Edit File by line

echo wfConfig::get('detectProxyRecommendation', '-');

[2000] Fix | Delete

}

[2001] Fix | Delete

else {

[2002] Fix | Delete

echo '0';

[2003] Fix | Delete

}

[2004] Fix | Delete

exit();

[2005] Fix | Delete

}

[2006] Fix | Delete

else if ($wfFunc == 'removeAlertEmail') {

[2007] Fix | Delete

wfUtils::doNotCache();

[2008] Fix | Delete

[2009] Fix | Delete

$payloadStatus = false;

[2010] Fix | Delete

$jwt = (isset($_GET['jwt']) && is_string($_GET['jwt'])) ? $_GET['jwt'] : '';

[2011] Fix | Delete

if (!empty($jwt)) {

[2012] Fix | Delete

$payload = wfUtils::decodeJWT($jwt);

[2013] Fix | Delete

if ($payload && isset($payload['email'])) {

[2014] Fix | Delete

$payloadStatus = true;

[2015] Fix | Delete

}

[2016] Fix | Delete

}

[2017] Fix | Delete

[2018] Fix | Delete

if (isset($_POST['resend'])) {

[2019] Fix | Delete

$email = trim(@$_POST['email']);

[2020] Fix | Delete

$found = false;

[2021] Fix | Delete

$alertEmails = wfConfig::getAlertEmails();

[2022] Fix | Delete

foreach ($alertEmails as $e) {

[2023] Fix | Delete

if ($e == $email) {

[2024] Fix | Delete

$found = true;

[2025] Fix | Delete

break;

[2026] Fix | Delete

}

[2027] Fix | Delete

}

[2028] Fix | Delete

[2029] Fix | Delete

if ($found) {

[2030] Fix | Delete

$content = wfUtils::tmpl('email_unsubscribeRequest.php', array(

[2031] Fix | Delete

'siteName' => get_bloginfo('name', 'raw'),

[2032] Fix | Delete

'siteURL' => wfUtils::getSiteBaseURL(),

[2033] Fix | Delete

'IP' => wfUtils::getIP(),

[2034] Fix | Delete

'jwt' => wfUtils::generateJWT(array('email' => $email)),

[2035] Fix | Delete

));

[2036] Fix | Delete

wp_mail($email, __("Unsubscribe Requested", 'wordfence'), $content, "Content-Type: text/html");

[2037] Fix | Delete

}

[2038] Fix | Delete

[2039] Fix | Delete

echo wfView::create('common/unsubscribe', array(

[2040] Fix | Delete

'state' => 'resent',

[2041] Fix | Delete

))->render();

[2042] Fix | Delete

exit();

[2043] Fix | Delete

}

[2044] Fix | Delete

else if (!$payloadStatus) {

[2045] Fix | Delete

echo wfView::create('common/unsubscribe', array(

[2046] Fix | Delete

'state' => 'bad',

[2047] Fix | Delete

))->render();

[2048] Fix | Delete

exit();

[2049] Fix | Delete

}

[2050] Fix | Delete

else if (isset($_POST['confirm'])) {

[2051] Fix | Delete

$confirm = wfUtils::truthyToBoolean($_POST['confirm']);

[2052] Fix | Delete

if ($confirm) {

[2053] Fix | Delete

$found = false;

[2054] Fix | Delete

$alertEmails = wfConfig::getAlertEmails();

[2055] Fix | Delete

$updatedAlertEmails = array();

[2056] Fix | Delete

foreach ($alertEmails as $alertEmail) {

[2057] Fix | Delete

if ($alertEmail == $payload['email']) {

[2058] Fix | Delete

$found = true;

[2059] Fix | Delete

}

[2060] Fix | Delete

else {

[2061] Fix | Delete

$updatedAlertEmails[] = $alertEmail;

[2062] Fix | Delete

}

[2063] Fix | Delete

}

[2064] Fix | Delete

[2065] Fix | Delete

if ($found) {

[2066] Fix | Delete

wfConfig::set('alertEmails', implode(',', $updatedAlertEmails));

[2067] Fix | Delete

}

[2068] Fix | Delete

[2069] Fix | Delete

echo wfView::create('common/unsubscribe', array(

[2070] Fix | Delete

'jwt' => $_GET['jwt'],

[2071] Fix | Delete

'email' => $payload['email'],

[2072] Fix | Delete

'state' => 'unsubscribed',

[2073] Fix | Delete

))->render();

[2074] Fix | Delete

exit();

[2075] Fix | Delete

}

[2076] Fix | Delete

}

[2077] Fix | Delete

[2078] Fix | Delete

echo wfView::create('common/unsubscribe', array(

[2079] Fix | Delete

'jwt' => $_GET['jwt'],

[2080] Fix | Delete

'email' => $payload['email'],

[2081] Fix | Delete

'state' => 'prompt',

[2082] Fix | Delete

))->render();

[2083] Fix | Delete

exit();

[2084] Fix | Delete

}

[2085] Fix | Delete

else if ($wfFunc == 'installLicense') {

[2086] Fix | Delete

if (wfUtils::isAdmin()) {

[2087] Fix | Delete

wfUtils::doNotCache();

[2088] Fix | Delete

[2089] Fix | Delete

if (isset($_POST['license'])) {

[2090] Fix | Delete

$nonceValid = wp_verify_nonce(@$_POST['nonce'], 'wf-form');

[2091] Fix | Delete

if (!$nonceValid) {

[2092] Fix | Delete

die(__('Sorry but your browser sent an invalid security token when trying to use this form.', 'wordfence'));

[2093] Fix | Delete

}

[2094] Fix | Delete

[2095] Fix | Delete

$changes = array('apiKey' => $_POST['license']);

[2096] Fix | Delete

$errors = wfConfig::validate($changes);

[2097] Fix | Delete

if ($errors !== true) {

[2098] Fix | Delete

$error = __('An error occurred while saving the license.', 'wordfence');

[2099] Fix | Delete

if (count($errors) == 1) {

[2100] Fix | Delete

$error = sprintf(/* translators: Error message. */ __('An error occurred while saving the license: %s', 'wordfence'), $errors[0]['error']);

[2101] Fix | Delete

}

[2102] Fix | Delete

[2103] Fix | Delete

echo wfView::create('common/license', array(

[2104] Fix | Delete

'state' => 'bad',

[2105] Fix | Delete

'error' => $error,

[2106] Fix | Delete

))->render();

[2107] Fix | Delete

exit();

[2108] Fix | Delete

}

[2109] Fix | Delete

[2110] Fix | Delete

try {

[2111] Fix | Delete

wfConfig::save(wfConfig::clean($changes));

[2112] Fix | Delete

echo wfView::create('common/license', array(

[2113] Fix | Delete

'state' => 'installed',

[2114] Fix | Delete

))->render();

[2115] Fix | Delete

exit();

[2116] Fix | Delete

}

[2117] Fix | Delete

catch (Exception $e) {

[2118] Fix | Delete

echo wfView::create('common/license', array(

[2119] Fix | Delete

'state' => 'bad',

[2120] Fix | Delete

'error' => sprintf(/* translators: Error message. */ __('An error occurred while saving the license: %s', 'wordfence'), $e->getMessage()),

[2121] Fix | Delete

))->render();

[2122] Fix | Delete

exit();

[2123] Fix | Delete

}

[2124] Fix | Delete

}

[2125] Fix | Delete

[2126] Fix | Delete

echo wfView::create('common/license', array(

[2127] Fix | Delete

'state' => 'prompt',

[2128] Fix | Delete

))->render();

[2129] Fix | Delete

exit();

[2130] Fix | Delete

}

[2131] Fix | Delete

}

[2132] Fix | Delete

[2133] Fix | Delete

if (is_main_site() && wfUtils::isAdmin()) {

[2134] Fix | Delete

if (wp_next_scheduled('wordfence_daily_cron') === false) {

[2135] Fix | Delete

wp_schedule_event(time() + 600, 'daily', 'wordfence_daily_cron');

[2136] Fix | Delete

wordfence::status(2, 'info', __("Rescheduled missing daily cron", 'wordfence'));

[2137] Fix | Delete

}

[2138] Fix | Delete

[2139] Fix | Delete

if (wp_next_scheduled('wordfence_hourly_cron') === false) {

[2140] Fix | Delete

wp_schedule_event(time() + 600, 'hourly', 'wordfence_hourly_cron');

[2141] Fix | Delete

wordfence::status(2, 'info', __("Rescheduled missing hourly cron", 'wordfence'));

[2142] Fix | Delete

}

[2143] Fix | Delete

}

[2144] Fix | Delete

[2145] Fix | Delete

// Sync the WAF data with the database.

[2146] Fix | Delete

if (!WFWAF_SUBDIRECTORY_INSTALL && $waf = wfWAF::getInstance()) {

[2147] Fix | Delete

$homeurl = wfUtils::wpHomeURL();

[2148] Fix | Delete

$siteurl = wfUtils::wpSiteURL();

[2149] Fix | Delete

[2150] Fix | Delete

//Sync the GeoIP database if needed

[2151] Fix | Delete

$destination = WFWAF_LOG_PATH . '/GeoLite2-Country.mmdb';

[2152] Fix | Delete

if (!file_exists($destination) || wfConfig::get('needsGeoIPSync')) {

[2153] Fix | Delete

$allowSync = false;

[2154] Fix | Delete

if (wfConfig::createLock('wfSyncGeoIP')) {

[2155] Fix | Delete

$status = get_transient('wfSyncGeoIPActive');

[2156] Fix | Delete

if (!$status) {

[2157] Fix | Delete

$allowSync = true;

[2158] Fix | Delete

set_transient('wfSyncGeoIPActive', true, 3600);

[2159] Fix | Delete

}

[2160] Fix | Delete

wfConfig::releaseLock('wfSyncGeoIP');

[2161] Fix | Delete

}

[2162] Fix | Delete

[2163] Fix | Delete

if ($allowSync) {

[2164] Fix | Delete

wfUtils::requireIpLocator();

[2165] Fix | Delete

try {

[2166] Fix | Delete

$wflogsLocator = wfIpLocator::getInstance(wfIpLocator::SOURCE_WFLOGS);

[2167] Fix | Delete

$bundledLocator = wfIpLocator::getInstance(wfIpLocator::SOURCE_BUNDLED);

[2168] Fix | Delete

if (!$wflogsLocator->isPreferred() || $wflogsLocator->getDatabaseVersion() !== $bundledLocator->getDatabaseVersion()) {

[2169] Fix | Delete

$source = dirname(__FILE__) . '/GeoLite2-Country.mmdb';

[2170] Fix | Delete

if (copy($source, $destination)) {

[2171] Fix | Delete

$shash = '';

[2172] Fix | Delete

$dhash = '';

[2173] Fix | Delete

$sp = @fopen($source, "rb");

[2174] Fix | Delete

if ($sp) {

[2175] Fix | Delete

$scontext = hash_init('sha256');

[2176] Fix | Delete

while (!feof($sp)) {

[2177] Fix | Delete

$data = fread($sp, 65536);

[2178] Fix | Delete

if ($data === false) {

[2179] Fix | Delete

$scontext = false;

[2180] Fix | Delete

break;

[2181] Fix | Delete

}

[2182] Fix | Delete

hash_update($scontext, $data);

[2183] Fix | Delete

}

[2184] Fix | Delete

[2185] Fix | Delete

fclose($sp);

[2186] Fix | Delete

if ($scontext !== false) {

[2187] Fix | Delete

$shash = hash_final($scontext, false);

[2188] Fix | Delete

}

[2189] Fix | Delete

}

[2190] Fix | Delete

$dp = @fopen($destination, "rb");

[2191] Fix | Delete

if ($dp) {

[2192] Fix | Delete

$dcontext = hash_init('sha256');

[2193] Fix | Delete

while (!feof($dp)) {

[2194] Fix | Delete

$data = fread($dp, 65536);

[2195] Fix | Delete

if ($data === false) {

[2196] Fix | Delete

$dcontext = false;

[2197] Fix | Delete

break;

[2198] Fix | Delete

}

[2199] Fix | Delete

hash_update($dcontext, $data);

[2200] Fix | Delete

}

[2201] Fix | Delete

[2202] Fix | Delete

fclose($dp);

[2203] Fix | Delete

if ($scontext !== false) {

[2204] Fix | Delete

$dhash = hash_final($dcontext, false);

[2205] Fix | Delete

}

[2206] Fix | Delete

}

[2207] Fix | Delete

if (hash_equals($shash, $dhash)) {

[2208] Fix | Delete

wfConfig::remove('needsGeoIPSync');

[2209] Fix | Delete

delete_transient('wfSyncGeoIPActive');

[2210] Fix | Delete

}

[2211] Fix | Delete

}

[2212] Fix | Delete

}

[2213] Fix | Delete

else {

[2214] Fix | Delete

wfConfig::remove('needsGeoIPSync');

[2215] Fix | Delete

delete_transient('wfSyncGeoIPActive');

[2216] Fix | Delete

}

[2217] Fix | Delete

}

[2218] Fix | Delete

catch (Exception $e) {

[2219] Fix | Delete

//Ignore

[2220] Fix | Delete

}

[2221] Fix | Delete

}

[2222] Fix | Delete

}

[2223] Fix | Delete

[2224] Fix | Delete

try {

[2225] Fix | Delete

$sapi = @php_sapi_name();

[2226] Fix | Delete

if ($sapi != "cli") {

[2227] Fix | Delete

$lastPermissionsTemplateCheck = wfConfig::getInt('lastPermissionsTemplateCheck', 0);

[2228] Fix | Delete

if (defined('WFWAF_LOG_PATH') && ($lastPermissionsTemplateCheck + 43200) < time()) { //Run no more frequently than every 12 hours

[2229] Fix | Delete

$timestamp = preg_replace('/[^0-9]/', '', microtime(false)); //We avoid using tmpfile since it can potentially create one with different permissions than the defaults

[2230] Fix | Delete

$tmpTemplate = rtrim(WFWAF_LOG_PATH, '/') . "/template.{$timestamp}.tmp";

[2231] Fix | Delete

$template = rtrim(WFWAF_LOG_PATH, '/') . '/template.php';

[2232] Fix | Delete

@unlink($tmpTemplate);

[2233] Fix | Delete

@file_put_contents($tmpTemplate, "<?php exit('Access denied'); __halt_compiler(); ?>\n");

[2234] Fix | Delete

$tmpStat = @stat($tmpTemplate);

[2235] Fix | Delete

if ($tmpStat !== false) {

[2236] Fix | Delete

$mode = $tmpStat[2] & 0777;

[2237] Fix | Delete

$updatedMode = 0600;

[2238] Fix | Delete

if (($mode & 0020) == 0020) { //Group writable

[2239] Fix | Delete

$updatedMode = $updatedMode | 0060;

[2240] Fix | Delete

}

[2241] Fix | Delete

[2242] Fix | Delete

if (defined('WFWAF_LOG_FILE_MODE')) {

[2243] Fix | Delete

$updatedMode = WFWAF_LOG_FILE_MODE;

[2244] Fix | Delete

}

[2245] Fix | Delete

[2246] Fix | Delete

$stat = @stat($template);

[2247] Fix | Delete

if ($stat === false || ($stat[2] & 0777) != $updatedMode) {

[2248] Fix | Delete

@chmod($tmpTemplate, $updatedMode);

[2249] Fix | Delete

[2250] Fix | Delete

@unlink($template);

[2251] Fix | Delete

@rename($tmpTemplate, $template);

[2252] Fix | Delete

}

[2253] Fix | Delete

@unlink($tmpTemplate);

[2254] Fix | Delete

}

[2255] Fix | Delete

else {

[2256] Fix | Delete

@unlink($tmpTemplate);

[2257] Fix | Delete

}

[2258] Fix | Delete

[2259] Fix | Delete

wfConfig::set('lastPermissionsTemplateCheck', time());

[2260] Fix | Delete

[2261] Fix | Delete

@chmod(WFWAF_LOG_PATH, (wfWAFWordPress::permissions() | 0755));

[2262] Fix | Delete

wfWAFWordPress::writeHtaccess();

[2263] Fix | Delete

[2264] Fix | Delete

$contents = self::_wflogsContents();

[2265] Fix | Delete

if ($contents) {

[2266] Fix | Delete

$validFiles = wfWAF::getInstance()->fileList();

[2267] Fix | Delete

foreach ($validFiles as &$vf) {

[2268] Fix | Delete

$vf = basename($vf);

[2269] Fix | Delete

}

[2270] Fix | Delete

$validFiles = array_filter($validFiles);

[2271] Fix | Delete

[2272] Fix | Delete

$previousWflogsFileList = wfConfig::getJSON('previousWflogsFileList', array());

[2273] Fix | Delete

[2274] Fix | Delete

$wflogs = realpath(WFWAF_LOG_PATH);

[2275] Fix | Delete

$filesRemoved = array();

[2276] Fix | Delete

foreach ($contents as $f) {

[2277] Fix | Delete

if (!in_array($f, $validFiles) && in_array($f, $previousWflogsFileList)) {

[2278] Fix | Delete

$fullPath = $f;

[2279] Fix | Delete

$removed = self::_recursivelyRemoveWflogs($f);

[2280] Fix | Delete

$filesRemoved = array_merge($filesRemoved, $removed);

[2281] Fix | Delete

}

[2282] Fix | Delete

}

[2283] Fix | Delete

[2284] Fix | Delete

$contents = self::_wflogsContents();

[2285] Fix | Delete

wfConfig::setJSON('previousWflogsFileList', $contents);

[2286] Fix | Delete

[2287] Fix | Delete

if (!empty($filesRemoved)) {

[2288] Fix | Delete

$removalHistory = wfConfig::getJSON('diagnosticsWflogsRemovalHistory', array());

[2289] Fix | Delete

$removalHistory = array_slice($removalHistory, 0, 4);

[2290] Fix | Delete

array_unshift($removalHistory, array(time(), $filesRemoved));

[2291] Fix | Delete

wfConfig::setJSON('diagnosticsWflogsRemovalHistory', $removalHistory);

[2292] Fix | Delete

}

[2293] Fix | Delete

}

[2294] Fix | Delete

}

[2295] Fix | Delete

}

[2296] Fix | Delete

}

[2297] Fix | Delete

catch (Exception $e) {

[2298] Fix | Delete

//Ignore

[2299] Fix | Delete

}

[2300] Fix | Delete

[2301] Fix | Delete

try {

[2302] Fix | Delete

$configDefaults = array(

[2303] Fix | Delete

'apiKey' => wfConfig::get('apiKey'),

[2304] Fix | Delete

'isPaid' => !!wfConfig::get('isPaid'),

[2305] Fix | Delete

'siteURL' => $siteurl,

[2306] Fix | Delete

'homeURL' => $homeurl,

[2307] Fix | Delete

'whitelistedIPs' => (string) wfConfig::get('whitelisted'),

[2308] Fix | Delete

'whitelistedServiceIPs' => @json_encode(wfUtils::whitelistedServiceIPs()),

[2309] Fix | Delete

'howGetIPs' => (string) wfConfig::get('howGetIPs'),

[2310] Fix | Delete

'howGetIPs_trusted_proxies_unified' => implode("\n", wfUtils::unifiedTrustedProxies()),

[2311] Fix | Delete

'detectProxyRecommendation' => (string) wfConfig::get('detectProxyRecommendation'),

[2312] Fix | Delete

'other_WFNet' => !!wfConfig::get('other_WFNet', true),

[2313] Fix | Delete

'pluginABSPATH' => ABSPATH,

[2314] Fix | Delete

'serverIPs' => json_encode(wfUtils::serverIPs()),

[2315] Fix | Delete

'blockCustomText' => wpautop(wp_strip_all_tags(wfConfig::get('blockCustomText', ''))),

[2316] Fix | Delete

'disableWAFIPBlocking' => wfConfig::get('disableWAFIPBlocking'),

[2317] Fix | Delete

'wordpressVersion' => wfConfig::get('wordpressVersion'),

[2318] Fix | Delete

'wordpressPluginVersions' => wfConfig::get_ser('wordpressPluginVersions'),

[2319] Fix | Delete

'wordpressThemeVersions' => wfConfig::get_ser('wordpressThemeVersions'),

[2320] Fix | Delete

'WPLANG' => get_site_option('WPLANG'),

[2321] Fix | Delete

);

[2322] Fix | Delete

if (wfUtils::isAdmin()) {

[2323] Fix | Delete

$errorNonceKey = 'errorNonce_' . get_current_user_id();

[2324] Fix | Delete

$configDefaults[$errorNonceKey] = wp_create_nonce('wf-waf-error-page'); //Used by the AJAX watcher script

[2325] Fix | Delete

}

[2326] Fix | Delete

foreach ($configDefaults as $key => $value) {

[2327] Fix | Delete

$waf->getStorageEngine()->setConfig($key, $value, 'synced');

[2328] Fix | Delete

}

[2329] Fix | Delete

[2330] Fix | Delete

if (wfConfig::get('timeoffset_wf') !== false) {

[2331] Fix | Delete

$waf->getStorageEngine()->setConfig('timeoffset_wf', wfConfig::get('timeoffset_wf'), 'synced');

[2332] Fix | Delete

}

[2333] Fix | Delete

else {

[2334] Fix | Delete

$waf->getStorageEngine()->unsetConfig('timeoffset_wf', 'synced');

[2335] Fix | Delete

}

[2336] Fix | Delete

[2337] Fix | Delete

if (class_exists('wfWAFIPBlocksController')) {

[2338] Fix | Delete

wfWAFIPBlocksController::setNeedsSynchronizeConfigSettings();

[2339] Fix | Delete

}

[2340] Fix | Delete

[2341] Fix | Delete

if (wfUtils::isAdmin()) {

[2342] Fix | Delete

if ($waf->getStorageEngine()->getConfig('wafStatus', '') == 'learning-mode') {

[2343] Fix | Delete

if ($waf->getStorageEngine()->getConfig('learningModeGracePeriodEnabled', false)) {

[2344] Fix | Delete

if ($waf->getStorageEngine()->getConfig('learningModeGracePeriod', 0) <= time()) {

[2345] Fix | Delete

// Reached the end of the grace period, activate the WAF.

[2346] Fix | Delete

$waf->getStorageEngine()->setConfig('wafStatus', 'enabled');

[2347] Fix | Delete

$waf->getStorageEngine()->setConfig('learningModeGracePeriodEnabled', 0);

[2348] Fix | Delete

$waf->getStorageEngine()->unsetConfig('learningModeGracePeriod');

[2349] Fix | Delete

[2350] Fix | Delete

$firewall = new wfFirewall();

[2351] Fix | Delete

$firewall->syncStatus(true);

[2352] Fix | Delete

}

[2353] Fix | Delete

}

[2354] Fix | Delete

}

[2355] Fix | Delete

}

[2356] Fix | Delete

[2357] Fix | Delete

if (empty($_GET['wordfence_syncAttackData'])) {

[2358] Fix | Delete

$table_wfHits = wfDB::networkTable('wfHits');

[2359] Fix | Delete

if ($waf->getStorageEngine() instanceof wfWAFStorageMySQL) {

[2360] Fix | Delete

$lastAttackMicroseconds = floatval($waf->getStorageEngine()->getConfig('lastAttackDataTruncateTime'));

[2361] Fix | Delete

} else {

[2362] Fix | Delete

$lastAttackMicroseconds = $wpdb->get_var("SELECT MAX(attackLogTime) FROM {$table_wfHits}");

[2363] Fix | Delete

}

[2364] Fix | Delete

if (get_site_option('wordfence_lastSyncAttackData', 0) < time() - 8) {

[2365] Fix | Delete

if ($waf->getStorageEngine()->hasNewerAttackData($lastAttackMicroseconds)) {

[2366] Fix | Delete

if (get_site_option('wordfence_syncingAttackData') <= time() - 60) {

[2367] Fix | Delete

// Could be the request to itself is not completing, add ajax to the head as a workaround

[2368] Fix | Delete

$attempts = get_site_option('wordfence_syncAttackDataAttempts', 0);

[2369] Fix | Delete

if ($attempts > 10) {

[2370] Fix | Delete

add_action('wp_head', 'wordfence::addSyncAttackDataAjax');

[2371] Fix | Delete

add_action('login_head', 'wordfence::addSyncAttackDataAjax');

[2372] Fix | Delete

add_action('admin_head', 'wordfence::addSyncAttackDataAjax');

[2373] Fix | Delete

} else {

[2374] Fix | Delete

update_site_option('wordfence_syncAttackDataAttempts', ++$attempts);

[2375] Fix | Delete

wp_remote_post(add_query_arg('wordfence_syncAttackData', microtime(true), home_url('/')), array(

[2376] Fix | Delete

'timeout' => 0.01,

[2377] Fix | Delete

'blocking' => false,

[2378] Fix | Delete

'sslverify' => apply_filters('https_local_ssl_verify', false)

[2379] Fix | Delete

));

[2380] Fix | Delete

}

[2381] Fix | Delete

}

[2382] Fix | Delete

}

[2383] Fix | Delete

}

[2384] Fix | Delete

}

[2385] Fix | Delete

[2386] Fix | Delete

if ($waf instanceof wfWAFWordPress && ($learningModeAttackException = $waf->getLearningModeAttackException())) {

[2387] Fix | Delete

$log = self::getLog();

[2388] Fix | Delete

$log->initLogRequest();

[2389] Fix | Delete

$request = $log->getCurrentRequest();

[2390] Fix | Delete

$request->action = 'learned:waf';

[2391] Fix | Delete

$request->attackLogTime = microtime(true);

[2392] Fix | Delete

[2393] Fix | Delete

$ruleIDs = array();

[2394] Fix | Delete

/** @var wfWAFRule $failedRule */

[2395] Fix | Delete

foreach ($learningModeAttackException->getFailedRules() as $failedRule) {

[2396] Fix | Delete

$ruleIDs[] = $failedRule->getRuleID();

[2397] Fix | Delete

}

[2398] Fix | Delete

[2399] Fix | Delete

$actionData = array(

[2400] Fix | Delete

'learningMode' => 1,

[2401] Fix | Delete

'failedRules' => $ruleIDs,

[2402] Fix | Delete

'paramKey' => $learningModeAttackException->getParamKey(),

[2403] Fix | Delete

'paramValue' => $learningModeAttackException->getParamValue(),

[2404] Fix | Delete

);

[2405] Fix | Delete

if ($ruleIDs && $ruleIDs[0]) {

[2406] Fix | Delete

$rule = $waf->getRule($ruleIDs[0]);

[2407] Fix | Delete

if ($rule) {

[2408] Fix | Delete

$request->actionDescription = $rule->getDescription();

[2409] Fix | Delete

$actionData['category'] = $rule->getCategory();

[2410] Fix | Delete

$actionData['ssl'] = $waf->getRequest()->getProtocol() === 'https';

[2411] Fix | Delete

$actionData['fullRequest'] = base64_encode($waf->getRequest());

[2412] Fix | Delete

}

[2413] Fix | Delete

}

[2414] Fix | Delete

$request->actionData = wfRequestModel::serializeActionData($actionData);

[2415] Fix | Delete

register_shutdown_function(array($request, 'save'));

[2416] Fix | Delete

[2417] Fix | Delete

self::scheduleSendAttackData();

[2418] Fix | Delete

}

[2419] Fix | Delete

} catch (wfWAFStorageFileException $e) {

[2420] Fix | Delete

// We don't have anywhere to write files in this scenario.

[2421] Fix | Delete

} catch (wfWAFStorageEngineMySQLiException $e) {

[2422] Fix | Delete

// Ignore and continue

[2423] Fix | Delete

}

[2424] Fix | Delete

}

[2425] Fix | Delete

[2426] Fix | Delete

if(wfConfig::get('firewallEnabled')){

[2427] Fix | Delete

$wfLog = self::getLog();

[2428] Fix | Delete

$wfLog->firewallBadIPs();

[2429] Fix | Delete

[2430] Fix | Delete

$IP = wfUtils::getIP();

[2431] Fix | Delete

if (wfBlock::isWhitelisted($IP)) {

[2432] Fix | Delete

return;

[2433] Fix | Delete

}

[2434] Fix | Delete

if (wfConfig::get('neverBlockBG') == 'neverBlockUA' && wfCrawl::isGoogleCrawler()) {

[2435] Fix | Delete

return;

[2436] Fix | Delete

}

[2437] Fix | Delete

if (wfConfig::get('neverBlockBG') == 'neverBlockVerified' && wfCrawl::isVerifiedGoogleCrawler()) {

[2438] Fix | Delete

return;

[2439] Fix | Delete

}

[2440] Fix | Delete

[2441] Fix | Delete

if (wfConfig::get('bannedURLs', false)) {

[2442] Fix | Delete

$URLs = explode("\n", wfUtils::cleanupOneEntryPerLine(wfConfig::get('bannedURLs')));

[2443] Fix | Delete

foreach ($URLs as $URL) {

[2444] Fix | Delete

if (preg_match(wfUtils::patternToRegex($URL, ''), $_SERVER['REQUEST_URI'])) {

[2445] Fix | Delete

$reason = __('Accessed a banned URL', 'wordfence');

[2446] Fix | Delete

wfBlock::createIP($reason, $IP, wfBlock::blockDuration(), time(), time(), 1, wfBlock::TYPE_IP_AUTOMATIC_TEMPORARY);

[2447] Fix | Delete

wfActivityReport::logBlockedIP($IP, null, 'bannedurl');

[2448] Fix | Delete

$wfLog->tagRequestForBlock($reason);

[2449] Fix | Delete

$wfLog->do503(3600, __("Accessed a banned URL", 'wordfence'));

[2450] Fix | Delete

//exits

[2451] Fix | Delete

}

[2452] Fix | Delete

}

[2453] Fix | Delete

}

[2454] Fix | Delete

[2455] Fix | Delete

if (wfConfig::get('other_blockBadPOST') == '1' && $_SERVER['REQUEST_METHOD'] == 'POST' && empty($_SERVER['HTTP_USER_AGENT']) && empty($_SERVER['HTTP_REFERER'])) {

[2456] Fix | Delete

$reason = __('POST received with blank user-agent and referer', 'wordfence');

[2457] Fix | Delete

wfBlock::createIP($reason, $IP, wfBlock::blockDuration(), time(), time(), 1, wfBlock::TYPE_IP_AUTOMATIC_TEMPORARY);

[2458] Fix | Delete

wfActivityReport::logBlockedIP($IP, null, 'badpost');

[2459] Fix | Delete

$wfLog->tagRequestForBlock($reason);

[2460] Fix | Delete

$wfLog->do503(3600, __("POST received with blank user-agent and referer", 'wordfence'));

[2461] Fix | Delete

//exits

[2462] Fix | Delete

}

[2463] Fix | Delete

}

[2464] Fix | Delete

}

[2465] Fix | Delete

[2466] Fix | Delete

private static function _wflogsContents() {

[2467] Fix | Delete

$dir = opendir(WFWAF_LOG_PATH);

[2468] Fix | Delete

if ($dir) {

[2469] Fix | Delete

$contents = array();

[2470] Fix | Delete

while ($path = readdir($dir)) {

[2471] Fix | Delete

if ($path == '.' || $path == '..') { continue; }

[2472] Fix | Delete

$contents[] = $path;

[2473] Fix | Delete

}

[2474] Fix | Delete

closedir($dir);

[2475] Fix | Delete

return $contents;

[2476] Fix | Delete

}

[2477] Fix | Delete

return false;

[2478] Fix | Delete

}

[2479] Fix | Delete

[2480] Fix | Delete

/**

[2481] Fix | Delete

* Removes a path within wflogs, recursing as necessary.

[2482] Fix | Delete

[2483] Fix | Delete

* @param string $file

[2484] Fix | Delete

* @param array $processedDirs

[2485] Fix | Delete

* @return array The list of removed files/folders.

[2486] Fix | Delete

[2487] Fix | Delete

private static function _recursivelyRemoveWflogs($file, $processedDirs = array()) {

[2488] Fix | Delete

if (preg_match('~(?:^|/|\\\\)\.\.(?:/|\\\\|$)~', $file)) {

[2489] Fix | Delete

return array();

[2490] Fix | Delete

}

[2491] Fix | Delete

[2492] Fix | Delete

if (stripos(WFWAF_LOG_PATH, 'wflogs') === false) { //Sanity check -- if not in a wflogs folder, user will have to do removal manually

[2493] Fix | Delete

return array();

[2494] Fix | Delete

}

[2495] Fix | Delete

[2496] Fix | Delete

$path = rtrim(WFWAF_LOG_PATH, '/') . '/' . $file;

[2497] Fix | Delete

if (is_link($path)) {

[2498] Fix | Delete

if (@unlink($path)) {

[2499] Fix | Delete

1 2 3 456 ...21