Version Description
- Fixed syntax error in the XMLRPC patch for newer versions of Apache.
Download this release
Release Info
Developer | scheeeli |
Plugin | Anti-Malware Security and Brute-Force Firewall |
Version | 4.16.49 |
Comparing to | |
See all releases |
Code changes from version 4.16.48 to 4.16.49
- index.php +20 -10
- readme.txt +10 -4
index.php
CHANGED
@@ -8,7 +8,7 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
|
|
8 |
Contributors: scheeeli, gotmls
|
9 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
10 |
Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
|
11 |
-
Version: 4.16.
|
12 |
*/
|
13 |
if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
|
14 |
include(dirname(__FILE__)."/safe-load/index.php");
|
@@ -743,19 +743,29 @@ function GOTMLS_Firewall_Options() {
|
|
743 |
)
|
744 |
);
|
745 |
$find = '|<Files[^>]+xmlrpc.php>(.+?)</Files>\s*(# END GOTMLS Patch to Block XMLRPC Access\s*)*|is';
|
746 |
-
$deny = "\norder deny,allow\ndeny from all";
|
747 |
-
$allow = "
|
748 |
-
if (
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
749 |
$errdiv = "<!-- ".$GLOBALS["GOTMLS"]["tmp"]["apache"][0]." -->";
|
750 |
-
|
751 |
-
$deny = "\nRequire";
|
752 |
-
$allow = "";
|
753 |
-
}
|
754 |
-
} else
|
755 |
$errdiv = "<div class='error'>Unable to read Apache Version, this patch may not work!</div>";
|
756 |
$patch_action = $lt.'form method="POST" name="GOTMLS_Form_XMLRPC_patch"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1159")).'"'.$gt.$lt.'script'.$gt."\nfunction setFirewall(opt, val) {\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_opt'))\n\t\tautoUpdateDownloadGIF.value = opt;\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_val'))\n\t\tautoUpdateDownloadGIF.value = val;\n}\nfunction testComplete() {\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_XMLRPC_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("You must register and donate to use this feature!",'gotmls')."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("This feature is available to those who have donated!",'gotmls')."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_XMLRPC_patch_searching');\n\tshowhide('GOTMLS_XMLRPC_patch_button', true);\n}\n}\nwindow.onload=testComplete;\n$lt/script$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="hidden" name="GOTMLS_XMLRPC_patching" value="';
|
757 |
$patch_found = false;
|
758 |
-
$head = str_replace(array('|<Files[^>]+', '(.+?)', '\\s*(', '\\s*)*|is'), array("<Files ", $deny
|
759 |
$htaccess = "";
|
760 |
if (is_file(ABSPATH.'.htaccess'))
|
761 |
if (($htaccess = @file_get_contents(ABSPATH.'.htaccess')) && strlen($htaccess))
|
8 |
Contributors: scheeeli, gotmls
|
9 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
10 |
Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
|
11 |
+
Version: 4.16.49
|
12 |
*/
|
13 |
if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)))
|
14 |
include(dirname(__FILE__)."/safe-load/index.php");
|
743 |
)
|
744 |
);
|
745 |
$find = '|<Files[^>]+xmlrpc.php>(.+?)</Files>\s*(# END GOTMLS Patch to Block XMLRPC Access\s*)*|is';
|
746 |
+
$deny = "\n<IfModule !mod_authz_core.c>\norder deny,allow\ndeny from all";
|
747 |
+
$allow = "";
|
748 |
+
if (isset($_SERVER["REMOTE_ADDR"])) {
|
749 |
+
$deny .= "\nallow from ".$_SERVER["REMOTE_ADDR"];
|
750 |
+
$allow .= " ".$_SERVER["REMOTE_ADDR"];
|
751 |
+
}
|
752 |
+
if (isset($_SERVER["SERVER_ADDR"])) {
|
753 |
+
$deny .= "\nallow from ".$_SERVER["SERVER_ADDR"];
|
754 |
+
$allow .= " ".$_SERVER["SERVER_ADDR"];
|
755 |
+
}
|
756 |
+
$deny .= "\n</IfModule>\n<IfModule mod_authz_core.c>\nRequire";
|
757 |
+
if (strlen(trim($allow)) > 0)
|
758 |
+
$deny .= " ip$allow";
|
759 |
+
else
|
760 |
+
$deny .= " all denied";
|
761 |
+
$deny .= "\n</IfModule>";
|
762 |
+
if (count($GLOBALS["GOTMLS"]["tmp"]["apache"]) > 1)
|
763 |
$errdiv = "<!-- ".$GLOBALS["GOTMLS"]["tmp"]["apache"][0]." -->";
|
764 |
+
else
|
|
|
|
|
|
|
|
|
765 |
$errdiv = "<div class='error'>Unable to read Apache Version, this patch may not work!</div>";
|
766 |
$patch_action = $lt.'form method="POST" name="GOTMLS_Form_XMLRPC_patch"'.$gt.$lt.'input type="hidden" name="'.str_replace('=', '" value="', GOTMLS_set_nonce(__FUNCTION__."1159")).'"'.$gt.$lt.'script'.$gt."\nfunction setFirewall(opt, val) {\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_opt'))\n\t\tautoUpdateDownloadGIF.value = opt;\n\tif (autoUpdateDownloadGIF = document.getElementById('fw_val'))\n\t\tautoUpdateDownloadGIF.value = val;\n}\nfunction testComplete() {\nif (autoUpdateDownloadGIF = document.getElementById('autoUpdateDownload'))\n\tdonationAmount = autoUpdateDownloadGIF.src.replace(/^.+\?/,'');\nif ((autoUpdateDownloadGIF.src == donationAmount) || donationAmount=='0') {\n\tif (patch_searching_div = document.getElementById('GOTMLS_XMLRPC_patch_searching')) {\n\t\tif (autoUpdateDownloadGIF.src == donationAmount)\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("You must register and donate to use this feature!",'gotmls')."</span>';\n\t\telse\n\t\t\tpatch_searching_div.innerHTML = '<span style=\"color: #F00;\">".__("This feature is available to those who have donated!",'gotmls')."</span>';\n\t}\n} else {\n\tshowhide('GOTMLS_XMLRPC_patch_searching');\n\tshowhide('GOTMLS_XMLRPC_patch_button', true);\n}\n}\nwindow.onload=testComplete;\n$lt/script$gt$lt".'div style="padding: 0 30px;"'.$gt.$lt.'input type="hidden" name="GOTMLS_XMLRPC_patching" value="';
|
767 |
$patch_found = false;
|
768 |
+
$head = str_replace(array('|<Files[^>]+', '(.+?)', '\\s*(', '\\s*)*|is'), array("<Files ", "$deny\n", "\n", "\n"), $find);
|
769 |
$htaccess = "";
|
770 |
if (is_file(ABSPATH.'.htaccess'))
|
771 |
if (($htaccess = @file_get_contents(ABSPATH.'.htaccess')) && strlen($htaccess))
|
readme.txt
CHANGED
@@ -5,10 +5,10 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
|
|
5 |
Contributors: scheeeli, gotmls
|
6 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
7 |
Tags: security, firewall, anti-malware, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
|
8 |
-
Version: 4.16.
|
9 |
-
Stable tag: 4.16.
|
10 |
Requires at least: 3.3
|
11 |
-
Tested up to: 4.7
|
12 |
|
13 |
This Anti-Malware scanner searches for Malware, Viruses, and other security threats and vulnerabilities on your server and it helps you fix them.
|
14 |
|
@@ -27,7 +27,7 @@ This Anti-Malware scanner searches for Malware, Viruses, and other security thre
|
|
27 |
* Check the integrity of your WordPress Core files.
|
28 |
* Automatically download new Definition Updates when running a Complete Scan.
|
29 |
|
30 |
-
Updated January
|
31 |
|
32 |
Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
|
33 |
|
@@ -93,6 +93,9 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
|
|
93 |
|
94 |
== Changelog ==
|
95 |
|
|
|
|
|
|
|
96 |
= 4.16.48 =
|
97 |
* Added fall-back to manual updates if the Automatic update feature fails.
|
98 |
* Fixed PHP Notices about undefined variable added in last Version release.
|
@@ -351,6 +354,9 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
|
|
351 |
|
352 |
== Upgrade Notice ==
|
353 |
|
|
|
|
|
|
|
354 |
= 4.16.48 =
|
355 |
Added fall-back to manual updates if the Automatic update feature fails, fixed PHP Notices and improved Apache version detection.
|
356 |
|
5 |
Contributors: scheeeli, gotmls
|
6 |
Donate link: https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=QZHD8QHZ2E7PE
|
7 |
Tags: security, firewall, anti-malware, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
|
8 |
+
Version: 4.16.49
|
9 |
+
Stable tag: 4.16.49
|
10 |
Requires at least: 3.3
|
11 |
+
Tested up to: 4.7.1
|
12 |
|
13 |
This Anti-Malware scanner searches for Malware, Viruses, and other security threats and vulnerabilities on your server and it helps you fix them.
|
14 |
|
27 |
* Check the integrity of your WordPress Core files.
|
28 |
* Automatically download new Definition Updates when running a Complete Scan.
|
29 |
|
30 |
+
Updated January 14th
|
31 |
|
32 |
Register this plugin at [GOTMLS.NET](http://gotmls.net/) and get access to new definitions of "Known Threats" and added features like Automatic Removal, plus patches for specific security vulnerabilities like old versions of timthumb. Updated definition files can be downloaded automatically within the admin once your Key is registered. Otherwise, this plugin just scans for "Potential Threats" and leaves it up to you to identify and remove the malicious ones.
|
33 |
|
93 |
|
94 |
== Changelog ==
|
95 |
|
96 |
+
= 4.16.49 =
|
97 |
+
* Fixed syntax error in the XMLRPC patch for newer versions of Apache.
|
98 |
+
|
99 |
= 4.16.48 =
|
100 |
* Added fall-back to manual updates if the Automatic update feature fails.
|
101 |
* Fixed PHP Notices about undefined variable added in last Version release.
|
354 |
|
355 |
== Upgrade Notice ==
|
356 |
|
357 |
+
= 4.16.49 =
|
358 |
+
Fixed syntax error in the XMLRPC patch for newer versions of Apache.
|
359 |
+
|
360 |
= 4.16.48 =
|
361 |
Added fall-back to manual updates if the Automatic update feature fails, fixed PHP Notices and improved Apache version detection.
|
362 |
|