Version Description
- 1 Dec 2014 =
- Security: More efficient format for internal firewall IPs.
Download this release
Release Info
Developer | thingalon |
Plugin | VaultPress |
Version | 1.6.7 |
Comparing to | |
See all releases |
Code changes from version 1.6.6 to 1.6.7
- readme.txt +4 -1
- vaultpress.php +73 -29
readme.txt
CHANGED
@@ -3,7 +3,7 @@ Contributors: automattic, apokalyptik, briancolinger, josephscott, shaunandrews,
|
|
3 |
Tags: security, malware, virus, archive, back up, back ups, backup, backups, scanning, restore, wordpress backup, site backup, website backup
|
4 |
Requires at least: 2.9.2
|
5 |
Tested up to: 4.0
|
6 |
-
Stable tag: 1.6.
|
7 |
License: GPLv2
|
8 |
|
9 |
VaultPress is a subscription service offering realtime backup, automated security scanning, and support from WordPress experts.
|
@@ -51,6 +51,9 @@ A VaultPress subscription is for a single WordPress site. You can purchase addit
|
|
51 |
Yes, VaultPress supports Multisite installs. Each site will require its own subscription.
|
52 |
|
53 |
== Changelog ==
|
|
|
|
|
|
|
54 |
= 1.6.6 - 14 Nov 2014 =
|
55 |
* Security: Fetch service IP updates via HTTPS.
|
56 |
* Feature: Don't send backup notifications while mass-deleting spam.
|
3 |
Tags: security, malware, virus, archive, back up, back ups, backup, backups, scanning, restore, wordpress backup, site backup, website backup
|
4 |
Requires at least: 2.9.2
|
5 |
Tested up to: 4.0
|
6 |
+
Stable tag: 1.6.7
|
7 |
License: GPLv2
|
8 |
|
9 |
VaultPress is a subscription service offering realtime backup, automated security scanning, and support from WordPress experts.
|
51 |
Yes, VaultPress supports Multisite installs. Each site will require its own subscription.
|
52 |
|
53 |
== Changelog ==
|
54 |
+
= 1.6.7 - 1 Dec 2014 =
|
55 |
+
* Security: More efficient format for internal firewall IPs.
|
56 |
+
|
57 |
= 1.6.6 - 14 Nov 2014 =
|
58 |
* Security: Fetch service IP updates via HTTPS.
|
59 |
* Feature: Don't send backup notifications while mass-deleting spam.
|
vaultpress.php
CHANGED
@@ -3,7 +3,7 @@
|
|
3 |
* Plugin Name: VaultPress
|
4 |
* Plugin URI: http://vaultpress.com/?utm_source=plugin-uri&utm_medium=plugin-description&utm_campaign=1.0
|
5 |
* Description: Protect your content, themes, plugins, and settings with <strong>realtime backup</strong> and <strong>automated security scanning</strong> from <a href="http://vaultpress.com/?utm_source=wp-admin&utm_medium=plugin-description&utm_campaign=1.0" rel="nofollow">VaultPress</a>. Activate, enter your registration key, and never worry again. <a href="http://vaultpress.com/help/?utm_source=wp-admin&utm_medium=plugin-description&utm_campaign=1.0" rel="nofollow">Need some help?</a>
|
6 |
-
* Version: 1.6.
|
7 |
* Author: Automattic
|
8 |
* Author URI: http://vaultpress.com/?utm_source=author-uri&utm_medium=plugin-description&utm_campaign=1.0
|
9 |
* License: GPL2+
|
@@ -17,8 +17,8 @@ if ( !defined( 'ABSPATH' ) )
|
|
17 |
|
18 |
class VaultPress {
|
19 |
var $option_name = 'vaultpress';
|
20 |
-
var $db_version =
|
21 |
-
var $plugin_version = '1.6.
|
22 |
|
23 |
function __construct() {
|
24 |
register_activation_hook( __FILE__, array( $this, 'activate' ) );
|
@@ -33,7 +33,7 @@ class VaultPress {
|
|
33 |
'key' => '',
|
34 |
'secret' => '',
|
35 |
'connection' => false,
|
36 |
-
'
|
37 |
);
|
38 |
|
39 |
$this->options = wp_parse_args( $options, $defaults );
|
@@ -140,6 +140,12 @@ class VaultPress {
|
|
140 |
$this->update_option( 'db_version', $this->db_version );
|
141 |
$this->clear_connection();
|
142 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
143 |
}
|
144 |
|
145 |
function get_option( $key ) {
|
@@ -973,7 +979,7 @@ class VaultPress {
|
|
973 |
$retry--;
|
974 |
$protocol = 'https';
|
975 |
$args['sslverify'] = 'https' == $protocol ? true : false;
|
976 |
-
$r = wp_remote_get( $url=sprintf( "%s://%s/%s", $protocol, $hostname, $path ), $args );
|
977 |
if ( 200 == wp_remote_retrieve_response_code( $r ) ) {
|
978 |
if ( 99 == $this->get_option( 'connection_error_code' ) )
|
979 |
$this->clear_connection();
|
@@ -1005,13 +1011,13 @@ class VaultPress {
|
|
1005 |
$data = $this->request_firewall_update();
|
1006 |
if ( $data ) {
|
1007 |
$newval = array( 'updated' => time(), 'data' => $data );
|
1008 |
-
$this->update_option( '
|
1009 |
}
|
1010 |
|
1011 |
$external_data = $this->request_firewall_update( true );
|
1012 |
if ( $external_data ) {
|
1013 |
$external_newval = array( 'updated' => time(), 'data' => $external_data );
|
1014 |
-
update_option( '
|
1015 |
}
|
1016 |
|
1017 |
if ( !empty( $data ) && !empty( $external_data ) )
|
@@ -1778,27 +1784,7 @@ JS;
|
|
1778 |
return false;
|
1779 |
}
|
1780 |
if ( !$this->get_option( 'disable_firewall' ) ) {
|
1781 |
-
|
1782 |
-
$service_ips_external = get_option( 'vaultpress_service_ips_external' );
|
1783 |
-
if ( !empty( $rxs['data'] ) && !empty( $service_ips_external['data'] ) )
|
1784 |
-
$rxs['data'] = array_merge( $rxs['data'], $service_ips_external['data'] );
|
1785 |
-
if ( $rxs ) {
|
1786 |
-
$timeout = time() - 86400;
|
1787 |
-
if ( $rxs ) {
|
1788 |
-
if ( $rxs['updated'] < $timeout )
|
1789 |
-
$refetch = true;
|
1790 |
-
else
|
1791 |
-
$refetch = false;
|
1792 |
-
$rxs = $rxs['data'];
|
1793 |
-
}
|
1794 |
-
} else {
|
1795 |
-
$refetch = true;
|
1796 |
-
}
|
1797 |
-
if ( $refetch ) {
|
1798 |
-
if ( $data = $this->update_firewall() )
|
1799 |
-
$rxs = $data;
|
1800 |
-
}
|
1801 |
-
if ( !$this->validate_ip_address( $rxs ) )
|
1802 |
return false;
|
1803 |
}
|
1804 |
$sig = explode( ':', $sig );
|
@@ -1827,7 +1813,7 @@ JS;
|
|
1827 |
function ip_in_cidr( $ip, $cidr ) {
|
1828 |
list ($net, $mask) = explode( '/', $cidr );
|
1829 |
return ( ip2long( $ip ) & ~((1 << (32 - $mask)) - 1) ) == ( ip2long( $net ) & ~((1 << (32 - $mask)) - 1) );
|
1830 |
-
}
|
1831 |
|
1832 |
function ip_in_cidrs( $ip, $cidrs ) {
|
1833 |
foreach ( (array)$cidrs as $cidr ) {
|
@@ -1835,6 +1821,64 @@ JS;
|
|
1835 |
return $cidr;
|
1836 |
}
|
1837 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1838 |
}
|
1839 |
|
1840 |
function validate_ip_address( $rxs ) {
|
3 |
* Plugin Name: VaultPress
|
4 |
* Plugin URI: http://vaultpress.com/?utm_source=plugin-uri&utm_medium=plugin-description&utm_campaign=1.0
|
5 |
* Description: Protect your content, themes, plugins, and settings with <strong>realtime backup</strong> and <strong>automated security scanning</strong> from <a href="http://vaultpress.com/?utm_source=wp-admin&utm_medium=plugin-description&utm_campaign=1.0" rel="nofollow">VaultPress</a>. Activate, enter your registration key, and never worry again. <a href="http://vaultpress.com/help/?utm_source=wp-admin&utm_medium=plugin-description&utm_campaign=1.0" rel="nofollow">Need some help?</a>
|
6 |
+
* Version: 1.6.7
|
7 |
* Author: Automattic
|
8 |
* Author URI: http://vaultpress.com/?utm_source=author-uri&utm_medium=plugin-description&utm_campaign=1.0
|
9 |
* License: GPL2+
|
17 |
|
18 |
class VaultPress {
|
19 |
var $option_name = 'vaultpress';
|
20 |
+
var $db_version = 4;
|
21 |
+
var $plugin_version = '1.6.7';
|
22 |
|
23 |
function __construct() {
|
24 |
register_activation_hook( __FILE__, array( $this, 'activate' ) );
|
33 |
'key' => '',
|
34 |
'secret' => '',
|
35 |
'connection' => false,
|
36 |
+
'service_ips_cidr' => false
|
37 |
);
|
38 |
|
39 |
$this->options = wp_parse_args( $options, $defaults );
|
140 |
$this->update_option( 'db_version', $this->db_version );
|
141 |
$this->clear_connection();
|
142 |
}
|
143 |
+
|
144 |
+
if ( $current_db_version < 4 ) {
|
145 |
+
$this->update_firewall();
|
146 |
+
$this->update_option( 'db_version', $this->db_version );
|
147 |
+
$this->clear_connection();
|
148 |
+
}
|
149 |
}
|
150 |
|
151 |
function get_option( $key ) {
|
979 |
$retry--;
|
980 |
$protocol = 'https';
|
981 |
$args['sslverify'] = 'https' == $protocol ? true : false;
|
982 |
+
$r = wp_remote_get( $url=sprintf( "%s://%s/%s?cidr_ranges=1", $protocol, $hostname, $path ), $args );
|
983 |
if ( 200 == wp_remote_retrieve_response_code( $r ) ) {
|
984 |
if ( 99 == $this->get_option( 'connection_error_code' ) )
|
985 |
$this->clear_connection();
|
1011 |
$data = $this->request_firewall_update();
|
1012 |
if ( $data ) {
|
1013 |
$newval = array( 'updated' => time(), 'data' => $data );
|
1014 |
+
$this->update_option( 'service_ips_cidr', $newval );
|
1015 |
}
|
1016 |
|
1017 |
$external_data = $this->request_firewall_update( true );
|
1018 |
if ( $external_data ) {
|
1019 |
$external_newval = array( 'updated' => time(), 'data' => $external_data );
|
1020 |
+
update_option( 'vaultpress_service_ips_external_cidr', $external_newval );
|
1021 |
}
|
1022 |
|
1023 |
if ( !empty( $data ) && !empty( $external_data ) )
|
1784 |
return false;
|
1785 |
}
|
1786 |
if ( !$this->get_option( 'disable_firewall' ) ) {
|
1787 |
+
if ( ! $this->check_firewall() )
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1788 |
return false;
|
1789 |
}
|
1790 |
$sig = explode( ':', $sig );
|
1813 |
function ip_in_cidr( $ip, $cidr ) {
|
1814 |
list ($net, $mask) = explode( '/', $cidr );
|
1815 |
return ( ip2long( $ip ) & ~((1 << (32 - $mask)) - 1) ) == ( ip2long( $net ) & ~((1 << (32 - $mask)) - 1) );
|
1816 |
+
}
|
1817 |
|
1818 |
function ip_in_cidrs( $ip, $cidrs ) {
|
1819 |
foreach ( (array)$cidrs as $cidr ) {
|
1821 |
return $cidr;
|
1822 |
}
|
1823 |
}
|
1824 |
+
|
1825 |
+
return false;
|
1826 |
+
}
|
1827 |
+
|
1828 |
+
function check_firewall() {
|
1829 |
+
global $__vp_validate_error;
|
1830 |
+
|
1831 |
+
$stored_cidrs = $this->get_option( 'service_ips_cidr' );
|
1832 |
+
$stored_ext_cidrs = get_option( 'vaultpress_service_ips_external_cidr' );
|
1833 |
+
|
1834 |
+
$one_day_ago = time() - 86400;
|
1835 |
+
if ( empty( $stored_cidrs ) || empty( $stored_ext_cidrs ) || $stored_cidrs['updated'] < $one_day_ago ) {
|
1836 |
+
$cidrs = $this->update_firewall();
|
1837 |
+
} else {
|
1838 |
+
$cidrs = array_merge( $stored_cidrs['data'], $stored_ext_cidrs['data'] );
|
1839 |
+
}
|
1840 |
+
|
1841 |
+
if ( empty( $cidrs ) ) {
|
1842 |
+
// No up-to-date info; fall back on the old methods.
|
1843 |
+
if ( $this->do_c_block_firewall() ) {
|
1844 |
+
return true;
|
1845 |
+
} else {
|
1846 |
+
$__vp_validate_error = array( 'error' => 'empty_vp_ip_cidr_range' );
|
1847 |
+
return false;
|
1848 |
+
}
|
1849 |
+
}
|
1850 |
+
|
1851 |
+
// Figure out possible remote IPs
|
1852 |
+
if ( $this->get_option( 'allow_forwarded_for') && !empty( $_SERVER['HTTP_X_FORWARDED_FOR'] ) )
|
1853 |
+
$remote_ips = explode( ',', $_SERVER['HTTP_X_FORWARDED_FOR'] );
|
1854 |
+
|
1855 |
+
if ( !empty( $_SERVER['REMOTE_ADDR'] ) )
|
1856 |
+
$remote_ips[] = $_SERVER['REMOTE_ADDR'];
|
1857 |
+
|
1858 |
+
if ( empty( $remote_ips ) ) {
|
1859 |
+
$__vp_validate_error = array( 'error' => 'no_remote_addr', 'detail' => (int) $this->get_option( 'allow_forwarded_for' ) ); // shouldn't happen
|
1860 |
+
return false;
|
1861 |
+
}
|
1862 |
+
|
1863 |
+
foreach ( $remote_ips as $ip ) {
|
1864 |
+
if ( $cidr = $this->ip_in_cidrs( $ip, $cidrs ) ) {
|
1865 |
+
return true;
|
1866 |
+
}
|
1867 |
+
}
|
1868 |
+
|
1869 |
+
return false;
|
1870 |
+
}
|
1871 |
+
|
1872 |
+
function do_c_block_firewall() {
|
1873 |
+
// Perform the firewall check by class-c ip blocks
|
1874 |
+
$rxs = $this->get_option( 'service_ips' );
|
1875 |
+
$service_ips_external = get_option( 'vaultpress_service_ips_external' );
|
1876 |
+
|
1877 |
+
if ( !empty( $rxs['data'] ) && !empty( $service_ips_external['data'] ) )
|
1878 |
+
$rxs = array_merge( $rxs['data'], $service_ips_external['data'] );
|
1879 |
+
if ( ! $rxs )
|
1880 |
+
return false;
|
1881 |
+
return $this->validate_ip_address( $rxs );
|
1882 |
}
|
1883 |
|
1884 |
function validate_ip_address( $rxs ) {
|