Version Description
- Changed FAQ link when locked out and email unlock doesn't work to correct link.
- Falcon cache now creates files as mode 0644 for improved security.
- Updated GeoIP database to December 2014 version.
Download this release
Release Info
| Developer | mmaunder |
| Plugin |  Wordfence Security – Firewall & Malware Scan |
| Version | 5.3.4 |
| Comparing to | |
| See all releases | |
Code changes from version 5.3.3 to 5.3.4
- lib/GeoIP.dat +0 -0
- lib/wfCache.php +2 -2
- lib/wfUnlockMsg.php +1 -1
- readme.txt +8 -3
- wordfence.php +2 -2
lib/GeoIP.dat
CHANGED
|
Binary file
|
lib/wfCache.php
CHANGED
|
@@ -161,11 +161,11 @@ class wfCache {
|
|
| 161 |
}
|
| 162 |
|
| 163 |
@file_put_contents($file, $buffer . $append, LOCK_EX);
|
| 164 |
-
chmod($file,
|
| 165 |
if(self::$cacheType == 'falcon'){ //create gzipped files so we can send precompressed files
|
| 166 |
$file .= '_gzip';
|
| 167 |
@file_put_contents($file, gzencode($buffer . $appendGzip, 9), LOCK_EX);
|
| 168 |
-
chmod($file,
|
| 169 |
}
|
| 170 |
return $buffer;
|
| 171 |
}
|
| 161 |
}
|
| 162 |
|
| 163 |
@file_put_contents($file, $buffer . $append, LOCK_EX);
|
| 164 |
+
chmod($file, 0644);
|
| 165 |
if(self::$cacheType == 'falcon'){ //create gzipped files so we can send precompressed files
|
| 166 |
$file .= '_gzip';
|
| 167 |
@file_put_contents($file, gzencode($buffer . $appendGzip, 9), LOCK_EX);
|
| 168 |
+
chmod($file, 0644);
|
| 169 |
}
|
| 170 |
return $buffer;
|
| 171 |
}
|
lib/wfUnlockMsg.php
CHANGED
|
@@ -1,4 +1,4 @@
|
|
| 1 |
-
If you are a site administrator and have been accidentally locked out, please enter your email in the box below and click "Send". If the email address you enter belongs to a known site administrator or someone set to receive Wordfence alerts, we will send you an email to help you regain access. <a href="
|
| 2 |
<br /><br />
|
| 3 |
<form method="POST" action="<?php echo wfUtils::getSiteBaseURL(); ?>?_wfsf=unlockEmail">
|
| 4 |
<input type="hidden" name="nonce" value="<?php echo wp_create_nonce('wf-form'); ?>" />
|
| 1 |
+
If you are a site administrator and have been accidentally locked out, please enter your email in the box below and click "Send". If the email address you enter belongs to a known site administrator or someone set to receive Wordfence alerts, we will send you an email to help you regain access. <a href="https://support.wordfence.com/solution/articles/1000010693-i-ve-locked-myself-out-of-my-site-i-ve-tried-the-email-unlock-feature-and-it-didn-t-work-what-shoul" target="_blank">Please read this FAQ entry if this does not work.</a>
|
| 2 |
<br /><br />
|
| 3 |
<form method="POST" action="<?php echo wfUtils::getSiteBaseURL(); ?>?_wfsf=unlockEmail">
|
| 4 |
<input type="hidden" name="nonce" value="<?php echo wp_create_nonce('wf-form'); ?>" />
|
readme.txt
CHANGED
|
@@ -2,8 +2,8 @@
|
|
| 2 |
Contributors: mmaunder
|
| 3 |
Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching
|
| 4 |
Requires at least: 3.3.1
|
| 5 |
-
Tested up to: 4.
|
| 6 |
-
Stable tag: 5.3.
|
| 7 |
|
| 8 |
Wordfence Security is a free enterprise class security and performance plugin that makes your site up to 50 times faster and more secure.
|
| 9 |
|
|
@@ -165,8 +165,13 @@ cause a security hole on your site.
|
|
| 165 |
|
| 166 |
== Changelog ==
|
| 167 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 168 |
= 5.3.3 =
|
| 169 |
-
* Security fix. Thanks Matt
|
| 170 |
* Changed what we consider to be private addresses to a smaller range of addresses. See current range at: http://docs.wordfence.com/en/How_Wordfence_handles_Private_Addresses
|
| 171 |
* Fixed a warning about an undefined value which appeared after we added referer blocking in 5.3.2.
|
| 172 |
|
| 2 |
Contributors: mmaunder
|
| 3 |
Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching
|
| 4 |
Requires at least: 3.3.1
|
| 5 |
+
Tested up to: 4.1
|
| 6 |
+
Stable tag: 5.3.4
|
| 7 |
|
| 8 |
Wordfence Security is a free enterprise class security and performance plugin that makes your site up to 50 times faster and more secure.
|
| 9 |
|
| 165 |
|
| 166 |
== Changelog ==
|
| 167 |
|
| 168 |
+
= 5.3.4 =
|
| 169 |
+
* Changed FAQ link when locked out and email unlock doesn't work to correct link.
|
| 170 |
+
* Falcon cache now creates files as mode 0644 for improved security.
|
| 171 |
+
* Updated GeoIP database to December 2014 version.
|
| 172 |
+
|
| 173 |
= 5.3.3 =
|
| 174 |
+
* Security fix. Thanks Matt Barry.
|
| 175 |
* Changed what we consider to be private addresses to a smaller range of addresses. See current range at: http://docs.wordfence.com/en/How_Wordfence_handles_Private_Addresses
|
| 176 |
* Fixed a warning about an undefined value which appeared after we added referer blocking in 5.3.2.
|
| 177 |
|
wordfence.php
CHANGED
|
@@ -4,13 +4,13 @@ Plugin Name: Wordfence Security
|
|
| 4 |
Plugin URI: http://www.wordfence.com/
|
| 5 |
Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
|
| 6 |
Author: Wordfence
|
| 7 |
-
Version: 5.3.
|
| 8 |
Author URI: http://www.wordfence.com/
|
| 9 |
*/
|
| 10 |
if(defined('WP_INSTALLING') && WP_INSTALLING){
|
| 11 |
return;
|
| 12 |
}
|
| 13 |
-
define('WORDFENCE_VERSION', '5.3.
|
| 14 |
if(get_option('wordfenceActivated') != 1){
|
| 15 |
add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
|
| 16 |
}
|
| 4 |
Plugin URI: http://www.wordfence.com/
|
| 5 |
Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
|
| 6 |
Author: Wordfence
|
| 7 |
+
Version: 5.3.4
|
| 8 |
Author URI: http://www.wordfence.com/
|
| 9 |
*/
|
| 10 |
if(defined('WP_INSTALLING') && WP_INSTALLING){
|
| 11 |
return;
|
| 12 |
}
|
| 13 |
+
define('WORDFENCE_VERSION', '5.3.4');
|
| 14 |
if(get_option('wordfenceActivated') != 1){
|
| 15 |
add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
|
| 16 |
}
|
