示例#1
0
 public static function install_actions()
 {
     register_activation_hook(WORDFENCE_FCPATH, 'wordfence::installPlugin');
     register_deactivation_hook(WORDFENCE_FCPATH, 'wordfence::uninstallPlugin');
     $versionInOptions = get_option('wordfence_version', false);
     if (!$versionInOptions || version_compare(WORDFENCE_VERSION, $versionInOptions, '>')) {
         //Either there is no version in options or the version in options is greater and we need to run the upgrade
         self::runInstall();
     }
     self::initProtection();
     //These access wfConfig::get('apiKey') and will fail if runInstall hasn't executed.
     wfCache::setupCaching();
     if (defined('MULTISITE') && MULTISITE === true) {
         global $blog_id;
         if ($blog_id == 1 && get_option('wordfenceActivated') != 1) {
             return;
         }
         //Because the plugin is active once installed, even before it's network activated, for site 1 (WordPress team, why?!)
     }
     //User may be logged in or not, so register both handlers
     add_action('wp_ajax_nopriv_wordfence_logHuman', 'wordfence::ajax_logHuman_callback');
     add_action('wp_ajax_nopriv_wordfence_doScan', 'wordfence::ajax_doScan_callback');
     add_action('wp_ajax_nopriv_wordfence_testAjax', 'wordfence::ajax_testAjax_callback');
     add_action('wp_ajax_nopriv_wordfence_perfLog', 'wordfence::ajax_perfLog_callback');
     if (wfUtils::hasLoginCookie()) {
         //may be logged in. Fast way to check. These aren't secure functions, this is just a perf optimization, along with every other use of hasLoginCookie()
         add_action('wp_ajax_wordfence_perfLog', 'wordfence::ajax_perfLog_callback');
         add_action('wp_ajax_wordfence_logHuman', 'wordfence::ajax_logHuman_callback');
         add_action('wp_ajax_wordfence_doScan', 'wordfence::ajax_doScan_callback');
         add_action('wp_ajax_wordfence_testAjax', 'wordfence::ajax_testAjax_callback');
         if (is_multisite()) {
             add_action('wp_network_dashboard_setup', 'wordfence::addDashboardWidget');
         } else {
             add_action('wp_dashboard_setup', 'wordfence::addDashboardWidget');
         }
     }
     add_action('wordfence_start_scheduled_scan', 'wordfence::wordfenceStartScheduledScan');
     add_action('wordfence_daily_cron', 'wordfence::dailyCron');
     add_action('wordfence_daily_autoUpdate', 'wfConfig::autoUpdate');
     add_action('wordfence_hourly_cron', 'wordfence::hourlyCron');
     add_action('plugins_loaded', 'wordfence::veryFirstAction');
     add_action('init', 'wordfence::initAction');
     add_action('template_redirect', 'wordfence::templateRedir', 1001);
     add_action('shutdown', 'wordfence::shutdownAction');
     if (version_compare(PHP_VERSION, '5.4.0') >= 0) {
         add_action('wp_authenticate', 'wordfence::authActionNew', 1, 2);
     } else {
         add_action('wp_authenticate', 'wordfence::authActionOld', 1, 2);
     }
     add_filter('authenticate', 'wordfence::authenticateFilter', 99, 3);
     if (self::isLockedOut(wfUtils::getIP())) {
         add_filter('xmlrpc_enabled', '__return_false');
     }
     add_action('login_init', 'wordfence::loginInitAction');
     add_action('wp_login', 'wordfence::loginAction');
     add_action('wp_logout', 'wordfence::logoutAction');
     add_action('lostpassword_post', 'wordfence::lostPasswordPost', '1');
     if (wfUtils::hasLoginCookie()) {
         add_action('user_profile_update_errors', 'wordfence::validateProfileUpdate', 0, 3);
         add_action('profile_update', 'wordfence::profileUpdateAction', '99', 2);
         add_action('validate_password_reset', 'wordfence::validatePassword', 10, 2);
     }
     add_action('publish_future_post', 'wordfence::publishFuturePost');
     add_action('mobile_setup', 'wordfence::jetpackMobileSetup');
     //Action called in Jetpack Mobile Theme: modules/minileven/minileven.php
     // Add actions for the email summary
     add_action('wordfence_email_activity_report', array('wfActivityReport', 'executeCronJob'));
     //For debugging
     //add_filter( 'cron_schedules', 'wordfence::cronAddSchedules' );
     add_filter('wp_redirect', 'wordfence::wpRedirectFilter', 99, 2);
     add_filter('pre_comment_approved', 'wordfence::preCommentApprovedFilter', '99', 2);
     //html|xhtml|atom|rss2|rdf|comment|export
     if (wfConfig::get('other_hideWPVersion')) {
         add_filter('style_loader_src', 'wordfence::replaceVersion');
         add_filter('script_loader_src', 'wordfence::replaceVersion');
         add_action('upgrader_process_complete', 'wordfence::hideReadme');
     }
     add_filter('get_the_generator_html', 'wordfence::genFilter', 99, 2);
     add_filter('get_the_generator_xhtml', 'wordfence::genFilter', 99, 2);
     add_filter('get_the_generator_atom', 'wordfence::genFilter', 99, 2);
     add_filter('get_the_generator_rss2', 'wordfence::genFilter', 99, 2);
     add_filter('get_the_generator_rdf', 'wordfence::genFilter', 99, 2);
     add_filter('get_the_generator_comment', 'wordfence::genFilter', 99, 2);
     add_filter('get_the_generator_export', 'wordfence::genFilter', 99, 2);
     add_filter('registration_errors', 'wordfence::registrationFilter', 99, 3);
     // Change GoDaddy's limit login mu-plugin since it can interfere with the two factor auth message.
     if (self::hasGDLimitLoginsMUPlugin()) {
         add_action('login_errors', array('wordfence', 'fixGDLimitLoginsErrors'), 11);
     }
     if (is_admin()) {
         add_action('admin_init', 'wordfence::admin_init');
         if (is_multisite()) {
             if (wfUtils::isAdminPageMU()) {
                 add_action('network_admin_menu', 'wordfence::admin_menus');
             }
             //else don't show menu
         } else {
             add_action('admin_menu', 'wordfence::admin_menus');
         }
         add_filter('pre_update_option_permalink_structure', 'wordfence::disablePermalinksFilter', 10, 2);
         if (preg_match('/^(?:falcon|php)$/', wfConfig::get('cacheType'))) {
             add_filter('post_row_actions', 'wordfence::postRowActions', 0, 2);
             add_filter('page_row_actions', 'wordfence::pageRowActions', 0, 2);
             add_action('post_submitbox_start', 'wordfence::postSubmitboxStart');
         }
     }
     add_action('request', 'wordfence::preventAuthorNScans');
     add_action('password_reset', 'wordfence::actionPasswordReset');
     $adminUsers = new wfAdminUserMonitor();
     if ($adminUsers->isEnabled()) {
         add_action('set_user_role', array($adminUsers, 'updateToUserRole'), 10, 3);
         add_action('grant_super_admin', array($adminUsers, 'grantSuperAdmin'), 10, 1);
         add_action('revoke_super_admin', array($adminUsers, 'revokeSuperAdmin'), 10, 1);
     } else {
         if (wfConfig::get_ser('adminUserList', false)) {
             // reset this in the event it's disabled or the network is too large
             wfConfig::set_ser('adminUserList', false);
         }
     }
     if (!self::getLog()->getCurrentRequest()->jsRun && wfConfig::liveTrafficEnabled()) {
         add_action('wp_head', 'wordfence::wfLogHumanHeader');
         add_action('login_head', 'wordfence::wfLogHumanHeader');
     }
     add_action('wordfence_processAttackData', 'wordfence::processAttackData');
     if (!empty($_GET['wordfence_syncAttackData']) && get_site_option('wordfence_syncingAttackData') <= time() - 60) {
         ignore_user_abort(true);
         update_site_option('wordfence_syncingAttackData', time());
         header('Content-Type: text/javascript');
         add_action('init', 'wordfence::syncAttackData', 10, 0);
         add_filter('woocommerce_unforce_ssl_checkout', '__return_false');
     }
     if (wfConfig::get('other_hideWPVersion')) {
         add_filter('update_feedback', 'wordfence::restoreReadmeForUpgrade');
     }
 }
示例#2
0
 public function scan_suspiciousAdminUsers()
 {
     $this->statusIDX['suspiciousAdminUsers'] = wordfence::statusStart("Scanning for admin users not created through WordPress");
     $haveIssues = false;
     $adminUsers = new wfAdminUserMonitor();
     if ($adminUsers->isEnabled() && ($suspiciousAdmins = $adminUsers->checkNewAdmins())) {
         foreach ($suspiciousAdmins as $userID) {
             $user = new WP_User($userID);
             $key = 'suspiciousAdminUsers' . $userID;
             if ($this->addIssue('suspiciousAdminUsers', 1, $key, $key, "An admin user with the username " . esc_html($user->user_login) . " was created outside of WordPress.", "An admin user with the username " . esc_html($user->user_login) . " was created outside of WordPress. It's\n\t\t\t\tpossible a plugin could have created the account, but if you do not recognize the user, we suggest you remove\n\t\t\t\tit.", array('userID' => $userID))) {
                 $haveIssues = true;
             }
         }
     }
     wordfence::statusEnd($this->statusIDX['suspiciousAdminUsers'], $haveIssues);
 }