Version Description
This version adds support for the latest version of WordPress. Introduces new features and fixes some bugs reported by the WordPress community as well as bugs found by our automated testing system.
=
Download this release
Release Info
Developer | yorman |
Plugin | Sucuri Security – Auditing, Malware Scanner and Security Hardening |
Version | 1.8.14 |
Comparing to | |
See all releases |
Code changes from version 1.8.13 to 1.8.14
- readme.txt +5 -2
- src/globals.php +3 -0
- src/hook.lib.php +93 -0
- src/option.lib.php +1 -1
- sucuri.php +2 -2
readme.txt
CHANGED
@@ -4,7 +4,7 @@ Donate Link: https://sucuri.net/
|
|
4 |
Tags: malware, security, firewall, scan, spam, virus, sucuri, protection, WordPress Security, Login Security, Security Auditing, File Integrity, htaccess, phishing, backdoors, SQL Injection, RFI, LFI, XSS, CSRF, website firewall, Website Security, Performance Optimization, Zero Day, Software Vulnerability, Exploits, Hacks, Attackers, Bad Actors, Reverse Proxy, Two Factor Security, Two Factor Authentication, Security Logs, HeatBleed Vulnerability, Website Protection, Bash Vulnerability, RevSlider Vulnerability, MailPoet Vulnerability, Malware Prevention, Website Security, Website Firewall, Website AntiVirus, Security Response, Security Detection, Security Prevention
|
5 |
Requires at least: 3.6
|
6 |
Tested up to: 4.9.4
|
7 |
-
Stable tag: 1.8.
|
8 |
|
9 |
The Sucuri WordPress Security plugin is a security toolset for security integrity monitoring, malware detection and security hardening.
|
10 |
|
@@ -181,11 +181,14 @@ No, it is not required. The Website Firewall runs in the cloud without the need
|
|
181 |
|
182 |
== Upgrade Notice ==
|
183 |
|
184 |
-
= 1.8.
|
185 |
This version adds support for the latest version of WordPress. Introduces new features and fixes some bugs reported by the WordPress community as well as bugs found by our automated testing system.
|
186 |
|
187 |
== Changelog ==
|
188 |
|
|
|
|
|
|
|
189 |
= 1.8.13 =
|
190 |
* Add new version of the GPL v2 license file
|
191 |
* Remove unused option to reduce number of failed logins
|
4 |
Tags: malware, security, firewall, scan, spam, virus, sucuri, protection, WordPress Security, Login Security, Security Auditing, File Integrity, htaccess, phishing, backdoors, SQL Injection, RFI, LFI, XSS, CSRF, website firewall, Website Security, Performance Optimization, Zero Day, Software Vulnerability, Exploits, Hacks, Attackers, Bad Actors, Reverse Proxy, Two Factor Security, Two Factor Authentication, Security Logs, HeatBleed Vulnerability, Website Protection, Bash Vulnerability, RevSlider Vulnerability, MailPoet Vulnerability, Malware Prevention, Website Security, Website Firewall, Website AntiVirus, Security Response, Security Detection, Security Prevention
|
5 |
Requires at least: 3.6
|
6 |
Tested up to: 4.9.4
|
7 |
+
Stable tag: 1.8.14
|
8 |
|
9 |
The Sucuri WordPress Security plugin is a security toolset for security integrity monitoring, malware detection and security hardening.
|
10 |
|
181 |
|
182 |
== Upgrade Notice ==
|
183 |
|
184 |
+
= 1.8.14 =
|
185 |
This version adds support for the latest version of WordPress. Introduces new features and fixes some bugs reported by the WordPress community as well as bugs found by our automated testing system.
|
186 |
|
187 |
== Changelog ==
|
188 |
|
189 |
+
= 1.8.14 =
|
190 |
+
* Add filter to allow automatic configuration of the settings
|
191 |
+
|
192 |
= 1.8.13 =
|
193 |
* Add new version of the GPL v2 license file
|
194 |
* Remove unused option to reduce number of failed logins
|
src/globals.php
CHANGED
@@ -142,6 +142,7 @@ if (defined('SUCURISCAN')) {
|
|
142 |
add_action('activated_plugin', 'SucuriScanHook::hookPluginActivate', 50, 2);
|
143 |
add_action('add_attachment', 'SucuriScanHook::hookAttachmentAdd', 50, 5);
|
144 |
add_action('add_link', 'SucuriScanHook::hookLinkAdd', 50, 5);
|
|
|
145 |
add_action('before_delete_post', 'SucuriScanHook::hookPostBeforeDelete', 50, 5);
|
146 |
add_action('create_category', 'SucuriScanHook::hookCategoryCreate', 50, 5);
|
147 |
add_action('deactivated_plugin', 'SucuriScanHook::hookPluginDeactivate', 50, 2);
|
@@ -149,9 +150,11 @@ if (defined('SUCURISCAN')) {
|
|
149 |
add_action('delete_user', 'SucuriScanHook::hookUserDelete', 50, 5);
|
150 |
add_action('edit_link', 'SucuriScanHook::hookLinkEdit', 50, 5);
|
151 |
add_action('login_form_resetpass', 'SucuriScanHook::hookLoginFormResetpass', 50, 5);
|
|
|
152 |
add_action('publish_page', 'SucuriScanHook::hookPublishPage', 50, 5);
|
153 |
add_action('publish_phone', 'SucuriScanHook::hookPublishPhone', 50, 5);
|
154 |
add_action('publish_post', 'SucuriScanHook::hookPublishPost', 50, 5);
|
|
|
155 |
add_action('retrieve_password', 'SucuriScanHook::hookRetrievePassword', 50, 5);
|
156 |
add_action('switch_theme', 'SucuriScanHook::hookThemeSwitch', 50, 5);
|
157 |
add_action('transition_post_status', 'SucuriScanHook::hookPostStatus', 50, 3);
|
142 |
add_action('activated_plugin', 'SucuriScanHook::hookPluginActivate', 50, 2);
|
143 |
add_action('add_attachment', 'SucuriScanHook::hookAttachmentAdd', 50, 5);
|
144 |
add_action('add_link', 'SucuriScanHook::hookLinkAdd', 50, 5);
|
145 |
+
add_action('add_user_to_blog', 'SucuriScanHook::hookAddUserToBlog', 50, 4);
|
146 |
add_action('before_delete_post', 'SucuriScanHook::hookPostBeforeDelete', 50, 5);
|
147 |
add_action('create_category', 'SucuriScanHook::hookCategoryCreate', 50, 5);
|
148 |
add_action('deactivated_plugin', 'SucuriScanHook::hookPluginDeactivate', 50, 2);
|
150 |
add_action('delete_user', 'SucuriScanHook::hookUserDelete', 50, 5);
|
151 |
add_action('edit_link', 'SucuriScanHook::hookLinkEdit', 50, 5);
|
152 |
add_action('login_form_resetpass', 'SucuriScanHook::hookLoginFormResetpass', 50, 5);
|
153 |
+
add_action('profile_update','SucuriScanHook::hookProfileUpdate', 50, 5);
|
154 |
add_action('publish_page', 'SucuriScanHook::hookPublishPage', 50, 5);
|
155 |
add_action('publish_phone', 'SucuriScanHook::hookPublishPhone', 50, 5);
|
156 |
add_action('publish_post', 'SucuriScanHook::hookPublishPost', 50, 5);
|
157 |
+
add_action('remove_user_from_blog', 'SucuriScanHook::hookRemoveUserFromBlog', 50, 2);
|
158 |
add_action('retrieve_password', 'SucuriScanHook::hookRetrievePassword', 50, 5);
|
159 |
add_action('switch_theme', 'SucuriScanHook::hookThemeSwitch', 50, 5);
|
160 |
add_action('transition_post_status', 'SucuriScanHook::hookPostStatus', 50, 3);
|
src/hook.lib.php
CHANGED
@@ -69,6 +69,59 @@ class SucuriScanHook extends SucuriScanEvent
|
|
69 |
self::reportNoticeEvent($message);
|
70 |
self::notifyEvent('post_publication', $message);
|
71 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
72 |
|
73 |
/**
|
74 |
* Send an alert notifying that a category was created.
|
@@ -938,6 +991,46 @@ class SucuriScanHook extends SucuriScanEvent
|
|
938 |
self::reportWarningEvent('User account deleted; ID: ' . $id);
|
939 |
}
|
940 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
941 |
/**
|
942 |
* Send an alert notifying that a new user account was created.
|
943 |
*
|
69 |
self::reportNoticeEvent($message);
|
70 |
self::notifyEvent('post_publication', $message);
|
71 |
}
|
72 |
+
|
73 |
+
/**
|
74 |
+
* Send and alert notifying that a user was added to a blog.
|
75 |
+
*
|
76 |
+
* @param int $user_id User ID.
|
77 |
+
* @param string $role User role.
|
78 |
+
* @param int $blog_id Blog ID.
|
79 |
+
*/
|
80 |
+
public static function hookAddUserToBlog($user_id, $role, $blog_id)
|
81 |
+
{
|
82 |
+
$title = 'unknown';
|
83 |
+
$email = 'user@domain.com';
|
84 |
+
$data = get_userdata($user_id);
|
85 |
+
|
86 |
+
if ($data) {
|
87 |
+
$title = $data->user_login;
|
88 |
+
$email = $data->user_email;
|
89 |
+
}
|
90 |
+
|
91 |
+
$message = sprintf('User added to website; user_id: %s; role: %s; blog_id: %s; name: %s; email: %s',
|
92 |
+
$user_id,
|
93 |
+
$role,
|
94 |
+
$blog_id,
|
95 |
+
$title,
|
96 |
+
$email
|
97 |
+
);
|
98 |
+
self::reportWarningEvent($message);
|
99 |
+
}
|
100 |
+
|
101 |
+
/**
|
102 |
+
* Send and alert notifying that a user was removed from a blog.
|
103 |
+
*
|
104 |
+
* @param int $user_id User ID.
|
105 |
+
* @param int $blog_id Blog ID.
|
106 |
+
*/
|
107 |
+
public static function hookRemoveUserFromBlog($user_id, $blog_id) {
|
108 |
+
$title = 'unknown';
|
109 |
+
$email = 'user@domain.com';
|
110 |
+
$data = get_userdata($user_id);
|
111 |
+
|
112 |
+
if ($data) {
|
113 |
+
$title = $data->user_login;
|
114 |
+
$email = $data->user_email;
|
115 |
+
}
|
116 |
+
|
117 |
+
$message = sprintf('User removed from website; user_id: %s; blog_id: %s; name: %s; email: %s',
|
118 |
+
$user_id,
|
119 |
+
$blog_id,
|
120 |
+
$title,
|
121 |
+
$email
|
122 |
+
);
|
123 |
+
self::reportWarningEvent($message);
|
124 |
+
}
|
125 |
|
126 |
/**
|
127 |
* Send an alert notifying that a category was created.
|
991 |
self::reportWarningEvent('User account deleted; ID: ' . $id);
|
992 |
}
|
993 |
|
994 |
+
/**
|
995 |
+
* Send an alert notifying that a user was edited.
|
996 |
+
* @param int $id The identifier of the edited user account
|
997 |
+
* @param object $old_user_data Object containing user's data prior to update.
|
998 |
+
*/
|
999 |
+
public static function hookProfileUpdate($id = 0, $old_user_data)
|
1000 |
+
{
|
1001 |
+
$title = 'unknown';
|
1002 |
+
$email = 'user@domain.com';
|
1003 |
+
$roles = 'none';
|
1004 |
+
$data = get_userdata($id);
|
1005 |
+
|
1006 |
+
if ($data) {
|
1007 |
+
$title = $data->user_login;
|
1008 |
+
$email = $data->user_email;
|
1009 |
+
$roles = @implode(', ', $data->roles);
|
1010 |
+
}
|
1011 |
+
|
1012 |
+
$old_title = 'unknown';
|
1013 |
+
$old_email = 'user@domain.com';
|
1014 |
+
$old_roles = 'none';
|
1015 |
+
|
1016 |
+
if($old_user_data) {
|
1017 |
+
$old_title = $old_user_data->user_login;
|
1018 |
+
$old_email = $old_user_data->user_email;
|
1019 |
+
$old_roles = @implode(', ', $old_user_data->roles);
|
1020 |
+
}
|
1021 |
+
|
1022 |
+
$message = sprintf('User account edited; ID: %s; name: %s; old_name: %s; email: %s; old_email: %s; roles: %s; old_roles: %s',
|
1023 |
+
$id,
|
1024 |
+
$title,
|
1025 |
+
$old_title,
|
1026 |
+
$email,
|
1027 |
+
$old_email,
|
1028 |
+
$roles,
|
1029 |
+
$old_roles
|
1030 |
+
);
|
1031 |
+
self::reportWarningEvent($message);
|
1032 |
+
}
|
1033 |
+
|
1034 |
/**
|
1035 |
* Send an alert notifying that a new user account was created.
|
1036 |
*
|
src/option.lib.php
CHANGED
@@ -114,7 +114,7 @@ class SucuriScanOption extends SucuriScanRequest
|
|
114 |
'sucuriscan_use_wpmail' => 'enabled',
|
115 |
);
|
116 |
|
117 |
-
return $defaults;
|
118 |
}
|
119 |
|
120 |
/**
|
114 |
'sucuriscan_use_wpmail' => 'enabled',
|
115 |
);
|
116 |
|
117 |
+
return (array) apply_filters('sucuriscan_option_defaults', $defaults);
|
118 |
}
|
119 |
|
120 |
/**
|
sucuri.php
CHANGED
@@ -6,7 +6,7 @@
|
|
6 |
* Plugin URI: https://wordpress.sucuri.net/
|
7 |
* Author URI: https://sucuri.net/
|
8 |
* Author: Sucuri Inc.
|
9 |
-
* Version: 1.8.
|
10 |
*
|
11 |
* PHP version 5
|
12 |
*
|
@@ -83,7 +83,7 @@ define('SUCURISCAN', 'sucuriscan');
|
|
83 |
/**
|
84 |
* Current version of the plugin's code.
|
85 |
*/
|
86 |
-
define('SUCURISCAN_VERSION', '1.8.
|
87 |
|
88 |
/**
|
89 |
* Defines the human readable name of the plugin.
|
6 |
* Plugin URI: https://wordpress.sucuri.net/
|
7 |
* Author URI: https://sucuri.net/
|
8 |
* Author: Sucuri Inc.
|
9 |
+
* Version: 1.8.14
|
10 |
*
|
11 |
* PHP version 5
|
12 |
*
|
83 |
/**
|
84 |
* Current version of the plugin's code.
|
85 |
*/
|
86 |
+
define('SUCURISCAN_VERSION', '1.8.14');
|
87 |
|
88 |
/**
|
89 |
* Defines the human readable name of the plugin.
|