本文整理汇总了PHP中ITSEC_Lib::ip_mask_to_range方法的典型用法代码示例。如果您正苦于以下问题:PHP ITSEC_Lib::ip_mask_to_range方法的具体用法?PHP ITSEC_Lib::ip_mask_to_range怎么用?PHP ITSEC_Lib::ip_mask_to_range使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类ITSEC_Lib
的用法示例。
在下文中一共展示了ITSEC_Lib::ip_mask_to_range方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: get_server_config_ban_hosts_rules
protected function get_server_config_ban_hosts_rules($server_type)
{
if (true !== $this->settings['enabled']) {
return '';
}
if (!is_array($this->settings['host_list']) || empty($this->settings['host_list'])) {
return '';
}
if (!class_exists('ITSEC_Ban_Users')) {
require dirname(__FILE__) . '/class-itsec-ban-users.php';
}
$host_rules = '';
$set_env_rules = '';
$deny_rules = '';
$require_rules = '';
// process hosts list
foreach ($this->settings['host_list'] as $host) {
$host = ITSEC_Lib::ip_wild_to_mask($host);
$host = trim($host);
if (empty($host)) {
continue;
}
if (ITSEC_Ban_Users::is_ip_whitelisted($host)) {
/**
* @todo warn the user the ip to be banned is whitelisted
*/
continue;
}
if (in_array($server_type, array('apache', 'litespeed'))) {
$converted_host = ITSEC_Lib::ip_mask_to_range($host);
$converted_host = trim($converted_host);
if (empty($converted_host)) {
continue;
}
$set_env_host = str_replace('.', '\\.', $converted_host);
$set_env_rules .= "\tSetEnvIF REMOTE_ADDR \"^{$set_env_host}\$\" DenyAccess\n";
// Ban IP
$set_env_rules .= "\tSetEnvIF X-FORWARDED-FOR \"^{$set_env_host}\$\" DenyAccess\n";
// Ban IP from a proxy
$set_env_rules .= "\tSetEnvIF X-CLUSTER-CLIENT-IP \"^{$set_env_host}\$\" DenyAccess\n";
// Ban IP from a load balancer
$set_env_rules .= "\n";
$require_host = str_replace('.[0-9]+', '', $converted_host);
$require_rules .= "\t\t\tRequire not ip {$require_host}\n";
$deny_rules .= "\t\tDeny from {$require_host}\n";
} else {
if ('nginx' === $server_type) {
$host_rules .= "\tdeny {$host};\n";
}
}
}
$rules = '';
if ('apache' === $server_type) {
if (!empty($set_env_rules)) {
$rules .= "\n";
$rules .= "\t# " . __('Ban Hosts - Security > Settings > Banned Users', 'better-wp-security') . "\n";
$rules .= $set_env_rules;
$rules .= "\t<IfModule mod_authz_core.c>\n";
$rules .= "\t\t<RequireAll>\n";
$rules .= "\t\t\tRequire all granted\n";
$rules .= "\t\t\tRequire not env DenyAccess\n";
$rules .= $require_rules;
$rules .= "\t\t</RequireAll>\n";
$rules .= "\t</IfModule>\n";
$rules .= "\t<IfModule !mod_authz_core.c>\n";
$rules .= "\t\tOrder allow,deny\n";
$rules .= "\t\tAllow from all\n";
$rules .= "\t\tDeny from env=DenyAccess\n";
$rules .= $deny_rules;
$rules .= "\t</IfModule>\n";
}
} else {
if ('litespeed' === $server_type) {
if (!empty($set_env_rules)) {
$rules .= "\n";
$rules .= "\t# " . __('Ban Hosts - Security > Settings > Banned Users', 'better-wp-security') . "\n";
$rules .= $set_env_rules;
$rules .= "\t<IfModule mod_litespeed.c>\n";
$rules .= "\t\tOrder allow,deny\n";
$rules .= "\t\tAllow from all\n";
$rules .= "\t\tDeny from env=DenyAccess\n";
$rules .= $deny_rules;
$rules .= "\t</IfModule>\n";
}
} else {
if ('nginx' === $server_type) {
if (!empty($host_rules)) {
$rules .= "\n";
$rules .= "# " . __('Ban Hosts - Security > Settings > Banned Users', 'better-wp-security') . "\n";
$rules .= $host_rules;
}
}
}
}
return $rules;
}
示例2: build_rewrite_rules
/**
* Build the rewrite rules and sends them to the file writer
*
* @param array $input array of options, ips, etc
* @param boolean $current whether the current IP can be included in the ban list
*
* @return array array of rules to send to file writer
*/
public static function build_rewrite_rules($input = null, $current = false)
{
//setup data structures to write. These are simply lists of all IPs and hosts as well as options to check
if ($input === null) {
//blocking ip on the fly
$input = get_site_option('itsec_ban_users');
}
$default = $input['default'];
$enabled = $input['enabled'];
$raw_host_list = $input['host_list'];
$raw_agent_list = $input['agent_list'];
$server_type = ITSEC_Lib::get_server();
//Get the server type to build the right rules
//initialize lists so we can check later if we've used them
$host_list = '';
$agent_list = '';
$default_list = '';
$host_rule2 = '';
//load the default blacklist if needed
if ($default === true && $server_type === 'nginx') {
$default_list = file_get_contents(plugin_dir_path(__FILE__) . 'lists/hackrepair-nginx.inc');
} elseif ($default === true) {
$default_list = file_get_contents(plugin_dir_path(__FILE__) . 'lists/hackrepair-apache.inc');
}
//Only process other lists if the feature has been enabled
if ($enabled === true) {
//process hosts list
if (is_array($raw_host_list)) {
foreach ($raw_host_list as $host) {
$host = ITSEC_Lib::ip_wild_to_mask($host);
if (!class_exists('ITSEC_Ban_Users')) {
require dirname(__FILE__) . '/class-itsec-ban-users.php';
}
if (!ITSEC_Ban_Users::is_ip_whitelisted($host, null, $current)) {
$converted_host = ITSEC_Lib::ip_mask_to_range($host);
if (strlen(trim($converted_host)) > 1) {
if ($server_type === 'nginx') {
//NGINX rules
$host_rule = "\tdeny " . trim($host) . ';';
} else {
//rules for all other servers
$dhost = str_replace('.', '\\.', trim($converted_host));
//re-define $dhost to match required output for SetEnvIf-RegEX
$host_rule = "SetEnvIF REMOTE_ADDR \"^" . $dhost . "\$\" DenyAccess" . PHP_EOL;
//Ban IP
$host_rule .= "SetEnvIF X-FORWARDED-FOR \"^" . $dhost . "\$\" DenyAccess" . PHP_EOL;
//Ban IP from Proxy-User
$host_rule .= "SetEnvIF X-CLUSTER-CLIENT-IP \"^" . $dhost . "\$\" DenyAccess" . PHP_EOL;
//Ban IP for Cluster/Cloud-hosted WP-Installs
$host_rule2 .= "deny from " . str_replace('.[0-9]+', '', trim($converted_host)) . PHP_EOL;
}
}
$host_list .= $host_rule . PHP_EOL;
//build large string of all hosts
} else {
/**
* @todo warn the user the ip to be banned is whitelisted
*/
}
}
}
//Process the agents list
if (is_array($raw_agent_list)) {
$count = 1;
//to help us find the last one
foreach ($raw_agent_list as $agent) {
if (strlen(trim($agent)) > 1) {
//if it isn't the last rule make sure we add an or
if ($count < sizeof($agent)) {
$end = ' [NC,OR]' . PHP_EOL;
} else {
$end = ' [NC]' . PHP_EOL;
}
if (strlen(trim($agent)) > 1) {
if ($server_type === 'nginx') {
//NGINX rule
$converted_agent = 'if ($http_user_agent ~* "^' . quotemeta(trim($agent)) . '"){ return 403; }' . PHP_EOL;
} else {
//Rule for all other servers
$converted_agent = 'RewriteCond %{HTTP_USER_AGENT} ^' . str_replace(' ', '\\ ', quotemeta(trim($agent))) . $end;
}
}
$agent_list .= $converted_agent;
//build large string of all agents
}
$count++;
}
}
}
$rules = '';
//initialize rules
//Start with default rules if we have them
//.........这里部分代码省略.........