Anti-Malware Security and Brute-Force Firewall - Version 4.16.39

Version Description

Fixed PHP Notice about an array to string conversion with some rare global variable conditions.

Download this release

Release Info

Developer scheeeli
Plugin Icon 128x128 Anti-Malware Security and Brute-Force Firewall
Version 4.16.39
Comparing to
See all releases

Code changes from version 4.16.38 to 4.16.39

Files changed (3) hide show
  1. images/index.php +3 -3
  2. index.php +1 -1
  3. readme.txt +9 -127
images/index.php CHANGED
@@ -186,15 +186,15 @@ $GOTMLS_dirs_at_depth = array();
186
  $GLOBAL_STRING = array("REQUEST" => "&","SERVER" => "&","FILES" => "&");
187
  if (isset($_REQUEST) && is_array($_REQUEST))
188
  foreach ($_REQUEST as $req => $val)
189
- $GLOBAL_STRING["REQUEST"] .= "$req=$val&";
190
  if (isset($_SERVER) && is_array($_SERVER))
191
  foreach ($_SERVER as $req => $val)
192
- $GLOBAL_STRING["SERVER"] .= "$req=$val&";
193
  if (isset($_FILES) && is_array($_FILES))
194
  foreach ($_FILES as $req => $fila)
195
  foreach (array("tmp_name","name") as $val)
196
  if (isset($fila["$val"]))
197
- $GLOBAL_STRING["FILES"] .= "$req.$val=".$fila["$val"]."&";
198
  if (!(isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]) && array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"])))
199
  $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"] = array(
200
  "RevSlider"=>array("CCIGG", __("Revolution Slider Exploit Protection",'gotmls'), __("This protection is automatically activated because of the widespread attacks on WordPress that have affected so many sites. It is still recommended that you make sure to upgrade any older versions of the Revolution Slider plugin, especially those included in themes that will not update automatically. Even if you don't think you have Revolution Slider on your site it doen't hurt to have this protection enabled.",'gotmls'), array('/\/admin-ajax\.php/i' => "SERVER", '/\&img=[^\&]*(?<!\.'.implode(')(?<!\.', array_slice($GLOBALS["GOTMLS"]["tmp"]["skip_ext"], 0, 10)).')\&/i' => "REQUEST")),
186
  $GLOBAL_STRING = array("REQUEST" => "&","SERVER" => "&","FILES" => "&");
187
  if (isset($_REQUEST) && is_array($_REQUEST))
188
  foreach ($_REQUEST as $req => $val)
189
+ $GLOBAL_STRING["REQUEST"] .= "$req=".(is_array($val)?print_r($val,1):$val)."&";
190
  if (isset($_SERVER) && is_array($_SERVER))
191
  foreach ($_SERVER as $req => $val)
192
+ $GLOBAL_STRING["SERVER"] .= "$req=".(is_array($val)?print_r($val,1):$val)."&";
193
  if (isset($_FILES) && is_array($_FILES))
194
  foreach ($_FILES as $req => $fila)
195
  foreach (array("tmp_name","name") as $val)
196
  if (isset($fila["$val"]))
197
+ $GLOBAL_STRING["FILES"] .= "$req.$val=".(is_array($fila["$val"])?print_r($fila["$val"],1):$fila["$val"])."&";
198
  if (!(isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"]) && array($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"])))
199
  $GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["firewall"] = array(
200
  "RevSlider"=>array("CCIGG", __("Revolution Slider Exploit Protection",'gotmls'), __("This protection is automatically activated because of the widespread attacks on WordPress that have affected so many sites. It is still recommended that you make sure to upgrade any older versions of the Revolution Slider plugin, especially those included in themes that will not update automatically. Even if you don't think you have Revolution Slider on your site it doen't hurt to have this protection enabled.",'gotmls'), array('/\/admin-ajax\.php/i' => "SERVER", '/\&img=[^\&]*(?<!\.'.implode(')(?<!\.', array_slice($GLOBALS["GOTMLS"]["tmp"]["skip_ext"], 0, 10)).')\&/i' => "REQUEST")),
index.php CHANGED
@@ -8,7 +8,7 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
8
  Contributors: scheeeli, gotmls
9
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
10
  Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11
- Version: 4.16.38
12
  */
13
  if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
14
  include(dirname(__FILE__)."/safe-load/index.php");
8
  Contributors: scheeeli, gotmls
9
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
10
  Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11
+ Version: 4.16.39
12
  */
13
  if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
14
  include(dirname(__FILE__)."/safe-load/index.php");
readme.txt CHANGED
@@ -5,8 +5,8 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
5
  Contributors: scheeeli, gotmls
6
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
7
  Tags: security, firewall, anti-malware, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8
- Version: 4.16.38
9
- Stable tag: 4.16.38
10
  Requires at least: 3.3
11
  Tested up to: 4.6.1
12
 
@@ -27,7 +27,7 @@ This Anti-Malware scanner searches for Malware, Viruses, and other security thre
27
  * Check the integrity of your WordPress Core files.
28
  * Automatically download new Definition Updates when running a Complete Scan.
29
 
30
- Updated September 14th
31
 
32
  Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
33
 
@@ -301,100 +301,45 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
301
 
302
  = 1.3.02.15 =
303
  * Improved security on the Quarantine directory to fix the 500 error on some servers.
304
-
305
- = 1.2.12.31 =
306
  * Fixed count of Quarantined items.
307
  * Added htaccess security to the Uploads directory.
308
-
309
- = 1.2.12.30 =
310
- * Fixed progress bar bug in the last release.
311
  * Linked the Quarantined items to the File Examiner.
312
-
313
- = 1.2.12.29 =
314
- * Brought back the TimThumb and htaccess scan categories.
315
  * Added a scan category for Backdoor Scripts.
316
-
317
- = 1.2.12.14 =
318
- * Fixed bugs in the last release.
319
-
320
- = 1.2.12.12 =
321
  * Consolidated the Definition Types and added a Whitelist category.
322
  * Completely redesigned the Definition Updates to handle incremental updates.
323
  * Added "View Quarantine" to the menu.
324
-
325
- = 1.2.11.15 =
326
  * Enhanced Output Buffer to work with compression enabled (like ob_gzhandler).
327
  * Moved the quarantine to the uploads directory to protect against blanket inclusion.
328
-
329
- = 1.2.10.31 =
330
  * Fixed Output Buffer issue for when ob_start has already been called.
331
-
332
- = 1.2.10.27 =
333
  * Enhanced the Automatic Fix process to handle bad directory permissions.
334
  * Added more detailed error messages for different types of file errors.
335
- * Fixed calculation for Time Remaining on the Progress Bar.
336
-
337
- = 1.2.10.16 =
338
- * Re-calibrated the Progress Bar on the Quick Scan.
339
  * Improved overall error handling.
340
  * Minor UI enhancements and a few bug fixes.
341
-
342
- = 1.2.10.05 =
343
  * Completely revamped the scan engine to handle large file systems with better error handling.
344
  * Enhanced the results for the Automatic Fix process.
345
  * Fixed a few other small bugs.
346
-
347
- = 1.2.09.22 =
348
  * Enhanced the iFrame for the File Viewer and Automatic Fix process.
349
  * Improved error handling during the scan.
350
- * Fixed update checker script.
351
-
352
- = 1.2.09.15 =
353
- * Fixed major bug in unregistered scan definition interpretation that causes many false positives.
354
  * Moved the File Viewer and Automatic Fix process into an iFrame to decrease scan time and memory usage.
355
  * Enhanced the Automatic Fix process for better success with read-only files.
356
  * Improved code cleanup process and general efficiency of the scan.
357
-
358
- = 1.2.08.31 =
359
  * Encoded definition update for better compatibility with some servers that have post limitation.
360
- * Improved the code cleanup expression that is applied after removal of known threats.
361
-
362
- = 1.2.07.29 =
363
- * Fixed return URL on Donate form.
364
-
365
- = 1.2.07.20 =
366
  * Fixed XSS vulnerability.
367
-
368
- = 1.2.05.20 =
369
  * Changed registration to allow for multiple sites/keys to be registered under one user/email.
370
-
371
- = 1.2.05.04 =
372
- * Fixed "Invalid Threat level" Error on default values for pre-registration scans.
373
  * Changed auto-update path to update threat level array for all new definition updates.
374
-
375
- = 1.2.04.24 =
376
- * Fixed auto-update script to update scan level even if there is no new definitions.
377
-
378
- = 1.2.04.09 =
379
- * Added more info about registration to the readme file.
380
  * Updated timthumb replacement patch to version 2.8.10 per WordPress.org plugins requirement.
381
- * Fixed menu option placement to work just as well as a sub-menu under tools.
382
-
383
- = 1.2.04.08 =
384
  * Fixed option to exclude directories so that the scan would not get stuck if omitted.
385
  * Added support for winblows servers using BACKSLASH directory structures.
386
- * Added option to exclude directories.
387
  * Changed definition updates to write to the DB instead of a file.
388
- * Added better messages about available updates.
389
-
390
- = 1.2.03.28 =
391
- * Fixed registration form and some of the links on the settings page.
392
 
393
  = 1.2.03.23 =
394
- * First BETA versions available for WordPress.
395
 
396
  == Upgrade Notice ==
397
 
 
 
 
398
  = 4.16.38 =
399
  Added more firewall options, moved Scan Log from to the main Setings page, and fixed PHP Warning about an invalid argument and some other bugs too.
400
 
@@ -546,70 +491,7 @@ Fixed a major bug in yesterdays release broke the login page on some sites.
546
  Added a patch for the wp-login.php brute force attack and fixed a few other small bugs.
547
 
548
  = 1.3.02.15 =
549
- Improved security on the Quarantine directory to fix the 500 error on some servers.
550
-
551
- = 1.2.12.31 =
552
- Fixed count of Quarantined items and added htaccess security to the Uploads directory.
553
-
554
- = 1.2.12.30 =
555
- Fixed progress bar bug and linked the Quarantined items to the File Examiner.
556
-
557
- = 1.2.12.29 =
558
- Brought back the TimThumb and htaccess scan categories and added a category for Backdoor Scripts.
559
-
560
- = 1.2.12.14 =
561
- Fixed bugs in the last release.
562
-
563
- = 1.2.12.12 =
564
- BETA Release: Consolidated Definition Types and completely redesigned the Definition Updates.
565
-
566
- = 1.2.11.15 =
567
- Enhanced Output Buffer to work with compression enabled and moved the quarantine.
568
-
569
- = 1.2.10.31 =
570
- Fixed Output Buffer issue for when ob_start has already been called.
571
-
572
- = 1.2.10.27 =
573
- Enhanced the Automatic Fix to handle bad directory permissions, added more detailed error messages, and fixed calculation for Time Remaining.
574
-
575
- = 1.2.10.16 =
576
- Re-calibrated the Progress Bar, improved error handling, and fixed a few minor bugs.
577
-
578
- = 1.2.10.05 =
579
- Completely revamped the scan engine, enhanced the Automatic Fix results, and fixed a few other small bugs.
580
-
581
- = 1.2.09.22 =
582
- Enhanced the iFrame for the File Viewer and Automatic Fix process and improved error handling.
583
-
584
- = 1.2.09.15 =
585
- Fixed major bug in unregistered scan definition interpretation and moved the File Viewer and Automatic Fix into an iFrame for efficiency and enhanced for better success with read-only files.
586
-
587
- = 1.2.08.31 =
588
- Encoded definition update to broaden server compatibility and improved the code cleanup expression after threat removal.
589
-
590
- = 1.2.07.29 =
591
- Fixed return URL on Donate form.
592
-
593
- = 1.2.07.20 =
594
- Fixed XSS vulnerability.
595
-
596
- = 1.2.05.20 =
597
- Changed registration to allow for multiple sites/keys to be registered under one user/email.
598
-
599
- = 1.2.05.04 =
600
- Fixed Threat Level error and changed auto-update path to update threat level array for all new definition updates.
601
-
602
- = 1.2.04.24 =
603
- Fixed auto-update script to update scan level even if there is no new definitions.
604
-
605
- = 1.2.04.09 =
606
- Added more info about registration to the readme file, Updated timthumb replacement patch to version 2.8.10, and fixed menu option placement.
607
-
608
- = 1.2.04.08 =
609
- Fixed option to exclude directories, added support for winblows servers using BACKSLASHES, changed definition updates to write to the DB instead of a file, and added better messages about available updates.
610
-
611
- = 1.2.03.28 =
612
- Fixed registration form and some of the links on the settings page.
613
 
614
  = 1.2.03.23 =
615
- First BETA versions available for WordPress.
5
  Contributors: scheeeli, gotmls
6
  Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
7
  Tags: security, firewall, anti-malware, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8
+ Version: 4.16.39
9
+ Stable tag: 4.16.39
10
  Requires at least: 3.3
11
  Tested up to: 4.6.1
12
 
27
  * Check the integrity of your WordPress Core files.
28
  * Automatically download new Definition Updates when running a Complete Scan.
29
 
30
+ Updated September 16th
31
 
32
  Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
33
 
301
 
302
  = 1.3.02.15 =
303
  * Improved security on the Quarantine directory to fix the 500 error on some servers.
 
 
304
  * Fixed count of Quarantined items.
305
  * Added htaccess security to the Uploads directory.
 
 
 
306
  * Linked the Quarantined items to the File Examiner.
 
 
 
307
  * Added a scan category for Backdoor Scripts.
 
 
 
 
 
308
  * Consolidated the Definition Types and added a Whitelist category.
309
  * Completely redesigned the Definition Updates to handle incremental updates.
310
  * Added "View Quarantine" to the menu.
 
 
311
  * Enhanced Output Buffer to work with compression enabled (like ob_gzhandler).
312
  * Moved the quarantine to the uploads directory to protect against blanket inclusion.
 
 
313
  * Fixed Output Buffer issue for when ob_start has already been called.
 
 
314
  * Enhanced the Automatic Fix process to handle bad directory permissions.
315
  * Added more detailed error messages for different types of file errors.
 
 
 
 
316
  * Improved overall error handling.
317
  * Minor UI enhancements and a few bug fixes.
 
 
318
  * Completely revamped the scan engine to handle large file systems with better error handling.
319
  * Enhanced the results for the Automatic Fix process.
320
  * Fixed a few other small bugs.
 
 
321
  * Enhanced the iFrame for the File Viewer and Automatic Fix process.
322
  * Improved error handling during the scan.
 
 
 
 
323
  * Moved the File Viewer and Automatic Fix process into an iFrame to decrease scan time and memory usage.
324
  * Enhanced the Automatic Fix process for better success with read-only files.
325
  * Improved code cleanup process and general efficiency of the scan.
 
 
326
  * Encoded definition update for better compatibility with some servers that have post limitation.
 
 
 
 
 
 
327
  * Fixed XSS vulnerability.
 
 
328
  * Changed registration to allow for multiple sites/keys to be registered under one user/email.
 
 
 
329
  * Changed auto-update path to update threat level array for all new definition updates.
 
 
 
 
 
 
330
  * Updated timthumb replacement patch to version 2.8.10 per WordPress.org plugins requirement.
 
 
 
331
  * Fixed option to exclude directories so that the scan would not get stuck if omitted.
332
  * Added support for winblows servers using BACKSLASH directory structures.
 
333
  * Changed definition updates to write to the DB instead of a file.
 
 
 
 
334
 
335
  = 1.2.03.23 =
336
+ * First versions available for WordPress (code removed, no longer compatible).
337
 
338
  == Upgrade Notice ==
339
 
340
+ = 4.16.39 =
341
+ Fixed PHP Notice about an array to string conversion with some rare global variable conditions.
342
+
343
  = 4.16.38 =
344
  Added more firewall options, moved Scan Log from to the main Setings page, and fixed PHP Warning about an invalid argument and some other bugs too.
345
 
491
  Added a patch for the wp-login.php brute force attack and fixed a few other small bugs.
492
 
493
  = 1.3.02.15 =
494
+ Improved security on the Quarantine directory to fix the 500 error on some servers (Plus many other improvement from v1.2: see Changelog for details)
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
495
 
496
  = 1.2.03.23 =
497
+ First versions available for WordPress (code removed, no longer compatible).