84 lines
2.2 KiB
PHP
84 lines
2.2 KiB
PHP
<?php
|
|
namespace Bdp\Modules\Security;
|
|
|
|
|
|
use ZipArchive;
|
|
|
|
|
|
|
|
class Security
|
|
{
|
|
public const required_security_plugins = [];
|
|
|
|
|
|
public const delete_plugins = [
|
|
'akismet/akismet.php',
|
|
'hello.php',
|
|
'limit-login-attempts-reloaded',
|
|
'wps-hide-login/wps-hide-login.php'
|
|
];
|
|
|
|
public static function setup()
|
|
{
|
|
self::deletePlugins();
|
|
foreach (self::required_security_plugins as $pluginSlug => $pluginData) {
|
|
if (!is_dir(WP_PLUGIN_DIR . '/' . $pluginSlug)) {
|
|
self::installSecurityPlugin($pluginSlug, $pluginData['downloadUrl']);
|
|
}
|
|
}
|
|
|
|
$loginUrl = get_option('whl_page', null) ?? 'bdp-login';
|
|
enable_option_rewrite_url($loginUrl);
|
|
enable_option_disable_xmlrpc();
|
|
enable_option_block_authorscan();
|
|
enable_option_block_execution_in_uploads();
|
|
enable_option_prohibit_special_files();
|
|
enable_option_file_editor();
|
|
enable_option_disable_conatenation();
|
|
enable_option_secure_include_dir();
|
|
enable_option_prohibit_bot_access();
|
|
enable_option_block_directory_listing();
|
|
|
|
}
|
|
|
|
public static function deletePlugins() {
|
|
deactivate_plugins(self::delete_plugins);
|
|
delete_plugins(self::delete_plugins);
|
|
}
|
|
|
|
|
|
public static function installSecurityPlugin(string $pluginSlug, string $downloadUrl) : bool
|
|
{
|
|
$ch = curl_init();
|
|
$source = $downloadUrl;
|
|
curl_setopt($ch, CURLOPT_URL, $source);
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
|
|
$data = curl_exec ($ch);
|
|
curl_close ($ch);
|
|
|
|
$destination = WP_PLUGIN_DIR . '/' . $pluginSlug . '.zip';
|
|
$file = fopen($destination, "w+");
|
|
fputs($file, $data);
|
|
fclose($file);
|
|
|
|
$zip = new ZipArchive();
|
|
$zip->open($destination);
|
|
$zip->extractTo(WP_PLUGIN_DIR);
|
|
$zip->close();
|
|
unlink($destination);
|
|
|
|
$pluginInfos = get_plugins( '/'.$pluginSlug );
|
|
$installfile = $pluginSlug . '/';
|
|
if( ! empty( $pluginInfos ) ) {
|
|
foreach ($pluginInfos as $file => $info) :
|
|
$installfile .= $file;
|
|
endforeach;
|
|
}
|
|
|
|
|
|
|
|
$result = activate_plugin($installfile);
|
|
|
|
return $result === null;
|
|
}
|
|
} |