Sucuri Security – Auditing, Malware Scanner and Security Hardening

Version Description

Add support for PHP 8
Reduce memory requirements when reading a log file
Fix DISALLOW_FILE_EDIT related notice

Release Info

Developer	unifiedexp
Plugin	Sucuri Security – Auditing, Malware Scanner and Security Hardening
Version	1.8.27
Comparing to
See all releases

Code changes from version 1.8.26 to 1.8.27

Files changed (11) hide show

lang/sucuri-scanner.pot +34 -34
readme.txt +6 -1
src/base.lib.php +2 -2
src/cache.lib.php +32 -23
src/hook.lib.php +1 -1
src/installer-skin-legacy.lib.php +57 -0
src/installer-skin.lib.php +9 -2
src/settings-hardening.php +13 -1
src/settings-posthack.php +1 -1
src/sitecheck.lib.php +8 -2
sucuri.php +2 -2

lang/sucuri-scanner.pot CHANGED Viewed

	@@ -2,14 +2,14 @@
2	# This file is distributed under the same license as the Sucuri Security - Auditing, Malware Scanner and Hardening plugin.
3	msgid ""
4	msgstr ""
5	- "Project-Id-Version: Sucuri Security - Auditing, Malware Scanner and Hardening 1.8.26\n"
6	- "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/sucuri-~~scanner~~\n"
7	"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
8	"Language-Team: LANGUAGE <LL@li.org>\n"
9	"MIME-Version: 1.0\n"
10	"Content-Type: text/plain; charset=UTF-8\n"
11	"Content-Transfer-Encoding: 8bit\n"
12	- "POT-Creation-Date: 2021-02-~~10T17~~:01:19+00:00\n"
13	"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
14	"X-Generator: WP-CLI 2.4.0\n"
15	"X-Domain: sucuri-scanner\n"
	@@ -111,10 +111,10 @@ msgstr ""
111	msgid "Info:"
112	msgstr ""
113
114	- #: src/cache.lib.php:~~392~~
115	- #: src/cache.lib.php:~~412~~
116	- #: src/cache.lib.php:~~453~~
117	- #: src/cache.lib.php:~~470~~
118	msgid "Invalid cache key name"
119	msgstr ""
120
	@@ -1348,8 +1348,8 @@ msgstr ""
1348	#: src/settings-hardening.php:384
1349	#: src/settings-hardening.php:416
1350	#: src/settings-hardening.php:456
1351	- #: src/settings-hardening.php:~~549~~
1352	- #: src/settings-hardening.php:~~596~~
1353	msgid "Apply Hardening"
1354	msgstr ""
1355
	@@ -1363,8 +1363,8 @@ msgstr ""
1363	#: src/settings-hardening.php:380
1364	#: src/settings-hardening.php:419
1365	#: src/settings-hardening.php:452
1366	- #: src/settings-hardening.php:~~545~~
1367	- #: src/settings-hardening.php:~~601~~
1368	msgid "Revert Hardening"
1369	msgstr ""
1370
	@@ -1491,80 +1491,80 @@ msgid "Check if the primary user account still uses the name \"admin\". This all
1491	msgstr ""
1492
1493	#: src/settings-hardening.php:476
1494	- #: src/settings-hardening.php:~~507~~
1495	#: src/settings-posthack.php:63
1496	msgid "WordPress configuration file was not found."
1497	msgstr ""
1498
1499	#: src/settings-hardening.php:478
1500	- #: src/settings-hardening.php:~~509~~
1501	#: src/settings-posthack.php:76
1502	msgid "WordPress configuration file is not writable."
1503	msgstr ""
1504
1505	- #: src/settings-hardening.php:~~498~~
1506	- #: src/settings-hardening.php:~~499~~
1507	msgid "Hardening applied to the plugin and theme editor"
1508	msgstr ""
1509
1510	- #: src/settings-hardening.php:~~527~~
1511	msgid "File Editor was not disabled using this tool. You must scan your project for a constant defined as DISALLOW_FILE_EDIT, then either delete it or set its value to False. Any plugin/theme can disable the file editor, so it is impossible to determine the origin of the constant."
1512	msgstr ""
1513
1514	- #: src/settings-hardening.php:~~533~~
1515	- #: src/settings-hardening.php:~~534~~
1516	msgid "Hardening reverted in the plugin and theme editor"
1517	msgstr ""
1518
1519	- #: src/settings-hardening.php:~~539~~
1520	msgid "Disable Plugin and Theme Editor"
1521	msgstr ""
1522
1523	- #: src/settings-hardening.php:~~540~~
1524	msgid "Disables the theme and plugin editors to prevent unwanted modifications to the code. If you are having problems reverting this please open the wp-config.php file and delete the line with the constant DISALLOW_FILE_EDIT."
1525	msgstr ""
1526
1527	- #: src/settings-hardening.php:~~572~~
1528	msgid "Automatic Secret Keys Updater enabled. The default frequency is \"Weekly\", but you can change the frequency on Settings -> Post-Hack -> Update Secret Keys section."
1529	msgstr ""
1530
1531	- #: src/settings-hardening.php:~~573~~
1532	#: src/settings-posthack.php:158
1533	#: src/settings-posthack.php:159
1534	msgid "Automatic Secret Keys Updater enabled."
1535	msgstr ""
1536
1537	- #: src/settings-hardening.php:~~575~~
1538	- #: src/settings-hardening.php:~~585~~
1539	#: src/settings-posthack.php:150
1540	#: src/settings-posthack.php:161
1541	msgid "Something went wrong."
1542	msgstr ""
1543
1544	- #: src/settings-hardening.php:~~582~~
1545	- #: src/settings-hardening.php:~~583~~
1546	#: src/settings-posthack.php:147
1547	#: src/settings-posthack.php:148
1548	msgid "Automatic Secret Keys Updater disabled."
1549	msgstr ""
1550
1551	- #: src/settings-hardening.php:~~591~~
1552	msgid "Activate Automatic Secret Keys Updater"
1553	msgstr ""
1554
1555	- #: src/settings-hardening.php:~~592~~
1556	msgid "Changing the Secret Keys will invalidate all existing cookies, forcing all logged in users to login again. Doing this frequently will decrease the chances of misuse of sessions left open on unprotected devices."
1557	msgstr ""
1558
1559	- #: src/settings-hardening.php:~~643~~
1560	msgid "The file has been allowed"
1561	msgstr ""
1562
1563	- #: src/settings-hardening.php:~~648~~
1564	msgid "Specified folder is not hardened by this plugin"
1565	msgstr ""
1566
1567	- #: src/settings-hardening.php:~~662~~
1568	msgid "Selected files have been removed"
1569	msgstr ""
1570
	@@ -1737,15 +1737,15 @@ msgstr ""
1737	msgid "In the blocklist"
1738	msgstr ""
1739
1740	- #: src/sitecheck.lib.php:~~393~~
1741	msgid "iFrames: %d"
1742	msgstr ""
1743
1744	- #: src/sitecheck.lib.php:~~405~~
1745	msgid "Links: %d"
1746	msgstr ""
1747
1748	- #: src/sitecheck.lib.php:~~426~~
1749	msgid "Scripts: %d"
1750	msgstr ""
1751


2	# This file is distributed under the same license as the Sucuri Security - Auditing, Malware Scanner and Hardening plugin.
3	msgid ""
4	msgstr ""
5	+ "Project-Id-Version: Sucuri Security - Auditing, Malware Scanner and Hardening 1.8.27\n"
6	+ "Report-Msgid-Bugs-To: https://wordpress.org/support/plugin/sucuri-wordpress-plugin\n"
7	"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
8	"Language-Team: LANGUAGE <LL@li.org>\n"
9	"MIME-Version: 1.0\n"
10	"Content-Type: text/plain; charset=UTF-8\n"
11	"Content-Transfer-Encoding: 8bit\n"
12	+ "POT-Creation-Date: 2021-07-20T22:21:26+00:00\n"
13	"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
14	"X-Generator: WP-CLI 2.4.0\n"
15	"X-Domain: sucuri-scanner\n"

111	msgid "Info:"
112	msgstr ""
113
114	+ #: src/cache.lib.php:401
115	+ #: src/cache.lib.php:421
116	+ #: src/cache.lib.php:462
117	+ #: src/cache.lib.php:479
118	msgid "Invalid cache key name"
119	msgstr ""
120

1348	#: src/settings-hardening.php:384
1349	#: src/settings-hardening.php:416
1350	#: src/settings-hardening.php:456
1351	+ #: src/settings-hardening.php:556
1352	+ #: src/settings-hardening.php:603
1353	msgid "Apply Hardening"
1354	msgstr ""
1355

1363	#: src/settings-hardening.php:380
1364	#: src/settings-hardening.php:419
1365	#: src/settings-hardening.php:452
1366	+ #: src/settings-hardening.php:552
1367	+ #: src/settings-hardening.php:608
1368	msgid "Revert Hardening"
1369	msgstr ""
1370

1491	msgstr ""
1492
1493	#: src/settings-hardening.php:476
1494	+ #: src/settings-hardening.php:514
1495	#: src/settings-posthack.php:63
1496	msgid "WordPress configuration file was not found."
1497	msgstr ""
1498
1499	#: src/settings-hardening.php:478
1500	+ #: src/settings-hardening.php:516
1501	#: src/settings-posthack.php:76
1502	msgid "WordPress configuration file is not writable."
1503	msgstr ""
1504
1505	+ #: src/settings-hardening.php:505
1506	+ #: src/settings-hardening.php:506
1507	msgid "Hardening applied to the plugin and theme editor"
1508	msgstr ""
1509
1510	+ #: src/settings-hardening.php:534
1511	msgid "File Editor was not disabled using this tool. You must scan your project for a constant defined as DISALLOW_FILE_EDIT, then either delete it or set its value to False. Any plugin/theme can disable the file editor, so it is impossible to determine the origin of the constant."
1512	msgstr ""
1513
1514	+ #: src/settings-hardening.php:540
1515	+ #: src/settings-hardening.php:541
1516	msgid "Hardening reverted in the plugin and theme editor"
1517	msgstr ""
1518
1519	+ #: src/settings-hardening.php:546
1520	msgid "Disable Plugin and Theme Editor"
1521	msgstr ""
1522
1523	+ #: src/settings-hardening.php:547
1524	msgid "Disables the theme and plugin editors to prevent unwanted modifications to the code. If you are having problems reverting this please open the wp-config.php file and delete the line with the constant DISALLOW_FILE_EDIT."
1525	msgstr ""
1526
1527	+ #: src/settings-hardening.php:579
1528	msgid "Automatic Secret Keys Updater enabled. The default frequency is \"Weekly\", but you can change the frequency on Settings -> Post-Hack -> Update Secret Keys section."
1529	msgstr ""
1530
1531	+ #: src/settings-hardening.php:580
1532	#: src/settings-posthack.php:158
1533	#: src/settings-posthack.php:159
1534	msgid "Automatic Secret Keys Updater enabled."
1535	msgstr ""
1536
1537	+ #: src/settings-hardening.php:582
1538	+ #: src/settings-hardening.php:592
1539	#: src/settings-posthack.php:150
1540	#: src/settings-posthack.php:161
1541	msgid "Something went wrong."
1542	msgstr ""
1543
1544	+ #: src/settings-hardening.php:589
1545	+ #: src/settings-hardening.php:590
1546	#: src/settings-posthack.php:147
1547	#: src/settings-posthack.php:148
1548	msgid "Automatic Secret Keys Updater disabled."
1549	msgstr ""
1550
1551	+ #: src/settings-hardening.php:598
1552	msgid "Activate Automatic Secret Keys Updater"
1553	msgstr ""
1554
1555	+ #: src/settings-hardening.php:599
1556	msgid "Changing the Secret Keys will invalidate all existing cookies, forcing all logged in users to login again. Doing this frequently will decrease the chances of misuse of sessions left open on unprotected devices."
1557	msgstr ""
1558
1559	+ #: src/settings-hardening.php:650
1560	msgid "The file has been allowed"
1561	msgstr ""
1562
1563	+ #: src/settings-hardening.php:655
1564	msgid "Specified folder is not hardened by this plugin"
1565	msgstr ""
1566
1567	+ #: src/settings-hardening.php:669
1568	msgid "Selected files have been removed"
1569	msgstr ""
1570

1737	msgid "In the blocklist"
1738	msgstr ""
1739
1740	+ #: src/sitecheck.lib.php:396
1741	msgid "iFrames: %d"
1742	msgstr ""
1743
1744	+ #: src/sitecheck.lib.php:411
1745	msgid "Links: %d"
1746	msgstr ""
1747
1748	+ #: src/sitecheck.lib.php:432
1749	msgid "Scripts: %d"
1750	msgstr ""
1751

readme.txt CHANGED Viewed

	@@ -4,7 +4,7 @@ Donate Link: https://sucuri.net/
4	Tags: malware, security, firewall, scan, spam, virus, sucuri, protection, blocklist, detection, hardening, file integrity
5	Requires at least: 3.6
6	Tested up to: 5.8
7	- Stable tag: 1.8.26
8
9	The Sucuri WordPress Security plugin is a security toolset for security integrity monitoring, malware detection and security hardening.
10
	@@ -189,6 +189,11 @@ We take your privacy seriously. For free plugin users without an API key, no inf
189	This version adds an option to refresh the malware scan results on demand, as well as several small bug fixes and improvements.
190
191	== Changelog ==





192	= 1.8.26 =
193	* Replace the word "blacklist" with "blocklist" in the codebase
194	* Replace the word "whitelist" with "allowlist" in the codebase


4	Tags: malware, security, firewall, scan, spam, virus, sucuri, protection, blocklist, detection, hardening, file integrity
5	Requires at least: 3.6
6	Tested up to: 5.8
7	+ Stable tag: 1.8.27
8
9	The Sucuri WordPress Security plugin is a security toolset for security integrity monitoring, malware detection and security hardening.
10

189	This version adds an option to refresh the malware scan results on demand, as well as several small bug fixes and improvements.
190
191	== Changelog ==
192	+ = 1.8.27 =
193	+ * Add support for PHP 8
194	+ * Reduce memory requirements when reading a log file
195	+ * Fix DISALLOW_FILE_EDIT related notice
196	+
197	= 1.8.26 =
198	* Replace the word "blacklist" with "blocklist" in the codebase
199	* Replace the word "whitelist" with "allowlist" in the codebase

src/base.lib.php CHANGED Viewed

	@@ -319,9 +319,9 @@ class SucuriScan
319	}
320
321	/**
322	- * Find and retrieve the current version of ~~Wordpress~~ installed.
323	*
324	- * @return string The version number of ~~Wordpress~~ installed.
325	*/
326	public static function siteVersion()
327	{


319	}
320
321	/**
322	+ * Find and retrieve the current version of WordPress installed.
323	*
324	+ * @return string The version number of WordPress installed.
325	*/
326	public static function siteVersion()
327	{

src/cache.lib.php CHANGED Viewed

@@ -237,32 +237,41 @@ class SucuriScanCache extends SucuriScan
                     $object = array();
                     $object['info'] = array();
                     $object['entries'] = array();
-            -
                    $lines = SucuriScanFileInfo::fileLines($this->datastore_path);
-            -
-            -
                    if (is_array($lines) && !empty($lines)) {
-            -
                        foreach ($lines as $line) {
-            -
                            if (strpos($line, "//\x20") === 0
-            -
                                && strpos($line, '=') !== false
-            -
                                && $line[strlen($line) - 1] === ';'
-            -
                            ) {
-            -
                                $section = substr($line, 3, strlen($line) - 4);
-            -
                                list($header, $value) = explode('=', $section, 2);
-            -
                                $object['info'][$header] = $value;
-            -
                                continue;
-            -
                            }
-            -
-            -
                            /* skip content */
-            -
                            if ($onlyInfo) {
-            -
                                continue;
-            -
                            }
-            -
-            -
                            if (strpos($line, ':') !== false) {
-            -
                                list($keyname, $value) = explode(':', $line, 2);
-            -
                                $object['entries'][$keyname] = @json_decode($value, $assoc);
-            -
                            }
+                        }
+                    }
                     return $object;
+                }


237	$object = array();
238	$object['info'] = array();
239	$object['entries'] = array();
240	+
241	+ if (($fh = fopen($this->datastore_path, 'r')) === false) {
242	+ return $object;
243	+ }
244	+
245	+ while (($line = fgets($fh)) !== false) {
246	+ $line = trim($line);
247	+
248	+ if (!$line) {
249	+ continue;
250	+ }
251	+
252	+ if (strpos($line, "//\x20") === 0
253	+ && strpos($line, '=') !== false
254	+ && $line[strlen($line) - 1] === ';'
255	+ ) {
256	+ $section = substr($line, 3, -1);
257	+ list($header, $value) = explode('=', $section, 2);
258	+ $object['info'][$header] = $value;
259	+ continue;
260	+ }
261	+
262	+ // skip content
263	+ if ($onlyInfo) {
264	+ continue;
265	+ }
266	+
267	+ if (strpos($line, ':') !== false) {
268	+ list($keyname, $value) = explode(':', $line, 2);
269	+ $object['entries'][$keyname] = @json_decode($value, $assoc);
270	}
271	}
272
273	+ fclose($fh);
274	+
275	return $object;
276	}
277

src/hook.lib.php CHANGED Viewed

	@@ -996,7 +996,7 @@ class SucuriScanHook extends SucuriScanEvent
996	* @param int $id The identifier of the edited user account
997	* @param object $old_user_data Object containing user's data prior to update.
998	*/
999	- public static function hookProfileUpdate($id = 0, $old_user_data)
1000	{
1001	$title = __('unknown', 'sucuri-scanner');
1002	$email = __('user@domain.com', 'sucuri-scanner');


996	* @param int $id The identifier of the edited user account
997	* @param object $old_user_data Object containing user's data prior to update.
998	*/
999	+ public static function hookProfileUpdate($id = 0, $old_user_data = false)
1000	{
1001	$title = __('unknown', 'sucuri-scanner');
1002	$email = __('user@domain.com', 'sucuri-scanner');

src/installer-skin-legacy.lib.php ADDED Viewed

	@@ -0,0 +1,57 @@


1	+ <?php
2	+
3	+ /**
4	+ * Code related to the installer-skin.lib.php interface.
5	+ *
6	+ * PHP version 5
7	+ *
8	+ * @category Library
9	+ * @package Sucuri
10	+ * @subpackage SucuriScanner
11	+ * @author Daniel Cid <dcid@sucuri.net>
12	+ * @copyright 2010-2018 Sucuri Inc.
13	+ * @license https://www.gnu.org/licenses/gpl-2.0.txt GPL2
14	+ * @link https://wordpress.org/plugins/sucuri-scanner
15	+ */
16	+
17	+ if (!defined('SUCURISCAN_INIT') \|\| SUCURISCAN_INIT !== true) {
18	+ if (!headers_sent()) {
19	+ /* Report invalid access if possible. */
20	+ header('HTTP/1.1 403 Forbidden');
21	+ }
22	+ exit(1);
23	+ }
24	+
25	+ /**
26	+ * Plugin Installer Skin for WordPress Plugin Installer before WP 5.3.
27	+ *
28	+ * This is used by the post-hack utility to disregard the installation
29	+ * process when the website owner decides to reset one or more plugins.
30	+ * Without this WordPress will flush the buffer of the re-installation
31	+ * process immediately and we will not be able to disregard these logs
32	+ * after the operation has finished.
33	+ *
34	+ * @codeCoverageIgnore
35	+ *
36	+ * @category Library
37	+ * @package Sucuri
38	+ * @subpackage SucuriScanner
39	+ * @author Daniel Cid <dcid@sucuri.net>
40	+ * @copyright 2010-2018 Sucuri Inc.
41	+ * @license https://www.gnu.org/licenses/gpl-2.0.txt GPL2
42	+ * @link https://wordpress.org/plugins/sucuri-scanner
43	+ */
44	+ class SucuriScanPluginInstallerSkin extends Plugin_Installer_Skin
45	+ {
46	+ /**
47	+ * Reports the progress of the plugin installation.
48	+ *
49	+ * @param string $string Message to display in administration message.
50	+ *
51	+ * @return void
52	+ */
53	+ public function feedback($string)
54	+ {
55	+ /* do not do anything */
56	+ }
57	+ }

src/installer-skin.lib.php CHANGED Viewed

	@@ -27,6 +27,11 @@ if (class_exists('SucuriScanInterface') && class_exists('SucuriScanRequest')) {
27	include_once ABSPATH . '/wp-admin/includes/class-wp-upgrader.php';
28	include_once ABSPATH . '/wp-admin/includes/plugin-install.php';
29





30	/**
31	* Plugin Installer Skin for WordPress Plugin Installer.
32	*
	@@ -51,10 +56,12 @@ if (class_exists('SucuriScanInterface') && class_exists('SucuriScanRequest')) {
51	/**
52	* Reports the progress of the plugin installation.
53	*
54	- * @param string $string Message to ~~send~~ to ~~the~~ ~~buffer~~.


55	* @return void
56	*/
57	- public function feedback($string ~~= ''~~)
58	{
59	/* do not do anything */
60	}


27	include_once ABSPATH . '/wp-admin/includes/class-wp-upgrader.php';
28	include_once ABSPATH . '/wp-admin/includes/plugin-install.php';
29
30	+ if (version_compare(SucuriScan::siteVersion(), '5.3', '<')) {
31	+ include_once 'installer-skin-legacy.lib.php';
32	+ return;
33	+ }
34	+
35	/**
36	* Plugin Installer Skin for WordPress Plugin Installer.
37	*

56	/**
57	* Reports the progress of the plugin installation.
58	*
59	+ * @param string $string Message to display in administration message.
60	+ * @param mixed ...$args Optional text replacements.
61	+ *
62	* @return void
63	*/
64	+ public function feedback($string, ...$args)
65	{
66	/* do not do anything */
67	}

src/settings-hardening.php CHANGED Viewed

	@@ -482,6 +482,13 @@ class SucuriScanHardeningPage extends SucuriScan
482	$newlines = array();
483
484	foreach ($lines as $line) {







485	if (strpos($line, 'DB_COLLATE') === false) {
486	$newlines[] = $line;
487	continue;
	@@ -489,8 +496,8 @@ class SucuriScanHardeningPage extends SucuriScan
489
490	$newlines[] = $line; /* add current line */
491	$newlines[] = ''; /* add line separator */
492	- $newlines[] = "define('DISALLOW_FILE_EDIT', true);";
493	}

494
495	$fileEditorWasDisabled = true;
496	$content = implode("\n", $newlines);
	@@ -693,4 +700,9 @@ class SucuriScanHardeningPage extends SucuriScan
693
694	return SucuriScanTemplate::getSection('settings-hardening-allowlist-phpfiles', $params);
695	}





696	}


482	$newlines = array();
483
484	foreach ($lines as $line) {
485	+ if (self::containsConstant($line, 'DISALLOW_FILE_EDIT')) {
486	+ // Skip lines that define the `DISALLOW_FILE_EDIT` constant,
487	+ // to make hardening possible when other plugins have already
488	+ // defined the same constant with a falsy value.
489	+ continue;
490	+ }
491	+
492	if (strpos($line, 'DB_COLLATE') === false) {
493	$newlines[] = $line;
494	continue;

496
497	$newlines[] = $line; /* add current line */
498	$newlines[] = ''; /* add line separator */

499	}
500	+ $newlines[] = "define('DISALLOW_FILE_EDIT', true);";
501
502	$fileEditorWasDisabled = true;
503	$content = implode("\n", $newlines);

700
701	return SucuriScanTemplate::getSection('settings-hardening-allowlist-phpfiles', $params);
702	}
703	+
704	+ private static function containsConstant($line, $constant)
705	+ {
706	+ return strpos($line, "'" . $constant . "'") !== false \|\| strpos($line, '"' . $constant . '"') !== false;
707	+ }
708	}

src/settings-posthack.php CHANGED Viewed

	@@ -136,7 +136,7 @@ class SucuriScanSettingsPosthack extends SucuriScanSettings
136	$cronFrequency = SucuriScanRequest::post(':autoseckeyupdater_frequency');
137
138	// Deny action if cron frequency is invalid
139	- if (empty($cronFrequency) \|\| !in_array($cronFrequency, ~~array_keys(~~$availableSchedules))) {
140	SucuriScanInterface::error(__('No frequency selected for the automatic secret key updater.', 'sucuri-scanner'));
141	} elseif ($cronFrequency === "disabled") {
142	// Disable Automatic Secret Keys Updater


136	$cronFrequency = SucuriScanRequest::post(':autoseckeyupdater_frequency');
137
138	// Deny action if cron frequency is invalid
139	+ if (empty($cronFrequency) \|\| !in_array($cronFrequency, $availableSchedules)) {
140	SucuriScanInterface::error(__('No frequency selected for the automatic secret key updater.', 'sucuri-scanner'));
141	} elseif ($cronFrequency === "disabled") {
142	// Disable Automatic Secret Keys Updater

src/sitecheck.lib.php CHANGED Viewed

	@@ -389,8 +389,11 @@ class SucuriScanSiteCheck extends SucuriScanAPI
389	public static function iFramesTitle()
390	{
391	$data = self::scanAndCollectData();



392
393	- return sprintf(__('iFrames: %d', 'sucuri-scanner'), ~~@count(~~$~~data['LINKS']['IFRAME']~~));
394	}
395
396	/**
	@@ -401,8 +404,11 @@ class SucuriScanSiteCheck extends SucuriScanAPI
401	public static function linksTitle()
402	{
403	$data = self::scanAndCollectData();



404
405	- return sprintf(__('Links: %d', 'sucuri-scanner'), ~~@count(~~$~~data['LINKS']['URL']~~));
406	}
407
408	/**


389	public static function iFramesTitle()
390	{
391	$data = self::scanAndCollectData();
392	+ $niframes = isset($data['LINKS']['IFRAME']) && is_array($data['LINKS']['IFRAME'])
393	+ ? count($data['LINKS']['IFRAME'])
394	+ : 0;
395
396	+ return sprintf(__('iFrames: %d', 'sucuri-scanner'), $niframes);
397	}
398
399	/**

404	public static function linksTitle()
405	{
406	$data = self::scanAndCollectData();
407	+ $nlinks = isset($data['LINKS']['URL']) && is_array($data['LINKS']['URL'])
408	+ ? count($data['LINKS']['URL'])
409	+ : 0;
410
411	+ return sprintf(__('Links: %d', 'sucuri-scanner'), $nlinks);
412	}
413
414	/**

sucuri.php CHANGED Viewed

	@@ -8,7 +8,7 @@
8	* Author: Sucuri Inc.
9	* Text Domain: sucuri-scanner
10	* Domain Path: /lang
11	- * Version: 1.8.26
12	*
13	* PHP version 5
14	*
	@@ -85,7 +85,7 @@ define('SUCURISCAN', 'sucuriscan');
85	/**
86	* Current version of the plugin's code.
87	*/
88	- define('SUCURISCAN_VERSION', '1.8.26');
89
90	/**
91	* Defines the human readable name of the plugin.


8	* Author: Sucuri Inc.
9	* Text Domain: sucuri-scanner
10	* Domain Path: /lang
11	+ * Version: 1.8.27
12	*
13	* PHP version 5
14	*

85	/**
86	* Current version of the plugin's code.
87	*/
88	+ define('SUCURISCAN_VERSION', '1.8.27');
89
90	/**
91	* Defines the human readable name of the plugin.

Sucuri Security – Auditing, Malware Scanner and Security Hardening - Version 1.8.27

Version Description

Release Info

Code changes from version 1.8.26 to 1.8.27