Sucuri Security – Auditing, Malware Scanner and Security Hardening - Version 1.8.22

Version Description

  • Add "SSL existence check" to WordPress Security Recommendations
  • Add "Salt & Security Keys existence check" to WordPress Security Recommendations
  • Add "Salt & Security Keys age check" to WordPress Security Recommendations
  • Add "Admin account check" to WordPress Security Recommendations
  • Add "Single super-admin check" to WordPress Security Recommendations
  • Add "Too many plugins check" to WordPress Security Recommendations
  • Add "File editing check" to WordPress Security Recommendations
  • Add "WordPress debug check" to WordPress Security Recommendations
  • Add "Basic hardening check" to WordPress Security Recommendations
  • Add a delete button on Last Logins sections
  • Add register of logs removal on Audit Logs
  • Fix display of Access File Integrity on NGINX/IIS servers
  • Remove PHP version check from hardening page
Download this release

Release Info

Developer imgersonr
Plugin Icon 128x128 Sucuri Security – Auditing, Malware Scanner and Security Hardening
Version 1.8.22
Comparing to
See all releases

Code changes from version 1.8.21 to 1.8.22

inc/css/styles.css CHANGED
@@ -576,7 +576,10 @@ body.sucuri-security_page_sucuriscan_hardening {
576
.sucuriscan-auditlog-critical path {
577
fill: #000;
578
}
579
- .sucuriscan-container .sucuriscan-table {
580
margin-bottom: 20px;
581
}
582
.sucuriscan-container .sucuriscan-table:last-child {
576
.sucuriscan-auditlog-critical path {
577
fill: #000;
578
}
579
+ .sucuriscan-container .sucuriscan-table,
580
+ .sucuriscan-container .sucuriscan-panel table.sucuriscan-last-logins,
581
+ .sucuriscan-container .sucuriscan-panel table.sucuriscan-lastlogins-failed
582
+ {
583
margin-bottom: 20px;
584
}
585
.sucuriscan-container .sucuriscan-table:last-child {
inc/tpl/lastlogins-all.html.tpl CHANGED
@@ -39,4 +39,9 @@
39
</tbody>
40
</table>
41
</div>
42
</div>
39
</tbody>
40
</table>
41
</div>
42
+ <form action="%%SUCURI.URL.Lastlogins%%#allusers" method="post">
43
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
44
+ <input type="hidden" name="sucuriscan_delete_lastlogins" value="1" />
45
+ <input type="submit" value="{{Delete}}" class="button button-primary" />
46
+ </form>
47
</div>
inc/tpl/lastlogins-failedlogins.html.tpl CHANGED
@@ -38,5 +38,10 @@
38
</table>
39
40
</form>
41
</div>
42
</div>
38
</table>
39
40
</form>
41
+ <form action="%%SUCURI.URL.Lastlogins%%#failed" method="post">
42
+ <input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
43
+ <input type="hidden" name="sucuriscan_delete_failedlogins" value="1" />
44
+ <input type="submit" value="{{Delete}}" class="button button-primary" />
45
+ </form>
46
</div>
47
</div>
inc/tpl/lastlogins.html.tpl CHANGED
@@ -4,7 +4,7 @@
4
<li><a href="%%SUCURI.URL.Lastlogins%%#allusers">{{All Users}}</a></li>
5
<li><a href="%%SUCURI.URL.Lastlogins%%#admins">{{Admins}}</a></li>
6
<li><a href="%%SUCURI.URL.Lastlogins%%#loggedin">{{Logged-in Users}}</a></li>
7
- <li><a href="%%SUCURI.URL.Lastlogins%%#failed">{{Failed logins}}</a></li>
8
</ul>
9
10
<div class="sucuriscan-tabs-containers">
4
<li><a href="%%SUCURI.URL.Lastlogins%%#allusers">{{All Users}}</a></li>
5
<li><a href="%%SUCURI.URL.Lastlogins%%#admins">{{Admins}}</a></li>
6
<li><a href="%%SUCURI.URL.Lastlogins%%#loggedin">{{Logged-in Users}}</a></li>
7
+ <li><a href="%%SUCURI.URL.Lastlogins%%#failed">{{Failed Logins}}</a></li>
8
</ul>
9
10
<div class="sucuriscan-tabs-containers">
inc/tpl/settings-webinfo-htaccess.html.tpl CHANGED
@@ -13,6 +13,10 @@
13
<p>{{Your website has no <code>.htaccess</code> file or it was not found in the default location.}}</p>
14
</div>
15
16
<div class="sucuriscan-inline-alert-info sucuriscan-%%SUCURI.HTAccess.StandardVisible%%">
17
<p>{{The main <code>.htaccess</code> file in your site has the standard rules for a WordPress installation. You can customize it to improve the performance and change the behaviour of the redirections for pages and posts in your site. To get more information visit the official documentation at <a target="_blank" rel="noopener" href="https://codex.wordpress.org/Using_Permalinks#Creating_and_editing_.28.htaccess.29"> Codex WordPress - Creating and editing (.htaccess)</a>}}</p>
18
</div>
13
<p>{{Your website has no <code>.htaccess</code> file or it was not found in the default location.}}</p>
14
</div>
15
16
+ <div class="sucuriscan-inline-alert-info sucuriscan-%%SUCURI.HTAccess.NotApache%%">
17
+ <p>{{Your web server does not support .htaccess files.}}</p>
18
+ </div>
19
+
20
<div class="sucuriscan-inline-alert-info sucuriscan-%%SUCURI.HTAccess.StandardVisible%%">
21
<p>{{The main <code>.htaccess</code> file in your site has the standard rules for a WordPress installation. You can customize it to improve the performance and change the behaviour of the redirections for pages and posts in your site. To get more information visit the official documentation at <a target="_blank" rel="noopener" href="https://codex.wordpress.org/Using_Permalinks#Creating_and_editing_.28.htaccess.29"> Codex WordPress - Creating and editing (.htaccess)</a>}}</p>
22
</div>
inc/tpl/settings.html.tpl CHANGED
@@ -48,8 +48,6 @@
48
49
%%%SUCURI.Settings.Hardening.WPVersion%%%
50
51
- %%%SUCURI.Settings.Hardening.PHPVersion%%%
52
-
53
%%%SUCURI.Settings.Hardening.RemoveGenerator%%%
54
55
%%%SUCURI.Settings.Hardening.NginxPHPFPM%%%
48
49
%%%SUCURI.Settings.Hardening.WPVersion%%%
50
51
%%%SUCURI.Settings.Hardening.RemoveGenerator%%%
52
53
%%%SUCURI.Settings.Hardening.NginxPHPFPM%%%
lang/sucuri-scanner.pot CHANGED
@@ -2,9 +2,8 @@
2
msgid ""
3
msgstr ""
4
"Plural-Forms: nplurals=INTEGER; plural=EXPRESSION;\n"
5
- "Project-Id-Version: Sucuri Security - Auditing, Malware Scanner and "
6
- "Hardening\n"
7
- "POT-Creation-Date: 2019-02-18 18:58-0700\n"
8
"PO-Revision-Date: 2019-02-07 02:39-0600\n"
9
"Last-Translator: \n"
10
"Language-Team: \n"
@@ -15,9 +14,8 @@ msgstr ""
15
"X-Poedit-Basepath: ..\n"
16
"X-Poedit-WPHeader: sucuri.php\n"
17
"X-Poedit-SourceCharset: UTF-8\n"
18
- "X-Poedit-KeywordsList: __;_e;_n:1,2;_x:1,2c;_ex:1,2c;_nx:4c,1,2;esc_attr__;"
19
- "esc_attr_e;esc_attr_x:1,2c;esc_html__;esc_html_e;esc_html_x:1,2c;_n_noop:1,2;"
20
- "_nx_noop:3c,1,2;__ngettext_noop:1,2\n"
21
"X-Poedit-SearchPath-0: .\n"
22
"X-Poedit-SearchPathExcluded-0: *.js\n"
23
@@ -64,7 +62,7 @@ msgstr ""
64
msgid "WP Engine PHP Compatibility Checker: %s (created post #%d as cache)"
65
msgstr ""
66
67
- #: src/api.lib.php:991 src/api.lib.php:994
68
msgid "WordPress version is not supported anymore"
69
msgstr ""
70
@@ -101,8 +99,7 @@ msgstr ""
101
msgid "Info:"
102
msgstr ""
103
104
- #: src/cache.lib.php:392 src/cache.lib.php:412 src/cache.lib.php:453
105
- #: src/cache.lib.php:470
106
msgid "Invalid cache key name"
107
msgstr ""
108
@@ -165,25 +162,36 @@ msgstr ""
165
msgid ""
166
"<br><br>\n"
167
"\n"
168
- "<em>Explanation: Someone failed to login to your site. If you are getting "
169
- "too many of these messages, it is likely your site is under a password "
170
- "guessing brute-force attack [1]. You can disable the failed login alerts "
171
- "from here [2]. Alternatively, you can consider to install a firewall between "
172
- "your website and your visitors to filter out these and other attacks, take a "
173
- "look at Sucuri Firewall [3].</em><br><br>\n"
174
"\n"
175
- "[1] <a href='https://kb.sucuri.net/definitions/attacks/brute-force/password-"
176
- "guessing'>https://kb.sucuri.net/definitions/attacks/brute-force/password-"
177
- "guessing</a><br>\n"
178
"[2] <a href='%s'>%s</a> <br>\n"
179
- "[3] <a href='https://sucuri.net/website-firewall/?wpalert'>https://sucuri."
180
- "net/website-firewall/</a><br>\n"
181
msgstr ""
182
183
#: src/event.lib.php:642
184
msgid "Password Change"
185
msgstr ""
186
187
#: src/fileinfo.lib.php:291
188
msgid "No files were found"
189
msgstr ""
@@ -224,8 +232,8 @@ msgstr ""
224
msgid "caching disabled (use with caution)"
225
msgstr ""
226
227
- #: src/firewall.lib.php:253 src/firewall.lib.php:349 src/firewall.lib.php:567
228
- #: src/firewall.lib.php:602 src/firewall.lib.php:643 src/firewall.lib.php:735
229
msgid "Firewall API key was not found."
230
msgstr ""
231
@@ -299,7 +307,7 @@ msgstr ""
299
msgid "IP has been unblacklisted: %s"
300
msgstr ""
301
302
- #: src/globals.php:80 src/strings.php:39 src/strings.php:287
303
msgid "Dashboard"
304
msgstr ""
305
@@ -311,7 +319,7 @@ msgstr ""
311
msgid "Last Logins"
312
msgstr ""
313
314
- #: src/globals.php:83 src/strings.php:41 src/strings.php:95 src/strings.php:288
315
msgid "Settings"
316
msgstr ""
317
@@ -344,36 +352,28 @@ msgstr ""
344
msgid "Media file added; ID: %s; name: %s; type: %s"
345
msgstr ""
346
347
- #: src/hook.lib.php:82 src/hook.lib.php:108 src/hook.lib.php:197
348
- #: src/hook.lib.php:1001 src/hook.lib.php:1012 src/hook.lib.php:1042
349
- #: src/settings-general.php:408 src/settings-general.php:409
350
- #: src/settings-general.php:410 src/settings-general.php:411
351
- #: src/settings-general.php:412 src/settings-webinfo.php:40
352
msgid "unknown"
353
msgstr ""
354
355
- #: src/hook.lib.php:83 src/hook.lib.php:109 src/hook.lib.php:1002
356
- #: src/hook.lib.php:1013 src/hook.lib.php:1043
357
msgid "user@domain.com"
358
msgstr ""
359
360
#: src/hook.lib.php:91
361
#, php-format
362
- msgid ""
363
- "User added to website; user_id: %s; role: %s; blog_id: %s; name: %s; email: "
364
- "%s"
365
msgstr ""
366
367
#: src/hook.lib.php:117
368
#, php-format
369
- msgid ""
370
- "User removed from website; user_id: %s; blog_id: %s; name: %s; email: %s"
371
msgstr ""
372
373
- #: src/hook.lib.php:134 src/hook.lib.php:229 src/hook.lib.php:296
374
- #: src/hook.lib.php:408 src/hook.lib.php:533 src/hook.lib.php:744
375
- #: src/hook.lib.php:770 src/hook.lib.php:870 src/hook.lib.php:912
376
- #: src/lastlogins-failed.php:246
377
msgid "Unknown"
378
msgstr ""
379
@@ -413,9 +413,7 @@ msgstr ""
413
414
#: src/hook.lib.php:326
415
#, php-format
416
- msgid ""
417
- "The value of the option <b>%s</b> was changed from <b>'%s'</b> to <b>'%s'</"
418
- "b>.<br>\n"
419
msgstr ""
420
421
#: src/hook.lib.php:332
@@ -576,9 +574,7 @@ msgstr ""
576
577
#: src/hook.lib.php:1022
578
#, php-format
579
- msgid ""
580
- "User account edited; ID: %s; name: %s; old_name: %s; email: %s; old_email: "
581
- "%s; roles: %s; old_roles: %s"
582
msgstr ""
583
584
#: src/hook.lib.php:1054
@@ -591,8 +587,7 @@ msgstr ""
591
msgid "Widget %s (%s) %s %s (#%d; size %dx%d)"
592
msgstr ""
593
594
- #: src/integrity.lib.php:113 src/settings-general.php:46
595
- #: src/settings-general.php:594 src/settings-posthack.php:58
596
msgid "You need to confirm that you understand the risk of this operation."
597
msgstr ""
598
@@ -617,9 +612,7 @@ msgid "Nothing was selected from the list."
617
msgstr ""
618
619
#: src/integrity.lib.php:228
620
- msgid ""
621
- "Server is not fast enough to process this action; maximum execution time "
622
- "reached"
623
msgstr ""
624
625
#: src/integrity.lib.php:234
@@ -634,26 +627,23 @@ msgstr ""
634
635
#: src/integrity.lib.php:321
636
msgid ""
637
- "The plugin has no permission to delete this file because it was created by a "
638
- "different system user who has more privileges than your account. Please use "
639
- "FTP to delete it."
640
msgstr ""
641
642
#: src/integrity.lib.php:323
643
msgid ""
644
- "The plugin has no permission to restore this file because it was modified by "
645
- "a different system user who has more privileges than your account. Please "
646
- "use FTP to restore it."
647
msgstr ""
648
649
#: src/integrity.lib.php:325
650
msgid ""
651
- "The plugin has no permission to restore this file because its directory is "
652
- "owned by a different system user who has more privileges than your account. "
653
- "Please use FTP to restore it."
654
msgstr ""
655
656
- #: src/integrity.lib.php:405 src/strings.php:475 src/strings.php:477
657
msgid "WordPress Integrity Diff Utility"
658
msgstr ""
659
@@ -668,17 +658,14 @@ msgstr ""
668
669
#: src/interface.lib.php:240
670
msgid ""
671
- "API service communication is disabled, if you just updated the plugin this "
672
- "might be a good opportunity to test this feature once again with the new "
673
- "code. Enable it again from the \"API Service\" panel located in the settings "
674
- "page."
675
msgstr ""
676
677
#: src/interface.lib.php:253
678
msgid ""
679
- "Do you want to get vulnerability disclosures? Subscribe to our newsletter <a "
680
- "href=\"http://sucuri.hs-sites.com/subscribe-to-security\" target=\"_blank\" "
681
- "rel=\"noopener\">here</a>"
682
msgstr ""
683
684
#: src/interface.lib.php:266
@@ -696,57 +683,51 @@ msgstr ""
696
697
#: src/interface.lib.php:288
698
msgid ""
699
- "WordPress CSRF verification failed. The submitted form is missing an "
700
- "important unique code that prevents the execution of automated malicious "
701
- "scanners. Go back and try again. If you did not submit a form, this error "
702
- "message could be an indication of an incompatibility between this plugin and "
703
- "another add-on; one of them is inserting data into the global POST variable "
704
- "when the HTTP request is coming via GET. Disable them one by one (while "
705
- "reloading this page) to find the culprit."
706
msgstr ""
707
708
- #: src/lastlogins-failed.php:344 src/lastlogins-failed.php:368
709
- #: src/strings.php:154 src/strings.php:167 src/strings.php:179
710
- #: src/strings.php:190 src/strings.php:410
711
msgid "Username"
712
msgstr ""
713
714
- #: src/lastlogins-failed.php:345 src/lastlogins-failed.php:369
715
msgid "Password"
716
msgstr ""
717
718
- #: src/lastlogins-failed.php:346 src/lastlogins-failed.php:370
719
- #: src/strings.php:81 src/strings.php:160 src/strings.php:168
720
- #: src/strings.php:180 src/strings.php:193 src/strings.php:272
721
msgid "IP Address"
722
msgstr ""
723
724
- #: src/lastlogins-failed.php:347 src/lastlogins-failed.php:371
725
msgid "Attempt Timestamp"
726
msgstr ""
727
728
- #: src/lastlogins-failed.php:348 src/lastlogins-failed.php:372
729
msgid "Attempt Date/Time"
730
msgstr ""
731
732
- #: src/lastlogins.php:124
733
#, php-format
734
msgid "Last-logins data file is not writable: <code>%s</code>"
735
msgstr ""
736
737
- #: src/lastlogins.php:300
738
msgid "Invalid last-logins storage file"
739
msgstr ""
740
741
- #: src/lastlogins.php:307
742
msgid "No last-logins data is available"
743
msgstr ""
744
745
- #: src/lastlogins.php:451
746
#, php-format
747
- msgid ""
748
- "Last login was at <b>%s</b> from <b>%s</b> <em>(%s)</em> <a href=\"%s\" "
749
- "target=\"_self\">view all logs</a>"
750
msgstr ""
751
752
#: src/mail.lib.php:80
@@ -762,8 +743,7 @@ msgstr ""
762
msgid "Sucuri Alert"
763
msgstr ""
764
765
- #: src/option.lib.php:148 src/settings-alerts.php:209
766
- #: src/settings-alerts.php:210 src/settings-alerts.php:211
767
#, php-format
768
msgid "Sucuri Alert, %s, %s, %s"
769
msgstr ""
@@ -780,18 +760,17 @@ msgstr ""
780
msgid "Scripts"
781
msgstr ""
782
783
- #: src/pagehandler.php:47 src/pagehandler.php:48 src/pagehandler.php:49
784
- #: src/strings.php:26 src/strings.php:53 src/strings.php:65 src/strings.php:76
785
- #: src/strings.php:108 src/strings.php:143 src/strings.php:397
786
- #: src/strings.php:407 src/strings.php:418 src/strings.php:449
787
msgid "Loading..."
788
msgstr ""
789
790
- #: src/pagehandler.php:97
791
msgid "Last-Logins logs were successfully reset."
792
msgstr ""
793
794
- #: src/pagehandler.php:99
795
msgid "Could not reset the last-logins data file."
796
msgstr ""
797
@@ -858,8 +837,7 @@ msgstr ""
858
msgid "n/a"
859
msgstr ""
860
861
- #: src/settings-alerts.php:208 src/settings-alerts.php:212
862
- #: src/settings-alerts.php:213
863
#, php-format
864
msgid "Sucuri Alert, %s, %s"
865
msgstr ""
@@ -945,15 +923,14 @@ msgstr ""
945
946
#: src/settings-alerts.php:364
947
#, php-format
948
- msgid ""
949
- "Consider brute-force attack after <code>%s</code> failed logins per hour"
950
msgstr ""
951
952
#: src/settings-alerts.php:369
953
#, php-format
954
msgid ""
955
- "The plugin will assume that your website is under a brute-force attack after "
956
- "%s failed logins are detected during the same hour"
957
msgstr ""
958
959
#: src/settings-alerts.php:371
@@ -965,15 +942,11 @@ msgid "Receive email alerts for changes in the settings of the plugin"
965
msgstr ""
966
967
#: src/settings-alerts.php:397
968
- msgid ""
969
- "Receive email alerts in HTML <em>(there may be issues with some mail "
970
- "services)</em>"
971
msgstr ""
972
973
#: src/settings-alerts.php:398
974
- msgid ""
975
- "Use WordPress functions to send mails <em>(uncheck to use native PHP "
976
- "functions)</em>"
977
msgstr ""
978
979
#: src/settings-alerts.php:399
@@ -997,21 +970,15 @@ msgid "Receive email alerts for successful login attempts"
997
msgstr ""
998
999
#: src/settings-alerts.php:404
1000
- msgid ""
1001
- "Receive email alerts for failed login attempts <em>(you may receive tons of "
1002
- "emails)</em>"
1003
msgstr ""
1004
1005
#: src/settings-alerts.php:405
1006
- msgid ""
1007
- "Receive email alerts for password guessing attacks <em>(summary of failed "
1008
- "logins per hour)</em>"
1009
msgstr ""
1010
1011
#: src/settings-alerts.php:406
1012
- msgid ""
1013
- "Receive email alerts for changes in the post status <em>(configure from "
1014
- "Ignore Posts Changes)</em>"
1015
msgstr ""
1016
1017
#: src/settings-alerts.php:407
@@ -1104,21 +1071,17 @@ msgstr ""
1104
msgid "List of monitored post-types has been updated"
1105
msgstr ""
1106
1107
- #: src/settings-alerts.php:574 src/settings-scanner.php:179
1108
- #: src/settings-scanner.php:239 src/strings.php:46 src/strings.php:159
1109
- #: src/strings.php:171 src/strings.php:183 src/strings.php:275
1110
- #: src/strings.php:380 src/strings.php:471
1111
msgid "no data available"
1112
msgstr ""
1113
1114
- #: src/settings-apiservice.php:36 src/settings-general.php:304
1115
- #: src/settings-general.php:370 src/settings-general.php:417
1116
#: src/settings-integrity.php:80
1117
msgid "Enabled"
1118
msgstr ""
1119
1120
- #: src/settings-apiservice.php:37 src/settings-general.php:305
1121
- #: src/settings-general.php:371 src/settings-general.php:418
1122
#: src/settings-integrity.php:81
1123
msgid "Disable"
1124
msgstr ""
@@ -1132,13 +1095,11 @@ msgstr ""
1132
msgid "The status of the API service has been changed"
1133
msgstr ""
1134
1135
- #: src/settings-apiservice.php:63 src/settings-general.php:347
1136
- #: src/settings-general.php:391 src/settings-general.php:452
1137
msgid "Disabled"
1138
msgstr ""
1139
1140
- #: src/settings-apiservice.php:64 src/settings-general.php:348
1141
- #: src/settings-general.php:392 src/settings-general.php:453
1142
msgid "Enable"
1143
msgstr ""
1144
@@ -1177,9 +1138,7 @@ msgid "Sucuri API key was added manually."
1177
msgstr ""
1178
1179
#: src/settings-general.php:100
1180
- msgid ""
1181
- "You must accept the Terms of Service and Privacy Policy in order to request "
1182
- "an API key."
1183
msgstr ""
1184
1185
#: src/settings-general.php:107
@@ -1208,403 +1167,353 @@ msgstr ""
1208
1209
#: src/settings-general.php:165
1210
#, php-format
1211
- msgid ""
1212
- "Cache to store the system logs obtained from the API service; expires after "
1213
- "%s seconds."
1214
msgstr ""
1215
1216
#: src/settings-general.php:166
1217
- msgid ""
1218
- "Local queue to store the most recent logs before they are sent to the remote "
1219
- "API service."
1220
msgstr ""
1221
1222
#: src/settings-general.php:167
1223
- msgid ""
1224
- "Deprecated on 1.8.12; it was used to store a list of blocked user names."
1225
msgstr ""
1226
1227
#: src/settings-general.php:168
1228
msgid ""
1229
- "Stores the data for every failed login attempt. The data is moved to "
1230
- "\"oldfailedlogins\" every hour during a brute force password attack."
1231
msgstr ""
1232
1233
#: src/settings-general.php:169
1234
msgid ""
1235
- "Temporarily stores data to complement the logs during destructive operations "
1236
- "like deleting a post, page, comment, etc."
1237
msgstr ""
1238
1239
#: src/settings-general.php:170
1240
- msgid ""
1241
- "Stores a list of files and folders chosen by the user to be ignored by the "
1242
- "file system scanner."
1243
msgstr ""
1244
1245
#: src/settings-general.php:171
1246
- msgid ""
1247
- "Stores a list of files marked as fixed by the user via the WordPress "
1248
- "Integrity tool."
1249
msgstr ""
1250
1251
#: src/settings-general.php:172
1252
msgid ""
1253
- "Stores the data associated to every successful user login. The data never "
1254
- "expires; manually delete if the file is too large."
1255
msgstr ""
1256
1257
#: src/settings-general.php:173
1258
msgid ""
1259
- "Stores the data for every failed login attempt after the plugin sends a "
1260
- "report about a brute force password attack via email."
1261
msgstr ""
1262
1263
#: src/settings-general.php:174
1264
#, php-format
1265
- msgid ""
1266
- "Cache to store the data associated to the installed plugins listed in the "
1267
- "Post-Hack page. Expires after %s seconds."
1268
msgstr ""
1269
1270
#: src/settings-general.php:175
1271
- msgid ""
1272
- "Stores all the options used to configure the functionality and behavior of "
1273
- "the plugin."
1274
msgstr ""
1275
1276
#: src/settings-general.php:176
1277
#, php-format
1278
- msgid ""
1279
- "Cache to store the result of the malware scanner. Expires after %s seconds, "
1280
- "reset at any time to force a re-scan."
1281
msgstr ""
1282
1283
#: src/settings-general.php:177
1284
msgid ""
1285
- "Stores a list of IP addresses trusted by the plugin, events triggered by one "
1286
- "of these IPs will not be reported to the remote monitoring API service."
1287
msgstr ""
1288
1289
- #: src/settings-general.php:211
1290
#, php-format
1291
- msgid "%d out of %d files has been deleted"
1292
msgstr ""
1293
1294
- #: src/settings-general.php:229 src/settings-posthack.php:308
1295
msgid "Not Writable"
1296
msgstr ""
1297
1298
- #: src/settings-general.php:230
1299
msgid "Does Not Exist"
1300
msgstr ""
1301
1302
- #: src/settings-general.php:236
1303
msgid "Exists"
1304
msgstr ""
1305
1306
- #: src/settings-general.php:242 src/strings.php:328
1307
msgid "Writable"
1308
msgstr ""
1309
1310
- #: src/settings-general.php:316
1311
msgid "Log exporter was disabled"
1312
msgstr ""
1313
1314
- #: src/settings-general.php:322
1315
msgid "The log exporter feature has been disabled"
1316
msgstr ""
1317
1318
- #: src/settings-general.php:324
1319
msgid "File should not be publicly accessible."
1320
msgstr ""
1321
1322
- #: src/settings-general.php:326
1323
msgid "File already exists and will not be overwritten."
1324
msgstr ""
1325
1326
- #: src/settings-general.php:328
1327
msgid "File parent directory is not writable."
1328
msgstr ""
1329
1330
- #: src/settings-general.php:332
1331
msgid "Log exporter file path was correctly set"
1332
msgstr ""
1333
1334
- #: src/settings-general.php:338
1335
- msgid ""
1336
- "The log exporter feature has been enabled and the data file was successfully "
1337
- "set."
1338
msgstr ""
1339
1340
- #: src/settings-general.php:414
1341
msgid "INVALID"
1342
msgstr ""
1343
1344
- #: src/settings-general.php:432
1345
#, php-format
1346
msgid "DNS lookups for reverse proxy detection <code>%s</code>"
1347
msgstr ""
1348
1349
- #: src/settings-general.php:437
1350
- msgid ""
1351
- "The status of the DNS lookups for the reverse proxy detection has been "
1352
- "changed"
1353
msgstr ""
1354
1355
- #: src/settings-general.php:585
1356
#, php-format
1357
msgid "%d out of %d option have been successfully imported"
1358
msgstr ""
1359
1360
- #: src/settings-general.php:591
1361
msgid "Data is incorrectly encoded"
1362
msgstr ""
1363
1364
- #: src/settings-general.php:649
1365
#, php-format
1366
msgid "Timezone override will use %s"
1367
msgstr ""
1368
1369
- #: src/settings-general.php:654
1370
msgid "The timezone for the date and time in the audit logs has been changed"
1371
msgstr ""
1372
1373
- #: src/settings-hardening.php:102
1374
msgid ""
1375
- "The firewall is a premium service that you need purchase at - <a href="
1376
- "\"https://sucuri.net/website-firewall/signup\" target=\"_blank\">Sucuri Firewall</a>"
1377
msgstr ""
1378
1379
- #: src/settings-hardening.php:107
1380
msgid "Website Firewall Protection"
1381
msgstr ""
1382
1383
- #: src/settings-hardening.php:108
1384
msgid ""
1385
- "A WAF is a protection layer for your web site, blocking all sort of attacks "
1386
- "(brute force attempts, DDoS, SQL injections, etc) and helping it remain "
1387
- "malware and blacklist free. This test checks if your site is using Sucuri "
1388
- "Firewall to protect your site."
1389
msgstr ""
1390
1391
- #: src/settings-hardening.php:112 src/settings-hardening.php:193
1392
- #: src/settings-hardening.php:301 src/settings-hardening.php:360
1393
- #: src/settings-hardening.php:429 src/settings-hardening.php:461
1394
- #: src/settings-hardening.php:501 src/settings-hardening.php:594
1395
msgid "Apply Hardening"
1396
msgstr ""
1397
1398
- #: src/settings-hardening.php:116 src/settings-hardening.php:190
1399
- #: src/settings-hardening.php:212 src/settings-hardening.php:293
1400
- #: src/settings-hardening.php:297 src/settings-hardening.php:352
1401
- #: src/settings-hardening.php:356 src/settings-hardening.php:421
1402
- #: src/settings-hardening.php:425 src/settings-hardening.php:464
1403
- #: src/settings-hardening.php:497 src/settings-hardening.php:590
1404
msgid "Revert Hardening"
1405
msgstr ""
1406
1407
- #: src/settings-hardening.php:141
1408
msgid "Check Updates Now"
1409
msgstr ""
1410
1411
- #: src/settings-hardening.php:142
1412
msgid "Verify WordPress Version"
1413
msgstr ""
1414
1415
- #: src/settings-hardening.php:143
1416
msgid ""
1417
- "Why keep your site updated? WordPress is an open-source project which means "
1418
- "that with every update the details of the changes made to the source code "
1419
- "are made public, if there were security fixes then someone with malicious "
1420
- "intent can use this information to attack any site that has not been "
1421
- "upgraded."
1422
msgstr ""
1423
1424
- #: src/settings-hardening.php:147
1425
msgid "WordPress Update Available"
1426
msgstr ""
1427
1428
- #: src/settings-hardening.php:179
1429
- msgid ""
1430
- "Ask your hosting provider to install an updated version of PHP - <a href="
1431
- "\"http://php.net/supported-versions.php\" target=\"_blank\" rel=\"noopener"
1432
- "\">List of PHP Supported Versions</a>"
1433
- msgstr ""
1434
-
1435
- #: src/settings-hardening.php:184
1436
- msgid "Verify PHP Version"
1437
- msgstr ""
1438
-
1439
- #: src/settings-hardening.php:185
1440
- #, php-format
1441
- msgid "PHP %s is installed."
1442
- msgstr ""
1443
-
1444
- #: src/settings-hardening.php:210
1445
msgid "Remove WordPress Version"
1446
msgstr ""
1447
1448
- #: src/settings-hardening.php:214
1449
msgid ""
1450
- "It checks if your WordPress version is being leaked to the public via a HTML "
1451
- "meta-tag. Many web vulnerability scanners use this to determine which "
1452
- "version of the code is running in your website. They use this to find "
1453
- "disclosed vulnerabilities associated to this version number. A vulnerability "
1454
- "scanner can still guess which version of WordPress is installed by comparing "
1455
- "the checksum of some static files."
1456
msgstr ""
1457
1458
- #: src/settings-hardening.php:234
1459
msgid ""
1460
- "Read the official WordPress guidelines to learn how to restrict access to "
1461
- "PHP files in sensitive directories - <a href=\"https://codex.wordpress.org/"
1462
- "Nginx#Global_restrictions_file\" target=\"_blank\" rel=\"noopener\">Nginx "
1463
- "Global Restrictions For WordPress</a>"
1464
msgstr ""
1465
1466
- #: src/settings-hardening.php:238
1467
msgid "Block of Certain PHP Files"
1468
msgstr ""
1469
1470
- #: src/settings-hardening.php:241
1471
msgid "Check Hardening"
1472
msgstr ""
1473
1474
- #: src/settings-hardening.php:242 src/settings-hardening.php:288
1475
- #: src/settings-hardening.php:347 src/settings-hardening.php:416
1476
msgid ""
1477
- "Block the execution of PHP files in sensitive directories. Be careful while "
1478
- "applying this hardening option as there are many plugins and theme which "
1479
- "rely on the ability to execute PHP files in the content directory to "
1480
- "generate images or save temporary data. Use the \"Whitelist PHP Files\" tool "
1481
- "to add exceptions to individual files."
1482
msgstr ""
1483
1484
- #: src/settings-hardening.php:269 src/settings-hardening.php:270
1485
msgid "Hardening applied to the uploads directory"
1486
msgstr ""
1487
1488
- #: src/settings-hardening.php:272 src/settings-hardening.php:331
1489
- #: src/settings-hardening.php:398
1490
msgid "Error hardening directory, check the permissions."
1491
msgstr ""
1492
1493
- #: src/settings-hardening.php:280 src/settings-hardening.php:281
1494
msgid "Hardening reverted in the uploads directory"
1495
msgstr ""
1496
1497
- #: src/settings-hardening.php:283 src/settings-hardening.php:342
1498
- #: src/settings-hardening.php:411
1499
msgid "Access file is not writable, check the permissions."
1500
msgstr ""
1501
1502
- #: src/settings-hardening.php:287
1503
msgid "Block PHP Files in Uploads Directory"
1504
msgstr ""
1505
1506
- #: src/settings-hardening.php:328 src/settings-hardening.php:329
1507
msgid "Hardening applied to the content directory"
1508
msgstr ""
1509
1510
- #: src/settings-hardening.php:339 src/settings-hardening.php:340
1511
msgid "Hardening reverted in the content directory"
1512
msgstr ""
1513
1514
- #: src/settings-hardening.php:346
1515
msgid "Block PHP Files in WP-CONTENT Directory"
1516
msgstr ""
1517
1518
- #: src/settings-hardening.php:392 src/settings-hardening.php:393
1519
msgid "Hardening applied to the library directory"
1520
msgstr ""
1521
1522
- #: src/settings-hardening.php:408 src/settings-hardening.php:409
1523
msgid "Hardening reverted in the library directory"
1524
msgstr ""
1525
1526
- #: src/settings-hardening.php:415
1527
msgid "Block PHP Files in WP-INCLUDES Directory"
1528
msgstr ""
1529
1530
- #: src/settings-hardening.php:448
1531
#, php-format
1532
msgid "Cannot delete <code>%s/readme.html</code>"
1533
msgstr ""
1534
1535
- #: src/settings-hardening.php:450 src/settings-hardening.php:451
1536
msgid "Hardening applied to the <code>readme.html</code> file"
1537
msgstr ""
1538
1539
- #: src/settings-hardening.php:455
1540
msgid "Information Leakage"
1541
msgstr ""
1542
1543
- #: src/settings-hardening.php:456
1544
msgid ""
1545
- "Checks if the WordPress README file still exists in the website. The "
1546
- "information in this file can be used by malicious users to pin-point which "
1547
- "disclosed vulnerabilities are associated to the website. Be aware that "
1548
- "WordPress recreates this file automatically with every update."
1549
msgstr ""
1550
1551
- #: src/settings-hardening.php:491
1552
msgid "Default Admin Account"
1553
msgstr ""
1554
1555
- #: src/settings-hardening.php:492
1556
msgid ""
1557
- "Check if the primary user account still uses the name \"admin\". This allows "
1558
- "malicious users to easily identify which account has the highest privileges "
1559
- "to target an attack."
1560
msgstr ""
1561
1562
- #: src/settings-hardening.php:521 src/settings-hardening.php:552
1563
- #: src/settings-posthack.php:63
1564
msgid "WordPress configuration file was not found."
1565
msgstr ""
1566
1567
- #: src/settings-hardening.php:523 src/settings-hardening.php:554
1568
- #: src/settings-posthack.php:76
1569
msgid "WordPress configuration file is not writable."
1570
msgstr ""
1571
1572
- #: src/settings-hardening.php:543 src/settings-hardening.php:544
1573
msgid "Hardening applied to the plugin and theme editor"
1574
msgstr ""
1575
1576
- #: src/settings-hardening.php:572
1577
msgid ""
1578
- "File Editor was not disabled using this tool. You must scan your project for "
1579
- "a constant defined as DISALLOW_FILE_EDIT, then either delete it or set its "
1580
- "value to False. Any plugin/theme can disable the file editor, so it is "
1581
- "impossible to determine the origin of the constant."
1582
msgstr ""
1583
1584
- #: src/settings-hardening.php:578 src/settings-hardening.php:579
1585
msgid "Hardening reverted in the plugin and theme editor"
1586
msgstr ""
1587
1588
- #: src/settings-hardening.php:584
1589
msgid "Plugin and Theme Editor"
1590
msgstr ""
1591
1592
- #: src/settings-hardening.php:585
1593
msgid ""
1594
- "Disables the theme and plugin editors to prevent unwanted modifications to "
1595
- "the code. If you are having problems reverting this please open the wp-"
1596
- "config.php file and delete the line with the constant DISALLOW_FILE_EDIT."
1597
msgstr ""
1598
1599
- #: src/settings-hardening.php:636
1600
msgid "The file has been whitelisted from the hardening"
1601
msgstr ""
1602
1603
- #: src/settings-hardening.php:641
1604
msgid "Specified folder is not hardened by this plugin"
1605
msgstr ""
1606
1607
- #: src/settings-hardening.php:655
1608
msgid "Selected files have been removed"
1609
msgstr ""
1610
@@ -1856,32 +1765,25 @@ msgstr ""
1856
1857
#: src/strings.php:51
1858
msgid ""
1859
- "The firewall logs every request involved in an attack and separates them "
1860
- "from the legitimate requests. You can analyze the data from the latest "
1861
- "entries in the logs using this tool and take action either enabling the "
1862
- "advanced features of the IDS <em>(Intrusion Detection System)</em> from the "
1863
- "<a href=\"https://waf.sucuri.net/?settings\" target=\"_blank\" rel=\"noopener"
1864
- "\">Firewall Dashboard</a> and/or blocking IP addresses and URL paths "
1865
- "directly from the <a href=\"https://waf.sucuri.net/?audit\" target=\"_blank"
1866
- "\" rel=\"noopener\">Firewall Audit Trails</a> page."
1867
msgstr ""
1868
1869
#: src/strings.php:52
1870
msgid "Non-blocked requests are hidden from the logs, this is intentional."
1871
msgstr ""
1872
1873
- #: src/strings.php:54 src/strings.php:75 src/strings.php:128
1874
- #: src/strings.php:213 src/strings.php:219 src/strings.php:226
1875
- #: src/strings.php:234 src/strings.php:246 src/strings.php:253
1876
- #: src/strings.php:263 src/strings.php:270 src/strings.php:282
1877
- #: src/strings.php:295 src/strings.php:335 src/strings.php:353
1878
- #: src/strings.php:363 src/strings.php:369 src/strings.php:375
1879
- #: src/strings.php:414 src/strings.php:427 src/strings.php:451
1880
- #: src/strings.php:458 src/strings.php:523
1881
msgid "Submit"
1882
msgstr ""
1883
1884
- #: src/strings.php:57 src/strings.php:200
1885
msgid "Date/Time:"
1886
msgstr ""
1887
@@ -1919,46 +1821,35 @@ msgstr ""
1919
1920
#: src/strings.php:69
1921
msgid ""
1922
- "The firewall offers multiple options to configure the cache level applied to "
1923
- "your website. You can either enable the full cache which is the recommended "
1924
- "setting, or you can set the cache level to minimal which will keep the pages "
1925
- "static for a couple of minutes, or force the usage of the website headers "
1926
- "<em>(only for advanced users)</em>, or in extreme cases where you do not "
1927
- "need the cache you can simply disable it. Find more information about it in "
1928
- "the <a href=\"https://kb.sucuri.net/firewall/Performance/caching-options\" "
1929
- "target=\"_blank\" rel=\"noopener\">Sucuri Knowledge Base</a> website."
1930
msgstr ""
1931
1932
#: src/strings.php:70
1933
msgid ""
1934
- "Note that the firewall has <a href=\"https://kb.sucuri.net/firewall/"
1935
- "Performance/cache-exceptions\" target=\"_blank\" rel=\"noopener\">special "
1936
- "caching rules</a> for Images, CSS, PDF, TXT, JavaScript, media files and a "
1937
- "few more extensions that are stored on our <a href=\"https://en.wikipedia."
1938
- "org/wiki/Edge_device\" target=\"_blank\" rel=\"noopener\">edge</a>. The only "
1939
- "way to flush the cache for these files is by clearing the firewall’s cache "
1940
- "completely <em>(for the whole website)</em>. Due to our caching of "
1941
- "JavaScript and CSS files, often, as is best practice, the use of versioning "
1942
- "during development will ensure updates going live as expected. This is done "
1943
- "by adding a query string such as <code>?ver=1.2.3</code> and incrementing on "
1944
- "each update."
1945
msgstr ""
1946
1947
#: src/strings.php:71
1948
msgid ""
1949
- "A web cache (or HTTP cache) is an information technology for the temporary "
1950
- "storage (caching) of web documents, such as HTML pages and images, to reduce "
1951
- "bandwidth usage, server load, and perceived lag. A web cache system stores "
1952
- "copies of documents passing through it; subsequent requests may be satisfied "
1953
- "from the cache if certain conditions are met. A web cache system can refer "
1954
- "either to an appliance, or to a computer program. &mdash; <a href=\"https://"
1955
- "en.wikipedia.org/wiki/Web_cache\" target=\"_blank\" rel=\"noopener"
1956
- "\">WikiPedia - Web Cache</a>"
1957
msgstr ""
1958
1959
- #: src/strings.php:74 src/strings.php:88 src/strings.php:256
1960
- #: src/strings.php:276 src/strings.php:318 src/strings.php:329
1961
- #: src/strings.php:381
1962
msgid "Delete"
1963
msgstr ""
1964
@@ -1968,13 +1859,10 @@ msgstr ""
1968
1969
#: src/strings.php:78
1970
msgid ""
1971
- "This tool allows you to whitelist and blacklist one or more IP addresses "
1972
- "from accessing your website. You can also configure the plugin to "
1973
- "automatically blacklist any IP address involved in a password guessing brute-"
1974
- "force attack. If a legitimate user fails to submit the correct credentials "
1975
- "of their account they will have to log into the Firewall dashboard in order "
1976
- "to delete their IP address from the blacklist, or try to login once again "
1977
- "through a VPN."
1978
msgstr ""
1979
1980
#: src/strings.php:79
@@ -1991,20 +1879,16 @@ msgstr ""
1991
1992
#: src/strings.php:85
1993
msgid ""
1994
- "A powerful Web Application Firewall and <b>Intrusion Detection System</b> "
1995
- "for any WordPress user and many other platforms. This page will help you to "
1996
- "configure and monitor your site through the <b>Sucuri Firewall</b>. Once "
1997
- "enabled, our firewall will act as a shield, protecting your site from "
1998
- "attacks and preventing malware infections and reinfections. It will block "
1999
- "SQL injection attempts, brute force attacks, XSS, RFI, backdoors and many "
2000
- "other threats against your site."
2001
msgstr ""
2002
2003
#: src/strings.php:86
2004
msgid ""
2005
- "Add your <a href=\"https://waf.sucuri.net/?settings&panel=api\" target="
2006
- "\"_blank\" rel=\"noopener\">Firewall API key</a> in the form below to start "
2007
- "communicating with the firewall API service."
2008
msgstr ""
2009
2010
#: src/strings.php:87
@@ -2015,24 +1899,21 @@ msgstr ""
2015
msgid "Save"
2016
msgstr ""
2017
2018
- #: src/strings.php:90 src/strings.php:385 src/strings.php:393
2019
- #: src/strings.php:423 src/strings.php:434 src/strings.php:445
2020
msgid "Name"
2021
msgstr ""
2022
2023
- #: src/strings.php:91 src/strings.php:435
2024
msgid "Value"
2025
msgstr ""
2026
2027
#: src/strings.php:92
2028
msgid ""
2029
- "<em>[1]</em> More information about the <a href=\"https://sucuri.net/website-"
2030
- "firewall/\" target=\"_blank\" rel=\"noopener\">Sucuri Firewall</a>, features "
2031
- "and pricing.<br><em>[2]</em> Instructions and videos in the official <a href="
2032
- "\"https://kb.sucuri.net/firewall\" target=\"_blank\" rel=\"noopener"
2033
- "\">Knowledge Base</a> site.<br><em>[3]</em> <a href=\"https://login.sucuri."
2034
- "net/signup2/create?CloudProxy\" target=\"_blank\" rel=\"noopener\">Sign up</"
2035
- "a> for a new account and start protecting your site."
2036
msgstr ""
2037
2038
#: src/strings.php:97
@@ -2046,11 +1927,9 @@ msgstr ""
2046
#: src/strings.php:102 src/strings.php:113 src/strings.php:142
2047
#, php-format
2048
msgid ""
2049
- "We inspect your WordPress installation and look for modifications on the "
2050
- "core files as provided by WordPress.org. Files located in the root "
2051
- "directory, wp-admin and wp-includes will be compared against the files "
2052
- "distributed with v%%SUCURI.WordPressVersion%%; all files with "
2053
- "inconsistencies will be listed here. Any changes might indicate a hack."
2054
msgstr ""
2055
2056
#: src/strings.php:103
@@ -2059,11 +1938,9 @@ msgstr ""
2059
2060
#: src/strings.php:104
2061
msgid ""
2062
- "We have not identified additional files, deleted files, or relevant changes "
2063
- "to the core files in your WordPress installation. If you are experiencing "
2064
- "other malware issues, please use a <a href=\"https://sucuri.net/website-"
2065
- "security/malware-removal\" target=\"_blank\" rel=\"noopener\">Server Side "
2066
- "Scanner</a>."
2067
msgstr ""
2068
2069
#: src/strings.php:105 src/strings.php:116
@@ -2072,11 +1949,10 @@ msgstr ""
2072
2073
#: src/strings.php:109
2074
msgid ""
2075
- "Lines with a <b>minus</b> sign as the prefix <em>(here in red)</em> show the "
2076
- "original code. Lines with a <b>plus</b> sign as the prefix <em>(here in "
2077
- "green)</em> show the modified code. You can read more about the DIFF format "
2078
- "from the WikiPedia article about the <a target=\"_blank\" href=\"https://en."
2079
- "wikipedia.org/wiki/Diff_utility\" rel=\"noopener\">Unix Diff Utility</a>."
2080
msgstr ""
2081
2082
#: src/strings.php:114
@@ -2085,11 +1961,9 @@ msgstr ""
2085
2086
#: src/strings.php:115 src/strings.php:132
2087
msgid ""
2088
- "We identified that some of your WordPress core files were modified. That "
2089
- "might indicate a hack or a broken file on your installation. If you are "
2090
- "experiencing other malware issues, please use a <a href=\"https://sucuri.net/"
2091
- "website-security/malware-removal\" target=\"_blank\" rel=\"noopener\">Server "
2092
- "Side Scanner</a>."
2093
msgstr ""
2094
2095
#: src/strings.php:117 src/strings.php:133
@@ -2099,20 +1973,17 @@ msgstr ""
2099
2100
#: src/strings.php:118
2101
msgid ""
2102
- "The Unix Diff Utility is enabled. You can click the files in the table to "
2103
- "see the differences detected by the scanner. If you consider the differences "
2104
- "to be harmless you can mark the file as fixed, otherwise it is advised to "
2105
- "restore the original content immediately."
2106
msgstr ""
2107
2108
- #: src/strings.php:119 src/strings.php:224 src/strings.php:237
2109
- #: src/strings.php:254 src/strings.php:271 src/strings.php:324
2110
- #: src/strings.php:376 src/strings.php:409 src/strings.php:422
2111
- #: src/strings.php:444 src/strings.php:459 src/strings.php:467
2112
msgid "Select All"
2113
msgstr ""
2114
2115
- #: src/strings.php:120 src/strings.php:135 src/strings.php:326
2116
msgid "File Size"
2117
msgstr ""
2118
@@ -2120,17 +1991,15 @@ msgstr ""
2120
msgid "Modified At"
2121
msgstr ""
2122
2123
- #: src/strings.php:122 src/strings.php:137 src/strings.php:325
2124
- #: src/strings.php:377 src/strings.php:460 src/strings.php:470
2125
msgid "File Path"
2126
msgstr ""
2127
2128
- #: src/strings.php:123 src/strings.php:334 src/strings.php:352
2129
- #: src/strings.php:436
2130
msgid "I understand that this operation cannot be reverted."
2131
msgstr ""
2132
2133
- #: src/strings.php:124 src/strings.php:450
2134
msgid "Action:"
2135
msgstr ""
2136
@@ -2148,16 +2017,13 @@ msgstr ""
2148
2149
#: src/strings.php:129 src/strings.php:138
2150
msgid ""
2151
- "Marking one or more files as fixed will force the plugin to ignore them "
2152
- "during the next scan, very useful when you find false positives. "
2153
- "Additionally you can restore the original content of the core files that "
2154
- "appear as modified or deleted, this will tell the plugin to download a copy "
2155
- "of the original files from the official WordPress repository. Deleting a "
2156
- "file is an irreversible action, be careful."
2157
msgstr ""
2158
2159
- #: src/strings.php:134 src/strings.php:327 src/strings.php:426
2160
- #: src/strings.php:433 src/strings.php:461
2161
msgid "Status"
2162
msgstr ""
2163
@@ -2173,8 +2039,8 @@ msgstr ""
2173
msgid "Logged-in Users"
2174
msgstr ""
2175
2176
- #: src/strings.php:149 src/strings.php:177
2177
- msgid "Failed logins"
2178
msgstr ""
2179
2180
#: src/strings.php:152
@@ -2182,9 +2048,7 @@ msgid "Successful Logins (admins)"
2182
msgstr ""
2183
2184
#: src/strings.php:153
2185
- msgid ""
2186
- "Here you can see a list of all the successful logins of accounts with admin "
2187
- "privileges."
2188
msgstr ""
2189
2190
#: src/strings.php:155
@@ -2195,11 +2059,11 @@ msgstr ""
2195
msgid "Newest To Oldest"
2196
msgstr ""
2197
2198
- #: src/strings.php:161 src/strings.php:170 src/strings.php:181
2199
msgid "Date/Time"
2200
msgstr ""
2201
2202
- #: src/strings.php:162 src/strings.php:174 src/strings.php:196
2203
msgid "Edit"
2204
msgstr ""
2205
@@ -2216,994 +2080,886 @@ msgid "Hostname"
2216
msgstr ""
2217
2218
#: src/strings.php:178
2219
#, php-format
2220
msgid ""
2221
- "This information will be used to determine if your site is being victim of "
2222
- "<a href=\"https://kb.sucuri.net/definitions/attacks/brute-force/password-"
2223
- "guessing\" target=\"_blank\" rel=\"noopener\">Password Guessing Brute Force "
2224
- "Attacks</a>. These logs will be accumulated and the plugin will send a "
2225
- "report via email if there are more than <code>%%SUCURI.FailedLogins."
2226
- "MaxFailedLogins%%</code> failed login attempts during the same hour, you can "
2227
- "change this number from <a href=\"%%SUCURI.URL.Settings%%#alerts\">here</a>. "
2228
- "<b>NOTE:</b> Some <em>\"Two-Factor Authentication\"</em> plugins do not "
2229
- "follow the same rules that WordPress have to report failed login attempts, "
2230
- "so you may not see all the attempts in this panel if you have one of these "
2231
- "plugins installed."
2232
msgstr ""
2233
2234
- #: src/strings.php:182
2235
msgid "Web Browser"
2236
msgstr ""
2237
2238
- #: src/strings.php:184
2239
msgid "Block"
2240
msgstr ""
2241
2242
- #: src/strings.php:187
2243
msgid "Logged-in Users}"
2244
msgstr ""
2245
2246
- #: src/strings.php:188
2247
msgid "Here you can see a list of the users that are currently logged-in."
2248
msgstr ""
2249
2250
- #: src/strings.php:189
2251
msgid "ID"
2252
msgstr ""
2253
2254
- #: src/strings.php:191
2255
msgid "Last Activity"
2256
msgstr ""
2257
2258
- #: src/strings.php:192 src/strings.php:412
2259
msgid "Registered"
2260
msgstr ""
2261
2262
- #: src/strings.php:197 src/strings.php:206 src/strings.php:343
2263
msgid "Website:"
2264
msgstr ""
2265
2266
- #: src/strings.php:198 src/strings.php:268
2267
msgid "IP Address:"
2268
msgstr ""
2269
2270
- #: src/strings.php:199
2271
msgid "Reverse IP:"
2272
msgstr ""
2273
2274
- #: src/strings.php:201
2275
msgid "Message:"
2276
msgstr ""
2277
2278
- #: src/strings.php:204
2279
msgid ""
2280
- "An API key is required to activate some additional tools available in this "
2281
- "plugin. The keys are free and you can virtually generate an unlimited number "
2282
- "of them as long as the domain name and email address are unique. The key is "
2283
- "used to authenticate the HTTP requests sent by the plugin to an API service "
2284
- "managed by Sucuri Inc."
2285
msgstr ""
2286
2287
- #: src/strings.php:205
2288
msgid ""
2289
- "If you experience issues generating the API key you can request one by "
2290
- "sending the domain name and email address that you want to use to <a href="
2291
- "\"mailto:info@sucuri.net\">info@sucuri.net</a>. Note that generating a key "
2292
- "for a website that is not facing the Internet is not possible because the "
2293
- "API service needs to validate that the domain name exists."
2294
msgstr ""
2295
2296
- #: src/strings.php:207 src/strings.php:251
2297
msgid "E-mail:"
2298
msgstr ""
2299
2300
- #: src/strings.php:208
2301
msgid "DNS Lookups"
2302
msgstr ""
2303
2304
- #: src/strings.php:209
2305
msgid ""
2306
- "Check the box if your website is behind a known firewall service, this "
2307
- "guarantees that the IP address of your visitors will be detected correctly "
2308
- "for the security logs. You can change this later from the settings."
2309
msgstr ""
2310
2311
- #: src/strings.php:210
2312
msgid "Enable DNS Lookups On Startup"
2313
msgstr ""
2314
2315
- #: src/strings.php:211
2316
- msgid ""
2317
- "I agree to the <a target=\"_blank\" href=\"https://sucuri.net/terms\">Terms "
2318
- "of Service</a>."
2319
msgstr ""
2320
2321
- #: src/strings.php:212
2322
- msgid ""
2323
- "I have read and understand the <a target=\"_blank\" href=\"https://sucuri."
2324
- "net/privacy\">Privacy Policy</a>."
2325
msgstr ""
2326
2327
- #: src/strings.php:216
2328
msgid "Password Guessing Brute Force Attacks"
2329
msgstr ""
2330
2331
- #: src/strings.php:217
2332
msgid ""
2333
- "<a href=\"https://kb.sucuri.net/definitions/attacks/brute-force/password-"
2334
- "guessing\" target=\"_blank\" rel=\"noopener\">Password guessing brute force "
2335
- "attacks</a> are very common against web sites and web servers. They are one "
2336
- "of the most common vectors used to compromise web sites. The process is very "
2337
- "simple and the attackers basically try multiple combinations of usernames "
2338
- "and passwords until they find one that works. Once they get in, they can "
2339
- "compromise the web site with malware, spam , phishing or anything else they "
2340
- "want."
2341
msgstr ""
2342
2343
- #: src/strings.php:218
2344
msgid "Consider Brute-Force Attack After:"
2345
msgstr ""
2346
2347
- #: src/strings.php:222
2348
msgid "Security Alerts"
2349
msgstr ""
2350
2351
- #: src/strings.php:223
2352
msgid ""
2353
- "You have installed a plugin or theme that is not fully compatible with our "
2354
- "plugin, some of the security alerts (like the successful and failed logins) "
2355
- "will not be sent to you. To prevent an infinite loop while detecting these "
2356
- "changes in the website and sending the email alerts via a custom SMTP "
2357
- "plugin, we have decided to stop any attempt to send the emails to prevent "
2358
- "fatal errors."
2359
msgstr ""
2360
2361
- #: src/strings.php:225
2362
msgid "Event"
2363
msgstr ""
2364
2365
- #: src/strings.php:229
2366
msgid "Post-Type Alerts"
2367
msgstr ""
2368
2369
- #: src/strings.php:230
2370
msgid ""
2371
- "It seems that you disabled the email alerts for <b>new site content</b>, "
2372
- "this panel is intended to provide a way to ignore specific events in your "
2373
- "site and with that the alerts reported to your email. Since you have "
2374
- "deactivated the <b>new site content</b> alerts, this panel will be disabled "
2375
- "too."
2376
msgstr ""
2377
2378
- #: src/strings.php:231
2379
msgid ""
2380
- "This is a list of registered <a href=\"https://codex.wordpress.org/Post_Types"
2381
- "\" target=\"_blank\" rel=\"noopener\">Post Types</a>. You will receive an "
2382
- "email alert when a custom page or post associated to any of these types is "
2383
- "created or updated. If you don’t want to receive one or more of these "
2384
- "alerts, feel free to uncheck the boxes in the table below. If you are "
2385
- "receiving alerts for post types that are not listed in this table, it may be "
2386
- "because there is an add-on that that is generating a custom post-type on "
2387
- "runtime, you will have to find out by yourself what is the unique ID of that "
2388
- "post-type and type it in the form below. The plugin will do its best to "
2389
- "ignore these alerts as long as the unique ID is valid."
2390
msgstr ""
2391
2392
- #: src/strings.php:232
2393
msgid "Stop Alerts For This Post-Type:"
2394
msgstr ""
2395
2396
- #: src/strings.php:233
2397
msgid "e.g. unique_post_type_id"
2398
msgstr ""
2399
2400
- #: src/strings.php:235
2401
msgid "Show Post-Types Table"
2402
msgstr ""
2403
2404
- #: src/strings.php:236
2405
msgid "Hide Post-Types Table"
2406
msgstr ""
2407
2408
- #: src/strings.php:238
2409
msgid "Post Type"
2410
msgstr ""
2411
2412
- #: src/strings.php:239
2413
msgid "Post Type ID"
2414
msgstr ""
2415
2416
- #: src/strings.php:240
2417
msgid "Ignored At (optional)"
2418
msgstr ""
2419
2420
- #: src/strings.php:243
2421
msgid "Alerts Per Hour"
2422
msgstr ""
2423
2424
- #: src/strings.php:244
2425
msgid ""
2426
- "Configure the maximum number of email alerts per hour. If the number is "
2427
- "exceeded and the plugin detects more events during the same hour, it will "
2428
- "still log the events into the audit logs but will not send the email alerts. "
2429
- "Be careful with this as you will miss important information."
2430
msgstr ""
2431
2432
- #: src/strings.php:245
2433
msgid "Maximum Alerts Per Hour:"
2434
msgstr ""
2435
2436
- #: src/strings.php:249
2437
msgid "Alerts Recipient"
2438
msgstr ""
2439
2440
- #: src/strings.php:250
2441
msgid ""
2442
- "By default, the plugin will send the email alerts to the primary admin "
2443
- "account, the same account created during the installation of WordPress in "
2444
- "your web server. You can add more people to the list, they will receive a "
2445
- "copy of the same security alerts."
2446
msgstr ""
2447
2448
- #: src/strings.php:252
2449
msgid "e.g. user@example.com"
2450
msgstr ""
2451
2452
- #: src/strings.php:255 src/strings.php:411
2453
msgid "E-mail"
2454
msgstr ""
2455
2456
- #: src/strings.php:257
2457
msgid "Test Alerts"
2458
msgstr ""
2459
2460
- #: src/strings.php:260
2461
msgid "Alert Subject"
2462
msgstr ""
2463
2464
- #: src/strings.php:261
2465
msgid ""
2466
- "Format of the subject for the email alerts, by default the plugin will use "
2467
- "the website name and the event identifier that is being reported, you can "
2468
- "use this panel to include the IP address of the user that triggered the "
2469
- "event and some additional data. You can create filters in your email client "
2470
- "creating a custom email subject using the pseudo-tags shown below."
2471
msgstr ""
2472
2473
- #: src/strings.php:262
2474
msgid "Custom Format"
2475
msgstr ""
2476
2477
- #: src/strings.php:266
2478
msgid "Trusted IP Addresses"
2479
msgstr ""
2480
2481
- #: src/strings.php:267
2482
msgid ""
2483
- "If you are working in a LAN <em>(Local Area Network)</em> you may want to "
2484
- "include the IP addresses of all the nodes in the subnet, this will force the "
2485
- "plugin to stop sending email alerts about actions executed from trusted IP "
2486
- "addresses. Use the CIDR <em>(Classless Inter Domain Routing)</em> format to "
2487
- "specify ranges of IP addresses <em>(only 8, 16, and 24)</em>."
2488
msgstr ""
2489
2490
- #: src/strings.php:269
2491
msgid "e.g. 182.120.56.0/24"
2492
msgstr ""
2493
2494
- #: src/strings.php:273
2495
msgid "CIDR Format"
2496
msgstr ""
2497
2498
- #: src/strings.php:274
2499
msgid "IP Added At"
2500
msgstr ""
2501
2502
- #: src/strings.php:279
2503
msgid ""
2504
- "If this operation was successful you will receive a message in the email "
2505
- "used during the registration of the API key <em>(usually the email of the "
2506
- "main admin user)</em>. This message contains the key in plain text, copy and "
2507
- "paste the key in the form field below. The plugin will verify the "
2508
- "authenticity of the key sending an initial HTTP request to the API service, "
2509
- "if this fails the key will be removed automatically and you will have to "
2510
- "start the process all over again."
2511
msgstr ""
2512
2513
- #: src/strings.php:280
2514
msgid ""
2515
- "There are cases where this operation may fail, an example would be when the "
2516
- "email address is not associated with the domain anymore, this happens when "
2517
- "the base URL changes <em>(from www to none or viceversa)</em>. If you are "
2518
- "having issues recovering the key please send an email explaining the "
2519
- "situation to <a href=\"mailto:info@sucuri.net\">info@sucuri.net</a>"
2520
msgstr ""
2521
2522
- #: src/strings.php:281 src/strings.php:319
2523
msgid "API Key:"
2524
msgstr ""
2525
2526
- #: src/strings.php:285
2527
msgid ""
2528
- "Congratulations! The rest of the features available in the plugin have been "
2529
- "enabled. This product is designed to supplement existing security products. "
2530
- "It’s not a silver bullet for your security needs, but it’ll give you greater "
2531
"security awareness and better posture, all with the intent of reducing risk."
2532
msgstr ""
2533
2534
- #: src/strings.php:286
2535
msgid ""
2536
- "Your website has been granted a new API key and it was associated to the "
2537
- "email address that you chose during the registration process. You can use "
2538
- "the same email to recover the key if you happen to lose it sometime. We "
2539
- "encourage you to check the rest of the settings page and configure the "
2540
- "plugin to your own needs."
2541
msgstr ""
2542
2543
- #: src/strings.php:291 src/strings.php:293
2544
msgid "WordPress Checksums API"
2545
msgstr ""
2546
2547
- #: src/strings.php:292
2548
msgid ""
2549
- "The WordPress integrity tool uses a remote API service maintained by the "
2550
- "WordPress organization to determine which files in the installation were "
2551
- "added, removed or modified. The API returns a list of files with their "
2552
- "respective checksums, this information guarantees that the installation is "
2553
- "not corrupt. You can, however, point the integrity tool to a GitHub "
2554
- "repository in case that you are using a custom version of WordPress like the "
2555
- "<a href=\"https://github.com/WordPress/WordPress\" target=\"_blank\" rel="
2556
- "\"noopener\">development version of the code</a>."
2557
msgstr ""
2558
2559
- #: src/strings.php:294
2560
msgid "e.g. URL — or — user/repo"
2561
msgstr ""
2562
2563
- #: src/strings.php:298
2564
msgid "API Communication via Proxy"
2565
msgstr ""
2566
2567
- #: src/strings.php:299
2568
msgid ""
2569
- "All the HTTP requests used to communicate with the API service are being "
2570
- "sent using the WordPress built-in functions, so (almost) all its official "
2571
- "features are inherited, this is useful if you need to pass these HTTP "
2572
- "requests through a proxy. According to the <a href=\"https://developer."
2573
- "wordpress.org/reference/classes/wp_http_proxy/\" target=\"_blank\" rel="
2574
- "\"noopener\">official documentation</a> you have to add some constants to "
2575
- "the main configuration file: <em>WP_PROXY_HOST, WP_PROXY_PORT, "
2576
- "WP_PROXY_USERNAME, WP_PROXY_PASSWORD</em>."
2577
msgstr ""
2578
2579
- #: src/strings.php:300
2580
msgid "HTTP Proxy Hostname"
2581
msgstr ""
2582
2583
- #: src/strings.php:301
2584
msgid "HTTP Proxy Port num"
2585
msgstr ""
2586
2587
- #: src/strings.php:302
2588
msgid "HTTP Proxy Username"
2589
msgstr ""
2590
2591
- #: src/strings.php:303
2592
msgid "HTTP Proxy Password"
2593
msgstr ""
2594
2595
- #: src/strings.php:306 src/strings.php:496
2596
msgid "API Service Communication"
2597
msgstr ""
2598
2599
- #: src/strings.php:307
2600
msgid ""
2601
- "Once the API key is generate the plugin will communicate with a remote API "
2602
- "service that will act as a safe data storage for the audit logs generated "
2603
- "when the website triggers certain events that the plugin monitors. If the "
2604
- "website is hacked the attacker will not have access to these logs and that "
2605
- "way you can investigate what was modified <em>(for malware infaction)</em> "
2606
- "and/or how the malicious person was able to gain access to the website."
2607
msgstr ""
2608
2609
- #: src/strings.php:308
2610
#, php-format
2611
msgid ""
2612
- "Disabling the API service communication will stop the event monitoring, "
2613
- "consider to enable the <a href=\"%%SUCURI.URL.Settings%%#general\">Log "
2614
- "Exporter</a> to keep the monitoring working while the HTTP requests are "
2615
- "ignored, otherwise an attacker may execute an action that will not be "
2616
- "registered in the security logs and you will not have a way to investigate "
2617
"the attack in the future."
2618
msgstr ""
2619
2620
- #: src/strings.php:309
2621
msgid ""
2622
- "<strong>Are you a developer?</strong> You may be interested in our API. Feel "
2623
- "free to use the URL shown below to access the latest 50 entries in your "
2624
- "security log, change the value for the parameter <code>l=N</code> if you "
2625
- "need more. Be aware that the API doesn’t provides an offset parameter, so if "
2626
- "you have the intension to query specific sections of the log you will need "
2627
- "to wrap the HTTP request around your own cache mechanism. We <strong>DO NOT</"
2628
- "strong> take feature requests for the API, this is a semi-private service "
2629
- "tailored for the specific needs of the plugin and not intended to be used by "
2630
- "3rd-party apps, we may change the behavior of each API endpoint without "
2631
- "previous notice, use it at your own risk."
2632
msgstr ""
2633
2634
- #: src/strings.php:312
2635
msgid "API Key"
2636
msgstr ""
2637
2638
- #: src/strings.php:313
2639
msgid ""
2640
- "An API key is required to prevent attackers from deleting audit logs that "
2641
- "can help you investigate and recover after a hack, and allows the plugin to "
2642
- "display statistics. By generating an API key, you agree that Sucuri will "
2643
- "collect and store anonymous data about your website. We take your privacy "
2644
- "seriously."
2645
msgstr ""
2646
2647
- #: src/strings.php:314
2648
#, php-format
2649
msgid ""
2650
- "Your domain <code>%%SUCURI.CleanDomain%%</code> does not seems to have a DNS "
2651
- "<code>A</code> record so it will be considered as <em>invalid</em> by the "
2652
- "API interface when you request the generation of a new key. Adding "
2653
- "<code>www</code> at the beginning of the domain name may fix this issue. If "
2654
- "you do not understand what is this then send an email to our support team "
2655
- "requesting the key."
2656
msgstr ""
2657
2658
- #: src/strings.php:315
2659
msgid "Recover Via E-mail"
2660
msgstr ""
2661
2662
- #: src/strings.php:316
2663
msgid "Manual Activation"
2664
msgstr ""
2665
2666
- #: src/strings.php:317
2667
msgid ""
2668
- "If you do not have access to the administrator email, you can reinstall the "
2669
- "plugin. The API key is generated using an administrator email and the domain "
2670
- "of the website. Click the \"Manual Activation\" button if you already have a "
2671
- "valid API key to authenticate this website with the remote API web service."
2672
msgstr ""
2673
2674
- #: src/strings.php:322
2675
msgid "Data Storage"
2676
msgstr ""
2677
2678
- #: src/strings.php:323
2679
msgid ""
2680
- "This is the directory where the plugin will store the security logs, the "
2681
- "list of files marked as fixed in the core integrity tool, the cache for the "
2682
- "malware scanner and 3rd-party plugin metadata. The plugin requires write "
2683
- "permissions in this directory as well as the files contained in it. If you "
2684
- "prefer to keep these files in a non-public directory <em>(one level up the "
2685
- "document root)</em> please define a constant in the <em>\"wp-config.php\"</"
2686
- "em> file named <em>\"SUCURI_DATA_STORAGE\"</em> with the absolute path to "
2687
- "the new directory."
2688
msgstr ""
2689
2690
- #: src/strings.php:332
2691
msgid "Import &amp; Export Settings"
2692
msgstr ""
2693
2694
- #: src/strings.php:333
2695
msgid ""
2696
- "Copy the JSON-encoded data from the box below, go to your other websites and "
2697
- "click the <em>\"Import\"</em> button in the settings page. The plugin will "
2698
- "start using the same settings from this website. Notice that some options "
2699
- "are omitted as they contain values specific to this website. To import the "
2700
- "settings from another website into this one, replace the JSON-encoded data "
2701
- "in the box below with the JSON-encoded data exported from the other website, "
2702
- "then click the button <em>\"Import\"</em>. Notice that some options will not "
2703
- "be imported to reduce the security risk of writing arbitrary data into the "
2704
- "disk."
2705
msgstr ""
2706
2707
- #: src/strings.php:338
2708
msgid "IP Address Discoverer"
2709
msgstr ""
2710
2711
- #: src/strings.php:339
2712
msgid ""
2713
- "IP address discoverer will use DNS lookups to automatically detect if the "
2714
- "website is behind the <a href=\"https://sucuri.net/website-firewall/\" "
2715
- "target=\"_blank\" rel=\"noopener\">Sucuri Firewall</a>, in which case it "
2716
- "will modify the global server variable <em>Remote-Addr</em> to set the real "
2717
- "IP of the website’s visitors. This check runs on every WordPress init action "
2718
- "and that is why it may slow down your website as some hosting providers rely "
2719
- "on slow DNS servers which makes the operation take more time than it should."
2720
msgstr ""
2721
2722
- #: src/strings.php:340
2723
msgid "HTTP Header:"
2724
msgstr ""
2725
2726
- #: src/strings.php:341
2727
msgid "Proceed"
2728
msgstr ""
2729
2730
- #: src/strings.php:342
2731
msgid "Sucuri Firewall"
2732
msgstr ""
2733
2734
- #: src/strings.php:344
2735
msgid "Top Level Domain:"
2736
msgstr ""
2737
2738
- #: src/strings.php:345
2739
msgid "Hostname:"
2740
msgstr ""
2741
2742
- #: src/strings.php:346
2743
msgid "IP Address (Hostname):"
2744
msgstr ""
2745
2746
- #: src/strings.php:347
2747
msgid "IP Address (Username):"
2748
msgstr ""
2749
2750
- #: src/strings.php:350
2751
msgid "Reset Security Logs, Hardening and Settings"
2752
msgstr ""
2753
2754
- #: src/strings.php:351
2755
msgid ""
2756
- "This action will trigger the deactivation / uninstallation process of the "
2757
- "plugin. All local security logs, hardening and settings will be deleted. "
2758
- "Notice that the security logs stored in the API service will not be deleted, "
2759
- "this is to prevent tampering from a malicious user. You can request a new "
2760
- "API key if you want to start from scratch."
2761
msgstr ""
2762
2763
- #: src/strings.php:356
2764
msgid "Reverse Proxy"
2765
msgstr ""
2766
2767
- #: src/strings.php:357
2768
msgid ""
2769
- "The event monitor uses the API address of the origin of the request to track "
2770
- "the actions. The plugin uses two methods to retrieve this: the main method "
2771
- "uses the global server variable <em>Remote-Addr</em> available in most "
2772
- "modern web servers, and an alternative method uses custom HTTP headers "
2773
- "<em>(which are unsafe by default)</em>. You should not worry about this "
2774
- "option unless you know what a reverse proxy is. Services like the <a href="
2775
- "\"https://sucuri.net/website-firewall/\" target=\"_blank\" rel=\"noopener"
2776
- "\">Sucuri Firewall</a> &mdash; once active &mdash; force the network traffic "
2777
- "to pass through them to filter any security threat that may affect the "
2778
- "original server. A side effect of this is that the real IP address is no "
2779
- "longer available in the global server variable <em>Remote-Addr</em> but in a "
2780
- "custom HTTP header with a name provided by the service."
2781
msgstr ""
2782
2783
- #: src/strings.php:360
2784
msgid "Log Exporter"
2785
msgstr ""
2786
2787
- #: src/strings.php:361
2788
msgid ""
2789
- "This option allows you to export the WordPress audit logs to a local log "
2790
- "file that can be read by a SIEM or any log analysis software <em>(we "
2791
- "recommend OSSEC)</em>. That will give visibility from within WordPress to "
2792
- "complement your log monitoring infrastructure. <b>NOTE:</b> Do not use a "
2793
- "publicly accessible file, you must use a file at least one level up the "
2794
- "document root to prevent leaks of information."
2795
msgstr ""
2796
2797
- #: src/strings.php:362 src/strings.php:374
2798
msgid "File Path:"
2799
msgstr ""
2800
2801
- #: src/strings.php:366
2802
msgid "Timezone Override"
2803
msgstr ""
2804
2805
- #: src/strings.php:367
2806
msgid ""
2807
- "This option defines the timezone that will be used through out the entire "
2808
- "plugin to print the dates and times whenever is necessary. This option also "
2809
- "affects the date and time of the logs visible in the audit logs panel which "
2810
- "is data that comes from a remote server configured to use Eastern Daylight "
2811
- "Time (EDT). WordPress offers an option in the general settings page to allow "
2812
- "you to configure the timezone for the entire website, however, if you are "
2813
- "experiencing problems with the time in the audit logs, this option will help "
2814
- "you fix them."
2815
msgstr ""
2816
2817
- #: src/strings.php:368
2818
msgid "Timezone:"
2819
msgstr ""
2820
2821
- #: src/strings.php:372
2822
msgid "Whitelist Blocked PHP Files"
2823
msgstr ""
2824
2825
- #: src/strings.php:373
2826
msgid ""
2827
- "After you apply the hardening in either the includes, content, and/or "
2828
- "uploads directories, the plugin will add a rule in the access control file "
2829
- "to deny access to any PHP file located in these folders. This is a good "
2830
- "precaution in case an attacker is able to upload a shell script. With a few "
2831
- "exceptions the <em>\"index.php\"</em> file is the only one that should be "
2832
- "publicly accessible, however many theme/plugin developers decide to use "
2833
- "these folders to process some operations. In this case applying the "
2834
- "hardening <strong>may break</strong> their functionality."
2835
msgstr ""
2836
2837
- #: src/strings.php:378
2838
msgid "Directory"
2839
msgstr ""
2840
2841
- #: src/strings.php:379
2842
msgid "Pattern"
2843
msgstr ""
2844
2845
- #: src/strings.php:384 src/strings.php:392
2846
msgid ""
2847
- "WordPress has a big user base in the public Internet, which brings interest "
2848
- "to attackers to find vulnerabilities in the code, 3rd-party extensions, and "
2849
- "themes that other companies develop. You should keep every piece of code "
2850
- "installed in your website updated to prevent attacks as soon as disclosed "
2851
- "vulnerabilities are patched."
2852
msgstr ""
2853
2854
- #: src/strings.php:386 src/strings.php:394 src/strings.php:424
2855
msgid "Version"
2856
msgstr ""
2857
2858
- #: src/strings.php:387 src/strings.php:395
2859
msgid "Update"
2860
msgstr ""
2861
2862
- #: src/strings.php:388 src/strings.php:396
2863
msgid "Tested With"
2864
msgstr ""
2865
2866
- #: src/strings.php:391
2867
msgid "Available Plugin and Theme Updates"
2868
msgstr ""
2869
2870
- #: src/strings.php:400
2871
msgid "Download"
2872
msgstr ""
2873
2874
- #: src/strings.php:403
2875
msgid ""
2876
- "WordPress has generated a new (random) password for your account <b>%%SUCURI."
2877
- "ResetPassword.UserName%%</b> at <a target=\"_blank\" href=\"http://%%SUCURI."
2878
- "ResetPassword.Website%%\" rel=\"noopener\">%%SUCURI.ResetPassword.Website%%</"
2879
- "a>. The change has been requested by one of the admins in this website for "
2880
- "security reasons. Your new password is &mdash; <span style=\"font-family:"
2881
- "Menlo, Monaco, monospace, serif;font-weight:700\">%%%SUCURI.ResetPassword."
2882
- "Password%%%</span> &mdash; please change it as soon as possible."
2883
msgstr ""
2884
2885
- #: src/strings.php:406
2886
msgid "Reset User Password"
2887
msgstr ""
2888
2889
- #: src/strings.php:408
2890
msgid ""
2891
- "You can generate a new random password for the user accounts that you select "
2892
- "from the list. An email with the new password will be sent to the email "
2893
- "address of each chosen user. If you choose to change the password of your "
2894
- "own user, then your current session will expire immediately. You will need "
2895
- "to log back into the admin panel with the new password that will be sent to "
2896
- "your email."
2897
msgstr ""
2898
2899
- #: src/strings.php:413
2900
msgid "Roles"
2901
msgstr ""
2902
2903
- #: src/strings.php:417
2904
msgid "Reset Installed Plugins"
2905
msgstr ""
2906
2907
- #: src/strings.php:419
2908
msgid ""
2909
- "In case you suspect having an infection in your site, or after you got rid "
2910
- "of a malicious code, it’s recommended to reinstall all the plugins installed "
2911
- "in your site, including the ones you are not using. Notice that premium "
2912
- "plugins will not be automatically reinstalled to prevent backward "
2913
- "compatibility issues and problems with licenses."
2914
msgstr ""
2915
2916
- #: src/strings.php:420
2917
#, php-format
2918
msgid ""
2919
- "The information shown here is cached for %%SUCURI.ResetPlugin.CacheLifeTime"
2920
- "%% seconds. This is necessary to reduce the quantity of HTTP requests sent "
2921
- "to the WordPress servers and the bandwidth of your site. Currently there is "
2922
- "no option to recreate this cache."
2923
msgstr ""
2924
2925
- #: src/strings.php:421
2926
msgid ""
2927
- "<b>WARNING!</b> This procedure can break your website. The reset will not "
2928
- "affect the database nor the settings of each plugin, but depending on how "
2929
- "they were written the reset action might break them. Be sure to create a "
2930
- "backup of the plugins directory before the execution of this tool."
2931
msgstr ""
2932
2933
- #: src/strings.php:425
2934
msgid "Type"
2935
msgstr ""
2936
2937
- #: src/strings.php:430
2938
msgid "Update Secret Keys"
2939
msgstr ""
2940
2941
- #: src/strings.php:431
2942
msgid ""
2943
- "The secret or security keys are a list of constants added to your site to "
2944
- "ensure better encryption of information stored in the user’s cookies. A "
2945
- "secret key makes your site harder to hack by adding random elements to the "
2946
- "password. You do not have to remember the keys, just write a random, "
2947
- "complicated, and long string in the <code>wp-config.php</code> file. You can "
2948
- "change these keys at any point in time. Changing them will invalidate all "
2949
- "existing cookies, forcing all logged in users to login again."
2950
msgstr ""
2951
2952
- #: src/strings.php:432
2953
msgid "Your current session will expire once the form is submitted."
2954
msgstr ""
2955
2956
- #: src/strings.php:437
2957
msgid "Generate New Security Keys"
2958
msgstr ""
2959
2960
- #: src/strings.php:440
2961
msgid "Scheduled Tasks"
2962
msgstr ""
2963
2964
- #: src/strings.php:441
2965
msgid ""
2966
- "The plugin scans your entire website looking for changes which are later "
2967
- "reported via the API in the audit logs page. By default the scanner runs "
2968
- "daily but you can change the frequency to meet your requirements. Notice "
2969
- "that scanning your project files too frequently may affect the performance "
2970
- "of your website. Be sure to have enough server resources before changing "
2971
- "this option. The memory limit and maximum execution time are two of the PHP "
2972
- "options that your server will set to stop your website from consuming too "
2973
- "much resources."
2974
msgstr ""
2975
2976
- #: src/strings.php:442
2977
msgid ""
2978
- "The scanner uses the <a href=\"http://php.net/manual/en/class.splfileobject."
2979
- "php\" target=\"_blank\" rel=\"noopener\">PHP SPL library</a> and the <a "
2980
- "target=\"_blank\" href=\"http://php.net/manual/en/class.filesystemiterator."
2981
- "php\" rel=\"noopener\">Filesystem Iterator</a> class to scan the directory "
2982
- "tree where your website is located in the server. This library is only "
2983
- "available on PHP 5 >= 5.3.0 &mdash; OR &mdash; PHP 7; if you have an older "
2984
- "version of PHP the plugin will not work as expected. Please ask your hosting "
2985
- "provider to advise you on this matter."
2986
msgstr ""
2987
2988
- #: src/strings.php:443
2989
msgid ""
2990
- "Scheduled tasks are rules registered in your database by a plugin, theme, or "
2991
- "the base system itself; they are used to automatically execute actions "
2992
- "defined in the code every certain amount of time. A good use of these rules "
2993
- "is to generate backup files of your site, execute a security scanner, or "
2994
- "remove unused elements like drafts. <b>Note:</b> Scheduled tasks can be re-"
2995
- "installed by any plugin/theme automatically."
2996
msgstr ""
2997
2998
- #: src/strings.php:446
2999
msgid "Schedule"
3000
msgstr ""
3001
3002
- #: src/strings.php:447
3003
msgid "Next Due"
3004
msgstr ""
3005
3006
- #: src/strings.php:448
3007
msgid "Arguments"
3008
msgstr ""
3009
3010
- #: src/strings.php:454
3011
msgid "Ignore Files And Folders During The Scans"
3012
msgstr ""
3013
3014
- #: src/strings.php:455
3015
msgid ""
3016
- "Use this tool to select the files and/or folders that are too heavy for the "
3017
- "scanner to process. These are usually folders with images, media files like "
3018
- "videos and audios, backups and &mdash; in general &mdash; anything that is "
3019
- "not code-related. Ignoring these files or folders will reduce the memory "
3020
- "consumption of the PHP script."
3021
msgstr ""
3022
3023
- #: src/strings.php:456
3024
msgid "Ignore a file or directory:"
3025
msgstr ""
3026
3027
- #: src/strings.php:457
3028
msgid "e.g. /private/directory/"
3029
msgstr ""
3030
3031
- #: src/strings.php:462
3032
msgid "Unignore Selected Directories"
3033
msgstr ""
3034
3035
- #: src/strings.php:465
3036
msgid "WordPress Integrity (False Positives)"
3037
msgstr ""
3038
3039
- #: src/strings.php:466
3040
msgid ""
3041
- "Since the scanner doesn’t read the files during the execution of the "
3042
- "integrity check, it is possible to find false positives. Files listed here "
3043
- "have been marked as false positives and will be ignored by the scanner in "
3044
- "subsequent scans."
3045
msgstr ""
3046
3047
- #: src/strings.php:468
3048
msgid "Reason"
3049
msgstr ""
3050
3051
- #: src/strings.php:469
3052
msgid "Ignored At"
3053
msgstr ""
3054
3055
- #: src/strings.php:472
3056
msgid "Stop Ignoring the Selected Files"
3057
msgstr ""
3058
3059
- #: src/strings.php:476
3060
msgid ""
3061
- "If your server allows the execution of system commands, you can configure "
3062
- "the plugin to use the <a href=\"https://en.wikipedia.org/wiki/Diff_utility\" "
3063
- "target=\"_blank\" rel=\"noopener\">Unix Diff Utility</a> to compare the "
3064
- "actual content of the file installed in the website and the original file "
3065
- "provided by WordPress. This will show the differences between both files and "
3066
- "then you can act upon the information provided."
3067
msgstr ""
3068
3069
- #: src/strings.php:480
3070
msgid "Environment Variables"
3071
msgstr ""
3072
3073
- #: src/strings.php:483
3074
msgid "Access File Integrity"
3075
msgstr ""
3076
3077
- #: src/strings.php:484
3078
msgid ""
3079
- "The <code>.htaccess</code> file is a distributed configuration file, and is "
3080
- "how the Apache web server handles configuration changes on a per-directory "
3081
- "basis. WordPress uses this file to manipulate how Apache serves files from "
3082
- "its root directory and subdirectories thereof; most notably, it modifies "
3083
- "this file to be able to handle pretty permalinks."
3084
msgstr ""
3085
3086
- #: src/strings.php:485
3087
msgid "Htaccess file found in"
3088
msgstr ""
3089
3090
- #: src/strings.php:486
3091
- msgid ""
3092
- "Your website has no <code>.htaccess</code> file or it was not found in the "
3093
- "default location."
3094
msgstr ""
3095
3096
- #: src/strings.php:487
3097
msgid ""
3098
- "The main <code>.htaccess</code> file in your site has the standard rules for "
3099
- "a WordPress installation. You can customize it to improve the performance "
3100
- "and change the behaviour of the redirections for pages and posts in your "
3101
- "site. To get more information visit the official documentation at <a target="
3102
- "\"_blank\" rel=\"noopener\" href=\"https://codex.wordpress.org/"
3103
- "Using_Permalinks#Creating_and_editing_.28.htaccess.29\"> Codex WordPress - "
3104
- "Creating and editing (.htaccess)</a>"
3105
msgstr ""
3106
3107
- #: src/strings.php:488
3108
msgid "Codex WordPress HTAccess"
3109
msgstr ""
3110
3111
- #: src/strings.php:491
3112
msgid "General Settings"
3113
msgstr ""
3114
3115
- #: src/strings.php:492
3116
msgid "Scanner"
3117
msgstr ""
3118
3119
- #: src/strings.php:493
3120
msgid "Hardening"
3121
msgstr ""
3122
3123
- #: src/strings.php:494
3124
msgid "Post-Hack"
3125
msgstr ""
3126
3127
- #: src/strings.php:495
3128
msgid "Alerts"
3129
msgstr ""
3130
3131
- #: src/strings.php:497
3132
msgid "Website Info"
3133
msgstr ""
3134
3135
- #: src/strings.php:498
3136
msgid "Hardening Options"
3137
msgstr ""
3138
3139
- #: src/strings.php:501
3140
#, php-format
3141
msgid "This information will be updated %%SUCURI.SiteCheck.Lifetime%%"
3142
msgstr ""
3143
3144
- #: src/strings.php:502
3145
msgid "Refresh Malware Scan"
3146
msgstr ""
3147
3148
- #: src/strings.php:505
3149
msgid "No malicious JavaScript"
3150
msgstr ""
3151
3152
- #: src/strings.php:506
3153
msgid "No malicious iFrames"
3154
msgstr ""
3155
3156
- #: src/strings.php:507
3157
msgid "No suspicious redirections"
3158
msgstr ""
3159
3160
- #: src/strings.php:508
3161
msgid "No blackhat SEO spam"
3162
msgstr ""
3163
3164
- #: src/strings.php:509
3165
msgid "No anomaly detection"
3166
msgstr ""
3167
3168
- #: src/strings.php:510
3169
msgid ""
3170
- "Some types of problems cannot be detected by this scanner. If this scanner "
3171
- "did not detect any issue and you still suspect a problem exists, you can <a "
3172
- "href=\"https://sucuri.net/website-security-platform/signup\" target=\"_blank"
3173
- "\" rel=\"noopener\">sign up with Sucuri</a> for a complete and in-depth scan "
3174
- "+ cleanup (not included in the free checks)."
3175
msgstr ""
3176
3177
- #: src/strings.php:513
3178
msgid "Hover to see the Payload"
3179
msgstr ""
3180
3181
- #: src/strings.php:516
3182
msgid "Recommendations"
3183
msgstr ""
3184
3185
- #: src/strings.php:519 src/strings.php:521
3186
msgid "Malware Scan Target"
3187
msgstr ""
3188
3189
- #: src/strings.php:520
3190
msgid ""
3191
- "The remote malware scanner provided by the plugin is powered by <a href="
3192
- "\"https://sitecheck.sucuri.net/\" target=\"_blank\" rel=\"noopener\">Sucuri "
3193
- "SiteCheck</a>, a service that takes a publicly accessible URL and scans it "
3194
- "for malicious code. If your website is not visible to the Internet, for "
3195
- "example, if it is hosted in a local development environment or a restricted "
3196
- "network, the scanner will not be able to work on it. Additionally, if the "
3197
- "website was installed in a non-standard directory the scanner will report a "
3198
- "\"404 Not Found\" error. You can use this option to change the URL that will "
3199
"be scanned."
3200
msgstr ""
3201
3202
- #: src/strings.php:522
3203
msgid "Malware Scan Target:"
3204
msgstr ""
3205
3206
- #: src/strings.php:526
3207
msgid "WordPress Security Recommendations"
3208
msgstr ""
3209
@@ -3211,21 +2967,131 @@ msgstr ""
3211
msgid "Invalid template type"
3212
msgstr ""
3213
3214
- #: src/wordpress-recommendations.php:62
3215
msgid "Upgrade PHP to a supported version"
3216
msgstr ""
3217
3218
- #: src/wordpress-recommendations.php:63
3219
- msgid "The PHP version you are using no longer receives security support and could be exposed to unpatched security vulnerabilities."
3220
msgstr ""
3221
3222
- #: src/wordpress-recommendations.php:76
3223
msgid ""
3224
- "Your WordPress install is following <a href=\"https://sucuri.net/guides/wordpress-security\" target=\"_blank\" rel=\"noopener\">"
3225
- "the security best practices</a>."
3226
msgstr ""
3227
3228
- #: sucuri.php:316
3229
msgid "Sucuri plugin has been uninstalled"
3230
msgstr ""
3231
@@ -3239,12 +3105,10 @@ msgstr ""
3239
3240
#. Description of the plugin/theme
3241
msgid ""
3242
- "The <a href=\"https://sucuri.net/\" target=\"_blank\">Sucuri</a> plugin "
3243
- "provides the website owner the best Activity Auditing, SiteCheck Remote "
3244
- "Malware Scanning, Effective Security Hardening and Post-Hack features. "
3245
- "SiteCheck will check for malware, spam, blacklisting and other security "
3246
- "issues like .htaccess redirects, hidden eval code, etc. The best thing about "
3247
- "it is it's completely free."
3248
msgstr ""
3249
3250
#. Author of the plugin/theme
2
msgid ""
3
msgstr ""
4
"Plural-Forms: nplurals=INTEGER; plural=EXPRESSION;\n"
5
+ "Project-Id-Version: Sucuri Security - Auditing, Malware Scanner and Hardening\n"
6
+ "POT-Creation-Date: 2019-08-26 17:12-0500\n"
7
"PO-Revision-Date: 2019-02-07 02:39-0600\n"
8
"Last-Translator: \n"
9
"Language-Team: \n"
14
"X-Poedit-Basepath: ..\n"
15
"X-Poedit-WPHeader: sucuri.php\n"
16
"X-Poedit-SourceCharset: UTF-8\n"
17
+ "X-Poedit-KeywordsList: __;_e;_n:1,2;_x:1,2c;_ex:1,2c;_nx:4c,1,2;esc_attr__;esc_attr_e;esc_attr_x:1,2c;esc_html__;"
18
+ "esc_html_e;esc_html_x:1,2c;_n_noop:1,2;_nx_noop:3c,1,2;__ngettext_noop:1,2\n"
19
"X-Poedit-SearchPath-0: .\n"
20
"X-Poedit-SearchPathExcluded-0: *.js\n"
21
62
msgid "WP Engine PHP Compatibility Checker: %s (created post #%d as cache)"
63
msgstr ""
64
65
+ #: src/api.lib.php:991 src/api.lib.php:996
66
msgid "WordPress version is not supported anymore"
67
msgstr ""
68
99
msgid "Info:"
100
msgstr ""
101
102
+ #: src/cache.lib.php:392 src/cache.lib.php:412 src/cache.lib.php:453 src/cache.lib.php:470
103
msgid "Invalid cache key name"
104
msgstr ""
105
162
msgid ""
163
"<br><br>\n"
164
"\n"
165
+ "<em>Explanation: Someone failed to login to your site. If you are getting too many of these messages, it is likely your "
166
+ "site is under a password guessing brute-force attack [1]. You can disable the failed login alerts from here [2]. "
167
+ "Alternatively, you can consider to install a firewall between your website and your visitors to filter out these and other "
168
+ "attacks, take a look at Sucuri Firewall [3].</em><br><br>\n"
169
"\n"
170
+ "[1] <a href='https://kb.sucuri.net/definitions/attacks/brute-force/password-guessing'>https://kb.sucuri.net/definitions/"
171
+ "attacks/brute-force/password-guessing</a><br>\n"
172
"[2] <a href='%s'>%s</a> <br>\n"
173
+ "[3] <a href='https://sucuri.net/website-firewall/?wpalert'>https://sucuri.net/website-firewall/</a><br>\n"
174
msgstr ""
175
176
#: src/event.lib.php:642
177
msgid "Password Change"
178
msgstr ""
179
180
+ #: src/event.lib.php:747
181
+ #, php-format
182
+ msgid "%s cannot be deleted."
183
+ msgstr ""
184
+
185
+ #: src/event.lib.php:759
186
+ #, php-format
187
+ msgid "%s was deleted."
188
+ msgstr ""
189
+
190
+ #: src/event.lib.php:765
191
+ #, php-format
192
+ msgid "%s was deleted."
193
+ msgstr ""
194
+
195
#: src/fileinfo.lib.php:291
196
msgid "No files were found"
197
msgstr ""
232
msgid "caching disabled (use with caution)"
233
msgstr ""
234
235
+ #: src/firewall.lib.php:253 src/firewall.lib.php:349 src/firewall.lib.php:567 src/firewall.lib.php:602
236
+ #: src/firewall.lib.php:643 src/firewall.lib.php:735
237
msgid "Firewall API key was not found."
238
msgstr ""
239
307
msgid "IP has been unblacklisted: %s"
308
msgstr ""
309
310
+ #: src/globals.php:80 src/strings.php:39 src/strings.php:289
311
msgid "Dashboard"
312
msgstr ""
313
319
msgid "Last Logins"
320
msgstr ""
321
322
+ #: src/globals.php:83 src/strings.php:41 src/strings.php:95 src/strings.php:290
323
msgid "Settings"
324
msgstr ""
325
352
msgid "Media file added; ID: %s; name: %s; type: %s"
353
msgstr ""
354
355
+ #: src/hook.lib.php:82 src/hook.lib.php:108 src/hook.lib.php:197 src/hook.lib.php:1001 src/hook.lib.php:1012
356
+ #: src/hook.lib.php:1042 src/settings-general.php:416 src/settings-general.php:417 src/settings-general.php:418
357
+ #: src/settings-general.php:419 src/settings-general.php:420 src/settings-webinfo.php:40
358
msgid "unknown"
359
msgstr ""
360
361
+ #: src/hook.lib.php:83 src/hook.lib.php:109 src/hook.lib.php:1002 src/hook.lib.php:1013 src/hook.lib.php:1043
362
msgid "user@domain.com"
363
msgstr ""
364
365
#: src/hook.lib.php:91
366
#, php-format
367
+ msgid "User added to website; user_id: %s; role: %s; blog_id: %s; name: %s; email: %s"
368
msgstr ""
369
370
#: src/hook.lib.php:117
371
#, php-format
372
+ msgid "User removed from website; user_id: %s; blog_id: %s; name: %s; email: %s"
373
msgstr ""
374
375
+ #: src/hook.lib.php:134 src/hook.lib.php:229 src/hook.lib.php:296 src/hook.lib.php:408 src/hook.lib.php:533
376
+ #: src/hook.lib.php:744 src/hook.lib.php:770 src/hook.lib.php:870 src/hook.lib.php:912 src/lastlogins-failed.php:251
377
msgid "Unknown"
378
msgstr ""
379
413
414
#: src/hook.lib.php:326
415
#, php-format
416
+ msgid "The value of the option <b>%s</b> was changed from <b>'%s'</b> to <b>'%s'</b>.<br>\n"
417
msgstr ""
418
419
#: src/hook.lib.php:332
574
575
#: src/hook.lib.php:1022
576
#, php-format
577
+ msgid "User account edited; ID: %s; name: %s; old_name: %s; email: %s; old_email: %s; roles: %s; old_roles: %s"
578
msgstr ""
579
580
#: src/hook.lib.php:1054
587
msgid "Widget %s (%s) %s %s (#%d; size %dx%d)"
588
msgstr ""
589
590
+ #: src/integrity.lib.php:113 src/settings-general.php:46 src/settings-general.php:602 src/settings-posthack.php:58
591
msgid "You need to confirm that you understand the risk of this operation."
592
msgstr ""
593
612
msgstr ""
613
614
#: src/integrity.lib.php:228
615
+ msgid "Server is not fast enough to process this action; maximum execution time reached"
616
msgstr ""
617
618
#: src/integrity.lib.php:234
627
628
#: src/integrity.lib.php:321
629
msgid ""
630
+ "The plugin has no permission to delete this file because it was created by a different system user who has more privileges "
631
+ "than your account. Please use FTP to delete it."
632
msgstr ""
633
634
#: src/integrity.lib.php:323
635
msgid ""
636
+ "The plugin has no permission to restore this file because it was modified by a different system user who has more "
637
+ "privileges than your account. Please use FTP to restore it."
638
msgstr ""
639
640
#: src/integrity.lib.php:325
641
msgid ""
642
+ "The plugin has no permission to restore this file because its directory is owned by a different system user who has more "
643
+ "privileges than your account. Please use FTP to restore it."
644
msgstr ""
645
646
+ #: src/integrity.lib.php:405 src/strings.php:477 src/strings.php:479
647
msgid "WordPress Integrity Diff Utility"
648
msgstr ""
649
658
659
#: src/interface.lib.php:240
660
msgid ""
661
+ "API service communication is disabled, if you just updated the plugin this might be a good opportunity to test this "
662
+ "feature once again with the new code. Enable it again from the \"API Service\" panel located in the settings page."
663
msgstr ""
664
665
#: src/interface.lib.php:253
666
msgid ""
667
+ "Do you want to get vulnerability disclosures? Subscribe to our newsletter <a href=\"http://sucuri.hs-sites.com/subscribe-"
668
+ "to-security\" target=\"_blank\" rel=\"noopener\">here</a>"
669
msgstr ""
670
671
#: src/interface.lib.php:266
683
684
#: src/interface.lib.php:288
685
msgid ""
686
+ "WordPress CSRF verification failed. The submitted form is missing an important unique code that prevents the execution of "
687
+ "automated malicious scanners. Go back and try again. If you did not submit a form, this error message could be an "
688
+ "indication of an incompatibility between this plugin and another add-on; one of them is inserting data into the global "
689
+ "POST variable when the HTTP request is coming via GET. Disable them one by one (while reloading this page) to find the "
690
+ "culprit."
691
msgstr ""
692
693
+ #: src/lastlogins-failed.php:349 src/lastlogins-failed.php:373 src/strings.php:154 src/strings.php:167 src/strings.php:180
694
+ #: src/strings.php:192 src/strings.php:412
695
msgid "Username"
696
msgstr ""
697
698
+ #: src/lastlogins-failed.php:350 src/lastlogins-failed.php:374
699
msgid "Password"
700
msgstr ""
701
702
+ #: src/lastlogins-failed.php:351 src/lastlogins-failed.php:375 src/strings.php:81 src/strings.php:160 src/strings.php:168
703
+ #: src/strings.php:181 src/strings.php:195 src/strings.php:274
704
msgid "IP Address"
705
msgstr ""
706
707
+ #: src/lastlogins-failed.php:352 src/lastlogins-failed.php:376
708
msgid "Attempt Timestamp"
709
msgstr ""
710
711
+ #: src/lastlogins-failed.php:353 src/lastlogins-failed.php:377
712
msgid "Attempt Date/Time"
713
msgstr ""
714
715
+ #: src/lastlogins.php:129
716
#, php-format
717
msgid "Last-logins data file is not writable: <code>%s</code>"
718
msgstr ""
719
720
+ #: src/lastlogins.php:305
721
msgid "Invalid last-logins storage file"
722
msgstr ""
723
724
+ #: src/lastlogins.php:312
725
msgid "No last-logins data is available"
726
msgstr ""
727
728
+ #: src/lastlogins.php:456
729
#, php-format
730
+ msgid "Last login was at <b>%s</b> from <b>%s</b> <em>(%s)</em> <a href=\"%s\" target=\"_self\">view all logs</a>"
731
msgstr ""
732
733
#: src/mail.lib.php:80
743
msgid "Sucuri Alert"
744
msgstr ""
745
746
+ #: src/option.lib.php:148 src/settings-alerts.php:209 src/settings-alerts.php:210 src/settings-alerts.php:211
747
#, php-format
748
msgid "Sucuri Alert, %s, %s, %s"
749
msgstr ""
760
msgid "Scripts"
761
msgstr ""
762
763
+ #: src/pagehandler.php:47 src/pagehandler.php:48 src/pagehandler.php:49 src/strings.php:26 src/strings.php:53
764
+ #: src/strings.php:65 src/strings.php:76 src/strings.php:108 src/strings.php:143 src/strings.php:399 src/strings.php:409
765
+ #: src/strings.php:420 src/strings.php:451
766
msgid "Loading..."
767
msgstr ""
768
769
+ #: src/pagehandler.php:100
770
msgid "Last-Logins logs were successfully reset."
771
msgstr ""
772
773
+ #: src/pagehandler.php:102
774
msgid "Could not reset the last-logins data file."
775
msgstr ""
776
837
msgid "n/a"
838
msgstr ""
839
840
+ #: src/settings-alerts.php:208 src/settings-alerts.php:212 src/settings-alerts.php:213
841
#, php-format
842
msgid "Sucuri Alert, %s, %s"
843
msgstr ""
923
924
#: src/settings-alerts.php:364
925
#, php-format
926
+ msgid "Consider brute-force attack after <code>%s</code> failed logins per hour"
927
msgstr ""
928
929
#: src/settings-alerts.php:369
930
#, php-format
931
msgid ""
932
+ "The plugin will assume that your website is under a brute-force attack after %s failed logins are detected during the same "
933
+ "hour"
934
msgstr ""
935
936
#: src/settings-alerts.php:371
942
msgstr ""
943
944
#: src/settings-alerts.php:397
945
+ msgid "Receive email alerts in HTML <em>(there may be issues with some mail services)</em>"
946
msgstr ""
947
948
#: src/settings-alerts.php:398
949
+ msgid "Use WordPress functions to send mails <em>(uncheck to use native PHP functions)</em>"
950
msgstr ""
951
952
#: src/settings-alerts.php:399
970
msgstr ""
971
972
#: src/settings-alerts.php:404
973
+ msgid "Receive email alerts for failed login attempts <em>(you may receive tons of emails)</em>"
974
msgstr ""
975
976
#: src/settings-alerts.php:405
977
+ msgid "Receive email alerts for password guessing attacks <em>(summary of failed logins per hour)</em>"
978
msgstr ""
979
980
#: src/settings-alerts.php:406
981
+ msgid "Receive email alerts for changes in the post status <em>(configure from Ignore Posts Changes)</em>"
982
msgstr ""
983
984
#: src/settings-alerts.php:407
1071
msgid "List of monitored post-types has been updated"
1072
msgstr ""
1073
1074
+ #: src/settings-alerts.php:574 src/settings-scanner.php:179 src/settings-scanner.php:239 src/strings.php:46
1075
+ #: src/strings.php:159 src/strings.php:171 src/strings.php:184 src/strings.php:277 src/strings.php:382 src/strings.php:473
1076
msgid "no data available"
1077
msgstr ""
1078
1079
+ #: src/settings-apiservice.php:36 src/settings-general.php:312 src/settings-general.php:378 src/settings-general.php:425
1080
#: src/settings-integrity.php:80
1081
msgid "Enabled"
1082
msgstr ""
1083
1084
+ #: src/settings-apiservice.php:37 src/settings-general.php:313 src/settings-general.php:379 src/settings-general.php:426
1085
#: src/settings-integrity.php:81
1086
msgid "Disable"
1087
msgstr ""
1095
msgid "The status of the API service has been changed"
1096
msgstr ""
1097
1098
+ #: src/settings-apiservice.php:63 src/settings-general.php:355 src/settings-general.php:399 src/settings-general.php:460
1099
msgid "Disabled"
1100
msgstr ""
1101
1102
+ #: src/settings-apiservice.php:64 src/settings-general.php:356 src/settings-general.php:400 src/settings-general.php:461
1103
msgid "Enable"
1104
msgstr ""
1105
1138
msgstr ""
1139
1140
#: src/settings-general.php:100
1141
+ msgid "You must accept the Terms of Service and Privacy Policy in order to request an API key."
1142
msgstr ""
1143
1144
#: src/settings-general.php:107
1167
1168
#: src/settings-general.php:165
1169
#, php-format
1170
+ msgid "Cache to store the system logs obtained from the API service; expires after %s seconds."
1171
msgstr ""
1172
1173
#: src/settings-general.php:166
1174
+ msgid "Local queue to store the most recent logs before they are sent to the remote API service."
1175
msgstr ""
1176
1177
#: src/settings-general.php:167
1178
+ msgid "Deprecated on 1.8.12; it was used to store a list of blocked user names."
1179
msgstr ""
1180
1181
#: src/settings-general.php:168
1182
msgid ""
1183
+ "Stores the data for every failed login attempt. The data is moved to \"oldfailedlogins\" every hour during a brute force "
1184
+ "password attack."
1185
msgstr ""
1186
1187
#: src/settings-general.php:169
1188
msgid ""
1189
+ "Temporarily stores data to complement the logs during destructive operations like deleting a post, page, comment, etc."
1190
msgstr ""
1191
1192
#: src/settings-general.php:170
1193
+ msgid "Stores a list of files and folders chosen by the user to be ignored by the file system scanner."
1194
msgstr ""
1195
1196
#: src/settings-general.php:171
1197
+ msgid "Stores a list of files marked as fixed by the user via the WordPress Integrity tool."
1198
msgstr ""
1199
1200
#: src/settings-general.php:172
1201
msgid ""
1202
+ "Stores the data associated to every successful user login. The data never expires; manually delete if the file is too "
1203
+ "large."
1204
msgstr ""
1205
1206
#: src/settings-general.php:173
1207
msgid ""
1208
+ "Stores the data for every failed login attempt after the plugin sends a report about a brute force password attack via "
1209
+ "email."
1210
msgstr ""
1211
1212
#: src/settings-general.php:174
1213
#, php-format
1214
+ msgid "Cache to store the data associated to the installed plugins listed in the Post-Hack page. Expires after %s seconds."
1215
msgstr ""
1216
1217
#: src/settings-general.php:175
1218
+ msgid "Stores all the options used to configure the functionality and behavior of the plugin."
1219
msgstr ""
1220
1221
#: src/settings-general.php:176
1222
#, php-format
1223
+ msgid "Cache to store the result of the malware scanner. Expires after %s seconds, reset at any time to force a re-scan."
1224
msgstr ""
1225
1226
#: src/settings-general.php:177
1227
msgid ""
1228
+ "Stores a list of IP addresses trusted by the plugin, events triggered by one of these IPs will not be reported to the "
1229
+ "remote monitoring API service."
1230
+ msgstr ""
1231
+
1232
+ #: src/settings-general.php:212
1233
+ #, php-format
1234
+ msgid "%s were deleted."
1235
msgstr ""
1236
1237
+ #: src/settings-general.php:219
1238
#, php-format
1239
+ msgid "%d out of %d files have been deleted."
1240
msgstr ""
1241
1242
+ #: src/settings-general.php:237 src/settings-posthack.php:308
1243
msgid "Not Writable"
1244
msgstr ""
1245
1246
+ #: src/settings-general.php:238
1247
msgid "Does Not Exist"
1248
msgstr ""
1249
1250
+ #: src/settings-general.php:244
1251
msgid "Exists"
1252
msgstr ""
1253
1254
+ #: src/settings-general.php:250 src/strings.php:330
1255
msgid "Writable"
1256
msgstr ""
1257
1258
+ #: src/settings-general.php:324
1259
msgid "Log exporter was disabled"
1260
msgstr ""
1261
1262
+ #: src/settings-general.php:330
1263
msgid "The log exporter feature has been disabled"
1264
msgstr ""
1265
1266
+ #: src/settings-general.php:332
1267
msgid "File should not be publicly accessible."
1268
msgstr ""
1269
1270
+ #: src/settings-general.php:334
1271
msgid "File already exists and will not be overwritten."
1272
msgstr ""
1273
1274
+ #: src/settings-general.php:336
1275
msgid "File parent directory is not writable."
1276
msgstr ""
1277
1278
+ #: src/settings-general.php:340
1279
msgid "Log exporter file path was correctly set"
1280
msgstr ""
1281
1282
+ #: src/settings-general.php:346
1283
+ msgid "The log exporter feature has been enabled and the data file was successfully set."
1284
msgstr ""
1285
1286
+ #: src/settings-general.php:422
1287
msgid "INVALID"
1288
msgstr ""
1289
1290
+ #: src/settings-general.php:440
1291
#, php-format
1292
msgid "DNS lookups for reverse proxy detection <code>%s</code>"
1293
msgstr ""
1294
1295
+ #: src/settings-general.php:445
1296
+ msgid "The status of the DNS lookups for the reverse proxy detection has been changed"
1297
msgstr ""
1298
1299
+ #: src/settings-general.php:593
1300
#, php-format
1301
msgid "%d out of %d option have been successfully imported"
1302
msgstr ""
1303
1304
+ #: src/settings-general.php:599
1305
msgid "Data is incorrectly encoded"
1306
msgstr ""
1307
1308
+ #: src/settings-general.php:657
1309
#, php-format
1310
msgid "Timezone override will use %s"
1311
msgstr ""
1312
1313
+ #: src/settings-general.php:662
1314
msgid "The timezone for the date and time in the audit logs has been changed"
1315
msgstr ""
1316
1317
+ #: src/settings-hardening.php:100
1318
msgid ""
1319
+ "The firewall is a premium service that you need purchase at - <a href=\"https://sucuri.net/website-firewall/signup\" "
1320
+ "target=\"_blank\">Sucuri Firewall</a>"
1321
msgstr ""
1322
1323
+ #: src/settings-hardening.php:105
1324
msgid "Website Firewall Protection"
1325
msgstr ""
1326
1327
+ #: src/settings-hardening.php:106
1328
msgid ""
1329
+ "A WAF is a protection layer for your web site, blocking all sort of attacks (brute force attempts, DDoS, SQL injections, "
1330
+ "etc) and helping it remain malware and blacklist free. This test checks if your site is using Sucuri Firewall to protect "
1331
+ "your site."
1332
msgstr ""
1333
1334
+ #: src/settings-hardening.php:110 src/settings-hardening.php:256 src/settings-hardening.php:315
1335
+ #: src/settings-hardening.php:384 src/settings-hardening.php:416 src/settings-hardening.php:456
1336
+ #: src/settings-hardening.php:549
1337
msgid "Apply Hardening"
1338
msgstr ""
1339
1340
+ #: src/settings-hardening.php:114 src/settings-hardening.php:167 src/settings-hardening.php:248
1341
+ #: src/settings-hardening.php:252 src/settings-hardening.php:307 src/settings-hardening.php:311
1342
+ #: src/settings-hardening.php:376 src/settings-hardening.php:380 src/settings-hardening.php:419
1343
+ #: src/settings-hardening.php:452 src/settings-hardening.php:545
1344
msgid "Revert Hardening"
1345
msgstr ""
1346
1347
+ #: src/settings-hardening.php:139
1348
msgid "Check Updates Now"
1349
msgstr ""
1350
1351
+ #: src/settings-hardening.php:140
1352
msgid "Verify WordPress Version"
1353
msgstr ""
1354
1355
+ #: src/settings-hardening.php:141
1356
msgid ""
1357
+ "Why keep your site updated? WordPress is an open-source project which means that with every update the details of the "
1358
+ "changes made to the source code are made public, if there were security fixes then someone with malicious intent can use "
1359
+ "this information to attack any site that has not been upgraded."
1360
msgstr ""
1361
1362
+ #: src/settings-hardening.php:145
1363
msgid "WordPress Update Available"
1364
msgstr ""
1365
1366
+ #: src/settings-hardening.php:165
1367
msgid "Remove WordPress Version"
1368
msgstr ""
1369
1370
+ #: src/settings-hardening.php:169
1371
msgid ""
1372
+ "It checks if your WordPress version is being leaked to the public via a HTML meta-tag. Many web vulnerability scanners use "
1373
+ "this to determine which version of the code is running in your website. They use this to find disclosed vulnerabilities "
1374
+ "associated to this version number. A vulnerability scanner can still guess which version of WordPress is installed by "
1375
+ "comparing the checksum of some static files."
1376
msgstr ""
1377
1378
+ #: src/settings-hardening.php:189
1379
msgid ""
1380
+ "Read the official WordPress guidelines to learn how to restrict access to PHP files in sensitive directories - <a href="
1381
+ "\"https://codex.wordpress.org/Nginx#Global_restrictions_file\" target=\"_blank\" rel=\"noopener\">Nginx Global "
1382
+ "Restrictions For WordPress</a>"
1383
msgstr ""
1384
1385
+ #: src/settings-hardening.php:193
1386
msgid "Block of Certain PHP Files"
1387
msgstr ""
1388
1389
+ #: src/settings-hardening.php:196
1390
msgid "Check Hardening"
1391
msgstr ""
1392
1393
+ #: src/settings-hardening.php:197 src/settings-hardening.php:243 src/settings-hardening.php:302
1394
+ #: src/settings-hardening.php:371
1395
msgid ""
1396
+ "Block the execution of PHP files in sensitive directories. Be careful while applying this hardening option as there are "
1397
+ "many plugins and theme which rely on the ability to execute PHP files in the content directory to generate images or save "
1398
+ "temporary data. Use the \"Whitelist PHP Files\" tool to add exceptions to individual files."
1399
msgstr ""
1400
1401
+ #: src/settings-hardening.php:224 src/settings-hardening.php:225
1402
msgid "Hardening applied to the uploads directory"
1403
msgstr ""
1404
1405
+ #: src/settings-hardening.php:227 src/settings-hardening.php:286 src/settings-hardening.php:353
1406
msgid "Error hardening directory, check the permissions."
1407
msgstr ""
1408
1409
+ #: src/settings-hardening.php:235 src/settings-hardening.php:236
1410
msgid "Hardening reverted in the uploads directory"
1411
msgstr ""
1412
1413
+ #: src/settings-hardening.php:238 src/settings-hardening.php:297 src/settings-hardening.php:366
1414
msgid "Access file is not writable, check the permissions."
1415
msgstr ""
1416
1417
+ #: src/settings-hardening.php:242
1418
msgid "Block PHP Files in Uploads Directory"
1419
msgstr ""
1420
1421
+ #: src/settings-hardening.php:283 src/settings-hardening.php:284
1422
msgid "Hardening applied to the content directory"
1423
msgstr ""
1424
1425
+ #: src/settings-hardening.php:294 src/settings-hardening.php:295
1426
msgid "Hardening reverted in the content directory"
1427
msgstr ""
1428
1429
+ #: src/settings-hardening.php:301
1430
msgid "Block PHP Files in WP-CONTENT Directory"
1431
msgstr ""
1432
1433
+ #: src/settings-hardening.php:347 src/settings-hardening.php:348
1434
msgid "Hardening applied to the library directory"
1435
msgstr ""
1436
1437
+ #: src/settings-hardening.php:363 src/settings-hardening.php:364
1438
msgid "Hardening reverted in the library directory"
1439
msgstr ""
1440
1441
+ #: src/settings-hardening.php:370
1442
msgid "Block PHP Files in WP-INCLUDES Directory"
1443
msgstr ""
1444
1445
+ #: src/settings-hardening.php:403
1446
#, php-format
1447
msgid "Cannot delete <code>%s/readme.html</code>"
1448
msgstr ""
1449
1450
+ #: src/settings-hardening.php:405 src/settings-hardening.php:406
1451
msgid "Hardening applied to the <code>readme.html</code> file"
1452
msgstr ""
1453
1454
+ #: src/settings-hardening.php:410
1455
msgid "Information Leakage"
1456
msgstr ""
1457
1458
+ #: src/settings-hardening.php:411
1459
msgid ""
1460
+ "Checks if the WordPress README file still exists in the website. The information in this file can be used by malicious "
1461
+ "users to pin-point which disclosed vulnerabilities are associated to the website. Be aware that WordPress recreates this "
1462
+ "file automatically with every update."
1463
msgstr ""
1464
1465
+ #: src/settings-hardening.php:446
1466
msgid "Default Admin Account"
1467
msgstr ""
1468
1469
+ #: src/settings-hardening.php:447
1470
msgid ""
1471
+ "Check if the primary user account still uses the name \"admin\". This allows malicious users to easily identify which "
1472
+ "account has the highest privileges to target an attack."
1473
msgstr ""
1474
1475
+ #: src/settings-hardening.php:476 src/settings-hardening.php:507 src/settings-posthack.php:63
1476
msgid "WordPress configuration file was not found."
1477
msgstr ""
1478
1479
+ #: src/settings-hardening.php:478 src/settings-hardening.php:509 src/settings-posthack.php:76
1480
msgid "WordPress configuration file is not writable."
1481
msgstr ""
1482
1483
+ #: src/settings-hardening.php:498 src/settings-hardening.php:499
1484
msgid "Hardening applied to the plugin and theme editor"
1485
msgstr ""
1486
1487
+ #: src/settings-hardening.php:527
1488
msgid ""
1489
+ "File Editor was not disabled using this tool. You must scan your project for a constant defined as DISALLOW_FILE_EDIT, "
1490
+ "then either delete it or set its value to False. Any plugin/theme can disable the file editor, so it is impossible to "
1491
+ "determine the origin of the constant."
1492
msgstr ""
1493
1494
+ #: src/settings-hardening.php:533 src/settings-hardening.php:534
1495
msgid "Hardening reverted in the plugin and theme editor"
1496
msgstr ""
1497
1498
+ #: src/settings-hardening.php:539
1499
msgid "Plugin and Theme Editor"
1500
msgstr ""
1501
1502
+ #: src/settings-hardening.php:540
1503
msgid ""
1504
+ "Disables the theme and plugin editors to prevent unwanted modifications to th