Sucuri Security – Auditing, Malware Scanner and Security Hardening

Version Description

Add WordPress Security Recommendations section in the dashboard
Add PHP version check
Fix goo.gl links
Fix post_type pattern match to allow numbers and max of 20 chars
Fix Audit Logs queue timezone issue
Fix regex in template string replacement
Update translation file to include WordPress Security Recommendations section fields
Make the menu icon use the menu color styling
Remove block button from failed logins page

Release Info

Developer	imgersonr
Plugin	Sucuri Security – Auditing, Malware Scanner and Security Hardening
Version	1.8.21
Comparing to
See all releases

Code changes from version 1.8.20 to 1.8.21

Files changed (19) hide show

inc/images/menuicon.svg +3 -0
inc/tpl/base.html.tpl +1 -1
inc/tpl/dashboard.html.tpl +2 -0
inc/tpl/lastlogins-failedlogins.html.tpl +1 -2
inc/tpl/settings-general-timezone.html.tpl +1 -1
inc/tpl/wordpress-recommendations.html.tpl +8 -0
inc/tpl/wordpress-recommendations.snippet.tpl +5 -0
lang/sucuri-scanner.pot +23 -5
readme.txt +13 -2
src/api.lib.php +42 -3
src/globals.php +1 -1
src/pagehandler.php +3 -0
src/settings-alerts.php +2 -2
src/settings-general.php +1 -1
src/settings-hardening.php +5 -7
src/strings.php +5 -2
src/template.lib.php +5 -5
src/wordpress-recommendations.lib.php +101 -0
sucuri.php +3 -2

inc/images/menuicon.svg ADDED Viewed

	@@ -0,0 +1,3 @@


1	+ <?xml version="1.0" encoding="UTF-8" standalone="no"?>
2	+ <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
3	+ <svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" preserveAspectRatio="xMidYMid meet" viewBox="0 0 16 16" width="16" height="16"><defs><path d="M8.98 0.87L9.6 0.94L10.29 1.03L11.04 1.16L11.86 1.31L12.74 1.49L13.69 1.7L13.93 2.24L14.12 2.85L14.27 3.53L14.37 4.27L14.41 5.08L14.41 5.95L14.36 6.89L14.27 7.9L14.06 8.93L13.71 9.93L13.19 10.91L12.51 11.86L11.68 12.78L10.69 13.68L9.54 14.55L8.23 15.4L6.91 14.56L5.75 13.69L4.74 12.8L3.9 11.87L3.21 10.92L2.68 9.94L2.31 8.93L2.09 7.9L1.98 6.89L1.92 5.94L1.91 5.06L1.95 4.25L2.04 3.51L2.17 2.84L2.36 2.23L2.59 1.7L3.44 1.5L4.23 1.32L4.97 1.17L5.66 1.05L6.3 0.95L6.89 0.88L7.43 0.84L7.92 0.82L8.42 0.83L8.98 0.87ZM10.8 10.72L10.53 11.03L10.31 11.24L10.06 11.46L9.69 11.79L9.2 12.21L8.59 12.73L9.14 12.4L9.64 12.07L10.09 11.77L10.5 11.48L10.85 11.17L11.13 10.8L11.34 10.35L11.48 9.84L11.12 10.32L10.8 10.72ZM7.68 3.96L7.38 4.07L7.07 4.23L6.79 4.48L6.57 4.85L6.43 5.35L6.42 5.88L6.52 6.31L6.7 6.65L6.94 6.92L7.21 7.13L7.56 7.32L7.98 7.54L8.4 7.76L8.72 8L8.84 8.24L8.81 8.43L8.71 8.56L8.56 8.62L8.38 8.66L8.17 8.68L7.98 8.66L7.71 8.6L7.34 8.5L6.89 8.34L6.36 8.14L6.33 9.63L6.72 9.77L7.1 9.89L7.48 9.96L7.84 10L8.2 10.01L8.76 9.94L9.35 9.76L9.86 9.43L10.24 8.92L10.38 8.2L10.23 7.46L9.84 6.93L9.37 6.56L8.96 6.35L8.76 6.27L8.62 6.21L8.36 6.08L8.09 5.9L7.93 5.67L7.96 5.41L8.13 5.27L8.4 5.21L8.78 5.24L9.26 5.35L9.85 5.55L10.38 4.33L10.22 4.25L10.07 4.19L9.91 4.13L9.77 4.07L9.62 4.02L9.33 3.96L8.92 3.91L8.46 3.89L8.03 3.9L7.68 3.96Z" id="d1ogaCizF3"></path></defs><g><g><g><use xlink:href="#d1ogaCizF3" opacity="1" fill="black" fill-opacity="1"></use></g></g></g></svg>

inc/tpl/base.html.tpl CHANGED Viewed

	@@ -17,7 +17,7 @@
17
18	<div class="sucuriscan-pull-right sucuriscan-navbar">
19	<ul>
20	- <li><a href="https://~~goo~~.gl/~~aByqP5~~" target="_blank" rel="noopener" class="button button-secondary">{{Review}}</a></li>
21
22	<li class="sucuriscan-%%SUCURI.GenerateAPIKey.Visibility%%">
23	<a href="#" class="button button-primary sucuriscan-modal-button sucuriscan-register-site-button"


17
18	<div class="sucuriscan-pull-right sucuriscan-navbar">
19	<ul>
20	+ <li><a href="https://wordpress.org/support/plugin/sucuri-scanner/reviews/" target="_blank" rel="noopener" class="button button-secondary">{{Review}}</a></li>
21
22	<li class="sucuriscan-%%SUCURI.GenerateAPIKey.Visibility%%">
23	<a href="#" class="button button-primary sucuriscan-modal-button sucuriscan-register-site-button"

inc/tpl/dashboard.html.tpl CHANGED Viewed

	@@ -84,5 +84,7 @@ jQuery(document).ready(function ($) {
84	%%%SUCURI.SiteCheck.Blacklist%%%
85
86	%%%SUCURI.SiteCheck.Recommendations%%%


87	</div>
88	</div>


84	%%%SUCURI.SiteCheck.Blacklist%%%
85
86	%%%SUCURI.SiteCheck.Recommendations%%%
87	+
88	+ %%%SUCURI.WordPress.Recommendations%%%
89	</div>
90	</div>

inc/tpl/lastlogins-failedlogins.html.tpl CHANGED Viewed

	@@ -36,8 +36,7 @@
36	</tr>
37	</tbody>
38	</table>
39	-
40	- <button type="submit" class="button button-primary">{{Block}}</button>
41	</form>
42	</div>
43	</div>


36	</tr>
37	</tbody>
38	</table>
39	+

40	</form>
41	</div>
42	</div>

inc/tpl/settings-general-timezone.html.tpl CHANGED Viewed

	@@ -1,6 +1,6 @@
1
2	<div class="sucuriscan-panel">
3	- <h3 class="sucuriscan-title">{{Timezone}}</h3>
4
5	<div class="inside">
6	<p>{{This option defines the timezone that will be used through out the entire plugin to print the dates and times whenever is necessary. This option also affects the date and time of the logs visible in the audit logs panel which is data that comes from a remote server configured to use Eastern Daylight Time (EDT). WordPress offers an option in the general settings page to allow you to configure the timezone for the entire website, however, if you are experiencing problems with the time in the audit logs, this option will help you fix them.}}</p>


1
2	<div class="sucuriscan-panel">
3	+ <h3 class="sucuriscan-title">{{Timezone Override}}</h3>
4
5	<div class="inside">
6	<p>{{This option defines the timezone that will be used through out the entire plugin to print the dates and times whenever is necessary. This option also affects the date and time of the logs visible in the audit logs panel which is data that comes from a remote server configured to use Eastern Daylight Time (EDT). WordPress offers an option in the general settings page to allow you to configure the timezone for the entire website, however, if you are experiencing problems with the time in the audit logs, this option will help you fix them.}}</p>

inc/tpl/wordpress-recommendations.html.tpl ADDED Viewed

	@@ -0,0 +1,8 @@


1	+
2	+ <div class="sucuriscan-panel sucuriscan-sitecheck-list sucuriscan-sitecheck-recommendations sucuriscan-wordpress-recommendations">
3	+ <h3 class="sucuriscan-tag-title sucuriscan-tag-%%SUCURI.WordPress.Recommendations.Color%%">{{WordPress Security Recommendations}}</h3>
4	+
5	+ <ul>
6	+ %%%SUCURI.WordPress.Recommendations.Content%%%
7	+ </ul>
8	+ </div>

inc/tpl/wordpress-recommendations.snippet.tpl ADDED Viewed

	@@ -0,0 +1,5 @@


1	+
2	+ <li class="sucuriscan-sitecheck-list-NOTICE">
3	+ <b>%%SUCURI.WordPress.Recommendations.Title%%</b><br>
4	+ <span>%%SUCURI.WordPress.Recommendations.Value%%</span>
5	+ </li>

lang/sucuri-scanner.pot CHANGED Viewed

	@@ -59,12 +59,12 @@ msgstr ""
59	msgid "API key recovery for domain: %s"
60	msgstr ""
61
62	- #: src/api.lib.php:~~609~~
63	#, php-format
64	msgid "WP Engine PHP Compatibility Checker: %s (created post #%d as cache)"
65	msgstr ""
66
67	- #: src/api.lib.php:~~952~~ src/api.lib.php:~~957~~
68	msgid "WordPress version is not supported anymore"
69	msgstr ""
70
	@@ -1080,7 +1080,7 @@ msgid "The alert settings have been updated"
1080	msgstr ""
1081
1082	#: src/settings-alerts.php:542
1083	- msgid "Only lowercase letters, underscores and hyphens are allowed."
1084	msgstr ""
1085
1086	#: src/settings-alerts.php:544
	@@ -1373,7 +1373,7 @@ msgstr ""
1373	#: src/settings-hardening.php:102
1374	msgid ""
1375	"The firewall is a premium service that you need purchase at - <a href="
1376	- "\"https://~~goo~~.gl/~~qfNkMq~~\" target=\"_blank\">Sucuri Firewall</a>"
1377	msgstr ""
1378
1379	#: src/settings-hardening.php:107
	@@ -2799,7 +2799,7 @@ msgid "File Path:"
2799	msgstr ""
2800
2801	#: src/strings.php:366
2802	- msgid "Timezone"
2803	msgstr ""
2804
2805	#: src/strings.php:367
	@@ -3203,10 +3203,28 @@ msgstr ""
3203	msgid "Malware Scan Target:"
3204	msgstr ""
3205




3206	#: src/template.lib.php:277
3207	msgid "Invalid template type"
3208	msgstr ""
3209














3210	#: sucuri.php:316
3211	msgid "Sucuri plugin has been uninstalled"
3212	msgstr ""


59	msgid "API key recovery for domain: %s"
60	msgstr ""
61
62	+ #: src/api.lib.php:648
63	#, php-format
64	msgid "WP Engine PHP Compatibility Checker: %s (created post #%d as cache)"
65	msgstr ""
66
67	+ #: src/api.lib.php:991 src/api.lib.php:994
68	msgid "WordPress version is not supported anymore"
69	msgstr ""
70

1080	msgstr ""
1081
1082	#: src/settings-alerts.php:542
1083	+ msgid "Only lowercase letters, numbers, underscores and hyphens are allowed. Post Types cannot exceed 20 characters as well."
1084	msgstr ""
1085
1086	#: src/settings-alerts.php:544

1373	#: src/settings-hardening.php:102
1374	msgid ""
1375	"The firewall is a premium service that you need purchase at - <a href="
1376	+ "\"https://sucuri.net/website-firewall/signup\" target=\"_blank\">Sucuri Firewall</a>"
1377	msgstr ""
1378
1379	#: src/settings-hardening.php:107

2799	msgstr ""
2800
2801	#: src/strings.php:366
2802	+ msgid "Timezone Override"
2803	msgstr ""
2804
2805	#: src/strings.php:367

3203	msgid "Malware Scan Target:"
3204	msgstr ""
3205
3206	+ #: src/strings.php:526
3207	+ msgid "WordPress Security Recommendations"
3208	+ msgstr ""
3209	+
3210	#: src/template.lib.php:277
3211	msgid "Invalid template type"
3212	msgstr ""
3213
3214	+ #: src/wordpress-recommendations.php:62
3215	+ msgid "Upgrade PHP to a supported version"
3216	+ msgstr ""
3217	+
3218	+ #: src/wordpress-recommendations.php:63
3219	+ msgid "The PHP version you are using no longer receives security support and could be exposed to unpatched security vulnerabilities."
3220	+ msgstr ""
3221	+
3222	+ #: src/wordpress-recommendations.php:76
3223	+ msgid ""
3224	+ "Your WordPress install is following <a href=\"https://sucuri.net/guides/wordpress-security\" target=\"_blank\" rel=\"noopener\">"
3225	+ "the security best practices</a>."
3226	+ msgstr ""
3227	+
3228	#: sucuri.php:316
3229	msgid "Sucuri plugin has been uninstalled"
3230	msgstr ""

readme.txt CHANGED Viewed

	@@ -3,8 +3,8 @@ Contributors: dd@sucuri.net
3	Donate Link: https://sucuri.net/
4	Tags: malware, security, firewall, scan, spam, virus, sucuri, protection, blacklist, detection, hardening, file integrity
5	Requires at least: 3.6
6	- Tested up to: 5.~~0.3~~
7	- Stable tag: 1.8.20
8
9	The Sucuri WordPress Security plugin is a security toolset for security integrity monitoring, malware detection and security hardening.
10
	@@ -190,6 +190,17 @@ This version adds an option to refresh the malware scan results on demand, as we
190
191	== Changelog ==
192











193	= 1.8.20 =
194	* Add dynamic core directories in the hardening whitelist options
195	* Modify scheduled tasks panel to load the table via Ajax


3	Donate Link: https://sucuri.net/
4	Tags: malware, security, firewall, scan, spam, virus, sucuri, protection, blacklist, detection, hardening, file integrity
5	Requires at least: 3.6
6	+ Tested up to: 5.2
7	+ Stable tag: 1.8.21
8
9	The Sucuri WordPress Security plugin is a security toolset for security integrity monitoring, malware detection and security hardening.
10

190
191	== Changelog ==
192
193	+ = 1.8.21 =
194	+ * Add WordPress Security Recommendations section in the dashboard
195	+ * Add PHP version check
196	+ * Fix goo.gl links
197	+ * Fix post_type pattern match to allow numbers and max of 20 chars
198	+ * Fix Audit Logs queue timezone issue
199	+ * Fix regex in template string replacement
200	+ * Update translation file to include WordPress Security Recommendations section fields
201	+ * Make the menu icon use the menu color styling
202	+ * Remove block button from failed logins page
203	+
204	= 1.8.20 =
205	* Add dynamic core directories in the hardening whitelist options
206	* Modify scheduled tasks panel to load the table via Ajax

src/api.lib.php CHANGED Viewed

@@ -407,7 +407,9 @@ class SucuriScanAPI extends SucuriScanOption
                 /**
                  * Returns the security logs from the system queue.
-            -
                 *
                  * @return array The data structure with the logs.
                  */
                 public static function getAuditLogsFromQueue()
@@ -443,6 +445,7 @@ class SucuriScanAPI extends SucuriScanOption
                         'verbose' => 0,
                         'output' => array_reverse($auditlogs),
                         'total_entries' => count($auditlogs),
                     );
                     return self::parseAuditLogs($res);
@@ -489,8 +492,44 @@ class SucuriScanAPI extends SucuriScanOption
                         $log_data['message'] = $right;
                         $log_data['account'] = $dateAndEmail[2];
-            -
                        /* extract and fix the date and time using the Eastern time zone */
-            -
                        $datetime = sprintf('%s %s EDT', $dateAndEmail[0], $dateAndEmail[1]);
                         $log_data['timestamp'] = strtotime($datetime);
                         $log_data['datetime'] = SucuriScan::datetime($log_data['timestamp'], 'Y-m-d H:i:s');
                         $log_data['date'] = SucuriScan::datetime($log_data['timestamp'], 'Y-m-d');


407
408	/**
409	* Returns the security logs from the system queue.
410	+ * In case the logs comes from the queue, set key "from_queue" to true,
411	+ * as the parse function later will need to prevent timezone conflicts.
412	+ *
413	* @return array The data structure with the logs.
414	*/
415	public static function getAuditLogsFromQueue()

445	'verbose' => 0,
446	'output' => array_reverse($auditlogs),
447	'total_entries' => count($auditlogs),
448	+ 'from_queue' => '1',
449	);
450
451	return self::parseAuditLogs($res);

492	$log_data['message'] = $right;
493	$log_data['account'] = $dateAndEmail[2];
494
495	+ /**
496	+ * When the audit logs comes from the queue, it's necessary to convert
497	+ * the logs using the correct timezone before parsing to avoid issues.
498	+ * First, use timezone override feature if set on the plugin settings,
499	+ * convert it properly as the syntax must be compatible with php strtotime,
500	+ * otherwise use WordPress timezone or offset with a quick fix only for UTC
501	+ * as by default it would be set as "0" instead of "UTC".
502	+ */
503	+ $tz_override = SucuriScanOption::getOption(':timezone');
504	+ if (empty($tz_override)) {
505	+ $wpTimezone = get_option('timezone_string');
506	+ if (empty($wpTimezone)) {
507	+ $wpTimezone = get_option('gmt_offset');
508	+ }
509	+
510	+ /* set wpTimezone to UTC if was previously unset */
511	+ if ($wpTimezone == "0") {
512	+ $wpTimezone = "UTC";
513	+ }
514	+ } else {
515	+ $tz_override_replace_from = array(".", "UTC");
516	+ $tz_override_replace_to = array(":", "");
517	+ $wpTimezone = str_replace($tz_override_replace_from, $tz_override_replace_to, $tz_override);
518	+ }
519	+
520	+ /**
521	+ * When the audit logs comes from the audit logs server, it will
522	+ * be using EDT timezone, however due to the seasonal nature of the
523	+ * EDT timzeone, here we will be using America/New_York when and only
524	+ * when the audit logs comes from the audit logs server, cause when
525	+ * it comes from the queue, wpTimezone var will be used.
526	+ */
527	+ if (array_key_exists('from_queue', $res)) {
528	+ $datetime = sprintf('%s %s %s', $dateAndEmail[0], $dateAndEmail[1], $wpTimezone);
529	+ } else {
530	+ $datetime = sprintf('%s %s America/New_York', $dateAndEmail[0], $dateAndEmail[1]);
531	+ }
532	+
533	$log_data['timestamp'] = strtotime($datetime);
534	$log_data['datetime'] = SucuriScan::datetime($log_data['timestamp'], 'Y-m-d H:i:s');
535	$log_data['date'] = SucuriScan::datetime($log_data['timestamp'], 'Y-m-d');

src/globals.php CHANGED Viewed

	@@ -106,7 +106,7 @@ if (defined('SUCURISCAN')) {
106	'manage_options',
107	'sucuriscan',
108	'sucuriscan_page',
109	- ~~SUCURISCAN_URL~~ . '/~~inc~~/~~images~~/~~menuicon~~.~~png~~'
110	);
111
112	foreach ($pages as $sub_page_func => $sub_page_title) {


106	'manage_options',
107	'sucuriscan',
108	'sucuriscan_page',
109	+ 'data:image/svg+xml;base64,' . base64_encode('<svg version="1.1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" preserveAspectRatio="xMidYMid meet" viewBox="0 0 16 16" width="16" height="16"><defs><path d="M8.98 0.87L9.6 0.94L10.29 1.03L11.04 1.16L11.86 1.31L12.74 1.49L13.69 1.7L13.93 2.24L14.12 2.85L14.27 3.53L14.37 4.27L14.41 5.08L14.41 5.95L14.36 6.89L14.27 7.9L14.06 8.93L13.71 9.93L13.19 10.91L12.51 11.86L11.68 12.78L10.69 13.68L9.54 14.55L8.23 15.4L6.91 14.56L5.75 13.69L4.74 12.8L3.9 11.87L3.21 10.92L2.68 9.94L2.31 8.93L2.09 7.9L1.98 6.89L1.92 5.94L1.91 5.06L1.95 4.25L2.04 3.51L2.17 2.84L2.36 2.23L2.59 1.7L3.44 1.5L4.23 1.32L4.97 1.17L5.66 1.05L6.3 0.95L6.89 0.88L7.43 0.84L7.92 0.82L8.42 0.83L8.98 0.87ZM10.8 10.72L10.53 11.03L10.31 11.24L10.06 11.46L9.69 11.79L9.2 12.21L8.59 12.73L9.14 12.4L9.64 12.07L10.09 11.77L10.5 11.48L10.85 11.17L11.13 10.8L11.34 10.35L11.48 9.84L11.12 10.32L10.8 10.72ZM7.68 3.96L7.38 4.07L7.07 4.23L6.79 4.48L6.57 4.85L6.43 5.35L6.42 5.88L6.52 6.31L6.7 6.65L6.94 6.92L7.21 7.13L7.56 7.32L7.98 7.54L8.4 7.76L8.72 8L8.84 8.24L8.81 8.43L8.71 8.56L8.56 8.62L8.38 8.66L8.17 8.68L7.98 8.66L7.71 8.6L7.34 8.5L6.89 8.34L6.36 8.14L6.33 9.63L6.72 9.77L7.1 9.89L7.48 9.96L7.84 10L8.2 10.01L8.76 9.94L9.35 9.76L9.86 9.43L10.24 8.92L10.38 8.2L10.23 7.46L9.84 6.93L9.37 6.56L8.96 6.35L8.76 6.27L8.62 6.21L8.36 6.08L8.09 5.9L7.93 5.67L7.96 5.41L8.13 5.27L8.4 5.21L8.78 5.24L9.26 5.35L9.85 5.55L10.38 4.33L10.22 4.25L10.07 4.19L9.91 4.13L9.77 4.07L9.62 4.02L9.33 3.96L8.92 3.91L8.46 3.89L8.03 3.9L7.68 3.96Z" id="d1ogaCizF3"></path></defs><g><g><g><use xlink:href="#d1ogaCizF3" opacity="1" fill="black" fill-opacity="1"></use></g></g></g></svg>')
110	);
111
112	foreach ($pages as $sub_page_func => $sub_page_title) {

src/pagehandler.php CHANGED Viewed

	@@ -50,6 +50,9 @@ function sucuriscan_page()
50	$params['SiteCheck.Malware'] = '<div id="sucuriscan-malware"></div>';
51	$params['SiteCheck.Blacklist'] = '<div id="sucuriscan-blacklist"></div>';
52	$params['SiteCheck.Recommendations'] = '<div id="sucuriscan-recommendations"></div>';



53
54	if (SucuriScanRequest::get(':sitecheck_refresh') !== false) {
55	$params['SiteCheck.Refresh'] = 'true';


50	$params['SiteCheck.Malware'] = '<div id="sucuriscan-malware"></div>';
51	$params['SiteCheck.Blacklist'] = '<div id="sucuriscan-blacklist"></div>';
52	$params['SiteCheck.Recommendations'] = '<div id="sucuriscan-recommendations"></div>';
53	+
54	+ /* load data for the WordPress best practices section */
55	+ $params['WordPress.Recommendations'] = SucuriWordPressRecomendations::pageWordPressRecommendations();
56
57	if (SucuriScanRequest::get(':sitecheck_refresh') !== false) {
58	$params['SiteCheck.Refresh'] = 'true';

src/settings-alerts.php CHANGED Viewed

	@@ -538,8 +538,8 @@ function sucuriscan_settings_alerts_ignore_posts()
538	$selected = SucuriScanRequest::post(':posttypes', '_array');
539
540	if ($action === 'add') {
541	- if (!preg_match('/^[a-z_\-]+$/', $ignore_rule)) {
542	- SucuriScanInterface::error(__('Only lowercase letters, underscores and hyphens are allowed.', 'sucuri-scanner'));
543	} elseif (array_key_exists($ignore_rule, $ignored_events)) {
544	SucuriScanInterface::error(__('The post-type is already being ignored (duplicate).', 'sucuri-scanner'));
545	} else {


538	$selected = SucuriScanRequest::post(':posttypes', '_array');
539
540	if ($action === 'add') {
541	+ if (!preg_match('/^[a-z0-9_\-]{1,20}+$/', $ignore_rule)) {
542	+ SucuriScanInterface::error(__('Only lowercase letters, numbers, underscores and hyphens are allowed. Post Types cannot exceed 20 characters as well.', 'sucuri-scanner'));
543	} elseif (array_key_exists($ignore_rule, $ignored_events)) {
544	SucuriScanInterface::error(__('The post-type is already being ignored (duplicate).', 'sucuri-scanner'));
545	} else {

src/settings-general.php CHANGED Viewed

	@@ -638,7 +638,7 @@ function sucuriscan_settings_general_timezone($nonce)
638	$fill = (abs($hour) < 10) ? '0' : '';
639	$keyname = sprintf('UTC%s%s%.2f', $sign, $fill, abs($hour));
640	$label = date('d M, Y H:i:s', $current + ($hour * 3600));
641	- $options[$keyname] = $label;
642	}
643
644	if ($nonce) {


638	$fill = (abs($hour) < 10) ? '0' : '';
639	$keyname = sprintf('UTC%s%s%.2f', $sign, $fill, abs($hour));
640	$label = date('d M, Y H:i:s', $current + ($hour * 3600));
641	+ $options[$keyname] = $keyname . ' (' . $label . ')';
642	}
643
644	if ($nonce) {

src/settings-hardening.php CHANGED Viewed

	@@ -77,10 +77,8 @@ class SucuriScanHardeningPage extends SucuriScan
77	*/
78	private static function processRequest($function)
79	{
80	- return (bool) (
81	- ~~SucuriScanInterface~~::~~checkNonce~~() /* ~~CSRF protection */~~
82	- && SucuriScanRequest::post(':hardening_' . $function)
83	- );
84	}
85
86	/**
	@@ -99,7 +97,7 @@ class SucuriScanHardeningPage extends SucuriScan
99
100	if (self::processRequest(__FUNCTION__)) {
101	SucuriScanInterface::error(
102	- __('The firewall is a premium service that you need purchase at - <a href="https://~~goo~~.gl/~~qfNkMq~~" target="_blank">Sucuri Firewall</a>', 'sucuri-scanner')
103	);
104	}
105
	@@ -184,7 +182,7 @@ class SucuriScanHardeningPage extends SucuriScan
184	$params['Hardening.Title'] = __('Verify PHP Version', 'sucuri-scanner');
185	$params['Hardening.Description'] = sprintf(__('PHP %s is installed.', 'sucuri-scanner'), PHP_VERSION);
186
187	- if (intval(version_compare(PHP_VERSION, '5.6.0') >= 0)) {
188	$params['Hardening.Status'] = 1;
189	$params['Hardening.FieldAttrs'] = 'disabled';
190	$params['Hardening.FieldText'] = __('Revert Hardening', 'sucuri-scanner');
	@@ -512,7 +510,7 @@ class SucuriScanHardeningPage extends SucuriScan
512	public static function fileeditor()
513	{
514	$params = array();
515	- $fileEditorWasDisabled = (bool) (defined('DISALLOW_FILE_EDIT') && DISALLOW_FILE_EDIT);
516
517	if (self::processRequest(__FUNCTION__)) {
518	$config = SucuriScan::getConfigPath();


77	*/
78	private static function processRequest($function)
79	{
80	+ return (bool)(SucuriScanInterface::checkNonce() /* CSRF protection */
81	+ && SucuriScanRequest::post(':hardening_' . $function));


82	}
83
84	/**

97
98	if (self::processRequest(__FUNCTION__)) {
99	SucuriScanInterface::error(
100	+ __('The firewall is a premium service that you need purchase at - <a href="https://sucuri.net/website-firewall/signup" target="_blank">Sucuri Firewall</a>', 'sucuri-scanner')
101	);
102	}
103

182	$params['Hardening.Title'] = __('Verify PHP Version', 'sucuri-scanner');
183	$params['Hardening.Description'] = sprintf(__('PHP %s is installed.', 'sucuri-scanner'), PHP_VERSION);
184
185	+ if (intval(version_compare(PHP_VERSION, '7.1.0') >= 0)) {
186	$params['Hardening.Status'] = 1;
187	$params['Hardening.FieldAttrs'] = 'disabled';
188	$params['Hardening.FieldText'] = __('Revert Hardening', 'sucuri-scanner');

510	public static function fileeditor()
511	{
512	$params = array();
513	+ $fileEditorWasDisabled = (bool)(defined('DISALLOW_FILE_EDIT') && DISALLOW_FILE_EDIT);
514
515	if (self::processRequest(__FUNCTION__)) {
516	$config = SucuriScan::getConfigPath();

src/strings.php CHANGED Viewed

	@@ -306,7 +306,7 @@ __('HTTP Proxy Password', 'sucuri-scanner');
306	__('API Service Communication', 'sucuri-scanner');
307	__('Once the API key is generate the plugin will communicate with a remote API service that will act as a safe data storage for the audit logs generated when the website triggers certain events that the plugin monitors. If the website is hacked the attacker will not have access to these logs and that way you can investigate what was modified <em>(for malware infaction)</em> and/or how the malicious person was able to gain access to the website.', 'sucuri-scanner');
308	__('Disabling the API service communication will stop the event monitoring, consider to enable the <a href="%%SUCURI.URL.Settings%%#general">Log Exporter</a> to keep the monitoring working while the HTTP requests are ignored, otherwise an attacker may execute an action that will not be registered in the security logs and you will not have a way to investigate the attack in the future.', 'sucuri-scanner');
309	- __('<strong>Are you a developer?</strong> You may be interested in our API. Feel free to use the URL shown below to access the latest 50 entries in your security log, change the value for the parameter <code>l=N</code> if you need more. Be aware that the API doesn’t provides an offset parameter, so if you have the ~~intension~~ to query specific sections of the log you will need to wrap the HTTP request around your own cache mechanism. We <strong>DO NOT</strong> take feature requests for the API, this is a semi-private service tailored for the specific needs of the plugin and not intended to be used by 3rd-party apps, we may change the behavior of each API endpoint without previous notice, use it at your own risk.', 'sucuri-scanner');
310
311	// settings-general-apikey.html.tpl
312	__('API Key', 'sucuri-scanner');
	@@ -363,7 +363,7 @@ __('File Path:', 'sucuri-scanner');
363	__('Submit', 'sucuri-scanner');
364
365	// settings-general-timezone.html.tpl
366	- __('Timezone', 'sucuri-scanner');
367	__('This option defines the timezone that will be used through out the entire plugin to print the dates and times whenever is necessary. This option also affects the date and time of the logs visible in the audit logs panel which is data that comes from a remote server configured to use Eastern Daylight Time (EDT). WordPress offers an option in the general settings page to allow you to configure the timezone for the entire website, however, if you are experiencing problems with the time in the audit logs, this option will help you fix them.', 'sucuri-scanner');
368	__('Timezone:', 'sucuri-scanner');
369	__('Submit', 'sucuri-scanner');
	@@ -521,3 +521,6 @@ __('The remote malware scanner provided by the plugin is powered by <a href="htt
521	__('Malware Scan Target', 'sucuri-scanner');
522	__('Malware Scan Target:', 'sucuri-scanner');
523	__('Submit', 'sucuri-scanner');


306	__('API Service Communication', 'sucuri-scanner');
307	__('Once the API key is generate the plugin will communicate with a remote API service that will act as a safe data storage for the audit logs generated when the website triggers certain events that the plugin monitors. If the website is hacked the attacker will not have access to these logs and that way you can investigate what was modified <em>(for malware infaction)</em> and/or how the malicious person was able to gain access to the website.', 'sucuri-scanner');
308	__('Disabling the API service communication will stop the event monitoring, consider to enable the <a href="%%SUCURI.URL.Settings%%#general">Log Exporter</a> to keep the monitoring working while the HTTP requests are ignored, otherwise an attacker may execute an action that will not be registered in the security logs and you will not have a way to investigate the attack in the future.', 'sucuri-scanner');
309	+ __('<strong>Are you a developer?</strong> You may be interested in our API. Feel free to use the URL shown below to access the latest 50 entries in your security log, change the value for the parameter <code>l=N</code> if you need more. Be aware that the API doesn’t provides an offset parameter, so if you have the intention to query specific sections of the log you will need to wrap the HTTP request around your own cache mechanism. We <strong>DO NOT</strong> take feature requests for the API, this is a semi-private service tailored for the specific needs of the plugin and not intended to be used by 3rd-party apps, we may change the behavior of each API endpoint without previous notice, use it at your own risk.', 'sucuri-scanner');
310
311	// settings-general-apikey.html.tpl
312	__('API Key', 'sucuri-scanner');

363	__('Submit', 'sucuri-scanner');
364
365	// settings-general-timezone.html.tpl
366	+ __('Timezone Override', 'sucuri-scanner');
367	__('This option defines the timezone that will be used through out the entire plugin to print the dates and times whenever is necessary. This option also affects the date and time of the logs visible in the audit logs panel which is data that comes from a remote server configured to use Eastern Daylight Time (EDT). WordPress offers an option in the general settings page to allow you to configure the timezone for the entire website, however, if you are experiencing problems with the time in the audit logs, this option will help you fix them.', 'sucuri-scanner');
368	__('Timezone:', 'sucuri-scanner');
369	__('Submit', 'sucuri-scanner');

521	__('Malware Scan Target', 'sucuri-scanner');
522	__('Malware Scan Target:', 'sucuri-scanner');
523	__('Submit', 'sucuri-scanner');
524	+
525	+ // wordpress-recommendations.html.tpl
526	+ __('WordPress Security Recommendations', 'sucuri-scanner');

src/template.lib.php CHANGED Viewed

	@@ -83,13 +83,13 @@ class SucuriScanTemplate extends SucuriScanRequest
83
84	global $locale;
85
86	- preg_match_all('~{{(.+)}}~', $content, $matches);
87
88	if ( ! empty( $matches[1] ) ) {
89	- foreach($matches[1] as $string) {
90	- $~~pattern~~ = ~~sprintf('~{{%s}}~', preg_quote(~~$~~string, '~'))~~;
91	- $~~replacement~~ = ('en_US' !== $locale) ? translate($string, 'sucuri-scanner') : $string;
92	- $content = ~~preg_replace~~($~~pattern~~, $~~replacement~~, $content);
93	}
94	}
95


83
84	global $locale;
85
86	+ preg_match_all('~{{(.+?)}}~', $content, $matches);
87
88	if ( ! empty( $matches[1] ) ) {
89	+ foreach($matches[1] as $index => $string) {
90	+ $search = $matches[0][$index];
91	+ $replace = ('en_US' !== $locale) ? translate($string, 'sucuri-scanner') : $string;
92	+ $content = str_replace($search, $replace, $content);
93	}
94	}
95

src/wordpress-recommendations.lib.php ADDED Viewed

	@@ -0,0 +1,101 @@


1	+ <?php
2	+
3	+ /**
4	+ * Code related to the wprecommendations.lib.php checks.
5	+ *
6	+ * PHP version 5
7	+ *
8	+ * @category Library
9	+ * @package Sucuri
10	+ * @subpackage SucuriScanner
11	+ * @author Northon Torga <northon.torga@sucuri.net>
12	+ * @copyright 2010-2019 Sucuri Inc.
13	+ * @license https://www.gnu.org/licenses/gpl-2.0.txt GPL2
14	+ * @link https://wordpress.org/plugins/sucuri-scanner
15	+ */
16	+
17	+ if (!defined('SUCURISCAN_INIT') \|\| SUCURISCAN_INIT !== true) {
18	+ if (!headers_sent()) {
19	+ /* Report invalid access if possible. */
20	+ header('HTTP/1.1 403 Forbidden');
21	+ }
22	+ exit(1);
23	+ }
24	+
25	+ /**
26	+ * Make sure the WordPress install follows security best practices.
27	+ *
28	+ * @category Library
29	+ * @package Sucuri
30	+ * @subpackage SucuriScanner
31	+ * @author Northon Torga <northon.torga@sucuri.net>
32	+ * @copyright 2010-2019 Sucuri Inc.
33	+ * @license https://www.gnu.org/licenses/gpl-2.0.txt GPL2
34	+ * @link https://wordpress.org/plugins/sucuri-scanner
35	+ * @see https://sitecheck.sucuri.net/
36	+ */
37	+ class SucuriWordPressRecomendations
38	+ {
39	+
40	+ /**
41	+ * Generates the HTML section for the WordPress recommendations section.
42	+ *
43	+ * @return string HTML code to render the recommendations section.
44	+ */
45	+ public static function pageWordPressRecommendations()
46	+ {
47	+
48	+ $params = array();
49	+ $recommendations = array();
50	+ $params['WordPress.Recommendations.Content'] = '';
51	+
52	+ /**
53	+ * BEGIN security checks.
54	+ *
55	+ * Each check must register a second array inside $recommendations,
56	+ * containing the title and description of the recommendation.
57	+ */
58	+
59	+ // Check if php version needs to be upgraded.
60	+ if (version_compare(phpversion(), '7.1', '<')) {
61	+ $recommendations['PHPVersionCheck'] = array(
62	+ __('Upgrade PHP to a supported version', 'sucuri-scanner') =>
63	+ __('The PHP version you are using no longer receives security support and could be exposed to unpatched security vulnerabilities.', 'sucuri-scanner')
64	+ );
65	+ }
66	+
67	+ /**
68	+ * BEGIN delivery of results.
69	+ *
70	+ * When recommendations array is empty, delivery an "all is good" message,
71	+ * otherwise display each item that needs fixing individually.
72	+ */
73	+ if (count($recommendations) == 0) {
74	+
75	+ $params['WordPress.Recommendations.Color'] = 'green';
76	+ $params['WordPress.Recommendations.Content'] = __('Your WordPress install is following <a href="https://sucuri.net/guides/wordpress-security" target="_blank" rel="noopener">the security best practices</a>.', 'sucuri-scanner');
77	+ } else {
78	+
79	+ /* set title to blue as not all recommendations have been fullfilled */
80	+ $params['WordPress.Recommendations.Color'] = 'blue';
81	+
82	+ /* delivery the recommendations using the getSnippet function */
83	+ $recommendation = array_keys($recommendations);
84	+ foreach ($recommendation as $checkid) {
85	+
86	+ foreach ($recommendations[$checkid] as $title => $description) {
87	+
88	+ $params['WordPress.Recommendations.Content'] .= SucuriScanTemplate::getSnippet(
89	+ 'wordpress-recommendations',
90	+ array(
91	+ 'WordPress.Recommendations.Title' => $title,
92	+ 'WordPress.Recommendations.Value' => $description
93	+ )
94	+ );
95	+ }
96	+ }
97	+ }
98	+
99	+ return SucuriScanTemplate::getSection('wordpress-recommendations', $params);
100	+ }
101	+ }

sucuri.php CHANGED Viewed

	@@ -8,7 +8,7 @@
8	* Author: Sucuri Inc.
9	* Text Domain: sucuri-scanner
10	* Domain Path: /lang
11	- * Version: 1.8.20
12	*
13	* PHP version 5
14	*
	@@ -85,7 +85,7 @@ define('SUCURISCAN', 'sucuriscan');
85	/**
86	* Current version of the plugin's code.
87	*/
88	- define('SUCURISCAN_VERSION', '1.8.20');
89
90	/**
91	* Defines the human readable name of the plugin.
	@@ -218,6 +218,7 @@ require_once 'src/hardening.lib.php';
218	require_once 'src/interface.lib.php';
219	require_once 'src/auditlogs.lib.php';
220	require_once 'src/sitecheck.lib.php';

221	require_once 'src/integrity.lib.php';
222	require_once 'src/firewall.lib.php';
223	require_once 'src/installer-skin.lib.php';


8	* Author: Sucuri Inc.
9	* Text Domain: sucuri-scanner
10	* Domain Path: /lang
11	+ * Version: 1.8.21
12	*
13	* PHP version 5
14	*

85	/**
86	* Current version of the plugin's code.
87	*/
88	+ define('SUCURISCAN_VERSION', '1.8.21');
89
90	/**
91	* Defines the human readable name of the plugin.

218	require_once 'src/interface.lib.php';
219	require_once 'src/auditlogs.lib.php';
220	require_once 'src/sitecheck.lib.php';
221	+ require_once 'src/wordpress-recommendations.lib.php';
222	require_once 'src/integrity.lib.php';
223	require_once 'src/firewall.lib.php';
224	require_once 'src/installer-skin.lib.php';

Sucuri Security – Auditing, Malware Scanner and Security Hardening - Version 1.8.21

Version Description

Release Info

Code changes from version 1.8.20 to 1.8.21