Version Description
- Update: Upgraded the geoIP country database to Jan 2015 version.
- Improvement: Added an option to disable execution of PHP code in the uploads directory as an added level of protection. Under "Other Options" on the Wordfence options page.
- Improvement: We now email you any malware URLs encountered and they won't be filtered by your spam filter because the URL is included in the alert email as an image.
- Fix: Fixed an issue that would cause multiple scans to be scheduled if the plugin was disabled and then reenabled.
- Fix: The name of malicious files detected are now included in the alert email sent containing your issues.
Download this release
Release Info
Developer | mmaunder |
Plugin | Wordfence Security – Firewall & Malware Scan |
Version | 5.3.5 |
Comparing to | |
See all releases |
Code changes from version 5.3.4 to 5.3.5
- lib/GeoIP.dat +0 -0
- lib/IPTraf.php +1 -1
- lib/email_genericAlert.php +14 -14
- lib/email_newIssues.php +16 -13
- lib/email_unlockRequest.php +2 -2
- lib/menu_options.php +1 -0
- lib/sysinfo.php +1 -1
- lib/unknownFiles.php +1 -1
- lib/wfConfig.php +71 -1
- lib/wfIssues.php +28 -1
- lib/wfUnlockMsg.php +1 -0
- lib/wfViewResult.php +1 -1
- lib/wordfenceClass.php +12 -18
- lib/wordfenceScanner.php +1 -1
- readme.txt +8 -1
- wordfence.php +2 -2
lib/GeoIP.dat
CHANGED
Binary file
|
lib/IPTraf.php
CHANGED
@@ -31,6 +31,6 @@
|
|
31 |
|
32 |
</table>
|
33 |
|
34 |
-
<div class="footer">© 2011 to
|
35 |
</body>
|
36 |
</html>
|
31 |
|
32 |
</table>
|
33 |
|
34 |
+
<div class="footer">© 2011 to 2015 Wordfence — Visit <a href="http://wordfence.com/">Wordfence.com</a> for help, security updates and more.</a>
|
35 |
</body>
|
36 |
</html>
|
lib/email_genericAlert.php
CHANGED
@@ -1,31 +1,31 @@
|
|
1 |
-
This email was sent from your website "<?php echo $blogName; ?>" by the Wordfence plugin at <?php echo $date;
|
2 |
|
3 |
-
The Wordfence administrative URL for this site is: <?php echo $adminURL; ?>admin.php?page=Wordfence
|
4 |
|
5 |
-
|
6 |
-
<?php if($IPMsg){ echo "\n
|
7 |
|
8 |
<?php if(! $isPaid){ ?>
|
9 |
-
NOTE: You are using the free version of Wordfence. Upgrading to the paid version of Wordfence gives you
|
10 |
two factor authentication (sign-in via cellphone) and country blocking which are both effective methods to block attacks.
|
11 |
A Premium Wordfence license also includes remote scanning with each scan of your site which can detect
|
12 |
several additional website infections. Premium members can also schedule when website scans occur and
|
13 |
-
can scan more than once per day
|
14 |
|
15 |
-
As a Premium member you also get access to our priority support system located at http://support.wordfence.com/ and can file
|
16 |
-
priority support tickets using our ticketing system.
|
17 |
|
18 |
-
Click here to sign-up for the Premium version of Wordfence now
|
19 |
-
https://www.wordfence.com/wordfence-signup/
|
20 |
|
21 |
<?php } ?>
|
22 |
|
23 |
--
|
24 |
-
To change your alert options for Wordfence, visit
|
25 |
-
<?php echo $myOptionsURL;
|
26 |
|
27 |
-
To see current Wordfence alerts, visit
|
28 |
-
<?php echo $myHomeURL;
|
29 |
|
30 |
|
31 |
|
1 |
+
<p>This email was sent from your website "<?php echo $blogName; ?>" by the Wordfence plugin at <?php echo $date; ?></p>
|
2 |
|
3 |
+
<p>The Wordfence administrative URL for this site is: <?php echo $adminURL; ?>admin.php?page=Wordfence</p>
|
4 |
|
5 |
+
<p><?php echo $alertMsg; ?></p>
|
6 |
+
<?php if($IPMsg){ echo "\n<p>$IPMsg</p>\n"; } ?>
|
7 |
|
8 |
<?php if(! $isPaid){ ?>
|
9 |
+
<p>NOTE: You are using the free version of Wordfence. Upgrading to the paid version of Wordfence gives you
|
10 |
two factor authentication (sign-in via cellphone) and country blocking which are both effective methods to block attacks.
|
11 |
A Premium Wordfence license also includes remote scanning with each scan of your site which can detect
|
12 |
several additional website infections. Premium members can also schedule when website scans occur and
|
13 |
+
can scan more than once per day.</p>
|
14 |
|
15 |
+
<p>As a Premium member you also get access to our priority support system located at http://support.wordfence.com/ and can file
|
16 |
+
priority support tickets using our ticketing system. </p>
|
17 |
|
18 |
+
<p>Click here to sign-up for the Premium version of Wordfence now.<br>
|
19 |
+
<a href="https://www.wordfence.com/wordfence-signup/">https://www.wordfence.com/wordfence-signup/<a></p>
|
20 |
|
21 |
<?php } ?>
|
22 |
|
23 |
--
|
24 |
+
<p>To change your alert options for Wordfence, visit:<br>
|
25 |
+
<?php echo $myOptionsURL; ?></p>
|
26 |
|
27 |
+
<p>To see current Wordfence alerts, visit:<br>
|
28 |
+
<?php echo $myHomeURL; ?></p>
|
29 |
|
30 |
|
31 |
|
lib/email_newIssues.php
CHANGED
@@ -1,38 +1,41 @@
|
|
1 |
-
This email was sent from your website "<?php echo get_bloginfo('name', 'raw'); ?>" by the Wordfence plugin
|
2 |
|
3 |
-
Wordfence found the following new issues on "<?php echo get_bloginfo('name', 'raw'); ?>"
|
4 |
|
5 |
-
Alert generated at <?php echo wfUtils::localHumanDate();
|
6 |
|
7 |
<?php if($totalCriticalIssues > 0){ ?>
|
8 |
-
Critical Problems
|
9 |
|
10 |
<?php foreach($issues as $i){ if($i['severity'] == 1){ ?>
|
11 |
-
|
|
|
|
|
|
|
12 |
|
13 |
<?php } } } ?>
|
14 |
|
15 |
<?php if($level == 2 && $totalWarningIssues > 0){ ?>
|
16 |
-
Warnings
|
17 |
|
18 |
<?php foreach($issues as $i){ if($i['severity'] == 2){ ?>
|
19 |
-
|
20 |
|
21 |
<?php } } } ?>
|
22 |
|
23 |
|
24 |
<?php if(! $isPaid){ ?>
|
25 |
-
NOTE: You are using the free version of Wordfence. Upgrading to the paid version of Wordfence gives you
|
26 |
two factor authentication (sign-in via cellphone) and country blocking which are both effective methods to block attacks.
|
27 |
A Premium Wordfence license also includes remote scanning with each scan of your site which can detect
|
28 |
several additional website infections. Premium members can also schedule when website scans occur and
|
29 |
-
can scan more than once per day
|
30 |
|
31 |
-
As a Premium member you also get access to our priority support system located at http://support.wordfence.com/ and can file
|
32 |
-
priority support tickets using our ticketing system.
|
33 |
|
34 |
-
Click here to sign-up for the Premium version of Wordfence now
|
35 |
-
https://www.wordfence.com/wordfence-signup/
|
36 |
|
37 |
<?php } ?>
|
38 |
|
1 |
+
<p>This email was sent from your website "<?php echo get_bloginfo('name', 'raw'); ?>" by the Wordfence plugin.</p>
|
2 |
|
3 |
+
<p>Wordfence found the following new issues on "<?php echo get_bloginfo('name', 'raw'); ?>".</p>
|
4 |
|
5 |
+
<p>Alert generated at <?php echo wfUtils::localHumanDate(); ?></p>
|
6 |
|
7 |
<?php if($totalCriticalIssues > 0){ ?>
|
8 |
+
<p>Critical Problems:</p>
|
9 |
|
10 |
<?php foreach($issues as $i){ if($i['severity'] == 1){ ?>
|
11 |
+
<p>* <?php echo htmlspecialchars($i['shortMsg']) ?></p>
|
12 |
+
<?php if (!empty($i['tmplData']['badURL'])): ?>
|
13 |
+
<p><img src="<?php echo sprintf("http://noc1.wordfence.com/v2.14/?v=%s&s=%s&k=%s&action=image&txt=%s", rawurlencode(wfUtils::getWPVersion()), rawurlencode(home_url()), rawurlencode(wfConfig::get('apiKey')), rawurlencode(base64_encode($i['tmplData']['badURL']))) ?>" alt="" /></p>
|
14 |
+
<?php endif ?>
|
15 |
|
16 |
<?php } } } ?>
|
17 |
|
18 |
<?php if($level == 2 && $totalWarningIssues > 0){ ?>
|
19 |
+
<p>Warnings:</p>
|
20 |
|
21 |
<?php foreach($issues as $i){ if($i['severity'] == 2){ ?>
|
22 |
+
<p>* <?php echo htmlspecialchars($i['shortMsg']) ?></p>
|
23 |
|
24 |
<?php } } } ?>
|
25 |
|
26 |
|
27 |
<?php if(! $isPaid){ ?>
|
28 |
+
<p>NOTE: You are using the free version of Wordfence. Upgrading to the paid version of Wordfence gives you
|
29 |
two factor authentication (sign-in via cellphone) and country blocking which are both effective methods to block attacks.
|
30 |
A Premium Wordfence license also includes remote scanning with each scan of your site which can detect
|
31 |
several additional website infections. Premium members can also schedule when website scans occur and
|
32 |
+
can scan more than once per day.</p>
|
33 |
|
34 |
+
<p>As a Premium member you also get access to our priority support system located at http://support.wordfence.com/ and can file
|
35 |
+
priority support tickets using our ticketing system. </p>
|
36 |
|
37 |
+
<p>Click here to sign-up for the Premium version of Wordfence now.<br>
|
38 |
+
<a href="https://www.wordfence.com/wordfence-signup/">https://www.wordfence.com/wordfence-signup/</a></p>
|
39 |
|
40 |
<?php } ?>
|
41 |
|
lib/email_unlockRequest.php
CHANGED
@@ -1,4 +1,4 @@
|
|
1 |
-
Either you or someone else at IP address <b><?php echo $IP; ?></b>
|
2 |
regain access to the website <a href="<?php echo wfUtils::getSiteBaseURL(); ?>"><b><?php echo $siteName; ?></b></a>.<br />
|
3 |
<br />
|
4 |
Request was generated at: <?php echo wfUtils::localHumanDate(); ?><br />
|
@@ -14,7 +14,7 @@ from the time they were sent.
|
|
14 |
<a href="<?php echo $unlockHref; ?>&func=unlockAllIPs">Click here to unblock all IP addresses.</a> Do this if you still can't regain access using the link above. It causes everyone who is blocked or locked out to be able to access your site again.
|
15 |
</li>
|
16 |
<li>
|
17 |
-
<a href="<?php echo $unlockHref; ?>&func=disableRules">Click here to unlock all IP addresses and disable the Wordfence Firewall and
|
18 |
</li>
|
19 |
</ul>
|
20 |
<br />
|
1 |
+
Either you or someone else at IP address <b><?php echo $IP; ?></b> requested instructions to<br />
|
2 |
regain access to the website <a href="<?php echo wfUtils::getSiteBaseURL(); ?>"><b><?php echo $siteName; ?></b></a>.<br />
|
3 |
<br />
|
4 |
Request was generated at: <?php echo wfUtils::localHumanDate(); ?><br />
|
14 |
<a href="<?php echo $unlockHref; ?>&func=unlockAllIPs">Click here to unblock all IP addresses.</a> Do this if you still can't regain access using the link above. It causes everyone who is blocked or locked out to be able to access your site again.
|
15 |
</li>
|
16 |
<li>
|
17 |
+
<a href="<?php echo $unlockHref; ?>&func=disableRules">Click here to unlock all IP addresses and disable the Wordfence Firewall and Wordfence login security for all users.</a> Do this if you keep getting locked out or blocked and can't access your site. You can re-enable login security and the firewall once you sign-in to the site by visiting the Wordfence options menu and checking the boxes under advanced options to enable the firewall and login security.
|
18 |
</li>
|
19 |
</ul>
|
20 |
<br />
|
lib/menu_options.php
CHANGED
@@ -286,6 +286,7 @@ var WFSLevels = <?php echo json_encode(wfConfig::$securityLevels); ?>;
|
|
286 |
<tr><th>Start all scans remotely<a href="http://docs.wordfence.com/en/Wordfence_options#Start_all_scans_remotely" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="startScansRemotely" class="wfConfigElem" name="startScansRemotely" value="1" <?php $w->cb('startScansRemotely'); ?> />(Try this if your scans aren't starting and your site is publicly accessible)</td></tr>
|
287 |
<tr><th>Disable config caching<a href="http://docs.wordfence.com/en/Wordfence_options#Disable_config_caching" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="disableConfigCaching" class="wfConfigElem" name="disableConfigCaching" value="1" <?php $w->cb('disableConfigCaching'); ?> />(Try this if your options aren't saving)</td></tr>
|
288 |
<tr><th>Add a debugging comment to HTML source of cached pages.<a href="http://docs.wordfence.com/en/Wordfence_options#Add_a_debugging_comment_to_HTML_source_of_cached_pages" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="addCacheComment" class="wfConfigElem" name="addCacheComment" value="1" <?php $w->cb('addCacheComment'); ?> /></td></tr>
|
|
|
289 |
<tr><th colspan="2"><a href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=conntest&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Click to test connectivity to the Wordfence API servers</a><a href="http://docs.wordfence.com/en/Wordfence_options#Click_to_test_connectivity_to_the_Wordfence_API_servers" target="_blank" class="wfhelp"></a></th></tr>
|
290 |
<tr><th colspan="2"><a href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=sysinfo&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Click to view your system's configuration in a new window</a><a href="http://docs.wordfence.com/en/Wordfence_options#Click_to_view_your_system.27s_configuration_in_a_new_window" target="_blank" class="wfhelp"></a></th></tr>
|
291 |
<tr><th colspan="2"><a href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=testmem&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Test your WordPress host's available memory</a><a href="http://docs.wordfence.com/en/Wordfence_options#Test_your_WordPress_host.27s_available_memory" target="_blank" class="wfhelp"></a></th></tr>
|
286 |
<tr><th>Start all scans remotely<a href="http://docs.wordfence.com/en/Wordfence_options#Start_all_scans_remotely" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="startScansRemotely" class="wfConfigElem" name="startScansRemotely" value="1" <?php $w->cb('startScansRemotely'); ?> />(Try this if your scans aren't starting and your site is publicly accessible)</td></tr>
|
287 |
<tr><th>Disable config caching<a href="http://docs.wordfence.com/en/Wordfence_options#Disable_config_caching" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="disableConfigCaching" class="wfConfigElem" name="disableConfigCaching" value="1" <?php $w->cb('disableConfigCaching'); ?> />(Try this if your options aren't saving)</td></tr>
|
288 |
<tr><th>Add a debugging comment to HTML source of cached pages.<a href="http://docs.wordfence.com/en/Wordfence_options#Add_a_debugging_comment_to_HTML_source_of_cached_pages" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="addCacheComment" class="wfConfigElem" name="addCacheComment" value="1" <?php $w->cb('addCacheComment'); ?> /></td></tr>
|
289 |
+
<tr><th><label for="disableCodeExecutionUploads">Disable Code Execution for Uploads directory</label><a href="http://docs.wordfence.com/en/Wordfence_options#Disable_Code_Execution_for_Uploads_directory" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="disableCodeExecutionUploads" class="wfConfigElem" name="disableCodeExecutionUploads" value="1" <?php $w->cb('disableCodeExecutionUploads'); ?> /></td></tr>
|
290 |
<tr><th colspan="2"><a href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=conntest&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Click to test connectivity to the Wordfence API servers</a><a href="http://docs.wordfence.com/en/Wordfence_options#Click_to_test_connectivity_to_the_Wordfence_API_servers" target="_blank" class="wfhelp"></a></th></tr>
|
291 |
<tr><th colspan="2"><a href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=sysinfo&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Click to view your system's configuration in a new window</a><a href="http://docs.wordfence.com/en/Wordfence_options#Click_to_view_your_system.27s_configuration_in_a_new_window" target="_blank" class="wfhelp"></a></th></tr>
|
292 |
<tr><th colspan="2"><a href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=testmem&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Test your WordPress host's available memory</a><a href="http://docs.wordfence.com/en/Wordfence_options#Test_your_WordPress_host.27s_available_memory" target="_blank" class="wfhelp"></a></th></tr>
|
lib/sysinfo.php
CHANGED
@@ -16,6 +16,6 @@ $out = preg_replace('/<\/a>/', '', $out);
|
|
16 |
$out = preg_replace('/<title>[^<]*<\/title>/','', $out);
|
17 |
echo $out;
|
18 |
?>
|
19 |
-
<div class="diffFooter">© 2011 to
|
20 |
</body>
|
21 |
</html>
|
16 |
$out = preg_replace('/<title>[^<]*<\/title>/','', $out);
|
17 |
echo $out;
|
18 |
?>
|
19 |
+
<div class="diffFooter">© 2011 to 2015 Wordfence — Visit <a href="http://wordfence.com/">Wordfence.com</a> for help, security updates and more.</a>
|
20 |
</body>
|
21 |
</html>
|
lib/unknownFiles.php
CHANGED
@@ -152,6 +152,6 @@ if($fileList){
|
|
152 |
|
153 |
?>
|
154 |
|
155 |
-
<div class="diffFooter">© 2011 to
|
156 |
</body>
|
157 |
</html>
|
152 |
|
153 |
?>
|
154 |
|
155 |
+
<div class="diffFooter">© 2011 to 2015 Wordfence — Visit <a href="http://wordfence.com/">Wordfence.com</a> for help, security updates and more.</div>
|
156 |
</body>
|
157 |
</html>
|
lib/wfConfig.php
CHANGED
@@ -225,6 +225,7 @@ class wfConfig {
|
|
225 |
"startScansRemotely" => false,
|
226 |
"disableConfigCaching" => false,
|
227 |
"addCacheComment" => false,
|
|
|
228 |
"allowHTTPSCaching" => false,
|
229 |
"debugOn" => false
|
230 |
),
|
@@ -663,7 +664,7 @@ class wfConfig {
|
|
663 |
@unlink($filename);
|
664 |
}
|
665 |
}
|
666 |
-
|
667 |
if(! self::$tmpDirCache){
|
668 |
$dirs = self::getPotentialTempDirs();
|
669 |
$finalDir = 'notmp';
|
@@ -805,5 +806,74 @@ class wfConfig {
|
|
805 |
@ob_end_clean();
|
806 |
} catch(Exception $e){}
|
807 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
808 |
}
|
|
|
|
|
|
|
809 |
?>
|
225 |
"startScansRemotely" => false,
|
226 |
"disableConfigCaching" => false,
|
227 |
"addCacheComment" => false,
|
228 |
+
"disableCodeExecutionUploads" => false,
|
229 |
"allowHTTPSCaching" => false,
|
230 |
"debugOn" => false
|
231 |
),
|
664 |
@unlink($filename);
|
665 |
}
|
666 |
}
|
667 |
+
public static function getTempDir(){
|
668 |
if(! self::$tmpDirCache){
|
669 |
$dirs = self::getPotentialTempDirs();
|
670 |
$finalDir = 'notmp';
|
806 |
@ob_end_clean();
|
807 |
} catch(Exception $e){}
|
808 |
}
|
809 |
+
|
810 |
+
/**
|
811 |
+
* .htaccess file contents to disable all script execution in a given directory.
|
812 |
+
*/
|
813 |
+
private static $_disable_scripts_htaccess = '# BEGIN Wordfence code execution protection
|
814 |
+
<IfModule mod_php5.c>
|
815 |
+
php_flag engine 0
|
816 |
+
</IfModule>
|
817 |
+
|
818 |
+
AddHandler cgi-script .php .phtml .php3 .pl .py .jsp .asp .htm .shtml .sh .cgi
|
819 |
+
Options -ExecCGI
|
820 |
+
# END Wordfence code execution protection
|
821 |
+
';
|
822 |
+
|
823 |
+
private static function _uploadsHtaccessFilePath() {
|
824 |
+
$upload_dir = wp_upload_dir();
|
825 |
+
return $upload_dir['basedir'] . '/.htaccess';
|
826 |
+
}
|
827 |
+
|
828 |
+
/**
|
829 |
+
* Add/Merge .htaccess file in the uploads directory to prevent code execution.
|
830 |
+
*
|
831 |
+
* @return bool
|
832 |
+
*/
|
833 |
+
public static function disableCodeExecutionForUploads() {
|
834 |
+
$uploads_htaccess_file_path = self::_uploadsHtaccessFilePath();
|
835 |
+
$uploads_htaccess_has_content = false;
|
836 |
+
if (file_exists($uploads_htaccess_file_path)) {
|
837 |
+
$htaccess_contents = file_get_contents($uploads_htaccess_file_path);
|
838 |
+
|
839 |
+
// htaccess exists and contains our htaccess code to disable script execution, nothing more to do
|
840 |
+
if (strpos($htaccess_contents, self::$_disable_scripts_htaccess) !== false) {
|
841 |
+
return true;
|
842 |
+
}
|
843 |
+
$uploads_htaccess_has_content = strlen(trim($htaccess_contents)) > 0;
|
844 |
+
}
|
845 |
+
if (@file_put_contents($uploads_htaccess_file_path, ($uploads_htaccess_has_content ? "\n\n" : "") . self::$_disable_scripts_htaccess, FILE_APPEND | LOCK_EX) === false) {
|
846 |
+
throw new wfConfigException("Unable to save the .htaccess file needed to disable script execution in the uploads directory. Please check your permissions on that directory.");
|
847 |
+
}
|
848 |
+
return true;
|
849 |
+
}
|
850 |
+
|
851 |
+
/**
|
852 |
+
* Remove script execution protections for our the .htaccess file in the uploads directory.
|
853 |
+
*
|
854 |
+
* @return bool
|
855 |
+
*/
|
856 |
+
public static function removeCodeExecutionProtectionForUploads() {
|
857 |
+
$uploads_htaccess_file_path = self::_uploadsHtaccessFilePath();
|
858 |
+
if (file_exists($uploads_htaccess_file_path)) {
|
859 |
+
$htaccess_contents = file_get_contents($uploads_htaccess_file_path);
|
860 |
+
$htaccess_contents = str_replace(self::$_disable_scripts_htaccess, '', $htaccess_contents);
|
861 |
+
|
862 |
+
$error_message = "Unable to remove code execution protections applied to the .htaccess file in the uploads directory. Please check your permissions on that file.";
|
863 |
+
if (strlen(trim($htaccess_contents)) === 0) {
|
864 |
+
// empty file, remove it
|
865 |
+
if (!@unlink($uploads_htaccess_file_path)) {
|
866 |
+
throw new wfConfigException($error_message);
|
867 |
+
}
|
868 |
+
|
869 |
+
} elseif (@file_put_contents($uploads_htaccess_file_path, $htaccess_contents, LOCK_EX) === false) {
|
870 |
+
throw new wfConfigException($error_message);
|
871 |
+
}
|
872 |
+
}
|
873 |
+
return true;
|
874 |
+
}
|
875 |
}
|
876 |
+
|
877 |
+
class wfConfigException extends Exception {}
|
878 |
+
|
879 |
?>
|
lib/wfIssues.php
CHANGED
@@ -128,7 +128,34 @@ class wfIssues {
|
|
128 |
'totalWarningIssues' => $totalWarningIssues,
|
129 |
'level' => $level
|
130 |
));
|
131 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
132 |
}
|
133 |
public function deleteIssue($id){
|
134 |
$this->getDB()->queryWrite("delete from " . $this->issuesTable . " where id=%d", $id);
|
128 |
'totalWarningIssues' => $totalWarningIssues,
|
129 |
'level' => $level
|
130 |
));
|
131 |
+
|
132 |
+
require_once ABSPATH . WPINC . '/class-phpmailer.php';
|
133 |
+
require_once ABSPATH . WPINC . '/class-smtp.php';
|
134 |
+
$mail = new PHPMailer;
|
135 |
+
|
136 |
+
// Get the site domain and get rid of www.
|
137 |
+
$from_email = 'wordpress@' . preg_replace('/^(https?:\/\/(www.)?)(.+?)(\/)?$/', '$3', site_url());
|
138 |
+
|
139 |
+
$mail->From = apply_filters( 'wp_mail_from', $from_email );
|
140 |
+
$mail->FromName = apply_filters( 'wp_mail_from_name', 'Wordfence' );
|
141 |
+
|
142 |
+
foreach ($emails as $email) {
|
143 |
+
try {
|
144 |
+
$mail->addAddress($email);
|
145 |
+
} catch (phpmailerException $e) {
|
146 |
+
|
147 |
+
}
|
148 |
+
}
|
149 |
+
|
150 |
+
$mail->Subject = $subject;
|
151 |
+
$mail->msgHTML($content);
|
152 |
+
|
153 |
+
try {
|
154 |
+
$mail->send();
|
155 |
+
} catch (phpmailerException $e) {
|
156 |
+
// use wp_mail if there's a problem (which uses PHPMailer anyways :P)
|
157 |
+
wp_mail(implode(',', $emails), $subject, strip_tags($content));
|
158 |
+
}
|
159 |
}
|
160 |
public function deleteIssue($id){
|
161 |
$this->getDB()->queryWrite("delete from " . $this->issuesTable . " where id=%d", $id);
|
lib/wfUnlockMsg.php
CHANGED
@@ -1,6 +1,7 @@
|
|
1 |
If you are a site administrator and have been accidentally locked out, please enter your email in the box below and click "Send". If the email address you enter belongs to a known site administrator or someone set to receive Wordfence alerts, we will send you an email to help you regain access. <a href="https://support.wordfence.com/solution/articles/1000010693-i-ve-locked-myself-out-of-my-site-i-ve-tried-the-email-unlock-feature-and-it-didn-t-work-what-shoul" target="_blank">Please read this FAQ entry if this does not work.</a>
|
2 |
<br /><br />
|
3 |
<form method="POST" action="<?php echo wfUtils::getSiteBaseURL(); ?>?_wfsf=unlockEmail">
|
|
|
4 |
<input type="hidden" name="nonce" value="<?php echo wp_create_nonce('wf-form'); ?>" />
|
5 |
<input type="text" size="50" name="email" value="" maxlength="255" /> <input type="submit" name="s" value="Send me an unlock email" />
|
6 |
</form>
|
1 |
If you are a site administrator and have been accidentally locked out, please enter your email in the box below and click "Send". If the email address you enter belongs to a known site administrator or someone set to receive Wordfence alerts, we will send you an email to help you regain access. <a href="https://support.wordfence.com/solution/articles/1000010693-i-ve-locked-myself-out-of-my-site-i-ve-tried-the-email-unlock-feature-and-it-didn-t-work-what-shoul" target="_blank">Please read this FAQ entry if this does not work.</a>
|
2 |
<br /><br />
|
3 |
<form method="POST" action="<?php echo wfUtils::getSiteBaseURL(); ?>?_wfsf=unlockEmail">
|
4 |
+
<?php require_once(ABSPATH .'wp-includes/pluggable.php'); ?>
|
5 |
<input type="hidden" name="nonce" value="<?php echo wp_create_nonce('wf-form'); ?>" />
|
6 |
<input type="text" size="50" name="email" value="" maxlength="255" /> <input type="submit" name="s" value="Send me an unlock email" />
|
7 |
</form>
|
lib/wfViewResult.php
CHANGED
@@ -21,6 +21,6 @@
|
|
21 |
|
22 |
|
23 |
|
24 |
-
<div class="diffFooter">© 2011 to
|
25 |
</body>
|
26 |
</html>
|
21 |
|
22 |
|
23 |
|
24 |
+
<div class="diffFooter">© 2011 to 2015 Wordfence — Visit <a href="http://wordfence.com/">Wordfence.com</a> for help, security updates and more.</a>
|
25 |
</body>
|
26 |
</html>
|
lib/wordfenceClass.php
CHANGED
@@ -1247,24 +1247,10 @@ class wordfence {
|
|
1247 |
}
|
1248 |
}
|
1249 |
private static function scheduleSingleScan($futureTime){
|
1250 |
-
wp_schedule_single_event($futureTime, 'wordfence_start_scheduled_scan'
|
1251 |
-
$schedArgs = wfConfig::get_ser('schedScanArgs', array());
|
1252 |
-
if(! is_array($schedArgs)){ //paranoia
|
1253 |
-
$schedArgs = array();
|
1254 |
-
}
|
1255 |
-
$schedArgs[] = $futureTime;
|
1256 |
-
wfConfig::set_ser('schedScanArgs', $schedArgs);
|
1257 |
}
|
1258 |
private static function unscheduleAllScans(){
|
1259 |
-
wp_clear_scheduled_hook('wordfence_start_scheduled_scan');
|
1260 |
-
|
1261 |
-
$schedArgs = wfConfig::get_ser('schedScanArgs', array());
|
1262 |
-
if(is_array($schedArgs)){
|
1263 |
-
foreach($schedArgs as $futureTime){
|
1264 |
-
wp_clear_scheduled_hook('wordfence_start_scheduled_scan', array($futureTime));
|
1265 |
-
}
|
1266 |
-
}
|
1267 |
-
wfConfig::set_ser('schedScanArgs', array());
|
1268 |
}
|
1269 |
public static function ajax_saveCountryBlocking_callback(){
|
1270 |
if(! wfConfig::get('isPaid')){
|
@@ -1750,8 +1736,16 @@ class wordfence {
|
|
1750 |
} else if($opts['autoUpdate'] == '0'){
|
1751 |
wfConfig::disableAutoUpdate();
|
1752 |
}
|
1753 |
-
|
1754 |
-
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1755 |
|
1756 |
$paidKeyMsg = false;
|
1757 |
|
1247 |
}
|
1248 |
}
|
1249 |
private static function scheduleSingleScan($futureTime){
|
1250 |
+
wp_schedule_single_event($futureTime, 'wordfence_start_scheduled_scan');
|
|
|
|
|
|
|
|
|
|
|
|
|
1251 |
}
|
1252 |
private static function unscheduleAllScans(){
|
1253 |
+
wp_clear_scheduled_hook('wordfence_start_scheduled_scan');
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
1254 |
}
|
1255 |
public static function ajax_saveCountryBlocking_callback(){
|
1256 |
if(! wfConfig::get('isPaid')){
|
1736 |
} else if($opts['autoUpdate'] == '0'){
|
1737 |
wfConfig::disableAutoUpdate();
|
1738 |
}
|
1739 |
+
|
1740 |
+
try {
|
1741 |
+
if ($opts['disableCodeExecutionUploads']) {
|
1742 |
+
wfConfig::disableCodeExecutionForUploads();
|
1743 |
+
} else {
|
1744 |
+
wfConfig::removeCodeExecutionProtectionForUploads();
|
1745 |
+
}
|
1746 |
+
} catch (wfConfigException $e) {
|
1747 |
+
return array('errorMsg' => $e->getMessage());
|
1748 |
+
}
|
1749 |
|
1750 |
$paidKeyMsg = false;
|
1751 |
|
lib/wordfenceScanner.php
CHANGED
@@ -160,7 +160,7 @@ class wordfenceScanner {
|
|
160 |
'severity' => 1,
|
161 |
'ignoreP' => $this->path . $file,
|
162 |
'ignoreC' => $fileSum,
|
163 |
-
'shortMsg' => "
|
164 |
'longMsg' => "This file appears to be installed by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: <strong style=\"color: #F00;\">\"" . $matches[1] . "\"</strong>.",
|
165 |
'data' => array(
|
166 |
'file' => $file,
|
160 |
'severity' => 1,
|
161 |
'ignoreP' => $this->path . $file,
|
162 |
'ignoreC' => $fileSum,
|
163 |
+
'shortMsg' => "File appears to be malicious: " . $file,
|
164 |
'longMsg' => "This file appears to be installed by a hacker to perform malicious activity. If you know about this file you can choose to ignore it to exclude it from future scans. The text we found in this file that matches a known malicious file is: <strong style=\"color: #F00;\">\"" . $matches[1] . "\"</strong>.",
|
165 |
'data' => array(
|
166 |
'file' => $file,
|
readme.txt
CHANGED
@@ -3,7 +3,7 @@ Contributors: mmaunder
|
|
3 |
Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching
|
4 |
Requires at least: 3.3.1
|
5 |
Tested up to: 4.1
|
6 |
-
Stable tag: 5.3.
|
7 |
|
8 |
Wordfence Security is a free enterprise class security and performance plugin that makes your site up to 50 times faster and more secure.
|
9 |
|
@@ -165,6 +165,13 @@ cause a security hole on your site.
|
|
165 |
|
166 |
== Changelog ==
|
167 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
168 |
= 5.3.4 =
|
169 |
* Changed FAQ link when locked out and email unlock doesn't work to correct link.
|
170 |
* Falcon cache now creates files as mode 0644 for improved security.
|
3 |
Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching
|
4 |
Requires at least: 3.3.1
|
5 |
Tested up to: 4.1
|
6 |
+
Stable tag: 5.3.5
|
7 |
|
8 |
Wordfence Security is a free enterprise class security and performance plugin that makes your site up to 50 times faster and more secure.
|
9 |
|
165 |
|
166 |
== Changelog ==
|
167 |
|
168 |
+
= 5.3.5 =
|
169 |
+
* Update: Upgraded the geoIP country database to Jan 2015 version.
|
170 |
+
* Improvement: Added an option to disable execution of PHP code in the uploads directory as an added level of protection. Under "Other Options" on the Wordfence options page.
|
171 |
+
* Improvement: We now email you any malware URLs encountered and they won't be filtered by your spam filter because the URL is included in the alert email as an image.
|
172 |
+
* Fix: Fixed an issue that would cause multiple scans to be scheduled if the plugin was disabled and then reenabled.
|
173 |
+
* Fix: The name of malicious files detected are now included in the alert email sent containing your issues.
|
174 |
+
|
175 |
= 5.3.4 =
|
176 |
* Changed FAQ link when locked out and email unlock doesn't work to correct link.
|
177 |
* Falcon cache now creates files as mode 0644 for improved security.
|
wordfence.php
CHANGED
@@ -4,13 +4,13 @@ Plugin Name: Wordfence Security
|
|
4 |
Plugin URI: http://www.wordfence.com/
|
5 |
Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
|
6 |
Author: Wordfence
|
7 |
-
Version: 5.3.
|
8 |
Author URI: http://www.wordfence.com/
|
9 |
*/
|
10 |
if(defined('WP_INSTALLING') && WP_INSTALLING){
|
11 |
return;
|
12 |
}
|
13 |
-
define('WORDFENCE_VERSION', '5.3.
|
14 |
if(get_option('wordfenceActivated') != 1){
|
15 |
add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
|
16 |
}
|
4 |
Plugin URI: http://www.wordfence.com/
|
5 |
Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
|
6 |
Author: Wordfence
|
7 |
+
Version: 5.3.5
|
8 |
Author URI: http://www.wordfence.com/
|
9 |
*/
|
10 |
if(defined('WP_INSTALLING') && WP_INSTALLING){
|
11 |
return;
|
12 |
}
|
13 |
+
define('WORDFENCE_VERSION', '5.3.5');
|
14 |
if(get_option('wordfenceActivated') != 1){
|
15 |
add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
|
16 |
}
|