Wordfence Security – Firewall & Malware Scan - Version 5.2.3

Version Description

  • Updated Geo IP country database to newest version (September 2014 edition)
  • Security fix. Improved referrer sanitization in live traffic.
  • Changed scan success messaging for clarity.
  • Fixed minor bug in IP validation which manifested when users use IPv6 to IPv4 translation which produces 255.x.x.x addrs.
Download this release

Release Info

Developer mmaunder
Plugin Icon 128x128 Wordfence Security – Firewall & Malware Scan
Version 5.2.3
Comparing to
See all releases

Code changes from version 5.2.2 to 5.2.3

Files changed (7) hide show
  1. js/admin.js +1 -1
  2. lib/GeoIP.dat +0 -0
  3. lib/wfLog.php +6 -1
  4. lib/wfUtils.php +2 -2
  5. lib/wordfenceHash.php +0 -1
  6. readme.txt +8 -2
  7. wordfence.php +2 -2
js/admin.js CHANGED
@@ -632,7 +632,7 @@ window['wordfenceAdmin'] = {
632
if(res.issuesLists[issueStatus].length < 1){
633
if(issueStatus == 'new'){
634
if(res.lastScanCompleted == 'ok'){
635
- jQuery('#' + containerID).html('<p style="font-size: 20px; color: #0A0;">Congratulations! You have no security issues on your site.</p>');
636
} else if(res['lastScanCompleted']){
637
//jQuery('#' + containerID).html('<p style="font-size: 12px; color: #A00;">The latest scan failed: ' + res.lastScanCompleted + '</p>');
638
} else {
632
if(res.issuesLists[issueStatus].length < 1){
633
if(issueStatus == 'new'){
634
if(res.lastScanCompleted == 'ok'){
635
+ jQuery('#' + containerID).html('<p style="font-size: 20px; color: #0A0;">Congratulations! No security problems were detected by Wordfence.</p>');
636
} else if(res['lastScanCompleted']){
637
//jQuery('#' + containerID).html('<p style="font-size: 12px; color: #A00;">The latest scan failed: ' + res.lastScanCompleted + '</p>');
638
} else {
lib/GeoIP.dat CHANGED
Binary file
lib/wfLog.php CHANGED
@@ -504,9 +504,14 @@ class wfLog {
504
$res['blocked'] = $this->getDB()->querySingle("select blockedTime from " . $this->blocksTable . " where IP=%s and (permanent = 1 OR (blockedTime + %s > unix_timestamp()))", $res['IP'], wfConfig::get('blockedTime'));
505
$res['IP'] = wfUtils::inet_ntoa($res['IP']);
506
$res['extReferer'] = false;
507
if( isset( $res['referer'] ) && $res['referer']){
508
$refURL = parse_url($res['referer']);
509
- if(is_array($refURL) && $refURL['host']){
510
$refHost = strtolower(preg_replace('/^www\./i', '', $refURL['host']));
511
if($refHost != $ourHost){
512
$res['extReferer'] = true;
504
$res['blocked'] = $this->getDB()->querySingle("select blockedTime from " . $this->blocksTable . " where IP=%s and (permanent = 1 OR (blockedTime + %s > unix_timestamp()))", $res['IP'], wfConfig::get('blockedTime'));
505
$res['IP'] = wfUtils::inet_ntoa($res['IP']);
506
$res['extReferer'] = false;
507
+ if(isset( $res['referer'] ) && $res['referer']){
508
+ if(! preg_match('/^https?:\/\/[a-z0-9\.\-]+\/[^\':<>\"\\\]*#x2F;i', $res['referer'] )){ //filtering out XSS
509
+ $res['referer'] = '';
510
+ }
511
+ }
512
if( isset( $res['referer'] ) && $res['referer']){
513
$refURL = parse_url($res['referer']);
514
+ if(is_array($refURL) && isset($refURL['host']) && $refURL['host']){
515
$refHost = strtolower(preg_replace('/^www\./i', '', $refURL['host']));
516
if($refHost != $ourHost){
517
$res['extReferer'] = true;
lib/wfUtils.php CHANGED
@@ -207,10 +207,10 @@ class wfUtils {
207
public static function isValidIP($IP){
208
if(preg_match('/^(\d+)\.(\d+)\.(\d+)\.(\d+)#x2F;', $IP, $m)){
209
if(
210
- $m[0] >= 0 && $m[0] <= 255 &&
211
$m[1] >= 0 && $m[1] <= 255 &&
212
$m[2] >= 0 && $m[2] <= 255 &&
213
- $m[3] >= 0 && $m[3] <= 255
214
){
215
return true;
216
}
207
public static function isValidIP($IP){
208
if(preg_match('/^(\d+)\.(\d+)\.(\d+)\.(\d+)#x2F;', $IP, $m)){
209
if(
210
$m[1] >= 0 && $m[1] <= 255 &&
211
$m[2] >= 0 && $m[2] <= 255 &&
212
+ $m[3] >= 0 && $m[3] <= 255 &&
213
+ $m[4] >= 0 && $m[4] <= 255
214
){
215
return true;
216
}
lib/wordfenceHash.php CHANGED
@@ -65,7 +65,6 @@ class wordfenceHash {
65
throw new Exception("Invalid response from Wordfence servers.");
66
}
67
wordfence::statusEnd($fetchCoreHashesStatus, false, true);
68
-
69
if($this->malwareEnabled){
70
$malwarePrefixStatus = wordfence::statusStart("Fetching list of known malware files from Wordfence");
71
$malwareData = $engine->api->getStaticURL('/malwarePrefixes.bin');
65
throw new Exception("Invalid response from Wordfence servers.");
66
}
67
wordfence::statusEnd($fetchCoreHashesStatus, false, true);
68
if($this->malwareEnabled){
69
$malwarePrefixStatus = wordfence::statusStart("Fetching list of known malware files from Wordfence");
70
$malwareData = $engine->api->getStaticURL('/malwarePrefixes.bin');
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: mmaunder
3
Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching
4
Requires at least: 3.3.1
5
Tested up to: 4.0
6
- Stable tag: 5.2.2
7
8
Wordfence Security is a free enterprise class security and performance plugin that makes your site up to 50 times faster and more secure.
9
@@ -89,7 +89,7 @@ To install Wordfence Security on WordPress Multi-Site installations:
89
* Wordfence Security is the only security plugin that is fully integrated with it's own high speed caching engine to avoid security and caching conflicts.
90
* Wordfence Security actually verifies your website source code integrity against the official WordPress repository and shows you the changes. We are the only plugin to do this.
91
* Wordfence Security provides two-factor authentication (Cellphone Sign-in) for paid members. We're the only plugin to offer this.
92
- * Wordfence Security includes comprehensive protection against DDoS attacks by giving you a performance boost up to 50X and giving you the option to disable XML-RPC among other features.
93
* Wordfence Security scans check all your files, comments and posts for URL's in Google's Safe Browsing list. We are the only plugin to offer this very important security enhancement.
94
* Wordfence Security scans do not consume large amounts of your precious bandwidth because all security scans happen on your web server which makes them very fast.
95
* Wordfence Security fully supports WordPress Multi-Site which means you can security scan every blog in your Multi-Site installation with one click.
@@ -163,6 +163,12 @@ cause a security hole on your site.
163
164
== Changelog ==
165
166
= 5.2.2 =
167
* Protection from the Slider Revolution Plugin arbitrary file download vulnerability announced today. Attempts to download any .php file including wp-config.php are denied.
168
* Changed the Wordfence Memory config option's label to make it clearer what the option does.
3
Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching
4
Requires at least: 3.3.1
5
Tested up to: 4.0
6
+ Stable tag: 5.2.3
7
8
Wordfence Security is a free enterprise class security and performance plugin that makes your site up to 50 times faster and more secure.
9
89
* Wordfence Security is the only security plugin that is fully integrated with it's own high speed caching engine to avoid security and caching conflicts.
90
* Wordfence Security actually verifies your website source code integrity against the official WordPress repository and shows you the changes. We are the only plugin to do this.
91
* Wordfence Security provides two-factor authentication (Cellphone Sign-in) for paid members. We're the only plugin to offer this.
92
+ * Wordfence Security includes protection against DDoS attacks by giving you a performance boost up to 50X.
93
* Wordfence Security scans check all your files, comments and posts for URL's in Google's Safe Browsing list. We are the only plugin to offer this very important security enhancement.
94
* Wordfence Security scans do not consume large amounts of your precious bandwidth because all security scans happen on your web server which makes them very fast.
95
* Wordfence Security fully supports WordPress Multi-Site which means you can security scan every blog in your Multi-Site installation with one click.
163
164
== Changelog ==
165
166
+ = 5.2.3 =
167
+ * Updated Geo IP country database to newest version (September 2014 edition)
168
+ * Security fix. Improved referrer sanitization in live traffic.
169
+ * Changed scan success messaging for clarity.
170
+ * Fixed minor bug in IP validation which manifested when users use IPv6 to IPv4 translation which produces 255.x.x.x addrs.
171
+
172
= 5.2.2 =
173
* Protection from the Slider Revolution Plugin arbitrary file download vulnerability announced today. Attempts to download any .php file including wp-config.php are denied.
174
* Changed the Wordfence Memory config option's label to make it clearer what the option does.
wordfence.php CHANGED
@@ -4,13 +4,13 @@ Plugin Name: Wordfence Security
4
Plugin URI: http://www.wordfence.com/
5
Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
6
Author: Wordfence
7
- Version: 5.2.2
8
Author URI: http://www.wordfence.com/
9
*/
10
if(defined('WP_INSTALLING') && WP_INSTALLING){
11
return;
12
}
13
- define('WORDFENCE_VERSION', '5.2.2');
14
if(get_option('wordfenceActivated') != 1){
15
add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
16
}
4
Plugin URI: http://www.wordfence.com/
5
Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
6
Author: Wordfence
7
+ Version: 5.2.3
8
Author URI: http://www.wordfence.com/
9
*/
10
if(defined('WP_INSTALLING') && WP_INSTALLING){
11
return;
12
}
13
+ define('WORDFENCE_VERSION', '5.2.3');
14
if(get_option('wordfenceActivated') != 1){
15
add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
16
}