├── .gitignore
├── LICENSE
├── README.md
├── app
    ├── code
    │   └── community
    │   │   └── AgentsOf
    │   │       └── Shield
    │   │           ├── Helper
    │   │               └── Data.php
    │   │           ├── Model
    │   │               ├── Observer.php
    │   │               └── Source
    │   │               │   ├── Action.php
    │   │               │   ├── Area.php
    │   │               │   └── Redirect.php
    │   │           └── etc
    │   │               ├── config.xml
    │   │               └── system.xml
    └── etc
    │   └── modules
    │       └── AgentsOf_Shield.xml
└── modman


/.gitignore:
--------------------------------------------------------------------------------
1 | .idea/
2 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | The MIT License (MIT)
 2 | 
 3 | Copyright (c) 2015 Winston Nolan
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 
23 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # Magento Shield #
 2 | 
 3 | You run a Magento Store. You want to protect this store's Frontend, or Admin, or both from hackers or search engines.
 4 | What can you do?
 5 | 
 6 | 1. You can password protect these endpoints. 
 7 |   A password will give you an error when you try to upload images to products from the admin. It is also difficult to change and manage
 8 | 2. You can put the store Admin behind a VPN. 
 9 |   This is difficult to setup, and a little difficult to manage when you just want to protect the Admin
10 | 3. You can allow access based on IP Address
11 |   Difficult to manage and IP addresses rotate frequently, so you would have to update/change this whitelist constantly
12 | 4. You can protect the end points based on a set request header - This is where this module comes in
13 | 
14 | # What does this module do? #
15 | 
16 | This module listens to each request made to Magento Admin, Frontend or Both (configurable) and looks for a request header name (configurable via the admin) and the request header value (configurable) and if this matches, it allow the request through to Magento. If this fails it can either block the request (Send a 403) or redirect the request to a URL (configurable)
17 | 
18 | # How to send the request header #
19 | 
20 | Use a browser like chrome and the modheader extension, link below
21 | https://chrome.google.com/webstore/detail/modheader/idgpnmonknjnojddfkpgkljpfnnfcklj?hl=en
22 | 
23 | # TODO #
24 | 
25 | Build a shell script that can enable or disable the shield
26 | 
27 | 


--------------------------------------------------------------------------------
/app/code/community/AgentsOf/Shield/Helper/Data.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | class AgentsOf_Shield_Helper_Data extends Mage_Core_Helper_Abstract
 3 | {
 4 |     public function isEnabled()
 5 |     {
 6 |         return Mage::getStoreConfig('agentsof_shield/general/enable');
 7 |     }
 8 | 
 9 |     public function getHeaderName()
10 |     {
11 |         return Mage::getStoreConfig('agentsof_shield/general/header_name');
12 |     }
13 | 
14 |     public function getHeaderValue()
15 |     {
16 |         return Mage::getStoreConfig('agentsof_shield/general/header_value');
17 |     }
18 | 
19 |     public function getProtectedArea()
20 |     {
21 |         return Mage::getStoreConfig('agentsof_shield/general/enabled_for_area');
22 |     }
23 | 
24 |     public function getAction()
25 |     {
26 |         return Mage::getStoreConfig('agentsof_shield/general/action');
27 |     }
28 | 
29 |     public function getRedirect()
30 |     {
31 |         return Mage::getStoreConfig('agentsof_shield/general/redirect');
32 |     }
33 | 
34 |     public function getRedirectUrl()
35 |     {
36 |         return Mage::getStoreConfig('agentsof_shield/general/redirect_url');
37 |     }
38 | 
39 |     public function isAdmin()
40 |     {
41 |         if(Mage::app()->getStore()->isAdmin())
42 |         {
43 |             return true;
44 |         }
45 | 
46 |         if(Mage::getDesign()->getArea() == 'adminhtml')
47 |         {
48 |             return true;
49 |         }
50 | 
51 |         return false;
52 |     }
53 | }


--------------------------------------------------------------------------------
/app/code/community/AgentsOf/Shield/Model/Observer.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | class AgentsOf_Shield_Model_Observer
 3 | {
 4 |     public function check($observer)
 5 |     {
 6 |         $helper = Mage::helper('agentsof_shield');
 7 |         $requestHeaderName = $helper->getHeaderName();
 8 |         $requestHeaderValue = $helper->getHeaderValue();
 9 | 
10 |         if(!$helper->isEnabled()) {
11 |             return;
12 |         }
13 | 
14 |         if($helper->getProtectedArea() == Mage_Core_Model_App_Area::AREA_ADMIN &&
15 |             !$helper->isAdmin()) {
16 |             return;
17 |         }
18 | 
19 |         if($helper->getProtectedArea() == Mage_Core_Model_App_Area::AREA_FRONTEND &&
20 |             $helper->isAdmin()) {
21 |             return;
22 |         }
23 | 
24 |         if(Mage::app()->getRequest()->getHeader($requestHeaderName) &&
25 |             Mage::app()->getRequest()->getHeader($requestHeaderName) == $requestHeaderValue) {
26 |             return;
27 |         }
28 | 
29 |         // block or redirect everything that reaches this point
30 |         if($helper->getAction() == AgentsOf_Shield_Model_Source_Action::REDIRECT) {
31 |             if($helper->getRedirect() == AgentsOf_Shield_Model_Source_Redirect::CUSTOM) {
32 |                 Mage::app()->getResponse()
33 |                     ->setRedirect($helper->getRedirectUrl())
34 |                     ->sendResponse();
35 | 
36 |                 exit();
37 | 
38 |             } else {
39 |                 Mage::app()->getResponse()
40 |                     ->setRedirect(Mage::getBaseUrl())
41 |                     ->sendResponse();
42 | 
43 |                 exit();
44 |             }
45 | 
46 |         } else {
47 |             Mage::app()->getResponse()
48 |                 ->setHttpResponseCode(403)
49 |                 ->setBody('')
50 |                 ->sendResponse();
51 | 
52 |             exit();
53 |         }
54 | 
55 |     }
56 | }


--------------------------------------------------------------------------------
/app/code/community/AgentsOf/Shield/Model/Source/Action.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | class AgentsOf_Shield_Model_Source_Action
 4 | {
 5 |     const REDIRECT   = 'redirect';
 6 |     const BLOCK   = 'block';
 7 | 
 8 |     public function toOptionArray()
 9 |     {
10 |         return array(
11 |             array(
12 |                 'value' => self::BLOCK,
13 |                 'label' => Mage::helper('agentsof_shield')->__('Block')
14 |             ),
15 |             array(
16 |                 'value' => self::REDIRECT,
17 |                 'label' => Mage::helper('agentsof_shield')->__('Redirect')
18 |             )
19 |         );
20 |     }
21 | }


--------------------------------------------------------------------------------
/app/code/community/AgentsOf/Shield/Model/Source/Area.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | class AgentsOf_Shield_Model_Source_Area
 4 | {
 5 |     public function toOptionArray()
 6 |     {
 7 |         return array(
 8 |             array(
 9 |                 'value' => Mage_Core_Model_App_Area::AREA_ADMIN,
10 |                 'label' => Mage::helper('agentsof_shield')->__('Admin')
11 |             ),
12 |             array(
13 |                 'value' => Mage_Core_Model_App_Area::AREA_FRONTEND,
14 |                 'label' => Mage::helper('agentsof_shield')->__('Frontend')
15 |             ),
16 |             array(
17 |                 'value' => Mage_Core_Model_App_Area::AREA_GLOBAL,
18 |                 'label' => Mage::helper('agentsof_shield')->__('Global')
19 |             )
20 |         );
21 |     }
22 | }


--------------------------------------------------------------------------------
/app/code/community/AgentsOf/Shield/Model/Source/Redirect.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | 
 3 | class AgentsOf_Shield_Model_Source_Redirect
 4 | {
 5 |     const BASE_URL   = 'base_url';
 6 |     const CUSTOM   = 'custom_url';
 7 | 
 8 |     public function toOptionArray()
 9 |     {
10 |         return array(
11 |             array(
12 |                 'value' => self::BASE_URL,
13 |                 'label' => Mage::helper('agentsof_shield')->__('Base URL')
14 |             ),
15 |             array(
16 |                 'value' => self::CUSTOM,
17 |                 'label' => Mage::helper('agentsof_shield')->__('Custom URL')
18 |             )
19 |         );
20 |     }
21 | }


--------------------------------------------------------------------------------
/app/code/community/AgentsOf/Shield/etc/config.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0"?>
 2 | <config>
 3 |     <modules>
 4 |         <AgentsOf_Shield>
 5 |             <version>0.0.1</version>
 6 |         </AgentsOf_Shield>
 7 |     </modules>
 8 |     <global>
 9 |         <helpers>
10 |             <agentsof_shield>
11 |                 <class>AgentsOf_Shield_Helper</class>
12 |             </agentsof_shield>
13 |         </helpers>
14 |         <models>
15 |             <agentsof_shield>
16 |                 <class>AgentsOf_Shield_Model</class>
17 |             </agentsof_shield>
18 |         </models>
19 |         <events>
20 |             <controller_action_predispatch>
21 |                 <observers>
22 |                     <agentsof_shield>
23 |                         <class>agentsof_shield/observer</class>
24 |                         <method>check</method>
25 |                     </agentsof_shield>
26 |                 </observers>
27 |             </controller_action_predispatch>
28 |         </events>
29 |     </global>
30 |     <adminhtml>
31 |         <acl>
32 |             <resources>
33 |                 <admin>
34 |                     <children>
35 |                         <system>
36 |                             <children>
37 |                                 <config>
38 |                                     <children>
39 |                                         <agentsof_shield>
40 |                                             <title>Shield</title>
41 |                                         </agentsof_shield>
42 |                                     </children>
43 |                                 </config>
44 |                             </children>
45 |                         </system>
46 |                     </children>
47 |                 </admin>
48 |             </resources>
49 |         </acl>
50 |     </adminhtml>
51 | </config>


--------------------------------------------------------------------------------
/app/code/community/AgentsOf/Shield/etc/system.xml:
--------------------------------------------------------------------------------
 1 | <?xml version="1.0" encoding="UTF-8"?>
 2 | <config>
 3 |     <sections>
 4 |         <agentsof_shield module="agentsof_shield">
 5 |             <label>Shield</label>
 6 |             <tab>general</tab>
 7 |             <sort_order>25</sort_order>
 8 |             <show_in_default>1</show_in_default>
 9 |             <show_in_website>1</show_in_website>
10 |             <show_in_store>1</show_in_store>
11 |             <groups>
12 |                 <general translate="label" module="agentsof_shield">
13 |                     <label>General</label>
14 |                     <frontend_type>text</frontend_type>
15 |                     <sort_order>0</sort_order>
16 |                     <show_in_default>1</show_in_default>
17 |                     <show_in_website>1</show_in_website>
18 |                     <show_in_store>1</show_in_store>
19 |                     <comment></comment>
20 |                     <fields>
21 |                         <enable>
22 |                             <label>Enable</label>
23 |                             <frontend_type>select</frontend_type>
24 |                             <source_model>adminhtml/system_config_source_yesno</source_model>
25 |                             <sort_order>0</sort_order>
26 |                             <show_in_default>1</show_in_default>
27 |                             <show_in_website>1</show_in_website>
28 |                             <show_in_store>1</show_in_store>
29 |                         </enable>
30 |                         <header_name translate="label">
31 |                             <label>Header Name</label>
32 |                             <frontend_type>text</frontend_type>
33 |                             <sort_order>1</sort_order>
34 |                             <show_in_default>1</show_in_default>
35 |                             <show_in_website>1</show_in_website>
36 |                             <show_in_store>0</show_in_store>
37 |                             <comment>Name of the request header</comment>
38 |                         </header_name>
39 |                         <header_value translate="label">
40 |                             <label>Header Value</label>
41 |                             <frontend_type>text</frontend_type>
42 |                             <sort_order>2</sort_order>
43 |                             <show_in_default>1</show_in_default>
44 |                             <show_in_website>1</show_in_website>
45 |                             <show_in_store>0</show_in_store>
46 |                             <comment>Value of the request header</comment>
47 |                         </header_value>
48 |                         <enabled_for_area translate="label">
49 |                             <label>Enabled on which area of the site</label>
50 |                             <frontend_type>select</frontend_type>
51 |                             <source_model>agentsof_shield/source_area</source_model>
52 |                             <sort_order>3</sort_order>
53 |                             <show_in_default>1</show_in_default>
54 |                             <show_in_website>1</show_in_website>
55 |                             <show_in_store>0</show_in_store>
56 |                             <can_be_empty>1</can_be_empty>
57 |                         </enabled_for_area>
58 |                         <action translate="label">
59 |                             <label>What to do with invalid requests?</label>
60 |                             <frontend_type>select</frontend_type>
61 |                             <source_model>agentsof_shield/source_action</source_model>
62 |                             <sort_order>4</sort_order>
63 |                             <show_in_default>1</show_in_default>
64 |                             <show_in_website>1</show_in_website>
65 |                             <show_in_store>0</show_in_store>
66 |                             <can_be_empty>0</can_be_empty>
67 |                         </action>
68 |                         <redirect translate="label">
69 |                             <label>Where should invalid requests be redirected to?</label>
70 |                             <frontend_type>select</frontend_type>
71 |                             <source_model>agentsof_shield/source_redirect</source_model>
72 |                             <sort_order>5</sort_order>
73 |                             <show_in_default>1</show_in_default>
74 |                             <show_in_website>1</show_in_website>
75 |                             <show_in_store>0</show_in_store>
76 |                             <can_be_empty>0</can_be_empty>
77 |                             <depends><action>redirect</action></depends>
78 |                         </redirect>
79 |                         <redirect_url>
80 |                             <label>Custom Redirect URL</label>
81 |                             <frontend_type>text</frontend_type>
82 |                             <sort_order>6</sort_order>
83 |                             <show_in_default>1</show_in_default>
84 |                             <show_in_website>1</show_in_website>
85 |                             <show_in_store>0</show_in_store>
86 |                             <depends><redirect>custom_url</redirect></depends>
87 |                         </redirect_url>
88 |                     </fields>
89 |                 </general>
90 |             </groups>
91 |         </agentsof_shield>
92 |     </sections>
93 | </config>
94 | 


--------------------------------------------------------------------------------
/app/etc/modules/AgentsOf_Shield.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0"?>
2 | <config>
3 |     <modules>
4 |         <AgentsOf_Shield>
5 |             <active>true</active>
6 |             <codePool>community</codePool>
7 |         </AgentsOf_Shield>
8 |     </modules>
9 | </config>


--------------------------------------------------------------------------------
/modman:
--------------------------------------------------------------------------------
1 | # AgentsOf_Shield modman file
2 | app/code/community/AgentsOf     app/code/community/AgentsOf
3 | app/etc/AgentsOf_Shield.xml     app/etc/modules/AgentsOf_Shield.xml


--------------------------------------------------------------------------------