Sucuri Security – Auditing, Malware Scanner and Security Hardening

Version Description

Replace the word "blacklist" with "blocklist" in the codebase
Replace the word "whitelist" with "allowlist" in the codebase

Release Info

Developer	imgersonr
Plugin	Sucuri Security – Auditing, Malware Scanner and Security Hardening
Version	1.8.26
Comparing to
See all releases

Code changes from version 1.8.25 to 1.8.26

Files changed (23) hide show

inc/tpl/base.html.tpl +1 -1
inc/tpl/dashboard.html.tpl +2 -2
inc/tpl/firewall-ipaccess.html.tpl +14 -13
inc/tpl/firewall-settings.html.tpl +2 -2
inc/tpl/{settings-hardening-whitelist-phpfiles.html.tpl → settings-hardening-allowlist-phpfiles.html.tpl} +8 -8
inc/tpl/settings-hardening-allowlist-phpfiles.snippet.tpl +12 -0
inc/tpl/settings-hardening-whitelist-phpfiles.snippet.tpl +0 -12
inc/tpl/settings.html.tpl +1 -1
inc/tpl/sitecheck-blacklist.html.tpl +0 -8
inc/tpl/sitecheck-blacklist.snippet.tpl +0 -4
inc/tpl/sitecheck-blocklist.html.tpl +8 -0
inc/tpl/sitecheck-blocklist.snippet.tpl +4 -0
lang/sucuri-scanner.pot +53 -53
readme.txt +15 -11
src/event.lib.php +3 -3
src/firewall.lib.php +11 -11
src/hardening.lib.php +18 -18
src/pagehandler.php +4 -4
src/request.lib.php +1 -1
src/settings-hardening.php +32 -32
src/sitecheck.lib.php +17 -17
src/strings.php +5 -5
sucuri.php +5 -5

inc/tpl/base.html.tpl CHANGED Viewed

	@@ -26,7 +26,7 @@
26
27	<li><a href="%%SUCURI.URL.Dashboard%%" class="button button-primary">{{Dashboard}}</a></li>
28
29	- <li><a href="%%SUCURI.URL.Firewall%%" class="button button-primary">{{Firewall (WAF)}}</a></li>
30
31	<li><a href="%%SUCURI.URL.Settings%%" class="button button-primary">{{Settings}}</a></li>
32	</ul>


26
27	<li><a href="%%SUCURI.URL.Dashboard%%" class="button button-primary">{{Dashboard}}</a></li>
28
29	+ <li><a href="%%SUCURI.URL.Firewall%%" class="button button-primary" data-cy="sucuriscan-main-nav-firewall">{{Firewall (WAF)}}</a></li>
30
31	<li><a href="%%SUCURI.URL.Settings%%" class="button button-primary">{{Settings}}</a></li>
32	</ul>

inc/tpl/dashboard.html.tpl CHANGED Viewed

	@@ -40,7 +40,7 @@ jQuery(document).ready(function ($) {
40	sucuriscanSiteCheckLinks('#sucuriscan-tabs-scripts', data.scripts.content);
41
42	$('#sucuriscan-malware').html(data.malware);
43	- $('#sucuriscan-~~blacklist~~').html(data.~~blacklist~~);
44	$('#sucuriscan-recommendations').html(data.recommendations);
45	});
46	});
	@@ -81,7 +81,7 @@ jQuery(document).ready(function ($) {
81	<div class="sucuriscan-pull-right sucuriscan-dashboard-right">
82	%%%SUCURI.SiteCheck.Malware%%%
83
84	- %%%SUCURI.SiteCheck.~~Blacklist~~%%%
85
86	%%%SUCURI.SiteCheck.Recommendations%%%
87


40	sucuriscanSiteCheckLinks('#sucuriscan-tabs-scripts', data.scripts.content);
41
42	$('#sucuriscan-malware').html(data.malware);
43	+ $('#sucuriscan-blocklist').html(data.blocklist);
44	$('#sucuriscan-recommendations').html(data.recommendations);
45	});
46	});

81	<div class="sucuriscan-pull-right sucuriscan-dashboard-right">
82	%%%SUCURI.SiteCheck.Malware%%%
83
84	+ %%%SUCURI.SiteCheck.Blocklist%%%
85
86	%%%SUCURI.SiteCheck.Recommendations%%%
87

inc/tpl/firewall-ipaccess.html.tpl CHANGED Viewed

	@@ -15,11 +15,12 @@ jQuery(document).ready(function ($) {
15	}, function (data) {
16	$('.sucuriscan-ipaccess-table tbody').html('');
17
18	- for (var i in data.~~blacklist~~) {
19	$('.sucuriscan-ipaccess-table tbody').append('<tr>' +
20	- '<td><span class="sucuriscan-monospace">' + data.~~blacklist~~[i] + '</span></td>' +
21	- '<td><button class="button button-primary sucuriscan-~~deblacklist~~" ' +
22	- 'ip="' + data.~~blacklist~~[i] + '"~~>{{Delete}}</button></td>~~' +

23	'</tr>');
24	}
25	});
	@@ -55,14 +56,14 @@ jQuery(document).ready(function ($) {
55	$.post('%%SUCURI.AjaxURL.Firewall%%', {
56	action: 'sucuriscan_ajax',
57	sucuriscan_page_nonce: '%%SUCURI.PageNonce%%',
58	- form_action: '~~firewall_blacklist~~',
59	ip: ip,
60	}, function (data) {
61	sucuriscanPrintStatus(button, data);
62	});
63	});
64
65	- $('.sucuriscan-container').on('click', '.sucuriscan-~~deblacklist~~', function (event) {
66	event.preventDefault();
67
68	var button = $(this);
	@@ -74,7 +75,7 @@ jQuery(document).ready(function ($) {
74	$.post('%%SUCURI.AjaxURL.Firewall%%', {
75	action: 'sucuriscan_ajax',
76	sucuriscan_page_nonce: '%%SUCURI.PageNonce%%',
77	- form_action: '~~firewall_deblacklist~~',
78	ip: button.attr('ip'),
79	}, function (data) {
80	sucuriscanPrintStatus(button, data);
	@@ -89,17 +90,17 @@ jQuery(document).ready(function ($) {
89	<h3 class="sucuriscan-title">{{IP Address Access}}</h3>
90
91	<div class="inside">
92	- <p>{{This tool allows you to ~~blacklist~~ one or more IP addresses from accessing your website.}}</p>
93	- <p>{{To delete an IP from the ~~blacklist~~ you can use the form below or you can log into the Firewall dashboard.}}</p>
94
95	<div id="sucuriscan-ipaccess-response"></div>
96
97	<form action="%%SUCURI.URL.Firewall%%#ipaccess" method="post" class="sucuriscan-ipaccess-form">
98	- <input type="hidden" name="~~sucuriscan_blacklist_ip~~" value="true" />
99	<fieldset class="sucuriscan-clearfix">
100	- <label>{{~~Blacklist~~ IP:}}</label>
101	- <input type="text" name="sucuriscan_ip" placeholder="{{e.g. 192.168.1.54}}" />
102	- <button class="button button-primary sucuriscan-ipaccess-button">{{Submit}}</button>
103	</fieldset>
104	</form>
105


15	}, function (data) {
16	$('.sucuriscan-ipaccess-table tbody').html('');
17
18	+ for (var i in data.blocklist) {
19	$('.sucuriscan-ipaccess-table tbody').append('<tr>' +
20	+ '<td><span class="sucuriscan-monospace">' + data.blocklist[i] + '</span></td>' +
21	+ '<td><button class="button button-primary sucuriscan-deblocklist" ' +
22	+ 'data-cy="' + data.blocklist[i] + '" ' +
23	+ 'ip="' + data.blocklist[i] + '">{{Delete}}</button></td>' +
24	'</tr>');
25	}
26	});

56	$.post('%%SUCURI.AjaxURL.Firewall%%', {
57	action: 'sucuriscan_ajax',
58	sucuriscan_page_nonce: '%%SUCURI.PageNonce%%',
59	+ form_action: 'firewall_blocklist',
60	ip: ip,
61	}, function (data) {
62	sucuriscanPrintStatus(button, data);
63	});
64	});
65
66	+ $('.sucuriscan-container').on('click', '.sucuriscan-deblocklist', function (event) {
67	event.preventDefault();
68
69	var button = $(this);

75	$.post('%%SUCURI.AjaxURL.Firewall%%', {
76	action: 'sucuriscan_ajax',
77	sucuriscan_page_nonce: '%%SUCURI.PageNonce%%',
78	+ form_action: 'firewall_deblocklist',
79	ip: button.attr('ip'),
80	}, function (data) {
81	sucuriscanPrintStatus(button, data);

90	<h3 class="sucuriscan-title">{{IP Address Access}}</h3>
91
92	<div class="inside">
93	+ <p>{{This tool allows you to add one or more IP addresses to the blocklist and stop them from accessing your website.}}</p>
94	+ <p>{{To delete an IP from the blocklist you can use the form below or you can log into the Firewall dashboard.}}</p>
95
96	<div id="sucuriscan-ipaccess-response"></div>
97
98	<form action="%%SUCURI.URL.Firewall%%#ipaccess" method="post" class="sucuriscan-ipaccess-form">
99	+ <input type="hidden" name="sucuriscan_blocklist_ip" value="true" />
100	<fieldset class="sucuriscan-clearfix">
101	+ <label>{{Add IP to the Blocklist:}}</label>
102	+ <input type="text" name="sucuriscan_ip" data-cy="sucuriscan_ip_access_input" placeholder="{{e.g. 192.168.1.54}}" />
103	+ <button class="button button-primary sucuriscan-ipaccess-button" data-cy="sucuriscan_ip_access_submit">{{Submit}}</button>
104	</fieldset>
105	</form>
106

inc/tpl/firewall-settings.html.tpl CHANGED Viewed

	@@ -45,7 +45,7 @@ jQuery(document).ready(function ($) {
45	<span class="sucuriscan-monospace">%%SUCURI.Firewall.APIKey%%</span>
46	<form action="%%SUCURI.URL.Firewall%%" method="post">
47	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
48	- <button type="submit" name="sucuriscan_delete_wafkey" class="button button-primary">{{Delete}}</button>
49	</form>
50	</div>
51
	@@ -54,7 +54,7 @@ jQuery(document).ready(function ($) {
54	<fieldset class="sucuriscan-clearfix">
55	<label>{{Firewall API Key:}}</label>
56	<input type="text" name="sucuriscan_cloudproxy_apikey" />
57	- <button type="submit" class="button button-primary">{{Save}}</button>
58	</fieldset>
59	<br>
60	</form>


45	<span class="sucuriscan-monospace">%%SUCURI.Firewall.APIKey%%</span>
46	<form action="%%SUCURI.URL.Firewall%%" method="post">
47	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
48	+ <button type="submit" name="sucuriscan_delete_wafkey" data-cy="sucuriscan-delete-wafkey" class="button button-primary">{{Delete}}</button>
49	</form>
50	</div>
51

54	<fieldset class="sucuriscan-clearfix">
55	<label>{{Firewall API Key:}}</label>
56	<input type="text" name="sucuriscan_cloudproxy_apikey" />
57	+ <button type="submit" class="button button-primary" data-cy="sucuriscan-save-wafkey">{{Save}}</button>
58	</fieldset>
59	<br>
60	</form>

inc/tpl/{settings-hardening-whitelist-phpfiles.html.tpl → settings-hardening-allowlist-phpfiles.html.tpl} RENAMED Viewed

	@@ -1,6 +1,6 @@
1
2	<div class="sucuriscan-panel">
3	- <h3 class="sucuriscan-title">{{~~Whitelist~~ Blocked PHP Files}}</h3>
4
5	<div class="inside">
6	<p>{{After you apply the hardening in either the includes, content, and/or uploads directories, the plugin will add a rule in the access control file to deny access to any PHP file located in these folders. This is a good precaution in case an attacker is able to upload a shell script. With a few exceptions the <em>"index.php"</em> file is the only one that should be publicly accessible, however many theme/plugin developers decide to use these folders to process some operations. In this case applying the hardening <strong>may break</strong> their functionality.}}</p>
	@@ -9,11 +9,11 @@
9	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10	<fieldset class="sucuriscan-clearfix">
11	<label>{{File Path:}}</label>
12	- <input type="text" name="~~sucuriscan_hardening_whitelist~~" placeholder="e.g. wp-tinymce.php" data-cy="~~sucuriscan_hardening_whitelist_input~~" />
13	- <select name="sucuriscan_hardening_folder" data-cy="~~sucuriscan_hardening_whitelist_select~~">
14	- %%%SUCURI.~~HardeningWhitelist~~.AllowedFolders%%%
15	</select>
16	- <button type="submit" class="button button-primary" data-cy="~~sucuriscan_hardening_whitelist_submit~~">{{Submit}}</button>
17	</fieldset>
18	</form>
19
	@@ -22,7 +22,7 @@
22	<form action="%%SUCURI.URL.Settings%%#hardening" method="post">
23	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
24
25	- <table class="wp-list-table widefat sucuriscan-table sucuriscan-hardening-~~whitelist~~-table">
26	<thead>
27	<td id="cb" class="manage-column column-cb check-column">
28	<label class="screen-reader-text" for="cb-select-all-1">{{Select All}}</label>
	@@ -34,9 +34,9 @@
34	</thead>
35
36	<tbody>
37	- %%%SUCURI.~~HardeningWhitelist~~.List%%%
38
39	- <tr class="sucuriscan-%%SUCURI.~~HardeningWhitelist~~.NoItemsVisibility%%">
40	<td colspan="4">
41	<em>{{no data available}}</em>
42	</td>


1
2	<div class="sucuriscan-panel">
3	+ <h3 class="sucuriscan-title">{{Allow Blocked PHP Files}}</h3>
4
5	<div class="inside">
6	<p>{{After you apply the hardening in either the includes, content, and/or uploads directories, the plugin will add a rule in the access control file to deny access to any PHP file located in these folders. This is a good precaution in case an attacker is able to upload a shell script. With a few exceptions the <em>"index.php"</em> file is the only one that should be publicly accessible, however many theme/plugin developers decide to use these folders to process some operations. In this case applying the hardening <strong>may break</strong> their functionality.}}</p>

9	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
10	<fieldset class="sucuriscan-clearfix">
11	<label>{{File Path:}}</label>
12	+ <input type="text" name="sucuriscan_hardening_allowlist" placeholder="e.g. wp-tinymce.php" data-cy="sucuriscan_hardening_allowlist_input" />
13	+ <select name="sucuriscan_hardening_folder" data-cy="sucuriscan_hardening_allowlist_select">
14	+ %%%SUCURI.HardeningAllowlist.AllowedFolders%%%
15	</select>
16	+ <button type="submit" class="button button-primary" data-cy="sucuriscan_hardening_allowlist_submit">{{Submit}}</button>
17	</fieldset>
18	</form>
19

22	<form action="%%SUCURI.URL.Settings%%#hardening" method="post">
23	<input type="hidden" name="sucuriscan_page_nonce" value="%%SUCURI.PageNonce%%" />
24
25	+ <table class="wp-list-table widefat sucuriscan-table sucuriscan-hardening-allowlist-table">
26	<thead>
27	<td id="cb" class="manage-column column-cb check-column">
28	<label class="screen-reader-text" for="cb-select-all-1">{{Select All}}</label>

34	</thead>
35
36	<tbody>
37	+ %%%SUCURI.HardeningAllowlist.List%%%
38
39	+ <tr class="sucuriscan-%%SUCURI.HardeningAllowlist.NoItemsVisibility%%">
40	<td colspan="4">
41	<em>{{no data available}}</em>
42	</td>

inc/tpl/settings-hardening-allowlist-phpfiles.snippet.tpl ADDED Viewed

	@@ -0,0 +1,12 @@


1	+
2	+ <tr>
3	+ <th class="check-column">
4	+ <input type="checkbox" name="sucuriscan_hardening_rmfwhite[]" value="%%SUCURI.HardeningAllowlist.Regexp%%" />
5	+ </th>
6	+
7	+ <td>%%SUCURI.HardeningAllowlist.File%%</td>
8	+
9	+ <td>%%SUCURI.HardeningAllowlist.Folder%%</td>
10	+
11	+ <td><span class="sucuriscan-monospace sucuriscan-wraptext">%%SUCURI.HardeningAllowlist.Regexp%%</span></td>
12	+ </tr>

inc/tpl/settings-hardening-whitelist-phpfiles.snippet.tpl DELETED Viewed

@@ -1,12 +0,0 @@
-            -
-            -
            <tr>
-            -
                <th class="check-column">
-            -
                    <input type="checkbox" name="sucuriscan_hardening_rmfwhite[]" value="%%SUCURI.HardeningWhitelist.Regexp%%" />
-            -
                </th>
-            -
-            -
                <td>%%SUCURI.HardeningWhitelist.File%%</td>
-            -
-            -
                <td>%%SUCURI.HardeningWhitelist.Folder%%</td>
-            -
-            -
                <td><span class="sucuriscan-monospace sucuriscan-wraptext">%%SUCURI.HardeningWhitelist.Regexp%%</span></td>
-            -
            </tr>

inc/tpl/settings.html.tpl CHANGED Viewed

	@@ -68,7 +68,7 @@
68	</div>
69	</div>
70
71	- %%%SUCURI.Settings.Hardening.~~WhitelistPHPFiles~~%%%
72	</div>
73
74	<div id="sucuriscan-tabs-posthack">


68	</div>
69	</div>
70
71	+ %%%SUCURI.Settings.Hardening.AllowlistPHPFiles%%%
72	</div>
73
74	<div id="sucuriscan-tabs-posthack">

inc/tpl/sitecheck-blacklist.html.tpl DELETED Viewed

@@ -1,8 +0,0 @@
-            -
-            -
            <div class="sucuriscan-panel sucuriscan-sitecheck-list sucuriscan-sitecheck-blacklist">
-            -
                <h3 class="sucuriscan-tag-title sucuriscan-tag-%%SUCURI.Blacklist.Color%%">%%SUCURI.Blacklist.Title%%</h3>
-            -
-            -
                <ul>
-            -
                    %%%SUCURI.Blacklist.Content%%%
-            -
                </ul>
-            -
            </div>

inc/tpl/sitecheck-blacklist.snippet.tpl DELETED Viewed

@@ -1,4 +0,0 @@
-            -
-            -
            <li class="sucuriscan-sitecheck-list-%%SUCURI.Blacklist.Status%%">
-            -
                <a href="%%SUCURI.Blacklist.URL%%" target="_blank" rel="noopener">%%SUCURI.Blacklist.Service%%</a>
-            -
            </li>

inc/tpl/sitecheck-blocklist.html.tpl ADDED Viewed

	@@ -0,0 +1,8 @@


1	+
2	+ <div class="sucuriscan-panel sucuriscan-sitecheck-list sucuriscan-sitecheck-blocklist">
3	+ <h3 class="sucuriscan-tag-title sucuriscan-tag-%%SUCURI.Blocklist.Color%%">%%SUCURI.Blocklist.Title%%</h3>
4	+
5	+ <ul>
6	+ %%%SUCURI.Blocklist.Content%%%
7	+ </ul>
8	+ </div>

inc/tpl/sitecheck-blocklist.snippet.tpl ADDED Viewed

	@@ -0,0 +1,4 @@


1	+
2	+ <li class="sucuriscan-sitecheck-list-%%SUCURI.Blocklist.Status%%">
3	+ <a href="%%SUCURI.Blocklist.URL%%" target="_blank" rel="noopener">%%SUCURI.Blocklist.Service%%</a>
4	+ </li>

lang/sucuri-scanner.pot CHANGED Viewed

	@@ -1,15 +1,15 @@
1	- # Copyright (C) ~~2020~~ Sucuri Inc.
2	# This file is distributed under the same license as the Sucuri Security - Auditing, Malware Scanner and Hardening plugin.
3	msgid ""
4	msgstr ""
5	- "Project-Id-Version: Sucuri Security - Auditing, Malware Scanner and Hardening 1.8.23\n"
6	"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/sucuri-scanner\n"
7	"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
8	"Language-Team: LANGUAGE <LL@li.org>\n"
9	"MIME-Version: 1.0\n"
10	"Content-Type: text/plain; charset=UTF-8\n"
11	"Content-Transfer-Encoding: 8bit\n"
12	- "POT-Creation-Date: ~~2020~~-01-~~22T17~~:55:39+00:00\n"
13	"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
14	"X-Generator: WP-CLI 2.4.0\n"
15	"X-Domain: sucuri-scanner\n"
	@@ -23,7 +23,7 @@ msgid "https://wordpress.sucuri.net/"
23	msgstr ""
24
25	#. Description of the plugin
26	- msgid "The <a href=\"https://sucuri.net/\" target=\"_blank\">Sucuri</a> plugin provides the website owner the best Activity Auditing, SiteCheck Remote Malware Scanning, Effective Security Hardening and Post-Hack features. SiteCheck will check for malware, spam, ~~blacklisting~~ and other security issues like .htaccess redirects, hidden eval code, etc. The best thing about it is it's completely free."
27	msgstr ""
28
29	#. Author of the plugin
	@@ -138,53 +138,53 @@ msgstr ""
138	msgid "Never (no execution)"
139	msgstr ""
140
141	- #: src/event.lib.php:~~211~~
142	- #: src/event.lib.php:~~261~~
143	msgid "API key is not available"
144	msgstr ""
145
146	- #: src/event.lib.php:~~219~~
147	msgid "WordPress version was already reported"
148	msgstr ""
149
150	- #: src/event.lib.php:~~222~~
151	msgid "WordPress version detected %s"
152	msgstr ""
153
154	- #: src/event.lib.php:~~265~~
155	msgid "Scanner ran a couple of minutes ago"
156	msgstr ""
157
158	- #: src/event.lib.php:~~297~~
159	msgid "Event identifier cannot be empty"
160	msgstr ""
161
162	- #: src/event.lib.php:~~478~~
163	- #: src/event.lib.php:~~482~~
164	msgid "Info"
165	msgstr ""
166
167	- #: src/event.lib.php:~~480~~
168	msgid "Debug"
169	msgstr ""
170
171	- #: src/event.lib.php:~~481~~
172	msgid "Notice"
173	msgstr ""
174
175	- #: src/event.lib.php:~~483~~
176	msgid "Warning"
177	msgstr ""
178
179	- #: src/event.lib.php:~~484~~
180	msgid "Error"
181	msgstr ""
182
183	- #: src/event.lib.php:~~485~~
184	msgid "Critical"
185	msgstr ""
186
187	- #: src/event.lib.php:~~615~~
188	msgid ""
189	"<br><br>\n"
190	"\n"
	@@ -196,16 +196,16 @@ msgid ""
196	""
197	msgstr ""
198
199	- #: src/event.lib.php:~~747~~
200	msgid "Password Change"
201	msgstr ""
202
203	- #: src/event.lib.php:~~852~~
204	msgid "%s cannot be deleted."
205	msgstr ""
206
207	- #: src/event.lib.php:~~864~~
208	- #: src/event.lib.php:~~870~~
209	msgid "%s was deleted."
210	msgstr ""
211
	@@ -319,37 +319,37 @@ msgid "Failure connecting to the API service; try again."
319	msgstr ""
320
321	#: src/firewall.lib.php:617
322	- msgid "IP has been ~~blacklisted~~: %s"
323	msgstr ""
324
325	#: src/firewall.lib.php:656
326	- msgid "IP has been ~~unblacklisted~~: %s"
327	msgstr ""
328
329	- #: src/globals.php:~~102~~
330	#: src/strings.php:39
331	#: src/strings.php:290
332	msgid "Dashboard"
333	msgstr ""
334
335	- #: src/globals.php:~~103~~
336	#: src/strings.php:40
337	msgid "Firewall (WAF)"
338	msgstr ""
339
340	- #: src/globals.php:~~104~~
341	msgid "Last Logins"
342	msgstr ""
343
344	- #: src/globals.php:~~105~~
345	#: src/strings.php:41
346	#: src/strings.php:96
347	#: src/strings.php:291
348	msgid "Settings"
349	msgstr ""
350
351	- #: src/globals.php:~~126~~
352	- #: src/globals.php:~~127~~
353	#: src/strings.php:35
354	msgid "Sucuri Security"
355	msgstr ""
	@@ -371,7 +371,7 @@ msgid "Access control file is not writable"
371	msgstr ""
372
373	#: src/hardening.lib.php:281
374	- msgid "Cannot remove file from ~~whitelist~~; no permissions."
375	msgstr ""
376
377	#: src/hook.lib.php:68
	@@ -1257,7 +1257,7 @@ msgid "%d out of %d files have been deleted."
1257	msgstr ""
1258
1259	#: src/settings-general.php:237
1260	- #: src/settings-posthack.php:~~363~~
1261	msgid "Not Writable"
1262	msgstr ""
1263
	@@ -1339,7 +1339,7 @@ msgid "Enable Website Firewall Protection"
1339	msgstr ""
1340
1341	#: src/settings-hardening.php:106
1342	- msgid "A WAF is a protection layer for your web site, blocking all sort of attacks (brute force attempts, DDoS, SQL injections, etc) and helping it remain malware and ~~blacklist~~ free. This test checks if your site is using Sucuri Firewall to protect your site."
1343	msgstr ""
1344
1345	#: src/settings-hardening.php:110
	@@ -1408,7 +1408,7 @@ msgstr ""
1408	#: src/settings-hardening.php:243
1409	#: src/settings-hardening.php:302
1410	#: src/settings-hardening.php:371
1411	- msgid "Block the execution of PHP files in sensitive directories. Be careful while applying this hardening option as there are many plugins and theme which rely on the ability to execute PHP files in the content directory to generate images or save temporary data. Use the \"~~Whitelist~~ PHP Files\" tool to add exceptions to individual files."
1412	msgstr ""
1413
1414	#: src/settings-hardening.php:224
	@@ -1557,7 +1557,7 @@ msgid "Changing the Secret Keys will invalidate all existing cookies, forcing al
1557	msgstr ""
1558
1559	#: src/settings-hardening.php:643
1560	- msgid "The file has been ~~whitelisted from the hardening~~"
1561	msgstr ""
1562
1563	#: src/settings-hardening.php:648
	@@ -1612,43 +1612,43 @@ msgstr ""
1612	msgid "No frequency selected for the automatic secret key updater."
1613	msgstr ""
1614
1615	- #: src/settings-posthack.php:~~258~~
1616	msgid "Password changed for user #%d"
1617	msgstr ""
1618
1619	- #: src/settings-posthack.php:~~353~~
1620	msgid "not installed"
1621	msgstr ""
1622
1623	- #: src/settings-posthack.php:~~360~~
1624	msgid "Plugin is Premium"
1625	msgstr ""
1626
1627	- #: src/settings-posthack.php:~~366~~
1628	msgid "Missing Library"
1629	msgstr ""
1630
1631	- #: src/settings-posthack.php:~~376~~
1632	msgid "Cannot Download"
1633	msgstr ""
1634
1635	- #: src/settings-posthack.php:~~379~~
1636	msgid "Cannot Backup"
1637	msgstr ""
1638
1639	- #: src/settings-posthack.php:~~392~~
1640	msgid "Cannot Install"
1641	msgstr ""
1642
1643	- #: src/settings-posthack.php:~~401~~
1644	msgid "Installed v%s"
1645	msgstr ""
1646
1647	- #: src/settings-posthack.php:~~475~~
1648	msgid "Newest WordPress"
1649	msgstr ""
1650
1651	- #: src/settings-posthack.php:~~513~~
1652	msgid "There are no updates available."
1653	msgstr ""
1654
	@@ -1730,11 +1730,11 @@ msgid "Site is not Clean"
1730	msgstr ""
1731
1732	#: src/sitecheck.lib.php:317
1733	- msgid "Not ~~Blacklisted~~"
1734	msgstr ""
1735
1736	#: src/sitecheck.lib.php:342
1737	- msgid "~~Blacklisted~~"
1738	msgstr ""
1739
1740	#: src/sitecheck.lib.php:393
	@@ -1903,15 +1903,15 @@ msgid "IP Address Access"
1903	msgstr ""
1904
1905	#: src/strings.php:78
1906	- msgid "This tool allows you to ~~blacklist~~ one or more IP addresses from accessing your website."
1907	msgstr ""
1908
1909	#: src/strings.php:79
1910	- msgid "To delete an IP from the ~~blacklist~~ you can use the form below or you can log into the Firewall dashboard."
1911	msgstr ""
1912
1913	#: src/strings.php:80
1914	- msgid "~~Blacklist~~ IP:"
1915	msgstr ""
1916
1917	#: src/strings.php:81
	@@ -2557,7 +2557,7 @@ msgid "Timezone:"
2557	msgstr ""
2558
2559	#: src/strings.php:375
2560	- msgid "~~Whitelist~~ Blocked PHP Files"
2561	msgstr ""
2562
2563	#: src/strings.php:376
	@@ -2602,7 +2602,7 @@ msgid "Download"
2602	msgstr ""
2603
2604	#: src/strings.php:406
2605	- msgid "WordPress has ~~generated~~ a ~~new (random)~~ password for your account <b>%%SUCURI.ResetPassword.UserName%%</b> at <a target=\"_blank\" href=\"http://%%SUCURI.ResetPassword.Website%%\" rel=\"noopener\">%%SUCURI.ResetPassword.Website%%</a>. The change has been requested by one of the admins in this website for security reasons. ~~Your~~ new password is — <span style=\"font-family:Menlo, Monaco, monospace, serif;font-weight:700\">%%%SUCURI.ResetPassword.~~Password~~%%%</span> &mdash~~; please change it as soon as possible.~~"
2606	msgstr ""
2607
2608	#: src/strings.php:409
	@@ -2610,7 +2610,7 @@ msgid "Reset User Password"
2610	msgstr ""
2611
2612	#: src/strings.php:411
2613	- msgid "~~You~~ ~~can~~ ~~generate~~ a ~~new~~ ~~random~~ ~~password~~ ~~for~~ ~~the~~ ~~user~~ ~~accounts~~ ~~that~~ ~~you~~ ~~select~~ ~~from~~ ~~the~~ ~~list.~~ An ~~email~~ ~~with~~ ~~the~~ ~~new~~ ~~password will~~ be ~~sent~~ to the ~~email~~ ~~address~~ ~~of each chosen user. If you choose to~~ change the ~~password~~ of ~~your~~ ~~own~~ ~~user~~, ~~then~~ ~~your~~ ~~current~~ ~~session~~ ~~will~~ ~~expire~~ ~~immediately.~~ ~~You~~ ~~will need~~ to ~~log~~ ~~back~~ ~~into~~ ~~the~~ ~~admin panel with the new password that~~ will be ~~sent~~ to ~~your~~ ~~email~~."
2614	msgstr ""
2615
2616	#: src/strings.php:416


1	+ # Copyright (C) 2021 Sucuri Inc.
2	# This file is distributed under the same license as the Sucuri Security - Auditing, Malware Scanner and Hardening plugin.
3	msgid ""
4	msgstr ""
5	+ "Project-Id-Version: Sucuri Security - Auditing, Malware Scanner and Hardening 1.8.26\n"
6	"Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/sucuri-scanner\n"
7	"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
8	"Language-Team: LANGUAGE <LL@li.org>\n"
9	"MIME-Version: 1.0\n"
10	"Content-Type: text/plain; charset=UTF-8\n"
11	"Content-Transfer-Encoding: 8bit\n"
12	+ "POT-Creation-Date: 2021-02-10T17:01:19+00:00\n"
13	"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
14	"X-Generator: WP-CLI 2.4.0\n"
15	"X-Domain: sucuri-scanner\n"

23	msgstr ""
24
25	#. Description of the plugin
26	+ msgid "The <a href=\"https://sucuri.net/\" target=\"_blank\">Sucuri</a> plugin provides the website owner the best Activity Auditing, SiteCheck Remote Malware Scanning, Effective Security Hardening and Post-Hack features. SiteCheck will check for malware, spam, blocklisting and other security issues like .htaccess redirects, hidden eval code, etc. The best thing about it is it's completely free."
27	msgstr ""
28
29	#. Author of the plugin

138	msgid "Never (no execution)"
139	msgstr ""
140
141	+ #: src/event.lib.php:214
142	+ #: src/event.lib.php:264
143	msgid "API key is not available"
144	msgstr ""
145
146	+ #: src/event.lib.php:222
147	msgid "WordPress version was already reported"
148	msgstr ""
149
150	+ #: src/event.lib.php:225
151	msgid "WordPress version detected %s"
152	msgstr ""
153
154	+ #: src/event.lib.php:268
155	msgid "Scanner ran a couple of minutes ago"
156	msgstr ""
157
158	+ #: src/event.lib.php:300
159	msgid "Event identifier cannot be empty"
160	msgstr ""
161
162	+ #: src/event.lib.php:481
163	+ #: src/event.lib.php:485
164	msgid "Info"
165	msgstr ""
166
167	+ #: src/event.lib.php:483
168	msgid "Debug"
169	msgstr ""
170
171	+ #: src/event.lib.php:484
172	msgid "Notice"
173	msgstr ""
174
175	+ #: src/event.lib.php:486
176	msgid "Warning"
177	msgstr ""
178
179	+ #: src/event.lib.php:487
180	msgid "Error"
181	msgstr ""
182
183	+ #: src/event.lib.php:488
184	msgid "Critical"
185	msgstr ""
186
187	+ #: src/event.lib.php:618
188	msgid ""
189	"<br><br>\n"
190	"\n"

196	""
197	msgstr ""
198
199	+ #: src/event.lib.php:760
200	msgid "Password Change"
201	msgstr ""
202
203	+ #: src/event.lib.php:925
204	msgid "%s cannot be deleted."
205	msgstr ""
206
207	+ #: src/event.lib.php:937
208	+ #: src/event.lib.php:943
209	msgid "%s was deleted."
210	msgstr ""
211

319	msgstr ""
320
321	#: src/firewall.lib.php:617
322	+ msgid "IP has been added to the blocklist: %s"
323	msgstr ""
324
325	#: src/firewall.lib.php:656
326	+ msgid "IP has been removed from the blocklist: %s"
327	msgstr ""
328
329	+ #: src/globals.php:90
330	#: src/strings.php:39
331	#: src/strings.php:290
332	msgid "Dashboard"
333	msgstr ""
334
335	+ #: src/globals.php:91
336	#: src/strings.php:40
337	msgid "Firewall (WAF)"
338	msgstr ""
339
340	+ #: src/globals.php:92
341	msgid "Last Logins"
342	msgstr ""
343
344	+ #: src/globals.php:93
345	#: src/strings.php:41
346	#: src/strings.php:96
347	#: src/strings.php:291
348	msgid "Settings"
349	msgstr ""
350
351	+ #: src/globals.php:114
352	+ #: src/globals.php:115
353	#: src/strings.php:35
354	msgid "Sucuri Security"
355	msgstr ""

371	msgstr ""
372
373	#: src/hardening.lib.php:281
374	+ msgid "Cannot remove file from the allowlist; no permissions."
375	msgstr ""
376
377	#: src/hook.lib.php:68

1257	msgstr ""
1258
1259	#: src/settings-general.php:237
1260	+ #: src/settings-posthack.php:368
1261	msgid "Not Writable"
1262	msgstr ""
1263

1339	msgstr ""
1340
1341	#: src/settings-hardening.php:106
1342	+ msgid "A WAF is a protection layer for your web site, blocking all sort of attacks (brute force attempts, DDoS, SQL injections, etc) and helping it remain malware and blocklist free. This test checks if your site is using Sucuri Firewall to protect your site."
1343	msgstr ""
1344
1345	#: src/settings-hardening.php:110

1408	#: src/settings-hardening.php:243
1409	#: src/settings-hardening.php:302
1410	#: src/settings-hardening.php:371
1411	+ msgid "Block the execution of PHP files in sensitive directories. Be careful while applying this hardening option as there are many plugins and theme which rely on the ability to execute PHP files in the content directory to generate images or save temporary data. Use the \"Add PHP Files to the Allowlist\" tool to add exceptions to individual files."
1412	msgstr ""
1413
1414	#: src/settings-hardening.php:224

1557	msgstr ""
1558
1559	#: src/settings-hardening.php:643
1560	+ msgid "The file has been allowed"
1561	msgstr ""
1562
1563	#: src/settings-hardening.php:648

1612	msgid "No frequency selected for the automatic secret key updater."
1613	msgstr ""
1614
1615	+ #: src/settings-posthack.php:263
1616	msgid "Password changed for user #%d"
1617	msgstr ""
1618
1619	+ #: src/settings-posthack.php:358
1620	msgid "not installed"
1621	msgstr ""
1622
1623	+ #: src/settings-posthack.php:365
1624	msgid "Plugin is Premium"
1625	msgstr ""
1626
1627	+ #: src/settings-posthack.php:371
1628	msgid "Missing Library"
1629	msgstr ""
1630
1631	+ #: src/settings-posthack.php:381
1632	msgid "Cannot Download"
1633	msgstr ""
1634
1635	+ #: src/settings-posthack.php:384
1636	msgid "Cannot Backup"
1637	msgstr ""
1638
1639	+ #: src/settings-posthack.php:397
1640	msgid "Cannot Install"
1641	msgstr ""
1642
1643	+ #: src/settings-posthack.php:406
1644	msgid "Installed v%s"
1645	msgstr ""
1646
1647	+ #: src/settings-posthack.php:480
1648	msgid "Newest WordPress"
1649	msgstr ""
1650
1651	+ #: src/settings-posthack.php:518
1652	msgid "There are no updates available."
1653	msgstr ""
1654

1730	msgstr ""
1731
1732	#: src/sitecheck.lib.php:317
1733	+ msgid "Not in the blocklist"
1734	msgstr ""
1735
1736	#: src/sitecheck.lib.php:342
1737	+ msgid "In the blocklist"
1738	msgstr ""
1739
1740	#: src/sitecheck.lib.php:393

1903	msgstr ""
1904
1905	#: src/strings.php:78
1906	+ msgid "This tool allows you to add one or more IP addresses to the blocklist and stop them from accessing your website."
1907	msgstr ""
1908
1909	#: src/strings.php:79
1910	+ msgid "To delete an IP from the blocklist you can use the form below or you can log into the Firewall dashboard."
1911	msgstr ""
1912
1913	#: src/strings.php:80
1914	+ msgid "Add IP to the Blocklist:"
1915	msgstr ""
1916
1917	#: src/strings.php:81

2557	msgstr ""
2558
2559	#: src/strings.php:375
2560	+ msgid "Allow Blocked PHP Files"
2561	msgstr ""
2562
2563	#: src/strings.php:376

2602	msgstr ""
2603
2604	#: src/strings.php:406
2605	+ msgid "WordPress has invalidated the password for your account <b>%%SUCURI.ResetPassword.UserName%%</b> at <a target=\"_blank\" href=\"http://%%SUCURI.ResetPassword.Website%%\" rel=\"noopener\">%%SUCURI.ResetPassword.Website%%</a>. The change has been requested by one of the admins in this website for security reasons. You can set a new password at — <span style=\"font-family:Menlo, Monaco, monospace, serif;font-weight:700\"><a target=\"_blank\" href=\"%%%SUCURI.ResetPassword.ResetURL%%%\" rel=\"noopener\">%%%SUCURI.ResetPassword.ResetURL%%%</a></span> —."
2606	msgstr ""
2607
2608	#: src/strings.php:409

2610	msgstr ""
2611
2612	#: src/strings.php:411
2613	+ msgid "Select users from the list in order to change their passwords, terminate their sessions and email them a password reset link. Please be aware that the plugin will change the passwords before sending the emails, meaning that if your web server is unable to send emails, your users will be locked out of the site."
2614	msgstr ""
2615
2616	#: src/strings.php:416

readme.txt CHANGED Viewed

	@@ -1,10 +1,10 @@
1	=== Sucuri Security - Auditing, Malware Scanner and Security Hardening ===
2	Contributors: dd@sucuri.net
3	Donate Link: https://sucuri.net/
4	- Tags: malware, security, firewall, scan, spam, virus, sucuri, protection, ~~blacklist~~, detection, hardening, file integrity
5	Requires at least: 3.6
6	- Tested up to: 5.6
7	- Stable tag: 1.8.25
8
9	The Sucuri WordPress Security plugin is a security toolset for security integrity monitoring, malware detection and security hardening.
10
	@@ -17,7 +17,7 @@ The Sucuri Security WordPress plugin is free to all WordPress users. It is a sec
17	* Security Activity Auditing
18	* File Integrity Monitoring
19	* Remote Malware Scanning
20	- * ~~Blacklist~~ Monitoring
21	* Effective Security Hardening
22	* Post-Hack Security Actions
23	* Security Notifications
	@@ -62,9 +62,9 @@ It will create a known good the minute the plugin is installed. This will be of
62
63	This feature is powered by our scanning engine, found on our free security scanner - [SiteCheck](https://sitecheck.sucuri.net/). It’s important to take some time to [understand how this scanner works](https://blog.sucuri.net/2012/10/ask-sucuri-how-does-sitecheck-work.html). There are limitations with the way this scanner works, you can find more information in the FAQ section.
64
65	- = What is the ~~blacklist~~ monitoring? =
66
67	- Another very interesting feature of the Security Malware Scanner is that it checks various ~~blacklist~~ engines, including the following:
68
69	* Sucuri Labs
70	* Google Safe Browsing
	@@ -77,7 +77,7 @@ Another very interesting feature of the Security Malware Scanner is that it chec
77	* SpamHaus
78	* Bitdefender
79
80	- These are some of the largest ~~blacklisting~~ entities, each having the ability to directly impact your brand's online reputation. By synchronizing with their environments we’re able to tell you, upon scan, whether any of them are negatively flagging your website with a security related issue. If they do, then via our website security product, we’re able to help you get off of the security ~~blacklist~~.
81
82	= What is effective security hardening =
83
	@@ -177,7 +177,7 @@ We take your privacy seriously. For free plugin users without an API key, no inf
177	1. WordPress Integrity Tool - Detects added, modified, and removed files.
178	2. Integrity Diff Utility - Shows differences in the core WordPress files.
179	3. Audit Logs and Malware Scanner - Reports suspicious events and malicious code.
180	- 4. Sucuri Firewall - Settings visibility, audit logs, IP ~~blacklisting~~, and cache.
181	5. Website Hardening - Offers multiple options to increase the security of the website.
182	6. Failed Logins - Shows failed login attempts, successful logins and online users.
183	7. Post Hack Tools - Offers multiple tools to react after the suspiciousness of a hack.
	@@ -189,6 +189,10 @@ We take your privacy seriously. For free plugin users without an API key, no inf
189	This version adds an option to refresh the malware scan results on demand, as well as several small bug fixes and improvements.
190
191	== Changelog ==




192	= 1.8.25 =
193	* Fix notice about MONTH_IN_SECONDS in WP < 4.4
194	* Update reset password workflow
	@@ -230,7 +234,7 @@ This version adds an option to refresh the malware scan results on demand, as we
230	* Remove block button from failed logins page
231
232	= 1.8.20 =
233	- * Add dynamic core directories in the hardening ~~whitelist~~ options
234	* Modify scheduled tasks panel to load the table via Ajax
235	* Allow hosting details display to be filterable
236	* Preparation for translations
	@@ -323,7 +327,7 @@ This version adds an option to refresh the malware scan results on demand, as we
323	* Modify timing for the dashboard alerts after an update
324	* Modify firewall clear cache button to execute via Ajax
325	* Modify firewall settings page to load data via Ajax
326	- * Add option to ~~blacklist~~ IP addresses with the Firewall API
327	* Fix order of the audit logs when the queue is merged
328	* Add more directories to ignore during the scans
329	* Add option to customize the URL for the malware scans
	@@ -455,7 +459,7 @@ This version adds an option to refresh the malware scan results on demand, as we
455	* Fixed core files marked as broken in a Windows server
456	* Fixed pagination links in last and failed logins page
457	* Fixed password with ampersands in email alert
458	- * Fixed ~~whitelist~~ hardening using the authz_core module
459	* Removed unnecessary emails to reduce spam
460	* Added constant to stop execution of admin init hooks
461	* Added explanation for invalid emails and no MX records


1	=== Sucuri Security - Auditing, Malware Scanner and Security Hardening ===
2	Contributors: dd@sucuri.net
3	Donate Link: https://sucuri.net/
4	+ Tags: malware, security, firewall, scan, spam, virus, sucuri, protection, blocklist, detection, hardening, file integrity
5	Requires at least: 3.6
6	+ Tested up to: 5.8
7	+ Stable tag: 1.8.26
8
9	The Sucuri WordPress Security plugin is a security toolset for security integrity monitoring, malware detection and security hardening.
10

17	* Security Activity Auditing
18	* File Integrity Monitoring
19	* Remote Malware Scanning
20	+ * Blocklist Monitoring
21	* Effective Security Hardening
22	* Post-Hack Security Actions
23	* Security Notifications

62
63	This feature is powered by our scanning engine, found on our free security scanner - [SiteCheck](https://sitecheck.sucuri.net/). It’s important to take some time to [understand how this scanner works](https://blog.sucuri.net/2012/10/ask-sucuri-how-does-sitecheck-work.html). There are limitations with the way this scanner works, you can find more information in the FAQ section.
64
65	+ = What is the blocklist monitoring? =
66
67	+ Another very interesting feature of the Security Malware Scanner is that it checks various blocklist engines, including the following:
68
69	* Sucuri Labs
70	* Google Safe Browsing

77	* SpamHaus
78	* Bitdefender
79
80	+ These are some of the largest blocklisting entities, each having the ability to directly impact your brand's online reputation. By synchronizing with their environments we’re able to tell you, upon scan, whether any of them are negatively flagging your website with a security related issue. If they do, then via our website security product, we’re able to help you get off of the security blocklist.
81
82	= What is effective security hardening =
83

177	1. WordPress Integrity Tool - Detects added, modified, and removed files.
178	2. Integrity Diff Utility - Shows differences in the core WordPress files.
179	3. Audit Logs and Malware Scanner - Reports suspicious events and malicious code.
180	+ 4. Sucuri Firewall - Settings visibility, audit logs, IP blocklisting, and cache.
181	5. Website Hardening - Offers multiple options to increase the security of the website.
182	6. Failed Logins - Shows failed login attempts, successful logins and online users.
183	7. Post Hack Tools - Offers multiple tools to react after the suspiciousness of a hack.

189	This version adds an option to refresh the malware scan results on demand, as well as several small bug fixes and improvements.
190
191	== Changelog ==
192	+ = 1.8.26 =
193	+ * Replace the word "blacklist" with "blocklist" in the codebase
194	+ * Replace the word "whitelist" with "allowlist" in the codebase
195	+
196	= 1.8.25 =
197	* Fix notice about MONTH_IN_SECONDS in WP < 4.4
198	* Update reset password workflow

234	* Remove block button from failed logins page
235
236	= 1.8.20 =
237	+ * Add dynamic core directories in the hardening allowlist options
238	* Modify scheduled tasks panel to load the table via Ajax
239	* Allow hosting details display to be filterable
240	* Preparation for translations

327	* Modify timing for the dashboard alerts after an update
328	* Modify firewall clear cache button to execute via Ajax
329	* Modify firewall settings page to load data via Ajax
330	+ * Add option to blocklist IP addresses with the Firewall API
331	* Fix order of the audit logs when the queue is merged
332	* Add more directories to ignore during the scans
333	* Add option to customize the URL for the malware scans

459	* Fixed core files marked as broken in a Windows server
460	* Fixed pagination links in last and failed logins page
461	* Fixed password with ampersands in email alert
462	+ * Fixed allowlist hardening using the authz_core module
463	* Removed unnecessary emails to reduce spam
464	* Added constant to stop execution of admin init hooks
465	* Added explanation for invalid emails and no MX records

src/event.lib.php CHANGED Viewed

	@@ -592,8 +592,8 @@ class SucuriScanEvent extends SucuriScan
592	/**
593	* Skip if the IP address is trusted.
594	*
595	- * Ignore event if the website owner has ~~whitelisted~~ the IP address of
596	- * ~~the~~ ~~current~~ ~~user~~ in ~~session~~. This is useful if the administrator is
597	* working in an office and they want to allow every person in the office
598	* (aka. the same LAN) to execute any task without triggering a security
599	* alert.
	@@ -665,7 +665,7 @@ class SucuriScanEvent extends SucuriScan
665	return false;
666	}
667
668	- /* check if exact IP address match is ~~whitelisted~~ */
669	if (array_key_exists(md5($addr), $trusted_ips)) {
670	return true;
671	}


592	/**
593	* Skip if the IP address is trusted.
594	*
595	+ * Ignore event if the website owner has the IP address of the current
596	+ * user in session in the allowlist. This is useful if the administrator is
597	* working in an office and they want to allow every person in the office
598	* (aka. the same LAN) to execute any task without triggering a security
599	* alert.

665	return false;
666	}
667
668	+ /* check if exact IP address match is in the allowlist */
669	if (array_key_exists(md5($addr), $trusted_ips)) {
670	return true;
671	}

src/firewall.lib.php CHANGED Viewed

	@@ -541,7 +541,7 @@ class SucuriScanFirewall extends SucuriScanAPI
541	}
542
543	/**
544	- * Returns the ~~whitelisted~~ ~~and~~ ~~blacklisted~~ IP ~~addresses~~.
545	*
546	* @codeCoverageIgnore
547	*
	@@ -574,22 +574,22 @@ class SucuriScanFirewall extends SucuriScanAPI
574	}
575
576	$response['ok'] = true;
577	- $response['~~whitelist~~'] = $settings['whitelist_list'];
578	- $response['~~blacklist~~'] = $settings['blacklist_list'];
579
580	wp_send_json($response, 200);
581	}
582
583	/**
584	- * ~~Blacklists~~ an IP address.
585	*
586	* @codeCoverageIgnore
587	*
588	* @return void
589	*/
590	- public static function ~~blacklistAjax~~()
591	{
592	- if (SucuriScanRequest::post('form_action') !== '~~firewall_blacklist~~') {
593	return;
594	}
595
	@@ -614,7 +614,7 @@ class SucuriScanFirewall extends SucuriScanAPI
614	$response['msg'] = implode(";\x20", $out['messages']);
615
616	if ($out['status'] == 1) {
617	- SucuriScanEvent::reportInfoEvent(sprintf(__('IP has been ~~blacklisted~~: %s', 'sucuri-scanner'), $params['ip']));
618	}
619	}
620
	@@ -622,15 +622,15 @@ class SucuriScanFirewall extends SucuriScanAPI
622	}
623
624	/**
625	- * Deletes an IP address from the ~~blacklist~~.
626	*
627	* @codeCoverageIgnore
628	*
629	* @return void
630	*/
631	- public static function ~~deblacklistAjax~~()
632	{
633	- if (SucuriScanRequest::post('form_action') !== '~~firewall_deblacklist~~') {
634	return;
635	}
636
	@@ -653,7 +653,7 @@ class SucuriScanFirewall extends SucuriScanAPI
653	$response['msg'] = implode(";\x20", $out['messages']);
654
655	if ($out['status'] == 1) {
656	- SucuriScanEvent::reportInfoEvent(sprintf(__('IP has been ~~unblacklisted~~: %s', 'sucuri-scanner'), $params['ip']));
657	}
658
659	wp_send_json($response, 200);


541	}
542
543	/**
544	+ * Returns the IP addresses in the blocklist and allowlist.
545	*
546	* @codeCoverageIgnore
547	*

574	}
575
576	$response['ok'] = true;
577	+ $response['allowlist'] = $settings['whitelist_list'];
578	+ $response['blocklist'] = $settings['blacklist_list'];
579
580	wp_send_json($response, 200);
581	}
582
583	/**
584	+ * Blocklists an IP address.
585	*
586	* @codeCoverageIgnore
587	*
588	* @return void
589	*/
590	+ public static function blocklistAjax()
591	{
592	+ if (SucuriScanRequest::post('form_action') !== 'firewall_blocklist') {
593	return;
594	}
595

614	$response['msg'] = implode(";\x20", $out['messages']);
615
616	if ($out['status'] == 1) {
617	+ SucuriScanEvent::reportInfoEvent(sprintf(__('IP has been added to the blocklist: %s', 'sucuri-scanner'), $params['ip']));
618	}
619	}
620

622	}
623
624	/**
625	+ * Deletes an IP address from the blocklist.
626	*
627	* @codeCoverageIgnore
628	*
629	* @return void
630	*/
631	+ public static function deblocklistAjax()
632	{
633	+ if (SucuriScanRequest::post('form_action') !== 'firewall_deblocklist') {
634	return;
635	}
636

653	$response['msg'] = implode(";\x20", $out['messages']);
654
655	if ($out['status'] == 1) {
656	+ SucuriScanEvent::reportInfoEvent(sprintf(__('IP has been removed from the blocklist: %s', 'sucuri-scanner'), $params['ip']));
657	}
658
659	wp_send_json($response, 200);

src/hardening.lib.php CHANGED Viewed

	@@ -200,14 +200,14 @@ class SucuriScanHardening extends SucuriScan
200	* Generates Apache access control rules for a file.
201	*
202	* Assumming that the directory hosting the specified file is hardened, this
203	- * method will generate the necessary rules to ~~whitelist~~ such file so anyone
204	* can send a direct request to it. The method will generate both the rules
205	* for Apache 2.4 and a compatibility conditional for older versions.
206	*
207	* @param string $file File to be ignored by the hardening.
208	- * @return string Access control rules to ~~whitelist~~ the file.
209	*/
210	- private static function ~~whitelistRule~~($file = '')
211	{
212	$file = str_replace('/', '', $file);
213	$file = str_replace('<', '', $file);
	@@ -227,7 +227,7 @@ class SucuriScanHardening extends SucuriScan
227	}
228
229	/**
230	- * ~~Whitelists~~ a file in the specified folder.
231	*
232	* If the website owner has applied the hardening to the folder where the
233	* specified file is located, all the requests sent directly to the file
	@@ -237,9 +237,9 @@ class SucuriScanHardening extends SucuriScan
237	*
238	* @param string $file File to be ignored by the hardening.
239	* @param string $folder Folder hosting the specified file.
240	- * @return bool True if the file has been ~~whitelisted~~, false otherwise.
241	*/
242	- public static function ~~whitelist~~($file = '', $folder = '')
243	{
244	$htaccess = self::htaccess($folder);
245
	@@ -253,35 +253,35 @@ class SucuriScanHardening extends SucuriScan
253
254	return (bool) @file_put_contents(
255	$htaccess,
256	- "\n" . self::~~whitelistRule~~($file),
257	FILE_APPEND
258	);
259	}
260
261	/**
262	- * ~~Dewhitelists~~ a file in the specified folder.
263	*
264	* If the website owner has applied the hardening to the folder where the
265	* specified file is located, all the requests sent directly to the file
266	* will be blocked by the web server using its access control module. If an
267	- * admin has ~~whitelisted~~ a file in this folder because a 3rd-party plugin or
268	- * theme required it, they can decide to ~~revert~~ the ~~whitelisting~~ using this
269	* method which is executed by one of the tools in the settings page.
270	*
271	* @param string $file File to stop ignoring from the hardening.
272	* @param string $folder Folder hosting the specified file.
273	- * @return bool True if the file has been ~~dewhitelisted~~, false otherwise.
274	*/
275	- public static function ~~dewhitelist~~($file = '', $folder = '')
276	{
277	$htaccess = self::htaccess($folder);
278	$content = SucuriScanFileInfo::fileContent($htaccess);
279
280	if (!$content \|\| !is_writable($htaccess)) {
281	- return self::throwException(__('Cannot remove file from ~~whitelist~~; no permissions.', 'sucuri-scanner'));
282	}
283
284	- $rules = self::~~whitelistRule~~($file);
285	$content = str_replace($rules, '', $content);
286	$content = rtrim($content) . "\n";
287
	@@ -289,12 +289,12 @@ class SucuriScanHardening extends SucuriScan
289	}
290
291	/**
292	- * Returns a list of ~~whitelisted~~ files in folder.
293	*
294	- * @param string $folder Directory to scan for ~~whitelisted~~ ~~files~~.
295	- * @return array List of ~~whitelisted~~ ~~files~~, false on failure.
296	*/
297	- public static function ~~getWhitelisted~~($folder = '')
298	{
299	$htaccess = self::htaccess($folder);
300	$content = SucuriScanFileInfo::fileContent($htaccess);


200	* Generates Apache access control rules for a file.
201	*
202	* Assumming that the directory hosting the specified file is hardened, this
203	+ * method will generate the necessary rules to allowlist such file so anyone
204	* can send a direct request to it. The method will generate both the rules
205	* for Apache 2.4 and a compatibility conditional for older versions.
206	*
207	* @param string $file File to be ignored by the hardening.
208	+ * @return string Access control rules to allowlist the file.
209	*/
210	+ private static function allowlistRule($file = '')
211	{
212	$file = str_replace('/', '', $file);
213	$file = str_replace('<', '', $file);

227	}
228
229	/**
230	+ * Adds file in the specified folder to the allowlist.
231	*
232	* If the website owner has applied the hardening to the folder where the
233	* specified file is located, all the requests sent directly to the file

237	*
238	* @param string $file File to be ignored by the hardening.
239	* @param string $folder Folder hosting the specified file.
240	+ * @return bool True if the file has been added to the allowlist, false otherwise.
241	*/
242	+ public static function allow($file = '', $folder = '')
243	{
244	$htaccess = self::htaccess($folder);
245

253
254	return (bool) @file_put_contents(
255	$htaccess,
256	+ "\n" . self::allowlistRule($file),
257	FILE_APPEND
258	);
259	}
260
261	/**
262	+ * Blocks a file in the specified folder.
263	*
264	* If the website owner has applied the hardening to the folder where the
265	* specified file is located, all the requests sent directly to the file
266	* will be blocked by the web server using its access control module. If an
267	+ * admin has added a file to the allowlist in this folder because a 3rd-party plugin or
268	+ * theme required it, they can decide to remove this file from the allowlist using this
269	* method which is executed by one of the tools in the settings page.
270	*
271	* @param string $file File to stop ignoring from the hardening.
272	* @param string $folder Folder hosting the specified file.
273	+ * @return bool True if the file has been removed from the allowlist, false otherwise.
274	*/
275	+ public static function removeFromAllowlist($file = '', $folder = '')
276	{
277	$htaccess = self::htaccess($folder);
278	$content = SucuriScanFileInfo::fileContent($htaccess);
279
280	if (!$content \|\| !is_writable($htaccess)) {
281	+ return self::throwException(__('Cannot remove file from the allowlist; no permissions.', 'sucuri-scanner'));
282	}
283
284	+ $rules = self::allowlistRule($file);
285	$content = str_replace($rules, '', $content);
286	$content = rtrim($content) . "\n";
287

289	}
290
291	/**
292	+ * Returns a list of files in the allowlist in folder.
293	*
294	+ * @param string $folder Directory to scan for files in the allowlist.
295	+ * @return array List of files in the allowlist, false on failure.
296	*/
297	+ public static function getAllowlist($folder = '')
298	{
299	$htaccess = self::htaccess($folder);
300	$content = SucuriScanFileInfo::fileContent($htaccess);

src/pagehandler.php CHANGED Viewed

	@@ -48,7 +48,7 @@ function sucuriscan_page()
48	$params['SiteCheck.LinksContent'] = __('Loading...', 'sucuri-scanner');
49	$params['SiteCheck.ScriptsContent'] = __('Loading...', 'sucuri-scanner');
50	$params['SiteCheck.Malware'] = '<div id="sucuriscan-malware"></div>';
51	- $params['SiteCheck.~~Blacklist~~'] = '<div id="sucuriscan-~~blacklist~~"></div>';
52	$params['SiteCheck.Recommendations'] = '<div id="sucuriscan-recommendations"></div>';
53
54	/* load data for the WordPress best practices section */
	@@ -156,7 +156,7 @@ function sucuriscan_settings_page()
156	$params['Settings.Hardening.AdminUser'] = SucuriScanHardeningPage::adminuser();
157	$params['Settings.Hardening.FileEditor'] = SucuriScanHardeningPage::fileeditor();
158	$params['Settings.Hardening.SecKeyUpdater'] = SucuriScanHardeningPage::autoSecretKeyUpdater();
159	- $params['Settings.Hardening.~~WhitelistPHPFiles~~'] = SucuriScanHardeningPage::~~whitelistPHPFiles~~();
160
161	/* settings - posthack */
162	$params['Settings.Posthack.SecurityKeys'] = SucuriScanSettingsPosthack::securityKeys();
	@@ -203,8 +203,8 @@ function sucuriscan_ajax()
203	SucuriScanIntegrity::ajaxIntegrityDiffUtility();
204	SucuriScanFirewall::auditlogsAjax();
205	SucuriScanFirewall::ipAccessAjax();
206	- SucuriScanFirewall::~~blacklistAjax~~();
207	- SucuriScanFirewall::~~deblacklistAjax~~();
208	SucuriScanFirewall::getSettingsAjax();
209	SucuriScanFirewall::clearCacheAjax();
210	SucuriScanFirewall::clearAutoCacheAjax();


48	$params['SiteCheck.LinksContent'] = __('Loading...', 'sucuri-scanner');
49	$params['SiteCheck.ScriptsContent'] = __('Loading...', 'sucuri-scanner');
50	$params['SiteCheck.Malware'] = '<div id="sucuriscan-malware"></div>';
51	+ $params['SiteCheck.Blocklist'] = '<div id="sucuriscan-blocklist"></div>';
52	$params['SiteCheck.Recommendations'] = '<div id="sucuriscan-recommendations"></div>';
53
54	/* load data for the WordPress best practices section */

156	$params['Settings.Hardening.AdminUser'] = SucuriScanHardeningPage::adminuser();
157	$params['Settings.Hardening.FileEditor'] = SucuriScanHardeningPage::fileeditor();
158	$params['Settings.Hardening.SecKeyUpdater'] = SucuriScanHardeningPage::autoSecretKeyUpdater();
159	+ $params['Settings.Hardening.AllowlistPHPFiles'] = SucuriScanHardeningPage::AllowPHPFiles();
160
161	/* settings - posthack */
162	$params['Settings.Posthack.SecurityKeys'] = SucuriScanSettingsPosthack::securityKeys();

203	SucuriScanIntegrity::ajaxIntegrityDiffUtility();
204	SucuriScanFirewall::auditlogsAjax();
205	SucuriScanFirewall::ipAccessAjax();
206	+ SucuriScanFirewall::blocklistAjax();
207	+ SucuriScanFirewall::deblocklistAjax();
208	SucuriScanFirewall::getSettingsAjax();
209	SucuriScanFirewall::clearCacheAjax();
210	SucuriScanFirewall::clearAutoCacheAjax();

src/request.lib.php CHANGED Viewed

	@@ -45,7 +45,7 @@ class SucuriScanRequest extends SucuriScan
45	*
46	* You can pass an additional parameter to execute a regular expression that
47	* will return False if the value doesn't matches what the RegExp defined.
48	- * Very useful to ~~whitelist~~ user input besides form validations.
49	*
50	* @param array $list The array where the specified key will be searched.
51	* @param string $key Name of the variable contained in _POST.


45	*
46	* You can pass an additional parameter to execute a regular expression that
47	* will return False if the value doesn't matches what the RegExp defined.
48	+ * Very useful to filter user input besides form validations.
49	*
50	* @param array $list The array where the specified key will be searched.
51	* @param string $key Name of the variable contained in _POST.

src/settings-hardening.php CHANGED Viewed

	@@ -86,7 +86,7 @@ class SucuriScanHardeningPage extends SucuriScan
86	*
87	* WAF is a protection layer for your web site, blocking all sort of attacks
88	* (brute force attempts, DDoS, SQL injections, etc) and helping it remain
89	- * malware and ~~blacklist~~ free. This test checks if your site is using Sucuri
90	* Firewall to protect your site.
91	*
92	* @return string HTML code with the replaced template variables.
	@@ -103,7 +103,7 @@ class SucuriScanHardeningPage extends SucuriScan
103
104	$params['Hardening.FieldName'] = __FUNCTION__;
105	$params['Hardening.Title'] = __('Enable Website Firewall Protection', 'sucuri-scanner');
106	- $params['Hardening.Description'] = __('A WAF is a protection layer for your web site, blocking all sort of attacks (brute force attempts, DDoS, SQL injections, etc) and helping it remain malware and ~~blacklist~~ free. This test checks if your site is using Sucuri Firewall to protect your site.', 'sucuri-scanner');
107
108	if (!SucuriScan::isBehindFirewall()) {
109	$params['Hardening.Status'] = 0;
	@@ -194,7 +194,7 @@ class SucuriScanHardeningPage extends SucuriScan
194	$params['Hardening.Status'] = 2;
195	$params['Hardening.FieldName'] = __FUNCTION__;
196	$params['Hardening.FieldText'] = __('Check Hardening', 'sucuri-scanner');
197	- $params['Hardening.Description'] = __('Block the execution of PHP files in sensitive directories. Be careful while applying this hardening option as there are many plugins and theme which rely on the ability to execute PHP files in the content directory to generate images or save temporary data. Use the "~~Whitelist~~ PHP Files" tool to add exceptions to individual files.', 'sucuri-scanner');
198
199	return self::drawSection($params);
200	}
	@@ -240,7 +240,7 @@ class SucuriScanHardeningPage extends SucuriScan
240	}
241
242	$params['Hardening.Title'] = __('Block PHP Files in Uploads Directory', 'sucuri-scanner');
243	- $params['Hardening.Description'] = __('Block the execution of PHP files in sensitive directories. Be careful while applying this hardening option as there are many plugins and theme which rely on the ability to execute PHP files in the content directory to generate images or save temporary data. Use the "~~Whitelist~~ PHP Files" tool to add exceptions to individual files.', 'sucuri-scanner');
244
245	if (SucuriScan::isBehindFirewall()) {
246	$params['Hardening.Status'] = 1;
	@@ -299,7 +299,7 @@ class SucuriScanHardeningPage extends SucuriScan
299	}
300
301	$params['Hardening.Title'] = __('Block PHP Files in WP-CONTENT Directory', 'sucuri-scanner');
302	- $params['Hardening.Description'] = __('Block the execution of PHP files in sensitive directories. Be careful while applying this hardening option as there are many plugins and theme which rely on the ability to execute PHP files in the content directory to generate images or save temporary data. Use the "~~Whitelist~~ PHP Files" tool to add exceptions to individual files.', 'sucuri-scanner');
303
304	if (SucuriScan::isBehindFirewall()) {
305	$params['Hardening.Status'] = 1;
	@@ -342,8 +342,8 @@ class SucuriScanHardeningPage extends SucuriScan
342
343	if ($result === true) {
344	try {
345	- SucuriScanHardening::~~whitelist~~('wp-tinymce.php', 'wp-includes');
346	- SucuriScanHardening::~~whitelist~~('ms-files.php', 'wp-includes');
347	SucuriScanEvent::reportNoticeEvent(__('Hardening applied to the library directory', 'sucuri-scanner'));
348	SucuriScanInterface::info(__('Hardening applied to the library directory', 'sucuri-scanner'));
349	} catch (Exception $e) {
	@@ -358,8 +358,8 @@ class SucuriScanHardeningPage extends SucuriScan
358	$result = SucuriScanHardening::unhardenDirectory($folder);
359
360	if ($result === true) {
361	- SucuriScanHardening::~~dewhitelist~~('wp-tinymce.php', 'wp-includes');
362	- SucuriScanHardening::~~dewhitelist~~('ms-files.php', 'wp-includes');
363	SucuriScanEvent::reportErrorEvent(__('Hardening reverted in the library directory', 'sucuri-scanner'));
364	SucuriScanInterface::info(__('Hardening reverted in the library directory', 'sucuri-scanner'));
365	} else {
	@@ -368,7 +368,7 @@ class SucuriScanHardeningPage extends SucuriScan
368	}
369
370	$params['Hardening.Title'] = __('Block PHP Files in WP-INCLUDES Directory', 'sucuri-scanner');
371	- $params['Hardening.Description'] = __('Block the execution of PHP files in sensitive directories. Be careful while applying this hardening option as there are many plugins and theme which rely on the ability to execute PHP files in the content directory to generate images or save temporary data. Use the "~~Whitelist~~ PHP Files" tool to add exceptions to individual files.', 'sucuri-scanner');
372
373	if (SucuriScan::isBehindFirewall()) {
374	$params['Hardening.Status'] = 1;
	@@ -605,9 +605,9 @@ class SucuriScanHardeningPage extends SucuriScan
605	}
606
607	/**
608	- * ~~Whitelist~~ individual PHP files.
609	*
610	- * Allows an admin to ~~whitelist~~ individual PHP files after the directory has
611	* been hardened. Since the hardening rules denies access to all PHP files
612	* contained in such directory, 3rd-party plugins and themes that makes use
613	* of these direct requests will stop working. The admins will want to allow
	@@ -615,12 +615,12 @@ class SucuriScanHardeningPage extends SucuriScan
615	*
616	* @return HTML with the information about this hardening option.
617	*/
618	- public static function ~~whitelistPHPFiles~~()
619	{
620	$params = array(
621	- '~~HardeningWhitelist~~.List' => '',
622	- '~~HardeningWhitelist~~.AllowedFolders' => '',
623	- '~~HardeningWhitelist~~.NoItemsVisibility' => 'visible',
624	);
625
626	$upload_dir = wp_upload_dir();
	@@ -631,16 +631,16 @@ class SucuriScanHardeningPage extends SucuriScan
631	);
632
633	if (SucuriScanInterface::checkNonce()) {
634	- // Add a new file to the hardening ~~whitelist~~.
635	- $fwhite = SucuriScanRequest::post(':~~hardening_whitelist~~');
636
637	if ($fwhite) {
638	$folder = SucuriScanRequest::post(':hardening_folder');
639
640	if (in_array($folder, $allowed_folders)) {
641	try {
642	- SucuriScanHardening::~~whitelist~~($fwhite, $folder);
643	- SucuriScanInterface::info(__('The file has been ~~whitelisted from the hardening~~', 'sucuri-scanner'));
644	} catch (Exception $e) {
645	SucuriScanInterface::error($e->getMessage());
646	}
	@@ -649,48 +649,48 @@ class SucuriScanHardeningPage extends SucuriScan
649	}
650	}
651
652	- // Remove a file from the hardening ~~whitelist~~.
653	$rmfwhite = SucuriScanRequest::post(':hardening_rmfwhite', '_array');
654
655	if ($rmfwhite) {
656	foreach ($rmfwhite as $fpath) {
657	$fpath = str_replace('/.*/', '\|', $fpath);
658	$parts = explode('\|', $fpath, 2);
659	- SucuriScanHardening::~~dewhitelist~~($parts[1], $parts[0]);
660	}
661
662	SucuriScanInterface::info(__('Selected files have been removed', 'sucuri-scanner'));
663	}
664	}
665
666	- // Read the access control file and retrieve the ~~whitelisted~~ ~~files~~.
667	foreach ($allowed_folders as $folder) {
668	- $files = SucuriScanHardening::~~getWhitelisted~~($folder);
669
670	- $params['~~HardeningWhitelist~~.AllowedFolders'] .= sprintf(
671	'<option value="%s">%s</option>',
672	SucuriScan::escape($folder),
673	SucuriScan::escape($folder)
674	);
675
676	if (is_array($files) && !empty($files)) {
677	- $params['~~HardeningWhitelist~~.NoItemsVisibility'] = 'hidden';
678
679	foreach ($files as $file) {
680	$fregexp = sprintf('%s/.*/%s', $folder, $file);
681	$html = SucuriScanTemplate::getSnippet(
682	- 'settings-hardening-~~whitelist~~-phpfiles',
683	array(
684	- '~~HardeningWhitelist~~.Regexp' => $fregexp,
685	- '~~HardeningWhitelist~~.Folder' => $folder,
686	- '~~HardeningWhitelist~~.File' => $file,
687	)
688	);
689	- $params['~~HardeningWhitelist~~.List'] .= $html;
690	}
691	}
692	}
693
694	- return SucuriScanTemplate::getSection('settings-hardening-~~whitelist~~-phpfiles', $params);
695	}
696	}


86	*
87	* WAF is a protection layer for your web site, blocking all sort of attacks
88	* (brute force attempts, DDoS, SQL injections, etc) and helping it remain
89	+ * malware and blocklist free. This test checks if your site is using Sucuri
90	* Firewall to protect your site.
91	*
92	* @return string HTML code with the replaced template variables.

103
104	$params['Hardening.FieldName'] = __FUNCTION__;
105	$params['Hardening.Title'] = __('Enable Website Firewall Protection', 'sucuri-scanner');
106	+ $params['Hardening.Description'] = __('A WAF is a protection layer for your web site, blocking all sort of attacks (brute force attempts, DDoS, SQL injections, etc) and helping it remain malware and blocklist free. This test checks if your site is using Sucuri Firewall to protect your site.', 'sucuri-scanner');
107
108	if (!SucuriScan::isBehindFirewall()) {
109	$params['Hardening.Status'] = 0;

194	$params['Hardening.Status'] = 2;
195	$params['Hardening.FieldName'] = __FUNCTION__;
196	$params['Hardening.FieldText'] = __('Check Hardening', 'sucuri-scanner');
197	+ $params['Hardening.Description'] = __('Block the execution of PHP files in sensitive directories. Be careful while applying this hardening option as there are many plugins and theme which rely on the ability to execute PHP files in the content directory to generate images or save temporary data. Use the "Add PHP Files to the Allowlist" tool to add exceptions to individual files.', 'sucuri-scanner');
198
199	return self::drawSection($params);
200	}

240	}
241
242	$params['Hardening.Title'] = __('Block PHP Files in Uploads Directory', 'sucuri-scanner');
243	+ $params['Hardening.Description'] = __('Block the execution of PHP files in sensitive directories. Be careful while applying this hardening option as there are many plugins and theme which rely on the ability to execute PHP files in the content directory to generate images or save temporary data. Use the "Add PHP Files to the Allowlist" tool to add exceptions to individual files.', 'sucuri-scanner');
244
245	if (SucuriScan::isBehindFirewall()) {
246	$params['Hardening.Status'] = 1;

299	}
300
301	$params['Hardening.Title'] = __('Block PHP Files in WP-CONTENT Directory', 'sucuri-scanner');
302	+ $params['Hardening.Description'] = __('Block the execution of PHP files in sensitive directories. Be careful while applying this hardening option as there are many plugins and theme which rely on the ability to execute PHP files in the content directory to generate images or save temporary data. Use the "Add PHP Files to the Allowlist" tool to add exceptions to individual files.', 'sucuri-scanner');
303
304	if (SucuriScan::isBehindFirewall()) {
305	$params['Hardening.Status'] = 1;

342
343	if ($result === true) {
344	try {
345	+ SucuriScanHardening::allow('wp-tinymce.php', 'wp-includes');
346	+ SucuriScanHardening::allow('ms-files.php', 'wp-includes');
347	SucuriScanEvent::reportNoticeEvent(__('Hardening applied to the library directory', 'sucuri-scanner'));
348	SucuriScanInterface::info(__('Hardening applied to the library directory', 'sucuri-scanner'));
349	} catch (Exception $e) {

358	$result = SucuriScanHardening::unhardenDirectory($folder);
359
360	if ($result === true) {
361	+ SucuriScanHardening::removeFromAllowlist('wp-tinymce.php', 'wp-includes');
362	+ SucuriScanHardening::removeFromAllowlist('ms-files.php', 'wp-includes');
363	SucuriScanEvent::reportErrorEvent(__('Hardening reverted in the library directory', 'sucuri-scanner'));
364	SucuriScanInterface::info(__('Hardening reverted in the library directory', 'sucuri-scanner'));
365	} else {

368	}
369
370	$params['Hardening.Title'] = __('Block PHP Files in WP-INCLUDES Directory', 'sucuri-scanner');
371	+ $params['Hardening.Description'] = __('Block the execution of PHP files in sensitive directories. Be careful while applying this hardening option as there are many plugins and theme which rely on the ability to execute PHP files in the content directory to generate images or save temporary data. Use the "Add PHP Files to the Allowlist" tool to add exceptions to individual files.', 'sucuri-scanner');
372
373	if (SucuriScan::isBehindFirewall()) {
374	$params['Hardening.Status'] = 1;

605	}
606
607	/**
608	+ * Allow individual PHP files.
609	*
610	+ * Allows an admin to allow individual PHP files after the directory has
611	* been hardened. Since the hardening rules denies access to all PHP files
612	* contained in such directory, 3rd-party plugins and themes that makes use
613	* of these direct requests will stop working. The admins will want to allow

615	*
616	* @return HTML with the information about this hardening option.
617	*/
618	+ public static function AllowPHPFiles()
619	{
620	$params = array(
621	+ 'HardeningAllowlist.List' => '',
622	+ 'HardeningAllowlist.AllowedFolders' => '',
623	+ 'HardeningAllowlist.NoItemsVisibility' => 'visible',
624	);
625
626	$upload_dir = wp_upload_dir();

631	);
632
633	if (SucuriScanInterface::checkNonce()) {
634	+ // Add a new file to the hardening allowlist.
635	+ $fwhite = SucuriScanRequest::post(':hardening_allowlist');
636
637	if ($fwhite) {
638	$folder = SucuriScanRequest::post(':hardening_folder');
639
640	if (in_array($folder, $allowed_folders)) {
641	try {
642	+ SucuriScanHardening::allow($fwhite, $folder);
643	+ SucuriScanInterface::info(__('The file has been allowed', 'sucuri-scanner'));
644	} catch (Exception $e) {
645	SucuriScanInterface::error($e->getMessage());
646	}

649	}
650	}
651
652	+ // Remove a file from the hardening allowlist.
653	$rmfwhite = SucuriScanRequest::post(':hardening_rmfwhite', '_array');
654
655	if ($rmfwhite) {
656	foreach ($rmfwhite as $fpath) {
657	$fpath = str_replace('/.*/', '\|', $fpath);
658	$parts = explode('\|', $fpath, 2);
659	+ SucuriScanHardening::removeFromAllowlist($parts[1], $parts[0]);
660	}
661
662	SucuriScanInterface::info(__('Selected files have been removed', 'sucuri-scanner'));
663	}
664	}
665
666	+ // Read the access control file and retrieve the files in the allowlist.
667	foreach ($allowed_folders as $folder) {
668	+ $files = SucuriScanHardening::getAllowlist($folder);
669
670	+ $params['HardeningAllowlist.AllowedFolders'] .= sprintf(
671	'<option value="%s">%s</option>',
672	SucuriScan::escape($folder),
673	SucuriScan::escape($folder)
674	);
675
676	if (is_array($files) && !empty($files)) {
677	+ $params['HardeningAllowlist.NoItemsVisibility'] = 'hidden';
678
679	foreach ($files as $file) {
680	$fregexp = sprintf('%s/.*/%s', $folder, $file);
681	$html = SucuriScanTemplate::getSnippet(
682	+ 'settings-hardening-allowlist-phpfiles',
683	array(
684	+ 'HardeningAllowlist.Regexp' => $fregexp,
685	+ 'HardeningAllowlist.Folder' => $folder,
686	+ 'HardeningAllowlist.File' => $file,
687	)
688	);
689	+ $params['HardeningAllowlist.List'] .= $html;
690	}
691	}
692	}
693
694	+ return SucuriScanTemplate::getSection('settings-hardening-allowlist-phpfiles', $params);
695	}
696	}

src/sitecheck.lib.php CHANGED Viewed

	@@ -28,7 +28,7 @@ if (!defined('SUCURISCAN_INIT') \|\| SUCURISCAN_INIT !== true) {
28	* SiteCheck is a web application scanner that reads the source code of a
29	* website to determine if it is serving malicious code, it scans the home page
30	* and linked sub-pages, then compares the results with a list of signatures as
31	- * well as a list of ~~blacklist~~ services to see if other malware scanners have
32	* flagged the website before. This operation may take a couple of seconds,
33	* around twenty seconds in most cases; be sure to set enough timeout for the
34	* operation to finish, otherwise the scanner will return innacurate
	@@ -301,11 +301,11 @@ class SucuriScanSiteCheck extends SucuriScanAPI
301	}
302
303	/**
304	- * Generates the HTML section for the SiteCheck ~~blacklist~~.
305	*
306	- * @return string HTML code to render the ~~blacklist~~ section.
307	*/
308	- public static function ~~blacklist~~()
309	{
310	$params = array();
311	$data = self::scanAndCollectData();
	@@ -314,9 +314,9 @@ class SucuriScanSiteCheck extends SucuriScanAPI
314	return ''; /* there is not enough information to render */
315	}
316
317	- $params['~~Blacklist~~.Title'] = __('Not ~~Blacklisted~~', 'sucuri-scanner');
318	- $params['~~Blacklist~~.Color'] = 'green';
319	- $params['~~Blacklist~~.Content'] = '';
320
321	foreach ($data['BLACKLIST'] as $type => $proof) {
322	foreach ($proof as $info) {
	@@ -327,23 +327,23 @@ class SucuriScanSiteCheck extends SucuriScanAPI
327	substr($info[0], 0, strrpos($info[0], ':'))
328	);
329
330	- $params['~~Blacklist~~.Content'] .= SucuriScanTemplate::getSnippet(
331	- 'sitecheck-~~blacklist~~',
332	array(
333	- '~~Blacklist~~.URL' => $url,
334	- '~~Blacklist~~.Status' => $type,
335	- '~~Blacklist~~.Service' => $title,
336	)
337	);
338	}
339	}
340
341	if (isset($data['BLACKLIST']['WARN'])) {
342	- $params['~~Blacklist~~.Title'] = __('~~Blacklisted~~', 'sucuri-scanner');
343	- $params['~~Blacklist~~.Color'] = 'red';
344	}
345
346	- return SucuriScanTemplate::getSection('sitecheck-~~blacklist~~', $params);
347	}
348
349	/**
	@@ -536,7 +536,7 @@ class SucuriScanSiteCheck extends SucuriScanAPI
536	$response = array();
537
538	$response['malware'] = SucuriScanSiteCheck::malware();
539	- $response['~~blacklist~~'] = SucuriScanSiteCheck::~~blacklist~~();
540	$response['recommendations'] = SucuriScanSiteCheck::recommendations();
541
542	$response['iframes'] = array(
	@@ -556,7 +556,7 @@ class SucuriScanSiteCheck extends SucuriScanAPI
556
557	if (!empty($errors)) {
558	$response['malware'] = '';
559	- $response['~~blacklist~~'] = '';
560	$response['recommendations'] = '';
561	}
562


28	* SiteCheck is a web application scanner that reads the source code of a
29	* website to determine if it is serving malicious code, it scans the home page
30	* and linked sub-pages, then compares the results with a list of signatures as
31	+ * well as a list of blocklist services to see if other malware scanners have
32	* flagged the website before. This operation may take a couple of seconds,
33	* around twenty seconds in most cases; be sure to set enough timeout for the
34	* operation to finish, otherwise the scanner will return innacurate

301	}
302
303	/**
304	+ * Generates the HTML section for the SiteCheck blocklist.
305	*
306	+ * @return string HTML code to render the blocklist section.
307	*/
308	+ public static function blocklist()
309	{
310	$params = array();
311	$data = self::scanAndCollectData();

314	return ''; /* there is not enough information to render */
315	}
316
317	+ $params['Blocklist.Title'] = __('Not in the blocklist', 'sucuri-scanner');
318	+ $params['Blocklist.Color'] = 'green';
319	+ $params['Blocklist.Content'] = '';
320
321	foreach ($data['BLACKLIST'] as $type => $proof) {
322	foreach ($proof as $info) {

327	substr($info[0], 0, strrpos($info[0], ':'))
328	);
329
330	+ $params['Blocklist.Content'] .= SucuriScanTemplate::getSnippet(
331	+ 'sitecheck-blocklist',
332	array(
333	+ 'Blocklist.URL' => $url,
334	+ 'Blocklist.Status' => $type,
335	+ 'Blocklist.Service' => $title,
336	)
337	);
338	}
339	}
340
341	if (isset($data['BLACKLIST']['WARN'])) {
342	+ $params['Blocklist.Title'] = __('In the blocklist', 'sucuri-scanner');
343	+ $params['Blocklist.Color'] = 'red';
344	}
345
346	+ return SucuriScanTemplate::getSection('sitecheck-blocklist', $params);
347	}
348
349	/**

536	$response = array();
537
538	$response['malware'] = SucuriScanSiteCheck::malware();
539	+ $response['blocklist'] = SucuriScanSiteCheck::blocklist();
540	$response['recommendations'] = SucuriScanSiteCheck::recommendations();
541
542	$response['iframes'] = array(

556
557	if (!empty($errors)) {
558	$response['malware'] = '';
559	+ $response['blocklist'] = '';
560	$response['recommendations'] = '';
561	}
562

src/strings.php CHANGED Viewed

	@@ -75,9 +75,9 @@ __('Delete', 'sucuri-scanner');
75	__('Submit', 'sucuri-scanner');
76	__('Loading...', 'sucuri-scanner');
77	__('IP Address Access', 'sucuri-scanner');
78	- __('This tool allows you to ~~blacklist~~ one or more IP addresses from accessing your website.', 'sucuri-scanner');
79	- __('To delete an IP from the ~~blacklist~~ you can use the form below or you can log into the Firewall dashboard.', 'sucuri-scanner');
80	- __('~~Blacklist~~ IP:', 'sucuri-scanner');
81	__('e.g. 192.168.1.54', 'sucuri-scanner');
82	__('IP Address', 'sucuri-scanner');
83
	@@ -371,8 +371,8 @@ __('This option defines the timezone that will be used through out the entire pl
371	__('Timezone:', 'sucuri-scanner');
372	__('Submit', 'sucuri-scanner');
373
374	- // settings-hardening-~~whitelist~~-phpfiles.html.tpl
375	- __('~~Whitelist~~ Blocked PHP Files', 'sucuri-scanner');
376	__('After you apply the hardening in either the includes, content, and/or uploads directories, the plugin will add a rule in the access control file to deny access to any PHP file located in these folders. This is a good precaution in case an attacker is able to upload a shell script. With a few exceptions the <em>"index.php"</em> file is the only one that should be publicly accessible, however many theme/plugin developers decide to use these folders to process some operations. In this case applying the hardening <strong>may break</strong> their functionality.', 'sucuri-scanner');
377	__('File Path:', 'sucuri-scanner');
378	__('Submit', 'sucuri-scanner');


75	__('Submit', 'sucuri-scanner');
76	__('Loading...', 'sucuri-scanner');
77	__('IP Address Access', 'sucuri-scanner');
78	+ __('This tool allows you to add one or more IP addresses to the blocklist and stop them from accessing your website.', 'sucuri-scanner');
79	+ __('To delete an IP from the blocklist you can use the form below or you can log into the Firewall dashboard.', 'sucuri-scanner');
80	+ __('Add IP to the Blocklist:', 'sucuri-scanner');
81	__('e.g. 192.168.1.54', 'sucuri-scanner');
82	__('IP Address', 'sucuri-scanner');
83

371	__('Timezone:', 'sucuri-scanner');
372	__('Submit', 'sucuri-scanner');
373
374	+ // settings-hardening-allowlist-phpfiles.html.tpl
375	+ __('Allow Blocked PHP Files', 'sucuri-scanner');
376	__('After you apply the hardening in either the includes, content, and/or uploads directories, the plugin will add a rule in the access control file to deny access to any PHP file located in these folders. This is a good precaution in case an attacker is able to upload a shell script. With a few exceptions the <em>"index.php"</em> file is the only one that should be publicly accessible, however many theme/plugin developers decide to use these folders to process some operations. In this case applying the hardening <strong>may break</strong> their functionality.', 'sucuri-scanner');
377	__('File Path:', 'sucuri-scanner');
378	__('Submit', 'sucuri-scanner');

sucuri.php CHANGED Viewed

	@@ -2,13 +2,13 @@
2
3	/**
4	* Plugin Name: Sucuri Security - Auditing, Malware Scanner and Hardening
5	- * Description: The <a href="https://sucuri.net/" target="_blank">Sucuri</a> plugin provides the website owner the best Activity Auditing, SiteCheck Remote Malware Scanning, Effective Security Hardening and Post-Hack features. SiteCheck will check for malware, spam, ~~blacklisting~~ and other security issues like .htaccess redirects, hidden eval code, etc. The best thing about it is it's completely free.
6	* Plugin URI: https://wordpress.sucuri.net/
7	* Author URI: https://sucuri.net/
8	* Author: Sucuri Inc.
9	* Text Domain: sucuri-scanner
10	* Domain Path: /lang
11	- * Version: 1.8.25
12	*
13	* PHP version 5
14	*
	@@ -85,7 +85,7 @@ define('SUCURISCAN', 'sucuriscan');
85	/**
86	* Current version of the plugin's code.
87	*/
88	- define('SUCURISCAN_VERSION', '1.8.25');
89
90	/**
91	* Defines the human readable name of the plugin.
	@@ -301,8 +301,8 @@ function sucuriscanUninstall()
301	}
302
303	/* Delete hardening in standard directories */
304	- SucuriScanHardening::~~dewhitelist~~('ms-files.php', 'wp-includes');
305	- SucuriScanHardening::~~dewhitelist~~('wp-tinymce.php', 'wp-includes');
306	SucuriScanHardening::unhardenDirectory(WP_CONTENT_DIR);
307	SucuriScanHardening::unhardenDirectory(WP_CONTENT_DIR . '/uploads');
308	SucuriScanHardening::unhardenDirectory(ABSPATH . '/wp-includes');


2
3	/**
4	* Plugin Name: Sucuri Security - Auditing, Malware Scanner and Hardening
5	+ * Description: The <a href="https://sucuri.net/" target="_blank">Sucuri</a> plugin provides the website owner the best Activity Auditing, SiteCheck Remote Malware Scanning, Effective Security Hardening and Post-Hack features. SiteCheck will check for malware, spam, blocklisting and other security issues like .htaccess redirects, hidden eval code, etc. The best thing about it is it's completely free.
6	* Plugin URI: https://wordpress.sucuri.net/
7	* Author URI: https://sucuri.net/
8	* Author: Sucuri Inc.
9	* Text Domain: sucuri-scanner
10	* Domain Path: /lang
11	+ * Version: 1.8.26
12	*
13	* PHP version 5
14	*

85	/**
86	* Current version of the plugin's code.
87	*/
88	+ define('SUCURISCAN_VERSION', '1.8.26');
89
90	/**
91	* Defines the human readable name of the plugin.

301	}
302
303	/* Delete hardening in standard directories */
304	+ SucuriScanHardening::removeFromAllowlist('ms-files.php', 'wp-includes');
305	+ SucuriScanHardening::removeFromAllowlist('wp-tinymce.php', 'wp-includes');
306	SucuriScanHardening::unhardenDirectory(WP_CONTENT_DIR);
307	SucuriScanHardening::unhardenDirectory(WP_CONTENT_DIR . '/uploads');
308	SucuriScanHardening::unhardenDirectory(ABSPATH . '/wp-includes');

Sucuri Security – Auditing, Malware Scanner and Security Hardening - Version 1.8.26

Version Description

Release Info

Code changes from version 1.8.25 to 1.8.26