InformatiQ/InformatiQ-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: global IP/CIDR/UA whitelist bypassing all restrictions

Browse Source 
- class-itk-whitelist.php: static class with 5min transient cache,
  supports exact IP, CIDR notation, and ua: prefix for UA substrings
- config/whitelist.conf: editable config file (template with examples)
- whitelist check added to bot-blocker, WAF, protection (4 methods),
  and honeypot validator — matched requests skip all ITK enforcement
- admin: whitelist.conf added to Config Files editor tab

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
Malin
2026-04-13 10:00:16 +02:00
parent 742047915f
commit 52af2d9931
8 changed files with 121 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
includes/class-itk-waf.php
View File

@@ -54,6 +54,9 @@ class ITK_WAF {
if (is_admin() && !wp_doing_ajax()) return;
if (function_exists('current_user_can') && current_user_can('manage_options')) return;
// Skip all WAF checks for whitelisted IPs/UAs.
if (ITK_Whitelist::allowed()) return;
$options = get_option('itk_waf', []);
$rules = $this->load_rules();
if (empty($rules)) return;