All In One WP Security & Firewall - Version 2.2

Version Description

  • Added a new feature which will block some spambots from submitting comments.
  • Moved Comment SPAM IP monitoring interface to the new "SPAM Prevention" menu.
  • Fixed a bug with login lockdown feature for both multi and single site.
  • Improved firewall feature for multi-site by making the "Firewall" menu available only for the main site and not the sub-sites.
  • Added random prefix to backup file names.
  • Fixed a bug for WP multi-site install where DB tables do not get created when new blog are created in the network.
Download this release

Release Info

Developer mra13
Plugin Icon 128x128 All In One WP Security & Firewall
Version 2.2
Comparing to
See all releases

Code changes from version 2.1.1 to 2.2

Files changed (11) hide show
  1. admin/wp-security-admin-init.php +14 -1
  2. admin/wp-security-blacklist-menu.php +0 -100
  3. admin/wp-security-spam-menu.php +243 -0
  4. classes/grade-system/wp-security-feature-item-manager.php +17 -0
  5. classes/wp-security-backup.php +7 -3
  6. classes/wp-security-configure-settings.php +5 -0
  7. classes/wp-security-user-login.php +10 -4
  8. classes/wp-security-utility-htaccess.php +65 -0
  9. readme.txt +15 -3
  10. wp-security-core.php +2 -1
  11. wp-security.php +16 -1
admin/wp-security-admin-init.php CHANGED
@@ -16,6 +16,7 @@ class AIOWPSecurity_Admin_Init
16
  var $blacklist_menu;
17
  var $firewall_menu;
18
  var $maintenance_menu;
 
19
 
20
  function __construct()
21
  {
@@ -146,7 +147,12 @@ class AIOWPSecurity_Admin_Init
146
  add_submenu_page(AIOWPSEC_MAIN_MENU_SLUG, __('Filesystem Security', 'aiowpsecurity'), __('Filesystem Security', 'aiowpsecurity') , AIOWPSEC_MANAGEMENT_PERMISSION, AIOWPSEC_FILESYSTEM_MENU_SLUG, array(&$this, 'handle_filesystem_menu_rendering'));
147
  add_submenu_page(AIOWPSEC_MAIN_MENU_SLUG, __('WHOIS Lookup', 'aiowpsecurity'), __('WHOIS Lookup', 'aiowpsecurity') , AIOWPSEC_MANAGEMENT_PERMISSION, AIOWPSEC_WHOIS_MENU_SLUG, array(&$this, 'handle_whois_menu_rendering'));
148
  add_submenu_page(AIOWPSEC_MAIN_MENU_SLUG, __('Blacklist Manager', 'aiowpsecurity'), __('Blacklist Manager', 'aiowpsecurity') , AIOWPSEC_MANAGEMENT_PERMISSION, AIOWPSEC_BLACKLIST_MENU_SLUG, array(&$this, 'handle_blacklist_menu_rendering'));
149
- add_submenu_page(AIOWPSEC_MAIN_MENU_SLUG, __('Firewall', 'aiowpsecurity'), __('Firewall', 'aiowpsecurity') , AIOWPSEC_MANAGEMENT_PERMISSION, AIOWPSEC_FIREWALL_MENU_SLUG, array(&$this, 'handle_firewall_menu_rendering'));
 
 
 
 
 
150
  add_submenu_page(AIOWPSEC_MAIN_MENU_SLUG, __('Maintenance', 'aiowpsecurity'), __('Maintenance', 'aiowpsecurity') , AIOWPSEC_MANAGEMENT_PERMISSION, AIOWPSEC_MAINTENANCE_MENU_SLUG, array(&$this, 'handle_maintenance_menu_rendering'));
151
  do_action('aiowpsecurity_admin_menu_created');
152
  }
@@ -212,5 +218,12 @@ class AIOWPSecurity_Admin_Init
212
  $this->maintenance_menu = new AIOWPSecurity_Maintenance_Menu();
213
  }
214
 
 
 
 
 
 
 
 
215
  }//End of class
216
 
16
  var $blacklist_menu;
17
  var $firewall_menu;
18
  var $maintenance_menu;
19
+ var $spam_menu;
20
 
21
  function __construct()
22
  {
147
  add_submenu_page(AIOWPSEC_MAIN_MENU_SLUG, __('Filesystem Security', 'aiowpsecurity'), __('Filesystem Security', 'aiowpsecurity') , AIOWPSEC_MANAGEMENT_PERMISSION, AIOWPSEC_FILESYSTEM_MENU_SLUG, array(&$this, 'handle_filesystem_menu_rendering'));
148
  add_submenu_page(AIOWPSEC_MAIN_MENU_SLUG, __('WHOIS Lookup', 'aiowpsecurity'), __('WHOIS Lookup', 'aiowpsecurity') , AIOWPSEC_MANAGEMENT_PERMISSION, AIOWPSEC_WHOIS_MENU_SLUG, array(&$this, 'handle_whois_menu_rendering'));
149
  add_submenu_page(AIOWPSEC_MAIN_MENU_SLUG, __('Blacklist Manager', 'aiowpsecurity'), __('Blacklist Manager', 'aiowpsecurity') , AIOWPSEC_MANAGEMENT_PERMISSION, AIOWPSEC_BLACKLIST_MENU_SLUG, array(&$this, 'handle_blacklist_menu_rendering'));
150
+ if (AIOWPSecurity_Utility::is_multisite_install() && get_current_blog_id() != 1){
151
+ //Suppress the firewall menu if site is a multi site AND not the main site
152
+ }else{
153
+ add_submenu_page(AIOWPSEC_MAIN_MENU_SLUG, __('Firewall', 'aiowpsecurity'), __('Firewall', 'aiowpsecurity') , AIOWPSEC_MANAGEMENT_PERMISSION, AIOWPSEC_FIREWALL_MENU_SLUG, array(&$this, 'handle_firewall_menu_rendering'));
154
+ }
155
+ add_submenu_page(AIOWPSEC_MAIN_MENU_SLUG, __('SPAM Prevention', 'aiowpsecurity'), __('SPAM Prevention', 'aiowpsecurity') , AIOWPSEC_MANAGEMENT_PERMISSION, AIOWPSEC_SPAM_MENU_SLUG, array(&$this, 'handle_spam_menu_rendering'));
156
  add_submenu_page(AIOWPSEC_MAIN_MENU_SLUG, __('Maintenance', 'aiowpsecurity'), __('Maintenance', 'aiowpsecurity') , AIOWPSEC_MANAGEMENT_PERMISSION, AIOWPSEC_MAINTENANCE_MENU_SLUG, array(&$this, 'handle_maintenance_menu_rendering'));
157
  do_action('aiowpsecurity_admin_menu_created');
158
  }
218
  $this->maintenance_menu = new AIOWPSecurity_Maintenance_Menu();
219
  }
220
 
221
+ function handle_spam_menu_rendering()
222
+ {
223
+ include_once('wp-security-spam-menu.php');
224
+ $this->spam_menu = new AIOWPSecurity_Spam_Menu();
225
+ }
226
+
227
+
228
  }//End of class
229
 
admin/wp-security-blacklist-menu.php CHANGED
@@ -7,12 +7,10 @@ class AIOWPSecurity_Blacklist_Menu extends AIOWPSecurity_Admin_Menu
7
  /* Specify all the tabs of this menu in the following array */
8
  var $menu_tabs = array(
9
  'tab1' => 'Ban Users',
10
- 'tab2' => 'SPAM Comments IP Monitoring',
11
  );
12
 
13
  var $menu_tabs_handler = array(
14
  'tab1' => 'render_tab1',
15
- 'tab2' => 'render_tab2',
16
  );
17
 
18
  function __construct()
@@ -208,104 +206,6 @@ class AIOWPSecurity_Blacklist_Menu extends AIOWPSecurity_Admin_Menu
208
  <?php
209
  }
210
 
211
- function render_tab2()
212
- {
213
- global $aio_wp_security;
214
- include_once 'wp-security-list-comment-spammer-ip.php'; //For rendering the AIOWPSecurity_List_Table in tab2
215
- $spammer_ip_list = new AIOWPSecurity_List_Comment_Spammer_IP();
216
-
217
- if (isset($_POST['aiowps_ip_spam_comment_search']))
218
- {
219
- $error = '';
220
- $nonce=$_REQUEST['_wpnonce'];
221
- if (!wp_verify_nonce($nonce, 'aiowpsec-spammer-ip-list-nonce'))
222
- {
223
- $aio_wp_security->debug_logger->log_debug("Nonce check failed for list SPAM comment IPs!",4);
224
- die(__('Nonce check failed for list SPAM comment IPs!','aiowpsecurity'));
225
- }
226
-
227
- $min_comments_per_ip = sanitize_text_field($_POST['aiowps_spam_ip_min_comments']);
228
- if(!is_numeric($min_comments_per_ip))
229
- {
230
- $error .= '<br />'.__('You entered a non numeric value for the minimum SPAM comments per IP field. It has been set to the default value.','aiowpsecurity');
231
- $min_comments_per_ip = '5';//Set it to the default value for this field
232
- }
233
-
234
- if($error)
235
- {
236
- $this->show_msg_error(__('Attention!','aiowpsecurity').$error);
237
- }
238
-
239
- //Save all the form values to the options
240
- $aio_wp_security->configs->set_value('aiowps_spam_ip_min_comments',absint($min_comments_per_ip));
241
- $aio_wp_security->configs->save_config();
242
- $info_msg_string = sprintf( __('Displaying results for IP addresses which have posted a minimum of %s SPAM comments', 'aiowpsecurity'), $min_comments_per_ip);
243
- $this->show_msg_updated($info_msg_string);
244
-
245
- }
246
-
247
- if(isset($_REQUEST['action'])) //Do list table form row action tasks
248
- {
249
- if($_REQUEST['action'] == 'block_spammer_ip')
250
- { //The "block" link was clicked for a row in the list table
251
- $spammer_ip_list->block_spammer_ip_records(strip_tags($_REQUEST['spammer_ip']));
252
- }
253
- }
254
-
255
- ?>
256
- <div class="aio_blue_box">
257
- <?php
258
- echo '<p>'.__('This tab displays a list of the IP addresses of the people or bots who have left SPAM comments on your site.', 'aiowpsecurity').'
259
- <br />'.__('This information can be handy for identifying the most persistent IP addresses or ranges used by spammers.', 'aiowpsecurity').'
260
- <br />'.__('By inspecting the IP address data coming from spammers you will be in a better position to determine which addresses or address ranges you should block by adding them to your blacklist.', 'aiowpsecurity').'
261
- <br />'.__('To add one or more of the IP addresses displayed in the table below to your blacklist, simply click the "Block" link for the individual row or select more than one address
262
- using the checkboxes and then choose the "block" option from the Bulk Actions dropdown list and click the "Apply" button.', 'aiowpsecurity').'
263
- </p>';
264
- ?>
265
- </div>
266
- <div class="postbox">
267
- <h3><label for="title"><?php _e('List SPAMMER IP Addresses', 'aiowpsecurity'); ?></label></h3>
268
- <div class="inside">
269
- <form action="" method="POST">
270
- <?php wp_nonce_field('aiowpsec-spammer-ip-list-nonce'); ?>
271
- <table class="form-table">
272
- <tr valign="top">
273
- <th scope="row"><?php _e('Minimum number of SPAM comments per IP', 'aiowpsecurity')?>:</th>
274
- <td><input size="5" name="aiowps_spam_ip_min_comments" value="<?php echo $aio_wp_security->configs->get_value('aiowps_spam_ip_min_comments'); ?>" />
275
- <span class="description"><?php _e('This field allows you to list only those IP addresses which have been used to post X or more SPAM comments.', 'aiowpsecurity');?></span>
276
- <span class="aiowps_more_info_anchor"><span class="aiowps_more_info_toggle_char">+</span><span class="aiowps_more_info_toggle_text"><?php _e('More Info', 'aiowpsecurity'); ?></span></span>
277
- <div class="aiowps_more_info_body">
278
- <?php
279
- echo '<p class="description">'.__('Example 1: Setting this value to "0" or "1" will list ALL IP addresses which were used to submit SPAM comments.', 'aiowpsecurity').'</p>';
280
- echo '<p class="description">'.__('Example 2: Setting this value to "5" will list only those IP addresses which were used to submit 5 SPAM comments or more on your site.', 'aiowpsecurity').'</p>';
281
- ?>
282
- </div>
283
-
284
- </td>
285
- </tr>
286
- </table>
287
- <input type="submit" name="aiowps_ip_spam_comment_search" value="<?php _e('Find IP Addresses', 'aiowpsecurity')?>" class="button-primary" />
288
- </form>
289
- </div></div>
290
- <div class="postbox">
291
- <h3><label for="title"><?php _e('SPAMMER IP Address Results', 'aiowpsecurity'); ?></label></h3>
292
- <div class="inside">
293
- <?php
294
- //Fetch, prepare, sort, and filter our data...
295
- $spammer_ip_list->prepare_items();
296
- //echo "put table of locked entries here";
297
- ?>
298
- <form id="tables-filter" method="get" onSubmit="return confirm('Are you sure you want to perform this bulk operation on the selected entries?');">
299
- <!-- For plugins, we also need to ensure that the form posts back to our current page -->
300
- <input type="hidden" name="page" value="<?php echo $_REQUEST['page']; ?>" />
301
- <input type="hidden" name="tab" value="<?php echo $_REQUEST['tab']; ?>" />
302
- <!-- Now we can render the completed list table -->
303
- <?php $spammer_ip_list->display(); ?>
304
- </form>
305
- </div></div>
306
- <?php
307
- }
308
-
309
  function validate_user_agent_list()
310
  {
311
  global $aio_wp_security;
7
  /* Specify all the tabs of this menu in the following array */
8
  var $menu_tabs = array(
9
  'tab1' => 'Ban Users',
 
10
  );
11
 
12
  var $menu_tabs_handler = array(
13
  'tab1' => 'render_tab1',
 
14
  );
15
 
16
  function __construct()
206
  <?php
207
  }
208
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
209
  function validate_user_agent_list()
210
  {
211
  global $aio_wp_security;
admin/wp-security-spam-menu.php ADDED
@@ -0,0 +1,243 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ class AIOWPSecurity_Spam_Menu extends AIOWPSecurity_Admin_Menu
4
+ {
5
+ var $menu_page_slug = AIOWPSEC_SPAM_MENU_SLUG;
6
+
7
+ /* Specify all the tabs of this menu in the following array */
8
+ var $menu_tabs = array(
9
+ 'tab1' => 'Comment SPAM',
10
+ 'tab2' => 'Comment SPAM IP Monitoring',
11
+ );
12
+
13
+ var $menu_tabs_handler = array(
14
+ 'tab1' => 'render_tab1',
15
+ 'tab2' => 'render_tab2',
16
+ );
17
+
18
+ function __construct()
19
+ {
20
+ $this->render_menu_page();
21
+ }
22
+
23
+ function get_current_tab()
24
+ {
25
+ $tab_keys = array_keys($this->menu_tabs);
26
+ $tab = isset( $_GET['tab'] ) ? $_GET['tab'] : $tab_keys[0];
27
+ return $tab;
28
+ }
29
+
30
+ /*
31
+ * Renders our tabs of this menu as nav items
32
+ */
33
+ function render_menu_tabs()
34
+ {
35
+ $current_tab = $this->get_current_tab();
36
+
37
+ echo '<h2 class="nav-tab-wrapper">';
38
+ foreach ( $this->menu_tabs as $tab_key => $tab_caption )
39
+ {
40
+ $active = $current_tab == $tab_key ? 'nav-tab-active' : '';
41
+ echo '<a class="nav-tab ' . $active . '" href="?page=' . $this->menu_page_slug . '&tab=' . $tab_key . '">' . $tab_caption . '</a>';
42
+ }
43
+ echo '</h2>';
44
+ }
45
+
46
+ /*
47
+ * The menu rendering goes here
48
+ */
49
+ function render_menu_page()
50
+ {
51
+ $tab = $this->get_current_tab();
52
+ ?>
53
+ <div class="wrap">
54
+ <div id="poststuff"><div id="post-body">
55
+ <?php
56
+ $this->render_menu_tabs();
57
+ //$tab_keys = array_keys($this->menu_tabs);
58
+ call_user_func(array(&$this, $this->menu_tabs_handler[$tab]));
59
+ ?>
60
+ </div></div>
61
+ </div><!-- end of wrap -->
62
+ <?php
63
+ }
64
+
65
+ function render_tab1()
66
+ {
67
+ global $aiowps_feature_mgr;
68
+ global $aio_wp_security;
69
+ if(isset($_POST['aiowps_apply_comment_spam_prevention_settings']))//Do form submission tasks
70
+ {
71
+ $nonce=$_REQUEST['_wpnonce'];
72
+ if (!wp_verify_nonce($nonce, 'aiowpsec-block-spambots-nonce'))
73
+ {
74
+ $aio_wp_security->debug_logger->log_debug("Nonce check failed on enable basic firewall settings!",4);
75
+ die("Nonce check failed on enable basic firewall settings!");
76
+ }
77
+
78
+ //Save settings
79
+ $aio_wp_security->configs->set_value('aiowps_enable_spambot_blocking',isset($_POST["aiowps_enable_spambot_blocking"])?'1':'');
80
+
81
+ //Commit the config settings
82
+ $aio_wp_security->configs->save_config();
83
+
84
+ //Recalculate points after the feature status/options have been altered
85
+ $aiowps_feature_mgr->check_feature_status_and_recalculate_points();
86
+
87
+ //Now let's write the applicable rules to the .htaccess file
88
+ $res = AIOWPSecurity_Utility_Htaccess::write_to_htaccess();
89
+
90
+ if ($res)
91
+ {
92
+ $this->show_msg_updated(__('Settings were successfully saved', 'aiowpsecurity'));
93
+ }
94
+ else if($res == -1)
95
+ {
96
+ $this->show_msg_error(__('Could not write to the .htaccess file. Please check the file permissions.', 'aiowpsecurity'));
97
+ }
98
+ }
99
+
100
+ ?>
101
+ <h2><?php _e('Comment SPAM Settings', 'aiowpsecurity')?></h2>
102
+ <form action="" method="POST">
103
+ <?php wp_nonce_field('aiowpsec-block-spambots-nonce'); ?>
104
+
105
+ <div class="aio_blue_box">
106
+ <?php
107
+ echo '<p>'.__('A large portion of WordPress blog comment SPAM is mainly produced by automated bots and not necessarily by humans. ', 'aiowpsecurity').
108
+ '<br />'.__('This feature will greatly minimize the useless and unecessary traffic and load on your server resulting from SPAM comments by blocking all comment requests which do not originate from your domain.', 'aiowpsecurity').
109
+ '<br />In other words, if the comment was not submitted by a human who physically submitted the comment on your site, the request will be blocked.</p>';
110
+ ?>
111
+ </div>
112
+
113
+ <div class="postbox">
114
+ <h3><label for="title"><?php _e('Block Spambot Comments', 'aiowpsecurity'); ?></label></h3>
115
+ <div class="inside">
116
+ <?php
117
+ //Display security info badge
118
+ $aiowps_feature_mgr->output_feature_details_badge("block-spambots");
119
+ ?>
120
+ <table class="form-table">
121
+ <tr valign="top">
122
+ <th scope="row"><?php _e('Block Spambots From Posting Comments', 'aiowpsecurity')?>:</th>
123
+ <td>
124
+ <input name="aiowps_enable_spambot_blocking" type="checkbox"<?php if($aio_wp_security->configs->get_value('aiowps_enable_spambot_blocking')=='1') echo ' checked="checked"'; ?> value="1"/>
125
+ <span class="description"><?php _e('Check this if you want to apply a firewall rule which will block comments originating from spambots.', 'aiowpsecurity'); ?></span>
126
+ <span class="aiowps_more_info_anchor"><span class="aiowps_more_info_toggle_char">+</span><span class="aiowps_more_info_toggle_text"><?php _e('More Info', 'aiowpsecurity'); ?></span></span>
127
+ <div class="aiowps_more_info_body">
128
+ <?php
129
+ echo '<p class="description">'.__('This feature will implement a firewall rule to block all comment attempts which do not originate from your domain.', 'aiowpsecurity').'</p>';
130
+ echo '<p class="description">'.__('A legitimate comment is one which is submitted by a human who physically fills out the comment form and clicks the submit button. For such events, the HTTP_REFERRER is always set to your own domain.', 'aiowpsecurity').'</p>';
131
+ echo '<p class="description">'.__('A comment submitted by a spambot is done by directly calling the comments.php file, which usually means that the HTTP_REFERRER value is not your domain and often times empty.', 'aiowpsecurity').'</p>';
132
+ echo '<p class="description">'.__('This feature will check and block comment requests which are not referred by your domain thus greatly reducing your overall blog SPAM and PHP requests done by the server to process these comments.', 'aiowpsecurity').'</p>';
133
+ ?>
134
+ </div>
135
+ </td>
136
+ </tr>
137
+ </table>
138
+ </div></div>
139
+
140
+ <input type="submit" name="aiowps_apply_comment_spam_prevention_settings" value="<?php _e('Save Settings', 'aiowpsecurity')?>" class="button-primary" />
141
+ </form>
142
+ <?php
143
+ }
144
+
145
+ function render_tab2()
146
+ {
147
+ global $aio_wp_security;
148
+ include_once 'wp-security-list-comment-spammer-ip.php'; //For rendering the AIOWPSecurity_List_Table in tab2
149
+ $spammer_ip_list = new AIOWPSecurity_List_Comment_Spammer_IP();
150
+
151
+ if (isset($_POST['aiowps_ip_spam_comment_search']))
152
+ {
153
+ $error = '';
154
+ $nonce=$_REQUEST['_wpnonce'];
155
+ if (!wp_verify_nonce($nonce, 'aiowpsec-spammer-ip-list-nonce'))
156
+ {
157
+ $aio_wp_security->debug_logger->log_debug("Nonce check failed for list SPAM comment IPs!",4);
158
+ die(__('Nonce check failed for list SPAM comment IPs!','aiowpsecurity'));
159
+ }
160
+
161
+ $min_comments_per_ip = sanitize_text_field($_POST['aiowps_spam_ip_min_comments']);
162
+ if(!is_numeric($min_comments_per_ip))
163
+ {
164
+ $error .= '<br />'.__('You entered a non numeric value for the minimum SPAM comments per IP field. It has been set to the default value.','aiowpsecurity');
165
+ $min_comments_per_ip = '5';//Set it to the default value for this field
166
+ }
167
+
168
+ if($error)
169
+ {
170
+ $this->show_msg_error(__('Attention!','aiowpsecurity').$error);
171
+ }
172
+
173
+ //Save all the form values to the options
174
+ $aio_wp_security->configs->set_value('aiowps_spam_ip_min_comments',absint($min_comments_per_ip));
175
+ $aio_wp_security->configs->save_config();
176
+ $info_msg_string = sprintf( __('Displaying results for IP addresses which have posted a minimum of %s SPAM comments', 'aiowpsecurity'), $min_comments_per_ip);
177
+ $this->show_msg_updated($info_msg_string);
178
+
179
+ }
180
+
181
+ if(isset($_REQUEST['action'])) //Do list table form row action tasks
182
+ {
183
+ if($_REQUEST['action'] == 'block_spammer_ip')
184
+ { //The "block" link was clicked for a row in the list table
185
+ $spammer_ip_list->block_spammer_ip_records(strip_tags($_REQUEST['spammer_ip']));
186
+ }
187
+ }
188
+
189
+ ?>
190
+ <div class="aio_blue_box">
191
+ <?php
192
+ echo '<p>'.__('This tab displays a list of the IP addresses of the people or bots who have left SPAM comments on your site.', 'aiowpsecurity').'
193
+ <br />'.__('This information can be handy for identifying the most persistent IP addresses or ranges used by spammers.', 'aiowpsecurity').'
194
+ <br />'.__('By inspecting the IP address data coming from spammers you will be in a better position to determine which addresses or address ranges you should block by adding them to your blacklist.', 'aiowpsecurity').'
195
+ <br />'.__('To add one or more of the IP addresses displayed in the table below to your blacklist, simply click the "Block" link for the individual row or select more than one address
196
+ using the checkboxes and then choose the "block" option from the Bulk Actions dropdown list and click the "Apply" button.', 'aiowpsecurity').'
197
+ </p>';
198
+ ?>
199
+ </div>
200
+ <div class="postbox">
201
+ <h3><label for="title"><?php _e('List SPAMMER IP Addresses', 'aiowpsecurity'); ?></label></h3>
202
+ <div class="inside">
203
+ <form action="" method="POST">
204
+ <?php wp_nonce_field('aiowpsec-spammer-ip-list-nonce'); ?>
205
+ <table class="form-table">
206
+ <tr valign="top">
207
+ <th scope="row"><?php _e('Minimum number of SPAM comments per IP', 'aiowpsecurity')?>:</th>
208
+ <td><input size="5" name="aiowps_spam_ip_min_comments" value="<?php echo $aio_wp_security->configs->get_value('aiowps_spam_ip_min_comments'); ?>" />
209
+ <span class="description"><?php _e('This field allows you to list only those IP addresses which have been used to post X or more SPAM comments.', 'aiowpsecurity');?></span>
210
+ <span class="aiowps_more_info_anchor"><span class="aiowps_more_info_toggle_char">+</span><span class="aiowps_more_info_toggle_text"><?php _e('More Info', 'aiowpsecurity'); ?></span></span>
211
+ <div class="aiowps_more_info_body">
212
+ <?php
213
+ echo '<p class="description">'.__('Example 1: Setting this value to "0" or "1" will list ALL IP addresses which were used to submit SPAM comments.', 'aiowpsecurity').'</p>';
214
+ echo '<p class="description">'.__('Example 2: Setting this value to "5" will list only those IP addresses which were used to submit 5 SPAM comments or more on your site.', 'aiowpsecurity').'</p>';
215
+ ?>
216
+ </div>
217
+
218
+ </td>
219
+ </tr>
220
+ </table>
221
+ <input type="submit" name="aiowps_ip_spam_comment_search" value="<?php _e('Find IP Addresses', 'aiowpsecurity')?>" class="button-primary" />
222
+ </form>
223
+ </div></div>
224
+ <div class="postbox">
225
+ <h3><label for="title"><?php _e('SPAMMER IP Address Results', 'aiowpsecurity'); ?></label></h3>
226
+ <div class="inside">
227
+ <?php
228
+ //Fetch, prepare, sort, and filter our data...
229
+ $spammer_ip_list->prepare_items();
230
+ //echo "put table of locked entries here";
231
+ ?>
232
+ <form id="tables-filter" method="get" onSubmit="return confirm('Are you sure you want to perform this bulk operation on the selected entries?');">
233
+ <!-- For plugins, we also need to ensure that the form posts back to our current page -->
234
+ <input type="hidden" name="page" value="<?php echo $_REQUEST['page']; ?>" />
235
+ <input type="hidden" name="tab" value="<?php echo $_REQUEST['tab']; ?>" />
236
+ <!-- Now we can render the completed list table -->
237
+ <?php $spammer_ip_list->display(); ?>
238
+ </form>
239
+ </div></div>
240
+ <?php
241
+ }
242
+
243
+ } //end class
classes/grade-system/wp-security-feature-item-manager.php CHANGED
@@ -72,6 +72,8 @@ class AIOWPSecurity_Feature_Item_Manager
72
  $this->feature_items[] = new AIOWPSecurity_Feature_Item("firewall-advanced-character-string-filter", "Advanced Character String Filter", $this->feature_point_3, $this->sec_level_advanced);
73
  $this->feature_items[] = new AIOWPSecurity_Feature_Item("firewall-enable-5g-blacklist", "5G Blacklist", $this->feature_point_4, $this->sec_level_advanced);
74
 
 
 
75
  }
76
 
77
  function get_feature_item_by_id($feature_id)
@@ -208,6 +210,10 @@ class AIOWPSecurity_Feature_Item_Manager
208
  $this->check_enable_5G_blacklist_firewall_feature($item);
209
  }
210
 
 
 
 
 
211
  }
212
  }
213
 
@@ -486,4 +492,15 @@ class AIOWPSecurity_Feature_Item_Manager
486
  }
487
  }
488
 
 
 
 
 
 
 
 
 
 
 
 
489
  }
72
  $this->feature_items[] = new AIOWPSecurity_Feature_Item("firewall-advanced-character-string-filter", "Advanced Character String Filter", $this->feature_point_3, $this->sec_level_advanced);
73
  $this->feature_items[] = new AIOWPSecurity_Feature_Item("firewall-enable-5g-blacklist", "5G Blacklist", $this->feature_point_4, $this->sec_level_advanced);
74
 
75
+ //SPAM Prevention
76
+ $this->feature_items[] = new AIOWPSecurity_Feature_Item("block-spambots", "Block Spambots", $this->feature_point_2, $this->sec_level_basic);
77
  }
78
 
79
  function get_feature_item_by_id($feature_id)
210
  $this->check_enable_5G_blacklist_firewall_feature($item);
211
  }
212
 
213
+ if($item->feature_id == "block-spambots")
214
+ {
215
+ $this->check_enable_block_spambots_feature($item);
216
+ }
217
  }
218
  }
219
 
492
  }
493
  }
494
 
495
+ function check_enable_block_spambots_feature($item)
496
+ {
497
+ global $aio_wp_security;
498
+ if ($aio_wp_security->configs->get_value('aiowps_enable_spambot_blocking') == '1') {
499
+ $item->set_feature_status($this->feature_active);
500
+ }
501
+ else
502
+ {
503
+ $item->set_feature_status($this->feature_inactive);
504
+ }
505
+ }
506
  }
classes/wp-security-backup.php CHANGED
@@ -52,7 +52,8 @@ class AIOWPSecurity_Backup
52
  for( $j=0; $j < $num_fields; $j++ ) {
53
 
54
  $row[$j] = addslashes( $row[$j] );
55
- $row[$j] = ereg_replace( PHP_EOL, "\n", $row[$j] );
 
56
 
57
  if ( isset( $row[$j] ) ) {
58
  $return .= '"' . $row[$j] . '"' ;
@@ -78,6 +79,9 @@ class AIOWPSecurity_Backup
78
  return false;
79
  }
80
 
 
 
 
81
  if ($is_multi_site)
82
  {
83
  global $current_blog;
@@ -96,7 +100,7 @@ class AIOWPSecurity_Backup
96
  //Convert whitespaces and underscore to dash
97
  $site_name = preg_replace("/[\s_]/", "-", $site_name);
98
 
99
- $file = 'database-backup-site-name-' . $site_name . '-' . current_time( 'timestamp' );
100
 
101
  //We will create a sub dir for the blog using its blog id
102
  $dirpath = AIO_WP_SECURITY_BACKUPS_PATH . '/blogid_' . $blog_id . '/';
@@ -113,7 +117,7 @@ class AIOWPSecurity_Backup
113
  else
114
  {
115
  $dirpath = AIO_WP_SECURITY_BACKUPS_PATH;
116
- $file = 'database-backup-' . current_time( 'timestamp' );
117
  $handle = @fopen( $dirpath . '/' . $file . '.sql', 'w+' );
118
  }
119
 
52
  for( $j=0; $j < $num_fields; $j++ ) {
53
 
54
  $row[$j] = addslashes( $row[$j] );
55
+ //$row[$j] = ereg_replace( PHP_EOL, "\n", $row[$j] ); //deprecated!
56
+ $row[$j] = preg_replace( "/".PHP_EOL."/", "\n", $row[$j] );
57
 
58
  if ( isset( $row[$j] ) ) {
59
  $return .= '"' . $row[$j] . '"' ;
79
  return false;
80
  }
81
 
82
+ //Generate a random prefix for more secure filenames
83
+ $random_prefix = $random_prefix = AIOWPSecurity_Utility::generate_alpha_numeric_random_string(10);
84
+
85
  if ($is_multi_site)
86
  {
87
  global $current_blog;
100
  //Convert whitespaces and underscore to dash
101
  $site_name = preg_replace("/[\s_]/", "-", $site_name);
102
 
103
+ $file = $random_prefix.'-database-backup-site-name-' . $site_name . '-' . current_time( 'timestamp' );
104
 
105
  //We will create a sub dir for the blog using its blog id
106
  $dirpath = AIO_WP_SECURITY_BACKUPS_PATH . '/blogid_' . $blog_id . '/';
117
  else
118
  {
119
  $dirpath = AIO_WP_SECURITY_BACKUPS_PATH;
120
+ $file = $random_prefix.'-database-backup-' . current_time( 'timestamp' );
121
  $handle = @fopen( $dirpath . '/' . $file . '.sql', 'w+' );
122
  }
123
 
classes/wp-security-configure-settings.php CHANGED
@@ -67,6 +67,9 @@ class AIOWPSecurity_Configure_Settings
67
  $aio_wp_security->configs->set_value('aiowps_site_lockout','');//Checkbox
68
  $aio_wp_security->configs->set_value('aiowps_site_lockout_msg','');//Text area/msg box
69
 
 
 
 
70
  //TODO - keep adding default options for any fields that require it
71
 
72
  //Save it
@@ -134,6 +137,8 @@ class AIOWPSecurity_Configure_Settings
134
  $aio_wp_security->configs->add_value('aiowps_site_lockout','');//Checkbox
135
  $aio_wp_security->configs->add_value('aiowps_site_lockout_msg','');//Text area/msg box
136
 
 
 
137
 
138
  //TODO - keep adding default options for any fields that require it
139
 
67
  $aio_wp_security->configs->set_value('aiowps_site_lockout','');//Checkbox
68
  $aio_wp_security->configs->set_value('aiowps_site_lockout_msg','');//Text area/msg box
69
 
70
+ //SPAM Prevention menu
71
+ $aio_wp_security->configs->set_value('aiowps_enable_spambot_blocking','');//Checkbox
72
+
73
  //TODO - keep adding default options for any fields that require it
74
 
75
  //Save it
137
  $aio_wp_security->configs->add_value('aiowps_site_lockout','');//Checkbox
138
  $aio_wp_security->configs->add_value('aiowps_site_lockout_msg','');//Text area/msg box
139
 
140
+ //SPAM Prevention menu
141
+ $aio_wp_security->configs->add_value('aiowps_enable_spambot_blocking','');//Checkbox
142
 
143
  //TODO - keep adding default options for any fields that require it
144
 
classes/wp-security-user-login.php CHANGED
@@ -59,9 +59,12 @@ class AIOWPSecurity_User_Login
59
  {
60
  //This means an unknown username is being used for login
61
  $this->increment_failed_logins($username);
62
- if($login_attempts_permitted <= $this->get_login_fail_count())
63
  {
64
- $this->lock_the_user(__('unknown','aiowpsecurity'));
 
 
 
65
  }
66
  if($aio_wp_security->configs->get_value('aiowps_set_generic_login_msg')=='1')
67
  {
@@ -82,9 +85,12 @@ class AIOWPSecurity_User_Login
82
  {
83
  //This means wrong password was entered
84
  $this->increment_failed_logins($username);
85
- if($login_attempts_permitted <= $this->get_login_fail_count())
86
  {
87
- $this->lock_the_user($username);
 
 
 
88
  }
89
  if($aio_wp_security->configs->get_value('aiowps_set_generic_login_msg')=='1')
90
  {
59
  {
60
  //This means an unknown username is being used for login
61
  $this->increment_failed_logins($username);
62
+ if($aio_wp_security->configs->get_value('aiowps_enable_login_lockdown')=='1')
63
  {
64
+ if($login_attempts_permitted <= $this->get_login_fail_count())
65
+ {
66
+ $this->lock_the_user($username);
67
+ }
68
  }
69
  if($aio_wp_security->configs->get_value('aiowps_set_generic_login_msg')=='1')
70
  {
85
  {
86
  //This means wrong password was entered
87
  $this->increment_failed_logins($username);
88
+ if($aio_wp_security->configs->get_value('aiowps_enable_login_lockdown')=='1')
89
  {
90
+ if($login_attempts_permitted <= $this->get_login_fail_count())
91
+ {
92
+ $this->lock_the_user($username);
93
+ }
94
  }
95
  if($aio_wp_security->configs->get_value('aiowps_set_generic_login_msg')=='1')
96
  {
classes/wp-security-utility-htaccess.php CHANGED
@@ -40,6 +40,9 @@ class AIOWPSecurity_Utility_Htaccess
40
  public static $five_g_blacklist_marker_start = '#AIOWPS_FIVE_G_BLACKLIST_START';
41
  public static $five_g_blacklist_marker_end = '#AIOWPS_FIVE_G_BLACKLIST_END';
42
 
 
 
 
43
  // TODO - enter more markers as new .htaccess features are added
44
 
45
  function __construct(){
@@ -207,6 +210,7 @@ class AIOWPSecurity_Utility_Htaccess
207
  $rules .= AIOWPSecurity_Utility_Htaccess::getrules_advanced_character_string_filter();
208
  $rules .= AIOWPSecurity_Utility_Htaccess::getrules_5g_blacklist();
209
  $rules .= AIOWPSecurity_Utility_Htaccess::getrules_enable_brute_force_prevention();
 
210
  //TODO: The following utility functions are ready to use when we write the menu pages for these features
211
 
212
  //Add more functions for features as needed
@@ -761,6 +765,35 @@ class AIOWPSecurity_Utility_Htaccess
761
 
762
  return $rules;
763
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
764
 
765
  /*
766
  * This function will do a quick check to see if a file's contents are actually .htaccess specific.
@@ -797,4 +830,36 @@ class AIOWPSecurity_Utility_Htaccess
797
  return -1;
798
  }
799
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
800
  }
40
  public static $five_g_blacklist_marker_start = '#AIOWPS_FIVE_G_BLACKLIST_START';
41
  public static $five_g_blacklist_marker_end = '#AIOWPS_FIVE_G_BLACKLIST_END';
42
 
43
+ public static $block_spambots_marker_start = '#AIOWPS_BLOCK_SPAMBOTS_START';
44
+ public static $block_spambots_marker_end = '#AIOWPS_BLOCK_SPAMBOTS_END';
45
+
46
  // TODO - enter more markers as new .htaccess features are added
47
 
48
  function __construct(){
210
  $rules .= AIOWPSecurity_Utility_Htaccess::getrules_advanced_character_string_filter();
211
  $rules .= AIOWPSecurity_Utility_Htaccess::getrules_5g_blacklist();
212
  $rules .= AIOWPSecurity_Utility_Htaccess::getrules_enable_brute_force_prevention();
213
+ $rules .= AIOWPSecurity_Utility_Htaccess::getrules_block_spambots();
214
  //TODO: The following utility functions are ready to use when we write the menu pages for these features
215
 
216
  //Add more functions for features as needed
765
 
766
  return $rules;
767
  }
768
+
769
+ /*
770
+ * This function will write some directives to block all comments which do not originate from the blog's domain
771
+ * OR if the user agent is empty. All blocked requests will be redirected to 127.0.0.1
772
+ */
773
+ static function getrules_block_spambots()
774
+ {
775
+ global $aio_wp_security;
776
+ $rules = '';
777
+ if($aio_wp_security->configs->get_value('aiowps_enable_spambot_blocking')=='1')
778
+ {
779
+ $url_string = AIOWPSecurity_Utility_Htaccess::return_regularized_url(AIOWPSEC_WP_URL);
780
+ if ($url_string == FALSE){
781
+ $url_string = AIOWPSEC_WP_URL;
782
+ }
783
+ $rules .= AIOWPSecurity_Utility_Htaccess::$block_spambots_marker_start . PHP_EOL; //Add feature marker start
784
+ $rules .= '<IfModule mod_rewrite.c>
785
+ RewriteCond %{REQUEST_METHOD} POST
786
+ RewriteCond %{REQUEST_URI} ^(.*)?wp-comments-post\.php(.*)$' . PHP_EOL;
787
+ $rules .= ' RewriteCond %{HTTP_REFERER} !^'.$url_string.' [NC,OR]' . PHP_EOL;
788
+ $rules .= ' RewriteCond %{HTTP_USER_AGENT} ^$
789
+ RewriteRule .* http://127.0.0.1 [L]
790
+ </IfModule>' . PHP_EOL;
791
+ $rules .= AIOWPSecurity_Utility_Htaccess::$block_spambots_marker_end . PHP_EOL; //Add feature marker end
792
+ }
793
+
794
+ return $rules;
795
+ }
796
+
797
 
798
  /*
799
  * This function will do a quick check to see if a file's contents are actually .htaccess specific.
830
  return -1;
831
  }
832
  }
833
+
834
+ /*
835
+ * This function will take a URL string and convert it to a form useful for using in htaccess rules.
836
+ * Example: If URL passed to function = "http://www.mysite.com"
837
+ * Result = "http://(.*)?mysite\.com"
838
+ */
839
+
840
+ static function return_regularized_url($url)
841
+ {
842
+ if(filter_var($url, FILTER_VALIDATE_URL)){
843
+ $xyz = explode('.', $url);
844
+ $y = '';
845
+ if (count($xyz) > 1){
846
+ $j = 1;
847
+ foreach ($xyz as $x){
848
+ if (strpos($x,'www') !== false) {
849
+ $y .= str_replace('www', '(.*)?', $x);
850
+ } else if($j==1){
851
+ $y .= $x;
852
+ } else if($j>1){
853
+ $y .= '\.'.$x;
854
+ }
855
+ $j++;
856
+ }
857
+ return $y;
858
+ }else {
859
+ return $url;
860
+ }
861
+ } else{
862
+ return FALSE;
863
+ }
864
+ }
865
  }
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: http://www.tipsandtricks-hq.com
4
  Tags: security, secure, Anti Virus, antivirus, virus, firewall, login, lockdown, htaccess, hacking, ban hacker, malware, vulnerability, protect, phishing, database, backup, plugin, sql injection, ssl, restrict
5
  Requires at least: 3.5
6
  Tested up to: 3.6
7
- Stable tag: 2.1.1
8
  License: GPLv3
9
 
10
  A comprehensive, user-friendly, all in one WordPress security and firewall plugin for your site.
@@ -63,7 +63,6 @@ via email whenever somebody gets locked out due to too many login attempts.
63
  = Blacklist Functionality =
64
  * Ban users by specifying IP addresses or use a wild card to specify IP ranges.
65
  * Ban users by specifying user agents.
66
- * Monitor the most active IP addresses which persistently produce the most SPAM comments and instantly block them with the click of a button.
67
 
68
  = Firewall Functionality =
69
 
@@ -86,6 +85,10 @@ or malicious bots who do not have a special cookie in their browser. You (the si
86
  = WhoIs Lookup =
87
  * Perform a WhoIs lookup of a suspicious host or IP address and get full details.
88
 
 
 
 
 
89
  = Regular updates and additions of new security features =
90
  * WordPress Security is something that evolves over time. We will be updating the All In One WP Security plugin with new security features (and fixes if required) on a regular basis so you can rest assured that your site will be on the cutting edge of security protection techniques.
91
 
@@ -122,13 +125,22 @@ Check the following page for screenshots:
122
  http://www.tipsandtricks-hq.com/wordpress-security-and-firewall-plugin
123
 
124
  == Frequently Asked Questions ==
125
- None
 
126
 
127
  == Upgrade Notice ==
128
  None
129
 
130
  == Changelog ==
131
 
 
 
 
 
 
 
 
 
132
  = 2.1.1 =
133
  - Fixed a version tagging issue.
134
 
4
  Tags: security, secure, Anti Virus, antivirus, virus, firewall, login, lockdown, htaccess, hacking, ban hacker, malware, vulnerability, protect, phishing, database, backup, plugin, sql injection, ssl, restrict
5
  Requires at least: 3.5
6
  Tested up to: 3.6
7
+ Stable tag: 2.2
8
  License: GPLv3
9
 
10
  A comprehensive, user-friendly, all in one WordPress security and firewall plugin for your site.
63
  = Blacklist Functionality =
64
  * Ban users by specifying IP addresses or use a wild card to specify IP ranges.
65
  * Ban users by specifying user agents.
 
66
 
67
  = Firewall Functionality =
68
 
85
  = WhoIs Lookup =
86
  * Perform a WhoIs lookup of a suspicious host or IP address and get full details.
87
 
88
+ = Comment SPAM Security =
89
+ * Monitor the most active IP addresses which persistently produce the most SPAM comments and instantly block them with the click of a button.
90
+ * Prevent comments from being submitted if it doesn't originate from your domain (this should reduce some SPAM bot comment posting on your site).
91
+
92
  = Regular updates and additions of new security features =
93
  * WordPress Security is something that evolves over time. We will be updating the All In One WP Security plugin with new security features (and fixes if required) on a regular basis so you can rest assured that your site will be on the cutting edge of security protection techniques.
94
 
125
  http://www.tipsandtricks-hq.com/wordpress-security-and-firewall-plugin
126
 
127
  == Frequently Asked Questions ==
128
+ Check the following page for F.A.Q:
129
+ http://www.tipsandtricks-hq.com/wordpress-security-and-firewall-plugin
130
 
131
  == Upgrade Notice ==
132
  None
133
 
134
  == Changelog ==
135
 
136
+ = 2.2 =
137
+ - Added a new feature which will block some spambots from submitting comments.
138
+ - Moved Comment SPAM IP monitoring interface to the new "SPAM Prevention" menu.
139
+ - Fixed a bug with login lockdown feature for both multi and single site.
140
+ - Improved firewall feature for multi-site by making the "Firewall" menu available only for the main site and not the sub-sites.
141
+ - Added random prefix to backup file names.
142
+ - Fixed a bug for WP multi-site install where DB tables do not get created when new blog are created in the network.
143
+
144
  = 2.1.1 =
145
  - Fixed a version tagging issue.
146
 
wp-security-core.php CHANGED
@@ -3,7 +3,7 @@
3
  if (!class_exists('AIO_WP_Security')){
4
 
5
  class AIO_WP_Security{
6
- var $version = '2.1.1';
7
  var $db_version = '1.2';
8
  var $plugin_url;
9
  var $plugin_path;
@@ -64,6 +64,7 @@ class AIO_WP_Security{
64
  define('AIOWPSEC_BLACKLIST_MENU_SLUG', 'aiowpsec_blacklist');
65
  define('AIOWPSEC_FIREWALL_MENU_SLUG', 'aiowpsec_firewall');
66
  define('AIOWPSEC_MAINTENANCE_MENU_SLUG', 'aiowpsec_maintenance');
 
67
 
68
  global $wpdb;
69
  define('AIOWPSEC_TBL_LOGIN_LOCKDOWN', $wpdb->prefix . 'aiowps_login_lockdown');
3
  if (!class_exists('AIO_WP_Security')){
4
 
5
  class AIO_WP_Security{
6
+ var $version = '2.2';
7
  var $db_version = '1.2';
8
  var $plugin_url;
9
  var $plugin_path;
64
  define('AIOWPSEC_BLACKLIST_MENU_SLUG', 'aiowpsec_blacklist');
65
  define('AIOWPSEC_FIREWALL_MENU_SLUG', 'aiowpsec_firewall');
66
  define('AIOWPSEC_MAINTENANCE_MENU_SLUG', 'aiowpsec_maintenance');
67
+ define('AIOWPSEC_SPAM_MENU_SLUG', 'aiowpsec_spam');
68
 
69
  global $wpdb;
70
  define('AIOWPSEC_TBL_LOGIN_LOCKDOWN', $wpdb->prefix . 'aiowps_login_lockdown');
wp-security.php CHANGED
@@ -1,7 +1,7 @@
1
  <?php
2
  /*
3
  Plugin Name: All In One WP Security
4
- Version: v2.1.1
5
  Plugin URI: http://www.tipsandtricks-hq.com/
6
  Author: Tips and Tricks HQ, Peter, Ruhul Amin
7
  Author URI: http://www.tipsandtricks-hq.com/
@@ -24,3 +24,18 @@ function aiowps_show_plugin_settings_link($links, $file)
24
  return $links;
25
  }
26
  add_filter('plugin_action_links', 'aiowps_show_plugin_settings_link', 10, 2 );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
  <?php
2
  /*
3
  Plugin Name: All In One WP Security
4
+ Version: v2.2
5
  Plugin URI: http://www.tipsandtricks-hq.com/
6
  Author: Tips and Tricks HQ, Peter, Ruhul Amin
7
  Author URI: http://www.tipsandtricks-hq.com/
24
  return $links;
25
  }
26
  add_filter('plugin_action_links', 'aiowps_show_plugin_settings_link', 10, 2 );
27
+
28
+ function aiowps_ms_handle_new_blog_creation($blog_id, $user_id, $domain, $path, $site_id, $meta ){
29
+ global $wpdb;
30
+ if (is_plugin_active_for_network(__FILE__))
31
+ {
32
+ if(!class_exists('AIOWPSecurity_Installer')){
33
+ include_once('classes/wp-security-installer.php');
34
+ }
35
+ $old_blog = $wpdb->blogid;
36
+ switch_to_blog($blog_id);
37
+ AIOWPSecurity_Installer::create_db_tables();
38
+ switch_to_blog($old_blog);
39
+ }
40
+ }
41
+ add_action('wpmu_new_blog', 'aiowps_ms_handle_new_blog_creation', 10, 6);