Version Description
- 12 Dec 2014 =
- Bugfix: Fall back on HTTP when updating firewall via HTTPS fails. Still warn the user about the security implications.
Download this release
Release Info
| Developer | thingalon |
| Plugin |  VaultPress |
| Version | 1.6.8 |
| Comparing to | |
| See all releases | |
Code changes from version 1.6.7 to 1.6.8
- readme.txt +4 -1
- vaultpress.php +22 -16
readme.txt
CHANGED
|
@@ -3,7 +3,7 @@ Contributors: automattic, apokalyptik, briancolinger, josephscott, shaunandrews,
|
|
| 3 |
Tags: security, malware, virus, archive, back up, back ups, backup, backups, scanning, restore, wordpress backup, site backup, website backup
|
| 4 |
Requires at least: 2.9.2
|
| 5 |
Tested up to: 4.0
|
| 6 |
-
Stable tag: 1.6.
|
| 7 |
License: GPLv2
|
| 8 |
|
| 9 |
VaultPress is a subscription service offering realtime backup, automated security scanning, and support from WordPress experts.
|
|
@@ -51,6 +51,9 @@ A VaultPress subscription is for a single WordPress site. You can purchase addit
|
|
| 51 |
Yes, VaultPress supports Multisite installs. Each site will require its own subscription.
|
| 52 |
|
| 53 |
== Changelog ==
|
|
|
|
|
|
|
|
|
|
| 54 |
= 1.6.7 - 1 Dec 2014 =
|
| 55 |
* Security: More efficient format for internal firewall IPs.
|
| 56 |
|
| 3 |
Tags: security, malware, virus, archive, back up, back ups, backup, backups, scanning, restore, wordpress backup, site backup, website backup
|
| 4 |
Requires at least: 2.9.2
|
| 5 |
Tested up to: 4.0
|
| 6 |
+
Stable tag: 1.6.8
|
| 7 |
License: GPLv2
|
| 8 |
|
| 9 |
VaultPress is a subscription service offering realtime backup, automated security scanning, and support from WordPress experts.
|
| 51 |
Yes, VaultPress supports Multisite installs. Each site will require its own subscription.
|
| 52 |
|
| 53 |
== Changelog ==
|
| 54 |
+
= 1.6.8 - 12 Dec 2014 =
|
| 55 |
+
* Bugfix: Fall back on HTTP when updating firewall via HTTPS fails. Still warn the user about the security implications.
|
| 56 |
+
|
| 57 |
= 1.6.7 - 1 Dec 2014 =
|
| 58 |
* Security: More efficient format for internal firewall IPs.
|
| 59 |
|
vaultpress.php
CHANGED
|
@@ -3,7 +3,7 @@
|
|
| 3 |
* Plugin Name: VaultPress
|
| 4 |
* Plugin URI: http://vaultpress.com/?utm_source=plugin-uri&utm_medium=plugin-description&utm_campaign=1.0
|
| 5 |
* Description: Protect your content, themes, plugins, and settings with <strong>realtime backup</strong> and <strong>automated security scanning</strong> from <a href="http://vaultpress.com/?utm_source=wp-admin&utm_medium=plugin-description&utm_campaign=1.0" rel="nofollow">VaultPress</a>. Activate, enter your registration key, and never worry again. <a href="http://vaultpress.com/help/?utm_source=wp-admin&utm_medium=plugin-description&utm_campaign=1.0" rel="nofollow">Need some help?</a>
|
| 6 |
-
* Version: 1.6.
|
| 7 |
* Author: Automattic
|
| 8 |
* Author URI: http://vaultpress.com/?utm_source=author-uri&utm_medium=plugin-description&utm_campaign=1.0
|
| 9 |
* License: GPL2+
|
|
@@ -18,7 +18,7 @@ if ( !defined( 'ABSPATH' ) )
|
|
| 18 |
class VaultPress {
|
| 19 |
var $option_name = 'vaultpress';
|
| 20 |
var $db_version = 4;
|
| 21 |
-
var $plugin_version = '1.6.
|
| 22 |
|
| 23 |
function __construct() {
|
| 24 |
register_activation_hook( __FILE__, array( $this, 'activate' ) );
|
|
@@ -975,9 +975,9 @@ class VaultPress {
|
|
| 975 |
$data = false;
|
| 976 |
$https_error = null;
|
| 977 |
$retry = 2;
|
|
|
|
| 978 |
do {
|
| 979 |
$retry--;
|
| 980 |
-
$protocol = 'https';
|
| 981 |
$args['sslverify'] = 'https' == $protocol ? true : false;
|
| 982 |
$r = wp_remote_get( $url=sprintf( "%s://%s/%s?cidr_ranges=1", $protocol, $hostname, $path ), $args );
|
| 983 |
if ( 200 == wp_remote_retrieve_response_code( $r ) ) {
|
|
@@ -986,24 +986,28 @@ class VaultPress {
|
|
| 986 |
$data = @unserialize( wp_remote_retrieve_body( $r ) );
|
| 987 |
break;
|
| 988 |
}
|
| 989 |
-
if ( 'https' == $protocol )
|
| 990 |
$https_error = $r;
|
|
|
|
|
|
|
| 991 |
usleep( 100 );
|
| 992 |
} while( $retry > 0 );
|
| 993 |
|
| 994 |
-
$
|
| 995 |
-
|
| 996 |
-
|
| 997 |
-
|
| 998 |
-
|
| 999 |
-
|
| 1000 |
-
|
| 1001 |
-
|
| 1002 |
-
|
| 1003 |
-
|
| 1004 |
-
|
|
|
|
|
|
|
| 1005 |
}
|
| 1006 |
-
|
| 1007 |
return $data;
|
| 1008 |
}
|
| 1009 |
|
|
@@ -1861,11 +1865,13 @@ JS;
|
|
| 1861 |
}
|
| 1862 |
|
| 1863 |
foreach ( $remote_ips as $ip ) {
|
|
|
|
| 1864 |
if ( $cidr = $this->ip_in_cidrs( $ip, $cidrs ) ) {
|
| 1865 |
return true;
|
| 1866 |
}
|
| 1867 |
}
|
| 1868 |
|
|
|
|
| 1869 |
return false;
|
| 1870 |
}
|
| 1871 |
|
| 3 |
* Plugin Name: VaultPress
|
| 4 |
* Plugin URI: http://vaultpress.com/?utm_source=plugin-uri&utm_medium=plugin-description&utm_campaign=1.0
|
| 5 |
* Description: Protect your content, themes, plugins, and settings with <strong>realtime backup</strong> and <strong>automated security scanning</strong> from <a href="http://vaultpress.com/?utm_source=wp-admin&utm_medium=plugin-description&utm_campaign=1.0" rel="nofollow">VaultPress</a>. Activate, enter your registration key, and never worry again. <a href="http://vaultpress.com/help/?utm_source=wp-admin&utm_medium=plugin-description&utm_campaign=1.0" rel="nofollow">Need some help?</a>
|
| 6 |
+
* Version: 1.6.8
|
| 7 |
* Author: Automattic
|
| 8 |
* Author URI: http://vaultpress.com/?utm_source=author-uri&utm_medium=plugin-description&utm_campaign=1.0
|
| 9 |
* License: GPL2+
|
| 18 |
class VaultPress {
|
| 19 |
var $option_name = 'vaultpress';
|
| 20 |
var $db_version = 4;
|
| 21 |
+
var $plugin_version = '1.6.8';
|
| 22 |
|
| 23 |
function __construct() {
|
| 24 |
register_activation_hook( __FILE__, array( $this, 'activate' ) );
|
| 975 |
$data = false;
|
| 976 |
$https_error = null;
|
| 977 |
$retry = 2;
|
| 978 |
+
$protocol = 'https';
|
| 979 |
do {
|
| 980 |
$retry--;
|
|
|
|
| 981 |
$args['sslverify'] = 'https' == $protocol ? true : false;
|
| 982 |
$r = wp_remote_get( $url=sprintf( "%s://%s/%s?cidr_ranges=1", $protocol, $hostname, $path ), $args );
|
| 983 |
if ( 200 == wp_remote_retrieve_response_code( $r ) ) {
|
| 986 |
$data = @unserialize( wp_remote_retrieve_body( $r ) );
|
| 987 |
break;
|
| 988 |
}
|
| 989 |
+
if ( 'https' == $protocol ) {
|
| 990 |
$https_error = $r;
|
| 991 |
+
$protocol = 'http';
|
| 992 |
+
}
|
| 993 |
usleep( 100 );
|
| 994 |
} while( $retry > 0 );
|
| 995 |
|
| 996 |
+
if ( $https_error != null && ! empty( $data ) ) {
|
| 997 |
+
$r_code = wp_remote_retrieve_response_code( $https_error );
|
| 998 |
+
if ( 200 != $r_code ) {
|
| 999 |
+
$error_message = sprintf( 'Unexpected HTTP response code %s', $r_code );
|
| 1000 |
+
if ( false === $r_code )
|
| 1001 |
+
$error_message = 'Unable to find an HTTP transport that supports SSL verification';
|
| 1002 |
+
elseif ( is_wp_error( $https_error ) )
|
| 1003 |
+
$error_message = $https_error->get_error_message();
|
| 1004 |
+
|
| 1005 |
+
$this->update_option( 'connection', time() );
|
| 1006 |
+
$this->update_option( 'connection_error_code', 99 );
|
| 1007 |
+
$this->update_option( 'connection_error_message', sprintf( __('Warning: The VaultPress plugin is using an insecure protocol because it cannot verify the identity of the VaultPress server. Please contact your hosting provider, and ask them to check that SSL certificate verification is correctly configured on this server. The request failed with the following error: "%s". If you’re still having issues please <a href="%1$s">contact the VaultPress Safekeepers</a>.', 'vaultpress' ), esc_html( $error_message ), 'http://vaultpress.com/contact/' ) );
|
| 1008 |
+
}
|
| 1009 |
}
|
| 1010 |
+
|
| 1011 |
return $data;
|
| 1012 |
}
|
| 1013 |
|
| 1865 |
}
|
| 1866 |
|
| 1867 |
foreach ( $remote_ips as $ip ) {
|
| 1868 |
+
$ip = preg_replace( '#^::(ffff:)?#', '', $ip );
|
| 1869 |
if ( $cidr = $this->ip_in_cidrs( $ip, $cidrs ) ) {
|
| 1870 |
return true;
|
| 1871 |
}
|
| 1872 |
}
|
| 1873 |
|
| 1874 |
+
$__vp_validate_error = array( 'error' => 'remote_addr_fail', 'detail' => $remote_ips );
|
| 1875 |
return false;
|
| 1876 |
}
|
| 1877 |
|
