Wordfence Security – Firewall &amp; Malware Scan

Version Description

Feature: Country blocking now lets you block login page OR rest of site or any combination. So you can now block the login page only for example.
Improvement: Upgraded the country blocking database to the newest version which is July 2014.
Improvement: Improved server-side performance for Wordfence scanning.
Improvement: Offer the option to keep Wordfence up-to-date automatically.
Improvement: If file contains malicious code, include filename in email alert summary info.
Fix: Removed strings in readme.txt that were causing false positives in hosts own scanning software.
Fix: Prevent lockout email alerts being sent for blank usernames.

Release Info

Developer	mmaunder
Plugin	Wordfence Security – Firewall & Malware Scan
Version	5.1.6
Comparing to
See all releases

Code changes from version 5.1.5 to 5.1.6

Files changed (10) hide show

js/admin.js +2 -0
js/tourTip.js +8 -0
lib/GeoIP.dat +0 -0
lib/menu_countryBlocking.php +2 -1
lib/wfLog.php +2 -0
lib/wfUtils.php +1 -0
lib/wordfenceClass.php +34 -3
lib/wordfenceScanner.php +2 -2
readme.txt +11 -14
wordfence.php +2 -2

js/admin.js CHANGED Viewed

	@@ -1393,6 +1393,7 @@ window['wordfenceAdmin'] = {
1393	var redirURL = jQuery('#wfRedirURL').val();
1394	var loggedInBlocked = jQuery('#wfLoggedInBlocked').is(':checked') ? '1' : '0';
1395	var loginFormBlocked = jQuery('#wfLoginFormBlocked').is(':checked') ? '1' : '0';

1396	var bypassRedirURL = jQuery('#wfBypassRedirURL').val();
1397	var bypassRedirDest = jQuery('#wfBypassRedirDest').val();
1398	var bypassViewURL = jQuery('#wfBypassViewURL').val();
	@@ -1404,6 +1405,7 @@ window['wordfenceAdmin'] = {
1404	redirURL: redirURL,
1405	loggedInBlocked: loggedInBlocked,
1406	loginFormBlocked: loginFormBlocked,

1407	bypassRedirURL: bypassRedirURL,
1408	bypassRedirDest: bypassRedirDest,
1409	bypassViewURL: bypassViewURL,


1393	var redirURL = jQuery('#wfRedirURL').val();
1394	var loggedInBlocked = jQuery('#wfLoggedInBlocked').is(':checked') ? '1' : '0';
1395	var loginFormBlocked = jQuery('#wfLoginFormBlocked').is(':checked') ? '1' : '0';
1396	+ var restOfSiteBlocked = jQuery('#wfRestOfSiteBlocked').is(':checked') ? '1' : '0';
1397	var bypassRedirURL = jQuery('#wfBypassRedirURL').val();
1398	var bypassRedirDest = jQuery('#wfBypassRedirDest').val();
1399	var bypassViewURL = jQuery('#wfBypassViewURL').val();

1405	redirURL: redirURL,
1406	loggedInBlocked: loggedInBlocked,
1407	loginFormBlocked: loginFormBlocked,
1408	+ restOfSiteBlocked: restOfSiteBlocked,
1409	bypassRedirURL: bypassRedirURL,
1410	bypassRedirDest: bypassRedirDest,
1411	bypassViewURL: bypassViewURL,

js/tourTip.js CHANGED Viewed

	@@ -17,6 +17,14 @@ window['wordfenceExt'] = {
17	jQuery('#wordfenceWorking').remove();
18	}
19	},








20	removeFromCache: function(postID){
21	this.ajax('wordfence_removeFromCache', {
22	id: postID


17	jQuery('#wordfenceWorking').remove();
18	}
19	},
20	+ autoUpdateChoice: function(choice){
21	+ this.ajax('wordfence_autoUpdateChoice', {
22	+ choice: choice
23	+ },
24	+ function(res){ jQuery('#wordfenceAutoUpdateChoice').fadeOut(); },
25	+ function(){ jQuery('#wordfenceAutoUpdateChoice').fadeOut(); }
26	+ );
27	+ },
28	removeFromCache: function(postID){
29	this.ajax('wordfence_removeFromCache', {
30	id: postID

lib/GeoIP.dat CHANGED Viewed

Binary file

lib/menu_countryBlocking.php CHANGED Viewed

	@@ -40,7 +40,8 @@ WFAD.countryMap = <?php echo json_encode($wfBulkCountries); ?>;
40	</td></tr>
41	<tr><th>URL to redirect blocked users to:</th><td><input type="text" id="wfRedirURL" value="<?php if(wfConfig::get('cbl_redirURL')){ echo htmlspecialchars(wfConfig::get('cbl_redirURL')); } ?>" /></td></tr>
42	<tr><th>Block countries even if they are logged in:</th><td><input type="checkbox" id="wfLoggedInBlocked" value="1" <?php if(wfConfig::get('cbl_loggedInBlocked')){ echo 'checked'; } ?> /></td></tr>
43	- <tr><th>Block access to the login form ~~too~~:</th><td><input type="checkbox" id="wfLoginFormBlocked" value="1" <?php if(wfConfig::get('cbl_loginFormBlocked')){ echo 'checked'; } ?> /></td></tr>

44	<tr><td colspan="2"><h2>Advanced Country Blocking Options</h2></td></tr>
45	<tr><th colspan="2">
46	If user hits the URL


40	</td></tr>
41	<tr><th>URL to redirect blocked users to:</th><td><input type="text" id="wfRedirURL" value="<?php if(wfConfig::get('cbl_redirURL')){ echo htmlspecialchars(wfConfig::get('cbl_redirURL')); } ?>" /></td></tr>
42	<tr><th>Block countries even if they are logged in:</th><td><input type="checkbox" id="wfLoggedInBlocked" value="1" <?php if(wfConfig::get('cbl_loggedInBlocked')){ echo 'checked'; } ?> /></td></tr>
43	+ <tr><th>Block access to the login form:</th><td><input type="checkbox" id="wfLoginFormBlocked" value="1" <?php if(wfConfig::get('cbl_loginFormBlocked')){ echo 'checked'; } ?> /></td></tr>
44	+ <tr><th>Block access to the rest of the site (outside the login form):</th><td><input type="checkbox" id="wfRestOfSiteBlocked" value="1" <?php if(wfConfig::get('cbl_restOfSiteBlocked')){ echo 'checked'; } ?> /></td></tr>
45	<tr><td colspan="2"><h2>Advanced Country Blocking Options</h2></td></tr>
46	<tr><th colspan="2">
47	If user hits the URL

lib/wfLog.php CHANGED Viewed

	@@ -703,6 +703,8 @@ class wfLog {
703	//Do nothing
704	} else if(strpos($_SERVER['REQUEST_URI'], '/wp-login.php') !== false && (! wfConfig::get('cbl_loginFormBlocked', false)) ){ //It's the login form and we're allowing that
705	//Do nothing


706	} else {
707	if($country = wfUtils::IP2Country($IP) ){
708	foreach(explode(',', $blockedCountries) as $blocked){


703	//Do nothing
704	} else if(strpos($_SERVER['REQUEST_URI'], '/wp-login.php') !== false && (! wfConfig::get('cbl_loginFormBlocked', false)) ){ //It's the login form and we're allowing that
705	//Do nothing
706	+ } else if(strpos($_SERVER['REQUEST_URI'], '/wp-login.php') === false && (! wfConfig::get('cbl_restOfSiteBlocked', false)) ){ //It's the rest of the site and we're allowing that
707	+ //Do nothing
708	} else {
709	if($country = wfUtils::IP2Country($IP) ){
710	foreach(explode(',', $blockedCountries) as $blocked){

lib/wfUtils.php CHANGED Viewed

	@@ -135,6 +135,7 @@ class wfUtils {
135	}
136	public static function getIP(){
137	//You can use the following examples to force Wordfence to think a visitor has a certain IP if you're testing. Remember to re-comment this out or you will break Wordfence badly.

138	//return '1.2.3.4';
139	//return self::makeRandomIP();
140


135	}
136	public static function getIP(){
137	//You can use the following examples to force Wordfence to think a visitor has a certain IP if you're testing. Remember to re-comment this out or you will break Wordfence badly.
138	+ //return '1.2.33.57';
139	//return '1.2.3.4';
140	//return self::makeRandomIP();
141

lib/wordfenceClass.php CHANGED Viewed

	@@ -234,6 +234,10 @@ class wordfence {
234	//Remove old legacy cron job if exists
235	wp_clear_scheduled_hook('wordfence_scheduled_scan');
236




237
238	$schema = new wfSchema();
239	$schema->createAll(); //if not exists
	@@ -835,7 +839,9 @@ class wordfence {
835	}
836	}
837	if(wfConfig::get('loginSec_lockInvalidUsers')){
838	- ~~self::lockOutIP~~($~~IP,~~ ~~"Used~~ an ~~invalid~~ ~~username~~ '" . $_POST['log'] ~~. "' to try to sign in."~~);


839	require('wfLockedOut.php');
840	}
841	}
	@@ -1230,6 +1236,7 @@ class wordfence {
1230	wfConfig::set('cbl_redirURL', $_POST['redirURL']);
1231	wfConfig::set('cbl_loggedInBlocked', $_POST['loggedInBlocked']);
1232	wfConfig::set('cbl_loginFormBlocked', $_POST['loginFormBlocked']);

1233	wfConfig::set('cbl_bypassRedirURL', $_POST['bypassRedirURL']);
1234	wfConfig::set('cbl_bypassRedirDest', $_POST['bypassRedirDest']);
1235	wfConfig::set('cbl_bypassViewURL', $_POST['bypassViewURL']);
	@@ -1317,6 +1324,16 @@ class wordfence {
1317	}
1318	return $newVal;
1319	}










1320	public static function ajax_removeFromCache_callback(){
1321	$id = $_POST['id'];
1322	$link = get_permalink($id);
	@@ -2386,7 +2403,7 @@ EOL;
2386	}
2387	public static function admin_init(){
2388	if(! wfUtils::isAdmin()){ return; }
2389	- foreach(array('activate', 'scan', 'updateAlertEmail', 'sendActivityLog', 'restoreFile', 'bulkOperation', 'deleteFile', 'removeExclusion', 'activityLogUpdate', 'ticker', 'loadIssues', 'updateIssueStatus', 'deleteIssue', 'updateAllIssues', 'reverseLookup', 'unlockOutIP', 'loadBlockRanges', 'unblockRange', 'blockIPUARange', 'whois', 'unblockIP', 'blockIP', 'permBlockIP', 'loadStaticPanel', 'saveConfig', 'downloadHtaccess', 'checkFalconHtaccess', 'updateConfig', 'saveCacheConfig', 'removeFromCache', 'saveCacheOptions', 'clearPageCache', 'getCacheStats', 'clearAllBlocked', 'killScan', 'saveCountryBlocking', 'saveScanSchedule', 'tourClosed', 'startTourAgain', 'downgradeLicense', 'addTwoFactor', 'twoFacActivate', 'twoFacDel', 'loadTwoFactor', 'loadAvgSitePerf', 'addCacheExclusion', 'removeCacheExclusion', 'loadCacheExclusions') as $func){
2390	add_action('wp_ajax_wordfence_' . $func, 'wordfence::ajaxReceiver');
2391	}
2392
	@@ -2404,6 +2421,7 @@ EOL;
2404	wp_enqueue_script('jquery.wfdataTables', wfUtils::getBaseURL() . 'js/jquery.dataTables.min.js', array('jquery'), WORDFENCE_VERSION);
2405	//wp_enqueue_script('jquery.tools', wfUtils::getBaseURL() . 'js/jquery.tools.min.js', array('jquery'));
2406	wp_enqueue_script('wordfenceAdminjs', wfUtils::getBaseURL() . 'js/admin.js', array('jquery'), WORDFENCE_VERSION);

2407	self::setupAdminVars();
2408	} else {
2409	wp_enqueue_style('wp-pointer');
	@@ -2447,7 +2465,9 @@ EOL;
2447	public static function adminEmailWarning(){
2448	echo '<div id="wordfenceConfigWarning" class="fade error"><p><strong>You have not set an administrator email address to receive alerts for Wordfence.</strong> Please <a href="' . self::getMyOptionsURL() . '">click here to go to the Wordfence Options Page</a> and set an email address where you will receive security alerts from this site.</p></div>';
2449	}
2450	-


2451	public static function admin_menus(){
2452	if(! wfUtils::isAdmin()){ return; }
2453	$warningAdded = false;
	@@ -2467,8 +2487,19 @@ EOL;
2467	}
2468	$warningAdded = true;
2469	}










2470	if(! $warningAdded){
2471	if(wfConfig::get('tourClosed') == '1' && (! wfConfig::get('alertEmails')) ){

2472	if(wfUtils::isAdminPageMU()){
2473	add_action('network_admin_notices', 'wordfence::adminEmailWarning');
2474	} else {


234	//Remove old legacy cron job if exists
235	wp_clear_scheduled_hook('wordfence_scheduled_scan');
236
237	+ $restOfSite = wfConfig::get('cbl_restOfSiteBlocked', 'notset');
238	+ if($restOfSite == 'notset'){
239	+ wfConfig::set('cbl_restOfSiteBlocked', '1');
240	+ }
241
242	$schema = new wfSchema();
243	$schema->createAll(); //if not exists

839	}
840	}
841	if(wfConfig::get('loginSec_lockInvalidUsers')){
842	+ if(strlen($_POST['log']) > 0 && preg_match('/[^\r\s\n\t]+/', $_POST['log'])){
843	+ self::lockOutIP($IP, "Used an invalid username '" . $_POST['log'] . "' to try to sign in.");
844	+ }
845	require('wfLockedOut.php');
846	}
847	}

1236	wfConfig::set('cbl_redirURL', $_POST['redirURL']);
1237	wfConfig::set('cbl_loggedInBlocked', $_POST['loggedInBlocked']);
1238	wfConfig::set('cbl_loginFormBlocked', $_POST['loginFormBlocked']);
1239	+ wfConfig::set('cbl_restOfSiteBlocked', $_POST['restOfSiteBlocked']);
1240	wfConfig::set('cbl_bypassRedirURL', $_POST['bypassRedirURL']);
1241	wfConfig::set('cbl_bypassRedirDest', $_POST['bypassRedirDest']);
1242	wfConfig::set('cbl_bypassViewURL', $_POST['bypassViewURL']);

1324	}
1325	return $newVal;
1326	}
1327	+ public static function ajax_autoUpdateChoice_callback(){
1328	+ $choice = $_POST['choice'];
1329	+ wfConfig::set('autoUpdateChoice', '1');
1330	+ if($choice == 'yes'){
1331	+ wfConfig::set('autoUpdate', '1');
1332	+ } else {
1333	+ wfConfig::set('autoUpdate', '0');
1334	+ }
1335	+ return array('ok' => 1);
1336	+ }
1337	public static function ajax_removeFromCache_callback(){
1338	$id = $_POST['id'];
1339	$link = get_permalink($id);

2403	}
2404	public static function admin_init(){
2405	if(! wfUtils::isAdmin()){ return; }
2406	+ foreach(array('activate', 'scan', 'updateAlertEmail', 'sendActivityLog', 'restoreFile', 'bulkOperation', 'deleteFile', 'removeExclusion', 'activityLogUpdate', 'ticker', 'loadIssues', 'updateIssueStatus', 'deleteIssue', 'updateAllIssues', 'reverseLookup', 'unlockOutIP', 'loadBlockRanges', 'unblockRange', 'blockIPUARange', 'whois', 'unblockIP', 'blockIP', 'permBlockIP', 'loadStaticPanel', 'saveConfig', 'downloadHtaccess', 'checkFalconHtaccess', 'updateConfig', 'saveCacheConfig', 'removeFromCache', 'autoUpdateChoice', 'saveCacheOptions', 'clearPageCache', 'getCacheStats', 'clearAllBlocked', 'killScan', 'saveCountryBlocking', 'saveScanSchedule', 'tourClosed', 'startTourAgain', 'downgradeLicense', 'addTwoFactor', 'twoFacActivate', 'twoFacDel', 'loadTwoFactor', 'loadAvgSitePerf', 'addCacheExclusion', 'removeCacheExclusion', 'loadCacheExclusions') as $func){
2407	add_action('wp_ajax_wordfence_' . $func, 'wordfence::ajaxReceiver');
2408	}
2409

2421	wp_enqueue_script('jquery.wfdataTables', wfUtils::getBaseURL() . 'js/jquery.dataTables.min.js', array('jquery'), WORDFENCE_VERSION);
2422	//wp_enqueue_script('jquery.tools', wfUtils::getBaseURL() . 'js/jquery.tools.min.js', array('jquery'));
2423	wp_enqueue_script('wordfenceAdminjs', wfUtils::getBaseURL() . 'js/admin.js', array('jquery'), WORDFENCE_VERSION);
2424	+ wp_enqueue_script('wordfenceAdminExtjs', wfUtils::getBaseURL() . 'js/tourTip.js', array('jquery'), WORDFENCE_VERSION);
2425	self::setupAdminVars();
2426	} else {
2427	wp_enqueue_style('wp-pointer');

2465	public static function adminEmailWarning(){
2466	echo '<div id="wordfenceConfigWarning" class="fade error"><p><strong>You have not set an administrator email address to receive alerts for Wordfence.</strong> Please <a href="' . self::getMyOptionsURL() . '">click here to go to the Wordfence Options Page</a> and set an email address where you will receive security alerts from this site.</p></div>';
2467	}
2468	+ public static function autoUpdateNotice(){
2469	+ echo '<div id="wordfenceAutoUpdateChoice" class="fade error"><p><strong>Do you want Wordfence to stay up-to-date automatically?</strong>   <a href="#" onclick="wordfenceExt.autoUpdateChoice(\'yes\'); return false;">Yes, enable auto-update.</a>  \|  <a href="#" onclick="wordfenceExt.autoUpdateChoice(\'no\'); return false;">No thanks.</a></p></div>';
2470	+ }
2471	public static function admin_menus(){
2472	if(! wfUtils::isAdmin()){ return; }
2473	$warningAdded = false;

2487	}
2488	$warningAdded = true;
2489	}
2490	+ if(! $warningAdded){
2491	+ if(wfConfig::get('tourClosed') == '1' && (! wfConfig::get('autoUpdate')) && (! wfConfig::get('autoUpdateChoice'))){
2492	+ $warningAdded = true;
2493	+ if(wfUtils::isAdminPageMU()){
2494	+ add_action('network_admin_notices', 'wordfence::autoUpdateNotice');
2495	+ } else {
2496	+ add_action('admin_notices', 'wordfence::autoUpdateNotice');
2497	+ }
2498	+ }
2499	+ }
2500	if(! $warningAdded){
2501	if(wfConfig::get('tourClosed') == '1' && (! wfConfig::get('alertEmails')) ){
2502	+ $warningAdded = true;
2503	if(wfUtils::isAdminPageMU()){
2504	add_action('network_admin_notices', 'wordfence::adminEmailWarning');
2505	} else {

lib/wordfenceScanner.php CHANGED Viewed

	@@ -177,7 +177,7 @@ class wordfenceScanner {
177	'severity' => 1,
178	'ignoreP' => $this->path . $file,
179	'ignoreC' => $fileSum,
180	- 'shortMsg' => "This file may contain malicious executable code",
181	'longMsg' => "This file is a PHP executable file and contains an " . $this->patterns['word1'] . " function and " . $this->patterns['word2'] . " decoding function on the same line. This is a common technique used by hackers to hide and execute code. If you know about this file you can choose to ignore it to exclude it from future scans.",
182	'data' => array(
183	'file' => $file,
	@@ -206,7 +206,7 @@ class wordfenceScanner {
206	'severity' => 1,
207	'ignoreP' => $this->path . $file,
208	'ignoreC' => $fileSum,
209	- 'shortMsg' => "This file may contain malicious executable code",
210	'longMsg' => "This file is a PHP executable file and contains the word 'eval' (without quotes) and the word '" . $badStringFound . "' (without quotes). The eval() function along with an encoding function like the one mentioned are commonly used by hackers to hide their code. If you know about this file you can choose to ignore it to exclude it from future scans.",
211	'data' => array(
212	'file' => $file,


177	'severity' => 1,
178	'ignoreP' => $this->path . $file,
179	'ignoreC' => $fileSum,
180	+ 'shortMsg' => "This file may contain malicious executable code: " . $this->path . $file,
181	'longMsg' => "This file is a PHP executable file and contains an " . $this->patterns['word1'] . " function and " . $this->patterns['word2'] . " decoding function on the same line. This is a common technique used by hackers to hide and execute code. If you know about this file you can choose to ignore it to exclude it from future scans.",
182	'data' => array(
183	'file' => $file,

206	'severity' => 1,
207	'ignoreP' => $this->path . $file,
208	'ignoreC' => $fileSum,
209	+ 'shortMsg' => "This file may contain malicious executable code" . $this->path . $file,
210	'longMsg' => "This file is a PHP executable file and contains the word 'eval' (without quotes) and the word '" . $badStringFound . "' (without quotes). The eval() function along with an encoding function like the one mentioned are commonly used by hackers to hide their code. If you know about this file you can choose to ignore it to exclude it from future scans.",
211	'data' => array(
212	'file' => $file,

readme.txt CHANGED Viewed

	@@ -3,7 +3,7 @@ Contributors: mmaunder
3	Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching
4	Requires at least: 3.3.1
5	Tested up to: 3.9.1
6	- Stable tag: 5.1.5
7
8	Wordfence Security is a free enterprise class security and performance plugin that makes your site up to 50 times faster and more secure.
9
	@@ -163,6 +163,15 @@ cause a security hole on your site.
163
164	== Changelog ==
165









166	= 5.1.5 =
167	* Fix: Bing crawler was being misidentified as human. Fixed.
168	* Fix: Escaping HTML on whois records. Thanks Nikhil Srivastava, TechDefencelabs (http://techdefencelabs.com)
	@@ -580,19 +589,7 @@ cause a security hole on your site.
580	* Updated to the new Libyan flag.
581	* Fixed mysql_ping() reconnection to DB generating warnings.
582	* Fixed issue that caused scans to hang. Wordfence Security now processes smaller batches of files before checking if it needs to fork.
583	- * ~~Security~~ ~~scan~~ for ~~backdoors:~~ ~~"s72~~ ~~Shell", "r57~~ ~~kartal", "r57shell", "rootshell", "r57", "r57~~ ~~Mohajer22", "r57~~ ~~iFX", "php~~ ~~backdoor", "phpRemoteView"~~
584	- * Security scan for backdoors: "nstview", "nshell", "mysql tool", "nsTView", "matamu", "mysql shell", "load shell", "ironshell", "lamashell", "hiddens shell"
585	- * Security scan for backdoors: "h4ntu shell", "go shell", "dC3 Shell", "gfs sh", "cybershell", "c99 w4cking", "ctt sh"
586	- * Security scan for backdoors: "c99 madnet", "c99 locus7s", "c99 PSych0", "c99", "c0derz shell", "accept language", "Web shell"
587	- * Security scan for backdoors: "aZRaiLPhp", "SnIpEr SA Shell", "Safe0ver Shell"
588	- * Security scan for backdoors: "SimShell", "Rootshell", "Predator", "PhpSpy", "PHPJackal", "PHANTASMA", "PHP Shell"
589	- * Security scan for backdoors: "NTDaddy", "NetworkFileManagerPHP", "NIX REMOTE WEB SHELL", "NGH"
590	- * Security scan for backdoors: "NFM", "Mysql interface", "NCC Shell", "MySQL Web Interface", "MyShell", "Macker PHPShell"
591	- * Security scan for backdoors: "Loaderz WEB Shell", "KA uShell", "KAdot Universal Shell", "Liz0ziM"
592	- * Security scan for backdoors: "Gamma Web Shell", "JspWebshell", "GRP WebShell", "GFS web shell"
593	- * Security scan for backdoors: "GFS Web Shell", "Dx", "DxShell, "Dive Shell", "DTool Pro"
594	- * Security scan for backdoors: "Ajax PHP Command Shell", "Antichat Shell", "Ayyildiz Shell"
595	- * Security scan for backdoors: "C99 Shell", "C99 madShell", "CTT Shell", "CasuS", "CmdAsp", "Crystal Shell", "Cyber Shell"
596	* DNS fix from previous release backed out because it's no longer needed. (We temporarily hardcoded an IP)
597
598	= 3.1.6 =


3	Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching
4	Requires at least: 3.3.1
5	Tested up to: 3.9.1
6	+ Stable tag: 5.1.6
7
8	Wordfence Security is a free enterprise class security and performance plugin that makes your site up to 50 times faster and more secure.
9

163
164	== Changelog ==
165
166	+ = 5.1.6 =
167	+ * Feature: Country blocking now lets you block login page OR rest of site or any combination. So you can now block the login page only for example.
168	+ * Improvement: Upgraded the country blocking database to the newest version which is July 2014.
169	+ * Improvement: Improved server-side performance for Wordfence scanning.
170	+ * Improvement: Offer the option to keep Wordfence up-to-date automatically.
171	+ * Improvement: If file contains malicious code, include filename in email alert summary info.
172	+ * Fix: Removed strings in readme.txt that were causing false positives in hosts own scanning software.
173	+ * Fix: Prevent lockout email alerts being sent for blank usernames.
174	+
175	= 5.1.5 =
176	* Fix: Bing crawler was being misidentified as human. Fixed.
177	* Fix: Escaping HTML on whois records. Thanks Nikhil Srivastava, TechDefencelabs (http://techdefencelabs.com)

589	* Updated to the new Libyan flag.
590	* Fixed mysql_ping() reconnection to DB generating warnings.
591	* Fixed issue that caused scans to hang. Wordfence Security now processes smaller batches of files before checking if it needs to fork.
592	+ * NOTE: We removed a list of shells we're scanning for because they were yielding false positives on some host scanning software.












593	* DNS fix from previous release backed out because it's no longer needed. (We temporarily hardcoded an IP)
594
595	= 3.1.6 =

wordfence.php CHANGED Viewed

	@@ -4,13 +4,13 @@ Plugin Name: Wordfence Security
4	Plugin URI: http://www.wordfence.com/
5	Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
6	Author: Wordfence
7	- Version: 5.1.5
8	Author URI: http://www.wordfence.com/
9	*/
10	if(defined('WP_INSTALLING') && WP_INSTALLING){
11	return;
12	}
13	- define('WORDFENCE_VERSION', '5.1.5');
14	if(get_option('wordfenceActivated') != 1){
15	add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
16	}


4	Plugin URI: http://www.wordfence.com/
5	Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
6	Author: Wordfence
7	+ Version: 5.1.6
8	Author URI: http://www.wordfence.com/
9	*/
10	if(defined('WP_INSTALLING') && WP_INSTALLING){
11	return;
12	}
13	+ define('WORDFENCE_VERSION', '5.1.6');
14	if(get_option('wordfenceActivated') != 1){
15	add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
16	}

Wordfence Security – Firewall & Malware Scan - Version 5.1.6

Version Description

Release Info

Code changes from version 5.1.5 to 5.1.6