Wordfence Security – Firewall & Malware Scan

Version Description

Release Info

Developer	mmaunder
Plugin	Wordfence Security – Firewall & Malware Scan
Version	1.2
Comparing to
See all releases

Code changes from version 1.1 to 1.2

Files changed (10) hide show

js/admin.js +2 -2
lib/dropAll.php +8 -0
lib/menu_config.php +1 -1
lib/menu_options.php +8 -0
lib/wfConfig.php +9 -6
lib/wfUtils.php +2 -4
lib/wordfenceClass.php +28 -5
readme.txt +7 -3
wfscan.php +6 -1
wordfence.php +1 -1

js/admin.js CHANGED Viewed

	@@ -630,8 +630,8 @@ window['wordfenceAdmin'] = {
630	this.ajax('wordfence_saveConfig', qstr, function(res){
631	jQuery('.wfAjax24').hide();
632	if(res.ok){
633	- if(WFAD.reloadConfigPage){
634	- self.colorbox('400px', "Please reload this page", "You selected a config option that ~~changes~~ ~~the~~ ~~Wordfence~~ ~~menu on the left~~. Click the button below to reload this page to update the menu.<br /><br /><center><input type='button' name='wfReload' value='Reload page' onclick='window.location.reload();' /></center>");
635	return;
636	} else {
637	self.pulse('.wfSavedMsg');


630	this.ajax('wordfence_saveConfig', qstr, function(res){
631	jQuery('.wfAjax24').hide();
632	if(res.ok){
633	+ if(res['reload'] == 'reload' \|\| WFAD.reloadConfigPage){
634	+ self.colorbox('400px', "Please reload this page", "You selected a config option that requires a page reload. Click the button below to reload this page to update the menu.<br /><br /><center><input type='button' name='wfReload' value='Reload page' onclick='window.location.reload();' /></center>");
635	return;
636	} else {
637	self.pulse('.wfSavedMsg');

lib/dropAll.php ADDED Viewed

	@@ -0,0 +1,8 @@


1	+ <?php
2	+ require_once('wfSchema.php');
3	+ if((! isset($_SERVER)) \|\| isset($_SERVER['REQUEST_URI'])){ echo "Running under web interface. Exiting.\n"; exit(0); }
4	+ if(! (isset($argv[1]) && isset($argv[2]) && isset($argv[3]))){ echo "Usage: {$argv[0]} <DB username> <DB password> <DB name>\n"; exit(); } $s = new wfSchema('localhost', $argv[1], $argv[2], $argv[3]);
5	+
6	+ $s->dropAll();
7	+
8	+ ?>

lib/menu_config.php CHANGED Viewed

	@@ -1,7 +1,7 @@
1	<div class="wrap wordfence">
2	<div class="wordfence-lock-icon wordfence-icon32"><br /></div><h2>Welcome to Wordfence</h2>
3	<table class="form-table">
4	- <tr><th><nobr>Enter your Wordfence ~~license~~ key:</nobr></th><td><input type="text" id="wordfenceKey" size="30" value="" /> (<a href="http://wordfence.com/signup-step2/" target="_blank">click here to get a key</a>)</td></tr>
5	<tr><td colspan="2">
6	<table border="0" cellpadding="0" cellspacing="0"><tr><td>
7	<input type="button" name="submit" id="submit" class="button-primary" value="Save Changes and Activate Wordfence" onclick="wordfenceAdmin.activateWF(jQuery('#wordfenceKey').val()); return false;" />


1	<div class="wrap wordfence">
2	<div class="wordfence-lock-icon wordfence-icon32"><br /></div><h2>Welcome to Wordfence</h2>
3	<table class="form-table">
4	+ <tr><th><nobr>Enter your Wordfence API key:</nobr></th><td><input type="text" id="wordfenceKey" size="30" value="" /> (<a href="http://wordfence.com/signup-step2/" target="_blank">click here to get a free API key</a>)</td></tr>
5	<tr><td colspan="2">
6	<table border="0" cellpadding="0" cellspacing="0"><tr><td>
7	<input type="button" name="submit" id="submit" class="button-primary" value="Save Changes and Activate Wordfence" onclick="wordfenceAdmin.activateWF(jQuery('#wordfenceKey').val()); return false;" />

lib/menu_options.php CHANGED Viewed

	@@ -55,8 +55,16 @@ var WFSLevels = <?php echo json_encode(wfConfig::$securityLevels); ?>;
55	<tr><td colspan="2"><h2>Scans to include</h2></td></tr>
56	<tr><th class="wfConfigEnable">Enable automatic scheduled scans</th><td><input type="checkbox" id="scheduledScansEnabled" class="wfConfigElem" name="scheduledScansEnabled" value="1" <?php $w->cb('scheduledScansEnabled'); ?> /></td></tr>
57	<tr><th>Scan core files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_core" class="wfConfigElem" name="scansEnabled_core" value="1" <?php $w->cb('scansEnabled_core'); ?>/></td></tr>


58	<tr><th>Scan theme files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_themes" class="wfConfigElem" name="scansEnabled_themes" value="1" <?php $w->cb('scansEnabled_themes'); ?>/></td></tr>
59	<tr><th>Scan plugin files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_plugins" class="wfConfigElem" name="scansEnabled_plugins" value="1" <?php $w->cb('scansEnabled_plugins'); ?>/></td></tr>






60	<tr><th>Scan for signatures of known malicious files</th><td><input type="checkbox" id="scansEnabled_malware" class="wfConfigElem" name="scansEnabled_malware" value="1" <?php $w->cb('scansEnabled_malware'); ?>/></td></tr>
61	<tr><th>Scan file contents for backdoors, trojans and suspicious code</th><td><input type="checkbox" id="scansEnabled_fileContents" class="wfConfigElem" name="scansEnabled_fileContents" value="1" <?php $w->cb('scansEnabled_fileContents'); ?>/></td></tr>
62	<tr><th>Scan posts for known dangerous URLs and suspicious content</th><td><input type="checkbox" id="scansEnabled_posts" class="wfConfigElem" name="scansEnabled_posts" value="1" <?php $w->cb('scansEnabled_posts'); ?>/></td></tr>


55	<tr><td colspan="2"><h2>Scans to include</h2></td></tr>
56	<tr><th class="wfConfigEnable">Enable automatic scheduled scans</th><td><input type="checkbox" id="scheduledScansEnabled" class="wfConfigElem" name="scheduledScansEnabled" value="1" <?php $w->cb('scheduledScansEnabled'); ?> /></td></tr>
57	<tr><th>Scan core files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_core" class="wfConfigElem" name="scansEnabled_core" value="1" <?php $w->cb('scansEnabled_core'); ?>/></td></tr>
58	+
59	+ <?php if(wfConfig::get('isPaid') == 'paid'){ ?>
60	<tr><th>Scan theme files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_themes" class="wfConfigElem" name="scansEnabled_themes" value="1" <?php $w->cb('scansEnabled_themes'); ?>/></td></tr>
61	<tr><th>Scan plugin files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_plugins" class="wfConfigElem" name="scansEnabled_plugins" value="1" <?php $w->cb('scansEnabled_plugins'); ?>/></td></tr>
62	+ <?php } else { ?>
63	+ <tr><th style="color: #F00; padding-top: 10px;">Only available to Premium Members:</th><td></td></tr>
64	+ <tr><th style="color: #999;">Scan theme files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_themes" class="wfConfigElem" name="scansEnabled_themes" value="1" DISABLED /></td></tr>
65	+ <tr><th style="color: #999;">Scan plugin files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_plugins" class="wfConfigElem" name="scansEnabled_plugins" value="1" DISABLED /></td></tr>
66	+ <tr><td colspan="2"> </td></tr>
67	+ <?php } ?>
68	<tr><th>Scan for signatures of known malicious files</th><td><input type="checkbox" id="scansEnabled_malware" class="wfConfigElem" name="scansEnabled_malware" value="1" <?php $w->cb('scansEnabled_malware'); ?>/></td></tr>
69	<tr><th>Scan file contents for backdoors, trojans and suspicious code</th><td><input type="checkbox" id="scansEnabled_fileContents" class="wfConfigElem" name="scansEnabled_fileContents" value="1" <?php $w->cb('scansEnabled_fileContents'); ?>/></td></tr>
70	<tr><th>Scan posts for known dangerous URLs and suspicious content</th><td><input type="checkbox" id="scansEnabled_posts" class="wfConfigElem" name="scansEnabled_posts" value="1" <?php $w->cb('scansEnabled_posts'); ?>/></td></tr>

lib/wfConfig.php CHANGED Viewed

	@@ -79,7 +79,7 @@ class wfConfig {
79	"scheduledScansEnabled" => true,
80	"scansEnabled_core" => true,
81	"scansEnabled_themes" => false,
82	- "scansEnabled_plugins" => ~~true~~,
83	"scansEnabled_malware" => true,
84	"scansEnabled_fileContents" => true,
85	"scansEnabled_posts" => true,
	@@ -139,7 +139,7 @@ class wfConfig {
139	"scheduledScansEnabled" => true,
140	"scansEnabled_core" => true,
141	"scansEnabled_themes" => false,
142	- "scansEnabled_plugins" => ~~true~~,
143	"scansEnabled_malware" => true,
144	"scansEnabled_fileContents" => true,
145	"scansEnabled_posts" => true,
	@@ -198,8 +198,8 @@ class wfConfig {
198	"liveTraf_ignorePublishers" => true,
199	"scheduledScansEnabled" => true,
200	"scansEnabled_core" => true,
201	- "scansEnabled_themes" => ~~true~~,
202	- "scansEnabled_plugins" => ~~true~~,
203	"scansEnabled_malware" => true,
204	"scansEnabled_fileContents" => true,
205	"scansEnabled_posts" => true,
	@@ -258,8 +258,8 @@ class wfConfig {
258	"liveTraf_ignorePublishers" => true,
259	"scheduledScansEnabled" => true,
260	"scansEnabled_core" => true,
261	- "scansEnabled_themes" => ~~true~~,
262	- "scansEnabled_plugins" => ~~true~~,
263	"scansEnabled_malware" => true,
264	"scansEnabled_fileContents" => true,
265	"scansEnabled_posts" => true,
	@@ -317,6 +317,9 @@ class wfConfig {
317	}
318	}
319	self::set('encKey', substr(wfUtils::bigRandomHex(),0 ,16) );



320	}
321	public static function parseOptions(){
322	$ret = array();


79	"scheduledScansEnabled" => true,
80	"scansEnabled_core" => true,
81	"scansEnabled_themes" => false,
82	+ "scansEnabled_plugins" => false,
83	"scansEnabled_malware" => true,
84	"scansEnabled_fileContents" => true,
85	"scansEnabled_posts" => true,

139	"scheduledScansEnabled" => true,
140	"scansEnabled_core" => true,
141	"scansEnabled_themes" => false,
142	+ "scansEnabled_plugins" => false,
143	"scansEnabled_malware" => true,
144	"scansEnabled_fileContents" => true,
145	"scansEnabled_posts" => true,

198	"liveTraf_ignorePublishers" => true,
199	"scheduledScansEnabled" => true,
200	"scansEnabled_core" => true,
201	+ "scansEnabled_themes" => false,
202	+ "scansEnabled_plugins" => false,
203	"scansEnabled_malware" => true,
204	"scansEnabled_fileContents" => true,
205	"scansEnabled_posts" => true,

258	"liveTraf_ignorePublishers" => true,
259	"scheduledScansEnabled" => true,
260	"scansEnabled_core" => true,
261	+ "scansEnabled_themes" => false,
262	+ "scansEnabled_plugins" => false,
263	"scansEnabled_malware" => true,
264	"scansEnabled_fileContents" => true,
265	"scansEnabled_posts" => true,

317	}
318	}
319	self::set('encKey', substr(wfUtils::bigRandomHex(),0 ,16) );
320	+ if(! self::get('isPaid', false)){
321	+ self::set('isPaid', 'free');
322	+ }
323	}
324	public static function parseOptions(){
325	$ret = array();

lib/wfUtils.php CHANGED Viewed

	@@ -63,12 +63,10 @@ class wfUtils {
63	return sprintf("%u", ip2long($ip));
64	}
65	public static function getBaseURL(){
66	- //return ~~WP_PLUGIN_URL~~ . '/' ~~. str_replace(basename( __FILE__), "", plugin_basename(__FILE__))~~;
67	- $plug = preg_replace('/^.*\/([^\/]+)\/lib\/[^\/]+\.php$/', '$1', __FILE__);
68	- return WP_PLUGIN_URL . '/' . $plug . '/';
69	}
70	public static function getPluginBaseDir(){
71	- return ~~realpath(dirname(__FILE__)~~ . '~~/../../') . '~~/';
72	}
73	public static function getIP(){
74	$ip = 0;


63	return sprintf("%u", ip2long($ip));
64	}
65	public static function getBaseURL(){
66	+ return plugins_url() . '/wordfence/';


67	}
68	public static function getPluginBaseDir(){
69	+ return ABSPATH . 'wp-content/plugins/';
70	}
71	public static function getIP(){
72	$ip = 0;

lib/wordfenceClass.php CHANGED Viewed

	@@ -418,7 +418,21 @@ class wordfence {
418	if(sizeof($validIPs) > 0){
419	$opts['liveTraf_ignoreIPs'] = implode(',', $validIPs);
420	}
421	-














422	if(preg_match('/[a-zA-Z0-9\d]+/', $opts['liveTraf_ignoreUA'])){
423	$opts['liveTraf_ignoreUA'] = trim($opts['liveTraf_ignoreUA']);
424	} else {
	@@ -435,8 +449,12 @@ class wordfence {
435	}
436
437	//Clears next scan if scans are disabled. Schedules next scan if enabled.
438	- self::scheduleNextScan();
439	- ~~return array~~(~~'ok' => 1~~);




440	}
441	public static function ajax_clearAllBlocked_callback(){
442	$op = $_POST['op'];
	@@ -652,10 +670,12 @@ class wordfence {
652	wfConfig::set('apiKey', '');
653	return array("errorMsg" => $api->errorMsg );
654	}
655	- if($result['ok']){

656	return array("ok" => 1);


657	}
658	- return array("errorAlert" => "An unknown error occured trying to activate Wordfence. Please try again in a few minutes." );
659	}
660	public static function ajax_scan_callback(){
661	self::startScan();
	@@ -1001,6 +1021,9 @@ class wordfence {
1001	global $wp_version;
1002	$api = new wfAPI(wfConfig::get('apiKey'), $wp_version);
1003	$result = $api->call('get_next_scan_time', array(), array());



1004	$secsToGo = 3600 * 6; //In case we can't contact the API, schedule next scan 6 hours from now.
1005	if(is_array($result) && $result['secsToGo'] > 1){
1006	$secsToGo = $result['secsToGo'];


418	if(sizeof($validIPs) > 0){
419	$opts['liveTraf_ignoreIPs'] = implode(',', $validIPs);
420	}
421	+ $reload = '';
422	+ if($opts['apiKey'] != wfConfig::get('apiKey')){
423	+ $api = new wfAPI($opts['apiKey'], $wp_version);
424	+ $res = $api->call('check_api_key', array(), array());
425	+ if($res['ok'] && $res['isPaid']){
426	+ wfConfig::set('apiKey', $opts['apiKey']);
427	+ $reload = 'reload';
428	+ wfConfig::set('isPaid', $res['isPaid']);
429	+ } else if($res['errorMsg']){
430	+ return array('errorMsg' => $res['errorMsg']);
431	+ } else {
432	+ return array('errorMsg' => "We could not change your API key. Please try again in a few minutes.");
433	+ }
434	+ }
435	+
436	if(preg_match('/[a-zA-Z0-9\d]+/', $opts['liveTraf_ignoreUA'])){
437	$opts['liveTraf_ignoreUA'] = trim($opts['liveTraf_ignoreUA']);
438	} else {

449	}
450
451	//Clears next scan if scans are disabled. Schedules next scan if enabled.
452	+ $err = self::scheduleNextScan();
453	+ if($err){
454	+ return array('errorMsg' => $err);
455	+ } else {
456	+ return array('ok' => 1, 'reload' => $reload );
457	+ }
458	}
459	public static function ajax_clearAllBlocked_callback(){
460	$op = $_POST['op'];

670	wfConfig::set('apiKey', '');
671	return array("errorMsg" => $api->errorMsg );
672	}
673	+ if($result['ok'] && $result['isPaid']){
674	+ wfConfig::set('isPaid', $result['isPaid']);
675	return array("ok" => 1);
676	+ } else {
677	+ return array('errorAlert' => "An unknown error occured trying to activate Wordfence. Please try again in a few minutes." );
678	}

679	}
680	public static function ajax_scan_callback(){
681	self::startScan();

1021	global $wp_version;
1022	$api = new wfAPI(wfConfig::get('apiKey'), $wp_version);
1023	$result = $api->call('get_next_scan_time', array(), array());
1024	+ if($result['errorMsg']){
1025	+ return $result['errorMsg'];
1026	+ }
1027	$secsToGo = 3600 * 6; //In case we can't contact the API, schedule next scan 6 hours from now.
1028	if(is_array($result) && $result['secsToGo'] > 1){
1029	$secsToGo = $result['secsToGo'];

readme.txt CHANGED Viewed

	@@ -3,17 +3,21 @@ Contributors: mmaunder
3	Tags: anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence
4	Requires at least: 3.3.1
5	Tested up to: 3.3.1
6	- Stable tag: 1.1
7
8	Wordfence is an enterprise firewall and anti-virus plugin for WordPress.
9
10	== Description ==
11
12	- Wordfence is an enterprise firewall and anti-virus plugin for WordPress websites.



13
14	Wordfence:
15
16	- * Scans core files, ~~themes~~ ~~and~~ ~~plugins~~ ~~against~~ ~~repository~~ ~~versions~~.

17	* See how files have changed. Optionally repair changed files.
18	* Scans for signatures of over 44,000 known malware variants.
19	* Continuously scans for known dangerous malware and phishing URL's in all your comments, posts and files.


3	Tags: anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence
4	Requires at least: 3.3.1
5	Tested up to: 3.3.1
6	+ Stable tag: 1.2
7
8	Wordfence is an enterprise firewall and anti-virus plugin for WordPress.
9
10	== Description ==
11
12	+ Wordfence is a free enterprise class firewall and anti-virus plugin for WordPress websites.
13	+
14	+ Wordfence is 100% free. You need to sign up on Wordfence.com to get a free API key.
15	+ We also offer a Premium API key that adds additional scanning capabilities. See below for details.
16
17	Wordfence:
18
19	+ * Scans core files against repository versions to check their integrity.
20	+ * Premium API key also scans themes and plugins against repository versions. This is currently the only difference between free and premium API keys.
21	* See how files have changed. Optionally repair changed files.
22	* Scans for signatures of over 44,000 known malware variants.
23	* Continuously scans for known dangerous malware and phishing URL's in all your comments, posts and files.

wfscan.php CHANGED Viewed

	@@ -2,7 +2,12 @@
2	ignore_user_abort(true);
3	if ( !defined('ABSPATH') ) {
4	/** Set up WordPress environment */
5	- ~~require_once~~('~~../../../wp-load.php~~');





6	}
7	require_once('lib/wordfenceConstants.php');
8	require_once('lib/wfScanEngine.php');


2	ignore_user_abort(true);
3	if ( !defined('ABSPATH') ) {
4	/** Set up WordPress environment */
5	+ if($_SERVER['SCRIPT_FILENAME']){
6	+ $dir = preg_replace('/[^\/]+\/[^\/]+\/[^\/]+\/wfscan\.php$/', '', $_SERVER['SCRIPT_FILENAME']);
7	+ require_once($dir . 'wp-load.php');
8	+ } else {
9	+ require_once('../../../wp-load.php');
10	+ }
11	}
12	require_once('lib/wordfenceConstants.php');
13	require_once('lib/wfScanEngine.php');

wordfence.php CHANGED Viewed

	@@ -4,7 +4,7 @@ Plugin Name: Wordfence
4	Plugin URI: http://wordfence.com/
5	Description: Anti-virus and Firewall for WordPress
6	Author: Mark Maunder
7	- Version: 1.1
8	Author URI: http://wordfence.com/
9	*/
10	require_once('lib/wordfenceConstants.php');


4	Plugin URI: http://wordfence.com/
5	Description: Anti-virus and Firewall for WordPress
6	Author: Mark Maunder
7	+ Version: 1.2
8	Author URI: http://wordfence.com/
9	*/
10	require_once('lib/wordfenceConstants.php');

Wordfence Security – Firewall & Malware Scan - Version 1.2

Version Description

Release Info

Code changes from version 1.1 to 1.2