Version Description
( 2021-08-25 ) =
- Fix: Firewall Locations ban issue
Download this release
Release Info
Developer | BigTonny |
Plugin | Defender Security – Malware Scanner, Login Security & Firewall |
Version | 2.5.7 |
Comparing to | |
See all releases |
Code changes from version 2.5.6 to 2.5.7
languages/wpdef-default.pot
CHANGED
@@ -6,9 +6,9 @@
|
|
6 |
#, fuzzy
|
7 |
msgid ""
|
8 |
msgstr ""
|
9 |
-
"Project-Id-Version: wp-defender 2.5.
|
10 |
"Report-Msgid-Bugs-To: \n"
|
11 |
-
"POT-Creation-Date: 2021-08-
|
12 |
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
13 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
14 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
@@ -1288,7 +1288,7 @@ msgstr ""
|
|
1288 |
|
1289 |
#: src/component/backup-settings.php:375
|
1290 |
#: src/component/config/config-adapter.php:276
|
1291 |
-
#: src/model/setting/blacklist-lockout.php:
|
1292 |
msgid "The administrator has blocked your IP from accessing this website."
|
1293 |
msgstr ""
|
1294 |
|
@@ -1865,12 +1865,12 @@ msgstr ""
|
|
1865 |
#: src/component/security-tweaks/security-key.php:95
|
1866 |
#: src/component/security-tweaks/servers/apache.php:91
|
1867 |
#: src/component/security-tweaks/servers/apache.php:177
|
1868 |
-
#: src/component/security-tweaks/servers/apache.php:
|
1869 |
-
#: src/component/security-tweaks/servers/apache.php:
|
1870 |
-
#: src/component/security-tweaks/servers/apache.php:
|
1871 |
-
#: src/component/security-tweaks/servers/apache.php:
|
1872 |
-
#: src/component/security-tweaks/servers/apache.php:
|
1873 |
-
#: src/component/security-tweaks/servers/apache.php:
|
1874 |
#, php-format
|
1875 |
msgid "The file %s is not writable"
|
1876 |
msgstr ""
|
@@ -3146,23 +3146,23 @@ msgstr ""
|
|
3146 |
msgid "Storage for"
|
3147 |
msgstr ""
|
3148 |
|
3149 |
-
#: src/model/setting/blacklist-lockout.php:
|
3150 |
msgid "IP Banning - IP Addresses Blocklist"
|
3151 |
msgstr ""
|
3152 |
|
3153 |
-
#: src/model/setting/blacklist-lockout.php:
|
3154 |
msgid "IP Banning - IP Addresses Allowlist"
|
3155 |
msgstr ""
|
3156 |
|
3157 |
-
#: src/model/setting/blacklist-lockout.php:
|
3158 |
msgid "IP Banning - Country Allowlist"
|
3159 |
msgstr ""
|
3160 |
|
3161 |
-
#: src/model/setting/blacklist-lockout.php:
|
3162 |
msgid "IP Banning - Country Blocklist"
|
3163 |
msgstr ""
|
3164 |
|
3165 |
-
#: src/model/setting/blacklist-lockout.php:
|
3166 |
msgid "IP Banning - Lockout Message"
|
3167 |
msgstr ""
|
3168 |
|
6 |
#, fuzzy
|
7 |
msgid ""
|
8 |
msgstr ""
|
9 |
+
"Project-Id-Version: wp-defender 2.5.7\n"
|
10 |
"Report-Msgid-Bugs-To: \n"
|
11 |
+
"POT-Creation-Date: 2021-08-25 12:08+0300\n"
|
12 |
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
13 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
14 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
1288 |
|
1289 |
#: src/component/backup-settings.php:375
|
1290 |
#: src/component/config/config-adapter.php:276
|
1291 |
+
#: src/model/setting/blacklist-lockout.php:71
|
1292 |
msgid "The administrator has blocked your IP from accessing this website."
|
1293 |
msgstr ""
|
1294 |
|
1865 |
#: src/component/security-tweaks/security-key.php:95
|
1866 |
#: src/component/security-tweaks/servers/apache.php:91
|
1867 |
#: src/component/security-tweaks/servers/apache.php:177
|
1868 |
+
#: src/component/security-tweaks/servers/apache.php:395
|
1869 |
+
#: src/component/security-tweaks/servers/apache.php:400
|
1870 |
+
#: src/component/security-tweaks/servers/apache.php:439
|
1871 |
+
#: src/component/security-tweaks/servers/apache.php:444
|
1872 |
+
#: src/component/security-tweaks/servers/apache.php:520
|
1873 |
+
#: src/component/security-tweaks/servers/apache.php:538
|
1874 |
#, php-format
|
1875 |
msgid "The file %s is not writable"
|
1876 |
msgstr ""
|
3146 |
msgid "Storage for"
|
3147 |
msgstr ""
|
3148 |
|
3149 |
+
#: src/model/setting/blacklist-lockout.php:240
|
3150 |
msgid "IP Banning - IP Addresses Blocklist"
|
3151 |
msgstr ""
|
3152 |
|
3153 |
+
#: src/model/setting/blacklist-lockout.php:241
|
3154 |
msgid "IP Banning - IP Addresses Allowlist"
|
3155 |
msgstr ""
|
3156 |
|
3157 |
+
#: src/model/setting/blacklist-lockout.php:242
|
3158 |
msgid "IP Banning - Country Allowlist"
|
3159 |
msgstr ""
|
3160 |
|
3161 |
+
#: src/model/setting/blacklist-lockout.php:243
|
3162 |
msgid "IP Banning - Country Blocklist"
|
3163 |
msgstr ""
|
3164 |
|
3165 |
+
#: src/model/setting/blacklist-lockout.php:244
|
3166 |
msgid "IP Banning - Lockout Message"
|
3167 |
msgstr ""
|
3168 |
|
readme.txt
CHANGED
@@ -1,13 +1,13 @@
|
|
1 |
=== Defender Security - Malware Scanner, Login Security & Firewall ===
|
2 |
Plugin Name: Defender Security - Malware Scanner, Login Security & Firewall
|
3 |
-
Version: 2.5.
|
4 |
Author: WPMU DEV
|
5 |
Author URI: https://wpmudev.com/
|
6 |
Contributors: WPMUDEV
|
7 |
Tags: security plugin, security, firewall, malware, malware scanner, antivirus, ip blocking, login security, brute force attacks, two-factor authentication, activity log, audit logs, block hackers, 2fa, hack
|
8 |
Requires at least: 5.2
|
9 |
Tested up to: 5.8
|
10 |
-
Stable tag: 2.5.
|
11 |
License: GPL v2 - http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
|
12 |
|
13 |
Security plugin with malware scanner, IP blocking, audit logs, activity logs, firewall, login security & more.
|
@@ -222,6 +222,10 @@ Please open a new thread in Defender’s [support forum](https://wordpress.org/s
|
|
222 |
|
223 |
== Changelog ==
|
224 |
|
|
|
|
|
|
|
|
|
225 |
= 2.5.6 ( 2021-08-23 ) =
|
226 |
|
227 |
- New: reCAPTCHA for comments
|
@@ -315,32 +319,6 @@ Please open a new thread in Defender’s [support forum](https://wordpress.org/s
|
|
315 |
|
316 |
- Fix: Fatal error after an update from older versions
|
317 |
|
318 |
-
= 2.5.0 ( 2021-05-06 ) =
|
319 |
-
|
320 |
-
- New: Check passwords against Pwned database
|
321 |
-
- New: Highlight new features in welcome modal
|
322 |
-
- Enhance: Automatically remove old logs after 30 days
|
323 |
-
- Enhance: Malware scanning security enhancements
|
324 |
-
- Enhance: Detect suspicious code with 'WPTemplatesOptions'
|
325 |
-
- Enhance: Detect suspicious code in themes
|
326 |
-
- Enhance: Some suspicious code threats missed by Defender
|
327 |
-
- Enhance: Better descriptions for Malware scanning reports
|
328 |
-
- Enhance: Set 'Scan plugin files' option unchecked by default
|
329 |
-
- Enhance: Remove 'Scan theme files' option from File change detection
|
330 |
-
- Enhance: Remove 'Allow From' option from X-Frame-Options header
|
331 |
-
- Enhance: Platform compatibility with Defender
|
332 |
-
- Enhance: Rename Advanced Tools to Tools
|
333 |
-
- Enhance: Documentation links tracking
|
334 |
-
- Fix: Malware scanning stuck on analyzing theme
|
335 |
-
- Fix: Translation files not applied
|
336 |
-
- Fix: Reset not removing all data
|
337 |
-
- Fix: Send data in persistent date format to Hub
|
338 |
-
- Fix: Resetting or Uninstalling does not completely remove Defender settings
|
339 |
-
- Fix: Check all files from scan Issues and Ignored tabs for bulk actions
|
340 |
-
- Fix: Scrolling Up issue in Active lockouts
|
341 |
-
- Fix: Update SUI to the latest version
|
342 |
-
- Fix: Revert button in Prevent User Enumeration recommendation
|
343 |
-
|
344 |
|
345 |
[Changelog for previous versions](https://wpmudev.com/project/wp-defender/#view-changelog).
|
346 |
|
1 |
=== Defender Security - Malware Scanner, Login Security & Firewall ===
|
2 |
Plugin Name: Defender Security - Malware Scanner, Login Security & Firewall
|
3 |
+
Version: 2.5.7
|
4 |
Author: WPMU DEV
|
5 |
Author URI: https://wpmudev.com/
|
6 |
Contributors: WPMUDEV
|
7 |
Tags: security plugin, security, firewall, malware, malware scanner, antivirus, ip blocking, login security, brute force attacks, two-factor authentication, activity log, audit logs, block hackers, 2fa, hack
|
8 |
Requires at least: 5.2
|
9 |
Tested up to: 5.8
|
10 |
+
Stable tag: 2.5.7
|
11 |
License: GPL v2 - http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
|
12 |
|
13 |
Security plugin with malware scanner, IP blocking, audit logs, activity logs, firewall, login security & more.
|
222 |
|
223 |
== Changelog ==
|
224 |
|
225 |
+
= 2.5.7 ( 2021-08-25 ) =
|
226 |
+
|
227 |
+
- Fix: Firewall Locations ban issue
|
228 |
+
|
229 |
= 2.5.6 ( 2021-08-23 ) =
|
230 |
|
231 |
- New: reCAPTCHA for comments
|
319 |
|
320 |
- Fix: Fatal error after an update from older versions
|
321 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
322 |
|
323 |
[Changelog for previous versions](https://wpmudev.com/project/wp-defender/#view-changelog).
|
324 |
|
src/component/security-tweaks/servers/apache.php
CHANGED
@@ -7,42 +7,42 @@ use WP_Error;
|
|
7 |
class Apache {
|
8 |
|
9 |
/**
|
10 |
-
* Exclude file paths
|
11 |
*
|
12 |
-
* @var array
|
13 |
*/
|
14 |
public $exclude_file_paths = [];
|
15 |
|
16 |
/**
|
17 |
-
* Exclude file paths
|
18 |
*
|
19 |
-
* @var array
|
20 |
*/
|
21 |
public $new_htaccess_config = [];
|
22 |
|
23 |
/**
|
24 |
-
* The htaccess inside wp-content
|
25 |
*
|
26 |
* @var string
|
27 |
*/
|
28 |
public $contentdir_path = null;
|
29 |
|
30 |
/**
|
31 |
-
* The htaccess path inside wp-includes
|
32 |
*
|
33 |
* @var null
|
34 |
*/
|
35 |
public $includedir_path = null;
|
36 |
|
37 |
/**
|
38 |
-
* Service type
|
39 |
*
|
40 |
* @var string
|
41 |
*/
|
42 |
private $type = null;
|
43 |
|
44 |
/**
|
45 |
-
* Constructor method
|
46 |
*
|
47 |
* @param void
|
48 |
*/
|
@@ -51,7 +51,7 @@ class Apache {
|
|
51 |
}
|
52 |
|
53 |
/**
|
54 |
-
* Check whether the issue has been resolved or not
|
55 |
*
|
56 |
* @return bool
|
57 |
*/
|
@@ -71,7 +71,7 @@ class Apache {
|
|
71 |
}
|
72 |
|
73 |
/**
|
74 |
-
* Process the rule
|
75 |
* @param bool|string $file_paths
|
76 |
*
|
77 |
* @return bool|\WP_Error
|
@@ -162,7 +162,7 @@ class Apache {
|
|
162 |
}
|
163 |
|
164 |
/**
|
165 |
-
* Revert the rules
|
166 |
*
|
167 |
* @return bool|\WP_Error
|
168 |
*/
|
@@ -224,8 +224,9 @@ class Apache {
|
|
224 |
return delete_site_option( "defender_security_tweeks_{$this->type}" );
|
225 |
}
|
226 |
}
|
|
|
227 |
/**
|
228 |
-
* Get Apache rule depending on the version
|
229 |
*
|
230 |
* @return array
|
231 |
*/
|
@@ -265,7 +266,7 @@ class Apache {
|
|
265 |
}
|
266 |
|
267 |
/**
|
268 |
-
* Get Apache rule depending on the version for instruction on browser
|
269 |
*
|
270 |
* @return string
|
271 |
*/
|
@@ -334,10 +335,10 @@ class Apache {
|
|
334 |
}
|
335 |
|
336 |
/**
|
337 |
-
* Determine the Apache version
|
338 |
-
* Most web servers have apache_get_version disabled, so we just get a simple curl of the headers
|
339 |
*
|
340 |
-
* @return
|
341 |
*/
|
342 |
public function get_version() {
|
343 |
if ( ! function_exists( 'apache_get_version' ) ) {
|
@@ -377,7 +378,7 @@ class Apache {
|
|
377 |
}
|
378 |
|
379 |
/**
|
380 |
-
* Protect content directory
|
381 |
*
|
382 |
* @return void
|
383 |
*/
|
@@ -421,7 +422,7 @@ class Apache {
|
|
421 |
}
|
422 |
|
423 |
/**
|
424 |
-
* Protect includes directory
|
425 |
*
|
426 |
* @return void
|
427 |
*/
|
@@ -464,7 +465,7 @@ class Apache {
|
|
464 |
}
|
465 |
|
466 |
/**
|
467 |
-
* Return the correct apache rules for allow/deny
|
468 |
*
|
469 |
* @return String
|
470 |
*/
|
@@ -486,8 +487,8 @@ class Apache {
|
|
486 |
}
|
487 |
|
488 |
/**
|
489 |
-
* Protect uploads directory
|
490 |
-
* This only when user provide a custom uploads
|
491 |
*
|
492 |
* @return void
|
493 |
*/
|
@@ -499,7 +500,7 @@ class Apache {
|
|
499 |
}
|
500 |
|
501 |
/**
|
502 |
-
* UnProtect content directory
|
503 |
*
|
504 |
* @return void
|
505 |
*/
|
@@ -543,7 +544,7 @@ class Apache {
|
|
543 |
}
|
544 |
|
545 |
/**
|
546 |
-
* UnProtect upload directory
|
547 |
*
|
548 |
* @return void
|
549 |
*/
|
@@ -555,18 +556,18 @@ class Apache {
|
|
555 |
}
|
556 |
|
557 |
/**
|
558 |
-
* Get the exclude file paths
|
559 |
*
|
560 |
-
* @return
|
561 |
*/
|
562 |
public function get_excluded_file_paths() {
|
563 |
return $this->exclude_file_paths;
|
564 |
}
|
565 |
|
566 |
/**
|
567 |
-
* Set the exclude file paths
|
568 |
*
|
569 |
-
* @param
|
570 |
*/
|
571 |
public function set_exclude_file_paths( $paths ) {
|
572 |
if ( ! empty( $paths ) ) {
|
@@ -575,9 +576,9 @@ class Apache {
|
|
575 |
}
|
576 |
|
577 |
/**
|
578 |
-
* Set the exclude file paths
|
579 |
*
|
580 |
-
* @param
|
581 |
*/
|
582 |
public function get_new_htaccess_config( $config = [] ) {
|
583 |
if ( ! empty( $config ) ) {
|
@@ -586,7 +587,7 @@ class Apache {
|
|
586 |
}
|
587 |
|
588 |
/**
|
589 |
-
* Get the new HT config
|
590 |
*
|
591 |
* @return Array - $new_htaccess_config
|
592 |
*/
|
7 |
class Apache {
|
8 |
|
9 |
/**
|
10 |
+
* Exclude file paths.
|
11 |
*
|
12 |
+
* @var array
|
13 |
*/
|
14 |
public $exclude_file_paths = [];
|
15 |
|
16 |
/**
|
17 |
+
* Exclude file paths.
|
18 |
*
|
19 |
+
* @var array
|
20 |
*/
|
21 |
public $new_htaccess_config = [];
|
22 |
|
23 |
/**
|
24 |
+
* The htaccess inside wp-content.
|
25 |
*
|
26 |
* @var string
|
27 |
*/
|
28 |
public $contentdir_path = null;
|
29 |
|
30 |
/**
|
31 |
+
* The htaccess path inside wp-includes.
|
32 |
*
|
33 |
* @var null
|
34 |
*/
|
35 |
public $includedir_path = null;
|
36 |
|
37 |
/**
|
38 |
+
* Service type.
|
39 |
*
|
40 |
* @var string
|
41 |
*/
|
42 |
private $type = null;
|
43 |
|
44 |
/**
|
45 |
+
* Constructor method.
|
46 |
*
|
47 |
* @param void
|
48 |
*/
|
51 |
}
|
52 |
|
53 |
/**
|
54 |
+
* Check whether the issue has been resolved or not.
|
55 |
*
|
56 |
* @return bool
|
57 |
*/
|
71 |
}
|
72 |
|
73 |
/**
|
74 |
+
* Process the rule.
|
75 |
* @param bool|string $file_paths
|
76 |
*
|
77 |
* @return bool|\WP_Error
|
162 |
}
|
163 |
|
164 |
/**
|
165 |
+
* Revert the rules.
|
166 |
*
|
167 |
* @return bool|\WP_Error
|
168 |
*/
|
224 |
return delete_site_option( "defender_security_tweeks_{$this->type}" );
|
225 |
}
|
226 |
}
|
227 |
+
|
228 |
/**
|
229 |
+
* Get Apache rule depending on the version.
|
230 |
*
|
231 |
* @return array
|
232 |
*/
|
266 |
}
|
267 |
|
268 |
/**
|
269 |
+
* Get Apache rule depending on the version for instruction on browser.
|
270 |
*
|
271 |
* @return string
|
272 |
*/
|
335 |
}
|
336 |
|
337 |
/**
|
338 |
+
* Determine the Apache version.
|
339 |
+
* Most web servers have apache_get_version disabled, so we just get a simple curl of the headers.
|
340 |
*
|
341 |
+
* @return string
|
342 |
*/
|
343 |
public function get_version() {
|
344 |
if ( ! function_exists( 'apache_get_version' ) ) {
|
378 |
}
|
379 |
|
380 |
/**
|
381 |
+
* Protect content directory.
|
382 |
*
|
383 |
* @return void
|
384 |
*/
|
422 |
}
|
423 |
|
424 |
/**
|
425 |
+
* Protect includes directory.
|
426 |
*
|
427 |
* @return void
|
428 |
*/
|
465 |
}
|
466 |
|
467 |
/**
|
468 |
+
* Return the correct apache rules for allow/deny.
|
469 |
*
|
470 |
* @return String
|
471 |
*/
|
487 |
}
|
488 |
|
489 |
/**
|
490 |
+
* Protect uploads directory.
|
491 |
+
* This only when user provide a custom uploads.
|
492 |
*
|
493 |
* @return void
|
494 |
*/
|
500 |
}
|
501 |
|
502 |
/**
|
503 |
+
* UnProtect content directory.
|
504 |
*
|
505 |
* @return void
|
506 |
*/
|
544 |
}
|
545 |
|
546 |
/**
|
547 |
+
* UnProtect upload directory.
|
548 |
*
|
549 |
* @return void
|
550 |
*/
|
556 |
}
|
557 |
|
558 |
/**
|
559 |
+
* Get the exclude file paths.
|
560 |
*
|
561 |
+
* @return array - $exclude_file_paths
|
562 |
*/
|
563 |
public function get_excluded_file_paths() {
|
564 |
return $this->exclude_file_paths;
|
565 |
}
|
566 |
|
567 |
/**
|
568 |
+
* Set the exclude file paths.
|
569 |
*
|
570 |
+
* @param string $paths
|
571 |
*/
|
572 |
public function set_exclude_file_paths( $paths ) {
|
573 |
if ( ! empty( $paths ) ) {
|
576 |
}
|
577 |
|
578 |
/**
|
579 |
+
* Set the exclude file paths.
|
580 |
*
|
581 |
+
* @param string $paths
|
582 |
*/
|
583 |
public function get_new_htaccess_config( $config = [] ) {
|
584 |
if ( ! empty( $config ) ) {
|
587 |
}
|
588 |
|
589 |
/**
|
590 |
+
* Get the new HT config.
|
591 |
*
|
592 |
* @return Array - $new_htaccess_config
|
593 |
*/
|
src/component/security-tweaks/servers/iis-7.php
CHANGED
@@ -8,28 +8,28 @@ use DOMDocument;
|
|
8 |
|
9 |
class IIS_7 {
|
10 |
/**
|
11 |
-
* New htaccess file
|
12 |
*
|
13 |
-
* @var array
|
14 |
*/
|
15 |
private $new_htaccess_config = [];
|
16 |
|
17 |
/**
|
18 |
-
* Exclude file paths
|
19 |
*
|
20 |
-
* @var array
|
21 |
*/
|
22 |
private $exclude_file_paths = [];
|
23 |
|
24 |
/**
|
25 |
-
* Service type
|
26 |
*
|
27 |
* @var string
|
28 |
*/
|
29 |
private $type = null;
|
30 |
|
31 |
/**
|
32 |
-
* Constructor method
|
33 |
*
|
34 |
* @param void
|
35 |
*/
|
@@ -38,7 +38,7 @@ class IIS_7 {
|
|
38 |
}
|
39 |
|
40 |
/**
|
41 |
-
* Check whether the issue has been resolved or not
|
42 |
*
|
43 |
* @return bool
|
44 |
*/
|
@@ -58,7 +58,7 @@ class IIS_7 {
|
|
58 |
}
|
59 |
|
60 |
/**
|
61 |
-
* Process the rule
|
62 |
*
|
63 |
* @return bool
|
64 |
*/
|
@@ -145,7 +145,7 @@ class IIS_7 {
|
|
145 |
|
146 |
|
147 |
/**
|
148 |
-
* Revert the rule
|
149 |
*
|
150 |
* @return bool
|
151 |
*/
|
@@ -179,20 +179,20 @@ class IIS_7 {
|
|
179 |
}
|
180 |
|
181 |
/**
|
182 |
-
* Get the new HT config
|
183 |
*
|
184 |
-
* @return
|
185 |
*/
|
186 |
public function get_new_htaccess_config() {
|
187 |
return $this->new_htaccess_config;
|
188 |
}
|
189 |
|
190 |
/**
|
191 |
-
* Get the exclude file paths
|
192 |
*
|
193 |
-
* @return
|
194 |
*/
|
195 |
public function get_excluded_file_paths() {
|
196 |
return $this->exclude_file_paths;
|
197 |
}
|
198 |
-
}
|
8 |
|
9 |
class IIS_7 {
|
10 |
/**
|
11 |
+
* New htaccess file.
|
12 |
*
|
13 |
+
* @var array
|
14 |
*/
|
15 |
private $new_htaccess_config = [];
|
16 |
|
17 |
/**
|
18 |
+
* Exclude file paths.
|
19 |
*
|
20 |
+
* @var array
|
21 |
*/
|
22 |
private $exclude_file_paths = [];
|
23 |
|
24 |
/**
|
25 |
+
* Service type.
|
26 |
*
|
27 |
* @var string
|
28 |
*/
|
29 |
private $type = null;
|
30 |
|
31 |
/**
|
32 |
+
* Constructor method.
|
33 |
*
|
34 |
* @param void
|
35 |
*/
|
38 |
}
|
39 |
|
40 |
/**
|
41 |
+
* Check whether the issue has been resolved or not.
|
42 |
*
|
43 |
* @return bool
|
44 |
*/
|
58 |
}
|
59 |
|
60 |
/**
|
61 |
+
* Process the rule.
|
62 |
*
|
63 |
* @return bool
|
64 |
*/
|
145 |
|
146 |
|
147 |
/**
|
148 |
+
* Revert the rule.
|
149 |
*
|
150 |
* @return bool
|
151 |
*/
|
179 |
}
|
180 |
|
181 |
/**
|
182 |
+
* Get the new HT config.
|
183 |
*
|
184 |
+
* @return array - $new_htaccess_config
|
185 |
*/
|
186 |
public function get_new_htaccess_config() {
|
187 |
return $this->new_htaccess_config;
|
188 |
}
|
189 |
|
190 |
/**
|
191 |
+
* Get the exclude file paths.
|
192 |
*
|
193 |
+
* @return array - $exclude_file_paths
|
194 |
*/
|
195 |
public function get_excluded_file_paths() {
|
196 |
return $this->exclude_file_paths;
|
197 |
}
|
198 |
+
}
|
src/component/security-tweaks/servers/server-factory.php
CHANGED
@@ -8,28 +8,28 @@ use Exception;
|
|
8 |
class Server_Factory {
|
9 |
|
10 |
/**
|
11 |
-
* Server name holder for showing notice
|
12 |
*
|
13 |
-
* @var string
|
14 |
*/
|
15 |
private $requested_server;
|
16 |
|
17 |
/**
|
18 |
-
* Server name holder
|
19 |
*
|
20 |
-
* @var string
|
21 |
*/
|
22 |
private $server = null;
|
23 |
|
24 |
/**
|
25 |
-
* Supported server list holder
|
26 |
*
|
27 |
-
* @var
|
28 |
*/
|
29 |
private $servers = [];
|
30 |
|
31 |
/**
|
32 |
-
* Constructor method
|
33 |
*
|
34 |
* @param string $server
|
35 |
*
|
@@ -56,7 +56,7 @@ class Server_Factory {
|
|
56 |
}
|
57 |
|
58 |
/**
|
59 |
-
* Get supported servers
|
60 |
*
|
61 |
* @return array
|
62 |
*/
|
@@ -72,7 +72,7 @@ class Server_Factory {
|
|
72 |
}
|
73 |
|
74 |
/**
|
75 |
-
* Get the server for specific service
|
76 |
*
|
77 |
* @param string
|
78 |
*
|
8 |
class Server_Factory {
|
9 |
|
10 |
/**
|
11 |
+
* Server name holder for showing notice.
|
12 |
*
|
13 |
+
* @var string
|
14 |
*/
|
15 |
private $requested_server;
|
16 |
|
17 |
/**
|
18 |
+
* Server name holder.
|
19 |
*
|
20 |
+
* @var string
|
21 |
*/
|
22 |
private $server = null;
|
23 |
|
24 |
/**
|
25 |
+
* Supported server list holder.
|
26 |
*
|
27 |
+
* @var array
|
28 |
*/
|
29 |
private $servers = [];
|
30 |
|
31 |
/**
|
32 |
+
* Constructor method.
|
33 |
*
|
34 |
* @param string $server
|
35 |
*
|
56 |
}
|
57 |
|
58 |
/**
|
59 |
+
* Get supported servers.
|
60 |
*
|
61 |
* @return array
|
62 |
*/
|
72 |
}
|
73 |
|
74 |
/**
|
75 |
+
* Get the server for specific service.
|
76 |
*
|
77 |
* @param string
|
78 |
*
|
src/model/setting/blacklist-lockout.php
CHANGED
@@ -15,14 +15,14 @@ class Blacklist_Lockout extends Setting {
|
|
15 |
|
16 |
protected $table = 'wd_blacklist_lockout_settings';
|
17 |
/**
|
18 |
-
* Store a list of IPs blocked from the site, the priority of this list is lower than whitelist
|
19 |
*
|
20 |
* @var string
|
21 |
* @defender_property
|
22 |
*/
|
23 |
public $ip_blacklist = '';
|
24 |
/**
|
25 |
-
* Top priority, if an IP in this list, mean we never check any on them
|
26 |
*
|
27 |
* @var string
|
28 |
* @defender_property
|
@@ -30,7 +30,7 @@ class Blacklist_Lockout extends Setting {
|
|
30 |
public $ip_whitelist = '';
|
31 |
/**
|
32 |
* The message to show on frontend when an blocklisted IP access the site, recommend to use something generic,
|
33 |
-
* so we don't expose our intention
|
34 |
*
|
35 |
* @var string
|
36 |
* @defender_property
|
@@ -38,8 +38,8 @@ class Blacklist_Lockout extends Setting {
|
|
38 |
public $ip_lockout_message = '';
|
39 |
|
40 |
/**
|
41 |
-
*
|
42 |
-
* $ip_lockout_message
|
43 |
*
|
44 |
* @var array
|
45 |
* @defender_property
|
@@ -47,7 +47,8 @@ class Blacklist_Lockout extends Setting {
|
|
47 |
public $country_blacklist = array();
|
48 |
|
49 |
/**
|
50 |
-
* This
|
|
|
51 |
*
|
52 |
* @var array
|
53 |
* @defender_property
|
@@ -55,9 +56,10 @@ class Blacklist_Lockout extends Setting {
|
|
55 |
public $country_whitelist = array();
|
56 |
|
57 |
/**
|
58 |
-
* Path to downloaded GeoDB
|
|
|
59 |
*
|
60 |
-
* @var string
|
61 |
* @defender_property
|
62 |
*/
|
63 |
public $geodb_path = null;
|
@@ -70,7 +72,7 @@ class Blacklist_Lockout extends Setting {
|
|
70 |
}
|
71 |
|
72 |
/**
|
73 |
-
* Add an IP to the list, this should be the **ONLY** way to add an IP to a list
|
74 |
*
|
75 |
* @param $ip
|
76 |
* @param null $list blocklist|allowlist
|
@@ -93,8 +95,8 @@ class Blacklist_Lockout extends Setting {
|
|
93 |
}
|
94 |
|
95 |
/**
|
96 |
-
* @param $ip
|
97 |
-
* @param $list
|
98 |
*
|
99 |
* @return bool
|
100 |
*/
|
@@ -110,8 +112,8 @@ class Blacklist_Lockout extends Setting {
|
|
110 |
/**
|
111 |
* Remove an ip from a list
|
112 |
*
|
113 |
-
* @param $ip
|
114 |
-
* @param
|
115 |
*
|
116 |
* @return void
|
117 |
*/
|
@@ -131,7 +133,7 @@ class Blacklist_Lockout extends Setting {
|
|
131 |
}
|
132 |
|
133 |
/**
|
134 |
-
* Check downloaded GeoDB
|
135 |
*
|
136 |
* @return bool
|
137 |
*/
|
@@ -156,7 +158,7 @@ class Blacklist_Lockout extends Setting {
|
|
156 |
|
157 |
return true;
|
158 |
} elseif ( ! empty( $this->geodb_path ) && file_exists( $this->geodb_path ) ) {
|
159 |
-
//
|
160 |
return true;
|
161 |
}
|
162 |
|
@@ -174,7 +176,7 @@ class Blacklist_Lockout extends Setting {
|
|
174 |
|
175 |
/**
|
176 |
* We going to use this for filter the IPs, as we use textarea to submit so it can contains
|
177 |
-
* some un-valid IPs
|
178 |
*/
|
179 |
public function after_validate() {
|
180 |
$lists = [
|
@@ -192,14 +194,14 @@ class Blacklist_Lockout extends Setting {
|
|
192 |
}
|
193 |
|
194 |
/**
|
195 |
-
* Get list of blocklisted or allowlisted IPs
|
196 |
*
|
197 |
* @param string $type blocklist|allowlist
|
198 |
*
|
199 |
* @return array
|
200 |
*/
|
201 |
public function get_list( $type = 'blocklist' ) {
|
202 |
-
//
|
203 |
$list = ( 'blocklist' === $type ) ? $this->ip_blacklist : $this->ip_whitelist;
|
204 |
$arr = array_filter( explode( PHP_EOL, $list ) );
|
205 |
$arr = array_map( 'trim', $arr );
|
@@ -209,7 +211,7 @@ class Blacklist_Lockout extends Setting {
|
|
209 |
}
|
210 |
|
211 |
/**
|
212 |
-
* Get list of blacklisted countries
|
213 |
*
|
214 |
* @return array
|
215 |
*/
|
@@ -218,7 +220,7 @@ class Blacklist_Lockout extends Setting {
|
|
218 |
}
|
219 |
|
220 |
/**
|
221 |
-
* Get list of whitelisted countries
|
222 |
*
|
223 |
* @return array
|
224 |
*/
|
@@ -227,7 +229,7 @@ class Blacklist_Lockout extends Setting {
|
|
227 |
}
|
228 |
|
229 |
/**
|
230 |
-
* Define labels for settings key
|
231 |
*
|
232 |
* @param string|null $key
|
233 |
*
|
15 |
|
16 |
protected $table = 'wd_blacklist_lockout_settings';
|
17 |
/**
|
18 |
+
* Store a list of IPs blocked from the site, the priority of this list is lower than whitelist.
|
19 |
*
|
20 |
* @var string
|
21 |
* @defender_property
|
22 |
*/
|
23 |
public $ip_blacklist = '';
|
24 |
/**
|
25 |
+
* Top priority, if an IP in this list, mean we never check any on them.
|
26 |
*
|
27 |
* @var string
|
28 |
* @defender_property
|
30 |
public $ip_whitelist = '';
|
31 |
/**
|
32 |
* The message to show on frontend when an blocklisted IP access the site, recommend to use something generic,
|
33 |
+
* so we don't expose our intention.
|
34 |
*
|
35 |
* @var string
|
36 |
* @defender_property
|
38 |
public $ip_lockout_message = '';
|
39 |
|
40 |
/**
|
41 |
+
* This should be use if you don't want an IP from some country to access your site, the error message will refer to
|
42 |
+
* $ip_lockout_message.
|
43 |
*
|
44 |
* @var array
|
45 |
* @defender_property
|
47 |
public $country_blacklist = array();
|
48 |
|
49 |
/**
|
50 |
+
* This uses when you want to block all and allow some countries, it will have less priority than the IP
|
51 |
+
* white/black above.
|
52 |
*
|
53 |
* @var array
|
54 |
* @defender_property
|
56 |
public $country_whitelist = array();
|
57 |
|
58 |
/**
|
59 |
+
* Path to downloaded GeoDB.
|
60 |
+
* Important: This var doesn't support Union Types. So just 'string'.
|
61 |
*
|
62 |
+
* @var string
|
63 |
* @defender_property
|
64 |
*/
|
65 |
public $geodb_path = null;
|
72 |
}
|
73 |
|
74 |
/**
|
75 |
+
* Add an IP to the list, this should be the **ONLY** way to add an IP to a list.
|
76 |
*
|
77 |
* @param $ip
|
78 |
* @param null $list blocklist|allowlist
|
95 |
}
|
96 |
|
97 |
/**
|
98 |
+
* @param string $ip
|
99 |
+
* @param string $list
|
100 |
*
|
101 |
* @return bool
|
102 |
*/
|
112 |
/**
|
113 |
* Remove an ip from a list
|
114 |
*
|
115 |
+
* @param string $ip
|
116 |
+
* @param string $list blocklist|allowlist
|
117 |
*
|
118 |
* @return void
|
119 |
*/
|
133 |
}
|
134 |
|
135 |
/**
|
136 |
+
* Check downloaded GeoDB.
|
137 |
*
|
138 |
* @return bool
|
139 |
*/
|
158 |
|
159 |
return true;
|
160 |
} elseif ( ! empty( $this->geodb_path ) && file_exists( $this->geodb_path ) ) {
|
161 |
+
// The case if ABSPATH was changed e.g. in wp-config.php.
|
162 |
return true;
|
163 |
}
|
164 |
|
176 |
|
177 |
/**
|
178 |
* We going to use this for filter the IPs, as we use textarea to submit so it can contains
|
179 |
+
* some un-valid IPs.
|
180 |
*/
|
181 |
public function after_validate() {
|
182 |
$lists = [
|
194 |
}
|
195 |
|
196 |
/**
|
197 |
+
* Get list of blocklisted or allowlisted IPs.
|
198 |
*
|
199 |
* @param string $type blocklist|allowlist
|
200 |
*
|
201 |
* @return array
|
202 |
*/
|
203 |
public function get_list( $type = 'blocklist' ) {
|
204 |
+
// The list should be always strings.
|
205 |
$list = ( 'blocklist' === $type ) ? $this->ip_blacklist : $this->ip_whitelist;
|
206 |
$arr = array_filter( explode( PHP_EOL, $list ) );
|
207 |
$arr = array_map( 'trim', $arr );
|
211 |
}
|
212 |
|
213 |
/**
|
214 |
+
* Get list of blacklisted countries.
|
215 |
*
|
216 |
* @return array
|
217 |
*/
|
220 |
}
|
221 |
|
222 |
/**
|
223 |
+
* Get list of whitelisted countries.
|
224 |
*
|
225 |
* @return array
|
226 |
*/
|
229 |
}
|
230 |
|
231 |
/**
|
232 |
+
* Define labels for settings key.
|
233 |
*
|
234 |
* @param string|null $key
|
235 |
*
|
wp-defender.php
CHANGED
@@ -2,7 +2,7 @@
|
|
2 |
/**
|
3 |
* Plugin Name: Defender
|
4 |
* Plugin URI: https://wpmudev.com/project/wp-defender/
|
5 |
-
* Version: 2.5.
|
6 |
* Description: Get regular security scans, vulnerability reports, safety recommendations and customized hardening for your site in just a few clicks. Defender is the analyst and enforcer who never sleeps.
|
7 |
* Author: WPMU DEV
|
8 |
* Author URI: https://wpmudev.com/
|
@@ -15,10 +15,10 @@ if ( ! defined( 'ABSPATH' ) ) {
|
|
15 |
die;
|
16 |
}
|
17 |
if ( ! defined( 'DEFENDER_VERSION' ) ) {
|
18 |
-
define( 'DEFENDER_VERSION', '2.5.
|
19 |
}
|
20 |
if ( ! defined( 'DEFENDER_DB_VERSION' ) ) {
|
21 |
-
define( 'DEFENDER_DB_VERSION', '2.5.
|
22 |
}
|
23 |
if ( ! defined( 'DEFENDER_SUI' ) ) {
|
24 |
define( 'DEFENDER_SUI', '2-10-7' );
|
2 |
/**
|
3 |
* Plugin Name: Defender
|
4 |
* Plugin URI: https://wpmudev.com/project/wp-defender/
|
5 |
+
* Version: 2.5.7
|
6 |
* Description: Get regular security scans, vulnerability reports, safety recommendations and customized hardening for your site in just a few clicks. Defender is the analyst and enforcer who never sleeps.
|
7 |
* Author: WPMU DEV
|
8 |
* Author URI: https://wpmudev.com/
|
15 |
die;
|
16 |
}
|
17 |
if ( ! defined( 'DEFENDER_VERSION' ) ) {
|
18 |
+
define( 'DEFENDER_VERSION', '2.5.7' );
|
19 |
}
|
20 |
if ( ! defined( 'DEFENDER_DB_VERSION' ) ) {
|
21 |
+
define( 'DEFENDER_DB_VERSION', '2.5.7' );
|
22 |
}
|
23 |
if ( ! defined( 'DEFENDER_SUI' ) ) {
|
24 |
define( 'DEFENDER_SUI', '2-10-7' );
|