NinjaFirewall (WP Edition) - Version 3.8.2

Version Description

  • Improved the firewall engine to detect shell command obfuscation tricks using uninitialized variables (e.g. ?a=cat$foo $foo/etc/$foo/passwd$foo).
  • Added a policy to disable the fatal error handler introduced in WordPress 5.1. See "Firewall Policies > Basic Policies > Disable the fatal error handler".
  • Disabled the firewall when running WP-CLI.
  • If the firewall settings were corrupted, the garbage collector would restore the last known good configuration backup. If there is no backup available, it will restore its default settings so that NinjaFirewall will keep working and protecting the site.
  • Various fixes and adjustments.
  • [WP+ Edition] Updated IPv4/IPv6 GeoIP databases.
Download this release

Release Info

Developer nintechnet
Plugin Icon 128x128 NinjaFirewall (WP Edition)
Version 3.8.2
Comparing to
See all releases

Code changes from version 3.8.1 to 3.8.2

Files changed (13) hide show
  1. install.php +4 -160
  2. languages/ninjafirewall-fr_FR.mo +0 -0
  3. languages/ninjafirewall-fr_FR.po +532 -508
  4. languages/ninjafirewall.pot +486 -495
  5. lib/firewall.php +15 -8
  6. lib/firewall_policies.php +1018 -991
  7. lib/help.php +1 -0
  8. lib/init_update.php +88 -83
  9. lib/install_default.php +203 -0
  10. lib/install_fullwaf.php +1 -1
  11. lib/utils.php +101 -18
  12. ninjafirewall.php +9 -29
  13. readme.txt +12 -3
install.php CHANGED
@@ -19,7 +19,7 @@
19
 
20
  if (! defined( 'NFW_ENGINE_VERSION' ) ) { die( 'Forbidden' ); }
21
 
22
- if ( ( is_multisite() ) && (! current_user_can( 'manage_network' ) ) ) {
23
  return;
24
  }
25
 
@@ -479,166 +479,10 @@ function nfw_wpconfig_data() {
479
 
480
  function nfw_default_conf() {
481
 
482
- $nfw_rules = array();
 
 
483
 
484
- if (! empty( $_SESSION['temp_admin_email'] ) ) {
485
- $alert_email = $_SESSION['temp_admin_email'];
486
- } else {
487
- $alert_email = get_option('admin_email');
488
- }
489
-
490
- $nfw_options = array(
491
- 'logo' => plugins_url() . '/ninjafirewall/images/ninjafirewall_75.png',
492
- 'enabled' => 1,
493
- 'ret_code' => 403,
494
- 'anon_ip' => 0,
495
- 'blocked_msg' => base64_encode(NFW_DEFAULT_MSG),
496
- 'debug' => 0,
497
- 'scan_protocol' => 3,
498
- 'uploads' => 1,
499
- 'sanitise_fn' => 0,
500
- 'get_scan' => 1,
501
- 'get_sanitise' => 0,
502
- 'post_scan' => 1,
503
- 'post_sanitise' => 0,
504
- 'cookies_scan' => 1,
505
- 'cookies_sanitise'=> 0,
506
- 'ua_scan' => 1,
507
- 'ua_sanitise' => 1,
508
- 'referer_scan' => 0,
509
- 'referer_sanitise'=> 1,
510
- 'referer_post' => 0,
511
- 'no_host_ip' => 0,
512
- 'allow_local_ip' => 0,
513
- 'php_errors' => 1,
514
- 'php_self' => 1,
515
- 'php_path_t' => 1,
516
- 'php_path_i' => 1,
517
- 'wp_dir' => '/wp-admin/(?:css|images|includes|js)/|' .
518
- '/wp-includes/(?:(?:css|images|js(?!/tinymce/wp-tinymce\.php)|theme-compat)/|[^/]+\.php)|' .
519
- '/'. basename(WP_CONTENT_DIR) .'/(?:uploads|blogs\.dir)/',
520
- 'no_post_themes' => 0,
521
- 'force_ssl' => 0,
522
- 'disallow_edit' => 0,
523
- 'disallow_mods' => 0,
524
- 'wl_admin' => 1,
525
- // v1.0.4
526
- 'a_0' => 1,
527
- 'a_11' => 1,
528
- 'a_12' => 1,
529
- 'a_13' => 0,
530
- 'a_14' => 0,
531
- 'a_15' => 1,
532
- 'a_16' => 0,
533
- 'a_21' => 1,
534
- 'a_22' => 1,
535
- 'a_23' => 0,
536
- 'a_24' => 0,
537
- 'a_31' => 1,
538
- // v1.3.3 :
539
- 'a_41' => 1,
540
- // v1.3.4 :
541
- 'a_51' => 1,
542
- 'sched_scan' => 0,
543
- 'report_scan' => 0,
544
- // v1.7 (daily report cronjob) :
545
- 'a_52' => 1,
546
- // v3.4:
547
- 'a_53' => 1,
548
-
549
- 'alert_email' => $alert_email,
550
- // v1.1.0 :
551
- 'alert_sa_only' => 1,
552
- 'nt_show_status' => 1,
553
- 'post_b64' => 1,
554
- // v3.6.7:
555
- 'disallow_creation' => 0,
556
- // v3.7.2:
557
- 'disallow_settings' => 1,
558
-
559
- // v1.1.2 :
560
- 'no_xmlrpc' => 0,
561
- // v1.7 :
562
- 'no_xmlrpc_multi' => 0,
563
- // v3.3.2
564
- 'no_xmlrpc_pingback'=> 0,
565
-
566
- // v1.1.3 :
567
- 'enum_archives' => 0,
568
- 'enum_login' => 0,
569
- // v1.1.6 :
570
- 'request_sanitise'=> 0,
571
- // v1.2.1 :
572
- 'fg_enable' => 0,
573
- 'fg_mtime' => 10,
574
- 'fg_exclude' => '',
575
- // Log:
576
- 'auto_del_log' => 0,
577
- // Updates :
578
- 'enable_updates' => 1,
579
- 'sched_updates' => 1,
580
- 'notify_updates' => 1,
581
- // Centralized Logging:
582
- 'clogs_enable' => 0,
583
- 'clogs_pubkey' => '',
584
-
585
- 'rate_notice' => time() + 86400 * 15,
586
- );
587
- // v1.3.1 :
588
- // Some compatibility checks:
589
- // 1. header_register_callback(): requires PHP >=5.4
590
- // 2. headers_list() and header_remove(): some hosts may disable them.
591
- if ( function_exists('header_register_callback') && function_exists('headers_list') && function_exists('header_remove') ) {
592
- // X-XSS-Protection:
593
- $nfw_options['response_headers'] = '000300000';
594
- }
595
- $nfw_options['referrer_policy_enabled'] = 0;
596
-
597
- define('NFUPDATESDO', 2);
598
- @nf_sub_updates();
599
-
600
- if (! $nfw_rules = @unserialize(NFW_RULES) ) {
601
- $err_msg = '<p><strong>'. __('Error: The installer cannot download the security rules from wordpress.org website.', 'ninjafirewall') . '</strong></p>';
602
- $err_msg.= '<ol><li>'. __('The server may be temporarily down or you may have network connectivity problems? Please try again in a few minutes.', 'ninjafirewall') . '</li>';
603
- $err_msg.= '<li>'. __('NinjaFirewall downloads its rules over an HTTPS secure connection. Maybe your server does not support SSL? You can force NinjaFirewall to use a non-secure HTTP connection by adding the following directive to your <strong>wp-config.php</strong> file:', 'ninjafirewall') . '<p><code>define("NFW_DONT_USE_SSL", 1);</code></p></li></ol>';
604
- exit("<br /><div class='error notice is-dismissible'>{$err_msg}</div></div></div></div></div></body></html>");
605
- }
606
-
607
- $nfw_options['engine_version'] = NFW_ENGINE_VERSION;
608
- $nfw_options['rules_version'] = NFW_NEWRULES_VERSION; // downloaded rules
609
-
610
- if ( strlen( $_SERVER['DOCUMENT_ROOT'] ) > 5 ) {
611
- $nfw_rules[NFW_DOC_ROOT]['cha'][1]['wha'] = str_replace( '/', '/[./]*', $_SERVER['DOCUMENT_ROOT'] );
612
- } elseif ( strlen( getenv( 'DOCUMENT_ROOT' ) ) > 5 ) {
613
- $nfw_rules[NFW_DOC_ROOT]['cha'][1]['wha'] = str_replace( '/', '/[./]*', getenv( 'DOCUMENT_ROOT' ) );
614
- } else {
615
- $nfw_rules[NFW_DOC_ROOT]['ena'] = 0;
616
- }
617
-
618
- // Enable PHP object injection rules (since v3.5.3):
619
- $nfw_rules[NFW_OBJECTS]['ena'] = 1;
620
-
621
- nfw_update_option( 'nfw_options', $nfw_options);
622
- nfw_update_option( 'nfw_rules', $nfw_rules);
623
-
624
- if ( wp_next_scheduled( 'nfwgccron' ) ) {
625
- wp_clear_scheduled_hook( 'nfwgccron' );
626
- }
627
- if ( wp_next_scheduled('nfscanevent') ) {
628
- wp_clear_scheduled_hook('nfscanevent');
629
- }
630
- if ( wp_next_scheduled('nfsecupdates') ) {
631
- wp_clear_scheduled_hook('nfsecupdates');
632
- }
633
- if ( wp_next_scheduled('nfdailyreport') ) {
634
- wp_clear_scheduled_hook('nfdailyreport');
635
- }
636
- nfw_get_blogtimezone();
637
- wp_schedule_event( strtotime( date('Y-m-d 00:00:05', strtotime("+1 day")) ), 'daily', 'nfdailyreport');
638
- wp_schedule_event( time() + 3600, 'hourly', 'nfsecupdates');
639
- wp_schedule_event( time() + 1800, 'hourly', 'nfwgccron' );
640
-
641
- $_SESSION['default_conf'] = 1;
642
  }
643
 
644
  /* ------------------------------------------------------------------ */
19
 
20
  if (! defined( 'NFW_ENGINE_VERSION' ) ) { die( 'Forbidden' ); }
21
 
22
+ if ( is_multisite() && ! current_user_can( 'manage_network' ) ) {
23
  return;
24
  }
25
 
479
 
480
  function nfw_default_conf() {
481
 
482
+ // Load and save default config:
483
+ require_once __DIR__ .'/lib/install_default.php';
484
+ nfw_load_default_conf();
485
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
486
  }
487
 
488
  /* ------------------------------------------------------------------ */
languages/ninjafirewall-fr_FR.mo CHANGED
Binary file
languages/ninjafirewall-fr_FR.po CHANGED
@@ -4,8 +4,8 @@ msgid ""
4
  msgstr ""
5
  "Project-Id-Version: Stable (latest release)\n"
6
  "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/ninjafirewall\n"
7
- "POT-Creation-Date: 2018-12-03 00:07+0700\n"
8
- "PO-Revision-Date: 2018-12-03 00:08+0700\n"
9
  "Last-Translator: NinTechNet <contact@nintechnet.com>\n"
10
  "Language-Team: NinTechNet <nintechnet.com>\n"
11
  "Language: fr_FR\n"
@@ -165,7 +165,7 @@ msgstr ""
165
  "offre tout de même des performances et un niveau de protection supérieurs "
166
  "aux autres extensions de sécurité pour WordPress disponibles sur le marché."
167
 
168
- #: install.php:156 ninjafirewall.php:782
169
  msgid "Installation"
170
  msgstr "Installation"
171
 
@@ -199,7 +199,7 @@ msgstr "Étape suivante"
199
  msgid "Privacy policy"
200
  msgstr "Politique de confidentialité"
201
 
202
- #: install.php:177 lib/about.php:198 lib/help.php:458
203
  msgid ""
204
  "Your website can run NinjaFirewall and be compliant with the General Data "
205
  "Protection Regulation (GDPR). For more info, please visit our blog:"
@@ -225,7 +225,7 @@ msgstr ""
225
  "tant que NinjaFirewall est installé !"
226
 
227
  #: install.php:258 lib/firewall_policies.php:107 lib/help.php:168
228
- #: lib/install_fullwaf.php:33 lib/install_fullwaf.php:141 ninjafirewall.php:807
229
  msgid "Firewall Policies"
230
  msgstr "Politiques du Pare-feu"
231
 
@@ -538,36 +538,6 @@ msgstr "Passer à l'installateur WordPress WAF &#187;"
538
  msgid "Need help? Check our blog:"
539
  msgstr "Besoin d'aide ? Consultez notre blog :"
540
 
541
- #: install.php:601
542
- msgid ""
543
- "Error: The installer cannot download the security rules from wordpress.org "
544
- "website."
545
- msgstr ""
546
- "Erreur : Impossible de télécharger les règles de sécurité depuis le site de "
547
- "wordpress.org."
548
-
549
- #: install.php:602
550
- msgid ""
551
- "The server may be temporarily down or you may have network connectivity "
552
- "problems? Please try again in a few minutes."
553
- msgstr ""
554
- "Le serveur est peut être temporairement en panne ou bien vous avez des "
555
- "problèmes de connectivité réseau ? Veuillez ré-essayer d'ici quelques "
556
- "minutes."
557
-
558
- #: install.php:603
559
- msgid ""
560
- "NinjaFirewall downloads its rules over an HTTPS secure connection. Maybe "
561
- "your server does not support SSL? You can force NinjaFirewall to use a non-"
562
- "secure HTTP connection by adding the following directive to your <strong>wp-"
563
- "config.php</strong> file:"
564
- msgstr ""
565
- "NinjaFirewall télécharge ses règles de sécurité en utilisant une connexion "
566
- "sécurisée (HTTPS). Peut-être que votre serveur ne prend pas en charge "
567
- "HTTPS ? Dans ce cas, vous pouvez demander à NinjaFirewall d'utiliser une "
568
- "connexion non-sécurisée (HTTP) en ajoutant la ligne suivante dans votre "
569
- "fichier <strong>wp-config.php</strong> :"
570
-
571
  #: lib/about.php:31
572
  msgid "Error : cannot find changelog :("
573
  msgstr "Erreur: impossible de trouver le fichier changelog :("
@@ -616,7 +586,7 @@ msgstr "Programme de parrainage"
616
  msgid "System Info"
617
  msgstr "Info système"
618
 
619
- #: lib/about.php:100 lib/help.php:456
620
  msgid "GDPR Compliance"
621
  msgstr "Conformité RGPD"
622
 
@@ -683,7 +653,7 @@ msgstr ""
683
  "Pour plus d'information, consultez notre page du <a href=\"%s\">Programme de "
684
  "Parrainage</a>."
685
 
686
- #: lib/anti_malware.php:24 ninjafirewall.php:825
687
  msgid "Anti-Malware"
688
  msgstr "Anti-Malware"
689
 
@@ -748,7 +718,7 @@ msgstr "Moyen :"
748
  msgid "View firewall log"
749
  msgstr "Voir le journal du pare-feu"
750
 
751
- #: lib/event_notifications.php:45 lib/help.php:348 ninjafirewall.php:833
752
  msgid "Event Notifications"
753
  msgstr "Notifications d'Événement"
754
 
@@ -867,15 +837,15 @@ msgid "Send me a daily activity report"
867
  msgstr "Envoyer un rapport d'activité quotidien"
868
 
869
  #: lib/event_notifications.php:150 lib/event_notifications.php:162
870
- #: lib/firewall_policies.php:531 lib/firewall_policies.php:574
871
- #: lib/firewall_policies.php:594 lib/firewall_policies.php:644
872
- #: lib/firewall_policies.php:689 lib/firewall_policies.php:699
873
- #: lib/firewall_policies.php:709 lib/firewall_policies.php:752
874
- #: lib/firewall_policies.php:795 lib/firewall_policies.php:815
875
- #: lib/firewall_policies.php:1029 lib/firewall_policies.php:1085
876
- #: lib/firewall_policies.php:1095 lib/firewall_policies.php:1105
877
- #: lib/firewall_policies.php:1115 lib/firewall_policies.php:1162
878
- #: lib/firewall_policies.php:1172 lib/network.php:63 lib/rules_update.php:145
879
  msgid "Yes (default)"
880
  msgstr "Oui (défaut)"
881
 
@@ -956,7 +926,7 @@ msgstr "Moyen :"
956
  msgid "Blocked brute-force attacks:"
957
  msgstr "Attaques par force brute bloquées :"
958
 
959
- #: lib/event_notifications.php:448 lib/utils.php:512 lib/utils.php:647
960
  msgid ""
961
  "This notification can be turned off from NinjaFirewall \"Event Notifications"
962
  "\" page."
@@ -965,8 +935,8 @@ msgstr ""
965
  "d’Événement\" de NinjaFirewall."
966
 
967
  #: lib/event_notifications.php:452 lib/file_check.php:855
968
- #: lib/file_check.php:872 lib/firewall_options.php:572 lib/rules_update.php:565
969
- #: ninjafirewall.php:1180
970
  msgid "Support forum:"
971
  msgstr "Forum :"
972
 
@@ -994,7 +964,7 @@ msgstr "NinjaFirewall a détecté des changements dans vos fichiers."
994
  msgid "No changes detected."
995
  msgstr "Aucun changement n'a été détecté."
996
 
997
- #: lib/file_check.php:129 lib/help.php:315 ninjafirewall.php:815
998
  msgid "File Check"
999
  msgstr "File Check"
1000
 
@@ -1179,15 +1149,15 @@ msgstr ""
1179
  msgid "Enable scheduled scans"
1180
  msgstr "Lancer File Check automatiquement"
1181
 
1182
- #: lib/file_check.php:516 lib/firewall_policies.php:439
1183
- #: lib/firewall_policies.php:454 lib/firewall_policies.php:464
1184
- #: lib/firewall_policies.php:474 lib/firewall_policies.php:544
1185
- #: lib/firewall_policies.php:587 lib/firewall_policies.php:619
1186
- #: lib/firewall_policies.php:657 lib/firewall_policies.php:745
1187
- #: lib/firewall_policies.php:765 lib/firewall_policies.php:808
1188
- #: lib/firewall_policies.php:938 lib/firewall_policies.php:952
1189
- #: lib/firewall_policies.php:977 lib/firewall_policies.php:1185
1190
- #: lib/login_protection.php:295
1191
  msgid "No (default)"
1192
  msgstr "Non (défaut)"
1193
 
@@ -1285,15 +1255,15 @@ msgstr "Erreur lors de la lecture du fichier de l'ancien instantané."
1285
  msgid "Error reading new snapshot file."
1286
  msgstr "Erreur lors de la lecture du fichier du nouvel instantané."
1287
 
1288
- #: lib/file_check.php:814 ninjafirewall.php:261
1289
  msgid "New file"
1290
  msgstr "Nouveau fichier"
1291
 
1292
- #: lib/file_check.php:815 ninjafirewall.php:262
1293
  msgid "Modified file"
1294
  msgstr "Fichier modifié"
1295
 
1296
- #: lib/file_check.php:816 ninjafirewall.php:263
1297
  msgid "Deleted file"
1298
  msgstr "Fichier supprimé"
1299
 
@@ -1303,7 +1273,7 @@ msgstr "[NinjaFirewall] Alerte: Détection File Check"
1303
 
1304
  #: lib/file_check.php:843 lib/file_check.php:845 lib/file_check.php:866
1305
  #: lib/file_check.php:868 lib/rules_update.php:557 lib/rules_update.php:559
1306
- #: lib/utils.php:84 lib/utils.php:500 lib/utils.php:641 lib/utils.php:846
1307
  msgid "Blog:"
1308
  msgstr "Blog :"
1309
 
@@ -1328,7 +1298,7 @@ msgstr "NinjaFirewall n'a pas détecté de changements dans vos fichiers."
1328
  msgid "Please enter a number from 1 to 99."
1329
  msgstr "Veuillez entrer un nombre de 1 à 99."
1330
 
1331
- #: lib/file_guard.php:54 lib/help.php:283 ninjafirewall.php:811
1332
  msgid "File Guard"
1333
  msgstr "File Guard"
1334
 
@@ -1364,15 +1334,15 @@ msgid "Yes (recommended)"
1364
  msgstr "Oui (recommandé)"
1365
 
1366
  #: lib/file_guard.php:101 lib/firewall_policies.php:27
1367
- #: lib/firewall_policies.php:534 lib/firewall_policies.php:577
1368
- #: lib/firewall_policies.php:597 lib/firewall_policies.php:647
1369
- #: lib/firewall_policies.php:692 lib/firewall_policies.php:702
1370
- #: lib/firewall_policies.php:712 lib/firewall_policies.php:755
1371
- #: lib/firewall_policies.php:798 lib/firewall_policies.php:818
1372
- #: lib/firewall_policies.php:880 lib/firewall_policies.php:1032
1373
- #: lib/firewall_policies.php:1088 lib/firewall_policies.php:1098
1374
  #: lib/firewall_policies.php:1108 lib/firewall_policies.php:1118
1375
- #: lib/firewall_policies.php:1165 lib/firewall_policies.php:1175
 
1376
  #: lib/network.php:64 lib/rules_update.php:148
1377
  msgid "No"
1378
  msgstr "Non"
@@ -1430,7 +1400,7 @@ msgstr "Votre clé publique a été supprimée"
1430
  msgid "Your public key has been saved"
1431
  msgstr "Votre clé publique a été sauvegardée"
1432
 
1433
- #: lib/firewall_log.php:84 lib/help.php:422 ninjafirewall.php:841
1434
  msgid "Firewall Log"
1435
  msgstr "Journal du Pare-feu"
1436
 
@@ -1471,7 +1441,7 @@ msgstr ""
1471
  msgid "Log Options"
1472
  msgstr "Options du Journal"
1473
 
1474
- #: lib/firewall_log.php:173 lib/help.php:435
1475
  msgid "Auto-delete log"
1476
  msgstr "Suppression automatique des journaux"
1477
 
@@ -1488,7 +1458,7 @@ msgstr "Entrez \"0\" pour désactiver cette option."
1488
  msgid "Save Log Options"
1489
  msgstr "Sauvegarder les options"
1490
 
1491
- #: lib/firewall_log.php:202 lib/help.php:443 lib/overview.php:198
1492
  #: lib/wpplus.php:93
1493
  msgid "Centralized Logging"
1494
  msgstr "Centralisation des Logs"
@@ -1556,7 +1526,7 @@ msgstr ""
1556
  msgid "Refresh preview"
1557
  msgstr "Réactualiser"
1558
 
1559
- #: lib/firewall_options.php:71 ninjafirewall.php:803
1560
  msgid "Firewall Options"
1561
  msgstr "Options du Pare-feu"
1562
 
@@ -1708,28 +1678,27 @@ msgid "Uploaded file is either corrupted or its format is not supported (#%s)"
1708
  msgstr ""
1709
  "Le fichier importé est illisible ou son format n'est pas supporté (#%s)"
1710
 
1711
- #: lib/firewall_options.php:426
1712
  msgid "The imported file is not compatible with that version of NinjaFirewall"
1713
  msgstr ""
1714
  "Le fichier importé n'est pas compatible avec cette version de NinjaFirewall"
1715
 
1716
- #: lib/firewall_options.php:546
1717
  msgid "[NinjaFirewall] Alert: Firewall is disabled"
1718
  msgstr "[NinjaFirewall] Alerte : Le pare-feu a été désactivé"
1719
 
1720
- #: lib/firewall_options.php:548 lib/firewall_options.php:550
1721
- #: ninjafirewall.php:557 ninjafirewall.php:559 ninjafirewall.php:1168
1722
- #: ninjafirewall.php:1170
1723
  msgid "-Blog :"
1724
  msgstr "- Blog :"
1725
 
1726
- #: lib/firewall_options.php:554
1727
  msgid "Someone disabled NinjaFirewall from your WordPress admin dashboard:"
1728
  msgstr ""
1729
  "Quelqu'un a désactivé NinjaFirewall depuis votre Tableau de bord de "
1730
  "WordPress :"
1731
 
1732
- #: lib/firewall_options.php:557
1733
  msgid ""
1734
  "NinjaFirewall is disabled because someone enabled debugging mode from your "
1735
  "WordPress admin dashboard:"
@@ -1737,42 +1706,43 @@ msgstr ""
1737
  "NinjaFirewall est désactivé car quelqu'un activé son \"Mode débogage\" "
1738
  "depuis votre tableau de bord de WordPress :"
1739
 
1740
- #: lib/firewall_options.php:560
1741
  msgid "[NinjaFirewall] Alert: Firewall override settings"
1742
  msgstr "[NinjaFirewall] Alerte : Modification des paramètres du pare-feu"
1743
 
1744
- #: lib/firewall_options.php:561
1745
  msgid ""
1746
  "Someone imported a new configuration which overrode the firewall settings:"
1747
  msgstr ""
1748
  "Quelqu'un a importé une nouvelle configuration qui a modifié tous les "
1749
  "paramètres du pare-feu :"
1750
 
1751
- #: lib/firewall_options.php:567 ninjafirewall.php:1175
1752
  msgid "-User :"
1753
  msgstr "- Nom :"
1754
 
1755
- #: lib/firewall_options.php:568 ninjafirewall.php:1176
1756
  msgid "-IP :"
1757
  msgstr "- IP :"
1758
 
1759
- #: lib/firewall_options.php:569 ninjafirewall.php:566 ninjafirewall.php:1177
1760
  msgid "-Date :"
1761
  msgstr "- Date :"
1762
 
1763
- #: lib/firewall_policies.php:26 lib/firewall_policies.php:436
1764
- #: lib/firewall_policies.php:451 lib/firewall_policies.php:461
1765
- #: lib/firewall_policies.php:471 lib/firewall_policies.php:541
1766
- #: lib/firewall_policies.php:584 lib/firewall_policies.php:616
1767
- #: lib/firewall_policies.php:654 lib/firewall_policies.php:742
1768
- #: lib/firewall_policies.php:762 lib/firewall_policies.php:805
1769
- #: lib/firewall_policies.php:937 lib/firewall_policies.php:951
1770
- #: lib/firewall_policies.php:976 lib/firewall_policies.php:1182
 
1771
  msgid "Yes"
1772
  msgstr "Oui"
1773
 
1774
  #: lib/firewall_policies.php:28 lib/firewall_policies.php:192
1775
- #: lib/firewall_policies.php:380
1776
  msgid "(default)"
1777
  msgstr "(défaut)"
1778
 
@@ -1822,11 +1792,11 @@ msgstr "Aucune mesure prise."
1822
  msgid "Basic Policies"
1823
  msgstr "Politiques de base"
1824
 
1825
- #: lib/firewall_policies.php:131 lib/help.php:197
1826
  msgid "Intermediate Policies"
1827
  msgstr "Politiques intermédiaires"
1828
 
1829
- #: lib/firewall_policies.php:132 lib/help.php:228
1830
  msgid "Advanced Policies"
1831
  msgstr "Politiques avancées"
1832
 
@@ -1870,12 +1840,12 @@ msgstr "Nettoyer le nom des fichiers"
1870
  msgid "substitution character:"
1871
  msgstr "caractère de substitution&nbsp;:"
1872
 
1873
- #: lib/firewall_policies.php:308
1874
  msgid "Block direct access to any PHP file located in one of these directories"
1875
  msgstr ""
1876
  "Bloquer l'accès direct à un fichier PHP situé dans l'un de ces répertoires"
1877
 
1878
- #: lib/firewall_policies.php:338
1879
  msgid ""
1880
  "NinjaFirewall will not block access to the TinyMCE WYSIWYG editor even if "
1881
  "this option is enabled."
@@ -1883,7 +1853,7 @@ msgstr ""
1883
  "NinjaFirewall ne bloquera pas l'accès à l'éditeur WYSIWYG TinyMCE même si "
1884
  "cette option est activée."
1885
 
1886
- #: lib/firewall_policies.php:353
1887
  msgid ""
1888
  "Unless you have PHP scripts in a \"/cache/\" folder that need to be accessed "
1889
  "by your visitors, we recommend to enable this option."
@@ -1892,7 +1862,7 @@ msgstr ""
1892
  "pouvant être consultés par vos visiteurs, nous vous recommandons d'activer "
1893
  "cette option."
1894
 
1895
- #: lib/firewall_policies.php:364 lib/firewall_policies.php:369
1896
  #, php-format
1897
  msgid ""
1898
  "If you are using the %s plugin, blocking <code>system.multicall</code> may "
@@ -1901,65 +1871,65 @@ msgstr ""
1901
  "Si vous utilisez l'extension %s, bloquer <code>system.multicall</code> "
1902
  "pourrait l’empêcher de fonctionner correctement."
1903
 
1904
- #: lib/firewall_policies.php:377
1905
  msgid "General"
1906
  msgstr "Général"
1907
 
1908
- #: lib/firewall_policies.php:380 lib/help.php:184
1909
  msgid "Block attempts to modify important WordPress settings"
1910
  msgstr ""
1911
  "Bloquer les tentatives de modification des paramètres importants de WordPress"
1912
 
1913
- #: lib/firewall_policies.php:381 lib/help.php:185
1914
  msgid "Block user accounts creation"
1915
  msgstr "Bloquer la création de comptes utilisateur"
1916
 
1917
- #: lib/firewall_policies.php:382
1918
  msgid "Do not enable this policy if you allow user registration."
1919
  msgstr ""
1920
  "N'activez pas cette option si vous autorisez l'inscription des utilisateurs."
1921
 
1922
- #: lib/firewall_policies.php:387
1923
  msgid "Protect against username enumeration"
1924
  msgstr "Protéger contre l'énumération des comptes utilisateurs"
1925
 
1926
- #: lib/firewall_policies.php:390
1927
  msgid "Through the author archives"
1928
  msgstr "Via la page d'archive d'un auteur"
1929
 
1930
- #: lib/firewall_policies.php:391
1931
  msgid "Through the login page"
1932
  msgstr "Via la page de connexion"
1933
 
1934
- #: lib/firewall_policies.php:392
1935
  msgid "Through the WordPress REST API"
1936
  msgstr "Via l'API REST de WordPress"
1937
 
1938
- #: lib/firewall_policies.php:400
1939
  msgid "This feature is only available when running WordPress 4.7 or above."
1940
  msgstr "Cette option ne peut être activée qu'avec WordPress 4.7 ou plus."
1941
 
1942
- #: lib/firewall_policies.php:407
1943
  msgid "WordPress REST API"
1944
  msgstr "API REST de WordPress"
1945
 
1946
- #: lib/firewall_policies.php:410 lib/firewall_policies.php:418
1947
  msgid "Block any access to the API"
1948
  msgstr "Bloquer tout accès à l'API"
1949
 
1950
- #: lib/firewall_policies.php:415
1951
  msgid "WordPress XML-RPC API"
1952
  msgstr "API XML-RPC de WordPress"
1953
 
1954
- #: lib/firewall_policies.php:420
1955
  msgid "Block <code>system.multicall</code> method"
1956
  msgstr "Bloquer la méthode <code>system.multicall</code>"
1957
 
1958
- #: lib/firewall_policies.php:422
1959
  msgid "Block Pingbacks"
1960
  msgstr "Bloquer les Pingbacks"
1961
 
1962
- #: lib/firewall_policies.php:429
1963
  msgid ""
1964
  "Disabling access to the REST or XML-RPC API may break some functionality on "
1965
  "your blog, its themes or plugins."
@@ -1967,132 +1937,138 @@ msgstr ""
1967
  "L'activation de ces options peut rompre certaines fonctionnalités de votre "
1968
  "blog, ses thèmes ou ses plugins."
1969
 
1970
- #: lib/firewall_policies.php:433
1971
  msgid "Block <code>POST</code> requests in the themes folder"
1972
  msgstr "Bloquer les requêtes <code>POST</code> dans le dossier des thèmes"
1973
 
1974
- #: lib/firewall_policies.php:448
1975
  msgid "Force SSL for admin and logins"
1976
  msgstr "Forcer la connexion sécurisée au Tableau de bord"
1977
 
1978
- #: lib/firewall_policies.php:458
1979
  msgid "Disable the plugin and theme editor"
1980
  msgstr "Désactiver l’éditeur de thème et d'extension"
1981
 
1982
- #: lib/firewall_policies.php:468
1983
  msgid "Disable plugin and theme update/installation"
1984
  msgstr "Désactiver l'installation et mise à jour des thèmes et extensions"
1985
 
1986
- #: lib/firewall_policies.php:494 lib/help.php:269
 
 
 
 
1987
  msgid "Users Whitelist"
1988
  msgstr "Liste Blanche"
1989
 
1990
- #: lib/firewall_policies.php:497
1991
  msgid "Add the Administrator to the whitelist (default)."
1992
  msgstr "Ajouter l'Administrateur à la liste blanche (défaut)."
1993
 
1994
- #: lib/firewall_policies.php:498
1995
  msgid "Add all logged in users to the whitelist."
1996
  msgstr "Ajouter tous les utilisateurs connectés à la liste blanche."
1997
 
1998
- #: lib/firewall_policies.php:499
1999
  msgid "Disable users whitelist."
2000
  msgstr "Désactiver la liste blanche."
2001
 
2002
- #: lib/firewall_policies.php:500
2003
  msgid ""
2004
  "Note: This feature does not apply to <code>FORCE_SSL_ADMIN</code>, "
2005
- "<code>DISALLOW_FILE_EDIT</code> and <code>DISALLOW_FILE_MODS</code> options "
2006
- "which, if enabled, are always enforced."
 
2007
  msgstr ""
2008
  "Ne s'applique pas aux options <code>FORCE_SSL_ADMIN</code>, "
2009
- "<code>DISALLOW_FILE_EDIT</code> et <code>DISALLOW_FILE_MODS</code> qui, si "
2010
- "elles sont activées, seront toujours appliquées."
 
2011
 
2012
- #: lib/firewall_policies.php:525 lib/help.php:199
2013
  msgid "HTTP GET variable"
2014
  msgstr "Variable HTTP GET"
2015
 
2016
- #: lib/firewall_policies.php:528
2017
  msgid "Scan <code>GET</code> variable"
2018
  msgstr "Filtrer la variable <code>GET</code>"
2019
 
2020
- #: lib/firewall_policies.php:538
2021
  msgid "Sanitise <code>GET</code> variable"
2022
  msgstr "Nettoyer la variable <code>GET</code>"
2023
 
2024
- #: lib/firewall_policies.php:568 lib/help.php:202
2025
  msgid "HTTP POST variable"
2026
  msgstr "Variable HTTP POST"
2027
 
2028
- #: lib/firewall_policies.php:571
2029
  msgid "Scan <code>POST</code> variable"
2030
  msgstr "Filtrer la variable <code>POST</code>"
2031
 
2032
- #: lib/firewall_policies.php:581
2033
  msgid "Sanitise <code>POST</code> variable"
2034
  msgstr "Nettoyer la variable <code>POST</code>"
2035
 
2036
- #: lib/firewall_policies.php:587 lib/firewall_policies.php:619
2037
  msgid "Do not enable this option unless you know what you are doing!"
2038
  msgstr ""
2039
  "N'activez pas cette option si vous n'êtes pas sûr de ce que vous "
2040
  "faites&nbsp;!"
2041
 
2042
- #: lib/firewall_policies.php:591
2043
  msgid "Decode Base64-encoded <code>POST</code> variable"
2044
  msgstr ""
2045
  "Décoder les chaîne encodées en Base64 dans la variable <code>POST</code>"
2046
 
2047
- #: lib/firewall_policies.php:610 lib/help.php:206
2048
  msgid "HTTP REQUEST variable"
2049
  msgstr "Variable HTTP REQUEST"
2050
 
2051
- #: lib/firewall_policies.php:613
2052
  msgid "Sanitise <code>REQUEST</code> variable"
2053
  msgstr "Nettoyer la variable <code>REQUEST</code>"
2054
 
2055
- #: lib/firewall_policies.php:638 lib/help.php:209
2056
  msgid "Cookies"
2057
  msgstr "Cookies"
2058
 
2059
- #: lib/firewall_policies.php:641
2060
  msgid "Scan cookies"
2061
  msgstr "Filtrer les cookies"
2062
 
2063
- #: lib/firewall_policies.php:651
2064
  msgid "Sanitise cookies"
2065
  msgstr "Nettoyer les cookies"
2066
 
2067
- #: lib/firewall_policies.php:683 lib/help.php:212
2068
  msgid "HTTP_USER_AGENT server variable"
2069
  msgstr "Variable HTTP_USER_AGENT"
2070
 
2071
- #: lib/firewall_policies.php:686
2072
  msgid "Scan <code>HTTP_USER_AGENT</code>"
2073
  msgstr "Filtrer <code>HTTP_USER_AGENT</code>"
2074
 
2075
- #: lib/firewall_policies.php:696
2076
  msgid "Sanitise <code>HTTP_USER_AGENT</code>"
2077
  msgstr "Nettoyer <code>HTTP_USER_AGENT</code>"
2078
 
2079
- #: lib/firewall_policies.php:706
2080
  msgid "Block suspicious bots/scanners"
2081
  msgstr "Bloquer les requêtes provenant de bots/scanners suspects"
2082
 
2083
- #: lib/firewall_policies.php:736 lib/help.php:216
2084
  msgid "HTTP_REFERER server variable"
2085
  msgstr "Variable HTTP_REFERER"
2086
 
2087
- #: lib/firewall_policies.php:739
2088
  msgid "Scan <code>HTTP_REFERER</code>"
2089
  msgstr "Filtrer <code>HTTP_REFERER</code>"
2090
 
2091
- #: lib/firewall_policies.php:749
2092
  msgid "Sanitise <code>HTTP_REFERER</code>"
2093
  msgstr "Nettoyer <code>HTTP_REFERER</code>"
2094
 
2095
- #: lib/firewall_policies.php:759
2096
  msgid ""
2097
  "Block <code>POST</code> requests that do not have an <code>HTTP_REFERER</"
2098
  "code> header"
@@ -2100,7 +2076,7 @@ msgstr ""
2100
  "Bloquer les requêtes <code>POST</code> qui n'ont pas d'en-tête "
2101
  "<code>HTTP_REFERER</code>"
2102
 
2103
- #: lib/firewall_policies.php:765
2104
  msgid ""
2105
  "Keep this option disabled if you are using scripts like Paypal IPN, "
2106
  "WordPress WP-Cron etc"
@@ -2108,21 +2084,21 @@ msgstr ""
2108
  "N'activez pas cette option si vous utilisez des scripts comme Paypal IPN, "
2109
  "WordPress WP-Cron etc"
2110
 
2111
- #: lib/firewall_policies.php:792
2112
  msgid "Block localhost IP in <code>GET/POST</code> request"
2113
  msgstr "Bloquer les requêtes <code>GET/POST</code> contenant l'IP localhost"
2114
 
2115
- #: lib/firewall_policies.php:802
2116
  msgid "Block HTTP requests with an IP in the <code>HTTP_HOST</code> header"
2117
  msgstr ""
2118
  "Bloquer les requêtes HTTP dont l'en-tête <code>HTTP_HOST</code> contient une "
2119
  "IP"
2120
 
2121
- #: lib/firewall_policies.php:812
2122
  msgid "Scan traffic coming from localhost and private IP address spaces"
2123
  msgstr "Filtrer les connexions provenant de localhost et d'adresses IP privées"
2124
 
2125
- #: lib/firewall_policies.php:834
2126
  #, php-format
2127
  msgid ""
2128
  "This option is disabled because the %s PHP function is not available on your "
@@ -2131,43 +2107,43 @@ msgstr ""
2131
  "Cette option n'est pas disponible parce que la fonction PHP %s n'est pas "
2132
  "présente sur votre serveur."
2133
 
2134
- #: lib/firewall_policies.php:849 lib/help.php:230
2135
  msgid "HTTP response headers"
2136
  msgstr "En-têtes de réponse HTTP"
2137
 
2138
- #: lib/firewall_policies.php:852
2139
  #, php-format
2140
  msgid "Set %s to protect against MIME type confusion attacks"
2141
  msgstr ""
2142
  "Activer %s pour protéger contre les attaques basées sur la confusion du type "
2143
  "MIME"
2144
 
2145
- #: lib/firewall_policies.php:862
2146
  #, php-format
2147
  msgid "Set %s to protect against clickjacking attempts"
2148
  msgstr ""
2149
  "Activer %s pour protéger contre les attaques de détournement de clic "
2150
  "(clickjacking)"
2151
 
2152
- #: lib/firewall_policies.php:871
2153
  #, php-format
2154
  msgid "Set %s (IE/Edge, Chrome, Opera and Safari browsers)"
2155
  msgstr "Activer %s (IE/Edge, Opera, Chrome et Safari)"
2156
 
2157
- #: lib/firewall_policies.php:875 lib/firewall_policies.php:876
2158
- #: lib/firewall_policies.php:879
2159
  #, php-format
2160
  msgid "Set to %s"
2161
  msgstr "Régler sur %s"
2162
 
2163
- #: lib/firewall_policies.php:884
2164
  #, php-format
2165
  msgid "Force %s flag on all cookies to mitigate XSS attacks"
2166
  msgstr ""
2167
  "Activer la propriété %s pour tous les cookies afin d'atténuer les menaces "
2168
  "XSS qui génèrent des vols de cookies"
2169
 
2170
- #: lib/firewall_policies.php:890
2171
  msgid ""
2172
  "If your PHP scripts use cookies that need to be accessed from JavaScript, "
2173
  "you should disable this option."
@@ -2175,65 +2151,65 @@ msgstr ""
2175
  "Si vos scripts PHP envoient des cookies qui doivent être accessibles à "
2176
  "partir de JavaScript, vous devez garder cette option désactivée."
2177
 
2178
- #: lib/firewall_policies.php:896
2179
  msgid ""
2180
  "HSTS headers can only be set when you are accessing your site over HTTPS."
2181
  msgstr ""
2182
  "Les en-têtes HSTS ne peuvent être utilisés que lorsque vous vous connectez à "
2183
  "votre site en HTTPS (connexion sécurisée)."
2184
 
2185
- #: lib/firewall_policies.php:903
2186
  #, php-format
2187
  msgid "Set %s (HSTS) to enforce secure connections to the server"
2188
  msgstr ""
2189
  "Activer %s (HSTS) pour forcer les connexions sécurisées vers le serveur"
2190
 
2191
- #: lib/firewall_policies.php:906
2192
  msgid "1 month"
2193
  msgstr "1 mois"
2194
 
2195
- #: lib/firewall_policies.php:907
2196
  msgid "6 months"
2197
  msgstr "6 mois"
2198
 
2199
- #: lib/firewall_policies.php:908
2200
  msgid "1 year"
2201
  msgstr "1 année"
2202
 
2203
- #: lib/firewall_policies.php:910
2204
  msgid "Apply to subdomains"
2205
  msgstr "Appliquer aux sous-domaines"
2206
 
2207
- #: lib/firewall_policies.php:914
2208
  msgid "Set <code>max-age</code> to 0"
2209
  msgstr "Régler <code>max-age</code> à 0"
2210
 
2211
- #: lib/firewall_policies.php:934
2212
  #, php-format
2213
  msgid "Set %s for the website frontend"
2214
  msgstr "Activer %s pour le site"
2215
 
2216
- #: lib/firewall_policies.php:942
2217
  msgid "This CSP header will apply to the website frontend only."
2218
  msgstr "Cet en-tête CSP ne s'appliquera qu'au site."
2219
 
2220
- #: lib/firewall_policies.php:948
2221
  #, php-format
2222
  msgid "Set %s for the WordPress admin dashboard"
2223
  msgstr "Activer %s pour la console d'administration de WordPress"
2224
 
2225
- #: lib/firewall_policies.php:956
2226
  msgid "This CSP header will apply to the WordPress admin dashboard only."
2227
  msgstr ""
2228
  "Cet en-tête CSP ne s'appliquera qu'à la console d'administration de "
2229
  "WordPress."
2230
 
2231
- #: lib/firewall_policies.php:972
2232
  #, php-format
2233
  msgid "Set %s (Chrome, Opera and Firefox browsers)"
2234
  msgstr "Activer %s (Chrome, Opera et Firefox)"
2235
 
2236
- #: lib/firewall_policies.php:1026
2237
  msgid ""
2238
  "Block PHP built-in wrappers in <code>GET</code>, <code>POST</code>, "
2239
  "<code>HTTP_USER_AGENT</code>, <code>HTTP_REFERER</code> and cookies"
@@ -2242,58 +2218,58 @@ msgstr ""
2242
  "<code>GET</code>, <code>POST</code>, <code>HTTP_USER_AGENT</code>, "
2243
  "<code>HTTP_REFERER</code> et les cookies"
2244
 
2245
- #: lib/firewall_policies.php:1069
2246
  msgid "Block serialized PHP objects in the following global variables"
2247
  msgstr ""
2248
  "Bloquer les objets PHP sérialisés dans les variables globales suivantes"
2249
 
2250
- #: lib/firewall_policies.php:1082
2251
  msgid "Hide PHP notice and error messages"
2252
  msgstr "Masquer les messages d'erreur de PHP"
2253
 
2254
- #: lib/firewall_policies.php:1092
2255
  msgid "Sanitise <code>PHP_SELF</code>"
2256
  msgstr "Nettoyer <code>PHP_SELF</code>"
2257
 
2258
- #: lib/firewall_policies.php:1102
2259
  msgid "Sanitise <code>PATH_TRANSLATED</code>"
2260
  msgstr "Nettoyer <code>PATH_TRANSLATED</code>"
2261
 
2262
- #: lib/firewall_policies.php:1112
2263
  msgid "Sanitise <code>PATH_INFO</code>"
2264
  msgstr "Nettoyer <code>PATH_INFO</code>"
2265
 
2266
- #: lib/firewall_policies.php:1132
2267
  msgid "This option is not compatible with your actual configuration."
2268
  msgstr ""
2269
  "Cette option n'est pas compatible avec la configuration de votre serveur."
2270
 
2271
- #: lib/firewall_policies.php:1156 lib/help.php:260
2272
  msgid "Various"
2273
  msgstr "Divers"
2274
 
2275
- #: lib/firewall_policies.php:1159
2276
  msgid "Block the <code>DOCUMENT_ROOT</code> server variable in HTTP request"
2277
  msgstr ""
2278
  "Bloquer les requêtes HTTP contenant la variable <code>DOCUMENT_ROOT</code>"
2279
 
2280
- #: lib/firewall_policies.php:1169
2281
  msgid "Block ASCII character 0x00 (NULL byte)"
2282
  msgstr "Bloquer le caractère ASCII 0x00 (NULL byte)"
2283
 
2284
- #: lib/firewall_policies.php:1179
2285
  msgid "Block ASCII control characters 1 to 8 and 14 to 31"
2286
  msgstr "Bloquer les caractères de contrôle ASCII 1 à 8 et 14 à 31"
2287
 
2288
- #: lib/firewall_policies.php:1195
2289
  msgid "Save Firewall Policies"
2290
  msgstr "Sauvegarder les options"
2291
 
2292
- #: lib/firewall_policies.php:1197
2293
  msgid "Restore Default Values"
2294
  msgstr "Rétablir les valeurs par défaut"
2295
 
2296
- #: lib/help.php:37 ninjafirewall.php:795
2297
  msgid "Overview"
2298
  msgstr "Aperçu"
2299
 
@@ -2798,21 +2774,33 @@ msgstr ""
2798
  "installation ou mise à jour d'une extension ou d'un thème. Elle désactive "
2799
  "aussi l’éditeur de thème et d'extension."
2800
 
2801
- #: lib/help.php:200
 
 
 
 
 
 
 
 
 
 
 
 
2802
  msgid "Whether to scan and/or sanitise the <code>GET</code> variable."
2803
  msgstr "S'il faut filtrer / nettoyer la variable <code>GET</code>."
2804
 
2805
- #: lib/help.php:203
2806
  msgid "Whether to scan and/or sanitise the <code>POST</code> variable."
2807
  msgstr "S'il faut filtrer / nettoyer la variable <code>POST</code>."
2808
 
2809
- #: lib/help.php:204
2810
  msgid "Decode Base64-encoded <code>POST</code> variable:"
2811
  msgstr ""
2812
  "Décoder les chaîne encodées en Base64 dans la variable <code>POST</"
2813
  "code>&nbsp;:"
2814
 
2815
- #: lib/help.php:204
2816
  msgid ""
2817
  "NinjaFirewall will decode and scan base64 encoded values in order to detect "
2818
  "obfuscated malicious code. This option is only available for the <code>POST</"
@@ -2821,41 +2809,41 @@ msgstr ""
2821
  "NinjaFirewall peut décoder et filtrer les chaînes de caractères encodées en "
2822
  "Base64 afin d'y détecter du code malveillant caché."
2823
 
2824
- #: lib/help.php:207
2825
  msgid "Whether to sanitise the <code>REQUEST</code> variable."
2826
  msgstr "S'il faut filtrer / nettoyer la variable <code>REQUEST</code>."
2827
 
2828
- #: lib/help.php:210
2829
  msgid "Whether to scan and/or sanitise cookies."
2830
  msgstr "S'il faut filtrer / nettoyer les cookies."
2831
 
2832
- #: lib/help.php:213
2833
  msgid "Whether to scan and/or sanitise <code>HTTP_USER_AGENT</code> requests."
2834
  msgstr "S'il faut filtrer / nettoyer la variable <code>HTTP_USER_AGENT</code>."
2835
 
2836
- #: lib/help.php:214
2837
  msgid "Block suspicious bots/scanners:"
2838
  msgstr "Bloquer les requêtes provenant de bots/scanners suspects&nbsp;:"
2839
 
2840
- #: lib/help.php:214
2841
  msgid ""
2842
  "rejects some known bots, scanners and various malicious scripts attempting "
2843
  "to access your blog."
2844
  msgstr ""
2845
  "cette option peut bloquer de nombreux crawlers, spambots et autres scrappers."
2846
 
2847
- #: lib/help.php:217
2848
  msgid "Whether to scan and/or sanitise <code>HTTP_REFERER</code> requests."
2849
  msgstr "S'il faut filtrer / nettoyer la variable <code>HTTP_REFERER</code>."
2850
 
2851
- #: lib/help.php:218
2852
  msgid ""
2853
  "Block POST requests that do not have an <code>HTTP_REFERER</code> header:"
2854
  msgstr ""
2855
  "Bloquer les requêtes POST qui n'ont pas d'en-tête <code>HTTP_REFERER</"
2856
  "code>&nbsp;:"
2857
 
2858
- #: lib/help.php:218
2859
  msgid ""
2860
  "this option will block any <code>POST</code> request that does not have a "
2861
  "Referrer header (<code>HTTP_REFERER</code> variable). If you need external "
@@ -2872,12 +2860,12 @@ msgstr ""
2872
  "vous utilisez des scripts comme Paypal IPN, WordPress WP-Cron etc, "
2873
  "désactivez cette fonction."
2874
 
2875
- #: lib/help.php:221
2876
  msgid "Block localhost IP in <code>GET/POST</code> requests:"
2877
  msgstr ""
2878
  "Bloquer les requêtes <code>GET/POST</code> contenant l'IP localhost&nbsp;:"
2879
 
2880
- #: lib/help.php:221
2881
  msgid ""
2882
  "this option will block any <code>GET</code> or <code>POST</code> request "
2883
  "containing the localhost IP (127.0.0.1). It can be useful to block SQL "
@@ -2888,13 +2876,13 @@ msgstr ""
2888
  "les programmes malveillants. Attention toutefois à ne pas bloquer certains "
2889
  "scripts d'installation ou de configuration si vous l'activez. "
2890
 
2891
- #: lib/help.php:222
2892
  msgid "Block HTTP requests with an IP in the <code>HTTP_HOST</code> header:"
2893
  msgstr ""
2894
  "Bloquer les requêtes HTTP dont l'en-tête <code>HTTP_HOST</code> contient une "
2895
  "IP&nbsp;:"
2896
 
2897
- #: lib/help.php:222
2898
  #, php-format
2899
  msgid ""
2900
  "this option will reject any request using an IP instead of a domain name in "
@@ -2910,12 +2898,12 @@ msgstr ""
2910
  "application trouvent les sites en scannant les plages d'adresses IP plutôt "
2911
  "que les noms de domaine. "
2912
 
2913
- #: lib/help.php:223
2914
  msgid "Scan traffic coming from localhost and private IP address spaces:"
2915
  msgstr ""
2916
  "Filtrer les connexions provenant de localhost et d'adresses IP privées&nbsp;:"
2917
 
2918
- #: lib/help.php:223
2919
  msgid ""
2920
  "this option will allow the firewall to scan traffic from all non-routable "
2921
  "private IPs (IPv4 and IPv6) as well as the localhost IP. We recommend to "
@@ -2926,7 +2914,7 @@ msgstr ""
2926
  "Nous vous recommandons de le garder activé si vous avez 2 ou plusieurs "
2927
  "serveurs reliés entre eux."
2928
 
2929
- #: lib/help.php:232
2930
  msgid ""
2931
  "In addition to filtering incoming requests, NinjaFirewall can also hook the "
2932
  "HTTP response in order to alter its headers. Those modifications can help to "
@@ -2937,7 +2925,7 @@ msgstr ""
2937
  "peuvent aider à atténuer les menaces telles que les attaques XSS, phishing "
2938
  "et clickjacking."
2939
 
2940
- #: lib/help.php:234
2941
  msgid ""
2942
  "Set <code>X-Content-Type-Options</code> to protect against MIME type "
2943
  "confusion attacks:"
@@ -2945,7 +2933,7 @@ msgstr ""
2945
  "Activer <code>X-Content-Type-Options</code> pour protéger contre les "
2946
  "attaques basées sur la confusion du type MIME&nbsp;:"
2947
 
2948
- #: lib/help.php:234
2949
  msgid ""
2950
  "this header will send the nosniff value to instruct the browser to disable "
2951
  "content or MIME sniffing and to use the content-type returned by the server. "
@@ -2960,14 +2948,14 @@ msgstr ""
2960
  "dans certains cas, peut entraîner des problèmes de sécurité tels que les "
2961
  "attaques basées sur la confusion du type MIME."
2962
 
2963
- #: lib/help.php:235
2964
  msgid ""
2965
  "Set <code>X-Frame-Options</code> to protect against clickjacking attempts:"
2966
  msgstr ""
2967
  "Activer <code>X-Frame-Options</code> pour protéger contre les attaques de "
2968
  "détournement de clic (clickjacking)&nbsp;:"
2969
 
2970
- #: lib/help.php:235
2971
  msgid ""
2972
  "this header indicates a policy whether a browser must not allow to render a "
2973
  "page in a &lt;frame&gt; or &lt;iframe&gt;. Hosts can declare this policy in "
@@ -2981,7 +2969,7 @@ msgstr ""
2981
  "sont pas intégré dans d'autres pages ou cadres, notamment d'un autre site. "
2982
  "NinjaFirewall accepte deux valeurs différentes&nbsp;:"
2983
 
2984
- #: lib/help.php:237
2985
  msgid ""
2986
  "a browser receiving content with this header must not display this content "
2987
  "in any frame from a page of different origin than the content itself."
@@ -2989,7 +2977,7 @@ msgstr ""
2989
  "un navigateur ne doit pas afficher le contenu dans une &lt;frame&gt; ou &lt;"
2990
  "iframe&gt; d'une page d'origine différente que le contenu lui-même."
2991
 
2992
- #: lib/help.php:238
2993
  msgid ""
2994
  "a browser receiving content with this header must not display this content "
2995
  "in any frame."
@@ -2997,13 +2985,13 @@ msgstr ""
2997
  "un navigateur ne doit jamais afficher le contenu dans une &lt;frame&gt; ou "
2998
  "&lt;iframe&gt;"
2999
 
3000
- #: lib/help.php:241
3001
  msgid "NinjaFirewall does not support the <code>ALLOW-FROM</code> value."
3002
  msgstr ""
3003
  "La valeur <code>ALLOW-FROM</code> n'est pas prise en charge par "
3004
  "NinjaFirewall."
3005
 
3006
- #: lib/help.php:243
3007
  msgid ""
3008
  "Since v3.1.3, WordPress sets this value to <code>SAMEORIGIN</code> for the "
3009
  "administrator and the login page only."
@@ -3011,14 +2999,14 @@ msgstr ""
3011
  "Depuis la version 3.1.3, WordPress active <code>SAMEORIGIN</code> pour "
3012
  "l'administrateur et la page de connexion uniquement."
3013
 
3014
- #: lib/help.php:244
3015
  msgid ""
3016
  "Set <code>X-XSS-Protection</code> (IE/Edge, Chrome, Opera and Safari "
3017
  "browsers):"
3018
  msgstr ""
3019
  "Activer <code>X-XSS-Protection</code> (IE/Edge, Opera, Chrome et Safari)"
3020
 
3021
- #: lib/help.php:244
3022
  msgid ""
3023
  "this header allows browsers to identify and block XSS attacks by preventing "
3024
  "malicious scripts from executing. It is enabled by default on all compatible "
@@ -3028,7 +3016,7 @@ msgstr ""
3028
  "attaques XSS en empêchant un script malveillant de s'exécuter. Notez que "
3029
  "cette option est activée par défaut sur ces navigateurs."
3030
 
3031
- #: lib/help.php:245
3032
  msgid ""
3033
  "If a visitor disabled their browser's XSS filter, you cannot re-enable it "
3034
  "with that option."
@@ -3036,14 +3024,14 @@ msgstr ""
3036
  "Si un visiteur désactive le filtre XSS de son navigateur, vous ne pouvez pas "
3037
  "le réactiver avec cette option."
3038
 
3039
- #: lib/help.php:247
3040
  msgid ""
3041
  "Force <code>HttpOnly</code> flag on all cookies to mitigate XSS attacks:"
3042
  msgstr ""
3043
  "Activer la propriété <code>HttpOnly</code> pour tous les cookies afin "
3044
  "d'atténuer les menaces XSS qui génèrent des vols de cookies&nbsp;:"
3045
 
3046
- #: lib/help.php:247
3047
  msgid ""
3048
  "adding this flag to cookies helps to mitigate the risk of cross-site "
3049
  "scripting by preventing them from being accessed through client-side "
@@ -3060,7 +3048,7 @@ msgstr ""
3060
  "dans la réponse HTTP juste avant que celle-ci ne soit envoyée à vos "
3061
  "visiteurs."
3062
 
3063
- #: lib/help.php:248
3064
  msgid ""
3065
  "If your PHP scripts send cookies that need to be accessed from JavaScript, "
3066
  "you should keep that option disabled."
@@ -3068,7 +3056,7 @@ msgstr ""
3068
  "Si vos scripts PHP envoient des cookies qui doivent être accessibles à "
3069
  "partir de JavaScript, vous devez garder cette option désactivée."
3070
 
3071
- #: lib/help.php:249
3072
  msgid ""
3073
  "Set <code>Strict-Transport-Security</code> (HSTS) to enforce secure "
3074
  "connections to the server:"
@@ -3076,7 +3064,7 @@ msgstr ""
3076
  "Activer <code>Strict-Transport-Security</code> (HSTS) pour forcer les "
3077
  "connexions sécurisées vers le serveur&nbsp;"
3078
 
3079
- #: lib/help.php:249
3080
  msgid ""
3081
  "this policy enforces secure HTTPS connections to the server. Web browsers "
3082
  "will not allow the user to access the web application over insecure HTTP "
@@ -3089,11 +3077,11 @@ msgstr ""
3089
  "de cookies ou les attaques du type \"Man-in-the-middle\". La plupart des "
3090
  "navigateurs récents sont compatibles avec cette politique."
3091
 
3092
- #: lib/help.php:250
3093
  msgid "Set <code>Content-Security-Policy</code>:"
3094
  msgstr "Activer <code>Content-Security-Policy</code> :"
3095
 
3096
- #: lib/help.php:250
3097
  msgid ""
3098
  "this policy helps to mitigate threats such as XSS, phishing and clickjacking "
3099
  "attacks. It covers JavaScript, CSS, HTML frames, web workers, fonts, images, "
@@ -3103,7 +3091,7 @@ msgstr ""
3103
  "code JavaScript, les styles CSS, frames/iframes HTML, polices, images, "
3104
  "objets (Java, ActiveX, fichiers audio et video), mais aussi les WebSocket."
3105
 
3106
- #: lib/help.php:250
3107
  msgid ""
3108
  "NinjaFirewall lets you configure the CSP policy separately for the frontend "
3109
  "(blog, website) and the backend (WordPress admin dashboard)."
@@ -3111,11 +3099,11 @@ msgstr ""
3111
  "NinjaFirewall vous permet de configurer CSP séparément pour le site et "
3112
  "l'interface d'administration de WordPress."
3113
 
3114
- #: lib/help.php:251
3115
  msgid "Set <code>Referrer-Policy</code>:"
3116
  msgstr "Activer <code>Referrer-Policy</code> :"
3117
 
3118
- #: lib/help.php:251
3119
  msgid ""
3120
  "this HTTP header governs which referrer information, sent in the Referer "
3121
  "header, should be included with requests made."
@@ -3123,11 +3111,11 @@ msgstr ""
3123
  "cet en-tête HTTP détermine quelles informations de provenance doivent être "
3124
  "incluses dans l'en-tête Referer."
3125
 
3126
- #: lib/help.php:255
3127
  msgid "Block PHP built-in wrappers:"
3128
  msgstr "Bloquer les gestionnaires (wrappers) PHP dangereux&nbsp;:"
3129
 
3130
- #: lib/help.php:255
3131
  msgid ""
3132
  "PHP has several wrappers for use with the filesystem functions. It is "
3133
  "possible for an attacker to use them to bypass firewalls and various IDS to "
@@ -3147,11 +3135,11 @@ msgstr ""
3147
  "requête <code>GET</code> ou <code>POST</code>, des cookies, ou dans les "
3148
  "variables <code>HTTP_REFERER</code> et <code>HTTP_USER_AGENT</code>."
3149
 
3150
- #: lib/help.php:256
3151
  msgid "Block serialized PHP objects:"
3152
  msgstr "Bloquer les objets PHP sérialisés :"
3153
 
3154
- #: lib/help.php:256
3155
  #, php-format
3156
  msgid ""
3157
  "Object Serialization is a PHP feature used by many applications to generate "
@@ -3170,11 +3158,11 @@ msgstr ""
3170
  "<code>POST</code>, les cookies, ou dans les variables <code>HTTP_REFERER</"
3171
  "code> et <code>HTTP_USER_AGENT</code>."
3172
 
3173
- #: lib/help.php:257
3174
  msgid "Hide PHP notice and error messages:"
3175
  msgstr "Masquer les messages d'erreur de PHP&nbsp;:"
3176
 
3177
- #: lib/help.php:257
3178
  msgid ""
3179
  "this option lets you hide errors returned by your scripts. Such errors can "
3180
  "leak sensitive informations which can be exploited by hackers."
@@ -3183,7 +3171,7 @@ msgstr ""
3183
  "afficher des informations sensibles qui peuvent être exploitées "
3184
  "ultérieurement par des pirates."
3185
 
3186
- #: lib/help.php:258
3187
  msgid ""
3188
  "Sanitise <code>PHP_SELF</code>, <code>PATH_TRANSLATED</code>, "
3189
  "<code>PATH_INFO</code>:"
@@ -3191,7 +3179,7 @@ msgstr ""
3191
  "Nettoyer <code>PHP_SELF</code>, <code>PATH_TRANSLATED</code>, "
3192
  "<code>PATH_INFO</code>&nbsp;:"
3193
 
3194
- #: lib/help.php:258
3195
  msgid ""
3196
  "this option can sanitise any dangerous characters found in those 3 server "
3197
  "variables to prevent various XSS and database injection attempts."
@@ -3199,7 +3187,7 @@ msgstr ""
3199
  "activez ces options si vous souhaitez que le pare-feu nettoie ces trois "
3200
  "variables."
3201
 
3202
- #: lib/help.php:261
3203
  #, php-format
3204
  msgid ""
3205
  "Block the <code>DOCUMENT_ROOT</code> server variable (%s) in HTTP requests:"
@@ -3207,7 +3195,7 @@ msgstr ""
3207
  "Bloquer les requêtes HTTP contenant la variable <code>DOCUMENT_ROOT</code> "
3208
  "(%s)&nbsp;:"
3209
 
3210
- #: lib/help.php:261
3211
  msgid ""
3212
  "this option will block scripts attempting to pass the <code>DOCUMENT_ROOT</"
3213
  "code> server variable in a <code>GET</code> or <code>POST</code> request. "
@@ -3220,11 +3208,11 @@ msgstr ""
3220
  "cette variable, mais pas la plupart des applications légitimes (hormis "
3221
  "certains scripts d'installation ou de configuration)."
3222
 
3223
- #: lib/help.php:262
3224
  msgid "Block ASCII character 0x00 (NULL byte):"
3225
  msgstr "Bloquer le caractère ASCII 0x00 (NULL byte)&nbsp;:"
3226
 
3227
- #: lib/help.php:262
3228
  msgid ""
3229
  "this option will reject any <code>GET</code> or <code>POST</code> request, "
3230
  "<code>HTTP_USER_AGENT</code>, <code>REQUEST_URI</code>, <code>PHP_SELF</"
@@ -3238,11 +3226,11 @@ msgstr ""
3238
  "contenant le caractère ASCI 0x00 (NULL byte) sera bloquée immédiatement. Ce "
3239
  "caractère est dangereux et devrait toujours être rejeté."
3240
 
3241
- #: lib/help.php:263
3242
  msgid "Block ASCII control characters 1 to 8 and 14 to 31:"
3243
  msgstr "Bloquer les caractères de contrôle ASCII 1 à 8 et 14 à 31&nbsp;:"
3244
 
3245
- #: lib/help.php:263
3246
  msgid ""
3247
  "this option will reject any <code>GET</code> or <code>POST</code> request, "
3248
  "<code>HTTP_USER_AGENT</code>, <code>HTTP_REFERER</code> variables containing "
@@ -3252,7 +3240,7 @@ msgstr ""
3252
  "variable <code>HTTP_USER_AGENT</code>, <code>HTTP_REFERER</code> contenant "
3253
  "des caractères ASCII 1 à 8 et 14 à 31 sera bloquée."
3254
 
3255
- #: lib/help.php:271
3256
  #, php-format
3257
  msgid ""
3258
  "By default, any logged in WordPress administrator will not be blocked by "
@@ -3272,7 +3260,7 @@ msgstr ""
3272
  "les options de la <a href=\"%s\">Page de Connexion</a> qui, si elle sont "
3273
  "activées, seront toujours appliquées."
3274
 
3275
- #: lib/help.php:285
3276
  msgid ""
3277
  "File Guard can detect, in real-time, any access to a PHP file that was "
3278
  "recently modified or created, and alert you about this."
@@ -3280,7 +3268,7 @@ msgstr ""
3280
  "File Guard peut détecter, en temps réel, tout accès à un fichier PHP qui a "
3281
  "été récemment modifié ou créé, et vous alerter à ce sujet."
3282
 
3283
- #: lib/help.php:287
3284
  msgid ""
3285
  "If a hacker uploaded a shell script to your site (or injected a backdoor "
3286
  "into an already existing file) and tried to directly access that file using "
@@ -3299,7 +3287,7 @@ msgstr ""
3299
  "envoyées à l'adresse e-mail de contact définie dans le menu \"Notifications "
3300
  "d’Événement\"."
3301
 
3302
- #: lib/help.php:288
3303
  msgid ""
3304
  "If you do not want to monitor a folder, you can exclude its full path or a "
3305
  "part of it (e.g., <code>/var/www/public_html/cache/</code> or <code>/cache/</"
@@ -3313,7 +3301,7 @@ msgstr ""
3313
  "variable <code>$_SERVER[\"SCRIPT_FILENAME\"]</code> et, si elle correspond, "
3314
  "l'ignorera."
3315
 
3316
- #: lib/help.php:289
3317
  msgid ""
3318
  "Multiple values must be comma-separated (e.g., <code>/foo/bar/,/cache/</"
3319
  "code>)."
@@ -3321,7 +3309,7 @@ msgstr ""
3321
  "Plusieurs valeurs doivent être séparées par des virgules (par ex. <code>/foo/"
3322
  "bar/,/cache/</code>)."
3323
 
3324
- #: lib/help.php:290
3325
  msgid ""
3326
  "File Guard real-time detection is a totally unique feature, because "
3327
  "NinjaFirewall is the only plugin for WordPress that can hook HTTP requests "
@@ -3333,11 +3321,11 @@ msgstr ""
3333
  "intercepter les requêtes HTTP envoyées à tout script PHP, même si ce dernier "
3334
  "ne fait pas partie de WordPress (logiciel tiers, backdoor, etc)."
3335
 
3336
- #: lib/help.php:299 lib/network.php:32 ninjafirewall.php:829
3337
  msgid "Network"
3338
  msgstr "Réseau"
3339
 
3340
- #: lib/help.php:301
3341
  msgid ""
3342
  "Even if NinjaFirewall administration menu is only available to the Super "
3343
  "Admin (from the main site), you can still display its status to all sites in "
@@ -3349,7 +3337,7 @@ msgstr ""
3349
  "du réseau en ajoutant une petite icône à leur barre d'administration. Elle "
3350
  "ne sera visible que par les administrateurs de ces sites."
3351
 
3352
- #: lib/help.php:303
3353
  msgid ""
3354
  "It is recommended to enable this feature as it is the only way to know "
3355
  "whether the sites in your network are protected and if NinjaFirewall "
@@ -3359,7 +3347,7 @@ msgstr ""
3359
  "si les sites de votre réseau sont protégés et si l'installation de "
3360
  "NinjaFirewall a réussi."
3361
 
3362
- #: lib/help.php:305
3363
  msgid ""
3364
  "Note that when it is disabled, the icon still remains visible to you, the "
3365
  "Super Admin."
@@ -3367,7 +3355,7 @@ msgstr ""
3367
  "Notez que même lorsqu'il est désactivé, l'icône reste visible pour vous, le "
3368
  "Super Administrateur."
3369
 
3370
- #: lib/help.php:316
3371
  msgid ""
3372
  "File Check lets you perform file integrity monitoring upon request or on a "
3373
  "specific interval."
@@ -3375,7 +3363,7 @@ msgstr ""
3375
  "File Check vous permet d'effectuer une analyse de l'intégrité de vos "
3376
  "fichiers sur demande ou à un intervalle spécifique défini."
3377
 
3378
- #: lib/help.php:318
3379
  msgid ""
3380
  "You need to create a snapshot of all your files and then, at a later time, "
3381
  "you can scan your system to compare it with the previous snapshot. Any "
@@ -3388,7 +3376,7 @@ msgstr ""
3388
  "permissions et propriétés des fichiers, leur création et suppression ainsi "
3389
  "que l'horodatage."
3390
 
3391
- #: lib/help.php:319
3392
  #, php-format
3393
  msgid ""
3394
  "Create a snapshot of all files stored in that directory: by default, the "
@@ -3398,7 +3386,7 @@ msgstr ""
3398
  "répertoire&nbsp;: par défaut, le repertoire est l'<code>ABSPATH</code> de "
3399
  "WordPress (%s)"
3400
 
3401
- #: lib/help.php:320
3402
  msgid ""
3403
  "Exclude the following files/folders: you can enter a directory or a file "
3404
  "name (e.g., <code>/foo/bar/</code>), or a part of it (e.g., <code>foo</"
@@ -3409,7 +3397,7 @@ msgstr ""
3409
  "partie de celui-ci (par ex. <code>foo</code>), ou même exclure une extension "
3410
  "de fichier (par ex. <code>.css</code>)."
3411
 
3412
- #: lib/help.php:322
3413
  msgid ""
3414
  "Multiple values must be comma-separated (e.g., <code>/foo/bar/,.css,.png</"
3415
  "code>)."
@@ -3417,7 +3405,7 @@ msgstr ""
3417
  "Plusieurs valeurs doivent être séparées par des virgules (par ex. <code>/foo/"
3418
  "bar/,.css,.png</code>)."
3419
 
3420
- #: lib/help.php:323
3421
  msgid ""
3422
  "Do not follow symbolic links: by default, NinjaFirewall will not follow "
3423
  "symbolic links."
@@ -3425,11 +3413,11 @@ msgstr ""
3425
  "Ne pas suivre les liens symboliques&nbsp;: par défaut, NinjaFirewall ignore "
3426
  "les liens symboliques lors de son analyse des fichiers."
3427
 
3428
- #: lib/help.php:328
3429
  msgid "Scheduled scans"
3430
  msgstr "Analyses planifiées"
3431
 
3432
- #: lib/help.php:329
3433
  msgid ""
3434
  "NinjaFirewall can scan your system on a specific interval (hourly, "
3435
  "twicedaily or daily)."
@@ -3437,7 +3425,7 @@ msgstr ""
3437
  "NinjaFirewall peut scanner votre système à intervalle régulier (une fois par "
3438
  "heure, deux fois par jour ou tous les jours)."
3439
 
3440
- #: lib/help.php:331
3441
  msgid ""
3442
  "It can either send you a scan report only if changes are detected, or always "
3443
  "send you one after each scan."
@@ -3446,7 +3434,7 @@ msgstr ""
3446
  "été détectés, ou bien vous en envoyer un systématiquement après chaque "
3447
  "analyse."
3448
 
3449
- #: lib/help.php:333
3450
  msgid ""
3451
  "Reports will be sent to the contact email address defined in the \"Event "
3452
  "Notifications\" menu."
@@ -3454,7 +3442,7 @@ msgstr ""
3454
  "Les rapports seront envoyés à l'adresse e-mail définie dans la page "
3455
  "\"Notifications d'Événement\"."
3456
 
3457
- #: lib/help.php:335
3458
  #, php-format
3459
  msgid ""
3460
  "Scheduled scans rely on <a href=\"%s\">WordPress pseudo cron</a> which works "
@@ -3463,7 +3451,7 @@ msgstr ""
3463
  "Les analyses planifiées utilisent le <a href=\"%s\">pseudo cron de "
3464
  "WordPress</a> qui ne fonctionne que si votre site reçoit un trafic suffisant."
3465
 
3466
- #: lib/help.php:349
3467
  msgid ""
3468
  "NinjaFirewall can alert you by email on specific events triggered within "
3469
  "your blog. They include installations, updates, activations etc, as well as "
@@ -3482,11 +3470,11 @@ msgstr ""
3482
  "après avoir pénétré dans votre Tableau de bord de WordPress, d'y installer "
3483
  "une porte dérobée (backdoor) afin de prendre le contrôle de votre blog."
3484
 
3485
- #: lib/help.php:360 lib/login_protection.php:21 ninjafirewall.php:837
3486
  msgid "Login Protection"
3487
  msgstr "Page de Connexion"
3488
 
3489
- #: lib/help.php:364
3490
  msgid ""
3491
  "By processing incoming HTTP requests before your blog and any of its "
3492
  "plugins, NinjaFirewall is the only plugin for WordPress able to protect it "
@@ -3499,7 +3487,7 @@ msgstr ""
3499
  "compris les attaques distribuées provenant de plusieurs milliers d'adresses "
3500
  "IP différentes."
3501
 
3502
- #: lib/help.php:366
3503
  msgid ""
3504
  "You can choose two different types of protection: a password or a captcha. "
3505
  "You can enable the protection only if an attack is detected or to keep it "
@@ -3509,11 +3497,11 @@ msgstr ""
3509
  "captcha. Vous pouvez choisir d'activer la protection uniquement lorsqu'une "
3510
  "attaque est détectée ou bien l'activer en permanence."
3511
 
3512
- #: lib/help.php:368
3513
  msgid "Yes, if under attack:"
3514
  msgstr "Oui, si attaque en cours :"
3515
 
3516
- #: lib/help.php:370
3517
  msgid ""
3518
  "The protection will be triggered when too many login attempts are detected, "
3519
  "regardless of the offending IP. It blocks the attack instantly and prevents "
@@ -3528,11 +3516,11 @@ msgstr ""
3528
  "utilisant soit une combinaison nom d'utilisateur / mot de passe prédéfinie, "
3529
  "soit un code captcha."
3530
 
3531
- #: lib/help.php:372
3532
  msgid "Always ON:"
3533
  msgstr "Toujours activée :"
3534
 
3535
- #: lib/help.php:374
3536
  msgid ""
3537
  "NinjaFirewall will always enforce the HTTP authentication or captcha "
3538
  "implementation each time you access the login page."
@@ -3540,11 +3528,11 @@ msgstr ""
3540
  "Vous serez toujours invité à saisir votre nom d'utilisateur / mot de passe, "
3541
  "ou le code du captcha, chaque fois que vous accéderez à la page de connexion."
3542
 
3543
- #: lib/help.php:377
3544
  msgid "Type of protection:"
3545
  msgstr "Type de protection :"
3546
 
3547
- #: lib/help.php:378
3548
  msgid ""
3549
  "<b>Password:</b> It password-protects the login page. NinjaFirewall uses its "
3550
  "own very fast authentication scheme and it is compatible with any HTTP "
@@ -3554,15 +3542,15 @@ msgstr ""
3554
  "utilise son propre système d'authentification, rapide et compatible avec "
3555
  "n'importe quel serveur HTTP (Apache, Nginx, Lighttpd etc)."
3556
 
3557
- #: lib/help.php:379
3558
  msgid "<b>Captcha:</b> It will display a 5-character captcha code."
3559
  msgstr "<b>Captcha :</b> Affichera un code captcha à 5 caractères."
3560
 
3561
- #: lib/help.php:380
3562
  msgid "Bot protection:"
3563
  msgstr "Protection contre les bots :"
3564
 
3565
- #: lib/help.php:381
3566
  msgid ""
3567
  "NinjaFirewall will attempt to block bots and scripts immediately, i.e., even "
3568
  "before they start a brute-force attack."
@@ -3570,11 +3558,11 @@ msgstr ""
3570
  "NinjaFirewall tentera de bloquer les bots et les scripts immédiatement, "
3571
  "c'est-à-dire avant même qu'ils ne commencent une attaque par force brute."
3572
 
3573
- #: lib/help.php:389
3574
  msgid "AUTH log"
3575
  msgstr "Journal d'authentification"
3576
 
3577
- #: lib/help.php:392
3578
  msgid ""
3579
  "NinjaFirewall can write to the server Authentication log when the brute-"
3580
  "force protection is triggered. This can be useful to the system "
@@ -3586,7 +3574,7 @@ msgstr ""
3586
  "surveillance ou pour bloquer l'IP incriminée au niveau du pare-feu du "
3587
  "serveur."
3588
 
3589
- #: lib/help.php:394
3590
  msgid ""
3591
  "If you have a shared hosting account, keep this option disabled as you do "
3592
  "not have any access to the server's logs."
@@ -3594,7 +3582,7 @@ msgstr ""
3594
  "Si vous avez un hébergement mutualisé, laissez cette option désactivée car "
3595
  "vous n'avez pas accès aux journaux du serveur."
3596
 
3597
- #: lib/help.php:396
3598
  msgid ""
3599
  "On Debian-based systems, the log is located in <code>/var/log/auth.log</"
3600
  "code>, and on Red Hat-based systems in <code>/var/log/secure</code>. The "
@@ -3604,19 +3592,19 @@ msgstr ""
3604
  "sous Red Hat, dans <code>/var/log/secure</code>. Le format utilisé est le "
3605
  "suivant&nbsp;:"
3606
 
3607
- #: lib/help.php:399
3608
  msgid "AA: the process ID (PID)."
3609
  msgstr "AA : l'identifiant de processus (PID)."
3610
 
3611
- #: lib/help.php:400
3612
  msgid "BB: the user IPv4 or IPv6 address."
3613
  msgstr "BB : L'adresse IPv4 ou IPv6 de l'utilisateur."
3614
 
3615
- #: lib/help.php:401
3616
  msgid "CC: the blog (sub-)domain name."
3617
  msgstr "CC : le nom de (sous-)domaine du blog."
3618
 
3619
- #: lib/help.php:402
3620
  msgid ""
3621
  "DD: the target: it can be either <code>wp-login.php</code> or <code>XML-RPC "
3622
  "API</code>."
@@ -3624,16 +3612,16 @@ msgstr ""
3624
  "DD : la cible; il peut s'agir soit de <code>wp-login.php</code>, soit de "
3625
  "<code>XML-RPC API</code>."
3626
 
3627
- #: lib/help.php:403
3628
  msgid "EE: the time, in minutes, the protection will remain active."
3629
  msgstr ""
3630
  "EE : le temps, en minutes, pendant lequel la protection restera active."
3631
 
3632
- #: lib/help.php:405
3633
  msgid "Sample loglines:"
3634
  msgstr "Exemple :"
3635
 
3636
- #: lib/help.php:408
3637
  #, php-format
3638
  msgid ""
3639
  "Be careful if you are behind a load balancer, reverse-proxy or CDN because "
@@ -3653,7 +3641,7 @@ msgstr ""
3653
  "Alternativement, vous pouvez utiliser le fichier <code><a href=\"%s\">."
3654
  "htninja</a></code>."
3655
 
3656
- #: lib/help.php:424
3657
  msgid ""
3658
  "The firewall log displays blocked and sanitised requests as well as some "
3659
  "useful information. It has 6 columns:"
@@ -3661,18 +3649,18 @@ msgstr ""
3661
  "Le journal du pare-feu affiche les requêtes HTTP qui ont été bloquées ou "
3662
  "nettoyées ainsi que d'autres informations utiles. Il a six colonnes&nbsp;:"
3663
 
3664
- #: lib/help.php:425
3665
  msgid "DATE : date and time of the incident."
3666
  msgstr "DATE : date et heure de l'incident."
3667
 
3668
- #: lib/help.php:426
3669
  msgid ""
3670
  "INCIDENT : unique incident number/ID as it was displayed to the blocked user."
3671
  msgstr ""
3672
  "INCIDENT : le numéro d'incident (ID) unique. Par défaut, il sera aussi "
3673
  "affiché à l'utilisateur dont la requête aura été bloquée par le pare-feu."
3674
 
3675
- #: lib/help.php:427
3676
  msgid ""
3677
  "LEVEL : level of severity (<code>CRITICAL</code>, <code>HIGH</code> or "
3678
  "<code>MEDIUM</code>), information (<code>INFO</code>, <code>UPLOAD</code>) "
@@ -3682,7 +3670,7 @@ msgstr ""
3682
  "<code>MEDIUM</code>), information (<code>INFO</code>, <code>UPLOAD</code>) "
3683
  "et mode débogage (<code>DEBUG_ON</code>)."
3684
 
3685
- #: lib/help.php:428
3686
  msgid ""
3687
  "RULE : reference of the NinjaFirewall built-in security rule that triggered "
3688
  "the action. A hyphen (<code>-</code>) instead of a number means it was a "
@@ -3693,11 +3681,11 @@ msgstr ""
3693
  "d'un numéro signifie que la règle provient de votre configuration "
3694
  "personnelle de la page \"Politiques du Pare-feu\"."
3695
 
3696
- #: lib/help.php:429
3697
  msgid "IP : the user IPv4 or IPv6 address."
3698
  msgstr "BB : L'adresse IPv4 ou IPv6 de l'utilisateur."
3699
 
3700
- #: lib/help.php:430
3701
  msgid ""
3702
  "REQUEST : the HTTP request including offending variables and values as well "
3703
  "as the reason the action was logged."
@@ -3705,7 +3693,7 @@ msgstr ""
3705
  "REQUEST : la requête HTTP avec ses variables et valeurs, ainsi que la raison "
3706
  "qui a déclenché l'incident."
3707
 
3708
- #: lib/help.php:437
3709
  msgid ""
3710
  "This options lets you configure NinjaFirewall to delete its old logs "
3711
  "automatically. By default, logs are never deleted, <b>even when uninstall "
@@ -3718,7 +3706,7 @@ msgstr ""
3718
  "cette valeur à <code>0</code> si vous ne voulez pas supprimer les anciens "
3719
  "journaux."
3720
 
3721
- #: lib/help.php:445
3722
  msgid ""
3723
  "Centralized Logging lets you remotely access the firewall log of all your "
3724
  "NinjaFirewall protected websites from one single installation. You do not "
@@ -3729,13 +3717,13 @@ msgstr ""
3729
  "NinjaFirewall. Vous n'avez plus besoin de vous connecter à chaque site pour "
3730
  "analyser vos journaux."
3731
 
3732
- #: lib/help.php:445
3733
  #, php-format
3734
  msgid "<a href=\"%s\">Consult our blog</a> for more info about it."
3735
  msgstr ""
3736
  "<a href=\"%s\">Consultez notre blog pour plus d'informations à ce sujet</a>."
3737
 
3738
- #: lib/help.php:446
3739
  msgid ""
3740
  "Enter your public key (optional): This is the public key that was created "
3741
  "from your main server."
@@ -3743,7 +3731,7 @@ msgstr ""
3743
  "Entrez votre clé publique (optionnel) : Il s'agit de la clé qui a été créée "
3744
  "depuis le serveur principal."
3745
 
3746
- #: lib/help.php:449
3747
  msgid ""
3748
  "Centralized Logging will keep working even if NinjaFirewall is disabled. "
3749
  "Delete your public key below if you want to disable it."
@@ -3752,12 +3740,12 @@ msgstr ""
3752
  "NinjaFirewall. Si vous souhaitez complètement désactiver cette option, "
3753
  "supprimez votre clé publique ci-dessous. "
3754
 
3755
- #: lib/help.php:471 lib/live_log.php:37 lib/live_log.php:216
3756
- #: ninjafirewall.php:845
3757
  msgid "Live Log"
3758
  msgstr "Live Log"
3759
 
3760
- #: lib/help.php:473
3761
  msgid ""
3762
  "Live Log lets you watch your blog traffic in real time, just like the Unix "
3763
  "<code>tail -f</code> command. Note that requests sent to static elements "
@@ -3769,7 +3757,7 @@ msgstr ""
3769
  "statiques comme les fichiers JS/CSS ou les images ne sont pas traitées par "
3770
  "NinjaFirewall."
3771
 
3772
- #: lib/help.php:475
3773
  msgid ""
3774
  "You can enable/disable the monitoring process, change the refresh rate, "
3775
  "clear the screen, enable automatic vertical scrolling, change the log "
@@ -3780,7 +3768,7 @@ msgstr ""
3780
  "effacer l'écran, changer le format d'affichage, le fuseau horaire et choisir "
3781
  "le type de trafic à visualiser (HTTP/HTTPS)."
3782
 
3783
- #: lib/help.php:475
3784
  msgid ""
3785
  "You can also apply filters to include or exclude files and folders "
3786
  "(REQUEST_URI)."
@@ -3788,7 +3776,7 @@ msgstr ""
3788
  "Vous pouvez également appliquer des filtres pour inclure ou exclure des "
3789
  "fichiers et des dossiers (REQUEST_URI)."
3790
 
3791
- #: lib/help.php:478
3792
  msgid ""
3793
  "Live Log does not make use of any WordPress core file (e.g., <code>admin-"
3794
  "ajax.php</code>). It communicates directly with the firewall without loading "
@@ -3802,7 +3790,7 @@ msgstr ""
3802
  "serveur, même si vous ajustez son intervalle de rafraîchissement de la page "
3803
  "sur la fréquence la plus rapide (5 secondes)."
3804
 
3805
- #: lib/help.php:480
3806
  msgid ""
3807
  "If you are using the optional <code>.htninja</code> configuration file to "
3808
  "whitelist your IP, the Live Log feature will not work."
@@ -3811,27 +3799,27 @@ msgstr ""
3811
  "pour toujours accepter les requêtes provenant de votre adresse IP, Live Log "
3812
  "ne fonctionnera pas."
3813
 
3814
- #: lib/help.php:485
3815
  msgid "Log Format"
3816
  msgstr "Format d'affichage"
3817
 
3818
- #: lib/help.php:486
3819
  msgid "You can easily customize the log format. Possible values are:"
3820
  msgstr ""
3821
  "Vous pouvez facilement changer le format d'affichage en combinant une ou "
3822
  "plusieurs des valeurs suivantes&nbsp;:"
3823
 
3824
- #: lib/help.php:487
3825
  msgid "<code>%time</code>: the server date, time and timezone."
3826
  msgstr "<code>%time</code> : la date, heure et fuseau horaire du serveur."
3827
 
3828
- #: lib/help.php:488
3829
  msgid "<code>%name</code>: authenticated user (HTTP basic auth), if any."
3830
  msgstr ""
3831
  "<code>%name</code> : le nom de l'utilisateur (Authentification HTTP), s'il "
3832
  "existe."
3833
 
3834
- #: lib/help.php:489
3835
  #, php-format
3836
  msgid ""
3837
  "<code>%client</code>: the client REMOTE_ADDR. If you are behind a load "
@@ -3841,28 +3829,28 @@ msgstr ""
3841
  "serveur est derrière un CDN ou un proxy, cette variable retournera l'adresse "
3842
  "IP de celui-ci."
3843
 
3844
- #: lib/help.php:490
3845
  msgid "<code>%method</code>: HTTP method (e.g., GET, POST)."
3846
  msgstr "<code>%method</code> : la méthode HTTP (ex. GET, POST)."
3847
 
3848
- #: lib/help.php:491
3849
  #, php-format
3850
  msgid ""
3851
  "<code>%uri</code>: the URI which was given in order to access the page "
3852
  "(REQUEST_URI)."
3853
  msgstr "<code>%uri</code> : l'URI donnée pour accéder à la page (REQUEST_URI)."
3854
 
3855
- #: lib/help.php:492
3856
  msgid "<code>%referrer</code>: the referrer (HTTP_REFERER), if any."
3857
  msgstr "<code>%referrer</code> : le referrer (HTTP_REFERER), s'il existe."
3858
 
3859
- #: lib/help.php:493
3860
  #, php-format
3861
  msgid "<code>%ua</code>: the user-agent (HTTP_USER_AGENT), if any."
3862
  msgstr ""
3863
  "<code>%ua</code> : l'en-tête User-Agent (HTTP_USER_AGENT), s'il existe."
3864
 
3865
- #: lib/help.php:494
3866
  #, php-format
3867
  msgid ""
3868
  "<code>%forward</code>: HTTP_X_FORWARDED_FOR, if any. If you are behind a "
@@ -3872,13 +3860,13 @@ msgstr ""
3872
  "votre serveur est derrière un CDN ou un proxy, cette variable retournera "
3873
  "l'adresse réelle du client."
3874
 
3875
- #: lib/help.php:495
3876
  msgid "<code>%host</code>: the requested host (HTTP_HOST), if any."
3877
  msgstr ""
3878
  "<code>%host</code> : l'en-tête Host de la requête courante (HTTP_HOST), si "
3879
  "elle existe."
3880
 
3881
- #: lib/help.php:496
3882
  msgid ""
3883
  "Additionally, you can include any of the following characters: <code>\"</"
3884
  "code>, <code>%</code>, <code>[</code>, <code>]</code>, <code>space</code> "
@@ -3888,11 +3876,11 @@ msgstr ""
3888
  "%</code>, <code>[</code>, <code>]</code>, <code>espace</code> et toute "
3889
  "lettre minuscule <code>a-z</code>."
3890
 
3891
- #: lib/help.php:508 lib/rules_editor.php:17 ninjafirewall.php:849
3892
  msgid "Rules Editor"
3893
  msgstr "Éditeur de Règles"
3894
 
3895
- #: lib/help.php:510
3896
  msgid ""
3897
  "Besides the \"Firewall Policies\", NinjaFirewall includes also a large set "
3898
  "of built-in rules used to protect your blog against the most common "
@@ -3909,7 +3897,7 @@ msgstr ""
3909
  "règles, vous pouvez utiliser l’Éditeur de règles ci-dessous pour les "
3910
  "désactiver individuellement&nbsp;:"
3911
 
3912
- #: lib/help.php:512
3913
  msgid ""
3914
  "Check your firewall log and find the rule ID you want to disable (it is "
3915
  "displayed in the <code>RULE</code> column)."
@@ -3917,7 +3905,7 @@ msgstr ""
3917
  "Consultez le journal du pare-feu afin d'y trouver l'ID de la règle que vous "
3918
  "souhaitez désactiver (il est affiché dans la colonne <code>RULE</code>)."
3919
 
3920
- #: lib/help.php:513
3921
  msgid ""
3922
  "Select its ID from the enabled rules list below and click the \"Disable it\" "
3923
  "button."
@@ -3925,7 +3913,7 @@ msgstr ""
3925
  "Sélectionnez son ID dans la liste des règles ci-dessous et cliquez sur le "
3926
  "bouton \"Désactiver\"."
3927
 
3928
- #: lib/help.php:515
3929
  msgid ""
3930
  "Note: if the <code>RULE</code> column from your log shows a hyphen <code>-</"
3931
  "code> instead of a number, that means that the rule can be changed in the "
@@ -3935,11 +3923,11 @@ msgstr ""
3935
  "d'union <code>-</code> à la place d'un nombre, cela signifie que la règle ne "
3936
  "peut être modifiée quand dans la page \"Politiques du Pare-feu\"."
3937
 
3938
- #: lib/help.php:520
3939
  msgid "Credits"
3940
  msgstr "Crédits"
3941
 
3942
- #: lib/help.php:522
3943
  msgid ""
3944
  "NinjaFirewall security rules protect against many vulnerabilities. Some of "
3945
  "them were reported by the following companies, individuals or mailing lists:"
@@ -3948,11 +3936,11 @@ msgstr ""
3948
  "vulnérabilités. Certaines d'entre elles ont été découvertes par les "
3949
  "entreprises, particuliers ou listes de diffusion suivantes:"
3950
 
3951
- #: lib/help.php:574 lib/overview.php:132
3952
  msgid "Updates"
3953
  msgstr "Mises à Jour"
3954
 
3955
- #: lib/help.php:576
3956
  msgid ""
3957
  "To get the most efficient protection, you can ask NinjaFirewall to "
3958
  "automatically update its security rules."
@@ -3960,7 +3948,7 @@ msgstr ""
3960
  "Pour bénéficier de la protection la plus efficace, vous pouvez demander à "
3961
  "NinjaFirewall de mettre à jour ses règles de sécurité automatiquement."
3962
 
3963
- #: lib/help.php:578
3964
  msgid ""
3965
  "Each time a new vulnerability is found in WordPress or one of its plugins/"
3966
  "themes, a new set of security rules will be made available to protect "
@@ -3973,7 +3961,7 @@ msgstr ""
3973
  "peuvent être effectuées chaque jour, deux fois par jour ou même une fois par "
3974
  "heure."
3975
 
3976
- #: lib/help.php:580
3977
  msgid ""
3978
  "Only security rules will be downloaded. If a new version of NinjaFirewall "
3979
  "(including new files, options and features) was available, it would have to "
@@ -3984,7 +3972,7 @@ msgstr ""
3984
  "jour depuis la page des \"Extensions\" de votre tableau de bord, comme "
3985
  "d'habitude."
3986
 
3987
- #: lib/help.php:582
3988
  msgid ""
3989
  "We recommend to enable this feature, as it is the <strong>only way to keep "
3990
  "your WordPress secure</strong> against new vulnerabilities."
@@ -3993,6 +3981,36 @@ msgstr ""
3993
  "<strong>meilleure façon de garder votre WordPress protégé</strong> contre "
3994
  "les dernières vulnérabilités."
3995
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
3996
  #: lib/install_fullwaf.php:35 lib/install_fullwaf.php:149
3997
  #: lib/install_fullwaf.php:304 lib/install_wpwaf.php:53
3998
  #: lib/install_wpwaf.php:63 lib/install_wpwaf.php:70
@@ -4704,7 +4722,7 @@ msgstr "Erreur : le mot de passe doit comporter de 6 à 32 caractères."
4704
  msgid "Error: unable to write to the %s configuration file"
4705
  msgstr "Erreur : impossible d’écrire dans le fichier de configuration %s"
4706
 
4707
- #: lib/network.php:24 ninjafirewall.php:1239 ninjafirewall.php:1243
4708
  #, php-format
4709
  msgid "You are not allowed to perform this task (%s)."
4710
  msgstr "Vous n'êtes pas autorisé à effectuer cette tâche (%s)."
@@ -4747,7 +4765,7 @@ msgstr ""
4747
  "Un e-mail \"Guide d'Utilisation, d'Installation et de Dépannage\" a été "
4748
  "envoyé à l'adresse"
4749
 
4750
- #: lib/overview.php:62 lib/utils.php:321
4751
  msgid "unknown error"
4752
  msgstr "erreur inconnue"
4753
 
@@ -4784,7 +4802,7 @@ msgstr "Cliquez ici pour désactiver le mode Débogage"
4784
  msgid "PHP SAPI"
4785
  msgstr "PHP SAPI"
4786
 
4787
- #: lib/overview.php:122 ninjafirewall.php:1158
4788
  msgid "Version"
4789
  msgstr "Version"
4790
 
@@ -5048,7 +5066,7 @@ msgstr "Règles désactivées"
5048
  msgid "Enable it"
5049
  msgstr "Activer"
5050
 
5051
- #: lib/rules_update.php:73 ninjafirewall.php:853
5052
  msgid "Rules Update"
5053
  msgstr "Mise à Jour des Règles"
5054
 
@@ -5224,7 +5242,7 @@ msgstr ""
5224
  "Cette notification peut être désactivée depuis la page \"Mise à Jour des "
5225
  "Règles\" de NinjaFirewall."
5226
 
5227
- #: lib/statistics.php:27 ninjafirewall.php:799
5228
  msgid "Statistics"
5229
  msgstr "Statistiques"
5230
 
@@ -5269,28 +5287,28 @@ msgid "NinjaFirewall has blocked an attempt to create a user account:"
5269
  msgstr ""
5270
  "NinjaFirewall a bloqué une tentative de création d'un compte d'utilisateur :"
5271
 
5272
- #: lib/utils.php:85 lib/utils.php:642
5273
  msgid "Username:"
5274
  msgstr "Utilisateur :"
5275
 
5276
- #: lib/utils.php:86 lib/utils.php:643 lib/utils.php:847
5277
  msgid "User IP:"
5278
  msgstr "IP utilisateur :"
5279
 
5280
- #: lib/utils.php:89 lib/utils.php:501 lib/utils.php:646 lib/utils.php:850
5281
  msgid "Date:"
5282
  msgstr "Date :"
5283
 
5284
- #: lib/utils.php:96 lib/utils.php:97 lib/utils.php:656 lib/utils.php:657
5285
- #: lib/utils.php:804 lib/utils.php:805
5286
  msgid "You are not allowed to perform this task."
5287
  msgstr "Vous n'êtes pas autorisé à effectuer cette tâche."
5288
 
5289
- #: lib/utils.php:297 lib/utils.php:301
5290
  msgid "NinjaFirewall error"
5291
  msgstr "NinjaFirewall Erreur"
5292
 
5293
- #: lib/utils.php:298
5294
  #, php-format
5295
  msgid ""
5296
  "%s directory cannot be created. Please review your installation and ensure "
@@ -5299,7 +5317,7 @@ msgstr ""
5299
  "Le répertoire %s ne peut pas être créé. Vérifiez votre installation et "
5300
  "assurez vous que %s n'est pas en lecture seule."
5301
 
5302
- #: lib/utils.php:302
5303
  #, php-format
5304
  msgid ""
5305
  "%s directory is read-only. Please review your installation and ensure that "
@@ -5308,19 +5326,19 @@ msgstr ""
5308
  "Le répertoire %s est en lecture seule. Vérifiez votre installation et les "
5309
  "permissions de %s."
5310
 
5311
- #: lib/utils.php:323
5312
  msgid "NinjaFirewall fatal error:"
5313
  msgstr "NinjaFirewall erreur fatale :"
5314
 
5315
- #: lib/utils.php:324
5316
  msgid "Review your installation, your site is not protected."
5317
  msgstr "Vérifiez votre installation, votre site n'est pas protégé."
5318
 
5319
- #: lib/utils.php:372 lib/utils.php:394
5320
  msgid "Forbidden access"
5321
  msgstr "Accès interdit"
5322
 
5323
- #: lib/utils.php:413
5324
  #, php-format
5325
  msgid ""
5326
  "<strong>ERROR</strong>: Invalid username or password.<br /><a href=\"%s"
@@ -5329,11 +5347,59 @@ msgstr ""
5329
  "<strong>ERREUR</strong>: Identifiant ou mot de passe invalide.<br /><a href="
5330
  "\"%s\">Mot de passe perdu</a> ?"
5331
 
5332
- #: lib/utils.php:496
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
5333
  msgid "[NinjaFirewall] Alert: Database changes detected"
5334
  msgstr "[NinjaFirewall] Alerte: Modification dans la base de données"
5335
 
5336
- #: lib/utils.php:497
5337
  msgid ""
5338
  "NinjaFirewall has detected that one or more administrator accounts were "
5339
  "modified in the database:"
@@ -5341,12 +5407,12 @@ msgstr ""
5341
  "NinjaFirewall a détecté que un ou plusieurs comptes d'administrateur ont été "
5342
  "modifiés dans la base de données:"
5343
 
5344
- #: lib/utils.php:502
5345
  #, php-format
5346
  msgid "Total administrators : %s"
5347
  msgstr "Nombre d'administrateurs : %s"
5348
 
5349
- #: lib/utils.php:511
5350
  msgid ""
5351
  "If you cannot see any modifications in the above fields, it is possible that "
5352
  "the administrator password was changed."
@@ -5354,17 +5420,17 @@ msgstr ""
5354
  "Si vous ne voyez pas de modifications dans les données ci-dessus, il est "
5355
  "possible que le mot de passe administrateur ait été changé."
5356
 
5357
- #: lib/utils.php:614
5358
  msgid "Blocked privilege escalation attempt"
5359
  msgstr "Tentatives d'élévation des privilèges"
5360
 
5361
- #: lib/utils.php:639
5362
  msgid "NinjaFirewall has blocked an attempt to gain administrative privileges:"
5363
  msgstr ""
5364
  "NinjaFirewall a bloqué un utilisateur ayant essayé d'élever ses privilèges "
5365
  "pour devenir administrateur du blog :"
5366
 
5367
- #: lib/utils.php:667
5368
  msgid ""
5369
  "NinjaFirewall brute-force protection is enabled and you are temporarily "
5370
  "whitelisted."
@@ -5372,7 +5438,7 @@ msgstr ""
5372
  "La protection de NinjaFirewall contre les attaques par force brute est "
5373
  "activée. Vous êtes temporairement dans la liste blanche."
5374
 
5375
- #: lib/utils.php:681
5376
  #, php-format
5377
  msgid ""
5378
  "Hey, it seems that you've been using NinjaFirewall for some time. If you "
@@ -5385,27 +5451,27 @@ msgstr ""
5385
  "a>. Il a fallu des milliers d'heures pour le développer, mais il suffit "
5386
  "seulement de quelques minutes pour le noter. Merci !"
5387
 
5388
- #: lib/utils.php:826
5389
  msgid "WordPress Address (URL)"
5390
  msgstr "Adresse web de WordPress (URL)"
5391
 
5392
- #: lib/utils.php:827
5393
  msgid "Site Address (URL)"
5394
  msgstr "Adresse web du site (URL)"
5395
 
5396
- #: lib/utils.php:828
5397
  msgid "Membership"
5398
  msgstr "Inscription"
5399
 
5400
- #: lib/utils.php:829
5401
  msgid "New User Default Role"
5402
  msgstr "Rôle par défaut de tout nouvel utilisateur"
5403
 
5404
- #: lib/utils.php:832
5405
  msgid "Attempt to modify WordPress settings"
5406
  msgstr "Tentative de modification des paramètres de WordPress"
5407
 
5408
- #: lib/utils.php:833
5409
  msgid ""
5410
  "NinjaFirewall has blocked an attempt to modify some important WordPress "
5411
  "settings by a user that does not have administrative privileges:"
@@ -5414,44 +5480,44 @@ msgstr ""
5414
  "importants de WordPress par un utilisateur ne disposant pas de privilèges "
5415
  "administratifs :"
5416
 
5417
- #: lib/utils.php:835
5418
  msgid ""
5419
  "The attempt was blocked and the option was reversed to its original value."
5420
  msgstr ""
5421
  "La tentative a été bloquée et l'option a été remise à sa valeur d'origine."
5422
 
5423
- #: lib/utils.php:837
5424
  #, php-format
5425
  msgid "Option: %s (%s)"
5426
  msgstr "Option: %s (%s)"
5427
 
5428
- #: lib/utils.php:838
5429
  #, php-format
5430
  msgid "Original value: %s"
5431
  msgstr "Valeur originale : %s"
5432
 
5433
- #: lib/utils.php:839
5434
  #, php-format
5435
  msgid "Modified value: %s"
5436
  msgstr "Valeur modifiée : %s"
5437
 
5438
- #: lib/utils.php:840
5439
  #, php-format
5440
  msgid "Action taken: %s"
5441
  msgstr "Action prise : %s"
5442
 
5443
- #: lib/utils.php:842
5444
  #, php-format
5445
  msgid "You can review this option from your WordPress \"%s\" page."
5446
  msgstr ""
5447
  "Vous pouvez consulter cette option à partir de votre page \"% s\" de "
5448
  "WordPress."
5449
 
5450
- #: lib/utils.php:843
5451
  msgid "Settings > General"
5452
  msgstr "Réglages > Général"
5453
 
5454
- #: lib/utils.php:852
5455
  msgid ""
5456
  "This protection (and notification) can be turned off from NinjaFirewall "
5457
  "\"Firewall Policies\" page."
@@ -5770,48 +5836,65 @@ msgid "A true Web Application Firewall to protect and secure WordPress."
5770
  msgstr "Un véritable pare-feu applicatif pour sécuriser et protéger WordPress."
5771
 
5772
  #: ninjafirewall.php:61
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
5773
  msgid "Cannot find WordPress configuration file"
5774
  msgstr "Impossible de trouver le fichier de configuration de WordPress"
5775
 
5776
- #: ninjafirewall.php:62
5777
  msgid "Cannot read WordPress configuration file"
5778
  msgstr "Impossible de lire le fichier de configuration de WordPress"
5779
 
5780
- #: ninjafirewall.php:63
5781
  msgid "Cannot retrieve WordPress database credentials"
5782
  msgstr ""
5783
  "Impossible de récupérer les informations d'identification de base de données "
5784
  "WordPress"
5785
 
5786
- #: ninjafirewall.php:64
5787
  msgid "Cannot connect to WordPress database"
5788
  msgstr "Impossible de se connecter à la base de données WordPress"
5789
 
5790
- #: ninjafirewall.php:65
5791
  msgid "Cannot retrieve user options from database (#2)"
5792
  msgstr ""
5793
  "Impossible de récupérer les options de l'utilisateur dans la base de données "
5794
  "(#2)"
5795
 
5796
- #: ninjafirewall.php:66
5797
  msgid "Cannot retrieve user options from database (#3)"
5798
  msgstr ""
5799
  "Impossible de récupérer les options de l'utilisateur dans la base de données "
5800
  "(#3)"
5801
 
5802
- #: ninjafirewall.php:67
5803
  msgid "Cannot retrieve user rules from database (#2)"
5804
  msgstr ""
5805
  "Impossible de récupérer les règles de l'utilisateur dans la base de données "
5806
  "(#2)"
5807
 
5808
- #: ninjafirewall.php:68
5809
  msgid "Cannot retrieve user rules from database (#3)"
5810
  msgstr ""
5811
  "Impossible de récupérer les règles de l'utilisateur dans la base de données "
5812
  "(#3)"
5813
 
5814
- #: ninjafirewall.php:69
5815
  msgid ""
5816
  "The firewall has been disabled from the <a href=\"admin.php?page=nfsubopt"
5817
  "\">administration console</a>"
@@ -5819,25 +5902,25 @@ msgstr ""
5819
  "Le pare-feu a été désactivé depuis son <a href=\"admin.php?page=nfsubopt"
5820
  "\">interface d'administration</a>"
5821
 
5822
- #: ninjafirewall.php:70
5823
  msgid "Unable to communicate with the firewall. Please check your settings"
5824
  msgstr ""
5825
  "Impossible de communiquer avec le pare-feu. Veuillez vérifiez votre "
5826
  "configuration"
5827
 
5828
- #: ninjafirewall.php:71
5829
  msgid "Cannot retrieve user options from database (#1)"
5830
  msgstr ""
5831
  "Impossible de récupérer les options de l'utilisateur dans la base de données "
5832
  "(#1)"
5833
 
5834
- #: ninjafirewall.php:72
5835
  msgid "Cannot retrieve user rules from database (#1)"
5836
  msgstr ""
5837
  "Impossible de récupérer les règles de l'utilisateur dans la base de données "
5838
  "(#1)"
5839
 
5840
- #: ninjafirewall.php:73
5841
  #, php-format
5842
  msgid ""
5843
  "The firewall cannot access its log and cache folders. If you changed the "
@@ -5848,7 +5931,7 @@ msgstr ""
5848
  "modifié les dossiers %s ou %s, vous DEVEZ définir la constante %s afin de "
5849
  "résoudre ce problème (consultez %s pour plus de détails)"
5850
 
5851
- #: ninjafirewall.php:98
5852
  msgid ""
5853
  "You do not have \"unfiltered_html\" capability. Please enable it in order to "
5854
  "run NinjaFirewall (or make sure you do not have \"DISALLOW_UNFILTERED_HTML\" "
@@ -5859,7 +5942,7 @@ msgstr ""
5859
  "la directive \"DISALLOW_UNFILTERED_HTML\" activée dans votre fichier wp-"
5860
  "config.php)."
5861
 
5862
- #: ninjafirewall.php:105
5863
  #, php-format
5864
  msgid ""
5865
  "NinjaFirewall requires WordPress 3.3 or greater but your current version is "
@@ -5868,19 +5951,19 @@ msgstr ""
5868
  "NinjaFirewall nécessite au moins WordPress 3.3 mais votre version de "
5869
  "WordPress est %s."
5870
 
5871
- #: ninjafirewall.php:109
5872
  #, php-format
5873
  msgid ""
5874
  "NinjaFirewall requires PHP 5.3 or greater but your current version is %s."
5875
  msgstr ""
5876
  "NinjaFirewall nécessite au moins PHP 5.3 mais votre version de PHP est %s."
5877
 
5878
- #: ninjafirewall.php:113
5879
  #, php-format
5880
  msgid "NinjaFirewall requires the PHP %s extension."
5881
  msgstr "NinjaFirewall nécessite l'extension PHP %s."
5882
 
5883
- #: ninjafirewall.php:117
5884
  msgid ""
5885
  "You have SAFE_MODE enabled. Please disable it, it is deprecated as of PHP "
5886
  "5.3.0 (see http://php.net/safe-mode)."
@@ -5889,220 +5972,161 @@ msgstr ""
5889
  "devenue obsolète depuis PHP 5.3 et a été supprimée depuis PHP 5.4 (cf. "
5890
  "http://php.net/safe-mode)."
5891
 
5892
- #: ninjafirewall.php:121
5893
  msgid "You are not allowed to activate NinjaFirewall."
5894
  msgstr "Vous n’êtes pas autorisé à activer NinjaFirewall."
5895
 
5896
- #: ninjafirewall.php:125
5897
  msgid "NinjaFirewall is not compatible with Microsoft Windows."
5898
  msgstr "NinjaFirewall n'est pas compatible avec Microsoft Windows."
5899
 
5900
- #: ninjafirewall.php:555
5901
- msgid "ERROR: Failed to update rules"
5902
- msgstr "ERREUR: Échec de la mise à jour des règles"
5903
-
5904
- #: ninjafirewall.php:561
5905
- msgid ""
5906
- "NinjaFirewall failed to update its rules. This is a critical error, your "
5907
- "current rules may be corrupted or disabled. In order to solve the problem, "
5908
- "please follow these instructions:"
5909
- msgstr ""
5910
- "La mise à jour des règles de NinjaFirewall a échoué. Ceci est une erreur "
5911
- "critique, vos règles actuelles peuvent être endommagées ou bien désactivées. "
5912
- "Afin de résoudre le problème, veuillez suivre ces instructions :"
5913
-
5914
- #: ninjafirewall.php:562
5915
- msgid "1. Log in to your WordPress admin dashboard."
5916
- msgstr "1. Connectez-vous à votre tableau de bord WordPress."
5917
-
5918
- #: ninjafirewall.php:563
5919
- msgid "2. Go to \"NinjaFirewall > Updates\"."
5920
- msgstr "2. Sélectionnez \"NinjaFirewall > Mises à Jour\"."
5921
-
5922
- #: ninjafirewall.php:564
5923
- msgid "3. Click on \"Check for updates now!\"."
5924
- msgstr "3. Cliquez sur le bouton \"Vérifier les mises à jour maintenant ! \"."
5925
-
5926
- #: ninjafirewall.php:569 ninjafirewall.php:699
5927
- msgid "Support forum"
5928
- msgstr "Forum "
5929
-
5930
- #: ninjafirewall.php:687
5931
  msgid "Alert: WordPress console login"
5932
  msgstr "Alerte : Connexion à WordPress"
5933
 
5934
- #: ninjafirewall.php:689
5935
  msgid "-Blog:"
5936
  msgstr "- Blog :"
5937
 
5938
- #: ninjafirewall.php:693
5939
  msgid "Someone just logged in to your WordPress admin console:"
5940
  msgstr "Quelqu'un vient de se connecter à votre Tableau de bord de WordPress:"
5941
 
5942
- #: ninjafirewall.php:694
5943
  msgid "-User:"
5944
  msgstr "- Nom :"
5945
 
5946
- #: ninjafirewall.php:695
5947
  msgid "-IP:"
5948
  msgstr "- IP :"
5949
 
5950
- #: ninjafirewall.php:696
5951
  msgid "-Date:"
5952
  msgstr "- Date :"
5953
 
5954
- #: ninjafirewall.php:766
5955
- #, php-format
5956
- msgid "Sorry %s, your request cannot be processed."
5957
- msgstr "Désolé %s, votre requête ne peut pas aboutir."
5958
-
5959
- #: ninjafirewall.php:767
5960
- msgid "For security reasons, it was blocked and logged."
5961
- msgstr "Pour des raisons de sécurité, elle a été bloquée et enregistrée."
5962
-
5963
- #: ninjafirewall.php:769
5964
- msgid ""
5965
- "If you believe this was an error please contact the<br />webmaster and "
5966
- "enclose the following incident ID:"
5967
- msgstr ""
5968
- "Si vous pensez qu'il s'agit d'une erreur, veuillez contacter<br />le "
5969
- "webmaster et joindre le numéro d'incident suivant:"
5970
 
5971
- #: ninjafirewall.php:795
5972
  msgid "NinjaFirewall: Overview"
5973
  msgstr "NinjaFirewall : Aperçu"
5974
 
5975
- #: ninjafirewall.php:799
5976
  msgid "NinjaFirewall: Statistics"
5977
  msgstr "NinjaFirewall : Statistiques"
5978
 
5979
- #: ninjafirewall.php:803
5980
  msgid "NinjaFirewall: Firewall Options"
5981
  msgstr "NinjaFirewall : Options du Pare-feu"
5982
 
5983
- #: ninjafirewall.php:807
5984
  msgid "NinjaFirewall: Firewall Policies"
5985
  msgstr "NinjaFirewall : Politiques du Pare-feu"
5986
 
5987
- #: ninjafirewall.php:811
5988
  msgid "NinjaFirewall: File Guard"
5989
  msgstr "NinjaFirewall: File Guard"
5990
 
5991
- #: ninjafirewall.php:815
5992
  msgid "NinjaFirewall: File Check"
5993
  msgstr "NinjaFirewall: File Check"
5994
 
5995
- #: ninjafirewall.php:825
5996
  msgid "NinjaFirewall: Anti-Malware"
5997
  msgstr "NinjaFirewall : Anti-Malware"
5998
 
5999
- #: ninjafirewall.php:829
6000
  msgid "NinjaFirewall: Network"
6001
  msgstr "NinjaFirewall : Réseau"
6002
 
6003
- #: ninjafirewall.php:833
6004
  msgid "NinjaFirewall: Event Notifications"
6005
  msgstr "NinjaFirewall : Notifications d’Événement"
6006
 
6007
- #: ninjafirewall.php:837
6008
  msgid "NinjaFirewall: Log-in Protection"
6009
  msgstr "NinjaFirewall : Page de Connexion"
6010
 
6011
- #: ninjafirewall.php:841
6012
  msgid "NinjaFirewall: Firewall Log"
6013
  msgstr "NinjaFirewall : Journal du Pare-feu"
6014
 
6015
- #: ninjafirewall.php:845
6016
  msgid "NinjaFirewall: Live Log"
6017
  msgstr "NinjaFirewall: Live Log"
6018
 
6019
- #: ninjafirewall.php:849
6020
  msgid "NinjaFirewall: Rules Editor"
6021
  msgstr "NinjaFirewall : Éditeur de Règles"
6022
 
6023
- #: ninjafirewall.php:853
6024
  msgid "NinjaFirewall: Rules Update"
6025
  msgstr "NinjaFirewall: Mise à Jour des Règles"
6026
 
6027
- #: ninjafirewall.php:860
6028
  msgid "NinjaFirewall: About"
6029
  msgstr "NinjaFirewall : À Propos"
6030
 
6031
- #: ninjafirewall.php:860
6032
  msgid "About..."
6033
  msgstr "À Propos..."
6034
 
6035
- #: ninjafirewall.php:900
6036
  msgid "NinjaFirewall Settings"
6037
  msgstr "Réglages de NinjaFirewall"
6038
 
6039
- #: ninjafirewall.php:908
6040
  msgid "NinjaFirewall is enabled"
6041
  msgstr "NinjaFirewall est activé"
6042
 
6043
- #: ninjafirewall.php:1097
6044
  msgid "Access Restricted"
6045
  msgstr "Accès limité"
6046
 
6047
- #: ninjafirewall.php:1103
6048
  msgid "Settings"
6049
  msgstr "Réglages"
6050
 
6051
- #: ninjafirewall.php:1104
6052
  msgid "Upgrade to Premium"
6053
  msgstr "Passez Premium !"
6054
 
6055
- #: ninjafirewall.php:1105
6056
  msgid "Rate it!"
6057
  msgstr "Notez-le !"
6058
 
6059
- #: ninjafirewall.php:1150
6060
- msgid "Plugin"
6061
- msgstr "Extension"
6062
-
6063
- #: ninjafirewall.php:1150 ninjafirewall.php:1154
6064
- msgid "uploaded"
6065
- msgstr "téléchargé(e)"
6066
-
6067
- #: ninjafirewall.php:1150 ninjafirewall.php:1154
6068
- msgid "installed"
6069
- msgstr "installé(e)"
6070
-
6071
- #: ninjafirewall.php:1150 ninjafirewall.php:1154
6072
- msgid "activated"
6073
- msgstr "activé(e)"
6074
-
6075
- #: ninjafirewall.php:1151
6076
- msgid "updated"
6077
- msgstr "mis(e) à jour"
6078
-
6079
- #: ninjafirewall.php:1151
6080
- msgid "deactivated"
6081
- msgstr "désactivé(e)"
6082
-
6083
- #: ninjafirewall.php:1151 ninjafirewall.php:1155
6084
- msgid "deleted"
6085
- msgstr "supprimé(e)"
6086
 
6087
- #: ninjafirewall.php:1151 ninjafirewall.php:1155
6088
- msgid "Name"
6089
- msgstr "Nom"
6090
 
6091
- #: ninjafirewall.php:1154
6092
- msgid "Theme"
6093
- msgstr "Thème"
 
 
 
 
 
 
6094
 
6095
- #: ninjafirewall.php:1158
6096
- msgid "upgraded"
6097
- msgstr "mis(e) à jour"
6098
 
6099
- #: ninjafirewall.php:1166
6100
- msgid "[NinjaFirewall] Alert:"
6101
- msgstr "[NinjaFirewall] Alerte :"
6102
 
6103
- #: ninjafirewall.php:1172
6104
- msgid "NinjaFirewall has detected the following activity on your account:"
6105
- msgstr "NinjaFirewall a détecté l'activité suivante sur votre compte :"
6106
 
6107
  #~ msgid ""
6108
  #~ "If you cannot see any modifications in the above fields, it is likely "
4
  msgstr ""
5
  "Project-Id-Version: Stable (latest release)\n"
6
  "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/ninjafirewall\n"
7
+ "POT-Creation-Date: 2019-02-16 22:36+0700\n"
8
+ "PO-Revision-Date: 2019-02-16 22:38+0700\n"
9
  "Last-Translator: NinTechNet <contact@nintechnet.com>\n"
10
  "Language-Team: NinTechNet <nintechnet.com>\n"
11
  "Language: fr_FR\n"
165
  "offre tout de même des performances et un niveau de protection supérieurs "
166
  "aux autres extensions de sécurité pour WordPress disponibles sur le marché."
167
 
168
+ #: install.php:156 ninjafirewall.php:487
169
  msgid "Installation"
170
  msgstr "Installation"
171
 
199
  msgid "Privacy policy"
200
  msgstr "Politique de confidentialité"
201
 
202
+ #: install.php:177 lib/about.php:198 lib/help.php:459
203
  msgid ""
204
  "Your website can run NinjaFirewall and be compliant with the General Data "
205
  "Protection Regulation (GDPR). For more info, please visit our blog:"
225
  "tant que NinjaFirewall est installé !"
226
 
227
  #: install.php:258 lib/firewall_policies.php:107 lib/help.php:168
228
+ #: lib/install_fullwaf.php:33 lib/install_fullwaf.php:141 ninjafirewall.php:512
229
  msgid "Firewall Policies"
230
  msgstr "Politiques du Pare-feu"
231
 
538
  msgid "Need help? Check our blog:"
539
  msgstr "Besoin d'aide ? Consultez notre blog :"
540
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
541
  #: lib/about.php:31
542
  msgid "Error : cannot find changelog :("
543
  msgstr "Erreur: impossible de trouver le fichier changelog :("
586
  msgid "System Info"
587
  msgstr "Info système"
588
 
589
+ #: lib/about.php:100 lib/help.php:457
590
  msgid "GDPR Compliance"
591
  msgstr "Conformité RGPD"
592
 
653
  "Pour plus d'information, consultez notre page du <a href=\"%s\">Programme de "
654
  "Parrainage</a>."
655
 
656
+ #: lib/anti_malware.php:24 ninjafirewall.php:530
657
  msgid "Anti-Malware"
658
  msgstr "Anti-Malware"
659
 
718
  msgid "View firewall log"
719
  msgstr "Voir le journal du pare-feu"
720
 
721
+ #: lib/event_notifications.php:45 lib/help.php:349 ninjafirewall.php:538
722
  msgid "Event Notifications"
723
  msgstr "Notifications d'Événement"
724
 
837
  msgstr "Envoyer un rapport d'activité quotidien"
838
 
839
  #: lib/event_notifications.php:150 lib/event_notifications.php:162
840
+ #: lib/firewall_policies.php:551 lib/firewall_policies.php:594
841
+ #: lib/firewall_policies.php:614 lib/firewall_policies.php:664
842
+ #: lib/firewall_policies.php:709 lib/firewall_policies.php:719
843
+ #: lib/firewall_policies.php:729 lib/firewall_policies.php:772
844
+ #: lib/firewall_policies.php:815 lib/firewall_policies.php:835
845
+ #: lib/firewall_policies.php:1049 lib/firewall_policies.php:1105
846
+ #: lib/firewall_policies.php:1115 lib/firewall_policies.php:1125
847
+ #: lib/firewall_policies.php:1135 lib/firewall_policies.php:1182
848
+ #: lib/firewall_policies.php:1192 lib/network.php:63 lib/rules_update.php:145
849
  msgid "Yes (default)"
850
  msgstr "Oui (défaut)"
851
 
926
  msgid "Blocked brute-force attacks:"
927
  msgstr "Attaques par force brute bloquées :"
928
 
929
+ #: lib/event_notifications.php:448 lib/utils.php:644 lib/utils.php:795
930
  msgid ""
931
  "This notification can be turned off from NinjaFirewall \"Event Notifications"
932
  "\" page."
935
  "d’Événement\" de NinjaFirewall."
936
 
937
  #: lib/event_notifications.php:452 lib/file_check.php:855
938
+ #: lib/file_check.php:872 lib/firewall_options.php:573 lib/rules_update.php:565
939
+ #: lib/utils.php:544
940
  msgid "Support forum:"
941
  msgstr "Forum :"
942
 
964
  msgid "No changes detected."
965
  msgstr "Aucun changement n'a été détecté."
966
 
967
+ #: lib/file_check.php:129 lib/help.php:316 ninjafirewall.php:520
968
  msgid "File Check"
969
  msgstr "File Check"
970
 
1149
  msgid "Enable scheduled scans"
1150
  msgstr "Lancer File Check automatiquement"
1151
 
1152
+ #: lib/file_check.php:516 lib/firewall_policies.php:449
1153
+ #: lib/firewall_policies.php:464 lib/firewall_policies.php:474
1154
+ #: lib/firewall_policies.php:484 lib/firewall_policies.php:494
1155
+ #: lib/firewall_policies.php:564 lib/firewall_policies.php:607
1156
+ #: lib/firewall_policies.php:639 lib/firewall_policies.php:677
1157
+ #: lib/firewall_policies.php:765 lib/firewall_policies.php:785
1158
+ #: lib/firewall_policies.php:828 lib/firewall_policies.php:958
1159
+ #: lib/firewall_policies.php:972 lib/firewall_policies.php:997
1160
+ #: lib/firewall_policies.php:1205 lib/login_protection.php:295
1161
  msgid "No (default)"
1162
  msgstr "Non (défaut)"
1163
 
1255
  msgid "Error reading new snapshot file."
1256
  msgstr "Erreur lors de la lecture du fichier du nouvel instantané."
1257
 
1258
+ #: lib/file_check.php:814 ninjafirewall.php:269
1259
  msgid "New file"
1260
  msgstr "Nouveau fichier"
1261
 
1262
+ #: lib/file_check.php:815 ninjafirewall.php:270
1263
  msgid "Modified file"
1264
  msgstr "Fichier modifié"
1265
 
1266
+ #: lib/file_check.php:816 ninjafirewall.php:271
1267
  msgid "Deleted file"
1268
  msgstr "Fichier supprimé"
1269
 
1273
 
1274
  #: lib/file_check.php:843 lib/file_check.php:845 lib/file_check.php:866
1275
  #: lib/file_check.php:868 lib/rules_update.php:557 lib/rules_update.php:559
1276
+ #: lib/utils.php:84 lib/utils.php:632 lib/utils.php:789 lib/utils.php:995
1277
  msgid "Blog:"
1278
  msgstr "Blog :"
1279
 
1298
  msgid "Please enter a number from 1 to 99."
1299
  msgstr "Veuillez entrer un nombre de 1 à 99."
1300
 
1301
+ #: lib/file_guard.php:54 lib/help.php:284 ninjafirewall.php:516
1302
  msgid "File Guard"
1303
  msgstr "File Guard"
1304
 
1334
  msgstr "Oui (recommandé)"
1335
 
1336
  #: lib/file_guard.php:101 lib/firewall_policies.php:27
1337
+ #: lib/firewall_policies.php:554 lib/firewall_policies.php:597
1338
+ #: lib/firewall_policies.php:617 lib/firewall_policies.php:667
1339
+ #: lib/firewall_policies.php:712 lib/firewall_policies.php:722
1340
+ #: lib/firewall_policies.php:732 lib/firewall_policies.php:775
1341
+ #: lib/firewall_policies.php:818 lib/firewall_policies.php:838
1342
+ #: lib/firewall_policies.php:900 lib/firewall_policies.php:1052
 
1343
  #: lib/firewall_policies.php:1108 lib/firewall_policies.php:1118
1344
+ #: lib/firewall_policies.php:1128 lib/firewall_policies.php:1138
1345
+ #: lib/firewall_policies.php:1185 lib/firewall_policies.php:1195
1346
  #: lib/network.php:64 lib/rules_update.php:148
1347
  msgid "No"
1348
  msgstr "Non"
1400
  msgid "Your public key has been saved"
1401
  msgstr "Votre clé publique a été sauvegardée"
1402
 
1403
+ #: lib/firewall_log.php:84 lib/help.php:423 ninjafirewall.php:546
1404
  msgid "Firewall Log"
1405
  msgstr "Journal du Pare-feu"
1406
 
1441
  msgid "Log Options"
1442
  msgstr "Options du Journal"
1443
 
1444
+ #: lib/firewall_log.php:173 lib/help.php:436
1445
  msgid "Auto-delete log"
1446
  msgstr "Suppression automatique des journaux"
1447
 
1458
  msgid "Save Log Options"
1459
  msgstr "Sauvegarder les options"
1460
 
1461
+ #: lib/firewall_log.php:202 lib/help.php:444 lib/overview.php:198
1462
  #: lib/wpplus.php:93
1463
  msgid "Centralized Logging"
1464
  msgstr "Centralisation des Logs"
1526
  msgid "Refresh preview"
1527
  msgstr "Réactualiser"
1528
 
1529
+ #: lib/firewall_options.php:71 ninjafirewall.php:508
1530
  msgid "Firewall Options"
1531
  msgstr "Options du Pare-feu"
1532
 
1678
  msgstr ""
1679
  "Le fichier importé est illisible ou son format n'est pas supporté (#%s)"
1680
 
1681
+ #: lib/firewall_options.php:427
1682
  msgid "The imported file is not compatible with that version of NinjaFirewall"
1683
  msgstr ""
1684
  "Le fichier importé n'est pas compatible avec cette version de NinjaFirewall"
1685
 
1686
+ #: lib/firewall_options.php:547
1687
  msgid "[NinjaFirewall] Alert: Firewall is disabled"
1688
  msgstr "[NinjaFirewall] Alerte : Le pare-feu a été désactivé"
1689
 
1690
+ #: lib/firewall_options.php:549 lib/firewall_options.php:551 lib/utils.php:532
1691
+ #: lib/utils.php:534
 
1692
  msgid "-Blog :"
1693
  msgstr "- Blog :"
1694
 
1695
+ #: lib/firewall_options.php:555
1696
  msgid "Someone disabled NinjaFirewall from your WordPress admin dashboard:"
1697
  msgstr ""
1698
  "Quelqu'un a désactivé NinjaFirewall depuis votre Tableau de bord de "
1699
  "WordPress :"
1700
 
1701
+ #: lib/firewall_options.php:558
1702
  msgid ""
1703
  "NinjaFirewall is disabled because someone enabled debugging mode from your "
1704
  "WordPress admin dashboard:"
1706
  "NinjaFirewall est désactivé car quelqu'un activé son \"Mode débogage\" "
1707
  "depuis votre tableau de bord de WordPress :"
1708
 
1709
+ #: lib/firewall_options.php:561
1710
  msgid "[NinjaFirewall] Alert: Firewall override settings"
1711
  msgstr "[NinjaFirewall] Alerte : Modification des paramètres du pare-feu"
1712
 
1713
+ #: lib/firewall_options.php:562
1714
  msgid ""
1715
  "Someone imported a new configuration which overrode the firewall settings:"
1716
  msgstr ""
1717
  "Quelqu'un a importé une nouvelle configuration qui a modifié tous les "
1718
  "paramètres du pare-feu :"
1719
 
1720
+ #: lib/firewall_options.php:568 lib/utils.php:539
1721
  msgid "-User :"
1722
  msgstr "- Nom :"
1723
 
1724
+ #: lib/firewall_options.php:569 lib/utils.php:540
1725
  msgid "-IP :"
1726
  msgstr "- IP :"
1727
 
1728
+ #: lib/firewall_options.php:570 lib/utils.php:541
1729
  msgid "-Date :"
1730
  msgstr "- Date :"
1731
 
1732
+ #: lib/firewall_policies.php:26 lib/firewall_policies.php:446
1733
+ #: lib/firewall_policies.php:461 lib/firewall_policies.php:471
1734
+ #: lib/firewall_policies.php:481 lib/firewall_policies.php:491
1735
+ #: lib/firewall_policies.php:561 lib/firewall_policies.php:604
1736
+ #: lib/firewall_policies.php:636 lib/firewall_policies.php:674
1737
+ #: lib/firewall_policies.php:762 lib/firewall_policies.php:782
1738
+ #: lib/firewall_policies.php:825 lib/firewall_policies.php:957
1739
+ #: lib/firewall_policies.php:971 lib/firewall_policies.php:996
1740
+ #: lib/firewall_policies.php:1202
1741
  msgid "Yes"
1742
  msgstr "Oui"
1743
 
1744
  #: lib/firewall_policies.php:28 lib/firewall_policies.php:192
1745
+ #: lib/firewall_policies.php:390
1746
  msgid "(default)"
1747
  msgstr "(défaut)"
1748
 
1792
  msgid "Basic Policies"
1793
  msgstr "Politiques de base"
1794
 
1795
+ #: lib/firewall_policies.php:131 lib/help.php:198
1796
  msgid "Intermediate Policies"
1797
  msgstr "Politiques intermédiaires"
1798
 
1799
+ #: lib/firewall_policies.php:132 lib/help.php:229
1800
  msgid "Advanced Policies"
1801
  msgstr "Politiques avancées"
1802
 
1840
  msgid "substitution character:"
1841
  msgstr "caractère de substitution&nbsp;:"
1842
 
1843
+ #: lib/firewall_policies.php:318
1844
  msgid "Block direct access to any PHP file located in one of these directories"
1845
  msgstr ""
1846
  "Bloquer l'accès direct à un fichier PHP situé dans l'un de ces répertoires"
1847
 
1848
+ #: lib/firewall_policies.php:348
1849
  msgid ""
1850
  "NinjaFirewall will not block access to the TinyMCE WYSIWYG editor even if "
1851
  "this option is enabled."
1853
  "NinjaFirewall ne bloquera pas l'accès à l'éditeur WYSIWYG TinyMCE même si "
1854
  "cette option est activée."
1855
 
1856
+ #: lib/firewall_policies.php:363
1857
  msgid ""
1858
  "Unless you have PHP scripts in a \"/cache/\" folder that need to be accessed "
1859
  "by your visitors, we recommend to enable this option."
1862
  "pouvant être consultés par vos visiteurs, nous vous recommandons d'activer "
1863
  "cette option."
1864
 
1865
+ #: lib/firewall_policies.php:374 lib/firewall_policies.php:379
1866
  #, php-format
1867
  msgid ""
1868
  "If you are using the %s plugin, blocking <code>system.multicall</code> may "
1871
  "Si vous utilisez l'extension %s, bloquer <code>system.multicall</code> "
1872
  "pourrait l’empêcher de fonctionner correctement."
1873
 
1874
+ #: lib/firewall_policies.php:387
1875
  msgid "General"
1876
  msgstr "Général"
1877
 
1878
+ #: lib/firewall_policies.php:390 lib/help.php:184
1879
  msgid "Block attempts to modify important WordPress settings"
1880
  msgstr ""
1881
  "Bloquer les tentatives de modification des paramètres importants de WordPress"
1882
 
1883
+ #: lib/firewall_policies.php:391 lib/help.php:185
1884
  msgid "Block user accounts creation"
1885
  msgstr "Bloquer la création de comptes utilisateur"
1886
 
1887
+ #: lib/firewall_policies.php:392
1888
  msgid "Do not enable this policy if you allow user registration."
1889
  msgstr ""
1890
  "N'activez pas cette option si vous autorisez l'inscription des utilisateurs."
1891
 
1892
+ #: lib/firewall_policies.php:397
1893
  msgid "Protect against username enumeration"
1894
  msgstr "Protéger contre l'énumération des comptes utilisateurs"
1895
 
1896
+ #: lib/firewall_policies.php:400
1897
  msgid "Through the author archives"
1898
  msgstr "Via la page d'archive d'un auteur"
1899
 
1900
+ #: lib/firewall_policies.php:401
1901
  msgid "Through the login page"
1902
  msgstr "Via la page de connexion"
1903
 
1904
+ #: lib/firewall_policies.php:402
1905
  msgid "Through the WordPress REST API"
1906
  msgstr "Via l'API REST de WordPress"
1907
 
1908
+ #: lib/firewall_policies.php:410
1909
  msgid "This feature is only available when running WordPress 4.7 or above."
1910
  msgstr "Cette option ne peut être activée qu'avec WordPress 4.7 ou plus."
1911
 
1912
+ #: lib/firewall_policies.php:417
1913
  msgid "WordPress REST API"
1914
  msgstr "API REST de WordPress"
1915
 
1916
+ #: lib/firewall_policies.php:420 lib/firewall_policies.php:428
1917
  msgid "Block any access to the API"
1918
  msgstr "Bloquer tout accès à l'API"
1919
 
1920
+ #: lib/firewall_policies.php:425
1921
  msgid "WordPress XML-RPC API"
1922
  msgstr "API XML-RPC de WordPress"
1923
 
1924
+ #: lib/firewall_policies.php:430
1925
  msgid "Block <code>system.multicall</code> method"
1926
  msgstr "Bloquer la méthode <code>system.multicall</code>"
1927
 
1928
+ #: lib/firewall_policies.php:432
1929
  msgid "Block Pingbacks"
1930
  msgstr "Bloquer les Pingbacks"
1931
 
1932
+ #: lib/firewall_policies.php:439
1933
  msgid ""
1934
  "Disabling access to the REST or XML-RPC API may break some functionality on "
1935
  "your blog, its themes or plugins."
1937
  "L'activation de ces options peut rompre certaines fonctionnalités de votre "
1938
  "blog, ses thèmes ou ses plugins."
1939
 
1940
+ #: lib/firewall_policies.php:443
1941
  msgid "Block <code>POST</code> requests in the themes folder"
1942
  msgstr "Bloquer les requêtes <code>POST</code> dans le dossier des thèmes"
1943
 
1944
+ #: lib/firewall_policies.php:458
1945
  msgid "Force SSL for admin and logins"
1946
  msgstr "Forcer la connexion sécurisée au Tableau de bord"
1947
 
1948
+ #: lib/firewall_policies.php:468
1949
  msgid "Disable the plugin and theme editor"
1950
  msgstr "Désactiver l’éditeur de thème et d'extension"
1951
 
1952
+ #: lib/firewall_policies.php:478
1953
  msgid "Disable plugin and theme update/installation"
1954
  msgstr "Désactiver l'installation et mise à jour des thèmes et extensions"
1955
 
1956
+ #: lib/firewall_policies.php:488
1957
+ msgid "Disable the fatal error handler"
1958
+ msgstr "Désactiver le gestionnaire d'erreurs fatales"
1959
+
1960
+ #: lib/firewall_policies.php:514 lib/help.php:270
1961
  msgid "Users Whitelist"
1962
  msgstr "Liste Blanche"
1963
 
1964
+ #: lib/firewall_policies.php:517
1965
  msgid "Add the Administrator to the whitelist (default)."
1966
  msgstr "Ajouter l'Administrateur à la liste blanche (défaut)."
1967
 
1968
+ #: lib/firewall_policies.php:518
1969
  msgid "Add all logged in users to the whitelist."
1970
  msgstr "Ajouter tous les utilisateurs connectés à la liste blanche."
1971
 
1972
+ #: lib/firewall_policies.php:519
1973
  msgid "Disable users whitelist."
1974
  msgstr "Désactiver la liste blanche."
1975
 
1976
+ #: lib/firewall_policies.php:520
1977
  msgid ""
1978
  "Note: This feature does not apply to <code>FORCE_SSL_ADMIN</code>, "
1979
+ "<code>DISALLOW_FILE_EDIT</code>, <code>DISALLOW_FILE_MODS</code> and "
1980
+ "<code>WP_DISABLE_FATAL_ERROR_HANDLER</code> options which, if enabled, are "
1981
+ "always enforced."
1982
  msgstr ""
1983
  "Ne s'applique pas aux options <code>FORCE_SSL_ADMIN</code>, "
1984
+ "<code>DISALLOW_FILE_EDIT</code>, <code>DISALLOW_FILE_MODS</code> et "
1985
+ "<code>WP_DISABLE_FATAL_ERROR_HANDLER</code> qui, si elles sont activées, "
1986
+ "seront toujours appliquées."
1987
 
1988
+ #: lib/firewall_policies.php:545 lib/help.php:200
1989
  msgid "HTTP GET variable"
1990
  msgstr "Variable HTTP GET"
1991
 
1992
+ #: lib/firewall_policies.php:548
1993
  msgid "Scan <code>GET</code> variable"
1994
  msgstr "Filtrer la variable <code>GET</code>"
1995
 
1996
+ #: lib/firewall_policies.php:558
1997
  msgid "Sanitise <code>GET</code> variable"
1998
  msgstr "Nettoyer la variable <code>GET</code>"
1999
 
2000
+ #: lib/firewall_policies.php:588 lib/help.php:203
2001
  msgid "HTTP POST variable"
2002
  msgstr "Variable HTTP POST"
2003
 
2004
+ #: lib/firewall_policies.php:591
2005
  msgid "Scan <code>POST</code> variable"
2006
  msgstr "Filtrer la variable <code>POST</code>"
2007
 
2008
+ #: lib/firewall_policies.php:601
2009
  msgid "Sanitise <code>POST</code> variable"
2010
  msgstr "Nettoyer la variable <code>POST</code>"
2011
 
2012
+ #: lib/firewall_policies.php:607 lib/firewall_policies.php:639
2013
  msgid "Do not enable this option unless you know what you are doing!"
2014
  msgstr ""
2015
  "N'activez pas cette option si vous n'êtes pas sûr de ce que vous "
2016
  "faites&nbsp;!"
2017
 
2018
+ #: lib/firewall_policies.php:611
2019
  msgid "Decode Base64-encoded <code>POST</code> variable"
2020
  msgstr ""
2021
  "Décoder les chaîne encodées en Base64 dans la variable <code>POST</code>"
2022
 
2023
+ #: lib/firewall_policies.php:630 lib/help.php:207
2024
  msgid "HTTP REQUEST variable"
2025
  msgstr "Variable HTTP REQUEST"
2026
 
2027
+ #: lib/firewall_policies.php:633
2028
  msgid "Sanitise <code>REQUEST</code> variable"
2029
  msgstr "Nettoyer la variable <code>REQUEST</code>"
2030
 
2031
+ #: lib/firewall_policies.php:658 lib/help.php:210
2032
  msgid "Cookies"
2033
  msgstr "Cookies"
2034
 
2035
+ #: lib/firewall_policies.php:661
2036
  msgid "Scan cookies"
2037
  msgstr "Filtrer les cookies"
2038
 
2039
+ #: lib/firewall_policies.php:671
2040
  msgid "Sanitise cookies"
2041
  msgstr "Nettoyer les cookies"
2042
 
2043
+ #: lib/firewall_policies.php:703 lib/help.php:213
2044
  msgid "HTTP_USER_AGENT server variable"
2045
  msgstr "Variable HTTP_USER_AGENT"
2046
 
2047
+ #: lib/firewall_policies.php:706
2048
  msgid "Scan <code>HTTP_USER_AGENT</code>"
2049
  msgstr "Filtrer <code>HTTP_USER_AGENT</code>"
2050
 
2051
+ #: lib/firewall_policies.php:716
2052
  msgid "Sanitise <code>HTTP_USER_AGENT</code>"
2053
  msgstr "Nettoyer <code>HTTP_USER_AGENT</code>"
2054
 
2055
+ #: lib/firewall_policies.php:726
2056
  msgid "Block suspicious bots/scanners"
2057
  msgstr "Bloquer les requêtes provenant de bots/scanners suspects"
2058
 
2059
+ #: lib/firewall_policies.php:756 lib/help.php:217
2060
  msgid "HTTP_REFERER server variable"
2061
  msgstr "Variable HTTP_REFERER"
2062
 
2063
+ #: lib/firewall_policies.php:759
2064
  msgid "Scan <code>HTTP_REFERER</code>"
2065
  msgstr "Filtrer <code>HTTP_REFERER</code>"
2066
 
2067
+ #: lib/firewall_policies.php:769
2068
  msgid "Sanitise <code>HTTP_REFERER</code>"
2069
  msgstr "Nettoyer <code>HTTP_REFERER</code>"
2070
 
2071
+ #: lib/firewall_policies.php:779
2072
  msgid ""
2073
  "Block <code>POST</code> requests that do not have an <code>HTTP_REFERER</"
2074
  "code> header"
2076
  "Bloquer les requêtes <code>POST</code> qui n'ont pas d'en-tête "
2077
  "<code>HTTP_REFERER</code>"
2078
 
2079
+ #: lib/firewall_policies.php:785
2080
  msgid ""
2081
  "Keep this option disabled if you are using scripts like Paypal IPN, "
2082
  "WordPress WP-Cron etc"
2084
  "N'activez pas cette option si vous utilisez des scripts comme Paypal IPN, "
2085
  "WordPress WP-Cron etc"
2086
 
2087
+ #: lib/firewall_policies.php:812
2088
  msgid "Block localhost IP in <code>GET/POST</code> request"
2089
  msgstr "Bloquer les requêtes <code>GET/POST</code> contenant l'IP localhost"
2090
 
2091
+ #: lib/firewall_policies.php:822
2092
  msgid "Block HTTP requests with an IP in the <code>HTTP_HOST</code> header"
2093
  msgstr ""
2094
  "Bloquer les requêtes HTTP dont l'en-tête <code>HTTP_HOST</code> contient une "
2095
  "IP"
2096
 
2097
+ #: lib/firewall_policies.php:832
2098
  msgid "Scan traffic coming from localhost and private IP address spaces"
2099
  msgstr "Filtrer les connexions provenant de localhost et d'adresses IP privées"
2100
 
2101
+ #: lib/firewall_policies.php:854
2102
  #, php-format
2103
  msgid ""
2104
  "This option is disabled because the %s PHP function is not available on your "
2107
  "Cette option n'est pas disponible parce que la fonction PHP %s n'est pas "
2108
  "présente sur votre serveur."
2109
 
2110
+ #: lib/firewall_policies.php:869 lib/help.php:231
2111
  msgid "HTTP response headers"
2112
  msgstr "En-têtes de réponse HTTP"
2113
 
2114
+ #: lib/firewall_policies.php:872
2115
  #, php-format
2116
  msgid "Set %s to protect against MIME type confusion attacks"
2117
  msgstr ""
2118
  "Activer %s pour protéger contre les attaques basées sur la confusion du type "
2119
  "MIME"
2120
 
2121
+ #: lib/firewall_policies.php:882
2122
  #, php-format
2123
  msgid "Set %s to protect against clickjacking attempts"
2124
  msgstr ""
2125
  "Activer %s pour protéger contre les attaques de détournement de clic "
2126
  "(clickjacking)"
2127
 
2128
+ #: lib/firewall_policies.php:891
2129
  #, php-format
2130
  msgid "Set %s (IE/Edge, Chrome, Opera and Safari browsers)"
2131
  msgstr "Activer %s (IE/Edge, Opera, Chrome et Safari)"
2132
 
2133
+ #: lib/firewall_policies.php:895 lib/firewall_policies.php:896
2134
+ #: lib/firewall_policies.php:899
2135
  #, php-format
2136
  msgid "Set to %s"
2137
  msgstr "Régler sur %s"
2138
 
2139
+ #: lib/firewall_policies.php:904
2140
  #, php-format
2141
  msgid "Force %s flag on all cookies to mitigate XSS attacks"
2142
  msgstr ""
2143
  "Activer la propriété %s pour tous les cookies afin d'atténuer les menaces "
2144
  "XSS qui génèrent des vols de cookies"
2145
 
2146
+ #: lib/firewall_policies.php:910
2147
  msgid ""
2148
  "If your PHP scripts use cookies that need to be accessed from JavaScript, "
2149
  "you should disable this option."
2151
  "Si vos scripts PHP envoient des cookies qui doivent être accessibles à "
2152
  "partir de JavaScript, vous devez garder cette option désactivée."
2153
 
2154
+ #: lib/firewall_policies.php:916
2155
  msgid ""
2156
  "HSTS headers can only be set when you are accessing your site over HTTPS."
2157
  msgstr ""
2158
  "Les en-têtes HSTS ne peuvent être utilisés que lorsque vous vous connectez à "
2159
  "votre site en HTTPS (connexion sécurisée)."
2160
 
2161
+ #: lib/firewall_policies.php:923
2162
  #, php-format
2163
  msgid "Set %s (HSTS) to enforce secure connections to the server"
2164
  msgstr ""
2165
  "Activer %s (HSTS) pour forcer les connexions sécurisées vers le serveur"
2166
 
2167
+ #: lib/firewall_policies.php:926
2168
  msgid "1 month"
2169
  msgstr "1 mois"
2170
 
2171
+ #: lib/firewall_policies.php:927
2172
  msgid "6 months"
2173
  msgstr "6 mois"
2174
 
2175
+ #: lib/firewall_policies.php:928
2176
  msgid "1 year"
2177
  msgstr "1 année"
2178
 
2179
+ #: lib/firewall_policies.php:930
2180
  msgid "Apply to subdomains"
2181
  msgstr "Appliquer aux sous-domaines"
2182
 
2183
+ #: lib/firewall_policies.php:934
2184
  msgid "Set <code>max-age</code> to 0"
2185
  msgstr "Régler <code>max-age</code> à 0"
2186
 
2187
+ #: lib/firewall_policies.php:954
2188
  #, php-format
2189
  msgid "Set %s for the website frontend"
2190
  msgstr "Activer %s pour le site"
2191
 
2192
+ #: lib/firewall_policies.php:962
2193
  msgid "This CSP header will apply to the website frontend only."
2194
  msgstr "Cet en-tête CSP ne s'appliquera qu'au site."
2195
 
2196
+ #: lib/firewall_policies.php:968
2197
  #, php-format
2198
  msgid "Set %s for the WordPress admin dashboard"
2199
  msgstr "Activer %s pour la console d'administration de WordPress"
2200
 
2201
+ #: lib/firewall_policies.php:976
2202
  msgid "This CSP header will apply to the WordPress admin dashboard only."
2203
  msgstr ""
2204
  "Cet en-tête CSP ne s'appliquera qu'à la console d'administration de "
2205
  "WordPress."
2206
 
2207
+ #: lib/firewall_policies.php:992
2208
  #, php-format
2209
  msgid "Set %s (Chrome, Opera and Firefox browsers)"
2210
  msgstr "Activer %s (Chrome, Opera et Firefox)"
2211
 
2212
+ #: lib/firewall_policies.php:1046
2213
  msgid ""
2214
  "Block PHP built-in wrappers in <code>GET</code>, <code>POST</code>, "
2215
  "<code>HTTP_USER_AGENT</code>, <code>HTTP_REFERER</code> and cookies"
2218
  "<code>GET</code>, <code>POST</code>, <code>HTTP_USER_AGENT</code>, "
2219
  "<code>HTTP_REFERER</code> et les cookies"
2220
 
2221
+ #: lib/firewall_policies.php:1089
2222
  msgid "Block serialized PHP objects in the following global variables"
2223
  msgstr ""
2224
  "Bloquer les objets PHP sérialisés dans les variables globales suivantes"
2225
 
2226
+ #: lib/firewall_policies.php:1102
2227
  msgid "Hide PHP notice and error messages"
2228
  msgstr "Masquer les messages d'erreur de PHP"
2229
 
2230
+ #: lib/firewall_policies.php:1112
2231
  msgid "Sanitise <code>PHP_SELF</code>"
2232
  msgstr "Nettoyer <code>PHP_SELF</code>"
2233
 
2234
+ #: lib/firewall_policies.php:1122
2235
  msgid "Sanitise <code>PATH_TRANSLATED</code>"
2236
  msgstr "Nettoyer <code>PATH_TRANSLATED</code>"
2237
 
2238
+ #: lib/firewall_policies.php:1132
2239
  msgid "Sanitise <code>PATH_INFO</code>"
2240
  msgstr "Nettoyer <code>PATH_INFO</code>"
2241
 
2242
+ #: lib/firewall_policies.php:1152
2243
  msgid "This option is not compatible with your actual configuration."
2244
  msgstr ""
2245
  "Cette option n'est pas compatible avec la configuration de votre serveur."
2246
 
2247
+ #: lib/firewall_policies.php:1176 lib/help.php:261
2248
  msgid "Various"
2249
  msgstr "Divers"
2250
 
2251
+ #: lib/firewall_policies.php:1179
2252
  msgid "Block the <code>DOCUMENT_ROOT</code> server variable in HTTP request"
2253
  msgstr ""
2254
  "Bloquer les requêtes HTTP contenant la variable <code>DOCUMENT_ROOT</code>"
2255
 
2256
+ #: lib/firewall_policies.php:1189
2257
  msgid "Block ASCII character 0x00 (NULL byte)"
2258
  msgstr "Bloquer le caractère ASCII 0x00 (NULL byte)"
2259
 
2260
+ #: lib/firewall_policies.php:1199
2261
  msgid "Block ASCII control characters 1 to 8 and 14 to 31"
2262
  msgstr "Bloquer les caractères de contrôle ASCII 1 à 8 et 14 à 31"
2263
 
2264
+ #: lib/firewall_policies.php:1215
2265
  msgid "Save Firewall Policies"
2266
  msgstr "Sauvegarder les options"
2267
 
2268
+ #: lib/firewall_policies.php:1217
2269
  msgid "Restore Default Values"
2270
  msgstr "Rétablir les valeurs par défaut"
2271
 
2272
+ #: lib/help.php:37 ninjafirewall.php:500
2273
  msgid "Overview"
2274
  msgstr "Aperçu"
2275
 
2774
  "installation ou mise à jour d'une extension ou d'un thème. Elle désactive "
2775
  "aussi l’éditeur de thème et d'extension."
2776
 
2777
+ #: lib/help.php:193
2778
+ msgid "Disable the fatal error handler <code>WP_Fatal_Error_Handler</code>:"
2779
+ msgstr ""
2780
+ "Désactiver le gestionnaire d'erreurs fatales <code>WP_Fatal_Error_Handler</"
2781
+ "code> :"
2782
+
2783
+ #: lib/help.php:193
2784
+ msgid ""
2785
+ "this option will disable the WSOD protection introduced in WordPress 5.1."
2786
+ msgstr ""
2787
+ "cette option désactivera la protection WSOD introduite dans WordPress 5.1."
2788
+
2789
+ #: lib/help.php:201
2790
  msgid "Whether to scan and/or sanitise the <code>GET</code> variable."
2791
  msgstr "S'il faut filtrer / nettoyer la variable <code>GET</code>."
2792
 
2793
+ #: lib/help.php:204
2794
  msgid "Whether to scan and/or sanitise the <code>POST</code> variable."
2795
  msgstr "S'il faut filtrer / nettoyer la variable <code>POST</code>."
2796
 
2797
+ #: lib/help.php:205
2798
  msgid "Decode Base64-encoded <code>POST</code> variable:"
2799
  msgstr ""
2800
  "Décoder les chaîne encodées en Base64 dans la variable <code>POST</"
2801
  "code>&nbsp;:"
2802
 
2803
+ #: lib/help.php:205
2804
  msgid ""
2805
  "NinjaFirewall will decode and scan base64 encoded values in order to detect "
2806
  "obfuscated malicious code. This option is only available for the <code>POST</"
2809
  "NinjaFirewall peut décoder et filtrer les chaînes de caractères encodées en "
2810
  "Base64 afin d'y détecter du code malveillant caché."
2811
 
2812
+ #: lib/help.php:208
2813
  msgid "Whether to sanitise the <code>REQUEST</code> variable."
2814
  msgstr "S'il faut filtrer / nettoyer la variable <code>REQUEST</code>."
2815
 
2816
+ #: lib/help.php:211
2817
  msgid "Whether to scan and/or sanitise cookies."
2818
  msgstr "S'il faut filtrer / nettoyer les cookies."
2819
 
2820
+ #: lib/help.php:214
2821
  msgid "Whether to scan and/or sanitise <code>HTTP_USER_AGENT</code> requests."
2822
  msgstr "S'il faut filtrer / nettoyer la variable <code>HTTP_USER_AGENT</code>."
2823
 
2824
+ #: lib/help.php:215
2825
  msgid "Block suspicious bots/scanners:"
2826
  msgstr "Bloquer les requêtes provenant de bots/scanners suspects&nbsp;:"
2827
 
2828
+ #: lib/help.php:215
2829
  msgid ""
2830
  "rejects some known bots, scanners and various malicious scripts attempting "
2831
  "to access your blog."
2832
  msgstr ""
2833
  "cette option peut bloquer de nombreux crawlers, spambots et autres scrappers."
2834
 
2835
+ #: lib/help.php:218
2836
  msgid "Whether to scan and/or sanitise <code>HTTP_REFERER</code> requests."
2837
  msgstr "S'il faut filtrer / nettoyer la variable <code>HTTP_REFERER</code>."
2838
 
2839
+ #: lib/help.php:219
2840
  msgid ""
2841
  "Block POST requests that do not have an <code>HTTP_REFERER</code> header:"
2842
  msgstr ""
2843
  "Bloquer les requêtes POST qui n'ont pas d'en-tête <code>HTTP_REFERER</"
2844
  "code>&nbsp;:"
2845
 
2846
+ #: lib/help.php:219
2847
  msgid ""
2848
  "this option will block any <code>POST</code> request that does not have a "
2849
  "Referrer header (<code>HTTP_REFERER</code> variable). If you need external "
2860
  "vous utilisez des scripts comme Paypal IPN, WordPress WP-Cron etc, "
2861
  "désactivez cette fonction."
2862
 
2863
+ #: lib/help.php:222
2864
  msgid "Block localhost IP in <code>GET/POST</code> requests:"
2865
  msgstr ""
2866
  "Bloquer les requêtes <code>GET/POST</code> contenant l'IP localhost&nbsp;:"
2867
 
2868
+ #: lib/help.php:222
2869
  msgid ""
2870
  "this option will block any <code>GET</code> or <code>POST</code> request "
2871
  "containing the localhost IP (127.0.0.1). It can be useful to block SQL "
2876
  "les programmes malveillants. Attention toutefois à ne pas bloquer certains "
2877
  "scripts d'installation ou de configuration si vous l'activez. "
2878
 
2879
+ #: lib/help.php:223
2880
  msgid "Block HTTP requests with an IP in the <code>HTTP_HOST</code> header:"
2881
  msgstr ""
2882
  "Bloquer les requêtes HTTP dont l'en-tête <code>HTTP_HOST</code> contient une "
2883
  "IP&nbsp;:"
2884
 
2885
+ #: lib/help.php:223
2886
  #, php-format
2887
  msgid ""
2888
  "this option will reject any request using an IP instead of a domain name in "
2898
  "application trouvent les sites en scannant les plages d'adresses IP plutôt "
2899
  "que les noms de domaine. "
2900
 
2901
+ #: lib/help.php:224
2902
  msgid "Scan traffic coming from localhost and private IP address spaces:"
2903
  msgstr ""
2904
  "Filtrer les connexions provenant de localhost et d'adresses IP privées&nbsp;:"
2905
 
2906
+ #: lib/help.php:224
2907
  msgid ""
2908
  "this option will allow the firewall to scan traffic from all non-routable "
2909
  "private IPs (IPv4 and IPv6) as well as the localhost IP. We recommend to "
2914
  "Nous vous recommandons de le garder activé si vous avez 2 ou plusieurs "
2915
  "serveurs reliés entre eux."
2916
 
2917
+ #: lib/help.php:233
2918
  msgid ""
2919
  "In addition to filtering incoming requests, NinjaFirewall can also hook the "
2920
  "HTTP response in order to alter its headers. Those modifications can help to "
2925
  "peuvent aider à atténuer les menaces telles que les attaques XSS, phishing "
2926
  "et clickjacking."
2927
 
2928
+ #: lib/help.php:235
2929
  msgid ""
2930
  "Set <code>X-Content-Type-Options</code> to protect against MIME type "
2931
  "confusion attacks:"
2933
  "Activer <code>X-Content-Type-Options</code> pour protéger contre les "
2934
  "attaques basées sur la confusion du type MIME&nbsp;:"
2935
 
2936
+ #: lib/help.php:235
2937
  msgid ""
2938
  "this header will send the nosniff value to instruct the browser to disable "
2939
  "content or MIME sniffing and to use the content-type returned by the server. "
2948
  "dans certains cas, peut entraîner des problèmes de sécurité tels que les "
2949
  "attaques basées sur la confusion du type MIME."
2950
 
2951
+ #: lib/help.php:236
2952
  msgid ""
2953
  "Set <code>X-Frame-Options</code> to protect against clickjacking attempts:"
2954
  msgstr ""
2955
  "Activer <code>X-Frame-Options</code> pour protéger contre les attaques de "
2956
  "détournement de clic (clickjacking)&nbsp;:"
2957
 
2958
+ #: lib/help.php:236
2959
  msgid ""
2960
  "this header indicates a policy whether a browser must not allow to render a "
2961
  "page in a &lt;frame&gt; or &lt;iframe&gt;. Hosts can declare this policy in "
2969
  "sont pas intégré dans d'autres pages ou cadres, notamment d'un autre site. "
2970
  "NinjaFirewall accepte deux valeurs différentes&nbsp;:"
2971
 
2972
+ #: lib/help.php:238
2973
  msgid ""
2974
  "a browser receiving content with this header must not display this content "
2975
  "in any frame from a page of different origin than the content itself."
2977
  "un navigateur ne doit pas afficher le contenu dans une &lt;frame&gt; ou &lt;"
2978
  "iframe&gt; d'une page d'origine différente que le contenu lui-même."
2979
 
2980
+ #: lib/help.php:239
2981
  msgid ""
2982
  "a browser receiving content with this header must not display this content "
2983
  "in any frame."
2985
  "un navigateur ne doit jamais afficher le contenu dans une &lt;frame&gt; ou "
2986
  "&lt;iframe&gt;"
2987
 
2988
+ #: lib/help.php:242
2989
  msgid "NinjaFirewall does not support the <code>ALLOW-FROM</code> value."
2990
  msgstr ""
2991
  "La valeur <code>ALLOW-FROM</code> n'est pas prise en charge par "
2992
  "NinjaFirewall."
2993
 
2994
+ #: lib/help.php:244
2995
  msgid ""
2996
  "Since v3.1.3, WordPress sets this value to <code>SAMEORIGIN</code> for the "
2997
  "administrator and the login page only."
2999
  "Depuis la version 3.1.3, WordPress active <code>SAMEORIGIN</code> pour "
3000
  "l'administrateur et la page de connexion uniquement."
3001
 
3002
+ #: lib/help.php:245
3003
  msgid ""
3004
  "Set <code>X-XSS-Protection</code> (IE/Edge, Chrome, Opera and Safari "
3005
  "browsers):"
3006
  msgstr ""
3007
  "Activer <code>X-XSS-Protection</code> (IE/Edge, Opera, Chrome et Safari)"
3008
 
3009
+ #: lib/help.php:245
3010
  msgid ""
3011
  "this header allows browsers to identify and block XSS attacks by preventing "
3012
  "malicious scripts from executing. It is enabled by default on all compatible "
3016
  "attaques XSS en empêchant un script malveillant de s'exécuter. Notez que "
3017
  "cette option est activée par défaut sur ces navigateurs."
3018
 
3019
+ #: lib/help.php:246
3020
  msgid ""
3021
  "If a visitor disabled their browser's XSS filter, you cannot re-enable it "
3022
  "with that option."
3024
  "Si un visiteur désactive le filtre XSS de son navigateur, vous ne pouvez pas "
3025
  "le réactiver avec cette option."
3026
 
3027
+ #: lib/help.php:248
3028
  msgid ""
3029
  "Force <code>HttpOnly</code> flag on all cookies to mitigate XSS attacks:"
3030
  msgstr ""
3031
  "Activer la propriété <code>HttpOnly</code> pour tous les cookies afin "
3032
  "d'atténuer les menaces XSS qui génèrent des vols de cookies&nbsp;:"
3033
 
3034
+ #: lib/help.php:248
3035
  msgid ""
3036
  "adding this flag to cookies helps to mitigate the risk of cross-site "
3037
  "scripting by preventing them from being accessed through client-side "
3048
  "dans la réponse HTTP juste avant que celle-ci ne soit envoyée à vos "
3049
  "visiteurs."
3050
 
3051
+ #: lib/help.php:249
3052
  msgid ""
3053
  "If your PHP scripts send cookies that need to be accessed from JavaScript, "
3054
  "you should keep that option disabled."
3056
  "Si vos scripts PHP envoient des cookies qui doivent être accessibles à "
3057
  "partir de JavaScript, vous devez garder cette option désactivée."
3058
 
3059
+ #: lib/help.php:250
3060
  msgid ""
3061
  "Set <code>Strict-Transport-Security</code> (HSTS) to enforce secure "
3062
  "connections to the server:"
3064
  "Activer <code>Strict-Transport-Security</code> (HSTS) pour forcer les "
3065
  "connexions sécurisées vers le serveur&nbsp;"
3066
 
3067
+ #: lib/help.php:250
3068
  msgid ""
3069
  "this policy enforces secure HTTPS connections to the server. Web browsers "
3070
  "will not allow the user to access the web application over insecure HTTP "
3077
  "de cookies ou les attaques du type \"Man-in-the-middle\". La plupart des "
3078
  "navigateurs récents sont compatibles avec cette politique."
3079
 
3080
+ #: lib/help.php:251
3081
  msgid "Set <code>Content-Security-Policy</code>:"
3082
  msgstr "Activer <code>Content-Security-Policy</code> :"
3083
 
3084
+ #: lib/help.php:251
3085
  msgid ""
3086
  "this policy helps to mitigate threats such as XSS, phishing and clickjacking "
3087
  "attacks. It covers JavaScript, CSS, HTML frames, web workers, fonts, images, "
3091
  "code JavaScript, les styles CSS, frames/iframes HTML, polices, images, "
3092
  "objets (Java, ActiveX, fichiers audio et video), mais aussi les WebSocket."
3093
 
3094
+ #: lib/help.php:251
3095
  msgid ""
3096
  "NinjaFirewall lets you configure the CSP policy separately for the frontend "
3097
  "(blog, website) and the backend (WordPress admin dashboard)."
3099
  "NinjaFirewall vous permet de configurer CSP séparément pour le site et "
3100
  "l'interface d'administration de WordPress."
3101
 
3102
+ #: lib/help.php:252
3103
  msgid "Set <code>Referrer-Policy</code>:"
3104
  msgstr "Activer <code>Referrer-Policy</code> :"
3105
 
3106
+ #: lib/help.php:252
3107
  msgid ""
3108
  "this HTTP header governs which referrer information, sent in the Referer "
3109
  "header, should be included with requests made."
3111
  "cet en-tête HTTP détermine quelles informations de provenance doivent être "
3112
  "incluses dans l'en-tête Referer."
3113
 
3114
+ #: lib/help.php:256
3115
  msgid "Block PHP built-in wrappers:"
3116
  msgstr "Bloquer les gestionnaires (wrappers) PHP dangereux&nbsp;:"
3117
 
3118
+ #: lib/help.php:256
3119
  msgid ""
3120
  "PHP has several wrappers for use with the filesystem functions. It is "
3121
  "possible for an attacker to use them to bypass firewalls and various IDS to "
3135
  "requête <code>GET</code> ou <code>POST</code>, des cookies, ou dans les "
3136
  "variables <code>HTTP_REFERER</code> et <code>HTTP_USER_AGENT</code>."
3137
 
3138
+ #: lib/help.php:257
3139
  msgid "Block serialized PHP objects:"
3140
  msgstr "Bloquer les objets PHP sérialisés :"
3141
 
3142
+ #: lib/help.php:257
3143
  #, php-format
3144
  msgid ""
3145
  "Object Serialization is a PHP feature used by many applications to generate "
3158
  "<code>POST</code>, les cookies, ou dans les variables <code>HTTP_REFERER</"
3159
  "code> et <code>HTTP_USER_AGENT</code>."
3160
 
3161
+ #: lib/help.php:258
3162
  msgid "Hide PHP notice and error messages:"
3163
  msgstr "Masquer les messages d'erreur de PHP&nbsp;:"
3164
 
3165
+ #: lib/help.php:258
3166
  msgid ""
3167
  "this option lets you hide errors returned by your scripts. Such errors can "
3168
  "leak sensitive informations which can be exploited by hackers."
3171
  "afficher des informations sensibles qui peuvent être exploitées "
3172
  "ultérieurement par des pirates."
3173
 
3174
+ #: lib/help.php:259
3175
  msgid ""
3176
  "Sanitise <code>PHP_SELF</code>, <code>PATH_TRANSLATED</code>, "
3177
  "<code>PATH_INFO</code>:"
3179
  "Nettoyer <code>PHP_SELF</code>, <code>PATH_TRANSLATED</code>, "
3180
  "<code>PATH_INFO</code>&nbsp;:"
3181
 
3182
+ #: lib/help.php:259
3183
  msgid ""
3184
  "this option can sanitise any dangerous characters found in those 3 server "
3185
  "variables to prevent various XSS and database injection attempts."
3187
  "activez ces options si vous souhaitez que le pare-feu nettoie ces trois "
3188
  "variables."
3189
 
3190
+ #: lib/help.php:262
3191
  #, php-format
3192
  msgid ""
3193
  "Block the <code>DOCUMENT_ROOT</code> server variable (%s) in HTTP requests:"
3195
  "Bloquer les requêtes HTTP contenant la variable <code>DOCUMENT_ROOT</code> "
3196
  "(%s)&nbsp;:"
3197
 
3198
+ #: lib/help.php:262
3199
  msgid ""
3200
  "this option will block scripts attempting to pass the <code>DOCUMENT_ROOT</"
3201
  "code> server variable in a <code>GET</code> or <code>POST</code> request. "
3208
  "cette variable, mais pas la plupart des applications légitimes (hormis "
3209
  "certains scripts d'installation ou de configuration)."
3210
 
3211
+ #: lib/help.php:263
3212
  msgid "Block ASCII character 0x00 (NULL byte):"
3213
  msgstr "Bloquer le caractère ASCII 0x00 (NULL byte)&nbsp;:"
3214
 
3215
+ #: lib/help.php:263
3216
  msgid ""
3217
  "this option will reject any <code>GET</code> or <code>POST</code> request, "
3218
  "<code>HTTP_USER_AGENT</code>, <code>REQUEST_URI</code>, <code>PHP_SELF</"
3226
  "contenant le caractère ASCI 0x00 (NULL byte) sera bloquée immédiatement. Ce "
3227
  "caractère est dangereux et devrait toujours être rejeté."
3228
 
3229
+ #: lib/help.php:264
3230
  msgid "Block ASCII control characters 1 to 8 and 14 to 31:"
3231
  msgstr "Bloquer les caractères de contrôle ASCII 1 à 8 et 14 à 31&nbsp;:"
3232
 
3233
+ #: lib/help.php:264
3234
  msgid ""
3235
  "this option will reject any <code>GET</code> or <code>POST</code> request, "
3236
  "<code>HTTP_USER_AGENT</code>, <code>HTTP_REFERER</code> variables containing "
3240
  "variable <code>HTTP_USER_AGENT</code>, <code>HTTP_REFERER</code> contenant "
3241
  "des caractères ASCII 1 à 8 et 14 à 31 sera bloquée."
3242
 
3243
+ #: lib/help.php:272
3244
  #, php-format
3245
  msgid ""
3246
  "By default, any logged in WordPress administrator will not be blocked by "
3260
  "les options de la <a href=\"%s\">Page de Connexion</a> qui, si elle sont "
3261
  "activées, seront toujours appliquées."
3262
 
3263
+ #: lib/help.php:286
3264
  msgid ""
3265
  "File Guard can detect, in real-time, any access to a PHP file that was "
3266
  "recently modified or created, and alert you about this."
3268
  "File Guard peut détecter, en temps réel, tout accès à un fichier PHP qui a "
3269
  "été récemment modifié ou créé, et vous alerter à ce sujet."
3270
 
3271
+ #: lib/help.php:288
3272
  msgid ""
3273
  "If a hacker uploaded a shell script to your site (or injected a backdoor "
3274
  "into an already existing file) and tried to directly access that file using "
3287
  "envoyées à l'adresse e-mail de contact définie dans le menu \"Notifications "
3288
  "d’Événement\"."
3289
 
3290
+ #: lib/help.php:289
3291
  msgid ""
3292
  "If you do not want to monitor a folder, you can exclude its full path or a "
3293
  "part of it (e.g., <code>/var/www/public_html/cache/</code> or <code>/cache/</"
3301
  "variable <code>$_SERVER[\"SCRIPT_FILENAME\"]</code> et, si elle correspond, "
3302
  "l'ignorera."
3303
 
3304
+ #: lib/help.php:290
3305
  msgid ""
3306
  "Multiple values must be comma-separated (e.g., <code>/foo/bar/,/cache/</"
3307
  "code>)."
3309
  "Plusieurs valeurs doivent être séparées par des virgules (par ex. <code>/foo/"
3310
  "bar/,/cache/</code>)."
3311
 
3312
+ #: lib/help.php:291
3313
  msgid ""
3314
  "File Guard real-time detection is a totally unique feature, because "
3315
  "NinjaFirewall is the only plugin for WordPress that can hook HTTP requests "
3321
  "intercepter les requêtes HTTP envoyées à tout script PHP, même si ce dernier "
3322
  "ne fait pas partie de WordPress (logiciel tiers, backdoor, etc)."
3323
 
3324
+ #: lib/help.php:300 lib/network.php:32 ninjafirewall.php:534
3325
  msgid "Network"
3326
  msgstr "Réseau"
3327
 
3328
+ #: lib/help.php:302
3329
  msgid ""
3330
  "Even if NinjaFirewall administration menu is only available to the Super "
3331
  "Admin (from the main site), you can still display its status to all sites in "
3337
  "du réseau en ajoutant une petite icône à leur barre d'administration. Elle "
3338
  "ne sera visible que par les administrateurs de ces sites."
3339
 
3340
+ #: lib/help.php:304
3341
  msgid ""
3342
  "It is recommended to enable this feature as it is the only way to know "
3343
  "whether the sites in your network are protected and if NinjaFirewall "
3347
  "si les sites de votre réseau sont protégés et si l'installation de "
3348
  "NinjaFirewall a réussi."
3349
 
3350
+ #: lib/help.php:306
3351
  msgid ""
3352
  "Note that when it is disabled, the icon still remains visible to you, the "
3353
  "Super Admin."
3355
  "Notez que même lorsqu'il est désactivé, l'icône reste visible pour vous, le "
3356
  "Super Administrateur."
3357
 
3358
+ #: lib/help.php:317
3359
  msgid ""
3360
  "File Check lets you perform file integrity monitoring upon request or on a "
3361
  "specific interval."
3363
  "File Check vous permet d'effectuer une analyse de l'intégrité de vos "
3364
  "fichiers sur demande ou à un intervalle spécifique défini."
3365
 
3366
+ #: lib/help.php:319
3367
  msgid ""
3368
  "You need to create a snapshot of all your files and then, at a later time, "
3369
  "you can scan your system to compare it with the previous snapshot. Any "
3376
  "permissions et propriétés des fichiers, leur création et suppression ainsi "
3377
  "que l'horodatage."
3378
 
3379
+ #: lib/help.php:320
3380
  #, php-format
3381
  msgid ""
3382
  "Create a snapshot of all files stored in that directory: by default, the "
3386
  "répertoire&nbsp;: par défaut, le repertoire est l'<code>ABSPATH</code> de "
3387
  "WordPress (%s)"
3388
 
3389
+ #: lib/help.php:321
3390
  msgid ""
3391
  "Exclude the following files/folders: you can enter a directory or a file "
3392
  "name (e.g., <code>/foo/bar/</code>), or a part of it (e.g., <code>foo</"
3397
  "partie de celui-ci (par ex. <code>foo</code>), ou même exclure une extension "
3398
  "de fichier (par ex. <code>.css</code>)."
3399
 
3400
+ #: lib/help.php:323
3401
  msgid ""
3402
  "Multiple values must be comma-separated (e.g., <code>/foo/bar/,.css,.png</"
3403
  "code>)."
3405
  "Plusieurs valeurs doivent être séparées par des virgules (par ex. <code>/foo/"
3406
  "bar/,.css,.png</code>)."
3407
 
3408
+ #: lib/help.php:324
3409
  msgid ""
3410
  "Do not follow symbolic links: by default, NinjaFirewall will not follow "
3411
  "symbolic links."
3413
  "Ne pas suivre les liens symboliques&nbsp;: par défaut, NinjaFirewall ignore "
3414
  "les liens symboliques lors de son analyse des fichiers."
3415
 
3416
+ #: lib/help.php:329
3417
  msgid "Scheduled scans"
3418
  msgstr "Analyses planifiées"
3419
 
3420
+ #: lib/help.php:330
3421
  msgid ""
3422
  "NinjaFirewall can scan your system on a specific interval (hourly, "
3423
  "twicedaily or daily)."
3425
  "NinjaFirewall peut scanner votre système à intervalle régulier (une fois par "
3426
  "heure, deux fois par jour ou tous les jours)."
3427
 
3428
+ #: lib/help.php:332
3429
  msgid ""
3430
  "It can either send you a scan report only if changes are detected, or always "
3431
  "send you one after each scan."
3434
  "été détectés, ou bien vous en envoyer un systématiquement après chaque "
3435
  "analyse."
3436
 
3437
+ #: lib/help.php:334
3438
  msgid ""
3439
  "Reports will be sent to the contact email address defined in the \"Event "
3440
  "Notifications\" menu."
3442
  "Les rapports seront envoyés à l'adresse e-mail définie dans la page "
3443
  "\"Notifications d'Événement\"."
3444
 
3445
+ #: lib/help.php:336
3446
  #, php-format
3447
  msgid ""
3448
  "Scheduled scans rely on <a href=\"%s\">WordPress pseudo cron</a> which works "
3451
  "Les analyses planifiées utilisent le <a href=\"%s\">pseudo cron de "
3452
  "WordPress</a> qui ne fonctionne que si votre site reçoit un trafic suffisant."
3453
 
3454
+ #: lib/help.php:350
3455
  msgid ""
3456
  "NinjaFirewall can alert you by email on specific events triggered within "
3457
  "your blog. They include installations, updates, activations etc, as well as "
3470
  "après avoir pénétré dans votre Tableau de bord de WordPress, d'y installer "
3471
  "une porte dérobée (backdoor) afin de prendre le contrôle de votre blog."
3472
 
3473
+ #: lib/help.php:361 lib/login_protection.php:21 ninjafirewall.php:542
3474
  msgid "Login Protection"
3475
  msgstr "Page de Connexion"
3476
 
3477
+ #: lib/help.php:365
3478
  msgid ""
3479
  "By processing incoming HTTP requests before your blog and any of its "
3480
  "plugins, NinjaFirewall is the only plugin for WordPress able to protect it "
3487
  "compris les attaques distribuées provenant de plusieurs milliers d'adresses "
3488
  "IP différentes."
3489
 
3490
+ #: lib/help.php:367
3491
  msgid ""
3492
  "You can choose two different types of protection: a password or a captcha. "
3493
  "You can enable the protection only if an attack is detected or to keep it "
3497
  "captcha. Vous pouvez choisir d'activer la protection uniquement lorsqu'une "
3498
  "attaque est détectée ou bien l'activer en permanence."
3499
 
3500
+ #: lib/help.php:369
3501
  msgid "Yes, if under attack:"
3502
  msgstr "Oui, si attaque en cours :"
3503
 
3504
+ #: lib/help.php:371
3505
  msgid ""
3506
  "The protection will be triggered when too many login attempts are detected, "
3507
  "regardless of the offending IP. It blocks the attack instantly and prevents "
3516
  "utilisant soit une combinaison nom d'utilisateur / mot de passe prédéfinie, "
3517
  "soit un code captcha."
3518
 
3519
+ #: lib/help.php:373
3520
  msgid "Always ON:"
3521
  msgstr "Toujours activée :"
3522
 
3523
+ #: lib/help.php:375
3524
  msgid ""
3525
  "NinjaFirewall will always enforce the HTTP authentication or captcha "
3526
  "implementation each time you access the login page."
3528
  "Vous serez toujours invité à saisir votre nom d'utilisateur / mot de passe, "
3529
  "ou le code du captcha, chaque fois que vous accéderez à la page de connexion."
3530
 
3531
+ #: lib/help.php:378
3532
  msgid "Type of protection:"
3533
  msgstr "Type de protection :"
3534
 
3535
+ #: lib/help.php:379
3536
  msgid ""
3537
  "<b>Password:</b> It password-protects the login page. NinjaFirewall uses its "
3538
  "own very fast authentication scheme and it is compatible with any HTTP "
3542
  "utilise son propre système d'authentification, rapide et compatible avec "
3543
  "n'importe quel serveur HTTP (Apache, Nginx, Lighttpd etc)."
3544
 
3545
+ #: lib/help.php:380
3546
  msgid "<b>Captcha:</b> It will display a 5-character captcha code."
3547
  msgstr "<b>Captcha :</b> Affichera un code captcha à 5 caractères."
3548
 
3549
+ #: lib/help.php:381
3550
  msgid "Bot protection:"
3551
  msgstr "Protection contre les bots :"
3552
 
3553
+ #: lib/help.php:382
3554
  msgid ""
3555
  "NinjaFirewall will attempt to block bots and scripts immediately, i.e., even "
3556
  "before they start a brute-force attack."
3558
  "NinjaFirewall tentera de bloquer les bots et les scripts immédiatement, "
3559
  "c'est-à-dire avant même qu'ils ne commencent une attaque par force brute."
3560
 
3561
+ #: lib/help.php:390
3562
  msgid "AUTH log"
3563
  msgstr "Journal d'authentification"
3564
 
3565
+ #: lib/help.php:393
3566
  msgid ""
3567
  "NinjaFirewall can write to the server Authentication log when the brute-"
3568
  "force protection is triggered. This can be useful to the system "
3574
  "surveillance ou pour bloquer l'IP incriminée au niveau du pare-feu du "
3575
  "serveur."
3576
 
3577
+ #: lib/help.php:395
3578
  msgid ""
3579
  "If you have a shared hosting account, keep this option disabled as you do "
3580
  "not have any access to the server's logs."
3582
  "Si vous avez un hébergement mutualisé, laissez cette option désactivée car "
3583
  "vous n'avez pas accès aux journaux du serveur."
3584
 
3585
+ #: lib/help.php:397
3586
  msgid ""
3587
  "On Debian-based systems, the log is located in <code>/var/log/auth.log</"
3588
  "code>, and on Red Hat-based systems in <code>/var/log/secure</code>. The "
3592
  "sous Red Hat, dans <code>/var/log/secure</code>. Le format utilisé est le "
3593
  "suivant&nbsp;:"
3594
 
3595
+ #: lib/help.php:400
3596
  msgid "AA: the process ID (PID)."
3597
  msgstr "AA : l'identifiant de processus (PID)."
3598
 
3599
+ #: lib/help.php:401
3600
  msgid "BB: the user IPv4 or IPv6 address."
3601
  msgstr "BB : L'adresse IPv4 ou IPv6 de l'utilisateur."
3602
 
3603
+ #: lib/help.php:402
3604
  msgid "CC: the blog (sub-)domain name."
3605
  msgstr "CC : le nom de (sous-)domaine du blog."
3606
 
3607
+ #: lib/help.php:403
3608
  msgid ""
3609
  "DD: the target: it can be either <code>wp-login.php</code> or <code>XML-RPC "
3610
  "API</code>."
3612
  "DD : la cible; il peut s'agir soit de <code>wp-login.php</code>, soit de "
3613
  "<code>XML-RPC API</code>."
3614
 
3615
+ #: lib/help.php:404
3616
  msgid "EE: the time, in minutes, the protection will remain active."
3617
  msgstr ""
3618
  "EE : le temps, en minutes, pendant lequel la protection restera active."
3619
 
3620
+ #: lib/help.php:406
3621
  msgid "Sample loglines:"
3622
  msgstr "Exemple :"
3623
 
3624
+ #: lib/help.php:409
3625
  #, php-format
3626
  msgid ""
3627
  "Be careful if you are behind a load balancer, reverse-proxy or CDN because "
3641
  "Alternativement, vous pouvez utiliser le fichier <code><a href=\"%s\">."
3642
  "htninja</a></code>."
3643
 
3644
+ #: lib/help.php:425
3645
  msgid ""
3646
  "The firewall log displays blocked and sanitised requests as well as some "
3647
  "useful information. It has 6 columns:"
3649
  "Le journal du pare-feu affiche les requêtes HTTP qui ont été bloquées ou "
3650
  "nettoyées ainsi que d'autres informations utiles. Il a six colonnes&nbsp;:"
3651
 
3652
+ #: lib/help.php:426
3653
  msgid "DATE : date and time of the incident."
3654
  msgstr "DATE : date et heure de l'incident."
3655
 
3656
+ #: lib/help.php:427
3657
  msgid ""
3658
  "INCIDENT : unique incident number/ID as it was displayed to the blocked user."
3659
  msgstr ""
3660
  "INCIDENT : le numéro d'incident (ID) unique. Par défaut, il sera aussi "
3661
  "affiché à l'utilisateur dont la requête aura été bloquée par le pare-feu."
3662
 
3663
+ #: lib/help.php:428
3664
  msgid ""
3665
  "LEVEL : level of severity (<code>CRITICAL</code>, <code>HIGH</code> or "
3666
  "<code>MEDIUM</code>), information (<code>INFO</code>, <code>UPLOAD</code>) "
3670
  "<code>MEDIUM</code>), information (<code>INFO</code>, <code>UPLOAD</code>) "
3671
  "et mode débogage (<code>DEBUG_ON</code>)."
3672
 
3673
+ #: lib/help.php:429
3674
  msgid ""
3675
  "RULE : reference of the NinjaFirewall built-in security rule that triggered "
3676
  "the action. A hyphen (<code>-</code>) instead of a number means it was a "
3681
  "d'un numéro signifie que la règle provient de votre configuration "
3682
  "personnelle de la page \"Politiques du Pare-feu\"."
3683
 
3684
+ #: lib/help.php:430
3685
  msgid "IP : the user IPv4 or IPv6 address."
3686
  msgstr "BB : L'adresse IPv4 ou IPv6 de l'utilisateur."
3687
 
3688
+ #: lib/help.php:431
3689
  msgid ""
3690
  "REQUEST : the HTTP request including offending variables and values as well "
3691
  "as the reason the action was logged."
3693
  "REQUEST : la requête HTTP avec ses variables et valeurs, ainsi que la raison "
3694
  "qui a déclenché l'incident."
3695
 
3696
+ #: lib/help.php:438
3697
  msgid ""
3698
  "This options lets you configure NinjaFirewall to delete its old logs "
3699
  "automatically. By default, logs are never deleted, <b>even when uninstall "
3706
  "cette valeur à <code>0</code> si vous ne voulez pas supprimer les anciens "
3707
  "journaux."
3708
 
3709
+ #: lib/help.php:446
3710
  msgid ""
3711
  "Centralized Logging lets you remotely access the firewall log of all your "
3712
  "NinjaFirewall protected websites from one single installation. You do not "
3717
  "NinjaFirewall. Vous n'avez plus besoin de vous connecter à chaque site pour "
3718
  "analyser vos journaux."
3719
 
3720
+ #: lib/help.php:446
3721
  #, php-format
3722
  msgid "<a href=\"%s\">Consult our blog</a> for more info about it."
3723
  msgstr ""
3724
  "<a href=\"%s\">Consultez notre blog pour plus d'informations à ce sujet</a>."
3725
 
3726
+ #: lib/help.php:447
3727
  msgid ""
3728
  "Enter your public key (optional): This is the public key that was created "
3729
  "from your main server."
3731
  "Entrez votre clé publique (optionnel) : Il s'agit de la clé qui a été créée "
3732
  "depuis le serveur principal."
3733
 
3734
+ #: lib/help.php:450
3735
  msgid ""
3736
  "Centralized Logging will keep working even if NinjaFirewall is disabled. "
3737
  "Delete your public key below if you want to disable it."
3740
  "NinjaFirewall. Si vous souhaitez complètement désactiver cette option, "
3741
  "supprimez votre clé publique ci-dessous. "
3742
 
3743
+ #: lib/help.php:472 lib/live_log.php:37 lib/live_log.php:216
3744
+ #: ninjafirewall.php:550
3745
  msgid "Live Log"
3746
  msgstr "Live Log"
3747
 
3748
+ #: lib/help.php:474
3749
  msgid ""
3750
  "Live Log lets you watch your blog traffic in real time, just like the Unix "
3751
  "<code>tail -f</code> command. Note that requests sent to static elements "
3757
  "statiques comme les fichiers JS/CSS ou les images ne sont pas traitées par "
3758
  "NinjaFirewall."
3759
 
3760
+ #: lib/help.php:476
3761
  msgid ""
3762
  "You can enable/disable the monitoring process, change the refresh rate, "
3763
  "clear the screen, enable automatic vertical scrolling, change the log "
3768
  "effacer l'écran, changer le format d'affichage, le fuseau horaire et choisir "
3769
  "le type de trafic à visualiser (HTTP/HTTPS)."
3770
 
3771
+ #: lib/help.php:476
3772
  msgid ""
3773
  "You can also apply filters to include or exclude files and folders "
3774
  "(REQUEST_URI)."
3776
  "Vous pouvez également appliquer des filtres pour inclure ou exclure des "
3777
  "fichiers et des dossiers (REQUEST_URI)."
3778
 
3779
+ #: lib/help.php:479
3780
  msgid ""
3781
  "Live Log does not make use of any WordPress core file (e.g., <code>admin-"
3782
  "ajax.php</code>). It communicates directly with the firewall without loading "
3790
  "serveur, même si vous ajustez son intervalle de rafraîchissement de la page "
3791
  "sur la fréquence la plus rapide (5 secondes)."
3792
 
3793
+ #: lib/help.php:481
3794
  msgid ""
3795
  "If you are using the optional <code>.htninja</code> configuration file to "
3796
  "whitelist your IP, the Live Log feature will not work."
3799
  "pour toujours accepter les requêtes provenant de votre adresse IP, Live Log "
3800
  "ne fonctionnera pas."
3801
 
3802
+ #: lib/help.php:486
3803
  msgid "Log Format"
3804
  msgstr "Format d'affichage"
3805
 
3806
+ #: lib/help.php:487
3807
  msgid "You can easily customize the log format. Possible values are:"
3808
  msgstr ""
3809
  "Vous pouvez facilement changer le format d'affichage en combinant une ou "
3810
  "plusieurs des valeurs suivantes&nbsp;:"
3811
 
3812
+ #: lib/help.php:488
3813
  msgid "<code>%time</code>: the server date, time and timezone."
3814
  msgstr "<code>%time</code> : la date, heure et fuseau horaire du serveur."
3815
 
3816
+ #: lib/help.php:489
3817
  msgid "<code>%name</code>: authenticated user (HTTP basic auth), if any."
3818
  msgstr ""
3819
  "<code>%name</code> : le nom de l'utilisateur (Authentification HTTP), s'il "
3820
  "existe."
3821
 
3822
+ #: lib/help.php:490
3823
  #, php-format
3824
  msgid ""
3825
  "<code>%client</code>: the client REMOTE_ADDR. If you are behind a load "
3829
  "serveur est derrière un CDN ou un proxy, cette variable retournera l'adresse "
3830
  "IP de celui-ci."
3831
 
3832
+ #: lib/help.php:491
3833
  msgid "<code>%method</code>: HTTP method (e.g., GET, POST)."
3834
  msgstr "<code>%method</code> : la méthode HTTP (ex. GET, POST)."
3835
 
3836
+ #: lib/help.php:492
3837
  #, php-format
3838
  msgid ""
3839
  "<code>%uri</code>: the URI which was given in order to access the page "
3840
  "(REQUEST_URI)."
3841
  msgstr "<code>%uri</code> : l'URI donnée pour accéder à la page (REQUEST_URI)."
3842
 
3843
+ #: lib/help.php:493
3844
  msgid "<code>%referrer</code>: the referrer (HTTP_REFERER), if any."
3845
  msgstr "<code>%referrer</code> : le referrer (HTTP_REFERER), s'il existe."
3846
 
3847
+ #: lib/help.php:494
3848
  #, php-format
3849
  msgid "<code>%ua</code>: the user-agent (HTTP_USER_AGENT), if any."
3850
  msgstr ""
3851
  "<code>%ua</code> : l'en-tête User-Agent (HTTP_USER_AGENT), s'il existe."
3852
 
3853
+ #: lib/help.php:495
3854
  #, php-format
3855
  msgid ""
3856
  "<code>%forward</code>: HTTP_X_FORWARDED_FOR, if any. If you are behind a "
3860
  "votre serveur est derrière un CDN ou un proxy, cette variable retournera "
3861
  "l'adresse réelle du client."
3862
 
3863
+ #: lib/help.php:496
3864
  msgid "<code>%host</code>: the requested host (HTTP_HOST), if any."
3865
  msgstr ""
3866
  "<code>%host</code> : l'en-tête Host de la requête courante (HTTP_HOST), si "
3867
  "elle existe."
3868
 
3869
+ #: lib/help.php:497
3870
  msgid ""
3871
  "Additionally, you can include any of the following characters: <code>\"</"
3872
  "code>, <code>%</code>, <code>[</code>, <code>]</code>, <code>space</code> "
3876
  "%</code>, <code>[</code>, <code>]</code>, <code>espace</code> et toute "
3877
  "lettre minuscule <code>a-z</code>."
3878
 
3879
+ #: lib/help.php:509 lib/rules_editor.php:17 ninjafirewall.php:554
3880
  msgid "Rules Editor"
3881
  msgstr "Éditeur de Règles"
3882
 
3883
+ #: lib/help.php:511
3884
  msgid ""
3885
  "Besides the \"Firewall Policies\", NinjaFirewall includes also a large set "
3886
  "of built-in rules used to protect your blog against the most common "
3897
  "règles, vous pouvez utiliser l’Éditeur de règles ci-dessous pour les "
3898
  "désactiver individuellement&nbsp;:"
3899
 
3900
+ #: lib/help.php:513
3901
  msgid ""
3902
  "Check your firewall log and find the rule ID you want to disable (it is "
3903
  "displayed in the <code>RULE</code> column)."
3905
  "Consultez le journal du pare-feu afin d'y trouver l'ID de la règle que vous "
3906
  "souhaitez désactiver (il est affiché dans la colonne <code>RULE</code>)."
3907
 
3908
+ #: lib/help.php:514
3909
  msgid ""
3910
  "Select its ID from the enabled rules list below and click the \"Disable it\" "
3911
  "button."
3913
  "Sélectionnez son ID dans la liste des règles ci-dessous et cliquez sur le "
3914
  "bouton \"Désactiver\"."
3915
 
3916
+ #: lib/help.php:516
3917
  msgid ""
3918
  "Note: if the <code>RULE</code> column from your log shows a hyphen <code>-</"
3919
  "code> instead of a number, that means that the rule can be changed in the "
3923
  "d'union <code>-</code> à la place d'un nombre, cela signifie que la règle ne "
3924
  "peut être modifiée quand dans la page \"Politiques du Pare-feu\"."
3925
 
3926
+ #: lib/help.php:521
3927
  msgid "Credits"
3928
  msgstr "Crédits"
3929
 
3930
+ #: lib/help.php:523
3931
  msgid ""
3932
  "NinjaFirewall security rules protect against many vulnerabilities. Some of "
3933
  "them were reported by the following companies, individuals or mailing lists:"
3936
  "vulnérabilités. Certaines d'entre elles ont été découvertes par les "
3937
  "entreprises, particuliers ou listes de diffusion suivantes:"
3938
 
3939
+ #: lib/help.php:575 lib/overview.php:132
3940
  msgid "Updates"
3941
  msgstr "Mises à Jour"
3942
 
3943
+ #: lib/help.php:577
3944
  msgid ""
3945
  "To get the most efficient protection, you can ask NinjaFirewall to "
3946
  "automatically update its security rules."
3948
  "Pour bénéficier de la protection la plus efficace, vous pouvez demander à "
3949
  "NinjaFirewall de mettre à jour ses règles de sécurité automatiquement."
3950
 
3951
+ #: lib/help.php:579
3952
  msgid ""
3953
  "Each time a new vulnerability is found in WordPress or one of its plugins/"
3954
  "themes, a new set of security rules will be made available to protect "
3961
  "peuvent être effectuées chaque jour, deux fois par jour ou même une fois par "
3962
  "heure."
3963
 
3964
+ #: lib/help.php:581
3965
  msgid ""
3966
  "Only security rules will be downloaded. If a new version of NinjaFirewall "
3967
  "(including new files, options and features) was available, it would have to "
3972
  "jour depuis la page des \"Extensions\" de votre tableau de bord, comme "
3973
  "d'habitude."
3974
 
3975
+ #: lib/help.php:583
3976
  msgid ""
3977
  "We recommend to enable this feature, as it is the <strong>only way to keep "
3978
  "your WordPress secure</strong> against new vulnerabilities."
3981
  "<strong>meilleure façon de garder votre WordPress protégé</strong> contre "
3982
  "les dernières vulnérabilités."
3983
 
3984
+ #: lib/install_default.php:168
3985
+ msgid ""
3986
+ "Error: The installer cannot download the security rules from wordpress.org "
3987
+ "website."
3988
+ msgstr ""
3989
+ "Erreur : Impossible de télécharger les règles de sécurité depuis le site de "
3990
+ "wordpress.org."
3991
+
3992
+ #: lib/install_default.php:169
3993
+ msgid ""
3994
+ "The server may be temporarily down or you may have network connectivity "
3995
+ "problems? Please try again in a few minutes."
3996
+ msgstr ""
3997
+ "Le serveur est peut être temporairement en panne ou bien vous avez des "
3998
+ "problèmes de connectivité réseau ? Veuillez ré-essayer d'ici quelques "
3999
+ "minutes."
4000
+
4001
+ #: lib/install_default.php:170
4002
+ msgid ""
4003
+ "NinjaFirewall downloads its rules over an HTTPS secure connection. Maybe "
4004
+ "your server does not support SSL? You can force NinjaFirewall to use a non-"
4005
+ "secure HTTP connection by adding the following directive to your <strong>wp-"
4006
+ "config.php</strong> file:"
4007
+ msgstr ""
4008
+ "NinjaFirewall télécharge ses règles de sécurité en utilisant une connexion "
4009
+ "sécurisée (HTTPS). Peut-être que votre serveur ne prend pas en charge "
4010
+ "HTTPS ? Dans ce cas, vous pouvez demander à NinjaFirewall d'utiliser une "
4011
+ "connexion non-sécurisée (HTTP) en ajoutant la ligne suivante dans votre "
4012
+ "fichier <strong>wp-config.php</strong> :"
4013
+
4014
  #: lib/install_fullwaf.php:35 lib/install_fullwaf.php:149
4015
  #: lib/install_fullwaf.php:304 lib/install_wpwaf.php:53
4016
  #: lib/install_wpwaf.php:63 lib/install_wpwaf.php:70
4722
  msgid "Error: unable to write to the %s configuration file"
4723
  msgstr "Erreur : impossible d’écrire dans le fichier de configuration %s"
4724
 
4725
+ #: lib/network.php:24 ninjafirewall.php:867 ninjafirewall.php:871
4726
  #, php-format
4727
  msgid "You are not allowed to perform this task (%s)."
4728
  msgstr "Vous n'êtes pas autorisé à effectuer cette tâche (%s)."
4765
  "Un e-mail \"Guide d'Utilisation, d'Installation et de Dépannage\" a été "
4766
  "envoyé à l'adresse"
4767
 
4768
+ #: lib/overview.php:62 lib/utils.php:388
4769
  msgid "unknown error"
4770
  msgstr "erreur inconnue"
4771
 
4802
  msgid "PHP SAPI"
4803
  msgstr "PHP SAPI"
4804
 
4805
+ #: lib/overview.php:122 lib/utils.php:522
4806
  msgid "Version"
4807
  msgstr "Version"
4808
 
5066
  msgid "Enable it"
5067
  msgstr "Activer"
5068
 
5069
+ #: lib/rules_update.php:73 ninjafirewall.php:558
5070
  msgid "Rules Update"
5071
  msgstr "Mise à Jour des Règles"
5072
 
5242
  "Cette notification peut être désactivée depuis la page \"Mise à Jour des "
5243
  "Règles\" de NinjaFirewall."
5244
 
5245
+ #: lib/statistics.php:27 ninjafirewall.php:504
5246
  msgid "Statistics"
5247
  msgstr "Statistiques"
5248
 
5287
  msgstr ""
5288
  "NinjaFirewall a bloqué une tentative de création d'un compte d'utilisateur :"
5289
 
5290
+ #: lib/utils.php:85 lib/utils.php:790
5291
  msgid "Username:"
5292
  msgstr "Utilisateur :"
5293
 
5294
+ #: lib/utils.php:86 lib/utils.php:791 lib/utils.php:996
5295
  msgid "User IP:"
5296
  msgstr "IP utilisateur :"
5297
 
5298
+ #: lib/utils.php:89 lib/utils.php:633 lib/utils.php:794 lib/utils.php:999
5299
  msgid "Date:"
5300
  msgstr "Date :"
5301
 
5302
+ #: lib/utils.php:96 lib/utils.php:97 lib/utils.php:804 lib/utils.php:805
5303
+ #: lib/utils.php:953 lib/utils.php:954
5304
  msgid "You are not allowed to perform this task."
5305
  msgstr "Vous n'êtes pas autorisé à effectuer cette tâche."
5306
 
5307
+ #: lib/utils.php:364 lib/utils.php:368
5308
  msgid "NinjaFirewall error"
5309
  msgstr "NinjaFirewall Erreur"
5310
 
5311
+ #: lib/utils.php:365
5312
  #, php-format
5313
  msgid ""
5314
  "%s directory cannot be created. Please review your installation and ensure "
5317
  "Le répertoire %s ne peut pas être créé. Vérifiez votre installation et "
5318
  "assurez vous que %s n'est pas en lecture seule."
5319
 
5320
+ #: lib/utils.php:369
5321
  #, php-format
5322
  msgid ""
5323
  "%s directory is read-only. Please review your installation and ensure that "
5326
  "Le répertoire %s est en lecture seule. Vérifiez votre installation et les "
5327
  "permissions de %s."
5328
 
5329
+ #: lib/utils.php:390
5330
  msgid "NinjaFirewall fatal error:"
5331
  msgstr "NinjaFirewall erreur fatale :"
5332
 
5333
+ #: lib/utils.php:391
5334
  msgid "Review your installation, your site is not protected."
5335
  msgstr "Vérifiez votre installation, votre site n'est pas protégé."
5336
 
5337
+ #: lib/utils.php:439 lib/utils.php:461
5338
  msgid "Forbidden access"
5339
  msgstr "Accès interdit"
5340
 
5341
+ #: lib/utils.php:480
5342
  #, php-format
5343
  msgid ""
5344
  "<strong>ERROR</strong>: Invalid username or password.<br /><a href=\"%s"
5347
  "<strong>ERREUR</strong>: Identifiant ou mot de passe invalide.<br /><a href="
5348
  "\"%s\">Mot de passe perdu</a> ?"
5349
 
5350
+ #: lib/utils.php:514
5351
+ msgid "Plugin"
5352
+ msgstr "Extension"
5353
+
5354
+ #: lib/utils.php:514 lib/utils.php:518
5355
+ msgid "uploaded"
5356
+ msgstr "téléchargé(e)"
5357
+
5358
+ #: lib/utils.php:514 lib/utils.php:518
5359
+ msgid "installed"
5360
+ msgstr "installé(e)"
5361
+
5362
+ #: lib/utils.php:514 lib/utils.php:518
5363
+ msgid "activated"
5364
+ msgstr "activé(e)"
5365
+
5366
+ #: lib/utils.php:515
5367
+ msgid "updated"
5368
+ msgstr "mis(e) à jour"
5369
+
5370
+ #: lib/utils.php:515
5371
+ msgid "deactivated"
5372
+ msgstr "désactivé(e)"
5373
+
5374
+ #: lib/utils.php:515 lib/utils.php:519
5375
+ msgid "deleted"
5376
+ msgstr "supprimé(e)"
5377
+
5378
+ #: lib/utils.php:515 lib/utils.php:519
5379
+ msgid "Name"
5380
+ msgstr "Nom"
5381
+
5382
+ #: lib/utils.php:518
5383
+ msgid "Theme"
5384
+ msgstr "Thème"
5385
+
5386
+ #: lib/utils.php:522
5387
+ msgid "upgraded"
5388
+ msgstr "mis(e) à jour"
5389
+
5390
+ #: lib/utils.php:530
5391
+ msgid "[NinjaFirewall] Alert:"
5392
+ msgstr "[NinjaFirewall] Alerte :"
5393
+
5394
+ #: lib/utils.php:536
5395
+ msgid "NinjaFirewall has detected the following activity on your account:"
5396
+ msgstr "NinjaFirewall a détecté l'activité suivante sur votre compte :"
5397
+
5398
+ #: lib/utils.php:628
5399
  msgid "[NinjaFirewall] Alert: Database changes detected"
5400
  msgstr "[NinjaFirewall] Alerte: Modification dans la base de données"
5401
 
5402
+ #: lib/utils.php:629
5403
  msgid ""
5404
  "NinjaFirewall has detected that one or more administrator accounts were "
5405
  "modified in the database:"
5407
  "NinjaFirewall a détecté que un ou plusieurs comptes d'administrateur ont été "
5408
  "modifiés dans la base de données:"
5409
 
5410
+ #: lib/utils.php:634
5411
  #, php-format
5412
  msgid "Total administrators : %s"
5413
  msgstr "Nombre d'administrateurs : %s"
5414
 
5415
+ #: lib/utils.php:643
5416
  msgid ""
5417
  "If you cannot see any modifications in the above fields, it is possible that "
5418
  "the administrator password was changed."
5420
  "Si vous ne voyez pas de modifications dans les données ci-dessus, il est "
5421
  "possible que le mot de passe administrateur ait été changé."
5422
 
5423
+ #: lib/utils.php:762
5424
  msgid "Blocked privilege escalation attempt"
5425
  msgstr "Tentatives d'élévation des privilèges"
5426
 
5427
+ #: lib/utils.php:787
5428
  msgid "NinjaFirewall has blocked an attempt to gain administrative privileges:"
5429
  msgstr ""
5430
  "NinjaFirewall a bloqué un utilisateur ayant essayé d'élever ses privilèges "
5431
  "pour devenir administrateur du blog :"
5432
 
5433
+ #: lib/utils.php:815
5434
  msgid ""
5435
  "NinjaFirewall brute-force protection is enabled and you are temporarily "
5436
  "whitelisted."
5438
  "La protection de NinjaFirewall contre les attaques par force brute est "
5439
  "activée. Vous êtes temporairement dans la liste blanche."
5440
 
5441
+ #: lib/utils.php:829
5442
  #, php-format
5443
  msgid ""
5444
  "Hey, it seems that you've been using NinjaFirewall for some time. If you "
5451
  "a>. Il a fallu des milliers d'heures pour le développer, mais il suffit "
5452
  "seulement de quelques minutes pour le noter. Merci !"
5453
 
5454
+ #: lib/utils.php:975
5455
  msgid "WordPress Address (URL)"
5456
  msgstr "Adresse web de WordPress (URL)"
5457
 
5458
+ #: lib/utils.php:976
5459
  msgid "Site Address (URL)"
5460
  msgstr "Adresse web du site (URL)"
5461
 
5462
+ #: lib/utils.php:977
5463
  msgid "Membership"
5464
  msgstr "Inscription"
5465
 
5466
+ #: lib/utils.php:978
5467
  msgid "New User Default Role"
5468
  msgstr "Rôle par défaut de tout nouvel utilisateur"
5469
 
5470
+ #: lib/utils.php:981
5471
  msgid "Attempt to modify WordPress settings"
5472
  msgstr "Tentative de modification des paramètres de WordPress"
5473
 
5474
+ #: lib/utils.php:982
5475
  msgid ""
5476
  "NinjaFirewall has blocked an attempt to modify some important WordPress "
5477
  "settings by a user that does not have administrative privileges:"
5480
  "importants de WordPress par un utilisateur ne disposant pas de privilèges "
5481
  "administratifs :"
5482
 
5483
+ #: lib/utils.php:984
5484
  msgid ""
5485
  "The attempt was blocked and the option was reversed to its original value."
5486
  msgstr ""
5487
  "La tentative a été bloquée et l'option a été remise à sa valeur d'origine."
5488
 
5489
+ #: lib/utils.php:986
5490
  #, php-format
5491
  msgid "Option: %s (%s)"
5492
  msgstr "Option: %s (%s)"
5493
 
5494
+ #: lib/utils.php:987
5495
  #, php-format
5496
  msgid "Original value: %s"
5497
  msgstr "Valeur originale : %s"
5498
 
5499
+ #: lib/utils.php:988
5500
  #, php-format
5501
  msgid "Modified value: %s"
5502
  msgstr "Valeur modifiée : %s"
5503
 
5504
+ #: lib/utils.php:989
5505
  #, php-format
5506
  msgid "Action taken: %s"
5507
  msgstr "Action prise : %s"
5508
 
5509
+ #: lib/utils.php:991
5510
  #, php-format
5511
  msgid "You can review this option from your WordPress \"%s\" page."
5512
  msgstr ""
5513
  "Vous pouvez consulter cette option à partir de votre page \"% s\" de "
5514
  "WordPress."
5515
 
5516
+ #: lib/utils.php:992
5517
  msgid "Settings > General"
5518
  msgstr "Réglages > Général"
5519
 
5520
+ #: lib/utils.php:1001
5521
  msgid ""
5522
  "This protection (and notification) can be turned off from NinjaFirewall "
5523
  "\"Firewall Policies\" page."
5836
  msgstr "Un véritable pare-feu applicatif pour sécuriser et protéger WordPress."
5837
 
5838
  #: ninjafirewall.php:61
5839
+ #, php-format
5840
+ msgid "Sorry %s, your request cannot be processed."
5841
+ msgstr "Désolé %s, votre requête ne peut pas aboutir."
5842
+
5843
+ #: ninjafirewall.php:62
5844
+ msgid "For security reasons, it was blocked and logged."
5845
+ msgstr "Pour des raisons de sécurité, elle a été bloquée et enregistrée."
5846
+
5847
+ #: ninjafirewall.php:64
5848
+ msgid ""
5849
+ "If you believe this was an error please contact the<br />webmaster and "
5850
+ "enclose the following incident ID:"
5851
+ msgstr ""
5852
+ "Si vous pensez qu'il s'agit d'une erreur, veuillez contacter<br />le "
5853
+ "webmaster et joindre le numéro d'incident suivant:"
5854
+
5855
+ #: ninjafirewall.php:68
5856
  msgid "Cannot find WordPress configuration file"
5857
  msgstr "Impossible de trouver le fichier de configuration de WordPress"
5858
 
5859
+ #: ninjafirewall.php:69
5860
  msgid "Cannot read WordPress configuration file"
5861
  msgstr "Impossible de lire le fichier de configuration de WordPress"
5862
 
5863
+ #: ninjafirewall.php:70
5864
  msgid "Cannot retrieve WordPress database credentials"
5865
  msgstr ""
5866
  "Impossible de récupérer les informations d'identification de base de données "
5867
  "WordPress"
5868
 
5869
+ #: ninjafirewall.php:71
5870
  msgid "Cannot connect to WordPress database"
5871
  msgstr "Impossible de se connecter à la base de données WordPress"
5872
 
5873
+ #: ninjafirewall.php:72
5874
  msgid "Cannot retrieve user options from database (#2)"
5875
  msgstr ""
5876
  "Impossible de récupérer les options de l'utilisateur dans la base de données "
5877
  "(#2)"
5878
 
5879
+ #: ninjafirewall.php:73
5880
  msgid "Cannot retrieve user options from database (#3)"
5881
  msgstr ""
5882
  "Impossible de récupérer les options de l'utilisateur dans la base de données "
5883
  "(#3)"
5884
 
5885
+ #: ninjafirewall.php:74
5886
  msgid "Cannot retrieve user rules from database (#2)"
5887
  msgstr ""
5888
  "Impossible de récupérer les règles de l'utilisateur dans la base de données "
5889
  "(#2)"
5890
 
5891
+ #: ninjafirewall.php:75
5892
  msgid "Cannot retrieve user rules from database (#3)"
5893
  msgstr ""
5894
  "Impossible de récupérer les règles de l'utilisateur dans la base de données "
5895
  "(#3)"
5896
 
5897
+ #: ninjafirewall.php:76
5898
  msgid ""
5899
  "The firewall has been disabled from the <a href=\"admin.php?page=nfsubopt"
5900
  "\">administration console</a>"
5902
  "Le pare-feu a été désactivé depuis son <a href=\"admin.php?page=nfsubopt"
5903
  "\">interface d'administration</a>"
5904
 
5905
+ #: ninjafirewall.php:77
5906
  msgid "Unable to communicate with the firewall. Please check your settings"
5907
  msgstr ""
5908
  "Impossible de communiquer avec le pare-feu. Veuillez vérifiez votre "
5909
  "configuration"
5910
 
5911
+ #: ninjafirewall.php:78
5912
  msgid "Cannot retrieve user options from database (#1)"
5913
  msgstr ""
5914
  "Impossible de récupérer les options de l'utilisateur dans la base de données "
5915
  "(#1)"
5916
 
5917
+ #: ninjafirewall.php:79
5918
  msgid "Cannot retrieve user rules from database (#1)"
5919
  msgstr ""
5920
  "Impossible de récupérer les règles de l'utilisateur dans la base de données "
5921
  "(#1)"
5922
 
5923
+ #: ninjafirewall.php:80
5924
  #, php-format
5925
  msgid ""
5926
  "The firewall cannot access its log and cache folders. If you changed the "
5931
  "modifié les dossiers %s ou %s, vous DEVEZ définir la constante %s afin de "
5932
  "résoudre ce problème (consultez %s pour plus de détails)"
5933
 
5934
+ #: ninjafirewall.php:105
5935
  msgid ""
5936
  "You do not have \"unfiltered_html\" capability. Please enable it in order to "
5937
  "run NinjaFirewall (or make sure you do not have \"DISALLOW_UNFILTERED_HTML\" "
5942
  "la directive \"DISALLOW_UNFILTERED_HTML\" activée dans votre fichier wp-"
5943
  "config.php)."
5944
 
5945
+ #: ninjafirewall.php:112
5946
  #, php-format
5947
  msgid ""
5948
  "NinjaFirewall requires WordPress 3.3 or greater but your current version is "
5951
  "NinjaFirewall nécessite au moins WordPress 3.3 mais votre version de "
5952
  "WordPress est %s."
5953
 
5954
+ #: ninjafirewall.php:116
5955
  #, php-format
5956
  msgid ""
5957
  "NinjaFirewall requires PHP 5.3 or greater but your current version is %s."
5958
  msgstr ""
5959
  "NinjaFirewall nécessite au moins PHP 5.3 mais votre version de PHP est %s."
5960
 
5961
+ #: ninjafirewall.php:120
5962
  #, php-format
5963
  msgid "NinjaFirewall requires the PHP %s extension."
5964
  msgstr "NinjaFirewall nécessite l'extension PHP %s."
5965
 
5966
+ #: ninjafirewall.php:124
5967
  msgid ""
5968
  "You have SAFE_MODE enabled. Please disable it, it is deprecated as of PHP "
5969
  "5.3.0 (see http://php.net/safe-mode)."
5972
  "devenue obsolète depuis PHP 5.3 et a été supprimée depuis PHP 5.4 (cf. "
5973
  "http://php.net/safe-mode)."
5974
 
5975
+ #: ninjafirewall.php:128
5976
  msgid "You are not allowed to activate NinjaFirewall."
5977
  msgstr "Vous n’êtes pas autorisé à activer NinjaFirewall."
5978
 
5979
+ #: ninjafirewall.php:132
5980
  msgid "NinjaFirewall is not compatible with Microsoft Windows."
5981
  msgstr "NinjaFirewall n'est pas compatible avec Microsoft Windows."
5982
 
5983
+ #: ninjafirewall.php:402
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
5984
  msgid "Alert: WordPress console login"
5985
  msgstr "Alerte : Connexion à WordPress"
5986
 
5987
+ #: ninjafirewall.php:404
5988
  msgid "-Blog:"
5989
  msgstr "- Blog :"
5990
 
5991
+ #: ninjafirewall.php:408
5992
  msgid "Someone just logged in to your WordPress admin console:"
5993
  msgstr "Quelqu'un vient de se connecter à votre Tableau de bord de WordPress:"
5994
 
5995
+ #: ninjafirewall.php:409
5996
  msgid "-User:"
5997
  msgstr "- Nom :"
5998
 
5999
+ #: ninjafirewall.php:410
6000
  msgid "-IP:"
6001
  msgstr "- IP :"
6002
 
6003
+ #: ninjafirewall.php:411
6004
  msgid "-Date:"
6005
  msgstr "- Date :"
6006
 
6007
+ #: ninjafirewall.php:414
6008
+ msgid "Support forum"
6009
+ msgstr "Forum "
 
 
 
 
 
 
 
 
 
 
 
 
 
6010
 
6011
+ #: ninjafirewall.php:500
6012
  msgid "NinjaFirewall: Overview"
6013
  msgstr "NinjaFirewall : Aperçu"
6014
 
6015
+ #: ninjafirewall.php:504
6016
  msgid "NinjaFirewall: Statistics"
6017
  msgstr "NinjaFirewall : Statistiques"
6018
 
6019
+ #: ninjafirewall.php:508
6020
  msgid "NinjaFirewall: Firewall Options"
6021
  msgstr "NinjaFirewall : Options du Pare-feu"
6022
 
6023
+ #: ninjafirewall.php:512
6024
  msgid "NinjaFirewall: Firewall Policies"
6025
  msgstr "NinjaFirewall : Politiques du Pare-feu"
6026
 
6027
+ #: ninjafirewall.php:516
6028
  msgid "NinjaFirewall: File Guard"
6029
  msgstr "NinjaFirewall: File Guard"
6030
 
6031
+ #: ninjafirewall.php:520
6032
  msgid "NinjaFirewall: File Check"
6033
  msgstr "NinjaFirewall: File Check"
6034
 
6035
+ #: ninjafirewall.php:530
6036
  msgid "NinjaFirewall: Anti-Malware"
6037
  msgstr "NinjaFirewall : Anti-Malware"
6038
 
6039
+ #: ninjafirewall.php:534
6040
  msgid "NinjaFirewall: Network"
6041
  msgstr "NinjaFirewall : Réseau"
6042
 
6043
+ #: ninjafirewall.php:538
6044
  msgid "NinjaFirewall: Event Notifications"
6045
  msgstr "NinjaFirewall : Notifications d’Événement"
6046
 
6047
+ #: ninjafirewall.php:542
6048
  msgid "NinjaFirewall: Log-in Protection"
6049
  msgstr "NinjaFirewall : Page de Connexion"
6050
 
6051
+ #: ninjafirewall.php:546
6052
  msgid "NinjaFirewall: Firewall Log"
6053
  msgstr "NinjaFirewall : Journal du Pare-feu"
6054
 
6055
+ #: ninjafirewall.php:550
6056
  msgid "NinjaFirewall: Live Log"
6057
  msgstr "NinjaFirewall: Live Log"
6058
 
6059
+ #: ninjafirewall.php:554
6060
  msgid "NinjaFirewall: Rules Editor"
6061
  msgstr "NinjaFirewall : Éditeur de Règles"
6062
 
6063
+ #: ninjafirewall.php:558
6064
  msgid "NinjaFirewall: Rules Update"
6065
  msgstr "NinjaFirewall: Mise à Jour des Règles"
6066
 
6067
+ #: ninjafirewall.php:565
6068
  msgid "NinjaFirewall: About"
6069
  msgstr "NinjaFirewall : À Propos"
6070
 
6071
+ #: ninjafirewall.php:565
6072
  msgid "About..."
6073
  msgstr "À Propos..."
6074
 
6075
+ #: ninjafirewall.php:605
6076
  msgid "NinjaFirewall Settings"
6077
  msgstr "Réglages de NinjaFirewall"
6078
 
6079
+ #: ninjafirewall.php:613
6080
  msgid "NinjaFirewall is enabled"
6081
  msgstr "NinjaFirewall est activé"
6082
 
6083
+ #: ninjafirewall.php:802
6084
  msgid "Access Restricted"
6085
  msgstr "Accès limité"
6086
 
6087
+ #: ninjafirewall.php:808
6088
  msgid "Settings"
6089
  msgstr "Réglages"
6090
 
6091
+ #: ninjafirewall.php:809
6092
  msgid "Upgrade to Premium"
6093
  msgstr "Passez Premium !"
6094
 
6095
+ #: ninjafirewall.php:810
6096
  msgid "Rate it!"
6097
  msgstr "Notez-le !"
6098
 
6099
+ #~ msgid ""
6100
+ #~ "Note: This feature does not apply to <code>FORCE_SSL_ADMIN</code>, "
6101
+ #~ "<code>DISALLOW_FILE_EDIT</code> and <code>DISALLOW_FILE_MODS</code> "
6102
+ #~ "options which, if enabled, are always enforced."
6103
+ #~ msgstr ""
6104
+ #~ "Ne s'applique pas aux options <code>FORCE_SSL_ADMIN</code>, "
6105
+ #~ "<code>DISALLOW_FILE_EDIT</code> et <code>DISALLOW_FILE_MODS</code> qui, "
6106
+ #~ "si elles sont activées, seront toujours appliquées."
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
6107
 
6108
+ #~ msgid "ERROR: Failed to update rules"
6109
+ #~ msgstr "ERREUR: Échec de la mise à jour des règles"
 
6110
 
6111
+ #~ msgid ""
6112
+ #~ "NinjaFirewall failed to update its rules. This is a critical error, your "
6113
+ #~ "current rules may be corrupted or disabled. In order to solve the "
6114
+ #~ "problem, please follow these instructions:"
6115
+ #~ msgstr ""
6116
+ #~ "La mise à jour des règles de NinjaFirewall a échoué. Ceci est une erreur "
6117
+ #~ "critique, vos règles actuelles peuvent être endommagées ou bien "
6118
+ #~ "désactivées. Afin de résoudre le problème, veuillez suivre ces "
6119
+ #~ "instructions :"
6120
 
6121
+ #~ msgid "1. Log in to your WordPress admin dashboard."
6122
+ #~ msgstr "1. Connectez-vous à votre tableau de bord WordPress."
 
6123
 
6124
+ #~ msgid "2. Go to \"NinjaFirewall > Updates\"."
6125
+ #~ msgstr "2. Sélectionnez \"NinjaFirewall > Mises à Jour\"."
 
6126
 
6127
+ #~ msgid "3. Click on \"Check for updates now!\"."
6128
+ #~ msgstr ""
6129
+ #~ "3. Cliquez sur le bouton \"Vérifier les mises à jour maintenant ! \"."
6130
 
6131
  #~ msgid ""
6132
  #~ "If you cannot see any modifications in the above fields, it is likely "
languages/ninjafirewall.pot CHANGED
@@ -2,7 +2,7 @@
2
  msgid ""
3
  msgstr ""
4
  "Project-Id-Version: Stable (latest release)\n"
5
- "POT-Creation-Date: 2018-12-03 00:07+0700\n"
6
  "PO-Revision-Date: 2018-04-05 22:52+0700\n"
7
  "Last-Translator: NinTechNet <contact@nintechnet.com>\n"
8
  "Language-Team: \n"
@@ -121,7 +121,7 @@ msgid ""
121
  "level of protection and performance higher than any other security plugin."
122
  msgstr ""
123
 
124
- #: install.php:156 ninjafirewall.php:782
125
  msgid "Installation"
126
  msgstr ""
127
 
@@ -150,7 +150,7 @@ msgstr ""
150
  msgid "Privacy policy"
151
  msgstr ""
152
 
153
- #: install.php:177 lib/about.php:198 lib/help.php:458
154
  msgid ""
155
  "Your website can run NinjaFirewall and be compliant with the General Data "
156
  "Protection Regulation (GDPR). For more info, please visit our blog:"
@@ -170,7 +170,7 @@ msgid ""
170
  msgstr ""
171
 
172
  #: install.php:258 lib/firewall_policies.php:107 lib/help.php:168
173
- #: lib/install_fullwaf.php:33 lib/install_fullwaf.php:141 ninjafirewall.php:807
174
  msgid "Firewall Policies"
175
  msgstr ""
176
 
@@ -441,26 +441,6 @@ msgstr ""
441
  msgid "Need help? Check our blog:"
442
  msgstr ""
443
 
444
- #: install.php:601
445
- msgid ""
446
- "Error: The installer cannot download the security rules from wordpress.org "
447
- "website."
448
- msgstr ""
449
-
450
- #: install.php:602
451
- msgid ""
452
- "The server may be temporarily down or you may have network connectivity "
453
- "problems? Please try again in a few minutes."
454
- msgstr ""
455
-
456
- #: install.php:603
457
- msgid ""
458
- "NinjaFirewall downloads its rules over an HTTPS secure connection. Maybe "
459
- "your server does not support SSL? You can force NinjaFirewall to use a non-"
460
- "secure HTTP connection by adding the following directive to your <strong>wp-"
461
- "config.php</strong> file:"
462
- msgstr ""
463
-
464
  #: lib/about.php:31
465
  msgid "Error : cannot find changelog :("
466
  msgstr ""
@@ -509,7 +489,7 @@ msgstr ""
509
  msgid "System Info"
510
  msgstr ""
511
 
512
- #: lib/about.php:100 lib/help.php:456
513
  msgid "GDPR Compliance"
514
  msgstr ""
515
 
@@ -571,7 +551,7 @@ msgid ""
571
  "Program page</a>."
572
  msgstr ""
573
 
574
- #: lib/anti_malware.php:24 ninjafirewall.php:825
575
  msgid "Anti-Malware"
576
  msgstr ""
577
 
@@ -628,7 +608,7 @@ msgstr ""
628
  msgid "View firewall log"
629
  msgstr ""
630
 
631
- #: lib/event_notifications.php:45 lib/help.php:348 ninjafirewall.php:833
632
  msgid "Event Notifications"
633
  msgstr ""
634
 
@@ -743,15 +723,15 @@ msgid "Send me a daily activity report"
743
  msgstr ""
744
 
745
  #: lib/event_notifications.php:150 lib/event_notifications.php:162
746
- #: lib/firewall_policies.php:531 lib/firewall_policies.php:574
747
- #: lib/firewall_policies.php:594 lib/firewall_policies.php:644
748
- #: lib/firewall_policies.php:689 lib/firewall_policies.php:699
749
- #: lib/firewall_policies.php:709 lib/firewall_policies.php:752
750
- #: lib/firewall_policies.php:795 lib/firewall_policies.php:815
751
- #: lib/firewall_policies.php:1029 lib/firewall_policies.php:1085
752
- #: lib/firewall_policies.php:1095 lib/firewall_policies.php:1105
753
- #: lib/firewall_policies.php:1115 lib/firewall_policies.php:1162
754
- #: lib/firewall_policies.php:1172 lib/network.php:63 lib/rules_update.php:145
755
  msgid "Yes (default)"
756
  msgstr ""
757
 
@@ -830,15 +810,15 @@ msgstr ""
830
  msgid "Blocked brute-force attacks:"
831
  msgstr ""
832
 
833
- #: lib/event_notifications.php:448 lib/utils.php:512 lib/utils.php:647
834
  msgid ""
835
  "This notification can be turned off from NinjaFirewall \"Event Notifications"
836
  "\" page."
837
  msgstr ""
838
 
839
  #: lib/event_notifications.php:452 lib/file_check.php:855
840
- #: lib/file_check.php:872 lib/firewall_options.php:572 lib/rules_update.php:565
841
- #: ninjafirewall.php:1180
842
  msgid "Support forum:"
843
  msgstr ""
844
 
@@ -866,7 +846,7 @@ msgstr ""
866
  msgid "No changes detected."
867
  msgstr ""
868
 
869
- #: lib/file_check.php:129 lib/help.php:315 ninjafirewall.php:815
870
  msgid "File Check"
871
  msgstr ""
872
 
@@ -1046,15 +1026,15 @@ msgstr ""
1046
  msgid "Enable scheduled scans"
1047
  msgstr ""
1048
 
1049
- #: lib/file_check.php:516 lib/firewall_policies.php:439
1050
- #: lib/firewall_policies.php:454 lib/firewall_policies.php:464
1051
- #: lib/firewall_policies.php:474 lib/firewall_policies.php:544
1052
- #: lib/firewall_policies.php:587 lib/firewall_policies.php:619
1053
- #: lib/firewall_policies.php:657 lib/firewall_policies.php:745
1054
- #: lib/firewall_policies.php:765 lib/firewall_policies.php:808
1055
- #: lib/firewall_policies.php:938 lib/firewall_policies.php:952
1056
- #: lib/firewall_policies.php:977 lib/firewall_policies.php:1185
1057
- #: lib/login_protection.php:295
1058
  msgid "No (default)"
1059
  msgstr ""
1060
 
@@ -1146,15 +1126,15 @@ msgstr ""
1146
  msgid "Error reading new snapshot file."
1147
  msgstr ""
1148
 
1149
- #: lib/file_check.php:814 ninjafirewall.php:261
1150
  msgid "New file"
1151
  msgstr ""
1152
 
1153
- #: lib/file_check.php:815 ninjafirewall.php:262
1154
  msgid "Modified file"
1155
  msgstr ""
1156
 
1157
- #: lib/file_check.php:816 ninjafirewall.php:263
1158
  msgid "Deleted file"
1159
  msgstr ""
1160
 
@@ -1164,7 +1144,7 @@ msgstr ""
1164
 
1165
  #: lib/file_check.php:843 lib/file_check.php:845 lib/file_check.php:866
1166
  #: lib/file_check.php:868 lib/rules_update.php:557 lib/rules_update.php:559
1167
- #: lib/utils.php:84 lib/utils.php:500 lib/utils.php:641 lib/utils.php:846
1168
  msgid "Blog:"
1169
  msgstr ""
1170
 
@@ -1189,7 +1169,7 @@ msgstr ""
1189
  msgid "Please enter a number from 1 to 99."
1190
  msgstr ""
1191
 
1192
- #: lib/file_guard.php:54 lib/help.php:283 ninjafirewall.php:811
1193
  msgid "File Guard"
1194
  msgstr ""
1195
 
@@ -1218,15 +1198,15 @@ msgid "Yes (recommended)"
1218
  msgstr ""
1219
 
1220
  #: lib/file_guard.php:101 lib/firewall_policies.php:27
1221
- #: lib/firewall_policies.php:534 lib/firewall_policies.php:577
1222
- #: lib/firewall_policies.php:597 lib/firewall_policies.php:647
1223
- #: lib/firewall_policies.php:692 lib/firewall_policies.php:702
1224
- #: lib/firewall_policies.php:712 lib/firewall_policies.php:755
1225
- #: lib/firewall_policies.php:798 lib/firewall_policies.php:818
1226
- #: lib/firewall_policies.php:880 lib/firewall_policies.php:1032
1227
- #: lib/firewall_policies.php:1088 lib/firewall_policies.php:1098
1228
  #: lib/firewall_policies.php:1108 lib/firewall_policies.php:1118
1229
- #: lib/firewall_policies.php:1165 lib/firewall_policies.php:1175
 
1230
  #: lib/network.php:64 lib/rules_update.php:148
1231
  msgid "No"
1232
  msgstr ""
@@ -1276,7 +1256,7 @@ msgstr ""
1276
  msgid "Your public key has been saved"
1277
  msgstr ""
1278
 
1279
- #: lib/firewall_log.php:84 lib/help.php:422 ninjafirewall.php:841
1280
  msgid "Firewall Log"
1281
  msgstr ""
1282
 
@@ -1313,7 +1293,7 @@ msgstr ""
1313
  msgid "Log Options"
1314
  msgstr ""
1315
 
1316
- #: lib/firewall_log.php:173 lib/help.php:435
1317
  msgid "Auto-delete log"
1318
  msgstr ""
1319
 
@@ -1330,7 +1310,7 @@ msgstr ""
1330
  msgid "Save Log Options"
1331
  msgstr ""
1332
 
1333
- #: lib/firewall_log.php:202 lib/help.php:443 lib/overview.php:198
1334
  #: lib/wpplus.php:93
1335
  msgid "Centralized Logging"
1336
  msgstr ""
@@ -1391,7 +1371,7 @@ msgstr ""
1391
  msgid "Refresh preview"
1392
  msgstr ""
1393
 
1394
- #: lib/firewall_options.php:71 ninjafirewall.php:803
1395
  msgid "Firewall Options"
1396
  msgstr ""
1397
 
@@ -1537,64 +1517,64 @@ msgstr ""
1537
  msgid "Uploaded file is either corrupted or its format is not supported (#%s)"
1538
  msgstr ""
1539
 
1540
- #: lib/firewall_options.php:426
1541
  msgid "The imported file is not compatible with that version of NinjaFirewall"
1542
  msgstr ""
1543
 
1544
- #: lib/firewall_options.php:546
1545
  msgid "[NinjaFirewall] Alert: Firewall is disabled"
1546
  msgstr ""
1547
 
1548
- #: lib/firewall_options.php:548 lib/firewall_options.php:550
1549
- #: ninjafirewall.php:557 ninjafirewall.php:559 ninjafirewall.php:1168
1550
- #: ninjafirewall.php:1170
1551
  msgid "-Blog :"
1552
  msgstr ""
1553
 
1554
- #: lib/firewall_options.php:554
1555
  msgid "Someone disabled NinjaFirewall from your WordPress admin dashboard:"
1556
  msgstr ""
1557
 
1558
- #: lib/firewall_options.php:557
1559
  msgid ""
1560
  "NinjaFirewall is disabled because someone enabled debugging mode from your "
1561
  "WordPress admin dashboard:"
1562
  msgstr ""
1563
 
1564
- #: lib/firewall_options.php:560
1565
  msgid "[NinjaFirewall] Alert: Firewall override settings"
1566
  msgstr ""
1567
 
1568
- #: lib/firewall_options.php:561
1569
  msgid ""
1570
  "Someone imported a new configuration which overrode the firewall settings:"
1571
  msgstr ""
1572
 
1573
- #: lib/firewall_options.php:567 ninjafirewall.php:1175
1574
  msgid "-User :"
1575
  msgstr ""
1576
 
1577
- #: lib/firewall_options.php:568 ninjafirewall.php:1176
1578
  msgid "-IP :"
1579
  msgstr ""
1580
 
1581
- #: lib/firewall_options.php:569 ninjafirewall.php:566 ninjafirewall.php:1177
1582
  msgid "-Date :"
1583
  msgstr ""
1584
 
1585
- #: lib/firewall_policies.php:26 lib/firewall_policies.php:436
1586
- #: lib/firewall_policies.php:451 lib/firewall_policies.php:461
1587
- #: lib/firewall_policies.php:471 lib/firewall_policies.php:541
1588
- #: lib/firewall_policies.php:584 lib/firewall_policies.php:616
1589
- #: lib/firewall_policies.php:654 lib/firewall_policies.php:742
1590
- #: lib/firewall_policies.php:762 lib/firewall_policies.php:805
1591
- #: lib/firewall_policies.php:937 lib/firewall_policies.php:951
1592
- #: lib/firewall_policies.php:976 lib/firewall_policies.php:1182
 
1593
  msgid "Yes"
1594
  msgstr ""
1595
 
1596
  #: lib/firewall_policies.php:28 lib/firewall_policies.php:192
1597
- #: lib/firewall_policies.php:380
1598
  msgid "(default)"
1599
  msgstr ""
1600
 
@@ -1634,11 +1614,11 @@ msgstr ""
1634
  msgid "Basic Policies"
1635
  msgstr ""
1636
 
1637
- #: lib/firewall_policies.php:131 lib/help.php:197
1638
  msgid "Intermediate Policies"
1639
  msgstr ""
1640
 
1641
- #: lib/firewall_policies.php:132 lib/help.php:228
1642
  msgid "Advanced Policies"
1643
  msgstr ""
1644
 
@@ -1682,385 +1662,390 @@ msgstr ""
1682
  msgid "substitution character:"
1683
  msgstr ""
1684
 
1685
- #: lib/firewall_policies.php:308
1686
  msgid "Block direct access to any PHP file located in one of these directories"
1687
  msgstr ""
1688
 
1689
- #: lib/firewall_policies.php:338
1690
  msgid ""
1691
  "NinjaFirewall will not block access to the TinyMCE WYSIWYG editor even if "
1692
  "this option is enabled."
1693
  msgstr ""
1694
 
1695
- #: lib/firewall_policies.php:353
1696
  msgid ""
1697
  "Unless you have PHP scripts in a \"/cache/\" folder that need to be accessed "
1698
  "by your visitors, we recommend to enable this option."
1699
  msgstr ""
1700
 
1701
- #: lib/firewall_policies.php:364 lib/firewall_policies.php:369
1702
  #, php-format
1703
  msgid ""
1704
  "If you are using the %s plugin, blocking <code>system.multicall</code> may "
1705
  "prevent it from working correctly."
1706
  msgstr ""
1707
 
1708
- #: lib/firewall_policies.php:377
1709
  msgid "General"
1710
  msgstr ""
1711
 
1712
- #: lib/firewall_policies.php:380 lib/help.php:184
1713
  msgid "Block attempts to modify important WordPress settings"
1714
  msgstr ""
1715
 
1716
- #: lib/firewall_policies.php:381 lib/help.php:185
1717
  msgid "Block user accounts creation"
1718
  msgstr ""
1719
 
1720
- #: lib/firewall_policies.php:382
1721
  msgid "Do not enable this policy if you allow user registration."
1722
  msgstr ""
1723
 
1724
- #: lib/firewall_policies.php:387
1725
  msgid "Protect against username enumeration"
1726
  msgstr ""
1727
 
1728
- #: lib/firewall_policies.php:390
1729
  msgid "Through the author archives"
1730
  msgstr ""
1731
 
1732
- #: lib/firewall_policies.php:391
1733
  msgid "Through the login page"
1734
  msgstr ""
1735
 
1736
- #: lib/firewall_policies.php:392
1737
  msgid "Through the WordPress REST API"
1738
  msgstr ""
1739
 
1740
- #: lib/firewall_policies.php:400
1741
  msgid "This feature is only available when running WordPress 4.7 or above."
1742
  msgstr ""
1743
 
1744
- #: lib/firewall_policies.php:407
1745
  msgid "WordPress REST API"
1746
  msgstr ""
1747
 
1748
- #: lib/firewall_policies.php:410 lib/firewall_policies.php:418
1749
  msgid "Block any access to the API"
1750
  msgstr ""
1751
 
1752
- #: lib/firewall_policies.php:415
1753
  msgid "WordPress XML-RPC API"
1754
  msgstr ""
1755
 
1756
- #: lib/firewall_policies.php:420
1757
  msgid "Block <code>system.multicall</code> method"
1758
  msgstr ""
1759
 
1760
- #: lib/firewall_policies.php:422
1761
  msgid "Block Pingbacks"
1762
  msgstr ""
1763
 
1764
- #: lib/firewall_policies.php:429
1765
  msgid ""
1766
  "Disabling access to the REST or XML-RPC API may break some functionality on "
1767
  "your blog, its themes or plugins."
1768
  msgstr ""
1769
 
1770
- #: lib/firewall_policies.php:433
1771
  msgid "Block <code>POST</code> requests in the themes folder"
1772
  msgstr ""
1773
 
1774
- #: lib/firewall_policies.php:448
1775
  msgid "Force SSL for admin and logins"
1776
  msgstr ""
1777
 
1778
- #: lib/firewall_policies.php:458
1779
  msgid "Disable the plugin and theme editor"
1780
  msgstr ""
1781
 
1782
- #: lib/firewall_policies.php:468
1783
  msgid "Disable plugin and theme update/installation"
1784
  msgstr ""
1785
 
1786
- #: lib/firewall_policies.php:494 lib/help.php:269
 
 
 
 
1787
  msgid "Users Whitelist"
1788
  msgstr ""
1789
 
1790
- #: lib/firewall_policies.php:497
1791
  msgid "Add the Administrator to the whitelist (default)."
1792
  msgstr ""
1793
 
1794
- #: lib/firewall_policies.php:498
1795
  msgid "Add all logged in users to the whitelist."
1796
  msgstr ""
1797
 
1798
- #: lib/firewall_policies.php:499
1799
  msgid "Disable users whitelist."
1800
  msgstr ""
1801
 
1802
- #: lib/firewall_policies.php:500
1803
  msgid ""
1804
  "Note: This feature does not apply to <code>FORCE_SSL_ADMIN</code>, "
1805
- "<code>DISALLOW_FILE_EDIT</code> and <code>DISALLOW_FILE_MODS</code> options "
1806
- "which, if enabled, are always enforced."
 
1807
  msgstr ""
1808
 
1809
- #: lib/firewall_policies.php:525 lib/help.php:199
1810
  msgid "HTTP GET variable"
1811
  msgstr ""
1812
 
1813
- #: lib/firewall_policies.php:528
1814
  msgid "Scan <code>GET</code> variable"
1815
  msgstr ""
1816
 
1817
- #: lib/firewall_policies.php:538
1818
  msgid "Sanitise <code>GET</code> variable"
1819
  msgstr ""
1820
 
1821
- #: lib/firewall_policies.php:568 lib/help.php:202
1822
  msgid "HTTP POST variable"
1823
  msgstr ""
1824
 
1825
- #: lib/firewall_policies.php:571
1826
  msgid "Scan <code>POST</code> variable"
1827
  msgstr ""
1828
 
1829
- #: lib/firewall_policies.php:581
1830
  msgid "Sanitise <code>POST</code> variable"
1831
  msgstr ""
1832
 
1833
- #: lib/firewall_policies.php:587 lib/firewall_policies.php:619
1834
  msgid "Do not enable this option unless you know what you are doing!"
1835
  msgstr ""
1836
 
1837
- #: lib/firewall_policies.php:591
1838
  msgid "Decode Base64-encoded <code>POST</code> variable"
1839
  msgstr ""
1840
 
1841
- #: lib/firewall_policies.php:610 lib/help.php:206
1842
  msgid "HTTP REQUEST variable"
1843
  msgstr ""
1844
 
1845
- #: lib/firewall_policies.php:613
1846
  msgid "Sanitise <code>REQUEST</code> variable"
1847
  msgstr ""
1848
 
1849
- #: lib/firewall_policies.php:638 lib/help.php:209
1850
  msgid "Cookies"
1851
  msgstr ""
1852
 
1853
- #: lib/firewall_policies.php:641
1854
  msgid "Scan cookies"
1855
  msgstr ""
1856
 
1857
- #: lib/firewall_policies.php:651
1858
  msgid "Sanitise cookies"
1859
  msgstr ""
1860
 
1861
- #: lib/firewall_policies.php:683 lib/help.php:212
1862
  msgid "HTTP_USER_AGENT server variable"
1863
  msgstr ""
1864
 
1865
- #: lib/firewall_policies.php:686
1866
  msgid "Scan <code>HTTP_USER_AGENT</code>"
1867
  msgstr ""
1868
 
1869
- #: lib/firewall_policies.php:696
1870
  msgid "Sanitise <code>HTTP_USER_AGENT</code>"
1871
  msgstr ""
1872
 
1873
- #: lib/firewall_policies.php:706
1874
  msgid "Block suspicious bots/scanners"
1875
  msgstr ""
1876
 
1877
- #: lib/firewall_policies.php:736 lib/help.php:216
1878
  msgid "HTTP_REFERER server variable"
1879
  msgstr ""
1880
 
1881
- #: lib/firewall_policies.php:739
1882
  msgid "Scan <code>HTTP_REFERER</code>"
1883
  msgstr ""
1884
 
1885
- #: lib/firewall_policies.php:749
1886
  msgid "Sanitise <code>HTTP_REFERER</code>"
1887
  msgstr ""
1888
 
1889
- #: lib/firewall_policies.php:759
1890
  msgid ""
1891
  "Block <code>POST</code> requests that do not have an <code>HTTP_REFERER</"
1892
  "code> header"
1893
  msgstr ""
1894
 
1895
- #: lib/firewall_policies.php:765
1896
  msgid ""
1897
  "Keep this option disabled if you are using scripts like Paypal IPN, "
1898
  "WordPress WP-Cron etc"
1899
  msgstr ""
1900
 
1901
- #: lib/firewall_policies.php:792
1902
  msgid "Block localhost IP in <code>GET/POST</code> request"
1903
  msgstr ""
1904
 
1905
- #: lib/firewall_policies.php:802
1906
  msgid "Block HTTP requests with an IP in the <code>HTTP_HOST</code> header"
1907
  msgstr ""
1908
 
1909
- #: lib/firewall_policies.php:812
1910
  msgid "Scan traffic coming from localhost and private IP address spaces"
1911
  msgstr ""
1912
 
1913
- #: lib/firewall_policies.php:834
1914
  #, php-format
1915
  msgid ""
1916
  "This option is disabled because the %s PHP function is not available on your "
1917
  "server."
1918
  msgstr ""
1919
 
1920
- #: lib/firewall_policies.php:849 lib/help.php:230
1921
  msgid "HTTP response headers"
1922
  msgstr ""
1923
 
1924
- #: lib/firewall_policies.php:852
1925
  #, php-format
1926
  msgid "Set %s to protect against MIME type confusion attacks"
1927
  msgstr ""
1928
 
1929
- #: lib/firewall_policies.php:862
1930
  #, php-format
1931
  msgid "Set %s to protect against clickjacking attempts"
1932
  msgstr ""
1933
 
1934
- #: lib/firewall_policies.php:871
1935
  #, php-format
1936
  msgid "Set %s (IE/Edge, Chrome, Opera and Safari browsers)"
1937
  msgstr ""
1938
 
1939
- #: lib/firewall_policies.php:875 lib/firewall_policies.php:876
1940
- #: lib/firewall_policies.php:879
1941
  #, php-format
1942
  msgid "Set to %s"
1943
  msgstr ""
1944
 
1945
- #: lib/firewall_policies.php:884
1946
  #, php-format
1947
  msgid "Force %s flag on all cookies to mitigate XSS attacks"
1948
  msgstr ""
1949
 
1950
- #: lib/firewall_policies.php:890
1951
  msgid ""
1952
  "If your PHP scripts use cookies that need to be accessed from JavaScript, "
1953
  "you should disable this option."
1954
  msgstr ""
1955
 
1956
- #: lib/firewall_policies.php:896
1957
  msgid ""
1958
  "HSTS headers can only be set when you are accessing your site over HTTPS."
1959
  msgstr ""
1960
 
1961
- #: lib/firewall_policies.php:903
1962
  #, php-format
1963
  msgid "Set %s (HSTS) to enforce secure connections to the server"
1964
  msgstr ""
1965
 
1966
- #: lib/firewall_policies.php:906
1967
  msgid "1 month"
1968
  msgstr ""
1969
 
1970
- #: lib/firewall_policies.php:907
1971
  msgid "6 months"
1972
  msgstr ""
1973
 
1974
- #: lib/firewall_policies.php:908
1975
  msgid "1 year"
1976
  msgstr ""
1977
 
1978
- #: lib/firewall_policies.php:910
1979
  msgid "Apply to subdomains"
1980
  msgstr ""
1981
 
1982
- #: lib/firewall_policies.php:914
1983
  msgid "Set <code>max-age</code> to 0"
1984
  msgstr ""
1985
 
1986
- #: lib/firewall_policies.php:934
1987
  #, php-format
1988
  msgid "Set %s for the website frontend"
1989
  msgstr ""
1990
 
1991
- #: lib/firewall_policies.php:942
1992
  msgid "This CSP header will apply to the website frontend only."
1993
  msgstr ""
1994
 
1995
- #: lib/firewall_policies.php:948
1996
  #, php-format
1997
  msgid "Set %s for the WordPress admin dashboard"
1998
  msgstr ""
1999
 
2000
- #: lib/firewall_policies.php:956
2001
  msgid "This CSP header will apply to the WordPress admin dashboard only."
2002
  msgstr ""
2003
 
2004
- #: lib/firewall_policies.php:972
2005
  #, php-format
2006
  msgid "Set %s (Chrome, Opera and Firefox browsers)"
2007
  msgstr ""
2008
 
2009
- #: lib/firewall_policies.php:1026
2010
  msgid ""
2011
  "Block PHP built-in wrappers in <code>GET</code>, <code>POST</code>, "
2012
  "<code>HTTP_USER_AGENT</code>, <code>HTTP_REFERER</code> and cookies"
2013
  msgstr ""
2014
 
2015
- #: lib/firewall_policies.php:1069
2016
  msgid "Block serialized PHP objects in the following global variables"
2017
  msgstr ""
2018
 
2019
- #: lib/firewall_policies.php:1082
2020
  msgid "Hide PHP notice and error messages"
2021
  msgstr ""
2022
 
2023
- #: lib/firewall_policies.php:1092
2024
  msgid "Sanitise <code>PHP_SELF</code>"
2025
  msgstr ""
2026
 
2027
- #: lib/firewall_policies.php:1102
2028
  msgid "Sanitise <code>PATH_TRANSLATED</code>"
2029
  msgstr ""
2030
 
2031
- #: lib/firewall_policies.php:1112
2032
  msgid "Sanitise <code>PATH_INFO</code>"
2033
  msgstr ""
2034
 
2035
- #: lib/firewall_policies.php:1132
2036
  msgid "This option is not compatible with your actual configuration."
2037
  msgstr ""
2038
 
2039
- #: lib/firewall_policies.php:1156 lib/help.php:260
2040
  msgid "Various"
2041
  msgstr ""
2042
 
2043
- #: lib/firewall_policies.php:1159
2044
  msgid "Block the <code>DOCUMENT_ROOT</code> server variable in HTTP request"
2045
  msgstr ""
2046
 
2047
- #: lib/firewall_policies.php:1169
2048
  msgid "Block ASCII character 0x00 (NULL byte)"
2049
  msgstr ""
2050
 
2051
- #: lib/firewall_policies.php:1179
2052
  msgid "Block ASCII control characters 1 to 8 and 14 to 31"
2053
  msgstr ""
2054
 
2055
- #: lib/firewall_policies.php:1195
2056
  msgid "Save Firewall Policies"
2057
  msgstr ""
2058
 
2059
- #: lib/firewall_policies.php:1197
2060
  msgid "Restore Default Values"
2061
  msgstr ""
2062
 
2063
- #: lib/help.php:37 ninjafirewall.php:795
2064
  msgid "Overview"
2065
  msgstr ""
2066
 
@@ -2427,57 +2412,66 @@ msgid ""
2427
  "this constant also disables the Plugin and Theme editor."
2428
  msgstr ""
2429
 
2430
- #: lib/help.php:200
 
 
 
 
 
 
 
 
 
2431
  msgid "Whether to scan and/or sanitise the <code>GET</code> variable."
2432
  msgstr ""
2433
 
2434
- #: lib/help.php:203
2435
  msgid "Whether to scan and/or sanitise the <code>POST</code> variable."
2436
  msgstr ""
2437
 
2438
- #: lib/help.php:204
2439
  msgid "Decode Base64-encoded <code>POST</code> variable:"
2440
  msgstr ""
2441
 
2442
- #: lib/help.php:204
2443
  msgid ""
2444
  "NinjaFirewall will decode and scan base64 encoded values in order to detect "
2445
  "obfuscated malicious code. This option is only available for the <code>POST</"
2446
  "code> variable."
2447
  msgstr ""
2448
 
2449
- #: lib/help.php:207
2450
  msgid "Whether to sanitise the <code>REQUEST</code> variable."
2451
  msgstr ""
2452
 
2453
- #: lib/help.php:210
2454
  msgid "Whether to scan and/or sanitise cookies."
2455
  msgstr ""
2456
 
2457
- #: lib/help.php:213
2458
  msgid "Whether to scan and/or sanitise <code>HTTP_USER_AGENT</code> requests."
2459
  msgstr ""
2460
 
2461
- #: lib/help.php:214
2462
  msgid "Block suspicious bots/scanners:"
2463
  msgstr ""
2464
 
2465
- #: lib/help.php:214
2466
  msgid ""
2467
  "rejects some known bots, scanners and various malicious scripts attempting "
2468
  "to access your blog."
2469
  msgstr ""
2470
 
2471
- #: lib/help.php:217
2472
  msgid "Whether to scan and/or sanitise <code>HTTP_REFERER</code> requests."
2473
  msgstr ""
2474
 
2475
- #: lib/help.php:218
2476
  msgid ""
2477
  "Block POST requests that do not have an <code>HTTP_REFERER</code> header:"
2478
  msgstr ""
2479
 
2480
- #: lib/help.php:218
2481
  msgid ""
2482
  "this option will block any <code>POST</code> request that does not have a "
2483
  "Referrer header (<code>HTTP_REFERER</code> variable). If you need external "
@@ -2488,22 +2482,22 @@ msgid ""
2488
  "default."
2489
  msgstr ""
2490
 
2491
- #: lib/help.php:221
2492
  msgid "Block localhost IP in <code>GET/POST</code> requests:"
2493
  msgstr ""
2494
 
2495
- #: lib/help.php:221
2496
  msgid ""
2497
  "this option will block any <code>GET</code> or <code>POST</code> request "
2498
  "containing the localhost IP (127.0.0.1). It can be useful to block SQL "
2499
  "dumpers and various hacker's shell scripts."
2500
  msgstr ""
2501
 
2502
- #: lib/help.php:222
2503
  msgid "Block HTTP requests with an IP in the <code>HTTP_HOST</code> header:"
2504
  msgstr ""
2505
 
2506
- #: lib/help.php:222
2507
  #, php-format
2508
  msgid ""
2509
  "this option will reject any request using an IP instead of a domain name in "
@@ -2513,11 +2507,11 @@ msgid ""
2513
  "than domain names."
2514
  msgstr ""
2515
 
2516
- #: lib/help.php:223
2517
  msgid "Scan traffic coming from localhost and private IP address spaces:"
2518
  msgstr ""
2519
 
2520
- #: lib/help.php:223
2521
  msgid ""
2522
  "this option will allow the firewall to scan traffic from all non-routable "
2523
  "private IPs (IPv4 and IPv6) as well as the localhost IP. We recommend to "
@@ -2525,20 +2519,20 @@ msgid ""
2525
  "interconnected)."
2526
  msgstr ""
2527
 
2528
- #: lib/help.php:232
2529
  msgid ""
2530
  "In addition to filtering incoming requests, NinjaFirewall can also hook the "
2531
  "HTTP response in order to alter its headers. Those modifications can help to "
2532
  "mitigate threats such as XSS, phishing and clickjacking attacks."
2533
  msgstr ""
2534
 
2535
- #: lib/help.php:234
2536
  msgid ""
2537
  "Set <code>X-Content-Type-Options</code> to protect against MIME type "
2538
  "confusion attacks:"
2539
  msgstr ""
2540
 
2541
- #: lib/help.php:234
2542
  msgid ""
2543
  "this header will send the nosniff value to instruct the browser to disable "
2544
  "content or MIME sniffing and to use the content-type returned by the server. "
@@ -2547,12 +2541,12 @@ msgid ""
2547
  "such as MIME Confusion Attacks."
2548
  msgstr ""
2549
 
2550
- #: lib/help.php:235
2551
  msgid ""
2552
  "Set <code>X-Frame-Options</code> to protect against clickjacking attempts:"
2553
  msgstr ""
2554
 
2555
- #: lib/help.php:235
2556
  msgid ""
2557
  "this header indicates a policy whether a browser must not allow to render a "
2558
  "page in a &lt;frame&gt; or &lt;iframe&gt;. Hosts can declare this policy in "
@@ -2561,53 +2555,53 @@ msgid ""
2561
  "NinjaFirewall accepts two different values:"
2562
  msgstr ""
2563
 
2564
- #: lib/help.php:237
2565
  msgid ""
2566
  "a browser receiving content with this header must not display this content "
2567
  "in any frame from a page of different origin than the content itself."
2568
  msgstr ""
2569
 
2570
- #: lib/help.php:238
2571
  msgid ""
2572
  "a browser receiving content with this header must not display this content "
2573
  "in any frame."
2574
  msgstr ""
2575
 
2576
- #: lib/help.php:241
2577
  msgid "NinjaFirewall does not support the <code>ALLOW-FROM</code> value."
2578
  msgstr ""
2579
 
2580
- #: lib/help.php:243
2581
  msgid ""
2582
  "Since v3.1.3, WordPress sets this value to <code>SAMEORIGIN</code> for the "
2583
  "administrator and the login page only."
2584
  msgstr ""
2585
 
2586
- #: lib/help.php:244
2587
  msgid ""
2588
  "Set <code>X-XSS-Protection</code> (IE/Edge, Chrome, Opera and Safari "
2589
  "browsers):"
2590
  msgstr ""
2591
 
2592
- #: lib/help.php:244
2593
  msgid ""
2594
  "this header allows browsers to identify and block XSS attacks by preventing "
2595
  "malicious scripts from executing. It is enabled by default on all compatible "
2596
  "browsers."
2597
  msgstr ""
2598
 
2599
- #: lib/help.php:245
2600
  msgid ""
2601
  "If a visitor disabled their browser's XSS filter, you cannot re-enable it "
2602
  "with that option."
2603
  msgstr ""
2604
 
2605
- #: lib/help.php:247
2606
  msgid ""
2607
  "Force <code>HttpOnly</code> flag on all cookies to mitigate XSS attacks:"
2608
  msgstr ""
2609
 
2610
- #: lib/help.php:247
2611
  msgid ""
2612
  "adding this flag to cookies helps to mitigate the risk of cross-site "
2613
  "scripting by preventing them from being accessed through client-side "
@@ -2618,19 +2612,19 @@ msgid ""
2618
  "sets that flag on the logged in user cookies only."
2619
  msgstr ""
2620
 
2621
- #: lib/help.php:248
2622
  msgid ""
2623
  "If your PHP scripts send cookies that need to be accessed from JavaScript, "
2624
  "you should keep that option disabled."
2625
  msgstr ""
2626
 
2627
- #: lib/help.php:249
2628
  msgid ""
2629
  "Set <code>Strict-Transport-Security</code> (HSTS) to enforce secure "
2630
  "connections to the server:"
2631
  msgstr ""
2632
 
2633
- #: lib/help.php:249
2634
  msgid ""
2635
  "this policy enforces secure HTTPS connections to the server. Web browsers "
2636
  "will not allow the user to access the web application over insecure HTTP "
@@ -2638,38 +2632,38 @@ msgid ""
2638
  "attacks. Most recent browsers support HSTS headers."
2639
  msgstr ""
2640
 
2641
- #: lib/help.php:250
2642
  msgid "Set <code>Content-Security-Policy</code>:"
2643
  msgstr ""
2644
 
2645
- #: lib/help.php:250
2646
  msgid ""
2647
  "this policy helps to mitigate threats such as XSS, phishing and clickjacking "
2648
  "attacks. It covers JavaScript, CSS, HTML frames, web workers, fonts, images, "
2649
  "objects (Java, ActiveX, audio and video files), and other HTML5 features."
2650
  msgstr ""
2651
 
2652
- #: lib/help.php:250
2653
  msgid ""
2654
  "NinjaFirewall lets you configure the CSP policy separately for the frontend "
2655
  "(blog, website) and the backend (WordPress admin dashboard)."
2656
  msgstr ""
2657
 
2658
- #: lib/help.php:251
2659
  msgid "Set <code>Referrer-Policy</code>:"
2660
  msgstr ""
2661
 
2662
- #: lib/help.php:251
2663
  msgid ""
2664
  "this HTTP header governs which referrer information, sent in the Referer "
2665
  "header, should be included with requests made."
2666
  msgstr ""
2667
 
2668
- #: lib/help.php:255
2669
  msgid "Block PHP built-in wrappers:"
2670
  msgstr ""
2671
 
2672
- #: lib/help.php:255
2673
  msgid ""
2674
  "PHP has several wrappers for use with the filesystem functions. It is "
2675
  "possible for an attacker to use them to bypass firewalls and various IDS to "
@@ -2680,11 +2674,11 @@ msgid ""
2680
  "request, cookies, user agent and referrer variables."
2681
  msgstr ""
2682
 
2683
- #: lib/help.php:256
2684
  msgid "Block serialized PHP objects:"
2685
  msgstr ""
2686
 
2687
- #: lib/help.php:256
2688
  #, php-format
2689
  msgid ""
2690
  "Object Serialization is a PHP feature used by many applications to generate "
@@ -2695,35 +2689,35 @@ msgid ""
2695
  "code> request, cookies, user agent and referrer variables."
2696
  msgstr ""
2697
 
2698
- #: lib/help.php:257
2699
  msgid "Hide PHP notice and error messages:"
2700
  msgstr ""
2701
 
2702
- #: lib/help.php:257
2703
  msgid ""
2704
  "this option lets you hide errors returned by your scripts. Such errors can "
2705
  "leak sensitive informations which can be exploited by hackers."
2706
  msgstr ""
2707
 
2708
- #: lib/help.php:258
2709
  msgid ""
2710
  "Sanitise <code>PHP_SELF</code>, <code>PATH_TRANSLATED</code>, "
2711
  "<code>PATH_INFO</code>:"
2712
  msgstr ""
2713
 
2714
- #: lib/help.php:258
2715
  msgid ""
2716
  "this option can sanitise any dangerous characters found in those 3 server "
2717
  "variables to prevent various XSS and database injection attempts."
2718
  msgstr ""
2719
 
2720
- #: lib/help.php:261
2721
  #, php-format
2722
  msgid ""
2723
  "Block the <code>DOCUMENT_ROOT</code> server variable (%s) in HTTP requests:"
2724
  msgstr ""
2725
 
2726
- #: lib/help.php:261
2727
  msgid ""
2728
  "this option will block scripts attempting to pass the <code>DOCUMENT_ROOT</"
2729
  "code> server variable in a <code>GET</code> or <code>POST</code> request. "
@@ -2731,11 +2725,11 @@ msgid ""
2731
  "legitimate programs do not."
2732
  msgstr ""
2733
 
2734
- #: lib/help.php:262
2735
  msgid "Block ASCII character 0x00 (NULL byte):"
2736
  msgstr ""
2737
 
2738
- #: lib/help.php:262
2739
  msgid ""
2740
  "this option will reject any <code>GET</code> or <code>POST</code> request, "
2741
  "<code>HTTP_USER_AGENT</code>, <code>REQUEST_URI</code>, <code>PHP_SELF</"
@@ -2744,18 +2738,18 @@ msgid ""
2744
  "dangerous and should always be rejected."
2745
  msgstr ""
2746
 
2747
- #: lib/help.php:263
2748
  msgid "Block ASCII control characters 1 to 8 and 14 to 31:"
2749
  msgstr ""
2750
 
2751
- #: lib/help.php:263
2752
  msgid ""
2753
  "this option will reject any <code>GET</code> or <code>POST</code> request, "
2754
  "<code>HTTP_USER_AGENT</code>, <code>HTTP_REFERER</code> variables containing "
2755
  "ASCII characters from 1 to 8 and 14 to 31."
2756
  msgstr ""
2757
 
2758
- #: lib/help.php:271
2759
  #, php-format
2760
  msgid ""
2761
  "By default, any logged in WordPress administrator will not be blocked by "
@@ -2767,13 +2761,13 @@ msgid ""
2767
  "enforced."
2768
  msgstr ""
2769
 
2770
- #: lib/help.php:285
2771
  msgid ""
2772
  "File Guard can detect, in real-time, any access to a PHP file that was "
2773
  "recently modified or created, and alert you about this."
2774
  msgstr ""
2775
 
2776
- #: lib/help.php:287
2777
  msgid ""
2778
  "If a hacker uploaded a shell script to your site (or injected a backdoor "
2779
  "into an already existing file) and tried to directly access that file using "
@@ -2784,7 +2778,7 @@ msgid ""
2784
  "Notifications\" menu."
2785
  msgstr ""
2786
 
2787
- #: lib/help.php:288
2788
  msgid ""
2789
  "If you do not want to monitor a folder, you can exclude its full path or a "
2790
  "part of it (e.g., <code>/var/www/public_html/cache/</code> or <code>/cache/</"
@@ -2793,13 +2787,13 @@ msgid ""
2793
  "will ignore it."
2794
  msgstr ""
2795
 
2796
- #: lib/help.php:289
2797
  msgid ""
2798
  "Multiple values must be comma-separated (e.g., <code>/foo/bar/,/cache/</"
2799
  "code>)."
2800
  msgstr ""
2801
 
2802
- #: lib/help.php:290
2803
  msgid ""
2804
  "File Guard real-time detection is a totally unique feature, because "
2805
  "NinjaFirewall is the only plugin for WordPress that can hook HTTP requests "
@@ -2807,11 +2801,11 @@ msgid ""
2807
  "package (third-party software, shell script, backdoor etc)."
2808
  msgstr ""
2809
 
2810
- #: lib/help.php:299 lib/network.php:32 ninjafirewall.php:829
2811
  msgid "Network"
2812
  msgstr ""
2813
 
2814
- #: lib/help.php:301
2815
  msgid ""
2816
  "Even if NinjaFirewall administration menu is only available to the Super "
2817
  "Admin (from the main site), you can still display its status to all sites in "
@@ -2819,26 +2813,26 @@ msgid ""
2819
  "be visible only to the administrators of those sites."
2820
  msgstr ""
2821
 
2822
- #: lib/help.php:303
2823
  msgid ""
2824
  "It is recommended to enable this feature as it is the only way to know "
2825
  "whether the sites in your network are protected and if NinjaFirewall "
2826
  "installation was successful."
2827
  msgstr ""
2828
 
2829
- #: lib/help.php:305
2830
  msgid ""
2831
  "Note that when it is disabled, the icon still remains visible to you, the "
2832
  "Super Admin."
2833
  msgstr ""
2834
 
2835
- #: lib/help.php:316
2836
  msgid ""
2837
  "File Check lets you perform file integrity monitoring upon request or on a "
2838
  "specific interval."
2839
  msgstr ""
2840
 
2841
- #: lib/help.php:318
2842
  msgid ""
2843
  "You need to create a snapshot of all your files and then, at a later time, "
2844
  "you can scan your system to compare it with the previous snapshot. Any "
@@ -2846,62 +2840,62 @@ msgid ""
2846
  "file ownership, timestamp as well as file creation and deletion."
2847
  msgstr ""
2848
 
2849
- #: lib/help.php:319
2850
  #, php-format
2851
  msgid ""
2852
  "Create a snapshot of all files stored in that directory: by default, the "
2853
  "directory is set to WordPress <code>ABSPATH</code> (%s)"
2854
  msgstr ""
2855
 
2856
- #: lib/help.php:320
2857
  msgid ""
2858
  "Exclude the following files/folders: you can enter a directory or a file "
2859
  "name (e.g., <code>/foo/bar/</code>), or a part of it (e.g., <code>foo</"
2860
  "code>). Or you can exclude a file extension (e.g., <code>.css</code>)."
2861
  msgstr ""
2862
 
2863
- #: lib/help.php:322
2864
  msgid ""
2865
  "Multiple values must be comma-separated (e.g., <code>/foo/bar/,.css,.png</"
2866
  "code>)."
2867
  msgstr ""
2868
 
2869
- #: lib/help.php:323
2870
  msgid ""
2871
  "Do not follow symbolic links: by default, NinjaFirewall will not follow "
2872
  "symbolic links."
2873
  msgstr ""
2874
 
2875
- #: lib/help.php:328
2876
  msgid "Scheduled scans"
2877
  msgstr ""
2878
 
2879
- #: lib/help.php:329
2880
  msgid ""
2881
  "NinjaFirewall can scan your system on a specific interval (hourly, "
2882
  "twicedaily or daily)."
2883
  msgstr ""
2884
 
2885
- #: lib/help.php:331
2886
  msgid ""
2887
  "It can either send you a scan report only if changes are detected, or always "
2888
  "send you one after each scan."
2889
  msgstr ""
2890
 
2891
- #: lib/help.php:333
2892
  msgid ""
2893
  "Reports will be sent to the contact email address defined in the \"Event "
2894
  "Notifications\" menu."
2895
  msgstr ""
2896
 
2897
- #: lib/help.php:335
2898
  #, php-format
2899
  msgid ""
2900
  "Scheduled scans rely on <a href=\"%s\">WordPress pseudo cron</a> which works "
2901
  "only if your site gets sufficient traffic."
2902
  msgstr ""
2903
 
2904
- #: lib/help.php:349
2905
  msgid ""
2906
  "NinjaFirewall can alert you by email on specific events triggered within "
2907
  "your blog. They include installations, updates, activations etc, as well as "
@@ -2912,11 +2906,11 @@ msgid ""
2912
  "theme in order to take full control of your website."
2913
  msgstr ""
2914
 
2915
- #: lib/help.php:360 lib/login_protection.php:21 ninjafirewall.php:837
2916
  msgid "Login Protection"
2917
  msgstr ""
2918
 
2919
- #: lib/help.php:364
2920
  msgid ""
2921
  "By processing incoming HTTP requests before your blog and any of its "
2922
  "plugins, NinjaFirewall is the only plugin for WordPress able to protect it "
@@ -2924,18 +2918,18 @@ msgid ""
2924
  "from several thousands of different IPs."
2925
  msgstr ""
2926
 
2927
- #: lib/help.php:366
2928
  msgid ""
2929
  "You can choose two different types of protection: a password or a captcha. "
2930
  "You can enable the protection only if an attack is detected or to keep it "
2931
  "always activated."
2932
  msgstr ""
2933
 
2934
- #: lib/help.php:368
2935
  msgid "Yes, if under attack:"
2936
  msgstr ""
2937
 
2938
- #: lib/help.php:370
2939
  msgid ""
2940
  "The protection will be triggered when too many login attempts are detected, "
2941
  "regardless of the offending IP. It blocks the attack instantly and prevents "
@@ -2944,92 +2938,92 @@ msgid ""
2944
  "combination or the captcha code. "
2945
  msgstr ""
2946
 
2947
- #: lib/help.php:372
2948
  msgid "Always ON:"
2949
  msgstr ""
2950
 
2951
- #: lib/help.php:374
2952
  msgid ""
2953
  "NinjaFirewall will always enforce the HTTP authentication or captcha "
2954
  "implementation each time you access the login page."
2955
  msgstr ""
2956
 
2957
- #: lib/help.php:377
2958
  msgid "Type of protection:"
2959
  msgstr ""
2960
 
2961
- #: lib/help.php:378
2962
  msgid ""
2963
  "<b>Password:</b> It password-protects the login page. NinjaFirewall uses its "
2964
  "own very fast authentication scheme and it is compatible with any HTTP "
2965
  "server (Apache, Nginx, Lighttpd etc)."
2966
  msgstr ""
2967
 
2968
- #: lib/help.php:379
2969
  msgid "<b>Captcha:</b> It will display a 5-character captcha code."
2970
  msgstr ""
2971
 
2972
- #: lib/help.php:380
2973
  msgid "Bot protection:"
2974
  msgstr ""
2975
 
2976
- #: lib/help.php:381
2977
  msgid ""
2978
  "NinjaFirewall will attempt to block bots and scripts immediately, i.e., even "
2979
  "before they start a brute-force attack."
2980
  msgstr ""
2981
 
2982
- #: lib/help.php:389
2983
  msgid "AUTH log"
2984
  msgstr ""
2985
 
2986
- #: lib/help.php:392
2987
  msgid ""
2988
  "NinjaFirewall can write to the server Authentication log when the brute-"
2989
  "force protection is triggered. This can be useful to the system "
2990
  "administrator for monitoring purposes or banning IPs at the server level."
2991
  msgstr ""
2992
 
2993
- #: lib/help.php:394
2994
  msgid ""
2995
  "If you have a shared hosting account, keep this option disabled as you do "
2996
  "not have any access to the server's logs."
2997
  msgstr ""
2998
 
2999
- #: lib/help.php:396
3000
  msgid ""
3001
  "On Debian-based systems, the log is located in <code>/var/log/auth.log</"
3002
  "code>, and on Red Hat-based systems in <code>/var/log/secure</code>. The "
3003
  "logline uses the following format:"
3004
  msgstr ""
3005
 
3006
- #: lib/help.php:399
3007
  msgid "AA: the process ID (PID)."
3008
  msgstr ""
3009
 
3010
- #: lib/help.php:400
3011
  msgid "BB: the user IPv4 or IPv6 address."
3012
  msgstr ""
3013
 
3014
- #: lib/help.php:401
3015
  msgid "CC: the blog (sub-)domain name."
3016
  msgstr ""
3017
 
3018
- #: lib/help.php:402
3019
  msgid ""
3020
  "DD: the target: it can be either <code>wp-login.php</code> or <code>XML-RPC "
3021
  "API</code>."
3022
  msgstr ""
3023
 
3024
- #: lib/help.php:403
3025
  msgid "EE: the time, in minutes, the protection will remain active."
3026
  msgstr ""
3027
 
3028
- #: lib/help.php:405
3029
  msgid "Sample loglines:"
3030
  msgstr ""
3031
 
3032
- #: lib/help.php:408
3033
  #, php-format
3034
  msgid ""
3035
  "Be careful if you are behind a load balancer, reverse-proxy or CDN because "
@@ -3040,46 +3034,46 @@ msgid ""
3040
  "otherwise you will likely block legitimate users."
3041
  msgstr ""
3042
 
3043
- #: lib/help.php:424
3044
  msgid ""
3045
  "The firewall log displays blocked and sanitised requests as well as some "
3046
  "useful information. It has 6 columns:"
3047
  msgstr ""
3048
 
3049
- #: lib/help.php:425
3050
  msgid "DATE : date and time of the incident."
3051
  msgstr ""
3052
 
3053
- #: lib/help.php:426
3054
  msgid ""
3055
  "INCIDENT : unique incident number/ID as it was displayed to the blocked user."
3056
  msgstr ""
3057
 
3058
- #: lib/help.php:427
3059
  msgid ""
3060
  "LEVEL : level of severity (<code>CRITICAL</code>, <code>HIGH</code> or "
3061
  "<code>MEDIUM</code>), information (<code>INFO</code>, <code>UPLOAD</code>) "
3062
  "and debugging mode (<code>DEBUG_ON</code>)."
3063
  msgstr ""
3064
 
3065
- #: lib/help.php:428
3066
  msgid ""
3067
  "RULE : reference of the NinjaFirewall built-in security rule that triggered "
3068
  "the action. A hyphen (<code>-</code>) instead of a number means it was a "
3069
  "rule from the \"Firewall Policies\" page."
3070
  msgstr ""
3071
 
3072
- #: lib/help.php:429
3073
  msgid "IP : the user IPv4 or IPv6 address."
3074
  msgstr ""
3075
 
3076
- #: lib/help.php:430
3077
  msgid ""
3078
  "REQUEST : the HTTP request including offending variables and values as well "
3079
  "as the reason the action was logged."
3080
  msgstr ""
3081
 
3082
- #: lib/help.php:437
3083
  msgid ""
3084
  "This options lets you configure NinjaFirewall to delete its old logs "
3085
  "automatically. By default, logs are never deleted, <b>even when uninstall "
@@ -3087,56 +3081,56 @@ msgid ""
3087
  "delete old logs."
3088
  msgstr ""
3089
 
3090
- #: lib/help.php:445
3091
  msgid ""
3092
  "Centralized Logging lets you remotely access the firewall log of all your "
3093
  "NinjaFirewall protected websites from one single installation. You do not "
3094
  "need any longer to log in to individual servers to analyse your log data."
3095
  msgstr ""
3096
 
3097
- #: lib/help.php:445
3098
  #, php-format
3099
  msgid "<a href=\"%s\">Consult our blog</a> for more info about it."
3100
  msgstr ""
3101
 
3102
- #: lib/help.php:446
3103
  msgid ""
3104
  "Enter your public key (optional): This is the public key that was created "
3105
  "from your main server."
3106
  msgstr ""
3107
 
3108
- #: lib/help.php:449
3109
  msgid ""
3110
  "Centralized Logging will keep working even if NinjaFirewall is disabled. "
3111
  "Delete your public key below if you want to disable it."
3112
  msgstr ""
3113
 
3114
- #: lib/help.php:471 lib/live_log.php:37 lib/live_log.php:216
3115
- #: ninjafirewall.php:845
3116
  msgid "Live Log"
3117
  msgstr ""
3118
 
3119
- #: lib/help.php:473
3120
  msgid ""
3121
  "Live Log lets you watch your blog traffic in real time, just like the Unix "
3122
  "<code>tail -f</code> command. Note that requests sent to static elements "
3123
  "like JS/CSS files and images are not managed by NinjaFirewall."
3124
  msgstr ""
3125
 
3126
- #: lib/help.php:475
3127
  msgid ""
3128
  "You can enable/disable the monitoring process, change the refresh rate, "
3129
  "clear the screen, enable automatic vertical scrolling, change the log "
3130
  "format, select which traffic you want to view (HTTP/HTTPS) and the timezone."
3131
  msgstr ""
3132
 
3133
- #: lib/help.php:475
3134
  msgid ""
3135
  "You can also apply filters to include or exclude files and folders "
3136
  "(REQUEST_URI)."
3137
  msgstr ""
3138
 
3139
- #: lib/help.php:478
3140
  msgid ""
3141
  "Live Log does not make use of any WordPress core file (e.g., <code>admin-"
3142
  "ajax.php</code>). It communicates directly with the firewall without loading "
@@ -3145,78 +3139,78 @@ msgid ""
3145
  "value."
3146
  msgstr ""
3147
 
3148
- #: lib/help.php:480
3149
  msgid ""
3150
  "If you are using the optional <code>.htninja</code> configuration file to "
3151
  "whitelist your IP, the Live Log feature will not work."
3152
  msgstr ""
3153
 
3154
- #: lib/help.php:485
3155
  msgid "Log Format"
3156
  msgstr ""
3157
 
3158
- #: lib/help.php:486
3159
  msgid "You can easily customize the log format. Possible values are:"
3160
  msgstr ""
3161
 
3162
- #: lib/help.php:487
3163
  msgid "<code>%time</code>: the server date, time and timezone."
3164
  msgstr ""
3165
 
3166
- #: lib/help.php:488
3167
  msgid "<code>%name</code>: authenticated user (HTTP basic auth), if any."
3168
  msgstr ""
3169
 
3170
- #: lib/help.php:489
3171
  #, php-format
3172
  msgid ""
3173
  "<code>%client</code>: the client REMOTE_ADDR. If you are behind a load "
3174
  "balancer or CDN, this will be its IP."
3175
  msgstr ""
3176
 
3177
- #: lib/help.php:490
3178
  msgid "<code>%method</code>: HTTP method (e.g., GET, POST)."
3179
  msgstr ""
3180
 
3181
- #: lib/help.php:491
3182
  #, php-format
3183
  msgid ""
3184
  "<code>%uri</code>: the URI which was given in order to access the page "
3185
  "(REQUEST_URI)."
3186
  msgstr ""
3187
 
3188
- #: lib/help.php:492
3189
  msgid "<code>%referrer</code>: the referrer (HTTP_REFERER), if any."
3190
  msgstr ""
3191
 
3192
- #: lib/help.php:493
3193
  #, php-format
3194
  msgid "<code>%ua</code>: the user-agent (HTTP_USER_AGENT), if any."
3195
  msgstr ""
3196
 
3197
- #: lib/help.php:494
3198
  #, php-format
3199
  msgid ""
3200
  "<code>%forward</code>: HTTP_X_FORWARDED_FOR, if any. If you are behind a "
3201
  "load balancer or CDN, this will likely be the visitor true IP."
3202
  msgstr ""
3203
 
3204
- #: lib/help.php:495
3205
  msgid "<code>%host</code>: the requested host (HTTP_HOST), if any."
3206
  msgstr ""
3207
 
3208
- #: lib/help.php:496
3209
  msgid ""
3210
  "Additionally, you can include any of the following characters: <code>\"</"
3211
  "code>, <code>%</code>, <code>[</code>, <code>]</code>, <code>space</code> "
3212
  "and lowercase letters <code>a-z</code>."
3213
  msgstr ""
3214
 
3215
- #: lib/help.php:508 lib/rules_editor.php:17 ninjafirewall.php:849
3216
  msgid "Rules Editor"
3217
  msgstr ""
3218
 
3219
- #: lib/help.php:510
3220
  msgid ""
3221
  "Besides the \"Firewall Policies\", NinjaFirewall includes also a large set "
3222
  "of built-in rules used to protect your blog against the most common "
@@ -3226,46 +3220,46 @@ msgid ""
3226
  "individually:"
3227
  msgstr ""
3228
 
3229
- #: lib/help.php:512
3230
  msgid ""
3231
  "Check your firewall log and find the rule ID you want to disable (it is "
3232
  "displayed in the <code>RULE</code> column)."
3233
  msgstr ""
3234
 
3235
- #: lib/help.php:513
3236
  msgid ""
3237
  "Select its ID from the enabled rules list below and click the \"Disable it\" "
3238
  "button."
3239
  msgstr ""
3240
 
3241
- #: lib/help.php:515
3242
  msgid ""
3243
  "Note: if the <code>RULE</code> column from your log shows a hyphen <code>-</"
3244
  "code> instead of a number, that means that the rule can be changed in the "
3245
  "\"Firewall Policies\" page."
3246
  msgstr ""
3247
 
3248
- #: lib/help.php:520
3249
  msgid "Credits"
3250
  msgstr ""
3251
 
3252
- #: lib/help.php:522
3253
  msgid ""
3254
  "NinjaFirewall security rules protect against many vulnerabilities. Some of "
3255
  "them were reported by the following companies, individuals or mailing lists:"
3256
  msgstr ""
3257
 
3258
- #: lib/help.php:574 lib/overview.php:132
3259
  msgid "Updates"
3260
  msgstr ""
3261
 
3262
- #: lib/help.php:576
3263
  msgid ""
3264
  "To get the most efficient protection, you can ask NinjaFirewall to "
3265
  "automatically update its security rules."
3266
  msgstr ""
3267
 
3268
- #: lib/help.php:578
3269
  msgid ""
3270
  "Each time a new vulnerability is found in WordPress or one of its plugins/"
3271
  "themes, a new set of security rules will be made available to protect "
@@ -3273,19 +3267,39 @@ msgid ""
3273
  "daily or even hourly."
3274
  msgstr ""
3275
 
3276
- #: lib/help.php:580
3277
  msgid ""
3278
  "Only security rules will be downloaded. If a new version of NinjaFirewall "
3279
  "(including new files, options and features) was available, it would have to "
3280
  "be updated from the dashboard plugins menu as usual."
3281
  msgstr ""
3282
 
3283
- #: lib/help.php:582
3284
  msgid ""
3285
  "We recommend to enable this feature, as it is the <strong>only way to keep "
3286
  "your WordPress secure</strong> against new vulnerabilities."
3287
  msgstr ""
3288
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
3289
  #: lib/install_fullwaf.php:35 lib/install_fullwaf.php:149
3290
  #: lib/install_fullwaf.php:304 lib/install_wpwaf.php:53
3291
  #: lib/install_wpwaf.php:63 lib/install_wpwaf.php:70
@@ -3897,7 +3911,7 @@ msgstr ""
3897
  msgid "Error: unable to write to the %s configuration file"
3898
  msgstr ""
3899
 
3900
- #: lib/network.php:24 ninjafirewall.php:1239 ninjafirewall.php:1243
3901
  #, php-format
3902
  msgid "You are not allowed to perform this task (%s)."
3903
  msgstr ""
@@ -3934,7 +3948,7 @@ msgstr ""
3934
  msgid "A \"Quick Start, FAQ & Troubleshooting Guide\" email was sent to"
3935
  msgstr ""
3936
 
3937
- #: lib/overview.php:62 lib/utils.php:321
3938
  msgid "unknown error"
3939
  msgstr ""
3940
 
@@ -3971,7 +3985,7 @@ msgstr ""
3971
  msgid "PHP SAPI"
3972
  msgstr ""
3973
 
3974
- #: lib/overview.php:122 ninjafirewall.php:1158
3975
  msgid "Version"
3976
  msgstr ""
3977
 
@@ -4200,7 +4214,7 @@ msgstr ""
4200
  msgid "Enable it"
4201
  msgstr ""
4202
 
4203
- #: lib/rules_update.php:73 ninjafirewall.php:853
4204
  msgid "Rules Update"
4205
  msgstr ""
4206
 
@@ -4352,7 +4366,7 @@ msgid ""
4352
  "This notification can be turned off from NinjaFirewall \"Rules Update\" page."
4353
  msgstr ""
4354
 
4355
- #: lib/statistics.php:27 ninjafirewall.php:799
4356
  msgid "Statistics"
4357
  msgstr ""
4358
 
@@ -4396,96 +4410,144 @@ msgstr ""
4396
  msgid "NinjaFirewall has blocked an attempt to create a user account:"
4397
  msgstr ""
4398
 
4399
- #: lib/utils.php:85 lib/utils.php:642
4400
  msgid "Username:"
4401
  msgstr ""
4402
 
4403
- #: lib/utils.php:86 lib/utils.php:643 lib/utils.php:847
4404
  msgid "User IP:"
4405
  msgstr ""
4406
 
4407
- #: lib/utils.php:89 lib/utils.php:501 lib/utils.php:646 lib/utils.php:850
4408
  msgid "Date:"
4409
  msgstr ""
4410
 
4411
- #: lib/utils.php:96 lib/utils.php:97 lib/utils.php:656 lib/utils.php:657
4412
- #: lib/utils.php:804 lib/utils.php:805
4413
  msgid "You are not allowed to perform this task."
4414
  msgstr ""
4415
 
4416
- #: lib/utils.php:297 lib/utils.php:301
4417
  msgid "NinjaFirewall error"
4418
  msgstr ""
4419
 
4420
- #: lib/utils.php:298
4421
  #, php-format
4422
  msgid ""
4423
  "%s directory cannot be created. Please review your installation and ensure "
4424
  "that %s is writable."
4425
  msgstr ""
4426
 
4427
- #: lib/utils.php:302
4428
  #, php-format
4429
  msgid ""
4430
  "%s directory is read-only. Please review your installation and ensure that "
4431
  "%s is writable."
4432
  msgstr ""
4433
 
4434
- #: lib/utils.php:323
4435
  msgid "NinjaFirewall fatal error:"
4436
  msgstr ""
4437
 
4438
- #: lib/utils.php:324
4439
  msgid "Review your installation, your site is not protected."
4440
  msgstr ""
4441
 
4442
- #: lib/utils.php:372 lib/utils.php:394
4443
  msgid "Forbidden access"
4444
  msgstr ""
4445
 
4446
- #: lib/utils.php:413
4447
  #, php-format
4448
  msgid ""
4449
  "<strong>ERROR</strong>: Invalid username or password.<br /><a href=\"%s"
4450
  "\">Lost your password</a>?"
4451
  msgstr ""
4452
 
4453
- #: lib/utils.php:496
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
4454
  msgid "[NinjaFirewall] Alert: Database changes detected"
4455
  msgstr ""
4456
 
4457
- #: lib/utils.php:497
4458
  msgid ""
4459
  "NinjaFirewall has detected that one or more administrator accounts were "
4460
  "modified in the database:"
4461
  msgstr ""
4462
 
4463
- #: lib/utils.php:502
4464
  #, php-format
4465
  msgid "Total administrators : %s"
4466
  msgstr ""
4467
 
4468
- #: lib/utils.php:511
4469
  msgid ""
4470
  "If you cannot see any modifications in the above fields, it is possible that "
4471
  "the administrator password was changed."
4472
  msgstr ""
4473
 
4474
- #: lib/utils.php:614
4475
  msgid "Blocked privilege escalation attempt"
4476
  msgstr ""
4477
 
4478
- #: lib/utils.php:639
4479
  msgid "NinjaFirewall has blocked an attempt to gain administrative privileges:"
4480
  msgstr ""
4481
 
4482
- #: lib/utils.php:667
4483
  msgid ""
4484
  "NinjaFirewall brute-force protection is enabled and you are temporarily "
4485
  "whitelisted."
4486
  msgstr ""
4487
 
4488
- #: lib/utils.php:681
4489
  #, php-format
4490
  msgid ""
4491
  "Hey, it seems that you've been using NinjaFirewall for some time. If you "
@@ -4494,67 +4556,67 @@ msgid ""
4494
  "rate it. Thank you!"
4495
  msgstr ""
4496
 
4497
- #: lib/utils.php:826
4498
  msgid "WordPress Address (URL)"
4499
  msgstr ""
4500
 
4501
- #: lib/utils.php:827
4502
  msgid "Site Address (URL)"
4503
  msgstr ""
4504
 
4505
- #: lib/utils.php:828
4506
  msgid "Membership"
4507
  msgstr ""
4508
 
4509
- #: lib/utils.php:829
4510
  msgid "New User Default Role"
4511
  msgstr ""
4512
 
4513
- #: lib/utils.php:832
4514
  msgid "Attempt to modify WordPress settings"
4515
  msgstr ""
4516
 
4517
- #: lib/utils.php:833
4518
  msgid ""
4519
  "NinjaFirewall has blocked an attempt to modify some important WordPress "
4520
  "settings by a user that does not have administrative privileges:"
4521
  msgstr ""
4522
 
4523
- #: lib/utils.php:835
4524
  msgid ""
4525
  "The attempt was blocked and the option was reversed to its original value."
4526
  msgstr ""
4527
 
4528
- #: lib/utils.php:837
4529
  #, php-format
4530
  msgid "Option: %s (%s)"
4531
  msgstr ""
4532
 
4533
- #: lib/utils.php:838
4534
  #, php-format
4535
  msgid "Original value: %s"
4536
  msgstr ""
4537
 
4538
- #: lib/utils.php:839
4539
  #, php-format
4540
  msgid "Modified value: %s"
4541
  msgstr ""
4542
 
4543
- #: lib/utils.php:840
4544
  #, php-format
4545
  msgid "Action taken: %s"
4546
  msgstr ""
4547
 
4548
- #: lib/utils.php:842
4549
  #, php-format
4550
  msgid "You can review this option from your WordPress \"%s\" page."
4551
  msgstr ""
4552
 
4553
- #: lib/utils.php:843
4554
  msgid "Settings > General"
4555
  msgstr ""
4556
 
4557
- #: lib/utils.php:852
4558
  msgid ""
4559
  "This protection (and notification) can be turned off from NinjaFirewall "
4560
  "\"Firewall Policies\" page."
@@ -4779,56 +4841,71 @@ msgid "A true Web Application Firewall to protect and secure WordPress."
4779
  msgstr ""
4780
 
4781
  #: ninjafirewall.php:61
4782
- msgid "Cannot find WordPress configuration file"
 
4783
  msgstr ""
4784
 
4785
  #: ninjafirewall.php:62
 
 
 
 
 
 
 
 
 
 
 
 
 
 
4786
  msgid "Cannot read WordPress configuration file"
4787
  msgstr ""
4788
 
4789
- #: ninjafirewall.php:63
4790
  msgid "Cannot retrieve WordPress database credentials"
4791
  msgstr ""
4792
 
4793
- #: ninjafirewall.php:64
4794
  msgid "Cannot connect to WordPress database"
4795
  msgstr ""
4796
 
4797
- #: ninjafirewall.php:65
4798
  msgid "Cannot retrieve user options from database (#2)"
4799
  msgstr ""
4800
 
4801
- #: ninjafirewall.php:66
4802
  msgid "Cannot retrieve user options from database (#3)"
4803
  msgstr ""
4804
 
4805
- #: ninjafirewall.php:67
4806
  msgid "Cannot retrieve user rules from database (#2)"
4807
  msgstr ""
4808
 
4809
- #: ninjafirewall.php:68
4810
  msgid "Cannot retrieve user rules from database (#3)"
4811
  msgstr ""
4812
 
4813
- #: ninjafirewall.php:69
4814
  msgid ""
4815
  "The firewall has been disabled from the <a href=\"admin.php?page=nfsubopt"
4816
  "\">administration console</a>"
4817
  msgstr ""
4818
 
4819
- #: ninjafirewall.php:70
4820
  msgid "Unable to communicate with the firewall. Please check your settings"
4821
  msgstr ""
4822
 
4823
- #: ninjafirewall.php:71
4824
  msgid "Cannot retrieve user options from database (#1)"
4825
  msgstr ""
4826
 
4827
- #: ninjafirewall.php:72
4828
  msgid "Cannot retrieve user rules from database (#1)"
4829
  msgstr ""
4830
 
4831
- #: ninjafirewall.php:73
4832
  #, php-format
4833
  msgid ""
4834
  "The firewall cannot access its log and cache folders. If you changed the "
@@ -4836,243 +4913,157 @@ msgid ""
4836
  "%s constant (see %s for more info)"
4837
  msgstr ""
4838
 
4839
- #: ninjafirewall.php:98
4840
  msgid ""
4841
  "You do not have \"unfiltered_html\" capability. Please enable it in order to "
4842
  "run NinjaFirewall (or make sure you do not have \"DISALLOW_UNFILTERED_HTML\" "
4843
  "in your wp-config.php script)."
4844
  msgstr ""
4845
 
4846
- #: ninjafirewall.php:105
4847
  #, php-format
4848
  msgid ""
4849
  "NinjaFirewall requires WordPress 3.3 or greater but your current version is "
4850
  "%s."
4851
  msgstr ""
4852
 
4853
- #: ninjafirewall.php:109
4854
  #, php-format
4855
  msgid ""
4856
  "NinjaFirewall requires PHP 5.3 or greater but your current version is %s."
4857
  msgstr ""
4858
 
4859
- #: ninjafirewall.php:113
4860
  #, php-format
4861
  msgid "NinjaFirewall requires the PHP %s extension."
4862
  msgstr ""
4863
 
4864
- #: ninjafirewall.php:117
4865
  msgid ""
4866
  "You have SAFE_MODE enabled. Please disable it, it is deprecated as of PHP "
4867
  "5.3.0 (see http://php.net/safe-mode)."
4868
  msgstr ""
4869
 
4870
- #: ninjafirewall.php:121
4871
  msgid "You are not allowed to activate NinjaFirewall."
4872
  msgstr ""
4873
 
4874
- #: ninjafirewall.php:125
4875
  msgid "NinjaFirewall is not compatible with Microsoft Windows."
4876
  msgstr ""
4877
 
4878
- #: ninjafirewall.php:555
4879
- msgid "ERROR: Failed to update rules"
4880
- msgstr ""
4881
-
4882
- #: ninjafirewall.php:561
4883
- msgid ""
4884
- "NinjaFirewall failed to update its rules. This is a critical error, your "
4885
- "current rules may be corrupted or disabled. In order to solve the problem, "
4886
- "please follow these instructions:"
4887
- msgstr ""
4888
-
4889
- #: ninjafirewall.php:562
4890
- msgid "1. Log in to your WordPress admin dashboard."
4891
- msgstr ""
4892
-
4893
- #: ninjafirewall.php:563
4894
- msgid "2. Go to \"NinjaFirewall > Updates\"."
4895
- msgstr ""
4896
-
4897
- #: ninjafirewall.php:564
4898
- msgid "3. Click on \"Check for updates now!\"."
4899
- msgstr ""
4900
-
4901
- #: ninjafirewall.php:569 ninjafirewall.php:699
4902
- msgid "Support forum"
4903
- msgstr ""
4904
-
4905
- #: ninjafirewall.php:687
4906
  msgid "Alert: WordPress console login"
4907
  msgstr ""
4908
 
4909
- #: ninjafirewall.php:689
4910
  msgid "-Blog:"
4911
  msgstr ""
4912
 
4913
- #: ninjafirewall.php:693
4914
  msgid "Someone just logged in to your WordPress admin console:"
4915
  msgstr ""
4916
 
4917
- #: ninjafirewall.php:694
4918
  msgid "-User:"
4919
  msgstr ""
4920
 
4921
- #: ninjafirewall.php:695
4922
  msgid "-IP:"
4923
  msgstr ""
4924
 
4925
- #: ninjafirewall.php:696
4926
  msgid "-Date:"
4927
  msgstr ""
4928
 
4929
- #: ninjafirewall.php:766
4930
- #, php-format
4931
- msgid "Sorry %s, your request cannot be processed."
4932
- msgstr ""
4933
-
4934
- #: ninjafirewall.php:767
4935
- msgid "For security reasons, it was blocked and logged."
4936
- msgstr ""
4937
-
4938
- #: ninjafirewall.php:769
4939
- msgid ""
4940
- "If you believe this was an error please contact the<br />webmaster and "
4941
- "enclose the following incident ID:"
4942
  msgstr ""
4943
 
4944
- #: ninjafirewall.php:795
4945
  msgid "NinjaFirewall: Overview"
4946
  msgstr ""
4947
 
4948
- #: ninjafirewall.php:799
4949
  msgid "NinjaFirewall: Statistics"
4950
  msgstr ""
4951
 
4952
- #: ninjafirewall.php:803
4953
  msgid "NinjaFirewall: Firewall Options"
4954
  msgstr ""
4955
 
4956
- #: ninjafirewall.php:807
4957
  msgid "NinjaFirewall: Firewall Policies"
4958
  msgstr ""
4959
 
4960
- #: ninjafirewall.php:811
4961
  msgid "NinjaFirewall: File Guard"
4962
  msgstr ""
4963
 
4964
- #: ninjafirewall.php:815
4965
  msgid "NinjaFirewall: File Check"
4966
  msgstr ""
4967
 
4968
- #: ninjafirewall.php:825
4969
  msgid "NinjaFirewall: Anti-Malware"
4970
  msgstr ""
4971
 
4972
- #: ninjafirewall.php:829
4973
  msgid "NinjaFirewall: Network"
4974
  msgstr ""
4975
 
4976
- #: ninjafirewall.php:833
4977
  msgid "NinjaFirewall: Event Notifications"
4978
  msgstr ""
4979
 
4980
- #: ninjafirewall.php:837
4981
  msgid "NinjaFirewall: Log-in Protection"
4982
  msgstr ""
4983
 
4984
- #: ninjafirewall.php:841
4985
  msgid "NinjaFirewall: Firewall Log"
4986
  msgstr ""
4987
 
4988
- #: ninjafirewall.php:845
4989
  msgid "NinjaFirewall: Live Log"
4990
  msgstr ""
4991
 
4992
- #: ninjafirewall.php:849
4993
  msgid "NinjaFirewall: Rules Editor"
4994
  msgstr ""
4995
 
4996
- #: ninjafirewall.php:853
4997
  msgid "NinjaFirewall: Rules Update"
4998
  msgstr ""
4999
 
5000
- #: ninjafirewall.php:860
5001
  msgid "NinjaFirewall: About"
5002
  msgstr ""
5003
 
5004
- #: ninjafirewall.php:860
5005
  msgid "About..."
5006
  msgstr ""
5007
 
5008
- #: ninjafirewall.php:900
5009
  msgid "NinjaFirewall Settings"
5010
  msgstr ""
5011
 
5012
- #: ninjafirewall.php:908
5013
  msgid "NinjaFirewall is enabled"
5014
  msgstr ""
5015
 
5016
- #: ninjafirewall.php:1097
5017
  msgid "Access Restricted"
5018
  msgstr ""
5019
 
5020
- #: ninjafirewall.php:1103
5021
  msgid "Settings"
5022
  msgstr ""
5023
 
5024
- #: ninjafirewall.php:1104
5025
  msgid "Upgrade to Premium"
5026
  msgstr ""
5027
 
5028
- #: ninjafirewall.php:1105
5029
  msgid "Rate it!"
5030
  msgstr ""
5031
-
5032
- #: ninjafirewall.php:1150
5033
- msgid "Plugin"
5034
- msgstr ""
5035
-
5036
- #: ninjafirewall.php:1150 ninjafirewall.php:1154
5037
- msgid "uploaded"
5038
- msgstr ""
5039
-
5040
- #: ninjafirewall.php:1150 ninjafirewall.php:1154
5041
- msgid "installed"
5042
- msgstr ""
5043
-
5044
- #: ninjafirewall.php:1150 ninjafirewall.php:1154
5045
- msgid "activated"
5046
- msgstr ""
5047
-
5048
- #: ninjafirewall.php:1151
5049
- msgid "updated"
5050
- msgstr ""
5051
-
5052
- #: ninjafirewall.php:1151
5053
- msgid "deactivated"
5054
- msgstr ""
5055
-
5056
- #: ninjafirewall.php:1151 ninjafirewall.php:1155
5057
- msgid "deleted"
5058
- msgstr ""
5059
-
5060
- #: ninjafirewall.php:1151 ninjafirewall.php:1155
5061
- msgid "Name"
5062
- msgstr ""
5063
-
5064
- #: ninjafirewall.php:1154
5065
- msgid "Theme"
5066
- msgstr ""
5067
-
5068
- #: ninjafirewall.php:1158
5069
- msgid "upgraded"
5070
- msgstr ""
5071
-
5072
- #: ninjafirewall.php:1166
5073
- msgid "[NinjaFirewall] Alert:"
5074
- msgstr ""
5075
-
5076
- #: ninjafirewall.php:1172
5077
- msgid "NinjaFirewall has detected the following activity on your account:"
5078
- msgstr ""
2
  msgid ""
3
  msgstr ""
4
  "Project-Id-Version: Stable (latest release)\n"
5
+ "POT-Creation-Date: 2019-02-16 22:35+0700\n"
6
  "PO-Revision-Date: 2018-04-05 22:52+0700\n"
7
  "Last-Translator: NinTechNet <contact@nintechnet.com>\n"
8
  "Language-Team: \n"
121
  "level of protection and performance higher than any other security plugin."
122
  msgstr ""
123
 
124
+ #: install.php:156 ninjafirewall.php:487
125
  msgid "Installation"
126
  msgstr ""
127
 
150
  msgid "Privacy policy"
151
  msgstr ""
152
 
153
+ #: install.php:177 lib/about.php:198 lib/help.php:459
154
  msgid ""
155
  "Your website can run NinjaFirewall and be compliant with the General Data "
156
  "Protection Regulation (GDPR). For more info, please visit our blog:"
170
  msgstr ""
171
 
172
  #: install.php:258 lib/firewall_policies.php:107 lib/help.php:168
173
+ #: lib/install_fullwaf.php:33 lib/install_fullwaf.php:141 ninjafirewall.php:512
174
  msgid "Firewall Policies"
175
  msgstr ""
176
 
441
  msgid "Need help? Check our blog:"
442
  msgstr ""
443
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
444
  #: lib/about.php:31
445
  msgid "Error : cannot find changelog :("
446
  msgstr ""
489
  msgid "System Info"
490
  msgstr ""
491
 
492
+ #: lib/about.php:100 lib/help.php:457
493
  msgid "GDPR Compliance"
494
  msgstr ""
495
 
551
  "Program page</a>."
552
  msgstr ""
553
 
554
+ #: lib/anti_malware.php:24 ninjafirewall.php:530
555
  msgid "Anti-Malware"
556
  msgstr ""
557
 
608
  msgid "View firewall log"
609
  msgstr ""
610
 
611
+ #: lib/event_notifications.php:45 lib/help.php:349 ninjafirewall.php:538
612
  msgid "Event Notifications"
613
  msgstr ""
614
 
723
  msgstr ""
724
 
725
  #: lib/event_notifications.php:150 lib/event_notifications.php:162
726
+ #: lib/firewall_policies.php:551 lib/firewall_policies.php:594
727
+ #: lib/firewall_policies.php:614 lib/firewall_policies.php:664
728
+ #: lib/firewall_policies.php:709 lib/firewall_policies.php:719
729
+ #: lib/firewall_policies.php:729 lib/firewall_policies.php:772
730
+ #: lib/firewall_policies.php:815 lib/firewall_policies.php:835
731
+ #: lib/firewall_policies.php:1049 lib/firewall_policies.php:1105
732
+ #: lib/firewall_policies.php:1115 lib/firewall_policies.php:1125
733
+ #: lib/firewall_policies.php:1135 lib/firewall_policies.php:1182
734
+ #: lib/firewall_policies.php:1192 lib/network.php:63 lib/rules_update.php:145
735
  msgid "Yes (default)"
736
  msgstr ""
737
 
810
  msgid "Blocked brute-force attacks:"
811
  msgstr ""
812
 
813
+ #: lib/event_notifications.php:448 lib/utils.php:644 lib/utils.php:795
814
  msgid ""
815
  "This notification can be turned off from NinjaFirewall \"Event Notifications"
816
  "\" page."
817
  msgstr ""
818
 
819
  #: lib/event_notifications.php:452 lib/file_check.php:855
820
+ #: lib/file_check.php:872 lib/firewall_options.php:573 lib/rules_update.php:565
821
+ #: lib/utils.php:544
822
  msgid "Support forum:"
823
  msgstr ""
824
 
846
  msgid "No changes detected."
847
  msgstr ""
848
 
849
+ #: lib/file_check.php:129 lib/help.php:316 ninjafirewall.php:520
850
  msgid "File Check"
851
  msgstr ""
852
 
1026
  msgid "Enable scheduled scans"
1027
  msgstr ""
1028
 
1029
+ #: lib/file_check.php:516 lib/firewall_policies.php:449
1030
+ #: lib/firewall_policies.php:464 lib/firewall_policies.php:474
1031
+ #: lib/firewall_policies.php:484 lib/firewall_policies.php:494
1032
+ #: lib/firewall_policies.php:564 lib/firewall_policies.php:607
1033
+ #: lib/firewall_policies.php:639 lib/firewall_policies.php:677
1034
+ #: lib/firewall_policies.php:765 lib/firewall_policies.php:785
1035
+ #: lib/firewall_policies.php:828 lib/firewall_policies.php:958
1036
+ #: lib/firewall_policies.php:972 lib/firewall_policies.php:997
1037
+ #: lib/firewall_policies.php:1205 lib/login_protection.php:295
1038
  msgid "No (default)"
1039
  msgstr ""
1040
 
1126
  msgid "Error reading new snapshot file."
1127
  msgstr ""
1128
 
1129
+ #: lib/file_check.php:814 ninjafirewall.php:269
1130
  msgid "New file"
1131
  msgstr ""
1132
 
1133
+ #: lib/file_check.php:815 ninjafirewall.php:270
1134
  msgid "Modified file"
1135
  msgstr ""
1136
 
1137
+ #: lib/file_check.php:816 ninjafirewall.php:271
1138
  msgid "Deleted file"
1139
  msgstr ""
1140
 
1144
 
1145
  #: lib/file_check.php:843 lib/file_check.php:845 lib/file_check.php:866
1146
  #: lib/file_check.php:868 lib/rules_update.php:557 lib/rules_update.php:559
1147
+ #: lib/utils.php:84 lib/utils.php:632 lib/utils.php:789 lib/utils.php:995
1148
  msgid "Blog:"
1149
  msgstr ""
1150
 
1169
  msgid "Please enter a number from 1 to 99."
1170
  msgstr ""
1171
 
1172
+ #: lib/file_guard.php:54 lib/help.php:284 ninjafirewall.php:516
1173
  msgid "File Guard"
1174
  msgstr ""
1175
 
1198
  msgstr ""
1199
 
1200
  #: lib/file_guard.php:101 lib/firewall_policies.php:27
1201
+ #: lib/firewall_policies.php:554 lib/firewall_policies.php:597
1202
+ #: lib/firewall_policies.php:617 lib/firewall_policies.php:667
1203
+ #: lib/firewall_policies.php:712 lib/firewall_policies.php:722
1204
+ #: lib/firewall_policies.php:732 lib/firewall_policies.php:775
1205
+ #: lib/firewall_policies.php:818 lib/firewall_policies.php:838
1206
+ #: lib/firewall_policies.php:900 lib/firewall_policies.php:1052
 
1207
  #: lib/firewall_policies.php:1108 lib/firewall_policies.php:1118
1208
+ #: lib/firewall_policies.php:1128 lib/firewall_policies.php:1138
1209
+ #: lib/firewall_policies.php:1185 lib/firewall_policies.php:1195
1210
  #: lib/network.php:64 lib/rules_update.php:148
1211
  msgid "No"
1212
  msgstr ""
1256
  msgid "Your public key has been saved"
1257
  msgstr ""
1258
 
1259
+ #: lib/firewall_log.php:84 lib/help.php:423 ninjafirewall.php:546
1260
  msgid "Firewall Log"
1261
  msgstr ""
1262
 
1293
  msgid "Log Options"
1294
  msgstr ""
1295
 
1296
+ #: lib/firewall_log.php:173 lib/help.php:436
1297
  msgid "Auto-delete log"
1298
  msgstr ""
1299
 
1310
  msgid "Save Log Options"
1311
  msgstr ""
1312
 
1313
+ #: lib/firewall_log.php:202 lib/help.php:444 lib/overview.php:198
1314
  #: lib/wpplus.php:93
1315
  msgid "Centralized Logging"
1316
  msgstr ""
1371
  msgid "Refresh preview"
1372
  msgstr ""
1373
 
1374
+ #: lib/firewall_options.php:71 ninjafirewall.php:508
1375
  msgid "Firewall Options"
1376
  msgstr ""
1377
 
1517
  msgid "Uploaded file is either corrupted or its format is not supported (#%s)"
1518
  msgstr ""
1519
 
1520
+ #: lib/firewall_options.php:427
1521
  msgid "The imported file is not compatible with that version of NinjaFirewall"
1522
  msgstr ""
1523
 
1524
+ #: lib/firewall_options.php:547
1525
  msgid "[NinjaFirewall] Alert: Firewall is disabled"
1526
  msgstr ""
1527
 
1528
+ #: lib/firewall_options.php:549 lib/firewall_options.php:551 lib/utils.php:532
1529
+ #: lib/utils.php:534
 
1530
  msgid "-Blog :"
1531
  msgstr ""
1532
 
1533
+ #: lib/firewall_options.php:555
1534
  msgid "Someone disabled NinjaFirewall from your WordPress admin dashboard:"
1535
  msgstr ""
1536
 
1537
+ #: lib/firewall_options.php:558
1538
  msgid ""
1539
  "NinjaFirewall is disabled because someone enabled debugging mode from your "
1540
  "WordPress admin dashboard:"
1541
  msgstr ""
1542
 
1543
+ #: lib/firewall_options.php:561
1544
  msgid "[NinjaFirewall] Alert: Firewall override settings"
1545
  msgstr ""
1546
 
1547
+ #: lib/firewall_options.php:562
1548
  msgid ""
1549
  "Someone imported a new configuration which overrode the firewall settings:"
1550
  msgstr ""
1551
 
1552
+ #: lib/firewall_options.php:568 lib/utils.php:539
1553
  msgid "-User :"
1554
  msgstr ""
1555
 
1556
+ #: lib/firewall_options.php:569 lib/utils.php:540
1557
  msgid "-IP :"
1558
  msgstr ""
1559
 
1560
+ #: lib/firewall_options.php:570 lib/utils.php:541
1561
  msgid "-Date :"
1562
  msgstr ""
1563
 
1564
+ #: lib/firewall_policies.php:26 lib/firewall_policies.php:446
1565
+ #: lib/firewall_policies.php:461 lib/firewall_policies.php:471
1566
+ #: lib/firewall_policies.php:481 lib/firewall_policies.php:491
1567
+ #: lib/firewall_policies.php:561 lib/firewall_policies.php:604
1568
+ #: lib/firewall_policies.php:636 lib/firewall_policies.php:674
1569
+ #: lib/firewall_policies.php:762 lib/firewall_policies.php:782
1570
+ #: lib/firewall_policies.php:825 lib/firewall_policies.php:957
1571
+ #: lib/firewall_policies.php:971 lib/firewall_policies.php:996
1572
+ #: lib/firewall_policies.php:1202
1573
  msgid "Yes"
1574
  msgstr ""
1575
 
1576
  #: lib/firewall_policies.php:28 lib/firewall_policies.php:192
1577
+ #: lib/firewall_policies.php:390
1578
  msgid "(default)"
1579
  msgstr ""
1580
 
1614
  msgid "Basic Policies"
1615
  msgstr ""
1616
 
1617
+ #: lib/firewall_policies.php:131 lib/help.php:198
1618
  msgid "Intermediate Policies"
1619
  msgstr ""
1620
 
1621
+ #: lib/firewall_policies.php:132 lib/help.php:229
1622
  msgid "Advanced Policies"
1623
  msgstr ""
1624
 
1662
  msgid "substitution character:"
1663
  msgstr ""
1664
 
1665
+ #: lib/firewall_policies.php:318
1666
  msgid "Block direct access to any PHP file located in one of these directories"
1667
  msgstr ""
1668
 
1669
+ #: lib/firewall_policies.php:348
1670
  msgid ""
1671
  "NinjaFirewall will not block access to the TinyMCE WYSIWYG editor even if "
1672
  "this option is enabled."
1673
  msgstr ""
1674
 
1675
+ #: lib/firewall_policies.php:363
1676
  msgid ""
1677
  "Unless you have PHP scripts in a \"/cache/\" folder that need to be accessed "
1678
  "by your visitors, we recommend to enable this option."
1679
  msgstr ""
1680
 
1681
+ #: lib/firewall_policies.php:374 lib/firewall_policies.php:379
1682
  #, php-format
1683
  msgid ""
1684
  "If you are using the %s plugin, blocking <code>system.multicall</code> may "
1685
  "prevent it from working correctly."
1686
  msgstr ""
1687
 
1688
+ #: lib/firewall_policies.php:387
1689
  msgid "General"
1690
  msgstr ""
1691
 
1692
+ #: lib/firewall_policies.php:390 lib/help.php:184
1693
  msgid "Block attempts to modify important WordPress settings"
1694
  msgstr ""
1695
 
1696
+ #: lib/firewall_policies.php:391 lib/help.php:185
1697
  msgid "Block user accounts creation"
1698
  msgstr ""
1699
 
1700
+ #: lib/firewall_policies.php:392
1701
  msgid "Do not enable this policy if you allow user registration."
1702
  msgstr ""
1703
 
1704
+ #: lib/firewall_policies.php:397
1705
  msgid "Protect against username enumeration"
1706
  msgstr ""
1707
 
1708
+ #: lib/firewall_policies.php:400
1709
  msgid "Through the author archives"
1710
  msgstr ""
1711
 
1712
+ #: lib/firewall_policies.php:401
1713
  msgid "Through the login page"
1714
  msgstr ""
1715
 
1716
+ #: lib/firewall_policies.php:402
1717
  msgid "Through the WordPress REST API"
1718
  msgstr ""
1719
 
1720
+ #: lib/firewall_policies.php:410
1721
  msgid "This feature is only available when running WordPress 4.7 or above."
1722
  msgstr ""
1723
 
1724
+ #: lib/firewall_policies.php:417
1725
  msgid "WordPress REST API"
1726
  msgstr ""
1727
 
1728
+ #: lib/firewall_policies.php:420 lib/firewall_policies.php:428
1729
  msgid "Block any access to the API"
1730
  msgstr ""
1731
 
1732
+ #: lib/firewall_policies.php:425
1733
  msgid "WordPress XML-RPC API"
1734
  msgstr ""
1735
 
1736
+ #: lib/firewall_policies.php:430
1737
  msgid "Block <code>system.multicall</code> method"
1738
  msgstr ""
1739
 
1740
+ #: lib/firewall_policies.php:432
1741
  msgid "Block Pingbacks"
1742
  msgstr ""
1743
 
1744
+ #: lib/firewall_policies.php:439
1745
  msgid ""
1746
  "Disabling access to the REST or XML-RPC API may break some functionality on "
1747
  "your blog, its themes or plugins."
1748
  msgstr ""
1749
 
1750
+ #: lib/firewall_policies.php:443
1751
  msgid "Block <code>POST</code> requests in the themes folder"
1752
  msgstr ""
1753
 
1754
+ #: lib/firewall_policies.php:458
1755
  msgid "Force SSL for admin and logins"
1756
  msgstr ""
1757
 
1758
+ #: lib/firewall_policies.php:468
1759
  msgid "Disable the plugin and theme editor"
1760
  msgstr ""
1761
 
1762
+ #: lib/firewall_policies.php:478
1763
  msgid "Disable plugin and theme update/installation"
1764
  msgstr ""
1765
 
1766
+ #: lib/firewall_policies.php:488
1767
+ msgid "Disable the fatal error handler"
1768
+ msgstr ""
1769
+
1770
+ #: lib/firewall_policies.php:514 lib/help.php:270
1771
  msgid "Users Whitelist"
1772
  msgstr ""
1773
 
1774
+ #: lib/firewall_policies.php:517
1775
  msgid "Add the Administrator to the whitelist (default)."
1776
  msgstr ""
1777
 
1778
+ #: lib/firewall_policies.php:518
1779
  msgid "Add all logged in users to the whitelist."
1780
  msgstr ""
1781
 
1782
+ #: lib/firewall_policies.php:519
1783
  msgid "Disable users whitelist."
1784
  msgstr ""
1785
 
1786
+ #: lib/firewall_policies.php:520
1787
  msgid ""
1788
  "Note: This feature does not apply to <code>FORCE_SSL_ADMIN</code>, "
1789
+ "<code>DISALLOW_FILE_EDIT</code>, <code>DISALLOW_FILE_MODS</code> and "
1790
+ "<code>WP_DISABLE_FATAL_ERROR_HANDLER</code> options which, if enabled, are "
1791
+ "always enforced."
1792
  msgstr ""
1793
 
1794
+ #: lib/firewall_policies.php:545 lib/help.php:200
1795
  msgid "HTTP GET variable"
1796
  msgstr ""
1797
 
1798
+ #: lib/firewall_policies.php:548
1799
  msgid "Scan <code>GET</code> variable"
1800
  msgstr ""
1801
 
1802
+ #: lib/firewall_policies.php:558
1803
  msgid "Sanitise <code>GET</code> variable"
1804
  msgstr ""
1805
 
1806
+ #: lib/firewall_policies.php:588 lib/help.php:203
1807
  msgid "HTTP POST variable"
1808
  msgstr ""
1809
 
1810
+ #: lib/firewall_policies.php:591
1811
  msgid "Scan <code>POST</code> variable"
1812
  msgstr ""
1813
 
1814
+ #: lib/firewall_policies.php:601
1815
  msgid "Sanitise <code>POST</code> variable"
1816
  msgstr ""
1817
 
1818
+ #: lib/firewall_policies.php:607 lib/firewall_policies.php:639
1819
  msgid "Do not enable this option unless you know what you are doing!"
1820
  msgstr ""
1821
 
1822
+ #: lib/firewall_policies.php:611
1823
  msgid "Decode Base64-encoded <code>POST</code> variable"
1824
  msgstr ""
1825
 
1826
+ #: lib/firewall_policies.php:630 lib/help.php:207
1827
  msgid "HTTP REQUEST variable"
1828
  msgstr ""
1829
 
1830
+ #: lib/firewall_policies.php:633
1831
  msgid "Sanitise <code>REQUEST</code> variable"
1832
  msgstr ""
1833
 
1834
+ #: lib/firewall_policies.php:658 lib/help.php:210
1835
  msgid "Cookies"
1836
  msgstr ""
1837
 
1838
+ #: lib/firewall_policies.php:661
1839
  msgid "Scan cookies"
1840
  msgstr ""
1841
 
1842
+ #: lib/firewall_policies.php:671
1843
  msgid "Sanitise cookies"
1844
  msgstr ""
1845
 
1846
+ #: lib/firewall_policies.php:703 lib/help.php:213
1847
  msgid "HTTP_USER_AGENT server variable"
1848
  msgstr ""
1849
 
1850
+ #: lib/firewall_policies.php:706
1851
  msgid "Scan <code>HTTP_USER_AGENT</code>"
1852
  msgstr ""
1853
 
1854
+ #: lib/firewall_policies.php:716
1855
  msgid "Sanitise <code>HTTP_USER_AGENT</code>"
1856
  msgstr ""
1857
 
1858
+ #: lib/firewall_policies.php:726
1859
  msgid "Block suspicious bots/scanners"
1860
  msgstr ""
1861
 
1862
+ #: lib/firewall_policies.php:756 lib/help.php:217
1863
  msgid "HTTP_REFERER server variable"
1864
  msgstr ""
1865
 
1866
+ #: lib/firewall_policies.php:759
1867
  msgid "Scan <code>HTTP_REFERER</code>"
1868
  msgstr ""
1869
 
1870
+ #: lib/firewall_policies.php:769
1871
  msgid "Sanitise <code>HTTP_REFERER</code>"
1872
  msgstr ""
1873
 
1874
+ #: lib/firewall_policies.php:779
1875
  msgid ""
1876
  "Block <code>POST</code> requests that do not have an <code>HTTP_REFERER</"
1877
  "code> header"
1878
  msgstr ""
1879
 
1880
+ #: lib/firewall_policies.php:785
1881
  msgid ""
1882
  "Keep this option disabled if you are using scripts like Paypal IPN, "
1883
  "WordPress WP-Cron etc"
1884
  msgstr ""
1885
 
1886
+ #: lib/firewall_policies.php:812
1887
  msgid "Block localhost IP in <code>GET/POST</code> request"
1888
  msgstr ""
1889
 
1890
+ #: lib/firewall_policies.php:822
1891
  msgid "Block HTTP requests with an IP in the <code>HTTP_HOST</code> header"
1892
  msgstr ""
1893
 
1894
+ #: lib/firewall_policies.php:832
1895
  msgid "Scan traffic coming from localhost and private IP address spaces"
1896
  msgstr ""
1897
 
1898
+ #: lib/firewall_policies.php:854
1899
  #, php-format
1900
  msgid ""
1901
  "This option is disabled because the %s PHP function is not available on your "
1902
  "server."
1903
  msgstr ""
1904
 
1905
+ #: lib/firewall_policies.php:869 lib/help.php:231
1906
  msgid "HTTP response headers"
1907
  msgstr ""
1908
 
1909
+ #: lib/firewall_policies.php:872
1910
  #, php-format
1911
  msgid "Set %s to protect against MIME type confusion attacks"
1912
  msgstr ""
1913
 
1914
+ #: lib/firewall_policies.php:882
1915
  #, php-format
1916
  msgid "Set %s to protect against clickjacking attempts"
1917
  msgstr ""
1918
 
1919
+ #: lib/firewall_policies.php:891
1920
  #, php-format
1921
  msgid "Set %s (IE/Edge, Chrome, Opera and Safari browsers)"
1922
  msgstr ""
1923
 
1924
+ #: lib/firewall_policies.php:895 lib/firewall_policies.php:896
1925
+ #: lib/firewall_policies.php:899
1926
  #, php-format
1927
  msgid "Set to %s"
1928
  msgstr ""
1929
 
1930
+ #: lib/firewall_policies.php:904
1931
  #, php-format
1932
  msgid "Force %s flag on all cookies to mitigate XSS attacks"
1933
  msgstr ""
1934
 
1935
+ #: lib/firewall_policies.php:910
1936
  msgid ""
1937
  "If your PHP scripts use cookies that need to be accessed from JavaScript, "
1938
  "you should disable this option."
1939
  msgstr ""
1940
 
1941
+ #: lib/firewall_policies.php:916
1942
  msgid ""
1943
  "HSTS headers can only be set when you are accessing your site over HTTPS."
1944
  msgstr ""
1945
 
1946
+ #: lib/firewall_policies.php:923
1947
  #, php-format
1948
  msgid "Set %s (HSTS) to enforce secure connections to the server"
1949
  msgstr ""
1950
 
1951
+ #: lib/firewall_policies.php:926
1952
  msgid "1 month"
1953
  msgstr ""
1954
 
1955
+ #: lib/firewall_policies.php:927
1956
  msgid "6 months"
1957
  msgstr ""
1958
 
1959
+ #: lib/firewall_policies.php:928
1960
  msgid "1 year"
1961
  msgstr ""
1962
 
1963
+ #: lib/firewall_policies.php:930
1964
  msgid "Apply to subdomains"
1965
  msgstr ""
1966
 
1967
+ #: lib/firewall_policies.php:934
1968
  msgid "Set <code>max-age</code> to 0"
1969
  msgstr ""
1970
 
1971
+ #: lib/firewall_policies.php:954
1972
  #, php-format
1973
  msgid "Set %s for the website frontend"
1974
  msgstr ""
1975
 
1976
+ #: lib/firewall_policies.php:962
1977
  msgid "This CSP header will apply to the website frontend only."
1978
  msgstr ""
1979
 
1980
+ #: lib/firewall_policies.php:968
1981
  #, php-format
1982
  msgid "Set %s for the WordPress admin dashboard"
1983
  msgstr ""
1984
 
1985
+ #: lib/firewall_policies.php:976
1986
  msgid "This CSP header will apply to the WordPress admin dashboard only."
1987
  msgstr ""
1988
 
1989
+ #: lib/firewall_policies.php:992
1990
  #, php-format
1991
  msgid "Set %s (Chrome, Opera and Firefox browsers)"
1992
  msgstr ""
1993
 
1994
+ #: lib/firewall_policies.php:1046
1995
  msgid ""
1996
  "Block PHP built-in wrappers in <code>GET</code>, <code>POST</code>, "
1997
  "<code>HTTP_USER_AGENT</code>, <code>HTTP_REFERER</code> and cookies"
1998
  msgstr ""
1999
 
2000
+ #: lib/firewall_policies.php:1089
2001
  msgid "Block serialized PHP objects in the following global variables"
2002
  msgstr ""
2003
 
2004
+ #: lib/firewall_policies.php:1102
2005
  msgid "Hide PHP notice and error messages"
2006
  msgstr ""
2007
 
2008
+ #: lib/firewall_policies.php:1112
2009
  msgid "Sanitise <code>PHP_SELF</code>"
2010
  msgstr ""
2011
 
2012
+ #: lib/firewall_policies.php:1122
2013
  msgid "Sanitise <code>PATH_TRANSLATED</code>"
2014
  msgstr ""
2015
 
2016
+ #: lib/firewall_policies.php:1132
2017
  msgid "Sanitise <code>PATH_INFO</code>"
2018
  msgstr ""
2019
 
2020
+ #: lib/firewall_policies.php:1152
2021
  msgid "This option is not compatible with your actual configuration."
2022
  msgstr ""
2023
 
2024
+ #: lib/firewall_policies.php:1176 lib/help.php:261
2025
  msgid "Various"
2026
  msgstr ""
2027
 
2028
+ #: lib/firewall_policies.php:1179
2029
  msgid "Block the <code>DOCUMENT_ROOT</code> server variable in HTTP request"
2030
  msgstr ""
2031
 
2032
+ #: lib/firewall_policies.php:1189
2033
  msgid "Block ASCII character 0x00 (NULL byte)"
2034
  msgstr ""
2035
 
2036
+ #: lib/firewall_policies.php:1199
2037
  msgid "Block ASCII control characters 1 to 8 and 14 to 31"
2038
  msgstr ""
2039
 
2040
+ #: lib/firewall_policies.php:1215
2041
  msgid "Save Firewall Policies"
2042
  msgstr ""
2043
 
2044
+ #: lib/firewall_policies.php:1217
2045
  msgid "Restore Default Values"
2046
  msgstr ""
2047
 
2048
+ #: lib/help.php:37 ninjafirewall.php:500
2049
  msgid "Overview"
2050
  msgstr ""
2051
 
2412
  "this constant also disables the Plugin and Theme editor."
2413
  msgstr ""
2414
 
2415
+ #: lib/help.php:193
2416
+ msgid "Disable the fatal error handler <code>WP_Fatal_Error_Handler</code>:"
2417
+ msgstr ""
2418
+
2419
+ #: lib/help.php:193
2420
+ msgid ""
2421
+ "this option will disable the WSOD protection introduced in WordPress 5.1."
2422
+ msgstr ""
2423
+
2424
+ #: lib/help.php:201
2425
  msgid "Whether to scan and/or sanitise the <code>GET</code> variable."
2426
  msgstr ""
2427
 
2428
+ #: lib/help.php:204
2429
  msgid "Whether to scan and/or sanitise the <code>POST</code> variable."
2430
  msgstr ""
2431
 
2432
+ #: lib/help.php:205
2433
  msgid "Decode Base64-encoded <code>POST</code> variable:"
2434
  msgstr ""
2435
 
2436
+ #: lib/help.php:205
2437
  msgid ""
2438
  "NinjaFirewall will decode and scan base64 encoded values in order to detect "
2439
  "obfuscated malicious code. This option is only available for the <code>POST</"
2440
  "code> variable."
2441
  msgstr ""
2442
 
2443
+ #: lib/help.php:208
2444
  msgid "Whether to sanitise the <code>REQUEST</code> variable."
2445
  msgstr ""
2446
 
2447
+ #: lib/help.php:211
2448
  msgid "Whether to scan and/or sanitise cookies."
2449
  msgstr ""
2450
 
2451
+ #: lib/help.php:214
2452
  msgid "Whether to scan and/or sanitise <code>HTTP_USER_AGENT</code> requests."
2453
  msgstr ""
2454
 
2455
+ #: lib/help.php:215
2456
  msgid "Block suspicious bots/scanners:"
2457
  msgstr ""
2458
 
2459
+ #: lib/help.php:215
2460
  msgid ""
2461
  "rejects some known bots, scanners and various malicious scripts attempting "
2462
  "to access your blog."
2463
  msgstr ""
2464
 
2465
+ #: lib/help.php:218
2466
  msgid "Whether to scan and/or sanitise <code>HTTP_REFERER</code> requests."
2467
  msgstr ""
2468
 
2469
+ #: lib/help.php:219
2470
  msgid ""
2471
  "Block POST requests that do not have an <code>HTTP_REFERER</code> header:"
2472
  msgstr ""
2473
 
2474
+ #: lib/help.php:219
2475
  msgid ""
2476
  "this option will block any <code>POST</code> request that does not have a "
2477
  "Referrer header (<code>HTTP_REFERER</code> variable). If you need external "
2482
  "default."
2483
  msgstr ""
2484
 
2485
+ #: lib/help.php:222
2486
  msgid "Block localhost IP in <code>GET/POST</code> requests:"
2487
  msgstr ""
2488
 
2489
+ #: lib/help.php:222
2490
  msgid ""
2491
  "this option will block any <code>GET</code> or <code>POST</code> request "
2492
  "containing the localhost IP (127.0.0.1). It can be useful to block SQL "
2493
  "dumpers and various hacker's shell scripts."
2494
  msgstr ""
2495
 
2496
+ #: lib/help.php:223
2497
  msgid "Block HTTP requests with an IP in the <code>HTTP_HOST</code> header:"
2498
  msgstr ""
2499
 
2500
+ #: lib/help.php:223
2501
  #, php-format
2502
  msgid ""
2503
  "this option will reject any request using an IP instead of a domain name in "
2507
  "than domain names."
2508
  msgstr ""
2509
 
2510
+ #: lib/help.php:224
2511
  msgid "Scan traffic coming from localhost and private IP address spaces:"
2512
  msgstr ""
2513
 
2514
+ #: lib/help.php:224
2515
  msgid ""
2516
  "this option will allow the firewall to scan traffic from all non-routable "
2517
  "private IPs (IPv4 and IPv6) as well as the localhost IP. We recommend to "
2519
  "interconnected)."
2520
  msgstr ""
2521
 
2522
+ #: lib/help.php:233
2523
  msgid ""
2524
  "In addition to filtering incoming requests, NinjaFirewall can also hook the "
2525
  "HTTP response in order to alter its headers. Those modifications can help to "
2526
  "mitigate threats such as XSS, phishing and clickjacking attacks."
2527
  msgstr ""
2528
 
2529
+ #: lib/help.php:235
2530
  msgid ""
2531
  "Set <code>X-Content-Type-Options</code> to protect against MIME type "
2532
  "confusion attacks:"
2533
  msgstr ""
2534
 
2535
+ #: lib/help.php:235
2536
  msgid ""
2537
  "this header will send the nosniff value to instruct the browser to disable "
2538
  "content or MIME sniffing and to use the content-type returned by the server. "
2541
  "such as MIME Confusion Attacks."
2542
  msgstr ""
2543
 
2544
+ #: lib/help.php:236
2545
  msgid ""
2546
  "Set <code>X-Frame-Options</code> to protect against clickjacking attempts:"
2547
  msgstr ""
2548
 
2549
+ #: lib/help.php:236
2550
  msgid ""
2551
  "this header indicates a policy whether a browser must not allow to render a "
2552
  "page in a &lt;frame&gt; or &lt;iframe&gt;. Hosts can declare this policy in "
2555
  "NinjaFirewall accepts two different values:"
2556
  msgstr ""
2557
 
2558
+ #: lib/help.php:238
2559
  msgid ""
2560
  "a browser receiving content with this header must not display this content "
2561
  "in any frame from a page of different origin than the content itself."
2562
  msgstr ""
2563
 
2564
+ #: lib/help.php:239
2565
  msgid ""
2566
  "a browser receiving content with this header must not display this content "
2567
  "in any frame."
2568
  msgstr ""
2569
 
2570
+ #: lib/help.php:242
2571
  msgid "NinjaFirewall does not support the <code>ALLOW-FROM</code> value."
2572
  msgstr ""
2573
 
2574
+ #: lib/help.php:244
2575
  msgid ""
2576
  "Since v3.1.3, WordPress sets this value to <code>SAMEORIGIN</code> for the "
2577
  "administrator and the login page only."
2578
  msgstr ""
2579
 
2580
+ #: lib/help.php:245
2581
  msgid ""
2582
  "Set <code>X-XSS-Protection</code> (IE/Edge, Chrome, Opera and Safari "
2583
  "browsers):"
2584
  msgstr ""
2585
 
2586
+ #: lib/help.php:245
2587
  msgid ""
2588
  "this header allows browsers to identify and block XSS attacks by preventing "
2589
  "malicious scripts from executing. It is enabled by default on all compatible "
2590
  "browsers."
2591
  msgstr ""
2592
 
2593
+ #: lib/help.php:246
2594
  msgid ""
2595
  "If a visitor disabled their browser's XSS filter, you cannot re-enable it "
2596
  "with that option."
2597
  msgstr ""
2598
 
2599
+ #: lib/help.php:248
2600
  msgid ""
2601
  "Force <code>HttpOnly</code> flag on all cookies to mitigate XSS attacks:"
2602
  msgstr ""
2603
 
2604
+ #: lib/help.php:248
2605
  msgid ""
2606
  "adding this flag to cookies helps to mitigate the risk of cross-site "
2607
  "scripting by preventing them from being accessed through client-side "
2612
  "sets that flag on the logged in user cookies only."
2613
  msgstr ""
2614
 
2615
+ #: lib/help.php:249
2616
  msgid ""
2617
  "If your PHP scripts send cookies that need to be accessed from JavaScript, "
2618
  "you should keep that option disabled."
2619
  msgstr ""
2620
 
2621
+ #: lib/help.php:250
2622
  msgid ""
2623
  "Set <code>Strict-Transport-Security</code> (HSTS) to enforce secure "
2624
  "connections to the server:"
2625
  msgstr ""
2626
 
2627
+ #: lib/help.php:250
2628
  msgid ""
2629
  "this policy enforces secure HTTPS connections to the server. Web browsers "
2630
  "will not allow the user to access the web application over insecure HTTP "
2632
  "attacks. Most recent browsers support HSTS headers."
2633
  msgstr ""
2634
 
2635
+ #: lib/help.php:251
2636
  msgid "Set <code>Content-Security-Policy</code>:"
2637
  msgstr ""
2638
 
2639
+ #: lib/help.php:251
2640
  msgid ""
2641
  "this policy helps to mitigate threats such as XSS, phishing and clickjacking "
2642
  "attacks. It covers JavaScript, CSS, HTML frames, web workers, fonts, images, "
2643
  "objects (Java, ActiveX, audio and video files), and other HTML5 features."
2644
  msgstr ""
2645
 
2646
+ #: lib/help.php:251
2647
  msgid ""
2648
  "NinjaFirewall lets you configure the CSP policy separately for the frontend "
2649
  "(blog, website) and the backend (WordPress admin dashboard)."
2650
  msgstr ""
2651
 
2652
+ #: lib/help.php:252
2653
  msgid "Set <code>Referrer-Policy</code>:"
2654
  msgstr ""
2655
 
2656
+ #: lib/help.php:252
2657
  msgid ""
2658
  "this HTTP header governs which referrer information, sent in the Referer "
2659
  "header, should be included with requests made."
2660
  msgstr ""
2661
 
2662
+ #: lib/help.php:256
2663
  msgid "Block PHP built-in wrappers:"
2664
  msgstr ""
2665
 
2666
+ #: lib/help.php:256
2667
  msgid ""
2668
  "PHP has several wrappers for use with the filesystem functions. It is "
2669
  "possible for an attacker to use them to bypass firewalls and various IDS to "
2674
  "request, cookies, user agent and referrer variables."
2675
  msgstr ""
2676
 
2677
+ #: lib/help.php:257
2678
  msgid "Block serialized PHP objects:"
2679
  msgstr ""
2680
 
2681
+ #: lib/help.php:257
2682
  #, php-format
2683
  msgid ""
2684
  "Object Serialization is a PHP feature used by many applications to generate "
2689
  "code> request, cookies, user agent and referrer variables."
2690
  msgstr ""
2691
 
2692
+ #: lib/help.php:258
2693
  msgid "Hide PHP notice and error messages:"
2694
  msgstr ""
2695
 
2696
+ #: lib/help.php:258
2697
  msgid ""
2698
  "this option lets you hide errors returned by your scripts. Such errors can "
2699
  "leak sensitive informations which can be exploited by hackers."
2700
  msgstr ""
2701
 
2702
+ #: lib/help.php:259
2703
  msgid ""
2704
  "Sanitise <code>PHP_SELF</code>, <code>PATH_TRANSLATED</code>, "
2705
  "<code>PATH_INFO</code>:"
2706
  msgstr ""
2707
 
2708
+ #: lib/help.php:259
2709
  msgid ""
2710
  "this option can sanitise any dangerous characters found in those 3 server "
2711
  "variables to prevent various XSS and database injection attempts."
2712
  msgstr ""
2713
 
2714
+ #: lib/help.php:262
2715
  #, php-format
2716
  msgid ""
2717
  "Block the <code>DOCUMENT_ROOT</code> server variable (%s) in HTTP requests:"
2718
  msgstr ""
2719
 
2720
+ #: lib/help.php:262
2721
  msgid ""
2722
  "this option will block scripts attempting to pass the <code>DOCUMENT_ROOT</"
2723
  "code> server variable in a <code>GET</code> or <code>POST</code> request. "
2725
  "legitimate programs do not."
2726
  msgstr ""
2727
 
2728
+ #: lib/help.php:263
2729
  msgid "Block ASCII character 0x00 (NULL byte):"
2730
  msgstr ""
2731
 
2732
+ #: lib/help.php:263
2733
  msgid ""
2734
  "this option will reject any <code>GET</code> or <code>POST</code> request, "
2735
  "<code>HTTP_USER_AGENT</code>, <code>REQUEST_URI</code>, <code>PHP_SELF</"
2738
  "dangerous and should always be rejected."
2739
  msgstr ""
2740
 
2741
+ #: lib/help.php:264
2742
  msgid "Block ASCII control characters 1 to 8 and 14 to 31:"
2743
  msgstr ""
2744
 
2745
+ #: lib/help.php:264
2746
  msgid ""
2747
  "this option will reject any <code>GET</code> or <code>POST</code> request, "
2748
  "<code>HTTP_USER_AGENT</code>, <code>HTTP_REFERER</code> variables containing "
2749
  "ASCII characters from 1 to 8 and 14 to 31."
2750
  msgstr ""
2751
 
2752
+ #: lib/help.php:272
2753
  #, php-format
2754
  msgid ""
2755
  "By default, any logged in WordPress administrator will not be blocked by "
2761
  "enforced."
2762
  msgstr ""
2763
 
2764
+ #: lib/help.php:286
2765
  msgid ""
2766
  "File Guard can detect, in real-time, any access to a PHP file that was "
2767
  "recently modified or created, and alert you about this."
2768
  msgstr ""
2769
 
2770
+ #: lib/help.php:288
2771
  msgid ""
2772
  "If a hacker uploaded a shell script to your site (or injected a backdoor "
2773
  "into an already existing file) and tried to directly access that file using "
2778
  "Notifications\" menu."
2779
  msgstr ""
2780
 
2781
+ #: lib/help.php:289
2782
  msgid ""
2783
  "If you do not want to monitor a folder, you can exclude its full path or a "
2784
  "part of it (e.g., <code>/var/www/public_html/cache/</code> or <code>/cache/</"
2787
  "will ignore it."
2788
  msgstr ""
2789
 
2790
+ #: lib/help.php:290
2791
  msgid ""
2792
  "Multiple values must be comma-separated (e.g., <code>/foo/bar/,/cache/</"
2793
  "code>)."
2794
  msgstr ""
2795
 
2796
+ #: lib/help.php:291
2797
  msgid ""
2798
  "File Guard real-time detection is a totally unique feature, because "
2799
  "NinjaFirewall is the only plugin for WordPress that can hook HTTP requests "
2801
  "package (third-party software, shell script, backdoor etc)."
2802
  msgstr ""
2803
 
2804
+ #: lib/help.php:300 lib/network.php:32 ninjafirewall.php:534
2805
  msgid "Network"
2806
  msgstr ""
2807
 
2808
+ #: lib/help.php:302
2809
  msgid ""
2810
  "Even if NinjaFirewall administration menu is only available to the Super "
2811
  "Admin (from the main site), you can still display its status to all sites in "
2813
  "be visible only to the administrators of those sites."
2814
  msgstr ""
2815
 
2816
+ #: lib/help.php:304
2817
  msgid ""
2818
  "It is recommended to enable this feature as it is the only way to know "
2819
  "whether the sites in your network are protected and if NinjaFirewall "
2820
  "installation was successful."
2821
  msgstr ""
2822
 
2823
+ #: lib/help.php:306
2824
  msgid ""
2825
  "Note that when it is disabled, the icon still remains visible to you, the "
2826
  "Super Admin."
2827
  msgstr ""
2828
 
2829
+ #: lib/help.php:317
2830
  msgid ""
2831
  "File Check lets you perform file integrity monitoring upon request or on a "
2832
  "specific interval."
2833
  msgstr ""
2834
 
2835
+ #: lib/help.php:319
2836
  msgid ""
2837
  "You need to create a snapshot of all your files and then, at a later time, "
2838
  "you can scan your system to compare it with the previous snapshot. Any "
2840
  "file ownership, timestamp as well as file creation and deletion."
2841
  msgstr ""
2842
 
2843
+ #: lib/help.php:320
2844
  #, php-format
2845
  msgid ""
2846
  "Create a snapshot of all files stored in that directory: by default, the "
2847
  "directory is set to WordPress <code>ABSPATH</code> (%s)"
2848
  msgstr ""
2849
 
2850
+ #: lib/help.php:321
2851
  msgid ""
2852
  "Exclude the following files/folders: you can enter a directory or a file "
2853
  "name (e.g., <code>/foo/bar/</code>), or a part of it (e.g., <code>foo</"
2854
  "code>). Or you can exclude a file extension (e.g., <code>.css</code>)."
2855
  msgstr ""
2856
 
2857
+ #: lib/help.php:323
2858
  msgid ""
2859
  "Multiple values must be comma-separated (e.g., <code>/foo/bar/,.css,.png</"
2860
  "code>)."
2861
  msgstr ""
2862
 
2863
+ #: lib/help.php:324
2864
  msgid ""
2865
  "Do not follow symbolic links: by default, NinjaFirewall will not follow "
2866
  "symbolic links."
2867
  msgstr ""
2868
 
2869
+ #: lib/help.php:329
2870
  msgid "Scheduled scans"
2871
  msgstr ""
2872
 
2873
+ #: lib/help.php:330
2874
  msgid ""
2875
  "NinjaFirewall can scan your system on a specific interval (hourly, "
2876
  "twicedaily or daily)."
2877
  msgstr ""
2878
 
2879
+ #: lib/help.php:332
2880
  msgid ""
2881
  "It can either send you a scan report only if changes are detected, or always "
2882
  "send you one after each scan."
2883
  msgstr ""
2884
 
2885
+ #: lib/help.php:334
2886
  msgid ""
2887
  "Reports will be sent to the contact email address defined in the \"Event "
2888
  "Notifications\" menu."
2889
  msgstr ""
2890
 
2891
+ #: lib/help.php:336
2892
  #, php-format
2893
  msgid ""
2894
  "Scheduled scans rely on <a href=\"%s\">WordPress pseudo cron</a> which works "
2895
  "only if your site gets sufficient traffic."
2896
  msgstr ""
2897
 
2898
+ #: lib/help.php:350
2899
  msgid ""
2900
  "NinjaFirewall can alert you by email on specific events triggered within "
2901
  "your blog. They include installations, updates, activations etc, as well as "
2906
  "theme in order to take full control of your website."
2907
  msgstr ""
2908
 
2909
+ #: lib/help.php:361 lib/login_protection.php:21 ninjafirewall.php:542
2910
  msgid "Login Protection"
2911
  msgstr ""
2912
 
2913
+ #: lib/help.php:365
2914
  msgid ""
2915
  "By processing incoming HTTP requests before your blog and any of its "
2916
  "plugins, NinjaFirewall is the only plugin for WordPress able to protect it "
2918
  "from several thousands of different IPs."
2919
  msgstr ""
2920
 
2921
+ #: lib/help.php:367
2922
  msgid ""
2923
  "You can choose two different types of protection: a password or a captcha. "
2924
  "You can enable the protection only if an attack is detected or to keep it "
2925
  "always activated."
2926
  msgstr ""
2927
 
2928
+ #: lib/help.php:369
2929
  msgid "Yes, if under attack:"
2930
  msgstr ""
2931
 
2932
+ #: lib/help.php:371
2933
  msgid ""
2934
  "The protection will be triggered when too many login attempts are detected, "
2935
  "regardless of the offending IP. It blocks the attack instantly and prevents "
2938
  "combination or the captcha code. "
2939
  msgstr ""
2940
 
2941
+ #: lib/help.php:373
2942
  msgid "Always ON:"
2943
  msgstr ""
2944
 
2945
+ #: lib/help.php:375
2946
  msgid ""
2947
  "NinjaFirewall will always enforce the HTTP authentication or captcha "
2948
  "implementation each time you access the login page."
2949
  msgstr ""
2950
 
2951
+ #: lib/help.php:378
2952
  msgid "Type of protection:"
2953
  msgstr ""
2954
 
2955
+ #: lib/help.php:379
2956
  msgid ""
2957
  "<b>Password:</b> It password-protects the login page. NinjaFirewall uses its "
2958
  "own very fast authentication scheme and it is compatible with any HTTP "
2959
  "server (Apache, Nginx, Lighttpd etc)."
2960
  msgstr ""
2961
 
2962
+ #: lib/help.php:380
2963
  msgid "<b>Captcha:</b> It will display a 5-character captcha code."
2964
  msgstr ""
2965
 
2966
+ #: lib/help.php:381
2967
  msgid "Bot protection:"
2968
  msgstr ""
2969
 
2970
+ #: lib/help.php:382
2971
  msgid ""
2972
  "NinjaFirewall will attempt to block bots and scripts immediately, i.e., even "
2973
  "before they start a brute-force attack."
2974
  msgstr ""
2975
 
2976
+ #: lib/help.php:390
2977
  msgid "AUTH log"
2978
  msgstr ""
2979
 
2980
+ #: lib/help.php:393
2981
  msgid ""
2982
  "NinjaFirewall can write to the server Authentication log when the brute-"
2983
  "force protection is triggered. This can be useful to the system "
2984
  "administrator for monitoring purposes or banning IPs at the server level."
2985
  msgstr ""
2986
 
2987
+ #: lib/help.php:395
2988
  msgid ""
2989
  "If you have a shared hosting account, keep this option disabled as you do "
2990
  "not have any access to the server's logs."
2991
  msgstr ""
2992
 
2993
+ #: lib/help.php:397
2994
  msgid ""
2995
  "On Debian-based systems, the log is located in <code>/var/log/auth.log</"
2996
  "code>, and on Red Hat-based systems in <code>/var/log/secure</code>. The "
2997
  "logline uses the following format:"
2998
  msgstr ""
2999
 
3000
+ #: lib/help.php:400
3001
  msgid "AA: the process ID (PID)."
3002
  msgstr ""
3003
 
3004
+ #: lib/help.php:401
3005
  msgid "BB: the user IPv4 or IPv6 address."
3006
  msgstr ""
3007
 
3008
+ #: lib/help.php:402
3009
  msgid "CC: the blog (sub-)domain name."
3010
  msgstr ""
3011
 
3012
+ #: lib/help.php:403
3013
  msgid ""
3014
  "DD: the target: it can be either <code>wp-login.php</code> or <code>XML-RPC "
3015
  "API</code>."
3016
  msgstr ""
3017
 
3018
+ #: lib/help.php:404
3019
  msgid "EE: the time, in minutes, the protection will remain active."
3020
  msgstr ""
3021
 
3022
+ #: lib/help.php:406
3023
  msgid "Sample loglines:"
3024
  msgstr ""
3025
 
3026
+ #: lib/help.php:409
3027
  #, php-format
3028
  msgid ""
3029
  "Be careful if you are behind a load balancer, reverse-proxy or CDN because "
3034
  "otherwise you will likely block legitimate users."
3035
  msgstr ""
3036
 
3037
+ #: lib/help.php:425
3038
  msgid ""
3039
  "The firewall log displays blocked and sanitised requests as well as some "
3040
  "useful information. It has 6 columns:"
3041
  msgstr ""
3042
 
3043
+ #: lib/help.php:426
3044
  msgid "DATE : date and time of the incident."
3045
  msgstr ""
3046
 
3047
+ #: lib/help.php:427
3048
  msgid ""
3049
  "INCIDENT : unique incident number/ID as it was displayed to the blocked user."
3050
  msgstr ""
3051
 
3052
+ #: lib/help.php:428
3053
  msgid ""
3054
  "LEVEL : level of severity (<code>CRITICAL</code>, <code>HIGH</code> or "
3055
  "<code>MEDIUM</code>), information (<code>INFO</code>, <code>UPLOAD</code>) "
3056
  "and debugging mode (<code>DEBUG_ON</code>)."
3057
  msgstr ""
3058
 
3059
+ #: lib/help.php:429
3060
  msgid ""
3061
  "RULE : reference of the NinjaFirewall built-in security rule that triggered "
3062
  "the action. A hyphen (<code>-</code>) instead of a number means it was a "
3063
  "rule from the \"Firewall Policies\" page."
3064
  msgstr ""
3065
 
3066
+ #: lib/help.php:430
3067
  msgid "IP : the user IPv4 or IPv6 address."
3068
  msgstr ""
3069
 
3070
+ #: lib/help.php:431
3071
  msgid ""
3072
  "REQUEST : the HTTP request including offending variables and values as well "
3073
  "as the reason the action was logged."
3074
  msgstr ""
3075
 
3076
+ #: lib/help.php:438
3077
  msgid ""
3078
  "This options lets you configure NinjaFirewall to delete its old logs "
3079
  "automatically. By default, logs are never deleted, <b>even when uninstall "
3081
  "delete old logs."
3082
  msgstr ""
3083
 
3084
+ #: lib/help.php:446
3085
  msgid ""
3086
  "Centralized Logging lets you remotely access the firewall log of all your "
3087
  "NinjaFirewall protected websites from one single installation. You do not "
3088
  "need any longer to log in to individual servers to analyse your log data."
3089
  msgstr ""
3090
 
3091
+ #: lib/help.php:446
3092
  #, php-format
3093
  msgid "<a href=\"%s\">Consult our blog</a> for more info about it."
3094
  msgstr ""
3095
 
3096
+ #: lib/help.php:447
3097
  msgid ""
3098
  "Enter your public key (optional): This is the public key that was created "
3099
  "from your main server."
3100
  msgstr ""
3101
 
3102
+ #: lib/help.php:450
3103
  msgid ""
3104
  "Centralized Logging will keep working even if NinjaFirewall is disabled. "
3105
  "Delete your public key below if you want to disable it."
3106
  msgstr ""
3107
 
3108
+ #: lib/help.php:472 lib/live_log.php:37 lib/live_log.php:216
3109
+ #: ninjafirewall.php:550
3110
  msgid "Live Log"
3111
  msgstr ""
3112
 
3113
+ #: lib/help.php:474
3114
  msgid ""
3115
  "Live Log lets you watch your blog traffic in real time, just like the Unix "
3116
  "<code>tail -f</code> command. Note that requests sent to static elements "
3117
  "like JS/CSS files and images are not managed by NinjaFirewall."
3118
  msgstr ""
3119
 
3120
+ #: lib/help.php:476
3121
  msgid ""
3122
  "You can enable/disable the monitoring process, change the refresh rate, "
3123
  "clear the screen, enable automatic vertical scrolling, change the log "
3124
  "format, select which traffic you want to view (HTTP/HTTPS) and the timezone."
3125
  msgstr ""
3126
 
3127
+ #: lib/help.php:476
3128
  msgid ""
3129
  "You can also apply filters to include or exclude files and folders "
3130
  "(REQUEST_URI)."
3131
  msgstr ""
3132
 
3133
+ #: lib/help.php:479
3134
  msgid ""
3135
  "Live Log does not make use of any WordPress core file (e.g., <code>admin-"
3136
  "ajax.php</code>). It communicates directly with the firewall without loading "
3139
  "value."
3140
  msgstr ""
3141
 
3142
+ #: lib/help.php:481
3143
  msgid ""
3144
  "If you are using the optional <code>.htninja</code> configuration file to "
3145
  "whitelist your IP, the Live Log feature will not work."
3146
  msgstr ""
3147
 
3148
+ #: lib/help.php:486
3149
  msgid "Log Format"
3150
  msgstr ""
3151
 
3152
+ #: lib/help.php:487
3153
  msgid "You can easily customize the log format. Possible values are:"
3154
  msgstr ""
3155
 
3156
+ #: lib/help.php:488
3157
  msgid "<code>%time</code>: the server date, time and timezone."
3158
  msgstr ""
3159
 
3160
+ #: lib/help.php:489
3161
  msgid "<code>%name</code>: authenticated user (HTTP basic auth), if any."
3162
  msgstr ""
3163
 
3164
+ #: lib/help.php:490
3165
  #, php-format
3166
  msgid ""
3167
  "<code>%client</code>: the client REMOTE_ADDR. If you are behind a load "
3168
  "balancer or CDN, this will be its IP."
3169
  msgstr ""
3170
 
3171
+ #: lib/help.php:491
3172
  msgid "<code>%method</code>: HTTP method (e.g., GET, POST)."
3173
  msgstr ""
3174
 
3175
+ #: lib/help.php:492
3176
  #, php-format
3177
  msgid ""
3178
  "<code>%uri</code>: the URI which was given in order to access the page "
3179
  "(REQUEST_URI)."
3180
  msgstr ""
3181
 
3182
+ #: lib/help.php:493
3183
  msgid "<code>%referrer</code>: the referrer (HTTP_REFERER), if any."
3184
  msgstr ""
3185
 
3186
+ #: lib/help.php:494
3187
  #, php-format
3188
  msgid "<code>%ua</code>: the user-agent (HTTP_USER_AGENT), if any."
3189
  msgstr ""
3190
 
3191
+ #: lib/help.php:495
3192
  #, php-format
3193
  msgid ""
3194
  "<code>%forward</code>: HTTP_X_FORWARDED_FOR, if any. If you are behind a "
3195
  "load balancer or CDN, this will likely be the visitor true IP."
3196
  msgstr ""
3197
 
3198
+ #: lib/help.php:496
3199
  msgid "<code>%host</code>: the requested host (HTTP_HOST), if any."
3200
  msgstr ""
3201
 
3202
+ #: lib/help.php:497
3203
  msgid ""
3204
  "Additionally, you can include any of the following characters: <code>\"</"
3205
  "code>, <code>%</code>, <code>[</code>, <code>]</code>, <code>space</code> "
3206
  "and lowercase letters <code>a-z</code>."
3207
  msgstr ""
3208
 
3209
+ #: lib/help.php:509 lib/rules_editor.php:17 ninjafirewall.php:554
3210
  msgid "Rules Editor"
3211
  msgstr ""
3212
 
3213
+ #: lib/help.php:511
3214
  msgid ""
3215
  "Besides the \"Firewall Policies\", NinjaFirewall includes also a large set "
3216
  "of built-in rules used to protect your blog against the most common "
3220
  "individually:"
3221
  msgstr ""
3222
 
3223
+ #: lib/help.php:513
3224
  msgid ""
3225
  "Check your firewall log and find the rule ID you want to disable (it is "
3226
  "displayed in the <code>RULE</code> column)."
3227
  msgstr ""
3228
 
3229
+ #: lib/help.php:514
3230
  msgid ""
3231
  "Select its ID from the enabled rules list below and click the \"Disable it\" "
3232
  "button."
3233
  msgstr ""
3234
 
3235
+ #: lib/help.php:516
3236
  msgid ""
3237
  "Note: if the <code>RULE</code> column from your log shows a hyphen <code>-</"
3238
  "code> instead of a number, that means that the rule can be changed in the "
3239
  "\"Firewall Policies\" page."
3240
  msgstr ""
3241
 
3242
+ #: lib/help.php:521
3243
  msgid "Credits"
3244
  msgstr ""
3245
 
3246
+ #: lib/help.php:523
3247
  msgid ""
3248
  "NinjaFirewall security rules protect against many vulnerabilities. Some of "
3249
  "them were reported by the following companies, individuals or mailing lists:"
3250
  msgstr ""
3251
 
3252
+ #: lib/help.php:575 lib/overview.php:132
3253
  msgid "Updates"
3254
  msgstr ""
3255
 
3256
+ #: lib/help.php:577
3257
  msgid ""
3258
  "To get the most efficient protection, you can ask NinjaFirewall to "
3259
  "automatically update its security rules."
3260
  msgstr ""
3261
 
3262
+ #: lib/help.php:579
3263
  msgid ""
3264
  "Each time a new vulnerability is found in WordPress or one of its plugins/"
3265
  "themes, a new set of security rules will be made available to protect "
3267
  "daily or even hourly."
3268
  msgstr ""
3269
 
3270
+ #: lib/help.php:581
3271
  msgid ""
3272
  "Only security rules will be downloaded. If a new version of NinjaFirewall "
3273
  "(including new files, options and features) was available, it would have to "
3274
  "be updated from the dashboard plugins menu as usual."
3275
  msgstr ""
3276
 
3277
+ #: lib/help.php:583
3278
  msgid ""
3279
  "We recommend to enable this feature, as it is the <strong>only way to keep "
3280
  "your WordPress secure</strong> against new vulnerabilities."
3281
  msgstr ""
3282
 
3283
+ #: lib/install_default.php:168
3284
+ msgid ""
3285
+ "Error: The installer cannot download the security rules from wordpress.org "
3286
+ "website."
3287
+ msgstr ""
3288
+
3289
+ #: lib/install_default.php:169
3290
+ msgid ""
3291
+ "The server may be temporarily down or you may have network connectivity "
3292
+ "problems? Please try again in a few minutes."
3293
+ msgstr ""
3294
+
3295
+ #: lib/install_default.php:170
3296
+ msgid ""
3297
+ "NinjaFirewall downloads its rules over an HTTPS secure connection. Maybe "
3298
+ "your server does not support SSL? You can force NinjaFirewall to use a non-"
3299
+ "secure HTTP connection by adding the following directive to your <strong>wp-"
3300
+ "config.php</strong> file:"
3301
+ msgstr ""
3302
+
3303
  #: lib/install_fullwaf.php:35 lib/install_fullwaf.php:149
3304
  #: lib/install_fullwaf.php:304 lib/install_wpwaf.php:53
3305
  #: lib/install_wpwaf.php:63 lib/install_wpwaf.php:70
3911
  msgid "Error: unable to write to the %s configuration file"
3912
  msgstr ""
3913
 
3914
+ #: lib/network.php:24 ninjafirewall.php:867 ninjafirewall.php:871
3915
  #, php-format
3916
  msgid "You are not allowed to perform this task (%s)."
3917
  msgstr ""
3948
  msgid "A \"Quick Start, FAQ & Troubleshooting Guide\" email was sent to"
3949
  msgstr ""
3950
 
3951
+ #: lib/overview.php:62 lib/utils.php:388
3952
  msgid "unknown error"
3953
  msgstr ""
3954
 
3985
  msgid "PHP SAPI"
3986
  msgstr ""
3987
 
3988
+ #: lib/overview.php:122 lib/utils.php:522
3989
  msgid "Version"
3990
  msgstr ""
3991
 
4214
  msgid "Enable it"
4215
  msgstr ""
4216
 
4217
+ #: lib/rules_update.php:73 ninjafirewall.php:558
4218
  msgid "Rules Update"
4219
  msgstr ""
4220
 
4366
  "This notification can be turned off from NinjaFirewall \"Rules Update\" page."
4367
  msgstr ""
4368
 
4369
+ #: lib/statistics.php:27 ninjafirewall.php:504
4370
  msgid "Statistics"
4371
  msgstr ""
4372
 
4410
  msgid "NinjaFirewall has blocked an attempt to create a user account:"
4411
  msgstr ""
4412
 
4413
+ #: lib/utils.php:85 lib/utils.php:790
4414
  msgid "Username:"
4415
  msgstr ""
4416
 
4417
+ #: lib/utils.php:86 lib/utils.php:791 lib/utils.php:996
4418
  msgid "User IP:"
4419
  msgstr ""
4420
 
4421
+ #: lib/utils.php:89 lib/utils.php:633 lib/utils.php:794 lib/utils.php:999
4422
  msgid "Date:"
4423
  msgstr ""
4424
 
4425
+ #: lib/utils.php:96 lib/utils.php:97 lib/utils.php:804 lib/utils.php:805
4426
+ #: lib/utils.php:953 lib/utils.php:954
4427
  msgid "You are not allowed to perform this task."
4428
  msgstr ""
4429
 
4430
+ #: lib/utils.php:364 lib/utils.php:368
4431
  msgid "NinjaFirewall error"
4432
  msgstr ""
4433
 
4434
+ #: lib/utils.php:365
4435
  #, php-format
4436
  msgid ""
4437
  "%s directory cannot be created. Please review your installation and ensure "
4438
  "that %s is writable."
4439
  msgstr ""
4440
 
4441
+ #: lib/utils.php:369
4442
  #, php-format
4443
  msgid ""
4444
  "%s directory is read-only. Please review your installation and ensure that "
4445
  "%s is writable."
4446
  msgstr ""
4447
 
4448
+ #: lib/utils.php:390
4449
  msgid "NinjaFirewall fatal error:"
4450
  msgstr ""
4451
 
4452
+ #: lib/utils.php:391
4453
  msgid "Review your installation, your site is not protected."
4454
  msgstr ""
4455
 
4456
+ #: lib/utils.php:439 lib/utils.php:461
4457
  msgid "Forbidden access"
4458
  msgstr ""
4459
 
4460
+ #: lib/utils.php:480
4461
  #, php-format
4462
  msgid ""
4463
  "<strong>ERROR</strong>: Invalid username or password.<br /><a href=\"%s"
4464
  "\">Lost your password</a>?"
4465
  msgstr ""
4466
 
4467
+ #: lib/utils.php:514
4468
+ msgid "Plugin"
4469
+ msgstr ""
4470
+
4471
+ #: lib/utils.php:514 lib/utils.php:518
4472
+ msgid "uploaded"
4473
+ msgstr ""
4474
+
4475
+ #: lib/utils.php:514 lib/utils.php:518
4476
+ msgid "installed"
4477
+ msgstr ""
4478
+
4479
+ #: lib/utils.php:514 lib/utils.php:518
4480
+ msgid "activated"
4481
+ msgstr ""
4482
+
4483
+ #: lib/utils.php:515
4484
+ msgid "updated"
4485
+ msgstr ""
4486
+
4487
+ #: lib/utils.php:515
4488
+ msgid "deactivated"
4489
+ msgstr ""
4490
+
4491
+ #: lib/utils.php:515 lib/utils.php:519
4492
+ msgid "deleted"
4493
+ msgstr ""
4494
+
4495
+ #: lib/utils.php:515 lib/utils.php:519
4496
+ msgid "Name"
4497
+ msgstr ""
4498
+
4499
+ #: lib/utils.php:518
4500
+ msgid "Theme"
4501
+ msgstr ""
4502
+
4503
+ #: lib/utils.php:522
4504
+ msgid "upgraded"
4505
+ msgstr ""
4506
+
4507
+ #: lib/utils.php:530
4508
+ msgid "[NinjaFirewall] Alert:"
4509
+ msgstr ""
4510
+
4511
+ #: lib/utils.php:536
4512
+ msgid "NinjaFirewall has detected the following activity on your account:"
4513
+ msgstr ""
4514
+
4515
+ #: lib/utils.php:628
4516
  msgid "[NinjaFirewall] Alert: Database changes detected"
4517
  msgstr ""
4518
 
4519
+ #: lib/utils.php:629
4520
  msgid ""
4521
  "NinjaFirewall has detected that one or more administrator accounts were "
4522
  "modified in the database:"
4523
  msgstr ""
4524
 
4525
+ #: lib/utils.php:634
4526
  #, php-format
4527
  msgid "Total administrators : %s"
4528
  msgstr ""
4529
 
4530
+ #: lib/utils.php:643
4531
  msgid ""
4532
  "If you cannot see any modifications in the above fields, it is possible that "
4533
  "the administrator password was changed."
4534
  msgstr ""
4535
 
4536
+ #: lib/utils.php:762
4537
  msgid "Blocked privilege escalation attempt"
4538
  msgstr ""
4539
 
4540
+ #: lib/utils.php:787
4541
  msgid "NinjaFirewall has blocked an attempt to gain administrative privileges:"
4542
  msgstr ""
4543
 
4544
+ #: lib/utils.php:815
4545
  msgid ""
4546
  "NinjaFirewall brute-force protection is enabled and you are temporarily "
4547
  "whitelisted."
4548
  msgstr ""
4549
 
4550
+ #: lib/utils.php:829
4551
  #, php-format
4552
  msgid ""
4553
  "Hey, it seems that you've been using NinjaFirewall for some time. If you "
4556
  "rate it. Thank you!"
4557
  msgstr ""
4558
 
4559
+ #: lib/utils.php:975
4560
  msgid "WordPress Address (URL)"
4561
  msgstr ""
4562
 
4563
+ #: lib/utils.php:976
4564
  msgid "Site Address (URL)"
4565
  msgstr ""
4566
 
4567
+ #: lib/utils.php:977
4568
  msgid "Membership"
4569
  msgstr ""
4570
 
4571
+ #: lib/utils.php:978
4572
  msgid "New User Default Role"
4573
  msgstr ""
4574
 
4575
+ #: lib/utils.php:981
4576
  msgid "Attempt to modify WordPress settings"
4577
  msgstr ""
4578
 
4579
+ #: lib/utils.php:982
4580
  msgid ""
4581
  "NinjaFirewall has blocked an attempt to modify some important WordPress "
4582
  "settings by a user that does not have administrative privileges:"
4583
  msgstr ""
4584
 
4585
+ #: lib/utils.php:984
4586
  msgid ""
4587
  "The attempt was blocked and the option was reversed to its original value."
4588
  msgstr ""
4589
 
4590
+ #: lib/utils.php:986
4591
  #, php-format
4592
  msgid "Option: %s (%s)"
4593
  msgstr ""
4594
 
4595
+ #: lib/utils.php:987
4596
  #, php-format
4597
  msgid "Original value: %s"
4598
  msgstr ""
4599
 
4600
+ #: lib/utils.php:988
4601
  #, php-format
4602
  msgid "Modified value: %s"
4603
  msgstr ""
4604
 
4605
+ #: lib/utils.php:989
4606
  #, php-format
4607
  msgid "Action taken: %s"
4608
  msgstr ""
4609
 
4610
+ #: lib/utils.php:991
4611
  #, php-format
4612
  msgid "You can review this option from your WordPress \"%s\" page."
4613
  msgstr ""
4614
 
4615
+ #: lib/utils.php:992
4616
  msgid "Settings > General"
4617
  msgstr ""
4618
 
4619
+ #: lib/utils.php:1001
4620
  msgid ""
4621
  "This protection (and notification) can be turned off from NinjaFirewall "
4622
  "\"Firewall Policies\" page."
4841
  msgstr ""
4842
 
4843
  #: ninjafirewall.php:61
4844
+ #, php-format
4845
+ msgid "Sorry %s, your request cannot be processed."
4846
  msgstr ""
4847
 
4848
  #: ninjafirewall.php:62
4849
+ msgid "For security reasons, it was blocked and logged."
4850
+ msgstr ""
4851
+
4852
+ #: ninjafirewall.php:64
4853
+ msgid ""
4854
+ "If you believe this was an error please contact the<br />webmaster and "
4855
+ "enclose the following incident ID:"
4856
+ msgstr ""
4857
+
4858
+ #: ninjafirewall.php:68
4859
+ msgid "Cannot find WordPress configuration file"
4860
+ msgstr ""
4861
+
4862
+ #: ninjafirewall.php:69
4863
  msgid "Cannot read WordPress configuration file"
4864
  msgstr ""
4865
 
4866
+ #: ninjafirewall.php:70
4867
  msgid "Cannot retrieve WordPress database credentials"
4868
  msgstr ""
4869
 
4870
+ #: ninjafirewall.php:71
4871
  msgid "Cannot connect to WordPress database"
4872
  msgstr ""
4873
 
4874
+ #: ninjafirewall.php:72
4875
  msgid "Cannot retrieve user options from database (#2)"
4876
  msgstr ""
4877
 
4878
+ #: ninjafirewall.php:73
4879
  msgid "Cannot retrieve user options from database (#3)"
4880
  msgstr ""
4881
 
4882
+ #: ninjafirewall.php:74
4883
  msgid "Cannot retrieve user rules from database (#2)"
4884
  msgstr ""
4885
 
4886
+ #: ninjafirewall.php:75
4887
  msgid "Cannot retrieve user rules from database (#3)"
4888
  msgstr ""
4889
 
4890
+ #: ninjafirewall.php:76
4891
  msgid ""
4892
  "The firewall has been disabled from the <a href=\"admin.php?page=nfsubopt"
4893
  "\">administration console</a>"
4894
  msgstr ""
4895
 
4896
+ #: ninjafirewall.php:77
4897
  msgid "Unable to communicate with the firewall. Please check your settings"
4898
  msgstr ""
4899
 
4900
+ #: ninjafirewall.php:78
4901
  msgid "Cannot retrieve user options from database (#1)"
4902
  msgstr ""
4903
 
4904
+ #: ninjafirewall.php:79
4905
  msgid "Cannot retrieve user rules from database (#1)"
4906
  msgstr ""
4907
 
4908
+ #: ninjafirewall.php:80
4909
  #, php-format
4910
  msgid ""
4911
  "The firewall cannot access its log and cache folders. If you changed the "
4913
  "%s constant (see %s for more info)"
4914
  msgstr ""
4915
 
4916
+ #: ninjafirewall.php:105
4917
  msgid ""
4918
  "You do not have \"unfiltered_html\" capability. Please enable it in order to "
4919
  "run NinjaFirewall (or make sure you do not have \"DISALLOW_UNFILTERED_HTML\" "
4920
  "in your wp-config.php script)."
4921
  msgstr ""
4922
 
4923
+ #: ninjafirewall.php:112
4924
  #, php-format
4925
  msgid ""
4926
  "NinjaFirewall requires WordPress 3.3 or greater but your current version is "
4927
  "%s."
4928
  msgstr ""
4929
 
4930
+ #: ninjafirewall.php:116
4931
  #, php-format
4932
  msgid ""
4933
  "NinjaFirewall requires PHP 5.3 or greater but your current version is %s."
4934
  msgstr ""
4935
 
4936
+ #: ninjafirewall.php:120
4937
  #, php-format
4938
  msgid "NinjaFirewall requires the PHP %s extension."
4939
  msgstr ""
4940
 
4941
+ #: ninjafirewall.php:124
4942
  msgid ""
4943
  "You have SAFE_MODE enabled. Please disable it, it is deprecated as of PHP "
4944
  "5.3.0 (see http://php.net/safe-mode)."
4945
  msgstr ""
4946
 
4947
+ #: ninjafirewall.php:128
4948
  msgid "You are not allowed to activate NinjaFirewall."
4949
  msgstr ""
4950
 
4951
+ #: ninjafirewall.php:132
4952
  msgid "NinjaFirewall is not compatible with Microsoft Windows."
4953
  msgstr ""
4954
 
4955
+ #: ninjafirewall.php:402
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
4956
  msgid "Alert: WordPress console login"
4957
  msgstr ""
4958
 
4959
+ #: ninjafirewall.php:404
4960
  msgid "-Blog:"
4961
  msgstr ""
4962
 
4963
+ #: ninjafirewall.php:408
4964
  msgid "Someone just logged in to your WordPress admin console:"
4965
  msgstr ""
4966
 
4967
+ #: ninjafirewall.php:409
4968
  msgid "-User:"
4969
  msgstr ""
4970
 
4971
+ #: ninjafirewall.php:410
4972
  msgid "-IP:"
4973
  msgstr ""
4974
 
4975
+ #: ninjafirewall.php:411
4976
  msgid "-Date:"
4977
  msgstr ""
4978
 
4979
+ #: ninjafirewall.php:414
4980
+ msgid "Support forum"
 
 
 
 
 
 
 
 
 
 
 
4981
  msgstr ""
4982
 
4983
+ #: ninjafirewall.php:500
4984
  msgid "NinjaFirewall: Overview"
4985
  msgstr ""
4986
 
4987
+ #: ninjafirewall.php:504
4988
  msgid "NinjaFirewall: Statistics"
4989
  msgstr ""
4990
 
4991
+ #: ninjafirewall.php:508
4992
  msgid "NinjaFirewall: Firewall Options"
4993
  msgstr ""
4994
 
4995
+ #: ninjafirewall.php:512
4996
  msgid "NinjaFirewall: Firewall Policies"
4997
  msgstr ""
4998
 
4999
+ #: ninjafirewall.php:516
5000
  msgid "NinjaFirewall: File Guard"
5001
  msgstr ""
5002
 
5003
+ #: ninjafirewall.php:520
5004
  msgid "NinjaFirewall: File Check"
5005
  msgstr ""
5006
 
5007
+ #: ninjafirewall.php:530
5008
  msgid "NinjaFirewall: Anti-Malware"
5009
  msgstr ""
5010
 
5011
+ #: ninjafirewall.php:534
5012
  msgid "NinjaFirewall: Network"
5013
  msgstr ""
5014
 
5015
+ #: ninjafirewall.php:538
5016
  msgid "NinjaFirewall: Event Notifications"
5017
  msgstr ""
5018
 
5019
+ #: ninjafirewall.php:542
5020
  msgid "NinjaFirewall: Log-in Protection"
5021
  msgstr ""
5022
 
5023
+ #: ninjafirewall.php:546
5024
  msgid "NinjaFirewall: Firewall Log"
5025
  msgstr ""
5026
 
5027
+ #: ninjafirewall.php:550
5028
  msgid "NinjaFirewall: Live Log"
5029
  msgstr ""
5030
 
5031
+ #: ninjafirewall.php:554
5032
  msgid "NinjaFirewall: Rules Editor"
5033
  msgstr ""
5034
 
5035
+ #: ninjafirewall.php:558
5036
  msgid "NinjaFirewall: Rules Update"
5037
  msgstr ""
5038
 
5039
+ #: ninjafirewall.php:565
5040
  msgid "NinjaFirewall: About"
5041
  msgstr ""
5042
 
5043
+ #: ninjafirewall.php:565
5044
  msgid "About..."
5045
  msgstr ""
5046
 
5047
+ #: ninjafirewall.php:605
5048
  msgid "NinjaFirewall Settings"
5049
  msgstr ""
5050
 
5051
+ #: ninjafirewall.php:613
5052
  msgid "NinjaFirewall is enabled"
5053
  msgstr ""
5054
 
5055
+ #: ninjafirewall.php:802
5056
  msgid "Access Restricted"
5057
  msgstr ""
5058
 
5059
+ #: ninjafirewall.php:808
5060
  msgid "Settings"
5061
  msgstr ""
5062
 
5063
+ #: ninjafirewall.php:809
5064
  msgid "Upgrade to Premium"
5065
  msgstr ""
5066
 
5067
+ #: ninjafirewall.php:810
5068
  msgid "Rate it!"
5069
  msgstr ""
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
lib/firewall.php CHANGED
@@ -17,6 +17,7 @@
17
  if ( strpos($_SERVER['SCRIPT_NAME'], '/nfwlog/') !== FALSE ||
18
  strpos($_SERVER['SCRIPT_NAME'], '/ninjafirewall/') !== FALSE ) { die('Forbidden'); }
19
  if (defined('NFW_STATUS')) { return; }
 
20
 
21
  $nfw_ = array();
22
  $nfw_['fw_starttime'] = microtime(true);
@@ -192,6 +193,9 @@ if (! empty($nfw_['nfw_options']['disallow_edit']) ) {
192
  if (! empty($nfw_['nfw_options']['disallow_mods']) ) {
193
  define('DISALLOW_FILE_MODS', true);
194
  }
 
 
 
195
 
196
  $nfw_['a_msg'] = '';
197
  if ( strpos($_SERVER['SCRIPT_NAME'], '/plugins.php' ) !== FALSE ) {
@@ -1030,16 +1034,19 @@ function nfw_transform_string( $string, $where ) {
1030
  $norm = preg_replace(
1031
  array('/[\n\r\t\f\v]/', '`/\*\s*\*/`', '/[\'"`]\x20*[+.]?\x20*[\'"`]/'),
1032
  array('', ' ', ''),
1033
- $norm);
 
1034
  } elseif ( $where == 3 ) {
 
 
 
 
 
1035
  $norm = preg_replace(
1036
  array('`/(\./)+`','`/{2,}`', '`/(.+?)/\.\./\1\b`', '`\n`', '`\\\`'),
1037
  array('/', '/', '/\1', '', ''),
1038
- $string );
1039
- $norm = preg_replace(
1040
- array('`([\\\"\'^])`','`\s([\/(])`', '`([,;]|\s+)`'),
1041
- array('', '\1', ' '),
1042
- $norm );
1043
  }
1044
 
1045
  return $norm;
@@ -1120,7 +1127,7 @@ function nfw_check_b64( $key, $string ) {
1120
  $decoded = base64_decode($string);
1121
  if ( strlen($decoded) < 4 ) { return; }
1122
 
1123
- if ( preg_match( '`\b(?:\$?_(COOKIE|ENV|FILES|(?:GE|POS|REQUES)T|SE(RVER|SSION))|HTTP_(?:(?:POST|GET)_VARS|RAW_POST_DATA)|GLOBALS)\s*[=\[)]|\b(?i:array_map|assert|base64_(?:de|en)code|chmod|curl_exec|(?:ex|im)plode|error_reporting|eval|file(?:_get_contents)?|f(?:open|write|close)|fsockopen|function_exists|gzinflate|md5|move_uploaded_file|ob_start|passthru|[ep]reg_replace|phpinfo|stripslashes|strrev|(?:shell_)?exec|substr|system|unlink)\s*\(|\becho\s*[\'"]|<(?i:a[\s/]|applet|div|embed|i?frame(?:set)?|img|link|meta|marquee|object|script|style|textarea)\b|\W\$\{\s*[\'"]\w+[\'"]|<\?(?i:php|=)|(?i:(?:\b|\d)select\b.+?from\b.+?(?:\b|\d)where|(?:\b|\d)insert\b.+?into\b|(?:\b|\d)union\b.+?(?:\b|\d)select\b|(?:\b|\d)update\b.+?(?:\b|\d)set\b)|^.{0,25}[;{}]?\bO:\+?\d+:"[a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*":\+?\d+:{.*?}`', $decoded) ) {
1124
  nfw_log('BASE64-encoded injection', 'POST:' . $key . ' = ' . $string, '3', 0);
1125
  nfw_block();
1126
  }
@@ -1223,7 +1230,7 @@ function nfw_block() {
1223
  }
1224
 
1225
  echo '<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">' . "\n" .
1226
- '<html><head><title>NinjaFirewall: ' . $http_codes[$nfw_['nfw_options']['ret_code']] .
1227
  '</title><style>body{font-family:sans-serif;font-size:13px;color:#000;}</style><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body bgcolor="white">' . $tmp . '</body></html>';
1228
  exit;
1229
  }
17
  if ( strpos($_SERVER['SCRIPT_NAME'], '/nfwlog/') !== FALSE ||
18
  strpos($_SERVER['SCRIPT_NAME'], '/ninjafirewall/') !== FALSE ) { die('Forbidden'); }
19
  if (defined('NFW_STATUS')) { return; }
20
+ if (defined('WP_CLI') && WP_CLI ) { return; }
21
 
22
  $nfw_ = array();
23
  $nfw_['fw_starttime'] = microtime(true);
193
  if (! empty($nfw_['nfw_options']['disallow_mods']) ) {
194
  define('DISALLOW_FILE_MODS', true);
195
  }
196
+ if (! empty($nfw_['nfw_options']['disable_error_handler']) ) {
197
+ define('WP_DISABLE_FATAL_ERROR_HANDLER', true);
198
+ }
199
 
200
  $nfw_['a_msg'] = '';
201
  if ( strpos($_SERVER['SCRIPT_NAME'], '/plugins.php' ) !== FALSE ) {
1034
  $norm = preg_replace(
1035
  array('/[\n\r\t\f\v]/', '`/\*\s*\*/`', '/[\'"`]\x20*[+.]?\x20*[\'"`]/'),
1036
  array('', ' ', ''),
1037
+ $norm
1038
+ );
1039
  } elseif ( $where == 3 ) {
1040
+ $norm = preg_replace(
1041
+ array('`([\\\"\'^]|\$\w+)`', '`([,;]|\s+)`'),
1042
+ array('', ' '),
1043
+ $string
1044
+ );
1045
  $norm = preg_replace(
1046
  array('`/(\./)+`','`/{2,}`', '`/(.+?)/\.\./\1\b`', '`\n`', '`\\\`'),
1047
  array('/', '/', '/\1', '', ''),
1048
+ $norm
1049
+ );
 
 
 
1050
  }
1051
 
1052
  return $norm;
1127
  $decoded = base64_decode($string);
1128
  if ( strlen($decoded) < 4 ) { return; }
1129
 
1130
+ if ( preg_match( '`\b(?:\$?_(COOKIE|ENV|FILES|(?:GE|POS|REQUES)T|SE(RVER|SSION))|HTTP_(?:(?:POST|GET)_VARS|RAW_POST_DATA)|GLOBALS)\s*[=\[)]|\b(?i:array_map|assert|base64_(?:de|en)code|chmod|curl_exec|(?:ex|im)plode|error_reporting|eval|file(?:_get_contents)?|f(?:open|write|close)|fsockopen|function_exists|gzinflate|md5|move_uploaded_file|ob_start|passthru|[ep]reg_replace|phpinfo|stripslashes|strrev|(?:shell_)?exec|substr|system|unlink)\s*\(|\becho\s*[\'"]|<(?i:a[\s/]|applet|div|embed|i?frame(?:set)?|img|link|meta|marquee|object|script|style|textarea)\b|\W\$\{\s*[\'"]\w+[\'"]|<\?(?i:php|=)|(?i:(?:\b|\d)select\b.+?from\b.+?(?:\b|\d)where|(?:\b|\d)insert\b.+?into\b|(?:\b|\d)union\b.+?(?:\b|\d)select\b|(?:\b|\d)update\b.+?(?:\b|\d)set\b)|^.{0,25}[;{}]?\b[OC]:\+?\d+:"[a-zA-Z_\x7f-\xff][a-zA-Z0-9_\x7f-\xff]*":\+?\d+:{.*?}`', $decoded) ) {
1131
  nfw_log('BASE64-encoded injection', 'POST:' . $key . ' = ' . $string, '3', 0);
1132
  nfw_block();
1133
  }
1230
  }
1231
 
1232
  echo '<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">' . "\n" .
1233
+ '<html><head><title>NinjaFirewall ' . $http_codes[$nfw_['nfw_options']['ret_code']] .
1234
  '</title><style>body{font-family:sans-serif;font-size:13px;color:#000;}</style><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body bgcolor="white">' . $tmp . '</body></html>';
1235
  exit;
1236
  }
lib/firewall_policies.php CHANGED
@@ -141,366 +141,386 @@ wp_nonce_field('policies_save', 'nfwnonce', 0);
141
  // Basic options:
142
  ?>
143
  <div id="basic-options">
144
- <?php
145
- if ( ( isset( $nfw_options['scan_protocol']) ) &&
146
- ( preg_match( '/^[123]$/', $nfw_options['scan_protocol']) ) ) {
147
- $scan_protocol = $nfw_options['scan_protocol'];
148
- } else {
149
- $scan_protocol = 3;
150
- }
151
-
152
- ?>
153
- <h3>HTTP / HTTPS</h3>
154
- <table class="form-table">
155
- <tr>
156
- <th scope="row"><?php _e('Enable NinjaFirewall for', 'ninjafirewall') ?></th>
157
- <td width="20">&nbsp;</td>
158
- <td>
159
- <p><label><input type="radio" name="nfw_options[scan_protocol]" value="3"<?php checked($scan_protocol, 3 ) ?>>&nbsp;<?php _e('HTTP and HTTPS traffic (default)', 'ninjafirewall') ?></label></p>
160
- <p><label><input type="radio" name="nfw_options[scan_protocol]" value="1"<?php checked($scan_protocol, 1 ) ?>>&nbsp;<?php _e('HTTP traffic only', 'ninjafirewall') ?></label></p>
161
- <p><label><input type="radio" name="nfw_options[scan_protocol]" value="2"<?php checked($scan_protocol, 2 ) ?>>&nbsp;<?php _e('HTTPS traffic only', 'ninjafirewall') ?></label></p>
162
- </td>
163
- </tr>
164
- </table>
165
-
166
- <?php
167
- if ( empty( $nfw_options['sanitise_fn']) ) {
168
- $sanitise_fn = 0;
169
- } else {
170
- $sanitise_fn = 1;
171
- }
172
- if ( empty( $nfw_options['uploads']) ) {
173
- $uploads = 0;
174
- $sanitise_fn = 0;
175
- } else {
176
- $uploads = 1;
177
- }
178
- if ( empty( $nfw_options['substitute'] ) || strlen( $nfw_options['substitute'] ) > 1 || $nfw_options['substitute'] == '/' ) {
179
- $substitute = 'X';
180
- } else {
181
- $substitute = htmlspecialchars( $nfw_options['substitute'] );
182
- }
183
- ?>
184
- <br />
185
- <h3><?php _e('Uploads', 'ninjafirewall') ?></h3>
186
- <table class="form-table">
187
- <tr>
188
- <th scope="row"><?php _e('File Uploads', 'ninjafirewall') ?></th>
189
- <td width="20">&nbsp;</td>
190
- <td>
191
- <select name="nfw_options[uploads]" onchange="chksubmenu();">
192
- <option value="1"<?php selected( $uploads, 1 ) ?>><?php echo __('Allow uploads', 'ninjafirewall') .' '. __('(default)', 'ninjafirewall') ?></option>
193
- <option value="0"<?php selected( $uploads, 0 ) ?>><?php _e('Disallow uploads', 'ninjafirewall') ?></option>
194
- </select>
195
- <p id="sanitize-fn"<?php if (! $uploads) { echo ' style="color:#bbbbbb;"'; }?>>
196
- <label><input type="checkbox" onclick='return sanitise_fn(this);' name="nfw_options[sanitise_fn]"<?php checked( $sanitise_fn, 1 ); disabled( $uploads, 0 ) ?> id="san">&nbsp;<?php _e('Sanitise filenames', 'ninjafirewall') ?> (<?php _e('substitution character:', 'ninjafirewall') ?></label> <input id="subs" maxlength="1" size="1" value="<?php echo $substitute ?>" name="nfw_options[substitute]" type="text" <?php disabled( $uploads, 0 ) ?>/> )
197
- </p>
198
- </td>
199
- </tr>
200
- </table>
201
 
202
- <br />
 
 
 
 
 
 
 
 
 
 
 
 
203
 
204
- <?php
205
- if ( @strpos( $nfw_options['wp_dir'], 'wp-admin' ) !== FALSE ) {
206
- $wp_admin = 1;
207
- } else {
208
- $wp_admin = 0;
209
- }
210
- if ( @strpos( $nfw_options['wp_dir'], 'wp-includes' ) !== FALSE ) {
211
- $wp_inc = 1;
212
- } else {
213
- $wp_inc = 0;
214
- }
215
- if ( @strpos( $nfw_options['wp_dir'], 'uploads' ) !== FALSE ) {
216
- $wp_upl = 1;
217
- } else {
218
- $wp_upl = 0;
219
- }
220
- if ( @strpos( $nfw_options['wp_dir'], 'cache' ) !== FALSE ) {
221
- $wp_cache = 1;
222
- } else {
223
- $wp_cache = 0;
224
- }
225
- if ( empty( $nfw_options['disallow_creation']) ) {
226
- $disallow_creation = 0;
227
- } else {
228
- $disallow_creation = 1;
229
- }
230
- if ( empty( $nfw_options['disallow_settings']) ) {
231
- $disallow_settings = 0;
232
- } else {
233
- $disallow_settings = 1;
234
- }
235
- if ( empty( $nfw_options['enum_archives']) ) {
236
- $enum_archives = 0;
237
- } else {
238
- $enum_archives = 1;
239
- }
240
- if ( empty( $nfw_options['enum_login']) ) {
241
- $enum_login = 0;
242
- } else {
243
- $enum_login = 1;
244
- }
245
- if ( empty( $nfw_options['enum_restapi']) ) {
246
- $enum_restapi = 0;
247
- } else {
248
- $enum_restapi = 1;
249
- }
250
- if ( empty( $nfw_options['no_restapi']) ) {
251
- $no_restapi = 0;
252
- } else {
253
- $no_restapi = 1;
254
- }
255
- if ( empty( $nfw_options['no_xmlrpc']) ) {
256
- $no_xmlrpc = 0;
257
- } else {
258
- $no_xmlrpc = 1;
259
- }
260
- if ( empty( $nfw_options['no_xmlrpc_multi']) ) {
261
- $no_xmlrpc_multi = 0;
262
- } else {
263
- $no_xmlrpc_multi = 1;
264
- }
265
- if ( empty( $nfw_options['no_xmlrpc_pingback']) ) {
266
- $no_xmlrpc_pingback = 0;
267
- } else {
268
- $no_xmlrpc_pingback = 1;
269
- }
270
- if ( empty( $nfw_options['no_post_themes']) ) {
271
- $no_post_themes = 0;
272
- } else {
273
- $no_post_themes = 1;
274
- }
275
 
276
- if ( empty( $nfw_options['force_ssl']) ) {
277
- $force_ssl = 0;
278
- } else {
279
- $force_ssl = 1;
280
- }
281
- if ( empty( $nfw_options['disallow_edit']) ) {
282
- $disallow_edit = 0;
283
- } else {
284
- $disallow_edit = 1;
285
- }
286
- if ( empty( $nfw_options['disallow_mods']) ) {
287
- $disallow_mods = 0;
288
- } else {
289
- $disallow_mods = 1;
290
- }
291
 
292
- $force_ssl_already_enabled = 0; $disallow_edit_already_enabled = 0;
293
- $disallow_mods_already_enabled = 0;
294
- if ( defined('DISALLOW_FILE_EDIT') && ! $disallow_edit ) {
295
- $disallow_edit_already_enabled = 1;
296
- }
297
- if ( defined('DISALLOW_FILE_MODS') && ! $disallow_mods ) {
298
- $disallow_mods_already_enabled = 1;
299
- }
300
- if ( defined('FORCE_SSL_ADMIN') && FORCE_SSL_ADMIN == true && ! $force_ssl ) {
301
- $force_ssl_already_enabled = 1;
302
- }
303
- ?>
304
- <h3>WordPress</h3>
305
- <table class="form-table">
306
- <tr>
307
- <th scope="row"><?php
308
- _e('Block direct access to any PHP file located in one of these directories', 'ninjafirewall');
309
- if ( defined('NFW_WPWAF') ) {
310
- echo '<br /><font style="font-weight:400">' . $full_waf_msg . '</font>';
311
- }
312
- ?></th>
313
- <td width="20">&nbsp;</td>
314
- <td>
315
- <table class="form-table">
316
- <tr style="border: solid 1px #DFDFDF;">
317
- <td align="center" width="10"><input type="checkbox" name="nfw_options[wp_admin]" id="wp_01"<?php checked( $wp_admin, 1 ); disabled( $option_disabled, 1) ?>></td>
318
- <td>
319
- <label for="wp_01">
320
- <p><code>/wp-admin/css/*</code></p>
321
- <p><code>/wp-admin/images/*</code></p>
322
- <p><code>/wp-admin/includes/*</code></p>
323
- <p><code>/wp-admin/js/*</code></p>
324
- </label>
325
- </td>
326
- </tr>
327
- <tr style="border: solid 1px #DFDFDF;">
328
- <td align="center" width="10"><input type="checkbox" name="nfw_options[wp_inc]" id="wp_02"<?php checked( $wp_inc, 1 ); disabled( $option_disabled, 1) ?>></td>
329
- <td>
330
- <label for="wp_02">
331
- <p><code>/wp-includes/*.php</code></p>
332
- <p><code>/wp-includes/css/*</code></p>
333
- <p><code>/wp-includes/images/*</code></p>
334
- <p><code>/wp-includes/js/*</code></p>
335
- <p><code>/wp-includes/theme-compat/*</code></p>
336
- </label>
337
- <br />
338
- <span class="description"><?php _e('NinjaFirewall will not block access to the TinyMCE WYSIWYG editor even if this option is enabled.', 'ninjafirewall') ?></span>
339
- </td>
340
- </tr>
341
- <tr style="border: solid 1px #DFDFDF;">
342
- <td align="center" width="10"><input type="checkbox" name="nfw_options[wp_upl]" id="wp_03"<?php checked( $wp_upl, 1 ); disabled( $option_disabled, 1) ?>></td>
343
- <td><label for="wp_03">
344
- <p><code>/<?php echo basename(WP_CONTENT_DIR); ?>/uploads/*</code></p>
345
- <p><code>/<?php echo basename(WP_CONTENT_DIR); ?>/blogs.dir/*</code></p>
346
- </label></td>
347
- </tr>
348
- <tr style="border: solid 1px #DFDFDF;">
349
- <td align="center" style="vertical-align:top" width="10"><input type="checkbox" name="nfw_options[wp_cache]" id="wp_04"<?php checked( $wp_cache, 1 ); disabled( $option_disabled, 1) ?>></td>
350
- <td style="vertical-align:top"><label for="wp_04"><code>*/cache/*</code></label>
351
- <br />
352
- <br />
353
- <span class="description"><?php _e('Unless you have PHP scripts in a "/cache/" folder that need to be accessed by your visitors, we recommend to enable this option.', 'ninjafirewall') ?></span>
354
- </td>
355
- </tr>
356
- </table>
357
- <br />&nbsp;
358
- </td>
359
- </tr>
360
- </table>
 
 
361
 
362
- <?php
363
- if ( is_dir( WP_PLUGIN_DIR . '/jetpack' ) ) {
364
- $is_JetPack = '<p><img src="' . plugins_url() . '/ninjafirewall/images/glyphicons-warning.png">&nbsp;<span class="description">' . sprintf( __('If you are using the %s plugin, blocking <code>system.multicall</code> may prevent it from working correctly.', 'ninjafirewall'), 'Jetpack') . '</span></p>';
365
- } else {
366
- $is_JetPack = '';
367
- }
368
- if ( is_dir( WP_PLUGIN_DIR . '/contact-form-7' ) ) {
369
- $is_CF7 = '<p><img src="' . plugins_url() . '/ninjafirewall/images/glyphicons-warning.png">&nbsp;<span class="description">' . sprintf( __('If you are using the %s plugin, blocking <code>system.multicall</code> may prevent it from working correctly.', 'ninjafirewall'), 'Contact Form 7') . '</span></p>';
370
- } else {
371
- $is_CF7 = '';
372
- }
373
- ?>
 
 
 
 
 
 
 
 
374
 
375
- <table class="form-table">
376
- <tr>
377
- <th scope="row"><?php _e('General', 'ninjafirewall') ?></th>
378
- <td width="20">&nbsp;</td>
379
- <td>
380
- <p><label><input type="checkbox" name="nfw_options[disallow_settings]" value="1"<?php checked( $disallow_settings, 1 ) ?>>&nbsp;<?php echo __('Block attempts to modify important WordPress settings', 'ninjafirewall') .' '. __('(default)', 'ninjafirewall') ?></label></p>
381
- <p><label><input type="checkbox" name="nfw_options[disallow_creation]" value="1"<?php checked( $disallow_creation, 1 ) ?>>&nbsp;<?php _e('Block user accounts creation', 'ninjafirewall') ?></label></p>
382
- <span class="description"><?php _e('Do not enable this policy if you allow user registration.', 'ninjafirewall') ?></span>
383
- </td>
384
- </tr>
385
-
386
- <tr>
387
- <th scope="row"><?php _e('Protect against username enumeration', 'ninjafirewall') ?></th>
388
- <td width="20">&nbsp;</td>
389
- <td>
390
- <p><label><input type="checkbox" name="nfw_options[enum_archives]" value="1"<?php checked( $enum_archives, 1 ) ?>>&nbsp;<?php _e('Through the author archives', 'ninjafirewall') ?></label></p>
391
- <p><label><input type="checkbox" name="nfw_options[enum_login]" value="1"<?php checked( $enum_login, 1 ) ?>>&nbsp;<?php _e('Through the login page', 'ninjafirewall') ?></label></p>
392
- <p><label><input type="checkbox" name="nfw_options[enum_restapi]" value="1"<?php checked( $enum_restapi, 1 ) ?>>&nbsp;<?php _e('Through the WordPress REST API', 'ninjafirewall') ?></label></p>
393
- </td>
394
- </tr>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
395
 
396
  <?php
397
- global $wp_version;
398
- if ( version_compare( $wp_version, '4.7', '<' ) ) {
399
- $restapi_error = '1';
400
- $restapi_msg = '<p><img src="' . plugins_url() . '/ninjafirewall/images/glyphicons-warning.png">&nbsp;<span class="description">' . __('This feature is only available when running WordPress 4.7 or above.', 'ninjafirewall') . '</span></p>';
 
 
 
401
  } else {
402
- $restapi_msg = '';
403
- $restapi_error = 0;
404
  }
405
  ?>
406
- <tr>
407
- <th scope="row"><?php _e('WordPress REST API', 'ninjafirewall') ?>*</th>
408
- <td width="20">&nbsp;</td>
409
- <td>
410
- <p><label><input type="checkbox" name="nfw_options[no_restapi]" value="1"<?php checked( $no_restapi, 1 );disabled( $restapi_error, 1) ?>>&nbsp;<?php _e('Block any access to the API', 'ninjafirewall') ?></label></p>
411
- <?php echo $restapi_msg; ?>
412
- </td>
413
- </tr>
414
  <tr>
415
- <th scope="row"><?php _e('WordPress XML-RPC API', 'ninjafirewall') ?>*</th>
416
- <td width="20">&nbsp;</td>
417
- <td>
418
- <p><label><input type="checkbox" name="nfw_options[no_xmlrpc]" value="1"<?php checked( $no_xmlrpc, 1 ) ?>>&nbsp;<?php _e('Block any access to the API', 'ninjafirewall') ?></label></p>
419
-
420
- <p><label><input type="checkbox" name="nfw_options[no_xmlrpc_multi]" value="1"<?php checked( $no_xmlrpc_multi, 1 ) ?>>&nbsp;<?php _e('Block <code>system.multicall</code> method', 'ninjafirewall') ?></label></p>
421
-
422
- <p><label><input type="checkbox" name="nfw_options[no_xmlrpc_pingback]" value="1"<?php checked( $no_xmlrpc_pingback, 1 ) ?>>&nbsp;<?php _e('Block Pingbacks', 'ninjafirewall') ?></label></p>
423
-
424
- <?php echo $is_JetPack; echo $is_CF7; ?>
425
- </td>
426
- </tr>
427
- </table>
428
-
429
- <span class="description">*<?php _e('Disabling access to the REST or XML-RPC API may break some functionality on your blog, its themes or plugins.', 'ninjafirewall') ?></span>
430
-
431
- <table class="form-table">
432
- <tr valign="top">
433
- <th scope="row" style="vertical-align:top"><?php _e('Block <code>POST</code> requests in the themes folder', 'ninjafirewall') ?> <code>/<?php echo basename(WP_CONTENT_DIR); ?>/themes</code></th>
434
- <td width="20">&nbsp;</td>
435
- <td width="120" style="vertical-align:top">
436
- <label><input type="radio" name="nfw_options[no_post_themes]" value="1"<?php checked( $no_post_themes, 1 ); disabled( $option_disabled, 1) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
437
- </td>
438
- <td style="vertical-align:top">
439
- <label><input type="radio" name="nfw_options[no_post_themes]" value="0"<?php checked( $no_post_themes, 0 ); disabled( $option_disabled, 1) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label>
440
- <?php
441
- if ( defined('NFW_WPWAF') ) {
442
- echo '<br />'. $full_waf_msg;
443
- }
444
  ?>
445
- </td>
446
- </tr>
447
- <tr valign="top">
448
- <th scope="row"><a name="builtinconstants"></a><?php _e('Force SSL for admin and logins', 'ninjafirewall') ?> <code><a href="http://codex.wordpress.org/Editing_wp-config.php#Require_SSL_for_Admin_and_Logins" target="_blank">FORCE_SSL_ADMIN</a></code></th>
449
- <td width="20">&nbsp;</td>
450
- <td width="120">
451
- <label><input type="radio" name="nfw_options[force_ssl]" value="1"<?php checked( $force_ssl, 1 ) ?> onclick="return ssl_warn();" <?php disabled( $force_ssl_already_enabled, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
452
- </td>
453
- <td>
454
- <label><input type="radio" id="ssl_0" name="nfw_options[force_ssl]" value="0"<?php checked( $force_ssl, 0 ) ?> <?php disabled( $force_ssl_already_enabled, 1 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label>
455
- </td>
456
- </tr>
457
- <tr valign="top">
458
- <th scope="row"><?php _e('Disable the plugin and theme editor', 'ninjafirewall') ?> <code><a href="http://codex.wordpress.org/Editing_wp-config.php#Disable_the_Plugin_and_Theme_Editor" target="_blank">DISALLOW_FILE_EDIT</a></code></th>
459
- <td width="20">&nbsp;</td>
460
- <td width="120">
461
- <label><input type="radio" name="nfw_options[disallow_edit]" value="1"<?php checked( $disallow_edit, 1 ) ?> <?php disabled( $disallow_edit_already_enabled, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
462
- </td>
463
- <td>
464
- <label><input type="radio" name="nfw_options[disallow_edit]" value="0"<?php checked( $disallow_edit, 0 ) ?> <?php disabled( $disallow_edit_already_enabled, 1 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label>
465
- </td>
466
- </tr>
467
- <tr valign="top">
468
- <th scope="row"><?php _e('Disable plugin and theme update/installation', 'ninjafirewall') ?> <code><a href="http://codex.wordpress.org/Editing_wp-config.php#Disable_Plugin_and_Theme_Update_and_Installation" target="_blank">DISALLOW_FILE_MODS</a></code></th>
469
- <td width="20">&nbsp;</td>
470
- <td width="120">
471
- <label><input type="radio" name="nfw_options[disallow_mods]" value="1"<?php checked( $disallow_mods, 1 ) ?> <?php disabled( $disallow_mods_already_enabled, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
472
- </td>
473
- <td>
474
- <label><input type="radio" name="nfw_options[disallow_mods]" value="0"<?php checked( $disallow_mods, 0 ) ?> <?php disabled( $disallow_mods_already_enabled, 1 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label>
475
- </td>
476
- </tr>
477
-
478
- </table>
479
- <a name="donotblockadmin"></a>
480
- <br />
481
- <br />
482
 
483
- <?php
484
- if ( empty( $nfw_options['wl_admin']) ) {
485
- $wl_admin = 0;
486
- } elseif ( $nfw_options['wl_admin'] == 2 ) {
487
- $wl_admin = 2;
488
- } else {
489
- $wl_admin = 1;
490
- }
491
- ?>
492
- <table class="form-table">
493
- <tr style="background-color:#F9F9F9;border: solid 1px #DFDFDF;">
494
- <th scope="row"><?php _e('Users Whitelist', 'ninjafirewall') ?></th>
495
- <td width="20">&nbsp;</td>
496
- <td>
497
- <p><label><input type="radio" name="nfw_options[wl_admin]" value="1"<?php checked( $wl_admin, 1 ) ?>>&nbsp;<?php _e('Add the Administrator to the whitelist (default).', 'ninjafirewall') ?></label></p>
498
- <p><label><input type="radio" name="nfw_options[wl_admin]" value="2"<?php checked( $wl_admin, 2 ) ?>>&nbsp;<?php _e('Add all logged in users to the whitelist.', 'ninjafirewall') ?></label></p>
499
- <p><label><input type="radio" name="nfw_options[wl_admin]" value="0"<?php checked( $wl_admin, 0 ) ?>>&nbsp;<?php _e('Disable users whitelist.', 'ninjafirewall') ?></label></p>
500
- <p><span class="description"><?php _e('Note: This feature does not apply to <code>FORCE_SSL_ADMIN</code>, <code>DISALLOW_FILE_EDIT</code> and <code>DISALLOW_FILE_MODS</code> options which, if enabled, are always enforced.', 'ninjafirewall') ?></span></p>
501
- </td>
502
- </tr>
503
- </table>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
504
 
505
  </div>
506
 
@@ -510,692 +530,692 @@ if ( empty( $nfw_options['wl_admin']) ) {
510
  // Intermediate options:
511
  ?>
512
  <div id="intermediate-options" style="display:none">
513
- <?php
514
- if ( empty( $nfw_options['get_scan']) ) {
515
- $get_scan = 0;
516
- } else {
517
- $get_scan = 1;
518
- }
519
- if ( empty( $nfw_options['get_sanitise']) ) {
520
- $get_sanitise = 0;
521
- } else {
522
- $get_sanitise = 1;
523
- }
524
- ?>
525
- <h3><?php _e('HTTP GET variable', 'ninjafirewall') ?></h3>
526
- <table class="form-table">
527
- <tr>
528
- <th scope="row"><?php _e('Scan <code>GET</code> variable', 'ninjafirewall') ?></th>
529
- <td width="20">&nbsp;</td>
530
- <td width="120">
531
- <label><input type="radio" name="nfw_options[get_scan]" value="1"<?php checked( $get_scan, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
532
- </td>
533
- <td>
534
- <label><input type="radio" name="nfw_options[get_scan]" value="0"<?php checked( $get_scan, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
535
- </td>
536
- </tr>
537
- <tr>
538
- <th scope="row"><?php _e('Sanitise <code>GET</code> variable', 'ninjafirewall') ?></th>
539
- <td width="20">&nbsp;</td>
540
- <td width="120">
541
- <label><input type="radio" name="nfw_options[get_sanitise]" value="1"<?php checked( $get_sanitise, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
542
- </td>
543
- <td>
544
- <label><input type="radio" name="nfw_options[get_sanitise]" value="0"<?php checked( $get_sanitise, 0 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label>
545
- </td>
546
- </tr>
547
- </table>
548
-
549
- <br /><br />
550
 
551
- <?php
552
- if ( empty( $nfw_options['post_scan']) ) {
553
- $post_scan = 0;
554
- } else {
555
- $post_scan = 1;
556
- }
557
- if ( empty( $nfw_options['post_sanitise']) ) {
558
- $post_sanitise = 0;
559
- } else {
560
- $post_sanitise = 1;
561
- }
562
- if ( empty( $nfw_options['post_b64']) ) {
563
- $post_b64 = 0;
564
- } else {
565
- $post_b64 = 1;
566
- }
567
- ?>
568
- <h3><?php _e('HTTP POST variable', 'ninjafirewall') ?></h3>
569
- <table class="form-table">
570
- <tr valign="top">
571
- <th scope="row"><?php _e('Scan <code>POST</code> variable', 'ninjafirewall') ?></th>
572
- <td width="20">&nbsp;</td>
573
- <td width="120">
574
- <label><input type="radio" name="nfw_options[post_scan]" value="1"<?php checked( $post_scan, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
575
- </td>
576
- <td>
577
- <label><input type="radio" name="nfw_options[post_scan]" value="0"<?php checked( $post_scan, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
578
- </td>
579
- </tr>
580
- <tr valign="top">
581
- <th scope="row"><?php _e('Sanitise <code>POST</code> variable', 'ninjafirewall') ?></th>
582
- <td width="20">&nbsp;</td>
583
- <td width="120" style="vertical-align:top;">
584
- <label><input type="radio" name="nfw_options[post_sanitise]" value="1"<?php checked( $post_sanitise, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
585
- </td>
586
- <td>
587
- <label><input type="radio" name="nfw_options[post_sanitise]" value="0"<?php checked( $post_sanitise, 0 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label><br /><span class="description">&nbsp;<?php _e('Do not enable this option unless you know what you are doing!', 'ninjafirewall') ?></span>
588
- </td>
589
- </tr>
590
- <tr valign="top">
591
- <th scope="row"><?php _e('Decode Base64-encoded <code>POST</code> variable', 'ninjafirewall') ?></th>
592
- <td width="20">&nbsp;</td>
593
- <td width="120">
594
- <label><input type="radio" name="nfw_options[post_b64]" value="1"<?php checked( $post_b64, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
595
- </td>
596
- <td>
597
- <label><input type="radio" name="nfw_options[post_b64]" value="0"<?php checked( $post_b64, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
598
- </td>
599
- </tr>
600
- </table>
601
- <br /><br />
602
 
603
- <?php
604
- if ( empty( $nfw_options['request_sanitise']) ) {
605
- $request_sanitise = 0;
606
- } else {
607
- $request_sanitise = 1;
608
- }
609
- ?>
610
- <h3><?php _e('HTTP REQUEST variable', 'ninjafirewall') ?></h3>
611
- <table class="form-table">
612
- <tr>
613
- <th scope="row"><?php _e('Sanitise <code>REQUEST</code> variable', 'ninjafirewall') ?></th>
614
- <td width="20">&nbsp;</td>
615
- <td width="120" style="vertical-align:top;">
616
- <label><input type="radio" name="nfw_options[request_sanitise]" value="1"<?php checked( $request_sanitise, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
617
- </td>
618
- <td>
619
- <label><input type="radio" name="nfw_options[request_sanitise]" value="0"<?php checked( $request_sanitise, 0 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label><br /><span class="description">&nbsp;<?php _e('Do not enable this option unless you know what you are doing!', 'ninjafirewall') ?></span>
620
- </td>
621
- </tr>
622
- </table>
623
-
624
- <br /><br />
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
625
 
626
- <?php
627
- if ( empty( $nfw_options['cookies_scan']) ) {
628
- $cookies_scan = 0;
629
- } else {
630
- $cookies_scan = 1;
631
- }
632
- if ( empty( $nfw_options['cookies_sanitise']) ) {
633
- $cookies_sanitise = 0;
634
- } else {
635
- $cookies_sanitise = 1;
636
- }
637
- ?>
638
- <h3><?php _e('Cookies', 'ninjafirewall') ?></h3>
639
- <table class="form-table">
640
- <tr>
641
- <th scope="row"><?php _e('Scan cookies', 'ninjafirewall') ?></th>
642
- <td width="20">&nbsp;</td>
643
- <td width="120">
644
- <label><input type="radio" name="nfw_options[cookies_scan]" value="1"<?php checked( $cookies_scan, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
645
- </td>
646
- <td>
647
- <label><input type="radio" name="nfw_options[cookies_scan]" value="0"<?php checked( $cookies_scan, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
648
- </td>
649
- </tr>
650
- <tr>
651
- <th scope="row"><?php _e('Sanitise cookies', 'ninjafirewall') ?></th>
652
- <td width="20">&nbsp;</td>
653
- <td width="120">
654
- <label><input type="radio" name="nfw_options[cookies_sanitise]" value="1"<?php checked( $cookies_sanitise, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
655
- </td>
656
- <td>
657
- <label><input type="radio" name="nfw_options[cookies_sanitise]" value="0"<?php checked( $cookies_sanitise, 0 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label>
658
- </td>
659
- </tr>
660
- </table>
661
-
662
- <br /><br />
663
 
664
- <?php
665
- if ( empty( $nfw_options['ua_scan']) ) {
666
- $ua_scan = 0;
667
- } else {
668
- $ua_scan = 1;
669
- }
670
- if ( empty( $nfw_options['ua_sanitise']) ) {
671
- $ua_sanitise = 0;
672
- } else {
673
- $ua_sanitise = 1;
674
- }
675
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
676
 
677
- if ( empty( $nfw_rules[NFW_SCAN_BOTS]['ena']) ) {
678
- $block_bots = 0;
679
- } else {
680
- $block_bots = 1;
681
- }
682
- ?>
683
- <h3><?php _e('HTTP_USER_AGENT server variable', 'ninjafirewall') ?></h3>
684
- <table class="form-table">
685
- <tr>
686
- <th scope="row"><?php _e('Scan <code>HTTP_USER_AGENT</code>', 'ninjafirewall') ?></th>
687
- <td width="20">&nbsp;</td>
688
- <td width="120">
689
- <label><input type="radio" name="nfw_options[ua_scan]" value="1"<?php checked( $ua_scan, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
690
- </td>
691
- <td>
692
- <label><input type="radio" name="nfw_options[ua_scan]" value="0"<?php checked( $ua_scan, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
693
- </td>
694
- </tr>
695
- <tr>
696
- <th scope="row"><?php _e('Sanitise <code>HTTP_USER_AGENT</code>', 'ninjafirewall') ?></th>
697
- <td width="20">&nbsp;</td>
698
- <td width="120">
699
- <label><input type="radio" name="nfw_options[ua_sanitise]" value="1"<?php checked( $ua_sanitise, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
700
- </td>
701
- <td>
702
- <label><input type="radio" name="nfw_options[ua_sanitise]" value="0"<?php checked( $ua_sanitise, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
703
- </td>
704
- </tr>
705
- <tr>
706
- <th scope="row"><?php _e('Block suspicious bots/scanners', 'ninjafirewall') ?></th>
707
- <td width="20">&nbsp;</td>
708
- <td width="120">
709
- <label><input type="radio" name="nfw_rules[block_bots]" value="1"<?php checked( $block_bots, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
710
- </td>
711
- <td>
712
- <label><input type="radio" name="nfw_rules[block_bots]" value="0"<?php checked( $block_bots, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
713
- </td>
714
- </tr>
715
- </table>
716
-
717
- <br /><br />
718
 
719
- <?php
720
- if ( empty( $nfw_options['referer_scan']) ) {
721
- $referer_scan = 0;
722
- } else {
723
- $referer_scan = 1;
724
- }
725
- if ( empty( $nfw_options['referer_sanitise']) ) {
726
- $referer_sanitise = 0;
727
- } else {
728
- $referer_sanitise = 1;
729
- }
730
- if ( empty( $nfw_options['referer_post']) ) {
731
- $referer_post = 0;
732
- } else {
733
- $referer_post = 1;
734
- }
735
- ?>
736
- <h3><?php _e('HTTP_REFERER server variable', 'ninjafirewall') ?></h3>
737
- <table class="form-table">
738
- <tr>
739
- <th scope="row"><?php _e('Scan <code>HTTP_REFERER</code>', 'ninjafirewall') ?></th>
740
- <td width="20">&nbsp;</td>
741
- <td width="120">
742
- <label><input type="radio" name="nfw_options[referer_scan]" value="1"<?php checked( $referer_scan, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
743
- </td>
744
- <td>
745
- <label><input type="radio" name="nfw_options[referer_scan]" value="0"<?php checked( $referer_scan, 0 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label>
746
- </td>
747
- </tr>
748
- <tr>
749
- <th scope="row"><?php _e('Sanitise <code>HTTP_REFERER</code>', 'ninjafirewall') ?></th>
750
- <td width="20">&nbsp;</td>
751
- <td width="120">
752
- <label><input type="radio" name="nfw_options[referer_sanitise]" value="1"<?php checked( $referer_sanitise, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
753
- </td>
754
- <td>
755
- <label><input type="radio" name="nfw_options[referer_sanitise]" value="0"<?php checked( $referer_sanitise, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
756
- </td>
757
- </tr>
758
- <tr valign="top">
759
- <th scope="row"><?php _e('Block <code>POST</code> requests that do not have an <code>HTTP_REFERER</code> header', 'ninjafirewall') ?></th>
760
- <td width="20">&nbsp;</td>
761
- <td width="120" style="vertical-align:top;">
762
- <label><input type="radio" name="nfw_options[referer_post]" value="1"<?php checked( $referer_post, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
763
- </td>
764
- <td style="vertical-align:top;">
765
- <label><input type="radio" name="nfw_options[referer_post]" value="0"<?php checked( $referer_post, 0 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label><br /><span class="description">&nbsp;<?php _e('Keep this option disabled if you are using scripts like Paypal IPN, WordPress WP-Cron etc', 'ninjafirewall') ?>.</span>
766
- </td>
767
- </tr>
768
- </table>
769
-
770
- <br /><br />
771
 
772
- <?php
773
- if ( empty( $nfw_rules[NFW_LOOPBACK]['ena']) ) {
774
- $no_localhost_ip = 0;
775
- } else {
776
- $no_localhost_ip = 1;
777
- }
778
- if ( empty( $nfw_options['no_host_ip']) ) {
779
- $no_host_ip = 0;
780
- } else {
781
- $no_host_ip = 1;
782
- }
783
- if ( empty( $nfw_options['allow_local_ip']) ) {
784
- $allow_local_ip = 0;
785
- } else {
786
- $allow_local_ip = 1;
787
- }
788
- ?>
789
- <h3>IP</h3>
790
- <table class="form-table" border=0>
791
- <tr>
792
- <th scope="row"><?php _e('Block localhost IP in <code>GET/POST</code> request', 'ninjafirewall') ?></th>
793
- <td width="20">&nbsp;</td>
794
- <td width="120" style="vertical-align:top">
795
- <label><input type="radio" name="nfw_rules[no_localhost_ip]" value="1"<?php checked( $no_localhost_ip, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
796
- </td>
797
- <td style="vertical-align:top">
798
- <label><input type="radio" name="nfw_rules[no_localhost_ip]" value="0"<?php checked( $no_localhost_ip, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
799
- </td>
800
- </tr>
801
- <tr>
802
- <th scope="row"><?php _e('Block HTTP requests with an IP in the <code>HTTP_HOST</code> header', 'ninjafirewall') ?></th>
803
- <td width="20">&nbsp;</td>
804
- <td width="120" style="vertical-align:top">
805
- <label><input type="radio" name="nfw_options[no_host_ip]" value="1"<?php checked( $no_host_ip, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
806
- </td>
807
- <td style="vertical-align:top">
808
- <label><input type="radio" name="nfw_options[no_host_ip]" value="0"<?php checked( $no_host_ip, 0 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label>
809
- </td>
810
- </tr>
811
- <tr>
812
- <th scope="row"><?php _e('Scan traffic coming from localhost and private IP address spaces', 'ninjafirewall') ?></th>
813
- <td width="20">&nbsp;</td>
814
- <td width="120" style="vertical-align:top">
815
- <label><input type="radio" name="nfw_options[allow_local_ip]" value="0"<?php checked( $allow_local_ip, 0 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
816
- </td>
817
- <td style="vertical-align:top">
818
- <label><input type="radio" name="nfw_options[allow_local_ip]" value="1"<?php checked( $allow_local_ip, 1 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
819
- </td>
820
- </tr>
821
- </table>
822
 
823
- </div>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
824
 
825
- <?php
826
- // ==========================================================================
827
- // Advanced options:
828
- ?>
829
- <div id="advanced-options" style="display:none">
830
 
831
- <?php
832
- $err_msg = $err = '';
833
- $err_img = '<p><span class="description"><img src="' . plugins_url() . '/ninjafirewall/images/glyphicons-warning.png">&nbsp;';
834
- $msg = __('This option is disabled because the %s PHP function is not available on your server.', 'ninjafirewall');
835
- if (! function_exists('header_register_callback') ) {
836
- $err_msg = $err_img . sprintf($msg, '<code>header_register_callback()</code>') . '</span></p>';
837
- $err = 1;
838
- } elseif (! function_exists('headers_list') ) {
839
- $err_msg = $err_img . sprintf($msg, '<code>headers_list()</code>') . '</span></p>';
840
- $err = 1;
841
- } elseif (! function_exists('header_remove') ) {
842
- $err_msg = $err_img . sprintf($msg, '<code>header_remove()</code>') . '</span></p>';
843
- $err = 1;
844
- }
845
- if ( empty($nfw_options['response_headers']) || ! preg_match( '/^\d+$/', $nfw_options['response_headers'] ) || $err_msg ) {
846
- $nfw_options['response_headers'] = '000000000';
847
- }
848
- ?>
849
- <h3><?php _e('HTTP response headers', 'ninjafirewall') ?></h3>
850
- <table class="form-table">
851
- <tr>
852
- <th scope="row"><?php printf( __('Set %s to protect against MIME type confusion attacks', 'ninjafirewall'), '<a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">X-Content-Type-Options</a>') ?></th>
853
- <td width="20">&nbsp;</td>
854
- <td width="120">
855
- <label><input type="radio" name="nfw_options[x_content_type_options]" value="1"<?php checked( $nfw_options['response_headers'][1], 1 ); disabled($err, 1); ?>><?php echo $yes; ?></label>
856
- </td>
857
- <td>
858
- <label><input type="radio" name="nfw_options[x_content_type_options]" value="0"<?php checked( $nfw_options['response_headers'][1], 0 ); disabled($err, 1); ?>><?php echo $no . $default; ?></label><?php echo $err_msg ?>
859
- </td>
860
- </tr>
861
- <tr>
862
- <th scope="row"><?php printf( __('Set %s to protect against clickjacking attempts', 'ninjafirewall'), '<a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">X-Frame-Options</a>') ?></th>
863
- <td width="20">&nbsp;</td>
864
- <td width="120" style="vertical-align:top;">
865
- <p><label><input type="radio" name="nfw_options[x_frame_options]" value="1"<?php checked( $nfw_options['response_headers'][2], 1 ); disabled($err, 1); ?>><code>SAMEORIGIN</code></label></p>
866
- <p><label><input type="radio" name="nfw_options[x_frame_options]" value="2"<?php checked( $nfw_options['response_headers'][2], 2 ); disabled($err, 1); ?>><code>DENY</code></label></p>
867
- </td>
868
- <td style="vertical-align:top;"><p><label><input type="radio" name="nfw_options[x_frame_options]" value="0"<?php checked( $nfw_options['response_headers'][2], 0 ); disabled($err, 1); ?>><?php echo $no . $default; ?></label><?php echo $err_msg ?></p></td>
869
- </tr>
870
- <tr>
871
- <th scope="row"><?php printf( __("Set %s (IE/Edge, Chrome, Opera and Safari browsers)", 'ninjafirewall'), '<a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">X-XSS-Protection</a>') ?></th>
872
- <td width="20"></td>
873
-
874
- <td width="120">
875
- <p><label><input type="radio" name="nfw_options[x_xss_protection]" value="0"<?php checked( $nfw_options['response_headers'][3], 0 ); disabled($err, 1); ?> /><?php printf( __("Set to %s", "ninjafirewall"), '<code>0</code>' ) ?></label></p>
876
- <p><label><input type="radio" name="nfw_options[x_xss_protection]" value="2"<?php checked( $nfw_options['response_headers'][3], 2 ); disabled($err, 1); ?> /><?php printf( __("Set to %s", "ninjafirewall"), '<code>1</code>' ) ?></label></p>
877
- </td>
878
- <td>
879
- <p><label><input type="radio" name="nfw_options[x_xss_protection]" value="1"<?php checked( $nfw_options['response_headers'][3], 1 ); disabled($err, 1); ?> /><?php printf( __("Set to %s", "ninjafirewall"), '<code>1; mode=block</code>' ); ?></label></p>
880
- <p><label><input type="radio" name="nfw_options[x_xss_protection]" value="3"<?php checked( $nfw_options['response_headers'][3], 3 ); disabled($err, 1); ?> /><?php _e('No', 'ninjafirewall'); echo $default; ?></label></p>
881
- </td>
882
- </tr>
883
- <tr>
884
- <th scope="row"><?php printf( __('Force %s flag on all cookies to mitigate XSS attacks', 'ninjafirewall'), '<a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">HttpOnly</a>') ?></th>
885
- <td width="20">&nbsp;</td>
886
- <td width="120" style="vertical-align:top;">
887
- <label><input type="radio" name="nfw_options[cookies_httponly]" value="1"<?php checked( $nfw_options['response_headers'][0], 1 ); disabled($err, 1); ?> >&nbsp;<?php echo $yes ?></label>
888
- </td>
889
- <td style="vertical-align:top;">
890
- <label><input type="radio" name="nfw_options[cookies_httponly]" value="0"<?php checked( $nfw_options['response_headers'][0], 0 ); disabled($err, 1); ?>>&nbsp;<?php echo $no . $default; ?></label><br /><span class="description"><?php _e('If your PHP scripts use cookies that need to be accessed from JavaScript, you should disable this option.', 'ninjafirewall') ?></span><?php echo $err_msg ?>
891
- </td>
892
- </tr>
893
  <?php
894
- if ($_SERVER['SERVER_PORT'] != 443 && ! $err && (! isset( $_SERVER['HTTP_X_FORWARDED_PROTO']) || $_SERVER['HTTP_X_FORWARDED_PROTO'] != 'https') ) {
895
- $hsts_err = 1;
896
- $hsts_msg = '<br /><img src="' . plugins_url() . '/ninjafirewall/images/glyphicons-warning.png">&nbsp;<span class="description">' . __('HSTS headers can only be set when you are accessing your site over HTTPS.', 'ninjafirewall') . '</span>';
 
 
 
 
897
  } else {
898
- $hsts_msg = '';
899
- $hsts_err = 0;
 
 
 
 
900
  }
901
  ?>
902
- <tr>
903
- <th scope="row"><?php printf( __('Set %s (HSTS) to enforce secure connections to the server', 'ninjafirewall'), '<a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">Strict-Transport-Security</a>') ?></th>
904
- <td width="20">&nbsp;</td>
905
- <td width="120" style="vertical-align:top;">
906
- <p><label><input type="radio" name="nfw_options[strict_transport]" value="1"<?php checked( $nfw_options['response_headers'][4], 1 ); disabled($hsts_err, 1); ?>><?php _e('1 month', 'ninjafirewall') ?></label></p>
907
- <p><label><input type="radio" name="nfw_options[strict_transport]" value="2"<?php checked( $nfw_options['response_headers'][4], 2 ); disabled($hsts_err, 1); ?>><?php _e('6 months', 'ninjafirewall') ?></label></p>
908
- <p><label><input type="radio" name="nfw_options[strict_transport]" value="3"<?php checked( $nfw_options['response_headers'][4], 3 ); disabled($hsts_err, 1); ?>><?php _e('1 year', 'ninjafirewall') ?></label></p>
909
- <br />
910
- <label><input type="checkbox" name="nfw_options[strict_transport_sub]" value="1"<?php checked( $nfw_options['response_headers'][5], 1 ); disabled($hsts_err, 1); ?>><?php _e('Apply to subdomains', 'ninjafirewall') ?></label>
911
- </td>
912
- <td style="vertical-align:top;">
913
- <p><label><input type="radio" name="nfw_options[strict_transport]" value="0"<?php checked( $nfw_options['response_headers'][4], 0 ); disabled($hsts_err, 1); ?>><?php echo $no . $default; ?></label></p>
914
- <p><label><input type="radio" name="nfw_options[strict_transport]" value="4"<?php checked( $nfw_options['response_headers'][4], 4 ); disabled($hsts_err, 1); ?>><?php _e('Set <code>max-age</code> to 0', 'ninjafirewall'); ?></label><?php echo $err_msg ?></p>
915
- <?php echo $hsts_msg; ?>
916
- </td>
917
- </tr>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
918
 
919
- <?php
920
- if (! isset( $nfw_options['csp_frontend_data'] ) ) {
921
- $nfw_options['csp_frontend_data'] = '';
922
- }
923
- if (! isset( $nfw_options['csp_backend_data'] ) ) {
924
- $nfw_options['csp_backend_data'] = nf_sub_policies_csp();
925
- }
926
- if (! isset( $nfw_options['response_headers'][6] ) ) {
927
- $nfw_options['response_headers'][6] = 0;
928
- }
929
- if (! isset( $nfw_options['response_headers'][7] ) ) {
930
- $nfw_options['response_headers'][7] = 0;
931
- }
932
- ?>
933
- <tr>
934
- <th scope="row"><?php printf( __('Set %s for the website frontend', 'ninjafirewall'), '<a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">Content-Security-Policy</a>') ?></th>
935
- <td width="20">&nbsp;</td>
936
- <td width="120" style="vertical-align:top;">
937
- <p><label><input type="radio" onclick="csp_onoff(1, 'csp_frontend')" name="nfw_options[csp_frontend]" value="1"<?php checked( $nfw_options['response_headers'][6], 1 ); disabled($err, 1); ?>><?php _e('Yes', 'ninjafirewall') ?></label></p>
938
- <p><label><input type="radio" onclick="csp_onoff(0, 'csp_frontend')" name="nfw_options[csp_frontend]" value="0"<?php checked( $nfw_options['response_headers'][6], 0 ); disabled($err, 1); ?>><?php _e('No (default)', 'ninjafirewall') ?></label></p>
939
- </td>
940
- <td style="vertical-align:top;">
941
- <textarea autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" name="nfw_options[csp_frontend_data]" id="csp_frontend" class="large-text code" rows="4"<?php __checked_selected_helper($err, 1, true, 'readonly'); __checked_selected_helper($nfw_options['response_headers'][6], 0, true, 'readonly') ?>><?php echo htmlspecialchars( $nfw_options['csp_frontend_data'] ) ?></textarea>
942
- <span class="description"><?php _e('This CSP header will apply to the website frontend only.', 'ninjafirewall') ?></span>
943
- <?php echo $err_msg ?>
944
- </td>
945
- </tr>
946
-
947
- <tr>
948
- <th scope="row"><?php printf( __('Set %s for the WordPress admin dashboard', 'ninjafirewall'), '<a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">Content-Security-Policy</a>') ?></th>
949
- <td width="20">&nbsp;</td>
950
- <td width="120" style="vertical-align:top;">
951
- <p><label><input type="radio" onclick="csp_onoff(1, 'csp_backend')" name="nfw_options[csp_backend]" value="1"<?php checked( $nfw_options['response_headers'][7], 1 ); disabled($err, 1); ?>><?php _e('Yes', 'ninjafirewall') ?></label></p>
952
- <p><label><input type="radio" onclick="csp_onoff(0, 'csp_backend')" name="nfw_options[csp_backend]" value="0"<?php checked( $nfw_options['response_headers'][7], 0 ); disabled($err, 1); ?>><?php _e('No (default)', 'ninjafirewall') ?></label></p>
953
- </td>
954
- <td style="vertical-align:top;">
955
- <textarea autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" name="nfw_options[csp_backend_data]" id="csp_backend" class="large-text code" rows="4"<?php __checked_selected_helper($err, 1, true, 'readonly'); __checked_selected_helper($nfw_options['response_headers'][7], 0, true, 'readonly') ?>><?php echo htmlspecialchars( $nfw_options['csp_backend_data'] ) ?></textarea>
956
- <span class="description"><?php _e('This CSP header will apply to the WordPress admin dashboard only.', 'ninjafirewall') ?></span>
957
- <?php echo $err_msg ?>
958
- </td>
959
- </tr>
960
 
961
  <?php
962
- if (! isset( $nfw_options['response_headers'][8] ) ) {
963
- $nfw_options['response_headers'][8] = 0;
 
 
964
  }
965
- if ( empty( $nfw_options['referrer_policy_enabled'] ) ) {
966
- $nfw_options['referrer_policy_enabled'] = 0;
967
  } else {
968
- $nfw_options['referrer_policy_enabled'] = 1;
 
 
 
 
 
969
  }
970
  ?>
971
- <tr>
972
- <th scope="row"><?php printf( __("Set %s (Chrome, Opera and Firefox browsers)", 'ninjafirewall'), '<a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">Referrer-Policy</a>') ?></th>
973
- <td width="20"></td>
974
- <td width="120" style="vertical-align:top;">
975
-
976
- <p><label><input onclick="document.getElementById('rp_select').disabled=false" type="radio" name="nfw_options[referrer_policy_enabled]" value="1"<?php checked($nfw_options['referrer_policy_enabled'], 1) ?> /><?php _e('Yes', 'ninjafirewall') ?></label></p>
977
- <p><label><input onclick="document.getElementById('rp_select').disabled=true" type="radio" name="nfw_options[referrer_policy_enabled]" value="0"<?php checked($nfw_options['referrer_policy_enabled'], 0) ?> /><?php _e('No (default)', 'ninjafirewall') ?></label></p>
978
- </td>
979
- <td style="vertical-align:top;">
980
- <select id="rp_select" name="nfw_options[referrer_policy]"<?php disabled($nfw_options['referrer_policy_enabled'], 0) ?>>
981
- <option value="1"<?php selected($nfw_options['response_headers'][8], 1) ?>>no-referrer</option>
982
- <option value="2"<?php selected($nfw_options['response_headers'][8], 2) ?>>no-referrer-when-downgrade</option>
983
- <option value="3"<?php selected($nfw_options['response_headers'][8], 3) ?>>origin</option>
984
- <option value="4"<?php selected($nfw_options['response_headers'][8], 4) ?>>origin-when-cross-origin</option>
985
- <option value="5"<?php selected($nfw_options['response_headers'][8], 5) ?>>strict-origin</option>
986
- <option value="6"<?php selected($nfw_options['response_headers'][8], 6) ?>>strict-origin-when-cross-origin</option>
987
- <option value="7"<?php selected($nfw_options['response_headers'][8], 7) ?>>same-origin</option>
988
- <option value="8"<?php selected($nfw_options['response_headers'][8], 8) ?>>unsafe-url</option>
989
- </select>
990
- </td>
991
- </tr>
992
- </table>
993
-
994
- <br /><br />
 
 
 
 
 
 
 
 
 
 
 
995
 
996
  <?php
997
- if ( empty( $nfw_rules[NFW_WRAPPERS]['ena']) ) {
998
- $php_wrappers = 0;
999
- } else {
1000
- $php_wrappers = 1;
1001
- }
1002
- if ( empty( $nfw_options['php_errors']) ) {
1003
- $php_errors = 0;
1004
- } else {
1005
- $php_errors = 1;
1006
- }
1007
- if ( empty( $nfw_options['php_self']) ) {
1008
- $php_self = 0;
1009
- } else {
1010
- $php_self = 1;
1011
- }
1012
- if ( empty( $nfw_options['php_path_t']) ) {
1013
- $php_path_t = 0;
1014
- } else {
1015
- $php_path_t = 1;
1016
- }
1017
- if ( empty( $nfw_options['php_path_i']) ) {
1018
- $php_path_i = 0;
1019
- } else {
1020
- $php_path_i = 1;
1021
- }
1022
  ?>
1023
- <h3>PHP</h3>
1024
- <table class="form-table">
1025
- <tr>
1026
- <th scope="row"><?php _e('Block PHP built-in wrappers in <code>GET</code>, <code>POST</code>, <code>HTTP_USER_AGENT</code>, <code>HTTP_REFERER</code> and cookies', 'ninjafirewall') ?></th>
1027
- <td width="20">&nbsp;</td>
1028
- <td width="120" style="vertical-align:top">
1029
- <label><input type="radio" name="nfw_rules[php_wrappers]" value="1"<?php checked( $php_wrappers, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
1030
- </td>
1031
- <td style="vertical-align:top">
1032
- <label><input type="radio" name="nfw_rules[php_wrappers]" value="0"<?php checked( $php_wrappers, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
1033
- </td>
1034
- </tr>
1035
 
1036
  <?php
1037
- if (! empty( $nfw_rules[NFW_OBJECTS]['ena'] ) ) {
1038
- if ( strpos( $nfw_rules[NFW_OBJECTS]['cha'][1]['whe'], 'GET' ) !== FALSE) {
1039
- $NFW_OBJECTS_GET = ' checked="checked"';
1040
- } else {
1041
- $NFW_OBJECTS_GET = '';
1042
- }
1043
- if ( strpos( $nfw_rules[NFW_OBJECTS]['cha'][1]['whe'], 'POST' ) !== FALSE) {
1044
- $NFW_OBJECTS_POST = ' checked="checked"';
1045
- } else {
1046
- $NFW_OBJECTS_POST = '';
1047
- }
1048
- if ( strpos( $nfw_rules[NFW_OBJECTS]['cha'][1]['whe'], 'COOKIE' ) !== FALSE) {
1049
- $NFW_OBJECTS_COOKIE = ' checked="checked"';
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1050
  } else {
1051
- $NFW_OBJECTS_COOKIE = '';
 
1052
  }
1053
- if ( strpos( $nfw_rules[NFW_OBJECTS]['cha'][1]['whe'], 'HTTP_USER_AGENT' ) !== FALSE) {
1054
- $NFW_OBJECTS_HTTP_USER_AGENT = ' checked="checked"';
1055
- } else {
1056
- $NFW_OBJECTS_HTTP_USER_AGENT = '';
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1057
  }
1058
- if ( strpos( $nfw_rules[NFW_OBJECTS]['cha'][1]['whe'], 'HTTP_REFERER' ) !== FALSE) {
1059
- $NFW_OBJECTS_HTTP_REFERER = ' checked="checked"';
1060
  } else {
1061
- $NFW_OBJECTS_HTTP_REFERER = '';
1062
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1063
  } else {
1064
- $NFW_OBJECTS_GET = ''; $NFW_OBJECTS_POST = ''; $NFW_OBJECTS_COOKIE = '';
1065
- $NFW_OBJECTS_HTTP_USER_AGENT = ''; $NFW_OBJECTS_HTTP_REFERER = '';
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1066
  }
1067
  ?>
1068
- <tr>
1069
- <th scope="row"><?php _e('Block serialized PHP objects in the following global variables', 'ninjafirewall') ?></th>
1070
- <td width="20">&nbsp;</td>
1071
- <td width="120" style="vertical-align:top">
1072
- <p><label><input type="checkbox" name="nfw_rules[php_objects_get]" value="1"<?php echo $NFW_OBJECTS_GET ?>><code>GET</code><?php echo $default ?></label><p>
1073
- <p><label><input type="checkbox" name="nfw_rules[php_objects_post]" value="1"<?php echo $NFW_OBJECTS_POST ?>><code>POST</code><?php echo $default ?></label><p>
1074
- <p><label><input type="checkbox" name="nfw_rules[php_objects_cookie]" value="1"<?php echo $NFW_OBJECTS_COOKIE ?>><code>COOKIE</code></label><p>
1075
- </td>
1076
- <td style="vertical-align:top">
1077
- <p><label><input type="checkbox" name="nfw_rules[php_objects_http_user_agent]" value="1"<?php echo $NFW_OBJECTS_HTTP_USER_AGENT ?>><code>HTTP_USER_AGENT</code><?php echo $default ?></label><p>
1078
- <p><label><input type="checkbox" name="nfw_rules[php_objects_http_referer]" value="1"<?php echo $NFW_OBJECTS_HTTP_REFERER ?>><code>HTTP_REFERER</code><?php echo $default ?></label><p>
1079
- </td>
1080
- </tr>
1081
- <tr>
1082
- <th scope="row"><?php _e('Hide PHP notice and error messages', 'ninjafirewall') ?></th>
1083
- <td width="20">&nbsp;</td>
1084
- <td width="120">
1085
- <label><input type="radio" name="nfw_options[php_errors]" value="1"<?php checked( $php_errors, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
1086
- </td>
1087
- <td>
1088
- <label><input type="radio" name="nfw_options[php_errors]" value="0"<?php checked( $php_errors, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
1089
- </td>
1090
- </tr>
1091
- <tr>
1092
- <th scope="row"><?php _e('Sanitise <code>PHP_SELF</code>', 'ninjafirewall') ?></th>
1093
- <td width="20">&nbsp;</td>
1094
- <td width="120">
1095
- <label><input type="radio" name="nfw_options[php_self]" value="1"<?php checked( $php_self, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
1096
- </td>
1097
- <td>
1098
- <label><input type="radio" name="nfw_options[php_self]" value="0"<?php checked( $php_self, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
1099
- </td>
1100
- </tr>
1101
- <tr>
1102
- <th scope="row"><?php _e('Sanitise <code>PATH_TRANSLATED</code>', 'ninjafirewall') ?></th>
1103
- <td width="20">&nbsp;</td>
1104
- <td width="120">
1105
- <label><input type="radio" name="nfw_options[php_path_t]" value="1"<?php checked( $php_path_t, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
1106
- </td>
1107
- <td>
1108
- <label><input type="radio" name="nfw_options[php_path_t]" value="0"<?php checked( $php_path_t, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
1109
- </td>
1110
- </tr>
1111
- <tr>
1112
- <th scope="row"><?php _e('Sanitise <code>PATH_INFO</code>', 'ninjafirewall') ?></th>
1113
- <td width="20">&nbsp;</td>
1114
- <td width="120">
1115
- <label><input type="radio" name="nfw_options[php_path_i]" value="1"<?php checked( $php_path_i, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
1116
- </td>
1117
- <td>
1118
- <label><input type="radio" name="nfw_options[php_path_i]" value="0"<?php checked( $php_path_i, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
1119
- </td>
1120
- </tr>
1121
- </table>
1122
-
1123
- <br /><br />
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1124
 
1125
- <?php
1126
 
1127
- if ( strlen( $_SERVER['DOCUMENT_ROOT'] ) < 5 ) {
1128
- $nfw_rules[NFW_DOC_ROOT]['ena'] = 0;
1129
- $greyed = 'style="color:#bbbbbb"';
1130
- $disabled = 'disabled ';
1131
- $disabled_msg = '<br /><span class="description">&nbsp;' .
1132
- __('This option is not compatible with your actual configuration.', 'ninjafirewall') .
1133
- '</span>';
1134
- } else {
1135
- $greyed = '';
1136
- $disabled = '';
1137
- $disabled_msg = '';
1138
- }
1139
 
1140
- if ( empty( $nfw_rules[NFW_DOC_ROOT]['ena']) ) {
1141
- $block_doc_root = 0;
1142
- } else {
1143
- $block_doc_root = 1;
1144
- }
1145
- if ( empty( $nfw_rules[NFW_NULL_BYTE]['ena']) ) {
1146
- $block_null_byte = 0;
1147
- } else {
1148
- $block_null_byte = 1;
1149
- }
1150
- if ( empty( $nfw_rules[NFW_ASCII_CTRL]['ena']) ) {
1151
- $block_ctrl_chars = 0;
1152
- } else {
1153
- $block_ctrl_chars = 1;
1154
- }
1155
- ?>
1156
- <h3><?php _e('Various', 'ninjafirewall') ?></h3>
1157
- <table class="form-table">
1158
- <tr valign="top">
1159
- <th scope="row"><?php _e('Block the <code>DOCUMENT_ROOT</code> server variable in HTTP request', 'ninjafirewall') ?></th>
1160
- <td width="20">&nbsp;</td>
1161
- <td width="120">
1162
- <label <?php echo $greyed ?>><input type="radio" name="nfw_rules[block_doc_root]" value="1"<?php checked( $block_doc_root, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
1163
- </td>
1164
- <td>
1165
- <label <?php echo $greyed ?>><input <?php echo $disabled ?>type="radio" name="nfw_rules[block_doc_root]" value="0"<?php checked( $block_doc_root, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label><?php echo $disabled_msg ?>
1166
- </td>
1167
- </tr>
1168
- <tr>
1169
- <th scope="row"><?php _e('Block ASCII character 0x00 (NULL byte)', 'ninjafirewall') ?></th>
1170
- <td width="20">&nbsp;</td>
1171
- <td width="120">
1172
- <label><input type="radio" name="nfw_rules[block_null_byte]" value="1"<?php checked( $block_null_byte, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
1173
- </td>
1174
- <td>
1175
- <label><input type="radio" name="nfw_rules[block_null_byte]" value="0"<?php checked( $block_null_byte, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
1176
- </td>
1177
- </tr>
1178
- <tr>
1179
- <th scope="row"><?php _e('Block ASCII control characters 1 to 8 and 14 to 31', 'ninjafirewall') ?></th>
1180
- <td width="20">&nbsp;</td>
1181
- <td>
1182
- <label><input type="radio" name="nfw_rules[block_ctrl_chars]" value="1"<?php checked( $block_ctrl_chars, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
1183
- </td>
1184
- <td>
1185
- <label><input type="radio" name="nfw_rules[block_ctrl_chars]" value="0"<?php checked( $block_ctrl_chars, 0 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label>
1186
- </td>
1187
- </tr>
1188
- </table>
1189
 
1190
- </div>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1191
 
1192
- <br />
1193
- <br />
 
 
1194
 
1195
- <input class="button-primary" type="submit" name="Save" value="<?php _e('Save Firewall Policies', 'ninjafirewall') ?>" />
1196
- &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
1197
- <input class="button-secondary" type="submit" name="Default" value="<?php _e('Restore Default Values', 'ninjafirewall') ?>" onclick="return restore();" />
1198
- </form>
1199
  </div>
1200
 
1201
  <?php
@@ -1515,6 +1535,12 @@ function nf_sub_policies_save() {
1515
  $nfw_options['disallow_edit'] = 1;
1516
  }
1517
 
 
 
 
 
 
 
1518
  if ( empty( $_POST['nfw_options']['disallow_mods']) ) {
1519
  $nfw_options['disallow_mods'] = 0;
1520
  } else {
@@ -1673,6 +1699,7 @@ function nf_sub_policies_default() {
1673
  $nfw_options['no_post_themes'] = 0;
1674
  $nfw_options['force_ssl'] = 0;
1675
  $nfw_options['disallow_edit'] = 0;
 
1676
  $nfw_options['disallow_mods'] = 0;
1677
  $nfw_options['post_b64'] = 1;
1678
  $nfw_options['wl_admin'] = 1;
141
  // Basic options:
142
  ?>
143
  <div id="basic-options">
144
+ <?php
145
+ if ( ( isset( $nfw_options['scan_protocol']) ) &&
146
+ ( preg_match( '/^[123]$/', $nfw_options['scan_protocol']) ) ) {
147
+ $scan_protocol = $nfw_options['scan_protocol'];
148
+ } else {
149
+ $scan_protocol = 3;
150
+ }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
151
 
152
+ ?>
153
+ <h3>HTTP / HTTPS</h3>
154
+ <table class="form-table">
155
+ <tr>
156
+ <th scope="row"><?php _e('Enable NinjaFirewall for', 'ninjafirewall') ?></th>
157
+ <td width="20">&nbsp;</td>
158
+ <td>
159
+ <p><label><input type="radio" name="nfw_options[scan_protocol]" value="3"<?php checked($scan_protocol, 3 ) ?>>&nbsp;<?php _e('HTTP and HTTPS traffic (default)', 'ninjafirewall') ?></label></p>
160
+ <p><label><input type="radio" name="nfw_options[scan_protocol]" value="1"<?php checked($scan_protocol, 1 ) ?>>&nbsp;<?php _e('HTTP traffic only', 'ninjafirewall') ?></label></p>
161
+ <p><label><input type="radio" name="nfw_options[scan_protocol]" value="2"<?php checked($scan_protocol, 2 ) ?>>&nbsp;<?php _e('HTTPS traffic only', 'ninjafirewall') ?></label></p>
162
+ </td>
163
+ </tr>
164
+ </table>
165
 
166
+ <?php
167
+ if ( empty( $nfw_options['sanitise_fn']) ) {
168
+ $sanitise_fn = 0;
169
+ } else {
170
+ $sanitise_fn = 1;
171
+ }
172
+ if ( empty( $nfw_options['uploads']) ) {
173
+ $uploads = 0;
174
+ $sanitise_fn = 0;
175
+ } else {
176
+ $uploads = 1;
177
+ }
178
+ if ( empty( $nfw_options['substitute'] ) || strlen( $nfw_options['substitute'] ) > 1 || $nfw_options['substitute'] == '/' ) {
179
+ $substitute = 'X';
180
+ } else {
181
+ $substitute = htmlspecialchars( $nfw_options['substitute'] );
182
+ }
183
+ ?>
184
+ <br />
185
+ <h3><?php _e('Uploads', 'ninjafirewall') ?></h3>
186
+ <table class="form-table">
187
+ <tr>
188
+ <th scope="row"><?php _e('File Uploads', 'ninjafirewall') ?></th>
189
+ <td width="20">&nbsp;</td>
190
+ <td>
191
+ <select name="nfw_options[uploads]" onchange="chksubmenu();">
192
+ <option value="1"<?php selected( $uploads, 1 ) ?>><?php echo __('Allow uploads', 'ninjafirewall') .' '. __('(default)', 'ninjafirewall') ?></option>
193
+ <option value="0"<?php selected( $uploads, 0 ) ?>><?php _e('Disallow uploads', 'ninjafirewall') ?></option>
194
+ </select>
195
+ <p id="sanitize-fn"<?php if (! $uploads) { echo ' style="color:#bbbbbb;"'; }?>>
196
+ <label><input type="checkbox" onclick='return sanitise_fn(this);' name="nfw_options[sanitise_fn]"<?php checked( $sanitise_fn, 1 ); disabled( $uploads, 0 ) ?> id="san">&nbsp;<?php _e('Sanitise filenames', 'ninjafirewall') ?> (<?php _e('substitution character:', 'ninjafirewall') ?></label> <input id="subs" maxlength="1" size="1" value="<?php echo $substitute ?>" name="nfw_options[substitute]" type="text" <?php disabled( $uploads, 0 ) ?>/> )
197
+ </p>
198
+ </td>
199
+ </tr>
200
+ </table>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
201
 
202
+ <br />
 
 
 
 
 
 
 
 
 
 
 
 
 
 
203
 
204
+ <?php
205
+ if ( @strpos( $nfw_options['wp_dir'], 'wp-admin' ) !== FALSE ) {
206
+ $wp_admin = 1;
207
+ } else {
208
+ $wp_admin = 0;
209
+ }
210
+ if ( @strpos( $nfw_options['wp_dir'], 'wp-includes' ) !== FALSE ) {
211
+ $wp_inc = 1;
212
+ } else {
213
+ $wp_inc = 0;
214
+ }
215
+ if ( @strpos( $nfw_options['wp_dir'], 'uploads' ) !== FALSE ) {
216
+ $wp_upl = 1;
217
+ } else {
218
+ $wp_upl = 0;
219
+ }
220
+ if ( @strpos( $nfw_options['wp_dir'], 'cache' ) !== FALSE ) {
221
+ $wp_cache = 1;
222
+ } else {
223
+ $wp_cache = 0;
224
+ }
225
+ if ( empty( $nfw_options['disallow_creation']) ) {
226
+ $disallow_creation = 0;
227
+ } else {
228
+ $disallow_creation = 1;
229
+ }
230
+ if ( empty( $nfw_options['disallow_settings']) ) {
231
+ $disallow_settings = 0;
232
+ } else {
233
+ $disallow_settings = 1;
234
+ }
235
+ if ( empty( $nfw_options['enum_archives']) ) {
236
+ $enum_archives = 0;
237
+ } else {
238
+ $enum_archives = 1;
239
+ }
240
+ if ( empty( $nfw_options['enum_login']) ) {
241
+ $enum_login = 0;
242
+ } else {
243
+ $enum_login = 1;
244
+ }
245
+ if ( empty( $nfw_options['enum_restapi']) ) {
246
+ $enum_restapi = 0;
247
+ } else {
248
+ $enum_restapi = 1;
249
+ }
250
+ if ( empty( $nfw_options['no_restapi']) ) {
251
+ $no_restapi = 0;
252
+ } else {
253
+ $no_restapi = 1;
254
+ }
255
+ if ( empty( $nfw_options['no_xmlrpc']) ) {
256
+ $no_xmlrpc = 0;
257
+ } else {
258
+ $no_xmlrpc = 1;
259
+ }
260
+ if ( empty( $nfw_options['no_xmlrpc_multi']) ) {
261
+ $no_xmlrpc_multi = 0;
262
+ } else {
263
+ $no_xmlrpc_multi = 1;
264
+ }
265
+ if ( empty( $nfw_options['no_xmlrpc_pingback']) ) {
266
+ $no_xmlrpc_pingback = 0;
267
+ } else {
268
+ $no_xmlrpc_pingback = 1;
269
+ }
270
+ if ( empty( $nfw_options['no_post_themes']) ) {
271
+ $no_post_themes = 0;
272
+ } else {
273
+ $no_post_themes = 1;
274
+ }
275
 
276
+ if ( empty( $nfw_options['force_ssl']) ) {
277
+ $force_ssl = 0;
278
+ } else {
279
+ $force_ssl = 1;
280
+ }
281
+ if ( empty( $nfw_options['disallow_edit']) ) {
282
+ $disallow_edit = 0;
283
+ } else {
284
+ $disallow_edit = 1;
285
+ }
286
+ if ( empty( $nfw_options['disallow_mods']) ) {
287
+ $disallow_mods = 0;
288
+ } else {
289
+ $disallow_mods = 1;
290
+ }
291
+ if ( empty( $nfw_options['disable_error_handler']) ) {
292
+ $disable_error_handler = 0;
293
+ } else {
294
+ $disable_error_handler = 1;
295
+ }
296
 
297
+ $force_ssl_already_enabled = 0;
298
+ $disallow_edit_already_enabled = 0;
299
+ $disallow_mods_already_enabled = 0;
300
+ $disable_error_handler_already_enabled = 0;
301
+ if ( defined('DISALLOW_FILE_EDIT') && ! $disallow_edit ) {
302
+ $disallow_edit_already_enabled = 1;
303
+ }
304
+ if ( defined('DISALLOW_FILE_MODS') && ! $disallow_mods ) {
305
+ $disallow_mods_already_enabled = 1;
306
+ }
307
+ if ( defined('WP_DISABLE_FATAL_ERROR_HANDLER') && ! $disable_error_handler ) {
308
+ $disable_error_handler_already_enabled = 1;
309
+ }
310
+ if ( defined('FORCE_SSL_ADMIN') && FORCE_SSL_ADMIN == true && ! $force_ssl ) {
311
+ $force_ssl_already_enabled = 1;
312
+ }
313
+ ?>
314
+ <h3>WordPress</h3>
315
+ <table class="form-table">
316
+ <tr>
317
+ <th scope="row"><?php
318
+ _e('Block direct access to any PHP file located in one of these directories', 'ninjafirewall');
319
+ if ( defined('NFW_WPWAF') ) {
320
+ echo '<br /><font style="font-weight:400">' . $full_waf_msg . '</font>';
321
+ }
322
+ ?></th>
323
+ <td width="20">&nbsp;</td>
324
+ <td>
325
+ <table class="form-table">
326
+ <tr style="border: solid 1px #DFDFDF;">
327
+ <td align="center" width="10"><input type="checkbox" name="nfw_options[wp_admin]" id="wp_01"<?php checked( $wp_admin, 1 ); disabled( $option_disabled, 1) ?>></td>
328
+ <td>
329
+ <label for="wp_01">
330
+ <p><code>/wp-admin/css/*</code></p>
331
+ <p><code>/wp-admin/images/*</code></p>
332
+ <p><code>/wp-admin/includes/*</code></p>
333
+ <p><code>/wp-admin/js/*</code></p>
334
+ </label>
335
+ </td>
336
+ </tr>
337
+ <tr style="border: solid 1px #DFDFDF;">
338
+ <td align="center" width="10"><input type="checkbox" name="nfw_options[wp_inc]" id="wp_02"<?php checked( $wp_inc, 1 ); disabled( $option_disabled, 1) ?>></td>
339
+ <td>
340
+ <label for="wp_02">
341
+ <p><code>/wp-includes/*.php</code></p>
342
+ <p><code>/wp-includes/css/*</code></p>
343
+ <p><code>/wp-includes/images/*</code></p>
344
+ <p><code>/wp-includes/js/*</code></p>
345
+ <p><code>/wp-includes/theme-compat/*</code></p>
346
+ </label>
347
+ <br />
348
+ <span class="description"><?php _e('NinjaFirewall will not block access to the TinyMCE WYSIWYG editor even if this option is enabled.', 'ninjafirewall') ?></span>
349
+ </td>
350
+ </tr>
351
+ <tr style="border: solid 1px #DFDFDF;">
352
+ <td align="center" width="10"><input type="checkbox" name="nfw_options[wp_upl]" id="wp_03"<?php checked( $wp_upl, 1 ); disabled( $option_disabled, 1) ?>></td>
353
+ <td><label for="wp_03">
354
+ <p><code>/<?php echo basename(WP_CONTENT_DIR); ?>/uploads/*</code></p>
355
+ <p><code>/<?php echo basename(WP_CONTENT_DIR); ?>/blogs.dir/*</code></p>
356
+ </label></td>
357
+ </tr>
358
+ <tr style="border: solid 1px #DFDFDF;">
359
+ <td align="center" style="vertical-align:top" width="10"><input type="checkbox" name="nfw_options[wp_cache]" id="wp_04"<?php checked( $wp_cache, 1 ); disabled( $option_disabled, 1) ?>></td>
360
+ <td style="vertical-align:top"><label for="wp_04"><code>*/cache/*</code></label>
361
+ <br />
362
+ <br />
363
+ <span class="description"><?php _e('Unless you have PHP scripts in a "/cache/" folder that need to be accessed by your visitors, we recommend to enable this option.', 'ninjafirewall') ?></span>
364
+ </td>
365
+ </tr>
366
+ </table>
367
+ <br />&nbsp;
368
+ </td>
369
+ </tr>
370
+ </table>
371
 
372
  <?php
373
+ if ( is_dir( WP_PLUGIN_DIR . '/jetpack' ) ) {
374
+ $is_JetPack = '<p><img src="' . plugins_url() . '/ninjafirewall/images/glyphicons-warning.png">&nbsp;<span class="description">' . sprintf( __('If you are using the %s plugin, blocking <code>system.multicall</code> may prevent it from working correctly.', 'ninjafirewall'), 'Jetpack') . '</span></p>';
375
+ } else {
376
+ $is_JetPack = '';
377
+ }
378
+ if ( is_dir( WP_PLUGIN_DIR . '/contact-form-7' ) ) {
379
+ $is_CF7 = '<p><img src="' . plugins_url() . '/ninjafirewall/images/glyphicons-warning.png">&nbsp;<span class="description">' . sprintf( __('If you are using the %s plugin, blocking <code>system.multicall</code> may prevent it from working correctly.', 'ninjafirewall'), 'Contact Form 7') . '</span></p>';
380
  } else {
381
+ $is_CF7 = '';
 
382
  }
383
  ?>
384
+
385
+ <table class="form-table">
 
 
 
 
 
 
386
  <tr>
387
+ <th scope="row"><?php _e('General', 'ninjafirewall') ?></th>
388
+ <td width="20">&nbsp;</td>
389
+ <td>
390
+ <p><label><input type="checkbox" name="nfw_options[disallow_settings]" value="1"<?php checked( $disallow_settings, 1 ) ?>>&nbsp;<?php echo __('Block attempts to modify important WordPress settings', 'ninjafirewall') .' '. __('(default)', 'ninjafirewall') ?></label></p>
391
+ <p><label><input type="checkbox" name="nfw_options[disallow_creation]" value="1"<?php checked( $disallow_creation, 1 ) ?>>&nbsp;<?php _e('Block user accounts creation', 'ninjafirewall') ?></label></p>
392
+ <span class="description"><?php _e('Do not enable this policy if you allow user registration.', 'ninjafirewall') ?></span>
393
+ </td>
394
+ </tr>
395
+
396
+ <tr>
397
+ <th scope="row"><?php _e('Protect against username enumeration', 'ninjafirewall') ?></th>
398
+ <td width="20">&nbsp;</td>
399
+ <td>
400
+ <p><label><input type="checkbox" name="nfw_options[enum_archives]" value="1"<?php checked( $enum_archives, 1 ) ?>>&nbsp;<?php _e('Through the author archives', 'ninjafirewall') ?></label></p>
401
+ <p><label><input type="checkbox" name="nfw_options[enum_login]" value="1"<?php checked( $enum_login, 1 ) ?>>&nbsp;<?php _e('Through the login page', 'ninjafirewall') ?></label></p>
402
+ <p><label><input type="checkbox" name="nfw_options[enum_restapi]" value="1"<?php checked( $enum_restapi, 1 ) ?>>&nbsp;<?php _e('Through the WordPress REST API', 'ninjafirewall') ?></label></p>
403
+ </td>
404
+ </tr>
405
+
406
+ <?php
407
+ global $wp_version;
408
+ if ( version_compare( $wp_version, '4.7', '<' ) ) {
409
+ $restapi_error = '1';
410
+ $restapi_msg = '<p><img src="' . plugins_url() . '/ninjafirewall/images/glyphicons-warning.png">&nbsp;<span class="description">' . __('This feature is only available when running WordPress 4.7 or above.', 'ninjafirewall') . '</span></p>';
411
+ } else {
412
+ $restapi_msg = '';
413
+ $restapi_error = 0;
414
+ }
 
415
  ?>
416
+ <tr>
417
+ <th scope="row"><?php _e('WordPress REST API', 'ninjafirewall') ?>*</th>
418
+ <td width="20">&nbsp;</td>
419
+ <td>
420
+ <p><label><input type="checkbox" name="nfw_options[no_restapi]" value="1"<?php checked( $no_restapi, 1 );disabled( $restapi_error, 1) ?>>&nbsp;<?php _e('Block any access to the API', 'ninjafirewall') ?></label></p>
421
+ <?php echo $restapi_msg; ?>
422
+ </td>
423
+ </tr>
424
+ <tr>
425
+ <th scope="row"><?php _e('WordPress XML-RPC API', 'ninjafirewall') ?>*</th>
426
+ <td width="20">&nbsp;</td>
427
+ <td>
428
+ <p><label><input type="checkbox" name="nfw_options[no_xmlrpc]" value="1"<?php checked( $no_xmlrpc, 1 ) ?>>&nbsp;<?php _e('Block any access to the API', 'ninjafirewall') ?></label></p>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
429
 
430
+ <p><label><input type="checkbox" name="nfw_options[no_xmlrpc_multi]" value="1"<?php checked( $no_xmlrpc_multi, 1 ) ?>>&nbsp;<?php _e('Block <code>system.multicall</code> method', 'ninjafirewall') ?></label></p>
431
+
432
+ <p><label><input type="checkbox" name="nfw_options[no_xmlrpc_pingback]" value="1"<?php checked( $no_xmlrpc_pingback, 1 ) ?>>&nbsp;<?php _e('Block Pingbacks', 'ninjafirewall') ?></label></p>
433
+
434
+ <?php echo $is_JetPack; echo $is_CF7; ?>
435
+ </td>
436
+ </tr>
437
+ </table>
438
+
439
+ <span class="description">*<?php _e('Disabling access to the REST or XML-RPC API may break some functionality on your blog, its themes or plugins.', 'ninjafirewall') ?></span>
440
+
441
+ <table class="form-table">
442
+ <tr valign="top">
443
+ <th scope="row" style="vertical-align:top"><?php _e('Block <code>POST</code> requests in the themes folder', 'ninjafirewall') ?> <code>/<?php echo basename(WP_CONTENT_DIR); ?>/themes</code></th>
444
+ <td width="20">&nbsp;</td>
445
+ <td width="120" style="vertical-align:top">
446
+ <label><input type="radio" name="nfw_options[no_post_themes]" value="1"<?php checked( $no_post_themes, 1 ); disabled( $option_disabled, 1) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
447
+ </td>
448
+ <td style="vertical-align:top">
449
+ <label><input type="radio" name="nfw_options[no_post_themes]" value="0"<?php checked( $no_post_themes, 0 ); disabled( $option_disabled, 1) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label>
450
+ <?php
451
+ if ( defined('NFW_WPWAF') ) {
452
+ echo '<br />'. $full_waf_msg;
453
+ }
454
+ ?>
455
+ </td>
456
+ </tr>
457
+ <tr valign="top">
458
+ <th scope="row"><a name="builtinconstants"></a><?php _e('Force SSL for admin and logins', 'ninjafirewall') ?> <code><a href="http://codex.wordpress.org/Editing_wp-config.php#Require_SSL_for_Admin_and_Logins" target="_blank">FORCE_SSL_ADMIN</a></code></th>
459
+ <td width="20">&nbsp;</td>
460
+ <td width="120">
461
+ <label><input type="radio" name="nfw_options[force_ssl]" value="1"<?php checked( $force_ssl, 1 ) ?> onclick="return ssl_warn();" <?php disabled( $force_ssl_already_enabled, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
462
+ </td>
463
+ <td>
464
+ <label><input type="radio" id="ssl_0" name="nfw_options[force_ssl]" value="0"<?php checked( $force_ssl, 0 ) ?> <?php disabled( $force_ssl_already_enabled, 1 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label>
465
+ </td>
466
+ </tr>
467
+ <tr valign="top">
468
+ <th scope="row"><?php _e('Disable the plugin and theme editor', 'ninjafirewall') ?> <code><a href="http://codex.wordpress.org/Editing_wp-config.php#Disable_the_Plugin_and_Theme_Editor" target="_blank">DISALLOW_FILE_EDIT</a></code></th>
469
+ <td width="20">&nbsp;</td>
470
+ <td width="120">
471
+ <label><input type="radio" name="nfw_options[disallow_edit]" value="1"<?php checked( $disallow_edit, 1 ) ?> <?php disabled( $disallow_edit_already_enabled, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
472
+ </td>
473
+ <td>
474
+ <label><input type="radio" name="nfw_options[disallow_edit]" value="0"<?php checked( $disallow_edit, 0 ) ?> <?php disabled( $disallow_edit_already_enabled, 1 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label>
475
+ </td>
476
+ </tr>
477
+ <tr valign="top">
478
+ <th scope="row"><?php _e('Disable plugin and theme update/installation', 'ninjafirewall') ?> <code><a href="http://codex.wordpress.org/Editing_wp-config.php#Disable_Plugin_and_Theme_Update_and_Installation" target="_blank">DISALLOW_FILE_MODS</a></code></th>
479
+ <td width="20">&nbsp;</td>
480
+ <td width="120">
481
+ <label><input type="radio" name="nfw_options[disallow_mods]" value="1"<?php checked( $disallow_mods, 1 ) ?> <?php disabled( $disallow_mods_already_enabled, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
482
+ </td>
483
+ <td>
484
+ <label><input type="radio" name="nfw_options[disallow_mods]" value="0"<?php checked( $disallow_mods, 0 ) ?> <?php disabled( $disallow_mods_already_enabled, 1 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label>
485
+ </td>
486
+ </tr>
487
+ <tr valign="top">
488
+ <th scope="row"><?php _e('Disable the fatal error handler', 'ninjafirewall') ?> <code><a href="https://make.wordpress.org/core/2019/01/14/php-site-health-mechanisms-in-5-1/" target="_blank">WP_Fatal_Error_Handler</a></code></th>
489
+ <td width="20">&nbsp;</td>
490
+ <td width="120">
491
+ <label><input type="radio" name="nfw_options[disable_error_handler]" value="1"<?php checked( $disable_error_handler, 1 ) ?> <?php disabled( $disable_error_handler_already_enabled, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
492
+ </td>
493
+ <td>
494
+ <label><input type="radio" name="nfw_options[disable_error_handler]" value="0"<?php checked( $disable_error_handler, 0 ) ?> <?php disabled( $disable_error_handler_already_enabled, 1 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label>
495
+ </td>
496
+ </tr>
497
+
498
+ </table>
499
+ <a name="donotblockadmin"></a>
500
+ <br />
501
+ <br />
502
+
503
+ <?php
504
+ if ( empty( $nfw_options['wl_admin']) ) {
505
+ $wl_admin = 0;
506
+ } elseif ( $nfw_options['wl_admin'] == 2 ) {
507
+ $wl_admin = 2;
508
+ } else {
509
+ $wl_admin = 1;
510
+ }
511
+ ?>
512
+ <table class="form-table">
513
+ <tr style="background-color:#F9F9F9;border: solid 1px #DFDFDF;">
514
+ <th scope="row"><?php _e('Users Whitelist', 'ninjafirewall') ?></th>
515
+ <td width="20">&nbsp;</td>
516
+ <td>
517
+ <p><label><input type="radio" name="nfw_options[wl_admin]" value="1"<?php checked( $wl_admin, 1 ) ?>>&nbsp;<?php _e('Add the Administrator to the whitelist (default).', 'ninjafirewall') ?></label></p>
518
+ <p><label><input type="radio" name="nfw_options[wl_admin]" value="2"<?php checked( $wl_admin, 2 ) ?>>&nbsp;<?php _e('Add all logged in users to the whitelist.', 'ninjafirewall') ?></label></p>
519
+ <p><label><input type="radio" name="nfw_options[wl_admin]" value="0"<?php checked( $wl_admin, 0 ) ?>>&nbsp;<?php _e('Disable users whitelist.', 'ninjafirewall') ?></label></p>
520
+ <p><span class="description"><?php _e('Note: This feature does not apply to <code>FORCE_SSL_ADMIN</code>, <code>DISALLOW_FILE_EDIT</code>, <code>DISALLOW_FILE_MODS</code> and <code>WP_DISABLE_FATAL_ERROR_HANDLER</code> options which, if enabled, are always enforced.', 'ninjafirewall') ?></span></p>
521
+ </td>
522
+ </tr>
523
+ </table>
524
 
525
  </div>
526
 
530
  // Intermediate options:
531
  ?>
532
  <div id="intermediate-options" style="display:none">
533
+ <?php
534
+ if ( empty( $nfw_options['get_scan']) ) {
535
+ $get_scan = 0;
536
+ } else {
537
+ $get_scan = 1;
538
+ }
539
+ if ( empty( $nfw_options['get_sanitise']) ) {
540
+ $get_sanitise = 0;
541
+ } else {
542
+ $get_sanitise = 1;
543
+ }
544
+ ?>
545
+ <h3><?php _e('HTTP GET variable', 'ninjafirewall') ?></h3>
546
+ <table class="form-table">
547
+ <tr>
548
+ <th scope="row"><?php _e('Scan <code>GET</code> variable', 'ninjafirewall') ?></th>
549
+ <td width="20">&nbsp;</td>
550
+ <td width="120">
551
+ <label><input type="radio" name="nfw_options[get_scan]" value="1"<?php checked( $get_scan, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
552
+ </td>
553
+ <td>
554
+ <label><input type="radio" name="nfw_options[get_scan]" value="0"<?php checked( $get_scan, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
555
+ </td>
556
+ </tr>
557
+ <tr>
558
+ <th scope="row"><?php _e('Sanitise <code>GET</code> variable', 'ninjafirewall') ?></th>
559
+ <td width="20">&nbsp;</td>
560
+ <td width="120">
561
+ <label><input type="radio" name="nfw_options[get_sanitise]" value="1"<?php checked( $get_sanitise, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
562
+ </td>
563
+ <td>
564
+ <label><input type="radio" name="nfw_options[get_sanitise]" value="0"<?php checked( $get_sanitise, 0 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label>
565
+ </td>
566
+ </tr>
567
+ </table>
 
 
568
 
569
+ <br /><br />
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
570
 
571
+ <?php
572
+ if ( empty( $nfw_options['post_scan']) ) {
573
+ $post_scan = 0;
574
+ } else {
575
+ $post_scan = 1;
576
+ }
577
+ if ( empty( $nfw_options['post_sanitise']) ) {
578
+ $post_sanitise = 0;
579
+ } else {
580
+ $post_sanitise = 1;
581
+ }
582
+ if ( empty( $nfw_options['post_b64']) ) {
583
+ $post_b64 = 0;
584
+ } else {
585
+ $post_b64 = 1;
586
+ }
587
+ ?>
588
+ <h3><?php _e('HTTP POST variable', 'ninjafirewall') ?></h3>
589
+ <table class="form-table">
590
+ <tr valign="top">
591
+ <th scope="row"><?php _e('Scan <code>POST</code> variable', 'ninjafirewall') ?></th>
592
+ <td width="20">&nbsp;</td>
593
+ <td width="120">
594
+ <label><input type="radio" name="nfw_options[post_scan]" value="1"<?php checked( $post_scan, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
595
+ </td>
596
+ <td>
597
+ <label><input type="radio" name="nfw_options[post_scan]" value="0"<?php checked( $post_scan, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
598
+ </td>
599
+ </tr>
600
+ <tr valign="top">
601
+ <th scope="row"><?php _e('Sanitise <code>POST</code> variable', 'ninjafirewall') ?></th>
602
+ <td width="20">&nbsp;</td>
603
+ <td width="120" style="vertical-align:top;">
604
+ <label><input type="radio" name="nfw_options[post_sanitise]" value="1"<?php checked( $post_sanitise, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
605
+ </td>
606
+ <td>
607
+ <label><input type="radio" name="nfw_options[post_sanitise]" value="0"<?php checked( $post_sanitise, 0 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label><br /><span class="description">&nbsp;<?php _e('Do not enable this option unless you know what you are doing!', 'ninjafirewall') ?></span>
608
+ </td>
609
+ </tr>
610
+ <tr valign="top">
611
+ <th scope="row"><?php _e('Decode Base64-encoded <code>POST</code> variable', 'ninjafirewall') ?></th>
612
+ <td width="20">&nbsp;</td>
613
+ <td width="120">
614
+ <label><input type="radio" name="nfw_options[post_b64]" value="1"<?php checked( $post_b64, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
615
+ </td>
616
+ <td>
617
+ <label><input type="radio" name="nfw_options[post_b64]" value="0"<?php checked( $post_b64, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
618
+ </td>
619
+ </tr>
620
+ </table>
621
+ <br /><br />
622
 
623
+ <?php
624
+ if ( empty( $nfw_options['request_sanitise']) ) {
625
+ $request_sanitise = 0;
626
+ } else {
627
+ $request_sanitise = 1;
628
+ }
629
+ ?>
630
+ <h3><?php _e('HTTP REQUEST variable', 'ninjafirewall') ?></h3>
631
+ <table class="form-table">
632
+ <tr>
633
+ <th scope="row"><?php _e('Sanitise <code>REQUEST</code> variable', 'ninjafirewall') ?></th>
634
+ <td width="20">&nbsp;</td>
635
+ <td width="120" style="vertical-align:top;">
636
+ <label><input type="radio" name="nfw_options[request_sanitise]" value="1"<?php checked( $request_sanitise, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
637
+ </td>
638
+ <td>
639
+ <label><input type="radio" name="nfw_options[request_sanitise]" value="0"<?php checked( $request_sanitise, 0 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label><br /><span class="description">&nbsp;<?php _e('Do not enable this option unless you know what you are doing!', 'ninjafirewall') ?></span>
640
+ </td>
641
+ </tr>
642
+ </table>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
643
 
644
+ <br /><br />
 
 
 
 
 
 
 
 
 
 
645
 
646
+ <?php
647
+ if ( empty( $nfw_options['cookies_scan']) ) {
648
+ $cookies_scan = 0;
649
+ } else {
650
+ $cookies_scan = 1;
651
+ }
652
+ if ( empty( $nfw_options['cookies_sanitise']) ) {
653
+ $cookies_sanitise = 0;
654
+ } else {
655
+ $cookies_sanitise = 1;
656
+ }
657
+ ?>
658
+ <h3><?php _e('Cookies', 'ninjafirewall') ?></h3>
659
+ <table class="form-table">
660
+ <tr>
661
+ <th scope="row"><?php _e('Scan cookies', 'ninjafirewall') ?></th>
662
+ <td width="20">&nbsp;</td>
663
+ <td width="120">
664
+ <label><input type="radio" name="nfw_options[cookies_scan]" value="1"<?php checked( $cookies_scan, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
665
+ </td>
666
+ <td>
667
+ <label><input type="radio" name="nfw_options[cookies_scan]" value="0"<?php checked( $cookies_scan, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
668
+ </td>
669
+ </tr>
670
+ <tr>
671
+ <th scope="row"><?php _e('Sanitise cookies', 'ninjafirewall') ?></th>
672
+ <td width="20">&nbsp;</td>
673
+ <td width="120">
674
+ <label><input type="radio" name="nfw_options[cookies_sanitise]" value="1"<?php checked( $cookies_sanitise, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
675
+ </td>
676
+ <td>
677
+ <label><input type="radio" name="nfw_options[cookies_sanitise]" value="0"<?php checked( $cookies_sanitise, 0 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label>
678
+ </td>
679
+ </tr>
680
+ </table>
681
 
682
+ <br /><br />
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
683
 
684
+ <?php
685
+ if ( empty( $nfw_options['ua_scan']) ) {
686
+ $ua_scan = 0;
687
+ } else {
688
+ $ua_scan = 1;
689
+ }
690
+ if ( empty( $nfw_options['ua_sanitise']) ) {
691
+ $ua_sanitise = 0;
692
+ } else {
693
+ $ua_sanitise = 1;
694
+ }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
695
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
696
 
697
+ if ( empty( $nfw_rules[NFW_SCAN_BOTS]['ena']) ) {
698
+ $block_bots = 0;
699
+ } else {
700
+ $block_bots = 1;
701
+ }
702
+ ?>
703
+ <h3><?php _e('HTTP_USER_AGENT server variable', 'ninjafirewall') ?></h3>
704
+ <table class="form-table">
705
+ <tr>
706
+ <th scope="row"><?php _e('Scan <code>HTTP_USER_AGENT</code>', 'ninjafirewall') ?></th>
707
+ <td width="20">&nbsp;</td>
708
+ <td width="120">
709
+ <label><input type="radio" name="nfw_options[ua_scan]" value="1"<?php checked( $ua_scan, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
710
+ </td>
711
+ <td>
712
+ <label><input type="radio" name="nfw_options[ua_scan]" value="0"<?php checked( $ua_scan, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
713
+ </td>
714
+ </tr>
715
+ <tr>
716
+ <th scope="row"><?php _e('Sanitise <code>HTTP_USER_AGENT</code>', 'ninjafirewall') ?></th>
717
+ <td width="20">&nbsp;</td>
718
+ <td width="120">
719
+ <label><input type="radio" name="nfw_options[ua_sanitise]" value="1"<?php checked( $ua_sanitise, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
720
+ </td>
721
+ <td>
722
+ <label><input type="radio" name="nfw_options[ua_sanitise]" value="0"<?php checked( $ua_sanitise, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
723
+ </td>
724
+ </tr>
725
+ <tr>
726
+ <th scope="row"><?php _e('Block suspicious bots/scanners', 'ninjafirewall') ?></th>
727
+ <td width="20">&nbsp;</td>
728
+ <td width="120">
729
+ <label><input type="radio" name="nfw_rules[block_bots]" value="1"<?php checked( $block_bots, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
730
+ </td>
731
+ <td>
732
+ <label><input type="radio" name="nfw_rules[block_bots]" value="0"<?php checked( $block_bots, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
733
+ </td>
734
+ </tr>
735
+ </table>
736
 
737
+ <br /><br />
 
 
 
 
738
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
739
  <?php
740
+ if ( empty( $nfw_options['referer_scan']) ) {
741
+ $referer_scan = 0;
742
+ } else {
743
+ $referer_scan = 1;
744
+ }
745
+ if ( empty( $nfw_options['referer_sanitise']) ) {
746
+ $referer_sanitise = 0;
747
  } else {
748
+ $referer_sanitise = 1;
749
+ }
750
+ if ( empty( $nfw_options['referer_post']) ) {
751
+ $referer_post = 0;
752
+ } else {
753
+ $referer_post = 1;
754
  }
755
  ?>
756
+ <h3><?php _e('HTTP_REFERER server variable', 'ninjafirewall') ?></h3>
757
+ <table class="form-table">
758
+ <tr>
759
+ <th scope="row"><?php _e('Scan <code>HTTP_REFERER</code>', 'ninjafirewall') ?></th>
760
+ <td width="20">&nbsp;</td>
761
+ <td width="120">
762
+ <label><input type="radio" name="nfw_options[referer_scan]" value="1"<?php checked( $referer_scan, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
763
+ </td>
764
+ <td>
765
+ <label><input type="radio" name="nfw_options[referer_scan]" value="0"<?php checked( $referer_scan, 0 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label>
766
+ </td>
767
+ </tr>
768
+ <tr>
769
+ <th scope="row"><?php _e('Sanitise <code>HTTP_REFERER</code>', 'ninjafirewall') ?></th>
770
+ <td width="20">&nbsp;</td>
771
+ <td width="120">
772
+ <label><input type="radio" name="nfw_options[referer_sanitise]" value="1"<?php checked( $referer_sanitise, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
773
+ </td>
774
+ <td>
775
+ <label><input type="radio" name="nfw_options[referer_sanitise]" value="0"<?php checked( $referer_sanitise, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
776
+ </td>
777
+ </tr>
778
+ <tr valign="top">
779
+ <th scope="row"><?php _e('Block <code>POST</code> requests that do not have an <code>HTTP_REFERER</code> header', 'ninjafirewall') ?></th>
780
+ <td width="20">&nbsp;</td>
781
+ <td width="120" style="vertical-align:top;">
782
+ <label><input type="radio" name="nfw_options[referer_post]" value="1"<?php checked( $referer_post, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
783
+ </td>
784
+ <td style="vertical-align:top;">
785
+ <label><input type="radio" name="nfw_options[referer_post]" value="0"<?php checked( $referer_post, 0 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label><br /><span class="description">&nbsp;<?php _e('Keep this option disabled if you are using scripts like Paypal IPN, WordPress WP-Cron etc', 'ninjafirewall') ?>.</span>
786
+ </td>
787
+ </tr>
788
+ </table>
789
 
790
+ <br /><br />
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
791
 
792
  <?php
793
+ if ( empty( $nfw_rules[NFW_LOOPBACK]['ena']) ) {
794
+ $no_localhost_ip = 0;
795
+ } else {
796
+ $no_localhost_ip = 1;
797
  }
798
+ if ( empty( $nfw_options['no_host_ip']) ) {
799
+ $no_host_ip = 0;
800
  } else {
801
+ $no_host_ip = 1;
802
+ }
803
+ if ( empty( $nfw_options['allow_local_ip']) ) {
804
+ $allow_local_ip = 0;
805
+ } else {
806
+ $allow_local_ip = 1;
807
  }
808
  ?>
809
+ <h3>IP</h3>
810
+ <table class="form-table" border=0>
811
+ <tr>
812
+ <th scope="row"><?php _e('Block localhost IP in <code>GET/POST</code> request', 'ninjafirewall') ?></th>
813
+ <td width="20">&nbsp;</td>
814
+ <td width="120" style="vertical-align:top">
815
+ <label><input type="radio" name="nfw_rules[no_localhost_ip]" value="1"<?php checked( $no_localhost_ip, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
816
+ </td>
817
+ <td style="vertical-align:top">
818
+ <label><input type="radio" name="nfw_rules[no_localhost_ip]" value="0"<?php checked( $no_localhost_ip, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
819
+ </td>
820
+ </tr>
821
+ <tr>
822
+ <th scope="row"><?php _e('Block HTTP requests with an IP in the <code>HTTP_HOST</code> header', 'ninjafirewall') ?></th>
823
+ <td width="20">&nbsp;</td>
824
+ <td width="120" style="vertical-align:top">
825
+ <label><input type="radio" name="nfw_options[no_host_ip]" value="1"<?php checked( $no_host_ip, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
826
+ </td>
827
+ <td style="vertical-align:top">
828
+ <label><input type="radio" name="nfw_options[no_host_ip]" value="0"<?php checked( $no_host_ip, 0 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label>
829
+ </td>
830
+ </tr>
831
+ <tr>
832
+ <th scope="row"><?php _e('Scan traffic coming from localhost and private IP address spaces', 'ninjafirewall') ?></th>
833
+ <td width="20">&nbsp;</td>
834
+ <td width="120" style="vertical-align:top">
835
+ <label><input type="radio" name="nfw_options[allow_local_ip]" value="0"<?php checked( $allow_local_ip, 0 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
836
+ </td>
837
+ <td style="vertical-align:top">
838
+ <label><input type="radio" name="nfw_options[allow_local_ip]" value="1"<?php checked( $allow_local_ip, 1 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
839
+ </td>
840
+ </tr>
841
+ </table>
842
+
843
+ </div>
844
 
845
  <?php
846
+ // ==========================================================================
847
+ // Advanced options:
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
848
  ?>
849
+ <div id="advanced-options" style="display:none">
 
 
 
 
 
 
 
 
 
 
 
850
 
851
  <?php
852
+ $err_msg = $err = '';
853
+ $err_img = '<p><span class="description"><img src="' . plugins_url() . '/ninjafirewall/images/glyphicons-warning.png">&nbsp;';
854
+ $msg = __('This option is disabled because the %s PHP function is not available on your server.', 'ninjafirewall');
855
+ if (! function_exists('header_register_callback') ) {
856
+ $err_msg = $err_img . sprintf($msg, '<code>header_register_callback()</code>') . '</span></p>';
857
+ $err = 1;
858
+ } elseif (! function_exists('headers_list') ) {
859
+ $err_msg = $err_img . sprintf($msg, '<code>headers_list()</code>') . '</span></p>';
860
+ $err = 1;
861
+ } elseif (! function_exists('header_remove') ) {
862
+ $err_msg = $err_img . sprintf($msg, '<code>header_remove()</code>') . '</span></p>';
863
+ $err = 1;
864
+ }
865
+ if ( empty($nfw_options['response_headers']) || ! preg_match( '/^\d+$/', $nfw_options['response_headers'] ) || $err_msg ) {
866
+ $nfw_options['response_headers'] = '000000000';
867
+ }
868
+ ?>
869
+ <h3><?php _e('HTTP response headers', 'ninjafirewall') ?></h3>
870
+ <table class="form-table">
871
+ <tr>
872
+ <th scope="row"><?php printf( __('Set %s to protect against MIME type confusion attacks', 'ninjafirewall'), '<a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">X-Content-Type-Options</a>') ?></th>
873
+ <td width="20">&nbsp;</td>
874
+ <td width="120">
875
+ <label><input type="radio" name="nfw_options[x_content_type_options]" value="1"<?php checked( $nfw_options['response_headers'][1], 1 ); disabled($err, 1); ?>><?php echo $yes; ?></label>
876
+ </td>
877
+ <td>
878
+ <label><input type="radio" name="nfw_options[x_content_type_options]" value="0"<?php checked( $nfw_options['response_headers'][1], 0 ); disabled($err, 1); ?>><?php echo $no . $default; ?></label><?php echo $err_msg ?>
879
+ </td>
880
+ </tr>
881
+ <tr>
882
+ <th scope="row"><?php printf( __('Set %s to protect against clickjacking attempts', 'ninjafirewall'), '<a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">X-Frame-Options</a>') ?></th>
883
+ <td width="20">&nbsp;</td>
884
+ <td width="120" style="vertical-align:top;">
885
+ <p><label><input type="radio" name="nfw_options[x_frame_options]" value="1"<?php checked( $nfw_options['response_headers'][2], 1 ); disabled($err, 1); ?>><code>SAMEORIGIN</code></label></p>
886
+ <p><label><input type="radio" name="nfw_options[x_frame_options]" value="2"<?php checked( $nfw_options['response_headers'][2], 2 ); disabled($err, 1); ?>><code>DENY</code></label></p>
887
+ </td>
888
+ <td style="vertical-align:top;"><p><label><input type="radio" name="nfw_options[x_frame_options]" value="0"<?php checked( $nfw_options['response_headers'][2], 0 ); disabled($err, 1); ?>><?php echo $no . $default; ?></label><?php echo $err_msg ?></p></td>
889
+ </tr>
890
+ <tr>
891
+ <th scope="row"><?php printf( __("Set %s (IE/Edge, Chrome, Opera and Safari browsers)", 'ninjafirewall'), '<a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">X-XSS-Protection</a>') ?></th>
892
+ <td width="20"></td>
893
+
894
+ <td width="120">
895
+ <p><label><input type="radio" name="nfw_options[x_xss_protection]" value="0"<?php checked( $nfw_options['response_headers'][3], 0 ); disabled($err, 1); ?> /><?php printf( __("Set to %s", "ninjafirewall"), '<code>0</code>' ) ?></label></p>
896
+ <p><label><input type="radio" name="nfw_options[x_xss_protection]" value="2"<?php checked( $nfw_options['response_headers'][3], 2 ); disabled($err, 1); ?> /><?php printf( __("Set to %s", "ninjafirewall"), '<code>1</code>' ) ?></label></p>
897
+ </td>
898
+ <td>
899
+ <p><label><input type="radio" name="nfw_options[x_xss_protection]" value="1"<?php checked( $nfw_options['response_headers'][3], 1 ); disabled($err, 1); ?> /><?php printf( __("Set to %s", "ninjafirewall"), '<code>1; mode=block</code>' ); ?></label></p>
900
+ <p><label><input type="radio" name="nfw_options[x_xss_protection]" value="3"<?php checked( $nfw_options['response_headers'][3], 3 ); disabled($err, 1); ?> /><?php _e('No', 'ninjafirewall'); echo $default; ?></label></p>
901
+ </td>
902
+ </tr>
903
+ <tr>
904
+ <th scope="row"><?php printf( __('Force %s flag on all cookies to mitigate XSS attacks', 'ninjafirewall'), '<a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">HttpOnly</a>') ?></th>
905
+ <td width="20">&nbsp;</td>
906
+ <td width="120" style="vertical-align:top;">
907
+ <label><input type="radio" name="nfw_options[cookies_httponly]" value="1"<?php checked( $nfw_options['response_headers'][0], 1 ); disabled($err, 1); ?> >&nbsp;<?php echo $yes ?></label>
908
+ </td>
909
+ <td style="vertical-align:top;">
910
+ <label><input type="radio" name="nfw_options[cookies_httponly]" value="0"<?php checked( $nfw_options['response_headers'][0], 0 ); disabled($err, 1); ?>>&nbsp;<?php echo $no . $default; ?></label><br /><span class="description"><?php _e('If your PHP scripts use cookies that need to be accessed from JavaScript, you should disable this option.', 'ninjafirewall') ?></span><?php echo $err_msg ?>
911
+ </td>
912
+ </tr>
913
+ <?php
914
+ if ($_SERVER['SERVER_PORT'] != 443 && ! $err && (! isset( $_SERVER['HTTP_X_FORWARDED_PROTO']) || $_SERVER['HTTP_X_FORWARDED_PROTO'] != 'https') ) {
915
+ $hsts_err = 1;
916
+ $hsts_msg = '<br /><img src="' . plugins_url() . '/ninjafirewall/images/glyphicons-warning.png">&nbsp;<span class="description">' . __('HSTS headers can only be set when you are accessing your site over HTTPS.', 'ninjafirewall') . '</span>';
917
  } else {
918
+ $hsts_msg = '';
919
+ $hsts_err = 0;
920
  }
921
+ ?>
922
+ <tr>
923
+ <th scope="row"><?php printf( __('Set %s (HSTS) to enforce secure connections to the server', 'ninjafirewall'), '<a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">Strict-Transport-Security</a>') ?></th>
924
+ <td width="20">&nbsp;</td>
925
+ <td width="120" style="vertical-align:top;">
926
+ <p><label><input type="radio" name="nfw_options[strict_transport]" value="1"<?php checked( $nfw_options['response_headers'][4], 1 ); disabled($hsts_err, 1); ?>><?php _e('1 month', 'ninjafirewall') ?></label></p>
927
+ <p><label><input type="radio" name="nfw_options[strict_transport]" value="2"<?php checked( $nfw_options['response_headers'][4], 2 ); disabled($hsts_err, 1); ?>><?php _e('6 months', 'ninjafirewall') ?></label></p>
928
+ <p><label><input type="radio" name="nfw_options[strict_transport]" value="3"<?php checked( $nfw_options['response_headers'][4], 3 ); disabled($hsts_err, 1); ?>><?php _e('1 year', 'ninjafirewall') ?></label></p>
929
+ <br />
930
+ <label><input type="checkbox" name="nfw_options[strict_transport_sub]" value="1"<?php checked( $nfw_options['response_headers'][5], 1 ); disabled($hsts_err, 1); ?>><?php _e('Apply to subdomains', 'ninjafirewall') ?></label>
931
+ </td>
932
+ <td style="vertical-align:top;">
933
+ <p><label><input type="radio" name="nfw_options[strict_transport]" value="0"<?php checked( $nfw_options['response_headers'][4], 0 ); disabled($hsts_err, 1); ?>><?php echo $no . $default; ?></label></p>
934
+ <p><label><input type="radio" name="nfw_options[strict_transport]" value="4"<?php checked( $nfw_options['response_headers'][4], 4 ); disabled($hsts_err, 1); ?>><?php _e('Set <code>max-age</code> to 0', 'ninjafirewall'); ?></label><?php echo $err_msg ?></p>
935
+ <?php echo $hsts_msg; ?>
936
+ </td>
937
+ </tr>
938
+
939
+ <?php
940
+ if (! isset( $nfw_options['csp_frontend_data'] ) ) {
941
+ $nfw_options['csp_frontend_data'] = '';
942
+ }
943
+ if (! isset( $nfw_options['csp_backend_data'] ) ) {
944
+ $nfw_options['csp_backend_data'] = nf_sub_policies_csp();
945
+ }
946
+ if (! isset( $nfw_options['response_headers'][6] ) ) {
947
+ $nfw_options['response_headers'][6] = 0;
948
+ }
949
+ if (! isset( $nfw_options['response_headers'][7] ) ) {
950
+ $nfw_options['response_headers'][7] = 0;
951
+ }
952
+ ?>
953
+ <tr>
954
+ <th scope="row"><?php printf( __('Set %s for the website frontend', 'ninjafirewall'), '<a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">Content-Security-Policy</a>') ?></th>
955
+ <td width="20">&nbsp;</td>
956
+ <td width="120" style="vertical-align:top;">
957
+ <p><label><input type="radio" onclick="csp_onoff(1, 'csp_frontend')" name="nfw_options[csp_frontend]" value="1"<?php checked( $nfw_options['response_headers'][6], 1 ); disabled($err, 1); ?>><?php _e('Yes', 'ninjafirewall') ?></label></p>
958
+ <p><label><input type="radio" onclick="csp_onoff(0, 'csp_frontend')" name="nfw_options[csp_frontend]" value="0"<?php checked( $nfw_options['response_headers'][6], 0 ); disabled($err, 1); ?>><?php _e('No (default)', 'ninjafirewall') ?></label></p>
959
+ </td>
960
+ <td style="vertical-align:top;">
961
+ <textarea autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" name="nfw_options[csp_frontend_data]" id="csp_frontend" class="large-text code" rows="4"<?php __checked_selected_helper($err, 1, true, 'readonly'); __checked_selected_helper($nfw_options['response_headers'][6], 0, true, 'readonly') ?>><?php echo htmlspecialchars( $nfw_options['csp_frontend_data'] ) ?></textarea>
962
+ <span class="description"><?php _e('This CSP header will apply to the website frontend only.', 'ninjafirewall') ?></span>
963
+ <?php echo $err_msg ?>
964
+ </td>
965
+ </tr>
966
+
967
+ <tr>
968
+ <th scope="row"><?php printf( __('Set %s for the WordPress admin dashboard', 'ninjafirewall'), '<a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">Content-Security-Policy</a>') ?></th>
969
+ <td width="20">&nbsp;</td>
970
+ <td width="120" style="vertical-align:top;">
971
+ <p><label><input type="radio" onclick="csp_onoff(1, 'csp_backend')" name="nfw_options[csp_backend]" value="1"<?php checked( $nfw_options['response_headers'][7], 1 ); disabled($err, 1); ?>><?php _e('Yes', 'ninjafirewall') ?></label></p>
972
+ <p><label><input type="radio" onclick="csp_onoff(0, 'csp_backend')" name="nfw_options[csp_backend]" value="0"<?php checked( $nfw_options['response_headers'][7], 0 ); disabled($err, 1); ?>><?php _e('No (default)', 'ninjafirewall') ?></label></p>
973
+ </td>
974
+ <td style="vertical-align:top;">
975
+ <textarea autocomplete="off" autocorrect="off" autocapitalize="off" spellcheck="false" name="nfw_options[csp_backend_data]" id="csp_backend" class="large-text code" rows="4"<?php __checked_selected_helper($err, 1, true, 'readonly'); __checked_selected_helper($nfw_options['response_headers'][7], 0, true, 'readonly') ?>><?php echo htmlspecialchars( $nfw_options['csp_backend_data'] ) ?></textarea>
976
+ <span class="description"><?php _e('This CSP header will apply to the WordPress admin dashboard only.', 'ninjafirewall') ?></span>
977
+ <?php echo $err_msg ?>
978
+ </td>
979
+ </tr>
980
+
981
+ <?php
982
+ if (! isset( $nfw_options['response_headers'][8] ) ) {
983
+ $nfw_options['response_headers'][8] = 0;
984
  }
985
+ if ( empty( $nfw_options['referrer_policy_enabled'] ) ) {
986
+ $nfw_options['referrer_policy_enabled'] = 0;
987
  } else {
988
+ $nfw_options['referrer_policy_enabled'] = 1;
989
  }
990
+ ?>
991
+ <tr>
992
+ <th scope="row"><?php printf( __("Set %s (Chrome, Opera and Firefox browsers)", 'ninjafirewall'), '<a href="https://nintechnet.com/ninjafirewall/wp-edition/doc/#responseheaders" target="_blank">Referrer-Policy</a>') ?></th>
993
+ <td width="20"></td>
994
+ <td width="120" style="vertical-align:top;">
995
+
996
+ <p><label><input onclick="document.getElementById('rp_select').disabled=false" type="radio" name="nfw_options[referrer_policy_enabled]" value="1"<?php checked($nfw_options['referrer_policy_enabled'], 1) ?> /><?php _e('Yes', 'ninjafirewall') ?></label></p>
997
+ <p><label><input onclick="document.getElementById('rp_select').disabled=true" type="radio" name="nfw_options[referrer_policy_enabled]" value="0"<?php checked($nfw_options['referrer_policy_enabled'], 0) ?> /><?php _e('No (default)', 'ninjafirewall') ?></label></p>
998
+ </td>
999
+ <td style="vertical-align:top;">
1000
+ <select id="rp_select" name="nfw_options[referrer_policy]"<?php disabled($nfw_options['referrer_policy_enabled'], 0) ?>>
1001
+ <option value="1"<?php selected($nfw_options['response_headers'][8], 1) ?>>no-referrer</option>
1002
+ <option value="2"<?php selected($nfw_options['response_headers'][8], 2) ?>>no-referrer-when-downgrade</option>
1003
+ <option value="3"<?php selected($nfw_options['response_headers'][8], 3) ?>>origin</option>
1004
+ <option value="4"<?php selected($nfw_options['response_headers'][8], 4) ?>>origin-when-cross-origin</option>
1005
+ <option value="5"<?php selected($nfw_options['response_headers'][8], 5) ?>>strict-origin</option>
1006
+ <option value="6"<?php selected($nfw_options['response_headers'][8], 6) ?>>strict-origin-when-cross-origin</option>
1007
+ <option value="7"<?php selected($nfw_options['response_headers'][8], 7) ?>>same-origin</option>
1008
+ <option value="8"<?php selected($nfw_options['response_headers'][8], 8) ?>>unsafe-url</option>
1009
+ </select>
1010
+ </td>
1011
+ </tr>
1012
+ </table>
1013
+
1014
+ <br /><br />
1015
+
1016
+ <?php
1017
+ if ( empty( $nfw_rules[NFW_WRAPPERS]['ena']) ) {
1018
+ $php_wrappers = 0;
1019
  } else {
1020
+ $php_wrappers = 1;
1021
+ }
1022
+ if ( empty( $nfw_options['php_errors']) ) {
1023
+ $php_errors = 0;
1024
+ } else {
1025
+ $php_errors = 1;
1026
+ }
1027
+ if ( empty( $nfw_options['php_self']) ) {
1028
+ $php_self = 0;
1029
+ } else {
1030
+ $php_self = 1;
1031
+ }
1032
+ if ( empty( $nfw_options['php_path_t']) ) {
1033
+ $php_path_t = 0;
1034
+ } else {
1035
+ $php_path_t = 1;
1036
+ }
1037
+ if ( empty( $nfw_options['php_path_i']) ) {
1038
+ $php_path_i = 0;
1039
+ } else {
1040
+ $php_path_i = 1;
1041
  }
1042
  ?>
1043
+ <h3>PHP</h3>
1044
+ <table class="form-table">
1045
+ <tr>
1046
+ <th scope="row"><?php _e('Block PHP built-in wrappers in <code>GET</code>, <code>POST</code>, <code>HTTP_USER_AGENT</code>, <code>HTTP_REFERER</code> and cookies', 'ninjafirewall') ?></th>
1047
+ <td width="20">&nbsp;</td>
1048
+ <td width="120" style="vertical-align:top">
1049
+ <label><input type="radio" name="nfw_rules[php_wrappers]" value="1"<?php checked( $php_wrappers, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
1050
+ </td>
1051
+ <td style="vertical-align:top">
1052
+ <label><input type="radio" name="nfw_rules[php_wrappers]" value="0"<?php checked( $php_wrappers, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
1053
+ </td>
1054
+ </tr>
1055
+
1056
+ <?php
1057
+ if (! empty( $nfw_rules[NFW_OBJECTS]['ena'] ) ) {
1058
+ if ( strpos( $nfw_rules[NFW_OBJECTS]['cha'][1]['whe'], 'GET' ) !== FALSE) {
1059
+ $NFW_OBJECTS_GET = ' checked="checked"';
1060
+ } else {
1061
+ $NFW_OBJECTS_GET = '';
1062
+ }
1063
+ if ( strpos( $nfw_rules[NFW_OBJECTS]['cha'][1]['whe'], 'POST' ) !== FALSE) {
1064
+ $NFW_OBJECTS_POST = ' checked="checked"';
1065
+ } else {
1066
+ $NFW_OBJECTS_POST = '';
1067
+ }
1068
+ if ( strpos( $nfw_rules[NFW_OBJECTS]['cha'][1]['whe'], 'COOKIE' ) !== FALSE) {
1069
+ $NFW_OBJECTS_COOKIE = ' checked="checked"';
1070
+ } else {
1071
+ $NFW_OBJECTS_COOKIE = '';
1072
+ }
1073
+ if ( strpos( $nfw_rules[NFW_OBJECTS]['cha'][1]['whe'], 'HTTP_USER_AGENT' ) !== FALSE) {
1074
+ $NFW_OBJECTS_HTTP_USER_AGENT = ' checked="checked"';
1075
+ } else {
1076
+ $NFW_OBJECTS_HTTP_USER_AGENT = '';
1077
+ }
1078
+ if ( strpos( $nfw_rules[NFW_OBJECTS]['cha'][1]['whe'], 'HTTP_REFERER' ) !== FALSE) {
1079
+ $NFW_OBJECTS_HTTP_REFERER = ' checked="checked"';
1080
+ } else {
1081
+ $NFW_OBJECTS_HTTP_REFERER = '';
1082
+ }
1083
+ } else {
1084
+ $NFW_OBJECTS_GET = ''; $NFW_OBJECTS_POST = ''; $NFW_OBJECTS_COOKIE = '';
1085
+ $NFW_OBJECTS_HTTP_USER_AGENT = ''; $NFW_OBJECTS_HTTP_REFERER = '';
1086
+ }
1087
+ ?>
1088
+ <tr>
1089
+ <th scope="row"><?php _e('Block serialized PHP objects in the following global variables', 'ninjafirewall') ?></th>
1090
+ <td width="20">&nbsp;</td>
1091
+ <td width="120" style="vertical-align:top">
1092
+ <p><label><input type="checkbox" name="nfw_rules[php_objects_get]" value="1"<?php echo $NFW_OBJECTS_GET ?>><code>GET</code><?php echo $default ?></label><p>
1093
+ <p><label><input type="checkbox" name="nfw_rules[php_objects_post]" value="1"<?php echo $NFW_OBJECTS_POST ?>><code>POST</code><?php echo $default ?></label><p>
1094
+ <p><label><input type="checkbox" name="nfw_rules[php_objects_cookie]" value="1"<?php echo $NFW_OBJECTS_COOKIE ?>><code>COOKIE</code></label><p>
1095
+ </td>
1096
+ <td style="vertical-align:top">
1097
+ <p><label><input type="checkbox" name="nfw_rules[php_objects_http_user_agent]" value="1"<?php echo $NFW_OBJECTS_HTTP_USER_AGENT ?>><code>HTTP_USER_AGENT</code><?php echo $default ?></label><p>
1098
+ <p><label><input type="checkbox" name="nfw_rules[php_objects_http_referer]" value="1"<?php echo $NFW_OBJECTS_HTTP_REFERER ?>><code>HTTP_REFERER</code><?php echo $default ?></label><p>
1099
+ </td>
1100
+ </tr>
1101
+ <tr>
1102
+ <th scope="row"><?php _e('Hide PHP notice and error messages', 'ninjafirewall') ?></th>
1103
+ <td width="20">&nbsp;</td>
1104
+ <td width="120">
1105
+ <label><input type="radio" name="nfw_options[php_errors]" value="1"<?php checked( $php_errors, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
1106
+ </td>
1107
+ <td>
1108
+ <label><input type="radio" name="nfw_options[php_errors]" value="0"<?php checked( $php_errors, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
1109
+ </td>
1110
+ </tr>
1111
+ <tr>
1112
+ <th scope="row"><?php _e('Sanitise <code>PHP_SELF</code>', 'ninjafirewall') ?></th>
1113
+ <td width="20">&nbsp;</td>
1114
+ <td width="120">
1115
+ <label><input type="radio" name="nfw_options[php_self]" value="1"<?php checked( $php_self, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
1116
+ </td>
1117
+ <td>
1118
+ <label><input type="radio" name="nfw_options[php_self]" value="0"<?php checked( $php_self, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
1119
+ </td>
1120
+ </tr>
1121
+ <tr>
1122
+ <th scope="row"><?php _e('Sanitise <code>PATH_TRANSLATED</code>', 'ninjafirewall') ?></th>
1123
+ <td width="20">&nbsp;</td>
1124
+ <td width="120">
1125
+ <label><input type="radio" name="nfw_options[php_path_t]" value="1"<?php checked( $php_path_t, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
1126
+ </td>
1127
+ <td>
1128
+ <label><input type="radio" name="nfw_options[php_path_t]" value="0"<?php checked( $php_path_t, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
1129
+ </td>
1130
+ </tr>
1131
+ <tr>
1132
+ <th scope="row"><?php _e('Sanitise <code>PATH_INFO</code>', 'ninjafirewall') ?></th>
1133
+ <td width="20">&nbsp;</td>
1134
+ <td width="120">
1135
+ <label><input type="radio" name="nfw_options[php_path_i]" value="1"<?php checked( $php_path_i, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
1136
+ </td>
1137
+ <td>
1138
+ <label><input type="radio" name="nfw_options[php_path_i]" value="0"<?php checked( $php_path_i, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
1139
+ </td>
1140
+ </tr>
1141
+ </table>
1142
 
1143
+ <br /><br />
1144
 
1145
+ <?php
 
 
 
 
 
 
 
 
 
 
 
1146
 
1147
+ if ( strlen( $_SERVER['DOCUMENT_ROOT'] ) < 5 ) {
1148
+ $nfw_rules[NFW_DOC_ROOT]['ena'] = 0;
1149
+ $greyed = 'style="color:#bbbbbb"';
1150
+ $disabled = 'disabled ';
1151
+ $disabled_msg = '<br /><span class="description">&nbsp;' .
1152
+ __('This option is not compatible with your actual configuration.', 'ninjafirewall') .
1153
+ '</span>';
1154
+ } else {
1155
+ $greyed = '';
1156
+ $disabled = '';
1157
+ $disabled_msg = '';
1158
+ }
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1159
 
1160
+ if ( empty( $nfw_rules[NFW_DOC_ROOT]['ena']) ) {
1161
+ $block_doc_root = 0;
1162
+ } else {
1163
+ $block_doc_root = 1;
1164
+ }
1165
+ if ( empty( $nfw_rules[NFW_NULL_BYTE]['ena']) ) {
1166
+ $block_null_byte = 0;
1167
+ } else {
1168
+ $block_null_byte = 1;
1169
+ }
1170
+ if ( empty( $nfw_rules[NFW_ASCII_CTRL]['ena']) ) {
1171
+ $block_ctrl_chars = 0;
1172
+ } else {
1173
+ $block_ctrl_chars = 1;
1174
+ }
1175
+ ?>
1176
+ <h3><?php _e('Various', 'ninjafirewall') ?></h3>
1177
+ <table class="form-table">
1178
+ <tr valign="top">
1179
+ <th scope="row"><?php _e('Block the <code>DOCUMENT_ROOT</code> server variable in HTTP request', 'ninjafirewall') ?></th>
1180
+ <td width="20">&nbsp;</td>
1181
+ <td width="120">
1182
+ <label <?php echo $greyed ?>><input type="radio" name="nfw_rules[block_doc_root]" value="1"<?php checked( $block_doc_root, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
1183
+ </td>
1184
+ <td>
1185
+ <label <?php echo $greyed ?>><input <?php echo $disabled ?>type="radio" name="nfw_rules[block_doc_root]" value="0"<?php checked( $block_doc_root, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label><?php echo $disabled_msg ?>
1186
+ </td>
1187
+ </tr>
1188
+ <tr>
1189
+ <th scope="row"><?php _e('Block ASCII character 0x00 (NULL byte)', 'ninjafirewall') ?></th>
1190
+ <td width="20">&nbsp;</td>
1191
+ <td width="120">
1192
+ <label><input type="radio" name="nfw_rules[block_null_byte]" value="1"<?php checked( $block_null_byte, 1 ) ?>>&nbsp;<?php _e('Yes (default)', 'ninjafirewall') ?></label>
1193
+ </td>
1194
+ <td>
1195
+ <label><input type="radio" name="nfw_rules[block_null_byte]" value="0"<?php checked( $block_null_byte, 0 ) ?>>&nbsp;<?php _e('No', 'ninjafirewall') ?></label>
1196
+ </td>
1197
+ </tr>
1198
+ <tr>
1199
+ <th scope="row"><?php _e('Block ASCII control characters 1 to 8 and 14 to 31', 'ninjafirewall') ?></th>
1200
+ <td width="20">&nbsp;</td>
1201
+ <td>
1202
+ <label><input type="radio" name="nfw_rules[block_ctrl_chars]" value="1"<?php checked( $block_ctrl_chars, 1 ) ?>>&nbsp;<?php _e('Yes', 'ninjafirewall') ?></label>
1203
+ </td>
1204
+ <td>
1205
+ <label><input type="radio" name="nfw_rules[block_ctrl_chars]" value="0"<?php checked( $block_ctrl_chars, 0 ) ?>>&nbsp;<?php _e('No (default)', 'ninjafirewall') ?></label>
1206
+ </td>
1207
+ </tr>
1208
+ </table>
1209
 
1210
+ </div>
1211
+
1212
+ <br />
1213
+ <br />
1214
 
1215
+ <input class="button-primary" type="submit" name="Save" value="<?php _e('Save Firewall Policies', 'ninjafirewall') ?>" />
1216
+ &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
1217
+ <input class="button-secondary" type="submit" name="Default" value="<?php _e('Restore Default Values', 'ninjafirewall') ?>" onclick="return restore();" />
1218
+ </form>
1219
  </div>
1220
 
1221
  <?php
1535
  $nfw_options['disallow_edit'] = 1;
1536
  }
1537
 
1538
+ if ( empty( $_POST['nfw_options']['disable_error_handler']) ) {
1539
+ $nfw_options['disable_error_handler'] = 0;
1540
+ } else {
1541
+ $nfw_options['disable_error_handler'] = 1;
1542
+ }
1543
+
1544
  if ( empty( $_POST['nfw_options']['disallow_mods']) ) {
1545
  $nfw_options['disallow_mods'] = 0;
1546
  } else {
1699
  $nfw_options['no_post_themes'] = 0;
1700
  $nfw_options['force_ssl'] = 0;
1701
  $nfw_options['disallow_edit'] = 0;
1702
+ $nfw_options['disable_error_handler'] = 0;
1703
  $nfw_options['disallow_mods'] = 0;
1704
  $nfw_options['post_b64'] = 1;
1705
  $nfw_options['wl_admin'] = 1;
lib/help.php CHANGED
@@ -190,6 +190,7 @@ function help_nfsubpolicies() {
190
  <li>' . __('Force SSL for admin and logins <code>FORCE_SSL_ADMIN</code>:', 'ninjafirewall'). '<span class="description"> ' . __('enable this option when you want to secure logins and the admin area so that both passwords and cookies are never sent in the clear. Ensure that you can access your admin console from HTTPS before enabling this option, otherwise you will lock yourself out of your site!', 'ninjafirewall'). '</span></li>
191
  <li>' . __('Disable the plugin and theme editor <code>DISALLOW_FILE_EDIT</code>:', 'ninjafirewall'). '<span class="description"> ' . __('disabling the plugin and theme editor provides an additional layer of security if a hacker gains access to a well-privileged user account.', 'ninjafirewall'). '</span></li>
192
  <li>' . __('Disable plugin and theme update/installation <code>DISALLOW_FILE_MODS</code>:', 'ninjafirewall'). '<span class="description"> ' . __('this option will block users being able to use the plugin and theme installation/update functionality from the WordPress admin area. Setting this constant also disables the Plugin and Theme editor.', 'ninjafirewall'). '</span></li>
 
193
 
194
  <br />
195
 
190
  <li>' . __('Force SSL for admin and logins <code>FORCE_SSL_ADMIN</code>:', 'ninjafirewall'). '<span class="description"> ' . __('enable this option when you want to secure logins and the admin area so that both passwords and cookies are never sent in the clear. Ensure that you can access your admin console from HTTPS before enabling this option, otherwise you will lock yourself out of your site!', 'ninjafirewall'). '</span></li>
191
  <li>' . __('Disable the plugin and theme editor <code>DISALLOW_FILE_EDIT</code>:', 'ninjafirewall'). '<span class="description"> ' . __('disabling the plugin and theme editor provides an additional layer of security if a hacker gains access to a well-privileged user account.', 'ninjafirewall'). '</span></li>
192
  <li>' . __('Disable plugin and theme update/installation <code>DISALLOW_FILE_MODS</code>:', 'ninjafirewall'). '<span class="description"> ' . __('this option will block users being able to use the plugin and theme installation/update functionality from the WordPress admin area. Setting this constant also disables the Plugin and Theme editor.', 'ninjafirewall'). '</span></li>
193
+ <li>' . __('Disable the fatal error handler <code>WP_Fatal_Error_Handler</code>:', 'ninjafirewall'). '<span class="description"> ' . __('this option will disable the WSOD protection introduced in WordPress 5.1.', 'ninjafirewall'). '</span></li>
194
 
195
  <br />
196
 
lib/init_update.php CHANGED
@@ -21,104 +21,109 @@ if (! defined( 'NFW_ENGINE_VERSION' ) ) { die( 'Forbidden' ); }
21
 
22
  if (! empty($nfw_options['engine_version']) && version_compare($nfw_options['engine_version'], NFW_ENGINE_VERSION, '<') ) {
23
 
24
- // v3.1.2 update (file guard) ----------------------------------
25
- if ( version_compare( $nfw_options['engine_version'], '3.1.2', '<' ) ) {
26
- if (! empty( $nfw_options['fg_exclude'] ) ) {
27
- $nfw_options['fg_exclude'] = preg_quote( $nfw_options['fg_exclude'], '`');
 
 
 
 
 
 
28
  }
29
- }
30
- // v3.2.2 update -----------------------------------------------
31
- if ( version_compare( $nfw_options['engine_version'], '3.2.2', '<' ) ) {
32
- if ( is_multisite() ) {
33
- update_site_option('nfw_options', $nfw_options);
34
- update_site_option('nfw_rules', $nfw_rules_new);
35
  }
36
- }
37
- // v3.3 update ---------------------------------------------------
38
- if ( version_compare( $nfw_options['engine_version'], '3.3', '<' ) ) {
39
- if ( function_exists('header_register_callback') && function_exists('headers_list') && function_exists('header_remove') ) {
40
- if (! empty( $nfw_options['response_headers'] ) && strlen( $nfw_options['response_headers'] ) == 6 ) {
41
- $nfw_options['response_headers'] .= '00';
42
  }
43
  }
44
- }
45
- // v3.4 update ---------------------------------------------------
46
- if ( version_compare( $nfw_options['engine_version'], '3.4', '<' ) ) {
47
- $nfw_options['a_53'] = 1;
48
- }
49
- // v3.5.1 update -------------------------------------------------
50
- if ( version_compare( $nfw_options['engine_version'], '3.5.1', '<' ) ) {
51
- // Create garbage collector's cron job:
52
- if ( wp_next_scheduled( 'nfwgccron' ) ) {
53
- wp_clear_scheduled_hook( 'nfwgccron' );
54
  }
55
- wp_schedule_event( time() + 60, 'hourly', 'nfwgccron' );
56
- }
57
- // v3.6.2 update -------------------------------------------------
58
- if ( version_compare( $nfw_options['engine_version'], '3.6.2', '<' ) ) {
59
- $nfw_options['rate_notice'] = time() + 86400 * 15;
60
- }
61
- // v3.7.2 update -------------------------------------------------
62
- if ( version_compare( $nfw_options['engine_version'], '3.7.2', '<' ) ) {
63
- if (! isset( $nfw_options['disallow_settings'] ) ) {
64
- $nfw_options['disallow_settings'] = 1;
65
  }
66
- }
67
- // v3.7.3 update -------------------------------------------------
68
- if ( version_compare( $nfw_options['engine_version'], '3.7.3', '<' ) ) {
69
- // Clear old DB hash files:
70
- $path = NFW_LOG_DIR . '/nfwlog/cache/';
71
- $glob = glob( $path . "nfdbhash*.php" );
72
- if ( is_array( $glob ) ) {
73
- foreach( $glob as $file ) {
74
- unlink( $file );
75
  }
76
  }
77
- // Convert all backup file to json format:
78
- $path = NFW_LOG_DIR . '/nfwlog/cache/';
79
- $now = time();
80
- $glob = glob( $path .'backup_*.php' );
81
- if ( is_array( $glob ) && ! empty( $glob[0] ) ) {
82
- foreach( $glob as $file ) {
83
- $data = file_get_contents( $file );
84
- list ( $options, $rules, $bf ) = @explode("\n:-:\n", $data . "\n:-:\n");
85
- $array_options = @unserialize( $options );
86
- $array_rules = @unserialize( $rules );
87
- if (! empty( $bf ) ) {
88
- $bf_conf = @unserialize( $bf );
89
- } else {
90
- $bf_conf = '';
91
  }
92
- if ( $array_options !== false && $array_rules !== false ) {
93
- $data = json_encode( $array_options ) ."\n:-:\n". json_encode( $array_rules ) ."\n:-:\n". $bf_conf;
94
- file_put_contents( $file, $data );
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
95
  }
96
  }
97
  }
98
- }
99
- // ---------------------------------------------------------------
100
- // Delete old rules files (/updates/*):
101
- $update_dir = dirname( __DIR__ ) . '/updates';
102
- if ( is_dir( $update_dir ) ) {
103
- if ( file_exists( "{$update_dir}/.htaccess" ) ) {
104
- unlink( "{$update_dir}/.htaccess");
105
- }
106
- if ( file_exists( "{$update_dir}/rules3.txt" ) ) {
107
- unlink( "{$update_dir}/rules3.txt");
108
- }
109
- if ( file_exists( "{$update_dir}/version3.txt" ) ) {
110
- unlink( "{$update_dir}/version3.txt");
 
111
  }
112
- @rmdir( $update_dir );
113
- }
114
- // -------------------------------------------------------------
115
 
116
- // Adjust current version :
117
- $nfw_options['engine_version'] = NFW_ENGINE_VERSION;
118
-
119
- // Update options:
120
- nfw_update_option( 'nfw_options', $nfw_options);
121
 
 
 
 
122
  }
123
 
124
  // ---------------------------------------------------------------------
21
 
22
  if (! empty($nfw_options['engine_version']) && version_compare($nfw_options['engine_version'], NFW_ENGINE_VERSION, '<') ) {
23
 
24
+ // Starting from v3.8.2 and its new backup auto-restore feature,
25
+ // we must prevent any potential race condition here:
26
+ if ( get_transient( 'nfw_version_update' ) === false ) {
27
+ set_transient( 'nfw_version_update', NFW_ENGINE_VERSION, 60 );
28
+
29
+ // v3.1.2 update (file guard) ----------------------------------
30
+ if ( version_compare( $nfw_options['engine_version'], '3.1.2', '<' ) ) {
31
+ if (! empty( $nfw_options['fg_exclude'] ) ) {
32
+ $nfw_options['fg_exclude'] = preg_quote( $nfw_options['fg_exclude'], '`');
33
+ }
34
  }
35
+ // v3.2.2 update -----------------------------------------------
36
+ if ( version_compare( $nfw_options['engine_version'], '3.2.2', '<' ) ) {
37
+ if ( is_multisite() ) {
38
+ update_site_option('nfw_options', $nfw_options);
39
+ update_site_option('nfw_rules', $nfw_rules_new);
40
+ }
41
  }
42
+ // v3.3 update ---------------------------------------------------
43
+ if ( version_compare( $nfw_options['engine_version'], '3.3', '<' ) ) {
44
+ if ( function_exists('header_register_callback') && function_exists('headers_list') && function_exists('header_remove') ) {
45
+ if (! empty( $nfw_options['response_headers'] ) && strlen( $nfw_options['response_headers'] ) == 6 ) {
46
+ $nfw_options['response_headers'] .= '00';
47
+ }
48
  }
49
  }
50
+ // v3.4 update ---------------------------------------------------
51
+ if ( version_compare( $nfw_options['engine_version'], '3.4', '<' ) ) {
52
+ $nfw_options['a_53'] = 1;
 
 
 
 
 
 
 
53
  }
54
+ // v3.5.1 update -------------------------------------------------
55
+ if ( version_compare( $nfw_options['engine_version'], '3.5.1', '<' ) ) {
56
+ // Create garbage collector's cron job:
57
+ if ( wp_next_scheduled( 'nfwgccron' ) ) {
58
+ wp_clear_scheduled_hook( 'nfwgccron' );
59
+ }
60
+ wp_schedule_event( time() + 60, 'hourly', 'nfwgccron' );
 
 
 
61
  }
62
+ // v3.6.2 update -------------------------------------------------
63
+ if ( version_compare( $nfw_options['engine_version'], '3.6.2', '<' ) ) {
64
+ $nfw_options['rate_notice'] = time() + 86400 * 15;
65
+ }
66
+ // v3.7.2 update -------------------------------------------------
67
+ if ( version_compare( $nfw_options['engine_version'], '3.7.2', '<' ) ) {
68
+ if (! isset( $nfw_options['disallow_settings'] ) ) {
69
+ $nfw_options['disallow_settings'] = 1;
 
70
  }
71
  }
72
+ // v3.7.3 update -------------------------------------------------
73
+ if ( version_compare( $nfw_options['engine_version'], '3.7.3', '<' ) ) {
74
+ // Clear old DB hash files:
75
+ $path = NFW_LOG_DIR . '/nfwlog/cache/';
76
+ $glob = glob( $path . "nfdbhash*.php" );
77
+ if ( is_array( $glob ) ) {
78
+ foreach( $glob as $file ) {
79
+ unlink( $file );
 
 
 
 
 
 
80
  }
81
+ }
82
+ // Convert all backup file to json format:
83
+ $path = NFW_LOG_DIR . '/nfwlog/cache/';
84
+ $now = time();
85
+ $glob = glob( $path .'backup_*.php' );
86
+ if ( is_array( $glob ) && ! empty( $glob[0] ) ) {
87
+ foreach( $glob as $file ) {
88
+ $data = file_get_contents( $file );
89
+ list ( $options, $rules, $bf ) = @explode("\n:-:\n", $data . "\n:-:\n");
90
+ $array_options = @unserialize( $options );
91
+ $array_rules = @unserialize( $rules );
92
+ if (! empty( $bf ) ) {
93
+ $bf_conf = @unserialize( $bf );
94
+ } else {
95
+ $bf_conf = '';
96
+ }
97
+ if ( $array_options !== false && $array_rules !== false ) {
98
+ $data = json_encode( $array_options ) ."\n:-:\n". json_encode( $array_rules ) ."\n:-:\n". $bf_conf;
99
+ file_put_contents( $file, $data );
100
+ }
101
  }
102
  }
103
  }
104
+ // ---------------------------------------------------------------
105
+ // Delete old rules files (/updates/*):
106
+ $update_dir = dirname( __DIR__ ) . '/updates';
107
+ if ( is_dir( $update_dir ) ) {
108
+ if ( file_exists( "{$update_dir}/.htaccess" ) ) {
109
+ unlink( "{$update_dir}/.htaccess");
110
+ }
111
+ if ( file_exists( "{$update_dir}/rules3.txt" ) ) {
112
+ unlink( "{$update_dir}/rules3.txt");
113
+ }
114
+ if ( file_exists( "{$update_dir}/version3.txt" ) ) {
115
+ unlink( "{$update_dir}/version3.txt");
116
+ }
117
+ @rmdir( $update_dir );
118
  }
119
+ // -------------------------------------------------------------
 
 
120
 
121
+ // Adjust current version :
122
+ $nfw_options['engine_version'] = NFW_ENGINE_VERSION;
 
 
 
123
 
124
+ // Update options:
125
+ nfw_update_option( 'nfw_options', $nfw_options);
126
+ }
127
  }
128
 
129
  // ---------------------------------------------------------------------
lib/install_default.php ADDED
@@ -0,0 +1,203 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+ /*
3
+ +---------------------------------------------------------------------+
4
+ | NinjaFirewall (WP Edition) |
5
+ | |
6
+ | (c) NinTechNet - https://nintechnet.com/ |
7
+ +---------------------------------------------------------------------+
8
+ | This program is free software: you can redistribute it and/or |
9
+ | modify it under the terms of the GNU General Public License as |
10
+ | published by the Free Software Foundation, either version 3 of |
11
+ | the License, or (at your option) any later version. |
12
+ | |
13
+ | This program is distributed in the hope that it will be useful, |
14
+ | but WITHOUT ANY WARRANTY; without even the implied warranty of |
15
+ | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
16
+ | GNU General Public License for more details. |
17
+ +---------------------------------------------------------------------+ i18n+ / sa
18
+ */
19
+
20
+ if (! defined( 'NFW_ENGINE_VERSION' ) ) { die( 'Forbidden' ); }
21
+
22
+ /* ------------------------------------------------------------------ */
23
+ // Load and save default config
24
+
25
+ function nfw_load_default_conf() {
26
+
27
+ $nfw_rules = array();
28
+
29
+ // We first delete all scheduled tasks if any (reinstallation etc):
30
+ if ( wp_next_scheduled( 'nfwgccron' ) ) {
31
+ wp_clear_scheduled_hook( 'nfwgccron' );
32
+ }
33
+ if ( wp_next_scheduled('nfscanevent') ) {
34
+ wp_clear_scheduled_hook('nfscanevent');
35
+ }
36
+ if ( wp_next_scheduled('nfsecupdates') ) {
37
+ wp_clear_scheduled_hook('nfsecupdates');
38
+ }
39
+ if ( wp_next_scheduled('nfdailyreport') ) {
40
+ wp_clear_scheduled_hook('nfdailyreport');
41
+ }
42
+
43
+ if (! empty( $_SESSION['temp_admin_email'] ) ) {
44
+ $alert_email = $_SESSION['temp_admin_email'];
45
+ } else {
46
+ $alert_email = get_option('admin_email');
47
+ }
48
+
49
+ $nfw_options = array(
50
+ // ---------------------------------------------------------------
51
+ // The next 6 keys must always be present because they are used
52
+ // by the nfw_validate_option() function to check whether $nfw_options
53
+ // is corrupted or not:
54
+ 'enabled' => 1,
55
+ 'blocked_msg' => base64_encode(NFW_DEFAULT_MSG),
56
+ 'logo' => plugins_url() . '/ninjafirewall/images/ninjafirewall_75.png',
57
+ 'ret_code' => 403,
58
+ 'scan_protocol' => 3,
59
+ 'get_scan' => 1,
60
+ // ---------------------------------------------------------------
61
+ 'anon_ip' => 0,
62
+ 'debug' => 0,
63
+ 'uploads' => 1,
64
+ 'sanitise_fn' => 0,
65
+ 'get_sanitise' => 0,
66
+ 'post_scan' => 1,
67
+ 'post_sanitise' => 0,
68
+ 'cookies_scan' => 1,
69
+ 'cookies_sanitise'=> 0,
70
+ 'ua_scan' => 1,
71
+ 'ua_sanitise' => 1,
72
+ 'referer_scan' => 0,
73
+ 'referer_sanitise'=> 1,
74
+ 'referer_post' => 0,
75
+ 'no_host_ip' => 0,
76
+ 'allow_local_ip' => 0,
77
+ 'php_errors' => 1,
78
+ 'php_self' => 1,
79
+ 'php_path_t' => 1,
80
+ 'php_path_i' => 1,
81
+ 'wp_dir' => '/wp-admin/(?:css|images|includes|js)/|' .
82
+ '/wp-includes/(?:(?:css|images|js(?!/tinymce/wp-tinymce\.php)|theme-compat)/|[^/]+\.php)|' .
83
+ '/'. basename(WP_CONTENT_DIR) .'/(?:uploads|blogs\.dir)/',
84
+ 'no_post_themes' => 0,
85
+ 'force_ssl' => 0,
86
+ 'disallow_edit' => 0,
87
+ 'disallow_mods' => 0,
88
+ // 3.8.2:
89
+ 'disable_error_handler' => 0,
90
+
91
+ 'wl_admin' => 1,
92
+ // v1.0.4
93
+ 'a_0' => 1,
94
+ 'a_11' => 1,
95
+ 'a_12' => 1,
96
+ 'a_13' => 0,
97
+ 'a_14' => 0,
98
+ 'a_15' => 1,
99
+ 'a_16' => 0,
100
+ 'a_21' => 1,
101
+ 'a_22' => 1,
102
+ 'a_23' => 0,
103
+ 'a_24' => 0,
104
+ 'a_31' => 1,
105
+ // v1.3.3 :
106
+ 'a_41' => 1,
107
+ // v1.3.4 :
108
+ 'a_51' => 1,
109
+ 'sched_scan' => 0,
110
+ 'report_scan' => 0,
111
+ // v1.7 (daily report cronjob) :
112
+ 'a_52' => 1,
113
+ // v3.4:
114
+ 'a_53' => 1,
115
+
116
+ 'alert_email' => $alert_email,
117
+ // v1.1.0 :
118
+ 'alert_sa_only' => 1,
119
+ 'nt_show_status' => 1,
120
+ 'post_b64' => 1,
121
+ // v3.6.7:
122
+ 'disallow_creation' => 0,
123
+ // v3.7.2:
124
+ 'disallow_settings' => 1,
125
+
126
+ // v1.1.2 :
127
+ 'no_xmlrpc' => 0,
128
+ // v1.7 :
129
+ 'no_xmlrpc_multi' => 0,
130
+ // v3.3.2
131
+ 'no_xmlrpc_pingback'=> 0,
132
+
133
+ // v1.1.3 :
134
+ 'enum_archives' => 0,
135
+ 'enum_login' => 0,
136
+ // v1.1.6 :
137
+ 'request_sanitise'=> 0,
138
+ // v1.2.1 :
139
+ 'fg_enable' => 0,
140
+ 'fg_mtime' => 10,
141
+ 'fg_exclude' => '',
142
+ // Log:
143
+ 'auto_del_log' => 0,
144
+ // Updates :
145
+ 'enable_updates' => 1,
146
+ 'sched_updates' => 1,
147
+ 'notify_updates' => 1,
148
+ // Centralized Logging:
149
+ 'clogs_enable' => 0,
150
+ 'clogs_pubkey' => '',
151
+
152
+ 'rate_notice' => time() + 86400 * 15,
153
+ );
154
+ // v1.3.1 :
155
+ // Some compatibility checks:
156
+ // 1. header_register_callback(): requires PHP >=5.4
157
+ // 2. headers_list() and header_remove(): some hosts may disable them.
158
+ if ( function_exists('header_register_callback') && function_exists('headers_list') && function_exists('header_remove') ) {
159
+ // X-XSS-Protection:
160
+ $nfw_options['response_headers'] = '000300000';
161
+ }
162
+ $nfw_options['referrer_policy_enabled'] = 0;
163
+
164
+ define('NFUPDATESDO', 2);
165
+ @nf_sub_updates();
166
+
167
+ if (! $nfw_rules = @unserialize(NFW_RULES) ) {
168
+ $err_msg = '<p><strong>'. __('Error: The installer cannot download the security rules from wordpress.org website.', 'ninjafirewall') . '</strong></p>';
169
+ $err_msg.= '<ol><li>'. __('The server may be temporarily down or you may have network connectivity problems? Please try again in a few minutes.', 'ninjafirewall') . '</li>';
170
+ $err_msg.= '<li>'. __('NinjaFirewall downloads its rules over an HTTPS secure connection. Maybe your server does not support SSL? You can force NinjaFirewall to use a non-secure HTTP connection by adding the following directive to your <strong>wp-config.php</strong> file:', 'ninjafirewall') . '<p><code>define("NFW_DONT_USE_SSL", 1);</code></p></li></ol>';
171
+ exit("<br /><div class='error notice is-dismissible'>{$err_msg}</div></div></div></div></div></body></html>");
172
+ }
173
+
174
+ $nfw_options['engine_version'] = NFW_ENGINE_VERSION;
175
+ $nfw_options['rules_version'] = NFW_NEWRULES_VERSION; // downloaded rules
176
+
177
+ if ( strlen( $_SERVER['DOCUMENT_ROOT'] ) > 5 ) {
178
+ $nfw_rules[NFW_DOC_ROOT]['cha'][1]['wha'] = str_replace( '/', '/[./]*', $_SERVER['DOCUMENT_ROOT'] );
179
+ } elseif ( strlen( getenv( 'DOCUMENT_ROOT' ) ) > 5 ) {
180
+ $nfw_rules[NFW_DOC_ROOT]['cha'][1]['wha'] = str_replace( '/', '/[./]*', getenv( 'DOCUMENT_ROOT' ) );
181
+ } else {
182
+ $nfw_rules[NFW_DOC_ROOT]['ena'] = 0;
183
+ }
184
+
185
+ // Enable PHP object injection rules (since v3.5.3):
186
+ $nfw_rules[NFW_OBJECTS]['ena'] = 1;
187
+
188
+ // ------------------------------------------------------------------
189
+ // Update DB options and rules **BEFORE** (re)enabling scheduled tasks
190
+ // (the garbage collect should be ran/scheduled last):
191
+ nfw_update_option( 'nfw_options', $nfw_options);
192
+ nfw_update_option( 'nfw_rules', $nfw_rules);
193
+ // ------------------------------------------------------------------
194
+ nfw_get_blogtimezone();
195
+ wp_schedule_event( strtotime( date('Y-m-d 00:00:05', strtotime("+1 day")) ), 'daily', 'nfdailyreport');
196
+ wp_schedule_event( time() + 3600, 'hourly', 'nfsecupdates');
197
+ wp_schedule_event( time() + 1800, 'hourly', 'nfwgccron' );
198
+
199
+ $_SESSION['default_conf'] = 1;
200
+
201
+ }
202
+ /* ------------------------------------------------------------------ */
203
+ // EOF //
lib/install_fullwaf.php CHANGED
@@ -71,7 +71,7 @@ function nfw_presave( $err = '' ) {
71
  welcome_email();
72
  }
73
 
74
- $s1 = $s2 = $s3 = $s4 = $s5 = $s7 = '';
75
  $recommended = ' ' . __('(recommended)', 'ninjafirewall');
76
  if ( defined('HHVM_VERSION') ) {
77
  $http_server = 7;
71
  welcome_email();
72
  }
73
 
74
+ $s1 = ''; $s2 = ''; $s3 = ''; $s4 = ''; $s5 = ''; $s7 = '';
75
  $recommended = ' ' . __('(recommended)', 'ninjafirewall');
76
  if ( defined('HHVM_VERSION') ) {
77
  $http_server = 7;
lib/utils.php CHANGED
@@ -103,39 +103,76 @@ function nfw_account_creation( $user_login ) {
103
  add_filter( 'pre_user_login' , 'nfw_account_creation' );
104
 
105
  // ---------------------------------------------------------------------
 
106
 
107
  function nfw_garbage_collector() {
108
 
109
- // Clean/delete cache folder & temp files (hourly cron job):
110
-
111
- $nfw_options = nfw_get_option( 'nfw_options' );
112
- if ( empty( $nfw_options ) ) {
113
- // We could reach this part during the installation process
114
- // when the options and rules are not fully populated yet:
115
- return;
116
- }
117
-
118
  $path = NFW_LOG_DIR . '/nfwlog/cache/';
119
  $now = time();
120
-
121
  // Make sure the cache folder exists, i.e, we have been
122
  // through the whole installation process:
123
  if (! is_dir( $path ) ) {
124
  return;
125
  }
126
 
127
- // Don't do anything if the cache folder
128
- // was cleaned up less than 65 minutes ago:
129
  $gc = $path . 'garbage_collector.php';
130
  if ( file_exists( $gc ) ) {
131
  $nfw_mtime = filemtime( $gc ) ;
132
- if ( $now - $nfw_mtime < 65*60 ) {
133
  return;
134
  }
135
  unlink( $gc );
136
  }
137
  touch( $gc );
138
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
139
  // Check if we must delete old firewall logs:
140
  if (! empty( $nfw_options['auto_del_log'] ) ) {
141
  $auto_del_log = (int) $nfw_options['auto_del_log'] * 86400;
@@ -204,6 +241,8 @@ function nfw_garbage_collector() {
204
  }
205
  }
206
 
 
 
207
  // NinjaFirewall's configuration backup. We create a new one daily:
208
  $glob = glob( $path .'backup_*.php' );
209
  if ( is_array( $glob ) && ! empty( $glob[0] ) ) {
@@ -220,11 +259,11 @@ function nfw_garbage_collector() {
220
  }
221
  $data = json_encode( $nfw_options ) ."\n:-:\n". json_encode($nfw_rules) ."\n:-:\n". $bd_data;
222
  $file = uniqid( 'backup_'. time() .'_', true) . '.php';
223
- file_put_contents( $path . $file, $data );
224
  array_unshift( $glob, $path . $file );
225
  }
226
  }
227
- // Keep the last 5 backup only (number can be defined
228
  // in the wp-config.php):
229
  if ( defined('NFW_MAX_BACKUP') ) {
230
  $num = (int) NFW_MAX_BACKUP;
@@ -242,17 +281,45 @@ function nfw_garbage_collector() {
242
  return;
243
  }
244
  if ( file_exists( $path .'bf_conf.php' ) ) {
245
- $bd_data = serialize( file_get_contents( $path .'bf_conf.php' ) );
246
  } else {
247
  $bd_data = '';
248
  }
249
- $data = serialize( $nfw_options ) ."\n:-:\n". serialize($nfw_rules) ."\n:-:\n". $bd_data;
250
  $file = uniqid( 'backup_'. time() .'_', true) . '.php';
251
- file_put_contents( $path . $file, $data );
252
  }
253
 
254
  }
255
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
256
  // ---------------------------------------------------------------------
257
 
258
  function nfw_select_ip() {
@@ -638,6 +705,22 @@ function nfw_delete_option( $option ) {
638
  return delete_option( $option );
639
  }
640
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
641
  // ---------------------------------------------------------------------
642
 
643
  function nfwhook_update_user_meta( $user_id, $meta_key, $meta_value, $prev_value ) {
103
  add_filter( 'pre_user_login' , 'nfw_account_creation' );
104
 
105
  // ---------------------------------------------------------------------
106
+ // Clean/delete cache folder & temp files (hourly cron job).
107
 
108
  function nfw_garbage_collector() {
109
 
 
 
 
 
 
 
 
 
 
110
  $path = NFW_LOG_DIR . '/nfwlog/cache/';
111
  $now = time();
 
112
  // Make sure the cache folder exists, i.e, we have been
113
  // through the whole installation process:
114
  if (! is_dir( $path ) ) {
115
  return;
116
  }
117
 
118
+ // Don't do anything if the cache folder was cleaned up less than 10 minutes ago:
 
119
  $gc = $path . 'garbage_collector.php';
120
  if ( file_exists( $gc ) ) {
121
  $nfw_mtime = filemtime( $gc ) ;
122
+ if ( $now - $nfw_mtime < 10*60 ) {
123
  return;
124
  }
125
  unlink( $gc );
126
  }
127
  touch( $gc );
128
 
129
+ // Fetch options:
130
+ $nfw_options = nfw_get_option( 'nfw_options' );
131
+
132
+ // ------------------------------------------------------------------
133
+ // If nfw_options is corrupted (e.g., failed update etc) we try to restore it
134
+ // from a backup file otherwise we restore it from the default settings.
135
+ if ( nfw_validate_option( $nfw_options ) === false ) {
136
+
137
+ $glob = glob( $path .'backup_*.php' );
138
+ $valid_option = 0;
139
+ // Make sure we have a backup file
140
+ while ( is_array( $glob ) && ! empty( $glob[0] ) ) {
141
+ $content = array();
142
+ $last_file = array_pop( $glob );
143
+ $content = @explode("\n:-:\n", file_get_contents( $last_file ) . "\n:-:\n");
144
+ $content[0] = json_decode( $content[0], true );
145
+
146
+ if ( nfw_validate_option( $content[0] ) === true ) {
147
+ // We can use that backup to restore our options:
148
+ $valid_option = 1;
149
+ break;
150
+
151
+ // Delete this corrupted backup file:
152
+ } else {
153
+ nfw_log_error( sprintf( 'Backup file is corrupted, deleting it (%s)', $last_file ) );
154
+ unlink( $last_file );
155
+ }
156
+ }
157
+
158
+ // Restore the last good backup:
159
+ if (! empty( $valid_option ) ) {
160
+ nfw_update_option( 'nfw_options', $content[0] );
161
+ nfw_log_error( sprintf( '"nfw_options" is corrupted, restoring from last known good backup file (%s)', $last_file ) );
162
+
163
+ // Restore the default settings if no backup file was found
164
+ // (this action will also restore the firewall rules):
165
+ } else {
166
+ require_once __DIR__ .'/install_default.php';
167
+ nfw_log_error( '"nfw_options" is corrupted, restoring default values (no valid backup found)' );
168
+ nfw_load_default_conf();
169
+ }
170
+
171
+ $nfw_options = nfw_get_option( 'nfw_options' );
172
+ }
173
+
174
+ // ------------------------------------------------------------------
175
+
176
  // Check if we must delete old firewall logs:
177
  if (! empty( $nfw_options['auto_del_log'] ) ) {
178
  $auto_del_log = (int) $nfw_options['auto_del_log'] * 86400;
241
  }
242
  }
243
 
244
+ // ------------------------------------------------------------------
245
+
246
  // NinjaFirewall's configuration backup. We create a new one daily:
247
  $glob = glob( $path .'backup_*.php' );
248
  if ( is_array( $glob ) && ! empty( $glob[0] ) ) {
259
  }
260
  $data = json_encode( $nfw_options ) ."\n:-:\n". json_encode($nfw_rules) ."\n:-:\n". $bd_data;
261
  $file = uniqid( 'backup_'. time() .'_', true) . '.php';
262
+ @file_put_contents( $path . $file, $data, LOCK_EX );
263
  array_unshift( $glob, $path . $file );
264
  }
265
  }
266
+ // Keep the last 5 backup only (value can be defined
267
  // in the wp-config.php):
268
  if ( defined('NFW_MAX_BACKUP') ) {
269
  $num = (int) NFW_MAX_BACKUP;
281
  return;
282
  }
283
  if ( file_exists( $path .'bf_conf.php' ) ) {
284
+ $bd_data = json_encode( file_get_contents( $path .'bf_conf.php' ) );
285
  } else {
286
  $bd_data = '';
287
  }
288
+ $data = json_encode( $nfw_options ) ."\n:-:\n". json_encode($nfw_rules) ."\n:-:\n". $bd_data;
289
  $file = uniqid( 'backup_'. time() .'_', true) . '.php';
290
+ @file_put_contents( $path . $file, $data, LOCK_EX );
291
  }
292
 
293
  }
294
 
295
+ // ---------------------------------------------------------------------
296
+ // Write potential errors to a specific log.
297
+
298
+ function nfw_log_error( $message ) {
299
+
300
+ $log = NFW_LOG_DIR . '/nfwlog/error_log.php';
301
+
302
+ if (! file_exists( $log ) ) {
303
+ @file_put_contents( $log, "<?php exit; ?>\n", LOCK_EX );
304
+ }
305
+ @file_put_contents( $log, date_i18n('[d/M/y:H:i:s O]') . " $message\n", FILE_APPEND | LOCK_EX );
306
+
307
+ }
308
+
309
+ // ---------------------------------------------------------------------
310
+
311
+ function nfw_get_blogtimezone() {
312
+
313
+ $tzstring = get_option( 'timezone_string' );
314
+ if (! $tzstring ) {
315
+ $tzstring = ini_get( 'date.timezone' );
316
+ if (! $tzstring ) {
317
+ $tzstring = 'UTC';
318
+ }
319
+ }
320
+ date_default_timezone_set( $tzstring );
321
+ }
322
+
323
  // ---------------------------------------------------------------------
324
 
325
  function nfw_select_ip() {
705
  return delete_option( $option );
706
  }
707
 
708
+ // ---------------------------------------------------------------------
709
+ // Make sure nfw_options is valid.
710
+
711
+ function nfw_validate_option( $value ) {
712
+
713
+ if (! isset( $value['enabled'] ) || ! isset( $value['blocked_msg'] ) ||
714
+ ! isset( $value['logo'] ) || ! isset( $value['ret_code'] ) ||
715
+ ! isset( $value['scan_protocol'] ) || ! isset( $value['get_scan'] ) ) {
716
+
717
+ // Data is corrupted:
718
+ return false;
719
+ }
720
+
721
+ return true;
722
+ }
723
+
724
  // ---------------------------------------------------------------------
725
 
726
  function nfwhook_update_user_meta( $user_id, $meta_key, $meta_value, $prev_value ) {
ninjafirewall.php CHANGED
@@ -3,7 +3,7 @@
3
  Plugin Name: NinjaFirewall (WP Edition)
4
  Plugin URI: https://nintechnet.com/
5
  Description: A true Web Application Firewall to protect and secure WordPress.
6
- Version: 3.8.1
7
  Author: The Ninja Technologies Network
8
  Author URI: https://nintechnet.com/
9
  License: GPLv3 or later
@@ -19,7 +19,7 @@ Domain Path: /languages
19
  | (c) NinTechNet - https://nintechnet.com/ |
20
  +---------------------------------------------------------------------+
21
  */
22
- define( 'NFW_ENGINE_VERSION', '3.8.1' );
23
  /*
24
  +---------------------------------------------------------------------+
25
  | This program is free software: you can redistribute it and/or |
@@ -57,6 +57,13 @@ define('NFW_DOC_ROOT', 510);
57
  define('NFW_WRAPPERS', 520);
58
  define('NFW_OBJECTS', 525);
59
  define('NFW_LOOPBACK', 540);
 
 
 
 
 
 
 
60
  $err_fw = array(
61
  1 => __('Cannot find WordPress configuration file', 'ninjafirewall'),
62
  2 => __('Cannot read WordPress configuration file', 'ninjafirewall'),
@@ -319,11 +326,6 @@ function nfw_admin_init() {
319
  nfw_check_emailalert();
320
  }
321
 
322
- // Run the garbage collector if needed (note that there's already
323
- // a hourly cron job for that purpose, but this call is only used
324
- // in the event where the admin disabled WP-Cron):
325
- nfw_garbage_collector();
326
-
327
  // Applies to admin only (unlike the WP+ Edition):
328
  if (! empty( $nfw_options['wl_admin'] ) ) {
329
  $_SESSION['nfw_goodguy'] = true;
@@ -474,15 +476,6 @@ function ninjafirewall_admin_menu() {
474
  exit;
475
  }
476
 
477
- $message = '<br /><br /><br /><br /><center>' .
478
- sprintf( __('Sorry %s, your request cannot be processed.', 'ninjafirewall'), '<b>%%REM_ADDRESS%%</b>') .
479
- '<br />' . __('For security reasons, it was blocked and logged.', 'ninjafirewall') .
480
- '<br /><br />%%NINJA_LOGO%%<br /><br />' .
481
- __('If you believe this was an error please contact the<br />webmaster and enclose the following incident ID:', 'ninjafirewall') .
482
- '<br /><br />[ <b>#%%NUM_INCIDENT%%</b> ]</center>';
483
-
484
- define( 'NFW_DEFAULT_MSG', $message );
485
-
486
  if (! defined('NF_DISABLED') ) {
487
  is_nfw_enabled();
488
  }
@@ -828,19 +821,6 @@ if ( is_multisite() ) {
828
 
829
  /* ------------------------------------------------------------------ */
830
 
831
- function nfw_get_blogtimezone() {
832
-
833
- $tzstring = get_option( 'timezone_string' );
834
- if (! $tzstring ) {
835
- $tzstring = ini_get( 'date.timezone' );
836
- if (! $tzstring ) {
837
- $tzstring = 'UTC';
838
- }
839
- }
840
- date_default_timezone_set( $tzstring );
841
- }
842
- /* ------------------------------------------------------------------ */
843
-
844
  function nfw_dashboard_widgets() {
845
 
846
  require plugin_dir_path(__FILE__) . 'lib/dashboard_widget.php';
3
  Plugin Name: NinjaFirewall (WP Edition)
4
  Plugin URI: https://nintechnet.com/
5
  Description: A true Web Application Firewall to protect and secure WordPress.
6
+ Version: 3.8.2
7
  Author: The Ninja Technologies Network
8
  Author URI: https://nintechnet.com/
9
  License: GPLv3 or later
19
  | (c) NinTechNet - https://nintechnet.com/ |
20
  +---------------------------------------------------------------------+
21
  */
22
+ define( 'NFW_ENGINE_VERSION', '3.8.2' );
23
  /*
24
  +---------------------------------------------------------------------+
25
  | This program is free software: you can redistribute it and/or |
57
  define('NFW_WRAPPERS', 520);
58
  define('NFW_OBJECTS', 525);
59
  define('NFW_LOOPBACK', 540);
60
+ $message = '<br /><br /><br /><br /><center>' .
61
+ sprintf( __('Sorry %s, your request cannot be processed.', 'ninjafirewall'), '<b>%%REM_ADDRESS%%</b>') .
62
+ '<br />' . __('For security reasons, it was blocked and logged.', 'ninjafirewall') .
63
+ '<br /><br />%%NINJA_LOGO%%<br /><br />' .
64
+ __('If you believe this was an error please contact the<br />webmaster and enclose the following incident ID:', 'ninjafirewall') .
65
+ '<br /><br />[ <b>#%%NUM_INCIDENT%%</b> ]</center>';
66
+ define( 'NFW_DEFAULT_MSG', $message );
67
  $err_fw = array(
68
  1 => __('Cannot find WordPress configuration file', 'ninjafirewall'),
69
  2 => __('Cannot read WordPress configuration file', 'ninjafirewall'),
326
  nfw_check_emailalert();
327
  }
328
 
 
 
 
 
 
329
  // Applies to admin only (unlike the WP+ Edition):
330
  if (! empty( $nfw_options['wl_admin'] ) ) {
331
  $_SESSION['nfw_goodguy'] = true;
476
  exit;
477
  }
478
 
 
 
 
 
 
 
 
 
 
479
  if (! defined('NF_DISABLED') ) {
480
  is_nfw_enabled();
481
  }
821
 
822
  /* ------------------------------------------------------------------ */
823
 
 
 
 
 
 
 
 
 
 
 
 
 
 
824
  function nfw_dashboard_widgets() {
825
 
826
  require plugin_dir_path(__FILE__) . 'lib/dashboard_widget.php';
readme.txt CHANGED
@@ -2,8 +2,8 @@
2
  Contributors: nintechnet, bruandet
3
  Tags: security, firewall, malware, antispam, virus, scanner, hacked site, brute force, seguridad, seguranca, sicherheit, sicurezza, veiligheid
4
  Requires at least: 3.7
5
- Tested up to: 5.0
6
- Stable tag: 3.8.1
7
  Requires PHP: 5.3
8
  License: GPLv3 or later
9
  License URI: http://www.gnu.org/licenses/gpl-3.0.html
@@ -117,7 +117,7 @@ Check out our new supercharged edition: [NinjaFirewall WP+ Edition](https://nint
117
 
118
  = Requirements =
119
 
120
- * WordPress 3.3+
121
  * Admin/Superadmin with `manage_options` + `unfiltered_html capabilities`.
122
  * PHP 5.3+ (5.4 or higher recommended), PHP 7.x or [HHVM 3.4+](https://blog.nintechnet.com/installing-ninjafirewall-with-hhvm-hiphop-virtual-machine/ "")
123
  * MySQL or MariaDB with MySQLi extension
@@ -199,6 +199,15 @@ NinjaFirewall works on Unix-like servers only. There is no Microsoft Windows ver
199
 
200
  == Changelog ==
201
 
 
 
 
 
 
 
 
 
 
202
  = 3.8.1 =
203
 
204
  * Fixed a potential issue where the firewall configuration could be corrupted when attempting to restore a backup from the Firewall Options page right after updating to version 3.8.
2
  Contributors: nintechnet, bruandet
3
  Tags: security, firewall, malware, antispam, virus, scanner, hacked site, brute force, seguridad, seguranca, sicherheit, sicurezza, veiligheid
4
  Requires at least: 3.7
5
+ Tested up to: 5.1
6
+ Stable tag: 3.8.2
7
  Requires PHP: 5.3
8
  License: GPLv3 or later
9
  License URI: http://www.gnu.org/licenses/gpl-3.0.html
117
 
118
  = Requirements =
119
 
120
+ * WordPress 3.7+
121
  * Admin/Superadmin with `manage_options` + `unfiltered_html capabilities`.
122
  * PHP 5.3+ (5.4 or higher recommended), PHP 7.x or [HHVM 3.4+](https://blog.nintechnet.com/installing-ninjafirewall-with-hhvm-hiphop-virtual-machine/ "")
123
  * MySQL or MariaDB with MySQLi extension
199
 
200
  == Changelog ==
201
 
202
+ = 3.8.2 =
203
+
204
+ * Improved the firewall engine to detect shell command obfuscation tricks using uninitialized variables (e.g. `?a=cat$foo $foo/etc/$foo/passwd$foo`).
205
+ * Added a policy to disable the fatal error handler introduced in WordPress 5.1. See "Firewall Policies > Basic Policies > Disable the fatal error handler".
206
+ * Disabled the firewall when running WP-CLI.
207
+ * If the firewall settings were corrupted, the garbage collector would restore the last known good configuration backup. If there is no backup available, it will restore its default settings so that NinjaFirewall will keep working and protecting the site.
208
+ * Various fixes and adjustments.
209
+ * [WP+ Edition] Updated IPv4/IPv6 GeoIP databases.
210
+
211
  = 3.8.1 =
212
 
213
  * Fixed a potential issue where the firewall configuration could be corrupted when attempting to restore a backup from the Firewall Options page right after updating to version 3.8.