Defender Security – Malware Scanner, Login Security & Firewall - Version 2.6.3

Version Description

( 2021-11-03 ) =

  • Enhance: White labeling support
Download this release

Release Info

Developer BigTonny
Plugin Icon 128x128 Defender Security – Malware Scanner, Login Security & Firewall
Version 2.6.3
Comparing to
See all releases

Code changes from version 2.6.2 to 2.6.3

Files changed (12) hide show
  1. assets/img/modal-google-recaptcha.png +0 -0
  2. assets/img/modal-google-recaptcha@2x.png +0 -0
  3. assets/img/modal-new-256.png +0 -0
  4. assets/img/modal-new-256@2x.png +0 -0
  5. assets/img/modal-user-agent.png +0 -0
  6. assets/img/modal-user-agent@2x.png +0 -0
  7. languages/wpdef-default.pot +14 -14
  8. readme.txt +6 -19
  9. src/behavior/wpmudev.php +60 -30
  10. src/class-admin.php +9 -3
  11. src/upgrader.php +2 -2
  12. wp-defender.php +3 -3
assets/img/modal-google-recaptcha.png ADDED
Binary file
assets/img/modal-google-recaptcha@2x.png ADDED
Binary file
assets/img/modal-new-256.png ADDED
Binary file
assets/img/modal-new-256@2x.png ADDED
Binary file
assets/img/modal-user-agent.png ADDED
Binary file
assets/img/modal-user-agent@2x.png ADDED
Binary file
languages/wpdef-default.pot CHANGED
@@ -6,9 +6,9 @@
6
  #, fuzzy
7
  msgid ""
8
  msgstr ""
9
- "Project-Id-Version: wp-defender 2.6.2\n"
10
  "Report-Msgid-Bugs-To: \n"
11
- "POT-Creation-Date: 2021-11-01 09:34+0200\n"
12
  "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
13
  "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
14
  "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -205,18 +205,18 @@ msgid ""
205
  "know in a single email - just for users of Defender!"
206
  msgstr ""
207
 
208
- #: free/wpmudev.php:157 src/behavior/wpmudev.php:227
209
  msgid "here"
210
  msgstr ""
211
 
212
- #: free/wpmudev.php:162 src/behavior/wpmudev.php:232
213
  #, php-format
214
  msgid ""
215
  "WPMU DEV Dashboard will be required for this action. Please visit %s and "
216
  "install the WPMU DEV Dashboard."
217
  msgstr ""
218
 
219
- #: free/wpmudev.php:519 src/behavior/wpmudev.php:589
220
  #: src/model/setting/scan.php:61
221
  #: front/src/module/scan/screen/_settings-free.vue:28
222
  #: front/src/module/scan/screen/_settings.vue:28
@@ -224,21 +224,21 @@ msgstr ""
224
  msgid "File change detection"
225
  msgstr ""
226
 
227
- #: free/wpmudev.php:520 src/behavior/wpmudev.php:590
228
  #: src/model/setting/scan.php:62
229
  #: front/src/module/scan/screen/_settings-free.vue:43
230
  #: front/src/module/scan/screen/_settings.vue:43
231
  msgid "Scan core files"
232
  msgstr ""
233
 
234
- #: free/wpmudev.php:521 src/behavior/wpmudev.php:591
235
  #: src/model/setting/scan.php:63
236
  #: front/src/module/scan/screen/_settings-free.vue:50
237
  #: front/src/module/scan/screen/_settings.vue:50
238
  msgid "Scan plugin files"
239
  msgstr ""
240
 
241
- #: free/wpmudev.php:522 src/behavior/wpmudev.php:592
242
  #: src/model/setting/scan.php:64 front/src/module/scan/screen/_issues.vue:14
243
  #: front/src/module/scan/screen/_settings-free.vue:65
244
  #: front/src/module/scan/screen/_settings.vue:64
@@ -246,7 +246,7 @@ msgstr ""
246
  msgid "Known vulnerabilities"
247
  msgstr ""
248
 
249
- #: free/wpmudev.php:523 src/behavior/wpmudev.php:593
250
  #: front/src/module/scan/screen/_issues.vue:15
251
  #: front/src/module/scan/screen/_settings-free.vue:84
252
  #: front/src/module/scan/screen/_settings.vue:80
@@ -254,12 +254,12 @@ msgstr ""
254
  msgid "Suspicious code"
255
  msgstr ""
256
 
257
- #: free/wpmudev.php:564 free/wpmudev.php:570 src/behavior/wpmudev.php:634
258
  #: src/behavior/wpmudev.php:640 src/component/scan.php:394
259
  msgid "Defender Pro"
260
  msgstr ""
261
 
262
- #: free/wpmudev.php:571 src/behavior/wpmudev.php:641
263
  #: src/view/ip-lockout/locked.php:135
264
  msgid "Defender"
265
  msgstr ""
@@ -584,17 +584,17 @@ msgstr ""
584
  msgid "Maybe later"
585
  msgstr ""
586
 
587
- #: src/class-admin.php:346
588
  msgid "Black Friday Offer!"
589
  msgstr ""
590
 
591
- #: src/class-admin.php:347
592
  msgid ""
593
  "Get 11 Pro plugins on unlimited sites and much more with 50% OFF WPMU DEV "
594
  "Agency plan FOREVER"
595
  msgstr ""
596
 
597
- #: src/class-admin.php:348
598
  msgid "*Only admin users can see this message"
599
  msgstr ""
600
 
6
  #, fuzzy
7
  msgid ""
8
  msgstr ""
9
+ "Project-Id-Version: wp-defender 2.6.3\n"
10
  "Report-Msgid-Bugs-To: \n"
11
+ "POT-Creation-Date: 2021-11-03 12:34+0200\n"
12
  "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
13
  "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
14
  "Language-Team: LANGUAGE <LL@li.org>\n"
205
  "know in a single email - just for users of Defender!"
206
  msgstr ""
207
 
208
+ #: free/wpmudev.php:167 src/behavior/wpmudev.php:226
209
  msgid "here"
210
  msgstr ""
211
 
212
+ #: free/wpmudev.php:172 src/behavior/wpmudev.php:231
213
  #, php-format
214
  msgid ""
215
  "WPMU DEV Dashboard will be required for this action. Please visit %s and "
216
  "install the WPMU DEV Dashboard."
217
  msgstr ""
218
 
219
+ #: free/wpmudev.php:530 src/behavior/wpmudev.php:589
220
  #: src/model/setting/scan.php:61
221
  #: front/src/module/scan/screen/_settings-free.vue:28
222
  #: front/src/module/scan/screen/_settings.vue:28
224
  msgid "File change detection"
225
  msgstr ""
226
 
227
+ #: free/wpmudev.php:531 src/behavior/wpmudev.php:590
228
  #: src/model/setting/scan.php:62
229
  #: front/src/module/scan/screen/_settings-free.vue:43
230
  #: front/src/module/scan/screen/_settings.vue:43
231
  msgid "Scan core files"
232
  msgstr ""
233
 
234
+ #: free/wpmudev.php:532 src/behavior/wpmudev.php:591
235
  #: src/model/setting/scan.php:63
236
  #: front/src/module/scan/screen/_settings-free.vue:50
237
  #: front/src/module/scan/screen/_settings.vue:50
238
  msgid "Scan plugin files"
239
  msgstr ""
240
 
241
+ #: free/wpmudev.php:533 src/behavior/wpmudev.php:592
242
  #: src/model/setting/scan.php:64 front/src/module/scan/screen/_issues.vue:14
243
  #: front/src/module/scan/screen/_settings-free.vue:65
244
  #: front/src/module/scan/screen/_settings.vue:64
246
  msgid "Known vulnerabilities"
247
  msgstr ""
248
 
249
+ #: free/wpmudev.php:534 src/behavior/wpmudev.php:593
250
  #: front/src/module/scan/screen/_issues.vue:15
251
  #: front/src/module/scan/screen/_settings-free.vue:84
252
  #: front/src/module/scan/screen/_settings.vue:80
254
  msgid "Suspicious code"
255
  msgstr ""
256
 
257
+ #: free/wpmudev.php:575 free/wpmudev.php:581 src/behavior/wpmudev.php:634
258
  #: src/behavior/wpmudev.php:640 src/component/scan.php:394
259
  msgid "Defender Pro"
260
  msgstr ""
261
 
262
+ #: free/wpmudev.php:582 src/behavior/wpmudev.php:641
263
  #: src/view/ip-lockout/locked.php:135
264
  msgid "Defender"
265
  msgstr ""
584
  msgid "Maybe later"
585
  msgstr ""
586
 
587
+ #: src/class-admin.php:352
588
  msgid "Black Friday Offer!"
589
  msgstr ""
590
 
591
+ #: src/class-admin.php:353
592
  msgid ""
593
  "Get 11 Pro plugins on unlimited sites and much more with 50% OFF WPMU DEV "
594
  "Agency plan FOREVER"
595
  msgstr ""
596
 
597
+ #: src/class-admin.php:354
598
  msgid "*Only admin users can see this message"
599
  msgstr ""
600
 
readme.txt CHANGED
@@ -1,13 +1,13 @@
1
  === Defender Security - Malware Scanner, Login Security & Firewall ===
2
  Plugin Name: Defender Security - Malware Scanner, Login Security & Firewall
3
- Version: 2.6.2
4
  Author: WPMU DEV
5
  Author URI: https://wpmudev.com/
6
  Contributors: WPMUDEV
7
  Tags: security plugin, security, firewall, malware, malware scanner, antivirus, ip blocking, login security, brute force attacks, two-factor authentication, activity log, audit logs, block hackers, 2fa, hack
8
  Requires at least: 5.2
9
  Tested up to: 5.8.1
10
- Stable tag: 2.6.2
11
  Requires PHP: 5.6.20
12
  License: GPL v2 - http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
13
 
@@ -240,6 +240,10 @@ Please open a new thread in Defender’s [support forum](https://wordpress.org/s
240
 
241
  == Changelog ==
242
 
 
 
 
 
243
  = 2.6.2 ( 2021-11-01 ) =
244
 
245
  - New: Plugin vulnerability warnings
@@ -355,23 +359,6 @@ Please open a new thread in Defender’s [support forum](https://wordpress.org/s
355
  - Fix: Console error on Mask Login page
356
  - Fix: Change reCaptcha to reCAPTCHA
357
 
358
- = 2.5.4 ( 2021-06-28 ) =
359
-
360
- - New: Google reCAPTCHA for WordPress login/register/password reset pages
361
- - New: Highlight new features in welcome modal
362
- - Enhance: Compatibility with WordPress 5.8
363
- - Enhance: Update WP-CLI scan options
364
- - Enhance: Tools dashboard widget
365
- - Fix: Locations feature not working on Flywheel hosting
366
- - Fix: Warnings with PHP version 7.4
367
- - Fix: Password reset page showing if users from any subsite try to save pwned password
368
- - Fix: Guest User under Malware Scanning Notification
369
- - Fix: Various issues with notifications in Defender
370
- - Fix: Can't update email when mask login enabled
371
- - Fix: Minor typo in Dashboard modal
372
- - Fix: Issue Details section not showing code
373
- - Fix: Hide notice on Configs page
374
-
375
 
376
  [Changelog for previous versions](https://wpmudev.com/project/wp-defender/#view-changelog).
377
 
1
  === Defender Security - Malware Scanner, Login Security & Firewall ===
2
  Plugin Name: Defender Security - Malware Scanner, Login Security & Firewall
3
+ Version: 2.6.3
4
  Author: WPMU DEV
5
  Author URI: https://wpmudev.com/
6
  Contributors: WPMUDEV
7
  Tags: security plugin, security, firewall, malware, malware scanner, antivirus, ip blocking, login security, brute force attacks, two-factor authentication, activity log, audit logs, block hackers, 2fa, hack
8
  Requires at least: 5.2
9
  Tested up to: 5.8.1
10
+ Stable tag: 2.6.3
11
  Requires PHP: 5.6.20
12
  License: GPL v2 - http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
13
 
240
 
241
  == Changelog ==
242
 
243
+ = 2.6.3 ( 2021-11-03 ) =
244
+
245
+ - Enhance: White labeling support
246
+
247
  = 2.6.2 ( 2021-11-01 ) =
248
 
249
  - New: Plugin vulnerability warnings
359
  - Fix: Console error on Mask Login page
360
  - Fix: Change reCaptcha to reCAPTCHA
361
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
362
 
363
  [Changelog for previous versions](https://wpmudev.com/project/wp-defender/#view-changelog).
364
 
src/behavior/wpmudev.php CHANGED
@@ -30,22 +30,22 @@ use WP_Defender\Traits\Formats;
30
  class WPMUDEV extends Behavior {
31
  use IO, Formats;
32
 
33
- const API_SCAN_SIGNATURE = 'yara_scan', API_SCAN_KNOWN_VULN = 'known_vulnerability';
34
- const API_AUDIT = 'audit_logging', API_AUDIT_ADD = 'audit_logging_add';
35
- const API_BLACKLIST = 'blacklist', API_WAF = 'waf', API_HUB_SYNC = 'hub_sync';
 
36
 
37
  /**
38
- * Get membership status
39
  *
40
  * @return bool
41
- * @method
42
  */
43
  public function is_pro() {
44
  return false;
45
  }
46
 
47
  /**
48
- * Get WPMUDEV API KEY
49
  *
50
  * @return bool|string
51
  */
@@ -73,7 +73,8 @@ class WPMUDEV extends Behavior {
73
  }
74
 
75
  /**
76
- * Return the high contrast css class if it is
 
77
  * @return string
78
  */
79
  public function maybe_high_contrast() {
@@ -97,7 +98,7 @@ class WPMUDEV extends Behavior {
97
  case self::API_SCAN_SIGNATURE:
98
  return "{$base}api/defender/v1/yara-signatures";
99
  case self::API_AUDIT:
100
- //this is from another endpoint
101
  $base = defined( 'WPMUDEV_CUSTOM_AUDIT_SERVER' )
102
  ? constant( 'WPMUDEV_CUSTOM_AUDIT_SERVER' )
103
  : 'https://audit.wpmudev.org/';
@@ -115,14 +116,17 @@ class WPMUDEV extends Behavior {
115
  $site_id = $this->get_site_id();
116
 
117
  return "{$base}api/hub/v1/sites/$site_id/modules/hosting";
118
- case self::API_HUB_SYNC :
 
 
119
  default:
120
  return 'https://wpmudev.com/api/defender/v1/scan-results';
121
  }
122
  }
123
 
124
  /**
125
- * Get WPMUDEV site id
 
126
  * @return bool
127
  */
128
  public function get_site_id() {
@@ -130,6 +134,7 @@ class WPMUDEV extends Behavior {
130
  }
131
 
132
  /**
 
133
  * @return bool
134
  */
135
  public function is_whitelabel_enabled() {
@@ -137,7 +142,12 @@ class WPMUDEV extends Behavior {
137
  }
138
 
139
  /**
 
 
 
 
140
  * @return bool
 
141
  */
142
  public function show_support_links() {
143
  return false;
@@ -186,7 +196,7 @@ class WPMUDEV extends Behavior {
186
  if ( ! $recheck ) {
187
  return $request;
188
  }
189
- //sometimes a response comes with a curl error #52 so should delete Authorization header
190
  $args['headers'] = array( 'apikey' => $api_key );
191
  $request = wp_remote_request( $this->get_endpoint( $scenario ), $args );
192
  if ( is_wp_error( $request ) ) {
@@ -206,7 +216,7 @@ class WPMUDEV extends Behavior {
206
  }
207
 
208
  /**
209
- * This will build data relate to scan module so we can push to hub.
210
  * @since 2.5.0 remove 'theme_integrity'
211
  * @since 2.4.7 add 'theme_integrity', 'plugin_integrity' args
212
  *
@@ -216,7 +226,7 @@ class WPMUDEV extends Behavior {
216
  $scan = Scan::get_last();
217
  $scan_result = array(
218
  'core_integrity' => 0,
219
- //leave for migration to 2.5.0
220
  'theme_integrity' => 0,
221
  'plugin_integrity' => 0,
222
  'vulnerability_db' => 0,
@@ -231,7 +241,7 @@ class WPMUDEV extends Behavior {
231
  $data = $scan->prepare_issues();
232
 
233
  $scan_result['core_integrity'] = $data['count_core'];
234
- //leave for migration to 2.5.0
235
  $scan_result['theme_integrity'] = 0;
236
  $scan_result['plugin_integrity'] = $data['count_plugin'];
237
  $scan_result['vulnerability_db'] = $data['count_vuln'];
@@ -259,7 +269,7 @@ class WPMUDEV extends Behavior {
259
  'scan_result' => $scan_result,
260
  'scan_schedule' => array(
261
  'is_activated' => Notification::STATUS_ACTIVE === $report->status,
262
- //example of frequency, day, time in build_notification_hub_data() method
263
  'time' => $report->time,
264
  'day' => $this->get_notification_day( $report ),
265
  'frequency' => $this->backward_frequency_compatibility( $report->frequency ),
@@ -280,7 +290,8 @@ class WPMUDEV extends Behavior {
280
  }
281
 
282
  /**
283
- * Build data for security tweaks
 
284
  * @return array
285
  */
286
  protected function build_security_tweaks_hub_data() {
@@ -355,7 +366,7 @@ class WPMUDEV extends Behavior {
355
 
356
  $query = new \WP_User_Query(
357
  array(
358
- //look over the network
359
  'blog_id' => 0,
360
  'meta_key' => 'defenderAuthOn',
361
  'meta_value' => true,
@@ -401,7 +412,7 @@ class WPMUDEV extends Behavior {
401
  } elseif ( 'weekly' === $module_report->frequency ) {
402
  $day = $module_report->day;
403
  } else {
404
- //for 'monthly'
405
  $day = $module_report->day_n;
406
  }
407
 
@@ -424,7 +435,7 @@ class WPMUDEV extends Behavior {
424
  'file_scanning' => array(
425
  'active' => true,
426
  'enabled' => Notification::STATUS_ACTIVE === $malware_report->status,
427
- //Report enabled Bool
428
  'frequency' => array(
429
  'frequency' => $this->backward_frequency_compatibility( $malware_report->frequency ),
430
  'day' => $this->get_notification_day( $malware_report ),
@@ -441,10 +452,10 @@ class WPMUDEV extends Behavior {
441
  ),
442
  ),
443
  'ip_lockouts' => array(
444
- //always true as we have blacklist listening
445
  'active' => true,
446
  'enabled' => Notification::STATUS_ACTIVE === $firewall_report->status,
447
- //Report enabled Bool
448
  'frequency' => array(
449
  'frequency' => $this->backward_frequency_compatibility( $firewall_report->frequency ),
450
  'day' => $this->get_notification_day( $firewall_report ),
@@ -491,13 +502,13 @@ class WPMUDEV extends Behavior {
491
  $sec_headers = $this->build_security_headers_hub_data();
492
 
493
  $data = array(
494
- //domain name
495
  'domain' => network_home_url(),
496
- //last scan date
497
  'timestamp' => $scan_data['timestamp'],
498
- //scan issue count
499
  'warnings' => $scan_data['warning'],
500
- //security tweaks issue count
501
  'cautions' => $tweaks_data['cautions'],
502
  'data_version' => '20170801',
503
  'scan_data' => json_encode(
@@ -535,7 +546,7 @@ class WPMUDEV extends Behavior {
535
  'lockout_404' => $firewall_data['nf_week'],
536
  'total_lockout' => (int) $firewall_data['lp_week'] + (int) $firewall_data['nf_week'],
537
  'advanced' => array(
538
- //this is moved but still keep here for backward compatibility
539
  'multi_factors_auth' => array(
540
  'active' => $two_fa['active'],
541
  'enabled' => $two_fa['enabled'],
@@ -563,7 +574,7 @@ class WPMUDEV extends Behavior {
563
  if ( $this->is_pro() ) {
564
  $menu_title = esc_html__( 'Defender Pro', 'wpdef' );
565
  } else {
566
- // Check if it's Pro but user logged the WPMU Dashboard out
567
  require_once ABSPATH . 'wp-admin/includes/plugin.php';
568
  $menu_title = file_exists( WP_PLUGIN_DIR . DIRECTORY_SEPARATOR . 'wp-defender/wp-defender.php' )
569
  && is_plugin_active( 'wp-defender/wp-defender.php' )
@@ -575,7 +586,7 @@ class WPMUDEV extends Behavior {
575
  }
576
 
577
  /**
578
- * Check if user is a paid one in WPMU DEV
579
  *
580
  * @return bool
581
  */
@@ -612,13 +623,32 @@ class WPMUDEV extends Behavior {
612
  * @return array Plugin details: name, id.
613
  */
614
  public function get_plugin_details() {
 
615
  return get_file_data(
616
  WP_DEFENDER_FILE,
617
  array(
618
- 'name' => 'Plugin Name',
619
- 'id' => 'WDP ID',
620
  )
621
  );
622
  }
623
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
624
  }
30
  class WPMUDEV extends Behavior {
31
  use IO, Formats;
32
 
33
+ const API_SCAN_SIGNATURE = 'yara_scan', API_SCAN_KNOWN_VULN = 'known_vulnerability';
34
+ const API_AUDIT = 'audit_logging', API_AUDIT_ADD = 'audit_logging_add';
35
+ const API_BLACKLIST = 'blacklist', API_WAF = 'waf', API_HUB_SYNC = 'hub_sync';
36
+ const API_PACKAGE_CONFIGS = 'package_configs';
37
 
38
  /**
39
+ * Get membership status.
40
  *
41
  * @return bool
 
42
  */
43
  public function is_pro() {
44
  return false;
45
  }
46
 
47
  /**
48
+ * Get WPMUDEV API KEY.
49
  *
50
  * @return bool|string
51
  */
73
  }
74
 
75
  /**
76
+ * Return the high contrast css class if it is.
77
+ *
78
  * @return string
79
  */
80
  public function maybe_high_contrast() {
98
  case self::API_SCAN_SIGNATURE:
99
  return "{$base}api/defender/v1/yara-signatures";
100
  case self::API_AUDIT:
101
+ // This is from another endpoint.
102
  $base = defined( 'WPMUDEV_CUSTOM_AUDIT_SERVER' )
103
  ? constant( 'WPMUDEV_CUSTOM_AUDIT_SERVER' )
104
  : 'https://audit.wpmudev.org/';
116
  $site_id = $this->get_site_id();
117
 
118
  return "{$base}api/hub/v1/sites/$site_id/modules/hosting";
119
+ case self::API_PACKAGE_CONFIGS:
120
+ return "{$base}api/hub/v1/package-configs";
121
+ case self::API_HUB_SYNC:
122
  default:
123
  return 'https://wpmudev.com/api/defender/v1/scan-results';
124
  }
125
  }
126
 
127
  /**
128
+ * Get WPMUDEV site id.
129
+ *
130
  * @return bool
131
  */
132
  public function get_site_id() {
134
  }
135
 
136
  /**
137
+ * @since 2.5.5 Use Whitelabel filters instead of calling the whitelabel functions directly.
138
  * @return bool
139
  */
140
  public function is_whitelabel_enabled() {
142
  }
143
 
144
  /**
145
+ * Show support links if:
146
+ * plugin version isn't Free,
147
+ * Whitelabel is disabled.
148
+ *
149
  * @return bool
150
+ * @since 2.5.5
151
  */
152
  public function show_support_links() {
153
  return false;
196
  if ( ! $recheck ) {
197
  return $request;
198
  }
199
+ // Sometimes a response comes with a curl error #52 so should delete Authorization header.
200
  $args['headers'] = array( 'apikey' => $api_key );
201
  $request = wp_remote_request( $this->get_endpoint( $scenario ), $args );
202
  if ( is_wp_error( $request ) ) {
216
  }
217
 
218
  /**
219
+ * This will build data relate to scan module, so we can push to hub.
220
  * @since 2.5.0 remove 'theme_integrity'
221
  * @since 2.4.7 add 'theme_integrity', 'plugin_integrity' args
222
  *
226
  $scan = Scan::get_last();
227
  $scan_result = array(
228
  'core_integrity' => 0,
229
+ // Leave for migration to 2.5.0.
230
  'theme_integrity' => 0,
231
  'plugin_integrity' => 0,
232
  'vulnerability_db' => 0,
241
  $data = $scan->prepare_issues();
242
 
243
  $scan_result['core_integrity'] = $data['count_core'];
244
+ // Leave for migration to 2.5.0.
245
  $scan_result['theme_integrity'] = 0;
246
  $scan_result['plugin_integrity'] = $data['count_plugin'];
247
  $scan_result['vulnerability_db'] = $data['count_vuln'];
269
  'scan_result' => $scan_result,
270
  'scan_schedule' => array(
271
  'is_activated' => Notification::STATUS_ACTIVE === $report->status,
272
+ // Example of frequency, day, time in build_notification_hub_data() method.
273
  'time' => $report->time,
274
  'day' => $this->get_notification_day( $report ),
275
  'frequency' => $this->backward_frequency_compatibility( $report->frequency ),
290
  }
291
 
292
  /**
293
+ * Build data for security tweaks.
294
+ *
295
  * @return array
296
  */
297
  protected function build_security_tweaks_hub_data() {
366
 
367
  $query = new \WP_User_Query(
368
  array(
369
+ // Look over the network.
370
  'blog_id' => 0,
371
  'meta_key' => 'defenderAuthOn',
372
  'meta_value' => true,
412
  } elseif ( 'weekly' === $module_report->frequency ) {
413
  $day = $module_report->day;
414
  } else {
415
+ // For 'monthly'.
416
  $day = $module_report->day_n;
417
  }
418
 
435
  'file_scanning' => array(
436
  'active' => true,
437
  'enabled' => Notification::STATUS_ACTIVE === $malware_report->status,
438
+ // Report enabled bool value.
439
  'frequency' => array(
440
  'frequency' => $this->backward_frequency_compatibility( $malware_report->frequency ),
441
  'day' => $this->get_notification_day( $malware_report ),
452
  ),
453
  ),
454
  'ip_lockouts' => array(
455
+ // Always true as we have blacklist listening.
456
  'active' => true,
457
  'enabled' => Notification::STATUS_ACTIVE === $firewall_report->status,
458
+ // Report enabled bool value.
459
  'frequency' => array(
460
  'frequency' => $this->backward_frequency_compatibility( $firewall_report->frequency ),
461
  'day' => $this->get_notification_day( $firewall_report ),
502
  $sec_headers = $this->build_security_headers_hub_data();
503
 
504
  $data = array(
505
+ // Domain name.
506
  'domain' => network_home_url(),
507
+ // Last scan date.
508
  'timestamp' => $scan_data['timestamp'],
509
+ // Scan issue count.
510
  'warnings' => $scan_data['warning'],
511
+ // Security tweaks issue count.
512
  'cautions' => $tweaks_data['cautions'],
513
  'data_version' => '20170801',
514
  'scan_data' => json_encode(
546
  'lockout_404' => $firewall_data['nf_week'],
547
  'total_lockout' => (int) $firewall_data['lp_week'] + (int) $firewall_data['nf_week'],
548
  'advanced' => array(
549
+ // This is moved but still keep here for backward compatibility.
550
  'multi_factors_auth' => array(
551
  'active' => $two_fa['active'],
552
  'enabled' => $two_fa['enabled'],
574
  if ( $this->is_pro() ) {
575
  $menu_title = esc_html__( 'Defender Pro', 'wpdef' );
576
  } else {
577
+ // Check if it's Pro but user logged the WPMU Dashboard out.
578
  require_once ABSPATH . 'wp-admin/includes/plugin.php';
579
  $menu_title = file_exists( WP_PLUGIN_DIR . DIRECTORY_SEPARATOR . 'wp-defender/wp-defender.php' )
580
  && is_plugin_active( 'wp-defender/wp-defender.php' )
586
  }
587
 
588
  /**
589
+ * Check if user is a paid one in WPMU DEV.
590
  *
591
  * @return bool
592
  */
623
  * @return array Plugin details: name, id.
624
  */
625
  public function get_plugin_details() {
626
+
627
  return get_file_data(
628
  WP_DEFENDER_FILE,
629
  array(
630
+ 'name' => 'Plugin Name',
631
+ 'id' => 'WDP ID',
632
  )
633
  );
634
  }
635
 
636
+ /**
637
+ * Check if user is a WPMU DEV admin.
638
+ * @since 2.6.3
639
+ *
640
+ * @return bool
641
+ */
642
+ public function is_wpmu_dev_admin() {
643
+ if (
644
+ class_exists( 'WPMUDEV_Dashboard' )
645
+ && method_exists( 'WPMUDEV_Dashboard_Site', 'allowed_user' )
646
+ ) {
647
+ $user_id = get_current_user_id();
648
+
649
+ return \WPMUDEV_Dashboard::$site->allowed_user( $user_id );
650
+ }
651
+
652
+ return false;
653
+ }
654
  }
src/class-admin.php CHANGED
@@ -213,7 +213,7 @@ class Admin {
213
 
214
  // Register the current plugin.
215
  do_action(
216
- 'wdev-register-plugin',
217
  /* 1 Plugin ID */ DEFENDER_PLUGIN_BASENAME,
218
  /* 2 Plugin Title */ 'Defender',
219
  /* 3 https://wordpress.org */ '/plugins/defender-security/',
@@ -325,13 +325,19 @@ class Admin {
325
  if ( ! get_site_option( 'wp_defender_show_black_friday' ) ) {
326
  return;
327
  }
328
- // Before 01 November.
329
- if ( date_create( date_i18n( 'd-m-Y' ) ) < date_create( date_i18n( '01-11-Y' ) ) ) {
 
 
 
 
 
330
  return;
331
  }
332
  // After 6 December.
333
  if ( date_create( date_i18n( 'd-m-Y' ) ) >= date_create( date_i18n( '06-12-Y' ) ) ) {
334
  delete_site_option( 'wp_defender_show_black_friday' );
 
335
  return;
336
  }
337
 
213
 
214
  // Register the current plugin.
215
  do_action(
216
+ 'wdev_register_plugin',
217
  /* 1 Plugin ID */ DEFENDER_PLUGIN_BASENAME,
218
  /* 2 Plugin Title */ 'Defender',
219
  /* 3 https://wordpress.org */ '/plugins/defender-security/',
325
  if ( ! get_site_option( 'wp_defender_show_black_friday' ) ) {
326
  return;
327
  }
328
+ // Hide if White Label is enabled.
329
+ if ( ! is_main_site() || apply_filters( 'wpmudev_branding_hide_branding', false ) ) {
330
+ return;
331
+ }
332
+ // Show only to WPMU DEV admins.
333
+ $wpmu_dev = new WPMUDEV();
334
+ if ( ! $wpmu_dev->is_wpmu_dev_admin() ) {
335
  return;
336
  }
337
  // After 6 December.
338
  if ( date_create( date_i18n( 'd-m-Y' ) ) >= date_create( date_i18n( '06-12-Y' ) ) ) {
339
  delete_site_option( 'wp_defender_show_black_friday' );
340
+
341
  return;
342
  }
343
 
src/upgrader.php CHANGED
@@ -251,7 +251,7 @@ class Upgrader {
251
  if ( empty( $db_version ) ) {
252
  update_site_option( 'wd_db_version', DEFENDER_DB_VERSION );
253
  // Add Black Friday notice.
254
- add_site_option( 'wp_defender_show_black_friday', true );
255
  return;
256
  }
257
 
@@ -664,6 +664,6 @@ class Upgrader {
664
  // Add the "What's new" modal.
665
  update_site_option( 'wd_show_feature_plugin_vulnerability', true );
666
  // Add Black Friday notice.
667
- add_site_option( 'wp_defender_show_black_friday', true );
668
  }
669
  }
251
  if ( empty( $db_version ) ) {
252
  update_site_option( 'wd_db_version', DEFENDER_DB_VERSION );
253
  // Add Black Friday notice.
254
+ update_site_option( 'wp_defender_show_black_friday', true );
255
  return;
256
  }
257
 
664
  // Add the "What's new" modal.
665
  update_site_option( 'wd_show_feature_plugin_vulnerability', true );
666
  // Add Black Friday notice.
667
+ update_site_option( 'wp_defender_show_black_friday', true );
668
  }
669
  }
wp-defender.php CHANGED
@@ -2,7 +2,7 @@
2
  /**
3
  * Plugin Name: Defender
4
  * Plugin URI: https://wpmudev.com/project/wp-defender/
5
- * Version: 2.6.2
6
  * Description: Get regular security scans, vulnerability reports, safety recommendations and customized hardening for your site in just a few clicks. Defender is the analyst and enforcer who never sleeps.
7
  * Author: WPMU DEV
8
  * Author URI: https://wpmudev.com/
@@ -15,10 +15,10 @@ if ( ! defined( 'ABSPATH' ) ) {
15
  die;
16
  }
17
  if ( ! defined( 'DEFENDER_VERSION' ) ) {
18
- define( 'DEFENDER_VERSION', '2.6.2' );
19
  }
20
  if ( ! defined( 'DEFENDER_DB_VERSION' ) ) {
21
- define( 'DEFENDER_DB_VERSION', '2.6.2' );
22
  }
23
  if ( ! defined( 'DEFENDER_SUI' ) ) {
24
  define( 'DEFENDER_SUI', '2-11-1' );
2
  /**
3
  * Plugin Name: Defender
4
  * Plugin URI: https://wpmudev.com/project/wp-defender/
5
+ * Version: 2.6.3
6
  * Description: Get regular security scans, vulnerability reports, safety recommendations and customized hardening for your site in just a few clicks. Defender is the analyst and enforcer who never sleeps.
7
  * Author: WPMU DEV
8
  * Author URI: https://wpmudev.com/
15
  die;
16
  }
17
  if ( ! defined( 'DEFENDER_VERSION' ) ) {
18
+ define( 'DEFENDER_VERSION', '2.6.3' );
19
  }
20
  if ( ! defined( 'DEFENDER_DB_VERSION' ) ) {
21
+ define( 'DEFENDER_DB_VERSION', '2.6.3' );
22
  }
23
  if ( ! defined( 'DEFENDER_SUI' ) ) {
24
  define( 'DEFENDER_SUI', '2-11-1' );