Anti-Malware Security and Brute-Force Firewall

Version Description

Fixed undefined variable warning.
Updated code for compatibility with PHP version 8.0.

Release Info

Developer	scheeeli
Plugin	Anti-Malware Security and Brute-Force Firewall
Version	4.20.93
Comparing to
See all releases

Code changes from version 4.20.92 to 4.20.93

Files changed (3) hide show

images/index.php +27 -20
index.php +46 -5
readme.txt +10 -3

images/index.php CHANGED Viewed

@@ -995,7 +995,7 @@ function GOTMLS_scanfile($file) {
             							$_SESSION["GOTMLS_debug"]["threat_level"] = $threat_level;
             							$_SESSION["GOTMLS_debug"]["last"]["threat_level"] = microtime(true);
+            						}
-            -
            						if (in_array($threat_level, $GLOBALS["GOTMLS"]["log"]["settings"]["check"]) && !$found && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level]) && ($threat_level != "wp_core" || (substr($file, 0, strlen(ABSPATH)) == ABSPATH && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version]["$path"]))) && (!array_key_exists($threat_level, $GLOBALS["GOTMLS"]["tmp"]["threat_files"]) || (substr($file."e", (-1 * strlen($GLOBALS["GOTMLS"]["tmp"]["threat_files"][$threat_level]."e"))) == $GLOBALS["GOTMLS"]["tmp"]["threat_files"][$threat_level]."e")) && ($found = GOTMLS_check_threat($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level],$file)))
             							$className = $threat_level;
+            					}
+            				}
@@ -1259,32 +1259,24 @@ function GOTMLS_db_scan($id = 0) {
             						if (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug"))
             							echo GOTMLS_return_threat("db_scan", "question", (print_r(array("scan_regex:"=>$scan_regex,"SQL:"=>$SQL),1)), GOTMLS_error_link("$val Rows", 0));//debug
             						foreach ($found_row as $frow) {
             							$encoded_id = GOTMLS_encode($frow["option_id"].'.1');
             							$found = 0;
-            -
            							$opt_val = maybe_unserialize($frow["option_value"]);
             							if (is_array($opt_val)) {
-            -
            								$GLOBALS["GOTMLS"]["tmp"]["threats_found"] = array();
-            -
            								$GLOBALS["GOTMLS"]["log"]["scan"]["last_threat"] = microtime(true);
-            -
            								foreach ($scan_regex as $threat_definition)
-            -
            									foreach ($opt_val as $GLOBALS["GOTMLS"]["tmp"]["file_contents"])
-            -
            										$found += GOTMLS_preg_match_all($threat_definition, $threat_name);
-            -
            								if ($found && !isset($threats_found['row_id_'.$encoded_id])) {
-            -
            									echo GOTMLS_return_threat("db_scan", "threat", "$found $threat_name(\"".str_replace('%', '*', trim($scan_sql, "%")).'") in '."$wpdb->options:".GOTMLS_htmlspecialchars($frow["option_name"]).'":'.$frow["option_id"].'.1', '<input type="checkbox" name="GOTMLS_fix[]" id="check_'.$encoded_id.'" value="'.$encoded_id.'" checked="true">'.GOTMLS_error_link(__("View DB Injection",'gotmls'), $frow["option_id"].'.1', "db_scan"));
-            -
            									$threats_found['row_id_'.$encoded_id] = $threat_name;
-            -
            								} elseif (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug"))
-            -
            									echo GOTMLS_return_threat("db_scan", "question", (print_r(array("post_id"=>$frow["ID"], "scan_regex:"=>$scan_regex,"SQL:"=>$SQL),1)), GOTMLS_error_link("No preg_match", 0));//debug
             							} else {
-            -
            								$GLOBALS["GOTMLS"]["tmp"]["file_contents"] = $opt_val;
-            -
            								$GLOBALS["GOTMLS"]["tmp"]["threats_found"] = array();
-            -
            								$GLOBALS["GOTMLS"]["log"]["scan"]["last_threat"] = microtime(true);
             								foreach ($scan_regex as $threat_definition)
             									$found += GOTMLS_preg_match_all($threat_definition, $threat_name);
-            -
            								if ($found && !isset($threats_found['row_id_'.$encoded_id])) {
-            -
            									echo GOTMLS_return_threat("db_scan", "threat", "$found $threat_name(\"".str_replace('%', '*', trim($scan_sql, "%")).'") in '."$wpdb->options:".GOTMLS_htmlspecialchars($frow["option_name"]).'":'.$frow["option_id"].'.1', '<input type="checkbox" name="GOTMLS_fix[]" id="check_'.$encoded_id.'" value="'.$encoded_id.'" checked="true">'.GOTMLS_error_link(__("View DB Injection",'gotmls'), $frow["option_id"].'.1', "db_scan"));
-            -
            									$threats_found['row_id_'.$encoded_id] = $threat_name;
-            -
            								} elseif (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug"))
-            -
            									echo GOTMLS_return_threat("db_scan", "question", (print_r(array("post_id"=>$frow["ID"], "scan_regex:"=>$scan_regex,"SQL:"=>$SQL),1)), GOTMLS_error_link("No preg_match", 0));//debug
+            							}
+            						}
+            					}
+            				}
@@ -1294,6 +1286,21 @@ function GOTMLS_db_scan($id = 0) {
+            	}
+            }
             function GOTMLS_remove_dots($dir) {
             	if ($dir != "." && $dir != "..")
             		return $dir;


995	$_SESSION["GOTMLS_debug"]["threat_level"] = $threat_level;
996	$_SESSION["GOTMLS_debug"]["last"]["threat_level"] = microtime(true);
997	}
998	+ if (in_array($threat_level, $GLOBALS["GOTMLS"]["log"]["settings"]["check"]) && !$found && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level]) && ($threat_level != "wp_core" \|\| (substr($file, 0, strlen(ABSPATH)) == ABSPATH && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version]["$path"]))) && (!isset($GLOBALS["GOTMLS"]["tmp"]["threat_files"]["$threat_level"]) \|\| (substr($file."e", (-1 * strlen($GLOBALS["GOTMLS"]["tmp"]["threat_files"][$threat_level]."e"))) == $GLOBALS["GOTMLS"]["tmp"]["threat_files"][$threat_level]."e")) && ($found = GOTMLS_check_threat($GLOBALS["GOTMLS"]["tmp"]["definitions_array"][$threat_level],$file)))
999	$className = $threat_level;
1000	}
1001	}

1259	if (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug"))
1260	echo GOTMLS_return_threat("db_scan", "question", (print_r(array("scan_regex:"=>$scan_regex,"SQL:"=>$SQL),1)), GOTMLS_error_link("$val Rows", 0));//debug
1261	foreach ($found_row as $frow) {
1262	+ $GLOBALS["GOTMLS"]["log"]["scan"]["last_threat"] = microtime(true);
1263	+ $GLOBALS["GOTMLS"]["tmp"]["threats_found"] = array();
1264	$encoded_id = GOTMLS_encode($frow["option_id"].'.1');
1265	+ $opt_val = maybe_unserialize($serialized_value);
1266	$found = 0;

1267	if (is_array($opt_val)) {
1268	+ $found = GOTMLS_preg_match_all_array($opt_val);
1269	+ $GLOBALS["GOTMLS"]["tmp"]["new_contents"] = $GLOBALS["GOTMLS"]["tmp"]["file_contents"];








1270	} else {
1271	+ $GLOBALS["GOTMLS"]["tmp"]["file_contents"] = $frow["option_value"];


1272	foreach ($scan_regex as $threat_definition)
1273	$found += GOTMLS_preg_match_all($threat_definition, $threat_name);





1274	}
1275	+ if ($found && !isset($threats_found['row_id_'.$encoded_id])) {
1276	+ echo GOTMLS_return_threat("db_scan", "threat", "$found $threat_name(\"".str_replace('%', '*', trim($scan_sql, "%")).'") in '."$wpdb->options:".GOTMLS_htmlspecialchars($frow["option_name"]).'":'.$frow["option_id"].'.1', '<input type="checkbox" name="GOTMLS_fix[]" id="check_'.$encoded_id.'" value="'.$encoded_id.'" checked="true">'.GOTMLS_error_link(__("View DB Injection",'gotmls'), $frow["option_id"].'.1', "db_scan"));
1277	+ $threats_found['row_id_'.$encoded_id] = $threat_name;
1278	+ } elseif (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug"))
1279	+ echo GOTMLS_return_threat("db_scan", "question", (print_r(array("post_id"=>$frow["ID"], "scan_regex:"=>$scan_regex,"SQL:"=>$SQL),1)), GOTMLS_error_link("No preg_match", 0));//debug
1280	}
1281	}
1282	}

1286	}
1287	}
1288
1289	+ function GOTMLS_preg_match_all_array($opt_val) {
1290	+ $found = 0;
1291	+ foreach ($opt_val as $GLOBALS["GOTMLS"]["tmp"]["file_contents"]) {
1292	+ if (is_array($GLOBALS["GOTMLS"]["tmp"]["file_contents"])) {
1293	+ $found = GOTMLS_preg_match_all_array($GLOBALS["GOTMLS"]["tmp"]["file_contents"]);
1294	+ } else {
1295	+ foreach ($scan_regex as $threat_definition) {
1296	+ $found += GOTMLS_preg_match_all($threat_definition, $threat_name);
1297	+ }
1298	+ }
1299	+ }
1300	+ $GLOBALS["GOTMLS"]["tmp"]["file_contents"] = serialize($opt_val);
1301	+ return $found;
1302	+ }
1303	+
1304	function GOTMLS_remove_dots($dir) {
1305	if ($dir != "." && $dir != "..")
1306	return $dir;

index.php CHANGED Viewed

	@@ -8,7 +8,7 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
8	Contributors: scheeeli, gotmls
9	Donate link: https://gotmls.net/donate/
10	Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11	- Version: 4.20.92
12	*/
13	if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", (isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:(isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")))) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)) \|\| !(function_exists("add_action") && function_exists("load_plugin_textdomain")))
14	include(dirname(__FILE__)."/safe-load/index.php");
	@@ -107,7 +107,7 @@ function GOTMLS_display_header($optional_box = "") {
107	}
108	$Update_Link .= "\">$new_version</a></div>";
109	$defLatest = (is_numeric($Latest = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"]))) && is_numeric($Default = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Default"]))) && $Latest > $Default)?1:0;
110	- if (is_array($keys = maybe_unserialize(get_option('GOTMLS_Installation_Keys', array()))) && ~~array_key_exists~~(~~GOTMLS_installation_key,~~ $keys))
111	$isRegistered = $keys[GOTMLS_installation_key];
112	else
113	$isRegistered = "";
	@@ -642,7 +642,7 @@ function GOTMLS_ajax_load_update() {
642	if (is_array($GOTMLS_definitions_versions) && count($GOTMLS_definitions_versions) && (strlen($new_ver = trim(array_pop($GOTMLS_definitions_versions))) == 5) && $saved) {
643	$innerHTML .= "<li style=\\\"color: #0C0\\\">New Definition Updates Installed.</li>";
644	$finJS .= "\nif (foundUpdates = document.getElementById('GOTMLS_definitions_date')) foundUpdates.innerHTML = '$new_ver';\nif (foundUpdates = document.getElementById('autoUpdateForm')) foundUpdates.style.display = 'none';";
645	- } elseif (is_array($GOTnew_definitions) && count($GOTnew_definitions))
646	$finJS .= "\nalert('Definition update $new_ver could not be saved because update_option Failed! (saved=".($saved?"TRUE":"FALSE").") $debug');";
647	if (isset($_REQUEST["UPDATE_core"]) && ($_REQUEST["UPDATE_core"] == GOTMLS_wp_version) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version])) {
648	foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][$_REQUEST["UPDATE_core"]] as $file => $md5) {
	@@ -1155,7 +1155,7 @@ function GOTMLS_ajax_lognewkey() {
1155	$keys = maybe_unserialize(get_option('GOTMLS_Installation_Keys', array()));
1156	if (is_array($keys)) {
1157	$count = count($keys);
1158	- if (!~~array_key_exists~~(~~GOTMLS_installation_key,~~ $keys))
1159	$keys = array_merge($keys, array(GOTMLS_installation_key => GOTMLS_siteurl));
1160	} else
1161	$keys = array(GOTMLS_installation_key => GOTMLS_siteurl);
	@@ -1230,7 +1230,7 @@ if (isset($_REQUEST["eli"]) && ($_REQUEST["eli"] == "debug")) {
1230	}
1231	}
1232
1233	- function ~~GOTMLS_init~~() {
1234	GOTMLS_define("GOTMLS_get_version_URL", GOTMLS_get_version("URL"));
1235	if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]))
1236	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = 2;
	@@ -1279,6 +1279,47 @@ function GOTMLS_init() {
1279	if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1280	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1281	}









































1282	add_action("admin_init", "GOTMLS_init");
1283
1284	function GOTMLS_ajax_log_session() {


8	Contributors: scheeeli, gotmls
9	Donate link: https://gotmls.net/donate/
10	Description: This Anti-Virus/Anti-Malware plugin searches for Malware and other Virus like threats and vulnerabilities on your server and helps you remove them. It's always growing and changing to adapt to new threats so let me know if it's not working for you.
11	+ Version: 4.20.93
12	*/
13	if (isset($_SERVER["DOCUMENT_ROOT"]) && ($SCRIPT_FILE = str_replace($_SERVER["DOCUMENT_ROOT"], "", (isset($_SERVER["SCRIPT_FILENAME"])?$_SERVER["SCRIPT_FILENAME"]:(isset($_SERVER["SCRIPT_NAME"])?$_SERVER["SCRIPT_NAME"]:"")))) && strlen($SCRIPT_FILE) > strlen("/".basename(__FILE__)) && substr(__FILE__, -1 * strlen($SCRIPT_FILE)) == substr($SCRIPT_FILE, -1 * strlen(__FILE__)) \|\| !(function_exists("add_action") && function_exists("load_plugin_textdomain")))
14	include(dirname(__FILE__)."/safe-load/index.php");

107	}
108	$Update_Link .= "\">$new_version</a></div>";
109	$defLatest = (is_numeric($Latest = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Latest"]))) && is_numeric($Default = preg_replace('/[^0-9]/', "", GOTMLS_sexagesimal($GLOBALS["GOTMLS"]["tmp"]["Definition"]["Default"]))) && $Latest > $Default)?1:0;
110	+ if (is_array($keys = maybe_unserialize(get_option('GOTMLS_Installation_Keys', array()))) && isset($keys[GOTMLS_installation_key]))
111	$isRegistered = $keys[GOTMLS_installation_key];
112	else
113	$isRegistered = "";

642	if (is_array($GOTMLS_definitions_versions) && count($GOTMLS_definitions_versions) && (strlen($new_ver = trim(array_pop($GOTMLS_definitions_versions))) == 5) && $saved) {
643	$innerHTML .= "<li style=\\\"color: #0C0\\\">New Definition Updates Installed.</li>";
644	$finJS .= "\nif (foundUpdates = document.getElementById('GOTMLS_definitions_date')) foundUpdates.innerHTML = '$new_ver';\nif (foundUpdates = document.getElementById('autoUpdateForm')) foundUpdates.style.display = 'none';";
645	+ } elseif (isset($GOTnew_definitions) && is_array($GOTnew_definitions) && count($GOTnew_definitions))
646	$finJS .= "\nalert('Definition update $new_ver could not be saved because update_option Failed! (saved=".($saved?"TRUE":"FALSE").") $debug');";
647	if (isset($_REQUEST["UPDATE_core"]) && ($_REQUEST["UPDATE_core"] == GOTMLS_wp_version) && isset($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][GOTMLS_wp_version])) {
648	foreach ($GLOBALS["GOTMLS"]["tmp"]["definitions_array"]["wp_core"][$_REQUEST["UPDATE_core"]] as $file => $md5) {

1155	$keys = maybe_unserialize(get_option('GOTMLS_Installation_Keys', array()));
1156	if (is_array($keys)) {
1157	$count = count($keys);
1158	+ if (!isset($keys[GOTMLS_installation_key]))
1159	$keys = array_merge($keys, array(GOTMLS_installation_key => GOTMLS_siteurl));
1160	} else
1161	$keys = array(GOTMLS_installation_key => GOTMLS_siteurl);

1230	}
1231	}
1232
1233	+ function GOTMLS_admin_init() {
1234	GOTMLS_define("GOTMLS_get_version_URL", GOTMLS_get_version("URL"));
1235	if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"]))
1236	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_what"] = 2;

1279	if (!isset($GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"]))
1280	$GLOBALS["GOTMLS"]["tmp"]["settings_array"]["scan_level"] = count(explode('/', trailingslashit(GOTMLS_siteurl))) - 1;
1281	}
1282	+ add_action("admin_init", "GOTMLS_admin_init");
1283	+
1284	+ function GOTMLS_init() {
1285	+ register_post_type(
1286	+ 'gotmls_quarantine',
1287	+ array(
1288	+ 'labels' => array(
1289	+ 'name' => _x( 'Quarantine', 'post type general name' ),
1290	+ 'singular_name' => _x( 'Quarantine', 'post type singular name' ),
1291	+ 'view_item' => __( 'View Quarantine Record' ),
1292	+ 'all_items' => __( 'All Quarantine Records' ),
1293	+ ),
1294	+ 'public' => false,
1295	+ 'map_meta_cap' => true,
1296	+ 'hierarchical' => false,
1297	+ 'rewrite' => false,
1298	+ 'query_var' => false,
1299	+ 'can_export' => false,
1300	+ 'delete_with_user' => false,
1301	+ 'supports' => array( 'title', 'author', 'editor', 'excerpt', 'custom-fields' ),
1302	+ 'capability_type' => 'customize_gotmls_quarantine',
1303	+ 'capabilities' => array(
1304	+ 'create_posts' => 'customize',
1305	+ 'delete_others_posts' => 'customize',
1306	+ 'delete_post' => 'customize',
1307	+ 'delete_posts' => 'customize',
1308	+ 'delete_private_posts' => 'customize',
1309	+ 'delete_published_posts' => 'do_not_allow',
1310	+ 'edit_others_posts' => 'do_not_allow',
1311	+ 'edit_post' => 'do_not_allow',
1312	+ 'edit_posts' => 'do_not_allow',
1313	+ 'edit_private_posts' => 'do_not_allow',
1314	+ 'edit_published_posts' => 'do_not_allow',
1315	+ 'publish_posts' => 'customize',
1316	+ 'read' => 'do_not_allow',
1317	+ 'read_post' => 'do_not_allow',
1318	+ 'read_private_posts' => 'customize',
1319	+ ),
1320	+ )
1321	+ );
1322	+ }
1323	add_action("admin_init", "GOTMLS_init");
1324
1325	function GOTMLS_ajax_log_session() {

readme.txt CHANGED Viewed

	@@ -5,10 +5,10 @@ Author URI: http://wordpress.ieonly.com/category/my-plugins/anti-malware/
5	Contributors: scheeeli, gotmls
6	Donate link: https://gotmls.net/donate/
7	Tags: security, firewall, anti-malware, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8	- Version: 4.20.92
9	- Stable tag: 4.20.92
10	Requires at least: 3.3
11	- Tested up to: 5.8.1
12
13	This Anti-Malware scanner searches for Malware, Viruses, and other security threats and vulnerabilities on your server and it helps you fix them.
14
	@@ -93,6 +93,10 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
93
94	== Changelog ==
95




96	= 4.20.92 =
97	* Added German translation thanks to Micha Cassola.
98	* Improved the Apache software version checker for better firewall compatibility.
	@@ -369,6 +373,9 @@ sucuri.net caches their scan results and will not refresh the scan until you cli
369
370	== Upgrade Notice ==
371



372	= 4.20.92 =
373	Added German translation, improved firewall compatibility with Apache, fixed session check in Site Health for REST API compatibility, and checked code compatibility with WordPress 5.8.1 and ClassicPress 1.3.1.
374


5	Contributors: scheeeli, gotmls
6	Donate link: https://gotmls.net/donate/
7	Tags: security, firewall, anti-malware, scanner, automatic, repair, remove, malware, virus, threat, hacked, malicious, infection, timthumb, exploit, block, brute-force, wp-login, patch, antimalware, revslider, Revolution Slider
8	+ Version: 4.20.93
9	+ Stable tag: 4.20.93
10	Requires at least: 3.3
11	+ Tested up to: 5.8.3
12
13	This Anti-Malware scanner searches for Malware, Viruses, and other security threats and vulnerabilities on your server and it helps you fix them.
14

93
94	== Changelog ==
95
96	+ = 4.20.93 =
97	+ * Fixed undefined variable warning.
98	+ * Updated code for compatibility with PHP version 8.0.
99	+
100	= 4.20.92 =
101	* Added German translation thanks to Micha Cassola.
102	* Improved the Apache software version checker for better firewall compatibility.

373
374	== Upgrade Notice ==
375
376	+ = 4.20.93 =
377	+ Fixed undefined variable warning and updated code for compatibility with PHP version 8.0.
378	+
379	= 4.20.92 =
380	Added German translation, improved firewall compatibility with Apache, fixed session check in Site Health for REST API compatibility, and checked code compatibility with WordPress 5.8.1 and ClassicPress 1.3.1.
381

Anti-Malware Security and Brute-Force Firewall - Version 4.20.93

Version Description

Release Info

Code changes from version 4.20.92 to 4.20.93