Version Description
- Fix: Fixed bug in Live Traffic where v5 style blocked ranges generated PHP warning breaking the JSON response.
- Fix: Fixed invalid date bug in Live Traffic: Top Consumers and Top 404s.
- Fix: Fixed edge case bug with author=N scans redirecting to author archives page.
Download this release
Release Info
| Developer | wfmatt |
| Plugin |  Wordfence Security – Firewall & Malware Scan |
| Version | 6.0.9 |
| Comparing to | |
| See all releases | |
Code changes from version 6.0.8 to 6.0.9
- lib/menu_activity.php +1 -1
- lib/wfLog.php +7 -3
- lib/wordfenceClass.php +2 -1
- readme.txt +6 -1
- wordfence.php +2 -2
lib/menu_activity.php
CHANGED
|
@@ -88,7 +88,7 @@
|
|
| 88 |
<span class="wfReverseLookup"><span style="display:none;">${elem.IP}</span></span>
|
| 89 |
</div>
|
| 90 |
<div>
|
| 91 |
-
<span class="wfTimeAgo wfTimeAgo-timestamp">Last hit was ${elem.timeAgo} ago.</span>
|
| 92 |
</div>
|
| 93 |
</td>
|
| 94 |
<td style="font-size: 28px; color: #999;">
|
| 88 |
<span class="wfReverseLookup"><span style="display:none;">${elem.IP}</span></span>
|
| 89 |
</div>
|
| 90 |
<div>
|
| 91 |
+
<span class="wfTimeAgo wfTimeAgo-timestamp" data-timestamp="${elem.timestamp}">Last hit was ${elem.timeAgo} ago.</span>
|
| 92 |
</div>
|
| 93 |
</td>
|
| 94 |
<td style="font-size: 28px; color: #999;">
|
lib/wfLog.php
CHANGED
|
@@ -459,11 +459,10 @@ class wfLog {
|
|
| 459 |
wordfence::status(1, 'error', "Invalid type to getLeechers(): $type");
|
| 460 |
return false;
|
| 461 |
}
|
| 462 |
-
$results = $this->getDB()->querySelect("select IP, sum(hits) as totalHits from $table where eMin > ((unix_timestamp() - 86400) / 60) group by IP order by totalHits desc limit 20");
|
| 463 |
$this->resolveIPs($results);
|
| 464 |
foreach($results as &$elem){
|
| 465 |
-
$elem['
|
| 466 |
-
$elem['timeAgo'] = wfUtils::makeTimeAgo($elem['timestamp']);
|
| 467 |
$elem['blocked'] = $this->getDB()->querySingle("select blockedTime from " . $this->blocksTable . " where IP=%s and ((blockedTime + %s > unix_timestamp()) OR permanent = 1)", $elem['IP'], wfConfig::get('blockedTime'));
|
| 468 |
//take action
|
| 469 |
$elem['IP'] = wfUtils::inet_ntop($elem['IP']);
|
|
@@ -578,6 +577,11 @@ class wfLog {
|
|
| 578 |
list($blocked_range) = explode('|', $advanced_blocking_row['blockString']);
|
| 579 |
$blocked_range = explode('-', $blocked_range);
|
| 580 |
if (count($blocked_range) == 2) {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 581 |
$advanced_blocking[] = array(wfUtils::inet_pton($blocked_range[0]), wfUtils::inet_pton($blocked_range[1]), $advanced_blocking_row['id']);
|
| 582 |
}
|
| 583 |
}
|
| 459 |
wordfence::status(1, 'error', "Invalid type to getLeechers(): $type");
|
| 460 |
return false;
|
| 461 |
}
|
| 462 |
+
$results = $this->getDB()->querySelect("select IP, sum(hits) as totalHits, eMin * 60 as timestamp, (UNIX_TIMESTAMP() - (eMin * 60)) as timeAgo from $table where eMin > ((unix_timestamp() - 86400) / 60) group by IP order by totalHits desc limit 20");
|
| 463 |
$this->resolveIPs($results);
|
| 464 |
foreach($results as &$elem){
|
| 465 |
+
$elem['timeAgo'] = wfUtils::makeTimeAgo($elem['timeAgo']);
|
|
|
|
| 466 |
$elem['blocked'] = $this->getDB()->querySingle("select blockedTime from " . $this->blocksTable . " where IP=%s and ((blockedTime + %s > unix_timestamp()) OR permanent = 1)", $elem['IP'], wfConfig::get('blockedTime'));
|
| 467 |
//take action
|
| 468 |
$elem['IP'] = wfUtils::inet_ntop($elem['IP']);
|
| 577 |
list($blocked_range) = explode('|', $advanced_blocking_row['blockString']);
|
| 578 |
$blocked_range = explode('-', $blocked_range);
|
| 579 |
if (count($blocked_range) == 2) {
|
| 580 |
+
// Still using v5 32 bit int style format.
|
| 581 |
+
if (!preg_match('/[\.:]/', $blocked_range[0])) {
|
| 582 |
+
$blocked_range[0] = long2ip($blocked_range[0]);
|
| 583 |
+
$blocked_range[1] = long2ip($blocked_range[1]);
|
| 584 |
+
}
|
| 585 |
$advanced_blocking[] = array(wfUtils::inet_pton($blocked_range[0]), wfUtils::inet_pton($blocked_range[1]), $advanced_blocking_row['id']);
|
| 586 |
}
|
| 587 |
}
|
lib/wordfenceClass.php
CHANGED
|
@@ -486,7 +486,7 @@ class wordfence {
|
|
| 486 |
add_action('wordfence_hourly_cron', 'wordfence::hourlyCron');
|
| 487 |
add_action('plugins_loaded', 'wordfence::veryFirstAction');
|
| 488 |
add_action('init', 'wordfence::initAction');
|
| 489 |
-
add_action('template_redirect', 'wordfence::templateRedir');
|
| 490 |
add_action('shutdown', 'wordfence::shutdownAction');
|
| 491 |
|
| 492 |
if(version_compare(PHP_VERSION, '5.4.0') >= 0){
|
|
@@ -2615,6 +2615,7 @@ class wordfence {
|
|
| 2615 |
// prevent /?author=N scans from disclosing usernames.
|
| 2616 |
if (wfConfig::get('loginSec_disableAuthorScan') && is_author() && !empty($_GET['author']) && is_numeric($_GET['author'])) {
|
| 2617 |
wp_redirect(home_url());
|
|
|
|
| 2618 |
}
|
| 2619 |
|
| 2620 |
$wfFunc = get_query_var('_wfsf');
|
| 486 |
add_action('wordfence_hourly_cron', 'wordfence::hourlyCron');
|
| 487 |
add_action('plugins_loaded', 'wordfence::veryFirstAction');
|
| 488 |
add_action('init', 'wordfence::initAction');
|
| 489 |
+
add_action('template_redirect', 'wordfence::templateRedir', 0);
|
| 490 |
add_action('shutdown', 'wordfence::shutdownAction');
|
| 491 |
|
| 492 |
if(version_compare(PHP_VERSION, '5.4.0') >= 0){
|
| 2615 |
// prevent /?author=N scans from disclosing usernames.
|
| 2616 |
if (wfConfig::get('loginSec_disableAuthorScan') && is_author() && !empty($_GET['author']) && is_numeric($_GET['author'])) {
|
| 2617 |
wp_redirect(home_url());
|
| 2618 |
+
exit;
|
| 2619 |
}
|
| 2620 |
|
| 2621 |
$wfFunc = get_query_var('_wfsf');
|
readme.txt
CHANGED
|
@@ -3,7 +3,7 @@ Contributors: mmaunder
|
|
| 3 |
Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching, IPv6, IP version 6
|
| 4 |
Requires at least: 3.9
|
| 5 |
Tested up to: 4.2.2
|
| 6 |
-
Stable tag: 6.0.
|
| 7 |
|
| 8 |
Wordfence Security is a free enterprise class security and performance plugin that makes your site up to 50 times faster and more secure.
|
| 9 |
|
|
@@ -172,6 +172,11 @@ fully compatible with both IPv4 and IPv6 whether you run both or only one addres
|
|
| 172 |
|
| 173 |
== Changelog ==
|
| 174 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| 175 |
= 6.0.8 =
|
| 176 |
* Improvement: Added the local time stamp to 'time since' labels in Live Traffic and Blocked IPs pages.
|
| 177 |
* Improvement: Added a check to prompt the admin to download a backup copy of the wp-config.php in the event it's flagged as containing malware.
|
| 3 |
Tags: wordpress, security, performance, speed, caching, cache, caching plugin, wordpress cache, wordpress caching, wordpress security, security plugin, secure, anti-virus, malware, firewall, antivirus, virus, google safe browsing, phishing, scrapers, hacking, wordfence, securty, secrity, secure, two factor, cellphone sign-in, cellphone signin, cellphone, twofactor, security, secure, htaccess, login, log, users, login alerts, lock, chmod, maintenance, plugin, private, privacy, protection, permissions, 503, base64, injection, code, encode, script, attack, hack, hackers, block, blocked, prevent, prevention, RFI, XSS, CRLF, CSRF, SQL Injection, vulnerability, website security, WordPress security, security log, logging, HTTP log, error log, login security, personal security, infrastructure security, firewall security, front-end security, web server security, proxy security, reverse proxy security, secure website, secure login, two factor security, maximum login security, heartbleed, heart bleed, heartbleed vulnerability, openssl vulnerability, nginx, litespeed, php5-fpm, woocommerce support, woocommerce caching, IPv6, IP version 6
|
| 4 |
Requires at least: 3.9
|
| 5 |
Tested up to: 4.2.2
|
| 6 |
+
Stable tag: 6.0.9
|
| 7 |
|
| 8 |
Wordfence Security is a free enterprise class security and performance plugin that makes your site up to 50 times faster and more secure.
|
| 9 |
|
| 172 |
|
| 173 |
== Changelog ==
|
| 174 |
|
| 175 |
+
= 6.0.9 =
|
| 176 |
+
* Fix: Fixed bug in Live Traffic where v5 style blocked ranges generated PHP warning breaking the JSON response.
|
| 177 |
+
* Fix: Fixed invalid date bug in Live Traffic: Top Consumers and Top 404s.
|
| 178 |
+
* Fix: Fixed edge case bug with author=N scans redirecting to author archives page.
|
| 179 |
+
|
| 180 |
= 6.0.8 =
|
| 181 |
* Improvement: Added the local time stamp to 'time since' labels in Live Traffic and Blocked IPs pages.
|
| 182 |
* Improvement: Added a check to prompt the admin to download a backup copy of the wp-config.php in the event it's flagged as containing malware.
|
wordfence.php
CHANGED
|
@@ -4,13 +4,13 @@ Plugin Name: Wordfence Security
|
|
| 4 |
Plugin URI: http://www.wordfence.com/
|
| 5 |
Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
|
| 6 |
Author: Wordfence
|
| 7 |
-
Version: 6.0.
|
| 8 |
Author URI: http://www.wordfence.com/
|
| 9 |
*/
|
| 10 |
if(defined('WP_INSTALLING') && WP_INSTALLING){
|
| 11 |
return;
|
| 12 |
}
|
| 13 |
-
define('WORDFENCE_VERSION', '6.0.
|
| 14 |
if(get_option('wordfenceActivated') != 1){
|
| 15 |
add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
|
| 16 |
}
|
| 4 |
Plugin URI: http://www.wordfence.com/
|
| 5 |
Description: Wordfence Security - Anti-virus, Firewall and High Speed Cache
|
| 6 |
Author: Wordfence
|
| 7 |
+
Version: 6.0.9
|
| 8 |
Author URI: http://www.wordfence.com/
|
| 9 |
*/
|
| 10 |
if(defined('WP_INSTALLING') && WP_INSTALLING){
|
| 11 |
return;
|
| 12 |
}
|
| 13 |
+
define('WORDFENCE_VERSION', '6.0.9');
|
| 14 |
if(get_option('wordfenceActivated') != 1){
|
| 15 |
add_action('activated_plugin','wordfence_save_activation_error'); function wordfence_save_activation_error(){ update_option('wf_plugin_act_error', ob_get_contents()); }
|
| 16 |
}
|
