'Basic Firewall Rules', 'tab2' => 'Additional Firewall Rules', 'tab3' => '5G Blacklist Firewall Rules', ); var $menu_tabs_handler = array( 'tab1' => 'render_tab1', 'tab2' => 'render_tab2', 'tab3' => 'render_tab3', ); function __construct() { $this->render_menu_page(); } function get_current_tab() { $tab_keys = array_keys($this->menu_tabs); $tab = isset( $_GET['tab'] ) ? $_GET['tab'] : $tab_keys[0]; return $tab; } /* * Renders our tabs of this menu as nav items */ function render_menu_tabs() { $current_tab = $this->get_current_tab(); echo '

'; foreach ( $this->menu_tabs as $tab_key => $tab_caption ) { $active = $current_tab == $tab_key ? 'nav-tab-active' : ''; echo '' . $tab_caption . ''; } echo '

'; } /* * The menu rendering goes here */ function render_menu_page() { $tab = $this->get_current_tab(); ?>

render_menu_tabs(); //$tab_keys = array_keys($this->menu_tabs); call_user_func(array(&$this, $this->menu_tabs_handler[$tab])); ?>

debug_logger->log_debug("Nonce check failed on enable basic firewall settings!",4); die("Nonce check failed on enable basic firewall settings!"); } //Save settings if(isset($_POST['aiowps_enable_basic_firewall'])) { $aio_wp_security->configs->set_value('aiowps_enable_basic_firewall','1'); } else { $aio_wp_security->configs->set_value('aiowps_enable_basic_firewall',''); } //Commit the config settings $aio_wp_security->configs->save_config(); //Now let's write the applicable rules to the .htaccess file $res = AIOWPSecurity_Utility_Htaccess::write_to_htaccess(); if ($res) { $this->show_msg_updated(__('You have successfully saved the Basic Firewall Protection configuration', 'aiowpsecurity')); } else if($res == -1) { $this->show_msg_error(__('Could not write to the .htaccess file. Please check the file permissions.', 'aiowpsecurity')); } } ?>

backup'; $info_msg = sprintf( __('This should not have any impact on your site\'s general functionality but if you wish you can take a %s of your .htaccess file before proceeding.', 'aiowpsecurity'), $backup_tab_link); echo '

'.__('This feature allows you to activate some basic firewall security protection rules for your site.', 'aiowpsecurity'). '
'.__('The firewall functionality is achieved via the insertion of special code into your currently active .htaccess file.', 'aiowpsecurity'). '
'.$info_msg.'

'; ?>

output_feature_details_badge("firewall-basic-rules"); ?>

:	configs->get_value('aiowps_enable_basic_firewall')=='1') echo ' checked="checked"'; ?> value="1"/> + '.__('This setting will implement the following basic firewall protection mechanisms on your site:', 'aiowpsecurity').' '; echo ' '.__('1) Protect your htaccess file by denying access to it.', 'aiowpsecurity').' '; echo ' '.__('2) Disable the server signature.', 'aiowpsecurity').' '; echo ' '.__('3) Limit file upload size (10MB).', 'aiowpsecurity').' '; echo ' '.__('4) Protect your wp-config.php file by denying access to it.', 'aiowpsecurity').' '; echo ' '.__('The above firewall features will be applied via your .htaccess file and should not affect your site\'s overall functionality.', 'aiowpsecurity').' '; echo ' '.__('You are still advised to take a backup of your active .htaccess file just in case.', 'aiowpsecurity').' '; ?>

configs->get_value('aiowps_enable_basic_firewall')=='1') echo ' checked="checked"'; ?> value="1"/> +

'.__('This setting will implement the following basic firewall protection mechanisms on your site:', 'aiowpsecurity').'

'; echo '

'.__('1) Protect your htaccess file by denying access to it.', 'aiowpsecurity').'

'; echo '

'.__('2) Disable the server signature.', 'aiowpsecurity').'

'; echo '

'.__('3) Limit file upload size (10MB).', 'aiowpsecurity').'

'; echo '

'.__('4) Protect your wp-config.php file by denying access to it.', 'aiowpsecurity').'

'; echo '

'.__('The above firewall features will be applied via your .htaccess file and should not affect your site\'s overall functionality.', 'aiowpsecurity').'

'; echo '

'.__('You are still advised to take a backup of your active .htaccess file just in case.', 'aiowpsecurity').'

'; ?>

debug_logger->log_debug("Nonce check failed on enable advanced firewall settings!",4); die("Nonce check failed on enable advanced firewall settings!"); } //Save settings if(isset($_POST['aiowps_disable_index_views'])) { $aio_wp_security->configs->set_value('aiowps_disable_index_views','1'); } else { $aio_wp_security->configs->set_value('aiowps_disable_index_views',''); } if(isset($_POST['aiowps_disable_trace_and_track'])) { $aio_wp_security->configs->set_value('aiowps_disable_trace_and_track','1'); } else { $aio_wp_security->configs->set_value('aiowps_disable_trace_and_track',''); } if(isset($_POST['aiowps_forbid_proxy_comments'])) { $aio_wp_security->configs->set_value('aiowps_forbid_proxy_comments','1'); } else { $aio_wp_security->configs->set_value('aiowps_forbid_proxy_comments',''); } if(isset($_POST['aiowps_deny_bad_query_strings'])) { $aio_wp_security->configs->set_value('aiowps_deny_bad_query_strings','1'); } else { $aio_wp_security->configs->set_value('aiowps_deny_bad_query_strings',''); } if(isset($_POST['aiowps_advanced_char_string_filter'])) { $aio_wp_security->configs->set_value('aiowps_advanced_char_string_filter','1'); } else { $aio_wp_security->configs->set_value('aiowps_advanced_char_string_filter',''); } //Commit the config settings $aio_wp_security->configs->save_config(); //Now let's write the applicable rules to the .htaccess file $res = AIOWPSecurity_Utility_Htaccess::write_to_htaccess(); if ($res) { $this->show_msg_updated(__('You have successfully saved the Additional Firewall Protection configuration', 'aiowpsecurity')); } else if($res == -1) { $this->show_msg_error(__('Could not write to the .htaccess file. Please check the file permissions.', 'aiowpsecurity')); } } ?>

backup'; $info_msg = sprintf( __('Due to the nature of the code being inserted to the .htaccess file, this feature may break some functionality for certain plugins and you are therefore advised to take a %s of .htaccess before applying this configuration.', 'aiowpsecurity'), $backup_tab_link); echo '

'.__('This feature allows you to activate more advanced firewall settings to your site.', 'aiowpsecurity'). '
'.__('The advanced firewall rules are applied via the insertion of special code to your currently active .htaccess file.', 'aiowpsecurity'). '
'.$info_msg.'

'; ?>

output_feature_details_badge("firewall-disable-index-views"); ?>

:	configs->get_value('aiowps_disable_index_views')=='1') echo ' checked="checked"'; ?> value="1"/> + '; _e('This feature will prevent the listing of contents for all directories.', 'aiowpsecurity'); echo ' '; _e('NOTE: In order for this feature to work "AllowOverride" must be enabled in your httpd.conf file. Ask your hosting provider to check this if you don\'t have access to httpd.conf', 'aiowpsecurity'); ?>

configs->get_value('aiowps_disable_index_views')=='1') echo ' checked="checked"'; ?> value="1"/> +

'; _e('This feature will prevent the listing of contents for all directories.', 'aiowpsecurity'); echo '
'; _e('NOTE: In order for this feature to work "AllowOverride" must be enabled in your httpd.conf file. Ask your hosting provider to check this if you don\'t have access to httpd.conf', 'aiowpsecurity'); ?>

output_feature_details_badge("firewall-disable-trace-track"); ?>

:	configs->get_value('aiowps_disable_trace_and_track')=='1') echo ' checked="checked"'; ?> value="1"/> + '; _e('This hacking technique is usually used together with cross site scripting attacks (XSS).', 'aiowpsecurity'); echo ' '; _e('Disabling trace and track on your site will help prevent HTTP Trace attacks.', 'aiowpsecurity'); ?>

output_feature_details_badge("firewall-forbid-proxy-comments"); ?>

:	configs->get_value('aiowps_forbid_proxy_comments')=='1') echo ' checked="checked"'; ?> value="1"/> + '.__('By forbidding proxy comments you are in effect eliminating some SPAM and other proxy requests.', 'aiowpsecurity'); ?>

output_feature_details_badge("firewall-deny-bad-queries"); ?>

:	configs->get_value('aiowps_deny_bad_query_strings')=='1') echo ' checked="checked"'; ?> value="1"/> + '.__('NOTE: Some of these strings might be used for plugins or themes and hence this might break some functionality.', 'aiowpsecurity'); echo ' '.__('You are therefore strongly advised to take a backup of your active .htaccess file before applying this feature.', 'aiowpsecurity').''; ?>

output_feature_details_badge("firewall-advanced-character-string-filter"); ?>

:	configs->get_value('aiowps_advanced_char_string_filter')=='1') echo ' checked="checked"'; ?> value="1"/> + '.__('This setting matches for common malicious string patterns and exploits and will produce a 403 error for the hacker attempting the query.', 'aiowpsecurity'); echo ' '.__('NOTE: Some strings for this setting might break some functionality.', 'aiowpsecurity'); echo ' '.__('You are therefore strongly advised to take a backup of your active .htaccess file before applying this feature.', 'aiowpsecurity').''; ?>

configs->get_value('aiowps_advanced_char_string_filter')=='1') echo ' checked="checked"'; ?> value="1"/> +

'.__('This setting matches for common malicious string patterns and exploits and will produce a 403 error for the hacker attempting the query.', 'aiowpsecurity'); echo '
'.__('NOTE: Some strings for this setting might break some functionality.', 'aiowpsecurity'); echo '
'.__('You are therefore strongly advised to take a backup of your active .htaccess file before applying this feature.', 'aiowpsecurity').''; ?>

debug_logger->log_debug("Nonce check failed on enable 5G firewall settings!",4); die("Nonce check failed on enable 5G firewall settings!"); } //Save settings if(isset($_POST['aiowps_enable_5g_firewall'])) { $aio_wp_security->configs->set_value('aiowps_enable_5g_firewall','1'); } else { $aio_wp_security->configs->set_value('aiowps_enable_5g_firewall',''); } //Commit the config settings $aio_wp_security->configs->save_config(); //Now let's write the applicable rules to the .htaccess file $res = AIOWPSecurity_Utility_Htaccess::write_to_htaccess(); if ($res) { $this->show_msg_updated(__('You have successfully saved the 5G Firewall Protection configuration', 'aiowpsecurity')); } else if($res == -1) { $this->show_msg_error(__('Could not write to the .htaccess file. Please check the file permissions.', 'aiowpsecurity')); } } ?>

backup'; $info_msg = '

'.sprintf( __('This feature allows you to activate the 5G firewall security protection rules designed and produced by %s.', 'aiowpsecurity'), 'Perishable Press').'

'; $info_msg .= '

'.__('The 5G Blacklist is a simple, flexible blacklist that helps reduce the number of malicious URL requests that hit your website.', 'aiowpsecurity').'

'; $info_msg .= '

'.__('The added advantage of applying the 5G firewall to your site is that it has been tested and confirmed by the people at PerishablePress.com to be an optimal and least disruptive set of .htaccess security rules for general WP sites running on an Apache server or similar.', 'aiowpsecurity').'

'; $info_msg .= '

'.sprintf( __('Therefore the 5G firewall rules should not have any impact on your site\'s general functionality but if you wish you can take a %s of your .htaccess file before proceeding.', 'aiowpsecurity'), $backup_tab_link).'

'; echo $info_msg; ?>

output_feature_details_badge("firewall-enable-5g-blacklist"); ?>

:	configs->get_value('aiowps_enable_5g_firewall')=='1') echo ' checked="checked"'; ?> value="1"/> + '.__('This setting will implement the 5G security firewall protection mechanisms on your site which include the following things:', 'aiowpsecurity').' '; echo ' '.__('1) Block forbidden characters commonly used in exploitative attacks.', 'aiowpsecurity').' '; echo ' '.__('2) Block malicious encoded URL characters such as the ".css(" string.', 'aiowpsecurity').' '; echo ' '.__('3) Guard against the common patterns and specific exploits in the root portion of targeted URLs.', 'aiowpsecurity').' '; echo ' '.__('4) Stop attackers from manipulating query strings by disallowing illicit characters.', 'aiowpsecurity').' '; echo ' '.__('....and much more.', 'aiowpsecurity').' '; ?>

configs->get_value('aiowps_enable_5g_firewall')=='1') echo ' checked="checked"'; ?> value="1"/> +

'.__('This setting will implement the 5G security firewall protection mechanisms on your site which include the following things:', 'aiowpsecurity').'

'; echo '

'.__('1) Block forbidden characters commonly used in exploitative attacks.', 'aiowpsecurity').'

'; echo '

'.__('2) Block malicious encoded URL characters such as the ".css(" string.', 'aiowpsecurity').'

'; echo '

'.__('3) Guard against the common patterns and specific exploits in the root portion of targeted URLs.', 'aiowpsecurity').'

'; echo '

'.__('4) Stop attackers from manipulating query strings by disallowing illicit characters.', 'aiowpsecurity').'

'; echo '

'.__('....and much more.', 'aiowpsecurity').'

'; ?>