当前位置: 首页>>代码示例>>PHP>>正文


PHP ITSEC_Lib::get_domain方法代码示例

本文整理汇总了PHP中ITSEC_Lib::get_domain方法的典型用法代码示例。如果您正苦于以下问题:PHP ITSEC_Lib::get_domain方法的具体用法?PHP ITSEC_Lib::get_domain怎么用?PHP ITSEC_Lib::get_domain使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在ITSEC_Lib的用法示例。


在下文中一共展示了ITSEC_Lib::get_domain方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: build_rewrite_rules


//.........这里部分代码省略.........
             //NGINX rules
             $rules .= "\tlocation ~ xmlrpc.php { deny all; }" . PHP_EOL;
         } else {
             //rules for all other servers
             $rules .= "<files xmlrpc.php>" . PHP_EOL . "\tOrder allow,deny" . PHP_EOL . "\tDeny from all" . PHP_EOL . "</files>" . PHP_EOL;
         }
     }
     //Primary Rules for Directory Browsing
     if ($input['directory_browsing'] == true) {
         if (strlen($rules) > 1) {
             $rules .= PHP_EOL;
         }
         $rules .= "# " . __('Rules to disable directory browsing', 'it-l10n-ithemes-security-pro') . PHP_EOL;
         if ($server_type !== 'nginx') {
             //Don't use this on NGINX
             $rules .= "Options -Indexes" . PHP_EOL;
         }
     }
     //Apache rewrite rules (and related NGINX rules)
     if ($input['protect_files'] == true || $input['uploads_php'] == true || $input['request_methods'] == true || $input['suspicious_query_strings'] == true || $input['non_english_characters'] == true || $input['comment_spam'] == true) {
         if (strlen($rules) > 1) {
             $rules .= PHP_EOL;
         }
         //Open Apache rewrite rules
         if ($server_type !== 'nginx') {
             $rules .= "<IfModule mod_rewrite.c>" . PHP_EOL . "\tRewriteEngine On" . PHP_EOL;
         }
         //Rewrite Rules for Protect Files
         if ($input['protect_files'] == true && $server_type !== 'nginx') {
             $rules .= PHP_EOL . "\t# " . __('Rules to protect wp-includes', 'it-l10n-ithemes-security-pro') . PHP_EOL;
             $rules .= "\tRewriteRule ^wp-admin/includes/ - [F]" . PHP_EOL . "\tRewriteRule !^wp-includes/ - [S=3]" . PHP_EOL . "\tRewriteCond %{SCRIPT_FILENAME} !^(.*)wp-includes/ms-files.php" . PHP_EOL . "\tRewriteRule ^wp-includes/[^/]+\\.php\$ - [F]" . PHP_EOL . "\tRewriteRule ^wp-includes/js/tinymce/langs/.+\\.php - [F]" . PHP_EOL . "\tRewriteRule ^wp-includes/theme-compat/ - [F]" . PHP_EOL;
         }
         //Rewrite Rules for Disable PHP in Uploads
         if ($input['uploads_php'] === true) {
             $rules .= PHP_EOL . "\t# " . __('Rules to prevent php execution in uploads', 'it-l10n-ithemes-security-pro') . PHP_EOL;
             if ($server_type !== 'nginx') {
                 $rules .= "\tRewriteRule ^(.*)/uploads/(.*).php(.?) - [F]" . PHP_EOL;
             } else {
                 //rules for all other servers
                 $rules .= "\tlocation ^(.*)/uploads/(.*).php(.?){ deny all; }" . PHP_EOL;
             }
         }
         //Apache rewrite rules for disable http methods
         if ($input['request_methods'] == true) {
             $rules .= PHP_EOL . "\t# " . __('Rules to block unneeded HTTP methods', 'it-l10n-ithemes-security-pro') . PHP_EOL;
             if ($server_type === 'nginx') {
                 //NGINX rules
                 $rules .= "\tif (\$request_method ~* \"^(TRACE|DELETE|TRACK)\"){ return 403; }" . PHP_EOL;
             } else {
                 //rules for all other servers
                 $rules .= "\tRewriteCond %{REQUEST_METHOD} ^(TRACE|DELETE|TRACK) [NC]" . PHP_EOL . "\tRewriteRule ^(.*)\$ - [F]" . PHP_EOL;
             }
         }
         //Process suspicious query rules
         if ($input['suspicious_query_strings'] == true) {
             $rules .= PHP_EOL . "\t# " . __('Rules to block suspicious URIs', 'it-l10n-ithemes-security-pro') . PHP_EOL;
             if ($server_type === 'nginx') {
                 //NGINX rules
                 $rules .= "\tset \$susquery 0;" . PHP_EOL . "\tif (\$args ~* \"\\.\\./\") { set \$susquery 1; }" . PHP_EOL . "\tif (\$args ~* \"\\.(bash|git|hg|log|svn|swp|cvs)\") { set \$susquery 1; }" . PHP_EOL . "\tif (\$args ~* \"etc/passwd\") { set \$susquery 1; }" . PHP_EOL . "\tif (\$args ~* \"boot.ini\") { set \$susquery 1; }" . PHP_EOL . "\tif (\$args ~* \"ftp:\") { set \$susquery 1; }" . PHP_EOL . "\tif (\$args ~* \"http:\") { set \$susquery 1; }" . PHP_EOL . "\tif (\$args ~* \"https:\") { set \$susquery 1; }" . PHP_EOL . "\tif (\$args ~* \"(<|%3C).*script.*(>|%3E)\") { set \$susquery 1; }" . PHP_EOL . "\tif (\$args ~* \"mosConfig_[a-zA-Z_]{1,21}(=|%3D)\") { set \$susquery 1; }" . PHP_EOL . "\tif (\$args ~* \"base64_encode\") { set \$susquery 1; }" . PHP_EOL . "\tif (\$args ~* \"(%24&x)\") { set \$susquery 1; }" . PHP_EOL . "\tif (\$args ~* \"(127.0)\") { set \$susquery 1; }" . PHP_EOL . "\tif (\$args ~* \"(globals|encode|localhost|loopback)\") { set \$susquery 1; }" . PHP_EOL . "\tif (\$args ~* \"(request|insert|concat|union|declare)\") { set \$susquery 1; }" . PHP_EOL . "\tif (\$args !~ \"^loggedout=true\"){ set \$susquery 0; }" . PHP_EOL . "\tif (\$args !~ \"^action=jetpack-sso\"){ set \$susquery 0; }" . PHP_EOL . "\tif (\$args !~ \"^action=rp\"){ set \$susquery 0; }" . PHP_EOL . "\tif (\$http_cookie !~ \"^.*wordpress_logged_in_.*\$\"){ set \$susquery 0; }" . PHP_EOL . "\tif (\$http_referer !~ \"^http://maps.googleapis.com(.*)\$\"){ set \$susquery 0; }" . PHP_EOL . "\tif (\$susquery = 1) { return 403; } " . PHP_EOL;
             } else {
                 //rules for all other servers
                 $rules .= "\tRewriteCond %{QUERY_STRING} \\.\\.\\/ [NC,OR]" . PHP_EOL . "\tRewriteCond %{QUERY_STRING} ^.*\\.(bash|git|hg|log|svn|swp|cvs) [NC,OR]" . PHP_EOL . "\tRewriteCond %{QUERY_STRING} etc/passwd [NC,OR]" . PHP_EOL . "\tRewriteCond %{QUERY_STRING} boot\\.ini [NC,OR]" . PHP_EOL . "\tRewriteCond %{QUERY_STRING} ftp\\:  [NC,OR]" . PHP_EOL . "\tRewriteCond %{QUERY_STRING} http\\:  [NC,OR]" . PHP_EOL . "\tRewriteCond %{QUERY_STRING} https\\:  [NC,OR]" . PHP_EOL . "\tRewriteCond %{QUERY_STRING} (\\<|%3C).*script.*(\\>|%3E) [NC,OR]" . PHP_EOL . "\tRewriteCond %{QUERY_STRING} mosConfig_[a-zA-Z_]{1,21}(=|%3D) [NC,OR]" . PHP_EOL . "\tRewriteCond %{QUERY_STRING} base64_encode.*\\(.*\\) [NC,OR]" . PHP_EOL . "\tRewriteCond %{QUERY_STRING} ^.*(%24&x).* [NC,OR]" . PHP_EOL . "\tRewriteCond %{QUERY_STRING} ^.*(127\\.0).* [NC,OR]" . PHP_EOL . "\tRewriteCond %{QUERY_STRING} ^.*(globals|encode|localhost|loopback).* [NC,OR]" . PHP_EOL . "\tRewriteCond %{QUERY_STRING} ^.*(request|concat|insert|union|declare).* [NC]" . PHP_EOL . "\tRewriteCond %{QUERY_STRING} !^loggedout=true" . PHP_EOL . "\tRewriteCond %{QUERY_STRING} !^action=jetpack-sso" . PHP_EOL . "\tRewriteCond %{QUERY_STRING} !^action=rp" . PHP_EOL . "\tRewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in_.*\$" . PHP_EOL . "\tRewriteCond %{HTTP_REFERER} !^http://maps\\.googleapis\\.com(.*)\$" . PHP_EOL . "\tRewriteRule ^(.*)\$ - [F]" . PHP_EOL;
             }
         }
         //Process filtering of foreign characters
         if ($input['non_english_characters'] == true) {
             $rules .= PHP_EOL . "\t# " . __('Rules to block foreign characters in URLs', 'it-l10n-ithemes-security-pro') . PHP_EOL;
             if ($server_type === 'nginx') {
                 //NGINX rules
                 $rules .= "\tif (\$args ~* \"(%0|%A|%B|%C|%D|%E|%F)\") { return 403; }" . PHP_EOL;
             } else {
                 //rules for all other servers
                 $rules .= "\tRewriteCond %{QUERY_STRING} ^.*(%0|%A|%B|%C|%D|%E|%F).* [NC]" . PHP_EOL . "\tRewriteRule ^(.*)\$ - [F]" . PHP_EOL;
             }
         }
         //Process Comment spam rules
         if ($input['comment_spam'] == true) {
             $rules .= PHP_EOL . "\t# " . __('Rules to help reduce spam', 'it-l10n-ithemes-security-pro') . PHP_EOL;
             if ($server_type === 'nginx') {
                 //NGINX rules
                 $rules .= "\tlocation /wp-comments-post.php {" . PHP_EOL . "\t\tvalid_referers jetpack.wordpress.com/jetpack-comment/ " . ITSEC_Lib::get_domain(get_site_url(), false) . ";" . PHP_EOL . "\t\tset \$rule_0 0;" . PHP_EOL . "\t\tif (\$request_method ~ \"POST\"){ set \$rule_0 1\$rule_0; }" . PHP_EOL . "\t\tif (\$invalid_referer) { set \$rule_0 2\$rule_0; }" . PHP_EOL . "\t\tif (\$http_user_agent ~ \"^\$\"){ set \$rule_0 3\$rule_0; }" . PHP_EOL . "\t\tif (\$rule_0 = \"3210\") { return 403; }" . PHP_EOL . "\t}";
             } else {
                 //rules for all other servers
                 $rules .= "\tRewriteCond %{REQUEST_METHOD} POST" . PHP_EOL . "\tRewriteCond %{REQUEST_URI} ^(.*)wp-comments-post\\.php*" . PHP_EOL . "\tRewriteCond %{HTTP_REFERER} !^" . ITSEC_Lib::get_domain(get_site_url()) . ".* " . PHP_EOL . "\tRewriteCond %{HTTP_REFERER} !^http://jetpack\\.wordpress\\.com/jetpack-comment/ [OR]" . PHP_EOL . "\tRewriteCond %{HTTP_USER_AGENT} ^\$" . PHP_EOL . "\tRewriteRule ^(.*)\$ - [F]" . PHP_EOL;
             }
         }
         //Close Apache Rewrite rules
         if ($server_type !== 'nginx') {
             //non NGINX rules
             $rules .= "</IfModule>";
         }
     }
     if (strlen($rules) > 0) {
         $rules = explode(PHP_EOL, $rules);
     } else {
         $rules = false;
     }
     //create a proper array for writing
     return array('type' => 'htaccess', 'priority' => 10, 'name' => 'Tweaks', 'rules' => $rules);
 }
开发者ID:femgineer,项目名称:website,代码行数:101,代码来源:class-itsec-tweaks-admin.php

示例2: get_valid_referers

	protected function get_valid_referers( $server_type ) {
		$valid_referers = array();
		
		if ( 'apache' === $server_type ) {
			$domain = ITSEC_Lib::get_domain( get_site_url() );
			
			if ( '*' == $domain ) {
				$valid_referers[] = $domain;
			} else {
				$valid_referers[] = "*.$domain";
			}
		} else if ( 'nginx' === $server_type ) {
			$valid_referers[] = 'server_names';
		} else {
			return array();
		}
		
		$valid_referers[] = 'jetpack.wordpress.com/jetpack-comment/';
		$valid_referers = apply_filters( 'itsec_filter_valid_comment_referers', $valid_referers, $server_type );
		
		if ( is_string( $valid_referers ) ) {
			$valid_referers = array( $valid_referers );
		} else if ( ! is_array( $valid_referers ) ) {
			$valid_referers = array();
		}
		
		foreach ( $valid_referers as $index => $referer ) {
			$valid_referers[$index] = preg_replace( '|^https?://|', '', $referer );
		}
		
		return $valid_referers;
	}
开发者ID:helloworld-digital,项目名称:insightvision,代码行数:32,代码来源:class-itsec-tweaks-admin.php

示例3: personal_options_update

	/**
	 * Sanitize and update user options.
	 *
	 * Sanitizes and updates user options when a user saves two-factor settings
	 * on their own profile.
	 *
	 * @since 1.2.0
	 *
	 * @param int $user_id user id
	 *
	 * @return void
	 */
	public function personal_options_update( $user_id ) {

		$enabled       = 'off';
		$enabled_input = isset( $_POST['itsec_two_factor_enabled'] ) ? sanitize_text_field( $_POST['itsec_two_factor_enabled'] ) : 'off';
		$description   = isset( $_POST['itsec_two_factor_description'] ) ? sanitize_text_field( $_POST['itsec_two_factor_description'] ) : ITSEC_Lib::get_domain( get_site_url(), false, false );
		$key           = isset( $_POST['itsec_two_factor_key'] ) ? sanitize_text_field( $_POST['itsec_two_factor_key'] ) : ITSEC_Lib::get_random( 16, true );
		$use_app       = isset( $_POST['itsec_two_factor_use_app'] ) ? sanitize_text_field( $_POST['itsec_two_factor_use_app'] ) : 'off';

		$app_passes = array();

		if ( isset( $_POST['itsec_app_pass'] ) ) {

			$saved_passes = get_user_option( 'itsec_two_factor_app_pass', $user_id );

			if ( false === $saved_passes ) {

				$saved_passes = array();

			} elseif ( ! is_array( $saved_passes ) ) {

				$app_passes = array(
					__( 'unknown', 'it-l10n-ithemes-security-pro' ) => $saved_passes,
				);

			}

			//Prevent duplicates or changing password to all hashes
			foreach ( $_POST['itsec_app_pass'] as $app_pass ) {

				$name = sanitize_text_field( trim( $app_pass['name'] ) );

				if ( ! isset( $saved_passes[ $name ] ) ) {

					$pass = wp_hash_password( strtoupper( str_replace( ' ', '', sanitize_text_field( trim( $app_pass['pass'] ) ) ) ) );

					$app_passes[ $name ] = $pass;

				} else {

					$app_passes[ $name ] = $saved_passes[ $name ];

				}

			}

		}

		$time = floor( time() / 30 ); //time to check

		if ( ( 'off' === get_user_option( 'itsec_two_factor_enabled', $user_id ) && 'on' === $enabled_input ) || ( $key !== get_user_option( 'itsec_two_factor_key', $user_id ) ) ) {

			if ( isset( $_POST['itsec_two_factor_confirm'] ) ) {

				$code = sanitize_text_field( trim( $_POST['itsec_two_factor_confirm'] ) );

			} else {

				$code = false;

			}

			if ( false !== $code && 0 < strlen( $code ) ) {

				$good_code = false;

				$offset = isset( $this->settings['offset'] ) ? intval( $this->settings['offset'] ) : 1;

				//Check both sides of the time
				for ( $i = - $offset; $i <= $offset; $i ++ ) {

					$log_time = $time + $i;

					if ( $this->get_code( $key, $log_time ) === $code ) {

						$enabled   = $enabled_input;
						$good_code = true;

					}

				}

			} else {

				$good_code = false;

			}

			if ( false === $good_code ) {
//.........这里部分代码省略.........
开发者ID:helloworld-digital,项目名称:katemorgan,代码行数:101,代码来源:class-itsec-two-factor.php


注:本文中的ITSEC_Lib::get_domain方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。