36 lines
861 B
PHP
36 lines
861 B
PHP
<?php
|
|
/**
|
|
* XML-RPC Request logging
|
|
*
|
|
* @package wp-fail2ban
|
|
* @since 4.0.0
|
|
*/
|
|
namespace org\lecklider\charles\wordpress\wp_fail2ban;
|
|
|
|
if (!defined('ABSPATH')) {
|
|
exit;
|
|
}
|
|
|
|
/**
|
|
* Log XML-RPC requests
|
|
*
|
|
* It seems attackers are doing weird things with XML-RPC. This makes it easy to
|
|
* log them for analysis and future blocking.
|
|
*
|
|
* @since 4.0.0 Fix: Removed HTTP_RAW_POST_DATA
|
|
* https://wordpress.org/support/?p=10971843
|
|
* @since 3.6.0
|
|
*
|
|
* @codeCoverageIgnore
|
|
*/
|
|
if (false === ($fp = fopen(WP_FAIL2BAN_XMLRPC_LOG, 'a+'))) {
|
|
// TODO: decided whether to log this
|
|
} else {
|
|
$raw_data = (version_compare(PHP_VERSION, '7.0.0') >= 0)
|
|
? file_get_contents('php://input')
|
|
: $HTTP_RAW_POST_DATA;
|
|
|
|
fprintf($fp, "# ---\n# Date: %s\n# IP: %s\n\n%s\n", date(DATE_ATOM), remote_addr(), $raw_data);
|
|
fclose($fp);
|
|
}
|