Wordfence Security – Firewall & Malware Scan - Version 1.5.4

Version Description

  • Admin can now select to scan outside the WordPress base dir and standard WordPress directories.
  • Max memory size for scans is now configurable for larger installations. 256M is the default.
  • Changed maximum scan time to 10 minutes.
Download this release

Release Info

Developer mmaunder
Plugin Icon 128x128 Wordfence Security – Firewall & Malware Scan
Version 1.5.4
Comparing to
See all releases

Code changes from version 1.5.3 to 1.5.4

Files changed (9) hide show
  1. js/admin.js +1 -1
  2. lib/menu_options.php +2 -0
  3. lib/menu_scan.php +1 -1
  4. lib/wfConfig.php +21 -10
  5. lib/wfScanEngine.php +7 -1
  6. lib/wordfenceConstants.php +1 -2
  7. readme.txt +6 -1
  8. wfscan.php +8 -2
  9. wordfence.php +1 -1
js/admin.js CHANGED
@@ -655,7 +655,7 @@ window['wordfenceAdmin'] = {
655
  }
656
  }
657
  for(var k in WFSLevels[level].otherParams){
658
- if(! /^(?:apiKey|securityLevel|alertEmails|liveTraf_ignoreUsers|liveTraf_ignoreIPs|liveTraf_ignoreUA|liveTraf_hitsMaxSize)$/.test(k)){
659
  jQuery('#' + k).val(WFSLevels[level].otherParams[k]);
660
  }
661
  }
655
  }
656
  }
657
  for(var k in WFSLevels[level].otherParams){
658
+ if(! /^(?:apiKey|securityLevel|alertEmails|liveTraf_ignoreUsers|liveTraf_ignoreIPs|liveTraf_ignoreUA|liveTraf_hitsMaxSize|maxMem)$/.test(k)){
659
  jQuery('#' + k).val(WFSLevels[level].otherParams[k]);
660
  }
661
  }
lib/menu_options.php CHANGED
@@ -169,7 +169,9 @@ var WFSLevels = <?php echo json_encode(wfConfig::$securityLevels); ?>;
169
  <tr><th>Scan comments for malware and phishing URL's</th><td><input type="checkbox" id="other_scanComments" class="wfConfigElem" name="other_scanComments" value="1" <?php $w->cb('other_scanComments'); ?> /></td></tr>
170
  <tr><th>Check password strength on profile update</th><td><input type="checkbox" id="other_pwStrengthOnUpdate" class="wfConfigElem" name="other_pwStrengthOnUpdate" value="1" <?php $w->cb('other_pwStrengthOnUpdate'); ?> /></td></tr>
171
  <tr><th>Participate in the Wordfence Security Network</th><td><input type="checkbox" id="other_WFNet" class="wfConfigElem" name="other_WFNet" value="1" <?php $w->cb('other_WFNet'); ?> /></td></tr>
 
172
  <tr><th>Your Wordfence API Key</th><td><input type="text" id="apiKey" name="apiKey" value="<?php $w->f('apiKey'); ?>" size="20" /></td></tr>
 
173
  <tr><th colspan="2"><a href="/?_wfsf=sysinfo&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Click to view your system's configuration in a new window</a></th></tr>
174
  </table>
175
  <p><table border="0" cellpadding="0" cellspacing="0"><tr><td><input type="button" id="button1" name="button1" class="button-primary" value="Save Changes" onclick="WFAD.saveConfig();" /></td><td style="height: 24px;"><div class="wfAjax24"></div><span class="wfSavedMsg">&nbsp;Your changes have been saved!</span></td></tr></table></p>
169
  <tr><th>Scan comments for malware and phishing URL's</th><td><input type="checkbox" id="other_scanComments" class="wfConfigElem" name="other_scanComments" value="1" <?php $w->cb('other_scanComments'); ?> /></td></tr>
170
  <tr><th>Check password strength on profile update</th><td><input type="checkbox" id="other_pwStrengthOnUpdate" class="wfConfigElem" name="other_pwStrengthOnUpdate" value="1" <?php $w->cb('other_pwStrengthOnUpdate'); ?> /></td></tr>
171
  <tr><th>Participate in the Wordfence Security Network</th><td><input type="checkbox" id="other_WFNet" class="wfConfigElem" name="other_WFNet" value="1" <?php $w->cb('other_WFNet'); ?> /></td></tr>
172
+ <tr><th>Scan files outside your WordPress installation</th><td><input type="checkbox" id="other_scanOutside" class="wfConfigElem" name="other_scanOutside" value="1" <?php $w->cb('other_scanOutside'); ?> /></td></tr>
173
  <tr><th>Your Wordfence API Key</th><td><input type="text" id="apiKey" name="apiKey" value="<?php $w->f('apiKey'); ?>" size="20" /></td></tr>
174
+ <tr><th>Maximum memory Wordfence can use</th><td><input type="text" id="maxMem" name="maxMem" value="<?php $w->f('maxMem'); ?>" size="4" />Megabytes</td></tr>
175
  <tr><th colspan="2"><a href="/?_wfsf=sysinfo&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Click to view your system's configuration in a new window</a></th></tr>
176
  </table>
177
  <p><table border="0" cellpadding="0" cellspacing="0"><tr><td><input type="button" id="button1" name="button1" class="button-primary" value="Save Changes" onclick="WFAD.saveConfig();" /></td><td style="height: 24px;"><div class="wfAjax24"></div><span class="wfSavedMsg">&nbsp;Your changes have been saved!</span></td></tr></table></p>
lib/menu_scan.php CHANGED
@@ -439,7 +439,7 @@
439
  {{/if}}
440
  </td></tr>
441
  <tr><td>
442
- <div class="wordfenceScanButton"><input type="button" value="Start a Wordfence Scan" class="wfStartScanButton button-primary" /></div>
443
  <a href="http://www.wordfence.com/forums/" target="_blank">Visit the Wordfence forums for help.</a>
444
  </td></tr>
445
  </table>
439
  {{/if}}
440
  </td></tr>
441
  <tr><td>
442
+ <div class="wordfenceScanButton"><input type="button" value="Start a Wordfence Scan" class="wfStartScanButton button-primary" onclick="wordfenceAdmin.startScan();" /></div>
443
  <a href="http://www.wordfence.com/forums/" target="_blank">Visit the Wordfence forums for help.</a>
444
  </td></tr>
445
  </table>
lib/wfConfig.php CHANGED
@@ -38,11 +38,12 @@ class wfConfig {
38
  "other_noAnonMemberComments" => false,
39
  "other_scanComments" => false,
40
  "other_pwStrengthOnUpdate" => false,
41
- "other_WFNet" => true
 
42
  ),
43
  "otherParams" => array(
44
  'securityLevel' => '0',
45
- "alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "",
46
  "liveTraf_hitsMaxSize" => 10,
47
  "neverBlockBG" => "neverBlockVerified",
48
  "loginSec_countFailMins" => "5",
@@ -98,11 +99,12 @@ class wfConfig {
98
  "other_noAnonMemberComments" => true,
99
  "other_scanComments" => true,
100
  "other_pwStrengthOnUpdate" => true,
101
- "other_WFNet" => true
 
102
  ),
103
  "otherParams" => array(
104
  'securityLevel' => '1',
105
- "alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "",
106
  "liveTraf_hitsMaxSize" => 10,
107
  "neverBlockBG" => "neverBlockVerified",
108
  "loginSec_countFailMins" => "5",
@@ -158,11 +160,12 @@ class wfConfig {
158
  "other_noAnonMemberComments" => true,
159
  "other_scanComments" => true,
160
  "other_pwStrengthOnUpdate" => true,
161
- "other_WFNet" => true
 
162
  ),
163
  "otherParams" => array(
164
  'securityLevel' => '2',
165
- "alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "",
166
  "liveTraf_hitsMaxSize" => 10,
167
  "neverBlockBG" => "neverBlockVerified",
168
  "loginSec_countFailMins" => "240",
@@ -218,11 +221,12 @@ class wfConfig {
218
  "other_noAnonMemberComments" => true,
219
  "other_scanComments" => true,
220
  "other_pwStrengthOnUpdate" => true,
221
- "other_WFNet" => true
 
222
  ),
223
  "otherParams" => array(
224
  'securityLevel' => '3',
225
- "alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "",
226
  "liveTraf_hitsMaxSize" => 10,
227
  "neverBlockBG" => "neverBlockVerified",
228
  "loginSec_countFailMins" => "1440",
@@ -278,11 +282,12 @@ class wfConfig {
278
  "other_noAnonMemberComments" => true,
279
  "other_scanComments" => true,
280
  "other_pwStrengthOnUpdate" => true,
281
- "other_WFNet" => true
 
282
  ),
283
  "otherParams" => array(
284
  'securityLevel' => '4',
285
- "alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "",
286
  "liveTraf_hitsMaxSize" => 10,
287
  "neverBlockBG" => "neverBlockVerified",
288
  "loginSec_countFailMins" => "1440",
@@ -320,6 +325,12 @@ class wfConfig {
320
  if(! self::get('isPaid', false)){
321
  self::set('isPaid', 'free');
322
  }
 
 
 
 
 
 
323
  }
324
  public static function parseOptions(){
325
  $ret = array();
38
  "other_noAnonMemberComments" => false,
39
  "other_scanComments" => false,
40
  "other_pwStrengthOnUpdate" => false,
41
+ "other_WFNet" => true,
42
+ "other_scanOutside" => false
43
  ),
44
  "otherParams" => array(
45
  'securityLevel' => '0',
46
+ "alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256',
47
  "liveTraf_hitsMaxSize" => 10,
48
  "neverBlockBG" => "neverBlockVerified",
49
  "loginSec_countFailMins" => "5",
99
  "other_noAnonMemberComments" => true,
100
  "other_scanComments" => true,
101
  "other_pwStrengthOnUpdate" => true,
102
+ "other_WFNet" => true,
103
+ "other_scanOutside" => false
104
  ),
105
  "otherParams" => array(
106
  'securityLevel' => '1',
107
+ "alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256',
108
  "liveTraf_hitsMaxSize" => 10,
109
  "neverBlockBG" => "neverBlockVerified",
110
  "loginSec_countFailMins" => "5",
160
  "other_noAnonMemberComments" => true,
161
  "other_scanComments" => true,
162
  "other_pwStrengthOnUpdate" => true,
163
+ "other_WFNet" => true,
164
+ "other_scanOutside" => false
165
  ),
166
  "otherParams" => array(
167
  'securityLevel' => '2',
168
+ "alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256',
169
  "liveTraf_hitsMaxSize" => 10,
170
  "neverBlockBG" => "neverBlockVerified",
171
  "loginSec_countFailMins" => "240",
221
  "other_noAnonMemberComments" => true,
222
  "other_scanComments" => true,
223
  "other_pwStrengthOnUpdate" => true,
224
+ "other_WFNet" => true,
225
+ "other_scanOutside" => false
226
  ),
227
  "otherParams" => array(
228
  'securityLevel' => '3',
229
+ "alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256',
230
  "liveTraf_hitsMaxSize" => 10,
231
  "neverBlockBG" => "neverBlockVerified",
232
  "loginSec_countFailMins" => "1440",
282
  "other_noAnonMemberComments" => true,
283
  "other_scanComments" => true,
284
  "other_pwStrengthOnUpdate" => true,
285
+ "other_WFNet" => true,
286
+ "other_scanOutside" => false
287
  ),
288
  "otherParams" => array(
289
  'securityLevel' => '4',
290
+ "alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256',
291
  "liveTraf_hitsMaxSize" => 10,
292
  "neverBlockBG" => "neverBlockVerified",
293
  "loginSec_countFailMins" => "1440",
325
  if(! self::get('isPaid', false)){
326
  self::set('isPaid', 'free');
327
  }
328
+ if(self::get('maxMem', false) === false ){
329
+ self::set('maxMem', '256');
330
+ }
331
+ if(self::get('other_scanOutside', false) === false){
332
+ self::set('other_scanOutside', 0);
333
+ }
334
  }
335
  public static function parseOptions(){
336
  $ret = array();
lib/wfScanEngine.php CHANGED
@@ -123,9 +123,15 @@ class wfScanEngine {
123
  $hasher = new wordfenceHash(strlen(ABSPATH));
124
  $baseWPStuff = array( '.htaccess', 'index.php', 'license.txt', 'readme.html', 'wp-activate.php', 'wp-admin', 'wp-app.php', 'wp-blog-header.php', 'wp-comments-post.php', 'wp-config-sample.php', 'wp-content', 'wp-cron.php', 'wp-includes', 'wp-links-opml.php', 'wp-load.php', 'wp-login.php', 'wp-mail.php', 'wp-pass.php', 'wp-register.php', 'wp-settings.php', 'wp-signup.php', 'wp-trackback.php', 'xmlrpc.php');
125
  $baseContents = scandir(ABSPATH);
 
 
 
 
126
  foreach($baseContents as $file){ //Only include base files less than a meg that are files.
127
  $fullFile = rtrim(ABSPATH, '/') . '/' . $file;
128
- if(in_array($file, $baseWPStuff) || (is_file($fullFile) && is_readable($fullFile) && filesize($fullFile) < 1000000) ){
 
 
129
  $includeInScan[] = $file;
130
  }
131
  }
123
  $hasher = new wordfenceHash(strlen(ABSPATH));
124
  $baseWPStuff = array( '.htaccess', 'index.php', 'license.txt', 'readme.html', 'wp-activate.php', 'wp-admin', 'wp-app.php', 'wp-blog-header.php', 'wp-comments-post.php', 'wp-config-sample.php', 'wp-content', 'wp-cron.php', 'wp-includes', 'wp-links-opml.php', 'wp-load.php', 'wp-login.php', 'wp-mail.php', 'wp-pass.php', 'wp-register.php', 'wp-settings.php', 'wp-signup.php', 'wp-trackback.php', 'xmlrpc.php');
125
  $baseContents = scandir(ABSPATH);
126
+ $scanOutside = wfConfig::get('other_scanOutside');
127
+ if($scanOutside){
128
+ wordfence::status(2, 'info', "Including files that are outside the WordPress installation in the scan.");
129
+ }
130
  foreach($baseContents as $file){ //Only include base files less than a meg that are files.
131
  $fullFile = rtrim(ABSPATH, '/') . '/' . $file;
132
+ if($scanOutside){
133
+ $includeInScan[] = $file;
134
+ } else if(in_array($file, $baseWPStuff) || (is_file($fullFile) && is_readable($fullFile) && filesize($fullFile) < 1000000) ){
135
  $includeInScan[] = $file;
136
  }
137
  }
lib/wordfenceConstants.php CHANGED
@@ -1,8 +1,7 @@
1
  <?php
2
  define('WORDFENCE_VERSION', 1.2);
3
  define('WORDFENCE_API_URL', 'https://noc1.wordfence.com/');
4
- define('WORDFENCE_MEM_LIMIT', 256); //In Megabytes
5
- define('WORDFENCE_MAX_SCAN_TIME', 1800);
6
  define('WORDFENCE_TRANSIENTS_TIMEOUT', 3600); //how long are items cached in seconds e.g. files downloaded for diffing
7
  define('WORDFENCE_MAX_IPLOC_AGE', 604800); //1 week
8
  define('WORDFENCE_CRAWLER_VERIFY_CACHE_TIME', 604800);
1
  <?php
2
  define('WORDFENCE_VERSION', 1.2);
3
  define('WORDFENCE_API_URL', 'https://noc1.wordfence.com/');
4
+ define('WORDFENCE_MAX_SCAN_TIME', 600);
 
5
  define('WORDFENCE_TRANSIENTS_TIMEOUT', 3600); //how long are items cached in seconds e.g. files downloaded for diffing
6
  define('WORDFENCE_MAX_IPLOC_AGE', 604800); //1 week
7
  define('WORDFENCE_CRAWLER_VERIFY_CACHE_TIME', 604800);
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: mmaunder
3
  Tags: wordpress, security, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure
4
  Requires at least: 3.3.1
5
  Tested up to: 3.3.2
6
- Stable tag: 1.5.3
7
 
8
  Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
9
 
@@ -152,6 +152,11 @@ or a theme, because often these have been updated to fix a security hole.
152
  5. If you're technically minded, this is the under-the-hood view of Wordfence options where you can fine-tune your security settings.
153
 
154
  == Changelog ==
 
 
 
 
 
155
  = 1.5.3 =
156
  * A harmless cosmetic error was being thrown up when some security scans started. Fixed that.
157
 
3
  Tags: wordpress, security, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure
4
  Requires at least: 3.3.1
5
  Tested up to: 3.3.2
6
+ Stable tag: 1.5.4
7
 
8
  Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
9
 
152
  5. If you're technically minded, this is the under-the-hood view of Wordfence options where you can fine-tune your security settings.
153
 
154
  == Changelog ==
155
+ = 1.5.4 =
156
+ * Admin can now select to scan outside the WordPress base dir and standard WordPress directories.
157
+ * Max memory size for scans is now configurable for larger installations. 256M is the default.
158
+ * Changed maximum scan time to 10 minutes.
159
+
160
  = 1.5.3 =
161
  * A harmless cosmetic error was being thrown up when some security scans started. Fixed that.
162
 
wfscan.php CHANGED
@@ -43,8 +43,14 @@ class wfScan {
43
  if($scanRunning && time() - $scanRunning < WORDFENCE_MAX_SCAN_TIME){
44
  self::errorExit("There is already a scan running.");
45
  }
46
- if( function_exists('memory_get_usage') && ( (int) @ini_get('memory_limit') < WORDFENCE_MEM_LIMIT ) ){
47
- @ini_set('memory_limit', WORDFENCE_MEM_LIMIT . 'M');
 
 
 
 
 
 
48
  }
49
 
50
  set_error_handler('wfScan::error_handler', E_ALL);
43
  if($scanRunning && time() - $scanRunning < WORDFENCE_MAX_SCAN_TIME){
44
  self::errorExit("There is already a scan running.");
45
  }
46
+ if(wfConfig::get('maxMem', false) && (int) wfConfig::get('maxMem') > 0){
47
+ $maxMem = (int) wfConfig::get('maxMem');
48
+ } else {
49
+ $maxMem = 256;
50
+ }
51
+ if( function_exists('memory_get_usage') && ( (int) @ini_get('memory_limit') < $maxMem ) ){
52
+ wordfence::status(1, 'info', "Requesting a maximum memory limit of $maxMem megabytes from PHP.");
53
+ @ini_set('memory_limit', $maxMem . 'M');
54
  }
55
 
56
  set_error_handler('wfScan::error_handler', E_ALL);
wordfence.php CHANGED
@@ -4,7 +4,7 @@ Plugin Name: Wordfence Security
4
  Plugin URI: http://wordfence.com/
5
  Description: WordPress Security - Anti-virus and Firewall security plugin for WordPress
6
  Author: Mark Maunder
7
- Version: 1.5.3
8
  Author URI: http://wordfence.com/
9
  */
10
  require_once('lib/wordfenceConstants.php');
4
  Plugin URI: http://wordfence.com/
5
  Description: WordPress Security - Anti-virus and Firewall security plugin for WordPress
6
  Author: Mark Maunder
7
+ Version: 1.5.4
8
  Author URI: http://wordfence.com/
9
  */
10
  require_once('lib/wordfenceConstants.php');