load_settings(); $this->ip_address = wpban_get_ip($this->settings['reverse_proxy'] ?? false); // Core hooks add_action('init', [$this, 'check_bypass'], 1); add_action('init', [$this, 'check_rate_limit'], 5); add_action('init', [$this, 'check_geo_block'], 6); add_action('init', [$this, 'check_ban'], 10); add_action('init', [$this, 'check_login_restriction'], 11); add_action('init', [$this, 'check_crawlers'], 12); add_action('wp_footer', [$this, 'check_browser_restrictions']); add_filter('robots_txt', [$this, 'modify_robots_txt'], 10, 2); // Login protection add_action('wp_login_failed', [$this, 'handle_login_failed']); add_filter('authenticate', [$this, 'check_login_attempt'], 30, 3); } private function load_settings() { $this->settings = wp_cache_get('settings', $this->cache_group); if ($this->settings === false) { $this->settings = get_option('wpban_settings', []); wp_cache_set('settings', $this->settings, $this->cache_group, 3600); } } public function check_bypass() { $bypass_path = get_option('wpban_bypass_path'); // URL bypass if (isset($_GET['wpban_bypass']) && $_GET['wpban_bypass'] === $bypass_path) { setcookie(WPBAN_BYPASS_KEY, $bypass_path, time() + DAY_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN, is_ssl(), true); $this->bypass_active = true; $this->log('bypass', 'bypass_activated'); wp_redirect(remove_query_arg('wpban_bypass')); exit; } // Cookie bypass if (isset($_COOKIE[WPBAN_BYPASS_KEY]) && $_COOKIE[WPBAN_BYPASS_KEY] === $bypass_path) { $this->bypass_active = true; } } public function check_rate_limit() { if ($this->bypass_active || empty($this->settings['rate_limits'])) { return; } global $wpdb; $table = $wpdb->prefix . 'wpban_rate_limits'; $limits = $this->settings['rate_limits']; // Determine action type $action = 'general'; if (strpos($_SERVER['REQUEST_URI'], '/wp-login.php') !== false) { $action = 'login'; } elseif (strpos($_SERVER['REQUEST_URI'], '/wp-json/') !== false) { $action = 'api'; } // Get limit settings $window = 60; // seconds $max_requests = $limits['requests_per_minute'] ?? 60; if ($action === 'login') { $window = 3600; $max_requests = $limits['login_per_hour'] ?? 5; } elseif ($action === 'api') { $max_requests = $limits['api_per_minute'] ?? 30; } $window_start = date('Y-m-d H:i:s', time() - $window); // Check current count $current = $wpdb->get_row($wpdb->prepare( "SELECT count, window_start FROM $table WHERE ip = %s AND action = %s AND window_start > %s", $this->ip_address, $action, $window_start )); if ($current) { if ($current->count >= $max_requests) { $this->log('blocked', 'rate_limit', $action); $this->send_notification('rate_limit', [ 'action' => $action, 'count' => $current->count ]); wp_die(__('Too many requests. Please try again later.', 'wpban'), 429); } // Increment counter $wpdb->query($wpdb->prepare( "UPDATE $table SET count = count + 1, last_attempt = %s WHERE ip = %s AND action = %s", current_time('mysql'), $this->ip_address, $action )); } else { // Create new record $wpdb->insert($table, [ 'ip' => $this->ip_address, 'action' => $action, 'count' => 1, 'window_start' => current_time('mysql'), 'last_attempt' => current_time('mysql') ]); } } public function check_geo_block() { if ($this->bypass_active || empty($this->settings['geo_blocking']['enabled'])) { return; } $country = $this->get_country_code($this->ip_address); $blocked_countries = $this->settings['geo_blocking']['blocked_countries'] ?? []; $allowed_countries = $this->settings['geo_blocking']['allowed_countries'] ?? []; // If allowed list is set, only allow those countries if (!empty($allowed_countries) && !in_array($country, $allowed_countries)) { $this->log('blocked', 'geo_block', $country); $this->send_notification('geo_block', ['country' => $country]); wp_die(__('Access denied from your location.', 'wpban'), 403); } // Check blocked countries if (in_array($country, $blocked_countries)) { $this->log('blocked', 'geo_block', $country); $this->send_notification('geo_block', ['country' => $country]); wp_die(__('Access denied from your location.', 'wpban'), 403); } } public function check_ban() { if ($this->bypass_active) { return; } $checks = [ 'ip' => $this->is_ip_banned(), 'host' => $this->is_host_banned(), 'referer' => $this->is_referer_banned(), 'agent' => $this->is_agent_banned() ]; foreach ($checks as $type => $banned) { if ($banned && !$this->is_whitelisted()) { $this->log('banned', $type . '_ban'); $this->show_ban_message(); } } } public function check_login_restriction() { if ($this->bypass_active || empty($this->settings['login_allowed_ips'])) { return; } $login_files = ['wp-login.php', 'wp-register.php', 'xmlrpc.php']; $current_file = basename($_SERVER['SCRIPT_FILENAME']); if (in_array($current_file, $login_files)) { $allowed = false; foreach ($this->settings['login_allowed_ips'] as $pattern) { if (wpban_match_pattern($pattern, $this->ip_address)) { $allowed = true; break; } } if (!$allowed) { $this->log('blocked', 'login_restriction'); wp_redirect(home_url()); exit; } } } public function check_crawlers() { if ($this->bypass_active || empty($this->settings['blocked_crawlers'])) { return; } $ua = $_SERVER['HTTP_USER_AGENT'] ?? ''; foreach ($this->settings['blocked_crawlers'] as $crawler) { if (stripos($ua, $crawler) !== false) { $this->log('blocked', 'crawler_block', $crawler); http_response_code(403); exit('Access denied'); } } } public function check_browser_restrictions() { if ($this->bypass_active || empty($this->settings['browser_restrictions'])) { return; } $ua = $_SERVER['HTTP_USER_AGENT'] ?? ''; if (isset($this->settings['browser_restrictions']['wechat_qq']) && $this->settings['browser_restrictions']['wechat_qq']['enabled'] && (strpos($ua, 'MQQBrowser') !== false || strpos($ua, 'MicroMessenger') !== false)) { $this->log('blocked', 'browser_restriction', 'WeChat/QQ'); $this->show_browser_block_message($this->settings['browser_restrictions']['wechat_qq']); } } public function handle_login_failed($username) { $this->log('failed_login', 'login_attempt', $username); // Check for brute force global $wpdb; $table = $wpdb->prefix . 'wpban_logs'; $count = $wpdb->get_var($wpdb->prepare( "SELECT COUNT(*) FROM $table WHERE ip = %s AND action = 'failed_login' AND timestamp > %s", $this->ip_address, date('Y-m-d H:i:s', strtotime('-1 hour')) )); if ($count >= 10) { $this->send_notification('brute_force', [ 'attempts' => $count, 'username' => $username ]); } } public function check_login_attempt($user, $username, $password) { if (empty($username) || empty($password)) { return $user; } // Additional login security checks can be added here return $user; } public function modify_robots_txt($output, $public) { if (!empty($this->settings['blocked_crawlers'])) { $output .= "\n# WPBan Security Rules\n"; foreach ($this->settings['blocked_crawlers'] as $crawler) { $output .= "User-agent: $crawler\n"; $output .= "Disallow: /\n\n"; } } return $output; } // Helper methods private function is_ip_banned() { foreach ($this->settings['banned_ips'] ?? [] as $pattern) { if (wpban_match_pattern($pattern, $this->ip_address)) { return true; } } foreach ($this->settings['banned_ranges'] ?? [] as $range) { if (wpban_ip_in_range($this->ip_address, $range)) { return true; } } return false; } private function is_host_banned() { if (empty($this->settings['banned_hosts'])) { return false; } $hostname = $this->get_cached_data('hostname_' . $this->ip_address, function() { return gethostbyaddr($this->ip_address); }, 3600); foreach ($this->settings['banned_hosts'] as $pattern) { if (wpban_match_pattern($pattern, $hostname)) { return true; } } return false; } private function is_referer_banned() { $referer = $_SERVER['HTTP_REFERER'] ?? ''; if (empty($referer) || empty($this->settings['banned_referers'])) { return false; } foreach ($this->settings['banned_referers'] as $pattern) { if (wpban_match_pattern($pattern, $referer)) { return true; } } return false; } private function is_agent_banned() { $agent = $_SERVER['HTTP_USER_AGENT'] ?? ''; if (empty($agent) || empty($this->settings['banned_agents'])) { return false; } foreach ($this->settings['banned_agents'] as $pattern) { if (wpban_match_pattern($pattern, $agent)) { return true; } } return false; } private function is_whitelisted() { foreach ($this->settings['whitelist_ips'] ?? [] as $pattern) { if (wpban_match_pattern($pattern, $this->ip_address) || wpban_ip_in_range($this->ip_address, $pattern)) { return true; } } return false; } private function get_country_code($ip) { global $wpdb; $table = $wpdb->prefix . 'wpban_geo_cache'; // Check cache first $cached = $wpdb->get_var($wpdb->prepare( "SELECT country_code FROM $table WHERE ip = %s", $ip )); if ($cached) { return $cached; } // Use IP geolocation service $country = $this->lookup_country($ip); // Cache result if ($country) { $wpdb->replace($table, [ 'ip' => $ip, 'country_code' => $country['code'], 'country_name' => $country['name'], 'city' => $country['city'] ?? null, 'cached_at' => current_time('mysql') ]); } return $country['code'] ?? 'XX'; } private function lookup_country($ip) { // Try multiple services $services = [ 'ipapi' => "http://ip-api.com/json/{$ip}?fields=status,country,countryCode,city", 'ipinfo' => "https://ipinfo.io/{$ip}/json" ]; foreach ($services as $name => $url) { $response = wp_remote_get($url, ['timeout' => 2]); if (!is_wp_error($response)) { $data = json_decode(wp_remote_retrieve_body($response), true); if ($name === 'ipapi' && $data['status'] === 'success') { return [ 'code' => $data['countryCode'], 'name' => $data['country'], 'city' => $data['city'] ]; } elseif ($name === 'ipinfo' && isset($data['country'])) { return [ 'code' => $data['country'], 'name' => $data['country'], 'city' => $data['city'] ?? null ]; } } } return null; } private function log($action, $reason, $details = '') { if (empty($this->settings['enable_logging'])) { return; } global $wpdb; $country = $action === 'geo_block' ? $details : $this->get_country_code($this->ip_address); $wpdb->insert($wpdb->prefix . 'wpban_logs', [ 'ip' => $this->ip_address, 'country_code' => $country, 'user_agent' => substr($_SERVER['HTTP_USER_AGENT'] ?? '', 0, 500), 'referer' => substr($_SERVER['HTTP_REFERER'] ?? '', 0, 500), 'uri' => substr($_SERVER['REQUEST_URI'] ?? '', 0, 500), 'action' => $action, 'reason' => $reason . ($details ? ' - ' . $details : ''), 'timestamp' => current_time('mysql') ]); } private function send_notification($type, $data = []) { if (empty($this->settings['email_notifications']['enabled']) || !in_array($type, $this->settings['email_notifications']['events'] ?? [])) { return; } // Check threshold global $wpdb; $count = $wpdb->get_var($wpdb->prepare( "SELECT COUNT(*) FROM {$wpdb->prefix}wpban_logs WHERE ip = %s AND timestamp > %s", $this->ip_address, date('Y-m-d H:i:s', strtotime('-1 hour')) )); if ($count < ($this->settings['email_notifications']['threshold'] ?? 10)) { return; } // Send email $to = $this->settings['email_notifications']['recipient']; $subject = sprintf(__('[%s] Security Alert: %s', 'wpban'), get_bloginfo('name'), $type); $message = $this->format_notification_email($type, $data); wp_mail($to, $subject, $message); } private function format_notification_email($type, $data) { $site = get_bloginfo('name'); $time = current_time('mysql'); $message = "Security alert on {$site}\n\n"; $message .= "Event: {$type}\n"; $message .= "Time: {$time}\n"; $message .= "IP Address: {$this->ip_address}\n"; $message .= "Country: " . $this->get_country_code($this->ip_address) . "\n"; if (!empty($data)) { $message .= "\nDetails:\n"; foreach ($data as $key => $value) { $message .= "- {$key}: {$value}\n"; } } $message .= "\nView logs: " . admin_url('admin.php?page=wpban-logs'); return $message; } private function show_ban_message() { $message = $this->settings['ban_message'] ?? '

Access Denied

'; $message = str_replace( ['%IP%', '%DATE%', '%SITE%'], [$this->ip_address, current_time('mysql'), get_bloginfo('name')], $message ); wp_die($message, 'Access Denied', ['response' => 403]); } private function show_browser_block_message($settings) { ?> <?php echo esc_html($settings['title']); ?>

cache_group); if ($value === false) { $value = $callback(); wp_cache_set($key, $value, $this->cache_group, $expiration); } return $value; } // Public methods for admin public function get_logs($filters = [], $page = 1, $per_page = 50) { global $wpdb; $table = $wpdb->prefix . 'wpban_logs'; $where = []; $where_values = []; if (!empty($filters['date_from'])) { $where[] = "timestamp >= %s"; $where_values[] = $filters['date_from'] . ' 00:00:00'; } if (!empty($filters['date_to'])) { $where[] = "timestamp <= %s"; $where_values[] = $filters['date_to'] . ' 23:59:59'; } if (!empty($filters['action'])) { $where[] = "action = %s"; $where_values[] = $filters['action']; } if (!empty($filters['ip'])) { $where[] = "ip LIKE %s"; $where_values[] = '%' . $wpdb->esc_like($filters['ip']) . '%'; } if (!empty($filters['country'])) { $where[] = "country_code = %s"; $where_values[] = $filters['country']; } $where_clause = $where ? 'WHERE ' . implode(' AND ', $where) : ''; // Get total count $count_query = "SELECT COUNT(*) FROM $table $where_clause"; $total = $wpdb->get_var($wpdb->prepare($count_query, $where_values)); // Get logs with pagination $offset = ($page - 1) * $per_page; $query = "SELECT * FROM $table $where_clause ORDER BY timestamp DESC LIMIT %d OFFSET %d"; $where_values[] = $per_page; $where_values[] = $offset; $logs = $wpdb->get_results($wpdb->prepare($query, $where_values)); return [ 'logs' => $logs, 'total' => $total, 'pages' => ceil($total / $per_page), 'current_page' => $page ]; } public function get_stats() { global $wpdb; $prefix = $wpdb->prefix; $stats = [ 'total_blocks' => $wpdb->get_var("SELECT COUNT(*) FROM {$prefix}wpban_logs"), 'unique_ips' => $wpdb->get_var("SELECT COUNT(DISTINCT ip) FROM {$prefix}wpban_logs"), 'today_blocks' => $wpdb->get_var($wpdb->prepare( "SELECT COUNT(*) FROM {$prefix}wpban_logs WHERE DATE(timestamp) = %s", current_time('Y-m-d') )), 'active_rules' => $this->count_active_rules(), 'top_countries' => $wpdb->get_results( "SELECT country_code, COUNT(*) as count FROM {$prefix}wpban_logs WHERE country_code IS NOT NULL GROUP BY country_code ORDER BY count DESC LIMIT 10" ), 'recent_blocks' => $wpdb->get_results( "SELECT * FROM {$prefix}wpban_logs ORDER BY timestamp DESC LIMIT 10" ) ]; return $stats; } private function count_active_rules() { $count = 0; $rule_types = [ 'banned_ips', 'banned_ranges', 'banned_hosts', 'banned_referers', 'banned_agents', 'blocked_crawlers' ]; foreach ($rule_types as $type) { $count += count($this->settings[$type] ?? []); } return $count; } public function clear_cache() { wp_cache_delete_group($this->cache_group); } public function get_templates() { return [ 'basic' => [ 'name' => __('Basic Protection', 'wpban'), 'description' => __('Essential security for most WordPress sites', 'wpban'), 'settings' => [ 'banned_agents' => ['*bot*', '*crawler*', '*spider*'], 'enable_logging' => true, 'rate_limits' => [ 'requests_per_minute' => 60, 'login_per_hour' => 5 ] ] ], 'strict' => [ 'name' => __('Strict Security', 'wpban'), 'description' => __('Maximum protection with geo-blocking and rate limiting', 'wpban'), 'settings' => [ 'banned_agents' => ['*bot*', '*crawler*', '*spider*', '*scraper*', 'curl*', 'wget*'], 'blocked_crawlers' => ['GPTBot', 'ChatGPT-User', 'ClaudeBot', 'CCBot'], 'rate_limits' => [ 'requests_per_minute' => 30, 'login_per_hour' => 3, 'api_per_minute' => 10 ], 'geo_blocking' => [ 'enabled' => true, 'blocked_countries' => [] ] ] ], 'content' => [ 'name' => __('Content Protection', 'wpban'), 'description' => __('Protect content from AI and scraping', 'wpban'), 'settings' => [ 'blocked_crawlers' => array_keys(wpban_get_crawler_list()['ai']), 'banned_agents' => ['*GPT*', '*Claude*', '*AI*Bot*'], 'rate_limits' => [ 'requests_per_minute' => 30 ] ] ], 'performance' => [ 'name' => __('Performance Mode', 'wpban'), 'description' => __('Balanced security with minimal performance impact', 'wpban'), 'settings' => [ 'enable_logging' => false, 'rate_limits' => [ 'requests_per_minute' => 120, 'login_per_hour' => 10 ] ] ] ]; } }