Merge branch 'hotfix-0.4.1'

chesio · Aug 1, 2017 · f63043e · f63043e
2 parents 0a6c280 + 604bb2a
commit f63043e
Show file tree

Hide file tree

Showing 5 changed files with 39 additions and 8 deletions.
diff --git a/bc-security.php b/bc-security.php
@@ -3,7 +3,7 @@
  * Plugin Name: BC Security
  * Plugin URI: https://github.com/chesio/bc-security
  * Description: Helps keeping WordPress websites secure. Plugin requires PHP 5.6 or newer to run.
- * Version: 0.4.0
+ * Version: 0.4.1
  * Author: Česlav Przywara <[email protected]>
  * Author URI: https://www.chesio.com
  * Requires at least: 4.7

diff --git a/classes/BlueChip/Security/Modules/Events/Monitor.php b/classes/BlueChip/Security/Modules/Events/Monitor.php
@@ -15,13 +15,20 @@ class Monitor implements \BlueChip\Security\Modules\Initializable
      */
     private $remote_address;
 
+    /**
+     * @var string Server IP address
+     */
+    private $server_address;
+
 
     /**
      * @param string $remote_address Remote IP address.
+     * @param string $server_address Server IP address.
      */
-    public function __construct($remote_address)
+    public function __construct($remote_address, $server_address)
     {
         $this->remote_address = $remote_address;
+        $this->server_address = $server_address;
     }
 
 
@@ -36,7 +43,7 @@ public function init()
         // - successful login
         add_action('wp_login', [$this, 'logSuccessfulLogin'], 5, 1);
         // - 404 query (only if request did not originate from the webserver itself)
-        if ($this->remote_address !== $_SERVER['SERVER_ADDR']) {
+        if ($this->remote_address !== $this->server_address) {
             add_action('wp', [$this, 'log404Queries'], 20, 1);
         }
 

diff --git a/classes/BlueChip/Security/Plugin.php b/classes/BlueChip/Security/Plugin.php
@@ -51,14 +51,15 @@ public function __construct($wpdb)
         // Get setup info.
         $setup = new Setup\Core($this->settings['setup']);
 
-        // IP address is at core interest within this plugin :)
+        // IP addresses are at core interest within this plugin :)
         $remote_address = $setup->getRemoteAddress();
+        $server_address = $setup->getServerAddress();
 
         // Init admin, if necessary.
         $this->admin = is_admin() ? new Admin() : null;
 
         // Construct modules.
-        $this->modules = $this->constructModules($wpdb, $remote_address, $this->settings);
+        $this->modules = $this->constructModules($wpdb, $remote_address, $server_address, $this->settings);
 
         // Construct cron jobs.
         $this->cron_jobs = $this->constructCronJobs($this->settings, $this->modules);
@@ -85,13 +86,14 @@ private function constructSettings()
      * Construct plugin modules.
      * @param \wpdb $wpdb
      * @param string $remote_address
+     * @param string $server_address
      * @param array $settings
      * @return array
      */
-    private function constructModules($wpdb, $remote_address, $settings)
+    private function constructModules($wpdb, $remote_address, $server_address, $settings)
     {
         $logger     = new Modules\Log\Logger($wpdb, $remote_address);
-        $monitor    = new Modules\Events\Monitor($remote_address);
+        $monitor    = new Modules\Events\Monitor($remote_address, $server_address);
         $notifier   = new Modules\Notifications\Watchman($settings['notifications'], $remote_address, $logger);
         $hardening  = new Modules\Hardening\Core($settings['hardening']);
         $bl_manager = new Modules\IpBlacklist\Manager($wpdb);

diff --git a/classes/BlueChip/Security/Setup/Core.php b/classes/BlueChip/Security/Setup/Core.php
@@ -30,4 +30,15 @@ public function getRemoteAddress()
     {
         return IpAddress::get($this->connection_type);
     }
+
+
+    /**
+     * Get server IP address. In the moment, there is no way to "configure" it.
+     *
+     * @return string
+     */
+    public function getServerAddress()
+    {
+        return IpAddress::getServer();
+    }
 }
diff --git a/classes/BlueChip/Security/Setup/IpAddress.php b/classes/BlueChip/Security/Setup/IpAddress.php
@@ -6,7 +6,7 @@
 namespace BlueChip\Security\Setup;
 
 /**
- * Remote IP address retrieval
+ * IP address retrieval (both remote and server)
  */
 abstract class IpAddress
 {
@@ -85,6 +85,17 @@ public static function getRaw($type)
     }
 
 
+    /**
+     * Get IP address of webserver.
+     *
+     * @return string IP address of webserver or empty string if none provided (typically when running via PHP-CLI).
+     */
+    public static function getServer()
+    {
+        return isset($_SERVER['SERVER_ADDR']) ? self::getFirst($_SERVER['SERVER_ADDR']) : '';
+    }
+
+
     /**
      * Get the first from possibly multiple $ip_addresses.
      * @param string $ip_addresses