Nexos/mitigation
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 5 Wiki Activity

Compare commits

base: Nexos:mitigation-0.03
Branches Tags
Nexos:main
Nexos:mitigation-0.05 Nexos:mitigation-0.04 Nexos:mitigation-0.03 Nexos:mitigation-0.02 Nexos:0.01
..
compare: Nexos:main
Branches Tags
Nexos:main
Nexos:mitigation-0.05 Nexos:mitigation-0.04 Nexos:mitigation-0.03 Nexos:mitigation-0.02 Nexos:0.01

5 Commits
mitigation ... main

Author SHA1 Message Date
n3storm
28bfd07956 404 2025-08-18 15:21:46 +00:00
n3storm
bbcb72fecd version jump 2025-08-18 08:43:07 +00:00
n3storm
e09bde4530 more meta removed 2025-08-18 08:41:30 +00:00
n3storm
edb35ef576 Actualizar README.md 2025-06-26 08:03:12 +02:00
n3storm
c6cfee9cc1 command force 2025-06-26 05:59:40 +00:00
3 changed files with 27 additions and 12 deletions
Expand all files Collapse all files

7
README.md
View File

@ -1,10 +1,9 @@
# Plugin for attacks mitigation
## Install plugin and enable
## Install plugin and enable (force update also)
```
wp plugin install --activate https://s.getcloud.info/n3storm/mitigation/archive/mitigation-0.03.zip
wp plugin install --activate https://s.getcloud.info/nexos/mitigation/archive/mitigation-0.04.zip --force
```
## Enable nginx mitigations
@ -23,6 +22,7 @@ server {
```
## Remove "Server: nginx" at http headers
```
apt install libnginx-mod-http-headers-more-filter
```
@ -36,6 +36,7 @@ http {
```
Y después:
```
service nginx reload
```

17
mitigation.php
View File

@ -2,7 +2,7 @@
/**
* Plugin Name: Mitigation
* Description: A WordPress plugin with a main class for initialization methods.
* Version: 1.0.0
* Version: 0.0.5
* Author: Your Name
* Text Domain: mitigation
*/
@ -20,7 +20,7 @@ class Mitigation {
/**
* Plugin version
*/
const VERSION = '0.03';
const VERSION = '0.05';
/**
* Single instance of the class
@ -49,7 +49,8 @@ class Mitigation {
public function init() {
// Hook into WordPress init
add_action('init', [$this, 'on_init']);
add_action('wp_loaded', array($this, 'on_wp_loaded'));
add_action('wp_loaded', [$this, 'on_wp_loaded']);
}
public function run($actions)
@ -82,6 +83,7 @@ class Mitigation {
'remove_wp_generator',
];
$this->run($actions);
add_filter('et_get_theme_version', [$this, 'remove_divi_version']);
}
public function login_error_mask()
@ -91,9 +93,16 @@ class Mitigation {
});
}
public function remove_divi_version() {
return '';
}
public function remove_wp_generator()
{
remove_action( 'wp_head', 'wp_generator' );
remove_action( 'wp_head', 'wc_generator' );
remove_action( 'wp_head', 'wlwmanifest_link' );
remove_action( 'wp_head', 'rsd_link' );
}
public function mitigation_remove_footer_shake()
@ -102,4 +111,4 @@ class Mitigation {
}
}
Mitigation::get_instance();
Mitigation::get_instance();

15
nginx.conf
View File

@ -1,17 +1,23 @@
location ~ ^/(wp-cron\.php|wp-config\.php|install\.php|xmlrpc\.php|config\.php|configuration\.php|\.env|\.git/|\.svn/|\.log$) {
# deny all;
# return 404;
rewrite ^(.*)$ /error-404/ redirect;
return 404;
# rewrite ^(.*)$ /error-404/ redirect;
# add_header X-Status 404;
# rewrite ^(.*)$ /error-404/ last;
}
error_page 404 /error-404/;
location ~ (LICENSE|\.md$|license\.txt|\.htaccess|readme\.html|readme\.txt) {
log_not_found off;
access_log off;
rewrite ^(.*)$ /error-404/ redirect;
return 404;
# rewrite ^(.*)$ /error-404/ last;
}
location ~* ^/wp-json/wp/v2/users(/.*)?$ {
rewrite ^(.*)$ /error-404/ redirect;
return 404;
# rewrite ^(.*)$ /error-404/ last;
}
# Direct PHP File Access
@ -37,4 +43,3 @@ location ~* /xmlrpc.php$ {
allow 192.0.0.0/16;
deny all;
}