Skip to Content

domain_prevention()

Prevent blacklisted domains from accessing the website.

PHP June 22, 2017

Usage

This function runs automatically, so it is not called manually. Is this incorrect?

Source File

Located in /libs/Security.php on line 172.

4 Hooks

Find these filters and actions in the source code below to hook into them. Use do_action() and add_filter() in your functions file or plugin.

Filters
This function has no filter hooks available. Request one?

Actions
"nebula_spambot_prevention"
"nebula_spambot_prevention"
"nebula_spambot_prevention"
"nebula_spambot_prevention"
Need a new action hook? Request one here.

PHP
        public function domain_prevention(){
            $this->timer('Domain Blocklist');

            //Skip lookups if user has already been checked or for logged in users.
            if ( (isset($_COOKIE['blocklisted']) && $_COOKIE['blocklisted'] === false) || is_user_logged_in() ){
                return false;
            }

            if ( $this->get_option('domain_blocklisting') ){
                $blocklisted_domains = $this->get_domain_blocklist();
                $ip_address = $this->get_ip_address();

                if ( count($blocklisted_domains) > 1 ){
                    if ( isset($_SERVER['HTTP_REFERER']) && $this->contains(strtolower($_SERVER['HTTP_REFERER']), $blocklisted_domains) ){
                        $this->ga_send_exception('(Security) Blocklisted domain prevented. Referrer: ' . $_SERVER['HTTP_REFERER'], 1, array('cd' . $this->ga_definition_index($this->get_option('cd_securitynote')) => 'Blocklisted Referrer'));
                        do_action('nebula_spambot_prevention');
                        header('HTTP/1.1 403 Forbidden');
                        wp_die();
                    }

                    if ( isset($_SERVER['REMOTE_HOST']) && $this->contains(strtolower($_SERVER['REMOTE_HOST']), $blocklisted_domains) ){
                        $this->ga_send_exception('(Security) Blocklisted domain prevented. Hostname: ' . $_SERVER['REMOTE_HOST'], 1, array('cd' . $this->ga_definition_index($this->get_option('cd_securitynote')) => 'Blocklisted Hostname'));
                        do_action('nebula_spambot_prevention');
                        header('HTTP/1.1 403 Forbidden');
                        wp_die();
                    }

                    if ( isset($_SERVER['SERVER_NAME']) && $this->contains(strtolower($_SERVER['SERVER_NAME']), $blocklisted_domains) ){
                        $this->ga_send_exception('(Security) Blocklisted domain prevented. Server Name: ' . $_SERVER['SERVER_NAME'], 1, array('cd' . $this->ga_definition_index($this->get_option('cd_securitynote')) => 'Blocklisted Server Name'));
                        do_action('nebula_spambot_prevention');
                        header('HTTP/1.1 403 Forbidden');
                        wp_die();
                    }

                    if ( isset($ip_address) && $this->contains(strtolower(gethostbyaddr($ip_address)), $blocklisted_domains) ){
                        $this->ga_send_exception('(Security) Blocklisted domain prevented. Network Hostname: ' . $ip_address, 1, array('cd' . $this->ga_definition_index($this->get_option('cd_securitynote')) => 'Blocklisted Network Hostname'));
                        do_action('nebula_spambot_prevention');
                        header('HTTP/1.1 403 Forbidden');
                        wp_die();
                    }
                } else {
                    $this->ga_send_exception('(Security) spammers.txt has no entries!', 0);
                }

                $this->set_cookie('blocklist', false);
            }

            $this->timer('Domain Blocklist', 'end');
        }

Override

This function can not be short-circuited with an override filter. Request one?