Skip to content

Commit

Permalink
Merge branch dev to master
Browse files Browse the repository at this point in the history
  • Loading branch information
@svfcode
svfcode committed Nov 8, 2023
2 parents 9098e10 + e0d3307 commit 30a81fa
Show file tree
Hide file tree
Showing 32 changed files with 572 additions and 144 deletions.
1 change: 1 addition & 0 deletions .gitignore
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,3 +13,4 @@ psalm.xml
.editorconfig
/lib/CleantalkSP/Common/Scanner/HeuristicAnalyser/tests/
/lib/CleantalkSP/Common/Scanner/SignaturesAnalyser/tests/
/lib/CleantalkSP/Common/Scanner/SignaturesAnalyser/.github/
3 changes: 2 additions & 1 deletion inc/spbc-admin.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -402,6 +402,7 @@ function ($key) {
'progressbar_get_cms_hashes' => __('Receiving hashes', 'security-malware-firewall'),
'progressbar_get_modules_hashes' => __('Receiving plugins hashes', 'security-malware-firewall'),
'progressbar_get_approved_hashes' => __('Updating statuses for the approved files', 'security-malware-firewall'),
'progressbar_get_denied_hashes' => __('Updating statuses for the denied files', 'security-malware-firewall'),
'progressbar_clean_results' => __('Preparing', 'security-malware-firewall'),
// Scanning core
'progressbar_file_system_analysis' => __('Scanning for modifications', 'security-malware-firewall'),
Expand Down Expand Up @@ -812,7 +813,7 @@ function spbc_set_malware_scan_warns()

$query = 'SELECT COUNT(*)
FROM ' . SPBC_TBL_SCAN_FILES . '
WHERE pscan_status = "DANGEROUS" OR analysis_status = "DANGEROUS"';
WHERE pscan_status = "DANGEROUS" OR analysis_status = "DANGEROUS" OR status = "DENIED_BY_CT"';
$analysis_has_dangerous = (int)$wpdb->get_var($query) > 0;

$query = 'SELECT COUNT(*)
Expand Down
6 changes: 3 additions & 3 deletions inc/spbc-scanner.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1048,7 +1048,7 @@ function spbc_get_sql_where_addiction_for_table_of_category($category)
global $spbc;
switch ($category) {
case 'critical':
$res = ' WHERE status = "DENIED_BY_CLOUD"
$res = ' WHERE status IN ("DENIED_BY_CLOUD", "DENIED_BY_CT")
OR (
severity IN("CRITICAL")
AND (
Expand Down Expand Up @@ -1076,7 +1076,7 @@ function spbc_get_sql_where_addiction_for_table_of_category($category)
$res = ' WHERE last_sent IS NOT NULL';
break;
case 'unknown':
$res = ' WHERE status NOT IN ("APROVED","APPROVED_BY_CT","APPROVED_BY_CLOUD") AND
$res = ' WHERE status NOT IN ("APROVED","APPROVED_BY_CT","APPROVED_BY_CLOUD","DENIED_BY_CT") AND
detected_at >= ' . (time() - $spbc->settings['scanner__list_unknown__older_than'] * 86400) . ' AND
source IS NULL AND
path NOT LIKE "%wp-content%themes%" AND
Expand Down Expand Up @@ -1626,7 +1626,7 @@ function spbc_scanner_file_quarantine($direct_call = false, $file_id = null)
$q_path = SPBC_PLUGIN_DIR . 'quarantine/'
. str_replace('/', '__', str_replace('\\', '__', $file_info['path'])) . '___'
. md5($file_info['path'] . rand(0, 99999999)) . '.punished';

$dir_name = SPBC_PLUGIN_DIR . 'quarantine/';
if ( ! is_dir($dir_name)) {
mkdir($dir_name);
Expand Down
83 changes: 76 additions & 7 deletions inc/spbc-settings.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -423,7 +423,8 @@ function spbc_settings__register()
'waf__xss_check',
'waf__sql_check',
'waf__file_check',
'waf__exploit_check'
'waf__exploit_check',
'waf_blocker__enabled'
),
),
'waf__xss_check' => array(
Expand Down Expand Up @@ -461,6 +462,12 @@ function spbc_settings__register()
'description' => __('Check traffic for known exploits.', 'security-malware-firewall'),
'parent' => 'waf__enabled',
),
'waf_blocker__enabled' => array(
'type' => 'field',
'title' => __('WAF Blocker', 'security-malware-firewall'),
'description' => __('Blocking a visitor for 24 hours after several WAF detected brute force attempts.', 'security-malware-firewall'),
'parent' => 'waf__enabled',
),
'traffic_control__enabled' => array(
'type' => 'field',
'title' => __('Traffic Control', 'security-malware-firewall'),
Expand Down Expand Up @@ -1932,13 +1939,13 @@ function spbc_field_security_logs__prepare_data(&$table)

foreach ($table->rows as $row) {
$ip = IP::reduceIPv6($row->auth_ip);
$allow_layout = '<a href="#" onclick="return spbc_sec_logs__allow_ip(\''
. esc_attr($ip)
. '\')" class="spbcGreen tbl-row_action--allow" data-ip=' . $ip . '>'
$allow_layout = '<a href="#" onclick="return spbc_sec_logs__allow_ip(\''
. esc_attr($ip)
. '\')" class="spbcGreen tbl-row_action--allow" data-ip=' . $ip . '>'
. esc_html__('Allow', 'security-malware-firewall') . '</a>';
$ban_layout = '<a href="#" onclick="return spbc_sec_logs__ban_ip(\''
. esc_attr($ip)
. '\')" class="spbc---red tbl-row_action--ban" data-ip=' . $ip . '>'
$ban_layout = '<a href="#" onclick="return spbc_sec_logs__ban_ip(\''
. esc_attr($ip)
. '\')" class="spbc---red tbl-row_action--ban" data-ip=' . $ip . '>'
. esc_html__('Ban', 'security-malware-firewall') . '</a>';

$user = get_user_by('login', $row->user_login);
Expand Down Expand Up @@ -2153,6 +2160,7 @@ function spbc_field_traffic_control_logs__prepare_data(&$table)
$status = '<span class="spbcRed">' . __('Blocked. Hazardous network. SFW source', 'security-malware-firewall') . '</span>';
break;
case 'DENY_BY_BFP':
case 'DENY_BY_WAF_BLOCKER':
$status = '<span class="spbcRed">' . __('Blocked by BruteForce protection system', 'security-malware-firewall') . '</span>';
break;

Expand Down Expand Up @@ -2367,6 +2375,37 @@ function spbc_field_scanner__prepare_data__files(&$table)
unset($row->actions['replace']);
}

if ( !empty($row->status) ) {
if ( $row->status === 'DENIED_BY_CT' ) {
$cloud_status = '<span class="spbcRed">' . __('File hash', 'security-malware-firewall') . ':[' . esc_html($row->full_hash) . ']' . '</span>';
unset($row->actions['send']);
unset($row->actions['view_bad']);
}
}

if ( !empty($row->status) ) {
if ( $row->status === 'DENIED_BY_CT' ) {
$cloud_status = '<span class="spbcRed">' . __('File hash', 'security-malware-firewall') . ':[' . esc_html($row->full_hash) . ']' . '</span>';
unset($row->actions['send']);
unset($row->actions['view_bad']);
}
if ( !empty($row->analysis_status) ) {
if ( $row->analysis_status === 'DANGEROUS' ) {
$status = '<span class="spbcRed">' . __('File is denied by ' . $spbc->data["wl_company_name"] . ' team', 'security-malware-firewall') . '</span>';
}
}
}

if ( $table->type === 'critical' && in_array($row->fast_hash, spbc_get_list_of_scheduled_critical_files_to_send())) {
$status = __('File will be automatically send for Cloud analysis within 5 minutes.', 'security-malware-firewall');
unset($row->actions['send']);
unset($row->actions['approve']);
unset($row->actions['quarantine']);
unset($row->actions['delete']);
unset($row->actions['compare']);
unset($row->actions['replace']);
}

$table->items[] = array(
'cb' => $row->fast_hash,
'uid' => $row->fast_hash,
Expand Down Expand Up @@ -2425,6 +2464,21 @@ function spbc_field_scanner__prepare_data__files(&$table)
$ws_string .= '</p>';
}
}
if ( ! empty($weak_spots['DENIED_HASH'])) {
// collecting all kinds of code
$all_unique_weak_spots = array();
foreach ($weak_spots['DENIED_HASH'] as $_string => $weak_spot_in_string) {
$all_unique_weak_spots[] = $weak_spot_in_string[0];
}
$all_unique_weak_spots = array_unique($all_unique_weak_spots);
foreach ($all_unique_weak_spots as $weak_spot_in_string) {

$ws_string .= '<p style="margin: 0;"><span class="spbcRed"><i setting="hash_' . str_replace(' ', '_', $weak_spot_in_string) . '" class="spbc_long_description__show spbc-icon-help-circled"></i> Hash: </span>'
. 'denied';

$ws_string .= '</p>';
}
}
if ( ! empty($weak_spots['DANGER'])) {
// collecting all kinds of code
$all_unique_weak_spots = array();
Expand All @@ -2433,10 +2487,12 @@ function spbc_field_scanner__prepare_data__files(&$table)
}
$all_unique_weak_spots = array_unique($all_unique_weak_spots);
foreach ($all_unique_weak_spots as $weak_spot_in_string) {

$ws_string .= '<p style="margin: 0;"><span class="spbcRed"><i setting="danger_' . str_replace(' ', '_', $weak_spot_in_string) . '" class="spbc_long_description__show spbc-icon-help-circled"></i> Danger: </span>'
. (strlen($weak_spot_in_string) > 30
? substr($weak_spot_in_string, 0, 30) . '...'
: $weak_spot_in_string);

$ws_string .= '</p>';
}
}
Expand Down Expand Up @@ -2877,6 +2933,7 @@ function spbc_field_scanner()
. '<span class="spbc_overall_scan_status_get_modules_hashes">' . __('Receiving plugin and theme hashes', 'security-malware-firewall') . '</span> -> '
. '<span class="spbc_overall_scan_status_clean_results">' . __('Preparing', 'security-malware-firewall') . '</span> -> '
. '<span class="spbc_overall_scan_status_file_system_analysis">' . __('Scanning for modifications', 'security-malware-firewall') . '</span> -> '
. '<span class="spbc_overall_scan_status_get_denied_hashes">' . __('Updating statuses for the denied files', 'security-malware-firewall') . '</span> -> '
. '<span class="spbc_overall_scan_status_get_approved_hashes">' . __('Updating statuses for the approved files', 'security-malware-firewall') . '</span> -> ';

if ($spbc->settings['scanner__file_monitoring']) {
Expand Down Expand Up @@ -3380,6 +3437,7 @@ function spbc_list_table__get_args_by_type($table_type)
$args['sql']['add_col'][] = 'analysis_status';
$args['sql']['add_col'][] = 'pscan_status';
$args['sql']['add_col'][] = 'pscan_pending_queue';
$args['sql']['add_col'][] = 'full_hash';
break;

case 'suspicious':
Expand Down Expand Up @@ -4225,6 +4283,12 @@ function spbc_get_key_auto($direct_call = false)
'success' => true,
'reload' => false,
);
} elseif ( ! isset($result['auth_key'])) {
$out = array(
'success' => true,
'reload' => false,
'msg' => __('Please use the manual option to get the access key to ensure its safety.', 'security-malware-firewall')
);
} else {
$settings['spbc_key'] = trim($result['auth_key']);
$settings['spbc_key'] = preg_match('/^[a-z\d]*$/', $settings['spbc_key']) ? $settings['spbc_key'] : $spbc->settings['spbc_key']; // Check key format a-z\d
Expand Down Expand Up @@ -4652,6 +4716,11 @@ function spbc_settings__get_description()
'title' => __('Directory exclusions ruleset', 'security-malware-firewall'),
'desc' => __('This rules will exclude the directory and all subdirectories matching the specified path. Any type of directory separator is acceptable. Example: wp-content/themes/yourtheme/skipthisdir', 'security-malware-firewall'),
),
'hash_denied_hash' => array(
'title' => 'denied_hash',
'desc' => __('The file hash is in denied list. It means that the Security analysts have marked this file
as critically dangerous early. We do recommend you to order the Security Audit service.', 'security-malware-firewall')
),
'no_description' => array(
'title' => esc_html($setting_id),
'desc' => __('No description provided yet for this item. We are sorry about this. Please, contact [email protected] for further help.', 'security-malware-firewall'),
Expand Down
Loading

0 comments on commit 30a81fa

Please sign in to comment.