Hanson.xyz Dev
70 lines
1.9 KiB
PHP
Executable File
70 lines
1.9 KiB
PHP
Executable File
<?php
|
|
namespace AIOWPS\Firewall;
|
|
|
|
/**
|
|
* Rule that blocks comments being posted if a proxy is detected.
|
|
*/
|
|
class Rule_Proxy_Comment_Posting extends Rule {
|
|
|
|
/**
|
|
* Implements the action to be taken
|
|
*/
|
|
use Action_Forbid_and_Exit_Trait;
|
|
|
|
/**
|
|
* Construct our rule
|
|
*/
|
|
public function __construct() {
|
|
// Set the rule's metadata
|
|
$this->name = 'Proxy comment posting';
|
|
$this->family = 'General';
|
|
$this->priority = 10;
|
|
}
|
|
|
|
/**
|
|
* Determines whether the rule is active
|
|
*
|
|
* @return boolean
|
|
*/
|
|
public function is_active() {
|
|
global $aiowps_firewall_config;
|
|
return (bool) $aiowps_firewall_config->get_value('aiowps_forbid_proxy_comments');
|
|
}
|
|
|
|
/**
|
|
* The condition to be satisfied for the rule to apply
|
|
*
|
|
* @return boolean
|
|
*/
|
|
public function is_satisfied() {
|
|
|
|
//Preconditions for the rule
|
|
// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.MissingUnslash, WordPress.Security.ValidatedSanitizedInput.InputNotSanitized -- PCP warning. Sanitizing will interfere with 6g rules.
|
|
$is_comment_form = (isset($_SERVER['SCRIPT_FILENAME']) && 1 === preg_match('/\/wp-comments-post\.php$/i', $_SERVER['SCRIPT_FILENAME']));
|
|
// phpcs:ignore WordPress.Security.ValidatedSanitizedInput.MissingUnslash, WordPress.Security.ValidatedSanitizedInput.InputNotSanitized -- PCP warning. Sanitizing will interfere with 6g rules.
|
|
$is_post = (isset($_SERVER['REQUEST_METHOD']) && 0 === strcasecmp($_SERVER['REQUEST_METHOD'], "POST"));
|
|
|
|
if (!$is_post || !$is_comment_form) return Rule::NOT_SATISFIED;
|
|
|
|
//Headers that are present if a proxy is being used
|
|
$headers = array(
|
|
'HTTP_VIA',
|
|
'HTTP_FORWARDED',
|
|
'HTTP_USERAGENT_VIA',
|
|
'HTTP_X_FORWARDED_FOR',
|
|
'HTTP_X_FORWARDED_HOST',
|
|
'HTTP_PROXY_CONNECTION',
|
|
'HTTP_XPROXY_CONNECTION',
|
|
'HTTP_PC_REMOTE_ADDR',
|
|
'HTTP_CLIENT_IP',
|
|
);
|
|
|
|
foreach ($headers as $header) {
|
|
if (!empty($_SERVER[$header])) return Rule::SATISFIED;
|
|
}
|
|
|
|
return Rule::NOT_SATISFIED;
|
|
}
|
|
|
|
}
|