Version Description
- New: added tweak Disable XML-RPC
- Improvement: Two factor authentication can now be force enabled by role.
- Improvement: Masking URL description.
- Fix: Compatibility with Appointments+ login when Mask Login is enabled.
- Fix: /login/ will be blocked instead of redirecting to right login URL
- Fix: new site registration email login URL will now show right Login URL instead of the original one when Mask URL is enabled.
- Fix: Accessibility issue when activating 2FA.
- Changes: Show Admin Pointer on initial Defender activation, and removing the redirect behavior.
- Other minor enhancements and fixes
Download this release
Release Info
Developer | jdailey |
Plugin | Defender Security – Malware Scanner, Login Security & Firewall |
Version | 2.0 |
Comparing to | |
See all releases |
Code changes from version 1.9.1 to 2.0
- app/controller/dashboard.php +89 -2
- app/module/advanced-tools/component/auth-api.php +36 -0
- app/module/advanced-tools/controller/main.php +16 -2
- app/module/advanced-tools/controller/mask-login.php +23 -2
- app/module/advanced-tools/js/scripts.js +11 -1
- app/module/advanced-tools/model/auth-settings.php +3 -1
- app/module/advanced-tools/view/main-free.php +17 -1
- app/module/advanced-tools/view/main.php +24 -7
- app/module/advanced-tools/view/mask-login/enabled.php +6 -6
- app/module/hardener/behavior/widget.php +3 -3
- app/module/hardener/component/disable-xml-rpc-service.php +42 -0
- app/module/hardener/component/disable-xml-rpc.php +90 -0
- app/module/hardener/model/settings.php +4 -2
- app/module/hardener/view/rules/change-admin.php +2 -2
- app/module/hardener/view/rules/db-prefix.php +2 -2
- app/module/hardener/view/rules/disable-file-editor.php +2 -2
- app/module/hardener/view/rules/disable-trackback.php +2 -2
- app/module/hardener/view/rules/disable-xml-rpc.php +54 -0
- app/module/hardener/view/rules/hide-error.php +2 -2
- app/module/hardener/view/rules/login-duration.php +5 -5
- app/module/hardener/view/rules/php-version.php +2 -2
- app/module/hardener/view/rules/prevent-php-executed.php +10 -10
- app/module/hardener/view/rules/protect-information.php +4 -4
- app/module/hardener/view/rules/security-key.php +2 -2
- app/module/hardener/view/rules/wp-version.php +2 -2
- app/module/ip-lockout/view/detect-404/enabled.php +2 -2
- app/module/ip-lockout/view/login-lockouts/enabled.php +2 -2
- app/module/ip-lockout/view/notification/enabled.php +4 -4
- app/module/ip-lockout/view/notification/report-free.php +1 -1
- app/module/ip-lockout/view/notification/report.php +2 -2
- app/module/scan/behavior/core-result.php +6 -3
- app/module/scan/component/scan-api.php +6 -2
- app/module/scan/component/token-utils.php +333 -0
- app/module/scan/js/script.js +13 -10
- assets/css/styles.css +5 -0
- assets/js/scripts.js +8 -0
- changelog.txt +30 -0
- languages/wpdef-default.pot +205 -126
- main-activator.php +1 -2
- readme.txt +15 -4
- wp-defender.php +1 -1
app/controller/dashboard.php
CHANGED
@@ -37,6 +37,93 @@ class Dashboard extends Controller {
|
|
37 |
$this->add_filter( 'wdp_register_hub_action', 'addMyEndpoint' );
|
38 |
add_filter( 'custom_menu_order', '__return_true' );
|
39 |
$this->add_filter( 'menu_order', 'menuOrder' );
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
40 |
}
|
41 |
|
42 |
public function skipActivator() {
|
@@ -323,7 +410,7 @@ class Dashboard extends Controller {
|
|
323 |
$cap = is_multisite() ? 'manage_network_options' : 'manage_options';
|
324 |
$menu_title = wp_defender()->isFree ? esc_html__( "Defender", "defender-security" ) : esc_html__( "Defender Pro", "defender-security" );
|
325 |
//$menu_title = sprintf( $menu_title, $indicator );
|
326 |
-
add_menu_page(
|
327 |
&$this,
|
328 |
'actionIndex'
|
329 |
), $this->get_menu_icon() );
|
@@ -381,4 +468,4 @@ class Dashboard extends Controller {
|
|
381 |
'at' => '\WP_Defender\Module\Advanced_Tools\Behavior\AT_Widget'
|
382 |
);
|
383 |
}
|
384 |
-
}
|
37 |
$this->add_filter( 'wdp_register_hub_action', 'addMyEndpoint' );
|
38 |
add_filter( 'custom_menu_order', '__return_true' );
|
39 |
$this->add_filter( 'menu_order', 'menuOrder' );
|
40 |
+
// Add pointer script.
|
41 |
+
$this->add_action( 'admin_enqueue_scripts', 'admin_pointers_header' );
|
42 |
+
}
|
43 |
+
|
44 |
+
/**
|
45 |
+
* Pointer header.
|
46 |
+
*/
|
47 |
+
public function admin_pointers_header() {
|
48 |
+
if ( $this->admin_pointers_check() ) {
|
49 |
+
$this->add_action( 'admin_print_footer_scripts', 'admin_pointers_footer' );
|
50 |
+
wp_enqueue_script( 'wp-pointer' );
|
51 |
+
wp_enqueue_style( 'wp-pointer' );
|
52 |
+
}
|
53 |
+
}
|
54 |
+
|
55 |
+
/**
|
56 |
+
* Admin pointers check.
|
57 |
+
*/
|
58 |
+
function admin_pointers_check() {
|
59 |
+
$currentScreen = get_current_screen();
|
60 |
+
if ( strpos( $currentScreen->id, 'defender' ) !== false ) {
|
61 |
+
return;
|
62 |
+
}
|
63 |
+
$admin_pointers = $this->admin_pointers();
|
64 |
+
foreach ( $admin_pointers as $pointer => $array ) {
|
65 |
+
if ( $array['active'] ) {
|
66 |
+
return true;
|
67 |
+
}
|
68 |
+
}
|
69 |
+
}
|
70 |
+
|
71 |
+
/**
|
72 |
+
* Pointer scripts.
|
73 |
+
*/
|
74 |
+
function admin_pointers_footer() {
|
75 |
+
$admin_pointers = $this->admin_pointers();
|
76 |
+
?>
|
77 |
+
<script type="text/javascript">
|
78 |
+
/* <![CDATA[ */
|
79 |
+
(function ($) {
|
80 |
+
<?php
|
81 |
+
foreach ( $admin_pointers as $pointer => $array ) {
|
82 |
+
if ( $array['active'] ) {
|
83 |
+
?>
|
84 |
+
$('<?php echo $array['anchor_id']; ?>').pointer({
|
85 |
+
content: '<?php echo $array['content']; ?>',
|
86 |
+
position: {
|
87 |
+
edge: '<?php echo $array['edge']; ?>',
|
88 |
+
align: '<?php echo $array['align']; ?>'
|
89 |
+
},
|
90 |
+
close: function () {
|
91 |
+
$.post(ajaxurl, {
|
92 |
+
pointer: '<?php echo $pointer; ?>',
|
93 |
+
action: 'dismiss-wp-pointer'
|
94 |
+
});
|
95 |
+
}
|
96 |
+
}).pointer('open');
|
97 |
+
<?php
|
98 |
+
}
|
99 |
+
}
|
100 |
+
?>
|
101 |
+
})(jQuery);
|
102 |
+
/* ]]> */
|
103 |
+
</script>
|
104 |
+
<?php
|
105 |
+
}
|
106 |
+
|
107 |
+
/**
|
108 |
+
* Admin pointers.
|
109 |
+
*/
|
110 |
+
function admin_pointers() {
|
111 |
+
$dismissed = explode( ',', (string) get_user_meta( get_current_user_id(), 'dismissed_wp_pointers', true ) );
|
112 |
+
$version = \str_replace( '.', '_', wp_defender()->version );
|
113 |
+
$prefix = 'defneder_admin_pointers' . $version . '_' . ( wp_defender()->isFree ? '_free' : null );
|
114 |
+
|
115 |
+
$new_pointer_content = '<h3>' . __( 'Get Secure', "defender-security" ) . '</h3>';
|
116 |
+
$new_pointer_content .= '<p>' . __( 'Enable security tweaks, activate monitoring and start protecting your login are and files here.', "defender-security" ) . '</p>';
|
117 |
+
|
118 |
+
return array(
|
119 |
+
$prefix . 'menu' => array(
|
120 |
+
'content' => $new_pointer_content,
|
121 |
+
'anchor_id' => '#toplevel_page_wp-defender',
|
122 |
+
'edge' => 'top',
|
123 |
+
'align' => 'left',
|
124 |
+
'active' => ( ! in_array( $prefix . 'menu', $dismissed ) ),
|
125 |
+
),
|
126 |
+
);
|
127 |
}
|
128 |
|
129 |
public function skipActivator() {
|
410 |
$cap = is_multisite() ? 'manage_network_options' : 'manage_options';
|
411 |
$menu_title = wp_defender()->isFree ? esc_html__( "Defender", "defender-security" ) : esc_html__( "Defender Pro", "defender-security" );
|
412 |
//$menu_title = sprintf( $menu_title, $indicator );
|
413 |
+
add_menu_page( $menu_title, $menu_title, $cap, 'wp-defender', array(
|
414 |
&$this,
|
415 |
'actionIndex'
|
416 |
), $this->get_menu_icon() );
|
468 |
'at' => '\WP_Defender\Module\Advanced_Tools\Behavior\AT_Widget'
|
469 |
);
|
470 |
}
|
471 |
+
}
|
app/module/advanced-tools/component/auth-api.php
CHANGED
@@ -175,6 +175,42 @@ class Auth_API extends Component {
|
|
175 |
}
|
176 |
}
|
177 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
178 |
/**
|
179 |
* @return bool|mixed|string
|
180 |
*/
|
175 |
}
|
176 |
}
|
177 |
|
178 |
+
/**
|
179 |
+
* @param null $user
|
180 |
+
*
|
181 |
+
* @return bool
|
182 |
+
*/
|
183 |
+
public static function isForcedRole( $user = null ) {
|
184 |
+
if ( $user == null ) {
|
185 |
+
$user = wp_get_current_user();
|
186 |
+
}
|
187 |
+
if ( ! $user instanceof \WP_User ) {
|
188 |
+
return false;
|
189 |
+
}
|
190 |
+
$settings = Auth_Settings::instance();
|
191 |
+
if ( 0 === count( $user->roles ) ) {
|
192 |
+
//this mean user just added but have no roles, we dnt force them
|
193 |
+
return false;
|
194 |
+
}
|
195 |
+
|
196 |
+
if ( Utils::instance()->isActivatedSingle() ) {
|
197 |
+
$isForced = array_intersect( $settings->forceAuthRoles, $user->roles );
|
198 |
+
|
199 |
+
return count( $isForced ) > 0;
|
200 |
+
} else {
|
201 |
+
$blogs = get_blogs_of_user( $user->ID );
|
202 |
+
$userRoles = array();
|
203 |
+
foreach ( $blogs as $blog ) {
|
204 |
+
//get user roles for this blog
|
205 |
+
$u = new \WP_User( $user->ID, '', $blog->userblog_id );
|
206 |
+
$userRoles = array_merge( $u->roles, $userRoles );
|
207 |
+
}
|
208 |
+
$isForced = array_intersect( $settings->forceAuthRoles, $userRoles );
|
209 |
+
|
210 |
+
return count( $isForced ) > 0;
|
211 |
+
}
|
212 |
+
}
|
213 |
+
|
214 |
/**
|
215 |
* @return bool|mixed|string
|
216 |
*/
|
app/module/advanced-tools/controller/main.php
CHANGED
@@ -100,10 +100,17 @@ class Main extends Controller {
|
|
100 |
if ( ! Auth_API::isEnableForCurrentRole( $user ) ) {
|
101 |
return;
|
102 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
103 |
//user already enable OTP
|
104 |
if ( Auth_API::isUserEnableOTP( $user->ID ) ) {
|
105 |
return;
|
106 |
}
|
|
|
107 |
$screen = get_current_screen();
|
108 |
if ( $screen->id != 'profile' ) {
|
109 |
wp_redirect( admin_url( 'profile.php' ) . '#show2AuthActivator' );
|
@@ -546,6 +553,10 @@ class Main extends Controller {
|
|
546 |
if ( ! isset( $data['userRoles'] ) ) {
|
547 |
$data['userRoles'] = array();
|
548 |
}
|
|
|
|
|
|
|
|
|
549 |
$setting = Auth_Settings::instance();
|
550 |
$setting->import( $data );
|
551 |
$setting->save();
|
@@ -649,18 +660,21 @@ class Main extends Controller {
|
|
649 |
|
650 |
/**
|
651 |
* Replace email variables.
|
|
|
652 |
* @param string $content Content to replace.
|
653 |
-
* @param array
|
|
|
654 |
* @return string
|
655 |
*/
|
656 |
public function replace_email_vars( $content, $values ) {
|
657 |
$content = apply_filters( 'the_content', $content );
|
658 |
-
$tags
|
659 |
foreach ( $tags as $key => $tag ) {
|
660 |
$upper_tag = strtoupper( $tag );
|
661 |
$content = str_replace( '{{' . $upper_tag . '}}', $values[ $tag ], $content );
|
662 |
$content = str_replace( '{{' . $tag . '}}', $values[ $tag ], $content );
|
663 |
}
|
|
|
664 |
return $content;
|
665 |
}
|
666 |
}
|
100 |
if ( ! Auth_API::isEnableForCurrentRole( $user ) ) {
|
101 |
return;
|
102 |
}
|
103 |
+
|
104 |
+
//check if this role is forced
|
105 |
+
if ( ! Auth_API::isForcedRole( $user ) ) {
|
106 |
+
return;
|
107 |
+
}
|
108 |
+
|
109 |
//user already enable OTP
|
110 |
if ( Auth_API::isUserEnableOTP( $user->ID ) ) {
|
111 |
return;
|
112 |
}
|
113 |
+
|
114 |
$screen = get_current_screen();
|
115 |
if ( $screen->id != 'profile' ) {
|
116 |
wp_redirect( admin_url( 'profile.php' ) . '#show2AuthActivator' );
|
553 |
if ( ! isset( $data['userRoles'] ) ) {
|
554 |
$data['userRoles'] = array();
|
555 |
}
|
556 |
+
if ( ! isset( $data['forceAuthRoles'] ) ) {
|
557 |
+
$data['forceAuthRoles'] = array();
|
558 |
+
}
|
559 |
+
|
560 |
$setting = Auth_Settings::instance();
|
561 |
$setting->import( $data );
|
562 |
$setting->save();
|
660 |
|
661 |
/**
|
662 |
* Replace email variables.
|
663 |
+
*
|
664 |
* @param string $content Content to replace.
|
665 |
+
* @param array $values Variables values.
|
666 |
+
*
|
667 |
* @return string
|
668 |
*/
|
669 |
public function replace_email_vars( $content, $values ) {
|
670 |
$content = apply_filters( 'the_content', $content );
|
671 |
+
$tags = array( 'display_name', 'passcode' );
|
672 |
foreach ( $tags as $key => $tag ) {
|
673 |
$upper_tag = strtoupper( $tag );
|
674 |
$content = str_replace( '{{' . $upper_tag . '}}', $values[ $tag ], $content );
|
675 |
$content = str_replace( '{{' . $tag . '}}', $values[ $tag ], $content );
|
676 |
}
|
677 |
+
|
678 |
return $content;
|
679 |
}
|
680 |
}
|
app/module/advanced-tools/controller/mask-login.php
CHANGED
@@ -44,6 +44,11 @@ class Mask_Login extends Controller {
|
|
44 |
// $this->add_filter( 'network_admin_url', 'filterAdminUrl', 9999, 2 );
|
45 |
// $this->add_filter( 'admin_url', 'filterAdminUrl', 9999, 2 );
|
46 |
remove_action( 'template_redirect', 'wp_redirect_admin_locations' );
|
|
|
|
|
|
|
|
|
|
|
47 |
} else {
|
48 |
if ( $isJetpackSSO ) {
|
49 |
wp_defender()->global['compatibility'][] = __( "We’ve detected a conflict with Jetpack’s Wordpress.com Log In feature. Please disable it and return to this page to continue setup.", "defender-security" );
|
@@ -67,12 +72,29 @@ class Mask_Login extends Controller {
|
|
67 |
} elseif ( substr( $requestPath, 0, 9 ) == '/wp-admin' ) {
|
68 |
//this one try to login to wp-admin, redirect or lock it
|
69 |
$this->_handleRequestToAdmin();
|
70 |
-
} elseif ( $requestPath == '/wp-login.php' ) {
|
71 |
//this one want to login, redirect or lock
|
72 |
$this->_handleRequestToLoginPage();
|
73 |
}
|
74 |
}
|
75 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
76 |
/**
|
77 |
* @param $url
|
78 |
* @param $path
|
@@ -246,7 +268,6 @@ class Mask_Login extends Controller {
|
|
246 |
}
|
247 |
$setting->import( $data );
|
248 |
$setting->save();
|
249 |
-
|
250 |
$res = array(
|
251 |
'message' => __( "Your settings have been updated.", "defender-security" )
|
252 |
);
|
44 |
// $this->add_filter( 'network_admin_url', 'filterAdminUrl', 9999, 2 );
|
45 |
// $this->add_filter( 'admin_url', 'filterAdminUrl', 9999, 2 );
|
46 |
remove_action( 'template_redirect', 'wp_redirect_admin_locations' );
|
47 |
+
//if prosite is activate and useremail is not defined, we need to update the
|
48 |
+
//email to match the new login URL
|
49 |
+
if ( is_plugin_active_for_network( 'pro-sites/pro-sites.php' ) ) {
|
50 |
+
$this->add_filter( 'update_welcome_email', 'updateWelcomeEmailPrositeCase', 10, 6 );
|
51 |
+
}
|
52 |
} else {
|
53 |
if ( $isJetpackSSO ) {
|
54 |
wp_defender()->global['compatibility'][] = __( "We’ve detected a conflict with Jetpack’s Wordpress.com Log In feature. Please disable it and return to this page to continue setup.", "defender-security" );
|
72 |
} elseif ( substr( $requestPath, 0, 9 ) == '/wp-admin' ) {
|
73 |
//this one try to login to wp-admin, redirect or lock it
|
74 |
$this->_handleRequestToAdmin();
|
75 |
+
} elseif ( $requestPath == '/wp-login.php' || $requestPath == '/login' ) {
|
76 |
//this one want to login, redirect or lock
|
77 |
$this->_handleRequestToLoginPage();
|
78 |
}
|
79 |
}
|
80 |
|
81 |
+
/**
|
82 |
+
* @param $welcome_email
|
83 |
+
* @param $blog_id
|
84 |
+
* @param $user_id
|
85 |
+
* @param $password
|
86 |
+
* @param $title
|
87 |
+
* @param $meta
|
88 |
+
*
|
89 |
+
* @return mixed
|
90 |
+
*/
|
91 |
+
public function updateWelcomeEmailPrositeCase( $welcome_email, $blog_id, $user_id, $password, $title, $meta ) {
|
92 |
+
$url = get_blogaddress_by_id( $blog_id );
|
93 |
+
$welcome_email = str_replace( $url . 'wp-login.php', Mask_Api::getNewLoginUrl( rtrim( '/', $url ) ), $welcome_email );
|
94 |
+
|
95 |
+
return $welcome_email;
|
96 |
+
}
|
97 |
+
|
98 |
/**
|
99 |
* @param $url
|
100 |
* @param $path
|
268 |
}
|
269 |
$setting->import( $data );
|
270 |
$setting->save();
|
|
|
271 |
$res = array(
|
272 |
'message' => __( "Your settings have been updated.", "defender-security" )
|
273 |
);
|
app/module/advanced-tools/js/scripts.js
CHANGED
@@ -28,6 +28,16 @@ jQuery(function ($) {
|
|
28 |
$(this).closest('.column').find('.well').addClass('is-hidden')
|
29 |
}
|
30 |
});
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
31 |
$('body').on('change', '#customGraphic', function (e) {
|
32 |
if ($(this).prop('checked') == true) {
|
33 |
$(this).closest('.column').find('.well').removeClass('is-hidden')
|
@@ -155,4 +165,4 @@ Adtools.formHandler = function () {
|
|
155 |
})
|
156 |
return false;
|
157 |
})
|
158 |
-
}
|
28 |
$(this).closest('.column').find('.well').addClass('is-hidden')
|
29 |
}
|
30 |
});
|
31 |
+
|
32 |
+
$('body').on('change', '.toggle-checkbox', function (e) {
|
33 |
+
console.log( $(this).attr('id') );
|
34 |
+
if ($(this).prop('checked') == true) {
|
35 |
+
$('label[for="'+$(this).attr('id')+'"]').attr('aria-checked',true);
|
36 |
+
} else {
|
37 |
+
$('label[for="'+$(this).attr('id')+'"]').attr('aria-checked',false);
|
38 |
+
}
|
39 |
+
});
|
40 |
+
|
41 |
$('body').on('change', '#customGraphic', function (e) {
|
42 |
if ($(this).prop('checked') == true) {
|
43 |
$(this).closest('.column').find('.well').removeClass('is-hidden')
|
165 |
})
|
166 |
return false;
|
167 |
})
|
168 |
+
}
|
app/module/advanced-tools/model/auth-settings.php
CHANGED
@@ -15,6 +15,7 @@ class Auth_Settings extends \Hammer\WP\Settings {
|
|
15 |
public $forceAuth = false;
|
16 |
public $forceAuthMess = "You are required to setup two-factor authentication to use this site.";
|
17 |
public $userRoles = array();
|
|
|
18 |
public $customGraphic = 0;
|
19 |
public $customGraphicURL = '';
|
20 |
public $isConflict = array();
|
@@ -112,6 +113,7 @@ Copy and paste the passcode into the input field on the login screen to complete
|
|
112 |
|
113 |
Regards,
|
114 |
Administrator';
|
115 |
-
|
|
|
116 |
}
|
117 |
}
|
15 |
public $forceAuth = false;
|
16 |
public $forceAuthMess = "You are required to setup two-factor authentication to use this site.";
|
17 |
public $userRoles = array();
|
18 |
+
public $forceAuthRoles = array();
|
19 |
public $customGraphic = 0;
|
20 |
public $customGraphicURL = '';
|
21 |
public $isConflict = array();
|
113 |
|
114 |
Regards,
|
115 |
Administrator';
|
116 |
+
|
117 |
+
return $content;
|
118 |
}
|
119 |
}
|
app/module/advanced-tools/view/main-free.php
CHANGED
@@ -58,7 +58,9 @@
|
|
58 |
<li>
|
59 |
<div>
|
60 |
<span class="list-label">
|
61 |
-
<?php echo $
|
|
|
|
|
62 |
</span>
|
63 |
<div class="list-detail">
|
64 |
<span class="toggle">
|
@@ -111,6 +113,20 @@
|
|
111 |
<span><?php _e( "Force users to log in with two-factor authentication", "defender-security" ) ?></span>
|
112 |
<span class="form-help"><?php _e( "Note: Users will be forced to set up two-factor when they next login.", "defender-security" ) ?></span>
|
113 |
<div class="well well-white <?php echo $settings->forceAuth == false ? 'is-hidden' : null ?>">
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
114 |
<p>
|
115 |
<span class="form-help"><strong><?php _e( "Custom warning message", "defender-security" ) ?></strong></span>
|
116 |
</p>
|
58 |
<li>
|
59 |
<div>
|
60 |
<span class="list-label">
|
61 |
+
<label for="toggle_<?php echo esc_attr( $role ) ?>_role" role="checkbox" aria-checked="<?php echo in_array( $role, $enabledRoles ) ? 'true' : 'false' ?>">
|
62 |
+
<?php echo $detail['name'] ?>
|
63 |
+
</label>
|
64 |
</span>
|
65 |
<div class="list-detail">
|
66 |
<span class="toggle">
|
113 |
<span><?php _e( "Force users to log in with two-factor authentication", "defender-security" ) ?></span>
|
114 |
<span class="form-help"><?php _e( "Note: Users will be forced to set up two-factor when they next login.", "defender-security" ) ?></span>
|
115 |
<div class="well well-white <?php echo $settings->forceAuth == false ? 'is-hidden' : null ?>">
|
116 |
+
<p>
|
117 |
+
<span class="form-help"><strong><?php _e( "User Roles", "defender-security" ) ?></strong></span>
|
118 |
+
</p>
|
119 |
+
<ul>
|
120 |
+
<?php
|
121 |
+
$forceAuthRoles = $settings->forceAuthRoles;
|
122 |
+
foreach ( $allRoles as $role => $detail ):
|
123 |
+
?>
|
124 |
+
<li>
|
125 |
+
<input id="forceAuth<?php echo esc_attr($role) ?>" type="checkbox" name="forceAuthRoles[]" value="<?php echo esc_attr( $role ) ?>" <?php echo in_array( $role, $forceAuthRoles ) ? 'checked="checked"' : null ?> />
|
126 |
+
<label for="forceAuth<?php echo esc_attr($role) ?>"><?php echo $detail['name'] ?></label>
|
127 |
+
</li>
|
128 |
+
<?php endforeach; ?>
|
129 |
+
</ul>
|
130 |
<p>
|
131 |
<span class="form-help"><strong><?php _e( "Custom warning message", "defender-security" ) ?></strong></span>
|
132 |
</p>
|
app/module/advanced-tools/view/main.php
CHANGED
@@ -58,7 +58,9 @@
|
|
58 |
<li>
|
59 |
<div>
|
60 |
<span class="list-label">
|
61 |
-
<?php echo $
|
|
|
|
|
62 |
</span>
|
63 |
<div class="list-detail">
|
64 |
<span class="toggle">
|
@@ -111,6 +113,20 @@
|
|
111 |
<span><?php _e( "Force users to log in with two-factor authentication", "defender-security" ) ?></span>
|
112 |
<span class="form-help"><?php _e( "Note: Users will be forced to set up two-factor when they next login.", "defender-security" ) ?></span>
|
113 |
<div class="well well-white <?php echo $settings->forceAuth == false ? 'is-hidden' : null ?>">
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
114 |
<p>
|
115 |
<span class="form-help"><strong><?php _e( "Custom warning message", "defender-security" ) ?></strong></span>
|
116 |
</p>
|
@@ -160,13 +176,14 @@
|
|
160 |
</span>
|
161 |
</div>
|
162 |
<div class="column">
|
163 |
-
|
164 |
-
|
165 |
-
|
|
|
|
|
|
|
|
|
166 |
</div>
|
167 |
-
<div class="line"><?php _e( 'Lost phone one time password', "defender-security" );?></div>
|
168 |
-
<span class="pull-right"><span class="span-icon icon-edit change-one-time-pass-email" tooltip="Edit"></span></span>
|
169 |
-
</div>
|
170 |
</div>
|
171 |
</div>
|
172 |
<div class="columns">
|
58 |
<li>
|
59 |
<div>
|
60 |
<span class="list-label">
|
61 |
+
<label for="toggle_<?php echo esc_attr( $role ) ?>_role" role="checkbox" aria-checked="<?php echo in_array( $role, $enabledRoles ) ? 'true' : 'false' ?>">
|
62 |
+
<?php echo $detail['name'] ?>
|
63 |
+
</label>
|
64 |
</span>
|
65 |
<div class="list-detail">
|
66 |
<span class="toggle">
|
113 |
<span><?php _e( "Force users to log in with two-factor authentication", "defender-security" ) ?></span>
|
114 |
<span class="form-help"><?php _e( "Note: Users will be forced to set up two-factor when they next login.", "defender-security" ) ?></span>
|
115 |
<div class="well well-white <?php echo $settings->forceAuth == false ? 'is-hidden' : null ?>">
|
116 |
+
<p>
|
117 |
+
<span class="form-help"><strong><?php _e( "User Roles", "defender-security" ) ?></strong></span>
|
118 |
+
</p>
|
119 |
+
<ul>
|
120 |
+
<?php
|
121 |
+
$forceAuthRoles = $settings->forceAuthRoles;
|
122 |
+
foreach ( $allRoles as $role => $detail ):
|
123 |
+
?>
|
124 |
+
<li>
|
125 |
+
<input id="forceAuth<?php echo esc_attr($role) ?>" type="checkbox" name="forceAuthRoles[]" value="<?php echo esc_attr( $role ) ?>" <?php echo in_array( $role, $forceAuthRoles ) ? 'checked="checked"' : null ?> />
|
126 |
+
<label for="forceAuth<?php echo esc_attr($role) ?>"><?php echo $detail['name'] ?></label>
|
127 |
+
</li>
|
128 |
+
<?php endforeach; ?>
|
129 |
+
</ul>
|
130 |
<p>
|
131 |
<span class="form-help"><strong><?php _e( "Custom warning message", "defender-security" ) ?></strong></span>
|
132 |
</p>
|
176 |
</span>
|
177 |
</div>
|
178 |
<div class="column">
|
179 |
+
<div class="well well-white">
|
180 |
+
<div class="box-title">
|
181 |
+
<strong><?php _e( 'Email', "defender-security" ); ?></strong>
|
182 |
+
</div>
|
183 |
+
<div class="line"><?php _e( 'Lost phone one time password', "defender-security" ); ?></div>
|
184 |
+
<span class="pull-right"><span class="span-icon icon-edit change-one-time-pass-email"
|
185 |
+
tooltip="Edit"></span></span>
|
186 |
</div>
|
|
|
|
|
|
|
187 |
</div>
|
188 |
</div>
|
189 |
<div class="columns">
|
app/module/advanced-tools/view/mask-login/enabled.php
CHANGED
@@ -30,16 +30,16 @@
|
|
30 |
<?php wp_nonce_field( 'saveATMaskLoginSettings' ) ?>
|
31 |
<div class="columns">
|
32 |
<div class="column is-one-third">
|
33 |
-
<label><?php _e( "Masking
|
34 |
<span class="sub">
|
35 |
-
<?php _e(
|
36 |
</span>
|
37 |
</div>
|
38 |
<div class="column">
|
39 |
-
<span class="form-help"><?php _e( "You can
|
40 |
-
<span class="form-help"><strong><?php _e(
|
41 |
-
<input type="text" class="tl block" name="maskUrl" value="<?php echo $settings->maskUrl ?>"/>
|
42 |
-
<span class="form-help-s"><?php printf( __( "Users will login at <strong>%s</strong
|
43 |
</div>
|
44 |
</div>
|
45 |
<div class="columns">
|
30 |
<?php wp_nonce_field( 'saveATMaskLoginSettings' ) ?>
|
31 |
<div class="columns">
|
32 |
<div class="column is-one-third">
|
33 |
+
<label><?php _e( "Masking URL", "defender-security" ) ?></label>
|
34 |
<span class="sub">
|
35 |
+
<?php _e( 'Choose a new slug where users of your website will now login instead of visiting /wp-login.', "defender-security" ) ?>
|
36 |
</span>
|
37 |
</div>
|
38 |
<div class="column">
|
39 |
+
<span class="form-help"><?php _e( "You can choose any slug you like using alphanumeric characters and '-'s only. For security reasons, less obvious slugs are recommended as they are harder for bots to guess.", "defender-security" ) ?></span>
|
40 |
+
<span class="form-help"><strong><?php _e( 'New Login Slug', "defender-security" ) ?></strong></span>
|
41 |
+
<input type="text" class="tl block" name="maskUrl" value="<?php echo $settings->maskUrl ?>" placeholder="<?php _e( 'I.e. dashboard', "defender-security" ); ?>"/>
|
42 |
+
<span class="form-help-s"><?php printf( __( "Users will login at <strong>%s</strong>. Note: Registration and Password Reset emails have hardcoded URLs in them. We will update them automatically to match your new login URL.", "defender-security" ), get_site_url() . '/' . $settings->maskUrl ) ?></span>
|
43 |
</div>
|
44 |
</div>
|
45 |
<div class="columns">
|
app/module/hardener/behavior/widget.php
CHANGED
@@ -17,10 +17,10 @@ class Widget extends Behavior {
|
|
17 |
<div class="box-title">
|
18 |
<span class="span-icon hardener-icon" aria-hidden="true"></span>
|
19 |
<h3><?php _e( "Security Tweaks", "defender-security" ) ?>
|
20 |
-
<?php
|
21 |
$hardener_issues = count( Settings::instance()->issues );
|
22 |
if ( $hardener_issues ): ?>
|
23 |
-
<span class="def-tag tag-yellow"
|
24 |
tooltip="<?php esc_attr_e( sprintf( __('You have %d security tweak(s) needing attention.', "defender-security" ), $hardener_issues ) ); ?>">
|
25 |
<?php
|
26 |
echo $hardener_issues ?>
|
@@ -75,4 +75,4 @@ class Widget extends Behavior {
|
|
75 |
private function _render() {
|
76 |
|
77 |
}
|
78 |
-
}
|
17 |
<div class="box-title">
|
18 |
<span class="span-icon hardener-icon" aria-hidden="true"></span>
|
19 |
<h3><?php _e( "Security Tweaks", "defender-security" ) ?>
|
20 |
+
<?php
|
21 |
$hardener_issues = count( Settings::instance()->issues );
|
22 |
if ( $hardener_issues ): ?>
|
23 |
+
<span class="def-tag tag-yellow"
|
24 |
tooltip="<?php esc_attr_e( sprintf( __('You have %d security tweak(s) needing attention.', "defender-security" ), $hardener_issues ) ); ?>">
|
25 |
<?php
|
26 |
echo $hardener_issues ?>
|
75 |
private function _render() {
|
76 |
|
77 |
}
|
78 |
+
}
|
app/module/hardener/component/disable-xml-rpc-service.php
ADDED
@@ -0,0 +1,42 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* Author: Hoang Ngo
|
4 |
+
*/
|
5 |
+
|
6 |
+
namespace WP_Defender\Module\Hardener\Component;
|
7 |
+
|
8 |
+
use Hammer\Base\Container;
|
9 |
+
use Hammer\Helper\WP_Helper;
|
10 |
+
use WP_Defender\Module\Hardener\IRule_Service;
|
11 |
+
use WP_Defender\Module\Hardener\Model\Settings;
|
12 |
+
use WP_Defender\Module\Hardener\Rule_Service;
|
13 |
+
|
14 |
+
class Disable_Xml_Rpc_Service extends Rule_Service implements IRule_Service {
|
15 |
+
const CACHE_KEY = 'disable_xml_rpc';
|
16 |
+
|
17 |
+
/**
|
18 |
+
* @return bool
|
19 |
+
*/
|
20 |
+
public function process() {
|
21 |
+
//first need to cache the status
|
22 |
+
Settings::instance()->setDValues( self::CACHE_KEY, 1 );
|
23 |
+
return true;
|
24 |
+
}
|
25 |
+
|
26 |
+
/**
|
27 |
+
* @return bool
|
28 |
+
*/
|
29 |
+
public function revert() {
|
30 |
+
Settings::instance()->setDValues( self::CACHE_KEY, 0 );
|
31 |
+
return true;
|
32 |
+
}
|
33 |
+
|
34 |
+
/**
|
35 |
+
* @return mixed
|
36 |
+
*/
|
37 |
+
public function check() {
|
38 |
+
$key = Settings::instance()->getDValues( self::CACHE_KEY );
|
39 |
+
|
40 |
+
return $key == 1;
|
41 |
+
}
|
42 |
+
}
|
app/module/hardener/component/disable-xml-rpc.php
ADDED
@@ -0,0 +1,90 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* Author: Hoang Ngo
|
4 |
+
*/
|
5 |
+
|
6 |
+
namespace WP_Defender\Module\Hardener\Component;
|
7 |
+
|
8 |
+
use Hammer\Helper\HTTP_Helper;
|
9 |
+
use WP_Defender\Module\Hardener\Model\Settings;
|
10 |
+
use WP_Defender\Module\Hardener\Rule;
|
11 |
+
|
12 |
+
class Disable_Xml_Rpc extends Rule {
|
13 |
+
static $slug = 'disable_xml_rpc';
|
14 |
+
static $service;
|
15 |
+
|
16 |
+
function getDescription() {
|
17 |
+
$this->renderPartial( 'rules/disable-xml-rpc' );
|
18 |
+
}
|
19 |
+
|
20 |
+
/**
|
21 |
+
* @return bool
|
22 |
+
*/
|
23 |
+
function check() {
|
24 |
+
return $this->getService()->check();
|
25 |
+
}
|
26 |
+
|
27 |
+
public function getTitle() {
|
28 |
+
return __( "Disable XML RPC", "defender-security" );
|
29 |
+
}
|
30 |
+
|
31 |
+
function addHooks() {
|
32 |
+
$this->add_action( 'processingHardener' . self::$slug, 'process' );
|
33 |
+
$this->add_action( 'processRevert' . self::$slug, 'revert' );
|
34 |
+
if ( in_array( self::$slug, Settings::instance()->fixed ) ) {
|
35 |
+
$this->add_filter( 'xmlrpc_enabled', 'return_false' );
|
36 |
+
$this->add_filter( 'xmlrpc_methods', 'block_xmlrpc_attacks' );
|
37 |
+
}
|
38 |
+
}
|
39 |
+
|
40 |
+
function return_false() {
|
41 |
+
return false;
|
42 |
+
}
|
43 |
+
|
44 |
+
function block_xmlrpc_attacks( $methods ) {
|
45 |
+
unset( $methods['pingback.ping'] );
|
46 |
+
unset( $methods['pingback.extensions.getPingbacks'] );
|
47 |
+
return $methods;
|
48 |
+
}
|
49 |
+
|
50 |
+
function revert() {
|
51 |
+
if ( ! $this->verifyNonce() ) {
|
52 |
+
return;
|
53 |
+
}
|
54 |
+
|
55 |
+
$ret = $this->getService()->revert();
|
56 |
+
if ( ! is_wp_error( $ret ) ) {
|
57 |
+
Settings::instance()->addToIssues( self::$slug );
|
58 |
+
} else {
|
59 |
+
wp_send_json_error( array(
|
60 |
+
'message' => $ret->get_error_message()
|
61 |
+
) );
|
62 |
+
}
|
63 |
+
}
|
64 |
+
|
65 |
+
function process() {
|
66 |
+
if ( ! $this->verifyNonce() ) {
|
67 |
+
return;
|
68 |
+
}
|
69 |
+
|
70 |
+
$ret = $this->getService()->process();
|
71 |
+
if ( ! is_wp_error( $ret ) ) {
|
72 |
+
Settings::instance()->addToResolved( self::$slug );
|
73 |
+
} else {
|
74 |
+
wp_send_json_error( array(
|
75 |
+
'message' => $ret->get_error_message()
|
76 |
+
) );
|
77 |
+
}
|
78 |
+
}
|
79 |
+
|
80 |
+
/**
|
81 |
+
* @return Disable_Trackback_Service
|
82 |
+
*/
|
83 |
+
public function getService() {
|
84 |
+
if ( self::$service == null ) {
|
85 |
+
self::$service = new Disable_Trackback_Service();
|
86 |
+
}
|
87 |
+
|
88 |
+
return self::$service;
|
89 |
+
}
|
90 |
+
}
|
app/module/hardener/model/settings.php
CHANGED
@@ -11,6 +11,7 @@ use WP_Defender\Module\Hardener\Component\Change_Admin;
|
|
11 |
use WP_Defender\Module\Hardener\Component\DB_Prefix;
|
12 |
use WP_Defender\Module\Hardener\Component\Disable_File_Editor;
|
13 |
use WP_Defender\Module\Hardener\Component\Disable_Trackback;
|
|
|
14 |
use WP_Defender\Module\Hardener\Component\Hide_Error;
|
15 |
use WP_Defender\Module\Hardener\Component\Login_Duration;
|
16 |
use WP_Defender\Module\Hardener\Component\PHP_Version;
|
@@ -264,7 +265,8 @@ class Settings extends \Hammer\WP\Settings {
|
|
264 |
Security_Key::$slug => $init == true ? new Security_Key() : Security_Key::getClassName(),
|
265 |
Protect_Information::$slug => $init == true ? new Protect_Information() : Protect_Information::getClassName(),
|
266 |
Prevent_Php::$slug => $init == true ? new Prevent_Php() : Prevent_Php::getClassName(),
|
267 |
-
Login_Duration::$slug => $init == true ? new Login_Duration() : Login_Duration::getClassName()
|
|
|
268 |
);
|
269 |
}
|
270 |
|
@@ -338,4 +340,4 @@ class Settings extends \Hammer\WP\Settings {
|
|
338 |
public function setActiveServer( $server ) {
|
339 |
$this->active_server = $server;
|
340 |
}
|
341 |
-
}
|
11 |
use WP_Defender\Module\Hardener\Component\DB_Prefix;
|
12 |
use WP_Defender\Module\Hardener\Component\Disable_File_Editor;
|
13 |
use WP_Defender\Module\Hardener\Component\Disable_Trackback;
|
14 |
+
use WP_Defender\Module\Hardener\Component\Disable_Xml_Rpc;
|
15 |
use WP_Defender\Module\Hardener\Component\Hide_Error;
|
16 |
use WP_Defender\Module\Hardener\Component\Login_Duration;
|
17 |
use WP_Defender\Module\Hardener\Component\PHP_Version;
|
265 |
Security_Key::$slug => $init == true ? new Security_Key() : Security_Key::getClassName(),
|
266 |
Protect_Information::$slug => $init == true ? new Protect_Information() : Protect_Information::getClassName(),
|
267 |
Prevent_Php::$slug => $init == true ? new Prevent_Php() : Prevent_Php::getClassName(),
|
268 |
+
Login_Duration::$slug => $init == true ? new Login_Duration() : Login_Duration::getClassName(),
|
269 |
+
Disable_Xml_Rpc::$slug => $init == true ? new Disable_Xml_Rpc() : Disable_Xml_Rpc::getClassName(),
|
270 |
);
|
271 |
}
|
272 |
|
340 |
public function setActiveServer( $server ) {
|
341 |
$this->active_server = $server;
|
342 |
}
|
343 |
+
}
|
app/module/hardener/view/rules/change-admin.php
CHANGED
@@ -1,5 +1,5 @@
|
|
1 |
<div class="rule closed" id="change_admin">
|
2 |
-
<div class="rule-title">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
@@ -39,4 +39,4 @@
|
|
39 |
</div>
|
40 |
<div class="clear"></div>
|
41 |
</div>
|
42 |
-
</div>
|
1 |
<div class="rule closed" id="change_admin">
|
2 |
+
<div class="rule-title" role="link" tabindex="0">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
39 |
</div>
|
40 |
<div class="clear"></div>
|
41 |
</div>
|
42 |
+
</div>
|
app/module/hardener/view/rules/db-prefix.php
CHANGED
@@ -1,5 +1,5 @@
|
|
1 |
<div class="rule closed" id="db_prefix">
|
2 |
-
<div class="rule-title">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
@@ -42,4 +42,4 @@
|
|
42 |
</div>
|
43 |
<div class="clear"></div>
|
44 |
</div>
|
45 |
-
</div>
|
1 |
<div class="rule closed" id="db_prefix">
|
2 |
+
<div class="rule-title" role="link" tabindex="0">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
42 |
</div>
|
43 |
<div class="clear"></div>
|
44 |
</div>
|
45 |
+
</div>
|
app/module/hardener/view/rules/disable-file-editor.php
CHANGED
@@ -1,5 +1,5 @@
|
|
1 |
<div class="rule closed" id="disable_file_editor">
|
2 |
-
<div class="rule-title">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
@@ -42,4 +42,4 @@
|
|
42 |
</div>
|
43 |
<div class="clear"></div>
|
44 |
</div>
|
45 |
-
</div>
|
1 |
<div class="rule closed" id="disable_file_editor">
|
2 |
+
<div class="rule-title" role="link" tabindex="0">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
42 |
</div>
|
43 |
<div class="clear"></div>
|
44 |
</div>
|
45 |
+
</div>
|
app/module/hardener/view/rules/disable-trackback.php
CHANGED
@@ -1,5 +1,5 @@
|
|
1 |
<div class="rule closed" id="disable_trackback">
|
2 |
-
<div class="rule-title">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
@@ -54,4 +54,4 @@
|
|
54 |
</div>
|
55 |
<div class="clear"></div>
|
56 |
</div>
|
57 |
-
</div>
|
1 |
<div class="rule closed" id="disable_trackback">
|
2 |
+
<div class="rule-title" role="link" tabindex="0">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
54 |
</div>
|
55 |
<div class="clear"></div>
|
56 |
</div>
|
57 |
+
</div>
|
app/module/hardener/view/rules/disable-xml-rpc.php
ADDED
@@ -0,0 +1,54 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<div class="rule closed" id="disable_xml_rpc">
|
2 |
+
<div class="rule-title" role="link" tabindex="0">
|
3 |
+
<?php if ( $controller->check() == false ): ?>
|
4 |
+
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
+
<?php else: ?>
|
6 |
+
<i class="def-icon icon-tick" aria-hidden="true"></i>
|
7 |
+
<?php endif; ?>
|
8 |
+
<?php _e( 'Disable XML-RPC', "defender-security" ) ?>
|
9 |
+
</div>
|
10 |
+
<div class="rule-content">
|
11 |
+
<h3><?php _e( "Overview", "defender-security" ) ?></h3>
|
12 |
+
<div class="line end">
|
13 |
+
<?php _e( 'XML-RPC is a system that allows you to post on your WordPress blog using popular weblog clients like Windows Live Writer. Technically, it’s a remote procedure call which uses XML to encode its calls and HTTP as a transport mechanism.<br/><br/>
|
14 |
+
If you are using the WordPress mobile app, want to make connections to services like IFTTT, or want to access and publish to your blog remotely, then you need XML-RPC enabled.<br/><br/>
|
15 |
+
In the past, there were security concerns with XML-RPC so we recommend making sure this feature is fully disabled if you don’t need it active.', "defender-security" ) ?>
|
16 |
+
</div>
|
17 |
+
<h3>
|
18 |
+
<?php _e( "How to fix", "defender-security" ) ?>
|
19 |
+
</h3>
|
20 |
+
<div class="line">
|
21 |
+
<?php _e( 'Automatically disable this feature below. You can re-enable it at any time if you need to.', "defender-security" ) ?>
|
22 |
+
</div>
|
23 |
+
<div class="">
|
24 |
+
<?php if ( $controller->check() ): ?>
|
25 |
+
<p class="mline notification">
|
26 |
+
<i class="def-icon icon-tick" aria-hidden="true"></i>
|
27 |
+
<span><?php _e( 'XML-RPC is disabled.', "defender-security" ) ?></span>
|
28 |
+
</p>
|
29 |
+
<div class="end"></div>
|
30 |
+
<div class="clear mline"></div>
|
31 |
+
<form method="post" class="hardener-frm rule-process">
|
32 |
+
<?php $controller->createNonceField(); ?>
|
33 |
+
<input type="hidden" name="action" value="processRevert"/>
|
34 |
+
<input type="hidden" name="slug" value="<?php echo $controller::$slug ?>"/>
|
35 |
+
<button class="button button-secondary"
|
36 |
+
type="submit"><?php _e( "Revert", "defender-security" ) ?></button>
|
37 |
+
</form>
|
38 |
+
<?php else: ?>
|
39 |
+
<div class="end"></div>
|
40 |
+
<div class="clear mline"></div>
|
41 |
+
<form method="post" class="hardener-frm rule-process hardener-frm-process-xml-rpc">
|
42 |
+
<?php $controller->createNonceField(); ?>
|
43 |
+
<input type="hidden" name="action" value="processHardener"/>
|
44 |
+
<input type="hidden" name="updatePosts" value="no"/>
|
45 |
+
<input type="hidden" name="slug" value="<?php echo $controller::$slug ?>"/>
|
46 |
+
<button class="button float-r"
|
47 |
+
type="submit"><?php _e( "Disable XML-RPC", "defender-security" ) ?></button>
|
48 |
+
</form>
|
49 |
+
<?php $controller->showIgnoreForm() ?>
|
50 |
+
<?php endif; ?>
|
51 |
+
</div>
|
52 |
+
<div class="clear"></div>
|
53 |
+
</div>
|
54 |
+
</div>
|
app/module/hardener/view/rules/hide-error.php
CHANGED
@@ -1,5 +1,5 @@
|
|
1 |
<div class="rule closed" id="disable-file-editor">
|
2 |
-
<div class="rule-title">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
@@ -45,4 +45,4 @@
|
|
45 |
</div>
|
46 |
<div class="clear"></div>
|
47 |
</div>
|
48 |
-
</div>
|
1 |
<div class="rule closed" id="disable-file-editor">
|
2 |
+
<div class="rule-title" role="link" tabindex="0">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
45 |
</div>
|
46 |
<div class="clear"></div>
|
47 |
</div>
|
48 |
+
</div>
|
app/module/hardener/view/rules/login-duration.php
CHANGED
@@ -1,5 +1,5 @@
|
|
1 |
<div class="rule closed" id="login-duration">
|
2 |
-
<div class="rule-title">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
@@ -20,7 +20,7 @@
|
|
20 |
$setting = \WP_Defender\Module\Hardener\Model\Settings::instance();
|
21 |
|
22 |
if ( $controller->check() ):
|
23 |
-
?>
|
24 |
<p class="line"><?php esc_attr_e( sprintf( __('Login Duration is locked down. Current duration is %d days', "defender-security" ), $controller->getService()->getDuration() ) ); ?></p>
|
25 |
<form method="post" class="hardener-frm rule-process">
|
26 |
<?php $controller->createNonceField(); ?>
|
@@ -29,8 +29,8 @@
|
|
29 |
<button class="button button-small button-grey" type="submit"><?php _e( "Revert", "defender-security" ) ?></button>
|
30 |
</form>
|
31 |
<?php
|
32 |
-
else:
|
33 |
-
?>
|
34 |
<div class="line">
|
35 |
<p><?php _e( "Please change the number of days a user can stay logged in", "defender-security" ) ?></p>
|
36 |
</div>
|
@@ -50,4 +50,4 @@
|
|
50 |
?>
|
51 |
</div>
|
52 |
</div>
|
53 |
-
</div>
|
1 |
<div class="rule closed" id="login-duration">
|
2 |
+
<div class="rule-title" role="link" tabindex="0">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
20 |
$setting = \WP_Defender\Module\Hardener\Model\Settings::instance();
|
21 |
|
22 |
if ( $controller->check() ):
|
23 |
+
?>
|
24 |
<p class="line"><?php esc_attr_e( sprintf( __('Login Duration is locked down. Current duration is %d days', "defender-security" ), $controller->getService()->getDuration() ) ); ?></p>
|
25 |
<form method="post" class="hardener-frm rule-process">
|
26 |
<?php $controller->createNonceField(); ?>
|
29 |
<button class="button button-small button-grey" type="submit"><?php _e( "Revert", "defender-security" ) ?></button>
|
30 |
</form>
|
31 |
<?php
|
32 |
+
else:
|
33 |
+
?>
|
34 |
<div class="line">
|
35 |
<p><?php _e( "Please change the number of days a user can stay logged in", "defender-security" ) ?></p>
|
36 |
</div>
|
50 |
?>
|
51 |
</div>
|
52 |
</div>
|
53 |
+
</div>
|
app/module/hardener/view/rules/php-version.php
CHANGED
@@ -1,5 +1,5 @@
|
|
1 |
<div class="rule closed" id="php_version">
|
2 |
-
<div class="rule-title">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
@@ -44,4 +44,4 @@
|
|
44 |
<?php $controller->showIgnoreForm() ?>
|
45 |
<div class="clear"></div>
|
46 |
</div>
|
47 |
-
</div>
|
1 |
<div class="rule closed" id="php_version">
|
2 |
+
<div class="rule-title" role="link" tabindex="0">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
44 |
<?php $controller->showIgnoreForm() ?>
|
45 |
<div class="clear"></div>
|
46 |
</div>
|
47 |
+
</div>
|
app/module/hardener/view/rules/prevent-php-executed.php
CHANGED
@@ -1,5 +1,5 @@
|
|
1 |
<div class="rule closed" id="disable-file-editor">
|
2 |
-
<div class="rule-title">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
@@ -16,7 +16,7 @@
|
|
16 |
<?php _e( "How to fix", "defender-security" ) ?>
|
17 |
</h3>
|
18 |
<div class="well">
|
19 |
-
<?php
|
20 |
$setting = \WP_Defender\Module\Hardener\Model\Settings::instance();
|
21 |
|
22 |
if ( $controller->check() ): ?>
|
@@ -51,9 +51,9 @@
|
|
51 |
<button class="button button-small button-grey"
|
52 |
type="submit"><?php _e( "Revert", "defender-security" ) ?></button>
|
53 |
</form>
|
54 |
-
<?php else:
|
55 |
$servers = \WP_Defender\Behavior\Utils::instance()->serverTypes();
|
56 |
-
|
57 |
if ( DIRECTORY_SEPARATOR == '\\' ) {
|
58 |
//Windows
|
59 |
$wp_includes = str_replace( ABSPATH, '', WPINC );
|
@@ -70,7 +70,7 @@
|
|
70 |
} else if ( $is_iis7 ) {
|
71 |
$setting->active_server = 'iis-7';
|
72 |
}
|
73 |
-
|
74 |
?>
|
75 |
<div class="columns">
|
76 |
<div class="column is-one-third">
|
@@ -134,7 +134,7 @@ location ~* ^$wp_content/.*\.php$ {
|
|
134 |
}
|
135 |
";
|
136 |
?>
|
137 |
-
|
138 |
<p><?php esc_html_e( "For NGINX servers:", "defender-security" ) ?></p>
|
139 |
<ol>
|
140 |
<li>
|
@@ -176,9 +176,9 @@ location ~* ^$wp_content/.*\.php$ {
|
|
176 |
<button class="button float-r"
|
177 |
type="submit" ><?php _e( "Add web.config file", "defender-security" ) ?></button>
|
178 |
</form>
|
179 |
-
|
180 |
-
</div>
|
181 |
-
<?php $controller->showIgnoreForm();
|
182 |
$prevent_php_style = "style='display:none'";
|
183 |
if ( in_array( $setting->active_server, array( 'apache', 'litespeed', 'nginx' ) ) ) {
|
184 |
$prevent_php_style = "style='display:block'";
|
@@ -199,4 +199,4 @@ location ~* ^$wp_content/.*\.php$ {
|
|
199 |
<?php endif; ?>
|
200 |
</div>
|
201 |
</div>
|
202 |
-
</div>
|
1 |
<div class="rule closed" id="disable-file-editor">
|
2 |
+
<div class="rule-title" role="link" tabindex="0">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
16 |
<?php _e( "How to fix", "defender-security" ) ?>
|
17 |
</h3>
|
18 |
<div class="well">
|
19 |
+
<?php
|
20 |
$setting = \WP_Defender\Module\Hardener\Model\Settings::instance();
|
21 |
|
22 |
if ( $controller->check() ): ?>
|
51 |
<button class="button button-small button-grey"
|
52 |
type="submit"><?php _e( "Revert", "defender-security" ) ?></button>
|
53 |
</form>
|
54 |
+
<?php else:
|
55 |
$servers = \WP_Defender\Behavior\Utils::instance()->serverTypes();
|
56 |
+
|
57 |
if ( DIRECTORY_SEPARATOR == '\\' ) {
|
58 |
//Windows
|
59 |
$wp_includes = str_replace( ABSPATH, '', WPINC );
|
70 |
} else if ( $is_iis7 ) {
|
71 |
$setting->active_server = 'iis-7';
|
72 |
}
|
73 |
+
|
74 |
?>
|
75 |
<div class="columns">
|
76 |
<div class="column is-one-third">
|
134 |
}
|
135 |
";
|
136 |
?>
|
137 |
+
|
138 |
<p><?php esc_html_e( "For NGINX servers:", "defender-security" ) ?></p>
|
139 |
<ol>
|
140 |
<li>
|
176 |
<button class="button float-r"
|
177 |
type="submit" ><?php _e( "Add web.config file", "defender-security" ) ?></button>
|
178 |
</form>
|
179 |
+
|
180 |
+
</div>
|
181 |
+
<?php $controller->showIgnoreForm();
|
182 |
$prevent_php_style = "style='display:none'";
|
183 |
if ( in_array( $setting->active_server, array( 'apache', 'litespeed', 'nginx' ) ) ) {
|
184 |
$prevent_php_style = "style='display:block'";
|
199 |
<?php endif; ?>
|
200 |
</div>
|
201 |
</div>
|
202 |
+
</div>
|
app/module/hardener/view/rules/protect-information.php
CHANGED
@@ -1,5 +1,5 @@
|
|
1 |
<div class="rule closed" id="disable-file-editor">
|
2 |
-
<div class="rule-title">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
@@ -25,7 +25,7 @@
|
|
25 |
<button class="button button-small button-grey"
|
26 |
type="submit"><?php _e( "Revert", "defender-security" ) ?></button>
|
27 |
</form>
|
28 |
-
<?php else:
|
29 |
$servers = \WP_Defender\Behavior\Utils::instance()->serverTypes();
|
30 |
$setting = \WP_Defender\Module\Hardener\Model\Settings::instance();
|
31 |
$setting->active_server = \WP_Defender\Behavior\Utils::instance()->determineServer( true );
|
@@ -74,7 +74,7 @@
|
|
74 |
} else {
|
75 |
$wp_content = str_replace( $_SERVER['DOCUMENT_ROOT'], '', WP_CONTENT_DIR );
|
76 |
}
|
77 |
-
|
78 |
$rules = "# Turn off directory indexing
|
79 |
autoindex off;
|
80 |
|
@@ -126,4 +126,4 @@ location ~* ^$wp_content/.*\.(txt|md|exe|sh|bak|inc|pot|po|mo|log|sql)$ {
|
|
126 |
<?php endif; ?>
|
127 |
</div>
|
128 |
</div>
|
129 |
-
</div>
|
1 |
<div class="rule closed" id="disable-file-editor">
|
2 |
+
<div class="rule-title" role="link" tabindex="0">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
25 |
<button class="button button-small button-grey"
|
26 |
type="submit"><?php _e( "Revert", "defender-security" ) ?></button>
|
27 |
</form>
|
28 |
+
<?php else:
|
29 |
$servers = \WP_Defender\Behavior\Utils::instance()->serverTypes();
|
30 |
$setting = \WP_Defender\Module\Hardener\Model\Settings::instance();
|
31 |
$setting->active_server = \WP_Defender\Behavior\Utils::instance()->determineServer( true );
|
74 |
} else {
|
75 |
$wp_content = str_replace( $_SERVER['DOCUMENT_ROOT'], '', WP_CONTENT_DIR );
|
76 |
}
|
77 |
+
|
78 |
$rules = "# Turn off directory indexing
|
79 |
autoindex off;
|
80 |
|
126 |
<?php endif; ?>
|
127 |
</div>
|
128 |
</div>
|
129 |
+
</div>
|
app/module/hardener/view/rules/security-key.php
CHANGED
@@ -1,5 +1,5 @@
|
|
1 |
<div class="rule closed" id="security_key">
|
2 |
-
<div class="rule-title">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
@@ -54,4 +54,4 @@
|
|
54 |
</div>
|
55 |
<div class="clear"></div>
|
56 |
</div>
|
57 |
-
</div>
|
1 |
<div class="rule closed" id="security_key">
|
2 |
+
<div class="rule-title" role="link" tabindex="0">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
54 |
</div>
|
55 |
<div class="clear"></div>
|
56 |
</div>
|
57 |
+
</div>
|
app/module/hardener/view/rules/wp-version.php
CHANGED
@@ -1,5 +1,5 @@
|
|
1 |
<div class="rule closed" id="wp-version">
|
2 |
-
<div class="rule-title">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
@@ -46,4 +46,4 @@
|
|
46 |
</div>
|
47 |
<div class="clear"></div>
|
48 |
</div>
|
49 |
-
</div>
|
1 |
<div class="rule closed" id="wp-version">
|
2 |
+
<div class="rule-title" role="link" tabindex="0">
|
3 |
<?php if ( $controller->check() == false ): ?>
|
4 |
<i class="def-icon icon-warning" aria-hidden="true"></i>
|
5 |
<?php else: ?>
|
46 |
</div>
|
47 |
<div class="clear"></div>
|
48 |
</div>
|
49 |
+
</div>
|
app/module/ip-lockout/view/detect-404/enabled.php
CHANGED
@@ -1,7 +1,7 @@
|
|
1 |
<div class="dev-box">
|
2 |
<form method="post" id="settings-frm" class="ip-frm">
|
3 |
<div class="box-title">
|
4 |
-
<h3><?php esc_html_e( "404 DETECTION", "defender-security" ) ?></h3>
|
5 |
<div class="side float-r">
|
6 |
<div>
|
7 |
<span tooltip="<?php esc_attr_e( "Deactivate 404 Detection", "defender-security" ) ?>" class="toggle">
|
@@ -150,4 +150,4 @@
|
|
150 |
<div class="clear"></div>
|
151 |
</div>
|
152 |
</form>
|
153 |
-
</div>
|
1 |
<div class="dev-box">
|
2 |
<form method="post" id="settings-frm" class="ip-frm">
|
3 |
<div class="box-title">
|
4 |
+
<h3 role="checkbox"><label for="toggle_404_detection" role="checkbox" aria-checked="true"><?php esc_html_e( "404 DETECTION", "defender-security" ) ?></label></h3>
|
5 |
<div class="side float-r">
|
6 |
<div>
|
7 |
<span tooltip="<?php esc_attr_e( "Deactivate 404 Detection", "defender-security" ) ?>" class="toggle">
|
150 |
<div class="clear"></div>
|
151 |
</div>
|
152 |
</form>
|
153 |
+
</div>
|
app/module/ip-lockout/view/login-lockouts/enabled.php
CHANGED
@@ -1,7 +1,7 @@
|
|
1 |
<div class="dev-box">
|
2 |
<form method="post" id="settings-frm" class="ip-frm">
|
3 |
<div class="box-title">
|
4 |
-
<h3><?php _e( "Login Protection", "defender-security" ) ?></h3>
|
5 |
<div class="side float-r">
|
6 |
<div>
|
7 |
<span tooltip="<?php esc_attr_e( "Deactivate Login Protection", "defender-security" ) ?>"
|
@@ -126,4 +126,4 @@
|
|
126 |
<div class="clear"></div>
|
127 |
</div>
|
128 |
</form>
|
129 |
-
</div>
|
1 |
<div class="dev-box">
|
2 |
<form method="post" id="settings-frm" class="ip-frm">
|
3 |
<div class="box-title">
|
4 |
+
<h3 role="checkbox"><label for="toggle_login_protect" role="checkbox" aria-checked="true"><?php _e( "Login Protection", "defender-security" ) ?></label></h3>
|
5 |
<div class="side float-r">
|
6 |
<div>
|
7 |
<span tooltip="<?php esc_attr_e( "Deactivate Login Protection", "defender-security" ) ?>"
|
126 |
<div class="clear"></div>
|
127 |
</div>
|
128 |
</form>
|
129 |
+
</div>
|
app/module/ip-lockout/view/notification/enabled.php
CHANGED
@@ -24,7 +24,7 @@
|
|
24 |
id="toggle_login_protection"/>
|
25 |
<label class="toggle-label" for="toggle_login_protection"></label>
|
26 |
</span>
|
27 |
-
<label><?php esc_html_e( "Login Protection Lockout", "defender-security" ) ?></label>
|
28 |
<span class="sub inpos">
|
29 |
<?php esc_html_e( "When a user or IP is locked out for trying to access your login area.", "defender-security" ) ?>
|
30 |
</span>
|
@@ -38,7 +38,7 @@
|
|
38 |
class="toggle-checkbox" id="toggle_404_detection"/>
|
39 |
<label class="toggle-label" for="toggle_404_detection"></label>
|
40 |
</span>
|
41 |
-
<label>
|
42 |
<?php esc_html_e( "404 Detection Lockout", "defender-security" ) ?>
|
43 |
</label>
|
44 |
<span class="sub inpos"><?php esc_html_e( "When a user or IP is locked out for repeated hits on non-existent files.", "defender-security" ) ?></span>
|
@@ -76,7 +76,7 @@
|
|
76 |
id="cooldown_enabled"/>
|
77 |
<label class="toggle-label" for="cooldown_enabled"></label>
|
78 |
</span>
|
79 |
-
<label><?php _e( "Limit email notifications for repeat lockouts", "defender-security" ) ?></label>
|
80 |
<div class="well well-white schedule-box">
|
81 |
<label><strong><?php _e( "Threshold", "defender-security" ) ?></strong>
|
82 |
- <?php _e( "The number of lockouts before we turn off emails", "defender-security" ) ?>
|
@@ -126,4 +126,4 @@
|
|
126 |
<div class="clear"></div>
|
127 |
</form>
|
128 |
</div>
|
129 |
-
</div>
|
24 |
id="toggle_login_protection"/>
|
25 |
<label class="toggle-label" for="toggle_login_protection"></label>
|
26 |
</span>
|
27 |
+
<label for="toggle_login_protection" role="checkbox" aria-checked="<?php echo $settings->login_lockout_notification?'true':'false';?>"><?php esc_html_e( "Login Protection Lockout", "defender-security" ) ?></label>
|
28 |
<span class="sub inpos">
|
29 |
<?php esc_html_e( "When a user or IP is locked out for trying to access your login area.", "defender-security" ) ?>
|
30 |
</span>
|
38 |
class="toggle-checkbox" id="toggle_404_detection"/>
|
39 |
<label class="toggle-label" for="toggle_404_detection"></label>
|
40 |
</span>
|
41 |
+
<label for="toggle_404_detection" role="checkbox" aria-checked="<?php echo $settings->ip_lockout_notification?'true':'false';?>">
|
42 |
<?php esc_html_e( "404 Detection Lockout", "defender-security" ) ?>
|
43 |
</label>
|
44 |
<span class="sub inpos"><?php esc_html_e( "When a user or IP is locked out for repeated hits on non-existent files.", "defender-security" ) ?></span>
|
76 |
id="cooldown_enabled"/>
|
77 |
<label class="toggle-label" for="cooldown_enabled"></label>
|
78 |
</span>
|
79 |
+
<label for="cooldown_enabled" role="checkbox" aria-checked="<?php echo $settings->cooldown_enabled?'true':'false';?>"><?php _e( "Limit email notifications for repeat lockouts", "defender-security" ) ?></label>
|
80 |
<div class="well well-white schedule-box">
|
81 |
<label><strong><?php _e( "Threshold", "defender-security" ) ?></strong>
|
82 |
- <?php _e( "The number of lockouts before we turn off emails", "defender-security" ) ?>
|
126 |
<div class="clear"></div>
|
127 |
</form>
|
128 |
</div>
|
129 |
+
</div>
|
app/module/ip-lockout/view/notification/report-free.php
CHANGED
@@ -29,7 +29,7 @@
|
|
29 |
id="toggle_report"/>
|
30 |
<label class="toggle-label" for="toggle_report"></label>
|
31 |
</span>
|
32 |
-
<label>
|
33 |
<?php esc_html_e( "Send regular email report", "defender-security" ) ?>
|
34 |
</label>
|
35 |
<div class="clear mline"></div>
|
29 |
id="toggle_report"/>
|
30 |
<label class="toggle-label" for="toggle_report"></label>
|
31 |
</span>
|
32 |
+
<label for="toggle_report" role="checkbox" aria-checked="true">
|
33 |
<?php esc_html_e( "Send regular email report", "defender-security" ) ?>
|
34 |
</label>
|
35 |
<div class="clear mline"></div>
|
app/module/ip-lockout/view/notification/report.php
CHANGED
@@ -24,7 +24,7 @@
|
|
24 |
id="toggle_report"/>
|
25 |
<label class="toggle-label" for="toggle_report"></label>
|
26 |
</span>
|
27 |
-
<label>
|
28 |
<?php esc_html_e( "Send regular email report", "defender-security" ) ?>
|
29 |
</label>
|
30 |
<div class="clear mline"></div>
|
@@ -83,4 +83,4 @@
|
|
83 |
<div class="clear"></div>
|
84 |
</form>
|
85 |
</div>
|
86 |
-
</div>
|
24 |
id="toggle_report"/>
|
25 |
<label class="toggle-label" for="toggle_report"></label>
|
26 |
</span>
|
27 |
+
<label for="toggle_report" role="checkbox" aria-checked="true">
|
28 |
<?php esc_html_e( "Send regular email report", "defender-security" ) ?>
|
29 |
</label>
|
30 |
<div class="clear mline"></div>
|
83 |
<div class="clear"></div>
|
84 |
</form>
|
85 |
</div>
|
86 |
+
</div>
|
app/module/scan/behavior/core-result.php
CHANGED
@@ -199,10 +199,10 @@ class Core_Result extends Behavior {
|
|
199 |
<span><?php _e( "This will permanently remove the selected file/folder. Are you sure you want to continue?", "defender-security" ) ?></span>
|
200 |
<div>
|
201 |
<button type="submit" class="button button-small button-grey">
|
202 |
-
|
203 |
</button>
|
204 |
<button type="button" class="button button-small button-secondary">
|
205 |
-
|
206 |
</button>
|
207 |
</div>
|
208 |
</div>
|
@@ -345,7 +345,10 @@ class Core_Result extends Behavior {
|
|
345 |
|
346 |
$left_lines = explode( "\n", $left_string );
|
347 |
$right_lines = explode( "\n", $right_string );
|
348 |
-
$text_diff = new \Text_Diff(
|
|
|
|
|
|
|
349 |
$renderer = new \Text_Diff_Renderer_inline();
|
350 |
|
351 |
return $renderer->render( $text_diff );
|
199 |
<span><?php _e( "This will permanently remove the selected file/folder. Are you sure you want to continue?", "defender-security" ) ?></span>
|
200 |
<div>
|
201 |
<button type="submit" class="button button-small button-grey">
|
202 |
+
<?php _e( "Yes", "defender-security" ) ?>
|
203 |
</button>
|
204 |
<button type="button" class="button button-small button-secondary">
|
205 |
+
<?php _e( "No", "defender-security" ) ?>
|
206 |
</button>
|
207 |
</div>
|
208 |
</div>
|
345 |
|
346 |
$left_lines = explode( "\n", $left_string );
|
347 |
$right_lines = explode( "\n", $right_string );
|
348 |
+
$text_diff = new \Text_Diff( 'auto', array(
|
349 |
+
$right_lines,
|
350 |
+
$left_lines
|
351 |
+
) );
|
352 |
$renderer = new \Text_Diff_Renderer_inline();
|
353 |
|
354 |
return $renderer->render( $text_diff );
|
app/module/scan/component/scan-api.php
CHANGED
@@ -121,7 +121,6 @@ class Scan_Api extends Component {
|
|
121 |
ABSPATH . 'wp-includes',
|
122 |
)
|
123 |
), true, $settings->max_filesize );
|
124 |
-
|
125 |
$cache->set( self::CACHE_CORE, array_merge( $firstLevelFiles, $coreFiles ), 0 );
|
126 |
|
127 |
return array_merge( $firstLevelFiles, $coreFiles );
|
@@ -131,6 +130,10 @@ class Scan_Api extends Component {
|
|
131 |
* @return array
|
132 |
*/
|
133 |
public static function getContentFiles() {
|
|
|
|
|
|
|
|
|
134 |
$cache = Container::instance()->get( 'cache' );
|
135 |
$cached = $cache->get( self::CACHE_CONTENT, false );
|
136 |
if ( is_array( $cached ) && ! empty( $cached ) ) {
|
@@ -140,7 +143,7 @@ class Scan_Api extends Component {
|
|
140 |
$files = File_Helper::findFiles( WP_CONTENT_DIR, true, false, array(), array(
|
141 |
'ext' => array( 'php' )
|
142 |
), true, $settings->max_filesize );
|
143 |
-
// $files
|
144 |
// 'ext' => array( 'php' )
|
145 |
// ), true, $settings->max_filesize );
|
146 |
//include wp-config.php here
|
@@ -624,6 +627,7 @@ class Scan_Api extends Component {
|
|
624 |
$patterns = array();
|
625 |
}
|
626 |
|
|
|
627 |
update_site_option( Scan_Api::SCAN_PATTERN, $patterns );
|
628 |
|
629 |
return $patterns;
|
121 |
ABSPATH . 'wp-includes',
|
122 |
)
|
123 |
), true, $settings->max_filesize );
|
|
|
124 |
$cache->set( self::CACHE_CORE, array_merge( $firstLevelFiles, $coreFiles ), 0 );
|
125 |
|
126 |
return array_merge( $firstLevelFiles, $coreFiles );
|
130 |
* @return array
|
131 |
*/
|
132 |
public static function getContentFiles() {
|
133 |
+
// return array(
|
134 |
+
// ABSPATH . 'trash/sample/content-image.php',
|
135 |
+
// //ABSPATH . 'trash/antispam-bee/inc/columns.class.php'
|
136 |
+
// );
|
137 |
$cache = Container::instance()->get( 'cache' );
|
138 |
$cached = $cache->get( self::CACHE_CONTENT, false );
|
139 |
if ( is_array( $cached ) && ! empty( $cached ) ) {
|
143 |
$files = File_Helper::findFiles( WP_CONTENT_DIR, true, false, array(), array(
|
144 |
'ext' => array( 'php' )
|
145 |
), true, $settings->max_filesize );
|
146 |
+
// $files = File_Helper::findFiles( ABSPATH . 'wp-content/trash/sample', true, false, array(), array(
|
147 |
// 'ext' => array( 'php' )
|
148 |
// ), true, $settings->max_filesize );
|
149 |
//include wp-config.php here
|
627 |
$patterns = array();
|
628 |
}
|
629 |
|
630 |
+
|
631 |
update_site_option( Scan_Api::SCAN_PATTERN, $patterns );
|
632 |
|
633 |
return $patterns;
|
app/module/scan/component/token-utils.php
ADDED
@@ -0,0 +1,333 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1 |
+
<?php
|
2 |
+
/**
|
3 |
+
* Author: Hoang Ngo
|
4 |
+
*/
|
5 |
+
|
6 |
+
namespace WP_Defender\Module\Scan\Component;
|
7 |
+
|
8 |
+
|
9 |
+
use Hammer\Base\Component;
|
10 |
+
|
11 |
+
class Token_Utils extends Component {
|
12 |
+
/**
|
13 |
+
* @var array
|
14 |
+
*/
|
15 |
+
static $tokens = array();
|
16 |
+
|
17 |
+
/**
|
18 |
+
* @param $token
|
19 |
+
* @param $from
|
20 |
+
* @param null $end
|
21 |
+
*
|
22 |
+
* @return bool
|
23 |
+
*/
|
24 |
+
public static function findPrevious( $token, $from, $end = null ) {
|
25 |
+
for ( $i = $from; $i >= $end; $i -- ) {
|
26 |
+
if ( isset( self::$tokens[ $i ] ) && self::$tokens[ $i ]['code'] == $token ) {
|
27 |
+
return $i;
|
28 |
+
}
|
29 |
+
}
|
30 |
+
|
31 |
+
return false;
|
32 |
+
}
|
33 |
+
|
34 |
+
/**
|
35 |
+
* @param $token
|
36 |
+
* @param $from
|
37 |
+
* @param $end
|
38 |
+
*
|
39 |
+
* @return bool|int|string
|
40 |
+
*/
|
41 |
+
public static function findNext( $token, $from, $end = null ) {
|
42 |
+
if ( $end == null ) {
|
43 |
+
$end = count( self::$tokens ) - 1;
|
44 |
+
}
|
45 |
+
|
46 |
+
if ( ! is_array( $token ) ) {
|
47 |
+
$token = array( $token );
|
48 |
+
}
|
49 |
+
|
50 |
+
for ( $i = $from; $i < $end; $i ++ ) {
|
51 |
+
if ( ! isset( self::$tokens[ $i ] ) ) {
|
52 |
+
return false;
|
53 |
+
}
|
54 |
+
|
55 |
+
if ( self::$tokens[ $i ]['code'] == T_SEMICOLON && ! in_array( T_SEMICOLON, $token ) ) {
|
56 |
+
return false;
|
57 |
+
}
|
58 |
+
|
59 |
+
if ( in_array( self::$tokens[ $i ]['code'], $token ) ) {
|
60 |
+
return $i;
|
61 |
+
}
|
62 |
+
}
|
63 |
+
}
|
64 |
+
|
65 |
+
/**
|
66 |
+
* @param $start
|
67 |
+
* @param $length
|
68 |
+
*
|
69 |
+
* @return string
|
70 |
+
* code borrow from @PHP_CodeSniffer_File
|
71 |
+
*/
|
72 |
+
public static function getTokensAsString( $start, $length ) {
|
73 |
+
$str = '';
|
74 |
+
$end = ( $start + $length );
|
75 |
+
|
76 |
+
for ( $i = $start; $i < $end; $i ++ ) {
|
77 |
+
$str .= self::$tokens[ $i ]['content'];
|
78 |
+
}
|
79 |
+
|
80 |
+
return $str;
|
81 |
+
}
|
82 |
+
|
83 |
+
/**
|
84 |
+
* @param $start
|
85 |
+
* @param $end
|
86 |
+
*
|
87 |
+
* @return array
|
88 |
+
*/
|
89 |
+
public static function findParams( $start, $end ) {
|
90 |
+
$params = array();
|
91 |
+
for ( $i = $start; $i < $end; $i ++ ) {
|
92 |
+
$params[] = self::$tokens[ $i ];
|
93 |
+
}
|
94 |
+
|
95 |
+
return $params;
|
96 |
+
}
|
97 |
+
|
98 |
+
/**
|
99 |
+
* @param $token
|
100 |
+
*
|
101 |
+
* @return bool
|
102 |
+
*/
|
103 |
+
public static function isUserInput( $token ) {
|
104 |
+
if ( $token['code'] == T_VARIABLE
|
105 |
+
&& preg_match( '/\$\{?_(GET|POST|REQUEST|COOKIE|SERVER|FILES|ENV)/', $token['content'] ) ) {
|
106 |
+
return true;
|
107 |
+
}
|
108 |
+
|
109 |
+
return false;
|
110 |
+
}
|
111 |
+
|
112 |
+
//Borrow from https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/Utils.php
|
113 |
+
//Point to RIPs and SO https://stackoverflow.com/questions/3115559/exploitable-php-functions
|
114 |
+
public static function getCallbackFunctions() {
|
115 |
+
return array(
|
116 |
+
'ob_start',
|
117 |
+
'array_diff_uassoc',
|
118 |
+
'array_diff_ukey',
|
119 |
+
'array_filter',
|
120 |
+
'array_intersect_uassoc',
|
121 |
+
'array_intersect_ukey',
|
122 |
+
'array_map',
|
123 |
+
'array_reduce',
|
124 |
+
'array_udiff_assoc',
|
125 |
+
'array_udiff_uassoc',
|
126 |
+
'array_udiff',
|
127 |
+
'array_uintersect_assoc',
|
128 |
+
'array_uintersect_uassoc',
|
129 |
+
'array_uintersect',
|
130 |
+
'array_walk_recursive',
|
131 |
+
'array_walk',
|
132 |
+
'assert_options',
|
133 |
+
'uasort',
|
134 |
+
'uksort',
|
135 |
+
'usort',
|
136 |
+
'preg_replace_callback',
|
137 |
+
'spl_autoload_register',
|
138 |
+
'iterator_apply',
|
139 |
+
'call_user_func',
|
140 |
+
'call_user_func_array',
|
141 |
+
'register_shutdown_function',
|
142 |
+
'register_tick_function',
|
143 |
+
'set_error_handler',
|
144 |
+
'set_exception_handler',
|
145 |
+
'session_set_save_handler',
|
146 |
+
'sqlite_create_aggregate',
|
147 |
+
'sqlite_create_function'
|
148 |
+
);
|
149 |
+
}
|
150 |
+
|
151 |
+
// From http://www.php.net/manual/en/ref.funchand.php
|
152 |
+
public static function getCreateFuncs() {
|
153 |
+
return array(
|
154 |
+
'create_function',
|
155 |
+
'call_user_func',
|
156 |
+
'call_user_func_array',
|
157 |
+
'forward_static_call',
|
158 |
+
'forward_static_call_array',
|
159 |
+
'function_exists',
|
160 |
+
'register_shutdown_function',
|
161 |
+
'register_tick_function'
|
162 |
+
);
|
163 |
+
}
|
164 |
+
|
165 |
+
/**
|
166 |
+
* @return array
|
167 |
+
*/
|
168 |
+
public static function getsuspiciousFunctions() {
|
169 |
+
return array_merge( self::getCryptoFunctions(), array(
|
170 |
+
'assert',
|
171 |
+
'eval',
|
172 |
+
'gzinflate'
|
173 |
+
) );
|
174 |
+
}
|
175 |
+
|
176 |
+
/**
|
177 |
+
* Borrow from https://github.com/FloeDesignTechnologies/phpcs-security-audit/blob/master/Security/Sniffs/Utils.php
|
178 |
+
* @return array
|
179 |
+
*/
|
180 |
+
public static function getCryptoFunctions() {
|
181 |
+
return array(
|
182 |
+
// Officials
|
183 |
+
'crypt',
|
184 |
+
'md5',
|
185 |
+
'md5_file',
|
186 |
+
'sha1',
|
187 |
+
'sha1_file',
|
188 |
+
'str_rot13',
|
189 |
+
'base64_decode',
|
190 |
+
'base64_encode',
|
191 |
+
'convert_uudecode',
|
192 |
+
'convert_uuencode',
|
193 |
+
// http://php.net/manual/en/book.mcrypt.php
|
194 |
+
'mcrypt_cbc',
|
195 |
+
'mcrypt_cfb',
|
196 |
+
'mcrypt_create_iv',
|
197 |
+
'mcrypt_decrypt',
|
198 |
+
'mcrypt_ecb',
|
199 |
+
'mcrypt_enc_get_algorithms_name',
|
200 |
+
'mcrypt_enc_get_block_size',
|
201 |
+
'mcrypt_enc_get_iv_size',
|
202 |
+
'mcrypt_enc_get_key_size',
|
203 |
+
'mcrypt_enc_get_modes_name',
|
204 |
+
'mcrypt_enc_get_supported_key_sizes',
|
205 |
+
'mcrypt_enc_is_block_algorithm_mode',
|
206 |
+
'mcrypt_enc_is_block_algorithm',
|
207 |
+
'mcrypt_enc_is_block_mode',
|
208 |
+
'mcrypt_enc_self_test',
|
209 |
+
'mcrypt_encrypt',
|
210 |
+
'mcrypt_generic_deinit',
|
211 |
+
'mcrypt_generic_end',
|
212 |
+
'mcrypt_generic_init',
|
213 |
+
'mcrypt_generic',
|
214 |
+
'mcrypt_get_block_size',
|
215 |
+
'mcrypt_get_cipher_name',
|
216 |
+
'mcrypt_get_iv_size',
|
217 |
+
'mcrypt_get_key_size',
|
218 |
+
'mcrypt_list_algorithms',
|
219 |
+
'mcrypt_list_modes',
|
220 |
+
'mcrypt_module_close',
|
221 |
+
'mcrypt_module_get_algo_block_size',
|
222 |
+
'mcrypt_module_get_algo_key_size',
|
223 |
+
'mcrypt_module_get_supported_key_sizes',
|
224 |
+
'mcrypt_module_is_block_algorithm_mode',
|
225 |
+
'mcrypt_module_is_block_algorithm',
|
226 |
+
'mcrypt_module_is_block_mode',
|
227 |
+
'mcrypt_module_open',
|
228 |
+
'mcrypt_module_self_test',
|
229 |
+
'mcrypt_ofb',
|
230 |
+
'mdecrypt_generic',
|
231 |
+
// http://php.net/manual/en/book.mhash.php
|
232 |
+
'mhash_count',
|
233 |
+
'mhash_get_block_size',
|
234 |
+
'mhash_get_hash_name',
|
235 |
+
'mhash_keygen_s2k',
|
236 |
+
'mhash',
|
237 |
+
// http://php.net/manual/en/book.crack.php
|
238 |
+
'crack_check',
|
239 |
+
'crack_closedict',
|
240 |
+
'crack_getlastmessage',
|
241 |
+
'crack_opendict',
|
242 |
+
// http://php.net/manual/en/book.hash.php
|
243 |
+
'hash_algos',
|
244 |
+
'hash_copy',
|
245 |
+
'hash_file',
|
246 |
+
'hash_final',
|
247 |
+
'hash_hmac_file',
|
248 |
+
'hash_hmac',
|
249 |
+
'hash_init',
|
250 |
+
'hash_pbkdf2',
|
251 |
+
'hash_update_file',
|
252 |
+
'hash_update_stream',
|
253 |
+
'hash_update',
|
254 |
+
//'hash',
|
255 |
+
// http://php.net/manual/en/book.openssl.php
|
256 |
+
'openssl_cipher_iv_length',
|
257 |
+
'openssl_csr_export_to_file',
|
258 |
+
'openssl_csr_export',
|
259 |
+
'openssl_csr_get_public_key',
|
260 |
+
'openssl_csr_get_subject',
|
261 |
+
'openssl_csr_new',
|
262 |
+
'openssl_csr_sign',
|
263 |
+
'openssl_decrypt',
|
264 |
+
'openssl_dh_compute_key',
|
265 |
+
'openssl_digest',
|
266 |
+
'openssl_encrypt',
|
267 |
+
'openssl_error_string',
|
268 |
+
'openssl_free_key',
|
269 |
+
'openssl_get_cipher_methods',
|
270 |
+
'openssl_get_md_methods',
|
271 |
+
'openssl_get_privatekey',
|
272 |
+
'openssl_get_publickey',
|
273 |
+
'openssl_open',
|
274 |
+
'openssl_pbkdf2',
|
275 |
+
'openssl_pkcs12_export_to_file',
|
276 |
+
'openssl_pkcs12_export',
|
277 |
+
'openssl_pkcs12_read',
|
278 |
+
'openssl_pkcs7_decrypt',
|
279 |
+
'openssl_pkcs7_encrypt',
|
280 |
+
'openssl_pkcs7_sign',
|
281 |
+
'openssl_pkcs7_verify',
|
282 |
+
'openssl_pkey_export_to_file',
|
283 |
+
'openssl_pkey_export',
|
284 |
+
'openssl_pkey_free',
|
285 |
+
'openssl_pkey_get_details',
|
286 |
+
'openssl_pkey_get_private',
|
287 |
+
'openssl_pkey_get_public',
|
288 |
+
'openssl_pkey_new',
|
289 |
+
'openssl_private_decrypt',
|
290 |
+
'openssl_private_encrypt',
|
291 |
+
'openssl_public_decrypt',
|
292 |
+
'openssl_public_encrypt',
|
293 |
+
'openssl_random_pseudo_bytes',
|
294 |
+
'openssl_seal',
|
295 |
+
'openssl_sign',
|
296 |
+
'openssl_spki_export_challenge',
|
297 |
+
'openssl_spki_export',
|
298 |
+
'openssl_spki_new',
|
299 |
+
'openssl_spki_verify',
|
300 |
+
'openssl_verify',
|
301 |
+
'openssl_x509_check_private_key',
|
302 |
+
'openssl_x509_checkpurpose',
|
303 |
+
'openssl_x509_export_to_file',
|
304 |
+
'openssl_x509_export',
|
305 |
+
'openssl_x509_free',
|
306 |
+
'openssl_x509_parse',
|
307 |
+
'openssl_x509_read',
|
308 |
+
// http://php.net/manual/en/book.password.php
|
309 |
+
'password_get_info',
|
310 |
+
'password_hash',
|
311 |
+
'password_needs_rehash',
|
312 |
+
'password_verify',
|
313 |
+
// Guesses
|
314 |
+
'encrypt',
|
315 |
+
'decrypt',
|
316 |
+
'mc_encrypt',
|
317 |
+
'mc_decrypt',
|
318 |
+
'crypto',
|
319 |
+
'scrypt',
|
320 |
+
'bcrypt',
|
321 |
+
'password_crypt',
|
322 |
+
'sha256',
|
323 |
+
'sha128',
|
324 |
+
'sha512',
|
325 |
+
'hmac',
|
326 |
+
'pbkdf2',
|
327 |
+
'aes',
|
328 |
+
'encipher',
|
329 |
+
'decipher',
|
330 |
+
'crc32',
|
331 |
+
);
|
332 |
+
}
|
333 |
+
}
|
app/module/scan/js/script.js
CHANGED
@@ -16,19 +16,22 @@ jQuery(function ($) {
|
|
16 |
});
|
17 |
var current_issue = null;
|
18 |
$('body').on('click', '#next_issue', function () {
|
19 |
-
var parent = $(this).parent().find('.inner-sourcecode').first();
|
|
|
|
|
|
|
|
|
20 |
if (current_issue === null) {
|
21 |
-
current_issue =
|
22 |
} else {
|
23 |
-
current_issue = current_issue
|
24 |
-
|
25 |
-
|
26 |
-
|
27 |
-
var pos = current_issue.position();
|
28 |
-
console.log(current_issue.offset());
|
29 |
-
console.log(current_issue.position());
|
30 |
-
parent.scrollTop(pos.top);
|
31 |
}
|
|
|
|
|
|
|
32 |
})
|
33 |
//processing scan
|
34 |
if ($('#scanning').size() > 0) {
|
16 |
});
|
17 |
var current_issue = null;
|
18 |
$('body').on('click', '#next_issue', function () {
|
19 |
+
var parent = $(this).parent().parent().find('.inner-sourcecode').first();
|
20 |
+
var issues = parent.find('del');
|
21 |
+
if (issues.size() == 0) {
|
22 |
+
return;
|
23 |
+
}
|
24 |
if (current_issue === null) {
|
25 |
+
current_issue = 0;
|
26 |
} else {
|
27 |
+
current_issue = current_issue + 1;
|
28 |
+
if (issues[current_issue] === undefined) {
|
29 |
+
current_issue = 0;
|
30 |
+
}
|
|
|
|
|
|
|
|
|
31 |
}
|
32 |
+
console.log($(issues[current_issue]).text());
|
33 |
+
var pos = $(issues[current_issue]).position();
|
34 |
+
parent.scrollTop(pos.top);
|
35 |
})
|
36 |
//processing scan
|
37 |
if ($('#scanning').size() > 0) {
|
assets/css/styles.css
CHANGED
@@ -2494,6 +2494,11 @@
|
|
2494 |
text-transform: uppercase; }
|
2495 |
.wp-defender .advanced-tools .at-line .well.well-yellow a:hover {
|
2496 |
opacity: 1; }
|
|
|
|
|
|
|
|
|
|
|
2497 |
.wp-defender .toggle-row {
|
2498 |
display: none; }
|
2499 |
@media screen and (min-width: 769px) and (max-width: 979px) {
|
2494 |
text-transform: uppercase; }
|
2495 |
.wp-defender .advanced-tools .at-line .well.well-yellow a:hover {
|
2496 |
opacity: 1; }
|
2497 |
+
.wp-defender .advanced-tools .well.well-white label {
|
2498 |
+
color: #666;
|
2499 |
+
font-size: 13px;
|
2500 |
+
font-weight: 500;
|
2501 |
+
display: inline; }
|
2502 |
.wp-defender .toggle-row {
|
2503 |
display: none; }
|
2504 |
@media screen and (min-width: 769px) and (max-width: 979px) {
|
assets/js/scripts.js
CHANGED
@@ -1,4 +1,12 @@
|
|
1 |
jQuery(function ($) {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2 |
//blacklist helper
|
3 |
if ($('.blacklist-widget').size() > 0) {
|
4 |
$('.blacklist-widget').submit(function () {
|
1 |
jQuery(function ($) {
|
2 |
+
$('body').on('change', '.toggle-checkbox', function (e) {
|
3 |
+
if ($(this).prop('checked') == true) {
|
4 |
+
$('label[for="'+$(this).attr('id')+'"]').attr('aria-checked',true);
|
5 |
+
} else {
|
6 |
+
$('label[for="'+$(this).attr('id')+'"]').attr('aria-checked',false);
|
7 |
+
}
|
8 |
+
});
|
9 |
+
|
10 |
//blacklist helper
|
11 |
if ($('.blacklist-widget').size() > 0) {
|
12 |
$('.blacklist-widget').submit(function () {
|
changelog.txt
CHANGED
@@ -4,6 +4,36 @@ Tested up to: 4.7.4
|
|
4 |
|
5 |
Change Log:
|
6 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
7 |
1.8 - 2018-10-04
|
8 |
----------------------------------------------------------------------
|
9 |
- New: Hide the default WordPress login URLs with the new Mask Login Area feature, giving you enhanced protection from hackers and bots.
|
4 |
|
5 |
Change Log:
|
6 |
|
7 |
+
2.0 - 2018-04-09
|
8 |
+
----------------------------------------------------------------------
|
9 |
+
- New: added tweak “Disable XML-RPC”
|
10 |
+
- Improvement: Two factor authentication can now be force enabled by role.
|
11 |
+
- Improvement: better clarification on Mask Login Area page
|
12 |
+
- Fix: Compatibility with Appointments login when Mask Login enabled.
|
13 |
+
- Fix: /login/ will be blocked instead of redirect to right login URL
|
14 |
+
- Fix: new site registration emails login URL now show right Login URL instead of the original one if Mask URL enabled.
|
15 |
+
- Fix: Accessibility fix for factor authentication
|
16 |
+
- Changes: Show Admin Pointer when first activate Defender and remove the redirect behavior
|
17 |
+
|
18 |
+
1.9.1 - 2018-09-07
|
19 |
+
----------------------------------------------------------------------
|
20 |
+
- Fix: Mask Login Area description text is misleading
|
21 |
+
- Fix: wp-admin link of sub-sites in networks link to wrong admin URL
|
22 |
+
- Fix: Prevent Information Disclosure & Prevent PHP Execution show false error message when first applied
|
23 |
+
- Fix: Dashboard reporting section mis-alignment
|
24 |
+
- Other minor enhancements and fixes
|
25 |
+
|
26 |
+
1.9 - 2018-24-05
|
27 |
+
----------------------------------------------------------------------
|
28 |
+
- New: Ability to edit default two-factor authentication email notifications
|
29 |
+
- New: Added Privacy Policy in privacy guideline page
|
30 |
+
- Improvements for lockout logs interface
|
31 |
+
- Improvement: Smarter report default time.
|
32 |
+
- Fix: Defender auto redirect issue when bulk activating plugins
|
33 |
+
- Fix: saving 404 redirect URL issue
|
34 |
+
- Fix: Some layouts are shifted on mobile devices
|
35 |
+
- Other minor enhancements and fixes
|
36 |
+
|
37 |
1.8 - 2018-10-04
|
38 |
----------------------------------------------------------------------
|
39 |
- New: Hide the default WordPress login URLs with the new Mask Login Area feature, giving you enhanced protection from hackers and bots.
|
languages/wpdef-default.pot
CHANGED
@@ -2,16 +2,16 @@
|
|
2 |
# This file is distributed under the GNU General Public License (Version 2 - GPLv2).
|
3 |
msgid ""
|
4 |
msgstr ""
|
5 |
-
"Project-Id-Version: Defender Pro
|
6 |
"Report-Msgid-Bugs-To: https://wpmudev.org\n"
|
7 |
-
"POT-Creation-Date: 2018-
|
8 |
"MIME-Version: 1.0\n"
|
9 |
"Content-Type: text/plain; charset=utf-8\n"
|
10 |
"Content-Transfer-Encoding: 8bit\n"
|
11 |
"PO-Revision-Date: 2018-MO-DA HO:MI+ZONE\n"
|
12 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
13 |
"Language-Team: LANGUAGE <EMAIL@ADDRESS>\n"
|
14 |
-
"X-Generator: grunt-wp-i18n1.0.
|
15 |
|
16 |
#: app/behavior/blacklist-free.php:21 app/behavior/blacklist.php:58
|
17 |
#: app/behavior/blacklist.php:116 app/behavior/blacklist.php:141
|
@@ -96,7 +96,7 @@ msgstr ""
|
|
96 |
msgid "Your domain is currently clean."
|
97 |
msgstr ""
|
98 |
|
99 |
-
#: app/behavior/blacklist.php:
|
100 |
msgid "Something wrong happened, please try again."
|
101 |
msgstr ""
|
102 |
|
@@ -152,17 +152,17 @@ msgid "Lockout reports are active scheduled to send %s"
|
|
152 |
msgstr ""
|
153 |
|
154 |
#: app/behavior/report-free.php:129 app/behavior/report.php:224
|
155 |
-
#: app/behavior/utils.php:
|
156 |
msgid "daily"
|
157 |
msgstr ""
|
158 |
|
159 |
#: app/behavior/report-free.php:132 app/behavior/report.php:227
|
160 |
-
#: app/behavior/utils.php:
|
161 |
msgid "weekly"
|
162 |
msgstr ""
|
163 |
|
164 |
#: app/behavior/report-free.php:135 app/behavior/report.php:230
|
165 |
-
#: app/behavior/utils.php:
|
166 |
msgid "monthly"
|
167 |
msgstr ""
|
168 |
|
@@ -204,47 +204,57 @@ msgstr ""
|
|
204 |
msgid "To activate this report you must first enable the Audit Logging module."
|
205 |
msgstr ""
|
206 |
|
207 |
-
#: app/behavior/utils.php:
|
208 |
msgid ""
|
209 |
"WPMU DEV Dashboard will be required for this action. Please visit <a "
|
210 |
"href=\"%s\">here</a> and install the WPMU DEV Dashboard"
|
211 |
msgstr ""
|
212 |
|
213 |
-
#: app/behavior/utils.php:
|
214 |
#: app/module/audit/view/table.php:78 app/module/audit/view/table.php:136
|
215 |
#: free/utils.php:179 free/utils.php:188
|
216 |
msgid "Guest"
|
217 |
msgstr ""
|
218 |
|
219 |
-
#: app/behavior/utils.php:
|
220 |
msgid "WordPress Core Integrity"
|
221 |
msgstr ""
|
222 |
|
223 |
-
#: app/behavior/utils.php:
|
224 |
msgid "Plugins & Themes vulnerability"
|
225 |
msgstr ""
|
226 |
|
227 |
-
#: app/behavior/utils.php:
|
228 |
#: app/module/scan/view/layouts/layout.php:70
|
229 |
#: app/module/scan/view/setting-free.php:50 app/module/scan/view/setting.php:43
|
230 |
#: app/view/settings.php:98
|
231 |
msgid "Suspicious Code"
|
232 |
msgstr ""
|
233 |
|
234 |
-
#: app/behavior/utils.php:
|
235 |
#: app/module/ip-lockout/controller/main.php:93
|
236 |
msgid "Never"
|
237 |
msgstr ""
|
238 |
|
239 |
-
#: app/behavior/utils.php:
|
240 |
msgid "Please upgrade to 5.3 or later"
|
241 |
msgstr ""
|
242 |
|
243 |
-
#: app/controller/dashboard.php:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
244 |
msgid "Dashboard"
|
245 |
msgstr ""
|
246 |
|
247 |
-
#: app/controller/dashboard.php:
|
248 |
#: app/controller/requirement.php:69 app/module/ip-lockout/view/locked.php:75
|
249 |
msgid "Defender"
|
250 |
msgstr ""
|
@@ -253,27 +263,27 @@ msgstr ""
|
|
253 |
msgid "Defender Pro"
|
254 |
msgstr ""
|
255 |
|
256 |
-
#: app/controller/dashboard.php:
|
257 |
msgid "QUICK SETUP"
|
258 |
msgstr ""
|
259 |
|
260 |
-
#: app/controller/dashboard.php:
|
261 |
msgid "Skip"
|
262 |
msgstr ""
|
263 |
|
264 |
-
#: app/controller/dashboard.php:
|
265 |
msgid "Activating File Scanning..."
|
266 |
msgstr ""
|
267 |
|
268 |
-
#: app/controller/dashboard.php:
|
269 |
msgid "Activating Audit Module..."
|
270 |
msgstr ""
|
271 |
|
272 |
-
#: app/controller/dashboard.php:
|
273 |
msgid "Activating IP Lockouts Module..."
|
274 |
msgstr ""
|
275 |
|
276 |
-
#: app/controller/dashboard.php:
|
277 |
msgid "Activating Blacklist Monitoring..."
|
278 |
msgstr ""
|
279 |
|
@@ -340,7 +350,7 @@ msgid "Defender%s"
|
|
340 |
msgstr ""
|
341 |
|
342 |
#: app/module/advanced-tools/behavior/at-widget.php:18
|
343 |
-
#: app/module/advanced-tools/controller/main.php:
|
344 |
#: app/module/advanced-tools/view/layouts/layout.php:5
|
345 |
msgid "Advanced Tools"
|
346 |
msgstr ""
|
@@ -433,88 +443,88 @@ msgid ""
|
|
433 |
msgstr ""
|
434 |
|
435 |
#: app/module/advanced-tools/controller/main.php:60
|
436 |
-
#: app/module/advanced-tools/controller/mask-login.php:
|
437 |
msgid ""
|
438 |
"We’ve detected a conflict with Jetpack’s Wordpress.com Log In feature. "
|
439 |
"Please disable it and return to this page to continue setup."
|
440 |
msgstr ""
|
441 |
|
442 |
#: app/module/advanced-tools/controller/main.php:63
|
443 |
-
#: app/module/advanced-tools/controller/mask-login.php:
|
444 |
msgid ""
|
445 |
"We’ve detected a conflict with Theme my login. Please disable it and return "
|
446 |
"to this page to continue setup."
|
447 |
msgstr ""
|
448 |
|
449 |
-
#: app/module/advanced-tools/controller/main.php:
|
450 |
msgid "Two Factor"
|
451 |
msgstr ""
|
452 |
|
453 |
-
#: app/module/advanced-tools/controller/main.php:
|
454 |
msgid "Your token is invalid"
|
455 |
msgstr ""
|
456 |
|
457 |
-
#: app/module/advanced-tools/controller/main.php:
|
458 |
-
#: app/module/advanced-tools/controller/main.php:
|
459 |
-
#: app/module/advanced-tools/controller/main.php:
|
460 |
#: app/module/advanced-tools/view/2factor-otp-email-edit-from.php:3
|
461 |
msgid "Your OTP code"
|
462 |
msgstr ""
|
463 |
|
464 |
-
#: app/module/advanced-tools/controller/main.php:
|
465 |
msgid "Your code has been sent to your email."
|
466 |
msgstr ""
|
467 |
|
468 |
-
#: app/module/advanced-tools/controller/main.php:
|
469 |
msgid "Please input a valid OTP code"
|
470 |
msgstr ""
|
471 |
|
472 |
-
#: app/module/advanced-tools/controller/main.php:
|
473 |
msgid "Your OTP code is incorrect. Please try again."
|
474 |
msgstr ""
|
475 |
|
476 |
-
#: app/module/advanced-tools/controller/main.php:
|
477 |
msgid "Some error happen"
|
478 |
msgstr ""
|
479 |
|
480 |
-
#: app/module/advanced-tools/controller/main.php:
|
481 |
msgid "Whoops, the passcode you entered was incorrect or expired."
|
482 |
msgstr ""
|
483 |
|
484 |
-
#: app/module/advanced-tools/controller/main.php:
|
485 |
msgid "Edit Email"
|
486 |
msgstr ""
|
487 |
|
488 |
-
#: app/module/advanced-tools/controller/main.php:
|
489 |
-
#: app/module/advanced-tools/controller/mask-login.php:
|
490 |
#: app/module/audit/controller/main.php:197
|
491 |
#: app/module/ip-lockout/controller/main.php:739
|
492 |
#: app/module/scan/controller/main.php:306
|
493 |
msgid "Your settings have been updated."
|
494 |
msgstr ""
|
495 |
|
496 |
-
#: app/module/advanced-tools/controller/main.php:
|
497 |
-
#: app/module/advanced-tools/controller/main.php:
|
498 |
msgid "%s variable was not found in mail body."
|
499 |
msgstr ""
|
500 |
|
501 |
-
#: app/module/advanced-tools/controller/main.php:
|
502 |
msgid "Email settings has been saved."
|
503 |
msgstr ""
|
504 |
|
505 |
-
#: app/module/advanced-tools/controller/main.php:
|
506 |
msgid "Test email has been sent to your email."
|
507 |
msgstr ""
|
508 |
|
509 |
-
#: app/module/advanced-tools/controller/main.php:
|
510 |
msgid "Test email failed."
|
511 |
msgstr ""
|
512 |
|
513 |
-
#: app/module/advanced-tools/controller/mask-login.php:
|
514 |
msgid "This feature is disabled"
|
515 |
msgstr ""
|
516 |
|
517 |
-
#: app/module/advanced-tools/controller/mask-login.php:
|
518 |
msgid "Login and 404 redirect URLs can't be the same. Please use different URLs."
|
519 |
msgstr ""
|
520 |
|
@@ -685,7 +695,9 @@ msgid ""
|
|
685 |
msgstr ""
|
686 |
|
687 |
#: app/module/advanced-tools/view/main-free.php:41
|
|
|
688 |
#: app/module/advanced-tools/view/main.php:41
|
|
|
689 |
msgid "User Roles"
|
690 |
msgstr ""
|
691 |
|
@@ -702,58 +714,58 @@ msgstr ""
|
|
702 |
msgid "User role"
|
703 |
msgstr ""
|
704 |
|
705 |
-
#: app/module/advanced-tools/view/main-free.php:
|
706 |
-
#: app/module/advanced-tools/view/main.php:
|
707 |
msgid "Lost Phone"
|
708 |
msgstr ""
|
709 |
|
710 |
-
#: app/module/advanced-tools/view/main-free.php:
|
711 |
-
#: app/module/advanced-tools/view/main.php:
|
712 |
msgid ""
|
713 |
"If a user is unable to access their phone, you can allow an option to send "
|
714 |
"the one time password to their registered email."
|
715 |
msgstr ""
|
716 |
|
717 |
-
#: app/module/advanced-tools/view/main-free.php:
|
718 |
-
#: app/module/advanced-tools/view/main.php:
|
719 |
msgid "Enable lost phone option"
|
720 |
msgstr ""
|
721 |
|
722 |
-
#: app/module/advanced-tools/view/main-free.php:
|
723 |
-
#: app/module/advanced-tools/view/main.php:
|
724 |
msgid "Force Authentication"
|
725 |
msgstr ""
|
726 |
|
727 |
-
#: app/module/advanced-tools/view/main-free.php:
|
728 |
-
#: app/module/advanced-tools/view/main.php:
|
729 |
msgid ""
|
730 |
"By default, two-factor authentication is optional for users. This setting "
|
731 |
"forces users to activate two-factor."
|
732 |
msgstr ""
|
733 |
|
734 |
-
#: app/module/advanced-tools/view/main-free.php:
|
735 |
-
#: app/module/advanced-tools/view/main.php:
|
736 |
msgid "Force users to log in with two-factor authentication"
|
737 |
msgstr ""
|
738 |
|
739 |
-
#: app/module/advanced-tools/view/main-free.php:
|
740 |
-
#: app/module/advanced-tools/view/main.php:
|
741 |
msgid "Note: Users will be forced to set up two-factor when they next login."
|
742 |
msgstr ""
|
743 |
|
744 |
-
#: app/module/advanced-tools/view/main-free.php:
|
745 |
-
#: app/module/advanced-tools/view/main.php:
|
746 |
msgid "Custom warning message"
|
747 |
msgstr ""
|
748 |
|
749 |
-
#: app/module/advanced-tools/view/main-free.php:
|
750 |
-
#: app/module/advanced-tools/view/main.php:
|
751 |
msgid ""
|
752 |
"Note: This is shown in the users Profile area indicating they must use "
|
753 |
"two-factor authentication."
|
754 |
msgstr ""
|
755 |
|
756 |
-
#: app/module/advanced-tools/view/main-free.php:
|
757 |
#: app/module/scan/behavior/scan.php:137 app/module/scan/behavior/scan.php:152
|
758 |
#: app/module/scan/view/layouts/layout.php:62
|
759 |
#: app/module/scan/view/layouts/layout.php:78
|
@@ -762,92 +774,92 @@ msgstr ""
|
|
762 |
msgid "Pro Feature"
|
763 |
msgstr ""
|
764 |
|
765 |
-
#: app/module/advanced-tools/view/main-free.php:
|
766 |
-
#: app/module/advanced-tools/view/main.php:
|
767 |
-
#: app/module/advanced-tools/view/main.php:
|
768 |
msgid "Custom Graphic"
|
769 |
msgstr ""
|
770 |
|
771 |
-
#: app/module/advanced-tools/view/main-free.php:
|
772 |
-
#: app/module/advanced-tools/view/main.php:
|
773 |
msgid ""
|
774 |
"By default, Defender’s icon appears above the login fields. You can upload "
|
775 |
"your own branding, or turn this feature off."
|
776 |
msgstr ""
|
777 |
|
778 |
-
#: app/module/advanced-tools/view/main-free.php:
|
779 |
-
#: app/module/advanced-tools/view/main.php:
|
780 |
msgid "Enable custom graphics above login fields"
|
781 |
msgstr ""
|
782 |
|
783 |
-
#: app/module/advanced-tools/view/main-free.php:
|
784 |
-
#: app/module/advanced-tools/view/main.php:
|
785 |
msgid "Emails"
|
786 |
msgstr ""
|
787 |
|
788 |
-
#: app/module/advanced-tools/view/main-free.php:
|
789 |
-
#: app/module/advanced-tools/view/main.php:
|
790 |
msgid "Customize the default copy for emails the two-factor feature sends to users."
|
791 |
msgstr ""
|
792 |
|
793 |
-
#: app/module/advanced-tools/view/main-free.php:
|
794 |
-
#: app/module/advanced-tools/view/main.php:
|
795 |
msgid "Email"
|
796 |
msgstr ""
|
797 |
|
798 |
-
#: app/module/advanced-tools/view/main-free.php:
|
799 |
-
#: app/module/advanced-tools/view/main.php:
|
800 |
msgid "Lost phone one time password"
|
801 |
msgstr ""
|
802 |
|
803 |
-
#: app/module/advanced-tools/view/main-free.php:
|
804 |
-
#: app/module/advanced-tools/view/main.php:
|
805 |
msgid "App Download"
|
806 |
msgstr ""
|
807 |
|
808 |
-
#: app/module/advanced-tools/view/main-free.php:
|
809 |
-
#: app/module/advanced-tools/view/main.php:
|
810 |
msgid "Need the app? Here’s links to the official Google Authenticator apps."
|
811 |
msgstr ""
|
812 |
|
813 |
-
#: app/module/advanced-tools/view/main-free.php:
|
814 |
-
#: app/module/advanced-tools/view/main.php:
|
815 |
msgid "Active Users"
|
816 |
msgstr ""
|
817 |
|
818 |
-
#: app/module/advanced-tools/view/main-free.php:
|
819 |
-
#: app/module/advanced-tools/view/main.php:
|
820 |
msgid ""
|
821 |
"Here’s a quick link to see which of your users have enabled two-factor "
|
822 |
"verification."
|
823 |
msgstr ""
|
824 |
|
825 |
-
#: app/module/advanced-tools/view/main-free.php:
|
826 |
-
#: app/module/advanced-tools/view/main.php:
|
827 |
msgid "<a href=\"%s\">View users</a> who have enabled this feature."
|
828 |
msgstr ""
|
829 |
|
830 |
-
#: app/module/advanced-tools/view/main-free.php:
|
831 |
-
#: app/module/advanced-tools/view/main-free.php:
|
832 |
-
#: app/module/advanced-tools/view/main.php:
|
833 |
-
#: app/module/advanced-tools/view/main.php:
|
834 |
#: app/module/advanced-tools/view/mask-login/enabled.php:78
|
835 |
#: app/module/advanced-tools/view/mask-login/enabled.php:82
|
836 |
#: app/module/audit/view/settings.php:10
|
837 |
msgid "Deactivate"
|
838 |
msgstr ""
|
839 |
|
840 |
-
#: app/module/advanced-tools/view/main-free.php:
|
841 |
-
#: app/module/advanced-tools/view/main.php:
|
842 |
msgid "Disable two-factor authentication on your website."
|
843 |
msgstr ""
|
844 |
|
845 |
-
#: app/module/advanced-tools/view/main-free.php:
|
846 |
-
#: app/module/advanced-tools/view/main.php:
|
847 |
msgid "SAVE SETTINGS"
|
848 |
msgstr ""
|
849 |
|
850 |
-
#: app/module/advanced-tools/view/main.php:
|
851 |
msgid "For best results use a 168x168px JPG or PNG."
|
852 |
msgstr ""
|
853 |
|
@@ -870,27 +882,35 @@ msgid ""
|
|
870 |
msgstr ""
|
871 |
|
872 |
#: app/module/advanced-tools/view/mask-login/enabled.php:33
|
873 |
-
msgid "Masking
|
874 |
msgstr ""
|
875 |
|
876 |
#: app/module/advanced-tools/view/mask-login/enabled.php:35
|
877 |
msgid ""
|
878 |
-
"Choose
|
879 |
-
"
|
880 |
msgstr ""
|
881 |
|
882 |
#: app/module/advanced-tools/view/mask-login/enabled.php:39
|
883 |
msgid ""
|
884 |
-
"You can
|
885 |
-
"
|
|
|
886 |
msgstr ""
|
887 |
|
888 |
#: app/module/advanced-tools/view/mask-login/enabled.php:40
|
889 |
-
msgid "New Login
|
|
|
|
|
|
|
|
|
890 |
msgstr ""
|
891 |
|
892 |
#: app/module/advanced-tools/view/mask-login/enabled.php:42
|
893 |
-
msgid "
|
|
|
|
|
|
|
894 |
msgstr ""
|
895 |
|
896 |
#: app/module/advanced-tools/view/mask-login/enabled.php:47
|
@@ -1492,7 +1512,7 @@ msgstr ""
|
|
1492 |
#: app/module/scan/view/layouts/layout.php:132
|
1493 |
#: app/module/scan/view/layouts/layout.php:149
|
1494 |
#: app/module/scan/view/setting-free.php:3 app/module/scan/view/setting.php:3
|
1495 |
-
#: app/view/settings.php:6 free/main-activator.php:161 main-activator.php:
|
1496 |
msgid "Settings"
|
1497 |
msgstr ""
|
1498 |
|
@@ -2181,6 +2201,10 @@ msgstr ""
|
|
2181 |
msgid "Disable trackbacks and pingbacks"
|
2182 |
msgstr ""
|
2183 |
|
|
|
|
|
|
|
|
|
2184 |
#: app/module/hardener/component/hide-error-service.php:103
|
2185 |
msgid "WP_DEBUG get override somewhere, please check with your host provider"
|
2186 |
msgstr ""
|
@@ -2271,7 +2295,7 @@ msgstr ""
|
|
2271 |
|
2272 |
#: app/module/hardener/rule.php:111
|
2273 |
#: app/module/scan/behavior/core-result.php:189
|
2274 |
-
#: app/module/scan/behavior/pro/content-result.php:
|
2275 |
#: app/module/scan/behavior/pro/vuln-result.php:156
|
2276 |
#: app/module/scan/component/result-table.php:199
|
2277 |
msgid "Ignore"
|
@@ -2360,6 +2384,7 @@ msgstr ""
|
|
2360 |
#: app/module/hardener/view/rules/db-prefix.php:11
|
2361 |
#: app/module/hardener/view/rules/disable-file-editor.php:11
|
2362 |
#: app/module/hardener/view/rules/disable-trackback.php:11
|
|
|
2363 |
#: app/module/hardener/view/rules/hide-error.php:11
|
2364 |
#: app/module/hardener/view/rules/login-duration.php:11
|
2365 |
#: app/module/hardener/view/rules/php-version.php:11
|
@@ -2384,6 +2409,7 @@ msgstr ""
|
|
2384 |
#: app/module/hardener/view/rules/db-prefix.php:16
|
2385 |
#: app/module/hardener/view/rules/disable-file-editor.php:16
|
2386 |
#: app/module/hardener/view/rules/disable-trackback.php:16
|
|
|
2387 |
#: app/module/hardener/view/rules/hide-error.php:16
|
2388 |
#: app/module/hardener/view/rules/login-duration.php:16
|
2389 |
#: app/module/hardener/view/rules/php-version.php:34
|
@@ -2452,6 +2478,7 @@ msgstr ""
|
|
2452 |
|
2453 |
#: app/module/hardener/view/rules/disable-file-editor.php:26
|
2454 |
#: app/module/hardener/view/rules/disable-trackback.php:26
|
|
|
2455 |
#: app/module/hardener/view/rules/login-duration.php:29
|
2456 |
#: app/module/hardener/view/rules/prevent-php-executed.php:52
|
2457 |
#: app/module/hardener/view/rules/protect-information.php:26
|
@@ -2497,6 +2524,34 @@ msgstr ""
|
|
2497 |
msgid "Disable Pingbacks"
|
2498 |
msgstr ""
|
2499 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2500 |
#: app/module/hardener/view/rules/hide-error.php:13
|
2501 |
msgid ""
|
2502 |
"In addition to hiding error logs, developers often use the built-in "
|
@@ -3716,11 +3771,11 @@ msgid "This WordPress core file appears modified"
|
|
3716 |
msgstr ""
|
3717 |
|
3718 |
#: app/module/scan/behavior/core-result.php:75
|
3719 |
-
#: app/module/scan/behavior/core-result.php:
|
3720 |
-
#: app/module/scan/behavior/core-result.php:
|
3721 |
-
#: app/module/scan/behavior/pro/content-result.php:
|
3722 |
-
#: app/module/scan/behavior/pro/content-result.php:
|
3723 |
-
#: app/module/scan/behavior/pro/content-result.php:
|
3724 |
msgid "Defender doesn't have enough permission to remove this file"
|
3725 |
msgstr ""
|
3726 |
|
@@ -3759,7 +3814,7 @@ msgid "Date Added"
|
|
3759 |
msgstr ""
|
3760 |
|
3761 |
#: app/module/scan/behavior/core-result.php:197
|
3762 |
-
#: app/module/scan/behavior/pro/content-result.php:
|
3763 |
msgid "Delete"
|
3764 |
msgstr ""
|
3765 |
|
@@ -3770,12 +3825,12 @@ msgid ""
|
|
3770 |
msgstr ""
|
3771 |
|
3772 |
#: app/module/scan/behavior/core-result.php:202
|
3773 |
-
#: app/module/scan/behavior/pro/content-result.php:
|
3774 |
msgid "Yes"
|
3775 |
msgstr ""
|
3776 |
|
3777 |
#: app/module/scan/behavior/core-result.php:205
|
3778 |
-
#: app/module/scan/behavior/pro/content-result.php:
|
3779 |
msgid "No"
|
3780 |
msgstr ""
|
3781 |
|
@@ -3795,7 +3850,7 @@ msgstr ""
|
|
3795 |
#: app/module/scan/behavior/core-result.php:281
|
3796 |
#: app/module/scan/behavior/core-result.php:303
|
3797 |
#: app/module/scan/behavior/core-result.php:325
|
3798 |
-
#: app/module/scan/behavior/pro/content-result.php:
|
3799 |
msgid "Pulling source file..."
|
3800 |
msgstr ""
|
3801 |
|
@@ -3827,26 +3882,50 @@ msgid ""
|
|
3827 |
"recommend backing up your website."
|
3828 |
msgstr ""
|
3829 |
|
3830 |
-
#: app/module/scan/behavior/pro/content-result.php:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
3831 |
msgid ""
|
3832 |
"This will permanent delete the whole plugin containing this file, do you "
|
3833 |
"want to do this?"
|
3834 |
msgstr ""
|
3835 |
|
3836 |
-
#: app/module/scan/behavior/pro/content-result.php:
|
3837 |
msgid ""
|
3838 |
"This will permanent delete the whole theme containing this file, do you "
|
3839 |
"want to do this?"
|
3840 |
msgstr ""
|
3841 |
|
3842 |
-
#: app/module/scan/behavior/pro/content-result.php:
|
3843 |
msgid "This will permanent delete this file, do you want to do this?"
|
3844 |
msgstr ""
|
3845 |
|
3846 |
-
#: app/module/scan/behavior/pro/content-result.php:
|
3847 |
msgid "wp-config.php can't be removed. Please remove the suspicious code manually."
|
3848 |
msgstr ""
|
3849 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
3850 |
#: app/module/scan/behavior/pro/vuln-result.php:33
|
3851 |
msgid "WordPress Vulnerability"
|
3852 |
msgstr ""
|
@@ -3999,19 +4078,19 @@ msgstr ""
|
|
3999 |
msgid "A scan is already in progress"
|
4000 |
msgstr ""
|
4001 |
|
4002 |
-
#: app/module/scan/component/scan-api.php:
|
4003 |
msgid "No scan record exists"
|
4004 |
msgstr ""
|
4005 |
|
4006 |
-
#: app/module/scan/component/scan-api.php:
|
4007 |
msgid "Analyzing WordPress Core..."
|
4008 |
msgstr ""
|
4009 |
|
4010 |
-
#: app/module/scan/component/scan-api.php:
|
4011 |
msgid "Analyzing WordPress Content..."
|
4012 |
msgstr ""
|
4013 |
|
4014 |
-
#: app/module/scan/component/scan-api.php:
|
4015 |
msgid "Checking for any published vulnerabilities your plugins & themes..."
|
4016 |
msgstr ""
|
4017 |
|
@@ -4591,7 +4670,7 @@ msgstr ""
|
|
4591 |
msgid "<br/>Something went wrong. Please try again later!"
|
4592 |
msgstr ""
|
4593 |
|
4594 |
-
#: free/main-activator.php:166 main-activator.php:
|
4595 |
msgid "Docs"
|
4596 |
msgstr ""
|
4597 |
|
@@ -4631,7 +4710,7 @@ msgstr ""
|
|
4631 |
msgid "Rate %s"
|
4632 |
msgstr ""
|
4633 |
|
4634 |
-
#: main-activator.php:
|
4635 |
msgid ""
|
4636 |
"We noticed you have both the free and pro versions of Defender installed, "
|
4637 |
"so we've automatically deactivated the free version for you."
|
2 |
# This file is distributed under the GNU General Public License (Version 2 - GPLv2).
|
3 |
msgid ""
|
4 |
msgstr ""
|
5 |
+
"Project-Id-Version: Defender Pro 2.0\n"
|
6 |
"Report-Msgid-Bugs-To: https://wpmudev.org\n"
|
7 |
+
"POT-Creation-Date: 2018-09-04 10:26:31+00:00\n"
|
8 |
"MIME-Version: 1.0\n"
|
9 |
"Content-Type: text/plain; charset=utf-8\n"
|
10 |
"Content-Transfer-Encoding: 8bit\n"
|
11 |
"PO-Revision-Date: 2018-MO-DA HO:MI+ZONE\n"
|
12 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
13 |
"Language-Team: LANGUAGE <EMAIL@ADDRESS>\n"
|
14 |
+
"X-Generator: grunt-wp-i18n1.0.2\n"
|
15 |
|
16 |
#: app/behavior/blacklist-free.php:21 app/behavior/blacklist.php:58
|
17 |
#: app/behavior/blacklist.php:116 app/behavior/blacklist.php:141
|
96 |
msgid "Your domain is currently clean."
|
97 |
msgstr ""
|
98 |
|
99 |
+
#: app/behavior/blacklist.php:260
|
100 |
msgid "Something wrong happened, please try again."
|
101 |
msgstr ""
|
102 |
|
152 |
msgstr ""
|
153 |
|
154 |
#: app/behavior/report-free.php:129 app/behavior/report.php:224
|
155 |
+
#: app/behavior/utils.php:916 free/utils.php:709
|
156 |
msgid "daily"
|
157 |
msgstr ""
|
158 |
|
159 |
#: app/behavior/report-free.php:132 app/behavior/report.php:227
|
160 |
+
#: app/behavior/utils.php:919 free/utils.php:712
|
161 |
msgid "weekly"
|
162 |
msgstr ""
|
163 |
|
164 |
#: app/behavior/report-free.php:135 app/behavior/report.php:230
|
165 |
+
#: app/behavior/utils.php:922 free/utils.php:715
|
166 |
msgid "monthly"
|
167 |
msgstr ""
|
168 |
|
204 |
msgid "To activate this report you must first enable the Audit Logging module."
|
205 |
msgstr ""
|
206 |
|
207 |
+
#: app/behavior/utils.php:76 free/utils.php:78
|
208 |
msgid ""
|
209 |
"WPMU DEV Dashboard will be required for this action. Please visit <a "
|
210 |
"href=\"%s\">here</a> and install the WPMU DEV Dashboard"
|
211 |
msgstr ""
|
212 |
|
213 |
+
#: app/behavior/utils.php:177 app/behavior/utils.php:186
|
214 |
#: app/module/audit/view/table.php:78 app/module/audit/view/table.php:136
|
215 |
#: free/utils.php:179 free/utils.php:188
|
216 |
msgid "Guest"
|
217 |
msgstr ""
|
218 |
|
219 |
+
#: app/behavior/utils.php:740
|
220 |
msgid "WordPress Core Integrity"
|
221 |
msgstr ""
|
222 |
|
223 |
+
#: app/behavior/utils.php:741
|
224 |
msgid "Plugins & Themes vulnerability"
|
225 |
msgstr ""
|
226 |
|
227 |
+
#: app/behavior/utils.php:742 app/module/scan/behavior/scan.php:145
|
228 |
#: app/module/scan/view/layouts/layout.php:70
|
229 |
#: app/module/scan/view/setting-free.php:50 app/module/scan/view/setting.php:43
|
230 |
#: app/view/settings.php:98
|
231 |
msgid "Suspicious Code"
|
232 |
msgstr ""
|
233 |
|
234 |
+
#: app/behavior/utils.php:771 app/module/audit/controller/main.php:144
|
235 |
#: app/module/ip-lockout/controller/main.php:93
|
236 |
msgid "Never"
|
237 |
msgstr ""
|
238 |
|
239 |
+
#: app/behavior/utils.php:899 free/utils.php:692
|
240 |
msgid "Please upgrade to 5.3 or later"
|
241 |
msgstr ""
|
242 |
|
243 |
+
#: app/controller/dashboard.php:115
|
244 |
+
msgid "Get Secure"
|
245 |
+
msgstr ""
|
246 |
+
|
247 |
+
#: app/controller/dashboard.php:116
|
248 |
+
msgid ""
|
249 |
+
"Enable security tweaks, activate monitoring and start protecting your login "
|
250 |
+
"are and files here."
|
251 |
+
msgstr ""
|
252 |
+
|
253 |
+
#: app/controller/dashboard.php:147 app/view/dashboard.php:4
|
254 |
msgid "Dashboard"
|
255 |
msgstr ""
|
256 |
|
257 |
+
#: app/controller/dashboard.php:411 app/controller/gdpr.php:16
|
258 |
#: app/controller/requirement.php:69 app/module/ip-lockout/view/locked.php:75
|
259 |
msgid "Defender"
|
260 |
msgstr ""
|
263 |
msgid "Defender Pro"
|
264 |
msgstr ""
|
265 |
|
266 |
+
#: app/controller/dashboard.php:445
|
267 |
msgid "QUICK SETUP"
|
268 |
msgstr ""
|
269 |
|
270 |
+
#: app/controller/dashboard.php:445
|
271 |
msgid "Skip"
|
272 |
msgstr ""
|
273 |
|
274 |
+
#: app/controller/dashboard.php:446
|
275 |
msgid "Activating File Scanning..."
|
276 |
msgstr ""
|
277 |
|
278 |
+
#: app/controller/dashboard.php:447
|
279 |
msgid "Activating Audit Module..."
|
280 |
msgstr ""
|
281 |
|
282 |
+
#: app/controller/dashboard.php:448
|
283 |
msgid "Activating IP Lockouts Module..."
|
284 |
msgstr ""
|
285 |
|
286 |
+
#: app/controller/dashboard.php:449
|
287 |
msgid "Activating Blacklist Monitoring..."
|
288 |
msgstr ""
|
289 |
|
350 |
msgstr ""
|
351 |
|
352 |
#: app/module/advanced-tools/behavior/at-widget.php:18
|
353 |
+
#: app/module/advanced-tools/controller/main.php:486
|
354 |
#: app/module/advanced-tools/view/layouts/layout.php:5
|
355 |
msgid "Advanced Tools"
|
356 |
msgstr ""
|
443 |
msgstr ""
|
444 |
|
445 |
#: app/module/advanced-tools/controller/main.php:60
|
446 |
+
#: app/module/advanced-tools/controller/mask-login.php:54
|
447 |
msgid ""
|
448 |
"We’ve detected a conflict with Jetpack’s Wordpress.com Log In feature. "
|
449 |
"Please disable it and return to this page to continue setup."
|
450 |
msgstr ""
|
451 |
|
452 |
#: app/module/advanced-tools/controller/main.php:63
|
453 |
+
#: app/module/advanced-tools/controller/mask-login.php:57
|
454 |
msgid ""
|
455 |
"We’ve detected a conflict with Theme my login. Please disable it and return "
|
456 |
"to this page to continue setup."
|
457 |
msgstr ""
|
458 |
|
459 |
+
#: app/module/advanced-tools/controller/main.php:212
|
460 |
msgid "Two Factor"
|
461 |
msgstr ""
|
462 |
|
463 |
+
#: app/module/advanced-tools/controller/main.php:235
|
464 |
msgid "Your token is invalid"
|
465 |
msgstr ""
|
466 |
|
467 |
+
#: app/module/advanced-tools/controller/main.php:246
|
468 |
+
#: app/module/advanced-tools/controller/main.php:585
|
469 |
+
#: app/module/advanced-tools/controller/main.php:629
|
470 |
#: app/module/advanced-tools/view/2factor-otp-email-edit-from.php:3
|
471 |
msgid "Your OTP code"
|
472 |
msgstr ""
|
473 |
|
474 |
+
#: app/module/advanced-tools/controller/main.php:263
|
475 |
msgid "Your code has been sent to your email."
|
476 |
msgstr ""
|
477 |
|
478 |
+
#: app/module/advanced-tools/controller/main.php:307
|
479 |
msgid "Please input a valid OTP code"
|
480 |
msgstr ""
|
481 |
|
482 |
+
#: app/module/advanced-tools/controller/main.php:322
|
483 |
msgid "Your OTP code is incorrect. Please try again."
|
484 |
msgstr ""
|
485 |
|
486 |
+
#: app/module/advanced-tools/controller/main.php:383
|
487 |
msgid "Some error happen"
|
488 |
msgstr ""
|
489 |
|
490 |
+
#: app/module/advanced-tools/controller/main.php:420
|
491 |
msgid "Whoops, the passcode you entered was incorrect or expired."
|
492 |
msgstr ""
|
493 |
|
494 |
+
#: app/module/advanced-tools/controller/main.php:534
|
495 |
msgid "Edit Email"
|
496 |
msgstr ""
|
497 |
|
498 |
+
#: app/module/advanced-tools/controller/main.php:565
|
499 |
+
#: app/module/advanced-tools/controller/mask-login.php:272
|
500 |
#: app/module/audit/controller/main.php:197
|
501 |
#: app/module/ip-lockout/controller/main.php:739
|
502 |
#: app/module/scan/controller/main.php:306
|
503 |
msgid "Your settings have been updated."
|
504 |
msgstr ""
|
505 |
|
506 |
+
#: app/module/advanced-tools/controller/main.php:591
|
507 |
+
#: app/module/advanced-tools/controller/main.php:635
|
508 |
msgid "%s variable was not found in mail body."
|
509 |
msgstr ""
|
510 |
|
511 |
+
#: app/module/advanced-tools/controller/main.php:603
|
512 |
msgid "Email settings has been saved."
|
513 |
msgstr ""
|
514 |
|
515 |
+
#: app/module/advanced-tools/controller/main.php:652
|
516 |
msgid "Test email has been sent to your email."
|
517 |
msgstr ""
|
518 |
|
519 |
+
#: app/module/advanced-tools/controller/main.php:656
|
520 |
msgid "Test email failed."
|
521 |
msgstr ""
|
522 |
|
523 |
+
#: app/module/advanced-tools/controller/mask-login.php:219
|
524 |
msgid "This feature is disabled"
|
525 |
msgstr ""
|
526 |
|
527 |
+
#: app/module/advanced-tools/controller/mask-login.php:265
|
528 |
msgid "Login and 404 redirect URLs can't be the same. Please use different URLs."
|
529 |
msgstr ""
|
530 |
|
695 |
msgstr ""
|
696 |
|
697 |
#: app/module/advanced-tools/view/main-free.php:41
|
698 |
+
#: app/module/advanced-tools/view/main-free.php:117
|
699 |
#: app/module/advanced-tools/view/main.php:41
|
700 |
+
#: app/module/advanced-tools/view/main.php:117
|
701 |
msgid "User Roles"
|
702 |
msgstr ""
|
703 |
|
714 |
msgid "User role"
|
715 |
msgstr ""
|
716 |
|
717 |
+
#: app/module/advanced-tools/view/main-free.php:84
|
718 |
+
#: app/module/advanced-tools/view/main.php:84
|
719 |
msgid "Lost Phone"
|
720 |
msgstr ""
|
721 |
|
722 |
+
#: app/module/advanced-tools/view/main-free.php:86
|
723 |
+
#: app/module/advanced-tools/view/main.php:86
|
724 |
msgid ""
|
725 |
"If a user is unable to access their phone, you can allow an option to send "
|
726 |
"the one time password to their registered email."
|
727 |
msgstr ""
|
728 |
|
729 |
+
#: app/module/advanced-tools/view/main-free.php:96
|
730 |
+
#: app/module/advanced-tools/view/main.php:96
|
731 |
msgid "Enable lost phone option"
|
732 |
msgstr ""
|
733 |
|
734 |
+
#: app/module/advanced-tools/view/main-free.php:101
|
735 |
+
#: app/module/advanced-tools/view/main.php:101
|
736 |
msgid "Force Authentication"
|
737 |
msgstr ""
|
738 |
|
739 |
+
#: app/module/advanced-tools/view/main-free.php:103
|
740 |
+
#: app/module/advanced-tools/view/main.php:103
|
741 |
msgid ""
|
742 |
"By default, two-factor authentication is optional for users. This setting "
|
743 |
"forces users to activate two-factor."
|
744 |
msgstr ""
|
745 |
|
746 |
+
#: app/module/advanced-tools/view/main-free.php:113
|
747 |
+
#: app/module/advanced-tools/view/main.php:113
|
748 |
msgid "Force users to log in with two-factor authentication"
|
749 |
msgstr ""
|
750 |
|
751 |
+
#: app/module/advanced-tools/view/main-free.php:114
|
752 |
+
#: app/module/advanced-tools/view/main.php:114
|
753 |
msgid "Note: Users will be forced to set up two-factor when they next login."
|
754 |
msgstr ""
|
755 |
|
756 |
+
#: app/module/advanced-tools/view/main-free.php:131
|
757 |
+
#: app/module/advanced-tools/view/main.php:131
|
758 |
msgid "Custom warning message"
|
759 |
msgstr ""
|
760 |
|
761 |
+
#: app/module/advanced-tools/view/main-free.php:135
|
762 |
+
#: app/module/advanced-tools/view/main.php:135
|
763 |
msgid ""
|
764 |
"Note: This is shown in the users Profile area indicating they must use "
|
765 |
"two-factor authentication."
|
766 |
msgstr ""
|
767 |
|
768 |
+
#: app/module/advanced-tools/view/main-free.php:143
|
769 |
#: app/module/scan/behavior/scan.php:137 app/module/scan/behavior/scan.php:152
|
770 |
#: app/module/scan/view/layouts/layout.php:62
|
771 |
#: app/module/scan/view/layouts/layout.php:78
|
774 |
msgid "Pro Feature"
|
775 |
msgstr ""
|
776 |
|
777 |
+
#: app/module/advanced-tools/view/main-free.php:145
|
778 |
+
#: app/module/advanced-tools/view/main.php:142
|
779 |
+
#: app/module/advanced-tools/view/main.php:159
|
780 |
msgid "Custom Graphic"
|
781 |
msgstr ""
|
782 |
|
783 |
+
#: app/module/advanced-tools/view/main-free.php:147
|
784 |
+
#: app/module/advanced-tools/view/main.php:144
|
785 |
msgid ""
|
786 |
"By default, Defender’s icon appears above the login fields. You can upload "
|
787 |
"your own branding, or turn this feature off."
|
788 |
msgstr ""
|
789 |
|
790 |
+
#: app/module/advanced-tools/view/main-free.php:155
|
791 |
+
#: app/module/advanced-tools/view/main.php:155
|
792 |
msgid "Enable custom graphics above login fields"
|
793 |
msgstr ""
|
794 |
|
795 |
+
#: app/module/advanced-tools/view/main-free.php:163
|
796 |
+
#: app/module/advanced-tools/view/main.php:173
|
797 |
msgid "Emails"
|
798 |
msgstr ""
|
799 |
|
800 |
+
#: app/module/advanced-tools/view/main-free.php:165
|
801 |
+
#: app/module/advanced-tools/view/main.php:175
|
802 |
msgid "Customize the default copy for emails the two-factor feature sends to users."
|
803 |
msgstr ""
|
804 |
|
805 |
+
#: app/module/advanced-tools/view/main-free.php:171
|
806 |
+
#: app/module/advanced-tools/view/main.php:181
|
807 |
msgid "Email"
|
808 |
msgstr ""
|
809 |
|
810 |
+
#: app/module/advanced-tools/view/main-free.php:173
|
811 |
+
#: app/module/advanced-tools/view/main.php:183
|
812 |
msgid "Lost phone one time password"
|
813 |
msgstr ""
|
814 |
|
815 |
+
#: app/module/advanced-tools/view/main-free.php:180
|
816 |
+
#: app/module/advanced-tools/view/main.php:191
|
817 |
msgid "App Download"
|
818 |
msgstr ""
|
819 |
|
820 |
+
#: app/module/advanced-tools/view/main-free.php:182
|
821 |
+
#: app/module/advanced-tools/view/main.php:193
|
822 |
msgid "Need the app? Here’s links to the official Google Authenticator apps."
|
823 |
msgstr ""
|
824 |
|
825 |
+
#: app/module/advanced-tools/view/main-free.php:196
|
826 |
+
#: app/module/advanced-tools/view/main.php:207
|
827 |
msgid "Active Users"
|
828 |
msgstr ""
|
829 |
|
830 |
+
#: app/module/advanced-tools/view/main-free.php:198
|
831 |
+
#: app/module/advanced-tools/view/main.php:209
|
832 |
msgid ""
|
833 |
"Here’s a quick link to see which of your users have enabled two-factor "
|
834 |
"verification."
|
835 |
msgstr ""
|
836 |
|
837 |
+
#: app/module/advanced-tools/view/main-free.php:202
|
838 |
+
#: app/module/advanced-tools/view/main.php:213
|
839 |
msgid "<a href=\"%s\">View users</a> who have enabled this feature."
|
840 |
msgstr ""
|
841 |
|
842 |
+
#: app/module/advanced-tools/view/main-free.php:207
|
843 |
+
#: app/module/advanced-tools/view/main-free.php:214
|
844 |
+
#: app/module/advanced-tools/view/main.php:218
|
845 |
+
#: app/module/advanced-tools/view/main.php:225
|
846 |
#: app/module/advanced-tools/view/mask-login/enabled.php:78
|
847 |
#: app/module/advanced-tools/view/mask-login/enabled.php:82
|
848 |
#: app/module/audit/view/settings.php:10
|
849 |
msgid "Deactivate"
|
850 |
msgstr ""
|
851 |
|
852 |
+
#: app/module/advanced-tools/view/main-free.php:209
|
853 |
+
#: app/module/advanced-tools/view/main.php:220
|
854 |
msgid "Disable two-factor authentication on your website."
|
855 |
msgstr ""
|
856 |
|
857 |
+
#: app/module/advanced-tools/view/main-free.php:222
|
858 |
+
#: app/module/advanced-tools/view/main.php:233
|
859 |
msgid "SAVE SETTINGS"
|
860 |
msgstr ""
|
861 |
|
862 |
+
#: app/module/advanced-tools/view/main.php:160
|
863 |
msgid "For best results use a 168x168px JPG or PNG."
|
864 |
msgstr ""
|
865 |
|
882 |
msgstr ""
|
883 |
|
884 |
#: app/module/advanced-tools/view/mask-login/enabled.php:33
|
885 |
+
msgid "Masking URL"
|
886 |
msgstr ""
|
887 |
|
888 |
#: app/module/advanced-tools/view/mask-login/enabled.php:35
|
889 |
msgid ""
|
890 |
+
"Choose a new slug where users of your website will now login instead of "
|
891 |
+
"visiting /wp-login."
|
892 |
msgstr ""
|
893 |
|
894 |
#: app/module/advanced-tools/view/mask-login/enabled.php:39
|
895 |
msgid ""
|
896 |
+
"You can choose any slug you like using alphanumeric characters and '-'s "
|
897 |
+
"only. For security reasons, less obvious slugs are recommended as they are "
|
898 |
+
"harder for bots to guess."
|
899 |
msgstr ""
|
900 |
|
901 |
#: app/module/advanced-tools/view/mask-login/enabled.php:40
|
902 |
+
msgid "New Login Slug"
|
903 |
+
msgstr ""
|
904 |
+
|
905 |
+
#: app/module/advanced-tools/view/mask-login/enabled.php:41
|
906 |
+
msgid "I.e. dashboard"
|
907 |
msgstr ""
|
908 |
|
909 |
#: app/module/advanced-tools/view/mask-login/enabled.php:42
|
910 |
+
msgid ""
|
911 |
+
"Users will login at <strong>%s</strong>. Note: Registration and Password "
|
912 |
+
"Reset emails have hardcoded URLs in them. We will update them automatically "
|
913 |
+
"to match your new login URL."
|
914 |
msgstr ""
|
915 |
|
916 |
#: app/module/advanced-tools/view/mask-login/enabled.php:47
|
1512 |
#: app/module/scan/view/layouts/layout.php:132
|
1513 |
#: app/module/scan/view/layouts/layout.php:149
|
1514 |
#: app/module/scan/view/setting-free.php:3 app/module/scan/view/setting.php:3
|
1515 |
+
#: app/view/settings.php:6 free/main-activator.php:161 main-activator.php:119
|
1516 |
msgid "Settings"
|
1517 |
msgstr ""
|
1518 |
|
2201 |
msgid "Disable trackbacks and pingbacks"
|
2202 |
msgstr ""
|
2203 |
|
2204 |
+
#: app/module/hardener/component/disable-xml-rpc.php:28
|
2205 |
+
msgid "Disable XML RPC"
|
2206 |
+
msgstr ""
|
2207 |
+
|
2208 |
#: app/module/hardener/component/hide-error-service.php:103
|
2209 |
msgid "WP_DEBUG get override somewhere, please check with your host provider"
|
2210 |
msgstr ""
|
2295 |
|
2296 |
#: app/module/hardener/rule.php:111
|
2297 |
#: app/module/scan/behavior/core-result.php:189
|
2298 |
+
#: app/module/scan/behavior/pro/content-result.php:111
|
2299 |
#: app/module/scan/behavior/pro/vuln-result.php:156
|
2300 |
#: app/module/scan/component/result-table.php:199
|
2301 |
msgid "Ignore"
|
2384 |
#: app/module/hardener/view/rules/db-prefix.php:11
|
2385 |
#: app/module/hardener/view/rules/disable-file-editor.php:11
|
2386 |
#: app/module/hardener/view/rules/disable-trackback.php:11
|
2387 |
+
#: app/module/hardener/view/rules/disable-xml-rpc.php:11
|
2388 |
#: app/module/hardener/view/rules/hide-error.php:11
|
2389 |
#: app/module/hardener/view/rules/login-duration.php:11
|
2390 |
#: app/module/hardener/view/rules/php-version.php:11
|
2409 |
#: app/module/hardener/view/rules/db-prefix.php:16
|
2410 |
#: app/module/hardener/view/rules/disable-file-editor.php:16
|
2411 |
#: app/module/hardener/view/rules/disable-trackback.php:16
|
2412 |
+
#: app/module/hardener/view/rules/disable-xml-rpc.php:18
|
2413 |
#: app/module/hardener/view/rules/hide-error.php:16
|
2414 |
#: app/module/hardener/view/rules/login-duration.php:16
|
2415 |
#: app/module/hardener/view/rules/php-version.php:34
|
2478 |
|
2479 |
#: app/module/hardener/view/rules/disable-file-editor.php:26
|
2480 |
#: app/module/hardener/view/rules/disable-trackback.php:26
|
2481 |
+
#: app/module/hardener/view/rules/disable-xml-rpc.php:36
|
2482 |
#: app/module/hardener/view/rules/login-duration.php:29
|
2483 |
#: app/module/hardener/view/rules/prevent-php-executed.php:52
|
2484 |
#: app/module/hardener/view/rules/protect-information.php:26
|
2524 |
msgid "Disable Pingbacks"
|
2525 |
msgstr ""
|
2526 |
|
2527 |
+
#: app/module/hardener/view/rules/disable-xml-rpc.php:8
|
2528 |
+
#: app/module/hardener/view/rules/disable-xml-rpc.php:47
|
2529 |
+
msgid "Disable XML-RPC"
|
2530 |
+
msgstr ""
|
2531 |
+
|
2532 |
+
#: app/module/hardener/view/rules/disable-xml-rpc.php:13
|
2533 |
+
msgid ""
|
2534 |
+
"XML-RPC is a system that allows you to post on your WordPress blog using "
|
2535 |
+
"popular weblog clients like Windows Live Writer. Technically, it’s a remote "
|
2536 |
+
"procedure call which uses XML to encode its calls and HTTP as a transport "
|
2537 |
+
"mechanism.<br/><br/>\n"
|
2538 |
+
"If you are using the WordPress mobile app, want to make connections to "
|
2539 |
+
"services like IFTTT, or want to access and publish to your blog remotely, "
|
2540 |
+
"then you need XML-RPC enabled.<br/><br/>\n"
|
2541 |
+
"In the past, there were security concerns with XML-RPC so we recommend "
|
2542 |
+
"making sure this feature is fully disabled if you don’t need it active."
|
2543 |
+
msgstr ""
|
2544 |
+
|
2545 |
+
#: app/module/hardener/view/rules/disable-xml-rpc.php:21
|
2546 |
+
msgid ""
|
2547 |
+
"Automatically disable this feature below. You can re-enable it at any time "
|
2548 |
+
"if you need to."
|
2549 |
+
msgstr ""
|
2550 |
+
|
2551 |
+
#: app/module/hardener/view/rules/disable-xml-rpc.php:27
|
2552 |
+
msgid "XML-RPC is disabled."
|
2553 |
+
msgstr ""
|
2554 |
+
|
2555 |
#: app/module/hardener/view/rules/hide-error.php:13
|
2556 |
msgid ""
|
2557 |
"In addition to hiding error logs, developers often use the built-in "
|
3771 |
msgstr ""
|
3772 |
|
3773 |
#: app/module/scan/behavior/core-result.php:75
|
3774 |
+
#: app/module/scan/behavior/core-result.php:409
|
3775 |
+
#: app/module/scan/behavior/core-result.php:414
|
3776 |
+
#: app/module/scan/behavior/pro/content-result.php:249
|
3777 |
+
#: app/module/scan/behavior/pro/content-result.php:270
|
3778 |
+
#: app/module/scan/behavior/pro/content-result.php:275
|
3779 |
msgid "Defender doesn't have enough permission to remove this file"
|
3780 |
msgstr ""
|
3781 |
|
3814 |
msgstr ""
|
3815 |
|
3816 |
#: app/module/scan/behavior/core-result.php:197
|
3817 |
+
#: app/module/scan/behavior/pro/content-result.php:132
|
3818 |
msgid "Delete"
|
3819 |
msgstr ""
|
3820 |
|
3825 |
msgstr ""
|
3826 |
|
3827 |
#: app/module/scan/behavior/core-result.php:202
|
3828 |
+
#: app/module/scan/behavior/pro/content-result.php:137
|
3829 |
msgid "Yes"
|
3830 |
msgstr ""
|
3831 |
|
3832 |
#: app/module/scan/behavior/core-result.php:205
|
3833 |
+
#: app/module/scan/behavior/pro/content-result.php:140
|
3834 |
msgid "No"
|
3835 |
msgstr ""
|
3836 |
|
3850 |
#: app/module/scan/behavior/core-result.php:281
|
3851 |
#: app/module/scan/behavior/core-result.php:303
|
3852 |
#: app/module/scan/behavior/core-result.php:325
|
3853 |
+
#: app/module/scan/behavior/pro/content-result.php:98
|
3854 |
msgid "Pulling source file..."
|
3855 |
msgstr ""
|
3856 |
|
3882 |
"recommend backing up your website."
|
3883 |
msgstr ""
|
3884 |
|
3885 |
+
#: app/module/scan/behavior/pro/content-result.php:91
|
3886 |
+
msgid "Found %s issues."
|
3887 |
+
msgstr ""
|
3888 |
+
|
3889 |
+
#: app/module/scan/behavior/pro/content-result.php:93
|
3890 |
+
msgid "Show"
|
3891 |
+
msgstr ""
|
3892 |
+
|
3893 |
+
#: app/module/scan/behavior/pro/content-result.php:118
|
3894 |
msgid ""
|
3895 |
"This will permanent delete the whole plugin containing this file, do you "
|
3896 |
"want to do this?"
|
3897 |
msgstr ""
|
3898 |
|
3899 |
+
#: app/module/scan/behavior/pro/content-result.php:121
|
3900 |
msgid ""
|
3901 |
"This will permanent delete the whole theme containing this file, do you "
|
3902 |
"want to do this?"
|
3903 |
msgstr ""
|
3904 |
|
3905 |
+
#: app/module/scan/behavior/pro/content-result.php:124
|
3906 |
msgid "This will permanent delete this file, do you want to do this?"
|
3907 |
msgstr ""
|
3908 |
|
3909 |
+
#: app/module/scan/behavior/pro/content-result.php:243
|
3910 |
msgid "wp-config.php can't be removed. Please remove the suspicious code manually."
|
3911 |
msgstr ""
|
3912 |
|
3913 |
+
#: app/module/scan/behavior/pro/content-scan.php:189
|
3914 |
+
msgid "Suspicous concat"
|
3915 |
+
msgstr ""
|
3916 |
+
|
3917 |
+
#: app/module/scan/behavior/pro/content-scan.php:271
|
3918 |
+
msgid "Suspicious variable function call"
|
3919 |
+
msgstr ""
|
3920 |
+
|
3921 |
+
#: app/module/scan/behavior/pro/content-scan.php:334
|
3922 |
+
msgid "Possible XSS detected"
|
3923 |
+
msgstr ""
|
3924 |
+
|
3925 |
+
#: app/module/scan/behavior/pro/content-scan.php:407
|
3926 |
+
msgid "Eval function found, with suspicious parameters."
|
3927 |
+
msgstr ""
|
3928 |
+
|
3929 |
#: app/module/scan/behavior/pro/vuln-result.php:33
|
3930 |
msgid "WordPress Vulnerability"
|
3931 |
msgstr ""
|
4078 |
msgid "A scan is already in progress"
|
4079 |
msgstr ""
|
4080 |
|
4081 |
+
#: app/module/scan/component/scan-api.php:198
|
4082 |
msgid "No scan record exists"
|
4083 |
msgstr ""
|
4084 |
|
4085 |
+
#: app/module/scan/component/scan-api.php:238
|
4086 |
msgid "Analyzing WordPress Core..."
|
4087 |
msgstr ""
|
4088 |
|
4089 |
+
#: app/module/scan/component/scan-api.php:241
|
4090 |
msgid "Analyzing WordPress Content..."
|
4091 |
msgstr ""
|
4092 |
|
4093 |
+
#: app/module/scan/component/scan-api.php:244
|
4094 |
msgid "Checking for any published vulnerabilities your plugins & themes..."
|
4095 |
msgstr ""
|
4096 |
|
4670 |
msgid "<br/>Something went wrong. Please try again later!"
|
4671 |
msgstr ""
|
4672 |
|
4673 |
+
#: free/main-activator.php:166 main-activator.php:124
|
4674 |
msgid "Docs"
|
4675 |
msgstr ""
|
4676 |
|
4710 |
msgid "Rate %s"
|
4711 |
msgstr ""
|
4712 |
|
4713 |
+
#: main-activator.php:108
|
4714 |
msgid ""
|
4715 |
"We noticed you have both the free and pro versions of Defender installed, "
|
4716 |
"so we've automatically deactivated the free version for you."
|
main-activator.php
CHANGED
@@ -11,7 +11,7 @@ class WD_Main_Activator {
|
|
11 |
add_action( 'init', array( &$this, 'init' ) );
|
12 |
add_action( 'wp_loaded', array( &$this, 'maybeShowNotice' ) );
|
13 |
add_action( 'wp_ajax_hideDefenderNotice', array( &$this, 'hideNotice' ) );
|
14 |
-
add_action( 'activated_plugin', array( &$this, 'redirectToDefender' ) );
|
15 |
}
|
16 |
|
17 |
/**
|
@@ -57,7 +57,6 @@ class WD_Main_Activator {
|
|
57 |
\Hammer\Base\Container::instance()->set( 'audit', new \WP_Defender\Module\Audit() );
|
58 |
\Hammer\Base\Container::instance()->set( 'lockout', new \WP_Defender\Module\IP_Lockout() );
|
59 |
\Hammer\Base\Container::instance()->set( 'advanced_tool', new \WP_Defender\Module\Advanced_Tools() );
|
60 |
-
\Hammer\Base\Container::instance()->set( 'gdpr', new \WP_Defender\Controller\GDPR() );
|
61 |
//no need to set debug
|
62 |
require_once $this->wp_defender->getPluginPath() . 'free-dashboard/module.php';
|
63 |
add_filter( 'wdev-email-message-' . plugin_basename( __FILE__ ), array( &$this, 'defenderAdsMessage' ) );
|
11 |
add_action( 'init', array( &$this, 'init' ) );
|
12 |
add_action( 'wp_loaded', array( &$this, 'maybeShowNotice' ) );
|
13 |
add_action( 'wp_ajax_hideDefenderNotice', array( &$this, 'hideNotice' ) );
|
14 |
+
//add_action( 'activated_plugin', array( &$this, 'redirectToDefender' ) );
|
15 |
}
|
16 |
|
17 |
/**
|
57 |
\Hammer\Base\Container::instance()->set( 'audit', new \WP_Defender\Module\Audit() );
|
58 |
\Hammer\Base\Container::instance()->set( 'lockout', new \WP_Defender\Module\IP_Lockout() );
|
59 |
\Hammer\Base\Container::instance()->set( 'advanced_tool', new \WP_Defender\Module\Advanced_Tools() );
|
|
|
60 |
//no need to set debug
|
61 |
require_once $this->wp_defender->getPluginPath() . 'free-dashboard/module.php';
|
62 |
add_filter( 'wdev-email-message-' . plugin_basename( __FILE__ ), array( &$this, 'defenderAdsMessage' ) );
|
readme.txt
CHANGED
@@ -1,13 +1,13 @@
|
|
1 |
=== Defender Security, Monitoring, and Hack Protection ===
|
2 |
Plugin Name: Defender Security, Monitoring, and Hack Protection
|
3 |
-
Version:
|
4 |
Author: WPMU DEV
|
5 |
Author URI: http://premium.wpmudev.org/
|
6 |
Contributors: WPMUDEV
|
7 |
Tags: Security, Security Tweaks, Hardening, IP lockout, Monitoring, Blacklist, Site Protection, Hacked, Security Scan
|
8 |
Requires at least: 4.6
|
9 |
Tested up to: 4.9.7
|
10 |
-
Stable tag:
|
11 |
License: GPL v2 - http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
|
12 |
|
13 |
Protect WordPress from hackers with security tweaks, code scans, 2-Step Verification, IP lockouts, and monitoring.
|
@@ -64,7 +64,7 @@ Brute force attacks are no match for Defender. Limit login attempts to stop user
|
|
64 |
|
65 |
= Login Screen Masking =
|
66 |
|
67 |
-
Defender makes it easy to move your login screen to a custom URL. Not only does login screen masking improve security, it lets you
|
68 |
|
69 |
= 404 Limiter =
|
70 |
Defender detects when bots are being used to scan your site for vulnerabilities and shuts them down. The 404 limiter lets you stop the scan by detecting when a user keeps visiting pages that do not exist.
|
@@ -97,7 +97,7 @@ However, if you'd like extra scanning, audits and monitoring, you can always tak
|
|
97 |
Defender is built to add all the best hardening and security tweaks used by the pros without having to become a security expert. This means you get all the most effective and proven protection methods other services provide with fewer settings, on-click hardening and faster setup.
|
98 |
|
99 |
= Is Defender the only step I need to take in securing my WordPress site? =
|
100 |
-
Hackers and bot attacks are not the only threat to your site. No matter what security plugin or service you use, always be prepared with a secure backup stored in a safe location away from your live site. Security does not protect from hosting outages, server errors and accidentally lost or damaged data. We
|
101 |
|
102 |
|
103 |
|
@@ -122,6 +122,17 @@ Hackers and bot attacks are not the only threat to your site. No matter what se
|
|
122 |
|
123 |
== Changelog ==
|
124 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
125 |
= 1.9.1 =
|
126 |
- Fix: Mask Login Area description text is misleading
|
127 |
- Fix: wp-admin link of sub-sites in networks link to wrong admin URL
|
1 |
=== Defender Security, Monitoring, and Hack Protection ===
|
2 |
Plugin Name: Defender Security, Monitoring, and Hack Protection
|
3 |
+
Version: 2.0
|
4 |
Author: WPMU DEV
|
5 |
Author URI: http://premium.wpmudev.org/
|
6 |
Contributors: WPMUDEV
|
7 |
Tags: Security, Security Tweaks, Hardening, IP lockout, Monitoring, Blacklist, Site Protection, Hacked, Security Scan
|
8 |
Requires at least: 4.6
|
9 |
Tested up to: 4.9.7
|
10 |
+
Stable tag: 2.0
|
11 |
License: GPL v2 - http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
|
12 |
|
13 |
Protect WordPress from hackers with security tweaks, code scans, 2-Step Verification, IP lockouts, and monitoring.
|
64 |
|
65 |
= Login Screen Masking =
|
66 |
|
67 |
+
Defender makes it easy to move your login screen to a custom URL. Not only does login screen masking improve security, it lets you white label your login user experience and improves branding.
|
68 |
|
69 |
= 404 Limiter =
|
70 |
Defender detects when bots are being used to scan your site for vulnerabilities and shuts them down. The 404 limiter lets you stop the scan by detecting when a user keeps visiting pages that do not exist.
|
97 |
Defender is built to add all the best hardening and security tweaks used by the pros without having to become a security expert. This means you get all the most effective and proven protection methods other services provide with fewer settings, on-click hardening and faster setup.
|
98 |
|
99 |
= Is Defender the only step I need to take in securing my WordPress site? =
|
100 |
+
Hackers and bot attacks are not the only threat to your site. No matter what security plugin or service you use, always be prepared with a secure backup stored in a safe location away from your live site. Security does not protect from hosting outages, server errors and accidentally lost or damaged data. We recommend <a href="https://premium.wpmudev.org/project/snapshot/">Snapshot</a>. Defender with scheduled managed backups is the best way to keep your site safe.
|
101 |
|
102 |
|
103 |
|
122 |
|
123 |
== Changelog ==
|
124 |
|
125 |
+
= 2.0 =
|
126 |
+
- New: added tweak “Disable XML-RPC”
|
127 |
+
- Improvement: Two factor authentication can now be force enabled by role.
|
128 |
+
- Improvement: Masking URL description.
|
129 |
+
- Fix: Compatibility with Appointments+ login when Mask Login is enabled.
|
130 |
+
- Fix: /login/ will be blocked instead of redirecting to right login URL
|
131 |
+
- Fix: new site registration email login URL will now show right Login URL instead of the original one when Mask URL is enabled.
|
132 |
+
- Fix: Accessibility issue when activating 2FA.
|
133 |
+
- Changes: Show Admin Pointer on initial Defender activation, and removing the redirect behavior.
|
134 |
+
- Other minor enhancements and fixes
|
135 |
+
|
136 |
= 1.9.1 =
|
137 |
- Fix: Mask Login Area description text is misleading
|
138 |
- Fix: wp-admin link of sub-sites in networks link to wrong admin URL
|
wp-defender.php
CHANGED
@@ -3,7 +3,7 @@
|
|
3 |
/**
|
4 |
* Plugin Name: Defender
|
5 |
* Plugin URI: https://premium.wpmudev.org/project/wp-defender/
|
6 |
-
* Version:
|
7 |
* Description: Get regular security scans, vulnerability reports, safety recommendations and customized hardening for your site in just a few clicks. Defender is the analyst and enforcer who never sleeps.
|
8 |
* Author: WPMU DEV
|
9 |
* Author URI: http://premium.wpmudev.org/
|
3 |
/**
|
4 |
* Plugin Name: Defender
|
5 |
* Plugin URI: https://premium.wpmudev.org/project/wp-defender/
|
6 |
+
* Version: 2.0
|
7 |
* Description: Get regular security scans, vulnerability reports, safety recommendations and customized hardening for your site in just a few clicks. Defender is the analyst and enforcer who never sleeps.
|
8 |
* Author: WPMU DEV
|
9 |
* Author URI: http://premium.wpmudev.org/
|