mirror of
https://github.com/mainwp/mainwp-child.git
synced 2025-08-31 03:53:15 +08:00
973 lines
30 KiB
PHP
973 lines
30 KiB
PHP
<?php
|
|
|
|
class MainWP_Child_iThemes_Security {
|
|
public static $instance = null;
|
|
|
|
static function Instance() {
|
|
if ( null === MainWP_Child_iThemes_Security::$instance ) {
|
|
MainWP_Child_iThemes_Security::$instance = new MainWP_Child_iThemes_Security();
|
|
}
|
|
|
|
return MainWP_Child_iThemes_Security::$instance;
|
|
}
|
|
|
|
public function __construct() {
|
|
add_filter( 'mainwp-site-sync-others-data', array( $this, 'syncOthersData' ), 10, 2 );
|
|
}
|
|
|
|
function syncOthersData( $information, $data = array() ) {
|
|
if ( is_array( $data ) && isset( $data['ithemeExtActivated'] ) && ( 'yes' === $data['ithemeExtActivated'] ) ) {
|
|
MainWP_Helper::update_option( 'mainwp_ithemes_ext_activated', 'Y' );
|
|
} else {
|
|
MainWP_Helper::update_option( 'mainwp_ithemes_ext_activated', '' );
|
|
}
|
|
return $information;
|
|
}
|
|
|
|
public function action() {
|
|
$information = array();
|
|
if ( ! class_exists( 'ITSEC_Core' ) ) {
|
|
$information['error'] = 'NO_ITHEME_SECURITY';
|
|
MainWP_Helper::write( $information );
|
|
}
|
|
|
|
global $itsec_globals, $itsec_modules_path;
|
|
|
|
if ( is_dir( $itsec_globals['plugin_dir'] . '/modules/free' ) ) {
|
|
$itsec_modules_path = $itsec_globals['plugin_dir'] . '/modules/free/';
|
|
} else if (is_dir( $itsec_globals['plugin_dir'] . '/core/modules')) {
|
|
$itsec_modules_path = $itsec_globals['plugin_dir'] . '/core/modules/';
|
|
}
|
|
|
|
if ( isset( $_POST['mwp_action'] ) ) {
|
|
switch ( $_POST['mwp_action'] ) {
|
|
case 'set_showhide':
|
|
$information = $this->set_showhide();
|
|
break;
|
|
case 'save_settings':
|
|
$information = $this->save_settings();
|
|
break;
|
|
case 'whitelist':
|
|
$information = $this->whitelist();
|
|
break;
|
|
case 'whitelist_release':
|
|
$information = $this->whitelist_release();
|
|
break;
|
|
case 'backup_db':
|
|
$information = $this->backup_db();
|
|
break;
|
|
case 'admin_user':
|
|
$information = $this->admin_user();
|
|
break;
|
|
// case "content_dir":
|
|
// $information = $this->process_directory();
|
|
// break;
|
|
case 'database_prefix':
|
|
$information = $this->process_database_prefix();
|
|
break;
|
|
case 'api_key':
|
|
$information = $this->api_key();
|
|
break;
|
|
case 'reset_api_key':
|
|
$information = $this->reset_api_key();
|
|
break;
|
|
case 'malware_scan':
|
|
$information = $this->malware_scan();
|
|
break;
|
|
case 'malware_get_scan_results':
|
|
$information = $this->malware_get_scan_results();
|
|
break;
|
|
case 'clear_all_logs':
|
|
$information = $this->purge_logs();
|
|
break;
|
|
case 'file_check':
|
|
$information = $this->file_check();
|
|
break;
|
|
case 'release_lockout':
|
|
$information = $this->release_lockout();
|
|
break;
|
|
}
|
|
}
|
|
MainWP_Helper::write( $information );
|
|
}
|
|
|
|
function set_showhide() {
|
|
MainWP_Helper::update_option( 'mainwp_ithemes_ext_enabled', 'Y', 'yes' );
|
|
$hide = isset( $_POST['showhide'] ) && ( 'hide' === $_POST['showhide'] ) ? 'hide' : '';
|
|
MainWP_Helper::update_option( 'mainwp_ithemes_hide_plugin', $hide );
|
|
$information['result'] = 'SUCCESS';
|
|
|
|
return $information;
|
|
}
|
|
|
|
public function ithemes_init() {
|
|
if ( get_option( 'mainwp_ithemes_ext_enabled' ) !== 'Y' ) {
|
|
return;
|
|
}
|
|
|
|
if ( get_option( 'mainwp_ithemes_hide_plugin' ) === 'hide' ) {
|
|
add_filter( 'all_plugins', array( $this, 'all_plugins' ) );
|
|
add_action( 'admin_menu', array( $this, 'remove_menu' ) );
|
|
add_action( 'admin_init', array( $this, 'admin_init' ) );
|
|
}
|
|
}
|
|
|
|
public function admin_init() {
|
|
remove_meta_box( 'itsec-dashboard-widget', 'dashboard', 'normal' );
|
|
}
|
|
|
|
public function all_plugins( $plugins ) {
|
|
foreach ( $plugins as $key => $value ) {
|
|
$plugin_slug = basename( $key, '.php' );
|
|
if ( 'better-wp-security' === $plugin_slug || 'ithemes-security-pro' === $plugin_slug ) {
|
|
unset( $plugins[ $key ] );
|
|
}
|
|
}
|
|
|
|
return $plugins;
|
|
}
|
|
|
|
public function remove_menu() {
|
|
remove_menu_page( 'itsec' );
|
|
}
|
|
|
|
function save_settings() {
|
|
global $itsec_globals;
|
|
|
|
if ( ! class_exists( 'ITSEC_Lib' ) ) {
|
|
require( trailingslashit( $itsec_globals['plugin_dir'] ) . '/core/class-itsec-lib.php' );
|
|
}
|
|
|
|
MainWP_Helper::update_option( 'mainwp_ithemes_ext_enabled', 'Y', 'yes' );
|
|
$settings = maybe_unserialize( base64_decode( $_POST['settings'] ) );
|
|
$updated = false;
|
|
$rewrites_changed = false;
|
|
|
|
if ( isset( $settings['itsec_global'] ) ) {
|
|
// $old_settings = get_site_option( 'itsec_global' );
|
|
// // keep current value
|
|
// $settings['itsec_global']['log_location'] = $old_settings['log_location'];
|
|
if ( update_site_option( 'itsec_global', $settings['itsec_global'] ) ) {
|
|
if ( isset( $settings['itsec_global']['write_files'] ) && true === $settings['itsec_global']['write_files'] ) {
|
|
add_site_option( 'itsec_rewrites_changed', true );
|
|
$rewrites_changed = true;
|
|
}
|
|
$updated = true;
|
|
}
|
|
}
|
|
|
|
if ( isset( $settings['itsec_away_mode'] ) ) {
|
|
if ( update_site_option( 'itsec_away_mode', $settings['itsec_away_mode'] ) ) {
|
|
$updated = true;
|
|
}
|
|
}
|
|
|
|
if ( isset( $settings['itsec_backup'] ) ) {
|
|
$backup = get_site_option( 'itsec_backup' );
|
|
if ( false !== $backup && isset( $backup['last_run'] ) ) {
|
|
$settings['itsec_backup']['last_run'] = $backup['last_run'];
|
|
} else {
|
|
unset( $settings['itsec_backup']['last_run'] );
|
|
}
|
|
if ( update_site_option( 'itsec_backup', $settings['itsec_backup'] ) ) {
|
|
$updated = true;
|
|
}
|
|
}
|
|
|
|
if ( isset( $settings['itsec_ban_users'] ) ) {
|
|
$old_settings = get_site_option( 'itsec_ban_users' );
|
|
if ( update_site_option( 'itsec_ban_users', $settings['itsec_ban_users'] ) ) {
|
|
$input = $settings['itsec_ban_users'];
|
|
if (
|
|
$input['host_list'] !== $old_settings['host_list'] ||
|
|
$input['enabled'] !== $old_settings['enabled'] ||
|
|
$input['default'] !== $old_settings['default'] ||
|
|
$input['agent_list'] !== $old_settings['agent_list']
|
|
) {
|
|
if ( ! $rewrites_changed ) {
|
|
add_site_option( 'itsec_rewrites_changed', true );
|
|
}
|
|
}
|
|
$updated = true;
|
|
}
|
|
}
|
|
|
|
if ( isset( $settings['itsec_brute_force'] ) ) {
|
|
if ( update_site_option( 'itsec_brute_force', $settings['itsec_brute_force'] ) ) {
|
|
$updated = true;
|
|
}
|
|
}
|
|
if ( isset( $settings['itsec_file_change'] ) ) {
|
|
$file_change = get_site_option( 'itsec_file_change' );
|
|
|
|
if ( false !== $file_change && isset( $file_change['last_run'] ) ) {
|
|
$settings['itsec_file_change']['last_run'] = $file_change['last_run'];
|
|
} else {
|
|
unset( $settings['itsec_file_change']['last_run'] );
|
|
}
|
|
|
|
if ( false !== $file_change && isset( $file_change['last_chunk'] ) ) {
|
|
$settings['itsec_file_change']['last_chunk'] = $file_change['last_chunk'];
|
|
} else {
|
|
unset( $settings['itsec_file_change']['last_chunk'] );
|
|
}
|
|
|
|
if ( update_site_option( 'itsec_file_change', $settings['itsec_file_change'] ) ) {
|
|
$updated = true;
|
|
}
|
|
}
|
|
if ( isset( $settings['itsec_four_oh_four'] ) ) {
|
|
if ( update_site_option( 'itsec_four_oh_four', $settings['itsec_four_oh_four'] ) ) {
|
|
$updated = true;
|
|
}
|
|
}
|
|
|
|
if ( isset( $settings['itsec_hide_backend'] ) ) {
|
|
$old_settings = get_site_option( 'itsec_hide_backend' );
|
|
if ( update_site_option( 'itsec_hide_backend', $settings['itsec_hide_backend'] ) ) {
|
|
$input = $settings['itsec_hide_backend'];
|
|
if (
|
|
$input['slug'] !== $old_settings['slug'] ||
|
|
$input['register'] !== $old_settings['register'] ||
|
|
$input['enabled'] !== $old_settings['enabled']
|
|
) {
|
|
if ( ! $rewrites_changed ) {
|
|
add_site_option( 'itsec_rewrites_changed', true );
|
|
}
|
|
}
|
|
|
|
if ( $input['slug'] !== $old_settings['slug'] && true === $input['enabled'] ) {
|
|
add_site_option( 'itsec_hide_backend_new_slug', $input['slug'] );
|
|
}
|
|
|
|
$updated = true;
|
|
}
|
|
}
|
|
|
|
if ( isset( $settings['itsec_ipcheck'] ) ) {
|
|
if ( update_site_option( 'itsec_ipcheck', $settings['itsec_ipcheck'] ) ) {
|
|
$updated = true;
|
|
}
|
|
}
|
|
|
|
if ( isset( $settings['itsec_malware'] ) ) {
|
|
if ( update_site_option( 'itsec_malware', $settings['itsec_malware'] ) ) {
|
|
$updated = true;
|
|
}
|
|
}
|
|
|
|
if ( isset( $settings['itsec_ssl'] ) ) {
|
|
if ( update_site_option( 'itsec_ssl', $settings['itsec_ssl'] ) ) {
|
|
$updated = true;
|
|
}
|
|
}
|
|
|
|
if ( isset( $settings['itsec_strong_passwords'] ) ) {
|
|
if ( update_site_option( 'itsec_strong_passwords', $settings['itsec_strong_passwords'] ) ) {
|
|
$updated = true;
|
|
}
|
|
}
|
|
if ( isset( $settings['itsec_tweaks'] ) ) {
|
|
$old_settings = get_site_option( 'itsec_tweaks' );
|
|
|
|
$is_safe = ITSEC_Lib::safe_jquery_version() === true;
|
|
$raw_version = get_site_option( 'itsec_jquery_version' );
|
|
|
|
if ( true !== $is_safe && false !== $raw_version ) {
|
|
$enable_set_safe_jquery = true;
|
|
}
|
|
|
|
if ( ! $enable_set_safe_jquery ) {
|
|
$settings['itsec_tweaks']['safe_jquery'] = 0;
|
|
}
|
|
|
|
if ( update_site_option( 'itsec_tweaks', $settings['itsec_tweaks'] ) ) {
|
|
if ( $input['protect_files'] !== $old_settings['protect_files'] ||
|
|
$input['directory_browsing'] !== $old_settings['directory_browsing'] ||
|
|
$input['request_methods'] !== $old_settings['request_methods'] ||
|
|
$input['suspicious_query_strings'] !== $old_settings['suspicious_query_strings'] ||
|
|
$input['non_english_characters'] !== $old_settings['non_english_characters'] ||
|
|
$input['comment_spam'] !== $old_settings['comment_spam'] ||
|
|
$input['disable_xmlrpc'] !== $old_settings['disable_xmlrpc'] ||
|
|
$input['uploads_php'] !== $old_settings['uploads_php']
|
|
) {
|
|
if ( ! $rewrites_changed ) {
|
|
add_site_option( 'itsec_rewrites_changed', true );
|
|
}
|
|
}
|
|
$updated = true;
|
|
}
|
|
}
|
|
|
|
$site_status = array(
|
|
'username_admin_exists' => username_exists( 'admin' ) ? 1 : 0,
|
|
'user_id1_exists' => ITSEC_Lib::user_id_exists( 1 ) ? 1 : 0,
|
|
'backup' => $this->backup_status(),
|
|
'permalink_structure' => get_option( 'permalink_structure' ),
|
|
'is_multisite' => is_multisite() ? 1 : 0,
|
|
'users_can_register' => get_site_option( 'users_can_register' ) ? 1 : 0,
|
|
'force_ssl_login' => ( defined( 'FORCE_SSL_LOGIN' ) && FORCE_SSL_LOGIN === true ) ? 1 : 0,
|
|
'force_ssl_admin' => ( defined( 'FORCE_SSL_ADMIN' ) && FORCE_SSL_ADMIN === true ) ? 1 : 0,
|
|
'server_nginx' => ( ITSEC_Lib::get_server() === 'nginx' ) ? 1 : 0,
|
|
'lockouts_host' => $this->get_lockouts( 'host', true ),
|
|
'lockouts_user' => $this->get_lockouts( 'user', true ),
|
|
'lockouts_username' => $this->get_lockouts( 'username', true ),
|
|
);
|
|
|
|
$out = array();
|
|
if ( $updated ) {
|
|
$out['result'] = 'success';
|
|
} else {
|
|
$out['result'] = 'noupdate';
|
|
}
|
|
|
|
$out['site_status'] = $site_status;
|
|
|
|
return $out;
|
|
}
|
|
|
|
function backup_status() {
|
|
$status = 0;
|
|
if ( ! is_multisite() && class_exists( 'backupbuddy_api' ) && count( backupbuddy_api::getSchedules() ) >= 1 ) {
|
|
$status = 1;
|
|
} elseif ( ! is_multisite() && class_exists( 'backupbuddy_api' ) ) {
|
|
$status = 2;
|
|
} elseif ( $this->has_backup() === true && $this->scheduled_backup() === true ) {
|
|
$status = 3;
|
|
} elseif ( $this->has_backup() === true ) {
|
|
$status = 4;
|
|
}
|
|
|
|
return $status;
|
|
}
|
|
|
|
public function has_backup() {
|
|
$has_backup = false;
|
|
|
|
return apply_filters( 'itsec_has_external_backup', $has_backup );
|
|
}
|
|
|
|
public function scheduled_backup() {
|
|
$sceduled_backup = false;
|
|
|
|
return apply_filters( 'itsec_scheduled_external_backup', $sceduled_backup );
|
|
}
|
|
|
|
public function whitelist() {
|
|
|
|
global $itsec_globals;
|
|
$ip = $_POST['ip'];
|
|
$add_temp = false;
|
|
$temp_ip = get_site_option( 'itsec_temp_whitelist_ip' );
|
|
if ( false !== $temp_ip ) {
|
|
if ( ( $temp_ip['exp'] < $itsec_globals['current_time'] ) || ( $temp_ip['exp'] !== $ip ) ) {
|
|
delete_site_option( 'itsec_temp_whitelist_ip' );
|
|
$add_temp = true;
|
|
}
|
|
} else {
|
|
$add_temp = true;
|
|
}
|
|
|
|
if ( false === $add_temp ) {
|
|
return array( 'error' => 'Not Updated' );
|
|
} else {
|
|
$response = array(
|
|
'ip' => $ip,
|
|
'exp' => $itsec_globals['current_time'] + 86400,
|
|
);
|
|
add_site_option( 'itsec_temp_whitelist_ip', $response );
|
|
$response['exp_diff'] = human_time_diff( $itsec_globals['current_time'], $response['exp'] );
|
|
$response['message1'] = __( 'Your IP Address', 'better-wp-security' );
|
|
$response['message2'] = __( 'is whitelisted for', 'better-wp-security' );
|
|
|
|
return $response;
|
|
}
|
|
|
|
}
|
|
|
|
function whitelist_release() {
|
|
delete_site_option( 'itsec_temp_whitelist_ip' );
|
|
|
|
return 'success';
|
|
}
|
|
|
|
function backup_db() {
|
|
global $itsec_globals, $itsec_modules_path;
|
|
if ( ! class_exists( 'ITSEC_Backup' ) ) {
|
|
require( $itsec_modules_path . 'backup/class-itsec-backup.php' );
|
|
}
|
|
$module = new ITSEC_Backup();
|
|
$out = array();
|
|
if ( $module->do_backup( false ) ) {
|
|
$out['result'] = 'success';
|
|
} else {
|
|
$out['result'] = 'fail';
|
|
}
|
|
|
|
return $out;
|
|
}
|
|
|
|
function admin_user() {
|
|
//Process admin user
|
|
$username = isset( $_POST['admin_username'] ) ? trim( sanitize_text_field( $_POST['admin_username'] ) ) : null;
|
|
$change_id_1 = ( isset( $_POST['admin_userid'] ) && intval( 1 === (int) $_POST['admin_userid'] ) ? true : false );
|
|
|
|
//load utility functions
|
|
if ( ! class_exists( 'ITSEC_Lib' ) ) {
|
|
global $itsec_globals;
|
|
require( trailingslashit( $itsec_globals['plugin_dir'] ) . '/core/class-itsec-lib.php' );
|
|
}
|
|
|
|
$username_exists = username_exists( 'admin' );
|
|
$user_id_exists = ITSEC_Lib::user_id_exists( 1 );
|
|
$msg = '';
|
|
if ( strlen( $username ) >= 1 && ! $username_exists ) {
|
|
$msg = __( 'Admin user already changes.', 'mainwp-child' );
|
|
}
|
|
|
|
if ( true === $change_id_1 && ! $user_id_exists ) {
|
|
if ( ! empty( $msg ) ) {
|
|
$msg .= '<br/>';
|
|
}
|
|
$msg .= __( 'Admin user ID already changes.', 'mainwp-child' );
|
|
}
|
|
|
|
if ( $change_id_1 ) {
|
|
$user = get_user_by( 'login', $_POST['user'] );
|
|
if ( 1 === (int) $user->ID ) {
|
|
$out['result'] = 'CHILD_ADMIN';
|
|
|
|
return $out;
|
|
}
|
|
}
|
|
|
|
$admin_success = true;
|
|
$out = array();
|
|
|
|
if ( strlen( $username ) >= 1 && $username_exists ) {
|
|
$admin_success = $this->change_admin_user( $username, $change_id_1 );
|
|
} elseif ( true === $change_id_1 && $user_id_exists ) {
|
|
$admin_success = $this->change_admin_user( null, $change_id_1 );
|
|
}
|
|
|
|
$out['message'] = $msg;
|
|
if ( false === $admin_success ) {
|
|
$out['result'] = 'fail';
|
|
} else {
|
|
$out['result'] = 'success';
|
|
}
|
|
|
|
return $out;
|
|
}
|
|
|
|
private function change_admin_user( $username = null, $id = false ) {
|
|
|
|
global $itsec_globals, $itsec_files, $wpdb;
|
|
|
|
if ( $itsec_files->get_file_lock( 'admin_user' ) ) { //make sure it isn't already running
|
|
|
|
//sanitize the username
|
|
$new_user = sanitize_text_field( $username );
|
|
|
|
//Get the full user object
|
|
$user_object = get_user_by( 'id', '1' );
|
|
|
|
if ( null !== $username && validate_username( $new_user ) && false === username_exists( $new_user ) ) { //there is a valid username to change
|
|
|
|
if ( true === $id ) { //we're changing the id too so we'll set the username
|
|
|
|
$user_login = $new_user;
|
|
|
|
} else { // we're only changing the username
|
|
|
|
//query main user table
|
|
$wpdb->query( $wpdb->prepare( 'UPDATE `' . $wpdb->users . "` SET user_login = %s WHERE user_login='admin';", $new_user ) );
|
|
|
|
if ( is_multisite() ) { //process sitemeta if we're in a multi-site situation
|
|
|
|
$oldAdmins = $wpdb->get_var( 'SELECT meta_value FROM `' . $wpdb->sitemeta . "` WHERE meta_key = 'site_admins'" );
|
|
$newAdmins = str_replace( '5:"admin"', strlen( $new_user ) . ':"' . esc_sql( $new_user ) . '"', $oldAdmins );
|
|
$wpdb->query( $wpdb->prepare( 'UPDATE `' . $wpdb->sitemeta . "` SET meta_value = %s WHERE meta_key = 'site_admins'", $newAdmins ) );
|
|
}
|
|
|
|
wp_clear_auth_cookie();
|
|
$itsec_files->release_file_lock( 'admin_user' );
|
|
|
|
return true;
|
|
|
|
}
|
|
} elseif ( null !== $username ) { //username didn't validate
|
|
|
|
$itsec_files->release_file_lock( 'admin_user' );
|
|
|
|
return false;
|
|
|
|
} else { //only changing the id
|
|
|
|
$user_login = $user_object->user_login;
|
|
|
|
}
|
|
|
|
if ( true === $id ) { //change the user id
|
|
|
|
$wpdb->query( 'DELETE FROM `' . $wpdb->users . '` WHERE ID = 1;' );
|
|
|
|
$wpdb->insert( $wpdb->users, array(
|
|
'user_login' => $user_login,
|
|
'user_pass' => $user_object->user_pass,
|
|
'user_nicename' => $user_object->user_nicename,
|
|
'user_email' => $user_object->user_email,
|
|
'user_url' => $user_object->user_url,
|
|
'user_registered' => $user_object->user_registered,
|
|
'user_activation_key' => $user_object->user_activation_key,
|
|
'user_status' => $user_object->user_status,
|
|
'display_name' => $user_object->display_name,
|
|
) );
|
|
|
|
if ( is_multisite() && null !== $username && validate_username( $new_user ) ) { //process sitemeta if we're in a multi-site situation
|
|
|
|
$oldAdmins = $wpdb->get_var( 'SELECT meta_value FROM `' . $wpdb->sitemeta . "` WHERE meta_key = 'site_admins'" );
|
|
$newAdmins = str_replace( '5:"admin"', strlen( $new_user ) . ':"' . esc_sql( $new_user ) . '"', $oldAdmins );
|
|
$wpdb->query( 'UPDATE `' . $wpdb->sitemeta . "` SET meta_value = '" . esc_sql( $newAdmins ) . "' WHERE meta_key = 'site_admins'" );
|
|
|
|
}
|
|
|
|
$new_user = $wpdb->insert_id;
|
|
|
|
$wpdb->query( $wpdb->prepare( 'UPDATE `' . $wpdb->posts . "` SET post_author = %s WHERE post_author = 1;", $new_user ) );
|
|
$wpdb->query( $wpdb->prepare( 'UPDATE `' . $wpdb->usermeta . "` SET user_id = %s WHERE user_id = 1;", $new_user ) );
|
|
$wpdb->query( $wpdb->prepare( 'UPDATE `' . $wpdb->comments . "` SET user_id = %s WHERE user_id = 1;", $new_user ) );
|
|
$wpdb->query( $wpdb->prepare( 'UPDATE `' . $wpdb->links . "` SET link_owner = %s WHERE link_owner = 1;", $new_user ) );
|
|
|
|
wp_clear_auth_cookie();
|
|
$itsec_files->release_file_lock( 'admin_user' );
|
|
|
|
return true;
|
|
|
|
}
|
|
}
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
public function build_wpconfig_rules( $rules_array, $input = null ) {
|
|
//Get the rules from the database if input wasn't sent
|
|
if ( null === $input ) {
|
|
return $rules_array;
|
|
}
|
|
|
|
$new_dir = trailingslashit( ABSPATH ) . $input;
|
|
|
|
$rules[] = array(
|
|
'type' => 'add',
|
|
'search_text' => '//Do not delete these. Doing so WILL break your site.',
|
|
'rule' => '//Do not delete these. Doing so WILL break your site.',
|
|
);
|
|
|
|
$rules[] = array(
|
|
'type' => 'add',
|
|
'search_text' => 'WP_CONTENT_URL',
|
|
'rule' => "define( 'WP_CONTENT_URL', '" . trailingslashit( get_option( 'siteurl' ) ) . $input . "' );",
|
|
);
|
|
|
|
$rules[] = array(
|
|
'type' => 'add',
|
|
'search_text' => 'WP_CONTENT_DIR',
|
|
'rule' => "define( 'WP_CONTENT_DIR', '" . $new_dir . "' );",
|
|
);
|
|
|
|
$rules_array[] = array( 'type' => 'wpconfig', 'name' => 'Content Directory', 'rules' => $rules );
|
|
|
|
return $rules_array;
|
|
|
|
}
|
|
|
|
public function process_database_prefix() {
|
|
global $wpdb, $itsec_files, $itsec_globals;
|
|
|
|
//suppress error messages due to timing
|
|
error_reporting( 0 );
|
|
@ini_set( 'display_errors', 0 );
|
|
|
|
$out = array();
|
|
if ( ! isset( $itsec_globals['settings']['write_files'] ) || true !== $itsec_globals['settings']['write_files'] ) {
|
|
$out['result'] = 'fail';
|
|
$msg = sprintf(
|
|
'%s %s %s',
|
|
__( 'You must allow this plugin to write to the wp-config.php file on the', 'better-wp-security' ),
|
|
__( 'Settings', 'better-wp-security' ),
|
|
__( 'page to use this feature.', 'better-wp-security' )
|
|
);
|
|
$out['message'] = $msg;
|
|
|
|
return $out;
|
|
}
|
|
|
|
$check_prefix = true; //Assume the first prefix we generate is unique
|
|
|
|
//generate a new table prefix that doesn't conflict with any other in use in the database
|
|
while ( $check_prefix ) {
|
|
|
|
$avail = 'abcdefghijklmnopqrstuvwxyz0123456789';
|
|
|
|
//first character should be alpha
|
|
$new_prefix = $avail[ mt_rand( 0, 25 ) ];
|
|
|
|
//length of new prefix
|
|
$prelength = mt_rand( 4, 9 );
|
|
|
|
//generate remaning characters
|
|
for ( $i = 0; $i < $prelength; $i ++ ) {
|
|
$new_prefix .= $avail[ mt_rand( 0, 35 ) ];
|
|
}
|
|
|
|
//complete with underscore
|
|
$new_prefix .= '_';
|
|
|
|
$new_prefix = esc_sql( $new_prefix ); //just be safe
|
|
|
|
$check_prefix = $wpdb->get_results( $wpdb->prepare( 'SHOW TABLES LIKE "%s";', $new_prefix ."%" ), ARRAY_N ); //if there are no tables with that prefix in the database set checkPrefix to false
|
|
}
|
|
|
|
//assume this will work
|
|
$type = 'success';
|
|
$message = __( 'Settings Updated', 'better-wp-security' );
|
|
|
|
$tables = $wpdb->get_results( 'SHOW TABLES LIKE "' . $wpdb->base_prefix . '%"', ARRAY_N ); //retrieve a list of all tables in the DB
|
|
|
|
//Rename each table
|
|
foreach ( $tables as $table ) {
|
|
|
|
$table = substr( $table[0], strlen( $wpdb->base_prefix ), strlen( $table[0] ) ); //Get the table name without the old prefix
|
|
|
|
//rename the table and generate an error if there is a problem
|
|
if ( $wpdb->query( 'RENAME TABLE `' . $wpdb->base_prefix . $table . '` TO `' . $new_prefix . $table . '`;' ) === false ) {
|
|
|
|
$type = 'error';
|
|
$message = sprintf( '%s %s%s. %s', __( 'Error: Could not rename table', 'better-wp-security' ), $wpdb->base_prefix, $table, __( 'You may have to rename the table manually.', 'better-wp-security' ) );
|
|
//add_settings_error( 'itsec', esc_attr( 'settings_updated' ), $message, $type );
|
|
}
|
|
}
|
|
|
|
if ( is_multisite() ) { //multisite requires us to rename each blogs' options
|
|
|
|
$blogs = $wpdb->get_col( 'SELECT blog_id FROM `' . $new_prefix . "blogs` WHERE public = '1' AND archived = '0' AND mature = '0' AND spam = '0' ORDER BY blog_id DESC" ); //get list of blog id's
|
|
|
|
if ( is_array( $blogs ) ) { //make sure there are other blogs to update
|
|
|
|
//update each blog's user_roles option
|
|
foreach ( $blogs as $blog ) {
|
|
|
|
$wpdb->query( $wpdb->prepare( 'UPDATE `' . $new_prefix . $blog . '_options` SET option_name = %s WHERE option_name = %s LIMIT 1;', $new_prefix . $blog . '_user_roles', $wpdb->base_prefix . $blog . '_user_roles' ) );
|
|
|
|
}
|
|
}
|
|
}
|
|
|
|
$upOpts = $wpdb->query( $wpdb->prepare( 'UPDATE `' . $new_prefix . 'options` SET option_name = %s WHERE option_name = %s LIMIT 1;', $new_prefix.'user_roles', $wpdb->base_prefix.'user_roles' ) ); //update options table and set flag to false if there's an error
|
|
|
|
if ( false === $upOpts ) { //set an error
|
|
|
|
$type = 'error';
|
|
$message = __( 'Could not update prefix references in options table.', 'better-wp-security' );;
|
|
|
|
//add_settings_error( 'itsec', esc_attr( 'settings_updated' ), $message, $type );
|
|
|
|
}
|
|
|
|
$rows = $wpdb->get_results( 'SELECT * FROM `' . $new_prefix . 'usermeta`' ); //get all rows in usermeta
|
|
|
|
//update all prefixes in usermeta
|
|
foreach ( $rows as $row ) {
|
|
|
|
if ( substr( $row->meta_key, 0, strlen( $wpdb->base_prefix ) ) === $wpdb->base_prefix ) {
|
|
|
|
$pos = $new_prefix . substr( $row->meta_key, strlen( $wpdb->base_prefix ), strlen( $row->meta_key ) );
|
|
|
|
$result = $wpdb->query( $wpdb->prepare( 'UPDATE `' . $new_prefix . 'usermeta` SET meta_key= %s WHERE meta_key= %s LIMIT 1;', $pos, $row->meta_key) );
|
|
|
|
if ( false === $result ) {
|
|
|
|
$type = 'error';
|
|
$message = __( 'Could not update prefix references in usermeta table.', 'better-wp-security' );
|
|
|
|
//add_settings_error( 'itsec', esc_attr( 'settings_updated' ), $message, $type );
|
|
|
|
}
|
|
}
|
|
}
|
|
|
|
$rules[] = array(
|
|
'type' => 'wpconfig',
|
|
'name' => 'Database Prefix',
|
|
'rules' => array(
|
|
array(
|
|
'type' => 'replace',
|
|
'search_text' => 'table_prefix',
|
|
'rule' => "\$table_prefix = '" . $new_prefix . "';",
|
|
),
|
|
),
|
|
);
|
|
|
|
$itsec_files->set_wpconfig( $rules );
|
|
$configs = $itsec_files->save_wpconfig();
|
|
|
|
if ( is_array( $configs ) ) {
|
|
|
|
if ( false === $configs['success'] ) {
|
|
|
|
$type = 'error';
|
|
$message = $configs['text'];
|
|
|
|
//add_settings_error( 'itsec', esc_attr( 'settings_updated' ), $message, $type );
|
|
|
|
}
|
|
} else {
|
|
|
|
add_site_option( 'itsec_manual_update', true );
|
|
|
|
}
|
|
|
|
if ( isset( $type ) && 'error' === $type ) {
|
|
$out['result'] = 'fail';
|
|
$out['error'] = $message;
|
|
} else {
|
|
$out['result'] = 'success';
|
|
$out['message'] = $message;
|
|
}
|
|
|
|
return $out;
|
|
}
|
|
|
|
public function api_key() {
|
|
$settings = get_site_option( 'itsec_ipcheck' );
|
|
if ( ! is_array( $settings ) ) {
|
|
$settings = array();
|
|
}
|
|
$settings['reset'] = true;
|
|
$out = array();
|
|
if ( update_site_option( 'itsec_ipcheck', $settings ) ) {
|
|
$out['result'] = 'success';
|
|
} else {
|
|
$out['result'] = 'nochange';
|
|
}
|
|
|
|
return $out;
|
|
}
|
|
|
|
public function reset_api_key() {
|
|
$settings = get_site_option( 'itsec_ipcheck' );
|
|
if ( ! is_array( $settings ) ) {
|
|
$settings = array();
|
|
}
|
|
unset( $settings['api_key'] );
|
|
unset( $settings['api_s'] );
|
|
unset( $settings['email'] );
|
|
unset( $settings['reset'] );
|
|
|
|
$out = array();
|
|
if ( update_site_option( 'itsec_ipcheck', $settings ) ) {
|
|
$out['result'] = 'success';
|
|
} else {
|
|
$out['result'] = 'nochange';
|
|
}
|
|
|
|
return $out;
|
|
}
|
|
|
|
public function malware_scan() {
|
|
global $itsec_globals, $itsec_modules_path;
|
|
if ( ! class_exists( 'ITSEC_Malware' ) ) {
|
|
require( $itsec_modules_path . 'malware/class-itsec-malware.php' );
|
|
}
|
|
$module = new ITSEC_Malware();
|
|
$module->run();
|
|
$response = $module->one_time_scan();
|
|
|
|
return $response;
|
|
}
|
|
|
|
|
|
public function malware_get_scan_results() {
|
|
global $itsec_globals, $itsec_modules_path;
|
|
if ( ! class_exists( 'ITSEC_Malware' ) ) {
|
|
require( $itsec_modules_path . 'malware/class-itsec-malware.php' );
|
|
}
|
|
$module = new ITSEC_Malware();
|
|
$module->run();
|
|
$response = $module->scan_report();
|
|
|
|
return $response;
|
|
}
|
|
|
|
public function purge_logs() {
|
|
global $wpdb;
|
|
$wpdb->query( 'DELETE FROM `' . $wpdb->base_prefix . 'itsec_log`;' );
|
|
|
|
return array( 'result' => 'success' );
|
|
}
|
|
|
|
public function file_check() {
|
|
global $itsec_globals, $itsec_modules_path;
|
|
if ( ! class_exists( 'ITSEC_File_Change' ) ) {
|
|
require( $itsec_modules_path . 'file-change/class-itsec-file-change.php' );
|
|
}
|
|
|
|
$module = new ITSEC_File_Change();
|
|
$module->run();
|
|
|
|
$file_change = get_site_option( 'itsec_file_change' );
|
|
if ( false !== $file_change && isset( $file_change['last_run'] ) ) {
|
|
$last_run = $file_change['last_run'];
|
|
} else {
|
|
$last_run = 0;
|
|
}
|
|
|
|
return array(
|
|
'result' => (int) $module->execute_file_check( false ),
|
|
'last_run' => $last_run,
|
|
);
|
|
}
|
|
|
|
public function get_lockouts( $type = 'all', $current = false ) {
|
|
|
|
global $wpdb, $itsec_globals;
|
|
|
|
if ( 'all' !== $type || true === $current ) {
|
|
$where = ' WHERE ';
|
|
} else {
|
|
$where = '';
|
|
}
|
|
|
|
switch ( $type ) {
|
|
|
|
case 'host':
|
|
$type_statement = "`lockout_host` IS NOT NULL && `lockout_host` != ''";
|
|
break;
|
|
case 'user':
|
|
$type_statement = '`lockout_user` != 0';
|
|
break;
|
|
case 'username':
|
|
$type_statement = "`lockout_username` IS NOT NULL && `lockout_username` != ''";
|
|
break;
|
|
default:
|
|
$type_statement = '';
|
|
break;
|
|
|
|
}
|
|
|
|
if ( true === $current ) {
|
|
|
|
if ( '' !== $type_statement ) {
|
|
$and = ' AND ';
|
|
} else {
|
|
$and = '';
|
|
}
|
|
|
|
$active = $and . " `lockout_active`=1 AND `lockout_expire_gmt` > '" . date( 'Y-m-d H:i:s', $itsec_globals['current_time_gmt'] ) . "'";
|
|
|
|
} else {
|
|
|
|
$active = '';
|
|
|
|
}
|
|
|
|
$results = $wpdb->get_results( 'SELECT * FROM `' . $wpdb->base_prefix . 'itsec_lockouts`' . $where . $type_statement . $active . ';', ARRAY_A );
|
|
$output = array();
|
|
if ( is_array( $results ) && count( $results ) > 0 ) {
|
|
switch ( $type ) {
|
|
case 'host':
|
|
foreach ( $results as $val ) {
|
|
$output[] = array(
|
|
'lockout_id' => $val['lockout_id'],
|
|
'lockout_host' => $val['lockout_host'],
|
|
'lockout_expire_gmt' => $val['lockout_expire_gmt'],
|
|
);
|
|
}
|
|
break;
|
|
case 'user':
|
|
foreach ( $results as $val ) {
|
|
$output[] = array(
|
|
'lockout_id' => $val['lockout_id'],
|
|
'lockout_user' => $val['lockout_user'],
|
|
'lockout_expire_gmt' => $val['lockout_expire_gmt'],
|
|
);
|
|
}
|
|
break;
|
|
case 'username':
|
|
foreach ( $results as $val ) {
|
|
$output[] = array(
|
|
'lockout_id' => $val['lockout_id'],
|
|
'lockout_username' => $val['lockout_username'],
|
|
'lockout_expire_gmt' => $val['lockout_expire_gmt'],
|
|
);
|
|
}
|
|
break;
|
|
default:
|
|
break;
|
|
}
|
|
}
|
|
|
|
return $output;
|
|
}
|
|
|
|
public function release_lockout() {
|
|
global $wpdb, $itsec_globals;
|
|
|
|
if ( ! class_exists( 'ITSEC_Lib' ) ) {
|
|
require( trailingslashit( $itsec_globals['plugin_dir'] ) . '/core/class-itsec-lib.php' );
|
|
}
|
|
|
|
$lockout_ids = $_POST['lockout_ids'];
|
|
if ( ! is_array( $lockout_ids ) ) {
|
|
$lockout_ids = array();
|
|
}
|
|
|
|
$type = 'updated';
|
|
$message = __( 'The selected lockouts have been cleared.', 'better-wp-security' );
|
|
|
|
foreach ( $lockout_ids as $value ) {
|
|
$wpdb->update(
|
|
$wpdb->base_prefix . 'itsec_lockouts',
|
|
array(
|
|
'lockout_active' => 0,
|
|
),
|
|
array(
|
|
'lockout_id' => intval( $value ),
|
|
)
|
|
);
|
|
}
|
|
|
|
ITSEC_Lib::clear_caches();
|
|
|
|
if ( ! is_multisite() ) {
|
|
if ( ! function_exists( 'add_settings_error' ) ) {
|
|
require_once( ABSPATH . '/wp-admin/includes/template.php' );
|
|
}
|
|
|
|
add_settings_error( 'itsec', esc_attr( 'settings_updated' ), $message, $type );
|
|
}
|
|
|
|
$site_status = array(
|
|
'username_admin_exists' => username_exists( 'admin' ) ? 1 : 0,
|
|
'user_id1_exists' => ITSEC_Lib::user_id_exists( 1 ) ? 1 : 0,
|
|
'backup' => $this->backup_status(),
|
|
'permalink_structure' => get_option( 'permalink_structure' ),
|
|
'is_multisite' => is_multisite() ? 1 : 0,
|
|
'users_can_register' => get_site_option( 'users_can_register' ) ? 1 : 0,
|
|
'force_ssl_login' => ( defined( 'FORCE_SSL_LOGIN' ) && FORCE_SSL_LOGIN === true ) ? 1 : 0,
|
|
'force_ssl_admin' => ( defined( 'FORCE_SSL_ADMIN' ) && FORCE_SSL_ADMIN === true ) ? 1 : 0,
|
|
'server_nginx' => ( 'nginx' === ITSEC_Lib::get_server() ) ? 1 : 0,
|
|
'lockouts_host' => $this->get_lockouts( 'host', true ),
|
|
'lockouts_user' => $this->get_lockouts( 'user', true ),
|
|
'lockouts_username' => $this->get_lockouts( 'username', true ),
|
|
);
|
|
|
|
return array(
|
|
'result' => 'success',
|
|
'site_status' => $site_status,
|
|
);
|
|
}
|
|
}
|
|
|
