Anti-Malware Security and Brute-Force Firewall

Version Description

Moved the Firewall Options to it's own page linked to from the admin menu.
Moved the Quick Scan from the admin menu to the top of the Scan Settings page.

Release Info

Developer	scheeeli
Plugin	Anti-Malware Security and Brute-Force Firewall
Version	4.15.49
Comparing to
See all releases

Code changes from version 4.15.46 to 4.15.49

Files changed (3) hide show

index.php +124 -119
languages/gotmls.pot +224 -224
readme.txt +18 -13

index.php CHANGED Viewed

@@ -8,7 +8,7 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
             Contributors: scheeeli, gotmls
             Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
             Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
-            -
            Version: 4.15.46
             */
             if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
             	include(dirname(__FILE__)."/safe-load/index.php");
@@ -72,12 +72,7 @@ function GOTMLS_menu() {
             		$my_admin_page = add_object_page($pageTitle, $pluginTitle, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $base_page, $base_function, $GOTMLS_Full_plugin_logo_URL);
             	add_action('load-'.$my_admin_page, 'GOTMLS_admin_add_help_tab');
             	add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE, GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $base_page, $base_function);
-            -
            	if (is_dir(dirname(__FILE__)."/../../../wp-includes") && is_dir(dirname(__FILE__)."/../../../wp-admin"))
-            -
            		add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Run_Quick_Scan_LANGUAGE, GOTMLS_Run_Quick_Scan_LANGUAGE." (WP Core)", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "$base_page&scan_type=Quick+Scan&".GOTMLS_set_nonce(__FUNCTION__."76"), $base_function);
-            -
            	if (is_dir(dirname(__FILE__)."/../../../wp-content/plugins"))
-            -
            		add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Run_Quick_Scan_LANGUAGE, GOTMLS_Run_Quick_Scan_LANGUAGE." (plugins)", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "$base_page&scan_type=Quick+Scan&scan_only[]=wp-content/plugins&".GOTMLS_set_nonce(__FUNCTION__."78"), $base_function);
-            -
            	if (is_dir(dirname(__FILE__)."/../../../wp-content/themes"))
-            -
            		add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Run_Quick_Scan_LANGUAGE, GOTMLS_Run_Quick_Scan_LANGUAGE." (themes)", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "$base_page&scan_type=Quick+Scan&scan_only[]=wp-content/themes&".GOTMLS_set_nonce(__FUNCTION__."80"), $base_function);
             	add_submenu_page($base_page, "$pluginTitle ".GOTMLS_View_Quarantine_LANGUAGE, GOTMLS_View_Quarantine_LANGUAGE.(($Qs = GOTMLS_get_quarantine(true))?' <span class="awaiting-mod count-'.$Qs.'"><span class="awaiting-mod">'.$Qs.'</span></span>':""), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-View-Quarantine", "GOTMLS_View_Quarantine");
+            }
@@ -726,6 +721,114 @@ function GOTMLS_View_Quarantine() {
             	echo $echo.GOTMLS_box(__("Scan Logs",'gotmls'), GOTMLS_get_scanlog())."\n</div></div></div>";
+            }
             function GOTMLS_update_definitions() {
             	global $wp_version;
             	$GOTMLS_definitions_versions = array();
@@ -776,7 +879,7 @@ function GOTMLS_settings() {
             	$gt = ">";
             	$lt = "<";
             	GOTMLS_update_definitions();
-            -
            	if (($GOTMLS_nonce = GOTMLS_get_nonce()) && isset($_REQUEST["check"]) && is_array($_REQUEST["check"]))
             		$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $_REQUEST["check"];
             	/*	$threat_names = array_keys($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"]);
             		foreach ($threat_names as $threat_name) {
@@ -856,7 +959,8 @@ function GOTMLS_settings() {
             		$scan_whatopts = "\n$lt".'div style="padding: 4px 30px;" id="scan_group_div_'.$mg.'"'.$gt.$lt.'input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]==$mg?' checked':'').' /'.$gt.$lt.'a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;"'."$gt$GOTMLS_scan_group$lt/a$gt{$lt}br /$gt\n$lt".'div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; margin: 0; padding: 10px; z-index: 10;" id="only'.$mg.'"'.$gt.$lt.'div style="padding-bottom: 6px;"'.$gt.GOTMLS_close_button('only'.$mg, 0).$lt.'b'.$gt.str_replace(" ", "&nbsp;", __("Only Scan These Folders:",'gotmls')).$lt.'/b'.$gt.$lt.'/div'.$gt.$scan_whatopts;
+            	}
             	$scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}".((isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])?"\nfunction auto_UPDATE_check() {\n\tif (auto_UPdef_check = document.getElementById('auto_UPDATE_definitions_check'))\n\t\tauto_UPdef_check.checked = true;\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', auto_UPDATE_check)\nelse\n\tdocument.attachEvent('onload', auto_UPDATE_check);\n":"")."$lt/script$gt";
-            -
            	$scan_opts = "\n$lt".'form method="POST" name="GOTMLS_Form"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."870")).'"'.$gt.$lt.'input type="hidden" name="scan_type" id="scan_type" value="Complete Scan" /'.$gt.'
             	'.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to look for:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.'
             	'.$lt.'div style="padding: 0 30px;"'.$gt;
             	foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $threat_level_name=>$threat_level) {
@@ -883,12 +987,13 @@ function GOTMLS_settings() {
             	if (isset($_GET["SESSION"]) && isset($_SESSION["GOTMLS_debug"]['total'])) {$scan_opts .= $lt.'div style="float: right;"'.$gt.print_r($_SESSION["GOTMLS_debug"]['total'],1)."$lt/div$gt"; unset($_SESSION["GOTMLS_debug"]);}
             	if (isset($_GET["eli"])) {//still testing this option
             		$scan_opts .= "\n$lt".'div style="padding: 10px;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Custom RegExp:",'gotmls').$lt.'/b'.$gt.' ('.__("For very advanced users only. Do not use this without talking to Eli first. If used incorrectly you could easily break your site.",'gotmls').')'.$lt.'/p'.$gt.$lt.'input type="text" name="check_custom" style="width: 100%;" value="'.htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]).'" /'."$gt$lt/div$gt\n$lt".'div style="padding: 10px;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Custom Code to be Checked:",'gotmls').$lt.'/b'.$gt.' ('.__("For very advanced users only. If you enter anything in this box then no other files will be scanned on your site.",'gotmls').')'.$lt.'/p'.$gt.$lt.'textarea name="check_code" style="width: 100%;" rows=3'.$gt.htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_code"])."$lt/textarea$gt$lt/div$gt\n";
-            -
            	}
             	$scan_opts .= "\n$lt".'p'.$gt.$lt.'b'.$gt.__("Skip files with the following extentions:",'gotmls')."$lt/b$gt".(($default_exclude_ext!=implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))?" {$lt}a href=\"javascript:void(0);\" onclick=\"document.getElementById('exclude_ext').value = '$default_exclude_ext';\"{$gt}[Restore Defaults]$lt/a$gt":"").$lt.'/p'.$gt.'
-            -
            	'.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a comma separated list of file extentions to skip",'gotmls').'" name="exclude_ext" id="exclude_ext" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]).'" style="width: 100%;" /'.$gt.$lt.'/div'.$gt.'
-            -
            	'.$lt.'p'.$gt.$lt.'b'.$gt.__("Skip directories with the following names:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.'
-            -
            	'.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a folder name or comma separated list of folder names to skip",'gotmls').'" name="exclude_dir" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]).'" style="width: 100%;" /'.$gt.$lt.'/div'.$gt.'
-            -
            	'.$lt.'table style="width: 100%" cellspacing="10"'.$gt.$lt.'tr'.$gt.$lt.'td nowrap valign="top" style="white-space: nowrap; width: 1px;"'.$gt.$lt.'b'.$gt.__("Automatically Update Definitions:",'gotmls').$lt.'/b'.$gt.$lt.'/td'.$gt.$lt.'td colspan=2'.$gt.$lt.'div id="UPDATE_definitions_div"'.$gt.$lt.'span style="color: #C00;"'.$gt.__("This new BETA feature is only available to registered users who have donated at a certain level.",'gotmls')."$lt/span$gt$lt/div$gt$lt/td$gt$lt".'td align="right" valign="bottom"'.$gt.$lt.'input type="submit" id="save_settings" value="'.__("Save Settings",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Save\';" /'.$gt.'&nbsp;'.$lt.'input type="submit" id="complete_scan" value="'.__("Run Complete Scan",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Complete Scan\';" /'."$gt$lt/td$gt$lt/tr$gt$lt/table$gt$lt/form$gt";
             	@ob_start();
             	$OB_default_handlers = array("default output handler", "zlib output compression");
             	$OB_handlers = @ob_list_handlers();
@@ -995,6 +1100,7 @@ function update_status(title, time) {
             		if ($MAX > 11)
             			$fix_button_js = "";
+            	}
             	echo "/*--{$gt}*".'/
             	document.getElementById("status_counts").innerHTML = divHTML+"'.$lt.'/ul'.$gt.'";
             	document.getElementById("fix_button").style.display = dis;
@@ -1004,15 +1110,15 @@ function showOnly(what) {
             	document.getElementById("only_what").innerHTML = document.getElementById("only"+what).innerHTML;
+            }
             var startTime = 0;
-            -
            '.$lt.'/script'.$gt.GOTMLS_box(GOTMLS_Scan_Settings_LANGUAGE, $scan_opts);
             	if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Save") {
-            -
            		if ($GOTMLS_nonce) {
             			update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
             			echo "\n{$lt}script type='text/javascript'$gt\nalert('Settings Saved!');\n$lt/script$gt\n";
             		} else
             			echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Saving these settings requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
             	} elseif (isset($_REQUEST["scan_what"]) && is_numeric($_REQUEST["scan_what"]) && ($_REQUEST["scan_what"] > -1)) {
-            -
            		if ($GOTMLS_nonce) {
             			update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
             			if (!isset($_REQUEST["scan_type"]))
             				$_REQUEST["scan_type"] = "Complete Scan";
@@ -1026,7 +1132,7 @@ var startTime = 0;
             						echo $lt.'input type="hidden" name="'.$name.'" value="'.htmlspecialchars($value).'"'.$gt;
+            				}
+            			}
-            -
            			echo "\n$lt".'script type="text/javascript"'.$gt.'showhide("inside_'.md5(GOTMLS_Scan_Settings_LANGUAGE).'");'.$lt.'/script'.$gt.GOTMLS_box(htmlentities($_REQUEST["scan_type"]).' Status', $lt.'div id="status_text"'.$gt.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="..."'.$gt.' '.GOTMLS_Loading_LANGUAGE.$lt.'/div'.$gt.$lt.'div id="status_bar"'.$gt.$lt.'/div'.$gt.$lt.'p id="pause_button" style="display: none; position: absolute; left: 0; text-align: center; margin-left: -30px; padding-left: 50%;"'.$gt.$lt.'input type="button" value="Pause" class="button-primary" onclick="pauseresume(this);" id="resume_button" /'.$gt.$lt.'/p'.$gt.$lt.'div id="status_counts"'.$gt.$lt.'/div'.$gt.$lt.'p id="fix_button" style="display: none; text-align: center;"'.$gt.$lt.'input id="repair_button" type="submit" value="'.GOTMLS_Automatically_Fix_LANGUAGE.'" class="button-primary" onclick="loadIframe(\'Examine Results\');" /'.$gt.$lt.'/p'.$gt);
             			$scan_groups_UL = "";
             			foreach ($scan_groups as $scan_name => $scan_group)
             				$scan_groups_UL .= "\n{$lt}ul name=\"found_$scan_group\" id=\"found_$scan_group\" class=\"GOTMLS_plugin $scan_group\" style=\"background-color: #ccc; display: none; padding: 0;\"$gt{$lt}a class=\"rounded-corners\" name=\"link_$scan_group\" style=\"float: right; padding: 0 4px; margin: 5px 5px 0 30px; line-height: 16px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;\" href=\"#found_top\" onclick=\"showhide('found_$scan_group');\"{$gt}X$lt/a$gt{$lt}h3$gt$scan_name$lt/h3$gt\n".($scan_group=='potential'?$lt.'p'.$gt.' &nbsp; * '.__("NOTE: These are probably not malicious scripts (but it's a good place to start looking <u>IF</u> your site is infected and no Known Threats were found).",'gotmls').$lt.'/p'.$gt:($scan_group=='wp_core'?$lt.'p'.$gt.' &nbsp; * '.sprintf(__("NOTE: We have detected changes to the WordPress Core files on your site. This could be an intentional modification or the malicious work of a hacker. We can restore these files to their original state to preserve the integrity of your original WordPress %s installation.",'gotmls'), $wp_version).' (for more info '.$lt.'a target="_blank" href="http://gotmls.net/tag/wp-core-files/"'.$gt.__("read my blog",'gotmls').$lt.'/a'.$gt.').'.$lt.'/p'.$gt:$lt.'br /'.$gt)).$lt.'/ul'.$gt;
@@ -1124,107 +1230,6 @@ var startTime = 0;
             			echo "/*--{$gt}*"."/\n$lt/script$gt";
             		} else
             			echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Starting a Complete Scan requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
-            -
            	} else {
-            -
            		$patch_attr = array(
-            -
            			array(
-            -
            				"icon" => "blocked",
-            -
            				"language" => __("Your WordPress Login page is susceptible to a brute-force attack (just like any other login page). These types of attacks are becoming more prevalent these days and can sometimes cause your server to become slow or unresponsive, even if the attacks do not succeed in gaining access to your site. Applying this patch will block access to the WordPress Login page whenever this type of attack is detected."),
-            -
            				"status" => 'Not Installed',
-            -
            				"action" => 'Install Patch'
-            -
            			),
-            -
            			array(
-            -
            				"language" => __("Your WordPress site has the current version of my brute-force Login protection installed."),
-            -
            				"action" => 'Uninstall Patch',
-            -
            				"status" => 'Enabled',
-            -
            				"icon" => "checked"
-            -
            			),
-            -
            			array(
-            -
            				"language" => __("Your WordPress Login page has the old version of my brute-force protection installed. Upgrade this patch to improve the protection on the WordPress Login page and preserve the integrity of your WordPress core files."),
-            -
            				"action" => 'Upgrade Patch',
-            -
            				"status" => 'Out of Date',
-            -
            				"icon" => "threat"
-            -
            			)
-            -
            		);
-            -
            		$patch_action = $lt.'form method="POST" name="GOTMLS_Form_XMLRPC_patch"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1159")).'"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="hidden" name="GOTMLS_XMLRPC_patching" value="1"'.$gt.$lt.'input type="submit" value="Block XMLRPC Access" style="display: none;" id="GOTMLS_XMLRPC_patch_button"'.$gt.$lt.'div id="GOTMLS_XMLRPC_patch_searching"'.$gt.__("Checking .htaccess file ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt.$lt.'/div'.$gt.$lt.'script'.$gt."\nfunction testComplete() {\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_XMLRPC_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("You must register and donate to use this feature!",'gotmls')."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("This feature is available to those who have donated!",'gotmls')."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_XMLRPC_patch_searching');\n\tshowhide('GOTMLS_XMLRPC_patch_button', true);\n}\n}\nwindow.onload=testComplete;\n$lt/script$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.'Allow/Block XMLRPC Access (';
-            -
            		$patch_found = false;
-            -
            		$find = '|<Files[^>]+xmlrpc.php>(.+?)</Files>\s*(# END GOTMLS Patch to Block XMLRPC Access\s*)*|is';
-            -
            		$head = str_replace(array('|<Files[^>]+', '(.+?)', '\\s*(', '\\s*)*|is'), array("<Files ", "\norder deny,allow\ndeny from all".(isset($_SERVER["REMOTE_ADDR"])?"\nallow from ".$_SERVER["REMOTE_ADDR"]:"").(isset($_SERVER["SERVER_ADDR"])?"\nallow from ".$_SERVER["SERVER_ADDR"]:"")."\n", "\n", "\n"), $find);
-            -
            		$htaccess = "";
-            -
            		if (is_file(ABSPATH.'.htaccess'))
-            -
            			if (($htaccess = @file_get_contents(ABSPATH.'.htaccess')) && strlen($htaccess))
-            -
            				$patch_found = preg_match($find, $htaccess);
-            -
            		if ($patch_found) {
-            -
            			if ($GOTMLS_nonce && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0) && GOTMLS_file_put_contents(ABSPATH.'.htaccess', preg_replace($find, "", $htaccess)))
-            -
            				$patch_action .= $lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.' Now Allowing';
-            -
            			elseif ($GOTMLS_nonce && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0))
-            -
            				$patch_action = str_replace('1"'.$gt.$lt.'input type="submit" value="Block', '-1"'.$gt.$lt.'input type="submit" value="Unblock', $patch_action).$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.' Still Blocked: '.sprintf(__("Failed to remove XMLRPC Protection (.htaccess %s)",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write':'only'):"unreadable").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
-            -
            			else
-            -
            				$patch_action = str_replace('1"'.$gt.$lt.'input type="submit" value="Block', '-1"'.$gt.$lt.'input type="submit" value="Unblock', $patch_action).'Currently Blocked';
-            -
            		} else {
-            -
            			if ($GOTMLS_nonce && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0) && GOTMLS_file_put_contents(ABSPATH.'.htaccess', "$head$htaccess"))
-            -
            				$patch_action = str_replace('1"'.$gt.$lt.'input type="submit" value="Block', '-1"'.$gt.$lt.'input type="submit" value="Unblock', $patch_action).$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.' Now Blocking';
-            -
            			elseif ($GOTMLS_nonce && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0))
-            -
            				$patch_action .= $lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.' Still Allowed: '.sprintf(__("Failed to install XMLRPC Protection (.htaccess %s)",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write':'only'):"unreadable").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
-            -
            			else
-            -
            				$patch_action .= 'Currently Allowed';
-            -
            		}
-            -
            		$patch_action .= ")$lt/b$gt$lt/p$gt".__("Most WordPress site do not use the XMLRPC features and hack attempt on the xmlrpc.php file are more common then ever before. Even if there are no vulnerabilities for hackers to exploit these attempts can cause slowness or downtime similar to a DDoS attack. This patch automatically blocks all external access to the xmlrpc.php file.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt.$lt.'hr /'.$gt;
-            -
            		$patch_status = 0;
-            -
            		$patch_found = -1;
-            -
            		$find = "#if\s*\(([^\&]+\&\&)?\s*file_exists\((.+?)(safe-load|wp-login)\.php'\)\)\s*require(_once)?\((.+?)(safe-load|wp-login)\.php'\);#";
-            -
            		$head = str_replace(array('#', '\\(', '\\)', '(_once)?', ')\\.', '\\s*', '(.+?)(', '|', '([^\\&]+\\&\\&)?'), array(' ', '(', ')', '_once', '.', ' ', '\''.dirname(__FILE__).'/', '/', '!in_array($_SERVER["REMOTE_ADDR"], array("'.$_SERVER["REMOTE_ADDR"].'")) &&'), $find);
-            -
            		if (is_file(ABSPATH.'../wp-config.php') && !is_file(ABSPATH.'wp-config.php'))
-            -
            			$wp_config = '../wp-config.php';
-            -
            		else
-            -
            			$wp_config = 'wp-config.php';
-            -
            		if (is_file(ABSPATH.$wp_config)) {
-            -
            			if (($config = @file_get_contents(ABSPATH.$wp_config)) && strlen($config)) {
-            -
            				if ($patch_found = preg_match($find, $config)) {
-            -
            					if (strpos($config, substr($head, strpos($head, "file_exists")))) {
-            -
            						if ($GOTMLS_nonce && isset($_POST["GOTMLS_patching"]) && GOTMLS_file_put_contents(ABSPATH.$wp_config, preg_replace('#'.$lt.'\?[ph\s]+(//.*\s*)*\?'.$gt.'#i', "", preg_replace($find, "", $config))))
-            -
            							$patch_action .= $lt.'div class="error"'.$gt.__("Removed Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
-            -
            						else
-            -
            							$patch_status = 1;
-            -
            					} else {
-            -
            						if ($GOTMLS_nonce && isset($_POST["GOTMLS_patching"]) && GOTMLS_file_put_contents(ABSPATH.$wp_config, preg_replace($find, "$head", $config))) {
-            -
            							$patch_action .= $lt.'div class="updated"'.$gt.__("Upgraded Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
-            -
            							$patch_status = 1;
-            -
            						} else
-            -
            							$patch_status = 2;
-            -
            					}
-            -
            				} elseif ($GOTMLS_nonce && isset($_POST["GOTMLS_patching"]) && strlen($config) && ($patch_found == 0) && GOTMLS_file_put_contents(ABSPATH.$wp_config, "$lt?php$head// Load Brute-Force Protection by GOTMLS.NET before the WordPress bootstrap. ?$gt$config")) {
-            -
            					$patch_action .= $lt.'div class="updated"'.$gt.__("Installed Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
-            -
            					$patch_status = 1;
-            -
            				} elseif ($GOTMLS_nonce && isset($_POST["GOTMLS_patching"]))
-            -
            					$patch_action .= $lt.'div class="updated"'.$gt.sprintf(__("Failed to install Brute-Force Protection (wp-config.php %s)",'gotmls'),(is_readable(ABSPATH.$wp_config)?'read-'.(is_writable(ABSPATH.$wp_config)?'write':'only'):"unreadable").": ".strlen($config).GOTMLS_fileperms(ABSPATH.$wp_config)).$lt.'/div'.$gt;
-            -
            			} else
-            -
            				$patch_action .= $lt.'div class="error"'.$gt.__("wp-config.php Not Readable!",'gotmls').$lt.'/div'.$gt;
-            -
            		} else
-            -
            			$patch_action .= $lt.'div class="error"'.$gt.__("wp-config.php Not Found!",'gotmls').$lt.'/div'.$gt;
-            -
            		if ($GOTMLS_nonce && file_exists(ABSPATH.'wp-login.php') && ($login = @file_get_contents(ABSPATH.'wp-login.php')) && strlen($login) && (preg_match($find, $login))) {
-            -
            			if (isset($_POST["GOTMLS_patching"]) && ($source = GOTMLS_get_URL("http://core.svn.wordpress.org/tags/".$wp_version.'/wp-login.php')) && (strlen($source) > 500) && GOTMLS_file_put_contents(ABSPATH.'wp-login.php', $source))
-            -
            				$patch_action .= $lt.'div class="updated"'.$gt.__("Removed Old Brute-Force Login Patch",'gotmls').$lt.'/div'.$gt;
-            -
            			else
-            -
            				$patch_status = 2;
-            -
            		}
-            -
            		$sec_opts = $lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Revolution Slider Exploit Protection (Automatically Enabled)'.$lt.'/b'.$gt.$lt.'/p'.$gt.__("This protection is automatically activated with this plugin because of the widespread attack on WordPress that are affecting so many site right now. It is still recommended that you make sure to upgrade and older versions of the Revolution Slider plugin, especially those included in some themes that will not update automatically. Even if you do not have Revolution Slider on your site it still can't hurt to have this protection installed.",'gotmls').$lt.'/div'.$gt.$lt.'hr /'.$gt.'
-            -
            		'.$patch_action.'
-            -
            		'.$lt.'form method="POST" name="GOTMLS_Form_patch"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1223")).'"'.$gt.$lt.'input type="submit" value="'.$patch_attr[$patch_status]["action"].'" style="'.($patch_status?'"'.$gt:' display: none;" id="GOTMLS_patch_button"'.$gt.$lt.'div id="GOTMLS_patch_searching" style="float: right;"'.$gt.__("Checking for session compatibility ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt).$lt.'input type="hidden" name="GOTMLS_patching" value="1"'.$gt.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"'.$gt.$lt.'b'.$gt.'Brute-force Protection '.$patch_attr[$patch_status]["status"].$lt.'/b'.$gt.$lt.'/p'.$gt.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' '.$lt.'a target="_blank" href="http://gotmls.net/tag/wp-login-php/"'.$gt.__("read my blog",'gotmls')."$lt/a$gt.$lt/div$gt$lt/form$gt\n{$lt}script type='text/javascript'$gt\nfunction search_patch_onload() {\n\tstopCheckingSession = checkupdateserver('".GOTMLS_images_path."gotmls.js?SESSION=0', 'GOTMLS_patch_searching');\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', search_patch_onload)\nelse\n\tdocument.attachEvent('onload', search_patch_onload);\n$lt/script$gt";
-            -
            		$admin_notice = "";
-            -
            		if ($current_user->user_login == "admin") {
-            -
            			if ($GOTMLS_nonce && isset($_POST["GOTMLS_admin_username"]) && ("admin" != trim($_POST["GOTMLS_admin_username"])) && strlen(trim($_POST["GOTMLS_admin_username"])) && preg_match('/^\s*[a-z_0-9\@\.\-]{3,}\s*$/i', $_POST["GOTMLS_admin_username"])) {
-            -
            					if ($wpdb->update($wpdb->users, array("user_login" => trim($_POST["GOTMLS_admin_username"])), array("user_login" => "admin")))
-            -
            						$admin_notice .= $lt.'div class="updated"'.$gt.sprintf(__("You username has been change to %s. Don't forget to use your new username when you login again.",'gotmls'), $_POST["GOTMLS_admin_username"]).$lt.'/div'.$gt;
-            -
            					else
-            -
            						$admin_notice .= $lt.'div class="updated"'.$gt.sprintf(__("SQL Error changing username: %s. Please try again later.",'gotmls'), $wpdb->last_error).$lt.'/div'.$gt;
-            -
            			} else {
-            -
            				$admin_notice .= $lt.'hr /'.$gt;
-            -
            				if (isset($_POST["GOTMLS_admin_username"]))
-            -
            					$admin_notice .= $lt.'div class="updated"'.$gt.sprintf(__("Your new username must be at least 3 characters and can only contain &quot;%s&quot;. Please try again.",'gotmls'), "a-z0-9_.-@").$lt.'/div'.$gt;
-            -
            				$admin_notice .= $lt.'form method="POST" name="GOTMLS_Form_admin"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'div style="float: left;"'.$gt.__("Change your username:",'gotmls').$lt.'/div'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1235")).'"'.$gt.$lt.'input style="float: left;" type="text" id="GOTMLS_admin_username" name="GOTMLS_admin_username" size="6" value="admin"'.$gt.$lt.'input style="float: left;" type="submit" value="Change"'.$gt.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Admin Notice'.$lt.'/b'.$gt.$lt.'/p'.$gt.__("Your username is \"admin\", this is the most commonly guessed username by hackers and brute-force scripts. It is highly recommended that you change your username immediately.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt;
-            -
            			}
-            -
            		}
-            -
            		echo GOTMLS_box(__("Firewall Options",'gotmls'), $sec_opts.$admin_notice);
+            	}
             	echo "\n$lt/div$gt$lt/div$gt$lt/div$gt";
+            }


8	Contributors: scheeeli, gotmls
9	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
10	Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11	+ Version: 4.15.49
12	*/
13	if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
14	include(dirname(__FILE__)."/safe-load/index.php");

72	$my_admin_page = add_object_page($pageTitle, $pluginTitle, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $base_page, $base_function, $GOTMLS_Full_plugin_logo_URL);
73	add_action('load-'.$my_admin_page, 'GOTMLS_admin_add_help_tab');
74	add_submenu_page($base_page, "$pluginTitle ".GOTMLS_Scan_Settings_LANGUAGE, GOTMLS_Scan_Settings_LANGUAGE, $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], $base_page, $base_function);
75	+ add_submenu_page($base_page, "$pluginTitle Firewall Options", "Firewall Options", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-Firewall-Options", "GOTMLS_Firewall_Options");





76	add_submenu_page($base_page, "$pluginTitle ".GOTMLS_View_Quarantine_LANGUAGE, GOTMLS_View_Quarantine_LANGUAGE.(($Qs = GOTMLS_get_quarantine(true))?' <span class="awaiting-mod count-'.$Qs.'"><span class="awaiting-mod">'.$Qs.'</span></span>':""), $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["user_can"], "GOTMLS-View-Quarantine", "GOTMLS_View_Quarantine");
77	}
78

721	echo $echo.GOTMLS_box(__("Scan Logs",'gotmls'), GOTMLS_get_scanlog())."\n</div></div></div>";
722	}
723
724	+ function GOTMLS_Firewall_Options() {
725	+ GOTMLS_update_definitions();
726	+ GOTMLS_display_header();
727	+ $GOTMLS_nonce_found = GOTMLS_get_nonce();
728	+ $gt = ">";
729	+ $lt = "<";
730	+ $patch_attr = array(
731	+ array(
732	+ "icon" => "blocked",
733	+ "language" => __("Your WordPress Login page is susceptible to a brute-force attack (just like any other login page). These types of attacks are becoming more prevalent these days and can sometimes cause your server to become slow or unresponsive, even if the attacks do not succeed in gaining access to your site. Applying this patch will block access to the WordPress Login page whenever this type of attack is detected."),
734	+ "status" => 'Not Installed',
735	+ "action" => 'Install Patch'
736	+ ),
737	+ array(
738	+ "language" => __("Your WordPress site has the current version of my brute-force Login protection installed."),
739	+ "action" => 'Uninstall Patch',
740	+ "status" => 'Enabled',
741	+ "icon" => "checked"
742	+ ),
743	+ array(
744	+ "language" => __("Your WordPress Login page has the old version of my brute-force protection installed. Upgrade this patch to improve the protection on the WordPress Login page and preserve the integrity of your WordPress core files."),
745	+ "action" => 'Upgrade Patch',
746	+ "status" => 'Out of Date',
747	+ "icon" => "threat"
748	+ )
749	+ );
750	+ $patch_action = $lt.'form method="POST" name="GOTMLS_Form_XMLRPC_patch"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1159")).'"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="hidden" name="GOTMLS_XMLRPC_patching" value="1"'.$gt.$lt.'input type="submit" value="Block XMLRPC Access" style="display: none;" id="GOTMLS_XMLRPC_patch_button"'.$gt.$lt.'div id="GOTMLS_XMLRPC_patch_searching"'.$gt.__("Checking .htaccess file ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt.$lt.'/div'.$gt.$lt.'script'.$gt."\nfunction testComplete() {\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) \|\| donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_XMLRPC_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("You must register and donate to use this feature!",'gotmls')."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("This feature is available to those who have donated!",'gotmls')."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_XMLRPC_patch_searching');\n\tshowhide('GOTMLS_XMLRPC_patch_button', true);\n}\n}\nwindow.onload=testComplete;\n$lt/script$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.$lt.'img src="'.GOTMLS_images_path.'question.gif"'.$gt.'Allow/Block XMLRPC Access (';
751	+ $patch_found = false;
752	+ $find = '\|<Files[^>]+xmlrpc.php>(.+?)</Files>\s(# END GOTMLS Patch to Block XMLRPC Access\s)*\|is';
753	+ $head = str_replace(array('\|<Files[^>]+', '(.+?)', '\\s(', '\\s)*\|is'), array("<Files ", "\norder deny,allow\ndeny from all".(isset($_SERVER["REMOTE_ADDR"])?"\nallow from ".$_SERVER["REMOTE_ADDR"]:"").(isset($_SERVER["SERVER_ADDR"])?"\nallow from ".$_SERVER["SERVER_ADDR"]:"")."\n", "\n", "\n"), $find);
754	+ $htaccess = "";
755	+ if (is_file(ABSPATH.'.htaccess'))
756	+ if (($htaccess = @file_get_contents(ABSPATH.'.htaccess')) && strlen($htaccess))
757	+ $patch_found = preg_match($find, $htaccess);
758	+ if ($patch_found) {
759	+ if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0) && GOTMLS_file_put_contents(ABSPATH.'.htaccess', preg_replace($find, "", $htaccess)))
760	+ $patch_action .= $lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.' Now Allowing';
761	+ elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] < 0))
762	+ $patch_action = str_replace('1"'.$gt.$lt.'input type="submit" value="Block', '-1"'.$gt.$lt.'input type="submit" value="Unblock', $patch_action).$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.' Still Blocked: '.sprintf(__("Failed to remove XMLRPC Protection (.htaccess %s)",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write':'only'):"unreadable").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
763	+ else
764	+ $patch_action = str_replace('1"'.$gt.$lt.'input type="submit" value="Block', '-1"'.$gt.$lt.'input type="submit" value="Unblock', $patch_action).'Currently Blocked';
765	+ } else {
766	+ if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0) && GOTMLS_file_put_contents(ABSPATH.'.htaccess', "$head$htaccess"))
767	+ $patch_action = str_replace('1"'.$gt.$lt.'input type="submit" value="Block', '-1"'.$gt.$lt.'input type="submit" value="Unblock', $patch_action).$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.' Now Blocking';
768	+ elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_XMLRPC_patching"]) && ($_POST["GOTMLS_XMLRPC_patching"] > 0))
769	+ $patch_action .= $lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.' Still Allowed: '.sprintf(__("Failed to install XMLRPC Protection (.htaccess %s)",'gotmls'),(is_readable(ABSPATH.'.htaccess')?'read-'.(is_writable(ABSPATH.'.htaccess')?'write':'only'):"unreadable").": ".strlen($htaccess).GOTMLS_fileperms(ABSPATH.'.htaccess'));
770	+ else
771	+ $patch_action .= 'Currently Allowed';
772	+ }
773	+ $patch_action .= ")$lt/b$gt$lt/p$gt".__("Most WordPress site do not use the XMLRPC features and hack attempt on the xmlrpc.php file are more common then ever before. Even if there are no vulnerabilities for hackers to exploit these attempts can cause slowness or downtime similar to a DDoS attack. This patch automatically blocks all external access to the xmlrpc.php file.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt.$lt.'hr /'.$gt;
774	+ $patch_status = 0;
775	+ $patch_found = -1;
776	+ $find = "#if\s$([^\&]+\&\&)?\sfile_exists\((.+?)(safe-load\|wp-login)\.php'$\)\s*require(_once)?$(.+?)(safe-load\|wp-login)\.php'$;#";
777	+ $head = str_replace(array('#', '\$', '\$', '(_once)?', ')\\.', '\\s*', '(.+?)(', '\|', '([^\\&]+\\&\\&)?'), array(' ', '(', ')', '_once', '.', ' ', '\''.dirname(__FILE__).'/', '/', '!in_array($_SERVER["REMOTE_ADDR"], array("'.$_SERVER["REMOTE_ADDR"].'")) &&'), $find);
778	+ if (is_file(ABSPATH.'../wp-config.php') && !is_file(ABSPATH.'wp-config.php'))
779	+ $wp_config = '../wp-config.php';
780	+ else
781	+ $wp_config = 'wp-config.php';
782	+ if (is_file(ABSPATH.$wp_config)) {
783	+ if (($config = @file_get_contents(ABSPATH.$wp_config)) && strlen($config)) {
784	+ if ($patch_found = preg_match($find, $config)) {
785	+ if (strpos($config, substr($head, strpos($head, "file_exists")))) {
786	+ if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && GOTMLS_file_put_contents(ABSPATH.$wp_config, preg_replace('#'.$lt.'\?[ph\s]+(//.\s)*\?'.$gt.'#i', "", preg_replace($find, "", $config))))
787	+ $patch_action .= $lt.'div class="error"'.$gt.__("Removed Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
788	+ else
789	+ $patch_status = 1;
790	+ } else {
791	+ if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && GOTMLS_file_put_contents(ABSPATH.$wp_config, preg_replace($find, "$head", $config))) {
792	+ $patch_action .= $lt.'div class="updated"'.$gt.__("Upgraded Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
793	+ $patch_status = 1;
794	+ } else
795	+ $patch_status = 2;
796	+ }
797	+ } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]) && strlen($config) && ($patch_found == 0) && GOTMLS_file_put_contents(ABSPATH.$wp_config, "$lt?php$head// Load Brute-Force Protection by GOTMLS.NET before the WordPress bootstrap. ?$gt$config")) {
798	+ $patch_action .= $lt.'div class="updated"'.$gt.__("Installed Brute-Force Protection",'gotmls').$lt.'/div'.$gt;
799	+ $patch_status = 1;
800	+ } elseif ($GOTMLS_nonce_found && isset($_POST["GOTMLS_patching"]))
801	+ $patch_action .= $lt.'div class="updated"'.$gt.sprintf(__("Failed to install Brute-Force Protection (wp-config.php %s)",'gotmls'),(is_readable(ABSPATH.$wp_config)?'read-'.(is_writable(ABSPATH.$wp_config)?'write':'only'):"unreadable").": ".strlen($config).GOTMLS_fileperms(ABSPATH.$wp_config)).$lt.'/div'.$gt;
802	+ } else
803	+ $patch_action .= $lt.'div class="error"'.$gt.__("wp-config.php Not Readable!",'gotmls').$lt.'/div'.$gt;
804	+ } else
805	+ $patch_action .= $lt.'div class="error"'.$gt.__("wp-config.php Not Found!",'gotmls').$lt.'/div'.$gt;
806	+ if ($GOTMLS_nonce_found && file_exists(ABSPATH.'wp-login.php') && ($login = @file_get_contents(ABSPATH.'wp-login.php')) && strlen($login) && (preg_match($find, $login))) {
807	+ if (isset($_POST["GOTMLS_patching"]) && ($source = GOTMLS_get_URL("http://core.svn.wordpress.org/tags/".$wp_version.'/wp-login.php')) && (strlen($source) > 500) && GOTMLS_file_put_contents(ABSPATH.'wp-login.php', $source))
808	+ $patch_action .= $lt.'div class="updated"'.$gt.__("Removed Old Brute-Force Login Patch",'gotmls').$lt.'/div'.$gt;
809	+ else
810	+ $patch_status = 2;
811	+ }
812	+ $sec_opts = $lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'checked.gif"'.$gt.$lt.'b'.$gt.'Revolution Slider Exploit Protection (Automatically Enabled)'.$lt.'/b'.$gt.$lt.'/p'.$gt.__("This protection is automatically activated with this plugin because of the widespread attack on WordPress that are affecting so many site right now. It is still recommended that you make sure to upgrade and older versions of the Revolution Slider plugin, especially those included in some themes that will not update automatically. Even if you do not have Revolution Slider on your site it still can't hurt to have this protection installed.",'gotmls').$lt.'/div'.$gt.$lt.'hr /'.$gt.'
813	+ '.$patch_action.'
814	+ '.$lt.'form method="POST" name="GOTMLS_Form_patch"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1223")).'"'.$gt.$lt.'input type="submit" value="'.$patch_attr[$patch_status]["action"].'" style="'.($patch_status?'"'.$gt:' display: none;" id="GOTMLS_patch_button"'.$gt.$lt.'div id="GOTMLS_patch_searching" style="float: right;"'.$gt.__("Checking for session compatibility ...",'gotmls').' '.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="Wait..." /'.$gt.$lt.'/div'.$gt).$lt.'input type="hidden" name="GOTMLS_patching" value="1"'.$gt.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.$patch_attr[$patch_status]["icon"].'.gif"'.$gt.$lt.'b'.$gt.'Brute-force Protection '.$patch_attr[$patch_status]["status"].$lt.'/b'.$gt.$lt.'/p'.$gt.$patch_attr[$patch_status]["language"].__(" For more information on Brute-Force attack prevention and the WordPress wp-login-php file ",'gotmls').' '.$lt.'a target="_blank" href="http://gotmls.net/tag/wp-login-php/"'.$gt.__("read my blog",'gotmls')."$lt/a$gt.$lt/div$gt$lt/form$gt\n{$lt}script type='text/javascript'$gt\nfunction search_patch_onload() {\n\tstopCheckingSession = checkupdateserver('".GOTMLS_images_path."gotmls.js?SESSION=0', 'GOTMLS_patch_searching');\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', search_patch_onload)\nelse\n\tdocument.attachEvent('onload', search_patch_onload);\n$lt/script$gt";
815	+ $admin_notice = "";
816	+ if ($current_user->user_login == "admin") {
817	+ if ($GOTMLS_nonce_found && isset($_POST["GOTMLS_admin_username"]) && ("admin" != trim($_POST["GOTMLS_admin_username"])) && strlen(trim($_POST["GOTMLS_admin_username"])) && preg_match('/^\s[a-z_0-9\@\.\-]{3,}\s$/i', $_POST["GOTMLS_admin_username"])) {
818	+ if ($wpdb->update($wpdb->users, array("user_login" => trim($_POST["GOTMLS_admin_username"])), array("user_login" => "admin")))
819	+ $admin_notice .= $lt.'div class="updated"'.$gt.sprintf(__("You username has been change to %s. Don't forget to use your new username when you login again.",'gotmls'), $_POST["GOTMLS_admin_username"]).$lt.'/div'.$gt;
820	+ else
821	+ $admin_notice .= $lt.'div class="updated"'.$gt.sprintf(__("SQL Error changing username: %s. Please try again later.",'gotmls'), $wpdb->last_error).$lt.'/div'.$gt;
822	+ } else {
823	+ $admin_notice .= $lt.'hr /'.$gt;
824	+ if (isset($_POST["GOTMLS_admin_username"]))
825	+ $admin_notice .= $lt.'div class="updated"'.$gt.sprintf(__("Your new username must be at least 3 characters and can only contain "%s". Please try again.",'gotmls'), "a-z0-9_.-@").$lt.'/div'.$gt;
826	+ $admin_notice .= $lt.'form method="POST" name="GOTMLS_Form_admin"'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'div style="float: left;"'.$gt.__("Change your username:",'gotmls').$lt.'/div'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1235")).'"'.$gt.$lt.'input style="float: left;" type="text" id="GOTMLS_admin_username" name="GOTMLS_admin_username" size="6" value="admin"'.$gt.$lt.'input style="float: left;" type="submit" value="Change"'.$gt.$lt.'/div'.$gt.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'p'.$gt.$lt.'img src="'.GOTMLS_images_path.'threat.gif"'.$gt.$lt.'b'.$gt.'Admin Notice'.$lt.'/b'.$gt.$lt.'/p'.$gt.__("Your username is \"admin\", this is the most commonly guessed username by hackers and brute-force scripts. It is highly recommended that you change your username immediately.",'gotmls').$lt.'/div'.$gt.$lt.'/form'.$gt;
827	+ }
828	+ }
829	+ echo GOTMLS_box(__("Firewall Options",'gotmls'), $sec_opts.$admin_notice)."\n</div></div></div>";
830	+ }
831	+
832	function GOTMLS_update_definitions() {
833	global $wp_version;
834	$GOTMLS_definitions_versions = array();

879	$gt = ">";
880	$lt = "<";
881	GOTMLS_update_definitions();
882	+ if (($GOTMLS_nonce_found = GOTMLS_get_nonce()) && isset($_REQUEST["check"]) && is_array($_REQUEST["check"]))
883	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check"] = $_REQUEST["check"];
884	/* $threat_names = array_keys($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["known"]);
885	foreach ($threat_names as $threat_name) {

959	$scan_whatopts = "\n$lt".'div style="padding: 4px 30px;" id="scan_group_div_'.$mg.'"'.$gt.$lt.'input type="radio" name="scan_what" id="not-only'.$mg.'" value="'.$mg.'"'.($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]==$mg?' checked':'').' /'.$gt.$lt.'a style="text-decoration: none;" href="#scan_what" onclick="showOnly(\''.$mg.'\');document.getElementById(\'not-only'.$mg.'\').checked=true;"'."$gt$GOTMLS_scan_group$lt/a$gt{$lt}br /$gt\n$lt".'div class="rounded-corners" style="position: absolute; display: none; background-color: #CCF; margin: 0; padding: 10px; z-index: 10;" id="only'.$mg.'"'.$gt.$lt.'div style="padding-bottom: 6px;"'.$gt.GOTMLS_close_button('only'.$mg, 0).$lt.'b'.$gt.str_replace(" ", " ", __("Only Scan These Folders:",'gotmls')).$lt.'/b'.$gt.$lt.'/div'.$gt.$scan_whatopts;
960	}
961	$scan_optjs .= "document.getElementById('only'+what).style.display = 'block';\n}".((isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"]) && $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["auto_UPDATE_definitions"])?"\nfunction auto_UPDATE_check() {\n\tif (auto_UPdef_check = document.getElementById('auto_UPDATE_definitions_check'))\n\t\tauto_UPdef_check.checked = true;\n}\nif (window.addEventListener)\n\twindow.addEventListener('load', auto_UPDATE_check)\nelse\n\tdocument.attachEvent('onload', auto_UPDATE_check);\n":"")."$lt/script$gt";
962	+ $GOTMLS_nonce_URL = GOTMLS_set_nonce(__FUNCTION__."853");
963	+ $scan_opts = "\n$lt".'form method="POST" name="GOTMLS_Form"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', $GOTMLS_nonce_URL).'"'.$gt.$lt.'input type="hidden" name="scan_type" id="scan_type" value="Complete Scan" /'.$gt.$lt.'div style="float: right;"'.$gt.$lt.'input type="submit" id="complete_scan" value="'.__("Run Complete Scan",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Complete Scan\';" /'.$gt.$lt.'/div'.$gt.'
964	'.$lt.'div style="float: left;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("What to look for:",'gotmls').$lt.'/b'.$gt.$lt.'/p'.$gt.'
965	'.$lt.'div style="padding: 0 30px;"'.$gt;
966	foreach ($GLOBALS["GOTMLS"]["tmp"]["threat_levels"] as $threat_level_name=>$threat_level) {

987	if (isset($_GET["SESSION"]) && isset($_SESSION["GOTMLS_debug"]['total'])) {$scan_opts .= $lt.'div style="float: right;"'.$gt.print_r($_SESSION["GOTMLS_debug"]['total'],1)."$lt/div$gt"; unset($_SESSION["GOTMLS_debug"]);}
988	if (isset($_GET["eli"])) {//still testing this option
989	$scan_opts .= "\n$lt".'div style="padding: 10px;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Custom RegExp:",'gotmls').$lt.'/b'.$gt.' ('.__("For very advanced users only. Do not use this without talking to Eli first. If used incorrectly you could easily break your site.",'gotmls').')'.$lt.'/p'.$gt.$lt.'input type="text" name="check_custom" style="width: 100%;" value="'.htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_custom"]).'" /'."$gt$lt/div$gt\n$lt".'div style="padding: 10px;"'.$gt.$lt.'p'.$gt.$lt.'b'.$gt.__("Custom Code to be Checked:",'gotmls').$lt.'/b'.$gt.' ('.__("For very advanced users only. If you enter anything in this box then no other files will be scanned on your site.",'gotmls').')'.$lt.'/p'.$gt.$lt.'textarea name="check_code" style="width: 100%;" rows=3'.$gt.htmlspecialchars($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["check_code"])."$lt/textarea$gt$lt/div$gt\n";
990	+ }
991	+ $QuickScan = $lt.((is_dir(dirname(__FILE__)."/../../../wp-includes") && is_dir(dirname(__FILE__)."/../../../wp-admin"))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&$GOTMLS_nonce_URL").'" class="button-primary" style="height: 22px; line-height: 13px; padding: 3px;">WP_Core</a':"!-- No wp-includes or wp-admin --").$gt;
992	+ foreach (array("Plugins", "Themes") as $ScanFolder)
993	+ $QuickScan .= ' '.$lt.((is_dir(dirname(__FILE__)."/../../../wp-content/".strtolower($ScanFolder)))?'a href="'.admin_url("admin.php?page=GOTMLS-settings&scan_type=Quick+Scan&scan_only[]=wp-content/".strtolower($ScanFolder)."&$GOTMLS_nonce_URL")."\" class=\"button-primary\" style=\"height: 22px; line-height: 13px; padding: 3px;\"$gt$ScanFolder$lt/a":"!-- No $ScanFolder in wp-content --").$gt;
994	$scan_opts .= "\n$lt".'p'.$gt.$lt.'b'.$gt.__("Skip files with the following extentions:",'gotmls')."$lt/b$gt".(($default_exclude_ext!=implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]))?" {$lt}a href=\"javascript:void(0);\" onclick=\"document.getElementById('exclude_ext').value = '$default_exclude_ext';\"{$gt}[Restore Defaults]$lt/a$gt":"").$lt.'/p'.$gt.'
995	+ '.$lt.'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a comma separated list of file extentions to skip",'gotmls').'" name="exclude_ext" id="exclude_ext" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_ext"]).'" style="width: 100%;" /'."$gt$lt/div$gt$lt".'p'.$gt.$lt.'b'.$gt.__("Skip directories with the following names:",'gotmls')."$lt/b$gt$lt/p$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="text" placeholder="'.__("a folder name or comma separated list of folder names to skip",'gotmls').'" name="exclude_dir" value="'.implode(",", $GLOBALS["GOTMLS"]["tmp"]["settings_array"]["exclude_dir"]).'" style="width: 100%;" /'.$gt.$lt.'/div'.$gt.'
996	+ '.$lt.'table style="width: 100%" cellspacing="10"'.$gt.$lt.'tr'.$gt.$lt.'td nowrap valign="top" style="white-space: nowrap; width: 1px;"'.$gt.$lt.'b'.$gt.__("Automatically Update Definitions:",'gotmls').$lt."br$gt$lt/b$gt$lt/td$gt$lt".'td'.$gt.$lt.'div id="UPDATE_definitions_div"'.$gt.$lt.'br'.$gt.$lt.'span style="color: #C00;"'.$gt.__("This new BETA feature is only available to registered users who have donated at a certain level.",'gotmls')."$lt/span$gt$lt/div$gt$lt/td$gt$lt".'td align="right" valign="bottom"'.$gt.$lt.'input type="submit" id="save_settings" value="'.__("Save Settings",'gotmls').'" class="button-primary" onclick="document.getElementById(\'scan_type\').value=\'Save\';" /'."$gt$lt/td$gt$lt/tr$gt$lt/table$gt$lt/form$gt";


997	@ob_start();
998	$OB_default_handlers = array("default output handler", "zlib output compression");
999	$OB_handlers = @ob_list_handlers();

1100	if ($MAX > 11)
1101	$fix_button_js = "";
1102	}
1103	+ $ScanSettings = $lt.'div style="float: right;"'.$gt.GOTMLS_Run_Quick_Scan_LANGUAGE.": $QuickScan$lt/div$gt".GOTMLS_Scan_Settings_LANGUAGE;
1104	echo "/--{$gt}".'/
1105	document.getElementById("status_counts").innerHTML = divHTML+"'.$lt.'/ul'.$gt.'";
1106	document.getElementById("fix_button").style.display = dis;

1110	document.getElementById("only_what").innerHTML = document.getElementById("only"+what).innerHTML;
1111	}
1112	var startTime = 0;
1113	+ '.$lt.'/script'.$gt.GOTMLS_box($ScanSettings, $scan_opts);
1114	if (isset($_REQUEST["scan_type"]) && $_REQUEST["scan_type"] == "Save") {
1115	+ if ($GOTMLS_nonce_found) {
1116	update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1117	echo "\n{$lt}script type='text/javascript'$gt\nalert('Settings Saved!');\n$lt/script$gt\n";
1118	} else
1119	echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Saving these settings requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");
1120	} elseif (isset($_REQUEST["scan_what"]) && is_numeric($_REQUEST["scan_what"]) && ($_REQUEST["scan_what"] > -1)) {
1121	+ if ($GOTMLS_nonce_found) {
1122	update_option('GOTMLS_settings_array', $GLOBALS["GOTMLS"]["tmp"]["settings_array"]);
1123	if (!isset($_REQUEST["scan_type"]))
1124	$_REQUEST["scan_type"] = "Complete Scan";

1132	echo $lt.'input type="hidden" name="'.$name.'" value="'.htmlspecialchars($value).'"'.$gt;
1133	}
1134	}
1135	+ echo "\n$lt".'script type="text/javascript"'.$gt.'showhide("inside_'.md5($ScanSettings).'");'.$lt.'/script'.$gt.GOTMLS_box(htmlentities($_REQUEST["scan_type"]).' Status', $lt.'div id="status_text"'.$gt.$lt.'img src="'.GOTMLS_images_path.'wait.gif" height=16 width=16 alt="..."'.$gt.' '.GOTMLS_Loading_LANGUAGE.$lt.'/div'.$gt.$lt.'div id="status_bar"'.$gt.$lt.'/div'.$gt.$lt.'p id="pause_button" style="display: none; position: absolute; left: 0; text-align: center; margin-left: -30px; padding-left: 50%;"'.$gt.$lt.'input type="button" value="Pause" class="button-primary" onclick="pauseresume(this);" id="resume_button" /'.$gt.$lt.'/p'.$gt.$lt.'div id="status_counts"'.$gt.$lt.'/div'.$gt.$lt.'p id="fix_button" style="display: none; text-align: center;"'.$gt.$lt.'input id="repair_button" type="submit" value="'.GOTMLS_Automatically_Fix_LANGUAGE.'" class="button-primary" onclick="loadIframe(\'Examine Results\');" /'.$gt.$lt.'/p'.$gt);
1136	$scan_groups_UL = "";
1137	foreach ($scan_groups as $scan_name => $scan_group)
1138	$scan_groups_UL .= "\n{$lt}ul name=\"found_$scan_group\" id=\"found_$scan_group\" class=\"GOTMLS_plugin $scan_group\" style=\"background-color: #ccc; display: none; padding: 0;\"$gt{$lt}a class=\"rounded-corners\" name=\"link_$scan_group\" style=\"float: right; padding: 0 4px; margin: 5px 5px 0 30px; line-height: 16px; text-decoration: none; color: #C00; background-color: #FCC; border: solid #F00 1px;\" href=\"#found_top\" onclick=\"showhide('found_$scan_group');\"{$gt}X$lt/a$gt{$lt}h3$gt$scan_name$lt/h3$gt\n".($scan_group=='potential'?$lt.'p'.$gt.'   * '.__("NOTE: These are probably not malicious scripts (but it's a good place to start looking <u>IF</u> your site is infected and no Known Threats were found).",'gotmls').$lt.'/p'.$gt:($scan_group=='wp_core'?$lt.'p'.$gt.'   * '.sprintf(__("NOTE: We have detected changes to the WordPress Core files on your site. This could be an intentional modification or the malicious work of a hacker. We can restore these files to their original state to preserve the integrity of your original WordPress %s installation.",'gotmls'), $wp_version).' (for more info '.$lt.'a target="_blank" href="http://gotmls.net/tag/wp-core-files/"'.$gt.__("read my blog",'gotmls').$lt.'/a'.$gt.').'.$lt.'/p'.$gt:$lt.'br /'.$gt)).$lt.'/ul'.$gt;

1230	echo "/--{$gt}"."/\n$lt/script$gt";
1231	} else
1232	echo GOTMLS_box(GOTMLS_Invalid_Nonce(""), __("Starting a Complete Scan requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above.",'gotmls')."\n{$lt}script type='text/javascript'$gt\nalert('".GOTMLS_Invalid_Nonce("")."');\n$lt/script$gt\n");





































































































1233	}
1234	echo "\n$lt/div$gt$lt/div$gt$lt/div$gt";
1235	}

languages/gotmls.pot CHANGED Viewed

	@@ -8,7 +8,7 @@ msgid ""
8	msgstr ""
9	"Project-Id-Version: GOTMLS\n"
10	"Report-Msgid-Bugs-To: eli@gotmls.net\n"
11	- "POT-Creation-Date: 2015-11-19 16:28-1000\n"
12	"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
13	"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
14	"Language-Team: LANGUAGE <LL@li.org>\n"
	@@ -17,597 +17,597 @@ msgstr ""
17	"Content-Type: text/plain; charset=UTF-8\n"
18	"Content-Transfer-Encoding: 8bit\n"
19
20	- #: index.php:88
21	msgid "Getting Started"
22	msgstr ""
23
24	- #: index.php:89
25	msgid "Make sure the Definition Updates are current and Run a Complete Scan."
26	msgstr ""
27
28	- #: index.php:89
29	#, php-format
30	msgid "If Known Threats are found and displayed in red then there will be a button to '%s'. If only Potentional Threats are found then there is no automatic fix because those are probably not malicious."
31	msgstr ""
32
33	- #: index.php:89
34	msgid "A backup of the original infected files are placed in the Quarantine in case you need to restore them or just want to look at them later. You can delete these files if you don't want to save more."
35	msgstr ""
36
37	- #: index.php:95
38	msgid "FAQs"
39	msgstr ""
40
41	- #: index.php:~~100~~
42	msgid "Main Menu Item placed at the <b>Top</b>"
43	msgstr ""
44
45	- #: index.php:~~100~~
46	msgid "Main Menu Item placed at the <b>Bottom</b>"
47	msgstr ""
48
49	- #: index.php:~~102~~
50	msgid "Main Menu Item placed below <b>Comments</b> and above <b>Appearance</b>"
51	msgstr ""
52
53	- #: index.php:~~102~~
54	msgid "Main Menu Item placed below <b>Settings</b>"
55	msgstr ""
56
57	- #: index.php:~~103~~
58	msgid "Menu Item Placement Options"
59	msgstr ""
60
61	- #: index.php:~~108~~
62	msgid "Menu Placement"
63	msgstr ""
64
65	- #: index.php:~~127~~
66	msgid "Tested your site. It appears we didn't break anything"
67	msgstr ""
68
69	- #: index.php:~~136~~
70	#, php-format
71	msgid "Upgrade to %s now!"
72	msgstr ""
73
74	- #: index.php:~~141~~
75	msgid "Searching for updates ..."
76	msgstr ""
77
78	- #: index.php:~~196~~
79	msgid "If this is taking too long, click here."
80	msgstr ""
81
82	- #: index.php:~~274~~
83	msgid "No response from server!"
84	msgstr ""
85
86	- #: index.php:~~370~~
87	msgid "Updates & Registration"
88	msgstr ""
89
90	- #: index.php:~~373~~
91	msgid "Get FREE Key!"
92	msgstr ""
93
94	- #: index.php:~~378~~
95	msgid "Download new definitions!"
96	msgstr ""
97
98	- #: index.php:~~381~~
99	msgid "<p>Get instant access to definition updates.</p>"
100	msgstr ""
101
102	- #: index.php:~~382~~
103	msgid "If you have not already registered your Key then register now using the form below.<br />* All registration fields are required<br />** I will NOT share your information."
104	msgstr ""
105
106	- #: index.php:~~384~~
107	msgid "Your Full Name:"
108	msgstr ""
109
110	- #: index.php:~~388~~
111	msgid "A password will be e-mailed to this address:"
112	msgstr ""
113
114	- #: index.php:~~391~~
115	msgid "Your WordPress Site URL:"
116	msgstr ""
117
118	- #: index.php:~~394~~
119	msgid "Plugin Installation Key:"
120	msgstr ""
121
122	- #: index.php:~~411~~
123	msgid "Please make a donation for the use of this wonderful feature!"
124	msgstr ""
125
126	- #: index.php:~~417~~
127	msgid "First Name is a required field!"
128	msgstr ""
129
130	- #: index.php:~~419~~
131	msgid "Last Name is a required field!"
132	msgstr ""
133
134	- #: index.php:~~421~~
135	msgid "Email Address is a required field!"
136	msgstr ""
137
138	- #: index.php:~~429~~
139	msgid "Your WordPress Site URL is a required field!"
140	msgstr ""
141
142	- #: index.php:~~431~~
143	msgid "Plugin Installation Key is a required field!"
144	msgstr ""
145
146	- #: index.php:~~436~~
147	msgid "Submitting Registration ..."
148	msgstr ""
149
150	- #: index.php:~~457~~
151	msgid "Resources & Links"
152	msgstr ""
153
154	- #: index.php:~~480~~
155	msgid "Make a Donation with PayPal"
156	msgstr ""
157
158	- #: index.php:~~496~~
159	msgid "Last Scan Status"
160	msgstr ""
161
162	- #: index.php:~~555~~
163	#, php-format
164	msgid "Cleared %s records from this log."
165	msgstr ""
166
167	- #: index.php:~~597~~
168	msgid "No Scans have been logged"
169	msgstr ""
170
171	- #: index.php:~~604~~
172	msgid "Globally White-listed files"
173	msgstr ""
174
175	- #: index.php:~~604~~
176	msgid "# of patterns"
177	msgstr ""
178
179	- #: index.php:~~604~~
180	msgid "Date Updated"
181	msgstr ""
182
183	- #: index.php:~~614~~
184	msgid "WordPress Core files"
185	msgstr ""
186
187	- #: index.php:~~614~~
188	msgid "# of files"
189	msgstr ""
190
191	- #: index.php:~~688~~
192	msgid "You have old Quarantined files in the uploads directory on your server. The new quarantine is in your WordPress Database. You need to import these files into your database where they will be safer or just delete the quarantine folder inside /wp-content/uploads/ if you would rather just delete them."
193	msgstr ""
194
195	- #: index.php:~~695~~
196	msgid "Restore selected files"
197	msgstr ""
198
199	- #: index.php:~~695~~
200	msgid "Are you sure you want to overwrite the previously cleaned files with the selected files in the Quarantine?"
201	msgstr ""
202
203	- #: index.php:~~695~~
204	msgid "Delete selected files"
205	msgstr ""
206
207	- #: index.php:~~695~~
208	msgid "Are you sure you want to permanently delete the selected files in the Quarantine?"
209	msgstr ""
210
211	- #: index.php:~~695~~
212	msgid "The following items have been found to contain malicious code, they have been cleaned, and the original infected file contents have been saved here in the Quarantine. The code is safe here and you do not need to do anything further with these files."
213	msgstr ""
214
215	- #: index.php:~~696~~
216	#, php-format
217	msgid "Check all %d"
218	msgstr ""
219
220	- #: index.php:~~696~~
221	msgid " Items in Quarantine"
222	msgstr ""
223
224	- #: index.php:~~696~~
225	msgid "Quarantined"
226	msgstr ""
227
228	- #: index.php:~~696~~
229	msgid "Date Infected"
230	msgstr ""
231
232	- #: index.php:~~701~~
233	msgid "View Quarantined File"
234	msgstr ""
235
236	- #: index.php:~~708~~
237	msgid "No Items in Quarantine"
238	msgstr ""
239
240	- #: index.php:~~713~~
241	#, php-format
242	msgid "Clear %s Deleted Files from the Trash"
243	msgstr ""
244
245	- #: index.php:~~719~~
246	msgid "White-lists"
247	msgstr ""
248
249	- #: index.php:~~722~~
250	msgid "Quarantine"
251	msgstr ""
252
253	- #: index.php:~~726~~
254	msgid "Scan Logs"
255	msgstr ""
256
257	- #: index.php:~~856~~
258	- msgid "~~Only~~ ~~Scan~~ These ~~Folders:~~"
259	msgstr ""
260
261	- #: index.php:~~860~~
262	- msgid "~~What~~ to ~~look~~ ~~for:~~"
263	msgstr ""
264
265	- #: index.php:~~875~~
266	- msgid "~~Download~~ ~~Definition~~ ~~Updates~~ to ~~Use~~ this ~~feature~~"
267	msgstr ""
268
269	- #: index.php:~~875~~
270	- msgid "~~Download~~ ~~the~~ ~~new~~ ~~definitions (Right sidebar) to activate this feature.~~"
271	msgstr ""
272
273	- #: index.php:~~879~~
274	- ~~msgid~~ ~~"What to scan~~:"

275	msgstr ""
276
277	- #: index.php:~~881~~
278	- ~~msgid~~ ~~"Scan Depth~~:"

279	msgstr ""
280
281	- #: index.php:~~882~~
282	- ~~msgid~~ ~~"how far to drill down"~~

283	msgstr ""
284
285	- #: index.php:~~882~~
286	- ~~msgid~~ "-~~1 is infinite depth"~~

287	msgstr ""
288
289	- #: index.php:~~885~~
290	- msgid "~~Custom~~ ~~RegExp:~~"
291	msgstr ""
292
293	- #: index.php:~~885~~
294	- msgid "~~For~~ ~~very~~ ~~advanced users only. Do not use this without talking to Eli first. If used incorrectly you could easily break your site.~~"
295	msgstr ""
296
297	- #: index.php:~~885~~
298	- msgid "~~Custom~~ ~~Code~~ ~~to be Checked:~~"
299	msgstr ""
300
301	- #: index.php:~~885~~
302	- msgid "~~For~~ ~~very~~ ~~advanced users only. If you enter anything in this box then no other files will be scanned on your site.~~"
303	msgstr ""
304
305	- #: index.php:~~887~~
306	- ~~msgid~~ ~~"Skip files with the following extentions:"~~

307	msgstr ""
308
309	- #: index.php:~~888~~
310	- msgid "a ~~comma~~ ~~separated list of file extentions to skip~~"
311	msgstr ""
312
313	- #: index.php:~~889~~
314	- msgid "~~Skip~~ ~~directories~~ ~~with the following names:~~"
315	msgstr ""
316
317	- #: index.php:~~890~~
318	- msgid "a ~~folder~~ ~~name~~ or ~~comma separated list of folder names to skip~~"
319	msgstr ""
320
321	- #: index.php:~~891~~
322	- msgid "~~Automatically~~ ~~Update~~ ~~Definitions:~~"
323	msgstr ""
324
325	- #: index.php:~~891~~
326	- msgid "~~This~~ ~~new~~ ~~BETA~~ ~~feature~~ ~~is only available to registered users who have donated at a certain level.~~"
327	msgstr ""
328
329	- #: index.php:~~891~~
330	- msgid "~~Save~~ ~~Settings~~"
331	msgstr ""
332
333	- #: index.php:~~891~~
334	- ~~msgid~~ ~~"Run Complete Scan"~~

335	msgstr ""
336
337	- #: index.php:~~898~~
338	#, php-format
339	- msgid "~~Another~~ ~~Plugin~~ or ~~Theme~~ is ~~using~~ '%s~~' to handle output buffers~~. ~~<br~~ ~~/>This~~ ~~prevents~~ ~~actively~~ ~~outputing~~ ~~the~~ ~~buffer~~ ~~on-the-fly~~ ~~and~~ ~~will~~ ~~severely degrade the performance of this (and many other) Plugins~~. ~~<br />Consider disabling caching and compression plugins (at least during the scanning process).~~"
340	msgstr ""
341
342	- #: index.php:~~900~~
343	- ~~msgid~~ ~~"Scanned Files"~~

344	msgstr ""
345
346	- #: index.php:~~900~~
347	- ~~msgid~~ ~~"Selected Folders"~~

348	msgstr ""
349
350	- #: index.php:~~900~~
351	- msgid "~~Scanned~~ ~~Folders~~"
352	msgstr ""
353
354	- #: index.php:~~900~~
355	- msgid "~~Skipped~~ ~~Folders~~"
356	msgstr ""
357
358	- #: index.php:~~900~~
359	- msgid "~~Skipped~~ ~~Files~~"
360	msgstr ""
361
362	- #: index.php:~~900~~
363	- msgid "~~Read/Write~~ ~~Errors~~"
364	msgstr ""
365
366	- #: index.php:~~900~~
367	- msgid "~~Quarantined~~ ~~Files~~"
368	msgstr ""
369
370	- #: index.php:~~912~~
371	- #: ~~images/index.php~~:32
372	- msgid "Potential Threats"
373	msgstr ""
374
375	- #: index.php:~~912~~
376	- msgid "~~WP-Login~~ Updates"
377	msgstr ""
378
379	- #: index.php:~~944~~
380	- msgid "~~Scan~~ ~~Complete!~~"
381	msgstr ""
382
383	- #: index.php:~~989~~
384	- msgid "~~You~~ ~~are~~ ~~not currently scanning for this type of threat!~~"
385	msgstr ""
386
387	- #: index.php:~~1013~~
388	- msgid "~~Saving~~ these settings requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above."
389	msgstr ""
390
391	- #: index.php:~~1032~~
392	- msgid "~~NOTE:~~ ~~These~~ ~~are probably not malicious scripts (but it's a good place~~ to ~~start~~ ~~looking <u>IF</u> your site is infected and no Known Threats were found).~~"
393	msgstr ""
394
395	- #: index.php:~~1032~~
396	- #, ~~php~~-~~format~~
397	- msgid "NOTE: We have detected changes to the WordPress Core files on your site. This could be an intentional modification or the malicious work of a hacker. We can restore these files to their original state to preserve the integrity of your original WordPress %s installation."
398	msgstr ""
399
400	- #: index.php:~~1032~~
401	- #: ~~index.php~~:~~1212~~
402	- msgid "read my blog"
403	msgstr ""
404
405	- #: index.php:~~1035~~
406	- msgid "~~Scan~~ ~~Details:~~"
407	msgstr ""
408
409	- #: index.php:~~1036~~
410	- #, ~~php-format~~
411	- msgid "Not flushing OB Handlers: %s"
412	msgstr ""
413
414	- #: index.php:~~1055~~
415	- msgid "~~The~~ ~~Quick~~ ~~Scan~~ ~~was~~ ~~unable to finish because of a shortage of memory or a problem accessing a file~~. ~~Please~~ ~~try~~ ~~using~~ ~~the~~ ~~Complete~~ ~~Scan,~~ it is ~~slower~~ ~~but~~ it will ~~handle~~ ~~these~~ ~~errors~~ ~~better~~ ~~and continue scanning the rest of the files~~."
416	msgstr ""
417
418	- #: index.php:~~1073~~
419	- msgid "~~Completed!~~"
420	msgstr ""
421
422	- #: index.php:~~1075~~
423	- msgid "~~Starting~~ ~~Scan~~ ~~...~~"
424	msgstr ""
425
426	- #: index.php:~~1126~~
427	- msgid "~~Starting~~ a ~~Complete~~ ~~Scan requires a valid Nonce Token. No valid Nonce Token was found at this time, either because~~ the ~~token~~ ~~have expired or because the data was invalid. Please try re-submitting the form above.~~"
428	msgstr ""
429
430	- #: index.php:~~1131~~
431	- msgid "~~Your WordPress Login page is susceptible to~~ a ~~brute-force~~ ~~attack~~ ~~(just~~ ~~like~~ ~~any~~ ~~other~~ ~~login page). These types~~ of ~~attacks~~ ~~are~~ ~~becoming more prevalent these days and can sometimes cause your server~~ to become slow or unresponsive, even if the attacks do not succeed in gaining access to your site. Applying this patch will block access to the WordPress Login page whenever this type of attack is detected."
432	msgstr ""
433
434	- #: index.php:~~1136~~
435	- msgid "~~Your~~ ~~WordPress~~ ~~site has the current version of my brute-force Login protection installed.~~"
436	msgstr ""
437
438	- #: index.php:~~1142~~
439	- msgid "~~Your~~ ~~WordPress~~ ~~Login~~ ~~page~~ ~~has~~ ~~the~~ ~~old~~ ~~version of my brute-force protection installed. Upgrade this patch~~ to ~~improve~~ ~~the~~ ~~protection~~ on ~~the~~ ~~WordPress~~ ~~Login~~ ~~page~~ ~~and preserve the integrity of your WordPress core files~~."
440	msgstr ""
441
442	- #: index.php:~~1148~~
443	- msgid "~~Checking~~ ~~.htaccess file ...~~"
444	msgstr ""
445
446	- #: index.php:~~1148~~
447	- #: ~~images/index.~~php~~:71~~
448	- msgid "~~You~~ ~~must~~ ~~register~~ ~~and~~ ~~donate~~ to ~~use~~ this ~~feature!~~"
449	msgstr ""
450
451	- #: index.php:~~1148~~
452	- #: ~~images/index.php:71~~
453	- msgid "This feature is available to those who have donated!"
454	msgstr ""
455
456	- #: index.php:~~1160~~
457	- #, ~~php-format~~
458	- msgid "Failed to remove XMLRPC Protection (.htaccess %s)"
459	msgstr ""
460
461	- #: index.php:~~1167~~
462	- #, ~~php-format~~
463	- msgid "Failed to install XMLRPC Protection (.htaccess %s)"
464	msgstr ""
465
466	- #: index.php:~~1171~~
467	- msgid "~~Most~~ WordPress site do not use the XMLRPC features and hack attempt on the xmlrpc.php file are more common then ever before. Even if there are no vulnerabilities for hackers to exploit these attempts can cause slowness or downtime similar to a DDoS attack. This patch automatically blocks all external access to the xmlrpc.php file."
468	msgstr ""
469
470	- #: index.php:~~1185~~
471	- msgid "~~Removed~~ ~~Brute-Force Protection~~"
472	msgstr ""
473
474	- #: index.php:~~1190~~
475	- msgid "~~Upgraded~~ ~~Brute-Force Protection~~"
476	msgstr ""
477
478	- #: index.php:~~1196~~
479	- msgid "~~Installed~~ ~~Brute-Force Protection~~"
480	msgstr ""
481
482	- #: index.php:~~1199~~
483	- #, php~~-format~~
484	- msgid "~~Failed~~ ~~to install Brute-Force Protection (wp-config.php %s)~~"
485	msgstr ""
486
487	- #: index.php:~~1201~~
488	- msgid "wp-~~config.php~~ ~~Not Readable!~~"
489	msgstr ""
490
491	- #: index.php:~~1203~~
492	- msgid "~~wp-config.php~~ ~~Not Found~~!"
493	msgstr ""
494
495	- #: index.php:~~1206~~
496	- msgid "~~Removed~~ ~~Old~~ ~~Brute-Force~~ ~~Login~~ ~~Patch~~"
497	msgstr ""
498
499	- #: index.php:~~1210~~
500	- msgid "~~This~~ ~~protection~~ is ~~automatically~~ ~~activated~~ ~~with~~ ~~this~~ ~~plugin because of the widespread attack on WordPress that are affecting so many site right now~~. It is ~~still~~ ~~recommended~~ ~~that~~ ~~you~~ ~~make~~ ~~sure~~ to ~~upgrade~~ ~~and~~ ~~older versions of~~ the ~~Revolution~~ ~~Slider~~ ~~plugin,~~ ~~especially~~ ~~those~~ ~~included~~ in ~~some~~ ~~themes that will not update automatically~~. ~~Even~~ if ~~you~~ do ~~not~~ ~~have Revolution Slider on your site it still can't hurt to have this protection installed~~."
501	msgstr ""
502
503	- #: index.php:~~1212~~
504	- msgid "~~Checking~~ ~~for~~ ~~session~~ ~~compatibility~~ ~~...~~"
505	msgstr ""
506
507	- #: index.php:~~1212~~
508	- ~~msgid~~ ~~" For more information on Brute~~-~~Force attack prevention and the WordPress wp-login-php file "~~

509	msgstr ""
510
511	- #: index.php:~~1217~~
512	- #, ~~php-format~~
513	- msgid "You username has been change to %s. Don't forget to use your new username when you login again."
514	msgstr ""
515
516	- #: index.php:~~1219~~
517	#, php-format
518	- msgid "~~SQL~~ ~~Error~~ ~~changing~~ ~~username~~: %s~~. Please try again later.~~"
519	msgstr ""
520
521	- #: index.php:~~1223~~
522	- #, ~~php-format~~
523	- msgid "Your new username must be at least 3 characters and can only contain "%s". Please try again."
524	msgstr ""
525
526	- #: index.php:~~1224~~
527	- msgid "~~Change your username:~~"
528	msgstr ""
529
530	- #: index.php:~~1224~~
531	- msgid "~~Your~~ ~~username~~ ~~is \~~"~~admin\", this is the most commonly guessed username by hackers and brute-force scripts. It is highly recommended that you change your username immediately."~~
532	msgstr ""
533
534	- #: index.php:~~1227~~
535	- msgid "~~Firewall~~ ~~Options~~"
536	msgstr ""
537
538	- #: index.php:~~1315~~
539	msgid "Default position"
540	msgstr ""
541
542	- #: index.php:~~1337~~
543	msgid "New position"
544	msgstr ""
545
546	- #: index.php:~~1341~~
547	msgid "saved."
548	msgstr ""
549
550	- #: index.php:~~1355~~
551	msgid "Failed to empty the trash."
552	msgstr ""
553
554	- #: index.php:~~1408~~
555	- #: index.php:~~1444~~
556	- #: index.php:~~1446~~
557	msgid "Done!"
558	msgstr ""
559
560	- #: index.php:~~1411~~
561	msgid "Failed to delete!"
562	msgstr ""
563
564	- #: index.php:~~1419~~
565	msgid "Complete!"
566	msgstr ""
567
568	- #: index.php:~~1422~~
569	msgid "Restore Failed!"
570	msgstr ""
571
572	- #: index.php:~~1438~~
573	msgid "File "
574	msgstr ""
575
576	- #: index.php:~~1442~~
577	#, php-format
578	msgid "Because some changes were made we need to check to make sure it did not break your site. If this stays Red and the frame below does not load please <a %s>revert the changes</a> made during this automated fix process."
579	msgstr ""
580
581	- #: index.php:~~1442~~
582	msgid "Never mind, it worked!"
583	msgstr ""
584
585	- #: index.php:~~1444~~
586	msgid "Nothing Selected to be Changed!"
587	msgstr ""
588
589	- #: index.php:~~1513~~
590	msgid "Are you sure you want to delete this file from the quarantine?"
591	msgstr ""
592
593	- #: index.php:~~1513~~
594	msgid "File Details:"
595	msgstr ""
596
597	- #: index.php:~~1515~~
598	msgid "This file no longer exists in the quarantine."
599	msgstr ""
600
601	- #: index.php:~~1532~~
602	#, php-format
603	msgid "The file %s does not exist, it must have already been deleted."
604	msgstr ""
605
606	- #: index.php:~~1574~~
607	msgid "Are you sure this file is not infected and you want to ignore it in future scans?"
608	msgstr ""
609
610	- #: index.php:~~1574~~
611	msgid "Potential threats in file:"
612	msgstr ""
613


8	msgstr ""
9	"Project-Id-Version: GOTMLS\n"
10	"Report-Msgid-Bugs-To: eli@gotmls.net\n"
11	+ "POT-Creation-Date: 2015-12-12 09:04-1000\n"
12	"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
13	"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
14	"Language-Team: LANGUAGE <LL@li.org>\n"

17	"Content-Type: text/plain; charset=UTF-8\n"
18	"Content-Transfer-Encoding: 8bit\n"
19
20	+ #: index.php:83
21	msgid "Getting Started"
22	msgstr ""
23
24	+ #: index.php:84
25	msgid "Make sure the Definition Updates are current and Run a Complete Scan."
26	msgstr ""
27
28	+ #: index.php:84
29	#, php-format
30	msgid "If Known Threats are found and displayed in red then there will be a button to '%s'. If only Potentional Threats are found then there is no automatic fix because those are probably not malicious."
31	msgstr ""
32
33	+ #: index.php:84
34	msgid "A backup of the original infected files are placed in the Quarantine in case you need to restore them or just want to look at them later. You can delete these files if you don't want to save more."
35	msgstr ""
36
37	+ #: index.php:90
38	msgid "FAQs"
39	msgstr ""
40
41	+ #: index.php:95
42	msgid "Main Menu Item placed at the <b>Top</b>"
43	msgstr ""
44
45	+ #: index.php:95
46	msgid "Main Menu Item placed at the <b>Bottom</b>"
47	msgstr ""
48
49	+ #: index.php:97
50	msgid "Main Menu Item placed below <b>Comments</b> and above <b>Appearance</b>"
51	msgstr ""
52
53	+ #: index.php:97
54	msgid "Main Menu Item placed below <b>Settings</b>"
55	msgstr ""
56
57	+ #: index.php:98
58	msgid "Menu Item Placement Options"
59	msgstr ""
60
61	+ #: index.php:103
62	msgid "Menu Placement"
63	msgstr ""
64
65	+ #: index.php:122
66	msgid "Tested your site. It appears we didn't break anything"
67	msgstr ""
68
69	+ #: index.php:131
70	#, php-format
71	msgid "Upgrade to %s now!"
72	msgstr ""
73
74	+ #: index.php:136
75	msgid "Searching for updates ..."
76	msgstr ""
77
78	+ #: index.php:191
79	msgid "If this is taking too long, click here."
80	msgstr ""
81
82	+ #: index.php:269
83	msgid "No response from server!"
84	msgstr ""
85
86	+ #: index.php:365
87	msgid "Updates & Registration"
88	msgstr ""
89
90	+ #: index.php:368
91	msgid "Get FREE Key!"
92	msgstr ""
93
94	+ #: index.php:373
95	msgid "Download new definitions!"
96	msgstr ""
97
98	+ #: index.php:376
99	msgid "<p>Get instant access to definition updates.</p>"
100	msgstr ""
101
102	+ #: index.php:377
103	msgid "If you have not already registered your Key then register now using the form below.<br />* All registration fields are required<br />** I will NOT share your information."
104	msgstr ""
105
106	+ #: index.php:379
107	msgid "Your Full Name:"
108	msgstr ""
109
110	+ #: index.php:383
111	msgid "A password will be e-mailed to this address:"
112	msgstr ""
113
114	+ #: index.php:386
115	msgid "Your WordPress Site URL:"
116	msgstr ""
117
118	+ #: index.php:389
119	msgid "Plugin Installation Key:"
120	msgstr ""
121
122	+ #: index.php:406
123	msgid "Please make a donation for the use of this wonderful feature!"
124	msgstr ""
125
126	+ #: index.php:412
127	msgid "First Name is a required field!"
128	msgstr ""
129
130	+ #: index.php:414
131	msgid "Last Name is a required field!"
132	msgstr ""
133
134	+ #: index.php:416
135	msgid "Email Address is a required field!"
136	msgstr ""
137
138	+ #: index.php:424
139	msgid "Your WordPress Site URL is a required field!"
140	msgstr ""
141
142	+ #: index.php:426
143	msgid "Plugin Installation Key is a required field!"
144	msgstr ""
145
146	+ #: index.php:431
147	msgid "Submitting Registration ..."
148	msgstr ""
149
150	+ #: index.php:452
151	msgid "Resources & Links"
152	msgstr ""
153
154	+ #: index.php:475
155	msgid "Make a Donation with PayPal"
156	msgstr ""
157
158	+ #: index.php:491
159	msgid "Last Scan Status"
160	msgstr ""
161
162	+ #: index.php:550
163	#, php-format
164	msgid "Cleared %s records from this log."
165	msgstr ""
166
167	+ #: index.php:592
168	msgid "No Scans have been logged"
169	msgstr ""
170
171	+ #: index.php:599
172	msgid "Globally White-listed files"
173	msgstr ""
174
175	+ #: index.php:599
176	msgid "# of patterns"
177	msgstr ""
178
179	+ #: index.php:599
180	msgid "Date Updated"
181	msgstr ""
182
183	+ #: index.php:609
184	msgid "WordPress Core files"
185	msgstr ""
186
187	+ #: index.php:609
188	msgid "# of files"
189	msgstr ""
190
191	+ #: index.php:683
192	msgid "You have old Quarantined files in the uploads directory on your server. The new quarantine is in your WordPress Database. You need to import these files into your database where they will be safer or just delete the quarantine folder inside /wp-content/uploads/ if you would rather just delete them."
193	msgstr ""
194
195	+ #: index.php:690
196	msgid "Restore selected files"
197	msgstr ""
198
199	+ #: index.php:690
200	msgid "Are you sure you want to overwrite the previously cleaned files with the selected files in the Quarantine?"
201	msgstr ""
202
203	+ #: index.php:690
204	msgid "Delete selected files"
205	msgstr ""
206
207	+ #: index.php:690
208	msgid "Are you sure you want to permanently delete the selected files in the Quarantine?"
209	msgstr ""
210
211	+ #: index.php:690
212	msgid "The following items have been found to contain malicious code, they have been cleaned, and the original infected file contents have been saved here in the Quarantine. The code is safe here and you do not need to do anything further with these files."
213	msgstr ""
214
215	+ #: index.php:691
216	#, php-format
217	msgid "Check all %d"
218	msgstr ""
219
220	+ #: index.php:691
221	msgid " Items in Quarantine"
222	msgstr ""
223
224	+ #: index.php:691
225	msgid "Quarantined"
226	msgstr ""
227
228	+ #: index.php:691
229	msgid "Date Infected"
230	msgstr ""
231
232	+ #: index.php:696
233	msgid "View Quarantined File"
234	msgstr ""
235
236	+ #: index.php:703
237	msgid "No Items in Quarantine"
238	msgstr ""
239
240	+ #: index.php:708
241	#, php-format
242	msgid "Clear %s Deleted Files from the Trash"
243	msgstr ""
244
245	+ #: index.php:714
246	msgid "White-lists"
247	msgstr ""
248
249	+ #: index.php:717
250	msgid "Quarantine"
251	msgstr ""
252
253	+ #: index.php:721
254	msgid "Scan Logs"
255	msgstr ""
256
257	+ #: index.php:733
258	+ msgid "Your WordPress Login page is susceptible to a brute-force attack (just like any other login page). These types of attacks are becoming more prevalent these days and can sometimes cause your server to become slow or unresponsive, even if the attacks do not succeed in gaining access to your site. Applying this patch will block access to the WordPress Login page whenever this type of attack is detected."
259	msgstr ""
260
261	+ #: index.php:738
262	+ msgid "Your WordPress site has the current version of my brute-force Login protection installed."
263	msgstr ""
264
265	+ #: index.php:744
266	+ msgid "Your WordPress Login page has the old version of my brute-force protection installed. Upgrade this patch to improve the protection on the WordPress Login page and preserve the integrity of your WordPress core files."
267	msgstr ""
268
269	+ #: index.php:750
270	+ msgid "Checking .htaccess file ..."
271	msgstr ""
272
273	+ #: index.php:750
274	+ #: images/index.php:71
275	+ msgid "You must register and donate to use this feature!"
276	msgstr ""
277
278	+ #: index.php:750
279	+ #: images/index.php:71
280	+ msgid "This feature is available to those who have donated!"
281	msgstr ""
282
283	+ #: index.php:762
284	+ #, php-format
285	+ msgid "Failed to remove XMLRPC Protection (.htaccess %s)"
286	msgstr ""
287
288	+ #: index.php:769
289	+ #, php-format
290	+ msgid "Failed to install XMLRPC Protection (.htaccess %s)"
291	msgstr ""
292
293	+ #: index.php:773
294	+ msgid "Most WordPress site do not use the XMLRPC features and hack attempt on the xmlrpc.php file are more common then ever before. Even if there are no vulnerabilities for hackers to exploit these attempts can cause slowness or downtime similar to a DDoS attack. This patch automatically blocks all external access to the xmlrpc.php file."
295	msgstr ""
296
297	+ #: index.php:787
298	+ msgid "Removed Brute-Force Protection"
299	msgstr ""
300
301	+ #: index.php:792
302	+ msgid "Upgraded Brute-Force Protection"
303	msgstr ""
304
305	+ #: index.php:798
306	+ msgid "Installed Brute-Force Protection"
307	msgstr ""
308
309	+ #: index.php:801
310	+ #, php-format
311	+ msgid "Failed to install Brute-Force Protection (wp-config.php %s)"
312	msgstr ""
313
314	+ #: index.php:803
315	+ msgid "wp-config.php Not Readable!"
316	msgstr ""
317
318	+ #: index.php:805
319	+ msgid "wp-config.php Not Found!"
320	msgstr ""
321
322	+ #: index.php:808
323	+ msgid "Removed Old Brute-Force Login Patch"
324	msgstr ""
325
326	+ #: index.php:812
327	+ msgid "This protection is automatically activated with this plugin because of the widespread attack on WordPress that are affecting so many site right now. It is still recommended that you make sure to upgrade and older versions of the Revolution Slider plugin, especially those included in some themes that will not update automatically. Even if you do not have Revolution Slider on your site it still can't hurt to have this protection installed."
328	msgstr ""
329
330	+ #: index.php:814
331	+ msgid "Checking for session compatibility ..."
332	msgstr ""
333
334	+ #: index.php:814
335	+ msgid " For more information on Brute-Force attack prevention and the WordPress wp-login-php file "
336	msgstr ""
337
338	+ #: index.php:814
339	+ #: index.php:1138
340	+ msgid "read my blog"
341	msgstr ""
342
343	+ #: index.php:819
344	#, php-format
345	+ msgid "You username has been change to %s. Don't forget to use your new username when you login again."
346	msgstr ""
347
348	+ #: index.php:821
349	+ #, php-format
350	+ msgid "SQL Error changing username: %s. Please try again later."
351	msgstr ""
352
353	+ #: index.php:825
354	+ #, php-format
355	+ msgid "Your new username must be at least 3 characters and can only contain "%s". Please try again."
356	msgstr ""
357
358	+ #: index.php:826
359	+ msgid "Change your username:"
360	msgstr ""
361
362	+ #: index.php:826
363	+ msgid "Your username is \"admin\", this is the most commonly guessed username by hackers and brute-force scripts. It is highly recommended that you change your username immediately."
364	msgstr ""
365
366	+ #: index.php:829
367	+ msgid "Firewall Options"
368	msgstr ""
369
370	+ #: index.php:959
371	+ msgid "Only Scan These Folders:"
372	msgstr ""
373
374	+ #: index.php:963
375	+ msgid "Run Complete Scan"
376	msgstr ""
377
378	+ #: index.php:964
379	+ msgid "What to look for:"

380	msgstr ""
381
382	+ #: index.php:979
383	+ msgid "Download Definition Updates to Use this feature"
384	msgstr ""
385
386	+ #: index.php:979
387	+ msgid "Download the new definitions (Right sidebar) to activate this feature."
388	msgstr ""
389
390	+ #: index.php:983
391	+ msgid "What to scan:"
392	msgstr ""
393
394	+ #: index.php:985
395	+ msgid "Scan Depth:"
396	msgstr ""
397
398	+ #: index.php:986
399	+ msgid "how far to drill down"
400	msgstr ""
401
402	+ #: index.php:986
403	+ msgid "-1 is infinite depth"

404	msgstr ""
405
406	+ #: index.php:989
407	+ msgid "Custom RegExp:"

408	msgstr ""
409
410	+ #: index.php:989
411	+ msgid "For very advanced users only. Do not use this without talking to Eli first. If used incorrectly you could easily break your site."
412	msgstr ""
413
414	+ #: index.php:989
415	+ msgid "Custom Code to be Checked:"

416	msgstr ""
417
418	+ #: index.php:989
419	+ msgid "For very advanced users only. If you enter anything in this box then no other files will be scanned on your site."
420	msgstr ""
421
422	+ #: index.php:994
423	+ msgid "Skip files with the following extentions:"
424	msgstr ""
425
426	+ #: index.php:995
427	+ msgid "a comma separated list of file extentions to skip"
428	msgstr ""
429
430	+ #: index.php:995
431	+ msgid "Skip directories with the following names:"
432	msgstr ""
433
434	+ #: index.php:995
435	+ msgid "a folder name or comma separated list of folder names to skip"
436	msgstr ""
437
438	+ #: index.php:996
439	+ msgid "Automatically Update Definitions:"
440	msgstr ""
441
442	+ #: index.php:996
443	+ msgid "This new BETA feature is only available to registered users who have donated at a certain level."
444	msgstr ""
445
446	+ #: index.php:996
447	+ msgid "Save Settings"
448	msgstr ""
449
450	+ #: index.php:1003
451	+ #, php-format
452	+ msgid "Another Plugin or Theme is using '%s' to handle output buffers. <br />This prevents actively outputing the buffer on-the-fly and will severely degrade the performance of this (and many other) Plugins. <br />Consider disabling caching and compression plugins (at least during the scanning process)."
453	msgstr ""
454
455	+ #: index.php:1005
456	+ msgid "Scanned Files"

457	msgstr ""
458
459	+ #: index.php:1005
460	+ msgid "Selected Folders"

461	msgstr ""
462
463	+ #: index.php:1005
464	+ msgid "Scanned Folders"

465	msgstr ""
466
467	+ #: index.php:1005
468	+ msgid "Skipped Folders"
469	msgstr ""
470
471	+ #: index.php:1005
472	+ msgid "Skipped Files"
473	msgstr ""
474
475	+ #: index.php:1005
476	+ msgid "Read/Write Errors"
477	msgstr ""
478
479	+ #: index.php:1005
480	+ msgid "Quarantined Files"
481	msgstr ""
482
483	+ #: index.php:1017
484	+ #: images/index.php:32
485	+ msgid "Potential Threats"
486	msgstr ""
487
488	+ #: index.php:1017
489	+ msgid "WP-Login Updates"
490	msgstr ""
491
492	+ #: index.php:1049
493	+ msgid "Scan Complete!"
494	msgstr ""
495
496	+ #: index.php:1094
497	+ msgid "You are not currently scanning for this type of threat!"
498	msgstr ""
499
500	+ #: index.php:1119
501	+ msgid "Saving these settings requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above."
502	msgstr ""
503
504	+ #: index.php:1138
505	+ msgid "NOTE: These are probably not malicious scripts (but it's a good place to start looking <u>IF</u> your site is infected and no Known Threats were found)."
506	msgstr ""
507
508	+ #: index.php:1138
509	+ #, php-format
510	+ msgid "NOTE: We have detected changes to the WordPress Core files on your site. This could be an intentional modification or the malicious work of a hacker. We can restore these files to their original state to preserve the integrity of your original WordPress %s installation."
511	msgstr ""
512
513	+ #: index.php:1141
514	+ msgid "Scan Details:"

515	msgstr ""
516
517	+ #: index.php:1142
518	#, php-format
519	+ msgid "Not flushing OB Handlers: %s"
520	msgstr ""
521
522	+ #: index.php:1161
523	+ msgid "The Quick Scan was unable to finish because of a shortage of memory or a problem accessing a file. Please try using the Complete Scan, it is slower but it will handle these errors better and continue scanning the rest of the files."

524	msgstr ""
525
526	+ #: index.php:1179
527	+ msgid "Completed!"
528	msgstr ""
529
530	+ #: index.php:1181
531	+ msgid "Starting Scan ..."
532	msgstr ""
533
534	+ #: index.php:1232
535	+ msgid "Starting a Complete Scan requires a valid Nonce Token. No valid Nonce Token was found at this time, either because the token have expired or because the data was invalid. Please try re-submitting the form above."
536	msgstr ""
537
538	+ #: index.php:1320
539	msgid "Default position"
540	msgstr ""
541
542	+ #: index.php:1342
543	msgid "New position"
544	msgstr ""
545
546	+ #: index.php:1346
547	msgid "saved."
548	msgstr ""
549
550	+ #: index.php:1360
551	msgid "Failed to empty the trash."
552	msgstr ""
553
554	+ #: index.php:1413
555	+ #: index.php:1449
556	+ #: index.php:1451
557	msgid "Done!"
558	msgstr ""
559
560	+ #: index.php:1416
561	msgid "Failed to delete!"
562	msgstr ""
563
564	+ #: index.php:1424
565	msgid "Complete!"
566	msgstr ""
567
568	+ #: index.php:1427
569	msgid "Restore Failed!"
570	msgstr ""
571
572	+ #: index.php:1443
573	msgid "File "
574	msgstr ""
575
576	+ #: index.php:1447
577	#, php-format
578	msgid "Because some changes were made we need to check to make sure it did not break your site. If this stays Red and the frame below does not load please <a %s>revert the changes</a> made during this automated fix process."
579	msgstr ""
580
581	+ #: index.php:1447
582	msgid "Never mind, it worked!"
583	msgstr ""
584
585	+ #: index.php:1449
586	msgid "Nothing Selected to be Changed!"
587	msgstr ""
588
589	+ #: index.php:1518
590	msgid "Are you sure you want to delete this file from the quarantine?"
591	msgstr ""
592
593	+ #: index.php:1518
594	msgid "File Details:"
595	msgstr ""
596
597	+ #: index.php:1520
598	msgid "This file no longer exists in the quarantine."
599	msgstr ""
600
601	+ #: index.php:1537
602	#, php-format
603	msgid "The file %s does not exist, it must have already been deleted."
604	msgstr ""
605
606	+ #: index.php:1579
607	msgid "Are you sure this file is not infected and you want to ignore it in future scans?"
608	msgstr ""
609
610	+ #: index.php:1579
611	msgid "Potential threats in file:"
612	msgstr ""
613

readme.txt CHANGED Viewed

	@@ -4,11 +4,11 @@ Author: Eli Scheetz
4	Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
5	Contributors: scheeeli, gotmls
6	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
7	- Tags: ~~anti-malware~~, firewall, ~~security~~, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8	- Version: 4.15.46
9	- Stable tag: 4.15.46
10	Requires at least: 3.3
11	- Tested up to: 4.~~3.1~~
12
13	This Anti-Malware scanner searches for Malware, Viruses, and other security threats and vulnerabilities on your server and it helps you fix them.
14
	@@ -16,24 +16,22 @@ This Anti-Malware scanner searches for Malware, Viruses, and other security thre
16
17	Features:
18
19	- * ~~Automatically~~ remove ~~Known~~ ~~Threats~~ and ~~Back-doors~~.
20	- * ~~Automatically~~ block SoakSoak and other malware from exploiting ~~the~~ Revolution Slider ~~Vulnerability~~.
21	* Upgrade vulnerable versions of timthumb scripts.
22	- * Run a Quick Scan from the admin menu.
23	- * Run a Complete Scan from the Settings Page.
24	* Download Definition Updates to protect against new threats.
25
26	Premium Features:
27
28	- * Patch wp-login to block Brute-Force attacks.
29	* Check the integrity of your WordPress Core files.
30	- * Automatically ~~Download~~ Definition Updates ~~When~~ running a Complete Scan.
31
32	- Updated ~~November~~ ~~19th~~
33
34	Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
35
36	- NOTICE: This plugin make ~~use~~ of a ~~"phone home" feature~~ to check for updates. ~~This is~~ not unlike what WordPress ~~already~~ does ~~with~~ ~~all~~ your plugins. Staying up-to-date is an essential part of any ~~worthwhile~~ security plugin and it ~~will~~ let you know when there are new plugin and definition update available. If you're allergic to "phone home" scripts then don't use this plugin (or WordPress at all for that matter).
37
38	Special thanks to:
39
	@@ -45,7 +43,7 @@ NOTICE: This plugin make use of a "phone home" feature to check for updates. Thi
45
46	1. Download and unzip the plugin into your WordPress plugins directory (usually `/wp-content/plugins/`).
47	1. Activate the plugin through the 'Plugins' menu in your WordPress Admin.
48	- 1. Register on gotmls.net and download the newest definition ~~update~~ to scan for Known Threats.
49
50	== Frequently Asked Questions ==
51
	@@ -95,6 +93,10 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
95
96	== Changelog ==
97




98	= 4.15.46 =
99	* Fixed PHP Warning about in_array function expecting parameter 2 to be an array, found by Georgey B.
100	* Made a few minor cosmetic changes and fixed a few other small bugs in the interface.
	@@ -379,6 +381,9 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
379
380	== Upgrade Notice ==
381



382	= 4.15.46 =
383	Made a few minor cosmetic changes and fixed a few small bugs including a PHP Warning about in_array function expecting parameter 2 to be an array.
384


4	Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
5	Contributors: scheeeli, gotmls
6	Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
7	+ Tags: security, firewall, anti-malware, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8	+ Version: 4.15.49
9	+ Stable tag: 4.15.49
10	Requires at least: 3.3
11	+ Tested up to: 4.4
12
13	This Anti-Malware scanner searches for Malware, Viruses, and other security threats and vulnerabilities on your server and it helps you fix them.
14

16
17	Features:
18
19	+ * Run a Complete Scan to automatically remove known security threats and backdoor scripts.
20	+ * Firewall block SoakSoak and other malware from exploiting Revolution Slider and other plugins from known vulnerabilites.
21	* Upgrade vulnerable versions of timthumb scripts.


22	* Download Definition Updates to protect against new threats.
23
24	Premium Features:
25
26	+ * Patch your wp-login and XMLRPC to block Brute-Force and DDoS attacks.
27	* Check the integrity of your WordPress Core files.
28	+ * Automatically download new Definition Updates when running a Complete Scan.
29
30	+ Updated December 11th
31
32	Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
33
34	+ NOTICE: This plugin make call to GOTMLS.NET to check for updates not unlike what WordPress does when checking your plugins and themes for new versions. Staying up-to-date is an essential part of any security plugin and this plugin can let you know when there are new plugin and definition update available. If you're allergic to "phone home" scripts then don't use this plugin (or WordPress at all for that matter).
35
36	Special thanks to:
37

43
44	1. Download and unzip the plugin into your WordPress plugins directory (usually `/wp-content/plugins/`).
45	1. Activate the plugin through the 'Plugins' menu in your WordPress Admin.
46	+ 1. Register on gotmls.net and download the newest definition updates to scan for Known Threats.
47
48	== Frequently Asked Questions ==
49

93
94	== Changelog ==
95
96	+ = 4.15.49 =
97	+ * Moved the Firewall Options to it's own page linked to from the admin menu.
98	+ * Moved the Quick Scan from the admin menu to the top of the Scan Settings page.
99	+
100	= 4.15.46 =
101	* Fixed PHP Warning about in_array function expecting parameter 2 to be an array, found by Georgey B.
102	* Made a few minor cosmetic changes and fixed a few other small bugs in the interface.

381
382	== Upgrade Notice ==
383
384	+ = 4.15.49 =
385	+ Moved the Firewall Options to it's own page and moved the Quick Scan to the top of the Scan Settings page.
386	+
387	= 4.15.46 =
388	Made a few minor cosmetic changes and fixed a few small bugs including a PHP Warning about in_array function expecting parameter 2 to be an array.
389

Anti-Malware Security and Brute-Force Firewall - Version 4.15.49

Version Description

Release Info

Code changes from version 4.15.46 to 4.15.49