Sucuri Security – Auditing, Malware Scanner and Security Hardening - Version 1.8.18

Version Description

  • Keep settings when the plugin is deactivated, unless the plugin is uninstalled
Download this release

Release Info

Developer ycampo
Plugin Icon 128x128 Sucuri Security – Auditing, Malware Scanner and Security Hardening
Version 1.8.18
Comparing to
See all releases

Code changes from version 1.8.17 to 1.8.18

Files changed (7) hide show
  1. inc/tpl/settings-general-datastorage.snippet.tpl +34 -0
  2. readme.txt +4 -1
  3. src/command.lib.php +1 -1
  4. src/hardening.lib.php +4 -0
  5. src/option.lib.php +2 -2
  6. src/settings-general.php +22 -16
  7. sucuri.php +24 -12
inc/tpl/settings-general-datastorage.snippet.tpl CHANGED
@@ -6,6 +6,40 @@
6
 
7
  <td>
8
  <span class="sucuriscan-monospace">%%SUCURI.Storage.Filepath%%</span>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
9
  </td>
10
 
11
  <td>
6
 
7
  <td>
8
  <span class="sucuriscan-monospace">%%SUCURI.Storage.Filepath%%</span>
9
+
10
+ <span class="sucuriscan-tooltip" content="%%SUCURI.Storage.Description%%">
11
+ <svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="14" height="14">
12
+ <path fill="#000000" d="m6.998315,0.033333c-3.846307,0 -6.964982,
13
+ 3.118675 -6.964982,6.964982s3.118675,6.965574 6.964982,6.965574s6.965574,
14
+ -3.119267 6.965574,-6.965574s-3.119267,-6.964982 -6.965574,-6.964982zm1.449957,
15
+ 10.794779c-0.358509,0.141517 -0.643901,0.248833 -0.857945,0.32313c-0.213455,
16
+ 0.074296 -0.461699,0.111444 -0.744143,0.111444c-0.433985,0 -0.771855,
17
+ -0.106137 -1.012434,-0.317823s-0.360279,-0.479978 -0.360279,-0.806055c0,
18
+ -0.126776 0.008845,-0.256499 0.026534,-0.388581c0.018281,-0.132082 0.047174,
19
+ -0.280675 0.086679,-0.447547l0.448727,-1.584988c0.039507,-0.152131 0.073707,
20
+ -0.296596 0.100831,-0.431036c0.027123,-0.135621 0.040097,-0.260037 0.040097,
21
+ -0.37325c0,-0.201661 -0.041865,-0.343178 -0.125008,-0.422782c-0.08432,
22
+ -0.079603 -0.242937,-0.11852 -0.479388,-0.11852c-0.115572,0 -0.234682,
23
+ 0.0171 -0.35674,0.05307c-0.120879,0.037148 -0.225837,0.070758 -0.311926,
24
+ 0.103779l0.118521,-0.488235c0.293647,-0.119699 0.574911,-0.222299 0.843204,
25
+ -0.307209c0.268291,-0.086089 0.521842,-0.128543 0.760652,-0.128543c0.431036,
26
+ 0 0.7636,0.104959 0.997693,0.312517c0.232913,0.208147 0.350253,0.478797 0.350253,
27
+ 0.811363c0,0.068989 -0.008255,0.190458 -0.024174,0.363815c-0.015921,
28
+ 0.173947 -0.045994,0.332565 -0.089628,0.478209l-0.446368,1.580269c-0.036558,
29
+ 0.126776 -0.068988,0.271831 -0.098472,0.433985c-0.028893,0.162156 -0.043043,
30
+ 0.285983 -0.043043,0.369123c0,0.209916 0.046582,0.353202 0.140926,
31
+ 0.429268c0.093164,0.076064 0.256498,0.114392 0.487643,0.114392c0.109086,
32
+ 0 0.231144,-0.019459 0.369124,-0.057197c0.136799,-0.037737 0.23586,
33
+ -0.071349 0.298364,-0.100241l-0.119699,0.487643zm-0.079014,-6.414247c-0.208148,
34
+ 0.193407 -0.45875,0.290109 -0.751808,0.290109c-0.292469,0 -0.54484,
35
+ -0.096702 -0.754756,-0.290109c-0.208737,-0.193406 -0.314285,-0.428678 -0.314285,
36
+ -0.703457c0,-0.274188 0.106138,-0.51005 0.314285,-0.705225c0.208148,
37
+ -0.195175 0.462287,-0.293058 0.754756,-0.293058c0.293058,0 0.54425,
38
+ 0.097293 0.751808,0.293058c0.208146,0.195175 0.312516,0.431036 0.312516,
39
+ 0.705225c0,0.275368 -0.10437,0.510051 -0.312516,0.703457z">
40
+ </path>
41
+ </svg>
42
+ </span>
43
  </td>
44
 
45
  <td>
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate Link: https://sucuri.net/
4
  Tags: malware, security, firewall, scan, spam, virus, sucuri, protection, blacklist, detection, hardening, file integrity
5
  Requires at least: 3.6
6
  Tested up to: 4.9.4
7
- Stable tag: 1.8.17
8
 
9
  The Sucuri WordPress Security plugin is a security toolset for security integrity monitoring, malware detection and security hardening.
10
 
@@ -190,6 +190,9 @@ This version adds support for the latest version of WordPress. Introduces new fe
190
 
191
  == Changelog ==
192
 
 
 
 
193
  = 1.8.17 =
194
  * Update [Terms of Service](https://sucuri.net/terms) and [Privacy Policy](https://sucuri.net/privacy)
195
 
4
  Tags: malware, security, firewall, scan, spam, virus, sucuri, protection, blacklist, detection, hardening, file integrity
5
  Requires at least: 3.6
6
  Tested up to: 4.9.4
7
+ Stable tag: 1.8.18
8
 
9
  The Sucuri WordPress Security plugin is a security toolset for security integrity monitoring, malware detection and security hardening.
10
 
190
 
191
  == Changelog ==
192
 
193
+ = 1.8.18 =
194
+ * Keep settings when the plugin is deactivated, unless the plugin is uninstalled
195
+
196
  = 1.8.17 =
197
  * Update [Terms of Service](https://sucuri.net/terms) and [Privacy Policy](https://sucuri.net/privacy)
198
 
src/command.lib.php CHANGED
@@ -72,7 +72,7 @@ class SucuriScanCommand extends SucuriScan
72
  }
73
 
74
  if ($err !== 0) {
75
- return self::throwException('Command ' . $cmd . ' does not exists');
76
  }
77
 
78
  return true;
72
  }
73
 
74
  if ($err !== 0) {
75
+ return self::throwException('Command ' . $cmd . ' does not exist');
76
  }
77
 
78
  return true;
src/hardening.lib.php CHANGED
@@ -98,6 +98,10 @@ class SucuriScanHardening extends SucuriScan
98
  $fhandle = @fopen($target, 'w');
99
  }
100
 
 
 
 
 
101
  $deny_rules = self::getRules();
102
  $rules_text = implode("\n", $deny_rules);
103
  $written = @fwrite($fhandle, "\n" . $rules_text . "\n");
98
  $fhandle = @fopen($target, 'w');
99
  }
100
 
101
+ if (!$fhandle) {
102
+ return false;
103
+ }
104
+
105
  $deny_rules = self::getRules();
106
  $rules_text = implode("\n", $deny_rules);
107
  $written = @fwrite($fhandle, "\n" . $rules_text . "\n");
src/option.lib.php CHANGED
@@ -81,7 +81,7 @@ class SucuriScanOption extends SucuriScanRequest
81
  'sucuriscan_maximum_failed_logins' => 30,
82
  'sucuriscan_notify_available_updates' => 'disabled',
83
  'sucuriscan_notify_bruteforce_attack' => 'disabled',
84
- 'sucuriscan_notify_failed_login' => 'enabled',
85
  'sucuriscan_notify_plugin_activated' => 'enabled',
86
  'sucuriscan_notify_plugin_change' => 'enabled',
87
  'sucuriscan_notify_plugin_deactivated' => 'disabled',
@@ -91,7 +91,7 @@ class SucuriScanOption extends SucuriScanRequest
91
  'sucuriscan_notify_post_publication' => 'enabled',
92
  'sucuriscan_notify_scan_checksums' => 'disabled',
93
  'sucuriscan_notify_settings_updated' => 'enabled',
94
- 'sucuriscan_notify_success_login' => 'enabled',
95
  'sucuriscan_notify_theme_activated' => 'enabled',
96
  'sucuriscan_notify_theme_deleted' => 'disabled',
97
  'sucuriscan_notify_theme_editor' => 'enabled',
81
  'sucuriscan_maximum_failed_logins' => 30,
82
  'sucuriscan_notify_available_updates' => 'disabled',
83
  'sucuriscan_notify_bruteforce_attack' => 'disabled',
84
+ 'sucuriscan_notify_failed_login' => 'disabled',
85
  'sucuriscan_notify_plugin_activated' => 'enabled',
86
  'sucuriscan_notify_plugin_change' => 'enabled',
87
  'sucuriscan_notify_plugin_deactivated' => 'disabled',
91
  'sucuriscan_notify_post_publication' => 'enabled',
92
  'sucuriscan_notify_scan_checksums' => 'disabled',
93
  'sucuriscan_notify_settings_updated' => 'enabled',
94
+ 'sucuriscan_notify_success_login' => 'disabled',
95
  'sucuriscan_notify_theme_activated' => 'enabled',
96
  'sucuriscan_notify_theme_deleted' => 'disabled',
97
  'sucuriscan_notify_theme_editor' => 'enabled',
src/settings-general.php CHANGED
@@ -161,20 +161,20 @@ function sucuriscan_settings_general_datastorage($nonce)
161
  {
162
  $params = array();
163
  $files = array(
164
- '', /* <root> */
165
- 'auditlogs',
166
- 'auditqueue',
167
- 'blockedusers', /* TODO: deprecated on 1.8.12 */
168
- 'failedlogins',
169
- 'hookdata',
170
- 'ignorescanning',
171
- 'integrity',
172
- 'lastlogins',
173
- 'oldfailedlogins',
174
- 'plugindata',
175
- 'settings',
176
- 'sitecheck',
177
- 'trustip',
178
  );
179
 
180
  $params['Storage.Files'] = '';
@@ -190,7 +190,7 @@ function sucuriscan_settings_general_datastorage($nonce)
190
  $short = substr($filename, 7); /* drop directroy path */
191
  $short = substr($short, 0, -4); /* drop file extension */
192
 
193
- if (!$short || empty($short) || !in_array($short, $files)) {
194
  continue; /* prevent path traversal */
195
  }
196
 
@@ -216,7 +216,12 @@ function sucuriscan_settings_general_datastorage($nonce)
216
  }
217
  }
218
 
219
- foreach ($files as $name) {
 
 
 
 
 
220
  $fsize = 0;
221
  $fname = ($name ? sprintf('sucuri-%s.php', $name) : '');
222
  $fpath = SucuriScan::dataStorePath($fname);
@@ -247,6 +252,7 @@ function sucuriscan_settings_general_datastorage($nonce)
247
  $params['Storage.DisabledInput'] = $disabled;
248
  $params['Storage.Existence'] = $labelExistence;
249
  $params['Storage.Writability'] = $labelWritability;
 
250
 
251
  if (is_dir($fpath)) {
252
  $params['Storage.Filesize'] = '';
161
  {
162
  $params = array();
163
  $files = array(
164
+ '<root>' => 'Directory used to store the plugin settings, cache and system logs',
165
+ 'auditlogs' => 'Cache to store the system logs obtained from the API service; expires after ' . SUCURISCAN_AUDITLOGS_LIFETIME . ' seconds.',
166
+ 'auditqueue' => 'Local queue to store the most recent logs before they are sent to the remote API service.',
167
+ 'blockedusers' => 'Deprecated on 1.8.12; it was used to store a list of blocked user names.', /* TODO: deprecated on 1.8.12 */
168
+ 'failedlogins' => 'Stores the data for every failed login attempt. The data is moved to "oldfailedlogins" every hour during a brute force password attack.',
169
+ 'hookdata' => 'Temporarily stores data to complement the logs during destructive operations like deleting a post, page, comment, etc.',
170
+ 'ignorescanning' => 'Stores a list of files and folders chosen by the user to be ignored by the file system scanner.',
171
+ 'integrity' => 'Stores a list of files marked as fixed by the user via the WordPress Integrity tool.',
172
+ 'lastlogins' => 'Stores the data associated to every successful user login. The data never expires; manually delete if the file is too large.',
173
+ 'oldfailedlogins' => 'Stores the data for every failed login attempt after the plugin sends a report about a brute force password attack via email.',
174
+ 'plugindata' => 'Cache to store the data associated to the installed plugins listed in the Post-Hack page. Expires after ' . SUCURISCAN_GET_PLUGINS_LIFETIME . ' seconds.',
175
+ 'settings' => 'Stores all the options used to configure the functionality and behavior of the plugin.',
176
+ 'sitecheck' => 'Cache to store the result of the malware scanner. Expires after ' . SUCURISCAN_SITECHECK_LIFETIME . ' seconds, reset at any time to force a re-scan.',
177
+ 'trustip' => 'Stores a list of IP addresses trusted by the plugin, events triggered by one of these IPs will not be reported to the remote monitoring API service.',
178
  );
179
 
180
  $params['Storage.Files'] = '';
190
  $short = substr($filename, 7); /* drop directroy path */
191
  $short = substr($short, 0, -4); /* drop file extension */
192
 
193
+ if (!$short || empty($short) || !array_key_exists($short, $files)) {
194
  continue; /* prevent path traversal */
195
  }
196
 
216
  }
217
  }
218
 
219
+ foreach ($files as $name => $desc) {
220
+ if ($name === '<root>') {
221
+ /* convert to folder */
222
+ $name = '';
223
+ }
224
+
225
  $fsize = 0;
226
  $fname = ($name ? sprintf('sucuri-%s.php', $name) : '');
227
  $fpath = SucuriScan::dataStorePath($fname);
252
  $params['Storage.DisabledInput'] = $disabled;
253
  $params['Storage.Existence'] = $labelExistence;
254
  $params['Storage.Writability'] = $labelWritability;
255
+ $params['Storage.Description'] = $desc;
256
 
257
  if (is_dir($fpath)) {
258
  $params['Storage.Filesize'] = '';
sucuri.php CHANGED
@@ -6,7 +6,7 @@
6
  * Plugin URI: https://wordpress.sucuri.net/
7
  * Author URI: https://sucuri.net/
8
  * Author: Sucuri Inc.
9
- * Version: 1.8.17
10
  *
11
  * PHP version 5
12
  *
@@ -83,7 +83,7 @@ define('SUCURISCAN', 'sucuriscan');
83
  /**
84
  * Current version of the plugin's code.
85
  */
86
- define('SUCURISCAN_VERSION', '1.8.17');
87
 
88
  /**
89
  * Defines the human readable name of the plugin.
@@ -242,18 +242,31 @@ if (defined('WP_CLI') && WP_CLI) {
242
  }
243
 
244
  /**
245
- * Uninstalls the plugin, its settings and reverts the hardening.
246
  *
247
- * When the user decides to deactivate and/or uninstall the plugin it will call
248
- * this method to delete all traces of data inserted into the database by older
249
- * versions of the code, will remove the scheduled task, will delte the options
250
- * inserted into the sub-database associated to a multi-site installation, will
251
- * revert the hardening applied to the core directories, and will delete all the
252
- * security logs, cache and additional data stored in the storage directory.
253
  *
254
  * @return void
255
  */
256
  function sucuriscanResetAndDeactivate()
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
257
  {
258
  if (array_key_exists('wpdb', $GLOBALS)) {
259
  /* Delete all plugin related options from the database */
@@ -268,9 +281,6 @@ function sucuriscanResetAndDeactivate()
268
  }
269
  }
270
 
271
- /* Delete scheduled task from the system */
272
- wp_clear_scheduled_hook('sucuriscan_scheduled_scan');
273
-
274
  /* Delete settings from the database if they exist */
275
  $options = SucuriScanOption::getDefaultOptionNames();
276
  foreach ($options as $option_name) {
@@ -296,3 +306,5 @@ function sucuriscanResetAndDeactivate()
296
  }
297
 
298
  register_deactivation_hook(__FILE__, 'sucuriscanResetAndDeactivate');
 
 
6
  * Plugin URI: https://wordpress.sucuri.net/
7
  * Author URI: https://sucuri.net/
8
  * Author: Sucuri Inc.
9
+ * Version: 1.8.18
10
  *
11
  * PHP version 5
12
  *
83
  /**
84
  * Current version of the plugin's code.
85
  */
86
+ define('SUCURISCAN_VERSION', '1.8.18');
87
 
88
  /**
89
  * Defines the human readable name of the plugin.
242
  }
243
 
244
  /**
245
+ * Deactivated the plugin
246
  *
247
+ * Remove the scheduled task, but don't clear other things yet until the plugin is uninstalled.
 
 
 
 
 
248
  *
249
  * @return void
250
  */
251
  function sucuriscanResetAndDeactivate()
252
+ {
253
+ /* Delete scheduled task from the system */
254
+ wp_clear_scheduled_hook('sucuriscan_scheduled_scan');
255
+ }
256
+
257
+ /**
258
+ * Uninstalled the plugin
259
+ *
260
+ * When the user decides to uninstall the plugin it will call this method to
261
+ * delete all traces of data inserted into the database by older versions of the
262
+ * code, will delete the options inserted into the sub-database associated to a
263
+ * multi-site installation, will revert the hardening applied to the core
264
+ * directories, and will delete all the logs, cache and additional data stored
265
+ * in the storage directory.
266
+ *
267
+ * @return void
268
+ */
269
+ function sucuriscanUninstall()
270
  {
271
  if (array_key_exists('wpdb', $GLOBALS)) {
272
  /* Delete all plugin related options from the database */
281
  }
282
  }
283
 
 
 
 
284
  /* Delete settings from the database if they exist */
285
  $options = SucuriScanOption::getDefaultOptionNames();
286
  foreach ($options as $option_name) {
306
  }
307
 
308
  register_deactivation_hook(__FILE__, 'sucuriscanResetAndDeactivate');
309
+
310
+ register_uninstall_hook(__FILE__, 'sucuriscanUninstall');