Version Description
- Added option to change AJAX polling frequency
- Fixed issue that caused whitelisted IP's to not be whitelisted.
- Added code that prevents blocking of Wordfence's API server (or Wordfence will cease to function)
- Added link at bottom of 'options' page to test connectivity to our API servers.
- Include any CURL error numbers in error reporting.
- Fixed issue that caused IP range blocking to not block access to login page.
- Fixed issue that caused cache files to be flagged as malicious.
Download this release
Release Info
| Developer | mmaunder |
| Plugin |  Wordfence Security – Firewall & Malware Scan |
| Version | 3.6.6 |
| Comparing to | |
| See all releases | |
Code changes from version 3.6.5 to 3.6.6
- js/admin.js +4 -7
- lib/conntest.php +70 -0
- lib/menu_options.php +2 -0
- lib/pageTitle.php +5 -3
- lib/wfAPI.php +1 -1
- lib/wfConfig.php +5 -5
- lib/wfLog.php +52 -45
- lib/wordfenceClass.php +14 -3
- lib/wordfenceScanner.php +2 -0
- readme.txt +10 -1
js/admin.js
CHANGED
|
@@ -2,7 +2,6 @@ if(! window['wordfenceAdmin']){ //To compile for checking: java -jar /usr/local/
|
|
| 2 |
window['wordfenceAdmin'] = {
|
| 3 |
loading16: '<div class="wfLoading16"></div>',
|
| 4 |
loadingCount: 0,
|
| 5 |
-
actUpdateInterval: 2000,
|
| 6 |
dbCheckTables: [],
|
| 7 |
dbCheckCount_ok: 0,
|
| 8 |
dbCheckCount_skipped: 0,
|
|
@@ -126,7 +125,7 @@ window['wordfenceAdmin'] = {
|
|
| 126 |
if(this.mode){ //We are in a Wordfence page
|
| 127 |
var self = this;
|
| 128 |
if(startTicker){
|
| 129 |
-
this.liveInt = setInterval(function(){ self.updateTicker(); },
|
| 130 |
}
|
| 131 |
jQuery(document).bind('cbox_closed', function(){ self.colorboxIsOpen = false; self.colorboxServiceQueue(); });
|
| 132 |
}
|
|
@@ -200,7 +199,7 @@ window['wordfenceAdmin'] = {
|
|
| 200 |
var self = this;
|
| 201 |
setInterval(function(){
|
| 202 |
self.updateActivityLog();
|
| 203 |
-
},
|
| 204 |
},
|
| 205 |
updateActivityLog: function(){
|
| 206 |
if(this.activityLogUpdatePending){
|
|
@@ -214,7 +213,7 @@ window['wordfenceAdmin'] = {
|
|
| 214 |
|
| 215 |
},
|
| 216 |
doneUpdateActivityLog: function(res){
|
| 217 |
-
this.actNextUpdateAt = (new Date()).getTime() +
|
| 218 |
if(res.ok){
|
| 219 |
if(res.items.length > 0){
|
| 220 |
this.activityQueue.push.apply(this.activityQueue, res.items);
|
|
@@ -226,14 +225,12 @@ window['wordfenceAdmin'] = {
|
|
| 226 |
},
|
| 227 |
processActQueue: function(currentScanID){
|
| 228 |
if(this.activityQueue.length > 0){
|
| 229 |
-
|
| 230 |
this.addActItem(this.activityQueue.shift());
|
| 231 |
this.totalActAdded++;
|
| 232 |
if(this.totalActAdded > this.maxActivityLogItems){
|
| 233 |
jQuery('#consoleActivity div:first').remove();
|
| 234 |
this.totalActAdded--;
|
| 235 |
}
|
| 236 |
-
|
| 237 |
var timeTillNextUpdate = this.actNextUpdateAt - (new Date()).getTime();
|
| 238 |
var maxRate = 50 / 1000; //Rate per millisecond
|
| 239 |
var bulkTotal = 0;
|
|
@@ -1070,7 +1067,7 @@ window['wordfenceAdmin'] = {
|
|
| 1070 |
}
|
| 1071 |
}
|
| 1072 |
for(var k in WFSLevels[level].otherParams){
|
| 1073 |
-
if(! /^(?:apiKey|securityLevel|alertEmails|liveTraf_ignoreUsers|liveTraf_ignoreIPs|liveTraf_ignoreUA|liveTraf_hitsMaxSize|maxMem|maxExecutionTime)$/.test(k)){
|
| 1074 |
jQuery('#' + k).val(WFSLevels[level].otherParams[k]);
|
| 1075 |
}
|
| 1076 |
}
|
| 2 |
window['wordfenceAdmin'] = {
|
| 3 |
loading16: '<div class="wfLoading16"></div>',
|
| 4 |
loadingCount: 0,
|
|
|
|
| 5 |
dbCheckTables: [],
|
| 6 |
dbCheckCount_ok: 0,
|
| 7 |
dbCheckCount_skipped: 0,
|
| 125 |
if(this.mode){ //We are in a Wordfence page
|
| 126 |
var self = this;
|
| 127 |
if(startTicker){
|
| 128 |
+
this.liveInt = setInterval(function(){ self.updateTicker(); }, WordfenceAdminVars.actUpdateInterval);
|
| 129 |
}
|
| 130 |
jQuery(document).bind('cbox_closed', function(){ self.colorboxIsOpen = false; self.colorboxServiceQueue(); });
|
| 131 |
}
|
| 199 |
var self = this;
|
| 200 |
setInterval(function(){
|
| 201 |
self.updateActivityLog();
|
| 202 |
+
}, parseInt(WordfenceAdminVars.actUpdateInterval));
|
| 203 |
},
|
| 204 |
updateActivityLog: function(){
|
| 205 |
if(this.activityLogUpdatePending){
|
| 213 |
|
| 214 |
},
|
| 215 |
doneUpdateActivityLog: function(res){
|
| 216 |
+
this.actNextUpdateAt = (new Date()).getTime() + parseInt(WordfenceAdminVars.actUpdateInterval);
|
| 217 |
if(res.ok){
|
| 218 |
if(res.items.length > 0){
|
| 219 |
this.activityQueue.push.apply(this.activityQueue, res.items);
|
| 225 |
},
|
| 226 |
processActQueue: function(currentScanID){
|
| 227 |
if(this.activityQueue.length > 0){
|
|
|
|
| 228 |
this.addActItem(this.activityQueue.shift());
|
| 229 |
this.totalActAdded++;
|
| 230 |
if(this.totalActAdded > this.maxActivityLogItems){
|
| 231 |
jQuery('#consoleActivity div:first').remove();
|
| 232 |
this.totalActAdded--;
|
| 233 |
}
|
|
|
|
| 234 |
var timeTillNextUpdate = this.actNextUpdateAt - (new Date()).getTime();
|
| 235 |
var maxRate = 50 / 1000; //Rate per millisecond
|
| 236 |
var bulkTotal = 0;
|
| 1067 |
}
|
| 1068 |
}
|
| 1069 |
for(var k in WFSLevels[level].otherParams){
|
| 1070 |
+
if(! /^(?:apiKey|securityLevel|alertEmails|liveTraf_ignoreUsers|liveTraf_ignoreIPs|liveTraf_ignoreUA|liveTraf_hitsMaxSize|maxMem|maxExecutionTime|actUpdateInterval)$/.test(k)){
|
| 1071 |
jQuery('#' + k).val(WFSLevels[level].otherParams[k]);
|
| 1072 |
}
|
| 1073 |
}
|
lib/conntest.php
ADDED
|
@@ -0,0 +1,70 @@
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1 |
+
<?php if(! wfUtils::isAdmin()){ exit(); } ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
| 2 |
+
<html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">
|
| 3 |
+
<head>
|
| 4 |
+
<title>Wordfence Connectivity Tester</title>
|
| 5 |
+
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
|
| 6 |
+
<body>
|
| 7 |
+
<h1>Wordfence connectivity tester</h1>
|
| 8 |
+
<br /><br />
|
| 9 |
+
DNS lookup for noc1.wordfence.com returns: <?php echo gethostbyname('noc1.wordfence.com'); ?><br /><br />
|
| 10 |
+
<?php
|
| 11 |
+
function testSocket($service_port){
|
| 12 |
+
echo "<b>STARTING SOCKET TEST TO PORT $service_port</b><br />\n";
|
| 13 |
+
error_reporting(E_ALL);
|
| 14 |
+
//$service_port = getservbyname('www', 'tcp');
|
| 15 |
+
$address = gethostbyname('noc1.wordfence.com');
|
| 16 |
+
$socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
|
| 17 |
+
if($socket === false){
|
| 18 |
+
echo "Could not create socket: " . socket_strerror(socket_last_error()) . "<br />\n";
|
| 19 |
+
} else {
|
| 20 |
+
echo "Socket created OK<br />\n";
|
| 21 |
+
}
|
| 22 |
+
echo "Attempting to connect to '$address' on port '$service_port'...";
|
| 23 |
+
$result = socket_connect($socket, $address, $service_port);
|
| 24 |
+
if($result === false){
|
| 25 |
+
echo "socket_connect() failed.\nReason: ($result) " . socket_strerror(socket_last_error($socket)) . "<br /><br />\n";
|
| 26 |
+
} else {
|
| 27 |
+
echo "Socket connected OK to port $service_port<br /><br />\n";
|
| 28 |
+
}
|
| 29 |
+
socket_close($socket);
|
| 30 |
+
}
|
| 31 |
+
testSocket(80);
|
| 32 |
+
testSocket(443);
|
| 33 |
+
|
| 34 |
+
?>
|
| 35 |
+
<?php
|
| 36 |
+
$curlContent = "";
|
| 37 |
+
function curlWrite($h, $d){
|
| 38 |
+
global $curlContent;
|
| 39 |
+
$curlContent .= $d;
|
| 40 |
+
return strlen($d);
|
| 41 |
+
}
|
| 42 |
+
function doCurlTest($protocol){
|
| 43 |
+
echo "<br /><b>STARTING CURL $protocol CONNECTION TEST....</b><br />\n";
|
| 44 |
+
global $curlContent;
|
| 45 |
+
$curlContent = "";
|
| 46 |
+
$curl = curl_init($protocol . '://noc1.wordfence.com/');
|
| 47 |
+
curl_setopt ($curl, CURLOPT_TIMEOUT, 900);
|
| 48 |
+
curl_setopt ($curl, CURLOPT_USERAGENT, "Wordfence.com UA " . (defined('WORDFENCE_VERSION') ? WORDFENCE_VERSION : '[Unknown version]') );
|
| 49 |
+
curl_setopt ($curl, CURLOPT_RETURNTRANSFER, TRUE);
|
| 50 |
+
curl_setopt ($curl, CURLOPT_HEADER, 0);
|
| 51 |
+
curl_setopt ($curl, CURLOPT_SSL_VERIFYPEER, false);
|
| 52 |
+
curl_setopt ($curl, CURLOPT_SSL_VERIFYHOST, false);
|
| 53 |
+
curl_setopt ($curl, CURLOPT_WRITEFUNCTION, 'curlWrite');
|
| 54 |
+
$curlResult = curl_exec($curl);
|
| 55 |
+
$httpStatus = curl_getinfo($curl, CURLINFO_HTTP_CODE);
|
| 56 |
+
if(strpos($curlContent, 'Your site did not send an API key') !== false){
|
| 57 |
+
echo "Curl connectivity test passed.<br /><br />\n";
|
| 58 |
+
} else {
|
| 59 |
+
$curlErrorNo = curl_errno($curl);
|
| 60 |
+
$curlError = curl_error($curl);
|
| 61 |
+
echo "Curl connectivity test failed with response: <pre>$curlContent</pre>";
|
| 62 |
+
echo "<br />Curl HTTP status: $httpStatus<br />Curl error code: $curlErrorNo<br />Curl Error: $curlError<br /><br />\n";
|
| 63 |
+
}
|
| 64 |
+
}
|
| 65 |
+
doCurlTest('http');
|
| 66 |
+
doCurlTest('https');
|
| 67 |
+
?>
|
| 68 |
+
</body>
|
| 69 |
+
</html>
|
| 70 |
+
|
lib/menu_options.php
CHANGED
|
@@ -230,8 +230,10 @@ var WFSLevels = <?php echo json_encode(wfConfig::$securityLevels); ?>;
|
|
| 230 |
<tr><th>Participate in the Wordfence Security Network</th><td><input type="checkbox" id="other_WFNet" class="wfConfigElem" name="other_WFNet" value="1" <?php $w->cb('other_WFNet'); ?> /></td></tr>
|
| 231 |
<tr><th>Maximum memory Wordfence can use</th><td><input type="text" id="maxMem" name="maxMem" value="<?php $w->f('maxMem'); ?>" size="4" />Megabytes</td></tr>
|
| 232 |
<tr><th>Maximum execution time for each scan stage</th><td><input type="text" id="maxExecutionTime" name="maxExecutionTime" value="<?php $w->f('maxExecutionTime'); ?>" size="4" />Blank for default. Must be greater than 9.</td></tr>
|
|
|
|
| 233 |
<tr><th>Enable debugging mode (increases database load)</th><td><input type="checkbox" id="debugOn" class="wfConfigElem" name="debugOn" value="1" <?php $w->cb('debugOn'); ?> /></td></tr>
|
| 234 |
<tr><th>Delete Wordfence tables and data on deactivation?</th><td><input type="checkbox" id="deleteTablesOnDeact" class="wfConfigElem" name="deleteTablesOnDeact" value="1" <?php $w->cb('deleteTablesOnDeact'); ?> /></td></tr>
|
|
|
|
| 235 |
<tr><th colspan="2"><a href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=sysinfo&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Click to view your system's configuration in a new window</a></th></tr>
|
| 236 |
<tr><th colspan="2"><a href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=testmem&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Test your WordPress host's available memory</a></th></tr>
|
| 237 |
</table>
|
| 230 |
<tr><th>Participate in the Wordfence Security Network</th><td><input type="checkbox" id="other_WFNet" class="wfConfigElem" name="other_WFNet" value="1" <?php $w->cb('other_WFNet'); ?> /></td></tr>
|
| 231 |
<tr><th>Maximum memory Wordfence can use</th><td><input type="text" id="maxMem" name="maxMem" value="<?php $w->f('maxMem'); ?>" size="4" />Megabytes</td></tr>
|
| 232 |
<tr><th>Maximum execution time for each scan stage</th><td><input type="text" id="maxExecutionTime" name="maxExecutionTime" value="<?php $w->f('maxExecutionTime'); ?>" size="4" />Blank for default. Must be greater than 9.</td></tr>
|
| 233 |
+
<tr><th>Update interval in seconds (2 is default)</th><td><input type="text" id="actUpdateInterval" name="actUpdateInterval" value="<?php $w->f('actUpdateInterval'); ?>" size="4" />Set to 10 or more if you're seeing high server CPU usage.</td></tr>
|
| 234 |
<tr><th>Enable debugging mode (increases database load)</th><td><input type="checkbox" id="debugOn" class="wfConfigElem" name="debugOn" value="1" <?php $w->cb('debugOn'); ?> /></td></tr>
|
| 235 |
<tr><th>Delete Wordfence tables and data on deactivation?</th><td><input type="checkbox" id="deleteTablesOnDeact" class="wfConfigElem" name="deleteTablesOnDeact" value="1" <?php $w->cb('deleteTablesOnDeact'); ?> /></td></tr>
|
| 236 |
+
<tr><th colspan="2"><a href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=conntest&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Click to test connectivity to the Wordfence API servers</a></th></tr>
|
| 237 |
<tr><th colspan="2"><a href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=sysinfo&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Click to view your system's configuration in a new window</a></th></tr>
|
| 238 |
<tr><th colspan="2"><a href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=testmem&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Test your WordPress host's available memory</a></th></tr>
|
| 239 |
</table>
|
lib/pageTitle.php
CHANGED
|
@@ -1,13 +1,15 @@
|
|
| 1 |
-
<?php if(! wfConfig::get('isPaid')){
|
|
|
|
|
|
|
| 2 |
<table border="0">
|
| 3 |
<tr>
|
| 4 |
<td style="padding-right: 50px;">
|
| 5 |
<div class="wordfence-lock-icon wordfence-icon32"><br /></div><h2 id="wfHeading"><?php echo $pageTitle; ?></h2>
|
| 6 |
</td><td style="width: 450px; padding-top: 10px;">
|
| 7 |
-
You're using the Free version of Wordfence which you can support by visiting <a href="
|
| 8 |
</td>
|
| 9 |
<td style="width: 120px; padding-top: 10px;">
|
| 10 |
-
<a href="
|
| 11 |
</td>
|
| 12 |
</tr>
|
| 13 |
</table>
|
| 1 |
+
<?php if(! wfConfig::get('isPaid')){
|
| 2 |
+
$affURL = 'http://www.bluehost.com/track/wordfence/wfplghd2?page=/wordpress';
|
| 3 |
+
?>
|
| 4 |
<table border="0">
|
| 5 |
<tr>
|
| 6 |
<td style="padding-right: 50px;">
|
| 7 |
<div class="wordfence-lock-icon wordfence-icon32"><br /></div><h2 id="wfHeading"><?php echo $pageTitle; ?></h2>
|
| 8 |
</td><td style="width: 450px; padding-top: 10px;">
|
| 9 |
+
You're using the Free version of Wordfence which you can support by visiting <a href="<?php echo $affURL; ?>" target="_blank">Bluehost.com</a>. We recommend <a href="<?php echo $affURL; ?>" target="_blank">Bluehost for WordPress hosting</a> and use them for our own WordPress websites. <a href="<?php echo $affURL; ?>" target="_blank">»Visit Bluehost now»</a>
|
| 10 |
</td>
|
| 11 |
<td style="width: 120px; padding-top: 10px;">
|
| 12 |
+
<a href="<?php echo $affURL; ?>" target="_blank" class="bluehostBanner bluehostBanner<?php echo rand(1,5); ?>"></a>
|
| 13 |
</td>
|
| 14 |
</tr>
|
| 15 |
</table>
|
lib/wfAPI.php
CHANGED
|
@@ -62,7 +62,7 @@ class wfAPI {
|
|
| 62 |
} else {
|
| 63 |
$cerror = curl_error($curl);
|
| 64 |
curl_close($curl);
|
| 65 |
-
throw new Exception("We received an error response when trying to contact the Wordfence scanning servers. The HTTP status code was [$httpStatus]" . ($cerror ? (' and the error from CURL was ' . $cerror) : ''));
|
| 66 |
}
|
| 67 |
} else {
|
| 68 |
$data = $this->fileGet($url, $postParams);
|
| 62 |
} else {
|
| 63 |
$cerror = curl_error($curl);
|
| 64 |
curl_close($curl);
|
| 65 |
+
throw new Exception("We received an error response when trying to contact the Wordfence scanning servers. The HTTP status code was [$httpStatus] and the curl error number was [" . $this->lastCurlErrorNo . "] " . ($cerror ? (' and the error from CURL was: ' . $cerror) : ''));
|
| 66 |
}
|
| 67 |
} else {
|
| 68 |
$data = $this->fileGet($url, $postParams);
|
lib/wfConfig.php
CHANGED
|
@@ -49,7 +49,7 @@ class wfConfig {
|
|
| 49 |
),
|
| 50 |
"otherParams" => array(
|
| 51 |
'securityLevel' => '0',
|
| 52 |
-
"alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256', 'whitelisted' => '', 'maxExecutionTime' => '', 'howGetIPs' => '',
|
| 53 |
"neverBlockBG" => "neverBlockVerified",
|
| 54 |
"loginSec_countFailMins" => "5",
|
| 55 |
"loginSec_lockoutMins" => "5",
|
|
@@ -113,7 +113,7 @@ class wfConfig {
|
|
| 113 |
),
|
| 114 |
"otherParams" => array(
|
| 115 |
'securityLevel' => '1',
|
| 116 |
-
"alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256', 'whitelisted' => '', 'maxExecutionTime' => '', 'howGetIPs' => '',
|
| 117 |
"neverBlockBG" => "neverBlockVerified",
|
| 118 |
"loginSec_countFailMins" => "5",
|
| 119 |
"loginSec_lockoutMins" => "5",
|
|
@@ -177,7 +177,7 @@ class wfConfig {
|
|
| 177 |
),
|
| 178 |
"otherParams" => array(
|
| 179 |
'securityLevel' => '2',
|
| 180 |
-
"alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256', 'whitelisted' => '', 'maxExecutionTime' => '', 'howGetIPs' => '',
|
| 181 |
"neverBlockBG" => "neverBlockVerified",
|
| 182 |
"loginSec_countFailMins" => "240",
|
| 183 |
"loginSec_lockoutMins" => "240",
|
|
@@ -241,7 +241,7 @@ class wfConfig {
|
|
| 241 |
),
|
| 242 |
"otherParams" => array(
|
| 243 |
'securityLevel' => '3',
|
| 244 |
-
"alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256', 'whitelisted' => '', 'maxExecutionTime' => '', 'howGetIPs' => '',
|
| 245 |
"neverBlockBG" => "neverBlockVerified",
|
| 246 |
"loginSec_countFailMins" => "1440",
|
| 247 |
"loginSec_lockoutMins" => "1440",
|
|
@@ -305,7 +305,7 @@ class wfConfig {
|
|
| 305 |
),
|
| 306 |
"otherParams" => array(
|
| 307 |
'securityLevel' => '4',
|
| 308 |
-
"alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256', 'whitelisted' => '', 'maxExecutionTime' => '', 'howGetIPs' => '',
|
| 309 |
"neverBlockBG" => "neverBlockVerified",
|
| 310 |
"loginSec_countFailMins" => "1440",
|
| 311 |
"loginSec_lockoutMins" => "1440",
|
| 49 |
),
|
| 50 |
"otherParams" => array(
|
| 51 |
'securityLevel' => '0',
|
| 52 |
+
"alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256', 'whitelisted' => '', 'maxExecutionTime' => '', 'howGetIPs' => '', 'actUpdateInterval' => '',
|
| 53 |
"neverBlockBG" => "neverBlockVerified",
|
| 54 |
"loginSec_countFailMins" => "5",
|
| 55 |
"loginSec_lockoutMins" => "5",
|
| 113 |
),
|
| 114 |
"otherParams" => array(
|
| 115 |
'securityLevel' => '1',
|
| 116 |
+
"alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256', 'whitelisted' => '', 'maxExecutionTime' => '', 'howGetIPs' => '', 'actUpdateInterval' => '',
|
| 117 |
"neverBlockBG" => "neverBlockVerified",
|
| 118 |
"loginSec_countFailMins" => "5",
|
| 119 |
"loginSec_lockoutMins" => "5",
|
| 177 |
),
|
| 178 |
"otherParams" => array(
|
| 179 |
'securityLevel' => '2',
|
| 180 |
+
"alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256', 'whitelisted' => '', 'maxExecutionTime' => '', 'howGetIPs' => '', 'actUpdateInterval' => '',
|
| 181 |
"neverBlockBG" => "neverBlockVerified",
|
| 182 |
"loginSec_countFailMins" => "240",
|
| 183 |
"loginSec_lockoutMins" => "240",
|
| 241 |
),
|
| 242 |
"otherParams" => array(
|
| 243 |
'securityLevel' => '3',
|
| 244 |
+
"alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256', 'whitelisted' => '', 'maxExecutionTime' => '', 'howGetIPs' => '', 'actUpdateInterval' => '',
|
| 245 |
"neverBlockBG" => "neverBlockVerified",
|
| 246 |
"loginSec_countFailMins" => "1440",
|
| 247 |
"loginSec_lockoutMins" => "1440",
|
| 305 |
),
|
| 306 |
"otherParams" => array(
|
| 307 |
'securityLevel' => '4',
|
| 308 |
+
"alertEmails" => "", "liveTraf_ignoreUsers" => "", "liveTraf_ignoreIPs" => "", "liveTraf_ignoreUA" => "", "apiKey" => "", "maxMem" => '256', 'whitelisted' => '', 'maxExecutionTime' => '', 'howGetIPs' => '', 'actUpdateInterval' => '',
|
| 309 |
"neverBlockBG" => "neverBlockVerified",
|
| 310 |
"loginSec_countFailMins" => "1440",
|
| 311 |
"loginSec_lockoutMins" => "1440",
|
lib/wfLog.php
CHANGED
|
@@ -55,9 +55,9 @@ class wfLog {
|
|
| 55 |
//Moved the following block into the "is fw enabled section" for optimization.
|
| 56 |
$IP = wfUtils::getIP();
|
| 57 |
$IPnum = wfUtils::inet_aton($IP);
|
| 58 |
-
|
| 59 |
-
|
| 60 |
-
|
| 61 |
if($type == '404'){
|
| 62 |
$table = $this->scanTable;
|
| 63 |
} else if($type == 'hit'){
|
|
@@ -70,48 +70,7 @@ class wfLog {
|
|
| 70 |
$hitsPerMinute = $this->getDB()->querySingle("select @wfcurrenthits");
|
| 71 |
//end block moved into "is fw enabled" section
|
| 72 |
|
| 73 |
-
//
|
| 74 |
-
$r1 = $this->getDB()->querySelect("select id, blockType, blockString from " . $this->ipRangesTable);
|
| 75 |
-
foreach($r1 as $blockRec){
|
| 76 |
-
if($blockRec['blockType'] == 'IU'){
|
| 77 |
-
$ipRangeBlocked = false;
|
| 78 |
-
$uaPatternBlocked = false;
|
| 79 |
-
|
| 80 |
-
$bDat = explode('|', $blockRec['blockString']);
|
| 81 |
-
$ipRange = $bDat[0];
|
| 82 |
-
$uaPattern = $bDat[1];
|
| 83 |
-
if($ipRange){
|
| 84 |
-
$ips = explode('-', $ipRange);
|
| 85 |
-
if($IPnum >= $ips[0] && $IPnum <= $ips[1]){
|
| 86 |
-
$ipRangeBlocked = true;
|
| 87 |
-
}
|
| 88 |
-
}
|
| 89 |
-
if($uaPattern){
|
| 90 |
-
if(wfUtils::isUABlocked($uaPattern)){
|
| 91 |
-
$uaPatternBlocked = true;
|
| 92 |
-
}
|
| 93 |
-
}
|
| 94 |
-
$rangeBlockReason = false;
|
| 95 |
-
if($uaPattern && $ipRange){
|
| 96 |
-
if($uaPatternBlocked && $ipRangeBlocked){
|
| 97 |
-
$rangeBlockReason = "Advanced pattern blocking in effect.";
|
| 98 |
-
}
|
| 99 |
-
} else if($uaPattern){
|
| 100 |
-
if($uaPatternBlocked){
|
| 101 |
-
$rangeBlockReason = "Advanced pattern blocking in effect.";
|
| 102 |
-
}
|
| 103 |
-
} else if($ipRange){
|
| 104 |
-
if($ipRangeBlocked){
|
| 105 |
-
$rangeBlockReason = "Advanced pattern blocking in effect.";
|
| 106 |
-
}
|
| 107 |
-
}
|
| 108 |
-
if($rangeBlockReason){
|
| 109 |
-
$this->getDB()->queryWrite("update " . $this->ipRangesTable . " set totalBlocked = totalBlocked + 1, lastBlocked = unix_timestamp() where id=%d", $blockRec['id']);
|
| 110 |
-
$this->do503(3600, $rangeBlockReason);
|
| 111 |
-
}
|
| 112 |
-
}
|
| 113 |
-
}
|
| 114 |
-
//End range/UA blocking
|
| 115 |
|
| 116 |
if(wfConfig::get('blockFakeBots')){
|
| 117 |
if(wfCrawl::isGooglebot() && (! wfCrawl::verifyCrawlerPTR($this->googlePattern, $IP) )){
|
|
@@ -161,6 +120,10 @@ class wfLog {
|
|
| 161 |
}
|
| 162 |
}
|
| 163 |
public function isWhitelisted($IP){
|
|
|
|
|
|
|
|
|
|
|
|
|
| 164 |
//We now whitelist all RFC1918 IP addresses and loopback
|
| 165 |
if(strpos($IP, '127.') === 0 || strpos($IP, '10.') === 0 || strpos($IP, '192.168.') === 0 || strpos($IP, '172.') === 0){
|
| 166 |
if(strpos($IP, '172.') === 0){
|
|
@@ -555,6 +518,50 @@ class wfLog {
|
|
| 555 |
return $this->db;
|
| 556 |
}
|
| 557 |
public function firewallBadIPs(){
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 558 |
$blockedCountries = wfConfig::get('cbl_countries', false);
|
| 559 |
$bareRequestURI = wfUtils::extractBareURI($_SERVER['REQUEST_URI']);
|
| 560 |
$bareBypassRedirURI = wfUtils::extractBareURI(wfConfig::get('cbl_bypassRedirURL', ''));
|
| 55 |
//Moved the following block into the "is fw enabled section" for optimization.
|
| 56 |
$IP = wfUtils::getIP();
|
| 57 |
$IPnum = wfUtils::inet_aton($IP);
|
| 58 |
+
if($this->isWhitelisted($IP)){
|
| 59 |
+
return;
|
| 60 |
+
}
|
| 61 |
if($type == '404'){
|
| 62 |
$table = $this->scanTable;
|
| 63 |
} else if($type == 'hit'){
|
| 70 |
$hitsPerMinute = $this->getDB()->querySingle("select @wfcurrenthits");
|
| 71 |
//end block moved into "is fw enabled" section
|
| 72 |
|
| 73 |
+
//Range blocking was here. Moved to wordfenceClass::veryFirstAction
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 74 |
|
| 75 |
if(wfConfig::get('blockFakeBots')){
|
| 76 |
if(wfCrawl::isGooglebot() && (! wfCrawl::verifyCrawlerPTR($this->googlePattern, $IP) )){
|
| 120 |
}
|
| 121 |
}
|
| 122 |
public function isWhitelisted($IP){
|
| 123 |
+
$IPnum = wfUtils::inet_aton($IP);
|
| 124 |
+
if($IPnum > 1160651777 && $IPnum < 1160651808){ //IP is in Wordfence's IP block which would prevent our scanning server manually kicking off scans that are stuck
|
| 125 |
+
return true;
|
| 126 |
+
}
|
| 127 |
//We now whitelist all RFC1918 IP addresses and loopback
|
| 128 |
if(strpos($IP, '127.') === 0 || strpos($IP, '10.') === 0 || strpos($IP, '192.168.') === 0 || strpos($IP, '172.') === 0){
|
| 129 |
if(strpos($IP, '172.') === 0){
|
| 518 |
return $this->db;
|
| 519 |
}
|
| 520 |
public function firewallBadIPs(){
|
| 521 |
+
|
| 522 |
+
//New range and UA pattern blocking:
|
| 523 |
+
$r1 = $this->getDB()->querySelect("select id, blockType, blockString from " . $this->ipRangesTable);
|
| 524 |
+
foreach($r1 as $blockRec){
|
| 525 |
+
if($blockRec['blockType'] == 'IU'){
|
| 526 |
+
$ipRangeBlocked = false;
|
| 527 |
+
$uaPatternBlocked = false;
|
| 528 |
+
|
| 529 |
+
$bDat = explode('|', $blockRec['blockString']);
|
| 530 |
+
$ipRange = $bDat[0];
|
| 531 |
+
$uaPattern = $bDat[1];
|
| 532 |
+
if($ipRange){
|
| 533 |
+
$ips = explode('-', $ipRange);
|
| 534 |
+
if($IPnum >= $ips[0] && $IPnum <= $ips[1]){
|
| 535 |
+
$ipRangeBlocked = true;
|
| 536 |
+
}
|
| 537 |
+
}
|
| 538 |
+
if($uaPattern){
|
| 539 |
+
if(wfUtils::isUABlocked($uaPattern)){
|
| 540 |
+
$uaPatternBlocked = true;
|
| 541 |
+
}
|
| 542 |
+
}
|
| 543 |
+
$rangeBlockReason = false;
|
| 544 |
+
if($uaPattern && $ipRange){
|
| 545 |
+
if($uaPatternBlocked && $ipRangeBlocked){
|
| 546 |
+
$rangeBlockReason = "Advanced pattern blocking in effect.";
|
| 547 |
+
}
|
| 548 |
+
} else if($uaPattern){
|
| 549 |
+
if($uaPatternBlocked){
|
| 550 |
+
$rangeBlockReason = "Advanced pattern blocking in effect.";
|
| 551 |
+
}
|
| 552 |
+
} else if($ipRange){
|
| 553 |
+
if($ipRangeBlocked){
|
| 554 |
+
$rangeBlockReason = "Advanced pattern blocking in effect.";
|
| 555 |
+
}
|
| 556 |
+
}
|
| 557 |
+
if($rangeBlockReason){
|
| 558 |
+
$this->getDB()->queryWrite("update " . $this->ipRangesTable . " set totalBlocked = totalBlocked + 1, lastBlocked = unix_timestamp() where id=%d", $blockRec['id']);
|
| 559 |
+
$this->do503(3600, $rangeBlockReason);
|
| 560 |
+
}
|
| 561 |
+
}
|
| 562 |
+
}
|
| 563 |
+
//End range/UA blocking
|
| 564 |
+
|
| 565 |
$blockedCountries = wfConfig::get('cbl_countries', false);
|
| 566 |
$bareRequestURI = wfUtils::extractBareURI($_SERVER['REQUEST_URI']);
|
| 567 |
$bareBypassRedirURI = wfUtils::extractBareURI(wfConfig::get('cbl_bypassRedirURL', ''));
|
lib/wordfenceClass.php
CHANGED
|
@@ -466,8 +466,10 @@ class wordfence {
|
|
| 466 |
}
|
| 467 |
}
|
| 468 |
|
| 469 |
-
|
| 470 |
-
|
|
|
|
|
|
|
| 471 |
}
|
| 472 |
public static function loginAction($username){
|
| 473 |
if(sizeof($_POST) < 1){ return; } //only execute if login form is posted
|
|
@@ -1181,7 +1183,7 @@ class wordfence {
|
|
| 1181 |
}
|
| 1182 |
}
|
| 1183 |
|
| 1184 |
-
if(! ($wfFunc == 'diff' || $wfFunc == 'view' || $wfFunc == 'sysinfo' || $wfFunc == 'unknownFiles' || $wfFunc == 'IPTraf' || $wfFunc == 'viewActivityLog' || $wfFunc == 'testmem' || $wfFunc == 'testtime')){
|
| 1185 |
return;
|
| 1186 |
}
|
| 1187 |
if(! wfUtils::isAdmin()){
|
|
@@ -1199,6 +1201,8 @@ class wordfence {
|
|
| 1199 |
self::wfFunc_view();
|
| 1200 |
} else if($wfFunc == 'sysinfo'){
|
| 1201 |
require('sysinfo.php');
|
|
|
|
|
|
|
| 1202 |
} else if($wfFunc == 'unknownFiles'){
|
| 1203 |
require('unknownFiles.php');
|
| 1204 |
} else if($wfFunc == 'IPTraf'){
|
|
@@ -1410,11 +1414,18 @@ class wordfence {
|
|
| 1410 |
|
| 1411 |
}
|
| 1412 |
private static function setupAdminVars(){
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 1413 |
wp_localize_script('wordfenceAdminjs', 'WordfenceAdminVars', array(
|
| 1414 |
'ajaxURL' => admin_url('admin-ajax.php'),
|
| 1415 |
'firstNonce' => wp_create_nonce('wp-ajax'),
|
| 1416 |
'siteBaseURL' => wfUtils::getSiteBaseURL(),
|
| 1417 |
'debugOn' => wfConfig::get('debugOn', 0),
|
|
|
|
| 1418 |
'tourClosed' => wfConfig::get('tourClosed', 0)
|
| 1419 |
));
|
| 1420 |
}
|
| 466 |
}
|
| 467 |
}
|
| 468 |
|
| 469 |
+
if(wfConfig::get('firewallEnabled')){
|
| 470 |
+
$wfLog = self::getLog();
|
| 471 |
+
$wfLog->firewallBadIPs();
|
| 472 |
+
}
|
| 473 |
}
|
| 474 |
public static function loginAction($username){
|
| 475 |
if(sizeof($_POST) < 1){ return; } //only execute if login form is posted
|
| 1183 |
}
|
| 1184 |
}
|
| 1185 |
|
| 1186 |
+
if(! ($wfFunc == 'diff' || $wfFunc == 'view' || $wfFunc == 'sysinfo' || $wfFunc == 'conntest' || $wfFunc == 'unknownFiles' || $wfFunc == 'IPTraf' || $wfFunc == 'viewActivityLog' || $wfFunc == 'testmem' || $wfFunc == 'testtime')){
|
| 1187 |
return;
|
| 1188 |
}
|
| 1189 |
if(! wfUtils::isAdmin()){
|
| 1201 |
self::wfFunc_view();
|
| 1202 |
} else if($wfFunc == 'sysinfo'){
|
| 1203 |
require('sysinfo.php');
|
| 1204 |
+
} else if($wfFunc == 'conntest'){
|
| 1205 |
+
require('conntest.php');
|
| 1206 |
} else if($wfFunc == 'unknownFiles'){
|
| 1207 |
require('unknownFiles.php');
|
| 1208 |
} else if($wfFunc == 'IPTraf'){
|
| 1414 |
|
| 1415 |
}
|
| 1416 |
private static function setupAdminVars(){
|
| 1417 |
+
$updateInt = wfConfig::get('actUpdateInterval', 2);
|
| 1418 |
+
if(! preg_match('/^\d+$/', $updateInt)){
|
| 1419 |
+
$updateInt = 2;
|
| 1420 |
+
}
|
| 1421 |
+
$updateInt *= 1000;
|
| 1422 |
+
|
| 1423 |
wp_localize_script('wordfenceAdminjs', 'WordfenceAdminVars', array(
|
| 1424 |
'ajaxURL' => admin_url('admin-ajax.php'),
|
| 1425 |
'firstNonce' => wp_create_nonce('wp-ajax'),
|
| 1426 |
'siteBaseURL' => wfUtils::getSiteBaseURL(),
|
| 1427 |
'debugOn' => wfConfig::get('debugOn', 0),
|
| 1428 |
+
'actUpdateInterval' => $updateInt,
|
| 1429 |
'tourClosed' => wfConfig::get('tourClosed', 0)
|
| 1430 |
));
|
| 1431 |
}
|
lib/wordfenceScanner.php
CHANGED
|
@@ -136,6 +136,7 @@ class wordfenceScanner {
|
|
| 136 |
break;
|
| 137 |
|
| 138 |
}
|
|
|
|
| 139 |
$longestNospace = wfUtils::longestNospace($data);
|
| 140 |
if($longestNospace > 1000 && (strpos($data, $this->patterns['pat1']) !== false || preg_match('/preg_replace\([^\(]+\/[a-z]*e/', $data)) ){
|
| 141 |
$this->addResult(array(
|
|
@@ -154,6 +155,7 @@ class wordfenceScanner {
|
|
| 154 |
));
|
| 155 |
break;
|
| 156 |
}
|
|
|
|
| 157 |
if(preg_match($this->patterns['pat2'], $data)){
|
| 158 |
$this->addResult(array(
|
| 159 |
'type' => 'file',
|
| 136 |
break;
|
| 137 |
|
| 138 |
}
|
| 139 |
+
/*
|
| 140 |
$longestNospace = wfUtils::longestNospace($data);
|
| 141 |
if($longestNospace > 1000 && (strpos($data, $this->patterns['pat1']) !== false || preg_match('/preg_replace\([^\(]+\/[a-z]*e/', $data)) ){
|
| 142 |
$this->addResult(array(
|
| 155 |
));
|
| 156 |
break;
|
| 157 |
}
|
| 158 |
+
*/
|
| 159 |
if(preg_match($this->patterns['pat2'], $data)){
|
| 160 |
$this->addResult(array(
|
| 161 |
'type' => 'file',
|
readme.txt
CHANGED
|
@@ -3,7 +3,7 @@ Contributors: mmaunder
|
|
| 3 |
Tags: wordpress, security, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure
|
| 4 |
Requires at least: 3.3.1
|
| 5 |
Tested up to: 3.5.1
|
| 6 |
-
Stable tag: 3.6.
|
| 7 |
|
| 8 |
Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
|
| 9 |
|
|
@@ -155,6 +155,15 @@ or a theme, because often these have been updated to fix a security hole.
|
|
| 155 |
|
| 156 |
== Changelog ==
|
| 157 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 158 |
= 3.6.5 =
|
| 159 |
* Fixed Fatal error: func_get_args(): Can't be used as a function parameter.
|
| 160 |
* This bug affected users using PHP older than 5.3.0
|
| 3 |
Tags: wordpress, security, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure
|
| 4 |
Requires at least: 3.3.1
|
| 5 |
Tested up to: 3.5.1
|
| 6 |
+
Stable tag: 3.6.6
|
| 7 |
|
| 8 |
Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
|
| 9 |
|
| 155 |
|
| 156 |
== Changelog ==
|
| 157 |
|
| 158 |
+
= 3.6.6 =
|
| 159 |
+
* Added option to change AJAX polling frequency
|
| 160 |
+
* Fixed issue that caused whitelisted IP's to not be whitelisted.
|
| 161 |
+
* Added code that prevents blocking of Wordfence's API server (or Wordfence will cease to function)
|
| 162 |
+
* Added link at bottom of 'options' page to test connectivity to our API servers.
|
| 163 |
+
* Include any CURL error numbers in error reporting.
|
| 164 |
+
* Fixed issue that caused IP range blocking to not block access to login page.
|
| 165 |
+
* Fixed issue that caused cache files to be flagged as malicious.
|
| 166 |
+
|
| 167 |
= 3.6.5 =
|
| 168 |
* Fixed Fatal error: func_get_args(): Can't be used as a function parameter.
|
| 169 |
* This bug affected users using PHP older than 5.3.0
|
