Sucuri Security – Auditing, Malware Scanner and Security Hardening - Version 1.8.20

Version Description

  • Add dynamic core directories in the hardening whitelist options
  • Modify scheduled tasks panel to load the table via Ajax
  • Allow hosting details display to be filterable
  • Preparation for translations
Download this release

Release Info

Developer ycampo
Plugin Icon 128x128 Sucuri Security – Auditing, Malware Scanner and Security Hardening
Version 1.8.20
Comparing to
See all releases

Code changes from version 1.8.19 to 1.8.20

Files changed (95) hide show
  1. inc/tpl/auditlogs.html.tpl +11 -11
  2. inc/tpl/base.html.tpl +8 -8
  3. inc/tpl/dashboard.html.tpl +2 -2
  4. inc/tpl/firewall-auditlogs.html.tpl +7 -7
  5. inc/tpl/firewall-auditlogs.snippet.tpl +6 -6
  6. inc/tpl/firewall-clearcache.html.tpl +9 -9
  7. inc/tpl/firewall-ipaccess.html.tpl +11 -11
  8. inc/tpl/firewall-settings.html.tpl +11 -11
  9. inc/tpl/firewall.html.tpl +4 -4
  10. inc/tpl/integrity-correct.html.tpl +5 -5
  11. inc/tpl/integrity-diff-utility.html.tpl +2 -8
  12. inc/tpl/integrity-incorrect.html.tpl +18 -18
  13. inc/tpl/integrity-notification.html.tpl +7 -7
  14. inc/tpl/integrity.html.tpl +3 -3
  15. inc/tpl/lastlogins-admins.html.tpl +5 -5
  16. inc/tpl/lastlogins-admins.snippet.tpl +4 -4
  17. inc/tpl/lastlogins-all.html.tpl +8 -8
  18. inc/tpl/lastlogins-all.snippet.tpl +1 -1
  19. inc/tpl/lastlogins-failedlogins.html.tpl +8 -8
  20. inc/tpl/lastlogins-loggedin.html.tpl +8 -8
  21. inc/tpl/lastlogins-loggedin.snippet.tpl +1 -1
  22. inc/tpl/lastlogins.html.tpl +4 -4
  23. inc/tpl/notification-pretty.html.tpl +5 -5
  24. inc/tpl/register-site.html.tpl +9 -9
  25. inc/tpl/settings-alerts-bruteforce.html.tpl +4 -4
  26. inc/tpl/settings-alerts-events.html.tpl +5 -5
  27. inc/tpl/settings-alerts-ignore-posts.html.tpl +12 -12
  28. inc/tpl/settings-alerts-perhour.html.tpl +4 -4
  29. inc/tpl/settings-alerts-recipients.html.tpl +9 -9
  30. inc/tpl/settings-alerts-subject.html.tpl +4 -4
  31. inc/tpl/settings-alerts-trustedips.html.tpl +11 -11
  32. inc/tpl/settings-apirecovery.html.tpl +4 -4
  33. inc/tpl/settings-apiregistered.html.tpl +4 -4
  34. inc/tpl/settings-apiservice-checksums.html.tpl +6 -6
  35. inc/tpl/settings-apiservice-proxy.html.tpl +6 -6
  36. inc/tpl/settings-apiservice-status.html.tpl +5 -5
  37. inc/tpl/settings-general-apikey.html.tpl +8 -8
  38. inc/tpl/settings-general-datastorage.html.tpl +8 -8
  39. inc/tpl/settings-general-importexport.html.tpl +4 -4
  40. inc/tpl/settings-general-ipdiscoverer.html.tpl +11 -11
  41. inc/tpl/settings-general-resetoptions.html.tpl +4 -4
  42. inc/tpl/settings-general-reverseproxy.html.tpl +3 -3
  43. inc/tpl/settings-general-selfhosting.html.tpl +5 -5
  44. inc/tpl/settings-general-timezone.html.tpl +4 -4
  45. inc/tpl/settings-hardening-whitelist-phpfiles.html.tpl +11 -13
  46. inc/tpl/settings-posthack-available-updates-alert.html.tpl +5 -5
  47. inc/tpl/settings-posthack-available-updates.html.tpl +7 -7
  48. inc/tpl/settings-posthack-available-updates.snippet.tpl +1 -1
  49. inc/tpl/settings-posthack-reset-password-alert.html.tpl +1 -1
  50. inc/tpl/settings-posthack-reset-password.html.tpl +9 -9
  51. inc/tpl/settings-posthack-reset-plugins.html.tpl +12 -12
  52. inc/tpl/settings-posthack-security-keys.html.tpl +8 -8
  53. inc/tpl/settings-scanner-cronjobs.html.tpl +30 -12
  54. inc/tpl/settings-scanner-ignore-folders.html.tpl +9 -9
  55. inc/tpl/settings-scanner-integrity-cache.html.tpl +8 -8
  56. inc/tpl/settings-scanner-integrity-diff-utility.html.tpl +3 -3
  57. inc/tpl/settings-webinfo-details.html.tpl +1 -1
  58. inc/tpl/settings-webinfo-htaccess.html.tpl +6 -6
  59. inc/tpl/settings.html.tpl +8 -8
  60. inc/tpl/sitecheck-details.html.tpl +2 -2
  61. inc/tpl/sitecheck-malware.html.tpl +6 -6
  62. inc/tpl/sitecheck-malware.snippet.tpl +1 -1
  63. inc/tpl/sitecheck-recommendations.html.tpl +1 -1
  64. inc/tpl/sitecheck-target.html.tpl +5 -5
  65. lang/sucuri-scanner.pot +3238 -0
  66. readme.txt +7 -1
  67. src/api.lib.php +12 -12
  68. src/auditlogs.lib.php +6 -6
  69. src/base.lib.php +2 -8
  70. src/cache.lib.php +4 -4
  71. src/event.lib.php +17 -30
  72. src/fileinfo.lib.php +14 -10
  73. src/firewall.lib.php +29 -29
  74. src/globals.php +6 -6
  75. src/hardening.lib.php +5 -5
  76. src/hook.lib.php +73 -73
  77. src/integrity.lib.php +14 -13
  78. src/interface.lib.php +8 -8
  79. src/lastlogins-failed.php +11 -11
  80. src/lastlogins.php +4 -5
  81. src/mail.lib.php +3 -3
  82. src/option.lib.php +1 -1
  83. src/pagehandler.php +9 -8
  84. src/settings-alerts.php +76 -80
  85. src/settings-apiservice.php +11 -11
  86. src/settings-general.php +64 -64
  87. src/settings-hardening.php +93 -141
  88. src/settings-integrity.php +7 -8
  89. src/settings-posthack.php +19 -19
  90. src/settings-scanner.php +38 -21
  91. src/settings-webinfo.php +3 -3
  92. src/sitecheck.lib.php +11 -11
  93. src/strings.php +523 -0
  94. src/template.lib.php +14 -2
  95. sucuri.php +12 -4
inc/tpl/auditlogs.html.tpl CHANGED
@@ -21,9 +21,9 @@ jQuery(document).ready(function ($) {
21
  url += '&paged=' + page;
22
  }
23
 
24
- $('.sucuriscan-auditlog-response').html('<em>Loading...</em>');
25
- $('.sucuriscan-auditlog-status').html('Loading...');
26
- $('.sucuriscan-pagination-loading').html('Loading...');
27
  $('.sucuriscan-pagination-panel').addClass('sucuriscan-hidden');
28
  $('.sucuriscan-auditlog-footer').addClass('sucuriscan-hidden');
29
 
@@ -72,7 +72,7 @@ jQuery(document).ready(function ($) {
72
  event.preventDefault();
73
 
74
  $('.sucuriscan-sendlogs-panel').attr('content', '');
75
- $('.sucuriscan-auditlogs-sendlogs-response').html('Loading...');
76
 
77
  $.post('%%SUCURI.AjaxURL.Dashboard%%', {
78
  action: 'sucuriscan_ajax',
@@ -83,11 +83,11 @@ jQuery(document).ready(function ($) {
83
 
84
  setTimeout(function (){
85
  var tooltipContent =
86
- 'Total logs in the queue: {TTLLOGS}<br>' +
87
- 'Maximum execution time: {MAXTIME}<br>' +
88
- 'Successfully sent to the API: {SUCCESS}<br>' +
89
- 'Total request timeouts (failures): {FAILURE}<br>' +
90
- 'Total execution time: {ELAPSED} secs';
91
  $('.sucuriscan-sendlogs-panel')
92
  .attr('content', tooltipContent
93
  .replace('{MAXTIME}', data.maxtime)
@@ -104,7 +104,7 @@ jQuery(document).ready(function ($) {
104
 
105
  <div class="sucuriscan-auditlog-table">
106
  <div class="sucuriscan-auditlog-response">
107
- <em>Loading...</em>
108
  </div>
109
 
110
  <div class="sucuriscan-clearfix sucuriscan-pagination-panel">
@@ -121,7 +121,7 @@ jQuery(document).ready(function ($) {
121
  <div class="sucuriscan-pull-left sucuriscan-hidden sucuriscan-tooltip
122
  sucuriscan-sendlogs-panel" tooltip-width="250" tooltip-html="true">
123
  <small class="sucuriscan-auditlogs-sendlogs-response"></small>
124
- <small><a href="#" class="sucuriscan-auditlogs-sendlogs">Send Logs</a></small>
125
  </div>
126
 
127
  <div class="sucuriscan-pull-right">
21
  url += '&paged=' + page;
22
  }
23
 
24
+ $('.sucuriscan-auditlog-response').html('<em>{{Loading...}}</em>');
25
+ $('.sucuriscan-auditlog-status').html('{{Loading...}}');
26
+ $('.sucuriscan-pagination-loading').html('{{Loading...}}');
27
  $('.sucuriscan-pagination-panel').addClass('sucuriscan-hidden');
28
  $('.sucuriscan-auditlog-footer').addClass('sucuriscan-hidden');
29
 
72
  event.preventDefault();
73
 
74
  $('.sucuriscan-sendlogs-panel').attr('content', '');
75
+ $('.sucuriscan-auditlogs-sendlogs-response').html('{{Loading...}}');
76
 
77
  $.post('%%SUCURI.AjaxURL.Dashboard%%', {
78
  action: 'sucuriscan_ajax',
83
 
84
  setTimeout(function (){
85
  var tooltipContent =
86
+ '{{Total logs in the queue:}} {TTLLOGS}<br>' +
87
+ '{{Maximum execution time:}} {MAXTIME}<br>' +
88
+ '{{Successfully sent to the API:}} {SUCCESS}<br>' +
89
+ '{{Total request timeouts (failures):}} {FAILURE}<br>' +
90
+ '{{Total execution time:}} {ELAPSED} secs';
91
  $('.sucuriscan-sendlogs-panel')
92
  .attr('content', tooltipContent
93
  .replace('{MAXTIME}', data.maxtime)
104
 
105
  <div class="sucuriscan-auditlog-table">
106
  <div class="sucuriscan-auditlog-response">
107
+ <em>{{Loading...}}</em>
108
  </div>
109
 
110
  <div class="sucuriscan-clearfix sucuriscan-pagination-panel">
121
  <div class="sucuriscan-pull-left sucuriscan-hidden sucuriscan-tooltip
122
  sucuriscan-sendlogs-panel" tooltip-width="250" tooltip-html="true">
123
  <small class="sucuriscan-auditlogs-sendlogs-response"></small>
124
+ <small><a href="#" class="sucuriscan-auditlogs-sendlogs">{{Send Logs}}</a></small>
125
  </div>
126
 
127
  <div class="sucuriscan-pull-right">
inc/tpl/base.html.tpl CHANGED
@@ -8,27 +8,27 @@
8
 
9
  <div class="sucuriscan-header sucuriscan-clearfix">
10
  <div class="sucuriscan-pull-left">
11
- <a href="https://sucuri.net/signup" target="_blank" title="Sucuri Security" class="sucuriscan-logo">
12
  <img src="%%SUCURI.PluginURL%%/inc/images/pluginlogo.png" alt="Sucuri Inc." />
13
  </a>
14
- <span class="sucuriscan-subtitle">WP Plugin</span>
15
  <span class="sucuriscan-version">v%%SUCURI.PluginVersion%%</span>
16
  </div>
17
 
18
  <div class="sucuriscan-pull-right sucuriscan-navbar">
19
  <ul>
20
- <li><a href="https://goo.gl/aByqP5" target="_blank" rel="noopener" class="button button-secondary">Review</a></li>
21
 
22
  <li class="sucuriscan-%%SUCURI.GenerateAPIKey.Visibility%%">
23
  <a href="#" class="button button-primary sucuriscan-modal-button sucuriscan-register-site-button"
24
- data-modalid="sucuriscan-register-site">Generate API Key</a>
25
  </li>
26
 
27
- <li><a href="%%SUCURI.URL.Dashboard%%" class="button button-primary">Dashboard</a></li>
28
 
29
- <li><a href="%%SUCURI.URL.Firewall%%" class="button button-primary">Firewall (WAF)</a></li>
30
 
31
- <li><a href="%%SUCURI.URL.Settings%%" class="button button-primary">Settings</a></li>
32
  </ul>
33
  </div>
34
  </div>
@@ -38,6 +38,6 @@
38
  </div>
39
 
40
  <div class="sucuriscan-clearfix sucuriscan-footer">
41
- <div>Copyright &copy; %%SUCURI.Year%% Sucuri Inc. All Rights Reserved.</div>
42
  </div>
43
  </div>
8
 
9
  <div class="sucuriscan-header sucuriscan-clearfix">
10
  <div class="sucuriscan-pull-left">
11
+ <a href="https://sucuri.net/signup" target="_blank" title="{{Sucuri Security}}" class="sucuriscan-logo">
12
  <img src="%%SUCURI.PluginURL%%/inc/images/pluginlogo.png" alt="Sucuri Inc." />
13
  </a>
14
+ <span class="sucuriscan-subtitle">{{WP Plugin}}</span>
15
  <span class="sucuriscan-version">v%%SUCURI.PluginVersion%%</span>
16
  </div>
17
 
18
  <div class="sucuriscan-pull-right sucuriscan-navbar">
19
  <ul>
20
+ <li><a href="https://goo.gl/aByqP5" target="_blank" rel="noopener" class="button button-secondary">{{Review}}</a></li>
21
 
22
  <li class="sucuriscan-%%SUCURI.GenerateAPIKey.Visibility%%">
23
  <a href="#" class="button button-primary sucuriscan-modal-button sucuriscan-register-site-button"
24
+ data-modalid="sucuriscan-register-site">{{Generate API Key}}</a>
25
  </li>
26
 
27
+ <li><a href="%%SUCURI.URL.Dashboard%%" class="button button-primary">{{Dashboard}}</a></li>
28
 
29
+ <li><a href="%%SUCURI.URL.Firewall%%" class="button button-primary">{{Firewall (WAF)}}</a></li>
30
 
31
+ <li><a href="%%SUCURI.URL.Settings%%" class="button button-primary">{{Settings}}</a></li>
32
  </ul>
33
  </div>
34
  </div>
38
  </div>
39
 
40
  <div class="sucuriscan-clearfix sucuriscan-footer">
41
+ <div>{{Copyright}} &copy; %%SUCURI.Year%% {{Sucuri Inc. All Rights Reserved.}}</div>
42
  </div>
43
  </div>
inc/tpl/dashboard.html.tpl CHANGED
@@ -7,7 +7,7 @@
7
  jQuery(document).ready(function ($) {
8
  var sucuriscanSiteCheckLinks = function (target, links) {
9
  if (links.length === 0) {
10
- $(target).html('<div><em>no data available</em></div>');
11
  return;
12
  }
13
 
@@ -51,7 +51,7 @@ jQuery(document).ready(function ($) {
51
  <div class="sucuriscan-panel">
52
  <div class="sucuriscan-tabs">
53
  <ul class="sucuriscan-clearfix sucuriscan-tabs-buttons">
54
- <li><a href="%%SUCURI.URL.Dashboard%%#auditlogs">Audit Logs</a></li>
55
  <li><a href="%%SUCURI.URL.Dashboard%%#iframes" id="sucuriscan-title-iframes">%%SUCURI.SiteCheck.iFramesTitle%%</a></li>
56
  <li><a href="%%SUCURI.URL.Dashboard%%#links" id="sucuriscan-title-links">%%SUCURI.SiteCheck.LinksTitle%%</a></li>
57
  <li><a href="%%SUCURI.URL.Dashboard%%#scripts" id="sucuriscan-title-scripts">%%SUCURI.SiteCheck.ScriptsTitle%%</a></li>
7
  jQuery(document).ready(function ($) {
8
  var sucuriscanSiteCheckLinks = function (target, links) {
9
  if (links.length === 0) {
10
+ $(target).html('<div><em>{{No data available}}</em></div>');
11
  return;
12
  }
13
 
51
  <div class="sucuriscan-panel">
52
  <div class="sucuriscan-tabs">
53
  <ul class="sucuriscan-clearfix sucuriscan-tabs-buttons">
54
+ <li><a href="%%SUCURI.URL.Dashboard%%#auditlogs">{{Audit Logs}}</a></li>
55
  <li><a href="%%SUCURI.URL.Dashboard%%#iframes" id="sucuriscan-title-iframes">%%SUCURI.SiteCheck.iFramesTitle%%</a></li>
56
  <li><a href="%%SUCURI.URL.Dashboard%%#links" id="sucuriscan-title-links">%%SUCURI.SiteCheck.LinksTitle%%</a></li>
57
  <li><a href="%%SUCURI.URL.Dashboard%%#scripts" id="sucuriscan-title-scripts">%%SUCURI.SiteCheck.ScriptsTitle%%</a></li>
inc/tpl/firewall-auditlogs.html.tpl CHANGED
@@ -1,12 +1,12 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Firewall Audit Logs</h3>
4
 
5
  <div class="inside">
6
- <p>The firewall logs every request involved in an attack and separates them from the legitimate requests. You can analyze the data from the latest entries in the logs using this tool and take action either enabling the advanced features of the IDS <em>(Intrusion Detection System)</em> from the <a href="https://waf.sucuri.net/?settings" target="_blank" rel="noopener">Firewall Dashboard</a> and/or blocking IP addresses and URL paths directly from the <a href="https://waf.sucuri.net/?audit" target="_blank" rel="noopener">Firewall Audit Trails</a> page.</p>
7
 
8
  <div class="sucuriscan-inline-alert-info">
9
- <p>Non-blocked requests are hidden from the logs, this is intentional.</p>
10
  </div>
11
 
12
  <script type="text/javascript">
@@ -19,7 +19,7 @@
19
  var params = {};
20
 
21
  $('.sucuriscan-firewall-auditlogs tbody')
22
- .html('<tr><td><em>Loading...</em></td></tr>');
23
 
24
  params.action = 'sucuriscan_ajax';
25
  params.form_action = 'get_firewall_logs';
@@ -49,19 +49,19 @@
49
  <select id="sucuriscan_firewall_day">%%%SUCURI.AuditLogs.DateDays%%%</select>
50
  <select id="sucuriscan_firewall_month">%%%SUCURI.AuditLogs.DateMonths%%%</select>
51
  <select id="sucuriscan_firewall_year">%%%SUCURI.AuditLogs.DateYears%%%</select>
52
- <button id="sucuriscan-firewall-auditlogs-button" class="button button-primary">Submit</button>
53
  </fieldset>
54
 
55
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-firewall-auditlogs">
56
  <thead>
57
  <tr>
58
- <th>Firewall Audit Logs</th>
59
  </tr>
60
  </thead>
61
 
62
  <tbody>
63
  <tr>
64
- <td><em>Loading...</em></td>
65
  </tr>
66
  </tbody>
67
  </table>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Firewall Audit Logs}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{The firewall logs every request involved in an attack and separates them from the legitimate requests. You can analyze the data from the latest entries in the logs using this tool and take action either enabling the advanced features of the IDS <em>(Intrusion Detection System)</em> from the <a href="https://waf.sucuri.net/?settings" target="_blank" rel="noopener">Firewall Dashboard</a> and/or blocking IP addresses and URL paths directly from the <a href="https://waf.sucuri.net/?audit" target="_blank" rel="noopener">Firewall Audit Trails</a> page.}}</p>
7
 
8
  <div class="sucuriscan-inline-alert-info">
9
+ <p>{{Non-blocked requests are hidden from the logs, this is intentional.}}</p>
10
  </div>
11
 
12
  <script type="text/javascript">
19
  var params = {};
20
 
21
  $('.sucuriscan-firewall-auditlogs tbody')
22
+ .html('<tr><td><em>{{Loading...}}</em></td></tr>');
23
 
24
  params.action = 'sucuriscan_ajax';
25
  params.form_action = 'get_firewall_logs';
49
  <select id="sucuriscan_firewall_day">%%%SUCURI.AuditLogs.DateDays%%%</select>
50
  <select id="sucuriscan_firewall_month">%%%SUCURI.AuditLogs.DateMonths%%%</select>
51
  <select id="sucuriscan_firewall_year">%%%SUCURI.AuditLogs.DateYears%%%</select>
52
+ <button id="sucuriscan-firewall-auditlogs-button" class="button button-primary">{{Submit}}</button>
53
  </fieldset>
54
 
55
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-firewall-auditlogs">
56
  <thead>
57
  <tr>
58
+ <th>{{Firewall Audit Logs}}</th>
59
  </tr>
60
  </thead>
61
 
62
  <tbody>
63
  <tr>
64
+ <td><em>{{Loading...}}</em></td>
65
  </tr>
66
  </tbody>
67
  </table>
inc/tpl/firewall-auditlogs.snippet.tpl CHANGED
@@ -9,20 +9,20 @@
9
  </div>
10
 
11
  <div class="sucuriscan-accesslog-datetime">
12
- <span class="sucuriscan-accesslog-label">Date/Time:</span>
13
  <span>%%SUCURI.AccessLog.RequestDate%%</span>
14
  <span>%%SUCURI.AccessLog.RequestTime%%</span>
15
  <span>%%SUCURI.AccessLog.RequestTimezone%%</span>
16
  </div>
17
 
18
  <div class="sucuriscan-accesslog-signature">
19
- <span class="sucuriscan-accesslog-label">Signature:</span>
20
  <span>%%SUCURI.AccessLog.SucuriBlockCode%%</span>
21
  <span>(%%SUCURI.AccessLog.SucuriBlockReason%%)</span>
22
  </div>
23
 
24
  <div class="sucuriscan-accesslog-request">
25
- <span class="sucuriscan-accesslog-label">Request:</span>
26
  <span>%%SUCURI.AccessLog.HttpProtocol%%</span>
27
  <span>%%SUCURI.AccessLog.RequestMethod%%</span>
28
  <span>%%SUCURI.AccessLog.HttpStatus%%</span>
@@ -30,17 +30,17 @@
30
  </div>
31
 
32
  <div class="sucuriscan-accesslog-useragent">
33
- <span class="sucuriscan-accesslog-label">U-Agent:</span>
34
  <span>%%SUCURI.AccessLog.HttpUserAgent%%</span>
35
  </div>
36
 
37
  <div class="sucuriscan-accesslog-target">
38
- <span class="sucuriscan-accesslog-label">Target.:</span>
39
  <span>%%SUCURI.AccessLog.ResourcePath%%</span>
40
  </div>
41
 
42
  <div class="sucuriscan-accesslog-referer">
43
- <span class="sucuriscan-accesslog-label">Referer:</span>
44
  <span>%%SUCURI.AccessLog.HttpReferer%%</span>
45
  </div>
46
  </td>
9
  </div>
10
 
11
  <div class="sucuriscan-accesslog-datetime">
12
+ <span class="sucuriscan-accesslog-label">{{Date/Time:}}</span>
13
  <span>%%SUCURI.AccessLog.RequestDate%%</span>
14
  <span>%%SUCURI.AccessLog.RequestTime%%</span>
15
  <span>%%SUCURI.AccessLog.RequestTimezone%%</span>
16
  </div>
17
 
18
  <div class="sucuriscan-accesslog-signature">
19
+ <span class="sucuriscan-accesslog-label">{{Signature:}}</span>
20
  <span>%%SUCURI.AccessLog.SucuriBlockCode%%</span>
21
  <span>(%%SUCURI.AccessLog.SucuriBlockReason%%)</span>
22
  </div>
23
 
24
  <div class="sucuriscan-accesslog-request">
25
+ <span class="sucuriscan-accesslog-label">{{Request:}}</span>
26
  <span>%%SUCURI.AccessLog.HttpProtocol%%</span>
27
  <span>%%SUCURI.AccessLog.RequestMethod%%</span>
28
  <span>%%SUCURI.AccessLog.HttpStatus%%</span>
30
  </div>
31
 
32
  <div class="sucuriscan-accesslog-useragent">
33
+ <span class="sucuriscan-accesslog-label">{{U-Agent:}}</span>
34
  <span>%%SUCURI.AccessLog.HttpUserAgent%%</span>
35
  </div>
36
 
37
  <div class="sucuriscan-accesslog-target">
38
+ <span class="sucuriscan-accesslog-label">{{Target:}}</span>
39
  <span>%%SUCURI.AccessLog.ResourcePath%%</span>
40
  </div>
41
 
42
  <div class="sucuriscan-accesslog-referer">
43
+ <span class="sucuriscan-accesslog-label">{{Referer:}}</span>
44
  <span>%%SUCURI.AccessLog.HttpReferer%%</span>
45
  </div>
46
  </td>
inc/tpl/firewall-clearcache.html.tpl CHANGED
@@ -8,7 +8,7 @@ jQuery(document).ready(function ($) {
8
 
9
  var button = $(this);
10
  button.attr('disabled', true);
11
- button.html('Loading...');
12
  $('#firewall-clear-cache-response').html('');
13
 
14
  $.post('%%SUCURI.AjaxURL.Firewall%%', {
@@ -24,7 +24,7 @@ jQuery(document).ready(function ($) {
24
  $('#firewall-clear-cache-auto').on('change', 'input:checkbox', function () {
25
  var checked = $(this).is(':checked');
26
 
27
- $('#firewall-clear-cache-auto span').html('Clear cache when a post or page is updated (Loading...)');
28
 
29
  $.post('%%SUCURI.AjaxURL.Firewall%%', {
30
  action: 'sucuriscan_ajax',
@@ -32,32 +32,32 @@ jQuery(document).ready(function ($) {
32
  form_action: 'firewall_auto_clear_cache',
33
  auto_clear_cache: (checked?'enable':'disable'),
34
  }, function () {
35
- $('#firewall-clear-cache-auto span').html('Clear cache when a post or page is updated');
36
  });
37
  });
38
  });
39
  </script>
40
 
41
  <div class="sucuriscan-panel">
42
- <h3 class="sucuriscan-title">Clear Cache</h3>
43
 
44
  <div class="inside">
45
- <p>The firewall offers multiple options to configure the cache level applied to your website. You can either enable the full cache which is the recommended setting, or you can set the cache level to minimal which will keep the pages static for a couple of minutes, or force the usage of the website headers <em>(only for advanced users)</em>, or in extreme cases where you do not need the cache you can simply disable it. Find more information about it in the <a href="https://kb.sucuri.net/firewall/Performance/caching-options" target="_blank" rel="noopener">Sucuri Knowledge Base</a> website.</p>
46
 
47
  <div class="sucuriscan-inline-alert-info">
48
- <p>Note that the firewall has <a href="https://kb.sucuri.net/firewall/Performance/cache-exceptions" target="_blank" rel="noopener">special caching rules</a> for Images, CSS, PDF, TXT, JavaScript, media files and a few more extensions that are stored on our <a href="https://en.wikipedia.org/wiki/Edge_device" target="_blank" rel="noopener">edge</a>. The only way to flush the cache for these files is by clearing the firewall's cache completely <em>(for the whole website)</em>. Due to our caching of JavaScript and CSS files, often, as is best practice, the use of versioning during development will ensure updates going live as expected. This is done by adding a query string such as <code>?ver=1.2.3</code> and incrementing on each update.</p>
49
  </div>
50
 
51
- <p>A web cache (or HTTP cache) is an information technology for the temporary storage (caching) of web documents, such as HTML pages and images, to reduce bandwidth usage, server load, and perceived lag. A web cache system stores copies of documents passing through it; subsequent requests may be satisfied from the cache if certain conditions are met. A web cache system can refer either to an appliance, or to a computer program. &mdash; <a href="https://en.wikipedia.org/wiki/Web_cache" target="_blank" rel="noopener">WikiPedia - Web Cache</a></p>
52
 
53
  <div id="firewall-clear-cache-auto">
54
  <label>
55
  <input type="checkbox" name="sucuriscan_auto_clear_cache" value="true" %%SUCURI.FirewallAutoClearCache%% />
56
- <span>Clear cache when a post or page is updated</span>
57
  </label>
58
  </div>
59
 
60
  <div id="firewall-clear-cache-response"></div>
61
- <button id="firewall-clear-cache-button" class="button button-primary">Clear Cache</button>
62
  </div>
63
  </div>
8
 
9
  var button = $(this);
10
  button.attr('disabled', true);
11
+ button.html('{{Loading...}}');
12
  $('#firewall-clear-cache-response').html('');
13
 
14
  $.post('%%SUCURI.AjaxURL.Firewall%%', {
24
  $('#firewall-clear-cache-auto').on('change', 'input:checkbox', function () {
25
  var checked = $(this).is(':checked');
26
 
27
+ $('#firewall-clear-cache-auto span').html('{{Clear cache when a post or page is updated (Loading...)}}');
28
 
29
  $.post('%%SUCURI.AjaxURL.Firewall%%', {
30
  action: 'sucuriscan_ajax',
32
  form_action: 'firewall_auto_clear_cache',
33
  auto_clear_cache: (checked?'enable':'disable'),
34
  }, function () {
35
+ $('#firewall-clear-cache-auto span').html('{{Clear cache when a post or page is updated}}');
36
  });
37
  });
38
  });
39
  </script>
40
 
41
  <div class="sucuriscan-panel">
42
+ <h3 class="sucuriscan-title">{{Clear Cache}}</h3>
43
 
44
  <div class="inside">
45
+ <p>{{The firewall offers multiple options to configure the cache level applied to your website. You can either enable the full cache which is the recommended setting, or you can set the cache level to minimal which will keep the pages static for a couple of minutes, or force the usage of the website headers <em>(only for advanced users)</em>, or in extreme cases where you do not need the cache you can simply disable it. Find more information about it in the <a href="https://kb.sucuri.net/firewall/Performance/caching-options" target="_blank" rel="noopener">Sucuri Knowledge Base</a> website.}}</p>
46
 
47
  <div class="sucuriscan-inline-alert-info">
48
+ <p>{{Note that the firewall has <a href="https://kb.sucuri.net/firewall/Performance/cache-exceptions" target="_blank" rel="noopener">special caching rules</a> for Images, CSS, PDF, TXT, JavaScript, media files and a few more extensions that are stored on our <a href="https://en.wikipedia.org/wiki/Edge_device" target="_blank" rel="noopener">edge</a>. The only way to flush the cache for these files is by clearing the firewalls cache completely <em>(for the whole website)</em>. Due to our caching of JavaScript and CSS files, often, as is best practice, the use of versioning during development will ensure updates going live as expected. This is done by adding a query string such as <code>?ver=1.2.3</code> and incrementing on each update.}}</p>
49
  </div>
50
 
51
+ <p>{{A web cache (or HTTP cache) is an information technology for the temporary storage (caching) of web documents, such as HTML pages and images, to reduce bandwidth usage, server load, and perceived lag. A web cache system stores copies of documents passing through it; subsequent requests may be satisfied from the cache if certain conditions are met. A web cache system can refer either to an appliance, or to a computer program. &mdash; <a href="https://en.wikipedia.org/wiki/Web_cache" target="_blank" rel="noopener">WikiPedia - Web Cache</a>}}</p>
52
 
53
  <div id="firewall-clear-cache-auto">
54
  <label>
55
  <input type="checkbox" name="sucuriscan_auto_clear_cache" value="true" %%SUCURI.FirewallAutoClearCache%% />
56
+ <span>{{Clear cache when a post or page is updated}}</span>
57
  </label>
58
  </div>
59
 
60
  <div id="firewall-clear-cache-response"></div>
61
+ <button id="firewall-clear-cache-button" class="button button-primary">{{Clear Cache}}</button>
62
  </div>
63
  </div>
inc/tpl/firewall-ipaccess.html.tpl CHANGED
@@ -19,7 +19,7 @@ jQuery(document).ready(function ($) {
19
  $('.sucuriscan-ipaccess-table tbody').append('<tr>' +
20
  '<td><span class="sucuriscan-monospace">' + data.blacklist[i] + '</span></td>' +
21
  '<td><button class="button button-primary sucuriscan-deblacklist" ' +
22
- 'ip="' + data.blacklist[i] + '">Delete</button></td>' +
23
  '</tr>');
24
  }
25
  });
@@ -27,7 +27,7 @@ jQuery(document).ready(function ($) {
27
 
28
  var sucuriscanPrintStatus = function (button, data) {
29
  button.attr('disabled', false);
30
- button.html('Submit');
31
 
32
  if (data.ok) {
33
  sucuriscanLoadIPAccess();
@@ -49,7 +49,7 @@ jQuery(document).ready(function ($) {
49
  var ip = $('.sucuriscan-ipaccess-form input[name=sucuriscan_ip]').val();
50
 
51
  button.attr('disabled', true);
52
- button.html('Loading...');
53
  $('#sucuriscan-ipaccess-response').html('');
54
 
55
  $.post('%%SUCURI.AjaxURL.Firewall%%', {
@@ -68,7 +68,7 @@ jQuery(document).ready(function ($) {
68
  var button = $(this);
69
 
70
  button.attr('disabled', true);
71
- button.html('Loading...');
72
  $('#sucuriscan-ipaccess-response').html('');
73
 
74
  $.post('%%SUCURI.AjaxURL.Firewall%%', {
@@ -86,32 +86,32 @@ jQuery(document).ready(function ($) {
86
  </script>
87
 
88
  <div class="sucuriscan-panel">
89
- <h3 class="sucuriscan-title">IP Address Access</h3>
90
 
91
  <div class="inside">
92
- <p>This tool allows you to whitleist and blacklist one or more IP addresses from accessing your website. You can also configure the plugin to automatically blacklist any IP address involved in a password guessing brute-force attack. If a legitimate user fails to submit the correct credentials of their account they will have to log into the Firewall dashboard in order to delete their IP address from the blacklist, or try to login once again through a VPN.</p>
93
 
94
  <div id="sucuriscan-ipaccess-response"></div>
95
 
96
  <form action="%%SUCURI.URL.Firewall%%#ipaccess" method="post" class="sucuriscan-ipaccess-form">
97
  <input type="hidden" name="sucuriscan_blacklist_ip" value="true" />
98
  <fieldset class="sucuriscan-clearfix">
99
- <label>Blacklist IP:</label>
100
- <input type="text" name="sucuriscan_ip" placeholder="e.g. 192.168.1.54" />
101
- <button class="button button-primary sucuriscan-ipaccess-button">Submit</button>
102
  </fieldset>
103
  </form>
104
 
105
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-ipaccess-table">
106
  <thead>
107
  <tr>
108
- <th>IP Address</th>
109
  <th>&nbsp;</th>
110
  </tr>
111
  </thead>
112
 
113
  <tbody>
114
- <tr><td colspan="2">Loading...</td></tr>
115
  </tbody>
116
  </table>
117
  </div>
19
  $('.sucuriscan-ipaccess-table tbody').append('<tr>' +
20
  '<td><span class="sucuriscan-monospace">' + data.blacklist[i] + '</span></td>' +
21
  '<td><button class="button button-primary sucuriscan-deblacklist" ' +
22
+ 'ip="' + data.blacklist[i] + '">{{Delete}}</button></td>' +
23
  '</tr>');
24
  }
25
  });
27
 
28
  var sucuriscanPrintStatus = function (button, data) {
29
  button.attr('disabled', false);
30
+ button.html('{{Submit}}');
31
 
32
  if (data.ok) {
33
  sucuriscanLoadIPAccess();
49
  var ip = $('.sucuriscan-ipaccess-form input[name=sucuriscan_ip]').val();
50
 
51
  button.attr('disabled', true);
52
+ button.html('{{Loading...}}');
53
  $('#sucuriscan-ipaccess-response').html('');
54
 
55
  $.post('%%SUCURI.AjaxURL.Firewall%%', {
68
  var button = $(this);
69
 
70
  button.attr('disabled', true);
71
+ button.html('{{Loading...}}');
72
  $('#sucuriscan-ipaccess-response').html('');
73
 
74
  $.post('%%SUCURI.AjaxURL.Firewall%%', {
86
  </script>
87
 
88
  <div class="sucuriscan-panel">
89
+ <h3 class="sucuriscan-title">{{IP Address Access}}</h3>
90
 
91
  <div class="inside">
92
+ <p>{{This tool allows you to whitelist and blacklist one or more IP addresses from accessing your website. You can also configure the plugin to automatically blacklist any IP address involved in a password guessing brute-force attack. If a legitimate user fails to submit the correct credentials of their account they will have to log into the Firewall dashboard in order to delete their IP address from the blacklist, or try to login once again through a VPN.}}</p>
93
 
94
  <div id="sucuriscan-ipaccess-response"></div>
95
 
96
  <form action="%%SUCURI.URL.Firewall%%#ipaccess" method="post" class="sucuriscan-ipaccess-form">
97
  <input type="hidden" name="sucuriscan_blacklist_ip" value="true" />
98
  <fieldset class="sucuriscan-clearfix">
99
+ <label>{{Blacklist IP:}}</label>
100
+ <input type="text" name="sucuriscan_ip" placeholder="{{e.g. 192.168.1.54}}" />
101
+ <button class="button button-primary sucuriscan-ipaccess-button">{{Submit}}</button>
102
  </fieldset>
103
  </form>
104
 
105
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-ipaccess-table">
106
  <thead>
107
  <tr>
108
+ <th>{{IP Address}}</th>
109
  <th>&nbsp;</th>
110
  </tr>
111
  </thead>
112
 
113
  <tbody>
114
+ <tr><td colspan="2">{{Loading...}}</td></tr>
115
  </tbody>
116
  </table>
117
  </div>
inc/tpl/firewall-settings.html.tpl CHANGED
@@ -31,30 +31,30 @@ jQuery(document).ready(function ($) {
31
  </script>
32
 
33
  <div class="sucuriscan-panel">
34
- <h3 class="sucuriscan-title">Firewall Settings</h3>
35
 
36
  <div class="inside">
37
- <p>A powerful Web Application Firewall and <b>Intrusion Detection System</b> for any WordPress user and many other platforms. This page will help you to configure and monitor your site through the <b>Sucuri Firewall</b>. Once enabled, our firewall will act as a shield, protecting your site from attacks and preventing malware infections and reinfections. It will block SQL injection attempts, brute force attacks, XSS, RFI, backdoors and many other threats against your site.</p>
38
 
39
  <div class="sucuriscan-inline-alert-info sucuriscan-%%SUCURI.Firewall.APIKeyFormVisibility%%">
40
- <p>Add your <a href="https://waf.sucuri.net/?settings&panel=api" target="_blank" rel="noopener">Firewall API key</a> in the form below to start communicating with the firewall API service.</p>
41
  </div>
42
 
43
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2 sucuriscan-firewall-apikey sucuriscan-%%SUCURI.Firewall.APIKeyVisibility%%">
44
- <strong>Firewall API Key:</strong>
45
  <span class="sucuriscan-monospace">%%SUCURI.Firewall.APIKey%%</span>
46
  <form action="%%SUCURI.URL.Firewall%%" method="post">
47
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
48
- <button type="submit" name="sucuriscan_delete_wafkey" class="button button-primary">Delete</button>
49
  </form>
50
  </div>
51
 
52
  <form action="%%SUCURI.URL.Firewall%%" method="post" class="sucuriscan-%%SUCURI.Firewall.APIKeyFormVisibility%%">
53
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
54
  <fieldset class="sucuriscan-clearfix">
55
- <label>Firewall API Key:</label>
56
  <input type="text" name="sucuriscan_cloudproxy_apikey" />
57
- <button type="submit" class="button button-primary">Save</button>
58
  </fieldset>
59
  <br>
60
  </form>
@@ -62,16 +62,16 @@ jQuery(document).ready(function ($) {
62
  <table class="wp-list-table widefat sucuriscan-table" id="firewall-settings-table">
63
  <thead>
64
  <tr>
65
- <th>Name</th>
66
- <th>Value</th>
67
  </tr>
68
  </thead>
69
 
70
  <tbody>
71
- <tr><td colspan="2">Loading...</td></tr>
72
  </tbody>
73
  </table>
74
 
75
- <p><em>[1]</em> More information about the <a href="https://sucuri.net/website-firewall/" target="_blank" rel="noopener">Sucuri Firewall</a>, features and pricing.<br><em>[2]</em> Instructions and videos in the official <a href="https://kb.sucuri.net/firewall" target="_blank" rel="noopener">Knowledge Base</a> site.<br><em>[3]</em> <a href="https://login.sucuri.net/signup2/create?CloudProxy" target="_blank" rel="noopener">Sign up</a> for a new account and start protecting your site.</p>
76
  </div>
77
  </div>
31
  </script>
32
 
33
  <div class="sucuriscan-panel">
34
+ <h3 class="sucuriscan-title">{{Firewall Settings}}</h3>
35
 
36
  <div class="inside">
37
+ <p>{{A powerful Web Application Firewall and <b>Intrusion Detection System</b> for any WordPress user and many other platforms. This page will help you to configure and monitor your site through the <b>Sucuri Firewall</b>. Once enabled, our firewall will act as a shield, protecting your site from attacks and preventing malware infections and reinfections. It will block SQL injection attempts, brute force attacks, XSS, RFI, backdoors and many other threats against your site.}}</p>
38
 
39
  <div class="sucuriscan-inline-alert-info sucuriscan-%%SUCURI.Firewall.APIKeyFormVisibility%%">
40
+ <p>{{Add your <a href="https://waf.sucuri.net/?settings&panel=api" target="_blank" rel="noopener">Firewall API key</a> in the form below to start communicating with the firewall API service.}}</p>
41
  </div>
42
 
43
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2 sucuriscan-firewall-apikey sucuriscan-%%SUCURI.Firewall.APIKeyVisibility%%">
44
+ <strong>{{Firewall API Key:}}</strong>
45
  <span class="sucuriscan-monospace">%%SUCURI.Firewall.APIKey%%</span>
46
  <form action="%%SUCURI.URL.Firewall%%" method="post">
47
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
48
+ <button type="submit" name="sucuriscan_delete_wafkey" class="button button-primary">{{Delete}}</button>
49
  </form>
50
  </div>
51
 
52
  <form action="%%SUCURI.URL.Firewall%%" method="post" class="sucuriscan-%%SUCURI.Firewall.APIKeyFormVisibility%%">
53
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
54
  <fieldset class="sucuriscan-clearfix">
55
+ <label>{{Firewall API Key:}}</label>
56
  <input type="text" name="sucuriscan_cloudproxy_apikey" />
57
+ <button type="submit" class="button button-primary">{{Save}}</button>
58
  </fieldset>
59
  <br>
60
  </form>
62
  <table class="wp-list-table widefat sucuriscan-table" id="firewall-settings-table">
63
  <thead>
64
  <tr>
65
+ <th>{{Name}}</th>
66
+ <th>{{Value}}</th>
67
  </tr>
68
  </thead>
69
 
70
  <tbody>
71
+ <tr><td colspan="2">{{Loading...}}</td></tr>
72
  </tbody>
73
  </table>
74
 
75
+ <p>{{<em>[1]</em> More information about the <a href="https://sucuri.net/website-firewall/" target="_blank" rel="noopener">Sucuri Firewall</a>, features and pricing.<br><em>[2]</em> Instructions and videos in the official <a href="https://kb.sucuri.net/firewall" target="_blank" rel="noopener">Knowledge Base</a> site.<br><em>[3]</em> <a href="https://login.sucuri.net/signup2/create?CloudProxy" target="_blank" rel="noopener">Sign up</a> for a new account and start protecting your site.}}</p>
76
  </div>
77
  </div>
inc/tpl/firewall.html.tpl CHANGED
@@ -1,10 +1,10 @@
1
 
2
  <div class="sucuriscan-tabs">
3
  <ul class="sucuriscan-clearfix sucuriscan-tabs-buttons">
4
- <li><a href="%%SUCURI.URL.Firewall%%#settings">Settings</a></li>
5
- <li><a href="%%SUCURI.URL.Firewall%%#auditlogs">Audit Logs</a></li>
6
- <li><a href="%%SUCURI.URL.Firewall%%#ipaccess">IP Access</a></li>
7
- <li><a href="%%SUCURI.URL.Firewall%%#clearcache">Clear Cache</a></li>
8
  </ul>
9
 
10
  <div class="sucuriscan-tabs-containers">
1
 
2
  <div class="sucuriscan-tabs">
3
  <ul class="sucuriscan-clearfix sucuriscan-tabs-buttons">
4
+ <li><a href="%%SUCURI.URL.Firewall%%#settings">{{Settings}}</a></li>
5
+ <li><a href="%%SUCURI.URL.Firewall%%#auditlogs">{{Audit Logs}}</a></li>
6
+ <li><a href="%%SUCURI.URL.Firewall%%#ipaccess">{{IP Access}}</a></li>
7
+ <li><a href="%%SUCURI.URL.Firewall%%#clearcache">{{Clear Cache}}</a></li>
8
  </ul>
9
 
10
  <div class="sucuriscan-tabs-containers">
inc/tpl/integrity-correct.html.tpl CHANGED
@@ -2,17 +2,17 @@
2
  <div class="sucuriscan-panel sucuriscan-integrity sucuriscan-integrity-correct">
3
  <div class="sucuriscan-clearfix">
4
  <div class="sucuriscan-pull-left sucuriscan-integrity-left">
5
- <h2 class="sucuriscan-title">WordPress Integrity</h2>
6
 
7
- <p>We inspect your WordPress installation and look for modifications on the core files as provided by WordPress.org. Files located in the root directory, wp-admin and wp-includes will be compared against the files distributed with v%%SUCURI.WordPressVersion%%; all files with inconsistencies will be listed here. Any changes might indicate a hack.</p>
8
  </div>
9
 
10
  <div class="sucuriscan-pull-right sucuriscan-integrity-right">
11
- <h2 class="sucuriscan-subtitle">All Core WordPress Files Are Correct</h2>
12
 
13
- <p>We have not identified additional files, deleted files, or relevant changes to the core files in your WordPress installation. If you are experiencing other malware issues, please use a <a href="https://sucuri.net/website-security/malware-removal" target="_blank" rel="noopener">Server Side Scanner</a>.</p>
14
 
15
- <p><a href="%%SUCURI.URL.Settings%%#scanner">Review False Positives</a></p>
16
  </div>
17
  </div>
18
 
2
  <div class="sucuriscan-panel sucuriscan-integrity sucuriscan-integrity-correct">
3
  <div class="sucuriscan-clearfix">
4
  <div class="sucuriscan-pull-left sucuriscan-integrity-left">
5
+ <h2 class="sucuriscan-title">{{WordPress Integrity}}</h2>
6
 
7
+ <p>{{We inspect your WordPress installation and look for modifications on the core files as provided by WordPress.org. Files located in the root directory, wp-admin and wp-includes will be compared against the files distributed with v%%SUCURI.WordPressVersion%%; all files with inconsistencies will be listed here. Any changes might indicate a hack.}}</p>
8
  </div>
9
 
10
  <div class="sucuriscan-pull-right sucuriscan-integrity-right">
11
+ <h2 class="sucuriscan-subtitle">{{All Core WordPress Files Are Correct}}</h2>
12
 
13
+ <p>{{We have not identified additional files, deleted files, or relevant changes to the core files in your WordPress installation. If you are experiencing other malware issues, please use a <a href="https://sucuri.net/website-security/malware-removal" target="_blank" rel="noopener">Server Side Scanner</a>.}}</p>
14
 
15
+ <p><a href="%%SUCURI.URL.Settings%%#scanner">{{Review False Positives}}</a></p>
16
  </div>
17
  </div>
18
 
inc/tpl/integrity-diff-utility.html.tpl CHANGED
@@ -16,7 +16,7 @@
16
  window.scrollTo(0, 0);
17
  var filepath = $(this).attr('data-filepath');
18
  $('.sucuriscan-diff-utility-modal').removeClass('sucuriscan-hidden');
19
- $('.sucuriscan-diff-utility-modal .sucuriscan-modal-inside').html('Loading...');
20
 
21
  $.post('%%SUCURI.AjaxURL.Dashboard%%', {
22
  action: 'sucuriscan_ajax',
@@ -25,13 +25,7 @@
25
  filepath: filepath,
26
  }, function (data) {
27
  $('.sucuriscan-diff-utility-modal .sucuriscan-modal-inside').html(data);
28
- $('.sucuriscan-diff-content').before('<p>Lines with a <b>minus' +
29
- '</b> sign as the prefix <em>(here in red)</em> show the origi' +
30
- 'nal code. Lines with a <b>plus</b> sign as the prefix <em>(he' +
31
- 're in green)</em> show the modified code. You can read more a' +
32
- 'bout the DIFF format from the WikiPedia article about the <a ' +
33
- 'target="_blank" href="https://en.wikipedia.org/wiki/Diff_util' +
34
- 'ity" rel="noopener">Unix Diff Utility</a>.</p>');
35
  });
36
  });
37
  });
16
  window.scrollTo(0, 0);
17
  var filepath = $(this).attr('data-filepath');
18
  $('.sucuriscan-diff-utility-modal').removeClass('sucuriscan-hidden');
19
+ $('.sucuriscan-diff-utility-modal .sucuriscan-modal-inside').html('{{Loading...}}');
20
 
21
  $.post('%%SUCURI.AjaxURL.Dashboard%%', {
22
  action: 'sucuriscan_ajax',
25
  filepath: filepath,
26
  }, function (data) {
27
  $('.sucuriscan-diff-utility-modal .sucuriscan-modal-inside').html(data);
28
+ $('.sucuriscan-diff-content').before('<p>{{Lines with a <b>minus</b> sign as the prefix <em>(here in red)</em> show the original code. Lines with a <b>plus</b> sign as the prefix <em>(here in green)</em> show the modified code. You can read more about the DIFF format from the WikiPedia article about the <a target="_blank" href="https://en.wikipedia.org/wiki/Diff_utility" rel="noopener">Unix Diff Utility</a>.}}</p>');
 
 
 
 
 
 
29
  });
30
  });
31
  });
inc/tpl/integrity-incorrect.html.tpl CHANGED
@@ -2,17 +2,17 @@
2
  <div class="sucuriscan-panel sucuriscan-integrity sucuriscan-integrity-incorrect">
3
  <div class="sucuriscan-clearfix">
4
  <div class="sucuriscan-pull-left sucuriscan-integrity-left">
5
- <h2 class="sucuriscan-title">WordPress Integrity</h2>
6
 
7
- <p>We inspect your WordPress installation and look for modifications on the core files as provided by WordPress.org. Files located in the root directory, wp-admin and wp-includes will be compared against the files distributed with v%%SUCURI.WordPressVersion%%; all files with inconsistencies will be listed here. Any changes might indicate a hack.</p>
8
  </div>
9
 
10
  <div class="sucuriscan-pull-right sucuriscan-integrity-right">
11
- <h2 class="sucuriscan-subtitle">Core WordPress Files Were Modified</h2>
12
 
13
- <p>We identified that some of your WordPress core files were modified. That might indicate a hack or a broken file on your installation. If you are experiencing other malware issues, please use a <a href="https://sucuri.net/website-security/malware-removal" target="_blank" rel="noopener">Server Side Scanner</a>.</p>
14
 
15
- <p><a href="%%SUCURI.URL.Settings%%#scanner">Review False Positives</a></p>
16
  </div>
17
  </div>
18
 
@@ -27,9 +27,9 @@
27
  <thead>
28
  <tr>
29
  <th colspan="5">
30
- <span>WordPress Integrity (%%SUCURI.Integrity.ListCount%%)</span>
31
 
32
- <span class="sucuriscan-tooltip sucuriscan-hidden" content="The Unix Diff Utility is enabled. You can click the files in the table to see the differences detected by the scanner. If you consider the differences to be harmless you can mark the file as fixed, otherwise it is adviced to restore the original content immediately.">
33
  <svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="14" height="14">
34
  <path fill="#000000" d="m6.998315,0.033333c-3.846307,0 -6.964982,
35
  3.118675 -6.964982,6.964982s3.118675,6.965574 6.964982,6.965574s6.965574,
@@ -67,13 +67,13 @@
67
 
68
  <tr>
69
  <td id="cb" class="manage-column column-cb check-column">
70
- <label class="screen-reader-text" for="cb-select-all-1">Select All</label>
71
  <input id="cb-select-all-1" type="checkbox">
72
  </td>
73
  <th width="20" class="manage-column">&nbsp;</th>
74
- <th width="100" class="manage-column">File Size</th>
75
- <th width="200" class="manage-column">Modified At</th>
76
- <th class="manage-column">File Path</th>
77
  </tr>
78
  </thead>
79
 
@@ -86,22 +86,22 @@
86
  <label>
87
  <input type="hidden" name="sucuriscan_process_form" value="0" />
88
  <input type="checkbox" name="sucuriscan_process_form" value="1" />
89
- <span>I understand that this operation can not be reverted.</span>
90
  </label>
91
  </p>
92
 
93
  <fieldset class="sucuriscan-clearfix">
94
- <label>Action:</label>
95
 
96
  <select name="sucuriscan_integrity_action">
97
- <option value="fixed">Mark as Fixed</option>
98
- <option value="restore">Restore File</option>
99
- <option value="delete">Delete File</option>
100
  </select>
101
 
102
- <button type="submit" class="button button-primary">Submit</button>
103
 
104
- <span class="sucuriscan-tooltip" content="Marking one or more files as fixed will force the plugin to ignore them during the next scan, very useful when you find false positives. Additionally you can restore the original content of the core files that appear as modified or deleted, this will tell the plugin to download a copy of the original files from the official WordPress repository. Deleting a file is an irreversible action, be careful.">
105
  <svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="14" height="14">
106
  <path fill="#000000" d="m6.998315,0.033333c-3.846307,0 -6.964982,
107
  3.118675 -6.964982,6.964982s3.118675,6.965574 6.964982,6.965574s6.965574,
2
  <div class="sucuriscan-panel sucuriscan-integrity sucuriscan-integrity-incorrect">
3
  <div class="sucuriscan-clearfix">
4
  <div class="sucuriscan-pull-left sucuriscan-integrity-left">
5
+ <h2 class="sucuriscan-title">{{WordPress Integrity}}</h2>
6
 
7
+ <p>{{We inspect your WordPress installation and look for modifications on the core files as provided by WordPress.org. Files located in the root directory, wp-admin and wp-includes will be compared against the files distributed with v%%SUCURI.WordPressVersion%%; all files with inconsistencies will be listed here. Any changes might indicate a hack.}}</p>
8
  </div>
9
 
10
  <div class="sucuriscan-pull-right sucuriscan-integrity-right">
11
+ <h2 class="sucuriscan-subtitle">{{Core WordPress Files Were Modified}}</h2>
12
 
13
+ <p>{{We identified that some of your WordPress core files were modified. That might indicate a hack or a broken file on your installation. If you are experiencing other malware issues, please use a <a href="https://sucuri.net/website-security/malware-removal" target="_blank" rel="noopener">Server Side Scanner</a>.}}</p>
14
 
15
+ <p><a href="%%SUCURI.URL.Settings%%#scanner">{{Review False Positives}}</a></p>
16
  </div>
17
  </div>
18
 
27
  <thead>
28
  <tr>
29
  <th colspan="5">
30
+ <span>{{WordPress Integrity (%%SUCURI.Integrity.ListCount%%)}}</span>
31
 
32
+ <span class="sucuriscan-tooltip sucuriscan-hidden" content="{{The Unix Diff Utility is enabled. You can click the files in the table to see the differences detected by the scanner. If you consider the differences to be harmless you can mark the file as fixed, otherwise it is advised to restore the original content immediately.}}">
33
  <svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="14" height="14">
34
  <path fill="#000000" d="m6.998315,0.033333c-3.846307,0 -6.964982,
35
  3.118675 -6.964982,6.964982s3.118675,6.965574 6.964982,6.965574s6.965574,
67
 
68
  <tr>
69
  <td id="cb" class="manage-column column-cb check-column">
70
+ <label class="screen-reader-text" for="cb-select-all-1">{{Select All}}</label>
71
  <input id="cb-select-all-1" type="checkbox">
72
  </td>
73
  <th width="20" class="manage-column">&nbsp;</th>
74
+ <th width="100" class="manage-column">{{File Size}}</th>
75
+ <th width="200" class="manage-column">{{Modified At}}</th>
76
+ <th class="manage-column">{{File Path}}</th>
77
  </tr>
78
  </thead>
79
 
86
  <label>
87
  <input type="hidden" name="sucuriscan_process_form" value="0" />
88
  <input type="checkbox" name="sucuriscan_process_form" value="1" />
89
+ <span>{{I understand that this operation cannot be reverted.}}</span>
90
  </label>
91
  </p>
92
 
93
  <fieldset class="sucuriscan-clearfix">
94
+ <label>{{Action:}}</label>
95
 
96
  <select name="sucuriscan_integrity_action">
97
+ <option value="fixed">{{Mark as Fixed}}</option>
98
+ <option value="restore">{{Restore File}}</option>
99
+ <option value="delete">{{Delete File}}</option>
100
  </select>
101
 
102
+ <button type="submit" class="button button-primary">{{Submit}}</button>
103
 
104
+ <span class="sucuriscan-tooltip" content="{{Marking one or more files as fixed will force the plugin to ignore them during the next scan, very useful when you find false positives. Additionally you can restore the original content of the core files that appear as modified or deleted, this will tell the plugin to download a copy of the original files from the official WordPress repository. Deleting a file is an irreversible action, be careful.}}">
105
  <svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="14" height="14">
106
  <path fill="#000000" d="m6.998315,0.033333c-3.846307,0 -6.964982,
107
  3.118675 -6.964982,6.964982s3.118675,6.965574 6.964982,6.965574s6.965574,
inc/tpl/integrity-notification.html.tpl CHANGED
@@ -1,18 +1,18 @@
1
 
2
- <p>We identified that some of your WordPress core files were modified. That might indicate a hack or a broken file on your installation. If you are experiencing other malware issues, please use a <a href="https://sucuri.net/website-security/malware-removal" target="_blank" rel="noopener">Server Side Scanner</a>.</p>
3
 
4
  <table border="1" cellspacing="1" cellpadding="5">
5
  <thead>
6
  <tr>
7
- <th colspan="5">WordPress Integrity (%%SUCURI.Integrity.ListCount%%)</th>
8
  </tr>
9
 
10
  <tr>
11
  <th>&nbsp;</th>
12
- <th width="80">Status</th>
13
- <th width="100">File Size</th>
14
- <th width="170">Modified At</th>
15
- <th>File Path</th>
16
  </tr>
17
  </thead>
18
 
@@ -23,7 +23,7 @@
23
  <tfoot>
24
  <tr>
25
  <td colspan="5">
26
- <p>Marking one or more files as fixed will force the plugin to ignore them during the next scan, very useful when you find false positives. Additionally you can restore the original content of the core files that appear as modified or deleted, this will tell the plugin to download a copy of the original files from the official WordPress repository. Deleting a file is an irreversible action, be careful.</p>
27
  </td>
28
  </tr>
29
  </tfoot>
1
 
2
+ <p>{{We identified that some of your WordPress core files were modified. That might indicate a hack or a broken file on your installation. If you are experiencing other malware issues, please use a <a href="https://sucuri.net/website-security/malware-removal" target="_blank" rel="noopener">Server Side Scanner</a>.}}</p>
3
 
4
  <table border="1" cellspacing="1" cellpadding="5">
5
  <thead>
6
  <tr>
7
+ <th colspan="5">{{WordPress Integrity (%%SUCURI.Integrity.ListCount%%)}}</th>
8
  </tr>
9
 
10
  <tr>
11
  <th>&nbsp;</th>
12
+ <th width="80">{{Status}}</th>
13
+ <th width="100">{{File Size}}</th>
14
+ <th width="170">{{Modified At}}</th>
15
+ <th>{{File Path}}</th>
16
  </tr>
17
  </thead>
18
 
23
  <tfoot>
24
  <tr>
25
  <td colspan="5">
26
+ <p>{{Marking one or more files as fixed will force the plugin to ignore them during the next scan, very useful when you find false positives. Additionally you can restore the original content of the core files that appear as modified or deleted, this will tell the plugin to download a copy of the original files from the official WordPress repository. Deleting a file is an irreversible action, be careful.}}</p>
27
  </td>
28
  </tr>
29
  </tfoot>
inc/tpl/integrity.html.tpl CHANGED
@@ -20,9 +20,9 @@ jQuery(document).ready(function ($) {
20
  <div class="sucuriscan-panel sucuriscan-integrity sucuriscan-integrity-loading">
21
  <div class="sucuriscan-clearfix">
22
  <div class="sucuriscan-pull-left sucuriscan-integrity-left">
23
- <h2 class="sucuriscan-title">WordPress Integrity</h2>
24
 
25
- <p>We inspect your WordPress installation and look for modifications on the core files as provided by WordPress.org. Files located in the root directory, wp-admin and wp-includes will be compared against the files distributed with v%%SUCURI.WordPressVersion%%; all files with inconsistencies will be listed here. Any changes might indicate a hack.</p>
26
  </div>
27
 
28
  <div class="sucuriscan-pull-right sucuriscan-integrity-right">
@@ -32,6 +32,6 @@ jQuery(document).ready(function ($) {
32
  </div>
33
  </div>
34
 
35
- <p>Loading...</p>
36
  </div>
37
  </div>
20
  <div class="sucuriscan-panel sucuriscan-integrity sucuriscan-integrity-loading">
21
  <div class="sucuriscan-clearfix">
22
  <div class="sucuriscan-pull-left sucuriscan-integrity-left">
23
+ <h2 class="sucuriscan-title">{{WordPress Integrity}}</h2>
24
 
25
+ <p>{{We inspect your WordPress installation and look for modifications on the core files as provided by WordPress.org. Files located in the root directory, wp-admin and wp-includes will be compared against the files distributed with v%%SUCURI.WordPressVersion%%; all files with inconsistencies will be listed here. Any changes might indicate a hack.}}</p>
26
  </div>
27
 
28
  <div class="sucuriscan-pull-right sucuriscan-integrity-right">
32
  </div>
33
  </div>
34
 
35
+ <p>{{Loading...}}</p>
36
  </div>
37
  </div>
inc/tpl/lastlogins-admins.html.tpl CHANGED
@@ -1,16 +1,16 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Successful Logins (admins)</h3>
4
 
5
  <div class="inside">
6
- <p>Here you can see a list of all the successful logins of accounts with admin privileges.</p>
7
 
8
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-table-double-title sucuriscan-adminusers">
9
  <thead>
10
  <tr>
11
- <th class="manage-column">Username</th>
12
- <th class="manage-column">Registration</th>
13
- <th class="manage-column">Newest To Oldest</th>
14
  <th class="manage-column">&nbsp;</th>
15
  </tr>
16
  </thead>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Successful Logins (admins)}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{Here you can see a list of all the successful logins of accounts with admin privileges.}}</p>
7
 
8
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-table-double-title sucuriscan-adminusers">
9
  <thead>
10
  <tr>
11
+ <th class="manage-column">{{Username}}</th>
12
+ <th class="manage-column">{{Registration}}</th>
13
+ <th class="manage-column">{{Newest To Oldest}}</th>
14
  <th class="manage-column">&nbsp;</th>
15
  </tr>
16
  </thead>
inc/tpl/lastlogins-admins.snippet.tpl CHANGED
@@ -6,14 +6,14 @@
6
 
7
  <td class="adminusers-lastlogin">
8
  <div class="sucuriscan-%%SUCURI.AdminUsers.NoLastLogins%%">
9
- <em>no data available</em>
10
  </div>
11
 
12
  <table class="widefat sucuriscan-admins-lastlogins sucuriscan-%%SUCURI.AdminUsers.NoLastLoginsTable%%">
13
  <thead>
14
  <tr>
15
- <th>IP Address</th>
16
- <th>Date/Time</th>
17
  </tr>
18
  </thead>
19
 
@@ -24,6 +24,6 @@
24
  </td>
25
 
26
  <td>
27
- <a href="%%SUCURI.AdminUsers.UserURL%%" target="_blank" class="button button-primary" rel="noopener">Edit</a>
28
  </td>
29
  </tr>
6
 
7
  <td class="adminusers-lastlogin">
8
  <div class="sucuriscan-%%SUCURI.AdminUsers.NoLastLogins%%">
9
+ <em>{{no data available}}</em>
10
  </div>
11
 
12
  <table class="widefat sucuriscan-admins-lastlogins sucuriscan-%%SUCURI.AdminUsers.NoLastLoginsTable%%">
13
  <thead>
14
  <tr>
15
+ <th>{{IP Address}}</th>
16
+ <th>{{Date/Time}}</th>
17
  </tr>
18
  </thead>
19
 
24
  </td>
25
 
26
  <td>
27
+ <a href="%%SUCURI.AdminUsers.UserURL%%" target="_blank" class="button button-primary" rel="noopener">{{Edit}}</a>
28
  </td>
29
  </tr>
inc/tpl/lastlogins-all.html.tpl CHANGED
@@ -1,21 +1,21 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Successful Logins (all)</h3>
4
 
5
  <div class="inside">
6
- <p>Here you can see a list of all the successful user logins.</p>
7
 
8
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-table-double-title sucuriscan-last-logins">
9
  <thead>
10
  <tr>
11
- <th colspan="5">Successful Logins (all)</th>
12
  </tr>
13
 
14
  <tr>
15
- <th class="manage-column">Username</th>
16
- <th class="manage-column">IP Address</th>
17
- <th class="manage-column">Hostname</th>
18
- <th class="manage-column">Date/Time</th>
19
  <th class="manage-column">&nbsp;</th>
20
  </tr>
21
  </thead>
@@ -25,7 +25,7 @@
25
 
26
  <tr class="sucuriscan-%%SUCURI.UserList.NoItemsVisibility%%">
27
  <td colspan="5">
28
- <em>no data available</em>
29
  </td>
30
  </tr>
31
 
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Successful Logins (all)}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{Here you can see a list of all the successful user logins.}}</p>
7
 
8
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-table-double-title sucuriscan-last-logins">
9
  <thead>
10
  <tr>
11
+ <th colspan="5">{{Successful Logins (all)}}</th>
12
  </tr>
13
 
14
  <tr>
15
+ <th class="manage-column">{{Username}}</th>
16
+ <th class="manage-column">{{IP Address}}</th>
17
+ <th class="manage-column">{{Hostname}}</th>
18
+ <th class="manage-column">{{Date/Time}}</th>
19
  <th class="manage-column">&nbsp;</th>
20
  </tr>
21
  </thead>
25
 
26
  <tr class="sucuriscan-%%SUCURI.UserList.NoItemsVisibility%%">
27
  <td colspan="5">
28
+ <em>{{no data available}}</em>
29
  </td>
30
  </tr>
31
 
inc/tpl/lastlogins-all.snippet.tpl CHANGED
@@ -8,5 +8,5 @@
8
 
9
  <td><span title="%%SUCURI.UserList.Datetime%%">%%SUCURI.UserList.TimeAgo%%</span></td>
10
 
11
- <td><a href="%%SUCURI.UserList.UserURL%%" target="_blank" rel="noopener">Edit</a></td>
12
  </tr>
8
 
9
  <td><span title="%%SUCURI.UserList.Datetime%%">%%SUCURI.UserList.TimeAgo%%</span></td>
10
 
11
+ <td><a href="%%SUCURI.UserList.UserURL%%" target="_blank" rel="noopener">{{Edit}}</a></td>
12
  </tr>
inc/tpl/lastlogins-failedlogins.html.tpl CHANGED
@@ -1,9 +1,9 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Failed logins</h3>
4
 
5
  <div class="inside">
6
- <p>This information will be used to determine if your site is being victim of <a href="https://kb.sucuri.net/definitions/attacks/brute-force/password-guessing" target="_blank" rel="noopener">Password Guessing Brute Force Attacks</a>. These logs will be accumulated and the plugin will send a report via email if there are more than <code>%%SUCURI.FailedLogins.MaxFailedLogins%%</code> failed login attempts during the same hour, you can change this number from <a href="%%SUCURI.URL.Settings%%#alerts">here</a>. <b>NOTE:</b> Some <em>"Two-Factor Authentication"</em> plugins do not follow the same rules that WordPress have to report failed login attempts, so you may not see all the attempts in this panel if you have one of these plugins installed.</p>
7
 
8
  <form action="%%SUCURI.URL.Lastlogins%%#blocked" method="post">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
@@ -11,10 +11,10 @@
11
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-lastlogins-failed">
12
  <thead>
13
  <tr>
14
- <th class="manage-column">Username</th>
15
- <th class="manage-column">IP Address</th>
16
- <th class="manage-column">Date/Time</th>
17
- <th class="manage-column" width="300">Web Browser</th>
18
  </tr>
19
  </thead>
20
 
@@ -23,7 +23,7 @@
23
 
24
  <tr class="sucuriscan-%%SUCURI.FailedLogins.NoItemsVisibility%%">
25
  <td colspan="4">
26
- <em>no data available</em>
27
  </td>
28
  </tr>
29
 
@@ -37,7 +37,7 @@
37
  </tbody>
38
  </table>
39
 
40
- <button type="submit" class="button button-primary">Block</button>
41
  </form>
42
  </div>
43
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Failed logins}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{This information will be used to determine if your site is being victim of <a href="https://kb.sucuri.net/definitions/attacks/brute-force/password-guessing" target="_blank" rel="noopener">Password Guessing Brute Force Attacks</a>. These logs will be accumulated and the plugin will send a report via email if there are more than <code>%%SUCURI.FailedLogins.MaxFailedLogins%%</code> failed login attempts during the same hour, you can change this number from <a href="%%SUCURI.URL.Settings%%#alerts">here</a>. <b>NOTE:</b> Some <em>"Two-Factor Authentication"</em> plugins do not follow the same rules that WordPress have to report failed login attempts, so you may not see all the attempts in this panel if you have one of these plugins installed.}}</p>
7
 
8
  <form action="%%SUCURI.URL.Lastlogins%%#blocked" method="post">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
11
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-lastlogins-failed">
12
  <thead>
13
  <tr>
14
+ <th class="manage-column">{{Username}}</th>
15
+ <th class="manage-column">{{IP Address}}</th>
16
+ <th class="manage-column">{{Date/Time}}</th>
17
+ <th class="manage-column" width="300">{{Web Browser}}</th>
18
  </tr>
19
  </thead>
20
 
23
 
24
  <tr class="sucuriscan-%%SUCURI.FailedLogins.NoItemsVisibility%%">
25
  <td colspan="4">
26
+ <em>{{no data available}}</em>
27
  </td>
28
  </tr>
29
 
37
  </tbody>
38
  </table>
39
 
40
+ <button type="submit" class="button button-primary">{{Block}}</button>
41
  </form>
42
  </div>
43
  </div>
inc/tpl/lastlogins-loggedin.html.tpl CHANGED
@@ -1,22 +1,22 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Logged-in Users</h3>
4
 
5
  <div class="inside">
6
- <p>Here you can see a list of the users that are currently logged-in.</p>
7
 
8
  <table class="wp-list-table widefat sucuriscan-loggedin-users">
9
  <thead>
10
  <tr>
11
- <th colspan="6">Logged-in Users</th>
12
  </tr>
13
 
14
  <tr>
15
- <th>ID</th>
16
- <th>Username</th>
17
- <th>Last Activity</th>
18
- <th>Registered</th>
19
- <th>IP Address</th>
20
  <th>&nbsp;</th>
21
  </tr>
22
  </thead>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Logged-in Users}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{Here you can see a list of the users that are currently logged-in.}}</p>
7
 
8
  <table class="wp-list-table widefat sucuriscan-loggedin-users">
9
  <thead>
10
  <tr>
11
+ <th colspan="6">{{Logged-in Users}}</th>
12
  </tr>
13
 
14
  <tr>
15
+ <th>{{ID}}</th>
16
+ <th>{{Username}}</th>
17
+ <th>{{Last Activity}}</th>
18
+ <th>{{Registered}}</th>
19
+ <th>{{IP Address}}</th>
20
  <th>&nbsp;</th>
21
  </tr>
22
  </thead>
inc/tpl/lastlogins-loggedin.snippet.tpl CHANGED
@@ -10,5 +10,5 @@
10
 
11
  <td class="sucuriscan-monospace">%%SUCURI.LoggedInUsers.RemoteAddr%%</td>
12
 
13
- <td><a href="%%SUCURI.LoggedInUsers.UserURL%%" target="_blank">Edit</a></td>
14
  </tr>
10
 
11
  <td class="sucuriscan-monospace">%%SUCURI.LoggedInUsers.RemoteAddr%%</td>
12
 
13
+ <td><a href="%%SUCURI.LoggedInUsers.UserURL%%" target="_blank">{{Edit}}</a></td>
14
  </tr>
inc/tpl/lastlogins.html.tpl CHANGED
@@ -1,10 +1,10 @@
1
 
2
  <div class="sucuriscan-tabs">
3
  <ul class="sucuriscan-clearfix sucuriscan-tabs-buttons">
4
- <li><a href="%%SUCURI.URL.Lastlogins%%#allusers">All Users</a></li>
5
- <li><a href="%%SUCURI.URL.Lastlogins%%#admins">Admins</a></li>
6
- <li><a href="%%SUCURI.URL.Lastlogins%%#loggedin">Logged-in Users</a></li>
7
- <li><a href="%%SUCURI.URL.Lastlogins%%#failed">Failed logins</a></li>
8
  </ul>
9
 
10
  <div class="sucuriscan-tabs-containers">
1
 
2
  <div class="sucuriscan-tabs">
3
  <ul class="sucuriscan-clearfix sucuriscan-tabs-buttons">
4
+ <li><a href="%%SUCURI.URL.Lastlogins%%#allusers">{{All Users}}</a></li>
5
+ <li><a href="%%SUCURI.URL.Lastlogins%%#admins">{{Admins}}</a></li>
6
+ <li><a href="%%SUCURI.URL.Lastlogins%%#loggedin">{{Logged-in Users}}</a></li>
7
+ <li><a href="%%SUCURI.URL.Lastlogins%%#failed">{{Failed logins}}</a></li>
8
  </ul>
9
 
10
  <div class="sucuriscan-tabs-containers">
inc/tpl/notification-pretty.html.tpl CHANGED
@@ -16,13 +16,13 @@
16
  <td style="padding:20px 20px 10px 20px;border:1px solid #ccc;border-top:none">
17
  <h4 style="text-transform:uppercase;margin:0">Information:</h4>
18
  <p style="margin:0 0 10px 0">
19
- Website: <a href="http://%%SUCURI.Website%%">%%SUCURI.Website%%</a><br>
20
- IP Address: %%SUCURI.RemoteAddress%%<br>
21
- Reverse IP: %%SUCURI.ReverseAddress%%<br>
22
- Date/Time: %%SUCURI.Time%%<br>
23
  %%SUCURI.User%%
24
  </p>
25
- <h4 style="text-transform:uppercase;margin:0">Message:</h4>
26
  <p style="margin:0 0 10px 0">%%%SUCURI.Message%%%</p>
27
  </td>
28
  </tr>
16
  <td style="padding:20px 20px 10px 20px;border:1px solid #ccc;border-top:none">
17
  <h4 style="text-transform:uppercase;margin:0">Information:</h4>
18
  <p style="margin:0 0 10px 0">
19
+ {{Website:}} <a href="http://%%SUCURI.Website%%">%%SUCURI.Website%%</a><br>
20
+ {{IP Address:}} %%SUCURI.RemoteAddress%%<br>
21
+ {{Reverse IP:}} %%SUCURI.ReverseAddress%%<br>
22
+ {{Date/Time:}} %%SUCURI.Time%%<br>
23
  %%SUCURI.User%%
24
  </p>
25
+ <h4 style="text-transform:uppercase;margin:0">{{Message:}}</h4>
26
  <p style="margin:0 0 10px 0">%%%SUCURI.Message%%%</p>
27
  </td>
28
  </tr>
inc/tpl/register-site.html.tpl CHANGED
@@ -1,8 +1,8 @@
1
 
2
- <p>An API key is required to activate some additional tools available in this plugin. The keys are free and you can virtually generate an unlimited number of them as long as the domain name and email address are unique. The key is used to authenticate the HTTP requests sent by the plugin to an API service managed by Sucuri Inc.</p>
3
 
4
  <div class="sucuriscan-inline-alert-info">
5
- <p>If you experience issues generating the API key you can request one by sending the domain name and email address that you want to use to <a href="mailto:info@sucuri.net">info@sucuri.net</a>. Note that generating a key for a website that is not facing the Internet is not possible because the API service needs to validate that the domain name exists.</p>
6
  </div>
7
 
8
  <form action="%%SUCURI.URL.Settings%%" method="post">
@@ -10,29 +10,29 @@
10
  <input type="hidden" name="sucuriscan_plugin_api_key" value="1" />
11
 
12
  <fieldset class="sucuriscan-clearfix">
13
- <label>Website:</label>
14
  <input type="text" value="%%SUCURI.CleanDomain%%" readonly="readonly">
15
  </fieldset>
16
 
17
  <fieldset class="sucuriscan-clearfix">
18
- <label>E-mail:</label>
19
  <select name="sucuriscan_setup_user">
20
  %%%SUCURI.AdminEmails%%%
21
  </select>
22
  </fieldset>
23
 
24
  <fieldset class="sucuriscan-clearfix">
25
- <label>DNS Lookups</label>
26
  <input type="hidden" name="sucuriscan_dns_lookups" value="disable" />
27
  <input type="checkbox" name="sucuriscan_dns_lookups" value="enable" checked="checked" />
28
- <span class="sucuriscan-tooltip" content="Check the box if your website is behind a known firewall service, this guarantees that the IP address of your visitors will be detected correctly for the security logs. You can change this later from the settings.">Enable DNS Lookups On Startup</span>
29
  </fieldset>
30
 
31
  <p>
32
  <label>
33
  <input type="hidden" name="sucuriscan_consent_tos" value="0" />
34
  <input type="checkbox" name="sucuriscan_consent_tos" value="1" />
35
- <span>I agree to the <a target="_blank" href="https://sucuri.net/terms">Terms of Service</a>.</span>
36
  </label>
37
  </p>
38
 
@@ -40,13 +40,13 @@
40
  <label>
41
  <input type="hidden" name="sucuriscan_consent_priv" value="0" />
42
  <input type="checkbox" name="sucuriscan_consent_priv" value="1" />
43
- <span>I have read and understand the <a target="_blank" href="https://sucuri.net/privacy">Privacy Policy</a>.</span>
44
  </label>
45
  </p>
46
 
47
  <div class="sucuriscan-clearfix">
48
  <div class="sucuriscan-pull-left">
49
- <button type="submit" class="button button-primary">Submit</button>
50
  </div>
51
  </div>
52
  </form>
1
 
2
+ <p>{{An API key is required to activate some additional tools available in this plugin. The keys are free and you can virtually generate an unlimited number of them as long as the domain name and email address are unique. The key is used to authenticate the HTTP requests sent by the plugin to an API service managed by Sucuri Inc.}}</p>
3
 
4
  <div class="sucuriscan-inline-alert-info">
5
+ <p>{{If you experience issues generating the API key you can request one by sending the domain name and email address that you want to use to <a href="mailto:info@sucuri.net">info@sucuri.net</a>. Note that generating a key for a website that is not facing the Internet is not possible because the API service needs to validate that the domain name exists.}}</p>
6
  </div>
7
 
8
  <form action="%%SUCURI.URL.Settings%%" method="post">
10
  <input type="hidden" name="sucuriscan_plugin_api_key" value="1" />
11
 
12
  <fieldset class="sucuriscan-clearfix">
13
+ <label>{{Website:}}</label>
14
  <input type="text" value="%%SUCURI.CleanDomain%%" readonly="readonly">
15
  </fieldset>
16
 
17
  <fieldset class="sucuriscan-clearfix">
18
+ <label>{{E-mail:}}</label>
19
  <select name="sucuriscan_setup_user">
20
  %%%SUCURI.AdminEmails%%%
21
  </select>
22
  </fieldset>
23
 
24
  <fieldset class="sucuriscan-clearfix">
25
+ <label>{{DNS Lookups}}</label>
26
  <input type="hidden" name="sucuriscan_dns_lookups" value="disable" />
27
  <input type="checkbox" name="sucuriscan_dns_lookups" value="enable" checked="checked" />
28
+ <span class="sucuriscan-tooltip" content="{{Check the box if your website is behind a known firewall service, this guarantees that the IP address of your visitors will be detected correctly for the security logs. You can change this later from the settings.}}">{{Enable DNS Lookups On Startup}}</span>
29
  </fieldset>
30
 
31
  <p>
32
  <label>
33
  <input type="hidden" name="sucuriscan_consent_tos" value="0" />
34
  <input type="checkbox" name="sucuriscan_consent_tos" value="1" />
35
+ <span>{{I agree to the <a target="_blank" href="https://sucuri.net/terms">Terms of Service</a>.}}</span>
36
  </label>
37
  </p>
38
 
40
  <label>
41
  <input type="hidden" name="sucuriscan_consent_priv" value="0" />
42
  <input type="checkbox" name="sucuriscan_consent_priv" value="1" />
43
+ <span>{{I have read and understand the <a target="_blank" href="https://sucuri.net/privacy">Privacy Policy</a>.}}</span>
44
  </label>
45
  </p>
46
 
47
  <div class="sucuriscan-clearfix">
48
  <div class="sucuriscan-pull-left">
49
+ <button type="submit" class="button button-primary">{{Submit}}</button>
50
  </div>
51
  </div>
52
  </form>
inc/tpl/settings-alerts-bruteforce.html.tpl CHANGED
@@ -1,18 +1,18 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Password Guessing Brute Force Attacks</h3>
4
 
5
  <div class="inside">
6
- <p><a href="https://kb.sucuri.net/definitions/attacks/brute-force/password-guessing" target="_blank" rel="noopener">Password guessing brute force attacks</a> are very common against web sites and web servers. They are one of the most common vectors used to compromise web sites. The process is very simple and the attackers basically try multiple combinations of usernames and passwords until they find one that works. Once they get in, they can compromise the web site with malware, spam , phishing or anything else they want.</p>
7
 
8
  <form action="%%SUCURI.URL.Settings%%#alerts" method="post">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10
  <fieldset class="sucuriscan-clearfix">
11
- <label>Consider Brute-Force Attack After:</label>
12
  <select name="sucuriscan_maximum_failed_logins">
13
  %%%SUCURI.Alerts.BruteForce%%%
14
  </select>
15
- <button type="submit" class="button button-primary">Submit</button>
16
  </fieldset>
17
  </form>
18
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Password Guessing Brute Force Attacks}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{<a href="https://kb.sucuri.net/definitions/attacks/brute-force/password-guessing" target="_blank" rel="noopener">Password guessing brute force attacks</a> are very common against web sites and web servers. They are one of the most common vectors used to compromise web sites. The process is very simple and the attackers basically try multiple combinations of usernames and passwords until they find one that works. Once they get in, they can compromise the web site with malware, spam , phishing or anything else they want.}}</p>
7
 
8
  <form action="%%SUCURI.URL.Settings%%#alerts" method="post">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10
  <fieldset class="sucuriscan-clearfix">
11
+ <label>{{Consider Brute-Force Attack After:}}</label>
12
  <select name="sucuriscan_maximum_failed_logins">
13
  %%%SUCURI.Alerts.BruteForce%%%
14
  </select>
15
+ <button type="submit" class="button button-primary">{{Submit}}</button>
16
  </fieldset>
17
  </form>
18
  </div>
inc/tpl/settings-alerts-events.html.tpl CHANGED
@@ -1,10 +1,10 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Security Alerts</h3>
4
 
5
  <div class="inside">
6
  <div class="sucuriscan-inline-alert-error sucuriscan-%%SUCURI.Alerts.NoAlertsVisibility%%">
7
- <p>You have installed a plugin or theme that is not fully compatible with our plugin, some of the security alerts (like the successful and failed logins) will not be sent to you. To prevent an infinite loop while detecting these changes in the website and sending the email alerts via a custom SMTP plugin, we have decided to stop any attempt to send the emails to prevent fatal errors.</p>
8
  </div>
9
 
10
  <form action="%%SUCURI.URL.Settings%%#alerts" method="post">
@@ -14,10 +14,10 @@
14
  <thead>
15
  <tr>
16
  <td id="cb" class="manage-column column-cb check-column">
17
- <label class="screen-reader-text" for="cb-select-all-1">Select All</label>
18
  <input id="cb-select-all-1" type="checkbox">
19
  </td>
20
- <th class="manage-column">Event</th>
21
  </tr>
22
  </thead>
23
 
@@ -27,7 +27,7 @@
27
  </table>
28
 
29
  <div class="sucuriscan-recipient-form">
30
- <button type="submit" name="sucuriscan_save_alert_events" class="button button-primary">Submit</button>
31
  </div>
32
  </form>
33
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Security Alerts}}</h3>
4
 
5
  <div class="inside">
6
  <div class="sucuriscan-inline-alert-error sucuriscan-%%SUCURI.Alerts.NoAlertsVisibility%%">
7
+ <p>{{You have installed a plugin or theme that is not fully compatible with our plugin, some of the security alerts (like the successful and failed logins) will not be sent to you. To prevent an infinite loop while detecting these changes in the website and sending the email alerts via a custom SMTP plugin, we have decided to stop any attempt to send the emails to prevent fatal errors.}}</p>
8
  </div>
9
 
10
  <form action="%%SUCURI.URL.Settings%%#alerts" method="post">
14
  <thead>
15
  <tr>
16
  <td id="cb" class="manage-column column-cb check-column">
17
+ <label class="screen-reader-text" for="cb-select-all-1">{{Select All}}</label>
18
  <input id="cb-select-all-1" type="checkbox">
19
  </td>
20
+ <th class="manage-column">{{Event}}</th>
21
  </tr>
22
  </thead>
23
 
27
  </table>
28
 
29
  <div class="sucuriscan-recipient-form">
30
+ <button type="submit" name="sucuriscan_save_alert_events" class="button button-primary">{{Submit}}</button>
31
  </div>
32
  </form>
33
  </div>
inc/tpl/settings-alerts-ignore-posts.html.tpl CHANGED
@@ -1,28 +1,28 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Post-Type Alerts</h3>
4
 
5
  <div class="inside">
6
  <div class="sucuriscan-inline-alert-error sucuriscan-%%SUCURI.PostTypes.ErrorVisibility%%">
7
- <p>It seems that you disabled the email alerts for <b>new site content</b>, this panel is intended to provide a way to ignore specific events in your site and with that the alerts reported to your email. Since you have deactivated the <b>new site content</b> alerts, this panel will be disabled too.</p>
8
  </div>
9
 
10
- <p>This is a list of registered <a href="https://codex.wordpress.org/Post_Types" target="_blank" rel="noopener">Post Types</a>. You will receive an email alert when a custom page or post associated to any of these types is created or updated. If you don't want to receive one or more of these alerts, feel free to uncheck the boxes in the table below. If you are receiving alerts for post types that are not listed in this table, it may be because there is an add-on that that is generating a custom post-type on runtime, you will have to find out by yourself what is the unique ID of that post-type and type it in the form below. The plugin will do its best to ignore these alerts as long as the unique ID is valid.</p>
11
 
12
  <form action="%%SUCURI.URL.Settings%%#alerts" method="post">
13
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
14
  <input type="hidden" name="sucuriscan_ignorerule_action" value="add">
15
 
16
  <fieldset class="sucuriscan-clearfix">
17
- <label>Stop Alerts For This Post-Type:</label>
18
- <input type="text" name="sucuriscan_ignorerule" placeholder="e.g. unique_post_type_id" />
19
- <button type="submit" class="button button-primary">Submit</button>
20
  </fieldset>
21
  </form>
22
 
23
  <hr>
24
 
25
- <button class="button button-primary sucuriscan-show-section" section="sucuriscan-ignorerules" on="Show Post-Types Table" off="Hide Post-Types Table">Show Post-Types Table</button>
26
 
27
  <div class="sucuriscan-hidden" id="sucuriscan-ignorerules">
28
  <hr>
@@ -35,12 +35,12 @@
35
  <thead>
36
  <tr>
37
  <td id="cb" class="manage-column column-cb check-column">
38
- <label class="screen-reader-text" for="cb-select-all-1">Select All</label>
39
  <input id="cb-select-all-1" type="checkbox">
40
  </td>
41
- <th class="manage-column">Post Type</th>
42
- <th class="manage-column">Post Type ID</th>
43
- <th class="manage-column">Ignored At (optional)</th>
44
  </tr>
45
  </thead>
46
 
@@ -49,7 +49,7 @@
49
  </tbody>
50
  </table>
51
 
52
- <button type="submit" class="button button-primary">Submit</button>
53
  </form>
54
  </div>
55
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Post-Type Alerts}}</h3>
4
 
5
  <div class="inside">
6
  <div class="sucuriscan-inline-alert-error sucuriscan-%%SUCURI.PostTypes.ErrorVisibility%%">
7
+ <p>{{It seems that you disabled the email alerts for <b>new site content</b>, this panel is intended to provide a way to ignore specific events in your site and with that the alerts reported to your email. Since you have deactivated the <b>new site content</b> alerts, this panel will be disabled too.}}</p>
8
  </div>
9
 
10
+ <p>{{This is a list of registered <a href="https://codex.wordpress.org/Post_Types" target="_blank" rel="noopener">Post Types</a>. You will receive an email alert when a custom page or post associated to any of these types is created or updated. If you dont want to receive one or more of these alerts, feel free to uncheck the boxes in the table below. If you are receiving alerts for post types that are not listed in this table, it may be because there is an add-on that that is generating a custom post-type on runtime, you will have to find out by yourself what is the unique ID of that post-type and type it in the form below. The plugin will do its best to ignore these alerts as long as the unique ID is valid.}}</p>
11
 
12
  <form action="%%SUCURI.URL.Settings%%#alerts" method="post">
13
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
14
  <input type="hidden" name="sucuriscan_ignorerule_action" value="add">
15
 
16
  <fieldset class="sucuriscan-clearfix">
17
+ <label>{{Stop Alerts For This Post-Type:}}</label>
18
+ <input type="text" name="sucuriscan_ignorerule" placeholder="{{e.g. unique_post_type_id}}" />
19
+ <button type="submit" class="button button-primary">{{Submit}}</button>
20
  </fieldset>
21
  </form>
22
 
23
  <hr>
24
 
25
+ <button class="button button-primary sucuriscan-show-section" section="sucuriscan-ignorerules" on="{{Show Post-Types Table}}" off="{{Hide Post-Types Table}}">{{Show Post-Types Table}}</button>
26
 
27
  <div class="sucuriscan-hidden" id="sucuriscan-ignorerules">
28
  <hr>
35
  <thead>
36
  <tr>
37
  <td id="cb" class="manage-column column-cb check-column">
38
+ <label class="screen-reader-text" for="cb-select-all-1">{{Select All}}</label>
39
  <input id="cb-select-all-1" type="checkbox">
40
  </td>
41
+ <th class="manage-column">{{Post Type}}</th>
42
+ <th class="manage-column">{{Post Type ID}}</th>
43
+ <th class="manage-column">{{Ignored At (optional)}}</th>
44
  </tr>
45
  </thead>
46
 
49
  </tbody>
50
  </table>
51
 
52
+ <button type="submit" class="button button-primary">{{Submit}}</button>
53
  </form>
54
  </div>
55
  </div>
inc/tpl/settings-alerts-perhour.html.tpl CHANGED
@@ -1,18 +1,18 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Alerts Per Hour</h3>
4
 
5
  <div class="inside">
6
- <p>Configure the maximum number of email alerts per hour. If the number is exceeded and the plugin detects more events during the same hour, it will still log the events into the audit logs but will not send the email alerts. Be careful with this as you will miss important information.</p>
7
 
8
  <form action="%%SUCURI.URL.Settings%%#alerts" method="post">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10
  <fieldset class="sucuriscan-clearfix">
11
- <label>Maximum Alerts Per Hour:</label>
12
  <select name="sucuriscan_emails_per_hour">
13
  %%%SUCURI.Alerts.PerHour%%%
14
  </select>
15
- <button type="submit" class="button button-primary">Submit</button>
16
  </fieldset>
17
  </form>
18
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Alerts Per Hour}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{Configure the maximum number of email alerts per hour. If the number is exceeded and the plugin detects more events during the same hour, it will still log the events into the audit logs but will not send the email alerts. Be careful with this as you will miss important information.}}</p>
7
 
8
  <form action="%%SUCURI.URL.Settings%%#alerts" method="post">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10
  <fieldset class="sucuriscan-clearfix">
11
+ <label>{{Maximum Alerts Per Hour:}}</label>
12
  <select name="sucuriscan_emails_per_hour">
13
  %%%SUCURI.Alerts.PerHour%%%
14
  </select>
15
+ <button type="submit" class="button button-primary">{{Submit}}</button>
16
  </fieldset>
17
  </form>
18
  </div>
inc/tpl/settings-alerts-recipients.html.tpl CHANGED
@@ -1,27 +1,27 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Alerts Recipient</h3>
4
 
5
  <div class="inside">
6
- <p>By default, the plugin will send the email alerts to the primary admin account, the same account created during the installation of WordPress in your web server. You can add more people to the list, they will receive a copy of the same security alerts.</p>
7
 
8
  <form action="%%SUCURI.URL.Settings%%#alerts" method="post">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10
 
11
  <fieldset class="sucuriscan-clearfix">
12
- <label>E-mail:</label>
13
- <input type="text" name="sucuriscan_recipient" placeholder="e.g. user@example.com" />
14
- <button type="submit" name="sucuriscan_save_recipient" class="button button-primary">Submit</button>
15
  </fieldset>
16
 
17
  <table class="wp-list-table widefat sucuriscan-table">
18
  <thead>
19
  <tr>
20
  <td id="cb" class="manage-column column-cb check-column">
21
- <label class="screen-reader-text" for="cb-select-all-1">Select All</label>
22
  <input id="cb-select-all-1" type="checkbox">
23
  </td>
24
- <th class="manage-column">E-mail</th>
25
  </tr>
26
  </thead>
27
 
@@ -30,8 +30,8 @@
30
  </tbody>
31
  </table>
32
 
33
- <button type="submit" name="sucuriscan_delete_recipients" class="button button-primary">Delete</button>
34
- <button type="submit" name="sucuriscan_debug_email" value="1" class="button button-primary">Test Alerts</button>
35
  </form>
36
  </div>
37
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Alerts Recipient}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{By default, the plugin will send the email alerts to the primary admin account, the same account created during the installation of WordPress in your web server. You can add more people to the list, they will receive a copy of the same security alerts.}}</p>
7
 
8
  <form action="%%SUCURI.URL.Settings%%#alerts" method="post">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10
 
11
  <fieldset class="sucuriscan-clearfix">
12
+ <label>{{E-mail:}}</label>
13
+ <input type="text" name="sucuriscan_recipient" placeholder="{{e.g. user@example.com}}" />
14
+ <button type="submit" name="sucuriscan_save_recipient" class="button button-primary">{{Submit}}</button>
15
  </fieldset>
16
 
17
  <table class="wp-list-table widefat sucuriscan-table">
18
  <thead>
19
  <tr>
20
  <td id="cb" class="manage-column column-cb check-column">
21
+ <label class="screen-reader-text" for="cb-select-all-1">{{Select All}}</label>
22
  <input id="cb-select-all-1" type="checkbox">
23
  </td>
24
+ <th class="manage-column">{{E-mail}}</th>
25
  </tr>
26
  </thead>
27
 
30
  </tbody>
31
  </table>
32
 
33
+ <button type="submit" name="sucuriscan_delete_recipients" class="button button-primary">{{Delete}}</button>
34
+ <button type="submit" name="sucuriscan_debug_email" value="1" class="button button-primary">{{Test Alerts}}</button>
35
  </form>
36
  </div>
37
  </div>
inc/tpl/settings-alerts-subject.html.tpl CHANGED
@@ -1,9 +1,9 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Alert Subject</h3>
4
 
5
  <div class="inside">
6
- <p>Format of the subject for the email alerts, by default the plugin will use the website name and the event identifier that is being reported, you can use this panel to include the IP address of the user that triggered the event and some additional data. You can create filters in your email client creating a custom email subject using the pseudo-tags shown below.</p>
7
 
8
  <form action="%%SUCURI.URL.Settings%%#alerts" method="post">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
@@ -14,14 +14,14 @@
14
  <li>
15
  <label>
16
  <input type="radio" name="sucuriscan_email_subject" value="custom" %%SUCURI.Alerts.CustomChecked%% />
17
- <span>Custom Format</span>
18
  <input type="text" name="sucuriscan_custom_email_subject" value="%%SUCURI.Alerts.CustomValue%%" />
19
  </label>
20
  </li>
21
  </ul>
22
 
23
  <div class="sucuriscan-recipient-form">
24
- <button type="submit" class="button button-primary">Submit</button>
25
  </div>
26
  </form>
27
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Alert Subject}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{Format of the subject for the email alerts, by default the plugin will use the website name and the event identifier that is being reported, you can use this panel to include the IP address of the user that triggered the event and some additional data. You can create filters in your email client creating a custom email subject using the pseudo-tags shown below.}}</p>
7
 
8
  <form action="%%SUCURI.URL.Settings%%#alerts" method="post">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
14
  <li>
15
  <label>
16
  <input type="radio" name="sucuriscan_email_subject" value="custom" %%SUCURI.Alerts.CustomChecked%% />
17
+ <span>{{Custom Format}}</span>
18
  <input type="text" name="sucuriscan_custom_email_subject" value="%%SUCURI.Alerts.CustomValue%%" />
19
  </label>
20
  </li>
21
  </ul>
22
 
23
  <div class="sucuriscan-recipient-form">
24
+ <button type="submit" class="button button-primary">{{Submit}}</button>
25
  </div>
26
  </form>
27
  </div>
inc/tpl/settings-alerts-trustedips.html.tpl CHANGED
@@ -1,17 +1,17 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Trusted IP Addresses</h3>
4
 
5
  <div class="inside">
6
- <p>If you are working in a LAN <em>(Local Area Network)</em> you may want to include the IP addresses of all the nodes in the subnet, this will force the plugin to stop sending email alerts about actions executed from trusted IP addresses. Use the CIDR <em>(Classless Inter Domain Routing)</em> format to specify ranges of IP addresses <em>(only 8, 16, and 24)</em>.</p>
7
 
8
  <form action="%%SUCURI.URL.Settings%%#alerts" method="POST">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10
 
11
  <fieldset class="sucuriscan-clearfix">
12
- <label>IP Address:</label>
13
- <input type="text" name="sucuriscan_trust_ip" placeholder="e.g. 182.120.56.0/24" />
14
- <input type="submit" value="Submit" class="button button-primary" />
15
  </fieldset>
16
  </form>
17
 
@@ -24,12 +24,12 @@
24
  <thead>
25
  <tr>
26
  <td id="cb" class="manage-column column-cb check-column">
27
- <label class="screen-reader-text" for="cb-select-all-1">Select All</label>
28
  <input id="cb-select-all-1" type="checkbox">
29
  </td>
30
- <th class="manage-column">IP Address</th>
31
- <th class="manage-column">CIDR Format</th>
32
- <th class="manage-column">IP Added At</th>
33
  </tr>
34
  </thead>
35
 
@@ -38,13 +38,13 @@
38
 
39
  <tr class="sucuriscan-%%SUCURI.TrustedIPs.NoItems.Visibility%%">
40
  <td colspan="4">
41
- <em>no data available</em>
42
  </td>
43
  </tr>
44
  </tbody>
45
  </table>
46
 
47
- <button type="submit" class="button button-primary">Delete</button>
48
  </form>
49
  </div>
50
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Trusted IP Addresses}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{If you are working in a LAN <em>(Local Area Network)</em> you may want to include the IP addresses of all the nodes in the subnet, this will force the plugin to stop sending email alerts about actions executed from trusted IP addresses. Use the CIDR <em>(Classless Inter Domain Routing)</em> format to specify ranges of IP addresses <em>(only 8, 16, and 24)</em>.}}</p>
7
 
8
  <form action="%%SUCURI.URL.Settings%%#alerts" method="POST">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10
 
11
  <fieldset class="sucuriscan-clearfix">
12
+ <label>{{IP Address:}}</label>
13
+ <input type="text" name="sucuriscan_trust_ip" placeholder="{{e.g. 182.120.56.0/24}}" />
14
+ <input type="submit" value="{{Submit}}" class="button button-primary" />
15
  </fieldset>
16
  </form>
17
 
24
  <thead>
25
  <tr>
26
  <td id="cb" class="manage-column column-cb check-column">
27
+ <label class="screen-reader-text" for="cb-select-all-1">{{Select All}}</label>
28
  <input id="cb-select-all-1" type="checkbox">
29
  </td>
30
+ <th class="manage-column">{{IP Address}}</th>
31
+ <th class="manage-column">{{CIDR Format}}</th>
32
+ <th class="manage-column">{{IP Added At}}</th>
33
  </tr>
34
  </thead>
35
 
38
 
39
  <tr class="sucuriscan-%%SUCURI.TrustedIPs.NoItems.Visibility%%">
40
  <td colspan="4">
41
+ <em>{{no data available}}</em>
42
  </td>
43
  </tr>
44
  </tbody>
45
  </table>
46
 
47
+ <button type="submit" class="button button-primary">{{Delete}}</button>
48
  </form>
49
  </div>
50
  </div>
inc/tpl/settings-apirecovery.html.tpl CHANGED
@@ -1,15 +1,15 @@
1
 
2
  <div class="sucuriscan-clearfix">
3
- <p>If this operation was successful you will receive a message in the email used during the registration of the API key <em>(usually the email of the main admin user)</em>. This message contains the key in plain text, copy and paste the key in the form field below. The plugin will verify the authenticity of the key sending an initial HTTP request to the API service, if this fails the key will be removed automatically and you will have to start the process all over again.</p>
4
 
5
- <p>There are cases where this operation may fail, an example would be when the email address is not associated with the domain anymore, this happens when the base URL changes <em>(from www to none or viceversa)</em>. If you are having issues recovering the key please send an email explaining the situation to <a href="mailto:info@sucuri.net">info@sucuri.net</a></p>
6
 
7
  <form action="%%SUCURI.URL.Settings%%" method="post">
8
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
9
  <fieldset class="sucuriscan-clearfix">
10
- <label>API Key:</label>
11
  <input type="text" name="sucuriscan_manual_api_key" />
12
- <button type="submit" class="button button-primary">Submit</button>
13
  </fieldset>
14
  </form>
15
  </div>
1
 
2
  <div class="sucuriscan-clearfix">
3
+ <p>{{If this operation was successful you will receive a message in the email used during the registration of the API key <em>(usually the email of the main admin user)</em>. This message contains the key in plain text, copy and paste the key in the form field below. The plugin will verify the authenticity of the key sending an initial HTTP request to the API service, if this fails the key will be removed automatically and you will have to start the process all over again.}}</p>
4
 
5
+ <p>{{There are cases where this operation may fail, an example would be when the email address is not associated with the domain anymore, this happens when the base URL changes <em>(from www to none or viceversa)</em>. If you are having issues recovering the key please send an email explaining the situation to <a href="mailto:info@sucuri.net">info@sucuri.net</a>}}</p>
6
 
7
  <form action="%%SUCURI.URL.Settings%%" method="post">
8
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
9
  <fieldset class="sucuriscan-clearfix">
10
+ <label>{{API Key:}}</label>
11
  <input type="text" name="sucuriscan_manual_api_key" />
12
+ <button type="submit" class="button button-primary">{{Submit}}</button>
13
  </fieldset>
14
  </form>
15
  </div>
inc/tpl/settings-apiregistered.html.tpl CHANGED
@@ -3,13 +3,13 @@
3
  <div class="sucuriscan-pull-left sucuriscan-sitelogo">&nbsp;</div>
4
 
5
  <div class="sucuriscan-pull-right">
6
- <p>Congratulations! The rest of the features available in the plugin have been enabled. This product is designed to supplement existing security products. It's not a silver bullet for your security needs, but it'll give you greater security awareness and better posture, all with the intent of reducing risk.</p>
7
 
8
  <div class="sucuriscan-inline-alert-success">
9
- <p>Your website has been granted a new API key and it was associated to the email address that you chose during the registration process. You can use the same email to recover the key if you happen to lose it sometime. We encourage you to check the rest of the settings page and configure the plugin to your own needs.</p>
10
  </div>
11
 
12
- <a href="%%SUCURI.URL.Dashboard%%" class="button button-primary">Dashboard</a>
13
- <a href="%%SUCURI.URL.Settings%%" class="button button-primary">Settings</a>
14
  </div>
15
  </div>
3
  <div class="sucuriscan-pull-left sucuriscan-sitelogo">&nbsp;</div>
4
 
5
  <div class="sucuriscan-pull-right">
6
+ <p>{{Congratulations! The rest of the features available in the plugin have been enabled. This product is designed to supplement existing security products. Its not a silver bullet for your security needs, but itll give you greater security awareness and better posture, all with the intent of reducing risk.}}</p>
7
 
8
  <div class="sucuriscan-inline-alert-success">
9
+ <p>{{Your website has been granted a new API key and it was associated to the email address that you chose during the registration process. You can use the same email to recover the key if you happen to lose it sometime. We encourage you to check the rest of the settings page and configure the plugin to your own needs.}}</p>
10
  </div>
11
 
12
+ <a href="%%SUCURI.URL.Dashboard%%" class="button button-primary">{{Dashboard}}</a>
13
+ <a href="%%SUCURI.URL.Settings%%" class="button button-primary">{{Settings}}</a>
14
  </div>
15
  </div>
inc/tpl/settings-apiservice-checksums.html.tpl CHANGED
@@ -1,12 +1,12 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">WordPress Checksums API</h3>
4
 
5
  <div class="inside">
6
- <p>The WordPress integrity tool uses a remote API service maintained by the WordPress organization to determine which files in the installation were added, removed or modified. The API returns a list of files with their respective checksums, this information guarantees that the installation is not corrupt. You can, however, point the integrity tool to a GitHub repository in case that you are using a custom version of WordPress like the <a href="https://github.com/WordPress/WordPress" target="_blank" rel="noopener">development version of the code</a>.</p>
7
 
8
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2">
9
- <span>WordPress Checksums API &mdash; <a target="_blank"
10
  href="%%SUCURI.ChecksumsAPI%%">%%SUCURI.ChecksumsAPI%%</a>
11
  </span>
12
  </div>
@@ -14,9 +14,9 @@
14
  <form action="%%SUCURI.URL.Settings%%#apiservice" method="post">
15
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
16
  <fieldset class="sucuriscan-clearfix">
17
- <label>WordPress Checksums API:</label>
18
- <input type="text" name="sucuriscan_checksum_api" placeholder="e.g. URL — or — user/repo" size="30" />
19
- <button type="submit" class="button button-primary">Submit</button>
20
  </fieldset>
21
  </form>
22
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{WordPress Checksums API}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{The WordPress integrity tool uses a remote API service maintained by the WordPress organization to determine which files in the installation were added, removed or modified. The API returns a list of files with their respective checksums, this information guarantees that the installation is not corrupt. You can, however, point the integrity tool to a GitHub repository in case that you are using a custom version of WordPress like the <a href="https://github.com/WordPress/WordPress" target="_blank" rel="noopener">development version of the code</a>.}}</p>
7
 
8
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2">
9
+ <span>{{WordPress Checksums API}} &mdash; <a target="_blank"
10
  href="%%SUCURI.ChecksumsAPI%%">%%SUCURI.ChecksumsAPI%%</a>
11
  </span>
12
  </div>
14
  <form action="%%SUCURI.URL.Settings%%#apiservice" method="post">
15
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
16
  <fieldset class="sucuriscan-clearfix">
17
+ <label>{{WordPress Checksums API}}:</label>
18
+ <input type="text" name="sucuriscan_checksum_api" placeholder="{{e.g. URL — or — user/repo}}" size="30" />
19
+ <button type="submit" class="button button-primary">{{Submit}}</button>
20
  </fieldset>
21
  </form>
22
  </div>
inc/tpl/settings-apiservice-proxy.html.tpl CHANGED
@@ -1,15 +1,15 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">API Communication via Proxy</h3>
4
 
5
  <div class="inside">
6
- <p>All the HTTP requests used to communicate with the API service are being sent using the WordPress built-in functions, so (almost) all its official features are inherited, this is useful if you need to pass these HTTP requests through a proxy. According to the <a href="https://developer.wordpress.org/reference/classes/wp_http_proxy/" target="_blank" rel="noopener">official documentation</a> you have to add some constants to the main configuration file: <em>WP_PROXY_HOST, WP_PROXY_PORT, WP_PROXY_USERNAME, WP_PROXY_PASSWORD</em>.</p>
7
 
8
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2 sucuriscan-monospace">
9
- <div>HTTP Proxy Hostname: %%SUCURI.APIProxy.Host%%</div>
10
- <div>HTTP Proxy Port num: %%SUCURI.APIProxy.Port%%</div>
11
- <div>HTTP Proxy Username: %%SUCURI.APIProxy.Username%%</div>
12
- <div>HTTP Proxy Password: <span class="sucuriscan-label-%%SUCURI.APIProxy.PasswordType%%">%%SUCURI.APIProxy.PasswordText%%</span></div>
13
  </div>
14
  </div>
15
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{API Communication via Proxy}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{All the HTTP requests used to communicate with the API service are being sent using the WordPress built-in functions, so (almost) all its official features are inherited, this is useful if you need to pass these HTTP requests through a proxy. According to the <a href="https://developer.wordpress.org/reference/classes/wp_http_proxy/" target="_blank" rel="noopener">official documentation</a> you have to add some constants to the main configuration file: <em>WP_PROXY_HOST, WP_PROXY_PORT, WP_PROXY_USERNAME, WP_PROXY_PASSWORD</em>.}}</p>
7
 
8
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2 sucuriscan-monospace">
9
+ <div>{{HTTP Proxy Hostname}}: %%SUCURI.APIProxy.Host%%</div>
10
+ <div>{{HTTP Proxy Port num}}: %%SUCURI.APIProxy.Port%%</div>
11
+ <div>{{HTTP Proxy Username}}: %%SUCURI.APIProxy.Username%%</div>
12
+ <div>{{HTTP Proxy Password}}: <span class="sucuriscan-label-%%SUCURI.APIProxy.PasswordType%%">%%SUCURI.APIProxy.PasswordText%%</span></div>
13
  </div>
14
  </div>
15
  </div>
inc/tpl/settings-apiservice-status.html.tpl CHANGED
@@ -1,16 +1,16 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">API Service Communication</h3>
4
 
5
  <div class="inside">
6
- <p>Once the API key is generate the plugin will communicate with a remote API service that will act as a safe data storage for the audit logs generated when the website triggers certain events that the plugin monitors. If the website is hacked the attacker will not have access to these logs and that way you can investigate what was modified <em>(for malware infaction)</em> and/or how the malicious person was able to gain access to the website.</p>
7
 
8
  <div class="sucuriscan-inline-alert-error sucuriscan-%%SUCURI.ApiStatus.ErrorVisibility%%">
9
- <p>Disabling the API service communication will stop the event monitoring, consider to enable the <a href="%%SUCURI.URL.Settings%%#general">Log Exporter</a> to keep the monitoring working while the HTTP requests are ignored, otherwise an attacker may execute an action that will not be registered in the security logs and you will not have a way to investigate the attack in the future.</p>
10
  </div>
11
 
12
  <div class="sucuriscan-hstatus sucuriscan-hstatus-%%SUCURI.ApiStatus.StatusNum%%">
13
- <span>API Service Communication &mdash; %%SUCURI.ApiStatus.Status%% &mdash;</span>
14
  <span class="sucuriscan-monospace">%%SUCURI.ApiStatus.ServiceURL%%</span>
15
  <form action="%%SUCURI.URL.Settings%%#apiservice" method="post">
16
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
@@ -20,7 +20,7 @@
20
  </div>
21
 
22
  <p>
23
- <strong>Are you a developer?</strong> You may be interested in our API. Feel free to use the URL shown below to access the latest 50 entries in your security log, change the value for the parameter <code>l=N</code> if you need more. Be aware that the API doesn't provides an offset parameter, so if you have the intension to query specific sections of the log you will need to wrap the HTTP request around your own cache mechanism. We <strong>DO NOT</strong> take feature requests for the API, this is a semi-private service tailored for the specific needs of the plugin and not intended to be used by 3rd-party apps, we may change the behavior of each API endpoint without previous notice, use it at your own risk.
24
  </p>
25
 
26
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2 sucuriscan-monospace">
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{API Service Communication}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{Once the API key is generate the plugin will communicate with a remote API service that will act as a safe data storage for the audit logs generated when the website triggers certain events that the plugin monitors. If the website is hacked the attacker will not have access to these logs and that way you can investigate what was modified <em>(for malware infaction)</em> and/or how the malicious person was able to gain access to the website.}}</p>
7
 
8
  <div class="sucuriscan-inline-alert-error sucuriscan-%%SUCURI.ApiStatus.ErrorVisibility%%">
9
+ <p>{{Disabling the API service communication will stop the event monitoring, consider to enable the <a href="%%SUCURI.URL.Settings%%#general">Log Exporter</a> to keep the monitoring working while the HTTP requests are ignored, otherwise an attacker may execute an action that will not be registered in the security logs and you will not have a way to investigate the attack in the future.}}</p>
10
  </div>
11
 
12
  <div class="sucuriscan-hstatus sucuriscan-hstatus-%%SUCURI.ApiStatus.StatusNum%%">
13
+ <span>{{API Service Communication}} &mdash; %%SUCURI.ApiStatus.Status%% &mdash;</span>
14
  <span class="sucuriscan-monospace">%%SUCURI.ApiStatus.ServiceURL%%</span>
15
  <form action="%%SUCURI.URL.Settings%%#apiservice" method="post">
16
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
20
  </div>
21
 
22
  <p>
23
+ {{<strong>Are you a developer?</strong> You may be interested in our API. Feel free to use the URL shown below to access the latest 50 entries in your security log, change the value for the parameter <code>l=N</code> if you need more. Be aware that the API doesn't provides an offset parameter, so if you have the intension to query specific sections of the log you will need to wrap the HTTP request around your own cache mechanism. We <strong>DO NOT</strong> take feature requests for the API, this is a semi-private service tailored for the specific needs of the plugin and not intended to be used by 3rd-party apps, we may change the behavior of each API endpoint without previous notice, use it at your own risk.}}
24
  </p>
25
 
26
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2 sucuriscan-monospace">
inc/tpl/settings-general-apikey.html.tpl CHANGED
@@ -4,13 +4,13 @@
4
  %%%SUCURI.ModalForApiKeyRecovery%%%
5
 
6
  <div class="sucuriscan-panel">
7
- <h3 class="sucuriscan-title">API Key</h3>
8
 
9
  <div class="inside">
10
- <p>An API key is required to prevent attackers from deleting audit logs that can help you investigate and recover after a hack, and allows the plugin to display statistics. By generating an API key, you agree that Sucuri will collect and store anonymous data about your website. We take your privacy seriously.</p>
11
 
12
  <div class="sucuriscan-inline-alert-error sucuriscan-%%SUCURI.InvalidDomainVisibility%%">
13
- <p>Your domain <code>%%SUCURI.CleanDomain%%</code> does not seems to have a DNS <code>A</code> record so it will be considered as <em>invalid</em> by the API interface when you request the generation of a new key. Adding <code>www</code> at the beginning of the domain name may fix this issue. If you do not understand what is this then send an email to our support team requesting the key.</p>
14
  </div>
15
 
16
  <div class="sucuriscan-%%SUCURI.APIKey.RecoverVisibility%%">
@@ -18,19 +18,19 @@
18
  <div class="sucuriscan-monospace">API Key: %%SUCURI.APIKey%%</div>
19
  <form action="%%SUCURI.URL.Settings%%#general" method="post">
20
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
21
- <button type="submit" name="sucuriscan_recover_key" class="button button-primary">Recover Via E-mail</button>
22
- <a href="%%SUCURI.URL.Settings%%&recover#general" class="button button-primary">Manual Activation</a>
23
  </form>
24
  </div>
25
 
26
- <p>If you do not have access to the administrator email, you can reinstall the plugin. The API key is generated using an administrator email and the domain of the website. Click the "Manual Activation" button if you already have a valid API key to authenticate this website with the remote API web service.</p>
27
  </div>
28
 
29
  <div class="sucuriscan-hstatus sucuriscan-hstatus-1 sucuriscan-%%SUCURI.APIKey.RemoveVisibility%%">
30
- <div class="sucuriscan-monospace">API Key: %%SUCURI.APIKey%%</div>
31
  <form action="%%SUCURI.URL.Settings%%#general" method="post">
32
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
33
- <button type="submit" name="sucuriscan_remove_api_key" class="button button-primary">Delete</button>
34
  </form>
35
  </div>
36
  </div>
4
  %%%SUCURI.ModalForApiKeyRecovery%%%
5
 
6
  <div class="sucuriscan-panel">
7
+ <h3 class="sucuriscan-title">{{API Key}}</h3>
8
 
9
  <div class="inside">
10
+ <p>{{An API key is required to prevent attackers from deleting audit logs that can help you investigate and recover after a hack, and allows the plugin to display statistics. By generating an API key, you agree that Sucuri will collect and store anonymous data about your website. We take your privacy seriously.}}</p>
11
 
12
  <div class="sucuriscan-inline-alert-error sucuriscan-%%SUCURI.InvalidDomainVisibility%%">
13
+ <p>{{Your domain <code>%%SUCURI.CleanDomain%%</code> does not seems to have a DNS <code>A</code> record so it will be considered as <em>invalid</em> by the API interface when you request the generation of a new key. Adding <code>www</code> at the beginning of the domain name may fix this issue. If you do not understand what is this then send an email to our support team requesting the key.}}</p>
14
  </div>
15
 
16
  <div class="sucuriscan-%%SUCURI.APIKey.RecoverVisibility%%">
18
  <div class="sucuriscan-monospace">API Key: %%SUCURI.APIKey%%</div>
19
  <form action="%%SUCURI.URL.Settings%%#general" method="post">
20
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
21
+ <button type="submit" name="sucuriscan_recover_key" class="button button-primary">{{Recover Via E-mail}}</button>
22
+ <a href="%%SUCURI.URL.Settings%%&recover#general" class="button button-primary">{{Manual Activation}}</a>
23
  </form>
24
  </div>
25
 
26
+ <p>{{If you do not have access to the administrator email, you can reinstall the plugin. The API key is generated using an administrator email and the domain of the website. Click the "Manual Activation" button if you already have a valid API key to authenticate this website with the remote API web service.}}</p>
27
  </div>
28
 
29
  <div class="sucuriscan-hstatus sucuriscan-hstatus-1 sucuriscan-%%SUCURI.APIKey.RemoveVisibility%%">
30
+ <div class="sucuriscan-monospace">{{API Key:}} %%SUCURI.APIKey%%</div>
31
  <form action="%%SUCURI.URL.Settings%%#general" method="post">
32
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
33
+ <button type="submit" name="sucuriscan_remove_api_key" class="button button-primary">{{Delete}}</button>
34
  </form>
35
  </div>
36
  </div>
inc/tpl/settings-general-datastorage.html.tpl CHANGED
@@ -1,9 +1,9 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Data Storage</h3>
4
 
5
  <div class="inside">
6
- <p>This is the directory where the plugin will store the security logs, the list of files marked as fixed in the core integrity tool, the cache for the malware scanner and 3rd-party plugin metadata. The plugin requires write permissions in this directory as well as the files contained in it. If you prefer to keep these files in a non-public directory <em>(one level up the document root)</em> please define a constant in the <em>"wp-config.php"</em> file named <em>"SUCURI_DATA_STORAGE"</em> with the absolute path to the new directory.</p>
7
  </div>
8
 
9
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2">
@@ -18,13 +18,13 @@
18
  <thead>
19
  <tr>
20
  <td id="cb" class="manage-column column-cb check-column">
21
- <label class="screen-reader-text" for="cb-select-all-1">Select All</label>
22
  <input id="cb-select-all-1" type="checkbox">
23
  </td>
24
- <th class="manage-column">File Path</th>
25
- <th class="manage-column">File Size</th>
26
- <th class="manage-column">Status</th>
27
- <th class="manage-column">Writable</th>
28
  </tr>
29
  </thead>
30
 
@@ -34,7 +34,7 @@
34
  </table>
35
 
36
  <p>
37
- <button type="submit" class="button button-primary">Delete</button>
38
  </p>
39
  </form>
40
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Data Storage}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{This is the directory where the plugin will store the security logs, the list of files marked as fixed in the core integrity tool, the cache for the malware scanner and 3rd-party plugin metadata. The plugin requires write permissions in this directory as well as the files contained in it. If you prefer to keep these files in a non-public directory <em>(one level up the document root)</em> please define a constant in the <em>"wp-config.php"</em> file named <em>"SUCURI_DATA_STORAGE"</em> with the absolute path to the new directory.}}</p>
7
  </div>
8
 
9
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2">
18
  <thead>
19
  <tr>
20
  <td id="cb" class="manage-column column-cb check-column">
21
+ <label class="screen-reader-text" for="cb-select-all-1">{{Select All}}</label>
22
  <input id="cb-select-all-1" type="checkbox">
23
  </td>
24
+ <th class="manage-column">{{File Path}}</th>
25
+ <th class="manage-column">{{File Size}}</th>
26
+ <th class="manage-column">{{Status}}</th>
27
+ <th class="manage-column">{{Writable}}</th>
28
  </tr>
29
  </thead>
30
 
34
  </table>
35
 
36
  <p>
37
+ <button type="submit" class="button button-primary">{{Delete}}</button>
38
  </p>
39
  </form>
40
  </div>
inc/tpl/settings-general-importexport.html.tpl CHANGED
@@ -1,12 +1,12 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Import &amp; Export Settings</h3>
4
 
5
  <div class="inside">
6
  <form action="%%SUCURI.URL.Settings%%" method="post">
7
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
8
 
9
- <p>Copy the JSON-encoded data from the box below, go to your other websites and click the <em>"Import"</em> button in the settings page. The plugin will start using the same settings from this website. Notice that some options are omitted as they contain values specific to this website. To import the settings from another website into this one, replace the JSON-encoded data in the box below with the JSON-encoded data exported from the other website, then click the button <em>"Import"</em>. Notice that some options will not be imported to reduce the security risk of writing arbitrary data into the disk.</p>
10
 
11
  <textarea name="sucuriscan_settings" class="sucuriscan-full-textarea sucuriscan-monospace">%%SUCURI.Export%%</textarea>
12
 
@@ -14,11 +14,11 @@
14
  <label>
15
  <input type="hidden" name="sucuriscan_process_form" value="0" />
16
  <input type="checkbox" name="sucuriscan_process_form" value="1" />
17
- <span>I understand that this operation can not be reverted.</span>
18
  </label>
19
  </p>
20
 
21
- <button type="submit" name="sucuriscan_import" class="button button-primary">Submit</button>
22
  </form>
23
  </div>
24
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Import &amp; Export Settings}}</h3>
4
 
5
  <div class="inside">
6
  <form action="%%SUCURI.URL.Settings%%" method="post">
7
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
8
 
9
+ <p>{{Copy the JSON-encoded data from the box below, go to your other websites and click the <em>"Import"</em> button in the settings page. The plugin will start using the same settings from this website. Notice that some options are omitted as they contain values specific to this website. To import the settings from another website into this one, replace the JSON-encoded data in the box below with the JSON-encoded data exported from the other website, then click the button <em>"Import"</em>. Notice that some options will not be imported to reduce the security risk of writing arbitrary data into the disk.}}</p>
10
 
11
  <textarea name="sucuriscan_settings" class="sucuriscan-full-textarea sucuriscan-monospace">%%SUCURI.Export%%</textarea>
12
 
14
  <label>
15
  <input type="hidden" name="sucuriscan_process_form" value="0" />
16
  <input type="checkbox" name="sucuriscan_process_form" value="1" />
17
+ <span>{{I understand that this operation cannot be reverted.}}</span>
18
  </label>
19
  </p>
20
 
21
+ <button type="submit" name="sucuriscan_import" class="button button-primary">{{Submit}}</button>
22
  </form>
23
  </div>
24
  </div>
inc/tpl/settings-general-ipdiscoverer.html.tpl CHANGED
@@ -1,12 +1,12 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">IP Address Discoverer</h3>
4
 
5
  <div class="inside">
6
- <p>IP address discoverer will use DNS lookups to automatically detect if the website is behind the <a href="https://sucuri.net/website-firewall/" target="_blank" rel="noopener">Sucuri Firewall</a> in which case will modify the global server variable <em>Remote-Addr</em> to set the real IP of the website's visitors. This check runs on every WordPress init action and that is why it may slow down your website as some hosting providers rely on slow DNS servers which makes the operation take more time than it should.</p>
7
 
8
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2">
9
- <span>IP Address Discoverer &mdash; %%SUCURI.DnsLookupsStatus%%</span>
10
 
11
  <form action="%%SUCURI.URL.Settings%%" method="post">
12
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
@@ -19,20 +19,20 @@
19
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
20
 
21
  <fieldset class="sucuriscan-clearfix">
22
- <label>HTTP Header:</label>
23
  <select name="sucuriscan_addr_header">
24
  %%%SUCURI.AddrHeaderOptions%%%
25
  </select>
26
- <button type="submit" class="button button-primary">Proceed</button>
27
  </fieldset>
28
 
29
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2 sucuriscan-monospace">
30
- <div>Sucuri Firewall &mdash; %%SUCURI.IsUsingFirewall%%</div>
31
- <div>Website: %%SUCURI.WebsiteURL%%</div>
32
- <div>Top Level Domain: %%SUCURI.TopLevelDomain%%</div>
33
- <div>Hostname: %%SUCURI.WebsiteHostName%%</div>
34
- <div>IP Address (Hostname): %%SUCURI.WebsiteHostAddress%%</div>
35
- <div>IP Address (Username): %%SUCURI.RemoteAddress%% (%%SUCURI.RemoteAddressHeader%%)</div>
36
  </div>
37
  </form>
38
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{IP Address Discoverer}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{IP address discoverer will use DNS lookups to automatically detect if the website is behind the <a href="https://sucuri.net/website-firewall/" target="_blank" rel="noopener">Sucuri Firewall</a>, in which case it will modify the global server variable <em>Remote-Addr</em> to set the real IP of the websites visitors. This check runs on every WordPress init action and that is why it may slow down your website as some hosting providers rely on slow DNS servers which makes the operation take more time than it should.}}</p>
7
 
8
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2">
9
+ <span>{{IP Address Discoverer}} &mdash; %%SUCURI.DnsLookupsStatus%%</span>
10
 
11
  <form action="%%SUCURI.URL.Settings%%" method="post">
12
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
19
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
20
 
21
  <fieldset class="sucuriscan-clearfix">
22
+ <label>{{HTTP Header:}}</label>
23
  <select name="sucuriscan_addr_header">
24
  %%%SUCURI.AddrHeaderOptions%%%
25
  </select>
26
+ <button type="submit" class="button button-primary">{{Proceed}}</button>
27
  </fieldset>
28
 
29
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2 sucuriscan-monospace">
30
+ <div>{{Sucuri Firewall}} &mdash; %%SUCURI.IsUsingFirewall%%</div>
31
+ <div>{{Website:}} %%SUCURI.WebsiteURL%%</div>
32
+ <div>{{Top Level Domain:}} %%SUCURI.TopLevelDomain%%</div>
33
+ <div>{{Hostname:}} %%SUCURI.WebsiteHostName%%</div>
34
+ <div>{{IP Address (Hostname):}} %%SUCURI.WebsiteHostAddress%%</div>
35
+ <div>{{IP Address (Username):}} %%SUCURI.RemoteAddress%% (%%SUCURI.RemoteAddressHeader%%)</div>
36
  </div>
37
  </form>
38
  </div>
inc/tpl/settings-general-resetoptions.html.tpl CHANGED
@@ -1,9 +1,9 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Reset Security Logs, Hardening and Settings</h3>
4
 
5
  <div class="inside">
6
- <p>This action will trigger the deactivation / uninstallation process of the plugin. All local security logs, hardening and settings will be deleted. Notice that the security logs stored in the API service will not be deleted, this is to prevent tampering from a malicious user. You can request a new API key if you want to start from scratch.</p>
7
 
8
  <form action="%%SUCURI.URL.Settings%%" method="post">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
@@ -11,10 +11,10 @@
11
  <label>
12
  <input type="hidden" name="sucuriscan_process_form" value="0" />
13
  <input type="checkbox" name="sucuriscan_process_form" value="1" />
14
- <span>I understand that this operation can not be reverted.</span>
15
  </label>
16
  </p>
17
- <button type="submit" name="sucuriscan_reset_options" class="button button-primary">Submit</button>
18
  </form>
19
  </div>
20
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Reset Security Logs, Hardening and Settings}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{This action will trigger the deactivation / uninstallation process of the plugin. All local security logs, hardening and settings will be deleted. Notice that the security logs stored in the API service will not be deleted, this is to prevent tampering from a malicious user. You can request a new API key if you want to start from scratch.}}</p>
7
 
8
  <form action="%%SUCURI.URL.Settings%%" method="post">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
11
  <label>
12
  <input type="hidden" name="sucuriscan_process_form" value="0" />
13
  <input type="checkbox" name="sucuriscan_process_form" value="1" />
14
+ <span>{{I understand that this operation cannot be reverted.}}</span>
15
  </label>
16
  </p>
17
+ <button type="submit" name="sucuriscan_reset_options" class="button button-primary">{{Submit}}</button>
18
  </form>
19
  </div>
20
  </div>
inc/tpl/settings-general-reverseproxy.html.tpl CHANGED
@@ -1,12 +1,12 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Reverse Proxy</h3>
4
 
5
  <div class="inside">
6
- <p>The event monitor uses the API address of the origin of the request to track the actions, the plugin uses two methods to retrieve this: the main method uses the global server variable <em>Remote-Addr</em> available in most modern web servers, an alternative method uses custom HTTP headers <em>(which are unsafe by default)</em>. You should not worry about this option unless you know what a reverse proxy is. Services like the <a href="https://sucuri.net/website-firewall/" target="_blank" rel="noopener">Sucuri Firewall</a> &mdash; once active &mdash; forces the network traffic to pass through them to filter any security threat that may affect the original server. A side effect of this is that the real IP address is no longer available in the global server variable <em>REMOTE-ADDR</em> but in a custom HTTP header with a name provided by the service.</p>
7
 
8
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2">
9
- <span>Reverse Proxy &mdash; %%SUCURI.ReverseProxyStatus%%</span>
10
 
11
  <form action="%%SUCURI.URL.Settings%%" method="post">
12
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Reverse Proxy}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{The event monitor uses the API address of the origin of the request to track the actions. The plugin uses two methods to retrieve this: the main method uses the global server variable <em>Remote-Addr</em> available in most modern web servers, and an alternative method uses custom HTTP headers <em>(which are unsafe by default)</em>. You should not worry about this option unless you know what a reverse proxy is. Services like the <a href="https://sucuri.net/website-firewall/" target="_blank" rel="noopener">Sucuri Firewall</a> &mdash; once active &mdash; force the network traffic to pass through them to filter any security threat that may affect the original server. A side effect of this is that the real IP address is no longer available in the global server variable <em>Remote-Addr</em> but in a custom HTTP header with a name provided by the service.}}</p>
7
 
8
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2">
9
+ <span>{{Reverse Proxy}} &mdash; %%SUCURI.ReverseProxyStatus%%</span>
10
 
11
  <form action="%%SUCURI.URL.Settings%%" method="post">
12
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
inc/tpl/settings-general-selfhosting.html.tpl CHANGED
@@ -1,12 +1,12 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Log Exporter</h3>
4
 
5
  <div class="inside">
6
- <p>This option allows you to export the WordPress audit logs to a local log file that can be read by a SIEM or any log analysis software <em>(we recommend OSSEC)</em>. That will give visibility from within WordPress to complement your log monitoring infrastructure. <b>NOTE:</b> Do not use a publicly accessible file, you must use a file at least one level up the document root to prevent leaks of information.</p>
7
 
8
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2 sucuriscan-%%SUCURI.SelfHosting.DisabledVisibility%%">
9
- <span>Log Exporter &mdash; %%SUCURI.SelfHosting.Status%%</span>
10
  </div>
11
 
12
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2 sucuriscan-monitor-fpath sucuriscan-%%SUCURI.SelfHosting.FpathVisibility%%">
@@ -21,9 +21,9 @@
21
  <form action="%%SUCURI.URL.Settings%%#general" method="post">
22
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
23
  <fieldset class="sucuriscan-clearfix">
24
- <label>File Path:</label>
25
  <input type="text" name="sucuriscan_selfhosting_fpath" />
26
- <button type="submit" class="button button-primary">Submit</button>
27
  </fieldset>
28
  </form>
29
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Log Exporter}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{This option allows you to export the WordPress audit logs to a local log file that can be read by a SIEM or any log analysis software <em>(we recommend OSSEC)</em>. That will give visibility from within WordPress to complement your log monitoring infrastructure. <b>NOTE:</b> Do not use a publicly accessible file, you must use a file at least one level up the document root to prevent leaks of information.}}</p>
7
 
8
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2 sucuriscan-%%SUCURI.SelfHosting.DisabledVisibility%%">
9
+ <span>{{Log Exporter}} &mdash; %%SUCURI.SelfHosting.Status%%</span>
10
  </div>
11
 
12
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2 sucuriscan-monitor-fpath sucuriscan-%%SUCURI.SelfHosting.FpathVisibility%%">
21
  <form action="%%SUCURI.URL.Settings%%#general" method="post">
22
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
23
  <fieldset class="sucuriscan-clearfix">
24
+ <label>{{File Path:}}</label>
25
  <input type="text" name="sucuriscan_selfhosting_fpath" />
26
+ <button type="submit" class="button button-primary">{{Submit}}</button>
27
  </fieldset>
28
  </form>
29
  </div>
inc/tpl/settings-general-timezone.html.tpl CHANGED
@@ -1,18 +1,18 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Timezone</h3>
4
 
5
  <div class="inside">
6
- <p>This option defines the timezone that will be used through out the entire plugin to print the dates and times whenever is necessary. This option also affects the date and time of the logs visible in the audit logs panel which is data that comes from a remote server configured to use Eastern Daylight Time (EDT). WordPress offers an option in the general settings page to allow you to configure the timezone for the entire website, however, if you are experiencing problems with the time in the audit logs, this option will help you fix them.</p>
7
 
8
  <form action="%%SUCURI.URL.Settings%%" method="post">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10
  <fieldset class="sucuriscan-clearfix">
11
- <label>Timezone:</label>
12
  <select name="sucuriscan_timezone">
13
  %%%SUCURI.Timezone.Dropdown%%%
14
  </select>
15
- <button type="submit" class="button button-primary">Submit</button>
16
  <span><em>(%%SUCURI.Timezone.Example%%)</em></span>
17
  </fieldset>
18
  </form>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Timezone}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{This option defines the timezone that will be used through out the entire plugin to print the dates and times whenever is necessary. This option also affects the date and time of the logs visible in the audit logs panel which is data that comes from a remote server configured to use Eastern Daylight Time (EDT). WordPress offers an option in the general settings page to allow you to configure the timezone for the entire website, however, if you are experiencing problems with the time in the audit logs, this option will help you fix them.}}</p>
7
 
8
  <form action="%%SUCURI.URL.Settings%%" method="post">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10
  <fieldset class="sucuriscan-clearfix">
11
+ <label>{{Timezone:}}</label>
12
  <select name="sucuriscan_timezone">
13
  %%%SUCURI.Timezone.Dropdown%%%
14
  </select>
15
+ <button type="submit" class="button button-primary">{{Submit}}</button>
16
  <span><em>(%%SUCURI.Timezone.Example%%)</em></span>
17
  </fieldset>
18
  </form>
inc/tpl/settings-hardening-whitelist-phpfiles.html.tpl CHANGED
@@ -1,21 +1,19 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Whitelist Blocked PHP Files</h3>
4
 
5
  <div class="inside">
6
- <p>After you apply the hardening in either the includes, content, and/or upload directories the plugin will add a rule in the access control file to deny access to any PHP file located in these folders, this is a good precaution in case that an attacker is able to upload a shell script; with a few exceptions the <em>"index.php"</em> is the only one that should be publicly accessible, however many theme/plugin developers decide to use these folders to process some operations, in this case applying the hardening <strong>may break</strong> their functionality.</p>
7
 
8
  <form action="%%SUCURI.URL.Settings%%#hardening" method="post">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10
  <fieldset class="sucuriscan-clearfix">
11
- <label>File Path:</label>
12
  <input type="text" name="sucuriscan_hardening_whitelist" placeholder="e.g. wp-tinymce.php" />
13
  <select name="sucuriscan_hardening_folder">
14
- <option value="wp-includes">wp-includes</option>
15
- <option value="wp-content">wp-content</option>
16
- <option value="wp-content/uploads">wp-content/uploads</option>
17
  </select>
18
- <button type="submit" class="button button-primary">Submit</button>
19
  </fieldset>
20
  </form>
21
 
@@ -27,12 +25,12 @@
27
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-hardening-whitelist-table">
28
  <thead>
29
  <td id="cb" class="manage-column column-cb check-column">
30
- <label class="screen-reader-text" for="cb-select-all-1">Select All</label>
31
  <input id="cb-select-all-1" type="checkbox">
32
  </td>
33
- <th class="manage-column">File Path</th>
34
- <th class="manage-column">Directory</th>
35
- <th class="manage-column">Pattern</th>
36
  </thead>
37
 
38
  <tbody>
@@ -40,13 +38,13 @@
40
 
41
  <tr class="sucuriscan-%%SUCURI.HardeningWhitelist.NoItemsVisibility%%">
42
  <td colspan="4">
43
- <em>no data available</em>
44
  </td>
45
  </tr>
46
  </tbody>
47
  </table>
48
 
49
- <button type="submit" class="button button-primary">Delete</button>
50
  </form>
51
  </div>
52
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Whitelist Blocked PHP Files}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{After you apply the hardening in either the includes, content, and/or uploads directories, the plugin will add a rule in the access control file to deny access to any PHP file located in these folders. This is a good precaution in case an attacker is able to upload a shell script. With a few exceptions the <em>"index.php"</em> file is the only one that should be publicly accessible, however many theme/plugin developers decide to use these folders to process some operations. In this case applying the hardening <strong>may break</strong> their functionality.}}</p>
7
 
8
  <form action="%%SUCURI.URL.Settings%%#hardening" method="post">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10
  <fieldset class="sucuriscan-clearfix">
11
+ <label>{{File Path:}}</label>
12
  <input type="text" name="sucuriscan_hardening_whitelist" placeholder="e.g. wp-tinymce.php" />
13
  <select name="sucuriscan_hardening_folder">
14
+ %%%SUCURI.HardeningWhitelist.AllowedFolders%%%
 
 
15
  </select>
16
+ <button type="submit" class="button button-primary">{{Submit}}</button>
17
  </fieldset>
18
  </form>
19
 
25
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-hardening-whitelist-table">
26
  <thead>
27
  <td id="cb" class="manage-column column-cb check-column">
28
+ <label class="screen-reader-text" for="cb-select-all-1">{{Select All}}</label>
29
  <input id="cb-select-all-1" type="checkbox">
30
  </td>
31
+ <th class="manage-column">{{File Path}}</th>
32
+ <th class="manage-column">{{Directory}}</th>
33
+ <th class="manage-column">{{Pattern}}</th>
34
  </thead>
35
 
36
  <tbody>
38
 
39
  <tr class="sucuriscan-%%SUCURI.HardeningWhitelist.NoItemsVisibility%%">
40
  <td colspan="4">
41
+ <em>{{no data available}}</em>
42
  </td>
43
  </tr>
44
  </tbody>
45
  </table>
46
 
47
+ <button type="submit" class="button button-primary">{{Delete}}</button>
48
  </form>
49
  </div>
50
  </div>
inc/tpl/settings-posthack-available-updates-alert.html.tpl CHANGED
@@ -1,13 +1,13 @@
1
 
2
- <p>WordPress has a big user base in the public Internet, this brings interest to malicious people to find vulnerabilities in the code, 3rd-party extensions, and themes that other companies develop. You should keep every piece of code installed in your website update to prevent attacks as soon as disclosed vulnerabilities are patched.</p>
3
 
4
  <table border="1" cellspacing="1" cellpadding="5">
5
  <thead>
6
  <tr>
7
- <th>Name</th>
8
- <th>Version</th>
9
- <th>Update</th>
10
- <th>Tested With</th>
11
  <th>&nbsp;</th>
12
  </tr>
13
  </thead>
1
 
2
+ <p>{{WordPress has a big user base in the public Internet, which brings interest to attackers to find vulnerabilities in the code, 3rd-party extensions, and themes that other companies develop. You should keep every piece of code installed in your website updated to prevent attacks as soon as disclosed vulnerabilities are patched.}}</p>
3
 
4
  <table border="1" cellspacing="1" cellpadding="5">
5
  <thead>
6
  <tr>
7
+ <th>{{Name}}</th>
8
+ <th>{{Version}}</th>
9
+ <th>{{Update}}</th>
10
+ <th>{{Tested With}}</th>
11
  <th>&nbsp;</th>
12
  </tr>
13
  </thead>
inc/tpl/settings-posthack-available-updates.html.tpl CHANGED
@@ -1,6 +1,6 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Available Plugin and Theme Updates</h3>
4
 
5
  <script type="text/javascript">
6
  /* global jQuery */
@@ -17,15 +17,15 @@
17
  </script>
18
 
19
  <div class="inside">
20
- <p>WordPress has a big user base in the public Internet, this brings interest to malicious people to find vulnerabilities in the code, 3rd-party extensions, and themes that other companies develop. You should keep every piece of code installed in your website update to prevent attacks as soon as disclosed vulnerabilities are patched.</p>
21
 
22
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-available-updates-table">
23
  <thead>
24
  <tr>
25
- <th class="manage-column">Name</th>
26
- <th class="manage-column">Version</th>
27
- <th class="manage-column">Update</th>
28
- <th class="manage-column">Tested With</th>
29
  <th class="manage-column">&nbsp;</th>
30
  </tr>
31
  </thead>
@@ -33,7 +33,7 @@
33
  <tbody>
34
  <tr>
35
  <td colspan="5">
36
- <span>Loading...</span>
37
  </td>
38
  </tr>
39
  </tbody>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Available Plugin and Theme Updates}}</h3>
4
 
5
  <script type="text/javascript">
6
  /* global jQuery */
17
  </script>
18
 
19
  <div class="inside">
20
+ <p>{{WordPress has a big user base in the public Internet, which brings interest to attackers to find vulnerabilities in the code, 3rd-party extensions, and themes that other companies develop. You should keep every piece of code installed in your website updated to prevent attacks as soon as disclosed vulnerabilities are patched.}}</p>
21
 
22
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-available-updates-table">
23
  <thead>
24
  <tr>
25
+ <th class="manage-column">{{Name}}</th>
26
+ <th class="manage-column">{{Version}}</th>
27
+ <th class="manage-column">{{Update}}</th>
28
+ <th class="manage-column">{{Tested With}}</th>
29
  <th class="manage-column">&nbsp;</th>
30
  </tr>
31
  </thead>
33
  <tbody>
34
  <tr>
35
  <td colspan="5">
36
+ <span>{{Loading...}}</span>
37
  </td>
38
  </tr>
39
  </tbody>
inc/tpl/settings-posthack-available-updates.snippet.tpl CHANGED
@@ -12,5 +12,5 @@
12
 
13
  <td>%%SUCURI.Update.TestedWith%%</td>
14
 
15
- <td><a href="%%SUCURI.Update.ArchiveUrl%%" target="_blank" rel="noopener">Download</a></td>
16
  </tr>
12
 
13
  <td>%%SUCURI.Update.TestedWith%%</td>
14
 
15
+ <td><a href="%%SUCURI.Update.ArchiveUrl%%" target="_blank" rel="noopener">{{Download}}</a></td>
16
  </tr>
inc/tpl/settings-posthack-reset-password-alert.html.tpl CHANGED
@@ -1,2 +1,2 @@
1
 
2
- WordPress has generated a new (random) password for your account <b>%%SUCURI.ResetPassword.UserName%%</b> at <a target="_blank" href="http://%%SUCURI.ResetPassword.Website%%" rel="noopener">%%SUCURI.ResetPassword.Website%%</a>. The change has been requested by one of the admins in this website for security reasons. Your new password is &mdash; <span style="font-family:Menlo, Monaco, monospace, serif;font-weight:700">%%%SUCURI.ResetPassword.Password%%%</span> &mdash; please change it as soon as possible.
1
 
2
+ {{WordPress has generated a new (random) password for your account <b>%%SUCURI.ResetPassword.UserName%%</b> at <a target="_blank" href="http://%%SUCURI.ResetPassword.Website%%" rel="noopener">%%SUCURI.ResetPassword.Website%%</a>. The change has been requested by one of the admins in this website for security reasons. Your new password is &mdash; <span style="font-family:Menlo, Monaco, monospace, serif;font-weight:700">%%%SUCURI.ResetPassword.Password%%%</span> &mdash; please change it as soon as possible.}}
inc/tpl/settings-posthack-reset-password.html.tpl CHANGED
@@ -1,6 +1,6 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Reset User Password</h3>
4
 
5
  <script type="text/javascript">
6
  /* global jQuery */
@@ -13,7 +13,7 @@
13
 
14
  $('#sucuriscan-userid-' + user_id)
15
  .find('.sucuriscan-response')
16
- .html('(Loading...)');
17
 
18
  $.post('%%SUCURI.AjaxURL.Dashboard%%', {
19
  action: 'sucuriscan_ajax',
@@ -31,19 +31,19 @@
31
  </script>
32
 
33
  <div class="inside">
34
- <p>You can generate a new random password for the user accounts that you select from the list. An email with the new password will be sent to the email address of each chosen users. If you choose to change the password of your own user, then your current session will expire immediately. You will need to log into the admin panel with the new password that will be sent to your email.</p>
35
 
36
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-reset-password-table">
37
  <thead>
38
  <tr>
39
  <td id="cb" class="manage-column column-cb check-column">
40
- <label class="screen-reader-text" for="cb-select-all-1">Select All</label>
41
  <input id="cb-select-all-1" type="checkbox">
42
  </td>
43
- <th class="manage-column">Username</th>
44
- <th class="manage-column">E-mail</th>
45
- <th class="manage-column">Registered</th>
46
- <th class="manage-column">Roles</th>
47
  </tr>
48
  </thead>
49
 
@@ -61,6 +61,6 @@
61
  </table>
62
 
63
  <button type="button" id="sucuriscan-reset-password-button"
64
- class="button button-primary">Submit</button>
65
  </div>
66
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Reset User Password}}</h3>
4
 
5
  <script type="text/javascript">
6
  /* global jQuery */
13
 
14
  $('#sucuriscan-userid-' + user_id)
15
  .find('.sucuriscan-response')
16
+ .html('({{Loading...}})');
17
 
18
  $.post('%%SUCURI.AjaxURL.Dashboard%%', {
19
  action: 'sucuriscan_ajax',
31
  </script>
32
 
33
  <div class="inside">
34
+ <p>{{You can generate a new random password for the user accounts that you select from the list. An email with the new password will be sent to the email address of each chosen user. If you choose to change the password of your own user, then your current session will expire immediately. You will need to log back into the admin panel with the new password that will be sent to your email.}}</p>
35
 
36
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-reset-password-table">
37
  <thead>
38
  <tr>
39
  <td id="cb" class="manage-column column-cb check-column">
40
+ <label class="screen-reader-text" for="cb-select-all-1">{{Select All}}</label>
41
  <input id="cb-select-all-1" type="checkbox">
42
  </td>
43
+ <th class="manage-column">{{Username}}</th>
44
+ <th class="manage-column">{{E-mail}}</th>
45
+ <th class="manage-column">{{Registered}}</th>
46
+ <th class="manage-column">{{Roles}}</th>
47
  </tr>
48
  </thead>
49
 
61
  </table>
62
 
63
  <button type="button" id="sucuriscan-reset-password-button"
64
+ class="button button-primary">{{Submit}}</button>
65
  </div>
66
  </div>
inc/tpl/settings-posthack-reset-plugins.html.tpl CHANGED
@@ -1,6 +1,6 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Reset Installed Plugins</h3>
4
 
5
  <script type="text/javascript">
6
  /* global jQuery */
@@ -22,7 +22,7 @@
22
 
23
  $('#sucuriscan-plugin-' + unique)
24
  .find('.sucuriscan-reset-plugin-response')
25
- .html('Loading...');
26
 
27
  $.post('%%SUCURI.AjaxURL.Dashboard%%', {
28
  action: 'sucuriscan_ajax',
@@ -40,39 +40,39 @@
40
  </script>
41
 
42
  <div class="inside">
43
- <p>In case that you suspect of an infection in your site, or even after you got rid of a malicious code, it would be better if you reinstall all the plugins installed in your site, including the ones you are not using. Notice that premium plugins will not be reinstalled to prevent backward compatibility issues and problems with licenses.</p>
44
 
45
  <div class="sucuriscan-inline-alert-info">
46
- <p>The information shown here is cache for %%SUCURI.ResetPlugin.CacheLifeTime%% seconds, this is necessary to reduce the quantity of HTTP requests sent to the WordPress servers and the bandwidth of your site. Currently there is no option to recreate this cache so you have to wait until it resets itself.</p>
47
  </div>
48
 
49
  <div class="sucuriscan-inline-alert-error">
50
- <p><b>WARNING!</b> This procedure can break your website. The reset will not affect the database nor the settings of each plugin but depending on how they were written the reset action might break them. Be sure to create a backup of the plugins directory before the execution of this tool.</p>
51
  </div>
52
 
53
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-reset-plugins-table">
54
  <thead>
55
  <tr>
56
  <td id="cb" class="manage-column column-cb check-column">
57
- <label class="screen-reader-text" for="cb-select-all-1">Select All</label>
58
  <input id="cb-select-all-1" type="checkbox">
59
  </td>
60
- <th class="manage-column">Name</th>
61
- <th class="manage-column">Version</th>
62
- <th class="manage-column">Type</th>
63
- <th class="manage-column">Status</th>
64
  </tr>
65
  </thead>
66
 
67
  <tbody>
68
  <tr>
69
  <td colspan="5">
70
- <span>Loading...</span>
71
  </td>
72
  </tr>
73
  </tbody>
74
  </table>
75
 
76
- <button type="button" id="sucuriscan_reset_plugins" class="button button-primary">Submit</button>
77
  </div>
78
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Reset Installed Plugins}}</h3>
4
 
5
  <script type="text/javascript">
6
  /* global jQuery */
22
 
23
  $('#sucuriscan-plugin-' + unique)
24
  .find('.sucuriscan-reset-plugin-response')
25
+ .html('{{Loading...}}');
26
 
27
  $.post('%%SUCURI.AjaxURL.Dashboard%%', {
28
  action: 'sucuriscan_ajax',
40
  </script>
41
 
42
  <div class="inside">
43
+ <p>{{In case you suspect having an infection in your site, or after you got rid of a malicious code, it’s recommended to reinstall all the plugins installed in your site, including the ones you are not using. Notice that premium plugins will not be automatically reinstalled to prevent backward compatibility issues and problems with licenses.}}</p>
44
 
45
  <div class="sucuriscan-inline-alert-info">
46
+ <p>{{The information shown here is cached for %%SUCURI.ResetPlugin.CacheLifeTime%% seconds. This is necessary to reduce the quantity of HTTP requests sent to the WordPress servers and the bandwidth of your site. Currently there is no option to recreate this cache.}}</p>
47
  </div>
48
 
49
  <div class="sucuriscan-inline-alert-error">
50
+ <p>{{<b>WARNING!</b> This procedure can break your website. The reset will not affect the database nor the settings of each plugin, but depending on how they were written the reset action might break them. Be sure to create a backup of the plugins directory before the execution of this tool.}}</p>
51
  </div>
52
 
53
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-reset-plugins-table">
54
  <thead>
55
  <tr>
56
  <td id="cb" class="manage-column column-cb check-column">
57
+ <label class="screen-reader-text" for="cb-select-all-1">{{Select All}}</label>
58
  <input id="cb-select-all-1" type="checkbox">
59
  </td>
60
+ <th class="manage-column">{{Name}}</th>
61
+ <th class="manage-column">{{Version}}</th>
62
+ <th class="manage-column">{{Type}}</th>
63
+ <th class="manage-column">{{Status}}</th>
64
  </tr>
65
  </thead>
66
 
67
  <tbody>
68
  <tr>
69
  <td colspan="5">
70
+ <span>{{Loading...}}</span>
71
  </td>
72
  </tr>
73
  </tbody>
74
  </table>
75
 
76
+ <button type="button" id="sucuriscan_reset_plugins" class="button button-primary">{{Submit}}</button>
77
  </div>
78
  </div>
inc/tpl/settings-posthack-security-keys.html.tpl CHANGED
@@ -1,12 +1,12 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Update Secret Keys</h3>
4
 
5
  <div class="inside">
6
- <p>The secret or security keys are a list of constants added to your site to ensure better encryption of information stored in the user's cookies. A secret key makes your site harder to hack and access by adding random elements to the password. You do not have to remember the keys, just write a random, complicated, and long string in the <code>wp-config.php</code> file. You can change these keys at any point in time to invalidate all existing cookies, forcing all users to login again.</p>
7
 
8
  <div class="sucuriscan-inline-alert-error">
9
- <p>Your current session will expire once the form is submitted.</p>
10
  </div>
11
 
12
  <div class="sucuriscan_wpconfig_keys_updated sucuriscan-monospace sucuriscan-%%SUCURI.WPConfigUpdate.Visibility%%">
@@ -16,9 +16,9 @@
16
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-security-keys-table">
17
  <thead>
18
  <tr>
19
- <th>Status</th>
20
- <th>Name</th>
21
- <th>Value</th>
22
  </tr>
23
  </thead>
24
 
@@ -35,11 +35,11 @@
35
  <label>
36
  <input type="hidden" name="sucuriscan_process_form" value="0" />
37
  <input type="checkbox" name="sucuriscan_process_form" value="1" />
38
- <span>I understand that this operation can not be reverted.</span>
39
  </label>
40
  </p>
41
 
42
- <input type="submit" value="Generate New Security Keys" class="button button-primary" />
43
  </form>
44
  </div>
45
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Update Secret Keys}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{The secret or security keys are a list of constants added to your site to ensure better encryption of information stored in the users cookies. A secret key makes your site harder to hack by adding random elements to the password. You do not have to remember the keys, just write a random, complicated, and long string in the <code>wp-config.php</code> file. You can change these keys at any point in time. Changing them will invalidate all existing cookies, forcing all logged in users to login again.}}</p>
7
 
8
  <div class="sucuriscan-inline-alert-error">
9
+ <p>{{Your current session will expire once the form is submitted.}}</p>
10
  </div>
11
 
12
  <div class="sucuriscan_wpconfig_keys_updated sucuriscan-monospace sucuriscan-%%SUCURI.WPConfigUpdate.Visibility%%">
16
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-security-keys-table">
17
  <thead>
18
  <tr>
19
+ <th>{{Status}}</th>
20
+ <th>{{Name}}</th>
21
+ <th>{{Value}}</th>
22
  </tr>
23
  </thead>
24
 
35
  <label>
36
  <input type="hidden" name="sucuriscan_process_form" value="0" />
37
  <input type="checkbox" name="sucuriscan_process_form" value="1" />
38
+ <span>{{I understand that this operation cannot be reverted.}}</span>
39
  </label>
40
  </p>
41
 
42
+ <input type="submit" value="{{Generate New Security Keys}}" class="button button-primary" />
43
  </form>
44
  </div>
45
  </div>
inc/tpl/settings-scanner-cronjobs.html.tpl CHANGED
@@ -1,15 +1,29 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Scheduled Tasks</h3>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
4
 
5
  <div class="inside">
6
- <p>The plugin scans your entire website looking for changes which are later reported via the API in the audit logs page. This scanner runs daily but you can change the frequency to meet your own requirements. Notice that scanning your project files too frequently will affect the performance of your website. Be sure to have enough server resources before changing this option. The memory limit and maximum execution time are two of the PHP options that your server will set to stop your website from consuming too much resources.</p>
7
 
8
  <div class="sucuriscan-inline-alert-error sucuriscan-%%SUCURI.NoSPL.Visibility%%">
9
- <p>The scanner uses the <a href="http://php.net/manual/en/class.splfileobject.php" target="_blank" rel="noopener">PHP SPL library</a> and the <a target="_blank" href="http://php.net/manual/en/class.filesystemiterator.php" rel="noopener">Filesystem Iterator</a> class to scan the directory tree where your website is located in the server. This library is only available on PHP 5 >= 5.3.0 &mdash; OR &mdash; PHP 7; if you have an older version of PHP the plugin will not work as expected. Please ask your hosting provider to advice you on this matter.</p>
10
  </div>
11
 
12
- <p>Scheduled tasks are rules registered in your database by a plugin, theme, or the base system itself; they are used to automatically execute actions defined in the code every certain amount of time. A good use of these rules is to generate backup files of your site, execute a security scanner, or remove unused elements like drafts. <b>Note:</b> Scheduled tasks can be re-installed by any plugin/theme automatically, consider to deactivate the plugin entirely if you want to get rid of the scheduled tasks.</p>
13
 
14
  <form action="%%SUCURI.URL.Settings%%#scanner" method="post">
15
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
@@ -18,27 +32,31 @@
18
  <thead>
19
  <tr>
20
  <td id="cb" class="manage-column column-cb check-column">
21
- <label class="screen-reader-text" for="cb-select-all-1">Select All</label>
22
  <input id="cb-select-all-1" type="checkbox">
23
  </td>
24
- <th>Name</th>
25
- <th>Schedule</th>
26
- <th>Next Due</th>
27
- <th>Arguments</th>
28
  </tr>
29
  </thead>
30
 
31
  <tbody>
32
- %%%SUCURI.Cronjobs.List%%%
 
 
 
 
33
  </tbody>
34
  </table>
35
 
36
  <fieldset class="sucuriscan-clearfix">
37
- <label>Action:</label>
38
  <select name="sucuriscan_cronjob_action">
39
  %%%SUCURI.Cronjob.Schedules%%%
40
  </select>
41
- <button type="submit" class="button button-primary">Submit</button>
42
  </fieldset>
43
  </form>
44
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Scheduled Tasks}}</h3>
4
+
5
+ <script type="text/javascript">
6
+ /* global jQuery */
7
+ /* jshint camelcase: false */
8
+ jQuery(document).ready(function ($) {
9
+ $.post('%%SUCURI.AjaxURL.Dashboard%%', {
10
+ action: 'sucuriscan_ajax',
11
+ sucuriscan_page_nonce: '%%SUCURI.PageNonce%%',
12
+ form_action: 'get_cronjobs',
13
+ }, function (data) {
14
+ $('.sucuriscan-wpcron-list tbody').html(data);
15
+ });
16
+ });
17
+ </script>
18
 
19
  <div class="inside">
20
+ <p>{{The plugin scans your entire website looking for changes which are later reported via the API in the audit logs page. By default the scanner runs daily but you can change the frequency to meet your requirements. Notice that scanning your project files too frequently may affect the performance of your website. Be sure to have enough server resources before changing this option. The memory limit and maximum execution time are two of the PHP options that your server will set to stop your website from consuming too much resources.}}</p>
21
 
22
  <div class="sucuriscan-inline-alert-error sucuriscan-%%SUCURI.NoSPL.Visibility%%">
23
+ <p>{{The scanner uses the <a href="http://php.net/manual/en/class.splfileobject.php" target="_blank" rel="noopener">PHP SPL library</a> and the <a target="_blank" href="http://php.net/manual/en/class.filesystemiterator.php" rel="noopener">Filesystem Iterator</a> class to scan the directory tree where your website is located in the server. This library is only available on PHP 5 >= 5.3.0 &mdash; OR &mdash; PHP 7; if you have an older version of PHP the plugin will not work as expected. Please ask your hosting provider to advise you on this matter.}}</p>
24
  </div>
25
 
26
+ <p>{{Scheduled tasks are rules registered in your database by a plugin, theme, or the base system itself; they are used to automatically execute actions defined in the code every certain amount of time. A good use of these rules is to generate backup files of your site, execute a security scanner, or remove unused elements like drafts. <b>Note:</b> Scheduled tasks can be re-installed by any plugin/theme automatically.}}</p>
27
 
28
  <form action="%%SUCURI.URL.Settings%%#scanner" method="post">
29
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
32
  <thead>
33
  <tr>
34
  <td id="cb" class="manage-column column-cb check-column">
35
+ <label class="screen-reader-text" for="cb-select-all-1">{{Select All}}</label>
36
  <input id="cb-select-all-1" type="checkbox">
37
  </td>
38
+ <th>{{Name}}</th>
39
+ <th>{{Schedule}}</th>
40
+ <th>{{Next Due}}</th>
41
+ <th>{{Arguments}}</th>
42
  </tr>
43
  </thead>
44
 
45
  <tbody>
46
+ <tr>
47
+ <td colspan="5">
48
+ <span>{{Loading...}}</span>
49
+ </td>
50
+ </tr>
51
  </tbody>
52
  </table>
53
 
54
  <fieldset class="sucuriscan-clearfix">
55
+ <label>{{Action:}}</label>
56
  <select name="sucuriscan_cronjob_action">
57
  %%%SUCURI.Cronjob.Schedules%%%
58
  </select>
59
+ <button type="submit" class="button button-primary">{{Submit}}</button>
60
  </fieldset>
61
  </form>
62
  </div>
inc/tpl/settings-scanner-ignore-folders.html.tpl CHANGED
@@ -1,17 +1,17 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Ignore Files And Folders During The Scans</h3>
4
 
5
  <div class="inside">
6
- <p>Use this tool to select the files and/or folders that are too heavy for the scanner to process. These are usually folders with images, media files like videos and audios, backups and &mdash; in general &mdash; anything that is not code-related. Ignoring these files or folders will reduce the memory consumption of the PHP script.</p>
7
 
8
  <form action="%%SUCURI.URL.Settings%%#scanner" method="post">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10
 
11
  <fieldset class="sucuriscan-clearfix">
12
- <label>Ignore a file or directory:</label>
13
- <input type="text" name="sucuriscan_ignorefolder" placeholder="e.g. /private/directory/" />
14
- <button type="submit" class="button button-primary">Submit</button>
15
  </fieldset>
16
  </form>
17
 
@@ -23,11 +23,11 @@
23
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-ignorescanning">
24
  <thead>
25
  <td id="cb" class="manage-column column-cb check-column">
26
- <label class="screen-reader-text" for="cb-select-all-1">Select All</label>
27
  <input id="cb-select-all-1" type="checkbox">
28
  </td>
29
- <th class="manage-column">File Path</th>
30
- <th class="manage-column">Status</th>
31
  </thead>
32
 
33
  <tbody>
@@ -35,7 +35,7 @@
35
  </tbody>
36
  </table>
37
 
38
- <button type="submit" class="button button-primary">Unignore Selected Directories</button>
39
  </form>
40
  </div>
41
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Ignore Files And Folders During The Scans}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{Use this tool to select the files and/or folders that are too heavy for the scanner to process. These are usually folders with images, media files like videos and audios, backups and &mdash; in general &mdash; anything that is not code-related. Ignoring these files or folders will reduce the memory consumption of the PHP script.}}</p>
7
 
8
  <form action="%%SUCURI.URL.Settings%%#scanner" method="post">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10
 
11
  <fieldset class="sucuriscan-clearfix">
12
+ <label>{{Ignore a file or directory:}}</label>
13
+ <input type="text" name="sucuriscan_ignorefolder" placeholder="{{e.g. /private/directory/}}" />
14
+ <button type="submit" class="button button-primary">{{Submit}}</button>
15
  </fieldset>
16
  </form>
17
 
23
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-ignorescanning">
24
  <thead>
25
  <td id="cb" class="manage-column column-cb check-column">
26
+ <label class="screen-reader-text" for="cb-select-all-1">{{Select All}}</label>
27
  <input id="cb-select-all-1" type="checkbox">
28
  </td>
29
+ <th class="manage-column">{{File Path}}</th>
30
+ <th class="manage-column">{{Status}}</th>
31
  </thead>
32
 
33
  <tbody>
35
  </tbody>
36
  </table>
37
 
38
+ <button type="submit" class="button button-primary">{{Unignore Selected Directories}}</button>
39
  </form>
40
  </div>
41
  </div>
inc/tpl/settings-scanner-integrity-cache.html.tpl CHANGED
@@ -1,9 +1,9 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">WordPress Integrity (False Positives)</h3>
4
 
5
  <div class="inside">
6
- <p>Since the scanner doesn't reads the files during the execution of the integrity check, it is possible to find false positives. Files listed here have been marked as false positives and will be ignored by the scanner in subsequent scans.</p>
7
 
8
  <form action="%%SUCURI.URL.Settings%%#scanner" method="post">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
@@ -13,12 +13,12 @@
13
  <thead>
14
  <tr>
15
  <td id="cb" class="manage-column column-cb check-column">
16
- <label class="screen-reader-text" for="cb-select-all-1">Select All</label>
17
  <input id="cb-select-all-1" type="checkbox">
18
  </td>
19
- <th>Reason</th>
20
- <th>Ignored At</th>
21
- <th>File Path</th>
22
  </tr>
23
  </thead>
24
 
@@ -27,14 +27,14 @@
27
 
28
  <tr class="sucuriscan-%%SUCURI.NoFilesVisibility%%">
29
  <td colspan="4">
30
- <em>no data available</em>
31
  </td>
32
  </tr>
33
  </tbody>
34
  </table>
35
 
36
  <p>
37
- <button type="submit" class="button button-primary">Stop Ignoring the Selected Files</button>
38
  </p>
39
  </form>
40
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{WordPress Integrity (False Positives)}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{Since the scanner doesnt read the files during the execution of the integrity check, it is possible to find false positives. Files listed here have been marked as false positives and will be ignored by the scanner in subsequent scans.}}</p>
7
 
8
  <form action="%%SUCURI.URL.Settings%%#scanner" method="post">
9
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
13
  <thead>
14
  <tr>
15
  <td id="cb" class="manage-column column-cb check-column">
16
+ <label class="screen-reader-text" for="cb-select-all-1">{{Select All}}</label>
17
  <input id="cb-select-all-1" type="checkbox">
18
  </td>
19
+ <th>{{Reason}}</th>
20
+ <th>{{Ignored At}}</th>
21
+ <th>{{File Path}}</th>
22
  </tr>
23
  </thead>
24
 
27
 
28
  <tr class="sucuriscan-%%SUCURI.NoFilesVisibility%%">
29
  <td colspan="4">
30
+ <em>{{no data available}}</em>
31
  </td>
32
  </tr>
33
  </tbody>
34
  </table>
35
 
36
  <p>
37
+ <button type="submit" class="button button-primary">{{Stop Ignoring the Selected Files}}</button>
38
  </p>
39
  </form>
40
  </div>
inc/tpl/settings-scanner-integrity-diff-utility.html.tpl CHANGED
@@ -1,12 +1,12 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">WordPress Integrity Diff Utility</h3>
4
 
5
  <div class="inside">
6
- <p>If your server allows the execution of system commands, you can configure the plugin to use the <a href="https://en.wikipedia.org/wiki/Diff_utility" target="_blank" rel="noopener">Unix Diff Utility</a> to compare the actual content of the file installed in the website and the original file provided by WordPress. This will show the differences between both files and then you can act upon the information provided.</p>
7
 
8
  <div class="sucuriscan-hstatus sucuriscan-hstatus-%%SUCURI.DiffUtility.StatusNum%%">
9
- <span>WordPress Integrity Diff Utility &mdash; %%SUCURI.DiffUtility.Status%%</span>
10
 
11
  <form action="%%SUCURI.URL.Settings%%#scanner" method="post">
12
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{WordPress Integrity Diff Utility}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{If your server allows the execution of system commands, you can configure the plugin to use the <a href="https://en.wikipedia.org/wiki/Diff_utility" target="_blank" rel="noopener">Unix Diff Utility</a> to compare the actual content of the file installed in the website and the original file provided by WordPress. This will show the differences between both files and then you can act upon the information provided.}}</p>
7
 
8
  <div class="sucuriscan-hstatus sucuriscan-hstatus-%%SUCURI.DiffUtility.StatusNum%%">
9
+ <span>{{WordPress Integrity Diff Utility}} &mdash; %%SUCURI.DiffUtility.Status%%</span>
10
 
11
  <form action="%%SUCURI.URL.Settings%%#scanner" method="post">
12
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
inc/tpl/settings-webinfo-details.html.tpl CHANGED
@@ -1,6 +1,6 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Environment Variables</h3>
4
 
5
  <div class="inside">
6
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-server-info">
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Environment Variables}}</h3>
4
 
5
  <div class="inside">
6
  <table class="wp-list-table widefat sucuriscan-table sucuriscan-server-info">
inc/tpl/settings-webinfo-htaccess.html.tpl CHANGED
@@ -1,26 +1,26 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Access File Integrity</h3>
4
 
5
  <div class="inside">
6
- <p>The <code>.htaccess</code> is a distributed configuration file, and is how the Apache web server handles configuration changes on a per-directory basis. WordPress uses this file to manipulate how Apache serves files from its root directory and subdirectories thereof; most notably, it modifies this file to be able to handle pretty permalinks.</p>
7
 
8
  <div class="sucuriscan-inline-alert-success sucuriscan-%%SUCURI.HTAccess.FoundVisible%%">
9
- <p>Htaccess file found in <code>%%SUCURI.HTAccess.Fpath%%</code></p>
10
  </div>
11
 
12
  <div class="sucuriscan-inline-alert-error sucuriscan-%%SUCURI.HTAccess.NotFoundVisible%%">
13
- <p>Your website has no <code>.htaccess</code> file or it was not found in the default location.</p>
14
  </div>
15
 
16
  <div class="sucuriscan-inline-alert-info sucuriscan-%%SUCURI.HTAccess.StandardVisible%%">
17
- <p>The main <code>.htaccess</code> file in your site has the standard rules for a WordPress installation. You can customize it to improve the performance and change the behaviour of the redirections for pages and posts in your site. To get more information visit the official documentation at <a target="_blank" rel="noopener" href="https://codex.wordpress.org/Using_Permalinks#Creating_and_editing_.28.htaccess.29"> Codex WordPress - Creating and editing (.htaccess)</a></p>
18
  </div>
19
 
20
  <textarea readonly class="sucuriscan-full-textarea sucuriscan-monospace %%SUCURI.HTAccess.TextareaVisible%%">%%SUCURI.HTAccess.Content%%</textarea>
21
 
22
  <p>
23
- <small>&mdash; <a href="https://codex.wordpress.org/htaccess" target="_blank" rel="noopener">Codex WordPress HTAccess</a></small>
24
  </p>
25
  </div>
26
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Access File Integrity}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{The <code>.htaccess</code> file is a distributed configuration file, and is how the Apache web server handles configuration changes on a per-directory basis. WordPress uses this file to manipulate how Apache serves files from its root directory and subdirectories thereof; most notably, it modifies this file to be able to handle pretty permalinks.}}</p>
7
 
8
  <div class="sucuriscan-inline-alert-success sucuriscan-%%SUCURI.HTAccess.FoundVisible%%">
9
+ <p>{{Htaccess file found in}} <code>%%SUCURI.HTAccess.Fpath%%</code></p>
10
  </div>
11
 
12
  <div class="sucuriscan-inline-alert-error sucuriscan-%%SUCURI.HTAccess.NotFoundVisible%%">
13
+ <p>{{Your website has no <code>.htaccess</code> file or it was not found in the default location.}}</p>
14
  </div>
15
 
16
  <div class="sucuriscan-inline-alert-info sucuriscan-%%SUCURI.HTAccess.StandardVisible%%">
17
+ <p>{{The main <code>.htaccess</code> file in your site has the standard rules for a WordPress installation. You can customize it to improve the performance and change the behaviour of the redirections for pages and posts in your site. To get more information visit the official documentation at <a target="_blank" rel="noopener" href="https://codex.wordpress.org/Using_Permalinks#Creating_and_editing_.28.htaccess.29"> Codex WordPress - Creating and editing (.htaccess)</a>}}</p>
18
  </div>
19
 
20
  <textarea readonly class="sucuriscan-full-textarea sucuriscan-monospace %%SUCURI.HTAccess.TextareaVisible%%">%%SUCURI.HTAccess.Content%%</textarea>
21
 
22
  <p>
23
+ <small>&mdash; <a href="https://codex.wordpress.org/htaccess" target="_blank" rel="noopener">{{Codex WordPress HTAccess}}</a></small>
24
  </p>
25
  </div>
26
  </div>
inc/tpl/settings.html.tpl CHANGED
@@ -1,13 +1,13 @@
1
 
2
  <div class="sucuriscan-tabs">
3
  <ul class="sucuriscan-clearfix sucuriscan-tabs-buttons">
4
- <li><a href="%%SUCURI.URL.Settings%%#general">General</a></li>
5
- <li><a href="%%SUCURI.URL.Settings%%#scanner">Scanner</a></li>
6
- <li><a href="%%SUCURI.URL.Settings%%#hardening">Hardening</a></li>
7
- <li><a href="%%SUCURI.URL.Settings%%#posthack">Post-Hack</a></li>
8
- <li><a href="%%SUCURI.URL.Settings%%#alerts">Alerts</a></li>
9
- <li><a href="%%SUCURI.URL.Settings%%#apiservice">API Service Communication</a></li>
10
- <li><a href="%%SUCURI.URL.Settings%%#webinfo">Website Info</a></li>
11
  </ul>
12
 
13
  <div class="sucuriscan-tabs-containers">
@@ -41,7 +41,7 @@
41
 
42
  <div id="sucuriscan-tabs-hardening">
43
  <div class="sucuriscan-panel">
44
- <h3 class="sucuriscan-title">Hardening Options</h3>
45
 
46
  <div class="inside">
47
  %%%SUCURI.Settings.Hardening.Firewall%%%
1
 
2
  <div class="sucuriscan-tabs">
3
  <ul class="sucuriscan-clearfix sucuriscan-tabs-buttons">
4
+ <li><a href="%%SUCURI.URL.Settings%%#general">{{General Settings}}</a></li>
5
+ <li><a href="%%SUCURI.URL.Settings%%#scanner">{{Scanner}}</a></li>
6
+ <li><a href="%%SUCURI.URL.Settings%%#hardening">{{Hardening}}</a></li>
7
+ <li><a href="%%SUCURI.URL.Settings%%#posthack">{{Post-Hack}}</a></li>
8
+ <li><a href="%%SUCURI.URL.Settings%%#alerts">{{Alerts}}</a></li>
9
+ <li><a href="%%SUCURI.URL.Settings%%#apiservice">{{API Service Communication}}</a></li>
10
+ <li><a href="%%SUCURI.URL.Settings%%#webinfo">{{Website Info}}</a></li>
11
  </ul>
12
 
13
  <div class="sucuriscan-tabs-containers">
41
 
42
  <div id="sucuriscan-tabs-hardening">
43
  <div class="sucuriscan-panel">
44
+ <h3 class="sucuriscan-title">{{Hardening Options}}</h3>
45
 
46
  <div class="inside">
47
  %%%SUCURI.Settings.Hardening.Firewall%%%
inc/tpl/sitecheck-details.html.tpl CHANGED
@@ -7,7 +7,7 @@
7
 
8
  <div class="sucuriscan-cache-expiration">
9
  <small>
10
- This information will be updated %%SUCURI.SiteCheck.Lifetime%%
11
- &mdash; <a href="%%SUCURI.URL.Dashboard%%&sucuriscan_sitecheck_refresh=true">Refresh Malware Scan</a>
12
  </small>
13
  </div>
7
 
8
  <div class="sucuriscan-cache-expiration">
9
  <small>
10
+ {{This information will be updated %%SUCURI.SiteCheck.Lifetime%%}}
11
+ &mdash; <a href="%%SUCURI.URL.Dashboard%%&sucuriscan_sitecheck_refresh=true">{{Refresh Malware Scan}}</a>
12
  </small>
13
  </div>
inc/tpl/sitecheck-malware.html.tpl CHANGED
@@ -5,11 +5,11 @@
5
  </h3>
6
 
7
  <ul class="sucuriscan-%%SUCURI.Malware.CleanVisibility%%">
8
- <li class="sucuriscan-sitecheck-list-INFO">No malicious JavaScript</li>
9
- <li class="sucuriscan-sitecheck-list-INFO">No malicious iFrames</li>
10
- <li class="sucuriscan-sitecheck-list-INFO">No suspicious redirections</li>
11
- <li class="sucuriscan-sitecheck-list-INFO">No blackhat SEO spam</li>
12
- <li class="sucuriscan-sitecheck-list-INFO">No anomaly detection</li>
13
  </ul>
14
 
15
  <ul class="sucuriscan-%%SUCURI.Malware.InfectedVisibility%%">
@@ -17,6 +17,6 @@
17
  </ul>
18
 
19
  <div class="sucuriscan-sitecheck-footnote">
20
- <p>If our free scanner did not detect any issue, you may have a more complicated and hidden problem. You can <a href="https://sucuri.net/website-security-platform/signup" target="_blank" rel="noopener">sign up with Sucuri</a> for a complete and in-depth scan + cleanup (not included in the free checks).</p>
21
  </div>
22
  </div>
5
  </h3>
6
 
7
  <ul class="sucuriscan-%%SUCURI.Malware.CleanVisibility%%">
8
+ <li class="sucuriscan-sitecheck-list-INFO">{{No malicious JavaScript}}</li>
9
+ <li class="sucuriscan-sitecheck-list-INFO">{{No malicious iFrames}}</li>
10
+ <li class="sucuriscan-sitecheck-list-INFO">{{No suspicious redirections}}</li>
11
+ <li class="sucuriscan-sitecheck-list-INFO">{{No blackhat SEO spam}}</li>
12
+ <li class="sucuriscan-sitecheck-list-INFO">{{No anomaly detection}}</li>
13
  </ul>
14
 
15
  <ul class="sucuriscan-%%SUCURI.Malware.InfectedVisibility%%">
17
  </ul>
18
 
19
  <div class="sucuriscan-sitecheck-footnote">
20
+ <p>{{Some types of problems cannot be detected by this scanner. If this scanner did not detect any issue and you still suspect a problem exists, you can <a href="https://sucuri.net/website-security-platform/signup" target="_blank" rel="noopener">sign up with Sucuri</a> for a complete and in-depth scan + cleanup (not included in the free checks).}}</p>
21
  </div>
22
  </div>
inc/tpl/sitecheck-malware.snippet.tpl CHANGED
@@ -4,5 +4,5 @@
4
 
5
  <p>%%SUCURI.Malware.AlertMessage%% <a href="%%SUCURI.Malware.InfectedURL%%" target="_blank" rel="noopener">%%SUCURI.Malware.InfectedURL%%</a></p>
6
 
7
- <p><em class="sucuriscan-tooltip" content="%%SUCURI.Malware.MalwarePayload%%">(Hover to see the Payload)</em></p>
8
  </li>
4
 
5
  <p>%%SUCURI.Malware.AlertMessage%% <a href="%%SUCURI.Malware.InfectedURL%%" target="_blank" rel="noopener">%%SUCURI.Malware.InfectedURL%%</a></p>
6
 
7
+ <p><em class="sucuriscan-tooltip" content="%%SUCURI.Malware.MalwarePayload%%">({{Hover to see the Payload}})</em></p>
8
  </li>
inc/tpl/sitecheck-recommendations.html.tpl CHANGED
@@ -1,6 +1,6 @@
1
 
2
  <div class="sucuriscan-panel sucuriscan-sitecheck-list sucuriscan-sitecheck-recommendations">
3
- <h3 class="sucuriscan-tag-title sucuriscan-tag-%%SUCURI.Recommendations.Color%%">Recomendations</h3>
4
 
5
  <ul>
6
  %%%SUCURI.Recommendations.Content%%%
1
 
2
  <div class="sucuriscan-panel sucuriscan-sitecheck-list sucuriscan-sitecheck-recommendations">
3
+ <h3 class="sucuriscan-tag-title sucuriscan-tag-%%SUCURI.Recommendations.Color%%">{{Recommendations}}</h3>
4
 
5
  <ul>
6
  %%%SUCURI.Recommendations.Content%%%
inc/tpl/sitecheck-target.html.tpl CHANGED
@@ -1,20 +1,20 @@
1
 
2
  <div class="sucuriscan-panel">
3
- <h3 class="sucuriscan-title">Malware Scan Target</h3>
4
 
5
  <div class="inside">
6
- <p>The remote malware scanner provided by the plugin is powered by <a href="https://sitecheck.sucuri.net/" target="_blank" rel="noopener">Sucuri SiteCheck</a>, a service that takes a publicly accessible URL and scans it for malicious code. If your website is not visible to the Internet, for example, if it is hosted in a local development environment or a restricted network, the scanner will not be able to work on it. Additionally, if the website was installed in a non-standard directory the scanner will report a "404 Not Found" error. You can use this option to change the URL that will be scanned.</p>
7
 
8
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2">
9
- <span>Malware Scan Target &mdash; <a href="https://sitecheck.sucuri.net/results/%%SUCURI.SiteCheck.Target%%" target="_blank" rel="noopener">https://sitecheck.sucuri.net/results/%%SUCURI.SiteCheck.Target%%</a></span>
10
  </div>
11
 
12
  <form action="%%SUCURI.URL.Settings%%#apiservice" method="post">
13
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
14
  <fieldset class="sucuriscan-clearfix">
15
- <label>Malware Scan Target:</label>
16
  <input type="text" name="sucuriscan_sitecheck_target" />
17
- <button type="submit" class="button button-primary">Submit</button>
18
  </fieldset>
19
  </form>
20
  </div>
1
 
2
  <div class="sucuriscan-panel">
3
+ <h3 class="sucuriscan-title">{{Malware Scan Target}}</h3>
4
 
5
  <div class="inside">
6
+ <p>{{The remote malware scanner provided by the plugin is powered by <a href="https://sitecheck.sucuri.net/" target="_blank" rel="noopener">Sucuri SiteCheck</a>, a service that takes a publicly accessible URL and scans it for malicious code. If your website is not visible to the Internet, for example, if it is hosted in a local development environment or a restricted network, the scanner will not be able to work on it. Additionally, if the website was installed in a non-standard directory the scanner will report a "404 Not Found" error. You can use this option to change the URL that will be scanned.}}</p>
7
 
8
  <div class="sucuriscan-hstatus sucuriscan-hstatus-2">
9
+ <span>{{Malware Scan Target}} &mdash; <a href="https://sitecheck.sucuri.net/results/%%SUCURI.SiteCheck.Target%%" target="_blank" rel="noopener">https://sitecheck.sucuri.net/results/%%SUCURI.SiteCheck.Target%%</a></span>
10
  </div>
11
 
12
  <form action="%%SUCURI.URL.Settings%%#apiservice" method="post">
13
  <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
14
  <fieldset class="sucuriscan-clearfix">
15
+ <label>{{Malware Scan Target:}}</label>
16
  <input type="text" name="sucuriscan_sitecheck_target" />
17
+ <button type="submit" class="button button-primary">{{Submit}}</button>
18
  </fieldset>
19
  </form>
20
  </div>
lang/sucuri-scanner.pot ADDED
@@ -0,0 +1,3238 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ #, fuzzy
2
+ msgid ""
3
+ msgstr ""
4
+ "Plural-Forms: nplurals=INTEGER; plural=EXPRESSION;\n"
5
+ "Project-Id-Version: Sucuri Security - Auditing, Malware Scanner and "
6
+ "Hardening\n"
7
+ "POT-Creation-Date: 2019-02-18 18:58-0700\n"
8
+ "PO-Revision-Date: 2019-02-07 02:39-0600\n"
9
+ "Last-Translator: \n"
10
+ "Language-Team: \n"
11
+ "MIME-Version: 1.0\n"
12
+ "Content-Type: text/plain; charset=UTF-8\n"
13
+ "Content-Transfer-Encoding: 8bit\n"
14
+ "X-Generator: Poedit 1.8.12\n"
15
+ "X-Poedit-Basepath: ..\n"
16
+ "X-Poedit-WPHeader: sucuri.php\n"
17
+ "X-Poedit-SourceCharset: UTF-8\n"
18
+ "X-Poedit-KeywordsList: __;_e;_n:1,2;_x:1,2c;_ex:1,2c;_nx:4c,1,2;esc_attr__;"
19
+ "esc_attr_e;esc_attr_x:1,2c;esc_html__;esc_html_e;esc_html_x:1,2c;_n_noop:1,2;"
20
+ "_nx_noop:3c,1,2;__ngettext_noop:1,2\n"
21
+ "X-Poedit-SearchPath-0: .\n"
22
+ "X-Poedit-SearchPathExcluded-0: *.js\n"
23
+
24
+ #: src/api.lib.php:91
25
+ msgid "URL is invalid"
26
+ msgstr ""
27
+
28
+ #: src/api.lib.php:95
29
+ msgid "Only GET and POST methods allowed"
30
+ msgstr ""
31
+
32
+ #: src/api.lib.php:182
33
+ msgid "Invalid API key format"
34
+ msgstr ""
35
+
36
+ #: src/api.lib.php:186
37
+ #, php-format
38
+ msgid "API key was successfully set: %s"
39
+ msgstr ""
40
+
41
+ #: src/api.lib.php:277
42
+ msgid "Unknown error, there is no information"
43
+ msgstr ""
44
+
45
+ #: src/api.lib.php:317
46
+ msgid "Invalid email format or the host is missing MX records."
47
+ msgstr ""
48
+
49
+ #: src/api.lib.php:352
50
+ msgid "API key was generated and set"
51
+ msgstr ""
52
+
53
+ #: src/api.lib.php:354
54
+ msgid "API key successfully generated and saved."
55
+ msgstr ""
56
+
57
+ #: src/api.lib.php:380
58
+ #, php-format
59
+ msgid "API key recovery for domain: %s"
60
+ msgstr ""
61
+
62
+ #: src/api.lib.php:609
63
+ #, php-format
64
+ msgid "WP Engine PHP Compatibility Checker: %s (created post #%d as cache)"
65
+ msgstr ""
66
+
67
+ #: src/api.lib.php:952 src/api.lib.php:957
68
+ msgid "WordPress version is not supported anymore"
69
+ msgstr ""
70
+
71
+ #: src/auditlogs.lib.php:112
72
+ msgid "API is not available; using local queue"
73
+ msgstr ""
74
+
75
+ #: src/auditlogs.lib.php:114
76
+ #, php-format
77
+ msgid "API %s secs"
78
+ msgstr ""
79
+
80
+ #: src/auditlogs.lib.php:120
81
+ msgid "API key is missing"
82
+ msgstr ""
83
+
84
+ #: src/auditlogs.lib.php:163
85
+ msgid "There are no logs."
86
+ msgstr ""
87
+
88
+ #: src/auditlogs.lib.php:208
89
+ msgid "Today"
90
+ msgstr ""
91
+
92
+ #: src/auditlogs.lib.php:231
93
+ msgid "status has been changed"
94
+ msgstr ""
95
+
96
+ #: src/base.lib.php:60
97
+ msgid "Error:"
98
+ msgstr ""
99
+
100
+ #: src/base.lib.php:60
101
+ msgid "Info:"
102
+ msgstr ""
103
+
104
+ #: src/cache.lib.php:392 src/cache.lib.php:412 src/cache.lib.php:453
105
+ #: src/cache.lib.php:470
106
+ msgid "Invalid cache key name"
107
+ msgstr ""
108
+
109
+ #: src/event.lib.php:89
110
+ #, php-format
111
+ msgid "%s (every %d seconds)"
112
+ msgstr ""
113
+
114
+ #: src/event.lib.php:95
115
+ msgid "Never (no execution)"
116
+ msgstr ""
117
+
118
+ #: src/event.lib.php:108 src/event.lib.php:158
119
+ msgid "API key is not available"
120
+ msgstr ""
121
+
122
+ #: src/event.lib.php:116
123
+ msgid "WordPress version was already reported"
124
+ msgstr ""
125
+
126
+ #: src/event.lib.php:119
127
+ #, php-format
128
+ msgid "WordPress version detected %s"
129
+ msgstr ""
130
+
131
+ #: src/event.lib.php:162
132
+ msgid "Scanner ran a couple of minutes ago"
133
+ msgstr ""
134
+
135
+ #: src/event.lib.php:194
136
+ msgid "Event identifier cannot be empty"
137
+ msgstr ""
138
+
139
+ #: src/event.lib.php:373 src/event.lib.php:377
140
+ msgid "Info"
141
+ msgstr ""
142
+
143
+ #: src/event.lib.php:375
144
+ msgid "Debug"
145
+ msgstr ""
146
+
147
+ #: src/event.lib.php:376
148
+ msgid "Notice"
149
+ msgstr ""
150
+
151
+ #: src/event.lib.php:378
152
+ msgid "Warning"
153
+ msgstr ""
154
+
155
+ #: src/event.lib.php:379
156
+ msgid "Error"
157
+ msgstr ""
158
+
159
+ #: src/event.lib.php:380
160
+ msgid "Critical"
161
+ msgstr ""
162
+
163
+ #: src/event.lib.php:510
164
+ #, php-format
165
+ msgid ""
166
+ "<br><br>\n"
167
+ "\n"
168
+ "<em>Explanation: Someone failed to login to your site. If you are getting "
169
+ "too many of these messages, it is likely your site is under a password "
170
+ "guessing brute-force attack [1]. You can disable the failed login alerts "
171
+ "from here [2]. Alternatively, you can consider to install a firewall between "
172
+ "your website and your visitors to filter out these and other attacks, take a "
173
+ "look at Sucuri Firewall [3].</em><br><br>\n"
174
+ "\n"
175
+ "[1] <a href='https://kb.sucuri.net/definitions/attacks/brute-force/password-"
176
+ "guessing'>https://kb.sucuri.net/definitions/attacks/brute-force/password-"
177
+ "guessing</a><br>\n"
178
+ "[2] <a href='%s'>%s</a> <br>\n"
179
+ "[3] <a href='https://sucuri.net/website-firewall/?wpalert'>https://sucuri."
180
+ "net/website-firewall/</a><br>\n"
181
+ msgstr ""
182
+
183
+ #: src/event.lib.php:642
184
+ msgid "Password Change"
185
+ msgstr ""
186
+
187
+ #: src/fileinfo.lib.php:291
188
+ msgid "No files were found"
189
+ msgstr ""
190
+
191
+ #: src/fileinfo.lib.php:349
192
+ msgid "Directory does not exists"
193
+ msgstr ""
194
+
195
+ #: src/fileinfo.lib.php:353
196
+ msgid "Cannot delete content directory"
197
+ msgstr ""
198
+
199
+ #: src/fileinfo.lib.php:359
200
+ msgid "Cannot delete uploads directory"
201
+ msgstr ""
202
+
203
+ #: src/firewall.lib.php:161
204
+ msgid "Firewall API key was successfully saved"
205
+ msgstr ""
206
+
207
+ #: src/firewall.lib.php:172
208
+ msgid "Firewall API key was successfully removed"
209
+ msgstr ""
210
+
211
+ #: src/firewall.lib.php:204
212
+ msgid "enabled (recommended)"
213
+ msgstr ""
214
+
215
+ #: src/firewall.lib.php:205
216
+ msgid "site caching (using your site headers)"
217
+ msgstr ""
218
+
219
+ #: src/firewall.lib.php:206
220
+ msgid "minimal (only for a few minutes)"
221
+ msgstr ""
222
+
223
+ #: src/firewall.lib.php:207
224
+ msgid "caching disabled (use with caution)"
225
+ msgstr ""
226
+
227
+ #: src/firewall.lib.php:253 src/firewall.lib.php:349 src/firewall.lib.php:567
228
+ #: src/firewall.lib.php:602 src/firewall.lib.php:643 src/firewall.lib.php:735
229
+ msgid "Firewall API key was not found."
230
+ msgstr ""
231
+
232
+ #: src/firewall.lib.php:385
233
+ msgid "no data available."
234
+ msgstr ""
235
+
236
+ #: src/firewall.lib.php:443
237
+ msgid "Anonymous"
238
+ msgstr ""
239
+
240
+ #: src/firewall.lib.php:488
241
+ msgid "January"
242
+ msgstr ""
243
+
244
+ #: src/firewall.lib.php:489
245
+ msgid "February"
246
+ msgstr ""
247
+
248
+ #: src/firewall.lib.php:490
249
+ msgid "March"
250
+ msgstr ""
251
+
252
+ #: src/firewall.lib.php:491
253
+ msgid "April"
254
+ msgstr ""
255
+
256
+ #: src/firewall.lib.php:492
257
+ msgid "May"
258
+ msgstr ""
259
+
260
+ #: src/firewall.lib.php:493
261
+ msgid "June"
262
+ msgstr ""
263
+
264
+ #: src/firewall.lib.php:494
265
+ msgid "July"
266
+ msgstr ""
267
+
268
+ #: src/firewall.lib.php:495
269
+ msgid "August"
270
+ msgstr ""
271
+
272
+ #: src/firewall.lib.php:496
273
+ msgid "September"
274
+ msgstr ""
275
+
276
+ #: src/firewall.lib.php:497
277
+ msgid "October"
278
+ msgstr ""
279
+
280
+ #: src/firewall.lib.php:498
281
+ msgid "November"
282
+ msgstr ""
283
+
284
+ #: src/firewall.lib.php:499
285
+ msgid "December"
286
+ msgstr ""
287
+
288
+ #: src/firewall.lib.php:610
289
+ msgid "Failure connecting to the API service; try again."
290
+ msgstr ""
291
+
292
+ #: src/firewall.lib.php:617
293
+ #, php-format
294
+ msgid "IP has been blacklisted: %s"
295
+ msgstr ""
296
+
297
+ #: src/firewall.lib.php:656
298
+ #, php-format
299
+ msgid "IP has been unblacklisted: %s"
300
+ msgstr ""
301
+
302
+ #: src/globals.php:80 src/strings.php:39 src/strings.php:287
303
+ msgid "Dashboard"
304
+ msgstr ""
305
+
306
+ #: src/globals.php:81 src/strings.php:40
307
+ msgid "Firewall (WAF)"
308
+ msgstr ""
309
+
310
+ #: src/globals.php:82
311
+ msgid "Last Logins"
312
+ msgstr ""
313
+
314
+ #: src/globals.php:83 src/strings.php:41 src/strings.php:95 src/strings.php:288
315
+ msgid "Settings"
316
+ msgstr ""
317
+
318
+ #: src/globals.php:104 src/globals.php:105 src/strings.php:35
319
+ msgid "Sucuri Security"
320
+ msgstr ""
321
+
322
+ #: src/hardening.lib.php:88
323
+ msgid "Directory is not usable"
324
+ msgstr ""
325
+
326
+ #: src/hardening.lib.php:124
327
+ msgid "Directory is not hardened"
328
+ msgstr ""
329
+
330
+ #: src/hardening.lib.php:247
331
+ msgid "Access control file does not exists"
332
+ msgstr ""
333
+
334
+ #: src/hardening.lib.php:251
335
+ msgid "Access control file is not writable"
336
+ msgstr ""
337
+
338
+ #: src/hardening.lib.php:281
339
+ msgid "Cannot remove file from whitelist; no permissions."
340
+ msgstr ""
341
+
342
+ #: src/hook.lib.php:68
343
+ #, php-format
344
+ msgid "Media file added; ID: %s; name: %s; type: %s"
345
+ msgstr ""
346
+
347
+ #: src/hook.lib.php:82 src/hook.lib.php:108 src/hook.lib.php:197
348
+ #: src/hook.lib.php:1001 src/hook.lib.php:1012 src/hook.lib.php:1042
349
+ #: src/settings-general.php:408 src/settings-general.php:409
350
+ #: src/settings-general.php:410 src/settings-general.php:411
351
+ #: src/settings-general.php:412 src/settings-webinfo.php:40
352
+ msgid "unknown"
353
+ msgstr ""
354
+
355
+ #: src/hook.lib.php:83 src/hook.lib.php:109 src/hook.lib.php:1002
356
+ #: src/hook.lib.php:1013 src/hook.lib.php:1043
357
+ msgid "user@domain.com"
358
+ msgstr ""
359
+
360
+ #: src/hook.lib.php:91
361
+ #, php-format
362
+ msgid ""
363
+ "User added to website; user_id: %s; role: %s; blog_id: %s; name: %s; email: "
364
+ "%s"
365
+ msgstr ""
366
+
367
+ #: src/hook.lib.php:117
368
+ #, php-format
369
+ msgid ""
370
+ "User removed from website; user_id: %s; blog_id: %s; name: %s; email: %s"
371
+ msgstr ""
372
+
373
+ #: src/hook.lib.php:134 src/hook.lib.php:229 src/hook.lib.php:296
374
+ #: src/hook.lib.php:408 src/hook.lib.php:533 src/hook.lib.php:744
375
+ #: src/hook.lib.php:770 src/hook.lib.php:870 src/hook.lib.php:912
376
+ #: src/lastlogins-failed.php:246
377
+ msgid "Unknown"
378
+ msgstr ""
379
+
380
+ #: src/hook.lib.php:136
381
+ #, php-format
382
+ msgid "Category created; ID: %s; name: %s"
383
+ msgstr ""
384
+
385
+ #: src/hook.lib.php:153
386
+ #, php-format
387
+ msgid "WordPress updated to version: %s"
388
+ msgstr ""
389
+
390
+ #: src/hook.lib.php:179
391
+ #, php-format
392
+ msgid "Bookmark link added; ID: %s; name: %s; url: %s; target: %s"
393
+ msgstr ""
394
+
395
+ #: src/hook.lib.php:209
396
+ #, php-format
397
+ msgid "Bookmark link edited; ID: %s; name: %s; url: %s; target: %s"
398
+ msgstr ""
399
+
400
+ #: src/hook.lib.php:230
401
+ #, php-format
402
+ msgid "User authentication failed: %s"
403
+ msgstr ""
404
+
405
+ #: src/hook.lib.php:283
406
+ msgid "Attempt to reset password by attacking WP/2.8.3 bug"
407
+ msgstr ""
408
+
409
+ #: src/hook.lib.php:297
410
+ #, php-format
411
+ msgid "User authentication succeeded: %s"
412
+ msgstr ""
413
+
414
+ #: src/hook.lib.php:326
415
+ #, php-format
416
+ msgid ""
417
+ "The value of the option <b>%s</b> was changed from <b>'%s'</b> to <b>'%s'</"
418
+ "b>.<br>\n"
419
+ msgstr ""
420
+
421
+ #: src/hook.lib.php:332
422
+ #, php-format
423
+ msgid "%s: from '%s' to '%s',"
424
+ msgstr ""
425
+
426
+ #: src/hook.lib.php:341
427
+ msgid "Common"
428
+ msgstr ""
429
+
430
+ #: src/hook.lib.php:345
431
+ msgid "Global"
432
+ msgstr ""
433
+
434
+ #: src/hook.lib.php:359
435
+ #, php-format
436
+ msgid "%s settings changed"
437
+ msgstr ""
438
+
439
+ #: src/hook.lib.php:362
440
+ #, php-format
441
+ msgid "%s: (multiple entries): %s"
442
+ msgstr ""
443
+
444
+ #: src/hook.lib.php:420
445
+ #, php-format
446
+ msgid "Plugin %s: %s (v%s; %s%s)"
447
+ msgstr ""
448
+
449
+ #: src/hook.lib.php:482
450
+ msgid "Plugins deleted: (multiple entries):"
451
+ msgstr ""
452
+
453
+ #: src/hook.lib.php:484
454
+ msgid "Plugin deleted:"
455
+ msgstr ""
456
+
457
+ #: src/hook.lib.php:510
458
+ #, php-format
459
+ msgid "Plugin editor used in: %s"
460
+ msgstr ""
461
+
462
+ #: src/hook.lib.php:534
463
+ #, php-format
464
+ msgid "Plugin installed: %s"
465
+ msgstr ""
466
+
467
+ #: src/hook.lib.php:589
468
+ msgid "Plugins updated: (multiple entries):"
469
+ msgstr ""
470
+
471
+ #: src/hook.lib.php:591
472
+ msgid "Plugin updated:"
473
+ msgstr ""
474
+
475
+ #: src/hook.lib.php:660
476
+ #, php-format
477
+ msgid "Post deleted: (multiple entries): %s"
478
+ msgstr ""
479
+
480
+ #: src/hook.lib.php:674
481
+ msgid "Ignore corrupted post data"
482
+ msgstr ""
483
+
484
+ #: src/hook.lib.php:679
485
+ msgid "Skip events for equal transitions"
486
+ msgstr ""
487
+
488
+ #: src/hook.lib.php:703
489
+ msgid "Skip events for postman-smtp alerts"
490
+ msgstr ""
491
+
492
+ #: src/hook.lib.php:708
493
+ msgid "Skip events for ignored post-types"
494
+ msgstr ""
495
+
496
+ #: src/hook.lib.php:714
497
+ msgid "Skip events for ignored post transitions"
498
+ msgstr ""
499
+
500
+ #: src/hook.lib.php:720
501
+ #, php-format
502
+ msgid "ID: %s"
503
+ msgstr ""
504
+
505
+ #: src/hook.lib.php:721
506
+ #, php-format
507
+ msgid "Old status: %s"
508
+ msgstr ""
509
+
510
+ #: src/hook.lib.php:722
511
+ #, php-format
512
+ msgid "New status: %s"
513
+ msgstr ""
514
+
515
+ #: src/hook.lib.php:725
516
+ #, php-format
517
+ msgid "Title: %s"
518
+ msgstr ""
519
+
520
+ #: src/hook.lib.php:728
521
+ #, php-format
522
+ msgid "%s status has been changed"
523
+ msgstr ""
524
+
525
+ #: src/hook.lib.php:754
526
+ #, php-format
527
+ msgid "Post moved to trash; ID: %s; name: %s; status: %s"
528
+ msgstr ""
529
+
530
+ #: src/hook.lib.php:771
531
+ msgid "Publication"
532
+ msgstr ""
533
+
534
+ #: src/hook.lib.php:789
535
+ #, php-format
536
+ msgid "%s was %s; ID: %s; name: %s"
537
+ msgstr ""
538
+
539
+ #: src/hook.lib.php:854
540
+ #, php-format
541
+ msgid "Password retrieval attempt: %s"
542
+ msgstr ""
543
+
544
+ #: src/hook.lib.php:872
545
+ #, php-format
546
+ msgid "Theme deleted: %s"
547
+ msgstr ""
548
+
549
+ #: src/hook.lib.php:894
550
+ #, php-format
551
+ msgid "Theme editor used in: %s/%s"
552
+ msgstr ""
553
+
554
+ #: src/hook.lib.php:914
555
+ #, php-format
556
+ msgid "Theme installed: %s"
557
+ msgstr ""
558
+
559
+ #: src/hook.lib.php:929
560
+ #, php-format
561
+ msgid "Theme activated: %s"
562
+ msgstr ""
563
+
564
+ #: src/hook.lib.php:970
565
+ msgid "Themes updated: (multiple entries):"
566
+ msgstr ""
567
+
568
+ #: src/hook.lib.php:972
569
+ msgid "Theme updated:"
570
+ msgstr ""
571
+
572
+ #: src/hook.lib.php:991
573
+ #, php-format
574
+ msgid "User account deleted; ID: %d"
575
+ msgstr ""
576
+
577
+ #: src/hook.lib.php:1022
578
+ #, php-format
579
+ msgid ""
580
+ "User account edited; ID: %s; name: %s; old_name: %s; email: %s; old_email: "
581
+ "%s; roles: %s; old_roles: %s"
582
+ msgstr ""
583
+
584
+ #: src/hook.lib.php:1054
585
+ #, php-format
586
+ msgid "User account created; ID: %s; name: %s; email: %s; roles: %s"
587
+ msgstr ""
588
+
589
+ #: src/hook.lib.php:1096
590
+ #, php-format
591
+ msgid "Widget %s (%s) %s %s (#%d; size %dx%d)"
592
+ msgstr ""
593
+
594
+ #: src/integrity.lib.php:113 src/settings-general.php:46
595
+ #: src/settings-general.php:594 src/settings-posthack.php:58
596
+ msgid "You need to confirm that you understand the risk of this operation."
597
+ msgstr ""
598
+
599
+ #: src/integrity.lib.php:118
600
+ msgid "Requested action is not supported."
601
+ msgstr ""
602
+
603
+ #: src/integrity.lib.php:128
604
+ msgid "Core file restored"
605
+ msgstr ""
606
+
607
+ #: src/integrity.lib.php:129
608
+ msgid "Non-core file deleted"
609
+ msgstr ""
610
+
611
+ #: src/integrity.lib.php:130
612
+ msgid "Core file marked as fixed"
613
+ msgstr ""
614
+
615
+ #: src/integrity.lib.php:135
616
+ msgid "Nothing was selected from the list."
617
+ msgstr ""
618
+
619
+ #: src/integrity.lib.php:228
620
+ msgid ""
621
+ "Server is not fast enough to process this action; maximum execution time "
622
+ "reached"
623
+ msgstr ""
624
+
625
+ #: src/integrity.lib.php:234
626
+ #, php-format
627
+ msgid "Only <b>%d</b> out of <b>%d</b> files were processed."
628
+ msgstr ""
629
+
630
+ #: src/integrity.lib.php:243
631
+ #, php-format
632
+ msgid "<b>%d</b> out of <b>%d</b> files were successfully processed."
633
+ msgstr ""
634
+
635
+ #: src/integrity.lib.php:321
636
+ msgid ""
637
+ "The plugin has no permission to delete this file because it was created by a "
638
+ "different system user who has more privileges than your account. Please use "
639
+ "FTP to delete it."
640
+ msgstr ""
641
+
642
+ #: src/integrity.lib.php:323
643
+ msgid ""
644
+ "The plugin has no permission to restore this file because it was modified by "
645
+ "a different system user who has more privileges than your account. Please "
646
+ "use FTP to restore it."
647
+ msgstr ""
648
+
649
+ #: src/integrity.lib.php:325
650
+ msgid ""
651
+ "The plugin has no permission to restore this file because its directory is "
652
+ "owned by a different system user who has more privileges than your account. "
653
+ "Please use FTP to restore it."
654
+ msgstr ""
655
+
656
+ #: src/integrity.lib.php:405 src/strings.php:475 src/strings.php:477
657
+ msgid "WordPress Integrity Diff Utility"
658
+ msgstr ""
659
+
660
+ #: src/interface.lib.php:190
661
+ msgid "The plugin requires PHP 5 >= 5.3.0 - OR - PHP 7"
662
+ msgstr ""
663
+
664
+ #: src/interface.lib.php:198
665
+ #, php-format
666
+ msgid "Storage is not writable: <code>%s</code>"
667
+ msgstr ""
668
+
669
+ #: src/interface.lib.php:240
670
+ msgid ""
671
+ "API service communication is disabled, if you just updated the plugin this "
672
+ "might be a good opportunity to test this feature once again with the new "
673
+ "code. Enable it again from the \"API Service\" panel located in the settings "
674
+ "page."
675
+ msgstr ""
676
+
677
+ #: src/interface.lib.php:253
678
+ msgid ""
679
+ "Do you want to get vulnerability disclosures? Subscribe to our newsletter <a "
680
+ "href=\"http://sucuri.hs-sites.com/subscribe-to-security\" target=\"_blank\" "
681
+ "rel=\"noopener\">here</a>"
682
+ msgstr ""
683
+
684
+ #: src/interface.lib.php:266
685
+ msgid "Access denied; cannot manage options"
686
+ msgstr ""
687
+
688
+ #: src/interface.lib.php:267
689
+ #, php-format
690
+ msgid "Access denied by %s"
691
+ msgstr ""
692
+
693
+ #: src/interface.lib.php:287
694
+ msgid "Nonce is invalid"
695
+ msgstr ""
696
+
697
+ #: src/interface.lib.php:288
698
+ msgid ""
699
+ "WordPress CSRF verification failed. The submitted form is missing an "
700
+ "important unique code that prevents the execution of automated malicious "
701
+ "scanners. Go back and try again. If you did not submit a form, this error "
702
+ "message could be an indication of an incompatibility between this plugin and "
703
+ "another add-on; one of them is inserting data into the global POST variable "
704
+ "when the HTTP request is coming via GET. Disable them one by one (while "
705
+ "reloading this page) to find the culprit."
706
+ msgstr ""
707
+
708
+ #: src/lastlogins-failed.php:344 src/lastlogins-failed.php:368
709
+ #: src/strings.php:154 src/strings.php:167 src/strings.php:179
710
+ #: src/strings.php:190 src/strings.php:410
711
+ msgid "Username"
712
+ msgstr ""
713
+
714
+ #: src/lastlogins-failed.php:345 src/lastlogins-failed.php:369
715
+ msgid "Password"
716
+ msgstr ""
717
+
718
+ #: src/lastlogins-failed.php:346 src/lastlogins-failed.php:370
719
+ #: src/strings.php:81 src/strings.php:160 src/strings.php:168
720
+ #: src/strings.php:180 src/strings.php:193 src/strings.php:272
721
+ msgid "IP Address"
722
+ msgstr ""
723
+
724
+ #: src/lastlogins-failed.php:347 src/lastlogins-failed.php:371
725
+ msgid "Attempt Timestamp"
726
+ msgstr ""
727
+
728
+ #: src/lastlogins-failed.php:348 src/lastlogins-failed.php:372
729
+ msgid "Attempt Date/Time"
730
+ msgstr ""
731
+
732
+ #: src/lastlogins.php:124
733
+ #, php-format
734
+ msgid "Last-logins data file is not writable: <code>%s</code>"
735
+ msgstr ""
736
+
737
+ #: src/lastlogins.php:300
738
+ msgid "Invalid last-logins storage file"
739
+ msgstr ""
740
+
741
+ #: src/lastlogins.php:307
742
+ msgid "No last-logins data is available"
743
+ msgstr ""
744
+
745
+ #: src/lastlogins.php:451
746
+ #, php-format
747
+ msgid ""
748
+ "Last login was at <b>%s</b> from <b>%s</b> <em>(%s)</em> <a href=\"%s\" "
749
+ "target=\"_self\">view all logs</a>"
750
+ msgstr ""
751
+
752
+ #: src/mail.lib.php:80
753
+ msgid "Maximum number of emails per hour reached"
754
+ msgstr ""
755
+
756
+ #: src/mail.lib.php:184
757
+ #, php-format
758
+ msgid "User: %s (%s)"
759
+ msgstr ""
760
+
761
+ #: src/mail.lib.php:210
762
+ msgid "Sucuri Alert"
763
+ msgstr ""
764
+
765
+ #: src/option.lib.php:148 src/settings-alerts.php:209
766
+ #: src/settings-alerts.php:210 src/settings-alerts.php:211
767
+ #, php-format
768
+ msgid "Sucuri Alert, %s, %s, %s"
769
+ msgstr ""
770
+
771
+ #: src/pagehandler.php:44
772
+ msgid "iFrames"
773
+ msgstr ""
774
+
775
+ #: src/pagehandler.php:45
776
+ msgid "Links"
777
+ msgstr ""
778
+
779
+ #: src/pagehandler.php:46
780
+ msgid "Scripts"
781
+ msgstr ""
782
+
783
+ #: src/pagehandler.php:47 src/pagehandler.php:48 src/pagehandler.php:49
784
+ #: src/strings.php:26 src/strings.php:53 src/strings.php:65 src/strings.php:76
785
+ #: src/strings.php:108 src/strings.php:143 src/strings.php:397
786
+ #: src/strings.php:407 src/strings.php:418 src/strings.php:449
787
+ msgid "Loading..."
788
+ msgstr ""
789
+
790
+ #: src/pagehandler.php:97
791
+ msgid "Last-Logins logs were successfully reset."
792
+ msgstr ""
793
+
794
+ #: src/pagehandler.php:99
795
+ msgid "Could not reset the last-logins data file."
796
+ msgstr ""
797
+
798
+ #: src/settings-alerts.php:56
799
+ #, php-format
800
+ msgid "The email alerts will be sent to: <code>%s</code>"
801
+ msgstr ""
802
+
803
+ #: src/settings-alerts.php:59
804
+ #, php-format
805
+ msgid "The email alerts will be sent to: %s"
806
+ msgstr ""
807
+
808
+ #: src/settings-alerts.php:63
809
+ msgid "Email format not supported."
810
+ msgstr ""
811
+
812
+ #: src/settings-alerts.php:82
813
+ #, php-format
814
+ msgid "These emails will stop receiving alerts: <code>%s</code>"
815
+ msgstr ""
816
+
817
+ #: src/settings-alerts.php:85
818
+ #, php-format
819
+ msgid "These emails will stop receiving alerts: %s"
820
+ msgstr ""
821
+
822
+ #: src/settings-alerts.php:96
823
+ msgid "Test Email Alert"
824
+ msgstr ""
825
+
826
+ #: src/settings-alerts.php:97
827
+ #, php-format
828
+ msgid "Test email alert sent at %s"
829
+ msgstr ""
830
+
831
+ #: src/settings-alerts.php:101
832
+ msgid "A test alert was sent to your email, check your inbox"
833
+ msgstr ""
834
+
835
+ #: src/settings-alerts.php:146
836
+ msgid "The IP specified address was already added."
837
+ msgstr ""
838
+
839
+ #: src/settings-alerts.php:148
840
+ #, php-format
841
+ msgid "IP has been trusted: %s"
842
+ msgstr ""
843
+
844
+ #: src/settings-alerts.php:149
845
+ #, php-format
846
+ msgid "Events generated from this IP will be ignored: <code>%s</code>"
847
+ msgstr ""
848
+
849
+ #: src/settings-alerts.php:151
850
+ msgid "The IP address could not be added to the trusted list"
851
+ msgstr ""
852
+
853
+ #: src/settings-alerts.php:164
854
+ msgid "The selected IP addresses were successfully deleted."
855
+ msgstr ""
856
+
857
+ #: src/settings-alerts.php:173
858
+ msgid "n/a"
859
+ msgstr ""
860
+
861
+ #: src/settings-alerts.php:208 src/settings-alerts.php:212
862
+ #: src/settings-alerts.php:213
863
+ #, php-format
864
+ msgid "Sucuri Alert, %s, %s"
865
+ msgstr ""
866
+
867
+ #: src/settings-alerts.php:214
868
+ #, php-format
869
+ msgid "Sucuri Alert, %s"
870
+ msgstr ""
871
+
872
+ #: src/settings-alerts.php:242
873
+ msgid "Invalid characters in the email subject."
874
+ msgstr ""
875
+
876
+ #: src/settings-alerts.php:250
877
+ #, php-format
878
+ msgid "Email subject set to <code>%s</code>"
879
+ msgstr ""
880
+
881
+ #: src/settings-alerts.php:255
882
+ msgid "The email subject has been successfully updated"
883
+ msgstr ""
884
+
885
+ #: src/settings-alerts.php:304
886
+ msgid "Maximum 5 per hour"
887
+ msgstr ""
888
+
889
+ #: src/settings-alerts.php:305
890
+ msgid "Maximum 10 per hour"
891
+ msgstr ""
892
+
893
+ #: src/settings-alerts.php:306
894
+ msgid "Maximum 20 per hour"
895
+ msgstr ""
896
+
897
+ #: src/settings-alerts.php:307
898
+ msgid "Maximum 40 per hour"
899
+ msgstr ""
900
+
901
+ #: src/settings-alerts.php:308
902
+ msgid "Maximum 80 per hour"
903
+ msgstr ""
904
+
905
+ #: src/settings-alerts.php:309
906
+ msgid "Maximum 160 per hour"
907
+ msgstr ""
908
+
909
+ #: src/settings-alerts.php:310
910
+ msgid "Unlimited alerts per hour"
911
+ msgstr ""
912
+
913
+ #: src/settings-alerts.php:320
914
+ #, php-format
915
+ msgid "Maximum alerts per hour set to <code>%s</code>"
916
+ msgstr ""
917
+
918
+ #: src/settings-alerts.php:325
919
+ msgid "The maximum number of alerts per hour has been updated"
920
+ msgstr ""
921
+
922
+ #: src/settings-alerts.php:327
923
+ msgid "Error updating the maximum number of alerts per hour"
924
+ msgstr ""
925
+
926
+ #: src/settings-alerts.php:351
927
+ msgid "30 failed logins per hour"
928
+ msgstr ""
929
+
930
+ #: src/settings-alerts.php:352
931
+ msgid "60 failed logins per hour"
932
+ msgstr ""
933
+
934
+ #: src/settings-alerts.php:353
935
+ msgid "120 failed logins per hour"
936
+ msgstr ""
937
+
938
+ #: src/settings-alerts.php:354
939
+ msgid "240 failed logins per hour"
940
+ msgstr ""
941
+
942
+ #: src/settings-alerts.php:355
943
+ msgid "480 failed logins per hour"
944
+ msgstr ""
945
+
946
+ #: src/settings-alerts.php:364
947
+ #, php-format
948
+ msgid ""
949
+ "Consider brute-force attack after <code>%s</code> failed logins per hour"
950
+ msgstr ""
951
+
952
+ #: src/settings-alerts.php:369
953
+ #, php-format
954
+ msgid ""
955
+ "The plugin will assume that your website is under a brute-force attack after "
956
+ "%s failed logins are detected during the same hour"
957
+ msgstr ""
958
+
959
+ #: src/settings-alerts.php:371
960
+ msgid "Invalid number of failed logins per hour"
961
+ msgstr ""
962
+
963
+ #: src/settings-alerts.php:396
964
+ msgid "Receive email alerts for changes in the settings of the plugin"
965
+ msgstr ""
966
+
967
+ #: src/settings-alerts.php:397
968
+ msgid ""
969
+ "Receive email alerts in HTML <em>(there may be issues with some mail "
970
+ "services)</em>"
971
+ msgstr ""
972
+
973
+ #: src/settings-alerts.php:398
974
+ msgid ""
975
+ "Use WordPress functions to send mails <em>(uncheck to use native PHP "
976
+ "functions)</em>"
977
+ msgstr ""
978
+
979
+ #: src/settings-alerts.php:399
980
+ msgid "Allow redirection after login to report the last-login information"
981
+ msgstr ""
982
+
983
+ #: src/settings-alerts.php:400
984
+ msgid "Receive email alerts for core integrity checks"
985
+ msgstr ""
986
+
987
+ #: src/settings-alerts.php:401
988
+ msgid "Receive email alerts for available updates"
989
+ msgstr ""
990
+
991
+ #: src/settings-alerts.php:402
992
+ msgid "Receive email alerts for new user registration"
993
+ msgstr ""
994
+
995
+ #: src/settings-alerts.php:403
996
+ msgid "Receive email alerts for successful login attempts"
997
+ msgstr ""
998
+
999
+ #: src/settings-alerts.php:404
1000
+ msgid ""
1001
+ "Receive email alerts for failed login attempts <em>(you may receive tons of "
1002
+ "emails)</em>"
1003
+ msgstr ""
1004
+
1005
+ #: src/settings-alerts.php:405
1006
+ msgid ""
1007
+ "Receive email alerts for password guessing attacks <em>(summary of failed "
1008
+ "logins per hour)</em>"
1009
+ msgstr ""
1010
+
1011
+ #: src/settings-alerts.php:406
1012
+ msgid ""
1013
+ "Receive email alerts for changes in the post status <em>(configure from "
1014
+ "Ignore Posts Changes)</em>"
1015
+ msgstr ""
1016
+
1017
+ #: src/settings-alerts.php:407
1018
+ msgid "Receive email alerts when the WordPress version is updated"
1019
+ msgstr ""
1020
+
1021
+ #: src/settings-alerts.php:408
1022
+ msgid "Receive email alerts when your website settings are updated"
1023
+ msgstr ""
1024
+
1025
+ #: src/settings-alerts.php:409
1026
+ msgid "Receive email alerts when a file is modified with theme/plugin editor"
1027
+ msgstr ""
1028
+
1029
+ #: src/settings-alerts.php:410
1030
+ msgid "Receive email alerts when a <b>plugin is installed</b>"
1031
+ msgstr ""
1032
+
1033
+ #: src/settings-alerts.php:411
1034
+ msgid "Receive email alerts when a <b>plugin is activated</b>"
1035
+ msgstr ""
1036
+
1037
+ #: src/settings-alerts.php:412
1038
+ msgid "Receive email alerts when a <b>plugin is deactivated</b>"
1039
+ msgstr ""
1040
+
1041
+ #: src/settings-alerts.php:413
1042
+ msgid "Receive email alerts when a <b>plugin is updated</b>"
1043
+ msgstr ""
1044
+
1045
+ #: src/settings-alerts.php:414
1046
+ msgid "Receive email alerts when a <b>plugin is deleted</b>"
1047
+ msgstr ""
1048
+
1049
+ #: src/settings-alerts.php:415
1050
+ msgid "Receive email alerts when a <b>widget is added</b> to a sidebar"
1051
+ msgstr ""
1052
+
1053
+ #: src/settings-alerts.php:416
1054
+ msgid "Receive email alerts when a <b>widget is deleted</b> from a sidebar"
1055
+ msgstr ""
1056
+
1057
+ #: src/settings-alerts.php:417
1058
+ msgid "Receive email alerts when a <b>theme is installed</b>"
1059
+ msgstr ""
1060
+
1061
+ #: src/settings-alerts.php:418
1062
+ msgid "Receive email alerts when a <b>theme is activated</b>"
1063
+ msgstr ""
1064
+
1065
+ #: src/settings-alerts.php:419
1066
+ msgid "Receive email alerts when a <b>theme is updated</b>"
1067
+ msgstr ""
1068
+
1069
+ #: src/settings-alerts.php:420
1070
+ msgid "Receive email alerts when a <b>theme is deleted</b>"
1071
+ msgstr ""
1072
+
1073
+ #: src/settings-alerts.php:464
1074
+ #, php-format
1075
+ msgid "A total of %s alert events were changed"
1076
+ msgstr ""
1077
+
1078
+ #: src/settings-alerts.php:468
1079
+ msgid "The alert settings have been updated"
1080
+ msgstr ""
1081
+
1082
+ #: src/settings-alerts.php:542
1083
+ msgid "Only lowercase letters, underscores and hyphens are allowed."
1084
+ msgstr ""
1085
+
1086
+ #: src/settings-alerts.php:544
1087
+ msgid "The post-type is already being ignored (duplicate)."
1088
+ msgstr ""
1089
+
1090
+ #: src/settings-alerts.php:548
1091
+ msgid "Post-type has been successfully ignored."
1092
+ msgstr ""
1093
+
1094
+ #: src/settings-alerts.php:550
1095
+ #, php-format
1096
+ msgid "Changes in <code>%s</code> post-type will be ignored"
1097
+ msgstr ""
1098
+
1099
+ #: src/settings-alerts.php:565
1100
+ msgid "List of monitored post-types has been updated."
1101
+ msgstr ""
1102
+
1103
+ #: src/settings-alerts.php:567
1104
+ msgid "List of monitored post-types has been updated"
1105
+ msgstr ""
1106
+
1107
+ #: src/settings-alerts.php:574 src/settings-scanner.php:179
1108
+ #: src/settings-scanner.php:239 src/strings.php:46 src/strings.php:159
1109
+ #: src/strings.php:171 src/strings.php:183 src/strings.php:275
1110
+ #: src/strings.php:380 src/strings.php:471
1111
+ msgid "no data available"
1112
+ msgstr ""
1113
+
1114
+ #: src/settings-apiservice.php:36 src/settings-general.php:304
1115
+ #: src/settings-general.php:370 src/settings-general.php:417
1116
+ #: src/settings-integrity.php:80
1117
+ msgid "Enabled"
1118
+ msgstr ""
1119
+
1120
+ #: src/settings-apiservice.php:37 src/settings-general.php:305
1121
+ #: src/settings-general.php:371 src/settings-general.php:418
1122
+ #: src/settings-integrity.php:81
1123
+ msgid "Disable"
1124
+ msgstr ""
1125
+
1126
+ #: src/settings-apiservice.php:50
1127
+ #, php-format
1128
+ msgid "API service communication was <code>%s</code>"
1129
+ msgstr ""
1130
+
1131
+ #: src/settings-apiservice.php:55
1132
+ msgid "The status of the API service has been changed"
1133
+ msgstr ""
1134
+
1135
+ #: src/settings-apiservice.php:63 src/settings-general.php:347
1136
+ #: src/settings-general.php:391 src/settings-general.php:452
1137
+ msgid "Disabled"
1138
+ msgstr ""
1139
+
1140
+ #: src/settings-apiservice.php:64 src/settings-general.php:348
1141
+ #: src/settings-general.php:392 src/settings-general.php:453
1142
+ msgid "Enable"
1143
+ msgstr ""
1144
+
1145
+ #: src/settings-apiservice.php:71
1146
+ msgid "NONE"
1147
+ msgstr ""
1148
+
1149
+ #: src/settings-apiservice.php:131 src/settings-apiservice.php:138
1150
+ #, php-format
1151
+ msgid "Core integrity API changed: %s"
1152
+ msgstr ""
1153
+
1154
+ #: src/settings-apiservice.php:134 src/settings-apiservice.php:141
1155
+ msgid "The URL to retrieve the WordPress checksums has been changed"
1156
+ msgstr ""
1157
+
1158
+ #: src/settings-general.php:38 src/settings-general.php:44
1159
+ msgid "Local security logs, hardening and settings were deleted"
1160
+ msgstr ""
1161
+
1162
+ #: src/settings-general.php:78
1163
+ msgid "Sucuri API key has been deleted."
1164
+ msgstr ""
1165
+
1166
+ #: src/settings-general.php:79
1167
+ msgid "Sucuri API key removed"
1168
+ msgstr ""
1169
+
1170
+ #: src/settings-general.php:80
1171
+ #, php-format
1172
+ msgid "Sucuri API key has been deleted <code>%s</code>"
1173
+ msgstr ""
1174
+
1175
+ #: src/settings-general.php:89
1176
+ msgid "Sucuri API key was added manually."
1177
+ msgstr ""
1178
+
1179
+ #: src/settings-general.php:100
1180
+ msgid ""
1181
+ "You must accept the Terms of Service and Privacy Policy in order to request "
1182
+ "an API key."
1183
+ msgstr ""
1184
+
1185
+ #: src/settings-general.php:107
1186
+ msgid "Site registered successfully"
1187
+ msgstr ""
1188
+
1189
+ #: src/settings-general.php:120
1190
+ msgid "API key recovery (email sent)"
1191
+ msgstr ""
1192
+
1193
+ #: src/settings-general.php:122
1194
+ msgid "API key recovery (failure)"
1195
+ msgstr ""
1196
+
1197
+ #: src/settings-general.php:132
1198
+ msgid "Plugin API Key Recovery"
1199
+ msgstr ""
1200
+
1201
+ #: src/settings-general.php:143
1202
+ msgid "(not set)"
1203
+ msgstr ""
1204
+
1205
+ #: src/settings-general.php:164
1206
+ msgid "Directory used to store the plugin settings, cache and system logs"
1207
+ msgstr ""
1208
+
1209
+ #: src/settings-general.php:165
1210
+ #, php-format
1211
+ msgid ""
1212
+ "Cache to store the system logs obtained from the API service; expires after "
1213
+ "%s seconds."
1214
+ msgstr ""
1215
+
1216
+ #: src/settings-general.php:166
1217
+ msgid ""
1218
+ "Local queue to store the most recent logs before they are sent to the remote "
1219
+ "API service."
1220
+ msgstr ""
1221
+
1222
+ #: src/settings-general.php:167
1223
+ msgid ""
1224
+ "Deprecated on 1.8.12; it was used to store a list of blocked user names."
1225
+ msgstr ""
1226
+
1227
+ #: src/settings-general.php:168
1228
+ msgid ""
1229
+ "Stores the data for every failed login attempt. The data is moved to "
1230
+ "\"oldfailedlogins\" every hour during a brute force password attack."
1231
+ msgstr ""
1232
+
1233
+ #: src/settings-general.php:169
1234
+ msgid ""
1235
+ "Temporarily stores data to complement the logs during destructive operations "
1236
+ "like deleting a post, page, comment, etc."
1237
+ msgstr ""
1238
+
1239
+ #: src/settings-general.php:170
1240
+ msgid ""
1241
+ "Stores a list of files and folders chosen by the user to be ignored by the "
1242
+ "file system scanner."
1243
+ msgstr ""
1244
+
1245
+ #: src/settings-general.php:171
1246
+ msgid ""
1247
+ "Stores a list of files marked as fixed by the user via the WordPress "
1248
+ "Integrity tool."
1249
+ msgstr ""
1250
+
1251
+ #: src/settings-general.php:172
1252
+ msgid ""
1253
+ "Stores the data associated to every successful user login. The data never "
1254
+ "expires; manually delete if the file is too large."
1255
+ msgstr ""
1256
+
1257
+ #: src/settings-general.php:173
1258
+ msgid ""
1259
+ "Stores the data for every failed login attempt after the plugin sends a "
1260
+ "report about a brute force password attack via email."
1261
+ msgstr ""
1262
+
1263
+ #: src/settings-general.php:174
1264
+ #, php-format
1265
+ msgid ""
1266
+ "Cache to store the data associated to the installed plugins listed in the "
1267
+ "Post-Hack page. Expires after %s seconds."
1268
+ msgstr ""
1269
+
1270
+ #: src/settings-general.php:175
1271
+ msgid ""
1272
+ "Stores all the options used to configure the functionality and behavior of "
1273
+ "the plugin."
1274
+ msgstr ""
1275
+
1276
+ #: src/settings-general.php:176
1277
+ #, php-format
1278
+ msgid ""
1279
+ "Cache to store the result of the malware scanner. Expires after %s seconds, "
1280
+ "reset at any time to force a re-scan."
1281
+ msgstr ""
1282
+
1283
+ #: src/settings-general.php:177
1284
+ msgid ""
1285
+ "Stores a list of IP addresses trusted by the plugin, events triggered by one "
1286
+ "of these IPs will not be reported to the remote monitoring API service."
1287
+ msgstr ""
1288
+
1289
+ #: src/settings-general.php:211
1290
+ #, php-format
1291
+ msgid "%d out of %d files has been deleted"
1292
+ msgstr ""
1293
+
1294
+ #: src/settings-general.php:229 src/settings-posthack.php:308
1295
+ msgid "Not Writable"
1296
+ msgstr ""
1297
+
1298
+ #: src/settings-general.php:230
1299
+ msgid "Does Not Exist"
1300
+ msgstr ""
1301
+
1302
+ #: src/settings-general.php:236
1303
+ msgid "Exists"
1304
+ msgstr ""
1305
+
1306
+ #: src/settings-general.php:242 src/strings.php:328
1307
+ msgid "Writable"
1308
+ msgstr ""
1309
+
1310
+ #: src/settings-general.php:316
1311
+ msgid "Log exporter was disabled"
1312
+ msgstr ""
1313
+
1314
+ #: src/settings-general.php:322
1315
+ msgid "The log exporter feature has been disabled"
1316
+ msgstr ""
1317
+
1318
+ #: src/settings-general.php:324
1319
+ msgid "File should not be publicly accessible."
1320
+ msgstr ""
1321
+
1322
+ #: src/settings-general.php:326
1323
+ msgid "File already exists and will not be overwritten."
1324
+ msgstr ""
1325
+
1326
+ #: src/settings-general.php:328
1327
+ msgid "File parent directory is not writable."
1328
+ msgstr ""
1329
+
1330
+ #: src/settings-general.php:332
1331
+ msgid "Log exporter file path was correctly set"
1332
+ msgstr ""
1333
+
1334
+ #: src/settings-general.php:338
1335
+ msgid ""
1336
+ "The log exporter feature has been enabled and the data file was successfully "
1337
+ "set."
1338
+ msgstr ""
1339
+
1340
+ #: src/settings-general.php:414
1341
+ msgid "INVALID"
1342
+ msgstr ""
1343
+
1344
+ #: src/settings-general.php:432
1345
+ #, php-format
1346
+ msgid "DNS lookups for reverse proxy detection <code>%s</code>"
1347
+ msgstr ""
1348
+
1349
+ #: src/settings-general.php:437
1350
+ msgid ""
1351
+ "The status of the DNS lookups for the reverse proxy detection has been "
1352
+ "changed"
1353
+ msgstr ""
1354
+
1355
+ #: src/settings-general.php:585
1356
+ #, php-format
1357
+ msgid "%d out of %d option have been successfully imported"
1358
+ msgstr ""
1359
+
1360
+ #: src/settings-general.php:591
1361
+ msgid "Data is incorrectly encoded"
1362
+ msgstr ""
1363
+
1364
+ #: src/settings-general.php:649
1365
+ #, php-format
1366
+ msgid "Timezone override will use %s"
1367
+ msgstr ""
1368
+
1369
+ #: src/settings-general.php:654
1370
+ msgid "The timezone for the date and time in the audit logs has been changed"
1371
+ msgstr ""
1372
+
1373
+ #: src/settings-hardening.php:102
1374
+ msgid ""
1375
+ "The firewall is a premium service that you need purchase at - <a href="
1376
+ "\"https://goo.gl/qfNkMq\" target=\"_blank\">Sucuri Firewall</a>"
1377
+ msgstr ""
1378
+
1379
+ #: src/settings-hardening.php:107
1380
+ msgid "Website Firewall Protection"
1381
+ msgstr ""
1382
+
1383
+ #: src/settings-hardening.php:108
1384
+ msgid ""
1385
+ "A WAF is a protection layer for your web site, blocking all sort of attacks "
1386
+ "(brute force attempts, DDoS, SQL injections, etc) and helping it remain "
1387
+ "malware and blacklist free. This test checks if your site is using Sucuri "
1388
+ "Firewall to protect your site."
1389
+ msgstr ""
1390
+
1391
+ #: src/settings-hardening.php:112 src/settings-hardening.php:193
1392
+ #: src/settings-hardening.php:301 src/settings-hardening.php:360
1393
+ #: src/settings-hardening.php:429 src/settings-hardening.php:461
1394
+ #: src/settings-hardening.php:501 src/settings-hardening.php:594
1395
+ msgid "Apply Hardening"
1396
+ msgstr ""
1397
+
1398
+ #: src/settings-hardening.php:116 src/settings-hardening.php:190
1399
+ #: src/settings-hardening.php:212 src/settings-hardening.php:293
1400
+ #: src/settings-hardening.php:297 src/settings-hardening.php:352
1401
+ #: src/settings-hardening.php:356 src/settings-hardening.php:421
1402
+ #: src/settings-hardening.php:425 src/settings-hardening.php:464
1403
+ #: src/settings-hardening.php:497 src/settings-hardening.php:590
1404
+ msgid "Revert Hardening"
1405
+ msgstr ""
1406
+
1407
+ #: src/settings-hardening.php:141
1408
+ msgid "Check Updates Now"
1409
+ msgstr ""
1410
+
1411
+ #: src/settings-hardening.php:142
1412
+ msgid "Verify WordPress Version"
1413
+ msgstr ""
1414
+
1415
+ #: src/settings-hardening.php:143
1416
+ msgid ""
1417
+ "Why keep your site updated? WordPress is an open-source project which means "
1418
+ "that with every update the details of the changes made to the source code "
1419
+ "are made public, if there were security fixes then someone with malicious "
1420
+ "intent can use this information to attack any site that has not been "
1421
+ "upgraded."
1422
+ msgstr ""
1423
+
1424
+ #: src/settings-hardening.php:147
1425
+ msgid "WordPress Update Available"
1426
+ msgstr ""
1427
+
1428
+ #: src/settings-hardening.php:179
1429
+ msgid ""
1430
+ "Ask your hosting provider to install an updated version of PHP - <a href="
1431
+ "\"http://php.net/supported-versions.php\" target=\"_blank\" rel=\"noopener"
1432
+ "\">List of PHP Supported Versions</a>"
1433
+ msgstr ""
1434
+
1435
+ #: src/settings-hardening.php:184
1436
+ msgid "Verify PHP Version"
1437
+ msgstr ""
1438
+
1439
+ #: src/settings-hardening.php:185
1440
+ #, php-format
1441
+ msgid "PHP %s is installed."
1442
+ msgstr ""
1443
+
1444
+ #: src/settings-hardening.php:210
1445
+ msgid "Remove WordPress Version"
1446
+ msgstr ""
1447
+
1448
+ #: src/settings-hardening.php:214
1449
+ msgid ""
1450
+ "It checks if your WordPress version is being leaked to the public via a HTML "
1451
+ "meta-tag. Many web vulnerability scanners use this to determine which "
1452
+ "version of the code is running in your website. They use this to find "
1453
+ "disclosed vulnerabilities associated to this version number. A vulnerability "
1454
+ "scanner can still guess which version of WordPress is installed by comparing "
1455
+ "the checksum of some static files."
1456
+ msgstr ""
1457
+
1458
+ #: src/settings-hardening.php:234
1459
+ msgid ""
1460
+ "Read the official WordPress guidelines to learn how to restrict access to "
1461
+ "PHP files in sensitive directories - <a href=\"https://codex.wordpress.org/"
1462
+ "Nginx#Global_restrictions_file\" target=\"_blank\" rel=\"noopener\">Nginx "
1463
+ "Global Restrictions For WordPress</a>"
1464
+ msgstr ""
1465
+
1466
+ #: src/settings-hardening.php:238
1467
+ msgid "Block of Certain PHP Files"
1468
+ msgstr ""
1469
+
1470
+ #: src/settings-hardening.php:241
1471
+ msgid "Check Hardening"
1472
+ msgstr ""
1473
+
1474
+ #: src/settings-hardening.php:242 src/settings-hardening.php:288
1475
+ #: src/settings-hardening.php:347 src/settings-hardening.php:416
1476
+ msgid ""
1477
+ "Block the execution of PHP files in sensitive directories. Be careful while "
1478
+ "applying this hardening option as there are many plugins and theme which "
1479
+ "rely on the ability to execute PHP files in the content directory to "
1480
+ "generate images or save temporary data. Use the \"Whitelist PHP Files\" tool "
1481
+ "to add exceptions to individual files."
1482
+ msgstr ""
1483
+
1484
+ #: src/settings-hardening.php:269 src/settings-hardening.php:270
1485
+ msgid "Hardening applied to the uploads directory"
1486
+ msgstr ""
1487
+
1488
+ #: src/settings-hardening.php:272 src/settings-hardening.php:331
1489
+ #: src/settings-hardening.php:398
1490
+ msgid "Error hardening directory, check the permissions."
1491
+ msgstr ""
1492
+
1493
+ #: src/settings-hardening.php:280 src/settings-hardening.php:281
1494
+ msgid "Hardening reverted in the uploads directory"
1495
+ msgstr ""
1496
+
1497
+ #: src/settings-hardening.php:283 src/settings-hardening.php:342
1498
+ #: src/settings-hardening.php:411
1499
+ msgid "Access file is not writable, check the permissions."
1500
+ msgstr ""
1501
+
1502
+ #: src/settings-hardening.php:287
1503
+ msgid "Block PHP Files in Uploads Directory"
1504
+ msgstr ""
1505
+
1506
+ #: src/settings-hardening.php:328 src/settings-hardening.php:329
1507
+ msgid "Hardening applied to the content directory"
1508
+ msgstr ""
1509
+
1510
+ #: src/settings-hardening.php:339 src/settings-hardening.php:340
1511
+ msgid "Hardening reverted in the content directory"
1512
+ msgstr ""
1513
+
1514
+ #: src/settings-hardening.php:346
1515
+ msgid "Block PHP Files in WP-CONTENT Directory"
1516
+ msgstr ""
1517
+
1518
+ #: src/settings-hardening.php:392 src/settings-hardening.php:393
1519
+ msgid "Hardening applied to the library directory"
1520
+ msgstr ""
1521
+
1522
+ #: src/settings-hardening.php:408 src/settings-hardening.php:409
1523
+ msgid "Hardening reverted in the library directory"
1524
+ msgstr ""
1525
+
1526
+ #: src/settings-hardening.php:415
1527
+ msgid "Block PHP Files in WP-INCLUDES Directory"
1528
+ msgstr ""
1529
+
1530
+ #: src/settings-hardening.php:448
1531
+ #, php-format
1532
+ msgid "Cannot delete <code>%s/readme.html</code>"
1533
+ msgstr ""
1534
+
1535
+ #: src/settings-hardening.php:450 src/settings-hardening.php:451
1536
+ msgid "Hardening applied to the <code>readme.html</code> file"
1537
+ msgstr ""
1538
+
1539
+ #: src/settings-hardening.php:455
1540
+ msgid "Information Leakage"
1541
+ msgstr ""
1542
+
1543
+ #: src/settings-hardening.php:456
1544
+ msgid ""
1545
+ "Checks if the WordPress README file still exists in the website. The "
1546
+ "information in this file can be used by malicious users to pin-point which "
1547
+ "disclosed vulnerabilities are associated to the website. Be aware that "
1548
+ "WordPress recreates this file automatically with every update."
1549
+ msgstr ""
1550
+
1551
+ #: src/settings-hardening.php:491
1552
+ msgid "Default Admin Account"
1553
+ msgstr ""
1554
+
1555
+ #: src/settings-hardening.php:492
1556
+ msgid ""
1557
+ "Check if the primary user account still uses the name \"admin\". This allows "
1558
+ "malicious users to easily identify which account has the highest privileges "
1559
+ "to target an attack."
1560
+ msgstr ""
1561
+
1562
+ #: src/settings-hardening.php:521 src/settings-hardening.php:552
1563
+ #: src/settings-posthack.php:63
1564
+ msgid "WordPress configuration file was not found."
1565
+ msgstr ""
1566
+
1567
+ #: src/settings-hardening.php:523 src/settings-hardening.php:554
1568
+ #: src/settings-posthack.php:76
1569
+ msgid "WordPress configuration file is not writable."
1570
+ msgstr ""
1571
+
1572
+ #: src/settings-hardening.php:543 src/settings-hardening.php:544
1573
+ msgid "Hardening applied to the plugin and theme editor"
1574
+ msgstr ""
1575
+
1576
+ #: src/settings-hardening.php:572
1577
+ msgid ""
1578
+ "File Editor was not disabled using this tool. You must scan your project for "
1579
+ "a constant defined as DISALLOW_FILE_EDIT, then either delete it or set its "
1580
+ "value to False. Any plugin/theme can disable the file editor, so it is "
1581
+ "impossible to determine the origin of the constant."
1582
+ msgstr ""
1583
+
1584
+ #: src/settings-hardening.php:578 src/settings-hardening.php:579
1585
+ msgid "Hardening reverted in the plugin and theme editor"
1586
+ msgstr ""
1587
+
1588
+ #: src/settings-hardening.php:584
1589
+ msgid "Plugin and Theme Editor"
1590
+ msgstr ""
1591
+
1592
+ #: src/settings-hardening.php:585
1593
+ msgid ""
1594
+ "Disables the theme and plugin editors to prevent unwanted modifications to "
1595
+ "the code. If you are having problems reverting this please open the wp-"
1596
+ "config.php file and delete the line with the constant DISALLOW_FILE_EDIT."
1597
+ msgstr ""
1598
+
1599
+ #: src/settings-hardening.php:636
1600
+ msgid "The file has been whitelisted from the hardening"
1601
+ msgstr ""
1602
+
1603
+ #: src/settings-hardening.php:641
1604
+ msgid "Specified folder is not hardened by this plugin"
1605
+ msgstr ""
1606
+
1607
+ #: src/settings-hardening.php:655
1608
+ msgid "Selected files have been removed"
1609
+ msgstr ""
1610
+
1611
+ #: src/settings-integrity.php:65
1612
+ msgid "Your hosting provider has blocked the execution of external commands."
1613
+ msgstr ""
1614
+
1615
+ #: src/settings-integrity.php:68
1616
+ #, php-format
1617
+ msgid "Integrity diff utility has been <code>%s</code>"
1618
+ msgstr ""
1619
+
1620
+ #: src/settings-integrity.php:73
1621
+ msgid "The status of the integrity diff utility has been changed"
1622
+ msgstr ""
1623
+
1624
+ #: src/settings-integrity.php:112
1625
+ #, php-format
1626
+ msgid "Core files that will not be ignored anymore: (multiple entries): %s"
1627
+ msgstr ""
1628
+
1629
+ #: src/settings-integrity.php:114
1630
+ msgid "The selected files have been successfully processed."
1631
+ msgstr ""
1632
+
1633
+ #: src/settings-posthack.php:65
1634
+ msgid "Generate new security keys (success)"
1635
+ msgstr ""
1636
+
1637
+ #: src/settings-posthack.php:66
1638
+ msgid "Secret keys updated successfully (summary of the operation bellow)."
1639
+ msgstr ""
1640
+
1641
+ #: src/settings-posthack.php:69
1642
+ msgid "Old Security Keys"
1643
+ msgstr ""
1644
+
1645
+ #: src/settings-posthack.php:72
1646
+ msgid "New Security Keys"
1647
+ msgstr ""
1648
+
1649
+ #: src/settings-posthack.php:75
1650
+ msgid "Generate new security keys (failure)"
1651
+ msgstr ""
1652
+
1653
+ #: src/settings-posthack.php:203
1654
+ #, php-format
1655
+ msgid "Password changed for user #%d"
1656
+ msgstr ""
1657
+
1658
+ #: src/settings-posthack.php:298
1659
+ msgid "not installed"
1660
+ msgstr ""
1661
+
1662
+ #: src/settings-posthack.php:305
1663
+ msgid "Plugin is Premium"
1664
+ msgstr ""
1665
+
1666
+ #: src/settings-posthack.php:311
1667
+ msgid "Missing Library"
1668
+ msgstr ""
1669
+
1670
+ #: src/settings-posthack.php:321
1671
+ msgid "Cannot Download"
1672
+ msgstr ""
1673
+
1674
+ #: src/settings-posthack.php:324
1675
+ msgid "Cannot Backup"
1676
+ msgstr ""
1677
+
1678
+ #: src/settings-posthack.php:337
1679
+ msgid "Cannot Install"
1680
+ msgstr ""
1681
+
1682
+ #: src/settings-posthack.php:346
1683
+ #, php-format
1684
+ msgid "Installed v%s"
1685
+ msgstr ""
1686
+
1687
+ #: src/settings-posthack.php:420
1688
+ msgid "Newest WordPress"
1689
+ msgstr ""
1690
+
1691
+ #: src/settings-posthack.php:458
1692
+ msgid "There are no updates available."
1693
+ msgstr ""
1694
+
1695
+ #: src/settings-scanner.php:68
1696
+ #, php-format
1697
+ msgid "%d tasks has been scheduled to run in the next ten seconds."
1698
+ msgstr ""
1699
+
1700
+ #: src/settings-scanner.php:74
1701
+ #, php-format
1702
+ msgid "Force execution of scheduled tasks: (multiple entries): %s"
1703
+ msgstr ""
1704
+
1705
+ #: src/settings-scanner.php:86
1706
+ #, php-format
1707
+ msgid "%d scheduled tasks have been removed."
1708
+ msgstr ""
1709
+
1710
+ #: src/settings-scanner.php:92
1711
+ #, php-format
1712
+ msgid "Delete scheduled tasks: (multiple entries): %s"
1713
+ msgstr ""
1714
+
1715
+ #: src/settings-scanner.php:103
1716
+ #, php-format
1717
+ msgid "%d tasks has been re-scheduled to run <code>%s</code>."
1718
+ msgstr ""
1719
+
1720
+ #: src/settings-scanner.php:110
1721
+ #, php-format
1722
+ msgid "Re-configure scheduled tasks %s: (multiple entries): %s"
1723
+ msgstr ""
1724
+
1725
+ #: src/settings-scanner.php:122
1726
+ msgid "No scheduled tasks were selected from the list."
1727
+ msgstr ""
1728
+
1729
+ #: src/settings-scanner.php:131
1730
+ msgid "Execute Now (in +10 seconds)"
1731
+ msgstr ""
1732
+
1733
+ #: src/settings-scanner.php:207 src/settings-scanner.php:216
1734
+ msgid "Selected files have been successfully processed."
1735
+ msgstr ""
1736
+
1737
+ #: src/settings-scanner.php:208
1738
+ #, php-format
1739
+ msgid "This directory will not be scanned: %s"
1740
+ msgstr ""
1741
+
1742
+ #: src/settings-scanner.php:218
1743
+ msgid "Directories will be scanned: (multiple entries): "
1744
+ msgstr ""
1745
+
1746
+ #: src/settings-webinfo.php:39
1747
+ msgid "not active"
1748
+ msgstr ""
1749
+
1750
+ #: src/settings-webinfo.php:52
1751
+ msgid "active"
1752
+ msgstr ""
1753
+
1754
+ #: src/sitecheck.lib.php:178
1755
+ #, php-format
1756
+ msgid "PHP Version: %s"
1757
+ msgstr ""
1758
+
1759
+ #: src/sitecheck.lib.php:179
1760
+ #, php-format
1761
+ msgid "Version: %s"
1762
+ msgstr ""
1763
+
1764
+ #: src/sitecheck.lib.php:190
1765
+ #, php-format
1766
+ msgid "Hosting: %s"
1767
+ msgstr ""
1768
+
1769
+ #: src/sitecheck.lib.php:194
1770
+ #, php-format
1771
+ msgid "CMS: %s"
1772
+ msgstr ""
1773
+
1774
+ #: src/sitecheck.lib.php:272
1775
+ msgid "Site is Clean"
1776
+ msgstr ""
1777
+
1778
+ #: src/sitecheck.lib.php:278
1779
+ msgid "Site is not Clean"
1780
+ msgstr ""
1781
+
1782
+ #: src/sitecheck.lib.php:317
1783
+ msgid "Not Blacklisted"
1784
+ msgstr ""
1785
+
1786
+ #: src/sitecheck.lib.php:342
1787
+ msgid "Blacklisted"
1788
+ msgstr ""
1789
+
1790
+ #: src/sitecheck.lib.php:415
1791
+ #, php-format
1792
+ msgid "iFrames: %d"
1793
+ msgstr ""
1794
+
1795
+ #: src/sitecheck.lib.php:427
1796
+ #, php-format
1797
+ msgid "Links: %d"
1798
+ msgstr ""
1799
+
1800
+ #: src/sitecheck.lib.php:448
1801
+ #, php-format
1802
+ msgid "Scripts: %d"
1803
+ msgstr ""
1804
+
1805
+ #: src/strings.php:27
1806
+ msgid "Total logs in the queue:"
1807
+ msgstr ""
1808
+
1809
+ #: src/strings.php:28
1810
+ msgid "Maximum execution time:"
1811
+ msgstr ""
1812
+
1813
+ #: src/strings.php:29
1814
+ msgid "Successfully sent to the API:"
1815
+ msgstr ""
1816
+
1817
+ #: src/strings.php:30
1818
+ msgid "Total request timeouts (failures):"
1819
+ msgstr ""
1820
+
1821
+ #: src/strings.php:31
1822
+ msgid "Total execution time:"
1823
+ msgstr ""
1824
+
1825
+ #: src/strings.php:32
1826
+ msgid "Send Logs"
1827
+ msgstr ""
1828
+
1829
+ #: src/strings.php:36
1830
+ msgid "WP Plugin"
1831
+ msgstr ""
1832
+
1833
+ #: src/strings.php:37
1834
+ msgid "Review"
1835
+ msgstr ""
1836
+
1837
+ #: src/strings.php:38 src/template.lib.php:136
1838
+ msgid "Generate API Key"
1839
+ msgstr ""
1840
+
1841
+ #: src/strings.php:42
1842
+ msgid "Copyright"
1843
+ msgstr ""
1844
+
1845
+ #: src/strings.php:43
1846
+ msgid "Sucuri Inc. All Rights Reserved."
1847
+ msgstr ""
1848
+
1849
+ #: src/strings.php:47 src/strings.php:96
1850
+ msgid "Audit Logs"
1851
+ msgstr ""
1852
+
1853
+ #: src/strings.php:50
1854
+ msgid "Firewall Audit Logs"
1855
+ msgstr ""
1856
+
1857
+ #: src/strings.php:51
1858
+ msgid ""
1859
+ "The firewall logs every request involved in an attack and separates them "
1860
+ "from the legitimate requests. You can analyze the data from the latest "
1861
+ "entries in the logs using this tool and take action either enabling the "
1862
+ "advanced features of the IDS <em>(Intrusion Detection System)</em> from the "
1863
+ "<a href=\"https://waf.sucuri.net/?settings\" target=\"_blank\" rel=\"noopener"
1864
+ "\">Firewall Dashboard</a> and/or blocking IP addresses and URL paths "
1865
+ "directly from the <a href=\"https://waf.sucuri.net/?audit\" target=\"_blank"
1866
+ "\" rel=\"noopener\">Firewall Audit Trails</a> page."
1867
+ msgstr ""
1868
+
1869
+ #: src/strings.php:52
1870
+ msgid "Non-blocked requests are hidden from the logs, this is intentional."
1871
+ msgstr ""
1872
+
1873
+ #: src/strings.php:54 src/strings.php:75 src/strings.php:128
1874
+ #: src/strings.php:213 src/strings.php:219 src/strings.php:226
1875
+ #: src/strings.php:234 src/strings.php:246 src/strings.php:253
1876
+ #: src/strings.php:263 src/strings.php:270 src/strings.php:282
1877
+ #: src/strings.php:295 src/strings.php:335 src/strings.php:353
1878
+ #: src/strings.php:363 src/strings.php:369 src/strings.php:375
1879
+ #: src/strings.php:414 src/strings.php:427 src/strings.php:451
1880
+ #: src/strings.php:458 src/strings.php:523
1881
+ msgid "Submit"
1882
+ msgstr ""
1883
+
1884
+ #: src/strings.php:57 src/strings.php:200
1885
+ msgid "Date/Time:"
1886
+ msgstr ""
1887
+
1888
+ #: src/strings.php:58
1889
+ msgid "Signature:"
1890
+ msgstr ""
1891
+
1892
+ #: src/strings.php:59
1893
+ msgid "Request:"
1894
+ msgstr ""
1895
+
1896
+ #: src/strings.php:60
1897
+ msgid "U-Agent:"
1898
+ msgstr ""
1899
+
1900
+ #: src/strings.php:61
1901
+ msgid "Target:"
1902
+ msgstr ""
1903
+
1904
+ #: src/strings.php:62
1905
+ msgid "Referer:"
1906
+ msgstr ""
1907
+
1908
+ #: src/strings.php:66
1909
+ msgid "Clear cache when a post or page is updated (Loading...)"
1910
+ msgstr ""
1911
+
1912
+ #: src/strings.php:67
1913
+ msgid "Clear cache when a post or page is updated"
1914
+ msgstr ""
1915
+
1916
+ #: src/strings.php:68 src/strings.php:98
1917
+ msgid "Clear Cache"
1918
+ msgstr ""
1919
+
1920
+ #: src/strings.php:69
1921
+ msgid ""
1922
+ "The firewall offers multiple options to configure the cache level applied to "
1923
+ "your website. You can either enable the full cache which is the recommended "
1924
+ "setting, or you can set the cache level to minimal which will keep the pages "
1925
+ "static for a couple of minutes, or force the usage of the website headers "
1926
+ "<em>(only for advanced users)</em>, or in extreme cases where you do not "
1927
+ "need the cache you can simply disable it. Find more information about it in "
1928
+ "the <a href=\"https://kb.sucuri.net/firewall/Performance/caching-options\" "
1929
+ "target=\"_blank\" rel=\"noopener\">Sucuri Knowledge Base</a> website."
1930
+ msgstr ""
1931
+
1932
+ #: src/strings.php:70
1933
+ msgid ""
1934
+ "Note that the firewall has <a href=\"https://kb.sucuri.net/firewall/"
1935
+ "Performance/cache-exceptions\" target=\"_blank\" rel=\"noopener\">special "
1936
+ "caching rules</a> for Images, CSS, PDF, TXT, JavaScript, media files and a "
1937
+ "few more extensions that are stored on our <a href=\"https://en.wikipedia."
1938
+ "org/wiki/Edge_device\" target=\"_blank\" rel=\"noopener\">edge</a>. The only "
1939
+ "way to flush the cache for these files is by clearing the firewall’s cache "
1940
+ "completely <em>(for the whole website)</em>. Due to our caching of "
1941
+ "JavaScript and CSS files, often, as is best practice, the use of versioning "
1942
+ "during development will ensure updates going live as expected. This is done "
1943
+ "by adding a query string such as <code>?ver=1.2.3</code> and incrementing on "
1944
+ "each update."
1945
+ msgstr ""
1946
+
1947
+ #: src/strings.php:71
1948
+ msgid ""
1949
+ "A web cache (or HTTP cache) is an information technology for the temporary "
1950
+ "storage (caching) of web documents, such as HTML pages and images, to reduce "
1951
+ "bandwidth usage, server load, and perceived lag. A web cache system stores "
1952
+ "copies of documents passing through it; subsequent requests may be satisfied "
1953
+ "from the cache if certain conditions are met. A web cache system can refer "
1954
+ "either to an appliance, or to a computer program. &mdash; <a href=\"https://"
1955
+ "en.wikipedia.org/wiki/Web_cache\" target=\"_blank\" rel=\"noopener"
1956
+ "\">WikiPedia - Web Cache</a>"
1957
+ msgstr ""
1958
+
1959
+ #: src/strings.php:74 src/strings.php:88 src/strings.php:256
1960
+ #: src/strings.php:276 src/strings.php:318 src/strings.php:329
1961
+ #: src/strings.php:381
1962
+ msgid "Delete"
1963
+ msgstr ""
1964
+
1965
+ #: src/strings.php:77
1966
+ msgid "IP Address Access"
1967
+ msgstr ""
1968
+
1969
+ #: src/strings.php:78
1970
+ msgid ""
1971
+ "This tool allows you to whitelist and blacklist one or more IP addresses "
1972
+ "from accessing your website. You can also configure the plugin to "
1973
+ "automatically blacklist any IP address involved in a password guessing brute-"
1974
+ "force attack. If a legitimate user fails to submit the correct credentials "
1975
+ "of their account they will have to log into the Firewall dashboard in order "
1976
+ "to delete their IP address from the blacklist, or try to login once again "
1977
+ "through a VPN."
1978
+ msgstr ""
1979
+
1980
+ #: src/strings.php:79
1981
+ msgid "Blacklist IP:"
1982
+ msgstr ""
1983
+
1984
+ #: src/strings.php:80
1985
+ msgid "e.g. 192.168.1.54"
1986
+ msgstr ""
1987
+
1988
+ #: src/strings.php:84
1989
+ msgid "Firewall Settings"
1990
+ msgstr ""
1991
+
1992
+ #: src/strings.php:85
1993
+ msgid ""
1994
+ "A powerful Web Application Firewall and <b>Intrusion Detection System</b> "
1995
+ "for any WordPress user and many other platforms. This page will help you to "
1996
+ "configure and monitor your site through the <b>Sucuri Firewall</b>. Once "
1997
+ "enabled, our firewall will act as a shield, protecting your site from "
1998
+ "attacks and preventing malware infections and reinfections. It will block "
1999
+ "SQL injection attempts, brute force attacks, XSS, RFI, backdoors and many "
2000
+ "other threats against your site."
2001
+ msgstr ""
2002
+
2003
+ #: src/strings.php:86
2004
+ msgid ""
2005
+ "Add your <a href=\"https://waf.sucuri.net/?settings&panel=api\" target="
2006
+ "\"_blank\" rel=\"noopener\">Firewall API key</a> in the form below to start "
2007
+ "communicating with the firewall API service."
2008
+ msgstr ""
2009
+
2010
+ #: src/strings.php:87
2011
+ msgid "Firewall API Key:"
2012
+ msgstr ""
2013
+
2014
+ #: src/strings.php:89
2015
+ msgid "Save"
2016
+ msgstr ""
2017
+
2018
+ #: src/strings.php:90 src/strings.php:385 src/strings.php:393
2019
+ #: src/strings.php:423 src/strings.php:434 src/strings.php:445
2020
+ msgid "Name"
2021
+ msgstr ""
2022
+
2023
+ #: src/strings.php:91 src/strings.php:435
2024
+ msgid "Value"
2025
+ msgstr ""
2026
+
2027
+ #: src/strings.php:92
2028
+ msgid ""
2029
+ "<em>[1]</em> More information about the <a href=\"https://sucuri.net/website-"
2030
+ "firewall/\" target=\"_blank\" rel=\"noopener\">Sucuri Firewall</a>, features "
2031
+ "and pricing.<br><em>[2]</em> Instructions and videos in the official <a href="
2032
+ "\"https://kb.sucuri.net/firewall\" target=\"_blank\" rel=\"noopener"
2033
+ "\">Knowledge Base</a> site.<br><em>[3]</em> <a href=\"https://login.sucuri."
2034
+ "net/signup2/create?CloudProxy\" target=\"_blank\" rel=\"noopener\">Sign up</"
2035
+ "a> for a new account and start protecting your site."
2036
+ msgstr ""
2037
+
2038
+ #: src/strings.php:97
2039
+ msgid "IP Access"
2040
+ msgstr ""
2041
+
2042
+ #: src/strings.php:101 src/strings.php:112 src/strings.php:141
2043
+ msgid "WordPress Integrity"
2044
+ msgstr ""
2045
+
2046
+ #: src/strings.php:102 src/strings.php:113 src/strings.php:142
2047
+ #, php-format
2048
+ msgid ""
2049
+ "We inspect your WordPress installation and look for modifications on the "
2050
+ "core files as provided by WordPress.org. Files located in the root "
2051
+ "directory, wp-admin and wp-includes will be compared against the files "
2052
+ "distributed with v%%SUCURI.WordPressVersion%%; all files with "
2053
+ "inconsistencies will be listed here. Any changes might indicate a hack."
2054
+ msgstr ""
2055
+
2056
+ #: src/strings.php:103
2057
+ msgid "All Core WordPress Files Are Correct"
2058
+ msgstr ""
2059
+
2060
+ #: src/strings.php:104
2061
+ msgid ""
2062
+ "We have not identified additional files, deleted files, or relevant changes "
2063
+ "to the core files in your WordPress installation. If you are experiencing "
2064
+ "other malware issues, please use a <a href=\"https://sucuri.net/website-"
2065
+ "security/malware-removal\" target=\"_blank\" rel=\"noopener\">Server Side "
2066
+ "Scanner</a>."
2067
+ msgstr ""
2068
+
2069
+ #: src/strings.php:105 src/strings.php:116
2070
+ msgid "Review False Positives"
2071
+ msgstr ""
2072
+
2073
+ #: src/strings.php:109
2074
+ msgid ""
2075
+ "Lines with a <b>minus</b> sign as the prefix <em>(here in red)</em> show the "
2076
+ "original code. Lines with a <b>plus</b> sign as the prefix <em>(here in "
2077
+ "green)</em> show the modified code. You can read more about the DIFF format "
2078
+ "from the WikiPedia article about the <a target=\"_blank\" href=\"https://en."
2079
+ "wikipedia.org/wiki/Diff_utility\" rel=\"noopener\">Unix Diff Utility</a>."
2080
+ msgstr ""
2081
+
2082
+ #: src/strings.php:114
2083
+ msgid "Core WordPress Files Were Modified"
2084
+ msgstr ""
2085
+
2086
+ #: src/strings.php:115 src/strings.php:132
2087
+ msgid ""
2088
+ "We identified that some of your WordPress core files were modified. That "
2089
+ "might indicate a hack or a broken file on your installation. If you are "
2090
+ "experiencing other malware issues, please use a <a href=\"https://sucuri.net/"
2091
+ "website-security/malware-removal\" target=\"_blank\" rel=\"noopener\">Server "
2092
+ "Side Scanner</a>."
2093
+ msgstr ""
2094
+
2095
+ #: src/strings.php:117 src/strings.php:133
2096
+ #, php-format
2097
+ msgid "WordPress Integrity (%%SUCURI.Integrity.ListCount%%)"
2098
+ msgstr ""
2099
+
2100
+ #: src/strings.php:118
2101
+ msgid ""
2102
+ "The Unix Diff Utility is enabled. You can click the files in the table to "
2103
+ "see the differences detected by the scanner. If you consider the differences "
2104
+ "to be harmless you can mark the file as fixed, otherwise it is advised to "
2105
+ "restore the original content immediately."
2106
+ msgstr ""
2107
+
2108
+ #: src/strings.php:119 src/strings.php:224 src/strings.php:237
2109
+ #: src/strings.php:254 src/strings.php:271 src/strings.php:324
2110
+ #: src/strings.php:376 src/strings.php:409 src/strings.php:422
2111
+ #: src/strings.php:444 src/strings.php:459 src/strings.php:467
2112
+ msgid "Select All"
2113
+ msgstr ""
2114
+
2115
+ #: src/strings.php:120 src/strings.php:135 src/strings.php:326
2116
+ msgid "File Size"
2117
+ msgstr ""
2118
+
2119
+ #: src/strings.php:121 src/strings.php:136
2120
+ msgid "Modified At"
2121
+ msgstr ""
2122
+
2123
+ #: src/strings.php:122 src/strings.php:137 src/strings.php:325
2124
+ #: src/strings.php:377 src/strings.php:460 src/strings.php:470
2125
+ msgid "File Path"
2126
+ msgstr ""
2127
+
2128
+ #: src/strings.php:123 src/strings.php:334 src/strings.php:352
2129
+ #: src/strings.php:436
2130
+ msgid "I understand that this operation cannot be reverted."
2131
+ msgstr ""
2132
+
2133
+ #: src/strings.php:124 src/strings.php:450
2134
+ msgid "Action:"
2135
+ msgstr ""
2136
+
2137
+ #: src/strings.php:125
2138
+ msgid "Mark as Fixed"
2139
+ msgstr ""
2140
+
2141
+ #: src/strings.php:126
2142
+ msgid "Restore File"
2143
+ msgstr ""
2144
+
2145
+ #: src/strings.php:127
2146
+ msgid "Delete File"
2147
+ msgstr ""
2148
+
2149
+ #: src/strings.php:129 src/strings.php:138
2150
+ msgid ""
2151
+ "Marking one or more files as fixed will force the plugin to ignore them "
2152
+ "during the next scan, very useful when you find false positives. "
2153
+ "Additionally you can restore the original content of the core files that "
2154
+ "appear as modified or deleted, this will tell the plugin to download a copy "
2155
+ "of the original files from the official WordPress repository. Deleting a "
2156
+ "file is an irreversible action, be careful."
2157
+ msgstr ""
2158
+
2159
+ #: src/strings.php:134 src/strings.php:327 src/strings.php:426
2160
+ #: src/strings.php:433 src/strings.php:461
2161
+ msgid "Status"
2162
+ msgstr ""
2163
+
2164
+ #: src/strings.php:146
2165
+ msgid "All Users"
2166
+ msgstr ""
2167
+
2168
+ #: src/strings.php:147
2169
+ msgid "Admins"
2170
+ msgstr ""
2171
+
2172
+ #: src/strings.php:148
2173
+ msgid "Logged-in Users"
2174
+ msgstr ""
2175
+
2176
+ #: src/strings.php:149 src/strings.php:177
2177
+ msgid "Failed logins"
2178
+ msgstr ""
2179
+
2180
+ #: src/strings.php:152
2181
+ msgid "Successful Logins (admins)"
2182
+ msgstr ""
2183
+
2184
+ #: src/strings.php:153
2185
+ msgid ""
2186
+ "Here you can see a list of all the successful logins of accounts with admin "
2187
+ "privileges."
2188
+ msgstr ""
2189
+
2190
+ #: src/strings.php:155
2191
+ msgid "Registration"
2192
+ msgstr ""
2193
+
2194
+ #: src/strings.php:156
2195
+ msgid "Newest To Oldest"
2196
+ msgstr ""
2197
+
2198
+ #: src/strings.php:161 src/strings.php:170 src/strings.php:181
2199
+ msgid "Date/Time"
2200
+ msgstr ""
2201
+
2202
+ #: src/strings.php:162 src/strings.php:174 src/strings.php:196
2203
+ msgid "Edit"
2204
+ msgstr ""
2205
+
2206
+ #: src/strings.php:165
2207
+ msgid "Successful Logins (all)"
2208
+ msgstr ""
2209
+
2210
+ #: src/strings.php:166
2211
+ msgid "Here you can see a list of all the successful user logins."
2212
+ msgstr ""
2213
+
2214
+ #: src/strings.php:169
2215
+ msgid "Hostname"
2216
+ msgstr ""
2217
+
2218
+ #: src/strings.php:178
2219
+ #, php-format
2220
+ msgid ""
2221
+ "This information will be used to determine if your site is being victim of "
2222
+ "<a href=\"https://kb.sucuri.net/definitions/attacks/brute-force/password-"
2223
+ "guessing\" target=\"_blank\" rel=\"noopener\">Password Guessing Brute Force "
2224
+ "Attacks</a>. These logs will be accumulated and the plugin will send a "
2225
+ "report via email if there are more than <code>%%SUCURI.FailedLogins."
2226
+ "MaxFailedLogins%%</code> failed login attempts during the same hour, you can "
2227
+ "change this number from <a href=\"%%SUCURI.URL.Settings%%#alerts\">here</a>. "
2228
+ "<b>NOTE:</b> Some <em>\"Two-Factor Authentication\"</em> plugins do not "
2229
+ "follow the same rules that WordPress have to report failed login attempts, "
2230
+ "so you may not see all the attempts in this panel if you have one of these "
2231
+ "plugins installed."
2232
+ msgstr ""
2233
+
2234
+ #: src/strings.php:182
2235
+ msgid "Web Browser"
2236
+ msgstr ""
2237
+
2238
+ #: src/strings.php:184
2239
+ msgid "Block"
2240
+ msgstr ""
2241
+
2242
+ #: src/strings.php:187
2243
+ msgid "Logged-in Users}"
2244
+ msgstr ""
2245
+
2246
+ #: src/strings.php:188
2247
+ msgid "Here you can see a list of the users that are currently logged-in."
2248
+ msgstr ""
2249
+
2250
+ #: src/strings.php:189
2251
+ msgid "ID"
2252
+ msgstr ""
2253
+
2254
+ #: src/strings.php:191
2255
+ msgid "Last Activity"
2256
+ msgstr ""
2257
+
2258
+ #: src/strings.php:192 src/strings.php:412
2259
+ msgid "Registered"
2260
+ msgstr ""
2261
+
2262
+ #: src/strings.php:197 src/strings.php:206 src/strings.php:343
2263
+ msgid "Website:"
2264
+ msgstr ""
2265
+
2266
+ #: src/strings.php:198 src/strings.php:268
2267
+ msgid "IP Address:"
2268
+ msgstr ""
2269
+
2270
+ #: src/strings.php:199
2271
+ msgid "Reverse IP:"
2272
+ msgstr ""
2273
+
2274
+ #: src/strings.php:201
2275
+ msgid "Message:"
2276
+ msgstr ""
2277
+
2278
+ #: src/strings.php:204
2279
+ msgid ""
2280
+ "An API key is required to activate some additional tools available in this "
2281
+ "plugin. The keys are free and you can virtually generate an unlimited number "
2282
+ "of them as long as the domain name and email address are unique. The key is "
2283
+ "used to authenticate the HTTP requests sent by the plugin to an API service "
2284
+ "managed by Sucuri Inc."
2285
+ msgstr ""
2286
+
2287
+ #: src/strings.php:205
2288
+ msgid ""
2289
+ "If you experience issues generating the API key you can request one by "
2290
+ "sending the domain name and email address that you want to use to <a href="
2291
+ "\"mailto:info@sucuri.net\">info@sucuri.net</a>. Note that generating a key "
2292
+ "for a website that is not facing the Internet is not possible because the "
2293
+ "API service needs to validate that the domain name exists."
2294
+ msgstr ""
2295
+
2296
+ #: src/strings.php:207 src/strings.php:251
2297
+ msgid "E-mail:"
2298
+ msgstr ""
2299
+
2300
+ #: src/strings.php:208
2301
+ msgid "DNS Lookups"
2302
+ msgstr ""
2303
+
2304
+ #: src/strings.php:209
2305
+ msgid ""
2306
+ "Check the box if your website is behind a known firewall service, this "
2307
+ "guarantees that the IP address of your visitors will be detected correctly "
2308
+ "for the security logs. You can change this later from the settings."
2309
+ msgstr ""
2310
+
2311
+ #: src/strings.php:210
2312
+ msgid "Enable DNS Lookups On Startup"
2313
+ msgstr ""
2314
+
2315
+ #: src/strings.php:211
2316
+ msgid ""
2317
+ "I agree to the <a target=\"_blank\" href=\"https://sucuri.net/terms\">Terms "
2318
+ "of Service</a>."
2319
+ msgstr ""
2320
+
2321
+ #: src/strings.php:212
2322
+ msgid ""
2323
+ "I have read and understand the <a target=\"_blank\" href=\"https://sucuri."
2324
+ "net/privacy\">Privacy Policy</a>."
2325
+ msgstr ""
2326
+
2327
+ #: src/strings.php:216
2328
+ msgid "Password Guessing Brute Force Attacks"
2329
+ msgstr ""
2330
+
2331
+ #: src/strings.php:217
2332
+ msgid ""
2333
+ "<a href=\"https://kb.sucuri.net/definitions/attacks/brute-force/password-"
2334
+ "guessing\" target=\"_blank\" rel=\"noopener\">Password guessing brute force "
2335
+ "attacks</a> are very common against web sites and web servers. They are one "
2336
+ "of the most common vectors used to compromise web sites. The process is very "
2337
+ "simple and the attackers basically try multiple combinations of usernames "
2338
+ "and passwords until they find one that works. Once they get in, they can "
2339
+ "compromise the web site with malware, spam , phishing or anything else they "
2340
+ "want."
2341
+ msgstr ""
2342
+
2343
+ #: src/strings.php:218
2344
+ msgid "Consider Brute-Force Attack After:"
2345
+ msgstr ""
2346
+
2347
+ #: src/strings.php:222
2348
+ msgid "Security Alerts"
2349
+ msgstr ""
2350
+
2351
+ #: src/strings.php:223
2352
+ msgid ""
2353
+ "You have installed a plugin or theme that is not fully compatible with our "
2354
+ "plugin, some of the security alerts (like the successful and failed logins) "
2355
+ "will not be sent to you. To prevent an infinite loop while detecting these "
2356
+ "changes in the website and sending the email alerts via a custom SMTP "
2357
+ "plugin, we have decided to stop any attempt to send the emails to prevent "
2358
+ "fatal errors."
2359
+ msgstr ""
2360
+
2361
+ #: src/strings.php:225
2362
+ msgid "Event"
2363
+ msgstr ""
2364
+
2365
+ #: src/strings.php:229
2366
+ msgid "Post-Type Alerts"
2367
+ msgstr ""
2368
+
2369
+ #: src/strings.php:230
2370
+ msgid ""
2371
+ "It seems that you disabled the email alerts for <b>new site content</b>, "
2372
+ "this panel is intended to provide a way to ignore specific events in your "
2373
+ "site and with that the alerts reported to your email. Since you have "
2374
+ "deactivated the <b>new site content</b> alerts, this panel will be disabled "
2375
+ "too."
2376
+ msgstr ""
2377
+
2378
+ #: src/strings.php:231
2379
+ msgid ""
2380
+ "This is a list of registered <a href=\"https://codex.wordpress.org/Post_Types"
2381
+ "\" target=\"_blank\" rel=\"noopener\">Post Types</a>. You will receive an "
2382
+ "email alert when a custom page or post associated to any of these types is "
2383
+ "created or updated. If you don’t want to receive one or more of these "
2384
+ "alerts, feel free to uncheck the boxes in the table below. If you are "
2385
+ "receiving alerts for post types that are not listed in this table, it may be "
2386
+ "because there is an add-on that that is generating a custom post-type on "
2387
+ "runtime, you will have to find out by yourself what is the unique ID of that "
2388
+ "post-type and type it in the form below. The plugin will do its best to "
2389
+ "ignore these alerts as long as the unique ID is valid."
2390
+ msgstr ""
2391
+
2392
+ #: src/strings.php:232
2393
+ msgid "Stop Alerts For This Post-Type:"
2394
+ msgstr ""
2395
+
2396
+ #: src/strings.php:233
2397
+ msgid "e.g. unique_post_type_id"
2398
+ msgstr ""
2399
+
2400
+ #: src/strings.php:235
2401
+ msgid "Show Post-Types Table"
2402
+ msgstr ""
2403
+
2404
+ #: src/strings.php:236
2405
+ msgid "Hide Post-Types Table"
2406
+ msgstr ""
2407
+
2408
+ #: src/strings.php:238
2409
+ msgid "Post Type"
2410
+ msgstr ""
2411
+
2412
+ #: src/strings.php:239
2413
+ msgid "Post Type ID"
2414
+ msgstr ""
2415
+
2416
+ #: src/strings.php:240
2417
+ msgid "Ignored At (optional)"
2418
+ msgstr ""
2419
+
2420
+ #: src/strings.php:243
2421
+ msgid "Alerts Per Hour"
2422
+ msgstr ""
2423
+
2424
+ #: src/strings.php:244
2425
+ msgid ""
2426
+ "Configure the maximum number of email alerts per hour. If the number is "
2427
+ "exceeded and the plugin detects more events during the same hour, it will "
2428
+ "still log the events into the audit logs but will not send the email alerts. "
2429
+ "Be careful with this as you will miss important information."
2430
+ msgstr ""
2431
+
2432
+ #: src/strings.php:245
2433
+ msgid "Maximum Alerts Per Hour:"
2434
+ msgstr ""
2435
+
2436
+ #: src/strings.php:249
2437
+ msgid "Alerts Recipient"
2438
+ msgstr ""
2439
+
2440
+ #: src/strings.php:250
2441
+ msgid ""
2442
+ "By default, the plugin will send the email alerts to the primary admin "
2443
+ "account, the same account created during the installation of WordPress in "
2444
+ "your web server. You can add more people to the list, they will receive a "
2445
+ "copy of the same security alerts."
2446
+ msgstr ""
2447
+
2448
+ #: src/strings.php:252
2449
+ msgid "e.g. user@example.com"
2450
+ msgstr ""
2451
+
2452
+ #: src/strings.php:255 src/strings.php:411
2453
+ msgid "E-mail"
2454
+ msgstr ""
2455
+
2456
+ #: src/strings.php:257
2457
+ msgid "Test Alerts"
2458
+ msgstr ""
2459
+
2460
+ #: src/strings.php:260
2461
+ msgid "Alert Subject"
2462
+ msgstr ""
2463
+
2464
+ #: src/strings.php:261
2465
+ msgid ""
2466
+ "Format of the subject for the email alerts, by default the plugin will use "
2467
+ "the website name and the event identifier that is being reported, you can "
2468
+ "use this panel to include the IP address of the user that triggered the "
2469
+ "event and some additional data. You can create filters in your email client "
2470
+ "creating a custom email subject using the pseudo-tags shown below."
2471
+ msgstr ""
2472
+
2473
+ #: src/strings.php:262
2474
+ msgid "Custom Format"
2475
+ msgstr ""
2476
+
2477
+ #: src/strings.php:266
2478
+ msgid "Trusted IP Addresses"
2479
+ msgstr ""
2480
+
2481
+ #: src/strings.php:267
2482
+ msgid ""
2483
+ "If you are working in a LAN <em>(Local Area Network)</em> you may want to "
2484
+ "include the IP addresses of all the nodes in the subnet, this will force the "
2485
+ "plugin to stop sending email alerts about actions executed from trusted IP "
2486
+ "addresses. Use the CIDR <em>(Classless Inter Domain Routing)</em> format to "
2487
+ "specify ranges of IP addresses <em>(only 8, 16, and 24)</em>."
2488
+ msgstr ""
2489
+
2490
+ #: src/strings.php:269
2491
+ msgid "e.g. 182.120.56.0/24"
2492
+ msgstr ""
2493
+
2494
+ #: src/strings.php:273
2495
+ msgid "CIDR Format"
2496
+ msgstr ""
2497
+
2498
+ #: src/strings.php:274
2499
+ msgid "IP Added At"
2500
+ msgstr ""
2501
+
2502
+ #: src/strings.php:279
2503
+ msgid ""
2504
+ "If this operation was successful you will receive a message in the email "
2505
+ "used during the registration of the API key <em>(usually the email of the "
2506
+ "main admin user)</em>. This message contains the key in plain text, copy and "
2507
+ "paste the key in the form field below. The plugin will verify the "
2508
+ "authenticity of the key sending an initial HTTP request to the API service, "
2509
+ "if this fails the key will be removed automatically and you will have to "
2510
+ "start the process all over again."
2511
+ msgstr ""
2512
+
2513
+ #: src/strings.php:280
2514
+ msgid ""
2515
+ "There are cases where this operation may fail, an example would be when the "
2516
+ "email address is not associated with the domain anymore, this happens when "
2517
+ "the base URL changes <em>(from www to none or viceversa)</em>. If you are "
2518
+ "having issues recovering the key please send an email explaining the "
2519
+ "situation to <a href=\"mailto:info@sucuri.net\">info@sucuri.net</a>"
2520
+ msgstr ""
2521
+
2522
+ #: src/strings.php:281 src/strings.php:319
2523
+ msgid "API Key:"
2524
+ msgstr ""
2525
+
2526
+ #: src/strings.php:285
2527
+ msgid ""
2528
+ "Congratulations! The rest of the features available in the plugin have been "
2529
+ "enabled. This product is designed to supplement existing security products. "
2530
+ "It’s not a silver bullet for your security needs, but it’ll give you greater "
2531
+ "security awareness and better posture, all with the intent of reducing risk."
2532
+ msgstr ""
2533
+
2534
+ #: src/strings.php:286
2535
+ msgid ""
2536
+ "Your website has been granted a new API key and it was associated to the "
2537
+ "email address that you chose during the registration process. You can use "
2538
+ "the same email to recover the key if you happen to lose it sometime. We "
2539
+ "encourage you to check the rest of the settings page and configure the "
2540
+ "plugin to your own needs."
2541
+ msgstr ""
2542
+
2543
+ #: src/strings.php:291 src/strings.php:293
2544
+ msgid "WordPress Checksums API"
2545
+ msgstr ""
2546
+
2547
+ #: src/strings.php:292
2548
+ msgid ""
2549
+ "The WordPress integrity tool uses a remote API service maintained by the "
2550
+ "WordPress organization to determine which files in the installation were "
2551
+ "added, removed or modified. The API returns a list of files with their "
2552
+ "respective checksums, this information guarantees that the installation is "
2553
+ "not corrupt. You can, however, point the integrity tool to a GitHub "
2554
+ "repository in case that you are using a custom version of WordPress like the "
2555
+ "<a href=\"https://github.com/WordPress/WordPress\" target=\"_blank\" rel="
2556
+ "\"noopener\">development version of the code</a>."
2557
+ msgstr ""
2558
+
2559
+ #: src/strings.php:294
2560
+ msgid "e.g. URL — or — user/repo"
2561
+ msgstr ""
2562
+
2563
+ #: src/strings.php:298
2564
+ msgid "API Communication via Proxy"
2565
+ msgstr ""
2566
+
2567
+ #: src/strings.php:299
2568
+ msgid ""
2569
+ "All the HTTP requests used to communicate with the API service are being "
2570
+ "sent using the WordPress built-in functions, so (almost) all its official "
2571
+ "features are inherited, this is useful if you need to pass these HTTP "
2572
+ "requests through a proxy. According to the <a href=\"https://developer."
2573
+ "wordpress.org/reference/classes/wp_http_proxy/\" target=\"_blank\" rel="
2574
+ "\"noopener\">official documentation</a> you have to add some constants to "
2575
+ "the main configuration file: <em>WP_PROXY_HOST, WP_PROXY_PORT, "
2576
+ "WP_PROXY_USERNAME, WP_PROXY_PASSWORD</em>."
2577
+ msgstr ""
2578
+
2579
+ #: src/strings.php:300
2580
+ msgid "HTTP Proxy Hostname"
2581
+ msgstr ""
2582
+
2583
+ #: src/strings.php:301
2584
+ msgid "HTTP Proxy Port num"
2585
+ msgstr ""
2586
+
2587
+ #: src/strings.php:302
2588
+ msgid "HTTP Proxy Username"
2589
+ msgstr ""
2590
+
2591
+ #: src/strings.php:303
2592
+ msgid "HTTP Proxy Password"
2593
+ msgstr ""
2594
+
2595
+ #: src/strings.php:306 src/strings.php:496
2596
+ msgid "API Service Communication"
2597
+ msgstr ""
2598
+
2599
+ #: src/strings.php:307
2600
+ msgid ""
2601
+ "Once the API key is generate the plugin will communicate with a remote API "
2602
+ "service that will act as a safe data storage for the audit logs generated "
2603
+ "when the website triggers certain events that the plugin monitors. If the "
2604
+ "website is hacked the attacker will not have access to these logs and that "
2605
+ "way you can investigate what was modified <em>(for malware infaction)</em> "
2606
+ "and/or how the malicious person was able to gain access to the website."
2607
+ msgstr ""
2608
+
2609
+ #: src/strings.php:308
2610
+ #, php-format
2611
+ msgid ""
2612
+ "Disabling the API service communication will stop the event monitoring, "
2613
+ "consider to enable the <a href=\"%%SUCURI.URL.Settings%%#general\">Log "
2614
+ "Exporter</a> to keep the monitoring working while the HTTP requests are "
2615
+ "ignored, otherwise an attacker may execute an action that will not be "
2616
+ "registered in the security logs and you will not have a way to investigate "
2617
+ "the attack in the future."
2618
+ msgstr ""
2619
+
2620
+ #: src/strings.php:309
2621
+ msgid ""
2622
+ "<strong>Are you a developer?</strong> You may be interested in our API. Feel "
2623
+ "free to use the URL shown below to access the latest 50 entries in your "
2624
+ "security log, change the value for the parameter <code>l=N</code> if you "
2625
+ "need more. Be aware that the API doesn’t provides an offset parameter, so if "
2626
+ "you have the intension to query specific sections of the log you will need "
2627
+ "to wrap the HTTP request around your own cache mechanism. We <strong>DO NOT</"
2628
+ "strong> take feature requests for the API, this is a semi-private service "
2629
+ "tailored for the specific needs of the plugin and not intended to be used by "
2630
+ "3rd-party apps, we may change the behavior of each API endpoint without "
2631
+ "previous notice, use it at your own risk."
2632
+ msgstr ""
2633
+
2634
+ #: src/strings.php:312
2635
+ msgid "API Key"
2636
+ msgstr ""
2637
+
2638
+ #: src/strings.php:313
2639
+ msgid ""
2640
+ "An API key is required to prevent attackers from deleting audit logs that "
2641
+ "can help you investigate and recover after a hack, and allows the plugin to "
2642
+ "display statistics. By generating an API key, you agree that Sucuri will "
2643
+ "collect and store anonymous data about your website. We take your privacy "
2644
+ "seriously."
2645
+ msgstr ""
2646
+
2647
+ #: src/strings.php:314
2648
+ #, php-format
2649
+ msgid ""
2650
+ "Your domain <code>%%SUCURI.CleanDomain%%</code> does not seems to have a DNS "
2651
+ "<code>A</code> record so it will be considered as <em>invalid</em> by the "
2652
+ "API interface when you request the generation of a new key. Adding "
2653
+ "<code>www</code> at the beginning of the domain name may fix this issue. If "
2654
+ "you do not understand what is this then send an email to our support team "
2655
+ "requesting the key."
2656
+ msgstr ""
2657
+
2658
+ #: src/strings.php:315
2659
+ msgid "Recover Via E-mail"
2660
+ msgstr ""
2661
+
2662
+ #: src/strings.php:316
2663
+ msgid "Manual Activation"
2664
+ msgstr ""
2665
+
2666
+ #: src/strings.php:317
2667
+ msgid ""
2668
+ "If you do not have access to the administrator email, you can reinstall the "
2669
+ "plugin. The API key is generated using an administrator email and the domain "
2670
+ "of the website. Click the \"Manual Activation\" button if you already have a "
2671
+ "valid API key to authenticate this website with the remote API web service."
2672
+ msgstr ""
2673
+
2674
+ #: src/strings.php:322
2675
+ msgid "Data Storage"
2676
+ msgstr ""
2677
+
2678
+ #: src/strings.php:323
2679
+ msgid ""
2680
+ "This is the directory where the plugin will store the security logs, the "
2681
+ "list of files marked as fixed in the core integrity tool, the cache for the "
2682
+ "malware scanner and 3rd-party plugin metadata. The plugin requires write "
2683
+ "permissions in this directory as well as the files contained in it. If you "
2684
+ "prefer to keep these files in a non-public directory <em>(one level up the "
2685
+ "document root)</em> please define a constant in the <em>\"wp-config.php\"</"
2686
+ "em> file named <em>\"SUCURI_DATA_STORAGE\"</em> with the absolute path to "
2687
+ "the new directory."
2688
+ msgstr ""
2689
+
2690
+ #: src/strings.php:332
2691
+ msgid "Import &amp; Export Settings"
2692
+ msgstr ""
2693
+
2694
+ #: src/strings.php:333
2695
+ msgid ""
2696
+ "Copy the JSON-encoded data from the box below, go to your other websites and "
2697
+ "click the <em>\"Import\"</em> button in the settings page. The plugin will "
2698
+ "start using the same settings from this website. Notice that some options "
2699
+ "are omitted as they contain values specific to this website. To import the "
2700
+ "settings from another website into this one, replace the JSON-encoded data "
2701
+ "in the box below with the JSON-encoded data exported from the other website, "
2702
+ "then click the button <em>\"Import\"</em>. Notice that some options will not "
2703
+ "be imported to reduce the security risk of writing arbitrary data into the "
2704
+ "disk."
2705
+ msgstr ""
2706
+
2707
+ #: src/strings.php:338
2708
+ msgid "IP Address Discoverer"
2709
+ msgstr ""
2710
+
2711
+ #: src/strings.php:339
2712
+ msgid ""
2713
+ "IP address discoverer will use DNS lookups to automatically detect if the "
2714
+ "website is behind the <a href=\"https://sucuri.net/website-firewall/\" "
2715
+ "target=\"_blank\" rel=\"noopener\">Sucuri Firewall</a>, in which case it "
2716
+ "will modify the global server variable <em>Remote-Addr</em> to set the real "
2717
+ "IP of the website’s visitors. This check runs on every WordPress init action "
2718
+ "and that is why it may slow down your website as some hosting providers rely "
2719
+ "on slow DNS servers which makes the operation take more time than it should."
2720
+ msgstr ""
2721
+
2722
+ #: src/strings.php:340
2723
+ msgid "HTTP Header:"
2724
+ msgstr ""
2725
+
2726
+ #: src/strings.php:341
2727
+ msgid "Proceed"
2728
+ msgstr ""
2729
+
2730
+ #: src/strings.php:342
2731
+ msgid "Sucuri Firewall"
2732
+ msgstr ""
2733
+
2734
+ #: src/strings.php:344
2735
+ msgid "Top Level Domain:"
2736
+ msgstr ""
2737
+
2738
+ #: src/strings.php:345
2739
+ msgid "Hostname:"
2740
+ msgstr ""
2741
+
2742
+ #: src/strings.php:346
2743
+ msgid "IP Address (Hostname):"
2744
+ msgstr ""
2745
+
2746
+ #: src/strings.php:347
2747
+ msgid "IP Address (Username):"
2748
+ msgstr ""
2749
+
2750
+ #: src/strings.php:350
2751
+ msgid "Reset Security Logs, Hardening and Settings"
2752
+ msgstr ""
2753
+
2754
+ #: src/strings.php:351
2755
+ msgid ""
2756
+ "This action will trigger the deactivation / uninstallation process of the "
2757
+ "plugin. All local security logs, hardening and settings will be deleted. "
2758
+ "Notice that the security logs stored in the API service will not be deleted, "
2759
+ "this is to prevent tampering from a malicious user. You can request a new "
2760
+ "API key if you want to start from scratch."
2761
+ msgstr ""
2762
+
2763
+ #: src/strings.php:356
2764
+ msgid "Reverse Proxy"
2765
+ msgstr ""
2766
+
2767
+ #: src/strings.php:357
2768
+ msgid ""
2769
+ "The event monitor uses the API address of the origin of the request to track "
2770
+ "the actions. The plugin uses two methods to retrieve this: the main method "
2771
+ "uses the global server variable <em>Remote-Addr</em> available in most "
2772
+ "modern web servers, and an alternative method uses custom HTTP headers "
2773
+ "<em>(which are unsafe by default)</em>. You should not worry about this "
2774
+ "option unless you know what a reverse proxy is. Services like the <a href="
2775
+ "\"https://sucuri.net/website-firewall/\" target=\"_blank\" rel=\"noopener"
2776
+ "\">Sucuri Firewall</a> &mdash; once active &mdash; force the network traffic "
2777
+ "to pass through them to filter any security threat that may affect the "
2778
+ "original server. A side effect of this is that the real IP address is no "
2779
+ "longer available in the global server variable <em>Remote-Addr</em> but in a "
2780
+ "custom HTTP header with a name provided by the service."
2781
+ msgstr ""
2782
+
2783
+ #: src/strings.php:360
2784
+ msgid "Log Exporter"
2785
+ msgstr ""
2786
+
2787
+ #: src/strings.php:361
2788
+ msgid ""
2789
+ "This option allows you to export the WordPress audit logs to a local log "
2790
+ "file that can be read by a SIEM or any log analysis software <em>(we "
2791
+ "recommend OSSEC)</em>. That will give visibility from within WordPress to "
2792
+ "complement your log monitoring infrastructure. <b>NOTE:</b> Do not use a "
2793
+ "publicly accessible file, you must use a file at least one level up the "
2794
+ "document root to prevent leaks of information."
2795
+ msgstr ""
2796
+
2797
+ #: src/strings.php:362 src/strings.php:374
2798
+ msgid "File Path:"
2799
+ msgstr ""
2800
+
2801
+ #: src/strings.php:366
2802
+ msgid "Timezone"
2803
+ msgstr ""
2804
+
2805
+ #: src/strings.php:367
2806
+ msgid ""
2807
+ "This option defines the timezone that will be used through out the entire "
2808
+ "plugin to print the dates and times whenever is necessary. This option also "
2809
+ "affects the date and time of the logs visible in the audit logs panel which "
2810
+ "is data that comes from a remote server configured to use Eastern Daylight "
2811
+ "Time (EDT). WordPress offers an option in the general settings page to allow "
2812
+ "you to configure the timezone for the entire website, however, if you are "
2813
+ "experiencing problems with the time in the audit logs, this option will help "
2814
+ "you fix them."
2815
+ msgstr ""
2816
+
2817
+ #: src/strings.php:368
2818
+ msgid "Timezone:"
2819
+ msgstr ""
2820
+
2821
+ #: src/strings.php:372
2822
+ msgid "Whitelist Blocked PHP Files"
2823
+ msgstr ""
2824
+
2825
+ #: src/strings.php:373
2826
+ msgid ""
2827
+ "After you apply the hardening in either the includes, content, and/or "
2828
+ "uploads directories, the plugin will add a rule in the access control file "
2829
+ "to deny access to any PHP file located in these folders. This is a good "
2830
+ "precaution in case an attacker is able to upload a shell script. With a few "
2831
+ "exceptions the <em>\"index.php\"</em> file is the only one that should be "
2832
+ "publicly accessible, however many theme/plugin developers decide to use "
2833
+ "these folders to process some operations. In this case applying the "
2834
+ "hardening <strong>may break</strong> their functionality."
2835
+ msgstr ""
2836
+
2837
+ #: src/strings.php:378
2838
+ msgid "Directory"
2839
+ msgstr ""
2840
+
2841
+ #: src/strings.php:379
2842
+ msgid "Pattern"
2843
+ msgstr ""
2844
+
2845
+ #: src/strings.php:384 src/strings.php:392
2846
+ msgid ""
2847
+ "WordPress has a big user base in the public Internet, which brings interest "
2848
+ "to attackers to find vulnerabilities in the code, 3rd-party extensions, and "
2849
+ "themes that other companies develop. You should keep every piece of code "
2850
+ "installed in your website updated to prevent attacks as soon as disclosed "
2851
+ "vulnerabilities are patched."
2852
+ msgstr ""
2853
+
2854
+ #: src/strings.php:386 src/strings.php:394 src/strings.php:424
2855
+ msgid "Version"
2856
+ msgstr ""
2857
+
2858
+ #: src/strings.php:387 src/strings.php:395
2859
+ msgid "Update"
2860
+ msgstr ""
2861
+
2862
+ #: src/strings.php:388 src/strings.php:396
2863
+ msgid "Tested With"
2864
+ msgstr ""
2865
+
2866
+ #: src/strings.php:391
2867
+ msgid "Available Plugin and Theme Updates"
2868
+ msgstr ""
2869
+
2870
+ #: src/strings.php:400
2871
+ msgid "Download"
2872
+ msgstr ""
2873
+
2874
+ #: src/strings.php:403
2875
+ msgid ""
2876
+ "WordPress has generated a new (random) password for your account <b>%%SUCURI."
2877
+ "ResetPassword.UserName%%</b> at <a target=\"_blank\" href=\"http://%%SUCURI."
2878
+ "ResetPassword.Website%%\" rel=\"noopener\">%%SUCURI.ResetPassword.Website%%</"
2879
+ "a>. The change has been requested by one of the admins in this website for "
2880
+ "security reasons. Your new password is &mdash; <span style=\"font-family:"
2881
+ "Menlo, Monaco, monospace, serif;font-weight:700\">%%%SUCURI.ResetPassword."
2882
+ "Password%%%</span> &mdash; please change it as soon as possible."
2883
+ msgstr ""
2884
+
2885
+ #: src/strings.php:406
2886
+ msgid "Reset User Password"
2887
+ msgstr ""
2888
+
2889
+ #: src/strings.php:408
2890
+ msgid ""
2891
+ "You can generate a new random password for the user accounts that you select "
2892
+ "from the list. An email with the new password will be sent to the email "
2893
+ "address of each chosen user. If you choose to change the password of your "
2894
+ "own user, then your current session will expire immediately. You will need "
2895
+ "to log back into the admin panel with the new password that will be sent to "
2896
+ "your email."
2897
+ msgstr ""
2898
+
2899
+ #: src/strings.php:413
2900
+ msgid "Roles"
2901
+ msgstr ""
2902
+
2903
+ #: src/strings.php:417
2904
+ msgid "Reset Installed Plugins"
2905
+ msgstr ""
2906
+
2907
+ #: src/strings.php:419
2908
+ msgid ""
2909
+ "In case you suspect having an infection in your site, or after you got rid "
2910
+ "of a malicious code, it’s recommended to reinstall all the plugins installed "
2911
+ "in your site, including the ones you are not using. Notice that premium "
2912
+ "plugins will not be automatically reinstalled to prevent backward "
2913
+ "compatibility issues and problems with licenses."
2914
+ msgstr ""
2915
+
2916
+ #: src/strings.php:420
2917
+ #, php-format
2918
+ msgid ""
2919
+ "The information shown here is cached for %%SUCURI.ResetPlugin.CacheLifeTime"
2920
+ "%% seconds. This is necessary to reduce the quantity of HTTP requests sent "
2921
+ "to the WordPress servers and the bandwidth of your site. Currently there is "
2922
+ "no option to recreate this cache."
2923
+ msgstr ""
2924
+
2925
+ #: src/strings.php:421
2926
+ msgid ""
2927
+ "<b>WARNING!</b> This procedure can break your website. The reset will not "
2928
+ "affect the database nor the settings of each plugin, but depending on how "
2929
+ "they were written the reset action might break them. Be sure to create a "
2930
+ "backup of the plugins directory before the execution of this tool."
2931
+ msgstr ""
2932
+
2933
+ #: src/strings.php:425
2934
+ msgid "Type"
2935
+ msgstr ""
2936
+
2937
+ #: src/strings.php:430
2938
+ msgid "Update Secret Keys"
2939
+ msgstr ""
2940
+
2941
+ #: src/strings.php:431
2942
+ msgid ""
2943
+ "The secret or security keys are a list of constants added to your site to "
2944
+ "ensure better encryption of information stored in the user’s cookies. A "
2945
+ "secret key makes your site harder to hack by adding random elements to the "
2946
+ "password. You do not have to remember the keys, just write a random, "
2947
+ "complicated, and long string in the <code>wp-config.php</code> file. You can "
2948
+ "change these keys at any point in time. Changing them will invalidate all "
2949
+ "existing cookies, forcing all logged in users to login again."
2950
+ msgstr ""
2951
+
2952
+ #: src/strings.php:432
2953
+ msgid "Your current session will expire once the form is submitted."
2954
+ msgstr ""
2955
+
2956
+ #: src/strings.php:437
2957
+ msgid "Generate New Security Keys"
2958
+ msgstr ""
2959
+
2960
+ #: src/strings.php:440
2961
+ msgid "Scheduled Tasks"
2962
+ msgstr ""
2963
+
2964
+ #: src/strings.php:441
2965
+ msgid ""
2966
+ "The plugin scans your entire website looking for changes which are later "
2967
+ "reported via the API in the audit logs page. By default the scanner runs "
2968
+ "daily but you can change the frequency to meet your requirements. Notice "
2969
+ "that scanning your project files too frequently may affect the performance "
2970
+ "of your website. Be sure to have enough server resources before changing "
2971
+ "this option. The memory limit and maximum execution time are two of the PHP "
2972
+ "options that your server will set to stop your website from consuming too "
2973
+ "much resources."
2974
+ msgstr ""
2975
+
2976
+ #: src/strings.php:442
2977
+ msgid ""
2978
+ "The scanner uses the <a href=\"http://php.net/manual/en/class.splfileobject."
2979
+ "php\" target=\"_blank\" rel=\"noopener\">PHP SPL library</a> and the <a "
2980
+ "target=\"_blank\" href=\"http://php.net/manual/en/class.filesystemiterator."
2981
+ "php\" rel=\"noopener\">Filesystem Iterator</a> class to scan the directory "
2982
+ "tree where your website is located in the server. This library is only "
2983
+ "available on PHP 5 >= 5.3.0 &mdash; OR &mdash; PHP 7; if you have an older "
2984
+ "version of PHP the plugin will not work as expected. Please ask your hosting "
2985
+ "provider to advise you on this matter."
2986
+ msgstr ""
2987
+
2988
+ #: src/strings.php:443
2989
+ msgid ""
2990
+ "Scheduled tasks are rules registered in your database by a plugin, theme, or "
2991
+ "the base system itself; they are used to automatically execute actions "
2992
+ "defined in the code every certain amount of time. A good use of these rules "
2993
+ "is to generate backup files of your site, execute a security scanner, or "
2994
+ "remove unused elements like drafts. <b>Note:</b> Scheduled tasks can be re-"
2995
+ "installed by any plugin/theme automatically."
2996
+ msgstr ""
2997
+
2998
+ #: src/strings.php:446
2999
+ msgid "Schedule"
3000
+ msgstr ""
3001
+
3002
+ #: src/strings.php:447
3003
+ msgid "Next Due"
3004
+ msgstr ""
3005
+
3006
+ #: src/strings.php:448
3007
+ msgid "Arguments"
3008
+ msgstr ""
3009
+
3010
+ #: src/strings.php:454
3011
+ msgid "Ignore Files And Folders During The Scans"
3012
+ msgstr ""
3013
+
3014
+ #: src/strings.php:455
3015
+ msgid ""
3016
+ "Use this tool to select the files and/or folders that are too heavy for the "
3017
+ "scanner to process. These are usually folders with images, media files like "
3018
+ "videos and audios, backups and &mdash; in general &mdash; anything that is "
3019
+ "not code-related. Ignoring these files or folders will reduce the memory "
3020
+ "consumption of the PHP script."
3021
+ msgstr ""
3022
+
3023
+ #: src/strings.php:456
3024
+ msgid "Ignore a file or directory:"
3025
+ msgstr ""
3026
+
3027
+ #: src/strings.php:457
3028
+ msgid "e.g. /private/directory/"
3029
+ msgstr ""
3030
+
3031
+ #: src/strings.php:462
3032
+ msgid "Unignore Selected Directories"
3033
+ msgstr ""
3034
+
3035
+ #: src/strings.php:465
3036
+ msgid "WordPress Integrity (False Positives)"
3037
+ msgstr ""
3038
+
3039
+ #: src/strings.php:466
3040
+ msgid ""
3041
+ "Since the scanner doesn’t read the files during the execution of the "
3042
+ "integrity check, it is possible to find false positives. Files listed here "
3043
+ "have been marked as false positives and will be ignored by the scanner in "
3044
+ "subsequent scans."
3045
+ msgstr ""
3046
+
3047
+ #: src/strings.php:468
3048
+ msgid "Reason"
3049
+ msgstr ""
3050
+
3051
+ #: src/strings.php:469
3052
+ msgid "Ignored At"
3053
+ msgstr ""
3054
+
3055
+ #: src/strings.php:472
3056
+ msgid "Stop Ignoring the Selected Files"
3057
+ msgstr ""
3058
+
3059
+ #: src/strings.php:476
3060
+ msgid ""
3061
+ "If your server allows the execution of system commands, you can configure "
3062
+ "the plugin to use the <a href=\"https://en.wikipedia.org/wiki/Diff_utility\" "
3063
+ "target=\"_blank\" rel=\"noopener\">Unix Diff Utility</a> to compare the "
3064
+ "actual content of the file installed in the website and the original file "
3065
+ "provided by WordPress. This will show the differences between both files and "
3066
+ "then you can act upon the information provided."
3067
+ msgstr ""
3068
+
3069
+ #: src/strings.php:480
3070
+ msgid "Environment Variables"
3071
+ msgstr ""
3072
+
3073
+ #: src/strings.php:483
3074
+ msgid "Access File Integrity"
3075
+ msgstr ""
3076
+
3077
+ #: src/strings.php:484
3078
+ msgid ""
3079
+ "The <code>.htaccess</code> file is a distributed configuration file, and is "
3080
+ "how the Apache web server handles configuration changes on a per-directory "
3081
+ "basis. WordPress uses this file to manipulate how Apache serves files from "
3082
+ "its root directory and subdirectories thereof; most notably, it modifies "
3083
+ "this file to be able to handle pretty permalinks."
3084
+ msgstr ""
3085
+
3086
+ #: src/strings.php:485
3087
+ msgid "Htaccess file found in"
3088
+ msgstr ""
3089
+
3090
+ #: src/strings.php:486
3091
+ msgid ""
3092
+ "Your website has no <code>.htaccess</code> file or it was not found in the "
3093
+ "default location."
3094
+ msgstr ""
3095
+
3096
+ #: src/strings.php:487
3097
+ msgid ""
3098
+ "The main <code>.htaccess</code> file in your site has the standard rules for "
3099
+ "a WordPress installation. You can customize it to improve the performance "
3100
+ "and change the behaviour of the redirections for pages and posts in your "
3101
+ "site. To get more information visit the official documentation at <a target="
3102
+ "\"_blank\" rel=\"noopener\" href=\"https://codex.wordpress.org/"
3103
+ "Using_Permalinks#Creating_and_editing_.28.htaccess.29\"> Codex WordPress - "
3104
+ "Creating and editing (.htaccess)</a>"
3105
+ msgstr ""
3106
+
3107
+ #: src/strings.php:488
3108
+ msgid "Codex WordPress HTAccess"
3109
+ msgstr ""
3110
+
3111
+ #: src/strings.php:491
3112
+ msgid "General Settings"
3113
+ msgstr ""
3114
+
3115
+ #: src/strings.php:492
3116
+ msgid "Scanner"
3117
+ msgstr ""
3118
+
3119
+ #: src/strings.php:493
3120
+ msgid "Hardening"
3121
+ msgstr ""
3122
+
3123
+ #: src/strings.php:494
3124
+ msgid "Post-Hack"
3125
+ msgstr ""
3126
+
3127
+ #: src/strings.php:495
3128
+ msgid "Alerts"
3129
+ msgstr ""
3130
+
3131
+ #: src/strings.php:497
3132
+ msgid "Website Info"
3133
+ msgstr ""
3134
+
3135
+ #: src/strings.php:498
3136
+ msgid "Hardening Options"
3137
+ msgstr ""
3138
+
3139
+ #: src/strings.php:501
3140
+ #, php-format
3141
+ msgid "This information will be updated %%SUCURI.SiteCheck.Lifetime%%"
3142
+ msgstr ""
3143
+
3144
+ #: src/strings.php:502
3145
+ msgid "Refresh Malware Scan"
3146
+ msgstr ""
3147
+
3148
+ #: src/strings.php:505
3149
+ msgid "No malicious JavaScript"
3150
+ msgstr ""
3151
+
3152
+ #: src/strings.php:506
3153
+ msgid "No malicious iFrames"
3154
+ msgstr ""
3155
+
3156
+ #: src/strings.php:507
3157
+ msgid "No suspicious redirections"
3158
+ msgstr ""
3159
+
3160
+ #: src/strings.php:508
3161
+ msgid "No blackhat SEO spam"
3162
+ msgstr ""
3163
+
3164
+ #: src/strings.php:509
3165
+ msgid "No anomaly detection"
3166
+ msgstr ""
3167
+
3168
+ #: src/strings.php:510
3169
+ msgid ""
3170
+ "Some types of problems cannot be detected by this scanner. If this scanner "
3171
+ "did not detect any issue and you still suspect a problem exists, you can <a "
3172
+ "href=\"https://sucuri.net/website-security-platform/signup\" target=\"_blank"
3173
+ "\" rel=\"noopener\">sign up with Sucuri</a> for a complete and in-depth scan "
3174
+ "+ cleanup (not included in the free checks)."
3175
+ msgstr ""
3176
+
3177
+ #: src/strings.php:513
3178
+ msgid "Hover to see the Payload"
3179
+ msgstr ""
3180
+
3181
+ #: src/strings.php:516
3182
+ msgid "Recommendations"
3183
+ msgstr ""
3184
+
3185
+ #: src/strings.php:519 src/strings.php:521
3186
+ msgid "Malware Scan Target"
3187
+ msgstr ""
3188
+
3189
+ #: src/strings.php:520
3190
+ msgid ""
3191
+ "The remote malware scanner provided by the plugin is powered by <a href="
3192
+ "\"https://sitecheck.sucuri.net/\" target=\"_blank\" rel=\"noopener\">Sucuri "
3193
+ "SiteCheck</a>, a service that takes a publicly accessible URL and scans it "
3194
+ "for malicious code. If your website is not visible to the Internet, for "
3195
+ "example, if it is hosted in a local development environment or a restricted "
3196
+ "network, the scanner will not be able to work on it. Additionally, if the "
3197
+ "website was installed in a non-standard directory the scanner will report a "
3198
+ "\"404 Not Found\" error. You can use this option to change the URL that will "
3199
+ "be scanned."
3200
+ msgstr ""
3201
+
3202
+ #: src/strings.php:522
3203
+ msgid "Malware Scan Target:"
3204
+ msgstr ""
3205
+
3206
+ #: src/template.lib.php:277
3207
+ msgid "Invalid template type"
3208
+ msgstr ""
3209
+
3210
+ #: sucuri.php:316
3211
+ msgid "Sucuri plugin has been uninstalled"
3212
+ msgstr ""
3213
+
3214
+ #. Plugin Name of the plugin/theme
3215
+ msgid "Sucuri Security - Auditing, Malware Scanner and Hardening"
3216
+ msgstr ""
3217
+
3218
+ #. Plugin URI of the plugin/theme
3219
+ msgid "https://wordpress.sucuri.net/"
3220
+ msgstr ""
3221
+
3222
+ #. Description of the plugin/theme
3223
+ msgid ""
3224
+ "The <a href=\"https://sucuri.net/\" target=\"_blank\">Sucuri</a> plugin "
3225
+ "provides the website owner the best Activity Auditing, SiteCheck Remote "
3226
+ "Malware Scanning, Effective Security Hardening and Post-Hack features. "
3227
+ "SiteCheck will check for malware, spam, blacklisting and other security "
3228
+ "issues like .htaccess redirects, hidden eval code, etc. The best thing about "
3229
+ "it is it's completely free."
3230
+ msgstr ""
3231
+
3232
+ #. Author of the plugin/theme
3233
+ msgid "Sucuri Inc."
3234
+ msgstr ""
3235
+
3236
+ #. Author URI of the plugin/theme
3237
+ msgid "https://sucuri.net/"
3238
+ msgstr ""
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate Link: https://sucuri.net/
4
  Tags: malware, security, firewall, scan, spam, virus, sucuri, protection, blacklist, detection, hardening, file integrity
5
  Requires at least: 3.6
6
  Tested up to: 5.0.3
7
- Stable tag: 1.8.19
8
 
9
  The Sucuri WordPress Security plugin is a security toolset for security integrity monitoring, malware detection and security hardening.
10
 
@@ -190,6 +190,12 @@ This version adds an option to refresh the malware scan results on demand, as we
190
 
191
  == Changelog ==
192
 
 
 
 
 
 
 
193
  = 1.8.19 =
194
  * Add option to refresh the SiteCheck malware scan results
195
  * Add support for a CLI command to ignore files in the core integrity check
4
  Tags: malware, security, firewall, scan, spam, virus, sucuri, protection, blacklist, detection, hardening, file integrity
5
  Requires at least: 3.6
6
  Tested up to: 5.0.3
7
+ Stable tag: 1.8.20
8
 
9
  The Sucuri WordPress Security plugin is a security toolset for security integrity monitoring, malware detection and security hardening.
10
 
190
 
191
  == Changelog ==
192
 
193
+ = 1.8.20 =
194
+ * Add dynamic core directories in the hardening whitelist options
195
+ * Modify scheduled tasks panel to load the table via Ajax
196
+ * Allow hosting details display to be filterable
197
+ * Preparation for translations
198
+
199
  = 1.8.19 =
200
  * Add option to refresh the SiteCheck malware scan results
201
  * Add support for a CLI command to ignore files in the core integrity check
src/api.lib.php CHANGED
@@ -88,11 +88,11 @@ class SucuriScanAPI extends SucuriScanOption
88
  public static function apiCall($url = '', $method = 'GET', $params = array(), $args = array())
89
  {
90
  if (!$url) {
91
- return self::throwException('URL is invalid');
92
  }
93
 
94
  if ($method !== 'GET' && $method !== 'POST') {
95
- return self::throwException('Only GET and POST methods allowed');
96
  }
97
 
98
  $res = null;
@@ -179,11 +179,11 @@ class SucuriScanAPI extends SucuriScanOption
179
  public static function setPluginKey($api_key = '', $validate = false)
180
  {
181
  if ($validate && !self::isValidKey($api_key)) {
182
- return SucuriScanInterface::error('Invalid API key format');
183
  }
184
 
185
  if (!empty($api_key)) {
186
- SucuriScanEvent::notifyEvent('plugin_change', 'API key was successfully set: ' . $api_key);
187
  }
188
 
189
  return self::updateOption(':api_key', $api_key);
@@ -274,7 +274,7 @@ class SucuriScanAPI extends SucuriScanOption
274
  || !isset($res['messages'])
275
  || empty($res['messages'])
276
  ) {
277
- return SucuriScanInterface::error('Unknown error, there is no information');
278
  }
279
 
280
  $msg = implode(".\x20", $res['messages']);
@@ -314,7 +314,7 @@ class SucuriScanAPI extends SucuriScanOption
314
 
315
  // Check if the MX records as missing for API registration.
316
  if (strpos($raw, 'Invalid email') !== false) {
317
- $msg = 'Invalid email format or the host is missing MX records.';
318
  }
319
 
320
  return SucuriScanInterface::error($msg);
@@ -349,9 +349,9 @@ class SucuriScanAPI extends SucuriScanOption
349
  self::setPluginKey($res['output']['api_key']);
350
 
351
  SucuriScanEvent::installScheduledTask();
352
- SucuriScanEvent::notifyEvent('plugin_change', 'API key was generated and set');
353
 
354
- return SucuriScanInterface::info('API key successfully generated and saved.');
355
  }
356
 
357
  /**
@@ -377,7 +377,7 @@ class SucuriScanAPI extends SucuriScanOption
377
  return false;
378
  }
379
 
380
- SucuriScanEvent::notifyEvent('plugin_change', 'API key recovery for domain: ' . $domain);
381
 
382
  return SucuriScanInterface::info($res['output']['message']);
383
  }
@@ -606,7 +606,7 @@ class SucuriScanAPI extends SucuriScanOption
606
  $name = substr($data['message'], $offset + 6);
607
 
608
  $data['message'] = sprintf(
609
- 'WP Engine PHP Compatibility Checker: %s (created post #%d as cache)',
610
  $name, /* plugin or theme name */
611
  $id /* unique post or page identifier */
612
  );
@@ -949,12 +949,12 @@ class SucuriScanAPI extends SucuriScanOption
949
 
950
  if (strpos($resp, '404 Not Found') !== false) {
951
  /* not found comes from the official WordPress API */
952
- return self::throwException('WordPress version is not supported anymore');
953
  }
954
 
955
  if (strpos($resp, '400: Invalid request') !== false) {
956
  /* invalid request comes from the unofficial GitHub API */
957
- return self::throwException('WordPress version is not supported anymore');
958
  }
959
 
960
  return $resp ? $resp : false;
88
  public static function apiCall($url = '', $method = 'GET', $params = array(), $args = array())
89
  {
90
  if (!$url) {
91
+ return self::throwException(__('URL is invalid', 'sucuri-scanner'));
92
  }
93
 
94
  if ($method !== 'GET' && $method !== 'POST') {
95
+ return self::throwException(__('Only GET and POST methods allowed', 'sucuri-scanner'));
96
  }
97
 
98
  $res = null;
179
  public static function setPluginKey($api_key = '', $validate = false)
180
  {
181
  if ($validate && !self::isValidKey($api_key)) {
182
+ return SucuriScanInterface::error(__('Invalid API key format', 'sucuri-scanner'));
183
  }
184
 
185
  if (!empty($api_key)) {
186
+ SucuriScanEvent::notifyEvent('plugin_change', sprintf(__('API key was successfully set: %s', 'sucuri-scanner'), $api_key));
187
  }
188
 
189
  return self::updateOption(':api_key', $api_key);
274
  || !isset($res['messages'])
275
  || empty($res['messages'])
276
  ) {
277
+ return SucuriScanInterface::error(__('Unknown error, there is no information', 'sucuri-scanner'));
278
  }
279
 
280
  $msg = implode(".\x20", $res['messages']);
314
 
315
  // Check if the MX records as missing for API registration.
316
  if (strpos($raw, 'Invalid email') !== false) {
317
+ $msg = __('Invalid email format or the host is missing MX records.', 'sucuri-scanner');
318
  }
319
 
320
  return SucuriScanInterface::error($msg);
349
  self::setPluginKey($res['output']['api_key']);
350
 
351
  SucuriScanEvent::installScheduledTask();
352
+ SucuriScanEvent::notifyEvent('plugin_change', __('API key was generated and set', 'sucuri-scanner'));
353
 
354
+ return SucuriScanInterface::info(__('API key successfully generated and saved.', 'sucuri-scanner'));
355
  }
356
 
357
  /**
377
  return false;
378
  }
379
 
380
+ SucuriScanEvent::notifyEvent('plugin_change', sprintf(__('API key recovery for domain: %s', 'sucuri-scanner'), $domain));
381
 
382
  return SucuriScanInterface::info($res['output']['message']);
383
  }
606
  $name = substr($data['message'], $offset + 6);
607
 
608
  $data['message'] = sprintf(
609
+ __('WP Engine PHP Compatibility Checker: %s (created post #%d as cache)', 'sucuri-scanner'),
610
  $name, /* plugin or theme name */
611
  $id /* unique post or page identifier */
612
  );
949
 
950
  if (strpos($resp, '404 Not Found') !== false) {
951
  /* not found comes from the official WordPress API */
952
+ return self::throwException(__('WordPress version is not supported anymore', 'sucuri-scanner'));
953
  }
954
 
955
  if (strpos($resp, '400: Invalid request') !== false) {
956
  /* invalid request comes from the unofficial GitHub API */
957
+ return self::throwException(__('WordPress version is not supported anymore', 'sucuri-scanner'));
958
  }
959
 
960
  return $resp ? $resp : false;
src/auditlogs.lib.php CHANGED
@@ -109,15 +109,15 @@ class SucuriScanAuditLogs
109
 
110
  /* report latency in the API calls */
111
  if (!is_array($auditlogs)) {
112
- $response['status'] = 'API is not available; using local queue';
113
  } else {
114
- $response['status'] = sprintf('API %s secs', round($duration, 4));
115
  }
116
  }
117
 
118
  /* explain missing API key */
119
  if (!SucuriScanAPI::getPluginKey()) {
120
- $response['status'] = 'API key is missing';
121
  }
122
 
123
  /* stop everything and report errors */
@@ -160,7 +160,7 @@ class SucuriScanAuditLogs
160
  || !is_array($auditlogs['output_data'])
161
  || !is_numeric($auditlogs['total_entries'])
162
  ) {
163
- $response['content'] = 'There are no logs.';
164
  wp_send_json($response, 200);
165
  return;
166
  }
@@ -205,7 +205,7 @@ class SucuriScanAuditLogs
205
  $snippet_data['AuditLog.Date'] = '';
206
  } elseif ($snippet_data['AuditLog.Date'] === $todaysDate) {
207
  $previousDate = $snippet_data['AuditLog.Date'];
208
- $snippet_data['AuditLog.Date'] = 'Today';
209
  } else {
210
  $previousDate = $snippet_data['AuditLog.Date'];
211
  }
@@ -228,7 +228,7 @@ class SucuriScanAuditLogs
228
  }
229
 
230
  /* simplify the details of events with low metadata */
231
- if (strpos($audit_log['message'], 'status has been changed')) {
232
  $snippet_data['AuditLog.Extra'] = implode(",\x20", $audit_log['file_list']);
233
  }
234
 
109
 
110
  /* report latency in the API calls */
111
  if (!is_array($auditlogs)) {
112
+ $response['status'] = __('API is not available; using local queue', 'sucuri-scanner');
113
  } else {
114
+ $response['status'] = sprintf(__('API %s secs', 'sucuri-scanner'), round($duration, 4));
115
  }
116
  }
117
 
118
  /* explain missing API key */
119
  if (!SucuriScanAPI::getPluginKey()) {
120
+ $response['status'] = __('API key is missing', 'sucuri-scanner');
121
  }
122
 
123
  /* stop everything and report errors */
160
  || !is_array($auditlogs['output_data'])
161
  || !is_numeric($auditlogs['total_entries'])
162
  ) {
163
+ $response['content'] = __('There are no logs.', 'sucuri-scanner');
164
  wp_send_json($response, 200);
165
  return;
166
  }
205
  $snippet_data['AuditLog.Date'] = '';
206
  } elseif ($snippet_data['AuditLog.Date'] === $todaysDate) {
207
  $previousDate = $snippet_data['AuditLog.Date'];
208
+ $snippet_data['AuditLog.Date'] = __('Today', 'sucuri-scanner');
209
  } else {
210
  $previousDate = $snippet_data['AuditLog.Date'];
211
  }
228
  }
229
 
230
  /* simplify the details of events with low metadata */
231
+ if (strpos($audit_log['message'], __('status has been changed', 'sucuri-scanner'))) {
232
  $snippet_data['AuditLog.Extra'] = implode(",\x20", $audit_log['file_list']);
233
  }
234
 
src/base.lib.php CHANGED
@@ -57,7 +57,7 @@ class SucuriScan
57
  $code = ($type === 'error' ? 157 : 333);
58
  $message = str_replace(
59
  SUCURISCAN_ADMIN_NOTICE_PREFIX,
60
- ($type === 'error' ? 'Error:' : 'Info:'),
61
  $message
62
  );
63
 
@@ -273,13 +273,7 @@ class SucuriScan
273
  */
274
  public static function dataStorePath($path = '')
275
  {
276
- if (defined('WP_CONTENT_DIR')) {
277
- $content_dir = rtrim(WP_CONTENT_DIR, '/');
278
- } else {
279
- $content_dir = ABSPATH . '/wp-content';
280
- }
281
-
282
- $folder = $content_dir . '/uploads/sucuri';
283
 
284
  /* custom path no matter its existence */
285
  if (defined('SUCURI_DATA_STORAGE')) {
57
  $code = ($type === 'error' ? 157 : 333);
58
  $message = str_replace(
59
  SUCURISCAN_ADMIN_NOTICE_PREFIX,
60
+ ($type === 'error' ? __('Error:', 'sucuri-scanner') : __('Info:', 'sucuri-scanner')),
61
  $message
62
  );
63
 
273
  */
274
  public static function dataStorePath($path = '')
275
  {
276
+ $folder = WP_CONTENT_DIR . '/uploads/sucuri';
 
 
 
 
 
 
277
 
278
  /* custom path no matter its existence */
279
  if (defined('SUCURI_DATA_STORAGE')) {
src/cache.lib.php CHANGED
@@ -389,7 +389,7 @@ class SucuriScanCache extends SucuriScan
389
  public function set($key = '', $data = '')
390
  {
391
  if (!$this->validKeyName($key)) {
392
- return self::throwException('Invalid cache key name');
393
  }
394
 
395
  $finfo = $this->getDatastoreInfo();
@@ -409,7 +409,7 @@ class SucuriScanCache extends SucuriScan
409
  public function get($key = '', $lifetime = 0, $assoc = '')
410
  {
411
  if (!$this->validKeyName($key)) {
412
- return self::throwException('Invalid cache key name');
413
  }
414
 
415
  $finfo = $this->getDatastoreContent($assoc === 'array');
@@ -450,7 +450,7 @@ class SucuriScanCache extends SucuriScan
450
  public function exists($key = '')
451
  {
452
  if (!$this->validKeyName($key)) {
453
- return self::throwException('Invalid cache key name');
454
  }
455
 
456
  $finfo = $this->getDatastoreContent(true);
@@ -467,7 +467,7 @@ class SucuriScanCache extends SucuriScan
467
  public function delete($key = '')
468
  {
469
  if (!$this->validKeyName($key)) {
470
- return self::throwException('Invalid cache key name');
471
  }
472
 
473
  $finfo = $this->getDatastoreContent(true);
389
  public function set($key = '', $data = '')
390
  {
391
  if (!$this->validKeyName($key)) {
392
+ return self::throwException(__('Invalid cache key name', 'sucuri-scanner'));
393
  }
394
 
395
  $finfo = $this->getDatastoreInfo();
409
  public function get($key = '', $lifetime = 0, $assoc = '')
410
  {
411
  if (!$this->validKeyName($key)) {
412
+ return self::throwException(__('Invalid cache key name', 'sucuri-scanner'));
413
  }
414
 
415
  $finfo = $this->getDatastoreContent($assoc === 'array');
450
  public function exists($key = '')
451
  {
452
  if (!$this->validKeyName($key)) {
453
+ return self::throwException(__('Invalid cache key name', 'sucuri-scanner'));
454
  }
455
 
456
  $finfo = $this->getDatastoreContent(true);
467
  public function delete($key = '')
468
  {
469
  if (!$this->validKeyName($key)) {
470
+ return self::throwException(__('Invalid cache key name', 'sucuri-scanner'));
471
  }
472
 
473
  $finfo = $this->getDatastoreContent(true);
src/event.lib.php CHANGED
@@ -86,13 +86,13 @@ class SucuriScanEvent extends SucuriScan
86
 
87
  foreach ($jobs as $unique => $info) {
88
  $schedules[$unique] = sprintf(
89
- '%s (every %d seconds)',
90
  $info['display'],
91
  $info['interval']
92
  );
93
  }
94
 
95
- $schedules['_oneoff'] = 'Never (no execution)';
96
 
97
  return $schedules;
98
  }
@@ -105,7 +105,7 @@ class SucuriScanEvent extends SucuriScan
105
  public static function reportSiteVersion()
106
  {
107
  if (!SucuriScanAPI::getPluginKey()) {
108
- return self::throwException('API key is not available');
109
  }
110
 
111
  $wp_version = self::siteVersion();
@@ -113,10 +113,10 @@ class SucuriScanEvent extends SucuriScan
113
 
114
  /* use simple comparison to leverage casting */
115
  if ($reported_version == $wp_version) {
116
- return self::throwException('WordPress version was already reported');
117
  }
118
 
119
- SucuriScanEvent::reportInfoEvent('WordPress version detected ' . $wp_version);
120
 
121
  return SucuriScanOption::updateOption(':site_version', $wp_version);
122
  }
@@ -155,11 +155,11 @@ class SucuriScanEvent extends SucuriScan
155
  public static function filesystemScan($force_scan = false)
156
  {
157
  if (!SucuriScanAPI::getPluginKey()) {
158
- return self::throwException('API key is not available');
159
  }
160
 
161
  if (!self::runFileScanner($force_scan)) {
162
- return self::throwException('Scanner ran a couple of minutes ago');
163
  }
164
 
165
  $fifo = new SucuriScanFileInfo();
@@ -191,7 +191,7 @@ class SucuriScanEvent extends SucuriScan
191
  private static function sendLogToAPI($message = '', $timestamp = '', $timeout = 1)
192
  {
193
  if (empty($message)) {
194
- return self::throwException('Event identifier cannot be empty');
195
  }
196
 
197
  $params = array();
@@ -370,14 +370,14 @@ class SucuriScanEvent extends SucuriScan
370
  }
371
 
372
  $severity = intval($severity);
373
- $severity_name = 'Info';
374
  $severities = array(
375
- /* 0 */ 'Debug',
376
- /* 1 */ 'Notice',
377
- /* 2 */ 'Info',
378
- /* 3 */ 'Warning',
379
- /* 4 */ 'Error',
380
- /* 5 */ 'Critical',
381
  );
382
 
383
  if (isset($severities[$severity])) {
@@ -507,20 +507,7 @@ class SucuriScanEvent extends SucuriScan
507
  case 'failed_login':
508
  $settings_url = SucuriScanTemplate::getUrl('settings');
509
  $content .= "\n" . sprintf(
510
- "<br><br>\n\n<em>Explanation: Someone failed to login to y"
511
- . "our site. If you are getting too many of these messages"
512
- . ", it is likely your site is under a password guessing b"
513
- . "rute-force attack [1]. You can disable the failed login"
514
- . " alerts from here [2]. Alternatively, you can consider "
515
- . "to install a firewall between your website and your vis"
516
- . "itors to filter out these and other attacks, take a loo"
517
- . "k at Sucuri Firewall [3].</em><br><br>\n\n[1] <a href='"
518
- . "https://kb.sucuri.net/definitions/attacks/brute-force/p"
519
- . "assword-guessing'>https://kb.sucuri.net/definitions/att"
520
- . "acks/brute-force/password-guessing</a><br>\n[2] <a href"
521
- . "='%s'>%s</a> <br>\n[3] <a href='https://sucuri.net/webs"
522
- . "ite-firewall/?wpalert'>https://sucuri.net/website-firew"
523
- . "all/</a><br>\n",
524
  $settings_url,
525
  $settings_url
526
  );
@@ -652,7 +639,7 @@ class SucuriScanEvent extends SucuriScan
652
 
653
  $sent = SucuriScanMail::sendMail(
654
  $user->user_email,
655
- 'Password Change',
656
  $message,
657
  $data_set
658
  );
86
 
87
  foreach ($jobs as $unique => $info) {
88
  $schedules[$unique] = sprintf(
89
+ __('%s (every %d seconds)', 'sucuri-scanner'),
90
  $info['display'],
91
  $info['interval']
92
  );
93
  }
94
 
95
+ $schedules['_oneoff'] = __('Never (no execution)', 'sucuri-scanner');
96
 
97
  return $schedules;
98
  }
105
  public static function reportSiteVersion()
106
  {
107
  if (!SucuriScanAPI::getPluginKey()) {
108
+ return self::throwException(__('API key is not available', 'sucuri-scanner'));
109
  }
110
 
111
  $wp_version = self::siteVersion();
113
 
114
  /* use simple comparison to leverage casting */
115
  if ($reported_version == $wp_version) {
116
+ return self::throwException(__('WordPress version was already reported', 'sucuri-scanner'));
117
  }
118
 
119
+ SucuriScanEvent::reportInfoEvent(sprintf(__('WordPress version detected %s', 'sucuri-scanner'), $wp_version));
120
 
121
  return SucuriScanOption::updateOption(':site_version', $wp_version);
122
  }
155
  public static function filesystemScan($force_scan = false)
156
  {
157
  if (!SucuriScanAPI::getPluginKey()) {
158
+ return self::throwException(__('API key is not available', 'sucuri-scanner'));
159
  }
160
 
161
  if (!self::runFileScanner($force_scan)) {
162
+ return self::throwException(__('Scanner ran a couple of minutes ago', 'sucuri-scanner'));
163
  }
164
 
165
  $fifo = new SucuriScanFileInfo();
191
  private static function sendLogToAPI($message = '', $timestamp = '', $timeout = 1)
192
  {
193
  if (empty($message)) {
194
+ return self::throwException(__('Event identifier cannot be empty', 'sucuri-scanner'));
195
  }
196
 
197
  $params = array();
370
  }
371
 
372
  $severity = intval($severity);
373
+ $severity_name = __('Info', 'sucuri-scanner');
374
  $severities = array(
375
+ /* 0 */ __('Debug', 'sucuri-scanner'),
376
+ /* 1 */ __('Notice', 'sucuri-scanner'),
377
+ /* 2 */ __('Info', 'sucuri-scanner'),
378
+ /* 3 */ __('Warning', 'sucuri-scanner'),
379
+ /* 4 */ __('Error', 'sucuri-scanner'),
380
+ /* 5 */ __('Critical', 'sucuri-scanner'),
381
  );
382
 
383
  if (isset($severities[$severity])) {
507
  case 'failed_login':
508
  $settings_url = SucuriScanTemplate::getUrl('settings');
509
  $content .= "\n" . sprintf(
510
+ __("<br><br>\n\n<em>Explanation: Someone failed to login to your site. If you are getting too many of these messages, it is likely your site is under a password guessing brute-force attack [1]. You can disable the failed login alerts from here [2]. Alternatively, you can consider to install a firewall between your website and your visitors to filter out these and other attacks, take a look at Sucuri Firewall [3].</em><br><br>\n\n[1] <a href='https://kb.sucuri.net/definitions/attacks/brute-force/password-guessing'>https://kb.sucuri.net/definitions/attacks/brute-force/password-guessing</a><br>\n[2] <a href='%s'>%s</a> <br>\n[3] <a href='https://sucuri.net/website-firewall/?wpalert'>https://sucuri.net/website-firewall/</a><br>\n", 'sucuri-scanner'),
 
 
 
 
 
 
 
 
 
 
 
 
 
511
  $settings_url,
512
  $settings_url
513
  );
639
 
640
  $sent = SucuriScanMail::sendMail(
641
  $user->user_email,
642
+ __('Password Change', 'sucuri-scanner'),
643
  $message,
644
  $data_set
645
  );
src/fileinfo.lib.php CHANGED
@@ -149,14 +149,16 @@ class SucuriScanFileInfo extends SucuriScan
149
  */
150
  private function ignoreFolder($path)
151
  {
 
 
152
  return (bool) ($this->ignore_directories && (
153
  strpos($path, '/.hg') !== false
154
  || strpos($path, '/.git') !== false
155
  || strpos($path, '/.svn') !== false
156
- || strpos($path, 'wp-content/backup') !== false
157
- || strpos($path, 'wp-content/cache') !== false
158
- || strpos($path, 'wp-content/uploads') !== false
159
- || strpos($path, 'wp-content/w3tc') !== false
160
  ));
161
  }
162
 
@@ -286,7 +288,7 @@ class SucuriScanFileInfo extends SucuriScan
286
  }
287
 
288
  if (!$files) {
289
- return self::throwException('No files were found');
290
  }
291
 
292
  sort($files); /* sort file list alphabetically */
@@ -344,15 +346,17 @@ class SucuriScanFileInfo extends SucuriScan
344
  $directory = realpath($directory);
345
 
346
  if (!is_dir($directory)) {
347
- return self::throwException('Directory does not exists');
348
  }
349
 
350
- if ($directory === ABSPATH . 'wp-content') {
351
- return self::throwException('Cannot delete content directory');
352
  }
353
 
354
- if ($directory === ABSPATH . 'wp-content/uploads') {
355
- return self::throwException('Cannot delete uploads directory');
 
 
356
  }
357
 
358
  /* force complete scan */
149
  */
150
  private function ignoreFolder($path)
151
  {
152
+ $content = basename(WP_CONTENT_DIR);
153
+
154
  return (bool) ($this->ignore_directories && (
155
  strpos($path, '/.hg') !== false
156
  || strpos($path, '/.git') !== false
157
  || strpos($path, '/.svn') !== false
158
+ || strpos($path, $content . '/backup') !== false
159
+ || strpos($path, $content . '/cache') !== false
160
+ || strpos($path, $content . '/uploads') !== false
161
+ || strpos($path, $content . '/w3tc') !== false
162
  ));
163
  }
164
 
288
  }
289
 
290
  if (!$files) {
291
+ return self::throwException(__('No files were found', 'sucuri-scanner'));
292
  }
293
 
294
  sort($files); /* sort file list alphabetically */
346
  $directory = realpath($directory);
347
 
348
  if (!is_dir($directory)) {
349
+ return self::throwException(__('Directory does not exists', 'sucuri-scanner'));
350
  }
351
 
352
+ if ($directory === WP_CONTENT_DIR) {
353
+ return self::throwException(__('Cannot delete content directory', 'sucuri-scanner'));
354
  }
355
 
356
+ $upload_dir = wp_upload_dir();
357
+
358
+ if ($directory === $upload_dir['basedir']) {
359
+ return self::throwException(__('Cannot delete uploads directory', 'sucuri-scanner'));
360
  }
361
 
362
  /* force complete scan */
src/firewall.lib.php CHANGED
@@ -158,7 +158,7 @@ class SucuriScanFirewall extends SucuriScanAPI
158
 
159
  if (self::isValidKey($api_key)) {
160
  SucuriScanOption::updateOption($option_name, $api_key);
161
- SucuriScanInterface::info('Firewall API key was successfully saved');
162
  SucuriScanOption::setRevProxy('enable');
163
  SucuriScanOption::setAddrHeader('HTTP_X_SUCURI_CLIENTIP');
164
  } else {
@@ -169,7 +169,7 @@ class SucuriScanFirewall extends SucuriScanAPI
169
  // Delete the firewall API key from the plugin.
170
  if (SucuriScanRequest::post(':delete_wafkey') !== false) {
171
  SucuriScanOption::deleteOption($option_name);
172
- SucuriScanInterface::info('Firewall API key was successfully removed');
173
  SucuriScanOption::setRevProxy('disable');
174
  SucuriScanOption::setAddrHeader('REMOTE_ADDR');
175
  }
@@ -201,10 +201,10 @@ class SucuriScanFirewall extends SucuriScanAPI
201
  }
202
 
203
  $cache_modes = array(
204
- 'docache' => 'enabled (recommended)',
205
- 'sitecache' => 'site caching (using your site headers)',
206
- 'nocache' => 'minimal (only for a few minutes)',
207
- 'nocacheatall' => 'caching disabled (use with caution)',
208
  );
209
 
210
  foreach ($settings as $keyname => $value) {
@@ -250,7 +250,7 @@ class SucuriScanFirewall extends SucuriScanAPI
250
  if (!$settings) {
251
  if (empty($error)) {
252
  ob_start();
253
- SucuriScanInterface::error('Firewall API key was not found.');
254
  $response['error'] = ob_get_clean();
255
  } else {
256
  $response['error'] = $error;
@@ -346,7 +346,7 @@ class SucuriScanFirewall extends SucuriScanAPI
346
 
347
  if (!$api_key) {
348
  ob_start();
349
- SucuriScanInterface::error('Firewall API key was not found.');
350
  $response = ob_get_clean();
351
  wp_send_json($response, 200);
352
  }
@@ -382,7 +382,7 @@ class SucuriScanFirewall extends SucuriScanAPI
382
  $response = self::auditlogsEntries($auditlogs['access_logs']);
383
 
384
  if (empty($response)) {
385
- $response = '<tr><td>no data available.</td></tr>';
386
  }
387
  }
388
 
@@ -440,7 +440,7 @@ class SucuriScanFirewall extends SucuriScanAPI
440
  } elseif ($attr == 'http_referer' && $data_set[$keyname] == '-') {
441
  $data_set[$keyname] = '- (no referer)';
442
  } elseif ($attr == 'request_country_name' && $data_set[$keyname] == '') {
443
- $data_set[$keyname] = 'Anonymous';
444
  }
445
  }
446
 
@@ -485,18 +485,18 @@ class SucuriScanFirewall extends SucuriScanAPI
485
  case 'months':
486
  $selected = $s_month;
487
  $options = array(
488
- '01' => 'January',
489
- '02' => 'February',
490
- '03' => 'March',
491
- '04' => 'April',
492
- '05' => 'May',
493
- '06' => 'June',
494
- '07' => 'July',
495
- '08' => 'August',
496
- '09' => 'September',
497
- '10' => 'October',
498
- '11' => 'November',
499
- '12' => 'December',
500
  );
501
  break;
502
 
@@ -564,7 +564,7 @@ class SucuriScanFirewall extends SucuriScanAPI
564
  if (!$settings) {
565
  if (empty($error)) {
566
  ob_start();
567
- SucuriScanInterface::error('Firewall API key was not found.');
568
  $response['error'] = ob_get_clean();
569
  } else {
570
  $response['error'] = $error;
@@ -599,7 +599,7 @@ class SucuriScanFirewall extends SucuriScanAPI
599
 
600
  if (!$params) {
601
  ob_start();
602
- SucuriScanInterface::error('Firewall API key was not found.');
603
  $response['msg'] = ob_get_clean();
604
  wp_send_json($response, 200);
605
  }
@@ -607,14 +607,14 @@ class SucuriScanFirewall extends SucuriScanAPI
607
  $params['a'] = 'blacklist_ip';
608
  $params['ip'] = SucuriScanRequest::post('ip');
609
  $out = self::apiCallFirewall('POST', $params);
610
- $response['msg'] = 'Failure connecting to the API service; try again.';
611
 
612
  if ($out && !empty($out['messages'])) {
613
  $response['ok'] = (bool) ($out['status'] == 1);
614
  $response['msg'] = implode(";\x20", $out['messages']);
615
 
616
  if ($out['status'] == 1) {
617
- SucuriScanEvent::reportInfoEvent('IP has been blacklisted: ' . $params['ip']);
618
  }
619
  }
620
 
@@ -640,7 +640,7 @@ class SucuriScanFirewall extends SucuriScanAPI
640
  if (!$params) {
641
  ob_start();
642
  $response['ok'] = false;
643
- SucuriScanInterface::error('Firewall API key was not found.');
644
  $response['error'] = ob_get_clean();
645
  wp_send_json($response, 200);
646
  }
@@ -653,7 +653,7 @@ class SucuriScanFirewall extends SucuriScanAPI
653
  $response['msg'] = implode(";\x20", $out['messages']);
654
 
655
  if ($out['status'] == 1) {
656
- SucuriScanEvent::reportInfoEvent('IP has been unblacklisted: ' . $params['ip']);
657
  }
658
 
659
  wp_send_json($response, 200);
@@ -732,7 +732,7 @@ class SucuriScanFirewall extends SucuriScanAPI
732
  }
733
 
734
  ob_start();
735
- SucuriScanInterface::error('Firewall API key was not found.');
736
  $response = ob_get_clean();
737
  $api_key = self::getKey();
738
 
158
 
159
  if (self::isValidKey($api_key)) {
160
  SucuriScanOption::updateOption($option_name, $api_key);
161
+ SucuriScanInterface::info(__('Firewall API key was successfully saved', 'sucuri-scanner'));
162
  SucuriScanOption::setRevProxy('enable');
163
  SucuriScanOption::setAddrHeader('HTTP_X_SUCURI_CLIENTIP');
164
  } else {
169
  // Delete the firewall API key from the plugin.
170
  if (SucuriScanRequest::post(':delete_wafkey') !== false) {
171
  SucuriScanOption::deleteOption($option_name);
172
+ SucuriScanInterface::info(__('Firewall API key was successfully removed', 'sucuri-scanner'));
173
  SucuriScanOption::setRevProxy('disable');
174
  SucuriScanOption::setAddrHeader('REMOTE_ADDR');
175
  }
201
  }
202
 
203
  $cache_modes = array(
204
+ 'docache' => __('enabled (recommended)', 'sucuri-scanner'),
205
+ 'sitecache' => __('site caching (using your site headers)', 'sucuri-scanner'),
206
+ 'nocache' => __('minimal (only for a few minutes)', 'sucuri-scanner'),
207
+ 'nocacheatall' => __('caching disabled (use with caution)', 'sucuri-scanner'),
208
  );
209
 
210
  foreach ($settings as $keyname => $value) {
250
  if (!$settings) {
251
  if (empty($error)) {
252
  ob_start();
253
+ SucuriScanInterface::error(__('Firewall API key was not found.', 'sucuri-scanner'));
254
  $response['error'] = ob_get_clean();
255
  } else {
256
  $response['error'] = $error;
346
 
347
  if (!$api_key) {
348
  ob_start();
349
+ SucuriScanInterface::error(__('Firewall API key was not found.', 'sucuri-scanner'));
350
  $response = ob_get_clean();
351
  wp_send_json($response, 200);
352
  }
382
  $response = self::auditlogsEntries($auditlogs['access_logs']);
383
 
384
  if (empty($response)) {
385
+ $response = '<tr><td>' . __('no data available.', 'sucuri-scanner') . '</td></tr>';
386
  }
387
  }
388
 
440
  } elseif ($attr == 'http_referer' && $data_set[$keyname] == '-') {
441
  $data_set[$keyname] = '- (no referer)';
442
  } elseif ($attr == 'request_country_name' && $data_set[$keyname] == '') {
443
+ $data_set[$keyname] = __('Anonymous', 'sucuri-scanner');
444
  }
445
  }
446
 
485
  case 'months':
486
  $selected = $s_month;
487
  $options = array(
488
+ '01' => __('January', 'sucuri-scanner'),
489
+ '02' => __('February', 'sucuri-scanner'),
490
+ '03' => __('March', 'sucuri-scanner'),
491
+ '04' => __('April', 'sucuri-scanner'),
492
+ '05' => __('May', 'sucuri-scanner'),
493
+ '06' => __('June', 'sucuri-scanner'),
494
+ '07' => __('July', 'sucuri-scanner'),
495
+ '08' => __('August', 'sucuri-scanner'),
496
+ '09' => __('September', 'sucuri-scanner'),
497
+ '10' => __('October', 'sucuri-scanner'),
498
+ '11' => __('November', 'sucuri-scanner'),
499
+ '12' => __('December', 'sucuri-scanner'),
500
  );
501
  break;
502
 
564
  if (!$settings) {
565
  if (empty($error)) {
566
  ob_start();
567
+ SucuriScanInterface::error(__('Firewall API key was not found.', 'sucuri-scanner'));
568
  $response['error'] = ob_get_clean();
569
  } else {
570
  $response['error'] = $error;
599
 
600
  if (!$params) {
601
  ob_start();
602
+ SucuriScanInterface::error(__('Firewall API key was not found.', 'sucuri-scanner'));
603
  $response['msg'] = ob_get_clean();
604
  wp_send_json($response, 200);
605
  }
607
  $params['a'] = 'blacklist_ip';
608
  $params['ip'] = SucuriScanRequest::post('ip');
609
  $out = self::apiCallFirewall('POST', $params);
610
+ $response['msg'] = __('Failure connecting to the API service; try again.', 'sucuri-scanner');
611
 
612
  if ($out && !empty($out['messages'])) {
613
  $response['ok'] = (bool) ($out['status'] == 1);
614
  $response['msg'] = implode(";\x20", $out['messages']);
615
 
616
  if ($out['status'] == 1) {
617
+ SucuriScanEvent::reportInfoEvent(sprintf(__('IP has been blacklisted: %s', 'sucuri-scanner'), $params['ip']));
618
  }
619
  }
620
 
640
  if (!$params) {
641
  ob_start();
642
  $response['ok'] = false;
643
+ SucuriScanInterface::error(__('Firewall API key was not found.', 'sucuri-scanner'));
644
  $response['error'] = ob_get_clean();
645
  wp_send_json($response, 200);
646
  }
653
  $response['msg'] = implode(";\x20", $out['messages']);
654
 
655
  if ($out['status'] == 1) {
656
+ SucuriScanEvent::reportInfoEvent(sprintf(__('IP has been unblacklisted: %s', 'sucuri-scanner'), $params['ip']));
657
  }
658
 
659
  wp_send_json($response, 200);
732
  }
733
 
734
  ob_start();
735
+ SucuriScanInterface::error(__('Firewall API key was not found.', 'sucuri-scanner'));
736
  $response = ob_get_clean();
737
  $api_key = self::getKey();
738
 
src/globals.php CHANGED
@@ -77,10 +77,10 @@ if (defined('SUCURISCAN')) {
77
  function sucuriscanMainPages()
78
  {
79
  return array(
80
- 'sucuriscan' => 'Dashboard',
81
- 'sucuriscan_firewall' => 'Firewall (WAF)',
82
- 'sucuriscan_lastlogins' => 'Last Logins',
83
- 'sucuriscan_settings' => 'Settings',
84
  );
85
  }
86
 
@@ -101,8 +101,8 @@ if (defined('SUCURISCAN')) {
101
  $pages = sucuriscanMainPages();
102
 
103
  add_menu_page(
104
- 'Sucuri Security',
105
- 'Sucuri Security',
106
  'manage_options',
107
  'sucuriscan',
108
  'sucuriscan_page',
77
  function sucuriscanMainPages()
78
  {
79
  return array(
80
+ 'sucuriscan' => __('Dashboard', 'sucuri-scanner'),
81
+ 'sucuriscan_firewall' => __('Firewall (WAF)', 'sucuri-scanner'),
82
+ 'sucuriscan_lastlogins' => __('Last Logins', 'sucuri-scanner'),
83
+ 'sucuriscan_settings' => __('Settings', 'sucuri-scanner'),
84
  );
85
  }
86
 
101
  $pages = sucuriscanMainPages();
102
 
103
  add_menu_page(
104
+ __('Sucuri Security', 'sucuri-scanner'),
105
+ __('Sucuri Security', 'sucuri-scanner'),
106
  'manage_options',
107
  'sucuriscan',
108
  'sucuriscan_page',
src/hardening.lib.php CHANGED
@@ -85,7 +85,7 @@ class SucuriScanHardening extends SucuriScan
85
  public static function hardenDirectory($directory = '')
86
  {
87
  if (!is_dir($directory) || !is_writable($directory)) {
88
- return self::throwException('Directory is not usable');
89
  }
90
 
91
  $fhandle = false;
@@ -121,7 +121,7 @@ class SucuriScanHardening extends SucuriScan
121
  public static function unhardenDirectory($directory = '')
122
  {
123
  if (!self::isHardened($directory)) {
124
- return self::throwException('Directory is not hardened');
125
  }
126
 
127
  $fpath = self::htaccess($directory);
@@ -244,11 +244,11 @@ class SucuriScanHardening extends SucuriScan
244
  $htaccess = self::htaccess($folder);
245
 
246
  if (!file_exists($htaccess)) {
247
- throw new Exception('Access control file does not exists');
248
  }
249
 
250
  if (!is_writable($htaccess)) {
251
- throw new Exception('Access control file is not writable');
252
  }
253
 
254
  return (bool) @file_put_contents(
@@ -278,7 +278,7 @@ class SucuriScanHardening extends SucuriScan
278
  $content = SucuriScanFileInfo::fileContent($htaccess);
279
 
280
  if (!$content || !is_writable($htaccess)) {
281
- return self::throwException('Cannot dewhitelist file; no permissions.');
282
  }
283
 
284
  $rules = self::whitelistRule($file);
85
  public static function hardenDirectory($directory = '')
86
  {
87
  if (!is_dir($directory) || !is_writable($directory)) {
88
+ return self::throwException(__('Directory is not usable', 'sucuri-scanner'));
89
  }
90
 
91
  $fhandle = false;
121
  public static function unhardenDirectory($directory = '')
122
  {
123
  if (!self::isHardened($directory)) {
124
+ return self::throwException(__('Directory is not hardened', 'sucuri-scanner'));
125
  }
126
 
127
  $fpath = self::htaccess($directory);
244
  $htaccess = self::htaccess($folder);
245
 
246
  if (!file_exists($htaccess)) {
247
+ throw new Exception(__('Access control file does not exists', 'sucuri-scanner'));
248
  }
249
 
250
  if (!is_writable($htaccess)) {
251
+ throw new Exception(__('Access control file is not writable', 'sucuri-scanner'));
252
  }
253
 
254
  return (bool) @file_put_contents(
278
  $content = SucuriScanFileInfo::fileContent($htaccess);
279
 
280
  if (!$content || !is_writable($htaccess)) {
281
+ return self::throwException(__('Cannot remove file from whitelist; no permissions.', 'sucuri-scanner'));
282
  }
283
 
284
  $rules = self::whitelistRule($file);
src/hook.lib.php CHANGED
@@ -65,11 +65,11 @@ class SucuriScanHook extends SucuriScanEvent
65
  $mime_type = $data->post_mime_type;
66
  }
67
 
68
- $message = sprintf('Media file added; ID: %s; name: %s; type: %s', $id, $title, $mime_type);
69
  self::reportNoticeEvent($message);
70
  self::notifyEvent('post_publication', $message);
71
  }
72
-
73
  /**
74
  * Send and alert notifying that a user was added to a blog.
75
  *
@@ -79,8 +79,8 @@ class SucuriScanHook extends SucuriScanEvent
79
  */
80
  public static function hookAddUserToBlog($user_id, $role, $blog_id)
81
  {
82
- $title = 'unknown';
83
- $email = 'user@domain.com';
84
  $data = get_userdata($user_id);
85
 
86
  if ($data) {
@@ -88,9 +88,9 @@ class SucuriScanHook extends SucuriScanEvent
88
  $email = $data->user_email;
89
  }
90
 
91
- $message = sprintf('User added to website; user_id: %s; role: %s; blog_id: %s; name: %s; email: %s',
92
- $user_id,
93
- $role,
94
  $blog_id,
95
  $title,
96
  $email
@@ -105,17 +105,17 @@ class SucuriScanHook extends SucuriScanEvent
105
  * @param int $blog_id Blog ID.
106
  */
107
  public static function hookRemoveUserFromBlog($user_id, $blog_id) {
108
- $title = 'unknown';
109
- $email = 'user@domain.com';
110
  $data = get_userdata($user_id);
111
 
112
  if ($data) {
113
  $title = $data->user_login;
114
  $email = $data->user_email;
115
  }
116
-
117
- $message = sprintf('User removed from website; user_id: %s; blog_id: %s; name: %s; email: %s',
118
- $user_id,
119
  $blog_id,
120
  $title,
121
  $email
@@ -131,9 +131,9 @@ class SucuriScanHook extends SucuriScanEvent
131
  */
132
  public static function hookCategoryCreate($id = 0)
133
  {
134
- $title = ( is_int($id) ? get_cat_name($id) : 'Unknown' );
135
 
136
- $message = sprintf('Category created; ID: %s; name: %s', $id, $title);
137
  self::reportNoticeEvent($message);
138
  self::notifyEvent('post_publication', $message);
139
  }
@@ -150,7 +150,7 @@ class SucuriScanHook extends SucuriScanEvent
150
  && SucuriScanRequest::get('action', '(do-core-upgrade|do-core-reinstall)')
151
  && SucuriScanRequest::post('upgrade')
152
  ) {
153
- $message = 'WordPress updated to version: ' . SucuriScanRequest::post('version');
154
  self::reportCriticalEvent($message);
155
  self::notifyEvent('website_updated', $message);
156
  }
@@ -176,7 +176,7 @@ class SucuriScanHook extends SucuriScanEvent
176
  }
177
 
178
  $message = sprintf(
179
- 'Bookmark link added; ID: %s; name: %s; url: %s; target: %s',
180
  $id,
181
  $title,
182
  $url,
@@ -194,7 +194,7 @@ class SucuriScanHook extends SucuriScanEvent
194
  */
195
  public static function hookLinkEdit($id = 0)
196
  {
197
- $title = 'unknown';
198
  $target = '_none';
199
  $url = 'undefined/url';
200
  $data = get_bookmark($id);
@@ -206,7 +206,7 @@ class SucuriScanHook extends SucuriScanEvent
206
  }
207
 
208
  $message = sprintf(
209
- 'Bookmark link edited; ID: %s; name: %s; url: %s; target: %s',
210
  $id,
211
  $title,
212
  $url,
@@ -226,8 +226,8 @@ class SucuriScanHook extends SucuriScanEvent
226
  public static function hookLoginFailure($title = '')
227
  {
228
  $password = SucuriScanRequest::post('pwd');
229
- $title = empty($title) ? 'Unknown' : sanitize_user($title, true);
230
- $message = 'User authentication failed: ' . $title;
231
 
232
  sucuriscan_log_failed_login($title);
233
 
@@ -280,7 +280,7 @@ class SucuriScanHook extends SucuriScanEvent
280
  {
281
  // Detecting WordPress 2.8.3 vulnerability - $key is array.
282
  if (isset($_GET['key']) && is_array($_GET['key'])) {
283
- self::reportCriticalEvent('Attempt to reset password by attacking WP/2.8.3 bug');
284
  }
285
  }
286
 
@@ -293,8 +293,8 @@ class SucuriScanHook extends SucuriScanEvent
293
  */
294
  public static function hookLoginSuccess($title = '')
295
  {
296
- $title = empty($title) ? 'Unknown' : $title;
297
- $message = 'User authentication succeeded: ' . $title;
298
  self::reportNoticeEvent($message);
299
  self::notifyEvent('success_login', $message);
300
  }
@@ -323,13 +323,13 @@ class SucuriScanHook extends SucuriScanEvent
323
  foreach ($options_changed['original'] as $option_name => $option_value) {
324
  $options_changed_count += 1;
325
  $options_changed_str .= sprintf(
326
- "The value of the option <b>%s</b> was changed from <b>'%s'</b> to <b>'%s'</b>.<br>\n",
327
  self::escape($option_name),
328
  self::escape($option_value),
329
  self::escape($options_changed['changed'][ $option_name ])
330
  );
331
  $options_changed_simple .= sprintf(
332
- "%s: from '%s' to '%s',",
333
  self::escape($option_name),
334
  self::escape($option_value),
335
  self::escape($options_changed['changed'][ $option_name ])
@@ -338,11 +338,11 @@ class SucuriScanHook extends SucuriScanEvent
338
 
339
  /* identify the origin of the request */
340
  $option_page = isset($_POST['option_page']) ? $_POST['option_page'] : 'options';
341
- $page_referer = 'Common';
342
 
343
  switch ($option_page) {
344
  case 'options':
345
- $page_referer = 'Global';
346
  break;
347
 
348
  case 'discussion': /* no_break */
@@ -356,10 +356,10 @@ class SucuriScanHook extends SucuriScanEvent
356
  }
357
 
358
  if ($options_changed_count) {
359
- $message = $page_referer . ' settings changed';
360
  self::reportErrorEvent(
361
  sprintf(
362
- '%s: (multiple entries): %s',
363
  $message,
364
  rtrim($options_changed_simple, ',')
365
  )
@@ -405,7 +405,7 @@ class SucuriScanHook extends SucuriScanEvent
405
  }
406
 
407
  $info = get_plugin_data($filename);
408
- $name = 'Unknown';
409
  $version = '0.0.0';
410
 
411
  if (!empty($info['Name'])) {
@@ -417,7 +417,7 @@ class SucuriScanHook extends SucuriScanEvent
417
  }
418
 
419
  $message = sprintf(
420
- 'Plugin %s: %s (v%s; %s%s)',
421
  $action, /* activated or deactivated */
422
  self::escape($info['Name']),
423
  self::escape($info['Version']),
@@ -479,9 +479,9 @@ class SucuriScanHook extends SucuriScanEvent
479
  // Report deleted plugins at once.
480
  if (!empty($items_affected)) {
481
  if (count($items_affected) > 1) {
482
- $message = 'Plugins deleted: (multiple entries):';
483
  } else {
484
- $message = 'Plugin deleted:';
485
  }
486
 
487
  $message .= "\x20" . @implode(',', $items_affected);
@@ -507,7 +507,7 @@ class SucuriScanHook extends SucuriScanEvent
507
  && strpos($_SERVER['SCRIPT_NAME'], 'plugin-editor.php') !== false
508
  ) {
509
  $filename = SucuriScanRequest::post('file');
510
- $message = 'Plugin editor used in: ' . SucuriScan::escape($filename);
511
  self::reportErrorEvent($message);
512
  self::notifyEvent('theme_editor', $message);
513
  }
@@ -530,8 +530,8 @@ class SucuriScanHook extends SucuriScanEvent
530
  $plugin = $_FILES['pluginzip']['name'];
531
  }
532
 
533
- $plugin = $plugin ? $plugin : 'Unknown';
534
- $message = 'Plugin installed: ' . self::escape($plugin);
535
  self::reportWarningEvent($message);
536
  self::notifyEvent('plugin_installed', $message);
537
  }
@@ -586,9 +586,9 @@ class SucuriScanHook extends SucuriScanEvent
586
  // Report updated plugins at once.
587
  if (!empty($items_affected)) {
588
  if (count($items_affected) > 1) {
589
- $message = 'Plugins updated: (multiple entries):';
590
  } else {
591
- $message = 'Plugin updated:';
592
  }
593
 
594
  $message .= "\x20" . @implode(',', $items_affected);
@@ -657,7 +657,7 @@ class SucuriScanHook extends SucuriScanEvent
657
 
658
  $cache->delete('post_' . $id);
659
  $entries = implode(',', $pieces); /* merge all entries together */
660
- self::reportWarningEvent('Post deleted: (multiple entries): ' . $entries);
661
  }
662
 
663
  /**
@@ -671,12 +671,12 @@ class SucuriScanHook extends SucuriScanEvent
671
  public static function hookPostStatus($new = '', $old = '', $post = null)
672
  {
673
  if (!property_exists($post, 'ID')) {
674
- return self::throwException('Ignore corrupted post data');
675
  }
676
 
677
  /* ignore; the same */
678
  if ($old === $new) {
679
- return self::throwException('Skip events for equal transitions');
680
  }
681
 
682
  $post_type = 'post'; /* either post or page */
@@ -700,32 +700,32 @@ class SucuriScanHook extends SucuriScanEvent
700
  * @see https://wordpress.org/plugins/postman-smtp/
701
  * @see https://wordpress.org/support/topic/unable-to-access-wordpress-dashboard-after-update-to-1-8-7/
702
  */
703
- return self::throwException('Skip events for postman-smtp alerts');
704
  }
705
 
706
  /* check if email alerts are disabled for this type */
707
  if (SucuriScanOption::isIgnoredEvent($post_type)) {
708
- return self::throwException('Skip events for ignored post-types');
709
  }
710
 
711
  /* check if email alerts are disabled for this transition */
712
  $custom_type = sprintf('from_%s_to_%s', $old, $new);
713
  if (SucuriScanOption::isIgnoredEvent($custom_type)) {
714
- return self::throwException('Skip events for ignored post transitions');
715
  }
716
 
717
  $pieces = array();
718
  $post_type = ucwords($post_type);
719
 
720
- $pieces[] = 'ID: ' . self::escape($post->ID);
721
- $pieces[] = 'Old status: ' . self::escape($old);
722
- $pieces[] = 'New status: ' . self::escape($new);
723
 
724
  if (property_exists($post, 'post_title')) {
725
- $pieces[] = 'Title: ' . self::escape($post->post_title);
726
  }
727
 
728
- $message = self::escape($post_type) . ' status has been changed';
729
  $message .= "; details:\x20";
730
  $message .= implode(',', $pieces);
731
 
@@ -741,7 +741,7 @@ class SucuriScanHook extends SucuriScanEvent
741
  */
742
  public static function hookPostTrash($id = 0)
743
  {
744
- $title = 'Unknown';
745
  $status = 'none';
746
  $data = get_post($id);
747
 
@@ -751,7 +751,7 @@ class SucuriScanHook extends SucuriScanEvent
751
  }
752
 
753
  $message = sprintf(
754
- 'Post moved to trash; ID: %s; name: %s; status: %s',
755
  $id,
756
  $title,
757
  $status
@@ -767,8 +767,8 @@ class SucuriScanHook extends SucuriScanEvent
767
  */
768
  private static function hookPublish($id = 0)
769
  {
770
- $title = 'Unknown';
771
- $p_type = 'Publication';
772
  $action = 'published';
773
  $data = get_post($id);
774
 
@@ -786,7 +786,7 @@ class SucuriScanHook extends SucuriScanEvent
786
  }
787
 
788
  $message = sprintf(
789
- '%s was %s; ID: %s; name: %s',
790
  self::escape($p_type),
791
  self::escape($action),
792
  intval($id),
@@ -851,7 +851,7 @@ class SucuriScanHook extends SucuriScanEvent
851
  {
852
  $title = empty($title) ? 'unknown' : $title;
853
 
854
- self::reportErrorEvent('Password retrieval attempt: ' . $title);
855
  }
856
 
857
  /**
@@ -867,9 +867,9 @@ class SucuriScanHook extends SucuriScanEvent
867
  && SucuriScanRequest::getOrPost('stylesheet', '.+')
868
  ) {
869
  $theme = SucuriScanRequest::getOrPost('stylesheet', '.+');
870
- $theme = $theme ? $theme : 'Unknown';
871
 
872
- $message = 'Theme deleted: ' . self::escape($theme);
873
  self::reportWarningEvent($message);
874
  self::notifyEvent('theme_deleted', $message);
875
  }
@@ -891,7 +891,7 @@ class SucuriScanHook extends SucuriScanEvent
891
  ) {
892
  $theme_name = SucuriScanRequest::post('theme');
893
  $filename = SucuriScanRequest::post('file');
894
- $message = 'Theme editor used in: ' . SucuriScan::escape($theme_name) . '/' . SucuriScan::escape($filename);
895
  self::reportErrorEvent($message);
896
  self::notifyEvent('theme_editor', $message);
897
  }
@@ -909,9 +909,9 @@ class SucuriScanHook extends SucuriScanEvent
909
  && SucuriScanRequest::get('action', 'install-theme')
910
  ) {
911
  $theme = SucuriScanRequest::get('theme', '.+');
912
- $theme = $theme ? $theme : 'Unknown';
913
 
914
- $message = 'Theme installed: ' . self::escape($theme);
915
  self::reportWarningEvent($message);
916
  self::notifyEvent('theme_installed', $message);
917
  }
@@ -926,7 +926,7 @@ class SucuriScanHook extends SucuriScanEvent
926
  public static function hookThemeSwitch($title = '')
927
  {
928
  $title = empty($title) ? 'unknown' : $title;
929
- $message = 'Theme activated: ' . $title;
930
  self::reportWarningEvent($message);
931
  self::notifyEvent('theme_activated', $message);
932
  }
@@ -967,9 +967,9 @@ class SucuriScanHook extends SucuriScanEvent
967
  // Report updated themes at once.
968
  if (is_array($items_affected) && !empty($items_affected)) {
969
  if (count($items_affected) > 1) {
970
- $message = 'Themes updated: (multiple entries):';
971
  } else {
972
- $message = 'Theme updated:';
973
  }
974
 
975
  $message .= "\x20" . implode(',', $items_affected);
@@ -988,7 +988,7 @@ class SucuriScanHook extends SucuriScanEvent
988
  */
989
  public static function hookUserDelete($id = 0)
990
  {
991
- self::reportWarningEvent('User account deleted; ID: ' . $id);
992
  }
993
 
994
  /**
@@ -998,8 +998,8 @@ class SucuriScanHook extends SucuriScanEvent
998
  */
999
  public static function hookProfileUpdate($id = 0, $old_user_data)
1000
  {
1001
- $title = 'unknown';
1002
- $email = 'user@domain.com';
1003
  $roles = 'none';
1004
  $data = get_userdata($id);
1005
 
@@ -1009,8 +1009,8 @@ class SucuriScanHook extends SucuriScanEvent
1009
  $roles = @implode(', ', $data->roles);
1010
  }
1011
 
1012
- $old_title = 'unknown';
1013
- $old_email = 'user@domain.com';
1014
  $old_roles = 'none';
1015
 
1016
  if($old_user_data) {
@@ -1019,7 +1019,7 @@ class SucuriScanHook extends SucuriScanEvent
1019
  $old_roles = @implode(', ', $old_user_data->roles);
1020
  }
1021
 
1022
- $message = sprintf('User account edited; ID: %s; name: %s; old_name: %s; email: %s; old_email: %s; roles: %s; old_roles: %s',
1023
  $id,
1024
  $title,
1025
  $old_title,
@@ -1039,8 +1039,8 @@ class SucuriScanHook extends SucuriScanEvent
1039
  */
1040
  public static function hookUserRegister($id = 0)
1041
  {
1042
- $title = 'unknown';
1043
- $email = 'user@domain.com';
1044
  $roles = 'none';
1045
  $data = get_userdata($id);
1046
 
@@ -1051,7 +1051,7 @@ class SucuriScanHook extends SucuriScanEvent
1051
  }
1052
 
1053
  $message = sprintf(
1054
- 'User account created; ID: %s; name: %s; email: %s; roles: %s',
1055
  $id,
1056
  $title,
1057
  $email,
@@ -1093,7 +1093,7 @@ class SucuriScanHook extends SucuriScanEvent
1093
  }
1094
 
1095
  $message = sprintf(
1096
- 'Widget %s (%s) %s %s (#%d; size %dx%d)',
1097
  SucuriScanRequest::post('id_base'),
1098
  SucuriScanRequest::post('widget-id'),
1099
  $action_text,
65
  $mime_type = $data->post_mime_type;
66
  }
67
 
68
+ $message = sprintf(__('Media file added; ID: %s; name: %s; type: %s', 'sucuri-scanner'), $id, $title, $mime_type);
69
  self::reportNoticeEvent($message);
70
  self::notifyEvent('post_publication', $message);
71
  }
72
+
73
  /**
74
  * Send and alert notifying that a user was added to a blog.
75
  *
79
  */
80
  public static function hookAddUserToBlog($user_id, $role, $blog_id)
81
  {
82
+ $title = __('unknown', 'sucuri-scanner');
83
+ $email = __('user@domain.com', 'sucuri-scanner');
84
  $data = get_userdata($user_id);
85
 
86
  if ($data) {
88
  $email = $data->user_email;
89
  }
90
 
91
+ $message = sprintf(__('User added to website; user_id: %s; role: %s; blog_id: %s; name: %s; email: %s', 'sucuri-scanner'),
92
+ $user_id,
93
+ $role,
94
  $blog_id,
95
  $title,
96
  $email
105
  * @param int $blog_id Blog ID.
106
  */
107
  public static function hookRemoveUserFromBlog($user_id, $blog_id) {
108
+ $title = __('unknown', 'sucuri-scanner');
109
+ $email = __('user@domain.com', 'sucuri-scanner');
110
  $data = get_userdata($user_id);
111
 
112
  if ($data) {
113
  $title = $data->user_login;
114
  $email = $data->user_email;
115
  }
116
+
117
+ $message = sprintf(__('User removed from website; user_id: %s; blog_id: %s; name: %s; email: %s', 'sucuri-scanner'),
118
+ $user_id,
119
  $blog_id,
120
  $title,
121
  $email
131
  */
132
  public static function hookCategoryCreate($id = 0)
133
  {
134
+ $title = ( is_int($id) ? get_cat_name($id) : __('Unknown', 'sucuri-scanner') );
135
 
136
+ $message = sprintf(__('Category created; ID: %s; name: %s', 'sucuri-scanner'), $id, $title);
137
  self::reportNoticeEvent($message);
138
  self::notifyEvent('post_publication', $message);
139
  }
150
  && SucuriScanRequest::get('action', '(do-core-upgrade|do-core-reinstall)')
151
  && SucuriScanRequest::post('upgrade')
152
  ) {
153
+ $message = sprintf(__('WordPress updated to version: %s', 'sucuri-scanner'), SucuriScanRequest::post('version'));
154
  self::reportCriticalEvent($message);
155
  self::notifyEvent('website_updated', $message);
156
  }
176
  }
177
 
178
  $message = sprintf(
179
+ __('Bookmark link added; ID: %s; name: %s; url: %s; target: %s', 'sucuri-scanner'),
180
  $id,
181
  $title,
182
  $url,
194
  */
195
  public static function hookLinkEdit($id = 0)
196
  {
197
+ $title = __('unknown', 'sucuri-scanner');
198
  $target = '_none';
199
  $url = 'undefined/url';
200
  $data = get_bookmark($id);
206
  }
207
 
208
  $message = sprintf(
209
+ __('Bookmark link edited; ID: %s; name: %s; url: %s; target: %s', 'sucuri-scanner'),
210
  $id,
211
  $title,
212
  $url,
226
  public static function hookLoginFailure($title = '')
227
  {
228
  $password = SucuriScanRequest::post('pwd');
229
+ $title = empty($title) ? __('Unknown', 'sucuri-scanner') : sanitize_user($title, true);
230
+ $message = sprintf(__('User authentication failed: %s', 'sucuri-scanner'), $title);
231
 
232
  sucuriscan_log_failed_login($title);
233
 
280
  {
281
  // Detecting WordPress 2.8.3 vulnerability - $key is array.
282
  if (isset($_GET['key']) && is_array($_GET['key'])) {
283
+ self::reportCriticalEvent(__('Attempt to reset password by attacking WP/2.8.3 bug', 'sucuri-scanner'));
284
  }
285
  }
286
 
293
  */
294
  public static function hookLoginSuccess($title = '')
295
  {
296
+ $title = empty($title) ? __('Unknown', 'sucuri-scanner') : $title;
297
+ $message = sprintf(__('User authentication succeeded: %s', 'sucuri-scanner'), $title);
298
  self::reportNoticeEvent($message);
299
  self::notifyEvent('success_login', $message);
300
  }
323
  foreach ($options_changed['original'] as $option_name => $option_value) {
324
  $options_changed_count += 1;
325
  $options_changed_str .= sprintf(
326
+ __("The value of the option <b>%s</b> was changed from <b>'%s'</b> to <b>'%s'</b>.<br>\n", 'sucuri-scanner'),
327
  self::escape($option_name),
328
  self::escape($option_value),
329
  self::escape($options_changed['changed'][ $option_name ])
330
  );
331
  $options_changed_simple .= sprintf(
332
+ __("%s: from '%s' to '%s',", 'sucuri-scanner'),
333
  self::escape($option_name),
334
  self::escape($option_value),
335
  self::escape($options_changed['changed'][ $option_name ])
338
 
339
  /* identify the origin of the request */
340
  $option_page = isset($_POST['option_page']) ? $_POST['option_page'] : 'options';
341
+ $page_referer = __('Common', 'sucuri-scanner');
342
 
343
  switch ($option_page) {
344
  case 'options':
345
+ $page_referer = __('Global', 'sucuri-scanner');
346
  break;
347
 
348
  case 'discussion': /* no_break */
356
  }
357
 
358
  if ($options_changed_count) {
359
+ $message = sprintf(__('%s settings changed', 'sucuri-scanner'), $page_referer);
360
  self::reportErrorEvent(
361
  sprintf(
362
+ __('%s: (multiple entries): %s', 'sucuri-scanner'),
363
  $message,
364
  rtrim($options_changed_simple, ',')
365
  )
405
  }
406
 
407
  $info = get_plugin_data($filename);
408
+ $name = __('Unknown', 'sucuri-scanner');
409
  $version = '0.0.0';
410
 
411
  if (!empty($info['Name'])) {
417
  }
418
 
419
  $message = sprintf(
420
+ __('Plugin %s: %s (v%s; %s%s)', 'sucuri-scanner'),
421
  $action, /* activated or deactivated */
422
  self::escape($info['Name']),
423
  self::escape($info['Version']),
479
  // Report deleted plugins at once.
480
  if (!empty($items_affected)) {
481
  if (count($items_affected) > 1) {
482
+ $message = __('Plugins deleted: (multiple entries):', 'sucuri-scanner');
483
  } else {
484
+ $message = __('Plugin deleted:', 'sucuri-scanner');
485
  }
486
 
487
  $message .= "\x20" . @implode(',', $items_affected);
507
  && strpos($_SERVER['SCRIPT_NAME'], 'plugin-editor.php') !== false
508
  ) {
509
  $filename = SucuriScanRequest::post('file');
510
+ $message = sprintf(__('Plugin editor used in: %s', 'sucuri-scanner'), SucuriScan::escape($filename));
511
  self::reportErrorEvent($message);
512
  self::notifyEvent('theme_editor', $message);
513
  }
530
  $plugin = $_FILES['pluginzip']['name'];
531
  }
532
 
533
+ $plugin = $plugin ? $plugin : __('Unknown', 'sucuri-scanner');
534
+ $message = sprintf(__('Plugin installed: %s', 'sucuri-scanner'), self::escape($plugin));
535
  self::reportWarningEvent($message);
536
  self::notifyEvent('plugin_installed', $message);
537
  }
586
  // Report updated plugins at once.
587
  if (!empty($items_affected)) {
588
  if (count($items_affected) > 1) {
589
+ $message = __('Plugins updated: (multiple entries):', 'sucuri-scanner');
590
  } else {
591
+ $message = __('Plugin updated:', 'sucuri-scanner');
592
  }
593
 
594
  $message .= "\x20" . @implode(',', $items_affected);
657
 
658
  $cache->delete('post_' . $id);
659
  $entries = implode(',', $pieces); /* merge all entries together */
660
+ self::reportWarningEvent(sprintf(__('Post deleted: (multiple entries): %s', 'sucuri-scanner'), $entries));
661
  }
662
 
663
  /**
671
  public static function hookPostStatus($new = '', $old = '', $post = null)
672
  {
673
  if (!property_exists($post, 'ID')) {
674
+ return self::throwException(__('Ignore corrupted post data', 'sucuri-scanner'));
675
  }
676
 
677
  /* ignore; the same */
678
  if ($old === $new) {
679
+ return self::throwException(__('Skip events for equal transitions', 'sucuri-scanner'));
680
  }
681
 
682
  $post_type = 'post'; /* either post or page */
700
  * @see https://wordpress.org/plugins/postman-smtp/
701
  * @see https://wordpress.org/support/topic/unable-to-access-wordpress-dashboard-after-update-to-1-8-7/
702
  */
703
+ return self::throwException(__('Skip events for postman-smtp alerts', 'sucuri-scanner'));
704
  }
705
 
706
  /* check if email alerts are disabled for this type */
707
  if (SucuriScanOption::isIgnoredEvent($post_type)) {
708
+ return self::throwException(__('Skip events for ignored post-types', 'sucuri-scanner'));
709
  }
710
 
711
  /* check if email alerts are disabled for this transition */
712
  $custom_type = sprintf('from_%s_to_%s', $old, $new);
713
  if (SucuriScanOption::isIgnoredEvent($custom_type)) {
714
+ return self::throwException(__('Skip events for ignored post transitions', 'sucuri-scanner'));
715
  }
716
 
717
  $pieces = array();
718
  $post_type = ucwords($post_type);
719
 
720
+ $pieces[] = sprintf(__('ID: %s', 'sucuri-scanner'), self::escape($post->ID));
721
+ $pieces[] = sprintf(__('Old status: %s', 'sucuri-scanner'), self::escape($old));
722
+ $pieces[] = sprintf(__('New status: %s', 'sucuri-scanner'), self::escape($new));
723
 
724
  if (property_exists($post, 'post_title')) {
725
+ $pieces[] = sprintf(__('Title: %s', 'sucuri-scanner'), self::escape($post->post_title));
726
  }
727
 
728
+ $message = sprintf(__('%s status has been changed', 'sucuri-scanner'), self::escape($post_type));
729
  $message .= "; details:\x20";
730
  $message .= implode(',', $pieces);
731
 
741
  */
742
  public static function hookPostTrash($id = 0)
743
  {
744
+ $title = __('Unknown', 'sucuri-scanner');
745
  $status = 'none';
746
  $data = get_post($id);
747
 
751
  }
752
 
753
  $message = sprintf(
754
+ __('Post moved to trash; ID: %s; name: %s; status: %s', 'sucuri-scanner'),
755
  $id,
756
  $title,
757
  $status
767
  */
768
  private static function hookPublish($id = 0)
769
  {
770
+ $title = __('Unknown', 'sucuri-scanner');
771
+ $p_type = __('Publication', 'sucuri-scanner');
772
  $action = 'published';
773
  $data = get_post($id);
774
 
786
  }
787
 
788
  $message = sprintf(
789
+ __('%s was %s; ID: %s; name: %s', 'sucuri-scanner'),
790
  self::escape($p_type),
791
  self::escape($action),
792
  intval($id),
851
  {
852
  $title = empty($title) ? 'unknown' : $title;
853
 
854
+ self::reportErrorEvent(sprintf(__('Password retrieval attempt: %s', 'sucuri-scanner'), $title));
855
  }
856
 
857
  /**
867
  && SucuriScanRequest::getOrPost('stylesheet', '.+')
868
  ) {
869
  $theme = SucuriScanRequest::getOrPost('stylesheet', '.+');
870
+ $theme = $theme ? $theme : __('Unknown', 'sucuri-scanner');
871
 
872
+ $message = sprintf(__('Theme deleted: %s', 'sucuri-scanner'), self::escape($theme));
873
  self::reportWarningEvent($message);
874
  self::notifyEvent('theme_deleted', $message);
875
  }
891
  ) {
892
  $theme_name = SucuriScanRequest::post('theme');
893
  $filename = SucuriScanRequest::post('file');
894
+ $message = sprintf(__('Theme editor used in: %s/%s', 'sucuri-scanner'), SucuriScan::escape($theme_name), SucuriScan::escape($filename));
895
  self::reportErrorEvent($message);
896
  self::notifyEvent('theme_editor', $message);
897
  }
909
  && SucuriScanRequest::get('action', 'install-theme')
910
  ) {
911
  $theme = SucuriScanRequest::get('theme', '.+');
912
+ $theme = $theme ? $theme : __('Unknown', 'sucuri-scanner');
913
 
914
+ $message = sprintf(__('Theme installed: %s', 'sucuri-scanner'), self::escape($theme));
915
  self::reportWarningEvent($message);
916
  self::notifyEvent('theme_installed', $message);
917
  }
926
  public static function hookThemeSwitch($title = '')
927
  {
928
  $title = empty($title) ? 'unknown' : $title;
929
+ $message = sprintf(__('Theme activated: %s', 'sucuri-scanner'), $title);
930
  self::reportWarningEvent($message);
931
  self::notifyEvent('theme_activated', $message);
932
  }
967
  // Report updated themes at once.
968
  if (is_array($items_affected) && !empty($items_affected)) {
969
  if (count($items_affected) > 1) {
970
+ $message = __('Themes updated: (multiple entries):', 'sucuri-scanner');
971
  } else {
972
+ $message = __('Theme updated:', 'sucuri-scanner');
973
  }
974
 
975
  $message .= "\x20" . implode(',', $items_affected);
988
  */
989
  public static function hookUserDelete($id = 0)
990
  {
991
+ self::reportWarningEvent(sprintf(__('User account deleted; ID: %d', 'sucuri-scanner'), $id));
992
  }
993
 
994
  /**
998
  */
999
  public static function hookProfileUpdate($id = 0, $old_user_data)
1000
  {
1001
+ $title = __('unknown', 'sucuri-scanner');
1002
+ $email = __('user@domain.com', 'sucuri-scanner');
1003
  $roles = 'none';
1004
  $data = get_userdata($id);
1005
 
1009
  $roles = @implode(', ', $data->roles);
1010
  }
1011
 
1012
+ $old_title = __('unknown', 'sucuri-scanner');
1013
+ $old_email = __('user@domain.com', 'sucuri-scanner');
1014
  $old_roles = 'none';
1015
 
1016
  if($old_user_data) {
1019
  $old_roles = @implode(', ', $old_user_data->roles);
1020
  }
1021
 
1022
+ $message = sprintf(__('User account edited; ID: %s; name: %s; old_name: %s; email: %s; old_email: %s; roles: %s; old_roles: %s', 'sucuri-scanner'),
1023
  $id,
1024
  $title,
1025
  $old_title,
1039
  */
1040
  public static function hookUserRegister($id = 0)
1041
  {
1042
+ $title = __('unknown', 'sucuri-scanner');
1043
+ $email = __('user@domain.com', 'sucuri-scanner');
1044
  $roles = 'none';
1045
  $data = get_userdata($id);
1046
 
1051
  }
1052
 
1053
  $message = sprintf(
1054
+ __('User account created; ID: %s; name: %s; email: %s; roles: %s', 'sucuri-scanner'),
1055
  $id,
1056
  $title,
1057
  $email,
1093
  }
1094
 
1095
  $message = sprintf(
1096
+ __('Widget %s (%s) %s %s (#%d; size %dx%d)', 'sucuri-scanner'),
1097
  SucuriScanRequest::post('id_base'),
1098
  SucuriScanRequest::post('widget-id'),
1099
  $action_text,
src/integrity.lib.php CHANGED
@@ -110,12 +110,12 @@ class SucuriScanIntegrity
110
 
111
  /* skip if the user didn't confirm the operation */
112
  if (SucuriScanRequest::post(':process_form') != 1) {
113
- return SucuriScanInterface::error('You need to confirm that you understand the risk of this operation.');
114
  }
115
 
116
  /* skip if the requested action is not currently supported */
117
  if ($action !== 'fixed' && $action !== 'delete' && $action !== 'restore') {
118
- return SucuriScanInterface::error('Requested action is not supported.');
119
  }
120
 
121
  /* process the HTTP request */
@@ -125,14 +125,14 @@ class SucuriScanIntegrity
125
  $files_affected = array();
126
  $files_processed = 0;
127
  $action_titles = array(
128
- 'restore' => 'Core file restored',
129
- 'delete' => 'Non-core file deleted',
130
- 'fixed' => 'Core file marked as fixed',
131
  );
132
 
133
  /* skip if no files were selected */
134
  if (!$core_files) {
135
- return SucuriScanInterface::error('Nothing was selected from the list.');
136
  }
137
 
138
  /* process files until the maximum execution time is reached */
@@ -225,13 +225,13 @@ class SucuriScanIntegrity
225
  }
226
 
227
  if ($displayTimeoutAlert) {
228
- SucuriScanInterface::error('Server is not fast enough to process this action; maximum execution time reached');
229
  }
230
 
231
  if ($files_processed != $files_selected) {
232
  return SucuriScanInterface::error(
233
  sprintf(
234
- 'Only <b>%d</b> out of <b>%d</b> files were processed.',
235
  $files_processed,
236
  $files_selected
237
  )
@@ -240,7 +240,7 @@ class SucuriScanIntegrity
240
 
241
  return SucuriScanInterface::info(
242
  sprintf(
243
- '<b>%d</b> out of <b>%d</b> files were successfully processed.',
244
  $files_processed,
245
  $files_selected
246
  )
@@ -318,11 +318,11 @@ class SucuriScanIntegrity
318
  $visibility = 'visible';
319
 
320
  if ($list_type === 'added') {
321
- $error = 'The plugin has no permission to delete this file because it was created by a different system user who has more privileges than your account. Please use FTP to delete it.';
322
  } elseif ($list_type === 'modified') {
323
- $error = 'The plugin has no permission to restore this file because it was modified by a different system user who has more privileges than your account. Please use FTP to restore it.';
324
  } elseif ($list_type === 'removed') {
325
- $error = 'The plugin has no permission to restore this file because its directory is owned by a different system user who has more privileges than your account. Please use FTP to restore it.';
326
  }
327
  }
328
 
@@ -402,7 +402,7 @@ class SucuriScanIntegrity
402
  $params['DiffUtility.Modal'] = SucuriScanTemplate::getModal(
403
  'none',
404
  array(
405
- 'Title' => 'WordPress Integrity Diff Utility',
406
  'Content' => '' /* empty */,
407
  'Identifier' => 'diff-utility',
408
  'Visibility' => 'hidden',
@@ -668,6 +668,7 @@ class SucuriScanIntegrity
668
  '^pinterest-[0-9a-z]{5}\.html$',
669
  '^wp-content\/languages\/.+\.mo$',
670
  '^wp-content\/languages\/.+\.po$',
 
671
  '\.ico$',
672
  );
673
 
110
 
111
  /* skip if the user didn't confirm the operation */
112
  if (SucuriScanRequest::post(':process_form') != 1) {
113
+ return SucuriScanInterface::error(__('You need to confirm that you understand the risk of this operation.', 'sucuri-scanner'));
114
  }
115
 
116
  /* skip if the requested action is not currently supported */
117
  if ($action !== 'fixed' && $action !== 'delete' && $action !== 'restore') {
118
+ return SucuriScanInterface::error(__('Requested action is not supported.', 'sucuri-scanner'));
119
  }
120
 
121
  /* process the HTTP request */
125
  $files_affected = array();
126
  $files_processed = 0;
127
  $action_titles = array(
128
+ 'restore' => __('Core file restored', 'sucuri-scanner'),
129
+ 'delete' => __('Non-core file deleted', 'sucuri-scanner'),
130
+ 'fixed' => __('Core file marked as fixed', 'sucuri-scanner'),
131
  );
132
 
133
  /* skip if no files were selected */
134
  if (!$core_files) {
135
+ return SucuriScanInterface::error(__('Nothing was selected from the list.', 'sucuri-scanner'));
136
  }
137
 
138
  /* process files until the maximum execution time is reached */
225
  }
226
 
227
  if ($displayTimeoutAlert) {
228
+ SucuriScanInterface::error(__('Server is not fast enough to process this action; maximum execution time reached', 'sucuri-scanner'));
229
  }
230
 
231
  if ($files_processed != $files_selected) {
232
  return SucuriScanInterface::error(
233
  sprintf(
234
+ __('Only <b>%d</b> out of <b>%d</b> files were processed.', 'sucuri-scanner'),
235
  $files_processed,
236
  $files_selected
237
  )
240
 
241
  return SucuriScanInterface::info(
242
  sprintf(
243
+ __('<b>%d</b> out of <b>%d</b> files were successfully processed.', 'sucuri-scanner'),
244
  $files_processed,
245
  $files_selected
246
  )
318
  $visibility = 'visible';
319
 
320
  if ($list_type === 'added') {
321
+ $error = __('The plugin has no permission to delete this file because it was created by a different system user who has more privileges than your account. Please use FTP to delete it.', 'sucuri-scanner');
322
  } elseif ($list_type === 'modified') {
323
+ $error = __('The plugin has no permission to restore this file because it was modified by a different system user who has more privileges than your account. Please use FTP to restore it.', 'sucuri-scanner');
324
  } elseif ($list_type === 'removed') {
325
+ $error = __('The plugin has no permission to restore this file because its directory is owned by a different system user who has more privileges than your account. Please use FTP to restore it.', 'sucuri-scanner');
326
  }
327
  }
328
 
402
  $params['DiffUtility.Modal'] = SucuriScanTemplate::getModal(
403
  'none',
404
  array(
405
+ 'Title' => __('WordPress Integrity Diff Utility', 'sucuri-scanner'),
406
  'Content' => '' /* empty */,
407
  'Identifier' => 'diff-utility',
408
  'Visibility' => 'hidden',
668
  '^pinterest-[0-9a-z]{5}\.html$',
669
  '^wp-content\/languages\/.+\.mo$',
670
  '^wp-content\/languages\/.+\.po$',
671
+ '^wp-content\/languages\/.+\.json$',
672
  '\.ico$',
673
  );
674
 
src/interface.lib.php CHANGED
@@ -187,7 +187,7 @@ class SucuriScanInterface
187
 
188
  if (!SucuriScanFileInfo::isSplAvailable()) {
189
  /* display a warning when system dependencies are not met */
190
- self::error('The plugin requires PHP 5 >= 5.3.0 - OR - PHP 7');
191
  }
192
 
193
  $filename = SucuriScanOption::optionsFilePath();
@@ -195,7 +195,7 @@ class SucuriScanInterface
195
  if (!is_writable($filename)) {
196
  self::error(
197
  sprintf(
198
- 'Storage is not writable: <code>%s</code>',
199
  $filename /* absolute path of the settings file */
200
  )
201
  );
@@ -237,7 +237,7 @@ class SucuriScanInterface
237
  * the new code.
238
  */
239
  if (SucuriScanOption::isDisabled(':api_service')) {
240
- self::info('API service communication is disabled, if you just updated the plugin this might be a good opportunity to test this feature once again with the new code. Enable it again from the "API Service" panel located in the settings page.');
241
  }
242
 
243
  /**
@@ -250,7 +250,7 @@ class SucuriScanInterface
250
  *
251
  * @date Featured added at - May 01, 2017
252
  */
253
- self::info('Do you want to get vulnerability disclosures? Subscribe to our newsletter <a href="http://sucuri.hs-sites.com/subscribe-to-security" target="_blank" rel="noopener">here</a>');
254
  }
255
 
256
  /**
@@ -263,8 +263,8 @@ class SucuriScanInterface
263
  public static function checkPageVisibility()
264
  {
265
  if (!function_exists('current_user_can') || !current_user_can('manage_options')) {
266
- SucuriScan::throwException('Access denied; cannot manage options');
267
- wp_die('Access denied by ' . SUCURISCAN_PLUGIN_NAME);
268
  }
269
  }
270
 
@@ -284,8 +284,8 @@ class SucuriScanInterface
284
  $nonce_value = SucuriScanRequest::post($nonce_name, '_nonce');
285
 
286
  if (!$nonce_value || !wp_verify_nonce($nonce_value, $nonce_name)) {
287
- SucuriScan::throwException('Nonce is invalid');
288
- self::error('WordPress CSRF verification failed. The submitted form is missing an important unique code that prevents the execution of automated malicious scanners. Go back and try again. If you did not submit a form, this error message could be an indication of an incompatibility between this plugin and another add-on; one of them is inserting data into the global POST variable when the HTTP request is coming via GET. Disable them one by one (while reloading this page) to find the culprit.');
289
  return false;
290
  }
291
  }
187
 
188
  if (!SucuriScanFileInfo::isSplAvailable()) {
189
  /* display a warning when system dependencies are not met */
190
+ self::error(__('The plugin requires PHP 5 >= 5.3.0 - OR - PHP 7', 'sucuri-scanner'));
191
  }
192
 
193
  $filename = SucuriScanOption::optionsFilePath();
195
  if (!is_writable($filename)) {
196
  self::error(
197
  sprintf(
198
+ __('Storage is not writable: <code>%s</code>', 'sucuri-scanner'),
199
  $filename /* absolute path of the settings file */
200
  )
201
  );
237
  * the new code.
238
  */
239
  if (SucuriScanOption::isDisabled(':api_service')) {
240
+ self::info(__('API service communication is disabled, if you just updated the plugin this might be a good opportunity to test this feature once again with the new code. Enable it again from the "API Service" panel located in the settings page.', 'sucuri-scanner'));
241
  }
242
 
243
  /**
250
  *
251
  * @date Featured added at - May 01, 2017
252
  */
253
+ self::info(__('Do you want to get vulnerability disclosures? Subscribe to our newsletter <a href="http://sucuri.hs-sites.com/subscribe-to-security" target="_blank" rel="noopener">here</a>', 'sucuri-scanner'));
254
  }
255
 
256
  /**
263
  public static function checkPageVisibility()
264
  {
265
  if (!function_exists('current_user_can') || !current_user_can('manage_options')) {
266
+ SucuriScan::throwException(__('Access denied; cannot manage options', 'sucuri-scanner'));
267
+ wp_die(sprintf(__('Access denied by %s', 'sucuri-scanner'), SUCURISCAN_PLUGIN_NAME));
268
  }
269
  }
270
 
284
  $nonce_value = SucuriScanRequest::post($nonce_name, '_nonce');
285
 
286
  if (!$nonce_value || !wp_verify_nonce($nonce_value, $nonce_name)) {
287
+ SucuriScan::throwException(__('Nonce is invalid', 'sucuri-scanner'));
288
+ self::error(__('WordPress CSRF verification failed. The submitted form is missing an important unique code that prevents the execution of automated malicious scanners. Go back and try again. If you did not submit a form, this error message could be an indication of an incompatibility between this plugin and another add-on; one of them is inserting data into the global POST variable when the HTTP request is coming via GET. Disable them one by one (while reloading this page) to find the culprit.', 'sucuri-scanner'));
289
  return false;
290
  }
291
  }
src/lastlogins-failed.php CHANGED
@@ -243,7 +243,7 @@ function sucuriscan_get_failed_logins($get_old_logs = false, $offset = 0, $limit
243
  $login_data['attempt_count'] = ( $key + 1 );
244
 
245
  if (!$login_data['user_agent']) {
246
- $login_data['user_agent'] = 'Unknown';
247
  }
248
 
249
  if (!isset($login_data['user_password'])) {
@@ -341,11 +341,11 @@ function sucuriscan_report_failed_logins($failed_logins = array())
341
  // Add the table headers.
342
  $table_html .= '<thead>';
343
  $table_html .= '<tr>';
344
- $table_html .= '<th>' . 'Username' . '</th>';
345
- $table_html .= '<th>' . 'Password' . '</th>';
346
- $table_html .= '<th>' . 'IP Address' . '</th>';
347
- $table_html .= '<th>' . 'Attempt Timestamp' . '</th>';
348
- $table_html .= '<th>' . 'Attempt Date/Time' . '</th>';
349
  $table_html .= '</tr>';
350
  $table_html .= '</thead>';
351
 
@@ -365,11 +365,11 @@ function sucuriscan_report_failed_logins($failed_logins = array())
365
  $table_html .= '</tr>';
366
  } else {
367
  $mail_content .= "\n";
368
- $mail_content .= 'Username' . ":\x20" . $login_data['user_login'] . "\n";
369
- $mail_content .= 'Password' . ":\x20" . $login_data['user_password'] . "\n";
370
- $mail_content .= 'IP Address' . ":\x20" . $login_data['remote_addr'] . "\n";
371
- $mail_content .= 'Attempt Timestamp' . ":\x20" . $login_data['attempt_time'] . "\n";
372
- $mail_content .= 'Attempt Date/Time' . ":\x20" . $login_data['attempt_date'] . "\n";
373
  }
374
  }
375
 
243
  $login_data['attempt_count'] = ( $key + 1 );
244
 
245
  if (!$login_data['user_agent']) {
246
+ $login_data['user_agent'] = __('Unknown', 'sucuri-scanner');
247
  }
248
 
249
  if (!isset($login_data['user_password'])) {
341
  // Add the table headers.
342
  $table_html .= '<thead>';
343
  $table_html .= '<tr>';
344
+ $table_html .= '<th>' . __('Username', 'sucuri-scanner') . '</th>';
345
+ $table_html .= '<th>' . __('Password', 'sucuri-scanner') . '</th>';
346
+ $table_html .= '<th>' . __('IP Address', 'sucuri-scanner') . '</th>';
347
+ $table_html .= '<th>' . __('Attempt Timestamp', 'sucuri-scanner') . '</th>';
348
+ $table_html .= '<th>' . __('Attempt Date/Time', 'sucuri-scanner') . '</th>';
349
  $table_html .= '</tr>';
350
  $table_html .= '</thead>';
351
 
365
  $table_html .= '</tr>';
366
  } else {
367
  $mail_content .= "\n";
368
+ $mail_content .= __('Username', 'sucuri-scanner') . ":\x20" . $login_data['user_login'] . "\n";
369
+ $mail_content .= __('Password', 'sucuri-scanner') . ":\x20" . $login_data['user_password'] . "\n";
370
+ $mail_content .= __('IP Address', 'sucuri-scanner') . ":\x20" . $login_data['remote_addr'] . "\n";
371
+ $mail_content .= __('Attempt Timestamp', 'sucuri-scanner') . ":\x20" . $login_data['attempt_time'] . "\n";
372
+ $mail_content .= __('Attempt Date/Time', 'sucuri-scanner') . ":\x20" . $login_data['attempt_date'] . "\n";
373
  }
374
  }
375
 
src/lastlogins.php CHANGED
@@ -121,7 +121,7 @@ function sucuriscan_lastlogins_all()
121
 
122
  if (!sucuriscan_lastlogins_datastore_is_writable()) {
123
  $fpath = SucuriScan::escape(sucuriscan_lastlogins_datastore_filepath());
124
- SucuriScanInterface::error(sprintf('Last-logins data file is not writable: <code>%s</code>', $fpath));
125
  }
126
 
127
  $last_logins = sucuriscan_get_logins($max_per_page, $offset);
@@ -297,14 +297,14 @@ function sucuriscan_get_logins($limit = 10, $offset = 0, $user_id = 0)
297
  );
298
 
299
  if (!$datastore_filepath) {
300
- return SucuriScan::throwException('Invalid last-logins storage file');
301
  }
302
 
303
  $parsed_lines = 0;
304
  $data_lines = SucuriScanFileInfo::fileLines($datastore_filepath);
305
 
306
  if (!$data_lines) {
307
- return SucuriScan::throwException('No last-logins data is available');
308
  }
309
 
310
  /**
@@ -448,8 +448,7 @@ if (!function_exists('sucuriscan_get_user_lastlogin')) {
448
  $row = $last_logins['entries'][1];
449
  $page_url = SucuriScanTemplate::getUrl('lastlogins');
450
  $message = sprintf(
451
- 'Last login was at <b>%s</b> from <b>%s</b> <em>(%s)</em> '
452
- . '<a href="%s" target="_self">view all logs</a>',
453
  SucuriScan::datetime($row['user_lastlogin_timestamp']),
454
  SucuriScan::escape($row['user_remoteaddr']),
455
  SucuriScan::escape($row['user_hostname']),
121
 
122
  if (!sucuriscan_lastlogins_datastore_is_writable()) {
123
  $fpath = SucuriScan::escape(sucuriscan_lastlogins_datastore_filepath());
124
+ SucuriScanInterface::error(sprintf(__('Last-logins data file is not writable: <code>%s</code>', 'sucuri-scanner'), $fpath));
125
  }
126
 
127
  $last_logins = sucuriscan_get_logins($max_per_page, $offset);
297
  );
298
 
299
  if (!$datastore_filepath) {
300
+ return SucuriScan::throwException(__('Invalid last-logins storage file', 'sucuri-scanner'));
301
  }
302
 
303
  $parsed_lines = 0;
304
  $data_lines = SucuriScanFileInfo::fileLines($datastore_filepath);
305
 
306
  if (!$data_lines) {
307
+ return SucuriScan::throwException(__('No last-logins data is available', 'sucuri-scanner'));
308
  }
309
 
310
  /**
448
  $row = $last_logins['entries'][1];
449
  $page_url = SucuriScanTemplate::getUrl('lastlogins');
450
  $message = sprintf(
451
+ __('Last login was at <b>%s</b> from <b>%s</b> <em>(%s)</em> <a href="%s" target="_self">view all logs</a>', 'sucuri-scanner'),
 
452
  SucuriScan::datetime($row['user_lastlogin_timestamp']),
453
  SucuriScan::escape($row['user_remoteaddr']),
454
  SucuriScan::escape($row['user_hostname']),
src/mail.lib.php CHANGED
@@ -77,7 +77,7 @@ class SucuriScanMail extends SucuriScanOption
77
  }
78
 
79
  if (self::emailsPerHourReached() && !$force) {
80
- return self::throwException('Maximum number of emails per hour reached');
81
  }
82
 
83
  /* check if we need to load a template file to wrap the message */
@@ -181,7 +181,7 @@ class SucuriScanMail extends SucuriScanOption
181
  && !empty($user->user_login)
182
  ) {
183
  $display_name = sprintf(
184
- 'User: %s (%s)',
185
  $user->display_name,
186
  $user->user_login
187
  );
@@ -207,7 +207,7 @@ class SucuriScanMail extends SucuriScanOption
207
  }
208
  }
209
 
210
- $params['TemplateTitle'] = 'Sucuri Alert';
211
  $params['Subject'] = $subject;
212
  $params['Website'] = $website;
213
  $params['RemoteAddress'] = self::getRemoteAddr();
77
  }
78
 
79
  if (self::emailsPerHourReached() && !$force) {
80
+ return self::throwException(__('Maximum number of emails per hour reached', 'sucuri-scanner'));
81
  }
82
 
83
  /* check if we need to load a template file to wrap the message */
181
  && !empty($user->user_login)
182
  ) {
183
  $display_name = sprintf(
184
+ __('User: %s (%s)', 'sucuri-scanner'),
185
  $user->display_name,
186
  $user->user_login
187
  );
207
  }
208
  }
209
 
210
+ $params['TemplateTitle'] = __('Sucuri Alert', 'sucuri-scanner');
211
  $params['Subject'] = $subject;
212
  $params['Website'] = $website;
213
  $params['RemoteAddress'] = self::getRemoteAddr();
src/option.lib.php CHANGED
@@ -145,7 +145,7 @@ class SucuriScanOption extends SucuriScanRequest
145
  $admin_email = get_option('admin_email');
146
  $default['sucuriscan_account'] = $admin_email;
147
  $default['sucuriscan_notify_to'] = $admin_email;
148
- $default['sucuriscan_email_subject'] = 'Sucuri Alert, :domain, :event, :remoteaddr';
149
  }
150
 
151
  return @$default[$option];
145
  $admin_email = get_option('admin_email');
146
  $default['sucuriscan_account'] = $admin_email;
147
  $default['sucuriscan_notify_to'] = $admin_email;
148
+ $default['sucuriscan_email_subject'] = sprintf(__('Sucuri Alert, %s, %s, %s', 'sucuri-scanner'), ':domain', ':event', ':remoteaddr');
149
  }
150
 
151
  return @$default[$option];
src/pagehandler.php CHANGED
@@ -41,12 +41,12 @@ function sucuriscan_page()
41
 
42
  /* load data for the SiteCheck section */
43
  $params['SiteCheck.Refresh'] = 'false';
44
- $params['SiteCheck.iFramesTitle'] = 'iFrames';
45
- $params['SiteCheck.LinksTitle'] = 'Links';
46
- $params['SiteCheck.ScriptsTitle'] = 'Scripts';
47
- $params['SiteCheck.iFramesContent'] = 'Loading...';
48
- $params['SiteCheck.LinksContent'] = 'Loading...';
49
- $params['SiteCheck.ScriptsContent'] = 'Loading...';
50
  $params['SiteCheck.Malware'] = '<div id="sucuriscan-malware"></div>';
51
  $params['SiteCheck.Blacklist'] = '<div id="sucuriscan-blacklist"></div>';
52
  $params['SiteCheck.Recommendations'] = '<div id="sucuriscan-recommendations"></div>';
@@ -94,9 +94,9 @@ function sucuriscan_lastlogins_page()
94
 
95
  if (@unlink($file_path)) {
96
  sucuriscan_lastlogins_datastore_exists();
97
- SucuriScanInterface::info('Last-Logins logs were successfully reset.');
98
  } else {
99
- SucuriScanInterface::error('Could not reset the last-logins data file.');
100
  }
101
  }
102
 
@@ -205,6 +205,7 @@ function sucuriscan_ajax()
205
  SucuriScanFirewall::getSettingsAjax();
206
  SucuriScanFirewall::clearCacheAjax();
207
  SucuriScanFirewall::clearAutoCacheAjax();
 
208
  SucuriScanSettingsPosthack::availableUpdatesAjax();
209
  SucuriScanSettingsPosthack::getPluginsAjax();
210
  SucuriScanSettingsPosthack::resetPasswordAjax();
41
 
42
  /* load data for the SiteCheck section */
43
  $params['SiteCheck.Refresh'] = 'false';
44
+ $params['SiteCheck.iFramesTitle'] = __('iFrames', 'sucuri-scanner');
45
+ $params['SiteCheck.LinksTitle'] = __('Links', 'sucuri-scanner');
46
+ $params['SiteCheck.ScriptsTitle'] = __('Scripts', 'sucuri-scanner');
47
+ $params['SiteCheck.iFramesContent'] = __('Loading...', 'sucuri-scanner');
48
+ $params['SiteCheck.LinksContent'] = __('Loading...', 'sucuri-scanner');
49
+ $params['SiteCheck.ScriptsContent'] = __('Loading...', 'sucuri-scanner');
50
  $params['SiteCheck.Malware'] = '<div id="sucuriscan-malware"></div>';
51
  $params['SiteCheck.Blacklist'] = '<div id="sucuriscan-blacklist"></div>';
52
  $params['SiteCheck.Recommendations'] = '<div id="sucuriscan-recommendations"></div>';
94
 
95
  if (@unlink($file_path)) {
96
  sucuriscan_lastlogins_datastore_exists();
97
+ SucuriScanInterface::info(__('Last-Logins logs were successfully reset.', 'sucuri-scanner'));
98
  } else {
99
+ SucuriScanInterface::error(__('Could not reset the last-logins data file.', 'sucuri-scanner'));
100
  }
101
  }
102
 
205
  SucuriScanFirewall::getSettingsAjax();
206
  SucuriScanFirewall::clearCacheAjax();
207
  SucuriScanFirewall::clearAutoCacheAjax();
208
+ SucuriScanSettingsScanner::cronjobsAjax();
209
  SucuriScanSettingsPosthack::availableUpdatesAjax();
210
  SucuriScanSettingsPosthack::getPluginsAjax();
211
  SucuriScanSettingsPosthack::resetPasswordAjax();
src/settings-alerts.php CHANGED
@@ -53,14 +53,14 @@ function sucuriscan_settings_alerts_recipients($nonce)
53
 
54
  if (SucuriScan::isValidEmail($new_email)) {
55
  $emails[] = $new_email;
56
- $message = sprintf('The email alerts will be sent to: <code>%s</code>', $new_email);
57
 
58
  SucuriScanOption::updateOption(':notify_to', implode(',', $emails));
59
- SucuriScanEvent::reportInfoEvent('The email alerts will be sent to: ' . $new_email);
60
  SucuriScanEvent::notifyEvent('plugin_change', $message);
61
  SucuriScanInterface::info($message);
62
  } else {
63
- SucuriScanInterface::error('Email format not supported.');
64
  }
65
  }
66
 
@@ -79,10 +79,10 @@ function sucuriscan_settings_alerts_recipients($nonce)
79
 
80
  if (!empty($deleted_emails)) {
81
  $deleted_emails_str = implode(",\x20", $deleted_emails);
82
- $message = sprintf('These emails will stop receiving alerts: <code>%s</code>', $deleted_emails_str);
83
 
84
  SucuriScanOption::updateOption(':notify_to', implode(',', $emails));
85
- SucuriScanEvent::reportInfoEvent('These emails will stop receiving alerts: ' . $deleted_emails_str);
86
  SucuriScanEvent::notifyEvent('plugin_change', $message);
87
  SucuriScanInterface::info($message);
88
  }
@@ -93,12 +93,12 @@ function sucuriscan_settings_alerts_recipients($nonce)
93
  $recipients = SucuriScanOption::getOption(':notify_to');
94
  SucuriScanMail::sendMail(
95
  $recipients,
96
- 'Test Email Alert',
97
- sprintf('Test email alert sent at %s', SucuriScan::datetime()),
98
  array('Force' => true)
99
  );
100
 
101
- SucuriScanInterface::info('A test alert was sent to your email, check your inbox');
102
  }
103
  }
104
 
@@ -143,12 +143,12 @@ function sucuriscan_settings_alerts_trustedips()
143
  $ip_info['added_at'] = time();
144
 
145
  if ($cache->exists($cache_key)) {
146
- SucuriScanInterface::error('The IP specified address was already added.');
147
  } elseif ($cache->add($cache_key, $ip_info)) {
148
- SucuriScanEvent::reportWarningEvent('IP has been trusted: ' . $trust_ip);
149
- SucuriScanInterface::info(sprintf('Events generated from this IP will be ignored: <code>%s</code>', $trust_ip));
150
  } else {
151
- SucuriScanInterface::error('The IP address could not be added to the trusted list');
152
  }
153
  }
154
  }
@@ -161,7 +161,7 @@ function sucuriscan_settings_alerts_trustedips()
161
  $cache->delete($cache_key);
162
  }
163
 
164
- SucuriScanInterface::info('The selected IP addresses were successfully deleted.');
165
  }
166
  }
167
 
@@ -170,7 +170,7 @@ function sucuriscan_settings_alerts_trustedips()
170
  if ($trusted_ips) {
171
  foreach ($trusted_ips as $cache_key => $ip_info) {
172
  if ($ip_info->cidr_range == 32) {
173
- $ip_info->cidr_format = 'n/a';
174
  }
175
 
176
  $params['TrustedIPs.List'] .= SucuriScanTemplate::getSnippet(
@@ -205,13 +205,13 @@ function sucuriscan_settings_alerts_subject($nonce)
205
  );
206
 
207
  $subjects = array(
208
- 'Sucuri Alert, :domain, :event',
209
- 'Sucuri Alert, :domain, :event, :remoteaddr',
210
- 'Sucuri Alert, :domain, :event, :username',
211
- 'Sucuri Alert, :domain, :event, :email',
212
- 'Sucuri Alert, :event, :remoteaddr',
213
- 'Sucuri Alert, :event, :hostname',
214
- 'Sucuri Alert, :event',
215
  );
216
 
217
  // Process form submission to change the alert settings.
@@ -239,7 +239,7 @@ function sucuriscan_settings_alerts_subject($nonce)
239
  ) {
240
  $new_subject = trim($custom_subject);
241
  } else {
242
- SucuriScanInterface::error('Invalid characters in the email subject.');
243
  }
244
  } elseif (is_array($subjects) && in_array($email_subject, $subjects)) {
245
  $new_subject = trim($email_subject);
@@ -247,12 +247,12 @@ function sucuriscan_settings_alerts_subject($nonce)
247
 
248
  // Proceed with the operation saving the new subject.
249
  if ($new_subject !== false && $current_value !== $new_subject) {
250
- $message = 'Email subject set to <code>' . $new_subject . '</code>';
251
 
252
  SucuriScanOption::updateOption(':email_subject', $new_subject);
253
  SucuriScanEvent::reportInfoEvent($message);
254
  SucuriScanEvent::notifyEvent('plugin_change', $message);
255
- SucuriScanInterface::info('The email subject has been successfully updated');
256
  }
257
  }
258
  }
@@ -301,13 +301,13 @@ function sucuriscan_settings_alerts_perhour($nonce)
301
  $params['Alerts.PerHour'] = '';
302
 
303
  $emails_per_hour = array(
304
- '5' => 'Maximum 5 per hour',
305
- '10' => 'Maximum 10 per hour',
306
- '20' => 'Maximum 20 per hour',
307
- '40' => 'Maximum 40 per hour',
308
- '80' => 'Maximum 80 per hour',
309
- '160' => 'Maximum 160 per hour',
310
- 'unlimited' => 'Unlimited alerts per hour',
311
  );
312
 
313
  if ($nonce) {
@@ -317,14 +317,14 @@ function sucuriscan_settings_alerts_perhour($nonce)
317
  if ($per_hour) {
318
  if (array_key_exists($per_hour, $emails_per_hour)) {
319
  $per_hour_label = strtolower($emails_per_hour[$per_hour]);
320
- $message = 'Maximum alerts per hour set to <code>' . $per_hour_label . '</code>';
321
 
322
  SucuriScanOption::updateOption(':emails_per_hour', $per_hour);
323
  SucuriScanEvent::reportInfoEvent($message);
324
  SucuriScanEvent::notifyEvent('plugin_change', $message);
325
- SucuriScanInterface::info('The maximum number of alerts per hour has been updated');
326
  } else {
327
- SucuriScanInterface::error('Error updating the maximum number of alerts per hour');
328
  }
329
  }
330
  }
@@ -348,11 +348,11 @@ function sucuriscan_settings_alerts_bruteforce($nonce)
348
  $params['Alerts.BruteForce'] = '';
349
 
350
  $max_failed_logins = array(
351
- '30' => '30 failed logins per hour',
352
- '60' => '60 failed logins per hour',
353
- '120' => '120 failed logins per hour',
354
- '240' => '240 failed logins per hour',
355
- '480' => '480 failed logins per hour',
356
  );
357
 
358
  if ($nonce) {
@@ -361,18 +361,14 @@ function sucuriscan_settings_alerts_bruteforce($nonce)
361
 
362
  if ($maximum) {
363
  if (array_key_exists($maximum, $max_failed_logins)) {
364
- $message = 'Consider brute-force attack after <code>' . $maximum . '</code> failed logins per hour';
365
 
366
  SucuriScanOption::updateOption(':maximum_failed_logins', $maximum);
367
  SucuriScanEvent::reportInfoEvent($message);
368
  SucuriScanEvent::notifyEvent('plugin_change', $message);
369
- SucuriScanInterface::info(
370
- 'The plugin will assume that your website is under a brute'
371
- . '-force attack after ' . $maximum . ' failed logins are '
372
- . 'detected during the same hour'
373
- );
374
  } else {
375
- SucuriScanInterface::error('Invalid number of failed logins per hour');
376
  }
377
  }
378
  }
@@ -397,31 +393,31 @@ function sucuriscan_settings_alerts_events($nonce)
397
  $params['Alerts.NoAlertsVisibility'] = 'hidden';
398
 
399
  $notify_options = array(
400
- 'sucuriscan_notify_plugin_change' => 'setting:' . 'Receive email alerts for changes in the settings of the plugin',
401
- 'sucuriscan_prettify_mails' => 'setting:' . 'Receive email alerts in HTML <em>(there may be issues with some mail services)</em>',
402
- 'sucuriscan_use_wpmail' => 'setting:' . 'Use WordPress functions to send mails <em>(uncheck to use native PHP functions)</em>',
403
- 'sucuriscan_lastlogin_redirection' => 'setting:' . 'Allow redirection after login to report the last-login information',
404
- 'sucuriscan_notify_scan_checksums' => 'setting:' . 'Receive email alerts for core integrity checks',
405
- 'sucuriscan_notify_available_updates' => 'setting:' . 'Receive email alerts for available updates',
406
- 'sucuriscan_notify_user_registration' => 'user:' . 'Receive email alerts for new user registration',
407
- 'sucuriscan_notify_success_login' => 'user:' . 'Receive email alerts for successful login attempts',
408
- 'sucuriscan_notify_failed_login' => 'user:' . 'Receive email alerts for failed login attempts <em>(you may receive tons of emails)</em>',
409
- 'sucuriscan_notify_bruteforce_attack' => 'user:' . 'Receive email alerts for password guessing attacks <em>(summary of failed logins per hour)</em>',
410
- 'sucuriscan_notify_post_publication' => 'setting:' . 'Receive email alerts for changes in the post status <em>(configure from Ignore Posts Changes)</em>',
411
- 'sucuriscan_notify_website_updated' => 'setting:' . 'Receive email alerts when the WordPress version is updated',
412
- 'sucuriscan_notify_settings_updated' => 'setting:' . 'Receive email alerts when your website settings are updated',
413
- 'sucuriscan_notify_theme_editor' => 'setting:' . 'Receive email alerts when a file is modified with theme/plugin editor',
414
- 'sucuriscan_notify_plugin_installed' => 'plugin:' . 'Receive email alerts when a <b>plugin is installed</b>',
415
- 'sucuriscan_notify_plugin_activated' => 'plugin:' . 'Receive email alerts when a <b>plugin is activated</b>',
416
- 'sucuriscan_notify_plugin_deactivated' => 'plugin:' . 'Receive email alerts when a <b>plugin is deactivated</b>',
417
- 'sucuriscan_notify_plugin_updated' => 'plugin:' . 'Receive email alerts when a <b>plugin is updated</b>',
418
- 'sucuriscan_notify_plugin_deleted' => 'plugin:' . 'Receive email alerts when a <b>plugin is deleted</b>',
419
- 'sucuriscan_notify_widget_added' => 'widget:' . 'Receive email alerts when a <b>widget is added</b> to a sidebar',
420
- 'sucuriscan_notify_widget_deleted' => 'widget:' . 'Receive email alerts when a <b>widget is deleted</b> from a sidebar',
421
- 'sucuriscan_notify_theme_installed' => 'theme:' . 'Receive email alerts when a <b>theme is installed</b>',
422
- 'sucuriscan_notify_theme_activated' => 'theme:' . 'Receive email alerts when a <b>theme is activated</b>',
423
- 'sucuriscan_notify_theme_updated' => 'theme:' . 'Receive email alerts when a <b>theme is updated</b>',
424
- 'sucuriscan_notify_theme_deleted' => 'theme:' . 'Receive email alerts when a <b>theme is deleted</b>',
425
  );
426
 
427
  /**
@@ -465,11 +461,11 @@ function sucuriscan_settings_alerts_events($nonce)
465
  }
466
 
467
  if ($ucounter > 0) {
468
- $message = 'A total of ' . $ucounter . ' alert events were changed';
469
 
470
  SucuriScanEvent::reportInfoEvent($message);
471
  SucuriScanEvent::notifyEvent('plugin_change', $message);
472
- SucuriScanInterface::info('The alert settings have been updated');
473
  }
474
  }
475
  }
@@ -543,15 +539,15 @@ function sucuriscan_settings_alerts_ignore_posts()
543
 
544
  if ($action === 'add') {
545
  if (!preg_match('/^[a-z_\-]+$/', $ignore_rule)) {
546
- SucuriScanInterface::error('Only lowercase letters, underscores and hyphens are allowed.');
547
  } elseif (array_key_exists($ignore_rule, $ignored_events)) {
548
- SucuriScanInterface::error('The post-type is already being ignored (duplicate).');
549
  } else {
550
  $ignored_events[$ignore_rule] = time();
551
 
552
- SucuriScanInterface::info('Post-type has been successfully ignored.');
553
  SucuriScanOption::updateOption(':ignored_events', $ignored_events);
554
- SucuriScanEvent::reportWarningEvent('Changes in <code>' . $ignore_rule . '</code> post-type will be ignored');
555
  }
556
  }
557
 
@@ -566,16 +562,16 @@ function sucuriscan_settings_alerts_ignore_posts()
566
  }
567
  }
568
 
569
- SucuriScanInterface::info('List of monitored post-types has been updated.');
570
  SucuriScanOption::updateOption(':ignored_events', $ignored_events);
571
- SucuriScanEvent::reportWarningEvent('List of monitored post-types has been updated');
572
  }
573
  }
574
 
575
  /* notifications are post updates are disabled; print error */
576
  if (SucuriScanOption::isDisabled(':notify_post_publication')) {
577
  $params['PostTypes.ErrorVisibility'] = 'visible';
578
- $params['PostTypes.List'] = '<tr><td colspan="4">no data available</td></tr>';
579
 
580
  return SucuriScanTemplate::getSection('settings-alerts-ignore-posts', $params);
581
  }
53
 
54
  if (SucuriScan::isValidEmail($new_email)) {
55
  $emails[] = $new_email;
56
+ $message = sprintf(__('The email alerts will be sent to: <code>%s</code>', 'sucuri-scanner'), $new_email);
57
 
58
  SucuriScanOption::updateOption(':notify_to', implode(',', $emails));
59
+ SucuriScanEvent::reportInfoEvent(sprintf(__('The email alerts will be sent to: %s', 'sucuri-scanner'), $new_email));
60
  SucuriScanEvent::notifyEvent('plugin_change', $message);
61
  SucuriScanInterface::info($message);
62
  } else {
63
+ SucuriScanInterface::error(__('Email format not supported.', 'sucuri-scanner'));
64
  }
65
  }
66
 
79
 
80
  if (!empty($deleted_emails)) {
81
  $deleted_emails_str = implode(",\x20", $deleted_emails);
82
+ $message = sprintf(__('These emails will stop receiving alerts: <code>%s</code>', 'sucuri-scanner'), $deleted_emails_str);
83
 
84
  SucuriScanOption::updateOption(':notify_to', implode(',', $emails));
85
+ SucuriScanEvent::reportInfoEvent(sprintf(__('These emails will stop receiving alerts: %s', 'sucuri-scanner'), $deleted_emails_str));
86
  SucuriScanEvent::notifyEvent('plugin_change', $message);
87
  SucuriScanInterface::info($message);
88
  }
93
  $recipients = SucuriScanOption::getOption(':notify_to');
94
  SucuriScanMail::sendMail(
95
  $recipients,
96
+ __('Test Email Alert', 'sucuri-scanner'),
97
+ sprintf(__('Test email alert sent at %s', 'sucuri-scanner'), SucuriScan::datetime()),
98
  array('Force' => true)
99
  );
100
 
101
+ SucuriScanInterface::info(__('A test alert was sent to your email, check your inbox', 'sucuri-scanner'));
102
  }
103
  }
104
 
143
  $ip_info['added_at'] = time();
144
 
145
  if ($cache->exists($cache_key)) {
146
+ SucuriScanInterface::error(__('The IP specified address was already added.', 'sucuri-scanner'));
147
  } elseif ($cache->add($cache_key, $ip_info)) {
148
+ SucuriScanEvent::reportWarningEvent(sprintf(__('IP has been trusted: %s', 'sucuri-scanner'), $trust_ip));
149
+ SucuriScanInterface::info(sprintf(__('Events generated from this IP will be ignored: <code>%s</code>', 'sucuri-scanner'), $trust_ip));
150
  } else {
151
+ SucuriScanInterface::error(__('The IP address could not be added to the trusted list', 'sucuri-scanner'));
152
  }
153
  }
154
  }
161
  $cache->delete($cache_key);
162
  }
163
 
164
+ SucuriScanInterface::info(__('The selected IP addresses were successfully deleted.', 'sucuri-scanner'));
165
  }
166
  }
167
 
170
  if ($trusted_ips) {
171
  foreach ($trusted_ips as $cache_key => $ip_info) {
172
  if ($ip_info->cidr_range == 32) {
173
+ $ip_info->cidr_format = __('n/a', 'sucuri-scanner');
174
  }
175
 
176
  $params['TrustedIPs.List'] .= SucuriScanTemplate::getSnippet(
205
  );
206
 
207
  $subjects = array(
208
+ sprintf(__('Sucuri Alert, %s, %s', 'sucuri-scanner'), ':domain', ':event'),
209
+ sprintf(__('Sucuri Alert, %s, %s, %s', 'sucuri-scanner'), ':domain', ':event', ':remoteaddr'),
210
+ sprintf(__('Sucuri Alert, %s, %s, %s', 'sucuri-scanner'), ':domain', ':event', ':username'),
211
+ sprintf(__('Sucuri Alert, %s, %s, %s', 'sucuri-scanner'), ':domain', ':event', ':email'),
212
+ sprintf(__('Sucuri Alert, %s, %s', 'sucuri-scanner'), ':event', ':remoteaddr'),
213
+ sprintf(__('Sucuri Alert, %s, %s', 'sucuri-scanner'), ':event', ':hostname'),
214
+ sprintf(__('Sucuri Alert, %s', 'sucuri-scanner'), ':event'),
215
  );
216
 
217
  // Process form submission to change the alert settings.
239
  ) {
240
  $new_subject = trim($custom_subject);
241
  } else {
242
+ SucuriScanInterface::error(__('Invalid characters in the email subject.', 'sucuri-scanner'));
243
  }
244
  } elseif (is_array($subjects) && in_array($email_subject, $subjects)) {
245
  $new_subject = trim($email_subject);
247
 
248
  // Proceed with the operation saving the new subject.
249
  if ($new_subject !== false && $current_value !== $new_subject) {
250
+ $message = sprintf(__('Email subject set to <code>%s</code>', 'sucuri-scanner'), $new_subject);
251
 
252
  SucuriScanOption::updateOption(':email_subject', $new_subject);
253
  SucuriScanEvent::reportInfoEvent($message);
254
  SucuriScanEvent::notifyEvent('plugin_change', $message);
255
+ SucuriScanInterface::info(__('The email subject has been successfully updated', 'sucuri-scanner'));
256
  }
257
  }
258
  }
301
  $params['Alerts.PerHour'] = '';
302
 
303
  $emails_per_hour = array(
304
+ '5' => __('Maximum 5 per hour', 'sucuri-scanner'),
305
+ '10' => __('Maximum 10 per hour', 'sucuri-scanner'),
306
+ '20' => __('Maximum 20 per hour', 'sucuri-scanner'),
307
+ '40' => __('Maximum 40 per hour', 'sucuri-scanner'),
308
+ '80' => __('Maximum 80 per hour', 'sucuri-scanner'),
309
+ '160' => __('Maximum 160 per hour', 'sucuri-scanner'),
310
+ 'unlimited' => __('Unlimited alerts per hour', 'sucuri-scanner'),
311
  );
312
 
313
  if ($nonce) {
317
  if ($per_hour) {
318
  if (array_key_exists($per_hour, $emails_per_hour)) {
319
  $per_hour_label = strtolower($emails_per_hour[$per_hour]);
320
+ $message = sprintf(__('Maximum alerts per hour set to <code>%s</code>', 'sucuri-scanner'), $per_hour_label);
321
 
322
  SucuriScanOption::updateOption(':emails_per_hour', $per_hour);
323
  SucuriScanEvent::reportInfoEvent($message);
324
  SucuriScanEvent::notifyEvent('plugin_change', $message);
325
+ SucuriScanInterface::info(__('The maximum number of alerts per hour has been updated', 'sucuri-scanner'));
326
  } else {
327
+ SucuriScanInterface::error(__('Error updating the maximum number of alerts per hour', 'sucuri-scanner'));
328
  }
329
  }
330
  }
348
  $params['Alerts.BruteForce'] = '';
349
 
350
  $max_failed_logins = array(
351
+ '30' => __('30 failed logins per hour', 'sucuri-scanner'),
352
+ '60' => __('60 failed logins per hour', 'sucuri-scanner'),
353
+ '120' => __('120 failed logins per hour', 'sucuri-scanner'),
354
+ '240' => __('240 failed logins per hour', 'sucuri-scanner'),
355
+ '480' => __('480 failed logins per hour', 'sucuri-scanner'),
356
  );
357
 
358
  if ($nonce) {
361
 
362
  if ($maximum) {
363
  if (array_key_exists($maximum, $max_failed_logins)) {
364
+ $message = sprintf(__('Consider brute-force attack after <code>%s</code> failed logins per hour', 'sucuri-scanner'), $maximum);
365
 
366
  SucuriScanOption::updateOption(':maximum_failed_logins', $maximum);
367
  SucuriScanEvent::reportInfoEvent($message);
368
  SucuriScanEvent::notifyEvent('plugin_change', $message);
369
+ SucuriScanInterface::info(sprintf(__('The plugin will assume that your website is under a brute-force attack after %s failed logins are detected during the same hour', 'sucuri-scanner'), $maximum));
 
 
 
 
370
  } else {
371
+ SucuriScanInterface::error(__('Invalid number of failed logins per hour', 'sucuri-scanner'));
372
  }
373
  }
374
  }
393
  $params['Alerts.NoAlertsVisibility'] = 'hidden';
394
 
395
  $notify_options = array(
396
+ 'sucuriscan_notify_plugin_change' => 'setting:' . __('Receive email alerts for changes in the settings of the plugin', 'sucuri-scanner'),
397
+ 'sucuriscan_prettify_mails' => 'setting:' . __('Receive email alerts in HTML <em>(there may be issues with some mail services)</em>', 'sucuri-scanner'),
398
+ 'sucuriscan_use_wpmail' => 'setting:' . __('Use WordPress functions to send mails <em>(uncheck to use native PHP functions)</em>', 'sucuri-scanner'),
399
+ 'sucuriscan_lastlogin_redirection' => 'setting:' . __('Allow redirection after login to report the last-login information', 'sucuri-scanner'),
400
+ 'sucuriscan_notify_scan_checksums' => 'setting:' . __('Receive email alerts for core integrity checks', 'sucuri-scanner'),
401
+ 'sucuriscan_notify_available_updates' => 'setting:' . __('Receive email alerts for available updates', 'sucuri-scanner'),
402
+ 'sucuriscan_notify_user_registration' => 'user:' . __('Receive email alerts for new user registration', 'sucuri-scanner'),
403
+ 'sucuriscan_notify_success_login' => 'user:' . __('Receive email alerts for successful login attempts', 'sucuri-scanner'),
404
+ 'sucuriscan_notify_failed_login' => 'user:' . __('Receive email alerts for failed login attempts <em>(you may receive tons of emails)</em>', 'sucuri-scanner'),
405
+ 'sucuriscan_notify_bruteforce_attack' => 'user:' . __('Receive email alerts for password guessing attacks <em>(summary of failed logins per hour)</em>', 'sucuri-scanner'),
406
+ 'sucuriscan_notify_post_publication' => 'setting:' . __('Receive email alerts for changes in the post status <em>(configure from Ignore Posts Changes)</em>', 'sucuri-scanner'),
407
+ 'sucuriscan_notify_website_updated' => 'setting:' . __('Receive email alerts when the WordPress version is updated', 'sucuri-scanner'),
408
+ 'sucuriscan_notify_settings_updated' => 'setting:' . __('Receive email alerts when your website settings are updated', 'sucuri-scanner'),
409
+ 'sucuriscan_notify_theme_editor' => 'setting:' . __('Receive email alerts when a file is modified with theme/plugin editor', 'sucuri-scanner'),
410
+ 'sucuriscan_notify_plugin_installed' => 'plugin:' . __('Receive email alerts when a <b>plugin is installed</b>', 'sucuri-scanner'),
411
+ 'sucuriscan_notify_plugin_activated' => 'plugin:' . __('Receive email alerts when a <b>plugin is activated</b>', 'sucuri-scanner'),
412
+ 'sucuriscan_notify_plugin_deactivated' => 'plugin:' . __('Receive email alerts when a <b>plugin is deactivated</b>', 'sucuri-scanner'),
413
+ 'sucuriscan_notify_plugin_updated' => 'plugin:' . __('Receive email alerts when a <b>plugin is updated</b>', 'sucuri-scanner'),
414
+ 'sucuriscan_notify_plugin_deleted' => 'plugin:' . __('Receive email alerts when a <b>plugin is deleted</b>', 'sucuri-scanner'),
415
+ 'sucuriscan_notify_widget_added' => 'widget:' . __('Receive email alerts when a <b>widget is added</b> to a sidebar', 'sucuri-scanner'),
416
+ 'sucuriscan_notify_widget_deleted' => 'widget:' . __('Receive email alerts when a <b>widget is deleted</b> from a sidebar', 'sucuri-scanner'),
417
+ 'sucuriscan_notify_theme_installed' => 'theme:' . __('Receive email alerts when a <b>theme is installed</b>', 'sucuri-scanner'),
418
+ 'sucuriscan_notify_theme_activated' => 'theme:' . __('Receive email alerts when a <b>theme is activated</b>', 'sucuri-scanner'),
419
+ 'sucuriscan_notify_theme_updated' => 'theme:' . __('Receive email alerts when a <b>theme is updated</b>', 'sucuri-scanner'),
420
+ 'sucuriscan_notify_theme_deleted' => 'theme:' . __('Receive email alerts when a <b>theme is deleted</b>', 'sucuri-scanner'),
421
  );
422
 
423
  /**
461
  }
462
 
463
  if ($ucounter > 0) {
464
+ $message = sprintf(__('A total of %s alert events were changed', 'sucuri-scanner'), $ucounter );
465
 
466
  SucuriScanEvent::reportInfoEvent($message);
467
  SucuriScanEvent::notifyEvent('plugin_change', $message);
468
+ SucuriScanInterface::info(__('The alert settings have been updated', 'sucuri-scanner'));
469
  }
470
  }
471
  }
539
 
540
  if ($action === 'add') {
541
  if (!preg_match('/^[a-z_\-]+$/', $ignore_rule)) {
542
+ SucuriScanInterface::error(__('Only lowercase letters, underscores and hyphens are allowed.', 'sucuri-scanner'));
543
  } elseif (array_key_exists($ignore_rule, $ignored_events)) {
544
+ SucuriScanInterface::error(__('The post-type is already being ignored (duplicate).', 'sucuri-scanner'));
545
  } else {
546
  $ignored_events[$ignore_rule] = time();
547
 
548
+ SucuriScanInterface::info(__('Post-type has been successfully ignored.', 'sucuri-scanner'));
549
  SucuriScanOption::updateOption(':ignored_events', $ignored_events);
550
+ SucuriScanEvent::reportWarningEvent(sprintf(__('Changes in <code>%s</code> post-type will be ignored', 'sucuri-scanner'), $ignore_rule));
551
  }
552
  }
553
 
562
  }
563
  }
564
 
565
+ SucuriScanInterface::info(__('List of monitored post-types has been updated.', 'sucuri-scanner'));
566
  SucuriScanOption::updateOption(':ignored_events', $ignored_events);
567
+ SucuriScanEvent::reportWarningEvent(__('List of monitored post-types has been updated', 'sucuri-scanner'));
568
  }
569
  }
570
 
571
  /* notifications are post updates are disabled; print error */
572
  if (SucuriScanOption::isDisabled(':notify_post_publication')) {
573
  $params['PostTypes.ErrorVisibility'] = 'visible';
574
+ $params['PostTypes.List'] = sprintf('<tr><td colspan="4">%s</td></tr>', __('no data available', 'sucuri-scanner'));
575
 
576
  return SucuriScanTemplate::getSection('settings-alerts-ignore-posts', $params);
577
  }
src/settings-apiservice.php CHANGED
@@ -33,8 +33,8 @@ function sucuriscan_settings_apiservice_status($nonce)
33
  $params = array();
34
 
35
  $params['ApiStatus.StatusNum'] = '1';
36
- $params['ApiStatus.Status'] = 'Enabled';
37
- $params['ApiStatus.SwitchText'] = 'Disable';
38
  $params['ApiStatus.SwitchValue'] = 'disable';
39
  $params['ApiStatus.WarningVisibility'] = 'visible';
40
  $params['ApiStatus.ErrorVisibility'] = 'hidden';
@@ -47,12 +47,12 @@ function sucuriscan_settings_apiservice_status($nonce)
47
 
48
  if ($api_service) {
49
  $action_d = $api_service . 'd';
50
- $message = 'API service communication was <code>' . $action_d . '</code>';
51
 
52
  SucuriScanEvent::reportInfoEvent($message);
53
  SucuriScanEvent::notifyEvent('plugin_change', $message);
54
  SucuriScanOption::updateOption(':api_service', $action_d);
55
- SucuriScanInterface::info('The status of the API service has been changed');
56
  }
57
  }
58
 
@@ -60,15 +60,15 @@ function sucuriscan_settings_apiservice_status($nonce)
60
 
61
  if ($api_service === 'disabled') {
62
  $params['ApiStatus.StatusNum'] = '0';
63
- $params['ApiStatus.Status'] = 'Disabled';
64
- $params['ApiStatus.SwitchText'] = 'Enable';
65
  $params['ApiStatus.SwitchValue'] = 'enable';
66
  $params['ApiStatus.WarningVisibility'] = 'hidden';
67
  $params['ApiStatus.ErrorVisibility'] = 'visible';
68
  }
69
 
70
  $api_key = SucuriScanAPI::getPluginKey();
71
- $params['ApiStatus.ApiKey'] = $api_key ? $api_key : 'NONE';
72
 
73
  return SucuriScanTemplate::getSection('settings-apiservice-status', $params);
74
  }
@@ -128,17 +128,17 @@ function sucuriscan_settings_apiservice_checksums($nonce)
128
  if (@preg_match($pattern, $url, $match)) {
129
  SucuriScanOption::updateOption(':checksum_api', $match[2]);
130
 
131
- $message = 'Core integrity API changed: ' . SucuriScanAPI::checksumAPI();
132
  SucuriScanEvent::reportInfoEvent($message);
133
  SucuriScanEvent::notifyEvent('plugin_change', $message);
134
- SucuriScanInterface::info('The URL to retrieve the WordPress checksums has been changed');
135
  } else {
136
  SucuriScanOption::deleteOption(':checksum_api');
137
 
138
- $message = 'Core integrity API changed: ' . SucuriScanAPI::checksumAPI();
139
  SucuriScanEvent::reportInfoEvent($message);
140
  SucuriScanEvent::notifyEvent('plugin_change', $message);
141
- SucuriScanInterface::info('The URL to retrieve the WordPress checksums has been changed');
142
  }
143
  }
144
 
33
  $params = array();
34
 
35
  $params['ApiStatus.StatusNum'] = '1';
36
+ $params['ApiStatus.Status'] = __('Enabled', 'sucuri-scanner');
37
+ $params['ApiStatus.SwitchText'] = __('Disable', 'sucuri-scanner');
38
  $params['ApiStatus.SwitchValue'] = 'disable';
39
  $params['ApiStatus.WarningVisibility'] = 'visible';
40
  $params['ApiStatus.ErrorVisibility'] = 'hidden';
47
 
48
  if ($api_service) {
49
  $action_d = $api_service . 'd';
50
+ $message = sprintf(__('API service communication was <code>%s</code>', 'sucuri-scanner'), $action_d);
51
 
52
  SucuriScanEvent::reportInfoEvent($message);
53
  SucuriScanEvent::notifyEvent('plugin_change', $message);
54
  SucuriScanOption::updateOption(':api_service', $action_d);
55
+ SucuriScanInterface::info(__('The status of the API service has been changed', 'sucuri-scanner'));
56
  }
57
  }
58
 
60
 
61
  if ($api_service === 'disabled') {
62
  $params['ApiStatus.StatusNum'] = '0';
63
+ $params['ApiStatus.Status'] = __('Disabled', 'sucuri-scanner');
64
+ $params['ApiStatus.SwitchText'] = __('Enable', 'sucuri-scanner');
65
  $params['ApiStatus.SwitchValue'] = 'enable';
66
  $params['ApiStatus.WarningVisibility'] = 'hidden';
67
  $params['ApiStatus.ErrorVisibility'] = 'visible';
68
  }
69
 
70
  $api_key = SucuriScanAPI::getPluginKey();
71
+ $params['ApiStatus.ApiKey'] = $api_key ? $api_key : __('NONE', 'sucuri-scanner');
72
 
73
  return SucuriScanTemplate::getSection('settings-apiservice-status', $params);
74
  }
128
  if (@preg_match($pattern, $url, $match)) {
129
  SucuriScanOption::updateOption(':checksum_api', $match[2]);
130
 
131
+ $message = sprintf(__('Core integrity API changed: %s', 'sucuri-scanner'), SucuriScanAPI::checksumAPI());
132
  SucuriScanEvent::reportInfoEvent($message);
133
  SucuriScanEvent::notifyEvent('plugin_change', $message);
134
+ SucuriScanInterface::info(__('The URL to retrieve the WordPress checksums has been changed', 'sucuri-scanner'));
135
  } else {
136
  SucuriScanOption::deleteOption(':checksum_api');
137
 
138
+ $message = sprintf(__('Core integrity API changed: %s', 'sucuri-scanner'), SucuriScanAPI::checksumAPI());
139
  SucuriScanEvent::reportInfoEvent($message);
140
  SucuriScanEvent::notifyEvent('plugin_change', $message);
141
+ SucuriScanInterface::info(__('The URL to retrieve the WordPress checksums has been changed', 'sucuri-scanner'));
142
  }
143
  }
144
 
src/settings-general.php CHANGED
@@ -35,15 +35,15 @@ function sucuriscan_settings_general_resetoptions($nonce)
35
  $process = SucuriScanRequest::post(':process_form');
36
 
37
  if (intval($process) === 1) {
38
- $message = 'Local security logs, hardening and settings were deleted';
39
 
40
  sucuriscanResetAndDeactivate(); /* simulate plugin deactivation */
41
 
42
  SucuriScanEvent::reportCriticalEvent($message);
43
  SucuriScanEvent::notifyEvent('plugin_change', $message);
44
- SucuriScanInterface::info('Local security logs, hardening and settings were deleted');
45
  } else {
46
- SucuriScanInterface::error('You need to confirm that you understand the risk of this operation.');
47
  }
48
  }
49
 
@@ -75,9 +75,9 @@ function sucuriscan_settings_general_apikey($nonce)
75
  wp_clear_scheduled_hook('sucuriscan_scheduled_scan');
76
 
77
  $api_key = SucuriScan::escape($api_key);
78
- SucuriScanEvent::reportCriticalEvent('Sucuri API key has been deleted.');
79
- SucuriScanEvent::notifyEvent('plugin_change', 'Sucuri API key removed');
80
- SucuriScanInterface::info('Sucuri API key has been deleted <code>' . $api_key . '</code>');
81
  }
82
 
83
  // Save API key after it was recovered by the administrator.
@@ -86,7 +86,7 @@ function sucuriscan_settings_general_apikey($nonce)
86
  if ($api_key) {
87
  SucuriScanAPI::setPluginKey($api_key, true);
88
  SucuriScanEvent::installScheduledTask();
89
- SucuriScanEvent::reportInfoEvent('Sucuri API key was added manually.');
90
  }
91
 
92
  // Generate new API key from the API service.
@@ -97,14 +97,14 @@ function sucuriscan_settings_general_apikey($nonce)
97
  if ($user_obj && user_can($user_obj, 'administrator')) {
98
  // Check consent
99
  if (SucuriScanRequest::post(':consent_tos') != 1 || SucuriScanRequest::post(':consent_priv') != 1) {
100
- SucuriScanInterface::error('You must accept the Terms of Service and Privacy Policy in order to request an API key.');
101
  unset($_POST['sucuriscan_dns_lookups']);
102
  } else {
103
  // Send request to generate new API key or display form to set manually.
104
  if (SucuriScanAPI::registerSite($user_obj->user_email)) {
105
  $api_registered_modal = SucuriScanTemplate::getModal(
106
  'settings-apiregistered',
107
- array('Title' => 'Site registered successfully')
108
  );
109
  } else {
110
  $display_manual_key_form = true;
@@ -117,9 +117,9 @@ function sucuriscan_settings_general_apikey($nonce)
117
  if (SucuriScanRequest::post(':recover_key') !== false) {
118
  if (SucuriScanAPI::recoverKey()) {
119
  $_GET['recover'] = 'true'; /* display modal window */
120
- SucuriScanEvent::reportInfoEvent('API key recovery (email sent)');
121
  } else {
122
- SucuriScanEvent::reportInfoEvent('API key recovery (failure)');
123
  }
124
  }
125
  }
@@ -129,7 +129,7 @@ function sucuriscan_settings_general_apikey($nonce)
129
  if (SucuriScanRequest::get('recover') !== false) {
130
  $api_recovery_modal = SucuriScanTemplate::getModal(
131
  'settings-apirecovery',
132
- array('Title' => 'Plugin API Key Recovery')
133
  );
134
  }
135
 
@@ -140,7 +140,7 @@ function sucuriscan_settings_general_apikey($nonce)
140
  $invalid_domain = (bool) ($domain_address === $clean_domain);
141
  }
142
 
143
- $params['APIKey'] = (!$api_key ? '(not set)' : $api_key);
144
  $params['APIKey.RecoverVisibility'] = SucuriScanTemplate::visibility(!$api_key);
145
  $params['APIKey.ManualKeyFormVisibility'] = SucuriScanTemplate::visibility($display_manual_key_form);
146
  $params['APIKey.RemoveVisibility'] = SucuriScanTemplate::visibility((bool) $api_key);
@@ -161,20 +161,20 @@ function sucuriscan_settings_general_datastorage($nonce)
161
  {
162
  $params = array();
163
  $files = array(
164
- '<root>' => 'Directory used to store the plugin settings, cache and system logs',
165
- 'auditlogs' => 'Cache to store the system logs obtained from the API service; expires after ' . SUCURISCAN_AUDITLOGS_LIFETIME . ' seconds.',
166
- 'auditqueue' => 'Local queue to store the most recent logs before they are sent to the remote API service.',
167
- 'blockedusers' => 'Deprecated on 1.8.12; it was used to store a list of blocked user names.', /* TODO: deprecated on 1.8.12 */
168
- 'failedlogins' => 'Stores the data for every failed login attempt. The data is moved to "oldfailedlogins" every hour during a brute force password attack.',
169
- 'hookdata' => 'Temporarily stores data to complement the logs during destructive operations like deleting a post, page, comment, etc.',
170
- 'ignorescanning' => 'Stores a list of files and folders chosen by the user to be ignored by the file system scanner.',
171
- 'integrity' => 'Stores a list of files marked as fixed by the user via the WordPress Integrity tool.',
172
- 'lastlogins' => 'Stores the data associated to every successful user login. The data never expires; manually delete if the file is too large.',
173
- 'oldfailedlogins' => 'Stores the data for every failed login attempt after the plugin sends a report about a brute force password attack via email.',
174
- 'plugindata' => 'Cache to store the data associated to the installed plugins listed in the Post-Hack page. Expires after ' . SUCURISCAN_GET_PLUGINS_LIFETIME . ' seconds.',
175
- 'settings' => 'Stores all the options used to configure the functionality and behavior of the plugin.',
176
- 'sitecheck' => 'Cache to store the result of the malware scanner. Expires after ' . SUCURISCAN_SITECHECK_LIFETIME . ' seconds, reset at any time to force a re-scan.',
177
- 'trustip' => 'Stores a list of IP addresses trusted by the plugin, events triggered by one of these IPs will not be reported to the remote monitoring API service.',
178
  );
179
 
180
  $params['Storage.Files'] = '';
@@ -208,7 +208,7 @@ function sucuriscan_settings_general_datastorage($nonce)
208
 
209
  SucuriScanInterface::info(
210
  sprintf(
211
- '%d out of %d files has been deleted',
212
  $deleted,
213
  count($filenames)
214
  )
@@ -226,20 +226,20 @@ function sucuriscan_settings_general_datastorage($nonce)
226
  $fname = ($name ? sprintf('sucuri-%s.php', $name) : '');
227
  $fpath = SucuriScan::dataStorePath($fname);
228
  $disabled = 'disabled="disabled"';
229
- $iswritable = 'Not Writable';
230
- $exists = 'Does Not Exist';
231
  $labelExistence = 'danger';
232
  $labelWritability = 'default';
233
 
234
  if (file_exists($fpath)) {
235
  $fsize = @filesize($fpath);
236
- $exists = 'Exists';
237
  $labelExistence = 'success';
238
  $labelWritability = 'danger';
239
 
240
  if (is_writable($fpath)) {
241
  $disabled = ''; /* Allow file deletion */
242
- $iswritable = 'Writable';
243
  $labelWritability = 'success';
244
  }
245
  }
@@ -301,8 +301,8 @@ function sucuriscan_settings_general_selfhosting($nonce)
301
  $params = array();
302
 
303
  $params['SelfHosting.DisabledVisibility'] = 'visible';
304
- $params['SelfHosting.Status'] = 'Enabled';
305
- $params['SelfHosting.SwitchText'] = 'Disable';
306
  $params['SelfHosting.SwitchValue'] = 'disable';
307
  $params['SelfHosting.FpathVisibility'] = 'hidden';
308
  $params['SelfHosting.Fpath'] = '';
@@ -313,29 +313,29 @@ function sucuriscan_settings_general_selfhosting($nonce)
313
 
314
  if ($monitor_fpath !== false) {
315
  if (empty($monitor_fpath)) {
316
- $message = 'Log exporter was disabled';
317
 
318
  SucuriScanEvent::reportInfoEvent($message);
319
  SucuriScanOption::deleteOption(':selfhosting_fpath');
320
  SucuriScanOption::updateOption(':selfhosting_monitor', 'disabled');
321
  SucuriScanEvent::notifyEvent('plugin_change', $message);
322
- SucuriScanInterface::info('The log exporter feature has been disabled');
323
  } elseif (strpos($monitor_fpath, $_SERVER['DOCUMENT_ROOT']) !== false) {
324
- SucuriScanInterface::error('File should not be publicly accessible.');
325
  } elseif (file_exists($monitor_fpath)) {
326
- SucuriScanInterface::error('File already exists and will not be overwritten.');
327
  } elseif (!is_writable(dirname($monitor_fpath))) {
328
- SucuriScanInterface::error('File parent directory is not writable.');
329
  } else {
330
  @file_put_contents($monitor_fpath, '', LOCK_EX);
331
 
332
- $message = 'Log exporter file path was correctly set';
333
 
334
  SucuriScanEvent::reportInfoEvent($message);
335
  SucuriScanOption::updateOption(':selfhosting_monitor', 'enabled');
336
  SucuriScanOption::updateOption(':selfhosting_fpath', $monitor_fpath);
337
  SucuriScanEvent::notifyEvent('plugin_change', $message);
338
- SucuriScanInterface::info('The log exporter feature has been enabled and the data file was successfully set.');
339
  }
340
  }
341
  }
@@ -344,8 +344,8 @@ function sucuriscan_settings_general_selfhosting($nonce)
344
  $monitor_fpath = SucuriScanOption::getOption(':selfhosting_fpath');
345
 
346
  if ($monitor === 'disabled') {
347
- $params['SelfHosting.Status'] = 'Disabled';
348
- $params['SelfHosting.SwitchText'] = 'Enable';
349
  $params['SelfHosting.SwitchValue'] = 'enable';
350
  }
351
 
@@ -367,8 +367,8 @@ function sucuriscan_settings_general_selfhosting($nonce)
367
  function sucuriscan_settings_general_reverseproxy($nonce)
368
  {
369
  $params = array(
370
- 'ReverseProxyStatus' => 'Enabled',
371
- 'ReverseProxySwitchText' => 'Disable',
372
  'ReverseProxySwitchValue' => 'disable',
373
  );
374
 
@@ -388,8 +388,8 @@ function sucuriscan_settings_general_reverseproxy($nonce)
388
  }
389
 
390
  if (SucuriScanOption::isDisabled(':revproxy')) {
391
- $params['ReverseProxyStatus'] = 'Disabled';
392
- $params['ReverseProxySwitchText'] = 'Enable';
393
  $params['ReverseProxySwitchValue'] = 'enable';
394
  }
395
 
@@ -405,17 +405,17 @@ function sucuriscan_settings_general_reverseproxy($nonce)
405
  function sucuriscan_settings_general_ipdiscoverer($nonce)
406
  {
407
  $params = array(
408
- 'TopLevelDomain' => 'unknown',
409
- 'WebsiteHostName' => 'unknown',
410
- 'WebsiteHostAddress' => 'unknown',
411
- 'IsUsingFirewall' => 'unknown',
412
- 'WebsiteURL' => 'unknown',
413
  'RemoteAddress' => '127.0.0.1',
414
- 'RemoteAddressHeader' => 'INVALID',
415
  'AddrHeaderOptions' => '',
416
  /* Switch form information. */
417
- 'DnsLookupsStatus' => 'Enabled',
418
- 'DnsLookupsSwitchText' => 'Disable',
419
  'DnsLookupsSwitchValue' => 'disable',
420
  );
421
 
@@ -429,12 +429,12 @@ function sucuriscan_settings_general_ipdiscoverer($nonce)
429
 
430
  if ($dns_lookups) {
431
  $action_d = $dns_lookups . 'd';
432
- $message = 'DNS lookups for reverse proxy detection <code>' . $action_d . '</code>';
433
 
434
  SucuriScanOption::updateOption(':dns_lookups', $action_d);
435
  SucuriScanEvent::reportInfoEvent($message);
436
  SucuriScanEvent::notifyEvent('plugin_change', $message);
437
- SucuriScanInterface::info('The status of the DNS lookups for the reverse proxy detection has been changed');
438
  }
439
 
440
  if ($addr_header) {
@@ -449,8 +449,8 @@ function sucuriscan_settings_general_ipdiscoverer($nonce)
449
  }
450
 
451
  if (SucuriScanOption::isDisabled(':dns_lookups')) {
452
- $params['DnsLookupsStatus'] = 'Disabled';
453
- $params['DnsLookupsSwitchText'] = 'Enable';
454
  $params['DnsLookupsSwitchValue'] = 'enable';
455
  }
456
 
@@ -582,16 +582,16 @@ function sucuriscan_settings_general_importexport($nonce)
582
 
583
  SucuriScanInterface::info(
584
  sprintf(
585
- '%d out of %d option have been successfully imported',
586
  $count,
587
  $total
588
  )
589
  );
590
  } else {
591
- SucuriScanInterface::error('Data is incorrectly encoded');
592
  }
593
  } else {
594
- SucuriScanInterface::error('You need to confirm that you understand the risk of this operation.');
595
  }
596
  }
597
 
@@ -646,12 +646,12 @@ function sucuriscan_settings_general_timezone($nonce)
646
  $timezone = SucuriScanRequest::post(':timezone', $pattern);
647
 
648
  if ($timezone) {
649
- $message = 'Timezone override will use ' . $timezone;
650
 
651
  SucuriScanOption::updateOption(':timezone', $timezone);
652
  SucuriScanEvent::reportInfoEvent($message);
653
  SucuriScanEvent::notifyEvent('plugin_change', $message);
654
- SucuriScanInterface::info('The timezone for the date and time in the audit logs has been changed');
655
  }
656
  }
657
 
35
  $process = SucuriScanRequest::post(':process_form');
36
 
37
  if (intval($process) === 1) {
38
+ $message = __('Local security logs, hardening and settings were deleted', 'sucuri-scanner');
39
 
40
  sucuriscanResetAndDeactivate(); /* simulate plugin deactivation */
41
 
42
  SucuriScanEvent::reportCriticalEvent($message);
43
  SucuriScanEvent::notifyEvent('plugin_change', $message);
44
+ SucuriScanInterface::info(__('Local security logs, hardening and settings were deleted', 'sucuri-scanner'));
45
  } else {
46
+ SucuriScanInterface::error(__('You need to confirm that you understand the risk of this operation.', 'sucuri-scanner'));
47
  }
48
  }
49
 
75
  wp_clear_scheduled_hook('sucuriscan_scheduled_scan');
76
 
77
  $api_key = SucuriScan::escape($api_key);
78
+ SucuriScanEvent::reportCriticalEvent(__('Sucuri API key has been deleted.', 'sucuri-scanner'));
79
+ SucuriScanEvent::notifyEvent('plugin_change', __('Sucuri API key removed', 'sucuri-scanner'));
80
+ SucuriScanInterface::info(sprintf(__('Sucuri API key has been deleted <code>%s</code>', 'sucuri-scanner'), $api_key));
81
  }
82
 
83
  // Save API key after it was recovered by the administrator.
86
  if ($api_key) {
87
  SucuriScanAPI::setPluginKey($api_key, true);
88
  SucuriScanEvent::installScheduledTask();
89
+ SucuriScanEvent::reportInfoEvent(__('Sucuri API key was added manually.', 'sucuri-scanner'));
90
  }
91
 
92
  // Generate new API key from the API service.
97
  if ($user_obj && user_can($user_obj, 'administrator')) {
98
  // Check consent
99
  if (SucuriScanRequest::post(':consent_tos') != 1 || SucuriScanRequest::post(':consent_priv') != 1) {
100
+ SucuriScanInterface::error(__('You must accept the Terms of Service and Privacy Policy in order to request an API key.', 'sucuri-scanner'));
101
  unset($_POST['sucuriscan_dns_lookups']);
102
  } else {
103
  // Send request to generate new API key or display form to set manually.
104
  if (SucuriScanAPI::registerSite($user_obj->user_email)) {
105
  $api_registered_modal = SucuriScanTemplate::getModal(
106
  'settings-apiregistered',
107
+ array('Title' => __('Site registered successfully', 'sucuri-scanner'))
108
  );
109
  } else {
110
  $display_manual_key_form = true;
117
  if (SucuriScanRequest::post(':recover_key') !== false) {
118
  if (SucuriScanAPI::recoverKey()) {
119
  $_GET['recover'] = 'true'; /* display modal window */
120
+ SucuriScanEvent::reportInfoEvent(__('API key recovery (email sent)', 'sucuri-scanner'));
121
  } else {
122
+ SucuriScanEvent::reportInfoEvent(__('API key recovery (failure)', 'sucuri-scanner'));
123
  }
124
  }
125
  }
129
  if (SucuriScanRequest::get('recover') !== false) {
130
  $api_recovery_modal = SucuriScanTemplate::getModal(
131
  'settings-apirecovery',
132
+ array('Title' => __('Plugin API Key Recovery', 'sucuri-scanner'))
133
  );
134
  }
135
 
140
  $invalid_domain = (bool) ($domain_address === $clean_domain);
141
  }
142
 
143
+ $params['APIKey'] = (!$api_key ? __('(not set)', 'sucuri-scanner') : $api_key);
144
  $params['APIKey.RecoverVisibility'] = SucuriScanTemplate::visibility(!$api_key);
145
  $params['APIKey.ManualKeyFormVisibility'] = SucuriScanTemplate::visibility($display_manual_key_form);
146
  $params['APIKey.RemoveVisibility'] = SucuriScanTemplate::visibility((bool) $api_key);
161
  {
162
  $params = array();
163
  $files = array(
164
+ '<root>' => __('Directory used to store the plugin settings, cache and system logs', 'sucuri-scanner'),
165
+ 'auditlogs' => sprintf(__('Cache to store the system logs obtained from the API service; expires after %s seconds.', 'sucuri-scanner'), SUCURISCAN_AUDITLOGS_LIFETIME),
166
+ 'auditqueue' => __('Local queue to store the most recent logs before they are sent to the remote API service.', 'sucuri-scanner'),
167
+ 'blockedusers' => __('Deprecated on 1.8.12; it was used to store a list of blocked user names.', 'sucuri-scanner'), /* TODO: deprecated on 1.8.12 */
168
+ 'failedlogins' => __('Stores the data for every failed login attempt. The data is moved to "oldfailedlogins" every hour during a brute force password attack.', 'sucuri-scanner'),
169
+ 'hookdata' => __('Temporarily stores data to complement the logs during destructive operations like deleting a post, page, comment, etc.', 'sucuri-scanner'),
170
+ 'ignorescanning' => __('Stores a list of files and folders chosen by the user to be ignored by the file system scanner.', 'sucuri-scanner'),
171
+ 'integrity' => __('Stores a list of files marked as fixed by the user via the WordPress Integrity tool.', 'sucuri-scanner'),
172
+ 'lastlogins' => __('Stores the data associated to every successful user login. The data never expires; manually delete if the file is too large.', 'sucuri-scanner'),
173
+ 'oldfailedlogins' => __('Stores the data for every failed login attempt after the plugin sends a report about a brute force password attack via email.', 'sucuri-scanner'),
174
+ 'plugindata' => sprintf(__('Cache to store the data associated to the installed plugins listed in the Post-Hack page. Expires after %s seconds.', 'sucuri-scanner'), SUCURISCAN_GET_PLUGINS_LIFETIME),
175
+ 'settings' => __('Stores all the options used to configure the functionality and behavior of the plugin.', 'sucuri-scanner'),
176
+ 'sitecheck' => sprintf(__('Cache to store the result of the malware scanner. Expires after %s seconds, reset at any time to force a re-scan.', 'sucuri-scanner'), SUCURISCAN_SITECHECK_LIFETIME),
177
+ 'trustip' => __('Stores a list of IP addresses trusted by the plugin, events triggered by one of these IPs will not be reported to the remote monitoring API service.', 'sucuri-scanner'),
178
  );
179
 
180
  $params['Storage.Files'] = '';
208
 
209
  SucuriScanInterface::info(
210
  sprintf(
211
+ __('%d out of %d files has been deleted', 'sucuri-scanner'),
212
  $deleted,
213
  count($filenames)
214
  )
226
  $fname = ($name ? sprintf('sucuri-%s.php', $name) : '');
227
  $fpath = SucuriScan::dataStorePath($fname);
228
  $disabled = 'disabled="disabled"';
229
+ $iswritable = __('Not Writable', 'sucuri-scanner');
230
+ $exists = __('Does Not Exist', 'sucuri-scanner');
231
  $labelExistence = 'danger';
232
  $labelWritability = 'default';
233
 
234
  if (file_exists($fpath)) {
235
  $fsize = @filesize($fpath);
236
+ $exists = __('Exists', 'sucuri-scanner');
237
  $labelExistence = 'success';
238
  $labelWritability = 'danger';
239
 
240
  if (is_writable($fpath)) {
241
  $disabled = ''; /* Allow file deletion */
242
+ $iswritable = __('Writable', 'sucuri-scanner');
243
  $labelWritability = 'success';
244
  }
245
  }
301
  $params = array();
302
 
303
  $params['SelfHosting.DisabledVisibility'] = 'visible';
304
+ $params['SelfHosting.Status'] = __('Enabled', 'sucuri-scanner');
305
+ $params['SelfHosting.SwitchText'] = __('Disable', 'sucuri-scanner');
306
  $params['SelfHosting.SwitchValue'] = 'disable';
307
  $params['SelfHosting.FpathVisibility'] = 'hidden';
308
  $params['SelfHosting.Fpath'] = '';
313
 
314
  if ($monitor_fpath !== false) {
315
  if (empty($monitor_fpath)) {
316
+ $message = __('Log exporter was disabled', 'sucuri-scanner');
317
 
318
  SucuriScanEvent::reportInfoEvent($message);
319
  SucuriScanOption::deleteOption(':selfhosting_fpath');
320
  SucuriScanOption::updateOption(':selfhosting_monitor', 'disabled');
321
  SucuriScanEvent::notifyEvent('plugin_change', $message);
322
+ SucuriScanInterface::info(__('The log exporter feature has been disabled', 'sucuri-scanner'));
323
  } elseif (strpos($monitor_fpath, $_SERVER['DOCUMENT_ROOT']) !== false) {
324
+ SucuriScanInterface::error(__('File should not be publicly accessible.', 'sucuri-scanner'));
325
  } elseif (file_exists($monitor_fpath)) {
326
+ SucuriScanInterface::error(__('File already exists and will not be overwritten.', 'sucuri-scanner'));
327
  } elseif (!is_writable(dirname($monitor_fpath))) {
328
+ SucuriScanInterface::error(__('File parent directory is not writable.', 'sucuri-scanner'));
329
  } else {
330
  @file_put_contents($monitor_fpath, '', LOCK_EX);
331
 
332
+ $message = __('Log exporter file path was correctly set', 'sucuri-scanner');
333
 
334
  SucuriScanEvent::reportInfoEvent($message);
335
  SucuriScanOption::updateOption(':selfhosting_monitor', 'enabled');
336
  SucuriScanOption::updateOption(':selfhosting_fpath', $monitor_fpath);
337
  SucuriScanEvent::notifyEvent('plugin_change', $message);
338
+ SucuriScanInterface::info(__('The log exporter feature has been enabled and the data file was successfully set.', 'sucuri-scanner'));
339
  }
340
  }
341
  }
344
  $monitor_fpath = SucuriScanOption::getOption(':selfhosting_fpath');
345
 
346
  if ($monitor === 'disabled') {
347
+ $params['SelfHosting.Status'] = __('Disabled', 'sucuri-scanner');
348
+ $params['SelfHosting.SwitchText'] = __('Enable', 'sucuri-scanner');
349
  $params['SelfHosting.SwitchValue'] = 'enable';
350
  }
351
 
367
  function sucuriscan_settings_general_reverseproxy($nonce)
368
  {
369
  $params = array(
370
+ 'ReverseProxyStatus' => __('Enabled', 'sucuri-scanner'),
371
+ 'ReverseProxySwitchText' => __('Disable', 'sucuri-scanner'),
372
  'ReverseProxySwitchValue' => 'disable',
373
  );
374
 
388
  }
389
 
390
  if (SucuriScanOption::isDisabled(':revproxy')) {
391
+ $params['ReverseProxyStatus'] = __('Disabled', 'sucuri-scanner');
392
+ $params['ReverseProxySwitchText'] = __('Enable', 'sucuri-scanner');
393
  $params['ReverseProxySwitchValue'] = 'enable';
394
  }
395
 
405
  function sucuriscan_settings_general_ipdiscoverer($nonce)
406
  {
407
  $params = array(
408
+ 'TopLevelDomain' => __('unknown', 'sucuri-scanner'),
409
+ 'WebsiteHostName' => __('unknown', 'sucuri-scanner'),
410
+ 'WebsiteHostAddress' => __('unknown', 'sucuri-scanner'),
411
+ 'IsUsingFirewall' => __('unknown', 'sucuri-scanner'),
412
+ 'WebsiteURL' => __('unknown', 'sucuri-scanner'),
413
  'RemoteAddress' => '127.0.0.1',
414
+ 'RemoteAddressHeader' => __('INVALID', 'sucuri-scanner'),
415
  'AddrHeaderOptions' => '',
416
  /* Switch form information. */
417
+ 'DnsLookupsStatus' => __('Enabled', 'sucuri-scanner'),
418
+ 'DnsLookupsSwitchText' => __('Disable', 'sucuri-scanner'),
419
  'DnsLookupsSwitchValue' => 'disable',
420
  );
421
 
429
 
430
  if ($dns_lookups) {
431
  $action_d = $dns_lookups . 'd';
432
+ $message = sprintf(__('DNS lookups for reverse proxy detection <code>%s</code>', 'sucuri-scanner'), $action_d);
433
 
434
  SucuriScanOption::updateOption(':dns_lookups', $action_d);
435
  SucuriScanEvent::reportInfoEvent($message);
436
  SucuriScanEvent::notifyEvent('plugin_change', $message);
437
+ SucuriScanInterface::info(__('The status of the DNS lookups for the reverse proxy detection has been changed', 'sucuri-scanner'));
438
  }
439
 
440
  if ($addr_header) {
449
  }
450
 
451
  if (SucuriScanOption::isDisabled(':dns_lookups')) {
452
+ $params['DnsLookupsStatus'] = __('Disabled', 'sucuri-scanner');
453
+ $params['DnsLookupsSwitchText'] = __('Enable', 'sucuri-scanner');
454
  $params['DnsLookupsSwitchValue'] = 'enable';
455
  }
456
 
582
 
583
  SucuriScanInterface::info(
584
  sprintf(
585
+ __('%d out of %d option have been successfully imported', 'sucuri-scanner'),
586
  $count,
587
  $total
588
  )
589
  );
590
  } else {
591
+ SucuriScanInterface::error(__('Data is incorrectly encoded', 'sucuri-scanner'));
592
  }
593
  } else {
594
+ SucuriScanInterface::error(__('You need to confirm that you understand the risk of this operation.', 'sucuri-scanner'));
595
  }
596
  }
597
 
646
  $timezone = SucuriScanRequest::post(':timezone', $pattern);
647
 
648
  if ($timezone) {
649
+ $message = sprintf(__('Timezone override will use %s', 'sucuri-scanner'), $timezone);
650
 
651
  SucuriScanOption::updateOption(':timezone', $timezone);
652
  SucuriScanEvent::reportInfoEvent($message);
653
  SucuriScanEvent::notifyEvent('plugin_change', $message);
654
+ SucuriScanInterface::info(__('The timezone for the date and time in the audit logs has been changed', 'sucuri-scanner'));
655
  }
656
  }
657
 
src/settings-hardening.php CHANGED
@@ -99,27 +99,21 @@ class SucuriScanHardeningPage extends SucuriScan
99
 
100
  if (self::processRequest(__FUNCTION__)) {
101
  SucuriScanInterface::error(
102
- 'The firewall is a premium service that you need purchase at -'
103
- . ' <a href="https://goo.gl/qfNkMq" target="_blank">Sucuri Fir'
104
- . 'ewall</a>'
105
  );
106
  }
107
 
108
  $params['Hardening.FieldName'] = __FUNCTION__;
109
- $params['Hardening.Title'] = 'Website Firewall Protection';
110
- $params['Hardening.Description'] = 'A WAF is a protection layer for yo'
111
- . 'ur web site, blocking all sort of attacks (brute force attempts, DD'
112
- . 'oS, SQL injections, etc) and helping it remain malware and blacklis'
113
- . 't free. This test checks if your site is using Sucuri Firewall to p'
114
- . 'rotect your site.';
115
 
116
  if (!SucuriScan::isBehindFirewall()) {
117
  $params['Hardening.Status'] = 0;
118
- $params['Hardening.FieldText'] = 'Apply Hardening';
119
  } else {
120
  $params['Hardening.Status'] = 1;
121
  $params['Hardening.FieldAttrs'] = 'disabled';
122
- $params['Hardening.FieldText'] = 'Revert Hardening';
123
  }
124
 
125
  return self::drawSection($params);
@@ -144,17 +138,13 @@ class SucuriScanHardeningPage extends SucuriScan
144
 
145
  $params['URL.Settings'] = admin_url('update-core.php');
146
  $params['Hardening.Status'] = 0;
147
- $params['Hardening.FieldText'] = 'Check Updates Now';
148
- $params['Hardening.Title'] = 'Verify WordPress Version';
149
- $params['Hardening.Description'] = 'Why keep your site updated? WordPr'
150
- . 'ess is an open-source project which means that with every update th'
151
- . 'e details of the changes made to the source code are made public, i'
152
- . 'f there were security fixes then someone with malicious intent can '
153
- . 'use this information to attack any site that has not been upgraded.';
154
 
155
  if (isset($updates[0]) && $updates[0] instanceof stdClass) {
156
  if ($updates[0]->response == 'latest' || $updates[0]->response == 'development') {
157
- $params['Hardening.FieldText'] = 'WordPress Update Available';
158
  $params['Hardening.FieldAttrs'] = 'disabled';
159
  $params['Hardening.Status'] = 1;
160
  }
@@ -186,23 +176,21 @@ class SucuriScanHardeningPage extends SucuriScan
186
 
187
  if (self::processRequest(__FUNCTION__)) {
188
  SucuriScanInterface::error(
189
- 'Ask your hosting provider to install an updated version of PH'
190
- . 'P - <a href="http://php.net/supported-versions.php" target='
191
- . '"_blank" rel="noopener">List of PHP Supported Versions</a>'
192
  );
193
  }
194
 
195
  $params['Hardening.FieldName'] = __FUNCTION__;
196
- $params['Hardening.Title'] = 'Verify PHP Version';
197
- $params['Hardening.Description'] = sprintf('PHP %s is installed.', PHP_VERSION);
198
 
199
  if (intval(version_compare(PHP_VERSION, '5.6.0') >= 0)) {
200
  $params['Hardening.Status'] = 1;
201
  $params['Hardening.FieldAttrs'] = 'disabled';
202
- $params['Hardening.FieldText'] = 'Revert Hardening';
203
  } else {
204
  $params['Hardening.Status'] = 0;
205
- $params['Hardening.FieldText'] = 'Apply Hardening';
206
  }
207
 
208
  return self::drawSection($params);
@@ -219,17 +207,11 @@ class SucuriScanHardeningPage extends SucuriScan
219
  {
220
  $params = array();
221
 
222
- $params['Hardening.Title'] = 'Remove WordPress Version';
223
  $params['Hardening.Status'] = 1;
224
- $params['Hardening.FieldText'] = 'Revert Hardening';
225
  $params['Hardening.FieldAttrs'] = 'disabled';
226
- $params['Hardening.Description'] = 'It checks if your WordPress versio'
227
- . 'n is being leaked to the public via a HTML meta-tag. Many web vulne'
228
- . 'rability scanners use this to determine which version of the code i'
229
- . 's running in your website. They use this to find disclosed vulnerab'
230
- . 'ilities associated to this version number. A vulnerability scanner '
231
- . 'can still guess which version of WordPress is installed by comparin'
232
- . 'g the checksum of some static files.';
233
 
234
  return self::drawSection($params);
235
  }
@@ -249,24 +231,15 @@ class SucuriScanHardeningPage extends SucuriScan
249
 
250
  if (self::processRequest(__FUNCTION__)) {
251
  SucuriScanInterface::error(
252
- 'Read the official WordPress guidelines to learn how to restri'
253
- . 'ct access to PHP files in sensitive directories - <a href="'
254
- . 'https://codex.wordpress.org/Nginx#Global_restrictions_file"'
255
- . ' target="_blank" rel="noopener">Nginx Global Restrictions F'
256
- . 'or WordPress</a>'
257
  );
258
  }
259
 
260
- $params['Hardening.Title'] = 'Block of Certain PHP Files';
261
  $params['Hardening.Status'] = 2;
262
  $params['Hardening.FieldName'] = __FUNCTION__;
263
- $params['Hardening.FieldText'] = 'Check Hardening';
264
- $params['Hardening.Description'] = 'Block the execution of PHP files i'
265
- . 'n sensitive directories. Be careful while applying this hardening o'
266
- . 'ption as there are many plugins and theme which rely on the ability'
267
- . ' to execute PHP files in the content directory to generate images o'
268
- . 'r save temporary data. Use the "Whitelist PHP Files" tool to add ex'
269
- . 'ceptions to individual files.';
270
 
271
  return self::drawSection($params);
272
  }
@@ -293,10 +266,10 @@ class SucuriScanHardeningPage extends SucuriScan
293
  $result = SucuriScanHardening::hardenDirectory($folder);
294
 
295
  if ($result === true) {
296
- SucuriScanEvent::reportNoticeEvent('Hardening applied to the uploads directory');
297
- SucuriScanInterface::info('Hardening applied to the uploads directory');
298
  } else {
299
- SucuriScanInterface::error('Error hardening directory, check the permissions.');
300
  }
301
  }
302
 
@@ -304,33 +277,28 @@ class SucuriScanHardeningPage extends SucuriScan
304
  $result = SucuriScanHardening::unhardenDirectory($folder);
305
 
306
  if ($result === true) {
307
- SucuriScanEvent::reportErrorEvent('Hardening reverted in the uploads directory');
308
- SucuriScanInterface::info('Hardening reverted in the uploads directory');
309
  } else {
310
- SucuriScanInterface::error('Access file is not writable, check the permissions.');
311
  }
312
  }
313
 
314
- $params['Hardening.Title'] = 'Block PHP Files in Uploads Directory';
315
- $params['Hardening.Description'] = 'Block the execution of PHP files i'
316
- . 'n sensitive directories. Be careful while applying this hardening o'
317
- . 'ption as there are many plugins and theme which rely on the ability'
318
- . ' to execute PHP files in the content directory to generate images o'
319
- . 'r save temporary data. Use the "Whitelist PHP Files" tool to add ex'
320
- . 'ceptions to individual files.';
321
 
322
  if (SucuriScan::isBehindFirewall()) {
323
  $params['Hardening.Status'] = 1;
324
  $params['Hardening.FieldAttrs'] = 'disabled';
325
- $params['Hardening.FieldText'] = 'Revert Hardening';
326
  } elseif (SucuriScanHardening::isHardened($folder)) {
327
  $params['Hardening.Status'] = 1;
328
  $params['Hardening.FieldName'] = __FUNCTION__ . '_revert';
329
- $params['Hardening.FieldText'] = 'Revert Hardening';
330
  } else {
331
  $params['Hardening.Status'] = 0;
332
  $params['Hardening.FieldName'] = __FUNCTION__;
333
- $params['Hardening.FieldText'] = 'Apply Hardening';
334
  }
335
 
336
  return self::drawSection($params);
@@ -357,10 +325,10 @@ class SucuriScanHardeningPage extends SucuriScan
357
  $result = SucuriScanHardening::hardenDirectory(WP_CONTENT_DIR);
358
 
359
  if ($result === true) {
360
- SucuriScanEvent::reportNoticeEvent('Hardening applied to the content directory');
361
- SucuriScanInterface::info('Hardening applied to the content directory');
362
  } else {
363
- SucuriScanInterface::error('Error hardening directory, check the permissions.');
364
  }
365
  }
366
 
@@ -368,33 +336,28 @@ class SucuriScanHardeningPage extends SucuriScan
368
  $result = SucuriScanHardening::unhardenDirectory(WP_CONTENT_DIR);
369
 
370
  if ($result === true) {
371
- SucuriScanEvent::reportErrorEvent('Hardening reverted in the content directory');
372
- SucuriScanInterface::info('Hardening reverted in the content directory');
373
  } else {
374
- SucuriScanInterface::error('Access file is not writable, check the permissions.');
375
  }
376
  }
377
 
378
- $params['Hardening.Title'] = 'Block PHP Files in WP-CONTENT Directory';
379
- $params['Hardening.Description'] = 'Block the execution of PHP files i'
380
- . 'n sensitive directories. Be careful while applying this hardening o'
381
- . 'ption as there are many plugins and theme which rely on the ability'
382
- . ' to execute PHP files in the content directory to generate images o'
383
- . 'r save temporary data. Use the "Whitelist PHP Files" tool to add ex'
384
- . 'ceptions to individual files.';
385
 
386
  if (SucuriScan::isBehindFirewall()) {
387
  $params['Hardening.Status'] = 1;
388
  $params['Hardening.FieldAttrs'] = 'disabled';
389
- $params['Hardening.FieldText'] = 'Revert Hardening';
390
  } elseif (SucuriScanHardening::isHardened(WP_CONTENT_DIR)) {
391
  $params['Hardening.Status'] = 1;
392
  $params['Hardening.FieldName'] = __FUNCTION__ . '_revert';
393
- $params['Hardening.FieldText'] = 'Revert Hardening';
394
  } else {
395
  $params['Hardening.Status'] = 0;
396
  $params['Hardening.FieldName'] = __FUNCTION__;
397
- $params['Hardening.FieldText'] = 'Apply Hardening';
398
  }
399
 
400
  return self::drawSection($params);
@@ -426,13 +389,13 @@ class SucuriScanHardeningPage extends SucuriScan
426
  try {
427
  SucuriScanHardening::whitelist('wp-tinymce.php', 'wp-includes');
428
  SucuriScanHardening::whitelist('ms-files.php', 'wp-includes');
429
- SucuriScanEvent::reportNoticeEvent('Hardening applied to the library directory');
430
- SucuriScanInterface::info('Hardening applied to the library directory');
431
  } catch (Exception $e) {
432
  SucuriScanInterface::error($e->getMessage());
433
  }
434
  } else {
435
- SucuriScanInterface::error('Error hardening directory, check the permissions.');
436
  }
437
  }
438
 
@@ -442,33 +405,28 @@ class SucuriScanHardeningPage extends SucuriScan
442
  if ($result === true) {
443
  SucuriScanHardening::dewhitelist('wp-tinymce.php', 'wp-includes');
444
  SucuriScanHardening::dewhitelist('ms-files.php', 'wp-includes');
445
- SucuriScanEvent::reportErrorEvent('Hardening reverted in the library directory');
446
- SucuriScanInterface::info('Hardening reverted in the library directory');
447
  } else {
448
- SucuriScanInterface::error('Access file is not writable, check the permissions.');
449
  }
450
  }
451
 
452
- $params['Hardening.Title'] = 'Block PHP Files in WP-INCLUDES Directory';
453
- $params['Hardening.Description'] = 'Block the execution of PHP files i'
454
- . 'n sensitive directories. Be careful while applying this hardening o'
455
- . 'ption as there are many plugins and theme which rely on the ability'
456
- . ' to execute PHP files in the content directory to generate images o'
457
- . 'r save temporary data. Use the "Whitelist PHP Files" tool to add ex'
458
- . 'ceptions to individual files.';
459
 
460
  if (SucuriScan::isBehindFirewall()) {
461
  $params['Hardening.Status'] = 1;
462
  $params['Hardening.FieldAttrs'] = 'disabled';
463
- $params['Hardening.FieldText'] = 'Revert Hardening';
464
  } elseif (SucuriScanHardening::isHardened($folder)) {
465
  $params['Hardening.Status'] = 1;
466
  $params['Hardening.FieldName'] = __FUNCTION__ . '_revert';
467
- $params['Hardening.FieldText'] = 'Revert Hardening';
468
  } else {
469
  $params['Hardening.Status'] = 0;
470
  $params['Hardening.FieldName'] = __FUNCTION__;
471
- $params['Hardening.FieldText'] = 'Apply Hardening';
472
  }
473
 
474
  return self::drawSection($params);
@@ -487,27 +445,23 @@ class SucuriScanHardeningPage extends SucuriScan
487
 
488
  if (self::processRequest(__FUNCTION__)) {
489
  if (@unlink(ABSPATH . '/readme.html') === false) {
490
- SucuriScanInterface::error('Cannot delete <code>' . ABSPATH . '/readme.html</code>');
491
  } else {
492
- SucuriScanEvent::reportNoticeEvent('Hardening applied to the <code>readme.html</code> file');
493
- SucuriScanInterface::info('Hardening applied to the <code>readme.html</code> file');
494
  }
495
  }
496
 
497
- $params['Hardening.Title'] = 'Information Leakage';
498
- $params['Hardening.Description'] = 'Checks if the WordPress README fil'
499
- . 'e still exists in the website. The information in this file can be '
500
- . 'used by malicious users to pin-point which disclosed vulnerabilitie'
501
- . 's are associated to the website. Be aware that WordPress recreates '
502
- . 'this file automatically with every update.';
503
 
504
  if (file_exists(ABSPATH . '/readme.html')) {
505
  $params['Hardening.Status'] = 0;
506
  $params['Hardening.FieldName'] = __FUNCTION__;
507
- $params['Hardening.FieldText'] = 'Apply Hardening';
508
  } else {
509
  $params['Hardening.Status'] = 1;
510
- $params['Hardening.FieldText'] = 'Revert Hardening';
511
  $params['Hardening.FieldAttrs'] = 'disabled';
512
  }
513
 
@@ -534,20 +488,17 @@ class SucuriScanHardeningPage extends SucuriScan
534
  $results = $user_query->get_results();
535
 
536
  $params['URL.Settings'] = admin_url('users.php?role=administrator');
537
- $params['Hardening.Title'] = 'Default Admin Account';
538
- $params['Hardening.Description'] = 'Check if the primary user account '
539
- . 'still uses the name "admin". This allows malicious users to easily '
540
- . 'identify which account has the highest privileges to target an atta'
541
- . 'ck.';
542
 
543
  if (count($results) === 0) {
544
  $params['Hardening.Status'] = 1;
545
  $params['Hardening.FieldAttrs'] = 'disabled';
546
- $params['Hardening.FieldText'] = 'Revert Hardening';
547
  } else {
548
  $params['Hardening.Status'] = 0;
549
  $params['Hardening.FieldName'] = __FUNCTION__;
550
- $params['Hardening.FieldText'] = 'Apply Hardening';
551
  }
552
 
553
  return self::drawSection($params);
@@ -567,9 +518,9 @@ class SucuriScanHardeningPage extends SucuriScan
567
  $config = SucuriScan::getConfigPath();
568
 
569
  if (!$config) {
570
- SucuriScanInterface::error('WordPress configuration file was not found.');
571
  } elseif (!is_writable($config)) {
572
- SucuriScanInterface::error('WordPress configuration file is not writable.');
573
  } else {
574
  $content = SucuriScanFileInfo::fileContent($config);
575
  $lines = explode("\n", $content);
@@ -589,8 +540,8 @@ class SucuriScanHardeningPage extends SucuriScan
589
  $fileEditorWasDisabled = true;
590
  $content = implode("\n", $newlines);
591
  @file_put_contents($config, $content, LOCK_EX);
592
- SucuriScanEvent::reportNoticeEvent('Hardening applied to the plugin and theme editor');
593
- SucuriScanInterface::info('Hardening applied to the plugin and theme editor');
594
  }
595
  }
596
 
@@ -598,9 +549,9 @@ class SucuriScanHardeningPage extends SucuriScan
598
  $config = SucuriScan::getConfigPath();
599
 
600
  if (!$config) {
601
- SucuriScanInterface::error('WordPress configuration file was not found.');
602
  } elseif (!is_writable($config)) {
603
- SucuriScanInterface::error('WordPress configuration file is not writable.');
604
  } else {
605
  $content = SucuriScanFileInfo::fileContent($config);
606
  $lines = explode("\n", $content);
@@ -618,37 +569,29 @@ class SucuriScanHardeningPage extends SucuriScan
618
 
619
  if (!$hardeningWasReverted) {
620
  SucuriScanInterface::error(
621
- 'File Editor was not disabled using this tool. You mus'
622
- . 't scan your project for a constant defined as DISAL'
623
- . 'LOW_FILE_EDIT, then either delete it or set its val'
624
- . 'ue to False. Any plugin/theme can disable the file '
625
- . 'editor, so it is impossible to determine the origin'
626
- . ' of the constant.'
627
  );
628
  } else {
629
  $fileEditorWasDisabled = false;
630
  $content = implode("\n", $newlines);
631
  @file_put_contents($config, $content, LOCK_EX);
632
- SucuriScanEvent::reportErrorEvent('Hardening reverted in the plugin and theme editor');
633
- SucuriScanInterface::info('Hardening reverted in the plugin and theme editor');
634
  }
635
  }
636
  }
637
 
638
- $params['Hardening.Title'] = 'Plugin and Theme Editor';
639
- $params['Hardening.Description'] = 'Disables the theme and plugin edit'
640
- . 'ors to prevent unwanted modifications to the code. If you are havin'
641
- . 'g problems reverting this please open the wp-config.php file and de'
642
- . 'lete the line with the constant DISALLOW_FILE_EDIT.';
643
 
644
  if ($fileEditorWasDisabled) {
645
  $params['Hardening.Status'] = 1;
646
  $params['Hardening.FieldName'] = __FUNCTION__ . '_revert';
647
- $params['Hardening.FieldText'] = 'Revert Hardening';
648
  } else {
649
  $params['Hardening.Status'] = 0;
650
  $params['Hardening.FieldName'] = __FUNCTION__;
651
- $params['Hardening.FieldText'] = 'Apply Hardening';
652
  }
653
 
654
  return self::drawSection($params);
@@ -669,12 +612,15 @@ class SucuriScanHardeningPage extends SucuriScan
669
  {
670
  $params = array(
671
  'HardeningWhitelist.List' => '',
 
672
  'HardeningWhitelist.NoItemsVisibility' => 'visible',
673
  );
 
 
674
  $allowed_folders = array(
675
- 'wp-includes',
676
- 'wp-content',
677
- 'wp-content/uploads',
678
  );
679
 
680
  if (SucuriScanInterface::checkNonce()) {
@@ -687,12 +633,12 @@ class SucuriScanHardeningPage extends SucuriScan
687
  if (in_array($folder, $allowed_folders)) {
688
  try {
689
  SucuriScanHardening::whitelist($fwhite, $folder);
690
- SucuriScanInterface::info('The file has been whitelisted from the hardening');
691
  } catch (Exception $e) {
692
  SucuriScanInterface::error($e->getMessage());
693
  }
694
  } else {
695
- SucuriScanInterface::error('Specified folder is not hardened by this plugin');
696
  }
697
  }
698
 
@@ -706,7 +652,7 @@ class SucuriScanHardeningPage extends SucuriScan
706
  SucuriScanHardening::dewhitelist($parts[1], $parts[0]);
707
  }
708
 
709
- SucuriScanInterface::info('Selected files have been removed');
710
  }
711
  }
712
 
@@ -714,6 +660,12 @@ class SucuriScanHardeningPage extends SucuriScan
714
  foreach ($allowed_folders as $folder) {
715
  $files = SucuriScanHardening::getWhitelisted($folder);
716
 
 
 
 
 
 
 
717
  if (is_array($files) && !empty($files)) {
718
  $params['HardeningWhitelist.NoItemsVisibility'] = 'hidden';
719
 
99
 
100
  if (self::processRequest(__FUNCTION__)) {
101
  SucuriScanInterface::error(
102
+ __('The firewall is a premium service that you need purchase at - <a href="https://goo.gl/qfNkMq" target="_blank">Sucuri Firewall</a>', 'sucuri-scanner')
 
 
103
  );
104
  }
105
 
106
  $params['Hardening.FieldName'] = __FUNCTION__;
107
+ $params['Hardening.Title'] = __('Website Firewall Protection', 'sucuri-scanner');
108
+ $params['Hardening.Description'] = __('A WAF is a protection layer for your web site, blocking all sort of attacks (brute force attempts, DDoS, SQL injections, etc) and helping it remain malware and blacklist free. This test checks if your site is using Sucuri Firewall to protect your site.', 'sucuri-scanner');
 
 
 
 
109
 
110
  if (!SucuriScan::isBehindFirewall()) {
111
  $params['Hardening.Status'] = 0;
112
+ $params['Hardening.FieldText'] = __('Apply Hardening', 'sucuri-scanner');
113
  } else {
114
  $params['Hardening.Status'] = 1;
115
  $params['Hardening.FieldAttrs'] = 'disabled';
116
+ $params['Hardening.FieldText'] = __('Revert Hardening', 'sucuri-scanner');
117
  }
118
 
119
  return self::drawSection($params);
138
 
139
  $params['URL.Settings'] = admin_url('update-core.php');
140
  $params['Hardening.Status'] = 0;
141
+ $params['Hardening.FieldText'] = __('Check Updates Now', 'sucuri-scanner');
142
+ $params['Hardening.Title'] = __('Verify WordPress Version', 'sucuri-scanner');
143
+ $params['Hardening.Description'] = __('Why keep your site updated? WordPress is an open-source project which means that with every update the details of the changes made to the source code are made public, if there were security fixes then someone with malicious intent can use this information to attack any site that has not been upgraded.', 'sucuri-scanner');
 
 
 
 
144
 
145
  if (isset($updates[0]) && $updates[0] instanceof stdClass) {
146
  if ($updates[0]->response == 'latest' || $updates[0]->response == 'development') {
147
+ $params['Hardening.FieldText'] = __('WordPress Update Available', 'sucuri-scanner');
148
  $params['Hardening.FieldAttrs'] = 'disabled';
149
  $params['Hardening.Status'] = 1;
150
  }
176
 
177
  if (self::processRequest(__FUNCTION__)) {
178
  SucuriScanInterface::error(
179
+ __('Ask your hosting provider to install an updated version of PHP - <a href="http://php.net/supported-versions.php" target="_blank" rel="noopener">List of PHP Supported Versions</a>', 'sucuri-scanner')
 
 
180
  );
181
  }
182
 
183
  $params['Hardening.FieldName'] = __FUNCTION__;
184
+ $params['Hardening.Title'] = __('Verify PHP Version', 'sucuri-scanner');
185
+ $params['Hardening.Description'] = sprintf(__('PHP %s is installed.', 'sucuri-scanner'), PHP_VERSION);
186
 
187
  if (intval(version_compare(PHP_VERSION, '5.6.0') >= 0)) {
188
  $params['Hardening.Status'] = 1;
189
  $params['Hardening.FieldAttrs'] = 'disabled';
190
+ $params['Hardening.FieldText'] = __('Revert Hardening', 'sucuri-scanner');
191
  } else {
192
  $params['Hardening.Status'] = 0;
193
+ $params['Hardening.FieldText'] = __('Apply Hardening', 'sucuri-scanner');
194
  }
195
 
196
  return self::drawSection($params);
207
  {
208
  $params = array();
209
 
210
+ $params['Hardening.Title'] = __('Remove WordPress Version', 'sucuri-scanner');
211
  $params['Hardening.Status'] = 1;
212
+ $params['Hardening.FieldText'] = __('Revert Hardening', 'sucuri-scanner');
213
  $params['Hardening.FieldAttrs'] = 'disabled';
214
+ $params['Hardening.Description'] = __('It checks if your WordPress version is being leaked to the public via a HTML meta-tag. Many web vulnerability scanners use this to determine which version of the code is running in your website. They use this to find disclosed vulnerabilities associated to this version number. A vulnerability scanner can still guess which version of WordPress is installed by comparing the checksum of some static files.', 'sucuri-scanner');
 
 
 
 
 
 
215
 
216
  return self::drawSection($params);
217
  }
231
 
232
  if (self::processRequest(__FUNCTION__)) {
233
  SucuriScanInterface::error(
234
+ __('Read the official WordPress guidelines to learn how to restrict access to PHP files in sensitive directories - <a href="https://codex.wordpress.org/Nginx#Global_restrictions_file" target="_blank" rel="noopener">Nginx Global Restrictions For WordPress</a>', 'sucuri-scanner')
 
 
 
 
235
  );
236
  }
237
 
238
+ $params['Hardening.Title'] = __('Block of Certain PHP Files', 'sucuri-scanner');
239
  $params['Hardening.Status'] = 2;
240
  $params['Hardening.FieldName'] = __FUNCTION__;
241
+ $params['Hardening.FieldText'] = __('Check Hardening', 'sucuri-scanner');
242
+ $params['Hardening.Description'] = __('Block the execution of PHP files in sensitive directories. Be careful while applying this hardening option as there are many plugins and theme which rely on the ability to execute PHP files in the content directory to generate images or save temporary data. Use the "Whitelist PHP Files" tool to add exceptions to individual files.', 'sucuri-scanner');
 
 
 
 
 
243
 
244
  return self::drawSection($params);
245
  }
266
  $result = SucuriScanHardening::hardenDirectory($folder);
267
 
268
  if ($result === true) {
269
+ SucuriScanEvent::reportNoticeEvent(__('Hardening applied to the uploads directory', 'sucuri-scanner'));
270
+ SucuriScanInterface::info(__('Hardening applied to the uploads directory', 'sucuri-scanner'));
271
  } else {
272
+ SucuriScanInterface::error(__('Error hardening directory, check the permissions.', 'sucuri-scanner'));
273
  }
274
  }
275
 
277
  $result = SucuriScanHardening::unhardenDirectory($folder);
278
 
279
  if ($result === true) {
280
+ SucuriScanEvent::reportErrorEvent(__('Hardening reverted in the uploads directory', 'sucuri-scanner'));
281
+ SucuriScanInterface::info(__('Hardening reverted in the uploads directory', 'sucuri-scanner'));
282
  } else {
283
+ SucuriScanInterface::error(__('Access file is not writable, check the permissions.', 'sucuri-scanner'));
284
  }
285
  }
286
 
287
+ $params['Hardening.Title'] = __('Block PHP Files in Uploads Directory', 'sucuri-scanner');
288
+ $params['Hardening.Description'] = __('Block the execution of PHP files in sensitive directories. Be careful while applying this hardening option as there are many plugins and theme which rely on the ability to execute PHP files in the content directory to generate images or save temporary data. Use the "Whitelist PHP Files" tool to add exceptions to individual files.', 'sucuri-scanner');
 
 
 
 
 
289
 
290
  if (SucuriScan::isBehindFirewall()) {
291
  $params['Hardening.Status'] = 1;
292
  $params['Hardening.FieldAttrs'] = 'disabled';
293
+ $params['Hardening.FieldText'] = __('Revert Hardening', 'sucuri-scanner');
294
  } elseif (SucuriScanHardening::isHardened($folder)) {
295
  $params['Hardening.Status'] = 1;
296
  $params['Hardening.FieldName'] = __FUNCTION__ . '_revert';
297
+ $params['Hardening.FieldText'] = __('Revert Hardening', 'sucuri-scanner');
298
  } else {
299
  $params['Hardening.Status'] = 0;
300
  $params['Hardening.FieldName'] = __FUNCTION__;
301
+ $params['Hardening.FieldText'] = __('Apply Hardening', 'sucuri-scanner');
302
  }
303
 
304
  return self::drawSection($params);
325
  $result = SucuriScanHardening::hardenDirectory(WP_CONTENT_DIR);
326
 
327
  if ($result === true) {
328
+ SucuriScanEvent::reportNoticeEvent(__('Hardening applied to the content directory', 'sucuri-scanner'));
329
+ SucuriScanInterface::info(__('Hardening applied to the content directory', 'sucuri-scanner'));
330
  } else {
331
+ SucuriScanInterface::error(__('Error hardening directory, check the permissions.', 'sucuri-scanner'));
332
  }
333
  }
334
 
336
  $result = SucuriScanHardening::unhardenDirectory(WP_CONTENT_DIR);
337
 
338
  if ($result === true) {
339
+ SucuriScanEvent::reportErrorEvent(__('Hardening reverted in the content directory', 'sucuri-scanner'));
340
+ SucuriScanInterface::info(__('Hardening reverted in the content directory', 'sucuri-scanner'));
341
  } else {
342
+ SucuriScanInterface::error(__('Access file is not writable, check the permissions.', 'sucuri-scanner'));
343
  }
344
  }
345
 
346
+ $params['Hardening.Title'] = __('Block PHP Files in WP-CONTENT Directory', 'sucuri-scanner');
347
+ $params['Hardening.Description'] = __('Block the execution of PHP files in sensitive directories. Be careful while applying this hardening option as there are many plugins and theme which rely on the ability to execute PHP files in the content directory to generate images or save temporary data. Use the "Whitelist PHP Files" tool to add exceptions to individual files.', 'sucuri-scanner');
 
 
 
 
 
348
 
349
  if (SucuriScan::isBehindFirewall()) {
350
  $params['Hardening.Status'] = 1;
351
  $params['Hardening.FieldAttrs'] = 'disabled';
352
+ $params['Hardening.FieldText'] = __('Revert Hardening', 'sucuri-scanner');
353
  } elseif (SucuriScanHardening::isHardened(WP_CONTENT_DIR)) {
354
  $params['Hardening.Status'] = 1;
355
  $params['Hardening.FieldName'] = __FUNCTION__ . '_revert';
356
+ $params['Hardening.FieldText'] = __('Revert Hardening', 'sucuri-scanner');
357
  } else {
358
  $params['Hardening.Status'] = 0;
359
  $params['Hardening.FieldName'] = __FUNCTION__;
360
+ $params['Hardening.FieldText'] = __('Apply Hardening', 'sucuri-scanner');
361
  }
362
 
363
  return self::drawSection($params);
389
  try {
390
  SucuriScanHardening::whitelist('wp-tinymce.php', 'wp-includes');
391
  SucuriScanHardening::whitelist('ms-files.php', 'wp-includes');
392
+ SucuriScanEvent::reportNoticeEvent(__('Hardening applied to the library directory', 'sucuri-scanner'));
393
+ SucuriScanInterface::info(__('Hardening applied to the library directory', 'sucuri-scanner'));
394
  } catch (Exception $e) {
395
  SucuriScanInterface::error($e->getMessage());
396
  }
397
  } else {
398
+ SucuriScanInterface::error(__('Error hardening directory, check the permissions.', 'sucuri-scanner'));
399
  }
400
  }
401
 
405
  if ($result === true) {
406
  SucuriScanHardening::dewhitelist('wp-tinymce.php', 'wp-includes');
407
  SucuriScanHardening::dewhitelist('ms-files.php', 'wp-includes');
408
+ SucuriScanEvent::reportErrorEvent(__('Hardening reverted in the library directory', 'sucuri-scanner'));
409
+ SucuriScanInterface::info(__('Hardening reverted in the library directory', 'sucuri-scanner'));
410
  } else {
411
+ SucuriScanInterface::error(__('Access file is not writable, check the permissions.', 'sucuri-scanner'));
412
  }
413
  }
414
 
415
+ $params['Hardening.Title'] = __('Block PHP Files in WP-INCLUDES Directory', 'sucuri-scanner');
416
+ $params['Hardening.Description'] = __('Block the execution of PHP files in sensitive directories. Be careful while applying this hardening option as there are many plugins and theme which rely on the ability to execute PHP files in the content directory to generate images or save temporary data. Use the "Whitelist PHP Files" tool to add exceptions to individual files.', 'sucuri-scanner');
 
 
 
 
 
417
 
418
  if (SucuriScan::isBehindFirewall()) {
419
  $params['Hardening.Status'] = 1;
420
  $params['Hardening.FieldAttrs'] = 'disabled';
421
+ $params['Hardening.FieldText'] = __('Revert Hardening', 'sucuri-scanner');
422
  } elseif (SucuriScanHardening::isHardened($folder)) {
423
  $params['Hardening.Status'] = 1;
424
  $params['Hardening.FieldName'] = __FUNCTION__ . '_revert';
425
+ $params['Hardening.FieldText'] = __('Revert Hardening', 'sucuri-scanner');
426
  } else {
427
  $params['Hardening.Status'] = 0;
428
  $params['Hardening.FieldName'] = __FUNCTION__;
429
+ $params['Hardening.FieldText'] = __('Apply Hardening', 'sucuri-scanner');
430
  }
431
 
432
  return self::drawSection($params);
445
 
446
  if (self::processRequest(__FUNCTION__)) {
447
  if (@unlink(ABSPATH . '/readme.html') === false) {
448
+ SucuriScanInterface::error(sprintf(__('Cannot delete <code>%s/readme.html</code>', 'sucuri-scanner'), ABSPATH));
449
  } else {
450
+ SucuriScanEvent::reportNoticeEvent(__('Hardening applied to the <code>readme.html</code> file', 'sucuri-scanner'));
451
+ SucuriScanInterface::info(__('Hardening applied to the <code>readme.html</code> file', 'sucuri-scanner'));
452
  }
453
  }
454
 
455
+ $params['Hardening.Title'] = __('Information Leakage', 'sucuri-scanner');
456
+ $params['Hardening.Description'] = __('Checks if the WordPress README file still exists in the website. The information in this file can be used by malicious users to pin-point which disclosed vulnerabilities are associated to the website. Be aware that WordPress recreates this file automatically with every update.', 'sucuri-scanner');
 
 
 
 
457
 
458
  if (file_exists(ABSPATH . '/readme.html')) {
459
  $params['Hardening.Status'] = 0;
460
  $params['Hardening.FieldName'] = __FUNCTION__;
461
+ $params['Hardening.FieldText'] = __('Apply Hardening', 'sucuri-scanner');
462
  } else {
463
  $params['Hardening.Status'] = 1;
464
+ $params['Hardening.FieldText'] = __('Revert Hardening', 'sucuri-scanner');
465
  $params['Hardening.FieldAttrs'] = 'disabled';
466
  }
467
 
488
  $results = $user_query->get_results();
489
 
490
  $params['URL.Settings'] = admin_url('users.php?role=administrator');
491
+ $params['Hardening.Title'] = __('Default Admin Account', 'sucuri-scanner');
492
+ $params['Hardening.Description'] = __('Check if the primary user account still uses the name "admin". This allows malicious users to easily identify which account has the highest privileges to target an attack.', 'sucuri-scanner');
 
 
 
493
 
494
  if (count($results) === 0) {
495
  $params['Hardening.Status'] = 1;
496
  $params['Hardening.FieldAttrs'] = 'disabled';
497
+ $params['Hardening.FieldText'] = __('Revert Hardening', 'sucuri-scanner');
498
  } else {
499
  $params['Hardening.Status'] = 0;
500
  $params['Hardening.FieldName'] = __FUNCTION__;
501
+ $params['Hardening.FieldText'] = __('Apply Hardening', 'sucuri-scanner');
502
  }
503
 
504
  return self::drawSection($params);
518
  $config = SucuriScan::getConfigPath();
519
 
520
  if (!$config) {
521
+ SucuriScanInterface::error(__('WordPress configuration file was not found.', 'sucuri-scanner'));
522
  } elseif (!is_writable($config)) {
523
+ SucuriScanInterface::error(__('WordPress configuration file is not writable.', 'sucuri-scanner'));
524
  } else {
525
  $content = SucuriScanFileInfo::fileContent($config);
526
  $lines = explode("\n", $content);
540
  $fileEditorWasDisabled = true;
541
  $content = implode("\n", $newlines);
542
  @file_put_contents($config, $content, LOCK_EX);
543
+ SucuriScanEvent::reportNoticeEvent(__('Hardening applied to the plugin and theme editor', 'sucuri-scanner'));
544
+ SucuriScanInterface::info(__('Hardening applied to the plugin and theme editor', 'sucuri-scanner'));
545
  }
546
  }
547
 
549
  $config = SucuriScan::getConfigPath();
550
 
551
  if (!$config) {
552
+ SucuriScanInterface::error(__('WordPress configuration file was not found.', 'sucuri-scanner'));
553
  } elseif (!is_writable($config)) {
554
+ SucuriScanInterface::error(__('WordPress configuration file is not writable.', 'sucuri-scanner'));
555
  } else {
556
  $content = SucuriScanFileInfo::fileContent($config);
557
  $lines = explode("\n", $content);
569
 
570
  if (!$hardeningWasReverted) {
571
  SucuriScanInterface::error(
572
+ __('File Editor was not disabled using this tool. You must scan your project for a constant defined as DISALLOW_FILE_EDIT, then either delete it or set its value to False. Any plugin/theme can disable the file editor, so it is impossible to determine the origin of the constant.', 'sucuri-scanner')
 
 
 
 
 
573
  );
574
  } else {
575
  $fileEditorWasDisabled = false;
576
  $content = implode("\n", $newlines);
577
  @file_put_contents($config, $content, LOCK_EX);
578
+ SucuriScanEvent::reportErrorEvent(__('Hardening reverted in the plugin and theme editor', 'sucuri-scanner'));
579
+ SucuriScanInterface::info(__('Hardening reverted in the plugin and theme editor', 'sucuri-scanner'));
580
  }
581
  }
582
  }
583
 
584
+ $params['Hardening.Title'] = __('Plugin and Theme Editor', 'sucuri-scanner');
585
+ $params['Hardening.Description'] = __('Disables the theme and plugin editors to prevent unwanted modifications to the code. If you are having problems reverting this please open the wp-config.php file and delete the line with the constant DISALLOW_FILE_EDIT.', 'sucuri-scanner');
 
 
 
586
 
587
  if ($fileEditorWasDisabled) {
588
  $params['Hardening.Status'] = 1;
589
  $params['Hardening.FieldName'] = __FUNCTION__ . '_revert';
590
+ $params['Hardening.FieldText'] = __('Revert Hardening', 'sucuri-scanner');
591
  } else {
592
  $params['Hardening.Status'] = 0;
593
  $params['Hardening.FieldName'] = __FUNCTION__;
594
+ $params['Hardening.FieldText'] = __('Apply Hardening', 'sucuri-scanner');
595
  }
596
 
597
  return self::drawSection($params);
612
  {
613
  $params = array(
614
  'HardeningWhitelist.List' => '',
615
+ 'HardeningWhitelist.AllowedFolders' => '',
616
  'HardeningWhitelist.NoItemsVisibility' => 'visible',
617
  );
618
+
619
+ $upload_dir = wp_upload_dir();
620
  $allowed_folders = array(
621
+ rtrim(ABSPATH, '/') . '/' . WPINC,
622
+ WP_CONTENT_DIR,
623
+ $upload_dir['basedir']
624
  );
625
 
626
  if (SucuriScanInterface::checkNonce()) {
633
  if (in_array($folder, $allowed_folders)) {
634
  try {
635
  SucuriScanHardening::whitelist($fwhite, $folder);
636
+ SucuriScanInterface::info(__('The file has been whitelisted from the hardening', 'sucuri-scanner'));
637
  } catch (Exception $e) {
638
  SucuriScanInterface::error($e->getMessage());
639
  }
640
  } else {
641
+ SucuriScanInterface::error(__('Specified folder is not hardened by this plugin', 'sucuri-scanner'));
642
  }
643
  }
644
 
652
  SucuriScanHardening::dewhitelist($parts[1], $parts[0]);
653
  }
654
 
655
+ SucuriScanInterface::info(__('Selected files have been removed', 'sucuri-scanner'));
656
  }
657
  }
658
 
660
  foreach ($allowed_folders as $folder) {
661
  $files = SucuriScanHardening::getWhitelisted($folder);
662
 
663
+ $params['HardeningWhitelist.AllowedFolders'] .= sprintf(
664
+ '<option value="%s">%s</option>',
665
+ SucuriScan::escape($folder),
666
+ SucuriScan::escape($folder)
667
+ );
668
+
669
  if (is_array($files) && !empty($files)) {
670
  $params['HardeningWhitelist.NoItemsVisibility'] = 'hidden';
671
 
src/settings-integrity.php CHANGED
@@ -62,23 +62,23 @@ class SucuriScanSettingsIntegrity extends SucuriScanSettings
62
 
63
  if ($status) {
64
  if (!SucuriScanCommand::exists('diff')) {
65
- SucuriScanInterface::error('Your hosting provider has blocked the execution of external commands.');
66
  } else {
67
  $status = $status . 'd'; /* add past tense */
68
- $message = 'Integrity diff utility has been <code>' . $status . '</code>';
69
 
70
  SucuriScanOption::updateOption(':diff_utility', $status);
71
  SucuriScanEvent::reportInfoEvent($message);
72
  SucuriScanEvent::notifyEvent('plugin_change', $message);
73
- SucuriScanInterface::info('The status of the integrity diff utility has been changed');
74
  }
75
  }
76
  }
77
 
78
  if (SucuriScanOption::isEnabled(':diff_utility')) {
79
  $params['DiffUtility.StatusNum'] = 1;
80
- $params['DiffUtility.Status'] = 'Enabled';
81
- $params['DiffUtility.SwitchText'] = 'Disable';
82
  $params['DiffUtility.SwitchValue'] = 'disable';
83
  }
84
 
@@ -109,10 +109,9 @@ class SucuriScanSettingsIntegrity extends SucuriScanSettings
109
 
110
  if (!empty($deletedFiles)) {
111
  SucuriScanEvent::reportDebugEvent(
112
- 'Core files that will not be ignored anymore: (mul'
113
- . 'tiple entries): ' . implode(',', $deletedFiles)
114
  );
115
- SucuriScanInterface::info('The selected files have been successfully processed.');
116
  }
117
  }
118
 
62
 
63
  if ($status) {
64
  if (!SucuriScanCommand::exists('diff')) {
65
+ SucuriScanInterface::error(__('Your hosting provider has blocked the execution of external commands.', 'sucuri-scanner'));
66
  } else {
67
  $status = $status . 'd'; /* add past tense */
68
+ $message = sprintf(__('Integrity diff utility has been <code>%s</code>', 'sucuri-scanner'), $status);
69
 
70
  SucuriScanOption::updateOption(':diff_utility', $status);
71
  SucuriScanEvent::reportInfoEvent($message);
72
  SucuriScanEvent::notifyEvent('plugin_change', $message);
73
+ SucuriScanInterface::info(__('The status of the integrity diff utility has been changed', 'sucuri-scanner'));
74
  }
75
  }
76
  }
77
 
78
  if (SucuriScanOption::isEnabled(':diff_utility')) {
79
  $params['DiffUtility.StatusNum'] = 1;
80
+ $params['DiffUtility.Status'] = __('Enabled', 'sucuri-scanner');
81
+ $params['DiffUtility.SwitchText'] = __('Disable', 'sucuri-scanner');
82
  $params['DiffUtility.SwitchValue'] = 'disable';
83
  }
84
 
109
 
110
  if (!empty($deletedFiles)) {
111
  SucuriScanEvent::reportDebugEvent(
112
+ sprintf(__('Core files that will not be ignored anymore: (multiple entries): %s', 'sucuri-scanner'), implode(',', $deletedFiles))
 
113
  );
114
+ SucuriScanInterface::info(__('The selected files have been successfully processed.', 'sucuri-scanner'));
115
  }
116
  }
117
 
src/settings-posthack.php CHANGED
@@ -55,25 +55,25 @@ class SucuriScanSettingsPosthack extends SucuriScanSettings
55
  // Update all WordPress secret keys.
56
  if (SucuriScanInterface::checkNonce() && SucuriScanRequest::post(':update_wpconfig')) {
57
  if (SucuriScanRequest::post(':process_form') != 1) {
58
- SucuriScanInterface::error('You need to confirm that you understand the risk of this operation.');
59
  } else {
60
  $wpconfig_process = SucuriScanEvent::setNewConfigKeys();
61
 
62
  if (!$wpconfig_process) {
63
- SucuriScanInterface::error('WordPress configuration file was not found.');
64
  } elseif ($wpconfig_process['updated']) {
65
- SucuriScanEvent::reportNoticeEvent('Generate new security keys (success)');
66
- SucuriScanInterface::info('Secret keys updated successfully (summary of the operation bellow).');
67
 
68
  $params['WPConfigUpdate.Visibility'] = 'visible';
69
- $params['WPConfigUpdate.NewConfig'] .= "/* Old Security Keys */\n";
70
  $params['WPConfigUpdate.NewConfig'] .= $wpconfig_process['old_keys_string'];
71
  $params['WPConfigUpdate.NewConfig'] .= "\n";
72
- $params['WPConfigUpdate.NewConfig'] .= "/* New Security Keys */\n";
73
  $params['WPConfigUpdate.NewConfig'] .= $wpconfig_process['new_keys_string'];
74
  } else {
75
- SucuriScanEvent::reportNoticeEvent('Generate new security keys (failure)');
76
- SucuriScanInterface::error('WordPress configuration file is not writable.');
77
 
78
  $params['WPConfigUpdate.Visibility'] = 'visible';
79
  $params['WPConfigUpdate.NewConfig'] = $wpconfig_process['new_wpconfig'];
@@ -200,7 +200,7 @@ class SucuriScanSettingsPosthack extends SucuriScanSettings
200
 
201
  if (SucuriScanEvent::setNewPassword($user_id)) {
202
  $response = 'Done';
203
- SucuriScanEvent::reportNoticeEvent('Password changed for user #' . $user_id);
204
  }
205
 
206
  wp_send_json($response, 200);
@@ -295,20 +295,20 @@ class SucuriScanSettingsPosthack extends SucuriScanSettings
295
  /* Check if the plugin actually exists */
296
  if (!array_key_exists($plugin, $allPlugins)) {
297
  $response = '<span class="sucuriscan-label-default">'
298
- . 'not installed' . '</span>';
299
  } elseif ($allPlugins[$plugin]['IsFreePlugin'] !== true) {
300
  // Ignore plugins not listed in the WordPress repository.
301
  // This usually applies to premium plugins. They cannot be downloaded from
302
  // a reliable source because we can't check the checksum of the files nor
303
  // we can verify if the installation of the new code will work or not.
304
  $response = '<span class="sucuriscan-label-danger">'
305
- . 'Plugin is Premium' . '</span>';
306
  } elseif (!is_writable($allPlugins[$plugin]['InstallationPath'])) {
307
  $response = '<span class="sucuriscan-label-danger">'
308
- . 'Not Writable' . '</span>';
309
  } elseif (!class_exists('SucuriScanPluginInstallerSkin')) {
310
  $response = '<span class="sucuriscan-label-danger">'
311
- . 'Missing Library' . '</span>';
312
  } else {
313
  // Get data associated to the plugin.
314
  $data = $allPlugins[$plugin];
@@ -318,10 +318,10 @@ class SucuriScanSettingsPosthack extends SucuriScanSettings
318
 
319
  if (!$info) {
320
  $response = '<span class="sucuriscan-label-danger">'
321
- . 'Cannot Download' . '</span>';
322
  } elseif (!rename($data['InstallationPath'], $newpath)) {
323
  $response = '<span class="sucuriscan-label-danger">'
324
- . 'Cannot Backup' . '</span>';
325
  } else {
326
  ob_start();
327
  $upgrader_skin = new SucuriScanPluginInstallerSkin();
@@ -334,7 +334,7 @@ class SucuriScanSettingsPosthack extends SucuriScanSettings
334
  /* Revert backup to its original location */
335
  @rename($newpath, $data['InstallationPath']);
336
  $response = '<span class="sucuriscan-label-danger">'
337
- . 'Cannot Install' . '</span>';
338
  } else {
339
  /* Destroy the backup of the plugin */
340
  $fifo = new SucuriScanFileInfo();
@@ -343,7 +343,7 @@ class SucuriScanSettingsPosthack extends SucuriScanSettings
343
  $fifo->skip_directories = false;
344
  $fifo->removeDirectoryTree($newpath);
345
 
346
- $installed = 'Installed v' . SucuriScan::escape($info['version']);
347
  $response = '<span class="sucuriscan-label-success">' . $installed . '</span>';
348
  }
349
  }
@@ -417,7 +417,7 @@ class SucuriScanSettingsPosthack extends SucuriScanSettings
417
  'Update.Extension' => SucuriScan::excerpt($data->Name, 35),
418
  'Update.Version' => $data->Version,
419
  'Update.NewVersion' => $data->update['new_version'],
420
- 'Update.TestedWith' => 'Newest WordPress',
421
  'Update.ArchiveUrl' => $data->update['package'],
422
  'Update.MarketUrl' => $data->update['url'],
423
  )
@@ -455,7 +455,7 @@ class SucuriScanSettingsPosthack extends SucuriScanSettings
455
  $response = SucuriScanSettingsPosthack::availableUpdatesContent();
456
 
457
  if (!$response) {
458
- $response = '<tr><td colspan="5">' . 'There are no updates available.' . '</td></tr>';
459
  }
460
 
461
  wp_send_json($response, 200);
55
  // Update all WordPress secret keys.
56
  if (SucuriScanInterface::checkNonce() && SucuriScanRequest::post(':update_wpconfig')) {
57
  if (SucuriScanRequest::post(':process_form') != 1) {
58
+ SucuriScanInterface::error(__('You need to confirm that you understand the risk of this operation.', 'sucuri-scanner'));
59
  } else {
60
  $wpconfig_process = SucuriScanEvent::setNewConfigKeys();
61
 
62
  if (!$wpconfig_process) {
63
+ SucuriScanInterface::error(__('WordPress configuration file was not found.', 'sucuri-scanner'));
64
  } elseif ($wpconfig_process['updated']) {
65
+ SucuriScanEvent::reportNoticeEvent(__('Generate new security keys (success)', 'sucuri-scanner'));
66
+ SucuriScanInterface::info(__('Secret keys updated successfully (summary of the operation bellow).', 'sucuri-scanner'));
67
 
68
  $params['WPConfigUpdate.Visibility'] = 'visible';
69
+ $params['WPConfigUpdate.NewConfig'] .= sprintf("/* %s */\n", __('Old Security Keys', 'sucuri-scanner'));
70
  $params['WPConfigUpdate.NewConfig'] .= $wpconfig_process['old_keys_string'];
71
  $params['WPConfigUpdate.NewConfig'] .= "\n";
72
+ $params['WPConfigUpdate.NewConfig'] .= sprintf("/* %s */\n", __('New Security Keys', 'sucuri-scanner'));
73
  $params['WPConfigUpdate.NewConfig'] .= $wpconfig_process['new_keys_string'];
74
  } else {
75
+ SucuriScanEvent::reportNoticeEvent(__('Generate new security keys (failure)', 'sucuri-scanner'));
76
+ SucuriScanInterface::error(__('WordPress configuration file is not writable.', 'sucuri-scanner'));
77
 
78
  $params['WPConfigUpdate.Visibility'] = 'visible';
79
  $params['WPConfigUpdate.NewConfig'] = $wpconfig_process['new_wpconfig'];
200
 
201
  if (SucuriScanEvent::setNewPassword($user_id)) {
202
  $response = 'Done';
203
+ SucuriScanEvent::reportNoticeEvent(sprintf(__('Password changed for user #%d', 'sucuri-scanner'), $user_id));
204
  }
205
 
206
  wp_send_json($response, 200);
295
  /* Check if the plugin actually exists */
296
  if (!array_key_exists($plugin, $allPlugins)) {
297
  $response = '<span class="sucuriscan-label-default">'
298
+ . __('not installed', 'sucuri-scanner') . '</span>';
299
  } elseif ($allPlugins[$plugin]['IsFreePlugin'] !== true) {
300
  // Ignore plugins not listed in the WordPress repository.
301
  // This usually applies to premium plugins. They cannot be downloaded from
302
  // a reliable source because we can't check the checksum of the files nor
303
  // we can verify if the installation of the new code will work or not.
304
  $response = '<span class="sucuriscan-label-danger">'
305
+ . __('Plugin is Premium', 'sucuri-scanner') . '</span>';
306
  } elseif (!is_writable($allPlugins[$plugin]['InstallationPath'])) {
307
  $response = '<span class="sucuriscan-label-danger">'
308
+ . __('Not Writable', 'sucuri-scanner') . '</span>';
309
  } elseif (!class_exists('SucuriScanPluginInstallerSkin')) {
310
  $response = '<span class="sucuriscan-label-danger">'
311
+ . __('Missing Library', 'sucuri-scanner') . '</span>';
312
  } else {
313
  // Get data associated to the plugin.
314
  $data = $allPlugins[$plugin];
318
 
319
  if (!$info) {
320
  $response = '<span class="sucuriscan-label-danger">'
321
+ . __('Cannot Download', 'sucuri-scanner') . '</span>';
322
  } elseif (!rename($data['InstallationPath'], $newpath)) {
323
  $response = '<span class="sucuriscan-label-danger">'
324
+ . __('Cannot Backup', 'sucuri-scanner') . '</span>';
325
  } else {
326
  ob_start();
327
  $upgrader_skin = new SucuriScanPluginInstallerSkin();
334
  /* Revert backup to its original location */
335
  @rename($newpath, $data['InstallationPath']);
336
  $response = '<span class="sucuriscan-label-danger">'
337
+ . __('Cannot Install', 'sucuri-scanner') . '</span>';
338
  } else {
339
  /* Destroy the backup of the plugin */
340
  $fifo = new SucuriScanFileInfo();
343
  $fifo->skip_directories = false;
344
  $fifo->removeDirectoryTree($newpath);
345
 
346
+ $installed = sprintf(__('Installed v%s', 'sucuri-scanner'), SucuriScan::escape($info['version']));
347
  $response = '<span class="sucuriscan-label-success">' . $installed . '</span>';
348
  }
349
  }
417
  'Update.Extension' => SucuriScan::excerpt($data->Name, 35),
418
  'Update.Version' => $data->Version,
419
  'Update.NewVersion' => $data->update['new_version'],
420
+ 'Update.TestedWith' => __('Newest WordPress', 'sucuri-scanner'),
421
  'Update.ArchiveUrl' => $data->update['package'],
422
  'Update.MarketUrl' => $data->update['url'],
423
  )
455
  $response = SucuriScanSettingsPosthack::availableUpdatesContent();
456
 
457
  if (!$response) {
458
+ $response = '<tr><td colspan="5">' . __('There are no updates available.', 'sucuri-scanner') . '</td></tr>';
459
  }
460
 
461
  wp_send_json($response, 200);
src/settings-scanner.php CHANGED
@@ -44,8 +44,6 @@ class SucuriScanSettingsScanner extends SucuriScanSettings
44
  public static function cronjobs($nonce)
45
  {
46
  $params = array(
47
- 'Cronjobs.List' => '',
48
- 'Cronjobs.Total' => 0,
49
  'Cronjob.Schedules' => '',
50
  );
51
 
@@ -67,13 +65,13 @@ class SucuriScanSettingsScanner extends SucuriScanSettings
67
  /* Force execution of the selected scheduled tasks. */
68
  SucuriScanInterface::info(
69
  sprintf(
70
- '%d tasks has been scheduled to run in the next ten seconds.',
71
  $total_tasks /* some cronjobs will be ignored */
72
  )
73
  );
74
  SucuriScanEvent::reportNoticeEvent(
75
  sprintf(
76
- 'Force execution of scheduled tasks: (multiple entries): %s',
77
  @implode(',', $cronjobs)
78
  )
79
  );
@@ -85,13 +83,13 @@ class SucuriScanSettingsScanner extends SucuriScanSettings
85
  /* Force deletion of the selected scheduled tasks. */
86
  SucuriScanInterface::info(
87
  sprintf(
88
- '%d scheduled tasks have been removed.',
89
  $total_tasks /* some cronjobs will be ignored */
90
  )
91
  );
92
  SucuriScanEvent::reportNoticeEvent(
93
  sprintf(
94
- 'Delete scheduled tasks: (multiple entries): %s',
95
  @implode(',', $cronjobs)
96
  )
97
  );
@@ -102,14 +100,14 @@ class SucuriScanSettingsScanner extends SucuriScanSettings
102
  } else {
103
  SucuriScanInterface::info(
104
  sprintf(
105
- '%d tasks has been re-scheduled to run <code>%s</code>.',
106
  $total_tasks, /* some cronjobs will be ignored */
107
  $cronjob_action /* frequency to run cronjob */
108
  )
109
  );
110
  SucuriScanEvent::reportNoticeEvent(
111
  sprintf(
112
- 'Re-configure scheduled tasks %s: (multiple entries): %s',
113
  $cronjob_action,
114
  @implode(',', $cronjobs)
115
  )
@@ -121,22 +119,41 @@ class SucuriScanSettingsScanner extends SucuriScanSettings
121
  }
122
  }
123
  } else {
124
- SucuriScanInterface::error('No scheduled tasks were selected from the list.');
125
  }
126
  }
127
  }
128
 
129
- $cronjobs = _get_cron_array();
130
  $available = SucuriScanEvent::availableSchedules();
131
 
132
  /* Hardcode the first one to allow the immediate execution of the cronjob(s) */
133
  $params['Cronjob.Schedules'] .= '<option value="runnow">'
134
- . 'Execute Now (in +10 seconds)' . '</option>';
135
 
136
  foreach ($available as $freq => $name) {
137
  $params['Cronjob.Schedules'] .= sprintf('<option value="%s">%s</option>', $freq, $name);
138
  }
139
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
140
  foreach ($cronjobs as $timestamp => $cronhooks) {
141
  foreach ((array) $cronhooks as $hook => $events) {
142
  foreach ((array) $events as $key => $event) {
@@ -144,8 +161,7 @@ class SucuriScanSettingsScanner extends SucuriScanSettings
144
  $event['args'] = array('[]');
145
  }
146
 
147
- $params['Cronjobs.Total'] += 1;
148
- $params['Cronjobs.List'] .= SucuriScanTemplate::getSnippet(
149
  'settings-scanner-cronjobs',
150
  array(
151
  'Cronjob.Hook' => $hook,
@@ -159,10 +175,11 @@ class SucuriScanSettingsScanner extends SucuriScanSettings
159
  }
160
  }
161
 
162
- $hasSPL = SucuriScanFileInfo::isSplAvailable();
163
- $params['NoSPL.Visibility'] = SucuriScanTemplate::visibility(!$hasSPL);
 
164
 
165
- return SucuriScanTemplate::getSection('settings-scanner-cronjobs', $params);
166
  }
167
 
168
  /**
@@ -187,8 +204,8 @@ class SucuriScanSettingsScanner extends SucuriScanSettings
187
  $ign_dirs = SucuriScanRequest::post(':unignorefolders', '_array');
188
 
189
  if ($ign_ress !== false && SucuriScanFSScanner::ignoreDirectory($ign_ress)) {
190
- SucuriScanInterface::info('Selected files have been successfully processed.');
191
- SucuriScanEvent::reportWarningEvent('This directory will not be scanned: ' . $ign_ress);
192
  }
193
 
194
  if ($ign_dirs !== false && is_array($ign_dirs) && !empty($ign_dirs)) {
@@ -196,9 +213,9 @@ class SucuriScanSettingsScanner extends SucuriScanSettings
196
  SucuriScanFSScanner::unignoreDirectory($dir);
197
  }
198
 
199
- SucuriScanInterface::info('Selected files have been successfully processed.');
200
  SucuriScanEvent::reportNoticeEvent(
201
- 'Directories will be scanned: (multiple entries): '
202
  . @implode(',', $ign_dirs) /* all directories */
203
  );
204
  }
@@ -219,7 +236,7 @@ class SucuriScanSettingsScanner extends SucuriScanSettings
219
  }
220
 
221
  if (empty($ignored_dirs['directories'])) {
222
- $params['IgnoreScan.List'] .= '<tr><td colspan="3">no data available</td></tr>';
223
  }
224
 
225
  return SucuriScanTemplate::getSection('settings-scanner-ignore-folders', $params);
44
  public static function cronjobs($nonce)
45
  {
46
  $params = array(
 
 
47
  'Cronjob.Schedules' => '',
48
  );
49
 
65
  /* Force execution of the selected scheduled tasks. */
66
  SucuriScanInterface::info(
67
  sprintf(
68
+ __('%d tasks has been scheduled to run in the next ten seconds.', 'sucuri-scanner'),
69
  $total_tasks /* some cronjobs will be ignored */
70
  )
71
  );
72
  SucuriScanEvent::reportNoticeEvent(
73
  sprintf(
74
+ __('Force execution of scheduled tasks: (multiple entries): %s', 'sucuri-scanner'),
75
  @implode(',', $cronjobs)
76
  )
77
  );
83
  /* Force deletion of the selected scheduled tasks. */
84
  SucuriScanInterface::info(
85
  sprintf(
86
+ __('%d scheduled tasks have been removed.', 'sucuri-scanner'),
87
  $total_tasks /* some cronjobs will be ignored */
88
  )
89
  );
90
  SucuriScanEvent::reportNoticeEvent(
91
  sprintf(
92
+ __('Delete scheduled tasks: (multiple entries): %s', 'sucuri-scanner'),
93
  @implode(',', $cronjobs)
94
  )
95
  );
100
  } else {
101
  SucuriScanInterface::info(
102
  sprintf(
103
+ __('%d tasks has been re-scheduled to run <code>%s</code>.', 'sucuri-scanner'),
104
  $total_tasks, /* some cronjobs will be ignored */
105
  $cronjob_action /* frequency to run cronjob */
106
  )
107
  );
108
  SucuriScanEvent::reportNoticeEvent(
109
  sprintf(
110
+ __('Re-configure scheduled tasks %s: (multiple entries): %s', 'sucuri-scanner'),
111
  $cronjob_action,
112
  @implode(',', $cronjobs)
113
  )
119
  }
120
  }
121
  } else {
122
+ SucuriScanInterface::error(__('No scheduled tasks were selected from the list.', 'sucuri-scanner'));
123
  }
124
  }
125
  }
126
 
 
127
  $available = SucuriScanEvent::availableSchedules();
128
 
129
  /* Hardcode the first one to allow the immediate execution of the cronjob(s) */
130
  $params['Cronjob.Schedules'] .= '<option value="runnow">'
131
+ . __('Execute Now (in +10 seconds)', 'sucuri-scanner') . '</option>';
132
 
133
  foreach ($available as $freq => $name) {
134
  $params['Cronjob.Schedules'] .= sprintf('<option value="%s">%s</option>', $freq, $name);
135
  }
136
 
137
+ $hasSPL = SucuriScanFileInfo::isSplAvailable();
138
+ $params['NoSPL.Visibility'] = SucuriScanTemplate::visibility(!$hasSPL);
139
+
140
+ return SucuriScanTemplate::getSection('settings-scanner-cronjobs', $params);
141
+ }
142
+
143
+ /**
144
+ * Process the Ajax request to retrieve the list of cronjobs.
145
+ *
146
+ * @return void
147
+ */
148
+ public static function cronjobsAjax()
149
+ {
150
+ if (SucuriScanRequest::post('form_action') !== 'get_cronjobs') {
151
+ return;
152
+ }
153
+
154
+ $response = '';
155
+ $cronjobs = _get_cron_array();
156
+
157
  foreach ($cronjobs as $timestamp => $cronhooks) {
158
  foreach ((array) $cronhooks as $hook => $events) {
159
  foreach ((array) $events as $key => $event) {
161
  $event['args'] = array('[]');
162
  }
163
 
164
+ $response .= SucuriScanTemplate::getSnippet(
 
165
  'settings-scanner-cronjobs',
166
  array(
167
  'Cronjob.Hook' => $hook,
175
  }
176
  }
177
 
178
+ if (!$response) {
179
+ $response = '<tr><td colspan="5">' . __('no data available', 'sucuri-scanner') . '</td></tr>';
180
+ }
181
 
182
+ wp_send_json($response, 200);
183
  }
184
 
185
  /**
204
  $ign_dirs = SucuriScanRequest::post(':unignorefolders', '_array');
205
 
206
  if ($ign_ress !== false && SucuriScanFSScanner::ignoreDirectory($ign_ress)) {
207
+ SucuriScanInterface::info(__('Selected files have been successfully processed.', 'sucuri-scanner'));
208
+ SucuriScanEvent::reportWarningEvent(sprintf(__('This directory will not be scanned: %s', 'sucuri-scanner'), $ign_ress));
209
  }
210
 
211
  if ($ign_dirs !== false && is_array($ign_dirs) && !empty($ign_dirs)) {
213
  SucuriScanFSScanner::unignoreDirectory($dir);
214
  }
215
 
216
+ SucuriScanInterface::info(__('Selected files have been successfully processed.', 'sucuri-scanner'));
217
  SucuriScanEvent::reportNoticeEvent(
218
+ __('Directories will be scanned: (multiple entries): ', 'sucuri-scanner')
219
  . @implode(',', $ign_dirs) /* all directories */
220
  );
221
  }
236
  }
237
 
238
  if (empty($ignored_dirs['directories'])) {
239
+ $params['IgnoreScan.List'] .= '<tr><td colspan="3">' . __('no data available', 'sucuri-scanner') . '</td></tr>';
240
  }
241
 
242
  return SucuriScanTemplate::getSection('settings-scanner-ignore-folders', $params);
src/settings-webinfo.php CHANGED
@@ -36,8 +36,8 @@ function sucuriscan_settings_webinfo_details()
36
  'Datetime_and_Timezone' => '',
37
  'Operating_system' => sprintf('%s (%d Bit)', PHP_OS, PHP_INT_SIZE * 8),
38
  'Server' => 'unknown',
39
- 'WordPress_debug' => 'not active',
40
- 'Memory_usage' => 'unknown',
41
  'PHP_version' => PHP_VERSION,
42
  );
43
 
@@ -49,7 +49,7 @@ function sucuriscan_settings_webinfo_details()
49
  );
50
 
51
  if (defined('WP_DEBUG') && WP_DEBUG) {
52
- $info_vars['WordPress_debug'] = 'active';
53
  }
54
 
55
  if (function_exists('memory_get_usage')) {
36
  'Datetime_and_Timezone' => '',
37
  'Operating_system' => sprintf('%s (%d Bit)', PHP_OS, PHP_INT_SIZE * 8),
38
  'Server' => 'unknown',
39
+ 'WordPress_debug' => __('not active', 'sucuri-scanner'),
40
+ 'Memory_usage' => __('unknown', 'sucuri-scanner'),
41
  'PHP_version' => PHP_VERSION,
42
  );
43
 
49
  );
50
 
51
  if (defined('WP_DEBUG') && WP_DEBUG) {
52
+ $info_vars['WordPress_debug'] = __('active', 'sucuri-scanner');
53
  }
54
 
55
  if (function_exists('memory_get_usage')) {
src/sitecheck.lib.php CHANGED
@@ -175,8 +175,8 @@ class SucuriScanSiteCheck extends SucuriScanAPI
175
  $params['SiteCheck.Metadata'] = '';
176
  $params['SiteCheck.Lifetime'] = self::cacheLifetime();
177
 
178
- $data['details'][] = 'PHP Version: ' . phpversion();
179
- $data['details'][] = 'Version: ' . SucuriScan::siteVersion();
180
 
181
  if (isset($data['SCAN']['SITE'])) {
182
  $params['SiteCheck.Website'] = $data['SCAN']['SITE'][0];
@@ -187,11 +187,11 @@ class SucuriScanSiteCheck extends SucuriScanAPI
187
  }
188
 
189
  if (isset($data['SCAN']['HOSTING'])) {
190
- $data['details'][] = 'Hosting: ' . $data['SCAN']['HOSTING'][0];
191
  }
192
 
193
  if (isset($data['SCAN']['CMS'])) {
194
- $data['details'][] = 'CMS: ' . $data['SCAN']['CMS'][0];
195
  }
196
 
197
  if (isset($data['SYSTEM']['NOTICE'])) {
@@ -269,13 +269,13 @@ class SucuriScanSiteCheck extends SucuriScanAPI
269
 
270
  $params['Malware.Content'] = '';
271
  $params['Malware.Color'] = 'green';
272
- $params['Malware.Title'] = 'Site is Clean';
273
  $params['Malware.CleanVisibility'] = 'visible';
274
  $params['Malware.InfectedVisibility'] = 'hidden';
275
 
276
  if (isset($data['MALWARE']['WARN']) && !empty($data['MALWARE']['WARN'])) {
277
  $params['Malware.Color'] = 'red';
278
- $params['Malware.Title'] = 'Site is not Clean';
279
  $params['Malware.CleanVisibility'] = 'hidden';
280
  $params['Malware.InfectedVisibility'] = 'visible';
281
 
@@ -314,7 +314,7 @@ class SucuriScanSiteCheck extends SucuriScanAPI
314
  return ''; /* there is not enough information to render */
315
  }
316
 
317
- $params['Blacklist.Title'] = 'Not Blacklisted';
318
  $params['Blacklist.Color'] = 'green';
319
  $params['Blacklist.Content'] = '';
320
 
@@ -339,7 +339,7 @@ class SucuriScanSiteCheck extends SucuriScanAPI
339
  }
340
 
341
  if (isset($data['BLACKLIST']['WARN'])) {
342
- $params['Blacklist.Title'] = 'Blacklisted';
343
  $params['Blacklist.Color'] = 'red';
344
  }
345
 
@@ -412,7 +412,7 @@ class SucuriScanSiteCheck extends SucuriScanAPI
412
  {
413
  $data = self::scanAndCollectData();
414
 
415
- return sprintf('iFrames: %d', @count($data['LINKS']['IFRAME']));
416
  }
417
 
418
  /**
@@ -424,7 +424,7 @@ class SucuriScanSiteCheck extends SucuriScanAPI
424
  {
425
  $data = self::scanAndCollectData();
426
 
427
- return sprintf('Links: %d', @count($data['LINKS']['URL']));
428
  }
429
 
430
  /**
@@ -445,7 +445,7 @@ class SucuriScanSiteCheck extends SucuriScanAPI
445
  $total += count($data['LINKS']['JSEXTERNAL']);
446
  }
447
 
448
- return sprintf('Scripts: %d', $total);
449
  }
450
 
451
  /**
175
  $params['SiteCheck.Metadata'] = '';
176
  $params['SiteCheck.Lifetime'] = self::cacheLifetime();
177
 
178
+ $data['details'][] = sprintf(__('PHP Version: %s', 'sucuri-scanner'), phpversion());
179
+ $data['details'][] = sprintf(__('Version: %s', 'sucuri-scanner'), SucuriScan::siteVersion());
180
 
181
  if (isset($data['SCAN']['SITE'])) {
182
  $params['SiteCheck.Website'] = $data['SCAN']['SITE'][0];
187
  }
188
 
189
  if (isset($data['SCAN']['HOSTING'])) {
190
+ $data['details'][] = sprintf(__('Hosting: %s', 'sucuri-scanner'), apply_filters( 'sucuriscan_sitecheck_details_hosting', $data['SCAN']['HOSTING'][0] ));
191
  }
192
 
193
  if (isset($data['SCAN']['CMS'])) {
194
+ $data['details'][] = sprintf(__('CMS: %s', 'sucuri-scanner'), $data['SCAN']['CMS'][0]);
195
  }
196
 
197
  if (isset($data['SYSTEM']['NOTICE'])) {
269
 
270
  $params['Malware.Content'] = '';
271
  $params['Malware.Color'] = 'green';
272
+ $params['Malware.Title'] = __('Site is Clean', 'sucuri-scanner');
273
  $params['Malware.CleanVisibility'] = 'visible';
274
  $params['Malware.InfectedVisibility'] = 'hidden';
275
 
276
  if (isset($data['MALWARE']['WARN']) && !empty($data['MALWARE']['WARN'])) {
277
  $params['Malware.Color'] = 'red';
278
+ $params['Malware.Title'] = __('Site is not Clean', 'sucuri-scanner');
279
  $params['Malware.CleanVisibility'] = 'hidden';
280
  $params['Malware.InfectedVisibility'] = 'visible';
281
 
314
  return ''; /* there is not enough information to render */
315
  }
316
 
317
+ $params['Blacklist.Title'] = __('Not Blacklisted', 'sucuri-scanner');
318
  $params['Blacklist.Color'] = 'green';
319
  $params['Blacklist.Content'] = '';
320
 
339
  }
340
 
341
  if (isset($data['BLACKLIST']['WARN'])) {
342
+ $params['Blacklist.Title'] = __('Blacklisted', 'sucuri-scanner');
343
  $params['Blacklist.Color'] = 'red';
344
  }
345
 
412
  {
413
  $data = self::scanAndCollectData();
414
 
415
+ return sprintf(__('iFrames: %d', 'sucuri-scanner'), @count($data['LINKS']['IFRAME']));
416
  }
417
 
418
  /**
424
  {
425
  $data = self::scanAndCollectData();
426
 
427
+ return sprintf(__('Links: %d', 'sucuri-scanner'), @count($data['LINKS']['URL']));
428
  }
429
 
430
  /**
445
  $total += count($data['LINKS']['JSEXTERNAL']);
446
  }
447
 
448
+ return sprintf(__('Scripts: %d', 'sucuri-scanner'), $total);
449
  }
450
 
451
  /**
src/strings.php ADDED
@@ -0,0 +1,523 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php
2
+
3
+ /**
4
+ * Code related to translation strings.
5
+ *
6
+ * PHP version 5
7
+ *
8
+ * @category Library
9
+ * @package Sucuri
10
+ * @subpackage SucuriScanner
11
+ * @author Daniel Cid <dcid@sucuri.net>
12
+ * @copyright 2010-2018 Sucuri Inc.
13
+ * @license https://www.gnu.org/licenses/gpl-2.0.txt GPL2
14
+ * @link https://wordpress.org/plugins/sucuri-scanner
15
+ */
16
+
17
+ if (!defined('SUCURISCAN_INIT') || SUCURISCAN_INIT !== true) {
18
+ if (!headers_sent()) {
19
+ /* Report invalid access if possible. */
20
+ header('HTTP/1.1 403 Forbidden');
21
+ }
22
+ exit(1);
23
+ }
24
+
25
+ // auditlogs.html.tpl
26
+ __('Loading...', 'sucuri-scanner');
27
+ __('Total logs in the queue:', 'sucuri-scanner');
28
+ __('Maximum execution time:', 'sucuri-scanner');
29
+ __('Successfully sent to the API:', 'sucuri-scanner');
30
+ __('Total request timeouts (failures):', 'sucuri-scanner');
31
+ __('Total execution time:', 'sucuri-scanner');
32
+ __('Send Logs', 'sucuri-scanner');
33
+
34
+ // base.html.tpl
35
+ __('Sucuri Security', 'sucuri-scanner');
36
+ __('WP Plugin', 'sucuri-scanner');
37
+ __('Review', 'sucuri-scanner');
38
+ __('Generate API Key', 'sucuri-scanner');
39
+ __('Dashboard', 'sucuri-scanner');
40
+ __('Firewall (WAF)', 'sucuri-scanner');
41
+ __('Settings', 'sucuri-scanner');
42
+ __('Copyright', 'sucuri-scanner');
43
+ __('Sucuri Inc. All Rights Reserved.', 'sucuri-scanner');
44
+
45
+ // dashboard.html.tpl
46
+ __('no data available', 'sucuri-scanner');
47
+ __('Audit Logs', 'sucuri-scanner');
48
+
49
+ // firewall-auditlogs.html.tpl
50
+ __('Firewall Audit Logs', 'sucuri-scanner');
51
+ __('The firewall logs every request involved in an attack and separates them from the legitimate requests. You can analyze the data from the latest entries in the logs using this tool and take action either enabling the advanced features of the IDS <em>(Intrusion Detection System)</em> from the <a href="https://waf.sucuri.net/?settings" target="_blank" rel="noopener">Firewall Dashboard</a> and/or blocking IP addresses and URL paths directly from the <a href="https://waf.sucuri.net/?audit" target="_blank" rel="noopener">Firewall Audit Trails</a> page.', 'sucuri-scanner');
52
+ __('Non-blocked requests are hidden from the logs, this is intentional.', 'sucuri-scanner');
53
+ __('Loading...', 'sucuri-scanner');
54
+ __('Submit', 'sucuri-scanner');
55
+
56
+ // firewall-auditlogs.snippet.tpl
57
+ __('Date/Time:', 'sucuri-scanner');
58
+ __('Signature:', 'sucuri-scanner');
59
+ __('Request:', 'sucuri-scanner');
60
+ __('U-Agent:', 'sucuri-scanner');
61
+ __('Target:', 'sucuri-scanner');
62
+ __('Referer:', 'sucuri-scanner');
63
+
64
+ // firewall-clearcache.html.tpl
65
+ __('Loading...', 'sucuri-scanner');
66
+ __('Clear cache when a post or page is updated (Loading...)', 'sucuri-scanner');
67
+ __('Clear cache when a post or page is updated', 'sucuri-scanner');
68
+ __('Clear Cache', 'sucuri-scanner');
69
+ __('The firewall offers multiple options to configure the cache level applied to your website. You can either enable the full cache which is the recommended setting, or you can set the cache level to minimal which will keep the pages static for a couple of minutes, or force the usage of the website headers <em>(only for advanced users)</em>, or in extreme cases where you do not need the cache you can simply disable it. Find more information about it in the <a href="https://kb.sucuri.net/firewall/Performance/caching-options" target="_blank" rel="noopener">Sucuri Knowledge Base</a> website.', 'sucuri-scanner');
70
+ __('Note that the firewall has <a href="https://kb.sucuri.net/firewall/Performance/cache-exceptions" target="_blank" rel="noopener">special caching rules</a> for Images, CSS, PDF, TXT, JavaScript, media files and a few more extensions that are stored on our <a href="https://en.wikipedia.org/wiki/Edge_device" target="_blank" rel="noopener">edge</a>. The only way to flush the cache for these files is by clearing the firewall’s cache completely <em>(for the whole website)</em>. Due to our caching of JavaScript and CSS files, often, as is best practice, the use of versioning during development will ensure updates going live as expected. This is done by adding a query string such as <code>?ver=1.2.3</code> and incrementing on each update.', 'sucuri-scanner');
71
+ __('A web cache (or HTTP cache) is an information technology for the temporary storage (caching) of web documents, such as HTML pages and images, to reduce bandwidth usage, server load, and perceived lag. A web cache system stores copies of documents passing through it; subsequent requests may be satisfied from the cache if certain conditions are met. A web cache system can refer either to an appliance, or to a computer program. &mdash; <a href="https://en.wikipedia.org/wiki/Web_cache" target="_blank" rel="noopener">WikiPedia - Web Cache</a>', 'sucuri-scanner');
72
+
73
+ // firewall-ipaccess.html.tpl
74
+ __('Delete', 'sucuri-scanner');
75
+ __('Submit', 'sucuri-scanner');
76
+ __('Loading...', 'sucuri-scanner');
77
+ __('IP Address Access', 'sucuri-scanner');
78
+ __('This tool allows you to whitelist and blacklist one or more IP addresses from accessing your website. You can also configure the plugin to automatically blacklist any IP address involved in a password guessing brute-force attack. If a legitimate user fails to submit the correct credentials of their account they will have to log into the Firewall dashboard in order to delete their IP address from the blacklist, or try to login once again through a VPN.', 'sucuri-scanner');
79
+ __('Blacklist IP:', 'sucuri-scanner');
80
+ __('e.g. 192.168.1.54', 'sucuri-scanner');
81
+ __('IP Address', 'sucuri-scanner');
82
+
83
+ // firewall-settings.html.tpl
84
+ __('Firewall Settings', 'sucuri-scanner');
85
+ __('A powerful Web Application Firewall and <b>Intrusion Detection System</b> for any WordPress user and many other platforms. This page will help you to configure and monitor your site through the <b>Sucuri Firewall</b>. Once enabled, our firewall will act as a shield, protecting your site from attacks and preventing malware infections and reinfections. It will block SQL injection attempts, brute force attacks, XSS, RFI, backdoors and many other threats against your site.', 'sucuri-scanner');
86
+ __('Add your <a href="https://waf.sucuri.net/?settings&panel=api" target="_blank" rel="noopener">Firewall API key</a> in the form below to start communicating with the firewall API service.', 'sucuri-scanner');
87
+ __('Firewall API Key:', 'sucuri-scanner');
88
+ __('Delete', 'sucuri-scanner');
89
+ __('Save', 'sucuri-scanner');
90
+ __('Name', 'sucuri-scanner');
91
+ __('Value', 'sucuri-scanner');
92
+ __('<em>[1]</em> More information about the <a href="https://sucuri.net/website-firewall/" target="_blank" rel="noopener">Sucuri Firewall</a>, features and pricing.<br><em>[2]</em> Instructions and videos in the official <a href="https://kb.sucuri.net/firewall" target="_blank" rel="noopener">Knowledge Base</a> site.<br><em>[3]</em> <a href="https://login.sucuri.net/signup2/create?CloudProxy" target="_blank" rel="noopener">Sign up</a> for a new account and start protecting your site.', 'sucuri-scanner');
93
+
94
+ // firewall.html.tpl
95
+ __('Settings', 'sucuri-scanner');
96
+ __('Audit Logs', 'sucuri-scanner');
97
+ __('IP Access', 'sucuri-scanner');
98
+ __('Clear Cache', 'sucuri-scanner');
99
+
100
+ // integrity-correct.html.tpl
101
+ __('WordPress Integrity', 'sucuri-scanner');
102
+ __('We inspect your WordPress installation and look for modifications on the core files as provided by WordPress.org. Files located in the root directory, wp-admin and wp-includes will be compared against the files distributed with v%%SUCURI.WordPressVersion%%; all files with inconsistencies will be listed here. Any changes might indicate a hack.', 'sucuri-scanner');
103
+ __('All Core WordPress Files Are Correct', 'sucuri-scanner');
104
+ __('We have not identified additional files, deleted files, or relevant changes to the core files in your WordPress installation. If you are experiencing other malware issues, please use a <a href="https://sucuri.net/website-security/malware-removal" target="_blank" rel="noopener">Server Side Scanner</a>.', 'sucuri-scanner');
105
+ __('Review False Positives', 'sucuri-scanner');
106
+
107
+ // integrity-diff-utility.html.tpl
108
+ __('Loading...', 'sucuri-scanner');
109
+ __('Lines with a <b>minus</b> sign as the prefix <em>(here in red)</em> show the original code. Lines with a <b>plus</b> sign as the prefix <em>(here in green)</em> show the modified code. You can read more about the DIFF format from the WikiPedia article about the <a target="_blank" href="https://en.wikipedia.org/wiki/Diff_utility" rel="noopener">Unix Diff Utility</a>.', 'sucuri-scanner');
110
+
111
+ // integrity-incorrect.html.tpl
112
+ __('WordPress Integrity', 'sucuri-scanner');
113
+ __('We inspect your WordPress installation and look for modifications on the core files as provided by WordPress.org. Files located in the root directory, wp-admin and wp-includes will be compared against the files distributed with v%%SUCURI.WordPressVersion%%; all files with inconsistencies will be listed here. Any changes might indicate a hack.', 'sucuri-scanner');
114
+ __('Core WordPress Files Were Modified', 'sucuri-scanner');
115
+ __('We identified that some of your WordPress core files were modified. That might indicate a hack or a broken file on your installation. If you are experiencing other malware issues, please use a <a href="https://sucuri.net/website-security/malware-removal" target="_blank" rel="noopener">Server Side Scanner</a>.', 'sucuri-scanner');
116
+ __('Review False Positives', 'sucuri-scanner');
117
+ __('WordPress Integrity (%%SUCURI.Integrity.ListCount%%)', 'sucuri-scanner');
118
+ __('The Unix Diff Utility is enabled. You can click the files in the table to see the differences detected by the scanner. If you consider the differences to be harmless you can mark the file as fixed, otherwise it is advised to restore the original content immediately.', 'sucuri-scanner');
119
+ __('Select All', 'sucuri-scanner');
120
+ __('File Size', 'sucuri-scanner');
121
+ __('Modified At', 'sucuri-scanner');
122
+ __('File Path', 'sucuri-scanner');
123
+ __('I understand that this operation cannot be reverted.', 'sucuri-scanner');
124
+ __('Action:', 'sucuri-scanner');
125
+ __('Mark as Fixed', 'sucuri-scanner');
126
+ __('Restore File', 'sucuri-scanner');
127
+ __('Delete File', 'sucuri-scanner');
128
+ __('Submit', 'sucuri-scanner');
129
+ __('Marking one or more files as fixed will force the plugin to ignore them during the next scan, very useful when you find false positives. Additionally you can restore the original content of the core files that appear as modified or deleted, this will tell the plugin to download a copy of the original files from the official WordPress repository. Deleting a file is an irreversible action, be careful.', 'sucuri-scanner');
130
+
131
+ // integrity-notification.html.tpl
132
+ __('We identified that some of your WordPress core files were modified. That might indicate a hack or a broken file on your installation. If you are experiencing other malware issues, please use a <a href="https://sucuri.net/website-security/malware-removal" target="_blank" rel="noopener">Server Side Scanner</a>.', 'sucuri-scanner');
133
+ __('WordPress Integrity (%%SUCURI.Integrity.ListCount%%)', 'sucuri-scanner');
134
+ __('Status', 'sucuri-scanner');
135
+ __('File Size', 'sucuri-scanner');
136
+ __('Modified At', 'sucuri-scanner');
137
+ __('File Path', 'sucuri-scanner');
138
+ __('Marking one or more files as fixed will force the plugin to ignore them during the next scan, very useful when you find false positives. Additionally you can restore the original content of the core files that appear as modified or deleted, this will tell the plugin to download a copy of the original files from the official WordPress repository. Deleting a file is an irreversible action, be careful.', 'sucuri-scanner');
139
+
140
+ // integrity.html.tpl
141
+ __('WordPress Integrity', 'sucuri-scanner');
142
+ __('We inspect your WordPress installation and look for modifications on the core files as provided by WordPress.org. Files located in the root directory, wp-admin and wp-includes will be compared against the files distributed with v%%SUCURI.WordPressVersion%%; all files with inconsistencies will be listed here. Any changes might indicate a hack.', 'sucuri-scanner');
143
+ __('Loading...', 'sucuri-scanner');
144
+
145
+ // lastlogins.html.tpl
146
+ __('All Users', 'sucuri-scanner');
147
+ __('Admins', 'sucuri-scanner');
148
+ __('Logged-in Users', 'sucuri-scanner');
149
+ __('Failed logins', 'sucuri-scanner');
150
+
151
+ // lastlogins-admins.html.tpl
152
+ __('Successful Logins (admins)', 'sucuri-scanner');
153
+ __('Here you can see a list of all the successful logins of accounts with admin privileges.', 'sucuri-scanner');
154
+ __('Username', 'sucuri-scanner');
155
+ __('Registration', 'sucuri-scanner');
156
+ __('Newest To Oldest', 'sucuri-scanner');
157
+
158
+ // lastlogins-admins.snippet.tpl
159
+ __('no data available', 'sucuri-scanner');
160
+ __('IP Address', 'sucuri-scanner');
161
+ __('Date/Time', 'sucuri-scanner');
162
+ __('Edit', 'sucuri-scanner');
163
+
164
+ // lastlogins-all.html.tpl
165
+ __('Successful Logins (all)', 'sucuri-scanner');
166
+ __('Here you can see a list of all the successful user logins.', 'sucuri-scanner');
167
+ __('Username', 'sucuri-scanner');
168
+ __('IP Address', 'sucuri-scanner');
169
+ __('Hostname', 'sucuri-scanner');
170
+ __('Date/Time', 'sucuri-scanner');
171
+ __('no data available', 'sucuri-scanner');
172
+
173
+ // lastlogins-all.snippet.tpl
174
+ __('Edit', 'sucuri-scanner');
175
+
176
+ // lastlogins-failedlogins.html.tpl
177
+ __('Failed logins', 'sucuri-scanner');
178
+ __('This information will be used to determine if your site is being victim of <a href="https://kb.sucuri.net/definitions/attacks/brute-force/password-guessing" target="_blank" rel="noopener">Password Guessing Brute Force Attacks</a>. These logs will be accumulated and the plugin will send a report via email if there are more than <code>%%SUCURI.FailedLogins.MaxFailedLogins%%</code> failed login attempts during the same hour, you can change this number from <a href="%%SUCURI.URL.Settings%%#alerts">here</a>. <b>NOTE:</b> Some <em>"Two-Factor Authentication"</em> plugins do not follow the same rules that WordPress have to report failed login attempts, so you may not see all the attempts in this panel if you have one of these plugins installed.', 'sucuri-scanner');
179
+ __('Username', 'sucuri-scanner');
180
+ __('IP Address', 'sucuri-scanner');
181
+ __('Date/Time', 'sucuri-scanner');
182
+ __('Web Browser', 'sucuri-scanner');
183
+ __('no data available', 'sucuri-scanner');
184
+ __('Block', 'sucuri-scanner');
185
+
186
+ // lastlogins-loggedin.html.tpl
187
+ __('Logged-in Users}', 'sucuri-scanner');
188
+ __('Here you can see a list of the users that are currently logged-in.', 'sucuri-scanner');
189
+ __('ID', 'sucuri-scanner');
190
+ __('Username', 'sucuri-scanner');
191
+ __('Last Activity', 'sucuri-scanner');
192
+ __('Registered', 'sucuri-scanner');
193
+ __('IP Address', 'sucuri-scanner');
194
+
195
+ // lastlogins-loggedin.snippet.tpl
196
+ __('Edit', 'sucuri-scanner');
197
+ __('Website:', 'sucuri-scanner');
198
+ __('IP Address:', 'sucuri-scanner');
199
+ __('Reverse IP:', 'sucuri-scanner');
200
+ __('Date/Time:', 'sucuri-scanner');
201
+ __('Message:', 'sucuri-scanner');
202
+
203
+ // register-site.html.tpl
204
+ __('An API key is required to activate some additional tools available in this plugin. The keys are free and you can virtually generate an unlimited number of them as long as the domain name and email address are unique. The key is used to authenticate the HTTP requests sent by the plugin to an API service managed by Sucuri Inc.', 'sucuri-scanner');
205
+ __('If you experience issues generating the API key you can request one by sending the domain name and email address that you want to use to <a href="mailto:info@sucuri.net">info@sucuri.net</a>. Note that generating a key for a website that is not facing the Internet is not possible because the API service needs to validate that the domain name exists.', 'sucuri-scanner');
206
+ __('Website:', 'sucuri-scanner');
207
+ __('E-mail:', 'sucuri-scanner');
208
+ __('DNS Lookups', 'sucuri-scanner');
209
+ __('Check the box if your website is behind a known firewall service, this guarantees that the IP address of your visitors will be detected correctly for the security logs. You can change this later from the settings.', 'sucuri-scanner');
210
+ __('Enable DNS Lookups On Startup', 'sucuri-scanner');
211
+ __('I agree to the <a target="_blank" href="https://sucuri.net/terms">Terms of Service</a>.', 'sucuri-scanner');
212
+ __('I have read and understand the <a target="_blank" href="https://sucuri.net/privacy">Privacy Policy</a>.', 'sucuri-scanner');
213
+ __('Submit', 'sucuri-scanner');
214
+
215
+ // settings-alerts-bruteforce.html.tpl
216
+ __('Password Guessing Brute Force Attacks', 'sucuri-scanner');
217
+ __('<a href="https://kb.sucuri.net/definitions/attacks/brute-force/password-guessing" target="_blank" rel="noopener">Password guessing brute force attacks</a> are very common against web sites and web servers. They are one of the most common vectors used to compromise web sites. The process is very simple and the attackers basically try multiple combinations of usernames and passwords until they find one that works. Once they get in, they can compromise the web site with malware, spam , phishing or anything else they want.', 'sucuri-scanner');
218
+ __('Consider Brute-Force Attack After:', 'sucuri-scanner');
219
+ __('Submit', 'sucuri-scanner');
220
+
221
+ // settings-alerts-events.html.tpl
222
+ __('Security Alerts', 'sucuri-scanner');
223
+ __('You have installed a plugin or theme that is not fully compatible with our plugin, some of the security alerts (like the successful and failed logins) will not be sent to you. To prevent an infinite loop while detecting these changes in the website and sending the email alerts via a custom SMTP plugin, we have decided to stop any attempt to send the emails to prevent fatal errors.', 'sucuri-scanner');
224
+ __('Select All', 'sucuri-scanner');
225
+ __('Event', 'sucuri-scanner');
226
+ __('Submit', 'sucuri-scanner');
227
+
228
+ // settings-alerts-ignore-posts.html.tpl
229
+ __('Post-Type Alerts', 'sucuri-scanner');
230
+ __('It seems that you disabled the email alerts for <b>new site content</b>, this panel is intended to provide a way to ignore specific events in your site and with that the alerts reported to your email. Since you have deactivated the <b>new site content</b> alerts, this panel will be disabled too.', 'sucuri-scanner');
231
+ __('This is a list of registered <a href="https://codex.wordpress.org/Post_Types" target="_blank" rel="noopener">Post Types</a>. You will receive an email alert when a custom page or post associated to any of these types is created or updated. If you don’t want to receive one or more of these alerts, feel free to uncheck the boxes in the table below. If you are receiving alerts for post types that are not listed in this table, it may be because there is an add-on that that is generating a custom post-type on runtime, you will have to find out by yourself what is the unique ID of that post-type and type it in the form below. The plugin will do its best to ignore these alerts as long as the unique ID is valid.', 'sucuri-scanner');
232
+ __('Stop Alerts For This Post-Type:', 'sucuri-scanner');
233
+ __('e.g. unique_post_type_id', 'sucuri-scanner');
234
+ __('Submit', 'sucuri-scanner');
235
+ __('Show Post-Types Table', 'sucuri-scanner');
236
+ __('Hide Post-Types Table', 'sucuri-scanner');
237
+ __('Select All', 'sucuri-scanner');
238
+ __('Post Type', 'sucuri-scanner');
239
+ __('Post Type ID', 'sucuri-scanner');
240
+ __('Ignored At (optional)', 'sucuri-scanner');
241
+
242
+ // settings-alerts-perhour.html.tpl
243
+ __('Alerts Per Hour', 'sucuri-scanner');
244
+ __('Configure the maximum number of email alerts per hour. If the number is exceeded and the plugin detects more events during the same hour, it will still log the events into the audit logs but will not send the email alerts. Be careful with this as you will miss important information.', 'sucuri-scanner');
245
+ __('Maximum Alerts Per Hour:', 'sucuri-scanner');
246
+ __('Submit', 'sucuri-scanner');
247
+
248
+ // settings-alerts-recipients.html.tpl
249
+ __('Alerts Recipient', 'sucuri-scanner');
250
+ __('By default, the plugin will send the email alerts to the primary admin account, the same account created during the installation of WordPress in your web server. You can add more people to the list, they will receive a copy of the same security alerts.', 'sucuri-scanner');
251
+ __('E-mail:', 'sucuri-scanner');
252
+ __('e.g. user@example.com', 'sucuri-scanner');
253
+ __('Submit', 'sucuri-scanner');
254
+ __('Select All', 'sucuri-scanner');
255
+ __('E-mail', 'sucuri-scanner');
256
+ __('Delete', 'sucuri-scanner');
257
+ __('Test Alerts', 'sucuri-scanner');
258
+
259
+ // settings-alerts-subject.html.tpl
260
+ __('Alert Subject', 'sucuri-scanner');
261
+ __('Format of the subject for the email alerts, by default the plugin will use the website name and the event identifier that is being reported, you can use this panel to include the IP address of the user that triggered the event and some additional data. You can create filters in your email client creating a custom email subject using the pseudo-tags shown below.', 'sucuri-scanner');
262
+ __('Custom Format', 'sucuri-scanner');
263
+ __('Submit', 'sucuri-scanner');
264
+
265
+ // settings-alerts-trustedips.html.tpl
266
+ __('Trusted IP Addresses', 'sucuri-scanner');
267
+ __('If you are working in a LAN <em>(Local Area Network)</em> you may want to include the IP addresses of all the nodes in the subnet, this will force the plugin to stop sending email alerts about actions executed from trusted IP addresses. Use the CIDR <em>(Classless Inter Domain Routing)</em> format to specify ranges of IP addresses <em>(only 8, 16, and 24)</em>.', 'sucuri-scanner');
268
+ __('IP Address:', 'sucuri-scanner');
269
+ __('e.g. 182.120.56.0/24', 'sucuri-scanner');
270
+ __('Submit', 'sucuri-scanner');
271
+ __('Select All', 'sucuri-scanner');
272
+ __('IP Address', 'sucuri-scanner');
273
+ __('CIDR Format', 'sucuri-scanner');
274
+ __('IP Added At', 'sucuri-scanner');
275
+ __('no data available', 'sucuri-scanner');
276
+ __('Delete', 'sucuri-scanner');
277
+
278
+ // settings-apirecovery.html.tpl
279
+ __('If this operation was successful you will receive a message in the email used during the registration of the API key <em>(usually the email of the main admin user)</em>. This message contains the key in plain text, copy and paste the key in the form field below. The plugin will verify the authenticity of the key sending an initial HTTP request to the API service, if this fails the key will be removed automatically and you will have to start the process all over again.', 'sucuri-scanner');
280
+ __('There are cases where this operation may fail, an example would be when the email address is not associated with the domain anymore, this happens when the base URL changes <em>(from www to none or viceversa)</em>. If you are having issues recovering the key please send an email explaining the situation to <a href="mailto:info@sucuri.net">info@sucuri.net</a>', 'sucuri-scanner');
281
+ __('API Key:', 'sucuri-scanner');
282
+ __('Submit', 'sucuri-scanner');
283
+
284
+ // settings-apiregistered.html.tpl
285
+ __('Congratulations! The rest of the features available in the plugin have been enabled. This product is designed to supplement existing security products. It’s not a silver bullet for your security needs, but it’ll give you greater security awareness and better posture, all with the intent of reducing risk.', 'sucuri-scanner');
286
+ __('Your website has been granted a new API key and it was associated to the email address that you chose during the registration process. You can use the same email to recover the key if you happen to lose it sometime. We encourage you to check the rest of the settings page and configure the plugin to your own needs.', 'sucuri-scanner');
287
+ __('Dashboard', 'sucuri-scanner');
288
+ __('Settings', 'sucuri-scanner');
289
+
290
+ // settings-apiservice-checksums.html.tpl
291
+ __('WordPress Checksums API', 'sucuri-scanner');
292
+ __('The WordPress integrity tool uses a remote API service maintained by the WordPress organization to determine which files in the installation were added, removed or modified. The API returns a list of files with their respective checksums, this information guarantees that the installation is not corrupt. You can, however, point the integrity tool to a GitHub repository in case that you are using a custom version of WordPress like the <a href="https://github.com/WordPress/WordPress" target="_blank" rel="noopener">development version of the code</a>.', 'sucuri-scanner');
293
+ __('WordPress Checksums API', 'sucuri-scanner');
294
+ __('e.g. URL — or — user/repo', 'sucuri-scanner');
295
+ __('Submit', 'sucuri-scanner');
296
+
297
+ // settings-apiservice-proxy.html.tpl
298
+ __('API Communication via Proxy', 'sucuri-scanner');
299
+ __('All the HTTP requests used to communicate with the API service are being sent using the WordPress built-in functions, so (almost) all its official features are inherited, this is useful if you need to pass these HTTP requests through a proxy. According to the <a href="https://developer.wordpress.org/reference/classes/wp_http_proxy/" target="_blank" rel="noopener">official documentation</a> you have to add some constants to the main configuration file: <em>WP_PROXY_HOST, WP_PROXY_PORT, WP_PROXY_USERNAME, WP_PROXY_PASSWORD</em>.', 'sucuri-scanner');
300
+ __('HTTP Proxy Hostname', 'sucuri-scanner');
301
+ __('HTTP Proxy Port num', 'sucuri-scanner');
302
+ __('HTTP Proxy Username', 'sucuri-scanner');
303
+ __('HTTP Proxy Password', 'sucuri-scanner');
304
+
305
+ // settings-apiservice-status.html.tpl
306
+ __('API Service Communication', 'sucuri-scanner');
307
+ __('Once the API key is generate the plugin will communicate with a remote API service that will act as a safe data storage for the audit logs generated when the website triggers certain events that the plugin monitors. If the website is hacked the attacker will not have access to these logs and that way you can investigate what was modified <em>(for malware infaction)</em> and/or how the malicious person was able to gain access to the website.', 'sucuri-scanner');
308
+ __('Disabling the API service communication will stop the event monitoring, consider to enable the <a href="%%SUCURI.URL.Settings%%#general">Log Exporter</a> to keep the monitoring working while the HTTP requests are ignored, otherwise an attacker may execute an action that will not be registered in the security logs and you will not have a way to investigate the attack in the future.', 'sucuri-scanner');
309
+ __('<strong>Are you a developer?</strong> You may be interested in our API. Feel free to use the URL shown below to access the latest 50 entries in your security log, change the value for the parameter <code>l=N</code> if you need more. Be aware that the API doesn’t provides an offset parameter, so if you have the intension to query specific sections of the log you will need to wrap the HTTP request around your own cache mechanism. We <strong>DO NOT</strong> take feature requests for the API, this is a semi-private service tailored for the specific needs of the plugin and not intended to be used by 3rd-party apps, we may change the behavior of each API endpoint without previous notice, use it at your own risk.', 'sucuri-scanner');
310
+
311
+ // settings-general-apikey.html.tpl
312
+ __('API Key', 'sucuri-scanner');
313
+ __('An API key is required to prevent attackers from deleting audit logs that can help you investigate and recover after a hack, and allows the plugin to display statistics. By generating an API key, you agree that Sucuri will collect and store anonymous data about your website. We take your privacy seriously.', 'sucuri-scanner');
314
+ __('Your domain <code>%%SUCURI.CleanDomain%%</code> does not seems to have a DNS <code>A</code> record so it will be considered as <em>invalid</em> by the API interface when you request the generation of a new key. Adding <code>www</code> at the beginning of the domain name may fix this issue. If you do not understand what is this then send an email to our support team requesting the key.', 'sucuri-scanner');
315
+ __('Recover Via E-mail', 'sucuri-scanner');
316
+ __('Manual Activation', 'sucuri-scanner');
317
+ __('If you do not have access to the administrator email, you can reinstall the plugin. The API key is generated using an administrator email and the domain of the website. Click the "Manual Activation" button if you already have a valid API key to authenticate this website with the remote API web service.', 'sucuri-scanner');
318
+ __('Delete', 'sucuri-scanner');
319
+ __('API Key:', 'sucuri-scanner');
320
+
321
+ // settings-general-datastorage.html.tpl
322
+ __('Data Storage', 'sucuri-scanner');
323
+ __('This is the directory where the plugin will store the security logs, the list of files marked as fixed in the core integrity tool, the cache for the malware scanner and 3rd-party plugin metadata. The plugin requires write permissions in this directory as well as the files contained in it. If you prefer to keep these files in a non-public directory <em>(one level up the document root)</em> please define a constant in the <em>"wp-config.php"</em> file named <em>"SUCURI_DATA_STORAGE"</em> with the absolute path to the new directory.', 'sucuri-scanner');
324
+ __('Select All', 'sucuri-scanner');
325
+ __('File Path', 'sucuri-scanner');
326
+ __('File Size', 'sucuri-scanner');
327
+ __('Status', 'sucuri-scanner');
328
+ __('Writable', 'sucuri-scanner');
329
+ __('Delete', 'sucuri-scanner');
330
+
331
+ // settings-general-importexport.html.tpl
332
+ __('Import &amp; Export Settings', 'sucuri-scanner');
333
+ __('Copy the JSON-encoded data from the box below, go to your other websites and click the <em>"Import"</em> button in the settings page. The plugin will start using the same settings from this website. Notice that some options are omitted as they contain values specific to this website. To import the settings from another website into this one, replace the JSON-encoded data in the box below with the JSON-encoded data exported from the other website, then click the button <em>"Import"</em>. Notice that some options will not be imported to reduce the security risk of writing arbitrary data into the disk.', 'sucuri-scanner');
334
+ __('I understand that this operation cannot be reverted.', 'sucuri-scanner');
335
+ __('Submit', 'sucuri-scanner');
336
+
337
+ // settings-general-ipdiscoverer.html.tpl
338
+ __('IP Address Discoverer', 'sucuri-scanner');
339
+ __('IP address discoverer will use DNS lookups to automatically detect if the website is behind the <a href="https://sucuri.net/website-firewall/" target="_blank" rel="noopener">Sucuri Firewall</a>, in which case it will modify the global server variable <em>Remote-Addr</em> to set the real IP of the website’s visitors. This check runs on every WordPress init action and that is why it may slow down your website as some hosting providers rely on slow DNS servers which makes the operation take more time than it should.', 'sucuri-scanner');
340
+ __('HTTP Header:', 'sucuri-scanner');
341
+ __('Proceed', 'sucuri-scanner');
342
+ __('Sucuri Firewall', 'sucuri-scanner');
343
+ __('Website:', 'sucuri-scanner');
344
+ __('Top Level Domain:', 'sucuri-scanner');
345
+ __('Hostname:', 'sucuri-scanner');
346
+ __('IP Address (Hostname):', 'sucuri-scanner');
347
+ __('IP Address (Username):', 'sucuri-scanner');
348
+
349
+ // settings-general-resetoptions.html.tpl
350
+ __('Reset Security Logs, Hardening and Settings', 'sucuri-scanner');
351
+ __('This action will trigger the deactivation / uninstallation process of the plugin. All local security logs, hardening and settings will be deleted. Notice that the security logs stored in the API service will not be deleted, this is to prevent tampering from a malicious user. You can request a new API key if you want to start from scratch.', 'sucuri-scanner');
352
+ __('I understand that this operation cannot be reverted.', 'sucuri-scanner');
353
+ __('Submit', 'sucuri-scanner');
354
+
355
+ // settings-general-reverseproxy.html.tpl
356
+ __('Reverse Proxy', 'sucuri-scanner');
357
+ __('The event monitor uses the API address of the origin of the request to track the actions. The plugin uses two methods to retrieve this: the main method uses the global server variable <em>Remote-Addr</em> available in most modern web servers, and an alternative method uses custom HTTP headers <em>(which are unsafe by default)</em>. You should not worry about this option unless you know what a reverse proxy is. Services like the <a href="https://sucuri.net/website-firewall/" target="_blank" rel="noopener">Sucuri Firewall</a> &mdash; once active &mdash; force the network traffic to pass through them to filter any security threat that may affect the original server. A side effect of this is that the real IP address is no longer available in the global server variable <em>Remote-Addr</em> but in a custom HTTP header with a name provided by the service.', 'sucuri-scanner');
358
+
359
+ // settings-general-selfhosting.html.tpl
360
+ __('Log Exporter', 'sucuri-scanner');
361
+ __('This option allows you to export the WordPress audit logs to a local log file that can be read by a SIEM or any log analysis software <em>(we recommend OSSEC)</em>. That will give visibility from within WordPress to complement your log monitoring infrastructure. <b>NOTE:</b> Do not use a publicly accessible file, you must use a file at least one level up the document root to prevent leaks of information.', 'sucuri-scanner');
362
+ __('File Path:', 'sucuri-scanner');
363
+ __('Submit', 'sucuri-scanner');
364
+
365
+ // settings-general-timezone.html.tpl
366
+ __('Timezone', 'sucuri-scanner');
367
+ __('This option defines the timezone that will be used through out the entire plugin to print the dates and times whenever is necessary. This option also affects the date and time of the logs visible in the audit logs panel which is data that comes from a remote server configured to use Eastern Daylight Time (EDT). WordPress offers an option in the general settings page to allow you to configure the timezone for the entire website, however, if you are experiencing problems with the time in the audit logs, this option will help you fix them.', 'sucuri-scanner');
368
+ __('Timezone:', 'sucuri-scanner');
369
+ __('Submit', 'sucuri-scanner');
370
+
371
+ // settings-hardening-whitelist-phpfiles.html.tpl
372
+ __('Whitelist Blocked PHP Files', 'sucuri-scanner');
373
+ __('After you apply the hardening in either the includes, content, and/or uploads directories, the plugin will add a rule in the access control file to deny access to any PHP file located in these folders. This is a good precaution in case an attacker is able to upload a shell script. With a few exceptions the <em>"index.php"</em> file is the only one that should be publicly accessible, however many theme/plugin developers decide to use these folders to process some operations. In this case applying the hardening <strong>may break</strong> their functionality.', 'sucuri-scanner');
374
+ __('File Path:', 'sucuri-scanner');
375
+ __('Submit', 'sucuri-scanner');
376
+ __('Select All', 'sucuri-scanner');
377
+ __('File Path', 'sucuri-scanner');
378
+ __('Directory', 'sucuri-scanner');
379
+ __('Pattern', 'sucuri-scanner');
380
+ __('no data available', 'sucuri-scanner');
381
+ __('Delete', 'sucuri-scanner');
382
+
383
+ // settings-posthack-available-updates-alert.html.tpl
384
+ __('WordPress has a big user base in the public Internet, which brings interest to attackers to find vulnerabilities in the code, 3rd-party extensions, and themes that other companies develop. You should keep every piece of code installed in your website updated to prevent attacks as soon as disclosed vulnerabilities are patched.', 'sucuri-scanner');
385
+ __('Name', 'sucuri-scanner');
386
+ __('Version', 'sucuri-scanner');
387
+ __('Update', 'sucuri-scanner');
388
+ __('Tested With', 'sucuri-scanner');
389
+
390
+ // settings-posthack-available-updates.html.tpl
391
+ __('Available Plugin and Theme Updates', 'sucuri-scanner');
392
+ __('WordPress has a big user base in the public Internet, which brings interest to attackers to find vulnerabilities in the code, 3rd-party extensions, and themes that other companies develop. You should keep every piece of code installed in your website updated to prevent attacks as soon as disclosed vulnerabilities are patched.', 'sucuri-scanner');
393
+ __('Name', 'sucuri-scanner');
394
+ __('Version', 'sucuri-scanner');
395
+ __('Update', 'sucuri-scanner');
396
+ __('Tested With', 'sucuri-scanner');
397
+ __('Loading...', 'sucuri-scanner');
398
+
399
+ // settings-posthack-available-updates.snippet.tpl
400
+ __('Download', 'sucuri-scanner');
401
+
402
+ // settings-posthack-reset-password-alert.html.tpl
403
+ __('WordPress has generated a new (random) password for your account <b>%%SUCURI.ResetPassword.UserName%%</b> at <a target="_blank" href="http://%%SUCURI.ResetPassword.Website%%" rel="noopener">%%SUCURI.ResetPassword.Website%%</a>. The change has been requested by one of the admins in this website for security reasons. Your new password is &mdash; <span style="font-family:Menlo, Monaco, monospace, serif;font-weight:700">%%%SUCURI.ResetPassword.Password%%%</span> &mdash; please change it as soon as possible.', 'sucuri-scanner');
404
+
405
+ // settings-posthack-reset-password.html.tpl
406
+ __('Reset User Password', 'sucuri-scanner');
407
+ __('Loading...', 'sucuri-scanner');
408
+ __('You can generate a new random password for the user accounts that you select from the list. An email with the new password will be sent to the email address of each chosen user. If you choose to change the password of your own user, then your current session will expire immediately. You will need to log back into the admin panel with the new password that will be sent to your email.', 'sucuri-scanner');
409
+ __('Select All', 'sucuri-scanner');
410
+ __('Username', 'sucuri-scanner');
411
+ __('E-mail', 'sucuri-scanner');
412
+ __('Registered', 'sucuri-scanner');
413
+ __('Roles', 'sucuri-scanner');
414
+ __('Submit', 'sucuri-scanner');
415
+
416
+ // settings-posthack-reset-plugins.html.tpl
417
+ __('Reset Installed Plugins', 'sucuri-scanner');
418
+ __('Loading...', 'sucuri-scanner');
419
+ __('In case you suspect having an infection in your site, or after you got rid of a malicious code, it’s recommended to reinstall all the plugins installed in your site, including the ones you are not using. Notice that premium plugins will not be automatically reinstalled to prevent backward compatibility issues and problems with licenses.', 'sucuri-scanner');
420
+ __('The information shown here is cached for %%SUCURI.ResetPlugin.CacheLifeTime%% seconds. This is necessary to reduce the quantity of HTTP requests sent to the WordPress servers and the bandwidth of your site. Currently there is no option to recreate this cache.', 'sucuri-scanner');
421
+ __('<b>WARNING!</b> This procedure can break your website. The reset will not affect the database nor the settings of each plugin, but depending on how they were written the reset action might break them. Be sure to create a backup of the plugins directory before the execution of this tool.', 'sucuri-scanner');
422
+ __('Select All', 'sucuri-scanner');
423
+ __('Name', 'sucuri-scanner');
424
+ __('Version', 'sucuri-scanner');
425
+ __('Type', 'sucuri-scanner');
426
+ __('Status', 'sucuri-scanner');
427
+ __('Submit', 'sucuri-scanner');
428
+
429
+ // settings-posthack-security-keys.html.tpl
430
+ __('Update Secret Keys', 'sucuri-scanner');
431
+ __('The secret or security keys are a list of constants added to your site to ensure better encryption of information stored in the user’s cookies. A secret key makes your site harder to hack by adding random elements to the password. You do not have to remember the keys, just write a random, complicated, and long string in the <code>wp-config.php</code> file. You can change these keys at any point in time. Changing them will invalidate all existing cookies, forcing all logged in users to login again.', 'sucuri-scanner');
432
+ __('Your current session will expire once the form is submitted.', 'sucuri-scanner');
433
+ __('Status', 'sucuri-scanner');
434
+ __('Name', 'sucuri-scanner');
435
+ __('Value', 'sucuri-scanner');
436
+ __('I understand that this operation cannot be reverted.', 'sucuri-scanner');
437
+ __('Generate New Security Keys', 'sucuri-scanner');
438
+
439
+ // settings-scanner-cronjobs.html.tpl
440
+ __('Scheduled Tasks', 'sucuri-scanner');
441
+ __('The plugin scans your entire website looking for changes which are later reported via the API in the audit logs page. By default the scanner runs daily but you can change the frequency to meet your requirements. Notice that scanning your project files too frequently may affect the performance of your website. Be sure to have enough server resources before changing this option. The memory limit and maximum execution time are two of the PHP options that your server will set to stop your website from consuming too much resources.', 'sucuri-scanner');
442
+ __('The scanner uses the <a href="http://php.net/manual/en/class.splfileobject.php" target="_blank" rel="noopener">PHP SPL library</a> and the <a target="_blank" href="http://php.net/manual/en/class.filesystemiterator.php" rel="noopener">Filesystem Iterator</a> class to scan the directory tree where your website is located in the server. This library is only available on PHP 5 >= 5.3.0 &mdash; OR &mdash; PHP 7; if you have an older version of PHP the plugin will not work as expected. Please ask your hosting provider to advise you on this matter.', 'sucuri-scanner');
443
+ __('Scheduled tasks are rules registered in your database by a plugin, theme, or the base system itself; they are used to automatically execute actions defined in the code every certain amount of time. A good use of these rules is to generate backup files of your site, execute a security scanner, or remove unused elements like drafts. <b>Note:</b> Scheduled tasks can be re-installed by any plugin/theme automatically.', 'sucuri-scanner');
444
+ __('Select All', 'sucuri-scanner');
445
+ __('Name', 'sucuri-scanner');
446
+ __('Schedule', 'sucuri-scanner');
447
+ __('Next Due', 'sucuri-scanner');
448
+ __('Arguments', 'sucuri-scanner');
449
+ __('Loading...', 'sucuri-scanner');
450
+ __('Action:', 'sucuri-scanner');
451
+ __('Submit', 'sucuri-scanner');
452
+
453
+ // settings-scanner-ignore-folders.html.tpl
454
+ __('Ignore Files And Folders During The Scans', 'sucuri-scanner');
455
+ __('Use this tool to select the files and/or folders that are too heavy for the scanner to process. These are usually folders with images, media files like videos and audios, backups and &mdash; in general &mdash; anything that is not code-related. Ignoring these files or folders will reduce the memory consumption of the PHP script.', 'sucuri-scanner');
456
+ __('Ignore a file or directory:', 'sucuri-scanner');
457
+ __('e.g. /private/directory/', 'sucuri-scanner');
458
+ __('Submit', 'sucuri-scanner');
459
+ __('Select All', 'sucuri-scanner');
460
+ __('File Path', 'sucuri-scanner');
461
+ __('Status', 'sucuri-scanner');
462
+ __('Unignore Selected Directories', 'sucuri-scanner');
463
+
464
+ // settings-scanner-integrity-cache.html.tpl
465
+ __('WordPress Integrity (False Positives)', 'sucuri-scanner');
466
+ __('Since the scanner doesn’t read the files during the execution of the integrity check, it is possible to find false positives. Files listed here have been marked as false positives and will be ignored by the scanner in subsequent scans.', 'sucuri-scanner');
467
+ __('Select All', 'sucuri-scanner');
468
+ __('Reason', 'sucuri-scanner');
469
+ __('Ignored At', 'sucuri-scanner');
470
+ __('File Path', 'sucuri-scanner');
471
+ __('no data available', 'sucuri-scanner');
472
+ __('Stop Ignoring the Selected Files', 'sucuri-scanner');
473
+
474
+ // settings-scanner-integrity-diff-utility.html.tpl
475
+ __('WordPress Integrity Diff Utility', 'sucuri-scanner');
476
+ __('If your server allows the execution of system commands, you can configure the plugin to use the <a href="https://en.wikipedia.org/wiki/Diff_utility" target="_blank" rel="noopener">Unix Diff Utility</a> to compare the actual content of the file installed in the website and the original file provided by WordPress. This will show the differences between both files and then you can act upon the information provided.', 'sucuri-scanner');
477
+ __('WordPress Integrity Diff Utility', 'sucuri-scanner');
478
+
479
+ // settings-webinfo-details.html.tpl
480
+ __('Environment Variables', 'sucuri-scanner');
481
+
482
+ // settings-webinfo-htaccess.html.tpl
483
+ __('Access File Integrity', 'sucuri-scanner');
484
+ __('The <code>.htaccess</code> file is a distributed configuration file, and is how the Apache web server handles configuration changes on a per-directory basis. WordPress uses this file to manipulate how Apache serves files from its root directory and subdirectories thereof; most notably, it modifies this file to be able to handle pretty permalinks.', 'sucuri-scanner');
485
+ __('Htaccess file found in', 'sucuri-scanner');
486
+ __('Your website has no <code>.htaccess</code> file or it was not found in the default location.', 'sucuri-scanner');
487
+ __('The main <code>.htaccess</code> file in your site has the standard rules for a WordPress installation. You can customize it to improve the performance and change the behaviour of the redirections for pages and posts in your site. To get more information visit the official documentation at <a target="_blank" rel="noopener" href="https://codex.wordpress.org/Using_Permalinks#Creating_and_editing_.28.htaccess.29"> Codex WordPress - Creating and editing (.htaccess)</a>', 'sucuri-scanner');
488
+ __('Codex WordPress HTAccess', 'sucuri-scanner');
489
+
490
+ // settings.html.tpl
491
+ __('General Settings', 'sucuri-scanner');
492
+ __('Scanner', 'sucuri-scanner');
493
+ __('Hardening', 'sucuri-scanner');
494
+ __('Post-Hack', 'sucuri-scanner');
495
+ __('Alerts', 'sucuri-scanner');
496
+ __('API Service Communication', 'sucuri-scanner');
497
+ __('Website Info', 'sucuri-scanner');
498
+ __('Hardening Options', 'sucuri-scanner');
499
+
500
+ // sitecheck-details.html.tpl
501
+ __('This information will be updated %%SUCURI.SiteCheck.Lifetime%%', 'sucuri-scanner');
502
+ __('Refresh Malware Scan', 'sucuri-scanner');
503
+
504
+ // sitecheck-malware.html.tpl
505
+ __('No malicious JavaScript', 'sucuri-scanner');
506
+ __('No malicious iFrames', 'sucuri-scanner');
507
+ __('No suspicious redirections', 'sucuri-scanner');
508
+ __('No blackhat SEO spam', 'sucuri-scanner');
509
+ __('No anomaly detection', 'sucuri-scanner');
510
+ __('Some types of problems cannot be detected by this scanner. If this scanner did not detect any issue and you still suspect a problem exists, you can <a href="https://sucuri.net/website-security-platform/signup" target="_blank" rel="noopener">sign up with Sucuri</a> for a complete and in-depth scan + cleanup (not included in the free checks).', 'sucuri-scanner');
511
+
512
+ // sitecheck-malware.snippet.tpl
513
+ __('Hover to see the Payload', 'sucuri-scanner');
514
+
515
+ // sitecheck-recommendations.html.tpl
516
+ __('Recommendations', 'sucuri-scanner');
517
+
518
+ // sitecheck-target.html.tpl
519
+ __('Malware Scan Target', 'sucuri-scanner');
520
+ __('The remote malware scanner provided by the plugin is powered by <a href="https://sitecheck.sucuri.net/" target="_blank" rel="noopener">Sucuri SiteCheck</a>, a service that takes a publicly accessible URL and scans it for malicious code. If your website is not visible to the Internet, for example, if it is hosted in a local development environment or a restricted network, the scanner will not be able to work on it. Additionally, if the website was installed in a non-standard directory the scanner will report a "404 Not Found" error. You can use this option to change the URL that will be scanned.', 'sucuri-scanner');
521
+ __('Malware Scan Target', 'sucuri-scanner');
522
+ __('Malware Scan Target:', 'sucuri-scanner');
523
+ __('Submit', 'sucuri-scanner');
src/template.lib.php CHANGED
@@ -81,6 +81,18 @@ class SucuriScanTemplate extends SucuriScanRequest
81
  }
82
  }
83
 
 
 
 
 
 
 
 
 
 
 
 
 
84
  return $content;
85
  }
86
 
@@ -121,7 +133,7 @@ class SucuriScanTemplate extends SucuriScanRequest
121
  SucuriScanTemplate::getModal(
122
  'register-site',
123
  array(
124
- 'Title' => 'Generate API Key',
125
  'Identifier' => 'register-site',
126
  'Visibility' => 'hidden',
127
  )
@@ -262,7 +274,7 @@ class SucuriScanTemplate extends SucuriScanRequest
262
  );
263
 
264
  if (!array_key_exists($type, $filenames)) {
265
- return (string) SucuriScan::throwException('Invalid template type');
266
  }
267
 
268
  $output = ''; /* initialize response */
81
  }
82
  }
83
 
84
+ global $locale;
85
+
86
+ preg_match_all('~{{(.+)}}~', $content, $matches);
87
+
88
+ if ( ! empty( $matches[1] ) ) {
89
+ foreach($matches[1] as $string) {
90
+ $pattern = sprintf('~{{%s}}~', preg_quote($string, '~'));
91
+ $replacement = ('en_US' !== $locale) ? translate($string, 'sucuri-scanner') : $string;
92
+ $content = preg_replace($pattern, $replacement, $content);
93
+ }
94
+ }
95
+
96
  return $content;
97
  }
98
 
133
  SucuriScanTemplate::getModal(
134
  'register-site',
135
  array(
136
+ 'Title' => __('Generate API Key', 'sucuri-scanner'),
137
  'Identifier' => 'register-site',
138
  'Visibility' => 'hidden',
139
  )
274
  );
275
 
276
  if (!array_key_exists($type, $filenames)) {
277
+ return (string) SucuriScan::throwException(__('Invalid template type', 'sucuri-scanner'));
278
  }
279
 
280
  $output = ''; /* initialize response */
sucuri.php CHANGED
@@ -6,7 +6,9 @@
6
  * Plugin URI: https://wordpress.sucuri.net/
7
  * Author URI: https://sucuri.net/
8
  * Author: Sucuri Inc.
9
- * Version: 1.8.19
 
 
10
  *
11
  * PHP version 5
12
  *
@@ -59,7 +61,7 @@ foreach ($sucuriscan_dependencies as $dependency) {
59
  }
60
 
61
  /* check if installation path is available */
62
- if (!defined('ABSPATH')) {
63
  /* Report invalid access if possible. */
64
  header('HTTP/1.1 403 Forbidden');
65
  exit(0);
@@ -83,7 +85,7 @@ define('SUCURISCAN', 'sucuriscan');
83
  /**
84
  * Current version of the plugin's code.
85
  */
86
- define('SUCURISCAN_VERSION', '1.8.19');
87
 
88
  /**
89
  * Defines the human readable name of the plugin.
@@ -193,6 +195,12 @@ if (!array_key_exists('SERVER_NAME', $_SERVER)) {
193
  $_SERVER['SERVER_NAME'] = 'localhost';
194
  }
195
 
 
 
 
 
 
 
196
  /* Load all classes before anything else. */
197
  require_once 'src/base.lib.php';
198
  require_once 'src/request.lib.php';
@@ -305,7 +313,7 @@ function sucuriscanUninstall()
305
  $directory = SucuriScan::dataStorePath();
306
  $fifo->removeDirectoryTree($directory);
307
 
308
- SucuriScanEvent::reportDebugEvent('Sucuri plugin has been uninstalled');
309
  }
310
 
311
  register_deactivation_hook(__FILE__, 'sucuriscanResetAndDeactivate');
6
  * Plugin URI: https://wordpress.sucuri.net/
7
  * Author URI: https://sucuri.net/
8
  * Author: Sucuri Inc.
9
+ * Text Domain: sucuri-scanner
10
+ * Domain Path: /lang
11
+ * Version: 1.8.20
12
  *
13
  * PHP version 5
14
  *
61
  }
62
 
63
  /* check if installation path is available */
64
+ if (!defined('ABSPATH') || !defined('WP_CONTENT_DIR')) {
65
  /* Report invalid access if possible. */
66
  header('HTTP/1.1 403 Forbidden');
67
  exit(0);
85
  /**
86
  * Current version of the plugin's code.
87
  */
88
+ define('SUCURISCAN_VERSION', '1.8.20');
89
 
90
  /**
91
  * Defines the human readable name of the plugin.
195
  $_SERVER['SERVER_NAME'] = 'localhost';
196
  }
197
 
198
+ /* Load plugin translations */
199
+ function sucuriscan_load_plugin_textdomain() {
200
+ load_plugin_textdomain( 'sucuri-scanner', false, basename( dirname( __FILE__ ) ) . '/lang/' );
201
+ }
202
+ add_action('plugins_loaded', 'sucuriscan_load_plugin_textdomain');
203
+
204
  /* Load all classes before anything else. */
205
  require_once 'src/base.lib.php';
206
  require_once 'src/request.lib.php';
313
  $directory = SucuriScan::dataStorePath();
314
  $fifo->removeDirectoryTree($directory);
315
 
316
+ SucuriScanEvent::reportDebugEvent(__('Sucuri plugin has been uninstalled', 'sucuri-scanner'));
317
  }
318
 
319
  register_deactivation_hook(__FILE__, 'sucuriscanResetAndDeactivate');