Sucuri Security – Auditing, Malware Scanner and Security Hardening - Version 1.6.1

Version Description

  • Initial release with new auditing options.
Download this release

Release Info

Developer dd@sucuri.net
Plugin Icon 128x128 Sucuri Security – Auditing, Malware Scanner and Security Hardening
Version 1.6.1
Comparing to
See all releases

Code changes from version 1.6.0 to 1.6.1

Files changed (45) hide show
  1. inc/css/sucuriscan-default-css.css +176 -49
  2. inc/js/sucuriscan-scripts.js +31 -2
  3. inc/tpl/about.html.tpl +0 -111
  4. inc/tpl/base.html.tpl +10 -6
  5. inc/tpl/infosys-cronjobs.snippet.tpl +1 -0
  6. inc/tpl/infosys-htaccess.html.tpl +3 -2
  7. inc/tpl/infosys-loggedin.html.tpl +2 -1
  8. inc/tpl/infosys-serverinfo.html.tpl +1 -1
  9. inc/tpl/infosys-wpconfig.html.tpl +2 -1
  10. inc/tpl/initial-page.html.tpl +0 -97
  11. inc/tpl/integrity-admins-lastlogin.snippet.tpl +0 -4
  12. inc/tpl/integrity-auditlogs.html.tpl +38 -0
  13. inc/tpl/integrity-auditlogs.snippet.tpl +9 -0
  14. inc/tpl/integrity-corefiles.html.tpl +42 -0
  15. inc/tpl/integrity-corefiles.snippet.tpl +9 -0
  16. inc/tpl/integrity-modifiedfiles.html.tpl +40 -0
  17. inc/tpl/integrity-modifiedfiles.snippet.tpl +6 -0
  18. inc/tpl/integrity-wpoutdate.html.tpl +14 -0
  19. inc/tpl/integrity.html.tpl +10 -0
  20. inc/tpl/lastlogins-admins-lastlogin.snippet.tpl +5 -0
  21. inc/tpl/{integrity-admins.html.tpl → lastlogins-admins.html.tpl} +3 -5
  22. inc/tpl/{integrity-admins.snippet.tpl → lastlogins-admins.snippet.tpl} +3 -2
  23. inc/tpl/lastlogins-all.html.tpl +23 -0
  24. inc/tpl/{lastlogins.snippet.tpl → lastlogins-all.snippet.tpl} +0 -0
  25. inc/tpl/lastlogins.html.tpl +19 -21
  26. inc/tpl/malwarescan.html.tpl +17 -0
  27. inc/tpl/modalwindow.html.tpl +26 -0
  28. inc/tpl/monitoring-logs.html.tpl +74 -0
  29. inc/tpl/monitoring-logs.snippet.tpl +64 -0
  30. inc/tpl/monitoring-settings.html.tpl +28 -0
  31. inc/tpl/monitoring-settings.snippet.tpl +5 -0
  32. inc/tpl/monitoring.html.tpl +58 -0
  33. inc/tpl/{notification.html.tpl → notification-pretty.html.tpl} +5 -5
  34. inc/tpl/{notification.txt.tpl → notification-simple.html.tpl} +1 -1
  35. inc/tpl/posthack-databasebackups.html.tpl +41 -0
  36. inc/tpl/posthack-databasebackups.snippet.tpl +10 -0
  37. inc/tpl/posthack-resetpassword.html.tpl +47 -0
  38. inc/tpl/posthack-updatesecretkeys.html.tpl +31 -0
  39. inc/tpl/posthack.html.tpl +22 -71
  40. inc/tpl/settings-apiregistered.html.tpl +16 -0
  41. inc/tpl/settings-notification.snippet.tpl +12 -0
  42. inc/tpl/settings.html.tpl +118 -0
  43. inc/tpl/setup_notice.html.tpl +23 -0
  44. readme.txt +6 -3
  45. sucuri.php +5974 -1554
inc/css/sucuriscan-default-css.css CHANGED
@@ -3,89 +3,216 @@
3
* Copyright (C) 2010-2014 Sucuri Security - http://sucuri.net
4
* Released under the GPL - see LICENSE file for details.
5
*/
6
- /* New styles */
7
.sucuriscan-wrap *, .sucuriscan-wrap *:before, .sucuriscan-wrap *:after{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}
8
.sucuriscan-clearfix:before, .sucuriscan-clearfix:after{display:table;content:' '}
9
.sucuriscan-clearfix:after{clear:both}
10
.sucuriscan-visible{}
11
.sucuriscan-hidden{display:none !important}
12
.sucuriscan-monospace{font-family:Monospace, Courier}
13
.sucuriscan-wrap .sucuriscan-maincontent{margin:20px 0}
14
- .sucuriscan-wrap .sucuriscan-leftside{width:68%;float:left}
15
- .sucuriscan-wrap .sucuriscan-sidebar{width:30%;float:right}
16
.sucuriscan-header, .sucuriscan-footer{position:relative;min-width:255px;background:#333;margin:0;padding:10px;border-radius:4px}
17
.sucuriscan-footer .sucuriscan-help{color:#fff;float:right;text-align:right}
18
.sucuriscan-footer .sucuriscan-help p{line-height:38px;margin:0 10px 0 0;padding:0}
19
- .sucuriscan-wrap .sucuriscan-header img, .sucuriscan-wrap .sucuriscan-footer img, .sucuriscan-wrap .sucuriscan-header h2, .sucuriscan-wrap .sucuriscan-footer h2{float:left;margin:0;padding:0}
20
.sucuriscan-wrap .sucuriscan-header h2, .sucuriscan-wrap .sucuriscan-footer h2{color:#fff;line-height:38px;margin-left:10px;text-shadow:#000 0 1px 0}
21
.sucuriscan-leftside #poststuff .postbox:last-child{margin-bottom:0}
22
- .sucuriscan-sidebar .sucuriscan-ad{border:1px solid #ccc;margin:0 0 20px 0;padding:20px;border-radius:4px}
23
- .sucuriscan-sidebar .sucuriscan-ad h2{padding:0}
24
- .sucuriscan-sidebar .sucuriscan-ad p:last-child{margin-bottom:0}
25
- .sucuriscan-sidebar .sucuriscan-ad:nth-child(odd){background-color:#bbe8f5;border-color:#4393ac}
26
- .sucuriscan-sidebar .sucuriscan-ad:nth-child(even){background-color:#ececec;border-color:#999}
27
- .sucuriscan-maincontent .sucuriscan-border{border-left:4px solid #ddd}
28
- .sucuriscan-maincontent .sucuriscan-border-good{border-left-color:#7ad03a}
29
- .sucuriscan-maincontent .sucuriscan-border-bad{border-left-color:#dd3d36}
30
.sucuriscan-maincontent .sucuriscan-table{margin-top:12px}
31
- .sucuriscan-maincontent .sucuriscan-table tr > th{background:#f1f1f1;background-image:-webkit-gradient(linear,left bottom,left top,from(#ececec),to(#f9f9f9));background-image:-webkit-linear-gradient(bottom,#ececec,#f9f9f9);background-image:-moz-linear-gradient(bottom,#ececec,#f9f9f9);background-image:-o-linear-gradient(bottom,#ececec,#f9f9f9);background-image:linear-gradient(to top,#ececec,#f9f9f9);border-top:1px solid #e5e5e5;border-bottom:1px solid #e5e5e5}
32
.sucuriscan-maincontent .sucuriscan-table tr:first-child th{border-top:0}
33
.sucuriscan-maincontent .sucuriscan-table td.check-column{padding:8px 10px}
34
- .sucuriscan-table-doubletitle tr:first-child th{border-bottom:0}
35
- .sucuriscan-maincontent .sucuriscan-corefiles td,
36
- .sucuriscan-maincontent .sucuriscan-lastmodified td,
37
- .sucuriscan-maincontent .sucuriscan-adminusers table td{font-family:Monospace, Courier, serif;font-weight:bold}
38
- .sucuriscan_wpconfig_keys_updated textarea{width:100%;height:250px;background:#f5f5f5;font-family:monospace;font-size:12px;resize:vertical;margin:20px 0 0 0}
39
- .sucuriscan-ellipsis{overflow:hidden;display:inline-block;white-space:nowrap;text-overflow:ellipsis}
40
- .sucuriscan-maincontent .sucuriscan-last-logins{margin-top:0}
41
- .sucuriscan-maincontent .sucuriscan-last-logins .sucuriscan-ellipsis{width:150px;line-height:inherit}
42
- .sucuriscan-maincontent .thead-with-button span{display:inline-block;line-height:28px}
43
.sucuriscan-maincontent .thead-with-button .input-text{line-height:26px}
44
.sucuriscan-maincontent .thead-topright-action{display:inline-block;float:right}
45
.sucuriscan-tabs{}
46
.sucuriscan-tabs > ul{margin:0}
47
.sucuriscan-tabs > ul li, .sucuriscan-tabs > ul li > a{display:inline-block}
48
.sucuriscan-tabs > ul li{margin-bottom:0}
49
.sucuriscan-tabs > ul li > a{background:#e5e5e5;font-size:13px;font-weight:bold;color:#333;line-height:38px;text-decoration:none;padding:0 10px}
50
.sucuriscan-tabs > ul li > a.sucuriscan-tab-active{background:#fff;border:1px solid #e1e1e1;border-bottom:0}
51
.sucuriscan-maincontent .sucuriscan-tab-containers > div > table{margin-top:0}
52
.sucuriscan-maincontent .sucuriscan-tab-containers > div > #poststuff{margin-top:0}
53
.sucuriscan-maincontent .sucuriscan-full-textarea{width:100%;height:400px;line-height:normal;resize:vertical;padding:10px}
54
.sucuriscan-wpconfig-textarea{width:600px;height:525px;background:#f5f5f5;font-size:12px;line-height:1.4em;resize:none;margin:15px 0 0 0;padding:10px}
55
- .sucuriscan-scanner-results table tr:nth-child(even){background:#f5f5f5}
56
- .sucuriscan-maincontent .sucuriscan-cleanup-btn{display:block;text-align:center;margin:20px 0 0 0}
57
/* Old styles */
58
.sucuriscan-maincontent #poststuff{min-width:initial;padding-top:0}
59
.sucuriscan-maincontent .widefat tbody th.check-column{padding:6px 0 3px 0}
60
.sucuriscan-maincontent .hardening-box .primary-secondary{margin:0 0 0 10px}
61
.sucuriscan-maincontent a.lastlogins-showall{display:inline-block;float:right}
62
- .sucuri-alert{position:relative}
63
- .sucuri-alert>a.close{position:absolute;top:8px;right:10px;font-size:18px;text-decoration:none}
64
- .sucuri-alert-updated, .sucuri-alert-error{background:#fff;margin:5px 0 15px;padding:1px 12px;border:1px solid #e5e5e5;border-left:4px solid #ccc}
65
- .sucuri-alert-updated{border-left:4px solid #7ad03a}
66
- .sucuri-alert-error{border-left:4px solid #dd3d36}
67
- .sucuri-alert-updated p, .sucuri-alert-error p{margin:.5em 0;padding:2px}
68
.sucuri-inline-error{font-weight:bold;color:red}
69
- .sucuri-list li{list-style:disc;margin:0 0 5px 15px}
70
.sucuriscan-maincontent .alternate{background:#f5f5f5}
71
.sucuriscan-maincontent hr{border:none;border-top:1px solid #999}
72
.sucuriscan-maincontent table td > table{background:#fff}
73
.sucuriscan-maincontent table td > table th{padding:4px 8px}
74
- .sucuriscan-results .icon-ok, .sucuriscan-results .icon-warn, .sucuriscan-results .icon-error{position:relative;top:5px;width:22px;height:22px}
75
- .sucuriscan-scanner-video{width:100%;background:#fff;border:1px solid #ddd}
76
- .sucuriscan-column-left, .sucuriscan-column-right{width:49%;min-width:initial !important}
77
- .sucuriscan-column-left{float:left}
78
- .sucuriscan-column-right{float:right}
79
- .sucuriscan-hstatus{position:relative;margin:0 -12px;padding:10px 12px;border:1px solid transparent}
80
- .sucuriscan-hstatus-1{background-color:#dff0d8;color:#3c763d;border-color:#d6e9c6}
81
- .sucuriscan-hstatus-0{background-color:#f2dede;color:#a94442;border-color:#ebccd1}
82
- .sucuriscan-hstatus .button-primary, .sucuriscan-hstatus .button-secondary{position:absolute;top:5px;right:5px}
83
- .sucuriscan-initial-page{}
84
- .sucuriscan-initial-page a{text-decoration:none}
85
- .sucuriscan-initial-page .sucuriscan-column-left{width:70%}
86
- .sucuriscan-initial-page .sucuriscan-column-right{width:29%;text-align:right}
87
- .sucuriscan-initial-page #poststuff .inside, .sucuriscan-initial-page #poststuff .inside p{font-size:16px;margin:0;padding:0}
88
- .sucuriscan-initial-page #poststuff .inside{padding:20px}
89
- .sucuriscan-initial-page #poststuff .button.button-hero{width:202px;text-align:center;padding:0}
90
- .sucuriscan-initial-page .sucuriscan-disclaimer{padding:20px;padding-top:0}
91
- .sucuriscan-initial-page .sucuriscan-disclaimer p{font-size:10px;margin:0}
3
* Copyright (C) 2010-2014 Sucuri Security - http://sucuri.net
4
* Released under the GPL - see LICENSE file for details.
5
*/
6
+ /* Generic Styles */
7
.sucuriscan-wrap *, .sucuriscan-wrap *:before, .sucuriscan-wrap *:after{-webkit-box-sizing:border-box;-moz-box-sizing:border-box;box-sizing:border-box}
8
.sucuriscan-clearfix:before, .sucuriscan-clearfix:after{display:table;content:' '}
9
.sucuriscan-clearfix:after{clear:both}
10
.sucuriscan-visible{}
11
.sucuriscan-hidden{display:none !important}
12
.sucuriscan-monospace{font-family:Monospace, Courier}
13
+ .sucuriscan-ellipsis{overflow:hidden;display:inline-block;white-space:nowrap;text-overflow:ellipsis}
14
+ .sucuriscan-wraptext{word-break:break-all}
15
+ .sucuriscan-pull-left{float:left}
16
+ .sucuriscan-pull-right{float:right}
17
+ .sucuriscan-list li{list-style:disc;margin:0 0 5px 15px}
18
+ .sucuriscan-gradient, .sucuriscan-modal-header, .sucuriscan-maincontent .sucuriscan-table tr > th{background:#f1f1f1;background-image:-webkit-gradient(linear,left bottom,left top,from(#ececec),to(#f9f9f9));background-image:-webkit-linear-gradient(bottom,#ececec,#f9f9f9);background-image:-moz-linear-gradient(bottom,#ececec,#f9f9f9);background-image:-o-linear-gradient(bottom,#ececec,#f9f9f9);background-image:linear-gradient(to top,#ececec,#f9f9f9)}
19
+ /* WordPress Extra Buttons */
20
+ .wp-core-ui .button-danger.button-danger{background:#cc2e2e;border-color:#a20000;box-shadow:inset 0 1px 0 rgba(230, 120, 120, 0.6)}
21
+ .wp-core-ui .button-danger.focus, .wp-core-ui .button-danger.hover, .wp-core-ui .button-danger:focus, .wp-core-ui .button-danger:hover{background:#be1e1e}
22
+ .wp-core-ui .button-danger.focus, .wp-core-ui .button-danger:focus{border-color:#500e0e}
23
+ .wp-core-ui .button-danger.active, .wp-core-ui .button-danger.active:focus, .wp-core-ui .button-danger.active:hover, .wp-core-ui .button-danger:active{background:#a61b1b;border-color:#840000}
24
+ .wp-core-ui .button-danger-disabled, .wp-core-ui .button-danger.disabled, .wp-core-ui .button-danger:disabled, .wp-core-ui .button-danger[disabled]{color:#e79494 !important;background:#ba2929 !important;border-color:#7f1b1b !important}
25
+ /* Modal Window */
26
+ .sucuriscan-overlay{position:fixed;top:0;left:0;bottom:0;right:0;z-index:800;background:rgba(0, 0, 0, 0.5)}
27
+ .sucuriscan-modal{position:fixed;top:100px;left:50%;z-index:900}
28
+ .sucuriscan-modal-outside{position:relative;left:-50%;border:1px solid #ddd}
29
+ .sucuriscan-modal-inside{background:#fff;padding:20px}
30
+ .sucuriscan-modal-header{padding:10px 20px;border-bottom:1px solid #ddd}
31
+ .sucuriscan-modal-header .sucuriscan-modal-title{min-height:18px;margin:0}
32
+ .sucuriscan-modal-close{display:inline-block;position:absolute;top:0;right:0;font-size:16px;font-weight:bold;text-decoration:none;line-height:39px;padding:0 15px;border-left:1px solid #ddd}
33
+ .sucuriscan-modal-inside p:first-child{margin-top:0}
34
+ .sucuriscan-modal-inside p:last-child{margin-bottom:0}
35
+ /* Interface Wrapper */
36
+ .sucuriscan-wrap{margin-top:20px}
37
.sucuriscan-wrap .sucuriscan-maincontent{margin:20px 0}
38
+ .sucuriscan-wrap .sucuriscan-leftside{width:73.5%;float:left}
39
+ .sucuriscan-wrap .sucuriscan-sidebar{width:25%;float:right}
40
+ .sucuriscan-wrap #warnings_hook{line-height:initial;padding:0}
41
+ .sucuriscan-wrap .sucuriscan-navbar{padding-top:20px;padding-left:6px}
42
+ .sucuriscan-wrap .sucuriscan-navbar .nav-tab{margin-right:0}
43
.sucuriscan-header, .sucuriscan-footer{position:relative;min-width:255px;background:#333;margin:0;padding:10px;border-radius:4px}
44
.sucuriscan-footer .sucuriscan-help{color:#fff;float:right;text-align:right}
45
.sucuriscan-footer .sucuriscan-help p{line-height:38px;margin:0 10px 0 0;padding:0}
46
+ .sucuriscan-wrap .sucuriscan-logo, .sucuriscan-wrap .sucuriscan-header h2, .sucuriscan-wrap .sucuriscan-footer h2{float:left;margin:0;padding:0}
47
+ .sucuriscan-wrap .sucuriscan-logo{display:inline-block}
48
+ .sucuriscan-wrap .sucuriscan-logo img{display:block}
49
.sucuriscan-wrap .sucuriscan-header h2, .sucuriscan-wrap .sucuriscan-footer h2{color:#fff;line-height:38px;margin-left:10px;text-shadow:#000 0 1px 0}
50
.sucuriscan-leftside #poststuff .postbox:last-child{margin-bottom:0}
51
+ /* Page Setup Notice */
52
+ .wrap div.sucuriscan-setup-notice{background:#bbe8f5;margin:0 0 20px 0;padding:0;border:1px solid #bbb;border-radius:3px;-webkit-box-shadow:none;box-shadow:none}
53
+ .wrap div.sucuriscan-setup-notice .sucuriscan-setup-image, .wrap div.sucuriscan-setup-notice .sucuriscan-setup-image img{border-radius:3px 0 0 3px}
54
+ .wrap div.sucuriscan-setup-notice .sucuriscan-setup-image{background:#333;margin:-1px 0 -1px -1px;padding:7px 10px;border-right:1px solid transparent}
55
+ .wrap div.sucuriscan-setup-notice .sucuriscan-setup-form{padding:4px;padding-left:0}
56
+ .wrap div.sucuriscan-setup-notice p{font-size:14px;line-height:20px;margin:0 0 0 10px;padding:7px 0}
57
+ .wrap div.sucuriscan-setup-notice, .wrap div.sucuriscan-setup-notice .sucuriscan-setup-image{border-color:#4393ac}
58
+ /* Table Styles */
59
.sucuriscan-maincontent .sucuriscan-table{margin-top:12px}
60
+ .sucuriscan-maincontent .sucuriscan-table tr > th{border-top:1px solid #e5e5e5;border-bottom:1px solid #e5e5e5}
61
.sucuriscan-maincontent .sucuriscan-table tr:first-child th{border-top:0}
62
.sucuriscan-maincontent .sucuriscan-table td.check-column{padding:8px 10px}
63
+ .sucuriscan-table-double-title tr:first-child th{border-bottom:0}
64
+ .sucuriscan-table-triple-title tr:first-child th, .sucuriscan-table-triple-title tr:first-child + tr th{border-bottom:0}
65
+ .sucuriscan-table-quad-title tr:first-child th, .sucuriscan-table-quad-title tr:first-child + tr th, .sucuriscan-table-quad-title tr:first-child + tr + tr th{border-bottom:0}
66
+ .sucuriscan-maincontent .sucuriscan-lastmodified td{font-family:Monospace, Courier, serif;font-weight:bold}
67
+ .widefat td.td-with-button{text-align:right;padding:3px 10px}
68
+ .widefat td.td-with-button button{min-width:90px}
69
+ .widefat td.td-with-button select{height:initial;line-height:initial;vertical-align:top;margin:0;padding:2px 0 3px 0}
70
+ .sucuriscan-list-as-table{background:#fff;border:1px solid #e5e5e5}
71
+ .sucuriscan-list-as-table li{line-height:30px;margin:0;padding:0 10px}
72
+ .sucuriscan-list-as-table li:nth-child(odd){background:#f5f5f5}
73
+ .sucuriscan-list-as-table-scrollable{height:300px;overflow:hidden;overflow-y:scroll}
74
+ /* Table Top-Right Buttons */
75
+ .sucuriscan-maincontent .thead-with-button{padding:5px 5px 5px 10px}
76
+ .sucuriscan-maincontent .thead-with-button > span{display:inline-block;line-height:28px}
77
.sucuriscan-maincontent .thead-with-button .input-text{line-height:26px}
78
+ .sucuriscan-maincontent .thead-with-button select{margin:0;padding:0}
79
.sucuriscan-maincontent .thead-topright-action{display:inline-block;float:right}
80
+ /* Sidebar Styles */
81
+ .sucuriscan-sidebar .sucuriscan-ad{border:1px solid #ccc;margin:0 0 20px 0;padding:20px;border-radius:4px}
82
+ .sucuriscan-sidebar .sucuriscan-ad h2{font-size:18px;line-height:normal;padding:0}
83
+ .sucuriscan-sidebar .sucuriscan-ad p:last-child{margin-bottom:0}
84
+ .sucuriscan-sidebar .sucuriscan-ad:nth-child(odd){background-color:#bbe8f5;border-color:#4393ac}
85
+ .sucuriscan-sidebar .sucuriscan-ad:nth-child(even){background-color:#ececec;border-color:#999}
86
+ .sucuriscan-scanner-video{width:100%;background:#fff;border:1px solid #ddd}
87
+ /* WordPress Alerts */
88
+ div.sucuriscan-alert{position:relative;margin:0 0 20px 0}
89
+ div.sucuriscan-alert > a.close{position:absolute;top:10px;right:10px;font-size:18px;font-weight:bold;text-decoration:none}
90
+ /* Tabulation Panels */
91
.sucuriscan-tabs{}
92
.sucuriscan-tabs > ul{margin:0}
93
.sucuriscan-tabs > ul li, .sucuriscan-tabs > ul li > a{display:inline-block}
94
.sucuriscan-tabs > ul li{margin-bottom:0}
95
.sucuriscan-tabs > ul li > a{background:#e5e5e5;font-size:13px;font-weight:bold;color:#333;line-height:38px;text-decoration:none;padding:0 10px}
96
.sucuriscan-tabs > ul li > a.sucuriscan-tab-active{background:#fff;border:1px solid #e1e1e1;border-bottom:0}
97
+ .sucuriscan-tabs > ul li.sucuriscan-red-tab a{background:#ff8a83;color:#fff}
98
+ .sucuriscan-tabs > ul li.sucuriscan-red-tab a.sucuriscan-tab-active{background:#dd3d36;border-color:#dd3d36}
99
.sucuriscan-maincontent .sucuriscan-tab-containers > div > table{margin-top:0}
100
.sucuriscan-maincontent .sucuriscan-tab-containers > div > #poststuff{margin-top:0}
101
+ /* Get API Form */
102
+ .sucuriscan-getapi-div{background:#fff;margin:0 0 20px 0;border:1px solid #e5e5e5;border-radius:3px}
103
+ .sucuriscan-getapi-div p{margin:0;padding:10px}
104
+ .sucuriscan-getapi-form{}
105
+ .sucuriscan-getapi-form button.button-primary{width:100%;height:initial;line-height:30px;margin:0 0 -1px 0;padding:0;border-radius:0 0 3px 3px}
106
+ /* Scanner Page */
107
+ .sucuriscan-malwarescan-message{margin-bottom:20px !important}
108
+ .sucuriscan-loading{background:#fff;text-align:center;padding:30px;padding-bottom:15px;border:1px solid #ddd;border-radius:4px}
109
+ .sucuriscan-loading p, .sucuriscan-loading h3{margin:0;padding:0}
110
+ .sucuriscan-loading .title{font-size:26px;margin-bottom:10px}
111
+ .sucuriscan-loading .description{font-size:18px}
112
+ .sucuriscan-sitelogo{width:190px;height:100px;background:url('http://sitecheck.sucuri.net/images/sucuri-sprite.png') no-repeat;margin:0 auto}
113
+ /* Scanner Results */
114
+ .sucuriscan-maincontent .sucuriscan-border{border:0;border-left:4px solid #ddd}
115
+ .sucuriscan-maincontent .sucuriscan-border > h3, .sucuriscan-maincontent .sucuriscan-border > .inside{border-top:1px solid #e5e5e5;border-right:1px solid #e5e5e5}
116
+ .sucuriscan-maincontent .sucuriscan-border > h3{border-bottom:0}
117
+ .sucuriscan-maincontent .sucuriscan-border > .inside{margin-top:0 !important;border-bottom:1px solid #ddd}
118
+ .sucuriscan-maincontent .sucuriscan-border-good{border-left-color:#7ad03a}
119
+ .sucuriscan-maincontent .sucuriscan-border-bad{border-left-color:#dd3d36}
120
+ .sucuriscan-maincontent .sucuriscan-border-info{border-left-color:#2ea2cc}
121
+ .sucuriscan-maincontent .sucuriscan-cleanup-btn{display:block;text-align:center;margin:20px 0 0 0}
122
+ .sucuriscan-scanner-results .sucuriscan-scanner-details tr:nth-child(even),
123
+ .sucuriscan-scanner-results .sucuriscan-scanner-links tr:nth-child(even){background:#f5f5f5}
124
+ .sucuriscan-scanner-results td.sucuriscan-border-bad{border-left-width:4px;border-left-style:solid}
125
+ /* Integrity Styles */
126
+ .sucuriscan-status-type{width:20px;background:#ddd;text-align:center;text-transform:uppercase;margin-right:10px;padding:0 3px;border:1px solid transparent;border-radius:3px}
127
+ .sucuriscan-status-added{background:#dff0d8;color:#3c763d;border-color:#d6e9c6}
128
+ .sucuriscan-status-modified{background:#fcf8e3;color:#8a6d3b;border-color:#faebcc}
129
+ .sucuriscan-status-removed, td.sucuriscan-corefiles-warning > div{background:#f2dede;color:#a94442;border-color:#ebccd1}
130
+ .sucuriscan-maincontent .sucuriscan-corefiles,
131
+ .sucuriscan-maincontent .sucuriscan-integrity-message,
132
+ .sucuriscan-maincontent .sucuriscan-wordpress-outdated,
133
+ .sucuriscan-maincontent .sucuriscan-auditlogs{margin-top:0;margin-bottom:20px}
134
+ .sucuriscan-maincontent .sucuriscan-corefiles td{padding:4px 10px}
135
+ .sucuriscan-corefiles-abbrs .sucuriscan-status-type{display:inline-block;width:initial;font-size:12px;text-transform:capitalize;float:left;margin-top:4px;margin-right:5px}
136
+ .sucuriscan-maincontent td.sucuriscan-corefiles-warning, .sucuriscan-maincontent td.sucuriscan-corefiles-warning p{margin:0;padding:0}
137
+ .sucuriscan-maincontent td.sucuriscan-corefiles-warning div{padding:10px;border-width:1px;border-style:solid}
138
+ .sucuriscan-maincontent td.sucuriscan-corefiles-warning code{font-size:12px;padding:0 5px}
139
+ .sucuriscan-maincontent .sucuriscan-integrity-message{position:relative}
140
+ .sucuriscan-maincontent .sucuriscan-integrity-message .sucuriscan-integrity-mark{position:absolute;top:1px;right:1px;background:#7ad03a;font-weight:bold;color:#fff;line-height:35px;padding:0 10px;border-left:1px solid #ddd}
141
+ /* Monitoring Styles */
142
+ .sucuriscan-monitoring-settings{margin-bottom:20px}
143
+ .sucuriscan-monitoring-settings td.td-with-button{text-align:left}
144
+ .sucuriscan-monitoring-settings .sucuriscan-list-as-table{margin:0}
145
+ .sucuriscan-monitoring-apikey-form .input-text{width:85%}
146
+ .sucuriscan-monitoring-clear-cache-form{}
147
+ .sucuriscan-monitoring-logs{}
148
+ .sucuriscan-monitoring-logs .thead-with-button .button{width:65px}
149
+ .sucuriscan-monitoring-logs .thead-with-button .input-text, .sucuriscan-monitoring-logs .thead-with-button select{width:250px}
150
+ .sucuriscan-monitoring-logs .sucuriscan-monitoring-search-form{}
151
+ .sucuriscan-monitoring-logs .sucuriscan-monitoring-denial-types-form{}
152
+ .sucuriscan-monitoring-logs .sucuriscan-monitoring-date-form{}
153
+ .sucuriscan-monitoring-logs .sucuriscan-monitoring-date-form select{width:70px}
154
+ .sucuriscan-monitoring-logs .sucuriscan-monitoring-date-form select + select{width:112px}
155
+ .sucuriscan-monitoring-logs .sucuriscan-monitoring-date-form select + select + select{width:60px}
156
+ .sucuriscan-monitoring-logs .sucuriscan-target-date{font-size:12px;color:#999;margin-right:5px}
157
+ /* Monitoring AccessLog Styles */
158
+ .sucuriscan-request-summary{margin:-15px;margin-top:-3px}
159
+ .sucuriscan-request-summary ul{margin:0}
160
+ .sucuriscan-request-summary label, .sucuriscan-request-summary span{display:inline-block;font-size:14px}
161
+ .sucuriscan-request-summary label{width:200px;font-weight:bold}
162
+ .sucuriscan-request-summary span{max-width:395px;font-family:monospace;vertical-align:top;word-break:break-all}
163
+ /* Hardening Status */
164
+ .sucuriscan-hstatus{position:relative;margin:0 -12px;padding:10px 12px;border:1px solid transparent}
165
+ .sucuriscan-hstatus-1{background-color:#dff0d8;color:#3c763d;border-color:#d6e9c6}
166
+ .sucuriscan-hstatus-0{background-color:#f2dede;color:#a94442;border-color:#ebccd1}
167
+ .sucuriscan-hstatus .button-primary, .sucuriscan-hstatus .button-secondary{position:absolute;top:5px;right:5px}
168
+ /* About Page */
169
+ .sucuriscan-about ul{margin-left:20px}
170
+ .sucuriscan-about ul li{list-style:initial}
171
+ .sucuriscan-about li label{font-weight:bold;vertical-align:initial}
172
+ /* API Registered Modal */
173
+ .sucuriscan-apikey-registered{}
174
+ .sucuriscan-apikey-registered .sucuriscan-pull-right{width:400px;margin-left:20px}
175
+ .sucuriscan-apikey-registered .sucuriscan-sitelogo{background-position:0 -17px;height:83px}
176
+ /* Resetter Styles */
177
+ .sucuriscan_wpconfig_keys_updated textarea{width:100%;height:250px;background:#f5f5f5;font-family:monospace;font-size:12px;resize:vertical;margin:20px 0 0 0}
178
+ .sucuriscan-maincontent .sucuriscan-last-logins{margin-top:0}
179
+ .sucuriscan-maincontent .sucuriscan-last-logins .sucuriscan-ellipsis{width:150px;line-height:inherit}
180
+ .sucuriscan-maincontent .sucuriscan-modifiedfiles .sucuriscan-ellipsis{width:100px}
181
.sucuriscan-maincontent .sucuriscan-full-textarea{width:100%;height:400px;line-height:normal;resize:vertical;padding:10px}
182
+ .sucuriscan-maincontent .sucuriscan-auditlogs{margin-bottom:0}
183
+ .sucuriscan-maincontent .sucuriscan-auditlogs td small{font-style:italic}
184
+ .sucuriscan-maincontent .sucuriscan-auditlogs .sucuriscan-maxper-page{text-align:right}
185
+ .sucuriscan-maincontent .sucuriscan-settings{margin-top:0}
186
+ .sucuriscan-maincontent .sucuriscan-settings form{display:inline-block}
187
+ .sucuriscan-maincontent .sucuriscan-settings select, .sucuriscan-maincontent .sucuriscan-settings .input-text{min-width:245px}
188
+ .sucuriscan-maincontent .sucuriscan-settings-notifications{margin-top:20px}
189
.sucuriscan-wpconfig-textarea{width:600px;height:525px;background:#f5f5f5;font-size:12px;line-height:1.4em;resize:none;margin:15px 0 0 0;padding:10px}
190
+ /* Responsive Styles */
191
+ @media (max-width: 620px) {
192
+ .sucuriscan-tabs > ul li, .sucuriscan-tabs > ul li > a{display:block}
193
+ .sucuriscan-getapi-form button.button-primary{line-height:40px}
194
+ }
195
+ @media (max-width: 768px) {
196
+ .sucuriscan-wrap .sucuriscan-leftside,
197
+ .sucuriscan-wrap .sucuriscan-sidebar,
198
+ .sucuriscan-wrap .sucuriscan-footer .sucuriscan-logo,
199
+ .sucuriscan-wrap .sucuriscan-footer .sucuriscan-help{float:none}
200
+ .sucuriscan-wrap .sucuriscan-leftside, .sucuriscan-wrap .sucuriscan-sidebar{width:100%}
201
+ .sucuriscan-wrap .sucuriscan-sidebar{margin-top:20px}
202
+ .sucuriscan-wrap .sucuriscan-footer .sucuriscan-logo{display:table;margin:0 auto}
203
+ }
204
+ @media (max-width: 920px) {
205
+ .sucuriscan-wrap .sucuriscan-navbar{padding-left:0;padding-right:0}
206
+ .sucuriscan-wrap .sucuriscan-navbar .nav-tab{display:block}
207
+ .sucuriscan-wrap .sucuriscan-navbar .nav-tab:last-child{border-bottom:1px solid #ccc}
208
+ }
209
/* Old styles */
210
.sucuriscan-maincontent #poststuff{min-width:initial;padding-top:0}
211
.sucuriscan-maincontent .widefat tbody th.check-column{padding:6px 0 3px 0}
212
.sucuriscan-maincontent .hardening-box .primary-secondary{margin:0 0 0 10px}
213
.sucuriscan-maincontent a.lastlogins-showall{display:inline-block;float:right}
214
.sucuri-inline-error{font-weight:bold;color:red}
215
.sucuriscan-maincontent .alternate{background:#f5f5f5}
216
.sucuriscan-maincontent hr{border:none;border-top:1px solid #999}
217
.sucuriscan-maincontent table td > table{background:#fff}
218
.sucuriscan-maincontent table td > table th{padding:4px 8px}
inc/js/sucuriscan-scripts.js CHANGED
@@ -5,7 +5,7 @@
5
*/
6
7
function sucuriscan_alert_close(id){
8
- var element = document.getElementById('sucuri-alert-'+id);
9
element.parentNode.removeChild(element);
10
}
11
@@ -13,6 +13,7 @@ jQuery(document).ready(function($){
13
if( $('.sucuriscan-tabs').length ){
14
var hidden_class = 'sucuriscan-hidden';
15
var active_class = 'sucuriscan-tab-active';
16
17
$('.sucuriscan-tabs > ul a').on('click', function(e){
18
e.preventDefault();
@@ -30,6 +31,34 @@ jQuery(document).ready(function($){
30
});
31
32
$('.sucuriscan-tab-containers > div').addClass(hidden_class);
33
- $('.sucuriscan-tabs > ul li:first-child a').trigger('click');
34
}
35
});
5
*/
6
7
function sucuriscan_alert_close(id){
8
+ var element = document.getElementById('sucuriscan-alert-'+id);
9
element.parentNode.removeChild(element);
10
}
11
13
if( $('.sucuriscan-tabs').length ){
14
var hidden_class = 'sucuriscan-hidden';
15
var active_class = 'sucuriscan-tab-active';
16
+ var anchor = location.href.split('#')[1];
17
18
$('.sucuriscan-tabs > ul a').on('click', function(e){
19
e.preventDefault();
31
});
32
33
$('.sucuriscan-tab-containers > div').addClass(hidden_class);
34
+
35
+ if( anchor != undefined ){
36
+ $('.sucuriscan-tabs > ul li a').each(function(i, el){
37
+ if( $(el).data('tabname') == anchor ){
38
+ $(el).trigger('click');
39
+ }
40
+ });
41
+ } else {
42
+ $('.sucuriscan-tabs > ul li:first-child a').trigger('click');
43
+ }
44
}
45
+
46
+ $('#sucuriscan-corefiles-show').on('click', function(e){
47
+ e.preventDefault();
48
+
49
+ var this_button = $(this);
50
+ var action = this_button.data('action');
51
+
52
+ if( action == 'show' ){
53
+ $('.sucuriscan-corefiles tbody > tr').removeClass('sucuriscan-hidden');
54
+ this_button.html('Hide files').data('action', 'hide');
55
+ } else {
56
+ $('.sucuriscan-corefiles tbody > tr').addClass('sucuriscan-hidden');
57
+ this_button.html('Show files').data('action', 'show');
58
+ }
59
+ });
60
+
61
+ $('#sucuriscan_last_days').on('change', function(){
62
+ $(this).closest('form').submit();
63
+ });
64
});
inc/tpl/about.html.tpl DELETED
@@ -1,111 +0,0 @@
1
-
2
- <div id="poststuff">
3
- <div class="postbox">
4
- <h3>About</h3>
5
- <div class="inside">
6
- <p>
7
- Our WordPress Security Plugin will monitor your site from the inside, creating
8
- a complete audit trail, alerting you of possible security issues (file changes,
9
- password guessing attacks, etc) and blocking the attackers. This is the perfect
10
- complement for our external security scans.
11
- </p>
12
- </div>
13
- </div>
14
-
15
-
16
- <div class="postbox">
17
- <h3>How does it work?</h3>
18
- <div class="inside">
19
- <ul>
20
- <li>Web Application Firewall. Block attacks before they reach your site.</li>
21
- <li>Integrity Monitoring. Receive notifications if any of your files are modified.</li>
22
- <li>Audit Logs. Keep track of everything that happens inside WordPress, including new users, posts, login failures and successful logins.</li>
23
- <li>Activity Reporting</li>
24
- <li>1-Click Hardening. Easy-to-use hardening options for your site.</li>
25
- </ul>
26
- </div>
27
- </div>
28
-
29
-
30
- <div class="postbox">
31
- <h3>Web Application Firewall (WAF)</h3>
32
- <div class="inside">
33
- <p>
34
- The WAF is a unique feature that is designed to intelligently protect your sites
35
- from brute-force attacks like dictionary attacks and other similar unauthorized
36
- access attempts. When a bad IP is identified it is blacklisted in your admin
37
- dashboard. If it was an unintentional block, you have the ability to white-list
38
- access to any IP.
39
- </p>
40
- <p>
41
- The WAF is not tied to your application, it communicates with our servers and
42
- allows us to see malicious attacks across the network. When one client gets attacked
43
- by one bad IP in Croatia, we are able to push preventive measures to every plugin
44
- to protect against that IP.
45
- </p>
46
- </div>
47
- </div>
48
-
49
-
50
- <div class="postbox">
51
- <h3>Integrity Monitoring</h3>
52
- <div class="inside">
53
- <p>
54
- This feature compares your core install against a clean version of core. In other
55
- words, if it is not a 1-to-1 match with core you will be notified of a problem.
56
- Future add-ons include:
57
- </p>
58
- <ul>
59
- <li>Theme Integrity Checks</li>
60
- <li>Plugin Integrity Checks</li>
61
- <li>Third-party Integrity Checks</li>
62
- </ul>
63
- </div>
64
- </div>
65
-
66
-
67
- <div class="postbox">
68
- <h3>Audit Trails</h3>
69
- <div class="inside">
70
- <p>
71
- This feature is great for proactive webmasters who want to monitor their website
72
- to ensure no unauthorized access or changes are made without prior approval.
73
- Monitor your site for changes. This feature monitors for a large number of actions,
74
- including:
75
- </p>
76
- <ul>
77
- <li>Login attempts</li>
78
- <li>New Posts</li>
79
- <li>Failed Logins</li>
80
- <li>New Plugins</li>
81
- <li>File Changes</li>
82
- <li>New Users</li>
83
- <li>New Attachments</li>
84
- <li>Delete Actions (users and posts)</li>
85
- <li>Revisions</li>
86
- </ul>
87
- </div>
88
- </div>
89
-
90
-
91
- <div class="postbox">
92
- <h3>1-Click Hardening</h3>
93
- <div class="inside">
94
- <p>
95
- In our experience a high-percentage of the infections we see every day come from
96
- poor management on the end-user’s part. This feature uses common hardening
97
- measures that can be taken at any time and helps reduce infection risk. This
98
- feature performs the following:
99
- </p>
100
- <ul>
101
- <li>Checks software core version</li>
102
- <li>Hides your version (security through obscurity)</li>
103
- <li>Upload directory protected</li>
104
- <li>Secret keys and salts created</li>
105
- <li>Configuration file hardening/location verification</li>
106
- <li>Hardening of readme file</li>
107
- <li>PHP verification</li>
108
- </ul>
109
- </div>
110
- </div>
111
- </div><!-- End poststuff -->
inc/tpl/base.html.tpl CHANGED
@@ -4,12 +4,16 @@
4
<h2 id="warnings_hook"></h2>
5
6
<div class="sucuriscan-header sucuriscan-clearfix">
7
- <a href="http://sucuri.net/signup" target="_blank" title="Sucuri Security">
8
<img src="%%SUCURI.SucuriURL%%/inc/images/logo.png" alt="Sucuri Security" />
9
</a>
10
- <h2>SiteCheck Scanner %%SUCURI.PageTitle%%</h2>
11
</div>
12
13
<div class="sucuriscan-maincontent sucuriscan-clearfix">
14
15
<div class="sucuriscan-leftside sucuriscan-%%SUCURI.PageStyleClass%%">
@@ -23,12 +27,12 @@
23
<div class="sucuriscan-ad">
24
<h2>Is your website infected with malware? Blacklisted by Google?</h2>
25
<p>Don't know where to start? Get cleared today by <a href="http://sucuri.net/signup">Sucuri Security</a>!</p>
26
- <p><a class="button-primary" href="http://sucuri.net/tour">Read more &#187;</a></p>
27
</div>
28
29
<div class="sucuriscan-ad">
30
<h2>Preventive website security in the cloud!</h2>
31
- <ul class="sucuri-list">
32
<li>Web Application Firewall (WAF) Protection</li>
33
<li>Virtual Website Patching</li>
34
<li>Cloud Intrusion Prevention System (IPS)</li>
@@ -41,14 +45,14 @@
41
</p>
42
</div>
43
44
- <iframe src="https://www.youtube-nocookie.com/embed/QV3OfHmEq5c" height="250" class="sucuriscan-scanner-video"></iframe>
45
46
</div>
47
48
</div>
49
50
<div class="sucuriscan-footer sucuriscan-clearfix">
51
- <a href="http://sucuri.net/signup" target="_blank" title="Sucuri Security">
52
<img src="%%SUCURI.SucuriURL%%/inc/images/logo.png" alt="Sucuri Security" />
53
</a>
54
<div class="sucuriscan-help">
4
<h2 id="warnings_hook"></h2>
5
6
<div class="sucuriscan-header sucuriscan-clearfix">
7
+ <a href="http://sucuri.net/signup" target="_blank" title="Sucuri Security" class="sucuriscan-logo">
8
<img src="%%SUCURI.SucuriURL%%/inc/images/logo.png" alt="Sucuri Security" />
9
</a>
10
+ <h2>Sucuri Security %%SUCURI.PageTitle%%</h2>
11
</div>
12
13
+ <h2 class="nav-tab-wrapper sucuriscan-navbar">
14
+ %%SUCURI.Navbar%%
15
+ </h2>
16
+
17
<div class="sucuriscan-maincontent sucuriscan-clearfix">
18
19
<div class="sucuriscan-leftside sucuriscan-%%SUCURI.PageStyleClass%%">
27
<div class="sucuriscan-ad">
28
<h2>Is your website infected with malware? Blacklisted by Google?</h2>
29
<p>Don't know where to start? Get cleared today by <a href="http://sucuri.net/signup">Sucuri Security</a>!</p>
30
+ <p><a href="http://sucuri.net/tour" target="_blank" class="button-primary">Read more</a></p>
31
</div>
32
33
<div class="sucuriscan-ad">
34
<h2>Preventive website security in the cloud!</h2>
35
+ <ul class="sucuriscan-list">
36
<li>Web Application Firewall (WAF) Protection</li>
37
<li>Virtual Website Patching</li>
38
<li>Cloud Intrusion Prevention System (IPS)</li>
45
</p>
46
</div>
47
48
+ <iframe src="https://www.youtube-nocookie.com/embed/EVa9FY3nKuQ" height="250" class="sucuriscan-scanner-video" allowfullscreen></iframe>
49
50
</div>
51
52
</div>
53
54
<div class="sucuriscan-footer sucuriscan-clearfix">
55
+ <a href="http://sucuri.net/signup" target="_blank" title="Sucuri Security" class="sucuriscan-logo">
56
<img src="%%SUCURI.SucuriURL%%/inc/images/logo.png" alt="Sucuri Security" />
57
</a>
58
<div class="sucuriscan-help">
inc/tpl/infosys-cronjobs.snippet.tpl CHANGED
@@ -1,3 +1,4 @@
1
<tr class="%%SUCURI.Cronjob.CssClass%%">
2
<td>%%SUCURI.Cronjob.Task%%</td>
3
<td>%%SUCURI.Cronjob.Schedule%%</td>
1
+
2
<tr class="%%SUCURI.Cronjob.CssClass%%">
3
<td>%%SUCURI.Cronjob.Task%%</td>
4
<td>%%SUCURI.Cronjob.Schedule%%</td>
inc/tpl/infosys-htaccess.html.tpl CHANGED
@@ -1,7 +1,8 @@
1
2
- <div id="poststuff" class="sucuri-infosys-htaccess">
3
<div class="postbox">
4
<h3>HTAccess Integrity</h3>
5
<div class="inside">
6
<p>
7
The <code>.htaccess</code> is a distributed configuration file, and is how Apache handles
@@ -10,7 +11,7 @@
10
modifies this file to be able to handle pretty permalinks.
11
</p>
12
13
- <div class="sucuri-alert-%%SUCURI.HTAccess.MessageType%% %%SUCURI.HTAccess.MessageVisible%%">
14
<p>%%SUCURI.HTAccess.Message%%</p>
15
</div>
16
1
2
+ <div id="poststuff" class="sucuriscan-infosys-htaccess">
3
<div class="postbox">
4
<h3>HTAccess Integrity</h3>
5
+
6
<div class="inside">
7
<p>
8
The <code>.htaccess</code> is a distributed configuration file, and is how Apache handles
11
modifies this file to be able to handle pretty permalinks.
12
</p>
13
14
+ <div class="sucuriscan-alert-%%SUCURI.HTAccess.MessageType%% %%SUCURI.HTAccess.MessageVisible%%">
15
<p>%%SUCURI.HTAccess.Message%%</p>
16
</div>
17
inc/tpl/infosys-loggedin.html.tpl CHANGED
@@ -1,5 +1,5 @@
1
2
- <table class="wp-list-table widefat sucuri-loggedin-users">
3
<thead>
4
<tr>
5
<th colspan="6">Logged in Users (%%SUCURI.LoggedInUsers.Total%% users)</th>
@@ -13,6 +13,7 @@
13
<th>&nbsp;</th>
14
</tr>
15
</thead>
16
<tbody>
17
%%SUCURI.LoggedInUsers.List%%
18
</tbody>
1
2
+ <table class="wp-list-table widefat sucuriscan-loggedin-users">
3
<thead>
4
<tr>
5
<th colspan="6">Logged in Users (%%SUCURI.LoggedInUsers.Total%% users)</th>
13
<th>&nbsp;</th>
14
</tr>
15
</thead>
16
+
17
<tbody>
18
%%SUCURI.LoggedInUsers.List%%
19
</tbody>
inc/tpl/infosys-serverinfo.html.tpl CHANGED
@@ -1,5 +1,5 @@
1
2
- <table class="wp-list-table widefat sucuri-%%SUCURI.SettingsDisplay%%">
3
<tbody>
4
<tr class="alternate">
5
<td>Sucuri Plugin version</td>
1
2
+ <table class="wp-list-table widefat sucuriscan-server-info">
3
<tbody>
4
<tr class="alternate">
5
<td>Sucuri Plugin version</td>
inc/tpl/infosys-wpconfig.html.tpl CHANGED
@@ -1,5 +1,5 @@
1
2
- <table class="wp-list-table widefat sucuri-wpconfig-rules">
3
<thead>
4
<th colspan="7" class="thead-with-button">
5
<span>WP-Config Variables</span>
@@ -12,6 +12,7 @@
12
<th>Value</th>
13
</tr>
14
</thead>
15
<tbody>
16
%%SUCURI.WordpressConfig.Rules%%
17
</tbody>
1
2
+ <table class="wp-list-table widefat sucuriscan-wpconfig-rules">
3
<thead>
4
<th colspan="7" class="thead-with-button">
5
<span>WP-Config Variables</span>
12
<th>Value</th>
13
</tr>
14
</thead>
15
+
16
<tbody>
17
%%SUCURI.WordpressConfig.Rules%%
18
</tbody>
inc/tpl/initial-page.html.tpl DELETED
@@ -1,97 +0,0 @@
1
-
2
- <div id="poststuff">
3
-
4
- <div class="postbox">
5
- <h3>Sucuri SiteCheck</h3>
6
- <div class="inside sucuriscan-clearfix">
7
- <div class="sucuriscan-column-left">
8
- <p>
9
- <a href="http://sitecheck.sucuri.net/" target="_blank">Sucuri SiteCheck</a>
10
- scanner will check your website for known malware, blacklisting status, website
11
- errors, and out-of-date software.
12
- </p>
13
- </div>
14
- <div class="sucuriscan-column-right">
15
- <form method="post">
16
- <input type="hidden" name="wpsucuri-doscan" value="wpsucuri-doscan" />
17
- <input type="submit" name="wpsucuri_doscanrun" value="Scan this site now" class="button button-primary button-hero" />
18
- </form>
19
- </div>
20
- </div>
21
- <div class="sucuriscan-disclaimer">
22
- <p>
23
- <strong>Disclaimer</strong>: Sucuri SiteCheck is a free and remote scanner.
24
- Although we do our best to provide the best results, 100% accuracy is not
25
- realistic, and not guaranteed.
26
- </p>
27
- </div>
28
- </div>
29
-
30
-
31
- <div class="postbox">
32
- <h3>1-Click Hardening</h3>
33
- <div class="inside sucuriscan-clearfix">
34
- <div class="sucuriscan-column-left">
35
- <p>
36
- In our experience a high-percentage of the infections we see every day come from
37
- poor management on the end-user's part. This feature uses common hardening
38
- measures that can be taken at any time and helps reduce infection risk.
39
- </p>
40
- </div>
41
- <div class="sucuriscan-column-right">
42
- <a href="%%SUCURI.URL.Hardening%%" class="button button-primary button-hero">Harden this site now</a>
43
- </div>
44
- </div>
45
- </div>
46
-
47
-
48
- <div class="postbox">
49
- <h3>WordPress Integrity</h3>
50
- <div class="inside sucuriscan-clearfix">
51
- <div class="sucuriscan-column-left">
52
- <p>
53
- This feature compares your core install against a clean version of core. In
54
- other words, if it is not a 1-to-1 match with core you will be notified of a
55
- problem.
56
- </p>
57
- </div>
58
- <div class="sucuriscan-column-right">
59
- <a href="%%SUCURI.URL.CoreIntegrity%%" class="button button-primary button-hero">Check site integrity now</a>
60
- </div>
61
- </div>
62
- </div>
63
-
64
-
65
- <div class="postbox">
66
- <h3>Post-Hack</h3>
67
- <div class="inside sucuriscan-clearfix">
68
- <div class="sucuriscan-column-left">
69
- <p>
70
- After being hacked or infected with malware, we recommend that you update your
71
- wp-config keys, and also reset all your user passwords. Do it with ease using
72
- Sucuri Post-Hack.
73
- </p>
74
- </div>
75
- <div class="sucuriscan-column-right">
76
- <a href="%%SUCURI.URL.PostHack%%" class="button button-primary button-hero">Run Post-Hack resets</a>
77
- </div>
78
- </div>
79
- </div>
80
-
81
-
82
- <div class="postbox">
83
- <h3>Last Logins</h3>
84
- <div class="inside sucuriscan-clearfix">
85
- <div class="sucuriscan-column-left">
86
- <p>
87
- It's always good to know who is logging into your site. This feature allows you
88
- to view logins, where they came from, and when they logged in.
89
- </p>
90
- </div>
91
- <div class="sucuriscan-column-right">
92
- <a href="%%SUCURI.URL.LastLogins%%" class="button button-primary button-hero">View Last Logins</a>
93
- </div>
94
- </div>
95
- </div>
96
-
97
- </div>
inc/tpl/integrity-admins-lastlogin.snippet.tpl DELETED
@@ -1,4 +0,0 @@
1
- <tr>
2
- <td>%%SUCURI.AdminUsers.RemoteAddr%%</td>
3
- <td>%%SUCURI.AdminUsers.Datetime%%</td>
4
- </tr>
inc/tpl/integrity-auditlogs.html.tpl ADDED
@@ -0,0 +1,38 @@
1
+
2
+ <table class="wp-list-table widefat sucuriscan-table sucuriscan-table-double-title sucuriscan-auditlogs">
3
+ <thead>
4
+ <tr>
5
+ <th colspan="2" class="thead-with-button">
6
+ <span>Audit Logs (%%SUCURI.AuditLogs.Count%% logs)</span>
7
+ <form action="%%SUCURI.URL.Home%%" method="post" class="thead-topright-action">
8
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
9
+ <button type="submit" name="sucuriscan_force_scan" class="button-primary">Force Scan</button>
10
+ </form>
11
+ </th>
12
+ </tr>
13
+ <tr>
14
+ <th width="150">Date &amp; Time</th>
15
+ <th>Event &amp; Message</th>
16
+ </tr>
17
+ </thead>
18
+
19
+ <tbody>
20
+ %%SUCURI.AuditLogs.List%%
21
+
22
+ <tr class="sucuriscan-%%SUCURI.AuditLogs.MaxItemsVisibility%%">
23
+ <td colspan="2">
24
+ <div class="sucuriscan-maxper-page">
25
+ Showing <b>%%SUCURI.AuditLogs.MaxPerPage%%</b> out of <b>%%SUCURI.AuditLogs.Count%%</b>
26
+ &nbsp;-&nbsp;
27
+ <a href="%%SUCURI.URL.Core_integrity%%&show_all=1">Show all</a>
28
+ </div>
29
+ </td>
30
+ </tr>
31
+
32
+ <tr class="sucuriscan-%%SUCURI.AuditLogs.NoItemsVisibility%%">
33
+ <td colspan="2">
34
+ <em>No logs so far.</em>
35
+ </td>
36
+ </tr>
37
+ </tbody>
38
+ </table>
inc/tpl/integrity-auditlogs.snippet.tpl ADDED
@@ -0,0 +1,9 @@
1
+
2
+ <tr class="%%SUCURI.AuditLog.CssClass%%">
3
+ <td>%%SUCURI.AuditLog.DateTime%%</td>
4
+ <td>
5
+ <span class="sucuriscan-monospace">%%SUCURI.AuditLog.Message%%</span>
6
+
7
+ %%SUCURI.AuditLog.Extra%%
8
+ </td>
9
+ </tr>
inc/tpl/integrity-corefiles.html.tpl ADDED
@@ -0,0 +1,42 @@
1
+
2
+ <div class="postbox sucuriscan-border sucuriscan-border-good sucuriscan-integrity-message sucuriscan-%%SUCURI.CoreFiles.GoodVisibility%%">
3
+ <span class="sucuriscan-integrity-mark">OK</span>
4
+ <h3>WordPress core integrity</h3>
5
+
6
+ <div class="inside">
7
+ <p>Your WordPress core files are clean and were not modified.</p>
8
+ </div>
9
+ </div>
10
+
11
+ <table class="wp-list-table widefat sucuriscan-table sucuriscan-corefiles sucuriscan-%%SUCURI.CoreFiles.BadVisibility%%">
12
+ <thead>
13
+ <tr>
14
+ <th class="sucuriscan-clearfix thead-with-button">
15
+ <span>WordPress core integrity (%%SUCURI.CoreFiles.ListCount%% files)</span>
16
+ <div class="sucuriscan-pull-right sucuriscan-corefiles-abbrs">
17
+ <span class="sucuriscan-status-type sucuriscan-status-added">Added</span>
18
+ <span class="sucuriscan-status-type sucuriscan-status-modified">Modified</span>
19
+ <span class="sucuriscan-status-type sucuriscan-status-removed">Removed</span>
20
+ <button id="sucuriscan-corefiles-show" class="button button-primary thead-topright-action" data-action="show">Show files</button>
21
+ </div>
22
+ </th>
23
+ </tr>
24
+
25
+ <tr>
26
+ <td class="sucuriscan-corefiles-warning">
27
+ <div>
28
+ <p>
29
+ We detected changes in the integrity of your WordPress core files. There are files that
30
+ were added, modified, and/or removed in the core directories <code>/&lt;root&gt;</code>,
31
+ <code>/wp-admin</code> and/or <code>/wp-includes</code>.
32
+ </p>
33
+ </div>
34
+ </td>
35
+ </tr>
36
+ </thead>
37
+
38
+ <tbody>
39
+
40
+ %%SUCURI.CoreFiles.List%%
41
+ </tbody>
42
+ </table>
inc/tpl/integrity-corefiles.snippet.tpl ADDED
@@ -0,0 +1,9 @@
1
+
2
+ <tr class="%%SUCURI.CoreFiles.CssClass%% sucuriscan-hidden">
3
+ <td>
4
+ <div class="sucuriscan-clearfix">
5
+ <div class="sucuriscan-pull-left sucuriscan-status-type sucuriscan-status-%%SUCURI.CoreFiles.StatusType%%">%%SUCURI.CoreFiles.StatusAbbr%%</div>
6
+ <div class="sucuriscan-pull-left sucuriscan-monospace">%%SUCURI.CoreFiles.FilePath%%</div>
7
+ </div>
8
+ </td>
9
+ </tr>
inc/tpl/integrity-modifiedfiles.html.tpl ADDED
@@ -0,0 +1,40 @@
1
+
2
+ <table class="wp-list-table widefat sucuriscan-table sucuriscan-table-double-title sucuriscan-modifiedfiles">
3
+ <thead>
4
+ <tr>
5
+ <th colspan="3" class="thead-with-button">
6
+ <span>Modified files <em>(inside the content directory)</em></span>
7
+
8
+ <form action="%%SUCURI.CurrentURL%%#modified-files" method="post" class="thead-topright-action">
9
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10
+ <label>
11
+ Modified in the last
12
+ <select name="sucuriscan_last_days" id="sucuriscan_last_days">
13
+ %%SUCURI.ModifiedFiles.SelectOptions%%
14
+ </select>
15
+ days
16
+ </label>
17
+
18
+ <!-- This field was added to give backward compatibility with the SiteCheck form. -->
19
+ <input type="hidden" name="sucuriscan_malware_scan" value="1" />
20
+ </form>
21
+ </th>
22
+ </tr>
23
+
24
+ <tr>
25
+ <th width="540">Filepath</th>
26
+ <th>CheckSum</th>
27
+ <th width="160">Modification</th>
28
+ </tr>
29
+ </thead>
30
+
31
+ <tbody>
32
+ %%SUCURI.ModifiedFiles.List%%
33
+
34
+ <tr class="sucuriscan-%%SUCURI.ModifiedFiles.NoFilesVisibility%%">
35
+ <td colspan="3">
36
+ <em>No files modified in the last %%SUCURI.ModifiedFiles.Days%% days</em>
37
+ </td>
38
+ </tr>
39
+ </tbody>
40
+ </table>
inc/tpl/integrity-modifiedfiles.snippet.tpl ADDED
@@ -0,0 +1,6 @@
1
+
2
+ <tr class="sucuriscan-wraptext %%SUCURI.ModifiedFiles.CssClass%%">
3
+ <td><span class="sucuriscan-monospace">%%SUCURI.ModifiedFiles.FilePath%%</span></td>
4
+ <td><span class="sucuriscan-monospace sucuriscan-ellipsis" title="%%SUCURI.ModifiedFiles.CheckSum%%">%%SUCURI.ModifiedFiles.CheckSum%%</span></td>
5
+ <td>%%SUCURI.ModifiedFiles.DateTime%%</td>
6
+ </tr>
inc/tpl/integrity-wpoutdate.html.tpl ADDED
@@ -0,0 +1,14 @@
1
+
2
+ <div class="postbox sucuriscan-wordpress-outdated sucuriscan-border sucuriscan-border-bad sucuriscan-%%SUCURI.WordPress.UpdateVisibility%%">
3
+ <h3>WordPress version outdated</h3>
4
+
5
+ <div class="inside">
6
+ <p>
7
+ The current version of your site was detected as
8
+ <code>%%SUCURI.WordPress.Version%%</code> which is different to the official
9
+ latest version. The integrity check can not run using this version number
10
+ <a href="%%SUCURI.WordPress.UpgradeURL%%" target="_blank">update now</a> to
11
+ be able to run the integrity check.
12
+ </p>
13
+ </div>
14
+ </div>
inc/tpl/integrity.html.tpl ADDED
@@ -0,0 +1,10 @@
1
+
2
+ <div id="poststuff">
3
+
4
+ %%SUCURI.WordpressVersion%%
5
+
6
+ %%SUCURI.CoreFiles%%
7
+
8
+ %%SUCURI.AuditLogs%%
9
+
10
+ </div>
inc/tpl/lastlogins-admins-lastlogin.snippet.tpl ADDED
@@ -0,0 +1,5 @@
1
+
2
+ <tr class="%%SUCURI.AdminUsers.CssClass%%">
3
+ <td><span class="sucuriscan-monospace">%%SUCURI.AdminUsers.RemoteAddr%%</span></td>
4
+ <td><span class="sucuriscan-monospace">%%SUCURI.AdminUsers.Datetime%%</span></td>
5
+ </tr>
inc/tpl/{integrity-admins.html.tpl → lastlogins-admins.html.tpl} RENAMED
@@ -1,8 +1,6 @@
1
- <table class="wp-list-table widefat sucuriscan-table sucuriscan-table-doubletitle sucuriscan-adminusers">
2
<thead>
3
- <tr>
4
- <th colspan="4">Administrator Users</th>
5
- </tr>
6
<tr>
7
<th class="manage-column">Username</th>
8
<th class="manage-column">Email</th>
@@ -12,6 +10,6 @@
12
</thead>
13
14
<tbody>
15
- %%SUCURI.AdminUsers.UserList%%
16
</tbody>
17
</table>
1
+
2
+ <table class="wp-list-table widefat sucuriscan-table sucuriscan-table-double-title sucuriscan-adminusers">
3
<thead>
4
<tr>
5
<th class="manage-column">Username</th>
6
<th class="manage-column">Email</th>
10
</thead>
11
12
<tbody>
13
+ %%SUCURI.AdminUsers.List%%
14
</tbody>
15
</table>
inc/tpl/{integrity-admins.snippet.tpl → lastlogins-admins.snippet.tpl} RENAMED
@@ -1,12 +1,13 @@
1
<tr>
2
<td>%%SUCURI.AdminUsers.Username%%</td>
3
<td><a href="mailto:%%SUCURI.AdminUsers.Email%%">%%SUCURI.AdminUsers.Email%%</a></td>
4
<td class="adminusers-lastlogin">
5
- <div class="sucuri-%%SUCURI.AdminUsers.NoLastLogins%%">
6
<i>There isn't information available for this account.</i>
7
</div>
8
9
- <table class="widefat sucuri-%%SUCURI.AdminUsers.NoLastLoginsTable%%">
10
<thead>
11
<tr>
12
<th>IP Address</th>
1
+
2
<tr>
3
<td>%%SUCURI.AdminUsers.Username%%</td>
4
<td><a href="mailto:%%SUCURI.AdminUsers.Email%%">%%SUCURI.AdminUsers.Email%%</a></td>
5
<td class="adminusers-lastlogin">
6
+ <div class="sucuriscan-%%SUCURI.AdminUsers.NoLastLogins%%">
7
<i>There isn't information available for this account.</i>
8
</div>
9
10
+ <table class="widefat sucuriscan-%%SUCURI.AdminUsers.NoLastLoginsTable%%">
11
<thead>
12
<tr>
13
<th>IP Address</th>
inc/tpl/lastlogins-all.html.tpl ADDED
@@ -0,0 +1,23 @@
1
+
2
+ <table class="wp-list-table widefat sucuriscan-table sucuriscan-table-double-title sucuriscan-last-logins">
3
+ <thead>
4
+ <tr>
5
+ <th colspan="6" class="thead-with-button">
6
+ <span>User logins (latest %%SUCURI.UserListLimit%%, newest to oldest)</span>
7
+ <a href="%%SUCURI.CurrentURL%%&limit=0" class="button button-primary lastlogins-showall thead-topright-action sucuriscan-%%SUCURI.UserList.ShowAll%%">Show all results</a>
8
+ </th>
9
+ </tr>
10
+ <tr>
11
+ <th class="manage-column">No.</th>
12
+ <th class="manage-column">User</th>
13
+ <th class="manage-column">IP Address</th>
14
+ <th class="manage-column">Hostname</th>
15
+ <th class="manage-column">Date/Time</th>
16
+ <th class="manage-column">&nbsp;</th>
17
+ </tr>
18
+ </thead>
19
+
20
+ <tbody>
21
+ %%SUCURI.UserList%%
22
+ </tbody>
23
+ </table>
inc/tpl/{lastlogins.snippet.tpl → lastlogins-all.snippet.tpl} RENAMED
File without changes
inc/tpl/lastlogins.html.tpl CHANGED
@@ -1,23 +1,21 @@
1
2
- <table class="wp-list-table widefat sucuriscan-table sucuriscan-table-doubletitle sucuriscan-last-logins">
3
- <thead>
4
- <tr>
5
- <th colspan="6" class="thead-with-button">
6
- <span>User logins (latest %%SUCURI.UserListLimit%%, newest to oldest)</span>
7
- <a href="%%SUCURI.CurrentURL%%&limit=0" class="button button-primary lastlogins-showall thead-topright-action sucuri-%%SUCURI.UserList.ShowAll%%">Show all results</a>
8
- </th>
9
- </tr>
10
- <tr>
11
- <th class="manage-column">No.</th>
12
- <th class="manage-column">User</th>
13
- <th class="manage-column">IP Address</th>
14
- <th class="manage-column">Hostname</th>
15
- <th class="manage-column">Date/Time</th>
16
- <th class="manage-column">&nbsp;</th>
17
- </tr>
18
- </thead>
19
20
- <tbody>
21
- %%SUCURI.UserList%%
22
- </tbody>
23
- </table>
1
2
+ <div class="sucuriscan-tabs">
3
+ <ul>
4
+ <li>
5
+ <a href="#" data-tabname="lastlogins-allusers">All Users</a>
6
+ </li>
7
+ <li>
8
+ <a href="#" data-tabname="lastlogins-admins">Admin Users</a>
9
+ </li>
10
+ </ul>
11
12
+ <div class="sucuriscan-tab-containers">
13
+ <div id="sucuriscan-lastlogins-allusers">
14
+ %%SUCURI.LastLogins.AllUsers%%
15
+ </div>
16
+
17
+ <div id="sucuriscan-lastlogins-admins">
18
+ %%SUCURI.LastLogins.Admins%%
19
+ </div>
20
+ </div>
21
+ </div>
inc/tpl/malwarescan.html.tpl ADDED
@@ -0,0 +1,17 @@
1
+
2
+ <div class="sucuriscan-loading">
3
+ <h3 class="title">Website Security Scans by Sucuri Sitecheck</h3>
4
+
5
+ <p class="description">Visit our <a href="http://sucuri.net/signup?fromloader" target="_blank">coverage &amp; pricing</a> page for details on how sucuri can help you.</p>
6
+
7
+ <p><img src="http://sitecheck.sucuri.net/images/loading.gif" alt="Loading..." /></p>
8
+
9
+ <div class="sucuriscan-sitelogo">&nbsp;</div>
10
+
11
+ <form method="post" name="sucuriscan_sitecheck_form">
12
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
13
+ <input type="hidden" name="sucuriscan_malware_scan" value="1" />
14
+ </form>
15
+
16
+ <script type="text/javascript">setTimeout(function(){ document.forms.sucuriscan_sitecheck_form.submit() }, 3000)</script>
17
+ </div>
inc/tpl/modalwindow.html.tpl ADDED
@@ -0,0 +1,26 @@
1
+
2
+ <div class="sucuriscan-overlay"></div>
3
+
4
+ <div class="sucuriscan-modal">
5
+ <div class="sucuriscan-modal-outside %%SUCURI.CssClass%%">
6
+
7
+ <div class="sucuriscan-modal-header">
8
+ <a href="#" class="sucuriscan-modal-close">&times;</a>
9
+ <h3 class="sucuriscan-modal-title">%%SUCURI.Title%%</h3>
10
+ </div>
11
+
12
+ <div class="sucuriscan-modal-inside">
13
+ %%SUCURI.Content%%
14
+ </div>
15
+
16
+ </div>
17
+ </div>
18
+
19
+ <script type="text/javascript">
20
+ jQuery(function($){
21
+ $('.sucuriscan-overlay, .sucuriscan-modal-close').on('click', function(e){
22
+ e.preventDefault();
23
+ $('.sucuriscan-overlay, .sucuriscan-modal').remove();
24
+ });
25
+ });
26
+ </script>
inc/tpl/monitoring-logs.html.tpl ADDED
@@ -0,0 +1,74 @@
1
+
2
+ <table class="wp-list-table widefat sucuriscan-table sucuriscan-table-quad-title sucuriscan-monitoring-logs">
3
+ <thead>
4
+ <tr>
5
+ <th colspan="4" class="thead-with-button">
6
+ <span>Search among the logs:</span>
7
+ <div class="thead-topright-action">
8
+ <form action="%%SUCURI.URL.Monitoring%%#monitoring-logs" method="post" class="sucuriscan-monitoring-search-form">
9
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10
+ <input type="text" name="sucuriscan_monitoring_log_filter" class="input-text" />
11
+ <input type="submit" value="Search" class="button button-primary" />
12
+ </form>
13
+ </div>
14
+ </th>
15
+ </tr>
16
+
17
+ <tr>
18
+ <th colspan="4" class="thead-with-button">
19
+ <span>Filter by the denial type:</span>
20
+ <div class="thead-topright-action">
21
+ <form action="%%SUCURI.URL.Monitoring%%#monitoring-logs" method="post" class="sucuriscan-monitoring-denial-types-form">
22
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
23
+ <select name="sucuriscan_monitoring_denial_type">%%SUCURI.AuditLogs.DenialTypeOptions%%</select>
24
+ <input type="submit" value="Filter" class="button button-primary" />
25
+ </form>
26
+ </div>
27
+ </th>
28
+ </tr>
29
+
30
+ <tr>
31
+ <th colspan="4" class="thead-with-button">
32
+ <span>Filter by date:</span>
33
+ <div class="thead-topright-action">
34
+ <form action="%%SUCURI.URL.Monitoring%%#monitoring-logs" method="post" class="sucuriscan-monitoring-date-form">
35
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
36
+ <input type="hidden" name="sucuriscan_monitoring_date" value="1" />
37
+ <em class="sucuriscan-target-date">(%%SUCURI.AuditLogs.TargetDate%%)</em>
38
+ <select name="sucuriscan_year">%%SUCURI.AuditLogs.DateYears%%</select>
39
+ <select name="sucuriscan_month">%%SUCURI.AuditLogs.DateMonths%%</select>
40
+ <select name="sucuriscan_day">%%SUCURI.AuditLogs.DateDays%%</select>
41
+ <input type="submit" value="Filter" class="button button-primary" />
42
+ </form>
43
+ </div>
44
+ </th>
45
+ </tr>
46
+
47
+ <tr>
48
+ <th>Denial Type</th>
49
+ <th>Time</th>
50
+ <th>Remote Address</th>
51
+ <th>Request Path</th>
52
+ </tr>
53
+ </thead>
54
+
55
+ <tbody>
56
+ %%SUCURI.AuditLogs.List%%
57
+
58
+ <tr class="sucuriscan-%%SUCURI.AuditLogs.NoItemsVisibility%%">
59
+ <td colspan="4">
60
+ <em>Audit trails is empty.</em>
61
+ </td>
62
+ </tr>
63
+ </tbody>
64
+
65
+ <tfoot>
66
+ <tr class="sucuriscan-%%SUCURI.AuditLogs.PaginationVisibility%%">
67
+ <td colspan="4">
68
+ <div class='pagination' style="float:right;">
69
+ %%SUCURI.AuditLogs.AuditPagination%%
70
+ </div>
71
+ </td>
72
+ </tr>
73
+ </tfoot>
74
+ </table>
inc/tpl/monitoring-logs.snippet.tpl ADDED
@@ -0,0 +1,64 @@
1
+
2
+ <tr class="%%SUCURI.AuditLog.CssClass%%">
3
+ <td>%%SUCURI.AuditLog.SucuriBlockReason%%</td>
4
+ <td>
5
+ <span class="sucuriscan-monospace" title="%%SUCURI.AuditLog.RequestDate%% %%SUCURI.AuditLog.RequestTime%% %%SUCURI.AuditLog.RequestTimezone%%">
6
+ %%SUCURI.AuditLog.RequestTime%% %%SUCURI.AuditLog.RequestTimezone%%
7
+ </span>
8
+ </td>
9
+ <td><span class="sucuriscan-monospace">%%SUCURI.AuditLog.RemoteAddr%%</span></td>
10
+ <td>
11
+ <div class="sucuriscan-wraptext">
12
+ <a href="#TB_inline?width=600&height=300&inlineId=sucuriscan-reqsummary-%%SUCURI.AuditLog.Id%%" title="Access Log Summary" class="thickbox">
13
+ <span class="sucuriscan-monospace">%%SUCURI.AuditLog.ResourcePath%%</span>
14
+ </a>
15
+ </div>
16
+
17
+ <div id="sucuriscan-reqsummary-%%SUCURI.AuditLog.Id%%" style="display:none">
18
+ <div class="sucuriscan-request-summary">
19
+ <ul class="sucuriscan-list-as-table">
20
+ <li>
21
+ <label>Blocked Reason:</label>
22
+ <span>%%SUCURI.AuditLog.SucuriBlockReason%%</span>
23
+ </li>
24
+ <li>
25
+ <label>Remote Address:</label>
26
+ <span>%%SUCURI.AuditLog.RemoteAddr%%</span>
27
+ </li>
28
+ <li>
29
+ <label>Date/Time (Timezone)</label>
30
+ <span>%%SUCURI.AuditLog.RequestDate%% %%SUCURI.AuditLog.RequestTime%% (%%SUCURI.AuditLog.RequestTimezone%%)</span>
31
+ </li>
32
+ <li>
33
+ <label>Resource Path:</label>
34
+ <span>%%SUCURI.AuditLog.ResourcePath%%</span>
35
+ </li>
36
+ <li>
37
+ <label>Request Method:</label>
38
+ <span>%%SUCURI.AuditLog.RequestMethod%%</span>
39
+ </li>
40
+ <li>
41
+ <label>HTTP Protocol:</label>
42
+ <span>%%SUCURI.AuditLog.HttpProtocol%%</span>
43
+ </li>
44
+ <li>
45
+ <label>HTTP Status:</label>
46
+ <span>%%SUCURI.AuditLog.HttpStatus%% %%SUCURI.AuditLog.HttpStatusTitle%%</span>
47
+ </li>
48
+ <li>
49
+ <label>HTTP Bytes Sent:</label>
50
+ <span>%%SUCURI.AuditLog.HttpBytesSent%%</span>
51
+ </li>
52
+ <li>
53
+ <label>HTTP Referer:</label>
54
+ <span>%%SUCURI.AuditLog.HttpReferer%%</span>
55
+ </li>
56
+ <li>
57
+ <label>HTTP User Agent:</label>
58
+ <span>%%SUCURI.AuditLog.HttpUserAgent%%</span>
59
+ </li>
60
+ </ul>
61
+ </div>
62
+ </div>
63
+ </td>
64
+ </tr>
inc/tpl/monitoring-settings.html.tpl ADDED
@@ -0,0 +1,28 @@
1
+
2
+ <table class="wp-list-table widefat sucuriscan-table sucuriscan-monitoring-settings">
3
+ <tbody>
4
+ <tr>
5
+ <td width="200"><label>CloudProxy API key</label></td>
6
+ <td class="td-with-button">
7
+ <form method="post" class="sucuriscan-monitoring-apikey-form">
8
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
9
+ <input type="text" name="sucuriscan_cloudproxy_apikey" value="%%SUCURI.Monitoring.APIKey%%" class="input-text" />
10
+ <input type="submit" value="Save" class="button button-primary" />
11
+ </form>
12
+ </td>
13
+ </tr>
14
+
15
+ %%SUCURI.Monitoring.SettingOptions%%
16
+
17
+ <tr class="alternate sucuriscan-%%SUCURI.Monitoring.SettingsVisibility%%">
18
+ <td><label>Clear cache</label></td>
19
+ <td class="td-with-button">
20
+ <form method="post" class="sucuriscan-monitoring-clear-cache-form">
21
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
22
+ <input type="hidden" name="sucuriscan_clear_cache" value="1" />
23
+ <input type="submit" value="Clear Cache" class="button button-primary" />
24
+ </form>
25
+ </td>
26
+ </tr>
27
+ </tbody>
28
+ </table>
inc/tpl/monitoring-settings.snippet.tpl ADDED
@@ -0,0 +1,5 @@
1
+
2
+ <tr class="%%SUCURI.Monitoring.OptionCssClass%%">
3
+ <td><label>%%SUCURI.Monitoring.OptionName%%</label></td>
4
+ <td><span class="sucuriscan-monospace">%%SUCURI.Monitoring.OptionValue%%</span></td>
5
+ </tr>
inc/tpl/monitoring.html.tpl ADDED
@@ -0,0 +1,58 @@
1
+
2
+ <div id="poststuff">
3
+
4
+ <div class="postbox sucuriscan-monitoring-instructions sucuriscan-%%SUCURI.Monitoring.InstructionsVisibility%%">
5
+ <h3>Instructions to enable CloudProxy WAF</h3>
6
+
7
+ <div class="inside">
8
+ <p>
9
+ A powerful <b>WAF</b> <em>(Web Application Firewall)</em> and <b>Intrusion Prevention</b>
10
+ system for any WordPress user. If you do not have an account, you can sign up for one here:
11
+ <a href="http://cloudproxy.sucuri.net/" target="_blank">Sucuri CloudProxy</a>
12
+ </p>
13
+
14
+ <ol>
15
+ <li>
16
+ Sign up for a Sucuri CloudProxy account here:
17
+ <a href="https://login.sucuri.net/signup2/create?CloudProxy" target="_blank">Sign up</a>
18
+ </li>
19
+ <li>
20
+ Change your DNS to point your site to one of our servers. This link explains
21
+ <a href="https://dashboard.sucuri.net/cloudproxy/" target="_blank"> CloudProxy Dashboard</a>
22
+ or use our documentation here <a href="http://kb.sucuri.net/cloudproxy" target="_blank">
23
+ KB CloudProxy</a>.
24
+ </li>
25
+ <li>You are all set. There is nothing else to do.</li>
26
+ </ol>
27
+
28
+ <p>
29
+ Once enabled, our firewall will act as a shield, protecting your site from attacks
30
+ and preventing malware infections and reinfections. It will block SQL injection attempts,
31
+ brute force attacks, XSS, RFI, backdoors and many other threats against your site.
32
+ </p>
33
+ </div>
34
+ </div>
35
+
36
+
37
+ <div class="sucuriscan-tabs">
38
+ <ul>
39
+ <li>
40
+ <a href="#" data-tabname="monitoring-settings">Firewall (WAF) Settings</a>
41
+ </li>
42
+ <li>
43
+ <a href="#" data-tabname="monitoring-logs">Firewall (WAF) Logs</a>
44
+ </li>
45
+ </ul>
46
+
47
+ <div class="sucuriscan-tab-containers">
48
+ <div id="sucuriscan-monitoring-settings">
49
+ %%SUCURI.Monitoring.Settings%%
50
+ </div>
51
+
52
+ <div id="sucuriscan-monitoring-logs">
53
+ %%SUCURI.Monitoring.Logs%%
54
+ </div>
55
+ </div>
56
+ </div>
57
+
58
+ </div>
inc/tpl/{notification.html.tpl → notification-pretty.html.tpl} RENAMED
@@ -4,7 +4,7 @@
4
<title>%%SUCURI.TemplateTitle%%</title>
5
</head>
6
<body>
7
- <table class="sucuri-template" style="width:90%;font-family:Arial,Helvetica,sans-serif;border-spacing:0">
8
<thead sytle="border-bottom:1px solid #ccc">
9
<tr style="background-color:#4b4b4b;background-image:-moz-linear-gradient(top, #555555, #3b3b3b);background-image:-webkit-gradient(linear, 0 0, 0 100%, from(#555555), to(#3b3b3b));background-image:-webkit-linear-gradient(top, #555555, #3b3b3b);background-image:-o-linear-gradient(top, #555555, #3b3b3b);background-image:linear-gradient(to bottom, #555555, #3b3b3b);background-repeat:repeat-x">
10
<td sytle="font-size:20px;font-weight:normal;color:#ffffff;padding:10px;border-right:1px solid #2f2f2f;border-left:1px solid #6f6f6f;-webkit-box-shadow:inset 0 1px 0 #888888;-moz-box-shadow:inset 0 1px 0 #888888;box-shadow:inset 0 1px 0 #888888;text-shadow:1px 1px 2px rgba(0, 0, 0, 0.5)">
@@ -20,13 +20,13 @@
20
<td style="padding:20px 20px 10px 20px;border:1px solid #ccc;border-top:none">
21
<h4 style="margin:0">Information:</h4>
22
<p style="margin:0 0 10px 0">
23
- User: %%SUCURI.User%%<br />
24
- Alert Time: %%SUCURI.Time%%<br />
25
</p>
26
<h4 style="text-transform:uppercase;margin:0">Website Information:</h4>
27
<p style="margin:0 0 10px 0">
28
- Site: <a href="%%SUCURI.Website%%">%%SUCURI.Website%%</a><br />
29
- IP Address: %%SUCURI.RemoteAddress%%<br />
30
</p>
31
<h4 style="text-transform:uppercase;margin:0">Notification Message:</h4>
32
<p style="margin:0 0 10px 0">%%SUCURI.Message%%</p>
4
<title>%%SUCURI.TemplateTitle%%</title>
5
</head>
6
<body>
7
+ <table class="sucuriscan-template" style="width:90%;background:#fff;font-family:Arial,Helvetica,sans-serif;border-spacing:0">
8
<thead sytle="border-bottom:1px solid #ccc">
9
<tr style="background-color:#4b4b4b;background-image:-moz-linear-gradient(top, #555555, #3b3b3b);background-image:-webkit-gradient(linear, 0 0, 0 100%, from(#555555), to(#3b3b3b));background-image:-webkit-linear-gradient(top, #555555, #3b3b3b);background-image:-o-linear-gradient(top, #555555, #3b3b3b);background-image:linear-gradient(to bottom, #555555, #3b3b3b);background-repeat:repeat-x">
10
<td sytle="font-size:20px;font-weight:normal;color:#ffffff;padding:10px;border-right:1px solid #2f2f2f;border-left:1px solid #6f6f6f;-webkit-box-shadow:inset 0 1px 0 #888888;-moz-box-shadow:inset 0 1px 0 #888888;box-shadow:inset 0 1px 0 #888888;text-shadow:1px 1px 2px rgba(0, 0, 0, 0.5)">
20
<td style="padding:20px 20px 10px 20px;border:1px solid #ccc;border-top:none">
21
<h4 style="margin:0">Information:</h4>
22
<p style="margin:0 0 10px 0">
23
+ Alert Time: %%SUCURI.Time%%<br>
24
+ %%SUCURI.User%%
25
</p>
26
<h4 style="text-transform:uppercase;margin:0">Website Information:</h4>
27
<p style="margin:0 0 10px 0">
28
+ Site: <a href="%%SUCURI.Website%%">%%SUCURI.Website%%</a><br>
29
+ IP Address: %%SUCURI.RemoteAddress%%<br>
30
</p>
31
<h4 style="text-transform:uppercase;margin:0">Notification Message:</h4>
32
<p style="margin:0 0 10px 0">%%SUCURI.Message%%</p>
inc/tpl/{notification.txt.tpl → notification-simple.html.tpl} RENAMED
@@ -1,8 +1,8 @@
1
Subject: %%SUCURI.Subject%%
2
3
Login Info:
4
- Username: %%SUCURI.User%%
5
Time: %%SUCURI.Time%%
6
7
Website Info:
8
Site: %%SUCURI.Website%%
1
Subject: %%SUCURI.Subject%%
2
3
Login Info:
4
Time: %%SUCURI.Time%%
5
+ %%SUCURI.User%%
6
7
Website Info:
8
Site: %%SUCURI.Website%%
inc/tpl/posthack-databasebackups.html.tpl ADDED
@@ -0,0 +1,41 @@
1
+
2
+ <form action="%%SUCURI.URL.Posthack%%#database-backups" method="post">
3
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
4
+ <input type="hidden" name="sucuriscan_database_backup" value="1" />
5
+ <input type="hidden" name="sucuriscan_process_form" value="1" />
6
+
7
+ <table class="wp-list-table widefat">
8
+ <thead>
9
+ <tr>
10
+ <th colspan="5" class="thead-with-button">
11
+ <span>Database Backups</span>
12
+ <div class="generate-dbbackup-form thead-topright-action">
13
+ <input type="submit" name="generate_dbbackup" value="Generate DB Backup" class="button button-primary" />
14
+ </div>
15
+ </th>
16
+ </tr>
17
+ <tr>
18
+ <th class="manage-column column-cb check-column">
19
+ <label class="screen-reader-text" for="cb-select-all-1">Select All</label>
20
+ <input id="cb-select-all-1" type="checkbox">
21
+ </th>
22
+ <th class="manage-column">Filename</th>
23
+ <th class="manage-column">Type</th>
24
+ <th class="manage-column">Size</th>
25
+ <th class="manage-column">Date/Time</th>
26
+ </tr>
27
+ </thead>
28
+
29
+ <tbody>
30
+ %%SUCURI.BackupList%%
31
+ </tbody>
32
+
33
+ <tfoot>
34
+ <tr>
35
+ <td colspan="5">
36
+ <input type="submit" name="remove_dbbackup" value="Remove selected files" class="button button-primary" />
37
+ </td>
38
+ </tr>
39
+ </tfoot>
40
+ </table>
41
+ </form>
inc/tpl/posthack-databasebackups.snippet.tpl ADDED
@@ -0,0 +1,10 @@
1
+
2
+ <tr class="%%SUCURI.BackupList.CssClass%%">
3
+ <th class="check-column">
4
+ <input type="checkbox" name="dbbackup_filenames[]" value="%%SUCURI.BackupList.Filename%%" />
5
+ </th>
6
+ <td><a href="%%SUCURI.BackupList.FileURL%%" target="_blank">%%SUCURI.BackupList.Filename%%</a></td>
7
+ <td>%%SUCURI.BackupList.Filetype%%</td>
8
+ <td>%%SUCURI.BackupList.Filesize%%</td>
9
+ <td>%%SUCURI.BackupList.Filetime%%</td>
10
+ </tr>
inc/tpl/posthack-resetpassword.html.tpl ADDED
@@ -0,0 +1,47 @@
1
+
2
+ <div id="poststuff" class="sucuriscan-reset-users-password">
3
+ <div class="postbox">
4
+ <div class="inside">
5
+ <form method="post">
6
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
7
+ <input type="hidden" name="sucuriscan_reset_password" value="1" />
8
+
9
+ <p>
10
+ Use this button to reset the current password for some specific users or for all
11
+ of them. We will send an email to each of those users adivising the password change
12
+ that includes the new password automatically generated by WordPress. After the
13
+ password reset your current session will be closed and you'll need to login again.
14
+ </p>
15
+
16
+ <table class="wp-list-table widefat sucuriscan-table">
17
+ <thead>
18
+ <tr>
19
+ <th class="manage-column column-cb check-column">
20
+ <label class="screen-reader-text" for="cb-select-all-1">Select All</label>
21
+ <input id="cb-select-all-1" type="checkbox">
22
+ </th>
23
+ <th class="manage-column">User</th>
24
+ <th class="manage-column">Email address</th>
25
+ <th class="manage-column">Registered</th>
26
+ <th class="manage-column">Roles</th>
27
+ </tr>
28
+ </thead>
29
+
30
+ <tbody>
31
+ %%SUCURI.ResetPassword.UserList%%
32
+ </tbody>
33
+ </table>
34
+
35
+ <p>
36
+ <label>
37
+ <input type="hidden" name="sucuriscan_process_form" value="0" />
38
+ <input type="checkbox" name="sucuriscan_process_form" value="1" />
39
+ <span>I understand that this operation can not be reverted.</span>
40
+ </label>
41
+ </p>
42
+
43
+ <input type="submit" value="Reset User Password" class="button button-primary" />
44
+ </form>
45
+ </div>
46
+ </div>
47
+ </div>
inc/tpl/posthack-updatesecretkeys.html.tpl ADDED
@@ -0,0 +1,31 @@
1
+
2
+ <div id="poststuff" class="sucuriscan-update-secret-keys">
3
+ <div class="postbox">
4
+ <div class="inside">
5
+ <form method="post">
6
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
7
+ <input type="hidden" name="sucuriscan_update_wpconfig" value="1" />
8
+
9
+ <p>
10
+ Use this button to update the security keys stored in the <code>wp-config.php</code>
11
+ file, we will use the official WordPress Secret-Key API Generator. After the
12
+ update your current session will be closed and you'll need to login again.
13
+ </p>
14
+
15
+ <p>
16
+ <label>
17
+ <input type="hidden" name="sucuriscan_process_form" value="0" />
18
+ <input type="checkbox" name="sucuriscan_process_form" value="1" />
19
+ <span>I understand that this operation can not be reverted.</span>
20
+ </label>
21
+ </p>
22
+
23
+ <input type="submit" value="Update WP-Config Keys" class="button button-primary" />
24
+ </form>
25
+
26
+ <div class="sucuriscan_wpconfig_keys_updated sucuriscan-%%SUCURI.WPConfigUpdate.Visibility%%">
27
+ <textarea>%%SUCURI.WPConfigUpdate.NewConfig%%</textarea>
28
+ </div>
29
+ </div>
30
+ </div>
31
+ </div>
inc/tpl/posthack.html.tpl CHANGED
@@ -1,78 +1,29 @@
1
2
- <div id="poststuff">
3
- <div class="postbox">
4
- <h3>Update WP-Config Keys</h3>
5
- <div class="inside">
6
- <form method="post">
7
- <input type="hidden" name="sucuri_posthack_nonce" value="%%SUCURI.PosthackNonce%%" />
8
- <input type="hidden" name="sucuri_posthack_action" value="update_wpconfig" />
9
10
- <p>
11
- Use this button to update the security keys stored in the <code>wp-config.php</code>
12
- file, we will use the official WordPress Secret-Key API Generator. After the
13
- update your current session will be closed and you'll need to login again.
14
- </p>
15
-
16
- <p>
17
- <label>
18
- <input type="hidden" name="sucuri_update_wpconfig" value="0" />
19
- <input type="checkbox" name="sucuri_update_wpconfig" value="1" />
20
- <span>I understand that this operation can not be reverted.</span>
21
- </label>
22
- </p>
23
-
24
- <input type="submit" value="Update WP-Config Keys" class="button button-primary" />
25
- </form>
26
-
27
- <div style="%%SUCURI.WPConfigUpdate.Display%%" class="sucuriscan_wpconfig_keys_updated">
28
- <textarea>%%SUCURI.WPConfigUpdate.NewConfig%%</textarea>
29
- </div>
30
</div>
31
- </div>
32
-
33
- <div class="postbox">
34
- <h3>Reset user password</h3>
35
- <div class="inside">
36
- <form method="post">
37
- <input type="hidden" name="sucuri_posthack_nonce" value="%%SUCURI.PosthackNonce%%" />
38
- <input type="hidden" name="sucuri_posthack_action" value="reset_password" />
39
40
- <p>
41
- Use this button to reset the current password for some specific users or for all
42
- of them. We will send an email to each of those users adivising the password change
43
- that includes the new password automatically generated by WordPress. After the
44
- password reset your current session will be closed and you'll need to login again.
45
- </p>
46
-
47
- <table class="wp-list-table widefat sucuriscan-table">
48
- <thead>
49
- <tr>
50
- <th class="manage-column column-cb check-column">
51
- <label class="screen-reader-text" for="cb-select-all-1">Select All</label>
52
- <input id="cb-select-all-1" type="checkbox">
53
- </th>
54
- <th class="manage-column">User</th>
55
- <th class="manage-column">Email address</th>
56
- <th class="manage-column">Registered</th>
57
- <th class="manage-column">Roles</th>
58
- </tr>
59
- </thead>
60
-
61
- <tbody>
62
- %%SUCURI.ResetPassword.UserList%%
63
- </tbody>
64
- </table>
65
-
66
- <p>
67
- <label>
68
- <input type="hidden" name="sucuri_reset_password" value="0" />
69
- <input type="checkbox" name="sucuri_reset_password" value="1" />
70
- <span>I understand that this operation can not be reverted.</span>
71
- </label>
72
- </p>
73
74
- <input type="submit" value="Reset User Password" class="button button-primary" />
75
- </form>
76
</div>
77
</div>
78
- </div><!-- End poststuff -->
1
2
3
+ <div class="sucuriscan-tabs">
4
+ <ul>
5
+ <li>
6
+ <a href="#" data-tabname="update-secret-keys">Update WordPress Keys</a>
7
+ </li>
8
+ <li>
9
+ <a href="#" data-tabname="reset-users-password">Reset User's Password</a>
10
+ </li>
11
+ <li>
12
+ <a href="#" data-tabname="database-backups">Database Backups</a>
13
+ </li>
14
+ </ul>
15
+
16
+ <div class="sucuriscan-tab-containers">
17
+ <div id="sucuriscan-update-secret-keys">
18
+ %%SUCURI.UpdateSecretKeys%%
19
</div>
20
21
+ <div id="sucuriscan-reset-users-password">
22
+ %%SUCURI.ResetPassword%%
23
+ </div>
24
25
+ <div id="sucuriscan-database-backups">
26
+ %%SUCURI.DatabaseBackups%%
27
</div>
28
</div>
29
+ </div>
inc/tpl/settings-apiregistered.html.tpl ADDED
@@ -0,0 +1,16 @@
1
+
2
+ <div class="sucuriscan-clearfix">
3
+ <div class="sucuriscan-pull-left sucuriscan-sitelogo">&nbsp;</div>
4
+
5
+ <div class="sucuriscan-pull-right">
6
+ <p>
7
+ Thanks so much for enabling your <strong>Sucuri Security</strong> plugin. This
8
+ product is designed to supplement existing security products. It's not a silver
9
+ bullet for your security needs, but it'll give you greater security awareness
10
+ and better posture, all with the intent of reducing risk.
11
+ </p>
12
+
13
+ <a href="%%SUCURI.URL.Home%%" class="button button-primary">Go to your Dashboard</a>
14
+ </div>
15
+ </div>
16
+
inc/tpl/settings-notification.snippet.tpl ADDED
@@ -0,0 +1,12 @@
1
+
2
+ <tr class="%%SUCURI.Notification.CssClass%%">
3
+ <td colspan="3">
4
+ <div>
5
+ <label>
6
+ <input type="hidden" name="%%SUCURI.Notification.Name%%" value="0" />
7
+ <input type="checkbox" name="%%SUCURI.Notification.Name%%" value="1" %%SUCURI.Notification.Checked%% />
8
+ <span>%%SUCURI.Notification.Label%%</span>
9
+ </label>
10
+ </div>
11
+ </td>
12
+ </tr>
inc/tpl/settings.html.tpl ADDED
@@ -0,0 +1,118 @@
1
+
2
+ %%SUCURI.ModalWhenAPIRegistered%%
3
+
4
+ <table class="wp-list-table widefat sucuriscan-table sucuriscan-settings">
5
+ <thead>
6
+ <tr>
7
+ <th colspan="3" class="thead-with-button">
8
+ <span>Plugin Settings</span>
9
+ <form action="%%SUCURI.URL.Settings%%" method="post" class="thead-topright-action">
10
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
11
+ <button type="submit" name="sucuriscan_reset_options" class="button-primary">Reset plugin options</button>
12
+ </form>
13
+ </th>
14
+ </tr>
15
+ </thead>
16
+
17
+ <tbody>
18
+
19
+ <tr>
20
+ <td colspan="3">
21
+ <p>
22
+ Most of the tools in this plugin can be used without a specific configuration,
23
+ but the core features <strong>require an API key</strong> to communicate with
24
+ the Sucuri services. The key is generated using your administrator e-mail and
25
+ the domain of this site, this will allow you to have access to our free
26
+ monitoring tool forever even if you remove the API key and generate it again.
27
+ </p>
28
+ </td>
29
+ </tr>
30
+
31
+ <tr class="alternate">
32
+ <td>API Key</td>
33
+ <td>
34
+ <span class="sucuriscan-monospace">%%SUCURI.APIKey%%</span>
35
+ </td>
36
+ <td class="td-with-button">
37
+ <form method="post" class="sucuriscan-%%SUCURI.APIKey.RecoverVisibility%%">
38
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
39
+ <button type="submit" name="sucuriscan_recover_api_key" class="button-primary">Recover</button>
40
+ </form>
41
+
42
+ <form method="post" class="sucuriscan-%%SUCURI.APIKey.ManualKeyFormVisibility%%">
43
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
44
+ <input type="text" name="sucuriscan_manual_api_key" class="input-text" placeholder="API key sent to your email" />
45
+ <button type="submit" class="button-primary">Save</button>
46
+ </form>
47
+
48
+ <form method="post" class="sucuriscan-%%SUCURI.APIKey.RemoveVisibility%%">
49
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
50
+ <button type="submit" name="sucuriscan_remove_api_key" class="button-primary button-danger">Remove</button>
51
+ </form>
52
+ </td>
53
+ </tr>
54
+
55
+ <tr>
56
+ <td>Last Scanning</td>
57
+ <td><span class="sucuriscan-monospace">%%SUCURI.ScanningRuntimeHuman%%</span></td>
58
+ <td class="td-with-button">
59
+ <form action="%%SUCURI.URL.Home%%" method="post">
60
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
61
+ <button type="submit" name="sucuriscan_force_scan" class="button-primary">Force Scan</button>
62
+ </form>
63
+ </td>
64
+ </tr>
65
+
66
+ <tr class="alternate">
67
+ <td>Scanning frequency</td>
68
+ <td><span class="sucuriscan-monospace">%%SUCURI.ScanningFrequency%%</span></td>
69
+ <td class="td-with-button">
70
+ <form method="post">
71
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
72
+ <select name="sucuriscan_scan_frequency">
73
+ %%SUCURI.ScanningFrequencyOptions%%
74
+ </select>
75
+ <button type="submit" class="button-primary">Change</button>
76
+ </form>
77
+ </td>
78
+ </tr>
79
+
80
+ <tr class="sucuriscan-%%SUCURI.ScanningInterfaceVisibility%%">
81
+ <td>Scanning interface</td>
82
+ <td><span class="sucuriscan-monospace">%%SUCURI.ScanningInterface%%</span></td>
83
+ <td class="td-with-button">
84
+ <form method="post">
85
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
86
+ <select name="sucuriscan_scan_interface">
87
+ %%SUCURI.ScanningInterfaceOptions%%
88
+ </select>
89
+ <button type="submit" class="button-primary">Change</button>
90
+ </form>
91
+ </td>
92
+ </tr>
93
+
94
+ </tbody>
95
+ </table>
96
+
97
+
98
+ <form method="post">
99
+ <table class="wp-list-table widefat sucuriscan-table sucuriscan-settings-notifications">
100
+ <thead>
101
+ <tr>
102
+ <th colspan="3" class="thead-with-button">
103
+ <span>Email Alerts Settings</span>
104
+ <div class="thead-topright-action">
105
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
106
+ <button type="submit" name="sucuriscan_save_notification_settings" class="button-primary">Save</button>
107
+ </div>
108
+ </th>
109
+ </tr>
110
+ </thead>
111
+
112
+ <tbody>
113
+
114
+ %%SUCURI.NotificationOptions%%
115
+
116
+ </tbody>
117
+ </table>
118
+ </form>
inc/tpl/setup_notice.html.tpl ADDED
@@ -0,0 +1,23 @@
1
+
2
+ <div class="updated sucuriscan-setup-notice sucuriscan-clearfix">
3
+ <a href="http://sucuri.net/" target="_blank" class="sucuriscan-pull-left sucuriscan-setup-image">
4
+ <img src="%%SUCURI.SucuriURL%%/inc/images/logo.png" alt="Sucuri Scanner" />
5
+ </a>
6
+
7
+ <div class="sucuriscan-pull-left">
8
+ <p>
9
+ Plugin not fully activated yet. Please generate the free API<br>
10
+ to enable audit logging, integrity checking and email alerts.
11
+ </p>
12
+ </div>
13
+
14
+ <div class="sucuriscan-pull-right sucuriscan-setup-form">
15
+ <form action="%%SUCURI.URL.Settings%%" method="post">
16
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
17
+ <button type="submit" name="sucuriscan_wordpress_apikey" class="button button-primary button-hero">
18
+ <span class="sucuriscan-button-title">Generate API key</span>
19
+ <span class="sucuriscan-button-subtitle">for <b>%%SUCURI.CleanDomain%%</b> / <b>%%SUCURI.AdminEmail%%</b></span>
20
+ </button>
21
+ </form>
22
+ </div>
23
+ </div>
readme.txt CHANGED
@@ -1,12 +1,12 @@
1
- === Sucuri Security - SiteCheck Malware Scanner ===
2
Contributors: dd@sucuri.net
3
Donate Link: http://sitecheck.sucuri.net
4
Tags: malware, security, firewall, scan, spam, virus, sucuri, protection
5
Requires at least:3.2
6
- Stable tag:1.6.0
7
Tested up to: 3.9.1
8
9
- The Sucuri Security - SiteCheck Malware Scanner is a security plugin enables you to scan your WordPress site using Sucuri SiteCheck for security and malware issues, and also verifies the security integrity of your core files right in your dashboard. It also includes post-hack security ions to help you reset passwords and secret keys in case it has been already hacked, or infected with malware.
10
11
== Description ==
12
@@ -66,6 +66,9 @@ the compromise on your site).
66
67
== Changelog ==
68
69
= 1.6.0 =
70
* A new dashboard to welcome users to the new features of the plugin.
71
* Overall design of the interface of all the pages were modified.
1
+ === Sucuri Security - Auditing, Malware Scanner and Hardening ===
2
Contributors: dd@sucuri.net
3
Donate Link: http://sitecheck.sucuri.net
4
Tags: malware, security, firewall, scan, spam, virus, sucuri, protection
5
Requires at least:3.2
6
+ Stable tag:1.6.1
7
Tested up to: 3.9.1
8
9
+ The Sucuri Security - Auditing, SiteCheck Malware Scanner and Hardening is a security plugin enables you to scan your WordPress site using Sucuri SiteCheck for security and malware issues, and also verifies the security integrity of your core files right in your dashboard. It also includes post-hack security ions to help you reset passwords and secret keys in case it has been already hacked, or infected with malware.
10
11
== Description ==
12
66
67
== Changelog ==
68
69
+ = 1.6.1 =
70
+ * Initial release with new auditing options.
71
+
72
= 1.6.0 =
73
* A new dashboard to welcome users to the new features of the plugin.
74
* Overall design of the interface of all the pages were modified.
sucuri.php CHANGED
@@ -1,13 +1,10 @@
1
<?php
2
/*
3
- Plugin Name: Sucuri Security - SiteCheck Malware Scanner
4
- Plugin URI: http://sitecheck.sucuri.net/
5
- Description: The <a href="http://sucuri.net">Sucuri Security</a> - SiteCheck Malware Scanner plugin enables you to <strong>scan your WordPress site using <a href="http://sitecheck.sucuri.net">Sucuri SiteCheck</a></strong> right in your WordPress dashboard. SiteCheck will check for malware, spam, blacklisting and other security issues like .htaccess redirects, hidden eval code, etc. The best thing about it is it's completely free.
6
-
7
- You can also scan your site at <a href="http://sitecheck.sucuri.net">SiteCheck.Sucuri.net</a>.
8
-
9
Author: Sucuri, INC
10
- Version: 1.6.0
11
Author URI: http://sucuri.net
12
*/
13
@@ -39,7 +36,7 @@ define('SUCURISCAN','sucuriscan');
39
/**
40
* Current version of the plugin's code.
41
*/
42
- define('SUCURISCAN_VERSION','1.6.0');
43
44
/**
45
* The local URL where the plugin's files and assets are served.
@@ -67,1244 +64,5550 @@ define('SUCURISCAN_PLUGIN_PATH', WP_PLUGIN_DIR.'/'.SUCURISCAN_PLUGIN_FOLDER);
67
define('SUCURISCAN_PLUGIN_FILEPATH', SUCURISCAN_PLUGIN_PATH.'/'.SUCURISCAN_PLUGIN_FILE);
68
69
/**
70
- * The maximum quantity of entries that will be displayed in the last login page.
71
*/
72
- define('SUCURISCAN_LASTLOGINS_USERSLIMIT', 50);
73
-
74
- if( !function_exists('sucuriscan_create_uploaddir') ){
75
- /**
76
- * Create a folder in the WordPress upload directory where the plugin will
77
- * store all the temporal or dynamic information.
78
- *
79
- * @return void
80
- */
81
- function sucuriscan_create_uploaddir(){
82
- $plugin_upload_folder = sucuriscan_dir_filepath();
83
- if( !file_exists($plugin_upload_folder) ){
84
- if( @mkdir($plugin_upload_folder) ){
85
- sucuriscan_lastlogins_datastore_exists();
86
- }else{
87
- sucuriscan_admin_notice('error', "<strong>Error.</strong> Sucuri data folder doesn't
88
- exists and couldn't be created. You'll need to create this folder manually and
89
- give it write permissions:<br><code>{$plugin_upload_folder}</code>");
90
- }
91
- }
92
- }
93
-
94
- add_action('admin_init', 'sucuriscan_create_uploaddir');
95
- }
96
97
/**
98
- * Define which javascript and css files will be loaded in the header of the page.
99
- * @return void
100
*/
101
- function sucuriscan_admin_script_style_registration() {
102
- wp_register_style( 'sucuriscan', SUCURI_URL . '/inc/css/sucuriscan-default-css.css' );
103
- wp_register_script( 'sucuriscan', SUCURI_URL . '/inc/js/sucuriscan-scripts.js' );
104
-
105
- wp_enqueue_style( 'sucuriscan' );
106
- wp_enqueue_script( 'sucuriscan' );
107
- }
108
- add_action( 'admin_enqueue_scripts', 'sucuriscan_admin_script_style_registration', 1 );
109
110
/**
111
- * Returns the system filepath to the relevant user uploads directory for this
112
- * site. This is a multisite capable function.
113
- *
114
- * @param string $path The relative path that needs to be completed to get the absolute path.
115
- * @return string The full filesystem path including the directory specified.
116
*/
117
- function sucuriscan_dir_filepath($path = '')
118
- {
119
- $wp_dir_array = wp_upload_dir();
120
- $wp_dir_array['basedir'] = untrailingslashit($wp_dir_array['basedir']);
121
- return($wp_dir_array['basedir']."/sucuri/$path");
122
- }
123
124
/**
125
- * Generate the menu and submenus for the plugin in the admin interface.
126
- *
127
- * @return void
128
*/
129
- function sucuriscan_menu()
130
- {
131
- add_menu_page('Sucuri Free', 'Sucuri Free', 'manage_options',
132
- 'sucuriscan', 'sucuri_scan_page', SUCURI_URL.'/inc/images/menu-icon.png');
133
- add_submenu_page('sucuriscan', 'Sucuri Scanner', 'Sucuri Scanner', 'manage_options',
134
- 'sucuriscan', 'sucuri_scan_page');
135
-
136
- add_submenu_page('sucuriscan', '1-Click Hardening', '1-Click Hardening', 'manage_options',
137
- 'sucuriscan_hardening', 'sucuriscan_hardening_page');
138
-
139
- add_submenu_page('sucuriscan', 'WordPress Integrity', 'WordPress Integrity', 'manage_options',
140
- 'sucuriscan_core_integrity', 'sucuriscan_core_integrity_page');
141
142
- add_submenu_page('sucuriscan', 'Post-Hack', 'Post-Hack', 'manage_options',
143
- 'sucuriscan_posthack', 'sucuriscan_posthack_page');
144
-
145
- add_submenu_page('sucuriscan', 'Last Logins', 'Last Logins', 'manage_options',
146
- 'sucuriscan_lastlogins', 'sucuriscan_lastlogins_page');
147
-
148
- add_submenu_page('sucuriscan', 'Site Info', 'Site Info', 'manage_options',
149
- 'sucuriscan_infosys', 'sucuriscan_infosys_page');
150
-
151
- add_submenu_page('sucuriscan', 'About', 'About', 'manage_options',
152
- 'sucuriscan_about', 'sucuriscan_about_page');
153
- }
154
-
155
- add_action('admin_menu', 'sucuriscan_menu');
156
- remove_action('wp_head', 'wp_generator');
157
158
/**
159
- * Print the HTML code for the header of each plugin's page.
160
- *
161
- * @param string $sucuri_title Title of the page that will be loaded.
162
- * @return void
163
*/
164
- function sucuriscan_pagestop($sucuri_title = 'Sucuri Plugin')
165
- {
166
- if(!current_user_can('manage_options'))
167
- {
168
- wp_die(__('You do not have sufficient permissions to access this page: Sucuri Header') );
169
- }
170
- ?>
171
- <h2><?php echo htmlspecialchars($sucuri_title); ?></h2>
172
- <br class="clear"/>
173
- <?php
174
- }
175
176
/**
177
- * Send a message to a specific email address.
178
- *
179
- * @param string $to The email address of the recipient that will receive the message.
180
- * @param string $subject The reason of the message that will be sent.
181
- * @param string $message Body of the message that will be sent.
182
- * @param array $data_set Optional parameter to add more information to the notification.
183
- * @param boolean $debug TRUE if you want to test the function printing the email before sending it.
184
- * @return void
185
*/
186
- function sucuriscan_send_mail($to='', $subject='', $message='', $data_set=array(), $debug=FALSE)
187
- {
188
- $headers = array();
189
- $subject = ucwords(strtolower($subject));
190
- $wp_domain = isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : get_option('siteurl');
191
- if( get_option('sucuri_wp_prettify_mails')!='disabled' ){
192
- $headers = array( 'Content-type: text/html' );
193
- $data_set['PrettifyType'] = 'html';
194
- }
195
- $message = sucuriscan_prettify_mail($subject, $message, $data_set);
196
197
- if($debug){
198
- die($message);
199
- }else{
200
- wp_mail($to, "Sucuri WP Notification: {$wp_domain} - {$subject}" , $message, $headers);
201
- }
202
- }
203
204
/**
205
- * Prints a HTML alert in the WordPress admin interface.
206
- *
207
- * @param string $type The type of alert, it can be either Updated or Error.
208
- * @param string $message The message that will be printed in the alert.
209
- * @return void
210
*/
211
- function sucuriscan_admin_notice($type='updated', $message='')
212
- {
213
- $alert_id = rand(100, 999);
214
- if( !empty($message) ): ?>
215
- <div id="sucuri-alert-<?php echo $alert_id; ?>" class="<?php echo $type; ?> sucuri-alert sucuri-alert-<?php echo $type; ?>">
216
- <a href="javascript:void(0)" class="close" onclick="sucuriscan_alert_close('<?php echo $alert_id; ?>')">&times;</a>
217
- <p><?php _e($message); ?></p>
218
- </div>
219
- <?php endif;
220
- }
221
222
/**
223
- * Generate a HTML version of the message that will be sent through an email.
224
*
225
- * @param string $subject The reason of the message that will be sent.
226
- * @param string $message Body of the message that will be sent.
227
- * @param array $data_set Optional parameter to add more information to the notification.
228
- * @return string The message formatted in a HTML template.
229
*/
230
- function sucuriscan_prettify_mail($subject='', $message='', $data_set=array())
231
- {
232
- $current_user = wp_get_