当前位置: 首页>>代码示例>>PHP>>正文


PHP wordfence::wfsnReportBlockedAttempt方法代码示例

本文整理汇总了PHP中wordfence::wfsnReportBlockedAttempt方法的典型用法代码示例。如果您正苦于以下问题:PHP wordfence::wfsnReportBlockedAttempt方法的具体用法?PHP wordfence::wfsnReportBlockedAttempt怎么用?PHP wordfence::wfsnReportBlockedAttempt使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在wordfence的用法示例。


在下文中一共展示了wordfence::wfsnReportBlockedAttempt方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。

示例1: syncAttackData

 public static function syncAttackData($exit = true)
 {
     global $wpdb;
     $waf = wfWAF::getInstance();
     $lastAttackMicroseconds = $wpdb->get_var("SELECT MAX(attackLogTime) FROM {$wpdb->base_prefix}wfHits");
     if ($waf->getStorageEngine()->hasNewerAttackData($lastAttackMicroseconds)) {
         $attackData = $waf->getStorageEngine()->getNewestAttackDataArray($lastAttackMicroseconds);
         if ($attackData) {
             foreach ($attackData as $request) {
                 if (count($request) !== 9 && count($request) !== 10) {
                     continue;
                 }
                 list($logTimeMicroseconds, $requestTime, $ip, $learningMode, $paramKey, $paramValue, $failedRules, $ssl, $requestString, $metadata) = $request;
                 // Skip old entries and hits in learning mode, since they'll get picked up anyways.
                 if ($logTimeMicroseconds <= $lastAttackMicroseconds || $learningMode) {
                     continue;
                 }
                 $hit = new wfRequestModel();
                 $hit->attackLogTime = $logTimeMicroseconds;
                 $hit->statusCode = 403;
                 $hit->ctime = $requestTime;
                 $hit->IP = wfUtils::inet_pton($ip);
                 if (preg_match('/user\\-agent:(.*?)\\n/i', $requestString, $matches)) {
                     $hit->UA = trim($matches[1]);
                     $hit->isGoogle = wfCrawl::isGoogleCrawler($hit->UA);
                 }
                 if (preg_match('/Referer:(.*?)\\n/i', $requestString, $matches)) {
                     $hit->referer = trim($matches[1]);
                 }
                 if (preg_match('/^[a-z]+\\s+(.*?)\\s+/i', $requestString, $uriMatches) && preg_match('/Host:(.*?)\\n/i', $requestString, $hostMatches)) {
                     $hit->URL = 'http' . ($ssl ? 's' : '') . '://' . trim($hostMatches[1]) . trim($uriMatches[1]);
                 }
                 if (preg_match('/cookie:(.*?)\\n/i', $requestString, $matches)) {
                     $hit->newVisit = strpos($matches[1], 'wfvt_' . crc32(site_url())) !== false ? 1 : 0;
                     $hasVerifiedHumanCookie = strpos($matches[1], 'wordfence_verifiedHuman') !== false;
                     if ($hasVerifiedHumanCookie && preg_match('/wordfence_verifiedHuman=(.*?);/', $matches[1], $cookieMatches)) {
                         $hit->jsRun = (int) wp_verify_nonce($cookieMatches[1], 'wordfence_verifiedHuman' . $hit->UA . $ip);
                     }
                     $hasLoginCookie = strpos($matches[1], $ssl ? SECURE_AUTH_COOKIE : AUTH_COOKIE) !== false;
                     if ($hasLoginCookie && preg_match('/' . ($ssl ? SECURE_AUTH_COOKIE : AUTH_COOKIE) . '=(.*?);/', $matches[1], $cookieMatches)) {
                         $authCookie = rawurldecode($cookieMatches[1]);
                         $authID = $ssl ? wp_validate_auth_cookie($authCookie, 'secure_auth') : wp_validate_auth_cookie($authCookie, 'auth');
                         if ($authID) {
                             $hit->userID = $authID;
                         }
                     }
                 }
                 $path = '/';
                 if (preg_match('/^[A-Z]+ (.*?) HTTP\\/1\\.1/', $requestString, $matches)) {
                     if (($pos = strpos($matches[1], '?')) !== false) {
                         $path = substr($matches[1], 0, $pos);
                     } else {
                         $path = $matches[1];
                     }
                 }
                 $metadata = $metadata != null ? (array) $metadata : array();
                 if (isset($metadata['finalAction']) && $metadata['finalAction']) {
                     // The request was blocked/redirected because of its IP based on the plugin's blocking settings. WAF blocks should be reported but not shown in live traffic with that as a reason.
                     $action = $metadata['finalAction']['action'];
                     $actionDescription = $action;
                     if (class_exists('wfWAFIPBlocksController')) {
                         if ($action == wfWAFIPBlocksController::WFWAF_BLOCK_UAREFIPRANGE) {
                             $id = $metadata['finalAction']['id'];
                             $wpdb->query($wpdb->prepare("UPDATE {$wpdb->base_prefix}wfBlocksAdv SET totalBlocked = totalBlocked + 1, lastBlocked = %d WHERE id = %d", $requestTime, $id));
                             wfActivityReport::logBlockedIP($ip);
                         } else {
                             if ($action == wfWAFIPBlocksController::WFWAF_BLOCK_COUNTRY_REDIR) {
                                 $actionDescription .= ' (' . wfConfig::get('cbl_redirURL') . ')';
                                 wfConfig::inc('totalCountryBlocked');
                                 wfActivityReport::logBlockedIP($ip);
                             } else {
                                 if ($action == wfWAFIPBlocksController::WFWAF_BLOCK_COUNTRY) {
                                     wfConfig::inc('totalCountryBlocked');
                                     wfActivityReport::logBlockedIP($ip);
                                 } else {
                                     if ($action == wfWAFIPBlocksController::WFWAF_BLOCK_WFSN) {
                                         wordfence::wfsnReportBlockedAttempt($ip, 'login');
                                     }
                                 }
                             }
                         }
                     }
                     if (strlen($actionDescription) == 0) {
                         $actionDescription = 'Blocked by Wordfence';
                     }
                     if (empty($failedRules)) {
                         // Just a plugin block
                         $hit->action = 'blocked:wordfence';
                         if (class_exists('wfWAFIPBlocksController')) {
                             if ($action == wfWAFIPBlocksController::WFWAF_BLOCK_WFSN) {
                                 $hit->action = 'blocked:wfsnrepeat';
                             }
                         }
                         $hit->actionDescription = $actionDescription;
                     } else {
                         if ($failedRules == 'logged') {
                             $hit->action = 'logged:waf';
                         } else {
                             // Blocked by the WAF but would've been blocked anyway by the plugin settings so that message takes priority
                             $hit->action = 'blocked:waf-always';
//.........这里部分代码省略.........
开发者ID:Jerram-Marketing,项目名称:Gummer-Co,代码行数:101,代码来源:wordfenceClass.php

示例2: firewallBadIPs


//.........这里部分代码省略.........
                             $doBlock = true;
                         }
                     } else {
                         if ($refPattern) {
                             if ($refBlocked) {
                                 $doBlock = true;
                             }
                         }
                     }
                 }
             }
             if ($doBlock) {
                 $this->getDB()->queryWrite("update " . $this->ipRangesTable . " set totalBlocked = totalBlocked + 1, lastBlocked = unix_timestamp() where id=%d", $blockRec['id']);
                 wfActivityReport::logBlockedIP($IP);
                 $this->do503(3600, "Advanced blocking in effect.");
             }
         }
     }
     //End range/UA blocking
     // Country blocking
     if (wfConfig::get('isPaid')) {
         $blockedCountries = wfConfig::get('cbl_countries', false);
         $bareRequestURI = wfUtils::extractBareURI($_SERVER['REQUEST_URI']);
         $bareBypassRedirURI = wfUtils::extractBareURI(wfConfig::get('cbl_bypassRedirURL', ''));
         $skipCountryBlocking = false;
         if ($bareBypassRedirURI && $bareRequestURI == $bareBypassRedirURI) {
             //Run this before country blocking because even if the user isn't blocked we need to set the bypass cookie so they can bypass future blocks.
             $bypassRedirDest = wfConfig::get('cbl_bypassRedirDest', '');
             if ($bypassRedirDest) {
                 self::setCBLCookieBypass();
                 $this->redirect($bypassRedirDest);
                 //exits
             }
         }
         $bareBypassViewURI = wfUtils::extractBareURI(wfConfig::get('cbl_bypassViewURL', ''));
         if ($bareBypassViewURI && $bareBypassViewURI == $bareRequestURI) {
             self::setCBLCookieBypass();
             $skipCountryBlocking = true;
         }
         if (!$skipCountryBlocking && $blockedCountries && !self::isCBLBypassCookieSet()) {
             if (is_user_logged_in() && !wfConfig::get('cbl_loggedInBlocked', false)) {
                 //User is logged in and we're allowing logins
                 //Do nothing
             } else {
                 if (strpos($_SERVER['REQUEST_URI'], '/wp-login.php') !== false && !wfConfig::get('cbl_loginFormBlocked', false)) {
                     //It's the login form and we're allowing that
                     //Do nothing
                 } else {
                     if (strpos($_SERVER['REQUEST_URI'], '/wp-login.php') === false && !wfConfig::get('cbl_restOfSiteBlocked', false)) {
                         //It's the rest of the site and we're allowing that
                         //Do nothing
                     } else {
                         if ($country = wfUtils::IP2Country($IP)) {
                             foreach (explode(',', $blockedCountries) as $blocked) {
                                 if (strtoupper($blocked) == strtoupper($country)) {
                                     //At this point we know the user has been blocked
                                     if (wfConfig::get('cbl_action') == 'redir') {
                                         $redirURL = wfConfig::get('cbl_redirURL');
                                         $eRedirHost = wfUtils::extractHostname($redirURL);
                                         $isExternalRedir = false;
                                         if ($eRedirHost && $eRedirHost != wfUtils::extractHostname(home_url())) {
                                             //It's an external redirect...
                                             $isExternalRedir = true;
                                         }
                                         if (!$isExternalRedir && wfUtils::extractBareURI($redirURL) == $bareRequestURI) {
                                             //Is this the URI we want to redirect to, then don't block it
                                             //Do nothing
                                             /* Uncomment the following if page components aren't loading for the page we redirect to.
                                             			   Uncommenting is not recommended because it means that anyone from a blocked country
                                             			   can crawl your site by sending the page blocked users are redirected to as the referer for every request.
                                             			   But it's your call.
                                             			} else if(wfUtils::extractBareURI($_SERVER['HTTP_REFERER']) == $redirURL){ //If the referer the page we want to redirect to? Then this might be loading as a component so don't block.
                                             				//Do nothing
                                             			*/
                                         } else {
                                             $this->redirect(wfConfig::get('cbl_redirURL'));
                                         }
                                     } else {
                                         $this->do503(3600, "Access from your area has been temporarily limited for security reasons");
                                         wfConfig::inc('totalCountryBlocked');
                                     }
                                 }
                             }
                         }
                     }
                 }
             }
         }
     }
     if ($rec = $this->getDB()->querySingleRec("select blockedTime, reason from " . $this->blocksTable . " where IP=%s and (permanent=1 OR (blockedTime + %s > unix_timestamp()))", $IPnum, wfConfig::get('blockedTime'))) {
         $this->getDB()->queryWrite("update " . $this->blocksTable . " set lastAttempt=unix_timestamp(), blockedHits = blockedHits + 1 where IP=%s", $IPnum);
         $now = $this->getDB()->querySingle("select unix_timestamp()");
         $secsToGo = $rec['blockedTime'] + wfConfig::get('blockedTime') - $now;
         if (wfConfig::get('other_WFNet') && strpos($_SERVER['REQUEST_URI'], '/wp-login.php') !== false) {
             //We're on the login page and this IP has been blocked
             wordfence::wfsnReportBlockedAttempt($IP, 'login');
         }
         $this->do503($secsToGo, $rec['reason']);
     }
 }
开发者ID:TomFarrow,项目名称:wordpress-stackable,代码行数:101,代码来源:wfLog.php

示例3: firewallBadIPs


//.........这里部分代码省略.........
             if ($uaPattern && $ipRange) {
                 if ($uaPatternBlocked && $ipRangeBlocked) {
                     $doBlock = true;
                 }
             }
             if ($uaPattern && $refPattern) {
                 if ($uaPatternBlocked && $refBlocked) {
                     $doBlock = true;
                 }
             }
             if ($ipRange && $refPattern) {
                 if ($ipRangeBlocked && $refBlocked) {
                     $doBlock = true;
                 }
             } else {
                 if ($uaPattern) {
                     if ($uaPatternBlocked) {
                         $doBlock = true;
                     }
                 } else {
                     if ($ipRange) {
                         if ($ipRangeBlocked) {
                             $doBlock = true;
                         }
                     } else {
                         if ($refPattern) {
                             if ($refBlocked) {
                                 $doBlock = true;
                             }
                         }
                     }
                 }
             }
             if ($doBlock) {
                 $this->getDB()->queryWrite("update " . $this->ipRangesTable . " set totalBlocked = totalBlocked + 1, lastBlocked = unix_timestamp() where id=%d", $blockRec['id']);
                 wfActivityReport::logBlockedIP($IP);
                 $this->currentRequest->actionDescription = 'UA/Referrer/IP Range not allowed';
                 $this->do503(3600, "Advanced blocking in effect.");
             }
         }
     }
     //End range/UA blocking
     // Country blocking
     if (wfConfig::get('isPaid')) {
         $blockedCountries = wfConfig::get('cbl_countries', false);
         $bareRequestURI = wfUtils::extractBareURI($_SERVER['REQUEST_URI']);
         $bareBypassRedirURI = wfUtils::extractBareURI(wfConfig::get('cbl_bypassRedirURL', ''));
         $skipCountryBlocking = false;
         if ($bareBypassRedirURI && $bareRequestURI == $bareBypassRedirURI) {
             //Run this before country blocking because even if the user isn't blocked we need to set the bypass cookie so they can bypass future blocks.
             $bypassRedirDest = wfConfig::get('cbl_bypassRedirDest', '');
             if ($bypassRedirDest) {
                 self::setCBLCookieBypass();
                 $this->redirect($bypassRedirDest);
                 //exits
             }
         }
         $bareBypassViewURI = wfUtils::extractBareURI(wfConfig::get('cbl_bypassViewURL', ''));
         if ($bareBypassViewURI && $bareBypassViewURI == $bareRequestURI) {
             self::setCBLCookieBypass();
             $skipCountryBlocking = true;
         }
         if (!$skipCountryBlocking && $blockedCountries && !self::isCBLBypassCookieSet()) {
             // If everything is checked, make sure this always runs.
             if (wfConfig::get('cbl_loggedInBlocked', false) && wfConfig::get('cbl_loginFormBlocked', false) && wfConfig::get('cbl_restOfSiteBlocked', false)) {
                 $this->checkForBlockedCountry();
             }
             // Block logged in users.
             if (wfConfig::get('cbl_loggedInBlocked', false) && is_user_logged_in()) {
                 $this->checkForBlockedCountry();
             }
             // Block the login form itself and any attempt to authenticate.
             if (wfConfig::get('cbl_loginFormBlocked', false)) {
                 if (self::isAuthRequest()) {
                     $this->checkForBlockedCountry();
                 }
                 add_filter('authenticate', array($this, 'checkForBlockedCountry'), 1, 0);
             }
             // Block requests that aren't to the login page, xmlrpc.php, or a user already logged in.
             if (wfConfig::get('cbl_restOfSiteBlocked', false) && !self::isAuthRequest() && !defined('XMLRPC_REQUEST') && !is_user_logged_in()) {
                 $this->checkForBlockedCountry();
             }
             // XMLRPC is inaccesible when public portion of the site and auth is disabled.
             if (wfConfig::get('cbl_loginFormBlocked', false) && wfConfig::get('cbl_restOfSiteBlocked', false) && defined('XMLRPC_REQUEST')) {
                 $this->checkForBlockedCountry();
             }
         }
     }
     if ($rec = $this->getDB()->querySingleRec("select blockedTime, reason from " . $this->blocksTable . " where IP=%s and (permanent=1 OR (blockedTime + %s > unix_timestamp()))", $IPnum, wfConfig::get('blockedTime'))) {
         $this->getDB()->queryWrite("update " . $this->blocksTable . " set lastAttempt=unix_timestamp(), blockedHits = blockedHits + 1 where IP=%s", $IPnum);
         $now = $this->getDB()->querySingle("select unix_timestamp()");
         $secsToGo = $rec['blockedTime'] + wfConfig::get('blockedTime') - $now;
         if (wfConfig::get('other_WFNet') && self::isAuthRequest()) {
             //It's an auth request and this IP has been blocked
             $this->getCurrentRequest()->action = 'blocked:wfsnrepeat';
             wordfence::wfsnReportBlockedAttempt($IP, 'login');
         }
         $this->do503($secsToGo, $rec['reason']);
     }
 }
开发者ID:uwmadisoncals,项目名称:Cluster-Plugins,代码行数:101,代码来源:wfLog.php


注:本文中的wordfence::wfsnReportBlockedAttempt方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。