Wordfence Security – Firewall & Malware Scan - Version 6.0.15

Version Description

  • Fix: Resolved issue with GoogleBot being erroneously flagged as human in Live Traffic.
  • Fix: Added better handling of human/bot detection.
  • Improvement: Verified humans are flagged via cookie to prevent false positives.
Download this release

Release Info

Developer wfmatt
Plugin Icon 128x128 Wordfence Security – Firewall & Malware Scan
Version 6.0.15
Comparing to
See all releases

Code changes from version 6.0.14 to 6.0.15

Files changed (4) hide show
  1. lib/wfLog.php +4 -2
  2. lib/wordfenceClass.php +35 -9
  3. readme.txt +6 -1
  4. wordfence.php +2 -2
lib/wfLog.php CHANGED
@@ -496,7 +496,8 @@ class wfLog {
496
$headers[$matches[1]] = $v;
497
}
498
}
499
- $this->getDB()->queryWrite("insert into " . $this->hitsTable . " (ctime, is404, isGoogle, IP, userID, newVisit, URL, referer, UA) values (%f, %d, %d, %s, %s, %d, '%s', '%s', '%s')",
500
sprintf('%.6f', microtime(true)),
501
(is_404() ? 1 : 0),
502
(wfCrawl::isGoogleCrawler() ? 1 : 0),
@@ -505,7 +506,8 @@ class wfLog {
505
(wordfence::$newVisit ? 1 : 0),
506
wfUtils::getRequestedURL(),
507
(isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''),
508
- (isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '')
509
);
510
return $this->getDB()->querySingle("select last_insert_id()");
511
}
496
$headers[$matches[1]] = $v;
497
}
498
}
499
+ $ua = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
500
+ $this->getDB()->queryWrite("insert into " . $this->hitsTable . " (ctime, is404, isGoogle, IP, userID, newVisit, URL, referer, UA, jsRun) values (%f, %d, %d, %s, %s, %d, '%s', '%s', '%s', %d)",
501
sprintf('%.6f', microtime(true)),
502
(is_404() ? 1 : 0),
503
(wfCrawl::isGoogleCrawler() ? 1 : 0),
506
(wordfence::$newVisit ? 1 : 0),
507
wfUtils::getRequestedURL(),
508
(isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : ''),
509
+ $ua,
510
+ (int) (isset($_COOKIE['wordfence_verifiedHuman']) && wp_verify_nonce($_COOKIE['wordfence_verifiedHuman'], 'wordfence_verifiedHuman' . $ua . wfUtils::getIP()))
511
);
512
return $this->getDB()->querySingle("select last_insert_id()");
513
}
lib/wordfenceClass.php CHANGED
@@ -603,7 +603,7 @@ class wordfence {
603
$isCrawler = false;
604
if($UA){
605
$b = $browscap->getBrowser($UA);
606
- if(!empty($b['Crawler'])){
607
$isCrawler = true;
608
}
609
}
@@ -614,6 +614,9 @@ class wordfence {
614
header("Connection: close");
615
header("Content-Length: 0");
616
header("X-Robots-Tag: noindex");
617
}
618
flush();
619
if(! $isCrawler){
@@ -2788,18 +2791,41 @@ EOL;
2788
$URL = site_url('/?wordfence_logHuman=1&hid=' . wfUtils::encrypt(self::$hitID));
2789
$URL = addslashes(preg_replace('/^https?:/i', '', $URL));
2790
#Load as external script async so we don't slow page down.
2791
- echo <<<EOL
2792
<script type="text/javascript">
2793
(function(url){
2794
- if(/(?:Chrome\/26\.0\.1410\.63 Safari\/537\.31|WordfenceTestMonBot)/.test(navigator.userAgent)){ return; }
2795
- var wfscr = document.createElement('script');
2796
- wfscr.type = 'text/javascript';
2797
- wfscr.async = true;
2798
- wfscr.src = url + '&r=' + Math.random();
2799
- (document.getElementsByTagName('head')[0]||document.getElementsByTagName('body')[0]).appendChild(wfscr);
2800
})('$URL');
2801
</script>
2802
- EOL;
2803
}
2804
public static function shutdownAction(){
2805
}
603
$isCrawler = false;
604
if($UA){
605
$b = $browscap->getBrowser($UA);
606
+ if(!empty($b['Crawler']) || wfCrawl::isGoogleCrawler()){
607
$isCrawler = true;
608
}
609
}
614
header("Connection: close");
615
header("Content-Length: 0");
616
header("X-Robots-Tag: noindex");
617
+ if (!$isCrawler) {
618
+ setcookie('wordfence_verifiedHuman', wp_create_nonce('wordfence_verifiedHuman' . $UA . wfUtils::getIP()), time() + 86400, '/');
619
+ }
620
}
621
flush();
622
if(! $isCrawler){
2791
$URL = site_url('/?wordfence_logHuman=1&hid=' . wfUtils::encrypt(self::$hitID));
2792
$URL = addslashes(preg_replace('/^https?:/i', '', $URL));
2793
#Load as external script async so we don't slow page down.
2794
+ echo <<<HTML
2795
<script type="text/javascript">
2796
(function(url){
2797
+ if(/(?:Chrome\/26\.0\.1410\.63 Safari\/537\.31|WordfenceTestMonBot)/.test(navigator.userAgent)){ return; }
2798
+ var addEvent = function(evt, handler) {
2799
+ if (window.addEventListener) {
2800
+ document.addEventListener(evt, handler, false);
2801
+ } else if (window.attachEvent) {
2802
+ document.attachEvent('on' + evt, handler);
2803
+ }
2804
+ };
2805
+ var removeEvent = function(evt, handler) {
2806
+ if (window.removeEventListener) {
2807
+ document.removeEventListener(evt, handler, false);
2808
+ } else if (window.detachEvent) {
2809
+ document.detachEvent('on' + evt, handler);
2810
+ }
2811
+ };
2812
+ var evts = 'contextmenu dblclick drag dragend dragenter dragleave dragover dragstart drop keydown keypress keyup mousedown mousemove mouseout mouseover mouseup mousewheel scroll'.split(' ');
2813
+ var logHuman = function() {
2814
+ var wfscr = document.createElement('script');
2815
+ wfscr.type = 'text/javascript';
2816
+ wfscr.async = true;
2817
+ wfscr.src = url + '&r=' + Math.random();
2818
+ (document.getElementsByTagName('head')[0]||document.getElementsByTagName('body')[0]).appendChild(wfscr);
2819
+ for (var i = 0; i < evts.length; i++) {
2820
+ removeEvent(evts[i], logHuman);
2821
+ }
2822
+ };
2823
+ for (var i = 0; i < evts.length; i++) {
2824
+ addEvent(evts[i], logHuman);
2825
+ }
2826
})('$URL');
2827
</script>
2828
+ HTML;
2829
}
2830
public static function shutdownAction(){
2831
}
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: mmaunder
3
Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching, IPv6, IP version 6
4
Requires at least: 3.9
5
Tested up to: 4.2.3
6
- Stable tag: 6.0.14
7
8
The Wordfence WordPress security plugin provides free enterprise-class WordPress security, protecting your website from hacks and malware.
9
== Description ==
@@ -183,6 +183,11 @@ fully compatible with both IPv4 and IPv6 whether you run both or only one addres
183
184
== Changelog ==
185
186
= 6.0.14 =
187
* Fix: Live Traffic endpoint moved to site root to prevent issues with GoogleBot.
188
3
Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching, IPv6, IP version 6
4
Requires at least: 3.9
5
Tested up to: 4.2.3
6
+ Stable tag: 6.0.15
7
8
The Wordfence WordPress security plugin provides free enterprise-class WordPress security, protecting your website from hacks and malware.
9
== Description ==
183
184
== Changelog ==
185
186
+ = 6.0.15 =
187
+ * Fix: Resolved issue with GoogleBot being erroneously flagged as human in Live Traffic.
188
+ * Fix: Added better handling of human/bot detection.
189
+ * Improvement: Verified humans are flagged via cookie to prevent false positives.
190
+
191
= 6.0.14 =
192
* Fix: Live Traffic endpoint moved to site root to prevent issues with GoogleBot.
193
wordfence.php CHANGED
@@ -4,13 +4,13 @@ Plugin Name: Wordfence Security
4
Plugin URI: http://www.wordfence.com/
5
Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
6
Author: Wordfence
7
- Version: 6.0.14
8
Author URI: http://www.wordfence.com/
9
*/
10
if(defined('WP_INSTALLING') && WP_INSTALLING){
11
return;
12
}
13
- define('WORDFENCE_VERSION', '6.0.14');
14
if(get_option('wordfenceActivated') != 1){
15
add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
16
}
4
Plugin URI: http://www.wordfence.com/
5
Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
6
Author: Wordfence
7
+ Version: 6.0.15
8
Author URI: http://www.wordfence.com/
9
*/
10
if(defined('WP_INSTALLING') && WP_INSTALLING){
11
return;
12
}
13
+ define('WORDFENCE_VERSION', '6.0.15');
14
if(get_option('wordfenceActivated') != 1){
15
add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
16
}