NinjaFirewall (WP Edition)

Version Description

Improved firewall engine: Fixed a bug in the HTML entities decoder and added ES6 unicode detection and decoding.
WP+ Edition (Premium): Updated IPv4/IPv6/ASN GeoIP databases.

Files changed (3) hide show

lib/firewall.php CHANGED Viewed

	@@ -1121,8 +1121,8 @@ function nfw_normalize( $string, $nfw_rules ) {
1121	return $string;
1122	}
1123
1124	- if ( preg_match('/&(?:#x0[0-9a-f]{2}\|#0[12]?[0-9]{2}\|amp\|[lg]t\|nbsp\|quot)(?!;\|\d)/i', $norm) ) {
1125	- $norm = preg_replace('/&(#x0[0-9a-f]{2}\|#0[12]?[0-9]{2}\|amp\|[lg]t\|nbsp\|quot)(?!;\|\d)/i', '&\1;', $norm);
1126	if (! $norm ) {
1127	return $string;
1128	}
	@@ -1154,8 +1154,8 @@ function nfw_normalize( $string, $nfw_rules ) {
1154	}
1155	}
1156
1157	- if ( preg_match( '/(?:%\|\\\)u[0-9a-f]{4}/i', $norm ) ) {
1158	- $norm = preg_replace_callback('/(?:%\|\\\)(u[0-9a-f]{4})/i', 'nfw_udecode', $norm);
1159	if (! $norm ) {
1160	return $string;
1161	}
	@@ -1280,7 +1280,10 @@ function nfw_delcomments2 ( $match ) {
1280
1281	function nfw_udecode( $match ) {
1282
1283	- ~~return~~ ~~@json_decode~~(~~'"\\'.$~~match[1]~~.'"'~~);



1284
1285	}
1286


1121	return $string;
1122	}
1123
1124	+ if ( preg_match('/&(?:#x(?:00)[0-9a-f]{2}\|#0[12]?[0-9]{2}\|amp\|[lg]t\|nbsp\|quot)(?!;\|\d)/i', $norm) ) {
1125	+ $norm = preg_replace('/&(#x(?:00)[0-9a-f]{2}\|#0[12]?[0-9]{2}\|amp\|[lg]t\|nbsp\|quot)(?!;\|\d)/i', '&\1;', $norm);
1126	if (! $norm ) {
1127	return $string;
1128	}

1154	}
1155	}
1156
1157	+ if ( preg_match( '/(?:%\|\\\)u(?:[0-9a-f]{4}\|\{0*[0-9a-f]{2}\})/i', $norm ) ) {
1158	+ $norm = preg_replace_callback('/(?:%\|\\\)u(?:([0-9a-f]{4})\|\{0*([0-9a-f]{2})\})/i', 'nfw_udecode', $norm);
1159	if (! $norm ) {
1160	return $string;
1161	}

1280
1281	function nfw_udecode( $match ) {
1282
1283	+ if ( isset( $match[2] ) ) {
1284	+ return @json_decode('"\\u00'.$match[2].'"');
1285	+ }
1286	+ return @json_decode('"\\u'.$match[1].'"');
1287
1288	}
1289

ninjafirewall.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	Plugin Name: NinjaFirewall (WP Edition)
4	Plugin URI: https://nintechnet.com/
5	Description: A true Web Application Firewall to protect and secure WordPress.
6	- Version: 4.0.3
7	Author: The Ninja Technologies Network
8	Author URI: https://nintechnet.com/
9	License: GPLv3 or later
	@@ -19,7 +19,7 @@ Domain Path: /languages
19	\| (c) NinTechNet - https://nintechnet.com/ \|
20	+---------------------------------------------------------------------+
21	*/
22	- define( 'NFW_ENGINE_VERSION', '4.0.3' );
23	/*
24	+---------------------------------------------------------------------+
25	\| This program is free software: you can redistribute it and/or \|


3	Plugin Name: NinjaFirewall (WP Edition)
4	Plugin URI: https://nintechnet.com/
5	Description: A true Web Application Firewall to protect and secure WordPress.
6	+ Version: 4.0.4
7	Author: The Ninja Technologies Network
8	Author URI: https://nintechnet.com/
9	License: GPLv3 or later

19	\| (c) NinTechNet - https://nintechnet.com/ \|
20	+---------------------------------------------------------------------+
21	*/
22	+ define( 'NFW_ENGINE_VERSION', '4.0.4' );
23	/*
24	+---------------------------------------------------------------------+
25	\| This program is free software: you can redistribute it and/or \|

readme.txt CHANGED Viewed

	@@ -2,8 +2,8 @@
2	Contributors: nintechnet, bruandet
3	Tags: security, firewall, malware, antispam, virus, scanner, hacked site, brute force, seguridad, seguranca, sicherheit, sicurezza, veiligheid
4	Requires at least: 3.7
5	- Tested up to: 5.2
6	- Stable tag: 4.0.3
7	Requires PHP: 5.3
8	License: GPLv3 or later
9	License URI: http://www.gnu.org/licenses/gpl-3.0.html
	@@ -200,6 +200,11 @@ NinjaFirewall works on Unix-like servers only. There is no Microsoft Windows ver
200
201	== Changelog ==
202





203	= 4.0.3 =
204
205	We have simplified the menu structure and reduced the total number of menuitems from 15 to 10 (WP Edition) and from 19 to 12 (WP+ Edition):


2	Contributors: nintechnet, bruandet
3	Tags: security, firewall, malware, antispam, virus, scanner, hacked site, brute force, seguridad, seguranca, sicherheit, sicurezza, veiligheid
4	Requires at least: 3.7
5	+ Tested up to: 5.3
6	+ Stable tag: 4.0.4
7	Requires PHP: 5.3
8	License: GPLv3 or later
9	License URI: http://www.gnu.org/licenses/gpl-3.0.html

200
201	== Changelog ==
202
203	+ = 4.0.4 =
204	+
205	+ * Improved firewall engine: Fixed a bug in the HTML entities decoder and added ES6 unicode detection and decoding.
206	+ * WP+ Edition (Premium): Updated IPv4/IPv6/ASN GeoIP databases.
207	+
208	= 4.0.3 =
209
210	We have simplified the menu structure and reduced the total number of menuitems from 15 to 10 (WP Edition) and from 19 to 12 (WP+ Edition):