-
Notifications
You must be signed in to change notification settings - Fork 0
/
ghobe.php
124 lines (105 loc) · 3.46 KB
/
ghobe.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
<?php
/**
* Copyright 2013 ghobe' Brute Force Blocker (email : [email protected])
*
* This program is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License, version 3, as published by the
* Free Software Foundation.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
* FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License along with
* this program; if not, write to the Free Software Foundation, Inc., 51 Franklin
* St, Fifth Floor, Boston, MA 02110-1301 USA
*
*/
/**
* @package ghobe' Brute Force Blocker
* @author Marion Dorsett <[email protected]>
* @license http://www.gnu.org/licenses/licenses.html GPL3
*
* ghobe' translated from Kligon is `No`.
*
* The purpose of this file is to make a valid attempt to stop brute force login
* attacks against your WordPress installation.
*
* If you have not yet installed the WordFence plugin by Mark Maunder, you should
* do that as well:
*
* http://www.wordfence.com/
*
* The WordFence plugin will provide you with much better protection, and it will
* tell you the `brutes` trying to hack their way in to your WordPress setup.
*
*
* Directions:
*
* Place this file in the same folder as your wp-login.php file, and add the
* following rewrite rule to your htaccess file:
*
# Protect from brute force attack
RewriteCond %{REQUEST_FILENAME} ^.*(wp-login\.php).*$
RewriteRule . /ghobe.php [L]
* You may need to adjust the path to the ghobe.php file to resolve the path
* correctly for you server setup.
*
*/
class ghobe
{
private
$brutes,
$bullies,
$brute,
$admin,
$HIja;
const
Version = '0.1.2',
PoweredBy = "ghobe' Brute Force Blocker";
public function __construct($brutes = null, $header = true)
{
$this->poweredby($header);
$this->HIja = false;
$this->bullies = 'adm aaa developer manager qwerty root support test user';
$this->brutes = array_flip(array_unique(explode(' ', strtolower(trim($this->bullies . ' ' . $brutes)))));
$this->findbrute();
$this->checkadmin();
$this->_HIja();
} // end __construct
public function HIja()
{
return $this->HIja;
} // end HIja
private function findbrute()
{
$brute = null;
if(isset($_REQUEST['log'])) { $brute = $_REQUEST['log']; } // end if
elseif(isset($_POST['log'])) { $brute = $_POST['log']; } // end if
elseif(isset($_GET['log'])) { $brute = $_GET['log']; } // end if
$this->brute = strtolower($brute);
} // end findbrute
private function checkadmin()
{
$admin = strtolower(trim($_REQUEST['log'] . $_POST['log'] . $_GET['log']));
$this->admin = (strstr($admin, 'admin')) ? true : false;
} // end checkadmin
private function _HIja()
{
if( ($this->admin === true) || (array_key_exists($this->brute, $this->brutes)) )
{
// Access Denied
$this->poweredby();
header('HTTP/1.1 403 Forbidden');
exit;
} // end if
$this->HIja = true;
} // end _HIja
private function poweredby($expose = true)
{
if($expose === false) { return; } // end if
header('X-Powered-By: ' . self::PoweredBy . ' v.' . self::Version);
} // end poweredby
} // end ghobe
$Brute = new ghobe();
if($Brute->HIja() === true) { include_once('./wp-login.php'); } // end if