Create New Item
Item Type
File
Folder
Item Name
Search file in folder and subfolders...
Are you sure want to rename?
overpastor
/
wp
/
wp.
/
wp-content
/
plugins
/
imunify-security
/
inc
/
App
/
Defender
/
Handler
:
Handler.php
Advanced Search
Upload
New Item
Settings
Back
Back Up
Advanced Editor
Save
<?php /** * Copyright (с) Cloud Linux GmbH & Cloud Linux Software, Inc 2010-2025 All Rights Reserved * * Licensed under CLOUD LINUX LICENSE AGREEMENT * https://www.cloudlinux.com/legal/ */ namespace CloudLinux\Imunify\App\Defender\Handler; use CloudLinux\Imunify\App\Defender\ConditionEvaluator; use CloudLinux\Imunify\App\Defender\IncidentRecorder; use CloudLinux\Imunify\App\Defender\Model\Rule; use CloudLinux\Imunify\App\Defender\Model\RuleMode; use CloudLinux\Imunify\App\Defender\Model\TargetInfo; use CloudLinux\Imunify\App\Defender\Request; use CloudLinux\Imunify\App\Defender\RuleHitTracker; /** * Handler class for rule handlers in the Defender module. * Provides common functionality for blocking requests and handling configuration. * * @since 2.1.0 */ class Handler implements HandlerInterface { /** * Rule object for this handler. * * @var Rule */ protected $rule; /** * Request object. * * @var Request */ protected $request; /** * Incident recorder. * * @var IncidentRecorder */ protected $incidentRecorder; /** * Rule hit tracker. * * @var RuleHitTracker */ protected $hitTracker; /** * Target information. * * @var TargetInfo */ protected $targetInfo; /** * Ruleset version. * * @var string */ protected $version; /** * Optional condition evaluator override. * * @since 3.0.4 * * @var ConditionEvaluator|null */ private $conditionEvaluator = null; /** * Constructor. * * @param Rule $rule Rule object. * @param Request $request Request object. * @param IncidentRecorder $incidentRecorder Incident recorder instance. * @param RuleHitTracker $hitTracker Rule hit tracker instance. * @param TargetInfo $targetInfo Target information. * @param string $version Ruleset version. */ public function __construct( $rule, $request, $incidentRecorder, $hitTracker, $targetInfo, $version = '' ) { $this->rule = $rule; $this->request = $request; $this->incidentRecorder = $incidentRecorder; $this->hitTracker = $hitTracker; $this->targetInfo = $targetInfo; $this->version = $version; } /** * {@inheritDoc} */ public function apply() { $hooks = $this->getHooks(); foreach ( $hooks as $hook ) { add_action( $hook, array( $this, 'maybeBlock' ), 0 ); } } /** * Get the hooks to which this handler should be applied. * * @return array */ protected function getHooks() { // Check for AJAX action configuration. if ( $this->rule->getAjaxAction() ) { $ajaxAction = $this->rule->getAjaxAction(); return array( 'wp_ajax_' . $ajaxAction, 'wp_ajax_nopriv_' . $ajaxAction, ); } // Check for regular action configuration. if ( $this->rule->getAction() ) { return array( $this->rule->getAction() ); } return array(); } /** * Set a custom condition evaluator (used in tests). * * @since 3.0.4 * * @param ConditionEvaluator $evaluator Evaluator instance. * * @return void */ public function setConditionEvaluator( ConditionEvaluator $evaluator ) { $this->conditionEvaluator = $evaluator; } /** * {@inheritDoc} */ public function maybeBlock() { $conditions = $this->rule->getConditions(); if ( ! empty( $conditions ) ) { $evaluator = $this->conditionEvaluator ? $this->conditionEvaluator : new ConditionEvaluator(); if ( ! $evaluator->evaluateConditions( $conditions, $this->request ) ) { return; } $probeData = $evaluator->getProbeData(); if ( null !== $probeData ) { $this->rule->setProbeData( (string) $probeData ); } } $this->processIncident(); } /** * Process a security incident by evaluating the rule mode and potentially blocking. * * Records the incident and blocks if mode is 'block'. * * @since 3.0.4 Data-collection hit tracking skip; probe data read from Rule. * * @return void */ protected function processIncident() { do_action( 'imunify_security_set_error_handler' ); $this->incidentRecorder->recordIncident( $this->rule, $this->rule->getMode(), $this->targetInfo, $this->request, $this->version ); do_action( 'imunify_security_restore_error_handler' ); if ( ! $this->rule->isInternal() ) { $this->hitTracker->recordHit( $this->rule ); } if ( $this->rule->getMode() === RuleMode::PASS ) { return; } $this->blockRequest(); } /** * Block the request by sending a 403 response and terminating execution. * * @return void */ protected function blockRequest() { nocache_headers(); status_header( 403 ); die; } }