PrestashopModules/botlimiter
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8fd0c00941191685e7777d78345d4dee81e9c6bf
botlimiter/classes/rules/ScanBotsRule.php
O K 8fd0c00941 add admin cookie check
2026-03-22 09:23:41 +02:00

201 lines
5.7 KiB
PHP
Raw Blame History

<?php
class ScanBotsRule implements RuleInterface
{
// 1. Exact matches using Keys for O(1) Instant Lookup
// Redundant wp-content/ and wp-includes/ files were removed because the prefix scanner catches them all!
private static $exact_targets = [
'/database.php' => true,
'/acp.php' => true,
'/gettest.php' => true,
'/4h.php' => true,
'/flower.php' => true,
'/styll.php' => true,
'/re.php' => true,
'/alfashell.php' => true,
'/axx.php' => true,
'/X57.php' => true,
'/erty.php' => true,
'/miansha.php' => true,
'/bengi.php' => true,
'/bs1.php' => true,
'/motu.php' => true,
'/gssdd.php' => true,
'/in.php' => true,
'/bal.php' => true,
'/dev.php' => true,
'/k.php' => true,
'/prv8.php' => true,
'/lb.php' => true,
'/hi.php' => true,
'/f35.php' => true,
'/update/f35.php' => true,
'/a1.php' => true,
'/fi.php' => true,
'/init.php' => true,
'/abcd.php' => true,
'/av.php' => true,
'/kj.php' => true,
'/fe5.php' => true,
'/about.php' => true,
'/ok.php' => true,
'/w4.php' => true,
'/assets/css/index.php' => true,
'/wp.php' => true,
'/BDKR28WP.php' => true,
'/wp-the.php' => true,
'/wp-michan.php' => true,
'/makeasmtp.php' => true,
'/alpha.php' => true,
'/we.php' => true,
'/155.php' => true,
'/goat.php' => true,
'/fff.php' => true,
'/ff1.php' => true,
'/cgi-bin/index.php' => true,
'/plugins.php' => true,
'/222.php' => true,
'/ms-edit.php' => true,
'/goods.php' => true,
'/adminfuns.php' => true,
'/166.php' => true,
'/test1.php' => true,
'/wp-blog.php' => true,
'/sbhu.php' => true,
'/wp-update.php' => true,
'/ms.php' => true,
'/x.php' => true,
'/tinyfilemanager.php' => true,
'/classwithtostring.php' => true,
'/aaa.php' => true,
'/plss3.php' => true,
'/06.php' => true,
'/a.php' => true,
'/xqq.php' => true,
'/class-t.api.php' => true,
'/wp-act.php' => true,
'/wp9.php' => true,
'/bless.php' => true,
'/file59.php' => true,
'/file.php' => true,
'/sc.php' => true,
'/1.php' => true,
'/aa.php' => true,
'/bgymj.php' => true,
'/style.php' => true,
'/inputs.php' => true,
'/f6.php' => true,
'/ol.php' => true,
'/xmlrpc.php' => true,
'/gifclass.php' => true,
'/66.php' => true,
'/ioxi-o.php' => true,
'/edit.php' => true,
'/3.php' => true,
'/wsvvs.php' => true,
'/pass2.php' => true,
'/maxro.php' => true,
'/mga.php' => true,
'/2.php' => true,
'/wdf.php' => true,
'/path.php' => true,
'/txets.php' => true,
'/sys.php' => true,
'/pp.php' => true,
'/g.php' => true,
'/h.php' => true,
'/xxxx.php' => true,
'/sty.php' => true,
'/a2.php' => true,
'/fvvff.php' => true,
'/claw.php' => true,
'/swallowable.php' => true,
'/foxr.php' => true,
'/w2025.php' => true,
'/cs.php' => true,
'/kk.php' => true,
'/rithin.php' => true,
'/h2h.php' => true,
'/wo.php' => true,
'/jocundly.php' => true,
'/rere.php' => true,
'/bafFz.php' => true,
'/elabel.php' => true,
'/teee.php' => true,
'/no1.php' => true,
'/akses.php' => true,
'/lp6.php' => true,
'/eee.php' => true,
'/asw.php' => true,
'/sf.php' => true,
'/by.php' => true,
'/x12.php' => true,
'/uuu.php' => true,
'/fsgdjkl.php' => true,
'/settings.php' => true,
'/utky.php' => true,
'/yos.php' => true,
'/albin.php' => true,
'/invisi.php' => true,
'/ty.php' => true,
'/wziar1.php' => true,
'/742.php' => true,
'/wp-p2r3q9c8k4.php' => true,
'/cash.php' => true,
'/nw_ok.php' => true,
'/filefuns.php' => true,
'/leon.php' => true,
'/199.php' => true,
'/aifa.php' => true,
'/gptsh.php' => true,
];
// 2. Prefix Targets (Folders/Directories)
// ANY traffic accessing these folders immediately triggers the ban.
private static $prefix_targets = [
'/wp-content/',
'/wp-includes/',
'/wp-admin/',
'/x/'
];
public function execute()
{
if (empty($_SERVER['REQUEST_URI'])) {
return true;
}
$ip = BotLogger::getRealIp();
if (BotLogger::isWhitelisted($ip)) {
return true;
}
// 1. Strip Query Strings (e.g. ?id=1) so bots cannot bypass the exact match
$path = strtok($_SERVER['REQUEST_URI'], '?');
// 2. O(1) Instant RAM-speed check for exact files
if (isset(self::$exact_targets[$path])) {
$this->blockRequest($ip);
}
// 3. Prefix Check for WordPress & Malicious Directories
foreach (self::$prefix_targets as $prefix) {
if (strpos($path, $prefix) === 0) {
$this->blockRequest($ip);
}
}
return true;
}
/**
* Reusable trigger to log and drop connection
*/
private function blockRequest($ip)
{
BotLogger::logBan($ip, 'SCAN_BOT');
header('HTTP/1.1 405 Method Not Allowed');
die('Method Not Allowed');
}
}
Reference in New Issue View Git Blame Copy Permalink