Wordfence Security – Firewall &amp; Malware Scan

Version Description

Fixed a major javascript bug that snuck in 2 releases ago and has disabled many features for Internet Explorer browsers.
Clarified range blocking examples.

Developer	mmaunder
Plugin	Wordfence Security – Firewall & Malware Scan
Version	3.6.4
Comparing to
See all releases

Files changed (4) hide show

js/admin.js CHANGED Viewed

	@@ -1,4 +1,4 @@
1	- if(! window['wordfenceAdmin']){
2	window['wordfenceAdmin'] = {
3	loading16: '<div class="wfLoading16"></div>',
4	loadingCount: 0,
	@@ -911,7 +911,7 @@ window['wordfenceAdmin'] = {
911	jQuery('#whoisbutton').attr('disabled', 'disabled');
912	jQuery('#whoisbutton').attr('value', 'Loading...');
913	this.ajax('wordfence_whois', {
914	- val: val,
915	}, function(res){
916	jQuery('#whoisbutton').removeAttr('disabled');
917	jQuery('#whoisbutton').attr('value', 'Look up IP or Domain');
	@@ -931,7 +931,7 @@ window['wordfenceAdmin'] = {
931	redStyle = " style=\"color: #F00;\"";
932	}
933	var self = this;
934	- function wfm21(str, ipRange, offset, ~~str~~){
935	var ips = ipRange.split(/\s\-\s/);
936	var ip1num = self.inet_aton(ips[0]);
937	var ip2num = self.inet_aton(ips[1]);
	@@ -967,7 +967,7 @@ window['wordfenceAdmin'] = {
967	this.ajax('wordfence_blockIPUARange', {
968	ipRange: ipRange,
969	uaRange: uaRange,
970	- reason: reason,
971	}, function(res){
972	if(res.ok){
973	self.loadBlockRanges();
	@@ -1273,7 +1273,7 @@ window['wordfenceAdmin'] = {
1273	},
1274	inet_aton: function(dot) {
1275	var d = dot.split('.');
1276	- return ((((((+d[0])256)+(+d[1]))256)+(+d[2]))*256)+(+d[3]);i
1277	},
1278	inet_ntoa: function(num){
1279	var d = num % 256;


1	+ if(! window['wordfenceAdmin']){ //To compile for checking: java -jar /usr/local/bin/closure.jar --js=admin.js --js_output_file=test.js
2	window['wordfenceAdmin'] = {
3	loading16: '<div class="wfLoading16"></div>',
4	loadingCount: 0,

911	jQuery('#whoisbutton').attr('disabled', 'disabled');
912	jQuery('#whoisbutton').attr('value', 'Loading...');
913	this.ajax('wordfence_whois', {
914	+ val: val
915	}, function(res){
916	jQuery('#whoisbutton').removeAttr('disabled');
917	jQuery('#whoisbutton').attr('value', 'Look up IP or Domain');

931	redStyle = " style=\"color: #F00;\"";
932	}
933	var self = this;
934	+ function wfm21(str, ipRange, offset, totalStr){
935	var ips = ipRange.split(/\s\-\s/);
936	var ip1num = self.inet_aton(ips[0]);
937	var ip2num = self.inet_aton(ips[1]);

967	this.ajax('wordfence_blockIPUARange', {
968	ipRange: ipRange,
969	uaRange: uaRange,
970	+ reason: reason
971	}, function(res){
972	if(res.ok){
973	self.loadBlockRanges();

1273	},
1274	inet_aton: function(dot) {
1275	var d = dot.split('.');
1276	+ return ((((((+d[0])256)+(+d[1]))256)+(+d[2]))*256)+(+d[3]);
1277	},
1278	inet_ntoa: function(num){
1279	var d = num % 256;

lib/menu_rangeBlocking.php CHANGED Viewed

	@@ -17,7 +17,7 @@
17	<tr><th>Block anyone that has an IP address in this range:</th><td><input id="ipRange" type="text" size="30" maxlength="255" value="<?php if($_GET['wfBlockRange']){ echo $_GET['wfBlockRange']; } ?>" onkeyup="WFAD.calcRangeTotal();"> <span id="wfShowRangeTotal"></span></td></tr>
18	<tr><td></td><td style="padding-bottom: 15px;"><strong>Examples:</strong> 192.168.200.200 - 192.168.200.220</td></tr>
19	<tr><th>...you can also enter a User-Agent (browser) that matches:</th><td><input id="uaRange" type="text" size="30" maxlength="255" > (Case insensitive)</td></tr>
20	- <tr><td></td><td style="padding-bottom: 15px;"><strong>Examples:</strong> ~~containsBadRobot~~, ~~startsWithBadRobot~~, ~~endsWithBadRobot~~</td></tr>
21	<tr><th>Enter a reason you're blocking this visitor pattern:</th><td><input id="wfReason" type="text" size="30" maxlength="255"></td></tr>
22	<tr><td></td><td style="padding-bottom: 15px;"><strong>Why a reason:</strong> The reason you specify above is for your own record keeping.</td></tr>
23	<tr><td colspan="2" style="padding-top: 15px;">


17	<tr><th>Block anyone that has an IP address in this range:</th><td><input id="ipRange" type="text" size="30" maxlength="255" value="<?php if($_GET['wfBlockRange']){ echo $_GET['wfBlockRange']; } ?>" onkeyup="WFAD.calcRangeTotal();"> <span id="wfShowRangeTotal"></span></td></tr>
18	<tr><td></td><td style="padding-bottom: 15px;"><strong>Examples:</strong> 192.168.200.200 - 192.168.200.220</td></tr>
19	<tr><th>...you can also enter a User-Agent (browser) that matches:</th><td><input id="uaRange" type="text" size="30" maxlength="255" > (Case insensitive)</td></tr>
20	+ <tr><td></td><td style="padding-bottom: 15px;"><strong>Examples:</strong> badRobot, AnotherBadRobot, someKindOfSuffix</td></tr>
21	<tr><th>Enter a reason you're blocking this visitor pattern:</th><td><input id="wfReason" type="text" size="30" maxlength="255"></td></tr>
22	<tr><td></td><td style="padding-bottom: 15px;"><strong>Why a reason:</strong> The reason you specify above is for your own record keeping.</td></tr>
23	<tr><td colspan="2" style="padding-top: 15px;">

readme.txt CHANGED Viewed

	@@ -3,7 +3,7 @@ Contributors: mmaunder
3	Tags: wordpress, security, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure
4	Requires at least: 3.3.1
5	Tested up to: 3.5.1
6	- Stable tag: 3.6.3
7
8	Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
9
	@@ -155,7 +155,11 @@ or a theme, because often these have been updated to fix a security hole.
155
156	== Changelog ==
157
158	- =3.6.3 =




159	* Fixed 'max_user_connections' issue.
160	* Wordfence now uses WordPress's WPDB and this halves the number of DB connections Wordfence establishes to your DB.
161	* Wordfence is now HyperDB compatible.


3	Tags: wordpress, security, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure
4	Requires at least: 3.3.1
5	Tested up to: 3.5.1
6	+ Stable tag: 3.6.4
7
8	Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
9

155
156	== Changelog ==
157
158	+ = 3.6.4 =
159	+ * Fixed a major javascript bug that snuck in 2 releases ago and has disabled many features for Internet Explorer browsers.
160	+ * Clarified range blocking examples.
161	+
162	+ = 3.6.3 =
163	* Fixed 'max_user_connections' issue.
164	* Wordfence now uses WordPress's WPDB and this halves the number of DB connections Wordfence establishes to your DB.
165	* Wordfence is now HyperDB compatible.

wordfence.php CHANGED Viewed

	@@ -4,10 +4,10 @@ Plugin Name: Wordfence Security
4	Plugin URI: http://www.wordfence.com/
5	Description: Wordfence Security - Anti-virus and Firewall security plugin for WordPress
6	Author: Mark Maunder
7	- Version: 3.6.3
8	Author URI: http://www.wordfence.com/
9	*/
10	- define('WORDFENCE_VERSION', '3.6.3');
11	if(get_option('wordfenceActivated') != 1){
12	add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
13	}


4	Plugin URI: http://www.wordfence.com/
5	Description: Wordfence Security - Anti-virus and Firewall security plugin for WordPress
6	Author: Mark Maunder
7	+ Version: 3.6.4
8	Author URI: http://www.wordfence.com/
9	*/
10	+ define('WORDFENCE_VERSION', '3.6.4');
11	if(get_option('wordfenceActivated') != 1){
12	add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
13	}