Version Description
( 2021-11-03 ) =
- Enhance: White labeling support
Download this release
Release Info
Developer | BigTonny |
Plugin | Defender Security – Malware Scanner, Login Security & Firewall |
Version | 2.6.3 |
Comparing to | |
See all releases |
Code changes from version 2.6.2 to 2.6.3
- assets/img/modal-google-recaptcha.png +0 -0
- assets/img/modal-google-recaptcha@2x.png +0 -0
- assets/img/modal-new-256.png +0 -0
- assets/img/modal-new-256@2x.png +0 -0
- assets/img/modal-user-agent.png +0 -0
- assets/img/modal-user-agent@2x.png +0 -0
- languages/wpdef-default.pot +14 -14
- readme.txt +6 -19
- src/behavior/wpmudev.php +60 -30
- src/class-admin.php +9 -3
- src/upgrader.php +2 -2
- wp-defender.php +3 -3
assets/img/modal-google-recaptcha.png
ADDED
Binary file
|
assets/img/modal-google-recaptcha@2x.png
ADDED
Binary file
|
assets/img/modal-new-256.png
ADDED
Binary file
|
assets/img/modal-new-256@2x.png
ADDED
Binary file
|
assets/img/modal-user-agent.png
ADDED
Binary file
|
assets/img/modal-user-agent@2x.png
ADDED
Binary file
|
languages/wpdef-default.pot
CHANGED
@@ -6,9 +6,9 @@
|
|
6 |
#, fuzzy
|
7 |
msgid ""
|
8 |
msgstr ""
|
9 |
-
"Project-Id-Version: wp-defender 2.6.
|
10 |
"Report-Msgid-Bugs-To: \n"
|
11 |
-
"POT-Creation-Date: 2021-11-
|
12 |
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
13 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
14 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
@@ -205,18 +205,18 @@ msgid ""
|
|
205 |
"know in a single email - just for users of Defender!"
|
206 |
msgstr ""
|
207 |
|
208 |
-
#: free/wpmudev.php:
|
209 |
msgid "here"
|
210 |
msgstr ""
|
211 |
|
212 |
-
#: free/wpmudev.php:
|
213 |
#, php-format
|
214 |
msgid ""
|
215 |
"WPMU DEV Dashboard will be required for this action. Please visit %s and "
|
216 |
"install the WPMU DEV Dashboard."
|
217 |
msgstr ""
|
218 |
|
219 |
-
#: free/wpmudev.php:
|
220 |
#: src/model/setting/scan.php:61
|
221 |
#: front/src/module/scan/screen/_settings-free.vue:28
|
222 |
#: front/src/module/scan/screen/_settings.vue:28
|
@@ -224,21 +224,21 @@ msgstr ""
|
|
224 |
msgid "File change detection"
|
225 |
msgstr ""
|
226 |
|
227 |
-
#: free/wpmudev.php:
|
228 |
#: src/model/setting/scan.php:62
|
229 |
#: front/src/module/scan/screen/_settings-free.vue:43
|
230 |
#: front/src/module/scan/screen/_settings.vue:43
|
231 |
msgid "Scan core files"
|
232 |
msgstr ""
|
233 |
|
234 |
-
#: free/wpmudev.php:
|
235 |
#: src/model/setting/scan.php:63
|
236 |
#: front/src/module/scan/screen/_settings-free.vue:50
|
237 |
#: front/src/module/scan/screen/_settings.vue:50
|
238 |
msgid "Scan plugin files"
|
239 |
msgstr ""
|
240 |
|
241 |
-
#: free/wpmudev.php:
|
242 |
#: src/model/setting/scan.php:64 front/src/module/scan/screen/_issues.vue:14
|
243 |
#: front/src/module/scan/screen/_settings-free.vue:65
|
244 |
#: front/src/module/scan/screen/_settings.vue:64
|
@@ -246,7 +246,7 @@ msgstr ""
|
|
246 |
msgid "Known vulnerabilities"
|
247 |
msgstr ""
|
248 |
|
249 |
-
#: free/wpmudev.php:
|
250 |
#: front/src/module/scan/screen/_issues.vue:15
|
251 |
#: front/src/module/scan/screen/_settings-free.vue:84
|
252 |
#: front/src/module/scan/screen/_settings.vue:80
|
@@ -254,12 +254,12 @@ msgstr ""
|
|
254 |
msgid "Suspicious code"
|
255 |
msgstr ""
|
256 |
|
257 |
-
#: free/wpmudev.php:
|
258 |
#: src/behavior/wpmudev.php:640 src/component/scan.php:394
|
259 |
msgid "Defender Pro"
|
260 |
msgstr ""
|
261 |
|
262 |
-
#: free/wpmudev.php:
|
263 |
#: src/view/ip-lockout/locked.php:135
|
264 |
msgid "Defender"
|
265 |
msgstr ""
|
@@ -584,17 +584,17 @@ msgstr ""
|
|
584 |
msgid "Maybe later"
|
585 |
msgstr ""
|
586 |
|
587 |
-
#: src/class-admin.php:
|
588 |
msgid "Black Friday Offer!"
|
589 |
msgstr ""
|
590 |
|
591 |
-
#: src/class-admin.php:
|
592 |
msgid ""
|
593 |
"Get 11 Pro plugins on unlimited sites and much more with 50% OFF WPMU DEV "
|
594 |
"Agency plan FOREVER"
|
595 |
msgstr ""
|
596 |
|
597 |
-
#: src/class-admin.php:
|
598 |
msgid "*Only admin users can see this message"
|
599 |
msgstr ""
|
600 |
|
6 |
#, fuzzy
|
7 |
msgid ""
|
8 |
msgstr ""
|
9 |
+
"Project-Id-Version: wp-defender 2.6.3\n"
|
10 |
"Report-Msgid-Bugs-To: \n"
|
11 |
+
"POT-Creation-Date: 2021-11-03 12:34+0200\n"
|
12 |
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
13 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
14 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
205 |
"know in a single email - just for users of Defender!"
|
206 |
msgstr ""
|
207 |
|
208 |
+
#: free/wpmudev.php:167 src/behavior/wpmudev.php:226
|
209 |
msgid "here"
|
210 |
msgstr ""
|
211 |
|
212 |
+
#: free/wpmudev.php:172 src/behavior/wpmudev.php:231
|
213 |
#, php-format
|
214 |
msgid ""
|
215 |
"WPMU DEV Dashboard will be required for this action. Please visit %s and "
|
216 |
"install the WPMU DEV Dashboard."
|
217 |
msgstr ""
|
218 |
|
219 |
+
#: free/wpmudev.php:530 src/behavior/wpmudev.php:589
|
220 |
#: src/model/setting/scan.php:61
|
221 |
#: front/src/module/scan/screen/_settings-free.vue:28
|
222 |
#: front/src/module/scan/screen/_settings.vue:28
|
224 |
msgid "File change detection"
|
225 |
msgstr ""
|
226 |
|
227 |
+
#: free/wpmudev.php:531 src/behavior/wpmudev.php:590
|
228 |
#: src/model/setting/scan.php:62
|
229 |
#: front/src/module/scan/screen/_settings-free.vue:43
|
230 |
#: front/src/module/scan/screen/_settings.vue:43
|
231 |
msgid "Scan core files"
|
232 |
msgstr ""
|
233 |
|
234 |
+
#: free/wpmudev.php:532 src/behavior/wpmudev.php:591
|
235 |
#: src/model/setting/scan.php:63
|
236 |
#: front/src/module/scan/screen/_settings-free.vue:50
|
237 |
#: front/src/module/scan/screen/_settings.vue:50
|
238 |
msgid "Scan plugin files"
|
239 |
msgstr ""
|
240 |
|
241 |
+
#: free/wpmudev.php:533 src/behavior/wpmudev.php:592
|
242 |
#: src/model/setting/scan.php:64 front/src/module/scan/screen/_issues.vue:14
|
243 |
#: front/src/module/scan/screen/_settings-free.vue:65
|
244 |
#: front/src/module/scan/screen/_settings.vue:64
|
246 |
msgid "Known vulnerabilities"
|
247 |
msgstr ""
|
248 |
|
249 |
+
#: free/wpmudev.php:534 src/behavior/wpmudev.php:593
|
250 |
#: front/src/module/scan/screen/_issues.vue:15
|
251 |
#: front/src/module/scan/screen/_settings-free.vue:84
|
252 |
#: front/src/module/scan/screen/_settings.vue:80
|
254 |
msgid "Suspicious code"
|
255 |
msgstr ""
|
256 |
|
257 |
+
#: free/wpmudev.php:575 free/wpmudev.php:581 src/behavior/wpmudev.php:634
|
258 |
#: src/behavior/wpmudev.php:640 src/component/scan.php:394
|
259 |
msgid "Defender Pro"
|
260 |
msgstr ""
|
261 |
|
262 |
+
#: free/wpmudev.php:582 src/behavior/wpmudev.php:641
|
263 |
#: src/view/ip-lockout/locked.php:135
|
264 |
msgid "Defender"
|
265 |
msgstr ""
|
584 |
msgid "Maybe later"
|
585 |
msgstr ""
|
586 |
|
587 |
+
#: src/class-admin.php:352
|
588 |
msgid "Black Friday Offer!"
|
589 |
msgstr ""
|
590 |
|
591 |
+
#: src/class-admin.php:353
|
592 |
msgid ""
|
593 |
"Get 11 Pro plugins on unlimited sites and much more with 50% OFF WPMU DEV "
|
594 |
"Agency plan FOREVER"
|
595 |
msgstr ""
|
596 |
|
597 |
+
#: src/class-admin.php:354
|
598 |
msgid "*Only admin users can see this message"
|
599 |
msgstr ""
|
600 |
|
readme.txt
CHANGED
@@ -1,13 +1,13 @@
|
|
1 |
=== Defender Security - Malware Scanner, Login Security & Firewall ===
|
2 |
Plugin Name: Defender Security - Malware Scanner, Login Security & Firewall
|
3 |
-
Version: 2.6.
|
4 |
Author: WPMU DEV
|
5 |
Author URI: https://wpmudev.com/
|
6 |
Contributors: WPMUDEV
|
7 |
Tags: security plugin, security, firewall, malware, malware scanner, antivirus, ip blocking, login security, brute force attacks, two-factor authentication, activity log, audit logs, block hackers, 2fa, hack
|
8 |
Requires at least: 5.2
|
9 |
Tested up to: 5.8.1
|
10 |
-
Stable tag: 2.6.
|
11 |
Requires PHP: 5.6.20
|
12 |
License: GPL v2 - http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
|
13 |
|
@@ -240,6 +240,10 @@ Please open a new thread in Defender’s [support forum](https://wordpress.org/s
|
|
240 |
|
241 |
== Changelog ==
|
242 |
|
|
|
|
|
|
|
|
|
243 |
= 2.6.2 ( 2021-11-01 ) =
|
244 |
|
245 |
- New: Plugin vulnerability warnings
|
@@ -355,23 +359,6 @@ Please open a new thread in Defender’s [support forum](https://wordpress.org/s
|
|
355 |
- Fix: Console error on Mask Login page
|
356 |
- Fix: Change reCaptcha to reCAPTCHA
|
357 |
|
358 |
-
= 2.5.4 ( 2021-06-28 ) =
|
359 |
-
|
360 |
-
- New: Google reCAPTCHA for WordPress login/register/password reset pages
|
361 |
-
- New: Highlight new features in welcome modal
|
362 |
-
- Enhance: Compatibility with WordPress 5.8
|
363 |
-
- Enhance: Update WP-CLI scan options
|
364 |
-
- Enhance: Tools dashboard widget
|
365 |
-
- Fix: Locations feature not working on Flywheel hosting
|
366 |
-
- Fix: Warnings with PHP version 7.4
|
367 |
-
- Fix: Password reset page showing if users from any subsite try to save pwned password
|
368 |
-
- Fix: Guest User under Malware Scanning Notification
|
369 |
-
- Fix: Various issues with notifications in Defender
|
370 |
-
- Fix: Can't update email when mask login enabled
|
371 |
-
- Fix: Minor typo in Dashboard modal
|
372 |
-
- Fix: Issue Details section not showing code
|
373 |
-
- Fix: Hide notice on Configs page
|
374 |
-
|
375 |
|
376 |
[Changelog for previous versions](https://wpmudev.com/project/wp-defender/#view-changelog).
|
377 |
|
1 |
=== Defender Security - Malware Scanner, Login Security & Firewall ===
|
2 |
Plugin Name: Defender Security - Malware Scanner, Login Security & Firewall
|
3 |
+
Version: 2.6.3
|
4 |
Author: WPMU DEV
|
5 |
Author URI: https://wpmudev.com/
|
6 |
Contributors: WPMUDEV
|
7 |
Tags: security plugin, security, firewall, malware, malware scanner, antivirus, ip blocking, login security, brute force attacks, two-factor authentication, activity log, audit logs, block hackers, 2fa, hack
|
8 |
Requires at least: 5.2
|
9 |
Tested up to: 5.8.1
|
10 |
+
Stable tag: 2.6.3
|
11 |
Requires PHP: 5.6.20
|
12 |
License: GPL v2 - http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
|
13 |
|
240 |
|
241 |
== Changelog ==
|
242 |
|
243 |
+
= 2.6.3 ( 2021-11-03 ) =
|
244 |
+
|
245 |
+
- Enhance: White labeling support
|
246 |
+
|
247 |
= 2.6.2 ( 2021-11-01 ) =
|
248 |
|
249 |
- New: Plugin vulnerability warnings
|
359 |
- Fix: Console error on Mask Login page
|
360 |
- Fix: Change reCaptcha to reCAPTCHA
|
361 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
362 |
|
363 |
[Changelog for previous versions](https://wpmudev.com/project/wp-defender/#view-changelog).
|
364 |
|
src/behavior/wpmudev.php
CHANGED
@@ -30,22 +30,22 @@ use WP_Defender\Traits\Formats;
|
|
30 |
class WPMUDEV extends Behavior {
|
31 |
use IO, Formats;
|
32 |
|
33 |
-
const API_SCAN_SIGNATURE
|
34 |
-
const API_AUDIT
|
35 |
-
const API_BLACKLIST
|
|
|
36 |
|
37 |
/**
|
38 |
-
* Get membership status
|
39 |
*
|
40 |
* @return bool
|
41 |
-
* @method
|
42 |
*/
|
43 |
public function is_pro() {
|
44 |
return false;
|
45 |
}
|
46 |
|
47 |
/**
|
48 |
-
* Get WPMUDEV API KEY
|
49 |
*
|
50 |
* @return bool|string
|
51 |
*/
|
@@ -73,7 +73,8 @@ class WPMUDEV extends Behavior {
|
|
73 |
}
|
74 |
|
75 |
/**
|
76 |
-
* Return the high contrast css class if it is
|
|
|
77 |
* @return string
|
78 |
*/
|
79 |
public function maybe_high_contrast() {
|
@@ -97,7 +98,7 @@ class WPMUDEV extends Behavior {
|
|
97 |
case self::API_SCAN_SIGNATURE:
|
98 |
return "{$base}api/defender/v1/yara-signatures";
|
99 |
case self::API_AUDIT:
|
100 |
-
//
|
101 |
$base = defined( 'WPMUDEV_CUSTOM_AUDIT_SERVER' )
|
102 |
? constant( 'WPMUDEV_CUSTOM_AUDIT_SERVER' )
|
103 |
: 'https://audit.wpmudev.org/';
|
@@ -115,14 +116,17 @@ class WPMUDEV extends Behavior {
|
|
115 |
$site_id = $this->get_site_id();
|
116 |
|
117 |
return "{$base}api/hub/v1/sites/$site_id/modules/hosting";
|
118 |
-
case self::
|
|
|
|
|
119 |
default:
|
120 |
return 'https://wpmudev.com/api/defender/v1/scan-results';
|
121 |
}
|
122 |
}
|
123 |
|
124 |
/**
|
125 |
-
* Get WPMUDEV site id
|
|
|
126 |
* @return bool
|
127 |
*/
|
128 |
public function get_site_id() {
|
@@ -130,6 +134,7 @@ class WPMUDEV extends Behavior {
|
|
130 |
}
|
131 |
|
132 |
/**
|
|
|
133 |
* @return bool
|
134 |
*/
|
135 |
public function is_whitelabel_enabled() {
|
@@ -137,7 +142,12 @@ class WPMUDEV extends Behavior {
|
|
137 |
}
|
138 |
|
139 |
/**
|
|
|
|
|
|
|
|
|
140 |
* @return bool
|
|
|
141 |
*/
|
142 |
public function show_support_links() {
|
143 |
return false;
|
@@ -186,7 +196,7 @@ class WPMUDEV extends Behavior {
|
|
186 |
if ( ! $recheck ) {
|
187 |
return $request;
|
188 |
}
|
189 |
-
//
|
190 |
$args['headers'] = array( 'apikey' => $api_key );
|
191 |
$request = wp_remote_request( $this->get_endpoint( $scenario ), $args );
|
192 |
if ( is_wp_error( $request ) ) {
|
@@ -206,7 +216,7 @@ class WPMUDEV extends Behavior {
|
|
206 |
}
|
207 |
|
208 |
/**
|
209 |
-
* This will build data relate to scan module so we can push to hub.
|
210 |
* @since 2.5.0 remove 'theme_integrity'
|
211 |
* @since 2.4.7 add 'theme_integrity', 'plugin_integrity' args
|
212 |
*
|
@@ -216,7 +226,7 @@ class WPMUDEV extends Behavior {
|
|
216 |
$scan = Scan::get_last();
|
217 |
$scan_result = array(
|
218 |
'core_integrity' => 0,
|
219 |
-
//
|
220 |
'theme_integrity' => 0,
|
221 |
'plugin_integrity' => 0,
|
222 |
'vulnerability_db' => 0,
|
@@ -231,7 +241,7 @@ class WPMUDEV extends Behavior {
|
|
231 |
$data = $scan->prepare_issues();
|
232 |
|
233 |
$scan_result['core_integrity'] = $data['count_core'];
|
234 |
-
//
|
235 |
$scan_result['theme_integrity'] = 0;
|
236 |
$scan_result['plugin_integrity'] = $data['count_plugin'];
|
237 |
$scan_result['vulnerability_db'] = $data['count_vuln'];
|
@@ -259,7 +269,7 @@ class WPMUDEV extends Behavior {
|
|
259 |
'scan_result' => $scan_result,
|
260 |
'scan_schedule' => array(
|
261 |
'is_activated' => Notification::STATUS_ACTIVE === $report->status,
|
262 |
-
//
|
263 |
'time' => $report->time,
|
264 |
'day' => $this->get_notification_day( $report ),
|
265 |
'frequency' => $this->backward_frequency_compatibility( $report->frequency ),
|
@@ -280,7 +290,8 @@ class WPMUDEV extends Behavior {
|
|
280 |
}
|
281 |
|
282 |
/**
|
283 |
-
* Build data for security tweaks
|
|
|
284 |
* @return array
|
285 |
*/
|
286 |
protected function build_security_tweaks_hub_data() {
|
@@ -355,7 +366,7 @@ class WPMUDEV extends Behavior {
|
|
355 |
|
356 |
$query = new \WP_User_Query(
|
357 |
array(
|
358 |
-
//
|
359 |
'blog_id' => 0,
|
360 |
'meta_key' => 'defenderAuthOn',
|
361 |
'meta_value' => true,
|
@@ -401,7 +412,7 @@ class WPMUDEV extends Behavior {
|
|
401 |
} elseif ( 'weekly' === $module_report->frequency ) {
|
402 |
$day = $module_report->day;
|
403 |
} else {
|
404 |
-
//
|
405 |
$day = $module_report->day_n;
|
406 |
}
|
407 |
|
@@ -424,7 +435,7 @@ class WPMUDEV extends Behavior {
|
|
424 |
'file_scanning' => array(
|
425 |
'active' => true,
|
426 |
'enabled' => Notification::STATUS_ACTIVE === $malware_report->status,
|
427 |
-
//Report enabled
|
428 |
'frequency' => array(
|
429 |
'frequency' => $this->backward_frequency_compatibility( $malware_report->frequency ),
|
430 |
'day' => $this->get_notification_day( $malware_report ),
|
@@ -441,10 +452,10 @@ class WPMUDEV extends Behavior {
|
|
441 |
),
|
442 |
),
|
443 |
'ip_lockouts' => array(
|
444 |
-
//
|
445 |
'active' => true,
|
446 |
'enabled' => Notification::STATUS_ACTIVE === $firewall_report->status,
|
447 |
-
//Report enabled
|
448 |
'frequency' => array(
|
449 |
'frequency' => $this->backward_frequency_compatibility( $firewall_report->frequency ),
|
450 |
'day' => $this->get_notification_day( $firewall_report ),
|
@@ -491,13 +502,13 @@ class WPMUDEV extends Behavior {
|
|
491 |
$sec_headers = $this->build_security_headers_hub_data();
|
492 |
|
493 |
$data = array(
|
494 |
-
//
|
495 |
'domain' => network_home_url(),
|
496 |
-
//
|
497 |
'timestamp' => $scan_data['timestamp'],
|
498 |
-
//
|
499 |
'warnings' => $scan_data['warning'],
|
500 |
-
//
|
501 |
'cautions' => $tweaks_data['cautions'],
|
502 |
'data_version' => '20170801',
|
503 |
'scan_data' => json_encode(
|
@@ -535,7 +546,7 @@ class WPMUDEV extends Behavior {
|
|
535 |
'lockout_404' => $firewall_data['nf_week'],
|
536 |
'total_lockout' => (int) $firewall_data['lp_week'] + (int) $firewall_data['nf_week'],
|
537 |
'advanced' => array(
|
538 |
-
//
|
539 |
'multi_factors_auth' => array(
|
540 |
'active' => $two_fa['active'],
|
541 |
'enabled' => $two_fa['enabled'],
|
@@ -563,7 +574,7 @@ class WPMUDEV extends Behavior {
|
|
563 |
if ( $this->is_pro() ) {
|
564 |
$menu_title = esc_html__( 'Defender Pro', 'wpdef' );
|
565 |
} else {
|
566 |
-
// Check if it's Pro but user logged the WPMU Dashboard out
|
567 |
require_once ABSPATH . 'wp-admin/includes/plugin.php';
|
568 |
$menu_title = file_exists( WP_PLUGIN_DIR . DIRECTORY_SEPARATOR . 'wp-defender/wp-defender.php' )
|
569 |
&& is_plugin_active( 'wp-defender/wp-defender.php' )
|
@@ -575,7 +586,7 @@ class WPMUDEV extends Behavior {
|
|
575 |
}
|
576 |
|
577 |
/**
|
578 |
-
* Check if user is a paid one in WPMU DEV
|
579 |
*
|
580 |
* @return bool
|
581 |
*/
|
@@ -612,13 +623,32 @@ class WPMUDEV extends Behavior {
|
|
612 |
* @return array Plugin details: name, id.
|
613 |
*/
|
614 |
public function get_plugin_details() {
|
|
|
615 |
return get_file_data(
|
616 |
WP_DEFENDER_FILE,
|
617 |
array(
|
618 |
-
'name'
|
619 |
-
'id'
|
620 |
)
|
621 |
);
|
622 |
}
|
623 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
624 |
}
|
30 |
class WPMUDEV extends Behavior {
|
31 |
use IO, Formats;
|
32 |
|
33 |
+
const API_SCAN_SIGNATURE = 'yara_scan', API_SCAN_KNOWN_VULN = 'known_vulnerability';
|
34 |
+
const API_AUDIT = 'audit_logging', API_AUDIT_ADD = 'audit_logging_add';
|
35 |
+
const API_BLACKLIST = 'blacklist', API_WAF = 'waf', API_HUB_SYNC = 'hub_sync';
|
36 |
+
const API_PACKAGE_CONFIGS = 'package_configs';
|
37 |
|
38 |
/**
|
39 |
+
* Get membership status.
|
40 |
*
|
41 |
* @return bool
|
|
|
42 |
*/
|
43 |
public function is_pro() {
|
44 |
return false;
|
45 |
}
|
46 |
|
47 |
/**
|
48 |
+
* Get WPMUDEV API KEY.
|
49 |
*
|
50 |
* @return bool|string
|
51 |
*/
|
73 |
}
|
74 |
|
75 |
/**
|
76 |
+
* Return the high contrast css class if it is.
|
77 |
+
*
|
78 |
* @return string
|
79 |
*/
|
80 |
public function maybe_high_contrast() {
|
98 |
case self::API_SCAN_SIGNATURE:
|
99 |
return "{$base}api/defender/v1/yara-signatures";
|
100 |
case self::API_AUDIT:
|
101 |
+
// This is from another endpoint.
|
102 |
$base = defined( 'WPMUDEV_CUSTOM_AUDIT_SERVER' )
|
103 |
? constant( 'WPMUDEV_CUSTOM_AUDIT_SERVER' )
|
104 |
: 'https://audit.wpmudev.org/';
|
116 |
$site_id = $this->get_site_id();
|
117 |
|
118 |
return "{$base}api/hub/v1/sites/$site_id/modules/hosting";
|
119 |
+
case self::API_PACKAGE_CONFIGS:
|
120 |
+
return "{$base}api/hub/v1/package-configs";
|
121 |
+
case self::API_HUB_SYNC:
|
122 |
default:
|
123 |
return 'https://wpmudev.com/api/defender/v1/scan-results';
|
124 |
}
|
125 |
}
|
126 |
|
127 |
/**
|
128 |
+
* Get WPMUDEV site id.
|
129 |
+
*
|
130 |
* @return bool
|
131 |
*/
|
132 |
public function get_site_id() {
|
134 |
}
|
135 |
|
136 |
/**
|
137 |
+
* @since 2.5.5 Use Whitelabel filters instead of calling the whitelabel functions directly.
|
138 |
* @return bool
|
139 |
*/
|
140 |
public function is_whitelabel_enabled() {
|
142 |
}
|
143 |
|
144 |
/**
|
145 |
+
* Show support links if:
|
146 |
+
* plugin version isn't Free,
|
147 |
+
* Whitelabel is disabled.
|
148 |
+
*
|
149 |
* @return bool
|
150 |
+
* @since 2.5.5
|
151 |
*/
|
152 |
public function show_support_links() {
|
153 |
return false;
|
196 |
if ( ! $recheck ) {
|
197 |
return $request;
|
198 |
}
|
199 |
+
// Sometimes a response comes with a curl error #52 so should delete Authorization header.
|
200 |
$args['headers'] = array( 'apikey' => $api_key );
|
201 |
$request = wp_remote_request( $this->get_endpoint( $scenario ), $args );
|
202 |
if ( is_wp_error( $request ) ) {
|
216 |
}
|
217 |
|
218 |
/**
|
219 |
+
* This will build data relate to scan module, so we can push to hub.
|
220 |
* @since 2.5.0 remove 'theme_integrity'
|
221 |
* @since 2.4.7 add 'theme_integrity', 'plugin_integrity' args
|
222 |
*
|
226 |
$scan = Scan::get_last();
|
227 |
$scan_result = array(
|
228 |
'core_integrity' => 0,
|
229 |
+
// Leave for migration to 2.5.0.
|
230 |
'theme_integrity' => 0,
|
231 |
'plugin_integrity' => 0,
|
232 |
'vulnerability_db' => 0,
|
241 |
$data = $scan->prepare_issues();
|
242 |
|
243 |
$scan_result['core_integrity'] = $data['count_core'];
|
244 |
+
// Leave for migration to 2.5.0.
|
245 |
$scan_result['theme_integrity'] = 0;
|
246 |
$scan_result['plugin_integrity'] = $data['count_plugin'];
|
247 |
$scan_result['vulnerability_db'] = $data['count_vuln'];
|
269 |
'scan_result' => $scan_result,
|
270 |
'scan_schedule' => array(
|
271 |
'is_activated' => Notification::STATUS_ACTIVE === $report->status,
|
272 |
+
// Example of frequency, day, time in build_notification_hub_data() method.
|
273 |
'time' => $report->time,
|
274 |
'day' => $this->get_notification_day( $report ),
|
275 |
'frequency' => $this->backward_frequency_compatibility( $report->frequency ),
|
290 |
}
|
291 |
|
292 |
/**
|
293 |
+
* Build data for security tweaks.
|
294 |
+
*
|
295 |
* @return array
|
296 |
*/
|
297 |
protected function build_security_tweaks_hub_data() {
|
366 |
|
367 |
$query = new \WP_User_Query(
|
368 |
array(
|
369 |
+
// Look over the network.
|
370 |
'blog_id' => 0,
|
371 |
'meta_key' => 'defenderAuthOn',
|
372 |
'meta_value' => true,
|
412 |
} elseif ( 'weekly' === $module_report->frequency ) {
|
413 |
$day = $module_report->day;
|
414 |
} else {
|
415 |
+
// For 'monthly'.
|
416 |
$day = $module_report->day_n;
|
417 |
}
|
418 |
|
435 |
'file_scanning' => array(
|
436 |
'active' => true,
|
437 |
'enabled' => Notification::STATUS_ACTIVE === $malware_report->status,
|
438 |
+
// Report enabled bool value.
|
439 |
'frequency' => array(
|
440 |
'frequency' => $this->backward_frequency_compatibility( $malware_report->frequency ),
|
441 |
'day' => $this->get_notification_day( $malware_report ),
|
452 |
),
|
453 |
),
|
454 |
'ip_lockouts' => array(
|
455 |
+
// Always true as we have blacklist listening.
|
456 |
'active' => true,
|
457 |
'enabled' => Notification::STATUS_ACTIVE === $firewall_report->status,
|
458 |
+
// Report enabled bool value.
|
459 |
'frequency' => array(
|
460 |
'frequency' => $this->backward_frequency_compatibility( $firewall_report->frequency ),
|
461 |
'day' => $this->get_notification_day( $firewall_report ),
|
502 |
$sec_headers = $this->build_security_headers_hub_data();
|
503 |
|
504 |
$data = array(
|
505 |
+
// Domain name.
|
506 |
'domain' => network_home_url(),
|
507 |
+
// Last scan date.
|
508 |
'timestamp' => $scan_data['timestamp'],
|
509 |
+
// Scan issue count.
|
510 |
'warnings' => $scan_data['warning'],
|
511 |
+
// Security tweaks issue count.
|
512 |
'cautions' => $tweaks_data['cautions'],
|
513 |
'data_version' => '20170801',
|
514 |
'scan_data' => json_encode(
|
546 |
'lockout_404' => $firewall_data['nf_week'],
|
547 |
'total_lockout' => (int) $firewall_data['lp_week'] + (int) $firewall_data['nf_week'],
|
548 |
'advanced' => array(
|
549 |
+
// This is moved but still keep here for backward compatibility.
|
550 |
'multi_factors_auth' => array(
|
551 |
'active' => $two_fa['active'],
|
552 |
'enabled' => $two_fa['enabled'],
|
574 |
if ( $this->is_pro() ) {
|
575 |
$menu_title = esc_html__( 'Defender Pro', 'wpdef' );
|
576 |
} else {
|
577 |
+
// Check if it's Pro but user logged the WPMU Dashboard out.
|
578 |
require_once ABSPATH . 'wp-admin/includes/plugin.php';
|
579 |
$menu_title = file_exists( WP_PLUGIN_DIR . DIRECTORY_SEPARATOR . 'wp-defender/wp-defender.php' )
|
580 |
&& is_plugin_active( 'wp-defender/wp-defender.php' )
|
586 |
}
|
587 |
|
588 |
/**
|
589 |
+
* Check if user is a paid one in WPMU DEV.
|
590 |
*
|
591 |
* @return bool
|
592 |
*/
|
623 |
* @return array Plugin details: name, id.
|
624 |
*/
|
625 |
public function get_plugin_details() {
|
626 |
+
|
627 |
return get_file_data(
|
628 |
WP_DEFENDER_FILE,
|
629 |
array(
|
630 |
+
'name' => 'Plugin Name',
|
631 |
+
'id' => 'WDP ID',
|
632 |
)
|
633 |
);
|
634 |
}
|
635 |
|
636 |
+
/**
|
637 |
+
* Check if user is a WPMU DEV admin.
|
638 |
+
* @since 2.6.3
|
639 |
+
*
|
640 |
+
* @return bool
|
641 |
+
*/
|
642 |
+
public function is_wpmu_dev_admin() {
|
643 |
+
if (
|
644 |
+
class_exists( 'WPMUDEV_Dashboard' )
|
645 |
+
&& method_exists( 'WPMUDEV_Dashboard_Site', 'allowed_user' )
|
646 |
+
) {
|
647 |
+
$user_id = get_current_user_id();
|
648 |
+
|
649 |
+
return \WPMUDEV_Dashboard::$site->allowed_user( $user_id );
|
650 |
+
}
|
651 |
+
|
652 |
+
return false;
|
653 |
+
}
|
654 |
}
|
src/class-admin.php
CHANGED
@@ -213,7 +213,7 @@ class Admin {
|
|
213 |
|
214 |
// Register the current plugin.
|
215 |
do_action(
|
216 |
-
'
|
217 |
/* 1 Plugin ID */ DEFENDER_PLUGIN_BASENAME,
|
218 |
/* 2 Plugin Title */ 'Defender',
|
219 |
/* 3 https://wordpress.org */ '/plugins/defender-security/',
|
@@ -325,13 +325,19 @@ class Admin {
|
|
325 |
if ( ! get_site_option( 'wp_defender_show_black_friday' ) ) {
|
326 |
return;
|
327 |
}
|
328 |
-
//
|
329 |
-
if (
|
|
|
|
|
|
|
|
|
|
|
330 |
return;
|
331 |
}
|
332 |
// After 6 December.
|
333 |
if ( date_create( date_i18n( 'd-m-Y' ) ) >= date_create( date_i18n( '06-12-Y' ) ) ) {
|
334 |
delete_site_option( 'wp_defender_show_black_friday' );
|
|
|
335 |
return;
|
336 |
}
|
337 |
|
213 |
|
214 |
// Register the current plugin.
|
215 |
do_action(
|
216 |
+
'wdev_register_plugin',
|
217 |
/* 1 Plugin ID */ DEFENDER_PLUGIN_BASENAME,
|
218 |
/* 2 Plugin Title */ 'Defender',
|
219 |
/* 3 https://wordpress.org */ '/plugins/defender-security/',
|
325 |
if ( ! get_site_option( 'wp_defender_show_black_friday' ) ) {
|
326 |
return;
|
327 |
}
|
328 |
+
// Hide if White Label is enabled.
|
329 |
+
if ( ! is_main_site() || apply_filters( 'wpmudev_branding_hide_branding', false ) ) {
|
330 |
+
return;
|
331 |
+
}
|
332 |
+
// Show only to WPMU DEV admins.
|
333 |
+
$wpmu_dev = new WPMUDEV();
|
334 |
+
if ( ! $wpmu_dev->is_wpmu_dev_admin() ) {
|
335 |
return;
|
336 |
}
|
337 |
// After 6 December.
|
338 |
if ( date_create( date_i18n( 'd-m-Y' ) ) >= date_create( date_i18n( '06-12-Y' ) ) ) {
|
339 |
delete_site_option( 'wp_defender_show_black_friday' );
|
340 |
+
|
341 |
return;
|
342 |
}
|
343 |
|
src/upgrader.php
CHANGED
@@ -251,7 +251,7 @@ class Upgrader {
|
|
251 |
if ( empty( $db_version ) ) {
|
252 |
update_site_option( 'wd_db_version', DEFENDER_DB_VERSION );
|
253 |
// Add Black Friday notice.
|
254 |
-
|
255 |
return;
|
256 |
}
|
257 |
|
@@ -664,6 +664,6 @@ class Upgrader {
|
|
664 |
// Add the "What's new" modal.
|
665 |
update_site_option( 'wd_show_feature_plugin_vulnerability', true );
|
666 |
// Add Black Friday notice.
|
667 |
-
|
668 |
}
|
669 |
}
|
251 |
if ( empty( $db_version ) ) {
|
252 |
update_site_option( 'wd_db_version', DEFENDER_DB_VERSION );
|
253 |
// Add Black Friday notice.
|
254 |
+
update_site_option( 'wp_defender_show_black_friday', true );
|
255 |
return;
|
256 |
}
|
257 |
|
664 |
// Add the "What's new" modal.
|
665 |
update_site_option( 'wd_show_feature_plugin_vulnerability', true );
|
666 |
// Add Black Friday notice.
|
667 |
+
update_site_option( 'wp_defender_show_black_friday', true );
|
668 |
}
|
669 |
}
|
wp-defender.php
CHANGED
@@ -2,7 +2,7 @@
|
|
2 |
/**
|
3 |
* Plugin Name: Defender
|
4 |
* Plugin URI: https://wpmudev.com/project/wp-defender/
|
5 |
-
* Version: 2.6.
|
6 |
* Description: Get regular security scans, vulnerability reports, safety recommendations and customized hardening for your site in just a few clicks. Defender is the analyst and enforcer who never sleeps.
|
7 |
* Author: WPMU DEV
|
8 |
* Author URI: https://wpmudev.com/
|
@@ -15,10 +15,10 @@ if ( ! defined( 'ABSPATH' ) ) {
|
|
15 |
die;
|
16 |
}
|
17 |
if ( ! defined( 'DEFENDER_VERSION' ) ) {
|
18 |
-
define( 'DEFENDER_VERSION', '2.6.
|
19 |
}
|
20 |
if ( ! defined( 'DEFENDER_DB_VERSION' ) ) {
|
21 |
-
define( 'DEFENDER_DB_VERSION', '2.6.
|
22 |
}
|
23 |
if ( ! defined( 'DEFENDER_SUI' ) ) {
|
24 |
define( 'DEFENDER_SUI', '2-11-1' );
|
2 |
/**
|
3 |
* Plugin Name: Defender
|
4 |
* Plugin URI: https://wpmudev.com/project/wp-defender/
|
5 |
+
* Version: 2.6.3
|
6 |
* Description: Get regular security scans, vulnerability reports, safety recommendations and customized hardening for your site in just a few clicks. Defender is the analyst and enforcer who never sleeps.
|
7 |
* Author: WPMU DEV
|
8 |
* Author URI: https://wpmudev.com/
|
15 |
die;
|
16 |
}
|
17 |
if ( ! defined( 'DEFENDER_VERSION' ) ) {
|
18 |
+
define( 'DEFENDER_VERSION', '2.6.3' );
|
19 |
}
|
20 |
if ( ! defined( 'DEFENDER_DB_VERSION' ) ) {
|
21 |
+
define( 'DEFENDER_DB_VERSION', '2.6.3' );
|
22 |
}
|
23 |
if ( ! defined( 'DEFENDER_SUI' ) ) {
|
24 |
define( 'DEFENDER_SUI', '2-11-1' );
|