : 'wp-register.php'; if ($current_options['enabled'] === true) { $current_options['show-tooltip'] = true; set_site_transient('ITSEC_SHOW_HIDE_BACKEND_TOOLTIP', true, 600); } else { $current_options['show-tooltip'] = false; } $forbidden_slugs = array('admin', 'login', 'wp-login.php', 'dashboard', 'wp-admin', ''); if (isset($itsec_bwps_options['hb_login']) && !in_array(trim($itsec_bwps_options['hb_login']), $forbidden_slugs)) { $current_options['slug'] = $itsec_bwps_options['hb_login']; set_site_transient('ITSEC_SHOW_HIDE_BACKEND_TOOLTIP', true, 600); } else { $current_options['enabled'] = false; set_site_transient('ITSEC_SHOW_HIDE_BACKEND_TOOLTIP', true, 600); } update_site_option('itsec_hide_backend', $current_options); ITSEC_Response::regenerate_server_config(); } } if ($itsec_old_version < 4027) { $current_options = get_site_option('itsec_hide_backend'); if (isset($current_options['enabled']) && $current_options['enabled'] === true) { $config_file = ITSEC_Lib::get_htaccess(); //Make sure we can write to the file $perms = substr(sprintf('%o', @fileperms($config_file)), -4); @chmod($config_file, 0664); add_action('admin_init', array($this, 'flush_rewrite_rules')); //reset file permissions if we changed them if ($perms == '0444') { @chmod($config_file, 0444); } ITSEC_Response::regenerate_server_config(); } } if ($itsec_old_version < 4041) { $current_options = get_site_option('itsec_hide_backend'); // If there are no current options, go with the new defaults by not saving anything if (is_array($current_options)) { // remove 'show-tooltip' which is old and not used in the new module unset($current_options['show-tooltip']); ITSEC_Modules::set_settings('hide-backend', $current_options); } } }