All In One WP Security & Firewall - Version 5.0.4

Version Description

  • 03/September/2022 =

  • FIX: PHP coding warning in latest PHP version when handling email address parameter.

  • TWEAK: Added a constant, AIOS_DISABLE_COOKIE_BRUTE_FORCE_PREVENTION. Define this in your wp-config.php to disable cookie based brute force login prevention.

Download this release

Release Info

Developer DavidAnderson
Plugin Icon 128x128 All In One WP Security & Firewall
Version 5.0.4
Comparing to
See all releases

Code changes from version 5.0.3 to 5.0.4

Files changed (14) hide show
  1. admin/wp-security-brute-force-menu.php +6 -1
  2. admin/wp-security-filescan-menu.php +3 -3
  3. admin/wp-security-user-login-menu.php +1 -4
  4. classes/wp-security-configure-settings.php +3 -4
  5. classes/wp-security-file-scan.php +3 -3
  6. classes/wp-security-general-init-tasks.php +1 -1
  7. classes/wp-security-user-login.php +4 -1
  8. classes/wp-security-utility.php +36 -0
  9. languages/all-in-one-wp-security-and-firewall.pot +165 -157
  10. readme.txt +7 -2
  11. templates/notices/cookie-based-brute-force-prevention-disabled.php +8 -0
  12. vendor/composer/installed.php +2 -2
  13. wp-security-core.php +14 -1
  14. wp-security.php +1 -1
admin/wp-security-brute-force-menu.php CHANGED
@@ -311,7 +311,12 @@ class AIOWPSecurity_Brute_Force_Menu extends AIOWPSecurity_Admin_Menu
311
  echo '<p>' . $info_msg . '</p>';
312
  ?>
313
  </div>
314
- <div class="postbox">
 
 
 
 
 
315
  <h3 class="hndle"><label for="title"><?php _e('Cookie Based Brute Force Login Prevention', 'all-in-one-wp-security-and-firewall'); ?></label></h3>
316
  <div class="inside">
317
  <?php
311
  echo '<p>' . $info_msg . '</p>';
312
  ?>
313
  </div>
314
+ <?php
315
+ if (defined('AIOS_DISABLE_COOKIE_BRUTE_FORCE_PREVENTION') && AIOS_DISABLE_COOKIE_BRUTE_FORCE_PREVENTION) {
316
+ $aio_wp_security->include_template('notices/cookie-based-brute-force-prevention-disabled.php');
317
+ }
318
+ ?>
319
+ <div class="postbox">
320
  <h3 class="hndle"><label for="title"><?php _e('Cookie Based Brute Force Login Prevention', 'all-in-one-wp-security-and-firewall'); ?></label></h3>
321
  <div class="inside">
322
  <?php
admin/wp-security-filescan-menu.php CHANGED
@@ -158,7 +158,7 @@ class AIOWPSecurity_Filescan_Menu extends AIOWPSecurity_Admin_Menu
158
  }
159
 
160
  // Explode by end-of-line character, then trim and filter empty lines
161
- $email_list_array = array_filter(array_map('trim', explode(PHP_EOL, $_POST['aiowps_fcd_scan_email_address'])), 'strlen');
162
  $errors = array();
163
  foreach($email_list_array as $key=>$value){
164
  $email_sane = sanitize_email($value);
@@ -346,7 +346,7 @@ class AIOWPSecurity_Filescan_Menu extends AIOWPSecurity_Admin_Menu
346
  <input id="aiowps_send_fcd_scan_email" name="aiowps_send_fcd_scan_email" type="checkbox"<?php if($aio_wp_security->configs->get_value('aiowps_send_fcd_scan_email')=='1') echo ' checked="checked"'; ?> value="1"/>
347
  <label for="aiowps_send_fcd_scan_email" class="description"><?php _e('Check this if you want the system to email you if a file change was detected', 'all-in-one-wp-security-and-firewall'); ?></label>
348
  <br />
349
- <textarea name="aiowps_fcd_scan_email_address" id="aiowps_fcd_scan_email_address" rows="5" cols="50"><?php echo htmlspecialchars($aio_wp_security->configs->get_value('aiowps_fcd_scan_email_address')); ?></textarea>
350
  <br />
351
  <span class="description"><?php _e('Enter one or more email addresses on a new line.', 'all-in-one-wp-security-and-firewall'); ?></span>
352
  </td>
@@ -484,4 +484,4 @@ class AIOWPSecurity_Filescan_Menu extends AIOWPSecurity_Admin_Menu
484
  </div></div>
485
  <?php
486
  }
487
- } //end class
158
  }
159
 
160
  // Explode by end-of-line character, then trim and filter empty lines
161
+ $email_list_array = array_filter(array_map('trim', explode('\n', $_POST['aiowps_fcd_scan_email_address'])), 'strlen');
162
  $errors = array();
163
  foreach($email_list_array as $key=>$value){
164
  $email_sane = sanitize_email($value);
346
  <input id="aiowps_send_fcd_scan_email" name="aiowps_send_fcd_scan_email" type="checkbox"<?php if($aio_wp_security->configs->get_value('aiowps_send_fcd_scan_email')=='1') echo ' checked="checked"'; ?> value="1"/>
347
  <label for="aiowps_send_fcd_scan_email" class="description"><?php _e('Check this if you want the system to email you if a file change was detected', 'all-in-one-wp-security-and-firewall'); ?></label>
348
  <br />
349
+ <textarea name="aiowps_fcd_scan_email_address" id="aiowps_fcd_scan_email_address" rows="5" cols="50"><?php echo esc_textarea(wp_unslash(AIOWPSecurity_Utility::get_textarea_str_val($aio_wp_security->configs->get_value('aiowps_fcd_scan_email_address')))); ?></textarea>
350
  <br />
351
  <span class="description"><?php _e('Enter one or more email addresses on a new line.', 'all-in-one-wp-security-and-firewall'); ?></span>
352
  </td>
484
  </div></div>
485
  <?php
486
  }
487
+ } //end class
admin/wp-security-user-login-menu.php CHANGED
@@ -353,10 +353,7 @@ class AIOWPSecurity_User_Login_Menu extends AIOWPSecurity_Admin_Menu {
353
  <input id="aiowps_enable_email_notify" name="aiowps_enable_email_notify" type="checkbox"<?php if($aio_wp_security->configs->get_value('aiowps_enable_email_notify')=='1') echo ' checked="checked"'; ?> value="1"/>
354
  <label for="aiowps_enable_email_notify" class="description"><?php _e('Check this if you want to receive an email when someone has been locked out due to maximum failed login attempts', 'all-in-one-wp-security-and-firewall'); ?></span></label>
355
  <br />
356
- <?php
357
- $aiowps_email_address_list = (array)$aio_wp_security->configs->get_value('aiowps_email_address');
358
- ?>
359
- <textarea id="aiowps_email_address" name="aiowps_email_address" cols="50" rows="5"><?php echo esc_textarea(implode("\n", $aiowps_email_address_list)); ?></textarea><br>
360
  <span class="description"><?php _e('Fill in one email address per line.', 'all-in-one-wp-security-and-firewall'); ?></span>
361
  <span class="aiowps_more_info_anchor"><span class="aiowps_more_info_toggle_char">+</span><span class="aiowps_more_info_toggle_text"><?php _e('More Info', 'all-in-one-wp-security-and-firewall'); ?></span></span>
362
  <div class="aiowps_more_info_body">
353
  <input id="aiowps_enable_email_notify" name="aiowps_enable_email_notify" type="checkbox"<?php if($aio_wp_security->configs->get_value('aiowps_enable_email_notify')=='1') echo ' checked="checked"'; ?> value="1"/>
354
  <label for="aiowps_enable_email_notify" class="description"><?php _e('Check this if you want to receive an email when someone has been locked out due to maximum failed login attempts', 'all-in-one-wp-security-and-firewall'); ?></span></label>
355
  <br />
356
+ <textarea id="aiowps_email_address" name="aiowps_email_address" cols="50" rows="5"><?php echo esc_textarea(AIOWPSecurity_Utility::get_textarea_str_val($aio_wp_security->configs->get_value('aiowps_email_address'))); ?></textarea><br>
 
 
 
357
  <span class="description"><?php _e('Fill in one email address per line.', 'all-in-one-wp-security-and-firewall'); ?></span>
358
  <span class="aiowps_more_info_anchor"><span class="aiowps_more_info_toggle_char">+</span><span class="aiowps_more_info_toggle_text"><?php _e('More Info', 'all-in-one-wp-security-and-firewall'); ?></span></span>
359
  <div class="aiowps_more_info_body">
classes/wp-security-configure-settings.php CHANGED
@@ -12,8 +12,8 @@ class AIOWPSecurity_Configure_Settings {
12
  */
13
  public static function set_default_settings() {
14
  global $aio_wp_security;
15
- $blog_email_address = array();
16
- $blog_email_address[] = get_bloginfo('admin_email'); //Get the blog admin email address - we will use as the default value
17
 
18
  //Debug
19
  $aio_wp_security->configs->set_value('aiowps_enable_debug', '');//Checkbox
@@ -176,8 +176,7 @@ class AIOWPSecurity_Configure_Settings {
176
 
177
  public static function add_option_values() {
178
  global $aio_wp_security;
179
- $blog_email_address = array();
180
- $blog_email_address[] = get_bloginfo('admin_email'); //Get the blog admin email address - we will use as the default value
181
 
182
  //Debug
183
  $aio_wp_security->configs->add_value('aiowps_enable_debug', '');//Checkbox
12
  */
13
  public static function set_default_settings() {
14
  global $aio_wp_security;
15
+
16
+ $blog_email_address = get_bloginfo('admin_email'); //Get the blog admin email address - we will use as the default value
17
 
18
  //Debug
19
  $aio_wp_security->configs->set_value('aiowps_enable_debug', '');//Checkbox
176
 
177
  public static function add_option_values() {
178
  global $aio_wp_security;
179
+ $blog_email_address = get_bloginfo('admin_email'); //Get the blog admin email address - we will use as the default value
 
180
 
181
  //Debug
182
  $aio_wp_security->configs->add_value('aiowps_enable_debug', '');//Checkbox
classes/wp-security-file-scan.php CHANGED
@@ -77,7 +77,7 @@ class AIOWPSecurity_Scan {
77
  */
78
  public function aiowps_send_file_change_alert_email($scan_result) {
79
  global $aio_wp_security;
80
- if ($aio_wp_security->configs->get_value('aiowps_send_fcd_scan_email') == '1') {
81
  $site_title = get_bloginfo('name');
82
  $from_name = empty($site_title) ? 'WordPress' : $site_title;
83
 
@@ -91,9 +91,9 @@ class AIOWPSecurity_Scan {
91
  $message .= "\r\n".__('Login to your site to view the scan details.', 'all-in-one-wp-security-and-firewall');
92
 
93
  // Get the email address(es).
94
- $addresses = $aio_wp_security->configs->get_value('aiowps_fcd_scan_email_address');
95
  // If no explicit email address(es) are given, send email to site admin.
96
- $to = empty($addresses) ? array(get_site_option('admin_email')) : explode(PHP_EOL, $addresses);
97
  if (!wp_mail($to, $subject, $message, $headers)) {
98
  $aio_wp_security->debug_logger->log_debug(__METHOD__ . " - File change notification email failed to send.", 4);
99
  }
77
  */
78
  public function aiowps_send_file_change_alert_email($scan_result) {
79
  global $aio_wp_security;
80
+ if ('1' == $aio_wp_security->configs->get_value('aiowps_send_fcd_scan_email')) {
81
  $site_title = get_bloginfo('name');
82
  $from_name = empty($site_title) ? 'WordPress' : $site_title;
83
 
91
  $message .= "\r\n".__('Login to your site to view the scan details.', 'all-in-one-wp-security-and-firewall');
92
 
93
  // Get the email address(es).
94
+ $addresses = AIOWPSecurity_Utility::get_array_from_textarea_val($aio_wp_security->configs->get_value('aiowps_fcd_scan_email_address'));
95
  // If no explicit email address(es) are given, send email to site admin.
96
+ $to = empty($addresses) ? array(get_site_option('admin_email')) : $addresses;
97
  if (!wp_mail($to, $subject, $message, $headers)) {
98
  $aio_wp_security->debug_logger->log_debug(__METHOD__ . " - File change notification email failed to send.", 4);
99
  }
classes/wp-security-general-init-tasks.php CHANGED
@@ -54,7 +54,7 @@ class AIOWPSecurity_General_Init_Tasks {
54
  }
55
 
56
  // For the cookie based brute force prevention feature
57
- if ($aio_wp_security->configs->get_value('aiowps_enable_brute_force_attack_prevention') == 1) {
58
  $bfcf_secret_word = $aio_wp_security->configs->get_value('aiowps_brute_force_secret_word');
59
  $login_page_slug = $aio_wp_security->configs->get_value('aiowps_login_page_slug');
60
  if (isset($_GET[$bfcf_secret_word])) {
54
  }
55
 
56
  // For the cookie based brute force prevention feature
57
+ if ($aio_wp_security->should_cookie_based_brute_force_prvent()) {
58
  $bfcf_secret_word = $aio_wp_security->configs->get_value('aiowps_brute_force_secret_word');
59
  $login_page_slug = $aio_wp_security->configs->get_value('aiowps_login_page_slug');
60
  if (isset($_GET[$bfcf_secret_word])) {
classes/wp-security-user-login.php CHANGED
@@ -385,7 +385,10 @@ class AIOWPSecurity_User_Login {
385
  if (0 != count($lockout_ips_list)) {
386
  $email_notification_enabled = $aio_wp_security->configs->get_value('aiowps_enable_email_notify');
387
  if (1 == $email_notification_enabled) {
388
- $to_email_address = $aio_wp_security->configs->get_value('aiowps_email_address');
 
 
 
389
  $subject = '['.get_option('home').'] '. __('Site Lockout Notification', 'all-in-one-wp-security-and-firewall');
390
  $email_msg = __('Lockdown events had occurred due to too many failed login attempts or invalid username:', 'all-in-one-wp-security-and-firewall')."\n\n";
391
 
385
  if (0 != count($lockout_ips_list)) {
386
  $email_notification_enabled = $aio_wp_security->configs->get_value('aiowps_enable_email_notify');
387
  if (1 == $email_notification_enabled) {
388
+ $to_email_address = AIOWPSecurity_Utility::get_array_from_textarea_val($aio_wp_security->configs->get_value('aiowps_email_address'));
389
+ if (empty($to_email_address)) {
390
+ $to_email_address = array(get_site_option('admin_email'));
391
+ }
392
  $subject = '['.get_option('home').'] '. __('Site Lockout Notification', 'all-in-one-wp-security-and-firewall');
393
  $email_msg = __('Lockdown events had occurred due to too many failed login attempts or invalid username:', 'all-in-one-wp-security-and-firewall')."\n\n";
394
 
classes/wp-security-utility.php CHANGED
@@ -646,6 +646,42 @@ class AIOWPSecurity_Utility {
646
  }
647
  return reset($keys); //Return the first element from the valid values
648
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
649
 
650
  /**
651
  * Partially or fully masks a string using '*' to replace original characters
646
  }
647
  return reset($keys); //Return the first element from the valid values
648
  }
649
+
650
+ /**
651
+ * Get textarea string from array or string.
652
+ *
653
+ * @param String|Array $vals value to render as textarea val
654
+ * @return String value to render in textarea.
655
+ */
656
+ public static function get_textarea_str_val($vals) {
657
+ if (empty($vals)) {
658
+ return '';
659
+ }
660
+
661
+ if (is_array($vals)) {
662
+ return implode("\n", array_filter(array_map('trim', $vals)));
663
+ }
664
+
665
+ return $vals;
666
+ }
667
+
668
+ /**
669
+ * Get array from textarea val.
670
+ *
671
+ * @param String|Array $vals value from textarea val
672
+ * @return Array value to from textarea value.
673
+ */
674
+ public static function get_array_from_textarea_val($vals) {
675
+ if (empty($vals)) {
676
+ return array();
677
+ }
678
+
679
+ if (is_array($vals)) {
680
+ return $vals;
681
+ }
682
+
683
+ return array_filter(array_map('trim', explode("\n", $vals)));
684
+ }
685
 
686
  /**
687
  * Partially or fully masks a string using '*' to replace original characters
languages/all-in-one-wp-security-and-firewall.pot CHANGED
@@ -120,7 +120,7 @@ msgstr ""
120
  msgid "Nonce check failed for save blacklist settings!"
121
  msgstr ""
122
 
123
- #: src/admin/wp-security-blacklist-menu.php:132, src/admin/wp-security-brute-force-menu.php:743, src/admin/wp-security-firewall-menu.php:1204, src/admin/wp-security-list-404.php:234, src/admin/wp-security-list-comment-spammer-ip.php:205, src/classes/wp-security-general-init-tasks.php:322
124
  msgid "The plugin was unable to write to the .htaccess file. Please edit file manually."
125
  msgstr ""
126
 
@@ -168,7 +168,7 @@ msgstr ""
168
  msgid "IP Hosts and User Agent Blacklist Settings"
169
  msgstr ""
170
 
171
- #: src/admin/wp-security-blacklist-menu.php:179, src/admin/wp-security-brute-force-menu.php:194, src/admin/wp-security-brute-force-menu.php:326
172
  msgid "must read this message"
173
  msgstr ""
174
 
@@ -200,7 +200,7 @@ msgstr ""
200
  msgid "Enter one or more user agent strings."
201
  msgstr ""
202
 
203
- #: src/admin/wp-security-blacklist-menu.php:208, src/admin/wp-security-brute-force-menu.php:369, src/admin/wp-security-brute-force-menu.php:403, src/admin/wp-security-brute-force-menu.php:426, src/admin/wp-security-brute-force-menu.php:447, src/admin/wp-security-filescan-menu.php:311, src/admin/wp-security-filescan-menu.php:328, src/admin/wp-security-firewall-menu.php:175, src/admin/wp-security-firewall-menu.php:212, src/admin/wp-security-firewall-menu.php:232, src/admin/wp-security-firewall-menu.php:258, src/admin/wp-security-firewall-menu.php:385, src/admin/wp-security-firewall-menu.php:415, src/admin/wp-security-firewall-menu.php:446, src/admin/wp-security-firewall-menu.php:474, src/admin/wp-security-firewall-menu.php:503, src/admin/wp-security-firewall-menu.php:675, src/admin/wp-security-firewall-menu.php:693, src/admin/wp-security-firewall-menu.php:847, src/admin/wp-security-firewall-menu.php:1065, src/admin/wp-security-firewall-menu.php:1088, src/admin/wp-security-spam-menu.php:185, src/admin/wp-security-spam-menu.php:396, src/admin/wp-security-spam-menu.php:438, src/admin/wp-security-user-login-menu.php:361, src/templates/info/ip-address-ip-range-info.php:2
204
  msgid "More Info"
205
  msgstr ""
206
 
@@ -216,11 +216,11 @@ msgstr ""
216
  msgid "Example 2 - A list of more than 1 user agent strings to block"
217
  msgstr ""
218
 
219
- #: src/admin/wp-security-blacklist-menu.php:222, src/admin/wp-security-brute-force-menu.php:214, src/admin/wp-security-brute-force-menu.php:679, src/admin/wp-security-brute-force-menu.php:805, src/admin/wp-security-brute-force-menu.php:867, src/admin/wp-security-filescan-menu.php:355, src/admin/wp-security-filesystem-menu.php:242, src/admin/wp-security-firewall-menu.php:924, src/admin/wp-security-firewall-menu.php:1107, src/admin/wp-security-misc-options-menu.php:167, src/admin/wp-security-misc-options-menu.php:218, src/admin/wp-security-misc-options-menu.php:278, src/admin/wp-security-settings-menu.php:608, src/admin/wp-security-settings-menu.php:669, src/admin/wp-security-spam-menu.php:234, src/admin/wp-security-spam-menu.php:413, src/admin/wp-security-spam-menu.php:534, src/admin/wp-security-spam-menu.php:596, src/admin/wp-security-user-login-menu.php:382, src/admin/wp-security-user-login-menu.php:418, src/admin/wp-security-user-login-menu.php:601, src/admin/wp-security-user-login-menu.php:789, src/admin/wp-security-user-registration-menu.php:150, src/admin/wp-security-user-registration-menu.php:243, src/admin/wp-security-user-registration-menu.php:306
220
  msgid "Save Settings"
221
  msgstr ""
222
 
223
- #: src/admin/wp-security-brute-force-menu.php:33, src/admin/wp-security-brute-force-menu.php:763, src/admin/wp-security-dashboard-menu.php:617
224
  msgid "Rename Login Page"
225
  msgstr ""
226
 
@@ -232,7 +232,7 @@ msgstr ""
232
  msgid "Login Captcha"
233
  msgstr ""
234
 
235
- #: src/admin/wp-security-brute-force-menu.php:36, src/admin/wp-security-brute-force-menu.php:750
236
  msgid "Login Whitelist"
237
  msgstr ""
238
 
@@ -252,7 +252,7 @@ msgstr ""
252
  msgid "You must use alpha numeric characters for your login page slug."
253
  msgstr ""
254
 
255
- #: src/admin/wp-security-brute-force-menu.php:117, src/admin/wp-security-filescan-menu.php:175, src/admin/wp-security-firewall-menu.php:991, src/admin/wp-security-spam-menu.php:101, src/admin/wp-security-spam-menu.php:274, src/admin/wp-security-spam-menu.php:308, src/admin/wp-security-user-login-menu.php:161, src/admin/wp-security-user-login-menu.php:554
256
  msgid "Attention!"
257
  msgstr ""
258
 
@@ -368,351 +368,351 @@ msgstr ""
368
  msgid "To learn more about how to use this feature, please watch the following %s."
369
  msgstr ""
370
 
371
- #: src/admin/wp-security-brute-force-menu.php:310, src/admin/wp-security-brute-force-menu.php:762, src/admin/wp-security-user-login-menu.php:242
372
  msgid "Cookie-Based Brute Force Login Prevention"
373
  msgstr ""
374
 
375
- #: src/admin/wp-security-brute-force-menu.php:315
376
  msgid "Cookie Based Brute Force Login Prevention"
377
  msgstr ""
378
 
379
- #: src/admin/wp-security-brute-force-menu.php:326
380
  msgid "This feature can lock you out of admin if it doesn't work correctly on your site. You <a href=\"https://www.tipsandtricks-hq.com/wordpress-security-and-firewall-plugin#advanced_features_note\" target=\"_blank\">.__must read this message"
381
  msgstr ""
382
 
383
- #: src/admin/wp-security-brute-force-menu.php:337
384
  msgid "The cookie test was successful. You can now enable this feature."
385
  msgstr ""
386
 
387
- #: src/admin/wp-security-brute-force-menu.php:345
388
  msgid "The cookie test failed on this server. Consequently, this feature cannot be used on this site."
389
  msgstr ""
390
 
391
- #: src/admin/wp-security-brute-force-menu.php:352
392
  msgid "Before using this feature, you must perform a cookie test first."
393
  msgstr ""
394
 
395
- #: src/admin/wp-security-brute-force-menu.php:354
396
  msgid "This ensures that your browser cookie is working correctly and that you won't lock yourself out."
397
  msgstr ""
398
 
399
- #: src/admin/wp-security-brute-force-menu.php:359
400
  msgid "Perform cookie test"
401
  msgstr ""
402
 
403
- #: src/admin/wp-security-brute-force-menu.php:365
404
  msgid "Enable brute force attack prevention"
405
  msgstr ""
406
 
407
- #: src/admin/wp-security-brute-force-menu.php:368
408
  msgid "Check this if you want to protect your login page from Brute Force Attack."
409
  msgstr ""
410
 
411
- #: src/admin/wp-security-brute-force-menu.php:373
412
  msgid "This feature will deny access to your WordPress login page for all people except those who have a special cookie in their browser."
413
  msgstr ""
414
 
415
- #: src/admin/wp-security-brute-force-menu.php:375
416
  msgid "To use this feature do the following:"
417
  msgstr ""
418
 
419
- #: src/admin/wp-security-brute-force-menu.php:377
420
  msgid "1) Enable the checkbox."
421
  msgstr ""
422
 
423
- #: src/admin/wp-security-brute-force-menu.php:379
424
  msgid "2) Enter a secret word consisting of alphanumeric characters which will be difficult to guess. This secret word will be useful whenever you need to know the special URL which you will use to access the login page (see point below)."
425
  msgstr ""
426
 
427
- #: src/admin/wp-security-brute-force-menu.php:381
428
  msgid "3) You will then be provided with a special login URL. You will need to use this URL to login to your WordPress site instead of the usual login URL. NOTE: The system will deposit a special cookie in your browser which will allow you access to the WordPress administration login page."
429
  msgstr ""
430
 
431
- #: src/admin/wp-security-brute-force-menu.php:383
432
  msgid "Any person trying to access your login page who does not have the special cookie in their browser will be automatically blocked."
433
  msgstr ""
434
 
435
- #: src/admin/wp-security-brute-force-menu.php:390
436
  msgid "Secret Word"
437
  msgstr ""
438
 
439
- #: src/admin/wp-security-brute-force-menu.php:392
440
  msgid "Choose a secret word consisting of alphanumeric characters which you can use to access your special URL. Your are highly encouraged to choose a word which will be difficult to guess."
441
  msgstr ""
442
 
443
- #: src/admin/wp-security-brute-force-menu.php:396
444
  msgid "Re-direct URL"
445
  msgstr ""
446
 
447
- #: src/admin/wp-security-brute-force-menu.php:400
448
  msgid "Specify a URL to redirect a hacker to when they try to access your WordPress login page."
449
  msgstr ""
450
 
451
- #: src/admin/wp-security-brute-force-menu.php:407
452
  msgid "The URL specified here can be any site's URL and does not have to be your own. For example you can be as creative as you like and send hackers to the CIA or NSA home page."
453
  msgstr ""
454
 
455
- #: src/admin/wp-security-brute-force-menu.php:409
456
  msgid "This field will default to: http://127.0.0.1 if you do not enter a value."
457
  msgstr ""
458
 
459
- #: src/admin/wp-security-brute-force-menu.php:411
460
  msgid "Useful Tip:"
461
  msgstr ""
462
 
463
- #: src/admin/wp-security-brute-force-menu.php:413
464
  msgid "It's a good idea to not redirect attempted brute force login attempts to your site because it increases the load on your server."
465
  msgstr ""
466
 
467
- #: src/admin/wp-security-brute-force-menu.php:415
468
  msgid "Redirecting a hacker or malicious bot back to \"http://127.0.0.1\" is ideal because it deflects them back to their own local host and puts the load on their server instead of yours."
469
  msgstr ""
470
 
471
- #: src/admin/wp-security-brute-force-menu.php:422
472
  msgid "My site has posts or pages which are password protected"
473
  msgstr ""
474
 
475
- #: src/admin/wp-security-brute-force-menu.php:425
476
  msgid "Check this if you are using the native WordPress password protection feature for some or all of your blog posts or pages."
477
  msgstr ""
478
 
479
- #: src/admin/wp-security-brute-force-menu.php:430
480
  msgid "In the cases where you are protecting some of your posts or pages using the in-built WordPress password protection feature, a few extra lines of directives and exceptions need to be added so that people trying to access pages are not automatically blocked."
481
  msgstr ""
482
 
483
- #: src/admin/wp-security-brute-force-menu.php:432
484
  msgid "By enabling this checkbox, the plugin will add the necessary rules and exceptions so that people trying to access these pages are not automatically blocked."
485
  msgstr ""
486
 
487
- #: src/admin/wp-security-brute-force-menu.php:434
488
  msgid "Helpful Tip:"
489
  msgstr ""
490
 
491
- #: src/admin/wp-security-brute-force-menu.php:436
492
  msgid "If you do not use the WordPress password protection feature for your posts or pages then it is highly recommended that you leave this checkbox disabled."
493
  msgstr ""
494
 
495
- #: src/admin/wp-security-brute-force-menu.php:443
496
  msgid "My site has a theme or plugins which use AJAX"
497
  msgstr ""
498
 
499
- #: src/admin/wp-security-brute-force-menu.php:446
500
  msgid "Check this if your site uses AJAX functionality."
501
  msgstr ""
502
 
503
- #: src/admin/wp-security-brute-force-menu.php:451
504
  msgid "In the cases where your WordPress installation has a theme or plugin that uses AJAX, a few extra lines of directives and exceptions need to be added to prevent AJAX requests from being automatically blocked by the brute force prevention feature."
505
  msgstr ""
506
 
507
- #: src/admin/wp-security-brute-force-menu.php:453
508
  msgid "By enabling this checkbox, the plugin will add the necessary rules and exceptions so that AJAX operations will work as expected."
509
  msgstr ""
510
 
511
- #: src/admin/wp-security-brute-force-menu.php:462
512
  msgid "Save feature settings"
513
  msgstr ""
514
 
515
- #: src/admin/wp-security-brute-force-menu.php:520
516
  msgid "This feature allows you to add a captcha form on various WordPress login pages and forms."
517
  msgstr ""
518
 
519
- #: src/admin/wp-security-brute-force-menu.php:521
520
  msgid "Adding a captcha form on a login page or form is another effective yet simple \"Brute Force\" prevention technique."
521
  msgstr ""
522
 
523
- #: src/admin/wp-security-brute-force-menu.php:522
524
  msgid "You have the option of using either %s or a plain maths captcha form."
525
  msgstr ""
526
 
527
- #: src/admin/wp-security-brute-force-menu.php:523
528
  msgid "If you enable Google reCAPTCHA the reCAPTCHA widget will be displayed for all forms the captcha settings below."
529
  msgstr ""
530
 
531
- #: src/admin/wp-security-brute-force-menu.php:524
532
  msgid "If Google reCAPTCHA is disabled the simple maths captcha form will apply and users will need to enter the answer to a simple mathematical question."
533
  msgstr ""
534
 
535
- #: src/admin/wp-security-brute-force-menu.php:531
536
  msgid "Google reCAPTCHA Settings"
537
  msgstr ""
538
 
539
- #: src/admin/wp-security-brute-force-menu.php:536
540
  msgid "By enabling these settings the Google reCAPTCHA v2 widget will be applied by default for all forms with captcha enabled."
541
  msgstr ""
542
 
543
- #: src/admin/wp-security-brute-force-menu.php:545
544
  msgid "Recaptcha will not work because you have disabled login lockdown by acitvating the AIOWPS_DISABLE_LOGIN_LOCKDOWN constant value in a configuration file."
545
  msgstr ""
546
 
547
- #: src/admin/wp-security-brute-force-menu.php:546
548
  msgid "To enable it, define AIOWPS_DISABLE_LOGIN_LOCKDOWN constant value as false, or remove it."
549
  msgstr ""
550
 
551
- #: src/admin/wp-security-brute-force-menu.php:554
552
  msgid "Use Google reCAPTCHA as default"
553
  msgstr ""
554
 
555
- #: src/admin/wp-security-brute-force-menu.php:557
556
  msgid "Check this if you want to default to Google reCAPTCHA for all settings below. (If this is left unchecked, all captcha forms will revert to the plain maths captcha)"
557
  msgstr ""
558
 
559
- #: src/admin/wp-security-brute-force-menu.php:561
560
  msgid "Site Key"
561
  msgstr ""
562
 
563
- #: src/admin/wp-security-brute-force-menu.php:566
564
  msgid "Secret Key"
565
  msgstr ""
566
 
567
- #: src/admin/wp-security-brute-force-menu.php:573
568
  msgid "Login Form Captcha Settings"
569
  msgstr ""
570
 
571
- #: src/admin/wp-security-brute-force-menu.php:582
572
  msgid "Enable Captcha On Login Page"
573
  msgstr ""
574
 
575
- #: src/admin/wp-security-brute-force-menu.php:585
576
  msgid "Check this if you want to insert a captcha form on the login page"
577
  msgstr ""
578
 
579
- #: src/admin/wp-security-brute-force-menu.php:591
580
  msgid "Lost Password Form Captcha Settings"
581
  msgstr ""
582
 
583
- #: src/admin/wp-security-brute-force-menu.php:601
584
  msgid "Enable Captcha On Lost Password Page"
585
  msgstr ""
586
 
587
- #: src/admin/wp-security-brute-force-menu.php:604
588
  msgid "Check this if you want to insert a captcha form on the lost password page"
589
  msgstr ""
590
 
591
- #: src/admin/wp-security-brute-force-menu.php:610
592
  msgid "Custom Login Form Captcha Settings"
593
  msgstr ""
594
 
595
- #: src/admin/wp-security-brute-force-menu.php:619
596
  msgid "Enable Captcha On Custom Login Form"
597
  msgstr ""
598
 
599
- #: src/admin/wp-security-brute-force-menu.php:622
600
  msgid "Check this if you want to insert captcha on a custom login form generated by the following WP function: wp_login_form()"
601
  msgstr ""
602
 
603
- #: src/admin/wp-security-brute-force-menu.php:632
604
  msgid "Woocommerce Forms Captcha Settings"
605
  msgstr ""
606
 
607
- #: src/admin/wp-security-brute-force-menu.php:641
608
  msgid "Enable Captcha On Woocommerce Login Form"
609
  msgstr ""
610
 
611
- #: src/admin/wp-security-brute-force-menu.php:644
612
  msgid "Check this if you want to insert captcha on a Woocommerce login form"
613
  msgstr ""
614
 
615
- #: src/admin/wp-security-brute-force-menu.php:654
616
  msgid "Enable Captcha On Woocommerce Lost Password Form"
617
  msgstr ""
618
 
619
- #: src/admin/wp-security-brute-force-menu.php:657
620
  msgid "Check this if you want to insert captcha on a Woocommerce lost password form"
621
  msgstr ""
622
 
623
- #: src/admin/wp-security-brute-force-menu.php:667
624
  msgid "Enable Captcha On Woocommerce Registration Form"
625
  msgstr ""
626
 
627
- #: src/admin/wp-security-brute-force-menu.php:670
628
  msgid "Check this if you want to insert captcha on a Woocommerce registration form"
629
  msgstr ""
630
 
631
- #: src/admin/wp-security-brute-force-menu.php:696
632
  msgid "Nonce check failed for save whitelist settings."
633
  msgstr ""
634
 
635
- #: src/admin/wp-security-brute-force-menu.php:753
636
  msgid "The All In One WP Security Whitelist feature gives you the option of only allowing certain IP addresses or ranges to have access to your WordPress login page."
637
  msgstr ""
638
 
639
- #: src/admin/wp-security-brute-force-menu.php:754
640
  msgid "This feature will deny login access for all IP addresses which are not in your whitelist as configured in the settings below."
641
  msgstr ""
642
 
643
- #: src/admin/wp-security-brute-force-menu.php:755
644
  msgid "The plugin achieves this by writing the appropriate directives to your .htaccess file."
645
  msgstr ""
646
 
647
- #: src/admin/wp-security-brute-force-menu.php:756
648
  msgid "By allowing/blocking IP addresses via the .htaccess file your are using the most secure first line of defence because login access will only be granted to whitelisted IP addresses and other addresses will be blocked as soon as they try to access your login page."
649
  msgstr ""
650
 
651
- #: src/admin/wp-security-brute-force-menu.php:764
652
  msgid "Attention: If in addition to enabling the white list feature, you also have one of the %s or %s features enabled, <strong>you will still need to use your secret word or special slug in the URL when trying to access your WordPress login page</strong>."
653
  msgstr ""
654
 
655
- #: src/admin/wp-security-brute-force-menu.php:765
656
  msgid "These features are NOT functionally related. Having both of them enabled on your site means you are creating 2 layers of security."
657
  msgstr ""
658
 
659
- #: src/admin/wp-security-brute-force-menu.php:770
660
  msgid "Login IP Whitelist Settings"
661
  msgstr ""
662
 
663
- #: src/admin/wp-security-brute-force-menu.php:781
664
  msgid "Enable IP Whitelisting"
665
  msgstr ""
666
 
667
- #: src/admin/wp-security-brute-force-menu.php:784, src/admin/wp-security-user-login-menu.php:405
668
  msgid "Check this if you want to enable the whitelisting of selected IP addresses specified in the settings below"
669
  msgstr ""
670
 
671
- #: src/admin/wp-security-brute-force-menu.php:788
672
  msgid "Your Current IP Address"
673
  msgstr ""
674
 
675
- #: src/admin/wp-security-brute-force-menu.php:791
676
  msgid "You can copy and paste this address in the text box below if you want to include it in your login whitelist."
677
  msgstr ""
678
 
679
- #: src/admin/wp-security-brute-force-menu.php:795, src/admin/wp-security-user-login-menu.php:409
680
  msgid "Enter Whitelisted IP Addresses:"
681
  msgstr ""
682
 
683
- #: src/admin/wp-security-brute-force-menu.php:799, src/admin/wp-security-user-login-menu.php:413
684
  msgid "Enter one or more IP addresses or IP ranges you wish to include in your whitelist."
685
  msgstr ""
686
 
687
- #: src/admin/wp-security-brute-force-menu.php:799
688
  msgid "Only the addresses specified here will have access to the WordPress login page."
689
  msgstr ""
690
 
691
- #: src/admin/wp-security-brute-force-menu.php:838
692
  msgid "This feature allows you to add a special hidden \"honeypot\" field on the WordPress login page. This will only be visible to robots and not humans."
693
  msgstr ""
694
 
695
- #: src/admin/wp-security-brute-force-menu.php:839
696
  msgid "Since robots usually fill in every input field from a login form, they will also submit a value for the special hidden honeypot field."
697
  msgstr ""
698
 
699
- #: src/admin/wp-security-brute-force-menu.php:840, src/admin/wp-security-user-registration-menu.php:279
700
  msgid "The way honeypots work is that a hidden field is placed somewhere inside a form which only robots will submit. If that field contains a value when the form is submitted then a robot has most likely submitted the form and it is consequently dealt with."
701
  msgstr ""
702
 
703
- #: src/admin/wp-security-brute-force-menu.php:841
704
  msgid "Therefore, if the plugin detects that this field has a value when the login form is submitted, then the robot which is attempting to login to your site will be redirected to its localhost address - http://127.0.0.1."
705
  msgstr ""
706
 
707
- #: src/admin/wp-security-brute-force-menu.php:847
708
  msgid "Login Form Honeypot Settings"
709
  msgstr ""
710
 
711
- #: src/admin/wp-security-brute-force-menu.php:858
712
  msgid "Enable Honeypot On Login Page"
713
  msgstr ""
714
 
715
- #: src/admin/wp-security-brute-force-menu.php:861
716
  msgid "Check this if you want to enable the honeypot feature for the login page"
717
  msgstr ""
718
 
@@ -752,7 +752,7 @@ msgstr ""
752
  msgid "Permanently Blocked IP Addresses"
753
  msgstr ""
754
 
755
- #: src/admin/wp-security-dashboard-menu.php:183, src/admin/wp-security-firewall-menu.php:1122, src/admin/wp-security-user-login-menu.php:485, src/admin/wp-security-user-login-menu.php:642, src/admin/wp-security-user-registration-menu.php:164
756
  msgid "Search"
757
  msgstr ""
758
 
@@ -2314,11 +2314,11 @@ msgstr ""
2314
  msgid "404 Event Logs"
2315
  msgstr ""
2316
 
2317
- #: src/admin/wp-security-firewall-menu.php:1134, src/admin/wp-security-firewall-menu.php:1143, src/admin/wp-security-user-login-menu.php:495, src/admin/wp-security-user-login-menu.php:504, src/admin/wp-security-user-login-menu.php:652, src/admin/wp-security-user-login-menu.php:661
2318
  msgid "Export to CSV"
2319
  msgstr ""
2320
 
2321
- #: src/admin/wp-security-firewall-menu.php:1140, src/admin/wp-security-user-login-menu.php:501, src/admin/wp-security-user-login-menu.php:658
2322
  msgid "Click this button if you wish to download this log in CSV format."
2323
  msgstr ""
2324
 
@@ -3928,7 +3928,7 @@ msgstr ""
3928
  msgid "Edit User"
3929
  msgstr ""
3930
 
3931
- #: src/admin/wp-security-user-login-menu.php:31, src/admin/wp-security-user-login-menu.php:474
3932
  msgid "Failed Login Records"
3933
  msgstr ""
3934
 
@@ -3936,7 +3936,7 @@ msgstr ""
3936
  msgid "Force Logout"
3937
  msgstr ""
3938
 
3939
- #: src/admin/wp-security-user-login-menu.php:33, src/admin/wp-security-user-login-menu.php:631
3940
  msgid "Account Activity Logs"
3941
  msgstr ""
3942
 
@@ -4084,179 +4084,179 @@ msgstr ""
4084
  msgid "Check this if you want to receive an email when someone has been locked out due to maximum failed login attempts"
4085
  msgstr ""
4086
 
4087
- #: src/admin/wp-security-user-login-menu.php:360
4088
  msgid "Fill in one email address per line."
4089
  msgstr ""
4090
 
4091
- #: src/admin/wp-security-user-login-menu.php:364
4092
  msgid "Each email address must be on a new line."
4093
  msgstr ""
4094
 
4095
- #: src/admin/wp-security-user-login-menu.php:365
4096
  msgid "If a valid email address has not been filled in, it will not be saved."
4097
  msgstr ""
4098
 
4099
- #: src/admin/wp-security-user-login-menu.php:366
4100
  msgid "The valid email address format is userid@example.com"
4101
  msgstr ""
4102
 
4103
- #: src/admin/wp-security-user-login-menu.php:367
4104
  msgid "Example: %s"
4105
  msgstr ""
4106
 
4107
- #: src/admin/wp-security-user-login-menu.php:374
4108
  msgid "Enable PHP Backtrace In Email"
4109
  msgstr ""
4110
 
4111
- #: src/admin/wp-security-user-login-menu.php:378
4112
  msgid "Check this if you want to include the PHP backtrace in notification emails."
4113
  msgstr ""
4114
 
4115
- #: src/admin/wp-security-user-login-menu.php:378
4116
  msgid "This is internal coding information which makes it easier to investigate where an issued occurred."
4117
  msgstr ""
4118
 
4119
- #: src/admin/wp-security-user-login-menu.php:386
4120
  msgid "Currently Locked Out IP Address Ranges"
4121
  msgstr ""
4122
 
4123
- #: src/admin/wp-security-user-login-menu.php:391
4124
  msgid "To see a list of all locked IP addresses and ranges go to the %s tab in the dashboard menu."
4125
  msgstr ""
4126
 
4127
- #: src/admin/wp-security-user-login-menu.php:396
4128
  msgid "Login Lockdown IP Whitelist Settings"
4129
  msgstr ""
4130
 
4131
- #: src/admin/wp-security-user-login-menu.php:402
4132
  msgid "Enable Login Lockdown IP Whitelist"
4133
  msgstr ""
4134
 
4135
- #: src/admin/wp-security-user-login-menu.php:413
4136
  msgid "The addresses specified here will never be blocked by the login lockdown feature."
4137
  msgstr ""
4138
 
4139
- #: src/admin/wp-security-user-login-menu.php:438
4140
  msgid "Nonce check failed for delete all failed login records operation!"
4141
  msgstr ""
4142
 
4143
- #: src/admin/wp-security-user-login-menu.php:447
4144
  msgid "User Login Feature - Delete all failed login records operation failed!"
4145
  msgstr ""
4146
 
4147
- #: src/admin/wp-security-user-login-menu.php:451
4148
  msgid "All records from the Failed Logins table were deleted successfully."
4149
  msgstr ""
4150
 
4151
- #: src/admin/wp-security-user-login-menu.php:467
4152
  msgid "This tab displays the failed login attempts for your site."
4153
  msgstr ""
4154
 
4155
- #: src/admin/wp-security-user-login-menu.php:468
4156
  msgid "The information below can be handy if you need to do security investigations because it will show you the IP range, username and ID (if applicable) and the time/date of the failed login attempt."
4157
  msgstr ""
4158
 
4159
- #: src/admin/wp-security-user-login-menu.php:469
4160
  msgid "Failed login records that are older than %1$d days are purged automatically."
4161
  msgstr ""
4162
 
4163
- #: src/admin/wp-security-user-login-menu.php:508, src/admin/wp-security-user-login-menu.php:517
4164
  msgid "Delete All Failed Login Records"
4165
  msgstr ""
4166
 
4167
- #: src/admin/wp-security-user-login-menu.php:514
4168
  msgid "Click this button if you wish to delete all failed login records in one go."
4169
  msgstr ""
4170
 
4171
- #: src/admin/wp-security-user-login-menu.php:542
4172
  msgid "You entered a non numeric value for the logout time period field. It has been set to the default value."
4173
  msgstr ""
4174
 
4175
- #: src/admin/wp-security-user-login-menu.php:570
4176
  msgid "Setting an expiry period for your WP administration session is a simple way to protect against unauthorized access to your site from your computer."
4177
  msgstr ""
4178
 
4179
- #: src/admin/wp-security-user-login-menu.php:571
4180
  msgid "This feature allows you to specify a time period in minutes after which the admin session will expire and the user will be forced to log back in."
4181
  msgstr ""
4182
 
4183
- #: src/admin/wp-security-user-login-menu.php:576
4184
  msgid "Force User Logout Options"
4185
  msgstr ""
4186
 
4187
- #: src/admin/wp-security-user-login-menu.php:588
4188
  msgid "Enable Force WP User Logout"
4189
  msgstr ""
4190
 
4191
- #: src/admin/wp-security-user-login-menu.php:591
4192
  msgid "Check this if you want to force a wp user to be logged out after a configured amount of time"
4193
  msgstr ""
4194
 
4195
- #: src/admin/wp-security-user-login-menu.php:595
4196
  msgid "Logout the WP User After XX Minutes"
4197
  msgstr ""
4198
 
4199
- #: src/admin/wp-security-user-login-menu.php:597
4200
  msgid "(Minutes) The user will be forced to log back in after this time period has elapased."
4201
  msgstr ""
4202
 
4203
- #: src/admin/wp-security-user-login-menu.php:625
4204
  msgid "This tab displays the activity for accounts registered with your site that have logged in using the WordPress login form."
4205
  msgstr ""
4206
 
4207
- #: src/admin/wp-security-user-login-menu.php:626
4208
  msgid "The information below can be handy if you need to do security investigations because it will show you the last 100 recent login events by username, IP address and time/date."
4209
  msgstr ""
4210
 
4211
- #: src/admin/wp-security-user-login-menu.php:690
4212
  msgid "Nonce check failed for users logged in list!"
4213
  msgstr ""
4214
 
4215
- #: src/admin/wp-security-user-login-menu.php:698
4216
  msgid "Refresh Logged In User Data"
4217
  msgstr ""
4218
 
4219
- #: src/admin/wp-security-user-login-menu.php:702
4220
  msgid "Refresh Data"
4221
  msgstr ""
4222
 
4223
- #: src/admin/wp-security-user-login-menu.php:707
4224
  msgid "This tab displays all users who are currently logged into your site."
4225
  msgstr ""
4226
 
4227
- #: src/admin/wp-security-user-login-menu.php:708
4228
  msgid "If you suspect there is a user or users who are logged in which should not be, you can block them by inspecting the IP addresses from the data below and adding them to your blacklist."
4229
  msgstr ""
4230
 
4231
- #: src/admin/wp-security-user-login-menu.php:709
4232
  msgid "You can also instantly log them out by clicking on the \"Force Logout\" link when you hover over the row in the User Id column."
4233
  msgstr ""
4234
 
4235
- #: src/admin/wp-security-user-login-menu.php:714
4236
  msgid "Currently Logged In Users"
4237
  msgstr ""
4238
 
4239
- #: src/admin/wp-security-user-login-menu.php:762
4240
  msgid "WordPress 5.6 introduced a new feature called \"Application Passwords\"."
4241
  msgstr ""
4242
 
4243
- #: src/admin/wp-security-user-login-menu.php:763
4244
  msgid "This allows you to create a token from the WordPress dashboard which then can be used in the authorization header."
4245
  msgstr ""
4246
 
4247
- #: src/admin/wp-security-user-login-menu.php:764
4248
  msgid "This feature allows you to disable Application Passwords as they can leave your site vulnerable to social engineering and phishing scams."
4249
  msgstr ""
4250
 
4251
- #: src/admin/wp-security-user-login-menu.php:770
4252
  msgid "Additonal Settings"
4253
  msgstr ""
4254
 
4255
- #: src/admin/wp-security-user-login-menu.php:781, src/classes/grade-system/wp-security-feature-item-manager.php:106
4256
  msgid "Disable Application Password"
4257
  msgstr ""
4258
 
4259
- #: src/admin/wp-security-user-login-menu.php:784
4260
  msgid "Check this if you want to disable the application password."
4261
  msgstr ""
4262
 
@@ -4764,59 +4764,59 @@ msgstr ""
4764
  msgid "<strong>ERROR</strong>: Invalid login credentials."
4765
  msgstr ""
4766
 
4767
- #: src/classes/wp-security-user-login.php:389
4768
  msgid "Site Lockout Notification"
4769
  msgstr ""
4770
 
4771
- #: src/classes/wp-security-user-login.php:390
4772
  msgid "Lockdown events had occurred due to too many failed login attempts or invalid username:"
4773
  msgstr ""
4774
 
4775
- #: src/classes/wp-security-user-login.php:393
4776
  msgid "Username:"
4777
  msgstr ""
4778
 
4779
- #: src/classes/wp-security-user-login.php:394
4780
  msgid "IP Address:"
4781
  msgstr ""
4782
 
4783
- #: src/classes/wp-security-user-login.php:396
4784
  msgid "IP Range:"
4785
  msgstr ""
4786
 
4787
- #: src/classes/wp-security-user-login.php:401
4788
  msgid "Log into your site WordPress administration panel to see the duration of the lockout or to unlock the user."
4789
  msgstr ""
4790
 
4791
- #: src/classes/wp-security-user-login.php:512
4792
  msgid "Unlock Request Notification"
4793
  msgstr ""
4794
 
4795
- #: src/classes/wp-security-user-login.php:513
4796
  msgid "You have requested for the account with email address %s to be unlocked. Please click the link below to unlock your account:"
4797
  msgstr ""
4798
 
4799
- #: src/classes/wp-security-user-login.php:513
4800
  msgid "Unlock link: %s"
4801
  msgstr ""
4802
 
4803
- #: src/classes/wp-security-user-login.php:513
4804
  msgid "After clicking the above link you will be able to login to the WordPress administration panel."
4805
  msgstr ""
4806
 
4807
- #: src/classes/wp-security-user-login.php:739
4808
  msgid "Your session has expired because it has been over %d minutes since your last login."
4809
  msgstr ""
4810
 
4811
- #: src/classes/wp-security-user-login.php:740, src/classes/wp-security-user-login.php:744
4812
  msgid "Please log back in to continue."
4813
  msgstr ""
4814
 
4815
- #: src/classes/wp-security-user-login.php:743
4816
  msgid "You were logged out because you just changed the \"admin\" username."
4817
  msgstr ""
4818
 
4819
- #: src/classes/wp-security-user-login.php:773
4820
  msgid "Request Unlock"
4821
  msgstr ""
4822
 
@@ -4968,6 +4968,14 @@ msgstr ""
4968
  msgid "Dismiss"
4969
  msgstr ""
4970
 
 
 
 
 
 
 
 
 
4971
  #: src/templates/notices/horizontal-notice.php:8, src/templates/notices/horizontal-notice.php:40
4972
  msgid "notice image"
4973
  msgstr ""
120
  msgid "Nonce check failed for save blacklist settings!"
121
  msgstr ""
122
 
123
+ #: src/admin/wp-security-blacklist-menu.php:132, src/admin/wp-security-brute-force-menu.php:748, src/admin/wp-security-firewall-menu.php:1204, src/admin/wp-security-list-404.php:234, src/admin/wp-security-list-comment-spammer-ip.php:205, src/classes/wp-security-general-init-tasks.php:322
124
  msgid "The plugin was unable to write to the .htaccess file. Please edit file manually."
125
  msgstr ""
126
 
168
  msgid "IP Hosts and User Agent Blacklist Settings"
169
  msgstr ""
170
 
171
+ #: src/admin/wp-security-blacklist-menu.php:179, src/admin/wp-security-brute-force-menu.php:194, src/admin/wp-security-brute-force-menu.php:331
172
  msgid "must read this message"
173
  msgstr ""
174
 
200
  msgid "Enter one or more user agent strings."
201
  msgstr ""
202
 
203
+ #: src/admin/wp-security-blacklist-menu.php:208, src/admin/wp-security-brute-force-menu.php:374, src/admin/wp-security-brute-force-menu.php:408, src/admin/wp-security-brute-force-menu.php:431, src/admin/wp-security-brute-force-menu.php:452, src/admin/wp-security-filescan-menu.php:311, src/admin/wp-security-filescan-menu.php:328, src/admin/wp-security-firewall-menu.php:175, src/admin/wp-security-firewall-menu.php:212, src/admin/wp-security-firewall-menu.php:232, src/admin/wp-security-firewall-menu.php:258, src/admin/wp-security-firewall-menu.php:385, src/admin/wp-security-firewall-menu.php:415, src/admin/wp-security-firewall-menu.php:446, src/admin/wp-security-firewall-menu.php:474, src/admin/wp-security-firewall-menu.php:503, src/admin/wp-security-firewall-menu.php:675, src/admin/wp-security-firewall-menu.php:693, src/admin/wp-security-firewall-menu.php:847, src/admin/wp-security-firewall-menu.php:1065, src/admin/wp-security-firewall-menu.php:1088, src/admin/wp-security-spam-menu.php:185, src/admin/wp-security-spam-menu.php:396, src/admin/wp-security-spam-menu.php:438, src/admin/wp-security-user-login-menu.php:358, src/templates/info/ip-address-ip-range-info.php:2
204
  msgid "More Info"
205
  msgstr ""
206
 
216
  msgid "Example 2 - A list of more than 1 user agent strings to block"
217
  msgstr ""
218
 
219
+ #: src/admin/wp-security-blacklist-menu.php:222, src/admin/wp-security-brute-force-menu.php:214, src/admin/wp-security-brute-force-menu.php:684, src/admin/wp-security-brute-force-menu.php:810, src/admin/wp-security-brute-force-menu.php:872, src/admin/wp-security-filescan-menu.php:355, src/admin/wp-security-filesystem-menu.php:242, src/admin/wp-security-firewall-menu.php:924, src/admin/wp-security-firewall-menu.php:1107, src/admin/wp-security-misc-options-menu.php:167, src/admin/wp-security-misc-options-menu.php:218, src/admin/wp-security-misc-options-menu.php:278, src/admin/wp-security-settings-menu.php:608, src/admin/wp-security-settings-menu.php:669, src/admin/wp-security-spam-menu.php:234, src/admin/wp-security-spam-menu.php:413, src/admin/wp-security-spam-menu.php:534, src/admin/wp-security-spam-menu.php:596, src/admin/wp-security-user-login-menu.php:379, src/admin/wp-security-user-login-menu.php:415, src/admin/wp-security-user-login-menu.php:598, src/admin/wp-security-user-login-menu.php:786, src/admin/wp-security-user-registration-menu.php:150, src/admin/wp-security-user-registration-menu.php:243, src/admin/wp-security-user-registration-menu.php:306
220
  msgid "Save Settings"
221
  msgstr ""
222
 
223
+ #: src/admin/wp-security-brute-force-menu.php:33, src/admin/wp-security-brute-force-menu.php:768, src/admin/wp-security-dashboard-menu.php:617
224
  msgid "Rename Login Page"
225
  msgstr ""
226
 
232
  msgid "Login Captcha"
233
  msgstr ""
234
 
235
+ #: src/admin/wp-security-brute-force-menu.php:36, src/admin/wp-security-brute-force-menu.php:755
236
  msgid "Login Whitelist"
237
  msgstr ""
238
 
252
  msgid "You must use alpha numeric characters for your login page slug."
253
  msgstr ""
254
 
255
+ #: src/admin/wp-security-brute-force-menu.php:117, src/admin/wp-security-filescan-menu.php:175, src/admin/wp-security-firewall-menu.php:991, src/admin/wp-security-spam-menu.php:101, src/admin/wp-security-spam-menu.php:274, src/admin/wp-security-spam-menu.php:308, src/admin/wp-security-user-login-menu.php:161, src/admin/wp-security-user-login-menu.php:551
256
  msgid "Attention!"
257
  msgstr ""
258
 
368
  msgid "To learn more about how to use this feature, please watch the following %s."
369
  msgstr ""
370
 
371
+ #: src/admin/wp-security-brute-force-menu.php:310, src/admin/wp-security-brute-force-menu.php:767, src/admin/wp-security-user-login-menu.php:242
372
  msgid "Cookie-Based Brute Force Login Prevention"
373
  msgstr ""
374
 
375
+ #: src/admin/wp-security-brute-force-menu.php:320
376
  msgid "Cookie Based Brute Force Login Prevention"
377
  msgstr ""
378
 
379
+ #: src/admin/wp-security-brute-force-menu.php:331
380
  msgid "This feature can lock you out of admin if it doesn't work correctly on your site. You <a href=\"https://www.tipsandtricks-hq.com/wordpress-security-and-firewall-plugin#advanced_features_note\" target=\"_blank\">.__must read this message"
381
  msgstr ""
382
 
383
+ #: src/admin/wp-security-brute-force-menu.php:342
384
  msgid "The cookie test was successful. You can now enable this feature."
385
  msgstr ""
386
 
387
+ #: src/admin/wp-security-brute-force-menu.php:350
388
  msgid "The cookie test failed on this server. Consequently, this feature cannot be used on this site."
389
  msgstr ""
390
 
391
+ #: src/admin/wp-security-brute-force-menu.php:357
392
  msgid "Before using this feature, you must perform a cookie test first."
393
  msgstr ""
394
 
395
+ #: src/admin/wp-security-brute-force-menu.php:359
396
  msgid "This ensures that your browser cookie is working correctly and that you won't lock yourself out."
397
  msgstr ""
398
 
399
+ #: src/admin/wp-security-brute-force-menu.php:364
400
  msgid "Perform cookie test"
401
  msgstr ""
402
 
403
+ #: src/admin/wp-security-brute-force-menu.php:370
404
  msgid "Enable brute force attack prevention"
405
  msgstr ""
406
 
407
+ #: src/admin/wp-security-brute-force-menu.php:373
408
  msgid "Check this if you want to protect your login page from Brute Force Attack."
409
  msgstr ""
410
 
411
+ #: src/admin/wp-security-brute-force-menu.php:378
412
  msgid "This feature will deny access to your WordPress login page for all people except those who have a special cookie in their browser."
413
  msgstr ""
414
 
415
+ #: src/admin/wp-security-brute-force-menu.php:380
416
  msgid "To use this feature do the following:"
417
  msgstr ""
418
 
419
+ #: src/admin/wp-security-brute-force-menu.php:382
420
  msgid "1) Enable the checkbox."
421
  msgstr ""
422
 
423
+ #: src/admin/wp-security-brute-force-menu.php:384
424
  msgid "2) Enter a secret word consisting of alphanumeric characters which will be difficult to guess. This secret word will be useful whenever you need to know the special URL which you will use to access the login page (see point below)."
425
  msgstr ""
426
 
427
+ #: src/admin/wp-security-brute-force-menu.php:386
428
  msgid "3) You will then be provided with a special login URL. You will need to use this URL to login to your WordPress site instead of the usual login URL. NOTE: The system will deposit a special cookie in your browser which will allow you access to the WordPress administration login page."
429
  msgstr ""
430
 
431
+ #: src/admin/wp-security-brute-force-menu.php:388
432
  msgid "Any person trying to access your login page who does not have the special cookie in their browser will be automatically blocked."
433
  msgstr ""
434
 
435
+ #: src/admin/wp-security-brute-force-menu.php:395
436
  msgid "Secret Word"
437
  msgstr ""
438
 
439
+ #: src/admin/wp-security-brute-force-menu.php:397
440
  msgid "Choose a secret word consisting of alphanumeric characters which you can use to access your special URL. Your are highly encouraged to choose a word which will be difficult to guess."
441
  msgstr ""
442
 
443
+ #: src/admin/wp-security-brute-force-menu.php:401
444
  msgid "Re-direct URL"
445
  msgstr ""
446
 
447
+ #: src/admin/wp-security-brute-force-menu.php:405
448
  msgid "Specify a URL to redirect a hacker to when they try to access your WordPress login page."
449
  msgstr ""
450
 
451
+ #: src/admin/wp-security-brute-force-menu.php:412
452
  msgid "The URL specified here can be any site's URL and does not have to be your own. For example you can be as creative as you like and send hackers to the CIA or NSA home page."
453
  msgstr ""
454
 
455
+ #: src/admin/wp-security-brute-force-menu.php:414
456
  msgid "This field will default to: http://127.0.0.1 if you do not enter a value."
457
  msgstr ""
458
 
459
+ #: src/admin/wp-security-brute-force-menu.php:416
460
  msgid "Useful Tip:"
461
  msgstr ""
462
 
463
+ #: src/admin/wp-security-brute-force-menu.php:418
464
  msgid "It's a good idea to not redirect attempted brute force login attempts to your site because it increases the load on your server."
465
  msgstr ""
466
 
467
+ #: src/admin/wp-security-brute-force-menu.php:420
468
  msgid "Redirecting a hacker or malicious bot back to \"http://127.0.0.1\" is ideal because it deflects them back to their own local host and puts the load on their server instead of yours."
469
  msgstr ""
470
 
471
+ #: src/admin/wp-security-brute-force-menu.php:427
472
  msgid "My site has posts or pages which are password protected"
473
  msgstr ""
474
 
475
+ #: src/admin/wp-security-brute-force-menu.php:430
476
  msgid "Check this if you are using the native WordPress password protection feature for some or all of your blog posts or pages."
477
  msgstr ""
478
 
479
+ #: src/admin/wp-security-brute-force-menu.php:435
480
  msgid "In the cases where you are protecting some of your posts or pages using the in-built WordPress password protection feature, a few extra lines of directives and exceptions need to be added so that people trying to access pages are not automatically blocked."
481
  msgstr ""
482
 
483
+ #: src/admin/wp-security-brute-force-menu.php:437
484
  msgid "By enabling this checkbox, the plugin will add the necessary rules and exceptions so that people trying to access these pages are not automatically blocked."
485
  msgstr ""
486
 
487
+ #: src/admin/wp-security-brute-force-menu.php:439
488
  msgid "Helpful Tip:"
489
  msgstr ""
490
 
491
+ #: src/admin/wp-security-brute-force-menu.php:441
492
  msgid "If you do not use the WordPress password protection feature for your posts or pages then it is highly recommended that you leave this checkbox disabled."
493
  msgstr ""
494
 
495
+ #: src/admin/wp-security-brute-force-menu.php:448
496
  msgid "My site has a theme or plugins which use AJAX"
497
  msgstr ""
498
 
499
+ #: src/admin/wp-security-brute-force-menu.php:451
500
  msgid "Check this if your site uses AJAX functionality."
501
  msgstr ""
502
 
503
+ #: src/admin/wp-security-brute-force-menu.php:456
504
  msgid "In the cases where your WordPress installation has a theme or plugin that uses AJAX, a few extra lines of directives and exceptions need to be added to prevent AJAX requests from being automatically blocked by the brute force prevention feature."
505
  msgstr ""
506
 
507
+ #: src/admin/wp-security-brute-force-menu.php:458
508
  msgid "By enabling this checkbox, the plugin will add the necessary rules and exceptions so that AJAX operations will work as expected."
509
  msgstr ""
510
 
511
+ #: src/admin/wp-security-brute-force-menu.php:467
512
  msgid "Save feature settings"
513
  msgstr ""
514
 
515
+ #: src/admin/wp-security-brute-force-menu.php:525
516
  msgid "This feature allows you to add a captcha form on various WordPress login pages and forms."
517
  msgstr ""
518
 
519
+ #: src/admin/wp-security-brute-force-menu.php:526
520
  msgid "Adding a captcha form on a login page or form is another effective yet simple \"Brute Force\" prevention technique."
521
  msgstr ""
522
 
523
+ #: src/admin/wp-security-brute-force-menu.php:527
524
  msgid "You have the option of using either %s or a plain maths captcha form."
525
  msgstr ""
526
 
527
+ #: src/admin/wp-security-brute-force-menu.php:528
528
  msgid "If you enable Google reCAPTCHA the reCAPTCHA widget will be displayed for all forms the captcha settings below."
529
  msgstr ""
530
 
531
+ #: src/admin/wp-security-brute-force-menu.php:529
532
  msgid "If Google reCAPTCHA is disabled the simple maths captcha form will apply and users will need to enter the answer to a simple mathematical question."
533
  msgstr ""
534
 
535
+ #: src/admin/wp-security-brute-force-menu.php:536
536
  msgid "Google reCAPTCHA Settings"
537
  msgstr ""
538
 
539
+ #: src/admin/wp-security-brute-force-menu.php:541
540
  msgid "By enabling these settings the Google reCAPTCHA v2 widget will be applied by default for all forms with captcha enabled."
541
  msgstr ""
542
 
543
+ #: src/admin/wp-security-brute-force-menu.php:550
544
  msgid "Recaptcha will not work because you have disabled login lockdown by acitvating the AIOWPS_DISABLE_LOGIN_LOCKDOWN constant value in a configuration file."
545
  msgstr ""
546
 
547
+ #: src/admin/wp-security-brute-force-menu.php:551
548
  msgid "To enable it, define AIOWPS_DISABLE_LOGIN_LOCKDOWN constant value as false, or remove it."
549
  msgstr ""
550
 
551
+ #: src/admin/wp-security-brute-force-menu.php:559
552
  msgid "Use Google reCAPTCHA as default"
553
  msgstr ""
554
 
555
+ #: src/admin/wp-security-brute-force-menu.php:562
556
  msgid "Check this if you want to default to Google reCAPTCHA for all settings below. (If this is left unchecked, all captcha forms will revert to the plain maths captcha)"
557
  msgstr ""
558
 
559
+ #: src/admin/wp-security-brute-force-menu.php:566
560
  msgid "Site Key"
561
  msgstr ""
562
 
563
+ #: src/admin/wp-security-brute-force-menu.php:571
564
  msgid "Secret Key"
565
  msgstr ""
566
 
567
+ #: src/admin/wp-security-brute-force-menu.php:578
568
  msgid "Login Form Captcha Settings"
569
  msgstr ""
570
 
571
+ #: src/admin/wp-security-brute-force-menu.php:587
572
  msgid "Enable Captcha On Login Page"
573
  msgstr ""
574
 
575
+ #: src/admin/wp-security-brute-force-menu.php:590
576
  msgid "Check this if you want to insert a captcha form on the login page"
577
  msgstr ""
578
 
579
+ #: src/admin/wp-security-brute-force-menu.php:596
580
  msgid "Lost Password Form Captcha Settings"
581
  msgstr ""
582
 
583
+ #: src/admin/wp-security-brute-force-menu.php:606
584
  msgid "Enable Captcha On Lost Password Page"
585
  msgstr ""
586
 
587
+ #: src/admin/wp-security-brute-force-menu.php:609
588
  msgid "Check this if you want to insert a captcha form on the lost password page"
589
  msgstr ""
590
 
591
+ #: src/admin/wp-security-brute-force-menu.php:615
592
  msgid "Custom Login Form Captcha Settings"
593
  msgstr ""
594
 
595
+ #: src/admin/wp-security-brute-force-menu.php:624
596
  msgid "Enable Captcha On Custom Login Form"
597
  msgstr ""
598
 
599
+ #: src/admin/wp-security-brute-force-menu.php:627
600
  msgid "Check this if you want to insert captcha on a custom login form generated by the following WP function: wp_login_form()"
601
  msgstr ""
602
 
603
+ #: src/admin/wp-security-brute-force-menu.php:637
604
  msgid "Woocommerce Forms Captcha Settings"
605
  msgstr ""
606
 
607
+ #: src/admin/wp-security-brute-force-menu.php:646
608
  msgid "Enable Captcha On Woocommerce Login Form"
609
  msgstr ""
610
 
611
+ #: src/admin/wp-security-brute-force-menu.php:649
612
  msgid "Check this if you want to insert captcha on a Woocommerce login form"
613
  msgstr ""
614
 
615
+ #: src/admin/wp-security-brute-force-menu.php:659
616
  msgid "Enable Captcha On Woocommerce Lost Password Form"
617
  msgstr ""
618
 
619
+ #: src/admin/wp-security-brute-force-menu.php:662
620
  msgid "Check this if you want to insert captcha on a Woocommerce lost password form"
621
  msgstr ""
622
 
623
+ #: src/admin/wp-security-brute-force-menu.php:672
624
  msgid "Enable Captcha On Woocommerce Registration Form"
625
  msgstr ""
626
 
627
+ #: src/admin/wp-security-brute-force-menu.php:675
628
  msgid "Check this if you want to insert captcha on a Woocommerce registration form"
629
  msgstr ""
630
 
631
+ #: src/admin/wp-security-brute-force-menu.php:701
632
  msgid "Nonce check failed for save whitelist settings."
633
  msgstr ""
634
 
635
+ #: src/admin/wp-security-brute-force-menu.php:758
636
  msgid "The All In One WP Security Whitelist feature gives you the option of only allowing certain IP addresses or ranges to have access to your WordPress login page."
637
  msgstr ""
638
 
639
+ #: src/admin/wp-security-brute-force-menu.php:759
640
  msgid "This feature will deny login access for all IP addresses which are not in your whitelist as configured in the settings below."
641
  msgstr ""
642
 
643
+ #: src/admin/wp-security-brute-force-menu.php:760
644
  msgid "The plugin achieves this by writing the appropriate directives to your .htaccess file."
645
  msgstr ""
646
 
647
+ #: src/admin/wp-security-brute-force-menu.php:761
648
  msgid "By allowing/blocking IP addresses via the .htaccess file your are using the most secure first line of defence because login access will only be granted to whitelisted IP addresses and other addresses will be blocked as soon as they try to access your login page."
649
  msgstr ""
650
 
651
+ #: src/admin/wp-security-brute-force-menu.php:769
652
  msgid "Attention: If in addition to enabling the white list feature, you also have one of the %s or %s features enabled, <strong>you will still need to use your secret word or special slug in the URL when trying to access your WordPress login page</strong>."
653
  msgstr ""
654
 
655
+ #: src/admin/wp-security-brute-force-menu.php:770
656
  msgid "These features are NOT functionally related. Having both of them enabled on your site means you are creating 2 layers of security."
657
  msgstr ""
658
 
659
+ #: src/admin/wp-security-brute-force-menu.php:775
660
  msgid "Login IP Whitelist Settings"
661
  msgstr ""
662
 
663
+ #: src/admin/wp-security-brute-force-menu.php:786
664
  msgid "Enable IP Whitelisting"
665
  msgstr ""
666
 
667
+ #: src/admin/wp-security-brute-force-menu.php:789, src/admin/wp-security-user-login-menu.php:402
668
  msgid "Check this if you want to enable the whitelisting of selected IP addresses specified in the settings below"
669
  msgstr ""
670
 
671
+ #: src/admin/wp-security-brute-force-menu.php:793
672
  msgid "Your Current IP Address"
673
  msgstr ""
674
 
675
+ #: src/admin/wp-security-brute-force-menu.php:796
676
  msgid "You can copy and paste this address in the text box below if you want to include it in your login whitelist."
677
  msgstr ""
678
 
679
+ #: src/admin/wp-security-brute-force-menu.php:800, src/admin/wp-security-user-login-menu.php:406
680
  msgid "Enter Whitelisted IP Addresses:"
681
  msgstr ""
682
 
683
+ #: src/admin/wp-security-brute-force-menu.php:804, src/admin/wp-security-user-login-menu.php:410
684
  msgid "Enter one or more IP addresses or IP ranges you wish to include in your whitelist."
685
  msgstr ""
686
 
687
+ #: src/admin/wp-security-brute-force-menu.php:804
688
  msgid "Only the addresses specified here will have access to the WordPress login page."
689
  msgstr ""
690
 
691
+ #: src/admin/wp-security-brute-force-menu.php:843
692
  msgid "This feature allows you to add a special hidden \"honeypot\" field on the WordPress login page. This will only be visible to robots and not humans."
693
  msgstr ""
694
 
695
+ #: src/admin/wp-security-brute-force-menu.php:844
696
  msgid "Since robots usually fill in every input field from a login form, they will also submit a value for the special hidden honeypot field."
697
  msgstr ""
698
 
699
+ #: src/admin/wp-security-brute-force-menu.php:845, src/admin/wp-security-user-registration-menu.php:279
700
  msgid "The way honeypots work is that a hidden field is placed somewhere inside a form which only robots will submit. If that field contains a value when the form is submitted then a robot has most likely submitted the form and it is consequently dealt with."
701
  msgstr ""
702
 
703
+ #: src/admin/wp-security-brute-force-menu.php:846
704
  msgid "Therefore, if the plugin detects that this field has a value when the login form is submitted, then the robot which is attempting to login to your site will be redirected to its localhost address - http://127.0.0.1."
705
  msgstr ""
706
 
707
+ #: src/admin/wp-security-brute-force-menu.php:852
708
  msgid "Login Form Honeypot Settings"
709
  msgstr ""
710
 
711
+ #: src/admin/wp-security-brute-force-menu.php:863
712
  msgid "Enable Honeypot On Login Page"
713
  msgstr ""
714
 
715
+ #: src/admin/wp-security-brute-force-menu.php:866
716
  msgid "Check this if you want to enable the honeypot feature for the login page"
717
  msgstr ""
718
 
752
  msgid "Permanently Blocked IP Addresses"
753
  msgstr ""
754
 
755
+ #: src/admin/wp-security-dashboard-menu.php:183, src/admin/wp-security-firewall-menu.php:1122, src/admin/wp-security-user-login-menu.php:482, src/admin/wp-security-user-login-menu.php:639, src/admin/wp-security-user-registration-menu.php:164
756
  msgid "Search"
757
  msgstr ""
758
 
2314
  msgid "404 Event Logs"
2315
  msgstr ""
2316
 
2317
+ #: src/admin/wp-security-firewall-menu.php:1134, src/admin/wp-security-firewall-menu.php:1143, src/admin/wp-security-user-login-menu.php:492, src/admin/wp-security-user-login-menu.php:501, src/admin/wp-security-user-login-menu.php:649, src/admin/wp-security-user-login-menu.php:658
2318
  msgid "Export to CSV"
2319
  msgstr ""
2320
 
2321
+ #: src/admin/wp-security-firewall-menu.php:1140, src/admin/wp-security-user-login-menu.php:498, src/admin/wp-security-user-login-menu.php:655
2322
  msgid "Click this button if you wish to download this log in CSV format."
2323
  msgstr ""
2324
 
3928
  msgid "Edit User"
3929
  msgstr ""
3930
 
3931
+ #: src/admin/wp-security-user-login-menu.php:31, src/admin/wp-security-user-login-menu.php:471
3932
  msgid "Failed Login Records"
3933
  msgstr ""
3934
 
3936
  msgid "Force Logout"
3937
  msgstr ""
3938
 
3939
+ #: src/admin/wp-security-user-login-menu.php:33, src/admin/wp-security-user-login-menu.php:628
3940
  msgid "Account Activity Logs"
3941
  msgstr ""
3942
 
4084
  msgid "Check this if you want to receive an email when someone has been locked out due to maximum failed login attempts"
4085
  msgstr ""
4086
 
4087
+ #: src/admin/wp-security-user-login-menu.php:357
4088
  msgid "Fill in one email address per line."
4089
  msgstr ""
4090
 
4091
+ #: src/admin/wp-security-user-login-menu.php:361
4092
  msgid "Each email address must be on a new line."
4093
  msgstr ""
4094
 
4095
+ #: src/admin/wp-security-user-login-menu.php:362
4096
  msgid "If a valid email address has not been filled in, it will not be saved."
4097
  msgstr ""
4098
 
4099
+ #: src/admin/wp-security-user-login-menu.php:363
4100
  msgid "The valid email address format is userid@example.com"
4101
  msgstr ""
4102
 
4103
+ #: src/admin/wp-security-user-login-menu.php:364
4104
  msgid "Example: %s"
4105
  msgstr ""
4106
 
4107
+ #: src/admin/wp-security-user-login-menu.php:371
4108
  msgid "Enable PHP Backtrace In Email"
4109
  msgstr ""
4110
 
4111
+ #: src/admin/wp-security-user-login-menu.php:375
4112
  msgid "Check this if you want to include the PHP backtrace in notification emails."
4113
  msgstr ""
4114
 
4115
+ #: src/admin/wp-security-user-login-menu.php:375
4116
  msgid "This is internal coding information which makes it easier to investigate where an issued occurred."
4117
  msgstr ""
4118
 
4119
+ #: src/admin/wp-security-user-login-menu.php:383
4120
  msgid "Currently Locked Out IP Address Ranges"
4121
  msgstr ""
4122
 
4123
+ #: src/admin/wp-security-user-login-menu.php:388
4124
  msgid "To see a list of all locked IP addresses and ranges go to the %s tab in the dashboard menu."
4125
  msgstr ""
4126
 
4127
+ #: src/admin/wp-security-user-login-menu.php:393
4128
  msgid "Login Lockdown IP Whitelist Settings"
4129
  msgstr ""
4130
 
4131
+ #: src/admin/wp-security-user-login-menu.php:399
4132
  msgid "Enable Login Lockdown IP Whitelist"
4133
  msgstr ""
4134
 
4135
+ #: src/admin/wp-security-user-login-menu.php:410
4136
  msgid "The addresses specified here will never be blocked by the login lockdown feature."
4137
  msgstr ""
4138
 
4139
+ #: src/admin/wp-security-user-login-menu.php:435
4140
  msgid "Nonce check failed for delete all failed login records operation!"
4141
  msgstr ""
4142
 
4143
+ #: src/admin/wp-security-user-login-menu.php:444
4144
  msgid "User Login Feature - Delete all failed login records operation failed!"
4145
  msgstr ""
4146
 
4147
+ #: src/admin/wp-security-user-login-menu.php:448
4148
  msgid "All records from the Failed Logins table were deleted successfully."
4149
  msgstr ""
4150
 
4151
+ #: src/admin/wp-security-user-login-menu.php:464
4152
  msgid "This tab displays the failed login attempts for your site."
4153
  msgstr ""
4154
 
4155
+ #: src/admin/wp-security-user-login-menu.php:465
4156
  msgid "The information below can be handy if you need to do security investigations because it will show you the IP range, username and ID (if applicable) and the time/date of the failed login attempt."
4157
  msgstr ""
4158
 
4159
+ #: src/admin/wp-security-user-login-menu.php:466
4160
  msgid "Failed login records that are older than %1$d days are purged automatically."
4161
  msgstr ""
4162
 
4163
+ #: src/admin/wp-security-user-login-menu.php:505, src/admin/wp-security-user-login-menu.php:514
4164
  msgid "Delete All Failed Login Records"
4165
  msgstr ""
4166
 
4167
+ #: src/admin/wp-security-user-login-menu.php:511
4168
  msgid "Click this button if you wish to delete all failed login records in one go."
4169
  msgstr ""
4170
 
4171
+ #: src/admin/wp-security-user-login-menu.php:539
4172
  msgid "You entered a non numeric value for the logout time period field. It has been set to the default value."
4173
  msgstr ""
4174
 
4175
+ #: src/admin/wp-security-user-login-menu.php:567
4176
  msgid "Setting an expiry period for your WP administration session is a simple way to protect against unauthorized access to your site from your computer."
4177
  msgstr ""
4178
 
4179
+ #: src/admin/wp-security-user-login-menu.php:568
4180
  msgid "This feature allows you to specify a time period in minutes after which the admin session will expire and the user will be forced to log back in."
4181
  msgstr ""
4182
 
4183
+ #: src/admin/wp-security-user-login-menu.php:573
4184
  msgid "Force User Logout Options"
4185
  msgstr ""
4186
 
4187
+ #: src/admin/wp-security-user-login-menu.php:585
4188
  msgid "Enable Force WP User Logout"
4189
  msgstr ""
4190
 
4191
+ #: src/admin/wp-security-user-login-menu.php:588
4192
  msgid "Check this if you want to force a wp user to be logged out after a configured amount of time"
4193
  msgstr ""
4194
 
4195
+ #: src/admin/wp-security-user-login-menu.php:592
4196
  msgid "Logout the WP User After XX Minutes"
4197
  msgstr ""
4198
 
4199
+ #: src/admin/wp-security-user-login-menu.php:594
4200
  msgid "(Minutes) The user will be forced to log back in after this time period has elapased."
4201
  msgstr ""
4202
 
4203
+ #: src/admin/wp-security-user-login-menu.php:622
4204
  msgid "This tab displays the activity for accounts registered with your site that have logged in using the WordPress login form."
4205
  msgstr ""
4206
 
4207
+ #: src/admin/wp-security-user-login-menu.php:623
4208
  msgid "The information below can be handy if you need to do security investigations because it will show you the last 100 recent login events by username, IP address and time/date."
4209
  msgstr ""
4210
 
4211
+ #: src/admin/wp-security-user-login-menu.php:687
4212
  msgid "Nonce check failed for users logged in list!"
4213
  msgstr ""
4214
 
4215
+ #: src/admin/wp-security-user-login-menu.php:695
4216
  msgid "Refresh Logged In User Data"
4217
  msgstr ""
4218
 
4219
+ #: src/admin/wp-security-user-login-menu.php:699
4220
  msgid "Refresh Data"
4221
  msgstr ""
4222
 
4223
+ #: src/admin/wp-security-user-login-menu.php:704
4224
  msgid "This tab displays all users who are currently logged into your site."
4225
  msgstr ""
4226
 
4227
+ #: src/admin/wp-security-user-login-menu.php:705
4228
  msgid "If you suspect there is a user or users who are logged in which should not be, you can block them by inspecting the IP addresses from the data below and adding them to your blacklist."
4229
  msgstr ""
4230
 
4231
+ #: src/admin/wp-security-user-login-menu.php:706
4232
  msgid "You can also instantly log them out by clicking on the \"Force Logout\" link when you hover over the row in the User Id column."
4233
  msgstr ""
4234
 
4235
+ #: src/admin/wp-security-user-login-menu.php:711
4236
  msgid "Currently Logged In Users"
4237
  msgstr ""
4238
 
4239
+ #: src/admin/wp-security-user-login-menu.php:759
4240
  msgid "WordPress 5.6 introduced a new feature called \"Application Passwords\"."
4241
  msgstr ""
4242
 
4243
+ #: src/admin/wp-security-user-login-menu.php:760
4244
  msgid "This allows you to create a token from the WordPress dashboard which then can be used in the authorization header."
4245
  msgstr ""
4246
 
4247
+ #: src/admin/wp-security-user-login-menu.php:761
4248
  msgid "This feature allows you to disable Application Passwords as they can leave your site vulnerable to social engineering and phishing scams."
4249
  msgstr ""
4250
 
4251
+ #: src/admin/wp-security-user-login-menu.php:767
4252
  msgid "Additonal Settings"
4253
  msgstr ""
4254
 
4255
+ #: src/admin/wp-security-user-login-menu.php:778, src/classes/grade-system/wp-security-feature-item-manager.php:106
4256
  msgid "Disable Application Password"
4257
  msgstr ""
4258
 
4259
+ #: src/admin/wp-security-user-login-menu.php:781
4260
  msgid "Check this if you want to disable the application password."
4261
  msgstr ""
4262
 
4764
  msgid "<strong>ERROR</strong>: Invalid login credentials."
4765
  msgstr ""
4766
 
4767
+ #: src/classes/wp-security-user-login.php:392
4768
  msgid "Site Lockout Notification"
4769
  msgstr ""
4770
 
4771
+ #: src/classes/wp-security-user-login.php:393
4772
  msgid "Lockdown events had occurred due to too many failed login attempts or invalid username:"
4773
  msgstr ""
4774
 
4775
+ #: src/classes/wp-security-user-login.php:396
4776
  msgid "Username:"
4777
  msgstr ""
4778
 
4779
+ #: src/classes/wp-security-user-login.php:397
4780
  msgid "IP Address:"
4781
  msgstr ""
4782
 
4783
+ #: src/classes/wp-security-user-login.php:399
4784
  msgid "IP Range:"
4785
  msgstr ""
4786
 
4787
+ #: src/classes/wp-security-user-login.php:404
4788
  msgid "Log into your site WordPress administration panel to see the duration of the lockout or to unlock the user."
4789
  msgstr ""
4790
 
4791
+ #: src/classes/wp-security-user-login.php:515
4792
  msgid "Unlock Request Notification"
4793
  msgstr ""
4794
 
4795
+ #: src/classes/wp-security-user-login.php:516
4796
  msgid "You have requested for the account with email address %s to be unlocked. Please click the link below to unlock your account:"
4797
  msgstr ""
4798
 
4799
+ #: src/classes/wp-security-user-login.php:516
4800
  msgid "Unlock link: %s"
4801
  msgstr ""
4802
 
4803
+ #: src/classes/wp-security-user-login.php:516
4804
  msgid "After clicking the above link you will be able to login to the WordPress administration panel."
4805
  msgstr ""
4806
 
4807
+ #: src/classes/wp-security-user-login.php:742
4808
  msgid "Your session has expired because it has been over %d minutes since your last login."
4809
  msgstr ""
4810
 
4811
+ #: src/classes/wp-security-user-login.php:743, src/classes/wp-security-user-login.php:747
4812
  msgid "Please log back in to continue."
4813
  msgstr ""
4814
 
4815
+ #: src/classes/wp-security-user-login.php:746
4816
  msgid "You were logged out because you just changed the \"admin\" username."
4817
  msgstr ""
4818
 
4819
+ #: src/classes/wp-security-user-login.php:776
4820
  msgid "Request Unlock"
4821
  msgstr ""
4822
 
4968
  msgid "Dismiss"
4969
  msgstr ""
4970
 
4971
+ #: src/templates/notices/cookie-based-brute-force-prevention-disabled.php:4
4972
+ msgid "Cookie based brute force login prevention currently disabled"
4973
+ msgstr ""
4974
+
4975
+ #: src/templates/notices/cookie-based-brute-force-prevention-disabled.php:6
4976
+ msgid "Cookie based brute force login prevention is currently disabled via the AIOS_DISABLE_COOKIE_BRUTE_FORCE_PREVENTION constant (which is mostly likely to be defined in your wp-config.php)"
4977
+ msgstr ""
4978
+
4979
  #: src/templates/notices/horizontal-notice.php:8, src/templates/notices/horizontal-notice.php:40
4980
  msgid "notice image"
4981
  msgstr ""
readme.txt CHANGED
@@ -5,7 +5,7 @@ Tags: security, secure, Anti Virus, antivirus, ban, ban hacker, virus, firewall,
5
  Requires PHP: 5.6
6
  Requires at least: 5.0
7
  Tested up to: 6.0
8
- Stable tag: 5.0.3
9
  License: GPLv3 or later
10
 
11
  A comprehensive, user-friendly, all in one WordPress security and firewall plugin for your site.
@@ -179,12 +179,17 @@ https://www.tipsandtricks-hq.com/wordpress-security-and-firewall-plugin
179
 
180
  == Changelog ==
181
 
 
 
 
 
 
182
  = 5.0.3 - 02/September/2022 =
183
 
184
  * FIX: An empty IP lock notification mail could be sent out after upgrading to the 5.0.0 version.
185
  * FIX: The PHP file couldn't be loaded via commandline if the rename login page is enabled.
186
  * FIX: When running WordPress from the command line, the warning Undefined index: REQUEST_METHOD was logged.
187
- * TWEAK: Import latest TFA module, loading JS less aggressively to avoid potential for conflicts
188
 
189
  = 5.0.2 - 02/September/2022 =
190
 
5
  Requires PHP: 5.6
6
  Requires at least: 5.0
7
  Tested up to: 6.0
8
+ Stable tag: 5.0.4
9
  License: GPLv3 or later
10
 
11
  A comprehensive, user-friendly, all in one WordPress security and firewall plugin for your site.
179
 
180
  == Changelog ==
181
 
182
+ = 5.0.4 - 03/September/2022 =
183
+
184
+ * FIX: PHP coding warning in latest PHP version when handling email address parameter.
185
+ * TWEAK: Added a constant, AIOS_DISABLE_COOKIE_BRUTE_FORCE_PREVENTION. Define this in your wp-config.php to disable cookie based brute force login prevention.
186
+
187
  = 5.0.3 - 02/September/2022 =
188
 
189
  * FIX: An empty IP lock notification mail could be sent out after upgrading to the 5.0.0 version.
190
  * FIX: The PHP file couldn't be loaded via commandline if the rename login page is enabled.
191
  * FIX: When running WordPress from the command line, the warning Undefined index: REQUEST_METHOD was logged.
192
+ * TWEAK: Import latest TFA module, loading JS less aggressively to avoid potential for conflicts.
193
 
194
  = 5.0.2 - 02/September/2022 =
195
 
templates/notices/cookie-based-brute-force-prevention-disabled.php ADDED
@@ -0,0 +1,8 @@
 
 
 
 
 
 
 
 
1
+ <?php if (!defined('AIO_WP_SECURITY_PATH')) die('No direct access allowed'); ?>
2
+
3
+ <div class="error">
4
+ <h3><?php _e('Cookie based brute force login prevention currently disabled', 'all-in-one-wp-security-and-firewall');?></h3>
5
+ <p>
6
+ <?php _e('Cookie based brute force login prevention is currently disabled via the AIOS_DISABLE_COOKIE_BRUTE_FORCE_PREVENTION constant (which is mostly likely to be defined in your wp-config.php)', 'all-in-one-wp-security-and-firewall'); ?>
7
+ </p>
8
+ </div>
vendor/composer/installed.php CHANGED
@@ -5,7 +5,7 @@
5
  'type' => 'project',
6
  'install_path' => __DIR__ . '/../../',
7
  'aliases' => array(),
8
- 'reference' => 'd2fe998a6cb094404bf5d34b1b8f3ce36637f290',
9
  'name' => 'updraftplus/all-in-one-wp-security-and-firewall',
10
  'dev' => false,
11
  ),
@@ -34,7 +34,7 @@
34
  'type' => 'project',
35
  'install_path' => __DIR__ . '/../../',
36
  'aliases' => array(),
37
- 'reference' => 'd2fe998a6cb094404bf5d34b1b8f3ce36637f290',
38
  'dev_requirement' => false,
39
  ),
40
  ),
5
  'type' => 'project',
6
  'install_path' => __DIR__ . '/../../',
7
  'aliases' => array(),
8
+ 'reference' => '7b30d406824e47bd613a5be289d39e9b24b4c0fd',
9
  'name' => 'updraftplus/all-in-one-wp-security-and-firewall',
10
  'dev' => false,
11
  ),
34
  'type' => 'project',
35
  'install_path' => __DIR__ . '/../../',
36
  'aliases' => array(),
37
+ 'reference' => '7b30d406824e47bd613a5be289d39e9b24b4c0fd',
38
  'dev_requirement' => false,
39
  ),
40
  ),
wp-security-core.php CHANGED
@@ -8,7 +8,7 @@ if (!class_exists('AIO_WP_Security')) {
8
 
9
  class AIO_WP_Security {
10
 
11
- public $version = '5.0.3';
12
 
13
  public $db_version = '1.9.2';
14
 
@@ -731,6 +731,19 @@ if (!class_exists('AIO_WP_Security')) {
731
  return defined('AIOWPS_DISABLE_LOGIN_LOCKDOWN') && AIOWPS_DISABLE_LOGIN_LOCKDOWN;
732
  }
733
 
 
 
 
 
 
 
 
 
 
 
 
 
 
734
  } // End of class
735
 
736
  }//End of class not exists check
8
 
9
  class AIO_WP_Security {
10
 
11
+ public $version = '5.0.4';
12
 
13
  public $db_version = '1.9.2';
14
 
731
  return defined('AIOWPS_DISABLE_LOGIN_LOCKDOWN') && AIOWPS_DISABLE_LOGIN_LOCKDOWN;
732
  }
733
 
734
+ /**
735
+ * Check whether the cookie-based brute force attack is prevented or not.
736
+ *
737
+ * @return Boolean True if the cookie-based brute force attack is prevented, otherwise false.
738
+ */
739
+ public function should_cookie_based_brute_force_prvent() {
740
+ if (defined('AIOS_DISABLE_COOKIE_BRUTE_FORCE_PREVENTION') && 'AIOS_DISABLE_COOKIE_BRUTE_FORCE_PREVENTION') {
741
+ return false;
742
+ }
743
+
744
+ return $this->configs->get_value('aiowps_enable_brute_force_attack_prevention');
745
+ }
746
+
747
  } // End of class
748
 
749
  }//End of class not exists check
wp-security.php CHANGED
@@ -2,7 +2,7 @@
2
  // @codingStandardsIgnoreStart
3
  /*
4
  Plugin Name: All In One WP Security
5
- Version: 5.0.3
6
  Plugin URI: https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/
7
  Update URI: https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/
8
  Author: All In One WP Security & Firewall Team
2
  // @codingStandardsIgnoreStart
3
  /*
4
  Plugin Name: All In One WP Security
5
+ Version: 5.0.4
6
  Plugin URI: https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/
7
  Update URI: https://wordpress.org/plugins/all-in-one-wp-security-and-firewall/
8
  Author: All In One WP Security & Firewall Team