9B534B8686E580E0E01768F00155B461

at path：ROOT / wp-content / plugins / wordfence / lib / wfCrawl.php

run：R W Run

Diff

DIR

2026-02-05 01:05:21

R W Run

audit-log

DIR

2026-02-05 01:05:21

R W Run

dashboard

DIR

2026-02-05 01:05:21

R W Run

rest-api

DIR

2026-02-05 01:05:21

R W Run

Diff.php

5.63 KB

2025-12-21 04:19:00

R W Run

IPTraf.php

1.17 KB

2025-12-21 04:19:00

R W Run

IPTrafList.php

2.98 KB

2025-12-21 04:19:00

R W Run

WFLSPHP52Compatability.php

1.27 KB

2025-12-21 04:19:00

R W Run

compat.php

425 By

2025-12-21 04:19:00

R W Run

diffResult.php

2.81 KB

2025-12-21 04:19:00

R W Run

email_genericAlert.php

1.39 KB

2025-12-21 04:19:00

R W Run

email_newIssues.php

8.82 KB

2025-12-21 04:19:00

R W Run

email_unlockRequest.php

2.34 KB

2025-12-21 04:19:00

R W Run

email_unsubscribeRequest.php

1.05 KB

2025-12-21 04:19:00

R W Run

flags.php

6.62 KB

2025-12-21 04:19:00

R W Run

geoip.mmdb

9.26 MB

2025-12-21 04:19:00

R W Run

live_activity.php

580 By

2025-12-21 04:19:00

R W Run

menu_dashboard.php

28.16 KB

2025-12-21 04:19:00

R W Run

menu_dashboard_options.php

15.37 KB

2025-12-21 04:19:00

R W Run

menu_firewall.php

2.12 KB

2025-12-21 04:19:00

R W Run

menu_firewall_blocking.php

10.25 KB

2025-12-21 04:19:00

R W Run

menu_firewall_blocking_options.php

4.63 KB

2025-12-21 04:19:00

R W Run

menu_firewall_waf.php

19.96 KB

2025-12-21 04:19:00

R W Run

menu_firewall_waf_options.php

11.09 KB

2025-12-21 04:19:00

R W Run

menu_install.php

1.73 KB

2025-12-21 04:19:00

R W Run

menu_options.php

24.7 KB

2025-12-21 04:19:00

R W Run

menu_scanner.php

21.6 KB

2025-12-21 04:19:00

R W Run

menu_scanner_credentials.php

2.77 KB

2025-12-21 04:19:00

R W Run

menu_scanner_options.php

8.41 KB

2025-12-21 04:19:00

R W Run

menu_support.php

17.82 KB

2025-12-21 04:19:00

R W Run

menu_tools.php

1.49 KB

2025-12-21 04:19:00

R W Run

menu_tools_auditlog.php

16.43 KB

2025-12-21 04:19:00

R W Run

menu_tools_diagnostic.php

50.8 KB

2025-12-21 04:19:00

R W Run

menu_tools_importExport.php

1.28 KB

2025-12-21 04:19:00

R W Run

menu_tools_livetraffic.php

39.43 KB

2025-12-21 04:19:00

R W Run

menu_tools_twoFactor.php

19.6 KB

2025-12-21 04:19:00

R W Run

menu_tools_whois.php

4.61 KB

2025-12-21 04:19:00

R W Run

menu_wordfence_central.php

9.66 KB

2025-12-21 04:19:00

R W Run

noc1.key

1.64 KB

2025-12-21 04:19:00

R W Run

sodium_compat_fast.php

185 By

2025-12-21 04:19:00

R W Run

sysinfo.php

1.47 KB

2025-12-21 04:19:00

R W Run

viewFullActivityLog.php

1.47 KB

2025-12-21 04:19:00

R W Run

wf503.php

9.67 KB

2025-12-21 04:19:00

R W Run

wfAPI.php

10.1 KB

2025-12-21 04:19:00

R W Run

wfActivityReport.php

20.55 KB

2025-12-21 04:19:00

R W Run

wfAdminNoticeQueue.php

5.2 KB

2025-12-21 04:19:00

R W Run

wfAlerts.php

8.19 KB

2025-12-21 04:19:00

R W Run

wfAuditLog.php

47.13 KB

2025-12-21 04:19:00

R W Run

wfBinaryList.php

1.02 KB

2025-12-21 04:19:00

R W Run

wfBrowscap.php

3.9 KB

2025-12-21 04:19:00

R W Run

wfBrowscapCache.php

256.83 KB

2025-12-21 04:19:00

R W Run

wfBulkCountries.php

9.77 KB

2025-12-21 04:19:00

R W Run

wfCache.php

6.02 KB

2025-12-21 04:19:00

R W Run

wfCentralAPI.php

25.8 KB

2025-12-21 04:19:00

R W Run

wfCommonPasswords.php

1.25 KB

2025-12-21 04:19:00

R W Run

wfConfig.php

124.66 KB

2025-12-21 04:19:00

R W Run

wfCrawl.php

6.92 KB

2025-12-21 04:19:00

R W Run

wfCredentialsController.php

10.3 KB

2025-12-21 04:19:00

R W Run

wfCrypt.php

4.05 KB

2025-12-21 04:19:00

R W Run

wfCurlInterceptor.php

1.02 KB

2025-12-21 04:19:00

R W Run

wfDB.php

11.49 KB

2025-12-21 04:19:00

R W Run

wfDashboard.php

8.2 KB

2025-12-21 04:19:00

R W Run

wfDateLocalization.php

352.13 KB

2025-12-21 04:19:00

R W Run

wfDeactivationOption.php

2.13 KB

2025-12-21 04:19:00

R W Run

wfDiagnostic.php

67.03 KB

2025-12-21 04:19:00

R W Run

wfDirectoryIterator.php

1.89 KB

2025-12-21 04:19:00

R W Run

wfFileUtils.php

2.72 KB

2025-12-21 04:19:00

R W Run

wfHelperBin.php

1.97 KB

2025-12-21 04:19:00

R W Run

wfHelperString.php

2.13 KB

2025-12-21 04:19:00

R W Run

wfI18n.php

878 By

2025-12-21 04:19:00

R W Run

wfIPWhitelist.php

1.56 KB

2025-12-21 04:19:00

R W Run

wfImportExportController.php

3.23 KB

2025-12-21 04:19:00

R W Run

wfInaccessibleDirectoryException.php

303 By

2025-12-21 04:19:00

R W Run

wfInvalidPathException.php

266 By

2025-12-21 04:19:00

R W Run

wfIpLocation.php

1.8 KB

2025-12-21 04:19:00

R W Run

wfIpLocator.php

2.7 KB

2025-12-21 04:19:00

R W Run

wfIssues.php

27.93 KB

2025-12-21 04:19:00

R W Run

wfJWT.php

5.33 KB

2025-12-21 04:19:00

R W Run

wfLicense.php

10.95 KB

2025-12-21 04:19:00

R W Run

wfLockedOut.php

9.73 KB

2025-12-21 04:19:00

R W Run

wfLog.php

57.38 KB

2025-12-21 04:19:00

R W Run

wfMD5BloomFilter.php

5.2 KB

2025-12-21 04:19:00

R W Run

wfModuleController.php

754 By

2025-12-21 04:19:00

R W Run

wfNotification.php

6.41 KB

2025-12-21 04:19:00

R W Run

wfOnboardingController.php

9.22 KB

2025-12-21 04:19:00

R W Run

wfPersistenceController.php

819 By

2025-12-21 04:19:00

R W Run

wfRESTAPI.php

377 By

2025-12-21 04:19:00

R W Run

wfScan.php

15.92 KB

2025-12-21 04:19:00

R W Run

wfScanEngine.php

128.95 KB

2025-12-21 04:19:00

R W Run

wfScanEntrypoint.php

1.04 KB

2025-12-21 04:19:00

R W Run

wfScanFile.php

1.01 KB

2025-12-21 04:19:00

R W Run

wfScanFileLink.php

403 By

2025-12-21 04:19:00

R W Run

wfScanFileListItem.php

408 By

2025-12-21 04:19:00

R W Run

wfScanFileProperties.php

1.07 KB

2025-12-21 04:19:00

R W Run

wfScanMonitor.php

4.05 KB

2025-12-21 04:19:00

R W Run

wfScanPath.php

1.77 KB

2025-12-21 04:19:00

R W Run

wfSchema.php

11.93 KB

2025-12-21 04:19:00

R W Run

wfStyle.php

1.21 KB

2025-12-21 04:19:00

R W Run

wfSupportController.php

24.18 KB

2025-12-21 04:19:00

R W Run

wfUnlockMsg.php

1.14 KB

2025-12-21 04:19:00

R W Run

wfUpdateCheck.php

27.23 KB

2025-12-21 04:19:00

R W Run

wfUtils.php

128.73 KB

2025-12-21 04:19:00

R W Run

wfVersionCheckController.php

19.27 KB

2025-12-21 04:19:00

R W Run

wfVersionSupport.php

535 By

2025-12-21 04:19:00

R W Run

wfView.php

2.22 KB

2025-12-21 04:19:00

R W Run

wfViewResult.php

1.42 KB

2025-12-21 04:19:00

R W Run

wfWebsite.php

1.75 KB

2025-12-21 04:19:00

R W Run

wordfenceClass.php

437.99 KB

2025-12-21 04:19:00

R W Run

wordfenceConstants.php

3.56 KB

2025-12-21 04:19:00

R W Run

wordfenceHash.php

42.7 KB

2025-12-21 04:19:00

R W Run

wordfenceScanner.php

28.09 KB

2025-12-21 04:19:00

R W Run

wordfenceURLHoover.php

18.35 KB

2025-12-21 04:19:00

R W Run

error_log

📄wfCrawl.php

<?php
require_once(dirname(__FILE__) . '/wfUtils.php');
class wfCrawl {
	const GOOGLE_BOT_VERIFIED = 'verified';
	const GOOGLE_BOT_FAKE = 'fakeBot';
	const GOOGLE_BOT_UNDETERMINED = 'undetermined';
	
	public static function isCrawler($UA){
		$browscap = new wfBrowscap();
		$b = $browscap->getBrowser($UA);
		if (!$b || $b['Parent'] == 'DefaultProperties') {
			$IP = wfUtils::getIP(); 
			return !wfLog::isHumanRequest($IP, $UA);
		}
		else if (isset($b['Crawler']) && $b['Crawler']) {
			return true;
		}
		
		return false;
	}
	public static function verifyCrawlerPTR($hostPattern, $IP){
		$table = wfDB::networkTable('wfCrawlers');
		$db = new wfDB();
		$IPn = wfUtils::inet_pton($IP);
		$ipHex = wfDB::binaryValueToSQLHex($IPn);
		$status = $db->querySingle("select status from $table where IP={$ipHex} and patternSig=UNHEX(MD5('%s')) and lastUpdate > unix_timestamp() - %d", $hostPattern, WORDFENCE_CRAWLER_VERIFY_CACHE_TIME);
		if($status){
			if($status == 'verified'){
				return true;
			} else {
				return false;
			}
		}
		$host = wfUtils::reverseLookup($IP);
		if(! $host){ 
			$db->queryWrite("insert into $table (IP, patternSig, status, lastUpdate, PTR) values ({$ipHex}, UNHEX(MD5('%s')), '%s', unix_timestamp(), '%s') ON DUPLICATE KEY UPDATE status='%s', lastUpdate=unix_timestamp(), PTR='%s'", $hostPattern, 'noPTR', '', 'noPTR', '');
			return false; 
		}
		if(preg_match($hostPattern, $host)){
			$resultIPs = wfUtils::resolveDomainName($host);
			$addrsMatch = false;
			foreach($resultIPs as $resultIP){
				if($resultIP == $IP){
					$addrsMatch = true;
					break;
				}
			}
			if($addrsMatch){
				$db->queryWrite("insert into $table (IP, patternSig, status, lastUpdate, PTR) values ({$ipHex}, UNHEX(MD5('%s')), '%s', unix_timestamp(), '%s') ON DUPLICATE KEY UPDATE status='%s', lastUpdate=unix_timestamp(), PTR='%s'", $hostPattern, 'verified', $host, 'verified', $host);
				return true;
			} else {
				$db->queryWrite("insert into $table (IP, patternSig, status, lastUpdate, PTR) values ({$ipHex}, UNHEX(MD5('%s')), '%s', unix_timestamp(), '%s') ON DUPLICATE KEY UPDATE status='%s', lastUpdate=unix_timestamp(), PTR='%s'", $hostPattern, 'fwdFail', $host, 'fwdFail', $host);
				return false;
			}
		} else {
			$db->queryWrite("insert into $table (IP, patternSig, status, lastUpdate, PTR) values ({$ipHex}, UNHEX(MD5('%s')), '%s', unix_timestamp(), '%s') ON DUPLICATE KEY UPDATE status='%s', lastUpdate=unix_timestamp(), PTR='%s'", $hostPattern, 'badPTR', $host, 'badPTR', $host);
			return false;
		}
	}
	public static function isGooglebot($userAgent = null){
		if ($userAgent === null) {
			$userAgent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
		}
		return (bool) preg_match('/Googlebot\/\d\.\d/', $userAgent);
	}
	public static function isGoogleCrawler($userAgent = null){
		if ($userAgent === null) {
			$userAgent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
		}
		foreach (self::$googPat as $pat) {
			if (preg_match($pat . 'i', $userAgent)) {
				return true;
			}
		}
		return false;
	}
	private static $googPat = array(
'@^Mozilla/5\\.0 \$.*Google Keyword Tool.*\$$@',
'@^Mozilla/5\\.0 \$.*Feedfetcher\\-Google.*\$$@',
'@^Feedfetcher\\-Google\\-iGoogleGadgets.*$@',
'@^searchbot admin\\@google\\.com$@',
'@^Google\\-Site\\-Verification.*$@',
'@^Google OpenSocial agent.*$@',
'@^.*Googlebot\\-Mobile/2\\..*$@',
'@^AdsBot\\-Google\\-Mobile.*$@',
'@^google \$.*Enterprise.*\$$@',
'@^Mediapartners\\-Google.*$@',
'@^GoogleFriendConnect.*$@',
'@^googlebot\\-urlconsole$@',
'@^.*Google Web Preview.*$@',
'@^Feedfetcher\\-Google.*$@',
'@^AppEngine\\-Google.*$@',
'@^Googlebot\\-Video.*$@',
'@^Googlebot\\-Image.*$@',
'@^Google\\-Sitemaps.*$@',
'@^Googlebot/Test.*$@',
'@^Googlebot\\-News.*$@',
'@^.*Googlebot/2\\.1.*$@',
'@^AdsBot\\-Google.*$@',
'@^Google$@'
	);

/**
	 * Has correct user agent and PTR record points to .googlebot.com domain.
	 *
	 * @param string|null $ip
	 * @param string|null $ua
	 * @return bool
	 */
	public static function isVerifiedGoogleCrawler($ip = null, $ua = null) {
		static $verified;
		if (!isset($verified)) {
			$verified = array();
		}
		if ($ip === null) {
			$ip = wfUtils::getIP();
		}
		
		if ($ip === null || $ip === false) { //Likely a CLI execution
			return false;
		}
		
		if (array_key_exists($ip, $verified)) {
			return $verified[$ip];
		}
		if (self::isGoogleCrawler($ua)) {
			$services = wfUtils::whitelistPresets();
			if (array_key_exists('google', $services)) {
				$ranges = $services['google']['r'];
				foreach ($ranges as $r) {
					if (wfUtils::subnetContainsIP($r, $ip)) {
						$verified[$ip] = true;
						return $verified[$ip];
					}
				}
			}
			
			if (self::verifyCrawlerPTR(wordfence::getLog()->getGooglePattern(), $ip)) {
				$verified[$ip] = true;
				return $verified[$ip];
			}
			
			$noc1Status = self::verifyGooglebotViaNOC1($ip);
			if ($noc1Status == self::GOOGLE_BOT_VERIFIED) {
				$verified[$ip] = true;
				return $verified[$ip];
			}
			else if ($noc1Status == self::GOOGLE_BOT_FAKE) {
				$verified[$ip] = false;
				return $verified[$ip];
			}
			
			if (!array_key_exists('google', $services)) {
				return true; //We were unable to successfully validate Googlebot status so default to being permissive if the service IP list is missing
			}
		}
		$verified[$ip] = false;
		return $verified[$ip];
	}

/**
	 * Attempts to verify whether an IP claiming to be Googlebot is actually Googlebot.
	 * 
	 * @param string|null $ip
	 * @return string
	 */
	public static function verifyGooglebotViaNOC1($ip = null) {
		$table = wfDB::networkTable('wfCrawlers');
		if ($ip === null) {
			$ip = wfUtils::getIP();
		}
		$db = new wfDB();
		$IPn = wfUtils::inet_pton($ip);
		$ipHex = wfDB::binaryValueToSQLHex($IPn);
		$patternSig = 'googlenoc1';
		$status = $db->querySingle("select status from $table
				where IP={$ipHex}
				and patternSig=UNHEX(MD5('%s'))
				and lastUpdate > unix_timestamp() - %d",
				$patternSig,
				WORDFENCE_CRAWLER_VERIFY_CACHE_TIME);
		if ($status === 'verified') {
			return self::GOOGLE_BOT_VERIFIED;
		} else if ($status === 'fakeBot') {
			return self::GOOGLE_BOT_FAKE;
		}

$api = new wfAPI(wfConfig::get('apiKey'), wfUtils::getWPVersion());
		try {
			$data = $api->call('verify_googlebot', array(
				'ip' => $ip,
			));
			if (is_array($data) && !empty($data['verified'])) {
				// Cache results
				$db->queryWrite("INSERT INTO {$table} (IP, patternSig, status, lastUpdate) VALUES ({$ipHex}, UNHEX(MD5('%s')), '%s', unix_timestamp()) ON DUPLICATE KEY UPDATE status = VALUES(status), lastUpdate = VALUES(lastUpdate)", $patternSig, 'verified');
				return self::GOOGLE_BOT_VERIFIED;
			} else {
				$db->queryWrite("INSERT INTO {$table} (IP, patternSig, status, lastUpdate) VALUES ({$ipHex}, UNHEX(MD5('%s')), '%s', unix_timestamp()) ON DUPLICATE KEY UPDATE status = VALUES(status), lastUpdate = VALUES(lastUpdate)", $patternSig, 'fakeBot');
				self::GOOGLE_BOT_FAKE;
			}
		} catch (Exception $e) {
			// Do nothing, bail
		}
		return self::GOOGLE_BOT_UNDETERMINED;
	}
}