Wordfence Security – Firewall &amp; Malware Scan

Version Description

Improvement: Handled uncaught exception when noc1 is not available in 2FA.
Improvement: Fixed issue with limit-logins mu-plugin on GoDaddy counting first login attempt in 2FA against total allowed login attempts.
Fix: Fixed bug with IPs not resolving to countries when printable IP passed to logBlockedIP.
Fix: Fixed issue with free users country blocking redirects working after downgrade.
Fix: Encoded URL field in country blocking options.
Fix: Added a check to verify field has not already been altered prior to calling ALTER in runInstall.
Fix: Fixed issue with scan_options method being called after method has been removed.
Fix: Fixed bug in scan when dns_get_record fails and error condition was not handled.
Fix: Fixed PHP notice when 'Crawler' not included in browser pcap result.

Release Info

Developer	mmaunder
Plugin	Wordfence Security – Firewall & Malware Scan
Version	6.0.6
Comparing to
See all releases

Code changes from version 6.0.5 to 6.0.6

Files changed (20) hide show

js/admin.js +10 -1
lib/email_genericAlert.php +1 -1
lib/email_newIssues.php +1 -1
lib/email_passwdChanged.php +1 -1
lib/email_pleaseChangePasswd.php +1 -1
lib/menu_countryBlocking.php +3 -3
lib/menu_options.php +4 -4
lib/menu_passwd.php +2 -2
lib/menu_scan.php +2 -2
lib/menu_scanSchedule.php +2 -2
lib/menu_twoFactor.php +2 -2
lib/wfActivityReport.php +7 -5
lib/wfLog.php +49 -46
lib/wfScanEngine.php +21 -13
lib/wordfenceClass.php +72 -21
readme.txt +12 -1
views/reports/activity-report-email-inline.php +2 -2
views/reports/activity-report-email.php +1 -1
views/reports/activity-report.php +1 -1
wordfence.php +2 -2

js/admin.js CHANGED Viewed

	@@ -1684,7 +1684,7 @@
1684	}
1685	},
1686	invalidCountryURLMsg: function(URL) {
1687	- this.colorbox('400px', "Invalid URL", "URL's that you provide for bypassing country blocking must start with '/' or 'http://' without quotes. The URL that is invalid is: " + URL);
1688	return;
1689	},
1690	confirmSaveCountryBlocking: function() {
	@@ -2032,6 +2032,15 @@
2032	}
2033	// Older versions of Opera
2034	return this._windowHasFocus;









2035	}
2036	};
2037	window['WFAD'] = window['wordfenceAdmin'];


1684	}
1685	},
1686	invalidCountryURLMsg: function(URL) {
1687	+ this.colorbox('400px', "Invalid URL", "URL's that you provide for bypassing country blocking must start with '/' or 'http://' without quotes. The URL that is invalid is: " + this.htmlEscape(URL));
1688	return;
1689	},
1690	confirmSaveCountryBlocking: function() {

2032	}
2033	// Older versions of Opera
2034	return this._windowHasFocus;
2035	+ },
2036	+
2037	+ htmlEscape: function(html) {
2038	+ return String(html)
2039	+ .replace(/&/g, '&')
2040	+ .replace(/"/g, '"')
2041	+ .replace(/'/g, ''')
2042	+ .replace(/</g, '<')
2043	+ .replace(/>/g, '>');
2044	}
2045	};
2046	window['WFAD'] = window['wordfenceAdmin'];

lib/email_genericAlert.php CHANGED Viewed

	@@ -16,7 +16,7 @@ As a Premium member you also get access to our priority support system located a
16	priority support tickets using our ticketing system.
17
18	Click here to sign-up for the Premium version of Wordfence now.
19	- https://www.wordfence.com/wordfence-signup/
20
21	<?php } ?>
22


16	priority support tickets using our ticketing system.
17
18	Click here to sign-up for the Premium version of Wordfence now.
19	+ https://www.wordfence.com/zz1/wordfence-signup/
20
21	<?php } ?>
22

lib/email_newIssues.php CHANGED Viewed

	@@ -35,7 +35,7 @@ can scan more than once per day.</p>
35	priority support tickets using our ticketing system. </p>
36
37	<p>Click here to sign-up for the Premium version of Wordfence now.<br>
38	- <a href="https://www.wordfence.com/wordfence-signup/">https://www.wordfence.com/wordfence-signup/</a></p>
39
40	<?php } ?>
41


35	priority support tickets using our ticketing system. </p>
36
37	<p>Click here to sign-up for the Premium version of Wordfence now.<br>
38	+ <a href="https://www.wordfence.com/zz2/wordfence-signup/">https://www.wordfence.com/zz2/wordfence-signup/</a></p>
39
40	<?php } ?>
41

lib/email_passwdChanged.php CHANGED Viewed

	@@ -20,4 +20,4 @@ You can sign in here:
20
21	Thank you.
22
23	- Email generated by Wordfence. Learn more at http://www.wordfence.com/


20
21	Thank you.
22
23	+ Email generated by Wordfence. Learn more at http://www.wordfence.com/zz3/

lib/email_pleaseChangePasswd.php CHANGED Viewed

	@@ -20,4 +20,4 @@ numbers and symbols in your password.
20
21	Thank you.
22
23	- Email generated by Wordfence. Learn more at http://www.wordfence.com/


20
21	Thank you.
22
23	+ Email generated by Wordfence. Learn more at http://www.wordfence.com/zz4/

lib/menu_countryBlocking.php CHANGED Viewed

	@@ -12,7 +12,7 @@ WFAD.countryMap = <?php echo json_encode($wfBulkCountries); ?>;
12	<div class="wfPaidOnlyNotice">
13	<strong>Country Blocking is only available to Premium Members at this time</strong><br /><br />
14	Country Blocking is a premium feature because we have licensed a very accurate commercial geolocation database to provide this feature. If you would like to
15	- activate this feature, simply <a href="https://www.wordfence.com/wordfence-signup/" target="_blank">click here and get a premium Wordfence API Key</a>, and then copy and paste it into your options page. You can <a href="http://docs.wordfence.com/en/Country_blocking" target="_blank">learn more about Country Blocking on our documentation website</a>.
16	</div>
17	<?php } ?>
18	<?php if(wfConfig::get('cacheType') == 'falcon'){ ?>
	@@ -52,7 +52,7 @@ WFAD.countryMap = <?php echo json_encode($wfBulkCountries); ?>;
52	</th></tr>
53	<tr><th colspan="2">
54	If user who is allowed to access the site views the URL
55	- <input type="text" id="wfBypassViewURL" value="<?php echo ~~wp_kses~~(wfConfig::get('cbl_bypassViewURL', ""), array()); ?>" size="20" />
56	then set a cookie that will bypass country blocking in future in case that user hits the site from a blocked country.
57	</th></tr>
58
	@@ -113,7 +113,7 @@ if(wfConfig::get('isPaid')){
113	} else {
114	?>
115	If you would like access to this premium feature, please
116	- <a href="https://www.wordfence.com/wordfence-signup/" target="_blank">upgrade to our premium version</a>.
117	</p>
118	<?php
119	}


12	<div class="wfPaidOnlyNotice">
13	<strong>Country Blocking is only available to Premium Members at this time</strong><br /><br />
14	Country Blocking is a premium feature because we have licensed a very accurate commercial geolocation database to provide this feature. If you would like to
15	+ activate this feature, simply <a href="https://www.wordfence.com/gnl1countryBlock1/wordfence-signup/" target="_blank">click here and get a premium Wordfence API Key</a>, and then copy and paste it into your options page. You can <a href="http://docs.wordfence.com/en/Country_blocking" target="_blank">learn more about Country Blocking on our documentation website</a>.
16	</div>
17	<?php } ?>
18	<?php if(wfConfig::get('cacheType') == 'falcon'){ ?>

52	</th></tr>
53	<tr><th colspan="2">
54	If user who is allowed to access the site views the URL
55	+ <input type="text" id="wfBypassViewURL" value="<?php echo esc_attr(wfConfig::get('cbl_bypassViewURL', ""), array()); ?>" size="20" />
56	then set a cookie that will bypass country blocking in future in case that user hits the site from a blocked country.
57	</th></tr>
58

113	} else {
114	?>
115	If you would like access to this premium feature, please
116	+ <a href="https://www.wordfence.com/gnl1countryBlock2/wordfence-signup/" target="_blank">upgrade to our premium version</a>.
117	</p>
118	<?php
119	}

lib/menu_options.php CHANGED Viewed

	@@ -38,7 +38,7 @@ $w = new wfConfig();
38	The currently active API Key is a Premium Key. <span style="font-weight: bold; color: #0A0;">Premium scanning enabled!</span>
39	<?php } else { ?>
40	The currently active API Key is a <span style="color: #F00; font-weight: bold;">Free Key</span>. <a
41	- href="https://www.wordfence.com/wordfence-signup/" target="_blank">Click Here to Upgrade to
42	Wordfence Premium now.</a>
43	<?php } ?>
44	</td>
	@@ -48,7 +48,7 @@ $w = new wfConfig();
48	<?php if ( wfConfig::get( 'isPaid' ) ) { ?>
49	<table border="0">
50	<tr>
51	- <td><a href="https://www.wordfence.com/manage-wordfence-api-keys/"
52	target="_blank"><input type="button" value="Renew your premium license"/></a>
53	</td>
54	<td> </td>
	@@ -411,7 +411,7 @@ $w = new wfConfig();
411	<th style="color: #F00;">Scan public facing site for vulnerabilities?<a
412	href="http://docs.wordfence.com/en/Wordfence_options#Scan_public_facing_site"
413	target="_blank" class="wfhelp"></a>(<a
414	- href="https://www.wordfence.com/wordfence-signup/" target="_blank">Paid members only</a>)
415	</th>
416	<td><input type="checkbox" id="scansEnabled_public" class="wfConfigElem"
417	name="scansEnabled_public" value="1" DISABLED /></td>
	@@ -1074,7 +1074,7 @@ $w = new wfConfig();
1074	<p>
1075	If you use the free edition of Wordfence, you don't need to worry about entering an API key in the "API Key"
1076	field above. One is automatically created for you. If you choose to <a
1077	- href="https://www.wordfence.com/wordfence-signup/" target="_blank">upgrade to Wordfence Premium
1078	edition</a>, you will receive an API key. You will need to copy and paste that key into the "API Key"
1079	field above and hit "Save" to activate your key.
1080	</p>


38	The currently active API Key is a Premium Key. <span style="font-weight: bold; color: #0A0;">Premium scanning enabled!</span>
39	<?php } else { ?>
40	The currently active API Key is a <span style="color: #F00; font-weight: bold;">Free Key</span>. <a
41	+ href="https://www.wordfence.com/gnl1optAPIKey1/wordfence-signup/" target="_blank">Click Here to Upgrade to
42	Wordfence Premium now.</a>
43	<?php } ?>
44	</td>

48	<?php if ( wfConfig::get( 'isPaid' ) ) { ?>
49	<table border="0">
50	<tr>
51	+ <td><a href="https://www.wordfence.com/gnl1optMngKys/manage-wordfence-api-keys/"
52	target="_blank"><input type="button" value="Renew your premium license"/></a>
53	</td>
54	<td> </td>

411	<th style="color: #F00;">Scan public facing site for vulnerabilities?<a
412	href="http://docs.wordfence.com/en/Wordfence_options#Scan_public_facing_site"
413	target="_blank" class="wfhelp"></a>(<a
414	+ href="https://www.wordfence.com/gnl1optPdOnly1/wordfence-signup/" target="_blank">Paid members only</a>)
415	</th>
416	<td><input type="checkbox" id="scansEnabled_public" class="wfConfigElem"
417	name="scansEnabled_public" value="1" DISABLED /></td>

1074	<p>
1075	If you use the free edition of Wordfence, you don't need to worry about entering an API key in the "API Key"
1076	field above. One is automatically created for you. If you choose to <a
1077	+ href="https://www.wordfence.com/gnl1optUpg1/wordfence-signup/" target="_blank">upgrade to Wordfence Premium
1078	edition</a>, you will receive an API key. You will need to copy and paste that key into the "API Key"
1079	field above and hit "Save" to activate your key.
1080	</p>

lib/menu_passwd.php CHANGED Viewed

	@@ -12,7 +12,7 @@
12	We securely simulate a high-performance password cracking attack on your password database and will alert you to weak passwords.
13	We then provide a way to change weak passwords or alert members that they need to improve their password strength.
14	To activate this feature, simply
15	- <a href="https://www.wordfence.com/wordfence-signup/" target="_blank">click here and get a premium Wordfence API Key</a>, and then copy and paste it into your options page. You can
16	<a href="http://docs.wordfence.com/en/Wordfence_Password_Auditing" target="_blank">learn more about Password Auditing on our Documentation Website</a>.
17	</div>
18	<?php } ?>
	@@ -177,7 +177,7 @@
177	} else {
178	?>
179	If you would like access to this premium feature, please
180	- <a href="https://www.wordfence.com/wordfence-signup/" target="_blank">upgrade to our premium version</a>.
181	</p>
182	<?php
183	}


12	We securely simulate a high-performance password cracking attack on your password database and will alert you to weak passwords.
13	We then provide a way to change weak passwords or alert members that they need to improve their password strength.
14	To activate this feature, simply
15	+ <a href="https://www.wordfence.com/gnl1pwAuditUp1/wordfence-signup/" target="_blank">click here and get a premium Wordfence API Key</a>, and then copy and paste it into your options page. You can
16	<a href="http://docs.wordfence.com/en/Wordfence_Password_Auditing" target="_blank">learn more about Password Auditing on our Documentation Website</a>.
17	</div>
18	<?php } ?>

177	} else {
178	?>
179	If you would like access to this premium feature, please
180	+ <a href="https://www.wordfence.com/gnl1pwAuditUp2/wordfence-signup/" target="_blank">upgrade to our premium version</a>.
181	</p>
182	<?php
183	}

lib/menu_scan.php CHANGED Viewed

	@@ -12,7 +12,7 @@
12	</td>
13	<td>
14	<div style="border: 1px solid #CCC; padding: 4px;">
15	- <a href="http://docs.wordfence.com/en/Wordfence_scanning" target="_blank" class="wfhelp"></a><a href="http://docs.wordfence.com/en/Wordfence_scanning" target="_blank">Read our scanning documentation</a>. You can also <a href="#" onclick="WFAD.startTourAgain(); return false;">start the tour again</a>, <a href="http://www.wordfence.com/subscribe-to-the-wordfence-email-list/" target="_blank">subscribe to get WordPress Security Alerts and Product News</a> or <a target="_blank" href="http://support.wordfence.com/">visit our support website help.</a> Love Wordfence? You can help by doing two simple things: <a href="http://wordpress.org/extend/plugins/wordfence/" target="_blank">Go to WordPress.org now and give this plugin a 5★ rating</a>. Blog about Wordfence and link to the <a href="http://wordpress.org/extend/plugins/wordfence/" target="_blank">plugin page</a> or <a href="http://www.wordfence.com/" target="_blank">www.wordfence.com</a>. Spreading the word helps us keep the best features free.
16	</div>
17	</td>
18	</tr>
	@@ -39,7 +39,7 @@
39	</div>
40	<?php } else { ?>
41	<div style="margin: 0 0 20px 5px; width: 795px;">
42	- <strong style="color: #F00;">How to upgrade:</strong> If you would like access to our <a href="http://support.wordfence.com/" target="_blank">Premium Support help system</a> and features like Cellphone Sign-in, Country Blocking, external site scanning and the ability to schedule scans, simply <a href="https://www.wordfence.com/wordfence-signup/" target="_blank">visit our Wordfence Premium sign-up page</a> and sign up for a Premium Wordfence API key. Then go to the Wordfence options page on this site and replace your free API key with your new premium key. You will immediately be upgraded to Wordfence Premium with all the features it includes and you will have instant access to our ticketing system on <a href="http://support.wordfence.com/" target="_blank">support.wordfence.com</a>.
43	</div>
44
45	<?php } ?>


12	</td>
13	<td>
14	<div style="border: 1px solid #CCC; padding: 4px;">
15	+ <a href="http://docs.wordfence.com/en/Wordfence_scanning" target="_blank" class="wfhelp"></a><a href="http://docs.wordfence.com/en/Wordfence_scanning" target="_blank">Read our scanning documentation</a>. You can also <a href="#" onclick="WFAD.startTourAgain(); return false;">start the tour again</a>, <a href="http://www.wordfence.com/gnl1listSubscr/subscribe-to-the-wordfence-email-list/" target="_blank">subscribe to get WordPress Security Alerts and Product News</a> or <a target="_blank" href="http://support.wordfence.com/">visit our support website help.</a> Love Wordfence? You can help by doing two simple things: <a href="http://wordpress.org/extend/plugins/wordfence/" target="_blank">Go to WordPress.org now and give this plugin a 5★ rating</a>. Blog about Wordfence and link to the <a href="http://wordpress.org/extend/plugins/wordfence/" target="_blank">plugin page</a> or <a href="http://www.wordfence.com/gnl1scanTopHome/" target="_blank">www.wordfence.com</a>. Spreading the word helps us keep the best features free.
16	</div>
17	</td>
18	</tr>

39	</div>
40	<?php } else { ?>
41	<div style="margin: 0 0 20px 5px; width: 795px;">
42	+ <strong style="color: #F00;">How to upgrade:</strong> If you would like access to our <a href="http://support.wordfence.com/" target="_blank">Premium Support help system</a> and features like Cellphone Sign-in, Country Blocking, external site scanning and the ability to schedule scans, simply <a href="https://www.wordfence.com/gnl1scanUpgrade/wordfence-signup/" target="_blank">visit our Wordfence Premium sign-up page</a> and sign up for a Premium Wordfence API key. Then go to the Wordfence options page on this site and replace your free API key with your new premium key. You will immediately be upgraded to Wordfence Premium with all the features it includes and you will have instant access to our ticketing system on <a href="http://support.wordfence.com/" target="_blank">support.wordfence.com</a>.
43	</div>
44
45	<?php } ?>

lib/menu_scanSchedule.php CHANGED Viewed

	@@ -6,7 +6,7 @@
6	<div class="wfPaidOnlyNotice">
7	<strong>Scan Scheduling is only available to Premium Members at this time</strong><br /><br />
8	Scan Scheduling is a premium feature because it places additional load on our scanning servers. If you would like to
9	- activate this feature, simply <a href="https://www.wordfence.com/wordfence-signup/" target="_blank">click here and get a premium Wordfence API Key</a>, and then copy and paste it into your options
10	page.
11	</div>
12	<?php } ?>
	@@ -92,7 +92,7 @@ if(wfConfig::get('isPaid')){
92	} else {
93	?>
94	If you would like access to this premium feature, please
95	- <a href="https://www.wordfence.com/wordfence-signup/" target="_blank">upgrade to our Premium version</a>.
96	</p>
97	<?php
98	}


6	<div class="wfPaidOnlyNotice">
7	<strong>Scan Scheduling is only available to Premium Members at this time</strong><br /><br />
8	Scan Scheduling is a premium feature because it places additional load on our scanning servers. If you would like to
9	+ activate this feature, simply <a href="https://www.wordfence.com/gnl1scanSched1/wordfence-signup/" target="_blank">click here and get a premium Wordfence API Key</a>, and then copy and paste it into your options
10	page.
11	</div>
12	<?php } ?>

92	} else {
93	?>
94	If you would like access to this premium feature, please
95	+ <a href="https://www.wordfence.com/gnl1scanSched2/wordfence-signup/" target="_blank">upgrade to our Premium version</a>.
96	</p>
97	<?php
98	}

lib/menu_twoFactor.php CHANGED Viewed

	@@ -6,7 +6,7 @@
6	<div class="wfPaidOnlyNotice">
7	<strong>Cellphone Sign-in is only available to Premium Members at this time</strong><br /><br />
8	Cellphone Sign-in is a premium feature because we are charged per SMS we send when a user signs in. If you would like to
9	- activate this feature, simply <a href="https://www.wordfence.com/wordfence-signup/" target="_blank">click here and get a premium Wordfence API Key</a>, and then copy and paste it into your options page.
10	<br /><br />
11	Wordfence's Cellphone Sign-in uses a technique called "Two Factor Authentication" which is used by banks, government agencies and military world-wide as one of the most secure forms of remote system authentication. It's now available from Wordfence for your WordPress website. We recommend you enable Cellphone Sign-in for all Administrator level accounts. You can <a href="http://docs.wordfence.com/en/Cellphone_sign-in" target="_blank">learn more about Cellphone Sign-in on our documentation website</a>.
12	</div>
	@@ -78,7 +78,7 @@ if(wfConfig::get('isPaid')){
78	} else {
79	?>
80	If you would like access to this premium feature, please
81	- <a href="https://www.wordfence.com/wordfence-signup/" target="_blank">upgrade to our premium version</a>.
82	<?php
83	}
84	?>


6	<div class="wfPaidOnlyNotice">
7	<strong>Cellphone Sign-in is only available to Premium Members at this time</strong><br /><br />
8	Cellphone Sign-in is a premium feature because we are charged per SMS we send when a user signs in. If you would like to
9	+ activate this feature, simply <a href="https://www.wordfence.com/gnl1twoFac1/wordfence-signup/" target="_blank">click here and get a premium Wordfence API Key</a>, and then copy and paste it into your options page.
10	<br /><br />
11	Wordfence's Cellphone Sign-in uses a technique called "Two Factor Authentication" which is used by banks, government agencies and military world-wide as one of the most secure forms of remote system authentication. It's now available from Wordfence for your WordPress website. We recommend you enable Cellphone Sign-in for all Administrator level accounts. You can <a href="http://docs.wordfence.com/en/Cellphone_sign-in" target="_blank">learn more about Cellphone Sign-in on our documentation website</a>.
12	</div>

78	} else {
79	?>
80	If you would like access to this premium feature, please
81	+ <a href="https://www.wordfence.com/gnl1twoFac2/wordfence-signup/" target="_blank">upgrade to our premium version</a>.
82	<?php
83	}
84	?>

lib/wfActivityReport.php CHANGED Viewed

	@@ -345,9 +345,11 @@ SQL
345	/** @var wpdb $wpdb */
346	global $wpdb;
347
348	- ~~$is_bin_ip~~ ~~= !~~wfUtils::isValidIP($ip_address);
349	- if (~~!$is_bin_ip~~) {
350	- ~~$ip_address~~ = ~~wfUtils::inet_pton($ip_address);~~


351	}
352
353	$blocked_table = "{$wpdb->base_prefix}wfBlockedIPLog";
	@@ -357,14 +359,14 @@ SQL
357	$unixday_insert = absint($unixday);
358	}
359
360	- $country = wfUtils::IP2Country($~~is_bin_ip ? wfUtils::inet_ntop($~~ip_address) ~~: $ip_address)~~;
361
362	$wpdb->query($wpdb->prepare(<<<SQL
363	INSERT INTO $blocked_table (IP, countryCode, blockCount, unixday)
364	VALUES (%s, %s, 1, $unixday_insert)
365	ON DUPLICATE KEY UPDATE blockCount = blockCount + 1
366	SQL
367	- , $~~ip_address~~, $country));
368	}
369
370	/**


345	/** @var wpdb $wpdb */
346	global $wpdb;
347
348	+ if (wfUtils::isValidIP($ip_address)) {
349	+ $ip_bin = wfUtils::inet_pton($ip_address);
350	+ } else {
351	+ $ip_bin = $ip_address;
352	+ $ip_address = wfUtils::inet_ntop($ip_bin);
353	}
354
355	$blocked_table = "{$wpdb->base_prefix}wfBlockedIPLog";

359	$unixday_insert = absint($unixday);
360	}
361
362	+ $country = wfUtils::IP2Country($ip_address);
363
364	$wpdb->query($wpdb->prepare(<<<SQL
365	INSERT INTO $blocked_table (IP, countryCode, blockCount, unixday)
366	VALUES (%s, %s, 1, $unixday_insert)
367	ON DUPLICATE KEY UPDATE blockCount = blockCount + 1
368	SQL
369	+ , $ip_bin, $country));
370	}
371
372	/**

lib/wfLog.php CHANGED Viewed

@@ -790,57 +790,60 @@ class wfLog {
+            		}
             		//End range/UA blocking
-            -
            		$blockedCountries = wfConfig::get('cbl_countries', false);
-            -
            		$bareRequestURI = wfUtils::extractBareURI($_SERVER['REQUEST_URI']);
-            -
            		$bareBypassRedirURI = wfUtils::extractBareURI(wfConfig::get('cbl_bypassRedirURL', ''));
-            -
            		$skipCountryBlocking = false;
-            -
            		if($bareBypassRedirURI && $bareRequestURI == $bareBypassRedirURI){ //Run this before country blocking because even if the user isn't blocked we need to set the bypass cookie so they can bypass future blocks.
-            -
            			$bypassRedirDest = wfConfig::get('cbl_bypassRedirDest', '');
-            -
            			if($bypassRedirDest){
             				self::setCBLCookieBypass();
-            -
            				$this->redirect($bypassRedirDest); //exits
+            			}
-            -
            		}
-            -
            		$bareBypassViewURI = wfUtils::extractBareURI(wfConfig::get('cbl_bypassViewURL', ''));
-            -
            		if($bareBypassViewURI && $bareBypassViewURI == $bareRequestURI){
-            -
            			self::setCBLCookieBypass();
-            -
            			$skipCountryBlocking = true;
-            -
            		}
-            -
-            -
            		if((! $skipCountryBlocking) && $blockedCountries && wfConfig::get('isPaid') && (! self::isCBLBypassCookieSet()) ){
-            -
            			if(is_user_logged_in() && (! wfConfig::get('cbl_loggedInBlocked', false)) ){ //User is logged in and we're allowing logins
-            -
            				//Do nothing
-            -
            			} else if(strpos($_SERVER['REQUEST_URI'], '/wp-login.php') !== false && (! wfConfig::get('cbl_loginFormBlocked', false))  ){ //It's the login form and we're allowing that
-            -
            				//Do nothing
-            -
            			} else if(strpos($_SERVER['REQUEST_URI'], '/wp-login.php') === false && (! wfConfig::get('cbl_restOfSiteBlocked', false))  ){ //It's the rest of the site and we're allowing that
-            -
            				//Do nothing
-            -
            			} else {
-            -
            				if($country = wfUtils::IP2Country($IP) ){
-            -
            					foreach(explode(',', $blockedCountries) as $blocked){
-            -
            						if(strtoupper($blocked) == strtoupper($country)){ //At this point we know the user has been blocked
-            -
            							if(wfConfig::get('cbl_action') == 'redir'){
-            -
            								$redirURL = wfConfig::get('cbl_redirURL');
-            -
            								$eRedirHost = wfUtils::extractHostname($redirURL);
-            -
            								$isExternalRedir = false;
-            -
            								if($eRedirHost && $eRedirHost != wfUtils::extractHostname(home_url())){ //It's an external redirect...
-            -
            									$isExternalRedir = true;
-            -
            								}
-            -
            								if( (! $isExternalRedir) && wfUtils::extractBareURI($redirURL) == $bareRequestURI){ //Is this the URI we want to redirect to, then don't block it
-            -
            									//Do nothing
-            -
            								/* Uncomment the following if page components aren't loading for the page we redirect to.
-            -
            								   Uncommenting is not recommended because it means that anyone from a blocked country
-            -
            								   can crawl your site by sending the page blocked users are redirected to as the referer for every request.
-            -
            								   But it's your call.
-            -
            								} else if(wfUtils::extractBareURI($_SERVER['HTTP_REFERER']) == $redirURL){ //If the referer the page we want to redirect to? Then this might be loading as a component so don't block.
-            -
            									//Do nothing
-            -
            								*/
             								} else {
-            -
            									$this->redirect(wfConfig::get('cbl_redirURL'));
+            								}
-            -
            							} else {
-            -
            								$this->do503(3600, "Access from your area has been temporarily limited for security reasons");
-            -
            								wfConfig::inc('totalCountryBlocked');
+            							}
+            						}
+            					}


790	}
791	//End range/UA blocking
792
793	+ // Country blocking
794	+ if (wfConfig::get('isPaid')) {
795	+ $blockedCountries = wfConfig::get('cbl_countries', false);
796	+ $bareRequestURI = wfUtils::extractBareURI($_SERVER['REQUEST_URI']);
797	+ $bareBypassRedirURI = wfUtils::extractBareURI(wfConfig::get('cbl_bypassRedirURL', ''));
798	+ $skipCountryBlocking = false;
799
800	+ if($bareBypassRedirURI && $bareRequestURI == $bareBypassRedirURI){ //Run this before country blocking because even if the user isn't blocked we need to set the bypass cookie so they can bypass future blocks.
801	+ $bypassRedirDest = wfConfig::get('cbl_bypassRedirDest', '');
802	+ if($bypassRedirDest){
803	+ self::setCBLCookieBypass();
804	+ $this->redirect($bypassRedirDest); //exits
805	+ }
806	+ }
807	+ $bareBypassViewURI = wfUtils::extractBareURI(wfConfig::get('cbl_bypassViewURL', ''));
808	+ if($bareBypassViewURI && $bareBypassViewURI == $bareRequestURI){
809	self::setCBLCookieBypass();
810	+ $skipCountryBlocking = true;
811	}
812	+
813	+ if((! $skipCountryBlocking) && $blockedCountries && (! self::isCBLBypassCookieSet()) ){
814	+ if(is_user_logged_in() && (! wfConfig::get('cbl_loggedInBlocked', false)) ){ //User is logged in and we're allowing logins
815	+ //Do nothing
816	+ } else if(strpos($_SERVER['REQUEST_URI'], '/wp-login.php') !== false && (! wfConfig::get('cbl_loginFormBlocked', false)) ){ //It's the login form and we're allowing that
817	+ //Do nothing
818	+ } else if(strpos($_SERVER['REQUEST_URI'], '/wp-login.php') === false && (! wfConfig::get('cbl_restOfSiteBlocked', false)) ){ //It's the rest of the site and we're allowing that
819	+ //Do nothing
820	+ } else {
821	+ if($country = wfUtils::IP2Country($IP) ){
822	+ foreach(explode(',', $blockedCountries) as $blocked){
823	+ if(strtoupper($blocked) == strtoupper($country)){ //At this point we know the user has been blocked
824	+ if(wfConfig::get('cbl_action') == 'redir'){
825	+ $redirURL = wfConfig::get('cbl_redirURL');
826	+ $eRedirHost = wfUtils::extractHostname($redirURL);
827	+ $isExternalRedir = false;
828	+ if($eRedirHost && $eRedirHost != wfUtils::extractHostname(home_url())){ //It's an external redirect...
829	+ $isExternalRedir = true;
830	+ }
831	+ if( (! $isExternalRedir) && wfUtils::extractBareURI($redirURL) == $bareRequestURI){ //Is this the URI we want to redirect to, then don't block it
832	+ //Do nothing
833	+ /* Uncomment the following if page components aren't loading for the page we redirect to.
834	+ Uncommenting is not recommended because it means that anyone from a blocked country
835	+ can crawl your site by sending the page blocked users are redirected to as the referer for every request.
836	+ But it's your call.
837	+ } else if(wfUtils::extractBareURI($_SERVER['HTTP_REFERER']) == $redirURL){ //If the referer the page we want to redirect to? Then this might be loading as a component so don't block.
838	+ //Do nothing
839	+ */
840	+ } else {
841	+ $this->redirect(wfConfig::get('cbl_redirURL'));
842	+ }



843	} else {
844	+ $this->do503(3600, "Access from your area has been temporarily limited for security reasons");
845	+ wfConfig::inc('totalCountryBlocked');
846	}



847	}
848	}
849	}

lib/wfScanEngine.php CHANGED Viewed

	@@ -67,11 +67,13 @@ class wfScanEngine {
67	$this->jobList[] = 'knownFiles_init';
68	$this->jobList[] = 'knownFiles_main';
69	$this->jobList[] = 'knownFiles_finish';
70	- foreach(array('knownFiles', 'fileContents', 'database', 'posts', 'comments', 'passwds', 'dns', 'diskSpace', 'oldVersions') as $scanType){
71	- if(wfConfig::get('scansEnabled_' . $scanType)){
72	- if(method_exists($this, 'scan_' . $scanType . '_init')){
73	- foreach(array('init', 'main', 'finish') as $op){ ~~$this->jobList[] = $scanType . '_' . $op; };~~
74	- } ~~else~~ {


75	$this->jobList[] = $scanType;
76	}
77	}
	@@ -123,7 +125,10 @@ class wfScanEngine {
123	while(sizeof($this->jobList) > 0){
124	self::checkForKill();
125	$jobName = $this->jobList[0];
126	- ~~call_user_func(~~array($this, 'scan_' . $jobName));



127	array_shift($this->jobList); //only shift once we're done because we may pause halfway through a job and need to pick up where we left off
128	self::checkForKill();
129	if($this->forkRequested){
	@@ -811,16 +816,19 @@ class wfScanEngine {
811	$host = strtolower($matches[1]);
812	$this->status(2, 'info', "Starting DNS scan for $host");
813
814	- $cnameArrRec = dns_get_record($host, DNS_CNAME);
815	$cnameArr = array();
816	$cnamesWeMustTrack = array();
817	- ~~foreach~~($cnameArrRec ~~as $elem)~~{
818	- $~~this->status(2,~~ ~~'info',~~ ~~"Scanning CNAME DNS record for " .~~ $elem~~['host']~~);
819	- if($elem['host'] ~~== $host~~){
820	- $~~cnameArr~~[] = $~~elem;~~
821	- $~~cnamesWeMustTrack~~[] = $elem~~['target']~~;
822	- }


823	}

824	function wfAnonFunc1($a){ return $a['host'] . ' points to ' . $a['target']; }
825	$cnameArr = array_map('wfAnonFunc1', $cnameArr);
826	sort($cnameArr, SORT_STRING);


67	$this->jobList[] = 'knownFiles_init';
68	$this->jobList[] = 'knownFiles_main';
69	$this->jobList[] = 'knownFiles_finish';
70	+ foreach (array('knownFiles', 'fileContents', 'database', 'posts', 'comments', 'passwds', 'dns', 'diskSpace', 'oldVersions') as $scanType) {
71	+ if (wfConfig::get('scansEnabled_' . $scanType)) {
72	+ if (method_exists($this, 'scan_' . $scanType . '_init')) {
73	+ foreach (array('init', 'main', 'finish') as $op) {
74	+ $this->jobList[] = $scanType . '_' . $op;
75	+ };
76	+ } else if (method_exists($this, 'scan_' . $scanType)) {
77	$this->jobList[] = $scanType;
78	}
79	}

125	while(sizeof($this->jobList) > 0){
126	self::checkForKill();
127	$jobName = $this->jobList[0];
128	+ $callback = array($this, 'scan_' . $jobName);
129	+ if (is_callable($callback)) {
130	+ call_user_func($callback);
131	+ }
132	array_shift($this->jobList); //only shift once we're done because we may pause halfway through a job and need to pick up where we left off
133	self::checkForKill();
134	if($this->forkRequested){

816	$host = strtolower($matches[1]);
817	$this->status(2, 'info', "Starting DNS scan for $host");
818
819	+ $cnameArrRec = @dns_get_record($host, DNS_CNAME);
820	$cnameArr = array();
821	$cnamesWeMustTrack = array();
822	+ if ($cnameArrRec) {
823	+ foreach($cnameArrRec as $elem){
824	+ $this->status(2, 'info', "Scanning CNAME DNS record for " . $elem['host']);
825	+ if($elem['host'] == $host){
826	+ $cnameArr[] = $elem;
827	+ $cnamesWeMustTrack[] = $elem['target'];
828	+ }
829	+ }
830	}
831	+
832	function wfAnonFunc1($a){ return $a['host'] . ' points to ' . $a['target']; }
833	$cnameArr = array_map('wfAnonFunc1', $cnameArr);
834	sort($cnameArr, SORT_STRING);

lib/wordfenceClass.php CHANGED Viewed

	@@ -328,8 +328,12 @@ class wordfence {
328	$db->queryWriteIgnoreError("alter table $prefix"."wfLockedOut modify column blockedTime bigint signed NOT NULL");
329	$db->queryWriteIgnoreError("drop table if exists $prefix"."wfFileQueue");
330	$db->queryWriteIgnoreError("drop table if exists $prefix"."wfFileChanges");
331	- ~~//Adding primary key to this table because some backup apps use primary key during backup.~~
332	- $db->~~queryWriteIgnoreError~~("~~alter~~ ~~table~~ {$prefix}wfStatus ~~add~~ id ~~bigint~~ ~~UNSIGNED NOT NULL auto_increment PRIMARY KEY~~");




333
334	$optScanEnabled = $db->querySingle("select val from $prefix"."wfConfig where name='scansEnabled_options'");
335	if($optScanEnabled != '0' && $optScanEnabled != '1'){
	@@ -387,6 +391,15 @@ class wordfence {
387	))");
388	}
389









390	//Must be the final line
391	}
392	private static function doEarlyAccessLogging(){
	@@ -504,8 +517,7 @@ class wordfence {
504	add_filter('registration_errors', 'wordfence::registrationFilter', 99, 3);
505
506	// Change GoDaddy's limit login mu-plugin since it can interfere with the two factor auth message.
507	- if (~~defined~~(~~'GD_SYSTEM_PLUGIN_DIR'~~) ~~&& file_exists(GD_SYSTEM_PLUGIN_DIR . 'limit-login-attempts/limit-login-attempts.php')~~
508	- && defined('LIMIT_LOGIN_DIRECT_ADDR')) {
509	add_action('login_errors', array('wordfence', 'fixGDLimitLoginsErrors'), 11);
510	}
511
	@@ -584,7 +596,7 @@ class wordfence {
584	$isCrawler = false;
585	if($UA){
586	$b = $browscap->getBrowser($UA);
587	- if($b['Crawler']){
588	$isCrawler = true;
589	}
590	}
	@@ -878,18 +890,25 @@ class wordfence {
878	//Do nothing and allow user to sign in. Their passwd has already been modified to be the passwd without the code.
879	} else if($_POST['wordfence_authFactor'] == $t[2]){
880	$api = new wfAPI(wfConfig::get('apiKey'), wfUtils::getWPVersion());
881	- ~~$codeResult~~ ~~= $api->call('twoFactor_verification', array(), array('phone' => $t[1]) );~~
882	- ~~if(isset(~~$codeResult['~~notPaid~~']) && $~~codeResult~~[~~'notPaid'~~]){
883	- ~~break; //Let them sign in without two factor~~
884	- }
885	- ~~if(isset($codeResult['ok'])~~ && ~~$codeResult['ok']){~~
886	- ~~$t[2] = $codeResult['code'];~~
887	- $t[4] = ~~time(~~) ~~+ 1800; //30 minutes until code expires~~
888	- ~~wfConfig::set_ser('twoFactorUsers',~~ $~~twoFactorUsers);~~ ~~//save~~ ~~the~~ code ~~the user needs to enter and return an error.~~
889	- ~~self::$authError~~ = ~~new WP_Error~~(~~'twofactor_required',~~ ~~__('<strong>CODE~~ ~~EXPIRED.~~ ~~CHECK YOUR PHONE:</strong> The code you entered has expired. Codes are only valid for~~ 30 minutes ~~for~~ ~~security reasons. We have sent you a new~~ code. ~~Please sign in using your username and your password followed by a space and the new code we sent you.'));~~
890	- return ~~self::$authError;~~
891	- } ~~else~~ {
892	- ~~break~~; ~~//No new code was received. Let them sign in with the expired code.~~







893	}
894	} else { //Bad code, so cancel the login and return an error to user.
895	self::$authError = new WP_Error( 'twofactor_required', __( '<strong>INVALID CODE</strong>: You need to enter your password followed by a space and the code we sent to your phone. The code should start with \'wf\' and should be four characters. e.g. wfAB12. In this case you would enter your password as: \'mypassword wfAB12\' without quotes.'));
	@@ -901,15 +920,35 @@ class wordfence {
901	foreach($twoFactorUsers as &$t){
902	if($t[0] == $userDat->ID && $t[3] == 'activated'){ //Yup, enabled, so lets send the code
903	$api = new wfAPI(wfConfig::get('apiKey'), wfUtils::getWPVersion());
904	- ~~$codeResult~~ ~~= $api->call('twoFactor_verification', array(), array('phone' => $t[1]) );~~
905	- ~~if(isset(~~$codeResult['~~notPaid~~']) && $~~codeResult~~[~~'notPaid'~~]){
906	- ~~break; //Let them sign in without two factor~~ if ~~their~~ ~~API key has expired or they~~'~~re not paid and for some reason they have this set up.~~





907	}
908	-
909	if(isset($codeResult['ok']) && $codeResult['ok']){
910	$t[2] = $codeResult['code'];
911	$t[4] = time() + 1800; //30 minutes until code expires
912	wfConfig::set_ser('twoFactorUsers', $twoFactorUsers); //save the code the user needs to enter and return an error.
















913	self::$authError = new WP_Error( 'twofactor_required', __( '<strong>CHECK YOUR PHONE</strong>: A code has been sent to your phone and will arrive within 30 seconds. Please sign in again and add a space and the code to the end of your password.' ) );
914	return self::$authError;
915	} else { //oops, our API returned an error.
	@@ -3282,6 +3321,18 @@ EOL;
3282	}
3283	}
3284












3285	public static function fixGDLimitLoginsErrors($content) {
3286	if (self::$authError) {
3287	$content = str_replace(__('<strong>ERROR</strong>: Incorrect username or password.', 'limit-login-attempts') . "<br />\n", '', $content);


328	$db->queryWriteIgnoreError("alter table $prefix"."wfLockedOut modify column blockedTime bigint signed NOT NULL");
329	$db->queryWriteIgnoreError("drop table if exists $prefix"."wfFileQueue");
330	$db->queryWriteIgnoreError("drop table if exists $prefix"."wfFileChanges");
331	+
332	+ $result = $wpdb->get_row("SHOW FIELDS FROM {$prefix}wfStatus where field = 'id'");
333	+ if (!$result \|\| strtolower($result->Key) != 'pri') {
334	+ //Adding primary key to this table because some backup apps use primary key during backup.
335	+ $db->queryWriteIgnoreError("alter table {$prefix}wfStatus add id bigint UNSIGNED NOT NULL auto_increment PRIMARY KEY");
336	+ }
337
338	$optScanEnabled = $db->querySingle("select val from $prefix"."wfConfig where name='scansEnabled_options'");
339	if($optScanEnabled != '0' && $optScanEnabled != '1'){

391	))");
392	}
393
394	+ // Fix the data in the country column.
395	+ // TODO: add version check so this doesn't run on every update.
396	+ $ip_results = $wpdb->get_results("SELECT * FROM `{$prefix}wfBlockedIPLog` GROUP BY IP");
397	+ if ($ip_results) {
398	+ foreach ($ip_results as $ip_row) {
399	+ $wpdb->query($wpdb->prepare("UPDATE `{$prefix}wfBlockedIPLog` SET countryCode = %s WHERE IP = %s", wfUtils::IP2Country(wfUtils::inet_ntop($ip_row->IP)), $ip_row->IP));
400	+ }
401	+ }
402	+
403	//Must be the final line
404	}
405	private static function doEarlyAccessLogging(){

517	add_filter('registration_errors', 'wordfence::registrationFilter', 99, 3);
518
519	// Change GoDaddy's limit login mu-plugin since it can interfere with the two factor auth message.
520	+ if (self::hasGDLimitLoginsMUPlugin()) {

521	add_action('login_errors', array('wordfence', 'fixGDLimitLoginsErrors'), 11);
522	}
523

596	$isCrawler = false;
597	if($UA){
598	$b = $browscap->getBrowser($UA);
599	+ if(!empty($b['Crawler'])){
600	$isCrawler = true;
601	}
602	}

890	//Do nothing and allow user to sign in. Their passwd has already been modified to be the passwd without the code.
891	} else if($_POST['wordfence_authFactor'] == $t[2]){
892	$api = new wfAPI(wfConfig::get('apiKey'), wfUtils::getWPVersion());
893	+ try {
894	+ $codeResult = $api->call('twoFactor_verification', array(), array('phone' => $t[1]) );
895	+
896	+ if(isset($codeResult['notPaid']) && $codeResult['notPaid']){
897	+ break; //Let them sign in without two factor
898	+ }
899	+ if(isset($codeResult['ok']) && $codeResult['ok']){
900	+ $t[2] = $codeResult['code'];
901	+ $t[4] = time() + 1800; //30 minutes until code expires
902	+ wfConfig::set_ser('twoFactorUsers', $twoFactorUsers); //save the code the user needs to enter and return an error.
903	+ self::$authError = new WP_Error('twofactor_required', __('<strong>CODE EXPIRED. CHECK YOUR PHONE:</strong> The code you entered has expired. Codes are only valid for 30 minutes for security reasons. We have sent you a new code. Please sign in using your username and your password followed by a space and the new code we sent you.'));
904	+ return self::$authError;
905	+ } else {
906	+ break; //No new code was received. Let them sign in with the expired code.
907	+ }
908	+
909	+ } catch (Exception $e) {
910	+ // Couldn't connect to noc1, let them sign in since the password was correct.
911	+ break;
912	}
913	} else { //Bad code, so cancel the login and return an error to user.
914	self::$authError = new WP_Error( 'twofactor_required', __( '<strong>INVALID CODE</strong>: You need to enter your password followed by a space and the code we sent to your phone. The code should start with \'wf\' and should be four characters. e.g. wfAB12. In this case you would enter your password as: \'mypassword wfAB12\' without quotes.'));

920	foreach($twoFactorUsers as &$t){
921	if($t[0] == $userDat->ID && $t[3] == 'activated'){ //Yup, enabled, so lets send the code
922	$api = new wfAPI(wfConfig::get('apiKey'), wfUtils::getWPVersion());
923	+ try {
924	+ $codeResult = $api->call('twoFactor_verification', array(), array('phone' => $t[1]) );
925	+ if(isset($codeResult['notPaid']) && $codeResult['notPaid']){
926	+ break; //Let them sign in without two factor if their API key has expired or they're not paid and for some reason they have this set up.
927	+ }
928	+ } catch (Exception $e) {
929	+ // Couldn't connect to noc1, let them sign in since the password was correct.
930	+ break;
931	}

932	if(isset($codeResult['ok']) && $codeResult['ok']){
933	$t[2] = $codeResult['code'];
934	$t[4] = time() + 1800; //30 minutes until code expires
935	wfConfig::set_ser('twoFactorUsers', $twoFactorUsers); //save the code the user needs to enter and return an error.
936	+
937	+ if (self::hasGDLimitLoginsMUPlugin() && function_exists('limit_login_get_address')) {
938	+ $retries = get_option('limit_login_retries', array());
939	+ $ip = limit_login_get_address();
940	+
941	+ if (!is_array($retries)) {
942	+ $retries = array();
943	+ }
944	+ if (isset($retries[$ip]) && is_int($retries[$ip])) {
945	+ $retries[$ip]--;
946	+ } else {
947	+ $retries[$ip] = 0;
948	+ }
949	+ update_option('limit_login_retries', $retries);
950	+ }
951	+
952	self::$authError = new WP_Error( 'twofactor_required', __( '<strong>CHECK YOUR PHONE</strong>: A code has been sent to your phone and will arrive within 30 seconds. Please sign in again and add a space and the code to the end of your password.' ) );
953	return self::$authError;
954	} else { //oops, our API returned an error.

3321	}
3322	}
3323
3324	+ /**
3325	+ * @return bool
3326	+ */
3327	+ public static function hasGDLimitLoginsMUPlugin() {
3328	+ return defined('GD_SYSTEM_PLUGIN_DIR') && file_exists(GD_SYSTEM_PLUGIN_DIR . 'limit-login-attempts/limit-login-attempts.php')
3329	+ && defined('LIMIT_LOGIN_DIRECT_ADDR');
3330	+ }
3331	+
3332	+ /**
3333	+ * @param string $content
3334	+ * @return string
3335	+ */
3336	public static function fixGDLimitLoginsErrors($content) {
3337	if (self::$authError) {
3338	$content = str_replace(__('<strong>ERROR</strong>: Incorrect username or password.', 'limit-login-attempts') . "<br />\n", '', $content);

readme.txt CHANGED Viewed

	@@ -3,7 +3,7 @@ Contributors: mmaunder
3	Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching, IPv6, IP version 6
4	Requires at least: 3.9
5	Tested up to: 4.2.2
6	- Stable tag: 6.0.5
7
8	Wordfence Security is a free enterprise class security and performance plugin that makes your site up to 50 times faster and more secure.
9
	@@ -172,6 +172,17 @@ fully compatible with both IPv4 and IPv6 whether you run both or only one addres
172
173	== Changelog ==
174











175	= 6.0.5 =
176	* Fix: Removed anonymous function to ensure PHP 5.2 compatability.
177


3	Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching, IPv6, IP version 6
4	Requires at least: 3.9
5	Tested up to: 4.2.2
6	+ Stable tag: 6.0.6
7
8	Wordfence Security is a free enterprise class security and performance plugin that makes your site up to 50 times faster and more secure.
9

172
173	== Changelog ==
174
175	+ = 6.0.6 =
176	+ * Improvement: Handled uncaught exception when noc1 is not available in 2FA.
177	+ * Improvement: Fixed issue with limit-logins mu-plugin on GoDaddy counting first login attempt in 2FA against total allowed login attempts.
178	+ * Fix: Fixed bug with IPs not resolving to countries when printable IP passed to logBlockedIP.
179	+ * Fix: Fixed issue with free users country blocking redirects working after downgrade.
180	+ * Fix: Encoded URL field in country blocking options.
181	+ * Fix: Added a check to verify field has not already been altered prior to calling ALTER in runInstall.
182	+ * Fix: Fixed issue with scan_options method being called after method has been removed.
183	+ * Fix: Fixed bug in scan when dns_get_record fails and error condition was not handled.
184	+ * Fix: Fixed PHP notice when 'Crawler' not included in browser pcap result.
185	+
186	= 6.0.5 =
187	* Fix: Removed anonymous function to ensure PHP 5.2 compatability.
188

views/reports/activity-report-email-inline.php CHANGED Viewed

	@@ -119,10 +119,10 @@ h6 a:visited { color: purple !important; }
119	<div style="float: right; text-align: right; line-height: 1.1; color: #666666; font-size: 100%; vertical-align: baseline; margin: 20px 0 0; padding: 0; border: 0;" align="right">
120	<?php echo $title ?>
121	</div>
122	- <a href="http://www.wordfence.com/" style="font-size: 100%; vertical-align: baseline; outline: none; color: orange; text-decoration: none; margin: 0; padding: 0; border: 0;"><img src="http://www.wordfence.com/wp-content/themes/parallelus-salutation/wfCustomHome/images/wordfenceLogo.png" alt="" style="font-size: 100%; vertical-align: baseline; -ms-interpolation-mode: bicubic; outline: none; text-decoration: none; margin: 0; padding: 0; border: 0 none;" /></a>
123
124	<p style="font-size: 100%; vertical-align: baseline; margin: 1em 0; padding: 0; border: 0;">
125	- This email was sent from your website <a href="<?php echo site_url() ?>"><?php echo site_url() ?></a> and is a summary of security related activity that Wordfence monitors for the period <?php printf('%s to %s', $report_start, $report_end) ?>. <?php if (!wfConfig::get('isPaid')): ?>NOTE: You are using the free version of Wordfence and are missing out on features like cellphone sign-in, country blocking and detecting if your site IP is sending spam. <a href="http://www.wordfence.com~~/?utm_source=plugin&utm_medium=UI&utm_campaign=summaryEmail~~">Click here to upgrade to Wordfence Premium now</a>.<?php endif ?>
126	</p>
127
128	<h2 style="font-size: 20px; vertical-align: baseline; clear: both; color: #222 !important; margin: 20px 0 4px; padding: 0; border: 0;">


119	<div style="float: right; text-align: right; line-height: 1.1; color: #666666; font-size: 100%; vertical-align: baseline; margin: 20px 0 0; padding: 0; border: 0;" align="right">
120	<?php echo $title ?>
121	</div>
122	+ <a href="http://www.wordfence.com/zz5/" style="font-size: 100%; vertical-align: baseline; outline: none; color: orange; text-decoration: none; margin: 0; padding: 0; border: 0;"><img src="http://www.wordfence.com/wp-content/themes/parallelus-salutation/wfCustomHome/images/wordfenceLogo.png" alt="" style="font-size: 100%; vertical-align: baseline; -ms-interpolation-mode: bicubic; outline: none; text-decoration: none; margin: 0; padding: 0; border: 0 none;" /></a>
123
124	<p style="font-size: 100%; vertical-align: baseline; margin: 1em 0; padding: 0; border: 0;">
125	+ This email was sent from your website <a href="<?php echo site_url() ?>"><?php echo site_url() ?></a> and is a summary of security related activity that Wordfence monitors for the period <?php printf('%s to %s', $report_start, $report_end) ?>. <?php if (!wfConfig::get('isPaid')): ?>NOTE: You are using the free version of Wordfence and are missing out on features like cellphone sign-in, country blocking and detecting if your site IP is sending spam. <a href="http://www.wordfence.com/zz6/">Click here to upgrade to Wordfence Premium now</a>.<?php endif ?>
126	</p>
127
128	<h2 style="font-size: 20px; vertical-align: baseline; clear: both; color: #222 !important; margin: 20px 0 4px; padding: 0; border: 0;">

views/reports/activity-report-email.php CHANGED Viewed

	@@ -295,7 +295,7 @@ $title = 'Wordfence Activity for the week of ' . date_i18n(get_option('date_form
295	<div style="float: right;text-align: right;line-height:1.1;color: #666666;margin:20px 0 0;">
296	Activity for week of<br> <strong><?php echo date_i18n(get_option('date_format')) ?></strong>
297	</div>
298	- <a href="http://www.wordfence.com/"><img src="http://www.wordfence.com/wp-content/themes/parallelus-salutation/wfCustomHome/images/wordfenceLogo.png" alt=""/></a>
299
300	<h2>Top 10 IP's Blocked</h2>
301


295	<div style="float: right;text-align: right;line-height:1.1;color: #666666;margin:20px 0 0;">
296	Activity for week of<br> <strong><?php echo date_i18n(get_option('date_format')) ?></strong>
297	</div>
298	+ <a href="http://www.wordfence.com/zz7/"><img src="http://www.wordfence.com/wp-content/themes/parallelus-salutation/wfCustomHome/images/wordfenceLogo.png" alt=""/></a>
299
300	<h2>Top 10 IP's Blocked</h2>
301

views/reports/activity-report.php CHANGED Viewed

	@@ -3,7 +3,7 @@
3	* @var wfActivityReportView $this
4	*/
5	?>
6	- <a href="//www.wordfence.com/"><img src="//www.wordfence.com/wp-content/themes/parallelus-salutation/wfCustomHome/images/wordfenceLogo.png" alt=""/></a>
7
8	<h2>Top <?php echo (int) $limit; ?> IP's Blocked</h2>
9


3	* @var wfActivityReportView $this
4	*/
5	?>
6	+ <a href="//www.wordfence.com/zz8/"><img src="//www.wordfence.com/wp-content/themes/parallelus-salutation/wfCustomHome/images/wordfenceLogo.png" alt=""/></a>
7
8	<h2>Top <?php echo (int) $limit; ?> IP's Blocked</h2>
9

wordfence.php CHANGED Viewed

	@@ -4,13 +4,13 @@ Plugin Name: Wordfence Security
4	Plugin URI: http://www.wordfence.com/
5	Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
6	Author: Wordfence
7	- Version: 6.0.5
8	Author URI: http://www.wordfence.com/
9	*/
10	if(defined('WP_INSTALLING') && WP_INSTALLING){
11	return;
12	}
13	- define('WORDFENCE_VERSION', '6.0.5');
14	if(get_option('wordfenceActivated') != 1){
15	add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
16	}


4	Plugin URI: http://www.wordfence.com/
5	Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
6	Author: Wordfence
7	+ Version: 6.0.6
8	Author URI: http://www.wordfence.com/
9	*/
10	if(defined('WP_INSTALLING') && WP_INSTALLING){
11	return;
12	}
13	+ define('WORDFENCE_VERSION', '6.0.6');
14	if(get_option('wordfenceActivated') != 1){
15	add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
16	}

Wordfence Security – Firewall & Malware Scan - Version 6.0.6

Version Description

Release Info

Code changes from version 6.0.5 to 6.0.6