Sucuri Security – Auditing, Malware Scanner and Security Hardening

Version Description

Fix notice about MONTH_IN_SECONDS in WP < 4.4
Update reset password workflow

Release Info

Developer	imgersonr
Plugin	Sucuri Security – Auditing, Malware Scanner and Security Hardening
Version	1.8.25
Comparing to
See all releases

Code changes from version 1.8.24 to 1.8.25

Files changed (42) hide show

inc/tpl/auditlogs.html.tpl +3 -3
inc/tpl/auditlogs.snippet.tpl +1 -1
inc/tpl/integrity-incorrect.html.tpl +3 -3
inc/tpl/lastlogins-admins.html.tpl +1 -1
inc/tpl/lastlogins-all.html.tpl +2 -2
inc/tpl/lastlogins-failedlogins.html.tpl +2 -2
inc/tpl/lastlogins-loggedin.html.tpl +1 -1
inc/tpl/lastlogins.html.tpl +4 -4
inc/tpl/settings-alerts-bruteforce.html.tpl +2 -2
inc/tpl/settings-alerts-events.html.tpl +1 -1
inc/tpl/settings-alerts-ignore-posts.html.tpl +5 -5
inc/tpl/settings-alerts-perhour.html.tpl +2 -2
inc/tpl/settings-alerts-recipients.html.tpl +4 -4
inc/tpl/settings-alerts-subject.html.tpl +2 -2
inc/tpl/settings-alerts-trustedips.html.tpl +4 -4
inc/tpl/settings-apiservice-checksums.html.tpl +2 -2
inc/tpl/settings-apiservice-status.html.tpl +1 -1
inc/tpl/settings-general-datastorage.html.tpl +3 -3
inc/tpl/settings-general-importexport.html.tpl +3 -3
inc/tpl/settings-general-ipdiscoverer.html.tpl +3 -3
inc/tpl/settings-general-resetoptions.html.tpl +2 -2
inc/tpl/settings-general-reverseproxy.html.tpl +1 -1
inc/tpl/settings-general-timezone.html.tpl +2 -2
inc/tpl/settings-hardening-whitelist-phpfiles.html.tpl +3 -3
inc/tpl/settings-posthack-reset-password-alert.html.tpl +1 -1
inc/tpl/settings-posthack-reset-password.html.tpl +2 -2
inc/tpl/settings-posthack-reset-password.snippet.tpl +1 -1
inc/tpl/settings-posthack-reset-plugins.html.tpl +1 -1
inc/tpl/settings-posthack-reset-plugins.snippet.tpl +1 -1
inc/tpl/settings-posthack-security-keys.html.tpl +5 -5
inc/tpl/settings-scanner-cronjobs.html.tpl +3 -3
inc/tpl/settings-scanner-cronjobs.snippet.tpl +1 -1
inc/tpl/settings-scanner-ignore-folders.html.tpl +4 -4
inc/tpl/settings-scanner-integrity-cache.html.tpl +2 -2
inc/tpl/settings-scanner-integrity-diff-utility.html.tpl +1 -1
inc/tpl/settings-webinfo-details.snippet.tpl +1 -1
inc/tpl/settings-webinfo-htaccess.html.tpl +1 -1
inc/tpl/sitecheck-target.html.tpl +3 -3
readme.txt +5 -2
src/event.lib.php +78 -5
src/strings.php +2 -2
sucuri.php +2 -2

inc/tpl/auditlogs.html.tpl CHANGED Viewed

	@@ -103,7 +103,7 @@ jQuery(document).ready(function ($) {
103	</script>
104
105	<div class="sucuriscan-auditlog-table">
106	- <div class="sucuriscan-auditlog-response">
107	<em>{{Loading...}}</em>
108	</div>
109
	@@ -117,11 +117,11 @@ jQuery(document).ready(function ($) {
117	</div>
118	</div>
119
120	- <div class="sucuriscan-clearfix sucuriscan-auditlog-footer">
121	<div class="sucuriscan-pull-left sucuriscan-hidden sucuriscan-tooltip
122	sucuriscan-sendlogs-panel" tooltip-width="250" tooltip-html="true">
123	<small class="sucuriscan-auditlogs-sendlogs-response"></small>
124	- <small><a href="#" class="sucuriscan-auditlogs-sendlogs">{{Send Logs}}</a></small>
125	</div>
126
127	<div class="sucuriscan-pull-right">


103	</script>
104
105	<div class="sucuriscan-auditlog-table">
106	+ <div class="sucuriscan-auditlog-response" data-cy="sucuriscan_auditlog_response_loading">
107	<em>{{Loading...}}</em>
108	</div>
109

117	</div>
118	</div>
119
120	+ <div class="sucuriscan-clearfix sucuriscan-auditlog-footer" data-cy="sucuriscan_audit_logs_footer">
121	<div class="sucuriscan-pull-left sucuriscan-hidden sucuriscan-tooltip
122	sucuriscan-sendlogs-panel" tooltip-width="250" tooltip-html="true">
123	<small class="sucuriscan-auditlogs-sendlogs-response"></small>
124	+ <small><a href="#" class="sucuriscan-auditlogs-sendlogs" data-cy="sucuriscan_dashboard_send_audit_logs_submit">{{Send Logs}}</a></small>
125	</div>
126
127	<div class="sucuriscan-pull-right">

inc/tpl/auditlogs.snippet.tpl CHANGED Viewed

	@@ -15,7 +15,7 @@
15	</div>
16
17	<div class="sucuriscan-pull-left sucuriscan-auditlog-entry-message">
18	- <div class="sucuriscan-auditlog-entry-title">
19	<strong>%%SUCURI.AuditLog.Username%%</strong>
20	<span>%%SUCURI.AuditLog.Message%%</span>
21	</div>


15	</div>
16
17	<div class="sucuriscan-pull-left sucuriscan-auditlog-entry-message">
18	+ <div class="sucuriscan-auditlog-entry-title" data-cy="sucuriscan_auditlog_entry_title">
19	<strong>%%SUCURI.AuditLog.Username%%</strong>
20	<span>%%SUCURI.AuditLog.Message%%</span>
21	</div>

inc/tpl/integrity-incorrect.html.tpl CHANGED Viewed

	@@ -77,7 +77,7 @@
77	</tr>
78	</thead>
79
80	- <tbody>
81	%%%SUCURI.Integrity.List%%%
82	</tbody>
83	</table>
	@@ -85,7 +85,7 @@
85	<p>
86	<label>
87	<input type="hidden" name="sucuriscan_process_form" value="0" />
88	- <input type="checkbox" name="sucuriscan_process_form" value="1" />
89	<span>{{I understand that this operation cannot be reverted.}}</span>
90	</label>
91	</p>
	@@ -99,7 +99,7 @@
99	<option value="delete">{{Delete File}}</option>
100	</select>
101
102	- <button type="submit" class="button button-primary">{{Submit}}</button>
103
104	<span class="sucuriscan-tooltip" content="{{Marking one or more files as fixed will force the plugin to ignore them during the next scan, very useful when you find false positives. Additionally you can restore the original content of the core files that appear as modified or deleted, this will tell the plugin to download a copy of the original files from the official WordPress repository. Deleting a file is an irreversible action, be careful.}}">
105	<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="14" height="14">


77	</tr>
78	</thead>
79
80	+ <tbody data-cy="sucuriscan_integrity_list_table">
81	%%%SUCURI.Integrity.List%%%
82	</tbody>
83	</table>

85	<p>
86	<label>
87	<input type="hidden" name="sucuriscan_process_form" value="0" />
88	+ <input type="checkbox" name="sucuriscan_process_form" value="1" data-cy="sucuriscan_integrity_incorrect_checkbox" />
89	<span>{{I understand that this operation cannot be reverted.}}</span>
90	</label>
91	</p>

99	<option value="delete">{{Delete File}}</option>
100	</select>
101
102	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_integrity_incorrect_submit">{{Submit}}</button>
103
104	<span class="sucuriscan-tooltip" content="{{Marking one or more files as fixed will force the plugin to ignore them during the next scan, very useful when you find false positives. Additionally you can restore the original content of the core files that appear as modified or deleted, this will tell the plugin to download a copy of the original files from the official WordPress repository. Deleting a file is an irreversible action, be careful.}}">
105	<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" width="14" height="14">

inc/tpl/lastlogins-admins.html.tpl CHANGED Viewed

	@@ -15,7 +15,7 @@
15	</tr>
16	</thead>
17
18	- <tbody>
19	%%%SUCURI.AdminUsers.List%%%
20	</tbody>
21	</table>


15	</tr>
16	</thead>
17
18	+ <tbody data-cy="sucuriscan_successful_logins_table">
19	%%%SUCURI.AdminUsers.List%%%
20	</tbody>
21	</table>

inc/tpl/lastlogins-all.html.tpl CHANGED Viewed

	@@ -20,7 +20,7 @@
20	</tr>
21	</thead>
22
23	- <tbody>
24	%%%SUCURI.UserList%%%
25
26	<tr class="sucuriscan-%%SUCURI.UserList.NoItemsVisibility%%">
	@@ -42,6 +42,6 @@
42	<form action="%%SUCURI.URL.Lastlogins%%#allusers" method="post">
43	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
44	<input type="hidden" name="sucuriscan_delete_lastlogins" value="1" />
45	- <input type="submit" value="{{Delete All Successful Logins}}" class="button button-primary" />
46	</form>
47	</div>


20	</tr>
21	</thead>
22
23	+ <tbody data-cy="sucuriscan_last_logins_table">
24	%%%SUCURI.UserList%%%
25
26	<tr class="sucuriscan-%%SUCURI.UserList.NoItemsVisibility%%">

42	<form action="%%SUCURI.URL.Lastlogins%%#allusers" method="post">
43	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
44	<input type="hidden" name="sucuriscan_delete_lastlogins" value="1" />
45	+ <input type="submit" value="{{Delete All Successful Logins}}" class="button button-primary" data-cy="sucuriscan_last_logins_delete_logins_button" />
46	</form>
47	</div>

inc/tpl/lastlogins-failedlogins.html.tpl CHANGED Viewed

	@@ -18,7 +18,7 @@
18	</tr>
19	</thead>
20
21	- <tbody>
22	%%%SUCURI.FailedLogins.List%%%
23
24	<tr class="sucuriscan-%%SUCURI.FailedLogins.NoItemsVisibility%%">
	@@ -41,7 +41,7 @@
41	<form action="%%SUCURI.URL.Lastlogins%%#failed" method="post">
42	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
43	<input type="hidden" name="sucuriscan_delete_failedlogins" value="1" />
44	- <input type="submit" value="{{Delete All Failed Logins}}" class="button button-primary" />
45	</form>
46	</div>
47	</div>


18	</tr>
19	</thead>
20
21	+ <tbody data-cy="sucuriscan_failedlogins_table">
22	%%%SUCURI.FailedLogins.List%%%
23
24	<tr class="sucuriscan-%%SUCURI.FailedLogins.NoItemsVisibility%%">

41	<form action="%%SUCURI.URL.Lastlogins%%#failed" method="post">
42	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
43	<input type="hidden" name="sucuriscan_delete_failedlogins" value="1" />
44	+ <input type="submit" value="{{Delete All Failed Logins}}" class="button button-primary" data-cy="sucuriscan_failedlogins_delete_logins_button" />
45	</form>
46	</div>
47	</div>

inc/tpl/lastlogins-loggedin.html.tpl CHANGED Viewed

	@@ -5,7 +5,7 @@
5	<div class="inside">
6	<p>{{Here you can see a list of the users that are currently logged-in.}}</p>
7
8	- <table class="wp-list-table widefat sucuriscan-loggedin-users">
9	<thead>
10	<tr>
11	<th colspan="6">{{Logged-in Users}}</th>


5	<div class="inside">
6	<p>{{Here you can see a list of the users that are currently logged-in.}}</p>
7
8	+ <table class="wp-list-table widefat sucuriscan-loggedin-users" data-cy=sucuriscan_successful_loggedin_table>
9	<thead>
10	<tr>
11	<th colspan="6">{{Logged-in Users}}</th>

inc/tpl/lastlogins.html.tpl CHANGED Viewed

	@@ -1,10 +1,10 @@
1
2	<div class="sucuriscan-tabs">
3	<ul class="sucuriscan-clearfix sucuriscan-tabs-buttons">
4	- <li><a href="%%SUCURI.URL.Lastlogins%%#allusers">{{All Users}}</a></li>
5	- <li><a href="%%SUCURI.URL.Lastlogins%%#admins">{{Admins}}</a></li>
6	- <li><a href="%%SUCURI.URL.Lastlogins%%#loggedin">{{Logged-in Users}}</a></li>
7	- <li><a href="%%SUCURI.URL.Lastlogins%%#failed">{{Failed Logins}}</a></li>
8	</ul>
9
10	<div class="sucuriscan-tabs-containers">


1
2	<div class="sucuriscan-tabs">
3	<ul class="sucuriscan-clearfix sucuriscan-tabs-buttons">
4	+ <li><a href="%%SUCURI.URL.Lastlogins%%#allusers" data-cy="sucuriscan_lastlogins_nav_all_users">{{All Users}}</a></li>
5	+ <li><a href="%%SUCURI.URL.Lastlogins%%#admins" data-cy="sucuriscan_lastlogins_nav_admins">{{Admins}}</a></li>
6	+ <li><a href="%%SUCURI.URL.Lastlogins%%#loggedin" data-cy="sucuriscan_lastlogins_nav_loggedin">{{Logged-in Users}}</a></li>
7	+ <li><a href="%%SUCURI.URL.Lastlogins%%#failed" data-cy="sucuriscan_lastlogins_nav_failed">{{Failed Logins}}</a></li>
8	</ul>
9
10	<div class="sucuriscan-tabs-containers">

inc/tpl/settings-alerts-bruteforce.html.tpl CHANGED Viewed

	@@ -9,10 +9,10 @@
9	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10	<fieldset class="sucuriscan-clearfix">
11	<label>{{Consider Brute-Force Attack After:}}</label>
12	- <select name="sucuriscan_maximum_failed_logins">
13	%%%SUCURI.Alerts.BruteForce%%%
14	</select>
15	- <button type="submit" class="button button-primary">{{Submit}}</button>
16	</fieldset>
17	</form>
18	</div>


9	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10	<fieldset class="sucuriscan-clearfix">
11	<label>{{Consider Brute-Force Attack After:}}</label>
12	+ <select name="sucuriscan_maximum_failed_logins" data-cy="sucuriscan_max_failed_logins_select">
13	%%%SUCURI.Alerts.BruteForce%%%
14	</select>
15	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_max_failed_logins_submit">{{Submit}}</button>
16	</fieldset>
17	</form>
18	</div>

inc/tpl/settings-alerts-events.html.tpl CHANGED Viewed

	@@ -27,7 +27,7 @@
27	</table>
28
29	<div class="sucuriscan-recipient-form">
30	- <button type="submit" name="sucuriscan_save_alert_events" class="button button-primary">{{Submit}}</button>
31	</div>
32	</form>
33	</div>


27	</table>
28
29	<div class="sucuriscan-recipient-form">
30	+ <button type="submit" name="sucuriscan_save_alert_events" class="button button-primary" data-cy="sucuriscan_save_alert_events_submit">{{Submit}}</button>
31	</div>
32	</form>
33	</div>

inc/tpl/settings-alerts-ignore-posts.html.tpl CHANGED Viewed

	@@ -15,14 +15,14 @@
15
16	<fieldset class="sucuriscan-clearfix">
17	<label>{{Stop Alerts For This Post-Type:}}</label>
18	- <input type="text" name="sucuriscan_ignorerule" placeholder="{{e.g. unique_post_type_id}}" />
19	- <button type="submit" class="button button-primary">{{Submit}}</button>
20	</fieldset>
21	</form>
22
23	<hr>
24
25	- <button class="button button-primary sucuriscan-show-section" section="sucuriscan-ignorerules" on="{{Show Post-Types Table}}" off="{{Hide Post-Types Table}}">{{Show Post-Types Table}}</button>
26
27	<div class="sucuriscan-hidden" id="sucuriscan-ignorerules">
28	<hr>
	@@ -31,7 +31,7 @@
31	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
32	<input type="hidden" name="sucuriscan_ignorerule_action" value="batch" />
33
34	- <table class="wp-list-table widefat sucuriscan-table sucuriscan-settings-ignorerules">
35	<thead>
36	<tr>
37	<td id="cb" class="manage-column column-cb check-column">
	@@ -49,7 +49,7 @@
49	</tbody>
50	</table>
51
52	- <button type="submit" class="button button-primary">{{Submit}}</button>
53	</form>
54	</div>
55	</div>


15
16	<fieldset class="sucuriscan-clearfix">
17	<label>{{Stop Alerts For This Post-Type:}}</label>
18	+ <input type="text" name="sucuriscan_ignorerule" placeholder="{{e.g. unique_post_type_id}}" data-cy="sucuriscan_alerts_post_type_input" />
19	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_alerts_post_type_submit">{{Submit}}</button>
20	</fieldset>
21	</form>
22
23	<hr>
24
25	+ <button class="button button-primary sucuriscan-show-section" section="sucuriscan-ignorerules" on="{{Show Post-Types Table}}" off="{{Hide Post-Types Table}}" data-cy="sucuriscan_alerts_post_type_toggle_post_type_list">{{Show Post-Types Table}}</button>
26
27	<div class="sucuriscan-hidden" id="sucuriscan-ignorerules">
28	<hr>

31	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
32	<input type="hidden" name="sucuriscan_ignorerule_action" value="batch" />
33
34	+ <table class="wp-list-table widefat sucuriscan-table sucuriscan-settings-ignorerules" data-cy="sucuriscan_alerts_post_type_table">
35	<thead>
36	<tr>
37	<td id="cb" class="manage-column column-cb check-column">

49	</tbody>
50	</table>
51
52	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_alerts_post_type_save_submit">{{Submit}}</button>
53	</form>
54	</div>
55	</div>

inc/tpl/settings-alerts-perhour.html.tpl CHANGED Viewed

	@@ -9,10 +9,10 @@
9	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10	<fieldset class="sucuriscan-clearfix">
11	<label>{{Maximum Alerts Per Hour:}}</label>
12	- <select name="sucuriscan_emails_per_hour">
13	%%%SUCURI.Alerts.PerHour%%%
14	</select>
15	- <button type="submit" class="button button-primary">{{Submit}}</button>
16	</fieldset>
17	</form>
18	</div>


9	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10	<fieldset class="sucuriscan-clearfix">
11	<label>{{Maximum Alerts Per Hour:}}</label>
12	+ <select name="sucuriscan_emails_per_hour" data-cy="sucuriscan_alerts_per_hour_select">
13	%%%SUCURI.Alerts.PerHour%%%
14	</select>
15	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_alerts_per_hour_submit">{{Submit}}</button>
16	</fieldset>
17	</form>
18	</div>

inc/tpl/settings-alerts-recipients.html.tpl CHANGED Viewed

	@@ -10,8 +10,8 @@
10
11	<fieldset class="sucuriscan-clearfix">
12	<label>{{E-mail:}}</label>
13	- <input type="text" name="sucuriscan_recipient" placeholder="{{e.g. user@example.com}}" />
14	- <button type="submit" name="sucuriscan_save_recipient" class="button button-primary">{{Submit}}</button>
15	</fieldset>
16
17	<table class="wp-list-table widefat sucuriscan-table">
	@@ -30,8 +30,8 @@
30	</tbody>
31	</table>
32
33	- <button type="submit" name="sucuriscan_delete_recipients" class="button button-primary">{{Delete}}</button>
34	- <button type="submit" name="sucuriscan_debug_email" value="1" class="button button-primary">{{Test Alerts}}</button>
35	</form>
36	</div>
37	</div>


10
11	<fieldset class="sucuriscan-clearfix">
12	<label>{{E-mail:}}</label>
13	+ <input type="text" name="sucuriscan_recipient" placeholder="{{e.g. user@example.com}}" data-cy="sucuriscan_alerts_recipient_input" />
14	+ <button type="submit" name="sucuriscan_save_recipient" class="button button-primary" data-cy="sucuriscan_alerts_recipient_add_email_submit">{{Submit}}</button>
15	</fieldset>
16
17	<table class="wp-list-table widefat sucuriscan-table">

30	</tbody>
31	</table>
32
33	+ <button type="submit" name="sucuriscan_delete_recipients" class="button button-primary" data-cy="sucuriscan_alerts_delete_recipient_submit">{{Delete}}</button>
34	+ <button type="submit" name="sucuriscan_debug_email" value="1" class="button button-primary" data-cy="sucuriscan_alerts_test_recipient_submit">{{Test Alerts}}</button>
35	</form>
36	</div>
37	</div>

inc/tpl/settings-alerts-subject.html.tpl CHANGED Viewed

	@@ -15,13 +15,13 @@
15	<label>
16	<input type="radio" name="sucuriscan_email_subject" value="custom" %%SUCURI.Alerts.CustomChecked%% />
17	<span>{{Custom Format}}</span>
18	- <input type="text" name="sucuriscan_custom_email_subject" value="%%SUCURI.Alerts.CustomValue%%" />
19	</label>
20	</li>
21	</ul>
22
23	<div class="sucuriscan-recipient-form">
24	- <button type="submit" class="button button-primary">{{Submit}}</button>
25	</div>
26	</form>
27	</div>


15	<label>
16	<input type="radio" name="sucuriscan_email_subject" value="custom" %%SUCURI.Alerts.CustomChecked%% />
17	<span>{{Custom Format}}</span>
18	+ <input type="text" name="sucuriscan_custom_email_subject" value="%%SUCURI.Alerts.CustomValue%%" data-cy="sucuriscan_alerts_subject_input" />
19	</label>
20	</li>
21	</ul>
22
23	<div class="sucuriscan-recipient-form">
24	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_alerts_subject_submit">{{Submit}}</button>
25	</div>
26	</form>
27	</div>

inc/tpl/settings-alerts-trustedips.html.tpl CHANGED Viewed

	@@ -10,8 +10,8 @@
10
11	<fieldset class="sucuriscan-clearfix">
12	<label>{{IP Address:}}</label>
13	- <input type="text" name="sucuriscan_trust_ip" placeholder="{{e.g. 182.120.56.0/24}}" />
14	- <input type="submit" value="{{Submit}}" class="button button-primary" />
15	</fieldset>
16	</form>
17
	@@ -20,7 +20,7 @@
20	<form action="%%SUCURI.URL.Settings%%#alerts" method="post">
21	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
22
23	- <table class="wp-list-table widefat sucuriscan-table sucuriscan-settings-trustip">
24	<thead>
25	<tr>
26	<td id="cb" class="manage-column column-cb check-column">
	@@ -44,7 +44,7 @@
44	</tbody>
45	</table>
46
47	- <button type="submit" class="button button-primary">{{Delete}}</button>
48	</form>
49	</div>
50	</div>


10
11	<fieldset class="sucuriscan-clearfix">
12	<label>{{IP Address:}}</label>
13	+ <input type="text" name="sucuriscan_trust_ip" placeholder="{{e.g. 182.120.56.0/24}}" data-cy="sucuriscan_trusted_ip_input" />
14	+ <input type="submit" value="{{Submit}}" class="button button-primary" data-cy="sucuriscan_trusted_ip_add_ip_submit" />
15	</fieldset>
16	</form>
17

20	<form action="%%SUCURI.URL.Settings%%#alerts" method="post">
21	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
22
23	+ <table class="wp-list-table widefat sucuriscan-table sucuriscan-settings-trustip" data-cy="sucuriscan_trusted_ip_table">
24	<thead>
25	<tr>
26	<td id="cb" class="manage-column column-cb check-column">

44	</tbody>
45	</table>
46
47	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_trusted_ip_delete_ip_submit">{{Delete}}</button>
48	</form>
49	</div>
50	</div>

inc/tpl/settings-apiservice-checksums.html.tpl CHANGED Viewed

	@@ -15,8 +15,8 @@
15	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
16	<fieldset class="sucuriscan-clearfix">
17	<label>{{WordPress Checksums API}}:</label>
18	- <input type="text" name="sucuriscan_checksum_api" placeholder="{{e.g. URL — or — user/repo}}" size="30" />
19	- <button type="submit" class="button button-primary">{{Submit}}</button>
20	</fieldset>
21	</form>
22	</div>


15	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
16	<fieldset class="sucuriscan-clearfix">
17	<label>{{WordPress Checksums API}}:</label>
18	+ <input type="text" name="sucuriscan_checksum_api" placeholder="{{e.g. URL — or — user/repo}}" size="30" data-cy="sucuriscan_wordpress_checksum_api_input" />
19	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_wordpress_checksum_api_submit">{{Submit}}</button>
20	</fieldset>
21	</form>
22	</div>

inc/tpl/settings-apiservice-status.html.tpl CHANGED Viewed

	@@ -15,7 +15,7 @@
15	<form action="%%SUCURI.URL.Settings%%#apiservice" method="post">
16	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
17	<input type="hidden" name="sucuriscan_api_service" value="%%SUCURI.ApiStatus.SwitchValue%%" />
18	- <button type="submit" class="button button-primary">%%SUCURI.ApiStatus.SwitchText%%</button>
19	</form>
20	</div>
21


15	<form action="%%SUCURI.URL.Settings%%#apiservice" method="post">
16	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
17	<input type="hidden" name="sucuriscan_api_service" value="%%SUCURI.ApiStatus.SwitchValue%%" />
18	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_api_status_toggle">%%SUCURI.ApiStatus.SwitchText%%</button>
19	</form>
20	</div>
21

inc/tpl/settings-general-datastorage.html.tpl CHANGED Viewed

	@@ -14,12 +14,12 @@
14	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
15	<input type="hidden" name="sucuriscan_reset_storage" value="1" />
16
17	- <table class="wp-list-table widefat sucuriscan-table">
18	<thead>
19	<tr>
20	<td id="cb" class="manage-column column-cb check-column">
21	<label class="screen-reader-text" for="cb-select-all-1">{{Select All}}</label>
22	- <input id="cb-select-all-1" type="checkbox">
23	</td>
24	<th class="manage-column">{{File Path}}</th>
25	<th class="manage-column">{{File Size}}</th>
	@@ -34,7 +34,7 @@
34	</table>
35
36	<p>
37	- <button type="submit" class="button button-primary">{{Delete}}</button>
38	</p>
39	</form>
40	</div>


14	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
15	<input type="hidden" name="sucuriscan_reset_storage" value="1" />
16
17	+ <table class="wp-list-table widefat sucuriscan-table" data-cy="sucuriscan_general_datastore_table">
18	<thead>
19	<tr>
20	<td id="cb" class="manage-column column-cb check-column">
21	<label class="screen-reader-text" for="cb-select-all-1">{{Select All}}</label>
22	+ <input id="cb-select-all-1" type="checkbox" data-cy="sucuriscan_general_datastore_delete_checkbox">
23	</td>
24	<th class="manage-column">{{File Path}}</th>
25	<th class="manage-column">{{File Size}}</th>

34	</table>
35
36	<p>
37	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_general_datastore_delete_button">{{Delete}}</button>
38	</p>
39	</form>
40	</div>

inc/tpl/settings-general-importexport.html.tpl CHANGED Viewed

	@@ -8,17 +8,17 @@
8
9	<p>{{Copy the JSON-encoded data from the box below, go to your other websites and click the <em>"Import"</em> button in the settings page. The plugin will start using the same settings from this website. Notice that some options are omitted as they contain values specific to this website. To import the settings from another website into this one, replace the JSON-encoded data in the box below with the JSON-encoded data exported from the other website, then click the button <em>"Import"</em>. Notice that some options will not be imported to reduce the security risk of writing arbitrary data into the disk.}}</p>
10
11	- <textarea name="sucuriscan_settings" class="sucuriscan-full-textarea sucuriscan-monospace">%%SUCURI.Export%%</textarea>
12
13	<p>
14	<label>
15	<input type="hidden" name="sucuriscan_process_form" value="0" />
16	- <input type="checkbox" name="sucuriscan_process_form" value="1" />
17	<span>{{I understand that this operation cannot be reverted.}}</span>
18	</label>
19	</p>
20
21	- <button type="submit" name="sucuriscan_import" class="button button-primary">{{Submit}}</button>
22	</form>
23	</div>
24	</div>


8
9	<p>{{Copy the JSON-encoded data from the box below, go to your other websites and click the <em>"Import"</em> button in the settings page. The plugin will start using the same settings from this website. Notice that some options are omitted as they contain values specific to this website. To import the settings from another website into this one, replace the JSON-encoded data in the box below with the JSON-encoded data exported from the other website, then click the button <em>"Import"</em>. Notice that some options will not be imported to reduce the security risk of writing arbitrary data into the disk.}}</p>
10
11	+ <textarea name="sucuriscan_settings" class="sucuriscan-full-textarea sucuriscan-monospace" data-cy="sucuriscan_import_export_settings_textarea">%%SUCURI.Export%%</textarea>
12
13	<p>
14	<label>
15	<input type="hidden" name="sucuriscan_process_form" value="0" />
16	+ <input type="checkbox" name="sucuriscan_process_form" value="1" data-cy="sucuriscan_import_export_settings_checkbox" />
17	<span>{{I understand that this operation cannot be reverted.}}</span>
18	</label>
19	</p>
20
21	+ <button type="submit" name="sucuriscan_import" class="button button-primary" data-cy="sucuriscan_import_export_settings_submit">{{Submit}}</button>
22	</form>
23	</div>
24	</div>

inc/tpl/settings-general-ipdiscoverer.html.tpl CHANGED Viewed

	@@ -11,7 +11,7 @@
11	<form action="%%SUCURI.URL.Settings%%" method="post">
12	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
13	<input type="hidden" name="sucuriscan_dns_lookups" value="%%SUCURI.DnsLookupsSwitchValue%%" />
14	- <button type="submit" class="button button-primary">%%SUCURI.DnsLookupsSwitchText%%</button>
15	</form>
16	</div>
17
	@@ -20,10 +20,10 @@
20
21	<fieldset class="sucuriscan-clearfix">
22	<label>{{HTTP Header:}}</label>
23	- <select name="sucuriscan_addr_header">
24	%%%SUCURI.AddrHeaderOptions%%%
25	</select>
26	- <button type="submit" class="button button-primary">{{Proceed}}</button>
27	</fieldset>
28
29	<div class="sucuriscan-hstatus sucuriscan-hstatus-2 sucuriscan-monospace">


11	<form action="%%SUCURI.URL.Settings%%" method="post">
12	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
13	<input type="hidden" name="sucuriscan_dns_lookups" value="%%SUCURI.DnsLookupsSwitchValue%%" />
14	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_ip_address_discovery_toggle_submit">%%SUCURI.DnsLookupsSwitchText%%</button>
15	</form>
16	</div>
17

20
21	<fieldset class="sucuriscan-clearfix">
22	<label>{{HTTP Header:}}</label>
23	+ <select name="sucuriscan_addr_header" data-cy="sucuriscan_addr_header_select">
24	%%%SUCURI.AddrHeaderOptions%%%
25	</select>
26	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_addr_header_proceed">{{Proceed}}</button>
27	</fieldset>
28
29	<div class="sucuriscan-hstatus sucuriscan-hstatus-2 sucuriscan-monospace">

inc/tpl/settings-general-resetoptions.html.tpl CHANGED Viewed

	@@ -10,11 +10,11 @@
10	<p>
11	<label>
12	<input type="hidden" name="sucuriscan_process_form" value="0" />
13	- <input type="checkbox" name="sucuriscan_process_form" value="1" />
14	<span>{{I understand that this operation cannot be reverted.}}</span>
15	</label>
16	</p>
17	- <button type="submit" name="sucuriscan_reset_options" class="button button-primary">{{Submit}}</button>
18	</form>
19	</div>
20	</div>


10	<p>
11	<label>
12	<input type="hidden" name="sucuriscan_process_form" value="0" />
13	+ <input type="checkbox" name="sucuriscan_process_form" value="1" data-cy="sucuriscan_reset_checkbox" />
14	<span>{{I understand that this operation cannot be reverted.}}</span>
15	</label>
16	</p>
17	+ <button type="submit" name="sucuriscan_reset_options" class="button button-primary" data-cy="sucuriscan_reset_submit">{{Submit}}</button>
18	</form>
19	</div>
20	</div>

inc/tpl/settings-general-reverseproxy.html.tpl CHANGED Viewed

	@@ -11,7 +11,7 @@
11	<form action="%%SUCURI.URL.Settings%%" method="post">
12	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
13	<input type="hidden" name="sucuriscan_revproxy" value="%%SUCURI.ReverseProxySwitchValue%%" />
14	- <button type="submit" class="button button-primary">%%SUCURI.ReverseProxySwitchText%%</button>
15	</form>
16	</div>
17	</div>


11	<form action="%%SUCURI.URL.Settings%%" method="post">
12	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
13	<input type="hidden" name="sucuriscan_revproxy" value="%%SUCURI.ReverseProxySwitchValue%%" />
14	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_reverse_proxy_toggle">%%SUCURI.ReverseProxySwitchText%%</button>
15	</form>
16	</div>
17	</div>

inc/tpl/settings-general-timezone.html.tpl CHANGED Viewed

	@@ -9,10 +9,10 @@
9	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10	<fieldset class="sucuriscan-clearfix">
11	<label>{{Timezone:}}</label>
12	- <select name="sucuriscan_timezone">
13	%%%SUCURI.Timezone.Dropdown%%%
14	</select>
15	- <button type="submit" class="button button-primary">{{Submit}}</button>
16	<span><em>(%%SUCURI.Timezone.Example%%)</em></span>
17	</fieldset>
18	</form>


9	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10	<fieldset class="sucuriscan-clearfix">
11	<label>{{Timezone:}}</label>
12	+ <select name="sucuriscan_timezone" data-cy="sucuriscan_timezone_select">
13	%%%SUCURI.Timezone.Dropdown%%%
14	</select>
15	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_timezone_submit">{{Submit}}</button>
16	<span><em>(%%SUCURI.Timezone.Example%%)</em></span>
17	</fieldset>
18	</form>

inc/tpl/settings-hardening-whitelist-phpfiles.html.tpl CHANGED Viewed

	@@ -9,11 +9,11 @@
9	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10	<fieldset class="sucuriscan-clearfix">
11	<label>{{File Path:}}</label>
12	- <input type="text" name="sucuriscan_hardening_whitelist" placeholder="e.g. wp-tinymce.php" />
13	- <select name="sucuriscan_hardening_folder">
14	%%%SUCURI.HardeningWhitelist.AllowedFolders%%%
15	</select>
16	- <button type="submit" class="button button-primary">{{Submit}}</button>
17	</fieldset>
18	</form>
19


9	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10	<fieldset class="sucuriscan-clearfix">
11	<label>{{File Path:}}</label>
12	+ <input type="text" name="sucuriscan_hardening_whitelist" placeholder="e.g. wp-tinymce.php" data-cy="sucuriscan_hardening_whitelist_input" />
13	+ <select name="sucuriscan_hardening_folder" data-cy="sucuriscan_hardening_whitelist_select">
14	%%%SUCURI.HardeningWhitelist.AllowedFolders%%%
15	</select>
16	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_hardening_whitelist_submit">{{Submit}}</button>
17	</fieldset>
18	</form>
19

inc/tpl/settings-posthack-reset-password-alert.html.tpl CHANGED Viewed

	@@ -1,2 +1,2 @@
1
2	- {{WordPress has ~~generated~~ a ~~new (random)~~ password for your account <b>%%SUCURI.ResetPassword.UserName%%</b> at <a target="_blank" href="http://%%SUCURI.ResetPassword.Website%%" rel="noopener">%%SUCURI.ResetPassword.Website%%</a>. The change has been requested by one of the admins in this website for security reasons. ~~Your~~ new password is — <span style="font-family:Menlo, Monaco, monospace, serif;font-weight:700">%%%SUCURI.ResetPassword.~~Password~~%%%</span> &mdash~~; please change it as soon as possible.~~}}


1
2	+ {{WordPress has invalidated the password for your account <b>%%SUCURI.ResetPassword.UserName%%</b> at <a target="_blank" href="http://%%SUCURI.ResetPassword.Website%%" rel="noopener">%%SUCURI.ResetPassword.Website%%</a>. The change has been requested by one of the admins in this website for security reasons. You can set a new password at — <span style="font-family:Menlo, Monaco, monospace, serif;font-weight:700"><a target="_blank" href="%%%SUCURI.ResetPassword.ResetURL%%%" rel="noopener">%%%SUCURI.ResetPassword.ResetURL%%%</a></span> —.}}

inc/tpl/settings-posthack-reset-password.html.tpl CHANGED Viewed

	@@ -31,7 +31,7 @@
31	</script>
32
33	<div class="inside">
34	- <p>{{~~You~~ ~~can~~ ~~generate~~ a ~~new~~ ~~random~~ ~~password~~ ~~for~~ ~~the~~ ~~user~~ ~~accounts~~ ~~that~~ ~~you~~ ~~select~~ ~~from~~ ~~the~~ ~~list.~~ An ~~email~~ ~~with~~ ~~the~~ ~~new~~ ~~password will~~ be ~~sent~~ to the ~~email~~ ~~address~~ ~~of each chosen user. If you choose to~~ change the ~~password~~ of ~~your~~ ~~own~~ ~~user~~, ~~then~~ ~~your~~ ~~current~~ ~~session~~ ~~will~~ ~~expire~~ ~~immediately.~~ ~~You~~ ~~will need~~ to ~~log~~ ~~back~~ ~~into~~ ~~the~~ ~~admin panel with the new password that~~ will be ~~sent~~ to ~~your~~ ~~email~~.}}</p>
35
36	<table class="wp-list-table widefat sucuriscan-table sucuriscan-reset-password-table">
37	<thead>
	@@ -61,6 +61,6 @@
61	</table>
62
63	<button type="button" id="sucuriscan-reset-password-button"
64	- class="button button-primary">{{Submit}}</button>
65	</div>
66	</div>


31	</script>
32
33	<div class="inside">
34	+ <p>{{Select users from the list in order to change their passwords, terminate their sessions and email them a password reset link. Please be aware that the plugin will change the passwords before sending the emails, meaning that if your web server is unable to send emails, your users will be locked out of the site.}}</p>
35
36	<table class="wp-list-table widefat sucuriscan-table sucuriscan-reset-password-table">
37	<thead>

61	</table>
62
63	<button type="button" id="sucuriscan-reset-password-button"
64	+ class="button button-primary" data-cy="sucuriscan-reset-password-button">{{Submit}}</button>
65	</div>
66	</div>

inc/tpl/settings-posthack-reset-password.snippet.tpl CHANGED Viewed

	@@ -4,7 +4,7 @@
4	<input type="checkbox" name="user_ids[]" value="%%SUCURI.ResetPassword.UserID%%" %%SUCURI.ResetPassword.Disabled%% />
5	</th>
6
7	- <td>
8	<span class="sucuriscan-monospace">%%SUCURI.ResetPassword.Username%%</span>
9	<em class="sucuriscan-response"></em>
10	</td>


4	<input type="checkbox" name="user_ids[]" value="%%SUCURI.ResetPassword.UserID%%" %%SUCURI.ResetPassword.Disabled%% />
5	</th>
6
7	+ <td data-cy="sucuriscan-reset-password-user-field">
8	<span class="sucuriscan-monospace">%%SUCURI.ResetPassword.Username%%</span>
9	<em class="sucuriscan-response"></em>
10	</td>

inc/tpl/settings-posthack-reset-plugins.html.tpl CHANGED Viewed

	@@ -73,6 +73,6 @@
73	</tbody>
74	</table>
75
76	- <button type="button" id="sucuriscan_reset_plugins" class="button button-primary">{{Submit}}</button>
77	</div>
78	</div>


73	</tbody>
74	</table>
75
76	+ <button type="button" id="sucuriscan_reset_plugins" class="button button-primary" data-cy="sucuriscan_reset_plugins_submit">{{Submit}}</button>
77	</div>
78	</div>

inc/tpl/settings-posthack-reset-plugins.snippet.tpl CHANGED Viewed

	@@ -8,7 +8,7 @@
8	<a href="%%SUCURI.ResetPlugin.Repository%%" target="_blank" rel="noopener">%%SUCURI.ResetPlugin.Plugin%%</a>
9	</td>
10
11	- <td class="sucuriscan-reset-plugin-response">
12	<span class="sucuriscan-monospace">%%SUCURI.ResetPlugin.Version%%</span>
13	</td>
14


8	<a href="%%SUCURI.ResetPlugin.Repository%%" target="_blank" rel="noopener">%%SUCURI.ResetPlugin.Plugin%%</a>
9	</td>
10
11	+ <td class="sucuriscan-reset-plugin-response" data-cy="sucuriscan_reset_plugin_response">
12	<span class="sucuriscan-monospace">%%SUCURI.ResetPlugin.Version%%</span>
13	</td>
14

inc/tpl/settings-posthack-security-keys.html.tpl CHANGED Viewed

	@@ -34,15 +34,15 @@
34	<p>
35	<label>
36	<input type="hidden" name="sucuriscan_process_form" value="0" />
37	- <input type="checkbox" name="sucuriscan_process_form" value="1" />
38	<span>{{I understand that this operation cannot be reverted.}}</span>
39	</label>
40	</p>
41
42	- <input type="submit" value="{{Generate New Security Keys}}" class="button button-primary" />
43	</form>
44
45	- <div class="sucuriscan-double-box sucuriscan-hstatus sucuriscan-hstatus-%%SUCURI.SecurityKeys.AutoStatusNum%%">
46	<p>
47	<strong>{{Automatic Secret Keys Updater}}</strong> — %%SUCURI.SecurityKeys.AutoStatus%%<br />
48	{{Changing the Secret Keys frequently will decrease the chances of misuse of sessions left open on unprotected devices.}}
	@@ -52,10 +52,10 @@
52	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
53	<input type="hidden" name="sucuriscan_autoseckeyupdater" value="1" />
54	<label><strong>{{Frequency:}}</strong></label>
55	- <select name="sucuriscan_autoseckeyupdater_frequency">
56	%%%SUCURI.SecurityKeys.Schedules%%%
57	</select>
58	- <input type="submit" value="{{Submit}}" class="button button-primary" />
59	</form>
60	</div>
61	</div>


34	<p>
35	<label>
36	<input type="hidden" name="sucuriscan_process_form" value="0" />
37	+ <input type="checkbox" name="sucuriscan_process_form" value="1" data-cy="sucuriscan_security_keys_checkbox" />
38	<span>{{I understand that this operation cannot be reverted.}}</span>
39	</label>
40	</p>
41
42	+ <input type="submit" value="{{Generate New Security Keys}}" class="button button-primary" data-cy="sucuriscan_security_keys_submit" />
43	</form>
44
45	+ <div class="sucuriscan-double-box sucuriscan-hstatus sucuriscan-hstatus-%%SUCURI.SecurityKeys.AutoStatusNum%%" data-cy="sucuriscan_security_keys_autoupdater">
46	<p>
47	<strong>{{Automatic Secret Keys Updater}}</strong> — %%SUCURI.SecurityKeys.AutoStatus%%<br />
48	{{Changing the Secret Keys frequently will decrease the chances of misuse of sessions left open on unprotected devices.}}

52	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
53	<input type="hidden" name="sucuriscan_autoseckeyupdater" value="1" />
54	<label><strong>{{Frequency:}}</strong></label>
55	+ <select name="sucuriscan_autoseckeyupdater_frequency" data-cy="sucuriscan_security_keys_autoupdater_select">
56	%%%SUCURI.SecurityKeys.Schedules%%%
57	</select>
58	+ <input type="submit" value="{{Submit}}" class="button button-primary" data-cy="sucuriscan_security_keys_autoupdater_submit" />
59	</form>
60	</div>
61	</div>

inc/tpl/settings-scanner-cronjobs.html.tpl CHANGED Viewed

	@@ -28,7 +28,7 @@
28	<form action="%%SUCURI.URL.Settings%%#scanner" method="post">
29	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
30
31	- <table class="wp-list-table widefat sucuriscan-table sucuriscan-wpcron-list">
32	<thead>
33	<tr>
34	<td id="cb" class="manage-column column-cb check-column">
	@@ -53,10 +53,10 @@
53
54	<fieldset class="sucuriscan-clearfix">
55	<label>{{Action:}}</label>
56	- <select name="sucuriscan_cronjob_action">
57	%%%SUCURI.Cronjob.Schedules%%%
58	</select>
59	- <button type="submit" class="button button-primary">{{Submit}}</button>
60	</fieldset>
61	</form>
62	</div>


28	<form action="%%SUCURI.URL.Settings%%#scanner" method="post">
29	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
30
31	+ <table class="wp-list-table widefat sucuriscan-table sucuriscan-wpcron-list" data-cy="sucuriscan_cronjobs_table">
32	<thead>
33	<tr>
34	<td id="cb" class="manage-column column-cb check-column">

53
54	<fieldset class="sucuriscan-clearfix">
55	<label>{{Action:}}</label>
56	+ <select name="sucuriscan_cronjob_action" data-cy="sucuriscan_cronjobs_select">
57	%%%SUCURI.Cronjob.Schedules%%%
58	</select>
59	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_cronjobs_submit">{{Submit}}</button>
60	</fieldset>
61	</form>
62	</div>

inc/tpl/settings-scanner-cronjobs.snippet.tpl CHANGED Viewed

	@@ -1,5 +1,5 @@
1
2	- <tr>
3	<th class="check-column">
4	<input type="checkbox" name="sucuriscan_cronjobs[]" value="%%SUCURI.Cronjob.Hook%%" />
5	</th>


1
2	+ <tr data-cy="sucuriscan_row_%%SUCURI.Cronjob.Hook%%">
3	<th class="check-column">
4	<input type="checkbox" name="sucuriscan_cronjobs[]" value="%%SUCURI.Cronjob.Hook%%" />
5	</th>

inc/tpl/settings-scanner-ignore-folders.html.tpl CHANGED Viewed

	@@ -10,8 +10,8 @@
10
11	<fieldset class="sucuriscan-clearfix">
12	<label>{{Ignore a file or directory:}}</label>
13	- <input type="text" name="sucuriscan_ignorefolder" placeholder="{{e.g. /private/directory/}}" />
14	- <button type="submit" class="button button-primary">{{Submit}}</button>
15	</fieldset>
16	</form>
17
	@@ -20,7 +20,7 @@
20	<form action="%%SUCURI.URL.Settings%%#scanner" method="post">
21	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
22
23	- <table class="wp-list-table widefat sucuriscan-table sucuriscan-ignorescanning">
24	<thead>
25	<td id="cb" class="manage-column column-cb check-column">
26	<label class="screen-reader-text" for="cb-select-all-1">{{Select All}}</label>
	@@ -35,7 +35,7 @@
35	</tbody>
36	</table>
37
38	- <button type="submit" class="button button-primary">{{Unignore Selected Directories}}</button>
39	</form>
40	</div>
41	</div>


10
11	<fieldset class="sucuriscan-clearfix">
12	<label>{{Ignore a file or directory:}}</label>
13	+ <input type="text" name="sucuriscan_ignorefolder" placeholder="{{e.g. /private/directory/}}" data-cy="sucuriscan_ignore_files_folders_input" />
14	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_ignore_files_folders_ignore_submit">{{Submit}}</button>
15	</fieldset>
16	</form>
17

20	<form action="%%SUCURI.URL.Settings%%#scanner" method="post">
21	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
22
23	+ <table class="wp-list-table widefat sucuriscan-table sucuriscan-ignorescanning" data-cy="sucuriscan_ignore_files_folders_table">
24	<thead>
25	<td id="cb" class="manage-column column-cb check-column">
26	<label class="screen-reader-text" for="cb-select-all-1">{{Select All}}</label>

35	</tbody>
36	</table>
37
38	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_ignore_files_folders_unignore_submit">{{Unignore Selected Directories}}</button>
39	</form>
40	</div>
41	</div>

inc/tpl/settings-scanner-integrity-cache.html.tpl CHANGED Viewed

	@@ -9,7 +9,7 @@
9	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10	<input type="hidden" name="sucuriscan_reset_integrity_cache" value="1" />
11
12	- <table class="wp-list-table widefat sucuriscan-table">
13	<thead>
14	<tr>
15	<td id="cb" class="manage-column column-cb check-column">
	@@ -34,7 +34,7 @@
34	</table>
35
36	<p>
37	- <button type="submit" class="button button-primary">{{Stop Ignoring the Selected Files}}</button>
38	</p>
39	</form>
40	</div>


9	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10	<input type="hidden" name="sucuriscan_reset_integrity_cache" value="1" />
11
12	+ <table class="wp-list-table widefat sucuriscan-table" data-cy="sucuriscan_integrity_diff_false_positive_table">
13	<thead>
14	<tr>
15	<td id="cb" class="manage-column column-cb check-column">

34	</table>
35
36	<p>
37	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_integrity_diff_false_positive_submit">{{Stop Ignoring the Selected Files}}</button>
38	</p>
39	</form>
40	</div>

inc/tpl/settings-scanner-integrity-diff-utility.html.tpl CHANGED Viewed

	@@ -11,7 +11,7 @@
11	<form action="%%SUCURI.URL.Settings%%#scanner" method="post">
12	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
13	<input type="hidden" name="sucuriscan_diff_utility" value="%%SUCURI.DiffUtility.SwitchValue%%" />
14	- <button type="submit" class="button button-primary">%%SUCURI.DiffUtility.SwitchText%%</button>
15	</form>
16	</div>
17	</div>


11	<form action="%%SUCURI.URL.Settings%%#scanner" method="post">
12	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
13	<input type="hidden" name="sucuriscan_diff_utility" value="%%SUCURI.DiffUtility.SwitchValue%%" />
14	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_scanner_integrity_diff_utility_toggle">%%SUCURI.DiffUtility.SwitchText%%</button>
15	</form>
16	</div>
17	</div>

inc/tpl/settings-webinfo-details.snippet.tpl CHANGED Viewed

	@@ -1,5 +1,5 @@
1
2	- <tr>
3	<td>%%SUCURI.ServerInfo.Title%%</td>
4
5	<td><span class="sucuriscan-monospace">%%SUCURI.ServerInfo.Value%%</span></td>


1
2	+ <tr data-cy="%%SUCURI.ServerInfo.Title%%">
3	<td>%%SUCURI.ServerInfo.Title%%</td>
4
5	<td><span class="sucuriscan-monospace">%%SUCURI.ServerInfo.Value%%</span></td>

inc/tpl/settings-webinfo-htaccess.html.tpl CHANGED Viewed

	@@ -1,5 +1,5 @@
1
2	- <div class="sucuriscan-panel">
3	<h3 class="sucuriscan-title">{{Access File Integrity}}</h3>
4
5	<div class="inside">


1
2	+ <div class="sucuriscan-panel" data-cy="sucuriscan_access_file_integrity">
3	<h3 class="sucuriscan-title">{{Access File Integrity}}</h3>
4
5	<div class="inside">

inc/tpl/sitecheck-target.html.tpl CHANGED Viewed

	@@ -6,15 +6,15 @@
6	<p>{{The remote malware scanner provided by the plugin is powered by <a href="https://sitecheck.sucuri.net/" target="_blank" rel="noopener">Sucuri SiteCheck</a>, a service that takes a publicly accessible URL and scans it for malicious code. If your website is not visible to the Internet, for example, if it is hosted in a local development environment or a restricted network, the scanner will not be able to work on it. Additionally, if the website was installed in a non-standard directory the scanner will report a "404 Not Found" error. You can use this option to change the URL that will be scanned.}}</p>
7
8	<div class="sucuriscan-hstatus sucuriscan-hstatus-2">
9	- <span>{{Malware Scan Target}} — <a href="https://sitecheck.sucuri.net/results/%%SUCURI.SiteCheck.Target%%" target="_blank" rel="noopener">https://sitecheck.sucuri.net/results/%%SUCURI.SiteCheck.Target%%</a></span>
10	</div>
11
12	<form action="%%SUCURI.URL.Settings%%#apiservice" method="post">
13	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
14	<fieldset class="sucuriscan-clearfix">
15	<label>{{Malware Scan Target:}}</label>
16	- <input type="text" name="sucuriscan_sitecheck_target" />
17	- <button type="submit" class="button button-primary">{{Submit}}</button>
18	</fieldset>
19	</form>
20	</div>


6	<p>{{The remote malware scanner provided by the plugin is powered by <a href="https://sitecheck.sucuri.net/" target="_blank" rel="noopener">Sucuri SiteCheck</a>, a service that takes a publicly accessible URL and scans it for malicious code. If your website is not visible to the Internet, for example, if it is hosted in a local development environment or a restricted network, the scanner will not be able to work on it. Additionally, if the website was installed in a non-standard directory the scanner will report a "404 Not Found" error. You can use this option to change the URL that will be scanned.}}</p>
7
8	<div class="sucuriscan-hstatus sucuriscan-hstatus-2">
9	+ <span>{{Malware Scan Target}} — <a href="https://sitecheck.sucuri.net/results/%%SUCURI.SiteCheck.Target%%" target="_blank" rel="noopener" data-cy="sucuriscan_sitecheck_target">https://sitecheck.sucuri.net/results/%%SUCURI.SiteCheck.Target%%</a></span>
10	</div>
11
12	<form action="%%SUCURI.URL.Settings%%#apiservice" method="post">
13	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
14	<fieldset class="sucuriscan-clearfix">
15	<label>{{Malware Scan Target:}}</label>
16	+ <input type="text" name="sucuriscan_sitecheck_target" data-cy="sucuriscan_sitecheck_target_input" />
17	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_sitecheck_target_submit">{{Submit}}</button>
18	</fieldset>
19	</form>
20	</div>

readme.txt CHANGED Viewed

	@@ -3,8 +3,8 @@ Contributors: dd@sucuri.net
3	Donate Link: https://sucuri.net/
4	Tags: malware, security, firewall, scan, spam, virus, sucuri, protection, blacklist, detection, hardening, file integrity
5	Requires at least: 3.6
6	- Tested up to: 5.~~3.2~~
7	- Stable tag: 1.8.24
8
9	The Sucuri WordPress Security plugin is a security toolset for security integrity monitoring, malware detection and security hardening.
10
	@@ -189,6 +189,9 @@ We take your privacy seriously. For free plugin users without an API key, no inf
189	This version adds an option to refresh the malware scan results on demand, as well as several small bug fixes and improvements.
190
191	== Changelog ==



192
193	= 1.8.24 =
194	* Fix warning caused by humanTime function


3	Donate Link: https://sucuri.net/
4	Tags: malware, security, firewall, scan, spam, virus, sucuri, protection, blacklist, detection, hardening, file integrity
5	Requires at least: 3.6
6	+ Tested up to: 5.6
7	+ Stable tag: 1.8.25
8
9	The Sucuri WordPress Security plugin is a security toolset for security integrity monitoring, malware detection and security hardening.
10

189	This version adds an option to refresh the malware scan results on demand, as well as several small bug fixes and improvements.
190
191	== Changelog ==
192	+ = 1.8.25 =
193	+ * Fix notice about MONTH_IN_SECONDS in WP < 4.4
194	+ * Update reset password workflow
195
196	= 1.8.24 =
197	* Fix warning caused by humanTime function

src/event.lib.php CHANGED Viewed

@@ -139,6 +139,9 @@ class SucuriScanEvent extends SucuriScan
                  */
                 public static function additionalSchedulesFrequencies($schedules)
+                {
                     if (!isset($schedules['weekly'])) {
                         $schedules['weekly'] = array(
                             'display' => __('Weekly', 'sucuriscan'),
@@ -724,17 +727,27 @@ class SucuriScanEvent extends SucuriScan
                         return false;
+                    }
                     $website = SucuriScan::getDomain();
                     $user_login = $user->user_login;
                     $display_name = $user->display_name;
-            -
                    $new_password = wp_generate_password(15, true, false);
                     $message = SucuriScanTemplate::getSection(
                         'settings-posthack-reset-password-alert',
                         array(
                             'ResetPassword.UserName' => $user_login,
                             'ResetPassword.DisplayName' => $display_name,
-            -
                            'ResetPassword.Password' => $new_password,
                             'ResetPassword.Website' => $website,
+                        )
                     );
@@ -749,12 +762,72 @@ class SucuriScanEvent extends SucuriScan
                         $data_set
                     );
-            -
                    /* send email before changing the password */
-            -
                    wp_set_password($new_password, $user_id);
-            -
                     return true;
+                }
                 /**
                  * Changes the WordPress secret keys.
+                 *


139	*/
140	public static function additionalSchedulesFrequencies($schedules)
141	{
142	+ if (!defined('MONTH_IN_SECONDS')) {
143	+ define('MONTH_IN_SECONDS', 30 * DAY_IN_SECONDS);
144	+ }
145	if (!isset($schedules['weekly'])) {
146	$schedules['weekly'] = array(
147	'display' => __('Weekly', 'sucuriscan'),

727	return false;
728	}
729
730	+ /* invalidates the password for the given user */
731	+ $new_password = wp_generate_password(15, true, false);
732	+ wp_set_password($new_password, $user_id);
733	+
734	$website = SucuriScan::getDomain();
735	$user_login = $user->user_login;
736	$display_name = $user->display_name;
737	+ $key = self::GetPasswordResetKey($user);
738	+
739	+ if (is_wp_error($key)) {
740	+ return false;
741	+ }
742	+
743	+ $reset_password_url = network_site_url("wp-login.php?action=rp&key=$key&login=" . rawurlencode($user_login), 'login' );
744
745	$message = SucuriScanTemplate::getSection(
746	'settings-posthack-reset-password-alert',
747	array(
748	'ResetPassword.UserName' => $user_login,
749	'ResetPassword.DisplayName' => $display_name,
750	+ 'ResetPassword.ResetURL' => $reset_password_url,
751	'ResetPassword.Website' => $website,
752	)
753	);

762	$data_set
763	);
764



765	return true;
766	}
767
768	+ /**
769	+ * Gets a new password reset key.
770	+ *
771	+ * @since 1.8.25
772	+ *
773	+ * @param WP_User $user WP_User object.
774	+ * @return string\|WP_Error Returns a password reset key as a string, WP_Error otherwise.
775	+ */
776	+ private static function GetPasswordResetKey($user)
777	+ {
778	+ global $wp_hasher;
779	+
780	+ $key_error = new WP_Error('no_password_reset');
781	+
782	+ if (!($user instanceof WP_User)) {
783	+ return $key_error;
784	+ }
785	+
786	+ /**
787	+ * As of version 1.8.25 of this plugin, we still support WordPress version 3.6 and up
788	+ * and for that reason we can't take advantage of the native function get_password_reset_key
789	+ * (https://developer.wordpress.org/reference/functions/get_password_reset_key/), introduced in
790	+ * WordPress 4.4.
791	+ *
792	+ * When we drop support for versions prior to WordPress 4.4, we can use get_password_reset_key
793	+ * instead of this function.
794	+ */
795	+ if (version_compare(SucuriScan::siteVersion(), '4.4', '>=')
796	+ && function_exists('get_password_reset_key')
797	+ ) {
798	+ $key = get_password_reset_key($user);
799	+
800	+ return $key;
801	+ }
802	+
803	+ if (is_multisite() && is_user_spammy($user)) {
804	+ return $key_error;
805	+ }
806	+
807	+ // Generate something random for a password reset key.
808	+ $key = wp_generate_password(20, false);
809	+
810	+ if (empty($wp_hasher)) {
811	+ require_once ABSPATH . WPINC . '/class-phpass.php';
812	+ $wp_hasher = PasswordHash(8, true);
813	+ }
814	+
815	+ $hashed = time() . ':' . $wp_hasher->HashPassword($key);
816	+
817	+ $key_saved = wp_update_user(
818	+ array(
819	+ 'ID' => $user->ID,
820	+ 'user_activation_key' => $hashed,
821	+ )
822	+ );
823	+
824	+ if (is_wp_error($key_saved)) {
825	+ return $key_saved;
826	+ }
827	+
828	+ return $key;
829	+ }
830	+
831	/**
832	* Changes the WordPress secret keys.
833	*

src/strings.php CHANGED Viewed

	@@ -403,12 +403,12 @@ __('Loading...', 'sucuri-scanner');
403	__('Download', 'sucuri-scanner');
404
405	// settings-posthack-reset-password-alert.html.tpl
406	- __('WordPress has ~~generated~~ a ~~new (random)~~ password for your account <b>%%SUCURI.ResetPassword.UserName%%</b> at <a target="_blank" href="http://%%SUCURI.ResetPassword.Website%%" rel="noopener">%%SUCURI.ResetPassword.Website%%</a>. The change has been requested by one of the admins in this website for security reasons. ~~Your~~ new password is — <span style="font-family:Menlo, Monaco, monospace, serif;font-weight:700">%%%SUCURI.ResetPassword.~~Password~~%%%</span> &mdash~~; please change it as soon as possible.~~', 'sucuri-scanner');
407
408	// settings-posthack-reset-password.html.tpl
409	__('Reset User Password', 'sucuri-scanner');
410	__('Loading...', 'sucuri-scanner');
411	- __('~~You~~ ~~can~~ ~~generate~~ a ~~new~~ ~~random~~ ~~password~~ ~~for~~ ~~the~~ ~~user~~ ~~accounts~~ ~~that~~ ~~you~~ ~~select~~ ~~from~~ ~~the~~ ~~list.~~ An ~~email~~ ~~with~~ ~~the~~ ~~new~~ ~~password will~~ be ~~sent~~ to the ~~email~~ ~~address~~ ~~of each chosen user. If you choose to~~ change the ~~password~~ of ~~your~~ ~~own~~ ~~user~~, ~~then~~ ~~your~~ ~~current~~ ~~session~~ ~~will~~ ~~expire~~ ~~immediately.~~ ~~You~~ ~~will need~~ to ~~log~~ ~~back~~ ~~into~~ ~~the~~ ~~admin panel with the new password that~~ will be ~~sent~~ to ~~your~~ ~~email~~.', 'sucuri-scanner');
412	__('Select All', 'sucuri-scanner');
413	__('Username', 'sucuri-scanner');
414	__('E-mail', 'sucuri-scanner');


403	__('Download', 'sucuri-scanner');
404
405	// settings-posthack-reset-password-alert.html.tpl
406	+ __('WordPress has invalidated the password for your account <b>%%SUCURI.ResetPassword.UserName%%</b> at <a target="_blank" href="http://%%SUCURI.ResetPassword.Website%%" rel="noopener">%%SUCURI.ResetPassword.Website%%</a>. The change has been requested by one of the admins in this website for security reasons. You can set a new password at — <span style="font-family:Menlo, Monaco, monospace, serif;font-weight:700"><a target="_blank" href="%%%SUCURI.ResetPassword.ResetURL%%%" rel="noopener">%%%SUCURI.ResetPassword.ResetURL%%%</a></span> —.', 'sucuri-scanner');
407
408	// settings-posthack-reset-password.html.tpl
409	__('Reset User Password', 'sucuri-scanner');
410	__('Loading...', 'sucuri-scanner');
411	+ __('Select users from the list in order to change their passwords, terminate their sessions and email them a password reset link. Please be aware that the plugin will change the passwords before sending the emails, meaning that if your web server is unable to send emails, your users will be locked out of the site.', 'sucuri-scanner');
412	__('Select All', 'sucuri-scanner');
413	__('Username', 'sucuri-scanner');
414	__('E-mail', 'sucuri-scanner');

sucuri.php CHANGED Viewed

	@@ -8,7 +8,7 @@
8	* Author: Sucuri Inc.
9	* Text Domain: sucuri-scanner
10	* Domain Path: /lang
11	- * Version: 1.8.24
12	*
13	* PHP version 5
14	*
	@@ -85,7 +85,7 @@ define('SUCURISCAN', 'sucuriscan');
85	/**
86	* Current version of the plugin's code.
87	*/
88	- define('SUCURISCAN_VERSION', '1.8.24');
89
90	/**
91	* Defines the human readable name of the plugin.


8	* Author: Sucuri Inc.
9	* Text Domain: sucuri-scanner
10	* Domain Path: /lang
11	+ * Version: 1.8.25
12	*
13	* PHP version 5
14	*

85	/**
86	* Current version of the plugin's code.
87	*/
88	+ define('SUCURISCAN_VERSION', '1.8.25');
89
90	/**
91	* Defines the human readable name of the plugin.

Sucuri Security – Auditing, Malware Scanner and Security Hardening - Version 1.8.25

Version Description

Release Info

Code changes from version 1.8.24 to 1.8.25