th.guenther/kompass
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Security Settings:

Browse Source 
xmlrpc deaktivieren
 Autorenscan deaktivieren
 Scripting in /wp-content/uploads/ deaktivieren
 Zugriff auf potenziell sensible Dateien blockieren
 Dateieditor im WP Dashboard deaktivieren
 Skriptverkettung deaktivieren
 Skriptausführung im Include-Verzeichnis deaktivieren
 Zugriff von ungewollten Bots verbieten
 Auflistung von Verzeichnissen deaktivieren
 Debug-Ausgaben deaktivieren
 Login-URL ändern
This commit is contained in:
Thomas Günther
2024-02-21 21:31:00 +01:00
parent 69322d64f3
commit 80fb6cd452
22 changed files with 1062 additions and 370 deletions
Download Patch File Download Diff File Expand all files Collapse all files

56
includes/FileAccess.class.php Normal file
View File

@@ -0,0 +1,56 @@
<?php
declare(strict_types=1);
namespace Bdp\Libs;
class FileAccess extends \WP_Filesystem_Direct
{
public const HTACCESS_MAIN = '/.htaccess';
public const HTACCESS_UPLOADS = '/wp-content/uploads/.htaccess';
public function __construct( $arg = null )
{
if ( ! defined( 'FS_CHMOD_FILE' ) ) {
define( 'FS_CHMOD_FILE', ( fileperms( ABSPATH . 'index.php' ) & 0777 | 0644 ) );
}
}
public static function htaccessContains(string $needle, $file = self::HTACCESS_MAIN) : bool
{
return str_contains(FileAccess::readHtaccess($file), $needle);
}
public static function readHtaccess($file = self::HTACCESS_MAIN) : string
{
$wfs = new self();
if (!$wfs->exists(ABSPATH . $file)) {
return '';
}
return $wfs->get_contents(ABSPATH . $file);
}
public static function writeHtaccess(string $value, $file = self::HTACCESS_MAIN) : bool
{
$wfs = new self();
$wfs->put_contents(ABSPATH . $file, $value);
return true;
}
public static function insertInHtaccess(string $element, $file = self::HTACCESS_MAIN) : bool
{
if (FileAccess::htaccessContains($element, $file)) {
return true;
}
$htaccessFile = FileAccess::readHtaccess($file);
$htaccessFile .= PHP_EOL . $element . PHP_EOL;
FileAccess::writeHtaccess($htaccessFile, $file);
return true;
}
public static function deleteFromHtaccess(string $element, $file = self::HTACCESS_MAIN) : bool {
$htaccessFile = str_replace($element . PHP_EOL, '', FileAccess::readHtaccess($file));
return FileAccess::writeHtaccess($htaccessFile, $file);
}
}