Wordfence Security – Firewall & Malware Scan - Version 1.4.6

Version Description

  • Increased memory available to Wordfence to 256M during security scans, configurable in wordfenceConstants.php
  • Improved memory logging during security scans. Current memory usage is now shown on the far right of filenames while scans occur.
Download this release

Release Info

Developer mmaunder
Plugin Icon 128x128 Wordfence Security – Firewall & Malware Scan
Version 1.4.6
Comparing to
See all releases

Code changes from version 1.4.5 to 1.4.6

lib/wfLog.php CHANGED
@@ -572,10 +572,11 @@ class wfLog {
572
}
573
}
574
public function addStatus($level, $type, $msg){
575
$this->getDB()->query("insert into " . $this->statusTable . " (ctime, level, type, msg) values (%s, %d, '%s', '%s')", microtime(true), $level, $type, $msg);
576
}
577
public function getStatusEvents(){
578
- $res = $this->getDB()->query("select ctime, level, type, msg from " . $this->statusTable . " order by ctime desc limit 1000");
579
$results = array();
580
$lastTime = false;
581
while($rec = mysql_fetch_assoc($res)){
572
}
573
}
574
public function addStatus($level, $type, $msg){
575
+ //$msg = '[' . sprintf('%.2f', memory_get_usage(true) / (1024 * 1024)) . '] ' . $msg;
576
$this->getDB()->query("insert into " . $this->statusTable . " (ctime, level, type, msg) values (%s, %d, '%s', '%s')", microtime(true), $level, $type, $msg);
577
}
578
public function getStatusEvents(){
579
+ $res = $this->getDB()->query("select ctime, level, type, msg from " . $this->statusTable . " order by ctime desc limit 2000");
580
$results = array();
581
$lastTime = false;
582
while($rec = mysql_fetch_assoc($res)){
lib/wfScanEngine.php CHANGED
@@ -23,7 +23,7 @@ class wfScanEngine {
23
$this->dictWords = $dictWords;
24
}
25
public function go(){
26
- $this->status(1, 'info', "Initializing scan");
27
$this->i->deleteNew();
28
29
try {
@@ -214,7 +214,7 @@ class wfScanEngine {
214
$this->status(2, 'info', "Getting list of changed files since last scan.");
215
$scanner = new wordfenceScanner($this->apiKey, $this->wp_version);
216
$this->status(2, 'info', "Starting scan of file contents");
217
- $result2 = $scanner->scan(ABSPATH, $unknownFiles, array($this, 'status'));
218
$this->status(2, 'info', "Done file contents scan");
219
if($scanner->errorMsg){
220
$this->errorStop($scanner->errorMsg);
23
$this->dictWords = $dictWords;
24
}
25
public function go(){
26
+ $this->status(1, 'info', "Initializing scan. Memory available: " . @ini_get('memory_limit') );
27
$this->i->deleteNew();
28
29
try {
214
$this->status(2, 'info', "Getting list of changed files since last scan.");
215
$scanner = new wordfenceScanner($this->apiKey, $this->wp_version);
216
$this->status(2, 'info', "Starting scan of file contents");
217
+ $result2 = $scanner->scan(ABSPATH, $unknownFiles);
218
$this->status(2, 'info', "Done file contents scan");
219
if($scanner->errorMsg){
220
$this->errorStop($scanner->errorMsg);
lib/wordfenceConstants.php CHANGED
@@ -1,6 +1,7 @@
1
<?php
2
define('WORDFENCE_VERSION', 1.2);
3
define('WORDFENCE_API_URL', 'https://noc1.wordfence.com/');
4
define('WORDFENCE_MAX_SCAN_TIME', 3600);
5
define('WORDFENCE_TRANSIENTS_TIMEOUT', 3600); //how long are items cached in seconds e.g. files downloaded for diffing
6
define('WORDFENCE_MAX_IPLOC_AGE', 604800); //1 week
1
<?php
2
define('WORDFENCE_VERSION', 1.2);
3
define('WORDFENCE_API_URL', 'https://noc1.wordfence.com/');
4
+ define('WORDFENCE_MEM_LIMIT', 256); //In Megabytes
5
define('WORDFENCE_MAX_SCAN_TIME', 3600);
6
define('WORDFENCE_TRANSIENTS_TIMEOUT', 3600); //how long are items cached in seconds e.g. files downloaded for diffing
7
define('WORDFENCE_MAX_IPLOC_AGE', 604800); //1 week
lib/wordfenceHash.php CHANGED
@@ -55,7 +55,11 @@ class wordfenceHash {
55
private function processFile($file){
56
$wfHash = $this->wfHash($file, true);
57
if($wfHash){
58
- wordfence::status(2, 'info', "Examined file: $file");
59
$this->hashes[substr($file, $this->striplen)] = $wfHash;
60
//Now that we know we can open the file, lets update stats
61
if(preg_match('/\.(?:js|html|htm|css)#x2F;i', $file)){
55
private function processFile($file){
56
$wfHash = $this->wfHash($file, true);
57
if($wfHash){
58
+ if(function_exists('memory_get_usage')){
59
+ wordfence::status(2, 'info', "Examined file: $file (Mem:" . sprintf('%.1f', memory_get_usage(true) / (1024 * 1024)) . "M)");
60
+ } else {
61
+ wordfence::status(2, 'info', "Examined file: $file");
62
+ }
63
$this->hashes[substr($file, $this->striplen)] = $wfHash;
64
//Now that we know we can open the file, lets update stats
65
if(preg_match('/\.(?:js|html|htm|css)#x2F;i', $file)){
lib/wordfenceScanner.php CHANGED
@@ -15,7 +15,7 @@ class wordfenceScanner {
15
$this->apiKey = $apiKey;
16
$this->wordpressVersion = $wordpressVersion;
17
}
18
- public function scan($path, $fileList, $userfunc = false){
19
$this->errorMsg = false;
20
if($path[strlen($path) - 1] != '/'){
21
$path .= '/';
@@ -42,14 +42,16 @@ class wordfenceScanner {
42
if(preg_match('/^(?:jpg|jpeg|mp3|avi|m4v|gif|png)#x2F;', $fileExt)){
43
continue;
44
}
45
- if($userfunc){
46
- $fsize = filesize($this->path . $file);
47
- if($fsize > 1000000){
48
- $fsize = sprintf('%.2f', ($fsize / 1000000)) . " Megs";
49
- } else {
50
- $fsize = $fsize . " bytes";
51
- }
52
- call_user_func($userfunc, 2, 'info', "Currently scanning: $file ($fsize)");
53
}
54
$stime = microtime(true);
55
$fileSum = @md5_file($this->path . $file);
@@ -118,6 +120,10 @@ class wordfenceScanner {
118
fclose($fh);
119
$mtime = sprintf("%.5f", microtime(true) - $stime);
120
}
121
$hooverResults = $urlHoover->getBaddies();
122
if($urlHoover->errorMsg){
123
$this->errorMsg = $urlHoover->errorMsg;
15
$this->apiKey = $apiKey;
16
$this->wordpressVersion = $wordpressVersion;
17
}
18
+ public function scan($path, $fileList){
19
$this->errorMsg = false;
20
if($path[strlen($path) - 1] != '/'){
21
$path .= '/';
42
if(preg_match('/^(?:jpg|jpeg|mp3|avi|m4v|gif|png)#x2F;', $fileExt)){
43
continue;
44
}
45
+ $fsize = filesize($this->path . $file);
46
+ if($fsize > 1000000){
47
+ $fsize = sprintf('%.2f', ($fsize / 1000000)) . "M";
48
+ } else {
49
+ $fsize = $fsize . "B";
50
+ }
51
+ if(function_exists('memory_get_usage')){
52
+ wordfence::status(2, 'info', "Currently scanning: $file (Size:$fsize Mem:" . sprintf('%.1f', memory_get_usage(true) / (1024 * 1024)) . "M)");
53
+ } else {
54
+ wordfence::status(2, 'info', "Currently scanning: $file (Size: $fsize)");
55
}
56
$stime = microtime(true);
57
$fileSum = @md5_file($this->path . $file);
120
fclose($fh);
121
$mtime = sprintf("%.5f", microtime(true) - $stime);
122
}
123
+ if(function_exists('memory_get_usage')){
124
+ wordfence::status(3, 'info', "Total memory being used: " . sprintf('%.2f', memory_get_usage(true) / (1024 * 1024)) . "MB");
125
+ }
126
+ wordfence::status(2, 'info', "Asking Wordfence to check URL's against malware list.");
127
$hooverResults = $urlHoover->getBaddies();
128
if($urlHoover->errorMsg){
129
$this->errorMsg = $urlHoover->errorMsg;
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: mmaunder
3
Tags: wordpress, security, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure
4
Requires at least: 3.3.1
5
Tested up to: 3.3.2
6
- Stable tag: 1.4.5
7
8
Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
9
@@ -152,6 +152,10 @@ or a theme, because often these have been updated to fix a security hole.
152
5. If you're technically minded, this is the under-the-hood view of Wordfence options where you can fine-tune your security settings.
153
154
== Changelog ==
155
= 1.4.5 =
156
* Bugfix - fixed bug that caused Wordfence menu to dissapear.
157
3
Tags: wordpress, security, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure
4
Requires at least: 3.3.1
5
Tested up to: 3.3.2
6
+ Stable tag: 1.4.6
7
8
Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
9
152
5. If you're technically minded, this is the under-the-hood view of Wordfence options where you can fine-tune your security settings.
153
154
== Changelog ==
155
+ = 1.4.6 =
156
+ * Increased memory available to Wordfence to 256M during security scans, configurable in wordfenceConstants.php
157
+ * Improved memory logging during security scans. Current memory usage is now shown on the far right of filenames while scans occur.
158
+
159
= 1.4.5 =
160
* Bugfix - fixed bug that caused Wordfence menu to dissapear.
161
wfscan.php CHANGED
@@ -43,6 +43,10 @@ class wfScan {
43
if($scanRunning && time() - $scanRunning < WORDFENCE_MAX_SCAN_TIME){
44
self::errorExit("There is already a scan running.");
45
}
46
wfConfig::set('wf_scanRunning', time());
47
register_shutdown_function('wfScan::clearScan');
48
43
if($scanRunning && time() - $scanRunning < WORDFENCE_MAX_SCAN_TIME){
44
self::errorExit("There is already a scan running.");
45
}
46
+ if( function_exists('memory_get_usage') && ( (int) @ini_get('memory_limit') < WORDFENCE_MEM_LIMIT ) ){
47
+ @ini_set('memory_limit', WORDFENCE_MEM_LIMIT . 'M');
48
+ }
49
+
50
wfConfig::set('wf_scanRunning', time());
51
register_shutdown_function('wfScan::clearScan');
52
wordfence.php CHANGED
@@ -4,7 +4,7 @@ Plugin Name: Wordfence Security
4
Plugin URI: http://wordfence.com/
5
Description: WordPress Security - Anti-virus and Firewall security plugin for WordPress
6
Author: Mark Maunder
7
- Version: 1.4.5
8
Author URI: http://wordfence.com/
9
*/
10
require_once('lib/wordfenceConstants.php');
4
Plugin URI: http://wordfence.com/
5
Description: WordPress Security - Anti-virus and Firewall security plugin for WordPress
6
Author: Mark Maunder
7
+ Version: 1.4.6
8
Author URI: http://wordfence.com/
9
*/
10
require_once('lib/wordfenceConstants.php');