Version Description
- Fix: Resolved issue with some variations of author=N scans not being caught.
- Fix: Updated typo in author=N option.
- Fix: Resolved issue with Falcon not writing to .htaccess with WP installed in subdirectory.
- Fix: Added width to logo in activity report email.
- Fix: Resolved issue with Live Traffic endpoint in cases where WordPress is installed into a subdirectory.
- Improvement: Optimized database query with in unlocking user email routine.
- Improvement: Moved firewall logic into 'wp_loaded' hook.
Download this release
Release Info
| Developer | wfmatt |
| Plugin |  Wordfence Security – Firewall & Malware Scan |
| Version | 6.0.16 |
| Comparing to | |
| See all releases | |
Code changes from version 6.0.15 to 6.0.16
- lib/GeoIP.dat +0 -0
- lib/cronview.php +3 -1
- lib/menu_options.php +1 -1
- lib/wfCache.php +7 -7
- lib/wfLog.php +0 -1
- lib/wordfenceClass.php +20 -14
- readme.txt +11 -2
- views/reports/activity-report-email-inline.php +1 -1
- wordfence.php +2 -2
lib/GeoIP.dat
CHANGED
|
Binary file
|
lib/cronview.php
CHANGED
|
@@ -19,7 +19,9 @@ $cron = _get_cron_array();
|
|
| 19 |
foreach ( $cron as $timestamp => $values ) {
|
| 20 |
if ( is_array( $values ) ) {
|
| 21 |
foreach ( $values as $cron_job => $v ) {
|
| 22 |
-
|
|
|
|
|
|
|
| 23 |
}
|
| 24 |
}
|
| 25 |
}
|
| 19 |
foreach ( $cron as $timestamp => $values ) {
|
| 20 |
if ( is_array( $values ) ) {
|
| 21 |
foreach ( $values as $cron_job => $v ) {
|
| 22 |
+
if (is_numeric($timestamp)) {
|
| 23 |
+
echo date( 'r', $timestamp ) . " : " . $cron_job . "<br />";
|
| 24 |
+
}
|
| 25 |
}
|
| 26 |
}
|
| 27 |
}
|
lib/menu_options.php
CHANGED
|
@@ -782,7 +782,7 @@ $w = new wfConfig();
|
|
| 782 |
name="loginSec_blockAdminReg" <?php $w->cb( 'loginSec_blockAdminReg' ); ?> /></td>
|
| 783 |
</tr>
|
| 784 |
<tr>
|
| 785 |
-
<th>Prevent discovery of usernames through '
|
| 786 |
href="http://docs.wordfence.com/en/Wordfence_options#Prevent_discovery_of_usernames_through_.27.3F.2Fauthor.3DN.27_scans"
|
| 787 |
target="_blank" class="wfhelp"></a></th>
|
| 788 |
<td><input type="checkbox" id="loginSec_disableAuthorScan" class="wfConfigElem"
|
| 782 |
name="loginSec_blockAdminReg" <?php $w->cb( 'loginSec_blockAdminReg' ); ?> /></td>
|
| 783 |
</tr>
|
| 784 |
<tr>
|
| 785 |
+
<th>Prevent discovery of usernames through '/?author=N' scans<a
|
| 786 |
href="http://docs.wordfence.com/en/Wordfence_options#Prevent_discovery_of_usernames_through_.27.3F.2Fauthor.3DN.27_scans"
|
| 787 |
target="_blank" class="wfhelp"></a></th>
|
| 788 |
<td><input type="checkbox" id="loginSec_disableAuthorScan" class="wfConfigElem"
|
lib/wfCache.php
CHANGED
|
@@ -710,14 +710,14 @@ EOT;
|
|
| 710 |
return false;
|
| 711 |
}
|
| 712 |
public static function getHtaccessPath(){
|
| 713 |
-
if(
|
| 714 |
-
|
| 715 |
}
|
| 716 |
-
|
| 717 |
-
|
| 718 |
-
|
| 719 |
-
|
| 720 |
-
|
| 721 |
}
|
| 722 |
return false;
|
| 723 |
}
|
| 710 |
return false;
|
| 711 |
}
|
| 712 |
public static function getHtaccessPath(){
|
| 713 |
+
if (!function_exists('get_home_path')) {
|
| 714 |
+
include_once ABSPATH . 'wp-admin/includes/file.php';
|
| 715 |
}
|
| 716 |
+
|
| 717 |
+
$homePath = get_home_path();
|
| 718 |
+
$htaccessFile = $homePath.'.htaccess';
|
| 719 |
+
if (file_exists($htaccessFile)) {
|
| 720 |
+
return $htaccessFile;
|
| 721 |
}
|
| 722 |
return false;
|
| 723 |
}
|
lib/wfLog.php
CHANGED
|
@@ -712,7 +712,6 @@ class wfLog {
|
|
| 712 |
}
|
| 713 |
}
|
| 714 |
public function logHitOK(){
|
| 715 |
-
if(stristr($_SERVER['REQUEST_URI'], 'wp-admin/admin-ajax.php')){ return false; } //Don't log wordpress ajax requests.
|
| 716 |
if(is_admin()){ return false; } //Don't log admin pageviews
|
| 717 |
if(isset($_SERVER['HTTP_USER_AGENT'])){
|
| 718 |
if(preg_match('/WordPress\/' . $this->wp_version . '/i', $_SERVER['HTTP_USER_AGENT'])){ return false; } //Ignore requests generated by WP UA.
|
| 712 |
}
|
| 713 |
}
|
| 714 |
public function logHitOK(){
|
|
|
|
| 715 |
if(is_admin()){ return false; } //Don't log admin pageviews
|
| 716 |
if(isset($_SERVER['HTTP_USER_AGENT'])){
|
| 717 |
if(preg_match('/WordPress\/' . $this->wp_version . '/i', $_SERVER['HTTP_USER_AGENT'])){ return false; } //Ignore requests generated by WP UA.
|
lib/wordfenceClass.php
CHANGED
|
@@ -486,7 +486,7 @@ class wordfence {
|
|
| 486 |
add_action('wordfence_hourly_cron', 'wordfence::hourlyCron');
|
| 487 |
add_action('plugins_loaded', 'wordfence::veryFirstAction');
|
| 488 |
add_action('init', 'wordfence::initAction');
|
| 489 |
-
add_action('
|
| 490 |
add_action('shutdown', 'wordfence::shutdownAction');
|
| 491 |
|
| 492 |
if(version_compare(PHP_VERSION, '5.4.0') >= 0){
|
|
@@ -547,6 +547,8 @@ class wordfence {
|
|
| 547 |
add_action('post_submitbox_start', 'wordfence::postSubmitboxStart');
|
| 548 |
}
|
| 549 |
}
|
|
|
|
|
|
|
| 550 |
}
|
| 551 |
/*
|
| 552 |
public static function cronAddSchedules($schedules){
|
|
@@ -772,7 +774,7 @@ class wordfence {
|
|
| 772 |
|
| 773 |
$email = trim($_POST['email']);
|
| 774 |
global $wpdb;
|
| 775 |
-
$ws = $wpdb->get_results("SELECT ID, user_login FROM $wpdb->users");
|
| 776 |
foreach($ws as $user){
|
| 777 |
$userDat = get_userdata($user->ID);
|
| 778 |
if(wfUtils::isAdmin($userDat)){
|
|
@@ -2649,18 +2651,12 @@ class wordfence {
|
|
| 2649 |
wfScanEngine::startScan();
|
| 2650 |
}
|
| 2651 |
public static function templateRedir(){
|
| 2652 |
-
// prevent /?author=N scans from disclosing usernames.
|
| 2653 |
-
if (wfConfig::get('loginSec_disableAuthorScan') && is_author() && !empty($_GET['author']) && is_numeric($_GET['author'])) {
|
| 2654 |
-
wp_redirect(home_url());
|
| 2655 |
-
exit;
|
| 2656 |
-
}
|
| 2657 |
-
|
| 2658 |
if (!empty($_GET['wordfence_logHuman'])) {
|
| 2659 |
self::ajax_logHuman_callback();
|
| 2660 |
exit;
|
| 2661 |
}
|
| 2662 |
|
| 2663 |
-
$wfFunc =
|
| 2664 |
|
| 2665 |
//Logging
|
| 2666 |
self::doEarlyAccessLogging();
|
|
@@ -2788,7 +2784,7 @@ wfscr.src = url;
|
|
| 2788 |
EOL;
|
| 2789 |
}
|
| 2790 |
public static function wfLogHumanHeader(){
|
| 2791 |
-
$URL =
|
| 2792 |
$URL = addslashes(preg_replace('/^https?:/i', '', $URL));
|
| 2793 |
#Load as external script async so we don't slow page down.
|
| 2794 |
echo <<<HTML
|
|
@@ -2966,10 +2962,6 @@ HTML;
|
|
| 2966 |
}
|
| 2967 |
|
| 2968 |
public static function initAction(){
|
| 2969 |
-
global $wp;
|
| 2970 |
-
if (!is_object($wp)) return; //Suggested fix for compatability with "Portable phpmyadmin"
|
| 2971 |
-
|
| 2972 |
-
$wp->add_query_var('_wfsf');
|
| 2973 |
if(wfConfig::liveTrafficEnabled() && (! wfConfig::get('disableCookies', false)) ){
|
| 2974 |
self::setCookie();
|
| 2975 |
}
|
|
@@ -3510,5 +3502,19 @@ HTML;
|
|
| 3510 |
}
|
| 3511 |
return array('ok' => 1);
|
| 3512 |
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 3513 |
}
|
| 3514 |
?>
|
| 486 |
add_action('wordfence_hourly_cron', 'wordfence::hourlyCron');
|
| 487 |
add_action('plugins_loaded', 'wordfence::veryFirstAction');
|
| 488 |
add_action('init', 'wordfence::initAction');
|
| 489 |
+
add_action('wp_loaded', 'wordfence::templateRedir', 0);
|
| 490 |
add_action('shutdown', 'wordfence::shutdownAction');
|
| 491 |
|
| 492 |
if(version_compare(PHP_VERSION, '5.4.0') >= 0){
|
| 547 |
add_action('post_submitbox_start', 'wordfence::postSubmitboxStart');
|
| 548 |
}
|
| 549 |
}
|
| 550 |
+
|
| 551 |
+
add_action('request', 'wordfence::preventAuthorNScans');
|
| 552 |
}
|
| 553 |
/*
|
| 554 |
public static function cronAddSchedules($schedules){
|
| 774 |
|
| 775 |
$email = trim($_POST['email']);
|
| 776 |
global $wpdb;
|
| 777 |
+
$ws = $wpdb->get_results($wpdb->prepare("SELECT ID, user_login FROM $wpdb->users WHERE user_email = %s", $email));
|
| 778 |
foreach($ws as $user){
|
| 779 |
$userDat = get_userdata($user->ID);
|
| 780 |
if(wfUtils::isAdmin($userDat)){
|
| 2651 |
wfScanEngine::startScan();
|
| 2652 |
}
|
| 2653 |
public static function templateRedir(){
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 2654 |
if (!empty($_GET['wordfence_logHuman'])) {
|
| 2655 |
self::ajax_logHuman_callback();
|
| 2656 |
exit;
|
| 2657 |
}
|
| 2658 |
|
| 2659 |
+
$wfFunc = !empty($_GET['_wfsf']) && is_string($_GET['_wfsf']) ? $_GET['_wfsf'] : '';
|
| 2660 |
|
| 2661 |
//Logging
|
| 2662 |
self::doEarlyAccessLogging();
|
| 2784 |
EOL;
|
| 2785 |
}
|
| 2786 |
public static function wfLogHumanHeader(){
|
| 2787 |
+
$URL = home_url('/?wordfence_logHuman=1&hid=' . wfUtils::encrypt(self::$hitID));
|
| 2788 |
$URL = addslashes(preg_replace('/^https?:/i', '', $URL));
|
| 2789 |
#Load as external script async so we don't slow page down.
|
| 2790 |
echo <<<HTML
|
| 2962 |
}
|
| 2963 |
|
| 2964 |
public static function initAction(){
|
|
|
|
|
|
|
|
|
|
|
|
|
| 2965 |
if(wfConfig::liveTrafficEnabled() && (! wfConfig::get('disableCookies', false)) ){
|
| 2966 |
self::setCookie();
|
| 2967 |
}
|
| 3502 |
}
|
| 3503 |
return array('ok' => 1);
|
| 3504 |
}
|
| 3505 |
+
|
| 3506 |
+
|
| 3507 |
+
/**
|
| 3508 |
+
* Modify the query to look for scenarios
|
| 3509 |
+
*
|
| 3510 |
+
* @param array $query_vars
|
| 3511 |
+
* @return array
|
| 3512 |
+
*/
|
| 3513 |
+
public static function preventAuthorNScans($query_vars) {
|
| 3514 |
+
if (wfConfig::get('loginSec_disableAuthorScan') && !empty($query_vars['author']) && is_numeric(preg_replace('/[^0-9]/', '', $query_vars['author']))) {
|
| 3515 |
+
$query_vars['author'] = -1;
|
| 3516 |
+
}
|
| 3517 |
+
return $query_vars;
|
| 3518 |
+
}
|
| 3519 |
}
|
| 3520 |
?>
|
readme.txt
CHANGED
|
@@ -2,8 +2,8 @@
|
|
| 2 |
Contributors: mmaunder
|
| 3 |
Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching, IPv6, IP version 6
|
| 4 |
Requires at least: 3.9
|
| 5 |
-
Tested up to: 4.
|
| 6 |
-
Stable tag: 6.0.
|
| 7 |
|
| 8 |
The Wordfence WordPress security plugin provides free enterprise-class WordPress security, protecting your website from hacks and malware.
|
| 9 |
== Description ==
|
|
@@ -183,6 +183,15 @@ fully compatible with both IPv4 and IPv6 whether you run both or only one addres
|
|
| 183 |
|
| 184 |
== Changelog ==
|
| 185 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 186 |
= 6.0.15 =
|
| 187 |
* Fix: Resolved issue with GoogleBot being erroneously flagged as human in Live Traffic.
|
| 188 |
* Fix: Added better handling of human/bot detection.
|
| 2 |
Contributors: mmaunder
|
| 3 |
Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching, IPv6, IP version 6
|
| 4 |
Requires at least: 3.9
|
| 5 |
+
Tested up to: 4.3
|
| 6 |
+
Stable tag: 6.0.16
|
| 7 |
|
| 8 |
The Wordfence WordPress security plugin provides free enterprise-class WordPress security, protecting your website from hacks and malware.
|
| 9 |
== Description ==
|
| 183 |
|
| 184 |
== Changelog ==
|
| 185 |
|
| 186 |
+
= 6.0.16 =
|
| 187 |
+
* Fix: Resolved issue with some variations of author=N scans not being caught.
|
| 188 |
+
* Fix: Updated typo in author=N option.
|
| 189 |
+
* Fix: Resolved issue with Falcon not writing to .htaccess with WP installed in subdirectory.
|
| 190 |
+
* Fix: Added width to logo in activity report email.
|
| 191 |
+
* Fix: Resolved issue with Live Traffic endpoint in cases where WordPress is installed into a subdirectory.
|
| 192 |
+
* Improvement: Optimized database query with in unlocking user email routine.
|
| 193 |
+
* Improvement: Moved firewall logic into 'wp_loaded' hook.
|
| 194 |
+
|
| 195 |
= 6.0.15 =
|
| 196 |
* Fix: Resolved issue with GoogleBot being erroneously flagged as human in Live Traffic.
|
| 197 |
* Fix: Added better handling of human/bot detection.
|
views/reports/activity-report-email-inline.php
CHANGED
|
@@ -119,7 +119,7 @@ h6 a:visited { color: purple !important; }
|
|
| 119 |
<div style="float: right; text-align: right; line-height: 1.1; color: #666666; font-size: 100%; vertical-align: baseline; margin: 20px 0 0; padding: 0; border: 0;" align="right">
|
| 120 |
<?php echo $title ?>
|
| 121 |
</div>
|
| 122 |
-
<a href="http://www.wordfence.com/zz5/" style="font-size: 100%; vertical-align: baseline; outline: none; color: orange; text-decoration: none; margin: 0; padding: 0; border: 0;"><img src="http://www.wordfence.com/wp-content/themes/wordfence/img/logo.png" alt="" style="font-size: 100%; vertical-align: baseline; -ms-interpolation-mode: bicubic; outline: none; text-decoration: none; margin: 0; padding: 0; border: 0 none;" /></a>
|
| 123 |
|
| 124 |
<p style="font-size: 100%; vertical-align: baseline; margin: 1em 0; padding: 0; border: 0;">
|
| 125 |
This email was sent from your website <a href="<?php echo site_url() ?>"><?php echo site_url() ?></a> and is a summary of security related activity that Wordfence monitors for the period <?php printf('%s to %s', $report_start, $report_end) ?>. <?php if (!wfConfig::get('isPaid')): ?>NOTE: You are using the free version of Wordfence and are missing out on features like cellphone sign-in, country blocking and detecting if your site IP is sending spam. <a href="http://www.wordfence.com/zz6/">Click here to upgrade to Wordfence Premium now</a>.<?php endif ?>
|
| 119 |
<div style="float: right; text-align: right; line-height: 1.1; color: #666666; font-size: 100%; vertical-align: baseline; margin: 20px 0 0; padding: 0; border: 0;" align="right">
|
| 120 |
<?php echo $title ?>
|
| 121 |
</div>
|
| 122 |
+
<a href="http://www.wordfence.com/zz5/" style="font-size: 100%; vertical-align: baseline; outline: none; color: orange; text-decoration: none; margin: 0; padding: 0; border: 0;"><img src="http://www.wordfence.com/wp-content/themes/wordfence/img/logo.png" alt="" style="font-size: 100%; vertical-align: baseline; -ms-interpolation-mode: bicubic; outline: none; text-decoration: none; margin: 0; padding: 0; border: 0 none; width: 560px;" /></a>
|
| 123 |
|
| 124 |
<p style="font-size: 100%; vertical-align: baseline; margin: 1em 0; padding: 0; border: 0;">
|
| 125 |
This email was sent from your website <a href="<?php echo site_url() ?>"><?php echo site_url() ?></a> and is a summary of security related activity that Wordfence monitors for the period <?php printf('%s to %s', $report_start, $report_end) ?>. <?php if (!wfConfig::get('isPaid')): ?>NOTE: You are using the free version of Wordfence and are missing out on features like cellphone sign-in, country blocking and detecting if your site IP is sending spam. <a href="http://www.wordfence.com/zz6/">Click here to upgrade to Wordfence Premium now</a>.<?php endif ?>
|
wordfence.php
CHANGED
|
@@ -4,13 +4,13 @@ Plugin Name: Wordfence Security
|
|
| 4 |
Plugin URI: http://www.wordfence.com/
|
| 5 |
Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
|
| 6 |
Author: Wordfence
|
| 7 |
-
Version: 6.0.
|
| 8 |
Author URI: http://www.wordfence.com/
|
| 9 |
*/
|
| 10 |
if(defined('WP_INSTALLING') && WP_INSTALLING){
|
| 11 |
return;
|
| 12 |
}
|
| 13 |
-
define('WORDFENCE_VERSION', '6.0.
|
| 14 |
if(get_option('wordfenceActivated') != 1){
|
| 15 |
add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
|
| 16 |
}
|
| 4 |
Plugin URI: http://www.wordfence.com/
|
| 5 |
Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
|
| 6 |
Author: Wordfence
|
| 7 |
+
Version: 6.0.16
|
| 8 |
Author URI: http://www.wordfence.com/
|
| 9 |
*/
|
| 10 |
if(defined('WP_INSTALLING') && WP_INSTALLING){
|
| 11 |
return;
|
| 12 |
}
|
| 13 |
+
define('WORDFENCE_VERSION', '6.0.16');
|
| 14 |
if(get_option('wordfenceActivated') != 1){
|
| 15 |
add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
|
| 16 |
}
|
