github
/
phpservermon
mirror of https://github.com/phpservermon/phpservermon
1
0
Fork 0
Code Issues Releases Wiki Activity

Add IP whitelist turn off option (#1249)

pull/1270/head^2
Jakub Bivoj Kubień 2025-01-25 23:28:57 +01:00 committed by GitHub
parent de831174c1
commit 607c2e1e82
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 13 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
config.php.sample
View File

@ -7,4 +7,6 @@ define('PSM_DB_HOST', 'localhost');
define('PSM_DB_PORT', '3306'); //3306 is the default port for MySQL. If no specfic port is used, leave it empty. define('PSM_DB_PORT', '3306'); //3306 is the default port for MySQL. If no specfic port is used, leave it empty.
define('PSM_BASE_URL', ''); define('PSM_BASE_URL', '');
define('PSM_WEBCRON_KEY', ''); define('PSM_WEBCRON_KEY', '');
define('PSM_WEBCRON_ENABLE_IP_WHITELIST', 'true'); // Enable IP whitelisting for calling webcron
define('PSM_PUBLIC', false); define('PSM_PUBLIC', false);

14
cron/status.cron.php
View File

@ -44,10 +44,16 @@ namespace {
$data = (defined('PHP_MAJOR_VERSION') && PHP_MAJOR_VERSION >= 7) ? false : @unserialize(PSM_CRON_ALLOW); $data = (defined('PHP_MAJOR_VERSION') && PHP_MAJOR_VERSION >= 7) ? false : @unserialize(PSM_CRON_ALLOW);
$allow = $data === false ? PSM_CRON_ALLOW : $data; $allow = $data === false ? PSM_CRON_ALLOW : $data;
if (!in_array($_SERVER['REMOTE_ADDR'], $allow) && !in_array($_SERVER["HTTP_X_FORWARDED_FOR"], $allow) $ipWhitelistCheckPassed = in_array($_SERVER['REMOTE_ADDR'], $allow)
&& ! (array_key_exists ("webcron_key", $_GET) && && in_array($_SERVER["HTTP_X_FORWARDED_FOR"], $allow)
$_GET["webcron_key"]==PSM_WEBCRON_KEY && (PSM_WEBCRON_KEY != "")) && PSM_WEBCRON_ENABLE_IP_WHITELIST;
) {
$webCronKeyCheckPassed =
array_key_exists ("webcron_key", $_GET)
&& $_GET["webcron_key"] == PSM_WEBCRON_KEY
&& (PSM_WEBCRON_KEY != "");
if (!$ipWhitelistCheckPassed && !$webCronKeyCheckPassed) {
header('HTTP/1.0 403 Forbidden'); header('HTTP/1.0 403 Forbidden');
die(' die('
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html> <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html>

1
dev/vagrant-config.php
View File

@ -7,4 +7,5 @@ define('PSM_DB_HOST', 'localhost');
define('PSM_DB_PORT', '3306'); //3306 is the default port for MySQL. If no specfic port is used, leave it empty. define('PSM_DB_PORT', '3306'); //3306 is the default port for MySQL. If no specfic port is used, leave it empty.
define('PSM_BASE_URL', ''); define('PSM_BASE_URL', '');
define('PSM_WEBCRON_KEY', ''); define('PSM_WEBCRON_KEY', '');
define('PSM_WEBCRON_ENABLE_IP_WHITELIST', 'true');
define('PSM_PUBLIC', false); define('PSM_PUBLIC', false);