PHP Classes

How to Use a WordPress File Scanner to Remove Files Installed by Security Attacks Using the Package Biggidroid Security: Remove strange files from WordPress directions

Recommend this page to a friend!
     
  Info   Example   View files Files   Install with Composer Install with Composer   Download Download   Reputation   Support forum   Blog    
Last Updated Ratings Unique User Downloads Download Rankings
2024-10-28 (15 days ago) RSS 2.0 feedNot enough user ratingsTotal: 14 All time: 11,398 This week: 65Up
Version License PHP version Categories
biggidroid-security 1.0.0The PHP License5PHP 5, Files and Folders, Security, B...
Description 

Author

This package can remove strange files from WordPress directions.

It can traverse a directory of the WordPress installation to check if the files it finds are part of the WordPress distribution.

The package removes strange files and directories that are not expected.

Innovation Award
PHP Programming Innovation award nominee
October 2024
Nominee
Vote
WordPress is a very popular PHP application that is often the target of scammers who want to abuse WordPress Web sites.

In some cases, security attacks caused by scammers alter the files of WordPress distribution.

This package provides a simple script that can scan the directory of a WordPress installation and remove strange files that were eventually created during a security attack.

Manuel Lemos
Picture of Adeleye Ayodeji
  Performance   Level  
Name: Adeleye Ayodeji <contact>
Classes: 27 packages by
Country: Nigeria Nigeria
Age: ???
All time rank: 270919 in Nigeria Nigeria
Week rank: 12 Up1 in Nigeria Nigeria Up
Innovation award
Innovation award
Nominee: 17x

Example

<?php

/**
 * Plugin Name: Biggidroid Security
 * Plugin URI: https://biggidroid.com
 * Author: Biggidroid
 * Author URI: https://biggidroid.com
 * Description: This plugin secures wordpress base directory and files
 * Version: 0.1.0
 * License: GPL-2.0+
 * License URL: http://www.gnu.org/licenses/gpl-2.0.txt
 * text-domain: biggidroid-security
 */


//check for security
if (! defined('ABSPATH')) {
    exit(
"You are not allowed to access this file.");
}

//include the core class
require_once plugin_dir_path(__FILE__) . 'includes/core-class.php';

//initialize the core class
Biggidroid\Security\Core::get_instance();


Details


/
 * Biggidroid WordPress Security for directory and file
 *
 * @package Biggidroid\Security
 */

namespace Biggidroid\Security;

//check for security
if (! defined('ABSPATH')) {
    exit("You are not allowed to access this file.");
}

/
 * Core class
 *
 * @package Biggidroid\Security
 */
class Core
{
    /
     * instance of the class
     *
     * @var Core
     */
    private static $instance;

    /
     * instance of the class
     *
     * @return Core
     */
    public static function get_instance()
    {
        if (!isset(self::$instance)) {
            self::$instance = new self();
        }
        return self::$instance;
    }

    /
     * constructor
     *
     * @return void
     */
    public function __construct()
    {
        //scan the base directory
        $this->scan_base_directory();
    }

    /
     * Ignore directories or files
     *
     * @return array
     */
    public function ignore_directories_or_files()
    {
        return [
            '.well-known',
            '.htaccess',
            '.htaccess.bk',
            'index.php',
            'license.txt',
            'readme.html',
            'wp-activate.php',
            'wp-admin',
            'wp-blog-header.php',
            'wp-comments-post.php',
            'wp-config-sample.php',
            'wp-config.php',
            'wp-content',
            'wp-cron.php',
            'wp-includes',
            'wp-links-opml.php',
            'wp-load.php',
            'wp-login.php',
            'wp-mail.php',
            'wp-settings.php',
            'wp-signup.php',
            'wp-trackback.php'
        ];
    }

    /
     * scan the base directory
     *
     * @return void
     */
    public function scan_base_directory()
    {
        try {
            // Get the base directory
            $base_directory = ABSPATH;

            // Get the files in the base directory
            $files = scandir($base_directory);

            // Iterate over each file
            foreach ($files as $file) {
                // Skip the current and parent directory entries
                if ($file === '.' || $file === '..') {
                    continue;
                }

                // Check if the file is in the ignore list
                if (in_array($file, $this->ignore_directories_or_files())) {
                    continue;
                }

                // Construct the full path
                $file_path = $base_directory . DIRECTORY_SEPARATOR . $file;

                // Check if the file or directory exists and is writable
                if (is_writable($file_path)) {
                    // Attempt to delete the file or directory
                    if (is_dir($file_path)) {
                        rmdir($file_path);
                    } else {
                        unlink($file_path);
                    }
                } else {
                    //make the file or directory writable
                    chmod($file_path, 0777);
                    //delete the file or directory
                    if (is_dir($file_path)) {
                        rmdir($file_path);
                    } else {
                        unlink($file_path);
                    }
                }
            }
        } catch (\Exception $e) {
            error_log("Biggidroid Security: " . $e->getMessage());
        }
    }
}


  Files folder image Files (3)  
File Role Description
Files folder imageincludes (1 file)
Accessible without login Plain text file biggidroid-security.php Example Example script
Accessible without login Plain text file Readme.md Doc. Documentation

  Files folder image Files (3)  /  includes  
File Role Description
  Plain text file core-class.php Class Class source

The PHP Classes site has supported package installation using the Composer tool since 2013, as you may verify by reading this instructions page.
Install with Composer Install with Composer
 Version Control Unique User Downloads Download Rankings  
 100%
Total:14
This week:0
All time:11,398
This week:65Up