Version Description
- Added option to skip scanning the Quarantined files.
- Updated Brute-Force patch to fix the problem of being included more that once.
- Fixed a few minor bugs (better window positioning and css, cleaner results page, updated new help tab, etc.). Made sure that the plugin does not check my servers for updates unless you have registered (this opt-in requirement is part of the WordPress Repository Guidelines).
Download this release
Release Info
Developer | scheeeli |
Plugin | Anti-Malware Security and Brute-Force Firewall |
Version | 4.14.54 |
Comparing to | |
See all releases |
Code changes from version 4.14.53 to 4.14.54
- images/index.php +5 -5
- index.php +45 -41
- languages/gotmls.pot +15 -12
- readme.txt +7 -6
- safe-load/index.php +1 -1
images/index.php
CHANGED
@@ -10,7 +10,7 @@ function GOTMLS_define($DEF, $val) {
|
|
10 |
define($DEF, $val);
|
11 |
}}
|
12 |
|
13 |
-
GOTMLS_define("GOTMLS_Version", "4.14.
|
14 |
GOTMLS_define("GOTMLS_require_version", "3.3");
|
15 |
GOTMLS_define("GOTMLS_plugin_dir", "gotmls");
|
16 |
GOTMLS_define("GOTMLS_local_images_path", dirname(__FILE__)."/");
|
@@ -69,7 +69,6 @@ GOTMLS_define("GOTMLS_Automatically_Fix_LANGUAGE", __("Automatically Fix SELECTE
|
|
69 |
GOTMLS_define("GOTMLS_update_images_path", "/wp-content/plugins/update/images/");
|
70 |
|
71 |
$GLOBALS["GOTMLS"] = array("tmp"=>array("mt"=>((isset($_GET["mt"])&&is_numeric($_GET["mt"]))?$_GET["mt"]:microtime(true)), "default_ext"=>"ieonly.", "skip_ext"=>array("png", "jpg", "jpeg", "gif", "bmp", "tif", "tiff", "psd", "fla", "flv", "mov", "mp3", "exe", "zip", "pdf", "css", "pot", "po", "mo", "so", "doc", "docx", "svg", "ttf")));
|
72 |
-
$GOTMLS_encode .= substr($GLOBALS["GOTMLS"]["tmp"]["default_ext"], 0, 2);
|
73 |
if (isset($_SERVER['HTTP_HOST']))
|
74 |
$SERVER_HTTP = 'HOST://'.$_SERVER['HTTP_HOST'];
|
75 |
elseif (isset($_SERVER['SERVER_NAME']))
|
@@ -747,10 +746,11 @@ function GOTMLS_reset_settings($item, $key) {
|
|
747 |
|
748 |
$GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"] = dirname(GOTMLS_quarantine(__FILE__));
|
749 |
$GLOBALS["GOTMLS"]["tmp"]["default_ext"] .= "com";
|
750 |
-
$GOTMLS_plugin_home = $GLOBALS["GOTMLS"]["tmp"]["protocol"].'//wordpress.'.$GLOBALS["GOTMLS"]["tmp"]["default_ext"];
|
751 |
$GOTMLS_update_home = $GLOBALS["GOTMLS"]["tmp"]["protocol"]."//gotmls.net/";
|
752 |
-
$
|
753 |
-
$
|
|
|
|
|
754 |
|
755 |
function GOTMLS_file_put_contents($file, $content) {
|
756 |
if (function_exists("file_put_contents"))
|
10 |
define($DEF, $val);
|
11 |
}}
|
12 |
|
13 |
+
GOTMLS_define("GOTMLS_Version", "4.14.54");
|
14 |
GOTMLS_define("GOTMLS_require_version", "3.3");
|
15 |
GOTMLS_define("GOTMLS_plugin_dir", "gotmls");
|
16 |
GOTMLS_define("GOTMLS_local_images_path", dirname(__FILE__)."/");
|
69 |
GOTMLS_define("GOTMLS_update_images_path", "/wp-content/plugins/update/images/");
|
70 |
|
71 |
$GLOBALS["GOTMLS"] = array("tmp"=>array("mt"=>((isset($_GET["mt"])&&is_numeric($_GET["mt"]))?$_GET["mt"]:microtime(true)), "default_ext"=>"ieonly.", "skip_ext"=>array("png", "jpg", "jpeg", "gif", "bmp", "tif", "tiff", "psd", "fla", "flv", "mov", "mp3", "exe", "zip", "pdf", "css", "pot", "po", "mo", "so", "doc", "docx", "svg", "ttf")));
|
|
|
72 |
if (isset($_SERVER['HTTP_HOST']))
|
73 |
$SERVER_HTTP = 'HOST://'.$_SERVER['HTTP_HOST'];
|
74 |
elseif (isset($_SERVER['SERVER_NAME']))
|
746 |
|
747 |
$GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"] = dirname(GOTMLS_quarantine(__FILE__));
|
748 |
$GLOBALS["GOTMLS"]["tmp"]["default_ext"] .= "com";
|
|
|
749 |
$GOTMLS_update_home = $GLOBALS["GOTMLS"]["tmp"]["protocol"]."//gotmls.net/";
|
750 |
+
$GOTMLS_plugin_home = $GLOBALS["GOTMLS"]["tmp"]["protocol"].'//wordpress.'.$GLOBALS["GOTMLS"]["tmp"]["default_ext"];
|
751 |
+
$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Default"] = "ECJKF";
|
752 |
+
$GOTMLS_encode .= substr($GLOBALS["GOTMLS"]["tmp"]["default_ext"], 0, 2);
|
753 |
+
$GOTMLS_definitions_array = maybe_unserialize(GOTMLS_decode('YToyOntzOjk6InBvdGVudGlhbCI7YToxMjp7czo0OiJldmFsIjthOjI6e2k6MDtzOjU6IkVBUExxIjtpOjE7czozNToiL1teYS16XC8nIl1ldmFsXChbXlwpXStbJyJcc1wpO10rL2kiO31zOjk6ImF1dGhfcGFzcyI7YToyOntpOjA7czo1OiJDQ0lHRyI7aToxO3M6MjQ6Ii9cJGF1dGhfcGFzc1sgPVx0XSsuKzsvaSI7fXM6MjE6ImRvY3VtZW50LndyaXRlIGlmcmFtZSI7YToyOntpOjA7czo1OiJDQ0lHRyI7aToxO3M6NTI6Ii9kb2N1bWVudFwud3JpdGVcKFsnIl08aWZyYW1lIC4rPFwvaWZyYW1lPlsnIl1cKTsqL2kiO31zOjE1OiJwcmVnX3JlcGxhY2UgL2UiO2E6Mjp7aTowO3M6NToiQ0NJR0ciO2k6MTtzOjUwOiIvcHJlZ19yZXBsYWNlWyBcdF0qXCguK1tcL1wjXHxdW2ldKmVbaV0qWyciXS4rXCkvaSI7fXM6MjA6ImV4ZWMgc3lzdGVtIHBhc3N0aHJ1IjthOjI6e2k6MDtzOjU6IkVBUExnIjtpOjE7czo1MToiLzxcPy4rP2V4ZWNcKC4rP3N5c3RlbVwoLis_cGFzc3RocnVcKC4rZndyaXRlXCguKy9zIjt9czoyOToiRXh0ZXJuYWwgUmVkaXJlY3QgUmV3cml0ZVJ1bGUiO2E6Mjp7aTowO3M6NToiQ0NWRTQiO2k6MTtzOjMwOiIvUmV3cml0ZVJ1bGUgW14gXSsgaHR0cFw6XC9cLy8iO31zOjM1OiJubyBlcnJvcl9yZXBvcnRpbmcgbG9uZyBsaW5lcyBhbG9uZSI7YToyOntpOjA7czo1OiJEMzVCYSI7aToxO3M6Nzk6Ii88XD8ocGhwKSpbXHJcblx0IFxAXSplcnJvcl9yZXBvcnRpbmdcKDBcKTsuKz9bYS16MC05XC9cLVw9JyJcLlxdezIwMDB9Lio_XD8-L2kiO31zOjIyOiJwcm90ZWN0ZWQgYnkgY29weXJpZ2h0IjthOjI6e2k6MDtzOjU6IkQ4TUN3IjtpOjE7czoxMzY6Ii9cL1wqIFRoaXMgZmlsZSBpcyBwcm90ZWN0ZWQgYnkgY29weXJpZ2h0IGxhdyBhbmQgcHJvdmlkZWQgdW5kZXIgbGljZW5zZS4gUmV2ZXJzZSBlbmdpbmVlcmluZyBvZiB0aGlzIGZpbGUgaXMgc3RyaWN0bHkgcHJvaGliaXRlZC4gXCpcLy8iO31zOjE5OiJhIHNwYW4gY29sb3IgRjFFRkU0IjthOjI6e2k6MDtzOjU6IkQ4UkFQIjtpOjE7czoxMTg6Ii9cPGEgW15cPl0rXD5cPHNwYW4gc3R5bGU9ImNvbG9yXDpcI0YxRUZFNDsiXD4oLis_KVw8XC9zcGFuXD5cPFwvYVw-XDxzcGFuIHN0eWxlPSJjb2xvclw6XCNGMUVGRTQ7Ilw-KC4rPylcPFwvc3Bhblw-L2kiO31zOjE3OiJWYXJpYWJsZSBGdW5jdGlvbiI7YToyOntpOjA7czo1OiJFODU2TCI7aToxO3M6Njc6Ii8oPCFcZClcJFtcJFx7XSpbYS16XC1cXzAtOV0rW1x9IFx0XSooXFtbXlxdXStcXVsgXHRdKikqXCguKj9cKVw7L2kiO31zOjExOiJUYWdnZWQgQ29kZSI7YToyOntpOjA7czo1OiJFNExNRyI7aToxO3M6MjQ6Ii9cIyhcdyspXCMuKz9cI1wvXDFcIy9pcyI7fXM6MTU6ImNyZWF0ZV9mdW5jdGlvbiI7YToyOntpOjA7czo1OiJFQVBMbSI7aToxO3M6NzU6Ii8oXCRbYS16XzAtOV0rWz1cc1xAXSspP2NyZWF0ZV9mdW5jdGlvblwoW14sXStbLFxzXStcJFthLXpfMC05XStbXHNcKV0rOyovaSI7fX1zOjk6IndoaXRlbGlzdCI7YToyOntzOjM6InBocCI7YToyMjp7aTowO3M6NToiRUNKS0YiO3M6Mzg6IjU4NzNjZDFjZWE2MTA4MjAyZDIxMzQ3ZjAxZjA0ZGNmTzgxNzI4IjtzOjU6IkQ3NTlwIjtzOjM5OiIwMTM2MzcyOGM4NDNmZjkzZTk2YjY5ODNjZTM4ZWJhNk8xOTU2MTgiO3M6NToiRDVBODMiO3M6Mzg6ImQ1ZjNjOWNhZmYxNGQ1N2M4NjA4ZDc4ZGIwMDk0YmUwTzczNjQzIjtzOjU6IkQ3NUQ5IjtzOjM4OiI1N2FmNDk4MThiYmI5NDlkYzBhYzYzODY3Mzg2NTViYk8yNTg1MiI7czo1OiJEN0pEOSI7czozODoiZDQ5NDA0MjYwZDc5YTRjYzM3NTVjMDBmNTVkZTIwODlPMjU2NjIiO3M6NToiRDhWOEEiO3M6Mzc6Ijg2NjFmZTJiZmE1OTk1ZjU0NmEzMzA0N2U5MDM4NTZjTzExMzYiO3M6NToiRElDRkMiO3M6Mzg6IjgxMjVkNDJjNGJlNTQzZjg3NGVhNWY2YTFiNWJkZTU1TzI1ODk0IjtzOjU6IkRJQ0ZEIjtzOjM5OiJlZGRiNWZkYTc0ZDQxZGJkYWMwMTgxNjc1MzZkOGQ1M08yMzEzMzgiO3M6NToiRElDRkUiO3M6Mzg6ImMxNWE0ZDVjMzgzNDQ0Yjk1ZDI4NTU5ZjgzNDgxMTFkTzIyNTg4IjtzOjU6IkUxUjJ2IjtzOjM4OiJlMjA4MzljNTU5YTY2YzdjZjYyODY1M2JhMjQ4NGVhZU8yNjM5NSI7czo1OiJFMVIyeCI7czozODoiZjMzODJlYzE1YzAzMGJkMzJlMjkzZmFmMzQ5N2UyNTNPMTEyMjYiO3M6NToiRTIzMEMiO3M6Mzc6IjI4YTkyZjQ2NDk4ZDMyYjlhNzRjNTg0N2Y3NWM5MTJlTzczOTkiO3M6NToiRTIzMEMiO3M6Mzc6ImYwMGFhZjAxZmYwMmQ1NzU2YzI2N2JjZjkyMGU0YzI4TzE1NDAiO3M6NToiRTJBTWYiO3M6Mzg6IjU3YzY0N2Q5M2ZiZDQ3ODY4Yjg3YjkyMWJlZTYzYWY4TzI2Mzc2IjtzOjU6IkU1RURvIjtzOjM5OiI4ZTJhZjQ4ODZkYzgxYTVkOTI4OTg2NWJiYjgxM2VkMU8xOTU2MTciO3M6NToiRTVJTlAiO3M6Mzc6ImY4MGQ5ZWY0YjdiZmQ5ZWY1NDJkOTA4N2ExZGIyYWU5TzIwMTAiO3M6NToiRTdFTXYiO3M6Mzg6IjVmOTI3ZjNhOTczMjE4ZDA3ZTQzZWExYzY5ZmMwMzMxTzI2Nzc2IjtzOjU6IkVBNjZsIjtzOjM4OiJhNWIxYTczZTBjNDI5ODk1MDc1MGE4YmNkOTYyN2VhZk8yNjgxMSI7czo1OiJFQ0NFMCI7czozNzoiNjQ5NDRlMjI1MTEzYmUxODM5NGQ1YmMwMWZiM2I1MzdPNzUzMCI7czo1OiJFQ0NFMyI7czozODoiOTdlNDM4ZDZjOWM2NGEyMDJiOTMwNzg2ZDI3NjIwNWJPNjI0NTgiO3M6NToiRUNDRTMiO3M6Mzg6IjY3ZWMxYjE1M2NjM2YzZTM2ZmJlZTU5MDI5YTkzZDRhTzI1OTE0IjtzOjU6IkVDSktGIjt9czoyOiJqcyI7YTozMTp7aTowO3M6NToiRUNIOVgiO3M6Mzc6IjU1NGJjNzZjNzAzNTExODdmNGNlMDVkZGMwMTJhYWVkTzQ3NzYiO3M6NToiRDY2N1giO3M6Mzc6IjlhOWMxMjU4MTRiOTcxNTk4MmQyNDZhMWVlNzgwODRmTzUzNDUiO3M6NToiRDY2N1giO3M6Mzg6ImUzNmEwODYxMjM3NTY0MTIyOTMyMzFhZWFkMTdmMjRmTzM3NjI5IjtzOjU6IkQ3NUFIIjtzOjM3OiJhMzhhYzUyNjY5MjQ5MzhhNGZmNTUxNDM2OWM2YjQwZE80Njc0IjtzOjU6IkQ3NUFKIjtzOjM3OiIxMDQzYTFkN2Q4NGVlNTZmODgzMWE2MGNkZmM1ZGMyOE83MDc3IjtzOjU6IkQ3NURTIjtzOjM4OiI2ZWMxNTBiNzk4N2NhYWVmOThiNTljODdiOWY0NzFiZU8xMTg0MiI7czo1OiJFMVIybiI7czozODoiNjE0N2NjZWU3YWVmOWRjMGM2ZWIxMGQ4ZDdiMzExZjlPNzA4ODMiO3M6NToiRTFSMnciO3M6Mzc6ImJhMzI5Mzk3MGUxM2IwM2EyZWE5MmY1YjZiNWJmNTQ0TzMzNzciO3M6NToiRTIyTnEiO3M6Mzc6IjYzYjBhZWQ5YjAyZjg3OWE2ZTAyOTVmYmVhN2RiODU0TzQ3MDIiO3M6NToiRTIzMEQiO3M6Mzc6ImVmNDE4OGNiMGI2MGE3MjAxN2Y0YzhhMWU4NDBhYjFlTzI5NTAiO3M6NToiRTI0OUwiO3M6Mzc6ImZiOGJmNjc4NWU1NWU5ZTM5YmVhNTUyNjM1YzQyYTY0TzMyNzAiO3M6NToiRTI2MEMiO3M6Mzk6ImFjYjMzMzI5YjllZjhhYWJkOGJkNzMxNDI2ODAzZTRlTzIzMjQ4MiI7czo1OiJFMjYwRSI7czozODoiNmNlYjY0NzU5MjU4OGJjZjQ2M2JlZmQ5NDA4ZTI3YWRPMTIwMjUiO3M6NToiRTI2MEgiO3M6Mzc6IjVhMzE4Mjc3ZmVkZjQ5MWEwMzAxZTE3N2E5ZWYxMGIzTzQ5MDgiO3M6NToiRTI2MEoiO3M6Mzg6ImRiYzM4MDg0NzNkZWYwMGZjZTQ1ZmU1NjRkYzcyZGNiTzE0NzIwIjtzOjU6IkUyNjBLIjtzOjM3OiJiOTg5YTViZDg0ZjZlYmNiYzEzOTNlYzAwM2U2ZTk5MU80OTY5IjtzOjU6IkUyN0VHIjtzOjM4OiIwMzBiODM4OTM3NmE0MmZmM2RhMTg2YmY2NTgwNjIxN08xNjUzMSI7czo1OiJFMjlEMiI7czozNzoiZGVmMjU3ZGJiMGFiODA1YzQ5OTZmZDhhYmIxYTZiNDlPNjcxNyI7czo1OiJFMkg1biI7czozODoiNzRkOTAzMDQ5NjgzZTViYmVhOWNjYjc1NDRhNDJiY2FPMTc0MTMiO3M6NToiRTVFRHEiO3M6Mzg6IjYwM2JkMTQyOTlmNjFhNzMyOWIyZDM1M2IyYjU2YzJmTzM3Njg5IjtzOjU6IkU1RURwIjtzOjM3OiIwNDI2YjM5NzU0YWE2YmM3NjZkODllYTRjNDFiYmQwNk8zNDU3IjtzOjU6IkU1RUR4IjtzOjM4OiJlYWRjNTgzMjUxM2Q1NjcwODg0YTk3NWM2ZGUxMGYwMU8xOTYxNSI7czo1OiJFN1VNQSI7czozODoiMzhkYmNjOTI1NTI5MzY4ODEyZjVjMmZiY2IzODk2MTZPMTQ5NjUiO3M6NToiRTdVTUIiO3M6Mzc6ImExYzE4MjI3ZTZlOTM3OThjNDkzYWVkOTZlZTZjYzg0TzMyNjciO3M6NToiRTdVTUIiO3M6Mzc6IjA3ODM4OGE2NDMxYWE1YjA4MzhhODczMmQxODdmZTI5Tzg5MTMiO3M6NToiRThBQXAiO3M6Mzc6ImYzYjFiMjg0MjQzNmY3YTMxMWIzOWU0ZWY0YjQ3ZjU5TzQzNTIiO3M6NToiRThCQlUiO3M6Mzc6ImQ3MDk0MDYxOWE5OWQ1NTUxMTYxNjdkNGZiMzljYTE1TzQzOTciO3M6NToiRTlDTHgiO3M6Mzg6ImNiZGJmYzkxODRkMjhhYzU1ZjgzYzBiMGRmNDBmZDQzTzc5NDE0IjtzOjU6IkU5RzhqIjtzOjM4OiJlZjNhZTkwMTQ1MjVjZjgxMTg3YWZhYTYxYmNhNzM3ZU8zNzY5MSI7czo1OiJFQ0NFMSI7czozODoiZjQ0OGM1OTNjMjQyZDEzNGU5NzMzYTg0YzdhNGQyNmNPMTUyNDgiO3M6NToiRUNIOVgiO319fQ3'));
|
754 |
|
755 |
function GOTMLS_file_put_contents($file, $content) {
|
756 |
if (function_exists("file_put_contents"))
|
index.php
CHANGED
@@ -8,7 +8,7 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
|
|
8 |
Contributors: scheeeli, gotmls
|
9 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
10 |
Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
|
11 |
-
Version: 4.14.
|
12 |
*/
|
13 |
if (isset($_SERVER["SCRIPT_FILENAME"]) && strlen($_SERVER["SCRIPT_FILENAME"]) > strlen(basename(__FILE__)) && substr(__FILE__, -1 * strlen($_SERVER["SCRIPT_FILENAME"])) == substr($_SERVER["SCRIPT_FILENAME"], -1 * strlen(__FILE__)))
|
14 |
include(dirname(__FILE__)."/safe-load/index.php");
|
@@ -105,7 +105,7 @@ function GOTMLS_admin_add_help_tab() {
|
|
105 |
}
|
106 |
|
107 |
function GOTMLS_display_header($optional_box = "") {
|
108 |
-
global $GOTMLS_onLoad, $GOTMLS_loop_execution_time, $GOTMLS_update_home, $GOTMLS_plugin_home, $
|
109 |
get_currentuserinfo();
|
110 |
$GOTMLS_url_parts = explode('/', GOTMLS_siteurl);
|
111 |
if (isset($_GET["check_site"]) && $_GET["check_site"] == 1)
|
@@ -122,10 +122,9 @@ function GOTMLS_display_header($optional_box = "") {
|
|
122 |
$Update_Link .= wp_nonce_url(self_admin_url('update.php?action=upgrade-plugin&plugin=').$file, 'upgrade-plugin_'.$file);
|
123 |
}
|
124 |
$Update_Link .= "\">$new_version</a></div>";
|
125 |
-
$
|
126 |
-
foreach ($GOTMLS_definitions_versions as $definition_name=>$definition_version)
|
127 |
-
$Definition_Updates .= "&ver[$definition_name]=$definition_version";
|
128 |
echo '
|
|
|
129 |
.rounded-corners {margin: 10px; border-radius: 10px; -moz-border-radius: 10px; -webkit-border-radius: 10px; border: 1px solid #000;}
|
130 |
.shadowed-box {box-shadow: -3px 3px 3px #666; -moz-box-shadow: -3px 3px 3px #666; -webkit-box-shadow: -3px 3px 3px #666;}
|
131 |
.sidebar-box {background-color: #CCC;}
|
@@ -337,17 +336,19 @@ setDiv("div_file");
|
|
337 |
<div id="main-page-title"><h1 style="vertical-align: middle;">Anti-Malware from GOTMLS.NET</h1></div>
|
338 |
<div id="admin-page-container">
|
339 |
<div id="GOTMLS-right-sidebar" style="width: 300px;" class="metabox-holder">
|
340 |
-
'.GOTMLS_box(__("
|
341 |
-
|
|
|
|
|
342 |
<form id="updateform" method="post" name="updateform" action="'.GOTMLS_script_URI.'">
|
343 |
-
<img style="display: none; float: right; margin-right: 14px;" src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="definitions file updated" id="autoUpdateDownload" onclick="
|
344 |
-
|
345 |
<div id="autoUpdateForm" style="display: none;">
|
346 |
-
<input type="submit" name="auto_update" value="'.__("Download new definitions!",'gotmls').'">
|
347 |
</div>
|
348 |
</form>
|
349 |
-
<div id="registerKeyForm" style="display: none;">
|
350 |
-
'.__("If you have not already registered your Key then register now and get instant access to definition updates
|
351 |
<form id="registerform" onsubmit="return sinupFormValidate(this);" action="'.$GOTMLS_update_home.'wp-login.php?action=register" method="post" name="registerform" target="GOTMLS_iFrame"><input type="hidden" name="redirect_to" id="register_redirect_to" value="/donate/"><input type="hidden" name="user_login" id="register_user_login" value="">
|
352 |
<div>'.__("Your Full Name:",'gotmls').'</div>
|
353 |
<div style="float: left; width: 50%;"><input style="width: 100%;" id="first_name" type="text" name="first_name" value="'.$current_user->user_firstname.'" /></div>
|
@@ -363,17 +364,27 @@ setDiv("div_file");
|
|
363 |
<input style="width: 100%;" id="installation_key" type="text" name="installation_key" value="'.GOTMLS_installation_key.'" readonly /><input id="old_key" type="hidden" name="old_key" value="'.md5($GOTMLS_url_parts[2]).'" /></div>
|
364 |
<input style="width: 100%;" id="wp-submit" type="submit" name="wp-submit" value="Register Now!" /></form></div>', "stuffbox").'
|
365 |
<script type="text/javascript">
|
366 |
-
stopCheckingUpdates = checkupdateserver("'.$GOTMLS_plugin_home.GOTMLS_update_images_path.'?js='.$ver_info.'", "findUpdates", "'.str_replace("://", "://www.", $GOTMLS_plugin_home).GOTMLS_update_images_path.'?js='.$ver_info.'");
|
367 |
-
function check_for_updates(
|
|
|
|
|
|
|
|
|
368 |
if (auto_img = document.getElementById("autoUpdateDownload")) {
|
369 |
-
auto_img.style.display="";
|
370 |
check_for_donation(chk);
|
371 |
}
|
372 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
373 |
function check_for_donation(chk) {
|
374 |
if (document.getElementById("autoUpdateDownload").src.replace(/^.+\?/,"")=="0") {
|
375 |
alert(chk+"\\n\\n'.__("Please make a donation for the use of this wonderful feature!",'gotmls').'");
|
376 |
-
if (
|
377 |
window.open("'.$GOTMLS_update_home.GOTMLS_installation_key.'/donate/?donation-source="+chk, "_blank");
|
378 |
} else
|
379 |
alert(chk);
|
@@ -401,36 +412,27 @@ setDiv("div_file");
|
|
401 |
return false;
|
402 |
} else {
|
403 |
document.getElementById("Definition_Updates").innerHTML = \'<img src="'.GOTMLS_images_path.'wait.gif">'.__("Submitting Registration ...",'gotmls').'\';
|
404 |
-
setTimeout(\'stopCheckingDefinitions = checkupdateserver("'.$GOTMLS_update_home.$
|
405 |
showhide("registerKeyForm");
|
406 |
return true;
|
407 |
}
|
408 |
}
|
409 |
-
function downloadUpdates(dUpdates) {
|
410 |
-
foundUpdates = document.getElementById("autoUpdateForm");
|
411 |
-
if (foundUpdates)
|
412 |
-
foundUpdates.style.display = "";
|
413 |
-
}
|
414 |
var divNAtext = false;
|
415 |
function loadGOTMLS() {
|
416 |
clearTimeout(divNAtext);
|
417 |
setDivNAtext();
|
418 |
'.$GOTMLS_onLoad.'
|
419 |
}
|
420 |
-
|
421 |
-
|
422 |
-
|
423 |
-
|
424 |
-
showRegFormTO = setTimeout("showRegForm()", 9000);
|
425 |
-
}
|
426 |
-
showRegFormTO = setTimeout("showRegForm()", 19000);
|
427 |
-
stopCheckingDefinitions = checkupdateserver("'.$GOTMLS_update_home.$Definition_Updates.'&js='.$ver_info.'", "Definition_Updates", "'.str_replace("://", "://www.", $GOTMLS_update_home).$Definition_Updates.'&js='.$ver_info.'");
|
428 |
if (divNAtext)
|
429 |
loadGOTMLS();
|
430 |
else
|
431 |
divNAtext=true;
|
432 |
</script>
|
433 |
-
'.GOTMLS_box(__("
|
434 |
<div id="pastDonations"></div>
|
435 |
<form name="ppdform" id="ppdform" action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">
|
436 |
<input type="hidden" name="cmd" value="_donations">
|
@@ -469,7 +471,7 @@ setDiv("div_file");
|
|
469 |
</div>
|
470 |
</form>
|
471 |
<a target="_blank" href="http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site='.urlencode(GOTMLS_siteurl).'">Google Safe Browsing Diagnostic</a>', "stuffbox").'
|
472 |
-
'.GOTMLS_box(__("Scan Status",'gotmls'), GOTMLS_scan_log(), "stuffbox").'
|
473 |
'.$optional_box.'
|
474 |
</div>';
|
475 |
if (isset($GLOBALS["GOTMLS"]["tmp"]["stuffbox"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["stuffbox"])) {
|
@@ -525,9 +527,7 @@ function GOTMLS_box($bTitle, $bContents, $bType = "postbox") {
|
|
525 |
function GOTMLS_View_Quarantine() {
|
526 |
$entries = GOTMLS_getfiles($GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"]);
|
527 |
GOTMLS_display_header();
|
528 |
-
$Q_Page = '
|
529 |
-
span.GOTMLS_date {float: right; width: 120px; white-space: nowrap;}
|
530 |
-
</style>
|
531 |
<form method="POST" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"><input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1">';
|
532 |
if (is_array($entries) && ($key = array_search(".htaccess", $entries)))
|
533 |
unset($entries[$key]);
|
@@ -907,18 +907,18 @@ showhide("pause_button", true);'."\n/*<!--*"."/";
|
|
907 |
$patch_attr = array(
|
908 |
array(
|
909 |
"icon" => "blocked",
|
910 |
-
"language" => __("
|
911 |
"status" => 'Not Installed',
|
912 |
"action" => 'Install Patch'
|
913 |
),
|
914 |
array(
|
915 |
-
"language" => __("
|
916 |
"action" => 'Uninstall Patch',
|
917 |
"status" => 'Enabled',
|
918 |
"icon" => "checked"
|
919 |
),
|
920 |
array(
|
921 |
-
"language" => __("
|
922 |
"action" => 'Upgrade Patch',
|
923 |
"status" => 'Out of Date',
|
924 |
"icon" => "threat"
|
@@ -954,7 +954,7 @@ showhide("pause_button", true);'."\n/*<!--*"."/";
|
|
954 |
}
|
955 |
$js = urlencode("if(stopSettingSession) clearTimeout(stopSettingSession); if(stopCheckingSession) clearTimeout(stopCheckingSession); showhide('GOTMLS_patch_searching', true); showhide('GOTMLS_patch_searching'); showhide('GOTMLS_patch_button', true);");
|
956 |
$sec_opts = '
|
957 |
-
<p><img src="'.GOTMLS_images_path.'checked.gif"><b>Revolution Slider Exploit Protection (Automatically Enabled)</b></p><div style="padding: 0 30px;">
|
958 |
'.$patch_action.'
|
959 |
<form method="POST" name="GOTMLS_Form_patch"><p style="float: right;"><input type="submit" value="'.$patch_attr[$patch_status]["action"].'" style="'.($patch_status?'">':' display: none;" id="GOTMLS_patch_button"><div id="GOTMLS_patch_searching" style="float: right;">'.__("Checking for session compatability ...",'gotmls').' <img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /></div>').'<input type="hidden" name="GOTMLS_patching" value="1"></p><p><img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"><b>Brute-force Protection '.$patch_attr[$patch_status]["status"].'</b></p><div style="padding: 0 30px;"> * '.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' <a target="_blank" href="http://gotmls.net/tag/wp-login-php/">'.__("read my blog",'gotmls').'</a>.</div></form>
|
960 |
<script type="text/javascript">
|
@@ -984,7 +984,7 @@ function GOTMLS_set_plugin_row_meta($links_array, $plugin_file) {
|
|
984 |
}
|
985 |
|
986 |
function GOTMLS_init() {
|
987 |
-
global $GOTMLS_update_home, $GOTMLS_onLoad, $GOTMLS_threat_levels, $wpdb, $GOTMLS_threats_found, $
|
988 |
if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]))
|
989 |
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = 2;
|
990 |
if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
|
@@ -1013,6 +1013,7 @@ function GOTMLS_init() {
|
|
1013 |
$wpdb->query("DELETE FROM $wpdb->options WHERE `option_name` LIKE 'GOTMLS_known_%' OR `option_name` LIKE 'GOTMLS_definitions_array_%'");
|
1014 |
array_walk($GLOBALS["GOTMLS"]["tmp"]["settings_array"], "GOTMLS_reset_settings");
|
1015 |
}
|
|
|
1016 |
foreach ($GOTMLS_definitions_array as $threat_level=>$definition_names)
|
1017 |
foreach ($definition_names as $definition_name=>$definition_version)
|
1018 |
if (is_array($definition_version))
|
@@ -1020,7 +1021,7 @@ function GOTMLS_init() {
|
|
1020 |
$GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
|
1021 |
if (isset($_POST["UPDATE_definitions_array"])) {
|
1022 |
$GOTnew_definitions = maybe_unserialize(GOTMLS_decode($_POST["UPDATE_definitions_array"]));
|
1023 |
-
$GOTMLS_onLoad .= "
|
1024 |
} elseif (isset($GOTMLS_definitions_array["wp_login"]["brute force possible on wp-login.php"]) && is_array($GOTMLS_definitions_array["wp_login"]["brute force possible on wp-login.php"]) && count($GOTMLS_definitions_array["wp_login"]["brute force possible on wp-login.php"]) == 2 && $GOTMLS_definitions_array["wp_login"]["brute force possible on wp-login.php"][0] == "D4OAB")
|
1025 |
$GOTnew_definitions["wp_login"]["brute force possible on wp-login.php"] = array("D4OAC",'/if \(file_exists\(.+?(\/plugins\/gotmls\/safe-load\.php\')[\)\s]+require\(.+?\1\);/i');
|
1026 |
//elseif (file_exists(GOTMLS_plugin_path.'definitions_update.txt')) $GOTnew_definitions = maybe_unserialize(GOTMLS_decode(file_get_contents(GOTMLS_plugin_path.'definitions_update.txt')));
|
@@ -1038,6 +1039,9 @@ function GOTMLS_init() {
|
|
1038 |
$GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
|
1039 |
}
|
1040 |
asort($GOTMLS_definitions_versions);
|
|
|
|
|
|
|
1041 |
if (isset($_REQUEST["check"]) && is_array($_REQUEST["check"]))
|
1042 |
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $_REQUEST["check"];
|
1043 |
/* $threat_names = array_keys($GOTMLS_definitions_array["known"]);
|
8 |
Contributors: scheeeli, gotmls
|
9 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
10 |
Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
|
11 |
+
Version: 4.14.54
|
12 |
*/
|
13 |
if (isset($_SERVER["SCRIPT_FILENAME"]) && strlen($_SERVER["SCRIPT_FILENAME"]) > strlen(basename(__FILE__)) && substr(__FILE__, -1 * strlen($_SERVER["SCRIPT_FILENAME"])) == substr($_SERVER["SCRIPT_FILENAME"], -1 * strlen(__FILE__)))
|
14 |
include(dirname(__FILE__)."/safe-load/index.php");
|
105 |
}
|
106 |
|
107 |
function GOTMLS_display_header($optional_box = "") {
|
108 |
+
global $GOTMLS_onLoad, $GOTMLS_loop_execution_time, $GOTMLS_update_home, $GOTMLS_plugin_home, $wp_version, $current_user;
|
109 |
get_currentuserinfo();
|
110 |
$GOTMLS_url_parts = explode('/', GOTMLS_siteurl);
|
111 |
if (isset($_GET["check_site"]) && $_GET["check_site"] == 1)
|
122 |
$Update_Link .= wp_nonce_url(self_admin_url('update.php?action=upgrade-plugin&plugin=').$file, 'upgrade-plugin_'.$file);
|
123 |
}
|
124 |
$Update_Link .= "\">$new_version</a></div>";
|
125 |
+
$Update_Div ='<div id="findUpdates" style="display: none;"><center>'.__("Searching for updates ...",'gotmls').'<br /><img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /><br /><input type="button" value="Cancel" onclick="cancelserver(\'findUpdates\');" /></center></div>';
|
|
|
|
|
126 |
echo '
|
127 |
+
span.GOTMLS_date {float: right; width: 120px; white-space: nowrap;}
|
128 |
.rounded-corners {margin: 10px; border-radius: 10px; -moz-border-radius: 10px; -webkit-border-radius: 10px; border: 1px solid #000;}
|
129 |
.shadowed-box {box-shadow: -3px 3px 3px #666; -moz-box-shadow: -3px 3px 3px #666; -webkit-box-shadow: -3px 3px 3px #666;}
|
130 |
.sidebar-box {background-color: #CCC;}
|
336 |
<div id="main-page-title"><h1 style="vertical-align: middle;">Anti-Malware from GOTMLS.NET</h1></div>
|
337 |
<div id="admin-page-container">
|
338 |
<div id="GOTMLS-right-sidebar" style="width: 300px;" class="metabox-holder">
|
339 |
+
'.GOTMLS_box(__("Updates & Registration",'gotmls'), '<ul style=""><li>WordPress: <span class="GOTMLS_date">'.$wp_version.'</span></li>
|
340 |
+
<li>Plugin: <span class="GOTMLS_date">'.GOTMLS_Version.'</span></li>
|
341 |
+
<li>Definitions: <span class="GOTMLS_date">'.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"].'</span></li>
|
342 |
+
<li>Key: <span style="float: right;">'.GOTMLS_installation_key.'</span></li></ul>
|
343 |
<form id="updateform" method="post" name="updateform" action="'.GOTMLS_script_URI.'">
|
344 |
+
<img style="display: none; float: right; margin-right: 14px;" src="'.GOTMLS_images_path.'checked.gif" height=16 width=16 alt="definitions file updated" id="autoUpdateDownload" onclick="showhide(\'autoUpdateForm\', true);">
|
345 |
+
'.str_replace('findUpdates', 'Definition_Updates', $Update_Div).'
|
346 |
<div id="autoUpdateForm" style="display: none;">
|
347 |
+
<input type="submit" style="width: 100%;" name="auto_update" value="'.__("Download new definitions!",'gotmls').'">
|
348 |
</div>
|
349 |
</form>
|
350 |
+
<div id="registerKeyForm" style="display: none;">'.__("<p>If you already registered your Key then you can get instant access to definition updates.</p>",'gotmls').'<input type="button" style="width: 100%;" value="'.__("Check for Definition Updates Now!",'gotmls').'" onclick="check_for_updates(\'Definition_Updates\');" />
|
351 |
+
'.__("<p>If you have not already registered your Key then register now and get instant access to definition updates.</p><p>* All fields are required and I will NOT share your registration information with anyone.</p>",'gotmls').'
|
352 |
<form id="registerform" onsubmit="return sinupFormValidate(this);" action="'.$GOTMLS_update_home.'wp-login.php?action=register" method="post" name="registerform" target="GOTMLS_iFrame"><input type="hidden" name="redirect_to" id="register_redirect_to" value="/donate/"><input type="hidden" name="user_login" id="register_user_login" value="">
|
353 |
<div>'.__("Your Full Name:",'gotmls').'</div>
|
354 |
<div style="float: left; width: 50%;"><input style="width: 100%;" id="first_name" type="text" name="first_name" value="'.$current_user->user_firstname.'" /></div>
|
364 |
<input style="width: 100%;" id="installation_key" type="text" name="installation_key" value="'.GOTMLS_installation_key.'" readonly /><input id="old_key" type="hidden" name="old_key" value="'.md5($GOTMLS_url_parts[2]).'" /></div>
|
365 |
<input style="width: 100%;" id="wp-submit" type="submit" name="wp-submit" value="Register Now!" /></form></div>', "stuffbox").'
|
366 |
<script type="text/javascript">
|
367 |
+
// stopCheckingUpdates = checkupdateserver("'.$GOTMLS_plugin_home.GOTMLS_update_images_path.'?js='.$ver_info.'", "findUpdates", "'.str_replace("://", "://www.", $GOTMLS_plugin_home).GOTMLS_update_images_path.'?js='.$ver_info.'");
|
368 |
+
function check_for_updates(update_type) {
|
369 |
+
showhide(update_type, true);
|
370 |
+
stopCheckingDefinitions = checkupdateserver("'.$GOTMLS_update_home.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"].'&js='.$ver_info.'", update_type, "'.str_replace("://", "://www.", $GOTMLS_update_home).$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"].'&js='.$ver_info.'");
|
371 |
+
}
|
372 |
+
function updates_complete(chk) {
|
373 |
if (auto_img = document.getElementById("autoUpdateDownload")) {
|
374 |
+
auto_img.style.display="block";
|
375 |
check_for_donation(chk);
|
376 |
}
|
377 |
}
|
378 |
+
function check_for_registration() {
|
379 |
+
if ('.preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"])).'0 > '.preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Default"])).'0)
|
380 |
+
return true;
|
381 |
+
else
|
382 |
+
return false;
|
383 |
+
}
|
384 |
function check_for_donation(chk) {
|
385 |
if (document.getElementById("autoUpdateDownload").src.replace(/^.+\?/,"")=="0") {
|
386 |
alert(chk+"\\n\\n'.__("Please make a donation for the use of this wonderful feature!",'gotmls').'");
|
387 |
+
if (check_for_registration() && chk.substr(0, 8) == "Changed " && chk.substr(8, 1) != "0")
|
388 |
window.open("'.$GOTMLS_update_home.GOTMLS_installation_key.'/donate/?donation-source="+chk, "_blank");
|
389 |
} else
|
390 |
alert(chk);
|
412 |
return false;
|
413 |
} else {
|
414 |
document.getElementById("Definition_Updates").innerHTML = \'<img src="'.GOTMLS_images_path.'wait.gif">'.__("Submitting Registration ...",'gotmls').'\';
|
415 |
+
setTimeout(\'stopCheckingDefinitions = checkupdateserver("'.$GOTMLS_update_home.$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"].'&js='.$ver_info.'", "Definition_Updates");\', 6000);
|
416 |
showhide("registerKeyForm");
|
417 |
return true;
|
418 |
}
|
419 |
}
|
|
|
|
|
|
|
|
|
|
|
420 |
var divNAtext = false;
|
421 |
function loadGOTMLS() {
|
422 |
clearTimeout(divNAtext);
|
423 |
setDivNAtext();
|
424 |
'.$GOTMLS_onLoad.'
|
425 |
}
|
426 |
+
if (check_for_registration())
|
427 |
+
check_for_updates("Definition_Updates");
|
428 |
+
else
|
429 |
+
showhide("registerKeyForm", true);
|
|
|
|
|
|
|
|
|
430 |
if (divNAtext)
|
431 |
loadGOTMLS();
|
432 |
else
|
433 |
divNAtext=true;
|
434 |
</script>
|
435 |
+
'.GOTMLS_box(__("Resources & Links",'gotmls'), '
|
436 |
<div id="pastDonations"></div>
|
437 |
<form name="ppdform" id="ppdform" action="https://www.paypal.com/cgi-bin/webscr" method="post" target="_blank">
|
438 |
<input type="hidden" name="cmd" value="_donations">
|
471 |
</div>
|
472 |
</form>
|
473 |
<a target="_blank" href="http://safebrowsing.clients.google.com/safebrowsing/diagnostic?site='.urlencode(GOTMLS_siteurl).'">Google Safe Browsing Diagnostic</a>', "stuffbox").'
|
474 |
+
'.GOTMLS_box(__("Last Scan Status",'gotmls'), GOTMLS_scan_log(), "stuffbox").'
|
475 |
'.$optional_box.'
|
476 |
</div>';
|
477 |
if (isset($GLOBALS["GOTMLS"]["tmp"]["stuffbox"]) && is_array($GLOBALS["GOTMLS"]["tmp"]["stuffbox"])) {
|
527 |
function GOTMLS_View_Quarantine() {
|
528 |
$entries = GOTMLS_getfiles($GLOBALS["GOTMLS"]["tmp"]["quarantine_dir"]);
|
529 |
GOTMLS_display_header();
|
530 |
+
$Q_Page = '
|
|
|
|
|
531 |
<form method="POST" target="GOTMLS_iFrame" name="GOTMLS_Form_clean"><input type="hidden" id="GOTMLS_fixing" name="GOTMLS_fixing" value="1">';
|
532 |
if (is_array($entries) && ($key = array_search(".htaccess", $entries)))
|
533 |
unset($entries[$key]);
|
907 |
$patch_attr = array(
|
908 |
array(
|
909 |
"icon" => "blocked",
|
910 |
+
"language" => __("Your WordPress Login page is susceptible to a brute-force attack (just like any other login page). These types of attacks are becoming more prevalent these days and can sometimes cause your server to become slow or unresponsive, even if the attacks do not succeed in gaining access to your site. Applying this patch will block access to the WordPress Login page whenever this type of attack is detected."),
|
911 |
"status" => 'Not Installed',
|
912 |
"action" => 'Install Patch'
|
913 |
),
|
914 |
array(
|
915 |
+
"language" => __("Your WordPress site has the current version of my brute-force Login protection installed."),
|
916 |
"action" => 'Uninstall Patch',
|
917 |
"status" => 'Enabled',
|
918 |
"icon" => "checked"
|
919 |
),
|
920 |
array(
|
921 |
+
"language" => __("Your WordPress Login page has the old version of my brute-force protection installed. Upgrade this patch to improve the protection on the WordPress Login page and preserve the integrity of your WordPress core files."),
|
922 |
"action" => 'Upgrade Patch',
|
923 |
"status" => 'Out of Date',
|
924 |
"icon" => "threat"
|
954 |
}
|
955 |
$js = urlencode("if(stopSettingSession) clearTimeout(stopSettingSession); if(stopCheckingSession) clearTimeout(stopCheckingSession); showhide('GOTMLS_patch_searching', true); showhide('GOTMLS_patch_searching'); showhide('GOTMLS_patch_button', true);");
|
956 |
$sec_opts = '
|
957 |
+
<p><img src="'.GOTMLS_images_path.'checked.gif"><b>Revolution Slider Exploit Protection (Automatically Enabled)</b></p><div style="padding: 0 30px;">'.__("This protection is automatically activated with this plugin because of the widespread attack on WordPress that are affecting so many site right now. It is still recommended that you make sure to upgrade and older versions of the Revolution Slider plugin, especially those included in some themes that will not update automatically. Even if you do not have Revolution Slider on your site it still can't hurt to have this protection installed.",'gotmls').'</div><hr />
|
958 |
'.$patch_action.'
|
959 |
<form method="POST" name="GOTMLS_Form_patch"><p style="float: right;"><input type="submit" value="'.$patch_attr[$patch_status]["action"].'" style="'.($patch_status?'">':' display: none;" id="GOTMLS_patch_button"><div id="GOTMLS_patch_searching" style="float: right;">'.__("Checking for session compatability ...",'gotmls').' <img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /></div>').'<input type="hidden" name="GOTMLS_patching" value="1"></p><p><img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"><b>Brute-force Protection '.$patch_attr[$patch_status]["status"].'</b></p><div style="padding: 0 30px;"> * '.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' <a target="_blank" href="http://gotmls.net/tag/wp-login-php/">'.__("read my blog",'gotmls').'</a>.</div></form>
|
960 |
<script type="text/javascript">
|
984 |
}
|
985 |
|
986 |
function GOTMLS_init() {
|
987 |
+
global $GOTMLS_update_home, $GOTMLS_onLoad, $GOTMLS_threat_levels, $wpdb, $GOTMLS_threats_found, $GOTMLS_definitions_array, $GOTMLS_file_contents;
|
988 |
if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]))
|
989 |
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = 2;
|
990 |
if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_depth"]))
|
1013 |
$wpdb->query("DELETE FROM $wpdb->options WHERE `option_name` LIKE 'GOTMLS_known_%' OR `option_name` LIKE 'GOTMLS_definitions_array_%'");
|
1014 |
array_walk($GLOBALS["GOTMLS"]["tmp"]["settings_array"], "GOTMLS_reset_settings");
|
1015 |
}
|
1016 |
+
$GOTMLS_definitions_versions = array();
|
1017 |
foreach ($GOTMLS_definitions_array as $threat_level=>$definition_names)
|
1018 |
foreach ($definition_names as $definition_name=>$definition_version)
|
1019 |
if (is_array($definition_version))
|
1021 |
$GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
|
1022 |
if (isset($_POST["UPDATE_definitions_array"])) {
|
1023 |
$GOTnew_definitions = maybe_unserialize(GOTMLS_decode($_POST["UPDATE_definitions_array"]));
|
1024 |
+
$GOTMLS_onLoad .= "updates_complete('Downloaded Definitions');";
|
1025 |
} elseif (isset($GOTMLS_definitions_array["wp_login"]["brute force possible on wp-login.php"]) && is_array($GOTMLS_definitions_array["wp_login"]["brute force possible on wp-login.php"]) && count($GOTMLS_definitions_array["wp_login"]["brute force possible on wp-login.php"]) == 2 && $GOTMLS_definitions_array["wp_login"]["brute force possible on wp-login.php"][0] == "D4OAB")
|
1026 |
$GOTnew_definitions["wp_login"]["brute force possible on wp-login.php"] = array("D4OAC",'/if \(file_exists\(.+?(\/plugins\/gotmls\/safe-load\.php\')[\)\s]+require\(.+?\1\);/i');
|
1027 |
//elseif (file_exists(GOTMLS_plugin_path.'definitions_update.txt')) $GOTnew_definitions = maybe_unserialize(GOTMLS_decode(file_get_contents(GOTMLS_plugin_path.'definitions_update.txt')));
|
1039 |
$GOTMLS_definitions_versions[$threat_level] = $definition_version[0];
|
1040 |
}
|
1041 |
asort($GOTMLS_definitions_versions);
|
1042 |
+
$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] = '?div=Definition_Updates';
|
1043 |
+
foreach ($GOTMLS_definitions_versions as $definition_name=>$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"])
|
1044 |
+
$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Updates"] .= "&ver[$definition_name]=".$GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"];
|
1045 |
if (isset($_REQUEST["check"]) && is_array($_REQUEST["check"]))
|
1046 |
$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $_REQUEST["check"];
|
1047 |
/* $threat_names = array_keys($GOTMLS_definitions_array["known"]);
|
languages/gotmls.pot
CHANGED
@@ -8,7 +8,7 @@ msgid ""
|
|
8 |
msgstr ""
|
9 |
"Project-Id-Version: GOTMLS\n"
|
10 |
"Report-Msgid-Bugs-To: eli@gotmls.net\n"
|
11 |
-
"POT-Creation-Date: 2014-12-
|
12 |
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
13 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
14 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
@@ -55,25 +55,28 @@ msgstr ""
|
|
55 |
msgid "Upgrade to %s now!"
|
56 |
msgstr ""
|
57 |
|
|
|
|
|
|
|
58 |
msgid "If this is taking too long, click here."
|
59 |
msgstr ""
|
60 |
|
61 |
msgid "No response from server!"
|
62 |
msgstr ""
|
63 |
|
64 |
-
msgid "
|
65 |
msgstr ""
|
66 |
|
67 |
-
msgid "
|
68 |
msgstr ""
|
69 |
|
70 |
-
msgid "
|
71 |
msgstr ""
|
72 |
|
73 |
-
msgid "
|
74 |
msgstr ""
|
75 |
|
76 |
-
msgid "If you have not already registered your Key then register now and get instant access to definition updates
|
77 |
msgstr ""
|
78 |
|
79 |
msgid "Your Full Name:"
|
@@ -109,13 +112,13 @@ msgstr ""
|
|
109 |
msgid "Submitting Registration ..."
|
110 |
msgstr ""
|
111 |
|
112 |
-
msgid "
|
113 |
msgstr ""
|
114 |
|
115 |
msgid "Make a Donation with PayPal"
|
116 |
msgstr ""
|
117 |
|
118 |
-
msgid "Scan Status"
|
119 |
msgstr ""
|
120 |
|
121 |
msgid "Restore SELECTED files from Quarantine"
|
@@ -257,13 +260,13 @@ msgstr ""
|
|
257 |
msgid "Starting Scan ..."
|
258 |
msgstr ""
|
259 |
|
260 |
-
msgid "
|
261 |
msgstr ""
|
262 |
|
263 |
-
msgid "
|
264 |
msgstr ""
|
265 |
|
266 |
-
msgid "
|
267 |
msgstr ""
|
268 |
|
269 |
msgid "Removed Brute-Force Protection"
|
@@ -278,7 +281,7 @@ msgstr ""
|
|
278 |
msgid "Removed Old Brute-Force Login Patch"
|
279 |
msgstr ""
|
280 |
|
281 |
-
msgid "
|
282 |
msgstr ""
|
283 |
|
284 |
msgid "Checking for session compatability ..."
|
8 |
msgstr ""
|
9 |
"Project-Id-Version: GOTMLS\n"
|
10 |
"Report-Msgid-Bugs-To: eli@gotmls.net\n"
|
11 |
+
"POT-Creation-Date: 2014-12-31 11:35+0900\n"
|
12 |
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
|
13 |
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
|
14 |
"Language-Team: LANGUAGE <LL@li.org>\n"
|
55 |
msgid "Upgrade to %s now!"
|
56 |
msgstr ""
|
57 |
|
58 |
+
msgid "Searching for updates ..."
|
59 |
+
msgstr ""
|
60 |
+
|
61 |
msgid "If this is taking too long, click here."
|
62 |
msgstr ""
|
63 |
|
64 |
msgid "No response from server!"
|
65 |
msgstr ""
|
66 |
|
67 |
+
msgid "Updates & Registration"
|
68 |
msgstr ""
|
69 |
|
70 |
+
msgid "Download new definitions!"
|
71 |
msgstr ""
|
72 |
|
73 |
+
msgid "<p>If you already registered your Key then you can get instant access to definition updates.</p>"
|
74 |
msgstr ""
|
75 |
|
76 |
+
msgid "Check for Definition Updates Now!"
|
77 |
msgstr ""
|
78 |
|
79 |
+
msgid "<p>If you have not already registered your Key then register now and get instant access to definition updates.</p><p>* All fields are required and I will NOT share your registration information with anyone.</p>"
|
80 |
msgstr ""
|
81 |
|
82 |
msgid "Your Full Name:"
|
112 |
msgid "Submitting Registration ..."
|
113 |
msgstr ""
|
114 |
|
115 |
+
msgid "Resources & Links"
|
116 |
msgstr ""
|
117 |
|
118 |
msgid "Make a Donation with PayPal"
|
119 |
msgstr ""
|
120 |
|
121 |
+
msgid "Last Scan Status"
|
122 |
msgstr ""
|
123 |
|
124 |
msgid "Restore SELECTED files from Quarantine"
|
260 |
msgid "Starting Scan ..."
|
261 |
msgstr ""
|
262 |
|
263 |
+
msgid "Your WordPress Login page is susceptible to a brute-force attack (just like any other login page). These types of attacks are becoming more prevalent these days and can sometimes cause your server to become slow or unresponsive, even if the attacks do not succeed in gaining access to your site. Applying this patch will block access to the WordPress Login page whenever this type of attack is detected."
|
264 |
msgstr ""
|
265 |
|
266 |
+
msgid "Your WordPress site has the current version of my brute-force Login protection installed."
|
267 |
msgstr ""
|
268 |
|
269 |
+
msgid "Your WordPress Login page has the old version of my brute-force protection installed. Upgrade this patch to improve the protection on the WordPress Login page and preserve the integrity of your WordPress core files."
|
270 |
msgstr ""
|
271 |
|
272 |
msgid "Removed Brute-Force Protection"
|
281 |
msgid "Removed Old Brute-Force Login Patch"
|
282 |
msgstr ""
|
283 |
|
284 |
+
msgid "This protection is automatically activated with this plugin because of the widespread attack on WordPress that are affecting so many site right now. It is still recommended that you make sure to upgrade and older versions of the Revolution Slider plugin, especially those included in some themes that will not update automatically. Even if you do not have Revolution Slider on your site it still can't hurt to have this protection installed."
|
285 |
msgstr ""
|
286 |
|
287 |
msgid "Checking for session compatability ..."
|
readme.txt
CHANGED
@@ -5,8 +5,8 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
|
|
5 |
Contributors: scheeeli, gotmls
|
6 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
7 |
Tags: anti-malware, security, plugin, scan, automatic, repair, remove, malware, virus, threat, hacked, malicious, scripts, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
|
8 |
-
Version: 4.14.
|
9 |
-
Stable tag: 4.14.
|
10 |
Requires at least: 3.3
|
11 |
Tested up to: 4.1
|
12 |
|
@@ -89,10 +89,11 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
|
|
89 |
|
90 |
== Changelog ==
|
91 |
|
92 |
-
= 4.14.
|
93 |
-
* Added option to skip scanning the
|
94 |
* Updated Brute-Force patch to fix the problem of being included more that once.
|
95 |
* Fixed a few minor bugs (better window positioning and css, cleaner results page, updated new help tab, etc.).
|
|
|
96 |
|
97 |
= 4.14.52 =
|
98 |
* Added exception for the social.png files to the skip files by extension list.
|
@@ -282,8 +283,8 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
|
|
282 |
|
283 |
== Upgrade Notice ==
|
284 |
|
285 |
-
= 4.14.
|
286 |
-
Added option to skip scanning the
|
287 |
|
288 |
= 4.14.52 =
|
289 |
Added exception for the social.png files to the skip files by extension list, and fixed removal of Known Threats from files in the Quarantine directory.
|
5 |
Contributors: scheeeli, gotmls
|
6 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
7 |
Tags: anti-malware, security, plugin, scan, automatic, repair, remove, malware, virus, threat, hacked, malicious, scripts, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
|
8 |
+
Version: 4.14.54
|
9 |
+
Stable tag: 4.14.54
|
10 |
Requires at least: 3.3
|
11 |
Tested up to: 4.1
|
12 |
|
89 |
|
90 |
== Changelog ==
|
91 |
|
92 |
+
= 4.14.54 =
|
93 |
+
* Added option to skip scanning the Quarantined files.
|
94 |
* Updated Brute-Force patch to fix the problem of being included more that once.
|
95 |
* Fixed a few minor bugs (better window positioning and css, cleaner results page, updated new help tab, etc.).
|
96 |
+
Made sure that the plugin does not check my servers for updates unless you have registered (this opt-in requirement is part of the WordPress Repository Guidelines).
|
97 |
|
98 |
= 4.14.52 =
|
99 |
* Added exception for the social.png files to the skip files by extension list.
|
283 |
|
284 |
== Upgrade Notice ==
|
285 |
|
286 |
+
= 4.14.54 =
|
287 |
+
Added option to skip scanning the Quarantine, updated Brute-Force patch, and fixed a few minor bugs.
|
288 |
|
289 |
= 4.14.52 =
|
290 |
Added exception for the social.png files to the skip files by extension list, and fixed removal of Known Threats from files in the Quarantine directory.
|
safe-load/index.php
CHANGED
@@ -12,5 +12,5 @@ foreach (array("REMOTE_ADDR", "HTTP_HOST", "REQUEST_URI", "HTTP_REFERER", "HTTP_
|
|
12 |
$_SESSION["GOTMLS_detected_attacks"] .= (isset($_SERVER[$var])?"&SERVER_$var=".urlencode($_SERVER[$var]):"");
|
13 |
foreach (array("log") as $var)
|
14 |
$_SESSION["GOTMLS_detected_attacks"] .= (isset($_POST[$var])?"&POST_$var=".urlencode($_POST[$var]):"");
|
15 |
-
header("location: http://safe-load.gotmls.net/report.php?ver=4.14.
|
16 |
die();
|
12 |
$_SESSION["GOTMLS_detected_attacks"] .= (isset($_SERVER[$var])?"&SERVER_$var=".urlencode($_SERVER[$var]):"");
|
13 |
foreach (array("log") as $var)
|
14 |
$_SESSION["GOTMLS_detected_attacks"] .= (isset($_POST[$var])?"&POST_$var=".urlencode($_POST[$var]):"");
|
15 |
+
header("location: http://safe-load.gotmls.net/report.php?ver=4.14.54".$_SESSION["GOTMLS_detected_attacks"]);
|
16 |
die();
|