Wordfence Security – Firewall & Malware Scan - Version 5.1.8

Version Description

  • Fix: Option to disable config caching. You can find this new option at the bottom of the Wordfence options page.
  • Note: If you are seeing the "cron key does not match the saved key" error, check the box to disable config caching at the bottom of the Wordfence options page, save and this will fix it.
  • Note: If you are trying to save your Wordfence options and the options keep reverting, enable the "disable config caching" at the bottom of your Wordfence options page, save and this will fix it.
Download this release

Release Info

Developer mmaunder
Plugin Icon 128x128 Wordfence Security – Firewall & Malware Scan
Version 5.1.8
Comparing to
See all releases

Code changes from version 5.1.7 to 5.1.8

Files changed (4) hide show
  1. lib/menu_options.php +1 -0
  2. lib/wfConfig.php +27 -1
  3. readme.txt +6 -1
  4. wordfence.php +2 -2
lib/menu_options.php CHANGED
@@ -277,6 +277,7 @@ var WFSLevels = <?php echo json_encode(wfConfig::$securityLevels); ?>;
277
278
<tr><th>Disable Wordfence Cookies</th><td><input type="checkbox" id="disableCookies" class="wfConfigElem" name="disableCookies" value="1" <?php $w->cb('disableCookies'); ?> />(when enabled all visits in live traffic will appear to be new visits)</td></tr>
279
<tr><th>Start all scans remotely</th><td><input type="checkbox" id="startScansRemotely" class="wfConfigElem" name="startScansRemotely" value="1" <?php $w->cb('startScansRemotely'); ?> />(Try this if your scans aren't starting and your site is publicly accessible)</td></tr>
280
<tr><th>Add a debugging comment to HTML source of cached pages.</th><td><input type="checkbox" id="addCacheComment" class="wfConfigElem" name="addCacheComment" value="1" <?php $w->cb('addCacheComment'); ?> /></td></tr>
281
<tr><th colspan="2"><a href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=conntest&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Click to test connectivity to the Wordfence API servers</a></th></tr>
282
<tr><th colspan="2"><a href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=sysinfo&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Click to view your system's configuration in a new window</a></th></tr>
277
278
<tr><th>Disable Wordfence Cookies</th><td><input type="checkbox" id="disableCookies" class="wfConfigElem" name="disableCookies" value="1" <?php $w->cb('disableCookies'); ?> />(when enabled all visits in live traffic will appear to be new visits)</td></tr>
279
<tr><th>Start all scans remotely</th><td><input type="checkbox" id="startScansRemotely" class="wfConfigElem" name="startScansRemotely" value="1" <?php $w->cb('startScansRemotely'); ?> />(Try this if your scans aren't starting and your site is publicly accessible)</td></tr>
280
+ <tr><th>Disable config caching</th><td><input type="checkbox" id="disableConfigCaching" class="wfConfigElem" name="disableConfigCaching" value="1" <?php $w->cb('disableConfigCaching'); ?> />(Try this if your options aren't saving)</td></tr>
281
<tr><th>Add a debugging comment to HTML source of cached pages.</th><td><input type="checkbox" id="addCacheComment" class="wfConfigElem" name="addCacheComment" value="1" <?php $w->cb('addCacheComment'); ?> /></td></tr>
282
<tr><th colspan="2"><a href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=conntest&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Click to test connectivity to the Wordfence API servers</a></th></tr>
283
<tr><th colspan="2"><a href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=sysinfo&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Click to view your system's configuration in a new window</a></th></tr>
lib/wfConfig.php CHANGED
@@ -2,6 +2,7 @@
2
class wfConfig {
3
public static $diskCache = array();
4
private static $diskCacheDisabled = false; //enables if we detect a write fail so we don't keep calling stat()
5
private static $table = false;
6
private static $cache = array();
7
private static $DB = false;
@@ -60,6 +61,7 @@ class wfConfig {
60
"autoUpdate" => false,
61
"disableCookies" => false,
62
"startScansRemotely" => false,
63
"addCacheComment" => false,
64
"allowHTTPSCaching" => false,
65
"debugOn" => false
@@ -140,6 +142,7 @@ class wfConfig {
140
"autoUpdate" => false,
141
"disableCookies" => false,
142
"startScansRemotely" => false,
143
"addCacheComment" => false,
144
"allowHTTPSCaching" => false,
145
"debugOn" => false
@@ -220,6 +223,7 @@ class wfConfig {
220
"autoUpdate" => false,
221
"disableCookies" => false,
222
"startScansRemotely" => false,
223
"addCacheComment" => false,
224
"allowHTTPSCaching" => false,
225
"debugOn" => false
@@ -300,6 +304,7 @@ class wfConfig {
300
"autoUpdate" => false,
301
"disableCookies" => false,
302
"startScansRemotely" => false,
303
"addCacheComment" => false,
304
"allowHTTPSCaching" => false,
305
"debugOn" => false
@@ -380,6 +385,7 @@ class wfConfig {
380
"autoUpdate" => false,
381
"disableCookies" => false,
382
"startScansRemotely" => false,
383
"addCacheComment" => false,
384
"allowHTTPSCaching" => false,
385
"debugOn" => false
@@ -468,6 +474,11 @@ class wfConfig {
468
self::set($key, $val + 1);
469
}
470
public static function set($key, $val){
471
if(is_array($val)){
472
$msg = "wfConfig::set() got an array as second param with key: $key and value: " . var_export($val, true);
473
wordfence::status(1, 'error', $msg);
@@ -494,6 +505,19 @@ class wfConfig {
494
self::$diskCacheDisabled = true;
495
}
496
public static function get($key, $default = false){
497
if(! isset(self::$cache[$key])){
498
$val = self::loadFromDiskCache($key);
499
//$val = self::getDB()->querySingle("select val from " . self::table() . " where name='%s'", $key);
@@ -527,7 +551,9 @@ class wfConfig {
527
}
528
}
529
$val = self::getDB()->querySingle("select val from " . self::table() . " where name='%s'", $key);
530
- if(self::$diskCacheDisabled){ return $val; }
531
wfConfig::$diskCache[$key] = isset($val) ? $val : '';
532
try {
533
$bytesWritten = @file_put_contents($cacheFile, self::$tmpFileHeader . serialize(wfConfig::$diskCache), LOCK_EX);
2
class wfConfig {
3
public static $diskCache = array();
4
private static $diskCacheDisabled = false; //enables if we detect a write fail so we don't keep calling stat()
5
+ private static $cacheDisableCheckDone = false;
6
private static $table = false;
7
private static $cache = array();
8
private static $DB = false;
61
"autoUpdate" => false,
62
"disableCookies" => false,
63
"startScansRemotely" => false,
64
+ "disableConfigCaching" => false,
65
"addCacheComment" => false,
66
"allowHTTPSCaching" => false,
67
"debugOn" => false
142
"autoUpdate" => false,
143
"disableCookies" => false,
144
"startScansRemotely" => false,
145
+ "disableConfigCaching" => false,
146
"addCacheComment" => false,
147
"allowHTTPSCaching" => false,
148
"debugOn" => false
223
"autoUpdate" => false,
224
"disableCookies" => false,
225
"startScansRemotely" => false,
226
+ "disableConfigCaching" => false,
227
"addCacheComment" => false,
228
"allowHTTPSCaching" => false,
229
"debugOn" => false
304
"autoUpdate" => false,
305
"disableCookies" => false,
306
"startScansRemotely" => false,
307
+ "disableConfigCaching" => false,
308
"addCacheComment" => false,
309
"allowHTTPSCaching" => false,
310
"debugOn" => false
385
"autoUpdate" => false,
386
"disableCookies" => false,
387
"startScansRemotely" => false,
388
+ "disableConfigCaching" => false,
389
"addCacheComment" => false,
390
"allowHTTPSCaching" => false,
391
"debugOn" => false
474
self::set($key, $val + 1);
475
}
476
public static function set($key, $val){
477
+ if($key == 'disableConfigCaching'){
478
+ self::getDB()->queryWrite("insert into " . self::table() . " (name, val) values ('%s', '%s') ON DUPLICATE KEY UPDATE val='%s'", $key, $val, $val);
479
+ return;
480
+ }
481
+
482
if(is_array($val)){
483
$msg = "wfConfig::set() got an array as second param with key: $key and value: " . var_export($val, true);
484
wordfence::status(1, 'error', $msg);
505
self::$diskCacheDisabled = true;
506
}
507
public static function get($key, $default = false){
508
+ if($key == 'disableConfigCaching'){
509
+ $val = self::getDB()->querySingle("select val from " . self::table() . " where name='%s'", $key);
510
+ return $val;
511
+ }
512
+
513
+ if(! self::$cacheDisableCheckDone){
514
+ self::$cacheDisableCheckDone = true;
515
+ $cachingDisabledSetting = self::getDB()->querySingle("select val from " . self::table() . " where name='%s'", 'disableConfigCaching');
516
+ if($cachingDisabledSetting == '1'){
517
+ self::$diskCacheDisabled = true;
518
+ }
519
+ }
520
+
521
if(! isset(self::$cache[$key])){
522
$val = self::loadFromDiskCache($key);
523
//$val = self::getDB()->querySingle("select val from " . self::table() . " where name='%s'", $key);
551
}
552
}
553
$val = self::getDB()->querySingle("select val from " . self::table() . " where name='%s'", $key);
554
+ if(self::$diskCacheDisabled){
555
+ return $val;
556
+ }
557
wfConfig::$diskCache[$key] = isset($val) ? $val : '';
558
try {
559
$bytesWritten = @file_put_contents($cacheFile, self::$tmpFileHeader . serialize(wfConfig::$diskCache), LOCK_EX);
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: mmaunder
3
Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching
4
Requires at least: 3.3.1
5
Tested up to: 3.9.1
6
- Stable tag: 5.1.7
7
8
Wordfence Security is a free enterprise class security and performance plugin that makes your site up to 50 times faster and more secure.
9
@@ -163,6 +163,11 @@ cause a security hole on your site.
163
164
== Changelog ==
165
166
= 5.1.7 =
167
* Improvement: Wordfence now supports websites behind proxy servers when communicating with the Wordfence API servers.
168
* Fix: Removed old image files that were unused.
3
Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching
4
Requires at least: 3.3.1
5
Tested up to: 3.9.1
6
+ Stable tag: 5.1.8
7
8
Wordfence Security is a free enterprise class security and performance plugin that makes your site up to 50 times faster and more secure.
9
163
164
== Changelog ==
165
166
+ = 5.1.8 =
167
+ * Fix: Option to disable config caching. You can find this new option at the bottom of the Wordfence options page.
168
+ * Note: If you are seeing the "cron key does not match the saved key" error, check the box to disable config caching at the bottom of the Wordfence options page, save and this will fix it.
169
+ * Note: If you are trying to save your Wordfence options and the options keep reverting, enable the "disable config caching" at the bottom of your Wordfence options page, save and this will fix it.
170
+
171
= 5.1.7 =
172
* Improvement: Wordfence now supports websites behind proxy servers when communicating with the Wordfence API servers.
173
* Fix: Removed old image files that were unused.
wordfence.php CHANGED
@@ -4,13 +4,13 @@ Plugin Name: Wordfence Security
4
Plugin URI: http://www.wordfence.com/
5
Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
6
Author: Wordfence
7
- Version: 5.1.7
8
Author URI: http://www.wordfence.com/
9
*/
10
if(defined('WP_INSTALLING') && WP_INSTALLING){
11
return;
12
}
13
- define('WORDFENCE_VERSION', '5.1.7');
14
if(get_option('wordfenceActivated') != 1){
15
add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
16
}
4
Plugin URI: http://www.wordfence.com/
5
Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
6
Author: Wordfence
7
+ Version: 5.1.8
8
Author URI: http://www.wordfence.com/
9
*/
10
if(defined('WP_INSTALLING') && WP_INSTALLING){
11
return;
12
}
13
+ define('WORDFENCE_VERSION', '5.1.8');
14
if(get_option('wordfenceActivated') != 1){
15
add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
16
}