Extending, where to add filter code ?

  • Resolved peoy

    (@peoy)


    2 years, 10 months ago

    Maybe a stupid question, but putting code in my functions.php didn’t seem to work, so:
    Where do I add ‘add_filter’ functions for the hooks in the plugin ?

    function my_log_ip($ip) {
  file_put_contents("/tmp/wp_ip_log.txt","$ip\n",FILE_APPEND);
  return $ip;
}
add_filter( 'ip-location-block-ip-addr', 'my_log_ip' );

    As described in::
    ==
    Extendability:
    You can customize the behavior of this plugin via add_filter() with pre-defined filter hook. See various use cases in samples.php bundled within this package.
    ==

Viewing 3 replies - 1 through 3 (of 3 total)
  • Plugin Author Darko G.

    (@darkog)

    Hi,

    You can palce this in functions.php.

    I checked your function, it appears to be fine however it doesn’t trigger on every request because of caching.

    You are probably looking for something like this:

    
function log_wp_ips() {

	if ( ! class_exists( 'IP_Location_Block' ) ) {
		error_log( 'IP Location Block is not active' );
		return;
	}

	$log_path   = '/tmp/wp_ip_log.txt';
	$ip_address = IP_Location_Block::get_ip_address();

	file_put_contents( $log_path, "$ip_address\n", FILE_APPEND );
}
add_action( 'init', 'log_wp_ips' );

    Best Regards,
    Darko

    • This reply was modified 2 years, 8 months ago by Darko G..
    Thread Starter peoy

    (@peoy)

    Thanks Darko,

    The code seems to (somewhat) work, but it also logs access to anything else than just unwanted access to /wp-admin (what I’m looking for an easy way to log and then block in the machine’s firewall).

    Any way to just log the unwanted (non-whitelisted) access to /wp-admin ?

    /PeO

    Thread Starter peoy

    (@peoy)

    I solved it.

    For some reason, I had to put the code in drop-in.php as described in My custom functions in “functions.php” doesn’t work.

    My server is not using a multisite setup, but the hooks weren’t triggered at all when I had the code in functions.php (and everything else there works).
    I used the ‘ip-location-block-login-status’ hook to trigger only on /wp-admin access:

    <?php
function log_blocked_ips($code) {
  if ( ! class_exists( 'IP_Location_Block' ) ) {
    error_log( 'IP Location Block is not active' );
    return;
  }
  $log_path = get_stylesheet_directory() . '/wp_blocked_ip_log.txt';
  $now = date("Y-m-d H:i:s");
  $ip_address = IP_Location_Block::get_ip_address();
  file_put_contents( $log_path, "$now $ip_address\n", FILE_APPEND );
  return 404;
}
add_filter( 'ip-location-block-login-status',  'log_blocked_ips');
?>

    The rest of my code is not public, but what I do is that besides logging is:
    First I block the address range(s) in inetnum (from Whois) for the IP doing the unauthorized access to /wp-admin (blocking is done using Wordfence),
    I create a partial shell script with firewalld commands to block the same range in the firewall (protecting all sites and services on the web server for further abuse).
    This partial script is executed by a cron job every 10th minute and logs the firewalld commands to reverse the blocking action.

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Extending, where to add filter code ?’ is closed to new replies.