本文整理汇总了PHP中wordfence::wfsnReportBlockedAttempt方法的典型用法代码示例。如果您正苦于以下问题:PHP wordfence::wfsnReportBlockedAttempt方法的具体用法?PHP wordfence::wfsnReportBlockedAttempt怎么用?PHP wordfence::wfsnReportBlockedAttempt使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类wordfence
的用法示例。
在下文中一共展示了wordfence::wfsnReportBlockedAttempt方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: syncAttackData
public static function syncAttackData($exit = true)
{
global $wpdb;
$waf = wfWAF::getInstance();
$lastAttackMicroseconds = $wpdb->get_var("SELECT MAX(attackLogTime) FROM {$wpdb->base_prefix}wfHits");
if ($waf->getStorageEngine()->hasNewerAttackData($lastAttackMicroseconds)) {
$attackData = $waf->getStorageEngine()->getNewestAttackDataArray($lastAttackMicroseconds);
if ($attackData) {
foreach ($attackData as $request) {
if (count($request) !== 9 && count($request) !== 10) {
continue;
}
list($logTimeMicroseconds, $requestTime, $ip, $learningMode, $paramKey, $paramValue, $failedRules, $ssl, $requestString, $metadata) = $request;
// Skip old entries and hits in learning mode, since they'll get picked up anyways.
if ($logTimeMicroseconds <= $lastAttackMicroseconds || $learningMode) {
continue;
}
$hit = new wfRequestModel();
$hit->attackLogTime = $logTimeMicroseconds;
$hit->statusCode = 403;
$hit->ctime = $requestTime;
$hit->IP = wfUtils::inet_pton($ip);
if (preg_match('/user\\-agent:(.*?)\\n/i', $requestString, $matches)) {
$hit->UA = trim($matches[1]);
$hit->isGoogle = wfCrawl::isGoogleCrawler($hit->UA);
}
if (preg_match('/Referer:(.*?)\\n/i', $requestString, $matches)) {
$hit->referer = trim($matches[1]);
}
if (preg_match('/^[a-z]+\\s+(.*?)\\s+/i', $requestString, $uriMatches) && preg_match('/Host:(.*?)\\n/i', $requestString, $hostMatches)) {
$hit->URL = 'http' . ($ssl ? 's' : '') . '://' . trim($hostMatches[1]) . trim($uriMatches[1]);
}
if (preg_match('/cookie:(.*?)\\n/i', $requestString, $matches)) {
$hit->newVisit = strpos($matches[1], 'wfvt_' . crc32(site_url())) !== false ? 1 : 0;
$hasVerifiedHumanCookie = strpos($matches[1], 'wordfence_verifiedHuman') !== false;
if ($hasVerifiedHumanCookie && preg_match('/wordfence_verifiedHuman=(.*?);/', $matches[1], $cookieMatches)) {
$hit->jsRun = (int) wp_verify_nonce($cookieMatches[1], 'wordfence_verifiedHuman' . $hit->UA . $ip);
}
$hasLoginCookie = strpos($matches[1], $ssl ? SECURE_AUTH_COOKIE : AUTH_COOKIE) !== false;
if ($hasLoginCookie && preg_match('/' . ($ssl ? SECURE_AUTH_COOKIE : AUTH_COOKIE) . '=(.*?);/', $matches[1], $cookieMatches)) {
$authCookie = rawurldecode($cookieMatches[1]);
$authID = $ssl ? wp_validate_auth_cookie($authCookie, 'secure_auth') : wp_validate_auth_cookie($authCookie, 'auth');
if ($authID) {
$hit->userID = $authID;
}
}
}
$path = '/';
if (preg_match('/^[A-Z]+ (.*?) HTTP\\/1\\.1/', $requestString, $matches)) {
if (($pos = strpos($matches[1], '?')) !== false) {
$path = substr($matches[1], 0, $pos);
} else {
$path = $matches[1];
}
}
$metadata = $metadata != null ? (array) $metadata : array();
if (isset($metadata['finalAction']) && $metadata['finalAction']) {
// The request was blocked/redirected because of its IP based on the plugin's blocking settings. WAF blocks should be reported but not shown in live traffic with that as a reason.
$action = $metadata['finalAction']['action'];
$actionDescription = $action;
if (class_exists('wfWAFIPBlocksController')) {
if ($action == wfWAFIPBlocksController::WFWAF_BLOCK_UAREFIPRANGE) {
$id = $metadata['finalAction']['id'];
$wpdb->query($wpdb->prepare("UPDATE {$wpdb->base_prefix}wfBlocksAdv SET totalBlocked = totalBlocked + 1, lastBlocked = %d WHERE id = %d", $requestTime, $id));
wfActivityReport::logBlockedIP($ip);
} else {
if ($action == wfWAFIPBlocksController::WFWAF_BLOCK_COUNTRY_REDIR) {
$actionDescription .= ' (' . wfConfig::get('cbl_redirURL') . ')';
wfConfig::inc('totalCountryBlocked');
wfActivityReport::logBlockedIP($ip);
} else {
if ($action == wfWAFIPBlocksController::WFWAF_BLOCK_COUNTRY) {
wfConfig::inc('totalCountryBlocked');
wfActivityReport::logBlockedIP($ip);
} else {
if ($action == wfWAFIPBlocksController::WFWAF_BLOCK_WFSN) {
wordfence::wfsnReportBlockedAttempt($ip, 'login');
}
}
}
}
}
if (strlen($actionDescription) == 0) {
$actionDescription = 'Blocked by Wordfence';
}
if (empty($failedRules)) {
// Just a plugin block
$hit->action = 'blocked:wordfence';
if (class_exists('wfWAFIPBlocksController')) {
if ($action == wfWAFIPBlocksController::WFWAF_BLOCK_WFSN) {
$hit->action = 'blocked:wfsnrepeat';
}
}
$hit->actionDescription = $actionDescription;
} else {
if ($failedRules == 'logged') {
$hit->action = 'logged:waf';
} else {
// Blocked by the WAF but would've been blocked anyway by the plugin settings so that message takes priority
$hit->action = 'blocked:waf-always';
//.........这里部分代码省略.........
示例2: firewallBadIPs
//.........这里部分代码省略.........
$doBlock = true;
}
} else {
if ($refPattern) {
if ($refBlocked) {
$doBlock = true;
}
}
}
}
}
if ($doBlock) {
$this->getDB()->queryWrite("update " . $this->ipRangesTable . " set totalBlocked = totalBlocked + 1, lastBlocked = unix_timestamp() where id=%d", $blockRec['id']);
wfActivityReport::logBlockedIP($IP);
$this->do503(3600, "Advanced blocking in effect.");
}
}
}
//End range/UA blocking
// Country blocking
if (wfConfig::get('isPaid')) {
$blockedCountries = wfConfig::get('cbl_countries', false);
$bareRequestURI = wfUtils::extractBareURI($_SERVER['REQUEST_URI']);
$bareBypassRedirURI = wfUtils::extractBareURI(wfConfig::get('cbl_bypassRedirURL', ''));
$skipCountryBlocking = false;
if ($bareBypassRedirURI && $bareRequestURI == $bareBypassRedirURI) {
//Run this before country blocking because even if the user isn't blocked we need to set the bypass cookie so they can bypass future blocks.
$bypassRedirDest = wfConfig::get('cbl_bypassRedirDest', '');
if ($bypassRedirDest) {
self::setCBLCookieBypass();
$this->redirect($bypassRedirDest);
//exits
}
}
$bareBypassViewURI = wfUtils::extractBareURI(wfConfig::get('cbl_bypassViewURL', ''));
if ($bareBypassViewURI && $bareBypassViewURI == $bareRequestURI) {
self::setCBLCookieBypass();
$skipCountryBlocking = true;
}
if (!$skipCountryBlocking && $blockedCountries && !self::isCBLBypassCookieSet()) {
if (is_user_logged_in() && !wfConfig::get('cbl_loggedInBlocked', false)) {
//User is logged in and we're allowing logins
//Do nothing
} else {
if (strpos($_SERVER['REQUEST_URI'], '/wp-login.php') !== false && !wfConfig::get('cbl_loginFormBlocked', false)) {
//It's the login form and we're allowing that
//Do nothing
} else {
if (strpos($_SERVER['REQUEST_URI'], '/wp-login.php') === false && !wfConfig::get('cbl_restOfSiteBlocked', false)) {
//It's the rest of the site and we're allowing that
//Do nothing
} else {
if ($country = wfUtils::IP2Country($IP)) {
foreach (explode(',', $blockedCountries) as $blocked) {
if (strtoupper($blocked) == strtoupper($country)) {
//At this point we know the user has been blocked
if (wfConfig::get('cbl_action') == 'redir') {
$redirURL = wfConfig::get('cbl_redirURL');
$eRedirHost = wfUtils::extractHostname($redirURL);
$isExternalRedir = false;
if ($eRedirHost && $eRedirHost != wfUtils::extractHostname(home_url())) {
//It's an external redirect...
$isExternalRedir = true;
}
if (!$isExternalRedir && wfUtils::extractBareURI($redirURL) == $bareRequestURI) {
//Is this the URI we want to redirect to, then don't block it
//Do nothing
/* Uncomment the following if page components aren't loading for the page we redirect to.
Uncommenting is not recommended because it means that anyone from a blocked country
can crawl your site by sending the page blocked users are redirected to as the referer for every request.
But it's your call.
} else if(wfUtils::extractBareURI($_SERVER['HTTP_REFERER']) == $redirURL){ //If the referer the page we want to redirect to? Then this might be loading as a component so don't block.
//Do nothing
*/
} else {
$this->redirect(wfConfig::get('cbl_redirURL'));
}
} else {
$this->do503(3600, "Access from your area has been temporarily limited for security reasons");
wfConfig::inc('totalCountryBlocked');
}
}
}
}
}
}
}
}
}
if ($rec = $this->getDB()->querySingleRec("select blockedTime, reason from " . $this->blocksTable . " where IP=%s and (permanent=1 OR (blockedTime + %s > unix_timestamp()))", $IPnum, wfConfig::get('blockedTime'))) {
$this->getDB()->queryWrite("update " . $this->blocksTable . " set lastAttempt=unix_timestamp(), blockedHits = blockedHits + 1 where IP=%s", $IPnum);
$now = $this->getDB()->querySingle("select unix_timestamp()");
$secsToGo = $rec['blockedTime'] + wfConfig::get('blockedTime') - $now;
if (wfConfig::get('other_WFNet') && strpos($_SERVER['REQUEST_URI'], '/wp-login.php') !== false) {
//We're on the login page and this IP has been blocked
wordfence::wfsnReportBlockedAttempt($IP, 'login');
}
$this->do503($secsToGo, $rec['reason']);
}
}
示例3: firewallBadIPs
//.........这里部分代码省略.........
if ($uaPattern && $ipRange) {
if ($uaPatternBlocked && $ipRangeBlocked) {
$doBlock = true;
}
}
if ($uaPattern && $refPattern) {
if ($uaPatternBlocked && $refBlocked) {
$doBlock = true;
}
}
if ($ipRange && $refPattern) {
if ($ipRangeBlocked && $refBlocked) {
$doBlock = true;
}
} else {
if ($uaPattern) {
if ($uaPatternBlocked) {
$doBlock = true;
}
} else {
if ($ipRange) {
if ($ipRangeBlocked) {
$doBlock = true;
}
} else {
if ($refPattern) {
if ($refBlocked) {
$doBlock = true;
}
}
}
}
}
if ($doBlock) {
$this->getDB()->queryWrite("update " . $this->ipRangesTable . " set totalBlocked = totalBlocked + 1, lastBlocked = unix_timestamp() where id=%d", $blockRec['id']);
wfActivityReport::logBlockedIP($IP);
$this->currentRequest->actionDescription = 'UA/Referrer/IP Range not allowed';
$this->do503(3600, "Advanced blocking in effect.");
}
}
}
//End range/UA blocking
// Country blocking
if (wfConfig::get('isPaid')) {
$blockedCountries = wfConfig::get('cbl_countries', false);
$bareRequestURI = wfUtils::extractBareURI($_SERVER['REQUEST_URI']);
$bareBypassRedirURI = wfUtils::extractBareURI(wfConfig::get('cbl_bypassRedirURL', ''));
$skipCountryBlocking = false;
if ($bareBypassRedirURI && $bareRequestURI == $bareBypassRedirURI) {
//Run this before country blocking because even if the user isn't blocked we need to set the bypass cookie so they can bypass future blocks.
$bypassRedirDest = wfConfig::get('cbl_bypassRedirDest', '');
if ($bypassRedirDest) {
self::setCBLCookieBypass();
$this->redirect($bypassRedirDest);
//exits
}
}
$bareBypassViewURI = wfUtils::extractBareURI(wfConfig::get('cbl_bypassViewURL', ''));
if ($bareBypassViewURI && $bareBypassViewURI == $bareRequestURI) {
self::setCBLCookieBypass();
$skipCountryBlocking = true;
}
if (!$skipCountryBlocking && $blockedCountries && !self::isCBLBypassCookieSet()) {
// If everything is checked, make sure this always runs.
if (wfConfig::get('cbl_loggedInBlocked', false) && wfConfig::get('cbl_loginFormBlocked', false) && wfConfig::get('cbl_restOfSiteBlocked', false)) {
$this->checkForBlockedCountry();
}
// Block logged in users.
if (wfConfig::get('cbl_loggedInBlocked', false) && is_user_logged_in()) {
$this->checkForBlockedCountry();
}
// Block the login form itself and any attempt to authenticate.
if (wfConfig::get('cbl_loginFormBlocked', false)) {
if (self::isAuthRequest()) {
$this->checkForBlockedCountry();
}
add_filter('authenticate', array($this, 'checkForBlockedCountry'), 1, 0);
}
// Block requests that aren't to the login page, xmlrpc.php, or a user already logged in.
if (wfConfig::get('cbl_restOfSiteBlocked', false) && !self::isAuthRequest() && !defined('XMLRPC_REQUEST') && !is_user_logged_in()) {
$this->checkForBlockedCountry();
}
// XMLRPC is inaccesible when public portion of the site and auth is disabled.
if (wfConfig::get('cbl_loginFormBlocked', false) && wfConfig::get('cbl_restOfSiteBlocked', false) && defined('XMLRPC_REQUEST')) {
$this->checkForBlockedCountry();
}
}
}
if ($rec = $this->getDB()->querySingleRec("select blockedTime, reason from " . $this->blocksTable . " where IP=%s and (permanent=1 OR (blockedTime + %s > unix_timestamp()))", $IPnum, wfConfig::get('blockedTime'))) {
$this->getDB()->queryWrite("update " . $this->blocksTable . " set lastAttempt=unix_timestamp(), blockedHits = blockedHits + 1 where IP=%s", $IPnum);
$now = $this->getDB()->querySingle("select unix_timestamp()");
$secsToGo = $rec['blockedTime'] + wfConfig::get('blockedTime') - $now;
if (wfConfig::get('other_WFNet') && self::isAuthRequest()) {
//It's an auth request and this IP has been blocked
$this->getCurrentRequest()->action = 'blocked:wfsnrepeat';
wordfence::wfsnReportBlockedAttempt($IP, 'login');
}
$this->do503($secsToGo, $rec['reason']);
}
}