Version Description
02/September/2022 =
FIX: An empty IP lock notification mail could be sent out after upgrading to the 5.0.0 version.
FIX: The PHP file couldn't be loaded via commandline if the rename login page is enabled.
FIX: When running WordPress from the command line, the warning Undefined index: REQUEST_METHOD was logged.
TWEAK: Import latest TFA module, loading JS less aggressively to avoid potential for conflicts
Download this release
Release Info
| Developer | DavidAnderson |
| Plugin |  All In One WP Security & Firewall |
| Version | 5.0.3 |
| Comparing to | |
| See all releases | |
Code changes from version 5.0.2 to 5.0.3
classes/firewall/rule/rules/rule-request-method-6g.php
CHANGED
|
@@ -47,7 +47,7 @@ class Rule_Request_Method_6g extends Rule {
|
|
| 47 |
* @return boolean
|
| 48 |
*/
|
| 49 |
public function is_satisfied() {
|
| 50 |
-
return in_array(strtoupper($_SERVER['REQUEST_METHOD']), $this->blocked_methods);
|
| 51 |
}
|
| 52 |
|
| 53 |
}
|
| 47 |
* @return boolean
|
| 48 |
*/
|
| 49 |
public function is_satisfied() {
|
| 50 |
+
return isset($_SERVER['REQUEST_METHOD']) && in_array(strtoupper($_SERVER['REQUEST_METHOD']), $this->blocked_methods);
|
| 51 |
}
|
| 52 |
|
| 53 |
}
|
classes/wp-security-installer.php
CHANGED
|
@@ -82,7 +82,7 @@ class AIOWPSecurity_Installer {
|
|
| 82 |
failed_login_ip varchar(100) NOT NULL DEFAULT '',
|
| 83 |
lock_reason varchar(128) NOT NULL DEFAULT '',
|
| 84 |
unlock_key varchar(128) NOT NULL DEFAULT '',
|
| 85 |
-
is_lockout_email_sent tinyint(1) NOT NULL DEFAULT '
|
| 86 |
backtrace_log text NOT NULL DEFAULT '',
|
| 87 |
PRIMARY KEY (id)
|
| 88 |
)" . $charset_collate . ";";
|
| 82 |
failed_login_ip varchar(100) NOT NULL DEFAULT '',
|
| 83 |
lock_reason varchar(128) NOT NULL DEFAULT '',
|
| 84 |
unlock_key varchar(128) NOT NULL DEFAULT '',
|
| 85 |
+
is_lockout_email_sent tinyint(1) NOT NULL DEFAULT '1',
|
| 86 |
backtrace_log text NOT NULL DEFAULT '',
|
| 87 |
PRIMARY KEY (id)
|
| 88 |
)" . $charset_collate . ";";
|
classes/wp-security-process-renamed-login-page.php
CHANGED
|
@@ -190,8 +190,8 @@ class AIOWPSecurity_Process_Renamed_Login_Page {
|
|
| 190 |
|
| 191 |
$parsed_url_path = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
|
| 192 |
|
| 193 |
-
// for `wp plugin list` it will be empty so showing Not available
|
| 194 |
-
if (empty($parsed_url_path) && !defined('WP_CLI')) {
|
| 195 |
do_action('aiowps_before_wp_die_renamed_login');
|
| 196 |
wp_die(__('Not available.', 'all-in-one-wp-security-and-firewall'), 403);
|
| 197 |
}
|
| 190 |
|
| 191 |
$parsed_url_path = parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);
|
| 192 |
|
| 193 |
+
// for `wp plugin list` it will be empty so showing Not available instead plugin list.
|
| 194 |
+
if (empty($parsed_url_path) && !defined('WP_CLI') && "cli" != PHP_SAPI) {
|
| 195 |
do_action('aiowps_before_wp_die_renamed_login');
|
| 196 |
wp_die(__('Not available.', 'all-in-one-wp-security-and-firewall'), 403);
|
| 197 |
}
|
includes/simba-tfa/simba-tfa.php
CHANGED
|
@@ -1147,7 +1147,6 @@ class Simba_Two_Factor_Authentication {
|
|
| 1147 |
* Called not only upon the WP action login_enqueue_scripts, but potentially upon the action 'init' and various others from other plugins too. It can handle being called multiple times.
|
| 1148 |
*/
|
| 1149 |
public function login_enqueue_scripts() {
|
| 1150 |
-
|
| 1151 |
if (!$this->should_enqueue_login_scripts()) {
|
| 1152 |
return;
|
| 1153 |
}
|
|
@@ -1201,21 +1200,22 @@ class Simba_Two_Factor_Authentication {
|
|
| 1201 |
if (defined('TWO_FACTOR_DISABLE') && TWO_FACTOR_DISABLE) {
|
| 1202 |
return apply_filters('simbatfa_enqueue_login_scripts', false);
|
| 1203 |
}
|
| 1204 |
-
|
| 1205 |
global $wpdb;
|
| 1206 |
$sql = $wpdb->prepare('SELECT COUNT(user_id) FROM ' . $wpdb->usermeta . ' WHERE meta_key = %s AND meta_value = %d LIMIT 1', 'tfa_enable_tfa', 1);
|
| 1207 |
$count_user_id = $wpdb->get_var($sql);
|
| 1208 |
-
|
| 1209 |
if (is_null($count_user_id)) { // Error in query.
|
| 1210 |
return apply_filters('simbatfa_enqueue_login_scripts', true);
|
| 1211 |
} elseif ($count_user_id > 0) { // A user exists with TFA enabled.
|
| 1212 |
return apply_filters('simbatfa_enqueue_login_scripts', true);
|
| 1213 |
}
|
| 1214 |
-
|
| 1215 |
// No user exists with TFA enabled.
|
| 1216 |
return apply_filters('simbatfa_enqueue_login_scripts', false);
|
| 1217 |
}
|
| 1218 |
-
|
|
|
|
| 1219 |
/**
|
| 1220 |
* Return or output view content
|
| 1221 |
*
|
| 1147 |
* Called not only upon the WP action login_enqueue_scripts, but potentially upon the action 'init' and various others from other plugins too. It can handle being called multiple times.
|
| 1148 |
*/
|
| 1149 |
public function login_enqueue_scripts() {
|
|
|
|
| 1150 |
if (!$this->should_enqueue_login_scripts()) {
|
| 1151 |
return;
|
| 1152 |
}
|
| 1200 |
if (defined('TWO_FACTOR_DISABLE') && TWO_FACTOR_DISABLE) {
|
| 1201 |
return apply_filters('simbatfa_enqueue_login_scripts', false);
|
| 1202 |
}
|
| 1203 |
+
|
| 1204 |
global $wpdb;
|
| 1205 |
$sql = $wpdb->prepare('SELECT COUNT(user_id) FROM ' . $wpdb->usermeta . ' WHERE meta_key = %s AND meta_value = %d LIMIT 1', 'tfa_enable_tfa', 1);
|
| 1206 |
$count_user_id = $wpdb->get_var($sql);
|
| 1207 |
+
|
| 1208 |
if (is_null($count_user_id)) { // Error in query.
|
| 1209 |
return apply_filters('simbatfa_enqueue_login_scripts', true);
|
| 1210 |
} elseif ($count_user_id > 0) { // A user exists with TFA enabled.
|
| 1211 |
return apply_filters('simbatfa_enqueue_login_scripts', true);
|
| 1212 |
}
|
| 1213 |
+
|
| 1214 |
// No user exists with TFA enabled.
|
| 1215 |
return apply_filters('simbatfa_enqueue_login_scripts', false);
|
| 1216 |
}
|
| 1217 |
+
|
| 1218 |
+
|
| 1219 |
/**
|
| 1220 |
* Return or output view content
|
| 1221 |
*
|
readme.txt
CHANGED
|
@@ -5,7 +5,7 @@ Tags: security, secure, Anti Virus, antivirus, ban, ban hacker, virus, firewall,
|
|
| 5 |
Requires PHP: 5.6
|
| 6 |
Requires at least: 5.0
|
| 7 |
Tested up to: 6.0
|
| 8 |
-
Stable tag: 5.0.
|
| 9 |
License: GPLv3 or later
|
| 10 |
|
| 11 |
A comprehensive, user-friendly, all in one WordPress security and firewall plugin for your site.
|
|
@@ -177,11 +177,15 @@ https://www.tipsandtricks-hq.com/wordpress-security-and-firewall-plugin
|
|
| 177 |
Check the following page for F.A.Q (see the faq section):
|
| 178 |
https://www.tipsandtricks-hq.com/wordpress-security-and-firewall-plugin
|
| 179 |
|
| 180 |
-
== Upgrade Notice ==
|
| 181 |
-
None
|
| 182 |
-
|
| 183 |
== Changelog ==
|
| 184 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 185 |
= 5.0.2 - 02/September/2022 =
|
| 186 |
|
| 187 |
* FIX: The user can't login if the user set forced logout and the site's timezone is different than UTC.
|
| 5 |
Requires PHP: 5.6
|
| 6 |
Requires at least: 5.0
|
| 7 |
Tested up to: 6.0
|
| 8 |
+
Stable tag: 5.0.3
|
| 9 |
License: GPLv3 or later
|
| 10 |
|
| 11 |
A comprehensive, user-friendly, all in one WordPress security and firewall plugin for your site.
|
| 177 |
Check the following page for F.A.Q (see the faq section):
|
| 178 |
https://www.tipsandtricks-hq.com/wordpress-security-and-firewall-plugin
|
| 179 |
|
|
|
|
|
|
|
|
|
|
| 180 |
== Changelog ==
|
| 181 |
|
| 182 |
+
= 5.0.3 - 02/September/2022 =
|
| 183 |
+
|
| 184 |
+
* FIX: An empty IP lock notification mail could be sent out after upgrading to the 5.0.0 version.
|
| 185 |
+
* FIX: The PHP file couldn't be loaded via commandline if the rename login page is enabled.
|
| 186 |
+
* FIX: When running WordPress from the command line, the warning Undefined index: REQUEST_METHOD was logged.
|
| 187 |
+
* TWEAK: Import latest TFA module, loading JS less aggressively to avoid potential for conflicts
|
| 188 |
+
|
| 189 |
= 5.0.2 - 02/September/2022 =
|
| 190 |
|
| 191 |
* FIX: The user can't login if the user set forced logout and the site's timezone is different than UTC.
|
vendor/composer/installed.php
CHANGED
|
@@ -5,7 +5,7 @@
|
|
| 5 |
'type' => 'project',
|
| 6 |
'install_path' => __DIR__ . '/../../',
|
| 7 |
'aliases' => array(),
|
| 8 |
-
'reference' => '
|
| 9 |
'name' => 'updraftplus/all-in-one-wp-security-and-firewall',
|
| 10 |
'dev' => false,
|
| 11 |
),
|
|
@@ -34,7 +34,7 @@
|
|
| 34 |
'type' => 'project',
|
| 35 |
'install_path' => __DIR__ . '/../../',
|
| 36 |
'aliases' => array(),
|
| 37 |
-
'reference' => '
|
| 38 |
'dev_requirement' => false,
|
| 39 |
),
|
| 40 |
),
|
| 5 |
'type' => 'project',
|
| 6 |
'install_path' => __DIR__ . '/../../',
|
| 7 |
'aliases' => array(),
|
| 8 |
+
'reference' => 'd2fe998a6cb094404bf5d34b1b8f3ce36637f290',
|
| 9 |
'name' => 'updraftplus/all-in-one-wp-security-and-firewall',
|
| 10 |
'dev' => false,
|
| 11 |
),
|
| 34 |
'type' => 'project',
|
| 35 |
'install_path' => __DIR__ . '/../../',
|
| 36 |
'aliases' => array(),
|
| 37 |
+
'reference' => 'd2fe998a6cb094404bf5d34b1b8f3ce36637f290',
|
| 38 |
'dev_requirement' => false,
|
| 39 |
),
|
| 40 |
),
|
wp-security-core.php
CHANGED
|
@@ -8,7 +8,7 @@ if (!class_exists('AIO_WP_Security')) {
|
|
| 8 |
|
| 9 |
class AIO_WP_Security {
|
| 10 |
|
| 11 |
-
public $version = '5.0.
|
| 12 |
|
| 13 |
public $db_version = '1.9.2';
|
| 14 |
|
| 8 |
|
| 9 |
class AIO_WP_Security {
|
| 10 |
|
| 11 |
+
public $version = '5.0.3';
|
| 12 |
|
| 13 |
public $db_version = '1.9.2';
|
| 14 |
|
wp-security.php
CHANGED
|
@@ -2,7 +2,7 @@
|
|
| 2 |
// @codingStandardsIgnoreStart
|
| 3 |
/*
|
| 4 |
Plugin Name: All In One WP Security
|
| 5 |
-
Version: 5.0.
|
| 6 |
Plugin URI: https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/
|
| 7 |
Update URI: https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/
|
| 8 |
Author: All In One WP Security & Firewall Team
|
| 2 |
// @codingStandardsIgnoreStart
|
| 3 |
/*
|
| 4 |
Plugin Name: All In One WP Security
|
| 5 |
+
Version: 5.0.3
|
| 6 |
Plugin URI: https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/
|
| 7 |
Update URI: https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/
|
| 8 |
Author: All In One WP Security & Firewall Team
|
