Wordfence Security – Firewall & Malware Scan - Version 5.3.6

Version Description

  • Feature: You can now block POST requests to your WordPress site that have an empty User-Agent and Referer header. This is a common pattern among badly written brute force bots.
  • Feature: Added cron viewer at bottom of Wordfence options page. The plugin we were using to help diagnose customer issues is broken. Use this instead.
  • Feature: Added DB table viewer at bottom of Wordfence options page. This is a read-only utility to view table names and detailed status. Also for customer diagnostic purposes.
  • Improvement: Code cleanup after in-depth code analysis. Removed unused functions and variables and re-indented selected code.
  • Fix: Fixed issue that appeared after last release where raw HTML tags were appearing in email alerts.
  • Fix: Tour behaved inconsistently under some conditions. Fixed.
  • Fix: Mismatched HTML tags in some presentation code. Fixed.
  • Fix: When fetching theme list the interator had the same name as the array. Fixed.
  • Fix: Detection for malware URLs in comments had a partial description in the issue. Was being overwritten when it should have been appended. Fixed.
  • Fix: Check if dns_get_record() exists before using it to avoid warnings.
  • Fix: If you have the wordfence security network disabled, the _wfVulnScanners table may have grown indefinitely. Fixed so it's regularly truncated.
  • Fix: wordfence::getLog() was private and should be public. Fixed.
  • Fix: Removed warning about wfsf not being an element of GET params. Usually hidden, but in case something checks errorget_last()
Download this release

Release Info

Developer mmaunder
Plugin Icon 128x128 Wordfence Security – Firewall & Malware Scan
Version 5.3.6
Comparing to
See all releases

Code changes from version 5.3.5 to 5.3.6

Files changed (30) hide show
  1. js/admin.js +51 -63
  2. js/tourTip.js +18 -4
  3. lib/Diff/SequenceMatcher.php +0 -50
  4. lib/IPTraf.php +1 -1
  5. lib/conntest.php +1 -1
  6. lib/cronview.php +30 -0
  7. lib/dbview.php +31 -0
  8. lib/diffResult.php +1 -1
  9. lib/email_genericAlert.php +14 -14
  10. lib/menu_options.php +1114 -375
  11. lib/menu_scan.php +4 -4
  12. lib/menu_sitePerfStats.php +1 -1
  13. lib/sysinfo.php +1 -1
  14. lib/wfAPI.php +1 -3
  15. lib/wfCache.php +1 -2
  16. lib/wfConfig.php +5 -4
  17. lib/wfCrawl.php +0 -1
  18. lib/wfDB.php +0 -6
  19. lib/wfIssues.php +0 -2
  20. lib/wfLog.php +5 -14
  21. lib/wfScan.php +0 -2
  22. lib/wfScanEngine.php +10 -19
  23. lib/wfUtils.php +3 -6
  24. lib/wfViewResult.php +1 -1
  25. lib/wordfenceClass.php +27 -22
  26. lib/wordfenceHash.php +0 -1
  27. lib/wordfenceScanner.php +0 -14
  28. lib/wordfenceURLHoover.php +0 -2
  29. readme.txt +17 -2
  30. wordfence.php +3 -2
js/admin.js CHANGED
@@ -11,7 +11,6 @@ window['wordfenceAdmin'] = {
11
  iconErrorMsgs: [],
12
  scanIDLoaded: 0,
13
  colorboxQueue: [],
14
- colorboxOpen: false,
15
  mode: '',
16
  visibleIssuesPanel: 'new',
17
  preFirstScanMsgsLoaded: false,
@@ -35,11 +34,15 @@ window['wordfenceAdmin'] = {
35
  countryCodesToSave: "",
36
  performanceScale: 3,
37
  performanceMinWidth: 20,
 
 
38
  init: function(){
39
  this.nonce = WordfenceAdminVars.firstNonce;
40
  this.debugOn = WordfenceAdminVars.debugOn == '1' ? true : false;
41
  this.tourClosed = WordfenceAdminVars.tourClosed == '1' ? true : false;
 
42
  var startTicker = false;
 
43
  if(jQuery('#wordfenceMode_scan').length > 0){
44
  this.mode = 'scan';
45
  jQuery('#wfALogViewLink').prop('href', WordfenceAdminVars.siteBaseURL + '?_wfsf=viewActivityLog&nonce=' + this.nonce);
@@ -48,13 +51,12 @@ window['wordfenceAdmin'] = {
48
  this.noScanHTML = jQuery('#wfNoScanYetTmpl').tmpl().html();
49
  this.loadIssues();
50
  this.startActivityLogUpdates();
51
- if(! this.tourClosed){
52
  this.scanTourStart();
53
  }
54
  } else if(jQuery('#wordfenceMode_activity').length > 0){
55
  this.mode = 'activity';
56
- var self = this;
57
- this.setupSwitches('wfLiveTrafficOnOff', 'liveTrafficEnabled', function(){});
58
  jQuery('#wfLiveTrafficOnOff').change(function(){
59
  if(/^(?:falcon|php)$/.test(WordfenceAdminVars.cacheType) ){
60
  jQuery('#wfLiveTrafficOnOff').attr('checked', false);
@@ -71,8 +73,7 @@ window['wordfenceAdmin'] = {
71
  this.switchTab(jQuery('#wfLoginLogoutTab'), 'wfTab1', 'wfDataPanel', 'wfActivity_loginLogout', function(){ WFAD.activityTabChanged(); });
72
  }
73
  startTicker = true;
74
- if(! this.tourClosed){
75
- var self = this;
76
  this.tour('wfWelcomeContent3', 'wfHeading', 'top', 'left', "Learn about Site Performance", function(){ self.tourRedir('WordfenceSitePerf'); });
77
  }
78
  } else if(jQuery('#wordfenceMode_options').length > 0){
@@ -80,9 +81,8 @@ window['wordfenceAdmin'] = {
80
  jQuery('.wfConfigElem').change(function(){ jQuery('#securityLevel').val('CUSTOM'); });
81
  this.updateTicker(true);
82
  startTicker = true;
83
- if(! this.tourClosed){
84
- var self = this;
85
- this.tour('wfContentBasicOptions', 'wfMarkerBasicOptions', 'top', 'left', "Learn about Live Traffic Options", function(){
86
  self.tour('wfContentLiveTrafficOptions', 'wfMarkerLiveTrafficOptions', 'bottom', 'left', "Learn about Scanning Options", function(){
87
  self.tour('wfContentScansToInclude', 'wfMarkerScansToInclude', 'bottom', 'left', "Learn about Firewall Rules", function(){
88
  self.tour('wfContentFirewallRules', 'wfMarkerFirewallRules', 'bottom', 'left', "Learn about Login Security", function(){
@@ -99,15 +99,13 @@ window['wordfenceAdmin'] = {
99
  this.staticTabChanged();
100
  this.updateTicker(true);
101
  startTicker = true;
102
- if(! this.tourClosed){
103
- var self = this;
104
  this.tour('wfWelcomeContent4', 'wfHeading', 'top', 'left', "Learn about Cellphone Sign-in", function(){ self.tourRedir('WordfenceTwoFactor'); });
105
  }
106
  } else if(jQuery('#wordfenceMode_twoFactor').length > 0){
107
  this.mode = 'twoFactor';
108
  startTicker = false;
109
- if(! this.tourClosed){
110
- var self = this;
111
  this.tour('wfWelcomeTwoFactor', 'wfHeading', 'top', 'left', "Learn how to Block Countries", function(){ self.tourRedir('WordfenceCountryBlocking'); });
112
  }
113
  this.loadTwoFactor();
@@ -115,15 +113,13 @@ window['wordfenceAdmin'] = {
115
  } else if(jQuery('#wordfenceMode_countryBlocking').length > 0){
116
  this.mode = 'countryBlocking';
117
  startTicker = false;
118
- if(! this.tourClosed){
119
- var self = this;
120
  this.tour('wfWelcomeContentCntBlk', 'wfHeading', 'top', 'left', "Learn how to Schedule Scans", function(){ self.tourRedir('WordfenceScanSchedule'); });
121
  }
122
  } else if(jQuery('#wordfenceMode_rangeBlocking').length > 0){
123
  this.mode = 'rangeBlocking';
124
  startTicker = false;
125
- if(! this.tourClosed){
126
- var self = this;
127
  this.tour('wfWelcomeContentRangeBlocking', 'wfHeading', 'top', 'left', "Learn how to Customize Wordfence", function(){ self.tourRedir('WordfenceSecOpt'); });
128
  }
129
  this.calcRangeTotal();
@@ -131,8 +127,7 @@ window['wordfenceAdmin'] = {
131
  } else if(jQuery('#wordfenceMode_whois').length > 0){
132
  this.mode = 'whois';
133
  startTicker = false;
134
- if(! this.tourClosed){
135
- var self = this;
136
  this.tour('wfWelcomeContentWhois', 'wfHeading', 'top', 'left', "Learn how to use Advanced Blocking", function(){ self.tourRedir('WordfenceRangeBlocking'); });
137
  }
138
  this.calcRangeTotal();
@@ -142,34 +137,20 @@ window['wordfenceAdmin'] = {
142
  this.mode = 'scanScheduling';
143
  startTicker = false;
144
  this.sched_modeChange();
145
- if(! this.tourClosed){
146
- var self = this;
147
  this.tour('wfWelcomeContentScanSched', 'wfHeading', 'top', 'left', "Learn about WHOIS", function(){ self.tourRedir('WordfenceWhois'); });
148
  }
149
  } else if(jQuery('#wordfenceMode_caching').length > 0){
150
  this.mode = 'caching';
151
  startTicker = false;
152
- if(! this.tourClosed){
153
- var self = this;
154
  this.tour('wfWelcomeContentCaching', 'wfHeading', 'top', 'left', "Learn about IP Blocking", function(){ self.tourRedir('WordfenceBlockedIPs'); });
155
  }
156
  this.loadCacheExclusions();
157
- // } else if(jQuery('#wordfenceMode_perfStats').length > 0){
158
- // var self = this;
159
- // this.loadAvgSitePerf();
160
- // this.setupSwitches('wfPerfOnOff', 'perfLoggingEnabled', function(){});
161
- // jQuery('#wfPerfOnOff').change(function(){ self.updateSwitch('wfPerfOnOff', 'perfLoggingEnabled', function(){}); });
162
- // this.mode = 'perfStats';
163
- // startTicker = true;
164
- // if(! this.tourClosed){
165
- // var self = this;
166
- // this.tour('wfWelcomeContentCaching', 'wfHeading', 'top', 'left', "Learn about IP Blocking", function(){ self.tourRedir('WordfenceBlockedIPs'); });
167
- // }
168
  } else {
169
  this.mode = false;
170
  }
171
  if(this.mode){ //We are in a Wordfence page
172
- var self = this;
173
  if(startTicker){
174
  this.updateTicker();
175
  this.liveInt = setInterval(function(){ self.updateTicker(); }, WordfenceAdminVars.actUpdateInterval);
@@ -177,6 +158,13 @@ window['wordfenceAdmin'] = {
177
  jQuery(document).bind('cbox_closed', function(){ self.colorboxIsOpen = false; self.colorboxServiceQueue(); });
178
  }
179
  },
 
 
 
 
 
 
 
180
  sendTestEmail: function(email){
181
  var self = this;
182
  this.ajax('wordfence_sendTestEmail', { email: email }, function(res){
@@ -275,9 +263,11 @@ window['wordfenceAdmin'] = {
275
  }
276
  },
277
  startTourAgain: function(){
278
- this.ajax('wordfence_startTourAgain', {}, function(res){});
279
- this.tourClosed = false;
280
- this.scanTourStart();
 
 
281
  },
282
  showLoading: function(){
283
  this.loadingCount++;
@@ -381,46 +371,47 @@ window['wordfenceAdmin'] = {
381
  }
382
  },
383
  processSummaryLine: function(item){
 
384
  if(item.msg.indexOf('SUM_START:') != -1){
385
- var msg = item.msg.replace('SUM_START:', '');
386
  jQuery('#consoleSummary').append('<div class="wfSummaryLine"><div class="wfSummaryDate">[' + item.date + ']</div><div class="wfSummaryMsg">' + msg + '</div><div class="wfSummaryResult"><div class="wfSummaryLoading"></div></div><div class="wfClear"></div>');
387
  summaryUpdated = true;
388
  } else if(item.msg.indexOf('SUM_ENDBAD') != -1){
389
- var msg = item.msg.replace('SUM_ENDBAD:', '');
390
  jQuery('div.wfSummaryMsg:contains("' + msg + '")').next().addClass('wfSummaryBad').html('Problems found.');
391
  summaryUpdated = true;
392
  } else if(item.msg.indexOf('SUM_ENDFAILED') != -1){
393
- var msg = item.msg.replace('SUM_ENDFAILED:', '');
394
  jQuery('div.wfSummaryMsg:contains("' + msg + '")').next().addClass('wfSummaryBad').html('Failed.');
395
  summaryUpdated = true;
396
  } else if(item.msg.indexOf('SUM_ENDOK') != -1){
397
- var msg = item.msg.replace('SUM_ENDOK:', '');
398
  jQuery('div.wfSummaryMsg:contains("' + msg + '")').next().addClass('wfSummaryOK').html('Secure.');
399
  summaryUpdated = true;
400
  } else if(item.msg.indexOf('SUM_ENDSUCCESS') != -1){
401
- var msg = item.msg.replace('SUM_ENDSUCCESS:', '');
402
  jQuery('div.wfSummaryMsg:contains("' + msg + '")').next().addClass('wfSummaryOK').html('Success.');
403
  summaryUpdated = true;
404
  } else if(item.msg.indexOf('SUM_ENDERR') != -1){
405
- var msg = item.msg.replace('SUM_ENDERR:', '');
406
  jQuery('div.wfSummaryMsg:contains("' + msg + '")').next().addClass('wfSummaryErr').html('An error occurred.');
407
  summaryUpdated = true;
408
  } else if(item.msg.indexOf('SUM_DISABLED:') != -1){
409
- var msg = item.msg.replace('SUM_DISABLED:', '');
410
  jQuery('#consoleSummary').append('<div class="wfSummaryLine"><div class="wfSummaryDate">[' + item.date + ']</div><div class="wfSummaryMsg">' + msg + '</div><div class="wfSummaryResult">Disabled [<a href="admin.php?page=WordfenceSecOpt">Visit Options to Enable</a>]</div><div class="wfClear"></div>');
411
  summaryUpdated = true;
412
  } else if(item.msg.indexOf('SUM_PAIDONLY:') != -1){
413
- var msg = item.msg.replace('SUM_PAIDONLY:', '');
414
  jQuery('#consoleSummary').append('<div class="wfSummaryLine"><div class="wfSummaryDate">[' + item.date + ']</div><div class="wfSummaryMsg">' + msg + '</div><div class="wfSummaryResult"><a href="https://www.wordfence.com/wordfence-signup/" target="_blank">Paid Members Only</a></div><div class="wfClear"></div>');
415
  summaryUpdated = true;
416
  } else if(item.msg.indexOf('SUM_FINAL:') != -1){
417
- var msg = item.msg.replace('SUM_FINAL:', '');
418
  jQuery('#consoleSummary').append('<div class="wfSummaryLine"><div class="wfSummaryDate">[' + item.date + ']</div><div class="wfSummaryMsg wfSummaryFinal">' + msg + '</div><div class="wfSummaryResult wfSummaryOK">Scan Complete.</div><div class="wfClear"></div>');
419
  } else if(item.msg.indexOf('SUM_PREP:') != -1){
420
- var msg = item.msg.replace('SUM_PREP:', '');
421
  jQuery('#consoleSummary').empty().html('<div class="wfSummaryLine"><div class="wfSummaryDate">[' + item.date + ']</div><div class="wfSummaryMsg">' + msg + '</div><div class="wfSummaryResult" id="wfStartingScan"><div class="wfSummaryLoading"></div></div><div class="wfClear"></div>');
422
  } else if(item.msg.indexOf('SUM_KILLED:') != -1){
423
- var msg = item.msg.replace('SUM_KILLED:', '');
424
  jQuery('#consoleSummary').empty().html('<div class="wfSummaryLine"><div class="wfSummaryDate">[' + item.date + ']</div><div class="wfSummaryMsg">' + msg + '</div><div class="wfSummaryResult wfSummaryOK">Scan Complete.</div><div class="wfClear"></div>');
425
  }
426
  },
@@ -470,13 +461,13 @@ window['wordfenceAdmin'] = {
470
  if(newMsg && newMsg != oldMsg){
471
  jQuery('#wfLiveStatus').hide().html(newMsg).fadeIn(200);
472
  }
473
-
474
  if(this.mode == 'activity'){
475
  if(res.alsoGet != 'logList_' + this.activityMode){ return; } //user switched panels since ajax request started
476
  if(res.events.length > 0){
477
  this.newestActivityTime = res.events[0]['ctime'];
478
  }
479
- var haveEvents = false;
480
  if(jQuery('#wfActivity_' + this.activityMode + ' .wfActEvent').length > 0){
481
  haveEvents = true;
482
  }
@@ -488,7 +479,6 @@ window['wordfenceAdmin'] = {
488
  var elemID = '#wfActEvent_' + res.events[i].id;
489
  if(jQuery(elemID).length < 1){
490
  res.events[i]['activityMode'] = this.activityMode;
491
- var newElem;
492
  if(this.activityMode == 'loginLogout'){
493
  newElem = jQuery('#wfLoginLogoutEventTmpl').tmpl(res.events[i]);
494
  } else {
@@ -509,7 +499,7 @@ window['wordfenceAdmin'] = {
509
  jQuery(elem).html(self.makeTimeAgo(res.serverTime - jQuery(elem).data('wfctime')) + ' ago');
510
  });
511
  } else if(this.mode == 'perfStats'){
512
- var haveEvents = false;
513
  if(jQuery('#wfPerfStats .wfPerfEvent').length > 0){
514
  haveEvents = true;
515
  }
@@ -525,7 +515,7 @@ window['wordfenceAdmin'] = {
525
  for(var i = res.events.length - 1; i >= 0; i--){
526
  res.events[i]['scale'] = this.performanceScale;
527
  res.events[i]['min'] = this.performanceMinWidth;
528
- var newElem = jQuery('#wfPerfStatTmpl').tmpl(res.events[i]);
529
  jQuery(newElem).find('.wfTimeAgo').data('wfctime', res.events[i].ctime);
530
  newElem.prependTo('#wfPerfStats').fadeIn();
531
  }
@@ -534,7 +524,6 @@ window['wordfenceAdmin'] = {
534
  jQuery('#wfPerfStats').html('<p>No events to report yet.</p>');
535
  }
536
  }
537
- var self = this;
538
  jQuery('.wfTimeAgo').each(function(idx, elem){
539
  jQuery(elem).html(self.makeTimeAgo(res.serverTime - jQuery(elem).data('wfctime')) + ' ago');
540
  });
@@ -565,7 +554,7 @@ window['wordfenceAdmin'] = {
565
  if(res.ok){
566
  jQuery('.wfReverseLookup').each(function(idx, elem){
567
  var txt = jQuery(elem).text();
568
- for(ip in res.ips){
569
  if(txt == ip){
570
  if(res.ips[ip]){
571
  jQuery(elem).html('<strong>Hostname:</strong>&nbsp;' + res.ips[ip]);
@@ -591,7 +580,7 @@ window['wordfenceAdmin'] = {
591
  startScan: function(){
592
  var scanReqAnimation = setInterval(function(){
593
  var str = jQuery('#wfStartScanButton1').prop('value');
594
- ch = str.charAt(str.length - 1);
595
  if(ch == '/'){ ch = '-'; }
596
  else if(ch == '-'){ ch = '\\'; }
597
  else if(ch == '\\'){ ch = '|'; }
@@ -631,7 +620,7 @@ window['wordfenceAdmin'] = {
631
  res.summary['lastScanCompleted'] = 'Never';
632
  }
633
  jQuery('.wfIssuesContainer').hide();
634
- for(issueStatus in res.issuesLists){
635
  var containerID = 'wfIssues_dataTable_' + issueStatus;
636
  var tableID = 'wfIssuesTable_' + issueStatus;
637
  if(jQuery('#' + containerID).length < 1){
@@ -672,8 +661,7 @@ window['wordfenceAdmin'] = {
672
  "sClass": "center",
673
  "sType": 'severity',
674
  "fnRender": function(obj) {
675
- var cls = "";
676
- cls = 'wfProbSev' + obj.aData.severity;
677
  return '<span class="' + cls + '"></span>';
678
  }
679
  },
@@ -833,6 +821,7 @@ window['wordfenceAdmin'] = {
833
  },
834
  updateAllIssues: function(op){ // deleteIgnored, deleteNew, ignoreAllNew
835
  var head = "Please confirm";
 
836
  if(op == 'deleteIgnored'){
837
  body = "You have chosen to remove all ignored issues. Once these issues are removed they will be re-scanned by Wordfence and if they have not been fixed, they will appear in the 'new issues' list. Are you sure you want to do this?";
838
  } else if(op == 'deleteNew'){
@@ -1391,8 +1380,7 @@ window['wordfenceAdmin'] = {
1391
  }
1392
  }
1393
  });
1394
- var codes = codesArr.join(',');
1395
- this.countryCodesToSave = codes;
1396
  if(ownCountryBlocked){
1397
  this.colorbox('400px', "Please confirm blocking yourself", "You are about to block your own country. This could lead to you being locked out. Please make sure that your user profile on this machine has a current and valid email address and make sure you know what it is. That way if you are locked out, you can send yourself an unlock email. If you're sure you want to block your own country, click 'Confirm' below, otherwise click 'Cancel'.<br />" +
1398
  '<input type="button" name="but1" value="Confirm" onclick="jQuery.colorbox.close(); WFAD.confirmSaveCountryBlocking();" />&nbsp;<input type="button" name="but1" value="Cancel" onclick="jQuery.colorbox.close();" />');
@@ -1503,7 +1491,7 @@ window['wordfenceAdmin'] = {
1503
  }
1504
  schedule[day] = hours.join(',');
1505
  }
1506
- scheduleTxt = schedule.join('|');
1507
  var self = this;
1508
  this.ajax('wordfence_saveScanSchedule', {
1509
  schedMode: schedMode,
11
  iconErrorMsgs: [],
12
  scanIDLoaded: 0,
13
  colorboxQueue: [],
 
14
  mode: '',
15
  visibleIssuesPanel: 'new',
16
  preFirstScanMsgsLoaded: false,
34
  countryCodesToSave: "",
35
  performanceScale: 3,
36
  performanceMinWidth: 20,
37
+ tourClosed: false,
38
+ welcomeClosed: false,
39
  init: function(){
40
  this.nonce = WordfenceAdminVars.firstNonce;
41
  this.debugOn = WordfenceAdminVars.debugOn == '1' ? true : false;
42
  this.tourClosed = WordfenceAdminVars.tourClosed == '1' ? true : false;
43
+ this.welcomeClosed = WordfenceAdminVars.welcomeClosed == '1' ? true : false;
44
  var startTicker = false;
45
+ var self = this;
46
  if(jQuery('#wordfenceMode_scan').length > 0){
47
  this.mode = 'scan';
48
  jQuery('#wfALogViewLink').prop('href', WordfenceAdminVars.siteBaseURL + '?_wfsf=viewActivityLog&nonce=' + this.nonce);
51
  this.noScanHTML = jQuery('#wfNoScanYetTmpl').tmpl().html();
52
  this.loadIssues();
53
  this.startActivityLogUpdates();
54
+ if(this.needTour()){
55
  this.scanTourStart();
56
  }
57
  } else if(jQuery('#wordfenceMode_activity').length > 0){
58
  this.mode = 'activity';
59
+ this.setupSwitches('wfLiveTrafficOnOff', 'liveTrafficEnabled', function(){});
 
60
  jQuery('#wfLiveTrafficOnOff').change(function(){
61
  if(/^(?:falcon|php)$/.test(WordfenceAdminVars.cacheType) ){
62
  jQuery('#wfLiveTrafficOnOff').attr('checked', false);
73
  this.switchTab(jQuery('#wfLoginLogoutTab'), 'wfTab1', 'wfDataPanel', 'wfActivity_loginLogout', function(){ WFAD.activityTabChanged(); });
74
  }
75
  startTicker = true;
76
+ if(this.needTour()){
 
77
  this.tour('wfWelcomeContent3', 'wfHeading', 'top', 'left', "Learn about Site Performance", function(){ self.tourRedir('WordfenceSitePerf'); });
78
  }
79
  } else if(jQuery('#wordfenceMode_options').length > 0){
81
  jQuery('.wfConfigElem').change(function(){ jQuery('#securityLevel').val('CUSTOM'); });
82
  this.updateTicker(true);
83
  startTicker = true;
84
+ if(this.needTour()){
85
+ this.tour('wfContentBasicOptions', 'wfMarkerBasicOptions', 'top', 'left', "Learn about Live Traffic Options", function(){
 
86
  self.tour('wfContentLiveTrafficOptions', 'wfMarkerLiveTrafficOptions', 'bottom', 'left', "Learn about Scanning Options", function(){
87
  self.tour('wfContentScansToInclude', 'wfMarkerScansToInclude', 'bottom', 'left', "Learn about Firewall Rules", function(){
88
  self.tour('wfContentFirewallRules', 'wfMarkerFirewallRules', 'bottom', 'left', "Learn about Login Security", function(){
99
  this.staticTabChanged();
100
  this.updateTicker(true);
101
  startTicker = true;
102
+ if(this.needTour()){
 
103
  this.tour('wfWelcomeContent4', 'wfHeading', 'top', 'left', "Learn about Cellphone Sign-in", function(){ self.tourRedir('WordfenceTwoFactor'); });
104
  }
105
  } else if(jQuery('#wordfenceMode_twoFactor').length > 0){
106
  this.mode = 'twoFactor';
107
  startTicker = false;
108
+ if(this.needTour()){
 
109
  this.tour('wfWelcomeTwoFactor', 'wfHeading', 'top', 'left', "Learn how to Block Countries", function(){ self.tourRedir('WordfenceCountryBlocking'); });
110
  }
111
  this.loadTwoFactor();
113
  } else if(jQuery('#wordfenceMode_countryBlocking').length > 0){
114
  this.mode = 'countryBlocking';
115
  startTicker = false;
116
+ if(this.needTour()){
 
117
  this.tour('wfWelcomeContentCntBlk', 'wfHeading', 'top', 'left', "Learn how to Schedule Scans", function(){ self.tourRedir('WordfenceScanSchedule'); });
118
  }
119
  } else if(jQuery('#wordfenceMode_rangeBlocking').length > 0){
120
  this.mode = 'rangeBlocking';
121
  startTicker = false;
122
+ if(this.needTour()){
 
123
  this.tour('wfWelcomeContentRangeBlocking', 'wfHeading', 'top', 'left', "Learn how to Customize Wordfence", function(){ self.tourRedir('WordfenceSecOpt'); });
124
  }
125
  this.calcRangeTotal();
127
  } else if(jQuery('#wordfenceMode_whois').length > 0){
128
  this.mode = 'whois';
129
  startTicker = false;
130
+ if(this.needTour()){
 
131
  this.tour('wfWelcomeContentWhois', 'wfHeading', 'top', 'left', "Learn how to use Advanced Blocking", function(){ self.tourRedir('WordfenceRangeBlocking'); });
132
  }
133
  this.calcRangeTotal();
137
  this.mode = 'scanScheduling';
138
  startTicker = false;
139
  this.sched_modeChange();
140
+ if(this.needTour()){
 
141
  this.tour('wfWelcomeContentScanSched', 'wfHeading', 'top', 'left', "Learn about WHOIS", function(){ self.tourRedir('WordfenceWhois'); });
142
  }
143
  } else if(jQuery('#wordfenceMode_caching').length > 0){
144
  this.mode = 'caching';
145
  startTicker = false;
146
+ if(this.needTour()){
 
147
  this.tour('wfWelcomeContentCaching', 'wfHeading', 'top', 'left', "Learn about IP Blocking", function(){ self.tourRedir('WordfenceBlockedIPs'); });
148
  }
149
  this.loadCacheExclusions();
 
 
 
 
 
 
 
 
 
 
 
150
  } else {
151
  this.mode = false;
152
  }
153
  if(this.mode){ //We are in a Wordfence page
 
154
  if(startTicker){
155
  this.updateTicker();
156
  this.liveInt = setInterval(function(){ self.updateTicker(); }, WordfenceAdminVars.actUpdateInterval);
158
  jQuery(document).bind('cbox_closed', function(){ self.colorboxIsOpen = false; self.colorboxServiceQueue(); });
159
  }
160
  },
161
+ needTour: function(){
162
+ if( (! this.tourClosed) && this.welcomeClosed) {
163
+ return true;
164
+ } else {
165
+ return false;
166
+ }
167
+ },
168
  sendTestEmail: function(email){
169
  var self = this;
170
  this.ajax('wordfence_sendTestEmail', { email: email }, function(res){
263
  }
264
  },
265
  startTourAgain: function(){
266
+ var self = this;
267
+ this.ajax('wordfence_startTourAgain', {}, function(res){
268
+ self.tourClosed = false;
269
+ self.scanTourStart();
270
+ });
271
  },
272
  showLoading: function(){
273
  this.loadingCount++;
371
  }
372
  },
373
  processSummaryLine: function(item){
374
+ var msg, summaryUpdated;
375
  if(item.msg.indexOf('SUM_START:') != -1){
376
+ msg = item.msg.replace('SUM_START:', '');
377
  jQuery('#consoleSummary').append('<div class="wfSummaryLine"><div class="wfSummaryDate">[' + item.date + ']</div><div class="wfSummaryMsg">' + msg + '</div><div class="wfSummaryResult"><div class="wfSummaryLoading"></div></div><div class="wfClear"></div>');
378
  summaryUpdated = true;
379
  } else if(item.msg.indexOf('SUM_ENDBAD') != -1){
380
+ msg = item.msg.replace('SUM_ENDBAD:', '');
381
  jQuery('div.wfSummaryMsg:contains("' + msg + '")').next().addClass('wfSummaryBad').html('Problems found.');
382
  summaryUpdated = true;
383
  } else if(item.msg.indexOf('SUM_ENDFAILED') != -1){
384
+ msg = item.msg.replace('SUM_ENDFAILED:', '');
385
  jQuery('div.wfSummaryMsg:contains("' + msg + '")').next().addClass('wfSummaryBad').html('Failed.');
386
  summaryUpdated = true;
387
  } else if(item.msg.indexOf('SUM_ENDOK') != -1){
388
+ msg = item.msg.replace('SUM_ENDOK:', '');
389
  jQuery('div.wfSummaryMsg:contains("' + msg + '")').next().addClass('wfSummaryOK').html('Secure.');
390
  summaryUpdated = true;
391
  } else if(item.msg.indexOf('SUM_ENDSUCCESS') != -1){
392
+ msg = item.msg.replace('SUM_ENDSUCCESS:', '');
393
  jQuery('div.wfSummaryMsg:contains("' + msg + '")').next().addClass('wfSummaryOK').html('Success.');
394
  summaryUpdated = true;
395
  } else if(item.msg.indexOf('SUM_ENDERR') != -1){
396
+ msg = item.msg.replace('SUM_ENDERR:', '');
397
  jQuery('div.wfSummaryMsg:contains("' + msg + '")').next().addClass('wfSummaryErr').html('An error occurred.');
398
  summaryUpdated = true;
399
  } else if(item.msg.indexOf('SUM_DISABLED:') != -1){
400
+ msg = item.msg.replace('SUM_DISABLED:', '');
401
  jQuery('#consoleSummary').append('<div class="wfSummaryLine"><div class="wfSummaryDate">[' + item.date + ']</div><div class="wfSummaryMsg">' + msg + '</div><div class="wfSummaryResult">Disabled [<a href="admin.php?page=WordfenceSecOpt">Visit Options to Enable</a>]</div><div class="wfClear"></div>');
402
  summaryUpdated = true;
403
  } else if(item.msg.indexOf('SUM_PAIDONLY:') != -1){
404
+ msg = item.msg.replace('SUM_PAIDONLY:', '');
405
  jQuery('#consoleSummary').append('<div class="wfSummaryLine"><div class="wfSummaryDate">[' + item.date + ']</div><div class="wfSummaryMsg">' + msg + '</div><div class="wfSummaryResult"><a href="https://www.wordfence.com/wordfence-signup/" target="_blank">Paid Members Only</a></div><div class="wfClear"></div>');
406
  summaryUpdated = true;
407
  } else if(item.msg.indexOf('SUM_FINAL:') != -1){
408
+ msg = item.msg.replace('SUM_FINAL:', '');
409
  jQuery('#consoleSummary').append('<div class="wfSummaryLine"><div class="wfSummaryDate">[' + item.date + ']</div><div class="wfSummaryMsg wfSummaryFinal">' + msg + '</div><div class="wfSummaryResult wfSummaryOK">Scan Complete.</div><div class="wfClear"></div>');
410
  } else if(item.msg.indexOf('SUM_PREP:') != -1){
411
+ msg = item.msg.replace('SUM_PREP:', '');
412
  jQuery('#consoleSummary').empty().html('<div class="wfSummaryLine"><div class="wfSummaryDate">[' + item.date + ']</div><div class="wfSummaryMsg">' + msg + '</div><div class="wfSummaryResult" id="wfStartingScan"><div class="wfSummaryLoading"></div></div><div class="wfClear"></div>');
413
  } else if(item.msg.indexOf('SUM_KILLED:') != -1){
414
+ msg = item.msg.replace('SUM_KILLED:', '');
415
  jQuery('#consoleSummary').empty().html('<div class="wfSummaryLine"><div class="wfSummaryDate">[' + item.date + ']</div><div class="wfSummaryMsg">' + msg + '</div><div class="wfSummaryResult wfSummaryOK">Scan Complete.</div><div class="wfClear"></div>');
416
  }
417
  },
461
  if(newMsg && newMsg != oldMsg){
462
  jQuery('#wfLiveStatus').hide().html(newMsg).fadeIn(200);
463
  }
464
+ var haveEvents, newElem;
465
  if(this.mode == 'activity'){
466
  if(res.alsoGet != 'logList_' + this.activityMode){ return; } //user switched panels since ajax request started
467
  if(res.events.length > 0){
468
  this.newestActivityTime = res.events[0]['ctime'];
469
  }
470
+ haveEvents = false;
471
  if(jQuery('#wfActivity_' + this.activityMode + ' .wfActEvent').length > 0){
472
  haveEvents = true;
473
  }
479
  var elemID = '#wfActEvent_' + res.events[i].id;
480
  if(jQuery(elemID).length < 1){
481
  res.events[i]['activityMode'] = this.activityMode;
 
482
  if(this.activityMode == 'loginLogout'){
483
  newElem = jQuery('#wfLoginLogoutEventTmpl').tmpl(res.events[i]);
484
  } else {
499
  jQuery(elem).html(self.makeTimeAgo(res.serverTime - jQuery(elem).data('wfctime')) + ' ago');
500
  });
501
  } else if(this.mode == 'perfStats'){
502
+ haveEvents = false;
503
  if(jQuery('#wfPerfStats .wfPerfEvent').length > 0){
504
  haveEvents = true;
505
  }
515
  for(var i = res.events.length - 1; i >= 0; i--){
516
  res.events[i]['scale'] = this.performanceScale;
517
  res.events[i]['min'] = this.performanceMinWidth;
518
+ newElem = jQuery('#wfPerfStatTmpl').tmpl(res.events[i]);
519
  jQuery(newElem).find('.wfTimeAgo').data('wfctime', res.events[i].ctime);
520
  newElem.prependTo('#wfPerfStats').fadeIn();
521
  }
524
  jQuery('#wfPerfStats').html('<p>No events to report yet.</p>');
525
  }
526
  }
 
527
  jQuery('.wfTimeAgo').each(function(idx, elem){
528
  jQuery(elem).html(self.makeTimeAgo(res.serverTime - jQuery(elem).data('wfctime')) + ' ago');
529
  });
554
  if(res.ok){
555
  jQuery('.wfReverseLookup').each(function(idx, elem){
556
  var txt = jQuery(elem).text();
557
+ for(var ip in res.ips){
558
  if(txt == ip){
559
  if(res.ips[ip]){
560
  jQuery(elem).html('<strong>Hostname:</strong>&nbsp;' + res.ips[ip]);
580
  startScan: function(){
581
  var scanReqAnimation = setInterval(function(){
582
  var str = jQuery('#wfStartScanButton1').prop('value');
583
+ var ch = str.charAt(str.length - 1);
584
  if(ch == '/'){ ch = '-'; }
585
  else if(ch == '-'){ ch = '\\'; }
586
  else if(ch == '\\'){ ch = '|'; }
620
  res.summary['lastScanCompleted'] = 'Never';
621
  }
622
  jQuery('.wfIssuesContainer').hide();
623
+ for(var issueStatus in res.issuesLists){
624
  var containerID = 'wfIssues_dataTable_' + issueStatus;
625
  var tableID = 'wfIssuesTable_' + issueStatus;
626
  if(jQuery('#' + containerID).length < 1){
661
  "sClass": "center",
662
  "sType": 'severity',
663
  "fnRender": function(obj) {
664
+ var cls = 'wfProbSev' + obj.aData.severity;
 
665
  return '<span class="' + cls + '"></span>';
666
  }
667
  },
821
  },
822
  updateAllIssues: function(op){ // deleteIgnored, deleteNew, ignoreAllNew
823
  var head = "Please confirm";
824
+ var body;
825
  if(op == 'deleteIgnored'){
826
  body = "You have chosen to remove all ignored issues. Once these issues are removed they will be re-scanned by Wordfence and if they have not been fixed, they will appear in the 'new issues' list. Are you sure you want to do this?";
827
  } else if(op == 'deleteNew'){
1380
  }
1381
  }
1382
  });
1383
+ this.countryCodesToSave = codesArr.join(',');
 
1384
  if(ownCountryBlocked){
1385
  this.colorbox('400px', "Please confirm blocking yourself", "You are about to block your own country. This could lead to you being locked out. Please make sure that your user profile on this machine has a current and valid email address and make sure you know what it is. That way if you are locked out, you can send yourself an unlock email. If you're sure you want to block your own country, click 'Confirm' below, otherwise click 'Cancel'.<br />" +
1386
  '<input type="button" name="but1" value="Confirm" onclick="jQuery.colorbox.close(); WFAD.confirmSaveCountryBlocking();" />&nbsp;<input type="button" name="but1" value="Cancel" onclick="jQuery.colorbox.close();" />');
1491
  }
1492
  schedule[day] = hours.join(',');
1493
  }
1494
+ var scheduleTxt = schedule.join('|');
1495
  var self = this;
1496
  this.ajax('wordfence_saveScanSchedule', {
1497
  schedMode: schedMode,
js/tourTip.js CHANGED
@@ -126,7 +126,7 @@ window['wordfenceTour'] = {
126
  }
127
 
128
  jQuery(function(){
129
- if(WordfenceAdminVars.tourClosed != '1'){
130
  var formHTML = '<div style="padding: 0 5px 0 15px;" id="wordfenceEmailDiv"><form target="_new" style="display: inline;" method="post" class="af-form-wrapper" action="http://www.aweber.com/scripts/addlead.pl" ><div style="display: none;"><input type="hidden" name="meta_web_form_id" value="1428034071" /><input type="hidden" name="meta_split_id" value="" /><input type="hidden" name="listname" value="wordfence" /><input type="hidden" name="redirect" value="http://www.aweber.com/thankyou-coi.htm?m=text" id="redirect_ae9f0882518768f447c80ea8f3b7afde" /><input type="hidden" name="meta_adtracking" value="widgetForm" /><input type="hidden" name="meta_message" value="1" /><input type="hidden" name="meta_required" value="email" /><input type="hidden" name="meta_tooltip" value="" /></div><input class="text" id="wfListEmail" type="text" name="email" value="Enter your email" tabindex="500" onclick="wordfenceTour.wfClearEmailField(); return false;" /><input name="submit" type="submit" value="Get Alerted" tabindex="501" onclick="var evt = event || window.event; try { return wordfenceTour.processEmailClick(evt); } catch(err){ evt.returnValue = false; evt.preventDefault(); }" /><div style="display: none;"><img src="http://forms.aweber.com/form/displays.htm?id=jCxMHAzMLAzsjA==" alt="" /></div><div style="padding: 5px; font-size: 10px;"><input type="checkbox" id="wfJoinListCheck" value="1" checked /><span style="font-size: 10px;">Also join our WordPress Security email list to receive WordPress Security Alerts and Wordfence news.</span></div></form></div>';
131
  var elem = '#toplevel_page_Wordfence';
132
  jQuery(elem).pointer({
@@ -137,10 +137,10 @@ if(WordfenceAdminVars.tourClosed != '1'){
137
  pointerWidth: 300,
138
  position: { edge: 'bottom', align: 'left' },
139
  buttons: function(event, t){
140
- buttonElem = jQuery('<a id="pointer-close" style="margin-left:5px" class="button-secondary">Close</a>');
141
  buttonElem.bind('click.pointer', function(){ t.element.pointer('close');
142
  var ajaxData = {
143
- action: 'wordfence_tourClosed',
144
  nonce: WordfenceAdminVars.firstNonce
145
  };
146
  jQuery.ajax({
@@ -156,7 +156,21 @@ if(WordfenceAdminVars.tourClosed != '1'){
156
  }
157
  }).pointer('open');
158
  jQuery('#pointer-close').after('<a id="pointer-primary" class="button-primary">Start Tour</a>');
159
- jQuery('#pointer-primary').click(function(){ window.location.href = 'admin.php?page=Wordfence'; });
 
 
 
 
 
 
 
 
 
 
 
 
 
 
160
  }
161
  });
162
 
126
  }
127
 
128
  jQuery(function(){
129
+ if(WordfenceAdminVars.tourClosed != '1' && WordfenceAdminVars.welcomeClosed != '1'){
130
  var formHTML = '<div style="padding: 0 5px 0 15px;" id="wordfenceEmailDiv"><form target="_new" style="display: inline;" method="post" class="af-form-wrapper" action="http://www.aweber.com/scripts/addlead.pl" ><div style="display: none;"><input type="hidden" name="meta_web_form_id" value="1428034071" /><input type="hidden" name="meta_split_id" value="" /><input type="hidden" name="listname" value="wordfence" /><input type="hidden" name="redirect" value="http://www.aweber.com/thankyou-coi.htm?m=text" id="redirect_ae9f0882518768f447c80ea8f3b7afde" /><input type="hidden" name="meta_adtracking" value="widgetForm" /><input type="hidden" name="meta_message" value="1" /><input type="hidden" name="meta_required" value="email" /><input type="hidden" name="meta_tooltip" value="" /></div><input class="text" id="wfListEmail" type="text" name="email" value="Enter your email" tabindex="500" onclick="wordfenceTour.wfClearEmailField(); return false;" /><input name="submit" type="submit" value="Get Alerted" tabindex="501" onclick="var evt = event || window.event; try { return wordfenceTour.processEmailClick(evt); } catch(err){ evt.returnValue = false; evt.preventDefault(); }" /><div style="display: none;"><img src="http://forms.aweber.com/form/displays.htm?id=jCxMHAzMLAzsjA==" alt="" /></div><div style="padding: 5px; font-size: 10px;"><input type="checkbox" id="wfJoinListCheck" value="1" checked /><span style="font-size: 10px;">Also join our WordPress Security email list to receive WordPress Security Alerts and Wordfence news.</span></div></form></div>';
131
  var elem = '#toplevel_page_Wordfence';
132
  jQuery(elem).pointer({
137
  pointerWidth: 300,
138
  position: { edge: 'bottom', align: 'left' },
139
  buttons: function(event, t){
140
+ var buttonElem = jQuery('<a id="pointer-close" style="margin-left:5px" class="button-secondary">Close</a>');
141
  buttonElem.bind('click.pointer', function(){ t.element.pointer('close');
142
  var ajaxData = {
143
+ action: 'wordfence_welcomeClosed',
144
  nonce: WordfenceAdminVars.firstNonce
145
  };
146
  jQuery.ajax({
156
  }
157
  }).pointer('open');
158
  jQuery('#pointer-close').after('<a id="pointer-primary" class="button-primary">Start Tour</a>');
159
+ jQuery('#pointer-primary').click(function(){
160
+ var ajaxData = {
161
+ action: 'wordfence_welcomeClosed',
162
+ nonce: WordfenceAdminVars.firstNonce
163
+ };
164
+ jQuery.ajax({
165
+ type: 'POST',
166
+ url: WordfenceAdminVars.ajaxURL,
167
+ dataType: "json",
168
+ data: ajaxData,
169
+ success: function(json){ window.location.href = 'admin.php?page=Wordfence'; },
170
+ error: function(){ window.location.href = 'admin.php?page=Wordfence'; }
171
+ });
172
+
173
+ });
174
  }
175
  });
176
 
lib/Diff/SequenceMatcher.php CHANGED
@@ -621,56 +621,6 @@ class Diff_SequenceMatcher
621
  return $sum + ($triple[count($triple) - 1]);
622
  }
623
 
624
- /**
625
- * Quickly return an upper bound ratio for the similarity of the strings.
626
- * This is quicker to compute than Ratio().
627
- *
628
- * @return float The calculated ratio.
629
- */
630
- private function quickRatio()
631
- {
632
- if($this->fullBCount === null) {
633
- $this->fullBCount = array();
634
- $bLength = count ($b);
635
- for($i = 0; $i < $bLength; ++$i) {
636
- $char = $this->b[$i];
637
- $this->fullBCount[$char] = $this->arrayGetDefault($this->fullBCount, $char, 0) + 1;
638
- }
639
- }
640
-
641
- $avail = array();
642
- $matches = 0;
643
- $aLength = count ($this->a);
644
- for($i = 0; $i < $aLength; ++$i) {
645
- $char = $this->a[$i];
646
- if(isset($avail[$char])) {
647
- $numb = $avail[$char];
648
- }
649
- else {
650
- $numb = $this->arrayGetDefault($this->fullBCount, $char, 0);
651
- }
652
- $avail[$char] = $numb - 1;
653
- if($numb > 0) {
654
- ++$matches;
655
- }
656
- }
657
-
658
- $this->calculateRatio($matches, count ($this->a) + count ($this->b));
659
- }
660
-
661
- /**
662
- * Return an upper bound ratio really quickly for the similarity of the strings.
663
- * This is quicker to compute than Ratio() and quickRatio().
664
- *
665
- * @return float The calculated ratio.
666
- */
667
- private function realquickRatio()
668
- {
669
- $aLength = count ($this->a);
670
- $bLength = count ($this->b);
671
-
672
- return $this->calculateRatio(min($aLength, $bLength), $aLength + $bLength);
673
- }
674
 
675
  /**
676
  * Helper function for calculating the ratio to measure similarity for the strings.
621
  return $sum + ($triple[count($triple) - 1]);
622
  }
623
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
624
 
625
  /**
626
  * Helper function for calculating the ratio to measure similarity for the strings.
lib/IPTraf.php CHANGED
@@ -31,6 +31,6 @@
31
 
32
  </table>
33
 
34
- <div class="footer">&copy;&nbsp;2011 to 2015 Wordfence &mdash; Visit <a href="http://wordfence.com/">Wordfence.com</a> for help, security updates and more.</a>
35
  </body>
36
  </html>
31
 
32
  </table>
33
 
34
+ <div class="footer">&copy;&nbsp;2011 to 2015 Wordfence &mdash; Visit <a href="http://wordfence.com/">Wordfence.com</a> for help, security updates and more.</div>
35
  </body>
36
  </html>
lib/conntest.php CHANGED
@@ -63,7 +63,7 @@ function doCurlTest($protocol){
63
  curl_setopt ($curl, CURLOPT_SSL_VERIFYPEER, false);
64
  curl_setopt ($curl, CURLOPT_SSL_VERIFYHOST, false);
65
  curl_setopt ($curl, CURLOPT_WRITEFUNCTION, 'curlWrite');
66
- $curlResult = curl_exec($curl);
67
  $httpStatus = curl_getinfo($curl, CURLINFO_HTTP_CODE);
68
  if(strpos($curlContent, 'Your site did not send an API key') !== false){
69
  echo "Curl connectivity test passed.<br /><br />\n";
63
  curl_setopt ($curl, CURLOPT_SSL_VERIFYPEER, false);
64
  curl_setopt ($curl, CURLOPT_SSL_VERIFYHOST, false);
65
  curl_setopt ($curl, CURLOPT_WRITEFUNCTION, 'curlWrite');
66
+ curl_exec($curl);
67
  $httpStatus = curl_getinfo($curl, CURLINFO_HTTP_CODE);
68
  if(strpos($curlContent, 'Your site did not send an API key') !== false){
69
  echo "Curl connectivity test passed.<br /><br />\n";
lib/cronview.php ADDED
@@ -0,0 +1,30 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php if ( ! wfUtils::isAdmin() ) {
2
+ exit();
3
+ } ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
4
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
5
+ <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">
6
+ <head>
7
+ <title>Wordfence Cron Viewer</title>
8
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
9
+ <link rel='stylesheet' id='wordfence-main-style-css'
10
+ href='<?php echo wfUtils::getBaseURL(); ?>/css/phpinfo.css?ver=<?php echo WORDFENCE_VERSION; ?>'
11
+ type='text/css' media='all'/>
12
+ <body>
13
+ <h1>Wordfence Cron Viewer</h1>
14
+ <p style="width: 400px;">This page is used for debugging and shows a list of scheduled jobs on your system. Our staff may ask you to send them the
15
+ data on this page as part of a troubleshooting process.</p>
16
+ <?php
17
+ $cron = _get_cron_array();
18
+
19
+ foreach ( $cron as $timestamp => $values ) {
20
+ if ( is_array( $values ) ) {
21
+ foreach ( $values as $cron_job => $v ) {
22
+ echo date( 'r', $timestamp ) . " : " . $cron_job . "<br />";
23
+ }
24
+ }
25
+ }
26
+ ?>
27
+
28
+ <div class="diffFooter">&copy;&nbsp;2011 to 2015 Wordfence &mdash; Visit <a href="http://wordfence.com/">Wordfence.com</a> for help, security updates and more.</div>
29
+ </body>
30
+ </html>
lib/dbview.php ADDED
@@ -0,0 +1,31 @@
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
+ <?php if ( ! wfUtils::isAdmin() ) {
2
+ exit();
3
+ } ?><!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
4
+ "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
5
+ <html xmlns="http://www.w3.org/1999/xhtml" dir="ltr" lang="en-US">
6
+ <head>
7
+ <title>Wordfence DB Table Viewer</title>
8
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/>
9
+ <link rel='stylesheet' id='wordfence-main-style-css'
10
+ href='<?php echo wfUtils::getBaseURL(); ?>/css/phpinfo.css?ver=<?php echo WORDFENCE_VERSION; ?>'
11
+ type='text/css' media='all'/>
12
+ <body>
13
+ <h1>Wordfence Database Table Viewer</h1>
14
+ <p style="width: 400px;">This page is used for debugging and shows a list of database tables and their status on your system. Our staff may ask you to send them the
15
+ data on this page as part of a troubleshooting process.</p>
16
+ <?php
17
+ $wfdb = new wfDB();
18
+ $q = $wfdb->querySelect("show table status");
19
+ foreach($q as $val){
20
+ foreach($val as $tkey => $tval){
21
+ echo '<span style="color: #999; font-style: italic;">' . $tkey . ':</span> ' . $tval . ' ';
22
+ }
23
+ echo '<br />-----------------------------------------------------------------------------------------<br />';
24
+ }
25
+
26
+ ?>
27
+
28
+ <div class="diffFooter">&copy;&nbsp;2011 to 2015 Wordfence &mdash; Visit <a
29
+ href="http://wordfence.com/">Wordfence.com</a> for help, security updates and more.</div>
30
+ </body>
31
+ </html>
lib/diffResult.php CHANGED
@@ -40,6 +40,6 @@
40
  ?>
41
 
42
 
43
- <div class="diffFooter">&copy;&nbsp;2011 Wordfence &mdash; Visit <a href="http://wordfence.com/">Wordfence.com</a> for help, security updates and more.</a>
44
  </body>
45
  </html>
40
  ?>
41
 
42
 
43
+ <div class="diffFooter">&copy;&nbsp;2011 Wordfence &mdash; Visit <a href="http://wordfence.com/">Wordfence.com</a> for help, security updates and more.</div>
44
  </body>
45
  </html>
lib/email_genericAlert.php CHANGED
@@ -1,31 +1,31 @@
1
- <p>This email was sent from your website "<?php echo $blogName; ?>" by the Wordfence plugin at <?php echo $date; ?></p>
2
 
3
- <p>The Wordfence administrative URL for this site is: <?php echo $adminURL; ?>admin.php?page=Wordfence</p>
4
 
5
- <p><?php echo $alertMsg; ?></p>
6
- <?php if($IPMsg){ echo "\n<p>$IPMsg</p>\n"; } ?>
7
 
8
  <?php if(! $isPaid){ ?>
9
- <p>NOTE: You are using the free version of Wordfence. Upgrading to the paid version of Wordfence gives you
10
  two factor authentication (sign-in via cellphone) and country blocking which are both effective methods to block attacks.
11
  A Premium Wordfence license also includes remote scanning with each scan of your site which can detect
12
  several additional website infections. Premium members can also schedule when website scans occur and
13
- can scan more than once per day.</p>
14
 
15
- <p>As a Premium member you also get access to our priority support system located at http://support.wordfence.com/ and can file
16
- priority support tickets using our ticketing system. </p>
17
 
18
- <p>Click here to sign-up for the Premium version of Wordfence now.<br>
19
- <a href="https://www.wordfence.com/wordfence-signup/">https://www.wordfence.com/wordfence-signup/<a></p>
20
 
21
  <?php } ?>
22
 
23
  --
24
- <p>To change your alert options for Wordfence, visit:<br>
25
- <?php echo $myOptionsURL; ?></p>
26
 
27
- <p>To see current Wordfence alerts, visit:<br>
28
- <?php echo $myHomeURL; ?></p>
29
 
30
 
31
 
1
+ This email was sent from your website "<?php echo $blogName; ?>" by the Wordfence plugin at <?php echo $date; ?>
2
 
3
+ The Wordfence administrative URL for this site is: <?php echo $adminURL; ?>admin.php?page=Wordfence
4
 
5
+ <?php echo $alertMsg; ?>
6
+ <?php if($IPMsg){ echo "\n$IPMsg\n"; } ?>
7
 
8
  <?php if(! $isPaid){ ?>
9
+ NOTE: You are using the free version of Wordfence. Upgrading to the paid version of Wordfence gives you
10
  two factor authentication (sign-in via cellphone) and country blocking which are both effective methods to block attacks.
11
  A Premium Wordfence license also includes remote scanning with each scan of your site which can detect
12
  several additional website infections. Premium members can also schedule when website scans occur and
13
+ can scan more than once per day.
14
 
15
+ As a Premium member you also get access to our priority support system located at http://support.wordfence.com/ and can file
16
+ priority support tickets using our ticketing system.
17
 
18
+ Click here to sign-up for the Premium version of Wordfence now.
19
+ https://www.wordfence.com/wordfence-signup/
20
 
21
  <?php } ?>
22
 
23
  --
24
+ To change your alert options for Wordfence, visit:
25
+ <?php echo $myOptionsURL; ?>
26
 
27
+ To see current Wordfence alerts, visit:
28
+ <?php echo $myHomeURL; ?>
29
 
30
 
31
 
lib/menu_options.php CHANGED
@@ -1,402 +1,1141 @@
1
- <?php
2
- $w = new wfConfig();
3
  ?>
4
  <script type="text/javascript">
5
- var WFSLevels = <?php echo json_encode(wfConfig::$securityLevels); ?>;
6
  </script>
7
  <div class="wordfenceModeElem" id="wordfenceMode_options"></div>
8
  <div class="wrap">
9
- <?php require('menuHeader.php'); ?>
10
- <?php $helpLink="http://docs.wordfence.com/en/Wordfence_options"; $helpLabel="Learn more about Wordfence Options"; $pageTitle = "Wordfence Options"; include('pageTitle.php'); ?>
 
 
 
11
  <div class="wordfenceLive">
12
  <table border="0" cellpadding="0" cellspacing="0">
13
- <tr><td><h2>Wordfence Live Activity:</h2></td><td id="wfLiveStatus"></td></tr>
 
 
 
14
  </table>
15
  </div>
16
 
17
  <form id="wfConfigForm">
18
- <table class="wfConfigForm">
19
- <tr><td colspan="2"><h2>License</h2></td></tr>
20
-
21
- <tr><th>Your Wordfence API Key:<a href="http://docs.wordfence.com/en/Wordfence_options#Wordfence_API_Key" target="_blank" class="wfhelp"></a></th><td><input type="text" id="apiKey" name="apiKey" value="<?php $w->f('apiKey'); ?>" size="80" /></td></tr>
22
- <tr><th>Key type currently active:</th><td>
23
- <?php if(wfConfig::get('isPaid')){ ?>
24
- The currently active API Key is a Premium Key. <span style="font-weight: bold; color: #0A0;">Premium scanning enabled!</span>
25
- <?php } else {?>
26
- The currently active API Key is a <span style="color: #F00; font-weight: bold;">Free Key</a>. <a href="https://www.wordfence.com/wordfence-signup/" target="_blank">Click Here to Upgrade to Wordfence Premium now.</a>
27
- <?php } ?>
28
- </td></tr>
29
- <tr><td colspan="2">
30
- <?php if(wfConfig::get('isPaid')){ ?>
31
- <table border="0"><tr><td><a href="https://www.wordfence.com/manage-wordfence-api-keys/" target="_blank"><input type="button" value="Renew your premium license" /></a></td><td>&nbsp;</td><td><input type="button" value="Downgrade to a free license" onclick="WFAD.downgradeLicense();" /></td></tr></table>
32
- <?php } ?>
33
-
34
-
35
- <tr><td colspan="2"><h2>Basic Options<a href="http://docs.wordfence.com/en/Wordfence_options#Basic_Options" target="_blank" class="wfhelp"></a></h2></td></tr>
36
- <tr><th class="wfConfigEnable">Enable firewall<a href="http://docs.wordfence.com/en/Wordfence_options#Enable_Firewall" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="firewallEnabled" class="wfConfigElem" name="firewallEnabled" value="1" <?php $w->cb('firewallEnabled'); ?> />&nbsp;<span style="color: #F00;">NOTE:</span> This checkbox enables ALL firewall functions including IP, country and advanced blocking and the "Firewall Rules" below.</td></tr>
37
- <tr><td colspan="2">&nbsp;</td></tr>
38
- <tr><th class="wfConfigEnable">Enable login security<a href="http://docs.wordfence.com/en/Wordfence_options#Enable_login_security" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="loginSecurityEnabled" class="wfConfigElem" name="loginSecurityEnabled" value="1" <?php $w->cb('loginSecurityEnabled'); ?> />&nbsp;This option enables all "Login Security" options. You can modify individual options further down this page.</td></tr>
39
- <tr><td colspan="2">&nbsp;</td></tr>
40
- <tr><th class="wfConfigEnable">Enable Live Traffic View<a href="http://docs.wordfence.com/en/Wordfence_options#Enable_Live_Traffic_View" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="liveTrafficEnabled" class="wfConfigElem" name="liveTrafficEnabled" value="1" <?php $w->cb('liveTrafficEnabled'); ?> onclick="WFAD.reloadConfigPage = true; return true;" />&nbsp;This option enables live traffic logging.</td></tr>
41
- <tr><td colspan="2">&nbsp;</td></tr>
42
- <tr><th class="wfConfigEnable">Advanced Comment Spam Filter<a href="http://docs.wordfence.com/en/Wordfence_options#Advanced_Comment_Spam_Filter" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="advancedCommentScanning" class="wfConfigElem" name="advancedCommentScanning" value="1" <?php $w->cbp('advancedCommentScanning'); if(! wfConfig::get('isPaid')){ ?>onclick="alert('This is a paid feature because it places significant additional load on our servers.'); jQuery('#advancedCommentScanning').attr('checked', false); return false;" <?php } ?> />&nbsp;<span style="color: #F00;">Premium Feature</span> In addition to free comment filtering (see below) this option filters comments against several additional real-time lists of known spammers and infected hosts.</td></tr>
43
- <tr><th class="wfConfigEnable">Check if this website is being "Spamvertised"<a href="http://docs.wordfence.com/en/Wordfence_options#Check_if_this_website_is_being_.22Spamvertized.22" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="spamvertizeCheck" class="wfConfigElem" name="spamvertizeCheck" value="1" <?php $w->cbp('spamvertizeCheck'); if(! wfConfig::get('isPaid')){ ?>onclick="alert('This is a paid feature because it places significant additional load on our servers.'); jQuery('#spamvertizeCheck').attr('checked', false); return false;" <?php } ?> />&nbsp;<span style="color: #F00;">Premium Feature</span> When doing a scan, Wordfence will check with spam services if your site domain name is appearing as a link in spam emails.</td></tr>
44
- <tr><th class="wfConfigEnable">Check if this website IP is generating spam<a href="http://docs.wordfence.com/en/Wordfence_options#Check_if_this_website_IP_is_generating_spam" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="checkSpamIP" class="wfConfigElem" name="checkSpamIP" value="1" <?php $w->cbp('checkSpamIP'); if(! wfConfig::get('isPaid')){ ?>onclick="alert('This is a paid feature because it places significant additional load on our servers.'); jQuery('#checkSpamIP').attr('checked', false); return false;" <?php } ?> />&nbsp;<span style="color: #F00;">Premium Feature</span> When doing a scan, Wordfence will check with spam services if your website IP address is listed as a known source of spam email.</td></tr>
45
- <tr><td colspan="2">&nbsp;</td></tr>
46
- <?php /* <tr><th class="wfConfigEnable">Enable Performance Monitoring</th><td><input type="checkbox" id="perfLoggingEnabled" class="wfConfigElem" name="perfLoggingEnabled" value="1" <?php $w->cb('perfLoggingEnabled'); ?> onclick="WFAD.reloadConfigPage = true; return true;" />&nbsp;This option enables performance monitoring.</td></tr> */ ?>
47
- <tr><td colspan="2">&nbsp;</td></tr>
48
- <tr><th class="wfConfigEnable">Enable automatic scheduled scans<a href="http://docs.wordfence.com/en/Wordfence_options#Enable_automatic_scheduled_scans" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="scheduledScansEnabled" class="wfConfigElem" name="scheduledScansEnabled" value="1" <?php $w->cb('scheduledScansEnabled'); ?> />&nbsp;Regular scans ensure your site stays secure.</td></tr>
49
- <tr><td colspan="2">&nbsp;</td></tr>
50
- <tr><th class="wfConfigEnable">Update Wordfence automatically when a new version is released?<a href="http://docs.wordfence.com/en/Wordfence_options#Update_Wordfence_Automatically_when_a_new_version_is_released" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="autoUpdate" class="wfConfigElem" name="autoUpdate" value="1" <?php $w->cb('autoUpdate'); ?> />&nbsp;Automatically updates Wordfence to the newest version within 24 hours of a new release.<br />
51
- <?php if(getenv('noabort') != '1' && stristr($_SERVER['SERVER_SOFTWARE'], 'litespeed') !== false){ ?>
52
- <span style="color: #F00;">Warning: </span>You are running LiteSpeed web server and you don't have the "noabort" variable set in your .htaccess.<br />
53
- <a href="https://support.wordfence.com/solution/articles/1000129050-running-wordfence-under-litespeed-web-server-and-preventing-process-killing-or" target="_blank">Please read this article in our FAQ to make an important change that will ensure your site stability during an update.<br />
54
- <?php } ?>
55
- </td></tr>
56
- <tr><td colspan="2">&nbsp;</td></tr>
57
-
58
- <tr><th>Where to email alerts:<a href="http://docs.wordfence.com/en/Wordfence_options#Where_to_email_alerts" target="_blank" class="wfhelp"></a></th><td><input type="text" id="alertEmails" name="alertEmails" value="<?php $w->f('alertEmails'); ?>" size="50" />&nbsp;<span class="wfTipText">Separate multiple emails with commas</span></td></tr>
59
- <tr><th colspan="2">&nbsp;</th></tr>
60
- <tr><th>Security Level:<a href="http://docs.wordfence.com/en/Wordfence_options#Security_Level" target="_blank" class="wfhelp"></a></th><td>
61
- <select id="securityLevel" name="securityLevel" onchange="WFAD.changeSecurityLevel(); return true;">
62
- <option value="0"<?php $w->sel('securityLevel', '0'); ?>>Level 0: Disable all Wordfence security measures</option>
63
- <option value="1"<?php $w->sel('securityLevel', '1'); ?>>Level 1: Light protection. Just the basics</option>
64
- <option value="2"<?php $w->sel('securityLevel', '2'); ?>>Level 2: Medium protection. Suitable for most sites</option>
65
- <option value="3"<?php $w->sel('securityLevel', '3'); ?>>Level 3: High security. Use this when an attack is imminent</option>
66
- <option value="4"<?php $w->sel('securityLevel', '4'); ?>>Level 4: Lockdown. Protect the site against an attack in progress at the cost of inconveniencing some users</option>
67
- <option value="CUSTOM"<?php $w->sel('securityLevel', 'CUSTOM'); ?>>Custom settings</option>
68
- </select>
69
- </td></tr>
70
- <tr><th>How does Wordfence get IPs:<a href="http://docs.wordfence.com/en/Wordfence_options#How_does_Wordfence_get_IPs" target="_blank" class="wfhelp"></a></th><td>
71
- <select id="howGetIPs" name="howGetIPs">
72
- <option value="">Let Wordfence use the most secure method to get visitor IP addresses. Prevents spoofing and works with most sites.</option>
73
- <option value="REMOTE_ADDR"<?php $w->sel('howGetIPs', 'REMOTE_ADDR'); ?>>Use PHP's built in REMOTE_ADDR and don't use anything else. Very secure if this is compatible with your site.</option>
74
- <option value="HTTP_X_FORWARDED_FOR"<?php $w->sel('howGetIPs', 'HTTP_X_FORWARDED_FOR'); ?>>Use the X-Forwarded-For HTTP header. Only use if you have a front-end proxy or spoofing may result.</option>
75
- <option value="HTTP_X_REAL_IP"<?php $w->sel('howGetIPs', 'HTTP_X_REAL_IP'); ?>>Use the X-Real-IP HTTP header. Only use if you have a front-end proxy or spoofing may result.</option>
76
- <option value="HTTP_CF_CONNECTING_IP"<?php $w->sel('howGetIPs', 'HTTP_CF_CONNECTING_IP'); ?>>Use the Cloudflare "CF-Connecting-IP" HTTP header to get a visitor IP. Only use if you're using Cloudflare.</option>
77
- </select>
78
- </td></tr>
79
- </table>
80
- <p><table border="0" cellpadding="0" cellspacing="0"><tr><td><input type="button" id="button1" name="button1" class="button-primary" value="Save Changes" onclick="WFAD.saveConfig();" /></td><td style="height: 24px;"><div class="wfAjax24"></div><span class="wfSavedMsg">&nbsp;Your changes have been saved!</span></td></tr></table></p>
81
- <div class="wfMarker" id="wfMarkerBasicOptions"></div>
82
- <div style="margin-top: 25px;">
83
- <h2>Advanced Options:<a href="http://docs.wordfence.com/en/Wordfence_options#Advanced_Options" target="_blank" class="wfhelp"></a></h2>
84
- <p style="width: 600px;">
85
- Wordfence works great out of the box for most websites. Simply install Wordfence and your site and content is protected. For finer granularity of control, we have provided advanced options.
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
86
  </p>
87
- </div>
88
- <div id="wfConfigAdvanced">
89
- <table class="wfConfigForm">
90
- <tr><td colspan="2"><h3 class="wfConfigHeading">Alerts<a href="http://docs.wordfence.com/en/Wordfence_options#Alerts" target="_blank" class="wfhelp"></a></h3></td></tr>
91
- <?php
92
- $emails = wfConfig::getAlertEmails();
93
- if(sizeof($emails) < 1){
94
- echo "<tr><th colspan=\"2\" style=\"color: #F00;\">You have not configured an email to receive alerts yet. Set this up under \"Basic Options\" above.</th></tr>\n";
95
- }
96
- ?>
97
- <tr><th>Email me when Wordfence is automatically updated</th><td><input type="checkbox" id="alertOn_update" class="wfConfigElem" name="alertOn_update" value="1" <?php $w->cb('alertOn_update'); ?>/>&nbsp;If you have automatic updates enabled (see above), you'll get an email when an update occurs.</td></tr>
98
- <tr><th>Alert on critical problems</th><td><input type="checkbox" id="alertOn_critical" class="wfConfigElem" name="alertOn_critical" value="1" <?php $w->cb('alertOn_critical'); ?>/></td></tr>
99
- <tr><th>Alert on warnings</th><td><input type="checkbox" id="alertOn_warnings" class="wfConfigElem" name="alertOn_warnings" value="1" <?php $w->cb('alertOn_warnings'); ?>/></td></tr>
100
- <tr><th>Alert when an IP address is blocked</th><td><input type="checkbox" id="alertOn_block" class="wfConfigElem" name="alertOn_block" value="1" <?php $w->cb('alertOn_block'); ?>/></td></tr>
101
- <tr><th>Alert when someone is locked out from login</th><td><input type="checkbox" id="alertOn_loginLockout" class="wfConfigElem" name="alertOn_loginLockout" value="1" <?php $w->cb('alertOn_loginLockout'); ?>/></td></tr>
102
- <tr><th>Alert when the "lost password" form is used for a valid user</th><td><input type="checkbox" id="alertOn_lostPasswdForm" class="wfConfigElem" name="alertOn_lostPasswdForm" value="1" <?php $w->cb('alertOn_lostPasswdForm'); ?>/></td></tr>
103
- <tr><th>Alert me when someone with administrator access signs in</th><td><input type="checkbox" id="alertOn_adminLogin" class="wfConfigElem" name="alertOn_adminLogin" value="1" <?php $w->cb('alertOn_adminLogin'); ?>/></td></tr>
104
- <tr><th>Alert me when a non-admin user signs in</th><td><input type="checkbox" id="alertOn_nonAdminLogin" class="wfConfigElem" name="alertOn_nonAdminLogin" value="1" <?php $w->cb('alertOn_nonAdminLogin'); ?>/></td></tr>
105
- <tr><th>Maximum email alerts to send per hour</th><td>&nbsp;<input type="text" id="alert_maxHourly" name="alert_maxHourly" value="<?php $w->f('alert_maxHourly'); ?>" size="4" />0 or empty means unlimited alerts will be sent.</td></tr>
106
- <tr><td colspan="2">
107
- <div class="wfMarker" id="wfMarkerLiveTrafficOptions"></div>
108
- <h3 class="wfConfigHeading">Live Traffic View<a href="http://docs.wordfence.com/en/Wordfence_options#Live_Traffic_View" target="_blank" class="wfhelp"></a></h3>
109
- </td></tr>
110
- <tr><th>Don't log signed-in users with publishing access:</th><td><input type="checkbox" id="liveTraf_ignorePublishers" name="liveTraf_ignorePublishers" value="1" <?php $w->cb('liveTraf_ignorePublishers'); ?> /></td></tr>
111
- <tr><th>List of comma separated usernames to ignore:</th><td><input type="text" name="liveTraf_ignoreUsers" id="liveTraf_ignoreUsers" value="<?php echo $w->getHTML('liveTraf_ignoreUsers'); ?>" /></td></tr>
112
- <tr><th>List of comma separated IP addresses to ignore:</th><td><input type="text" name="liveTraf_ignoreIPs" id="liveTraf_ignoreIPs" value="<?php echo $w->getHTML('liveTraf_ignoreIPs'); ?>" /></td></tr>
113
- <tr><th>Browser user-agent to ignore:</th><td><input type="text" name="liveTraf_ignoreUA" id="liveTraf_ignoreUA" value="<?php echo $w->getHTML('liveTraf_ignoreUA'); ?>" /></td></tr>
114
- <tr><td colspan="2">
115
- <div class="wfMarker" id="wfMarkerScansToInclude"></div>
116
- <h3 class="wfConfigHeading">Scans to include<a href="http://docs.wordfence.com/en/Wordfence_options#Scans_to_Include" target="_blank" class="wfhelp"></a></h3></td></tr>
117
- <?php if(wfConfig::get('isPaid')){ ?>
118
- <tr><th>Scan public facing site for vulnerabilities?<a href="http://docs.wordfence.com/en/Wordfence_options#Scan_public_facing_site" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="scansEnabled_public" class="wfConfigElem" name="scansEnabled_public" value="1" <?php $w->cb('scansEnabled_public'); ?></td></tr>
119
- <?php } else { ?>
120
- <tr><th style="color: #F00;">Scan public facing site for vulnerabilities?<a href="http://docs.wordfence.com/en/Wordfence_options#Scan_public_facing_site" target="_blank" class="wfhelp"></a>(<a href="https://www.wordfence.com/wordfence-signup/" target="_blank">Paid members only</a>)</th><td><input type="checkbox" id="scansEnabled_public" class="wfConfigElem" name="scansEnabled_public" value="1" DISABLED ?></td></tr>
121
- <?php } ?>
122
- <tr><th>Scan for the HeartBleed vulnerability?<a href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_the_HeartBleed_vulnerability" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="scansEnabled_heartbleed" class="wfConfigElem" name="scansEnabled_heartbleed" value="1" <?php $w->cb('scansEnabled_heartbleed'); ?></td></tr>
123
- <tr><th>Scan core files against repository versions for changes<a href="http://docs.wordfence.com/en/Wordfence_options#Scan_core_files_against_repository_version_for_changes" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="scansEnabled_core" class="wfConfigElem" name="scansEnabled_core" value="1" <?php $w->cb('scansEnabled_core'); ?>/></td></tr>
124
-
125
- <tr><th>Scan theme files against repository versions for changes<a href="http://docs.wordfence.com/en/Wordfence_options#Scan_theme_files_against_repository_versions_for_changes" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="scansEnabled_themes" class="wfConfigElem" name="scansEnabled_themes" value="1" <?php $w->cb('scansEnabled_themes'); ?>/></td></tr>
126
- <tr><th>Scan plugin files against repository versions for changes<a href="http://docs.wordfence.com/en/Wordfence_options#Scan_plugin_files_against_repository_versions_for_changes" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="scansEnabled_plugins" class="wfConfigElem" name="scansEnabled_plugins" value="1" <?php $w->cb('scansEnabled_plugins'); ?>/></td></tr>
127
- <tr><th>Scan for signatures of known malicious files<a href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_signatures_of_known_malicious_files" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="scansEnabled_malware" class="wfConfigElem" name="scansEnabled_malware" value="1" <?php $w->cb('scansEnabled_malware'); ?>/></td></tr>
128
- <tr><th>Scan file contents for backdoors, trojans and suspicious code<a href="http://docs.wordfence.com/en/Wordfence_options#Scan_file_contents_for_backdoors.2C_trojans_and_suspicious_code" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="scansEnabled_fileContents" class="wfConfigElem" name="scansEnabled_fileContents" value="1" <?php $w->cb('scansEnabled_fileContents'); ?>/></td></tr>
129
- <tr><th>Scan posts for known dangerous URLs and suspicious content<a href="http://docs.wordfence.com/en/Wordfence_options#Scan_posts_for_known_dangerous_URLs_and_suspicious_content" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="scansEnabled_posts" class="wfConfigElem" name="scansEnabled_posts" value="1" <?php $w->cb('scansEnabled_posts'); ?>/></td></tr>
130
- <tr><th>Scan comments for known dangerous URLs and suspicious content<a href="http://docs.wordfence.com/en/Wordfence_options#Scan_comments_for_known_dangerous_URLs_and_suspicious_content" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="scansEnabled_comments" class="wfConfigElem" name="scansEnabled_comments" value="1" <?php $w->cb('scansEnabled_comments'); ?>/></td></tr>
131
- <tr><th>Scan for out of date plugins, themes and WordPress versions<a href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_out_of_date_plugins.2C_themes_and_WordPress_versions" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="scansEnabled_oldVersions" class="wfConfigElem" name="scansEnabled_oldVersions" value="1" <?php $w->cb('scansEnabled_oldVersions'); ?>/></td></tr>
132
- <tr><th>Check the strength of passwords<a href="http://docs.wordfence.com/en/Wordfence_options#Check_the_strength_of_passwords" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="scansEnabled_passwds" class="wfConfigElem" name="scansEnabled_passwds" value="1" <?php $w->cb('scansEnabled_passwds'); ?>/></td></tr>
133
- <tr><th>Scan options table<a href="http://docs.wordfence.com/en/Wordfence_options#Scan_options_table" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="scansEnabled_options" class="wfConfigElem" name="scansEnabled_options" value="1" <?php $w->cb('scansEnabled_options'); ?>/></td></tr>
134
- <tr><th>Monitor disk space<a href="http://docs.wordfence.com/en/Wordfence_options#Monitor_disk_space" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="scansEnabled_diskSpace" class="wfConfigElem" name="scansEnabled_diskSpace" value="1" <?php $w->cb('scansEnabled_diskSpace'); ?>/></td></tr>
135
- <tr><th>Scan for unauthorized DNS changes<a href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_unauthorized_DNS_changes" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="scansEnabled_dns" class="wfConfigElem" name="scansEnabled_dns" value="1" <?php $w->cb('scansEnabled_dns'); ?>/></td></tr>
136
- <tr><th>Scan files outside your WordPress installation<a href="http://docs.wordfence.com/en/Wordfence_options#Scan_files_outside_your_WordPress_installation" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="other_scanOutside" class="wfConfigElem" name="other_scanOutside" value="1" <?php $w->cb('other_scanOutside'); ?> /></td></tr>
137
- <tr><th>Scan image files as if they were executable<a href="http://docs.wordfence.com/en/Wordfence_options#Scan_image_files_as_if_they_were_executable" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="scansEnabled_scanImages" class="wfConfigElem" name="scansEnabled_scanImages" value="1" <?php $w->cb('scansEnabled_scanImages'); ?> /></td></tr>
138
- <tr><th>Enable HIGH SENSITIVITY scanning. May give false positives.<a href="http://docs.wordfence.com/en/Wordfence_options#Enable_HIGH_SENSITIVITY_scanning" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="scansEnabled_highSense" class="wfConfigElem" name="scansEnabled_highSense" value="1" <?php $w->cb('scansEnabled_highSense'); ?> /></td></tr>
139
- <tr><th>Exclude files from scan that match these wildcard patterns. Comma separated.<a href="http://docs.wordfence.com/en/Wordfence_options#Exclude_files_from_scan_that_match_these_wildcard_patterns." target="_blank" class="wfhelp"></a></th><td><input type="text" id="scan_exclude" class="wfConfigElem" name="scan_exclude" size="20" value="<?php echo $w->getHTML('scan_exclude'); ?>" />e.g. *.sql,*.tar,backup*.zip</td></tr>
140
- <tr><td colspan="2">
141
- <div class="wfMarker" id="wfMarkerFirewallRules"></div>
142
- <h3 class="wfConfigHeading">Firewall Rules<a href="http://docs.wordfence.com/en/Wordfence_options#Firewall_Rules" target="_blank" class="wfhelp"></a></h3>
143
- </td></tr>
144
- <tr><th>Immediately block fake Google crawlers:<a href="http://docs.wordfence.com/en/Wordfence_options#Immediately_block_fake_Google_crawlers:" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="blockFakeBots" class="wfConfigElem" name="blockFakeBots" value="1" <?php $w->cb('blockFakeBots'); ?>/></td></tr>
145
- <tr><th>How should we treat Google's crawlers<a href="http://docs.wordfence.com/en/Wordfence_options#How_should_we_treat_Google.27s_crawlers" target="_blank" class="wfhelp"></a></th><td>
146
- <select id="neverBlockBG" class="wfConfigElem" name="neverBlockBG">
147
- <option value="neverBlockVerified"<?php $w->sel('neverBlockBG', 'neverBlockVerified'); ?>>Verified Google crawlers have unlimited access to this site</option>
148
- <option value="neverBlockUA"<?php $w->sel('neverBlockBG', 'neverBlockUA'); ?>>Anyone claiming to be Google has unlimited access</option>
149
- <option value="treatAsOtherCrawlers"<?php $w->sel('neverBlockBG', 'treatAsOtherCrawlers'); ?>>Treat Google like any other Crawler</option>
150
- </select></td></tr>
151
- <tr><th>If anyone's requests exceed:<a href="http://docs.wordfence.com/en/Wordfence_options#If_anyone.27s_requests_exceed:" target="_blank" class="wfhelp"></a></th><td><?php $rateName='maxGlobalRequests'; require('wfRate.php'); ?> then <?php $throtName='maxGlobalRequests_action'; require('wfAction.php'); ?></td></tr>
152
- <tr><th>If a crawler's page views exceed:<a href="http://docs.wordfence.com/en/Wordfence_options#If_a_crawler.27s_page_views_exceed" target="_blank" class="wfhelp"></a></th><td><?php $rateName='maxRequestsCrawlers'; require('wfRate.php'); ?> then <?php $throtName='maxRequestsCrawlers_action'; require('wfAction.php'); ?></td></tr>
153
- <tr><th>If a crawler's pages not found (404s) exceed:<a href="http://docs.wordfence.com/en/Wordfence_options#If_a_crawler.27s_pages_not_found_.28404s.29_exceed" target="_blank" class="wfhelp"></a></th><td><?php $rateName='max404Crawlers'; require('wfRate.php'); ?> then <?php $throtName='max404Crawlers_action'; require('wfAction.php'); ?></td></tr>
154
- <tr><th>If a human's page views exceed:<a href="http://docs.wordfence.com/en/Wordfence_options#If_a_human.27s_page_views_exceed" target="_blank" class="wfhelp"></a></th><td><?php $rateName='maxRequestsHumans'; require('wfRate.php'); ?> then <?php $throtName='maxRequestsHumans_action'; require('wfAction.php'); ?></td></tr>
155
- <tr><th>If a human's pages not found (404s) exceed:<a href="http://docs.wordfence.com/en/Wordfence_options#If_a_human.27s_pages_not_found_.28404s.29_exceed" target="_blank" class="wfhelp"></a></th><td><?php $rateName='max404Humans'; require('wfRate.php'); ?> then <?php $throtName='max404Humans_action'; require('wfAction.php'); ?></td></tr>
156
- <tr><th>If 404's for known vulnerable URL's exceed:<a href="http://docs.wordfence.com/en/Wordfence_options#If_404.27s_for_known_vulnerable_URL.27s_exceed" target="_blank" class="wfhelp"></a></th><td><?php $rateName='maxScanHits'; require('wfRate.php'); ?> then <?php $throtName='maxScanHits_action'; require('wfAction.php'); ?></td></tr>
157
- <tr><th>How long is an IP address blocked when it breaks a rule:<a href="http://docs.wordfence.com/en/Wordfence_options#How_long_is_an_IP_address_blocked_when_it_breaks_a_rule" target="_blank" class="wfhelp"></a></th><td>
158
- <select id="blockedTime" class="wfConfigElem" name="blockedTime">
159
- <option value="60"<?php $w->sel('blockedTime', '60'); ?>>1 minute</option>
160
- <option value="300"<?php $w->sel('blockedTime', '300'); ?>>5 minutes</option>
161
- <option value="1800"<?php $w->sel('blockedTime', '1800'); ?>>30 minutes</option>
162
- <option value="3600"<?php $w->sel('blockedTime', '3600'); ?>>1 hour</option>
163
- <option value="7200"<?php $w->sel('blockedTime', '7200'); ?>>2 hours</option>
164
- <option value="21600"<?php $w->sel('blockedTime', '21600'); ?>>6 hours</option>
165
- <option value="43200"<?php $w->sel('blockedTime', '43200'); ?>>12 hours</option>
166
- <option value="86400"<?php $w->sel('blockedTime', '86400'); ?>>1 day</option>
167
- <option value="172800"<?php $w->sel('blockedTime', '172800'); ?>>2 days</option>
168
- <option value="432000"<?php $w->sel('blockedTime', '432000'); ?>>5 days</option>
169
- <option value="864000"<?php $w->sel('blockedTime', '864000'); ?>>10 days</option>
170
- <option value="2592000"<?php $w->sel('blockedTime', '2592000'); ?>>1 month</option>
171
- </select></td></tr>
172
-
173
- <tr><td colspan="2">
174
- <div class="wfMarker" id="wfMarkerLoginSecurity"></div>
175
- <h3 class="wfConfigHeading">Login Security Options<a href="http://docs.wordfence.com/en/Wordfence_options#Login_Security_Options" target="_blank" class="wfhelp"></a></h3>
176
- </td></tr>
177
- <tr><th>Enforce strong passwords?<a href="http://docs.wordfence.com/en/Wordfence_options#Enforce_strong_passwords.3F" target="_blank" class="wfhelp"></a></th><td>
178
- <select class="wfConfigElem" id="loginSec_strongPasswds" name="loginSec_strongPasswds">
179
- <option value="">Do not force users to use strong passwords</option>
180
- <option value="pubs"<?php $w->sel('loginSec_strongPasswds', 'pubs'); ?>>Force admins and publishers to use strong passwords (recommended)</option>
181
- <option value="all"<?php $w->sel('loginSec_strongPasswds', 'all'); ?>>Force all members to use strong passwords</option>
182
- </select>
183
- <tr><th>Lock out after how many login failures<a href="http://docs.wordfence.com/en/Wordfence_options#Lock_out_after_how_many_login_failures" target="_blank" class="wfhelp"></a></th><td>
184
- <select id="loginSec_maxFailures" class="wfConfigElem" name="loginSec_maxFailures">
185
- <option value="1"<?php $w->sel('loginSec_maxFailures', '1'); ?>>1</option>
186
- <option value="2"<?php $w->sel('loginSec_maxFailures', '2'); ?>>2</option>
187
- <option value="3"<?php $w->sel('loginSec_maxFailures', '3'); ?>>3</option>
188
- <option value="4"<?php $w->sel('loginSec_maxFailures', '4'); ?>>4</option>
189
- <option value="5"<?php $w->sel('loginSec_maxFailures', '5'); ?>>5</option>
190
- <option value="6"<?php $w->sel('loginSec_maxFailures', '6'); ?>>6</option>
191
- <option value="7"<?php $w->sel('loginSec_maxFailures', '7'); ?>>7</option>
192
- <option value="8"<?php $w->sel('loginSec_maxFailures', '8'); ?>>8</option>
193
- <option value="9"<?php $w->sel('loginSec_maxFailures', '9'); ?>>9</option>
194
- <option value="10"<?php $w->sel('loginSec_maxFailures', '10'); ?>>10</option>
195
- <option value="20"<?php $w->sel('loginSec_maxFailures', '20'); ?>>20</option>
196
- <option value="30"<?php $w->sel('loginSec_maxFailures', '30'); ?>>30</option>
197
- <option value="40"<?php $w->sel('loginSec_maxFailures', '40'); ?>>40</option>
198
- <option value="50"<?php $w->sel('loginSec_maxFailures', '50'); ?>>50</option>
199
- <option value="100"<?php $w->sel('loginSec_maxFailures', '100'); ?>>100</option>
200
- <option value="200"<?php $w->sel('loginSec_maxFailures', '200'); ?>>200</option>
201
- <option value="500"<?php $w->sel('loginSec_maxFailures', '500'); ?>>500</option>
202
- </select>
203
- </td></tr>
204
- <tr><th>Lock out after how many forgot password attempts<a href="http://docs.wordfence.com/en/Wordfence_options#Lock_out_after_how_many_forgot_password_attempts" target="_blank" class="wfhelp"></a></th><td>
205
- <select id="loginSec_maxForgotPasswd" class="wfConfigElem" name="loginSec_maxForgotPasswd">
206
- <option value="1"<?php $w->sel('loginSec_maxForgotPasswd', '1'); ?>>1</option>
207
- <option value="2"<?php $w->sel('loginSec_maxForgotPasswd', '2'); ?>>2</option>
208
- <option value="3"<?php $w->sel('loginSec_maxForgotPasswd', '3'); ?>>3</option>
209
- <option value="4"<?php $w->sel('loginSec_maxForgotPasswd', '4'); ?>>4</option>
210
- <option value="5"<?php $w->sel('loginSec_maxForgotPasswd', '5'); ?>>5</option>
211
- <option value="6"<?php $w->sel('loginSec_maxForgotPasswd', '6'); ?>>6</option>
212
- <option value="7"<?php $w->sel('loginSec_maxForgotPasswd', '7'); ?>>7</option>
213
- <option value="8"<?php $w->sel('loginSec_maxForgotPasswd', '8'); ?>>8</option>
214
- <option value="9"<?php $w->sel('loginSec_maxForgotPasswd', '9'); ?>>9</option>
215
- <option value="10"<?php $w->sel('loginSec_maxForgotPasswd', '10'); ?>>10</option>
216
- <option value="20"<?php $w->sel('loginSec_maxForgotPasswd', '20'); ?>>20</option>
217
- <option value="30"<?php $w->sel('loginSec_maxForgotPasswd', '30'); ?>>30</option>
218
- <option value="40"<?php $w->sel('loginSec_maxForgotPasswd', '40'); ?>>40</option>
219
- <option value="50"<?php $w->sel('loginSec_maxForgotPasswd', '50'); ?>>50</option>
220
- <option value="100"<?php $w->sel('loginSec_maxForgotPasswd', '100'); ?>>100</option>
221
- <option value="200"<?php $w->sel('loginSec_maxForgotPasswd', '200'); ?>>200</option>
222
- <option value="500"<?php $w->sel('loginSec_maxForgotPasswd', '500'); ?>>500</option>
223
- </select>
224
- </td></tr>
225
- <tr><th>Count failures over what time period<a href="http://docs.wordfence.com/en/Wordfence_options#Count_failures_over_what_time_period" target="_blank" class="wfhelp"></a></th><td>
226
- <select id="loginSec_countFailMins" class="wfConfigElem" name="loginSec_countFailMins">
227
- <option value="5"<?php $w->sel('loginSec_countFailMins', '5'); ?>>5 minutes</option>
228
- <option value="10"<?php $w->sel('loginSec_countFailMins', '10'); ?>>10 minutes</option>
229
- <option value="30"<?php $w->sel('loginSec_countFailMins', '30'); ?>>30 minutes</option>
230
- <option value="60"<?php $w->sel('loginSec_countFailMins', '60'); ?>>1 hour</option>
231
- <option value="120"<?php $w->sel('loginSec_countFailMins', '120'); ?>>2 hours</option>
232
- <option value="360"<?php $w->sel('loginSec_countFailMins', '360'); ?>>6 hours</option>
233
- <option value="720"<?php $w->sel('loginSec_countFailMins', '720'); ?>>12 hours</option>
234
- <option value="1440"<?php $w->sel('loginSec_countFailMins', '1440'); ?>>1 day</option>
235
- </select>
236
- </td></tr>
237
- <tr><th>Amount of time a user is locked out<a href="http://docs.wordfence.com/en/Wordfence_options#Amount_of_time_a_user_is_locked_out" target="_blank" class="wfhelp"></a></th><td>
238
- <select id="loginSec_lockoutMins" class="wfConfigElem" name="loginSec_lockoutMins">
239
- <option value="5"<?php $w->sel('loginSec_lockoutMins', '5'); ?>>5 minutes</option>
240
- <option value="10"<?php $w->sel('loginSec_lockoutMins', '10'); ?>>10 minutes</option>
241
- <option value="30"<?php $w->sel('loginSec_lockoutMins', '30'); ?>>30 minutes</option>
242
- <option value="60"<?php $w->sel('loginSec_lockoutMins', '60'); ?>>1 hour</option>
243
- <option value="120"<?php $w->sel('loginSec_lockoutMins', '120'); ?>>2 hours</option>
244
- <option value="360"<?php $w->sel('loginSec_lockoutMins', '360'); ?>>6 hours</option>
245
- <option value="720"<?php $w->sel('loginSec_lockoutMins', '720'); ?>>12 hours</option>
246
- <option value="1440"<?php $w->sel('loginSec_lockoutMins', '1440'); ?>>1 day</option>
247
- <option value="2880"<?php $w->sel('loginSec_lockoutMins', '2880'); ?>>2 days</option>
248
- <option value="7200"<?php $w->sel('loginSec_lockoutMins', '7200'); ?>>5 days</option>
249
- <option value="14400"<?php $w->sel('loginSec_lockoutMins', '14400'); ?>>10 days</option>
250
- <option value="28800"<?php $w->sel('loginSec_lockoutMins', '28800'); ?>>20 days</option>
251
- <option value="43200"<?php $w->sel('loginSec_lockoutMins', '43200'); ?>>30 days</option>
252
- <option value="86400"<?php $w->sel('loginSec_lockoutMins', '86400'); ?>>60 days</option>
253
- </select>
254
- </td></tr>
255
- <tr><th>Immediately lock out invalid usernames<a href="http://docs.wordfence.com/en/Wordfence_options#Immediately_lock_out_invalid_usernames" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="loginSec_lockInvalidUsers" class="wfConfigElem" name="loginSec_lockInvalidUsers" <?php $w->cb('loginSec_lockInvalidUsers'); ?> /></td></tr>
256
- <tr><th>Don't let WordPress reveal valid users in login errors<a href="http://docs.wordfence.com/en/Wordfence_options#Don.27t_let_WordPress_reveal_valid_users_in_login_errors" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="loginSec_maskLoginErrors" class="wfConfigElem" name="loginSec_maskLoginErrors" <?php $w->cb('loginSec_maskLoginErrors'); ?> /></td></tr>
257
- <tr><th>Prevent users registering 'admin' username if it doesn't exist<a href="http://docs.wordfence.com/en/Wordfence_options#Prevent_users_registering_.27admin.27_username_if_it_doesn.27t_exist" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="loginSec_blockAdminReg" class="wfConfigElem" name="loginSec_blockAdminReg" <?php $w->cb('loginSec_blockAdminReg'); ?> /></td></tr>
258
- <tr><th>Prevent discovery of usernames through '?/author=N' scans<a href="http://docs.wordfence.com/en/Wordfence_options#Prevent_discovery_of_usernames_through_.27.3F.2Fauthor.3DN.27_scans" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="loginSec_disableAuthorScan" class="wfConfigElem" name="loginSec_disableAuthorScan" <?php $w->cb('loginSec_disableAuthorScan'); ?> /></td></tr>
259
- <tr><th>Immediately block the IP of users who try to sign in as these usernames<a href="http://docs.wordfence.com/en/Wordfence_options#Immediately_block_the_IP_of_users_who_try_to_sign_in_as_these_usernames" target="_blank" class="wfhelp"></a></th><td><input type="text" name="loginSec_userBlacklist" id="loginSec_userBlacklist" value="<?php echo $w->getHTML('loginSec_userBlacklist'); ?>" size="40" />&nbsp;(Comma separated. Existing users won't be blocked.)</td></tr>
260
- <tr><td colspan="2">
261
- <div class="wfMarker" id="wfMarkerOtherOptions"></div>
262
- <h3 class="wfConfigHeading">Other Options<a href="http://docs.wordfence.com/en/Wordfence_options#Other_Options" target="_blank" class="wfhelp"></a></h3>
263
- </td></tr>
264
-
265
- <tr><th>Whitelisted IP addresses that bypass all rules:<a href="http://docs.wordfence.com/en/Wordfence_options#Whitelisted_IP_addresses_that_bypass_all_rules" target="_blank" class="wfhelp"></a></th><td><input type="text" name="whitelisted" id="whitelisted" value="<?php echo $w->getHTML('whitelisted'); ?>" size="40" /></td></tr>
266
- <tr><th colspan="2" style="color: #999;">Whitelisted IP's must be separated by commas. You can specify ranges using the following format: 123.23.34.[1-50]<br />Wordfence automatically whitelists <a href="http://en.wikipedia.org/wiki/Private_network" target="_blank">private networks</a> because these are not routable on the public Internet.<br /><br /></th></tr>
267
-
268
- <tr><th>Immediately block IP's that access these URLs:<a href="http://docs.wordfence.com/en/Wordfence_options#Immediately_block_IP.27s_that_access_these_URLs" target="_blank" class="wfhelp"></a></th><td><input type="text" name="bannedURLs" id="bannedURLs" value="<?php echo $w->getHTML('bannedURLs'); ?>" size="40" /></td></tr>
269
- <tr><th colspan="2" style="color: #999;">Separate multiple URL's with commas. If you see an attacker repeatedly probing your site for a known vulnerability you can use this to immediately block them.<br />
270
- All URL's must start with a '/' without quotes and must be relative. e.g. /badURLone/, /bannedPage.html, /dont-access/this/URL/
271
- <br /><br /></th></tr>
272
-
273
- <tr><th>Hide WordPress version<a href="http://docs.wordfence.com/en/Wordfence_options#Hide_WordPress_version" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="other_hideWPVersion" class="wfConfigElem" name="other_hideWPVersion" value="1" <?php $w->cb('other_hideWPVersion'); ?> /></td></tr>
274
- <tr><th>Hold anonymous comments using member emails for moderation<a href="http://docs.wordfence.com/en/Wordfence_options#Hold_anonymous_comments_using_member_emails_for_moderation" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="other_noAnonMemberComments" class="wfConfigElem" name="other_noAnonMemberComments" value="1" <?php $w->cb('other_noAnonMemberComments'); ?> /></td></tr>
275
- <tr><th>Filter comments for malware and phishing URL's<a href="http://docs.wordfence.com/en/Wordfence_options#Filter_comments_for_malware_and_phishing_URL.27s" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="other_scanComments" class="wfConfigElem" name="other_scanComments" value="1" <?php $w->cb('other_scanComments'); ?> /></td></tr>
276
- <tr><th>Check password strength on profile update<a href="http://docs.wordfence.com/en/Wordfence_options#Check_password_strength_on_profile_update" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="other_pwStrengthOnUpdate" class="wfConfigElem" name="other_pwStrengthOnUpdate" value="1" <?php $w->cb('other_pwStrengthOnUpdate'); ?> /></td></tr>
277
- <tr><th>Participate in the Real-Time WordPress Security Network<a href="http://docs.wordfence.com/en/Wordfence_options#Participate_in_the_Real-Time_WordPress_Security_Network" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="other_WFNet" class="wfConfigElem" name="other_WFNet" value="1" <?php $w->cb('other_WFNet'); ?> /></td></tr>
278
- <tr><th>How much memory should Wordfence request when scanning<a href="http://docs.wordfence.com/en/Wordfence_options#How_much_memory_should_Wordfence_request_when_scanning" target="_blank" class="wfhelp"></a></th><td><input type="text" id="maxMem" name="maxMem" value="<?php $w->f('maxMem'); ?>" size="4" />Megabytes</td></tr>
279
- <tr><th>Maximum execution time for each scan stage<a href="http://docs.wordfence.com/en/Wordfence_options#Maximum_execution_time_for_each_scan_stage" target="_blank" class="wfhelp"></a></th><td><input type="text" id="maxExecutionTime" name="maxExecutionTime" value="<?php $w->f('maxExecutionTime'); ?>" size="4" />Blank for default. Must be greater than 9.</td></tr>
280
- <tr><th>Update interval in seconds (2 is default)<a href="http://docs.wordfence.com/en/Wordfence_options#Update_interval_in_seconds" target="_blank" class="wfhelp"></a></th><td><input type="text" id="actUpdateInterval" name="actUpdateInterval" value="<?php $w->f('actUpdateInterval'); ?>" size="4" />Setting higher will reduce browser traffic but slow scan starts, live traffic &amp; status updates.</td></tr>
281
- <tr><th>Enable debugging mode (increases database load)<a href="http://docs.wordfence.com/en/Wordfence_options#Enable_debugging_mode_.28increases_database_load.29" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="debugOn" class="wfConfigElem" name="debugOn" value="1" <?php $w->cb('debugOn'); ?> /></td></tr>
282
- <tr><th>Delete Wordfence tables and data on deactivation?<a href="http://docs.wordfence.com/en/Wordfence_options#Delete_Wordfence_tables_and_data_on_deactivation.3F" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="deleteTablesOnDeact" class="wfConfigElem" name="deleteTablesOnDeact" value="1" <?php $w->cb('deleteTablesOnDeact'); ?> /></td></tr>
283
-
284
-
285
- <tr><th>Disable Wordfence Cookies<a href="http://docs.wordfence.com/en/Wordfence_options#Disable_Wordfence_Cookies" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="disableCookies" class="wfConfigElem" name="disableCookies" value="1" <?php $w->cb('disableCookies'); ?> />(when enabled all visits in live traffic will appear to be new visits)</td></tr>
286
- <tr><th>Start all scans remotely<a href="http://docs.wordfence.com/en/Wordfence_options#Start_all_scans_remotely" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="startScansRemotely" class="wfConfigElem" name="startScansRemotely" value="1" <?php $w->cb('startScansRemotely'); ?> />(Try this if your scans aren't starting and your site is publicly accessible)</td></tr>
287
- <tr><th>Disable config caching<a href="http://docs.wordfence.com/en/Wordfence_options#Disable_config_caching" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="disableConfigCaching" class="wfConfigElem" name="disableConfigCaching" value="1" <?php $w->cb('disableConfigCaching'); ?> />(Try this if your options aren't saving)</td></tr>
288
- <tr><th>Add a debugging comment to HTML source of cached pages.<a href="http://docs.wordfence.com/en/Wordfence_options#Add_a_debugging_comment_to_HTML_source_of_cached_pages" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="addCacheComment" class="wfConfigElem" name="addCacheComment" value="1" <?php $w->cb('addCacheComment'); ?> /></td></tr>
289
- <tr><th><label for="disableCodeExecutionUploads">Disable Code Execution for Uploads directory</label><a href="http://docs.wordfence.com/en/Wordfence_options#Disable_Code_Execution_for_Uploads_directory" target="_blank" class="wfhelp"></a></th><td><input type="checkbox" id="disableCodeExecutionUploads" class="wfConfigElem" name="disableCodeExecutionUploads" value="1" <?php $w->cb('disableCodeExecutionUploads'); ?> /></td></tr>
290
- <tr><th colspan="2"><a href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=conntest&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Click to test connectivity to the Wordfence API servers</a><a href="http://docs.wordfence.com/en/Wordfence_options#Click_to_test_connectivity_to_the_Wordfence_API_servers" target="_blank" class="wfhelp"></a></th></tr>
291
- <tr><th colspan="2"><a href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=sysinfo&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Click to view your system's configuration in a new window</a><a href="http://docs.wordfence.com/en/Wordfence_options#Click_to_view_your_system.27s_configuration_in_a_new_window" target="_blank" class="wfhelp"></a></th></tr>
292
- <tr><th colspan="2"><a href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=testmem&nonce=<?php echo wp_create_nonce('wp-ajax'); ?>" target="_blank">Test your WordPress host's available memory</a><a href="http://docs.wordfence.com/en/Wordfence_options#Test_your_WordPress_host.27s_available_memory" target="_blank" class="wfhelp"></a></th></tr>
293
- <tr><th>Send a test email from this WordPress server to an email address:<a href="http://docs.wordfence.com/en/Wordfence_options#Send_a_test_email_from_this_WordPress_server_to_an_email_address" target="_blank" class="wfhelp"></a></th><td><input type="text" id="testEmailDest" value="" size="20" maxlength="255" class="wfConfigElem" />
294
- <input type="button" value="Send Test Email" onclick="WFAD.sendTestEmail(jQuery('#testEmailDest').val());" /></td></tr>
295
-
296
- <tr><td colspan="2">
297
- <div class="wfMarker" id="wfMarkerExportOptions"></div>
298
- <h3 class="wfConfigHeading">Exporting and Importing Wordfence Settings<a href="http://docs.wordfence.com/en/Wordfence_options#Exporting_and_Importing_Wordfence_Settings" target="_blank" class="wfhelp"></a></h3>
299
- </td></tr>
300
-
301
- <tr><th>Export this site's Wordfence settings for import on another site:</th><td><input type="button" id="exportSettingsBut" value="Export Wordfence Settings" onclick="WFAD.exportSettings(); return false;" /></td></tr>
302
- <tr><th>Import Wordfence settings from another site using a token:</th><td><input type="text" size="20" value="" id="importToken" />&nbsp;<input type="button" name="importSettingsButton" value="Import Settings" onclick="WFAD.importSettings(jQuery('#importToken').val()); return false;" /></td></tr>
303
- </table>
304
- <p><table border="0" cellpadding="0" cellspacing="0"><tr><td><input type="button" id="button1" name="button1" class="button-primary" value="Save Changes" onclick="WFAD.saveConfig();" /></td><td style="height: 24px;"><div class="wfAjax24"></div><span class="wfSavedMsg">&nbsp;Your changes have been saved!</span></td></tr></table></p>
305
- </div>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
306
  </form>
307
  </div>
308
  <script type="text/x-jquery-template" id="wfContentBasicOptions">
309
- <div>
310
- <h3>Basic Options</h3>
311
- <p>
312
- Using Wordfence is simple. Install Wordfence, enter an email address on this page to send alerts to, and then do your first scan and work through the security alerts we provide.
313
- We give you a few basic security levels to choose from, depending on your needs. Remember to hit the "Save" button to save any changes you make.
314
- </p>
315
- <p>
316
- If you use the free edition of Wordfence, you don't need to worry about entering an API key in the "API Key" field above. One is automatically created for you. If you choose to <a href="https://www.wordfence.com/wordfence-signup/" target="_blank">upgrade to Wordfence Premium edition</a>, you will receive an API key. You will need to copy and paste that key into the "API Key"
317
- field above and hit "Save" to activate your key.
318
- </p>
319
- </div>
 
 
 
 
 
 
 
320
  </script>
321
  <script type="text/x-jquery-template" id="wfContentLiveTrafficOptions">
322
- <div>
323
- <h3>Live Traffic Options</h3>
324
- <p>
325
- These options let you ignore certain types of visitors, based on their level of access, usernames, IP address or browser type.
326
- If you run a very high traffic website where it is not feasible to see your visitors in real-time, simply un-check the live traffic option and nothing will be written to the Wordfence tracking tables.
327
- </p>
328
- </div>
 
 
 
329
  </script>
330
  <script type="text/x-jquery-template" id="wfContentScansToInclude">
331
- <div>
332
- <h3>Scans to Include</h3>
333
- <p>
334
- This section gives you the ability to fine-tune what we scan.
335
- If you use many themes or plugins from the public WordPress directory we recommend you
336
- enable theme and plugin scanning. This will verify the integrity of all these themes and plugins and alert you of any changes.
337
- <p>
338
- <p>
339
- The option to "scan files outside your WordPress installation" will cause Wordfence to do a much wider security scan
340
- that is not limited to your base WordPress directory and known WordPress subdirectories. This scan may take longer
341
- but can be very useful if you have other infected files outside this WordPress installation that you would like us to look for.
342
- </p>
343
- </div>
 
 
 
 
 
 
 
344
  </script>
345
  <script type="text/x-jquery-template" id="wfContentFirewallRules">
346
- <div>
347
- <h3>Firewall Rules</h3>
348
- <p>
349
- <strong>NOTE:</strong> Before modifying these rules, make sure you have access to the email address associated with this site's administrator account. If you accidentally lock yourself out, you will be given the option
350
- to enter that email address and receive an "unlock email" which will allow you to regain access.
351
- </p>
352
- <p>
353
- <strong>Tips:</strong>
354
- <p>&#8226; If you choose to limit the rate at which your site can be accessed, you need to customize the settings for your site.</p>
355
- <p>&#8226; If your users usually skip quickly between pages, you should set the values for human visitors to be high.</p>
356
- <p>&#8226; If you are aggressively crawled by non-Google crawlers like Baidu, you should set the page view limit for crawlers to a high value.</p>
357
- <p>&#8226; If you are currently under attack and want to aggressively protect your site or your content, you can set low values for most options.</p>
358
- <p>&#8226; In general we recommend you don't block fake Google crawlers unless you have a specific problem with someone stealing your content.</p>
359
- </p>
360
- <p>
361
- Remember that as long as you have your administrator email set correctly in this site's user administration, and you are able to receive email at that address,
362
- you will be able to regain access if you are accidentally locked out because your rules are too strict.
363
- </p>
364
- </div>
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
365
  </script>
366
  <script type="text/x-jquery-template" id="wfContentLoginSecurity">
367
- <div>
368
- <h3>Login Security</h3>
369
- <p>
370
- We have found that real brute force login attacks make hundreds or thousands of requests trying to guess passwords or user login names.
371
- So in general you can leave the number of failed logins before a user is locked out as a fairly high number.
372
- We have found that blocking after 20 failed attempts is sufficient for most sites and it allows your real site users enough
373
- attempts to guess their forgotten passwords without getting locked out.
374
- </p>
375
- </div>
 
 
 
376
  </script>
377
  <script type="text/x-jquery-template" id="wfContentOtherOptions">
378
- <div>
379
- <h3>Other Options</h3>
380
- <p>
381
- We have worked hard to make Wordfence memory efficient and much of the heavy lifting is done for your site by our cloud scanning servers in our Seattle data center.
382
- On most sites Wordfence will only use about 8 megabytes of additional memory when doing a scan, even if you have large files or a large number of files.
383
- You should not have to adjust the maximum memory that Wordfence can use, but we have provided the option. Remember that this does not affect the actual memory usage of Wordfence, simply the maximum Wordfence can use if it needs to.
384
- </p>
385
- <p>
386
- You may find debugging mode helpful if Wordfence is not able to start a scan on your site or
387
- if you are experiencing some other problem. Enable debugging by checking the box, save your options
388
- and then try to do a scan. You will notice a lot more output on the "Scan" page.
389
- </p>
390
- <p>
391
- If you decide to permanently remove Wordfence, you can choose the option to delete all data on deactivation.
392
- We also provide helpful links at the bottom of this page which lets you see your systems configuration and test how
393
- much memory your host really allows you to use.
394
- </p>
395
- <p>
396
- Thanks for completing this tour and I'm very happy to have you as our newest Wordfence customer. Don't forget to <a href="http://wordpress.org/extend/plugins/wordfence/" target="_blank">rate us 5 stars if you love Wordfence</a>.<br />
397
- <br />
398
- <strong>Mark Maunder</strong> - Wordfence Creator.
399
- </p>
400
- </div>
 
 
 
 
 
 
 
 
 
 
 
401
  </script>
402
 
1
+ <?php
2
+ $w = new wfConfig();
3
  ?>
4
  <script type="text/javascript">
5
+ var WFSLevels = <?php echo json_encode(wfConfig::$securityLevels); ?>;
6
  </script>
7
  <div class="wordfenceModeElem" id="wordfenceMode_options"></div>
8
  <div class="wrap">
9
+ <?php require( 'menuHeader.php' ); ?>
10
+ <?php $helpLink = "http://docs.wordfence.com/en/Wordfence_options";
11
+ $helpLabel = "Learn more about Wordfence Options";
12
+ $pageTitle = "Wordfence Options";
13
+ include( 'pageTitle.php' ); ?>
14
  <div class="wordfenceLive">
15
  <table border="0" cellpadding="0" cellspacing="0">
16
+ <tr>
17
+ <td><h2>Wordfence Live Activity:</h2></td>
18
+ <td id="wfLiveStatus"></td>
19
+ </tr>
20
  </table>
21
  </div>
22
 
23
  <form id="wfConfigForm">
24
+ <table class="wfConfigForm">
25
+ <tr>
26
+ <td colspan="2"><h2>License</h2></td>
27
+ </tr>
28
+
29
+ <tr>
30
+ <th>Your Wordfence API Key:<a href="http://docs.wordfence.com/en/Wordfence_options#Wordfence_API_Key"
31
+ target="_blank" class="wfhelp"></a></th>
32
+ <td><input type="text" id="apiKey" name="apiKey" value="<?php $w->f( 'apiKey' ); ?>" size="80"/></td>
33
+ </tr>
34
+ <tr>
35
+ <th>Key type currently active:</th>
36
+ <td>
37
+ <?php if (wfConfig::get( 'isPaid' )){ ?>
38
+ The currently active API Key is a Premium Key. <span style="font-weight: bold; color: #0A0;">Premium scanning enabled!</span>
39
+ <?php } else { ?>
40
+ The currently active API Key is a <span style="color: #F00; font-weight: bold;">Free Key</span>. <a
41
+ href="https://www.wordfence.com/wordfence-signup/" target="_blank">Click Here to Upgrade to
42
+ Wordfence Premium now.</a>
43
+ <?php } ?>
44
+ </td>
45
+ </tr>
46
+ <tr>
47
+ <td colspan="2">
48
+ <?php if ( wfConfig::get( 'isPaid' ) ) { ?>
49
+ <table border="0">
50
+ <tr>
51
+ <td><a href="https://www.wordfence.com/manage-wordfence-api-keys/"
52
+ target="_blank"><input type="button" value="Renew your premium license"/></a>
53
+ </td>
54
+ <td>&nbsp;</td>
55
+ <td><input type="button" value="Downgrade to a free license"
56
+ onclick="WFAD.downgradeLicense();"/></td>
57
+ </tr>
58
+ </table>
59
+ <?php } ?>
60
+
61
+
62
+ <tr>
63
+ <td colspan="2"><h2>Basic Options<a href="http://docs.wordfence.com/en/Wordfence_options#Basic_Options"
64
+ target="_blank" class="wfhelp"></a></h2></td>
65
+ </tr>
66
+ <tr>
67
+ <th class="wfConfigEnable">Enable firewall<a
68
+ href="http://docs.wordfence.com/en/Wordfence_options#Enable_Firewall" target="_blank"
69
+ class="wfhelp"></a></th>
70
+ <td><input type="checkbox" id="firewallEnabled" class="wfConfigElem" name="firewallEnabled"
71
+ value="1" <?php $w->cb( 'firewallEnabled' ); ?> />&nbsp;<span
72
+ style="color: #F00;">NOTE:</span> This checkbox enables ALL firewall functions including IP,
73
+ country and advanced blocking and the "Firewall Rules" below.
74
+ </td>
75
+ </tr>
76
+ <tr>
77
+ <td colspan="2">&nbsp;</td>
78
+ </tr>
79
+ <tr>
80
+ <th class="wfConfigEnable">Enable login security<a
81
+ href="http://docs.wordfence.com/en/Wordfence_options#Enable_login_security" target="_blank"
82
+ class="wfhelp"></a></th>
83
+ <td><input type="checkbox" id="loginSecurityEnabled" class="wfConfigElem" name="loginSecurityEnabled"
84
+ value="1" <?php $w->cb( 'loginSecurityEnabled' ); ?> />&nbsp;This option enables all "Login
85
+ Security" options. You can modify individual options further down this page.
86
+ </td>
87
+ </tr>
88
+ <tr>
89
+ <td colspan="2">&nbsp;</td>
90
+ </tr>
91
+ <tr>
92
+ <th class="wfConfigEnable">Enable Live Traffic View<a
93
+ href="http://docs.wordfence.com/en/Wordfence_options#Enable_Live_Traffic_View" target="_blank"
94
+ class="wfhelp"></a></th>
95
+ <td><input type="checkbox" id="liveTrafficEnabled" class="wfConfigElem" name="liveTrafficEnabled"
96
+ value="1" <?php $w->cb( 'liveTrafficEnabled' ); ?>
97
+ onclick="WFAD.reloadConfigPage = true; return true;"/>&nbsp;This option enables live traffic
98
+ logging.
99
+ </td>
100
+ </tr>
101
+ <tr>
102
+ <td colspan="2">&nbsp;</td>
103
+ </tr>
104
+ <tr>
105
+ <th class="wfConfigEnable">Advanced Comment Spam Filter<a
106
+ href="http://docs.wordfence.com/en/Wordfence_options#Advanced_Comment_Spam_Filter"
107
+ target="_blank" class="wfhelp"></a></th>
108
+ <td><input type="checkbox" id="advancedCommentScanning" class="wfConfigElem"
109
+ name="advancedCommentScanning" value="1" <?php $w->cbp( 'advancedCommentScanning' );
110
+ if ( ! wfConfig::get( 'isPaid' )){ ?>onclick="alert('This is a paid feature because it places significant additional load on our servers.'); jQuery('#advancedCommentScanning').attr('checked', false); return false;" <?php } ?> />&nbsp;<span
111
+ style="color: #F00;">Premium Feature</span> In addition to free comment filtering (see below)
112
+ this option filters comments against several additional real-time lists of known spammers and
113
+ infected hosts.
114
+ </td>
115
+ </tr>
116
+ <tr>
117
+ <th class="wfConfigEnable">Check if this website is being "Spamvertised"<a
118
+ href="http://docs.wordfence.com/en/Wordfence_options#Check_if_this_website_is_being_.22Spamvertized.22"
119
+ target="_blank" class="wfhelp"></a></th>
120
+ <td><input type="checkbox" id="spamvertizeCheck" class="wfConfigElem" name="spamvertizeCheck" value="1"
121
+ <?php $w->cbp( 'spamvertizeCheck' );
122
+ if ( ! wfConfig::get( 'isPaid' )){ ?>onclick="alert('This is a paid feature because it places significant additional load on our servers.'); jQuery('#spamvertizeCheck').attr('checked', false); return false;" <?php } ?> />&nbsp;<span
123
+ style="color: #F00;">Premium Feature</span> When doing a scan, Wordfence will check with spam
124
+ services if your site domain name is appearing as a link in spam emails.
125
+ </td>
126
+ </tr>
127
+ <tr>
128
+ <th class="wfConfigEnable">Check if this website IP is generating spam<a
129
+ href="http://docs.wordfence.com/en/Wordfence_options#Check_if_this_website_IP_is_generating_spam"
130
+ target="_blank" class="wfhelp"></a></th>
131
+ <td><input type="checkbox" id="checkSpamIP" class="wfConfigElem" name="checkSpamIP" value="1"
132
+ <?php $w->cbp( 'checkSpamIP' );
133
+ if ( ! wfConfig::get( 'isPaid' )){ ?>onclick="alert('This is a paid feature because it places significant additional load on our servers.'); jQuery('#checkSpamIP').attr('checked', false); return false;" <?php } ?> />&nbsp;<span
134
+ style="color: #F00;">Premium Feature</span> When doing a scan, Wordfence will check with spam
135
+ services if your website IP address is listed as a known source of spam email.
136
+ </td>
137
+ </tr>
138
+ <tr>
139
+ <td colspan="2">&nbsp;</td>
140
+ </tr>
141
+ <?php /* <tr><th class="wfConfigEnable">Enable Performance Monitoring</th><td><input type="checkbox" id="perfLoggingEnabled" class="wfConfigElem" name="perfLoggingEnabled" value="1" <?php $w->cb('perfLoggingEnabled'); ?> onclick="WFAD.reloadConfigPage = true; return true;" />&nbsp;This option enables performance monitoring.</td></tr> */ ?>
142
+ <tr>
143
+ <td colspan="2">&nbsp;</td>
144
+ </tr>
145
+ <tr>
146
+ <th class="wfConfigEnable">Enable automatic scheduled scans<a
147
+ href="http://docs.wordfence.com/en/Wordfence_options#Enable_automatic_scheduled_scans"
148
+ target="_blank" class="wfhelp"></a></th>
149
+ <td><input type="checkbox" id="scheduledScansEnabled" class="wfConfigElem" name="scheduledScansEnabled"
150
+ value="1" <?php $w->cb( 'scheduledScansEnabled' ); ?> />&nbsp;Regular scans ensure your site
151
+ stays secure.
152
+ </td>
153
+ </tr>
154
+ <tr>
155
+ <td colspan="2">&nbsp;</td>
156
+ </tr>
157
+ <tr>
158
+ <th class="wfConfigEnable">Update Wordfence automatically when a new version is released?<a
159
+ href="http://docs.wordfence.com/en/Wordfence_options#Update_Wordfence_Automatically_when_a_new_version_is_released"
160
+ target="_blank" class="wfhelp"></a></th>
161
+ <td><input type="checkbox" id="autoUpdate" class="wfConfigElem" name="autoUpdate"
162
+ value="1" <?php $w->cb( 'autoUpdate' ); ?> />&nbsp;Automatically updates Wordfence to the
163
+ newest version within 24 hours of a new release.<br/>
164
+ <?php if (getenv( 'noabort' ) != '1' && stristr( $_SERVER['SERVER_SOFTWARE'], 'litespeed' ) !== false){ ?>
165
+ <span style="color: #F00;">Warning: </span>You are running LiteSpeed web server and you don't have
166
+ the "noabort" variable set in your .htaccess.<br/>
167
+ <a href="https://support.wordfence.com/solution/articles/1000129050-running-wordfence-under-litespeed-web-server-and-preventing-process-killing-or"
168
+ target="_blank">Please read this article in our FAQ to make an important change that will ensure
169
+ your site stability during an update.<br/>
170
+ <?php } ?>
171
+ </td>
172
+ </tr>
173
+ <tr>
174
+ <td colspan="2">&nbsp;</td>
175
+ </tr>
176
+
177
+ <tr>
178
+ <th>Where to email alerts:<a href="http://docs.wordfence.com/en/Wordfence_options#Where_to_email_alerts"
179
+ target="_blank" class="wfhelp"></a></th>
180
+ <td><input type="text" id="alertEmails" name="alertEmails" value="<?php $w->f( 'alertEmails' ); ?>"
181
+ size="50"/>&nbsp;<span class="wfTipText">Separate multiple emails with commas</span></td>
182
+ </tr>
183
+ <tr>
184
+ <th colspan="2">&nbsp;</th>
185
+ </tr>
186
+ <tr>
187
+ <th>Security Level:<a href="http://docs.wordfence.com/en/Wordfence_options#Security_Level"
188
+ target="_blank" class="wfhelp"></a></th>
189
+ <td>
190
+ <select id="securityLevel" name="securityLevel" onchange="WFAD.changeSecurityLevel(); return true;">
191
+ <option value="0"<?php $w->sel( 'securityLevel', '0' ); ?>>Level 0: Disable all Wordfence
192
+ security measures
193
+ </option>
194
+ <option value="1"<?php $w->sel( 'securityLevel', '1' ); ?>>Level 1: Light protection. Just the
195
+ basics
196
+ </option>
197
+ <option value="2"<?php $w->sel( 'securityLevel', '2' ); ?>>Level 2: Medium protection. Suitable
198
+ for most sites
199
+ </option>
200
+ <option value="3"<?php $w->sel( 'securityLevel', '3' ); ?>>Level 3: High security. Use this when
201
+ an attack is imminent
202
+ </option>
203
+ <option value="4"<?php $w->sel( 'securityLevel', '4' ); ?>>Level 4: Lockdown. Protect the site
204
+ against an attack in progress at the cost of inconveniencing some users
205
+ </option>
206
+ <option value="CUSTOM"<?php $w->sel( 'securityLevel', 'CUSTOM' ); ?>>Custom settings</option>
207
+ </select>
208
+ </td>
209
+ </tr>
210
+ <tr>
211
+ <th>How does Wordfence get IPs:<a
212
+ href="http://docs.wordfence.com/en/Wordfence_options#How_does_Wordfence_get_IPs" target="_blank"
213
+ class="wfhelp"></a></th>
214
+ <td>
215
+ <select id="howGetIPs" name="howGetIPs">
216
+ <option value="">Let Wordfence use the most secure method to get visitor IP addresses. Prevents
217
+ spoofing and works with most sites.
218
+ </option>
219
+ <option value="REMOTE_ADDR"<?php $w->sel( 'howGetIPs', 'REMOTE_ADDR' ); ?>>Use PHP's built in
220
+ REMOTE_ADDR and don't use anything else. Very secure if this is compatible with your site.
221
+ </option>
222
+ <option value="HTTP_X_FORWARDED_FOR"<?php $w->sel( 'howGetIPs', 'HTTP_X_FORWARDED_FOR' ); ?>>Use
223
+ the X-Forwarded-For HTTP header. Only use if you have a front-end proxy or spoofing may
224
+ result.
225
+ </option>
226
+ <option value="HTTP_X_REAL_IP"<?php $w->sel( 'howGetIPs', 'HTTP_X_REAL_IP' ); ?>>Use the
227
+ X-Real-IP HTTP header. Only use if you have a front-end proxy or spoofing may result.
228
+ </option>
229
+ <option value="HTTP_CF_CONNECTING_IP"<?php $w->sel( 'howGetIPs', 'HTTP_CF_CONNECTING_IP' ); ?>>
230
+ Use the Cloudflare "CF-Connecting-IP" HTTP header to get a visitor IP. Only use if you're
231
+ using Cloudflare.
232
+ </option>
233
+ </select>
234
+ </td>
235
+ </tr>
236
+ </table>
237
+ <p>
238
+ <table border="0" cellpadding="0" cellspacing="0">
239
+ <tr>
240
+ <td><input type="button" id="button1" name="button1" class="button-primary" value="Save Changes"
241
+ onclick="WFAD.saveConfig();"/></td>
242
+ <td style="height: 24px;">
243
+ <div class="wfAjax24"></div>
244
+ <span class="wfSavedMsg">&nbsp;Your changes have been saved!</span></td>
245
+ </tr>
246
+ </table>
247
  </p>
248
+ <div class="wfMarker" id="wfMarkerBasicOptions"></div>
249
+ <div style="margin-top: 25px;">
250
+ <h2>Advanced Options:<a href="http://docs.wordfence.com/en/Wordfence_options#Advanced_Options"
251
+ target="_blank" class="wfhelp"></a></h2>
252
+
253
+ <p style="width: 600px;">
254
+ Wordfence works great out of the box for most websites. Simply install Wordfence and your site and
255
+ content is protected. For finer granularity of control, we have provided advanced options.
256
+ </p>
257
+ </div>
258
+ <div id="wfConfigAdvanced">
259
+ <table class="wfConfigForm">
260
+ <tr>
261
+ <td colspan="2"><h3 class="wfConfigHeading">Alerts<a
262
+ href="http://docs.wordfence.com/en/Wordfence_options#Alerts" target="_blank"
263
+ class="wfhelp"></a></h3></td>
264
+ </tr>
265
+ <?php
266
+ $emails = wfConfig::getAlertEmails();
267
+ if ( sizeof( $emails ) < 1 ) {
268
+ echo "<tr><th colspan=\"2\" style=\"color: #F00;\">You have not configured an email to receive alerts yet. Set this up under \"Basic Options\" above.</th></tr>\n";
269
+ }
270
+ ?>
271
+ <tr>
272
+ <th>Email me when Wordfence is automatically updated</th>
273
+ <td><input type="checkbox" id="alertOn_update" class="wfConfigElem" name="alertOn_update"
274
+ value="1" <?php $w->cb( 'alertOn_update' ); ?>/>&nbsp;If you have automatic updates
275
+ enabled (see above), you'll get an email when an update occurs.
276
+ </td>
277
+ </tr>
278
+ <tr>
279
+ <th>Alert on critical problems</th>
280
+ <td><input type="checkbox" id="alertOn_critical" class="wfConfigElem" name="alertOn_critical"
281
+ value="1" <?php $w->cb( 'alertOn_critical' ); ?>/></td>
282
+ </tr>
283
+ <tr>
284
+ <th>Alert on warnings</th>
285
+ <td><input type="checkbox" id="alertOn_warnings" class="wfConfigElem" name="alertOn_warnings"
286
+ value="1" <?php $w->cb( 'alertOn_warnings' ); ?>/></td>
287
+ </tr>
288
+ <tr>
289
+ <th>Alert when an IP address is blocked</th>
290
+ <td><input type="checkbox" id="alertOn_block" class="wfConfigElem" name="alertOn_block"
291
+ value="1" <?php $w->cb( 'alertOn_block' ); ?>/></td>
292
+ </tr>
293
+ <tr>
294
+ <th>Alert when someone is locked out from login</th>
295
+ <td><input type="checkbox" id="alertOn_loginLockout" class="wfConfigElem"
296
+ name="alertOn_loginLockout" value="1" <?php $w->cb( 'alertOn_loginLockout' ); ?>/></td>
297
+ </tr>
298
+ <tr>
299
+ <th>Alert when the "lost password" form is used for a valid user</th>
300
+ <td><input type="checkbox" id="alertOn_lostPasswdForm" class="wfConfigElem"
301
+ name="alertOn_lostPasswdForm" value="1" <?php $w->cb( 'alertOn_lostPasswdForm' ); ?>/>
302
+ </td>
303
+ </tr>
304
+ <tr>
305
+ <th>Alert me when someone with administrator access signs in</th>
306
+ <td><input type="checkbox" id="alertOn_adminLogin" class="wfConfigElem" name="alertOn_adminLogin"
307
+ value="1" <?php $w->cb( 'alertOn_adminLogin' ); ?>/></td>
308
+ </tr>
309
+ <tr>
310
+ <th>Alert me when a non-admin user signs in</th>
311
+ <td><input type="checkbox" id="alertOn_nonAdminLogin" class="wfConfigElem"
312
+ name="alertOn_nonAdminLogin" value="1" <?php $w->cb( 'alertOn_nonAdminLogin' ); ?>/></td>
313
+ </tr>
314
+ <tr>
315
+ <th>Maximum email alerts to send per hour</th>
316
+ <td>&nbsp;<input type="text" id="alert_maxHourly" name="alert_maxHourly"
317
+ value="<?php $w->f( 'alert_maxHourly' ); ?>" size="4"/>0 or empty means unlimited
318
+ alerts will be sent.
319
+ </td>
320
+ </tr>
321
+ <tr>
322
+ <td colspan="2">
323
+ <div class="wfMarker" id="wfMarkerLiveTrafficOptions"></div>
324
+ <h3 class="wfConfigHeading">Live Traffic View<a
325
+ href="http://docs.wordfence.com/en/Wordfence_options#Live_Traffic_View" target="_blank"
326
+ class="wfhelp"></a></h3>
327
+ </td>
328
+ </tr>
329
+ <tr>
330
+ <th>Don't log signed-in users with publishing access:</th>
331
+ <td><input type="checkbox" id="liveTraf_ignorePublishers" name="liveTraf_ignorePublishers"
332
+ value="1" <?php $w->cb( 'liveTraf_ignorePublishers' ); ?> /></td>
333
+ </tr>
334
+ <tr>
335
+ <th>List of comma separated usernames to ignore:</th>
336
+ <td><input type="text" name="liveTraf_ignoreUsers" id="liveTraf_ignoreUsers"
337
+ value="<?php echo $w->getHTML( 'liveTraf_ignoreUsers' ); ?>"/></td>
338
+ </tr>
339
+ <tr>
340
+ <th>List of comma separated IP addresses to ignore:</th>
341
+ <td><input type="text" name="liveTraf_ignoreIPs" id="liveTraf_ignoreIPs"
342
+ value="<?php echo $w->getHTML( 'liveTraf_ignoreIPs' ); ?>"/></td>
343
+ </tr>
344
+ <tr>
345
+ <th>Browser user-agent to ignore:</th>
346
+ <td><input type="text" name="liveTraf_ignoreUA" id="liveTraf_ignoreUA"
347
+ value="<?php echo $w->getHTML( 'liveTraf_ignoreUA' ); ?>"/></td>
348
+ </tr>
349
+ <tr>
350
+ <td colspan="2">
351
+ <div class="wfMarker" id="wfMarkerScansToInclude"></div>
352
+ <h3 class="wfConfigHeading">Scans to include<a
353
+ href="http://docs.wordfence.com/en/Wordfence_options#Scans_to_Include" target="_blank"
354
+ class="wfhelp"></a></h3></td>
355
+ </tr>
356
+ <?php if ( wfConfig::get( 'isPaid' ) ) { ?>
357
+ <tr>
358
+ <th>Scan public facing site for vulnerabilities?<a
359
+ href="http://docs.wordfence.com/en/Wordfence_options#Scan_public_facing_site"
360
+ target="_blank" class="wfhelp"></a></th>
361
+ <td><input type="checkbox" id="scansEnabled_public" class="wfConfigElem"
362
+ name="scansEnabled_public" value="1" <?php $w->cb( 'scansEnabled_public' ); ?></td>
363
+ </tr>
364
+ <?php } else { ?>
365
+ <tr>
366
+ <th style="color: #F00;">Scan public facing site for vulnerabilities?<a
367
+ href="http://docs.wordfence.com/en/Wordfence_options#Scan_public_facing_site"
368
+ target="_blank" class="wfhelp"></a>(<a
369
+ href="https://www.wordfence.com/wordfence-signup/" target="_blank">Paid members only</a>)
370
+ </th>
371
+ <td><input type="checkbox" id="scansEnabled_public" class="wfConfigElem"
372
+ name="scansEnabled_public" value="1" DISABLED /></td>
373
+ </tr>
374
+ <?php } ?>
375
+ <tr>
376
+ <th>Scan for the HeartBleed vulnerability?<a
377
+ href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_the_HeartBleed_vulnerability"
378
+ target="_blank" class="wfhelp"></a></th>
379
+ <td><input type="checkbox" id="scansEnabled_heartbleed" class="wfConfigElem"
380
+ name="scansEnabled_heartbleed" value="1" <?php $w->cb( 'scansEnabled_heartbleed' ); ?>
381
+ </td>
382
+ </tr>
383
+ <tr>
384
+ <th>Scan core files against repository versions for changes<a
385
+ href="http://docs.wordfence.com/en/Wordfence_options#Scan_core_files_against_repository_version_for_changes"
386
+ target="_blank" class="wfhelp"></a></th>
387
+ <td><input type="checkbox" id="scansEnabled_core" class="wfConfigElem" name="scansEnabled_core"
388
+ value="1" <?php $w->cb( 'scansEnabled_core' ); ?>/></td>
389
+ </tr>
390
+
391
+ <tr>
392
+ <th>Scan theme files against repository versions for changes<a
393
+ href="http://docs.wordfence.com/en/Wordfence_options#Scan_theme_files_against_repository_versions_for_changes"
394
+ target="_blank" class="wfhelp"></a></th>
395
+ <td><input type="checkbox" id="scansEnabled_themes" class="wfConfigElem" name="scansEnabled_themes"
396
+ value="1" <?php $w->cb( 'scansEnabled_themes' ); ?>/></td>
397
+ </tr>
398
+ <tr>
399
+ <th>Scan plugin files against repository versions for changes<a
400
+ href="http://docs.wordfence.com/en/Wordfence_options#Scan_plugin_files_against_repository_versions_for_changes"
401
+ target="_blank" class="wfhelp"></a></th>
402
+ <td><input type="checkbox" id="scansEnabled_plugins" class="wfConfigElem"
403
+ name="scansEnabled_plugins" value="1" <?php $w->cb( 'scansEnabled_plugins' ); ?>/></td>
404
+ </tr>
405
+ <tr>
406
+ <th>Scan for signatures of known malicious files<a
407
+ href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_signatures_of_known_malicious_files"
408
+ target="_blank" class="wfhelp"></a></th>
409
+ <td><input type="checkbox" id="scansEnabled_malware" class="wfConfigElem"
410
+ name="scansEnabled_malware" value="1" <?php $w->cb( 'scansEnabled_malware' ); ?>/></td>
411
+ </tr>
412
+ <tr>
413
+ <th>Scan file contents for backdoors, trojans and suspicious code<a
414
+ href="http://docs.wordfence.com/en/Wordfence_options#Scan_file_contents_for_backdoors.2C_trojans_and_suspicious_code"
415
+ target="_blank" class="wfhelp"></a></th>
416
+ <td><input type="checkbox" id="scansEnabled_fileContents" class="wfConfigElem"
417
+ name="scansEnabled_fileContents"
418
+ value="1" <?php $w->cb( 'scansEnabled_fileContents' ); ?>/></td>
419
+ </tr>
420
+ <tr>
421
+ <th>Scan posts for known dangerous URLs and suspicious content<a
422
+ href="http://docs.wordfence.com/en/Wordfence_options#Scan_posts_for_known_dangerous_URLs_and_suspicious_content"
423
+ target="_blank" class="wfhelp"></a></th>
424
+ <td><input type="checkbox" id="scansEnabled_posts" class="wfConfigElem" name="scansEnabled_posts"
425
+ value="1" <?php $w->cb( 'scansEnabled_posts' ); ?>/></td>
426
+ </tr>
427
+ <tr>
428
+ <th>Scan comments for known dangerous URLs and suspicious content<a
429
+ href="http://docs.wordfence.com/en/Wordfence_options#Scan_comments_for_known_dangerous_URLs_and_suspicious_content"
430
+ target="_blank" class="wfhelp"></a></th>
431
+ <td><input type="checkbox" id="scansEnabled_comments" class="wfConfigElem"
432
+ name="scansEnabled_comments" value="1" <?php $w->cb( 'scansEnabled_comments' ); ?>/></td>
433
+ </tr>
434
+ <tr>
435
+ <th>Scan for out of date plugins, themes and WordPress versions<a
436
+ href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_out_of_date_plugins.2C_themes_and_WordPress_versions"
437
+ target="_blank" class="wfhelp"></a></th>
438
+ <td><input type="checkbox" id="scansEnabled_oldVersions" class="wfConfigElem"
439
+ name="scansEnabled_oldVersions"
440
+ value="1" <?php $w->cb( 'scansEnabled_oldVersions' ); ?>/></td>
441
+ </tr>
442
+ <tr>
443
+ <th>Check the strength of passwords<a
444
+ href="http://docs.wordfence.com/en/Wordfence_options#Check_the_strength_of_passwords"
445
+ target="_blank" class="wfhelp"></a></th>
446
+ <td><input type="checkbox" id="scansEnabled_passwds" class="wfConfigElem"
447
+ name="scansEnabled_passwds" value="1" <?php $w->cb( 'scansEnabled_passwds' ); ?>/></td>
448
+ </tr>
449
+ <tr>
450
+ <th>Scan options table<a href="http://docs.wordfence.com/en/Wordfence_options#Scan_options_table"
451
+ target="_blank" class="wfhelp"></a></th>
452
+ <td><input type="checkbox" id="scansEnabled_options" class="wfConfigElem"
453
+ name="scansEnabled_options" value="1" <?php $w->cb( 'scansEnabled_options' ); ?>/></td>
454
+ </tr>
455
+ <tr>
456
+ <th>Monitor disk space<a href="http://docs.wordfence.com/en/Wordfence_options#Monitor_disk_space"
457
+ target="_blank" class="wfhelp"></a></th>
458
+ <td><input type="checkbox" id="scansEnabled_diskSpace" class="wfConfigElem"
459
+ name="scansEnabled_diskSpace" value="1" <?php $w->cb( 'scansEnabled_diskSpace' ); ?>/>
460
+ </td>
461
+ </tr>
462
+ <tr>
463
+ <th>Scan for unauthorized DNS changes<a
464
+ href="http://docs.wordfence.com/en/Wordfence_options#Scan_for_unauthorized_DNS_changes"
465
+ target="_blank" class="wfhelp"></a></th>
466
+ <td><input type="checkbox" id="scansEnabled_dns" class="wfConfigElem" name="scansEnabled_dns"
467
+ value="1" <?php $w->cb( 'scansEnabled_dns' ); ?>/></td>
468
+ </tr>
469
+ <tr>
470
+ <th>Scan files outside your WordPress installation<a
471
+ href="http://docs.wordfence.com/en/Wordfence_options#Scan_files_outside_your_WordPress_installation"
472
+ target="_blank" class="wfhelp"></a></th>
473
+ <td><input type="checkbox" id="other_scanOutside" class="wfConfigElem" name="other_scanOutside"
474
+ value="1" <?php $w->cb( 'other_scanOutside' ); ?> /></td>
475
+ </tr>
476
+ <tr>
477
+ <th>Scan image files as if they were executable<a
478
+ href="http://docs.wordfence.com/en/Wordfence_options#Scan_image_files_as_if_they_were_executable"
479
+ target="_blank" class="wfhelp"></a></th>
480
+ <td><input type="checkbox" id="scansEnabled_scanImages" class="wfConfigElem"
481
+ name="scansEnabled_scanImages" value="1" <?php $w->cb( 'scansEnabled_scanImages' ); ?> />
482
+ </td>
483
+ </tr>
484
+ <tr>
485
+ <th>Enable HIGH SENSITIVITY scanning. May give false positives.<a
486
+ href="http://docs.wordfence.com/en/Wordfence_options#Enable_HIGH_SENSITIVITY_scanning"
487
+ target="_blank" class="wfhelp"></a></th>
488
+ <td><input type="checkbox" id="scansEnabled_highSense" class="wfConfigElem"
489
+ name="scansEnabled_highSense" value="1" <?php $w->cb( 'scansEnabled_highSense' ); ?> />
490
+ </td>
491
+ </tr>
492
+ <tr>
493
+ <th>Exclude files from scan that match these wildcard patterns. Comma separated.<a
494
+ href="http://docs.wordfence.com/en/Wordfence_options#Exclude_files_from_scan_that_match_these_wildcard_patterns."
495
+ target="_blank" class="wfhelp"></a></th>
496
+ <td><input type="text" id="scan_exclude" class="wfConfigElem" name="scan_exclude" size="20"
497
+ value="<?php echo $w->getHTML( 'scan_exclude' ); ?>"/>e.g. *.sql,*.tar,backup*.zip
498
+ </td>
499
+ </tr>
500
+ <tr>
501
+ <td colspan="2">
502
+ <div class="wfMarker" id="wfMarkerFirewallRules"></div>
503
+ <h3 class="wfConfigHeading">Firewall Rules<a
504
+ href="http://docs.wordfence.com/en/Wordfence_options#Firewall_Rules" target="_blank"
505
+ class="wfhelp"></a></h3>
506
+ </td>
507
+ </tr>
508
+ <tr>
509
+ <th>Immediately block fake Google crawlers:<a
510
+ href="http://docs.wordfence.com/en/Wordfence_options#Immediately_block_fake_Google_crawlers:"
511
+ target="_blank" class="wfhelp"></a></th>
512
+ <td><input type="checkbox" id="blockFakeBots" class="wfConfigElem" name="blockFakeBots"
513
+ value="1" <?php $w->cb( 'blockFakeBots' ); ?>/></td>
514
+ </tr>
515
+ <tr>
516
+ <th>How should we treat Google's crawlers<a
517
+ href="http://docs.wordfence.com/en/Wordfence_options#How_should_we_treat_Google.27s_crawlers"
518
+ target="_blank" class="wfhelp"></a></th>
519
+ <td>
520
+ <select id="neverBlockBG" class="wfConfigElem" name="neverBlockBG">
521
+ <option value="neverBlockVerified"<?php $w->sel( 'neverBlockBG', 'neverBlockVerified' ); ?>>
522
+ Verified Google crawlers have unlimited access to this site
523
+ </option>
524
+ <option value="neverBlockUA"<?php $w->sel( 'neverBlockBG', 'neverBlockUA' ); ?>>Anyone
525
+ claiming to be Google has unlimited access
526
+ </option>
527
+ <option
528
+ value="treatAsOtherCrawlers"<?php $w->sel( 'neverBlockBG', 'treatAsOtherCrawlers' ); ?>>
529
+ Treat Google like any other Crawler
530
+ </option>
531
+ </select></td>
532
+ </tr>
533
+ <tr>
534
+ <th>If anyone's requests exceed:<a
535
+ href="http://docs.wordfence.com/en/Wordfence_options#If_anyone.27s_requests_exceed:"
536
+ target="_blank" class="wfhelp"></a></th>
537
+ <td><?php $rateName = 'maxGlobalRequests';
538
+ require( 'wfRate.php' ); ?> then <?php $throtName = 'maxGlobalRequests_action';
539
+ require( 'wfAction.php' ); ?></td>
540
+ </tr>
541
+ <tr>
542
+ <th>If a crawler's page views exceed:<a
543
+ href="http://docs.wordfence.com/en/Wordfence_options#If_a_crawler.27s_page_views_exceed"
544
+ target="_blank" class="wfhelp"></a></th>
545
+ <td><?php $rateName = 'maxRequestsCrawlers';
546
+ require( 'wfRate.php' ); ?> then <?php $throtName = 'maxRequestsCrawlers_action';
547
+ require( 'wfAction.php' ); ?></td>
548
+ </tr>
549
+ <tr>
550
+ <th>If a crawler's pages not found (404s) exceed:<a
551
+ href="http://docs.wordfence.com/en/Wordfence_options#If_a_crawler.27s_pages_not_found_.28404s.29_exceed"
552
+ target="_blank" class="wfhelp"></a></th>
553
+ <td><?php $rateName = 'max404Crawlers';
554
+ require( 'wfRate.php' ); ?> then <?php $throtName = 'max404Crawlers_action';
555
+ require( 'wfAction.php' ); ?></td>
556
+ </tr>
557
+ <tr>
558
+ <th>If a human's page views exceed:<a
559
+ href="http://docs.wordfence.com/en/Wordfence_options#If_a_human.27s_page_views_exceed"
560
+ target="_blank" class="wfhelp"></a></th>
561
+ <td><?php $rateName = 'maxRequestsHumans';
562
+ require( 'wfRate.php' ); ?> then <?php $throtName = 'maxRequestsHumans_action';
563
+ require( 'wfAction.php' ); ?></td>
564
+ </tr>
565
+ <tr>
566
+ <th>If a human's pages not found (404s) exceed:<a
567
+ href="http://docs.wordfence.com/en/Wordfence_options#If_a_human.27s_pages_not_found_.28404s.29_exceed"
568
+ target="_blank" class="wfhelp"></a></th>
569
+ <td><?php $rateName = 'max404Humans';
570
+ require( 'wfRate.php' ); ?> then <?php $throtName = 'max404Humans_action';
571
+ require( 'wfAction.php' ); ?></td>
572
+ </tr>
573
+ <tr>
574
+ <th>If 404's for known vulnerable URL's exceed:<a
575
+ href="http://docs.wordfence.com/en/Wordfence_options#If_404.27s_for_known_vulnerable_URL.27s_exceed"
576
+ target="_blank" class="wfhelp"></a></th>
577
+ <td><?php $rateName = 'maxScanHits';
578
+ require( 'wfRate.php' ); ?> then <?php $throtName = 'maxScanHits_action';
579
+ require( 'wfAction.php' ); ?></td>
580
+ </tr>
581
+ <tr>
582
+ <th>How long is an IP address blocked when it breaks a rule:<a
583
+ href="http://docs.wordfence.com/en/Wordfence_options#How_long_is_an_IP_address_blocked_when_it_breaks_a_rule"
584
+ target="_blank" class="wfhelp"></a></th>
585
+ <td>
586
+ <select id="blockedTime" class="wfConfigElem" name="blockedTime">
587
+ <option value="60"<?php $w->sel( 'blockedTime', '60' ); ?>>1 minute</option>
588
+ <option value="300"<?php $w->sel( 'blockedTime', '300' ); ?>>5 minutes</option>
589
+ <option value="1800"<?php $w->sel( 'blockedTime', '1800' ); ?>>30 minutes</option>
590
+ <option value="3600"<?php $w->sel( 'blockedTime', '3600' ); ?>>1 hour</option>
591
+ <option value="7200"<?php $w->sel( 'blockedTime', '7200' ); ?>>2 hours</option>
592
+ <option value="21600"<?php $w->sel( 'blockedTime', '21600' ); ?>>6 hours</option>
593
+ <option value="43200"<?php $w->sel( 'blockedTime', '43200' ); ?>>12 hours</option>
594
+ <option value="86400"<?php $w->sel( 'blockedTime', '86400' ); ?>>1 day</option>
595
+ <option value="172800"<?php $w->sel( 'blockedTime', '172800' ); ?>>2 days</option>
596
+ <option value="432000"<?php $w->sel( 'blockedTime', '432000' ); ?>>5 days</option>
597
+ <option value="864000"<?php $w->sel( 'blockedTime', '864000' ); ?>>10 days</option>
598
+ <option value="2592000"<?php $w->sel( 'blockedTime', '2592000' ); ?>>1 month</option>
599
+ </select></td>
600
+ </tr>
601
+
602
+ <tr>
603
+ <td colspan="2">
604
+ <div class="wfMarker" id="wfMarkerLoginSecurity"></div>
605
+ <h3 class="wfConfigHeading">Login Security Options<a
606
+ href="http://docs.wordfence.com/en/Wordfence_options#Login_Security_Options"
607
+ target="_blank" class="wfhelp"></a></h3>
608
+ </td>
609
+ </tr>
610
+ <tr>
611
+ <th>Enforce strong passwords?<a
612
+ href="http://docs.wordfence.com/en/Wordfence_options#Enforce_strong_passwords.3F"
613
+ target="_blank" class="wfhelp"></a></th>
614
+ <td>
615
+ <select class="wfConfigElem" id="loginSec_strongPasswds" name="loginSec_strongPasswds">
616
+ <option value="">Do not force users to use strong passwords</option>
617
+ <option value="pubs"<?php $w->sel( 'loginSec_strongPasswds', 'pubs' ); ?>>Force admins and
618
+ publishers to use strong passwords (recommended)
619
+ </option>
620
+ <option value="all"<?php $w->sel( 'loginSec_strongPasswds', 'all' ); ?>>Force all members to
621
+ use strong passwords
622
+ </option>
623
+ </select>
624
+ <tr>
625
+ <th>Lock out after how many login failures<a
626
+ href="http://docs.wordfence.com/en/Wordfence_options#Lock_out_after_how_many_login_failures"
627
+ target="_blank" class="wfhelp"></a></th>
628
+ <td>
629
+ <select id="loginSec_maxFailures" class="wfConfigElem" name="loginSec_maxFailures">
630
+ <option value="1"<?php $w->sel( 'loginSec_maxFailures', '1' ); ?>>1</option>
631
+ <option value="2"<?php $w->sel( 'loginSec_maxFailures', '2' ); ?>>2</option>
632
+ <option value="3"<?php $w->sel( 'loginSec_maxFailures', '3' ); ?>>3</option>
633
+ <option value="4"<?php $w->sel( 'loginSec_maxFailures', '4' ); ?>>4</option>
634
+ <option value="5"<?php $w->sel( 'loginSec_maxFailures', '5' ); ?>>5</option>
635
+ <option value="6"<?php $w->sel( 'loginSec_maxFailures', '6' ); ?>>6</option>
636
+ <option value="7"<?php $w->sel( 'loginSec_maxFailures', '7' ); ?>>7</option>
637
+ <option value="8"<?php $w->sel( 'loginSec_maxFailures', '8' ); ?>>8</option>
638
+ <option value="9"<?php $w->sel( 'loginSec_maxFailures', '9' ); ?>>9</option>
639
+ <option value="10"<?php $w->sel( 'loginSec_maxFailures', '10' ); ?>>10</option>
640
+ <option value="20"<?php $w->sel( 'loginSec_maxFailures', '20' ); ?>>20</option>
641
+ <option value="30"<?php $w->sel( 'loginSec_maxFailures', '30' ); ?>>30</option>
642
+ <option value="40"<?php $w->sel( 'loginSec_maxFailures', '40' ); ?>>40</option>
643
+ <option value="50"<?php $w->sel( 'loginSec_maxFailures', '50' ); ?>>50</option>
644
+ <option value="100"<?php $w->sel( 'loginSec_maxFailures', '100' ); ?>>100</option>
645
+ <option value="200"<?php $w->sel( 'loginSec_maxFailures', '200' ); ?>>200</option>
646
+ <option value="500"<?php $w->sel( 'loginSec_maxFailures', '500' ); ?>>500</option>
647
+ </select>
648
+ </td>
649
+ </tr>
650
+ <tr>
651
+ <th>Lock out after how many forgot password attempts<a
652
+ href="http://docs.wordfence.com/en/Wordfence_options#Lock_out_after_how_many_forgot_password_attempts"
653
+ target="_blank" class="wfhelp"></a></th>
654
+ <td>
655
+ <select id="loginSec_maxForgotPasswd" class="wfConfigElem" name="loginSec_maxForgotPasswd">
656
+ <option value="1"<?php $w->sel( 'loginSec_maxForgotPasswd', '1' ); ?>>1</option>
657
+ <option value="2"<?php $w->sel( 'loginSec_maxForgotPasswd', '2' ); ?>>2</option>
658
+ <option value="3"<?php $w->sel( 'loginSec_maxForgotPasswd', '3' ); ?>>3</option>
659
+ <option value="4"<?php $w->sel( 'loginSec_maxForgotPasswd', '4' ); ?>>4</option>
660
+ <option value="5"<?php $w->sel( 'loginSec_maxForgotPasswd', '5' ); ?>>5</option>
661
+ <option value="6"<?php $w->sel( 'loginSec_maxForgotPasswd', '6' ); ?>>6</option>
662
+ <option value="7"<?php $w->sel( 'loginSec_maxForgotPasswd', '7' ); ?>>7</option>
663
+ <option value="8"<?php $w->sel( 'loginSec_maxForgotPasswd', '8' ); ?>>8</option>
664
+ <option value="9"<?php $w->sel( 'loginSec_maxForgotPasswd', '9' ); ?>>9</option>
665
+ <option value="10"<?php $w->sel( 'loginSec_maxForgotPasswd', '10' ); ?>>10</option>
666
+ <option value="20"<?php $w->sel( 'loginSec_maxForgotPasswd', '20' ); ?>>20</option>
667
+ <option value="30"<?php $w->sel( 'loginSec_maxForgotPasswd', '30' ); ?>>30</option>
668
+ <option value="40"<?php $w->sel( 'loginSec_maxForgotPasswd', '40' ); ?>>40</option>
669
+ <option value="50"<?php $w->sel( 'loginSec_maxForgotPasswd', '50' ); ?>>50</option>
670
+ <option value="100"<?php $w->sel( 'loginSec_maxForgotPasswd', '100' ); ?>>100</option>
671
+ <option value="200"<?php $w->sel( 'loginSec_maxForgotPasswd', '200' ); ?>>200</option>
672
+ <option value="500"<?php $w->sel( 'loginSec_maxForgotPasswd', '500' ); ?>>500</option>
673
+ </select>
674
+ </td>
675
+ </tr>
676
+ <tr>
677
+ <th>Count failures over what time period<a
678
+ href="http://docs.wordfence.com/en/Wordfence_options#Count_failures_over_what_time_period"
679
+ target="_blank" class="wfhelp"></a></th>
680
+ <td>
681
+ <select id="loginSec_countFailMins" class="wfConfigElem" name="loginSec_countFailMins">
682
+ <option value="5"<?php $w->sel( 'loginSec_countFailMins', '5' ); ?>>5 minutes</option>
683
+ <option value="10"<?php $w->sel( 'loginSec_countFailMins', '10' ); ?>>10 minutes</option>
684
+ <option value="30"<?php $w->sel( 'loginSec_countFailMins', '30' ); ?>>30 minutes</option>
685
+ <option value="60"<?php $w->sel( 'loginSec_countFailMins', '60' ); ?>>1 hour</option>
686
+ <option value="120"<?php $w->sel( 'loginSec_countFailMins', '120' ); ?>>2 hours</option>
687
+ <option value="360"<?php $w->sel( 'loginSec_countFailMins', '360' ); ?>>6 hours</option>
688
+ <option value="720"<?php $w->sel( 'loginSec_countFailMins', '720' ); ?>>12 hours</option>
689
+ <option value="1440"<?php $w->sel( 'loginSec_countFailMins', '1440' ); ?>>1 day</option>
690
+ </select>
691
+ </td>
692
+ </tr>
693
+ <tr>
694
+ <th>Amount of time a user is locked out<a
695
+ href="http://docs.wordfence.com/en/Wordfence_options#Amount_of_time_a_user_is_locked_out"
696
+ target="_blank" class="wfhelp"></a></th>
697
+ <td>
698
+ <select id="loginSec_lockoutMins" class="wfConfigElem" name="loginSec_lockoutMins">
699
+ <option value="5"<?php $w->sel( 'loginSec_lockoutMins', '5' ); ?>>5 minutes</option>
700
+ <option value="10"<?php $w->sel( 'loginSec_lockoutMins', '10' ); ?>>10 minutes</option>
701
+ <option value="30"<?php $w->sel( 'loginSec_lockoutMins', '30' ); ?>>30 minutes</option>
702
+ <option value="60"<?php $w->sel( 'loginSec_lockoutMins', '60' ); ?>>1 hour</option>
703
+ <option value="120"<?php $w->sel( 'loginSec_lockoutMins', '120' ); ?>>2 hours</option>
704
+ <option value="360"<?php $w->sel( 'loginSec_lockoutMins', '360' ); ?>>6 hours</option>
705
+ <option value="720"<?php $w->sel( 'loginSec_lockoutMins', '720' ); ?>>12 hours</option>
706
+ <option value="1440"<?php $w->sel( 'loginSec_lockoutMins', '1440' ); ?>>1 day</option>
707
+ <option value="2880"<?php $w->sel( 'loginSec_lockoutMins', '2880' ); ?>>2 days</option>
708
+ <option value="7200"<?php $w->sel( 'loginSec_lockoutMins', '7200' ); ?>>5 days</option>
709
+ <option value="14400"<?php $w->sel( 'loginSec_lockoutMins', '14400' ); ?>>10 days</option>
710
+ <option value="28800"<?php $w->sel( 'loginSec_lockoutMins', '28800' ); ?>>20 days</option>
711
+ <option value="43200"<?php $w->sel( 'loginSec_lockoutMins', '43200' ); ?>>30 days</option>
712
+ <option value="86400"<?php $w->sel( 'loginSec_lockoutMins', '86400' ); ?>>60 days</option>
713
+ </select>
714
+ </td>
715
+ </tr>
716
+ <tr>
717
+ <th>Immediately lock out invalid usernames<a
718
+ href="http://docs.wordfence.com/en/Wordfence_options#Immediately_lock_out_invalid_usernames"
719
+ target="_blank" class="wfhelp"></a></th>
720
+ <td><input type="checkbox" id="loginSec_lockInvalidUsers" class="wfConfigElem"
721
+ name="loginSec_lockInvalidUsers" <?php $w->cb( 'loginSec_lockInvalidUsers' ); ?> /></td>
722
+ </tr>
723
+ <tr>
724
+ <th>Don't let WordPress reveal valid users in login errors<a
725
+ href="http://docs.wordfence.com/en/Wordfence_options#Don.27t_let_WordPress_reveal_valid_users_in_login_errors"
726
+ target="_blank" class="wfhelp"></a></th>
727
+ <td><input type="checkbox" id="loginSec_maskLoginErrors" class="wfConfigElem"
728
+ name="loginSec_maskLoginErrors" <?php $w->cb( 'loginSec_maskLoginErrors' ); ?> /></td>
729
+ </tr>
730
+ <tr>
731
+ <th>Prevent users registering 'admin' username if it doesn't exist<a
732
+ href="http://docs.wordfence.com/en/Wordfence_options#Prevent_users_registering_.27admin.27_username_if_it_doesn.27t_exist"
733
+ target="_blank" class="wfhelp"></a></th>
734
+ <td><input type="checkbox" id="loginSec_blockAdminReg" class="wfConfigElem"
735
+ name="loginSec_blockAdminReg" <?php $w->cb( 'loginSec_blockAdminReg' ); ?> /></td>
736
+ </tr>
737
+ <tr>
738
+ <th>Prevent discovery of usernames through '?/author=N' scans<a
739
+ href="http://docs.wordfence.com/en/Wordfence_options#Prevent_discovery_of_usernames_through_.27.3F.2Fauthor.3DN.27_scans"
740
+ target="_blank" class="wfhelp"></a></th>
741
+ <td><input type="checkbox" id="loginSec_disableAuthorScan" class="wfConfigElem"
742
+ name="loginSec_disableAuthorScan" <?php $w->cb( 'loginSec_disableAuthorScan' ); ?> />
743
+ </td>
744
+ </tr>
745
+ <tr>
746
+ <th>Immediately block the IP of users who try to sign in as these usernames<a
747
+ href="http://docs.wordfence.com/en/Wordfence_options#Immediately_block_the_IP_of_users_who_try_to_sign_in_as_these_usernames"
748
+ target="_blank" class="wfhelp"></a></th>
749
+ <td><input type="text" name="loginSec_userBlacklist" id="loginSec_userBlacklist"
750
+ value="<?php echo $w->getHTML( 'loginSec_userBlacklist' ); ?>" size="40"/>&nbsp;(Comma
751
+ separated. Existing users won't be blocked.)
752
+ </td>
753
+ </tr>
754
+ <tr>
755
+ <td colspan="2">
756
+ <div class="wfMarker" id="wfMarkerOtherOptions"></div>
757
+ <h3 class="wfConfigHeading">Other Options<a
758
+ href="http://docs.wordfence.com/en/Wordfence_options#Other_Options" target="_blank"
759
+ class="wfhelp"></a></h3>
760
+ </td>
761
+ </tr>
762
+
763
+ <tr>
764
+ <th>Whitelisted IP addresses that bypass all rules:<a
765
+ href="http://docs.wordfence.com/en/Wordfence_options#Whitelisted_IP_addresses_that_bypass_all_rules"
766
+ target="_blank" class="wfhelp"></a></th>
767
+ <td><input type="text" name="whitelisted" id="whitelisted"
768
+ value="<?php echo $w->getHTML( 'whitelisted' ); ?>" size="40"/></td>
769
+ </tr>
770
+ <tr>
771
+ <th colspan="2" style="color: #999;">Whitelisted IP's must be separated by commas. You can specify
772
+ ranges using the following format: 123.23.34.[1-50]<br/>Wordfence automatically whitelists <a
773
+ href="http://en.wikipedia.org/wiki/Private_network" target="_blank">private networks</a>
774
+ because these are not routable on the public Internet.<br/><br/></th>
775
+ </tr>
776
+
777
+ <tr>
778
+ <th>Immediately block IP's that access these URLs:<a
779
+ href="http://docs.wordfence.com/en/Wordfence_options#Immediately_block_IP.27s_that_access_these_URLs"
780
+ target="_blank" class="wfhelp"></a></th>
781
+ <td><input type="text" name="bannedURLs" id="bannedURLs"
782
+ value="<?php echo $w->getHTML( 'bannedURLs' ); ?>" size="40"/></td>
783
+ </tr>
784
+ <tr>
785
+ <th colspan="2" style="color: #999;">Separate multiple URL's with commas. If you see an attacker
786
+ repeatedly probing your site for a known vulnerability you can use this to immediately block
787
+ them.<br/>
788
+ All URL's must start with a '/' without quotes and must be relative. e.g. /badURLone/,
789
+ /bannedPage.html, /dont-access/this/URL/
790
+ <br/><br/></th>
791
+ </tr>
792
+
793
+ <tr>
794
+ <th>Hide WordPress version<a
795
+ href="http://docs.wordfence.com/en/Wordfence_options#Hide_WordPress_version" target="_blank"
796
+ class="wfhelp"></a></th>
797
+ <td><input type="checkbox" id="other_hideWPVersion" class="wfConfigElem" name="other_hideWPVersion"
798
+ value="1" <?php $w->cb( 'other_hideWPVersion' ); ?> /></td>
799
+ </tr>
800
+ <tr>
801
+ <th>Block IP's who send POST requests with blank User-Agent and Referer<a
802
+ href="http://docs.wordfence.com/en/Wordfence_options#Block_IP.27s_who_send_POST_requests_with_blank_User-Agent_and_Referer" target="_blank"
803
+ class="wfhelp"></a></th>
804
+ <td><input type="checkbox" id="other_blockBadPOST" class="wfConfigElem" name="other_blockBadPOST"
805
+ value="1" <?php $w->cb( 'other_blockBadPOST' ); ?> /></td>
806
+ </tr>
807
+ <tr>
808
+ <th>Hold anonymous comments using member emails for moderation<a
809
+ href="http://docs.wordfence.com/en/Wordfence_options#Hold_anonymous_comments_using_member_emails_for_moderation"
810
+ target="_blank" class="wfhelp"></a></th>
811
+ <td><input type="checkbox" id="other_noAnonMemberComments" class="wfConfigElem"
812
+ name="other_noAnonMemberComments"
813
+ value="1" <?php $w->cb( 'other_noAnonMemberComments' ); ?> /></td>
814
+ </tr>
815
+ <tr>
816
+ <th>Filter comments for malware and phishing URL's<a
817
+ href="http://docs.wordfence.com/en/Wordfence_options#Filter_comments_for_malware_and_phishing_URL.27s"
818
+ target="_blank" class="wfhelp"></a></th>
819
+ <td><input type="checkbox" id="other_scanComments" class="wfConfigElem" name="other_scanComments"
820
+ value="1" <?php $w->cb( 'other_scanComments' ); ?> /></td>
821
+ </tr>
822
+ <tr>
823
+ <th>Check password strength on profile update<a
824
+ href="http://docs.wordfence.com/en/Wordfence_options#Check_password_strength_on_profile_update"
825
+ target="_blank" class="wfhelp"></a></th>
826
+ <td><input type="checkbox" id="other_pwStrengthOnUpdate" class="wfConfigElem"
827
+ name="other_pwStrengthOnUpdate"
828
+ value="1" <?php $w->cb( 'other_pwStrengthOnUpdate' ); ?> /></td>
829
+ </tr>
830
+ <tr>
831
+ <th>Participate in the Real-Time WordPress Security Network<a
832
+ href="http://docs.wordfence.com/en/Wordfence_options#Participate_in_the_Real-Time_WordPress_Security_Network"
833
+ target="_blank" class="wfhelp"></a></th>
834
+ <td><input type="checkbox" id="other_WFNet" class="wfConfigElem" name="other_WFNet"
835
+ value="1" <?php $w->cb( 'other_WFNet' ); ?> /></td>
836
+ </tr>
837
+ <tr>
838
+ <th>How much memory should Wordfence request when scanning<a
839
+ href="http://docs.wordfence.com/en/Wordfence_options#How_much_memory_should_Wordfence_request_when_scanning"
840
+ target="_blank" class="wfhelp"></a></th>
841
+ <td><input type="text" id="maxMem" name="maxMem" value="<?php $w->f( 'maxMem' ); ?>" size="4"/>Megabytes
842
+ </td>
843
+ </tr>
844
+ <tr>
845
+ <th>Maximum execution time for each scan stage<a
846
+ href="http://docs.wordfence.com/en/Wordfence_options#Maximum_execution_time_for_each_scan_stage"
847
+ target="_blank" class="wfhelp"></a></th>
848
+ <td><input type="text" id="maxExecutionTime" name="maxExecutionTime"
849
+ value="<?php $w->f( 'maxExecutionTime' ); ?>" size="4"/>Blank for default. Must be
850
+ greater than 9.
851
+ </td>
852
+ </tr>
853
+ <tr>
854
+ <th>Update interval in seconds (2 is default)<a
855
+ href="http://docs.wordfence.com/en/Wordfence_options#Update_interval_in_seconds"
856
+ target="_blank" class="wfhelp"></a></th>
857
+ <td><input type="text" id="actUpdateInterval" name="actUpdateInterval"
858
+ value="<?php $w->f( 'actUpdateInterval' ); ?>" size="4"/>Setting higher will reduce
859
+ browser traffic but slow scan starts, live traffic &amp; status updates.
860
+ </td>
861
+ </tr>
862
+ <tr>
863
+ <th>Enable debugging mode (increases database load)<a
864
+ href="http://docs.wordfence.com/en/Wordfence_options#Enable_debugging_mode_.28increases_database_load.29"
865
+ target="_blank" class="wfhelp"></a></th>
866
+ <td><input type="checkbox" id="debugOn" class="wfConfigElem" name="debugOn"
867
+ value="1" <?php $w->cb( 'debugOn' ); ?> /></td>
868
+ </tr>
869
+ <tr>
870
+ <th>Delete Wordfence tables and data on deactivation?<a
871
+ href="http://docs.wordfence.com/en/Wordfence_options#Delete_Wordfence_tables_and_data_on_deactivation.3F"
872
+ target="_blank" class="wfhelp"></a></th>
873
+ <td><input type="checkbox" id="deleteTablesOnDeact" class="wfConfigElem" name="deleteTablesOnDeact"
874
+ value="1" <?php $w->cb( 'deleteTablesOnDeact' ); ?> /></td>
875
+ </tr>
876
+
877
+
878
+ <tr>
879
+ <th>Disable Wordfence Cookies<a
880
+ href="http://docs.wordfence.com/en/Wordfence_options#Disable_Wordfence_Cookies"
881
+ target="_blank" class="wfhelp"></a></th>
882
+ <td><input type="checkbox" id="disableCookies" class="wfConfigElem" name="disableCookies"
883
+ value="1" <?php $w->cb( 'disableCookies' ); ?> />(when enabled all visits in live traffic
884
+ will appear to be new visits)
885
+ </td>
886
+ </tr>
887
+ <tr>
888
+ <th>Start all scans remotely<a
889
+ href="http://docs.wordfence.com/en/Wordfence_options#Start_all_scans_remotely"
890
+ target="_blank" class="wfhelp"></a></th>
891
+ <td><input type="checkbox" id="startScansRemotely" class="wfConfigElem" name="startScansRemotely"
892
+ value="1" <?php $w->cb( 'startScansRemotely' ); ?> />(Try this if your scans aren't
893
+ starting and your site is publicly accessible)
894
+ </td>
895
+ </tr>
896
+ <tr>
897
+ <th>Disable config caching<a
898
+ href="http://docs.wordfence.com/en/Wordfence_options#Disable_config_caching" target="_blank"
899
+ class="wfhelp"></a></th>
900
+ <td><input type="checkbox" id="disableConfigCaching" class="wfConfigElem"
901
+ name="disableConfigCaching" value="1" <?php $w->cb( 'disableConfigCaching' ); ?> />(Try
902
+ this if your options aren't saving)
903
+ </td>
904
+ </tr>
905
+ <tr>
906
+ <th>Add a debugging comment to HTML source of cached pages.<a
907
+ href="http://docs.wordfence.com/en/Wordfence_options#Add_a_debugging_comment_to_HTML_source_of_cached_pages"
908
+ target="_blank" class="wfhelp"></a></th>
909
+ <td><input type="checkbox" id="addCacheComment" class="wfConfigElem" name="addCacheComment"
910
+ value="1" <?php $w->cb( 'addCacheComment' ); ?> /></td>
911
+ </tr>
912
+ <tr>
913
+ <th><label for="disableCodeExecutionUploads">Disable Code Execution for Uploads directory</label><a
914
+ href="http://docs.wordfence.com/en/Wordfence_options#Disable_Code_Execution_for_Uploads_directory"
915
+ target="_blank" class="wfhelp"></a></th>
916
+ <td><input type="checkbox" id="disableCodeExecutionUploads" class="wfConfigElem"
917
+ name="disableCodeExecutionUploads"
918
+ value="1" <?php $w->cb( 'disableCodeExecutionUploads' ); ?> /></td>
919
+ </tr>
920
+ <tr>
921
+ <th colspan="2"><a
922
+ href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=conntest&nonce=<?php echo wp_create_nonce( 'wp-ajax' ); ?>"
923
+ target="_blank">Click to test connectivity to the Wordfence API servers</a><a
924
+ href="http://docs.wordfence.com/en/Wordfence_options#Click_to_test_connectivity_to_the_Wordfence_API_servers"
925
+ target="_blank" class="wfhelp"></a></th>
926
+ </tr>
927
+ <tr>
928
+ <th colspan="2"><a
929
+ href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=sysinfo&nonce=<?php echo wp_create_nonce( 'wp-ajax' ); ?>"
930
+ target="_blank">Click to view your system's configuration in a new window</a><a
931
+ href="http://docs.wordfence.com/en/Wordfence_options#Click_to_view_your_system.27s_configuration_in_a_new_window"
932
+ target="_blank" class="wfhelp"></a></th>
933
+ </tr>
934
+ <tr>
935
+ <th colspan="2"><a
936
+ href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=cronview&nonce=<?php echo wp_create_nonce( 'wp-ajax' ); ?>"
937
+ target="_blank">Click to view your systems scheduled jobs in a new window</a><a
938
+ href="http://docs.wordfence.com/en/Wordfence_options#Click_to_view_your_system.27s_scheduled_jobs_in_a_new_window"
939
+ target="_blank" class="wfhelp"></a></th>
940
+ </tr>
941
+ <tr>
942
+ <th colspan="2"><a
943
+ href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=dbview&nonce=<?php echo wp_create_nonce( 'wp-ajax' ); ?>"
944
+ target="_blank">Click to see a list of your system's database tables in a new window</a><a
945
+ href="http://docs.wordfence.com/en/Wordfence_options#Click_to_see_a_list_of_your_system.27s_database_tables_in_a_new_window"
946
+ target="_blank" class="wfhelp"></a></th>
947
+ </tr>
948
+ <tr>
949
+ <th colspan="2"><a
950
+ href="<?php echo wfUtils::siteURLRelative(); ?>?_wfsf=testmem&nonce=<?php echo wp_create_nonce( 'wp-ajax' ); ?>"
951
+ target="_blank">Test your WordPress host's available memory</a><a
952
+ href="http://docs.wordfence.com/en/Wordfence_options#Test_your_WordPress_host.27s_available_memory"
953
+ target="_blank" class="wfhelp"></a></th>
954
+ </tr>
955
+ <tr>
956
+ <th>Send a test email from this WordPress server to an email address:<a
957
+ href="http://docs.wordfence.com/en/Wordfence_options#Send_a_test_email_from_this_WordPress_server_to_an_email_address"
958
+ target="_blank" class="wfhelp"></a></th>
959
+ <td><input type="text" id="testEmailDest" value="" size="20" maxlength="255" class="wfConfigElem"/>
960
+ <input type="button" value="Send Test Email"
961
+ onclick="WFAD.sendTestEmail(jQuery('#testEmailDest').val());"/></td>
962
+ </tr>
963
+
964
+ <tr>
965
+ <td colspan="2">
966
+ <div class="wfMarker" id="wfMarkerExportOptions"></div>
967
+ <h3 class="wfConfigHeading">Exporting and Importing Wordfence Settings<a
968
+ href="http://docs.wordfence.com/en/Wordfence_options#Exporting_and_Importing_Wordfence_Settings"
969
+ target="_blank" class="wfhelp"></a></h3>
970
+ </td>
971
+ </tr>
972
+
973
+ <tr>
974
+ <th>Export this site's Wordfence settings for import on another site:</th>
975
+ <td><input type="button" id="exportSettingsBut" value="Export Wordfence Settings"
976
+ onclick="WFAD.exportSettings(); return false;"/></td>
977
+ </tr>
978
+ <tr>
979
+ <th>Import Wordfence settings from another site using a token:</th>
980
+ <td><input type="text" size="20" value="" id="importToken"/>&nbsp;<input type="button"
981
+ name="importSettingsButton"
982
+ value="Import Settings"
983
+ onclick="WFAD.importSettings(jQuery('#importToken').val()); return false;"/>
984
+ </td>
985
+ </tr>
986
+ </table>
987
+ <p>
988
+ <table border="0" cellpadding="0" cellspacing="0">
989
+ <tr>
990
+ <td><input type="button" id="button1" name="button1" class="button-primary" value="Save Changes"
991
+ onclick="WFAD.saveConfig();"/></td>
992
+ <td style="height: 24px;">
993
+ <div class="wfAjax24"></div>
994
+ <span class="wfSavedMsg">&nbsp;Your changes have been saved!</span></td>
995
+ </tr>
996
+ </table>
997
+ </p>
998
+ </div>
999
  </form>
1000
  </div>
1001
  <script type="text/x-jquery-template" id="wfContentBasicOptions">
1002
+ <div>
1003
+ <h3>Basic Options</h3>
1004
+
1005
+ <p>
1006
+ Using Wordfence is simple. Install Wordfence, enter an email address on this page to send alerts to, and
1007
+ then do your first scan and work through the security alerts we provide.
1008
+ We give you a few basic security levels to choose from, depending on your needs. Remember to hit the "Save"
1009
+ button to save any changes you make.
1010
+ </p>
1011
+
1012
+ <p>
1013
+ If you use the free edition of Wordfence, you don't need to worry about entering an API key in the "API Key"
1014
+ field above. One is automatically created for you. If you choose to <a
1015
+ href="https://www.wordfence.com/wordfence-signup/" target="_blank">upgrade to Wordfence Premium
1016
+ edition</a>, you will receive an API key. You will need to copy and paste that key into the "API Key"
1017
+ field above and hit "Save" to activate your key.
1018
+ </p>
1019
+ </div>
1020
  </script>
1021
  <script type="text/x-jquery-template" id="wfContentLiveTrafficOptions">
1022
+ <div>
1023
+ <h3>Live Traffic Options</h3>
1024
+
1025
+ <p>
1026
+ These options let you ignore certain types of visitors, based on their level of access, usernames, IP
1027
+ address or browser type.
1028
+ If you run a very high traffic website where it is not feasible to see your visitors in real-time, simply
1029
+ un-check the live traffic option and nothing will be written to the Wordfence tracking tables.
1030
+ </p>
1031
+ </div>
1032
  </script>
1033
  <script type="text/x-jquery-template" id="wfContentScansToInclude">
1034
+ <div>
1035
+ <h3>Scans to Include</h3>
1036
+
1037
+ <p>
1038
+ This section gives you the ability to fine-tune what we scan.
1039
+ If you use many themes or plugins from the public WordPress directory we recommend you
1040
+ enable theme and plugin scanning. This will verify the integrity of all these themes and plugins and alert
1041
+ you of any changes.
1042
+
1043
+ <p>
1044
+
1045
+ <p>
1046
+ The option to "scan files outside your WordPress installation" will cause Wordfence to do a much wider
1047
+ security scan
1048
+ that is not limited to your base WordPress directory and known WordPress subdirectories. This scan may take
1049
+ longer
1050
+ but can be very useful if you have other infected files outside this WordPress installation that you would
1051
+ like us to look for.
1052
+ </p>
1053
+ </div>
1054
  </script>
1055
  <script type="text/x-jquery-template" id="wfContentFirewallRules">
1056
+ <div>
1057
+ <h3>Firewall Rules</h3>
1058
+
1059
+ <p>
1060
+ <strong>NOTE:</strong> Before modifying these rules, make sure you have access to the email address
1061
+ associated with this site's administrator account. If you accidentally lock yourself out, you will be given
1062
+ the option
1063
+ to enter that email address and receive an "unlock email" which will allow you to regain access.
1064
+ </p>
1065
+
1066
+ <p>
1067
+ <strong>Tips:</strong>
1068
+
1069
+ <p>&#8226; If you choose to limit the rate at which your site can be accessed, you need to customize the
1070
+ settings for your site.</p>
1071
+
1072
+ <p>&#8226; If your users usually skip quickly between pages, you should set the values for human visitors to be
1073
+ high.</p>
1074
+
1075
+ <p>&#8226; If you are aggressively crawled by non-Google crawlers like Baidu, you should set the page view limit
1076
+ for crawlers to a high value.</p>
1077
+
1078
+ <p>&#8226; If you are currently under attack and want to aggressively protect your site or your content, you can
1079
+ set low values for most options.</p>
1080
+
1081
+ <p>&#8226; In general we recommend you don't block fake Google crawlers unless you have a specific problem with
1082
+ someone stealing your content.</p>
1083
+
1084
+ <p>
1085
+ Remember that as long as you have your administrator email set correctly in this site's user administration,
1086
+ and you are able to receive email at that address,
1087
+ you will be able to regain access if you are accidentally locked out because your rules are too strict.
1088
+ </p>
1089
+ </div>
1090
  </script>
1091
  <script type="text/x-jquery-template" id="wfContentLoginSecurity">
1092
+ <div>
1093
+ <h3>Login Security</h3>
1094
+
1095
+ <p>
1096
+ We have found that real brute force login attacks make hundreds or thousands of requests trying to guess
1097
+ passwords or user login names.
1098
+ So in general you can leave the number of failed logins before a user is locked out as a fairly high number.
1099
+ We have found that blocking after 20 failed attempts is sufficient for most sites and it allows your real
1100
+ site users enough
1101
+ attempts to guess their forgotten passwords without getting locked out.
1102
+ </p>
1103
+ </div>
1104
  </script>
1105
  <script type="text/x-jquery-template" id="wfContentOtherOptions">
1106
+ <div>
1107
+ <h3>Other Options</h3>
1108
+
1109
+ <p>
1110
+ We have worked hard to make Wordfence memory efficient and much of the heavy lifting is done for your site
1111
+ by our cloud scanning servers in our Seattle data center.
1112
+ On most sites Wordfence will only use about 8 megabytes of additional memory when doing a scan, even if you
1113
+ have large files or a large number of files.
1114
+ You should not have to adjust the maximum memory that Wordfence can use, but we have provided the option.
1115
+ Remember that this does not affect the actual memory usage of Wordfence, simply the maximum Wordfence can
1116
+ use if it needs to.
1117
+ </p>
1118
+
1119
+ <p>
1120
+ You may find debugging mode helpful if Wordfence is not able to start a scan on your site or
1121
+ if you are experiencing some other problem. Enable debugging by checking the box, save your options
1122
+ and then try to do a scan. You will notice a lot more output on the "Scan" page.
1123
+ </p>
1124
+
1125
+ <p>
1126
+ If you decide to permanently remove Wordfence, you can choose the option to delete all data on deactivation.
1127
+ We also provide helpful links at the bottom of this page which lets you see your systems configuration and
1128
+ test how
1129
+ much memory your host really allows you to use.
1130
+ </p>
1131
+
1132
+ <p>
1133
+ Thanks for completing this tour and I'm very happy to have you as our newest Wordfence customer. Don't
1134
+ forget to <a href="http://wordpress.org/extend/plugins/wordfence/" target="_blank">rate us 5 stars if you
1135
+ love Wordfence</a>.<br/>
1136
+ <br/>
1137
+ <strong>Mark Maunder</strong> - Wordfence Creator.
1138
+ </p>
1139
+ </div>
1140
  </script>
1141
 
lib/menu_scan.php CHANGED
@@ -278,8 +278,8 @@
278
  </p>
279
  <div class="wfIssueOptions">
280
  {{if (status == 'new')}}
281
- <a href="#" onclick="WFAD.updateIssueStatus('${id}', 'delete'); return false;">I have fixed this issue</span>
282
- <a href="#" onclick="WFAD.updateIssueStatus('${id}', 'ignoreP'); return false;">Ignore issues related to this option</span>
283
  {{/if}}
284
  {{if status == 'ignoreP' || status == 'ignoreC'}}
285
  <a href="#" onclick="WFAD.updateIssueStatus('${id}', 'delete'); return false;">Stop ignoring issues related to this option</a>
@@ -309,8 +309,8 @@
309
  </p>
310
  <div class="wfIssueOptions">
311
  {{if (status == 'new')}}
312
- <a href="#" onclick="WFAD.updateIssueStatus('${id}', 'delete'); return false;">I have fixed this issue</span>
313
- <a href="#" onclick="WFAD.updateIssueStatus('${id}', 'ignoreP'); return false;">Ignore disk space alerts</span>
314
  {{/if}}
315
  {{if status == 'ignoreP' || status == 'ignoreC'}}
316
  <a href="#" onclick="WFAD.updateIssueStatus('${id}', 'delete'); return false;">Stop ignoring disk space alerts</a>
278
  </p>
279
  <div class="wfIssueOptions">
280
  {{if (status == 'new')}}
281
+ <a href="#" onclick="WFAD.updateIssueStatus('${id}', 'delete'); return false;">I have fixed this issue</a>
282
+ <a href="#" onclick="WFAD.updateIssueStatus('${id}', 'ignoreP'); return false;">Ignore issues related to this option</a>
283
  {{/if}}
284
  {{if status == 'ignoreP' || status == 'ignoreC'}}
285
  <a href="#" onclick="WFAD.updateIssueStatus('${id}', 'delete'); return false;">Stop ignoring issues related to this option</a>
309
  </p>
310
  <div class="wfIssueOptions">
311
  {{if (status == 'new')}}
312
+ <a href="#" onclick="WFAD.updateIssueStatus('${id}', 'delete'); return false;">I have fixed this issue</a>
313
+ <a href="#" onclick="WFAD.updateIssueStatus('${id}', 'ignoreP'); return false;">Ignore disk space alerts</a>
314
  {{/if}}
315
  {{if status == 'ignoreP' || status == 'ignoreC'}}
316
  <a href="#" onclick="WFAD.updateIssueStatus('${id}', 'delete'); return false;">Stop ignoring disk space alerts</a>
lib/menu_sitePerfStats.php CHANGED
@@ -110,7 +110,7 @@
110
  visited
111
  <a href="${URL}" target="_blank">${URL}</a>
112
  </div>
113
- <div clas="wfPerfLine">
114
  <span class="wfTimeAgo">${timeAgo} ago</span>&nbsp;&nbsp; <strong>IP:</strong> <a href="${WFAD.makeIPTrafLink(IP)}" target="_blank">${IP}</a>
115
  </div>
116
  {{if browser && browser.browser != 'Default Browser'}}<div class="wfPerfLine"><strong>Browser:</strong> ${browser.browser}{{if browser.version}} version ${browser.version}{{/if}}{{if browser.platform && browser.platform != 'unknown'}} running on ${browser.platform}{{/if}}</div>{{/if}}
110
  visited
111
  <a href="${URL}" target="_blank">${URL}</a>
112
  </div>
113
+ <div class="wfPerfLine">
114
  <span class="wfTimeAgo">${timeAgo} ago</span>&nbsp;&nbsp; <strong>IP:</strong> <a href="${WFAD.makeIPTrafLink(IP)}" target="_blank">${IP}</a>
115
  </div>
116
  {{if browser && browser.browser != 'Default Browser'}}<div class="wfPerfLine"><strong>Browser:</strong> ${browser.browser}{{if browser.version}} version ${browser.version}{{/if}}{{if browser.platform && browser.platform != 'unknown'}} running on ${browser.platform}{{/if}}</div>{{/if}}
lib/sysinfo.php CHANGED
@@ -16,6 +16,6 @@ $out = preg_replace('/<\/a>/', '', $out);
16
  $out = preg_replace('/<title>[^<]*<\/title>/','', $out);
17
  echo $out;
18
  ?>
19
- <div class="diffFooter">&copy;&nbsp;2011 to 2015 Wordfence &mdash; Visit <a href="http://wordfence.com/">Wordfence.com</a> for help, security updates and more.</a>
20
  </body>
21
  </html>
16
  $out = preg_replace('/<title>[^<]*<\/title>/','', $out);
17
  echo $out;
18
  ?>
19
+ <div class="diffFooter">&copy;&nbsp;2011 to 2015 Wordfence &mdash; Visit <a href="http://wordfence.com/">Wordfence.com</a> for help, security updates and more.</div>
20
  </body>
21
  </html>
lib/wfAPI.php CHANGED
@@ -7,7 +7,6 @@ class wfAPI {
7
  private $curlContent = 0;
8
  private $APIKey = '';
9
  private $wordpressVersion = '';
10
- private static $maintMsg = "The Wordfence scanning server could not be contacted.";
11
  public function __construct($apiKey, $wordpressVersion){
12
  $this->APIKey = $apiKey;
13
  $this->wordpressVersion = $wordpressVersion;
@@ -69,7 +68,7 @@ class wfAPI {
69
  curl_setopt($curl, CURLOPT_POST, true);
70
  curl_setopt($curl, CURLOPT_POSTFIELDS, $postParams);
71
  wordfence::status(4, 'info', "CURL fetching URL: " . $url);
72
- $curlResult = curl_exec($curl);
73
 
74
  $httpStatus = curl_getinfo($curl, CURLINFO_HTTP_CODE);
75
  $this->lastCurlErrorNo = curl_errno($curl);
@@ -97,7 +96,6 @@ class wfAPI {
97
 
98
  }
99
  private function fileGet($url, $postParams){
100
- $body = "";
101
  if(is_array($postParams)){
102
  $bodyArr = array();
103
  foreach($postParams as $key => $val){
7
  private $curlContent = 0;
8
  private $APIKey = '';
9
  private $wordpressVersion = '';
 
10
  public function __construct($apiKey, $wordpressVersion){
11
  $this->APIKey = $apiKey;
12
  $this->wordpressVersion = $wordpressVersion;
68
  curl_setopt($curl, CURLOPT_POST, true);
69
  curl_setopt($curl, CURLOPT_POSTFIELDS, $postParams);
70
  wordfence::status(4, 'info', "CURL fetching URL: " . $url);
71
+ curl_exec($curl);
72
 
73
  $httpStatus = curl_getinfo($curl, CURLINFO_HTTP_CODE);
74
  $this->lastCurlErrorNo = curl_errno($curl);
96
 
97
  }
98
  private function fileGet($url, $postParams){
 
99
  if(is_array($postParams)){
100
  $bodyArr = array();
101
  foreach($postParams as $key => $val){
lib/wfCache.php CHANGED
@@ -383,7 +383,7 @@ class wfCache {
383
  if(strpos($dir, 'wfcache/') === false){
384
  self::$lastRecursiveDeleteError = "Not deleting directory $dir because it appears to be in the wrong path.";
385
  self::$cacheStats['totalErrors']++;
386
- return; //Safety check that we're in a subdir of the cache
387
  }
388
  if(@rmdir($dir)){
389
  self::$cacheStats['dirsDeleted']++;
@@ -396,7 +396,6 @@ class wfCache {
396
  } else {
397
  return true;
398
  }
399
- return true;
400
  }
401
  public static function addHtaccessCode($action){
402
  if($action != 'add' && $action != 'remove'){
383
  if(strpos($dir, 'wfcache/') === false){
384
  self::$lastRecursiveDeleteError = "Not deleting directory $dir because it appears to be in the wrong path.";
385
  self::$cacheStats['totalErrors']++;
386
+ return false; //Safety check that we're in a subdir of the cache
387
  }
388
  if(@rmdir($dir)){
389
  self::$cacheStats['dirsDeleted']++;
396
  } else {
397
  return true;
398
  }
 
399
  }
400
  public static function addHtaccessCode($action){
401
  if($action != 'add' && $action != 'remove'){
lib/wfConfig.php CHANGED
@@ -53,6 +53,7 @@ class wfConfig {
53
  "loginSec_disableAuthorScan" => false,
54
  "other_hideWPVersion" => false,
55
  "other_noAnonMemberComments" => false,
 
56
  "other_scanComments" => false,
57
  "other_pwStrengthOnUpdate" => false,
58
  "other_WFNet" => true,
@@ -134,6 +135,7 @@ class wfConfig {
134
  "loginSec_disableAuthorScan" => true,
135
  "other_hideWPVersion" => true,
136
  "other_noAnonMemberComments" => true,
 
137
  "other_scanComments" => true,
138
  "other_pwStrengthOnUpdate" => true,
139
  "other_WFNet" => true,
@@ -215,6 +217,7 @@ class wfConfig {
215
  "loginSec_disableAuthorScan" => true,
216
  "other_hideWPVersion" => true,
217
  "other_noAnonMemberComments" => true,
 
218
  "other_scanComments" => true,
219
  "other_pwStrengthOnUpdate" => true,
220
  "other_WFNet" => true,
@@ -297,6 +300,7 @@ class wfConfig {
297
  "loginSec_disableAuthorScan" => true,
298
  "other_hideWPVersion" => true,
299
  "other_noAnonMemberComments" => true,
 
300
  "other_scanComments" => true,
301
  "other_pwStrengthOnUpdate" => true,
302
  "other_WFNet" => true,
@@ -378,6 +382,7 @@ class wfConfig {
378
  "loginSec_disableAuthorScan" => true,
379
  "other_hideWPVersion" => true,
380
  "other_noAnonMemberComments" => true,
 
381
  "other_scanComments" => true,
382
  "other_pwStrengthOnUpdate" => true,
383
  "other_WFNet" => true,
@@ -586,7 +591,6 @@ class wfConfig {
586
  $dir = self::getTempDir();
587
  if($dir){
588
  $obj = false;
589
- $foundFiles = false;
590
  $fullFile = $dir . $filename;
591
  if(file_exists($fullFile)){
592
  wordfence::status(4, 'info', "Loading serialized data from file $fullFile");
@@ -613,14 +617,12 @@ class wfConfig {
613
  //We serialize some very big values so this is memory efficient. We don't make any copies of $val and don't use ON DUPLICATE KEY UPDATE
614
  // because we would have to concatenate $val twice into the query which could also exceed max packet for the mysql server
615
  $serialized = serialize($val);
616
- $val = '';
617
  $tempFilename = 'wordfence_tmpfile_' . $key . '.php';
618
  if((strlen($serialized) * 1.1) > self::getDB()->getMaxAllowedPacketBytes()){ //If it's greater than max_allowed_packet + 10% for escaping and SQL
619
  if($canUseDisk){
620
  $dir = self::getTempDir();
621
  $potentialDirs = self::getPotentialTempDirs();
622
  if($dir){
623
- $fh = false;
624
  $fullFile = $dir . $tempFilename;
625
  self::deleteOldTempFile($fullFile);
626
  $fh = fopen($fullFile, 'w');
@@ -710,7 +712,6 @@ class wfConfig {
710
  if(self::get($key) == $val){ echo ' selected '; }
711
  }
712
  public static function getArray(){
713
- $ret = array();
714
  $q = self::getDB()->querySelect("select name, val from " . self::table());
715
  foreach($q as $row){
716
  self::$cache[$row['name']] = $row['val'];
53
  "loginSec_disableAuthorScan" => false,
54
  "other_hideWPVersion" => false,
55
  "other_noAnonMemberComments" => false,
56
+ "other_blockBadPOST" => false,
57
  "other_scanComments" => false,
58
  "other_pwStrengthOnUpdate" => false,
59
  "other_WFNet" => true,
135
  "loginSec_disableAuthorScan" => true,
136
  "other_hideWPVersion" => true,
137
  "other_noAnonMemberComments" => true,
138
+ "other_blockBadPOST" => false,
139
  "other_scanComments" => true,
140
  "other_pwStrengthOnUpdate" => true,
141
  "other_WFNet" => true,
217
  "loginSec_disableAuthorScan" => true,
218
  "other_hideWPVersion" => true,
219
  "other_noAnonMemberComments" => true,
220
+ "other_blockBadPOST" => false,
221
  "other_scanComments" => true,
222
  "other_pwStrengthOnUpdate" => true,
223
  "other_WFNet" => true,
300
  "loginSec_disableAuthorScan" => true,
301
  "other_hideWPVersion" => true,
302
  "other_noAnonMemberComments" => true,
303
+ "other_blockBadPOST" => false,
304
  "other_scanComments" => true,
305
  "other_pwStrengthOnUpdate" => true,
306
  "other_WFNet" => true,
382
  "loginSec_disableAuthorScan" => true,
383
  "other_hideWPVersion" => true,
384
  "other_noAnonMemberComments" => true,
385
+ "other_blockBadPOST" => false,
386
  "other_scanComments" => true,
387
  "other_pwStrengthOnUpdate" => true,
388
  "other_WFNet" => true,
591
  $dir = self::getTempDir();
592
  if($dir){
593
  $obj = false;
 
594
  $fullFile = $dir . $filename;
595
  if(file_exists($fullFile)){
596
  wordfence::status(4, 'info', "Loading serialized data from file $fullFile");
617
  //We serialize some very big values so this is memory efficient. We don't make any copies of $val and don't use ON DUPLICATE KEY UPDATE
618
  // because we would have to concatenate $val twice into the query which could also exceed max packet for the mysql server
619
  $serialized = serialize($val);
 
620
  $tempFilename = 'wordfence_tmpfile_' . $key . '.php';
621
  if((strlen($serialized) * 1.1) > self::getDB()->getMaxAllowedPacketBytes()){ //If it's greater than max_allowed_packet + 10% for escaping and SQL
622
  if($canUseDisk){
623
  $dir = self::getTempDir();
624
  $potentialDirs = self::getPotentialTempDirs();
625
  if($dir){
 
626
  $fullFile = $dir . $tempFilename;
627
  self::deleteOldTempFile($fullFile);
628
  $fh = fopen($fullFile, 'w');
712
  if(self::get($key) == $val){ echo ' selected '; }
713
  }
714
  public static function getArray(){
 
715
  $q = self::getDB()->querySelect("select name, val from " . self::table());
716
  foreach($q as $row){
717
  self::$cache[$row['name']] = $row['val'];
lib/wfCrawl.php CHANGED
@@ -21,7 +21,6 @@ class wfCrawl {
21
  return false;
22
  }
23
  }
24
- $wfLog = new wfLog(wfConfig::get('apiKey'), wfUtils::getWPVersion());
25
  $host = wfUtils::reverseLookup($IP);
26
  if(! $host){
27
  $db->queryWrite("insert into $table (IP, patternSig, status, lastUpdate, PTR) values (%s, UNHEX(MD5('%s')), '%s', unix_timestamp(), '%s') ON DUPLICATE KEY UPDATE status='%s', lastUpdate=unix_timestamp(), PTR='%s'", $IPn, $hostPattern, 'noPTR', '', 'noPTR', '');
21
  return false;
22
  }
23
  }
 
24
  $host = wfUtils::reverseLookup($IP);
25
  if(! $host){
26
  $db->queryWrite("insert into $table (IP, patternSig, status, lastUpdate, PTR) values (%s, UNHEX(MD5('%s')), '%s', unix_timestamp(), '%s') ON DUPLICATE KEY UPDATE status='%s', lastUpdate=unix_timestamp(), PTR='%s'", $IPn, $hostPattern, 'noPTR', '', 'noPTR', '');
lib/wfDB.php CHANGED
@@ -1,11 +1,5 @@
1
  <?php
2
  class wfDB {
3
- private $dbh = false;
4
- private static $dbhCache = array();
5
- private $dbhost = false;
6
- private $dbpassword = false;
7
- private $dbname = false;
8
- private $dbuser = false;
9
  public $errorMsg = false;
10
  public function __construct(){
11
  }
1
  <?php
2
  class wfDB {
 
 
 
 
 
 
3
  public $errorMsg = false;
4
  public function __construct(){
5
  }
lib/wfIssues.php CHANGED
@@ -161,7 +161,6 @@ class wfIssues {
161
  $this->getDB()->queryWrite("delete from " . $this->issuesTable . " where id=%d", $id);
162
  }
163
  public function updateIssue($id, $status){ //ignoreC, ignoreP, delete or new
164
- $currentStatus = $this->getDB()->querySingle("select status from " . $this->issuesTable . " where id=%d", $id);
165
  if($status == 'delete'){
166
  $this->getDB()->queryWrite("delete from " . $this->issuesTable . " where id=%d", $id);
167
  } else if($status == 'ignoreC' || $status == 'ignoreP' || $status == 'new'){
@@ -174,7 +173,6 @@ class wfIssues {
174
  return $rec;
175
  }
176
  public function getIssues(){
177
- $issues = wfConfig::get('wf_issues', array());
178
  $ret = array(
179
  'new' => array(),
180
  'ignored' => array()
161
  $this->getDB()->queryWrite("delete from " . $this->issuesTable . " where id=%d", $id);
162
  }
163
  public function updateIssue($id, $status){ //ignoreC, ignoreP, delete or new
 
164
  if($status == 'delete'){
165
  $this->getDB()->queryWrite("delete from " . $this->issuesTable . " where id=%d", $id);
166
  } else if($status == 'ignoreC' || $status == 'ignoreP' || $status == 'new'){
173
  return $rec;
174
  }
175
  public function getIssues(){
 
176
  $ret = array(
177
  'new' => array(),
178
  'ignored' => array()
lib/wfLog.php CHANGED
@@ -70,12 +70,6 @@ class wfLog {
70
  $id = get_current_user_id();
71
  return $id ? $id : 0;
72
  }
73
- private function getPagename(){
74
- global $wp_query;
75
- $post = $wp_query->get_queried_object();
76
- $pagename = $post->post_name;
77
- return $pagename;
78
- }
79
  public function logLeechAndBlock($type){ //404 or hit
80
  if(wfConfig::get('firewallEnabled')){
81
  //Moved the following block into the "is fw enabled section" for optimization.
@@ -140,6 +134,11 @@ class wfLog {
140
  }
141
  }
142
  }
 
 
 
 
 
143
  if(isset($_SERVER['HTTP_USER_AGENT']) && wfCrawl::isCrawler($_SERVER['HTTP_USER_AGENT'])){
144
  if($type == 'hit' && wfConfig::get('maxRequestsCrawlers') != 'DISABLED' && $hitsPerMinute > wfConfig::get('maxRequestsCrawlers')){
145
  $this->takeBlockingAction('maxRequestsCrawlers', "Exceeded the maximum number of requests per minute for crawlers."); //may not exit
@@ -240,12 +239,8 @@ class wfLog {
240
  }
241
  $blockDat = explode('|', $elem['blockString']);
242
  $elem['ipPattern'] = "";
243
- $haveIPBlock = false;
244
- $haveBrowserBlock = false;
245
- $haveRefererBlock = false;
246
  $numBlockElements = 0;
247
  if($blockDat[0]){
248
- $haveIPBlock = true;
249
  $numBlockElements++;
250
  $ipDat = explode('-', $blockDat[0]);
251
  $elem['ipPattern'] = "Block visitors with IP addresses in the range: " . wfUtils::inet_ntoa($ipDat[0]) . ' - ' . wfUtils::inet_ntoa($ipDat[1]);
@@ -253,14 +248,12 @@ class wfLog {
253
  $elem['ipPattern'] = 'Allow all IP addresses';
254
  }
255
  if($blockDat[1]){
256
- $haveBrowserBlock = true;
257
  $numBlockElements++;
258
  $elem['browserPattern'] = "Block visitors whos browsers match the pattern: " . $blockDat[1];
259
  } else {
260
  $elem['browserPattern'] = 'Allow all browsers';
261
  }
262
  if($blockDat[2]){
263
- $haveRefererBlock = true;
264
  $numBlockElements++;
265
  $elem['refererPattern'] = "Block visitors from websites that match the pattern: " . $blockDat[2];
266
  } else {
@@ -904,7 +897,6 @@ class wfLog {
904
  }
905
  }
906
  $results = $this->getDB()->querySelect("select ctime, level, type, msg from " . $this->statusTable . " where ctime > %f order by ctime asc", $lastCtime);
907
- $lastTime = false;
908
  $timeOffset = 3600 * get_option('gmt_offset');
909
  foreach($results as &$rec){
910
  //$rec['timeAgo'] = wfUtils::makeTimeAgo(time() - $rec['ctime']);
@@ -915,7 +907,6 @@ class wfLog {
915
  }
916
  public function getSummaryEvents(){
917
  $results = $this->getDB()->querySelect("select ctime, level, type, msg from " . $this->statusTable . " where level = 10 order by ctime desc limit 100");
918
- $lastTime = false;
919
  $timeOffset = 3600 * get_option('gmt_offset');
920
  foreach($results as &$rec){
921
  $rec['date'] = date('M d H:i:s', $rec['ctime'] + $timeOffset);
70
  $id = get_current_user_id();
71
  return $id ? $id : 0;
72
  }
 
 
 
 
 
 
73
  public function logLeechAndBlock($type){ //404 or hit
74
  if(wfConfig::get('firewallEnabled')){
75
  //Moved the following block into the "is fw enabled section" for optimization.
134
  }
135
  }
136
  }
137
+ if(wfConfig::get('other_blockBadPOST') == '1' && $_SERVER['REQUEST_METHOD'] == 'POST' && empty($_SERVER['HTTP_USER_AGENT']) && empty($_SERVER['HTTP_REFERER'])){
138
+ $this->blockIP($IP, "POST received with blank user-agent and referer");
139
+ $this->do503(3600, "POST received with blank user-agent and referer");
140
+ //exits
141
+ }
142
  if(isset($_SERVER['HTTP_USER_AGENT']) && wfCrawl::isCrawler($_SERVER['HTTP_USER_AGENT'])){
143
  if($type == 'hit' && wfConfig::get('maxRequestsCrawlers') != 'DISABLED' && $hitsPerMinute > wfConfig::get('maxRequestsCrawlers')){
144
  $this->takeBlockingAction('maxRequestsCrawlers', "Exceeded the maximum number of requests per minute for crawlers."); //may not exit
239
  }
240
  $blockDat = explode('|', $elem['blockString']);
241
  $elem['ipPattern'] = "";
 
 
 
242
  $numBlockElements = 0;
243
  if($blockDat[0]){
 
244
  $numBlockElements++;
245
  $ipDat = explode('-', $blockDat[0]);
246
  $elem['ipPattern'] = "Block visitors with IP addresses in the range: " . wfUtils::inet_ntoa($ipDat[0]) . ' - ' . wfUtils::inet_ntoa($ipDat[1]);
248
  $elem['ipPattern'] = 'Allow all IP addresses';
249
  }
250
  if($blockDat[1]){
 
251
  $numBlockElements++;
252
  $elem['browserPattern'] = "Block visitors whos browsers match the pattern: " . $blockDat[1];
253
  } else {
254
  $elem['browserPattern'] = 'Allow all browsers';
255
  }
256
  if($blockDat[2]){
 
257
  $numBlockElements++;
258
  $elem['refererPattern'] = "Block visitors from websites that match the pattern: " . $blockDat[2];
259
  } else {
897
  }
898
  }
899
  $results = $this->getDB()->querySelect("select ctime, level, type, msg from " . $this->statusTable . " where ctime > %f order by ctime asc", $lastCtime);
 
900
  $timeOffset = 3600 * get_option('gmt_offset');
901
  foreach($results as &$rec){
902
  //$rec['timeAgo'] = wfUtils::makeTimeAgo(time() - $rec['ctime']);
907
  }
908
  public function getSummaryEvents(){
909
  $results = $this->getDB()->querySelect("select ctime, level, type, msg from " . $this->statusTable . " where level = 10 order by ctime desc limit 100");
 
910
  $timeOffset = 3600 * get_option('gmt_offset');
911
  foreach($results as &$rec){
912
  $rec['date'] = date('M d H:i:s', $rec['ctime'] + $timeOffset);
lib/wfScan.php CHANGED
@@ -66,7 +66,6 @@ class wfScan {
66
  @error_reporting(E_ALL);
67
  wfUtils::iniSet('display_errors','On');
68
  self::status(4, 'info', "Setting up scanRunning and starting scan");
69
- $scan = false;
70
  if($isFork){
71
  $scan = wfConfig::get_ser('wfsd_engine', false, true);
72
  if($scan){
@@ -129,7 +128,6 @@ class wfScan {
129
  public static function becomeAdmin(){
130
  $db = new wfDB();
131
  global $wpdb;
132
- $adminUserID = false;
133
  $userSource = '';
134
  if(is_multisite()){
135
  $users = get_users('role=super&fields=ID');
66
  @error_reporting(E_ALL);
67
  wfUtils::iniSet('display_errors','On');
68
  self::status(4, 'info', "Setting up scanRunning and starting scan");
 
69
  if($isFork){
70
  $scan = wfConfig::get_ser('wfsd_engine', false, true);
71
  if($scan){
128
  public static function becomeAdmin(){
129
  $db = new wfDB();
130
  global $wpdb;
 
131
  $userSource = '';
132
  if(is_multisite()){
133
  $users = get_users('role=super&fields=ID');
lib/wfScanEngine.php CHANGED
@@ -7,19 +7,17 @@ require_once('wfIssues.php');
7
  require_once('wfDB.php');
8
  require_once('wfUtils.php');
9
  class wfScanEngine {
10
- private static $cronTestFailedURLs = array();
11
  public $api = false;
12
  private $dictWords = array();
13
  private $forkRequested = false;
14
 
15
  //Beginning of serialized properties on sleep
16
  private $hasher = false;
17
- private $hashes = false;
18
  private $jobList = array();
19
  private $i = false;
 
20
  private $apiKey = false;
21
  private $startTime = 0;
22
- private $scanStep = 0;
23
  public $maxExecTime = false; //If more than $maxExecTime has elapsed since last check, fork a new scan process and continue
24
  private $publicScanEnabled = false;
25
  private $fileContentsResults = false;
@@ -36,7 +34,7 @@ class wfScanEngine {
36
  private $userPasswdQueue = "";
37
  private $passwdHasIssues = false;
38
  public function __sleep(){ //Same order here as above for properties that are included in serialization
39
- return array('hasher', 'hashes', 'jobList', 'i', 'wp_version', 'apiKey', 'startTime', 'scanStep', 'maxExecTime', 'publicScanEnabled', 'fileContentsResults', 'scanner', 'scanQueue', 'hoover', 'scanData', 'statusIDX', 'userPasswdQueue', 'passwdHasIssues');
40
  }
41
  public function __construct(){
42
  $this->startTime = time();
@@ -274,13 +272,13 @@ class wfScanEngine {
274
  $this->status(2, 'info', "Getting theme list from WordPress");
275
  $themeData = get_themes();
276
  $knownFilesThemes = array();
277
- foreach($themeData as $themeName => $themeData){
278
- if(preg_match('/\/([^\/]+)$/', $themeData['Stylesheet Dir'], $matches)){
279
  $shortDir = $matches[1]; //e.g. evo4cms
280
- $fullDir = substr($themeData['Stylesheet Dir'], strlen(ABSPATH)); //e.g. wp-content/themes/evo4cms
281
  $knownFilesThemes[$themeName] = array(
282
- 'Name' => $themeData['Name'],
283
- 'Version' => $themeData['Version'],
284
  'ShortDir' => $shortDir,
285
  'FullDir' => $fullDir
286
  );
@@ -539,7 +537,7 @@ class wfScanEngine {
539
  if($email){
540
  $cDesc .= "Email: $email ";
541
  }
542
- $cDesc = "Source IP: $IP ";
543
  $this->status(2, 'info', "Scanning comment with $cDesc");
544
 
545
  $h = new wordfenceURLHoover($this->apiKey, $this->wp_version);
@@ -625,7 +623,6 @@ class wfScanEngine {
625
  private function scan_passwds_main(){
626
  global $wpdb;
627
  $wfdb = new wfDB();
628
- $haveIssues = false;
629
  while(strlen($this->userPasswdQueue) > 3){
630
  $usersLeft = strlen($this->userPasswdQueue) / 4; //4 byte ints
631
  if($usersLeft % 100 == 0){
@@ -654,9 +651,6 @@ class wfScanEngine {
654
  $passwdHasher = new PasswordHash(8, TRUE);
655
  $userDat = get_userdata($userID);
656
  $this->status(4, 'info', "Checking password strength of user '" . $userDat->user_login . "'");
657
- $shortMsg = "";
658
- $longMsg = "";
659
- $level = 1;
660
  $highCap = $this->highestCap($userDat->wp_capabilities);
661
  if($this->isEditor($userDat->wp_capabilities)){
662
  $shortMsg = "User \"" . $userDat->user_login . "\" with \"" . $highCap . "\" access has an easy password.";
@@ -727,7 +721,6 @@ class wfScanEngine {
727
  return;
728
  }
729
  $this->status(2, 'info', "Total disk space: " . sprintf('%.4f', ($total / 1024 / 1024 / 1024)) . "GB -- Free disk space: " . sprintf('%.4f', ($free / 1024 / 1024 / 1024)) . "GB");
730
- $level = false;
731
  $freeMegs = sprintf('%.2f', $free / 1024 / 1024);
732
  $this->status(2, 'info', "The disk has $freeMegs MB space available");
733
  if($freeMegs < 5){
@@ -930,7 +923,6 @@ class wfScanEngine {
930
  public static function checkForKill(){
931
  $kill = wfConfig::get('wfKillRequested', 0);
932
  if($kill && time() - $kill < 600){ //Kill lasts for 10 minutes
933
- $wfdb = new wfDB();
934
  wordfence::status(10, 'info', "SUM_KILLED:Previous scan was killed successfully.");
935
  throw new Exception("Scan was killed on administrator request.");
936
  }
@@ -946,7 +938,6 @@ class wfScanEngine {
946
  }
947
  $timeout = self::getMaxExecutionTime() - 2; //2 seconds shorter than max execution time which ensures that only 2 HTTP processes are ever occupied
948
  $testURL = admin_url('admin-ajax.php?action=wordfence_testAjax');
949
- $testResults = false;
950
  if(! wfConfig::get('startScansRemotely', false)){
951
  $testResult = wp_remote_post($testURL, array(
952
  'timeout' => $timeout,
@@ -964,7 +955,7 @@ class wfScanEngine {
964
  $cronURL = admin_url($cronURL);
965
  $headers = array();
966
  wordfence::status(4, 'info', "Starting cron with normal ajax at URL $cronURL");
967
- $result = wp_remote_get( $cronURL, array(
968
  'timeout' => $timeout, //Must be less than max execution time or more than 2 HTTP children will be occupied by scan
969
  'blocking' => true, //Non-blocking seems to block anyway, so we use blocking
970
  'sslverify' => false,
@@ -978,7 +969,7 @@ class wfScanEngine {
978
  $headers = array();
979
  wordfence::status(4, 'info', "Starting cron via proxy at URL $cronURL");
980
 
981
- $result = wp_remote_get( $cronURL, array(
982
  'timeout' => $timeout, //Must be less than max execution time or more than 2 HTTP children will be occupied by scan
983
  'blocking' => true, //Non-blocking seems to block anyway, so we use blocking
984
  'sslverify' => false,
7
  require_once('wfDB.php');
8
  require_once('wfUtils.php');
9
  class wfScanEngine {
 
10
  public $api = false;
11
  private $dictWords = array();
12
  private $forkRequested = false;
13
 
14
  //Beginning of serialized properties on sleep
15
  private $hasher = false;
 
16
  private $jobList = array();
17
  private $i = false;
18
+ private $wp_version = false;
19
  private $apiKey = false;
20
  private $startTime = 0;
 
21
  public $maxExecTime = false; //If more than $maxExecTime has elapsed since last check, fork a new scan process and continue
22
  private $publicScanEnabled = false;
23
  private $fileContentsResults = false;
34
  private $userPasswdQueue = "";
35
  private $passwdHasIssues = false;
36
  public function __sleep(){ //Same order here as above for properties that are included in serialization
37
+ return array('hasher', 'jobList', 'i', 'wp_version', 'apiKey', 'startTime', 'maxExecTime', 'publicScanEnabled', 'fileContentsResults', 'scanner', 'scanQueue', 'hoover', 'scanData', 'statusIDX', 'userPasswdQueue', 'passwdHasIssues');
38
  }
39
  public function __construct(){
40
  $this->startTime = time();
272
  $this->status(2, 'info', "Getting theme list from WordPress");
273
  $themeData = get_themes();
274
  $knownFilesThemes = array();
275
+ foreach($themeData as $themeName => $themeVal){
276
+ if(preg_match('/\/([^\/]+)$/', $themeVal['Stylesheet Dir'], $matches)){
277
  $shortDir = $matches[1]; //e.g. evo4cms
278
+ $fullDir = substr($themeVal['Stylesheet Dir'], strlen(ABSPATH)); //e.g. wp-content/themes/evo4cms
279
  $knownFilesThemes[$themeName] = array(
280
+ 'Name' => $themeVal['Name'],
281
+ 'Version' => $themeVal['Version'],
282
  'ShortDir' => $shortDir,
283
  'FullDir' => $fullDir
284
  );
537
  if($email){
538
  $cDesc .= "Email: $email ";
539
  }
540
+ $cDesc .= "Source IP: $IP ";
541
  $this->status(2, 'info', "Scanning comment with $cDesc");
542
 
543
  $h = new wordfenceURLHoover($this->apiKey, $this->wp_version);
623
  private function scan_passwds_main(){
624
  global $wpdb;
625
  $wfdb = new wfDB();
 
626
  while(strlen($this->userPasswdQueue) > 3){
627
  $usersLeft = strlen($this->userPasswdQueue) / 4; //4 byte ints
628
  if($usersLeft % 100 == 0){
651
  $passwdHasher = new PasswordHash(8, TRUE);
652
  $userDat = get_userdata($userID);
653
  $this->status(4, 'info', "Checking password strength of user '" . $userDat->user_login . "'");
 
 
 
654
  $highCap = $this->highestCap($userDat->wp_capabilities);
655
  if($this->isEditor($userDat->wp_capabilities)){
656
  $shortMsg = "User \"" . $userDat->user_login . "\" with \"" . $highCap . "\" access has an easy password.";
721
  return;
722
  }
723
  $this->status(2, 'info', "Total disk space: " . sprintf('%.4f', ($total / 1024 / 1024 / 1024)) . "GB -- Free disk space: " . sprintf('%.4f', ($free / 1024 / 1024 / 1024)) . "GB");
 
724
  $freeMegs = sprintf('%.2f', $free / 1024 / 1024);
725
  $this->status(2, 'info', "The disk has $freeMegs MB space available");
726
  if($freeMegs < 5){
923
  public static function checkForKill(){
924
  $kill = wfConfig::get('wfKillRequested', 0);
925
  if($kill && time() - $kill < 600){ //Kill lasts for 10 minutes
 
926
  wordfence::status(10, 'info', "SUM_KILLED:Previous scan was killed successfully.");
927
  throw new Exception("Scan was killed on administrator request.");
928
  }
938
  }
939
  $timeout = self::getMaxExecutionTime() - 2; //2 seconds shorter than max execution time which ensures that only 2 HTTP processes are ever occupied
940
  $testURL = admin_url('admin-ajax.php?action=wordfence_testAjax');
 
941
  if(! wfConfig::get('startScansRemotely', false)){
942
  $testResult = wp_remote_post($testURL, array(
943
  'timeout' => $timeout,
955
  $cronURL = admin_url($cronURL);
956
  $headers = array();
957
  wordfence::status(4, 'info', "Starting cron with normal ajax at URL $cronURL");
958
+ wp_remote_get( $cronURL, array(
959
  'timeout' => $timeout, //Must be less than max execution time or more than 2 HTTP children will be occupied by scan
960
  'blocking' => true, //Non-blocking seems to block anyway, so we use blocking
961
  'sslverify' => false,
969
  $headers = array();
970
  wordfence::status(4, 'info', "Starting cron via proxy at URL $cronURL");
971
 
972
+ wp_remote_get( $cronURL, array(
973
  'timeout' => $timeout, //Must be less than max execution time or more than 2 HTTP children will be occupied by scan
974
  'blocking' => true, //Non-blocking seems to block anyway, so we use blocking
975
  'sslverify' => false,
lib/wfUtils.php CHANGED
@@ -43,7 +43,6 @@ class wfUtils {
43
  $minutes -= $hours * 60;
44
  return self::pluralize($hours, 'hour', $minutes, 'min');
45
  } else if($minutes) {
46
- $secs -= $minutes * 60;
47
  return self::pluralize($minutes, 'min');
48
  } else {
49
  if($noSeconds){
@@ -106,9 +105,6 @@ class wfUtils {
106
  return WP_CONTENT_DIR . '/plugins/';
107
  //return ABSPATH . 'wp-content/plugins/';
108
  }
109
- public static function defaultGetIP(){
110
- return $IP;
111
- }
112
  public static function makeRandomIP(){
113
  return rand(11,230) . '.' . rand(0,255) . '.' . rand(0,255) . '.' . rand(0,255);
114
  }
@@ -259,7 +255,6 @@ class wfUtils {
259
  public static function lcmem(){
260
  $trace=debug_backtrace();
261
  $caller=array_shift($trace);
262
- $c2 = array_shift($trace);
263
  $mem = memory_get_usage(true);
264
  error_log("$mem at " . $caller['file'] . " line " . $caller['line']);
265
  }
@@ -464,7 +459,9 @@ class wfUtils {
464
  $host = $db->querySingle("select host from " . $reverseTable . " where IP=%s and unix_timestamp() - lastUpdate < %d", $IPn, WORDFENCE_REVERSE_LOOKUP_CACHE_TIME);
465
  if(! $host){
466
  $ptr = implode(".", array_reverse(explode(".",$IP))) . ".in-addr.arpa";
467
- $host = @dns_get_record($ptr, DNS_PTR);
 
 
468
  if($host == null){
469
  $host = 'NONE';
470
  } else {
43
  $minutes -= $hours * 60;
44
  return self::pluralize($hours, 'hour', $minutes, 'min');
45
  } else if($minutes) {
 
46
  return self::pluralize($minutes, 'min');
47
  } else {
48
  if($noSeconds){
105
  return WP_CONTENT_DIR . '/plugins/';
106
  //return ABSPATH . 'wp-content/plugins/';
107
  }
 
 
 
108
  public static function makeRandomIP(){
109
  return rand(11,230) . '.' . rand(0,255) . '.' . rand(0,255) . '.' . rand(0,255);
110
  }
255
  public static function lcmem(){
256
  $trace=debug_backtrace();
257
  $caller=array_shift($trace);
 
258
  $mem = memory_get_usage(true);
259
  error_log("$mem at " . $caller['file'] . " line " . $caller['line']);
260
  }
459
  $host = $db->querySingle("select host from " . $reverseTable . " where IP=%s and unix_timestamp() - lastUpdate < %d", $IPn, WORDFENCE_REVERSE_LOOKUP_CACHE_TIME);
460
  if(! $host){
461
  $ptr = implode(".", array_reverse(explode(".",$IP))) . ".in-addr.arpa";
462
+ if (function_exists('dns_get_record')) {
463
+ $host = @dns_get_record($ptr, DNS_PTR);
464
+ }
465
  if($host == null){
466
  $host = 'NONE';
467
  } else {
lib/wfViewResult.php CHANGED
@@ -21,6 +21,6 @@
21
 
22
 
23
 
24
- <div class="diffFooter">&copy;&nbsp;2011 to 2015 Wordfence &mdash; Visit <a href="http://wordfence.com/">Wordfence.com</a> for help, security updates and more.</a>
25
  </body>
26
  </html>
21
 
22
 
23
 
24
+ <div class="diffFooter">&copy;&nbsp;2011 to 2015 Wordfence &mdash; Visit <a href="http://wordfence.com/">Wordfence.com</a> for help, security updates and more.</div>
25
  </body>
26
  </html>
lib/wordfenceClass.php CHANGED
@@ -25,7 +25,6 @@ class wordfence {
25
  public static $newVisit = false;
26
  private static $wfLog = false;
27
  private static $hitID = 0;
28
- private static $statusStartMsgs = array();
29
  private static $debugOn = null;
30
  private static $runInstallCalled = false;
31
  public static $commentSpamItems = array();
@@ -38,8 +37,8 @@ class wordfence {
38
  //Check if caching is enabled and if it is, disable it and fix the .htaccess file.
39
  $cacheType = wfConfig::get('cacheType', false);
40
  if($cacheType == 'falcon'){
41
- $err = wfCache::addHtaccessCode('remove');
42
- $err = wfCache::updateBlockedIPs('remove');
43
  wfConfig::set('cacheType', false);
44
 
45
  //We currently don't clear the cache when plugin is disabled because it will take too long if done synchronously and won't work because plugin is disabled if done asynchronously.
@@ -179,6 +178,11 @@ class wordfence {
179
  $wfdb->queryWrite("delete from $p"."wfBlocks where (blockedTime + %s < unix_timestamp()) and permanent=0", wfConfig::get('blockedTime'));
180
  $wfdb->queryWrite("delete from $p"."wfCrawlers where lastUpdate < unix_timestamp() - (86400 * 7)");
181
 
 
 
 
 
 
182
  $count = $wfdb->querySingle("select count(*) as cnt from $p"."wfHits");
183
  if($count > 20000){
184
  $wfdb->truncate($p . "wfHits"); //So we don't slow down sites that have very large wfHits tables
@@ -470,6 +474,7 @@ class wordfence {
470
  public static function ajax_doScan_callback(){
471
  ignore_user_abort(true);
472
  self::$wordfence_wp_version = false;
 
473
  require(ABSPATH . 'wp-includes/version.php');
474
  self::$wordfence_wp_version = $wp_version;
475
  require('wfScan.php');
@@ -479,7 +484,6 @@ class wordfence {
479
  public static function ajax_perfLog_callback(){
480
  $wfLog = self::getLog();
481
  $fields = array('fetchStart', 'domainLookupStart', 'domainLookupEnd', 'connectStart', 'connectEnd', 'requestStart', 'responseStart', 'responseEnd', 'domReady', 'loaded');
482
- $lastVal = false;
483
  foreach($fields as $f){
484
  if(preg_match('/^\d+$/', $_POST[$f])){
485
  $data[$f] = $_POST[$f];
@@ -543,7 +547,6 @@ class wordfence {
543
  }
544
  $returnArr['nonce'] = wp_create_nonce('wp-ajax');
545
  die(json_encode($returnArr));
546
- exit;
547
  }
548
  public static function publishFuturePost($id){
549
  if(wfConfig::get('clearCacheSched')){
@@ -647,7 +650,7 @@ class wordfence {
647
  return self::getLog()->isIPLockedOut($IP);
648
  }
649
  public static function veryFirstAction(){
650
- $wfFunc = @$_GET['_wfsf'];
651
  if($wfFunc == 'unlockEmail'){
652
  if(! wp_verify_nonce(@$_POST['nonce'], 'wf-form')){
653
  die("Sorry but your browser sent an invalid security token when trying to use this form.");
@@ -663,10 +666,9 @@ class wordfence {
663
  $email = trim($_POST['email']);
664
  global $wpdb;
665
  $ws = $wpdb->get_results("SELECT ID, user_login FROM $wpdb->users");
666
- $users = array();
667
  foreach($ws as $user){
668
  $userDat = get_userdata($user->ID);
669
- if($userDat->user_level > 7){
670
  if($email == $userDat->user_email){
671
  $found = true;
672
  break;
@@ -1317,6 +1319,10 @@ class wordfence {
1317
  wfConfig::set('tourClosed', 1);
1318
  return array('ok' => 1);
1319
  }
 
 
 
 
1320
  public static function postRowActions($actions, $post){
1321
  if(wfUtils::isAdmin()){
1322
  $actions = array_merge($actions, array(
@@ -1341,9 +1347,9 @@ class wordfence {
1341
  }
1342
  public static function disablePermalinksFilter($newVal, $oldVal){
1343
  if(wfConfig::get('cacheType', false) == 'falcon' && $oldVal && (! $newVal) ){ //Falcon is enabled and admin is disabling permalinks
1344
- $err = wfCache::addHtaccessCode('remove');
1345
  //if($err){ return $oldVal; } //We might want to not allow the user to disable permalinks if we can't disable falcon. Allowing it for now.
1346
- $err = wfCache::updateBlockedIPs('remove');
1347
  //if($err){ return $oldVal; } //We might want to not allow the user to disable permalinks if we can't disable falcon. Allowing it for now.
1348
  wfConfig::set('cacheType', false);
1349
  }
@@ -1783,7 +1789,7 @@ class wordfence {
1783
  }
1784
  } else {
1785
  $api = new wfAPI($opts['apiKey'], wfUtils::getWPVersion());
1786
- $res = $api->call('ping_api_key', array(), array());
1787
  }
1788
  return array('ok' => 1, 'reload' => $reload, 'paidKeyMsg' => $paidKeyMsg );
1789
  }
@@ -1961,7 +1967,6 @@ class wordfence {
1961
  $p = $wpdb->base_prefix;
1962
 
1963
  $serverTime = $wfdb->querySingle("select unix_timestamp()");
1964
- $issues = new wfIssues();
1965
  $jsonData = array(
1966
  'serverTime' => $serverTime,
1967
  'msg' => wp_kses_data( (string) $wfdb->querySingle("select msg from $p"."wfStatus where level < 3 order by ctime desc limit 1"))
@@ -2075,8 +2080,6 @@ class wordfence {
2075
  $issues->updateIssue($id, 'delete');
2076
  }
2077
  }
2078
- $headMsg = "";
2079
- $bodyMsg = "";
2080
  $verb = $op == 'del' ? 'Deleted' : 'Repaired';
2081
  $verb2 = $op == 'del' ? 'delete' : 'repair';
2082
  if($filesWorkedOn > 0 && sizeof($errors) > 0){
@@ -2250,7 +2253,7 @@ class wordfence {
2250
  //End logging
2251
 
2252
 
2253
- if(! ($wfFunc == 'diff' || $wfFunc == 'view' || $wfFunc == 'sysinfo' || $wfFunc == 'conntest' || $wfFunc == 'unknownFiles' || $wfFunc == 'IPTraf' || $wfFunc == 'viewActivityLog' || $wfFunc == 'testmem' || $wfFunc == 'testtime')){
2254
  return;
2255
  }
2256
  if(! wfUtils::isAdmin()){
@@ -2266,8 +2269,12 @@ class wordfence {
2266
  self::wfFunc_diff();
2267
  } else if($wfFunc == 'view'){
2268
  self::wfFunc_view();
2269
- } else if($wfFunc == 'sysinfo'){
2270
- require('sysinfo.php');
 
 
 
 
2271
  } else if($wfFunc == 'conntest'){
2272
  require('conntest.php');
2273
  } else if($wfFunc == 'unknownFiles'){
@@ -2422,7 +2429,6 @@ EOL;
2422
  echo "File contains illegal characters.";
2423
  exit();
2424
  }
2425
- $lang = false;
2426
  $cont = @file_get_contents($localFile);
2427
  $isEmpty = false;
2428
  if(! $cont){
@@ -2501,7 +2507,7 @@ EOL;
2501
  }
2502
  public static function admin_init(){
2503
  if(! wfUtils::isAdmin()){ return; }
2504
- foreach(array('activate', 'scan', 'updateAlertEmail', 'sendActivityLog', 'restoreFile', 'exportSettings', 'importSettings', 'bulkOperation', 'deleteFile', 'removeExclusion', 'activityLogUpdate', 'ticker', 'loadIssues', 'updateIssueStatus', 'deleteIssue', 'updateAllIssues', 'reverseLookup', 'unlockOutIP', 'loadBlockRanges', 'unblockRange', 'blockIPUARange', 'whois', 'unblockIP', 'blockIP', 'permBlockIP', 'loadStaticPanel', 'saveConfig', 'downloadHtaccess', 'checkFalconHtaccess', 'updateConfig', 'saveCacheConfig', 'removeFromCache', 'autoUpdateChoice', 'saveCacheOptions', 'clearPageCache', 'getCacheStats', 'clearAllBlocked', 'killScan', 'saveCountryBlocking', 'saveScanSchedule', 'tourClosed', 'startTourAgain', 'downgradeLicense', 'addTwoFactor', 'twoFacActivate', 'twoFacDel', 'loadTwoFactor', 'loadAvgSitePerf', 'sendTestEmail', 'addCacheExclusion', 'removeCacheExclusion', 'loadCacheExclusions') as $func){
2505
  add_action('wp_ajax_wordfence_' . $func, 'wordfence::ajaxReceiver');
2506
  }
2507
 
@@ -2543,6 +2549,7 @@ EOL;
2543
  'debugOn' => wfConfig::get('debugOn', 0),
2544
  'actUpdateInterval' => $updateInt,
2545
  'tourClosed' => wfConfig::get('tourClosed', 0),
 
2546
  'cacheType' => wfConfig::get('cacheType'),
2547
  'liveTrafficEnabled' => wfConfig::liveTrafficEnabled()
2548
  ));
@@ -2719,8 +2726,6 @@ EOL;
2719
  }
2720
  }
2721
  if(wfConfig::get('isPaid') && ($approved == 1 || $approved == 0) && wfConfig::get('advancedCommentScanning')){
2722
- $IPs = array();
2723
- $hosts = array();
2724
  self::$commentSpamItems = array();
2725
  preg_replace_callback('/(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})/', 'wordfence::pushCommentSpamIP', $cData['comment_content']);
2726
  $IPs = self::$commentSpamItems;
@@ -2823,7 +2828,7 @@ EOL;
2823
  wfConfig::set('lastEmailHash', time() . ':' . $hash);
2824
  wp_mail(implode(',', $emails), $subject, $content);
2825
  }
2826
- private static function getLog(){
2827
  if(! self::$wfLog){
2828
  $wfLog = new wfLog(wfConfig::get('apiKey'), wfUtils::getWPVersion());
2829
  self::$wfLog = $wfLog;
25
  public static $newVisit = false;
26
  private static $wfLog = false;
27
  private static $hitID = 0;
 
28
  private static $debugOn = null;
29
  private static $runInstallCalled = false;
30
  public static $commentSpamItems = array();
37
  //Check if caching is enabled and if it is, disable it and fix the .htaccess file.
38
  $cacheType = wfConfig::get('cacheType', false);
39
  if($cacheType == 'falcon'){
40
+ wfCache::addHtaccessCode('remove');
41
+ wfCache::updateBlockedIPs('remove');
42
  wfConfig::set('cacheType', false);
43
 
44
  //We currently don't clear the cache when plugin is disabled because it will take too long if done synchronously and won't work because plugin is disabled if done asynchronously.
178
  $wfdb->queryWrite("delete from $p"."wfBlocks where (blockedTime + %s < unix_timestamp()) and permanent=0", wfConfig::get('blockedTime'));
179
  $wfdb->queryWrite("delete from $p"."wfCrawlers where lastUpdate < unix_timestamp() - (86400 * 7)");
180
 
181
+ $wfdb->truncate($p . "wfVulnScanners"); //We only report data within the last hour in hourlyCron.
182
+ // So if we do a once a day truncate to be safe, we'll only potentially lose the hour right before the truncate.
183
+ // Worth it to clean out the table completely once a day.
184
+
185
+
186
  $count = $wfdb->querySingle("select count(*) as cnt from $p"."wfHits");
187
  if($count > 20000){
188
  $wfdb->truncate($p . "wfHits"); //So we don't slow down sites that have very large wfHits tables
474
  public static function ajax_doScan_callback(){
475
  ignore_user_abort(true);
476
  self::$wordfence_wp_version = false;
477
+ //This is messy, but not sure of a better way to do this without gauranteeing we get $wp_version
478
  require(ABSPATH . 'wp-includes/version.php');
479
  self::$wordfence_wp_version = $wp_version;
480
  require('wfScan.php');
484
  public static function ajax_perfLog_callback(){
485
  $wfLog = self::getLog();
486
  $fields = array('fetchStart', 'domainLookupStart', 'domainLookupEnd', 'connectStart', 'connectEnd', 'requestStart', 'responseStart', 'responseEnd', 'domReady', 'loaded');
 
487
  foreach($fields as $f){
488
  if(preg_match('/^\d+$/', $_POST[$f])){
489
  $data[$f] = $_POST[$f];
547
  }
548
  $returnArr['nonce'] = wp_create_nonce('wp-ajax');
549
  die(json_encode($returnArr));
 
550
  }
551
  public static function publishFuturePost($id){
552
  if(wfConfig::get('clearCacheSched')){
650
  return self::getLog()->isIPLockedOut($IP);
651
  }
652
  public static function veryFirstAction(){
653
+ $wfFunc = isset($_GET['_wfsf']) ? @$_GET['_wfsf'] : false;
654
  if($wfFunc == 'unlockEmail'){
655
  if(! wp_verify_nonce(@$_POST['nonce'], 'wf-form')){
656
  die("Sorry but your browser sent an invalid security token when trying to use this form.");
666
  $email = trim($_POST['email']);
667
  global $wpdb;
668
  $ws = $wpdb->get_results("SELECT ID, user_login FROM $wpdb->users");
 
669
  foreach($ws as $user){
670
  $userDat = get_userdata($user->ID);
671
+ if(wfUtils::isAdmin($userDat)){
672
  if($email == $userDat->user_email){
673
  $found = true;
674
  break;
1319
  wfConfig::set('tourClosed', 1);
1320
  return array('ok' => 1);
1321
  }
1322
+ public static function ajax_welcomeClosed_callback(){
1323
+ wfConfig::set('welcomeClosed', 1);
1324
+ return array('ok' => 1);
1325
+ }
1326
  public static function postRowActions($actions, $post){
1327
  if(wfUtils::isAdmin()){
1328
  $actions = array_merge($actions, array(
1347
  }
1348
  public static function disablePermalinksFilter($newVal, $oldVal){
1349
  if(wfConfig::get('cacheType', false) == 'falcon' && $oldVal && (! $newVal) ){ //Falcon is enabled and admin is disabling permalinks
1350
+ wfCache::addHtaccessCode('remove');
1351
  //if($err){ return $oldVal; } //We might want to not allow the user to disable permalinks if we can't disable falcon. Allowing it for now.
1352
+ wfCache::updateBlockedIPs('remove');
1353
  //if($err){ return $oldVal; } //We might want to not allow the user to disable permalinks if we can't disable falcon. Allowing it for now.
1354
  wfConfig::set('cacheType', false);
1355
  }
1789
  }
1790
  } else {
1791
  $api = new wfAPI($opts['apiKey'], wfUtils::getWPVersion());
1792
+ $api->call('ping_api_key', array(), array());
1793
  }
1794
  return array('ok' => 1, 'reload' => $reload, 'paidKeyMsg' => $paidKeyMsg );
1795
  }
1967
  $p = $wpdb->base_prefix;
1968
 
1969
  $serverTime = $wfdb->querySingle("select unix_timestamp()");
 
1970
  $jsonData = array(
1971
  'serverTime' => $serverTime,
1972
  'msg' => wp_kses_data( (string) $wfdb->querySingle("select msg from $p"."wfStatus where level < 3 order by ctime desc limit 1"))
2080
  $issues->updateIssue($id, 'delete');
2081
  }
2082
  }
 
 
2083
  $verb = $op == 'del' ? 'Deleted' : 'Repaired';
2084
  $verb2 = $op == 'del' ? 'delete' : 'repair';
2085
  if($filesWorkedOn > 0 && sizeof($errors) > 0){
2253
  //End logging
2254
 
2255
 
2256
+ if(! ($wfFunc == 'diff' || $wfFunc == 'view' || $wfFunc == 'sysinfo' || $wfFunc == 'cronview' || $wfFunc == 'dbview' || $wfFunc == 'conntest' || $wfFunc == 'unknownFiles' || $wfFunc == 'IPTraf' || $wfFunc == 'viewActivityLog' || $wfFunc == 'testmem' || $wfFunc == 'testtime')){
2257
  return;
2258
  }
2259
  if(! wfUtils::isAdmin()){
2269
  self::wfFunc_diff();
2270
  } else if($wfFunc == 'view'){
2271
  self::wfFunc_view();
2272
+ } else if($wfFunc == 'sysinfo') {
2273
+ require( 'sysinfo.php' );
2274
+ } else if($wfFunc == 'dbview'){
2275
+ require('dbview.php');
2276
+ } else if($wfFunc == 'cronview') {
2277
+ require('cronview.php');
2278
  } else if($wfFunc == 'conntest'){
2279
  require('conntest.php');
2280
  } else if($wfFunc == 'unknownFiles'){
2429
  echo "File contains illegal characters.";
2430
  exit();
2431
  }
 
2432
  $cont = @file_get_contents($localFile);
2433
  $isEmpty = false;
2434
  if(! $cont){
2507
  }
2508
  public static function admin_init(){
2509
  if(! wfUtils::isAdmin()){ return; }
2510
+ foreach(array('activate', 'scan', 'updateAlertEmail', 'sendActivityLog', 'restoreFile', 'exportSettings', 'importSettings', 'bulkOperation', 'deleteFile', 'removeExclusion', 'activityLogUpdate', 'ticker', 'loadIssues', 'updateIssueStatus', 'deleteIssue', 'updateAllIssues', 'reverseLookup', 'unlockOutIP', 'loadBlockRanges', 'unblockRange', 'blockIPUARange', 'whois', 'unblockIP', 'blockIP', 'permBlockIP', 'loadStaticPanel', 'saveConfig', 'downloadHtaccess', 'checkFalconHtaccess', 'updateConfig', 'saveCacheConfig', 'removeFromCache', 'autoUpdateChoice', 'saveCacheOptions', 'clearPageCache', 'getCacheStats', 'clearAllBlocked', 'killScan', 'saveCountryBlocking', 'saveScanSchedule', 'tourClosed', 'welcomeClosed', 'startTourAgain', 'downgradeLicense', 'addTwoFactor', 'twoFacActivate', 'twoFacDel', 'loadTwoFactor', 'loadAvgSitePerf', 'sendTestEmail', 'addCacheExclusion', 'removeCacheExclusion', 'loadCacheExclusions') as $func){
2511
  add_action('wp_ajax_wordfence_' . $func, 'wordfence::ajaxReceiver');
2512
  }
2513
 
2549
  'debugOn' => wfConfig::get('debugOn', 0),
2550
  'actUpdateInterval' => $updateInt,
2551
  'tourClosed' => wfConfig::get('tourClosed', 0),
2552
+ 'welcomeClosed' => wfConfig::get('welcomeClosed', 0),
2553
  'cacheType' => wfConfig::get('cacheType'),
2554
  'liveTrafficEnabled' => wfConfig::liveTrafficEnabled()
2555
  ));
2726
  }
2727
  }
2728
  if(wfConfig::get('isPaid') && ($approved == 1 || $approved == 0) && wfConfig::get('advancedCommentScanning')){
 
 
2729
  self::$commentSpamItems = array();
2730
  preg_replace_callback('/(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})/', 'wordfence::pushCommentSpamIP', $cData['comment_content']);
2731
  $IPs = self::$commentSpamItems;
2828
  wfConfig::set('lastEmailHash', time() . ':' . $hash);
2829
  wp_mail(implode(',', $emails), $subject, $content);
2830
  }
2831
+ public static function getLog(){
2832
  if(! self::$wfLog){
2833
  $wfLog = new wfLog(wfConfig::get('apiKey'), wfUtils::getWPVersion());
2834
  self::$wfLog = $wfLog;
lib/wordfenceHash.php CHANGED
@@ -88,7 +88,6 @@ class wordfenceHash {
88
  }
89
  if(! is_readable($path)){
90
  throw new Exception("Could not read directory " . $this->path . " to do scan.");
91
- exit();
92
  }
93
  $this->haveIssues = array(
94
  'core' => false,
88
  }
89
  if(! is_readable($path)){
90
  throw new Exception("Could not read directory " . $this->path . " to do scan.");
 
91
  }
92
  $this->haveIssues = array(
93
  'core' => false,
lib/wordfenceScanner.php CHANGED
@@ -236,7 +236,6 @@ class wordfenceScanner {
236
  }
237
  }
238
  fclose($fh);
239
- $mtime = sprintf("%.5f", microtime(true) - $stime);
240
  $this->totalFilesScanned++;
241
  if(microtime(true) - $this->lastStatusTime > 1){
242
  $this->lastStatusTime = microtime(true);
@@ -305,19 +304,6 @@ class wordfenceScanner {
305
  private function writeScanningStatus(){
306
  wordfence::status(2, 'info', "Scanned contents of " . $this->totalFilesScanned . " additional files at " . sprintf('%.2f', ($this->totalFilesScanned / (microtime(true) - $this->startTime))) . " per second");
307
  }
308
- public static function containsCode($arr){
309
- foreach($arr as $elem){
310
- if(preg_match($this->patterns['pat3'], $elem)){
311
- return true;
312
- }
313
- }
314
- return false;
315
- }
316
-
317
- private static function hostInURL($host, $url){
318
- $host = str_replace('.', '\\.', $host);
319
- return preg_match('/(?:^|^http:\/\/|^https:\/\/|^ftp:\/\/)' . $host . '(?:$|\/)/i', $url);
320
- }
321
  private function addResult($result){
322
  for($i = 0; $i < sizeof($this->results); $i++){
323
  if($this->results[$i]['type'] == 'file' && $this->results[$i]['data']['file'] == $result['data']['file']){
236
  }
237
  }
238
  fclose($fh);
 
239
  $this->totalFilesScanned++;
240
  if(microtime(true) - $this->lastStatusTime > 1){
241
  $this->lastStatusTime = microtime(true);
304
  private function writeScanningStatus(){
305
  wordfence::status(2, 'info', "Scanned contents of " . $this->totalFilesScanned . " additional files at " . sprintf('%.2f', ($this->totalFilesScanned / (microtime(true) - $this->startTime))) . " per second");
306
  }
 
 
 
 
 
 
 
 
 
 
 
 
 
307
  private function addResult($result){
308
  for($i = 0; $i < sizeof($this->results); $i++){
309
  if($this->results[$i]['type'] == 'file' && $this->results[$i]['data']['file'] == $result['data']['file']){
lib/wordfenceURLHoover.php CHANGED
@@ -150,8 +150,6 @@ class wordfenceURLHoover {
150
  }
151
  }
152
  public function getBaddies(){
153
- $allHostKeys = array();
154
- $stime = microtime(true);
155
  $allHostKeys = array();
156
  if($this->useDB){
157
  $q1 = $this->db->querySelect("select distinct hostKey as hostKey from $this->table");
150
  }
151
  }
152
  public function getBaddies(){
 
 
153
  $allHostKeys = array();
154
  if($this->useDB){
155
  $q1 = $this->db->querySelect("select distinct hostKey as hostKey from $this->table");
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: mmaunder
3
  Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching
4
  Requires at least: 3.3.1
5
  Tested up to: 4.1
6
- Stable tag: 5.3.5
7
 
8
  Wordfence Security is a free enterprise class security and performance plugin that makes your site up to 50 times faster and more secure.
9
 
@@ -165,12 +165,27 @@ cause a security hole on your site.
165
 
166
  == Changelog ==
167
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
168
  = 5.3.5 =
169
  * Update: Upgraded the geoIP country database to Jan 2015 version.
170
  * Improvement: Added an option to disable execution of PHP code in the uploads directory as an added level of protection. Under "Other Options" on the Wordfence options page.
171
  * Improvement: We now email you any malware URLs encountered and they won't be filtered by your spam filter because the URL is included in the alert email as an image.
172
  * Fix: Fixed an issue that would cause multiple scans to be scheduled if the plugin was disabled and then reenabled.
173
- * Fix: The name of malicious files detected are now included in the alert email sent containing your issues.
174
 
175
  = 5.3.4 =
176
  * Changed FAQ link when locked out and email unlock doesn't work to correct link.
3
  Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching
4
  Requires at least: 3.3.1
5
  Tested up to: 4.1
6
+ Stable tag: 5.3.6
7
 
8
  Wordfence Security is a free enterprise class security and performance plugin that makes your site up to 50 times faster and more secure.
9
 
165
 
166
  == Changelog ==
167
 
168
+ = 5.3.6 =
169
+ * Feature: You can now block POST requests to your WordPress site that have an empty User-Agent and Referer header. This is a common pattern among badly written brute force bots.
170
+ * Feature: Added cron viewer at bottom of Wordfence options page. The plugin we were using to help diagnose customer issues is broken. Use this instead.
171
+ * Feature: Added DB table viewer at bottom of Wordfence options page. This is a read-only utility to view table names and detailed status. Also for customer diagnostic purposes.
172
+ * Improvement: Code cleanup after in-depth code analysis. Removed unused functions and variables and re-indented selected code.
173
+ * Fix: Fixed issue that appeared after last release where raw HTML tags were appearing in email alerts.
174
+ * Fix: Tour behaved inconsistently under some conditions. Fixed.
175
+ * Fix: Mismatched HTML tags in some presentation code. Fixed.
176
+ * Fix: When fetching theme list the interator had the same name as the array. Fixed.
177
+ * Fix: Detection for malware URLs in comments had a partial description in the issue. Was being overwritten when it should have been appended. Fixed.
178
+ * Fix: Check if dns_get_record() exists before using it to avoid warnings.
179
+ * Fix: If you have the wordfence security network disabled, the _wfVulnScanners table may have grown indefinitely. Fixed so it's regularly truncated.
180
+ * Fix: wordfence::getLog() was private and should be public. Fixed.
181
+ * Fix: Removed warning about _wfsf not being an element of GET params. Usually hidden, but in case something checks error_get_last()
182
+
183
  = 5.3.5 =
184
  * Update: Upgraded the geoIP country database to Jan 2015 version.
185
  * Improvement: Added an option to disable execution of PHP code in the uploads directory as an added level of protection. Under "Other Options" on the Wordfence options page.
186
  * Improvement: We now email you any malware URLs encountered and they won't be filtered by your spam filter because the URL is included in the alert email as an image.
187
  * Fix: Fixed an issue that would cause multiple scans to be scheduled if the plugin was disabled and then reenabled.
188
+ * Fix: The name of malicious files detected are now included in the alert email sent containing the issues.
189
 
190
  = 5.3.4 =
191
  * Changed FAQ link when locked out and email unlock doesn't work to correct link.
wordfence.php CHANGED
@@ -4,13 +4,13 @@ Plugin Name: Wordfence Security
4
  Plugin URI: http://www.wordfence.com/
5
  Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
6
  Author: Wordfence
7
- Version: 5.3.5
8
  Author URI: http://www.wordfence.com/
9
  */
10
  if(defined('WP_INSTALLING') && WP_INSTALLING){
11
  return;
12
  }
13
- define('WORDFENCE_VERSION', '5.3.5');
14
  if(get_option('wordfenceActivated') != 1){
15
  add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
16
  }
@@ -25,4 +25,5 @@ if(! defined('WORDFENCE_VERSIONONLY_MODE')){ //Used to get version from file.
25
  wordfence::install_actions();
26
  }
27
 
 
28
  ?>
4
  Plugin URI: http://www.wordfence.com/
5
  Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
6
  Author: Wordfence
7
+ Version: 5.3.6
8
  Author URI: http://www.wordfence.com/
9
  */
10
  if(defined('WP_INSTALLING') && WP_INSTALLING){
11
  return;
12
  }
13
+ define('WORDFENCE_VERSION', '5.3.6');
14
  if(get_option('wordfenceActivated') != 1){
15
  add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
16
  }
25
  wordfence::install_actions();
26
  }
27
 
28
+
29
  ?>