Find this useful? Enter your email to receive occasional updates for securing PHP code.
Signing you up...
Thank you for signing up!
PHP Decode
namespace Mgt\Waf\Model\Plugin; use Magento\Backend\Setup\ConfigOptionsList as BackendCon..
Decoded Output download
<? namespace Mgt\Waf\Model\Plugin; use Magento\Backend\Setup\ConfigOptionsList as BackendConfigOptionsList; use Mgt\Waf\Model\Aws\Waf as AwsWaf; use Mgt\Waf\Model\Util\Retry; class Waf { const MGT_WAF_CONFIG_DATA = "mgtWafConfigData"; const MGT_WAF_CONFIG_DATA_SECTION = "mgt_waf"; const MAGENTO_BACKEND_RESTRICTION_ENABLED = 1; const MAGENTO_BACKEND_RESTRICTION_DISABLED = 0; const MAGENTO_BACKEND_RESTRICTION_ACTION_ALLOW = "Allow"; const MAGENTO_BACKEND_RESTRICTION_ACTION_BLOCK = "Block"; protected $awsWaf; protected $configData = []; protected $awsAccessKey; protected $awsSecretAccessKey; protected $awsRegion; protected $blockedIps = []; protected $blockedCountryCodes = []; protected $blockedIpsIpv4 = []; protected $blockedIpsIpv6 = []; protected $blockedBots = []; protected $webAcl; protected $webAclName; protected $rateLimit; protected $rateLimitWhitelistedIps = []; protected $rateLimitWhitelistedIpsIpv4 = []; protected $rateLimitWhitelistedIpsIpv6 = []; protected $isMagentoBackendRestricted = false; protected $magentoBackendWhitelistedIps = []; protected $magentoBackendWhitelistedIpIpv4 = []; protected $magentoBackendWhitelistedIpIpv6 = []; protected $projectName; protected $deploymentConfig; protected $remoteAddress; protected $session; public function __construct(\Magento\Backend\Model\Session $session, \Magento\Framework\App\DeploymentConfig $deploymentConfig, \Magento\Framework\HTTP\PhpEnvironment\RemoteAddress $remoteAddress) { goto A1cb4; A1cb4: $this->session = $session; goto a5077; a5077: $this->deploymentConfig = $deploymentConfig; goto a855d; a855d: $this->remoteAddress = $remoteAddress; goto E38b0; E38b0: } public function beforeSave(\Magento\Config\Model\Config $subject) { try { goto E64c2; E64c2: $this->configData = $subject->getData(); goto Db2b3; df088: c4256: goto A9367; E950d: $this->session->unsetData(self::MGT_WAF_CONFIG_DATA); goto b2747; C119b: $this->updateWaf(); goto df088; b2747: $this->validate(); goto C119b; A112f: return; goto A9a60; Db2b3: if (!(true === isset($this->configData["section"]) && $this->configData["section"] == self::MGT_WAF_CONFIG_DATA_SECTION)) { goto c4256; } goto A7177; b8313: if (!(false === $isMgt)) { goto c91e2; } goto A112f; A7177: $isMgt = true === isset($_SERVER["MGT"]) && $_SERVER["MGT"] == "1" ? true : false; goto b8313; A9a60: c91e2: goto E950d; A9367: } catch (\Exception $e) { $this->session->setData(self::MGT_WAF_CONFIG_DATA, $this->configData); throw $e; } } protected function validate() { goto a1b16; a688b: $this->validateRateLimitWhitelistIps(); goto d6cda; Db745: $this->validateWebAcl(); goto cfd75; d6cda: $this->validateMagentoBackendWhitelistedIps(); goto D8e0a; cfd75: $this->validateBlockedIps(); goto bb6be; bb6be: $this->validateRateLimit(); goto a688b; a1b16: $this->validateAccessKeys(); goto Db745; D8e0a: } protected function updateWaf() { try { goto e648e; Adfca: $this->updateMagentoBackend(); goto Ad93c; F3c33: $this->updateBlockedCountryCodes(); goto Fe6ac; Fe6ac: $this->updateBlockedIpsIpSets(); goto B04d1; Ca190: $this->updateRateLimitWhitelistedIpSets(); goto Adfca; B04d1: $this->updateBlockedBots(); goto D8382; ef55b: $awsWaf->updateWebAcl($webAcl); goto Cfc8a; D8382: $this->updateRateLimitValue(); goto Ca190; Ad93c: $webAcl = $this->getWebAcl(); goto Dec28; Dec28: $awsWaf = $this->getAwsWaf(); goto ef55b; e648e: $webAclName = $this->getWebAclName(); goto F3c33; Cfc8a: } catch (\Exception $e) { $errorMessage = sprintf("Unable to update Web ACL "%s", error message: "%s".", $webAclName, $e->getMessage()); throw new \Exception($errorMessage); } } protected function validateAccessKeys() { try { goto A591e; A591e: $awsWaf = $this->getAwsWaf(); goto d7957; B5d9c: $this->retry(function () use($wafClient) { $wafClient->listIPSets(["Scope" => AwsWaf::SCOPE_REGIONAL]); }); goto fcb7f; d7957: $wafClient = $awsWaf->getWafClient(); goto B5d9c; fcb7f: } catch (\Exception $e) { $errorMessage = sprintf("AWS Credentials are not valid."); throw new \Exception($errorMessage); } } protected function validateWebAcl() { goto B8046; a3690: $awsWaf = $this->getAwsWaf(); goto d9061; d9061: $webAcls = $awsWaf->getWebAcls(); goto ae308; F8f12: if (!(false === $webAclFound)) { goto bf998; } goto fc68c; B8046: $webAclFound = false; goto f891d; Ddfd3: $errorMessage = sprintf("Web Acl "%s" does not exist in AWS Region "%s".", $webAclName, $awsRegion); goto f59ca; F3760: B1dfc: goto F8f12; b6a5b: bf998: goto A4d69; f891d: $webAclName = $this->getWebAclName(); goto a3690; F38cb: foreach ($webAcls as $webAcl) { goto f9480; B3584: goto F7a68; goto e7c26; f9480: if (!(true === isset($webAcl["Name"]) && $webAclName == $webAcl["Name"])) { goto C2c02; } goto dd9f9; F5552: B9408: goto b30d3; dd9f9: $webAclFound = true; goto B3584; e7c26: C2c02: goto F5552; b30d3: } goto e496d; ae308: if (!(false === empty($webAcls))) { goto B1dfc; } goto F38cb; fc68c: $awsRegion = $this->getAwsRegion(); goto Ddfd3; f59ca: throw new \Exception($errorMessage); goto b6a5b; e496d: F7a68: goto F3760; A4d69: } protected function validateBlockedIps() { goto fbfee; Cbc36: f5340: goto cf3ef; Bf90c: ba0f9: goto Cbc36; fbfee: $blockedIps = $this->getBlockedIps(); goto d4217; d4217: if (!(false === empty($blockedIps))) { goto f5340; } goto bd810; bd810: foreach ($blockedIps as $ip) { goto b06f3; d807f: Ba115: goto Ae610; d8cd0: throw new \Exception(sprintf("Blocked IP "%s" is not valid.", $ip)); goto A86cf; e5a02: if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { goto A1cc1; } goto d8cd0; c474d: f13c2: goto d2024; B578a: $this->blockedIpsIpv4[] = $ip; goto c474d; b06f3: if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { goto d7540; } goto e5a02; Ae610: f3cef: goto Df547; ea88c: d7540: goto D4096; d2024: goto Ba115; goto ea88c; D4096: $this->blockedIpsIpv6[] = $ip; goto d807f; A86cf: goto f13c2; goto fd7fd; fd7fd: A1cc1: goto B578a; Df547: } goto Bf90c; cf3ef: } protected function validateRateLimitWhitelistIps() { goto a3d71; e2073: f12ad: goto F3e81; c9c48: foreach ($rateLimitWhitelistedIps as $ip) { goto abc00; B9527: fe6d7: goto b65b9; f5b1e: f0238: goto B9527; d1b4a: goto f0238; goto aa80a; Ac1f8: throw new \Exception(sprintf("Rate Limit Whitelisted IP "%s" is not valid.", $ip)); goto adc54; F8f7e: if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { goto E68fa; } goto Ac1f8; adc54: goto A503d; goto e8aa5; e8aa5: E68fa: goto c8acc; c8acc: $this->rateLimitWhitelistedIpsIpv4[] = $ip; goto B1ba9; abc00: if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { goto b95cd; } goto F8f7e; a6d72: $this->rateLimitWhitelistedIpsIpv6[] = $ip; goto f5b1e; aa80a: b95cd: goto a6d72; B1ba9: A503d: goto d1b4a; b65b9: } goto e2073; a3d71: $rateLimitWhitelistedIps = $this->getRateLimitWhitelistedIps(); goto efeff; F3e81: b3af2: goto B6633; efeff: if (!(false === empty($rateLimitWhitelistedIps))) { goto b3af2; } goto c9c48; B6633: } protected function validateMagentoBackendWhitelistedIps() { goto bacc1; bacc1: $magentoBackendWhitelistedIps = $this->getMagentoBackendWhitelistedIps(); goto d4b55; A2855: a1a5e: goto Ab7f1; Ec04c: D60b0: goto A2855; e488a: foreach ($magentoBackendWhitelistedIps as $ip) { goto a5636; ac6e8: if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { goto e9457; } goto F7229; f6e15: $this->magentoBackendWhitelistedIpIpv6[] = $ip; goto F2e42; A7b08: goto cea75; goto bc768; c9988: D2c6a: goto f13eb; a5636: if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { goto ecbde; } goto ac6e8; bc768: e9457: goto ef94a; b2fd8: ecbde: goto f6e15; F2e42: c9941: goto c9988; b7402: cea75: goto c6b93; F7229: throw new \Exception(sprintf("Magento Backend Whitelisted IP "%s" is not valid.", $ip)); goto A7b08; c6b93: goto c9941; goto b2fd8; ef94a: $this->magentoBackendWhitelistedIpIpv4[] = $ip; goto b7402; f13eb: } goto Ec04c; d4b55: if (!(false === empty($magentoBackendWhitelistedIps))) { goto a1a5e; } goto e488a; Ab7f1: } protected function validateRateLimit() { goto A2e07; A2e07: $rateLimit = $this->getRateLimit(); goto b43b9; baf5c: throw new \Exception(sprintf("Rate Limit "%s" not valid, must be between 100 and 15000.", $rateLimit)); goto a03c7; a03c7: F18ad: goto C7a80; b43b9: if (!($rateLimit < 100 || $rateLimit > 15000)) { goto F18ad; } goto baf5c; C7a80: } protected function updateMagentoBackend() { goto eb976; a87e1: $this->magentoBackendWhitelistedIpIpv4[] = $customerIp; goto e5d5a; a0963: $awsWaf->updateIpSet(AwsWaf::IP_SET_MAGENTO_BACKEND_WHITELISTED_IPV4, $this->magentoBackendWhitelistedIpIpv4); goto F7843; f99c5: if (!(false === empty($customerIp))) { goto f8e2e; } goto D2da9; d6ae9: $backendFrontName = $this->getBackendFrontName(); goto ca3bd; a3a12: bf6aa: goto db8ca; ea8e4: a1bc3: goto Ce46a; Bfb39: f8e2e: goto A43b2; b0a3f: ca402: goto a0963; B9ef4: $isMagentoBackendRestricted = $this->isMagentoBackendRestricted(); goto d988c; f46ac: if (!(true === isset($this->webAcl["Rules"][$webAclRuleArrayIndex]))) { goto ea614; } goto B3cbe; e5d5a: goto d51d8; goto B94a9; D2da9: if (filter_var($customerIp, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { goto f532c; } goto a87e1; b34a8: unset($this->webAcl["Rules"][$webAclRuleArrayIndex]["Action"]); goto B8caa; Afd7f: ea614: goto a1816; c90bc: $this->magentoBackendWhitelistedIpIpv6[] = $customerIp; goto df29e; a8e67: $this->webAcl["Rules"][$webAclRuleArrayIndex]["Action"][$action] = []; goto Fe33b; B3cbe: $this->webAcl["Rules"][$webAclRuleArrayIndex]["Statement"]["AndStatement"]["Statements"][0]["ByteMatchStatement"]["SearchString"] = $backendFrontName; goto Afd7f; D911a: if (!(true === isset($this->webAcl["Rules"][$webAclRuleArrayIndex]["Action"]))) { goto c998e; } goto b34a8; a1816: $webAclRuleName = $awsWaf->getWebAclRuleName(AwsWaf::WEB_ACL_RULE_ALLOW_MAGENTO_BACKEND_ACCESS_IPV6); goto ec7d1; db8ca: foreach ($this->magentoBackendWhitelistedIpIpv6 as &$ip) { $ip = sprintf("%s/128", $ip); d8ae3: } goto b0a3f; Cdff9: $customerIp = $this->remoteAddress->getRemoteAddress(); goto f99c5; e9c89: $action = true === $isMagentoBackendRestricted ? self::MAGENTO_BACKEND_RESTRICTION_ACTION_BLOCK : self::MAGENTO_BACKEND_RESTRICTION_ACTION_ALLOW; goto a8e67; B645d: foreach ($this->magentoBackendWhitelistedIpIpv4 as &$ip) { $ip = sprintf("%s/32", $ip); b2c07: } goto a3a12; d988c: if (!(true === $isMagentoBackendRestricted)) { goto Db835; } goto Cdff9; ec80f: if (!(true === isset($this->webAcl["Rules"][$webAclRuleArrayIndex]))) { goto b1a23; } goto F530a; e7b98: $webAclRuleArrayIndex = $this->getWebAclRuleArrayIndex($webAclRuleName); goto f46ac; F530a: $this->webAcl["Rules"][$webAclRuleArrayIndex]["Statement"]["AndStatement"]["Statements"][0]["ByteMatchStatement"]["SearchString"] = $backendFrontName; goto Eb804; df29e: d51d8: goto Bfb39; A43b2: Db835: goto B645d; eb976: $awsWaf = $this->getAwsWaf(); goto d6ae9; Ce46a: $webAclRuleName = $awsWaf->getWebAclRuleName(AwsWaf::WEB_ACL_RULE_ALLOW_MAGENTO_BACKEND_ACCESS_IPV4); goto e7b98; ec7d1: $webAclRuleArrayIndex = $this->getWebAclRuleArrayIndex($webAclRuleName); goto ec80f; B94a9: f532c: goto c90bc; fa1b0: $isMagentoBackendRestricted = $this->isMagentoBackendRestricted(); goto D911a; B8caa: c998e: goto e9c89; Fe33b: $this->webAcl["Rules"][$webAclRuleArrayIndex]["Statement"]["ByteMatchStatement"]["SearchString"] = $backendFrontName; goto ea8e4; F7843: $awsWaf->updateIpSet(AwsWaf::IP_SET_MAGENTO_BACKEND_WHITELISTED_IPV6, $this->magentoBackendWhitelistedIpIpv6); goto Cf930; Eb804: b1a23: goto B9ef4; ca3bd: $webAclRuleName = $awsWaf->getWebAclRuleName(AwsWaf::WEB_ACL_RULE_BLOCK_MAGENTO_BACKEND_ACCESS); goto ea269; Af3dc: if (!(true === isset($this->webAcl["Rules"][$webAclRuleArrayIndex]))) { goto a1bc3; } goto fa1b0; ea269: $webAclRuleArrayIndex = $this->getWebAclRuleArrayIndex($webAclRuleName); goto Af3dc; Cf930: } protected function updateBlockedCountryCodes() { goto babdd; C6ee6: $webAclRuleName = $awsWaf->getWebAclRuleName(AwsWaf::WEB_ACL_RULE_NAME_BLOCKED_COUNTRIES); goto a594d; Ce3ba: throw new \Exception(sprintf("Web ACL Rule "%s" not found.", $webAclRuleName)); goto ed4e7; b2070: if (!(true === empty($blockedCountryCodes))) { goto c2bf8; } goto F308a; d7d77: Ad2b7: goto Dd032; Dd032: $this->webAcl["Rules"][$webAclRuleArrayIndex]["Statement"]["GeoMatchStatement"]["CountryCodes"] = $blockedCountryCodes; goto f8a18; ed4e7: goto Ec238; goto d7d77; babdd: $blockedCountryCodes = $this->getBlockedCountryCodes(); goto b2070; Ad544: if (true === isset($this->webAcl["Rules"][$webAclRuleArrayIndex])) { goto Ad2b7; } goto Ce3ba; f8a18: Ec238: goto fe9a8; f8c1a: c2bf8: goto Fb3cd; a594d: $webAclRuleArrayIndex = $this->getWebAclRuleArrayIndex($webAclRuleName); goto Ad544; F308a: $blockedCountryCodes = ["TV"]; goto f8c1a; Fb3cd: $awsWaf = $this->getAwsWaf(); goto C6ee6; fe9a8: } protected function updateRateLimitValue() { goto d4891; c0dae: B54c4: goto E9993; d4891: $awsWaf = $this->getAwsWaf(); goto A416a; e5bb1: goto Fe24a; goto c0dae; Df3f8: if (true === isset($this->webAcl["Rules"][$webAclRuleArrayIndex])) { goto a05cb; } goto F028b; E52ee: $webAclRuleArrayIndex = $this->getWebAclRuleArrayIndex($webAclRuleNameRateLimitIPv4); goto bb2a5; F738f: throw new \Exception(sprintf("Web ACL Rule "%s" not found.", $webAclRuleNameRateLimitIPv4)); goto e5bb1; a80b2: $webAclRuleArrayIndex = $this->getWebAclRuleArrayIndex($webAclRuleNameRateLimitIPv6); goto Df3f8; edd88: $webAclRuleNameRateLimitIPv4 = $awsWaf->getWebAclRuleName(AwsWaf::WEB_ACL_RULE_NAME_RATE_LIMIT_IPV4); goto E52ee; c6f87: goto C55cf; goto A3282; Df3e4: $webAclRuleNameRateLimitIPv6 = $awsWaf->getWebAclRuleName(AwsWaf::WEB_ACL_RULE_NAME_RATE_LIMIT_IPV6); goto a80b2; Bb3fe: Fe24a: goto Df3e4; A3282: a05cb: goto f155a; Ee1ec: C55cf: goto E62e5; E9993: $this->webAcl["Rules"][$webAclRuleArrayIndex]["Statement"]["RateBasedStatement"]["Limit"] = $rateLimit; goto Bb3fe; A416a: $rateLimit = (int) $this->getRateLimit(); goto edd88; f155a: $this->webAcl["Rules"][$webAclRuleArrayIndex]["Statement"]["RateBasedStatement"]["Limit"] = $rateLimit; goto Ee1ec; bb2a5: if (true === isset($this->webAcl["Rules"][$webAclRuleArrayIndex])) { goto B54c4; } goto F738f; F028b: throw new \Exception(sprintf("Web ACL Rule "%s" not found.", $webAclRuleNameRateLimitIPv6)); goto c6f87; E62e5: } protected function updateRateLimitWhitelistedIpSets() { goto E885a; E9a93: foreach ($this->rateLimitWhitelistedIpsIpv6 as &$ip) { $ip = sprintf("%s/128", $ip); Ca6b3: } goto b13c5; E885a: foreach ($this->rateLimitWhitelistedIpsIpv4 as &$ip) { $ip = sprintf("%s/32", $ip); d7beb: } goto C341b; b13c5: E31fa: goto f416b; C341b: bc9de: goto E9a93; f416b: $awsWaf = $this->getAwsWaf(); goto C312b; C68ba: $awsWaf->updateIpSet(AwsWaf::IP_SET_RATE_LIMIT_WHITELISTED_IPV6, $this->rateLimitWhitelistedIpsIpv6); goto f9ed1; C312b: $awsWaf->updateIpSet(AwsWaf::IP_SET_RATE_LIMIT_WHITELISTED_IPV4, $this->rateLimitWhitelistedIpsIpv4); goto C68ba; f9ed1: } protected function updateBlockedIpsIpSets() { goto bb8e5; ee5ec: d445e: goto bb7de; b264b: foreach ($this->blockedIpsIpv6 as &$ip) { $ip = sprintf("%s/128", $ip); e7482: } goto ee5ec; bb7de: $awsWaf = $this->getAwsWaf(); goto b592e; A0f11: Dc80a: goto b264b; b592e: $awsWaf->updateIpSet(AwsWaf::IP_SET_BLOCKED_IPS_IPV4, $this->blockedIpsIpv4); goto Ad08c; Ad08c: $awsWaf->updateIpSet(AwsWaf::IP_SET_BLOCKED_IPS_IPV6, $this->blockedIpsIpv6); goto d3bb0; bb8e5: foreach ($this->blockedIpsIpv4 as &$ip) { $ip = sprintf("%s/32", $ip); A42f6: } goto A0f11; d3bb0: } protected function updateBlockedBots() { goto cbd3e; Ee462: f33ce: goto ff176; Ddb64: $blockedBots[] = "mgt"; goto Ee462; ba61c: if (!(true === empty($blockedBots))) { goto f33ce; } goto Ddb64; cbd3e: $blockedBots = $this->getBlockedBots(); goto ba61c; cbc0b: $awsWaf->updateBlockedBotsRegexPatternSet($blockedBots); goto C3fb3; ff176: $awsWaf = $this->getAwsWaf(); goto cbc0b; C3fb3: } protected function getAwsWaf() { goto Bc722; Bf869: $this->awsWaf = new AwsWaf($awsAccessKey, $awsSecretAccessKey, $awsRegion, $projectName); goto C4fee; Bc722: if (!(true === is_null($this->awsWaf))) { goto d1147; } goto cc1df; Bb26f: $projectName = $this->getProjectName(); goto Bf869; D3855: return $this->awsWaf; goto fa33e; E93cd: $awsSecretAccessKey = $this->getAwsSecretAccessKey(); goto E98b4; E98b4: $awsRegion = $this->getAwsRegion(); goto Bb26f; cc1df: $awsAccessKey = $this->getAwsAccessKey(); goto E93cd; C4fee: d1147: goto D3855; fa33e: } protected function getAwsAccessKey() { goto acddc; A1819: return $this->awsAccessKey; goto f0caf; b8d15: $this->awsAccessKey = $this->getConfigValue("settings", "aws_access_key"); goto Cbb7e; acddc: if (!(true === is_null($this->awsAccessKey))) { goto e92ca; } goto b8d15; Cbb7e: e92ca: goto A1819; f0caf: } protected function getAwsSecretAccessKey() { goto edbea; b8de9: da211: goto C405f; f94b9: $this->awsSecretAccessKey = $this->getConfigValue("settings", "aws_secret_access_key"); goto b8de9; C405f: return $this->awsSecretAccessKey; goto ff13d; edbea: if (!(true === is_null($this->awsSecretAccessKey))) { goto da211; } goto f94b9; ff13d: } protected function getAwsRegion() { goto Fe95c; Fe95c: if (!(true == is_null($this->awsRegion))) { goto e4e79; } goto e9aad; C068b: return $this->awsRegion; goto c2ed7; dc7dc: e4e79: goto C068b; e9aad: $this->awsRegion = $this->getConfigValue("settings", "aws_region"); goto dc7dc; c2ed7: } protected function getProjectName() { goto ccaa9; f8d01: return $this->projectName; goto e3f5b; ccaa9: if (!(true === is_null($this->projectName))) { goto Bf87e; } goto e4307; e4307: $this->projectName = $this->getConfigValue("settings", "project_name"); goto b9ac7; b9ac7: Bf87e: goto f8d01; e3f5b: } protected function getRateLimit() { goto c502b; c502b: if (!(true === is_null($this->rateLimit))) { goto de9ec; } goto E292b; D2897: de9ec: goto d19b7; E292b: $this->rateLimit = $this->getConfigValue("rate_limit", "rate_limit"); goto D2897; d19b7: return $this->rateLimit; goto e70a2; e70a2: } protected function getBlockedCountryCodes() { goto d8c64; Cc6a1: if (!(false === empty($blockedCountryCodes))) { goto A28e5; } goto c7be6; d7d18: return $this->blockedCountryCodes; goto e9273; Cbd83: dc252: goto d7d18; C27f4: A28e5: goto Cbd83; d8c64: if (!(true === empty($this->blockedCountryCodes))) { goto dc252; } goto C2052; c7be6: $this->blockedCountryCodes = $blockedCountryCodes; goto C27f4; C2052: $blockedCountryCodes = $this->getConfigValue("blocked_countries", "country_codes"); goto Cc6a1; e9273: } protected function getBlockedIps() { goto a836a; Bb685: if (!(false === empty($blockedIps))) { goto C5667; } goto C0b70; b1490: return $this->blockedIps; goto f36e1; E6ceb: $blockedIps = $this->getConfigValue("blocked_ips", "blocked_ips"); goto E90d3; a836a: if (!(true === empty($this->blockedIps))) { goto Ba254; } goto E6ceb; b6216: $blockedIps = array_filter(array_map("trim", $blockedIps)); goto Bb685; F2d07: C5667: goto def98; C0b70: $this->blockedIps = $blockedIps; goto F2d07; def98: Ba254: goto b1490; E90d3: $blockedIps = explode(PHP_EOL, $blockedIps); goto b6216; f36e1: } protected function getRateLimitWhitelistedIps() { goto D0d4f; b094d: $rateLimitWhitelistedIps = array_filter(array_map("trim", $rateLimitWhitelistedIps)); goto d93e3; D0d4f: if (!(true === empty($this->rateLimitWhitelistedIps))) { goto e13d5; } goto c4f28; Aeb44: $this->rateLimitWhitelistedIps = $rateLimitWhitelistedIps; goto Da88b; Ce432: e13d5: goto e9296; e9296: return $this->rateLimitWhitelistedIps; goto c2c32; B0d81: $rateLimitWhitelistedIps = explode(PHP_EOL, $rateLimitWhitelistedIps); goto b094d; c4f28: $rateLimitWhitelistedIps = $this->getConfigValue("rate_limit", "whitelisted_ips"); goto B0d81; Da88b: de6c8: goto Ce432; d93e3: if (!(false === empty($rateLimitWhitelistedIps))) { goto de6c8; } goto Aeb44; c2c32: } protected function getBlockedBots() { goto Affed; Fab61: a0df8: goto E19ee; Ee2ce: $blockedBots = array_filter(array_map("trim", $blockedBots)); goto Aba44; E19ee: A99d0: goto fae21; fae21: return $this->blockedBots; goto fdb63; e6364: $blockedBots = explode(PHP_EOL, $blockedBots); goto Ee2ce; Affed: if (!(true === empty($this->blockedBots))) { goto A99d0; } goto baca9; Aba44: if (!(false === empty($blockedBots))) { goto a0df8; } goto aa161; aa161: $this->blockedBots = $blockedBots; goto Fab61; baca9: $blockedBots = $this->getConfigValue("blocked_bots", "blocked_bots"); goto e6364; fdb63: } protected function getMagentoBackendWhitelistedIps() { goto eb020; c705b: $this->magentoBackendWhitelistedIps = $magentoBackendWhitelistedIps; goto A92b7; a4945: if (!(false === empty($magentoBackendWhitelistedIps))) { goto bd73e; } goto c705b; Dbe86: $magentoBackendWhitelistedIps = explode(PHP_EOL, $magentoBackendWhitelistedIps); goto ff118; A92b7: bd73e: goto C8d12; Cdef5: $magentoBackendWhitelistedIps = $this->getConfigValue("magento_backend", "whitelisted_ips"); goto Dbe86; eb020: if (!(true === empty($this->magentoBackendWhitelistedIps))) { goto d4a52; } goto Cdef5; C1761: return $this->magentoBackendWhitelistedIps; goto fa8b5; ff118: $magentoBackendWhitelistedIps = array_filter(array_map("trim", $magentoBackendWhitelistedIps)); goto a4945; C8d12: d4a52: goto C1761; fa8b5: } protected function isMagentoBackendRestricted() { goto B0aa8; A9ca6: return $this->isMagentoBackendRestricted; goto Af80a; B0aa8: $configValue = $this->getConfigValue("magento_backend", "is_enabled"); goto ee198; ee198: $this->isMagentoBackendRestricted = $configValue == self::MAGENTO_BACKEND_RESTRICTION_ENABLED ? true : false; goto A9ca6; Af80a: } protected function getWebAcl() { goto Da52e; a13ea: $this->webAcl = $awsWaf->getWebAcl($webAclName); goto ca4ad; ca4ad: b9b74: goto da35f; da35f: return $this->webAcl; goto D268d; E25b3: $webAclName = $this->getWebAclName(); goto a13ea; Da52e: if (!(true === is_null($this->webAcl))) { goto b9b74; } goto Af849; Af849: $awsWaf = $this->getAwsWaf(); goto E25b3; D268d: } protected function getWebAclName() { goto f6d3e; e73c6: $this->webAclName = sprintf("%s-MGT-Web-ACL", $projectName); goto eff51; ee788: $projectName = ucfirst($this->getProjectName()); goto e73c6; f6d3e: if (!(true === is_null($this->webAclName))) { goto A2ff5; } goto ee788; a421e: return $this->webAclName; goto C80c4; eff51: A2ff5: goto a421e; C80c4: } protected function getWebAclRuleArrayIndex($webAclRuleName) { goto b7ae3; A0158: Ec050: goto Fb59c; Ed93f: goto Ec050; goto f8ddb; df11b: throw new \Exception(sprintf("Web ACL Rule "%s" not found.", $webAclRuleName)); goto Ed93f; f8ddb: E1c95: goto B88d2; c8dad: $webAclRules = $webAcl["Rules"] ?? []; goto Fe776; B88d2: return $arrayIndex; goto A0158; Fe776: $arrayIndex = array_search($webAclRuleName, array_column($webAclRules, "Name")); goto Dd842; Dd842: if (false === is_null($arrayIndex) && true === isset($webAclRules[$arrayIndex])) { goto E1c95; } goto df11b; b7ae3: $webAcl = $this->getWebAcl(); goto c8dad; Fb59c: } protected function getBackendFrontName() { $backendFrontName = $this->deploymentConfig->get(BackendConfigOptionsList::CONFIG_PATH_BACKEND_FRONTNAME); return $backendFrontName; } protected function getConfigValue($group, $field) { goto A9c42; A9c42: $configValue = ''; goto c03e5; c03e5: if (!(true === isset($this->configData["groups"][$group]["fields"][$field]["value"]))) { goto D26de; } goto A3377; D575e: if (!(true === is_string($configValue))) { goto Cc0cf; } goto Edd68; A3377: $configValue = $this->configData["groups"][$group]["fields"][$field]["value"]; goto D575e; A50cf: return $configValue; goto A4fe6; Fedfe: D26de: goto A50cf; a0c8f: Cc0cf: goto Fedfe; Edd68: $configValue = trim($configValue); goto a0c8f; A4fe6: } protected function retry(callable $fn, $retries = 2, $delay = 3) { return Retry::retry($fn, $retries, $delay); } }
?>
Did this file decode correctly?
Original Code
namespace Mgt\Waf\Model\Plugin; use Magento\Backend\Setup\ConfigOptionsList as BackendConfigOptionsList; use Mgt\Waf\Model\Aws\Waf as AwsWaf; use Mgt\Waf\Model\Util\Retry; class Waf { const MGT_WAF_CONFIG_DATA = "\155\147\x74\127\x61\x66\x43\x6f\156\146\x69\x67\x44\141\x74\141"; const MGT_WAF_CONFIG_DATA_SECTION = "\x6d\147\x74\x5f\x77\x61\x66"; const MAGENTO_BACKEND_RESTRICTION_ENABLED = 1; const MAGENTO_BACKEND_RESTRICTION_DISABLED = 0; const MAGENTO_BACKEND_RESTRICTION_ACTION_ALLOW = "\x41\x6c\154\157\x77"; const MAGENTO_BACKEND_RESTRICTION_ACTION_BLOCK = "\102\x6c\157\x63\153"; protected $awsWaf; protected $configData = []; protected $awsAccessKey; protected $awsSecretAccessKey; protected $awsRegion; protected $blockedIps = []; protected $blockedCountryCodes = []; protected $blockedIpsIpv4 = []; protected $blockedIpsIpv6 = []; protected $blockedBots = []; protected $webAcl; protected $webAclName; protected $rateLimit; protected $rateLimitWhitelistedIps = []; protected $rateLimitWhitelistedIpsIpv4 = []; protected $rateLimitWhitelistedIpsIpv6 = []; protected $isMagentoBackendRestricted = false; protected $magentoBackendWhitelistedIps = []; protected $magentoBackendWhitelistedIpIpv4 = []; protected $magentoBackendWhitelistedIpIpv6 = []; protected $projectName; protected $deploymentConfig; protected $remoteAddress; protected $session; public function __construct(\Magento\Backend\Model\Session $session, \Magento\Framework\App\DeploymentConfig $deploymentConfig, \Magento\Framework\HTTP\PhpEnvironment\RemoteAddress $remoteAddress) { goto A1cb4; A1cb4: $this->session = $session; goto a5077; a5077: $this->deploymentConfig = $deploymentConfig; goto a855d; a855d: $this->remoteAddress = $remoteAddress; goto E38b0; E38b0: } public function beforeSave(\Magento\Config\Model\Config $subject) { try { goto E64c2; E64c2: $this->configData = $subject->getData(); goto Db2b3; df088: c4256: goto A9367; E950d: $this->session->unsetData(self::MGT_WAF_CONFIG_DATA); goto b2747; C119b: $this->updateWaf(); goto df088; b2747: $this->validate(); goto C119b; A112f: return; goto A9a60; Db2b3: if (!(true === isset($this->configData["\x73\x65\143\x74\x69\x6f\x6e"]) && $this->configData["\163\x65\143\x74\x69\x6f\156"] == self::MGT_WAF_CONFIG_DATA_SECTION)) { goto c4256; } goto A7177; b8313: if (!(false === $isMgt)) { goto c91e2; } goto A112f; A7177: $isMgt = true === isset($_SERVER["\115\107\x54"]) && $_SERVER["\115\107\x54"] == "\61" ? true : false; goto b8313; A9a60: c91e2: goto E950d; A9367: } catch (\Exception $e) { $this->session->setData(self::MGT_WAF_CONFIG_DATA, $this->configData); throw $e; } } protected function validate() { goto a1b16; a688b: $this->validateRateLimitWhitelistIps(); goto d6cda; Db745: $this->validateWebAcl(); goto cfd75; d6cda: $this->validateMagentoBackendWhitelistedIps(); goto D8e0a; cfd75: $this->validateBlockedIps(); goto bb6be; bb6be: $this->validateRateLimit(); goto a688b; a1b16: $this->validateAccessKeys(); goto Db745; D8e0a: } protected function updateWaf() { try { goto e648e; Adfca: $this->updateMagentoBackend(); goto Ad93c; F3c33: $this->updateBlockedCountryCodes(); goto Fe6ac; Fe6ac: $this->updateBlockedIpsIpSets(); goto B04d1; Ca190: $this->updateRateLimitWhitelistedIpSets(); goto Adfca; B04d1: $this->updateBlockedBots(); goto D8382; ef55b: $awsWaf->updateWebAcl($webAcl); goto Cfc8a; D8382: $this->updateRateLimitValue(); goto Ca190; Ad93c: $webAcl = $this->getWebAcl(); goto Dec28; Dec28: $awsWaf = $this->getAwsWaf(); goto ef55b; e648e: $webAclName = $this->getWebAclName(); goto F3c33; Cfc8a: } catch (\Exception $e) { $errorMessage = sprintf("\125\x6e\141\142\x6c\145\40\x74\x6f\x20\x75\x70\x64\x61\x74\145\40\127\x65\142\x20\101\103\x4c\x20\x22\x25\163\42\x2c\40\x65\162\x72\157\x72\x20\155\x65\x73\163\x61\147\145\72\40\42\x25\x73\x22\56", $webAclName, $e->getMessage()); throw new \Exception($errorMessage); } } protected function validateAccessKeys() { try { goto A591e; A591e: $awsWaf = $this->getAwsWaf(); goto d7957; B5d9c: $this->retry(function () use($wafClient) { $wafClient->listIPSets(["\123\x63\157\x70\x65" => AwsWaf::SCOPE_REGIONAL]); }); goto fcb7f; d7957: $wafClient = $awsWaf->getWafClient(); goto B5d9c; fcb7f: } catch (\Exception $e) { $errorMessage = sprintf("\x41\x57\x53\x20\x43\x72\145\x64\145\x6e\164\x69\141\x6c\163\x20\x61\x72\x65\40\x6e\157\164\x20\x76\x61\x6c\x69\x64\56"); throw new \Exception($errorMessage); } } protected function validateWebAcl() { goto B8046; a3690: $awsWaf = $this->getAwsWaf(); goto d9061; d9061: $webAcls = $awsWaf->getWebAcls(); goto ae308; F8f12: if (!(false === $webAclFound)) { goto bf998; } goto fc68c; B8046: $webAclFound = false; goto f891d; Ddfd3: $errorMessage = sprintf("\127\x65\142\40\101\x63\x6c\x20\42\45\x73\42\x20\144\157\x65\163\x20\x6e\x6f\164\x20\145\x78\x69\x73\164\x20\x69\x6e\40\x41\127\x53\40\x52\145\x67\151\157\x6e\x20\42\x25\x73\x22\x2e", $webAclName, $awsRegion); goto f59ca; F3760: B1dfc: goto F8f12; b6a5b: bf998: goto A4d69; f891d: $webAclName = $this->getWebAclName(); goto a3690; F38cb: foreach ($webAcls as $webAcl) { goto f9480; B3584: goto F7a68; goto e7c26; f9480: if (!(true === isset($webAcl["\x4e\x61\x6d\x65"]) && $webAclName == $webAcl["\116\141\x6d\145"])) { goto C2c02; } goto dd9f9; F5552: B9408: goto b30d3; dd9f9: $webAclFound = true; goto B3584; e7c26: C2c02: goto F5552; b30d3: } goto e496d; ae308: if (!(false === empty($webAcls))) { goto B1dfc; } goto F38cb; fc68c: $awsRegion = $this->getAwsRegion(); goto Ddfd3; f59ca: throw new \Exception($errorMessage); goto b6a5b; e496d: F7a68: goto F3760; A4d69: } protected function validateBlockedIps() { goto fbfee; Cbc36: f5340: goto cf3ef; Bf90c: ba0f9: goto Cbc36; fbfee: $blockedIps = $this->getBlockedIps(); goto d4217; d4217: if (!(false === empty($blockedIps))) { goto f5340; } goto bd810; bd810: foreach ($blockedIps as $ip) { goto b06f3; d807f: Ba115: goto Ae610; d8cd0: throw new \Exception(sprintf("\x42\x6c\x6f\143\x6b\x65\144\40\111\120\40\42\45\163\42\x20\151\163\40\x6e\x6f\164\40\x76\141\154\151\x64\56", $ip)); goto A86cf; e5a02: if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { goto A1cc1; } goto d8cd0; c474d: f13c2: goto d2024; B578a: $this->blockedIpsIpv4[] = $ip; goto c474d; b06f3: if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { goto d7540; } goto e5a02; Ae610: f3cef: goto Df547; ea88c: d7540: goto D4096; d2024: goto Ba115; goto ea88c; D4096: $this->blockedIpsIpv6[] = $ip; goto d807f; A86cf: goto f13c2; goto fd7fd; fd7fd: A1cc1: goto B578a; Df547: } goto Bf90c; cf3ef: } protected function validateRateLimitWhitelistIps() { goto a3d71; e2073: f12ad: goto F3e81; c9c48: foreach ($rateLimitWhitelistedIps as $ip) { goto abc00; B9527: fe6d7: goto b65b9; f5b1e: f0238: goto B9527; d1b4a: goto f0238; goto aa80a; Ac1f8: throw new \Exception(sprintf("\x52\x61\164\145\40\114\x69\155\x69\x74\40\127\x68\151\164\145\x6c\x69\x73\164\x65\144\40\111\x50\x20\42\x25\x73\42\x20\151\163\40\156\157\164\40\x76\x61\154\x69\144\x2e", $ip)); goto adc54; F8f7e: if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { goto E68fa; } goto Ac1f8; adc54: goto A503d; goto e8aa5; e8aa5: E68fa: goto c8acc; c8acc: $this->rateLimitWhitelistedIpsIpv4[] = $ip; goto B1ba9; abc00: if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { goto b95cd; } goto F8f7e; a6d72: $this->rateLimitWhitelistedIpsIpv6[] = $ip; goto f5b1e; aa80a: b95cd: goto a6d72; B1ba9: A503d: goto d1b4a; b65b9: } goto e2073; a3d71: $rateLimitWhitelistedIps = $this->getRateLimitWhitelistedIps(); goto efeff; F3e81: b3af2: goto B6633; efeff: if (!(false === empty($rateLimitWhitelistedIps))) { goto b3af2; } goto c9c48; B6633: } protected function validateMagentoBackendWhitelistedIps() { goto bacc1; bacc1: $magentoBackendWhitelistedIps = $this->getMagentoBackendWhitelistedIps(); goto d4b55; A2855: a1a5e: goto Ab7f1; Ec04c: D60b0: goto A2855; e488a: foreach ($magentoBackendWhitelistedIps as $ip) { goto a5636; ac6e8: if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4)) { goto e9457; } goto F7229; f6e15: $this->magentoBackendWhitelistedIpIpv6[] = $ip; goto F2e42; A7b08: goto cea75; goto bc768; c9988: D2c6a: goto f13eb; a5636: if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { goto ecbde; } goto ac6e8; bc768: e9457: goto ef94a; b2fd8: ecbde: goto f6e15; F2e42: c9941: goto c9988; b7402: cea75: goto c6b93; F7229: throw new \Exception(sprintf("\115\141\147\x65\156\x74\x6f\40\102\x61\143\x6b\145\x6e\x64\40\127\150\x69\x74\x65\154\x69\163\164\145\x64\x20\x49\120\x20\x22\x25\163\42\x20\151\x73\40\x6e\x6f\164\x20\166\x61\x6c\151\x64\x2e", $ip)); goto A7b08; c6b93: goto c9941; goto b2fd8; ef94a: $this->magentoBackendWhitelistedIpIpv4[] = $ip; goto b7402; f13eb: } goto Ec04c; d4b55: if (!(false === empty($magentoBackendWhitelistedIps))) { goto a1a5e; } goto e488a; Ab7f1: } protected function validateRateLimit() { goto A2e07; A2e07: $rateLimit = $this->getRateLimit(); goto b43b9; baf5c: throw new \Exception(sprintf("\122\141\164\145\40\x4c\x69\x6d\151\x74\40\x22\x25\x73\x22\x20\x6e\x6f\164\x20\x76\141\x6c\x69\x64\54\40\155\x75\x73\x74\x20\x62\x65\x20\142\x65\164\x77\145\x65\156\x20\61\x30\x30\x20\x61\x6e\x64\40\x31\65\60\x30\x30\x2e", $rateLimit)); goto a03c7; a03c7: F18ad: goto C7a80; b43b9: if (!($rateLimit < 100 || $rateLimit > 15000)) { goto F18ad; } goto baf5c; C7a80: } protected function updateMagentoBackend() { goto eb976; a87e1: $this->magentoBackendWhitelistedIpIpv4[] = $customerIp; goto e5d5a; a0963: $awsWaf->updateIpSet(AwsWaf::IP_SET_MAGENTO_BACKEND_WHITELISTED_IPV4, $this->magentoBackendWhitelistedIpIpv4); goto F7843; f99c5: if (!(false === empty($customerIp))) { goto f8e2e; } goto D2da9; d6ae9: $backendFrontName = $this->getBackendFrontName(); goto ca3bd; a3a12: bf6aa: goto db8ca; ea8e4: a1bc3: goto Ce46a; Bfb39: f8e2e: goto A43b2; b0a3f: ca402: goto a0963; B9ef4: $isMagentoBackendRestricted = $this->isMagentoBackendRestricted(); goto d988c; f46ac: if (!(true === isset($this->webAcl["\122\165\x6c\x65\x73"][$webAclRuleArrayIndex]))) { goto ea614; } goto B3cbe; e5d5a: goto d51d8; goto B94a9; D2da9: if (filter_var($customerIp, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6)) { goto f532c; } goto a87e1; b34a8: unset($this->webAcl["\x52\165\154\145\163"][$webAclRuleArrayIndex]["\101\143\x74\151\x6f\156"]); goto B8caa; Afd7f: ea614: goto a1816; c90bc: $this->magentoBackendWhitelistedIpIpv6[] = $customerIp; goto df29e; a8e67: $this->webAcl["\x52\165\x6c\x65\x73"][$webAclRuleArrayIndex]["\101\143\164\x69\157\156"][$action] = []; goto Fe33b; B3cbe: $this->webAcl["\x52\x75\x6c\x65\163"][$webAclRuleArrayIndex]["\x53\x74\141\x74\145\x6d\145\x6e\x74"]["\101\x6e\x64\123\x74\141\164\x65\155\x65\156\x74"]["\x53\x74\x61\x74\x65\x6d\145\x6e\x74\x73"][0]["\x42\171\164\145\x4d\141\164\143\x68\123\164\141\164\145\x6d\145\156\164"]["\x53\x65\x61\162\143\150\123\x74\x72\151\156\x67"] = $backendFrontName; goto Afd7f; D911a: if (!(true === isset($this->webAcl["\122\165\154\145\163"][$webAclRuleArrayIndex]["\101\x63\164\x69\157\x6e"]))) { goto c998e; } goto b34a8; a1816: $webAclRuleName = $awsWaf->getWebAclRuleName(AwsWaf::WEB_ACL_RULE_ALLOW_MAGENTO_BACKEND_ACCESS_IPV6); goto ec7d1; db8ca: foreach ($this->magentoBackendWhitelistedIpIpv6 as &$ip) { $ip = sprintf("\x25\163\x2f\61\x32\x38", $ip); d8ae3: } goto b0a3f; Cdff9: $customerIp = $this->remoteAddress->getRemoteAddress(); goto f99c5; e9c89: $action = true === $isMagentoBackendRestricted ? self::MAGENTO_BACKEND_RESTRICTION_ACTION_BLOCK : self::MAGENTO_BACKEND_RESTRICTION_ACTION_ALLOW; goto a8e67; B645d: foreach ($this->magentoBackendWhitelistedIpIpv4 as &$ip) { $ip = sprintf("\45\163\x2f\63\62", $ip); b2c07: } goto a3a12; d988c: if (!(true === $isMagentoBackendRestricted)) { goto Db835; } goto Cdff9; ec80f: if (!(true === isset($this->webAcl["\122\x75\154\x65\163"][$webAclRuleArrayIndex]))) { goto b1a23; } goto F530a; e7b98: $webAclRuleArrayIndex = $this->getWebAclRuleArrayIndex($webAclRuleName); goto f46ac; F530a: $this->webAcl["\x52\x75\x6c\x65\163"][$webAclRuleArrayIndex]["\123\x74\141\x74\145\x6d\x65\156\x74"]["\x41\156\144\x53\x74\x61\164\145\155\145\x6e\164"]["\123\164\141\164\x65\155\x65\156\x74\x73"][0]["\x42\x79\x74\x65\x4d\x61\164\143\x68\x53\164\141\x74\x65\155\x65\156\x74"]["\123\145\x61\x72\x63\x68\123\164\x72\x69\156\x67"] = $backendFrontName; goto Eb804; df29e: d51d8: goto Bfb39; A43b2: Db835: goto B645d; eb976: $awsWaf = $this->getAwsWaf(); goto d6ae9; Ce46a: $webAclRuleName = $awsWaf->getWebAclRuleName(AwsWaf::WEB_ACL_RULE_ALLOW_MAGENTO_BACKEND_ACCESS_IPV4); goto e7b98; ec7d1: $webAclRuleArrayIndex = $this->getWebAclRuleArrayIndex($webAclRuleName); goto ec80f; B94a9: f532c: goto c90bc; fa1b0: $isMagentoBackendRestricted = $this->isMagentoBackendRestricted(); goto D911a; B8caa: c998e: goto e9c89; Fe33b: $this->webAcl["\122\165\154\145\163"][$webAclRuleArrayIndex]["\x53\164\x61\x74\x65\x6d\x65\x6e\164"]["\x42\171\x74\x65\x4d\141\164\x63\x68\123\164\141\164\145\x6d\x65\x6e\164"]["\123\x65\141\162\143\150\123\x74\x72\151\x6e\x67"] = $backendFrontName; goto ea8e4; F7843: $awsWaf->updateIpSet(AwsWaf::IP_SET_MAGENTO_BACKEND_WHITELISTED_IPV6, $this->magentoBackendWhitelistedIpIpv6); goto Cf930; Eb804: b1a23: goto B9ef4; ca3bd: $webAclRuleName = $awsWaf->getWebAclRuleName(AwsWaf::WEB_ACL_RULE_BLOCK_MAGENTO_BACKEND_ACCESS); goto ea269; Af3dc: if (!(true === isset($this->webAcl["\x52\165\154\145\x73"][$webAclRuleArrayIndex]))) { goto a1bc3; } goto fa1b0; ea269: $webAclRuleArrayIndex = $this->getWebAclRuleArrayIndex($webAclRuleName); goto Af3dc; Cf930: } protected function updateBlockedCountryCodes() { goto babdd; C6ee6: $webAclRuleName = $awsWaf->getWebAclRuleName(AwsWaf::WEB_ACL_RULE_NAME_BLOCKED_COUNTRIES); goto a594d; Ce3ba: throw new \Exception(sprintf("\x57\145\142\40\101\103\x4c\x20\x52\165\154\x65\x20\x22\x25\163\42\x20\156\157\164\40\x66\157\x75\x6e\144\x2e", $webAclRuleName)); goto ed4e7; b2070: if (!(true === empty($blockedCountryCodes))) { goto c2bf8; } goto F308a; d7d77: Ad2b7: goto Dd032; Dd032: $this->webAcl["\x52\165\154\145\x73"][$webAclRuleArrayIndex]["\123\x74\141\x74\x65\155\x65\x6e\164"]["\107\145\x6f\x4d\x61\x74\143\x68\123\x74\141\164\x65\155\145\x6e\x74"]["\103\157\x75\x6e\x74\x72\171\103\157\x64\145\x73"] = $blockedCountryCodes; goto f8a18; ed4e7: goto Ec238; goto d7d77; babdd: $blockedCountryCodes = $this->getBlockedCountryCodes(); goto b2070; Ad544: if (true === isset($this->webAcl["\x52\165\154\145\x73"][$webAclRuleArrayIndex])) { goto Ad2b7; } goto Ce3ba; f8a18: Ec238: goto fe9a8; f8c1a: c2bf8: goto Fb3cd; a594d: $webAclRuleArrayIndex = $this->getWebAclRuleArrayIndex($webAclRuleName); goto Ad544; F308a: $blockedCountryCodes = ["\124\x56"]; goto f8c1a; Fb3cd: $awsWaf = $this->getAwsWaf(); goto C6ee6; fe9a8: } protected function updateRateLimitValue() { goto d4891; c0dae: B54c4: goto E9993; d4891: $awsWaf = $this->getAwsWaf(); goto A416a; e5bb1: goto Fe24a; goto c0dae; Df3f8: if (true === isset($this->webAcl["\x52\165\x6c\x65\163"][$webAclRuleArrayIndex])) { goto a05cb; } goto F028b; E52ee: $webAclRuleArrayIndex = $this->getWebAclRuleArrayIndex($webAclRuleNameRateLimitIPv4); goto bb2a5; F738f: throw new \Exception(sprintf("\127\x65\x62\40\101\103\x4c\x20\x52\x75\x6c\x65\40\x22\45\163\x22\40\x6e\157\164\40\x66\x6f\x75\x6e\x64\56", $webAclRuleNameRateLimitIPv4)); goto e5bb1; a80b2: $webAclRuleArrayIndex = $this->getWebAclRuleArrayIndex($webAclRuleNameRateLimitIPv6); goto Df3f8; edd88: $webAclRuleNameRateLimitIPv4 = $awsWaf->getWebAclRuleName(AwsWaf::WEB_ACL_RULE_NAME_RATE_LIMIT_IPV4); goto E52ee; c6f87: goto C55cf; goto A3282; Df3e4: $webAclRuleNameRateLimitIPv6 = $awsWaf->getWebAclRuleName(AwsWaf::WEB_ACL_RULE_NAME_RATE_LIMIT_IPV6); goto a80b2; Bb3fe: Fe24a: goto Df3e4; A3282: a05cb: goto f155a; Ee1ec: C55cf: goto E62e5; E9993: $this->webAcl["\x52\x75\154\x65\x73"][$webAclRuleArrayIndex]["\x53\164\x61\164\145\155\x65\x6e\164"]["\x52\x61\164\145\x42\141\x73\145\x64\123\x74\x61\x74\145\x6d\x65\156\164"]["\x4c\151\155\151\x74"] = $rateLimit; goto Bb3fe; A416a: $rateLimit = (int) $this->getRateLimit(); goto edd88; f155a: $this->webAcl["\x52\x75\154\x65\x73"][$webAclRuleArrayIndex]["\123\164\141\x74\x65\x6d\x65\156\164"]["\x52\x61\164\145\102\141\x73\145\x64\123\x74\x61\x74\145\155\x65\x6e\164"]["\114\x69\x6d\151\164"] = $rateLimit; goto Ee1ec; bb2a5: if (true === isset($this->webAcl["\x52\165\x6c\x65\x73"][$webAclRuleArrayIndex])) { goto B54c4; } goto F738f; F028b: throw new \Exception(sprintf("\x57\145\x62\40\101\x43\114\x20\x52\x75\154\x65\40\x22\x25\163\x22\x20\x6e\157\x74\x20\x66\x6f\x75\156\x64\x2e", $webAclRuleNameRateLimitIPv6)); goto c6f87; E62e5: } protected function updateRateLimitWhitelistedIpSets() { goto E885a; E9a93: foreach ($this->rateLimitWhitelistedIpsIpv6 as &$ip) { $ip = sprintf("\45\163\x2f\x31\x32\70", $ip); Ca6b3: } goto b13c5; E885a: foreach ($this->rateLimitWhitelistedIpsIpv4 as &$ip) { $ip = sprintf("\45\163\57\63\x32", $ip); d7beb: } goto C341b; b13c5: E31fa: goto f416b; C341b: bc9de: goto E9a93; f416b: $awsWaf = $this->getAwsWaf(); goto C312b; C68ba: $awsWaf->updateIpSet(AwsWaf::IP_SET_RATE_LIMIT_WHITELISTED_IPV6, $this->rateLimitWhitelistedIpsIpv6); goto f9ed1; C312b: $awsWaf->updateIpSet(AwsWaf::IP_SET_RATE_LIMIT_WHITELISTED_IPV4, $this->rateLimitWhitelistedIpsIpv4); goto C68ba; f9ed1: } protected function updateBlockedIpsIpSets() { goto bb8e5; ee5ec: d445e: goto bb7de; b264b: foreach ($this->blockedIpsIpv6 as &$ip) { $ip = sprintf("\45\163\x2f\x31\x32\x38", $ip); e7482: } goto ee5ec; bb7de: $awsWaf = $this->getAwsWaf(); goto b592e; A0f11: Dc80a: goto b264b; b592e: $awsWaf->updateIpSet(AwsWaf::IP_SET_BLOCKED_IPS_IPV4, $this->blockedIpsIpv4); goto Ad08c; Ad08c: $awsWaf->updateIpSet(AwsWaf::IP_SET_BLOCKED_IPS_IPV6, $this->blockedIpsIpv6); goto d3bb0; bb8e5: foreach ($this->blockedIpsIpv4 as &$ip) { $ip = sprintf("\x25\x73\57\63\x32", $ip); A42f6: } goto A0f11; d3bb0: } protected function updateBlockedBots() { goto cbd3e; Ee462: f33ce: goto ff176; Ddb64: $blockedBots[] = "\x6d\147\x74"; goto Ee462; ba61c: if (!(true === empty($blockedBots))) { goto f33ce; } goto Ddb64; cbd3e: $blockedBots = $this->getBlockedBots(); goto ba61c; cbc0b: $awsWaf->updateBlockedBotsRegexPatternSet($blockedBots); goto C3fb3; ff176: $awsWaf = $this->getAwsWaf(); goto cbc0b; C3fb3: } protected function getAwsWaf() { goto Bc722; Bf869: $this->awsWaf = new AwsWaf($awsAccessKey, $awsSecretAccessKey, $awsRegion, $projectName); goto C4fee; Bc722: if (!(true === is_null($this->awsWaf))) { goto d1147; } goto cc1df; Bb26f: $projectName = $this->getProjectName(); goto Bf869; D3855: return $this->awsWaf; goto fa33e; E93cd: $awsSecretAccessKey = $this->getAwsSecretAccessKey(); goto E98b4; E98b4: $awsRegion = $this->getAwsRegion(); goto Bb26f; cc1df: $awsAccessKey = $this->getAwsAccessKey(); goto E93cd; C4fee: d1147: goto D3855; fa33e: } protected function getAwsAccessKey() { goto acddc; A1819: return $this->awsAccessKey; goto f0caf; b8d15: $this->awsAccessKey = $this->getConfigValue("\163\x65\164\164\151\156\147\163", "\141\x77\163\137\141\x63\143\145\163\163\x5f\x6b\145\171"); goto Cbb7e; acddc: if (!(true === is_null($this->awsAccessKey))) { goto e92ca; } goto b8d15; Cbb7e: e92ca: goto A1819; f0caf: } protected function getAwsSecretAccessKey() { goto edbea; b8de9: da211: goto C405f; f94b9: $this->awsSecretAccessKey = $this->getConfigValue("\x73\x65\x74\164\x69\156\x67\x73", "\141\x77\x73\x5f\x73\x65\x63\162\145\164\x5f\x61\143\x63\145\x73\x73\137\153\x65\x79"); goto b8de9; C405f: return $this->awsSecretAccessKey; goto ff13d; edbea: if (!(true === is_null($this->awsSecretAccessKey))) { goto da211; } goto f94b9; ff13d: } protected function getAwsRegion() { goto Fe95c; Fe95c: if (!(true == is_null($this->awsRegion))) { goto e4e79; } goto e9aad; C068b: return $this->awsRegion; goto c2ed7; dc7dc: e4e79: goto C068b; e9aad: $this->awsRegion = $this->getConfigValue("\163\145\x74\x74\x69\156\x67\163", "\141\x77\x73\x5f\x72\145\147\151\x6f\156"); goto dc7dc; c2ed7: } protected function getProjectName() { goto ccaa9; f8d01: return $this->projectName; goto e3f5b; ccaa9: if (!(true === is_null($this->projectName))) { goto Bf87e; } goto e4307; e4307: $this->projectName = $this->getConfigValue("\x73\145\x74\x74\151\x6e\x67\x73", "\160\x72\x6f\152\145\143\x74\x5f\x6e\x61\155\145"); goto b9ac7; b9ac7: Bf87e: goto f8d01; e3f5b: } protected function getRateLimit() { goto c502b; c502b: if (!(true === is_null($this->rateLimit))) { goto de9ec; } goto E292b; D2897: de9ec: goto d19b7; E292b: $this->rateLimit = $this->getConfigValue("\162\x61\x74\x65\137\x6c\x69\155\151\x74", "\162\x61\164\145\137\154\151\x6d\x69\x74"); goto D2897; d19b7: return $this->rateLimit; goto e70a2; e70a2: } protected function getBlockedCountryCodes() { goto d8c64; Cc6a1: if (!(false === empty($blockedCountryCodes))) { goto A28e5; } goto c7be6; d7d18: return $this->blockedCountryCodes; goto e9273; Cbd83: dc252: goto d7d18; C27f4: A28e5: goto Cbd83; d8c64: if (!(true === empty($this->blockedCountryCodes))) { goto dc252; } goto C2052; c7be6: $this->blockedCountryCodes = $blockedCountryCodes; goto C27f4; C2052: $blockedCountryCodes = $this->getConfigValue("\142\x6c\157\x63\153\145\144\x5f\x63\x6f\165\156\164\162\151\x65\x73", "\x63\x6f\165\156\x74\162\x79\x5f\143\x6f\144\145\x73"); goto Cc6a1; e9273: } protected function getBlockedIps() { goto a836a; Bb685: if (!(false === empty($blockedIps))) { goto C5667; } goto C0b70; b1490: return $this->blockedIps; goto f36e1; E6ceb: $blockedIps = $this->getConfigValue("\x62\154\x6f\x63\153\x65\x64\137\x69\x70\x73", "\142\154\157\143\x6b\x65\x64\137\x69\x70\x73"); goto E90d3; a836a: if (!(true === empty($this->blockedIps))) { goto Ba254; } goto E6ceb; b6216: $blockedIps = array_filter(array_map("\164\x72\151\155", $blockedIps)); goto Bb685; F2d07: C5667: goto def98; C0b70: $this->blockedIps = $blockedIps; goto F2d07; def98: Ba254: goto b1490; E90d3: $blockedIps = explode(PHP_EOL, $blockedIps); goto b6216; f36e1: } protected function getRateLimitWhitelistedIps() { goto D0d4f; b094d: $rateLimitWhitelistedIps = array_filter(array_map("\x74\162\151\x6d", $rateLimitWhitelistedIps)); goto d93e3; D0d4f: if (!(true === empty($this->rateLimitWhitelistedIps))) { goto e13d5; } goto c4f28; Aeb44: $this->rateLimitWhitelistedIps = $rateLimitWhitelistedIps; goto Da88b; Ce432: e13d5: goto e9296; e9296: return $this->rateLimitWhitelistedIps; goto c2c32; B0d81: $rateLimitWhitelistedIps = explode(PHP_EOL, $rateLimitWhitelistedIps); goto b094d; c4f28: $rateLimitWhitelistedIps = $this->getConfigValue("\x72\141\164\x65\x5f\154\x69\x6d\x69\164", "\167\150\x69\x74\145\x6c\x69\x73\x74\x65\144\x5f\x69\x70\x73"); goto B0d81; Da88b: de6c8: goto Ce432; d93e3: if (!(false === empty($rateLimitWhitelistedIps))) { goto de6c8; } goto Aeb44; c2c32: } protected function getBlockedBots() { goto Affed; Fab61: a0df8: goto E19ee; Ee2ce: $blockedBots = array_filter(array_map("\164\162\151\x6d", $blockedBots)); goto Aba44; E19ee: A99d0: goto fae21; fae21: return $this->blockedBots; goto fdb63; e6364: $blockedBots = explode(PHP_EOL, $blockedBots); goto Ee2ce; Affed: if (!(true === empty($this->blockedBots))) { goto A99d0; } goto baca9; Aba44: if (!(false === empty($blockedBots))) { goto a0df8; } goto aa161; aa161: $this->blockedBots = $blockedBots; goto Fab61; baca9: $blockedBots = $this->getConfigValue("\142\154\x6f\x63\x6b\x65\x64\137\142\x6f\x74\x73", "\142\x6c\157\x63\x6b\145\144\137\x62\x6f\x74\163"); goto e6364; fdb63: } protected function getMagentoBackendWhitelistedIps() { goto eb020; c705b: $this->magentoBackendWhitelistedIps = $magentoBackendWhitelistedIps; goto A92b7; a4945: if (!(false === empty($magentoBackendWhitelistedIps))) { goto bd73e; } goto c705b; Dbe86: $magentoBackendWhitelistedIps = explode(PHP_EOL, $magentoBackendWhitelistedIps); goto ff118; A92b7: bd73e: goto C8d12; Cdef5: $magentoBackendWhitelistedIps = $this->getConfigValue("\155\x61\147\145\x6e\164\x6f\137\x62\x61\x63\153\x65\156\x64", "\x77\150\151\x74\145\x6c\x69\x73\164\x65\x64\137\x69\x70\x73"); goto Dbe86; eb020: if (!(true === empty($this->magentoBackendWhitelistedIps))) { goto d4a52; } goto Cdef5; C1761: return $this->magentoBackendWhitelistedIps; goto fa8b5; ff118: $magentoBackendWhitelistedIps = array_filter(array_map("\x74\162\151\155", $magentoBackendWhitelistedIps)); goto a4945; C8d12: d4a52: goto C1761; fa8b5: } protected function isMagentoBackendRestricted() { goto B0aa8; A9ca6: return $this->isMagentoBackendRestricted; goto Af80a; B0aa8: $configValue = $this->getConfigValue("\x6d\141\147\145\x6e\164\x6f\x5f\142\141\x63\x6b\145\156\x64", "\x69\x73\137\x65\156\141\x62\154\145\144"); goto ee198; ee198: $this->isMagentoBackendRestricted = $configValue == self::MAGENTO_BACKEND_RESTRICTION_ENABLED ? true : false; goto A9ca6; Af80a: } protected function getWebAcl() { goto Da52e; a13ea: $this->webAcl = $awsWaf->getWebAcl($webAclName); goto ca4ad; ca4ad: b9b74: goto da35f; da35f: return $this->webAcl; goto D268d; E25b3: $webAclName = $this->getWebAclName(); goto a13ea; Da52e: if (!(true === is_null($this->webAcl))) { goto b9b74; } goto Af849; Af849: $awsWaf = $this->getAwsWaf(); goto E25b3; D268d: } protected function getWebAclName() { goto f6d3e; e73c6: $this->webAclName = sprintf("\x25\163\55\x4d\x47\x54\55\x57\x65\x62\55\101\x43\114", $projectName); goto eff51; ee788: $projectName = ucfirst($this->getProjectName()); goto e73c6; f6d3e: if (!(true === is_null($this->webAclName))) { goto A2ff5; } goto ee788; a421e: return $this->webAclName; goto C80c4; eff51: A2ff5: goto a421e; C80c4: } protected function getWebAclRuleArrayIndex($webAclRuleName) { goto b7ae3; A0158: Ec050: goto Fb59c; Ed93f: goto Ec050; goto f8ddb; df11b: throw new \Exception(sprintf("\127\145\142\x20\x41\x43\114\40\122\165\x6c\145\x20\42\x25\x73\42\x20\156\x6f\x74\x20\146\x6f\165\x6e\144\56", $webAclRuleName)); goto Ed93f; f8ddb: E1c95: goto B88d2; c8dad: $webAclRules = $webAcl["\122\165\154\145\163"] ?? []; goto Fe776; B88d2: return $arrayIndex; goto A0158; Fe776: $arrayIndex = array_search($webAclRuleName, array_column($webAclRules, "\x4e\x61\155\145")); goto Dd842; Dd842: if (false === is_null($arrayIndex) && true === isset($webAclRules[$arrayIndex])) { goto E1c95; } goto df11b; b7ae3: $webAcl = $this->getWebAcl(); goto c8dad; Fb59c: } protected function getBackendFrontName() { $backendFrontName = $this->deploymentConfig->get(BackendConfigOptionsList::CONFIG_PATH_BACKEND_FRONTNAME); return $backendFrontName; } protected function getConfigValue($group, $field) { goto A9c42; A9c42: $configValue = ''; goto c03e5; c03e5: if (!(true === isset($this->configData["\x67\162\x6f\x75\160\163"][$group]["\146\151\x65\x6c\144\163"][$field]["\166\141\x6c\x75\x65"]))) { goto D26de; } goto A3377; D575e: if (!(true === is_string($configValue))) { goto Cc0cf; } goto Edd68; A3377: $configValue = $this->configData["\147\162\x6f\x75\160\x73"][$group]["\x66\151\x65\154\144\163"][$field]["\x76\x61\154\165\x65"]; goto D575e; A50cf: return $configValue; goto A4fe6; Fedfe: D26de: goto A50cf; a0c8f: Cc0cf: goto Fedfe; Edd68: $configValue = trim($configValue); goto a0c8f; A4fe6: } protected function retry(callable $fn, $retries = 2, $delay = 3) { return Retry::retry($fn, $retries, $delay); } }
Function Calls
None |
Stats
MD5 | d138f3ca3d6ad30223491397f0f235e9 |
Eval Count | 0 |
Decode Time | 71 ms |