Wordfence Security – Firewall &amp; Malware Scan

Version Description

Added ability for admin's to unlock login and unblock their IP addresses if they're accidentally locked out by the firewall or login security. Uses two security tokens to prevent abuse.
Admins can now also disable firewall and login security from the unlock-me email, just in case of emergency.
Made advanced options visible so you know they exist.
Fixed dns_get_record() function not existing bug on Windows sytems pre PHP 5.3.0. Was causing scans to hang.
Increased login lockout defaults to be much higher which still protects against brute force hacks.
Removed CURLOPT_MAXREDIRS in curl to avoid safe mode warnings.
Fixed ability to view and diff files on blogs installed in subdirectories.
Fixed ability to see individual IP hits on subdir sites.
Plugin and theme update messages now include links to the upgrade page.
Removed the link on the login form that mentions the site is protected by Wordfence.
Changed lockout defaults to be much higher.
Added options for higher number of failures before lockout in options page.
Now including plugin version in the activity log when the admin chooses to email it to us for debugging.

Release Info

Developer	mmaunder
Plugin	Wordfence Security – Firewall & Malware Scan
Version	1.5.5
Comparing to
See all releases

Code changes from version 1.5.4 to 1.5.5

Files changed (15) hide show

css/main.css +12 -0
js/admin.js +5 -2
lib/email_unlockRequest.php +23 -0
lib/menu_options.php +31 -15
lib/menu_scan.php +4 -1
lib/wf503.php +2 -0
lib/wfAPI.php +0 -5
lib/wfConfig.php +11 -11
lib/wfLockedOut.php +2 -0
lib/wfScanEngine.php +7 -3
lib/wfUnlockMsg.php +6 -0
lib/wfUtils.php +16 -0
lib/wordfenceClass.php +84 -7
readme.txt +16 -1
wordfence.php +2 -2

css/main.css CHANGED Viewed

@@ -206,3 +206,15 @@ table th.wfSubheading { font-weight: bold; padding-top: 10px; }
             	background-image: url(../images/icons/arrow_refresh.png);
+            }
             #wfActivity { position: relative; }


206	background-image: url(../images/icons/arrow_refresh.png);
207	}
208	#wfActivity { position: relative; }
209	+ h3.wfConfigHeading {
210	+ font-size: 22px;
211	+ color: #777;
212	+ font-family: Georgia;
213	+ font-style: italic;
214	+ font-weight: normal
215	+ }
216	+ .wfTipText {
217	+ color: #777;
218	+ font-family: Georgia;
219	+ font-style: italic;
220	+ }

js/admin.js CHANGED Viewed

	@@ -549,16 +549,19 @@ window['wordfenceAdmin'] = {
549	return str.charAt(0).toUpperCase() + str.slice(1);
550	},
551	makeIPTrafLink: function(IP){
552	- return '/?_wfsf=IPTraf&nonce=' + this.nonce + '&IP=' + encodeURIComponent(IP);
553	},
554	makeDiffLink: function(dat){
555	- return '/?_wfsf=diff&nonce=' + this.nonce +
556	'&file=' + encodeURIComponent(this.es(dat['file'])) +
557	'&cType=' + encodeURIComponent(this.es(dat['cType'])) +
558	'&cKey=' + encodeURIComponent(this.es(dat['cKey'])) +
559	'&cName=' + encodeURIComponent(this.es(dat['cName'])) +
560	'&cVersion=' + encodeURIComponent(this.es(dat['cVersion']));
561	},



562	makeTimeAgo: function(t){
563	var months = Math.floor(t / (86400 * 30));
564	var days = Math.floor(t / 86400);


549	return str.charAt(0).toUpperCase() + str.slice(1);
550	},
551	makeIPTrafLink: function(IP){
552	+ return WordfenceAdminVars.siteBaseURL + '?_wfsf=IPTraf&nonce=' + this.nonce + '&IP=' + encodeURIComponent(IP);
553	},
554	makeDiffLink: function(dat){
555	+ return WordfenceAdminVars.siteBaseURL + '?_wfsf=diff&nonce=' + this.nonce +
556	'&file=' + encodeURIComponent(this.es(dat['file'])) +
557	'&cType=' + encodeURIComponent(this.es(dat['cType'])) +
558	'&cKey=' + encodeURIComponent(this.es(dat['cKey'])) +
559	'&cName=' + encodeURIComponent(this.es(dat['cName'])) +
560	'&cVersion=' + encodeURIComponent(this.es(dat['cVersion']));
561	},
562	+ makeViewFileLink: function(file){
563	+ return WordfenceAdminVars.siteBaseURL + '?_wfsf=view&nonce=' + this.nonce + '&file=' + encodeURIComponent(file);
564	+ },
565	makeTimeAgo: function(t){
566	var months = Math.floor(t / (86400 * 30));
567	var days = Math.floor(t / 86400);

lib/email_unlockRequest.php ADDED Viewed

	@@ -0,0 +1,23 @@


1	+ Either you or someone else at IP address <b><?php echo $IP; ?></b> requesed instructions to<br />
2	+ regain access to the website <a href="<?php echo wfUtils::getSiteBaseURL(); ?>"><b><?php echo $siteName; ?></b></a>.<br />
3	+ <br />
4	+ If you did not request these instructions then you can safely ignore them.<br />
5	+ These instructions <b>will be valid for 30 minutes</b>
6	+ from the time they were sent.
7	+ <ul>
8	+ <li>
9	+ <a href="<?php echo $unlockHref; ?>&func=unlockMyIP">Click here to unlock your ability to sign-in and to access to the site.</a> Do this if you simply need to regain access because you were accidentally locked out.
10	+ </li>
11	+ <li>
12	+ <a href="<?php echo $unlockHref; ?>&func=unlockAllIPs">Click here to unblock all IP addresses.</a> Do this if you still can't regain access using the link above. It causes everyone who is blocked or locked out to be able to access your site again.
13	+ </li>
14	+ <li>
15	+ <a href="<?php echo $unlockHref; ?>&func=disableRules">Click here to unlock all IP addresses and disable the Wordfence Firewall and Wordefence login security for all users.</a> Do this if you keep getting locked out or blocked and can't access your site. You can re-enable login security and the firewall once you sign-in to the site by visiting the Wordfence options menu and checking the boxes under advanced options to enable the firewall and login security.
16	+ </li>
17	+ </ul>
18	+ <br />
19	+ <br />
20	+ If you have any further questions, please <a href="https://www.wordfence.com/forums/">visit our support forum at www.wordfence.com</a>.
21	+ <br />
22	+ <br />
23	+ <br />

lib/menu_options.php CHANGED Viewed

	@@ -15,10 +15,9 @@ var WFSLevels = <?php echo json_encode(wfConfig::$securityLevels); ?>;
15
16	<form id="wfConfigForm">
17	<table class="wfConfigForm">
18	- <tr><td colspan="2"><h2>~~Alerts~~</h2></td></tr>
19	- <tr><th>~~List~~ ~~of emails~~ to ~~alert,~~ ~~separated by commas</~~th><td><input type="text" id="alertEmails" name="alertEmails" value="<?php $w->f('alertEmails'); ?>" size="50" ~~/></~~td></tr>
20	- <tr><~~td colspan="2"><h2~~>Security Level~~</h2></~~td~~></tr~~>
21	- <tr><td colspan="2">
22	<select id="securityLevel" name="securityLevel" onchange="WFAD.changeSecurityLevel(); return true;">
23	<option value="0"<?php $w->sel('securityLevel', '0'); ?>>Level 0: Disable all Wordfence security measures</option>
24	<option value="1"<?php $w->sel('securityLevel', '1'); ?>>Level 1: Light protection. Just the basics</option>
	@@ -31,13 +30,16 @@ var WFSLevels = <?php echo json_encode(wfConfig::$securityLevels); ?>;
31
32	</table>
33	<p><table border="0" cellpadding="0" cellspacing="0"><tr><td><input type="button" id="button1" name="button1" class="button-primary" value="Save Changes" onclick="WFAD.saveConfig();" /></td><td style="height: 24px;"><div class="wfAjax24"></div><span class="wfSavedMsg"> Your changes have been saved!</span></td></tr></table></p>
34	- <div>
35	- <~~p style="width: 600px;"~~>~~Wordfence~~ ~~works great out of the box for most websites. Simply install Wordfence and your site and content is protected. For finer granularity of control, we have provided advanced options.</p~~>
36	- <a ~~href~~="#" ~~onclick="jQuery('#wfConfigAdvanced').fadeToggle()~~;">~~Show or hide advanced options that let you create a custom security profile</a>~~



37	</div>
38	- <div id="wfConfigAdvanced" ~~style="display: none;"~~>
39	<table class="wfConfigForm">
40	- <tr><td colspan="2"><h2>Alerts</h2></td></tr>
41	<tr><th>Alert on critical problems</th><td><input type="checkbox" id="alertOn_critical" class="wfConfigElem" name="alertOn_critical" value="1" <?php $w->cb('alertOn_critical'); ?>/></td></tr>
42	<tr><th>Alert on warnings</th><td><input type="checkbox" id="alertOn_warnings" class="wfConfigElem" name="alertOn_warnings" value="1" <?php $w->cb('alertOn_warnings'); ?>/></td></tr>
43	<tr><th>Alert when an IP address is blocked</th><td><input type="checkbox" id="alertOn_block" class="wfConfigElem" name="alertOn_block" value="1" <?php $w->cb('alertOn_block'); ?>/></td></tr>
	@@ -45,14 +47,14 @@ var WFSLevels = <?php echo json_encode(wfConfig::$securityLevels); ?>;
45	<tr><th>Alert when the "lost password" form is used for a valid user</th><td><input type="checkbox" id="alertOn_lostPasswdForm" class="wfConfigElem" name="alertOn_lostPasswdForm" value="1" <?php $w->cb('alertOn_lostPasswdForm'); ?>/></td></tr>
46	<tr><th>Alert me when someone with administrator access signs in</th><td><input type="checkbox" id="alertOn_adminLogin" class="wfConfigElem" name="alertOn_adminLogin" value="1" <?php $w->cb('alertOn_adminLogin'); ?>/></td></tr>
47	<tr><th>Alert me when a non-admin user signs in</th><td><input type="checkbox" id="alertOn_nonAdminLogin" class="wfConfigElem" name="alertOn_nonAdminLogin" value="1" <?php $w->cb('alertOn_nonAdminLogin'); ?>/></td></tr>
48	- <tr><td colspan="2"><h2>Live Traffic View</h2></td></tr>
49	<tr><th class="wfConfigEnable">Enable Live Traffic View</th><td><input type="checkbox" id="liveTrafficEnabled" class="wfConfigElem" name="liveTrafficEnabled" value="1" <?php $w->cb('liveTrafficEnabled'); ?> onclick="WFAD.reloadConfigPage = true; return true;" /></td></tr>
50	<tr><th>Don't log signed-in users with publishing access:</th><td><input type="checkbox" id="liveTraf_ignorePublishers" name="liveTraf_ignorePublishers" value="1" <?php $w->cb('liveTraf_ignorePublishers'); ?> /></td></tr>
51	<tr><th>List of comma separated usernames to ignore:</th><td><input type="text" name="liveTraf_ignoreUsers" id="liveTraf_ignoreUsers" value="<?php echo $w->getHTML('liveTraf_ignoreUsers'); ?>" /></td></tr>
52	<tr><th>List of comma separated IP addresses to ignore:</th><td><input type="text" name="liveTraf_ignoreIPs" id="liveTraf_ignoreIPs" value="<?php echo $w->getHTML('liveTraf_ignoreIPs'); ?>" /></td></tr>
53	<tr><th>Browser user-agent to ignore:</th><td><input type="text" name="liveTraf_ignoreUA" id="liveTraf_ignoreUA" value="<?php echo $w->getHTML('liveTraf_ignoreUA'); ?>" /></td></tr>
54	<tr><th>Limit size of hits table to</th><td><input type="text" name="liveTraf_hitsMaxSize" class="wfConfigElem" name="liveTraf_hitsMaxSize" value="<?php $w->f('liveTraf_hitsMaxSize'); ?>" size="6" />Megabytes</td></tr>
55	- <tr><td colspan="2"><h2>Scans to include</h2></td></tr>
56	<tr><th class="wfConfigEnable">Enable automatic scheduled scans</th><td><input type="checkbox" id="scheduledScansEnabled" class="wfConfigElem" name="scheduledScansEnabled" value="1" <?php $w->cb('scheduledScansEnabled'); ?> /></td></tr>
57	<tr><th>Scan core files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_core" class="wfConfigElem" name="scansEnabled_core" value="1" <?php $w->cb('scansEnabled_core'); ?>/></td></tr>
58
	@@ -60,7 +62,7 @@ var WFSLevels = <?php echo json_encode(wfConfig::$securityLevels); ?>;
60	<tr><th>Scan theme files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_themes" class="wfConfigElem" name="scansEnabled_themes" value="1" <?php $w->cb('scansEnabled_themes'); ?>/></td></tr>
61	<tr><th>Scan plugin files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_plugins" class="wfConfigElem" name="scansEnabled_plugins" value="1" <?php $w->cb('scansEnabled_plugins'); ?>/></td></tr>
62	<?php } else { ?>
63	- <tr><th style="color: #F00; padding-top: 10px;">Only available to Premium Members~~:</~~th><td></td></tr>
64	<tr><th style="color: #999;">Scan theme files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_themes" class="wfConfigElem" name="scansEnabled_themes" value="1" DISABLED /></td></tr>
65	<tr><th style="color: #999;">Scan plugin files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_plugins" class="wfConfigElem" name="scansEnabled_plugins" value="1" DISABLED /></td></tr>
66	<tr><td colspan="2"> </td></tr>
	@@ -74,7 +76,7 @@ var WFSLevels = <?php echo json_encode(wfConfig::$securityLevels); ?>;
74	<tr><th>Monitor disk space</th><td><input type="checkbox" id="scansEnabled_diskSpace" class="wfConfigElem" name="scansEnabled_diskSpace" value="1" <?php $w->cb('scansEnabled_diskSpace'); ?>/></td></tr>
75	<tr><th>Scan for unauthorized DNS changes</th><td><input type="checkbox" id="scansEnabled_dns" class="wfConfigElem" name="scansEnabled_dns" value="1" <?php $w->cb('scansEnabled_dns'); ?>/></td></tr>
76	<tr><td colspan="2">
77	- <h2>Firewall Rules</h2>
78	</td></tr>
79
80	<tr><th class="wfConfigEnable">Enable firewall rules</th><td><input type="checkbox" id="firewallEnabled" class="wfConfigElem" name="firewallEnabled" value="1" <?php $w->cb('firewallEnabled'); ?> /></td></tr>
	@@ -107,7 +109,7 @@ var WFSLevels = <?php echo json_encode(wfConfig::$securityLevels); ?>;
107	<option value="2592000"<?php $w->sel('blockedTime', '2592000'); ?>>1 month</option>
108	</select></td></tr>
109
110	- <tr><td colspan="2"><h2>Login Security Options</h2></td></tr>
111	<tr><th class="wfConfigEnable">Enable login security</th><td><input type="checkbox" id="loginSecurityEnabled" class="wfConfigElem" name="loginSecurityEnabled" value="1" <?php $w->cb('loginSecurityEnabled'); ?> /></td></tr>
112	<tr><th>Lock out after how many login failures</th><td>
113	<select id="loginSec_maxFailures" class="wfConfigElem" name="loginSec_maxFailures">
	@@ -121,6 +123,13 @@ var WFSLevels = <?php echo json_encode(wfConfig::$securityLevels); ?>;
121	<option value="8"<?php $w->sel('loginSec_maxFailures', '8'); ?>>8</option>
122	<option value="9"<?php $w->sel('loginSec_maxFailures', '9'); ?>>9</option>
123	<option value="10"<?php $w->sel('loginSec_maxFailures', '10'); ?>>10</option>







124	</select>
125	</td></tr>
126	<tr><th>Lock out after how many forgot password attempts</th><td>
	@@ -135,6 +144,13 @@ var WFSLevels = <?php echo json_encode(wfConfig::$securityLevels); ?>;
135	<option value="8"<?php $w->sel('loginSec_maxForgotPasswd', '8'); ?>>8</option>
136	<option value="9"<?php $w->sel('loginSec_maxForgotPasswd', '9'); ?>>9</option>
137	<option value="10"<?php $w->sel('loginSec_maxForgotPasswd', '10'); ?>>10</option>







138	</select>
139	</td></tr>
140	<tr><th>Count failures over what time period</th><td>
	@@ -163,7 +179,7 @@ var WFSLevels = <?php echo json_encode(wfConfig::$securityLevels); ?>;
163	</td></tr>
164	<tr><th>Immediately lock out invalid usernames</th><td><input type="checkbox" id="loginSec_lockInvalidUsers" class="wfConfigElem" name="loginSec_lockInvalidUsers" <?php $w->cb('loginSec_lockInvalidUsers'); ?> /></td></tr>
165	<tr><th>Don't let WordPress reveal valid users in login errors</th><td><input type="checkbox" id="loginSec_maskLoginErrors" class="wfConfigElem" name="loginSec_maskLoginErrors" <?php $w->cb('loginSec_maskLoginErrors'); ?> /></td></tr>
166	- <tr><td colspan="2"><h2>Other Options</h2></td></tr>
167	<tr><th>Hide WordPress version</th><td><input type="checkbox" id="other_hideWPVersion" class="wfConfigElem" name="other_hideWPVersion" value="1" <?php $w->cb('other_hideWPVersion'); ?> /></td></tr>
168	<tr><th>Hold anonymous comments using member emails for moderation</th><td><input type="checkbox" id="other_noAnonMemberComments" class="wfConfigElem" name="other_noAnonMemberComments" value="1" <?php $w->cb('other_noAnonMemberComments'); ?> /></td></tr>
169	<tr><th>Scan comments for malware and phishing URL's</th><td><input type="checkbox" id="other_scanComments" class="wfConfigElem" name="other_scanComments" value="1" <?php $w->cb('other_scanComments'); ?> /></td></tr>


15
16	<form id="wfConfigForm">
17	<table class="wfConfigForm">
18	+ <tr><td colspan="2"><h2>Basic Options</h2></td></tr>
19	+ <tr><th>Where to email alerts:</th><td><input type="text" id="alertEmails" name="alertEmails" value="<?php $w->f('alertEmails'); ?>" size="50" /> <span class="wfTipText">Separate multiple emails with commas</span></td></tr>
20	+ <tr><th>Security Level:</th><td>

21	<select id="securityLevel" name="securityLevel" onchange="WFAD.changeSecurityLevel(); return true;">
22	<option value="0"<?php $w->sel('securityLevel', '0'); ?>>Level 0: Disable all Wordfence security measures</option>
23	<option value="1"<?php $w->sel('securityLevel', '1'); ?>>Level 1: Light protection. Just the basics</option>

30
31	</table>
32	<p><table border="0" cellpadding="0" cellspacing="0"><tr><td><input type="button" id="button1" name="button1" class="button-primary" value="Save Changes" onclick="WFAD.saveConfig();" /></td><td style="height: 24px;"><div class="wfAjax24"></div><span class="wfSavedMsg"> Your changes have been saved!</span></td></tr></table></p>
33	+ <div style="margin-top: 25px;">
34	+ <h2>Advanced Options:</h2>
35	+ <p style="width: 600px;">
36	+ Wordfence works great out of the box for most websites. Simply install Wordfence and your site and content is protected. For finer granularity of control, we have provided advanced options.
37	+ If you need help with advanced options, <a href="http://www.wordfence.com/forums/forum/wordfence-support-questions/" target="_blank">please ask in the Wordfence support forum</a>.
38	+ </p>
39	</div>
40	+ <div id="wfConfigAdvanced">
41	<table class="wfConfigForm">
42	+ <tr><td colspan="2"><h3 class="wfConfigHeading">Alerts</h3></td></tr>
43	<tr><th>Alert on critical problems</th><td><input type="checkbox" id="alertOn_critical" class="wfConfigElem" name="alertOn_critical" value="1" <?php $w->cb('alertOn_critical'); ?>/></td></tr>
44	<tr><th>Alert on warnings</th><td><input type="checkbox" id="alertOn_warnings" class="wfConfigElem" name="alertOn_warnings" value="1" <?php $w->cb('alertOn_warnings'); ?>/></td></tr>
45	<tr><th>Alert when an IP address is blocked</th><td><input type="checkbox" id="alertOn_block" class="wfConfigElem" name="alertOn_block" value="1" <?php $w->cb('alertOn_block'); ?>/></td></tr>

47	<tr><th>Alert when the "lost password" form is used for a valid user</th><td><input type="checkbox" id="alertOn_lostPasswdForm" class="wfConfigElem" name="alertOn_lostPasswdForm" value="1" <?php $w->cb('alertOn_lostPasswdForm'); ?>/></td></tr>
48	<tr><th>Alert me when someone with administrator access signs in</th><td><input type="checkbox" id="alertOn_adminLogin" class="wfConfigElem" name="alertOn_adminLogin" value="1" <?php $w->cb('alertOn_adminLogin'); ?>/></td></tr>
49	<tr><th>Alert me when a non-admin user signs in</th><td><input type="checkbox" id="alertOn_nonAdminLogin" class="wfConfigElem" name="alertOn_nonAdminLogin" value="1" <?php $w->cb('alertOn_nonAdminLogin'); ?>/></td></tr>
50	+ <tr><td colspan="2"><h3 class="wfConfigHeading">Live Traffic View</h3></td></tr>
51	<tr><th class="wfConfigEnable">Enable Live Traffic View</th><td><input type="checkbox" id="liveTrafficEnabled" class="wfConfigElem" name="liveTrafficEnabled" value="1" <?php $w->cb('liveTrafficEnabled'); ?> onclick="WFAD.reloadConfigPage = true; return true;" /></td></tr>
52	<tr><th>Don't log signed-in users with publishing access:</th><td><input type="checkbox" id="liveTraf_ignorePublishers" name="liveTraf_ignorePublishers" value="1" <?php $w->cb('liveTraf_ignorePublishers'); ?> /></td></tr>
53	<tr><th>List of comma separated usernames to ignore:</th><td><input type="text" name="liveTraf_ignoreUsers" id="liveTraf_ignoreUsers" value="<?php echo $w->getHTML('liveTraf_ignoreUsers'); ?>" /></td></tr>
54	<tr><th>List of comma separated IP addresses to ignore:</th><td><input type="text" name="liveTraf_ignoreIPs" id="liveTraf_ignoreIPs" value="<?php echo $w->getHTML('liveTraf_ignoreIPs'); ?>" /></td></tr>
55	<tr><th>Browser user-agent to ignore:</th><td><input type="text" name="liveTraf_ignoreUA" id="liveTraf_ignoreUA" value="<?php echo $w->getHTML('liveTraf_ignoreUA'); ?>" /></td></tr>
56	<tr><th>Limit size of hits table to</th><td><input type="text" name="liveTraf_hitsMaxSize" class="wfConfigElem" name="liveTraf_hitsMaxSize" value="<?php $w->f('liveTraf_hitsMaxSize'); ?>" size="6" />Megabytes</td></tr>
57	+ <tr><td colspan="2"><h3 class="wfConfigHeading">Scans to include</h3></td></tr>
58	<tr><th class="wfConfigEnable">Enable automatic scheduled scans</th><td><input type="checkbox" id="scheduledScansEnabled" class="wfConfigElem" name="scheduledScansEnabled" value="1" <?php $w->cb('scheduledScansEnabled'); ?> /></td></tr>
59	<tr><th>Scan core files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_core" class="wfConfigElem" name="scansEnabled_core" value="1" <?php $w->cb('scansEnabled_core'); ?>/></td></tr>
60

62	<tr><th>Scan theme files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_themes" class="wfConfigElem" name="scansEnabled_themes" value="1" <?php $w->cb('scansEnabled_themes'); ?>/></td></tr>
63	<tr><th>Scan plugin files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_plugins" class="wfConfigElem" name="scansEnabled_plugins" value="1" <?php $w->cb('scansEnabled_plugins'); ?>/></td></tr>
64	<?php } else { ?>
65	+ <tr><th style="color: #F00; padding-top: 10px;" colspan="2">Only available to Premium Members: <a href="https://www.wordfence.com/choose-a-wordfence-membership-type/" target="_blank">[click to upgrade]</a></th><td></td></tr>
66	<tr><th style="color: #999;">Scan theme files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_themes" class="wfConfigElem" name="scansEnabled_themes" value="1" DISABLED /></td></tr>
67	<tr><th style="color: #999;">Scan plugin files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_plugins" class="wfConfigElem" name="scansEnabled_plugins" value="1" DISABLED /></td></tr>
68	<tr><td colspan="2"> </td></tr>

76	<tr><th>Monitor disk space</th><td><input type="checkbox" id="scansEnabled_diskSpace" class="wfConfigElem" name="scansEnabled_diskSpace" value="1" <?php $w->cb('scansEnabled_diskSpace'); ?>/></td></tr>
77	<tr><th>Scan for unauthorized DNS changes</th><td><input type="checkbox" id="scansEnabled_dns" class="wfConfigElem" name="scansEnabled_dns" value="1" <?php $w->cb('scansEnabled_dns'); ?>/></td></tr>
78	<tr><td colspan="2">
79	+ <h3 class="wfConfigHeading">Firewall Rules</h3>
80	</td></tr>
81
82	<tr><th class="wfConfigEnable">Enable firewall rules</th><td><input type="checkbox" id="firewallEnabled" class="wfConfigElem" name="firewallEnabled" value="1" <?php $w->cb('firewallEnabled'); ?> /></td></tr>

109	<option value="2592000"<?php $w->sel('blockedTime', '2592000'); ?>>1 month</option>
110	</select></td></tr>
111
112	+ <tr><td colspan="2"><h3 class="wfConfigHeading">Login Security Options</h3></td></tr>
113	<tr><th class="wfConfigEnable">Enable login security</th><td><input type="checkbox" id="loginSecurityEnabled" class="wfConfigElem" name="loginSecurityEnabled" value="1" <?php $w->cb('loginSecurityEnabled'); ?> /></td></tr>
114	<tr><th>Lock out after how many login failures</th><td>
115	<select id="loginSec_maxFailures" class="wfConfigElem" name="loginSec_maxFailures">

123	<option value="8"<?php $w->sel('loginSec_maxFailures', '8'); ?>>8</option>
124	<option value="9"<?php $w->sel('loginSec_maxFailures', '9'); ?>>9</option>
125	<option value="10"<?php $w->sel('loginSec_maxFailures', '10'); ?>>10</option>
126	+ <option value="20"<?php $w->sel('loginSec_maxFailures', '20'); ?>>20</option>
127	+ <option value="30"<?php $w->sel('loginSec_maxFailures', '30'); ?>>30</option>
128	+ <option value="40"<?php $w->sel('loginSec_maxFailures', '40'); ?>>40</option>
129	+ <option value="50"<?php $w->sel('loginSec_maxFailures', '50'); ?>>50</option>
130	+ <option value="100"<?php $w->sel('loginSec_maxFailures', '100'); ?>>100</option>
131	+ <option value="200"<?php $w->sel('loginSec_maxFailures', '200'); ?>>200</option>
132	+ <option value="500"<?php $w->sel('loginSec_maxFailures', '500'); ?>>500</option>
133	</select>
134	</td></tr>
135	<tr><th>Lock out after how many forgot password attempts</th><td>

144	<option value="8"<?php $w->sel('loginSec_maxForgotPasswd', '8'); ?>>8</option>
145	<option value="9"<?php $w->sel('loginSec_maxForgotPasswd', '9'); ?>>9</option>
146	<option value="10"<?php $w->sel('loginSec_maxForgotPasswd', '10'); ?>>10</option>
147	+ <option value="20"<?php $w->sel('loginSec_maxForgotPasswd', '20'); ?>>20</option>
148	+ <option value="30"<?php $w->sel('loginSec_maxForgotPasswd', '30'); ?>>30</option>
149	+ <option value="40"<?php $w->sel('loginSec_maxForgotPasswd', '40'); ?>>40</option>
150	+ <option value="50"<?php $w->sel('loginSec_maxForgotPasswd', '50'); ?>>50</option>
151	+ <option value="100"<?php $w->sel('loginSec_maxForgotPasswd', '100'); ?>>100</option>
152	+ <option value="200"<?php $w->sel('loginSec_maxForgotPasswd', '200'); ?>>200</option>
153	+ <option value="500"<?php $w->sel('loginSec_maxForgotPasswd', '500'); ?>>500</option>
154	</select>
155	</td></tr>
156	<tr><th>Count failures over what time period</th><td>

179	</td></tr>
180	<tr><th>Immediately lock out invalid usernames</th><td><input type="checkbox" id="loginSec_lockInvalidUsers" class="wfConfigElem" name="loginSec_lockInvalidUsers" <?php $w->cb('loginSec_lockInvalidUsers'); ?> /></td></tr>
181	<tr><th>Don't let WordPress reveal valid users in login errors</th><td><input type="checkbox" id="loginSec_maskLoginErrors" class="wfConfigElem" name="loginSec_maskLoginErrors" <?php $w->cb('loginSec_maskLoginErrors'); ?> /></td></tr>
182	+ <tr><td colspan="2"><h3 class="wfConfigHeading">Other Options</h3></td></tr>
183	<tr><th>Hide WordPress version</th><td><input type="checkbox" id="other_hideWPVersion" class="wfConfigElem" name="other_hideWPVersion" value="1" <?php $w->cb('other_hideWPVersion'); ?> /></td></tr>
184	<tr><th>Hold anonymous comments using member emails for moderation</th><td><input type="checkbox" id="other_noAnonMemberComments" class="wfConfigElem" name="other_noAnonMemberComments" value="1" <?php $w->cb('other_noAnonMemberComments'); ?> /></td></tr>
185	<tr><th>Scan comments for malware and phishing URL's</th><td><input type="checkbox" id="other_scanComments" class="wfConfigElem" name="other_scanComments" value="1" <?php $w->cb('other_scanComments'); ?> /></td></tr>

lib/menu_scan.php CHANGED Viewed

	@@ -70,6 +70,7 @@
70	</p>
71	<p>
72	{{html longMsg}}

73	</p>
74	<div class="wfIssueOptions">
75	{{if (status == 'new')}}
	@@ -104,6 +105,7 @@
104	</p>
105	<p>
106	{{html longMsg}}

107	</p>
108	<div class="wfIssueOptions">
109	{{if status == 'new'}}
	@@ -136,6 +138,7 @@
136	</p>
137	<p>
138	{{html longMsg}}

139	</p>
140	<div class="wfIssueOptions">
141	{{if (status == 'new')}}
	@@ -348,7 +351,7 @@
348	<div class="wfIssueOptions">
349	<strong>Tools:</strong>
350	{{if data.fileExists}}
351	- <a target="_blank" href="~~/?_wfsf=view&nonce=$~~{WFAD.~~nonce}&file=${encodeURIComponent~~(data.file)}">View the file.</a>
352	{{/if}}
353	{{if data.canFix}}
354	<a href="#" onclick="WFAD.restoreFile('${id}'); return false;">Restore the original version of this file.</a>


70	</p>
71	<p>
72	{{html longMsg}}
73	+ <a href="<?php echo get_admin_url() . 'update-core.php'; ?>">Click here to update now</a>.
74	</p>
75	<div class="wfIssueOptions">
76	{{if (status == 'new')}}

105	</p>
106	<p>
107	{{html longMsg}}
108	+ <a href="<?php echo get_admin_url() . 'update-core.php'; ?>">Click here to update now</a>.
109	</p>
110	<div class="wfIssueOptions">
111	{{if status == 'new'}}

138	</p>
139	<p>
140	{{html longMsg}}
141	+ <a href="<?php echo get_admin_url() . 'update-core.php'; ?>">Click here to update now</a>.
142	</p>
143	<div class="wfIssueOptions">
144	{{if (status == 'new')}}

351	<div class="wfIssueOptions">
352	<strong>Tools:</strong>
353	{{if data.fileExists}}
354	+ <a target="_blank" href="${WFAD.makeViewFileLink(data.file)}">View the file.</a>
355	{{/if}}
356	{{if data.canFix}}
357	<a href="#" onclick="WFAD.restoreFile('${id}'); return false;">Restore the original version of this file.</a>

lib/wf503.php CHANGED Viewed

	@@ -5,5 +5,7 @@
5	<h1>Service Unavailable</h1>
6	<p>Your access to this service has been temporarily limited. Please try again in a few minutes. (HTTP response code 503)</p>
7	<hr>


8	<address>This response was generated by Wordfence.</address>
9	</body></html>


5	<h1>Service Unavailable</h1>
6	<p>Your access to this service has been temporarily limited. Please try again in a few minutes. (HTTP response code 503)</p>
7	<hr>
8	+ <br /><br />
9	+ <?php require('wfUnlockMsg.php'); ?>
10	<address>This response was generated by Wordfence.</address>
11	</body></html>

lib/wfAPI.php CHANGED Viewed

	@@ -67,8 +67,6 @@ class wfAPI {
67	curl_setopt ($curl, CURLOPT_SSL_VERIFYPEER, false);
68	curl_setopt ($curl, CURLOPT_SSL_VERIFYHOST, false);
69	curl_setopt ($curl, CURLOPT_WRITEFUNCTION, array($this, 'curlWrite'));
70	- @curl_setopt ($curl, CURLOPT_FOLLOWLOCATION, true);
71	- @curl_setopt ($curl, CURLOPT_MAXREDIRS, 10);
72	curl_setopt($curl, CURLOPT_POST, true);
73	curl_setopt($curl, CURLOPT_POSTFIELDS, $postParams);
74
	@@ -106,9 +104,6 @@ class wfAPI {
106	curl_setopt ($curl, CURLOPT_RETURNTRANSFER, TRUE);
107	curl_setopt ($curl, CURLOPT_SSL_VERIFYPEER, false);
108	curl_setopt ($curl, CURLOPT_SSL_VERIFYHOST, false);
109	-
110	- @curl_setopt ($curl, CURLOPT_FOLLOWLOCATION, true);
111	- @curl_setopt ($curl, CURLOPT_MAXREDIRS, 10);
112	curl_setopt($curl, CURLOPT_POST, true);
113	if($postData){
114	curl_setopt($curl, CURLOPT_POSTFIELDS, $postData);


67	curl_setopt ($curl, CURLOPT_SSL_VERIFYPEER, false);
68	curl_setopt ($curl, CURLOPT_SSL_VERIFYHOST, false);
69	curl_setopt ($curl, CURLOPT_WRITEFUNCTION, array($this, 'curlWrite'));


70	curl_setopt($curl, CURLOPT_POST, true);
71	curl_setopt($curl, CURLOPT_POSTFIELDS, $postParams);
72

104	curl_setopt ($curl, CURLOPT_RETURNTRANSFER, TRUE);
105	curl_setopt ($curl, CURLOPT_SSL_VERIFYPEER, false);
106	curl_setopt ($curl, CURLOPT_SSL_VERIFYHOST, false);



107	curl_setopt($curl, CURLOPT_POST, true);
108	if($postData){
109	curl_setopt($curl, CURLOPT_POSTFIELDS, $postData);

lib/wfConfig.php CHANGED Viewed

	@@ -48,8 +48,8 @@ class wfConfig {
48	"neverBlockBG" => "neverBlockVerified",
49	"loginSec_countFailMins" => "5",
50	"loginSec_lockoutMins" => "5",
51	- 'loginSec_maxFailures' => "5",
52	- 'loginSec_maxForgotPasswd' => "5",
53	'maxGlobalRequests' => "DISABLED",
54	'maxGlobalRequests_action' => "throttle",
55	'maxRequestsCrawlers' => "DISABLED",
	@@ -109,8 +109,8 @@ class wfConfig {
109	"neverBlockBG" => "neverBlockVerified",
110	"loginSec_countFailMins" => "5",
111	"loginSec_lockoutMins" => "5",
112	- 'loginSec_maxFailures' => "10",
113	- 'loginSec_maxForgotPasswd' => "10",
114	'maxGlobalRequests' => "960",
115	'maxGlobalRequests_action' => "throttle",
116	'maxRequestsCrawlers' => "960",
	@@ -170,8 +170,8 @@ class wfConfig {
170	"neverBlockBG" => "neverBlockVerified",
171	"loginSec_countFailMins" => "240",
172	"loginSec_lockoutMins" => "240",
173	- 'loginSec_maxFailures' => "3",
174	- 'loginSec_maxForgotPasswd' => "5",
175	'maxGlobalRequests' => "960",
176	'maxGlobalRequests_action' => "throttle",
177	'maxRequestsCrawlers' => "960",
	@@ -231,8 +231,8 @@ class wfConfig {
231	"neverBlockBG" => "neverBlockVerified",
232	"loginSec_countFailMins" => "1440",
233	"loginSec_lockoutMins" => "1440",
234	- 'loginSec_maxFailures' => "3",
235	- 'loginSec_maxForgotPasswd' => "3",
236	'maxGlobalRequests' => "960",
237	'maxGlobalRequests_action' => "throttle",
238	'maxRequestsCrawlers' => "960",
	@@ -292,8 +292,8 @@ class wfConfig {
292	"neverBlockBG" => "neverBlockVerified",
293	"loginSec_countFailMins" => "1440",
294	"loginSec_lockoutMins" => "1440",
295	- 'loginSec_maxFailures' => "3",
296	- 'loginSec_maxForgotPasswd' => "3",
297	'maxGlobalRequests' => "960",
298	'maxGlobalRequests_action' => "throttle",
299	'maxRequestsCrawlers' => "960",
	@@ -435,7 +435,7 @@ class wfConfig {
435	$emails = array();
436	foreach($dat as $email){
437	if(preg_match('/\@/', $email)){
438	- $emails[] = $email;
439	}
440	}
441	return $emails;


48	"neverBlockBG" => "neverBlockVerified",
49	"loginSec_countFailMins" => "5",
50	"loginSec_lockoutMins" => "5",
51	+ 'loginSec_maxFailures' => "500",
52	+ 'loginSec_maxForgotPasswd' => "500",
53	'maxGlobalRequests' => "DISABLED",
54	'maxGlobalRequests_action' => "throttle",
55	'maxRequestsCrawlers' => "DISABLED",

109	"neverBlockBG" => "neverBlockVerified",
110	"loginSec_countFailMins" => "5",
111	"loginSec_lockoutMins" => "5",
112	+ 'loginSec_maxFailures' => "50",
113	+ 'loginSec_maxForgotPasswd' => "50",
114	'maxGlobalRequests' => "960",
115	'maxGlobalRequests_action' => "throttle",
116	'maxRequestsCrawlers' => "960",

170	"neverBlockBG" => "neverBlockVerified",
171	"loginSec_countFailMins" => "240",
172	"loginSec_lockoutMins" => "240",
173	+ 'loginSec_maxFailures' => "20",
174	+ 'loginSec_maxForgotPasswd' => "20",
175	'maxGlobalRequests' => "960",
176	'maxGlobalRequests_action' => "throttle",
177	'maxRequestsCrawlers' => "960",

231	"neverBlockBG" => "neverBlockVerified",
232	"loginSec_countFailMins" => "1440",
233	"loginSec_lockoutMins" => "1440",
234	+ 'loginSec_maxFailures' => "10",
235	+ 'loginSec_maxForgotPasswd' => "10",
236	'maxGlobalRequests' => "960",
237	'maxGlobalRequests_action' => "throttle",
238	'maxRequestsCrawlers' => "960",

292	"neverBlockBG" => "neverBlockVerified",
293	"loginSec_countFailMins" => "1440",
294	"loginSec_lockoutMins" => "1440",
295	+ 'loginSec_maxFailures' => "5",
296	+ 'loginSec_maxForgotPasswd' => "5",
297	'maxGlobalRequests' => "960",
298	'maxGlobalRequests_action' => "throttle",
299	'maxRequestsCrawlers' => "960",

435	$emails = array();
436	foreach($dat as $email){
437	if(preg_match('/\@/', $email)){
438	+ $emails[] = trim($email);
439	}
440	}
441	return $emails;

lib/wfLockedOut.php CHANGED Viewed

	@@ -14,6 +14,8 @@
14	<li><a href="<?php echo site_url(); ?>">Return to the site home page</a></li>
15	<li><a href="<?php echo admin_url(); ?>">Attempt to return to the admin login page (you may still be locked out)</a></li>
16	</ul>


17	</p>
18	<p style="font-style: italic;">Generated by Wordfence.</p>
19	</body>


14	<li><a href="<?php echo site_url(); ?>">Return to the site home page</a></li>
15	<li><a href="<?php echo admin_url(); ?>">Attempt to return to the admin login page (you may still be locked out)</a></li>
16	</ul>
17	+ <br /><br />
18	+ <?php require('wfUnlockMsg.php'); ?>
19	</p>
20	<p style="font-style: italic;">Generated by Wordfence.</p>
21	</body>

lib/wfScanEngine.php CHANGED Viewed

	@@ -415,13 +415,13 @@ class wfScanEngine {
415	for($i = 0; $i < sizeof($words); $i++){
416	if($hasher->CheckPassword($words[$i], $userDat->user_pass)){
417	$this->status(2, 'info', "Adding issue " . $shortMsg);
418	- $this->addIssue('easyPassword', $level, $~~user~~->ID, $~~user~~->ID . '-' . $userDat->user_pass, $shortMsg, $longMsg, array(
419	- 'ID' => $~~user~~->ID,
420	'user_login' => $userDat->user_login,
421	'user_email' => $userDat->user_email,
422	'first_name' => $userDat->first_name,
423	'last_name' => $userDat->last_name,
424	- 'editUserLink' => wfUtils::editUserLink($~~user~~->ID)
425	));
426	break;
427	}
	@@ -453,6 +453,10 @@ class wfScanEngine {
453
454	}
455	private function scanDNSChanges(){




456	$this->status(2, 'info', "Starting DNS checks");
457	$home = get_home_url();
458	if(preg_match('/https?:\/\/([^\/]+)/i', $home, $matches)){


415	for($i = 0; $i < sizeof($words); $i++){
416	if($hasher->CheckPassword($words[$i], $userDat->user_pass)){
417	$this->status(2, 'info', "Adding issue " . $shortMsg);
418	+ $this->addIssue('easyPassword', $level, $userDat->ID, $userDat->ID . '-' . $userDat->user_pass, $shortMsg, $longMsg, array(
419	+ 'ID' => $userDat->ID,
420	'user_login' => $userDat->user_login,
421	'user_email' => $userDat->user_email,
422	'first_name' => $userDat->first_name,
423	'last_name' => $userDat->last_name,
424	+ 'editUserLink' => wfUtils::editUserLink($userDat->ID)
425	));
426	break;
427	}

453
454	}
455	private function scanDNSChanges(){
456	+ if(! function_exists('dns_get_record')){
457	+ $this->status(1, 'info', "Skipping DNS scan because this system does not support dns_get_record()");
458	+ return;
459	+ }
460	$this->status(2, 'info', "Starting DNS checks");
461	$home = get_home_url();
462	if(preg_match('/https?:\/\/([^\/]+)/i', $home, $matches)){

lib/wfUnlockMsg.php ADDED Viewed

	@@ -0,0 +1,6 @@


1	+ If you are a site administrator and have been accidentally locked out, please enter your email in the box below and click "Send". If the email address you enter belongs to a known site administrator or someone set to receive Wordfence alerts, we will send you an email to help you regain access.
2	+ <br /><br />
3	+ <form method="POST" action="<?php echo wfUtils::getSiteBaseURL(); ?>?_wfsf=unlockEmail&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>">
4	+ <input type="text" size="50" name="email" value="" maxlength="255" /> <input type="submit" name="s" value="Send me an unlock email" />
5	+ </form>
6	+ <br /><br />

lib/wfUtils.php CHANGED Viewed

@@ -149,6 +149,22 @@ class wfUtils {
+            		}
             		return false;
+            	}
+            }


149	}
150	return false;
151	}
152	+ public static function getSiteBaseURL(){
153	+ return rtrim(site_url(), '/') . '/';
154	+ }
155	+ public static function myVersion(){
156	+ if(! function_exists( 'get_plugin_data')){
157	+ require_once ABSPATH . '/wp-admin/includes/plugin.php';
158	+ }
159	+ $file = dirname(__FILE__) . '/../wordfence.php';
160	+ if(is_file($file)){
161	+ $dat = get_plugin_data($file);
162	+ if(is_array($dat)){
163	+ return $dat['Version'];
164	+ }
165	+ }
166	+ return 'unknown';
167	+ }
168	}
169
170

lib/wordfenceClass.php CHANGED Viewed

@@ -159,7 +159,6 @@ class wordfence {
             		add_action('wp_logout','wordfence::logoutAction');
             		add_action('profile_update', 'wordfence::profileUpdateAction', '99', 2);
             		add_action('lostpassword_post', 'wordfence::lostPasswordPost', '1');
-            -
            		add_action('login_form', 'wordfence::loginForm', '1');
             		add_filter('pre_comment_approved', 'wordfence::preCommentApprovedFilter', '99', 2);
             		add_filter('authenticate', 'wordfence::authenticateFilter', 99, 3);
             		//html|xhtml|atom|rss2|rdf|comment|export
@@ -244,6 +243,86 @@ class wordfence {
             		return self::getLog()->isIPLockedOut($IP);
+            	}
             	public static function veryFirstAction(){
             		$wfLog = self::getLog();
             		$wfLog->firewallBadIPs();
+            	}
@@ -355,7 +434,7 @@ class wordfence {
+            		}
+            	}
             	public static function ajax_sendActivityLog_callback(){
-            -
            		$content = "SITE: " . site_url() . "\nWP VERSION: " . wfUtils::getWPVersion() . "\nAPI KEY: " . wfConfig::get('apiKey') . "\nADMIN EMAIL: " . get_option('admin_email') . "\nLOG:\n\n";
             		$wfdb = new wfDB();
             		global $wpdb;
             		$p = $wpdb->base_prefix;
@@ -801,6 +880,7 @@ class wordfence {
             		return false;
+            	}
             	public static function templateRedir(){
             		$wfLog = self::getLog();
             		if($wfLog->logHitOK()){
             			if(is_404() ){
@@ -814,7 +894,6 @@ class wordfence {
+            			}
+            		}
-            -
            		$wfFunc = get_query_var('_wfsf');
             		if(! ($wfFunc == 'diff' || $wfFunc == 'view' || $wfFunc == 'sysinfo' || $wfFunc == 'IPTraf')){
             			return;
+            		}
@@ -991,7 +1070,8 @@ class wordfence {
             		wp_enqueue_script('wordfenceAdminjs', wfUtils::getBaseURL() . 'js/admin.js', array('jquery'));
             		wp_localize_script('wordfenceAdminjs', 'WordfenceAdminVars', array(
             			'ajaxURL' => admin_url('admin-ajax.php'),
-            -
            			'firstNonce' => wp_create_nonce('wp-ajax')
             			));
+            	}
@@ -1128,8 +1208,5 @@ class wordfence {
+            		}
             		return self::$wfLog;
+            	}
-            -
            	public static function loginForm(){
-            -
            		echo "<p><a href='http://www.wordfence.com/' target='_blank'>WordPress Security powered by Wordfence</a><br /><br /><br /></p>";
-            -
            	}
+            }
             ?>


159	add_action('wp_logout','wordfence::logoutAction');
160	add_action('profile_update', 'wordfence::profileUpdateAction', '99', 2);
161	add_action('lostpassword_post', 'wordfence::lostPasswordPost', '1');

162	add_filter('pre_comment_approved', 'wordfence::preCommentApprovedFilter', '99', 2);
163	add_filter('authenticate', 'wordfence::authenticateFilter', 99, 3);
164	//html\|xhtml\|atom\|rss2\|rdf\|comment\|export

243	return self::getLog()->isIPLockedOut($IP);
244	}
245	public static function veryFirstAction(){
246	+ $wfFunc = $_GET['_wfsf'];
247	+ if($wfFunc == 'unlockEmail'){
248	+ if(! wp_verify_nonce($_GET['nonce'], 'wp-ajax')){
249	+ echo "Security token verification failed.";
250	+ exit();
251	+ }
252	+ $email = trim($_POST['email']);
253	+ global $wpdb;
254	+ $ws = $wpdb->get_results("SELECT ID, user_login FROM $wpdb->users");
255	+ $users = array();
256	+ foreach($ws as $user){
257	+ if($user->user_level > 7){
258	+ if($email == $user->user_email){
259	+ $found = true;
260	+ break;
261	+ }
262	+ }
263	+ }
264	+ if(! $found){
265	+ foreach(wfConfig::getAlertEmails() as $alertEmail){
266	+ if($alertEmail == $email){
267	+ $found = true;
268	+ break;
269	+ }
270	+ }
271	+ }
272	+ if($found){
273	+ $key = wfUtils::bigRandomHex();
274	+ $IP = wfUtils::getIP();
275	+ set_transient('wfunlock_' . $key, $IP, 1800);
276	+ $content = wfUtils::tmpl('email_unlockRequest.php', array(
277	+ 'siteName' => get_bloginfo('name', 'raw'),
278	+ 'siteURL' => wfUtils::getSiteBaseURL(),
279	+ 'unlockHref' => wfUtils::getSiteBaseURL() . '?_wfsf=unlockAccess&nonce=' . wp_create_nonce('wp-unlock') . '&key=' . $key,
280	+ 'key' => $key,
281	+ 'IP' => $IP
282	+ ));
283	+ wp_mail($email, "Unlock email requested", $content, "Content-Type: text/html");
284	+ }
285	+ echo "<html><body><h1>Your request was received</h1><p>We received a request to email \"$email\" instructions to unlock their access. If that is the email address of a site administrator or someone on the Wordfence alert list, then they have been emailed instructions on how to regain access to this sytem. The instructions we sent will expire 30 minutes from now.</body></html>";
286	+ exit();
287	+ } else if($wfFunc == 'unlockAccess'){
288	+ if(! wp_verify_nonce($_GET['nonce'], 'wp-unlock')){
289	+ echo "Security token verification failed.";
290	+ exit();
291	+ }
292	+ if(! preg_match('/^\d+\.\d+\.\d+\.\d+$/', get_transient('wfunlock_' . $_GET['key']))){
293	+ echo "Invalid key provided for authentication.";
294	+ exit();
295	+ }
296	+ /* You can enable this for paranoid security leve.
297	+ if(get_transient('wfunlock_' . $_GET['key']) != wfUtils::getIP()){
298	+ echo "You can only use this link from the IP address you used to generate the unlock email.";
299	+ exit();
300	+ }
301	+ */
302	+ $wfLog = new wfLog(wfConfig::get('apiKey'), wfUtils::getWPVersion());
303	+ if($_GET['func'] == 'unlockMyIP'){
304	+ $wfLog->unblockIP(wfUtils::getIP());
305	+ $wfLog->unlockOutIP(wfUtils::getIP());
306	+ header('Location: ' . wp_login_url());
307	+ exit();
308	+ } else if($_GET['func'] == 'unlockAllIPs'){
309	+ $wfLog->unblockAllIPs();
310	+ $wfLog->unlockAllIPs();
311	+ header('Location: ' . wp_login_url());
312	+ exit();
313	+ } else if($_GET['func'] == 'disableRules'){
314	+ wfConfig::set('firewallEnabled', 0);
315	+ wfConfig::set('loginSecurityEnabled', 0);
316	+ $wfLog->unblockAllIPs();
317	+ $wfLog->unlockAllIPs();
318	+ header('Location: ' . wp_login_url());
319	+ exit();
320	+ } else {
321	+ echo "Invalid function specified. Please check the link we emailed you and make sure it was not cut-off by your email reader.";
322	+ exit();
323	+ }
324	+ }
325	+
326	$wfLog = self::getLog();
327	$wfLog->firewallBadIPs();
328	}

434	}
435	}
436	public static function ajax_sendActivityLog_callback(){
437	+ $content = "SITE: " . site_url() . "\nPLUGIN VERSION: " . wfUtils::myVersion() . "\nWP VERSION: " . wfUtils::getWPVersion() . "\nAPI KEY: " . wfConfig::get('apiKey') . "\nADMIN EMAIL: " . get_option('admin_email') . "\nLOG:\n\n";
438	$wfdb = new wfDB();
439	global $wpdb;
440	$p = $wpdb->base_prefix;

880	return false;
881	}
882	public static function templateRedir(){
883	+ $wfFunc = get_query_var('_wfsf');
884	$wfLog = self::getLog();
885	if($wfLog->logHitOK()){
886	if(is_404() ){

894	}
895	}
896

897	if(! ($wfFunc == 'diff' \|\| $wfFunc == 'view' \|\| $wfFunc == 'sysinfo' \|\| $wfFunc == 'IPTraf')){
898	return;
899	}

1070	wp_enqueue_script('wordfenceAdminjs', wfUtils::getBaseURL() . 'js/admin.js', array('jquery'));
1071	wp_localize_script('wordfenceAdminjs', 'WordfenceAdminVars', array(
1072	'ajaxURL' => admin_url('admin-ajax.php'),
1073	+ 'firstNonce' => wp_create_nonce('wp-ajax'),
1074	+ 'siteBaseURL' => wfUtils::getSiteBaseURL()
1075	));
1076
1077	}

1208	}
1209	return self::$wfLog;
1210	}



1211	}
1212	?>

readme.txt CHANGED Viewed

	@@ -3,7 +3,7 @@ Contributors: mmaunder
3	Tags: wordpress, security, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure
4	Requires at least: 3.3.1
5	Tested up to: 3.3.2
6	- Stable tag: 1.5.4
7
8	Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
9
	@@ -152,6 +152,21 @@ or a theme, because often these have been updated to fix a security hole.
152	5. If you're technically minded, this is the under-the-hood view of Wordfence options where you can fine-tune your security settings.
153
154	== Changelog ==















155	= 1.5.4 =
156	* Admin can now select to scan outside the WordPress base dir and standard WordPress directories.
157	* Max memory size for scans is now configurable for larger installations. 256M is the default.


3	Tags: wordpress, security, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure
4	Requires at least: 3.3.1
5	Tested up to: 3.3.2
6	+ Stable tag: 1.5.5
7
8	Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
9

152	5. If you're technically minded, this is the under-the-hood view of Wordfence options where you can fine-tune your security settings.
153
154	== Changelog ==
155	+ = 1.5.5 =
156	+ * Added ability for admin's to unlock login and unblock their IP addresses if they're accidentally locked out by the firewall or login security. Uses two security tokens to prevent abuse.
157	+ * Admins can now also disable firewall and login security from the unlock-me email, just in case of emergency.
158	+ * Made advanced options visible so you know they exist.
159	+ * Fixed dns_get_record() function not existing bug on Windows sytems pre PHP 5.3.0. Was causing scans to hang.
160	+ * Increased login lockout defaults to be much higher which still protects against brute force hacks.
161	+ * Removed CURLOPT_MAXREDIRS in curl to avoid safe mode warnings.
162	+ * Fixed ability to view and diff files on blogs installed in subdirectories.
163	+ * Fixed ability to see individual IP hits on subdir sites.
164	+ * Plugin and theme update messages now include links to the upgrade page.
165	+ * Removed the link on the login form that mentions the site is protected by Wordfence.
166	+ * Changed lockout defaults to be much higher.
167	+ * Added options for higher number of failures before lockout in options page.
168	+ * Now including plugin version in the activity log when the admin chooses to email it to us for debugging.
169	+
170	= 1.5.4 =
171	* Admin can now select to scan outside the WordPress base dir and standard WordPress directories.
172	* Max memory size for scans is now configurable for larger installations. 256M is the default.

wordfence.php CHANGED Viewed

	@@ -2,9 +2,9 @@
2	/*
3	Plugin Name: Wordfence Security
4	Plugin URI: http://wordfence.com/
5	- Description: ~~WordPress~~ Security - Anti-virus and Firewall security plugin for WordPress
6	Author: Mark Maunder
7	- Version: 1.5.4
8	Author URI: http://wordfence.com/
9	*/
10	require_once('lib/wordfenceConstants.php');


2	/*
3	Plugin Name: Wordfence Security
4	Plugin URI: http://wordfence.com/
5	+ Description: Wordfence Security - Anti-virus and Firewall security plugin for WordPress
6	Author: Mark Maunder
7	+ Version: 1.5.5
8	Author URI: http://wordfence.com/
9	*/
10	require_once('lib/wordfenceConstants.php');

Wordfence Security – Firewall & Malware Scan - Version 1.5.5

Version Description

Release Info

Code changes from version 1.5.4 to 1.5.5