ÿØÿà JFIF    ÿÛ „  ( %"1!%)+...383,7(-.+  -+++--++++---+-+-----+---------------+---+-++7-----ÿÀ  ß â" ÿÄ     ÿÄ H    !1AQaq"‘¡2B±ÁÑð#R“Ò Tbr‚²á3csƒ’ÂñDS¢³$CÿÄ   ÿÄ %  !1AQa"23‘ÿÚ   ? ôÿ ¨pŸªáÿ —åYõõ\?àÒü©ŠÄï¨pŸªáÿ —åYõõ\?àÓü©ŠÄá 0Ÿªáÿ Ÿå[úƒ ú®ði~TÁbqÐ8OÕpÿ ƒOò¤Oè`–RÂáœá™êi€ßÉ< FtŸI“öÌ8úDf´°å}“¾œ6  öFá°y¥jñÇh†ˆ¢ã/ÃÐ:ªcÈ "Y¡ðÑl>ÿ ”ÏËte:qž\oäŠe÷󲍷˜HT4&ÿ ÓÐü6ö®¿øþßèô Ÿ•7Ñi’•j|“ñì>b…þS?*Óôÿ ÓÐü*h¥£ír¶ü UãSç‚Ÿ[AÐaè[ûª•õ&õj?†Éö+EzP—WeÒírJFt ‘BŒ†Ï‡%#tE Øz ¥OÛ«!1›üä±Í™%ºÍãö]°î(–:@<‹ŒÊö×òÆt¦ãº+‡¦%ÌÁ²h´OƒJŒtMÜ>ÀÜÊw3Y´•牋4ǍýʏTì>œú=Íwhyë,¾Ôò×õ¿ßÊa»«þˆѪQ|%6ž™A õ%:øj<>É—ÿ Å_ˆCbõ¥š±ý¯Ýƒï…¶|RëócÍf溪“t.СøTÿ *Ä¿-{†çàczůŽ_–^XþŒ±miB[X±d 1,é”zEù»& î9gœf™9Ð'.;—™i}!ôšåîqêÛ٤ёý£½ÆA–àôe"A$˝Úsäÿ ÷Û #°xŸëí(l »ý3—¥5m! rt`†0~'j2(]S¦¦kv,ÚÇ l¦øJA£Šƒ J3E8ÙiŽ:cÉžúeZ°€¯\®kÖ(79«Ž:¯X”¾³Š&¡* ….‰Ž(ÜíŸ2¥ª‡×Hi²TF¤ò[¨íÈRëÉ䢍mgÑ.Ÿ<öäS0í„ǹÁU´f#Vß;Õ–…P@3ío<ä-±»Ž.L|kªÀê›fÂ6@»eu‚|ÓaÞÆŸ…¨ááå>åŠ?cKü6ùTÍÆ”†sĤÚ;H2RÚ†õ\Ö·Ÿn'¾ ñ#ºI¤Å´%çÁ­‚â7›‹qT3Iï¨ÖÚ5I7Ë!ÅOóŸ¶øÝñØôת¦$Tcö‘[«Ö³šÒ';Aþ ¸èíg A2Z"i¸vdÄ÷.iõ®§)¿]¤À†–‡É&ä{V¶iŽ”.Ó×Õÿ û?h¬Mt–íª[ÿ Ñÿ ÌV(í}=ibÔ¡›¥¢±b Lô¥‡piη_Z<‡z§èŒ)iÖwiÇ 2hÙ3·=’d÷8éŽ1¦¸c¤µ€7›7Ø ð\á)} ¹fËí›pAÃL%âc2 í§æQz¿;T8sæ°qø)QFMð‰XŒÂ±N¢aF¨…8¯!U  Z©RÊ ÖPVÄÀÍin™Ì-GˆªÅËŠ›•zË}º±ŽÍFò¹}Uw×#ä5B¤{î}Ð<ÙD é©¤&‡ïDbàÁôMÁ.mixed_content_data(); } return $response; } /** * @param array $response * @param string $action * @param array $data * * @return array */ public function learningmode_table_data( array $response, string $action, $data ): array { if ( ! rsssl_user_can_manage() ) { return $response; } if ( $action === 'learning_mode_data' ) { if ( isset( $data['type'] ) && $data['type'] === 'content_security_policy') { return $this->csp_data(); } if ( isset( $data['type'] ) && $data['type'] === 'xmlrpc_allow_list') { return $this->xml_data(); } } return $response; } /** * Set some placeholder data for CSP * * @return array */ public function csp_data() { $rules = array( 'script-src-data' => array( 'violateddirective' => 'script-src', 'blockeduri' => 'data:', ), 'script-src-eval' => array( 'violateddirective' => 'script-src', 'blockeduri' => 'unsafe-eval', ), 'img-src-gravatar' => array( 'violateddirective' => 'img-src', 'blockeduri' => 'https://secure.gravatar.com', ), 'img-src-data' => array( 'violateddirective' => 'img-src', 'blockeduri' => 'data:', ), 'img-src-self' => array( 'violateddirective' => 'img-src', 'blockeduri' => 'self', ), 'font-src-self' => array( 'violateddirective' => 'font-src', 'blockeduri' => 'self', ), 'font-src-data' => array( 'violateddirective' => 'font-src', 'blockeduri' => 'data:', ), ); $output = []; foreach ( $rules as $rule ) { $output[] = [ 'documenturi' => site_url(), 'violateddirective' => $rule['violateddirective'], 'blockeduri' => $rule['blockeduri'], 'status' => 0, ]; } return $output; } public function xml_data() { $data = [ [ 'id' => 1, 'method' => 'wp.deletePost', 'login_status' => 1, 'count' => 63, 'status' => 1, ], [ 'id' => 2, 'method' => 'wp.getPost', 'login_status' => 1, 'count' => 78, 'status' => 1, ], [ 'id' => 3, 'method' => 'wp.editTerm', 'login_status' => 1, 'count' => 9, 'status' => 1, ], [ 'id' => 4, 'method' => 'wp.getPosts', 'login_status' => 1, 'count' => 9, 'status' => 1, ], ]; return $data; } public function demo_vulnerabilities_data() { $data[] = [ 'id' => 1, 'component' => 'wordpress', 'risk' => 'high', 'date' => '2020-01-01', ]; } public function limit_login_attempts_data( array $response, string $action, $data ): array { if ( ! rsssl_user_can_manage() ) { return $response; } if ( defined('rsssl_pro')) { return $response; } switch ( $action ) { case 'ip_list': $response['data'] = [ [ 'id' => 12, 'first_failed' => 1678903200, 'last_failed' => 1678924800, 'attempt_type' => 'source_ip', 'attempt_value' => '192.168.1.12', 'user_agent' => 'Mozilla/5.0', 'status' => 'locked', 'attempts' => 2, 'endpoint' => 'https://example.com/wp-admin', 'blocked' => 0, 'datetime' => '10:51, Sep 30', ], [ 'id' => 13, 'first_failed' => 1678906800, 'last_failed' => 1678928400, 'attempt_type' => 'source_ip', 'attempt_value' => '192.168.1.13', 'user_agent' => 'Mozilla/5.0', 'status' => 'locked', 'attempts' => 1, 'endpoint' => 'https://example.com/wp-login.php', 'blocked' => 1, 'datetime' => '10:51, Sep 30', ], ]; break; case 'user_list': $response['data'] = [ [ 'id' => 1, 'first_failed' => 1678888800, 'last_failed' => 1678910400, 'attempt_type' => 'username', 'attempt_value' => 'john_doe', 'user_agent' => 'Mozilla/5.0', 'status' => 'locked', 'attempts' => 5, 'endpoint' => 'https://example.com/wp-admin', 'blocked' => 1, 'datetime' => '10:51, Sep 30', ], [ 'id' => 2, 'first_failed' => 1678892400, 'last_failed' => 1678914000, 'attempt_type' => 'username', 'attempt_value' => 'john_doe2', 'user_agent' => 'Mozilla/5.0', 'status' => 'locked', 'attempts' => 3, 'endpoint' => 'https://example.com/wp-login.php', 'blocked' => 1, 'datetime' => '10:51, Sep 30', ], ]; break; case 'country_list': $response['data'] = [ [ 'id' => 1, 'first_failed' => 1678888800, 'last_failed' => 1678910400, 'attempt_type' => 'country', 'attempt_value' => 'US', 'country_name' => 'United States', 'region' => 'North America', 'user_agent' => 'Mozilla/5.0', 'status' => 'blocked', 'attempts' => 5, 'endpoint' => 'https://example.com/wp-admin', 'blocked' => 1, 'datetime' => '10:51, Sep 30', ], [ 'id' => 2, 'first_failed' => 1678892400, 'last_failed' => 1678914000, 'attempt_type' => 'country', 'attempt_value' => 'US', 'country_name' => 'United States', 'region' => 'North America', 'user_agent' => 'Mozilla/5.0', 'status' => 'blocked', 'attempts' => 3, 'endpoint' => 'https://example.com/wp-login.php', 'blocked' => 1, 'datetime' => '10:51, Sep 30', ], ]; break; case 'event_log': $response['data'] = [ [ 'id' => 969, 'timestamp' => 1693565480, 'event_id' => 1026, 'event_type' => 'login-protection', 'iso2_code' => 'PW', 'country_name' => 'Palau', 'severity' => 'informational', 'username' => '', 'source_ip' => '', 'description' => 'Country Palau added to geo-ip blocklist (Login-protection)', 'datetime' => '10:51, Sep 30', ], [ 'id' => 970, 'timestamp' => 1693565480, 'event_id' => 1026, 'event_type' => 'login-protection', 'iso2_code' => 'PG', 'country_name' => 'Papua New Guinea', 'severity' => 'informational', 'username' => '', 'source_ip' => '', 'description' => 'Country Papua New Guinea added to geo-ip blocklist (Login-protection)', 'datetime' => '10:51, Sep 30', ], [ 'id' => 994, 'timestamp' => 1693573989, 'event_id' => 1000, 'event_type' => 'authentication', 'iso2_code' => 'NL', 'country_name' => 'Netherlands', 'severity' => 'informational', 'username' => 'johndoe', 'source_ip' => '192.168.1.1', 'description' => 'Login successful (Authentication)', 'datetime' => '10:51, Sep 30', ], ]; default: break; } $response['pagination'] = [ 'total' => 2, 'per_page' => 10, 'current_page' => 1, 'last_page' => 1, 'from' => 1, 'to' => 4, ]; return $response; } public function mixed_content_data() { $data[] = [ 'id' => 1, 'ignored' => false, 'type' => 'blocked_url', 'description' => sprintf( __( "Mixed content in PHP file in %s", "really-simple-ssl" ), 'themes' ), 'blocked_url' => '#', 'location' => site_url(), 'details' => [ 'title' => __( "Details", "really-simple-ssl" ), 'description' => [], 'view' => '#', 'edit' => '#', 'help' => "knowledge-base/fix-blocked-resources-content-files", 'action' => 'ignore_url', ], ]; $data[] = [ 'id' => 2, 'ignored' => false, 'description' => sprintf( __( "Mixed content in %s", "really-simple-ssl" ), 'Theme file' ), 'type' => 'css_js_thirdparty', 'blocked_url' => '#', 'location' => site_url(), 'details' => [ 'title' => __( "Details", "really-simple-ssl" ), 'description' => [], 'view' => '#', 'edit' => '#', 'help' => "knowledge-base/fix-css-and-js-files-with-mixed-content", 'action' => 'ignore_url', ], 'fix' => [ 'title' => __( "Import and insert file", "really-simple-ssl" ), 'subtitle' => __( "Copyright warning!", "really-simple-ssl" ), 'description' => '', 'action' => "fix_file", 'path' => '#', ] ]; $data[] = [ 'id' => 3, 'ignored' => false, 'type' => 'css_js_other_domains', 'description' => __( "Mixed content in CSS/JS file from other domain", "really-simple-ssl" ), 'blocked_url' => '#', 'location' => site_url(), 'details' => [ 'title' => __( "Details", "really-simple-ssl" ), 'description' => [], 'view' => '', 'edit' => '', 'help' => "knowledge-base/fix-css-js-files-mixed-content-domains/", 'action' => 'ignore_url', ] ]; $data[] = [ 'id' => 4, 'ignored' => false, 'type' => 'posts', 'description' => sprintf(__( "Mixed content in post: %s", "really-simple-ssl" ), 'Hello World'), 'blocked_url' => '#', 'location' => site_url(), 'details' => [ 'title' => __( "Details", "really-simple-ssl" ), 'description' => [], 'view' => '', 'edit' => get_admin_url( null, 'post.php?post=1&action=edit' ), 'help' => "fix-posts-with-blocked-resources-domains-without-ssl-certificate/", 'action' => 'ignore_url' ], 'fix' => [ 'title' => __( "Import and insert file", "really-simple-ssl" ), 'subtitle' => __( "Copyright warning!", "really-simple-ssl" ), 'description' => '', 'action' => 'fix_post', 'post_id' => 1, ] ]; //check if item is coming from an iframe $data[] = [ 'id' => 5, 'ignored' => false, 'type' => 'postmeta', 'description' => __( "Mixed content in the postmeta table", "really-simple-ssl" ), 'blocked_url' => '#', 'location' => site_url(), 'meta_key' => '', 'details' => [ 'title' => __( "Details", "really-simple-ssl" ), 'description' => [], 'view' => '#', 'edit' => get_admin_url( null, 'post.php?post=1&action=edit' ), 'help' => "knowledge-base/fix-blocked-resources-content-postmeta", 'action' => 'ignore_url' ], 'fix' => [ 'title' => __( "Import and insert file", "really-simple-ssl" ), 'subtitle' => __( "Copyright warning!", "really-simple-ssl" ), 'description' => '', 'action' => 'fix_postmeta', 'post_id' => 1, ] ]; $file = sprintf( __( "Widget area", "really-simple-ssl" ), '' ); $data[] = [ 'id' => 5, 'ignored' => false, 'type' => 'widgets', 'description' => __( "Widget with mixed content", "really-simple-ssl" ), 'blocked_url' => '#', 'location' => $file, 'details' => [ 'title' => __( "Details", "really-simple-ssl" ), 'description' => [], 'view' => '', 'edit' => get_admin_url( null, '/widgets.php' ), 'help' => "knowledge-base/locating-mixed-content-in-widgets/", 'action' => 'ignore_url' ], 'fix' => [ 'title' => __( "Import and insert file", "really-simple-ssl" ), 'subtitle' => __( "Copyright warning!", "really-simple-ssl" ), 'description' => '', 'action' => 'fix_widget', 'widget_id' => '#', ] ]; return [ 'data' => $data, 'progress' => 80, 'state' => 'stop', 'action' => '', 'nonce' => wp_create_nonce( 'fix_mixed_content' ) ]; } /** * @return void * * Dummy data for two factor Email block */ public function two_factor_email_data() { } /** * @return array * * Dummy data for two factor Users block */ public function two_factor_users_data( array $response, string $action, $data ) { if ( defined('rsssl_pro')) { return $response; } if ( $action === 'two_fa_table' ) { $response['data'] = [ [ 'id' => 1, 'user' => 'JaneDoe', 'rsssl_two_fa_providers' => 'email', 'user_role' => 'Administrator', 'status_for_user' => 'active' ], [ 'id' => 2, 'user' => 'JohnDoe', 'rsssl_two_fa_providers' => 'email', 'user_role' => 'Editor', 'status_for_user' => 'open' ], [ 'id' => 3, 'user' => 'JanieDoe', 'rsssl_two_fa_providers' => 'disabled', 'user_role' => 'Subscriber', 'status_for_user' => 'Disabled' ], [ 'id' => 4, 'user' => 'JonnyDoe', 'rsssl_two_fa_providers' => 'Active', 'user_role' => 'Contributor', 'status_for_user' => 'Active' ], [ 'id' => 5, 'user' => 'BabyDoe', 'rsssl_two_fa_providers' => 'open', 'user_role' => 'Author', 'status_for_user' => 'open' ], ]; } return $response; } } }