/** * V20.0.700.1 - Enhanced Security Classes * NIST Cybersecurity Framework Aligned */ class BVS_Security_Enhanced { /** * Validate URL with SSRF protection * Prevents Server-Side Request Forgery attacks */ public static function validate_url_safe($url) { $url = esc_url_raw(trim($url)); if (!filter_var($url, FILTER_VALIDATE_URL)) { return ['valid' => false, 'error' => 'Invalid URL format']; } $parsed = parse_url($url); if (!in_array($parsed['scheme'] ?? '', ['http', 'https'])) { return ['valid' => false, 'error' => 'Only HTTP/HTTPS protocols allowed']; } if (!isset($parsed['host']) || empty($parsed['host'])) { return ['valid' => false, 'error' => 'Invalid hostname']; } // SSRF PROTECTION $ip = gethostbyname($parsed['host']); if (!filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) { error_log('BVS Security: SSRF attempt blocked - Private IP: ' . $ip); return ['valid' => false, 'error' => 'Internal/private URLs not allowed']; } $localhost_patterns = ['localhost', '127.0.0.1', '0.0.0.0', '::1']; if (in_array(strtolower($parsed['host']), $localhost_patterns)) { return ['valid' => false, 'error' => 'Localhost URLs not allowed']; } $suspicious_tlds = ['tk', 'ml', 'ga', 'cf', 'gq', 'buzz', 'link']; $tld = strtolower(substr(strrchr($parsed['host'], "."), 1)); $fraud_modifier = in_array($tld, $suspicious_tlds) ? 10 : 0; return [ 'valid' => true, 'url' => $url, 'fraud_score_modifier' => $fraud_modifier, 'warning' => $fraud_modifier > 0 ? 'Suspicious TLD detected: .' . $tld : null ]; } /** * Check URL reputation using Google Safe Browsing */ public static function check_url_reputation($url) { $api_key = get_option('bvs_google_safebrowsing_api_key', ''); if (empty($api_key)) { return ['checked' => false, 'safe' => 'unknown']; } $endpoint = 'https://safebrowsing.googleapis.com/v4/threatMatches:find'; $request_body = [ 'client' => [ 'clientId' => 'bvs-validator', 'clientVersion' => BVS_VERSION ], 'threatInfo' => [ 'threatTypes' => ['MALWARE', 'SOCIAL_ENGINEERING', 'UNWANTED_SOFTWARE'], 'platformTypes' => ['ANY_PLATFORM'], 'threatEntryTypes' => ['URL'], 'threatEntries' => [['url' => $url]] ] ]; $response = wp_remote_post($endpoint . '?key=' . $api_key, [ 'timeout' => 10, 'headers' => ['Content-Type' => 'application/json'], 'body' => wp_json_encode($request_body), 'sslverify' => true ]); if (is_wp_error($response)) { return ['checked' => false, 'safe' => 'unknown']; } $body = json_decode(wp_remote_retrieve_body($response), true); if (!empty($body['matches'])) { return [ 'checked' => true, 'safe' => false, 'threat_types' => array_unique(array_column($body['matches'], 'threatType')), 'action' => 'REJECT', 'fraud_score' => 100, 'reason' => 'URL flagged as malicious' ]; } return ['checked' => true, 'safe' => true]; } } class BVS_Rate_Limiter { public static function check($identifier, $limit = 10, $period = 3600) { $transient_key = 'bvs_rate_' . md5($identifier); $attempts = get_transient($transient_key); if ($attempts === false) { set_transient($transient_key, 1, $period); return ['allowed' => true, 'remaining' => $limit - 1]; } if ($attempts >= $limit) { return ['allowed' => false, 'remaining' => 0, 'message' => 'Rate limit exceeded']; } set_transient($transient_key, $attempts + 1, $period); return ['allowed' => true, 'remaining' => $limit - $attempts - 1]; } } class BVS_Security_Logger { public static function create_log_table() { global $wpdb; $table_name = $wpdb->prefix . 'bvs_security_logs'; $charset_collate = $wpdb->get_charset_collate(); $sql = "CREATE TABLE IF NOT EXISTS $table_name ( id bigint UNSIGNED NOT NULL AUTO_INCREMENT, event_type varchar(50) NOT NULL, severity enum('INFO','WARNING','CRITICAL') DEFAULT 'INFO', details longtext, url varchar(500), ip_address varchar(45), user_agent text, created_at datetime DEFAULT CURRENT_TIMESTAMP, PRIMARY KEY (id), KEY event_type (event_type), KEY severity (severity), KEY created_at (created_at) ) $charset_collate;"; require_once(ABSPATH . 'wp-admin/includes/upgrade.php'); dbDelta($sql); } public static function log($event_type, $details = [], $severity = 'INFO') { global $wpdb; $table_name = $wpdb->prefix . 'bvs_security_logs'; $wpdb->insert($table_name, [ 'event_type' => sanitize_text_field($event_type), 'severity' => $severity, 'details' => wp_json_encode($details), 'url' => $_SERVER['REQUEST_URI'] ?? '', 'ip_address' => self::get_client_ip(), 'user_agent' => substr($_SERVER['HTTP_USER_AGENT'] ?? '', 0, 500), 'created_at' => current_time('mysql') ]); if ($severity === 'CRITICAL') { self::send_alert($event_type, $details); } } private static function get_client_ip() { $keys = ['HTTP_X_FORWARDED_FOR', 'HTTP_CLIENT_IP', 'REMOTE_ADDR']; foreach ($keys as $key) { if (!empty($_SERVER[$key])) { $ip = $_SERVER[$key]; if (strpos($ip, ',') !== false) { $ip = trim(explode(',', $ip)[0]); } return sanitize_text_field($ip); } } return 'unknown'; } private static function send_alert($event_type, $details) { $admin_email = get_option('admin_email'); $subject = '[BVS] Security Alert: ' . $event_type; $message = "Event: {$event_type}\n"; $message .= "Time: " . current_time('mysql') . "\n"; $message .= "Details: " . print_r($details, true); wp_mail($admin_email, $subject, $message); } } /** * V20.0.700.1 - Core Web Vitals Analyzer */ class BVS_Core_Web_Vitals { public static function analyze($url) { $api_key = get_option('bvs_pagespeed_api_key', ''); if (empty($api_key)) { return ['error' => 'PageSpeed API key not configured']; } $endpoint = 'https://www.googleapis.com/pagespeedonline/v5/runPagespeed'; $response = wp_remote_get(add_query_arg([ 'url' => $url, 'key' => $api_key, 'strategy' => 'mobile', 'category' => 'performance' ], $endpoint), ['timeout' => 60, 'sslverify' => true]); if (is_wp_error($response)) { return ['error' => $response->get_error_message()]; } $data = json_decode(wp_remote_retrieve_body($response), true); if (empty($data['lighthouseResult'])) { return ['error' => 'Invalid API response']; } $audits = $data['lighthouseResult']['audits']; $metrics = [ 'performance_score' => round($data['lighthouseResult']['categories']['performance']['score'] * 100), 'lcp' => $audits['largest-contentful-paint']['numericValue'] ?? 0, 'lcp_rating' => self::rate_lcp($audits['largest-contentful-paint']['numericValue'] ?? 0), 'fid' => $audits['max-potential-fid']['numericValue'] ?? 0, 'fid_rating' => self::rate_fid($audits['max-potential-fid']['numericValue'] ?? 0), 'cls' => $audits['cumulative-layout-shift']['numericValue'] ?? 0, 'cls_rating' => self::rate_cls($audits['cumulative-layout-shift']['numericValue'] ?? 0), 'ttfb' => $audits['server-response-time']['numericValue'] ?? 0, ]; $metrics['cwv_score'] = self::calculate_score($metrics); $metrics['cwv_rating'] = $metrics['cwv_score'] >= 75 ? 'Good' : ($metrics['cwv_score'] >= 50 ? 'Needs Improvement' : 'Poor'); $metrics['recommendations'] = self::generate_recommendations($metrics, $audits); return $metrics; } private static function rate_lcp($ms) { return $ms <= 2500 ? 'Good' : ($ms <= 4000 ? 'Needs Improvement' : 'Poor'); } private static function rate_fid($ms) { return $ms <= 100 ? 'Good' : ($ms <= 300 ? 'Needs Improvement' : 'Poor'); } private static function rate_cls($value) { return $value <= 0.1 ? 'Good' : ($value <= 0.25 ? 'Needs Improvement' : 'Poor'); } private static function calculate_score($metrics) { $score = 0; if ($metrics['lcp_rating'] === 'Good') $score += 25; elseif ($metrics['lcp_rating'] === 'Needs Improvement') $score += 15; if ($metrics['fid_rating'] === 'Good') $score += 25; elseif ($metrics['fid_rating'] === 'Needs Improvement') $score += 15; if ($metrics['cls_rating'] === 'Good') $score += 25; elseif ($metrics['cls_rating'] === 'Needs Improvement') $score += 15; $score += round($metrics['performance_score'] / 4); return $score; } private static function generate_recommendations($metrics, $audits) { $recs = []; if ($metrics['lcp_rating'] !== 'Good') { $recs[] = 'Improve LCP (' . round($metrics['lcp']) . 'ms): Optimize images, use CDN, improve server response'; } if ($metrics['fid_rating'] !== 'Good') { $recs[] = 'Reduce FID (' . round($metrics['fid']) . 'ms): Minimize JavaScript, optimize third-party scripts'; } if ($metrics['cls_rating'] !== 'Good') { $recs[] = 'Fix CLS (' . round($metrics['cls'], 3) . '): Add size attributes to images, avoid layout shifts'; } return $recs; } } /** * V20.0.700.1 - Structured Data Analyzer */ class BVS_Structured_Data_Analyzer { public static function analyze($html, $url) { $structured = [ 'json_ld_count' => 0, 'json_ld_types' => [], 'open_graph' => [], 'twitter_card' => [], 'schema_score' => 0, 'recommendations' => [] ]; // JSON-LD if (preg_match_all('/]*type=["\']application\/ld\+json["\'][^>]*>(.*?)<\/script>/is', $html, $matches)) { $structured['json_ld_count'] = count($matches[1]); foreach ($matches[1] as $json) { $data = json_decode($json, true); if ($data) { $structured['json_ld_types'][] = $data['@type'] ?? 'Unknown'; $structured['schema_score'] += 15; } } } // Open Graph preg_match_all('/]*property=["\']og:([^"\']+)["\'][^>]*content=["\']([^"\']*)["\'][^>]*>/i', $html, $og); for ($i = 0; $i < count($og[1]); $i++) { $structured['open_graph'][$og[1][$i]] = $og[2][$i]; } if (!empty($structured['open_graph'])) { $structured['schema_score'] += 20; } else { $structured['recommendations'][] = 'Add Open Graph meta tags for social sharing'; } // Twitter Card preg_match_all('/]*name=["\']twitter:([^"\']+)["\'][^>]*content=["\']([^"\']*)["\'][^>]*>/i', $html, $tw); for ($i = 0; $i < count($tw[1]); $i++) { $structured['twitter_card'][$tw[1][$i]] = $tw[2][$i]; } if (!empty($structured['twitter_card'])) { $structured['schema_score'] += 10; } else { $structured['recommendations'][] = 'Add Twitter Card meta tags'; } return $structured; } } // Register security logger table creation register_activation_hook(__FILE__, ['BVS_Security_Logger', 'create_log_table']); // Flush and end output buffering add_action('init', function() { if (ob_get_level() > 0) { $content = ob_get_clean(); // Only output if there's actual content (not whitespace) if (trim($content) !== '') { error_log('BVS Warning: Unexpected output detected: ' . substr($content, 0, 100)); } } }, 1); // Log successful plugin load add_action('init', function() { if (defined('WP_DEBUG') && WP_DEBUG) { error_log('BVS Plugin V20.0.700.1 loaded successfully'); } }, 999); We Help Your Business — Coming Soon
We Help Your Business Logo

We Help Your Business — A consultancy designed to get companies accelerate the path to success

Signup to be the first to know when we launch.

Thank you, please check your email to confirm your subscription.
Your email address is already subscribed to this website.
Stay tuned to your inbox for our updates or try a different email address.
There was an error with your submission and you were not subscribed.
Please try again with a valid email address.