本文整理汇总了PHP中wordfence::alert方法的典型用法代码示例。如果您正苦于以下问题:PHP wordfence::alert方法的具体用法?PHP wordfence::alert怎么用?PHP wordfence::alert使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类wordfence
的用法示例。
在下文中一共展示了wordfence::alert方法的8个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: loginAction
public static function loginAction($username)
{
if (sizeof($_POST) < 1) {
return;
}
//only execute if login form is posted
if (!$username) {
return;
}
wfConfig::inc('totalLogins');
$user = get_user_by('login', $username);
$userID = $user ? $user->ID : 0;
self::getLog()->logLogin('loginOK', 0, $username);
if (wfUtils::isAdmin($user)) {
wfConfig::set_ser('lastAdminLogin', array('userID' => $userID, 'username' => $username, 'firstName' => $user->first_name, 'lastName' => $user->last_name, 'time' => wfUtils::localHumanDateShort(), 'IP' => wfUtils::getIP()));
}
if (user_can($userID, 'update_core')) {
if (wfConfig::get('alertOn_adminLogin')) {
wordfence::alert("Admin Login", "A user with username \"{$username}\" who has administrator access signed in to your WordPress site.", wfUtils::getIP());
}
} else {
if (wfConfig::get('alertOn_nonAdminLogin')) {
wordfence::alert("User login", "A non-admin user with username \"{$username}\" signed in to your WordPress site.", wfUtils::getIP());
}
}
}
示例2: authenticateFilter
//.........这里部分代码省略.........
if (self::hasGDLimitLoginsMUPlugin() && function_exists('limit_login_get_address')) {
$retries = get_option('limit_login_retries', array());
$ip = limit_login_get_address();
if (!is_array($retries)) {
$retries = array();
}
if (isset($retries[$ip]) && is_int($retries[$ip])) {
$retries[$ip]--;
} else {
$retries[$ip] = 0;
}
update_option('limit_login_retries', $retries);
}
$allowSeparatePrompt = ini_get('output_buffering') > 0;
if (wfConfig::get('loginSec_enableSeparateTwoFactor') && $allowSeparatePrompt) {
self::$authError = new WP_Error('twofactor_required', __('<strong>CHECK YOUR PHONE</strong>: A code has been sent to your phone and will arrive within 30 seconds. Enter it below to sign in.') . '<!-- wftwofactornonce:' . $userDat->ID . '/' . $loginNonce . ' -->');
return self::$authError;
} else {
self::$authError = new WP_Error('twofactor_required', __('<strong>CHECK YOUR PHONE</strong>: A code has been sent to your phone and will arrive within 30 seconds. Please sign in again and add a space, the letters <code>wf</code>, and the code to the end of your password (e.g., <code>wf123456</code>).'));
return self::$authError;
}
} else {
//oops, our API returned an error.
$requireAdminTwoFactor = false;
//Let them sign in without two factor because the API is broken and we don't want to lock users out of their own systems.
}
}
} catch (Exception $e) {
if (self::isDebugOn()) {
error_log('TOTP SMS error: ' . $e->getMessage());
}
$requireAdminTwoFactor = false;
// Couldn't connect to noc1, let them sign in since the password was correct.
}
}
} else {
//Old method phone authentication
$api = new wfAPI(wfConfig::get('apiKey'), wfUtils::getWPVersion());
try {
$codeResult = $api->call('twoFactor_verification', array(), array('phone' => $twoFactorRecord[1]));
if (isset($codeResult['notPaid']) && $codeResult['notPaid']) {
$requireAdminTwoFactor = false;
//Let them sign in without two factor if their API key has expired or they're not paid and for some reason they have this set up.
} else {
if (isset($codeResult['ok']) && $codeResult['ok']) {
$twoFactorRecord[2] = $codeResult['code'];
$twoFactorRecord[4] = time() + 1800;
//30 minutes until code expires
wfConfig::set_ser('twoFactorUsers', $twoFactorUsers);
//save the code the user needs to enter and return an error.
if (self::hasGDLimitLoginsMUPlugin() && function_exists('limit_login_get_address')) {
$retries = get_option('limit_login_retries', array());
$ip = limit_login_get_address();
if (!is_array($retries)) {
$retries = array();
}
if (isset($retries[$ip]) && is_int($retries[$ip])) {
$retries[$ip]--;
} else {
$retries[$ip] = 0;
}
update_option('limit_login_retries', $retries);
}
$allowSeparatePrompt = ini_get('output_buffering') > 0;
if (wfConfig::get('loginSec_enableSeparateTwoFactor') && $allowSeparatePrompt) {
self::$authError = new WP_Error('twofactor_required', __('<strong>CHECK YOUR PHONE</strong>: A code has been sent to your phone and will arrive within 30 seconds. Enter it below to sign in.') . '<!-- wftwofactornonce:' . $userDat->ID . '/' . $loginNonce . ' -->');
return self::$authError;
} else {
self::$authError = new WP_Error('twofactor_required', __('<strong>CHECK YOUR PHONE</strong>: A code has been sent to your phone and will arrive within 30 seconds. Please sign in again and add a space and the code to the end of your password (e.g., <code>wfABCD</code>).'));
return self::$authError;
}
} else {
//oops, our API returned an error.
$requireAdminTwoFactor = false;
//Let them sign in without two factor because the API is broken and we don't want to lock users out of their own systems.
}
}
} catch (Exception $e) {
$requireAdminTwoFactor = false;
// Couldn't connect to noc1, let them sign in since the password was correct.
}
}
//end: Old method phone authentication
}
}
}
if ($requireAdminTwoFactor && wfUtils::isAdmin($authUser)) {
$username = $authUser->user_login;
self::getLog()->logLogin('loginFailValidUsername', 1, $username);
wordfence::alert("Admin Login Blocked", "A user with username \"{$username}\" who has administrator access tried to sign in to your WordPress site. Access was denied because all administrator accounts are required to have Cellphone Sign-in enabled but this account does not.", wfUtils::getIP());
self::$authError = new WP_Error('twofactor_disabled_required', __('<strong>Cellphone Sign-in Required</strong>: Cellphone Sign-in is required for all administrator accounts. Please contact the site administrator to enable it for your account.'));
return self::$authError;
}
//User is not configured for two factor. Sign in without two factor.
}
}
}
//End: if ($checkTwoFactor)
return self::processBruteForceAttempt($authUser, $username, $passwd);
}
示例3: takeBlockingAction
private function takeBlockingAction($configVar, $reason)
{
if ($this->googleSafetyCheckOK()) {
$action = wfConfig::get($configVar . '_action');
if (!$action) {
//error_log("Wordfence action missing for configVar: $configVar");
return;
}
$secsToGo = 0;
if ($action == 'block') {
$IP = wfUtils::getIP();
$this->blockIP($IP, $reason);
$secsToGo = wfConfig::get('blockedTime');
//Moved the following code AFTER the block to prevent multiple emails.
if (wfConfig::get('alertOn_block')) {
wordfence::alert("Blocking IP {$IP}", "Wordfence has blocked IP address {$IP}.\nThe reason is: \"{$reason}\".", $IP);
}
wordfence::status(2, 'info', "Blocking IP {$IP}. {$reason}");
} else {
if ($action == 'throttle') {
$IP = wfUtils::getIP();
$this->getDB()->queryWrite("insert into " . $this->throttleTable . " (IP, startTime, endTime, timesThrottled, lastReason) values (%s, unix_timestamp(), unix_timestamp(), 1, '%s') ON DUPLICATE KEY UPDATE endTime=unix_timestamp(), timesThrottled = timesThrottled + 1, lastReason='%s'", wfUtils::inet_pton($IP), $reason, $reason);
wordfence::status(2, 'info', "Throttling IP {$IP}. {$reason}");
wfConfig::inc('totalIPsThrottled');
$secsToGo = 60;
}
}
$this->do503($secsToGo, $reason);
} else {
return;
}
}
示例4: autoUpdate
public static function autoUpdate()
{
try {
if (getenv('noabort') != '1' && stristr($_SERVER['SERVER_SOFTWARE'], 'litespeed') !== false) {
$lastEmail = self::get('lastLiteSpdEmail', false);
if (!$lastEmail || time() - (int) $lastEmail > 86400 * 30) {
self::set('lastLiteSpdEmail', time());
wordfence::alert("Wordfence Upgrade not run. Please modify your .htaccess", "To preserve the integrity of your website we are not running Wordfence auto-update.\n" . "You are running the LiteSpeed web server which has been known to cause a problem with Wordfence auto-update.\n" . "Please go to your website now and make a minor change to your .htaccess to fix this.\n" . "You can find out how to make this change at:\n" . "https://support.wordfence.com/solution/articles/1000129050-running-wordfence-under-litespeed-web-server-and-preventing-process-killing-or\n" . "\nAlternatively you can disable auto-update on your website to stop receiving this message and upgrade Wordfence manually.\n", '127.0.0.1');
}
return;
}
require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php';
require_once ABSPATH . 'wp-admin/includes/misc.php';
/* We were creating show_message here so that WP did not write to STDOUT. This had the strange effect of throwing an error about redeclaring show_message function, but only when a crawler hit the site and triggered the cron job. Not a human. So we're now just require'ing misc.php which does generate output, but that's OK because it is a loopback cron request.
if(! function_exists('show_message')){
function show_message($msg = 'null'){}
}
*/
define('FS_METHOD', 'direct');
require_once ABSPATH . 'wp-includes/update.php';
require_once ABSPATH . 'wp-admin/includes/file.php';
wp_update_plugins();
ob_start();
$upgrader = new Plugin_Upgrader();
$upret = $upgrader->upgrade('wordfence/wordfence.php');
if ($upret) {
$cont = file_get_contents(WP_PLUGIN_DIR . '/wordfence/wordfence.php');
if (wfConfig::get('alertOn_update') == '1' && preg_match('/Version: (\\d+\\.\\d+\\.\\d+)/', $cont, $matches)) {
wordfence::alert("Wordfence Upgraded to version " . $matches[1], "Your Wordfence installation has been upgraded to version " . $matches[1], '127.0.0.1');
}
}
$output = @ob_get_contents();
@ob_end_clean();
} catch (Exception $e) {
}
}
示例5: autoUpdate
public static function autoUpdate()
{
try {
require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php';
if (!function_exists('show_message')) {
function show_message($msg = 'null')
{
}
}
define('FS_METHOD', 'direct');
require_once ABSPATH . 'wp-includes/update.php';
require_once ABSPATH . 'wp-admin/includes/file.php';
wp_update_plugins();
ob_start();
$upgrader = new Plugin_Upgrader();
$upret = $upgrader->upgrade('wordfence/wordfence.php');
if ($upret) {
$cont = file_get_contents(WP_PLUGIN_DIR . '/wordfence/wordfence.php');
if (wfConfig::get('alertOn_update') == '1' && preg_match('/Version: (\\d+\\.\\d+\\.\\d+)/', $cont, $matches)) {
wordfence::alert("Wordfence Upgraded to version " . $matches[1], "Your Wordfence installation has been upgraded to version " . $matches[1], '127.0.0.1');
}
}
$output = ob_get_contents();
ob_end_clean();
} catch (Exception $e) {
}
}
示例6: loginAction
public static function loginAction($username)
{
if (sizeof($_POST) < 1) {
return;
}
//only execute if login form is posted
if (!$username) {
return;
}
$user = get_user_by('login', $username);
$userID = $user ? $user->ID : 0;
self::getLog()->logLogin('loginOK', 0, $username);
if (user_can($userID, 'update_core')) {
if (wfConfig::get('alertOn_adminLogin')) {
wordfence::alert("Admin Login", "A user with username \"{$username}\" who has administrator access signed in to your WordPress site.", wfUtils::getIP());
}
} else {
if (wfConfig::get('alertOn_nonAdminLogin')) {
wordfence::alert("User login", "A non-admin user with username \"{$username}\" signed in to your WordPress site.", wfUtils::getIP());
}
}
}
示例7: autoUpdate
public static function autoUpdate()
{
try {
require_once ABSPATH . 'wp-admin/includes/class-wp-upgrader.php';
require_once ABSPATH . 'wp-admin/includes/misc.php';
/* We were creating show_message here so that WP did not write to STDOUT. This had the strange effect of throwing an error about redeclaring show_message function, but only when a crawler hit the site and triggered the cron job. Not a human. So we're now just require'ing misc.php which does generate output, but that's OK because it is a loopback cron request.
if(! function_exists('show_message')){
function show_message($msg = 'null'){}
}
*/
define('FS_METHOD', 'direct');
require_once ABSPATH . 'wp-includes/update.php';
require_once ABSPATH . 'wp-admin/includes/file.php';
wp_update_plugins();
ob_start();
$upgrader = new Plugin_Upgrader();
$upret = $upgrader->upgrade('wordfence/wordfence.php');
if ($upret) {
$cont = file_get_contents(WP_PLUGIN_DIR . '/wordfence/wordfence.php');
if (wfConfig::get('alertOn_update') == '1' && preg_match('/Version: (\\d+\\.\\d+\\.\\d+)/', $cont, $matches)) {
wordfence::alert("Wordfence Upgraded to version " . $matches[1], "Your Wordfence installation has been upgraded to version " . $matches[1], '127.0.0.1');
}
}
$output = @ob_get_contents();
@ob_end_clean();
} catch (Exception $e) {
}
}
示例8: authenticateFilter
//.........这里部分代码省略.........
break;
}
if (isset($codeResult['ok']) && $codeResult['ok']) {
$t[2] = $codeResult['code'];
$t[4] = time() + 1800;
//30 minutes until code expires
wfConfig::set_ser('twoFactorUsers', $twoFactorUsers);
//save the code the user needs to enter and return an error.
if (self::hasGDLimitLoginsMUPlugin() && function_exists('limit_login_get_address')) {
$retries = get_option('limit_login_retries', array());
$ip = limit_login_get_address();
if (!is_array($retries)) {
$retries = array();
}
if (isset($retries[$ip]) && is_int($retries[$ip])) {
$retries[$ip]--;
} else {
$retries[$ip] = 0;
}
update_option('limit_login_retries', $retries);
}
self::$authError = new WP_Error('twofactor_required', __('<strong>CHECK YOUR PHONE</strong>: A code has been sent to your phone and will arrive within 30 seconds. Please sign in again and add a space and the code to the end of your password.'));
return self::$authError;
} else {
//oops, our API returned an error.
break;
//Let them sign in without two factor because the API is broken and we don't want to lock users out of their own systems.
}
}
}
if ($requireAdminTwoFactor && wfUtils::isAdmin($authUser)) {
$username = $authUser->user_login;
self::getLog()->logLogin('loginFailValidUsername', 1, $username);
wordfence::alert("Admin Login Blocked", "A user with username \"{$username}\" who has administrator access tried to sign in to your WordPress site. Access was denied because all administrator accounts are required to have Cellphone Sign-in enabled but this account does not.", wfUtils::getIP());
self::$authError = new WP_Error('twofactor_disabled_required', __('<strong>Cellphone Sign-in Required</strong>: Cellphone Sign-in is required for all administrator accounts. Please contact the site administrator to enable it for your account.'));
return self::$authError;
}
//User is not configured for two factor. Sign in without two factor.
}
}
}
}
if (self::getLog()->isWhitelisted($IP)) {
return $authUser;
}
if (wfConfig::get('other_WFNet') && is_wp_error($authUser) && ($authUser->get_error_code() == 'invalid_username' || $authUser->get_error_code() == 'incorrect_password')) {
if ($maxBlockTime = self::wfsnIsBlocked($IP, 'brute')) {
self::getLog()->blockIP($IP, "Blocked by Wordfence Security Network", true, false, $maxBlockTime);
$secsToGo = wfConfig::get('blockedTime');
self::getLog()->do503($secsToGo, "Blocked by Wordfence Security Network");
}
}
if ($secEnabled) {
if (is_wp_error($authUser) && $authUser->get_error_code() == 'invalid_username') {
if ($blacklist = wfConfig::get('loginSec_userBlacklist')) {
$users = explode("\n", wfUtils::cleanupOneEntryPerLine($blacklist));
foreach ($users as $user) {
if (strtolower($username) == strtolower($user)) {
self::getLog()->blockIP($IP, "Blocked by login security setting.");
$secsToGo = wfConfig::get('blockedTime');
self::getLog()->do503($secsToGo, "Blocked by login security setting.");
break;
}
}
}
if (wfConfig::get('loginSec_lockInvalidUsers')) {