Jetpack_Protect_Module::maybe_update_headers PHP Method

Jetpack_Protect_Module Class Documentation Mostra file Open project: automattic/jetpack

maybe_update_headers() public method

Sends a "check_key" API call once a day. This call allows us to track IP-related headers for this server via the Protect API, in order to better identify the source IP for login attempts
public maybe_update_headers ( $force = false ) 
    public function maybe_update_headers($force = false)
    {
        $updated_recently = $this->get_transient('jpp_headers_updated_recently');
        if (!$force) {
            if (isset($_GET['protect_update_headers'])) {
                $force = true;
            }
        }
        // check that current user is admin so we prevent a lower level user from adding
        // a trusted header, allowing them to brute force an admin account
        if ($updated_recently && !$force || !current_user_can('update_plugins')) {
            return;
        }
        $response = Jetpack_Protect_Module::protect_call('check_key');
        $this->set_transient('jpp_headers_updated_recently', 1, DAY_IN_SECONDS);
        if (isset($response['msg']) && $response['msg']) {
            update_site_option('trusted_ip_header', json_decode($response['msg']));
        }
    }
Jetpack_Protect_Module
__construct
admin_banner_styles
admin_jetpack_manage_notice
block_with_math
check_api_key
check_login_ability
check_preauth
check_use_math
configuration_head
configuration_load
configuration_screen
delete_transient
get_api_host
get_headers
get_local_host
get_main_blog_id
get_main_blog_jetpack_id
get_protect_key
get_transient
instance
ip_is_whitelisted
kill_login
log_failed_attempt
log_successful_login
maybe_display_security_warning
maybe_get_protect_key
maybe_update_headers
modules_loaded
on_activation
on_deactivation
prepare_jetpack_protect_multisite_notice
protect_call
set_transient