Wordfence Security – Firewall & Malware Scan - Version 3.6.7

Version Description

  • Improved security for Cloudflare customers to prevent spoofing attacks and protect when a hacker bypasses Cloudflare proxies.
  • Added clear explanation of what increasing AJAX polling time does on options page.
  • Fixed issue with Wordfence detecting itself as malware. We messed up the version number in previous release.
Download this release

Release Info

Developer mmaunder
Plugin Icon 128x128 Wordfence Security – Firewall & Malware Scan
Version 3.6.7
Comparing to
See all releases

Code changes from version 3.6.6 to 3.6.7

Files changed (4) hide show
  1. lib/menu_options.php +1 -1
  2. lib/wfUtils.php +3 -0
  3. readme.txt +6 -1
  4. wordfence.php +2 -2
lib/menu_options.php CHANGED
@@ -230,7 +230,7 @@ var WFSLevels = <?php echo json_encode(wfConfig::$securityLevels); ?>;
230
<tr><th>Participate in the Wordfence Security Network</th><td><input type="checkbox" id="other_WFNet" class="wfConfigElem" name="other_WFNet" value="1" <?php $w->cb('other_WFNet'); ?> /></td></tr>
231
<tr><th>Maximum memory Wordfence can use</th><td><input type="text" id="maxMem" name="maxMem" value="<?php $w->f('maxMem'); ?>" size="4" />Megabytes</td></tr>
232
<tr><th>Maximum execution time for each scan stage</th><td><input type="text" id="maxExecutionTime" name="maxExecutionTime" value="<?php $w->f('maxExecutionTime'); ?>" size="4" />Blank for default. Must be greater than 9.</td></tr>
233
- <tr><th>Update interval in seconds (2 is default)</th><td><input type="text" id="actUpdateInterval" name="actUpdateInterval" value="<?php $w->f('actUpdateInterval'); ?>" size="4" />Set to 10 or more if you're seeing high server CPU usage.</td></tr>
234
<tr><th>Enable debugging mode (increases database load)</th><td><input type="checkbox" id="debugOn" class="wfConfigElem" name="debugOn" value="1" <?php $w->cb('debugOn'); ?> /></td></tr>
235
<tr><th>Delete Wordfence tables and data on deactivation?</th><td><input type="checkbox" id="deleteTablesOnDeact" class="wfConfigElem" name="deleteTablesOnDeact" value="1" <?php $w->cb('deleteTablesOnDeact'); ?> /></td></tr>
236
<tr><th colspan="2"><a href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=conntest&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Click to test connectivity to the Wordfence API servers</a></th></tr>
230
<tr><th>Participate in the Wordfence Security Network</th><td><input type="checkbox" id="other_WFNet" class="wfConfigElem" name="other_WFNet" value="1" <?php $w->cb('other_WFNet'); ?> /></td></tr>
231
<tr><th>Maximum memory Wordfence can use</th><td><input type="text" id="maxMem" name="maxMem" value="<?php $w->f('maxMem'); ?>" size="4" />Megabytes</td></tr>
232
<tr><th>Maximum execution time for each scan stage</th><td><input type="text" id="maxExecutionTime" name="maxExecutionTime" value="<?php $w->f('maxExecutionTime'); ?>" size="4" />Blank for default. Must be greater than 9.</td></tr>
233
+ <tr><th>Update interval in seconds (2 is default)</th><td><input type="text" id="actUpdateInterval" name="actUpdateInterval" value="<?php $w->f('actUpdateInterval'); ?>" size="4" />Setting higher will reduce browser traffic but slow scan starts, live traffic &amp; status updates.</td></tr>
234
<tr><th>Enable debugging mode (increases database load)</th><td><input type="checkbox" id="debugOn" class="wfConfigElem" name="debugOn" value="1" <?php $w->cb('debugOn'); ?> /></td></tr>
235
<tr><th>Delete Wordfence tables and data on deactivation?</th><td><input type="checkbox" id="deleteTablesOnDeact" class="wfConfigElem" name="deleteTablesOnDeact" value="1" <?php $w->cb('deleteTablesOnDeact'); ?> /></td></tr>
236
<tr><th colspan="2"><a href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=conntest&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Click to test connectivity to the Wordfence API servers</a></th></tr>
lib/wfUtils.php CHANGED
@@ -94,6 +94,9 @@ class wfUtils {
94
$howGet = wfConfig::get('howGetIPs', false);
95
if($howGet){
96
$IP = $_SERVER[$howGet];
97
} else {
98
$IP = wfUtils::defaultGetIP();
99
}
94
$howGet = wfConfig::get('howGetIPs', false);
95
if($howGet){
96
$IP = $_SERVER[$howGet];
97
+ if( $howGet == "HTTP_CF_CONNECTING_IP" && (! self::isValidIP($IP)) ){
98
+ $IP = $_SERVER['REMOTE_ADDR'];
99
+ }
100
} else {
101
$IP = wfUtils::defaultGetIP();
102
}
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: mmaunder
3
Tags: wordpress, security, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure
4
Requires at least: 3.3.1
5
Tested up to: 3.5.1
6
- Stable tag: 3.6.6
7
8
Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
9
@@ -155,6 +155,11 @@ or a theme, because often these have been updated to fix a security hole.
155
156
== Changelog ==
157
158
= 3.6.6 =
159
* Added option to change AJAX polling frequency
160
* Fixed issue that caused whitelisted IP's to not be whitelisted.
3
Tags: wordpress, security, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure
4
Requires at least: 3.3.1
5
Tested up to: 3.5.1
6
+ Stable tag: 3.6.7
7
8
Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
9
155
156
== Changelog ==
157
158
+ = 3.6.7 =
159
+ * Improved security for Cloudflare customers to prevent spoofing attacks and protect when a hacker bypasses Cloudflare proxies.
160
+ * Added clear explanation of what increasing AJAX polling time does on options page.
161
+ * Fixed issue with Wordfence detecting itself as malware. We messed up the version number in previous release.
162
+
163
= 3.6.6 =
164
* Added option to change AJAX polling frequency
165
* Fixed issue that caused whitelisted IP's to not be whitelisted.
wordfence.php CHANGED
@@ -4,10 +4,10 @@ Plugin Name: Wordfence Security
4
Plugin URI: http://www.wordfence.com/
5
Description: Wordfence Security - Anti-virus and Firewall security plugin for WordPress
6
Author: Mark Maunder
7
- Version: 3.6.5
8
Author URI: http://www.wordfence.com/
9
*/
10
- define('WORDFENCE_VERSION', '3.6.5');
11
if(get_option('wordfenceActivated') != 1){
12
add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
13
}
4
Plugin URI: http://www.wordfence.com/
5
Description: Wordfence Security - Anti-virus and Firewall security plugin for WordPress
6
Author: Mark Maunder
7
+ Version: 3.6.7
8
Author URI: http://www.wordfence.com/
9
*/
10
+ define('WORDFENCE_VERSION', '3.6.7');
11
if(get_option('wordfenceActivated') != 1){
12
add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
13
}