Version Description
- Fixed a bug where if you have the plugin "secure-wordpress" installed, you can't do a Wordfence scan because it says you have the wrong version. This is because secure-wordpress trashes the $wp_version global variable to hide your version rather than using the filters provided by WordPress. So coded a workaround so that your Wordfence scans will work with that plugin installed.
Download this release
Release Info
Developer | mmaunder |
Plugin | Wordfence Security – Firewall & Malware Scan |
Version | 1.3.1 |
Comparing to | |
See all releases |
Code changes from version 1.3 to 1.3.1
- lib/wfCrawl.php +2 -1
- lib/wfLog.php +1 -1
- lib/wfScanEngine.php +3 -5
- lib/wfUtils.php +9 -0
- lib/wordfenceClass.php +9 -14
- lib/wordfenceScanner.php +1 -1
- readme.txt +5 -2
- visitor.php +12 -1
- wfscan.php +8 -2
- wordfence.php +1 -1
lib/wfCrawl.php
CHANGED
@@ -1,4 +1,5 @@
|
|
1 |
<?php
|
|
|
2 |
class wfCrawl {
|
3 |
public static function isCrawler($UA){
|
4 |
foreach(self::$patterns as $pat){
|
@@ -20,7 +21,7 @@ class wfCrawl {
|
|
20 |
return false;
|
21 |
}
|
22 |
}
|
23 |
-
|
24 |
$host = $wfLog->reverseLookup($IP);
|
25 |
if(! $host){
|
26 |
$db->query("insert into $table (IP, patternSig, status, lastUpdate, PTR) values (%s, UNHEX(MD5('%s')), '%s', unix_timestamp(), '%s') ON DUPLICATE KEY UPDATE status='%s', lastUpdate=unix_timestamp(), PTR='%s'", $IPn, $hostPattern, 'noPTR', '', 'noPTR', '');
|
1 |
<?php
|
2 |
+
require_once('wfUtils.php');
|
3 |
class wfCrawl {
|
4 |
public static function isCrawler($UA){
|
5 |
foreach(self::$patterns as $pat){
|
21 |
return false;
|
22 |
}
|
23 |
}
|
24 |
+
$wfLog = new wfLog(wfConfig::get('apiKey'), wfUtils::getWPVersion());
|
25 |
$host = $wfLog->reverseLookup($IP);
|
26 |
if(! $host){
|
27 |
$db->query("insert into $table (IP, patternSig, status, lastUpdate, PTR) values (%s, UNHEX(MD5('%s')), '%s', unix_timestamp(), '%s') ON DUPLICATE KEY UPDATE status='%s', lastUpdate=unix_timestamp(), PTR='%s'", $IPn, $hostPattern, 'noPTR', '', 'noPTR', '');
|
lib/wfLog.php
CHANGED
@@ -442,7 +442,7 @@ class wfLog {
|
|
442 |
public function logHitOK(){
|
443 |
if(stristr($_SERVER['REQUEST_URI'], 'wp-admin/admin-ajax.php')){ return false; } //Don't log wordpress ajax requests.
|
444 |
if(is_admin()){ return false; } //Don't log admin pageviews
|
445 |
-
if(preg_match('/WordPress\/' . $wp_version . '/i', $_SERVER['HTTP_USER_AGENT'])){ return false; } //Ignore requests generated by WP UA.
|
446 |
if($userID = get_current_user_id()){
|
447 |
if(wfConfig::get('liveTraf_ignorePublishers') && (current_user_can('publish_posts') || current_user_can('publish_pages')) ){ return false; } //User is logged in and can publish, so we don't log them.
|
448 |
$user = get_userdata($userID);
|
442 |
public function logHitOK(){
|
443 |
if(stristr($_SERVER['REQUEST_URI'], 'wp-admin/admin-ajax.php')){ return false; } //Don't log wordpress ajax requests.
|
444 |
if(is_admin()){ return false; } //Don't log admin pageviews
|
445 |
+
if(preg_match('/WordPress\/' . $this->wp_version . '/i', $_SERVER['HTTP_USER_AGENT'])){ return false; } //Ignore requests generated by WP UA.
|
446 |
if($userID = get_current_user_id()){
|
447 |
if(wfConfig::get('liveTraf_ignorePublishers') && (current_user_can('publish_posts') || current_user_can('publish_pages')) ){ return false; } //User is logged in and can publish, so we don't log them.
|
448 |
$user = get_userdata($userID);
|
lib/wfScanEngine.php
CHANGED
@@ -18,10 +18,9 @@ class wfScanEngine {
|
|
18 |
private $dictWords = array();
|
19 |
public function __construct(){
|
20 |
$this->i = new wfIssues();
|
21 |
-
|
22 |
-
$this->wp_version = $wp_version;
|
23 |
$this->apiKey = wfConfig::get('apiKey');
|
24 |
-
$this->api = new wfAPI($this->apiKey, $wp_version);
|
25 |
include('wfDict.php'); //$dictWords
|
26 |
$this->dictWords = $dictWords;
|
27 |
}
|
@@ -601,9 +600,8 @@ class wfScanEngine {
|
|
601 |
}
|
602 |
$cur = get_preferred_from_update_core();
|
603 |
if(isset( $cur->response ) && $cur->response == 'upgrade'){
|
604 |
-
global $wp_version;
|
605 |
$this->addIssue('wfUpgrade', 1, 'wfUpgrade' . $cur->current, 'wfUpgrade' . $cur->current, "Your WordPress version is out of date", "WordPress version " . $cur->current . " is now available. Please upgrade immediately to get the latest security updates from WordPress.", array(
|
606 |
-
'currentVersion' => $wp_version,
|
607 |
'newVersion' => $cur->current
|
608 |
));
|
609 |
}
|
18 |
private $dictWords = array();
|
19 |
public function __construct(){
|
20 |
$this->i = new wfIssues();
|
21 |
+
$this->wp_version = wfUtils::getWPVersion();
|
|
|
22 |
$this->apiKey = wfConfig::get('apiKey');
|
23 |
+
$this->api = new wfAPI($this->apiKey, $this->wp_version);
|
24 |
include('wfDict.php'); //$dictWords
|
25 |
$this->dictWords = $dictWords;
|
26 |
}
|
600 |
}
|
601 |
$cur = get_preferred_from_update_core();
|
602 |
if(isset( $cur->response ) && $cur->response == 'upgrade'){
|
|
|
603 |
$this->addIssue('wfUpgrade', 1, 'wfUpgrade' . $cur->current, 'wfUpgrade' . $cur->current, "Your WordPress version is out of date", "WordPress version " . $cur->current . " is now available. Please upgrade immediately to get the latest security updates from WordPress.", array(
|
604 |
+
'currentVersion' => $this->wp_version,
|
605 |
'newVersion' => $cur->current
|
606 |
));
|
607 |
}
|
lib/wfUtils.php
CHANGED
@@ -134,6 +134,15 @@ class wfUtils {
|
|
134 |
$c2 = array_shift($trace);
|
135 |
error_log("Caller for " . $caller['file'] . " line " . $caller['line'] . " is " . $c2['file'] . ' line ' . $c2['line']);
|
136 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
137 |
}
|
138 |
|
139 |
|
134 |
$c2 = array_shift($trace);
|
135 |
error_log("Caller for " . $caller['file'] . " line " . $caller['line'] . " is " . $c2['file'] . ' line ' . $c2['line']);
|
136 |
}
|
137 |
+
public static function getWPVersion(){
|
138 |
+
global $wp_version;
|
139 |
+
global $wordfence_wp_version;
|
140 |
+
if(isset($wordfence_wp_version)){
|
141 |
+
return $wordfence_wp_version;
|
142 |
+
} else {
|
143 |
+
return $wp_version;
|
144 |
+
}
|
145 |
+
}
|
146 |
}
|
147 |
|
148 |
|
lib/wordfenceClass.php
CHANGED
@@ -36,7 +36,7 @@ class wordfence {
|
|
36 |
}
|
37 |
public static function hourlyCron(){
|
38 |
global $wpdb; $p = $wpdb->prefix;
|
39 |
-
$api = new wfAPI(wfConfig::get('apiKey'),
|
40 |
$patData = $api->call('get_known_vuln_pattern');
|
41 |
if(is_array($patData) && $patData['pat']){
|
42 |
if(@preg_match($patData['pat'], 'wordfence_test_vuln_match')){
|
@@ -229,7 +229,6 @@ class wordfence {
|
|
229 |
return self::getLog()->isIPLockedOut($IP);
|
230 |
}
|
231 |
public static function veryFirstAction(){
|
232 |
-
global $wp_version;
|
233 |
$wfLog = self::getLog();
|
234 |
$wfLog->firewallBadIPs();
|
235 |
}
|
@@ -323,8 +322,7 @@ class wordfence {
|
|
323 |
if($content){
|
324 |
return array('fileContent' => $content);
|
325 |
}
|
326 |
-
|
327 |
-
$api = new wfAPI(wfConfig::get('apiKey'), $wp_version);
|
328 |
$dat = $api->call('get_wp_file_content', array(
|
329 |
'file' => $file,
|
330 |
'cType' => $cType,
|
@@ -342,8 +340,7 @@ class wordfence {
|
|
342 |
}
|
343 |
}
|
344 |
public static function ajax_sendActivityLog_callback(){
|
345 |
-
|
346 |
-
$content = "SITE: " . site_url() . "\nWP VERSION: $wp_version\nAPI KEY: " . wfConfig::get('apiKey') . "\nADMIN EMAIL: " . get_option('admin_email') . "\nLOG:\n\n";
|
347 |
$wfdb = new wfDB();
|
348 |
global $wpdb;
|
349 |
$p = $wpdb->prefix;
|
@@ -420,7 +417,7 @@ class wordfence {
|
|
420 |
}
|
421 |
$reload = '';
|
422 |
if($opts['apiKey'] != wfConfig::get('apiKey')){
|
423 |
-
$api = new wfAPI($opts['apiKey'],
|
424 |
$res = $api->call('check_api_key', array(), array());
|
425 |
if($res['ok'] && $res['isPaid']){
|
426 |
wfConfig::set('apiKey', $opts['apiKey']);
|
@@ -663,8 +660,7 @@ class wordfence {
|
|
663 |
return array("errorAlert" => "You entered an invalid API key." );
|
664 |
}
|
665 |
wfConfig::set('apiKey', $key);
|
666 |
-
|
667 |
-
$api = new wfAPI(wfConfig::get('apiKey'), $wp_version);
|
668 |
$result = $api->call('activate', array(), array());
|
669 |
if($api->errorMsg){
|
670 |
wfConfig::set('apiKey', '');
|
@@ -766,7 +762,7 @@ class wordfence {
|
|
766 |
echo "An invalid IP address was specified.";
|
767 |
exit(0);
|
768 |
}
|
769 |
-
|
770 |
$results = array_merge(
|
771 |
$wfLog->getHits('hits', 'hit', 0, 10000, $IP),
|
772 |
$wfLog->getHits('hits', '404', 0, 10000, $IP)
|
@@ -968,7 +964,7 @@ class wordfence {
|
|
968 |
}
|
969 |
}
|
970 |
public static function genFilter($gen, $type){
|
971 |
-
if(wfConfig::get('
|
972 |
return '';
|
973 |
} else {
|
974 |
return $gen;
|
@@ -1018,8 +1014,7 @@ class wordfence {
|
|
1018 |
//scan is already scheduled for the future
|
1019 |
return;
|
1020 |
}
|
1021 |
-
|
1022 |
-
$api = new wfAPI(wfConfig::get('apiKey'), $wp_version);
|
1023 |
$result = $api->call('get_next_scan_time', array(), array());
|
1024 |
if($result['errorMsg']){
|
1025 |
return $result['errorMsg'];
|
@@ -1036,7 +1031,7 @@ class wordfence {
|
|
1036 |
}
|
1037 |
private static function getLog(){
|
1038 |
if(! self::$wfLog){
|
1039 |
-
|
1040 |
self::$wfLog = $wfLog;
|
1041 |
}
|
1042 |
return self::$wfLog;
|
36 |
}
|
37 |
public static function hourlyCron(){
|
38 |
global $wpdb; $p = $wpdb->prefix;
|
39 |
+
$api = new wfAPI(wfConfig::get('apiKey'), wfUtils::getWPVersion());
|
40 |
$patData = $api->call('get_known_vuln_pattern');
|
41 |
if(is_array($patData) && $patData['pat']){
|
42 |
if(@preg_match($patData['pat'], 'wordfence_test_vuln_match')){
|
229 |
return self::getLog()->isIPLockedOut($IP);
|
230 |
}
|
231 |
public static function veryFirstAction(){
|
|
|
232 |
$wfLog = self::getLog();
|
233 |
$wfLog->firewallBadIPs();
|
234 |
}
|
322 |
if($content){
|
323 |
return array('fileContent' => $content);
|
324 |
}
|
325 |
+
$api = new wfAPI(wfConfig::get('apiKey'), wfUtils::getWPVersion());
|
|
|
326 |
$dat = $api->call('get_wp_file_content', array(
|
327 |
'file' => $file,
|
328 |
'cType' => $cType,
|
340 |
}
|
341 |
}
|
342 |
public static function ajax_sendActivityLog_callback(){
|
343 |
+
$content = "SITE: " . site_url() . "\nWP VERSION: " . wfUtils::getWPVersion() . "\nAPI KEY: " . wfConfig::get('apiKey') . "\nADMIN EMAIL: " . get_option('admin_email') . "\nLOG:\n\n";
|
|
|
344 |
$wfdb = new wfDB();
|
345 |
global $wpdb;
|
346 |
$p = $wpdb->prefix;
|
417 |
}
|
418 |
$reload = '';
|
419 |
if($opts['apiKey'] != wfConfig::get('apiKey')){
|
420 |
+
$api = new wfAPI($opts['apiKey'], wfUtils::getWPVersion());
|
421 |
$res = $api->call('check_api_key', array(), array());
|
422 |
if($res['ok'] && $res['isPaid']){
|
423 |
wfConfig::set('apiKey', $opts['apiKey']);
|
660 |
return array("errorAlert" => "You entered an invalid API key." );
|
661 |
}
|
662 |
wfConfig::set('apiKey', $key);
|
663 |
+
$api = new wfAPI(wfConfig::get('apiKey'), wfUtils::getWPVersion());
|
|
|
664 |
$result = $api->call('activate', array(), array());
|
665 |
if($api->errorMsg){
|
666 |
wfConfig::set('apiKey', '');
|
762 |
echo "An invalid IP address was specified.";
|
763 |
exit(0);
|
764 |
}
|
765 |
+
$wfLog = new wfLog(wfConfig::get('apiKey'), wfUtils::getWPVersion());
|
766 |
$results = array_merge(
|
767 |
$wfLog->getHits('hits', 'hit', 0, 10000, $IP),
|
768 |
$wfLog->getHits('hits', '404', 0, 10000, $IP)
|
964 |
}
|
965 |
}
|
966 |
public static function genFilter($gen, $type){
|
967 |
+
if(wfConfig::get('other_hidegetWPVersion')){
|
968 |
return '';
|
969 |
} else {
|
970 |
return $gen;
|
1014 |
//scan is already scheduled for the future
|
1015 |
return;
|
1016 |
}
|
1017 |
+
$api = new wfAPI(wfConfig::get('apiKey'), wfUtils::getWPVersion());
|
|
|
1018 |
$result = $api->call('get_next_scan_time', array(), array());
|
1019 |
if($result['errorMsg']){
|
1020 |
return $result['errorMsg'];
|
1031 |
}
|
1032 |
private static function getLog(){
|
1033 |
if(! self::$wfLog){
|
1034 |
+
$wfLog = new wfLog(wfConfig::get('apiKey'), wfUtils::getWPVersion());
|
1035 |
self::$wfLog = $wfLog;
|
1036 |
}
|
1037 |
return self::$wfLog;
|
lib/wordfenceScanner.php
CHANGED
@@ -69,7 +69,7 @@ class wordfenceScanner {
|
|
69 |
break;
|
70 |
}
|
71 |
if($isPHP){
|
72 |
-
if(
|
73 |
$this->addResult(array(
|
74 |
'type' => 'file',
|
75 |
'severity' => 1,
|
69 |
break;
|
70 |
}
|
71 |
if($isPHP){
|
72 |
+
if(strpos($data, '\$allowed'.'Sites') !== false && strpos($data, "define ('VER"."SION', '1.") !== false && strpos($data, "TimThum"."b script created by") !== false){
|
73 |
$this->addResult(array(
|
74 |
'type' => 'file',
|
75 |
'severity' => 1,
|
readme.txt
CHANGED
@@ -2,8 +2,8 @@
|
|
2 |
Contributors: mmaunder
|
3 |
Tags: anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence
|
4 |
Requires at least: 3.3.1
|
5 |
-
Tested up to: 3.3.
|
6 |
-
Stable tag: 1.3
|
7 |
|
8 |
Wordfence is an enterprise firewall and anti-virus plugin for WordPress.
|
9 |
|
@@ -89,6 +89,9 @@ Yes! Simply visit the Options page, click on advanced options and enable or disa
|
|
89 |
5. If you're technically minded, this is the under-the-hood view of Wordfence options where you can fine-tune your security settings.
|
90 |
|
91 |
== Changelog ==
|
|
|
|
|
|
|
92 |
= 1.3 =
|
93 |
* Minor fix to point to the correct binary API URL on the Wordfence cloud servers.
|
94 |
|
2 |
Contributors: mmaunder
|
3 |
Tags: anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence
|
4 |
Requires at least: 3.3.1
|
5 |
+
Tested up to: 3.3.2
|
6 |
+
Stable tag: 1.3.1
|
7 |
|
8 |
Wordfence is an enterprise firewall and anti-virus plugin for WordPress.
|
9 |
|
89 |
5. If you're technically minded, this is the under-the-hood view of Wordfence options where you can fine-tune your security settings.
|
90 |
|
91 |
== Changelog ==
|
92 |
+
= 1.3.1 =
|
93 |
+
* Fixed a bug where if you have the plugin "secure-wordpress" installed, you can't do a Wordfence scan because it says you have the wrong version. This is because secure-wordpress trashes the $wp_version global variable to hide your version rather than using the filters provided by WordPress. So coded a workaround so that your Wordfence scans will work with that plugin installed.
|
94 |
+
|
95 |
= 1.3 =
|
96 |
* Minor fix to point to the correct binary API URL on the Wordfence cloud servers.
|
97 |
|
visitor.php
CHANGED
@@ -2,7 +2,18 @@
|
|
2 |
ignore_user_abort(true);
|
3 |
if ( !defined('ABSPATH') ) {
|
4 |
/** Set up WordPress environment */
|
5 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
6 |
}
|
7 |
require_once('lib/wfUtils.php');
|
8 |
require_once('lib/wfDB.php');
|
2 |
ignore_user_abort(true);
|
3 |
if ( !defined('ABSPATH') ) {
|
4 |
/** Set up WordPress environment */
|
5 |
+
if($_SERVER['SCRIPT_FILENAME']){
|
6 |
+
$wfBaseDir = preg_replace('/[^\/]+\/[^\/]+\/[^\/]+\/visitor\.php$/', '', $_SERVER['SCRIPT_FILENAME']);
|
7 |
+
require_once($wfBaseDir . 'wp-load.php');
|
8 |
+
global $wp_version;
|
9 |
+
global $wordfence_wp_version;
|
10 |
+
require($wfBaseDir . 'wp-includes/version.php');
|
11 |
+
$wordfence_wp_version = $wp_version;
|
12 |
+
} else {
|
13 |
+
require_once('../../../wp-load.php');
|
14 |
+
require_once('../../../wp-includes/version.php');
|
15 |
+
}
|
16 |
+
|
17 |
}
|
18 |
require_once('lib/wfUtils.php');
|
19 |
require_once('lib/wfDB.php');
|
wfscan.php
CHANGED
@@ -1,12 +1,18 @@
|
|
1 |
<?php
|
2 |
ignore_user_abort(true);
|
|
|
3 |
if ( !defined('ABSPATH') ) {
|
4 |
/** Set up WordPress environment */
|
5 |
if($_SERVER['SCRIPT_FILENAME']){
|
6 |
-
$
|
7 |
-
require_once($
|
|
|
|
|
|
|
|
|
8 |
} else {
|
9 |
require_once('../../../wp-load.php');
|
|
|
10 |
}
|
11 |
}
|
12 |
require_once('lib/wordfenceConstants.php');
|
1 |
<?php
|
2 |
ignore_user_abort(true);
|
3 |
+
$wordfence_wp_version = false;
|
4 |
if ( !defined('ABSPATH') ) {
|
5 |
/** Set up WordPress environment */
|
6 |
if($_SERVER['SCRIPT_FILENAME']){
|
7 |
+
$wfBaseDir = preg_replace('/[^\/]+\/[^\/]+\/[^\/]+\/wfscan\.php$/', '', $_SERVER['SCRIPT_FILENAME']);
|
8 |
+
require_once($wfBaseDir . 'wp-load.php');
|
9 |
+
global $wp_version;
|
10 |
+
global $wordfence_wp_version;
|
11 |
+
require($wfBaseDir . 'wp-includes/version.php');
|
12 |
+
$wordfence_wp_version = $wp_version;
|
13 |
} else {
|
14 |
require_once('../../../wp-load.php');
|
15 |
+
require_once('../../../wp-includes/version.php');
|
16 |
}
|
17 |
}
|
18 |
require_once('lib/wordfenceConstants.php');
|
wordfence.php
CHANGED
@@ -4,7 +4,7 @@ Plugin Name: Wordfence
|
|
4 |
Plugin URI: http://wordfence.com/
|
5 |
Description: Anti-virus and Firewall for WordPress
|
6 |
Author: Mark Maunder
|
7 |
-
Version: 1.3
|
8 |
Author URI: http://wordfence.com/
|
9 |
*/
|
10 |
require_once('lib/wordfenceConstants.php');
|
4 |
Plugin URI: http://wordfence.com/
|
5 |
Description: Anti-virus and Firewall for WordPress
|
6 |
Author: Mark Maunder
|
7 |
+
Version: 1.3.1
|
8 |
Author URI: http://wordfence.com/
|
9 |
*/
|
10 |
require_once('lib/wordfenceConstants.php');
|