ofco/medicalalert-web-reloaded
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merged in feature/from-pantheon (pull request #16)

Browse Source 
code from pantheon

* code from pantheon
This commit is contained in:
Tony Volpe
2024-01-10 17:03:02 +00:00
parent 054b4fffc9
commit 4eb982d7a8
16492 changed files with 3475854 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
wp/wp-content/plugins/wordfence/models/.htaccess Normal file
View File

@@ -0,0 +1,16 @@
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_URI} \.php$
RewriteRule .* - [F,L,NC]
</IfModule>
<IfModule !mod_rewrite.c>
<FilesMatch "\.php$">
<IfModule mod_authz_core.c>
Require all denied
</IfModule>
<IfModule !mod_authz_core.c>
Order deny,allow
Deny from all
</IfModule>
</FilesMatch>
</IfModule>

1481
wp/wp-content/plugins/wordfence/models/block/wfBlock.php Normal file
View File

File diff suppressed because it is too large Load Diff

252
wp/wp-content/plugins/wordfence/models/block/wfRateLimit.php Normal file
View File

@@ -0,0 +1,252 @@
<?php
class wfRateLimit {
const TYPE_GLOBAL = 'global';
const TYPE_CRAWLER_VIEWS = 'crawler-views';
const TYPE_CRAWLER_404S = 'crawler-404s';
const TYPE_HUMAN_VIEWS = 'human-views';
const TYPE_HUMAN_404S = 'human-404s';
const HIT_TYPE_404 = '404';
const HIT_TYPE_NORMAL = 'hit';
const VISITOR_TYPE_HUMAN = 'human';
const VISITOR_TYPE_CRAWLER = 'crawler';
protected $_type;
protected static $_hitCount = false;
public static function table() {
return wfDB::networkTable('wfTrafficRates');
}
public static function trimData() {
$wfdb = wfDB::shared();
$table = self::table();
$wfdb->queryWrite("DELETE FROM {$table} WHERE eMin < FLOOR((UNIX_TIMESTAMP() - 60) / 60)");
}
public static function globalRateLimit() {
static $_cachedGlobal = null;
if ($_cachedGlobal === null) {
$_cachedGlobal = new wfRateLimit(self::TYPE_GLOBAL);
}
return $_cachedGlobal;
}
public static function crawlerViewsRateLimit() {
static $_cachedCrawlerViews = null;
if ($_cachedCrawlerViews === null) {
$_cachedCrawlerViews = new wfRateLimit(self::TYPE_CRAWLER_VIEWS);
}
return $_cachedCrawlerViews;
}
public static function crawler404sRateLimit() {
static $_cachedCrawler404s = null;
if ($_cachedCrawler404s === null) {
$_cachedCrawler404s = new wfRateLimit(self::TYPE_CRAWLER_404S);
}
return $_cachedCrawler404s;
}
public static function humanViewsRateLimit() {
static $_cachedHumanViews = null;
if ($_cachedHumanViews === null) {
$_cachedHumanViews = new wfRateLimit(self::TYPE_HUMAN_VIEWS);
}
return $_cachedHumanViews;
}
public static function human404sRateLimit() {
static $_cachedHuman404s = null;
if ($_cachedHuman404s === null) {
$_cachedHuman404s = new wfRateLimit(self::TYPE_HUMAN_404S);
}
return $_cachedHuman404s;
}
/**
* Returns whether or not humans and bots have the same rate limits configured.
*
* @return bool
*/
public static function identicalHumanBotRateLimits() {
$humanViews = self::humanViewsRateLimit();
$crawlerViews = self::crawlerViewsRateLimit();
if ($humanViews->isEnabled() != $crawlerViews->isEnabled()) {
return false;
}
if ($humanViews->limit() != $crawlerViews->limit()) {
return false;
}
$human404s = self::human404sRateLimit();
$crawler404s = self::crawler404sRateLimit();
if ($human404s->isEnabled() != $crawler404s->isEnabled()) {
return false;
}
if ($human404s->limit() != $crawler404s->limit()) {
return false;
}
return true;
}
public static function mightRateLimit($hitType) {
if (!wfConfig::get('firewallEnabled')) {
return false;
}
$IP = wfUtils::getIP();
if (wfBlock::isWhitelisted($IP)) {
return false;
}
if (wfConfig::get('neverBlockBG') == 'neverBlockUA' && wfCrawl::isGoogleCrawler()) {
return false;
}
if (wfConfig::get('neverBlockBG') == 'neverBlockVerified' && wfCrawl::isVerifiedGoogleCrawler()) {
return false;
}
if ($hitType == '404') {
$allowed404s = wfConfig::get('allowed404s');
if (is_string($allowed404s)) {
$allowed404s = array_filter(preg_split("/[\r\n]+/", $allowed404s));
$allowed404sPattern = '';
foreach ($allowed404s as $allowed404) {
$allowed404sPattern .= preg_replace('/\\\\\*/', '.*?', preg_quote($allowed404, '/')) . '|';
}
$uri = $_SERVER['REQUEST_URI'];
if (($index = strpos($uri, '?')) !== false) {
$uri = substr($uri, 0, $index);
}
if ($allowed404sPattern && preg_match('/^' . substr($allowed404sPattern, 0, -1) . '$/i', $uri)) {
return false;
}
}
}
if (self::globalRateLimit()->isEnabled()) {
return true;
}
$visitorType = self::visitorType();
if ($visitorType == self::VISITOR_TYPE_CRAWLER) {
if ($hitType == self::HIT_TYPE_NORMAL) {
if (self::crawlerViewsRateLimit()->isEnabled()) {
return true;
}
}
else {
if (self::crawler404sRateLimit()->isEnabled()) {
return true;
}
}
}
else {
if ($hitType == self::HIT_TYPE_NORMAL) {
if (self::humanViewsRateLimit()->isEnabled()) {
return true;
}
}
else {
if (self::human404sRateLimit()->isEnabled()) {
return true;
}
}
}
return false;
}
public static function countHit($hitType, $ip) {
$table = self::table();
wfDB::shared()->queryWrite("INSERT INTO {$table} (eMin, IP, hitType, hits) VALUES (FLOOR(UNIX_TIMESTAMP() / 60), %s, %s, @wfcurrenthits := 1) ON DUPLICATE KEY UPDATE hits = IF(@wfcurrenthits := hits + 1, hits + 1, hits + 1)", wfUtils::inet_pton($ip), $hitType);
}
/**
* Returns one of the VISITOR_TYPE_ constants for the purposes of determining which rate limit to apply.
*
* @return string
*/
public static function visitorType() {
static $_cachedVisitorType = null;
if ($_cachedVisitorType === null) {
$_cachedVisitorType = ((isset($_SERVER['HTTP_USER_AGENT']) && wfCrawl::isCrawler($_SERVER['HTTP_USER_AGENT'])) || empty($_SERVER['HTTP_USER_AGENT']) ? wfRateLimit::VISITOR_TYPE_CRAWLER : wfRateLimit::VISITOR_TYPE_HUMAN);
}
return $_cachedVisitorType;
}
protected function __construct($type) {
$this->_type = $type;
}
/**
* Returns whether or not this rate limit is configured in a way where it would run.
*
* @return bool
*/
public function isEnabled() {
switch ($this->_type) {
case self::TYPE_GLOBAL:
return wfConfig::get('maxGlobalRequests') != 'DISABLED' && wfConfig::getInt('maxGlobalRequests') > 0;
case self::TYPE_CRAWLER_VIEWS:
return wfConfig::get('maxRequestsCrawlers') != 'DISABLED' && wfConfig::getInt('maxRequestsCrawlers') > 0;
case self::TYPE_CRAWLER_404S:
return wfConfig::get('max404Crawlers') != 'DISABLED' && wfConfig::getInt('max404Crawlers') > 0;
case self::TYPE_HUMAN_VIEWS:
return wfConfig::get('maxRequestsHumans') != 'DISABLED' && wfConfig::getInt('maxRequestsHumans') > 0;
case self::TYPE_HUMAN_404S:
return wfConfig::get('max404Humans') != 'DISABLED' && wfConfig::getInt('max404Humans') > 0;
}
return true;
}
public function limit() {
switch ($this->_type) {
case self::TYPE_GLOBAL:
return wfConfig::getInt('maxGlobalRequests');
case self::TYPE_CRAWLER_VIEWS:
return wfConfig::getInt('maxRequestsCrawlers');
case self::TYPE_CRAWLER_404S:
return wfConfig::getInt('max404Crawlers');
case self::TYPE_HUMAN_VIEWS:
return wfConfig::getInt('maxRequestsHumans');
case self::TYPE_HUMAN_404S:
return wfConfig::getInt('max404Humans');
}
return -1;
}
public function shouldEnforce($hitType) {
switch ($this->_type) {
case self::TYPE_GLOBAL:
return $this->isEnabled() && $this->_hitCount() > max(wfConfig::getInt('maxGlobalRequests'), 1);
case self::TYPE_CRAWLER_VIEWS:
return self::visitorType() == self::VISITOR_TYPE_CRAWLER && $hitType == self::HIT_TYPE_NORMAL && $this->isEnabled() && $this->_hitCount() > wfConfig::getInt('maxRequestsCrawlers');
case self::TYPE_CRAWLER_404S:
return self::visitorType() == self::VISITOR_TYPE_CRAWLER && $hitType == self::HIT_TYPE_404 && $this->isEnabled() && $this->_hitCount() > wfConfig::getInt('max404Crawlers');
case self::TYPE_HUMAN_VIEWS:
return self::visitorType() == self::VISITOR_TYPE_HUMAN && $hitType == self::HIT_TYPE_NORMAL && $this->isEnabled() && $this->_hitCount() > wfConfig::getInt('maxRequestsHumans');
case self::TYPE_HUMAN_404S:
return self::visitorType() == self::VISITOR_TYPE_HUMAN && $hitType == self::HIT_TYPE_404 && $this->isEnabled() && $this->_hitCount() > wfConfig::getInt('max404Humans');
}
return false;
}
/**
* Returns the hit count corresponding to the current request type.
*
* @return int
*/
protected function _hitCount() {
if (self::$_hitCount === false) {
self::$_hitCount = (int) wfDB::shared()->querySingle("SELECT @wfcurrenthits");
}
return self::$_hitCount;
}
}

43
wp/wp-content/plugins/wordfence/models/common/wfTab.php Normal file
View File

@@ -0,0 +1,43 @@
<?php
/**
* Defines a UI tab.
*
* @property string $id
* @property string $a
* @property string $tabTitle
* @property string $pageTitle
* @property bool $active
*/
class wfTab {
protected $_id;
protected $_a;
protected $_tabTitle;
protected $_pageTitle;
protected $_active;
public function __construct($id, $a, $tabTitle, $pageTitle, $active = false) {
$this->_id = $id;
$this->_a = $a;
$this->_tabTitle = $tabTitle;
$this->_pageTitle = $pageTitle;
$this->_active = $active;
}
public function __get($name) {
switch ($name) {
case 'id':
return $this->_id;
case 'a':
return $this->_a;
case 'tabTitle':
return $this->_tabTitle;
case 'pageTitle':
return $this->_pageTitle;
case 'active':
return $this->_active;
}
throw new OutOfBoundsException('Invalid key: ' . $name);
}
}

605
wp/wp-content/plugins/wordfence/models/firewall/wfFirewall.php Normal file
View File

@@ -0,0 +1,605 @@
<?php
class wfFirewall
{
const FIREWALL_MODE_DISABLED = 'disabled';
const FIREWALL_MODE_LEARNING = 'learning-mode';
const FIREWALL_MODE_ENABLED = 'enabled';
const PROTECTION_MODE_EXTENDED = 'extended';
const PROTECTION_MODE_BASIC = 'basic';
const RULE_MODE_COMMUNITY = 'community';
const RULE_MODE_PREMIUM = 'premium';
const BLACKLIST_MODE_DISABLED = 'disabled';
const BLACKLIST_MODE_ENABLED = 'enabled';
const UPDATE_FAILURE_RATELIMIT = 'ratelimit';
const UPDATE_FAILURE_UNREACHABLE = 'unreachable';
const UPDATE_FAILURE_FILESYSTEM = 'filesystem';
/**
* Returns a string suitable for display of the firewall status.
*
* @param null|string $status
* @param null|string $protection
* @return string
*/
public function displayText($status = null, $protection = null) {
if ($status === null) { $status = $this->firewallMode(); }
if ($protection === null) { $protection = $this->protectionMode(); }
switch ($status) {
case self::FIREWALL_MODE_ENABLED:
$statusText = __('Enabled', 'wordfence');
break;
case self::FIREWALL_MODE_LEARNING:
$statusText = __('Learning Mode', 'wordfence');
break;
default:
return __('Disabled', 'wordfence');
}
switch ($protection) {
case self::PROTECTION_MODE_EXTENDED:
$protectionText = __('Extended Protection', 'wordfence');
break;
default:
$protectionText = __('Basic Protection', 'wordfence');
break;
}
return sprintf('%s (%s)', $statusText, $protectionText);
}
/**
* Syncs the status from WAF to the wfConfig table if $toDatabase is true, the reverse if false.
*
* @param bool $toDatabase
*/
public function syncStatus($toDatabase = true) {
if ($toDatabase) {
try {
$status = wfWAF::getInstance()->getStorageEngine()->getConfig('wafStatus');
if (in_array($status, array(self::FIREWALL_MODE_DISABLED, self::FIREWALL_MODE_LEARNING, self::FIREWALL_MODE_ENABLED))) {
wfConfig::set('waf_status', $status);
}
}
catch (Exception $e) {
//Ignore
}
}
else {
try {
$status = wfConfig::get('waf_status');
if (in_array($status, array(self::FIREWALL_MODE_DISABLED, self::FIREWALL_MODE_LEARNING, self::FIREWALL_MODE_ENABLED))) {
wfWAF::getInstance()->getStorageEngine()->setConfig('wafStatus', $status);
}
}
catch (Exception $e) {
//Ignore
}
}
}
/**
* Tests the WAF configuration and returns true if successful.
*
* @return bool
*/
public function testConfig() {
try {
wfWAF::getInstance()->getStorageEngine()->isDisabled();
}
catch (Exception $e) {
return false;
}
return true;
}
/**
* Returns a normalized percentage (i.e., in the range [0, 1]) to the corresponding display percentage
* based on license type.
*
* @param float $percentage
* @param bool $adjust Whether or not to adjust the range to [0, 0.7]
* @return float
*/
protected function _normalizedPercentageToDisplay($percentage, $adjust = true) {
if (wfConfig::get('isPaid') || !$adjust) {
return round($percentage, 2);
}
return round($percentage * 0.70, 2);
}
/**
* Returns the percentage calculation of the overall firewall status, which is displayed under "Firewall"
* on the Dashboard page.
*
* @return float
*/
public function overallStatus() {
try {
$wafStatus = $this->wafStatus();
$bruteForceStatus = $this->bruteForceStatus();
$percentage = 0.0;
$percentage += $wafStatus * 0.80;
$percentage += $bruteForceStatus * 0.20;
return $this->_normalizedPercentageToDisplay($percentage, false);
}
catch (Exception $e) {
//Ignore, return 0%
}
return 0.0;
}
public function statusList($section = null) {
$statusList = array();
$wafStatusList = $this->wafStatusList($section);
$bruteForceStatusList = $this->bruteForceStatusList();
foreach ($wafStatusList as $entry) {
$entry['percentage'] *= 0.8;
$statusList[] = $entry;
}
foreach ($bruteForceStatusList as $entry) {
$entry['percentage'] *= 0.2;
$statusList[] = $entry;
}
return array_filter($statusList);
}
/**
* Returns the percentage calculation of the WAF status, which is displayed under "Web Application
* Firewall" on the Firewall page.
*
* @return float
*/
public function wafStatus() {
try {
$ruleStatus = $this->ruleStatus(true);
$blacklistStatus = $this->blacklistStatus();
$wafEnabled = !(!WFWAF_ENABLED || wfWAF::getInstance()->getStorageEngine()->isDisabled());
$extendedProtection = $wafEnabled && WFWAF_AUTO_PREPEND && !WFWAF_SUBDIRECTORY_INSTALL;
$rateLimitingAdvancedBlockingEnabled = wfConfig::get('firewallEnabled', 1);
if (!$wafEnabled) {
return 0.0;
}
$percentage = 0.0;
$percentage += $this->_normalizedPercentageToDisplay($ruleStatus * 0.35, true);
$percentage += $blacklistStatus * 0.35;
$percentage += ($extendedProtection ? 0.20 : 0.0);
$percentage += ($rateLimitingAdvancedBlockingEnabled ? 0.10 : 0.0);
return $this->_normalizedPercentageToDisplay($percentage, false);
}
catch (Exception $e) {
//Ignore, return 0%
}
return 0.0;
}
public function wafStatusList($section = null) {
$statusList = array();
try {
$wafEnabled = !(!WFWAF_ENABLED || wfWAF::getInstance()->getStorageEngine()->isDisabled());
if (!$wafEnabled) {
return array(
array(
'percentage' => 1.0,
'title' => __('Enable firewall.', 'wordfence'),
),
);
}
// Get percent of rules enabled.
$ruleStatus = $this->ruleStatusDescription(true);
$premiumStatus = array();
if (!wfConfig::get('isPaid')) {
$premiumStatus = array(
'percentage' => 0.30,
'title' => __('Enable Premium Rules.', 'wordfence'),
);
}
if ($section === 'rules') {
if ($ruleStatus) {
$ruleStatus['percentage'] = $this->_normalizedPercentageToDisplay($ruleStatus['percentage']);
}
return array_filter(array($ruleStatus, $premiumStatus));
}
if ($premiumStatus) {
$premiumStatus['percentage'] *= 0.35;
$premiumStatus['percentage'] = $this->_normalizedPercentageToDisplay($premiumStatus['percentage'], false);
}
if ($ruleStatus) {
$ruleStatus['percentage'] *= 0.35;
$ruleStatus['percentage'] = $this->_normalizedPercentageToDisplay($ruleStatus['percentage']);
}
$statusList = array_merge($statusList, array($ruleStatus), array($premiumStatus));
$blacklistStatus = $this->blacklistStatusDescription();
if ($section === 'blacklist') {
return array_filter(array($blacklistStatus));
}
if ($blacklistStatus) {
$blacklistStatus['percentage'] *= 0.35;
$blacklistStatus['percentage'] = $this->_normalizedPercentageToDisplay($blacklistStatus['percentage'], false);
}
$statusList = array_merge($statusList, array($blacklistStatus));
$extendedProtection = $wafEnabled && WFWAF_AUTO_PREPEND && !WFWAF_SUBDIRECTORY_INSTALL;
if (!$extendedProtection) {
$statusList[] = array(
'percentage' => $this->_normalizedPercentageToDisplay(0.20, false),
'title' => __('Optimize the Wordfence Firewall.', 'wordfence'),
);
}
$rateLimitingAdvancedBlockingEnabled = wfConfig::get('firewallEnabled', 1);
if (!$rateLimitingAdvancedBlockingEnabled) {
$statusList[] = array(
'percentage' => $this->_normalizedPercentageToDisplay(0.10, false),
'title' => __('Enable Rate Limiting and Advanced Blocking.', 'wordfence'),
);
}
return array_filter($statusList);
}
catch (Exception $e) {
//Ignore, return 0%
}
if (!WFWAF_OPERATIONAL) {
return array(array('percentage' => 1.0, 'title' => __('Repair the Wordfence Firewall configuration.', 'wordfence')));
}
return array();
}
/**
* Returns the status of the WAF.
*
* @return string
*/
public function firewallMode() {
try {
return (!WFWAF_ENABLED ? 'disabled' : wfWAF::getInstance()->getStorageEngine()->getConfig('wafStatus'));
}
catch (Exception $e) {
//Ignore
}
return self::FIREWALL_MODE_DISABLED;
}
/**
* Returns the current protection mode configured for the WAF.
*
* @return string
*/
public function protectionMode() {
if (defined('WFWAF_AUTO_PREPEND') && WFWAF_AUTO_PREPEND) {
return self::PROTECTION_MODE_EXTENDED;
}
return self::PROTECTION_MODE_BASIC;
}
/**
* Returns whether or not this installation is in a subdirectory of another WordPress site with the WAF already optimized.
*
* @return bool
*/
public function isSubDirectoryInstallation() {
if (defined('WFWAF_SUBDIRECTORY_INSTALL') && WFWAF_SUBDIRECTORY_INSTALL) {
return true;
}
return false;
}
/**
* Returns the percentage calculation of the firewall rule status, which is displayed under "Firewall Rules" on the
* Firewall page.
*
* The calculation is the number of rules enabled divided by the total number of rules. If the WAF is in learning
* mode, no rules are enforced, so it's clamped to 0%.
*
* @param bool $round Round the percentage (in the range [0, 1]) to be only whole percentages.
* @return float
*/
public function ruleStatus($round = false) {
try {
$wafEnabled = !(!WFWAF_ENABLED || wfWAF::getInstance()->getStorageEngine()->isDisabled());
if (!$wafEnabled) {
return 0.0;
}
/*$learningMode = !!wfWAF::getInstance()->isInLearningMode();
if ($learningMode) {
return 0.0;
}*/
$rules = wfWAF::getInstance()->getRules();
$disabledRules = (array) wfWAF::getInstance()->getStorageEngine()->getConfig('disabledRules');
/** @var wfWAFRule $rule */
$enabledCount = 0;
foreach ($rules as $ruleID => $rule) {
if (isset($disabledRules[$ruleID]) && $disabledRules[$ruleID]) {
continue;
}
$enabledCount++;
}
$percentEnabled = (count($rules) == 0 ? 0 : $enabledCount / count($rules));
if ($round) {
return round($percentEnabled, 2);
}
return $this->_normalizedPercentageToDisplay($percentEnabled);
}
catch (Exception $e) {
//Ignore, return 0%
}
return 0.0;
}
/**
* @param bool $round
* @return array
*/
public function ruleStatusDescription($round = false) {
try {
$wafEnabled = !(!WFWAF_ENABLED || wfWAF::getInstance()->getStorageEngine()->isDisabled());
if (!$wafEnabled) {
return array(
'percentage' => 1.0,
'title' => __('Enable firewall.', 'wordfence'),
);
}
/*$learningMode = !!wfWAF::getInstance()->isInLearningMode();
if ($learningMode) {
return 0.0;
}*/
$rules = wfWAF::getInstance()->getRules();
$disabledRules = (array) wfWAF::getInstance()->getStorageEngine()->getConfig('disabledRules');
/** @var wfWAFRule $rule */
$enabledCount = 0;
foreach ($rules as $ruleID => $rule) {
if (isset($disabledRules[$ruleID]) && $disabledRules[$ruleID]) {
continue;
}
$enabledCount++;
}
$percentEnabled = 1.0 - ((float) (count($rules) == 0 ? 0 : $enabledCount / count($rules)));
if ($percentEnabled === 0.0) {
return array();
}
$reenbleCount = count($rules) - $enabledCount;
return array(
'percentage' => ($round ? round($percentEnabled, 2) : $percentEnabled),
'title' => sprintf(_n('Re-enable %d firewall rule.', 'Re-enable %d firewall rules.', $reenbleCount, 'wordfence'), number_format_i18n($reenbleCount)),
);
}
catch (Exception $e) {
//Ignore, return 0%
}
return array(
'percentage' => 1.0,
'title' => __('Enable firewall.', 'wordfence'),
);
}
/**
* Returns the rule feed that is in use.
*
* @return string
*/
public function ruleMode() {
if (wfConfig::get('isPaid')) {
return self::RULE_MODE_PREMIUM;
}
return self::RULE_MODE_COMMUNITY;
}
/**
* Returns 100% if the blacklist is enabled, 0% if not.
*
* @return float
*/
public function blacklistStatus() {
try {
$wafEnabled = !(!WFWAF_ENABLED || wfWAF::getInstance()->getStorageEngine()->isDisabled());
if (!$wafEnabled) {
return 0.0;
}
return $this->blacklistMode() == self::BLACKLIST_MODE_ENABLED ? 1.0 : 0.0;
}
catch (Exception $e) {
//Ignore, return 0%
}
return 0.0;
}
/**
* Returns 100% if the blacklist is enabled, 0% if not.
*
* @return array
*/
public function blacklistStatusDescription() {
try {
$wafEnabled = !(!WFWAF_ENABLED || wfWAF::getInstance()->getStorageEngine()->isDisabled());
if (!$wafEnabled) {
return array(
'percentage' => 1.0,
'title' => __('Enable Firewall.', 'wordfence'),
);
}
if ($this->blacklistMode() == self::BLACKLIST_MODE_ENABLED) {
return array();
}
return array(
'percentage' => 1.0,
'title' => __('Enable Real-Time IP Blocklist.', 'wordfence'),
);
}
catch (Exception $e) {
//Ignore, return 0%
}
return array(
'percentage' => 1.0,
'title' => __('Enable Real-Time IP Blocklist.', 'wordfence'),
);
}
/**
* Returns the blacklist mode.
*
* @return string
*/
public function blacklistMode() {
$blacklistEnabled = false;
try {
$wafEnabled = !(!WFWAF_ENABLED || wfWAF::getInstance()->getStorageEngine()->isDisabled());
$blacklistEnabled = $wafEnabled && !wfWAF::getInstance()->getStorageEngine()->getConfig('disableWAFBlacklistBlocking');
}
catch (Exception $e) {
//Do nothing
}
if (wfConfig::get('isPaid') && $blacklistEnabled) {
return self::BLACKLIST_MODE_ENABLED;
}
return self::BLACKLIST_MODE_DISABLED;
}
/**
* Returns a percentage rating for the brute force protection status. This includes both the WFSN enabled status
* and the status of individual login security options. These options are available to all, so they are always
* in the range [0,1].
*
* @return float
*/
public function bruteForceStatus() {
$networkBruteForceEnabled = !!wfConfig::get('other_WFNet');
$localBruteForceEnabled = !!wfConfig::get('loginSecurityEnabled');
$percentage = 0.0;
if ($localBruteForceEnabled) {
$percentage += 0.1;
if ($networkBruteForceEnabled) {
$percentage += 0.5;
}
if (wfConfig::get('loginSec_strongPasswds_enabled') && (wfConfig::get('loginSec_strongPasswds') == 'pubs' || wfConfig::get('loginSec_strongPasswds') == 'all')) {
$percentage += 0.1;
}
if (wfConfig::get('loginSec_maskLoginErrors')) {
$percentage += 0.1;
}
if (wfConfig::get('loginSec_blockAdminReg')) {
$percentage += 0.1;
}
if (wfConfig::get('loginSec_disableAuthorScan')) {
$percentage += 0.1;
}
}
return round($percentage, 2);
}
/**
* Returns the status of the WAF's learning mode.
*
* @return bool|int Returns true if enabled without an automatic switchover, a timestamp if enabled with one, and false if not in learning mode.
*/
public function learningModeStatus() {
if ($this->firewallMode() != self::FIREWALL_MODE_LEARNING) {
return false;
}
try {
$config = wfWAF::getInstance()->getStorageEngine();
if ($config->getConfig('learningModeGracePeriodEnabled')) {
return (int) $config->getConfig('learningModeGracePeriod');
}
return true;
}
catch (Exception $e) {
//Ignore, return false
}
return false;
}
/**
* @return array
*/
public function bruteForceStatusList() {
$networkBruteForceEnabled = !!wfConfig::get('other_WFNet');
$localBruteForceEnabled = !!wfConfig::get('loginSecurityEnabled');
$status = array();
if ($localBruteForceEnabled) {
if (!$networkBruteForceEnabled) {
$status[] = array(
'percentage' => 0.5,
'title' => __('Enable Real-Time Wordfence Security Network.', 'wordfence'),
);
}
if (!wfConfig::get('loginSec_strongPasswds_enabled')) {
$status[] = array(
'percentage' => 0.1,
'title' => __('Enforce Strong Passwords.', 'wordfence'),
);
}
if (!wfConfig::get('loginSec_maskLoginErrors')) {
$status[] = array(
'percentage' => 0.1,
'title' => __('Enable Mask Login Errors.', 'wordfence'),
);
}
if (!wfConfig::get('loginSec_blockAdminReg')) {
$status[] = array(
'percentage' => 0.1,
'title' => __('Enable Block Admin Registration.', 'wordfence'),
);
}
if (!wfConfig::get('loginSec_disableAuthorScan')) {
$status[] = array(
'percentage' => 0.1,
'title' => __('Disable Author Scanning.', 'wordfence'),
);
}
} else {
$status[] = array(
'percentage' => 1.0,
'title' => __('Enable Brute Force Protection.', 'wordfence'),
);
}
return array_filter($status);
}
}

263
wp/wp-content/plugins/wordfence/models/page/wfPage.php Normal file
View File

@@ -0,0 +1,263 @@
<?php
class wfPage {
const PAGE_DASHBOARD = 'dashboard';
const PAGE_DASHBOARD_OPTIONS = 'dashboard-options';
const PAGE_FIREWALL = 'firewall';
const PAGE_FIREWALL_OPTIONS = 'firewall-options';
const PAGE_BLOCKING = 'blocking';
const PAGE_BLOCKING_OPTIONS = 'blocking-options';
const PAGE_SCAN = 'scan';
const PAGE_SCAN_OPTIONS = 'scan-options';
const PAGE_TOOLS_2FA = 'tools-2fa';
const PAGE_TOOLS_LIVE_TRAFFIC = 'tools-2fa';
const PAGE_TOOLS_WHOIS = 'tools-whois';
const PAGE_TOOLS_IMPORT_EXPORT = 'tools-import-export';
const PAGE_TOOLS_DIAGNOSTICS = 'tools-diagnostics';
const PAGE_SUPPORT = 'support';
/** @var string */
private $_identifier;
/**
* Provides validation for a user-provided page identifier.
*
* @param string $identifier
* @return bool
*/
public static function isValidPage($identifier) {
switch ($identifier) {
case self::PAGE_DASHBOARD:
case self::PAGE_DASHBOARD_OPTIONS:
case self::PAGE_FIREWALL:
case self::PAGE_FIREWALL_OPTIONS:
case self::PAGE_BLOCKING:
case self::PAGE_BLOCKING_OPTIONS:
case self::PAGE_SCAN:
case self::PAGE_SCAN_OPTIONS:
case self::PAGE_TOOLS_2FA:
case self::PAGE_TOOLS_LIVE_TRAFFIC:
case self::PAGE_TOOLS_IMPORT_EXPORT:
case self::PAGE_TOOLS_WHOIS:
case self::PAGE_TOOLS_DIAGNOSTICS:
case self::PAGE_SUPPORT:
return true;
}
return false;
}
/**
* Convenience function for returning the user-displayable label for the given page.
*
* @param string $identifier
* @return bool|string
*/
public static function pageLabel($identifier) {
$page = new wfPage($identifier);
return $page->label();
}
/**
* Convenience function for returning the canonical URL for the given page.
*
* @param string $identifier
* @param string|bool $source The source page identifier to append to the URL if wanted.
* @return string
*/
public static function pageURL($identifier, $source = false) {
$page = new wfPage($identifier);
return $page->url($source);
}
public function __construct($identifier) {
$this->_identifier = $identifier;
}
public function __get($key) {
switch ($key) {
case 'identifier':
return $this->_identifier;
}
throw new OutOfBoundsException("{$key} is not a valid property");
}
public function __isset($key) {
switch ($key) {
case 'identifier':
return true;
}
return false;
}
/**
* Returns the user-displayable label for the page.
*
* @return bool|string
*/
public function label() {
switch ($this->identifier) {
case self::PAGE_DASHBOARD:
return __('Dashboard', 'wordfence');
case self::PAGE_DASHBOARD_OPTIONS:
return __('Global Options', 'wordfence');
case self::PAGE_FIREWALL:
return __('Firewall', 'wordfence');
case self::PAGE_FIREWALL_OPTIONS:
return __('Firewall Options', 'wordfence');
case self::PAGE_BLOCKING:
return __('Blocking', 'wordfence');
case self::PAGE_BLOCKING_OPTIONS:
return __('Blocking Options', 'wordfence');
case self::PAGE_SCAN:
return __('Scan', 'wordfence');
case self::PAGE_SCAN_OPTIONS:
return __('Scan Options', 'wordfence');
case self::PAGE_TOOLS_2FA:
return __('Two-Factor Authentication', 'wordfence');
case self::PAGE_TOOLS_LIVE_TRAFFIC:
return __('Live Traffic', 'wordfence');
case self::PAGE_TOOLS_IMPORT_EXPORT:
return __('Import/Export Options', 'wordfence');
case self::PAGE_TOOLS_WHOIS:
return __('Whois Lookup', 'wordfence');
case self::PAGE_TOOLS_DIAGNOSTICS:
return __('Diagnostics', 'wordfence');
case self::PAGE_SUPPORT:
return __('Support', 'wordfence');
}
return false;
}
/**
* Returns the canonical URL for the page.
*
* @param string|bool $source The source page identifier to append to the URL if wanted.
* @return string
*/
public function url($source = false) {
$page = '';
$subpage = '';
$hash = '';
switch ($this->identifier) {
case self::PAGE_DASHBOARD:
$page = 'Wordfence';
break;
case self::PAGE_DASHBOARD_OPTIONS:
$page = 'Wordfence';
$subpage = 'global_options';
break;
case self::PAGE_FIREWALL:
$page = 'WordfenceWAF';
break;
case self::PAGE_FIREWALL_OPTIONS:
$page = 'WordfenceWAF';
$subpage = 'waf_options';
break;
case self::PAGE_BLOCKING:
$page = 'WordfenceWAF';
$hash = '#top#blocking';
break;
case self::PAGE_BLOCKING_OPTIONS:
$page = 'WordfenceWAF';
$subpage = 'blocking_options';
break;
case self::PAGE_SCAN:
$page = 'WordfenceScan';
break;
case self::PAGE_SCAN_OPTIONS:
$page = 'WordfenceScan';
$subpage = 'scan_options';
break;
case self::PAGE_TOOLS_2FA:
$page = 'WordfenceTools';
$subpage = 'twofactor';
break;
case self::PAGE_TOOLS_LIVE_TRAFFIC:
$page = 'WordfenceTools';
$subpage = 'livetraffic';
break;
case self::PAGE_TOOLS_IMPORT_EXPORT:
$page = 'WordfenceTools';
$subpage = 'importexport';
break;
case self::PAGE_TOOLS_WHOIS:
$page = 'WordfenceTools';
$subpage = 'whois';
break;
case self::PAGE_TOOLS_DIAGNOSTICS:
$page = 'WordfenceTools';
$subpage = 'diagnostics';
break;
case self::PAGE_SUPPORT:
$page = 'WordfenceSupport';
break;
}
$baseURL = 'admin.php?';
$baseURL .= 'page=' . rawurlencode($page);
if (!empty($subpage)) { $baseURL .= '&subpage=' . rawurlencode($subpage); }
if (self::isValidPage($source)) { $baseURL .= '&source=' . rawurlencode($source); }
if (!empty($hash)) { $baseURL .= $this->_hashURLEncode($hash); }
if (function_exists('network_admin_url') && is_multisite()) {
return network_admin_url($baseURL);
}
return admin_url($baseURL);
}
/**
* Splits a URI hash component and URL-encodes its members.
*
* @param string $hash
* @return string
*/
private function _hashURLEncode($hash) {
$components = explode('#', $hash);
foreach ($components as &$c) {
$c = rawurlencode($c);
}
return implode('#', $components);
}
/**
* Returns an ordered array of the pages required to reach this page, this page being the last entry in the array.
*
* @return array
*/
public function breadcrumbs() {
switch ($this->identifier) {
case self::PAGE_DASHBOARD:
return array($this);
case self::PAGE_DASHBOARD_OPTIONS:
return array(new wfPage(wfPage::PAGE_DASHBOARD), $this);
case self::PAGE_FIREWALL:
return array($this);
case self::PAGE_FIREWALL_OPTIONS:
return array(new wfPage(wfPage::PAGE_FIREWALL), $this);
case self::PAGE_BLOCKING:
return array($this);
case self::PAGE_BLOCKING_OPTIONS:
return array(new wfPage(wfPage::PAGE_BLOCKING), $this);
case self::PAGE_SCAN:
return array($this);
case self::PAGE_SCAN_OPTIONS:
return array(new wfPage(wfPage::PAGE_SCAN), $this);
case self::PAGE_TOOLS_2FA:
return array($this);
case self::PAGE_TOOLS_LIVE_TRAFFIC:
return array($this);
case self::PAGE_TOOLS_IMPORT_EXPORT:
return array($this);
case self::PAGE_TOOLS_WHOIS:
return array($this);
case self::PAGE_TOOLS_DIAGNOSTICS:
return array($this);
case self::PAGE_SUPPORT:
return array($this);
}
return array();
}
}

1241
wp/wp-content/plugins/wordfence/models/scanner/wfScanner.php Normal file
View File

File diff suppressed because it is too large Load Diff