Wordfence Security – Firewall &amp; Malware Scan

Version Description

Removed Wordfence .htaccess because it doesn't offer any security functionality and increases incompatibility.
Fixed spelling errors.
Added check to see if $_SERVER['HTTP_USER_AGENT'] is defined before using it to suppress large number of warnings on some sites.
Changed the way we call admin_url() to the correct syntax.
Correctly escaped HTML on error messages.
Fixed issue that generated non-compliant query string.
Updated GeoIP database to newest version.

Release Info

Developer	mmaunder
Plugin	Wordfence Security – Firewall & Malware Scan
Version	3.8.4
Comparing to
See all releases

Code changes from version 3.8.3 to 3.8.4

Files changed (9) hide show

.htaccess +0 -29
lib/GeoIP.dat +0 -0
lib/wf503.php +1 -1
lib/wfCrawl.php +3 -3
lib/wfLog.php +6 -4
lib/wfScanEngine.php +3 -3
lib/wordfenceClass.php +17 -18
readme.txt +11 -2
wordfence.php +2 -2

.htaccess DELETED Viewed

@@ -1,29 +0,0 @@
-            -
            <Files .htaccess>
-            -
            Order Allow,Deny
-            -
            Deny From All
-            -
            </Files>
-            -
            <Files readme.txt>
-            -
            Order Allow,Deny
-            -
            Deny From All
-            -
            </Files>
-            -
            <Files screenshot-1.png>
-            -
            Order Allow,Deny
-            -
            Deny From All
-            -
            </Files>
-            -
            <Files screenshot-2.png>
-            -
            Order Allow,Deny
-            -
            Deny From All
-            -
            </Files>
-            -
            <Files screenshot-3.png>
-            -
            Order Allow,Deny
-            -
            Deny From All
-            -
            </Files>
-            -
            <Files screenshot-4.png>
-            -
            Order Allow,Deny
-            -
            Deny From All
-            -
            </Files>
-            -
            <Files screenshot-5.png>
-            -
            Order Allow,Deny
-            -
            Deny From All
-            -
            </Files>
-            -

lib/GeoIP.dat CHANGED Viewed

Binary file

lib/wf503.php CHANGED Viewed

	@@ -13,7 +13,7 @@ will need to regain access to your site, go to the Wordfence "options" page, go
13	if you were blocked because it was detected that you are a fake Google crawler, then disable the rule that blocks fake google crawlers. Or if you were blocked because you
14	were accessing your site too quickly, then increase the number of accesses allowed per minute.
15	<br /><br />
16	- If you're still having trouble, then simply disable the Wordfence ~~firwall~~ and you will
17	still benefit from the other security features that Wordfence provides.
18
19	<br /><br />


13	if you were blocked because it was detected that you are a fake Google crawler, then disable the rule that blocks fake google crawlers. Or if you were blocked because you
14	were accessing your site too quickly, then increase the number of accesses allowed per minute.
15	<br /><br />
16	+ If you're still having trouble, then simply disable the Wordfence firewall and you will
17	still benefit from the other security features that Wordfence provides.
18
19	<br /><br />

lib/wfCrawl.php CHANGED Viewed

	@@ -49,7 +49,7 @@ class wfCrawl {
49	}
50	}
51	public static function isBingCrawler(){
52	- $UA = $_SERVER['HTTP_USER_AGENT'];
53	foreach(self::$bingPat as $pat){
54	if(preg_match($pat . 'i', $UA)){
55	return true;
	@@ -71,14 +71,14 @@ class wfCrawl {
71	'@^msnbot/1\\.1.*$@'
72	);
73	public static function isGooglebot(){
74	- $UA = $_SERVER['HTTP_USER_AGENT'];
75	if(preg_match('/Googlebot\/\d\.\d/', $UA)){ // UA: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) or (rarely used): Googlebot/2.1 (+http://www.google.com/bot.html)
76	return true;
77	}
78	return false;
79	}
80	public static function isGoogleCrawler(){
81	- $UA = $_SERVER['HTTP_USER_AGENT'];
82	foreach(self::$googPat as $pat){
83	if(preg_match($pat . 'i', $UA)){
84	return true;


49	}
50	}
51	public static function isBingCrawler(){
52	+ $UA = (isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '');
53	foreach(self::$bingPat as $pat){
54	if(preg_match($pat . 'i', $UA)){
55	return true;

71	'@^msnbot/1\\.1.*$@'
72	);
73	public static function isGooglebot(){
74	+ $UA = (isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '');
75	if(preg_match('/Googlebot\/\d\.\d/', $UA)){ // UA: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) or (rarely used): Googlebot/2.1 (+http://www.google.com/bot.html)
76	return true;
77	}
78	return false;
79	}
80	public static function isGoogleCrawler(){
81	+ $UA = (isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '');
82	foreach(self::$googPat as $pat){
83	if(preg_match($pat . 'i', $UA)){
84	return true;

lib/wfLog.php CHANGED Viewed

	@@ -104,7 +104,7 @@ class wfLog {
104	}
105	}
106	}
107	- if(wfCrawl::isCrawler($_SERVER['HTTP_USER_AGENT'])){
108	if($type == 'hit' && wfConfig::get('maxRequestsCrawlers') != 'DISABLED' && $hitsPerMinute > wfConfig::get('maxRequestsCrawlers')){
109	$this->takeBlockingAction('maxRequestsCrawlers', "Exceeded the maximum number of requests per minute for crawlers."); //may not exit
110	} else if($type == '404' && wfConfig::get('max404Crawlers') != 'DISABLED' && $hitsPerMinute > wfConfig::get('max404Crawlers')){
	@@ -483,7 +483,9 @@ class wfLog {
483	public function logHitOK(){
484	if(stristr($_SERVER['REQUEST_URI'], 'wp-admin/admin-ajax.php')){ return false; } //Don't log wordpress ajax requests.
485	if(is_admin()){ return false; } //Don't log admin pageviews
486	- if(~~preg_match~~(~~'/WordPress\/' .~~ $~~this->wp_version . '/i', $~~_SERVER['HTTP_USER_AGENT'])){ ~~return false; } //Ignore requests generated by WP UA.~~


487	if($userID = get_current_user_id()){
488	if(wfConfig::get('liveTraf_ignorePublishers') && (current_user_can('publish_posts') \|\| current_user_can('publish_pages')) ){ return false; } //User is logged in and can publish, so we don't log them.
489	$user = get_userdata($userID);
	@@ -506,7 +508,7 @@ class wfLog {
506	}
507	}
508	}
509	- if(wfConfig::get('liveTraf_ignoreUA')){
510	if($_SERVER['HTTP_USER_AGENT'] == wfConfig::get('liveTraf_ignoreUA')){
511	return false;
512	}
	@@ -687,7 +689,7 @@ class wfLog {
687	exit();
688	}
689	private function googleSafetyCheckOK(){ //returns true if OK to block. Returns false if we must not block.
690	- $cacheKey = md5($_SERVER['HTTP_USER_AGENT'] . ' ' . wfUtils::getIP());
691	//Cache so we can call this multiple times in one request
692	if(! isset(self::$gbSafeCache[$cacheKey])){
693	$nb = wfConfig::get('neverBlockBG');


104	}
105	}
106	}
107	+ if(isset($_SERVER['HTTP_USER_AGENT']) && wfCrawl::isCrawler($_SERVER['HTTP_USER_AGENT'])){
108	if($type == 'hit' && wfConfig::get('maxRequestsCrawlers') != 'DISABLED' && $hitsPerMinute > wfConfig::get('maxRequestsCrawlers')){
109	$this->takeBlockingAction('maxRequestsCrawlers', "Exceeded the maximum number of requests per minute for crawlers."); //may not exit
110	} else if($type == '404' && wfConfig::get('max404Crawlers') != 'DISABLED' && $hitsPerMinute > wfConfig::get('max404Crawlers')){

483	public function logHitOK(){
484	if(stristr($_SERVER['REQUEST_URI'], 'wp-admin/admin-ajax.php')){ return false; } //Don't log wordpress ajax requests.
485	if(is_admin()){ return false; } //Don't log admin pageviews
486	+ if(isset($_SERVER['HTTP_USER_AGENT'])){
487	+ if(preg_match('/WordPress\/' . $this->wp_version . '/i', $_SERVER['HTTP_USER_AGENT'])){ return false; } //Ignore requests generated by WP UA.
488	+ }
489	if($userID = get_current_user_id()){
490	if(wfConfig::get('liveTraf_ignorePublishers') && (current_user_can('publish_posts') \|\| current_user_can('publish_pages')) ){ return false; } //User is logged in and can publish, so we don't log them.
491	$user = get_userdata($userID);

508	}
509	}
510	}
511	+ if( isset($_SERVER['HTTP_USER_AGENT']) && wfConfig::get('liveTraf_ignoreUA') ){
512	if($_SERVER['HTTP_USER_AGENT'] == wfConfig::get('liveTraf_ignoreUA')){
513	return false;
514	}

689	exit();
690	}
691	private function googleSafetyCheckOK(){ //returns true if OK to block. Returns false if we must not block.
692	+ $cacheKey = md5( (isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '') . ' ' . wfUtils::getIP());
693	//Cache so we can call this multiple times in one request
694	if(! isset(self::$gbSafeCache[$cacheKey])){
695	$nb = wfConfig::get('neverBlockBG');

lib/wfScanEngine.php CHANGED Viewed

	@@ -869,7 +869,7 @@ class wfScanEngine {
869	}
870	}
871	$timeout = self::getMaxExecutionTime() - 2; //2 seconds shorter than max execution time which ensures that only 2 HTTP processes are ever occupied
872	- $testURL = admin_url('admin-ajax.php~~') . '~~?action=wordfence_testAjax';
873	$testResult = wp_remote_post($testURL, array(
874	'timeout' => $timeout,
875	'blocking' => true,
	@@ -881,8 +881,8 @@ class wfScanEngine {
881	wfConfig::set('currentCronKey', time() . ',' . $cronKey);
882	if( (! is_wp_error($testResult)) && is_array($testResult) && strstr($testResult['body'], 'WFSCANTESTOK') !== false){
883	//ajax requests can be sent by the server to itself
884	- $cronURL = ~~admin_url(~~'admin-ajax.php');
885	- $cronURL ~~.= '?action~~=~~wordfence_doScan&isFork='~~ . ($~~isFork ? '1' : '0'~~) ~~. '&cronKey=' . $cronKey~~;
886	$headers = array();
887	wordfence::status(4, 'info', "Starting cron with normal ajax at URL $cronURL");
888	$result = wp_remote_post( $cronURL, array(


869	}
870	}
871	$timeout = self::getMaxExecutionTime() - 2; //2 seconds shorter than max execution time which ensures that only 2 HTTP processes are ever occupied
872	+ $testURL = admin_url('admin-ajax.php?action=wordfence_testAjax');
873	$testResult = wp_remote_post($testURL, array(
874	'timeout' => $timeout,
875	'blocking' => true,

881	wfConfig::set('currentCronKey', time() . ',' . $cronKey);
882	if( (! is_wp_error($testResult)) && is_array($testResult) && strstr($testResult['body'], 'WFSCANTESTOK') !== false){
883	//ajax requests can be sent by the server to itself
884	+ $cronURL = 'admin-ajax.php?action=wordfence_doScan&isFork=' . ($isFork ? '1' : '0') . '&cronKey=' . $cronKey;
885	+ $cronURL = admin_url($cronURL);
886	$headers = array();
887	wordfence::status(4, 'info', "Starting cron with normal ajax at URL $cronURL");
888	$result = wp_remote_post( $cronURL, array(

lib/wordfenceClass.php CHANGED Viewed

	@@ -699,7 +699,7 @@ class wordfence {
699	throw new Exception("We could not fetch a core WordPress file from the Wordfence API.");
700	}
701	} catch (Exception $e){
702	- return array('errorMsg' => $e->getMessage());
703	}
704	}
705	public static function ajax_addTwoFactor_callback(){
	@@ -716,12 +716,12 @@ class wordfence {
716	try {
717	$codeResult = $api->call('twoFactor_verification', array(), array('phone' => $phone));
718	} catch(Exception $e){
719	- return array('errorMsg' => "Could not contact Wordfence servers to generate a verification code: " . $e->getMessage());
720	}
721	if(isset($codeResult['ok']) && $codeResult['ok']){
722	$code = $codeResult['code'];
723	} else if(isset($codeResult['errorMsg']) && $codeResult['errorMsg']){
724	- return array('errorMsg' => $codeResult['errorMsg']);
725	} else {
726	return array('errorMsg' => "We could not generate a verification code.");
727	}
	@@ -750,7 +750,7 @@ class wordfence {
750	$user = $twoFactorUsers[$i];
751	break;
752	} else {
753	- return array('errorMsg' => "That is not the correct code. Please look for an SMS containing an activation code on the phone with number: " . $twoFactorUsers[$i][1]);
754	}
755	}
756	}
	@@ -982,7 +982,7 @@ class wordfence {
982	throw new Exception("Could not understand the response we received from the Wordfence servers when applying for a free API key.");
983	}
984	} catch(Exception $e){
985	- return array('errorMsg' => "Could not fetch free API key from Wordfence: " . $e->getMessage());
986	}
987	return array('ok' => 1);
988	}
	@@ -1007,7 +1007,7 @@ class wordfence {
1007	}
1008	}
1009	if(sizeof($badEmails) > 0){
1010	- return array('errorMsg' => "The following emails are invalid: " . implode(', ', $badEmails));
1011	}
1012	$opts['alertEmails'] = implode(',', $emails);
1013	} else {
	@@ -1027,7 +1027,7 @@ class wordfence {
1027	}
1028	}
1029	if(sizeof($badWhiteIPs) > 0){
1030	- return array('errorMsg' => "Please make sure you separate your IP addresses with commas. The following whitelisted IP addresses are invalid: " . implode(', ', $badWhiteIPs));
1031	}
1032	$opts['whitelisted'] = implode(',', $whiteIPs);
1033	} else {
	@@ -1051,7 +1051,7 @@ class wordfence {
1051	}
1052
1053	if(sizeof($invalidUsers) > 0){
1054	- return array('errorMsg' => "The following users you selected to ignore in live traffic reports are not valid on this system: " . implode(', ', $invalidUsers));
1055	}
1056	if(sizeof($validUsers) > 0){
1057	$opts['liveTraf_ignoreUsers'] = implode(',', $validUsers);
	@@ -1071,7 +1071,7 @@ class wordfence {
1071	}
1072	}
1073	if(sizeof($invalidIPs) > 0){
1074	- return array('errorMsg' => "The following IPs you selected to ignore in live traffic reports are not valid: " . implode(', ', $invalidIPs));
1075	}
1076	if(sizeof($validIPs) > 0){
1077	$opts['liveTraf_ignoreIPs'] = implode(',', $validIPs);
	@@ -1114,7 +1114,7 @@ class wordfence {
1114	throw new Exception("We could not understand the Wordfence server's response because it did not contain an 'ok' and 'apiKey' element.");
1115	}
1116	} catch(Exception $e){
1117	- return array('errorMsg' => "Your options have been saved, but we encountered a problem. You left your API key blank, so we tried to get you a free API key from the Wordfence servers. However we encountered a problem fetching the free key: " . $e->getMessage());
1118	}
1119	} else if($opts['apiKey'] != wfConfig::get('apiKey')){
1120	$api = new wfAPI($opts['apiKey'], wfUtils::getWPVersion());
	@@ -1131,7 +1131,7 @@ class wordfence {
1131	throw new Exception("We could not understand the Wordfence API server reply when updating your API key.");
1132	}
1133	} catch (Exception $e){
1134	- return array('errorMsg' => "Your options have been saved. However we noticed you changed your API key and we tried to verify it with the Wordfence servers and received an error: " . $e->getMessage());
1135	}
1136	}
1137	return array('ok' => 1, 'reload' => $reload, 'paidKeyMsg' => $paidKeyMsg );
	@@ -1207,7 +1207,7 @@ class wordfence {
1207	}
1208	$clientIP = wfUtils::inet_aton(wfUtils::getIP());
1209	if($ip1 <= $clientIP && $ip2 >= $clientIP){
1210	- return array('err' => 1, 'errorMsg' => "You are trying to block yourself. Your IP address is " . wfUtils::getIP() . " which falls into the range $ipRange. This blocking action has been cancelled so that you don't block yourself from your website.");
1211	}
1212	$ipRange = $ip1 . '-' . $ip2;
1213	}
	@@ -1233,7 +1233,7 @@ class wordfence {
1233	return array('err' => 1, 'errorMsg' => "You can't block your own IP address.");
1234	}
1235	if(self::getLog()->isWhitelisted($IP)){
1236	- return array('err' => 1, 'errorMsg' => "The IP address $IP is whitelisted and can't be blocked or it is in a range of internal IP addresses that Wordfence does not block. You can remove this IP from the whitelist on the Wordfence options page.");
1237	}
1238	if(wfConfig::get('neverBlockBG') != 'treatAsOtherCrawlers'){ //Either neverBlockVerified or neverBlockUA is selected which means the user doesn't want to block google
1239	if(wfCrawl::verifyCrawlerPTR('/googlebot\.com$/i', $IP)){
	@@ -1358,7 +1358,7 @@ class wordfence {
1358	);
1359	} else {
1360	$err = error_get_last();
1361	- return array('errorMsg' => "Could not delete file $file. The error was: " . $err['message']);
1362	}
1363	}
1364	public static function ajax_restoreFile_callback(){
	@@ -1408,7 +1408,7 @@ class wordfence {
1408	self::status(4, 'info', "Ajax request received to start scan.");
1409	$err = wfScanEngine::startScan();
1410	if($err){
1411	- return array('errorMsg' => $err);
1412	} else {
1413	return array("ok" => 1);
1414	}
	@@ -1524,8 +1524,7 @@ class wordfence {
1524	exit();
1525	}
1526	public static function wp_head(){
1527	- $URL = admin_url('admin-ajax.php');
1528	- $URL .= '?action=wordfence_logHuman&hid=' . wfUtils::encrypt(self::$hitID);
1529	echo '<script type="text/javascript">var src="' . $URL . '"; if(window.location.protocol == "https:"){ src = src.replace("http:", "https:"); } var wfHTImg = new Image(); wfHTImg.src=src;</script>';
1530	}
1531	public static function shutdownAction(){
	@@ -1594,7 +1593,7 @@ class wordfence {
1594	public static function wfFunc_diff(){
1595	$result = self::getWPFileContent($_GET['file'], $_GET['cType'], $_GET['cName'], $_GET['cVersion']);
1596	if( isset( $result['errorMsg'] ) && $result['errorMsg']){
1597	- echo $result['errorMsg'];
1598	exit(0);
1599	} else if(! $result['fileContent']){
1600	echo "We could not get the contents of the original file to do a comparison.";


699	throw new Exception("We could not fetch a core WordPress file from the Wordfence API.");
700	}
701	} catch (Exception $e){
702	+ return array('errorMsg' => htmlentities($e->getMessage()));
703	}
704	}
705	public static function ajax_addTwoFactor_callback(){

716	try {
717	$codeResult = $api->call('twoFactor_verification', array(), array('phone' => $phone));
718	} catch(Exception $e){
719	+ return array('errorMsg' => "Could not contact Wordfence servers to generate a verification code: " . htmlentities($e->getMessage()) );
720	}
721	if(isset($codeResult['ok']) && $codeResult['ok']){
722	$code = $codeResult['code'];
723	} else if(isset($codeResult['errorMsg']) && $codeResult['errorMsg']){
724	+ return array('errorMsg' => htmlentities($codeResult['errorMsg']));
725	} else {
726	return array('errorMsg' => "We could not generate a verification code.");
727	}

750	$user = $twoFactorUsers[$i];
751	break;
752	} else {
753	+ return array('errorMsg' => "That is not the correct code. Please look for an SMS containing an activation code on the phone with number: " . htmlentities($twoFactorUsers[$i][1]) );
754	}
755	}
756	}

982	throw new Exception("Could not understand the response we received from the Wordfence servers when applying for a free API key.");
983	}
984	} catch(Exception $e){
985	+ return array('errorMsg' => "Could not fetch free API key from Wordfence: " . htmlentities($e->getMessage()));
986	}
987	return array('ok' => 1);
988	}

1007	}
1008	}
1009	if(sizeof($badEmails) > 0){
1010	+ return array('errorMsg' => "The following emails are invalid: " . htmlentities(implode(', ', $badEmails)) );
1011	}
1012	$opts['alertEmails'] = implode(',', $emails);
1013	} else {

1027	}
1028	}
1029	if(sizeof($badWhiteIPs) > 0){
1030	+ return array('errorMsg' => "Please make sure you separate your IP addresses with commas. The following whitelisted IP addresses are invalid: " . htmlentities(implode(', ', $badWhiteIPs)) );
1031	}
1032	$opts['whitelisted'] = implode(',', $whiteIPs);
1033	} else {

1051	}
1052
1053	if(sizeof($invalidUsers) > 0){
1054	+ return array('errorMsg' => "The following users you selected to ignore in live traffic reports are not valid on this system: " . htmlentities(implode(', ', $invalidUsers)) );
1055	}
1056	if(sizeof($validUsers) > 0){
1057	$opts['liveTraf_ignoreUsers'] = implode(',', $validUsers);

1071	}
1072	}
1073	if(sizeof($invalidIPs) > 0){
1074	+ return array('errorMsg' => "The following IPs you selected to ignore in live traffic reports are not valid: " . htmlentities(implode(', ', $invalidIPs)) );
1075	}
1076	if(sizeof($validIPs) > 0){
1077	$opts['liveTraf_ignoreIPs'] = implode(',', $validIPs);

1114	throw new Exception("We could not understand the Wordfence server's response because it did not contain an 'ok' and 'apiKey' element.");
1115	}
1116	} catch(Exception $e){
1117	+ return array('errorMsg' => "Your options have been saved, but we encountered a problem. You left your API key blank, so we tried to get you a free API key from the Wordfence servers. However we encountered a problem fetching the free key: " . htmlentities($e->getMessage()) );
1118	}
1119	} else if($opts['apiKey'] != wfConfig::get('apiKey')){
1120	$api = new wfAPI($opts['apiKey'], wfUtils::getWPVersion());

1131	throw new Exception("We could not understand the Wordfence API server reply when updating your API key.");
1132	}
1133	} catch (Exception $e){
1134	+ return array('errorMsg' => "Your options have been saved. However we noticed you changed your API key and we tried to verify it with the Wordfence servers and received an error: " . htmlentities($e->getMessage()) );
1135	}
1136	}
1137	return array('ok' => 1, 'reload' => $reload, 'paidKeyMsg' => $paidKeyMsg );

1207	}
1208	$clientIP = wfUtils::inet_aton(wfUtils::getIP());
1209	if($ip1 <= $clientIP && $ip2 >= $clientIP){
1210	+ return array('err' => 1, 'errorMsg' => "You are trying to block yourself. Your IP address is " . htmlentities(wfUtils::getIP()) . " which falls into the range " . htmlentities($ipRange) . ". This blocking action has been cancelled so that you don't block yourself from your website.");
1211	}
1212	$ipRange = $ip1 . '-' . $ip2;
1213	}

1233	return array('err' => 1, 'errorMsg' => "You can't block your own IP address.");
1234	}
1235	if(self::getLog()->isWhitelisted($IP)){
1236	+ return array('err' => 1, 'errorMsg' => "The IP address " . htmlentities($IP) . " is whitelisted and can't be blocked or it is in a range of internal IP addresses that Wordfence does not block. You can remove this IP from the whitelist on the Wordfence options page.");
1237	}
1238	if(wfConfig::get('neverBlockBG') != 'treatAsOtherCrawlers'){ //Either neverBlockVerified or neverBlockUA is selected which means the user doesn't want to block google
1239	if(wfCrawl::verifyCrawlerPTR('/googlebot\.com$/i', $IP)){

1358	);
1359	} else {
1360	$err = error_get_last();
1361	+ return array('errorMsg' => "Could not delete file " . htmlentities($file) . ". The error was: " . htmlentities($err['message']));
1362	}
1363	}
1364	public static function ajax_restoreFile_callback(){

1408	self::status(4, 'info', "Ajax request received to start scan.");
1409	$err = wfScanEngine::startScan();
1410	if($err){
1411	+ return array('errorMsg' => htmlentities($err));
1412	} else {
1413	return array("ok" => 1);
1414	}

1524	exit();
1525	}
1526	public static function wp_head(){
1527	+ $URL = admin_url('admin-ajax.php?action=wordfence_logHuman&hid=' . wfUtils::encrypt(self::$hitID));

1528	echo '<script type="text/javascript">var src="' . $URL . '"; if(window.location.protocol == "https:"){ src = src.replace("http:", "https:"); } var wfHTImg = new Image(); wfHTImg.src=src;</script>';
1529	}
1530	public static function shutdownAction(){

1593	public static function wfFunc_diff(){
1594	$result = self::getWPFileContent($_GET['file'], $_GET['cType'], $_GET['cName'], $_GET['cVersion']);
1595	if( isset( $result['errorMsg'] ) && $result['errorMsg']){
1596	+ echo htmlentities($result['errorMsg']);
1597	exit(0);
1598	} else if(! $result['fileContent']){
1599	echo "We could not get the contents of the original file to do a comparison.";

readme.txt CHANGED Viewed

	@@ -2,8 +2,8 @@
2	Contributors: mmaunder
3	Tags: wordpress, security, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security
4	Requires at least: 3.3.1
5	- Tested up to: 3.6
6	- Stable tag: 3.8.3
7
8	Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
9
	@@ -150,6 +150,15 @@ cause a security hole on your site.
150
151	== Changelog ==
152









153	= 3.8.3 =
154	* Updated GeoIP database for country blocking security.
155	* Fixed bug in Wordfence Security where we called reverseLookup in wfUtils statically and it's a non-static method. Thanks Juliette.


2	Contributors: mmaunder
3	Tags: wordpress, security, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security
4	Requires at least: 3.3.1
5	+ Tested up to: 3.6.1
6	+ Stable tag: 3.8.4
7
8	Wordfence Security is a free enterprise class security plugin that includes a firewall, virus scanning, real-time traffic with geolocation and more.
9

150
151	== Changelog ==
152
153	+ = 3.8.4 =
154	+ * Removed Wordfence .htaccess because it doesn't offer any security functionality and increases incompatibility.
155	+ * Fixed spelling errors.
156	+ * Added check to see if $_SERVER['HTTP_USER_AGENT'] is defined before using it to suppress large number of warnings on some sites.
157	+ * Changed the way we call admin_url() to the correct syntax.
158	+ * Correctly escaped HTML on error messages.
159	+ * Fixed issue that generated non-compliant query string.
160	+ * Updated GeoIP database to newest version.
161	+
162	= 3.8.3 =
163	* Updated GeoIP database for country blocking security.
164	* Fixed bug in Wordfence Security where we called reverseLookup in wfUtils statically and it's a non-static method. Thanks Juliette.

wordfence.php CHANGED Viewed

	@@ -4,10 +4,10 @@ Plugin Name: Wordfence Security
4	Plugin URI: http://www.wordfence.com/
5	Description: Wordfence Security - Anti-virus and Firewall security plugin for WordPress
6	Author: Mark Maunder
7	- Version: 3.8.3
8	Author URI: http://www.wordfence.com/
9	*/
10	- define('WORDFENCE_VERSION', '3.8.3');
11	if(get_option('wordfenceActivated') != 1){
12	add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
13	}


4	Plugin URI: http://www.wordfence.com/
5	Description: Wordfence Security - Anti-virus and Firewall security plugin for WordPress
6	Author: Mark Maunder
7	+ Version: 3.8.4
8	Author URI: http://www.wordfence.com/
9	*/
10	+ define('WORDFENCE_VERSION', '3.8.4');
11	if(get_option('wordfenceActivated') != 1){
12	add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
13	}

Wordfence Security – Firewall & Malware Scan - Version 3.8.4

Version Description

Release Info

Code changes from version 3.8.3 to 3.8.4