Wordfence Security – Firewall & Malware Scan - Version 3.2.6

Version Description

  • Paid feature: Remote site vulnerability and infection scanning.
Download this release

Release Info

Developer mmaunder
Plugin Icon 128x128 Wordfence Security – Firewall & Malware Scan
Version 3.2.6
Comparing to
See all releases

Code changes from version 3.2.5 to 3.2.6

lib/menu_options.php CHANGED
@@ -70,6 +70,11 @@ var WFSLevels = <?php echo json_encode(wfConfig::$securityLevels); ?>;
70
<div class="wfMarker" id="wfMarkerScansToInclude"></div>
71
<h3 class="wfConfigHeading">Scans to include</h3></td></tr>
72
<tr><th class="wfConfigEnable">Enable automatic scheduled scans</th><td><input type="checkbox" id="scheduledScansEnabled" class="wfConfigElem" name="scheduledScansEnabled" value="1" <?php $w->cb('scheduledScansEnabled'); ?> /></td></tr>
73
<tr><th>Scan core files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_core" class="wfConfigElem" name="scansEnabled_core" value="1" <?php $w->cb('scansEnabled_core'); ?>/></td></tr>
74
75
<tr><th>Scan theme files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_themes" class="wfConfigElem" name="scansEnabled_themes" value="1" <?php $w->cb('scansEnabled_themes'); ?>/></td></tr>
70
<div class="wfMarker" id="wfMarkerScansToInclude"></div>
71
<h3 class="wfConfigHeading">Scans to include</h3></td></tr>
72
<tr><th class="wfConfigEnable">Enable automatic scheduled scans</th><td><input type="checkbox" id="scheduledScansEnabled" class="wfConfigElem" name="scheduledScansEnabled" value="1" <?php $w->cb('scheduledScansEnabled'); ?> /></td></tr>
73
+ <?php if(wfConfig::get('isPaid')){ ?>
74
+ <tr><th>Scan public facing site for vulnerabilities?</th><td><input type="checkbox" id="scansEnabled_public" class="wfConfigElem" name="scansEnabled_public" value="1" <?php $w->cb('scansEnabled_public'); ?></td></tr>
75
+ <?php } else { ?>
76
+ <tr><th style="color: #F00;">Scan public facing site for vulnerabilities? (<a href="https://www.wordfence.com/choose-a-wordfence-membership-type/?s2-ssl=yes" target="_blank">Paid members only</a>)</th><td><input type="checkbox" id="scansEnabled_public" class="wfConfigElem" name="scansEnabled_public" value="1" DISABLED ?></td></tr>
77
+ <?php } ?>
78
<tr><th>Scan core files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_core" class="wfConfigElem" name="scansEnabled_core" value="1" <?php $w->cb('scansEnabled_core'); ?>/></td></tr>
79
80
<tr><th>Scan theme files against repository versions for changes</th><td><input type="checkbox" id="scansEnabled_themes" class="wfConfigElem" name="scansEnabled_themes" value="1" <?php $w->cb('scansEnabled_themes'); ?>/></td></tr>
lib/menu_scan.php CHANGED
@@ -503,6 +503,74 @@
503
</div>
504
</div>
505
</script>
506
<script type="text/x-jquery-template" id="wfNoScanYetTmpl">
507
<div>
508
<table class="wfSummaryParent" cellpadding="0" cellspacing="0">
503
</div>
504
</div>
505
</script>
506
+ <script type="text/x-jquery-template" id="issueTmpl_pubBadURLs">
507
+ <div>
508
+ <div class="wfIssue">
509
+ <h2>${shortMsg}</h2>
510
+ <p>
511
+ <table border="0" class="wfIssue" cellspacing="0" cellpadding="0">
512
+ <tr><th>Severity:</th><td>{{if severity == '1'}}Critical{{else}}Warning{{/if}}</td></tr>
513
+ <tr><th>Status</th><td>
514
+ {{if status == 'new' }}New{{/if}}
515
+ {{if status == 'ignoreC' }}These bad URLs will be ignored until they change.{{/if}}
516
+ {{if status == 'ignoreP' }}These bad URLs will be permanently ignored.{{/if}}
517
+ </td></tr>
518
+ </table>
519
+ </p>
520
+ <p>
521
+ {{html longMsg}}
522
+ </p>
523
+ <div class="wfIssueOptions">
524
+ {{if status == 'new'}}
525
+ <strong>Resolve:</strong>
526
+ <a href="#" onclick="WFAD.updateIssueStatus('${id}', 'delete'); return false;">I have fixed this issue</a>
527
+ <a href="#" onclick="WFAD.updateIssueStatus('${id}', 'ignoreC'); return false;">Ignore these URLs until they change.</a>
528
+ <a href="#" onclick="WFAD.updateIssueStatus('${id}', 'ignoreP'); return false;">Ignore these URLs permanently</a>
529
+ {{/if}}
530
+ {{if status == 'ignoreP' || status == 'ignoreC'}}
531
+ <a href="#" onclick="WFAD.updateIssueStatus('${id}', 'delete'); return false;">Stop ignoring this issue</a>
532
+ {{/if}}
533
+ </div>
534
+ </div>
535
+ </div>
536
+ </script>
537
+
538
+
539
+ <script type="text/x-jquery-template" id="issueTmpl_pubDomainRedir">
540
+ <div>
541
+ <div class="wfIssue">
542
+ <h2>${shortMsg}</h2>
543
+ <p>
544
+ <table border="0" class="wfIssue" cellspacing="0" cellpadding="0">
545
+ <tr><th>Severity:</th><td>{{if severity == '1'}}Critical{{else}}Warning{{/if}}</td></tr>
546
+ <tr><th>Status</th><td>
547
+ {{if status == 'new' }}New{{/if}}
548
+ {{if status == 'ignoreC' }}This redirect will be ignored until it changes.{{/if}}
549
+ {{if status == 'ignoreP' }}This redirect is permanently ignored.{{/if}}
550
+ </td></tr>
551
+ </table>
552
+ </p>
553
+ <p>
554
+ {{html longMsg}}
555
+ </p>
556
+ <div class="wfIssueOptions">
557
+ {{if status == 'new'}}
558
+ <strong>Resolve:</strong>
559
+ <a href="#" onclick="WFAD.updateIssueStatus('${id}', 'delete'); return false;">I have fixed this issue</a>
560
+ <a href="#" onclick="WFAD.updateIssueStatus('${id}', 'ignoreC'); return false;">Ignore this redirect until it changes</a>
561
+ <a href="#" onclick="WFAD.updateIssueStatus('${id}', 'ignoreP'); return false;">Ignore any redirect like this permanently</a>
562
+ {{/if}}
563
+ {{if status == 'ignoreP' || status == 'ignoreC'}}
564
+ <a href="#" onclick="WFAD.updateIssueStatus('${id}', 'delete'); return false;">Stop ignoring this issue</a>
565
+ {{/if}}
566
+ </div>
567
+ </div>
568
+ </div>
569
+ </script>
570
+
571
+
572
+
573
+
574
<script type="text/x-jquery-template" id="wfNoScanYetTmpl">
575
<div>
576
<table class="wfSummaryParent" cellpadding="0" cellspacing="0">
lib/wfConfig.php CHANGED
@@ -19,6 +19,7 @@ class wfConfig {
19
"liveTrafficEnabled" => true,
20
"liveTraf_ignorePublishers" => true,
21
"scheduledScansEnabled" => false,
22
"scansEnabled_core" => false,
23
"scansEnabled_themes" => false,
24
"scansEnabled_plugins" => false,
@@ -81,6 +82,7 @@ class wfConfig {
81
"liveTrafficEnabled" => true,
82
"liveTraf_ignorePublishers" => true,
83
"scheduledScansEnabled" => true,
84
"scansEnabled_core" => true,
85
"scansEnabled_themes" => false,
86
"scansEnabled_plugins" => false,
@@ -143,6 +145,7 @@ class wfConfig {
143
"liveTrafficEnabled" => true,
144
"liveTraf_ignorePublishers" => true,
145
"scheduledScansEnabled" => true,
146
"scansEnabled_core" => true,
147
"scansEnabled_themes" => false,
148
"scansEnabled_plugins" => false,
@@ -205,6 +208,7 @@ class wfConfig {
205
"liveTrafficEnabled" => true,
206
"liveTraf_ignorePublishers" => true,
207
"scheduledScansEnabled" => true,
208
"scansEnabled_core" => true,
209
"scansEnabled_themes" => false,
210
"scansEnabled_plugins" => false,
@@ -267,6 +271,7 @@ class wfConfig {
267
"liveTrafficEnabled" => true,
268
"liveTraf_ignorePublishers" => true,
269
"scheduledScansEnabled" => true,
270
"scansEnabled_core" => true,
271
"scansEnabled_themes" => false,
272
"scansEnabled_plugins" => false,
19
"liveTrafficEnabled" => true,
20
"liveTraf_ignorePublishers" => true,
21
"scheduledScansEnabled" => false,
22
+ "scansEnabled_public" => false,
23
"scansEnabled_core" => false,
24
"scansEnabled_themes" => false,
25
"scansEnabled_plugins" => false,
82
"liveTrafficEnabled" => true,
83
"liveTraf_ignorePublishers" => true,
84
"scheduledScansEnabled" => true,
85
+ "scansEnabled_public" => false,
86
"scansEnabled_core" => true,
87
"scansEnabled_themes" => false,
88
"scansEnabled_plugins" => false,
145
"liveTrafficEnabled" => true,
146
"liveTraf_ignorePublishers" => true,
147
"scheduledScansEnabled" => true,
148
+ "scansEnabled_public" => false,
149
"scansEnabled_core" => true,
150
"scansEnabled_themes" => false,
151
"scansEnabled_plugins" => false,
208
"liveTrafficEnabled" => true,
209
"liveTraf_ignorePublishers" => true,
210
"scheduledScansEnabled" => true,
211
+ "scansEnabled_public" => false,
212
"scansEnabled_core" => true,
213
"scansEnabled_themes" => false,
214
"scansEnabled_plugins" => false,
271
"liveTrafficEnabled" => true,
272
"liveTraf_ignorePublishers" => true,
273
"scheduledScansEnabled" => true,
274
+ "scansEnabled_public" => false,
275
"scansEnabled_core" => true,
276
"scansEnabled_themes" => false,
277
"scansEnabled_plugins" => false,
lib/wfScanEngine.php CHANGED
@@ -25,6 +25,7 @@ class wfScanEngine {
25
private $malwareScanEnabled = false;
26
private $pluginScanEnabled = false;
27
private $coreScanEnabled = false;
28
private $themeScanEnabled = false;
29
private $unknownFiles = "";
30
private $fileContentsResults = false;
@@ -41,7 +42,7 @@ class wfScanEngine {
41
private $userPasswdQueue = "";
42
private $passwdHasIssues = false;
43
public function __sleep(){ //Same order here as above for properties that are included in serialization
44
- return array('hasher', 'hashes', 'jobList', 'i', 'wp_version', 'apiKey', 'startTime', 'scanStep', 'maxExecTime', 'malwareScanEnabled', 'pluginScanEnabled', 'coreScanEnabled', 'themeScanEnabled', 'unknownFiles', 'fileContentsResults', 'scanner', 'scanQueue', 'hoover', 'scanData', 'statusIDX', 'userPasswdQueue', 'passwdHasIssues');
45
}
46
public function __construct(){
47
$this->startTime = time();
@@ -53,6 +54,7 @@ class wfScanEngine {
53
$this->api = new wfAPI($this->apiKey, $this->wp_version);
54
include('wfDict.php'); //$dictWords
55
$this->dictWords = $dictWords;
56
foreach(array('init', 'main', 'finish') as $op){ $this->jobList[] = 'knownFiles_' . $op; };
57
foreach(array('fileContents', 'posts', 'comments', 'passwds', 'dns', 'diskSpace', 'oldVersions') as $scanType){
58
if(wfConfig::get('scansEnabled_' . $scanType)){
@@ -127,6 +129,30 @@ class wfScanEngine {
127
public function getCurrentJob(){
128
return $this->jobList[0];
129
}
130
private function scan_knownFiles_init(){
131
$this->status(1, 'info', "Contacting Wordfence to initiate scan");
132
$this->api->call('log_scan', array(), array());
25
private $malwareScanEnabled = false;
26
private $pluginScanEnabled = false;
27
private $coreScanEnabled = false;
28
+ private $publicScanEnabled = false;
29
private $themeScanEnabled = false;
30
private $unknownFiles = "";
31
private $fileContentsResults = false;
42
private $userPasswdQueue = "";
43
private $passwdHasIssues = false;
44
public function __sleep(){ //Same order here as above for properties that are included in serialization
45
+ return array('hasher', 'hashes', 'jobList', 'i', 'wp_version', 'apiKey', 'startTime', 'scanStep', 'maxExecTime', 'publicScanEnabled', 'malwareScanEnabled', 'pluginScanEnabled', 'coreScanEnabled', 'themeScanEnabled', 'unknownFiles', 'fileContentsResults', 'scanner', 'scanQueue', 'hoover', 'scanData', 'statusIDX', 'userPasswdQueue', 'passwdHasIssues');
46
}
47
public function __construct(){
48
$this->startTime = time();
54
$this->api = new wfAPI($this->apiKey, $this->wp_version);
55
include('wfDict.php'); //$dictWords
56
$this->dictWords = $dictWords;
57
+ $this->jobList[] = 'publicSite';
58
foreach(array('init', 'main', 'finish') as $op){ $this->jobList[] = 'knownFiles_' . $op; };
59
foreach(array('fileContents', 'posts', 'comments', 'passwds', 'dns', 'diskSpace', 'oldVersions') as $scanType){
60
if(wfConfig::get('scansEnabled_' . $scanType)){
129
public function getCurrentJob(){
130
return $this->jobList[0];
131
}
132
+ private function scan_publicSite(){
133
+ if(wfConfig::get('isPaid')){
134
+ if(wfConfig::get('scansEnabled_public')){
135
+ $this->publicScanEnabled = true;
136
+ $this->statusIDX['public'] = wordfence::statusStart("Doing Remote Scan of public site for problems");
137
+ $result = $this->api->call('scan_public_site', array(), array(
138
+ 'siteURL' => site_url()
139
+ ));
140
+ $haveIssues = false;
141
+ if($result['haveIssues'] && is_array($result['issues']) ){
142
+ foreach($result['issues'] as $issue){
143
+ $this->addIssue($issue['type'], $issue['level'], $issue['ignoreP'], $issue['ignoreC'], $issue['shortMsg'], $issue['longMsg'], $issue['data']);
144
+ $haveIssues = true;
145
+ }
146
+ }
147
+ wordfence::statusEnd($this->statusIDX['public'], $haveIssues);
148
+ } else {
149
+ wordfence::statusDisabled("Skipping remote scan of public site for problems");
150
+ }
151
+ } else {
152
+ wordfence::statusPaidOnly("Remote scan of public facing site only available to paid members");
153
+ sleep(2); //enough time to read the message before it scrolls off.
154
+ }
155
+ }
156
private function scan_knownFiles_init(){
157
$this->status(1, 'info', "Contacting Wordfence to initiate scan");
158
$this->api->call('log_scan', array(), array());
lib/wordfenceConstants.php CHANGED
@@ -1,5 +1,5 @@
1
<?php
2
- define('WORDFENCE_API_VERSION', '2.2');
3
define('WORDFENCE_API_URL_SEC', 'https://noc1.wordfence.com/');
4
define('WORDFENCE_API_URL_NONSEC', 'http://noc1.wordfence.com/');
5
define('WORDFENCE_MAX_SCAN_TIME', 600);
1
<?php
2
+ define('WORDFENCE_API_VERSION', '2.3');
3
define('WORDFENCE_API_URL_SEC', 'https://noc1.wordfence.com/');
4
define('WORDFENCE_API_URL_NONSEC', 'http://noc1.wordfence.com/');
5
define('WORDFENCE_MAX_SCAN_TIME', 600);
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: mmaunder
3
Tags: wordpress, security, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure
4
Requires at least: 3.3.1
5
Tested up to: 3.4.1
6
- Stable tag: 3.2.5
7
8
Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
9
@@ -153,6 +153,9 @@ or a theme, because often these have been updated to fix a security hole.
153
5. If you're technically minded, this is the under-the-hood view of Wordfence options where you can fine-tune your security settings.
154
155
== Changelog ==
156
= 3.2.5 =
157
* Moved all attack signatures out of the plugin to prevent Wordfence being detected as malicious in a false positive.
158
3
Tags: wordpress, security, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure
4
Requires at least: 3.3.1
5
Tested up to: 3.4.1
6
+ Stable tag: 3.2.6
7
8
Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
9
153
5. If you're technically minded, this is the under-the-hood view of Wordfence options where you can fine-tune your security settings.
154
155
== Changelog ==
156
+ = 3.2.6 =
157
+ * Paid feature: Remote site vulnerability and infection scanning.
158
+
159
= 3.2.5 =
160
* Moved all attack signatures out of the plugin to prevent Wordfence being detected as malicious in a false positive.
161
wordfence.php CHANGED
@@ -4,10 +4,10 @@ Plugin Name: Wordfence Security
4
Plugin URI: http://wordfence.com/
5
Description: Wordfence Security - Anti-virus and Firewall security plugin for WordPress
6
Author: Mark Maunder
7
- Version: 3.2.5
8
Author URI: http://wordfence.com/
9
*/
10
- define('WORDFENCE_VERSION', '3.2.5');
11
if(! defined('WORDFENCE_VERSIONONLY_MODE')){
12
if((int) @ini_get('memory_limit') < 64){
13
@ini_set('memory_limit', '64M'); //Some hosts have ini set at as little as 32 megs. 64 is the min sane amount of memory.
4
Plugin URI: http://wordfence.com/
5
Description: Wordfence Security - Anti-virus and Firewall security plugin for WordPress
6
Author: Mark Maunder
7
+ Version: 3.2.6
8
Author URI: http://wordfence.com/
9
*/
10
+ define('WORDFENCE_VERSION', '3.2.6');
11
if(! defined('WORDFENCE_VERSIONONLY_MODE')){
12
if((int) @ini_get('memory_limit') < 64){
13
@ini_set('memory_limit', '64M'); //Some hosts have ini set at as little as 32 megs. 64 is the min sane amount of memory.