Version Description
- Increased memory available to Wordfence to 256M during security scans, configurable in wordfenceConstants.php
- Improved memory logging during security scans. Current memory usage is now shown on the far right of filenames while scans occur.
Download this release
Release Info
| Developer | mmaunder |
| Plugin |  Wordfence Security – Firewall & Malware Scan |
| Version | 1.4.6 |
| Comparing to | |
| See all releases | |
Code changes from version 1.4.5 to 1.4.6
- lib/wfLog.php +2 -1
- lib/wfScanEngine.php +2 -2
- lib/wordfenceConstants.php +1 -0
- lib/wordfenceHash.php +5 -1
- lib/wordfenceScanner.php +15 -9
- readme.txt +5 -1
- wfscan.php +4 -0
- wordfence.php +1 -1
lib/wfLog.php
CHANGED
|
@@ -572,10 +572,11 @@ class wfLog {
|
|
| 572 |
}
|
| 573 |
}
|
| 574 |
public function addStatus($level, $type, $msg){
|
|
|
|
| 575 |
$this->getDB()->query("insert into " . $this->statusTable . " (ctime, level, type, msg) values (%s, %d, '%s', '%s')", microtime(true), $level, $type, $msg);
|
| 576 |
}
|
| 577 |
public function getStatusEvents(){
|
| 578 |
-
$res = $this->getDB()->query("select ctime, level, type, msg from " . $this->statusTable . " order by ctime desc limit
|
| 579 |
$results = array();
|
| 580 |
$lastTime = false;
|
| 581 |
while($rec = mysql_fetch_assoc($res)){
|
| 572 |
}
|
| 573 |
}
|
| 574 |
public function addStatus($level, $type, $msg){
|
| 575 |
+
//$msg = '[' . sprintf('%.2f', memory_get_usage(true) / (1024 * 1024)) . '] ' . $msg;
|
| 576 |
$this->getDB()->query("insert into " . $this->statusTable . " (ctime, level, type, msg) values (%s, %d, '%s', '%s')", microtime(true), $level, $type, $msg);
|
| 577 |
}
|
| 578 |
public function getStatusEvents(){
|
| 579 |
+
$res = $this->getDB()->query("select ctime, level, type, msg from " . $this->statusTable . " order by ctime desc limit 2000");
|
| 580 |
$results = array();
|
| 581 |
$lastTime = false;
|
| 582 |
while($rec = mysql_fetch_assoc($res)){
|
lib/wfScanEngine.php
CHANGED
|
@@ -23,7 +23,7 @@ class wfScanEngine {
|
|
| 23 |
$this->dictWords = $dictWords;
|
| 24 |
}
|
| 25 |
public function go(){
|
| 26 |
-
$this->status(1, 'info', "Initializing scan");
|
| 27 |
$this->i->deleteNew();
|
| 28 |
|
| 29 |
try {
|
|
@@ -214,7 +214,7 @@ class wfScanEngine {
|
|
| 214 |
$this->status(2, 'info', "Getting list of changed files since last scan.");
|
| 215 |
$scanner = new wordfenceScanner($this->apiKey, $this->wp_version);
|
| 216 |
$this->status(2, 'info', "Starting scan of file contents");
|
| 217 |
-
$result2 = $scanner->scan(ABSPATH, $unknownFiles
|
| 218 |
$this->status(2, 'info', "Done file contents scan");
|
| 219 |
if($scanner->errorMsg){
|
| 220 |
$this->errorStop($scanner->errorMsg);
|
| 23 |
$this->dictWords = $dictWords;
|
| 24 |
}
|
| 25 |
public function go(){
|
| 26 |
+
$this->status(1, 'info', "Initializing scan. Memory available: " . @ini_get('memory_limit') );
|
| 27 |
$this->i->deleteNew();
|
| 28 |
|
| 29 |
try {
|
| 214 |
$this->status(2, 'info', "Getting list of changed files since last scan.");
|
| 215 |
$scanner = new wordfenceScanner($this->apiKey, $this->wp_version);
|
| 216 |
$this->status(2, 'info', "Starting scan of file contents");
|
| 217 |
+
$result2 = $scanner->scan(ABSPATH, $unknownFiles);
|
| 218 |
$this->status(2, 'info', "Done file contents scan");
|
| 219 |
if($scanner->errorMsg){
|
| 220 |
$this->errorStop($scanner->errorMsg);
|
lib/wordfenceConstants.php
CHANGED
|
@@ -1,6 +1,7 @@
|
|
| 1 |
<?php
|
| 2 |
define('WORDFENCE_VERSION', 1.2);
|
| 3 |
define('WORDFENCE_API_URL', 'https://noc1.wordfence.com/');
|
|
|
|
| 4 |
define('WORDFENCE_MAX_SCAN_TIME', 3600);
|
| 5 |
define('WORDFENCE_TRANSIENTS_TIMEOUT', 3600); //how long are items cached in seconds e.g. files downloaded for diffing
|
| 6 |
define('WORDFENCE_MAX_IPLOC_AGE', 604800); //1 week
|
| 1 |
<?php
|
| 2 |
define('WORDFENCE_VERSION', 1.2);
|
| 3 |
define('WORDFENCE_API_URL', 'https://noc1.wordfence.com/');
|
| 4 |
+
define('WORDFENCE_MEM_LIMIT', 256); //In Megabytes
|
| 5 |
define('WORDFENCE_MAX_SCAN_TIME', 3600);
|
| 6 |
define('WORDFENCE_TRANSIENTS_TIMEOUT', 3600); //how long are items cached in seconds e.g. files downloaded for diffing
|
| 7 |
define('WORDFENCE_MAX_IPLOC_AGE', 604800); //1 week
|
lib/wordfenceHash.php
CHANGED
|
@@ -55,7 +55,11 @@ class wordfenceHash {
|
|
| 55 |
private function processFile($file){
|
| 56 |
$wfHash = $this->wfHash($file, true);
|
| 57 |
if($wfHash){
|
| 58 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
| 59 |
$this->hashes[substr($file, $this->striplen)] = $wfHash;
|
| 60 |
//Now that we know we can open the file, lets update stats
|
| 61 |
if(preg_match('/\.(?:js|html|htm|css)$/i', $file)){
|
| 55 |
private function processFile($file){
|
| 56 |
$wfHash = $this->wfHash($file, true);
|
| 57 |
if($wfHash){
|
| 58 |
+
if(function_exists('memory_get_usage')){
|
| 59 |
+
wordfence::status(2, 'info', "Examined file: $file (Mem:" . sprintf('%.1f', memory_get_usage(true) / (1024 * 1024)) . "M)");
|
| 60 |
+
} else {
|
| 61 |
+
wordfence::status(2, 'info', "Examined file: $file");
|
| 62 |
+
}
|
| 63 |
$this->hashes[substr($file, $this->striplen)] = $wfHash;
|
| 64 |
//Now that we know we can open the file, lets update stats
|
| 65 |
if(preg_match('/\.(?:js|html|htm|css)$/i', $file)){
|
lib/wordfenceScanner.php
CHANGED
|
@@ -15,7 +15,7 @@ class wordfenceScanner {
|
|
| 15 |
$this->apiKey = $apiKey;
|
| 16 |
$this->wordpressVersion = $wordpressVersion;
|
| 17 |
}
|
| 18 |
-
public function scan($path, $fileList
|
| 19 |
$this->errorMsg = false;
|
| 20 |
if($path[strlen($path) - 1] != '/'){
|
| 21 |
$path .= '/';
|
|
@@ -42,14 +42,16 @@ class wordfenceScanner {
|
|
| 42 |
if(preg_match('/^(?:jpg|jpeg|mp3|avi|m4v|gif|png)$/', $fileExt)){
|
| 43 |
continue;
|
| 44 |
}
|
| 45 |
-
|
| 46 |
-
|
| 47 |
-
|
| 48 |
-
|
| 49 |
-
|
| 50 |
-
|
| 51 |
-
|
| 52 |
-
|
|
|
|
|
|
|
| 53 |
}
|
| 54 |
$stime = microtime(true);
|
| 55 |
$fileSum = @md5_file($this->path . $file);
|
|
@@ -118,6 +120,10 @@ class wordfenceScanner {
|
|
| 118 |
fclose($fh);
|
| 119 |
$mtime = sprintf("%.5f", microtime(true) - $stime);
|
| 120 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
| 121 |
$hooverResults = $urlHoover->getBaddies();
|
| 122 |
if($urlHoover->errorMsg){
|
| 123 |
$this->errorMsg = $urlHoover->errorMsg;
|
| 15 |
$this->apiKey = $apiKey;
|
| 16 |
$this->wordpressVersion = $wordpressVersion;
|
| 17 |
}
|
| 18 |
+
public function scan($path, $fileList){
|
| 19 |
$this->errorMsg = false;
|
| 20 |
if($path[strlen($path) - 1] != '/'){
|
| 21 |
$path .= '/';
|
| 42 |
if(preg_match('/^(?:jpg|jpeg|mp3|avi|m4v|gif|png)$/', $fileExt)){
|
| 43 |
continue;
|
| 44 |
}
|
| 45 |
+
$fsize = filesize($this->path . $file);
|
| 46 |
+
if($fsize > 1000000){
|
| 47 |
+
$fsize = sprintf('%.2f', ($fsize / 1000000)) . "M";
|
| 48 |
+
} else {
|
| 49 |
+
$fsize = $fsize . "B";
|
| 50 |
+
}
|
| 51 |
+
if(function_exists('memory_get_usage')){
|
| 52 |
+
wordfence::status(2, 'info', "Currently scanning: $file (Size:$fsize Mem:" . sprintf('%.1f', memory_get_usage(true) / (1024 * 1024)) . "M)");
|
| 53 |
+
} else {
|
| 54 |
+
wordfence::status(2, 'info', "Currently scanning: $file (Size: $fsize)");
|
| 55 |
}
|
| 56 |
$stime = microtime(true);
|
| 57 |
$fileSum = @md5_file($this->path . $file);
|
| 120 |
fclose($fh);
|
| 121 |
$mtime = sprintf("%.5f", microtime(true) - $stime);
|
| 122 |
}
|
| 123 |
+
if(function_exists('memory_get_usage')){
|
| 124 |
+
wordfence::status(3, 'info', "Total memory being used: " . sprintf('%.2f', memory_get_usage(true) / (1024 * 1024)) . "MB");
|
| 125 |
+
}
|
| 126 |
+
wordfence::status(2, 'info', "Asking Wordfence to check URL's against malware list.");
|
| 127 |
$hooverResults = $urlHoover->getBaddies();
|
| 128 |
if($urlHoover->errorMsg){
|
| 129 |
$this->errorMsg = $urlHoover->errorMsg;
|
readme.txt
CHANGED
|
@@ -3,7 +3,7 @@ Contributors: mmaunder
|
|
| 3 |
Tags: wordpress, security, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure
|
| 4 |
Requires at least: 3.3.1
|
| 5 |
Tested up to: 3.3.2
|
| 6 |
-
Stable tag: 1.4.
|
| 7 |
|
| 8 |
Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
|
| 9 |
|
|
@@ -152,6 +152,10 @@ or a theme, because often these have been updated to fix a security hole.
|
|
| 152 |
5. If you're technically minded, this is the under-the-hood view of Wordfence options where you can fine-tune your security settings.
|
| 153 |
|
| 154 |
== Changelog ==
|
|
|
|
|
|
|
|
|
|
|
|
|
| 155 |
= 1.4.5 =
|
| 156 |
* Bugfix - fixed bug that caused Wordfence menu to dissapear.
|
| 157 |
|
| 3 |
Tags: wordpress, security, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure
|
| 4 |
Requires at least: 3.3.1
|
| 5 |
Tested up to: 3.3.2
|
| 6 |
+
Stable tag: 1.4.6
|
| 7 |
|
| 8 |
Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
|
| 9 |
|
| 152 |
5. If you're technically minded, this is the under-the-hood view of Wordfence options where you can fine-tune your security settings.
|
| 153 |
|
| 154 |
== Changelog ==
|
| 155 |
+
= 1.4.6 =
|
| 156 |
+
* Increased memory available to Wordfence to 256M during security scans, configurable in wordfenceConstants.php
|
| 157 |
+
* Improved memory logging during security scans. Current memory usage is now shown on the far right of filenames while scans occur.
|
| 158 |
+
|
| 159 |
= 1.4.5 =
|
| 160 |
* Bugfix - fixed bug that caused Wordfence menu to dissapear.
|
| 161 |
|
wfscan.php
CHANGED
|
@@ -43,6 +43,10 @@ class wfScan {
|
|
| 43 |
if($scanRunning && time() - $scanRunning < WORDFENCE_MAX_SCAN_TIME){
|
| 44 |
self::errorExit("There is already a scan running.");
|
| 45 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
| 46 |
wfConfig::set('wf_scanRunning', time());
|
| 47 |
register_shutdown_function('wfScan::clearScan');
|
| 48 |
|
| 43 |
if($scanRunning && time() - $scanRunning < WORDFENCE_MAX_SCAN_TIME){
|
| 44 |
self::errorExit("There is already a scan running.");
|
| 45 |
}
|
| 46 |
+
if( function_exists('memory_get_usage') && ( (int) @ini_get('memory_limit') < WORDFENCE_MEM_LIMIT ) ){
|
| 47 |
+
@ini_set('memory_limit', WORDFENCE_MEM_LIMIT . 'M');
|
| 48 |
+
}
|
| 49 |
+
|
| 50 |
wfConfig::set('wf_scanRunning', time());
|
| 51 |
register_shutdown_function('wfScan::clearScan');
|
| 52 |
|
wordfence.php
CHANGED
|
@@ -4,7 +4,7 @@ Plugin Name: Wordfence Security
|
|
| 4 |
Plugin URI: http://wordfence.com/
|
| 5 |
Description: WordPress Security - Anti-virus and Firewall security plugin for WordPress
|
| 6 |
Author: Mark Maunder
|
| 7 |
-
Version: 1.4.
|
| 8 |
Author URI: http://wordfence.com/
|
| 9 |
*/
|
| 10 |
require_once('lib/wordfenceConstants.php');
|
| 4 |
Plugin URI: http://wordfence.com/
|
| 5 |
Description: WordPress Security - Anti-virus and Firewall security plugin for WordPress
|
| 6 |
Author: Mark Maunder
|
| 7 |
+
Version: 1.4.6
|
| 8 |
Author URI: http://wordfence.com/
|
| 9 |
*/
|
| 10 |
require_once('lib/wordfenceConstants.php');
|
