Merge remote-tracking branch 'origin/cdn_self_check.ag' into cdn_self…

…_check.ag
CleanTalk · Jan 12, 2024 · a40e905 · a40e905
2 parents 4838a22 + ec19dc6
commit a40e905
Show file tree

Hide file tree

Showing 13 changed files with 626 additions and 60 deletions.
diff --git a/inc/spbc-settings.php b/inc/spbc-settings.php
@@ -1,5 +1,7 @@
 <?php
 
+use CleantalkSP\SpbctWP\Cron as SpbcCron;
+use CleantalkSP\SpbctWP\HTTP\CDNHeadersChecker;
 use CleantalkSP\SpbctWP\Scanner\ScanningLog\ScanningLogFacade;
 use CleantalkSP\Variables\Post;
 use CleantalkSP\Variables\Server;
@@ -534,6 +536,12 @@ function spbc_settings__register()
                                 'options'    => spbc_settings_field__secfw__get_ip__get_labels(),
                                 'title'      => __('Get visitors IP from additional headers', 'security-malware-firewall'),
                                 'description' => spbc_settings_field__secfw__get_ip__get_description(),
+                                'long_description' => true,
+                            ),
+                            'secfw__get_ip__enable_cdn_auto_self_check' => array(
+                                'type'       => 'field',
+                                'title'      => __('Enable automatic CDN headers checker', 'security-malware-firewall'),
+                                'description' => CDNHeadersChecker::getOptionDescriptionText(),
                             ),
                         ),
                     ),
@@ -1647,6 +1655,16 @@ function spbc_field_statistics()
             : __('Unknown last PHP log sending time.', 'security-malware-firewall'));
     }
 
+    echo '<br/>';
+
+
+    //cdn checker data
+    add_filter('safe_style_css', function ($styles) {
+        $styles[] = 'display';
+        return $styles;
+    });
+    echo Escape::escKsesPreset(CDNHeadersChecker::getSummaryBlockHTML(), 'spbc_cdn_checker_table');
+
     echo '<br/>';
     echo 'Plugin version: ' . SPBC_VERSION;
     echo '</div>';
@@ -4703,6 +4721,10 @@ function spbc_settings__get_description()
             'desc'  => __('The file hash is in denied list. It means that the Security analysts have marked this file
              as critically dangerous early. We do recommend you to order the Security Audit service.', 'security-malware-firewall')
         ),
+        'secfw__get_ip' => array(
+            'title' => IP::getOptionLongDescriptionArray()['title'],
+            'desc'  => IP::getOptionLongDescriptionArray()['desc'],
+        ),
         'no_description' => array(
             'title' => esc_html($setting_id),
             'desc'  => __('No description provided yet for this item. We are sorry about this. Please, contact [email protected] for further help.', 'security-malware-firewall'),
@@ -4977,6 +4999,17 @@ function spbc__send_local_settings_to_api($settings)
     API::methodSendLocalSettings($api_key, $hostname, $settings);
 }
 
+add_action('spbc_before_returning_settings', 'spbc_cdn_checker__run_check_on_settings_change');
+
+function spbc_cdn_checker__run_check_on_settings_change($settings)
+{
+    if ( isset($settings['secfw__get_ip__enable_cdn_auto_self_check']) && $settings['secfw__get_ip__enable_cdn_auto_self_check'] != 0) {
+        CDNHeadersChecker::sendCDNCheckerRequest();
+        SpbcCron::updateTask('cdn_check', 'spbc_cdn_checker__send_request', 86400, time() + 86400);
+    }
+}
+
+
 /**
  *
  */
@@ -5019,24 +5052,10 @@ function spbc_settings_field__secfw__get_ip__get_description()
 
 function spbc_settings_field__secfw__get_ip__get_labels()
 {
-    $available_header = array(
-        2  => array('slug' => 'remote_addr', 'name' => 'Remote Addr'),
-        3  => array('slug' => 'x_forwarded_for', 'name' => 'X-Forwarder-For'),
-        4  => array('slug' => 'x_real_ip', 'name' => 'X-Real-Ip'),
-        5  => array('slug' => 'incapsula', 'name' => 'Incap-Client-Ip'),
-        6  => array('slug' => 'ico_x_forwarded_for', 'name' => 'Ico-X-Forwarded-For'),
-        7  => array('slug' => 'stackpath', 'name' => 'X-Sp-Forwarded-Ip'),
-        8  => array('slug' => 'x_forwarded_by', 'name' => 'X-Client-Ip'),
-        9  => array('slug' => 'sucury', 'name' => 'X-Sucuri-Clientip'),
-        10 => array('slug' => 'ezoic', 'name' => 'X-Middleton-Ip'),
-        11 => array('slug' => 'gtranslate', 'name' => 'X-Gt-Viewer-Ip'),
-        12 => array('slug' => 'cloud_flare', 'name' => 'Cf-Connecting-Ip'),
-        13 => array('slug' => 'ovh', 'name' => 'Remote-Ip'),
-    );
     $options          = array();
     $options[]        = array('val' => 1, 'label' => __('Auto', 'security-malware-firewall'),);
 
-    foreach ( $available_header as $key => $header ) {
+    foreach (IP::$known_headers_collection as $key => $header ) {
         IP::get($header['slug'], [], true);
         $option_value = $header['name'];
         $option_value .= isset(IP::getInstance()->ips_stored[$header['slug']])

diff --git a/js/spbc-admin.min.js b/js/spbc-admin.min.js
diff --git a/js/src/spbc-admin.js b/js/src/spbc-admin.js
@@ -60,8 +60,8 @@ function spbcDisableG2fa( element ) {
 }
 
 jQuery(document).ready(function(){
-	
-	// Auto update banner close handler 
+
+	// Auto update banner close handler
 	jQuery('.spbc_update_notice').on('click', 'button', function(){
 		spbc_setCookie('spbc_update_banner_closed', 1, 86400 * 30);
 	});
@@ -137,4 +137,17 @@ jQuery(document).ready(function(){
 	if (+spbcSettings.needToWhitelist === 1) {
 		spbc_sendAJAXRequest( { 'action' : 'spbc_private_list_add' }, { 'callback' : null } );
 	}
-});
+});
+
+function spbcSummaryShowCDNCheckerTable()
+{
+	event.preventDefault()
+	let table = document.getElementById('spbc_stats_cdn_checker_table')
+	if (typeof (table) !== 'undefined') {
+		if (table.style.display === 'block') {
+			table.style.display = 'none'
+		} else {
+			table.style.display = 'block'
+		}
+	}
+}
diff --git a/js/src/spbc-settings_tab--summary.js b/js/src/spbc-settings_tab--summary.js
@@ -1,3 +1,3 @@
 jQuery(document).ready(function(){
 	console.log('TAB - SUMMARY');
-});
+});
diff --git a/lib/CleantalkSP/Common/HTTP/Request.php b/lib/CleantalkSP/Common/HTTP/Request.php
@@ -446,7 +446,6 @@ protected function processPresets()
                     $this->options[CURLOPT_FOLLOWLOCATION] = false;
                     $this->options[CURLOPT_MAXREDIRS]      = 0;
                     break;
-                // Get headers only
                 case 'get_code':
                     $this->options[CURLOPT_HEADER] = true;
                     $this->options[CURLOPT_NOBODY] = true;
@@ -459,7 +458,6 @@ static function (Response $response) {
                         true
                     );
                     break;
-                // Get headers only
                 case 'split_to_array':
                     $this->addCallback(
                         static function ($response_content) {

diff --git a/lib/CleantalkSP/SpbctWP/Activator.php b/lib/CleantalkSP/SpbctWP/Activator.php
@@ -3,6 +3,7 @@
 namespace CleantalkSP\SpbctWP;
 
 use CleantalkSP\SpbctWP\Cron as SpbcCron;
+use CleantalkSP\SpbctWP\HTTP\CDNHeadersChecker;
 
 class Activator
 {
@@ -17,6 +18,8 @@ public static function activation($network, $redirect = true)
     {
         global $wpdb, $spbc;
 
+        CDNHeadersChecker::sendCDNCheckerRequest();
+
         if ( current_action() !== 'wp_insert_site' ) {
             delete_option('spbc_deactivation_in_process');
         }
@@ -85,6 +88,7 @@ public static function activation($network, $redirect = true)
             SpbcCron::addTask('service_get', 'spbct_perform_service_get', 86400, time() + 3500);
             SpbcCron::addTask('security_log_clear', 'spbc_security_log_clear', 86400, time() + 43200);
             SpbcCron::addTask('get_brief_data', 'spbc_set_brief_data', 86400, time() + 1800);
+            SpbcCron::addTask('cdn_check', 'spbc_cdn_checker__send_request', 86400, time() + 86400);
 
             if ( empty($spbc->errors['configuration']) ) {
                 $scanner_launch_data = spbc_get_custom_scanner_launch_data(true);

diff --git a/lib/CleantalkSP/SpbctWP/Escape.php b/lib/CleantalkSP/SpbctWP/Escape.php
@@ -100,6 +100,34 @@ public static function escKsesPreset($string, $preset = null, $_allowed_protocol
                     'href' => true,
                 ),
             ),
+            'spbc_cdn_checker_table' => array(
+                'a' => array(
+                    'style' => true,
+                    'href' => true,
+                    'onclick' => true,
+                ),
+                'p' => array(),
+                'b' => array(),
+                'table' => array(
+                    'id' => true,
+                    'style' => true,
+                ),
+                'tr' => array(
+                    'class' => true,
+                    'style' => true,
+                ),
+                'th' => array(
+                    'style' => true,
+                    'class' => true,
+                ),
+                'td' => array(
+                    'colspan' => true,
+                    'style' => true,
+                    'class' => true,
+                ),
+                'tbody' => true,
+                'div' => array()
+            ),
             'spbc_settings__notice_autosend' => array(
                 'div' => array(
                     'class' => true,