Commit dd5f28a5 authored by Reinhold Kainhofer's avatar Reinhold Kainhofer

Initial import of the logger, should be working

parents
Header set Content-Security-Policy-Report-Only "default-src 'self'; script-src 'self' 'unsafe-inline' https://www.google.com/recaptcha/ 'unsafe-eval' https://www.gstatic.com/recaptcha/; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com/css; font-src 'self' https://fonts.gstatic.com; img-src 'self' https://secure.gravatar.com ; frame-src 'self' https://www.google.com/recaptcha/ ; report-uri https://open-tools.net/csp-logger/logger.php "
##
# @package Joomla
# @copyright Copyright (C) 2005 - 2013 Open Source Matters. All rights reserved.
# @license GNU General Public License version 2 or later; see LICENSE.txt
##
##
# READ THIS COMPLETELY IF YOU CHOOSE TO USE THIS FILE!
#
# The line just below this section: 'Options +FollowSymLinks' may cause problems
# with some server configurations. It is required for use of mod_rewrite, but may already
# be set by your server administrator in a way that dissallows changing it in
# your .htaccess file. If using it causes your server to error out, comment it out (add # to
# beginning of line), reload your site in your browser and test your sef url's. If they work,
# it has been set by your server administrator and you do not need it set here.
##
<IfModule mod_expires.c>
FileETag MTime Size
AddOutputFilterByType DEFLATE text/plain text/html text/xml text/css application/xml application/xhtml+xml application/rss+xml application/javascript application/x-javascript
ExpiresActive On
ExpiresDefault "access plus 5 seconds"
# ExpiresByType text/html "access plus 600 seconds"
ExpiresByType text/css "access plus 604800 seconds"
ExpiresByType text/javascript "access plus 216000 seconds"
# ExpiresByType application/xhtml+xml "access plus 600 seconds"
ExpiresByType application/javascript "access plus 216000 seconds"
ExpiresByType application/x-javascript "access plus 216000 seconds"
ExpiresByType image/x-icon "access plus 2592000 seconds"
ExpiresByType image/jpeg "access plus 2592000 seconds"
ExpiresByType image/png "access plus 2592000 seconds"
ExpiresByType image/gif "access plus 2592000 seconds"
</IfModule>
## Can be commented out if causes errors, see notes above.
Options +FollowSymLinks
## Mod_rewrite in use.
RewriteEngine On
Redirect permanent /virtuemart-2-extensions/vm2-ordernumber-plugin.html /virtuemart/advanced-ordernumbers.html
Redirect permanent /virtuemart-2-extensions/vm2-ordernumber-plugin /virtuemart/advanced-ordernumbers
Redirect permanent /virtuemart-2-extensions/vm2-downloads-for-sale.html /virtuemart/downloads-for-sale.html
Redirect permanent /virtuemart-2-extensions/vm2-downloads-for-sale /virtuemart/downloads-for-sale
Redirect permanent /virtuemart-2-extensions/vm2-shipping-by-rules-plugin.html /virtuemart/shipping-by-rules.html
Redirect permanent /virtuemart-2-extensions/vm2-shipping-by-rules-plugin /virtuemart/shipping-by-rules
Redirect permanent /virtuemart-2-extensions/vm2-shipping-by-rules-plugin-detail.html /virtuemart/shipping-by-rules.html
Redirect permanent /virtuemart-2-extensions/vm2-advanced-shipping-by-rules-plugin.html /virtuemart/advanced-shipping-by-rules.html
Redirect permanent /virtuemart-2-extensions/vm2-advanced-shipping-by-rules-plugin/ /virtuemart/advanced-shipping-by-rules
Redirect permanent /virtuemart-2-extensions/extensions-for-the-shipping-by-rules-plugins-for-virtuemart-detail.html /virtuemart/advanced-shipping-by-rules/extensions-for-shipping-by-rules.html
Redirect permanent /virtuemart-2-extensions/vm2-add-buyers-to-joomla-groups.html /virtuemart/add-buyers-to-joomla-groups.html
Redirect permanent /virtuemart-2-extensions/vm2-add-buyers-to-joomla-groups /virtuemart/add-buyers-to-joomla-groups
Redirect permanent /virtuemart-2-extensions/vm2-customers-to-joomla-groups-admin-panel.html /virtuemart/customers-to-joomla-groups-admin-panel.html
Redirect permanent /virtuemart-2-extensions/vm2-customers-to-joomla-groups-admin-panel /virtuemart/customers-to-joomla-groups-admin-panel
Redirect permanent /virtuemart-2-extensions/vm2-acy-subscribe-buyers-plugin.html /virtuemart/acy-subscribe-buyers.html
Redirect permanent /virtuemart-2-extensions/vm2-acy-subscribe-buyers-plugin /virtuemart/acy-subscribe-buyers
Redirect permanent /virtuemart-2-extensions/vm2-donation-plugin.html /virtuemart/name-the-price.html
Redirect permanent /virtuemart-2-extensions/vm2-donation-plugin /virtuemart/name-the-price
Redirect permanent /virtuemart-2-extensions/vm2-auto-categories-plugin.html /virtuemart/auto-parent-categories.html
Redirect permanent /virtuemart-2-extensions/vm2-auto-categories-plugin /virtuemart/auto-parent-categories
Redirect permanent /support-forum/ordernumbers-for-virtuemart.html /support-forum/vm-advanced-ordernumbers.html
Redirect permanent /support-forum/vm2-ordernumber-plugin.html /support-forum/vm-advanced-ordernumbers.html
Redirect permanent /support-forum/vm2-ordernumber-plugin /support-forum/vm-advanced-ordernumbers
Redirect permanent /support-forum/vm2-donations-plugin.html /support-forum/vm-name-the-price.html
Redirect permanent /support-forum/vm2-donations-plugin /support-forum/vm-name-the-price
RedirectMatch permanent /support-forum/vm2-(.*)$ /support-forum/vm-$1
Redirect permanent /documentation/vm2-add-buyers-to-joomla-groups-plugin.html /virtuemart/add-buyers-to-joomla-groups.html
RedirectMatch permanent /documentation/vm2-(.*)$ /documentation/vm-$1
Redirect permanent /virtuemart-2-extensions /virtuemart
Redirect permanent /virtuemart-2-extensions.html /virtuemart.html
## Begin - Rewrite rules to block out some common exploits.
# If you experience problems on your site block out the operations listed below
# This attempts to block the most common type of exploit `attempts` to Joomla!
#
# Block out any script trying to base64_encode data within the URL.
RewriteCond %{QUERY_STRING} base64_encode[^(]*\([^)]*\) [OR]
# Block out any script that includes a <script> tag in URL.
RewriteCond %{QUERY_STRING} (<|%3C)([^s]*s)+cript.*(>|%3E) [NC,OR]
# Block out any script trying to set a PHP GLOBALS variable via URL.
RewriteCond %{QUERY_STRING} GLOBALS(=|\[|\%[0-9A-Z]{0,2}) [OR]
# Block out any script trying to modify a _REQUEST variable via URL.
RewriteCond %{QUERY_STRING} _REQUEST(=|\[|\%[0-9A-Z]{0,2})
# Return 403 Forbidden header and show the content of the root homepage
RewriteRule .* index.php [F]
#
## End - Rewrite rules to block out some common exploits.
## Begin - Custom redirects
#
# If you need to redirect some pages, or set a canonical non-www to
# www redirect (or vice versa), place that code here. Ensure those
# redirects use the correct RewriteRule syntax and the [R=301,L] flags.
#
## End - Custom redirects
##
# Uncomment following line if your webserver's URL
# is not directly related to physical file paths.
# Update Your Joomla! Directory (just / for root).
##
# RewriteBase /
## Begin - Joomla! core SEF Section.
#
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
#
# If the requested path and file is not /index.php and the request
# has not already been internally rewritten to the index.php script
RewriteCond %{REQUEST_URI} !^/index\.php
# and the request is for something within the component folder,
# or for the site root, or for an extensionless URL, or the
# requested URL ends with one of the listed extensions
RewriteCond %{REQUEST_URI} /component/|(/[^.]*|\.(php|html?|feed|pdf|vcf|raw))$ [NC]
# and the requested path and file doesn't directly match a physical file
RewriteCond %{REQUEST_FILENAME} !-f
# and the requested path and file doesn't directly match a physical folder
RewriteCond %{REQUEST_FILENAME} !-d
# internally rewrite the request to the index.php script
RewriteRule .* index.php [L]
#
## End - Joomla! core SEF Section.
<?php
/**
* @package OpenToolsCSPLogger
*
* @copyright Copyright (C) 2016 Open Tools, Reinhold Kainhofer
* @license GNU General Public License version 2 or later
*
* Partly based on Mathias Bynens' csp reporting scrip:
* https://mathiasbynens.be/notes/csp-reports
*
*/
// Send `204 No Content` status code
http_response_code(204);
// Specify the email address to send reports to
define('EMAIL', 'webmaster@open-tools.net');
// Specify the desired email subject for violation reports
define('SUBJECT', 'CSP violation');
$json = file_get_contents('php://input');
if ($report = json_decode($json)) {
$sourceUrl = parse_url($url, PHP_URL_HOST);
$host = $sourceUrl['host'];
$nicedata = json_encode(
$data,
JSON_PRETTY_PRINT | JSON_UNESCAPED_SLASHES
);
// Mail the CSP violation report
// mail(EMAIL, SUBJECT, $data, 'Content-Type: text/plain;charset=utf-8');
// Log all violation reports
file_put_contents(
__DIR__.'/logs/csp-violations_' . $host . '_' . date("Y-m-d").'.log',
date("c") . ", " . $_SERVER['REMOTE_ADDR'] . ", " . $nicedata . "\n",
FILE_APPEND
);
} else {
file_put_contents(__DIR__.'/logs/errors_'.date("Y-m-d").'.log', date("c") .
", " . $_SERVER['REMOTE_ADDR'] . ", Sumitted data: $json\n",
FILE_APPEND
);
exit 0;
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment