Last active
October 19, 2019 10:58
-
-
Save wpmudev-sls/0ff5ca4ec0f99416dc890a7ace1c9fce to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Plugin Name: [Defender] - Redirect blocked countries users | |
* Plugin URI: https://premium.wpmudev.org/ | |
* Description: Redirect blocked countries users to another website | |
* Author: Alessandro Kaounas @ WPMUDEV | |
* Author URI: https://premium.wpmudev.org/ | |
* License: GPLv2 or later | |
*/ | |
if ( ! defined( 'ABSPATH' ) ) { | |
exit; | |
} | |
if ( ! class_exists( 'WPMUDEV_Defender_Redirect_Block_Countries_Users' ) ) { | |
class WPMUDEV_Defender_Redirect_Block_Countries_Users { | |
private $redirect_to = 'https://www.example.net/'; | |
private static $_instance = null; | |
public static function get_instance() { | |
if( is_null( self::$_instance ) ){ | |
self::$_instance = new WPMUDEV_Defender_Redirect_Block_Countries_Users(); | |
} | |
return self::$_instance; | |
} | |
private function __construct() { | |
$this->init(); | |
} | |
private function init(){ | |
add_action( 'wd_before_lockout', array( $this, 'wpmudev_redirect_blocked_coutries_users' ) ); | |
} | |
public function wpmudev_redirect_blocked_coutries_users(){ | |
// Check if Defender is activated | |
if( ! class_exists( 'WP_Defender' ) ){ | |
return; | |
} | |
$blacklisted = $whitelisted = array(); | |
// Get Defender settings | |
if( $settings = get_option( 'wd_lockdown_settings' ) ){ | |
$blacklisted = $this->getCountryBlacklist( $settings ); | |
$whitelisted = $this->getIpWhitelist( $settings ); | |
}else{ | |
return; | |
} | |
// If blocked all or none, or whitelisted | |
if( empty( $blacklisted ) || in_array( 'all', $blacklisted ) || in_array( $this->getUserIp(), $whitelisted ) ){ | |
return; | |
} | |
// Get visitors country | |
$country = WP_Defender\Module\IP_Lockout\Component\IP_API::getCurrentCountry(); | |
if ( in_array( strtoupper( $country['iso'] ), $blacklisted ) ) { | |
wp_redirect( $this->redirect_to ); | |
exit; | |
} | |
return; | |
} | |
private function getUserIp() { | |
if ( version_compare( wp_defender()->version, '2.2.1' ) >= 0 ) { | |
return WP_Defender\Behavior\Utils::instance()->getUserIp(); | |
} | |
$client = isset( $_SERVER['HTTP_CLIENT_IP'] ) ? $_SERVER['HTTP_CLIENT_IP'] : null; | |
$forward = isset( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : null; | |
$is_cf = $this->isCloudflare(); //Check if request is from CloudFlare | |
if ( $is_cf ) { | |
$cf_ip = $_SERVER['HTTP_CF_CONNECTING_IP']; //We already make sure this is set in the checks | |
if ( filter_var( $cf_ip, FILTER_VALIDATE_IP ) ) { | |
return apply_filters( 'defender_user_ip', $cf_ip ); | |
} | |
} else { | |
$remote = isset( $_SERVER['REMOTE_ADDR'] ) ? $_SERVER['REMOTE_ADDR'] : null; | |
} | |
$client_real = isset( $_SERVER['HTTP_X_REAL_IP'] ) ? $_SERVER['HTTP_X_REAL_IP'] : null; | |
$ret = $remote; | |
if ( filter_var( $client, FILTER_VALIDATE_IP ) ) { | |
$ret = $client; | |
} elseif ( filter_var( $client_real, FILTER_VALIDATE_IP ) ) { | |
$ret = $client_real; | |
} elseif ( ! empty( $forward ) ) { | |
$forward = explode( ',', $forward ); | |
$ip = array_shift( $forward ); | |
$ip = trim( $ip ); | |
if ( filter_var( $ip, FILTER_VALIDATE_IP ) ) { | |
$ret = $ip; | |
} | |
} | |
return $ret; | |
} | |
private function getIpWhitelist( $data ) { | |
if ( version_compare( wp_defender()->version, '2.2.1' ) >= 0 ) { | |
return WP_Defender\Module\IP_Lockout\Model\Settings::instance()->getIpWhitelist(); | |
} | |
if ( ! isset( $data[ 'ip_whitelist' ] ) ) { | |
return null; | |
} | |
$arr = array_filter( explode( PHP_EOL, $data ) ); | |
$arr = array_map( 'trim', $arr ); | |
return $arr; | |
} | |
private function getCountryBlacklist( $data ) { | |
if ( version_compare( wp_defender()->version, '2.2.1' ) >= 0 ) { | |
return WP_Defender\Module\IP_Lockout\Model\Settings::instance()->getCountryBlacklist(); | |
} | |
if ( ! isset( $data[ 'country_blacklist' ] ) ) { | |
return null; | |
} | |
$arr = array_filter( explode( ',', $data[ 'country_blacklist' ] ) ); | |
$arr = array_map( 'trim', $arr ); | |
return $arr; | |
} | |
private function _validateCloudflareIP( $ip ) { | |
$cloudflare_ips = array( | |
'199.27.128.0/21', | |
'173.245.48.0/20', | |
'103.21.244.0/22', | |
'103.22.200.0/22', | |
'103.31.4.0/22', | |
'141.101.64.0/18', | |
'108.162.192.0/18', | |
'190.93.240.0/20', | |
'188.114.96.0/20', | |
'197.234.240.0/22', | |
'198.41.128.0/17', | |
'162.158.0.0/15', | |
'104.16.0.0/12', | |
); | |
$is_cf_ip = false; | |
foreach ( $cloudflare_ips as $cloudflare_ip ) { | |
if ( $this->_cloudflareIpInRange( $ip, $cloudflare_ip ) ) { | |
$is_cf_ip = true; | |
break; | |
} | |
} | |
return $is_cf_ip; | |
} | |
private function isCloudflare() { | |
if ( php_sapi_name() == 'cli' ) { | |
return false; | |
} | |
if ( isset( $_SERVER['HTTP_CLIENT_IP'] ) ) { | |
$ip = $_SERVER['HTTP_CLIENT_IP']; | |
} elseif ( isset( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) { | |
$ip = $_SERVER['HTTP_X_FORWARDED_FOR']; | |
} else { | |
$ip = $_SERVER['REMOTE_ADDR']; | |
} | |
if ( isset( $ip ) ) { | |
$request_check = $this->_cloudflareRequestsCheck(); | |
if ( ! $request_check ) { | |
return false; | |
} | |
$ip_check = $this->_validateCloudflareIP( $ip ); | |
return $ip_check; | |
} | |
return false; | |
} | |
private function _cloudflareRequestsCheck() { | |
$flag = true; | |
if ( ! isset( $_SERVER['HTTP_CF_CONNECTING_IP'] ) ) { | |
$flag = false; | |
} | |
if ( ! isset( $_SERVER['HTTP_CF_IPCOUNTRY'] ) ) { | |
$flag = false; | |
} | |
if ( ! isset( $_SERVER['HTTP_CF_RAY'] ) ) { | |
$flag = false; | |
} | |
if ( ! isset( $_SERVER['HTTP_CF_VISITOR'] ) ) { | |
$flag = false; | |
} | |
return $flag; | |
} | |
} | |
if ( ! function_exists( 'wpmudev_defender_redirect_blocked_coutries_users' ) ) { | |
function wpmudev_defender_redirect_blocked_coutries_users() { | |
return WPMUDEV_Defender_Redirect_Block_Countries_Users::get_instance(); | |
}; | |
add_action( 'plugins_loaded', 'wpmudev_defender_redirect_blocked_coutries_users', 10 ); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment