Wordfence Security – Firewall & Malware Scan - Version 6.0.2

Version Description

  • Fix: Fixed an issue with the schema not updating when customers migrate to IPv6 schema to store IP's.
  • Improvement: Added additional safety checks during the schema update.
Download this release

Release Info

Developer mmaunder
Plugin Icon 128x128 Wordfence Security – Firewall & Malware Scan
Version 6.0.2
Comparing to
See all releases

Code changes from version 6.0.1 to 6.0.2

Files changed (3) hide show
  1. lib/wordfenceClass.php +35 -22
  2. readme.txt +5 -1
  3. wordfence.php +2 -2
lib/wordfenceClass.php CHANGED
@@ -246,6 +246,9 @@ class wordfence {
246
public static function runInstall(){
247
if(self::$runInstallCalled){ return; }
248
self::$runInstallCalled = true;
249
$previous_version = get_option('wordfence_version', '0.0.0');
250
update_option('wordfence_version', WORDFENCE_VERSION); //In case we have a fatal error we don't want to keep running install.
251
//EVERYTHING HERE MUST BE IDEMPOTENT
@@ -309,6 +312,7 @@ class wordfence {
309
}
310
//End upgrade from 1.5.6
311
312
global $wpdb;
313
$prefix = $wpdb->base_prefix;
314
$db->queryWriteIgnoreError("alter table $prefix"."wfConfig modify column val longblob");
@@ -337,27 +341,37 @@ class wordfence {
337
wfCache::removeCacheDirectoryHtaccess();
338
}
339
340
- // IPv6 schema changes for 6.0.0
341
- if (version_compare($previous_version, '6.0.0') === -1) {
342
- $tables_with_ips = array(
343
- 'wfCrawlers',
344
- 'wfBadLeechers',
345
- 'wfBlockedIPLog',
346
- 'wfBlocks',
347
- 'wfHits',
348
- 'wfLeechers',
349
- 'wfLockedOut',
350
- 'wfLocs',
351
- 'wfLogins',
352
- 'wfReverseCache',
353
- 'wfScanners',
354
- 'wfThrottleLog',
355
- 'wfVulnScanners',
356
- );
357
-
358
- foreach ($tables_with_ips as $ip_table) {
359
- $db->queryWriteIgnoreError("ALTER TABLE {$prefix}{$ip_table} MODIFY IP BINARY(16)");
360
- $db->queryWriteIgnoreError("UPDATE {$prefix}{$ip_table} SET IP = CONCAT(LPAD(CHAR(0xff, 0xff), 12, CHAR(0)), LPAD(
361
CHAR(
362
CAST(IP as UNSIGNED) >> 24 & 0xFF,
363
CAST(IP as UNSIGNED) >> 16 & 0xFF,
@@ -367,7 +381,6 @@ class wordfence {
367
4,
368
CHAR(0)
369
))");
370
- }
371
}
372
373
//Must be the final line
246
public static function runInstall(){
247
if(self::$runInstallCalled){ return; }
248
self::$runInstallCalled = true;
249
+ if (function_exists('ignore_user_abort')) {
250
+ ignore_user_abort(true);
251
+ }
252
$previous_version = get_option('wordfence_version', '0.0.0');
253
update_option('wordfence_version', WORDFENCE_VERSION); //In case we have a fatal error we don't want to keep running install.
254
//EVERYTHING HERE MUST BE IDEMPOTENT
312
}
313
//End upgrade from 1.5.6
314
315
+ /** @var wpdb $wpdb */
316
global $wpdb;
317
$prefix = $wpdb->base_prefix;
318
$db->queryWriteIgnoreError("alter table $prefix"."wfConfig modify column val longblob");
341
wfCache::removeCacheDirectoryHtaccess();
342
}
343
344
+ // IPv6 schema changes for 6.0.1
345
+ $tables_with_ips = array(
346
+ 'wfCrawlers',
347
+ 'wfBadLeechers',
348
+ 'wfBlockedIPLog',
349
+ 'wfBlocks',
350
+ 'wfHits',
351
+ 'wfLeechers',
352
+ 'wfLockedOut',
353
+ 'wfLocs',
354
+ 'wfLogins',
355
+ 'wfReverseCache',
356
+ 'wfScanners',
357
+ 'wfThrottleLog',
358
+ 'wfVulnScanners',
359
+ );
360
+
361
+ foreach ($tables_with_ips as $ip_table) {
362
+ $result = $wpdb->get_row("SHOW FIELDS FROM {$prefix}{$ip_table} where field = 'IP'");
363
+ if (!$result || strtolower($result->Type) == 'binary(16)') {
364
+ continue;
365
+ }
366
+
367
+ $db->queryWriteIgnoreError("ALTER TABLE {$prefix}{$ip_table} MODIFY IP BINARY(16)");
368
+
369
+ // Just to be sure we don't corrupt the data if the alter fails.
370
+ $result = $wpdb->get_row("SHOW FIELDS FROM {$prefix}{$ip_table} where field = 'IP'");
371
+ if (!$result || strtolower($result->Type) != 'binary(16)') {
372
+ continue;
373
+ }
374
+ $db->queryWriteIgnoreError("UPDATE {$prefix}{$ip_table} SET IP = CONCAT(LPAD(CHAR(0xff, 0xff), 12, CHAR(0)), LPAD(
375
CHAR(
376
CAST(IP as UNSIGNED) >> 24 & 0xFF,
377
CAST(IP as UNSIGNED) >> 16 & 0xFF,
381
4,
382
CHAR(0)
383
))");
384
}
385
386
//Must be the final line
readme.txt CHANGED
@@ -3,7 +3,7 @@ Contributors: mmaunder
3
Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching, IPv6, IP version 6
4
Requires at least: 3.9
5
Tested up to: 4.2.2
6
- Stable tag: 6.0.1
7
8
Wordfence Security is a free enterprise class security and performance plugin that makes your site up to 50 times faster and more secure.
9
@@ -172,6 +172,10 @@ fully compatible with both IPv4 and IPv6 whether you run both or only one addres
172
173
== Changelog ==
174
175
= 6.0.1 =
176
* Feature: IPv6 fully supported. This includes whois, range blocking, IPv6 city lookup in live traffic, country blocking and all other security functions. See www.wordfence.com/blog/ for more info.
177
* Feature: New scanning routine examines the wp_options table for executable code based on a new infection we are seeing that is well hidden.
3
Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching, IPv6, IP version 6
4
Requires at least: 3.9
5
Tested up to: 4.2.2
6
+ Stable tag: 6.0.2
7
8
Wordfence Security is a free enterprise class security and performance plugin that makes your site up to 50 times faster and more secure.
9
172
173
== Changelog ==
174
175
+ = 6.0.2 =
176
+ * Fix: Fixed an issue with the schema not updating when customers migrate to IPv6 schema to store IP's.
177
+ * Improvement: Added additional safety checks during the schema update.
178
+
179
= 6.0.1 =
180
* Feature: IPv6 fully supported. This includes whois, range blocking, IPv6 city lookup in live traffic, country blocking and all other security functions. See www.wordfence.com/blog/ for more info.
181
* Feature: New scanning routine examines the wp_options table for executable code based on a new infection we are seeing that is well hidden.
wordfence.php CHANGED
@@ -4,13 +4,13 @@ Plugin Name: Wordfence Security
4
Plugin URI: http://www.wordfence.com/
5
Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
6
Author: Wordfence
7
- Version: 6.0.1
8
Author URI: http://www.wordfence.com/
9
*/
10
if(defined('WP_INSTALLING') && WP_INSTALLING){
11
return;
12
}
13
- define('WORDFENCE_VERSION', '6.0.1');
14
if(get_option('wordfenceActivated') != 1){
15
add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
16
}
4
Plugin URI: http://www.wordfence.com/
5
Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
6
Author: Wordfence
7
+ Version: 6.0.2
8
Author URI: http://www.wordfence.com/
9
*/
10
if(defined('WP_INSTALLING') && WP_INSTALLING){
11
return;
12
}
13
+ define('WORDFENCE_VERSION', '6.0.2');
14
if(get_option('wordfenceActivated') != 1){
15
add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
16
}