File "Handler.php"
Full Path: /home/lacostenacom/public_html/wp/wp./wp-content/plugins/imunify-security/inc/App/Defender/Handler/Handler.php
File size: 4.56 KB
MIME-type: text/x-php
Charset: utf-8
<?php
/**
* Copyright (с) Cloud Linux GmbH & Cloud Linux Software, Inc 2010-2025 All Rights Reserved
*
* Licensed under CLOUD LINUX LICENSE AGREEMENT
* https://www.cloudlinux.com/legal/
*/
namespace CloudLinux\Imunify\App\Defender\Handler;
use CloudLinux\Imunify\App\Defender\ConditionEvaluator;
use CloudLinux\Imunify\App\Defender\IncidentRecorder;
use CloudLinux\Imunify\App\Defender\Model\Rule;
use CloudLinux\Imunify\App\Defender\Model\RuleMode;
use CloudLinux\Imunify\App\Defender\Model\TargetInfo;
use CloudLinux\Imunify\App\Defender\Request;
use CloudLinux\Imunify\App\Defender\RuleHitTracker;
/**
* Handler class for rule handlers in the Defender module.
* Provides common functionality for blocking requests and handling configuration.
*
* @since 2.1.0
*/
class Handler implements HandlerInterface {
/**
* Rule object for this handler.
*
* @var Rule
*/
protected $rule;
/**
* Request object.
*
* @var Request
*/
protected $request;
/**
* Incident recorder.
*
* @var IncidentRecorder
*/
protected $incidentRecorder;
/**
* Rule hit tracker.
*
* @var RuleHitTracker
*/
protected $hitTracker;
/**
* Target information.
*
* @var TargetInfo
*/
protected $targetInfo;
/**
* Ruleset version.
*
* @var string
*/
protected $version;
/**
* Optional condition evaluator override.
*
* @since 3.0.4
*
* @var ConditionEvaluator|null
*/
private $conditionEvaluator = null;
/**
* Constructor.
*
* @param Rule $rule Rule object.
* @param Request $request Request object.
* @param IncidentRecorder $incidentRecorder Incident recorder instance.
* @param RuleHitTracker $hitTracker Rule hit tracker instance.
* @param TargetInfo $targetInfo Target information.
* @param string $version Ruleset version.
*/
public function __construct( $rule, $request, $incidentRecorder, $hitTracker, $targetInfo, $version = '' ) {
$this->rule = $rule;
$this->request = $request;
$this->incidentRecorder = $incidentRecorder;
$this->hitTracker = $hitTracker;
$this->targetInfo = $targetInfo;
$this->version = $version;
}
/**
* {@inheritDoc}
*/
public function apply() {
$hooks = $this->getHooks();
foreach ( $hooks as $hook ) {
add_action( $hook, array( $this, 'maybeBlock' ), 0 );
}
}
/**
* Get the hooks to which this handler should be applied.
*
* @return array
*/
protected function getHooks() {
// Check for AJAX action configuration.
if ( $this->rule->getAjaxAction() ) {
$ajaxAction = $this->rule->getAjaxAction();
return array(
'wp_ajax_' . $ajaxAction,
'wp_ajax_nopriv_' . $ajaxAction,
);
}
// Check for regular action configuration.
if ( $this->rule->getAction() ) {
return array( $this->rule->getAction() );
}
return array();
}
/**
* Set a custom condition evaluator (used in tests).
*
* @since 3.0.4
*
* @param ConditionEvaluator $evaluator Evaluator instance.
*
* @return void
*/
public function setConditionEvaluator( ConditionEvaluator $evaluator ) {
$this->conditionEvaluator = $evaluator;
}
/**
* {@inheritDoc}
*/
public function maybeBlock() {
$conditions = $this->rule->getConditions();
if ( ! empty( $conditions ) ) {
$evaluator = $this->conditionEvaluator
? $this->conditionEvaluator
: new ConditionEvaluator();
if ( ! $evaluator->evaluateConditions( $conditions, $this->request ) ) {
return;
}
$probeData = $evaluator->getProbeData();
if ( null !== $probeData ) {
$this->rule->setProbeData( (string) $probeData );
}
}
$this->processIncident();
}
/**
* Process a security incident by evaluating the rule mode and potentially blocking.
*
* Records the incident and blocks if mode is 'block'.
*
* @since 3.0.4 Data-collection hit tracking skip; probe data read from Rule.
*
* @return void
*/
protected function processIncident() {
do_action( 'imunify_security_set_error_handler' );
$this->incidentRecorder->recordIncident( $this->rule, $this->rule->getMode(), $this->targetInfo, $this->request, $this->version );
do_action( 'imunify_security_restore_error_handler' );
if ( ! $this->rule->isInternal() ) {
$this->hitTracker->recordHit( $this->rule );
}
if ( $this->rule->getMode() === RuleMode::PASS ) {
return;
}
$this->blockRequest();
}
/**
* Block the request by sending a 403 response and terminating execution.
*
* @return void
*/
protected function blockRequest() {
nocache_headers();
status_header( 403 );
die;
}
}